urlscan.io logo urlscan.io
SecurityTrails logo

kneeansweras.com Open in urlscan Pro
109.206.162.83  Public Scan

Go To Rescan Add Verdict Report
Submitted URL: https://kneeansweras.com/afu.php?zoneid=1541501&var=1541502
Effective URL: https://kneeansweras.com/?r=dir&zoneid=1541502&var=1541501&pb=81f41098a74799f2ccd7c12d88e183a51638555794&psp=WbOFTamuScod...
Submission: On December 03 via manual from RU — Scanned from NL
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 4 IPs in 2 countries across 3 domains to perform 1682 HTTP transactions. The main IP is 109.206.162.83, located in Netherlands and belongs to SERVEREL-AS, NL. The main domain is kneeansweras.com.
TLS certificate: Issued by R3 on October 19th 2021. Valid for: 3 months.
This is the only time kneeansweras.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
398 109.206.162.83 50245 (SERVEREL-AS)
129 45.133.44.3 39572 (ADVANCEDH...)
1026 45.133.44.4 39572 (ADVANCEDH...)
1682 4
Apex Domain
Subdomains		 Transfer
1026 selornews.com
123.selornews.com
6 MB
398 kneeansweras.com
kneeansweras.com
2 MB
129 reminews.com
517s61.reminews.com
913 KB
1682 3
Domain Requested by
1026 123.selornews.com 517s61.reminews.com
398 kneeansweras.com kneeansweras.com
129 517s61.reminews.com kneeansweras.com
1682 3

This site contains no links.

Subject Issuer Validity Valid
kneeansweras.com
R3		 2021-10-19 -
2022-01-17		 3 months crt.sh
*.reminews.com
Sectigo RSA Domain Validation Secure Server CA		 2021-10-22 -
2022-11-21		 a year crt.sh
*.selornews.com
Sectigo RSA Domain Validation Secure Server CA		 2021-02-18 -
2022-02-18		 a year crt.sh

This page contains 1 frames:

Frame: https://517s61.reminews.com/dannig/common-player-arrow/index.html?var=1541502&ymid=21120311239542a91363734c65b082f91ee5&rc=1&mrc=0&fsc=0&zoneid=1601571&tburl=https://play-vids.com/?geo=nl&proxy=true
Frame ID: AC75950A0548D560668EAD7593EBBFF1
Requests: 1682 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page Title

Loading...

Page URL History Show full URLs

  1. https://kneeansweras.com/afu.php?zoneid=1541501&var=1541502 Page URL
  2. https://kneeansweras.com/?r=dir&zoneid=1541501&var=1541502&pb=9564a6b8f78ca97bec376f5881442e641638555... Page URL
  3. https://517s61.reminews.com/dannig/common-player-arrow/index.html?var=1541501&ymid=211203112229277990f01... Page URL
  4. https://kneeansweras.com/afu.php?zoneid=1541502&var=1541501 Page URL
  5. https://kneeansweras.com/?r=dir&zoneid=1541502&var=1541501&pb=d7a53d1bb7d22e5df7315e46fac23a1c1638555... Page URL
  6. https://517s61.reminews.com/dannig/common-player-arrow/index.html?var=1541502&ymid=2112031122da8401df3c9... Page URL
  7. https://kneeansweras.com/afu.php?zoneid=1541501&var=1541502 Page URL
  8. https://kneeansweras.com/?r=dir&zoneid=1541501&var=1541502&pb=d7a53d1bb7d22e5df7315e46fac23a1c1638555... Page URL
  9. https://517s61.reminews.com/dannig/common-player-arrow/index.html?var=1541501&ymid=2112031122c0a84b61c8f... Page URL
  10. https://kneeansweras.com/afu.php?zoneid=1541502&var=1541501 Page URL
  11. https://kneeansweras.com/?r=dir&zoneid=1541502&var=1541501&pb=d7a53d1bb7d22e5df7315e46fac23a1c1638555... Page URL
  12. https://517s61.reminews.com/dannig/common-player-arrow/index.html?var=1541502&ymid=211203112221b23744c5c... Page URL
  13. https://kneeansweras.com/afu.php?zoneid=1541501&var=1541502 Page URL
  14. https://kneeansweras.com/?r=dir&zoneid=1541501&var=1541502&pb=d7a53d1bb7d22e5df7315e46fac23a1c1638555... Page URL
  15. https://517s61.reminews.com/dannig/common-player-arrow/index.html?var=1541501&ymid=2112031122e575c347bc9... Page URL
  16. https://kneeansweras.com/afu.php?zoneid=1541502&var=1541501 Page URL
  17. https://kneeansweras.com/?r=dir&zoneid=1541502&var=1541501&pb=fdeb0896f6f745991ce0d467973311521638555... Page URL
  18. https://517s61.reminews.com/dannig/common-player-arrow/index.html?var=1541502&ymid=2112031122ed21e8884c1... Page URL
  19. https://kneeansweras.com/afu.php?zoneid=1541501&var=1541502 Page URL
  20. https://kneeansweras.com/?r=dir&zoneid=1541501&var=1541502&pb=fdeb0896f6f745991ce0d467973311521638555... Page URL
  21. https://517s61.reminews.com/dannig/common-player-arrow/index.html?var=1541501&ymid=2112031122612a9369971... Page URL
  22. https://kneeansweras.com/afu.php?zoneid=1541502&var=1541501 Page URL
  23. https://kneeansweras.com/?r=dir&zoneid=1541502&var=1541501&pb=fdeb0896f6f745991ce0d467973311521638555... Page URL
  24. https://517s61.reminews.com/dannig/common-player-arrow/index.html?var=1541502&ymid=211203112272a04b49a29... Page URL
  25. https://kneeansweras.com/afu.php?zoneid=1541501&var=1541502 Page URL
  26. https://kneeansweras.com/?r=dir&zoneid=1541501&var=1541502&pb=fdeb0896f6f745991ce0d467973311521638555... Page URL
  27. https://517s61.reminews.com/dannig/common-player-arrow/index.html?var=1541501&ymid=2112031122d312340dbbe... Page URL
  28. https://kneeansweras.com/afu.php?zoneid=1541502&var=1541501 Page URL
  29. https://kneeansweras.com/?r=dir&zoneid=1541502&var=1541501&pb=4b3ab314b204a90189f2334c11f203081638555... Page URL
  30. https://517s61.reminews.com/dannig/common-player-arrow/index.html?var=1541502&ymid=21120311228dde5d782d5... Page URL
  31. https://kneeansweras.com/afu.php?zoneid=1541501&var=1541502 Page URL
  32. https://kneeansweras.com/?r=dir&zoneid=1541501&var=1541502&pb=4b3ab314b204a90189f2334c11f203081638555... Page URL
  33. https://517s61.reminews.com/dannig/common-player-arrow/index.html?var=1541501&ymid=2112031122274fcafbaa5... Page URL
  34. https://kneeansweras.com/afu.php?zoneid=1541502&var=1541501 Page URL
  35. https://kneeansweras.com/?r=dir&zoneid=1541502&var=1541501&pb=4b3ab314b204a90189f2334c11f203081638555... Page URL
  36. https://517s61.reminews.com/dannig/common-player-arrow/index.html?var=1541502&ymid=2112031122277f52732f6... Page URL
  37. https://kneeansweras.com/afu.php?zoneid=1541501&var=1541502 Page URL
  38. https://kneeansweras.com/?r=dir&zoneid=1541501&var=1541502&pb=4b3ab314b204a90189f2334c11f203081638555... Page URL
  39. https://517s61.reminews.com/dannig/common-player-arrow/index.html?var=1541501&ymid=211203112245a1502adee... Page URL
  40. https://kneeansweras.com/afu.php?zoneid=1541502&var=1541501 Page URL
  41. https://kneeansweras.com/?r=dir&zoneid=1541502&var=1541501&pb=49bc048204b6abe9985c0cd8b82f5e861638555... Page URL
  42. https://517s61.reminews.com/dannig/common-player-arrow/index.html?var=1541502&ymid=21120311229d22a114d2a... Page URL
  43. https://kneeansweras.com/afu.php?zoneid=1541501&var=1541502 Page URL
  44. https://kneeansweras.com/?r=dir&zoneid=1541501&var=1541502&pb=49bc048204b6abe9985c0cd8b82f5e861638555... Page URL
  45. https://517s61.reminews.com/dannig/common-player-arrow/index.html?var=1541501&ymid=211203112231db1edb2cb... Page URL
  46. https://kneeansweras.com/afu.php?zoneid=1541502&var=1541501 Page URL
  47. https://kneeansweras.com/?r=dir&zoneid=1541502&var=1541501&pb=49bc048204b6abe9985c0cd8b82f5e861638555... Page URL
  48. https://517s61.reminews.com/dannig/common-player-arrow/index.html?var=1541502&ymid=211203112299663c5f17f... Page URL
  49. https://kneeansweras.com/afu.php?zoneid=1541501&var=1541502 Page URL
  50. https://kneeansweras.com/?r=dir&zoneid=1541501&var=1541502&pb=49bc048204b6abe9985c0cd8b82f5e861638555... Page URL
  51. https://517s61.reminews.com/dannig/common-player-arrow/index.html?var=1541501&ymid=2112031122e998f539688... Page URL
  52. https://kneeansweras.com/afu.php?zoneid=1541502&var=1541501 Page URL
  53. https://kneeansweras.com/?r=dir&zoneid=1541502&var=1541501&pb=49bc048204b6abe9985c0cd8b82f5e861638555... Page URL
  54. https://517s61.reminews.com/dannig/common-player-arrow/index.html?var=1541502&ymid=21120311227369fb040c3... Page URL
  55. https://kneeansweras.com/afu.php?zoneid=1541501&var=1541502 Page URL
  56. https://kneeansweras.com/?r=dir&zoneid=1541501&var=1541502&pb=50af4087681193594b5a3cddeff226c41638555... Page URL
  57. https://517s61.reminews.com/dannig/common-player-arrow/index.html?var=1541501&ymid=2112031122ea2aeef4464... Page URL
  58. https://kneeansweras.com/afu.php?zoneid=1541502&var=1541501 Page URL
  59. https://kneeansweras.com/?r=dir&zoneid=1541502&var=1541501&pb=50af4087681193594b5a3cddeff226c41638555... Page URL
  60. https://517s61.reminews.com/dannig/common-player-arrow/index.html?var=1541502&ymid=21120311227e7e81f802b... Page URL
  61. https://kneeansweras.com/afu.php?zoneid=1541501&var=1541502 Page URL
  62. https://kneeansweras.com/?r=dir&zoneid=1541501&var=1541502&pb=50af4087681193594b5a3cddeff226c41638555... Page URL
  63. https://517s61.reminews.com/dannig/common-player-arrow/index.html?var=1541501&ymid=2112031122e7e21bddb87... Page URL
  64. https://kneeansweras.com/afu.php?zoneid=1541502&var=1541501 Page URL
  65. https://kneeansweras.com/?r=dir&zoneid=1541502&var=1541501&pb=50af4087681193594b5a3cddeff226c41638555... Page URL
  66. https://517s61.reminews.com/dannig/common-player-arrow/index.html?var=1541502&ymid=2112031122eb1231434b7... Page URL
  67. https://kneeansweras.com/afu.php?zoneid=1541501&var=1541502 Page URL
  68. https://kneeansweras.com/?r=dir&zoneid=1541501&var=1541502&pb=8ba924a49fc342658365eb2670e52f671638555... Page URL
  69. https://517s61.reminews.com/dannig/common-player-arrow/index.html?var=1541501&ymid=2112031122254315e4645... Page URL
  70. https://kneeansweras.com/afu.php?zoneid=1541502&var=1541501 Page URL
  71. https://kneeansweras.com/?r=dir&zoneid=1541502&var=1541501&pb=8ba924a49fc342658365eb2670e52f671638555... Page URL
  72. https://517s61.reminews.com/dannig/common-player-arrow/index.html?var=1541502&ymid=2112031122fa05463c78a... Page URL
  73. https://kneeansweras.com/afu.php?zoneid=1541501&var=1541502 Page URL
  74. https://kneeansweras.com/?r=dir&zoneid=1541501&var=1541502&pb=8ba924a49fc342658365eb2670e52f671638555... Page URL
  75. https://517s61.reminews.com/dannig/common-player-arrow/index.html?var=1541501&ymid=211203112294cd4383d57... Page URL
  76. https://kneeansweras.com/afu.php?zoneid=1541502&var=1541501 Page URL
  77. https://kneeansweras.com/?r=dir&zoneid=1541502&var=1541501&pb=8ba924a49fc342658365eb2670e52f671638555... Page URL
  78. https://517s61.reminews.com/dannig/common-player-arrow/index.html?var=1541502&ymid=2112031122e8fa2be1b8e... Page URL
  79. https://kneeansweras.com/afu.php?zoneid=1541501&var=1541502 Page URL
  80. https://kneeansweras.com/?r=dir&zoneid=1541501&var=1541502&pb=8ba924a49fc342658365eb2670e52f671638555... Page URL
  81. https://517s61.reminews.com/dannig/common-player-arrow/index.html?var=1541501&ymid=21120311221bd67206821... Page URL
  82. https://kneeansweras.com/afu.php?zoneid=1541502&var=1541501 Page URL
  83. https://kneeansweras.com/?r=dir&zoneid=1541502&var=1541501&pb=70810cddfb84509069dc856b272996991638555... Page URL
  84. https://517s61.reminews.com/dannig/common-player-arrow/index.html?var=1541502&ymid=2112031122732d83ce502... Page URL
  85. https://kneeansweras.com/afu.php?zoneid=1541501&var=1541502 Page URL
  86. https://kneeansweras.com/?r=dir&zoneid=1541501&var=1541502&pb=70810cddfb84509069dc856b272996991638555... Page URL
  87. https://517s61.reminews.com/dannig/common-player-arrow/index.html?var=1541501&ymid=2112031122449f6c78280... Page URL
  88. https://kneeansweras.com/afu.php?zoneid=1541502&var=1541501 Page URL
  89. https://kneeansweras.com/?r=dir&zoneid=1541502&var=1541501&pb=70810cddfb84509069dc856b272996991638555... Page URL
  90. https://517s61.reminews.com/dannig/common-player-arrow/index.html?var=1541502&ymid=21120311220ebce5751f0... Page URL
  91. https://kneeansweras.com/afu.php?zoneid=1541501&var=1541502 Page URL
  92. https://kneeansweras.com/?r=dir&zoneid=1541501&var=1541502&pb=70810cddfb84509069dc856b272996991638555... Page URL
  93. https://517s61.reminews.com/dannig/common-player-arrow/index.html?var=1541501&ymid=2112031122cc5adafba0c... Page URL
  94. https://kneeansweras.com/afu.php?zoneid=1541502&var=1541501 Page URL
  95. https://kneeansweras.com/?r=dir&zoneid=1541502&var=1541501&pb=70810cddfb84509069dc856b272996991638555... Page URL
  96. https://517s61.reminews.com/dannig/common-player-arrow/index.html?var=1541502&ymid=21120311220885a0570f6... Page URL
  97. https://kneeansweras.com/afu.php?zoneid=1541501&var=1541502 Page URL
  98. https://kneeansweras.com/?r=dir&zoneid=1541501&var=1541502&pb=84c607267541a81d905712c7293cba701638555... Page URL
  99. https://517s61.reminews.com/dannig/common-player-arrow/index.html?var=1541501&ymid=211203112292ecd420264... Page URL
  100. https://kneeansweras.com/afu.php?zoneid=1541502&var=1541501 Page URL
  101. https://kneeansweras.com/?r=dir&zoneid=1541502&var=1541501&pb=84c607267541a81d905712c7293cba701638555... Page URL
  102. https://517s61.reminews.com/dannig/common-player-arrow/index.html?var=1541502&ymid=211203112296d253f9325... Page URL
  103. https://kneeansweras.com/afu.php?zoneid=1541501&var=1541502 Page URL
  104. https://kneeansweras.com/?r=dir&zoneid=1541501&var=1541502&pb=84c607267541a81d905712c7293cba701638555... Page URL
  105. https://517s61.reminews.com/dannig/common-player-arrow/index.html?var=1541501&ymid=21120311226fceee06ade... Page URL
  106. https://kneeansweras.com/afu.php?zoneid=1541502&var=1541501 Page URL
  107. https://kneeansweras.com/?r=dir&zoneid=1541502&var=1541501&pb=84c607267541a81d905712c7293cba701638555... Page URL
  108. https://517s61.reminews.com/dannig/common-player-arrow/index.html?var=1541502&ymid=2112031122d30455b880d... Page URL
  109. https://kneeansweras.com/afu.php?zoneid=1541501&var=1541502 Page URL
  110. https://kneeansweras.com/?r=dir&zoneid=1541501&var=1541502&pb=0f9fb7e3891dd6b84a453baea88873541638555... Page URL
  111. https://517s61.reminews.com/dannig/common-player-arrow/index.html?var=1541501&ymid=2112031122879814f3f9d... Page URL
  112. https://kneeansweras.com/afu.php?zoneid=1541502&var=1541501 Page URL
  113. https://kneeansweras.com/?r=dir&zoneid=1541502&var=1541501&pb=0f9fb7e3891dd6b84a453baea88873541638555... Page URL
  114. https://517s61.reminews.com/dannig/common-player-arrow/index.html?var=1541502&ymid=2112031122483aafe752b... Page URL
  115. https://kneeansweras.com/afu.php?zoneid=1541501&var=1541502 Page URL
  116. https://kneeansweras.com/?r=dir&zoneid=1541501&var=1541502&pb=0f9fb7e3891dd6b84a453baea88873541638555... Page URL
  117. https://517s61.reminews.com/dannig/common-player-arrow/index.html?var=1541501&ymid=211203112255cf98ba6f8... Page URL
  118. https://kneeansweras.com/afu.php?zoneid=1541502&var=1541501 Page URL
  119. https://kneeansweras.com/?r=dir&zoneid=1541502&var=1541501&pb=0f9fb7e3891dd6b84a453baea88873541638555... Page URL
  120. https://517s61.reminews.com/dannig/common-player-arrow/index.html?var=1541502&ymid=211203112202c868f25c8... Page URL
  121. https://kneeansweras.com/afu.php?zoneid=1541501&var=1541502 Page URL
  122. https://kneeansweras.com/?r=dir&zoneid=1541501&var=1541502&pb=fd9320c7c3a5215f51a9fc8f124d502a1638555... Page URL
  123. https://517s61.reminews.com/dannig/common-player-arrow/index.html?var=1541501&ymid=21120311220e153e1136a... Page URL
  124. https://kneeansweras.com/afu.php?zoneid=1541502&var=1541501 Page URL
  125. https://kneeansweras.com/?r=dir&zoneid=1541502&var=1541501&pb=fd9320c7c3a5215f51a9fc8f124d502a1638555... Page URL
  126. https://517s61.reminews.com/dannig/common-player-arrow/index.html?var=1541502&ymid=21120311228f1e61799a3... Page URL
  127. https://kneeansweras.com/afu.php?zoneid=1541501&var=1541502 Page URL
  128. https://kneeansweras.com/?r=dir&zoneid=1541501&var=1541502&pb=fd9320c7c3a5215f51a9fc8f124d502a1638555... Page URL
  129. https://517s61.reminews.com/dannig/common-player-arrow/index.html?var=1541501&ymid=2112031122ebd75270443... Page URL
  130. https://kneeansweras.com/afu.php?zoneid=1541502&var=1541501 Page URL
  131. https://kneeansweras.com/?r=dir&zoneid=1541502&var=1541501&pb=fd9320c7c3a5215f51a9fc8f124d502a1638555... Page URL
  132. https://517s61.reminews.com/dannig/common-player-arrow/index.html?var=1541502&ymid=211203112288f12b8f0b9... Page URL
  133. https://kneeansweras.com/afu.php?zoneid=1541501&var=1541502 Page URL
  134. https://kneeansweras.com/?r=dir&zoneid=1541501&var=1541502&pb=fd9320c7c3a5215f51a9fc8f124d502a1638555... Page URL
  135. https://517s61.reminews.com/dannig/common-player-arrow/index.html?var=1541501&ymid=2112031122fc5eda31c71... Page URL
  136. https://kneeansweras.com/afu.php?zoneid=1541502&var=1541501 Page URL
  137. https://kneeansweras.com/?r=dir&zoneid=1541502&var=1541501&pb=cb9b7668389cb45936a30bd1c088eb721638555... Page URL
  138. https://517s61.reminews.com/dannig/common-player-arrow/index.html?var=1541502&ymid=2112031122327f994b500... Page URL
  139. https://kneeansweras.com/afu.php?zoneid=1541501&var=1541502 Page URL
  140. https://kneeansweras.com/?r=dir&zoneid=1541501&var=1541502&pb=cb9b7668389cb45936a30bd1c088eb721638555... Page URL
  141. https://517s61.reminews.com/dannig/common-player-arrow/index.html?var=1541501&ymid=21120311222db06c75512... Page URL
  142. https://kneeansweras.com/afu.php?zoneid=1541502&var=1541501 Page URL
  143. https://kneeansweras.com/?r=dir&zoneid=1541502&var=1541501&pb=cb9b7668389cb45936a30bd1c088eb721638555... Page URL
  144. https://517s61.reminews.com/dannig/common-player-arrow/index.html?var=1541502&ymid=2112031122f9c9ae8cae6... Page URL
  145. https://kneeansweras.com/afu.php?zoneid=1541501&var=1541502 Page URL
  146. https://kneeansweras.com/?r=dir&zoneid=1541501&var=1541502&pb=cb9b7668389cb45936a30bd1c088eb721638555... Page URL
  147. https://517s61.reminews.com/dannig/common-player-arrow/index.html?var=1541501&ymid=211203112221daa349516... Page URL
  148. https://kneeansweras.com/afu.php?zoneid=1541502&var=1541501 Page URL
  149. https://kneeansweras.com/?r=dir&zoneid=1541502&var=1541501&pb=d9f19068a3e4545e4569751e8929ea6f1638555... Page URL
  150. https://517s61.reminews.com/dannig/common-player-arrow/index.html?var=1541502&ymid=2112031122a32af811618... Page URL
  151. https://kneeansweras.com/afu.php?zoneid=1541501&var=1541502 Page URL
  152. https://kneeansweras.com/?r=dir&zoneid=1541501&var=1541502&pb=d9f19068a3e4545e4569751e8929ea6f1638555... Page URL
  153. https://517s61.reminews.com/dannig/common-player-arrow/index.html?var=1541501&ymid=21120311222fb379fdfb7... Page URL
  154. https://kneeansweras.com/afu.php?zoneid=1541502&var=1541501 Page URL
  155. https://kneeansweras.com/?r=dir&zoneid=1541502&var=1541501&pb=d9f19068a3e4545e4569751e8929ea6f1638555... Page URL
  156. https://517s61.reminews.com/dannig/common-player-arrow/index.html?var=1541502&ymid=2112031122dc3b9fc3167... Page URL
  157. https://kneeansweras.com/afu.php?zoneid=1541501&var=1541502 Page URL
  158. https://kneeansweras.com/?r=dir&zoneid=1541501&var=1541502&pb=d9f19068a3e4545e4569751e8929ea6f1638555... Page URL
  159. https://517s61.reminews.com/dannig/common-player-arrow/index.html?var=1541501&ymid=21120311222e047363c7e... Page URL
  160. https://kneeansweras.com/afu.php?zoneid=1541502&var=1541501 Page URL
  161. https://kneeansweras.com/?r=dir&zoneid=1541502&var=1541501&pb=d9f19068a3e4545e4569751e8929ea6f1638555... Page URL
  162. https://517s61.reminews.com/dannig/common-player-arrow/index.html?var=1541502&ymid=2112031122465b1805ae4... Page URL
  163. https://kneeansweras.com/afu.php?zoneid=1541501&var=1541502 Page URL
  164. https://kneeansweras.com/?r=dir&zoneid=1541501&var=1541502&pb=c988daaa13007264bb888dd3bff3860f1638555... Page URL
  165. https://517s61.reminews.com/dannig/common-player-arrow/index.html?var=1541501&ymid=2112031122aba3b1d1064... Page URL
  166. https://kneeansweras.com/afu.php?zoneid=1541502&var=1541501 Page URL
  167. https://kneeansweras.com/?r=dir&zoneid=1541502&var=1541501&pb=c988daaa13007264bb888dd3bff3860f1638555... Page URL
  168. https://517s61.reminews.com/dannig/common-player-arrow/index.html?var=1541502&ymid=211203112232b0bdfecc0... Page URL
  169. https://kneeansweras.com/afu.php?zoneid=1541501&var=1541502 Page URL
  170. https://kneeansweras.com/?r=dir&zoneid=1541501&var=1541502&pb=c988daaa13007264bb888dd3bff3860f1638555... Page URL
  171. https://517s61.reminews.com/dannig/common-player-arrow/index.html?var=1541501&ymid=211203112268680b23b41... Page URL
  172. https://kneeansweras.com/afu.php?zoneid=1541502&var=1541501 Page URL
  173. https://kneeansweras.com/?r=dir&zoneid=1541502&var=1541501&pb=c988daaa13007264bb888dd3bff3860f1638555... Page URL
  174. https://517s61.reminews.com/dannig/common-player-arrow/index.html?var=1541502&ymid=2112031122dfa3d4fbee8... Page URL
  175. https://kneeansweras.com/afu.php?zoneid=1541501&var=1541502 Page URL
  176. https://kneeansweras.com/?r=dir&zoneid=1541501&var=1541502&pb=5a5d9701cc59d66a173b2b9019d7a3771638555... Page URL
  177. https://517s61.reminews.com/dannig/common-player-arrow/index.html?var=1541501&ymid=211203112213416afdb2a... Page URL
  178. https://kneeansweras.com/afu.php?zoneid=1541502&var=1541501 Page URL
  179. https://kneeansweras.com/?r=dir&zoneid=1541502&var=1541501&pb=5a5d9701cc59d66a173b2b9019d7a3771638555... Page URL
  180. https://517s61.reminews.com/dannig/common-player-arrow/index.html?var=1541502&ymid=21120311228b5ac456afb... Page URL
  181. https://kneeansweras.com/afu.php?zoneid=1541501&var=1541502 Page URL
  182. https://kneeansweras.com/?r=dir&zoneid=1541501&var=1541502&pb=5a5d9701cc59d66a173b2b9019d7a3771638555... Page URL
  183. https://517s61.reminews.com/dannig/common-player-arrow/index.html?var=1541501&ymid=2112031122cf6d9f57afd... Page URL
  184. https://kneeansweras.com/afu.php?zoneid=1541502&var=1541501 Page URL
  185. https://kneeansweras.com/?r=dir&zoneid=1541502&var=1541501&pb=5a5d9701cc59d66a173b2b9019d7a3771638555... Page URL
  186. https://517s61.reminews.com/dannig/common-player-arrow/index.html?var=1541502&ymid=2112031122677a493af01... Page URL
  187. https://kneeansweras.com/afu.php?zoneid=1541501&var=1541502 Page URL
  188. https://kneeansweras.com/?r=dir&zoneid=1541501&var=1541502&pb=7b8130b5790921f3eef41f1919b9337d1638555... Page URL
  189. https://517s61.reminews.com/dannig/common-player-arrow/index.html?var=1541501&ymid=2112031122d09078d88ce... Page URL
  190. https://kneeansweras.com/afu.php?zoneid=1541502&var=1541501 Page URL
  191. https://kneeansweras.com/?r=dir&zoneid=1541502&var=1541501&pb=7b8130b5790921f3eef41f1919b9337d1638555... Page URL
  192. https://517s61.reminews.com/dannig/common-player-arrow/index.html?var=1541502&ymid=211203112220e806003c5... Page URL
  193. https://kneeansweras.com/afu.php?zoneid=1541501&var=1541502 Page URL
  194. https://kneeansweras.com/?r=dir&zoneid=1541501&var=1541502&pb=7b8130b5790921f3eef41f1919b9337d1638555... Page URL
  195. https://517s61.reminews.com/dannig/common-player-arrow/index.html?var=1541501&ymid=2112031122d1cb9f748ac... Page URL
  196. https://kneeansweras.com/afu.php?zoneid=1541502&var=1541501 Page URL
  197. https://kneeansweras.com/?r=dir&zoneid=1541502&var=1541501&pb=7b8130b5790921f3eef41f1919b9337d1638555... Page URL
  198. https://517s61.reminews.com/dannig/common-player-arrow/index.html?var=1541502&ymid=211203112295837e7621f... Page URL
  199. https://kneeansweras.com/afu.php?zoneid=1541501&var=1541502 Page URL
  200. https://kneeansweras.com/?r=dir&zoneid=1541501&var=1541502&pb=7b8130b5790921f3eef41f1919b9337d1638555... Page URL
  201. https://517s61.reminews.com/dannig/common-player-arrow/index.html?var=1541501&ymid=2112031122d388307dbba... Page URL
  202. https://kneeansweras.com/afu.php?zoneid=1541502&var=1541501 Page URL
  203. https://kneeansweras.com/?r=dir&zoneid=1541502&var=1541501&pb=6483f6f3e4eefa151d81634c3582306d1638555... Page URL
  204. https://517s61.reminews.com/dannig/common-player-arrow/index.html?var=1541502&ymid=211203112244ef2ebad1a... Page URL
  205. https://kneeansweras.com/afu.php?zoneid=1541501&var=1541502 Page URL
  206. https://kneeansweras.com/?r=dir&zoneid=1541501&var=1541502&pb=6483f6f3e4eefa151d81634c3582306d1638555... Page URL
  207. https://517s61.reminews.com/dannig/common-player-arrow/index.html?var=1541501&ymid=21120311226b4f37d4ccf... Page URL
  208. https://kneeansweras.com/afu.php?zoneid=1541502&var=1541501 Page URL
  209. https://kneeansweras.com/?r=dir&zoneid=1541502&var=1541501&pb=6483f6f3e4eefa151d81634c3582306d1638555... Page URL
  210. https://517s61.reminews.com/dannig/common-player-arrow/index.html?var=1541502&ymid=21120311226689d9d7a57... Page URL
  211. https://kneeansweras.com/afu.php?zoneid=1541501&var=1541502 Page URL
  212. https://kneeansweras.com/?r=dir&zoneid=1541501&var=1541502&pb=6483f6f3e4eefa151d81634c3582306d1638555... Page URL
  213. https://517s61.reminews.com/dannig/common-player-arrow/index.html?var=1541501&ymid=21120311226ee94b0332a... Page URL
  214. https://kneeansweras.com/afu.php?zoneid=1541502&var=1541501 Page URL
  215. https://kneeansweras.com/?r=dir&zoneid=1541502&var=1541501&pb=586c9fa88c368e30110ae9853b524f961638555... Page URL
  216. https://517s61.reminews.com/dannig/common-player-arrow/index.html?var=1541502&ymid=21120311238589a6fd114... Page URL
  217. https://kneeansweras.com/afu.php?zoneid=1541501&var=1541502 Page URL
  218. https://kneeansweras.com/?r=dir&zoneid=1541501&var=1541502&pb=586c9fa88c368e30110ae9853b524f961638555... Page URL
  219. https://517s61.reminews.com/dannig/common-player-arrow/index.html?var=1541501&ymid=2112031123e5e1879572f... Page URL
  220. https://kneeansweras.com/afu.php?zoneid=1541502&var=1541501 Page URL
  221. https://kneeansweras.com/?r=dir&zoneid=1541502&var=1541501&pb=586c9fa88c368e30110ae9853b524f961638555... Page URL
  222. https://517s61.reminews.com/dannig/common-player-arrow/index.html?var=1541502&ymid=2112031123d83abf0c2d3... Page URL
  223. https://kneeansweras.com/afu.php?zoneid=1541501&var=1541502 Page URL
  224. https://kneeansweras.com/?r=dir&zoneid=1541501&var=1541502&pb=586c9fa88c368e30110ae9853b524f961638555... Page URL
  225. https://517s61.reminews.com/dannig/common-player-arrow/index.html?var=1541501&ymid=2112031123c2a7447c3a3... Page URL
  226. https://kneeansweras.com/afu.php?zoneid=1541502&var=1541501 Page URL
  227. https://kneeansweras.com/?r=dir&zoneid=1541502&var=1541501&pb=586c9fa88c368e30110ae9853b524f961638555... Page URL
  228. https://517s61.reminews.com/dannig/common-player-arrow/index.html?var=1541502&ymid=2112031123d2553c7dea7... Page URL
  229. https://kneeansweras.com/afu.php?zoneid=1541501&var=1541502 Page URL
  230. https://kneeansweras.com/?r=dir&zoneid=1541501&var=1541502&pb=c7faa40d15ef954beccbc274315a1d5d1638555... Page URL
  231. https://517s61.reminews.com/dannig/common-player-arrow/index.html?var=1541501&ymid=21120311230aec5e98c9c... Page URL
  232. https://kneeansweras.com/afu.php?zoneid=1541502&var=1541501 Page URL
  233. https://kneeansweras.com/?r=dir&zoneid=1541502&var=1541501&pb=c7faa40d15ef954beccbc274315a1d5d1638555... Page URL
  234. https://517s61.reminews.com/dannig/common-player-arrow/index.html?var=1541502&ymid=211203112345f6b5419c0... Page URL
  235. https://kneeansweras.com/afu.php?zoneid=1541501&var=1541502 Page URL
  236. https://kneeansweras.com/?r=dir&zoneid=1541501&var=1541502&pb=c7faa40d15ef954beccbc274315a1d5d1638555... Page URL
  237. https://517s61.reminews.com/dannig/common-player-arrow/index.html?var=1541501&ymid=21120311230705416d46c... Page URL
  238. https://kneeansweras.com/afu.php?zoneid=1541502&var=1541501 Page URL
  239. https://kneeansweras.com/?r=dir&zoneid=1541502&var=1541501&pb=c7faa40d15ef954beccbc274315a1d5d1638555... Page URL
  240. https://517s61.reminews.com/dannig/common-player-arrow/index.html?var=1541502&ymid=2112031123ffa0c0979d7... Page URL
  241. https://kneeansweras.com/afu.php?zoneid=1541501&var=1541502 Page URL
  242. https://kneeansweras.com/?r=dir&zoneid=1541501&var=1541502&pb=94861bd26ff71adbec89567b22a2ae001638555... Page URL
  243. https://517s61.reminews.com/dannig/common-player-arrow/index.html?var=1541501&ymid=21120311234eb45788fda... Page URL
  244. https://kneeansweras.com/afu.php?zoneid=1541502&var=1541501 Page URL
  245. https://kneeansweras.com/?r=dir&zoneid=1541502&var=1541501&pb=94861bd26ff71adbec89567b22a2ae001638555... Page URL
  246. https://517s61.reminews.com/dannig/common-player-arrow/index.html?var=1541502&ymid=2112031123c4f58ed1fb0... Page URL
  247. https://kneeansweras.com/afu.php?zoneid=1541501&var=1541502 Page URL
  248. https://kneeansweras.com/?r=dir&zoneid=1541501&var=1541502&pb=94861bd26ff71adbec89567b22a2ae001638555... Page URL
  249. https://517s61.reminews.com/dannig/common-player-arrow/index.html?var=1541501&ymid=2112031123a8a6adb5299... Page URL
  250. https://kneeansweras.com/afu.php?zoneid=1541502&var=1541501 Page URL
  251. https://kneeansweras.com/?r=dir&zoneid=1541502&var=1541501&pb=94861bd26ff71adbec89567b22a2ae001638555... Page URL
  252. https://517s61.reminews.com/dannig/common-player-arrow/index.html?var=1541502&ymid=21120311230e62017cc52... Page URL
  253. https://kneeansweras.com/afu.php?zoneid=1541501&var=1541502 Page URL
  254. https://kneeansweras.com/?r=dir&zoneid=1541501&var=1541502&pb=94861bd26ff71adbec89567b22a2ae001638555... Page URL
  255. https://517s61.reminews.com/dannig/common-player-arrow/index.html?var=1541501&ymid=21120311233e4d6e3954d... Page URL
  256. https://kneeansweras.com/afu.php?zoneid=1541502&var=1541501 Page URL
  257. https://kneeansweras.com/?r=dir&zoneid=1541502&var=1541501&pb=b9b2a3a0d6aeb2daea54738224aa55171638555... Page URL
  258. https://517s61.reminews.com/dannig/common-player-arrow/index.html?var=1541502&ymid=2112031123694468540d9... Page URL
  259. https://kneeansweras.com/afu.php?zoneid=1541501&var=1541502 Page URL
  260. https://kneeansweras.com/?r=dir&zoneid=1541501&var=1541502&pb=b9b2a3a0d6aeb2daea54738224aa55171638555... Page URL
  261. https://517s61.reminews.com/dannig/common-player-arrow/index.html?var=1541501&ymid=21120311231ce80a36ec5... Page URL
  262. https://kneeansweras.com/afu.php?zoneid=1541502&var=1541501 Page URL
  263. https://kneeansweras.com/?r=dir&zoneid=1541502&var=1541501&pb=b9b2a3a0d6aeb2daea54738224aa55171638555... Page URL
  264. https://517s61.reminews.com/dannig/common-player-arrow/index.html?var=1541502&ymid=2112031123bb8bc8e663d... Page URL
  265. https://kneeansweras.com/afu.php?zoneid=1541501&var=1541502 Page URL
  266. https://kneeansweras.com/?r=dir&zoneid=1541501&var=1541502&pb=99d2679fdbee7ed704946d37ec67e0291638555... Page URL
  267. https://517s61.reminews.com/dannig/common-player-arrow/index.html?var=1541501&ymid=21120311230431d9ff934... Page URL
  268. https://kneeansweras.com/afu.php?zoneid=1541502&var=1541501 Page URL
  269. https://kneeansweras.com/?r=dir&zoneid=1541502&var=1541501&pb=99d2679fdbee7ed704946d37ec67e0291638555... Page URL
  270. https://517s61.reminews.com/dannig/common-player-arrow/index.html?var=1541502&ymid=2112031123f2c0ee73e9a... Page URL
  271. https://kneeansweras.com/afu.php?zoneid=1541501&var=1541502 Page URL
  272. https://kneeansweras.com/?r=dir&zoneid=1541501&var=1541502&pb=99d2679fdbee7ed704946d37ec67e0291638555... Page URL
  273. https://517s61.reminews.com/dannig/common-player-arrow/index.html?var=1541501&ymid=21120311235d93dc8162e... Page URL
  274. https://kneeansweras.com/afu.php?zoneid=1541502&var=1541501 Page URL
  275. https://kneeansweras.com/?r=dir&zoneid=1541502&var=1541501&pb=99d2679fdbee7ed704946d37ec67e0291638555... Page URL
  276. https://517s61.reminews.com/dannig/common-player-arrow/index.html?var=1541502&ymid=2112031123f0b63f746e6... Page URL
  277. https://kneeansweras.com/afu.php?zoneid=1541501&var=1541502 Page URL
  278. https://kneeansweras.com/?r=dir&zoneid=1541501&var=1541502&pb=99d2679fdbee7ed704946d37ec67e0291638555... Page URL
  279. https://517s61.reminews.com/dannig/common-player-arrow/index.html?var=1541501&ymid=21120311231318ba21eb9... Page URL
  280. https://kneeansweras.com/afu.php?zoneid=1541502&var=1541501 Page URL
  281. https://kneeansweras.com/?r=dir&zoneid=1541502&var=1541501&pb=c5e7174345369ec4eb0115ed8811fdc11638555... Page URL
  282. https://517s61.reminews.com/dannig/common-player-arrow/index.html?var=1541502&ymid=21120311230ae9a0d1eff... Page URL
  283. https://kneeansweras.com/afu.php?zoneid=1541501&var=1541502 Page URL
  284. https://kneeansweras.com/?r=dir&zoneid=1541501&var=1541502&pb=c5e7174345369ec4eb0115ed8811fdc11638555... Page URL
  285. https://517s61.reminews.com/dannig/common-player-arrow/index.html?var=1541501&ymid=2112031123cd6dca9745e... Page URL
  286. https://kneeansweras.com/afu.php?zoneid=1541502&var=1541501 Page URL
  287. https://kneeansweras.com/?r=dir&zoneid=1541502&var=1541501&pb=c5e7174345369ec4eb0115ed8811fdc11638555... Page URL
  288. https://517s61.reminews.com/dannig/common-player-arrow/index.html?var=1541502&ymid=21120311231b78fb1bf9b... Page URL
  289. https://kneeansweras.com/afu.php?zoneid=1541501&var=1541502 Page URL
  290. https://kneeansweras.com/?r=dir&zoneid=1541501&var=1541502&pb=c5e7174345369ec4eb0115ed8811fdc11638555... Page URL
  291. https://517s61.reminews.com/dannig/common-player-arrow/index.html?var=1541501&ymid=21120311236d970b91640... Page URL
  292. https://kneeansweras.com/afu.php?zoneid=1541502&var=1541501 Page URL
  293. https://kneeansweras.com/?r=dir&zoneid=1541502&var=1541501&pb=8972fe0676f5560ae3c24b137e758cd91638555... Page URL
  294. https://517s61.reminews.com/dannig/common-player-arrow/index.html?var=1541502&ymid=2112031123fbd17386115... Page URL
  295. https://kneeansweras.com/afu.php?zoneid=1541501&var=1541502 Page URL
  296. https://kneeansweras.com/?r=dir&zoneid=1541501&var=1541502&pb=8972fe0676f5560ae3c24b137e758cd91638555... Page URL
  297. https://517s61.reminews.com/dannig/common-player-arrow/index.html?var=1541501&ymid=2112031123e6f8bfeeb0e... Page URL
  298. https://kneeansweras.com/afu.php?zoneid=1541502&var=1541501 Page URL
  299. https://kneeansweras.com/?r=dir&zoneid=1541502&var=1541501&pb=8972fe0676f5560ae3c24b137e758cd91638555... Page URL
  300. https://517s61.reminews.com/dannig/common-player-arrow/index.html?var=1541502&ymid=2112031123cac9cfc2d81... Page URL
  301. https://kneeansweras.com/afu.php?zoneid=1541501&var=1541502 Page URL
  302. https://kneeansweras.com/?r=dir&zoneid=1541501&var=1541502&pb=8972fe0676f5560ae3c24b137e758cd91638555... Page URL
  303. https://517s61.reminews.com/dannig/common-player-arrow/index.html?var=1541501&ymid=21120311230f6545a24f1... Page URL
  304. https://kneeansweras.com/afu.php?zoneid=1541502&var=1541501 Page URL
  305. https://kneeansweras.com/?r=dir&zoneid=1541502&var=1541501&pb=8972fe0676f5560ae3c24b137e758cd91638555... Page URL
  306. https://517s61.reminews.com/dannig/common-player-arrow/index.html?var=1541502&ymid=2112031123e9b34f67ce3... Page URL
  307. https://kneeansweras.com/afu.php?zoneid=1541501&var=1541502 Page URL
  308. https://kneeansweras.com/?r=dir&zoneid=1541501&var=1541502&pb=69b5eb3d0a49ed1ec2673bbfd6730df51638555... Page URL
  309. https://517s61.reminews.com/dannig/common-player-arrow/index.html?var=1541501&ymid=2112031123bfba04b7b2a... Page URL
  310. https://kneeansweras.com/afu.php?zoneid=1541502&var=1541501 Page URL
  311. https://kneeansweras.com/?r=dir&zoneid=1541502&var=1541501&pb=69b5eb3d0a49ed1ec2673bbfd6730df51638555... Page URL
  312. https://517s61.reminews.com/dannig/common-player-arrow/index.html?var=1541502&ymid=21120311235d438d80f81... Page URL
  313. https://kneeansweras.com/afu.php?zoneid=1541501&var=1541502 Page URL
  314. https://kneeansweras.com/?r=dir&zoneid=1541501&var=1541502&pb=69b5eb3d0a49ed1ec2673bbfd6730df51638555... Page URL
  315. https://517s61.reminews.com/dannig/common-player-arrow/index.html?var=1541501&ymid=2112031123230b3a09fec... Page URL
  316. https://kneeansweras.com/afu.php?zoneid=1541502&var=1541501 Page URL
  317. https://kneeansweras.com/?r=dir&zoneid=1541502&var=1541501&pb=69b5eb3d0a49ed1ec2673bbfd6730df51638555... Page URL
  318. https://517s61.reminews.com/dannig/common-player-arrow/index.html?var=1541502&ymid=2112031123562f2d309c2... Page URL
  319. https://kneeansweras.com/afu.php?zoneid=1541501&var=1541502 Page URL
  320. https://kneeansweras.com/?r=dir&zoneid=1541501&var=1541502&pb=69b5eb3d0a49ed1ec2673bbfd6730df51638555... Page URL
  321. https://517s61.reminews.com/dannig/common-player-arrow/index.html?var=1541501&ymid=211203112353cb4c5bfb8... Page URL
  322. https://kneeansweras.com/afu.php?zoneid=1541502&var=1541501 Page URL
  323. https://kneeansweras.com/?r=dir&zoneid=1541502&var=1541501&pb=0245dd2aa2841230c0ef5fd80fe6c3e01638555... Page URL
  324. https://517s61.reminews.com/dannig/common-player-arrow/index.html?var=1541502&ymid=211203112367b550e1ecc... Page URL
  325. https://kneeansweras.com/afu.php?zoneid=1541501&var=1541502 Page URL
  326. https://kneeansweras.com/?r=dir&zoneid=1541501&var=1541502&pb=0245dd2aa2841230c0ef5fd80fe6c3e01638555... Page URL
  327. https://517s61.reminews.com/dannig/common-player-arrow/index.html?var=1541501&ymid=2112031123ae80a12fb94... Page URL
  328. https://kneeansweras.com/afu.php?zoneid=1541502&var=1541501 Page URL
  329. https://kneeansweras.com/?r=dir&zoneid=1541502&var=1541501&pb=0245dd2aa2841230c0ef5fd80fe6c3e01638555... Page URL
  330. https://517s61.reminews.com/dannig/common-player-arrow/index.html?var=1541502&ymid=211203112352e0aa44d97... Page URL
  331. https://kneeansweras.com/afu.php?zoneid=1541501&var=1541502 Page URL
  332. https://kneeansweras.com/?r=dir&zoneid=1541501&var=1541502&pb=0245dd2aa2841230c0ef5fd80fe6c3e01638555... Page URL
  333. https://517s61.reminews.com/dannig/common-player-arrow/index.html?var=1541501&ymid=2112031123c7e71ced9e0... Page URL
  334. https://kneeansweras.com/afu.php?zoneid=1541502&var=1541501 Page URL
  335. https://kneeansweras.com/?r=dir&zoneid=1541502&var=1541501&pb=495bce6f770101e310f4cb193b35e8321638555... Page URL
  336. https://517s61.reminews.com/dannig/common-player-arrow/index.html?var=1541502&ymid=2112031123ff38001bfd4... Page URL
  337. https://kneeansweras.com/afu.php?zoneid=1541501&var=1541502 Page URL
  338. https://kneeansweras.com/?r=dir&zoneid=1541501&var=1541502&pb=495bce6f770101e310f4cb193b35e8321638555... Page URL
  339. https://517s61.reminews.com/dannig/common-player-arrow/index.html?var=1541501&ymid=2112031123f8ac35a2cf4... Page URL
  340. https://kneeansweras.com/afu.php?zoneid=1541502&var=1541501 Page URL
  341. https://kneeansweras.com/?r=dir&zoneid=1541502&var=1541501&pb=495bce6f770101e310f4cb193b35e8321638555... Page URL
  342. https://517s61.reminews.com/dannig/common-player-arrow/index.html?var=1541502&ymid=2112031123cb928b94cdb... Page URL
  343. https://kneeansweras.com/afu.php?zoneid=1541501&var=1541502 Page URL
  344. https://kneeansweras.com/?r=dir&zoneid=1541501&var=1541502&pb=f769bd8914aa866f70b4705b7ba1c7c91638555... Page URL
  345. https://517s61.reminews.com/dannig/common-player-arrow/index.html?var=1541501&ymid=21120311231a532113f4f... Page URL
  346. https://kneeansweras.com/afu.php?zoneid=1541502&var=1541501 Page URL
  347. https://kneeansweras.com/?r=dir&zoneid=1541502&var=1541501&pb=f769bd8914aa866f70b4705b7ba1c7c91638555... Page URL
  348. https://517s61.reminews.com/dannig/common-player-arrow/index.html?var=1541502&ymid=2112031123ae1187fe5b4... Page URL
  349. https://kneeansweras.com/afu.php?zoneid=1541501&var=1541502 Page URL
  350. https://kneeansweras.com/?r=dir&zoneid=1541501&var=1541502&pb=f769bd8914aa866f70b4705b7ba1c7c91638555... Page URL
  351. https://517s61.reminews.com/dannig/common-player-arrow/index.html?var=1541501&ymid=2112031123690353c0d2a... Page URL
  352. https://kneeansweras.com/afu.php?zoneid=1541502&var=1541501 Page URL
  353. https://kneeansweras.com/?r=dir&zoneid=1541502&var=1541501&pb=f769bd8914aa866f70b4705b7ba1c7c91638555... Page URL
  354. https://517s61.reminews.com/dannig/common-player-arrow/index.html?var=1541502&ymid=2112031123b408e0a5bbf... Page URL
  355. https://kneeansweras.com/afu.php?zoneid=1541501&var=1541502 Page URL
  356. https://kneeansweras.com/?r=dir&zoneid=1541501&var=1541502&pb=cf1c6c26f33db445ca202d224aff256f1638555... Page URL
  357. https://517s61.reminews.com/dannig/common-player-arrow/index.html?var=1541501&ymid=21120311236d35495a51f... Page URL
  358. https://kneeansweras.com/afu.php?zoneid=1541502&var=1541501 Page URL
  359. https://kneeansweras.com/?r=dir&zoneid=1541502&var=1541501&pb=cf1c6c26f33db445ca202d224aff256f1638555... Page URL
  360. https://517s61.reminews.com/dannig/common-player-arrow/index.html?var=1541502&ymid=21120311238322eae0a5d... Page URL
  361. https://kneeansweras.com/afu.php?zoneid=1541501&var=1541502 Page URL
  362. https://kneeansweras.com/?r=dir&zoneid=1541501&var=1541502&pb=cf1c6c26f33db445ca202d224aff256f1638555... Page URL
  363. https://517s61.reminews.com/dannig/common-player-arrow/index.html?var=1541501&ymid=21120311236907a361678... Page URL
  364. https://kneeansweras.com/afu.php?zoneid=1541502&var=1541501 Page URL
  365. https://kneeansweras.com/?r=dir&zoneid=1541502&var=1541501&pb=cf1c6c26f33db445ca202d224aff256f1638555... Page URL
  366. https://517s61.reminews.com/dannig/common-player-arrow/index.html?var=1541502&ymid=21120311239871d8c1cf4... Page URL
  367. https://kneeansweras.com/afu.php?zoneid=1541501&var=1541502 Page URL
  368. https://kneeansweras.com/?r=dir&zoneid=1541501&var=1541502&pb=cf1c6c26f33db445ca202d224aff256f1638555... Page URL
  369. https://517s61.reminews.com/dannig/common-player-arrow/index.html?var=1541501&ymid=21120311231f900fd2941... Page URL
  370. https://kneeansweras.com/afu.php?zoneid=1541502&var=1541501 Page URL
  371. https://kneeansweras.com/?r=dir&zoneid=1541502&var=1541501&pb=dc50e079b7273137e162de095e5f4dca1638555... Page URL
  372. https://517s61.reminews.com/dannig/common-player-arrow/index.html?var=1541502&ymid=2112031123d52a1533639... Page URL
  373. https://kneeansweras.com/afu.php?zoneid=1541501&var=1541502 Page URL
  374. https://kneeansweras.com/?r=dir&zoneid=1541501&var=1541502&pb=dc50e079b7273137e162de095e5f4dca1638555... Page URL
  375. https://517s61.reminews.com/dannig/common-player-arrow/index.html?var=1541501&ymid=2112031123f1a437d6c4f... Page URL
  376. https://kneeansweras.com/afu.php?zoneid=1541502&var=1541501 Page URL
  377. https://kneeansweras.com/?r=dir&zoneid=1541502&var=1541501&pb=dc50e079b7273137e162de095e5f4dca1638555... Page URL
  378. https://517s61.reminews.com/dannig/common-player-arrow/index.html?var=1541502&ymid=211203112368f5d98fb94... Page URL
  379. https://kneeansweras.com/afu.php?zoneid=1541501&var=1541502 Page URL
  380. https://kneeansweras.com/?r=dir&zoneid=1541501&var=1541502&pb=33cbb9184d45525d9026e831abf9a0f81638555... Page URL
  381. https://517s61.reminews.com/dannig/common-player-arrow/index.html?var=1541501&ymid=2112031123bd350b18d1d... Page URL
  382. https://kneeansweras.com/afu.php?zoneid=1541502&var=1541501 Page URL
  383. https://kneeansweras.com/?r=dir&zoneid=1541502&var=1541501&pb=33cbb9184d45525d9026e831abf9a0f81638555... Page URL
  384. https://517s61.reminews.com/dannig/common-player-arrow/index.html?var=1541502&ymid=211203112352e98a4e4e8... Page URL
  385. https://kneeansweras.com/afu.php?zoneid=1541501&var=1541502 Page URL
  386. https://kneeansweras.com/?r=dir&zoneid=1541501&var=1541502&pb=33cbb9184d45525d9026e831abf9a0f81638555... Page URL
  387. https://517s61.reminews.com/dannig/common-player-arrow/index.html?var=1541501&ymid=21120311231567f2b0ad7... Page URL
  388. https://kneeansweras.com/afu.php?zoneid=1541502&var=1541501 Page URL
  389. https://kneeansweras.com/?r=dir&zoneid=1541502&var=1541501&pb=81f41098a74799f2ccd7c12d88e183a51638555... Page URL

Page Statistics

1682
Requests

92 %
HTTPS

0 %
IPv6

3
Domains

3
Subdomains

4
IPs

2
Countries

8980 kB
Transfer

11061 kB
Size

4
Cookies

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

  1. https://kneeansweras.com/afu.php?zoneid=1541501&var=1541502 Page URL
  2. https://kneeansweras.com/?r=dir&zoneid=1541501&var=1541502&pb=9564a6b8f78ca97bec376f5881442e641638555763&psp=LeZvB7AsQyVxEZjMJGi2bgJbjaELwujTnKS1pA_SLGrD22YKh0gnTQIeU0A8iZ-Zunq5Z86k4nas8Xy5MNzRDlumpJiipY47FhmWWo5PIT1wufuwFFrBcV0Gx4efazTOln1O32KJZRuERuqdoIWBzDLlQsSaMTCtTFyX7oxePlktH0QBCp_Uq9V-MhujGyg8GRMwSTpKPOp99mFREVvdIx_pNadzWCc4HF8HZjCLYuObARotiyJpi0edsKFWT_0DKYXJNZ8hL1fbZpOjIwUyaTbBo0gMg6rXiHVCj-wOEtPJElSonwGlrdkvXcV7cgrOdZELKyyxJfcGqoaInh9rck_whr4UGZUQXvnuHyVeDiGwhz77NVB3GXW4yp-2m4iOsJ9ljw-DdVP0IlUa8PzFadaMUkrMA1oT5x115eltSPSeRE6k7HPbLiFx4N4kq8WL0m_Dn4N01W68ZsvagReoNHmDxSX04ReoD26KGYnGIcn5bDt6waI_dOvf-G0vl35jgyEkoyGaOTKF0zCANxJ1T82cDmN8iFeP9TK3sVXpuxS6kaCt1dGA1qIlD4Oyk77TF7V8qfihXxzymlQSxFUQ-Wyy3d39MVy3tMbSj1fEB-TtR3lGZ4v-Q1cx3gAWmy7bUxIIjTrk9jeAn_fVhaLPTTkmVKpaXrqGdvKQAXFM3OIbhcsS6TvuAA==&nojs=0&ix=0&t=0&x=1600&y=1200&wcks=1&wgl=1&cnvs=1&os=0&md=0&bb=0&pl=Chrome%20PDF%20Plugin::Chrome%20PDF%20Viewer::Native%20Client&lang=en-US&pf=Linux%20x86_64&cd=24&0&pload=190 Page URL
  3. https://517s61.reminews.com/dannig/common-player-arrow/index.html?var=1541501&ymid=211203112229277990f01e41e2a88c34f1ee&rc=1&mrc=0&fsc=0&zoneid=1601571&tburl=https://play-vids.com/?geo=nl&proxy=true Page URL
  4. https://kneeansweras.com/afu.php?zoneid=1541502&var=1541501 Page URL
  5. https://kneeansweras.com/?r=dir&zoneid=1541502&var=1541501&pb=d7a53d1bb7d22e5df7315e46fac23a1c1638555764&psp=ELAe9LQk7SJpTi0sbsET0bkkdScFOLkTeqSYxp9mAuvtCFSgPX5Eux9tQaR3Ka-ogdVMBv49Ef2AqPN5f905CBXfJRNqK_ynit0sxBFTPUvAaea3uePFC77ZWipgzDm_JWZBQUD8kaDc4Qt6kK2aq_A0yPF6b5400L3EWdF-qOU16OZQeIMdr9cBa3CCVkjjlc1nNqSOfI8odVaDGNiSNLBBwl_330x9L7zufF3i7s-OfOoWJ4wz2eeAvQujqNH-KK_iuxcpXeM278RkKdQzxkEc-OHxEZeZe4uQA2BOEIH8ZCAqJb3onrwLN04mA2sHU1y8KLlRD_fd7fD61cxbSXLgEvUZquTk8siqBUFVSyR-HrcBSGe17JkTwkn2bJArqcRf9bHuOWtnVpwo2IpAf_FwXIZ4LVzieouxoEGTx7rK4lCndFQ4NGfYwwElH2Dj0mEr5toZp3stpAlEQlVVkdO93c_xh_sGGGkUXBZmzlU5Ay3ODGpbg6pVOQiAxRSr8e-aqO5Oy-s-HDsHWd3QLcpLyIFq9M8nU6J35ypzazfJdzVEtMF7iS9-eSD3-FXcmR2t_HnFIPpC1vlifuLMtl50xV-smZOGrIK7TSG7eWLH0s2CfUgAOswlLKn95Hdzgd6Uws3GWxGFBGa4NIqZrULKos2ZBCy9YQc3HkYlkQMoXDP2T-hbAg==&nojs=0&ix=0&t=0&x=1600&y=1200&wcks=1&wgl=1&cnvs=1&os=0&md=0&bb=0&pl=Chrome%20PDF%20Plugin::Chrome%20PDF%20Viewer::Native%20Client&lang=en-US&pf=Linux%20x86_64&cd=24&0&pload=128 Page URL
  6. https://517s61.reminews.com/dannig/common-player-arrow/index.html?var=1541502&ymid=2112031122da8401df3c96404a972d195d99&rc=1&mrc=0&fsc=0&zoneid=1601571&tburl=https://play-vids.com/?geo=nl&proxy=true Page URL
  7. https://kneeansweras.com/afu.php?zoneid=1541501&var=1541502 Page URL
  8. https://kneeansweras.com/?r=dir&zoneid=1541501&var=1541502&pb=d7a53d1bb7d22e5df7315e46fac23a1c1638555764&psp=boGU7DRdeWeMzkaI1JQJQwhD1N3KV6MFz8lxo-S-xNPcTRrNtJymo30FuKa-aj40a_VPPXTv55pag5imV85YwFE__YWupo8_Yn41WtSBkxbIR2rt7EL0-W8VPh2ulrdRPxe4E-NhiE9vG-EFrZN6i8OTT0BEIn9bD7u_kBIcd6o6yB8-rXXuqe5z47S2ck8DAnzV-phgVYUy8xmkb10DoSwdmkTN6xMmAA6whuUigYOT6Wtys8Dr_NYXi_sgQzyWm4-s5uGYSMzaobBZYT_1U-tsBQXJ6JHYotMq8bJDuO7Z_fU33IpMEhRtkIVj1GHZV2rhwU5RGCX1v__wv2z_ZHB5_8T8tZYF-5XXT37cYXEUHQ54RQR2SGzty4od8u5eh-RqIGgx5rxjASyXYoAgKOxXdXEgSdAtaGGEP1BrxjI_YNL7ZMzWC6J35IqoFEopblufQc2J0WWcBlgMn22wrZR96weEHA6N2l5wt4JfkTlbxD8G6dkuqz5Fb45DnSVSAnR1PrBdNAotnN7JpV06L1CVN4q1bOgvELsrAE0l0mzj-ZpJ5thpPKKfqeYQyP3b0BddKsqrFaR-lMPdIlbRaG7lBj7PU-RGOwV1BO6m4X3BFE7UF2U8oCXA0FJ_Yt9tcwWd6pUuGOA9mLLtmp2Pa3EPxQoZuKJvWhPKEq8-XZKNgo3Xl_9oMQ==&nojs=0&ix=0&t=0&x=1600&y=1200&wcks=1&wgl=1&cnvs=1&os=0&md=0&bb=0&pl=Chrome%20PDF%20Plugin::Chrome%20PDF%20Viewer::Native%20Client&lang=en-US&pf=Linux%20x86_64&cd=24&0&pload=111 Page URL
  9. https://517s61.reminews.com/dannig/common-player-arrow/index.html?var=1541501&ymid=2112031122c0a84b61c8f547369166b5334c&rc=1&mrc=0&fsc=0&zoneid=1601571&tburl=https://play-vids.com/?geo=nl&proxy=true Page URL
  10. https://kneeansweras.com/afu.php?zoneid=1541502&var=1541501 Page URL
  11. https://kneeansweras.com/?r=dir&zoneid=1541502&var=1541501&pb=d7a53d1bb7d22e5df7315e46fac23a1c1638555764&psp=eEhHyW8l0M12ypw7Y1DnTmBVrMgwyO1m8Yfhn1100OetVMXDNTT7jtdkMHTJuS45lm8iOXsSgrQTDgj-HH3UOzuHaSigx4lDvH1GFVRJGWRfvgsONl4ISdPVWvRHYH5TOUmXroBe8EZe9iur2dYXmCHk556K5ILKuRhzBFqWJwqgjZ3LhxRvW-lrxfDG_SkEpQ6WzBfHfP8yrCtt33_VxN0JexT2m7RdAMfdq3IQhK01Tr2YdhJGl1PhhwVf_vBoyXwcaNkkYzsLDQlb_CsOe37KRkca8dvSmGMNFVp_wmmhzeKRqLaj9tLkpwpa6YYO--qxZMiQNYOg4hEx1xqewDXRf9EmryX_AC5Hue3f7IUCilBuIWHI3O5CT7tojo289419dSv2tMQZYCrmbeBhpzOQsuGgVxd1Yr71d2t-WXJKLqHicd2UOR1-xIHqOn9X07rlxf4y8y8sXzJhR-N5QxJcLb3AXax0kGeZwx43lVOzNcqK1dG-6xDu6dK-9-S2x8c7iQFWXpa7HUMPs9eHYRrVsASGvgBxWKJ5j4Huo_RL63_KVr04AMi_Dv3JAj0tRG27OmlbT9PQHwANOXswdW5zEBn5VMzG56s4nzBE7HWyMi5KIh3PgSVsOjUxVPCh023mBo9XNQmnhxrtFnFqbnwnYlCa4FhVpbR-fsV5aYVHJeRs53d21g==&nojs=0&ix=0&t=0&x=1600&y=1200&wcks=1&wgl=1&cnvs=1&os=0&md=0&bb=0&pl=Chrome%20PDF%20Plugin::Chrome%20PDF%20Viewer::Native%20Client&lang=en-US&pf=Linux%20x86_64&cd=24&0&pload=115 Page URL
  12. https://517s61.reminews.com/dannig/common-player-arrow/index.html?var=1541502&ymid=211203112221b23744c5cd4a63aec7b3dc42&rc=1&mrc=0&fsc=0&zoneid=1601571&tburl=https://play-vids.com/?geo=nl&proxy=true Page URL
  13. https://kneeansweras.com/afu.php?zoneid=1541501&var=1541502 Page URL
  14. https://kneeansweras.com/?r=dir&zoneid=1541501&var=1541502&pb=d7a53d1bb7d22e5df7315e46fac23a1c1638555764&psp=f8WV40hkK3Xzin9T9ptCxr5xAZXShQQPEDX1f63tNgXcD8l7NcjWWTPcPTlfB3lUgiTrTtO3N3RJVV_29NGZQJRHo7dyh0PcuCVM99w4eZRGNUvaVS0d32j72XQv7YrZytUr9bfcJSwlzESxm_8Y5vKYYHff-Dwr5q5CdPiE82JHCJBOtSk3D2F1MkV7kg7KCPBYuIBe0gpU2X_HGY-GA_yIAUitZ9lDKqe69P34o33kOHq7NSRxeM440xtUOgO5KqJqBbbNYXyyAYwwn0U8zyiOzO35audmX0Y7-1UA3OTDrzcC-oDyaAyXrxxugB5hR74nOoCkoz4-2CWqHECazEYdpJv3_a5WNeNth7FCEu2EEEQQYXPE83m8G143sGrWJw7zENx9KNSkRvXKrg-gpd2FGMZ5kR8W-sbeQufKFDh4Tp05ncFYeieOEtLekgLl9LuVQ2u2sFStTPk6KVWsHrk9fMQZDnEbEfI6teR60csAJb9Fn3U8kXzN9rsj2BhC3E2MHLjUC9ZEGJ3pXGdxcME8EWIxHSNYeSZxV72PkIoZK8ihxIaNhI24HQmGoyq475jJMp22YaIxMJ5GA9W4UKyeNV9W8uCvNl-TIs02eLgFeJcfN5Sv8zrrSqOTncE3MQilGHQDH1ryvGSRuoEWM9ujVkI8XiM2maqAJqkkwidjgmIGrUjAhQ==&nojs=0&ix=0&t=0&x=1600&y=1200&wcks=1&wgl=1&cnvs=1&os=0&md=0&bb=0&pl=Chrome%20PDF%20Plugin::Chrome%20PDF%20Viewer::Native%20Client&lang=en-US&pf=Linux%20x86_64&cd=24&0&pload=102 Page URL
  15. https://517s61.reminews.com/dannig/common-player-arrow/index.html?var=1541501&ymid=2112031122e575c347bc924181b635d100ed&rc=1&mrc=0&fsc=0&zoneid=1601571&tburl=https://play-vids.com/?geo=nl&proxy=true Page URL
  16. https://kneeansweras.com/afu.php?zoneid=1541502&var=1541501 Page URL
  17. https://kneeansweras.com/?r=dir&zoneid=1541502&var=1541501&pb=fdeb0896f6f745991ce0d467973311521638555765&psp=hVRY7bVos7UXqwGQ-YYmsa0hiH2SUJqRCQTcJR1_Gcp03ixYgvMN8PsUuGzmObIVCLHC-F03XRidAou6Hej3JwutDXNuvKK-J3oGihErqU7DaobgHPXHFuCHFK7qmkmd7JAVGbn6hrsudGUTTowV6Zh4g--mWVlyxEl_f1o4Ih_26H7cNFiP1E4olUPD22WYG-DySU9GksEyIc1n_7OOn2ZkYVebvbHYhC92wDUK5HbCSw4Q0FRaiPwZyQb0a3qboroKhkUVv8InGIAM5D0BFVHHtJe5KMB5tDLGoJLF7PTJr5f3VuoEHTpYPZIOKaxTXeF3W79RZAnPTjPMhVSsqhRiPmUzZZ_Eu8lUHcoYZlsjZGbeYkxB5fnFEcyewEyqIBPHgT0yE21VbGfbdN-oPCtfzkwwUvcpvg49L8NZ-CBl2LVRTIy19keWVkRSWOF-6XjR6bRcv6AJeiUgchFjWVZy6N2ggLy7VHhmUoLBwmTB4vPR-WBKYF2U_63W_VIOq6KsnHdu9Az7LXz5eZHZuGwkP9y7vCpCP8lZe3K-aH43TQJZBps1UsXdv6uTSHCIHGOkadiqH6uTs4klvx0HJ5CkGp-Gstgda5H2Z-8qMaHJHJU7NS_VW7jYuAalkhfTZOeKXXtTQ1ca3Vcpsct5LtpUBLm6yEPgLlPu5YRFIsVKmmz05m8ogQ==&nojs=0&ix=0&t=0&x=1600&y=1200&wcks=1&wgl=1&cnvs=1&os=0&md=0&bb=0&pl=Chrome%20PDF%20Plugin::Chrome%20PDF%20Viewer::Native%20Client&lang=en-US&pf=Linux%20x86_64&cd=24&0&pload=101 Page URL
  18. https://517s61.reminews.com/dannig/common-player-arrow/index.html?var=1541502&ymid=2112031122ed21e8884c1145a5ad3ab7bd0a&rc=1&mrc=0&fsc=0&zoneid=1601571&tburl=https://play-vids.com/?geo=nl&proxy=true Page URL
  19. https://kneeansweras.com/afu.php?zoneid=1541501&var=1541502 Page URL
  20. https://kneeansweras.com/?r=dir&zoneid=1541501&var=1541502&pb=fdeb0896f6f745991ce0d467973311521638555765&psp=kmIbzkxiM2Se0b9tVdn5n8nEP6bXqXqNxhDPf3iH6L2_ix5xybFjTI0DOgASKfXy9cpLAGif_U1FKAZcYj3WLiE6nEoax4dkCchU8O8H6rFjxI3IWOIYi6t4yFUq8j2viDRuMlmhLWfBGErnJkWC49OG5nMG83fmUYnQ5nKCywdrlv89KHHKtaNSwiAWCYnuetYCa0YwC8PemWzzSncrUE9k-vi4sFVg6ByjDK6AMO2bGRT2GLguanE88BI8FpjwWMGL1a-oblCoK0rlAW1iJzUIxWMRDtI7L6N6Eqymn-Ysw-diYVazqDRtRwjYSO8UwMMsAEyhcPuEocuDC5WCjyTevY_KXSinQ6BHgjhv--8sdYOQ3wGqSHZkpv6WCR5Cqicml9WM_9DE6A0v6JgNMmVBNkyCLQ0hIroAoWvfxwq0DNaWsO2feeHmRj6rXfptmG_7kpaI5GEsxC51Hqt3Pu8hbjyKlydlXnTCd7U3z101DznwIUQfthcURjR-gWFdIkZALX_97CmsGbZtFQhBL8cILd24hhO5v2R_o_KXtzgyQyFj6ipnYwiNq75M67PlUHSi_OuR-Iwm9sdr2e7jtE4dquFshpg4OYUHk0p7Zgn3GdAZsj0txZvGmZq1GhrKsAAEifMzZL31GSvi3Zh4ybflMS5i_a1Ix74OdrTrl1C45T-4PnIlkQ==&nojs=0&ix=0&t=0&x=1600&y=1200&wcks=1&wgl=1&cnvs=1&os=0&md=0&bb=0&pl=Chrome%20PDF%20Plugin::Chrome%20PDF%20Viewer::Native%20Client&lang=en-US&pf=Linux%20x86_64&cd=24&0&pload=110 Page URL
  21. https://517s61.reminews.com/dannig/common-player-arrow/index.html?var=1541501&ymid=2112031122612a9369971443ffad339ac0a3&rc=1&mrc=0&fsc=0&zoneid=1601571&tburl=https://play-vids.com/?geo=nl&proxy=true Page URL
  22. https://kneeansweras.com/afu.php?zoneid=1541502&var=1541501 Page URL
  23. https://kneeansweras.com/?r=dir&zoneid=1541502&var=1541501&pb=fdeb0896f6f745991ce0d467973311521638555765&psp=qqbCaaObp7HMPQ6tyEDBtiWATVfRMwTJ5sdjJzG5l0mf0mAZwUB9bSiQIBRd7IkTVlGO40Pj0V-cGoQDRPahRUKFAMU6DSCjuQ5tAhkY6OFwybslCYWLJH8YJ1vl8y5I6MzAGRWAZfnIECdi79i6aC4GYkNtTAkggLqoc6xt6CldAnu8w0NE4tgNFMRBsiTIdmwUTY9W-cBtAnty4BB_SBrSiRAy_InhN40X3cc6t59pHPwzxZq_lM3FRqbsxJwNQ2iQV86eSWX-vXtYxUv-EML0v7uwJAO37LmWrlmkzjRf_GrXhgF1TgHx5w-zUMc29WaXB9bPYhxApDTAcLPVU5pgiwZNog04CU1kVdnY2SrGmP3TlD7dKBPZQB8x3pYOHKR9JemMkSEers3RPpEj2nySWrDO2keZ473I1fXT_GS4FIyYS1V0oAUGISfeK2MzJGqs2bK5d9gsi8On03DCYyU_w6RFBTnNtj2fB1-hRU8YrdaIJkaojp4n6PnR3JOPC4piCVKeAmvcKlpfY2coUPchZqEPGXo25-on9wgRGRYRVuaE501nIyaz32XZ28fnNU-yfH3ACwcTk74tqDxN7nrQNF3JAXnI-kDVW3vZEBy7IRoDoO1LPLgiDdMxeEdfuCNKYgN0GQHKW0C0vLoXsw_Y56K3nqPcfnRJCUozd8NVCMreVbwstw==&nojs=0&ix=0&t=0&x=1600&y=1200&wcks=1&wgl=1&cnvs=1&os=0&md=0&bb=0&pl=Chrome%20PDF%20Plugin::Chrome%20PDF%20Viewer::Native%20Client&lang=en-US&pf=Linux%20x86_64&cd=24&0&pload=111 Page URL
  24. https://517s61.reminews.com/dannig/common-player-arrow/index.html?var=1541502&ymid=211203112272a04b49a291435f88dd97eeb9&rc=1&mrc=0&fsc=0&zoneid=1601571&tburl=https://play-vids.com/?geo=nl&proxy=true Page URL
  25. https://kneeansweras.com/afu.php?zoneid=1541501&var=1541502 Page URL
  26. https://kneeansweras.com/?r=dir&zoneid=1541501&var=1541502&pb=fdeb0896f6f745991ce0d467973311521638555765&psp=z9hyjXGnqTKkKFAjSL7Yb5zbhdktdpWlbnhB-gkdonKkxaBMP9njW9RRmVjaRv2j3FhSjfb61dpA18QOVWxh0yNsQ1fcxexa8EK_NcEmT84mBxOUI4hU-yJLknPVbqW5Wd4SMsBCcuPHtRNWn3Mkgzdiaurjxqr20rYokHTPcY1MC7txUIwn2z07FoDx6LSbhCwfwq_0rSox7cZ2t00CkDNnQQvws4KHNS_07C2fBD1lNFGCbwPAh660xNKHgkV5S6TngTLaqNxNwcRNmJQrQZyvxgSguyxgJ64vh-92hU9AJLHF5DHUfDp7bHBtpPPVXer2mwGtRe3rfGl8wjQDzAIF_Owf13647aSYqs-6eieHCuaOrcL_4382hC5KIEGcYxZ1SkM2jePQ8tMV0S7HaA3E5rLHUm-iN_yVfcompeWjJWgGqonzJlU_ck5Tut67MlbE6s7PpF-EY8StdnG-AX231idJOVAyvyC3IJR2dmX5KwJJuhEfQkN0KmGaCAv-bIiI710KG-puY9ksIBa1PqUs7iBpZv4K1SXmYxP_ay3dckoiTAkFyXoa3gTAdSVdCTiBFUpvirIMPJ6fixoKXyIF0abVSV69y5HQRPoIaS68VfPoVB4VG_vYfQgbg1eyhsQdKfDdxjjuvm3R-aj-vVzAU6DnxxOjIVon6ot9w9e9GwOPCtWSdw==&nojs=0&ix=0&t=0&x=1600&y=1200&wcks=1&wgl=1&cnvs=1&os=0&md=0&bb=0&pl=Chrome%20PDF%20Plugin::Chrome%20PDF%20Viewer::Native%20Client&lang=en-US&pf=Linux%20x86_64&cd=24&0&pload=104 Page URL
  27. https://517s61.reminews.com/dannig/common-player-arrow/index.html?var=1541501&ymid=2112031122d312340dbbe34eba98b91b0719&rc=1&mrc=0&fsc=0&zoneid=1601571&tburl=https://play-vids.com/?geo=nl&proxy=true Page URL
  28. https://kneeansweras.com/afu.php?zoneid=1541502&var=1541501 Page URL
  29. https://kneeansweras.com/?r=dir&zoneid=1541502&var=1541501&pb=4b3ab314b204a90189f2334c11f203081638555766&psp=7krTY-8DEXaGZmmO2FnunrWhBQ3p388Ekgj82KJvl0NvI3G2aOWUjUg1Ns_1TYtI2dXP04fYoD-Fca_LcVr9WQlunW_QkDS9Sr9XJ2t7rgVlILH5Qq7-9WB0jCf7Ui4vkBqb0YKpMO1uXBlQPOB8XbJRT3vYJpdnuff-jOYdv00iWqpBJ0Rlf2OblF6LxvUGaFqQwwmd92qTA_ns_kbtlYfD-GMULsDL-taHGDO93CLUFvQ1g78Mh4GXudWreZ6K2CeGllUv8nvTY4dzV22REETSg4ENAjL006OGXK4EQFjwjyohSTiVkhxBNKVjb6B1Z-Ffbx1k5LMDJ2jaOl9LLdX_n43sLhtA1fp_YX69BcYz4iklmVDTdubz4fgcM3nkrdRpY01saSCDlymqvUmadzMrJn1N3E2auyXBfJp8DYhRq2dgjcHYdkvuFsJbfy_9VFA6PFI3VduWH2Qhc7UPWIOoNmoPvEumq90tJCcKVcIsqQKoY9g_J4cEg7worW60Cv4_YSONvhhPGRql3ijl8xwTDxo60XvlT9lcKDsA9Hm1ZGzOs2-vlX15kD4eK4pp1350-X0MS5DzTMYZ5kTo8JM2Esd3z_yIUhpCxfRaWV4u9p-ypn7-9xNcjPFQSzznM86WGNfy5WiuJw7Pt7Zr4TQct1G7isiES4qdMUF7lyC2D56t4q7g_g==&nojs=0&ix=0&t=0&x=1600&y=1200&wcks=1&wgl=1&cnvs=1&os=0&md=0&bb=0&pl=Chrome%20PDF%20Plugin::Chrome%20PDF%20Viewer::Native%20Client&lang=en-US&pf=Linux%20x86_64&cd=24&0&pload=102 Page URL
  30. https://517s61.reminews.com/dannig/common-player-arrow/index.html?var=1541502&ymid=21120311228dde5d782d504634b2470a0a1c&rc=1&mrc=0&fsc=0&zoneid=1601571&tburl=https://play-vids.com/?geo=nl&proxy=true Page URL
  31. https://kneeansweras.com/afu.php?zoneid=1541501&var=1541502 Page URL
  32. https://kneeansweras.com/?r=dir&zoneid=1541501&var=1541502&pb=4b3ab314b204a90189f2334c11f203081638555766&psp=IN7pd8aOc0wakdnrHX8gvet7OJkwkuKn3tKHFq2Mk6giScwkLVSkn49j6uex0ha0QQb7ZVV21B1hH2Vegm3-B8C6Tj_llDqvbdValTRLwLy1nulQbQjLoID3tEK4cN5rT9EQEWLv75K32duoYK22jebLbCm7h3VEaHl18YX4qoPstyyDn0OeoOvzdLQcB8f1tfK3hZIV8oAvbtmAGQwB5hHG2N2LQMOIewMkoLKlXHPNVA_7V1t2rDcLOwbrlUBe-b9zXwNq7uro5qfgLYCFqPGzVEB7S4QNFqXjPYwxRLvaPPaoFEtJlnR-QnuFvcBU3jbzpwdifw1iCuPWwMWKodJyWm6_RtFJqlPFvaVyfmQ7s2JyfxVt1j4H-5oHyl8GizB0IUFqQUWrIkdssnU_K0ebL4b5tibDdEmBwNRyt5vwcuPqJKYoR3I2Hq-7XPBlF4O4vaI5ujtthxAdkcYKi4o1YqDnyvTVDCE4x3mjqd84bVvBa2-AFQmYhy-tWWbEyMcnv5cHgjFmt7rIxe8k9s-SpQb_10IDtJ4W7cjAGy6KJxUe_VPgbdNkpql5KCPoRtAlzZzcLdJ8evMB4PIRsNmoLfAgJztvTx39AhsPGXSHKetEeBkx8hWUYIXcmkAUOCPZyHFWh-OuHwc_bsKSDoFmW4srdzqEPuQtYAnKoMYvJf8VUEx83w==&nojs=0&ix=0&t=0&x=1600&y=1200&wcks=1&wgl=1&cnvs=1&os=0&md=0&bb=0&pl=Chrome%20PDF%20Plugin::Chrome%20PDF%20Viewer::Native%20Client&lang=en-US&pf=Linux%20x86_64&cd=24&0&pload=103 Page URL
  33. https://517s61.reminews.com/dannig/common-player-arrow/index.html?var=1541501&ymid=2112031122274fcafbaa56428185f2458a1a&rc=1&mrc=0&fsc=0&zoneid=1601571&tburl=https://play-vids.com/?geo=nl&proxy=true Page URL
  34. https://kneeansweras.com/afu.php?zoneid=1541502&var=1541501 Page URL
  35. https://kneeansweras.com/?r=dir&zoneid=1541502&var=1541501&pb=4b3ab314b204a90189f2334c11f203081638555766&psp=9lTUFs1dKLUYtY9aPrqJEXBqlCpiPuVuZW871MndA2pB6CqLs9qHX3j0Rg1PSMV7tPR4rPq46lbZ8swkJTzWUOYbAibJbHNoCC1DMRtaYZJAhrCn0IN46LKZRNyP00xFLLaT2ZpgNdnNq9QVDT41yjD28FkgrcDJ6nSzTBsiC_dgZj7RZbM1iv-9oBzdRxuce6qjU6TbIBpGw-U8PWEcSw0ec7Nih41pYaL1DOwz80CcpEtfyCyxgW7-CAWHjplKAdwqMjyU_jwUuklS8GrRoMPXc4Oag4IkKy8pbbCxwyUR2W3HhRDHLsfarahSSFA1JkbrHgerlSckJQcrSpj-l4KqAx5EaQurrQ9YY_5Yi4Ef1ASbWQhPv0iptvVtMp-krT-75XNffPEe0fsioOl-Y9opmq3vl5sEyx09oMWm1cFTnMHR1Nt_SZRyNcMQxuKOgC9USx4Qhge78_WEfd0JklfzI4dko1fMHwOkb6Zu8n_mJqmZZxAl4uexmfaOgCbmNbvYmbyyHdF9s4XGGY8gCKdDvuN4oEuzA2aHzqmLXN4oLHtHZ1HuiYbKGQU61wXbwc7apBBdTiMrtsUHpfshTWM7517dCT2xbMaDFupnhl5UkJN65tm42pYz-RW5Gy2nxwZFRtYwm3Wuzs406s9HR3lQ7VZVwzca1xZtW65lSyzolWwpGQ2YYA==&nojs=0&ix=0&t=0&x=1600&y=1200&wcks=1&wgl=1&cnvs=1&os=0&md=0&bb=0&pl=Chrome%20PDF%20Plugin::Chrome%20PDF%20Viewer::Native%20Client&lang=en-US&pf=Linux%20x86_64&cd=24&0&pload=114 Page URL
  36. https://517s61.reminews.com/dannig/common-player-arrow/index.html?var=1541502&ymid=2112031122277f52732f6748c3aadc417022&rc=1&mrc=0&fsc=0&zoneid=1601571&tburl=https://play-vids.com/?geo=nl&proxy=true Page URL
  37. https://kneeansweras.com/afu.php?zoneid=1541501&var=1541502 Page URL
  38. https://kneeansweras.com/?r=dir&zoneid=1541501&var=1541502&pb=4b3ab314b204a90189f2334c11f203081638555766&psp=FLvT1XZBOiqOOAgHkTRIh8Iw-TwfXzWKgFXXOVZynBEUY1QZp1uJUlAl0HoEDFwYgdAMTpQqRbj4nfgZhvjU8JTMOavkyGS_5gz1pTasz57emE3c4J7d-FroSedYEPGl_rJ3HeC9DroO9tt96O8YnKiaWO2ynWIE9QB-W2bZs_wdngZg4hd1eZjjOgmAR7k9PhMsrqLrF6pY-MCkj-ro9cTadaPWPDVc8XR4k-uObJRu25K9A7P4Rqd2tC0O2JtYOH8ZtgjgwEvoAOKQbnqrTXgsafZHpXZM0LgmogWiKysdOs39GqxGQpMmCRQUrFHnzzlI5qxMqu4qFOlQ2cmYeehFIfnZbFBIbFHBV4U6gxjJrJrIZs4ID-Co3wgIY-nWSYDgsCfsMVLTPU2FL4DZsAuwsftPyS-V06mzIAzf5pIysi4x3GJ_7Ue9Xk2QkX52GkBneMhfkaRFiOeX2U5lzGy88U-ao3Q5QtMW566gAWIXXSQrwvA9l9hvh7I4tRok0xH6wdrScNzqNiXoxpJFTZA-qRfFyj93HuxOY91QwPf7MqZ54cKioVgLnQIB_hyvPXNNecR2o9ojla-SrU0JCgKt-HzBJcEvB9FkakA1ynryrKvG_AlVFpuY8AzQnUtHAzH8654nKFYlcUZ7PLz3B6DhtXkAc7Gq-ZfYmJyaH1E95-g-u4Gd8A==&nojs=0&ix=0&t=0&x=1600&y=1200&wcks=1&wgl=1&cnvs=1&os=0&md=0&bb=0&pl=Chrome%20PDF%20Plugin::Chrome%20PDF%20Viewer::Native%20Client&lang=en-US&pf=Linux%20x86_64&cd=24&0&pload=106 Page URL
  39. https://517s61.reminews.com/dannig/common-player-arrow/index.html?var=1541501&ymid=211203112245a1502adeec4e5cb4b4ca4fc6&rc=1&mrc=0&fsc=0&zoneid=1601571&tburl=https://play-vids.com/?geo=nl&proxy=true Page URL
  40. https://kneeansweras.com/afu.php?zoneid=1541502&var=1541501 Page URL
  41. https://kneeansweras.com/?r=dir&zoneid=1541502&var=1541501&pb=49bc048204b6abe9985c0cd8b82f5e861638555767&psp=4nMwpyErPv2cMBmP5N4GBoDmbUq7HXuSb8f5nDaPfrDztnPCxRoa7kcicT9zmwJzLBU97xqXzmkmxJhQLTOdks7OjeDrG7MenYuEN-0OxxisAknacwU_wAI28524GcnlhZa3_jxokKDme-HrEjs5j-_dG_aq_Vy2n3MuTkG3mjCoBi6NnZUN1u5s5XHwE4uGVBes22AXajwZHyl7FDkOXuQhp5NBJdNFXXI3tRHnCaNWfQ6G5Nhl1QEh_H8_yvbzvGVh7OeB63Iae-4w2q8xaNgxfJcBCbaWeLY21Ypx3iteviPsTawa7UCHuwwSv7-0RDQi7enk0VcWAuApChRK37jtVyEzcLY6Ee2aSqGPodnA3uM2WnI6ueOmyY5vE_nY_J-0JyjGPjQMoetwamJEACSrDiL9G1fVC9WmmowJLQ9hAKzsj7_tdCy6ZOlUbqnLqb9knG12z5W3OMoPv47ppuvV8BR7v46wr712wiHFymZb8nlcsdSJ2NEdlG4uakIkaOne8Ap8jMQf7B5OxYq8XboFOqq5ya3Bd2m35VEbAKExogqmDTDGxYHmr9ElEgi-H5rELPINI5UmHQ7XXXVKUzmoDt4GHFctCXUFQU6nlifi-hD5zIK4KZt9yb4wylZJ2ZkdY2mTEsG1ZqHwNujr_0vNmLyiyBMHEDZrSsDQEyoAudDksQS8Aw==&nojs=0&ix=0&t=0&x=1600&y=1200&wcks=1&wgl=1&cnvs=1&os=0&md=0&bb=0&pl=Chrome%20PDF%20Plugin::Chrome%20PDF%20Viewer::Native%20Client&lang=en-US&pf=Linux%20x86_64&cd=24&0&pload=108 Page URL
  42. https://517s61.reminews.com/dannig/common-player-arrow/index.html?var=1541502&ymid=21120311229d22a114d2a1412d80598a0b00&rc=1&mrc=0&fsc=0&zoneid=1601571&tburl=https://play-vids.com/?geo=nl&proxy=true Page URL
  43. https://kneeansweras.com/afu.php?zoneid=1541501&var=1541502 Page URL
  44. https://kneeansweras.com/?r=dir&zoneid=1541501&var=1541502&pb=49bc048204b6abe9985c0cd8b82f5e861638555767&psp=wbnJcY4Rc1f2udQfxEyLUkHRN6Ek3x96FewGv1nSX9vvviu2mWsMDsq8GCpy1VIasMu7V4FdTDSNrCIxlxHJM7fKAH9UE9FgPMXBqkTv0ZgrsuIPjijU_ItbS2Ir_j_lz73Jzy-zn_9o-x0-8meCWZ1Q4eV6qddo0y_gSRnQ7d-zzv3-kOemqeuTwmSxKHp5N8lNTucSjsntrESByTv3yBQSRnE6GjuQO_7PTyI45RcMr9-8A5OFVuzAT9uEFX_W9KwMIS19g_3tLwHp_VsVU7b2BB-fFQNoQ6QRS0D7aiWv0a1tlApwqiDlOb-aL7RQWQnS7hd1tCHWtFr4kyEo2G6w7rRBkXjq0KIETMfHN3vsTIWRNjR8dKF1_ElM1suJXGlQ37MWXcdBpmt7ra9I68zNumyhY_NgZeKlY3moJ1p_lgVN-U13enXyUxtBOkcRwh-XRkV8FRpCLEX84En9S0dB5VkgGKXg0dUVyYsKeK979V7QO9fcaK7E9GTefLtZ1WAwy5asiMeXHhCmn27xekAHu5lVA8fZBXOxG0P7GmvZiacq_ZdEcdcv6ULjRQuNn2cA3-EejHjO_bvo6xDd-vdlNT614Vg5WejSt-rEy-Zyg67AdxBRPceHqUPlb_LtXB25XfNzyy2Wyv-nCtX-K4Mp4qWzEqegg1sYkTmo5vazjG6oB2B-Zg==&nojs=0&ix=0&t=0&x=1600&y=1200&wcks=1&wgl=1&cnvs=1&os=0&md=0&bb=0&pl=Chrome%20PDF%20Plugin::Chrome%20PDF%20Viewer::Native%20Client&lang=en-US&pf=Linux%20x86_64&cd=24&0&pload=99 Page URL
  45. https://517s61.reminews.com/dannig/common-player-arrow/index.html?var=1541501&ymid=211203112231db1edb2cb24925a7d058a29a&rc=1&mrc=0&fsc=0&zoneid=1601571&tburl=https://play-vids.com/?geo=nl&proxy=true Page URL
  46. https://kneeansweras.com/afu.php?zoneid=1541502&var=1541501 Page URL
  47. https://kneeansweras.com/?r=dir&zoneid=1541502&var=1541501&pb=49bc048204b6abe9985c0cd8b82f5e861638555767&psp=D0KGVb1vnQKmqAibilyBaefqMjO3x6GeCmclXngGa1OCN3BHXSrZAvvll9Xa0rHcR39Peal17o5rH9PBGqA7yxxWko05kgYMH2RRj-u7fVVGiJPkZyf8d7zAL1yali8HvrIRIt8LOBLdJu8fcMuP04rl1fAuWRqpSR5GadPyFlLcSc6kqXAY8QKCaZNvK4jJKPa61Tm5phLNmzH6gBa8sla34R4zt69D4Kj4DF-6Sv3sW6AAQ9P3us0p5CDzUbqxOd1nXYlgFkJU7VKzD8ApzifcOY4vWg9Pa-KwEFlOgCVHNYZjIbC4eZuZLuaNWm2hs5rj2NN2UhrkklOWMxH-1X-MbffQNZe2jhQ-IIWP7wKg_mD0bdBKsyCMWirScCgxcDLJJ222YaI7elVZCUUCuIW-qPG1VhUPKYnaLoMtsNU_cF_liKjIHeGMO4_1GIka74uFIUBSV7pSNK68sTDa2sX3nz4qDFUXJh3s6QmAImmZ6UEMwD5vXKi5IvXZcaxOIB-cbRwanATjx9swXbh9WdjPHBVj_IHARaVGhMpOxb72ZNdZIGx1KYqN6ow-qIhY1An4KsPSm52S1rbic9IA9cyEdOPSlwITzJ6F09fcqwU46puscxLNhztf6K6gF47_c6hQC1-lv9Iej2QrL7Xwke_MP0eqVJFYwSDt_cwePcoKSOm0cdUlVQ==&nojs=0&ix=0&t=0&x=1600&y=1200&wcks=1&wgl=1&cnvs=1&os=0&md=0&bb=0&pl=Chrome%20PDF%20Plugin::Chrome%20PDF%20Viewer::Native%20Client&lang=en-US&pf=Linux%20x86_64&cd=24&0&pload=137 Page URL
  48. https://517s61.reminews.com/dannig/common-player-arrow/index.html?var=1541502&ymid=211203112299663c5f17f2476bb079b6247d&rc=1&mrc=0&fsc=0&zoneid=1601571&tburl=https://play-vids.com/?geo=nl&proxy=true Page URL
  49. https://kneeansweras.com/afu.php?zoneid=1541501&var=1541502 Page URL
  50. https://kneeansweras.com/?r=dir&zoneid=1541501&var=1541502&pb=49bc048204b6abe9985c0cd8b82f5e861638555767&psp=5Zt5U1-_irosRR5KckN8kFF6-wdDHRmBG1xp0IvRZBrSjqxFvuvRLDG1gtYaWOY4aGgSG1sfPWJuKJ-L3k77rb1b3C5hBhhNQZnfjxMzXqBTurXxRwwl2NeTF4U1802OFFAPCIIXiEqyPrmK1-Qv9WvgetRxDnamOK4I7HCX80GZC2xOa2PBCtjaLtXbTUdy-gjc3VRyr6Jq47lnF49wiUicau_eGSJfN7SM4wwkqupOzD1TlcA2HzIEMKskt-P1TxqVWQ_6JXioSyIzc5rVcJEvsffxwo_ROgzPW1gDqEwOz1TgtyD6MvNsRsCQa-_n6dpH6Hf61AYmNR7OZ-gJ1A7MRjRZoFV2A0LL0v4V3OO671nLtPhFLkXvQDiV9k6ZuMX_Wd3hzSTzTIKpDaQmJiOlbzXSvCRHffNCtvYdcHcws0MrjzvCWfHcKdWSBlaHuGOHPK1R4MKFv086FEvruuwuTGJwAwSQOSKq8_QpbO6BYgrOaIYosTAA8yh2TDYRS0NOPEnr5yefl-j3VB3xTL4uaTn_dCXKSphLMAgJU0YgIwy6y5fZePRH5mNKdZ-8KD7Q55Ioo_cMegF9-U7XoLIOSen6uvOkgVBumtOeAxwmUnyPgCQ6G2siST7sIsLmHSMd0ByvEvx5m2erGOSGHAT9cqzaj_spvEXWvlnVrGbfxI4BTkwCDg==&nojs=0&ix=0&t=0&x=1600&y=1200&wcks=1&wgl=1&cnvs=1&os=0&md=0&bb=0&pl=Chrome%20PDF%20Plugin::Chrome%20PDF%20Viewer::Native%20Client&lang=en-US&pf=Linux%20x86_64&cd=24&0&pload=107 Page URL
  51. https://517s61.reminews.com/dannig/common-player-arrow/index.html?var=1541501&ymid=2112031122e998f53968834be18cb6e3dbed&rc=1&mrc=0&fsc=0&zoneid=1601571&tburl=https://play-vids.com/?geo=nl&proxy=true Page URL
  52. https://kneeansweras.com/afu.php?zoneid=1541502&var=1541501 Page URL
  53. https://kneeansweras.com/?r=dir&zoneid=1541502&var=1541501&pb=49bc048204b6abe9985c0cd8b82f5e861638555767&psp=2p4v2-ysjKbfLHF95dOnipTVyUOxmMFKeT_mTcUq5o_TjsScAiQ6r7LF3HeTIeCS0e58bmA5PVHf5E3pt6_-Mji42S1aT-WaRNz5dfCstSdrt5cvBHOpmYsZN6YuPVQZcmjERAOF6zxO9Vgw0pdV2kVhm8hnRajEEzQ1V1ikDDKzTW8SXdh451GeD9U8FTM93FGZlkX-ntL4RF9MqLpGtwuwgcGtL3A_Iee994b0T23M-WjEAWyXWgKENusXUio2IlgNIquMYv0jEm-yNjBgGootO3jzDjC61K8KI_9MTknTH3acwUlLVji4M4BOCUjj47PwAv5jPiVh5jc38CVPi3PtlNSviySwEsT-TVKhpvpOjgaruFC0x1ws-FuFizHyZOpL6M1tyL-gPthYT6mxjt3YDr2wf5DsuuFmkBzEr-wG5mHr3r6k08L5-5iC_s6BpcYHS_eEmfchHwjB1_K_K2qh9EVeEqXe2s18uazZyI8jgtlw5__P4OnqZRLbNSzpaZ7NoKzX_cHbWHeLC6FXDWc1valhu9geEz3TvoBvN5JAjuz8J-mcfT2l8d0HMAkzstNzMy3uU_zX6wn5pB2oDIdhtcV0r9FHtxZrjTL13O0ICUpnte-BsH_r7I2bhjSKndOX55nEdCP6SmmqPus_q5OALF4Z8D7v5LFPTMu-QDYQ0nuhLGp1wQ==&nojs=0&ix=0&t=0&x=1600&y=1200&wcks=1&wgl=1&cnvs=1&os=0&md=0&bb=0&pl=Chrome%20PDF%20Plugin::Chrome%20PDF%20Viewer::Native%20Client&lang=en-US&pf=Linux%20x86_64&cd=24&0&pload=118 Page URL
  54. https://517s61.reminews.com/dannig/common-player-arrow/index.html?var=1541502&ymid=21120311227369fb040c354c76b9d04266c8&rc=1&mrc=0&fsc=0&zoneid=1601571&tburl=https://play-vids.com/?geo=nl&proxy=true Page URL
  55. https://kneeansweras.com/afu.php?zoneid=1541501&var=1541502 Page URL
  56. https://kneeansweras.com/?r=dir&zoneid=1541501&var=1541502&pb=50af4087681193594b5a3cddeff226c41638555768&psp=WjjB2Yp-JGaL5XyXYPoIzsVu7BydMz_4OWZAYFJw3VEoORkTD-xQRRdtZciecIV-ByDtaT2jmBzl6pB9D9myeEaBkAYp4zf4UQ4P5M6acTrUIle61PhSS-Uwfwi6UIKJWePfcV85IUp8jRrB_pnQRrxeJzE_wWn20nG7jA4pJJwC8M3kIgMs31pBGsUo0Q-3-eUIyuo4RtqLlAHJDqWkI03jFXVQBlHbg2Qhq-6AEffS0weLFzFPR0XERZnPwk3O0hAUUoMvI9QTdYSHKpn3ANWx7JnRaVgyrTrt49ZSofO1Gy6INdBxnP3khbi-tN4rJmf1-usdcOz-nFF-oOyCw1glILKMm6hVPxaqgqgpczxrb5mWD2KVv80TElEano5KhuDnlqRHhRwFVEEfamgYU_-5TTL9naH4y-i62V1mMHmo5wokYflecyzheq2GuGmRL7TGGreUY3V0Z_PckjJiocoo6QS2hZSejfyC78-JuDQCesevgzp102f_7v7HgtNDOy7guQ-rRcFmn43rw-UHh9wmWlOyfjUgPpDgeBxlkkKoDlnhnBxRtadCJqgzxGM-mnHmPNt6kMjhSm6EznovZfSUt8sWbAq4-gr9U7_MMkSlJUqP02dTbV4QVTelNY16zTpfpTh75_E95FZrm9qjfAWnN_BWtX9jdWP8aBPuFW26jTTKH312RQ==&nojs=0&ix=0&t=0&x=1600&y=1200&wcks=1&wgl=1&cnvs=1&os=0&md=0&bb=0&pl=Chrome%20PDF%20Plugin::Chrome%20PDF%20Viewer::Native%20Client&lang=en-US&pf=Linux%20x86_64&cd=24&0&pload=104 Page URL
  57. https://517s61.reminews.com/dannig/common-player-arrow/index.html?var=1541501&ymid=2112031122ea2aeef4464e4cb4b5d08c371e&rc=1&mrc=0&fsc=0&zoneid=1601571&tburl=https://play-vids.com/?geo=nl&proxy=true Page URL
  58. https://kneeansweras.com/afu.php?zoneid=1541502&var=1541501 Page URL
  59. https://kneeansweras.com/?r=dir&zoneid=1541502&var=1541501&pb=50af4087681193594b5a3cddeff226c41638555768&psp=D2xNXqlzY6qh48JFRpriZEas3TYUhwM3RAqz8jzLvoGUMCyQkrDel7awiAwk9cQbyOZ5pJ8lv6OS7-V2_XeYMaOLGxO260tk4VOa_oFb_YY1MWAEb_UFAz-xL5tsL81iSqFOD2OkumjLT1po1YBuGaNTgyjXzjoqI06Pvgn_L34FozeqxQgJWTAGEAThzV_yL7Pb6vJIrUorNqvtF64oCRWYqtxLd2jOtWyM_UTOQLyp5zGWpc5lNwOJLRaq9G6CmnbFsE2FpccbeQ1ZpM13CZLuz3Jd7eGwicW6JTtbaHyJlx6q9ZwEDTly45ECgzh4L2YIrhwv16vQnD_iaPogGV9dv1d8VHIyTPY-lyeNGs1gEjPQuGGpUo0ev8H4gPrXCe2tNe4I0fGAoDacc29O9uIqfx_dubhFywtoEM8bubF43LnVpIG4ahbf8tF5Ub5ENuJixOb5phezCfIwPwMJvOI4oZJUwbkTYxKYTy136WqWlBgtENqKV2CdhSvAktznY5Xf9wIrWE27Cmuh8MPChake0XB6cKyVVpPbhIvv1uza5ZfYhFaxryfqYWPCvqCaJTVMcjjQIW5hIVCRgF2Zkaof5xtn_VNKp0JYNMDw_uSfa13xAjrPnCmj2hw1O4dmhRCd0PN8ZbnUazTQF1-jbJhlnXVE1fjVFfiEqnjfAswMGia3xm11Zw==&nojs=0&ix=0&t=0&x=1600&y=1200&wcks=1&wgl=1&cnvs=1&os=0&md=0&bb=0&pl=Chrome%20PDF%20Plugin::Chrome%20PDF%20Viewer::Native%20Client&lang=en-US&pf=Linux%20x86_64&cd=24&0&pload=108 Page URL
  60. https://517s61.reminews.com/dannig/common-player-arrow/index.html?var=1541502&ymid=21120311227e7e81f802b54d7482686361ca&rc=1&mrc=0&fsc=0&zoneid=1601571&tburl=https://play-vids.com/?geo=nl&proxy=true Page URL
  61. https://kneeansweras.com/afu.php?zoneid=1541501&var=1541502 Page URL
  62. https://kneeansweras.com/?r=dir&zoneid=1541501&var=1541502&pb=50af4087681193594b5a3cddeff226c41638555768&psp=GBgZ3s-lMeW2V3iYdNxeryAEDg5jWxgDIgjRxtISyt3P9Mpz7_yq1vE7cG0zT8GcGTQ6RI3uFQ59Pteg_JnOktEku5ouh5naUKvqTQjbhVZVuHyzgf1y96nJtUuXYRZVwgeh5ge_8IUfwYy8Dt4aDJORZKdH7V4QBAwZbVdfJk0ONpaXDFLQX4RBHRfcCzNhfN_m2rG2sATPzmDJzJKZvWxS1xEtslUxnRTbL2uLgkBeezh0VAZLo5pfLIYew79r4clL-sJcxGKlkSNmpV57Yi8P85_kWDj_uuwE6_R6lovvrc7ooL3596CImoPSOtPQWbG1qmi3XhetSP-eL84Ri6T-DWij3UVUuSmfDEE2cG5KNDCQ0jbMmE5WmWjMvl2XEdG-q_7ZBDdNCcoqQzyqpwArfxXyKh55VlpPJfTxZWJz4dLHvx2nt0Nu3xLIU7rQuBHpggdtQEKoM6bpcBakYXxjz0B_y09IMLJeFM6Fl240c9SYQlAiuPd3XAQOsl0b_7pK5Cn3AvUVVBPzpK_2GDHcveSH9huJiGNJFSCS0rgjL6tdzPYvwusgJaiV1XLlT59BAfbijDKFfyz6au5cLFKwTjHvELZI2mpqyYmwdOolh9p7ptbwkt1YbbZ1zeJ6SerAPHJUL_UWs4yukjCbA9Om_rzxBfiTFGyUNcPkPH8izHywGJXIfg==&nojs=0&ix=0&t=0&x=1600&y=1200&wcks=1&wgl=1&cnvs=1&os=0&md=0&bb=0&pl=Chrome%20PDF%20Plugin::Chrome%20PDF%20Viewer::Native%20Client&lang=en-US&pf=Linux%20x86_64&cd=24&0&pload=115 Page URL
  63. https://517s61.reminews.com/dannig/common-player-arrow/index.html?var=1541501&ymid=2112031122e7e21bddb871437f9f46585a37&rc=1&mrc=0&fsc=0&zoneid=1601571&tburl=https://play-vids.com/?geo=nl&proxy=true Page URL
  64. https://kneeansweras.com/afu.php?zoneid=1541502&var=1541501 Page URL
  65. https://kneeansweras.com/?r=dir&zoneid=1541502&var=1541501&pb=50af4087681193594b5a3cddeff226c41638555768&psp=Bq_nWk2sXJisywEBjD_q-O78d0GQdwaGg4mArNcQPjaEQYrh1Dstr9TBbZ5i_ehaCvWzh2j_lxW_4KV9Y0xxAr3Ci4ZLKK3-Z20eNNgnibtH45CzSXLxnxKH_hd2Tl6_xdg_KjYu7IKvxQNNRCWarII6c-Z1TvhtEzODCC41Aj3gKht6yLvzoQYe9xyjhd0SYPd8guAgN34lH8CVfWFqWrpzVlNTRnaHuX2FdOgRtMpMWaf8by9Mxi9uXxnOsVmRSjYHYmzj9M_ckkuCtYbqCet9Fl8TTAqRqZMdCjmhYVMnRdS9F61Tx38r_uIKmpmgjdVeyNOtftLQ8W_4_IM9KB7n6-meDb3wGBF-yXg7zmZUH41fOiMkEDwDyVG20HgFaLLjiEVoCcT-5n_0Pw7_RGt-8W1rWtVmfjUPHcs6e5FmX-geMa70CrIRKiUcA6o3uU1JJvA2hlkvJGLHjYIArVmo6AvnqVJ4_QuXVCaWiLirgNgy92ah7S1IaVApGbzsnJCWeAUiAXasqulZTePtzvYWUfuKuBsmUIfwOm4l5wJ-Ik4JtrrLJymL2m9YLVetQTgpttzBGJ2YCey9VO--z90gNnAnivpMUYZKMfjmDcmRYJhLe7lSE8hxmema52TNRXOb1y2fgjpOZQDLTpxCYLg03StqdN54To52oOguhzwnGAzRdlhZKg==&nojs=0&ix=0&t=0&x=1600&y=1200&wcks=1&wgl=1&cnvs=1&os=0&md=0&bb=0&pl=Chrome%20PDF%20Plugin::Chrome%20PDF%20Viewer::Native%20Client&lang=en-US&pf=Linux%20x86_64&cd=24&0&pload=107 Page URL
  66. https://517s61.reminews.com/dannig/common-player-arrow/index.html?var=1541502&ymid=2112031122eb1231434b7744e7a37bb9403e&rc=1&mrc=0&fsc=0&zoneid=1601571&tburl=https://play-vids.com/?geo=nl&proxy=true Page URL
  67. https://kneeansweras.com/afu.php?zoneid=1541501&var=1541502 Page URL
  68. https://kneeansweras.com/?r=dir&zoneid=1541501&var=1541502&pb=8ba924a49fc342658365eb2670e52f671638555769&psp=tlogJFVVkeU0ya_z7m8nT8HaBETdSxjr1nfNwrIjtLsdoLhKcE42yf68G2vJfXe_QAXv4Ki5CKNBWKEIzL7faIwmNfQjAJ-wf3_4bxtSQdmbqXPxnDikFQPqYB100Q_gbRe9asaciWqEMVf_lmNXJ4iWsWIU66s0ohidT1Ni1lR4jCcFUjL5Dhw1o1QQB3_ddUIV5-6UhP21576YPEZAkM0MdxWKES2O2DIvfILqrs8wXs7xj0IvwgdmxwPv3U7jeYKXHUCjNFKD00eXeKtKeei8eUNVfaXFCjeN6ByTMCKFbReHElRGuNoXP17YSfmBdXrp_aTR25Gb2FvS6IcEZJ1PqETRDQ1ta3-Y8s2Q80vHmW3rzdvYfybdTyOaIWKjNRwxEmkKfqAWqMcZoSByRkzALRqNTrn1GH_GAn9018I_Ghohz0AXIgHpw_1Z2M5-nHGQW_b6ae08tFvC5RiFrPzQSULFGCaa8yrnSXnQZWtzsMZ4qf3wmfX_MLBCpQ8swbCT1rNxmABgamVRZKz-yNj9PRigN_HnQRM87Atj42FIfLREm_xS3BAcsYlfpWmMn3n83rka_gJP8QTJbUi0EMkGFf6r5v1QyMIT1kHF8m-07jV6JSOsFcUYjwjdpwx9uTXvgucQmqsM1UaVT7GCWq_fOPq0MOx1LjfvCpIGmfXUNixnMpNQNQ==&nojs=0&ix=0&t=0&x=1600&y=1200&wcks=1&wgl=1&cnvs=1&os=0&md=0&bb=0&pl=Chrome%20PDF%20Plugin::Chrome%20PDF%20Viewer::Native%20Client&lang=en-US&pf=Linux%20x86_64&cd=24&0&pload=97 Page URL
  69. https://517s61.reminews.com/dannig/common-player-arrow/index.html?var=1541501&ymid=2112031122254315e464524c0d9c2a16242b&rc=1&mrc=0&fsc=0&zoneid=1601571&tburl=https://play-vids.com/?geo=nl&proxy=true Page URL
  70. https://kneeansweras.com/afu.php?zoneid=1541502&var=1541501 Page URL
  71. https://kneeansweras.com/?r=dir&zoneid=1541502&var=1541501&pb=8ba924a49fc342658365eb2670e52f671638555769&psp=kNweiItDdJhDGXmYakJwussQC01B3HIr5XCMQoIT6pnrWP1pBBmaR0-HlwlTcR833azoTSBqBVkS-cj4uOO2jas0BDGwR0W8LWPTR6c-SGi0PoWtEMMlk3NnHDaImcm8yngFqtOofife6lJjp6gL0giWYN5Qi37XK93l6FwwjB90mReiIbvW9pFWfRTFYv9e9Ia1uRGl27c6QlFwAJ5eGnCJg6KjUY7-kcz2BWAOuanb0Sk1f2Jue3_mXIBaaWfsHARg-mBllJa8Md5Jwxe0R4yZ-a_y4hPwFvl2v8pf1zHppH11Da02_iM07Q-De3a23xx5bvhSMvX_VYCS3MNvH6K4SdAZKNgxp-sJ9u15QKaNyJGiq4y0kMSQ9XHSAKPy6--Zb9SPrmX1ioEyeCuhGjFdKrxYET07viZCa49uAfQifia7m7EmDKQtCrDpDwJ5EqaISehjGhfq8mKiq38mT4ghuzzbJxFWBiO8uyL_tfwLwsZAqIAgTkmi9X2zhm4_1xEkZqCbdc1E_gO7qGxZwvVk61FbsjX3mrEiVPpxQt91WxAf7N1cpEVEIq8V92vsM_UEuomWTECpfc15cA3to5PjG_d-6cFo4edTMlb_oAiZbJyzmerRABGmPcindHX_fApw_Ump5KOBFMQSDdYXWjT9w--6GyCOrRhPJTsMVKkemgDK44zu7A==&nojs=0&ix=0&t=0&x=1600&y=1200&wcks=1&wgl=1&cnvs=1&os=0&md=0&bb=0&pl=Chrome%20PDF%20Plugin::Chrome%20PDF%20Viewer::Native%20Client&lang=en-US&pf=Linux%20x86_64&cd=24&0&pload=106 Page URL
  72. https://517s61.reminews.com/dannig/common-player-arrow/index.html?var=1541502&ymid=2112031122fa05463c78a746e98acb682d0d&rc=1&mrc=0&fsc=0&zoneid=1601571&tburl=https://play-vids.com/?geo=nl&proxy=true Page URL
  73. https://kneeansweras.com/afu.php?zoneid=1541501&var=1541502 Page URL
  74. https://kneeansweras.com/?r=dir&zoneid=1541501&var=1541502&pb=8ba924a49fc342658365eb2670e52f671638555769&psp=Z5c0Ws_ReS9LRLdZPn5E5LDG1GO9f1P2Tc8VDA4Spz8yKBS_YwM7psiBqnDfKETXFzCce8P5w5JFuLgZ00JhCp4bkaT57u2Wn3Zr-1ToDX95-OrdLOyXeTGfecCiNf-bDqtck50qFPFfMR5p0NHGSQskOpe2LLdT6wt4BSsh3bT96s-x8dfvlk9IX7rtFPBYkR6rG13qEK_ZhczlHuS-Ev4xHmMmvrFUrndyuzkM0xQR0IeqLrzYn_xkAcSXbhbfr2Ofc_UVnm-oauDqm6FRjRMb6ax3fvPfUHjtQYT3NZ7yDOb1AQADzA_lJ1HyNXKfD0kp8997eZ1EoOFqvbCNgvrylXDsBHxPMBPcW7OUoaRwohaYC7fzC-CvXDPIYc2DOHsKCFpdWp_FX1C0CDV4VuuvOnUenROAD4811ciNO76uP_i7O7Rm3yT028GhAE54nkehGhMAiLJboepmYiZ-ICzfTnkfbl1bmA1Jlg3cGrThA-gs6yKkMZ3TA255_ia-ES-pEyZ0C8MLEiD0h6pjPrC1h6DPIB1zlpZgOh48U07E962yp0N3P1hqDZu_-fYlR6J20M_56iuBr8EnuYysl-DKbCYBRrDyu4LUXCo92JRkxwFlS_xOSR69G5lXWtLeHkAx5zL_A-kmT8R-Pse9vua8ACavD0TjFIUmtID4UTsbG6btGoLXMA==&nojs=0&ix=0&t=0&x=1600&y=1200&wcks=1&wgl=1&cnvs=1&os=0&md=0&bb=0&pl=Chrome%20PDF%20Plugin::Chrome%20PDF%20Viewer::Native%20Client&lang=en-US&pf=Linux%20x86_64&cd=24&0&pload=103 Page URL
  75. https://517s61.reminews.com/dannig/common-player-arrow/index.html?var=1541501&ymid=211203112294cd4383d5724eb7b906845955&rc=1&mrc=0&fsc=0&zoneid=1601571&tburl=https://play-vids.com/?geo=nl&proxy=true Page URL
  76. https://kneeansweras.com/afu.php?zoneid=1541502&var=1541501 Page URL
  77. https://kneeansweras.com/?r=dir&zoneid=1541502&var=1541501&pb=8ba924a49fc342658365eb2670e52f671638555769&psp=uCJqrVni_O-6YKPmaSFgmGRoC4XOsBNwBXxcBtL2j0cwSAwcH1sNgmqUhe5oNlLgfXLobZwALPLYvtve1lz-WB1t3BLkC3MryGyRvV9uzc9krnv7hEzpjRUUqVL4ujWRz0wWOXGqa_b0DH_eNrqDbsgPMpbgcwc7JReKYu1iaCBXGkooaiaxsl8TMDQ4BExRuwqX_88Wy-HVzV5oH_s8EJrJacU_9lzIiOksT9JMwjZaufh6yivxNaIBYi61PVi4AmX5c15TSe-dzGSfMZi4voorceh7mUiWg6k2N5BwZv8JCRQOC_P1fSwbm01mVm39YriQrYbnVSahr3otStdlcuLMalKNyuFBG4-sPxY5TK0iRsggy8qookU5yfx5rMp5Xg7KakHDdwDZJ3oYkCkTS4cqp6RV3UDVE9OtHmJ8-i94WD94xdvyFX7xbUQjXKMy_ccuJeWoarGpzdPlOSr-CbKxHd_yoWYgvyEEElNmtarEY0TOvXZOSfQZydmHurufXhzPV6kt4TSOXeLupk6-MHxe_OOqQAAn4FKLZARucAu1AGU9GcKF70OjqtLS-E8b3NhrikLom5ftTK4-qv7biM-rMRfW5Iea23AomtkK4oumRKYwJj3lLqouUuvbSl5gyuP987uUivIuXzRMdYnR-BniOSGOaYeJFmfFh0-0JMm84jMTo6111A==&nojs=0&ix=0&t=0&x=1600&y=1200&wcks=1&wgl=1&cnvs=1&os=0&md=0&bb=0&pl=Chrome%20PDF%20Plugin::Chrome%20PDF%20Viewer::Native%20Client&lang=en-US&pf=Linux%20x86_64&cd=24&0&pload=115 Page URL
  78. https://517s61.reminews.com/dannig/common-player-arrow/index.html?var=1541502&ymid=2112031122e8fa2be1b8e64aafa7b4a0544f&rc=1&mrc=0&fsc=0&zoneid=1601571&tburl=https://play-vids.com/?geo=nl&proxy=true Page URL
  79. https://kneeansweras.com/afu.php?zoneid=1541501&var=1541502 Page URL
  80. https://kneeansweras.com/?r=dir&zoneid=1541501&var=1541502&pb=8ba924a49fc342658365eb2670e52f671638555769&psp=5EHkrlSeuXTHML_Xfz19JxjFDOUwppc-fZevXkTRNsw1F2GWDDj942hcnZxnYYrRseKJa7Hm6eHfUtUGS8fdk-nHjUSkqwwuD6klCX9MWyX4oEQs0NcN-JY35HVhTh63jEuKjRjRggYNSR_y1Blk-LHaBAX9Dwhc6onrYNsbs7adGJrjIxD2gvhYohznavKI8ITSK4QHTnBukOMB3n3E-Fl3sYJEko0J8zFOGxHCUcKVK77nNrzslmYa_a5A0MaDDK54dbo_d494jIF93e05LWroh2_hgGvVslaAn2UD3Vc3OsKd1gXzPC-WfaT-ivj41bBBI3rnGOg4Ryr6-U41DwNoW_nbGCYcx2bt1hzzYn-8bMK4z9-AEn8-gJIkCVi5suDVJj3HJhUu9bgmMH6CB-DfMT22DToPNXusDE8eWhN_aGHIWiTGpS3RTxFswXXhgAjK29jFzbHVlI0NsUNHbhEKWkcgwh6ukGaDxtzoLhVcC8xaX9Bxo3sKFvHmQ8A_Do5MwerH55bYQjv7sJhaW3WfVocplC1QyMZDP2ZrvEBZ1c9uhXo3gqr0XsAc63v_GyNWdwkwXLJpoDbW7pEucr35iprZip0NVTLNrOoJOm_uJij3DgGQ5JC2oiU69OWW-fUbHG3AofV5mlmXWVOAr_oFVmIgzXmVig-_o-ENR7evK4RTc9mdAg==&nojs=0&ix=0&t=0&x=1600&y=1200&wcks=1&wgl=1&cnvs=1&os=0&md=0&bb=0&pl=Chrome%20PDF%20Plugin::Chrome%20PDF%20Viewer::Native%20Client&lang=en-US&pf=Linux%20x86_64&cd=24&0&pload=98 Page URL
  81. https://517s61.reminews.com/dannig/common-player-arrow/index.html?var=1541501&ymid=21120311221bd67206821a42408ed01ec4ed&rc=1&mrc=0&fsc=0&zoneid=1601571&tburl=https://play-vids.com/?geo=nl&proxy=true Page URL
  82. https://kneeansweras.com/afu.php?zoneid=1541502&var=1541501 Page URL
  83. https://kneeansweras.com/?r=dir&zoneid=1541502&var=1541501&pb=70810cddfb84509069dc856b272996991638555770&psp=9GfiGThdeSTcjBxEBdlvGb4KEbfI14iAYkyfu3ytqcItFab9SQYca59EkhZ5O0KRf1xxiNUtkqP1Pxb-C9ROQlPoeYKIKIIv3qIg7MplZJpdURlcZK94O4OqJuPby2KnBwhojG7wKddNepwzw01UIqPfdysE1O-c7R1VD2LDL_txyW0GjAn2IpjpMcZurlhy8exW9CCJxWax2bgW08JMqcTJLhDmgcJoXAtosrRkYTWkGBsg5jBbE1tnf5rY0l7ipeesDNIUJ6ZgEU3fsGgRbmI1rK0tGEbtnXqpgVAXJMrVkrtgE8YBM5NPvUv4YHY0YMM7czfEHkTl14pSOqqyy5mDY8C_wNRzE9fqvOBauyNsUU6Wllvhpg1DzABVI39YVahDypSUn12ya7dWhXZh-EiBVvMY8jtVnNVgtBhu9YQs-BDGZ9x-XbsRriMZqw6uaI-EFZmgNEiIUWYIl3rxcAFFTITDMf7IaNaedo7shdSpQ3zvtAKHh2C51lzZjZ14htIj2-eLqXIZhID4BZkJfcJ0UyEmbbGd40XFSpVjA0cTMlfRD9fYlfOxuSKAeZA7uVZ_0Amk5aiGA67JxuOdaYLX7s0yIQXfPOOnFzIvtfMJiB0rLzJtg4GDPMoAQkdZDuTeeHuoxl2MYB6PoVCSjWsECB11jL-g1-Pe-UYFB7hixW4cmM5wzg==&nojs=0&ix=0&t=0&x=1600&y=1200&wcks=1&wgl=1&cnvs=1&os=0&md=0&bb=0&pl=Chrome%20PDF%20Plugin::Chrome%20PDF%20Viewer::Native%20Client&lang=en-US&pf=Linux%20x86_64&cd=24&0&pload=98 Page URL
  84. https://517s61.reminews.com/dannig/common-player-arrow/index.html?var=1541502&ymid=2112031122732d83ce502847a8aff7e74a91&rc=1&mrc=0&fsc=0&zoneid=1601571&tburl=https://play-vids.com/?geo=nl&proxy=true Page URL
  85. https://kneeansweras.com/afu.php?zoneid=1541501&var=1541502 Page URL
  86. https://kneeansweras.com/?r=dir&zoneid=1541501&var=1541502&pb=70810cddfb84509069dc856b272996991638555770&psp=L6YC95qVmEhjeYigZKlf3Gc_bnEkOUAk0zmuZ0E5UERRQN1ePjJgFYFiRvdmzn90iAUxGz1gaTiVAds0GXZEs6SE7LayZ4sZFaejBP1EqkqgDHuiexxdd5uyj-CdYVS8nPjwQV_3QbhVQTjfgz7w25io_OnZL2-QzGaFF1-X16ZBGAFG8tXkvFCOZ52eE_SxYdcBLviV5s4PhqZDuOZ2OH64f_Nm7-WenDoDrqGNPAfy4YUpoLFbL4y5nJ9qtzPHfGH8Ya3tSyezgAa0xLkvWng3sc5RNwfF1asEgWsTqNDC7N2Tc_i46RLCiQtZ12e5akmKYjwg7J0de5ES3jWY2UgimH-eovsxSs_xSOM0vy-lpDGLvKy3ZH7sKDRAI3DLDFonOkVbO6T14ziBoBsvnIeIvJL8ghYPdiysUoc4V9ZK5_zct0ZLFKHv_xLyZ8ZSNOdNQ65SCEgooXb35kd-ilQJLluq5BvJFwHhBaOl6O4vecb220JN7rZTqbLi0kF_EKZZZ9KBXH9CZoo8qm_pjY4sWf1_PbMN7yTUSkKNoRrCUk0Z5n-12zENStxBTbJ6vL9t55-pCHutTX7BGeGSma9jvXlrnOrFAetR-q9v0fa-jt-1vB1bpYXTnB6m_EnO9bidJwuwyhZUPYtLijtavDFM7pL47I22MqCb3IKtyF6HsOEiGZej2A==&nojs=0&ix=0&t=0&x=1600&y=1200&wcks=1&wgl=1&cnvs=1&os=0&md=0&bb=0&pl=Chrome%20PDF%20Plugin::Chrome%20PDF%20Viewer::Native%20Client&lang=en-US&pf=Linux%20x86_64&cd=24&0&pload=103 Page URL
  87. https://517s61.reminews.com/dannig/common-player-arrow/index.html?var=1541501&ymid=2112031122449f6c7828024b9e8c22cbd145&rc=1&mrc=0&fsc=0&zoneid=1601571&tburl=https://play-vids.com/?geo=nl&proxy=true Page URL
  88. https://kneeansweras.com/afu.php?zoneid=1541502&var=1541501 Page URL
  89. https://kneeansweras.com/?r=dir&zoneid=1541502&var=1541501&pb=70810cddfb84509069dc856b272996991638555770&psp=16ro4R36VscLIdbOjWFeH1i5BIc6S38o_bIn0ztTlTd-95rv7w3PuKhsP4wmYXGr8WclkKG21aTTashNlMwq5EWsBkbcJ-JhlnymFIapCsfELs8QkAAJUVhfxK847ZgGCVr0IxWN6K1HcM_r22IGWaMglQrk2M63ef_4nrt584TUcAAPmQ96QHFH4EkGcWkP4uKF_M3Au0n8FDnZHFUGeq0AmCvC8BBklORk_qW4glYTqOxjoSP-FI833rhXWuN_neMl17oAPMv0Y-5__PPkFf6JnUuLO0b3VF3xW_258cCiLwJ30--HbZ4RKsdcQi5RqV-3fhxBNihkF1E84R5AIxSQYrSEn-6Lqj6hyQv12CdOBiielUs8VnrME2m1GlIwWPJ4CjAwlgEufnIuQJVwVN1PnP7j7pnaQXLlsWRJdLLq2O8VfusjIRZ1-lD8Qdh35vNMhyAC0BY3LoGBe7Zgyp-ba5l2PmmFWZe2Y2lOSIvG96bk1ZUFDeH8m4j1LdN56QYpAqYcxLbHKh_6jM34iLTEG-_PQwo3LUFCUjjBBzGk-RDD4zATXs4UY5ZLooO7vP0qpLTZsuBnVUke-9aFGyw-lgbN2cvKJ5tv6jAXrpY25yYA5gPyUe3F6BwkxqBahA0xtEYzP-wKIaEVhcjT1RQG-rUtAOvusEKAdswjZ27JIer6XySs7Q==&nojs=0&ix=0&t=0&x=1600&y=1200&wcks=1&wgl=1&cnvs=1&os=0&md=0&bb=0&pl=Chrome%20PDF%20Plugin::Chrome%20PDF%20Viewer::Native%20Client&lang=en-US&pf=Linux%20x86_64&cd=24&0&pload=127 Page URL
  90. https://517s61.reminews.com/dannig/common-player-arrow/index.html?var=1541502&ymid=21120311220ebce5751f024acfb4f3d5db53&rc=1&mrc=0&fsc=0&zoneid=1601571&tburl=https://play-vids.com/?geo=nl&proxy=true Page URL
  91. https://kneeansweras.com/afu.php?zoneid=1541501&var=1541502 Page URL
  92. https://kneeansweras.com/?r=dir&zoneid=1541501&var=1541502&pb=70810cddfb84509069dc856b272996991638555770&psp=-KSJ3SKRD9hQzFS5o_H1TdANqp2A_nZUJGcOSHrNi48f3Nv3ynjFCYMFJKCEvlJ-sfr3eibiycHnpyGX6kKUEFWSy62NAGmHI6SrwdaMgI6OjDU3c6jWnEG81L9_UYwJiA31YdJ1v7pnActE8FhygIg2wv6rlQMdl31j-3N_bitHsAJGMaf0dyWv9wBFYCr2jhDuGjmF4v9WJ37T19alwB55g9RvPnA2wexKr6qxsRt4tClTBG1qK33_PlhhsrBKG-D6oGlD674fQDcyVPW0LqmwpesLHkhW_dQXQEQhQhkMQl_-9pD8noJiERRIpdoAlgdy9h294PUk-GWj082j5pQYY8CYgW6qbhTIWYOK2YZSbWcZjSTLZrM7ysxqte8ig0ceSQEtBam0S4MM-jm-iL0SmC8fJSt9dSBnRVdWclf_pCsXqeaSPJOxADzHQGirVBkqkIOJ2uonVNqp7v0L-muLyrQC3rJ5imJRy7J5pflXubxt3r_EprJYxLukl1b0exlGl60URLHtBZBBiRAkmjUVlEq4NoOAYwaGrpD-wvP6ytzRqCr3nDCUErRXNNTZiGYMzUiKcB0sz71Odo3otsLYb6DqQOYDJ0CyFbdw7GjcmoY86qi0_s8SAkHYr85lcAwTspPRBK0UAGDUaZ6gZWlzoxl2rIjEOn84BNFLdgX5UGnkhcpYRw==&nojs=0&ix=0&t=0&x=1600&y=1200&wcks=1&wgl=1&cnvs=1&os=0&md=0&bb=0&pl=Chrome%20PDF%20Plugin::Chrome%20PDF%20Viewer::Native%20Client&lang=en-US&pf=Linux%20x86_64&cd=24&0&pload=106 Page URL
  93. https://517s61.reminews.com/dannig/common-player-arrow/index.html?var=1541501&ymid=2112031122cc5adafba0c8497ab6a3e04335&rc=1&mrc=0&fsc=0&zoneid=1601571&tburl=https://play-vids.com/?geo=nl&proxy=true Page URL
  94. https://kneeansweras.com/afu.php?zoneid=1541502&var=1541501 Page URL
  95. https://kneeansweras.com/?r=dir&zoneid=1541502&var=1541501&pb=70810cddfb84509069dc856b272996991638555770&psp=l6ON0LDJn7nDtsyBr45e_vmoApPPftlAZOZihexME3gujG6SZCXCN4b_Kf73C0_CPKG8K8F2nA5EmF8WVb6eaxR56eN1UDIbBrfNk5kfMI1dWKingSbYR04zEDC_PpYucpvel2DovmNXIVig64VU4Xoe5umbJOYhhq6wX_U73Yr2eZwAE0ldvc0N8GaKgXf5ALcJIvff7HRMblxACE5i3ZVgNiXMz3oNAzpzLb3FHkE7RYiz1DtImFnnmZzGYlEN_4mkQjT3plhg97l5z6sPUXomQH8tBP_nq2cExAczERQZnlJpZ-z8QyfH9Jp36vbvsnhAf16zA06YX-lS5mLfI6HZzxBI7FSMjs9EIk1zg7uEMOW8vpwBVlqTRfGavBEXdpW0A6beE-x7N0hti11jGjeKrmQbY_hrmLVvWY_FCZsJ8OLlOVenC9mY1A5IbW3x3k7m2ly9N8awsTiWs8WGPbxjZrk6lA0x2sn67Gluo94Km94-p8XqEInPTErpBrOii0cHJ1j02tg_UD85yAGc5Rve6hOzBQnB5Cqn2Qzd9E6aZ1LFIWVtf867qmJF6vMY8NxxmqYvmx6UBW2pXCga21dzvaQpyZUNyDY-OuXYnjC8_bRZZxtAdgy6Wcg0AE1QFe6yDS4i0NFHA2SwEn_hk2NmsL0o8KSjfqjStT1AYCDnXkaUx8-1dA==&nojs=0&ix=0&t=0&x=1600&y=1200&wcks=1&wgl=1&cnvs=1&os=0&md=0&bb=0&pl=Chrome%20PDF%20Plugin::Chrome%20PDF%20Viewer::Native%20Client&lang=en-US&pf=Linux%20x86_64&cd=24&0&pload=99 Page URL
  96. https://517s61.reminews.com/dannig/common-player-arrow/index.html?var=1541502&ymid=21120311220885a0570f6845089268a5447e&rc=1&mrc=0&fsc=0&zoneid=1601571&tburl=https://play-vids.com/?geo=nl&proxy=true Page URL
  97. https://kneeansweras.com/afu.php?zoneid=1541501&var=1541502 Page URL
  98. https://kneeansweras.com/?r=dir&zoneid=1541501&var=1541502&pb=84c607267541a81d905712c7293cba701638555771&psp=MsILgeUNcd_UxlW8wzeA8TXUuOoprGWLkfTzLgUGHESxgZeyjNxoddAIYDwZtrbVBzEWvJ_8LnypfU4wESo14kzWT9RDEXuAr8c0DHN1jLUq6sLcTjrcLpJosObyFmKN-83wo7YWc5zD1b1uECPLXyutk3zAK_z5FO_PSN5vMurKXn8c1fanLr_-Aftkl-8iDB4LUO485TS84ecstS3R7DmjvtqoFMi49mfIbnAogIxWEwr5qyOCKacYrHRFOY9DgUk_9D7uyZxDNWlpmCwXD7-J5PyHMbGI9yOwESb-NFX0theMcfIjZDh5fWBsRreKIZAKxXo4avAtt5lEml3mp5akqMYMkOXFGLI-5St47Wvev3-KGkMFijnB5BD8T3a6xRv34M8anozjDenthfturLNWu00LeTN7AUnfKox-Wkz00j1wcWdncCH2B929F334F7imw7qjoOTCtnmIUnVCFFob4xDCPYl7ZVU0IoQmL1dMS3q1eIrCRAARN5c7BpLtCa_h1Z-Ju9aq9s-VUkTf8ewWM5jgvwXu5VPLN77L-miQ16eTA-9p1pbokxR0N3f1APJZ5CfhasJoBzTQO_zplJY8m6lK97DpTktIauF4Os3GkRnjXUt-cMcFItwjCBE5En5XRes9dSTLmyQBlOTFqnLPZoEoSpgJ3EQDC0aDVyrFbNokq42sBw==&nojs=0&ix=0&t=0&x=1600&y=1200&wcks=1&wgl=1&cnvs=1&os=0&md=0&bb=0&pl=Chrome%20PDF%20Plugin::Chrome%20PDF%20Viewer::Native%20Client&lang=en-US&pf=Linux%20x86_64&cd=24&0&pload=102 Page URL
  99. https://517s61.reminews.com/dannig/common-player-arrow/index.html?var=1541501&ymid=211203112292ecd42026494439a23b314160&rc=1&mrc=0&fsc=0&zoneid=1601571&tburl=https://play-vids.com/?geo=nl&proxy=true Page URL
  100. https://kneeansweras.com/afu.php?zoneid=1541502&var=1541501 Page URL
  101. https://kneeansweras.com/?r=dir&zoneid=1541502&var=1541501&pb=84c607267541a81d905712c7293cba701638555771&psp=AK3CCNgmBrZhBzln8v0o_gj_HG0Z8DB6MHdsM4BvLpErj4im33JPRtIeH5a28MsNWNMWwuQaw6xNTIrkwAMpIOdyFllcYs2t2Vi0mRFZmPT36gVVZk4kw7HK4iukZUuNuIMISnYODapZfwdNKfRNCNcXGOcuK5bcCzlIurLYgQPn4oD0epnj01znLb9_epSNKop7cI5bn4TocYP-8xEKzSnvDpfpxZEBeIq3Szi2G2TZ43mQuu0QXtj6Ea--4upBy3Dwdq6Co8uQF2lNN6r6lYos36Y0aHg3wPZxE9njh2Jg5l-hQqGwoLL1zs7QD1vW-288OMmuShJmFY7_2_AiKw_W1xTcW0BDFYS5_qU-9WbohEJsEPuUKZCyNLneYbJ7PragnCL11KF7eICWKP4EXupdkTZlVL0ACwbaoMq-64nLnLVcMaSdKcVGkj_qdwmtdFbbH6yzrciWtAjwHWpStGpGErqJfdzebTfuQ4OP0e-gzdJTHhPOmRes-v6pyhtdxvca4bcj_nwbsnomRgLMVq1TFxrPnyA6BdbleAvJbfhp_KK_VRk1Zk556N1wtt1gm77Z0wN4jP65Zu8U0LowRa2FZcWs_Fu81U0HHoozAOBx0imwSHL0xIYOZgXDVlpdk_gv-i80eFv6TVRfpzQErmIknwxcatRiBZaSDbnQLs6sgFzXLdjecw==&nojs=0&ix=0&t=0&x=1600&y=1200&wcks=1&wgl=1&cnvs=1&os=0&md=0&bb=0&pl=Chrome%20PDF%20Plugin::Chrome%20PDF%20Viewer::Native%20Client&lang=en-US&pf=Linux%20x86_64&cd=24&0&pload=121 Page URL
  102. https://517s61.reminews.com/dannig/common-player-arrow/index.html?var=1541502&ymid=211203112296d253f93253445e822a41d5d9&rc=1&mrc=0&fsc=0&zoneid=1601571&tburl=https://play-vids.com/?geo=nl&proxy=true Page URL
  103. https://kneeansweras.com/afu.php?zoneid=1541501&var=1541502 Page URL
  104. https://kneeansweras.com/?r=dir&zoneid=1541501&var=1541502&pb=84c607267541a81d905712c7293cba701638555771&psp=Ovg9DZGV4nB2Mr6cXC4aZ7RMVOCsEI2afyuRuvZVzJrqtyB7xAv81hHQ_qPmc7fhuy1TtCxNkg-CjN8tk4ICbb37mZzLGp8xwQGeJbWjVZFWQpinf6RB-XVkrdvdJPH2eC8ITlGapTv9sJQ_hyXYRcZ1k3OGu1pJw26agM4AMN5l4pcpXoOLRFMMTnrTr8vyy1skB_sntluKdiwuN_e3ClSiwONUlPTTKq_1XrNKW5tKemf5Ldu7hOo8u5T7g1BjG90p06Wq6IuoDRYB83nrPPs1D-xJyvLvd-VHoAtRWuWVM4URWXj3gQ_unDuJZEEJMMbcGpWXJAMNKYRU_h1WTyki5NNq9QS66Zckz3LSIrYwUleDG0yv_Pcdvs4WyCTlcDRMvkfS7MZj0o3IXm4w9DjO0AEVdZp7aA-ttTbJUFx8sLFaH3hE8UThZrpl88THngFpTVBtTQzjpOFfnPj71rK6n2uvTx9oCxAWpaLiGdz2lDeU-fAcbqt4PhEAU1uduqhpx_tco8x5AlzzQHVyWTri0qVuWlzEP0lpGIyOkjYbijd72Zafj9lHB3z26VGtWfd-O4lBMYpQYUVkOTqt8hWKnizq3GcaHKUgLlkf3FZ7AFijqc_lSpqSSxFzIMD3ex5P_Hy_1Xx1jP_zZ4q0ez4kEkTSzMbRye_2KRMbDbHj9FESgk72Tw==&nojs=0&ix=0&t=0&x=1600&y=1200&wcks=1&wgl=1&cnvs=1&os=0&md=0&bb=0&pl=Chrome%20PDF%20Plugin::Chrome%20PDF%20Viewer::Native%20Client&lang=en-US&pf=Linux%20x86_64&cd=24&0&pload=105 Page URL
  105. https://517s61.reminews.com/dannig/common-player-arrow/index.html?var=1541501&ymid=21120311226fceee06adee45e1991f51414c&rc=1&mrc=0&fsc=0&zoneid=1601571&tburl=https://play-vids.com/?geo=nl&proxy=true Page URL
  106. https://kneeansweras.com/afu.php?zoneid=1541502&var=1541501 Page URL
  107. https://kneeansweras.com/?r=dir&zoneid=1541502&var=1541501&pb=84c607267541a81d905712c7293cba701638555771&psp=Z83PonF-QQALtPi4kqzLKZzkLMt8LRZ87xC6SlSGQuh_ecdzSnpDGf1RfA4k6QXNGhH59ZzL_IiT4jCVa7sihF8_LFBbtWj6MkkDLx69HsZwdFqK8awXSXORaVPaxgALyojbuNrMB-XgO9sLri1EAXCjouVye1ASnnyKrbq26_zrrBbL7d_WGWEl77wCBHYnShxG1RrYhZkxLSpA1SUuJZ2z6odgDYpXWV6M5HrQXM23DrY5hvKqpLhFj5zKtU_hPG4kzd9sXy5sjWCBPcrTUk3OTswSKrwXSX3p3ZGQc-0rMiqrpyao5rznDmz5Xje9wDE1BFuYfAIhJtAzu7oEBcu447AszbzI1UUqWrVxoVasQJNQhcrC2XF2slCZxod9GMSMg_0OjDmJ4Y7PVqoh5g-k0GcJm_loOq5EEYaDGHWfanPJthQ0TSnoFg7S_CHaXpoqbnuwhTQWWXB8p99DZFbfcpSPhub0n3dM6aPAWB2RFukso2_6ZU6IIWkcDxsgtflMPHb2g3wlq33bt8KnxHqAsvoJL8yUecdlS3HjzV02h-Xdi9eSzrRF8lbl95fSoPPZF8NazS7huluzXzZwhikqsb-unRjwioAPAU_6kSM_HzmMdrNZ8RrpLhmWAJO9HHh3xyQnxVgPvEJff0idd_pIfC7WM6a8bGr-f0EerxnW681nEIf-OQ==&nojs=0&ix=0&t=0&x=1600&y=1200&wcks=1&wgl=1&cnvs=1&os=0&md=0&bb=0&pl=Chrome%20PDF%20Plugin::Chrome%20PDF%20Viewer::Native%20Client&lang=en-US&pf=Linux%20x86_64&cd=24&0&pload=102 Page URL
  108. https://517s61.reminews.com/dannig/common-player-arrow/index.html?var=1541502&ymid=2112031122d30455b880db4772bae2061f09&rc=1&mrc=0&fsc=0&zoneid=1601571&tburl=https://play-vids.com/?geo=nl&proxy=true Page URL
  109. https://kneeansweras.com/afu.php?zoneid=1541501&var=1541502 Page URL
  110. https://kneeansweras.com/?r=dir&zoneid=1541501&var=1541502&pb=0f9fb7e3891dd6b84a453baea88873541638555772&psp=rBi18Vmo7gPUMAGXxMtGMSrRwzJgQf6G3FirbS2O-Xh8Df8BIZJ4HfXOlzXqZhRL32MFOqVdHs64lFH7xqaOB-Q3Mo6i2kMBeh56OUZ-F7Zn8RC0mbaEkhBRlc20UwW3-_0yQoEusGMHtdWYKsEQdh-ePY47ZZIXge3h7KaY4v1r8WE9kIOl_4qnR0d7M2fALqigAuA-6Zhs88zNZkpMGKT52KfOxBzoeA3G_Hz3VasnqqTmKnUE0PyvdRkQHHvGiqpwCnkb_8fNOiIeCj5cIbtxv97Rx0fDtuEU92d2K5DwJLIu8nGdmWcV6qHQgmO1jgC1CJGzitVettVBay2rji9QRKHnvjYUuLZSGo3TBN6SdBR4qGnDc17LBc83B-X2-JzKTPI8PG2-9x0oemgrrqXxteoaVyIkA9MKSPiDpmrNQerucWbDbBiX12dvMK18fWm1beBTkQmEMMBqzFhEJEvae_Vo5U81pqhVURDm5r0m6tOP2OsjodEuKnkt0a8V0NQ-yCNfZtNA40E6cauZEfND77fWptvJv88BsVSBGlVGhSbbQf5wc363cv2rhQkPAXVcTHxkcgX2a7jm8XeybR3pSdqd8FSt_RftErGzkFCt6_D0ZzT_ktwpYaN_hoTlU5AI0upepAUWHBFurxh9FZS69uEMOrLImgGJVmnaw2kvLNq8GMrw_w==&nojs=0&ix=0&t=0&x=1600&y=1200&wcks=1&wgl=1&cnvs=1&os=0&md=0&bb=0&pl=Chrome%20PDF%20Plugin::Chrome%20PDF%20Viewer::Native%20Client&lang=en-US&pf=Linux%20x86_64&cd=24&0&pload=101 Page URL
  111. https://517s61.reminews.com/dannig/common-player-arrow/index.html?var=1541501&ymid=2112031122879814f3f9dc466aa4e41a4ea6&rc=1&mrc=0&fsc=0&zoneid=1601571&tburl=https://play-vids.com/?geo=nl&proxy=true Page URL
  112. https://kneeansweras.com/afu.php?zoneid=1541502&var=1541501 Page URL
  113. https://kneeansweras.com/?r=dir&zoneid=1541502&var=1541501&pb=0f9fb7e3891dd6b84a453baea88873541638555772&psp=e3YIdOzKiiMmALPryq1wrZPG-koMbqZi865gVbcpwC5hPRWXHhhYH5s2VaLGxFlq8qYk8ydkArLmmPWexEFFXnKJcKr9PfMJKbmVTyWMAnbuN2QKOqRsqFrDLloPzSs7XLv1kgNQSbl-Djwa_7151EQf1UWhWfS3bqKPaiDtI856umvLjUO1erIAYDFA4OKcVrGzNMHAXJYBILUrEAwStAM9gH4-iLmsOsqUBBCZcfv2OBQVrbFNvtW4PVU1bF2e-n3GuB7a8ldLpu9I1VtP_HWhVR3Dq2fdk85NU8wl6hhNRoQdYrak5XZZuGqDDF9UewdQ5mIckaWmjb-j8nwb9g8Br7xCzR0jcrCecBX-RmkE_i_dJAGnQDLq_IG05jARaZ8O9rbqHloOXO63xBmzxjqm7_JiDMZdJ3bvt0ecoSo8yt6kroJZeUz5i_DCcfU_eATynclZYuqMUJYjoJl_upJhLNMOE0g4P8p7lvwQf1jRORngBca2yrTNeDZcwm1_-frR3TN5efeBN_ci0yabwlg_ezb04oOqX2fLbgLu0mC_QUpP-uoEqcTVSMYcljLa0a2ExIJ-OXW7xcawWIixDmuubOvT4Zelf3L87iRtsuNTNnCO-i8VS2dLJIxr-WS9sm_dQYmZsZ8lLM6YBJ7xfWiVCgjTx-Rt3DPLtc6QpdOLg6GroG03Sw==&nojs=0&ix=0&t=0&x=1600&y=1200&wcks=1&wgl=1&cnvs=1&os=0&md=0&bb=0&pl=Chrome%20PDF%20Plugin::Chrome%20PDF%20Viewer::Native%20Client&lang=en-US&pf=Linux%20x86_64&cd=24&0&pload=106 Page URL
  114. https://517s61.reminews.com/dannig/common-player-arrow/index.html?var=1541502&ymid=2112031122483aafe752be436b8d7a804111&rc=1&mrc=0&fsc=0&zoneid=1601571&tburl=https://play-vids.com/?geo=nl&proxy=true Page URL
  115. https://kneeansweras.com/afu.php?zoneid=1541501&var=1541502 Page URL
  116. https://kneeansweras.com/?r=dir&zoneid=1541501&var=1541502&pb=0f9fb7e3891dd6b84a453baea88873541638555772&psp=gxg2JcCoC2QOekukaykbp35qGJYuRhj0kuPGAtmFNfyCt0ROW7aMDQ0loJ9hjBYoDNZFtELp3AX_isIh9s3AVrCSv-beSLHkIy9TuyYNgYi3EGUu0uXs1nbSsPSIyzrAPBNHsGeVq6qLktsxdvJ1D9ebqyFjQeKznH2TDKxwqUPEj8yNKfEO2CiVBhWJsl1pMrHEmMsUeqNTY4gB3svjuy0oVCciJ9CKyOR3Y0fDW7sFwqkzh2wXWGFat7nx8hRrWewByt-o1RfiX1hMnQGugzphEFnEonZsC497FXhSZgitT3j7AnGZWlKeHv9_J2UVcHjsFTSM9sXQdWx3_kdcmUxqUZo4W3m5uG2IogiCOs6ZrGmo1fWHo6RwEncDkHkiD8NMgtXWquHPNg_d07Bt8-1NU-QKC8T5DMem9GuMvUFHpfvSN-6Zy2lUVP40t6filegr7ZFqcBxqKZrSdqYbL5MTTQRJ-j8RJg01SPDi95qWo9LRQSe0tLBZLIoacYaeSTkdjNpkUFqpkf6SH75NB1LAwuxWQOmg9GIqb8ntNJ105zgzPndOo3WpGeyENGwcbL9dAaA4VMSq4-NCnz2SraY2DDjQxV95o2G3OZ4dALSbxyneEJMTuvWytVCZGHlUhPl7LIImFQgrBqJVP-RcW3NQskNmScu9gDjCPKPpyQ8xLLUYP2Vchw==&nojs=0&ix=0&t=0&x=1600&y=1200&wcks=1&wgl=1&cnvs=1&os=0&md=0&bb=0&pl=Chrome%20PDF%20Plugin::Chrome%20PDF%20Viewer::Native%20Client&lang=en-US&pf=Linux%20x86_64&cd=24&0&pload=109 Page URL
  117. https://517s61.reminews.com/dannig/common-player-arrow/index.html?var=1541501&ymid=211203112255cf98ba6f8046b390a379c5c5&rc=1&mrc=0&fsc=0&zoneid=1601571&tburl=https://play-vids.com/?geo=nl&proxy=true Page URL
  118. https://kneeansweras.com/afu.php?zoneid=1541502&var=1541501 Page URL
  119. https://kneeansweras.com/?r=dir&zoneid=1541502&var=1541501&pb=0f9fb7e3891dd6b84a453baea88873541638555772&psp=SfglY-mz0cFAFc-Yd4Dr1RZvQQqRRLbSGIht2Em67Ou7GSUAwee-HeEehXnYFynx_IG5d_sIfiHH-8wd8W6ounwKjg1ZhIWObwV4WofagsNi59SP3gJy6fP56yIjHklk1PwGN1TDfyBypw-uzADEUNmkB5wMXj2xVHAqbbbjqBLajD2cE8hb_iFBzz0RFXU4Qh_wfLD3xofAr8wuP4e9tOGM418kJMxSIlEJUnLdnRaOpfPpA24ivJ7FVYmeHh7IusCRMsiZPb0ivNNit45CQk17nS5iSNdreem4qLgAn-v9rOWHgmK2nDzUav5_ErkAgcu-kRcjTwcSunZFYI3ti5Fz7GJVNMUWP2hs45Zsb0AIVV5i1xBlOOB8wpahF_n-gd8i6-1Z55_6PIgFb4qetEkduFxxG_L1BCu6167FPlIBECafjaMhyyWDhUDe7Q_oISv0B8Qyo--zHNkUxmVufP93oKqZa3Umk8_bAKJTaklh6KXazqBkVj8dgr7Mmezwf0fd29B3SauKcp-01D6U-azO7FBRr1YOIirmC0ym2bscyQxfyeorOSqIUTE0hrZ8ZC7twlKky5ZYWPiu09qghKje_NCSHpuVJT1zauG3KjbVCBkZ7EaC1qBN2jjybcNeZejfyAvtNiq-0H7QQfnH49oM_LUUkl5oQVToFZPUDi2YHgRzN9qT3Q==&nojs=0&ix=0&t=0&x=1600&y=1200&wcks=1&wgl=1&cnvs=1&os=0&md=0&bb=0&pl=Chrome%20PDF%20Plugin::Chrome%20PDF%20Viewer::Native%20Client&lang=en-US&pf=Linux%20x86_64&cd=24&0&pload=105 Page URL
  120. https://517s61.reminews.com/dannig/common-player-arrow/index.html?var=1541502&ymid=211203112202c868f25c854a8d8b66ecc806&rc=1&mrc=0&fsc=0&zoneid=1601571&tburl=https://play-vids.com/?geo=nl&proxy=true Page URL
  121. https://kneeansweras.com/afu.php?zoneid=1541501&var=1541502 Page URL
  122. https://kneeansweras.com/?r=dir&zoneid=1541501&var=1541502&pb=fd9320c7c3a5215f51a9fc8f124d502a1638555773&psp=xlEGANeRLxwUt9O4WXzkTRuu7IOa3mxUP7tbcyfHiHj7GUpQKU8SJTMNCiPrVmobgsTEFvs7GWvtXGN3QMcO9oQU80NjfYI-3ZTT1F5G8frHTwHNbr8qCv5VYsK_hfGFYmEk-g1rTrHI4y5VSwD4bHqFgij5mU2gwas0ixXDUSj0RZ-KLl0rDnDBWmarSZHXJHD9zzSfUZ6OV5-2rrNja0VlwKFFjqyJPLrsEs_nT8VF7wg3SjsGkrPk4JNXuVOTUCAVmjZEhbE26iuOrcnmV6VVtPjy00svbBewi3lokSb08Gsm6W0GkTbJH7GJMeUqPep5uMeJYkzQ2yC-Fm3wq3rmB8kTPjXS8t0crTsB60PHs5IDx25Pv2cRpafx-XafGrbxzgvCp5LgZXYFvzvezRLpLaHRV0BmE88e64n7zuTJ4lLZm2enaim2mYB_txT2iGYtAXxiyC1Gxnm9zxQ9WtdQp5bU9vBli3kiZazuygN0HTEWtab_HMQLIJPiVGE5cdks5ALnM7yLxTQQi8U9XBSrEZG6r1ICKlb9cKBaaFsr1iLKRerhN8UEwevdQbZg041aIfx7EaT_iJ6C3gtPwKaX-73oSmNVKgtLGk-qdXFObjFn9qsCfeqojq4ss_f4xAJD9KW1xkh7xEgnRMCPdzBjaqe4EDGwL1D66Gx3HFv462EtxkexXA==&nojs=0&ix=0&t=0&x=1600&y=1200&wcks=1&wgl=1&cnvs=1&os=0&md=0&bb=0&pl=Chrome%20PDF%20Plugin::Chrome%20PDF%20Viewer::Native%20Client&lang=en-US&pf=Linux%20x86_64&cd=24&0&pload=110 Page URL
  123. https://517s61.reminews.com/dannig/common-player-arrow/index.html?var=1541501&ymid=21120311220e153e1136a64ef79ab679580d&rc=1&mrc=0&fsc=0&zoneid=1601571&tburl=https://play-vids.com/?geo=nl&proxy=true Page URL
  124. https://kneeansweras.com/afu.php?zoneid=1541502&var=1541501 Page URL
  125. https://kneeansweras.com/?r=dir&zoneid=1541502&var=1541501&pb=fd9320c7c3a5215f51a9fc8f124d502a1638555773&psp=J6V0piKqhPGNV5uEtjzJlyfWDLJYc9RLEYTUUJyLk3UUQmLZhjiQwBeEfxamarR3o8NpLm3PYHCaXHBT9E_T_kTtIfz22lz19aUkZw_vMZ_g0gsL1-nvysmVa1TQaYPK51SoNDmwUaSGLuTkl0DaFkg8l_KYd_bGoTxzUDUPYE3B1AJbhOqizYDnFeZ3I5o3jKxHIBT1gLR2NLxziIHPWTfHH1qAsu-MANRrU_uV2R5QyiUjecRN5D2klAUu0OR3tF7OciLhiTs0Zzp1G4X1lb2G6tSqA2jVMBfWC4GwbChC1LcXsGGrkGgOduVN8lIylGaxtVCUBB72TXGuM0c6AGYo2u4vuQTFI6-QCa4Z-gR16ln4dXaKm3lD-P1o1Kl4Oik1fpfKIqhAHwx-1M1CYBG7sFfud8pGO2Cru1IuHQ7TXsvKNADtwgECtsqPoTDjcTDKzDc9kOn0eHur-1Y-HMjv4n3I1-XabRr_JmHcMhJBX5DdtD3jBQSLl9y6TfhqbGVLf0oaNJqwQgfRzpOXJuvxsjvum5JypLP4Z8wHil2BpnXGyntkjWKlB_wT7iOEYcxY8n7E7v51Jj_WAWXQoNR8trz94NnjpzJGJuZE35dEvMF7gKz1FRfryRhKFm9fWC7yBljAiQLhhnyOJhU3LtP_L6ilT72jCNddSxB2N-YiWy1-4o9cAQ==&nojs=0&ix=0&t=0&x=1600&y=1200&wcks=1&wgl=1&cnvs=1&os=0&md=0&bb=0&pl=Chrome%20PDF%20Plugin::Chrome%20PDF%20Viewer::Native%20Client&lang=en-US&pf=Linux%20x86_64&cd=24&0&pload=103 Page URL
  126. https://517s61.reminews.com/dannig/common-player-arrow/index.html?var=1541502&ymid=21120311228f1e61799a3c4dd6a225023bd2&rc=1&mrc=0&fsc=0&zoneid=1601571&tburl=https://play-vids.com/?geo=nl&proxy=true Page URL
  127. https://kneeansweras.com/afu.php?zoneid=1541501&var=1541502 Page URL
  128. https://kneeansweras.com/?r=dir&zoneid=1541501&var=1541502&pb=fd9320c7c3a5215f51a9fc8f124d502a1638555773&psp=x-1dUWWwJ4VS1sddHyj-EFInJrBdVkSfrdkuqCs1MKz7cTm2kt1o1i4tFvK81kLK6lv2mCNy1eAMowe4XWMbCQ9xBuo6bhel-FU5P6r9SYXkSXa3rjr5VR1YibyjoHU40G5KvlzFuziaql5jJtxIFsfO3yAGeRkcuQgoemiZB2h4ns2fQGKW8U6mdB30Jd1elwWL2QndJJZ6yZzG1Ts6EI9XnlMJNquSVDQSF-52c5DSVOOoRvfPDev4nfqySfibS4LLlYJjnDQPH2ZCGH7SGqRWrAGGN0G7ELf3iQS4WGh16NKugBMwNIk_uvFWkkBqEA-OP_uOuE_sjTsDb1ajafRZct386trSWMHiGpUNfH5W3ahOyOziTRVy36jhijE3nohmZ1Tvvo7xbcXUH5O2qus-9Sp_g3iOBuqZnUdzfZkKScvo9bcttFNMBVV5oL4JAM2AiIu8EzcZuirR69W1iunjQnsJLMo4UOCMyjx-2ZUnYlN2iAwcw6_XiiDKGJ1z2ycjve2wtFz-T-xZkvlmjNYACu-hRTaA7BT8jRcUQZJZLkB78-5ld1TiJl75_WGkmbiQaUVyZsAQAHHfSe92DpcxuNbhNgT_2SRajMloE49XvU_nWwik5wAq3K7VnXNVdtZF8o7DytWQ50rEemK2JmyR71hF6Yubf-mAslGYLnHtAWLXkQLwyQ==&nojs=0&ix=0&t=0&x=1600&y=1200&wcks=1&wgl=1&cnvs=1&os=0&md=0&bb=0&pl=Chrome%20PDF%20Plugin::Chrome%20PDF%20Viewer::Native%20Client&lang=en-US&pf=Linux%20x86_64&cd=24&0&pload=107 Page URL
  129. https://517s61.reminews.com/dannig/common-player-arrow/index.html?var=1541501&ymid=2112031122ebd75270443444978032c29d65&rc=1&mrc=0&fsc=0&zoneid=1601571&tburl=https://play-vids.com/?geo=nl&proxy=true Page URL
  130. https://kneeansweras.com/afu.php?zoneid=1541502&var=1541501 Page URL
  131. https://kneeansweras.com/?r=dir&zoneid=1541502&var=1541501&pb=fd9320c7c3a5215f51a9fc8f124d502a1638555773&psp=TEd7hDikFiLgLugo5u86cvoEy6gUHFlnT74G3h3qtvDUqtJ-j35l5xcnAqL4xjcJ9c-kzsAtqAc6odNFvrK78An2aaW5oh1cW8Q1F9HTyNeLIStt8YN8Zz5RKus_Bq4z2zLjn8dMOmQeGTOKZ2KlKCyrxu0V80iFXLji3TxdzK342X8tbeljuxB2r3JtIt0q8ob8ecgMeUw3CGHRpSJaXU4pUMfM-tn4vNYecLrWx6WVS1_O-lcPzNz63D49Rj4hMjwCCKOD7aia-R8zkOjkbwwC0MzafLEnuq8VTL8Pl4oLqJJhvOAxmXTx57rnELa1zKopWYlmy4lc23aE-Ho4KtskcxBVoSN_7Cfp0jyPJNHCofJrvney_3GLvQjHc8nNskJ6ZNBiK0bJwQ2M-ai2_QTzib9DvmWGMRUbxcXkNcCpKD4Z_2Jnnc1T9opO9pDIlKevIiHLekYm4JBKWUpZkFKyjr_GdGfG7jPqJ9ckN55Kh226oevxg-YBjmmGTpDiiiIY8ChHNdFMh8tm1DugoKh_Esb7KZmsVutTH5Bfs5vsc4FBcIV3VezNZRDaArdxFfVN9pZV4hq4fldyXMaKrIBovGrPKNTgmm3lMLOFe0VEaEngy70GaVRqeWInOxKgD3BLYgJmeEwhq0f3SzdE-RZ7e-bFfYxqkkqczHFM5G-5-Vy5kKIMfA==&nojs=0&ix=0&t=0&x=1600&y=1200&wcks=1&wgl=1&cnvs=1&os=0&md=0&bb=0&pl=Chrome%20PDF%20Plugin::Chrome%20PDF%20Viewer::Native%20Client&lang=en-US&pf=Linux%20x86_64&cd=24&0&pload=106 Page URL
  132. https://517s61.reminews.com/dannig/common-player-arrow/index.html?var=1541502&ymid=211203112288f12b8f0b9b497c8aac54cf41&rc=1&mrc=0&fsc=0&zoneid=1601571&tburl=https://play-vids.com/?geo=nl&proxy=true Page URL
  133. https://kneeansweras.com/afu.php?zoneid=1541501&var=1541502 Page URL
  134. https://kneeansweras.com/?r=dir&zoneid=1541501&var=1541502&pb=fd9320c7c3a5215f51a9fc8f124d502a1638555773&psp=FsA8WMJKNx7DrN5hIE8S_uD7caMvW6fxv4Ekz7IMguOwAuRB2_-Er-x2imLliRoA3onHLVGwGeSSV4yKDsE9wGcS9uy9B5JYvt10MmfYct2VvOSmTC86pXLttpo2MCwPOJRdNPzUcc3rKjh7R1BEpK5SpEzkh9aLaUox4-0VE87Z4Is6MVnxlOOBNJAIJqO2pEVOXveg7rgQYYC1EKCl41pGgnTpx16cB_AtKGoiaFixv0ocJ1YbtXfUQ0Cev3iWc8yUw4Cg6wzZL0c9TaYI-pZH4b8TY9GuiwgGkFdLBqEW2PVD49g761SYQ_aQTNwoQUkf3uqV0cVjp_XXP0wfHvDESHewAZToQIUyV41Pbzvm6lWvyfWwZiefMoo1z6OIO6W1PwcXqAdz3bS7wFLxb4ev2wOspa0jMX2eaFGu6KQ2FvRcpOkSFjwAD3WEiYFcHBTfWh5nopmopGqzQUTRd1lxj30NuUv77nNqxPjLGX4M82smss41yoGTANTp_Fx76h4XUwXw21_rQNncBqVCK3XA9ktV253WxFjmfBMcy82A2bqbzTwNNpEVbjLYMt-H03qNEXisez40yn3cmUDZuF4iAuri7GLesomorH26j_e9UwTqoYmtQT0o5kxhr1URjbvSze_RRtZFUD47v3BGu1h1o3vCyPSUxSC0UoH4szctR68DrcJVDA==&nojs=0&ix=0&t=0&x=1600&y=1200&wcks=1&wgl=1&cnvs=1&os=0&md=0&bb=0&pl=Chrome%20PDF%20Plugin::Chrome%20PDF%20Viewer::Native%20Client&lang=en-US&pf=Linux%20x86_64&cd=24&0&pload=105 Page URL
  135. https://517s61.reminews.com/dannig/common-player-arrow/index.html?var=1541501&ymid=2112031122fc5eda31c71e4a7995744a9a34&rc=1&mrc=0&fsc=0&zoneid=1601571&tburl=https://play-vids.com/?geo=nl&proxy=true Page URL
  136. https://kneeansweras.com/afu.php?zoneid=1541502&var=1541501 Page URL
  137. https://kneeansweras.com/?r=dir&zoneid=1541502&var=1541501&pb=cb9b7668389cb45936a30bd1c088eb721638555774&psp=MY7HeXzVAGqEuRSFNlR2CsfZ4-QkV9RpxIeGe8midFg9szhs1F8B_dT321nuE-_ypJwT7BrgC0WM3YAGiIh6XdLllP7Z01rQfVvqqcRHEWfVZc2LZKN3ztmcCfkkXJHB1lgQwUjJiXKpYRtO_jXwtkuykjFylntbhhpOCx606NVpxkaEn4xP8pk69AMan-TWzdg3lNY1mAi0ffW1fSGLOAVYlyrmRrN0BBRED756nOV5GZNdvxYnJ3RPzxnpUhOaPh9FZJ7PvbmGSr8_cvjjx5eNY5FXRTmBdPN9lXZppzmkuFfmJQvOff8HGT6a-muDCmb1qTRlZGg0TZPqmiEWEC2oHgV2aGX3fAmF7WOr-4ZMU3Po1xa20U4P7YFa59E6dzqcMCd2FcfgvUl9hwTn86wOCmw0p44WXn62s0fhzcTcmscQ5Ghrr6x_NC9EEDcyZNxVQWfBJIQy8uyhwRqHL1Qu8cK-XB-m9U8HxedEeKB_bCkqU0LhU22kbAQTYqebEmeZTOwtOT8NVjceNxfimiq_pKkNsGAVBjWxDilxxRxFrAaHUqh953wWan825lRo2d5deRxC0Rt6utQ6RL-nr0gqh9ttrLlrRtGgG6sA49yJ9jWsbrVtAtqYK4Roxw8os2eQWh7hxpLoF207XemVuuXJJvpVq62oAAnGDuBV1u_cK1WGuIi1yg==&nojs=0&ix=0&t=0&x=1600&y=1200&wcks=1&wgl=1&cnvs=1&os=0&md=0&bb=0&pl=Chrome%20PDF%20Plugin::Chrome%20PDF%20Viewer::Native%20Client&lang=en-US&pf=Linux%20x86_64&cd=24&0&pload=100 Page URL
  138. https://517s61.reminews.com/dannig/common-player-arrow/index.html?var=1541502&ymid=2112031122327f994b5007449dbd909234a0&rc=1&mrc=0&fsc=0&zoneid=1601571&tburl=https://play-vids.com/?geo=nl&proxy=true Page URL
  139. https://kneeansweras.com/afu.php?zoneid=1541501&var=1541502 Page URL
  140. https://kneeansweras.com/?r=dir&zoneid=1541501&var=1541502&pb=cb9b7668389cb45936a30bd1c088eb721638555774&psp=UC_l36662dUTnU8V1p6ChWa3vZWrzcoySMsZAxdK_NbtG_5EtY_zlyWfWijgyNadQc5UH2uYB6Zst_9BwirkE3NbvmjXthmqhYFl4YGqgZzBP-xUg-zL1OPMfmjryebZlGS297Vj9ZViZp1c3Uc0Mnje1vo3HPq9p0EyThe_qeCs63U8oTeNuX-A3qWdhfrdaJVKY8Duv8gdorCxn-_H13mouzYU0YRTlvyXJSQjEFoqFgoR2Jof4_bQLzO_f3gQJZyLY-vOKuv2A19WtQiqDnHmUoglTTUAI17zr4DVc0Sza4FzTpdUaeWHEBa19YzhXiblZARPbDTgpr6DN7jkoTRbPULV6ZxPkwjHfUz7pGKbpo12tDgZXCnKE4INj7GvXuZapWqvzXmUH1x3d3oRqpUnojszFuYfhOFaddqYGLUP0-Cn_bTZ5CGPirkTTJOHMBpO1m7WyulARRIXGvaNZ7uvuSNVXXOvITV8HDSXO5Nt6JAA2MAOrm90g5R5hQepFFiouAtX_7o6XLdixlk8ZI5IPydZWtS59BTi_BFndkywjYSiJUKXca9VGOQihcHa7ebaNi-NwrPMgA_of4gxdhE9zkcoxn_grWobQa2ycrtPs8zx4BjNIfVrn314KQOTAfQYJ5T7coYcVVj943jMmvuAxg0QK8xKhCNDCOwd8t8phfyrnPGylA==&nojs=0&ix=0&t=0&x=1600&y=1200&wcks=1&wgl=1&cnvs=1&os=0&md=0&bb=0&pl=Chrome%20PDF%20Plugin::Chrome%20PDF%20Viewer::Native%20Client&lang=en-US&pf=Linux%20x86_64&cd=24&0&pload=103 Page URL
  141. https://517s61.reminews.com/dannig/common-player-arrow/index.html?var=1541501&ymid=21120311222db06c75512544318df4228dfc&rc=1&mrc=0&fsc=0&zoneid=1601571&tburl=https://play-vids.com/?geo=nl&proxy=true Page URL
  142. https://kneeansweras.com/afu.php?zoneid=1541502&var=1541501 Page URL
  143. https://kneeansweras.com/?r=dir&zoneid=1541502&var=1541501&pb=cb9b7668389cb45936a30bd1c088eb721638555774&psp=NCD7KU28ux2k0rnao4eL5hoNSXLbnKrT4CTzar_3IoA9_Q9KHNVGjJKBEVw4U10iVSb5rM5aws7l2_VA6hzpHqbb4s020MefRaVBPTp-WQp-pu5sASovIoQjs32xhmPMYyvCBdBUGJEzLVuBPcBwUD_ouTNAsuac7uM8B34rxCvvrDl6atg4vZUHroKsTQTmzO3wQHZHvSIcLkNQ-DlGc1fu59SuXaS-44ngA_wnw0DkGuZgZbZdIK3vfxgQgZ-bkDR9pYJ9_OxRWLvfZni2UeRaVL1A10FXeLecA83XlCfuzKAasuYKSrlNywuT5S0PGbNdz_piPQcyQHPleIXoV9sdKx-64lQc8Kmo2ZQYrEn2y8Fdvr9RCjeEBrUNYUsH5Ev2EOEEKiG0Dco92VP-OhqpwX77a0_l2QWrXva1pWNWOxkOdYuSzljq-ueTruUir-GF2D23TwkbJT66c9euZdH8pp47SfXhn_z0JqSOZYarQQC1y4ibKSuXKFFEYhnrUj5HiipEmRiuCORif70gWqPdY3W1H9neMCpn1Dt6-9AIWsGajJzstdO88RGwky03WZBJm7PHTPYLmuNVFCyOqMWNKMbFW2AuDEq0ObuNNjjYrD3FdrG4DHy3qBqPZV8I7r9qRg1W9w9OTGvjSNtNvshe_jtsJ4KiiQ6EYsrg6qCPZqPaU6bVBw==&nojs=0&ix=0&t=0&x=1600&y=1200&wcks=1&wgl=1&cnvs=1&os=0&md=0&bb=0&pl=Chrome%20PDF%20Plugin::Chrome%20PDF%20Viewer::Native%20Client&lang=en-US&pf=Linux%20x86_64&cd=24&0&pload=123 Page URL
  144. https://517s61.reminews.com/dannig/common-player-arrow/index.html?var=1541502&ymid=2112031122f9c9ae8cae6b4e828317cbc7d6&rc=1&mrc=0&fsc=0&zoneid=1601571&tburl=https://play-vids.com/?geo=nl&proxy=true Page URL
  145. https://kneeansweras.com/afu.php?zoneid=1541501&var=1541502 Page URL
  146. https://kneeansweras.com/?r=dir&zoneid=1541501&var=1541502&pb=cb9b7668389cb45936a30bd1c088eb721638555774&psp=yS1MUf9_Dk1y-sL_g1ktROf7tlsrQjC8YtZPBM4UDR_YprmRGyXN6NtZORkAce3jg6R6HB2hXNL3246hwwhWNEKuxkN5sY5G4AFCiQDD-hkP6OT5TRmstdDGiTvdhuvXFnB8jmRnn0nVuAZzg_Dbb7rcl-VT8krrY5NR5mQp7HL4i9w1z-6Dx2Low-12iLxO6quoB7xUl4qI_80Wv2WX3K703EMRUyMe0jrlXXA2A9R-2AKxVflm2GaNCPpKgwlgdJjWi-lASQ4JghrUkV-2QOzYuKNWHs-ZYGOBIRSlQe83_JyvVG7bIQ5_TjwwBvb3zJVQs00_laLag4kDteFU5rUGxqKX2wmzNqsj1vl-euFx4mslIiVWFYHY8mlasSHw_oFQN00b8f6HkFQJPYy8ZSx_9EQr03NhgbfhrnLYf4DcoO91Ct6A-tKwhNJwVnhXiYAeA1OF3Gpwv9vAO_1avV0A2PLDebrJe3lW94aXBU-vKMfteLxXCtyN7KswEWIQOVN2EgjRykduPCqyh258mNcNDews6uIA1DorC1tYK0AfuFusDn3soNuGhfuhwcIpSasJ1haUsyi1kF_a0JZXSbXSzjdb9EuMwBEwvahy8EsY5TsY31MVV6mK27Iv9Hy6mJkW8_xD6hxlTfZwtlCv64b7G8vqoyW38wzKYyhct2vGVoB6OaADlg==&nojs=0&ix=0&t=0&x=1600&y=1200&wcks=1&wgl=1&cnvs=1&os=0&md=0&bb=0&pl=Chrome%20PDF%20Plugin::Chrome%20PDF%20Viewer::Native%20Client&lang=en-US&pf=Linux%20x86_64&cd=24&0&pload=101 Page URL
  147. https://517s61.reminews.com/dannig/common-player-arrow/index.html?var=1541501&ymid=211203112221daa349516647d98cb6a23bb7&rc=1&mrc=0&fsc=0&zoneid=1601571&tburl=https://play-vids.com/?geo=nl&proxy=true Page URL
  148. https://kneeansweras.com/afu.php?zoneid=1541502&var=1541501 Page URL
  149. https://kneeansweras.com/?r=dir&zoneid=1541502&var=1541501&pb=d9f19068a3e4545e4569751e8929ea6f1638555775&psp=ZdgessHVkKbZ4AnF_lP66nbzZOlfCBp3BPG9vVjio7WFiCmlE1FtsPNkGX-9Xn0X8-gA7rla_aT6p-MmcUt3Mo50-xaacBZ4peQSV4y3Oe7XGgzlASfk0UV8FE9rHV0nFgmCTHNiNwjY0RCLU4QzG10ouebnOn9hVRkVshqSNCHWTY_LxRRPCT_ZRRdqcb1ek_6VPlrNG1CNPVJ6HbeMijxj_dXxAY2nbcTRQx7seVxTBYm92UzIGvqnjRk4ZMeJsvt6J8NiJ0cEK80xp6ixighz_hKjmY-mpLpuDVP8QzuhEMkRT6OgSVLyXTw7PWE19blmmc1ZCo3vUAVmoQ8KYlSZBjQsIpSRlItxWbeCHIQWiEPfGzoWHgy0qiqaeQ-HgsvCbu1Bo8nFKxw7hTz8mIzGsYF97rQqjzUzP_-RIr09qZaOQ76tAers7nzV5f5JITNQYHZ6_qIx7R8k7zgidtJfGdcYElx9IUpWK7GqI1UuxNaEGWvIa-vCcOEecVjT2rFnAfOTkJsBIFvOPdCWhUSpan0LAu1vMtiggGsLVUUISXVkoI7rKpzrp94ZxBIUwr6a8CVYD-1Qt3jdnzzeRkUwzw91deG-qGM2-m1J5WDjwd-gKQLvaJxzduM1brriulKlhsVuBmrH_P7fNJ2Rf8zlmvJpnTlI5aHAfRggVJ2IL9TbTTtqhA==&nojs=0&ix=0&t=0&x=1600&y=1200&wcks=1&wgl=1&cnvs=1&os=0&md=0&bb=0&pl=Chrome%20PDF%20Plugin::Chrome%20PDF%20Viewer::Native%20Client&lang=en-US&pf=Linux%20x86_64&cd=24&0&pload=102 Page URL
  150. https://517s61.reminews.com/dannig/common-player-arrow/index.html?var=1541502&ymid=2112031122a32af811618841d3a1beecbb6f&rc=1&mrc=0&fsc=0&zoneid=1601571&tburl=https://play-vids.com/?geo=nl&proxy=true Page URL
  151. https://kneeansweras.com/afu.php?zoneid=1541501&var=1541502 Page URL
  152. https://kneeansweras.com/?r=dir&zoneid=1541501&var=1541502&pb=d9f19068a3e4545e4569751e8929ea6f1638555775&psp=DdzPkoCeAdYLKOVwDg1HfeGANUmg-NAb9gnyaUnU50YJ5eunIMfxyIE2w30OD893QAV0il9f3o2bfAafdxai_hnBb__rE8bXw-ZuVVnPOI05Y36Dj3xDD8xp2msv9gr9NQjnAh1dtWLmOCU5LWAOgDj7HEqVfdOQQVR-TvHc7TNZ1XtN7FyPTUnT3FSJAwsT6lESLBevPlazXGogYb27RG_xO_qt1FbYRYBZGpaNM26Q95ex9QZLv9aiqfsV6HIxvnqcV9TSYFFWIzR6cfmyxO_EYJnr8EGmaEQ0-N8uOQd_FwMJE3j0Sr7D1pCZ-8QWdMSrmzu4U6hgv5sv8CfvZMo0NZRSLGMjR1mmgYA8Rq-l6ImXVJBynC-JVnZpW3_71QOuOghaFLUWaoxF-zEQTKh3ChIzrEty9-bgi9h8fKYlHcEt9uLkAxOKgX1Q3xxQsYjwth2habkx_8TiiMFurCfvnnyAIqgtPAqGA1V2hMDtYBHqejKxItk4BWMSM61NVhibe6UKwDtow6MsDGFi2ISEtG3Ivp4HEoVXRwFtGBuGZSd5seHmpy8smkRVqUH20tIU6byIkfFL-9SIQ5ESYgV2YbF9hy2UFVlYn0oHOvEgL3fprk3NkjfINzgHkbOrbUa_97pPBDTf6W46xryq7Z2V0meCFh2RYXsQ8uNXwV0G6M_fZkHWkQ==&nojs=0&ix=0&t=0&x=1600&y=1200&wcks=1&wgl=1&cnvs=1&os=0&md=0&bb=0&pl=Chrome%20PDF%20Plugin::Chrome%20PDF%20Viewer::Native%20Client&lang=en-US&pf=Linux%20x86_64&cd=24&0&pload=109 Page URL
  153. https://517s61.reminews.com/dannig/common-player-arrow/index.html?var=1541501&ymid=21120311222fb379fdfb7242f892a4c34ad6&rc=1&mrc=0&fsc=0&zoneid=1601571&tburl=https://play-vids.com/?geo=nl&proxy=true Page URL
  154. https://kneeansweras.com/afu.php?zoneid=1541502&var=1541501 Page URL
  155. https://kneeansweras.com/?r=dir&zoneid=1541502&var=1541501&pb=d9f19068a3e4545e4569751e8929ea6f1638555775&psp=Aqe9Omoxjr1P3g-YPy3qGnHK4SHIoPjszbqmB2n7Yff_bT9uK0TXQZEr-4Kbf2MCoFnzXBKEOh-rKS_t20IShvDQeVAYgSbDa6cnNRI3o8e_cm3ULsTEyJGTzJT6Kuf9goHja7xTDw7VA7RxiaoV_9i2NQIscHMv-iJFdmQtgf7CvjYJ4-p1D5-Qtfxu5l7CIxf45q_16RyDKxEc-yrRqgIparHWLjvEGgQfd5FknUqO-fYQHb885CP_xElTJFpo_HxJSRi4tHr3Q8MnQRbW3FkblEe-VSf2fNw9hs6RTgATqL2t-8stoXn1416MYHLeKCfGgmIYsfOm0OMGkf54gNXw3mEYP4kRthAU3r7_oHKAePALA6fbADSlKcWfSAIAfcIEs22a5OJ79W-zSWNc5yXMljlx3ChbCm2bEKRci2zQV4aeXu9aWRY_NnYhb2NmehfDjRcyYGRwI4Frzvd8P6H-2DYVd9LSub7Q-g_x-RICGOtKhdRiMu1kp2O1QUBZ3sPHHDYeuwD1gzQwRn2KrZtqgFArJfKsu3JV0d_v9sbLGJ5-t4m0NZY_AFQvx6blpXMZ9BzXnNEjPO_ULIsMGQzWb4-371DpYb8_9okWYyxz04DkFb66iWrFv0_xgwpBsX9O6-F_YOZilLasfCic9UxeHINMqyvvMezwhhgoq__jXeLic5aX5A==&nojs=0&ix=0&t=0&x=1600&y=1200&wcks=1&wgl=1&cnvs=1&os=0&md=0&bb=0&pl=Chrome%20PDF%20Plugin::Chrome%20PDF%20Viewer::Native%20Client&lang=en-US&pf=Linux%20x86_64&cd=24&0&pload=101 Page URL
  156. https://517s61.reminews.com/dannig/common-player-arrow/index.html?var=1541502&ymid=2112031122dc3b9fc316784b8481fda9e0cc&rc=1&mrc=0&fsc=0&zoneid=1601571&tburl=https://play-vids.com/?geo=nl&proxy=true Page URL
  157. https://kneeansweras.com/afu.php?zoneid=1541501&var=1541502 Page URL
  158. https://kneeansweras.com/?r=dir&zoneid=1541501&var=1541502&pb=d9f19068a3e4545e4569751e8929ea6f1638555775&psp=1j6r96Pi69dz18JeoufWWEDB70mgGm2cVVsiIO2bbOwuVJfyLmZJG1OTx_DnpP4Qap_Qq8HJwl70rlvED0ll4zqzCDpcCU0RWCxIxQ_-BYs81tW5hgVJP5IdflhmwhZMSfPBGoiQ-sJ5lJq0cWfkWlghu8x6Bb1tmAaGdoHe-5DK-EOlusWHGELZCPJ22vtRM69509d3i6Edtb-WAn-cmzaJ8uLD7FAZXlMrx8gryAUH-n46aahpo06DO96fX3bICU4etnJqo9cyaZR4d2Mo8o3syVGMMq8q-2DyoKqu0HTpdyVXD2ssIUxcyAPHtCFVMAOWEaWRFunJBSt80FvRpWe1D2gHb-KrZiAdVEEHqWkwJPCjb8umwr5oZLlPlEEkXjFoVb9cX0o9Z3sjOXLUQdpqSg2Pb1Mw6sOaAws-ZHKdEImy7lnAMvdwxPN_pEOHaliZ_rIDFTPGjIeclbsPYiXZ_LZzGrTdY5roT82ZXxf5UuuxhCkcbqbbWdEGbU2tseYDKvcuOPSTZDRdgIlKJ_UBSNoiNrnHUr54PLOHYXewlrWT80gnrLA63hCP5e4Cnl5sF5dwZqyOOtnOlpVWwTs-ClqNfK5JYnO3Se_MJgc-ZDtPYV9_b0sb4wENZ51l3mDM2TeuLkiQ3mG9XHW4lS5hAwCtzqTp4zhHtzwkTEqurtUPkhlbIA==&nojs=0&ix=0&t=0&x=1600&y=1200&wcks=1&wgl=1&cnvs=1&os=0&md=0&bb=0&pl=Chrome%20PDF%20Plugin::Chrome%20PDF%20Viewer::Native%20Client&lang=en-US&pf=Linux%20x86_64&cd=24&0&pload=102 Page URL
  159. https://517s61.reminews.com/dannig/common-player-arrow/index.html?var=1541501&ymid=21120311222e047363c7e94ab495db4765ed&rc=1&mrc=0&fsc=0&zoneid=1601571&tburl=https://play-vids.com/?geo=nl&proxy=true Page URL
  160. https://kneeansweras.com/afu.php?zoneid=1541502&var=1541501 Page URL
  161. https://kneeansweras.com/?r=dir&zoneid=1541502&var=1541501&pb=d9f19068a3e4545e4569751e8929ea6f1638555775&psp=vEUYU846uk4Yu21BUbxRzFuZFVr_v7MF_QeqXSNOa1up6QNUDSLrFwOhDlyv_beSs1jQGTB7aS8d3ubXrf22Jd9ZWMPvWRGb-jKyMOfPrRpHvosZnjW-JRvDOlH3ErIhJ109OYNSRWkHgiW2nuy0XBBIYXWgxP1DaomsgK00VP4sd789833qtneJEJwmrjkUOh-IKr5-PeqvklIwS6kXVCTX2U-VbB51GfC3VT7jV5BGD4zUBRfXDEKUP9GL6OdXADtpLgeaJQH2hHcOUVUx0ySZe8mzEr23bEiyLtFqXEsmr5XtMyigWL3JRqWr7p3MLEeWUy0YSJZv9ohCyrjAxKVfQ5X0ni4zVhvzMdOiYopZLzzgSCGnBEL1txx8DZibp_AurzijtbYaAPIbEvT-kPLZnK6BZfnwvYFFmSpqaDUXK6OZxsZvBv8YfnSFyA03_mluQtM5mdtBvBAO59qNx290TU6Bzk_-OcW2PckIUZV_5Dt12e5gabku5vm5lTFL7kAbiXwQTWMDh-lBGBvNrevU5aHdjR3w3rKwm5FWGFCqGJhSpmbtUw_n1lALyJi3HxOUzyuhGvw3OWIYRBIuPS22ICdng73qePA8-e_Epxu8We5n3jt8AaiuucTKNiRh6Q-oc6oOaQZP3oraHjjPDFasQEmokTSmjkaud4mQigPcbBRWFQrLKw==&nojs=0&ix=0&t=0&x=1600&y=1200&wcks=1&wgl=1&cnvs=1&os=0&md=0&bb=0&pl=Chrome%20PDF%20Plugin::Chrome%20PDF%20Viewer::Native%20Client&lang=en-US&pf=Linux%20x86_64&cd=24&0&pload=108 Page URL
  162. https://517s61.reminews.com/dannig/common-player-arrow/index.html?var=1541502&ymid=2112031122465b1805ae4b4dffb788f5dcb2&rc=1&mrc=0&fsc=0&zoneid=1601571&tburl=https://play-vids.com/?geo=nl&proxy=true Page URL
  163. https://kneeansweras.com/afu.php?zoneid=1541501&var=1541502 Page URL
  164. https://kneeansweras.com/?r=dir&zoneid=1541501&var=1541502&pb=c988daaa13007264bb888dd3bff3860f1638555776&psp=twDThmkx8Kf-wa-G0CcxQ1GkmRLM6Ojeovc8ARb8E2iCk7y0dsRc3MdfWfmWPQLD5dcJzmp30YOik13BFPU8CM2TYiRJR4VrVZhVSyC_jYtx0dv3RjnweCncVbnDf4LS8QdAuHMDLJyJzIuw2mbePpRFmSyX_nmJcMZeczyykKBb-fY2NugQsFha8hAZ7Y0SK8HIHVnezJwCQlxBj-TwJUmg6CQva_xU5hcN4KtfAaXbSUHCfq4CN--6vuElISRIp33eFaviOD6txx14YZ2oV42QwVxzE1OgnW5Nl5nm0650GWAGLdjLrLp3L8UQ3LjsJj-EZXZz5h5-wu_ik8g-_KJLiW9yHQP8OKyUTc13kqzL5P9M20EEKYqbbyvLJlpyC_PyCiJRlgCWoGyzB_8MK9MTZdStHwXBnJUsDg_NBNLR1IKuRUHa3gFaf6K8mFMqVlOzxvATj0F34gz8EKmapfuvDy-eaMwNJTqkIuX82lvnf9mjGZxb2Z9NWY0DHsmBsH0mnr2seYgaqWq6IJN0w1_T2aQ1WLP5KpBA0cIT67yRl2Is0MqVGGcZwMcQJl9mKhUpOnzayCJUkyChUuqjlubCHs40xZqBJR70Yf93LWm3NXfvrdRzdqcSt5u4pjIqiIp83FsmtTmv4kWkTXUES5gaQGt7GT_t1WKE3gRZszJYQdDYfLYnnA==&nojs=0&ix=0&t=0&x=1600&y=1200&wcks=1&wgl=1&cnvs=1&os=0&md=0&bb=0&pl=Chrome%20PDF%20Plugin::Chrome%20PDF%20Viewer::Native%20Client&lang=en-US&pf=Linux%20x86_64&cd=24&0&pload=111 Page URL
  165. https://517s61.reminews.com/dannig/common-player-arrow/index.html?var=1541501&ymid=2112031122aba3b1d1064c4d609fee9c1e5f&rc=1&mrc=0&fsc=0&zoneid=1601571&tburl=https://play-vids.com/?geo=nl&proxy=true Page URL
  166. https://kneeansweras.com/afu.php?zoneid=1541502&var=1541501 Page URL
  167. https://kneeansweras.com/?r=dir&zoneid=1541502&var=1541501&pb=c988daaa13007264bb888dd3bff3860f1638555776&psp=oFRCWR_xS0CqYaMvqTGWsPPIMpqq4D8mGZiRCLwJVWB4rdPl8ugiHpcpNaX6CfHjoK-Kj0Gu6WJiEGwPxxJjGG0sPsC2nquvIA5KBnbDgAkpml5w9RxsJe0Gflkmwlzd0i3aY-7L29LHXxVEW7wTfqZsVj778JcUMtuAY5MedIVy6nck3O4G4dko5f4rEOax1slg6thSmTCKcCRSFhPBYZ5S9aQLQFbT0jepEA3-lZN8nUF9EVu8Q2Z4G_LjJMYUksAUn1qtSK49P0cyBPCv38mBzW2KatAjFOlIG2XixF9bXT1KvMAZ0FV3_jFBd_AYWTv8FQG33aHZW6H9Jb86AHTy8cmhvJnuBRGlRzss8NGrmAHqTVuDWx7e9MIvbBSAGC6YfZjrysMsh0cWOEINtSgOteSRw3F0Fys4DIeGhQijH0nBNwseUGgwSCmQVfVgOmMnX54ULTMqHu5MxzBNIgEqhLRg7w2vHgLbcFLB4g8DAjJL5gOwX7blc8DFZJlxbsydYmmThEdQrZVJbYKxHITRreuUaAkMpAEzQP1FHK8F4EL9rlz_5IoGOWw2qJBur8Qety6J2boHBnF54KxXjW6CAvmY63cP4vdxiHVJADT7u8yUZOBiQUdcPBw3jAcbUajSJ3jyCajwl7m4qPnqc-cifvSO09SAqfOZWNjfDvEyU3Riq-jBcw==&nojs=0&ix=0&t=0&x=1600&y=1200&wcks=1&wgl=1&cnvs=1&os=0&md=0&bb=0&pl=Chrome%20PDF%20Plugin::Chrome%20PDF%20Viewer::Native%20Client&lang=en-US&pf=Linux%20x86_64&cd=24&0&pload=100 Page URL
  168. https://517s61.reminews.com/dannig/common-player-arrow/index.html?var=1541502&ymid=211203112232b0bdfecc0f4c3b8a86855fb0&rc=1&mrc=0&fsc=0&zoneid=1601571&tburl=https://play-vids.com/?geo=nl&proxy=true Page URL
  169. https://kneeansweras.com/afu.php?zoneid=1541501&var=1541502 Page URL
  170. https://kneeansweras.com/?r=dir&zoneid=1541501&var=1541502&pb=c988daaa13007264bb888dd3bff3860f1638555776&psp=zze_wmg8qA3j9kv63TS172moHiF__zN-HtLOsjkzWmExA_c7XFQNzgAGg23THxy3rzFmfOhIAzmRgR4V2pBZlfw7AsGPFb-YK7mjFxGXXKdYuEVvEsEUjAhwctJ2IJ1_9bqYZx80ZY2ekcx-ZBYgNXDZeajuLKH8J3QBn9AUXafjlQgGyt1SQfm-9b29FkfbwurYOUkjlC5SAoEhNPypw7M74ufRJqwGd_AGUNh96kYdrwTy_X5KowHN_mluLG1J8T-_0s1BW_qnYrtanvYFJezFFLPTAbrKUWFlNGRC3r02iQJBsnB7PqLL25zr0220YGy8ADeLFGHytczECmlzOVeZFRaPetEh-EpB0ogx_DAkmgy4R7m9WvUzSGI_PhogU35muxArrJi_XZ97xODhv5fmyAzw_-mZCXDNHVtE54ZF0ELun2kDHqH0W4EshQfjK-03mvMFcjjfRxz565Hjy93F-StAczA6pT5iwEAbmIwG21fAdNY5CEpKdZHnyqbjbqAIXu3cdK2B8ie1Bzzc4AppHAD2LWDzjf0Bkac5V-rHV7F8doyzWVp7dbmVSB_EWNh1AtdAMiBjnw05wsenL7-rgn3_IZEGnUmLX3RBVA8Rl86IVAouXhTBzdC97XGBM8KouzLlbz8qoYFkn8Echg7kQwo9ynEGZV9OPxfNAK32xDkQP6m04g==&nojs=0&ix=0&t=0&x=1600&y=1200&wcks=1&wgl=1&cnvs=1&os=0&md=0&bb=0&pl=Chrome%20PDF%20Plugin::Chrome%20PDF%20Viewer::Native%20Client&lang=en-US&pf=Linux%20x86_64&cd=24&0&pload=104 Page URL
  171. https://517s61.reminews.com/dannig/common-player-arrow/index.html?var=1541501&ymid=211203112268680b23b41841f7bd7df77aed&rc=1&mrc=0&fsc=0&zoneid=1601571&tburl=https://play-vids.com/?geo=nl&proxy=true Page URL
  172. https://kneeansweras.com/afu.php?zoneid=1541502&var=1541501 Page URL
  173. https://kneeansweras.com/?r=dir&zoneid=1541502&var=1541501&pb=c988daaa13007264bb888dd3bff3860f1638555776&psp=OlRRi6ZPaeJ6DSwbX8WYlOpn5oTybFpucOTX0UHkhyXw5XeRlG_KNPY5Wspe__Bxrti-tanZdsqJrRufnj_HjFoGYPtxb4KWefUWwJ1h3fUekxmZto0QuxeipXLrQT_W0REYCcwyuHM7vD9IM1H5y4M29KtOnI1gYRKEuscGb0Qe6Vpadcl74_kEGlMJHDe72zSfMBg4jH7iqHIrjuvtpH9K9PxGjg0YBa63s7gRCKA1vxTEP39etFaxNs91zgI9IarcV9QisqDupneIj3Xt9ih9tIQf3cvuri-oRtIHDULZiFeEYrynw4yrNBWFbskdcZ53JGh3iTv0oelKMk0aMPUFuDf7Bj-qtaCqYkWlqtdkPC9I1TfFo8WcvlNAdXxvtGuWknFmTpQQGpdgmvfQHd17e4JGzng6uMNR2qAyL3G_A5zCFJD4B5NkxREiRziSEvfCObvBaq9xfKODbWSbGv8-lqOHtiJgZmH5yGTqdWCHtlQ85X_UTKHsYbZxW6narlREBO0qB-3Niz9kYdzX52HqbewadZ81Y5oAxOgFPYIXd3ieGh9Z8kQZd6sK-PBBi3ohf2Kk77JJrNwQ0dkSUhXhiHpCFi1kFZHakjCpMtIvDlXtA_GeEtHGXDmrBFQl5PgNXAKMrggmjn-yraLqQxYd20vwADw8ntgSbZM3VsI8Txm5BOayEw==&nojs=0&ix=0&t=0&x=1600&y=1200&wcks=1&wgl=1&cnvs=1&os=0&md=0&bb=0&pl=Chrome%20PDF%20Plugin::Chrome%20PDF%20Viewer::Native%20Client&lang=en-US&pf=Linux%20x86_64&cd=24&0&pload=102 Page URL
  174. https://517s61.reminews.com/dannig/common-player-arrow/index.html?var=1541502&ymid=2112031122dfa3d4fbee8249b1991f6b6f4b&rc=1&mrc=0&fsc=0&zoneid=1601571&tburl=https://play-vids.com/?geo=nl&proxy=true Page URL
  175. https://kneeansweras.com/afu.php?zoneid=1541501&var=1541502 Page URL
  176. https://kneeansweras.com/?r=dir&zoneid=1541501&var=1541502&pb=5a5d9701cc59d66a173b2b9019d7a3771638555777&psp=Vub5bg01ctBBvMrJSkBHYdhxb7DdpL3WQ0TDFz7fVQzqLPRA01Ap0sHk-niL9H8M_qLgu9Vb94d77WSmPwpZ34OMWwUA8XVSnf8NYcYUlk7Yzuamkm2w5r5VJQNpg7mlBUpd-__W3cdhyoCl2MZgt01ENdo6YfgOZmYhuYRbqWrMqnPaW-d2wrNfPkSzBN69DH-sc33hRAlbHKWHvKCwn3mdW-GuO0BUztpQWLnogEtmLnk6W2vFDelC74GGEK3ToPN50RgjzgD1s8lELNtmBcqOrVTDXRhyPiehMdc3k_5M64EXnVmwxcURhPSlnS41LQrWG-UdEx_OpmWbe5PW_UhHtNXIYLPf-u3zzOR7s4EECpz4SIjhLPZ18-HctIEDGYHquN_Ix-gLyeyqDDJsKj7Jwdk56I353liPLZJ-050gZhvjalro0m1VVZncN7N10FoEJhuxLR4NPtthnQjfTC-HCaMiau86KRM6KAQ7gTsZ25PdqK2Ms_v8Y4mECeL5aqkIjXnuY_WzoUyMGHoEpjoexRJiM7ndnfSTRTvgSg5abxNm8gnv6LXjfmCtdNpAXFdf4KvG3Sdx58O_8TPOiNQHl57vw-2GFMEv4qJE71863rbot6VjNsMoT7M6-D8-39wylrnf6ek3_Fny42gQB4NJt3NJnnAePBox6dD3KcztSfnH2BLFog==&nojs=0&ix=0&t=0&x=1600&y=1200&wcks=1&wgl=1&cnvs=1&os=0&md=0&bb=0&pl=Chrome%20PDF%20Plugin::Chrome%20PDF%20Viewer::Native%20Client&lang=en-US&pf=Linux%20x86_64&cd=24&0&pload=101 Page URL
  177. https://517s61.reminews.com/dannig/common-player-arrow/index.html?var=1541501&ymid=211203112213416afdb2a64043a69e60397c&rc=1&mrc=0&fsc=0&zoneid=1601571&tburl=https://play-vids.com/?geo=nl&proxy=true Page URL
  178. https://kneeansweras.com/afu.php?zoneid=1541502&var=1541501 Page URL
  179. https://kneeansweras.com/?r=dir&zoneid=1541502&var=1541501&pb=5a5d9701cc59d66a173b2b9019d7a3771638555777&psp=BGnga98JaSYPjoDzUct_aPxDPxYOl5yP7tW9Bm544sMr870CBulTJ_eP1tX8A4D8AkUwapjMseqaaIZLyVnk_Ys9b_EYbP5kXH8J7DU6P-aGnBaJaUmjvtii3Hm8V8l4EmmwZECE3PELf6aG3sV8hMX5O3bPfIFJKhiKcozzjwnSElevWytVrprYsngBtquG4JXHO7-KSpsNBgz-4VQLv4tpeNeoSZHxqtZ1GK3OkwADVR64lZ20As1OnpgR4GwjDsJhxOrRkhMh-XRnG4GYKbXFkuV-t9yaE_oqlJQLTb6YNJ3c4IG3Q7C9ZD0xEGJr0QJdyporpGZlVqDqVw-ra1x6eJEHKRG9dz_IlekbS-raW2Zref8DraxSOesxcT1uHw3EYk3pZi6Izk-UCZu_v9x5UgAp5KJSPJzRJ7ewQC-WGtjBz9J8g9vh5syRICkTqX8TZ_P0eL31L-mt0p1gFd_Aog67-dm9zMsRjaGrXPmwQAXAEIunlB_crqjYykXNN8vqWYpFiGLv_AWewm7FAcPd0FWcXyx2-HHCM2UFC3E8cv_-TBcNMBk83WUCJqHbHlT71JkvNkwo2kXag0hgKcjQEQqFGnNc_yvGcuwuDnwTa8rtHY4UF5R4nLkB-gMoJUbmLZi_aFptFOkhk7f0-WXO8Rrf7qTdc8XUulV7JyFIRmF8YOsHUQ==&nojs=0&ix=0&t=0&x=1600&y=1200&wcks=1&wgl=1&cnvs=1&os=0&md=0&bb=0&pl=Chrome%20PDF%20Plugin::Chrome%20PDF%20Viewer::Native%20Client&lang=en-US&pf=Linux%20x86_64&cd=24&0&pload=102 Page URL
  180. https://517s61.reminews.com/dannig/common-player-arrow/index.html?var=1541502&ymid=21120311228b5ac456afbc48ffbb44c3414f&rc=1&mrc=0&fsc=0&zoneid=1601571&tburl=https://play-vids.com/?geo=nl&proxy=true Page URL
  181. https://kneeansweras.com/afu.php?zoneid=1541501&var=1541502 Page URL
  182. https://kneeansweras.com/?r=dir&zoneid=1541501&var=1541502&pb=5a5d9701cc59d66a173b2b9019d7a3771638555777&psp=1n0pVODsIxv3nwsPY-DYNuszSTE88gm6StAB6YeTeWnibDvqBHZr50SgMoiekGqOMZHuuRu4OOCNTvQbzjUQfo81o0SuX7RvhURyJRE2U88OpGNg-MMI6Vyu9DH_QUVu9F5weQw3kqui1KRrTBOIXi3uqQ3TqLTHvWJremgm83V9g3Xq-bWSITEn-AAFOd4H7qRD78rRd83y1xgnX_X3DRuHD5Ft9EJfHrN2sRMKwjykaLNT8_xYzgrkWR7BonmtUcwfpd38DrGjvr1y-gTJkUr4F_nA4OklybQcCqIul0uU8zwSJ1ZgRZ1EMsjj0yo1yxS6QtuJ8wxpyJHb_heg7S2XQyo6dUbwoEdqAGYIcwEqtmUtUtSh-OXZ7y19nmmJxbFhJ4i_yx8_sVNxQa73VliU1beZfnS1QuSFch93pI7go3_duK5OGe94JeXuGzjs7IY0tCmVno6N2_UKH284yQIGMQyQ62cmJHi9XPObxg28JvU8p93uPjt5aLzGXW6kX-KdhxkrZmmcq12YFTIdPHQrwIOjhCtIxkoNp7xkLOIXfSV6HqSrUQsor1FGk8BifG4MkRL-2TCMYVLcBtW2C6eSal8v4kzDk98Q9dC6CcxBs5R4dRYmRn82SnDiXGK_x9NiIhyL0T-kv0AfnqAt73w9fLT77982EkbWnpRLSdgdTBAl-NZ6Jg==&nojs=0&ix=0&t=0&x=1600&y=1200&wcks=1&wgl=1&cnvs=1&os=0&md=0&bb=0&pl=Chrome%20PDF%20Plugin::Chrome%20PDF%20Viewer::Native%20Client&lang=en-US&pf=Linux%20x86_64&cd=24&0&pload=103 Page URL
  183. https://517s61.reminews.com/dannig/common-player-arrow/index.html?var=1541501&ymid=2112031122cf6d9f57afd44a81a8679f4063&rc=1&mrc=0&fsc=0&zoneid=1601571&tburl=https://play-vids.com/?geo=nl&proxy=true Page URL
  184. https://kneeansweras.com/afu.php?zoneid=1541502&var=1541501 Page URL
  185. https://kneeansweras.com/?r=dir&zoneid=1541502&var=1541501&pb=5a5d9701cc59d66a173b2b9019d7a3771638555777&psp=mxKZ4OxWr3qXnU80vkXAkNjsqV4Eu_Xw5-46ca2ta89Pewg-Kg4x6EflgmcFC_K0KTQ2QlDkNcnenn5qvTGKw4UKhvNubdzhPX5oHBCHXpsOA9zly9QR_bHHYvjwIMpKwWNfEj9iupQ8jYQ6Xjf8eO7yq8gY6QxKzU4S0Zm6YypvRio58fgdZ8VTe2YlJJs4vRVgnZP4juJImdEW7O87PZ4dhAmFhPD10oagJ8cNze6lB4ZTDFrng-xLLU7kmNDjKHL8fBzyEtTg47TBzaEzvGaDIIHNu2jwwgVfl68XsRFUDdzCqVlf8uhoYs4fQEQMIlKXuNKkHBcF0mE9wXKRTACdMXpu3ZnE_h2VH5PhQvFknaqaMAtOah31EvYN3uNd7MyoxZ3Nh4hV5FAM-MszEAm11AAAlmpbsjhuX_ki5wYlFUNznji_LI3gXtuOml0ARveY6phRz8mziaYcq4Tnfg8yRYAkatvIeKBWx4am19T3-14ZKmEzeA0yGKsEZG8DoxizrSDTtGDPVWoFI3XBj3YQhgaqG69N4KNFZ5sAa_k3In302V9tX_JxJfLOttta5fGWDvFqRGSzc7Ab684XQBjmmtspH3lYrY1W13HVAx0n9WKrGUYQxFHTg9qh9xP33uZXGKeDdevrQ9hQdkElCLYrujiRNLpsdoBIRvBBhlav46HlNgOcYw==&nojs=0&ix=0&t=0&x=1600&y=1200&wcks=1&wgl=1&cnvs=1&os=0&md=0&bb=0&pl=Chrome%20PDF%20Plugin::Chrome%20PDF%20Viewer::Native%20Client&lang=en-US&pf=Linux%20x86_64&cd=24&0&pload=101 Page URL
  186. https://517s61.reminews.com/dannig/common-player-arrow/index.html?var=1541502&ymid=2112031122677a493af01c4411a7ac5e3dee&rc=1&mrc=0&fsc=0&zoneid=1601571&tburl=https://play-vids.com/?geo=nl&proxy=true Page URL
  187. https://kneeansweras.com/afu.php?zoneid=1541501&var=1541502 Page URL
  188. https://kneeansweras.com/?r=dir&zoneid=1541501&var=1541502&pb=7b8130b5790921f3eef41f1919b9337d1638555778&psp=kqN97rnExeTkJFgPISu89hq01dRBIndnZ3SywHb3KLTYh2ifCcUNXAAP3RfXNZMzwahsSHUge8TJT7_tiEp-rY00Ry1XXZUAKMpusxnwqWLDghRs-MJcJrglFlDGhr2mmF97ygT5Hf5wg5_aSAaxWo8DVQGvBZZSU-nDP-A1JLD7zWnlLktYlDj7t1AcZXavYqho1HyLdCpa50eBrntW3H1qEVPkIMdr1zposSPfpcAPbLmShlsPeF6S-phkWiS3dnJYugst_WqbNoAbBtrShVW3Apxoxo29b0nJ5VDc0PNYaCJMM4N_cTFGSsCWzQbhpGGJ9qPopa2FvoKkqHC2_9QN6V0rXV7F_DIraeoMTiqisYw-LlGtrAljOS6BYIWlp--db3SZCy-NLEf_Ruias-8HBEn7rJU5RaZMbZ7Cv-0Zy8aKFykqxgTeA-4GjGOW9XTjeQfEg0tpvLwywKAD-QNkvDkQnoQ0BoCAbc4oewkeKCWwbJ4m9UMVcjqz5qtzFifMjcS1fIlT6TeJVL-lJf9273e67LOa9MT_9fY67NB8hI2eHZBGwX4HZBi2MEG7dZBQZaWQOfi2Zc9LPUbOcPP9g7VBeka82NHI4WS2rSq2JnYvWL-xOxz8MoiEWejL3ByTLBeFhD7Uzr9zzqrybcZ1be3H4luM6YsZsS4i4-Stk60jIzSXqw==&nojs=0&ix=0&t=0&x=1600&y=1200&wcks=1&wgl=1&cnvs=1&os=0&md=0&bb=0&pl=Chrome%20PDF%20Plugin::Chrome%20PDF%20Viewer::Native%20Client&lang=en-US&pf=Linux%20x86_64&cd=24&0&pload=97 Page URL
  189. https://517s61.reminews.com/dannig/common-player-arrow/index.html?var=1541501&ymid=2112031122d09078d88cec4d15bc9ceb00e8&rc=1&mrc=0&fsc=0&zoneid=1601571&tburl=https://play-vids.com/?geo=nl&proxy=true Page URL
  190. https://kneeansweras.com/afu.php?zoneid=1541502&var=1541501 Page URL
  191. https://kneeansweras.com/?r=dir&zoneid=1541502&var=1541501&pb=7b8130b5790921f3eef41f1919b9337d1638555778&psp=IHwe7hBnFUQzpKo1aF45aeGngXRwyHtQtEtce6MDvDQqXR-QjpAQkzpUvJE9r0zbJ2zEdwssjLt_5Ekrlf-IjdfUQdnWDLKuUSQ9_abOAPhrLtZ-ApVccJekk1J14C2J9h7YHqv1Pds5oKT97gSPWRcXQ0CuQzVEyarCWfWr0zu_3e5xq4uuHN4S4I3Txgni0VRyxvjRl7tztFd2Jly9Padwp07MWU1VIbk8PK-pPl_8rAaHA8PAMVp3Ag8gI9p7rF48ERFAp2cRYwwdqPmQKpGwkpiy14ypVm3WgT43g3TzlK9gqvaCOP_kHpf8G8HPvCTT8OeJAfQcflGujbLhpuzICGOC57-TB5Op4nebkrCn_3KDaBl_lICK045ygaEq8jYEbt249IDD8e4JHUY5DmM8jQ-nP9upzwAYH-i8cCH75QuAD1p8wxyH7tJ5uUDkqBDdUSeDHVkIBHX-142MaZyG_i48OHjgFuCLxH9cdFMKVmHHZCOjeORVf4NdVReHZ4JuhHpWUW4gLIze3kC-PjiBwKB6SVmtWdxjuDrSHblSsVlvoGx47-1La6zaO-tGWVqnwq1nJeuqFamAcLjdES5c_LY7rPYF-NCXezWj30FxOuww9A46m9X781IIQAhNHtjfR-smwG-NF8lEW6IXisSs97_-DGZvGLoy-GrH8dkMuqvpwwivig==&nojs=0&ix=0&t=0&x=1600&y=1200&wcks=1&wgl=1&cnvs=1&os=0&md=0&bb=0&pl=Chrome%20PDF%20Plugin::Chrome%20PDF%20Viewer::Native%20Client&lang=en-US&pf=Linux%20x86_64&cd=24&0&pload=103 Page URL
  192. https://517s61.reminews.com/dannig/common-player-arrow/index.html?var=1541502&ymid=211203112220e806003c5b42a8a650f38e2b&rc=1&mrc=0&fsc=0&zoneid=1601571&tburl=https://play-vids.com/?geo=nl&proxy=true Page URL
  193. https://kneeansweras.com/afu.php?zoneid=1541501&var=1541502 Page URL
  194. https://kneeansweras.com/?r=dir&zoneid=1541501&var=1541502&pb=7b8130b5790921f3eef41f1919b9337d1638555778&psp=n_15Cb4HHON_3bjCFmTlvdRnI27Eu3W9BlRvhhfu1xoWCWzXNYBQz7DN_EaweIVSJ5B8kLcnyiqh4y63bLCEGRGPOiPtxLWf3-uhdWr6EvXR9DfXVDwEYxMSSslQ4uoNydZObjO5uGaN1m8Ukli1E0AVpRItly5hvMhlBHQmVx0MUZCBRWdqx_gTuOoADeL_61HMaBTvXb1tXWTrYnAz7PIC9DGDJkSMpZSh-XuSbmQ-vjP0XhOlU3R2nZsLcgX67HeW79IsuOsNIaOxm7_B-T1lPGJyM-cQYCjdZLBmMO1NM4ZjyWrtyvEhXWXTlKdTuWitz-bKhcvE3wlWNRCdt3J-_blikEg_4HKDjQ38fDfrMbZ14UehPEKxJ_x0st7PUUFGCgmSFn6Yd1E18rCEC3X0LSELscWNgMLaGQl6YiEAc0FGkmqeHZyOBxkP9P4pTs-T9NVzXK3Q85IT5yQI-8qckeelpBmBVkdnZsiyzeoaGj5mdngGc33J0pE_9DCdpuHb6A7zup2cLMbimMQQMj00fVuBakp29afKMIpyAbQMfHPr7WqJuocAJ9bYMErFzeWAQwjMsWS9XG7oGjbh5whlZ2x5NR2kqLkTxo6wbeEvX7sAC17KAtTZxHzhxkzbZ5QaRwycX_yZMXA2JHShtEi4vgJItvuiaJlcQtU245ilnVFSQUu1WQ==&nojs=0&ix=0&t=0&x=1600&y=1200&wcks=1&wgl=1&cnvs=1&os=0&md=0&bb=0&pl=Chrome%20PDF%20Plugin::Chrome%20PDF%20Viewer::Native%20Client&lang=en-US&pf=Linux%20x86_64&cd=24&0&pload=112 Page URL
  195. https://517s61.reminews.com/dannig/common-player-arrow/index.html?var=1541501&ymid=2112031122d1cb9f748ac64850a959a59987&rc=1&mrc=0&fsc=0&zoneid=1601571&tburl=https://play-vids.com/?geo=nl&proxy=true Page URL
  196. https://kneeansweras.com/afu.php?zoneid=1541502&var=1541501 Page URL
  197. https://kneeansweras.com/?r=dir&zoneid=1541502&var=1541501&pb=7b8130b5790921f3eef41f1919b9337d1638555778&psp=7j76XnH5wPK4RXgrLLZ2BgXGGB6wty_GD9ok8Cp_Xrh_0cmmTv4A8HWH9ne99vGCJ19LxeYi0MFyTx3wO7wcNBI3U_WzOATT8bbeNTZU_8vJBFBK2qTEQsgXE9Yz9Lw9PY5cciOUvBeJLAXZXGT_4hkzstk_4SXKsGgeBV9odN8RgLjMlREzBHizpO4_p2c0NQC0exxt4ug--9TperAcgQFAGmAP0tPwOu4oSj_N15uLc_2GEp_1KDYlWPC8lDErPg8Y4KsWpHTdv0AfxJ-4fFJyNA0W6fllu1uUTjQZzw1gfbXYXZ-GyUPysdooTqpCS7hmxf48nC_lJ-k9FwHwm7Oq14KB_43L5v6WfhoYkxxgSME4aUSrkp1lbGlsPT0wTyMlwn1V9gmR7pSRooNzKN8nBoJgjAf8dDbVSBH8_tf1kPhlbIkYiwPLnuinFwPSMTwMmuH4uz3EwWluXFveFSwrRsIzzJgb4A6UoCax8MwWYwzvypawUwmoFdteTU0Ut4A6g1kjTua9UcWQ2-EoFLPyQVuhhjTeaxcM25wdDpyFOhFBOVEHDZMd5-yL4m9vg1Ol3GIvfJUE4PN5_64s8QZH-Unn4hg04U_7UML2rxI63gKZXgt7DnoKHH54C40Vdc0sgcejz8dJRwADQwkTg_wwU01xiAVCBjsmRRQCTM3bllrrSc2HEw==&nojs=0&ix=0&t=0&x=1600&y=1200&wcks=1&wgl=1&cnvs=1&os=0&md=0&bb=0&pl=Chrome%20PDF%20Plugin::Chrome%20PDF%20Viewer::Native%20Client&lang=en-US&pf=Linux%20x86_64&cd=24&0&pload=101 Page URL
  198. https://517s61.reminews.com/dannig/common-player-arrow/index.html?var=1541502&ymid=211203112295837e7621f54c92a684512854&rc=1&mrc=0&fsc=0&zoneid=1601571&tburl=https://play-vids.com/?geo=nl&proxy=true Page URL
  199. https://kneeansweras.com/afu.php?zoneid=1541501&var=1541502 Page URL
  200. https://kneeansweras.com/?r=dir&zoneid=1541501&var=1541502&pb=7b8130b5790921f3eef41f1919b9337d1638555778&psp=8n6AXk8wPG08Bd43GUxdHdwLo7BdrS60yX6ZtFDvgfchUMv-K9X-CBJZzlf1P-3lBP9WN6EB55zCuvmuoHf80-iv0YUXdSEN9xhdIfV-nlU6jtjCFfeGil2ZumOXTMw6OPr8_x_LIAPDsKclsXJswnSqh3o-mcvbSUmQsLy4w7xJ28hT2lWOyRfpqDruoH9t7k2yWwpmJiFyPsCM8lcbb5v9kPY47Q2Oi1oFGjJqCufIt5U-0Z0Ly0MXPY7qNlaxRwSBqRiG1ZSXkuw8Xqne5biVXZgSzlQxkD2i5thHg9XmaumIjNdEH0cTUdV0EqnzKS8ZRoLqLiX6HLxIYrgmkbscu6TYc2ON-wpz7ivBAUVP8WWf2KAaH8M8kcLC0S0sIJPLh6H5OguUElvW9FdOgCMzNlU0N0q68P_QDCB6AdLgm9eEOufvlV0T8JS2Q0ihsnkYLhF-K0ZSCoZ9nu-IywT4p9u0qYGPuYgYTSycZ869b2pwh0cD4wBDzb2_zUHqFbPNjypl4wUgmDtYskd2wppUFUV5tBs9kabYq3Rut72UIrtqnArF10ETA4wisUrCxjnr0Hh22cHgzlhP_lAnv2rHkb2EQLfxJLrhqidTa1Q0QiTuV3kgF8HrK6fCuEAt_HlpF7WA3yGskGJ0fshjyHbUYvzFd4o074CboXjcgRmZrH5QjvpPjA==&nojs=0&ix=0&t=0&x=1600&y=1200&wcks=1&wgl=1&cnvs=1&os=0&md=0&bb=0&pl=Chrome%20PDF%20Plugin::Chrome%20PDF%20Viewer::Native%20Client&lang=en-US&pf=Linux%20x86_64&cd=24&0&pload=99 Page URL
  201. https://517s61.reminews.com/dannig/common-player-arrow/index.html?var=1541501&ymid=2112031122d388307dbbab4bbf8848896d54&rc=1&mrc=0&fsc=0&zoneid=1601571&tburl=https://play-vids.com/?geo=nl&proxy=true Page URL
  202. https://kneeansweras.com/afu.php?zoneid=1541502&var=1541501 Page URL
  203. https://kneeansweras.com/?r=dir&zoneid=1541502&var=1541501&pb=6483f6f3e4eefa151d81634c3582306d1638555779&psp=ZOQ2ppid9Zu-vgcjDVfWWBJAwSRKAQC_BV92tmORF1BKG4MyJfIeZshbndRMGCLyp3fGgIlTe6nlTiDbwwA3WOrIiunDmsSn5e5jRMILOsKFStQ6wMCQtFti489jhjLnGRgutY2Lg6LJabfjnBg_Xe66CiylniXVwrQCQdKXCJu3WGfjJGnWKgMmFzlz7bd57O1_42fRD8tFX0Rb3r3jjVkXyK7ggrxnXenzqhT_gvJ1qg001vRnLVnj2Bzuvu2-aUdV5DLo7NVDJckVpCZl2Ip9OpjpsevOheMY9SCLisWjFi3DFmtMApQd1xCo7x_C-mUiEtC7cIfiy6ktCirZFkRD_2eB3-tYvYnvcAfcKD0-al-BZ48zCIzIqxsmYgOt64Nkkffe0toXAeJfVN5dQ1oc9-KCjaMAlp8_r37vkQf2CKEYKzG0ArJspDvZViSjtx9s2J_ZilXu3ZCKRhlwMX277y6KLMoDmtVsUbcV5IjjatHjnu6aeoQCwzYvQ2AlJyVIM_k7qUOLdEsMvvflhjdhVFfDLCQa3AljeAq42oQI8TIF9TCiBLUCovK8SG-Vnz2sCPPtef3zcwExTQBGCFE8X7k_fDneAHl1PZSVlXfD3XSps8tsK3AzxJJ-Pqz0bZ14FK38xLpnUrmtB9BTfWaISd83f8FmiP80LGCH5RfSBDWu4c3kJQ==&nojs=0&ix=0&t=0&x=1600&y=1200&wcks=1&wgl=1&cnvs=1&os=0&md=0&bb=0&pl=Chrome%20PDF%20Plugin::Chrome%20PDF%20Viewer::Native%20Client&lang=en-US&pf=Linux%20x86_64&cd=24&0&pload=99 Page URL
  204. https://517s61.reminews.com/dannig/common-player-arrow/index.html?var=1541502&ymid=211203112244ef2ebad1ae43e9879cf44a2f&rc=1&mrc=0&fsc=0&zoneid=1601571&tburl=https://play-vids.com/?geo=nl&proxy=true Page URL
  205. https://kneeansweras.com/afu.php?zoneid=1541501&var=1541502 Page URL
  206. https://kneeansweras.com/?r=dir&zoneid=1541501&var=1541502&pb=6483f6f3e4eefa151d81634c3582306d1638555779&psp=AGv1WtuE2PPXk02_Gtv5weW-D0Fnxf2J3M6ZUU07T7SvNxmN6OOQfUztKBAcakKtgsCEHO5APP0etU8xsRUam2pk6_OFYCZ3g1yPTr3zxvKEgYUQnSgQJoEjF0NqDNLnklyh4jSwvVtygJyyAeNLxbAsfJ9S6YfMe2MFSXmAEGDzdKYs-ONUADlGTmto4RNj9ah9PMGuz32VveiJOREeDarXftLRPs8Fp3mzv0L5fySKwj_OJlU9Mh5NKWTZ3hvAc1z-c1LBV6cJRJqbbAAdsc625ky39uRs62l06hpEuL801mUrEPKk1UHSFKWnKPJXLRX1WQzHKhfBOrBASyiX041A8FIHJb4CE78BIwlbYm3yp1aLgrekya_Ud53ESryw9z8eXH9wvJgW0ZBh6IMtc0KcU4c-l3QAhB7S_JPojhW7P3W-CB5JEFhyTihifPEahaktdN1TULtP86JB3CDLvv1D8x8FWjpD0iQHD5BjUvfjPYudGq44Lq9ovntwV011g1rnxXMxbPb19-rET0qfL6OAmfryw6JU9Y7TOZevWz6SaWiXiSyI_0EBxLYyBRpXgth5DTFL4nAO0BN0Cx1kO-bAyH39rrYBy52gOlnlPgv_js-wOwJnND8ymRvaS6X7O-dlQ2bXsJbs_CiQPMIQJreA7IfZW_2Bq6pJXVjwc5Jg0viYU1BHCg==&nojs=0&ix=0&t=0&x=1600&y=1200&wcks=1&wgl=1&cnvs=1&os=0&md=0&bb=0&pl=Chrome%20PDF%20Plugin::Chrome%20PDF%20Viewer::Native%20Client&lang=en-US&pf=Linux%20x86_64&cd=24&0&pload=103 Page URL
  207. https://517s61.reminews.com/dannig/common-player-arrow/index.html?var=1541501&ymid=21120311226b4f37d4ccf842f7b2ca30ee9d&rc=1&mrc=0&fsc=0&zoneid=1601571&tburl=https://play-vids.com/?geo=nl&proxy=true Page URL
  208. https://kneeansweras.com/afu.php?zoneid=1541502&var=1541501 Page URL
  209. https://kneeansweras.com/?r=dir&zoneid=1541502&var=1541501&pb=6483f6f3e4eefa151d81634c3582306d1638555779&psp=0Ln9Kl3HYKhC4JFmkAkXst9aGIVrstbOPYZ-k8Bd8MIbD1H4iBaAmCSuhyDUK_FJVCtMzjrUjFw759GZU0AurdgFD9HKlHJXgnWnVdEIU5V9_ZGuRee8mTD_o1PuHGUbWSVM1tCbwMFYiM1svPbjy9Gt4b2173loOnpKWEPupvSlu4F2R5wbtY_Q5s5i_UAO7YI8m33awv4-13Ddz-4NFs5o6gHVd2Z0DV2lDgNulVuIubIKVf3UHbpaO5R39cO86q2EBQvDneIjvlPe6IcO5dYD50fx3_6gKryPkVfwuvQTa1KzPz82YZ8ldWsBOwq1Mu1KzYVEfNGKF_SEOaS2hpmUpw756yxycRr629PBlMD-S0-wXLGwkxuUWZiK6fR9rEvf5XbEi7kmdeLEwHRKF3es-7xEIVNIwCrAGIeyvR6XJsFig7ZJCBQ1soJwMbx3_xQ1h1u6yDdP9xoWzO7UrjLfueINrng5c5-6tsaNAtEAVMW3L5dH_bX3Gb5I2RSmIkQHc2VG6WvI9J7fBZr3X1RSTZCbU-7EMUALdEMAYG1qkbAxs4YzEkqEIzLGRdexe5rqwqtNuV9_Gsv5AiHDqEpJgO8QOOeJzNL41_UAqoe3CAWZZaRalR_cCaGMGUZc6sXiCe2BlUj7O97KGGOrgDk4Eau-Cyj1MxUnjR4vJTPQhK8_pqDX_w==&nojs=0&ix=0&t=0&x=1600&y=1200&wcks=1&wgl=1&cnvs=1&os=0&md=0&bb=0&pl=Chrome%20PDF%20Plugin::Chrome%20PDF%20Viewer::Native%20Client&lang=en-US&pf=Linux%20x86_64&cd=24&0&pload=103 Page URL
  210. https://517s61.reminews.com/dannig/common-player-arrow/index.html?var=1541502&ymid=21120311226689d9d7a5744269b6f1fa52d9&rc=1&mrc=0&fsc=0&zoneid=1601571&tburl=https://play-vids.com/?geo=nl&proxy=true Page URL
  211. https://kneeansweras.com/afu.php?zoneid=1541501&var=1541502 Page URL
  212. https://kneeansweras.com/?r=dir&zoneid=1541501&var=1541502&pb=6483f6f3e4eefa151d81634c3582306d1638555779&psp=amdFlu78JsPJEwYzB1aSq7M1vdB4TSyr4I5l8Qa_62k9yAmHk9iNoHsumPG_M1wddm6uTPWt3Mt7HJopo8_aL_dM2ohGl1weEhH1EAv0uu5Y93ohdop1RcJQc3iDlIubJvIMkyQEsnFjK70S54tJXgnyVyu4lYIIcRlzZD8SyVAf0zXVhU2nJkoZoMlKwYH_-vwF484TNST6rf-aK_xkQL-UtD2UMX8Zq9_5t3opemD0HfZcp3Wyztrl_Z4tF8RyyuA2i03PT1o8uiHvSuUvJ2kYaoYVlV_w8BCYRRHOajIQDke8pQtzzQBIu8LiP4ATOd146pX5rXWsC_pNrwkehM-t8rSeobU3JvvIFbFpnHP1T9Te50wqCeypV4JWjhRXuPOYZ2B1upbyvfKKPZottJyfP0dktvOoy8YILCnWrsTKeXnSZbyEXQyk0nLE5-mkTr9SlOzbHRsxsew2FuvgW9bQDIdimjGVak0BNFt_twZHLyuC2wlHeoOt_m26-HhH5I89tgOvoDq1LlF1NgINheVoVTUB1NOQs5hAFjnskkhd9ToC_YURtSwkU7eZVaq1ZyjOieabnzJXN6-8X47bwmt6CI8qdjwWJ5q5xx2v19cyz_7LoMADTkU3MT7JUMnns7onmTHg_fkMXVvIMqXn3EaFON3-DkDAPkKlMwRUQ9L2EOiu6j6QgA==&nojs=0&ix=0&t=0&x=1600&y=1200&wcks=1&wgl=1&cnvs=1&os=0&md=0&bb=0&pl=Chrome%20PDF%20Plugin::Chrome%20PDF%20Viewer::Native%20Client&lang=en-US&pf=Linux%20x86_64&cd=24&0&pload=100 Page URL
  213. https://517s61.reminews.com/dannig/common-player-arrow/index.html?var=1541501&ymid=21120311226ee94b0332af48138ff8f9ee95&rc=1&mrc=0&fsc=0&zoneid=1601571&tburl=https://play-vids.com/?geo=nl&proxy=true Page URL
  214. https://kneeansweras.com/afu.php?zoneid=1541502&var=1541501 Page URL
  215. https://kneeansweras.com/?r=dir&zoneid=1541502&var=1541501&pb=586c9fa88c368e30110ae9853b524f961638555780&psp=W3CBXbxw-VqEBkYqoL-p0WE-8Gqkn7F69URfGxVMmHyD7PgBpd__SzSj_ZvgTqt4ySLLAaKZoITslWuog4H2gONYBMC4eI55YJe2Lzlk3XBHGAA1qK5uMwFBuzX5PsHAR54PvJ_Avl3MCYSmH6qnq2YHTQQ6ipfZJjK2S6-gjvMepF4_0XjdS1gZjxqzbZftH1gJDCLsqjfw5CTbJlD7zeE5pxEKR7euoR8hO_2K7hpMAwTR3HWbWNmi40K-myRBeL1S9s2bfEQ_hSf3Cfu8Xxr6fdZL3IMNAM7Rnox9ZIT51znpUSI0R-fbgh5VaJ8DSqneuZ0ZgrN4C9V33TDuImoVU3g-W1KWHjH41-1XenT30UUvTWW1D2Pd55iw-eFNzx__wwO_ILEVdXZq0SqUtusVjnx4X3cepNS0IcTk8Q40qblL6zw7UhkmT8RJxijMX3Kav0ueanNgrA6mJACPnWdlPftK1NPrdEel34QXfmw-kwBq5x9CqL_U_DbApYlN8J6EZ2jN5wjHVGU0FHLV6TW76rjHEJPMQ40avIAFjnrUxuq9E-V8tSxZA_hQtJfiqc0xFroJSgelwdbV4-fqiBBghqMgWoCjZnyIxeaaJQlgMy-r6Zmb1mNCxmvN7Tc6pvLMAE_6QkEzuGfcBhna1lBOtGko-P9TxvtEOugCHuJjBY1cPuNWMw==&nojs=0&ix=0&t=0&x=1600&y=1200&wcks=1&wgl=1&cnvs=1&os=0&md=0&bb=0&pl=Chrome%20PDF%20Plugin::Chrome%20PDF%20Viewer::Native%20Client&lang=en-US&pf=Linux%20x86_64&cd=24&0&pload=117 Page URL
  216. https://517s61.reminews.com/dannig/common-player-arrow/index.html?var=1541502&ymid=21120311238589a6fd114042f1a4051301e8&rc=1&mrc=0&fsc=0&zoneid=1601571&tburl=https://play-vids.com/?geo=nl&proxy=true Page URL
  217. https://kneeansweras.com/afu.php?zoneid=1541501&var=1541502 Page URL
  218. https://kneeansweras.com/?r=dir&zoneid=1541501&var=1541502&pb=586c9fa88c368e30110ae9853b524f961638555780&psp=up-2fGmAL_E4Tnyg1N8L9-kEmVrqSR8qlE0AsZD-WMc7Q2Dh4QHoz1Rw-dg5-0U4FAEcLEowp_m51Kyh_aLZJiIZ8yLtdCKH-3nA516FK3pIKexWIx_g2rUeO1zSeumatYXsYG06dok3YRdGHzTv0eFL7U0LkOIhqw2ntWAmgak_VP35DOX00xaeIot95tL_P_xiGW3Aa6OhHF_O_FPEhVMw8Fbqx7Bd_MWtG02Y2ZiWJlOLBpCcFgOS1qaE-gvIUKHMph5DCoApQY5insA6Hu7nk3QP1m7dEJomRQnV-tyv7H1V25jUjtpsqvgRiScqLxtbAxnzaatNxUioETYHWpPiMJavI7rzJ0P13A6m-4K9l2SDQySC0AFsqzxjVIRP5FL-9nhyKeSehs6yyfKvKsTe7ZDyIb8VoCYb9SmkL_6JG42OpXkLI4ex884MfnnwbN6F31sPI2xexrIzHMhyo6qj_rNOKvEDjPfGIbhzDGijuFwhu9iHg8bAjZeIy7bqnTsHyDEc0raCwGWf4If-MA5lL7uKeHmq-k9W9rIde_-2QuQRwbcG65jMZzqmfHiMvNAJgDHcSWQzDRq1kNnH59LEW9afc9TQwqIBh__YFGcrR6aLT5iAP5hdfgugTngeQpMnyuDpPE7JgkHSkeODdbFzasz_YfZd1ut6vH5IQTDktQ97OFiDlQ==&nojs=0&ix=0&t=0&x=1600&y=1200&wcks=1&wgl=1&cnvs=1&os=0&md=0&bb=0&pl=Chrome%20PDF%20Plugin::Chrome%20PDF%20Viewer::Native%20Client&lang=en-US&pf=Linux%20x86_64&cd=24&0&pload=115 Page URL
  219. https://517s61.reminews.com/dannig/common-player-arrow/index.html?var=1541501&ymid=2112031123e5e1879572fe43ff9021d3b47a&rc=1&mrc=0&fsc=0&zoneid=1601571&tburl=https://play-vids.com/?geo=nl&proxy=true Page URL
  220. https://kneeansweras.com/afu.php?zoneid=1541502&var=1541501 Page URL
  221. https://kneeansweras.com/?r=dir&zoneid=1541502&var=1541501&pb=586c9fa88c368e30110ae9853b524f961638555780&psp=WVPNE4iOLi98yDJbXIdhTAiADQecDSwP09xJajdpsJtBXXyh9IPdLsLaQQ7jbBPqhNF4O-twnnvmRc6n_lprdwUS9y869dCWzwQp3o4eR-sHrxuucMJjWdakoxWGTWivkwfy4xM6RIxpdxJn6DB5TJdbh88xr4CIjbGo-f-qMjwZa9azfnYN5RdblY8UJoTDvbdZVrxkmAueeW4eMZFK_3wkjbbCM6rBpJmtA86ynVJGYvv3TAQU23jc8u-QZPZQ8pjSQWjrJIjr3EwYjZshnajR6v6F0yhQnXexbpFvaxC-0FjJRXATmMKUd5Qb8D4C04evjOgfBvUVi_jsz8OQ4KBqKS2PDyHs3o4mmESYgw9SwopireaIKmu5_JZH0s-bZwtQiVB3jGsO76_qdDTfj9FOwjINU00ta38HHtlEOO80OMa48dy_CCoz6Jfhqkp82r1ZfKXN4URXv4hBVH4bCmg9CLrgltnVNcNbMj0hp12XUBX1eQPWGchZZvJzHI-t3EAiX_j1W3YRl7hlxVXN8FmgAnGbAN3Rm54p9LafbZ8x7L00hLvBfNTY8N1vS_3JpIRzOdpFpNuocSu1WOBdXitjHswCiK7X1RoFOkKG8RALpM73nOFtV30a8SFRKvDb-WypJgJfpIeSnKtMyzsU2-3TJ-rcJzhWTNV8kMWsgvRKZ48W51IFdA==&nojs=0&ix=0&t=0&x=1600&y=1200&wcks=1&wgl=1&cnvs=1&os=0&md=0&bb=0&pl=Chrome%20PDF%20Plugin::Chrome%20PDF%20Viewer::Native%20Client&lang=en-US&pf=Linux%20x86_64&cd=24&0&pload=115 Page URL
  222. https://517s61.reminews.com/dannig/common-player-arrow/index.html?var=1541502&ymid=2112031123d83abf0c2d3c4d99b379a571cf&rc=1&mrc=0&fsc=0&zoneid=1601571&tburl=https://play-vids.com/?geo=nl&proxy=true Page URL
  223. https://kneeansweras.com/afu.php?zoneid=1541501&var=1541502 Page URL
  224. https://kneeansweras.com/?r=dir&zoneid=1541501&var=1541502&pb=586c9fa88c368e30110ae9853b524f961638555780&psp=tWWBdfRfy3jvUT-1PCLrwBnVdXAKG4_-Z4eMdVEP_CLsKcYpovfZLssEiLA46T0EPiryZL07PjfQo2vCbXKoIr3LqqSRD6wODi4TsS41O58EJuV1Tkrhz9HcvMXN2o72B3zfKRI7SWf4OptxdBXPMf5WtixdGVfNumP59sq0sFWz2ymfmesMwmcBAHiFbaTg0SV1eWydiVQZPoNVajlCQa6_aN0c17OIXTv24PRPmpaJdPdBXYeJDqzGwzXdNY9_ANOD1qk4ZQo_WeWJyZD35KGZI84_4P6b6TsFLA0Tu7UDNeSnuUEIOdY5KEndInV5bpjSSK-rngm4ax-L6n3M1tcojYOdU6LI2cvl9xJsEyePwi7ml_hk8VgIwCbsqPcXCVeNDY_qu-JcLNPrd7LQnsNpsuvoSEuYuYCKFNjAHMqipqPVAlct3rFIAJ6hbCu7P-jWofqYg5XzkT2ZiQW1jpJB370-wHUslvZ-zb5BVISKE8TMmO5YQhnz55iG1BG1uoITV4H8n_0G_rcVkP176tGgRLYEenEyEzJGTuIIcCqONyRN3iS2nI3whpxUnpkHwZ6HnC0ciqyksQ-t6RuuPhBcudAw9sgorre3rD96U_xp2YsKz10FL-Lv84fjPl1c_09qgScXNDc6tOT9XKGqtqCLqqn3FfZ2lpA-cyDXaz6ltEJ6NVdbwg==&nojs=0&ix=0&t=0&x=1600&y=1200&wcks=1&wgl=1&cnvs=1&os=0&md=0&bb=0&pl=Chrome%20PDF%20Plugin::Chrome%20PDF%20Viewer::Native%20Client&lang=en-US&pf=Linux%20x86_64&cd=24&0&pload=100 Page URL
  225. https://517s61.reminews.com/dannig/common-player-arrow/index.html?var=1541501&ymid=2112031123c2a7447c3a32451da54a90c25d&rc=1&mrc=0&fsc=0&zoneid=1601571&tburl=https://play-vids.com/?geo=nl&proxy=true Page URL
  226. https://kneeansweras.com/afu.php?zoneid=1541502&var=1541501 Page URL
  227. https://kneeansweras.com/?r=dir&zoneid=1541502&var=1541501&pb=586c9fa88c368e30110ae9853b524f961638555780&psp=WtALLhfwF0Hi4NtnLTIDKUWrCREZQFz_C3SNrzoJGuOPZIsbeLQwJnpRDdyBPFGprRZJRp5CTXSxVbeoG9VD8bHlAy-H0lc_awbl80PWEYRvvZ47R8v5fUXbzo1tGEkqkhfTstC1yBwP7uOIkhqSZE2_1wHJhN9_uWM_RyH2xvhVzSPn52xKf9aWfsY92PQ2ZxRtpyj6lq0HerttGRKx-t6oZmFsMKikYgDu8aCW0WBFKtLuvWsxF3fSPSeY39On9C1jItV8U-GqFxYhbgMoPjR9HEBBvrJnrwVJWOmXNQm_TcCOZZgkTgep3rOkHbcAUhzuzdS2bJlUmgToz9xk5fozVha7ZLmJeJrij3I4Tuj4ZOCnuoJCHJN08-_U-Dp4-1SPC83Vm76-wQard2gQc-yPJWo4u1nwNyMKn258EmEyhPEm2iOpbd7oIyYeD__jbJXb59zIj6hqK43MmXuUGhD_bC2RVrxDIeBbLdPKVlrsTJ34TkpTilJNLznirMN7_87dWpagRHD951CbW7XCkuoAsinw_RLMto7vaAgwikO-pvT_XHA8Kk4meAy_orP8DPgCifCe-LtSSvr33o2b1TfC0n9xMmetAlqfkbAo0L_pywlCV08GEyfa0kNjJGVK5aWacHVmPeoyZXHrMxxHPiRwDRv3cFd2nr0Z1jitPLDRNcbZOQNLwg==&nojs=0&ix=0&t=0&x=1600&y=1200&wcks=1&wgl=1&cnvs=1&os=0&md=0&bb=0&pl=Chrome%20PDF%20Plugin::Chrome%20PDF%20Viewer::Native%20Client&lang=en-US&pf=Linux%20x86_64&cd=24&0&pload=103 Page URL
  228. https://517s61.reminews.com/dannig/common-player-arrow/index.html?var=1541502&ymid=2112031123d2553c7dea7641fa9b2d4e70de&rc=1&mrc=0&fsc=0&zoneid=1601571&tburl=https://play-vids.com/?geo=nl&proxy=true Page URL
  229. https://kneeansweras.com/afu.php?zoneid=1541501&var=1541502 Page URL
  230. https://kneeansweras.com/?r=dir&zoneid=1541501&var=1541502&pb=c7faa40d15ef954beccbc274315a1d5d1638555781&psp=2vd2HKYi-k4hFnbm0wOd9eJRO8QM_lzqAEueJmuTfkA_SseXH0NB8dIRHCmEjHn0y-TE91el5FM5-kFzwEu4ao5Y5qGF9k7f2C0ygVJ07loFQAa8vhPPED4_HLXyt_REoERGjek2ixECQOuxp_WUnT9OraQwjgS_1k4Kxx6pIMxq9xAodaDiUcevjgu02LRNDMHPN3_vPZxxLI-4c1ZHCzpEltL_mmww007HhEObCavisBEk6lG0aKnbye4BMUIWoE5PZqO1UVV3D8NlHxhymtQQfogZZTDyfKbSaZ61iS1DYED0t5_oa-p70EF2n6j9Hksl3XvO884ntzJ80xbcGT1DkpUqD51w4oc1E_SWCei0Xfk4ZezZVJM90bMcnPWqMCAH6dwjyq3k3F5Z-QVm_Tk4RH32_URZ-H4fccyMNrDIwjMNZt230FqvIOuX8pkFct4tJOAUNu1T_ji3Cpqz5NDSLdkQnUJ-He2uj1jnP8_6FhgF9x-taOrAEtHladqEZKYinqSCAW_4F-vqEpEeQcr9a39cfre0PrpfX1WAjnn-vwnw4OakmL2184p1PD3apcmZ6ldStdEjs_Tfl3FewuekeGB-UnqaTaz2V6csAIwb04U0398a71M4fOfnqsCm0t5wBFJYhM9566uQXM6xzvzfhfiDy0wRNUVhdl8xh43-wG7NodA3Rg==&nojs=0&ix=0&t=0&x=1600&y=1200&wcks=1&wgl=1&cnvs=1&os=0&md=0&bb=0&pl=Chrome%20PDF%20Plugin::Chrome%20PDF%20Viewer::Native%20Client&lang=en-US&pf=Linux%20x86_64&cd=24&0&pload=106 Page URL
  231. https://517s61.reminews.com/dannig/common-player-arrow/index.html?var=1541501&ymid=21120311230aec5e98c9c347e683978a5c71&rc=1&mrc=0&fsc=0&zoneid=1601571&tburl=https://play-vids.com/?geo=nl&proxy=true Page URL
  232. https://kneeansweras.com/afu.php?zoneid=1541502&var=1541501 Page URL
  233. https://kneeansweras.com/?r=dir&zoneid=1541502&var=1541501&pb=c7faa40d15ef954beccbc274315a1d5d1638555781&psp=godB8b22VvZoAhZ4ic4nVWOwHKO8rEzOTcyc0mh9AVnn8axFtDTiEBJydU_CgXIaO3ycRU40h4WCuZxYbC0gwGRszBsm1p6wlfCFXEpyGENYKFnZR3lg9ZO4JS17W0YkolgzH0rIDimjYM69lg5rbYg91Ry0of-y0DU08cUsS3XZhIWMJKKpq9x3Wr-gna12KNP21nQ44xgiLxaUWTxZpSbas78B77e40EV57PEWxS93re-KYagBPexako9z-YDM8q6aq9-fpJwt7zi7y44IGQZt8SddOxfxaNo4qFDvtj-vA9bD_zOy4YfHhhrm-Aql-elTgmvrrSOLxQEDxWMG6OTlATrj-EqBRjQO0j_mgYpZPfFIwT3sCrJ-NUWVI06rvmHW_gDrjKF2rxk9NRsle55gurLr6bEl7qdM5rqnRt4UqYX-TkrIW2abzUChMoFyNP7-CXNljHJ7BoZA66pufsMTZRRnXGKliuJ1vNJ1jXW3gEvmQL42seRyZiCQVmsaZW_G2VsROZNzmL6xwdkZvP569JeQjVIS1Lq80fLITZmDYRRW3y91FxNOuS4cuFLsrMLTLJR07gHsYPWZbqu6ox17kAaia_Ptm5dPs-OcpHcKfyCv3DEh6d2rGP94aa4ewE5nERmm4iC7RwouvYfwRftcm6p1-H2ETu0GoEvNf_tN2UNPMhpt4A==&nojs=0&ix=0&t=0&x=1600&y=1200&wcks=1&wgl=1&cnvs=1&os=0&md=0&bb=0&pl=Chrome%20PDF%20Plugin::Chrome%20PDF%20Viewer::Native%20Client&lang=en-US&pf=Linux%20x86_64&cd=24&0&pload=114 Page URL
  234. https://517s61.reminews.com/dannig/common-player-arrow/index.html?var=1541502&ymid=211203112345f6b5419c0c4ea7b9f44accda&rc=1&mrc=0&fsc=0&zoneid=1601571&tburl=https://play-vids.com/?geo=nl&proxy=true Page URL
  235. https://kneeansweras.com/afu.php?zoneid=1541501&var=1541502 Page URL
  236. https://kneeansweras.com/?r=dir&zoneid=1541501&var=1541502&pb=c7faa40d15ef954beccbc274315a1d5d1638555781&psp=Js8GWnooecSY49zyODjabnPpJszlT74uluqutZH7FMqYDh9zWdwJFOqFmUvSaQC1Ij3RpetXUA4r-ywPPucPwpOGWS897FQ_52kwjYIbHznw7eLr0y6JcW0VHUgexQSo0AnUvCo9ms86o_ixRBtp61ewXO0Zi4XrS8maRmH-aJPkA6Y--6xkYJnMhsU8MB4_iOyaueZhF7CWeBfrDu2dZS1DWyu4Gd8Sf0sdNN3I1V176p-Y3ck8IMa-riRuQo7QAPFZBP46RXxJIF3m363yejfYJ217LmGsZfgbWAaKn0-_Z6jrxfTPg7o1656sQwaAuMu0CQFuB-NCGrWF9VZ39Pas8X2Rz1wRB12Js6wuFw6BaFgGpnL2FdCPmH9PLQPkVA8AN2fR4nNhWt3aqTQj3sXFjf8UT9jJ8tnutnv_WPI0R-EdXCfaEibK37IpLacHGhLuWLeu_sz8rmU9mHexDxnzzldz-fhWJoEaRebNAIDeiMchZQZ38pwvyqHWZ5qyO_JqlLaPfG1C06q9U1uPpHuIrBtO76cezzaH7sosBhZngogZMc8vvmDFcgL23m9wESH9nE18g9iAw84kg_s0ki2X_sVA6ZU-ZKBHrmr_rK4M__HDW6ZayrxHlxzR-hBdKoTuGmBChpjhRMARJ6wmiGz_CT6YANbDlQVD2mfzXLlLJv7b42p6IQ==&nojs=0&ix=0&t=0&x=1600&y=1200&wcks=1&wgl=1&cnvs=1&os=0&md=0&bb=0&pl=Chrome%20PDF%20Plugin::Chrome%20PDF%20Viewer::Native%20Client&lang=en-US&pf=Linux%20x86_64&cd=24&0&pload=108 Page URL
  237. https://517s61.reminews.com/dannig/common-player-arrow/index.html?var=1541501&ymid=21120311230705416d46c34e28a8ff3733c6&rc=1&mrc=0&fsc=0&zoneid=1601571&tburl=https://play-vids.com/?geo=nl&proxy=true Page URL
  238. https://kneeansweras.com/afu.php?zoneid=1541502&var=1541501 Page URL
  239. https://kneeansweras.com/?r=dir&zoneid=1541502&var=1541501&pb=c7faa40d15ef954beccbc274315a1d5d1638555781&psp=uPsuUfQYxR2CbdJA64_0GqxsHlkFhUNaUK_2E60Y1kuHQnZyteuwMXD0mh_aAjXdWWrYoTSChGQ_KqB5_PW3zyHnsS5NuEgkXu3wJnMpQtTkUSIfXdvIejk_sH9OBapjdhmtTwwf9b-4AGlxDfHLFTV9E-i2uuIKC0vAHWRqIeJyWZprEugofya3DiyUM5CuB0gzPtDfb0i_ABIosSv_GoK3WmuEuYrFwKoO2PY4mBO9-rBfo9_9NDhrRQqvH5T3CXw22AoCo3AjSP4UReDhn9td8k6n8owr8ZmrMco1V_np618LH0atatsnGbi6MdFxoQ9I_XVMhAE2NRzhYpjCgpHum6t0_FE5pySV6bvJoymp866Esp8RIVfeTSEuXdCkWcgzz718BRinXAtUT4LK1b4hJ5wTJwoyXvtIIDrD3MQKSa_d78TY9Plhh6-ceSeoTFKvHzhmUK_LOFw5SDBtNHD4Av1-eYBYPf0Z9MNCkmnAz4tIIZHEXR6kDFS8TeH3L2xxlsoRTu-pa3aCFM6ZUFrQeyF1ztcV98CdJWOqZUNsiWXgG2AouheKzOTw-bKtgUA1oaX6swo8BZWP06S8W8U-OizM4Inw9DOWd1QFQ2YSHjN0kDhvLXZt_bmXmn6pu-Q5mFZbU58fZlBv6pJz9jWUuOoRJW_hg_bUiobXtnIdpc82eAn69A==&nojs=0&ix=0&t=0&x=1600&y=1200&wcks=1&wgl=1&cnvs=1&os=0&md=0&bb=0&pl=Chrome%20PDF%20Plugin::Chrome%20PDF%20Viewer::Native%20Client&lang=en-US&pf=Linux%20x86_64&cd=24&0&pload=112 Page URL
  240. https://517s61.reminews.com/dannig/common-player-arrow/index.html?var=1541502&ymid=2112031123ffa0c0979d724c35b2a199dbc0&rc=1&mrc=0&fsc=0&zoneid=1601571&tburl=https://play-vids.com/?geo=nl&proxy=true Page URL
  241. https://kneeansweras.com/afu.php?zoneid=1541501&var=1541502 Page URL
  242. https://kneeansweras.com/?r=dir&zoneid=1541501&var=1541502&pb=94861bd26ff71adbec89567b22a2ae001638555782&psp=k_yu6P112CFLw8qkVq3QhLQz_FXhtrVwPcz1QzNnoLqyBTZrJ_lX8pjll6zT4NNBy5I6mlMK0MPW-NDCbYKvuM0KPGbH_wyfjQHqQR4oYxbpxCh9of-E_VPLPXIIm-Eg4e6DwViWVxXIGJ3_VqB-AYopW3umvFiv99iKtwKJQwZ2mZ_KjKYp5cYHsKe5Y0uthXbluNlGTl5xHSEaEgCZvM_nL9tAKRYzRguLw0JdTa1rB6q-Yt1N3jdH4I0XcMjcdWld3oGlEGwB_oCxdMk2YO42mL12ofP2S01ow9GyQVxLa86_1R7v5RxoKP6QKJz03KPQGYKYWe2NfEQ48flINK3nz_ztJlDz9RjTmfMCoJ9H78Ke_T4Egz6cIsn-CibO8DnERfPL6ab5C_Gc1utGvFRUuygL_nD7BphMDHCx10n45rR4zzz1aQ1NNc0xw2NRNuW6PhNhyM58Kuf1cOuDmItPjf57w-cC3MS5qlZqwa7NHe23X8NGmVIhFBFC-YZj03v8PYrH_wqWzDABI8qTR3BhwdSkrnk7IJV8szE4hBbohyoUbPG9jtlE8AmfaW-hvTYS8RGPnqOXeGy2EgMWpIJH6eZuGmjTKd9Nhc1l49v71Q8Hkxo6ofYs0fi3Tj-gUqWO7IeWyUaS_YXhLErdkkVF5149bVDI3vqDxk_-1SS7HdFWbo862g==&nojs=0&ix=0&t=0&x=1600&y=1200&wcks=1&wgl=1&cnvs=1&os=0&md=0&bb=0&pl=Chrome%20PDF%20Plugin::Chrome%20PDF%20Viewer::Native%20Client&lang=en-US&pf=Linux%20x86_64&cd=24&0&pload=103 Page URL
  243. https://517s61.reminews.com/dannig/common-player-arrow/index.html?var=1541501&ymid=21120311234eb45788fda642beaa4c31ccbb&rc=1&mrc=0&fsc=0&zoneid=1601571&tburl=https://play-vids.com/?geo=nl&proxy=true Page URL
  244. https://kneeansweras.com/afu.php?zoneid=1541502&var=1541501 Page URL
  245. https://kneeansweras.com/?r=dir&zoneid=1541502&var=1541501&pb=94861bd26ff71adbec89567b22a2ae001638555782&psp=6s0NU5mAUhzfNyUCcjrwyaJ6zDCxcB-p8Nw4XzrQhC6EhoKRRYDr5NjZk32cmD6DGLP48yAMRoLAvsPMZACNXABfNYgv0sitlgTP-tvQ2r9U2Wh9nzZ4EzBTpNxnQSbwK9E3vTApmHPNWovazhrxGDNi36hRN9YYJXzaNll5S-_xYB2eeWTVLFwnL0WnZeHI7KggzqtMPhF4Au1_xMf-VUh4mVNenWuyeqgM0ztrRTb_3UgDLCvZqv4qglfXLoXHPHvwqGzykkOLKQ42wafWkAVGqai2db9ELwWUR3SuzWlMamgQsH9sVzp-1IO-hMH3BN-4XzRCrbar6DXx0KqGuNtQSPBv8MH0u_647bS8t3BFoT6RIfR7-ZGaj-RG7JLlymVNysjb5Uk7NudhWY4XsmOuuYe7-FW_M2W3o0vEEhDJOBAixLi4lZEt5f8Rad17GQi8jazpf0LmpHSIIxnhmzWVU9lGy5cbKfFxW_rvpDJ1Fsnm3GMVROIW7DeMFgRyBCPZE_37z8-TqfGC8bP9YnIuRKFccbHSM1CV0swVVwbnGokg6CXAl2Nwv5TLkmG36z2YVZ3sPqOTZtrH1TRBzAlvOtpH-SNuN9yRVaXlVY8ps2t5I127lsnSd-rCKypguEJhkGNlA1THpM6mP74GLMwhHlJe8rp-iaKaK_PZbOZqdDr8SqVFyw==&nojs=0&ix=0&t=0&x=1600&y=1200&wcks=1&wgl=1&cnvs=1&os=0&md=0&bb=0&pl=Chrome%20PDF%20Plugin::Chrome%20PDF%20Viewer::Native%20Client&lang=en-US&pf=Linux%20x86_64&cd=24&0&pload=104 Page URL
  246. https://517s61.reminews.com/dannig/common-player-arrow/index.html?var=1541502&ymid=2112031123c4f58ed1fb0f4e7fb3f781ca24&rc=1&mrc=0&fsc=0&zoneid=1601571&tburl=https://play-vids.com/?geo=nl&proxy=true Page URL
  247. https://kneeansweras.com/afu.php?zoneid=1541501&var=1541502 Page URL
  248. https://kneeansweras.com/?r=dir&zoneid=1541501&var=1541502&pb=94861bd26ff71adbec89567b22a2ae001638555782&psp=pt3KNwBUFa6Oyfvm0fxENSVQPhJmN997GzCkDl1udnWh4QoI53szgWs3hTZUCflCln-nzW82h4n21CwxQaB4r1K_otSXWSM9N4sil4PAsmgrKxEbJtobuKTsRLGIdIoLDdRdlH-5XxqCVFweb1ayZPMCp5n-OzJAa5KNSTnuJODM9tfBk8q-tIGbKvcrdh1pDq_gefh8Zsl_tkTDgByOu34wr8xDU8STInEuJaHJGUKo7ovFkQqYO2jMvevsVqMZHlcfL6CYxSvIOBJminB9DZjYZvAh0h1siYzF3EVkRxmKifbD2dEqNW7F1-2AhYSOjn3i5h43nf5GyzpCIFLBVQ4QqF35Iy31LTchEbiiWGbAB-5HnO673NVVFdfslo937kBYCzb310vUkYf_fTNsQ4p6ApLIiXbYfwzXFksSNGp9D6-j-D6GRV9ZQXkQ3-NTfrLztKwKc7eSdof97fx4-DO7aZuYtmukLWi6whQEmfeDqbXfgtfVq3qM1wRgYeKHkazgkTeu3ToTxcnvlfqTyX8BfrqIRXssPH0OQIprM8c66jQz5Wb0V3JZ3LfSx2k63DjPK3-arAi76tgnOYWQKVNUGhAryE_4LD9m-0qkBEc1Hpb-4jfJmlW3x_aIkRAFDfg0Zl8ERzq3Rd2ydRe7VzN1nN354etgoC-TyAX_4MkS30CyLfszOA==&nojs=0&ix=0&t=0&x=1600&y=1200&wcks=1&wgl=1&cnvs=1&os=0&md=0&bb=0&pl=Chrome%20PDF%20Plugin::Chrome%20PDF%20Viewer::Native%20Client&lang=en-US&pf=Linux%20x86_64&cd=24&0&pload=103 Page URL
  249. https://517s61.reminews.com/dannig/common-player-arrow/index.html?var=1541501&ymid=2112031123a8a6adb529944b1da167d7df57&rc=1&mrc=0&fsc=0&zoneid=1601571&tburl=https://play-vids.com/?geo=nl&proxy=true Page URL
  250. https://kneeansweras.com/afu.php?zoneid=1541502&var=1541501 Page URL
  251. https://kneeansweras.com/?r=dir&zoneid=1541502&var=1541501&pb=94861bd26ff71adbec89567b22a2ae001638555782&psp=wKhOcQ3gx3o5z5yCd_7OJEPxSXktahZWhpewpxzgxF7XoJLkuTKuHbAdc6nm4SoL_VVgz3nVxCzovnzrK5zdv8L1z6br2xSmWyDz1d4dxj0nwFpClM0So2wUdixrcJ6BWqi31uKg9m5V7p-faF44pLTj_txy-Ygf7X4AQgcn9tFqGKMtWiC2WxBOLN0axZXyQpKon2mne0jx9dRHE6CwOqeq8q_tvteRDosL9jHnlFS6BsjE0CeUalExd1UWPi86kcwdcDeBXPar5yZKXs9b_FvBjRZWFrvYh_jk3nRe0vmjPR-tVFtAFSi9rULF38TBxyno75wqcL2ldmIuDSYRIA7W7YsQZp237iqkMXc9qRG_Xik7A3-kLiUJBNfvdVnl_9Ik_p1zPK5G5GI7naww1z0LR3a7HEmEgSuWUbjmvvueKSIfc1V5R9lQHYRZPbLujLQi_m4c3RhpZBvjJ99XsKfGujBq-A61Fqfeug3j0aEXOV6qHNSxwu4lYoJcO7WAOFIn_ht3Sn9FtePDQ1JBMf_tw6mPdt1ZOch1RcRHZcalXomU1hNAqQwoUfIzyapaJ6c83OYqBiXSoT5BkOtxCKeDeZj1rgYUGLLDxXeXjB1VHe4jqLrAt8AVoOK7kD1kQKbZmTtv02LJiLBAcasig4QQvcB1wGJzwuFlavDV6mFZXlk4wuMXbw==&nojs=0&ix=0&t=0&x=1600&y=1200&wcks=1&wgl=1&cnvs=1&os=0&md=0&bb=0&pl=Chrome%20PDF%20Plugin::Chrome%20PDF%20Viewer::Native%20Client&lang=en-US&pf=Linux%20x86_64&cd=24&0&pload=121 Page URL
  252. https://517s61.reminews.com/dannig/common-player-arrow/index.html?var=1541502&ymid=21120311230e62017cc5264ee1b877c7c437&rc=1&mrc=0&fsc=0&zoneid=1601571&tburl=https://play-vids.com/?geo=nl&proxy=true Page URL
  253. https://kneeansweras.com/afu.php?zoneid=1541501&var=1541502 Page URL
  254. https://kneeansweras.com/?r=dir&zoneid=1541501&var=1541502&pb=94861bd26ff71adbec89567b22a2ae001638555782&psp=bnJBKxvAA-u7gtwOaoZMYbAlzVnfJmaIYbToicPfwGaRmC6TnCXWz07HTiUTj9c5VacTIKKKXHw0OmD4TO593tQSiclrbSiSfyZ_upr1O2cF5ax04phjlfd7aTnsJ-6i04VR2j0Etum1fl6ScylYzvbFSokevm6FCzw36AOFofMlS1E-TLkkPEVvj5lePpZNZz8FMsRh82KCJVkX4DaNnKC2BUPqMfleGstpWLYSwgr9jO6jNKDFJm4FVOeG9-4JC9b6OZScdIKvs9J9-zkp9qYxDkWBcIT7ENqbURD8Wg3LbL3MPCkg_w07SV2tQNiReJ4phA6prrxbw7SZ_QHRwwxO9njo60bMH2Jd3fhW7gNuFwSXGeSfRJ0E7kxNEy6ji9afXT4UoACfZMukXrLg9v-65Cy0rOmir9EYrD3xuKtRbGS6TpoQBgBxTIBE2KGy7aLuS80iR_X42MOp-IWACDN7Z9JffQQdrTZ0kTfcRyAo5aasWkVnCKpSTmfOjItHR6CZtCghg86E_4d2ZEB9z_umVnZucOA8wE68oPbsQ2AfjAs0alMx95lU9cFe82pCRa0vTv035-alFP84M1Y9SRklB47g_dfz3BtMihB9PxGjsFGpRAOBj0XToc_yhKO0NXFe7EZnYGyB4oYlC8yNPMMKM3YoP4XrmsXPIig5RG0i59FvHWEJsw==&nojs=0&ix=0&t=0&x=1600&y=1200&wcks=1&wgl=1&cnvs=1&os=0&md=0&bb=0&pl=Chrome%20PDF%20Plugin::Chrome%20PDF%20Viewer::Native%20Client&lang=en-US&pf=Linux%20x86_64&cd=24&0&pload=106 Page URL
  255. https://517s61.reminews.com/dannig/common-player-arrow/index.html?var=1541501&ymid=21120311233e4d6e3954d04317b7efc48e62&rc=1&mrc=0&fsc=0&zoneid=1601571&tburl=https://play-vids.com/?geo=nl&proxy=true Page URL
  256. https://kneeansweras.com/afu.php?zoneid=1541502&var=1541501 Page URL
  257. https://kneeansweras.com/?r=dir&zoneid=1541502&var=1541501&pb=b9b2a3a0d6aeb2daea54738224aa55171638555783&psp=yATzeP6SECtGDHnhlokFj0n8cxTtWr25gjXZ-q2o6KBI3EY5pIMAjrTXrRgfuvuIwI_DpPyj_rDlZqWWc7o_dR_yWUvZS-sssCrAReN5q4IejGFgEjrurEo7Jif6u2uFQ-9j8EhivnlSpRqrJkHgbVygEon0LoA-ccNcF8pOhyR4F6GNHGgfjoZLlbPucKQ-k5OktIItMK6vA5oSSlrXis8wINuMY3Tya-u90duAYpjzM6HurfQ7LWw5bOezroXfsZfZFTjmXcF7_C9wfevfT0qa8PWaTKE6jyNIBLeeLBGxk64mAX5r4hSEvX4eqT5LjSZTGsrU2d2v1jc0Ta5CuUZDD28Avsi4lL9k2vyQpEM0r3xTYG9Ke4Q997W_a8p0aOSZ2jYaKJuWmDCEBmcLxEZjIpsfw2m2YzpXW0eEHgNaAgsfROWCuX6HeIPpDNfrjlb-sD1jmVQ-fuVqW8fF6rkPFdMXHRh9hIct0vSQAocMHp9I7Nb6j0BbhSuGbvOfYKXV2VhTS2J4DVBKUgSKYAlAp3QLa38adMfTkd5yK0izktZh5vY1LWm3dphKezWxj85vg5cp33KB3YTzgaUXFEtxsnN8B_66Ixqff7KfVtXKE9umsyYGCUc3pcVkOarGlDtVI7tW15cOdHHFsKhCj6BijQzswdKuECqcjnG7dHbhJMtg76d-LQ==&nojs=0&ix=0&t=0&x=1600&y=1200&wcks=1&wgl=1&cnvs=1&os=0&md=0&bb=0&pl=Chrome%20PDF%20Plugin::Chrome%20PDF%20Viewer::Native%20Client&lang=en-US&pf=Linux%20x86_64&cd=24&0&pload=107 Page URL
  258. https://517s61.reminews.com/dannig/common-player-arrow/index.html?var=1541502&ymid=2112031123694468540d9143a8a3f73091bf&rc=1&mrc=0&fsc=0&zoneid=1601571&tburl=https://play-vids.com/?geo=nl&proxy=true Page URL
  259. https://kneeansweras.com/afu.php?zoneid=1541501&var=1541502 Page URL
  260. https://kneeansweras.com/?r=dir&zoneid=1541501&var=1541502&pb=b9b2a3a0d6aeb2daea54738224aa55171638555783&psp=_YSD4thseUvIhH6Hl6bH2vf0jYC_eu1pbDB4EPnvWGYWdEg3mnX3Y-gs6u1VrCcH8P2KNHE8T0OKpWrtStFdZuFe-H9bQ8ZU2QwYHV5oNWVhby8zzH-Rz4XeEKbj6nHCo9d9zZq0SxT0WTEBWCDBNhJ9MueomESTxBCWlcGs2uRUxmARamDAT1OsqrajzY8gQYS32rhe10fedcWcDfjtwDmHXUL7XxEcuDjwnRCw9sDAQDEJ23Zr_knihsZ-ITqd91zpIPHPWS9DCFD2t2MiJ4oFw0u2tVTpH--fX_ii80Y-ErpYay2Fkg6cDe9l-OcvkrtBXCLUm50bdLgzxCyJ3L-85Q3pUpZoaXm65rT9GNCgt-Tt8W-OKuWURqSRiZ0LI4Tfc8YtrDO9I4F_VQE4fP0ufwuaXgo58YhKYBYxU6iMVV2ud64zWb946teRfxFhbs6i6c-5mWjHcJqthHZl4hBbeiaJjU6JgMMNOwldbmLKl18MV6wzNM61WGF4LjoJQuIGX1Z_NMsfzL9X-bZJoupHgt8x5bY5QUYP8a1GNA-qm-xZKU0ZIjHYNkL0r7PsSJzGPPFntGJXiDlLPKDZu8825R2h6HBGwYwlVk-PQj7wsttsqtQfcZsbYn5xejdlPsO4ca2e--mOwt80pHseAoD6foyoUWeaJOdFssqOrlW87r97uuii1Q==&nojs=0&ix=0&t=0&x=1600&y=1200&wcks=1&wgl=1&cnvs=1&os=0&md=0&bb=0&pl=Chrome%20PDF%20Plugin::Chrome%20PDF%20Viewer::Native%20Client&lang=en-US&pf=Linux%20x86_64&cd=24&0&pload=126 Page URL
  261. https://517s61.reminews.com/dannig/common-player-arrow/index.html?var=1541501&ymid=21120311231ce80a36ec5947e88d25c219c3&rc=1&mrc=0&fsc=0&zoneid=1601571&tburl=https://play-vids.com/?geo=nl&proxy=true Page URL
  262. https://kneeansweras.com/afu.php?zoneid=1541502&var=1541501 Page URL
  263. https://kneeansweras.com/?r=dir&zoneid=1541502&var=1541501&pb=b9b2a3a0d6aeb2daea54738224aa55171638555783&psp=Yy0QahBVxiyQtAtqiUnVR8S-WaREutFVpK43c8GvzHkrq59j4QZvSajMGLHhu7ghb26UNcSKAejN79n9trvxuEFZQR1UNEI9LijCMazxf1EHZaEBcs6xTwt8R26G3USzk6KOtgL9VbicFuLEGGM1UT-VYTDD0MqGJ6spMAxqIWuwO9KAexLgVJOegsi0DHYBMFfKD7GSsRgb6ZhEUi_1K4Qfvh0H7USFPPsqlJrPdv4RC3zz53A5cBvqf3d_E7ZrrFCwUDXCkiV3yu4cnpz5pBnrj9M0x8c6NLhuYnualptnWB_S2gReaYS_wmtV1Yr2j2C0hXMWKwCiX9Cz9iY_AU2pVy-TF5REovyNnCwiNZWkknIniJ1-Fe65CxwpzB1g3U1CMvLOIJzzABNPf8WrLrfYCm8Dtjm9GEVsrib-Wuv1Qr8-MJyQvIkBBoEzuDGPpe-ZgtyUUpynnKRVM0eRS-yirGVwnPL2KT5-8k8LqXw0X--Ad3hjq53B7C1yQE4utkvl_DHUPAwcec0-J_EDYpSCFFAcbTe7WWyy8A3usH8HsPArgnFPrXbDtTFW0sFi2CwcwYPaLipEvxL8a-RgCZOwDWenROGNd4LrI5M5AgYrprhMtTqGL1MM2G-swZbz5qxoRj6kvApuIArVDqPqOY4tmlCstVQZywq3rMEkDLICGcDBXNCQdQ==&nojs=0&ix=0&t=0&x=1600&y=1200&wcks=1&wgl=1&cnvs=1&os=0&md=0&bb=0&pl=Chrome%20PDF%20Plugin::Chrome%20PDF%20Viewer::Native%20Client&lang=en-US&pf=Linux%20x86_64&cd=24&0&pload=106 Page URL
  264. https://517s61.reminews.com/dannig/common-player-arrow/index.html?var=1541502&ymid=2112031123bb8bc8e663d641a4bc9099995b&rc=1&mrc=0&fsc=0&zoneid=1601571&tburl=https://play-vids.com/?geo=nl&proxy=true Page URL
  265. https://kneeansweras.com/afu.php?zoneid=1541501&var=1541502 Page URL
  266. https://kneeansweras.com/?r=dir&zoneid=1541501&var=1541502&pb=99d2679fdbee7ed704946d37ec67e0291638555784&psp=hzUJgqA7ebO_caOU9XWMz4tYDCJs2bhqkCFNs4BmOoHaWw8SwLgmsNx_WlwGKmcZlXfBxbYItP8zbR6ItOTZ3OJIu5nqjZyuPMu094DQn1xRPfFP8EXlDDPr4Ig4E9Q4TdOzpjMWM_dIyYBS08QQGc-neqjkuqaYmzOE2FOFsKqBYIYeHwk50o-ejWl8wxaj_4zd6mMilosfjLgTAOCzDtbgx08M2pgmZK3VYlHJu7bPhJTjeCNfSbMofW-ND2TCVtACYBniEAyFUjQ2cR7k8GLe9ejBv2RuVcQGh1zhWIxha8_T4Wtej5PbRecw-dyUgw9eL07jQEU2XdPz67FBXY5eyzHFfnJ9dhSc1TrjOApwGNoFomtc3Sbb7tDyHaZzEDa7Q2OYOt5GrwHo4WcIDAt7z604BTd8Vn0akLaA3YJJAeCsqKZzdN31PqnpYKwhezgF2ZUV4Oligtp_qmOu1L3JAPg_8dwOKaUSekPUwQfXPDPfCpwvrk6oNwe_1N9nF5dMpd8XW5xOdccdKLqH6Cp-Q1w51gI9tOhGshbuDjgtIOJU0GPxBqAsARVbtXCPwon10BgnzF1hBm1Ht-V9-nl-72WwKz7ypx_RYblDb21HBEb1h1kpQFHhSasoSDllTfOay6UFxJFLkuyNEG3pRIw_cjC996va0FHXxl9mIZsJx5LS3hALVw==&nojs=0&ix=0&t=0&x=1600&y=1200&wcks=1&wgl=1&cnvs=1&os=0&md=0&bb=0&pl=Chrome%20PDF%20Plugin::Chrome%20PDF%20Viewer::Native%20Client&lang=en-US&pf=Linux%20x86_64&cd=24&0&pload=106 Page URL
  267. https://517s61.reminews.com/dannig/common-player-arrow/index.html?var=1541501&ymid=21120311230431d9ff93464eb4b2df35302d&rc=1&mrc=0&fsc=0&zoneid=1601571&tburl=https://play-vids.com/?geo=nl&proxy=true Page URL
  268. https://kneeansweras.com/afu.php?zoneid=1541502&var=1541501 Page URL
  269. https://kneeansweras.com/?r=dir&zoneid=1541502&var=1541501&pb=99d2679fdbee7ed704946d37ec67e0291638555784&psp=9RjfZzpEHGv4vG2laqKlKQMjQs-S11pAoVVNOIBcx7n4N3JmROMTeQ14lAaUVaoIgJF5Znh_FDYVrC1LU3jg7aD3z51SEowHUIrui7T8xPZciGXXmQO0A6Rw9CthoGFwSyilGEdwwNewy_Tlw9hpR-wiSukt46jZZ1Gc8QHO-QKLGo2fSSrufbeERk84MiMw2HKEptRVpG1Ta0fIbs1-nkw9MiWvysKAk4Kqqyh7Q5zJ8UWP9zGHA0nRvm7Nuqvim2qeO3VJJsa6h1E3hDs79eMJhUzFLCF2INte3bpFzKOcwVSzXgryLyObX_IupnxoXNGpaTEgfbdwGwzTdzBOmFHfHBcGPqHCc-Vfke4gh9_JhbsH5YbxDusnvFWb3Y26rocrmVXjbMY0Ez7viQRvAufuMs_aqdYEOGFTpHqeo_HiIBhwM9plwba_fzEhfk_mV2pUOUSDs0jZ4jjxPXeCA_EKffcH6Q88iCgr95PjCX5uBSBvTir3Z7se1uQyioHDRWoZYO76L-b3Ur6sZTOo7MOIcGdX7fBaKF2GzXzsOg7mkeqXyrF_NtIEORRWBH44Z8rwXwUS_mMR56Kv0ATbaV5CVdGYEISI0BxqOQgdBTG_mLPTcURQkScToUpGIyRtKnPOeM6KbPSZfCKj8amvE6CvX9O6PbuFdMOWfN5KvbBj0nlqoAkMKg==&nojs=0&ix=0&t=0&x=1600&y=1200&wcks=1&wgl=1&cnvs=1&os=0&md=0&bb=0&pl=Chrome%20PDF%20Plugin::Chrome%20PDF%20Viewer::Native%20Client&lang=en-US&pf=Linux%20x86_64&cd=24&0&pload=104 Page URL
  270. https://517s61.reminews.com/dannig/common-player-arrow/index.html?var=1541502&ymid=2112031123f2c0ee73e9a7487a99c466ab3f&rc=1&mrc=0&fsc=0&zoneid=1601571&tburl=https://play-vids.com/?geo=nl&proxy=true Page URL
  271. https://kneeansweras.com/afu.php?zoneid=1541501&var=1541502 Page URL
  272. https://kneeansweras.com/?r=dir&zoneid=1541501&var=1541502&pb=99d2679fdbee7ed704946d37ec67e0291638555784&psp=oqaYyTGYw10A-qrQqFWWi45yWWcBGA9GilfOWlFUOfgeJ7mRqo0berbqwpHrOVGuvaVRkkd5lowt85SPBsQdZml_Sqy3ZtTRn8p1rEIg-OoiKZQUm9y3ZpxEOvO0kgQLcMOlB8OXD7TH0x_PWkApvNT4UMemsNwxEwMFq5hxU8i1OZGqaqAgykUH88rJSsXnFnVwBToOXxrKE8izB5i94Ta4amMWNJJ5135oZZtI5Qf5EmbZSuHTkSUMP5QqBAbI9rw7_IIshiO1Zbgl2wsrKJsun7mMsuu3N8si9UC8Alrno7JiLJiuJ4GCCEjwxHCTrjXT6Y0wwrNsVsB1IKg7uIS_SYOasK3fYG3fd-mY166NWmjPO5u44t7Ij5jjHCkTdMTP8B9XR1sWe-ChUov-JvDGtaWIEqUVIlOD4iOQtjTHp1sV236aUsp7H3e3qc7y3_8xnxbyWZLiuGwroYQ0JvYHrBYRrRqPHvLeTW6t3DfAbPUo8L4ekIXpWztzQpiAiY0lFD9LONY2zR83OO1ZVUdJ4pmSxbw-K0SSms9O_DCCG_MhoPKYvO9z1B6jhVUe1Q1NIO2YZKAa2KEXdcTuDNSM5DOck4Zs7ob8svPErB2HNMzaqjxREb33aVELTqeaegdsp-l-_UiCxPaQ0ypHv9a2ItF8MFKh4YvkJ88kjZ08epEkA4x4JA==&nojs=0&ix=0&t=0&x=1600&y=1200&wcks=1&wgl=1&cnvs=1&os=0&md=0&bb=0&pl=Chrome%20PDF%20Plugin::Chrome%20PDF%20Viewer::Native%20Client&lang=en-US&pf=Linux%20x86_64&cd=24&0&pload=103 Page URL
  273. https://517s61.reminews.com/dannig/common-player-arrow/index.html?var=1541501&ymid=21120311235d93dc8162ec45eda7ea55d0cc&rc=1&mrc=0&fsc=0&zoneid=1601571&tburl=https://play-vids.com/?geo=nl&proxy=true Page URL
  274. https://kneeansweras.com/afu.php?zoneid=1541502&var=1541501 Page URL
  275. https://kneeansweras.com/?r=dir&zoneid=1541502&var=1541501&pb=99d2679fdbee7ed704946d37ec67e0291638555784&psp=AULdnCs45UrvKwufB2fsulnTN3yFBsmETyR0SJCsURqEPu3oo--fcrXQ5gfgUealryDyLdd7ciSwCqlYUhUGcQRc1bpxHU1Y7Bmo3dP4AcDd38X-ELWpgez_YJ_uunkec3rOAkrF7PxG3Kn_6qlJLRSLV1FmP1nU9CuJmQbJ-Q1S1H8PGfPl8-XsfkKhuWHNJGHMk9xntCh8gAX_6VBfX8IZQNcJ5_P4aHMq8KEgfSiQkHMOVSQhK9PQ85v69jmy55m6MhXyyNIXiAbjwXXwEo-WexvVu9wi2zUdlnY6_vLJGO__F5pONPDvfOS9R82c4EOJbNvU74LyBgprptuHzIaa-90qqVEDn5M0pt7G7TYMadBN2Lng6K5h4wbss0Q9-Th70BtOCfKeK1N0aJep82Z_1IHkCum1rc___EDR6ZNBV7s8a69c6tT-Tjy0CaWRHglAimCCT0shEm_eQ741o12wIlHCdaqJkfPH3jsSsAA04MlRDn2FjF7r0oP0rTe6z2z-vEr0uFbZEh7Vzf7QaYJIKkNHkoMKmALw127rKTByzdg-aZ_t1fPW_7DHGwswwVqWBf4X8McWzNrA69j23-VqPcJOQf1OzvbUJ2YVfViaRknN6qxXRukhOm8h04S2XbiXPHQLg4Nxis6h8vpFTmgFMNp2gDcpvDtWvdz8IUezjyJ-rOHxLA==&nojs=0&ix=0&t=0&x=1600&y=1200&wcks=1&wgl=1&cnvs=1&os=0&md=0&bb=0&pl=Chrome%20PDF%20Plugin::Chrome%20PDF%20Viewer::Native%20Client&lang=en-US&pf=Linux%20x86_64&cd=24&0&pload=104 Page URL
  276. https://517s61.reminews.com/dannig/common-player-arrow/index.html?var=1541502&ymid=2112031123f0b63f746e6d4ad494b23d0535&rc=1&mrc=0&fsc=0&zoneid=1601571&tburl=https://play-vids.com/?geo=nl&proxy=true Page URL
  277. https://kneeansweras.com/afu.php?zoneid=1541501&var=1541502 Page URL
  278. https://kneeansweras.com/?r=dir&zoneid=1541501&var=1541502&pb=99d2679fdbee7ed704946d37ec67e0291638555784&psp=WZxeMFBNdWJQTWC41_HAE5rjvAzAXtPBY0MFxlpk3sCMzLik_0HMGDlXny1GQM92nsyJ4j3JZ_g_tom9vhUDGmm1Aeih78jEExTI678jJZx28CtSvdBEZTZuWfW6IGUYMjp4IrSMto3uQAJNmqYg4vMpKI8homZxSXJUGgIr53M7J7ZywcKeqKE1qDff_sXokBxK7-f6Wlae5iKLZMqKKV01wixayZIk06WACUirTojFjza3E6GjVASofosd2wm7wE4z3yChkTaCX-fwieQMFAYQ9kLIO6nJtLymsnh1GLa7pGaqFBfJXq9wxewBXcDynWUUyG_Gp7iNskwavXlntpwvUvHaYji256GOKMcm3cQVBksKQeGWN4wi9NoN5sK_EhF7aIyQ4T5yRpKOvc8jLfELvweQBvWXJsTeK-a-8VyjHqfaYXOlSp6llateLRXoP1LuDePD-TBotfKvgsSp9fKkKMm_XXWN1-C4NH-Pre1noMD2xxwhGyZisbFSoDKKn456gW3yW_dITzwL06WWqqkrHGK3TwdSfwSOOuI8CHWB9JYj51PpQqOdj6Hr7Fymtmkfr9F_qnU9VNTySkrRspAw7H2h3Y6Y6Q8rd0J94X5qDZ_r1OB97DMdRHB9h6_yYkGmdJcv-6K5yKvrgJx2LksVwcvbyOnCh9tvVYiBHVpooiU45OdiUg==&nojs=0&ix=0&t=0&x=1600&y=1200&wcks=1&wgl=1&cnvs=1&os=0&md=0&bb=0&pl=Chrome%20PDF%20Plugin::Chrome%20PDF%20Viewer::Native%20Client&lang=en-US&pf=Linux%20x86_64&cd=24&0&pload=107 Page URL
  279. https://517s61.reminews.com/dannig/common-player-arrow/index.html?var=1541501&ymid=21120311231318ba21eb9d4311b83f814730&rc=1&mrc=0&fsc=0&zoneid=1601571&tburl=https://play-vids.com/?geo=nl&proxy=true Page URL
  280. https://kneeansweras.com/afu.php?zoneid=1541502&var=1541501 Page URL
  281. https://kneeansweras.com/?r=dir&zoneid=1541502&var=1541501&pb=c5e7174345369ec4eb0115ed8811fdc11638555785&psp=4IirRo0dQ77spXeZatoU5fiN3A-3RXVkQDZg1KIY-7TNQBmozu1CkxkzrPYxhf3vurgcE4ySXdocD28qYKzmU3EHL5sE_OMsFXgEwX9gxuSWzzIBrM1YqC5znrGPawATSUq5b__9LScakMnOLoGxk53nyfEHAc81b0iwrLmspgTGK0KPfvLVDmv7PX2UEM8YVD2w2DdcUeWnUIV1jlioeZ6R9YCfYYIW7sx1NGlssRuiWKoax8n46KbCBgfE5MVROHTiY_A3Jpnlo9HlG5eEEz1aNFBeXdUkvGVdUH08E84naOoe7yR96zwssrpZ8uM3eE4cpUEs3Y9B-EgOKUHmD3KCmAw6bYtmHcM08wenZpsO1ZfS7PZwpTVob2Ypn7K5ejc0yAPH42CjBqtyizWsjSpZKnjahHbQe3bHoNxgjrKGtkcPmn1FkwX6uu6aR556gXFzQOO_OBgxaWtYsfBwDODDNcZ8DGrPEffx3pETZzu49SGTt3scrR5GvbsCedA0anCP-hzbSzlMFEk1a07oH2e7_LI9PnQA3a0VnnJ_Lh8v7tP-Y_UHphRZn2IjiyTVk_8CEVACKDHWB1dFDLJl0zEdXKD-YRs8QJmOFZGOXHoSqeOBiCBV6zbAWRvO_JltwbmeymRC3Q4HvbT9S9FGcJUs9SU-cK311lWlXElb_lOGd90YBGwtig==&nojs=0&ix=0&t=0&x=1600&y=1200&wcks=1&wgl=1&cnvs=1&os=0&md=0&bb=0&pl=Chrome%20PDF%20Plugin::Chrome%20PDF%20Viewer::Native%20Client&lang=en-US&pf=Linux%20x86_64&cd=24&0&pload=105 Page URL
  282. https://517s61.reminews.com/dannig/common-player-arrow/index.html?var=1541502&ymid=21120311230ae9a0d1eff24f0bad8d6758d0&rc=1&mrc=0&fsc=0&zoneid=1601571&tburl=https://play-vids.com/?geo=nl&proxy=true Page URL
  283. https://kneeansweras.com/afu.php?zoneid=1541501&var=1541502 Page URL
  284. https://kneeansweras.com/?r=dir&zoneid=1541501&var=1541502&pb=c5e7174345369ec4eb0115ed8811fdc11638555785&psp=T6Z4cAxqeh8yBagRKSzOMT_dAPFjd_6gHrjYbBKxgC9CrWfBbdLo37RTtB2AmSdxoAPlyNH7CoIv7krxv3o1j51TxKF3gwKvLX8HdTCtsVu1SPwblwLafG-RggXGRtH0JE_0Cv9bad0TRDzkqhWpvExBF12iAOSLqHAbmSN6e267MUwEUA1lOBYW0QWBNkqhrUZY9MmVrkzn7PxwGExmf-N6xHnByiN4laDx-VYliM2y1giH6Gq2q5SgxnSrJZ4VEaBcCNkRaeV5oK2ImA4fCJqHcBoklvRJsvtvbmOiM5xGkEL2cVzVcXUSX0yTizWl5Z_CLUrkBTncqJmDwuE_72jvLwRktdzQ9VXMOPdKmZzoX-53_Zg9tJZ6RAsKRHuoxEE9RgWj_gyyamo0tlTmzWNlNdcqiqAM1PSt7F4m4I7Y-6aAwf8UIhr_yC_QY71dTHcI8Rgwin3NZwmz5GdKl7Qy_aPQW7_u7aUIZXx7fcKucMIm6aq3RHIxA43jnE1SDUhV-P0W3AHZCuI3XB4B_Lu0oTmqtQTWEF526HTbhkVqzWS-YgEyRb2ljV7BQpxtZPGK8rcdAyE95MaudsBe_CvooRGPWAqqKCTG1FDFpk4X321CLGE3DGnOIk8AoomDbuSzZ2BQUwXcKhLCfNyi26l3tqtx40syyP5pNnhKhswIhIgpiafHRA==&nojs=0&ix=0&t=0&x=1600&y=1200&wcks=1&wgl=1&cnvs=1&os=0&md=0&bb=0&pl=Chrome%20PDF%20Plugin::Chrome%20PDF%20Viewer::Native%20Client&lang=en-US&pf=Linux%20x86_64&cd=24&0&pload=102 Page URL
  285. https://517s61.reminews.com/dannig/common-player-arrow/index.html?var=1541501&ymid=2112031123cd6dca9745e541e7a07248b3b6&rc=1&mrc=0&fsc=0&zoneid=1601571&tburl=https://play-vids.com/?geo=nl&proxy=true Page URL
  286. https://kneeansweras.com/afu.php?zoneid=1541502&var=1541501 Page URL
  287. https://kneeansweras.com/?r=dir&zoneid=1541502&var=1541501&pb=c5e7174345369ec4eb0115ed8811fdc11638555785&psp=ukwDyDTm1i51_TGybBOEshW8QBf_CFezPOyupnJMa3yc7fvihFRci9r4GkF8LLyfE9Ml6E11d7wGGijUxzgyz_7amkkwVvUkbhAw2R6DCOAEF5eZDLYGc12lyw8X7NreW901SJwze3-ut1a5_AmRBOVtJGNPDenaOMR8bQXOT4gRuc84VEAGv993lKC7W_xabZUydn_edh0B07dRcfcpjDRlLLJtt2cDZzGkO8xhcQYf0I0_JHip_h77hqjyjF6t28YlbGrizaWVPyfyXJX212ssPnbrkuUWQArm9eLkSMcIZl1Bni7mX25AsmLnl6rzs7P7kKqiEb-78U_a--T5DY5BVHzoGlx2wFP98B_EPW1gKdr7iowkxltroDI00nZBKonU8CM4KskXZxjowjpObDjarfDpaW632_7CQt23jDBl8-XaInz8GPjkerrGjevnqPv8IdrE9wRs5B_lvd2R9DaPp2TieQZD35iitxU9EQrJujVW5ckbVLlLY-QK3iC3dOa3eXYyyJJ9wFaoXkH-HRyQ9l2_Fya3VpgPMJRJ_uzdtyxgcS7lMOALttfVdSsomQJwoPDZlgQD3TsRqhI2dI8Ll7otl7sw0BFsKGsvs822gmJrJOL0Ovdu1O9HDCmG9syNyrpiEdp4krMdbF63c1gbuAYi6Uadix95idX9ZrbCIbv06dTRTg==&nojs=0&ix=0&t=0&x=1600&y=1200&wcks=1&wgl=1&cnvs=1&os=0&md=0&bb=0&pl=Chrome%20PDF%20Plugin::Chrome%20PDF%20Viewer::Native%20Client&lang=en-US&pf=Linux%20x86_64&cd=24&0&pload=100 Page URL
  288. https://517s61.reminews.com/dannig/common-player-arrow/index.html?var=1541502&ymid=21120311231b78fb1bf9bb4ef78fedd3d6d0&rc=1&mrc=0&fsc=0&zoneid=1601571&tburl=https://play-vids.com/?geo=nl&proxy=true Page URL
  289. https://kneeansweras.com/afu.php?zoneid=1541501&var=1541502 Page URL
  290. https://kneeansweras.com/?r=dir&zoneid=1541501&var=1541502&pb=c5e7174345369ec4eb0115ed8811fdc11638555785&psp=E_HPHFnemVJeSRVGzaGeS6BzYNiFFqi_c3BUBD9b49UUt3M9ZL91-gFadbSU9N7QW13H6XLF_unOzH8GtuOmMVXatbcNegSizEjKvLv1W5o4O_nGjEToCrSNv6_JUW0kDge22ecPuZ0nxOrl5E19sNNaWZJK--ZuONVn6cGdNrTjfioY1N4U3xUEIJADrGZsfQySlN0x-H7Zr9lh8uXt-V7fIE0mmyZdaipGqxBB3bkSxmyskhtKAQg1v9eJwmvF9bZKUjGXq2zGnapcqeV4bUECXdMQZtFY8zN1WDv871emXSIRSHiYQYoSS0Lh9t2los437XTlVLwA0m2Rme-DdzSPUHdhXDdDPHuGX5p49rT6IFuxBD9rjgU8etq30mFjJQ22gMSWi_rUPimtTWgHErW9SiYjBrqI9Y9FOajLpaYgra032bVmq39O93ecQNl0MRnFHYb8VJMTITVn21qz_ag2tuXb9U-P881Ke6oTh39YgdDAdTy03IFfIAqYWZgVkGpnfo2lxFwWYNx2iel9XCHJMrm1wt_CU-fuIjgxljTGA6969Dwc6iLEfDRgVEIO6-A8C0TBiWnOL4b6l-AzzcMBRSoRbRER5QZueE6ZO5O0G0K0XVYTnVKn5rDopjGWwcvwKtgDZUNlsMv6saLS6G5k_82JVHkvnSVO2-OgE90xyGTi1qGpuQ==&nojs=0&ix=0&t=0&x=1600&y=1200&wcks=1&wgl=1&cnvs=1&os=0&md=0&bb=0&pl=Chrome%20PDF%20Plugin::Chrome%20PDF%20Viewer::Native%20Client&lang=en-US&pf=Linux%20x86_64&cd=24&0&pload=124 Page URL
  291. https://517s61.reminews.com/dannig/common-player-arrow/index.html?var=1541501&ymid=21120311236d970b91640247c1858a1bfeaa&rc=1&mrc=0&fsc=0&zoneid=1601571&tburl=https://play-vids.com/?geo=nl&proxy=true Page URL
  292. https://kneeansweras.com/afu.php?zoneid=1541502&var=1541501 Page URL
  293. https://kneeansweras.com/?r=dir&zoneid=1541502&var=1541501&pb=8972fe0676f5560ae3c24b137e758cd91638555786&psp=_g0CjzrxsNBMcyVos0SIl62Jzm7oHDAgpvma4peAv2qiOaL255_8o9PB1tYh-idORsrelXeaBDznRuE4HUWUs5TI1QseD28Vv5krtxIYquzl3UdYzNZPGLY0QMDP0oAEOEjGw6ly1z-JOQwMIDWJezPCy5MHpxFEn9kGPu1_w60wdt4oC_T3eA_c1IMR2WRxQAeV_df7BePlxU3j_RdyxUQSViXrGSzud3TDcasJmd-CD0D1s59Nn618rX9Lt3x3MuNW_hd4OEl-0WeSCYHbLj2dWlwdG5n8Py-P80vxC8tjxZe-hHVxQAmGiIf5BTkPwXmr2SnCUp5tS0tifQsinQuim79N7-hsWDBnOWl32KXaW4Opz0u1i6Br99-GsEwoMV5GlwsoTCjKX7DfCX15v2GjLuKHgSB621Zklh0eW5ylEMSCIDj8zhLtaAUIXigjMjhD1Bqn_YdeELoKFsrn2xJZUL7MX7TRmv2D3Y4NUV-D49TpTwLwkyaKwMNdWoPsKchpQs24RddSlw6WZjdqSmvptmyLA9RXLvL2zNBUyRCtELOqKyaDY52vwyYKGNEExMUhMqQV8ojscgXBtX0j3XvFPNYv5WzcvjusyP-0tl9IpxLA_JmYDvyuU85XsHXtH9y1JyVMd9fbPJ6As-AyV3U2m8-lgm50BwX-CMy-VGh5Z-tn_83Psw==&nojs=0&ix=0&t=0&x=1600&y=1200&wcks=1&wgl=1&cnvs=1&os=0&md=0&bb=0&pl=Chrome%20PDF%20Plugin::Chrome%20PDF%20Viewer::Native%20Client&lang=en-US&pf=Linux%20x86_64&cd=24&0&pload=104 Page URL
  294. https://517s61.reminews.com/dannig/common-player-arrow/index.html?var=1541502&ymid=2112031123fbd17386115e40beb777ada1ef&rc=1&mrc=0&fsc=0&zoneid=1601571&tburl=https://play-vids.com/?geo=nl&proxy=true Page URL
  295. https://kneeansweras.com/afu.php?zoneid=1541501&var=1541502 Page URL
  296. https://kneeansweras.com/?r=dir&zoneid=1541501&var=1541502&pb=8972fe0676f5560ae3c24b137e758cd91638555786&psp=T2us53jSN2cMiW0ED32HCy_vkr4fnW7MSOAxh6qVVhoVlSg1efvpNsLYBP7gy02oLSVTKVFisseMI3yLDaxBkuVWJ1wVqZiVzn5lJm2eZB8FSFfgs4blbXZBGe92xntceDDV2vMTSYnnTOeAvQnDlQ-24o_akZHGlf7_pt1PbrZIQbBluGDUICC-OfOx9MoK6PCskepEFUJRCO-2UJDhMxIh9IdjJidfCzDyaeURI8bmDTSiaPCjkb09YJLmx1zr21NFxvXsYk1l2lHNPzhxaTxmXNHFoyvIM-C9ilmZWAVn10R53xHeNe_hE5ow4u5Ffh9Am7S2J3IhPgVAZFlSdLAaNac8LV4qVd5d4_tKGDaZholGxqq34znFCoqNhFstXq66qodTq7PbOoVM8IoWa0oenwGiNo5ZEvM4dNS_HrBPHKiuE0G2qHui7Sx4f3GadActMwjXynunk8sISrQTDhd01PCzbiSbdr2U17q6WxrGF6R_1Xw_xkV5cC1oxjkdCb3sSGCSm66tCZtEjcW_SeymW-XuY2hQ7tcQmPHWFGrYtbmJ9J82gqgKyK-NYl11pYFYejkBct9T-QxxsgrKszF6VP_33yMGQpyLaHjcK7QFpT57-3M-LBr3G0M9dj6TYaIcRbrzpcjS5xpoic_t5sN03Gz3dgpe1rL8W98KgcKlTfXllQFzNg==&nojs=0&ix=0&t=0&x=1600&y=1200&wcks=1&wgl=1&cnvs=1&os=0&md=0&bb=0&pl=Chrome%20PDF%20Plugin::Chrome%20PDF%20Viewer::Native%20Client&lang=en-US&pf=Linux%20x86_64&cd=24&0&pload=102 Page URL
  297. https://517s61.reminews.com/dannig/common-player-arrow/index.html?var=1541501&ymid=2112031123e6f8bfeeb0e940fab0203b0279&rc=1&mrc=0&fsc=0&zoneid=1601571&tburl=https://play-vids.com/?geo=nl&proxy=true Page URL
  298. https://kneeansweras.com/afu.php?zoneid=1541502&var=1541501 Page URL
  299. https://kneeansweras.com/?r=dir&zoneid=1541502&var=1541501&pb=8972fe0676f5560ae3c24b137e758cd91638555786&psp=9ui9DZxdO1DeIF8xO9YiBL3gLGVoz6J-PpgRVtDKEjQOOgKYMOea6LeS9dzejivGlyOockcaTnep6PgxGJT-oKTcFN9asOaZ19Q7e7qiLXa3Ktg4_G8cc0MjqesWm717Y2yC28P51DQo0qp9FpB91Ajmid5ZhD8WJ5IYjngU9J4QqwcmHxQ637jBHKHDnKEcg1Rdu8cx23UnXhgGqCn2pgqM1sBW_eUcpjsin9i9gjg2Q8gSdO1o-TGDZts7QHF6Uze5aT1lKpEcq5kSAI5uURXwsGZMqOVy32ZnpLcDuQcrCIEAu14-aV7lbsy9UBdjN4T68iB1BI1sQLK9WUY8v10kGV46lqFO2ESEUgE3JuFx8rup70FNYIMCUIZ1oSteNVfy7K3Ds_p2gRBRdRGVsijnVTXQ2_uvOL69isKgGAHblZ4OelbGwBANi9J88ZhkIucUHbPMBsMsueKOZSMZn1s0ulOebyRN_X8y-AmGVI9j4vae6Pze2nAK64WYJ7j1kzYGfscEKshUmDu3Sj6nsiyQfzNPONGE9Fh8YU2aWdVq9Z6LILhsESCyYVAsARvzY4Sl8jopSnDzG2nxUCxBYDShLshpWukx8-3HM49IBhb67nHkn-n_3gTFcprXYJoOC7ZZAEfG2QTBAWHeTDWsI__dIoRX_t9UJhAfPWYGr2ZXZHEqBa6MQA==&nojs=0&ix=0&t=0&x=1600&y=1200&wcks=1&wgl=1&cnvs=1&os=0&md=0&bb=0&pl=Chrome%20PDF%20Plugin::Chrome%20PDF%20Viewer::Native%20Client&lang=en-US&pf=Linux%20x86_64&cd=24&0&pload=105 Page URL
  300. https://517s61.reminews.com/dannig/common-player-arrow/index.html?var=1541502&ymid=2112031123cac9cfc2d81a4cf3b33894f95c&rc=1&mrc=0&fsc=0&zoneid=1601571&tburl=https://play-vids.com/?geo=nl&proxy=true Page URL
  301. https://kneeansweras.com/afu.php?zoneid=1541501&var=1541502 Page URL
  302. https://kneeansweras.com/?r=dir&zoneid=1541501&var=1541502&pb=8972fe0676f5560ae3c24b137e758cd91638555786&psp=3o17rcs7YKKHqDPSOczDSP1_hWdm3e8vIq98Kt2c9YMfoxsXnLnQAIAZRTbtcoVczMyci-MUG2euU0NrLwawpIL8VhotGWfYCTrTleiWfX7LkZd9NzUMMCIfIEIg-c9dDLKa5yGoKjIzTOyBBu1GNd2K4yN5PhXPDF9F68mFkGD97kLIxHz-Tcm1G5EXzbBBpS6H_ttyGCKZml5wpvqHvsK0lhMdknLOmfJdgz0O-SXkl3QboVLBCK3eYXlpKN-YZkaXg3XVwr1kaHm1ipUaZKKxPbZ3J8BbQ7IZmmuhcPV7QTLnM-EGSG275Hjc2nKtGo_-mYBwbNlZRXSOeCnSIY92VMMCB6_Og0J665ME2SOEZ0qTOekTXEvp9HwEsqWtVApPe3TpgcTR-DwExv1Ezf1iEY1gj1MSGbvx1pE0eqcExWI8n9fx2d5cnspJeHlSTapIbLvL-uJhb_h3yI9FO2_RHyaCWI1wlruI_wuNWue0HiLqybw9keyRX8BQUHvwFGw-ogFWln2CBSa6tWvg7nuy1IKObmzezfAA2tbRb6KnU_LjmxsrGhl2kYj_nybjxeGek3m1uuSd3k3EN3aVNwovDwBa1XvajXcE-Yhu4PrAnYmn95MbiT9Oxrc_4Fk0yXlQebd0cvuJyJHfddIL2u0CSwuWN4nj-iwJ73dbBPWpAIBTpf8OcQ==&nojs=0&ix=0&t=0&x=1600&y=1200&wcks=1&wgl=1&cnvs=1&os=0&md=0&bb=0&pl=Chrome%20PDF%20Plugin::Chrome%20PDF%20Viewer::Native%20Client&lang=en-US&pf=Linux%20x86_64&cd=24&0&pload=102 Page URL
  303. https://517s61.reminews.com/dannig/common-player-arrow/index.html?var=1541501&ymid=21120311230f6545a24f1b457bba1e1d7911&rc=1&mrc=0&fsc=0&zoneid=1601571&tburl=https://play-vids.com/?geo=nl&proxy=true Page URL
  304. https://kneeansweras.com/afu.php?zoneid=1541502&var=1541501 Page URL
  305. https://kneeansweras.com/?r=dir&zoneid=1541502&var=1541501&pb=8972fe0676f5560ae3c24b137e758cd91638555786&psp=HXIbNzsGgmObCPfYKipgAyXHsJpzwDSQVnOrDCxkaBJNyIPyDzPaSFqMJzpWewklh4StWrYmZ17QWVm3FYH2kQXnFPhnSBNPROWk2V4BHtyl0s0TJYnXZSqopL_IlFFP89ye1KvKCGl3JP2--9KVqqgd_X0VCgbRvLVL2HZ53uUjoRWU_gL_1jr2aulKaOvyQApY0dTv766vMbPwhzYJ59ymZbfzexd4g47LSmCxgAkVCUVdQ7SMMS3i4sR6Cit7HjLB7Voi1XLnKaGwe7HqKtOfVSJey75mWPixQivmkcGtV-khOatiLHnHfcv3SxquQxwhscSgIdeuRDCFJOIi9s3h0AGEl0bEtzgs9hdJL1sMHYMmsQv2DmPJ318m4Jbn_ySA6RkT_rDCNrlfREPIMXB8dHhtNNtqW4rYXG_41Fsu3P08YDP_VnSHuYmDuCqJRUnGKJhB1JhkDg4oGfUkAv9aIq3DPrhDM81NhMCHH_vsUxLMziL3hQbpKHA5HhhN5gFoEAqpNrzEkLAY3xdHD_DSg30YyCSQMOO8Uh885rdiwt0GuraRreAKpVwQbSOVr0brrR29sCLovghU5NNPhtLg9NI6i4hlW3VmcXwkWbU5ZZZco3KNUqbpG85ksyOT-RB7qqOMszmx3U1MB1rB8JVoQbB0NTrEtts1FgN19JugskOenDRXEQ==&nojs=0&ix=0&t=0&x=1600&y=1200&wcks=1&wgl=1&cnvs=1&os=0&md=0&bb=0&pl=Chrome%20PDF%20Plugin::Chrome%20PDF%20Viewer::Native%20Client&lang=en-US&pf=Linux%20x86_64&cd=24&0&pload=100 Page URL
  306. https://517s61.reminews.com/dannig/common-player-arrow/index.html?var=1541502&ymid=2112031123e9b34f67ce37431183cdbf7770&rc=1&mrc=0&fsc=0&zoneid=1601571&tburl=https://play-vids.com/?geo=nl&proxy=true Page URL
  307. https://kneeansweras.com/afu.php?zoneid=1541501&var=1541502 Page URL
  308. https://kneeansweras.com/?r=dir&zoneid=1541501&var=1541502&pb=69b5eb3d0a49ed1ec2673bbfd6730df51638555787&psp=jGS4etGE1AA60Rqk8rvAv1QoDxNZQuBTLL678mAOZiqWRQeQbQSzIB8QfRlB5agNFMl255QtsK-TWzIFmHxH4aU1jfQQNlUmB0cGy4TCQ81du6uxJlaQZCfutvZyzIlykua6HHWWWqYaJ0v_KfX8NKu0uE6o64e8AzmlML-9dk4KhwgE5nCAk774reBBWvZUmgVNQ9uqQnkM7QkUVdMAxqTiGxprm8J5S3CBlJaWnmYNLIzbDeOgikdGRdFXCjpvTHriAH6Sjk1MMzffRlAAgKtsRx717nSxS6VQMVc7H3KawAVkp228zJ3cZ9kCEJJXo7dyaV_7flq1J-IdljSgqbPtA3OcrGwFr3x4W8LKE_7x7z3djnaQd6vNYfqIUVQUKv2xjGVHarePADJbCBmHL3JvCPRwETdPxK_yaPW6uEaRgwqfsIGmmEC8RAZvSACI9GAyvWLQFF4rNW-IFyQGq189rxUvekLwBnWAFSq6S7IWlMBrnSS3UhG7KSmUpJfIuNr0TsbDOFzP2ofl-p1pNXLf_Fv_56weXiIaqeJJ0iRxVFC_QyOu8XmLHL93XQifMd1H06Fsd7-Yc4ijEYMvAn0nGsp7-6zzR4UIzd4lfI0ZfqrVS4TcravhbUk5upEyCaQNow0GB-AGMBLL-QaoF7TvWyB74WpGhrBsJicDKUU-vu5IUKbjXQ==&nojs=0&ix=0&t=0&x=1600&y=1200&wcks=1&wgl=1&cnvs=1&os=0&md=0&bb=0&pl=Chrome%20PDF%20Plugin::Chrome%20PDF%20Viewer::Native%20Client&lang=en-US&pf=Linux%20x86_64&cd=24&0&pload=109 Page URL
  309. https://517s61.reminews.com/dannig/common-player-arrow/index.html?var=1541501&ymid=2112031123bfba04b7b2a44e8b865fcca7b8&rc=1&mrc=0&fsc=0&zoneid=1601571&tburl=https://play-vids.com/?geo=nl&proxy=true Page URL
  310. https://kneeansweras.com/afu.php?zoneid=1541502&var=1541501 Page URL
  311. https://kneeansweras.com/?r=dir&zoneid=1541502&var=1541501&pb=69b5eb3d0a49ed1ec2673bbfd6730df51638555787&psp=qnucJyJwtyQ_GMAhoqbwb5ro0XRRe7J1wRfTxwr8exivynAhHwQwfgKHcmHPBnGHVTiT3_0CcX3ZXjCRFqPEAbVIPDffW1HVd_YXcyPKf-i1AGXyIU5tyQ8uOnaQe0jVNNlEESyNhDcTbMd74I1CqkSsW8qcyHqhGMiOhmsuFeerFrWU8a4CG9AYcWL7TIW4UsIYVnM03bvKeFhtJBJLCtr__2iAqBYnQ3_Ppu0XFrLVwzoM2LbQUXYPcqfAG4No8Cv5ARCipjJYphQgfQr5loZFdiSNYIcv8j8eCq_Ex1s1ST94Mz47qfvx5Mt_8Yx7D5mlFXHgkBW89KVMjING5El_im3qemsQlbmZK2Fu97eDgJG3IBTmPhlPKuIGlndYqVNuZG7JW8G4AlwCdp61GchCBvYS9NJB091Z7ICvK0soOk5lbc6zQLUR_DoWHN1NwoC1HZOuQnfPJ3CpuTvCa8MLNXG_GsEwfHM2bA3nKStyiE_UDgBTSQKobnNGsb0V5vZ92PNfXn_pP78TU3X1buXbo4CSQ_Xjb2T7M-pZuvP-c_EbzN4BlrKlDy1fcDUp4gCtYMXLApnKSruh46VUw8QcX123oXcxudaUHObTOFzuLWyDxeq1kPjodq2RNfIhPXKEpx4jScONBhUn_tG4CDOX3oUmKjyevYd5bQc-qIXue9punY8zxw==&nojs=0&ix=0&t=0&x=1600&y=1200&wcks=1&wgl=1&cnvs=1&os=0&md=0&bb=0&pl=Chrome%20PDF%20Plugin::Chrome%20PDF%20Viewer::Native%20Client&lang=en-US&pf=Linux%20x86_64&cd=24&0&pload=100 Page URL
  312. https://517s61.reminews.com/dannig/common-player-arrow/index.html?var=1541502&ymid=21120311235d438d80f81c428e8c8199c938&rc=1&mrc=0&fsc=0&zoneid=1601571&tburl=https://play-vids.com/?geo=nl&proxy=true Page URL
  313. https://kneeansweras.com/afu.php?zoneid=1541501&var=1541502 Page URL
  314. https://kneeansweras.com/?r=dir&zoneid=1541501&var=1541502&pb=69b5eb3d0a49ed1ec2673bbfd6730df51638555787&psp=xFIvhIuh9tv1JdJvPXmm0CZPbeINiILGMQZlW9M4HRNVCpxsgVdJ8SUWpczD5F9wN9pjjbvCHNpcOHbLwbQ8NxYFjLvlR8x7-e6jwCSuc7YSjVl9QDlCuTUCVsKv8TWB7h5_go042ocRb0xwvaElU20yLtrgN49K18pDWHai6DUX3KGHrP4iN0K46X5q89riaazhnSrH7xYgEzeQNXNHuFEvrux6H6sjX6bvY_gxkvzdxDxu6JbDCsqN7aLcRNsIj0Mv9W_xx8uum-x5IOkApEL5bT4Xd82swdgzKtiaL-_7Gz4Y5bRnMkvqvojx709Qj5GtK8uR9S-POKHcETanpb7hfGFBQn37Z9T5Pse6jc6GkeZOPmXfmz70Q2TfBBT_lNOU6e7LoI_nTDPXZlzSoFxvmPPGnZ8z8n8worbPyi3M4I5yUA5kMXDYm21xDdQOxV2ARqWGalAxoKZwMT-ke3Czll6mAP--6eYtgL824IOuKN0PhNALYHw60AsDLy1QL_KHruSBjbTltQNEu5Rvx1tx70gMByFOqldRJffR-Y-Rn5cJLFaZXnWrRy6KGvPlNsas429Tg0FG6c3WbxNyR2WEHQU9V_44U8vKqFmkBwwcDkecZrEeJ197Qt50dNbmKnYtU8E0zhFUFtEJw5S7DPoTAQaMOSUZ6ueb26yzY__ic49lEkvPiQ==&nojs=0&ix=0&t=0&x=1600&y=1200&wcks=1&wgl=1&cnvs=1&os=0&md=0&bb=0&pl=Chrome%20PDF%20Plugin::Chrome%20PDF%20Viewer::Native%20Client&lang=en-US&pf=Linux%20x86_64&cd=24&0&pload=101 Page URL
  315. https://517s61.reminews.com/dannig/common-player-arrow/index.html?var=1541501&ymid=2112031123230b3a09fecd419587192fd9c8&rc=1&mrc=0&fsc=0&zoneid=1601571&tburl=https://play-vids.com/?geo=nl&proxy=true Page URL
  316. https://kneeansweras.com/afu.php?zoneid=1541502&var=1541501 Page URL
  317. https://kneeansweras.com/?r=dir&zoneid=1541502&var=1541501&pb=69b5eb3d0a49ed1ec2673bbfd6730df51638555787&psp=A24uiwbcKO7sjwC4BhbtrlD-I6fpo47k-Y_Nw5XP-KBPU_2iJgyvFzt3UK1Yv401gqkYJXOUE2rpPNuFfz5pS9pCLkBPW5HFmY5apWj-JnBoH63dh1171_fAKJ1ZneZ3pyQuf9CfBnCXGvKdPmFirqj8M8sHziHo2Y4mBCjx86DvQ-ZYn5QFuZeave_lcZjYRtzDU1EyPUZecKvnQALu2aYtvNUv41iwJI1oedY7thHXWPQ-6xD6xGXrpEUEw6njS96jP5DNzGsiKniZiUJl9H4qtgyaMWaON_uAjvg5bglYhxFzuvmHzifdBKhXdd32qvTNB52gXh2lchjv1OxpdZj0zMBiXByk_YY3tE66VPDBGhVs--tBpjVcrtIcfOrV11KcqOM_hu6WMI7l16H9uU6qc3VQKYotu3gDhc0y187MXKNkG1opwD-u84XBN_y_k3xhQAYtrXGhRDHfh9a6AIfO3gnrwmYe-og2j1UMIARB5FW33y6X4OiXYzORS5-Dg108T_cbUO0ghAmSiumh6c5WZz9GruHTieGIO67O8jnMWYODI2dVgHo5Tvf_FAI6DI21xG9DYdH7kWjT9gGAefNbFrgCSBdHv4ctqmNK7QPusgswyS-jIcXeXZSx-MIrpsl0o8dFf0HA1MQbroqTPHA-WjiBxOgw59E7es2iCMBKUfqKzmxJEg==&nojs=0&ix=0&t=0&x=1600&y=1200&wcks=1&wgl=1&cnvs=1&os=0&md=0&bb=0&pl=Chrome%20PDF%20Plugin::Chrome%20PDF%20Viewer::Native%20Client&lang=en-US&pf=Linux%20x86_64&cd=24&0&pload=103 Page URL
  318. https://517s61.reminews.com/dannig/common-player-arrow/index.html?var=1541502&ymid=2112031123562f2d309c2545fa9b1fc95910&rc=1&mrc=0&fsc=0&zoneid=1601571&tburl=https://play-vids.com/?geo=nl&proxy=true Page URL
  319. https://kneeansweras.com/afu.php?zoneid=1541501&var=1541502 Page URL
  320. https://kneeansweras.com/?r=dir&zoneid=1541501&var=1541502&pb=69b5eb3d0a49ed1ec2673bbfd6730df51638555787&psp=b9JvUmSi_sW214qDG09wa6duN_ezCWBYrfin826GUmB3Mtj9-U9AWdVlaOMSp5--57gQs_x4xAQISyr0VX-tDN5YPNGUv7umMTSu4485IomDby4NRw4pxR7HXnD-RFvRyAHFK8w7CiePOhcW94aFcJlqBpHBdhmG-UrFSnh1c2bVji5sjANjwRFIVnT6hUiqcYX_WMv7DOyk8DX_YrBHyaXxI9XKLxMMRYn8gVRjvE8KWSEwZsp2ZMowbFGDFFvykJQJrxtyGVPKnipVfYM-z6Mn_faCQrbRAubhYBZnGZz4HLTRtTYVFohjP752KzGiqClHp6HpjL3W1SmrcvSQWbPo41MmNPF6dHAwUglcHewCOZhjPqUsdrFlZczKlIsOuVdIz1Jt6dBQk-716kRA9OiRMVmoBfUDDqwnX8BWG1NWoPl4zW6SVOIOKCwfWjUaYjd8ndP-wuLSL7z2O48HshWXoIdTAekmXD3UJvNAh9ZLPuPVN81ZntPFZktKcPq1qz1TBiBYWsqZ3VBeoDy8P3_z2TlyH_HYY7T32iEjwg3eUSWMG1h96qDHbVrR-laVzppHwbm0edUty89xPGFgZ1jG7cn8oV0-g1pCtQAqEW7BuFkjIv8heJLYAFyHigALlmt0oZ_8P-O0r9NxnO8y31lCb63B5cR_59ZE5o_o9qCgWi__WDHCkg==&nojs=0&ix=0&t=0&x=1600&y=1200&wcks=1&wgl=1&cnvs=1&os=0&md=0&bb=0&pl=Chrome%20PDF%20Plugin::Chrome%20PDF%20Viewer::Native%20Client&lang=en-US&pf=Linux%20x86_64&cd=24&0&pload=103 Page URL
  321. https://517s61.reminews.com/dannig/common-player-arrow/index.html?var=1541501&ymid=211203112353cb4c5bfb87481e9eea9b96fd&rc=1&mrc=0&fsc=0&zoneid=1601571&tburl=https://play-vids.com/?geo=nl&proxy=true Page URL
  322. https://kneeansweras.com/afu.php?zoneid=1541502&var=1541501 Page URL
  323. https://kneeansweras.com/?r=dir&zoneid=1541502&var=1541501&pb=0245dd2aa2841230c0ef5fd80fe6c3e01638555788&psp=4d7X6BXhpi9w5cXR400nheDrsSoJwl047Z-TGOuwaZfxqnqoYGZ5fNysXTpaWNXs7odo1v4SL5OWjRTcSqtwdKEAk7-55HGVPYTSqfdV7Rzq0RcO37ASFF1Ox1LaBHD6xumESP3786atbzM9mYmU4qmK6vlyz-Egyyq8I-6kdS-5KQxQv0WdUV07PA48DViy9fbolj-litILD6kyBchckhc2B8o_Pcxtcl_gwfXIoah-K-4igdqDb3GL0cerAbbuYIMNHU0pc25-ccy3q2V6-92_xnOrT1rNYWjO07Oh_AiFDM_DyHl9bXc4YzrFxvnbDl01IdpJTKvEulMh23DNDEHPOY2TTYXMeK8xU5xqKcwrsuvECZqhQDUzle8AHroaiFd21qwxDuiEqQzuN9_pVk2uyt_gYVeTGvWMkipD28zxTbCqzGuyBKZTmWWh7fvvXeXyp7UeYiVbdokBJV9Hr9n20-d8CZ0oibu7FOOd8eq6C6E1xN8yGrqeHciEuBiYyCAM6c_UHG9o-KBjCdWqI2TNIViVLBu5hKpu_cyeKh-z0xVoOfql5SY5AsacfwVUwORACgXUfM2BLaEOR4bkxoGxfeBN26ettzFvOHKhth-QXmLCrhcnt61OyVXbBjiSJEJcRds2qAQEB2Zf_sJ9tmwvW-aOHoJA0V1QX6AP5m2v0xeCiNjpZw==&nojs=0&ix=0&t=0&x=1600&y=1200&wcks=1&wgl=1&cnvs=1&os=0&md=0&bb=0&pl=Chrome%20PDF%20Plugin::Chrome%20PDF%20Viewer::Native%20Client&lang=en-US&pf=Linux%20x86_64&cd=24&0&pload=105 Page URL
  324. https://517s61.reminews.com/dannig/common-player-arrow/index.html?var=1541502&ymid=211203112367b550e1ecca457380b26e155e&rc=1&mrc=0&fsc=0&zoneid=1601571&tburl=https://play-vids.com/?geo=nl&proxy=true Page URL
  325. https://kneeansweras.com/afu.php?zoneid=1541501&var=1541502 Page URL
  326. https://kneeansweras.com/?r=dir&zoneid=1541501&var=1541502&pb=0245dd2aa2841230c0ef5fd80fe6c3e01638555788&psp=rqq2DYmJR7DbSIvedp01tm8eFG3zrr_1KG_5os4hSPjgXclnXKiM9RNkXYBNV3qCGPhrlmtXex_YWF9W9IPHvSp45x2nXK73epDUyNk39qv646cauG5JiaNYXFKuYbJ2u3Qj247YkNrjOSjVRiobypskaq7xWejmXtNMFnAj-Llvth3dN2SWaqetMjy_Dk_bnD0FHPNDKKdhqcOasAmnmqh6qj69_oswrZGYE3jcwWPkBDKW0SKT_6VzUZgHHIxmypEZDzHjRCGn7-QYQgFqwnWq4L-MXa05WmFLP4Nrg3HNtZM3B0tBuGA8XjGOnqoNIpl9vpDWp5Z3ixuwE9VR_-MoLipi8M_eserDwj4pnXAKIVetglqGLZ27itMunxgWkFXKwU_zY5Tc4U99Iv9eUq-zRMmgFTqAE3DltQp4psiwo5P3tzso8uxrVfyMQq4_i0HrTZBZgrF4C_2NfVWKeyzTSDIenrXiA9wl9qIkfgmaxFA_39Swz7K8fGqgJauyhqlswFSQMztTFOo4h5DoGknz-hm3YO6G9w7Pj6ylPRz-KR57XbAWpgQ0WgNVxXBn9jzH0OSoKZSLXd0OfzjoQ8TyQ70OfiITBLf3fBVzFa13A8xKBfiowNZOjStXRyT903cd6N5jYgKQSwJBvfm_yzVI-OCzMxHKxHNBok1iZKlvUjzv-OI_RQ==&nojs=0&ix=0&t=0&x=1600&y=1200&wcks=1&wgl=1&cnvs=1&os=0&md=0&bb=0&pl=Chrome%20PDF%20Plugin::Chrome%20PDF%20Viewer::Native%20Client&lang=en-US&pf=Linux%20x86_64&cd=24&0&pload=105 Page URL
  327. https://517s61.reminews.com/dannig/common-player-arrow/index.html?var=1541501&ymid=2112031123ae80a12fb94e4bb68fb115891d&rc=1&mrc=0&fsc=0&zoneid=1601571&tburl=https://play-vids.com/?geo=nl&proxy=true Page URL
  328. https://kneeansweras.com/afu.php?zoneid=1541502&var=1541501 Page URL
  329. https://kneeansweras.com/?r=dir&zoneid=1541502&var=1541501&pb=0245dd2aa2841230c0ef5fd80fe6c3e01638555788&psp=pq0WzPdmGRDSigukVIP_VzUW5se9_503i72ATbx3rpoFrQBkSJ43l6aE2-tPlvZN9YAEw7vVtobSmtgj9G06q2ZUrUWQ-abIA74LKKBA201RdkTkkRoLC9Luy8d5poLD7jsafvdJ4nsIqj8mHKb0PKzNosb6hGF9Dle9mLjL2J5KE3dNUV-4LQrV2mrbnH5--w9Q9tLnQ6QQirKgPiDwAjuyRwU951wt9LBbAvWl08HrbFoHFpBjBOBpW9HEd0pVUUDFkRfAy04g9uKAo8DGQdURtuoWAKIr2c6dFYxsKnJXad8WVQpYVuPAMdgnXfoYpAae9b_fi7nxwTDqnyOdubMgv5d6LTV7NXDX9MXhgCv9X_Oe9U_Dcj6Ct9-MO0ZedKB8xQRQ5UvNRyBLRyC7bt6jFFLrGfP7UFPBcOnsJ1Qji-sU-_UOfvlOByMpxbbDYTBbc9mytOSDQ5egJ9lGoTpzr2zkhxDhUpHgn1coiIdJpLEqp1-SsJfyNnW7yMtl8wbEgn_MuPI_4_1lFtQCr6t7ZemwJHoGsx36QNldfqVkdWnJ-NeSeOTPorTHMcGCGFeJz2D-8tbXtfjfvMhYIfASc8vezoDIuMI5dkBZVygJs0dnmDELxTQ7HLBPyIzoD5Sfv_CBi1jCdKfERlKASDLZB7WF_1JmmAWxAMi3fu7IK3Ua1WX_cA==&nojs=0&ix=0&t=0&x=1600&y=1200&wcks=1&wgl=1&cnvs=1&os=0&md=0&bb=0&pl=Chrome%20PDF%20Plugin::Chrome%20PDF%20Viewer::Native%20Client&lang=en-US&pf=Linux%20x86_64&cd=24&0&pload=106 Page URL
  330. https://517s61.reminews.com/dannig/common-player-arrow/index.html?var=1541502&ymid=211203112352e0aa44d972492890e5a3b22b&rc=1&mrc=0&fsc=0&zoneid=1601571&tburl=https://play-vids.com/?geo=nl&proxy=true Page URL
  331. https://kneeansweras.com/afu.php?zoneid=1541501&var=1541502 Page URL
  332. https://kneeansweras.com/?r=dir&zoneid=1541501&var=1541502&pb=0245dd2aa2841230c0ef5fd80fe6c3e01638555788&psp=t0opSoAbLKxlaO9qTae8_2uElFEtguUD0W90g3wCLnbCPQXW6rg6U-YuHi3e4v-ArtresbxKp6hG_mJVkcos1QzKAG4iYddSEKleZt6yF0w-uE9TVCXW5ywRGVD3-ZHZZDQ8xeJNUsXNDN68ngk8nb5cFhNBfEicQrtJ5ciesJSXhtfIEE5QvYvt62lQdh2pcK5ov6q68Teqix6-EMNxwIWh22dXtvEYpiucU1lQ06rEai4ILCczL324rgo8D18fwVnhT2kKXx3aifSMXFOcP8JXQFeQwgEBcKFln3K-8xVgzF4nRaZ5TvvdpZ7IatpzxiPbL_jET71gHMnbk4_JQXr3_-RY3iRGe6ku0qZM6ku_aGvS-0XBfL3AhiLs5hVd-FeyRsg7hQG2Se6LYnwJf7q97L-zrGNndzWL_hy-6hvFkeEmEUcYZ0yem-rIX2YFzmVosnolp7SZ0njsbC-zVz_La9c5pkBaV-ZtK1zyIPSPmx_jM6vrK32o-PCWYdBVhUx8yqFD_fx0BFOfPqEVwG8CBYpM6dHhfoXlu-jmDtLKdMVr8h6pqoI8k0S3B4ykdv2Ci5K03fU4_bHBgFXFgsiLisAuxwIzaUOHs5iSG7JfSk_Eb63CqyHwYI7o5figyMsirSESulb0rb3Ai5YdaXkx0MXbLSdPekBIzNcqrXOWTg3KRrUqZQ==&nojs=0&ix=0&t=0&x=1600&y=1200&wcks=1&wgl=1&cnvs=1&os=0&md=0&bb=0&pl=Chrome%20PDF%20Plugin::Chrome%20PDF%20Viewer::Native%20Client&lang=en-US&pf=Linux%20x86_64&cd=24&0&pload=116 Page URL
  333. https://517s61.reminews.com/dannig/common-player-arrow/index.html?var=1541501&ymid=2112031123c7e71ced9e0640ad8d54ee841c&rc=1&mrc=0&fsc=0&zoneid=1601571&tburl=https://play-vids.com/?geo=nl&proxy=true Page URL
  334. https://kneeansweras.com/afu.php?zoneid=1541502&var=1541501 Page URL
  335. https://kneeansweras.com/?r=dir&zoneid=1541502&var=1541501&pb=495bce6f770101e310f4cb193b35e8321638555789&psp=63t-pGcfS2UQmv4AWv8i7Q3en27mmijrjxv4HEfrzDztEJHX9GzmTwd6Jbl0birxuGp4aOmCxqBU6XCDynN4k6sFIzPG3D7lDpAQLFkjwuXjEUnqixsdtF-lhWzR92ofVKmDrEprZVduBrPdUtleTIGWEeZHR_iO0ASthiuemMgXT82IRzUE8xD9PFY82yYiKkZEv7RJpmlW4mTqQfPOKuSIKCLPrZdZ8Om5LBxn-3rW3PiBK5j7riPUn6_ck0N_y5xUxkASaNBpSUl-uPu7cPZ5HD6rJRYnqEZq_kYrNt_AMGzYyhN_lOadGE-pIA9JFTIsnBYDH50nP2J4t3-3hMMYTJGQZCGnXtRn1fwo6rlfB0h1kbFaXaDvPKSflyQzx6AK2eH3C5JRNDY6yZKPrbcJBOkmeawcx4hBt8NO-ZMLW8LvF4EGaeo0Wuyp8d9wTajTnEEczCMDJQgLlYiqR9gkO6oidAO2dHjAa_Xk8znanU45g-F-cMu-tocNYVuHezxDnUX94TKVteenwAPh3Qlbd4JqFiEiB5KUoVL9o8aIyxhDRx8S2-D-LLSkqeT2j8nIhyFmGcmOuJRR2OcYOoy15WNlu5uE94LdEVIUxwauzdOqks35_3muEtpOABM-DiZpckY_KDw6BVxOCNsWQ-SVtBmDy2j3kJsIni401Lr2r0FoukPuMA==&nojs=0&ix=0&t=0&x=1600&y=1200&wcks=1&wgl=1&cnvs=1&os=0&md=0&bb=0&pl=Chrome%20PDF%20Plugin::Chrome%20PDF%20Viewer::Native%20Client&lang=en-US&pf=Linux%20x86_64&cd=24&0&pload=103 Page URL
  336. https://517s61.reminews.com/dannig/common-player-arrow/index.html?var=1541502&ymid=2112031123ff38001bfd494c0ebe2084c328&rc=1&mrc=0&fsc=0&zoneid=1601571&tburl=https://play-vids.com/?geo=nl&proxy=true Page URL
  337. https://kneeansweras.com/afu.php?zoneid=1541501&var=1541502 Page URL
  338. https://kneeansweras.com/?r=dir&zoneid=1541501&var=1541502&pb=495bce6f770101e310f4cb193b35e8321638555789&psp=e2XAfLLq2T1tty72JwvX384NXG-9hzQ9mTdN4Z_qpdZTYo6S-7RJzSkDSptFvi-YDilUEeMqMCvx9pShuXwcM9Kbvs-Ur2QUq2sp0H15Lb0ZHtZ2hjjcWlU1Pp9PfjOXR7zAgyCS2AEqXPMZlT3CWdE9vqEuY77UvR0yYG5t8gx7Ksz-O7jdg7BxWzXMeXJfVB1McamHI_qrzuQNn36H-FDYFOsIWZNEjUFjXmFVGCrfHFD-10Ex7m8F7FN8cUwYqz7YNgdGMwslL9LPcwMdER6WGuOscWn-MWR41Hj7UAr9tnUOhMyqS5C7gpHbkOwe7DqDt8eJxdUu9dRmiSaCaOo2tstsixRXOByn5GmIMGsNRmUVXJfdHzIT392WaO84KMH_kKKutvJ1YaglT6tYZVTWXycm-GuCvovqOL1jIjDCrrxnf42sprNAU2nITsghDNe3e5wpx-YIQsB-jjhcX5QvjkyFjpJX27HATgvT1Xf5MgC6tRuY1SaYNuAyRrO-VwnT8RXxOHxzU-oyDaN-pp8GvVLN7nvIO_lrra_nZdiwp4de8ckGjw3Z004-lEOYWf0EW6f3rEDSbrn_uk6FKqG-n7jNOhWUc6UEKbETSVU57Qm4SlGXYJzwabUcTUkDdiKJCwWSlomwZQ48tUtu7_5oqqjkyf-8KAalVA7H__15flA9GJAC7w==&nojs=0&ix=0&t=0&x=1600&y=1200&wcks=1&wgl=1&cnvs=1&os=0&md=0&bb=0&pl=Chrome%20PDF%20Plugin::Chrome%20PDF%20Viewer::Native%20Client&lang=en-US&pf=Linux%20x86_64&cd=24&0&pload=475 Page URL
  339. https://517s61.reminews.com/dannig/common-player-arrow/index.html?var=1541501&ymid=2112031123f8ac35a2cf4b4d5cbe527c5939&rc=1&mrc=0&fsc=0&zoneid=1601571&tburl=https://play-vids.com/?geo=nl&proxy=true Page URL
  340. https://kneeansweras.com/afu.php?zoneid=1541502&var=1541501 Page URL
  341. https://kneeansweras.com/?r=dir&zoneid=1541502&var=1541501&pb=495bce6f770101e310f4cb193b35e8321638555789&psp=-cWpJC7-fUQaKsS__nBRfed9ILfsiOSEWkFGeWq8xDQpPojGrCf-QEIqsZmnctdvYkv9Fd75SvdjeXTna_BRrlDWTy0j2zzpSyMIESxXwXMJLwamJPEEQBJaaYyMNw8SCPKnu6E2pYg4RJ2uHj-MrLRE2dMML7uS_iSms_P_OTVQA8mg9NFmDX2MaX14coPn4zTdICkgK2XRDsK_u1t6DvTAueM84gVguXbqijDMOZxKqReEWgwnonVYlDV51b01gepo-4mXqHF5ZnlaTrxk8M3FZ7ZloAWs37AfSR8ScSDRNgTaKfXi4iJ7df9DCORFEkKRD_P1-cr6VvahvH2b3UG3taIIumRG5Wlp4e_CeKrwFrSAzsgcrOL0HsQ_9P5jnoCL4XNDes6xeo1CSqs8pIc0URjncKe3PGKyjjEa0Ee11utRyyUoQl5dmOxmCIQZvCAtQodr4jY21VHiJ3n-Kwu8CcQQNQBZk8OkRkyJswWdHv_dInNLTvDJjF2ub4cuq04awVdZ2hterigeIW7uf8LyLyyDHZkaepFogVrSbCB4F56kN33FBnVuNC_oeY7c5-dd7U8g_BM3aVe0OtezKN_t7CzTe--egFoG6T3czgi-7GtrhIkTCMoXsNI3taxcIB7uMrzyYX_69NaOYPaeXwLXzuh_Q-_P_pfbPnS3CQSMW0KXSMWrBg==&nojs=0&ix=0&t=0&x=1600&y=1200&wcks=1&wgl=1&cnvs=1&os=0&md=0&bb=0&pl=Chrome%20PDF%20Plugin::Chrome%20PDF%20Viewer::Native%20Client&lang=en-US&pf=Linux%20x86_64&cd=24&0&pload=112 Page URL
  342. https://517s61.reminews.com/dannig/common-player-arrow/index.html?var=1541502&ymid=2112031123cb928b94cdb544cfa3506aa0b4&rc=1&mrc=0&fsc=0&zoneid=1601571&tburl=https://play-vids.com/?geo=nl&proxy=true Page URL
  343. https://kneeansweras.com/afu.php?zoneid=1541501&var=1541502 Page URL
  344. https://kneeansweras.com/?r=dir&zoneid=1541501&var=1541502&pb=f769bd8914aa866f70b4705b7ba1c7c91638555790&psp=YAQE1HNetRwbTYpw3zIp7L5clFZcZQeUkLVpU8vFCjbo0E-rlL0NdWSpTyhA5FdcIuhggb0jIowkGOtoZwi271-o1D7eL2ysT89YK6sQyOHpWgN8WavDD6ZVTo_m2ccRmz5LNmQY8-zZM_XJOoPOD8qRXO8Z0_apPgVxyvtzZbqrbKX2ghspWCGCJ1PY18beoUAAy445Q9hgbqwSrDspXkJczfvTj6xR7O0ZYXEhi221N4zwdv6xbYn4J0LzylIj7-wX0RNWDwQWWbdle_BMH1yZVHXmGRbm7KYG-BievVshUwymCl92r831VfFE-ryQVISCspN3syfm5Dty1mkJzFCjP0LaadaYAjbWHyd2f43vdaGic_LdSC5Ucihg2QjrFRjG_qoxU4E7KPV-Fkr9b0kzw2kwrgBBLLEvcqVt6cX-XA3H3rQGeUkNfbZxNKrToKwFi-_WmxXzt0mwdfq-bqmvtqq3TocHIWd53hfmaqTbq8FPZWsduFiTBq239-9Nozq6eZvmwqavid6N8JZ1Afde45ke6X7TrbHlTyI3cNubQJ0lwYK4dD2x2uwPKVbmqVD9RKbnY7rKNzhSEp-rVpTyAs87FZoWBU2LLymbQhKhGXGKxs1auQpmtBnEbuP5cuSRFuYVadQHOG6--y3qsQE_93kJsk7HCWpuqQkfrI6x3dvLQ0gkUQ==&nojs=0&ix=0&t=0&x=1600&y=1200&wcks=1&wgl=1&cnvs=1&os=0&md=0&bb=0&pl=Chrome%20PDF%20Plugin::Chrome%20PDF%20Viewer::Native%20Client&lang=en-US&pf=Linux%20x86_64&cd=24&0&pload=100 Page URL
  345. https://517s61.reminews.com/dannig/common-player-arrow/index.html?var=1541501&ymid=21120311231a532113f4f44716ada29eebc2&rc=1&mrc=0&fsc=0&zoneid=1601571&tburl=https://play-vids.com/?geo=nl&proxy=true Page URL
  346. https://kneeansweras.com/afu.php?zoneid=1541502&var=1541501 Page URL
  347. https://kneeansweras.com/?r=dir&zoneid=1541502&var=1541501&pb=f769bd8914aa866f70b4705b7ba1c7c91638555790&psp=UPhNa1yaQuDIoAQ777ZI_jB-WZPGp2NBwuz0T5asFgeQxza4nSnlhm0zrNVj_ZzsToX7xqpO1b7CpqTLCn8o3GdmgNkRNOKTPmvhuMUGqDTjp7BQWRoB81mfZx0T7kNBXN6XgjXudfKhcE83oNVAPXQQyai3DnQtxfvVSbplc_kByXmuzy1QZrsJI8VLnT4IE0RHGBiTfPZcPtAo7EWvdOA7wRb6vH5NXRtpjzisaifl_W2XYY4s5ZIHYEoqeaNolp5mceo2RaJkU_8HhdJQvqmndT-omeqIP9AIgs0DhLvTPbqdUi95VNi0NWuES6N58U8lpPYAYrLofmfwa6Yk06yHaMCrXTVcrKW4pMZvvaaUGQNIUaKdwow2pSUwI2sVS2Riy4mz4iW0QBwkbE0oy0hOganGP7sd4tgIL9cU98_So5CEjH_Lklp49qoPvw1oVMUMfxQ0EYjmj-TwvQSF9nIYu8aHmEZzxiVELUVlx8eDK7F5LBU3H5dEFNOvpQDB3VM9a5v3Gio0qhBp63_BVp__DY0nDYl2jQpwxJYWoPLE5vFEJRq_amNYnD0n-9D_ysUyRPczXscQVYJOIn_KRW4v9p2dwTPn5UDEjC2yplsii6qstU2jqsj7spmffFLhiJ69X2928xDiZskS7u5IJl1n0qoQ9uCgTJpWLfXXI9otnqx0SBU9IA==&nojs=0&ix=0&t=0&x=1600&y=1200&wcks=1&wgl=1&cnvs=1&os=0&md=0&bb=0&pl=Chrome%20PDF%20Plugin::Chrome%20PDF%20Viewer::Native%20Client&lang=en-US&pf=Linux%20x86_64&cd=24&0&pload=103 Page URL
  348. https://517s61.reminews.com/dannig/common-player-arrow/index.html?var=1541502&ymid=2112031123ae1187fe5b4f4da0a138e72166&rc=1&mrc=0&fsc=0&zoneid=1601571&tburl=https://play-vids.com/?geo=nl&proxy=true Page URL
  349. https://kneeansweras.com/afu.php?zoneid=1541501&var=1541502 Page URL
  350. https://kneeansweras.com/?r=dir&zoneid=1541501&var=1541502&pb=f769bd8914aa866f70b4705b7ba1c7c91638555790&psp=_4rR-Ees8eShSOECwl9fpdKzCMhTfHwhZ-QXonIse0tkLmq_p6O0NZ77rdZ-mZXHBDBmwaNmPTejm51d5s13XoT_IPtYLjZg2rNWuJRLaeh03j7SPU4sNC_SLMsZKa4c0OTBBRdjp18t5mpKMr-zDO3FSUYv0kBq4U3i9Z0ofpljnRA7vB6g-Bkoe_b16bPR6re3sLd0ocD_gxCJNoHePt3ormtCTyqL8HaJMq4ZVdjqhVA9rQ_6afHP3UWH5mGjkZBDlE6GS1SubiSgI5ChWCTNuQPM7SOnHr7uCoJ0ES-2XVcBh4V-ujamlEm1WuwUCN0p9PHT15hWGEBa59d3fh_O2dOMBOi03ayXXm6uErB-kLawilfkTUx0uibRII_FgrSBSH8T6_jZzzTlcOlUwZp3YV3CYNxeNDvOktC9Ys_k3TsV2nN2O2GwbOwM1gHQDdZyqu_eeuV1dZRBPj68gFs3ssnZ5MXBpJBOBVCThzYXn81STaPMSzh2qCDSJ-Oo0sq1gykhB4f-Tb6050SUsU3y33XpTJRkK66uO-nnzzKF_eQ5JxEqiDHYAxd-ELkofYHaNW0mCS6mMVg9OfjqcM_fArOmERcgK27gH28z5eiZqTqcHf-AwqJgvM0uytsrdMaxHfxTpFLYTqV3LxHDKACrr-f6b182x1Cyk7iKA8I7uC9jTJH5Yw==&nojs=0&ix=0&t=0&x=1600&y=1200&wcks=1&wgl=1&cnvs=1&os=0&md=0&bb=0&pl=Chrome%20PDF%20Plugin::Chrome%20PDF%20Viewer::Native%20Client&lang=en-US&pf=Linux%20x86_64&cd=24&0&pload=103 Page URL
  351. https://517s61.reminews.com/dannig/common-player-arrow/index.html?var=1541501&ymid=2112031123690353c0d2a94448a2a6be98af&rc=1&mrc=0&fsc=0&zoneid=1601571&tburl=https://play-vids.com/?geo=nl&proxy=true Page URL
  352. https://kneeansweras.com/afu.php?zoneid=1541502&var=1541501 Page URL
  353. https://kneeansweras.com/?r=dir&zoneid=1541502&var=1541501&pb=f769bd8914aa866f70b4705b7ba1c7c91638555790&psp=rd7fjw7GvGkf9SjaWXkv78DyVDDSnKa2OBWmwk_MhFUhcMEZbw0ERWYBnAWDJKnocZxrfYUv3Yl4PsJQAHbtXL54cmqU0sjSCkq_88q_3iTLLqVEtw8SflgpWCGeuI2Oli1st8qBDxitB39UOk4JssEri2Y5AwHaXUy_BuND9hvrD8aH1qsAPZxIc6ybad4Q-xDsorFo_ngBSUBRZ5ZjqWNAaAvxtKlj0XgjJ0V8c1H58W8w5kvG9dmSpfum1ff1zAlRrweVaofyuDkrslZyaAq4O_5kq5IF2W2iL6FRG9f81a7nDBFks74LHMgk9TJugP-4vEnyKrPk4FzyLHgSQAfGtI_d4VG3ZPNZF1CrGwRNkhJ83xsPGsgOZ2uXM_OFnTyNwPHAcDo8b3Ck9tITOgNUPCM_qn6gNjIjeQ8imm4JH_A-sfSdZ9-lC65spuB951zxJlnbM2GmI4mWFptZcZ-cqgA_SfBgTL-WsoKdcpDtptBZAF06_dywpy2E1xC4iu8RXylgo8URb70HFivar05_dycOvZ4w7RJiOhl9d6KJlwobgq_VAvnmkgmyz6ar09EFMN6WWqlVssWGonjI2C7EPv8VSyGGG1hQ-k_U4Ii3TjFLRxcsg_JzvMd3YrseEkv39KZXOUrjoN2LZCn-DxHo8h0YoEPkvra1QwVVbQWf_pn5beW4oA==&nojs=0&ix=0&t=0&x=1600&y=1200&wcks=1&wgl=1&cnvs=1&os=0&md=0&bb=0&pl=Chrome%20PDF%20Plugin::Chrome%20PDF%20Viewer::Native%20Client&lang=en-US&pf=Linux%20x86_64&cd=24&0&pload=104 Page URL
  354. https://517s61.reminews.com/dannig/common-player-arrow/index.html?var=1541502&ymid=2112031123b408e0a5bbf048faa8c4561d6b&rc=1&mrc=0&fsc=0&zoneid=1601571&tburl=https://play-vids.com/?geo=nl&proxy=true Page URL
  355. https://kneeansweras.com/afu.php?zoneid=1541501&var=1541502 Page URL
  356. https://kneeansweras.com/?r=dir&zoneid=1541501&var=1541502&pb=cf1c6c26f33db445ca202d224aff256f1638555791&psp=BnSjbBOx0kxjk3c81qmeJzG1gRJ0A2b_7AGvZ78Z1CWA1Ro8GZE1niwgIOwPNF2t-39xjU_4mWp7mCei0eHhE85ksEAxXXaRo4vBeMd7GHeBReuNEXmjNLDw1Ki9dqqA7WAF4smDWQDA9--IWPIBua39q67Mr6NWv-TNo13-yijwX4xsx6CFKmTDgtjZ6FdV39Xiz2n11gKYoiWmRbk5K8GyWIlYhdrZziYeMRl_UwJq0MOBF5cLRk5zuYQT6dD_agBLDwyrxUVY58G5JAj9X_kKnBTY9QP16Q0AhgmEg30BR3sFoAhob38SFR9gUWTxvIvYfY0JeAJd7Hb0G70kzw0roHAeE1egYS2S_ec0f2-Ino-bJU2ehm9RHXgh1pRet48ZoZkppSLf0UsSYue9DeO5xzibQd1npQA20VgNkIgQ68TRHxsBRhuIv6KDm6_u2qrO32P1lFzXQfdFowz2Bt9hHyRuFlul1We6VqLSJGsmKUtphBzI59MUWZiRigvsmFupbuMtFta-fOh3rnmXABTiTeDiuKRTMYO0HCSQQzyDMpItClVOC6e5Uf98bLm_GmlSFwKpMCqgWJDQ4iJ36SbkwXbRZYvQ7aifdIsW4MDW9Qqp-7QOc9lb-c4HTNZTg6w8N8w2PqW6GiNW2kicCuHxV5-F-8tfAc7WviNJ3ITXRF1bm_383g==&nojs=0&ix=0&t=0&x=1600&y=1200&wcks=1&wgl=1&cnvs=1&os=0&md=0&bb=0&pl=Chrome%20PDF%20Plugin::Chrome%20PDF%20Viewer::Native%20Client&lang=en-US&pf=Linux%20x86_64&cd=24&0&pload=102 Page URL
  357. https://517s61.reminews.com/dannig/common-player-arrow/index.html?var=1541501&ymid=21120311236d35495a51f84bf08ea39721e6&rc=1&mrc=0&fsc=0&zoneid=1601571&tburl=https://play-vids.com/?geo=nl&proxy=true Page URL
  358. https://kneeansweras.com/afu.php?zoneid=1541502&var=1541501 Page URL
  359. https://kneeansweras.com/?r=dir&zoneid=1541502&var=1541501&pb=cf1c6c26f33db445ca202d224aff256f1638555791&psp=Nz9VO2rLPBHmrrcQ2UQvRzhNazqKCrtZ6kNyKqb4v0zJIlHYgsw0MwZM-W7VRJfudZJRYIT6Prwnf9JU5fgI6LbOa4-_3749TvRvmD3Z267bI7TkM4Ue_WOnaQHe6nA-XbCJ7t4fJ6NgH-O9IlAl7Fha4-UnA0K4qVx9-6AvktpiTTAbIHQygEqkZuOhCOJKOCmdJbVccpXWf7yXroGsloMhtN2iKN_M5e44SVVW5XEY0hAGqX18oYtMDlNwcJVgg4bViMDmzA2jbUj30vOBVokS9p1TtyZ5TELJy3Gd-HYBSOfWGWR0UY02CtPNh1-O6oU3_dhyNafrfoLXbCyD9cOdClzpuau4KDaUMvtCAATd-Lykfjr4-rsFvev-des6gdQPcrjTfzr9ytgwQIC4P_KNwUs4wZczMaqfpOHuQJbM4h8t7SDwTbbbABEPai6D0-31R4Tx4xIJq98pfDxSWSl4n2q9zWHFXMVFUjlL2W2VstLcoIyik4enkpA8zhpL_CEe8ue39jDA1Y6gjybrxJ1E0em0UCcRqqJEvb2WhLjujaftj7KHV0Dmsno-1KlKouW53PooOvHXT93LwdeIoHyRWL3rr-AR0FCrqGxpu0LqyuT0YB9H-yTnSLoAi5SljwxQ8w0ZwltMvfNY9Y-3yudiLM9eWFOYrNrJZjP7BB5MyTTNirktQw==&nojs=0&ix=0&t=0&x=1600&y=1200&wcks=1&wgl=1&cnvs=1&os=0&md=0&bb=0&pl=Chrome%20PDF%20Plugin::Chrome%20PDF%20Viewer::Native%20Client&lang=en-US&pf=Linux%20x86_64&cd=24&0&pload=102 Page URL
  360. https://517s61.reminews.com/dannig/common-player-arrow/index.html?var=1541502&ymid=21120311238322eae0a5df4eaba8f7b32442&rc=1&mrc=0&fsc=0&zoneid=1601571&tburl=https://play-vids.com/?geo=nl&proxy=true Page URL
  361. https://kneeansweras.com/afu.php?zoneid=1541501&var=1541502 Page URL
  362. https://kneeansweras.com/?r=dir&zoneid=1541501&var=1541502&pb=cf1c6c26f33db445ca202d224aff256f1638555791&psp=Mkj0Gc3ntoNh8e1mbFI_o23QQ9RYkaSQoj4jfP5keTcBAeVaexG7_lkNX6wJfNwZ8QfFw-Wc6cBf22v6CiuxiYBdA8hONsQhyoQNKBf-yMfvKJxlkUG2bQ2SBSWBn2zWvSbWsKl3VfWH0OGGIS8RiQAxW1zTCnkQXI34nOm_BZY182Pl9Si-9wmqN5nmyRa89WV26u9bYNkrkjrxwsmRcelcJ9nq6zBiXqMF8elugc-TFQeO31YaamwLZdIPWh41jtSuT3B2zWjMXGysyEVNi8jw9cfk_1SBB1ufegd4sqQb6s-hvVPJomgorMdHCYfL3GFmKn5zJSteb1_mlFOnc5tHZS0LS9S2FOueFsBzKe-OlplEFxZgG-2og7Noqpug0Y3ewTYcob0Q-8EDxcnw1xyqnNC2Mb3hJN8xrITH0sNjX6MwObVA09voW3M4NKblu8oEa6QjZRVBvpMDJ6HHhbjEBYIr4tt2W4EBH-QJPECb7Ql8rtiLo5CTPnRylA6BgPNECQS9LgfCoDBqCvtLQ9mE0MawH3btY7-grrF5pjIb3u-rzyzUZaKaQUnkcM43PhmRZekVSICdIiv4loSzyzUWRHQbfPhDNqsLKb6uxFQTyHf6-L65Zfyyf701s7ikrI-3iBUPstF0XcxizLmwuQGbRXZOwKT95kOPFD6DnbOsfAw_dqOH6g==&nojs=0&ix=0&t=0&x=1600&y=1200&wcks=1&wgl=1&cnvs=1&os=0&md=0&bb=0&pl=Chrome%20PDF%20Plugin::Chrome%20PDF%20Viewer::Native%20Client&lang=en-US&pf=Linux%20x86_64&cd=24&0&pload=102 Page URL
  363. https://517s61.reminews.com/dannig/common-player-arrow/index.html?var=1541501&ymid=21120311236907a3616782407d9813f31e76&rc=1&mrc=0&fsc=0&zoneid=1601571&tburl=https://play-vids.com/?geo=nl&proxy=true Page URL
  364. https://kneeansweras.com/afu.php?zoneid=1541502&var=1541501 Page URL
  365. https://kneeansweras.com/?r=dir&zoneid=1541502&var=1541501&pb=cf1c6c26f33db445ca202d224aff256f1638555791&psp=mIUXM5_f-KEcbLZzP2U-ulLKVhHi4WeM7Drf6NQmzzw-SLYhRo6ucaNpXDaaDRm-b6VLXiqsQST0mm4MZ13jAaZLTBI6hajyaG_9ApC-_GBhBJzi3GneV32zTvA9K9AmIyboYMzMIUWEgaJ1QI5qNceOpMOZ7rzCrPO0ZNuuDIuWEvM68Sh86o7clx5qE7p9U2D2-AKBXaznvfWYwtI7SYH_Ho7pJvhF53bGhVZcH5quBARXmWwe877loJKIwG-6YiK17oDGajFaBT79FBY3rt1xDrG5zROwrq8fe7QFiPTv6xjk1ceAB1VD0M6qMQ2PbglP_A2rVNpR3t5ntE4vphBXUkURm1NZU6TCG9O-UFHAqEsV1A3cMRALGsr4swIzTUetnP3Ij4pT79BYg5pX9XW6pBbdaU9dNjnTBhUrzYF87ODJuA2t-3jbE4jLfg6sMJzRP3twX7YwErv5uCu_qmPdPQtFTeMsT53arv40lfdTldbmV1G6ghry9LN064PKq3LdBJK3vBGXSlFqIKvf7oq53t-KfvqtQj3q2ZMudRU8iWD_cmMVN4itKdsRnfNKv669Qev66B32d5HKcyTB-V-M1BVpYIfwTrJSz9GZJipgc0yPQQPwUhs20Wbtj1EtgrxANKgzzdUIZkA-y85r20vIu4IKkkfPg7m6sXChpRBZq5x9DwXCsA==&nojs=0&ix=0&t=0&x=1600&y=1200&wcks=1&wgl=1&cnvs=1&os=0&md=0&bb=0&pl=Chrome%20PDF%20Plugin::Chrome%20PDF%20Viewer::Native%20Client&lang=en-US&pf=Linux%20x86_64&cd=24&0&pload=106 Page URL
  366. https://517s61.reminews.com/dannig/common-player-arrow/index.html?var=1541502&ymid=21120311239871d8c1cf4340039a312ae372&rc=1&mrc=0&fsc=0&zoneid=1601571&tburl=https://play-vids.com/?geo=nl&proxy=true Page URL
  367. https://kneeansweras.com/afu.php?zoneid=1541501&var=1541502 Page URL
  368. https://kneeansweras.com/?r=dir&zoneid=1541501&var=1541502&pb=cf1c6c26f33db445ca202d224aff256f1638555791&psp=vN7B3j8sdVYXbC3kwgAAdWMeMgjgWkU0wieG3pbk_R0KDPa8wTDWQf8YCQqQYf56xUDm11tYwZMITryqJDTDA_65Makr4WiFglyHITPJqDE-tDFRCiPh2hrMMCW1pcTTisjJZfhowub8T_fb-JnrLMgVrk8e1KO01h0sTbilL9TBiWVZ3SqXx45qkzWjSNyKhWm3Fi-N_GU2ZtHapzWw5gVabhloETCmMLpRk5ozXe-hUhT6MkAhY3zbjkqjF-yAaaTlH358lz7ofuKYZeRIc66x-hoWDiD66Qrh3VaICmfVebNNY8205BeWkdR8KpNq-DqiedoiH8nAEN507bW9x4VSVGxuzTxf4Ycufw2Kq5wzzHqK6-Dbyqv311rm_-rUCNo6A16Qpo8Z2Gv6XkXJLtScxmeA5D30v9CaLMvdCeOWHsNtMioQ97OETshzoL5bMynLBvLKBRz8E1yD1e5XA3dCJL_ktdEbuELOwL3Sn1-C4njxLzRCZICSA4fzp3cDYzt9yeYL-2L8WZoJm8X5BDTqzQczNmUFY0OQTqs5jdTAcDdQ8ovvJE1pemC7dGv1pg6_IMP-zRzk-vMSLeMmMWHIoica-S4PppkGe5YKlbkI7qLDEHkKG8TOcHgsq6x8vzQtpUMcG18SfNQWcQVRIGefqkJX1ZFCrtHt0y6McpWzybAKz8lfeg==&nojs=0&ix=0&t=0&x=1600&y=1200&wcks=1&wgl=1&cnvs=1&os=0&md=0&bb=0&pl=Chrome%20PDF%20Plugin::Chrome%20PDF%20Viewer::Native%20Client&lang=en-US&pf=Linux%20x86_64&cd=24&0&pload=105 Page URL
  369. https://517s61.reminews.com/dannig/common-player-arrow/index.html?var=1541501&ymid=21120311231f900fd2941a454f908b25ea0d&rc=1&mrc=0&fsc=0&zoneid=1601571&tburl=https://play-vids.com/?geo=nl&proxy=true Page URL
  370. https://kneeansweras.com/afu.php?zoneid=1541502&var=1541501 Page URL
  371. https://kneeansweras.com/?r=dir&zoneid=1541502&var=1541501&pb=dc50e079b7273137e162de095e5f4dca1638555792&psp=jM93fDe_0Ks1EKXvNsXQf_h7CG1oRKbFJPWcBNNRhwtUBmVPBfJgeXXAWC8SJGEyWTvebigooF1Ofv7S4NpzV8BXKuWfXXH0PHf9jD9Jxh9cWVuEdY8k-ellCo_GzOWWIz1iDoHSgsgaVY2NcYsZxqtgBdTi32jtgxjzuU-JjGe_CorNG1Y7JlBjZBdrRGfz78tmO_g22LO-cH5XvsaEUam4c8uP_00YCBJhswOHGpaGB3YVF3bdMkv5sVCcLj-4SkXok33O6yszGhNlll-w7MOGSnu_VWd_GEGClkO2ALfbPVmne2lBKFQfnJG6QFqr4vUNXM3ZpuYfP0kPo6IFM4JQ5SpPQKqp1Qsezw-G9IcpXyOl-bktYFLRmiB_g6MZ9dhyKdLgsxwd55ezt-VzYCBUi4cHH_8mB8hzkbhqyLxmVwSDB9Q4zzwhsKdG5zjnv4zKmAZ8Ebr1e1sbdzyGQ1lVTaTR9SIXT26PkvCda1iNm-YwRGnzfkdpODdCThoX1YAEHK4K8S3F8iP0_BlPW6CLEPYkqZfDuU3QZS1LL6c9OKXlP-32v1ESAsieGgL6X_6hXd74caH-J9qH36uv80dVFNkcsBP0O2ZkjVNjGFKVRm3t273sEe3O8QllC5mvcuIcvFm6RlKDPV7YelCm4KV1I657tWHft5n24I1i1gNzUT_mQv0VlA==&nojs=0&ix=0&t=0&x=1600&y=1200&wcks=1&wgl=1&cnvs=1&os=0&md=0&bb=0&pl=Chrome%20PDF%20Plugin::Chrome%20PDF%20Viewer::Native%20Client&lang=en-US&pf=Linux%20x86_64&cd=24&0&pload=101 Page URL
  372. https://517s61.reminews.com/dannig/common-player-arrow/index.html?var=1541502&ymid=2112031123d52a1533639246bdbb7465c877&rc=1&mrc=0&fsc=0&zoneid=1601571&tburl=https://play-vids.com/?geo=nl&proxy=true Page URL
  373. https://kneeansweras.com/afu.php?zoneid=1541501&var=1541502 Page URL
  374. https://kneeansweras.com/?r=dir&zoneid=1541501&var=1541502&pb=dc50e079b7273137e162de095e5f4dca1638555792&psp=ZPgZmEJ6vmFQRXO2YjIIgiKF17FJ9Y-VmFzCI9CM_CXsBfk3-23dpv1RqIOrOqv23WlRpZIIGkJD0gjrshwMsptSMHrr_moLLXzipDCbKtuE50W1XKFleRhlVSLcDRWcu5_81SW7RV16pGg2ytkvHvEgYSturZFd75JX-SvaKc_AphMjxiPuOB2chZ9wdU4EwDrjCl7GZjNyu27W4j5xv0Rf77hrFkuOxPn9cuQZQhHSsNwnUm9JXjSoSls3qjldQ8MJvPA7nZ0XSkvqpI8hJUle4XG5ot4cvEEDglauxmoRpr-uilBcmGGz1kYhK4zTeasEt62e5cc-zxxHKgNjTjodk6lz1FeMyfiNsH5dmXxgYuVIfh7l8lednzfvlsJfTqpFAm8frJBZf1W1b4dnFnmHVFiC-46qTMRyOk2sjTPpRoU1rv63k6iHHKcy9WVDOCkBAywFUpFwo74yvsIlQaW_Rk8Fc01yjB4rsAWALE8FpQ6SLv1UIHT1XKpY8UlHFLjRujsscuPxMWyQXa3TykxDuIN6O14FJG1EY3hTRZr0Yw54w61qWqLWgKyR3BNukZ3K8UcUX5-J62TXcLDdYaLzyiyg_WrWNhTqShPMRIQPRY73o1iaYxLZyvgOMYAOJXIpPxx_6DE2gigrcJvdXLRb8HzN7ul0oPPqHq32S8UyULfnD6EAJg==&nojs=0&ix=0&t=0&x=1600&y=1200&wcks=1&wgl=1&cnvs=1&os=0&md=0&bb=0&pl=Chrome%20PDF%20Plugin::Chrome%20PDF%20Viewer::Native%20Client&lang=en-US&pf=Linux%20x86_64&cd=24&0&pload=105 Page URL
  375. https://517s61.reminews.com/dannig/common-player-arrow/index.html?var=1541501&ymid=2112031123f1a437d6c4f047cc9ab351e988&rc=1&mrc=0&fsc=0&zoneid=1601571&tburl=https://play-vids.com/?geo=nl&proxy=true Page URL
  376. https://kneeansweras.com/afu.php?zoneid=1541502&var=1541501 Page URL
  377. https://kneeansweras.com/?r=dir&zoneid=1541502&var=1541501&pb=dc50e079b7273137e162de095e5f4dca1638555792&psp=mOb5OH9bJddf18CREcm7Vg-B61MPgaKOEEcgcEauS4TrgGMxuuqdf1L2UOv4owVh2BWAdGsFGZlWc6J_W0lNiDKsdAsQs_P_JLpR56XM5S7sPnv-Rn6qG_uKbY6XEEjy3zt_Jh77nheyEicJywDTwbd4xFsjB2NOebyF6x5tsJS6yN9fL0yOvhLYoeLHQ213XCdFmTl7z8DLy5InLmbozdiqjs4YCHyAqtkFej_o6J8NJcOQmY39RGNGD5XP2Qg11R5G0V2UVXaY37Cu9aFQCxOTFXYT-PRYtTTw-AmsM-lbnouiHTE7atYtzEmnoiq4fRcdUnwlGyYFpzBNOsU2v3GitL4pnOFNQFUOEw6j7KpNInc19bbg1IPzTN2HKPnNiyZapEjyQtmXGBYHoDGgHXy5ZlEbf2FTxXacAdlYA4nAlVTI8oWgQnzb8uDm8wobLwVMJK3AYsoDZAXvWF_EFFjJ6NHjeTOvU4HgBVSKmu3alxjehyctWJKmunJoTiMjrIHJ9emLE7yI4ltbbveMMZ5dcxkb-3UVlwaXnxxlagD0Q0NAFHYpFz-AEtKS-iarZXJPsVG1wOOkmbWGLYMNFEdlFMZXwfl3FucWHGIJIy1lT81EMUnN8kubLGppKfDrPtUCb7bn8bZVMu2CyzufutliD0B_bulaPN3wyDg3hiaeNbfPvavHpw==&nojs=0&ix=0&t=0&x=1600&y=1200&wcks=1&wgl=1&cnvs=1&os=0&md=0&bb=0&pl=Chrome%20PDF%20Plugin::Chrome%20PDF%20Viewer::Native%20Client&lang=en-US&pf=Linux%20x86_64&cd=24&0&pload=138 Page URL
  378. https://517s61.reminews.com/dannig/common-player-arrow/index.html?var=1541502&ymid=211203112368f5d98fb94348a6ad764a6e42&rc=1&mrc=0&fsc=0&zoneid=1601571&tburl=https://play-vids.com/?geo=nl&proxy=true Page URL
  379. https://kneeansweras.com/afu.php?zoneid=1541501&var=1541502 Page URL
  380. https://kneeansweras.com/?r=dir&zoneid=1541501&var=1541502&pb=33cbb9184d45525d9026e831abf9a0f81638555793&psp=KjqEjDPw7M90fUZvBUq1QF3_bz-UOAFMe_dxyM1zTEuMPj-RpyDH_L7USoRtEAOMDHaRToV1Q436l_X2eP1A-JjMH2vR380iXQ7CsRhWKCJEqgZlKD21OjK-9060l8x4Us6FNOMDq3BKzeon2SK9PusS0YLgYOEzBFy6YmhZpXvxvD0zuzpObBFZoSlbKfIJdCPb5h2wV2MReJTF8U3M0wlkCxE_iCP6GdQIubGeTvLlJK5K2VheYUldC0ooEK55d0160hY34MIA1LlzdO_ZVUOfAluWijcWGdy-9A3Todnovmk7yn-IL1I1BJkBxfH6bkqy1ZlnKDWi9UFaynoWM84EEPP6ZmvUUBRPFCHwRVwVCaKl1KJv4u1e20yseItrCaX77pxLIpKBbeU0OWCkwlgcBY4ztKbs2dlv-gfOHcYgJoBaPy5dTStqoVKq5wBUyHlRvdfNdXGUAnRUE5tONh0MyPh76EoP1YMVSK-apas7ccTGoOAOkdapFfZJzQgzZTJuixNQjcjimIAvHdtmD1yfSr1bxqhiFQQcBDRVC8PzhHYG94SOIrSSPnOuab4bpkt3PkCVf9R5sxSoy7qS449aAgyNDRUPV_oZBNgTOZ397_s2hSaLKJNk6uRvQ9lHXa46qKwTpXUgb1WzzQ0CwogmlqunjsyCgFWGoS7QeltSAQfVZ6QZuA==&nojs=0&ix=0&t=0&x=1600&y=1200&wcks=1&wgl=1&cnvs=1&os=0&md=0&bb=0&pl=Chrome%20PDF%20Plugin::Chrome%20PDF%20Viewer::Native%20Client&lang=en-US&pf=Linux%20x86_64&cd=24&0&pload=106 Page URL
  381. https://517s61.reminews.com/dannig/common-player-arrow/index.html?var=1541501&ymid=2112031123bd350b18d1de46038fed9a11c6&rc=1&mrc=0&fsc=0&zoneid=1601571&tburl=https://play-vids.com/?geo=nl&proxy=true Page URL
  382. https://kneeansweras.com/afu.php?zoneid=1541502&var=1541501 Page URL
  383. https://kneeansweras.com/?r=dir&zoneid=1541502&var=1541501&pb=33cbb9184d45525d9026e831abf9a0f81638555793&psp=ycKkJ0L8gJOgw8m7VO94A9G9Vm69EqSZ48IsJ-rWAjFRgfOdhAI-tWyXWSZmrHKtRGLChf7YmOLg0p-bpC-dFmfhYrH3CIslK3Vx5JmRzvegb3iepsAyVaSe_MCacS9fUf4bJSBbwplx5Knv3wZWPRh1mBwansDC93Iqhf3nmp_hY649LJTLhOotluIKCT2YjozENVIcuqDPAG3QrPw38xFT5RnoG0oTHA8Y_McFwWj5OSVyS3CHgurrLiSm-k7f13yYxkPkXL06HoYxmZkgVv1HcfMiGAw6uNB3FdL7e3yf990b_Ttjzt7_TkFTIOfNfxhE1VkdPB7m4YTzLBJygXKU6NsswU1xhJ1GNa7h1i-tITnJfrToOZDiVn6vxyhAXH_ti6HGIUu2kSZJ8UduB09iSksuNp6obWyJEMp-wdf3SnSNi9anGe1iMD6O7UAE6rZ-y_Od9DVD-oZpZ_mw_ZcFzqw-5nYSnrJF8QpKNHEb9SFklG6d1e_aw38BY16koQOKTterwYDtltnCds9C1EnKb7cfJ-iUCHEzsEGLzn18AKhXE6LgYzONvLRjqw3soyRcPtMsAVSfQ9DSx3t-Jm3Cja8GKAqJ0lQlageBRQ7pBjGLHXlRsJzauLoDSkDvvrn9vLnbaOxA5v-21xYFjZJzBwo9cSwYa9xUTGCxoXGBfvUzkyHEqA==&nojs=0&ix=0&t=0&x=1600&y=1200&wcks=1&wgl=1&cnvs=1&os=0&md=0&bb=0&pl=Chrome%20PDF%20Plugin::Chrome%20PDF%20Viewer::Native%20Client&lang=en-US&pf=Linux%20x86_64&cd=24&0&pload=104 Page URL
  384. https://517s61.reminews.com/dannig/common-player-arrow/index.html?var=1541502&ymid=211203112352e98a4e4e85491691f8893360&rc=1&mrc=0&fsc=0&zoneid=1601571&tburl=https://play-vids.com/?geo=nl&proxy=true Page URL
  385. https://kneeansweras.com/afu.php?zoneid=1541501&var=1541502 Page URL
  386. https://kneeansweras.com/?r=dir&zoneid=1541501&var=1541502&pb=33cbb9184d45525d9026e831abf9a0f81638555793&psp=c_NsZZwINH-Wv-FthVq6hDKk3OfSx-bjmBBxhiNnFWY-tj62TxVkIzF5L_oU3oIEow5qsMIqFXFBj0zMDEiwwAjX6gg3kqdciXXJR4iD9NErIqOvq89mIG5Yqzg83oZWyIJ3UqyPDZoHSW_AAfGSVJ_qGpLww1LX1XuxFnk6_LfArzX2BWEl78t37FWBhkjLgw4kszR3-JJRsF-ObAQZVuUM2Ttz7WNABPtLiZxzzJchRuuNtyFzITJflWcSBXhz6RK6TFfISXHMWzBtshMlXu3b7rK84pU-q0JNZMP3VIE1dUDoNP-nXNPIkrjqfKjv56YC-eSNW5QKsUIgOCkl_KUkgx5IAsmUdMRg0TkcxIBzb6yUJuE6wVlG3MdtDtmb8YwD6NT07NDuVXenH8HAaC-vnpygqtSyphR0tQX4SBBbfvrfdCh6b9a2VzOnJKTpl5ImCmkn0NbseAUiq-aRg9AHnp1M8lP-Ubvdws6ZybQ8y8amc1A-DGm0HWRHR0K_EK3MnEXO0JtrSw6tMYQ9dOZ7O-CameArE-_gMd9-M4iXl-BX7arLDaBpiFl-SMSsbqUPo2OGTtcC59yP7b1j-hyF7EvMc6dvASjtg0M--KFW2jGLhfHk6tY7FV1uRA0UKTP9NuU9inQOqjAVoT_Yx27_jw63bJZiow9hu-XEI2cy6yc5-XUotQ==&nojs=0&ix=0&t=0&x=1600&y=1200&wcks=1&wgl=1&cnvs=1&os=0&md=0&bb=0&pl=Chrome%20PDF%20Plugin::Chrome%20PDF%20Viewer::Native%20Client&lang=en-US&pf=Linux%20x86_64&cd=24&0&pload=355 Page URL
  387. https://517s61.reminews.com/dannig/common-player-arrow/index.html?var=1541501&ymid=21120311231567f2b0ad784d2aa3712d2da6&rc=1&mrc=0&fsc=0&zoneid=1601571&tburl=https://play-vids.com/?geo=nl&proxy=true Page URL
  388. https://kneeansweras.com/afu.php?zoneid=1541502&var=1541501 Page URL
  389. https://kneeansweras.com/?r=dir&zoneid=1541502&var=1541501&pb=81f41098a74799f2ccd7c12d88e183a51638555794&psp=WbOFTamuScodDMMPUjk2KrjTXIViCXIAVY1uENJJ10WLJBeogLH6khjq3Pw9x9dKXK3LeU3R7q60Zwzi_64agH8fQSlAr7X3_fvMBtgCy-5bfobdT-bnfrlGW3Qhi9RCXLbNWB6BfuZrCur86UjHD4_BogpWaOI_TwVobFb2noSYXdJ4vjNWrMByRBvB38rIeE9hoGymmcIOKFO4tjDHfP1KYv-V4ae86SeRAottuPWoo2fvdXPs7kkmNNhDTr0rm29hMr899IJuIsifqg_MScG1XBoX_umXb2MRPp9kcQqDkFGTc1cQOvL67gSwou-zH5qtnoXsSSREiNK29wZo1RdA4CB_cIC1_pNGKXdYmsq45zWrvdTCDO6Erq_QHLxKsWyCkWrnsTD_OluANcXrBkrrs6t-q4piBhGvrRGi9MQrcyH4it-xhiMC76y5nVv7RvpTrJkTf8l4L6A2q0xjqHzwr_SJC_hrgtADYWREeYpwEhBJaG6peFY7l5E86cM7DWVdcSX4rZospdDzm7SJCNBmFp6n-3A18ucIPugycPVDFZsUtRgmtwap9_SKYtqJzs_wWDQpiEQp7Aalw2MgmHwuQCETuvuezXZ6tjVGN--BDaRTJ9XdYEGT6k9FkzHbMi8V_gZlSgu2HJfhITR8UlwF-0_TTOysgZwGPEuKf-FvSDNvjyOAGQ==&nojs=0&ix=0&t=0&x=1600&y=1200&wcks=1&wgl=1&cnvs=1&os=0&md=0&bb=0&pl=Chrome%20PDF%20Plugin::Chrome%20PDF%20Viewer::Native%20Client&lang=en-US&pf=Linux%20x86_64&cd=24&0&pload=102 Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

1682 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
afu.php
kneeansweras.com/ 		2 KB
1 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://kneeansweras.com/afu.php?zoneid=1541501&var=1541502
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
109.206.162.83 , Netherlands, ASN50245 (SERVEREL-AS, NL),
Reverse DNS
83.162.serverel.net
Software
nginx /
Resource Hash
9accaebb1b1ea76a74fdcabb1a6b557b692ba319430ea6b932c6318fa0b6168e

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36
Accept-Language
nl-NL,nl;q=0.9

Response headers

server
nginx
date
Fri, 03 Dec 2021 16:22:43 GMT
content-type
text/html; charset=utf-8
vary
Accept-Encoding
content-encoding
gzip
timing-allow-origin
*
submit.min.js
kneeansweras.com/ 		34 KB
14 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://kneeansweras.com/submit.min.js?2.0
Requested by
Host: kneeansweras.com
URL: https://kneeansweras.com/afu.php?zoneid=1541501&var=1541502
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
109.206.162.83 , Netherlands, ASN50245 (SERVEREL-AS, NL),
Reverse DNS
83.162.serverel.net
Software
nginx /
Resource Hash
85a367f436675a0f9ff723ab117c68ab0f704cd9f183bc40c8d5e06d647832b8

Request headers

Accept-Language
nl-NL,nl;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date
Fri, 03 Dec 2021 16:22:43 GMT
content-encoding
gzip
last-modified
Thu, 02 Dec 2021 12:43:17 GMT
server
nginx
etag
W/"61a8bf65-87fb"
vary
Accept-Encoding
content-type
application/javascript
timing-allow-origin
*
/
kneeansweras.com/ 		3 KB
2 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://kneeansweras.com/?r=dir&zoneid=1541501&var=1541502&pb=9564a6b8f78ca97bec376f5881442e641638555763&psp=LeZvB7AsQyVxEZjMJGi2bgJbjaELwujTnKS1pA_SLGrD22YKh0gnTQIeU0A8iZ-Zunq5Z86k4nas8Xy5MNzRDlumpJiipY47FhmWWo5PIT1wufuwFFrBcV0Gx4efazTOln1O32KJZRuERuqdoIWBzDLlQsSaMTCtTFyX7oxePlktH0QBCp_Uq9V-MhujGyg8GRMwSTpKPOp99mFREVvdIx_pNadzWCc4HF8HZjCLYuObARotiyJpi0edsKFWT_0DKYXJNZ8hL1fbZpOjIwUyaTbBo0gMg6rXiHVCj-wOEtPJElSonwGlrdkvXcV7cgrOdZELKyyxJfcGqoaInh9rck_whr4UGZUQXvnuHyVeDiGwhz77NVB3GXW4yp-2m4iOsJ9ljw-DdVP0IlUa8PzFadaMUkrMA1oT5x115eltSPSeRE6k7HPbLiFx4N4kq8WL0m_Dn4N01W68ZsvagReoNHmDxSX04ReoD26KGYnGIcn5bDt6waI_dOvf-G0vl35jgyEkoyGaOTKF0zCANxJ1T82cDmN8iFeP9TK3sVXpuxS6kaCt1dGA1qIlD4Oyk77TF7V8qfihXxzymlQSxFUQ-Wyy3d39MVy3tMbSj1fEB-TtR3lGZ4v-Q1cx3gAWmy7bUxIIjTrk9jeAn_fVhaLPTTkmVKpaXrqGdvKQAXFM3OIbhcsS6TvuAA==&nojs=0&ix=0&t=0&x=1600&y=1200&wcks=1&wgl=1&cnvs=1&os=0&md=0&bb=0&pl=Chrome%20PDF%20Plugin::Chrome%20PDF%20Viewer::Native%20Client&lang=en-US&pf=Linux%20x86_64&cd=24&0&pload=190
Requested by
Host: kneeansweras.com
URL: https://kneeansweras.com/submit.min.js?2.0
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
109.206.162.83 , Netherlands, ASN50245 (SERVEREL-AS, NL),
Reverse DNS
83.162.serverel.net
Software
nginx /
Resource Hash
018332852f96d8f4ab65abeb771ec7d6927e0cdb560d78739466f067a3a271ce

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36
Accept-Language
nl-NL,nl;q=0.9

Response headers

server
nginx
date
Fri, 03 Dec 2021 16:22:43 GMT
content-type
text/html; charset=utf-8
vary
Accept-Encoding
content-encoding
gzip
timing-allow-origin
*
index.html
517s61.reminews.com/dannig/common-player-arrow/ 		6 KB
7 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://517s61.reminews.com/dannig/common-player-arrow/index.html?var=1541501&ymid=211203112229277990f01e41e2a88c34f1ee&rc=1&mrc=0&fsc=0&zoneid=1601571&tburl=https://play-vids.com/?geo=nl&proxy=true
Requested by
Host: kneeansweras.com
URL: https://kneeansweras.com/?r=dir&zoneid=1541501&var=1541502&pb=9564a6b8f78ca97bec376f5881442e641638555763&psp=LeZvB7AsQyVxEZjMJGi2bgJbjaELwujTnKS1pA_SLGrD22YKh0gnTQIeU0A8iZ-Zunq5Z86k4nas8Xy5MNzRDlumpJiipY47FhmWWo5PIT1wufuwFFrBcV0Gx4efazTOln1O32KJZRuERuqdoIWBzDLlQsSaMTCtTFyX7oxePlktH0QBCp_Uq9V-MhujGyg8GRMwSTpKPOp99mFREVvdIx_pNadzWCc4HF8HZjCLYuObARotiyJpi0edsKFWT_0DKYXJNZ8hL1fbZpOjIwUyaTbBo0gMg6rXiHVCj-wOEtPJElSonwGlrdkvXcV7cgrOdZELKyyxJfcGqoaInh9rck_whr4UGZUQXvnuHyVeDiGwhz77NVB3GXW4yp-2m4iOsJ9ljw-DdVP0IlUa8PzFadaMUkrMA1oT5x115eltSPSeRE6k7HPbLiFx4N4kq8WL0m_Dn4N01W68ZsvagReoNHmDxSX04ReoD26KGYnGIcn5bDt6waI_dOvf-G0vl35jgyEkoyGaOTKF0zCANxJ1T82cDmN8iFeP9TK3sVXpuxS6kaCt1dGA1qIlD4Oyk77TF7V8qfihXxzymlQSxFUQ-Wyy3d39MVy3tMbSj1fEB-TtR3lGZ4v-Q1cx3gAWmy7bUxIIjTrk9jeAn_fVhaLPTTkmVKpaXrqGdvKQAXFM3OIbhcsS6TvuAA==&nojs=0&ix=0&t=0&x=1600&y=1200&wcks=1&wgl=1&cnvs=1&os=0&md=0&bb=0&pl=Chrome%20PDF%20Plugin::Chrome%20PDF%20Viewer::Native%20Client&lang=en-US&pf=Linux%20x86_64&cd=24&0&pload=190
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
45.133.44.3 Philadelphia, United States, ASN39572 (ADVANCEDHOSTERS-AS, NL),
Reverse DNS
Software
nginx/1.18.0 /
Resource Hash
dccc56b4834577790633f041a5c730b0f283352e63c8509a9da3961b170b6f96

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36
Accept-Language
nl-NL,nl;q=0.9

Response headers

date
Fri, 03 Dec 2021 16:22:44 GMT
content-type
text/html; charset=utf-8
content-length
6611
server
nginx/1.18.0
last-modified
Tue, 26 Oct 2021 15:52:40 GMT
etag
f46a63e0e4e733d7ddc6f46da00863bf
x-timestamp
1635263559.76455
x-trans-id
txf9973ab5455e4f86ae257-00617824f3
x-openstack-request-id
txf9973ab5455e4f86ae257-00617824f3
cache-control
max-age=172800
access-control-allow-origin
*
access-control-allow-methods
HEAD,GET,POST,PUT,PATCH,DELETE,OPTIONS
access-control-allow-headers
Content-Type,X-Requested-With,X-Auth-Token,X-Openstack-Request-Id,X-Container-Meta-type,X-Container-Meta-Temp-URL-Key,Authorization
access-control-expose-headers
X-Container-Meta-Temp-Url-Key,X-Container-Bytes-Used,Last-Modified,X-Timestamp
expires
Sun, 05 Dec 2021 16:22:44 GMT
vary
Accept-Encoding
x-proxy-cache
HIT
accept-ranges
bytes
dupa.gif
kneeansweras.com/ 		43 B
123 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://kneeansweras.com/dupa.gif?z=1541501&var=1541502&pb=9564a6b8f78ca97bec376f5881442e641638555763&psp=LeZvB7AsQyVxEZjMJGi2bgJbjaELwujTnKS1pA_SLGrD22YKh0gnTQIeU0A8iZ-Zunq5Z86k4nas8Xy5MNzRDlumpJiipY47FhmWWo5PIT1wufuwFFrBcV0Gx4efazTOln1O32KJZRuERuqdoIWBzDLlQsSaMTCtTFyX7oxePlktH0QBCp_Uq9V-MhujGyg8GRMwSTpKPOp99mFREVvdIx_pNadzWCc4HF8HZjCLYuObARotiyJpi0edsKFWT_0DKYXJNZ8hL1fbZpOjIwUyaTbBo0gMg6rXiHVCj-wOEtPJElSonwGlrdkvXcV7cgrOdZELKyyxJfcGqoaInh9rck_whr4UGZUQXvnuHyVeDiGwhz77NVB3GXW4yp-2m4iOsJ9ljw-DdVP0IlUa8PzFadaMUkrMA1oT5x115eltSPSeRE6k7HPbLiFx4N4kq8WL0m_Dn4N01W68ZsvagReoNHmDxSX04ReoD26KGYnGIcn5bDt6waI_dOvf-G0vl35jgyEkoyGaOTKF0zCANxJ1T82cDmN8iFeP9TK3sVXpuxS6kaCt1dGA1qIlD4Oyk77TF7V8qfihXxzymlQSxFUQ-Wyy3d39MVy3tMbSj1fEB-TtR3lGZ4v-Q1cx3gAWmy7bUxIIjTrk9jeAn_fVhaLPTTkmVKpaXrqGdvKQAXFM3OIbhcsS6TvuAA==&pload=55
Requested by
Host: kneeansweras.com
URL: https://kneeansweras.com/?r=dir&zoneid=1541501&var=1541502&pb=9564a6b8f78ca97bec376f5881442e641638555763&psp=LeZvB7AsQyVxEZjMJGi2bgJbjaELwujTnKS1pA_SLGrD22YKh0gnTQIeU0A8iZ-Zunq5Z86k4nas8Xy5MNzRDlumpJiipY47FhmWWo5PIT1wufuwFFrBcV0Gx4efazTOln1O32KJZRuERuqdoIWBzDLlQsSaMTCtTFyX7oxePlktH0QBCp_Uq9V-MhujGyg8GRMwSTpKPOp99mFREVvdIx_pNadzWCc4HF8HZjCLYuObARotiyJpi0edsKFWT_0DKYXJNZ8hL1fbZpOjIwUyaTbBo0gMg6rXiHVCj-wOEtPJElSonwGlrdkvXcV7cgrOdZELKyyxJfcGqoaInh9rck_whr4UGZUQXvnuHyVeDiGwhz77NVB3GXW4yp-2m4iOsJ9ljw-DdVP0IlUa8PzFadaMUkrMA1oT5x115eltSPSeRE6k7HPbLiFx4N4kq8WL0m_Dn4N01W68ZsvagReoNHmDxSX04ReoD26KGYnGIcn5bDt6waI_dOvf-G0vl35jgyEkoyGaOTKF0zCANxJ1T82cDmN8iFeP9TK3sVXpuxS6kaCt1dGA1qIlD4Oyk77TF7V8qfihXxzymlQSxFUQ-Wyy3d39MVy3tMbSj1fEB-TtR3lGZ4v-Q1cx3gAWmy7bUxIIjTrk9jeAn_fVhaLPTTkmVKpaXrqGdvKQAXFM3OIbhcsS6TvuAA==&nojs=0&ix=0&t=0&x=1600&y=1200&wcks=1&wgl=1&cnvs=1&os=0&md=0&bb=0&pl=Chrome%20PDF%20Plugin::Chrome%20PDF%20Viewer::Native%20Client&lang=en-US&pf=Linux%20x86_64&cd=24&0&pload=190
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
109.206.162.83 , Netherlands, ASN50245 (SERVEREL-AS, NL),
Reverse DNS
83.162.serverel.net
Software
nginx /
Resource Hash

Request headers

Referer
Accept-Language
nl-NL,nl;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

date
Fri, 03 Dec 2021 16:22:44 GMT
server
nginx
timing-allow-origin
*
content-length
43
content-type
image/gif
script.js
123.selornews.com/dannig/common-player-arrow/ 		4 KB
5 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://123.selornews.com/dannig/common-player-arrow/script.js?a=19
Requested by
Host: 517s61.reminews.com
URL: https://517s61.reminews.com/dannig/common-player-arrow/index.html?var=1541501&ymid=211203112229277990f01e41e2a88c34f1ee&rc=1&mrc=0&fsc=0&zoneid=1601571&tburl=https://play-vids.com/?geo=nl&proxy=true
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
45.133.44.4 Philadelphia, United States, ASN39572 (ADVANCEDHOSTERS-AS, NL),
Reverse DNS
Software
nginx/1.18.0 /
Resource Hash
4d23eca65ee87fd5bce9aaefc863c5f836ad13dbb3069c72533bddfe2054d0d9

Request headers

Accept-Language
nl-NL,nl;q=0.9
Referer
https://517s61.reminews.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date
Fri, 03 Dec 2021 16:22:44 GMT
x-openstack-request-id
tx511d3042704c4fa98c709-00617824f4
x-trans-id
tx511d3042704c4fa98c709-00617824f4
x-timestamp
1631013005.68768
accept-ranges
bytes
expires
Sun, 05 Dec 2021 16:22:44 GMT
last-modified
Tue, 07 Sep 2021 11:10:06 GMT
server
nginx/1.18.0
etag
9d479878f1dadd7ee15cebf73891e8ae
vary
Accept-Encoding
access-control-allow-methods
HEAD,GET,POST,PUT,PATCH,DELETE,OPTIONS
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
access-control-expose-headers
X-Container-Meta-Temp-Url-Key,X-Container-Bytes-Used,Last-Modified,X-Timestamp
cache-control
max-age=172800
content-length
4281
access-control-allow-headers
Content-Type,X-Requested-With,X-Auth-Token,X-Openstack-Request-Id,X-Container-Meta-type,X-Container-Meta-Temp-URL-Key,Authorization
x-proxy-cache
HIT
icon1.png
123.selornews.com/dannig/common-player-arrow/img/ 		7 KB
8 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://123.selornews.com/dannig/common-player-arrow/img/icon1.png
Requested by
Host: 517s61.reminews.com
URL: https://517s61.reminews.com/dannig/common-player-arrow/index.html?var=1541501&ymid=211203112229277990f01e41e2a88c34f1ee&rc=1&mrc=0&fsc=0&zoneid=1601571&tburl=https://play-vids.com/?geo=nl&proxy=true
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
45.133.44.4 Philadelphia, United States, ASN39572 (ADVANCEDHOSTERS-AS, NL),
Reverse DNS
Software
nginx/1.18.0 /
Resource Hash

Request headers

Accept-Language
nl-NL,nl;q=0.9
Referer
https://517s61.reminews.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date
Fri, 03 Dec 2021 16:22:44 GMT
x-openstack-request-id
tx3a371b7f911d47879e956-00617824f4
x-trans-id
tx3a371b7f911d47879e956-00617824f4
x-timestamp
1621260766.56573
accept-ranges
bytes
expires
Sun, 05 Dec 2021 16:22:44 GMT
last-modified
Mon, 17 May 2021 14:12:47 GMT
server
nginx/1.18.0
etag
3d0ab5834c8bf7134e4d21fa3288317f
vary
Accept-Encoding
access-control-allow-methods
HEAD,GET,POST,PUT,PATCH,DELETE,OPTIONS
content-type
image/png
access-control-allow-origin
*
access-control-expose-headers
X-Container-Meta-Temp-Url-Key,X-Container-Bytes-Used,Last-Modified,X-Timestamp
cache-control
max-age=172800
content-length
7252
access-control-allow-headers
Content-Type,X-Requested-With,X-Auth-Token,X-Openstack-Request-Id,X-Container-Meta-type,X-Container-Meta-Temp-URL-Key,Authorization
x-proxy-cache
HIT
icon2.png
123.selornews.com/dannig/common-player-arrow/img/ 		4 KB
5 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://123.selornews.com/dannig/common-player-arrow/img/icon2.png
Requested by
Host: 517s61.reminews.com
URL: https://517s61.reminews.com/dannig/common-player-arrow/index.html?var=1541501&ymid=211203112229277990f01e41e2a88c34f1ee&rc=1&mrc=0&fsc=0&zoneid=1601571&tburl=https://play-vids.com/?geo=nl&proxy=true
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
45.133.44.4 Philadelphia, United States, ASN39572 (ADVANCEDHOSTERS-AS, NL),
Reverse DNS
Software
nginx/1.18.0 /
Resource Hash

Request headers

Accept-Language
nl-NL,nl;q=0.9
Referer
https://517s61.reminews.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date
Fri, 03 Dec 2021 16:22:44 GMT
x-openstack-request-id
txa9b08c83d6884e2e94886-00617824f0
x-trans-id
txa9b08c83d6884e2e94886-00617824f0
x-timestamp
1621260766.58366
accept-ranges
bytes
expires
Sun, 05 Dec 2021 16:22:44 GMT
last-modified
Mon, 17 May 2021 14:12:47 GMT
server
nginx/1.18.0
etag
c947d439eb93367f1af5b2a3d222f057
vary
Accept-Encoding
access-control-allow-methods
HEAD,GET,POST,PUT,PATCH,DELETE,OPTIONS
content-type
image/png
access-control-allow-origin
*
access-control-expose-headers
X-Container-Meta-Temp-Url-Key,X-Container-Bytes-Used,Last-Modified,X-Timestamp
cache-control
max-age=172800
content-length
4576
access-control-allow-headers
Content-Type,X-Requested-With,X-Auth-Token,X-Openstack-Request-Id,X-Container-Meta-type,X-Container-Meta-Temp-URL-Key,Authorization
x-proxy-cache
HIT
icon3.png
123.selornews.com/dannig/common-player-arrow/img/ 		8 KB
8 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://123.selornews.com/dannig/common-player-arrow/img/icon3.png
Requested by
Host: 517s61.reminews.com
URL: https://517s61.reminews.com/dannig/common-player-arrow/index.html?var=1541501&ymid=211203112229277990f01e41e2a88c34f1ee&rc=1&mrc=0&fsc=0&zoneid=1601571&tburl=https://play-vids.com/?geo=nl&proxy=true
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
45.133.44.4 Philadelphia, United States, ASN39572 (ADVANCEDHOSTERS-AS, NL),
Reverse DNS
Software
nginx/1.18.0 /
Resource Hash

Request headers

Accept-Language
nl-NL,nl;q=0.9
Referer
https://517s61.reminews.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date
Fri, 03 Dec 2021 16:22:44 GMT
x-openstack-request-id
txe836bc800dc74cab8c17e-00617824f0
x-trans-id
txe836bc800dc74cab8c17e-00617824f0
x-timestamp
1621260770.61859
accept-ranges
bytes
expires
Sun, 05 Dec 2021 16:22:44 GMT
last-modified
Mon, 17 May 2021 14:12:51 GMT
server
nginx/1.18.0
etag
8f3cc830da0b1fdf66bda7d1d734747b
vary
Accept-Encoding
access-control-allow-methods
HEAD,GET,POST,PUT,PATCH,DELETE,OPTIONS
content-type
image/png
access-control-allow-origin
*
access-control-expose-headers
X-Container-Meta-Temp-Url-Key,X-Container-Bytes-Used,Last-Modified,X-Timestamp
cache-control
max-age=172800
content-length
7847
access-control-allow-headers
Content-Type,X-Requested-With,X-Auth-Token,X-Openstack-Request-Id,X-Container-Meta-type,X-Container-Meta-Temp-URL-Key,Authorization
x-proxy-cache
HIT
icon4.png
123.selornews.com/dannig/common-player-arrow/img/ 		7 KB
7 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://123.selornews.com/dannig/common-player-arrow/img/icon4.png
Requested by
Host: 517s61.reminews.com
URL: https://517s61.reminews.com/dannig/common-player-arrow/index.html?var=1541501&ymid=211203112229277990f01e41e2a88c34f1ee&rc=1&mrc=0&fsc=0&zoneid=1601571&tburl=https://play-vids.com/?geo=nl&proxy=true
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
45.133.44.4 Philadelphia, United States, ASN39572 (ADVANCEDHOSTERS-AS, NL),
Reverse DNS
Software
nginx/1.18.0 /
Resource Hash

Request headers

Accept-Language
nl-NL,nl;q=0.9
Referer
https://517s61.reminews.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date
Fri, 03 Dec 2021 16:22:44 GMT
x-openstack-request-id
tx15b172dcb6084849bf123-00617824f0
x-trans-id
tx15b172dcb6084849bf123-00617824f0
x-timestamp
1621260766.57654
accept-ranges
bytes
expires
Sun, 05 Dec 2021 16:22:44 GMT
last-modified
Mon, 17 May 2021 14:12:47 GMT
server
nginx/1.18.0
etag
7ad7f32c1c0df7b4975cc41bda4ac435
vary
Accept-Encoding
access-control-allow-methods
HEAD,GET,POST,PUT,PATCH,DELETE,OPTIONS
content-type
image/png
access-control-allow-origin
*
access-control-expose-headers
X-Container-Meta-Temp-Url-Key,X-Container-Bytes-Used,Last-Modified,X-Timestamp
cache-control
max-age=172800
content-length
7032
access-control-allow-headers
Content-Type,X-Requested-With,X-Auth-Token,X-Openstack-Request-Id,X-Container-Meta-type,X-Container-Meta-Temp-URL-Key,Authorization
x-proxy-cache
HIT
icon5.png
123.selornews.com/dannig/common-player-arrow/img/ 		3 KB
4 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://123.selornews.com/dannig/common-player-arrow/img/icon5.png
Requested by
Host: 517s61.reminews.com
URL: https://517s61.reminews.com/dannig/common-player-arrow/index.html?var=1541501&ymid=211203112229277990f01e41e2a88c34f1ee&rc=1&mrc=0&fsc=0&zoneid=1601571&tburl=https://play-vids.com/?geo=nl&proxy=true
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
45.133.44.4 Philadelphia, United States, ASN39572 (ADVANCEDHOSTERS-AS, NL),
Reverse DNS
Software
nginx/1.18.0 /
Resource Hash

Request headers

Accept-Language
nl-NL,nl;q=0.9
Referer
https://517s61.reminews.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date
Fri, 03 Dec 2021 16:22:44 GMT
x-openstack-request-id
txb5043e51fe2e4d6988631-00617824f0
x-trans-id
txb5043e51fe2e4d6988631-00617824f0
x-timestamp
1621260766.74516
accept-ranges
bytes
expires
Sun, 05 Dec 2021 16:22:44 GMT
last-modified
Mon, 17 May 2021 14:12:47 GMT
server
nginx/1.18.0
etag
1e1a7582b5da63e10485d63f97abc9a0
vary
Accept-Encoding
access-control-allow-methods
HEAD,GET,POST,PUT,PATCH,DELETE,OPTIONS
content-type
image/png
access-control-allow-origin
*
access-control-expose-headers
X-Container-Meta-Temp-Url-Key,X-Container-Bytes-Used,Last-Modified,X-Timestamp
cache-control
max-age=172800
content-length
3264
access-control-allow-headers
Content-Type,X-Requested-With,X-Auth-Token,X-Openstack-Request-Id,X-Container-Meta-type,X-Container-Meta-Temp-URL-Key,Authorization
x-proxy-cache
HIT
icon7.png
123.selornews.com/dannig/common-player-arrow/img/ 		3 KB
4 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://123.selornews.com/dannig/common-player-arrow/img/icon7.png
Requested by
Host: 517s61.reminews.com
URL: https://517s61.reminews.com/dannig/common-player-arrow/index.html?var=1541501&ymid=211203112229277990f01e41e2a88c34f1ee&rc=1&mrc=0&fsc=0&zoneid=1601571&tburl=https://play-vids.com/?geo=nl&proxy=true
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
45.133.44.4 Philadelphia, United States, ASN39572 (ADVANCEDHOSTERS-AS, NL),
Reverse DNS
Software
nginx/1.18.0 /
Resource Hash

Request headers

Accept-Language
nl-NL,nl;q=0.9
Referer
https://517s61.reminews.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date
Fri, 03 Dec 2021 16:22:44 GMT
x-openstack-request-id
tx23eb648f44094a9e86fdc-00617824f0
x-trans-id
tx23eb648f44094a9e86fdc-00617824f0
x-timestamp
1621260767.43555
accept-ranges
bytes
expires
Sun, 05 Dec 2021 16:22:44 GMT
last-modified
Mon, 17 May 2021 14:12:48 GMT
server
nginx/1.18.0
etag
b512735542cb07b3b2dcf153a7dfe456
vary
Accept-Encoding
access-control-allow-methods
HEAD,GET,POST,PUT,PATCH,DELETE,OPTIONS
content-type
image/png
access-control-allow-origin
*
access-control-expose-headers
X-Container-Meta-Temp-Url-Key,X-Container-Bytes-Used,Last-Modified,X-Timestamp
cache-control
max-age=172800
content-length
3283
access-control-allow-headers
Content-Type,X-Requested-With,X-Auth-Token,X-Openstack-Request-Id,X-Container-Meta-type,X-Container-Meta-Temp-URL-Key,Authorization
x-proxy-cache
HIT
icon8.png
123.selornews.com/dannig/common-player-arrow/img/ 		4 KB
5 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://123.selornews.com/dannig/common-player-arrow/img/icon8.png
Requested by
Host: 517s61.reminews.com
URL: https://517s61.reminews.com/dannig/common-player-arrow/index.html?var=1541501&ymid=211203112229277990f01e41e2a88c34f1ee&rc=1&mrc=0&fsc=0&zoneid=1601571&tburl=https://play-vids.com/?geo=nl&proxy=true
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
45.133.44.4 Philadelphia, United States, ASN39572 (ADVANCEDHOSTERS-AS, NL),
Reverse DNS
Software
nginx/1.18.0 /
Resource Hash

Request headers

Accept-Language
nl-NL,nl;q=0.9
Referer
https://517s61.reminews.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date
Fri, 03 Dec 2021 16:22:44 GMT
x-openstack-request-id
tx287de7c84de84b77b385d-00617824f0
x-trans-id
tx287de7c84de84b77b385d-00617824f0
x-timestamp
1621260767.46514
accept-ranges
bytes
expires
Sun, 05 Dec 2021 16:22:44 GMT
last-modified
Mon, 17 May 2021 14:12:48 GMT
server
nginx/1.18.0
etag
f92d6474ebc6a3a0b576749cfb4afe98
vary
Accept-Encoding
access-control-allow-methods
HEAD,GET,POST,PUT,PATCH,DELETE,OPTIONS
content-type
image/png
access-control-allow-origin
*
access-control-expose-headers
X-Container-Meta-Temp-Url-Key,X-Container-Bytes-Used,Last-Modified,X-Timestamp
cache-control
max-age=172800
content-length
4064
access-control-allow-headers
Content-Type,X-Requested-With,X-Auth-Token,X-Openstack-Request-Id,X-Container-Meta-type,X-Container-Meta-Temp-URL-Key,Authorization
x-proxy-cache
HIT
afu.php
kneeansweras.com/ 		2 KB
1 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://kneeansweras.com/afu.php?zoneid=1541502&var=1541501
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
109.206.162.83 , Netherlands, ASN50245 (SERVEREL-AS, NL),
Reverse DNS
83.162.serverel.net
Software
nginx /
Resource Hash
b9bda3c90da6f20277017e4df04ba354e2ea99112fb6803b12c9cd83cd3ea7e3

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36
Accept-Language
nl-NL,nl;q=0.9

Response headers

server
nginx
date
Fri, 03 Dec 2021 16:22:44 GMT
content-type
text/html; charset=utf-8
vary
Accept-Encoding
content-encoding
gzip
timing-allow-origin
*
submit.min.js
kneeansweras.com/ 		34 KB
14 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://kneeansweras.com/submit.min.js?2.0
Requested by
Host: kneeansweras.com
URL: https://kneeansweras.com/afu.php?zoneid=1541502&var=1541501
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
109.206.162.83 , Netherlands, ASN50245 (SERVEREL-AS, NL),
Reverse DNS
83.162.serverel.net
Software
nginx /
Resource Hash
85a367f436675a0f9ff723ab117c68ab0f704cd9f183bc40c8d5e06d647832b8

Request headers

Accept-Language
nl-NL,nl;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date
Fri, 03 Dec 2021 16:22:44 GMT
content-encoding
gzip
last-modified
Thu, 02 Dec 2021 12:43:17 GMT
server
nginx
etag
W/"61a8bf65-87fb"
vary
Accept-Encoding
content-type
application/javascript
timing-allow-origin
*
/
kneeansweras.com/ 		3 KB
2 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://kneeansweras.com/?r=dir&zoneid=1541502&var=1541501&pb=d7a53d1bb7d22e5df7315e46fac23a1c1638555764&psp=ELAe9LQk7SJpTi0sbsET0bkkdScFOLkTeqSYxp9mAuvtCFSgPX5Eux9tQaR3Ka-ogdVMBv49Ef2AqPN5f905CBXfJRNqK_ynit0sxBFTPUvAaea3uePFC77ZWipgzDm_JWZBQUD8kaDc4Qt6kK2aq_A0yPF6b5400L3EWdF-qOU16OZQeIMdr9cBa3CCVkjjlc1nNqSOfI8odVaDGNiSNLBBwl_330x9L7zufF3i7s-OfOoWJ4wz2eeAvQujqNH-KK_iuxcpXeM278RkKdQzxkEc-OHxEZeZe4uQA2BOEIH8ZCAqJb3onrwLN04mA2sHU1y8KLlRD_fd7fD61cxbSXLgEvUZquTk8siqBUFVSyR-HrcBSGe17JkTwkn2bJArqcRf9bHuOWtnVpwo2IpAf_FwXIZ4LVzieouxoEGTx7rK4lCndFQ4NGfYwwElH2Dj0mEr5toZp3stpAlEQlVVkdO93c_xh_sGGGkUXBZmzlU5Ay3ODGpbg6pVOQiAxRSr8e-aqO5Oy-s-HDsHWd3QLcpLyIFq9M8nU6J35ypzazfJdzVEtMF7iS9-eSD3-FXcmR2t_HnFIPpC1vlifuLMtl50xV-smZOGrIK7TSG7eWLH0s2CfUgAOswlLKn95Hdzgd6Uws3GWxGFBGa4NIqZrULKos2ZBCy9YQc3HkYlkQMoXDP2T-hbAg==&nojs=0&ix=0&t=0&x=1600&y=1200&wcks=1&wgl=1&cnvs=1&os=0&md=0&bb=0&pl=Chrome%20PDF%20Plugin::Chrome%20PDF%20Viewer::Native%20Client&lang=en-US&pf=Linux%20x86_64&cd=24&0&pload=128
Requested by
Host: kneeansweras.com
URL: https://kneeansweras.com/submit.min.js?2.0
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
109.206.162.83 , Netherlands, ASN50245 (SERVEREL-AS, NL),
Reverse DNS
83.162.serverel.net
Software
nginx /
Resource Hash
74b51681b0bd384c36e628a4cc27ef17a83d3d45824da58f95729148d4bfce2f

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36
Accept-Language
nl-NL,nl;q=0.9

Response headers

server
nginx
date
Fri, 03 Dec 2021 16:22:44 GMT
content-type
text/html; charset=utf-8
vary
Accept-Encoding
content-encoding
gzip
timing-allow-origin
*
index.html
517s61.reminews.com/dannig/common-player-arrow/ 		6 KB
7 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://517s61.reminews.com/dannig/common-player-arrow/index.html?var=1541502&ymid=2112031122da8401df3c96404a972d195d99&rc=1&mrc=0&fsc=0&zoneid=1601571&tburl=https://play-vids.com/?geo=nl&proxy=true
Requested by
Host: kneeansweras.com
URL: https://kneeansweras.com/?r=dir&zoneid=1541502&var=1541501&pb=d7a53d1bb7d22e5df7315e46fac23a1c1638555764&psp=ELAe9LQk7SJpTi0sbsET0bkkdScFOLkTeqSYxp9mAuvtCFSgPX5Eux9tQaR3Ka-ogdVMBv49Ef2AqPN5f905CBXfJRNqK_ynit0sxBFTPUvAaea3uePFC77ZWipgzDm_JWZBQUD8kaDc4Qt6kK2aq_A0yPF6b5400L3EWdF-qOU16OZQeIMdr9cBa3CCVkjjlc1nNqSOfI8odVaDGNiSNLBBwl_330x9L7zufF3i7s-OfOoWJ4wz2eeAvQujqNH-KK_iuxcpXeM278RkKdQzxkEc-OHxEZeZe4uQA2BOEIH8ZCAqJb3onrwLN04mA2sHU1y8KLlRD_fd7fD61cxbSXLgEvUZquTk8siqBUFVSyR-HrcBSGe17JkTwkn2bJArqcRf9bHuOWtnVpwo2IpAf_FwXIZ4LVzieouxoEGTx7rK4lCndFQ4NGfYwwElH2Dj0mEr5toZp3stpAlEQlVVkdO93c_xh_sGGGkUXBZmzlU5Ay3ODGpbg6pVOQiAxRSr8e-aqO5Oy-s-HDsHWd3QLcpLyIFq9M8nU6J35ypzazfJdzVEtMF7iS9-eSD3-FXcmR2t_HnFIPpC1vlifuLMtl50xV-smZOGrIK7TSG7eWLH0s2CfUgAOswlLKn95Hdzgd6Uws3GWxGFBGa4NIqZrULKos2ZBCy9YQc3HkYlkQMoXDP2T-hbAg==&nojs=0&ix=0&t=0&x=1600&y=1200&wcks=1&wgl=1&cnvs=1&os=0&md=0&bb=0&pl=Chrome%20PDF%20Plugin::Chrome%20PDF%20Viewer::Native%20Client&lang=en-US&pf=Linux%20x86_64&cd=24&0&pload=128
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
45.133.44.3 Philadelphia, United States, ASN39572 (ADVANCEDHOSTERS-AS, NL),
Reverse DNS
Software
nginx/1.18.0 /
Resource Hash
dccc56b4834577790633f041a5c730b0f283352e63c8509a9da3961b170b6f96

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36
Accept-Language
nl-NL,nl;q=0.9

Response headers

date
Fri, 03 Dec 2021 16:22:44 GMT
content-type
text/html; charset=utf-8
content-length
6611
server
nginx/1.18.0
last-modified
Tue, 26 Oct 2021 15:52:40 GMT
etag
f46a63e0e4e733d7ddc6f46da00863bf
x-timestamp
1635263559.76455
x-trans-id
txf9973ab5455e4f86ae257-00617824f3
x-openstack-request-id
txf9973ab5455e4f86ae257-00617824f3
cache-control
max-age=172800
access-control-allow-origin
*
access-control-allow-methods
HEAD,GET,POST,PUT,PATCH,DELETE,OPTIONS
access-control-allow-headers
Content-Type,X-Requested-With,X-Auth-Token,X-Openstack-Request-Id,X-Container-Meta-type,X-Container-Meta-Temp-URL-Key,Authorization
access-control-expose-headers
X-Container-Meta-Temp-Url-Key,X-Container-Bytes-Used,Last-Modified,X-Timestamp
expires
Sun, 05 Dec 2021 16:22:44 GMT
vary
Accept-Encoding
x-proxy-cache
HIT
accept-ranges
bytes
dupa.gif
kneeansweras.com/ 		0
0
script.js
123.selornews.com/dannig/common-player-arrow/ 		4 KB
5 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://123.selornews.com/dannig/common-player-arrow/script.js?a=19
Requested by
Host: 517s61.reminews.com
URL: https://517s61.reminews.com/dannig/common-player-arrow/index.html?var=1541502&ymid=2112031122da8401df3c96404a972d195d99&rc=1&mrc=0&fsc=0&zoneid=1601571&tburl=https://play-vids.com/?geo=nl&proxy=true
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
45.133.44.4 Philadelphia, United States, ASN39572 (ADVANCEDHOSTERS-AS, NL),
Reverse DNS
Software
nginx/1.18.0 /
Resource Hash
4d23eca65ee87fd5bce9aaefc863c5f836ad13dbb3069c72533bddfe2054d0d9

Request headers

Accept-Language
nl-NL,nl;q=0.9
Referer
https://517s61.reminews.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date
Fri, 03 Dec 2021 16:22:44 GMT
x-openstack-request-id
tx511d3042704c4fa98c709-00617824f4
x-trans-id
tx511d3042704c4fa98c709-00617824f4
x-timestamp
1631013005.68768
accept-ranges
bytes
expires
Sun, 05 Dec 2021 16:22:44 GMT
last-modified
Tue, 07 Sep 2021 11:10:06 GMT
server
nginx/1.18.0
etag
9d479878f1dadd7ee15cebf73891e8ae
vary
Accept-Encoding
access-control-allow-methods
HEAD,GET,POST,PUT,PATCH,DELETE,OPTIONS
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
access-control-expose-headers
X-Container-Meta-Temp-Url-Key,X-Container-Bytes-Used,Last-Modified,X-Timestamp
cache-control
max-age=172800
content-length
4281
access-control-allow-headers
Content-Type,X-Requested-With,X-Auth-Token,X-Openstack-Request-Id,X-Container-Meta-type,X-Container-Meta-Temp-URL-Key,Authorization
x-proxy-cache
HIT
icon1.png
123.selornews.com/dannig/common-player-arrow/img/ 		7 KB
8 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://123.selornews.com/dannig/common-player-arrow/img/icon1.png
Requested by
Host: 517s61.reminews.com
URL: https://517s61.reminews.com/dannig/common-player-arrow/index.html?var=1541502&ymid=2112031122da8401df3c96404a972d195d99&rc=1&mrc=0&fsc=0&zoneid=1601571&tburl=https://play-vids.com/?geo=nl&proxy=true
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
45.133.44.4 Philadelphia, United States, ASN39572 (ADVANCEDHOSTERS-AS, NL),
Reverse DNS
Software
nginx/1.18.0 /
Resource Hash

Request headers

Accept-Language
nl-NL,nl;q=0.9
Referer
https://517s61.reminews.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date
Fri, 03 Dec 2021 16:22:44 GMT
x-openstack-request-id
tx3a371b7f911d47879e956-00617824f4
x-trans-id
tx3a371b7f911d47879e956-00617824f4
x-timestamp
1621260766.56573
accept-ranges
bytes
expires
Sun, 05 Dec 2021 16:22:44 GMT
last-modified
Mon, 17 May 2021 14:12:47 GMT
server
nginx/1.18.0
etag
3d0ab5834c8bf7134e4d21fa3288317f
vary
Accept-Encoding
access-control-allow-methods
HEAD,GET,POST,PUT,PATCH,DELETE,OPTIONS
content-type
image/png
access-control-allow-origin
*
access-control-expose-headers
X-Container-Meta-Temp-Url-Key,X-Container-Bytes-Used,Last-Modified,X-Timestamp
cache-control
max-age=172800
content-length
7252
access-control-allow-headers
Content-Type,X-Requested-With,X-Auth-Token,X-Openstack-Request-Id,X-Container-Meta-type,X-Container-Meta-Temp-URL-Key,Authorization
x-proxy-cache
HIT
icon2.png
123.selornews.com/dannig/common-player-arrow/img/ 		4 KB
5 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://123.selornews.com/dannig/common-player-arrow/img/icon2.png
Requested by
Host: 517s61.reminews.com
URL: https://517s61.reminews.com/dannig/common-player-arrow/index.html?var=1541502&ymid=2112031122da8401df3c96404a972d195d99&rc=1&mrc=0&fsc=0&zoneid=1601571&tburl=https://play-vids.com/?geo=nl&proxy=true
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
45.133.44.4 Philadelphia, United States, ASN39572 (ADVANCEDHOSTERS-AS, NL),
Reverse DNS
Software
nginx/1.18.0 /
Resource Hash

Request headers

Accept-Language
nl-NL,nl;q=0.9
Referer
https://517s61.reminews.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date
Fri, 03 Dec 2021 16:22:44 GMT
x-openstack-request-id
txa9b08c83d6884e2e94886-00617824f0
x-trans-id
txa9b08c83d6884e2e94886-00617824f0
x-timestamp
1621260766.58366
accept-ranges
bytes
expires
Sun, 05 Dec 2021 16:22:44 GMT
last-modified
Mon, 17 May 2021 14:12:47 GMT
server
nginx/1.18.0
etag
c947d439eb93367f1af5b2a3d222f057
vary
Accept-Encoding
access-control-allow-methods
HEAD,GET,POST,PUT,PATCH,DELETE,OPTIONS
content-type
image/png
access-control-allow-origin
*
access-control-expose-headers
X-Container-Meta-Temp-Url-Key,X-Container-Bytes-Used,Last-Modified,X-Timestamp
cache-control
max-age=172800
content-length
4576
access-control-allow-headers
Content-Type,X-Requested-With,X-Auth-Token,X-Openstack-Request-Id,X-Container-Meta-type,X-Container-Meta-Temp-URL-Key,Authorization
x-proxy-cache
HIT
icon3.png
123.selornews.com/dannig/common-player-arrow/img/ 		8 KB
8 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://123.selornews.com/dannig/common-player-arrow/img/icon3.png
Requested by
Host: 517s61.reminews.com
URL: https://517s61.reminews.com/dannig/common-player-arrow/index.html?var=1541502&ymid=2112031122da8401df3c96404a972d195d99&rc=1&mrc=0&fsc=0&zoneid=1601571&tburl=https://play-vids.com/?geo=nl&proxy=true
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
45.133.44.4 Philadelphia, United States, ASN39572 (ADVANCEDHOSTERS-AS, NL),
Reverse DNS
Software
nginx/1.18.0 /
Resource Hash

Request headers

Accept-Language
nl-NL,nl;q=0.9
Referer
https://517s61.reminews.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date
Fri, 03 Dec 2021 16:22:44 GMT
x-openstack-request-id
txe836bc800dc74cab8c17e-00617824f0
x-trans-id
txe836bc800dc74cab8c17e-00617824f0
x-timestamp
1621260770.61859
accept-ranges
bytes
expires
Sun, 05 Dec 2021 16:22:44 GMT
last-modified
Mon, 17 May 2021 14:12:51 GMT
server
nginx/1.18.0
etag
8f3cc830da0b1fdf66bda7d1d734747b
vary
Accept-Encoding
access-control-allow-methods
HEAD,GET,POST,PUT,PATCH,DELETE,OPTIONS
content-type
image/png
access-control-allow-origin
*
access-control-expose-headers
X-Container-Meta-Temp-Url-Key,X-Container-Bytes-Used,Last-Modified,X-Timestamp
cache-control
max-age=172800
content-length
7847
access-control-allow-headers
Content-Type,X-Requested-With,X-Auth-Token,X-Openstack-Request-Id,X-Container-Meta-type,X-Container-Meta-Temp-URL-Key,Authorization
x-proxy-cache
HIT
icon4.png
123.selornews.com/dannig/common-player-arrow/img/ 		7 KB
7 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://123.selornews.com/dannig/common-player-arrow/img/icon4.png
Requested by
Host: 517s61.reminews.com
URL: https://517s61.reminews.com/dannig/common-player-arrow/index.html?var=1541502&ymid=2112031122da8401df3c96404a972d195d99&rc=1&mrc=0&fsc=0&zoneid=1601571&tburl=https://play-vids.com/?geo=nl&proxy=true
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
45.133.44.4 Philadelphia, United States, ASN39572 (ADVANCEDHOSTERS-AS, NL),
Reverse DNS
Software
nginx/1.18.0 /
Resource Hash

Request headers

Accept-Language
nl-NL,nl;q=0.9
Referer
https://517s61.reminews.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date
Fri, 03 Dec 2021 16:22:44 GMT
x-openstack-request-id
tx15b172dcb6084849bf123-00617824f0
x-trans-id
tx15b172dcb6084849bf123-00617824f0
x-timestamp
1621260766.57654
accept-ranges
bytes
expires
Sun, 05 Dec 2021 16:22:44 GMT
last-modified
Mon, 17 May 2021 14:12:47 GMT
server
nginx/1.18.0
etag
7ad7f32c1c0df7b4975cc41bda4ac435
vary
Accept-Encoding
access-control-allow-methods
HEAD,GET,POST,PUT,PATCH,DELETE,OPTIONS
content-type
image/png
access-control-allow-origin
*
access-control-expose-headers
X-Container-Meta-Temp-Url-Key,X-Container-Bytes-Used,Last-Modified,X-Timestamp
cache-control
max-age=172800
content-length
7032
access-control-allow-headers
Content-Type,X-Requested-With,X-Auth-Token,X-Openstack-Request-Id,X-Container-Meta-type,X-Container-Meta-Temp-URL-Key,Authorization
x-proxy-cache
HIT
icon5.png
123.selornews.com/dannig/common-player-arrow/img/ 		3 KB
4 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://123.selornews.com/dannig/common-player-arrow/img/icon5.png
Requested by
Host: 517s61.reminews.com
URL: https://517s61.reminews.com/dannig/common-player-arrow/index.html?var=1541502&ymid=2112031122da8401df3c96404a972d195d99&rc=1&mrc=0&fsc=0&zoneid=1601571&tburl=https://play-vids.com/?geo=nl&proxy=true
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
45.133.44.4 Philadelphia, United States, ASN39572 (ADVANCEDHOSTERS-AS, NL),
Reverse DNS
Software
nginx/1.18.0 /
Resource Hash

Request headers

Accept-Language
nl-NL,nl;q=0.9
Referer
https://517s61.reminews.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date
Fri, 03 Dec 2021 16:22:44 GMT
x-openstack-request-id
txb5043e51fe2e4d6988631-00617824f0
x-trans-id
txb5043e51fe2e4d6988631-00617824f0
x-timestamp
1621260766.74516
accept-ranges
bytes
expires
Sun, 05 Dec 2021 16:22:44 GMT
last-modified
Mon, 17 May 2021 14:12:47 GMT
server
nginx/1.18.0
etag
1e1a7582b5da63e10485d63f97abc9a0
vary
Accept-Encoding
access-control-allow-methods
HEAD,GET,POST,PUT,PATCH,DELETE,OPTIONS
content-type
image/png
access-control-allow-origin
*
access-control-expose-headers
X-Container-Meta-Temp-Url-Key,X-Container-Bytes-Used,Last-Modified,X-Timestamp
cache-control
max-age=172800
content-length
3264
access-control-allow-headers
Content-Type,X-Requested-With,X-Auth-Token,X-Openstack-Request-Id,X-Container-Meta-type,X-Container-Meta-Temp-URL-Key,Authorization
x-proxy-cache
HIT
icon7.png
123.selornews.com/dannig/common-player-arrow/img/ 		3 KB
4 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://123.selornews.com/dannig/common-player-arrow/img/icon7.png
Requested by
Host: 517s61.reminews.com
URL: https://517s61.reminews.com/dannig/common-player-arrow/index.html?var=1541502&ymid=2112031122da8401df3c96404a972d195d99&rc=1&mrc=0&fsc=0&zoneid=1601571&tburl=https://play-vids.com/?geo=nl&proxy=true
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
45.133.44.4 Philadelphia, United States, ASN39572 (ADVANCEDHOSTERS-AS, NL),
Reverse DNS
Software
nginx/1.18.0 /
Resource Hash

Request headers

Accept-Language
nl-NL,nl;q=0.9
Referer
https://517s61.reminews.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date
Fri, 03 Dec 2021 16:22:44 GMT
x-openstack-request-id
tx23eb648f44094a9e86fdc-00617824f0
x-trans-id
tx23eb648f44094a9e86fdc-00617824f0
x-timestamp
1621260767.43555
accept-ranges
bytes
expires
Sun, 05 Dec 2021 16:22:44 GMT
last-modified
Mon, 17 May 2021 14:12:48 GMT
server
nginx/1.18.0
etag
b512735542cb07b3b2dcf153a7dfe456
vary
Accept-Encoding
access-control-allow-methods
HEAD,GET,POST,PUT,PATCH,DELETE,OPTIONS
content-type
image/png
access-control-allow-origin
*
access-control-expose-headers
X-Container-Meta-Temp-Url-Key,X-Container-Bytes-Used,Last-Modified,X-Timestamp
cache-control
max-age=172800
content-length
3283
access-control-allow-headers
Content-Type,X-Requested-With,X-Auth-Token,X-Openstack-Request-Id,X-Container-Meta-type,X-Container-Meta-Temp-URL-Key,Authorization
x-proxy-cache
HIT
icon8.png
123.selornews.com/dannig/common-player-arrow/img/ 		4 KB
5 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://123.selornews.com/dannig/common-player-arrow/img/icon8.png
Requested by
Host: 517s61.reminews.com
URL: https://517s61.reminews.com/dannig/common-player-arrow/index.html?var=1541502&ymid=2112031122da8401df3c96404a972d195d99&rc=1&mrc=0&fsc=0&zoneid=1601571&tburl=https://play-vids.com/?geo=nl&proxy=true
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
45.133.44.4 Philadelphia, United States, ASN39572 (ADVANCEDHOSTERS-AS, NL),
Reverse DNS
Software
nginx/1.18.0 /
Resource Hash

Request headers

Accept-Language
nl-NL,nl;q=0.9
Referer
https://517s61.reminews.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date
Fri, 03 Dec 2021 16:22:44 GMT
x-openstack-request-id
tx287de7c84de84b77b385d-00617824f0
x-trans-id
tx287de7c84de84b77b385d-00617824f0
x-timestamp
1621260767.46514
accept-ranges
bytes
expires
Sun, 05 Dec 2021 16:22:44 GMT
last-modified
Mon, 17 May 2021 14:12:48 GMT
server
nginx/1.18.0
etag
f92d6474ebc6a3a0b576749cfb4afe98
vary
Accept-Encoding
access-control-allow-methods
HEAD,GET,POST,PUT,PATCH,DELETE,OPTIONS
content-type
image/png
access-control-allow-origin
*
access-control-expose-headers
X-Container-Meta-Temp-Url-Key,X-Container-Bytes-Used,Last-Modified,X-Timestamp
cache-control
max-age=172800
content-length
4064
access-control-allow-headers
Content-Type,X-Requested-With,X-Auth-Token,X-Openstack-Request-Id,X-Container-Meta-type,X-Container-Meta-Temp-URL-Key,Authorization
x-proxy-cache
HIT
afu.php
kneeansweras.com/ 		2 KB
1 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://kneeansweras.com/afu.php?zoneid=1541501&var=1541502
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
109.206.162.83 , Netherlands, ASN50245 (SERVEREL-AS, NL),
Reverse DNS
83.162.serverel.net
Software
nginx /
Resource Hash
7038395ad3f1aba1d667480f6d1cc6b562e30995e6e11007643e10acbaebdebe

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36
Accept-Language
nl-NL,nl;q=0.9

Response headers

server
nginx
date
Fri, 03 Dec 2021 16:22:44 GMT
content-type
text/html; charset=utf-8
vary
Accept-Encoding
content-encoding
gzip
timing-allow-origin
*
submit.min.js
kneeansweras.com/ 		34 KB
14 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://kneeansweras.com/submit.min.js?2.0
Requested by
Host: kneeansweras.com
URL: https://kneeansweras.com/afu.php?zoneid=1541501&var=1541502
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
109.206.162.83 , Netherlands, ASN50245 (SERVEREL-AS, NL),
Reverse DNS
83.162.serverel.net
Software
nginx /
Resource Hash
85a367f436675a0f9ff723ab117c68ab0f704cd9f183bc40c8d5e06d647832b8

Request headers

Accept-Language
nl-NL,nl;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date
Fri, 03 Dec 2021 16:22:44 GMT
content-encoding
gzip
last-modified
Thu, 02 Dec 2021 12:43:17 GMT
server
nginx
etag
W/"61a8bf65-87fb"
vary
Accept-Encoding
content-type
application/javascript
timing-allow-origin
*
/
kneeansweras.com/ 		3 KB
2 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://kneeansweras.com/?r=dir&zoneid=1541501&var=1541502&pb=d7a53d1bb7d22e5df7315e46fac23a1c1638555764&psp=boGU7DRdeWeMzkaI1JQJQwhD1N3KV6MFz8lxo-S-xNPcTRrNtJymo30FuKa-aj40a_VPPXTv55pag5imV85YwFE__YWupo8_Yn41WtSBkxbIR2rt7EL0-W8VPh2ulrdRPxe4E-NhiE9vG-EFrZN6i8OTT0BEIn9bD7u_kBIcd6o6yB8-rXXuqe5z47S2ck8DAnzV-phgVYUy8xmkb10DoSwdmkTN6xMmAA6whuUigYOT6Wtys8Dr_NYXi_sgQzyWm4-s5uGYSMzaobBZYT_1U-tsBQXJ6JHYotMq8bJDuO7Z_fU33IpMEhRtkIVj1GHZV2rhwU5RGCX1v__wv2z_ZHB5_8T8tZYF-5XXT37cYXEUHQ54RQR2SGzty4od8u5eh-RqIGgx5rxjASyXYoAgKOxXdXEgSdAtaGGEP1BrxjI_YNL7ZMzWC6J35IqoFEopblufQc2J0WWcBlgMn22wrZR96weEHA6N2l5wt4JfkTlbxD8G6dkuqz5Fb45DnSVSAnR1PrBdNAotnN7JpV06L1CVN4q1bOgvELsrAE0l0mzj-ZpJ5thpPKKfqeYQyP3b0BddKsqrFaR-lMPdIlbRaG7lBj7PU-RGOwV1BO6m4X3BFE7UF2U8oCXA0FJ_Yt9tcwWd6pUuGOA9mLLtmp2Pa3EPxQoZuKJvWhPKEq8-XZKNgo3Xl_9oMQ==&nojs=0&ix=0&t=0&x=1600&y=1200&wcks=1&wgl=1&cnvs=1&os=0&md=0&bb=0&pl=Chrome%20PDF%20Plugin::Chrome%20PDF%20Viewer::Native%20Client&lang=en-US&pf=Linux%20x86_64&cd=24&0&pload=111
Requested by
Host: kneeansweras.com
URL: https://kneeansweras.com/submit.min.js?2.0
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
109.206.162.83 , Netherlands, ASN50245 (SERVEREL-AS, NL),
Reverse DNS
83.162.serverel.net
Software
nginx /
Resource Hash
9d9b7105cfbd3e31532a87405d46740aabfef3f3e0bcd72c7c235def6f9d8e09

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36
Accept-Language
nl-NL,nl;q=0.9

Response headers

server
nginx
date
Fri, 03 Dec 2021 16:22:44 GMT
content-type
text/html; charset=utf-8
vary
Accept-Encoding
content-encoding
gzip
timing-allow-origin
*
index.html
517s61.reminews.com/dannig/common-player-arrow/ 		6 KB
7 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://517s61.reminews.com/dannig/common-player-arrow/index.html?var=1541501&ymid=2112031122c0a84b61c8f547369166b5334c&rc=1&mrc=0&fsc=0&zoneid=1601571&tburl=https://play-vids.com/?geo=nl&proxy=true
Requested by
Host: kneeansweras.com
URL: https://kneeansweras.com/?r=dir&zoneid=1541501&var=1541502&pb=d7a53d1bb7d22e5df7315e46fac23a1c1638555764&psp=boGU7DRdeWeMzkaI1JQJQwhD1N3KV6MFz8lxo-S-xNPcTRrNtJymo30FuKa-aj40a_VPPXTv55pag5imV85YwFE__YWupo8_Yn41WtSBkxbIR2rt7EL0-W8VPh2ulrdRPxe4E-NhiE9vG-EFrZN6i8OTT0BEIn9bD7u_kBIcd6o6yB8-rXXuqe5z47S2ck8DAnzV-phgVYUy8xmkb10DoSwdmkTN6xMmAA6whuUigYOT6Wtys8Dr_NYXi_sgQzyWm4-s5uGYSMzaobBZYT_1U-tsBQXJ6JHYotMq8bJDuO7Z_fU33IpMEhRtkIVj1GHZV2rhwU5RGCX1v__wv2z_ZHB5_8T8tZYF-5XXT37cYXEUHQ54RQR2SGzty4od8u5eh-RqIGgx5rxjASyXYoAgKOxXdXEgSdAtaGGEP1BrxjI_YNL7ZMzWC6J35IqoFEopblufQc2J0WWcBlgMn22wrZR96weEHA6N2l5wt4JfkTlbxD8G6dkuqz5Fb45DnSVSAnR1PrBdNAotnN7JpV06L1CVN4q1bOgvELsrAE0l0mzj-ZpJ5thpPKKfqeYQyP3b0BddKsqrFaR-lMPdIlbRaG7lBj7PU-RGOwV1BO6m4X3BFE7UF2U8oCXA0FJ_Yt9tcwWd6pUuGOA9mLLtmp2Pa3EPxQoZuKJvWhPKEq8-XZKNgo3Xl_9oMQ==&nojs=0&ix=0&t=0&x=1600&y=1200&wcks=1&wgl=1&cnvs=1&os=0&md=0&bb=0&pl=Chrome%20PDF%20Plugin::Chrome%20PDF%20Viewer::Native%20Client&lang=en-US&pf=Linux%20x86_64&cd=24&0&pload=111
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
45.133.44.3 Philadelphia, United States, ASN39572 (ADVANCEDHOSTERS-AS, NL),
Reverse DNS
Software
nginx/1.18.0 /
Resource Hash
dccc56b4834577790633f041a5c730b0f283352e63c8509a9da3961b170b6f96

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36
Accept-Language
nl-NL,nl;q=0.9

Response headers

date
Fri, 03 Dec 2021 16:22:44 GMT
content-type
text/html; charset=utf-8
content-length
6611
server
nginx/1.18.0
last-modified
Tue, 26 Oct 2021 15:52:40 GMT
etag
f46a63e0e4e733d7ddc6f46da00863bf
x-timestamp
1635263559.76455
x-trans-id
txf9973ab5455e4f86ae257-00617824f3
x-openstack-request-id
txf9973ab5455e4f86ae257-00617824f3
cache-control
max-age=172800
access-control-allow-origin
*
access-control-allow-methods
HEAD,GET,POST,PUT,PATCH,DELETE,OPTIONS
access-control-allow-headers
Content-Type,X-Requested-With,X-Auth-Token,X-Openstack-Request-Id,X-Container-Meta-type,X-Container-Meta-Temp-URL-Key,Authorization
access-control-expose-headers
X-Container-Meta-Temp-Url-Key,X-Container-Bytes-Used,Last-Modified,X-Timestamp
expires
Sun, 05 Dec 2021 16:22:44 GMT
vary
Accept-Encoding
x-proxy-cache
HIT
accept-ranges
bytes
dupa.gif
kneeansweras.com/ 		43 B
123 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://kneeansweras.com/dupa.gif?z=1541501&var=1541502&pb=d7a53d1bb7d22e5df7315e46fac23a1c1638555764&psp=boGU7DRdeWeMzkaI1JQJQwhD1N3KV6MFz8lxo-S-xNPcTRrNtJymo30FuKa-aj40a_VPPXTv55pag5imV85YwFE__YWupo8_Yn41WtSBkxbIR2rt7EL0-W8VPh2ulrdRPxe4E-NhiE9vG-EFrZN6i8OTT0BEIn9bD7u_kBIcd6o6yB8-rXXuqe5z47S2ck8DAnzV-phgVYUy8xmkb10DoSwdmkTN6xMmAA6whuUigYOT6Wtys8Dr_NYXi_sgQzyWm4-s5uGYSMzaobBZYT_1U-tsBQXJ6JHYotMq8bJDuO7Z_fU33IpMEhRtkIVj1GHZV2rhwU5RGCX1v__wv2z_ZHB5_8T8tZYF-5XXT37cYXEUHQ54RQR2SGzty4od8u5eh-RqIGgx5rxjASyXYoAgKOxXdXEgSdAtaGGEP1BrxjI_YNL7ZMzWC6J35IqoFEopblufQc2J0WWcBlgMn22wrZR96weEHA6N2l5wt4JfkTlbxD8G6dkuqz5Fb45DnSVSAnR1PrBdNAotnN7JpV06L1CVN4q1bOgvELsrAE0l0mzj-ZpJ5thpPKKfqeYQyP3b0BddKsqrFaR-lMPdIlbRaG7lBj7PU-RGOwV1BO6m4X3BFE7UF2U8oCXA0FJ_Yt9tcwWd6pUuGOA9mLLtmp2Pa3EPxQoZuKJvWhPKEq8-XZKNgo3Xl_9oMQ==&pload=44
Requested by
Host: kneeansweras.com
URL: https://kneeansweras.com/?r=dir&zoneid=1541501&var=1541502&pb=d7a53d1bb7d22e5df7315e46fac23a1c1638555764&psp=boGU7DRdeWeMzkaI1JQJQwhD1N3KV6MFz8lxo-S-xNPcTRrNtJymo30FuKa-aj40a_VPPXTv55pag5imV85YwFE__YWupo8_Yn41WtSBkxbIR2rt7EL0-W8VPh2ulrdRPxe4E-NhiE9vG-EFrZN6i8OTT0BEIn9bD7u_kBIcd6o6yB8-rXXuqe5z47S2ck8DAnzV-phgVYUy8xmkb10DoSwdmkTN6xMmAA6whuUigYOT6Wtys8Dr_NYXi_sgQzyWm4-s5uGYSMzaobBZYT_1U-tsBQXJ6JHYotMq8bJDuO7Z_fU33IpMEhRtkIVj1GHZV2rhwU5RGCX1v__wv2z_ZHB5_8T8tZYF-5XXT37cYXEUHQ54RQR2SGzty4od8u5eh-RqIGgx5rxjASyXYoAgKOxXdXEgSdAtaGGEP1BrxjI_YNL7ZMzWC6J35IqoFEopblufQc2J0WWcBlgMn22wrZR96weEHA6N2l5wt4JfkTlbxD8G6dkuqz5Fb45DnSVSAnR1PrBdNAotnN7JpV06L1CVN4q1bOgvELsrAE0l0mzj-ZpJ5thpPKKfqeYQyP3b0BddKsqrFaR-lMPdIlbRaG7lBj7PU-RGOwV1BO6m4X3BFE7UF2U8oCXA0FJ_Yt9tcwWd6pUuGOA9mLLtmp2Pa3EPxQoZuKJvWhPKEq8-XZKNgo3Xl_9oMQ==&nojs=0&ix=0&t=0&x=1600&y=1200&wcks=1&wgl=1&cnvs=1&os=0&md=0&bb=0&pl=Chrome%20PDF%20Plugin::Chrome%20PDF%20Viewer::Native%20Client&lang=en-US&pf=Linux%20x86_64&cd=24&0&pload=111
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
109.206.162.83 , Netherlands, ASN50245 (SERVEREL-AS, NL),
Reverse DNS
83.162.serverel.net
Software
nginx /
Resource Hash

Request headers

Referer
Accept-Language
nl-NL,nl;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

date
Fri, 03 Dec 2021 16:22:44 GMT
server
nginx
timing-allow-origin
*
content-length
43
content-type
image/gif
script.js
123.selornews.com/dannig/common-player-arrow/ 		4 KB
5 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://123.selornews.com/dannig/common-player-arrow/script.js?a=19
Requested by
Host: 517s61.reminews.com
URL: https://517s61.reminews.com/dannig/common-player-arrow/index.html?var=1541501&ymid=2112031122c0a84b61c8f547369166b5334c&rc=1&mrc=0&fsc=0&zoneid=1601571&tburl=https://play-vids.com/?geo=nl&proxy=true
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
45.133.44.4 Philadelphia, United States, ASN39572 (ADVANCEDHOSTERS-AS, NL),
Reverse DNS
Software
nginx/1.18.0 /
Resource Hash
4d23eca65ee87fd5bce9aaefc863c5f836ad13dbb3069c72533bddfe2054d0d9

Request headers

Accept-Language
nl-NL,nl;q=0.9
Referer
https://517s61.reminews.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date
Fri, 03 Dec 2021 16:22:44 GMT
x-openstack-request-id
tx511d3042704c4fa98c709-00617824f4
x-trans-id
tx511d3042704c4fa98c709-00617824f4
x-timestamp
1631013005.68768
accept-ranges
bytes
expires
Sun, 05 Dec 2021 16:22:44 GMT
last-modified
Tue, 07 Sep 2021 11:10:06 GMT
server
nginx/1.18.0
etag
9d479878f1dadd7ee15cebf73891e8ae
vary
Accept-Encoding
access-control-allow-methods
HEAD,GET,POST,PUT,PATCH,DELETE,OPTIONS
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
access-control-expose-headers
X-Container-Meta-Temp-Url-Key,X-Container-Bytes-Used,Last-Modified,X-Timestamp
cache-control
max-age=172800
content-length
4281
access-control-allow-headers
Content-Type,X-Requested-With,X-Auth-Token,X-Openstack-Request-Id,X-Container-Meta-type,X-Container-Meta-Temp-URL-Key,Authorization
x-proxy-cache
HIT
icon1.png
123.selornews.com/dannig/common-player-arrow/img/ 		7 KB
8 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://123.selornews.com/dannig/common-player-arrow/img/icon1.png
Requested by
Host: 517s61.reminews.com
URL: https://517s61.reminews.com/dannig/common-player-arrow/index.html?var=1541501&ymid=2112031122c0a84b61c8f547369166b5334c&rc=1&mrc=0&fsc=0&zoneid=1601571&tburl=https://play-vids.com/?geo=nl&proxy=true
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
45.133.44.4 Philadelphia, United States, ASN39572 (ADVANCEDHOSTERS-AS, NL),
Reverse DNS
Software
nginx/1.18.0 /
Resource Hash

Request headers

Accept-Language
nl-NL,nl;q=0.9
Referer
https://517s61.reminews.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date
Fri, 03 Dec 2021 16:22:44 GMT
x-openstack-request-id
tx3a371b7f911d47879e956-00617824f4
x-trans-id
tx3a371b7f911d47879e956-00617824f4
x-timestamp
1621260766.56573
accept-ranges
bytes
expires
Sun, 05 Dec 2021 16:22:44 GMT
last-modified
Mon, 17 May 2021 14:12:47 GMT
server
nginx/1.18.0
etag
3d0ab5834c8bf7134e4d21fa3288317f
vary
Accept-Encoding
access-control-allow-methods
HEAD,GET,POST,PUT,PATCH,DELETE,OPTIONS
content-type
image/png
access-control-allow-origin
*
access-control-expose-headers
X-Container-Meta-Temp-Url-Key,X-Container-Bytes-Used,Last-Modified,X-Timestamp
cache-control
max-age=172800
content-length
7252
access-control-allow-headers
Content-Type,X-Requested-With,X-Auth-Token,X-Openstack-Request-Id,X-Container-Meta-type,X-Container-Meta-Temp-URL-Key,Authorization
x-proxy-cache
HIT
icon2.png
123.selornews.com/dannig/common-player-arrow/img/ 		4 KB
5 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://123.selornews.com/dannig/common-player-arrow/img/icon2.png
Requested by
Host: 517s61.reminews.com
URL: https://517s61.reminews.com/dannig/common-player-arrow/index.html?var=1541501&ymid=2112031122c0a84b61c8f547369166b5334c&rc=1&mrc=0&fsc=0&zoneid=1601571&tburl=https://play-vids.com/?geo=nl&proxy=true
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
45.133.44.4 Philadelphia, United States, ASN39572 (ADVANCEDHOSTERS-AS, NL),
Reverse DNS
Software
nginx/1.18.0 /
Resource Hash

Request headers

Accept-Language
nl-NL,nl;q=0.9
Referer
https://517s61.reminews.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date
Fri, 03 Dec 2021 16:22:44 GMT
x-openstack-request-id
txa9b08c83d6884e2e94886-00617824f0
x-trans-id
txa9b08c83d6884e2e94886-00617824f0
x-timestamp
1621260766.58366
accept-ranges
bytes
expires
Sun, 05 Dec 2021 16:22:44 GMT
last-modified
Mon, 17 May 2021 14:12:47 GMT
server
nginx/1.18.0
etag
c947d439eb93367f1af5b2a3d222f057
vary
Accept-Encoding
access-control-allow-methods
HEAD,GET,POST,PUT,PATCH,DELETE,OPTIONS
content-type
image/png
access-control-allow-origin
*
access-control-expose-headers
X-Container-Meta-Temp-Url-Key,X-Container-Bytes-Used,Last-Modified,X-Timestamp
cache-control
max-age=172800
content-length
4576
access-control-allow-headers
Content-Type,X-Requested-With,X-Auth-Token,X-Openstack-Request-Id,X-Container-Meta-type,X-Container-Meta-Temp-URL-Key,Authorization
x-proxy-cache
HIT
icon3.png
123.selornews.com/dannig/common-player-arrow/img/ 		8 KB
8 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://123.selornews.com/dannig/common-player-arrow/img/icon3.png
Requested by
Host: 517s61.reminews.com
URL: https://517s61.reminews.com/dannig/common-player-arrow/index.html?var=1541501&ymid=2112031122c0a84b61c8f547369166b5334c&rc=1&mrc=0&fsc=0&zoneid=1601571&tburl=https://play-vids.com/?geo=nl&proxy=true
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
45.133.44.4 Philadelphia, United States, ASN39572 (ADVANCEDHOSTERS-AS, NL),
Reverse DNS
Software
nginx/1.18.0 /
Resource Hash

Request headers

Accept-Language
nl-NL,nl;q=0.9
Referer
https://517s61.reminews.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date
Fri, 03 Dec 2021 16:22:44 GMT
x-openstack-request-id
txe836bc800dc74cab8c17e-00617824f0
x-trans-id
txe836bc800dc74cab8c17e-00617824f0
x-timestamp
1621260770.61859
accept-ranges
bytes
expires
Sun, 05 Dec 2021 16:22:44 GMT
last-modified
Mon, 17 May 2021 14:12:51 GMT
server
nginx/1.18.0
etag
8f3cc830da0b1fdf66bda7d1d734747b
vary
Accept-Encoding
access-control-allow-methods
HEAD,GET,POST,PUT,PATCH,DELETE,OPTIONS
content-type
image/png
access-control-allow-origin
*
access-control-expose-headers
X-Container-Meta-Temp-Url-Key,X-Container-Bytes-Used,Last-Modified,X-Timestamp
cache-control
max-age=172800
content-length
7847
access-control-allow-headers
Content-Type,X-Requested-With,X-Auth-Token,X-Openstack-Request-Id,X-Container-Meta-type,X-Container-Meta-Temp-URL-Key,Authorization
x-proxy-cache
HIT
icon4.png
123.selornews.com/dannig/common-player-arrow/img/ 		7 KB
7 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://123.selornews.com/dannig/common-player-arrow/img/icon4.png
Requested by
Host: 517s61.reminews.com
URL: https://517s61.reminews.com/dannig/common-player-arrow/index.html?var=1541501&ymid=2112031122c0a84b61c8f547369166b5334c&rc=1&mrc=0&fsc=0&zoneid=1601571&tburl=https://play-vids.com/?geo=nl&proxy=true
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
45.133.44.4 Philadelphia, United States, ASN39572 (ADVANCEDHOSTERS-AS, NL),
Reverse DNS
Software
nginx/1.18.0 /
Resource Hash

Request headers

Accept-Language
nl-NL,nl;q=0.9
Referer
https://517s61.reminews.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date
Fri, 03 Dec 2021 16:22:44 GMT
x-openstack-request-id
tx15b172dcb6084849bf123-00617824f0
x-trans-id
tx15b172dcb6084849bf123-00617824f0
x-timestamp
1621260766.57654
accept-ranges
bytes
expires
Sun, 05 Dec 2021 16:22:44 GMT
last-modified
Mon, 17 May 2021 14:12:47 GMT
server
nginx/1.18.0
etag
7ad7f32c1c0df7b4975cc41bda4ac435
vary
Accept-Encoding
access-control-allow-methods
HEAD,GET,POST,PUT,PATCH,DELETE,OPTIONS
content-type
image/png
access-control-allow-origin
*
access-control-expose-headers
X-Container-Meta-Temp-Url-Key,X-Container-Bytes-Used,Last-Modified,X-Timestamp
cache-control
max-age=172800
content-length
7032
access-control-allow-headers
Content-Type,X-Requested-With,X-Auth-Token,X-Openstack-Request-Id,X-Container-Meta-type,X-Container-Meta-Temp-URL-Key,Authorization
x-proxy-cache
HIT
icon5.png
123.selornews.com/dannig/common-player-arrow/img/ 		3 KB
4 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://123.selornews.com/dannig/common-player-arrow/img/icon5.png
Requested by
Host: 517s61.reminews.com
URL: https://517s61.reminews.com/dannig/common-player-arrow/index.html?var=1541501&ymid=2112031122c0a84b61c8f547369166b5334c&rc=1&mrc=0&fsc=0&zoneid=1601571&tburl=https://play-vids.com/?geo=nl&proxy=true
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
45.133.44.4 Philadelphia, United States, ASN39572 (ADVANCEDHOSTERS-AS, NL),
Reverse DNS
Software
nginx/1.18.0 /
Resource Hash

Request headers

Accept-Language
nl-NL,nl;q=0.9
Referer
https://517s61.reminews.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date
Fri, 03 Dec 2021 16:22:44 GMT
x-openstack-request-id
txb5043e51fe2e4d6988631-00617824f0
x-trans-id
txb5043e51fe2e4d6988631-00617824f0
x-timestamp
1621260766.74516
accept-ranges
bytes
expires
Sun, 05 Dec 2021 16:22:44 GMT
last-modified
Mon, 17 May 2021 14:12:47 GMT
server
nginx/1.18.0
etag
1e1a7582b5da63e10485d63f97abc9a0
vary
Accept-Encoding
access-control-allow-methods
HEAD,GET,POST,PUT,PATCH,DELETE,OPTIONS
content-type
image/png
access-control-allow-origin
*
access-control-expose-headers
X-Container-Meta-Temp-Url-Key,X-Container-Bytes-Used,Last-Modified,X-Timestamp
cache-control
max-age=172800
content-length
3264
access-control-allow-headers
Content-Type,X-Requested-With,X-Auth-Token,X-Openstack-Request-Id,X-Container-Meta-type,X-Container-Meta-Temp-URL-Key,Authorization
x-proxy-cache
HIT
icon7.png
123.selornews.com/dannig/common-player-arrow/img/ 		3 KB
4 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://123.selornews.com/dannig/common-player-arrow/img/icon7.png
Requested by
Host: 517s61.reminews.com
URL: https://517s61.reminews.com/dannig/common-player-arrow/index.html?var=1541501&ymid=2112031122c0a84b61c8f547369166b5334c&rc=1&mrc=0&fsc=0&zoneid=1601571&tburl=https://play-vids.com/?geo=nl&proxy=true
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
45.133.44.4 Philadelphia, United States, ASN39572 (ADVANCEDHOSTERS-AS, NL),
Reverse DNS
Software
nginx/1.18.0 /
Resource Hash

Request headers

Accept-Language
nl-NL,nl;q=0.9
Referer
https://517s61.reminews.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date
Fri, 03 Dec 2021 16:22:44 GMT
x-openstack-request-id
tx23eb648f44094a9e86fdc-00617824f0
x-trans-id
tx23eb648f44094a9e86fdc-00617824f0
x-timestamp
1621260767.43555
accept-ranges
bytes
expires
Sun, 05 Dec 2021 16:22:44 GMT
last-modified
Mon, 17 May 2021 14:12:48 GMT
server
nginx/1.18.0
etag
b512735542cb07b3b2dcf153a7dfe456
vary
Accept-Encoding
access-control-allow-methods
HEAD,GET,POST,PUT,PATCH,DELETE,OPTIONS
content-type
image/png
access-control-allow-origin
*
access-control-expose-headers
X-Container-Meta-Temp-Url-Key,X-Container-Bytes-Used,Last-Modified,X-Timestamp
cache-control
max-age=172800
content-length
3283
access-control-allow-headers
Content-Type,X-Requested-With,X-Auth-Token,X-Openstack-Request-Id,X-Container-Meta-type,X-Container-Meta-Temp-URL-Key,Authorization
x-proxy-cache
HIT
icon8.png
123.selornews.com/dannig/common-player-arrow/img/ 		4 KB
5 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://123.selornews.com/dannig/common-player-arrow/img/icon8.png
Requested by
Host: 517s61.reminews.com
URL: https://517s61.reminews.com/dannig/common-player-arrow/index.html?var=1541501&ymid=2112031122c0a84b61c8f547369166b5334c&rc=1&mrc=0&fsc=0&zoneid=1601571&tburl=https://play-vids.com/?geo=nl&proxy=true
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
45.133.44.4 Philadelphia, United States, ASN39572 (ADVANCEDHOSTERS-AS, NL),
Reverse DNS
Software
nginx/1.18.0 /
Resource Hash

Request headers

Accept-Language
nl-NL,nl;q=0.9
Referer
https://517s61.reminews.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date
Fri, 03 Dec 2021 16:22:44 GMT
x-openstack-request-id
tx287de7c84de84b77b385d-00617824f0
x-trans-id
tx287de7c84de84b77b385d-00617824f0
x-timestamp
1621260767.46514
accept-ranges
bytes
expires
Sun, 05 Dec 2021 16:22:44 GMT
last-modified
Mon, 17 May 2021 14:12:48 GMT
server
nginx/1.18.0
etag
f92d6474ebc6a3a0b576749cfb4afe98
vary
Accept-Encoding
access-control-allow-methods
HEAD,GET,POST,PUT,PATCH,DELETE,OPTIONS
content-type
image/png
access-control-allow-origin
*
access-control-expose-headers
X-Container-Meta-Temp-Url-Key,X-Container-Bytes-Used,Last-Modified,X-Timestamp
cache-control
max-age=172800
content-length
4064
access-control-allow-headers
Content-Type,X-Requested-With,X-Auth-Token,X-Openstack-Request-Id,X-Container-Meta-type,X-Container-Meta-Temp-URL-Key,Authorization
x-proxy-cache
HIT
afu.php
kneeansweras.com/ 		2 KB
1 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://kneeansweras.com/afu.php?zoneid=1541502&var=1541501
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
109.206.162.83 , Netherlands, ASN50245 (SERVEREL-AS, NL),
Reverse DNS
83.162.serverel.net
Software
nginx /
Resource Hash
4b920b605b447309d74e9bb03b62c9538f302d454844473bb9d389c341534c70

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36
Accept-Language
nl-NL,nl;q=0.9

Response headers

server
nginx
date
Fri, 03 Dec 2021 16:22:44 GMT
content-type
text/html; charset=utf-8
vary
Accept-Encoding
content-encoding
gzip
timing-allow-origin
*
submit.min.js
kneeansweras.com/ 		34 KB
14 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://kneeansweras.com/submit.min.js?2.0
Requested by
Host: kneeansweras.com
URL: https://kneeansweras.com/afu.php?zoneid=1541502&var=1541501
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
109.206.162.83 , Netherlands, ASN50245 (SERVEREL-AS, NL),
Reverse DNS
83.162.serverel.net
Software
nginx /
Resource Hash
85a367f436675a0f9ff723ab117c68ab0f704cd9f183bc40c8d5e06d647832b8

Request headers

Accept-Language
nl-NL,nl;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date
Fri, 03 Dec 2021 16:22:44 GMT
content-encoding
gzip
last-modified
Thu, 02 Dec 2021 12:43:17 GMT
server
nginx
etag
W/"61a8bf65-87fb"
vary
Accept-Encoding
content-type
application/javascript
timing-allow-origin
*
/
kneeansweras.com/ 		3 KB
2 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://kneeansweras.com/?r=dir&zoneid=1541502&var=1541501&pb=d7a53d1bb7d22e5df7315e46fac23a1c1638555764&psp=eEhHyW8l0M12ypw7Y1DnTmBVrMgwyO1m8Yfhn1100OetVMXDNTT7jtdkMHTJuS45lm8iOXsSgrQTDgj-HH3UOzuHaSigx4lDvH1GFVRJGWRfvgsONl4ISdPVWvRHYH5TOUmXroBe8EZe9iur2dYXmCHk556K5ILKuRhzBFqWJwqgjZ3LhxRvW-lrxfDG_SkEpQ6WzBfHfP8yrCtt33_VxN0JexT2m7RdAMfdq3IQhK01Tr2YdhJGl1PhhwVf_vBoyXwcaNkkYzsLDQlb_CsOe37KRkca8dvSmGMNFVp_wmmhzeKRqLaj9tLkpwpa6YYO--qxZMiQNYOg4hEx1xqewDXRf9EmryX_AC5Hue3f7IUCilBuIWHI3O5CT7tojo289419dSv2tMQZYCrmbeBhpzOQsuGgVxd1Yr71d2t-WXJKLqHicd2UOR1-xIHqOn9X07rlxf4y8y8sXzJhR-N5QxJcLb3AXax0kGeZwx43lVOzNcqK1dG-6xDu6dK-9-S2x8c7iQFWXpa7HUMPs9eHYRrVsASGvgBxWKJ5j4Huo_RL63_KVr04AMi_Dv3JAj0tRG27OmlbT9PQHwANOXswdW5zEBn5VMzG56s4nzBE7HWyMi5KIh3PgSVsOjUxVPCh023mBo9XNQmnhxrtFnFqbnwnYlCa4FhVpbR-fsV5aYVHJeRs53d21g==&nojs=0&ix=0&t=0&x=1600&y=1200&wcks=1&wgl=1&cnvs=1&os=0&md=0&bb=0&pl=Chrome%20PDF%20Plugin::Chrome%20PDF%20Viewer::Native%20Client&lang=en-US&pf=Linux%20x86_64&cd=24&0&pload=115
Requested by
Host: kneeansweras.com
URL: https://kneeansweras.com/submit.min.js?2.0
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
109.206.162.83 , Netherlands, ASN50245 (SERVEREL-AS, NL),
Reverse DNS
83.162.serverel.net
Software
nginx /
Resource Hash
e3ae9adbb60bc1549eb189fd9d770fa96889360a1e7800aaa9b27a1b68d1315e

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36
Accept-Language
nl-NL,nl;q=0.9

Response headers

server
nginx
date
Fri, 03 Dec 2021 16:22:44 GMT
content-type
text/html; charset=utf-8
vary
Accept-Encoding
content-encoding
gzip
timing-allow-origin
*
index.html
517s61.reminews.com/dannig/common-player-arrow/ 		6 KB
7 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://517s61.reminews.com/dannig/common-player-arrow/index.html?var=1541502&ymid=211203112221b23744c5cd4a63aec7b3dc42&rc=1&mrc=0&fsc=0&zoneid=1601571&tburl=https://play-vids.com/?geo=nl&proxy=true
Requested by
Host: kneeansweras.com
URL: https://kneeansweras.com/?r=dir&zoneid=1541502&var=1541501&pb=d7a53d1bb7d22e5df7315e46fac23a1c1638555764&psp=eEhHyW8l0M12ypw7Y1DnTmBVrMgwyO1m8Yfhn1100OetVMXDNTT7jtdkMHTJuS45lm8iOXsSgrQTDgj-HH3UOzuHaSigx4lDvH1GFVRJGWRfvgsONl4ISdPVWvRHYH5TOUmXroBe8EZe9iur2dYXmCHk556K5ILKuRhzBFqWJwqgjZ3LhxRvW-lrxfDG_SkEpQ6WzBfHfP8yrCtt33_VxN0JexT2m7RdAMfdq3IQhK01Tr2YdhJGl1PhhwVf_vBoyXwcaNkkYzsLDQlb_CsOe37KRkca8dvSmGMNFVp_wmmhzeKRqLaj9tLkpwpa6YYO--qxZMiQNYOg4hEx1xqewDXRf9EmryX_AC5Hue3f7IUCilBuIWHI3O5CT7tojo289419dSv2tMQZYCrmbeBhpzOQsuGgVxd1Yr71d2t-WXJKLqHicd2UOR1-xIHqOn9X07rlxf4y8y8sXzJhR-N5QxJcLb3AXax0kGeZwx43lVOzNcqK1dG-6xDu6dK-9-S2x8c7iQFWXpa7HUMPs9eHYRrVsASGvgBxWKJ5j4Huo_RL63_KVr04AMi_Dv3JAj0tRG27OmlbT9PQHwANOXswdW5zEBn5VMzG56s4nzBE7HWyMi5KIh3PgSVsOjUxVPCh023mBo9XNQmnhxrtFnFqbnwnYlCa4FhVpbR-fsV5aYVHJeRs53d21g==&nojs=0&ix=0&t=0&x=1600&y=1200&wcks=1&wgl=1&cnvs=1&os=0&md=0&bb=0&pl=Chrome%20PDF%20Plugin::Chrome%20PDF%20Viewer::Native%20Client&lang=en-US&pf=Linux%20x86_64&cd=24&0&pload=115
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
45.133.44.3 Philadelphia, United States, ASN39572 (ADVANCEDHOSTERS-AS, NL),
Reverse DNS
Software
nginx/1.18.0 /
Resource Hash
dccc56b4834577790633f041a5c730b0f283352e63c8509a9da3961b170b6f96

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36
Accept-Language
nl-NL,nl;q=0.9

Response headers

date
Fri, 03 Dec 2021 16:22:44 GMT
content-type
text/html; charset=utf-8
content-length
6611
server
nginx/1.18.0
last-modified
Tue, 26 Oct 2021 15:52:40 GMT
etag
f46a63e0e4e733d7ddc6f46da00863bf
x-timestamp
1635263559.76455
x-trans-id
txf9973ab5455e4f86ae257-00617824f3
x-openstack-request-id
txf9973ab5455e4f86ae257-00617824f3
cache-control
max-age=172800
access-control-allow-origin
*
access-control-allow-methods
HEAD,GET,POST,PUT,PATCH,DELETE,OPTIONS
access-control-allow-headers
Content-Type,X-Requested-With,X-Auth-Token,X-Openstack-Request-Id,X-Container-Meta-type,X-Container-Meta-Temp-URL-Key,Authorization
access-control-expose-headers
X-Container-Meta-Temp-Url-Key,X-Container-Bytes-Used,Last-Modified,X-Timestamp
expires
Sun, 05 Dec 2021 16:22:44 GMT
vary
Accept-Encoding
x-proxy-cache
HIT
accept-ranges
bytes
dupa.gif
kneeansweras.com/ 		0
0
script.js
123.selornews.com/dannig/common-player-arrow/ 		4 KB
5 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://123.selornews.com/dannig/common-player-arrow/script.js?a=19
Requested by
Host: 517s61.reminews.com
URL: https://517s61.reminews.com/dannig/common-player-arrow/index.html?var=1541502&ymid=211203112221b23744c5cd4a63aec7b3dc42&rc=1&mrc=0&fsc=0&zoneid=1601571&tburl=https://play-vids.com/?geo=nl&proxy=true
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
45.133.44.4 Philadelphia, United States, ASN39572 (ADVANCEDHOSTERS-AS, NL),
Reverse DNS
Software
nginx/1.18.0 /
Resource Hash
4d23eca65ee87fd5bce9aaefc863c5f836ad13dbb3069c72533bddfe2054d0d9

Request headers

Accept-Language
nl-NL,nl;q=0.9
Referer
https://517s61.reminews.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date
Fri, 03 Dec 2021 16:22:44 GMT
x-openstack-request-id
tx511d3042704c4fa98c709-00617824f4
x-trans-id
tx511d3042704c4fa98c709-00617824f4
x-timestamp
1631013005.68768
accept-ranges
bytes
expires
Sun, 05 Dec 2021 16:22:44 GMT
last-modified
Tue, 07 Sep 2021 11:10:06 GMT
server
nginx/1.18.0
etag
9d479878f1dadd7ee15cebf73891e8ae
vary
Accept-Encoding
access-control-allow-methods
HEAD,GET,POST,PUT,PATCH,DELETE,OPTIONS
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
access-control-expose-headers
X-Container-Meta-Temp-Url-Key,X-Container-Bytes-Used,Last-Modified,X-Timestamp
cache-control
max-age=172800
content-length
4281
access-control-allow-headers
Content-Type,X-Requested-With,X-Auth-Token,X-Openstack-Request-Id,X-Container-Meta-type,X-Container-Meta-Temp-URL-Key,Authorization
x-proxy-cache
HIT
icon1.png
123.selornews.com/dannig/common-player-arrow/img/ 		7 KB
8 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://123.selornews.com/dannig/common-player-arrow/img/icon1.png
Requested by
Host: 517s61.reminews.com
URL: https://517s61.reminews.com/dannig/common-player-arrow/index.html?var=1541502&ymid=211203112221b23744c5cd4a63aec7b3dc42&rc=1&mrc=0&fsc=0&zoneid=1601571&tburl=https://play-vids.com/?geo=nl&proxy=true
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
45.133.44.4 Philadelphia, United States, ASN39572 (ADVANCEDHOSTERS-AS, NL),
Reverse DNS
Software
nginx/1.18.0 /
Resource Hash

Request headers

Accept-Language
nl-NL,nl;q=0.9
Referer
https://517s61.reminews.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date
Fri, 03 Dec 2021 16:22:44 GMT
x-openstack-request-id
tx3a371b7f911d47879e956-00617824f4
x-trans-id
tx3a371b7f911d47879e956-00617824f4
x-timestamp
1621260766.56573
accept-ranges
bytes
expires
Sun, 05 Dec 2021 16:22:44 GMT
last-modified
Mon, 17 May 2021 14:12:47 GMT
server
nginx/1.18.0
etag
3d0ab5834c8bf7134e4d21fa3288317f
vary
Accept-Encoding
access-control-allow-methods
HEAD,GET,POST,PUT,PATCH,DELETE,OPTIONS
content-type
image/png
access-control-allow-origin
*
access-control-expose-headers
X-Container-Meta-Temp-Url-Key,X-Container-Bytes-Used,Last-Modified,X-Timestamp
cache-control
max-age=172800
content-length
7252
access-control-allow-headers
Content-Type,X-Requested-With,X-Auth-Token,X-Openstack-Request-Id,X-Container-Meta-type,X-Container-Meta-Temp-URL-Key,Authorization
x-proxy-cache
HIT
icon2.png
123.selornews.com/dannig/common-player-arrow/img/ 		4 KB
5 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://123.selornews.com/dannig/common-player-arrow/img/icon2.png
Requested by
Host: 517s61.reminews.com
URL: https://517s61.reminews.com/dannig/common-player-arrow/index.html?var=1541502&ymid=211203112221b23744c5cd4a63aec7b3dc42&rc=1&mrc=0&fsc=0&zoneid=1601571&tburl=https://play-vids.com/?geo=nl&proxy=true
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
45.133.44.4 Philadelphia, United States, ASN39572 (ADVANCEDHOSTERS-AS, NL),
Reverse DNS
Software
nginx/1.18.0 /
Resource Hash

Request headers

Accept-Language
nl-NL,nl;q=0.9
Referer
https://517s61.reminews.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date
Fri, 03 Dec 2021 16:22:44 GMT
x-openstack-request-id
txa9b08c83d6884e2e94886-00617824f0
x-trans-id
txa9b08c83d6884e2e94886-00617824f0
x-timestamp
1621260766.58366
accept-ranges
bytes
expires
Sun, 05 Dec 2021 16:22:44 GMT
last-modified
Mon, 17 May 2021 14:12:47 GMT
server
nginx/1.18.0
etag
c947d439eb93367f1af5b2a3d222f057
vary
Accept-Encoding
access-control-allow-methods
HEAD,GET,POST,PUT,PATCH,DELETE,OPTIONS
content-type
image/png
access-control-allow-origin
*
access-control-expose-headers
X-Container-Meta-Temp-Url-Key,X-Container-Bytes-Used,Last-Modified,X-Timestamp
cache-control
max-age=172800
content-length
4576
access-control-allow-headers
Content-Type,X-Requested-With,X-Auth-Token,X-Openstack-Request-Id,X-Container-Meta-type,X-Container-Meta-Temp-URL-Key,Authorization
x-proxy-cache
HIT
icon3.png
123.selornews.com/dannig/common-player-arrow/img/ 		8 KB
8 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://123.selornews.com/dannig/common-player-arrow/img/icon3.png
Requested by
Host: 517s61.reminews.com
URL: https://517s61.reminews.com/dannig/common-player-arrow/index.html?var=1541502&ymid=211203112221b23744c5cd4a63aec7b3dc42&rc=1&mrc=0&fsc=0&zoneid=1601571&tburl=https://play-vids.com/?geo=nl&proxy=true
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
45.133.44.4 Philadelphia, United States, ASN39572 (ADVANCEDHOSTERS-AS, NL),
Reverse DNS
Software
nginx/1.18.0 /
Resource Hash

Request headers

Accept-Language
nl-NL,nl;q=0.9
Referer
https://517s61.reminews.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date
Fri, 03 Dec 2021 16:22:44 GMT
x-openstack-request-id
txe836bc800dc74cab8c17e-00617824f0
x-trans-id
txe836bc800dc74cab8c17e-00617824f0
x-timestamp
1621260770.61859
accept-ranges
bytes
expires
Sun, 05 Dec 2021 16:22:44 GMT
last-modified
Mon, 17 May 2021 14:12:51 GMT
server
nginx/1.18.0
etag
8f3cc830da0b1fdf66bda7d1d734747b
vary
Accept-Encoding
access-control-allow-methods
HEAD,GET,POST,PUT,PATCH,DELETE,OPTIONS
content-type
image/png
access-control-allow-origin
*
access-control-expose-headers
X-Container-Meta-Temp-Url-Key,X-Container-Bytes-Used,Last-Modified,X-Timestamp
cache-control
max-age=172800
content-length
7847
access-control-allow-headers
Content-Type,X-Requested-With,X-Auth-Token,X-Openstack-Request-Id,X-Container-Meta-type,X-Container-Meta-Temp-URL-Key,Authorization
x-proxy-cache
HIT
icon4.png
123.selornews.com/dannig/common-player-arrow/img/ 		7 KB
7 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://123.selornews.com/dannig/common-player-arrow/img/icon4.png
Requested by
Host: 517s61.reminews.com
URL: https://517s61.reminews.com/dannig/common-player-arrow/index.html?var=1541502&ymid=211203112221b23744c5cd4a63aec7b3dc42&rc=1&mrc=0&fsc=0&zoneid=1601571&tburl=https://play-vids.com/?geo=nl&proxy=true
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
45.133.44.4 Philadelphia, United States, ASN39572 (ADVANCEDHOSTERS-AS, NL),
Reverse DNS
Software
nginx/1.18.0 /
Resource Hash

Request headers

Accept-Language
nl-NL,nl;q=0.9
Referer
https://517s61.reminews.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date
Fri, 03 Dec 2021 16:22:44 GMT
x-openstack-request-id
tx15b172dcb6084849bf123-00617824f0
x-trans-id
tx15b172dcb6084849bf123-00617824f0
x-timestamp
1621260766.57654
accept-ranges
bytes
expires
Sun, 05 Dec 2021 16:22:44 GMT
last-modified
Mon, 17 May 2021 14:12:47 GMT
server
nginx/1.18.0
etag
7ad7f32c1c0df7b4975cc41bda4ac435
vary
Accept-Encoding
access-control-allow-methods
HEAD,GET,POST,PUT,PATCH,DELETE,OPTIONS
content-type
image/png
access-control-allow-origin
*
access-control-expose-headers
X-Container-Meta-Temp-Url-Key,X-Container-Bytes-Used,Last-Modified,X-Timestamp
cache-control
max-age=172800
content-length
7032
access-control-allow-headers
Content-Type,X-Requested-With,X-Auth-Token,X-Openstack-Request-Id,X-Container-Meta-type,X-Container-Meta-Temp-URL-Key,Authorization
x-proxy-cache
HIT
icon5.png
123.selornews.com/dannig/common-player-arrow/img/ 		3 KB
4 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://123.selornews.com/dannig/common-player-arrow/img/icon5.png
Requested by
Host: 517s61.reminews.com
URL: https://517s61.reminews.com/dannig/common-player-arrow/index.html?var=1541502&ymid=211203112221b23744c5cd4a63aec7b3dc42&rc=1&mrc=0&fsc=0&zoneid=1601571&tburl=https://play-vids.com/?geo=nl&proxy=true
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
45.133.44.4 Philadelphia, United States, ASN39572 (ADVANCEDHOSTERS-AS, NL),
Reverse DNS
Software
nginx/1.18.0 /
Resource Hash

Request headers

Accept-Language
nl-NL,nl;q=0.9
Referer
https://517s61.reminews.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date
Fri, 03 Dec 2021 16:22:44 GMT
x-openstack-request-id
txb5043e51fe2e4d6988631-00617824f0
x-trans-id
txb5043e51fe2e4d6988631-00617824f0
x-timestamp
1621260766.74516
accept-ranges
bytes
expires
Sun, 05 Dec 2021 16:22:44 GMT
last-modified
Mon, 17 May 2021 14:12:47 GMT
server
nginx/1.18.0
etag
1e1a7582b5da63e10485d63f97abc9a0
vary
Accept-Encoding
access-control-allow-methods
HEAD,GET,POST,PUT,PATCH,DELETE,OPTIONS
content-type
image/png
access-control-allow-origin
*
access-control-expose-headers
X-Container-Meta-Temp-Url-Key,X-Container-Bytes-Used,Last-Modified,X-Timestamp
cache-control
max-age=172800
content-length
3264
access-control-allow-headers
Content-Type,X-Requested-With,X-Auth-Token,X-Openstack-Request-Id,X-Container-Meta-type,X-Container-Meta-Temp-URL-Key,Authorization
x-proxy-cache
HIT
icon7.png
123.selornews.com/dannig/common-player-arrow/img/ 		3 KB
4 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://123.selornews.com/dannig/common-player-arrow/img/icon7.png
Requested by
Host: 517s61.reminews.com
URL: https://517s61.reminews.com/dannig/common-player-arrow/index.html?var=1541502&ymid=211203112221b23744c5cd4a63aec7b3dc42&rc=1&mrc=0&fsc=0&zoneid=1601571&tburl=https://play-vids.com/?geo=nl&proxy=true
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
45.133.44.4 Philadelphia, United States, ASN39572 (ADVANCEDHOSTERS-AS, NL),
Reverse DNS
Software
nginx/1.18.0 /
Resource Hash

Request headers

Accept-Language
nl-NL,nl;q=0.9
Referer
https://517s61.reminews.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date
Fri, 03 Dec 2021 16:22:44 GMT
x-openstack-request-id
tx23eb648f44094a9e86fdc-00617824f0
x-trans-id
tx23eb648f44094a9e86fdc-00617824f0
x-timestamp
1621260767.43555
accept-ranges
bytes
expires
Sun, 05 Dec 2021 16:22:44 GMT
last-modified
Mon, 17 May 2021 14:12:48 GMT
server
nginx/1.18.0
etag
b512735542cb07b3b2dcf153a7dfe456
vary
Accept-Encoding
access-control-allow-methods
HEAD,GET,POST,PUT,PATCH,DELETE,OPTIONS
content-type
image/png
access-control-allow-origin
*
access-control-expose-headers
X-Container-Meta-Temp-Url-Key,X-Container-Bytes-Used,Last-Modified,X-Timestamp
cache-control
max-age=172800
content-length
3283
access-control-allow-headers
Content-Type,X-Requested-With,X-Auth-Token,X-Openstack-Request-Id,X-Container-Meta-type,X-Container-Meta-Temp-URL-Key,Authorization
x-proxy-cache
HIT
icon8.png
123.selornews.com/dannig/common-player-arrow/img/ 		4 KB
5 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://123.selornews.com/dannig/common-player-arrow/img/icon8.png
Requested by
Host: 517s61.reminews.com
URL: https://517s61.reminews.com/dannig/common-player-arrow/index.html?var=1541502&ymid=211203112221b23744c5cd4a63aec7b3dc42&rc=1&mrc=0&fsc=0&zoneid=1601571&tburl=https://play-vids.com/?geo=nl&proxy=true
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
45.133.44.4 Philadelphia, United States, ASN39572 (ADVANCEDHOSTERS-AS, NL),
Reverse DNS
Software
nginx/1.18.0 /
Resource Hash

Request headers

Accept-Language
nl-NL,nl;q=0.9
Referer
https://517s61.reminews.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date
Fri, 03 Dec 2021 16:22:44 GMT
x-openstack-request-id
tx287de7c84de84b77b385d-00617824f0
x-trans-id
tx287de7c84de84b77b385d-00617824f0
x-timestamp
1621260767.46514
accept-ranges
bytes
expires
Sun, 05 Dec 2021 16:22:44 GMT
last-modified
Mon, 17 May 2021 14:12:48 GMT
server
nginx/1.18.0
etag
f92d6474ebc6a3a0b576749cfb4afe98
vary
Accept-Encoding
access-control-allow-methods
HEAD,GET,POST,PUT,PATCH,DELETE,OPTIONS
content-type
image/png
access-control-allow-origin
*
access-control-expose-headers
X-Container-Meta-Temp-Url-Key,X-Container-Bytes-Used,Last-Modified,X-Timestamp
cache-control
max-age=172800
content-length
4064
access-control-allow-headers
Content-Type,X-Requested-With,X-Auth-Token,X-Openstack-Request-Id,X-Container-Meta-type,X-Container-Meta-Temp-URL-Key,Authorization
x-proxy-cache
HIT
afu.php
kneeansweras.com/ 		2 KB
1 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://kneeansweras.com/afu.php?zoneid=1541501&var=1541502
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
109.206.162.83 , Netherlands, ASN50245 (SERVEREL-AS, NL),
Reverse DNS
83.162.serverel.net
Software
nginx /
Resource Hash
4cae06c28e92a7c593661c838d0b94e476c476ea614b8e58d01cf77b71e6f4a0

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36
Accept-Language
nl-NL,nl;q=0.9

Response headers

server
nginx
date
Fri, 03 Dec 2021 16:22:44 GMT
content-type
text/html; charset=utf-8
vary
Accept-Encoding
content-encoding
gzip
timing-allow-origin
*
submit.min.js
kneeansweras.com/ 		34 KB
14 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://kneeansweras.com/submit.min.js?2.0
Requested by
Host: kneeansweras.com
URL: https://kneeansweras.com/afu.php?zoneid=1541501&var=1541502
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
109.206.162.83 , Netherlands, ASN50245 (SERVEREL-AS, NL),
Reverse DNS
83.162.serverel.net
Software
nginx /
Resource Hash
85a367f436675a0f9ff723ab117c68ab0f704cd9f183bc40c8d5e06d647832b8

Request headers

Accept-Language
nl-NL,nl;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date
Fri, 03 Dec 2021 16:22:44 GMT
content-encoding
gzip
last-modified
Thu, 02 Dec 2021 12:43:17 GMT
server
nginx
etag
W/"61a8bf65-87fb"
vary
Accept-Encoding
content-type
application/javascript
timing-allow-origin
*
/
kneeansweras.com/ 		3 KB
2 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://kneeansweras.com/?r=dir&zoneid=1541501&var=1541502&pb=d7a53d1bb7d22e5df7315e46fac23a1c1638555764&psp=f8WV40hkK3Xzin9T9ptCxr5xAZXShQQPEDX1f63tNgXcD8l7NcjWWTPcPTlfB3lUgiTrTtO3N3RJVV_29NGZQJRHo7dyh0PcuCVM99w4eZRGNUvaVS0d32j72XQv7YrZytUr9bfcJSwlzESxm_8Y5vKYYHff-Dwr5q5CdPiE82JHCJBOtSk3D2F1MkV7kg7KCPBYuIBe0gpU2X_HGY-GA_yIAUitZ9lDKqe69P34o33kOHq7NSRxeM440xtUOgO5KqJqBbbNYXyyAYwwn0U8zyiOzO35audmX0Y7-1UA3OTDrzcC-oDyaAyXrxxugB5hR74nOoCkoz4-2CWqHECazEYdpJv3_a5WNeNth7FCEu2EEEQQYXPE83m8G143sGrWJw7zENx9KNSkRvXKrg-gpd2FGMZ5kR8W-sbeQufKFDh4Tp05ncFYeieOEtLekgLl9LuVQ2u2sFStTPk6KVWsHrk9fMQZDnEbEfI6teR60csAJb9Fn3U8kXzN9rsj2BhC3E2MHLjUC9ZEGJ3pXGdxcME8EWIxHSNYeSZxV72PkIoZK8ihxIaNhI24HQmGoyq475jJMp22YaIxMJ5GA9W4UKyeNV9W8uCvNl-TIs02eLgFeJcfN5Sv8zrrSqOTncE3MQilGHQDH1ryvGSRuoEWM9ujVkI8XiM2maqAJqkkwidjgmIGrUjAhQ==&nojs=0&ix=0&t=0&x=1600&y=1200&wcks=1&wgl=1&cnvs=1&os=0&md=0&bb=0&pl=Chrome%20PDF%20Plugin::Chrome%20PDF%20Viewer::Native%20Client&lang=en-US&pf=Linux%20x86_64&cd=24&0&pload=102
Requested by
Host: kneeansweras.com
URL: https://kneeansweras.com/submit.min.js?2.0
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
109.206.162.83 , Netherlands, ASN50245 (SERVEREL-AS, NL),
Reverse DNS
83.162.serverel.net
Software
nginx /
Resource Hash
15798f614410af82da8504dede473c53dad053e1d167e2fba26c8e7379cf8113

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36
Accept-Language
nl-NL,nl;q=0.9

Response headers

server
nginx
date
Fri, 03 Dec 2021 16:22:44 GMT
content-type
text/html; charset=utf-8
vary
Accept-Encoding
content-encoding
gzip
timing-allow-origin
*
index.html
517s61.reminews.com/dannig/common-player-arrow/ 		6 KB
7 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://517s61.reminews.com/dannig/common-player-arrow/index.html?var=1541501&ymid=2112031122e575c347bc924181b635d100ed&rc=1&mrc=0&fsc=0&zoneid=1601571&tburl=https://play-vids.com/?geo=nl&proxy=true
Requested by
Host: kneeansweras.com
URL: https://kneeansweras.com/?r=dir&zoneid=1541501&var=1541502&pb=d7a53d1bb7d22e5df7315e46fac23a1c1638555764&psp=f8WV40hkK3Xzin9T9ptCxr5xAZXShQQPEDX1f63tNgXcD8l7NcjWWTPcPTlfB3lUgiTrTtO3N3RJVV_29NGZQJRHo7dyh0PcuCVM99w4eZRGNUvaVS0d32j72XQv7YrZytUr9bfcJSwlzESxm_8Y5vKYYHff-Dwr5q5CdPiE82JHCJBOtSk3D2F1MkV7kg7KCPBYuIBe0gpU2X_HGY-GA_yIAUitZ9lDKqe69P34o33kOHq7NSRxeM440xtUOgO5KqJqBbbNYXyyAYwwn0U8zyiOzO35audmX0Y7-1UA3OTDrzcC-oDyaAyXrxxugB5hR74nOoCkoz4-2CWqHECazEYdpJv3_a5WNeNth7FCEu2EEEQQYXPE83m8G143sGrWJw7zENx9KNSkRvXKrg-gpd2FGMZ5kR8W-sbeQufKFDh4Tp05ncFYeieOEtLekgLl9LuVQ2u2sFStTPk6KVWsHrk9fMQZDnEbEfI6teR60csAJb9Fn3U8kXzN9rsj2BhC3E2MHLjUC9ZEGJ3pXGdxcME8EWIxHSNYeSZxV72PkIoZK8ihxIaNhI24HQmGoyq475jJMp22YaIxMJ5GA9W4UKyeNV9W8uCvNl-TIs02eLgFeJcfN5Sv8zrrSqOTncE3MQilGHQDH1ryvGSRuoEWM9ujVkI8XiM2maqAJqkkwidjgmIGrUjAhQ==&nojs=0&ix=0&t=0&x=1600&y=1200&wcks=1&wgl=1&cnvs=1&os=0&md=0&bb=0&pl=Chrome%20PDF%20Plugin::Chrome%20PDF%20Viewer::Native%20Client&lang=en-US&pf=Linux%20x86_64&cd=24&0&pload=102
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
45.133.44.3 Philadelphia, United States, ASN39572 (ADVANCEDHOSTERS-AS, NL),
Reverse DNS
Software
nginx/1.18.0 /
Resource Hash
dccc56b4834577790633f041a5c730b0f283352e63c8509a9da3961b170b6f96

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36
Accept-Language
nl-NL,nl;q=0.9

Response headers

date
Fri, 03 Dec 2021 16:22:45 GMT
content-type
text/html; charset=utf-8
content-length
6611
server
nginx/1.18.0
last-modified
Tue, 26 Oct 2021 15:52:40 GMT
etag
f46a63e0e4e733d7ddc6f46da00863bf
x-timestamp
1635263559.76455
x-trans-id
txf9973ab5455e4f86ae257-00617824f3
x-openstack-request-id
txf9973ab5455e4f86ae257-00617824f3
cache-control
max-age=172800
access-control-allow-origin
*
access-control-allow-methods
HEAD,GET,POST,PUT,PATCH,DELETE,OPTIONS
access-control-allow-headers
Content-Type,X-Requested-With,X-Auth-Token,X-Openstack-Request-Id,X-Container-Meta-type,X-Container-Meta-Temp-URL-Key,Authorization
access-control-expose-headers
X-Container-Meta-Temp-Url-Key,X-Container-Bytes-Used,Last-Modified,X-Timestamp
expires
Sun, 05 Dec 2021 16:22:45 GMT
vary
Accept-Encoding
x-proxy-cache
HIT
accept-ranges
bytes
dupa.gif
kneeansweras.com/ 		0
0
script.js
123.selornews.com/dannig/common-player-arrow/ 		4 KB
5 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://123.selornews.com/dannig/common-player-arrow/script.js?a=19
Requested by
Host: 517s61.reminews.com
URL: https://517s61.reminews.com/dannig/common-player-arrow/index.html?var=1541501&ymid=2112031122e575c347bc924181b635d100ed&rc=1&mrc=0&fsc=0&zoneid=1601571&tburl=https://play-vids.com/?geo=nl&proxy=true
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
45.133.44.4 Philadelphia, United States, ASN39572 (ADVANCEDHOSTERS-AS, NL),
Reverse DNS
Software
nginx/1.18.0 /
Resource Hash
4d23eca65ee87fd5bce9aaefc863c5f836ad13dbb3069c72533bddfe2054d0d9

Request headers

Accept-Language
nl-NL,nl;q=0.9
Referer
https://517s61.reminews.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date
Fri, 03 Dec 2021 16:22:45 GMT
x-openstack-request-id
tx511d3042704c4fa98c709-00617824f4
x-trans-id
tx511d3042704c4fa98c709-00617824f4
x-timestamp
1631013005.68768
accept-ranges
bytes
expires
Sun, 05 Dec 2021 16:22:45 GMT
last-modified
Tue, 07 Sep 2021 11:10:06 GMT
server
nginx/1.18.0
etag
9d479878f1dadd7ee15cebf73891e8ae
vary
Accept-Encoding
access-control-allow-methods
HEAD,GET,POST,PUT,PATCH,DELETE,OPTIONS
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
access-control-expose-headers
X-Container-Meta-Temp-Url-Key,X-Container-Bytes-Used,Last-Modified,X-Timestamp
cache-control
max-age=172800
content-length
4281
access-control-allow-headers
Content-Type,X-Requested-With,X-Auth-Token,X-Openstack-Request-Id,X-Container-Meta-type,X-Container-Meta-Temp-URL-Key,Authorization
x-proxy-cache
HIT
icon1.png
123.selornews.com/dannig/common-player-arrow/img/ 		7 KB
8 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://123.selornews.com/dannig/common-player-arrow/img/icon1.png
Requested by
Host: 517s61.reminews.com
URL: https://517s61.reminews.com/dannig/common-player-arrow/index.html?var=1541501&ymid=2112031122e575c347bc924181b635d100ed&rc=1&mrc=0&fsc=0&zoneid=1601571&tburl=https://play-vids.com/?geo=nl&proxy=true
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
45.133.44.4 Philadelphia, United States, ASN39572 (ADVANCEDHOSTERS-AS, NL),
Reverse DNS
Software
nginx/1.18.0 /
Resource Hash

Request headers

Accept-Language
nl-NL,nl;q=0.9
Referer
https://517s61.reminews.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date
Fri, 03 Dec 2021 16:22:45 GMT
x-openstack-request-id
tx3a371b7f911d47879e956-00617824f4
x-trans-id
tx3a371b7f911d47879e956-00617824f4
x-timestamp
1621260766.56573
accept-ranges
bytes
expires
Sun, 05 Dec 2021 16:22:45 GMT
last-modified
Mon, 17 May 2021 14:12:47 GMT
server
nginx/1.18.0
etag
3d0ab5834c8bf7134e4d21fa3288317f
vary
Accept-Encoding
access-control-allow-methods
HEAD,GET,POST,PUT,PATCH,DELETE,OPTIONS
content-type
image/png
access-control-allow-origin
*
access-control-expose-headers
X-Container-Meta-Temp-Url-Key,X-Container-Bytes-Used,Last-Modified,X-Timestamp
cache-control
max-age=172800
content-length
7252
access-control-allow-headers
Content-Type,X-Requested-With,X-Auth-Token,X-Openstack-Request-Id,X-Container-Meta-type,X-Container-Meta-Temp-URL-Key,Authorization
x-proxy-cache
HIT
icon2.png
123.selornews.com/dannig/common-player-arrow/img/ 		4 KB
5 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://123.selornews.com/dannig/common-player-arrow/img/icon2.png
Requested by
Host: 517s61.reminews.com
URL: https://517s61.reminews.com/dannig/common-player-arrow/index.html?var=1541501&ymid=2112031122e575c347bc924181b635d100ed&rc=1&mrc=0&fsc=0&zoneid=1601571&tburl=https://play-vids.com/?geo=nl&proxy=true
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
45.133.44.4 Philadelphia, United States, ASN39572 (ADVANCEDHOSTERS-AS, NL),
Reverse DNS
Software
nginx/1.18.0 /
Resource Hash

Request headers

Accept-Language
nl-NL,nl;q=0.9
Referer
https://517s61.reminews.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date
Fri, 03 Dec 2021 16:22:45 GMT
x-openstack-request-id
txa9b08c83d6884e2e94886-00617824f0
x-trans-id
txa9b08c83d6884e2e94886-00617824f0
x-timestamp
1621260766.58366
accept-ranges
bytes
expires
Sun, 05 Dec 2021 16:22:45 GMT
last-modified
Mon, 17 May 2021 14:12:47 GMT
server
nginx/1.18.0
etag
c947d439eb93367f1af5b2a3d222f057
vary
Accept-Encoding
access-control-allow-methods
HEAD,GET,POST,PUT,PATCH,DELETE,OPTIONS
content-type
image/png
access-control-allow-origin
*
access-control-expose-headers
X-Container-Meta-Temp-Url-Key,X-Container-Bytes-Used,Last-Modified,X-Timestamp
cache-control
max-age=172800
content-length
4576
access-control-allow-headers
Content-Type,X-Requested-With,X-Auth-Token,X-Openstack-Request-Id,X-Container-Meta-type,X-Container-Meta-Temp-URL-Key,Authorization
x-proxy-cache
HIT
icon3.png
123.selornews.com/dannig/common-player-arrow/img/ 		8 KB
8 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://123.selornews.com/dannig/common-player-arrow/img/icon3.png
Requested by
Host: 517s61.reminews.com
URL: https://517s61.reminews.com/dannig/common-player-arrow/index.html?var=1541501&ymid=2112031122e575c347bc924181b635d100ed&rc=1&mrc=0&fsc=0&zoneid=1601571&tburl=https://play-vids.com/?geo=nl&proxy=true
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
45.133.44.4 Philadelphia, United States, ASN39572 (ADVANCEDHOSTERS-AS, NL),
Reverse DNS
Software
nginx/1.18.0 /
Resource Hash

Request headers

Accept-Language
nl-NL,nl;q=0.9
Referer
https://517s61.reminews.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date
Fri, 03 Dec 2021 16:22:45 GMT
x-openstack-request-id
txe836bc800dc74cab8c17e-00617824f0
x-trans-id
txe836bc800dc74cab8c17e-00617824f0
x-timestamp
1621260770.61859
accept-ranges
bytes
expires
Sun, 05 Dec 2021 16:22:45 GMT
last-modified
Mon, 17 May 2021 14:12:51 GMT
server
nginx/1.18.0
etag
8f3cc830da0b1fdf66bda7d1d734747b
vary
Accept-Encoding
access-control-allow-methods
HEAD,GET,POST,PUT,PATCH,DELETE,OPTIONS
content-type
image/png
access-control-allow-origin
*
access-control-expose-headers
X-Container-Meta-Temp-Url-Key,X-Container-Bytes-Used,Last-Modified,X-Timestamp
cache-control
max-age=172800
content-length
7847
access-control-allow-headers
Content-Type,X-Requested-With,X-Auth-Token,X-Openstack-Request-Id,X-Container-Meta-type,X-Container-Meta-Temp-URL-Key,Authorization
x-proxy-cache
HIT
icon4.png
123.selornews.com/dannig/common-player-arrow/img/ 		7 KB
7 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://123.selornews.com/dannig/common-player-arrow/img/icon4.png
Requested by
Host: 517s61.reminews.com
URL: https://517s61.reminews.com/dannig/common-player-arrow/index.html?var=1541501&ymid=2112031122e575c347bc924181b635d100ed&rc=1&mrc=0&fsc=0&zoneid=1601571&tburl=https://play-vids.com/?geo=nl&proxy=true
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
45.133.44.4 Philadelphia, United States, ASN39572 (ADVANCEDHOSTERS-AS, NL),
Reverse DNS
Software
nginx/1.18.0 /
Resource Hash

Request headers

Accept-Language
nl-NL,nl;q=0.9
Referer
https://517s61.reminews.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date
Fri, 03 Dec 2021 16:22:45 GMT
x-openstack-request-id
tx15b172dcb6084849bf123-00617824f0
x-trans-id
tx15b172dcb6084849bf123-00617824f0
x-timestamp
1621260766.57654
accept-ranges
bytes
expires
Sun, 05 Dec 2021 16:22:45 GMT
last-modified
Mon, 17 May 2021 14:12:47 GMT
server
nginx/1.18.0
etag
7ad7f32c1c0df7b4975cc41bda4ac435
vary
Accept-Encoding
access-control-allow-methods
HEAD,GET,POST,PUT,PATCH,DELETE,OPTIONS
content-type
image/png
access-control-allow-origin
*
access-control-expose-headers
X-Container-Meta-Temp-Url-Key,X-Container-Bytes-Used,Last-Modified,X-Timestamp
cache-control
max-age=172800
content-length
7032
access-control-allow-headers
Content-Type,X-Requested-With,X-Auth-Token,X-Openstack-Request-Id,X-Container-Meta-type,X-Container-Meta-Temp-URL-Key,Authorization
x-proxy-cache
HIT
icon5.png
123.selornews.com/dannig/common-player-arrow/img/ 		3 KB
4 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://123.selornews.com/dannig/common-player-arrow/img/icon5.png
Requested by
Host: 517s61.reminews.com
URL: https://517s61.reminews.com/dannig/common-player-arrow/index.html?var=1541501&ymid=2112031122e575c347bc924181b635d100ed&rc=1&mrc=0&fsc=0&zoneid=1601571&tburl=https://play-vids.com/?geo=nl&proxy=true
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
45.133.44.4 Philadelphia, United States, ASN39572 (ADVANCEDHOSTERS-AS, NL),
Reverse DNS
Software
nginx/1.18.0 /
Resource Hash

Request headers

Accept-Language
nl-NL,nl;q=0.9
Referer
https://517s61.reminews.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date
Fri, 03 Dec 2021 16:22:45 GMT
x-openstack-request-id
txb5043e51fe2e4d6988631-00617824f0
x-trans-id
txb5043e51fe2e4d6988631-00617824f0
x-timestamp
1621260766.74516
accept-ranges
bytes
expires
Sun, 05 Dec 2021 16:22:45 GMT
last-modified
Mon, 17 May 2021 14:12:47 GMT
server
nginx/1.18.0
etag
1e1a7582b5da63e10485d63f97abc9a0
vary
Accept-Encoding
access-control-allow-methods
HEAD,GET,POST,PUT,PATCH,DELETE,OPTIONS
content-type
image/png
access-control-allow-origin
*
access-control-expose-headers
X-Container-Meta-Temp-Url-Key,X-Container-Bytes-Used,Last-Modified,X-Timestamp
cache-control
max-age=172800
content-length
3264
access-control-allow-headers
Content-Type,X-Requested-With,X-Auth-Token,X-Openstack-Request-Id,X-Container-Meta-type,X-Container-Meta-Temp-URL-Key,Authorization
x-proxy-cache
HIT
icon7.png
123.selornews.com/dannig/common-player-arrow/img/ 		3 KB
4 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://123.selornews.com/dannig/common-player-arrow/img/icon7.png
Requested by
Host: 517s61.reminews.com
URL: https://517s61.reminews.com/dannig/common-player-arrow/index.html?var=1541501&ymid=2112031122e575c347bc924181b635d100ed&rc=1&mrc=0&fsc=0&zoneid=1601571&tburl=https://play-vids.com/?geo=nl&proxy=true
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
45.133.44.4 Philadelphia, United States, ASN39572 (ADVANCEDHOSTERS-AS, NL),
Reverse DNS
Software
nginx/1.18.0 /
Resource Hash

Request headers

Accept-Language
nl-NL,nl;q=0.9
Referer
https://517s61.reminews.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date
Fri, 03 Dec 2021 16:22:45 GMT
x-openstack-request-id
tx23eb648f44094a9e86fdc-00617824f0
x-trans-id
tx23eb648f44094a9e86fdc-00617824f0
x-timestamp
1621260767.43555
accept-ranges
bytes
expires
Sun, 05 Dec 2021 16:22:45 GMT
last-modified
Mon, 17 May 2021 14:12:48 GMT
server
nginx/1.18.0
etag
b512735542cb07b3b2dcf153a7dfe456
vary
Accept-Encoding
access-control-allow-methods
HEAD,GET,POST,PUT,PATCH,DELETE,OPTIONS
content-type
image/png
access-control-allow-origin
*
access-control-expose-headers
X-Container-Meta-Temp-Url-Key,X-Container-Bytes-Used,Last-Modified,X-Timestamp
cache-control
max-age=172800
content-length
3283
access-control-allow-headers
Content-Type,X-Requested-With,X-Auth-Token,X-Openstack-Request-Id,X-Container-Meta-type,X-Container-Meta-Temp-URL-Key,Authorization
x-proxy-cache
HIT
icon8.png
123.selornews.com/dannig/common-player-arrow/img/ 		4 KB
5 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://123.selornews.com/dannig/common-player-arrow/img/icon8.png
Requested by
Host: 517s61.reminews.com
URL: https://517s61.reminews.com/dannig/common-player-arrow/index.html?var=1541501&ymid=2112031122e575c347bc924181b635d100ed&rc=1&mrc=0&fsc=0&zoneid=1601571&tburl=https://play-vids.com/?geo=nl&proxy=true
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
45.133.44.4 Philadelphia, United States, ASN39572 (ADVANCEDHOSTERS-AS, NL),
Reverse DNS
Software
nginx/1.18.0 /
Resource Hash

Request headers

Accept-Language
nl-NL,nl;q=0.9
Referer
https://517s61.reminews.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date
Fri, 03 Dec 2021 16:22:45 GMT
x-openstack-request-id
tx287de7c84de84b77b385d-00617824f0
x-trans-id
tx287de7c84de84b77b385d-00617824f0
x-timestamp
1621260767.46514
accept-ranges
bytes
expires
Sun, 05 Dec 2021 16:22:45 GMT
last-modified
Mon, 17 May 2021 14:12:48 GMT
server
nginx/1.18.0
etag
f92d6474ebc6a3a0b576749cfb4afe98
vary
Accept-Encoding
access-control-allow-methods
HEAD,GET,POST,PUT,PATCH,DELETE,OPTIONS
content-type
image/png
access-control-allow-origin
*
access-control-expose-headers
X-Container-Meta-Temp-Url-Key,X-Container-Bytes-Used,Last-Modified,X-Timestamp
cache-control
max-age=172800
content-length
4064
access-control-allow-headers
Content-Type,X-Requested-With,X-Auth-Token,X-Openstack-Request-Id,X-Container-Meta-type,X-Container-Meta-Temp-URL-Key,Authorization
x-proxy-cache
HIT
afu.php
kneeansweras.com/ 		2 KB
1 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://kneeansweras.com/afu.php?zoneid=1541502&var=1541501
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
109.206.162.83 , Netherlands, ASN50245 (SERVEREL-AS, NL),
Reverse DNS
83.162.serverel.net
Software
nginx /
Resource Hash
cc712ec54c0f97ac1ff152febf2a77c1e86c5cded5a8c6d38ebffb84f7aaf375

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36
Accept-Language
nl-NL,nl;q=0.9

Response headers

server
nginx
date
Fri, 03 Dec 2021 16:22:45 GMT
content-type
text/html; charset=utf-8
vary
Accept-Encoding
content-encoding
gzip
timing-allow-origin
*
submit.min.js
kneeansweras.com/ 		34 KB
14 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://kneeansweras.com/submit.min.js?2.0
Requested by
Host: kneeansweras.com
URL: https://kneeansweras.com/afu.php?zoneid=1541502&var=1541501
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
109.206.162.83 , Netherlands, ASN50245 (SERVEREL-AS, NL),
Reverse DNS
83.162.serverel.net
Software
nginx /
Resource Hash
85a367f436675a0f9ff723ab117c68ab0f704cd9f183bc40c8d5e06d647832b8

Request headers

Accept-Language
nl-NL,nl;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date
Fri, 03 Dec 2021 16:22:45 GMT
content-encoding
gzip
last-modified
Thu, 02 Dec 2021 12:43:17 GMT
server
nginx
etag
W/"61a8bf65-87fb"
vary
Accept-Encoding
content-type
application/javascript
timing-allow-origin
*
/
kneeansweras.com/ 		3 KB
2 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://kneeansweras.com/?r=dir&zoneid=1541502&var=1541501&pb=fdeb0896f6f745991ce0d467973311521638555765&psp=hVRY7bVos7UXqwGQ-YYmsa0hiH2SUJqRCQTcJR1_Gcp03ixYgvMN8PsUuGzmObIVCLHC-F03XRidAou6Hej3JwutDXNuvKK-J3oGihErqU7DaobgHPXHFuCHFK7qmkmd7JAVGbn6hrsudGUTTowV6Zh4g--mWVlyxEl_f1o4Ih_26H7cNFiP1E4olUPD22WYG-DySU9GksEyIc1n_7OOn2ZkYVebvbHYhC92wDUK5HbCSw4Q0FRaiPwZyQb0a3qboroKhkUVv8InGIAM5D0BFVHHtJe5KMB5tDLGoJLF7PTJr5f3VuoEHTpYPZIOKaxTXeF3W79RZAnPTjPMhVSsqhRiPmUzZZ_Eu8lUHcoYZlsjZGbeYkxB5fnFEcyewEyqIBPHgT0yE21VbGfbdN-oPCtfzkwwUvcpvg49L8NZ-CBl2LVRTIy19keWVkRSWOF-6XjR6bRcv6AJeiUgchFjWVZy6N2ggLy7VHhmUoLBwmTB4vPR-WBKYF2U_63W_VIOq6KsnHdu9Az7LXz5eZHZuGwkP9y7vCpCP8lZe3K-aH43TQJZBps1UsXdv6uTSHCIHGOkadiqH6uTs4klvx0HJ5CkGp-Gstgda5H2Z-8qMaHJHJU7NS_VW7jYuAalkhfTZOeKXXtTQ1ca3Vcpsct5LtpUBLm6yEPgLlPu5YRFIsVKmmz05m8ogQ==&nojs=0&ix=0&t=0&x=1600&y=1200&wcks=1&wgl=1&cnvs=1&os=0&md=0&bb=0&pl=Chrome%20PDF%20Plugin::Chrome%20PDF%20Viewer::Native%20Client&lang=en-US&pf=Linux%20x86_64&cd=24&0&pload=101
Requested by
Host: kneeansweras.com
URL: https://kneeansweras.com/submit.min.js?2.0
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
109.206.162.83 , Netherlands, ASN50245 (SERVEREL-AS, NL),
Reverse DNS
83.162.serverel.net
Software
nginx /
Resource Hash
5c62f468cb101044e88b66c81e8345ad68dfa96b65dc3d5d55fb83d8c7b9bd9b

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36
Accept-Language
nl-NL,nl;q=0.9

Response headers

server
nginx
date
Fri, 03 Dec 2021 16:22:45 GMT
content-type
text/html; charset=utf-8
vary
Accept-Encoding
content-encoding
gzip
timing-allow-origin
*
index.html
517s61.reminews.com/dannig/common-player-arrow/ 		6 KB
7 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://517s61.reminews.com/dannig/common-player-arrow/index.html?var=1541502&ymid=2112031122ed21e8884c1145a5ad3ab7bd0a&rc=1&mrc=0&fsc=0&zoneid=1601571&tburl=https://play-vids.com/?geo=nl&proxy=true
Requested by
Host: kneeansweras.com
URL: https://kneeansweras.com/?r=dir&zoneid=1541502&var=1541501&pb=fdeb0896f6f745991ce0d467973311521638555765&psp=hVRY7bVos7UXqwGQ-YYmsa0hiH2SUJqRCQTcJR1_Gcp03ixYgvMN8PsUuGzmObIVCLHC-F03XRidAou6Hej3JwutDXNuvKK-J3oGihErqU7DaobgHPXHFuCHFK7qmkmd7JAVGbn6hrsudGUTTowV6Zh4g--mWVlyxEl_f1o4Ih_26H7cNFiP1E4olUPD22WYG-DySU9GksEyIc1n_7OOn2ZkYVebvbHYhC92wDUK5HbCSw4Q0FRaiPwZyQb0a3qboroKhkUVv8InGIAM5D0BFVHHtJe5KMB5tDLGoJLF7PTJr5f3VuoEHTpYPZIOKaxTXeF3W79RZAnPTjPMhVSsqhRiPmUzZZ_Eu8lUHcoYZlsjZGbeYkxB5fnFEcyewEyqIBPHgT0yE21VbGfbdN-oPCtfzkwwUvcpvg49L8NZ-CBl2LVRTIy19keWVkRSWOF-6XjR6bRcv6AJeiUgchFjWVZy6N2ggLy7VHhmUoLBwmTB4vPR-WBKYF2U_63W_VIOq6KsnHdu9Az7LXz5eZHZuGwkP9y7vCpCP8lZe3K-aH43TQJZBps1UsXdv6uTSHCIHGOkadiqH6uTs4klvx0HJ5CkGp-Gstgda5H2Z-8qMaHJHJU7NS_VW7jYuAalkhfTZOeKXXtTQ1ca3Vcpsct5LtpUBLm6yEPgLlPu5YRFIsVKmmz05m8ogQ==&nojs=0&ix=0&t=0&x=1600&y=1200&wcks=1&wgl=1&cnvs=1&os=0&md=0&bb=0&pl=Chrome%20PDF%20Plugin::Chrome%20PDF%20Viewer::Native%20Client&lang=en-US&pf=Linux%20x86_64&cd=24&0&pload=101
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
45.133.44.3 Philadelphia, United States, ASN39572 (ADVANCEDHOSTERS-AS, NL),
Reverse DNS
Software
nginx/1.18.0 /
Resource Hash
dccc56b4834577790633f041a5c730b0f283352e63c8509a9da3961b170b6f96

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36
Accept-Language
nl-NL,nl;q=0.9

Response headers

date
Fri, 03 Dec 2021 16:22:45 GMT
content-type
text/html; charset=utf-8
content-length
6611
server
nginx/1.18.0
last-modified
Tue, 26 Oct 2021 15:52:40 GMT
etag
f46a63e0e4e733d7ddc6f46da00863bf
x-timestamp
1635263559.76455
x-trans-id
txf9973ab5455e4f86ae257-00617824f3
x-openstack-request-id
txf9973ab5455e4f86ae257-00617824f3
cache-control
max-age=172800
access-control-allow-origin
*
access-control-allow-methods
HEAD,GET,POST,PUT,PATCH,DELETE,OPTIONS
access-control-allow-headers
Content-Type,X-Requested-With,X-Auth-Token,X-Openstack-Request-Id,X-Container-Meta-type,X-Container-Meta-Temp-URL-Key,Authorization
access-control-expose-headers
X-Container-Meta-Temp-Url-Key,X-Container-Bytes-Used,Last-Modified,X-Timestamp
expires
Sun, 05 Dec 2021 16:22:45 GMT
vary
Accept-Encoding
x-proxy-cache
HIT
accept-ranges
bytes
dupa.gif
kneeansweras.com/ 		0
0
script.js
123.selornews.com/dannig/common-player-arrow/ 		4 KB
5 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://123.selornews.com/dannig/common-player-arrow/script.js?a=19
Requested by
Host: 517s61.reminews.com
URL: https://517s61.reminews.com/dannig/common-player-arrow/index.html?var=1541502&ymid=2112031122ed21e8884c1145a5ad3ab7bd0a&rc=1&mrc=0&fsc=0&zoneid=1601571&tburl=https://play-vids.com/?geo=nl&proxy=true
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
45.133.44.4 Philadelphia, United States, ASN39572 (ADVANCEDHOSTERS-AS, NL),
Reverse DNS
Software
nginx/1.18.0 /
Resource Hash
4d23eca65ee87fd5bce9aaefc863c5f836ad13dbb3069c72533bddfe2054d0d9

Request headers

Accept-Language
nl-NL,nl;q=0.9
Referer
https://517s61.reminews.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date
Fri, 03 Dec 2021 16:22:45 GMT
x-openstack-request-id
tx511d3042704c4fa98c709-00617824f4
x-trans-id
tx511d3042704c4fa98c709-00617824f4
x-timestamp
1631013005.68768
accept-ranges
bytes
expires
Sun, 05 Dec 2021 16:22:45 GMT
last-modified
Tue, 07 Sep 2021 11:10:06 GMT
server
nginx/1.18.0
etag
9d479878f1dadd7ee15cebf73891e8ae
vary
Accept-Encoding
access-control-allow-methods
HEAD,GET,POST,PUT,PATCH,DELETE,OPTIONS
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
access-control-expose-headers
X-Container-Meta-Temp-Url-Key,X-Container-Bytes-Used,Last-Modified,X-Timestamp
cache-control
max-age=172800
content-length
4281
access-control-allow-headers
Content-Type,X-Requested-With,X-Auth-Token,X-Openstack-Request-Id,X-Container-Meta-type,X-Container-Meta-Temp-URL-Key,Authorization
x-proxy-cache
HIT
icon1.png
123.selornews.com/dannig/common-player-arrow/img/ 		7 KB
8 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://123.selornews.com/dannig/common-player-arrow/img/icon1.png
Requested by
Host: 517s61.reminews.com
URL: https://517s61.reminews.com/dannig/common-player-arrow/index.html?var=1541502&ymid=2112031122ed21e8884c1145a5ad3ab7bd0a&rc=1&mrc=0&fsc=0&zoneid=1601571&tburl=https://play-vids.com/?geo=nl&proxy=true
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
45.133.44.4 Philadelphia, United States, ASN39572 (ADVANCEDHOSTERS-AS, NL),
Reverse DNS
Software
nginx/1.18.0 /
Resource Hash

Request headers

Accept-Language
nl-NL,nl;q=0.9
Referer
https://517s61.reminews.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date
Fri, 03 Dec 2021 16:22:45 GMT
x-openstack-request-id
tx3a371b7f911d47879e956-00617824f4
x-trans-id
tx3a371b7f911d47879e956-00617824f4
x-timestamp
1621260766.56573
accept-ranges
bytes
expires
Sun, 05 Dec 2021 16:22:45 GMT
last-modified
Mon, 17 May 2021 14:12:47 GMT
server
nginx/1.18.0
etag
3d0ab5834c8bf7134e4d21fa3288317f
vary
Accept-Encoding
access-control-allow-methods
HEAD,GET,POST,PUT,PATCH,DELETE,OPTIONS
content-type
image/png
access-control-allow-origin
*
access-control-expose-headers
X-Container-Meta-Temp-Url-Key,X-Container-Bytes-Used,Last-Modified,X-Timestamp
cache-control
max-age=172800
content-length
7252
access-control-allow-headers
Content-Type,X-Requested-With,X-Auth-Token,X-Openstack-Request-Id,X-Container-Meta-type,X-Container-Meta-Temp-URL-Key,Authorization
x-proxy-cache
HIT
icon2.png
123.selornews.com/dannig/common-player-arrow/img/ 		4 KB
5 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://123.selornews.com/dannig/common-player-arrow/img/icon2.png
Requested by
Host: 517s61.reminews.com
URL: https://517s61.reminews.com/dannig/common-player-arrow/index.html?var=1541502&ymid=2112031122ed21e8884c1145a5ad3ab7bd0a&rc=1&mrc=0&fsc=0&zoneid=1601571&tburl=https://play-vids.com/?geo=nl&proxy=true
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
45.133.44.4 Philadelphia, United States, ASN39572 (ADVANCEDHOSTERS-AS, NL),
Reverse DNS
Software
nginx/1.18.0 /
Resource Hash

Request headers

Accept-Language
nl-NL,nl;q=0.9
Referer
https://517s61.reminews.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date
Fri, 03 Dec 2021 16:22:45 GMT
x-openstack-request-id
txa9b08c83d6884e2e94886-00617824f0
x-trans-id
txa9b08c83d6884e2e94886-00617824f0
x-timestamp
1621260766.58366
accept-ranges
bytes
expires
Sun, 05 Dec 2021 16:22:45 GMT
last-modified
Mon, 17 May 2021 14:12:47 GMT
server
nginx/1.18.0
etag
c947d439eb93367f1af5b2a3d222f057
vary
Accept-Encoding
access-control-allow-methods
HEAD,GET,POST,PUT,PATCH,DELETE,OPTIONS
content-type
image/png
access-control-allow-origin
*
access-control-expose-headers
X-Container-Meta-Temp-Url-Key,X-Container-Bytes-Used,Last-Modified,X-Timestamp
cache-control
max-age=172800
content-length
4576
access-control-allow-headers
Content-Type,X-Requested-With,X-Auth-Token,X-Openstack-Request-Id,X-Container-Meta-type,X-Container-Meta-Temp-URL-Key,Authorization
x-proxy-cache
HIT
icon3.png
123.selornews.com/dannig/common-player-arrow/img/ 		8 KB
8 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://123.selornews.com/dannig/common-player-arrow/img/icon3.png
Requested by
Host: 517s61.reminews.com
URL: https://517s61.reminews.com/dannig/common-player-arrow/index.html?var=1541502&ymid=2112031122ed21e8884c1145a5ad3ab7bd0a&rc=1&mrc=0&fsc=0&zoneid=1601571&tburl=https://play-vids.com/?geo=nl&proxy=true
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
45.133.44.4 Philadelphia, United States, ASN39572 (ADVANCEDHOSTERS-AS, NL),
Reverse DNS
Software
nginx/1.18.0 /
Resource Hash

Request headers

Accept-Language
nl-NL,nl;q=0.9
Referer
https://517s61.reminews.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date
Fri, 03 Dec 2021 16:22:45 GMT
x-openstack-request-id
txe836bc800dc74cab8c17e-00617824f0
x-trans-id
txe836bc800dc74cab8c17e-00617824f0
x-timestamp
1621260770.61859
accept-ranges
bytes
expires
Sun, 05 Dec 2021 16:22:45 GMT
last-modified
Mon, 17 May 2021 14:12:51 GMT
server
nginx/1.18.0
etag
8f3cc830da0b1fdf66bda7d1d734747b
vary
Accept-Encoding
access-control-allow-methods
HEAD,GET,POST,PUT,PATCH,DELETE,OPTIONS
content-type
image/png
access-control-allow-origin
*
access-control-expose-headers
X-Container-Meta-Temp-Url-Key,X-Container-Bytes-Used,Last-Modified,X-Timestamp
cache-control
max-age=172800
content-length
7847
access-control-allow-headers
Content-Type,X-Requested-With,X-Auth-Token,X-Openstack-Request-Id,X-Container-Meta-type,X-Container-Meta-Temp-URL-Key,Authorization
x-proxy-cache
HIT
icon4.png
123.selornews.com/dannig/common-player-arrow/img/ 		7 KB
7 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://123.selornews.com/dannig/common-player-arrow/img/icon4.png
Requested by
Host: 517s61.reminews.com
URL: https://517s61.reminews.com/dannig/common-player-arrow/index.html?var=1541502&ymid=2112031122ed21e8884c1145a5ad3ab7bd0a&rc=1&mrc=0&fsc=0&zoneid=1601571&tburl=https://play-vids.com/?geo=nl&proxy=true
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
45.133.44.4 Philadelphia, United States, ASN39572 (ADVANCEDHOSTERS-AS, NL),
Reverse DNS
Software
nginx/1.18.0 /
Resource Hash

Request headers

Accept-Language
nl-NL,nl;q=0.9
Referer
https://517s61.reminews.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date
Fri, 03 Dec 2021 16:22:45 GMT
x-openstack-request-id
tx15b172dcb6084849bf123-00617824f0
x-trans-id
tx15b172dcb6084849bf123-00617824f0
x-timestamp
1621260766.57654
accept-ranges
bytes
expires
Sun, 05 Dec 2021 16:22:45 GMT
last-modified
Mon, 17 May 2021 14:12:47 GMT
server
nginx/1.18.0
etag
7ad7f32c1c0df7b4975cc41bda4ac435
vary
Accept-Encoding
access-control-allow-methods
HEAD,GET,POST,PUT,PATCH,DELETE,OPTIONS
content-type
image/png
access-control-allow-origin
*
access-control-expose-headers
X-Container-Meta-Temp-Url-Key,X-Container-Bytes-Used,Last-Modified,X-Timestamp
cache-control
max-age=172800
content-length
7032
access-control-allow-headers
Content-Type,X-Requested-With,X-Auth-Token,X-Openstack-Request-Id,X-Container-Meta-type,X-Container-Meta-Temp-URL-Key,Authorization
x-proxy-cache
HIT
icon5.png
123.selornews.com/dannig/common-player-arrow/img/ 		3 KB
4 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://123.selornews.com/dannig/common-player-arrow/img/icon5.png
Requested by
Host: 517s61.reminews.com
URL: https://517s61.reminews.com/dannig/common-player-arrow/index.html?var=1541502&ymid=2112031122ed21e8884c1145a5ad3ab7bd0a&rc=1&mrc=0&fsc=0&zoneid=1601571&tburl=https://play-vids.com/?geo=nl&proxy=true
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
45.133.44.4 Philadelphia, United States, ASN39572 (ADVANCEDHOSTERS-AS, NL),
Reverse DNS
Software
nginx/1.18.0 /
Resource Hash

Request headers

Accept-Language
nl-NL,nl;q=0.9
Referer
https://517s61.reminews.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date
Fri, 03 Dec 2021 16:22:45 GMT
x-openstack-request-id
txb5043e51fe2e4d6988631-00617824f0
x-trans-id
txb5043e51fe2e4d6988631-00617824f0
x-timestamp
1621260766.74516
accept-ranges
bytes
expires
Sun, 05 Dec 2021 16:22:45 GMT
last-modified
Mon, 17 May 2021 14:12:47 GMT
server
nginx/1.18.0
etag
1e1a7582b5da63e10485d63f97abc9a0
vary
Accept-Encoding
access-control-allow-methods
HEAD,GET,POST,PUT,PATCH,DELETE,OPTIONS
content-type
image/png
access-control-allow-origin
*
access-control-expose-headers
X-Container-Meta-Temp-Url-Key,X-Container-Bytes-Used,Last-Modified,X-Timestamp
cache-control
max-age=172800
content-length
3264
access-control-allow-headers
Content-Type,X-Requested-With,X-Auth-Token,X-Openstack-Request-Id,X-Container-Meta-type,X-Container-Meta-Temp-URL-Key,Authorization
x-proxy-cache
HIT
icon7.png
123.selornews.com/dannig/common-player-arrow/img/ 		3 KB
4 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://123.selornews.com/dannig/common-player-arrow/img/icon7.png
Requested by
Host: 517s61.reminews.com
URL: https://517s61.reminews.com/dannig/common-player-arrow/index.html?var=1541502&ymid=2112031122ed21e8884c1145a5ad3ab7bd0a&rc=1&mrc=0&fsc=0&zoneid=1601571&tburl=https://play-vids.com/?geo=nl&proxy=true
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
45.133.44.4 Philadelphia, United States, ASN39572 (ADVANCEDHOSTERS-AS, NL),
Reverse DNS
Software
nginx/1.18.0 /
Resource Hash

Request headers

Accept-Language
nl-NL,nl;q=0.9
Referer
https://517s61.reminews.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date
Fri, 03 Dec 2021 16:22:45 GMT
x-openstack-request-id
tx23eb648f44094a9e86fdc-00617824f0
x-trans-id
tx23eb648f44094a9e86fdc-00617824f0
x-timestamp
1621260767.43555
accept-ranges
bytes
expires
Sun, 05 Dec 2021 16:22:45 GMT
last-modified
Mon, 17 May 2021 14:12:48 GMT
server
nginx/1.18.0
etag
b512735542cb07b3b2dcf153a7dfe456
vary
Accept-Encoding
access-control-allow-methods
HEAD,GET,POST,PUT,PATCH,DELETE,OPTIONS
content-type
image/png
access-control-allow-origin
*
access-control-expose-headers
X-Container-Meta-Temp-Url-Key,X-Container-Bytes-Used,Last-Modified,X-Timestamp
cache-control
max-age=172800
content-length
3283
access-control-allow-headers
Content-Type,X-Requested-With,X-Auth-Token,X-Openstack-Request-Id,X-Container-Meta-type,X-Container-Meta-Temp-URL-Key,Authorization
x-proxy-cache
HIT
icon8.png
123.selornews.com/dannig/common-player-arrow/img/ 		4 KB
5 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://123.selornews.com/dannig/common-player-arrow/img/icon8.png
Requested by
Host: 517s61.reminews.com
URL: https://517s61.reminews.com/dannig/common-player-arrow/index.html?var=1541502&ymid=2112031122ed21e8884c1145a5ad3ab7bd0a&rc=1&mrc=0&fsc=0&zoneid=1601571&tburl=https://play-vids.com/?geo=nl&proxy=true
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
45.133.44.4 Philadelphia, United States, ASN39572 (ADVANCEDHOSTERS-AS, NL),
Reverse DNS
Software
nginx/1.18.0 /
Resource Hash

Request headers

Accept-Language
nl-NL,nl;q=0.9
Referer
https://517s61.reminews.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date
Fri, 03 Dec 2021 16:22:45 GMT
x-openstack-request-id
tx287de7c84de84b77b385d-00617824f0
x-trans-id
tx287de7c84de84b77b385d-00617824f0
x-timestamp
1621260767.46514
accept-ranges
bytes
expires
Sun, 05 Dec 2021 16:22:45 GMT
last-modified
Mon, 17 May 2021 14:12:48 GMT
server
nginx/1.18.0
etag
f92d6474ebc6a3a0b576749cfb4afe98
vary
Accept-Encoding
access-control-allow-methods
HEAD,GET,POST,PUT,PATCH,DELETE,OPTIONS
content-type
image/png
access-control-allow-origin
*
access-control-expose-headers
X-Container-Meta-Temp-Url-Key,X-Container-Bytes-Used,Last-Modified,X-Timestamp
cache-control
max-age=172800
content-length
4064
access-control-allow-headers
Content-Type,X-Requested-With,X-Auth-Token,X-Openstack-Request-Id,X-Container-Meta-type,X-Container-Meta-Temp-URL-Key,Authorization
x-proxy-cache
HIT
afu.php
kneeansweras.com/ 		2 KB
1 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://kneeansweras.com/afu.php?zoneid=1541501&var=1541502
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
109.206.162.83 , Netherlands, ASN50245 (SERVEREL-AS, NL),
Reverse DNS
83.162.serverel.net
Software
nginx /
Resource Hash
acfc0aedcf699b4c4c78893b0da27d16fab585a6fb295a8aabc4a4e7a1a6adbc

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36
Accept-Language
nl-NL,nl;q=0.9

Response headers

server
nginx
date
Fri, 03 Dec 2021 16:22:45 GMT
content-type
text/html; charset=utf-8
vary
Accept-Encoding
content-encoding
gzip
timing-allow-origin
*
submit.min.js
kneeansweras.com/ 		34 KB
14 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://kneeansweras.com/submit.min.js?2.0
Requested by
Host: kneeansweras.com
URL: https://kneeansweras.com/afu.php?zoneid=1541501&var=1541502
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
109.206.162.83 , Netherlands, ASN50245 (SERVEREL-AS, NL),
Reverse DNS
83.162.serverel.net
Software
nginx /
Resource Hash
85a367f436675a0f9ff723ab117c68ab0f704cd9f183bc40c8d5e06d647832b8

Request headers

Accept-Language
nl-NL,nl;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date
Fri, 03 Dec 2021 16:22:45 GMT
content-encoding
gzip
last-modified
Thu, 02 Dec 2021 12:43:17 GMT
server
nginx
etag
W/"61a8bf65-87fb"
vary
Accept-Encoding
content-type
application/javascript
timing-allow-origin
*
/
kneeansweras.com/ 		3 KB
2 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://kneeansweras.com/?r=dir&zoneid=1541501&var=1541502&pb=fdeb0896f6f745991ce0d467973311521638555765&psp=kmIbzkxiM2Se0b9tVdn5n8nEP6bXqXqNxhDPf3iH6L2_ix5xybFjTI0DOgASKfXy9cpLAGif_U1FKAZcYj3WLiE6nEoax4dkCchU8O8H6rFjxI3IWOIYi6t4yFUq8j2viDRuMlmhLWfBGErnJkWC49OG5nMG83fmUYnQ5nKCywdrlv89KHHKtaNSwiAWCYnuetYCa0YwC8PemWzzSncrUE9k-vi4sFVg6ByjDK6AMO2bGRT2GLguanE88BI8FpjwWMGL1a-oblCoK0rlAW1iJzUIxWMRDtI7L6N6Eqymn-Ysw-diYVazqDRtRwjYSO8UwMMsAEyhcPuEocuDC5WCjyTevY_KXSinQ6BHgjhv--8sdYOQ3wGqSHZkpv6WCR5Cqicml9WM_9DE6A0v6JgNMmVBNkyCLQ0hIroAoWvfxwq0DNaWsO2feeHmRj6rXfptmG_7kpaI5GEsxC51Hqt3Pu8hbjyKlydlXnTCd7U3z101DznwIUQfthcURjR-gWFdIkZALX_97CmsGbZtFQhBL8cILd24hhO5v2R_o_KXtzgyQyFj6ipnYwiNq75M67PlUHSi_OuR-Iwm9sdr2e7jtE4dquFshpg4OYUHk0p7Zgn3GdAZsj0txZvGmZq1GhrKsAAEifMzZL31GSvi3Zh4ybflMS5i_a1Ix74OdrTrl1C45T-4PnIlkQ==&nojs=0&ix=0&t=0&x=1600&y=1200&wcks=1&wgl=1&cnvs=1&os=0&md=0&bb=0&pl=Chrome%20PDF%20Plugin::Chrome%20PDF%20Viewer::Native%20Client&lang=en-US&pf=Linux%20x86_64&cd=24&0&pload=110
Requested by
Host: kneeansweras.com
URL: https://kneeansweras.com/submit.min.js?2.0
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
109.206.162.83 , Netherlands, ASN50245 (SERVEREL-AS, NL),
Reverse DNS
83.162.serverel.net
Software
nginx /
Resource Hash
9219323db8757aefacb3f274eb5755b9c2b17a8c11c8e53583d7f9cd7330baa0

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36
Accept-Language
nl-NL,nl;q=0.9

Response headers

server
nginx
date
Fri, 03 Dec 2021 16:22:45 GMT
content-type
text/html; charset=utf-8
vary
Accept-Encoding
content-encoding
gzip
timing-allow-origin
*
index.html
517s61.reminews.com/dannig/common-player-arrow/ 		6 KB
7 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://517s61.reminews.com/dannig/common-player-arrow/index.html?var=1541501&ymid=2112031122612a9369971443ffad339ac0a3&rc=1&mrc=0&fsc=0&zoneid=1601571&tburl=https://play-vids.com/?geo=nl&proxy=true
Requested by
Host: kneeansweras.com
URL: https://kneeansweras.com/?r=dir&zoneid=1541501&var=1541502&pb=fdeb0896f6f745991ce0d467973311521638555765&psp=kmIbzkxiM2Se0b9tVdn5n8nEP6bXqXqNxhDPf3iH6L2_ix5xybFjTI0DOgASKfXy9cpLAGif_U1FKAZcYj3WLiE6nEoax4dkCchU8O8H6rFjxI3IWOIYi6t4yFUq8j2viDRuMlmhLWfBGErnJkWC49OG5nMG83fmUYnQ5nKCywdrlv89KHHKtaNSwiAWCYnuetYCa0YwC8PemWzzSncrUE9k-vi4sFVg6ByjDK6AMO2bGRT2GLguanE88BI8FpjwWMGL1a-oblCoK0rlAW1iJzUIxWMRDtI7L6N6Eqymn-Ysw-diYVazqDRtRwjYSO8UwMMsAEyhcPuEocuDC5WCjyTevY_KXSinQ6BHgjhv--8sdYOQ3wGqSHZkpv6WCR5Cqicml9WM_9DE6A0v6JgNMmVBNkyCLQ0hIroAoWvfxwq0DNaWsO2feeHmRj6rXfptmG_7kpaI5GEsxC51Hqt3Pu8hbjyKlydlXnTCd7U3z101DznwIUQfthcURjR-gWFdIkZALX_97CmsGbZtFQhBL8cILd24hhO5v2R_o_KXtzgyQyFj6ipnYwiNq75M67PlUHSi_OuR-Iwm9sdr2e7jtE4dquFshpg4OYUHk0p7Zgn3GdAZsj0txZvGmZq1GhrKsAAEifMzZL31GSvi3Zh4ybflMS5i_a1Ix74OdrTrl1C45T-4PnIlkQ==&nojs=0&ix=0&t=0&x=1600&y=1200&wcks=1&wgl=1&cnvs=1&os=0&md=0&bb=0&pl=Chrome%20PDF%20Plugin::Chrome%20PDF%20Viewer::Native%20Client&lang=en-US&pf=Linux%20x86_64&cd=24&0&pload=110
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
45.133.44.3 Philadelphia, United States, ASN39572 (ADVANCEDHOSTERS-AS, NL),
Reverse DNS
Software
nginx/1.18.0 /
Resource Hash
dccc56b4834577790633f041a5c730b0f283352e63c8509a9da3961b170b6f96

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36
Accept-Language
nl-NL,nl;q=0.9

Response headers

date
Fri, 03 Dec 2021 16:22:45 GMT
content-type
text/html; charset=utf-8
content-length
6611
server
nginx/1.18.0
last-modified
Tue, 26 Oct 2021 15:52:40 GMT
etag
f46a63e0e4e733d7ddc6f46da00863bf
x-timestamp
1635263559.76455
x-trans-id
txf9973ab5455e4f86ae257-00617824f3
x-openstack-request-id
txf9973ab5455e4f86ae257-00617824f3
cache-control
max-age=172800
access-control-allow-origin
*
access-control-allow-methods
HEAD,GET,POST,PUT,PATCH,DELETE,OPTIONS
access-control-allow-headers
Content-Type,X-Requested-With,X-Auth-Token,X-Openstack-Request-Id,X-Container-Meta-type,X-Container-Meta-Temp-URL-Key,Authorization
access-control-expose-headers
X-Container-Meta-Temp-Url-Key,X-Container-Bytes-Used,Last-Modified,X-Timestamp
expires
Sun, 05 Dec 2021 16:22:45 GMT
vary
Accept-Encoding
x-proxy-cache
HIT
accept-ranges
bytes
dupa.gif
kneeansweras.com/ 		0
0
script.js
123.selornews.com/dannig/common-player-arrow/ 		4 KB
5 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://123.selornews.com/dannig/common-player-arrow/script.js?a=19
Requested by
Host: 517s61.reminews.com
URL: https://517s61.reminews.com/dannig/common-player-arrow/index.html?var=1541501&ymid=2112031122612a9369971443ffad339ac0a3&rc=1&mrc=0&fsc=0&zoneid=1601571&tburl=https://play-vids.com/?geo=nl&proxy=true
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
45.133.44.4 Philadelphia, United States, ASN39572 (ADVANCEDHOSTERS-AS, NL),
Reverse DNS
Software
nginx/1.18.0 /
Resource Hash

Request headers

Accept-Language
nl-NL,nl;q=0.9
Referer
https://517s61.reminews.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date
Fri, 03 Dec 2021 16:22:45 GMT
x-openstack-request-id
tx511d3042704c4fa98c709-00617824f4
x-trans-id
tx511d3042704c4fa98c709-00617824f4
x-timestamp
1631013005.68768
accept-ranges
bytes
expires
Sun, 05 Dec 2021 16:22:45 GMT
last-modified
Tue, 07 Sep 2021 11:10:06 GMT
server
nginx/1.18.0
etag
9d479878f1dadd7ee15cebf73891e8ae
vary
Accept-Encoding
access-control-allow-methods
HEAD,GET,POST,PUT,PATCH,DELETE,OPTIONS
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
access-control-expose-headers
X-Container-Meta-Temp-Url-Key,X-Container-Bytes-Used,Last-Modified,X-Timestamp
cache-control
max-age=172800
content-length
4281
access-control-allow-headers
Content-Type,X-Requested-With,X-Auth-Token,X-Openstack-Request-Id,X-Container-Meta-type,X-Container-Meta-Temp-URL-Key,Authorization
x-proxy-cache
HIT
icon1.png
123.selornews.com/dannig/common-player-arrow/img/ 		7 KB
8 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://123.selornews.com/dannig/common-player-arrow/img/icon1.png
Requested by
Host: 517s61.reminews.com
URL: https://517s61.reminews.com/dannig/common-player-arrow/index.html?var=1541501&ymid=2112031122612a9369971443ffad339ac0a3&rc=1&mrc=0&fsc=0&zoneid=1601571&tburl=https://play-vids.com/?geo=nl&proxy=true
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
45.133.44.4 Philadelphia, United States, ASN39572 (ADVANCEDHOSTERS-AS, NL),
Reverse DNS
Software
nginx/1.18.0 /
Resource Hash

Request headers

Accept-Language
nl-NL,nl;q=0.9
Referer
https://517s61.reminews.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date
Fri, 03 Dec 2021 16:22:45 GMT
x-openstack-request-id
tx3a371b7f911d47879e956-00617824f4
x-trans-id
tx3a371b7f911d47879e956-00617824f4
x-timestamp
1621260766.56573
accept-ranges
bytes
expires
Sun, 05 Dec 2021 16:22:45 GMT
last-modified
Mon, 17 May 2021 14:12:47 GMT
server
nginx/1.18.0
etag
3d0ab5834c8bf7134e4d21fa3288317f
vary
Accept-Encoding
access-control-allow-methods
HEAD,GET,POST,PUT,PATCH,DELETE,OPTIONS
content-type
image/png
access-control-allow-origin
*
access-control-expose-headers
X-Container-Meta-Temp-Url-Key,X-Container-Bytes-Used,Last-Modified,X-Timestamp
cache-control
max-age=172800
content-length
7252
access-control-allow-headers
Content-Type,X-Requested-With,X-Auth-Token,X-Openstack-Request-Id,X-Container-Meta-type,X-Container-Meta-Temp-URL-Key,Authorization
x-proxy-cache
HIT
icon2.png
123.selornews.com/dannig/common-player-arrow/img/ 		4 KB
5 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://123.selornews.com/dannig/common-player-arrow/img/icon2.png
Requested by
Host: 517s61.reminews.com
URL: https://517s61.reminews.com/dannig/common-player-arrow/index.html?var=1541501&ymid=2112031122612a9369971443ffad339ac0a3&rc=1&mrc=0&fsc=0&zoneid=1601571&tburl=https://play-vids.com/?geo=nl&proxy=true
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
45.133.44.4 Philadelphia, United States, ASN39572 (ADVANCEDHOSTERS-AS, NL),
Reverse DNS
Software
nginx/1.18.0 /
Resource Hash

Request headers

Accept-Language
nl-NL,nl;q=0.9
Referer
https://517s61.reminews.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date
Fri, 03 Dec 2021 16:22:45 GMT
x-openstack-request-id
txa9b08c83d6884e2e94886-00617824f0
x-trans-id
txa9b08c83d6884e2e94886-00617824f0
x-timestamp
1621260766.58366
accept-ranges
bytes
expires
Sun, 05 Dec 2021 16:22:45 GMT
last-modified
Mon, 17 May 2021 14:12:47 GMT
server
nginx/1.18.0
etag
c947d439eb93367f1af5b2a3d222f057
vary
Accept-Encoding
access-control-allow-methods
HEAD,GET,POST,PUT,PATCH,DELETE,OPTIONS
content-type
image/png
access-control-allow-origin
*
access-control-expose-headers
X-Container-Meta-Temp-Url-Key,X-Container-Bytes-Used,Last-Modified,X-Timestamp
cache-control
max-age=172800
content-length
4576
access-control-allow-headers
Content-Type,X-Requested-With,X-Auth-Token,X-Openstack-Request-Id,X-Container-Meta-type,X-Container-Meta-Temp-URL-Key,Authorization
x-proxy-cache
HIT
icon3.png
123.selornews.com/dannig/common-player-arrow/img/ 		8 KB
8 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://123.selornews.com/dannig/common-player-arrow/img/icon3.png
Requested by
Host: 517s61.reminews.com
URL: https://517s61.reminews.com/dannig/common-player-arrow/index.html?var=1541501&ymid=2112031122612a9369971443ffad339ac0a3&rc=1&mrc=0&fsc=0&zoneid=1601571&tburl=https://play-vids.com/?geo=nl&proxy=true
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
45.133.44.4 Philadelphia, United States, ASN39572 (ADVANCEDHOSTERS-AS, NL),
Reverse DNS
Software
nginx/1.18.0 /
Resource Hash

Request headers

Accept-Language
nl-NL,nl;q=0.9
Referer
https://517s61.reminews.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date
Fri, 03 Dec 2021 16:22:45 GMT
x-openstack-request-id
txe836bc800dc74cab8c17e-00617824f0
x-trans-id
txe836bc800dc74cab8c17e-00617824f0
x-timestamp
1621260770.61859
accept-ranges
bytes
expires
Sun, 05 Dec 2021 16:22:45 GMT
last-modified
Mon, 17 May 2021 14:12:51 GMT
server
nginx/1.18.0
etag
8f3cc830da0b1fdf66bda7d1d734747b
vary
Accept-Encoding
access-control-allow-methods
HEAD,GET,POST,PUT,PATCH,DELETE,OPTIONS
content-type
image/png
access-control-allow-origin
*
access-control-expose-headers
X-Container-Meta-Temp-Url-Key,X-Container-Bytes-Used,Last-Modified,X-Timestamp
cache-control
max-age=172800
content-length
7847
access-control-allow-headers
Content-Type,X-Requested-With,X-Auth-Token,X-Openstack-Request-Id,X-Container-Meta-type,X-Container-Meta-Temp-URL-Key,Authorization
x-proxy-cache
HIT
icon4.png
123.selornews.com/dannig/common-player-arrow/img/ 		7 KB
7 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://123.selornews.com/dannig/common-player-arrow/img/icon4.png
Requested by
Host: 517s61.reminews.com
URL: https://517s61.reminews.com/dannig/common-player-arrow/index.html?var=1541501&ymid=2112031122612a9369971443ffad339ac0a3&rc=1&mrc=0&fsc=0&zoneid=1601571&tburl=https://play-vids.com/?geo=nl&proxy=true
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
45.133.44.4 Philadelphia, United States, ASN39572 (ADVANCEDHOSTERS-AS, NL),
Reverse DNS
Software
nginx/1.18.0 /
Resource Hash

Request headers

Accept-Language
nl-NL,nl;q=0.9
Referer
https://517s61.reminews.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date
Fri, 03 Dec 2021 16:22:45 GMT
x-openstack-request-id
tx15b172dcb6084849bf123-00617824f0
x-trans-id
tx15b172dcb6084849bf123-00617824f0
x-timestamp
1621260766.57654
accept-ranges
bytes
expires
Sun, 05 Dec 2021 16:22:45 GMT
last-modified
Mon, 17 May 2021 14:12:47 GMT
server
nginx/1.18.0
etag
7ad7f32c1c0df7b4975cc41bda4ac435
vary
Accept-Encoding
access-control-allow-methods
HEAD,GET,POST,PUT,PATCH,DELETE,OPTIONS
content-type
image/png
access-control-allow-origin
*
access-control-expose-headers
X-Container-Meta-Temp-Url-Key,X-Container-Bytes-Used,Last-Modified,X-Timestamp
cache-control
max-age=172800
content-length
7032
access-control-allow-headers
Content-Type,X-Requested-With,X-Auth-Token,X-Openstack-Request-Id,X-Container-Meta-type,X-Container-Meta-Temp-URL-Key,Authorization
x-proxy-cache
HIT
icon5.png
123.selornews.com/dannig/common-player-arrow/img/ 		3 KB
4 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://123.selornews.com/dannig/common-player-arrow/img/icon5.png
Requested by
Host: 517s61.reminews.com
URL: https://517s61.reminews.com/dannig/common-player-arrow/index.html?var=1541501&ymid=2112031122612a9369971443ffad339ac0a3&rc=1&mrc=0&fsc=0&zoneid=1601571&tburl=https://play-vids.com/?geo=nl&proxy=true
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
45.133.44.4 Philadelphia, United States, ASN39572 (ADVANCEDHOSTERS-AS, NL),
Reverse DNS
Software
nginx/1.18.0 /
Resource Hash

Request headers

Accept-Language
nl-NL,nl;q=0.9
Referer
https://517s61.reminews.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date
Fri, 03 Dec 2021 16:22:45 GMT
x-openstack-request-id
txb5043e51fe2e4d6988631-00617824f0
x-trans-id
txb5043e51fe2e4d6988631-00617824f0
x-timestamp
1621260766.74516
accept-ranges
bytes
expires
Sun, 05 Dec 2021 16:22:45 GMT
last-modified
Mon, 17 May 2021 14:12:47 GMT
server
nginx/1.18.0
etag
1e1a7582b5da63e10485d63f97abc9a0
vary
Accept-Encoding
access-control-allow-methods
HEAD,GET,POST,PUT,PATCH,DELETE,OPTIONS
content-type
image/png
access-control-allow-origin
*
access-control-expose-headers
X-Container-Meta-Temp-Url-Key,X-Container-Bytes-Used,Last-Modified,X-Timestamp
cache-control
max-age=172800
content-length
3264
access-control-allow-headers
Content-Type,X-Requested-With,X-Auth-Token,X-Openstack-Request-Id,X-Container-Meta-type,X-Container-Meta-Temp-URL-Key,Authorization
x-proxy-cache
HIT
icon7.png
123.selornews.com/dannig/common-player-arrow/img/ 		3 KB
4 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://123.selornews.com/dannig/common-player-arrow/img/icon7.png
Requested by
Host: 517s61.reminews.com
URL: https://517s61.reminews.com/dannig/common-player-arrow/index.html?var=1541501&ymid=2112031122612a9369971443ffad339ac0a3&rc=1&mrc=0&fsc=0&zoneid=1601571&tburl=https://play-vids.com/?geo=nl&proxy=true
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
45.133.44.4 Philadelphia, United States, ASN39572 (ADVANCEDHOSTERS-AS, NL),
Reverse DNS
Software
nginx/1.18.0 /
Resource Hash

Request headers

Accept-Language
nl-NL,nl;q=0.9
Referer
https://517s61.reminews.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date
Fri, 03 Dec 2021 16:22:45 GMT
x-openstack-request-id
tx23eb648f44094a9e86fdc-00617824f0
x-trans-id
tx23eb648f44094a9e86fdc-00617824f0
x-timestamp
1621260767.43555
accept-ranges
bytes
expires
Sun, 05 Dec 2021 16:22:45 GMT
last-modified
Mon, 17 May 2021 14:12:48 GMT
server
nginx/1.18.0
etag
b512735542cb07b3b2dcf153a7dfe456
vary
Accept-Encoding
access-control-allow-methods
HEAD,GET,POST,PUT,PATCH,DELETE,OPTIONS
content-type
image/png
access-control-allow-origin
*
access-control-expose-headers
X-Container-Meta-Temp-Url-Key,X-Container-Bytes-Used,Last-Modified,X-Timestamp
cache-control
max-age=172800
content-length
3283
access-control-allow-headers
Content-Type,X-Requested-With,X-Auth-Token,X-Openstack-Request-Id,X-Container-Meta-type,X-Container-Meta-Temp-URL-Key,Authorization
x-proxy-cache
HIT
icon8.png
123.selornews.com/dannig/common-player-arrow/img/ 		4 KB
5 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://123.selornews.com/dannig/common-player-arrow/img/icon8.png
Requested by
Host: 517s61.reminews.com
URL: https://517s61.reminews.com/dannig/common-player-arrow/index.html?var=1541501&ymid=2112031122612a9369971443ffad339ac0a3&rc=1&mrc=0&fsc=0&zoneid=1601571&tburl=https://play-vids.com/?geo=nl&proxy=true
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
45.133.44.4 Philadelphia, United States, ASN39572 (ADVANCEDHOSTERS-AS, NL),
Reverse DNS
Software
nginx/1.18.0 /
Resource Hash

Request headers

Accept-Language
nl-NL,nl;q=0.9
Referer
https://517s61.reminews.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date
Fri, 03 Dec 2021 16:22:45 GMT
x-openstack-request-id
tx287de7c84de84b77b385d-00617824f0
x-trans-id
tx287de7c84de84b77b385d-00617824f0
x-timestamp
1621260767.46514
accept-ranges
bytes
expires
Sun, 05 Dec 2021 16:22:45 GMT
last-modified
Mon, 17 May 2021 14:12:48 GMT
server
nginx/1.18.0
etag
f92d6474ebc6a3a0b576749cfb4afe98
vary
Accept-Encoding
access-control-allow-methods
HEAD,GET,POST,PUT,PATCH,DELETE,OPTIONS
content-type
image/png
access-control-allow-origin
*
access-control-expose-headers
X-Container-Meta-Temp-Url-Key,X-Container-Bytes-Used,Last-Modified,X-Timestamp
cache-control
max-age=172800
content-length
4064
access-control-allow-headers
Content-Type,X-Requested-With,X-Auth-Token,X-Openstack-Request-Id,X-Container-Meta-type,X-Container-Meta-Temp-URL-Key,Authorization
x-proxy-cache
HIT
afu.php
kneeansweras.com/ 		2 KB
1 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://kneeansweras.com/afu.php?zoneid=1541502&var=1541501
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
109.206.162.83 , Netherlands, ASN50245 (SERVEREL-AS, NL),
Reverse DNS
83.162.serverel.net
Software
nginx /
Resource Hash
c0d497bcd5d6d920c5b5a858479639c8e23a9480306c73bd87286505f56844cb

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36
Accept-Language
nl-NL,nl;q=0.9

Response headers

server
nginx
date
Fri, 03 Dec 2021 16:22:45 GMT
content-type
text/html; charset=utf-8
vary
Accept-Encoding
content-encoding
gzip
timing-allow-origin
*
submit.min.js
kneeansweras.com/ 		34 KB
14 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://kneeansweras.com/submit.min.js?2.0
Requested by
Host: kneeansweras.com
URL: https://kneeansweras.com/afu.php?zoneid=1541502&var=1541501
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
109.206.162.83 , Netherlands, ASN50245 (SERVEREL-AS, NL),
Reverse DNS
83.162.serverel.net
Software
nginx /
Resource Hash
85a367f436675a0f9ff723ab117c68ab0f704cd9f183bc40c8d5e06d647832b8

Request headers

Accept-Language
nl-NL,nl;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date
Fri, 03 Dec 2021 16:22:45 GMT
content-encoding
gzip
last-modified
Thu, 02 Dec 2021 12:43:17 GMT
server
nginx
etag
W/"61a8bf65-87fb"
vary
Accept-Encoding
content-type
application/javascript
timing-allow-origin
*
/
kneeansweras.com/ 		3 KB
2 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://kneeansweras.com/?r=dir&zoneid=1541502&var=1541501&pb=fdeb0896f6f745991ce0d467973311521638555765&psp=qqbCaaObp7HMPQ6tyEDBtiWATVfRMwTJ5sdjJzG5l0mf0mAZwUB9bSiQIBRd7IkTVlGO40Pj0V-cGoQDRPahRUKFAMU6DSCjuQ5tAhkY6OFwybslCYWLJH8YJ1vl8y5I6MzAGRWAZfnIECdi79i6aC4GYkNtTAkggLqoc6xt6CldAnu8w0NE4tgNFMRBsiTIdmwUTY9W-cBtAnty4BB_SBrSiRAy_InhN40X3cc6t59pHPwzxZq_lM3FRqbsxJwNQ2iQV86eSWX-vXtYxUv-EML0v7uwJAO37LmWrlmkzjRf_GrXhgF1TgHx5w-zUMc29WaXB9bPYhxApDTAcLPVU5pgiwZNog04CU1kVdnY2SrGmP3TlD7dKBPZQB8x3pYOHKR9JemMkSEers3RPpEj2nySWrDO2keZ473I1fXT_GS4FIyYS1V0oAUGISfeK2MzJGqs2bK5d9gsi8On03DCYyU_w6RFBTnNtj2fB1-hRU8YrdaIJkaojp4n6PnR3JOPC4piCVKeAmvcKlpfY2coUPchZqEPGXo25-on9wgRGRYRVuaE501nIyaz32XZ28fnNU-yfH3ACwcTk74tqDxN7nrQNF3JAXnI-kDVW3vZEBy7IRoDoO1LPLgiDdMxeEdfuCNKYgN0GQHKW0C0vLoXsw_Y56K3nqPcfnRJCUozd8NVCMreVbwstw==&nojs=0&ix=0&t=0&x=1600&y=1200&wcks=1&wgl=1&cnvs=1&os=0&md=0&bb=0&pl=Chrome%20PDF%20Plugin::Chrome%20PDF%20Viewer::Native%20Client&lang=en-US&pf=Linux%20x86_64&cd=24&0&pload=111
Requested by
Host: kneeansweras.com
URL: https://kneeansweras.com/submit.min.js?2.0
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
109.206.162.83 , Netherlands, ASN50245 (SERVEREL-AS, NL),
Reverse DNS
83.162.serverel.net
Software
nginx /
Resource Hash
102ce07b5d1613eea1e88e22b103818def3423a877695f0807add7a6eae5ca48

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36
Accept-Language
nl-NL,nl;q=0.9

Response headers

server
nginx
date
Fri, 03 Dec 2021 16:22:45 GMT
content-type
text/html; charset=utf-8
vary
Accept-Encoding
content-encoding
gzip
timing-allow-origin
*
index.html
517s61.reminews.com/dannig/common-player-arrow/ 		6 KB
7 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://517s61.reminews.com/dannig/common-player-arrow/index.html?var=1541502&ymid=211203112272a04b49a291435f88dd97eeb9&rc=1&mrc=0&fsc=0&zoneid=1601571&tburl=https://play-vids.com/?geo=nl&proxy=true
Requested by
Host: kneeansweras.com
URL: https://kneeansweras.com/?r=dir&zoneid=1541502&var=1541501&pb=fdeb0896f6f745991ce0d467973311521638555765&psp=qqbCaaObp7HMPQ6tyEDBtiWATVfRMwTJ5sdjJzG5l0mf0mAZwUB9bSiQIBRd7IkTVlGO40Pj0V-cGoQDRPahRUKFAMU6DSCjuQ5tAhkY6OFwybslCYWLJH8YJ1vl8y5I6MzAGRWAZfnIECdi79i6aC4GYkNtTAkggLqoc6xt6CldAnu8w0NE4tgNFMRBsiTIdmwUTY9W-cBtAnty4BB_SBrSiRAy_InhN40X3cc6t59pHPwzxZq_lM3FRqbsxJwNQ2iQV86eSWX-vXtYxUv-EML0v7uwJAO37LmWrlmkzjRf_GrXhgF1TgHx5w-zUMc29WaXB9bPYhxApDTAcLPVU5pgiwZNog04CU1kVdnY2SrGmP3TlD7dKBPZQB8x3pYOHKR9JemMkSEers3RPpEj2nySWrDO2keZ473I1fXT_GS4FIyYS1V0oAUGISfeK2MzJGqs2bK5d9gsi8On03DCYyU_w6RFBTnNtj2fB1-hRU8YrdaIJkaojp4n6PnR3JOPC4piCVKeAmvcKlpfY2coUPchZqEPGXo25-on9wgRGRYRVuaE501nIyaz32XZ28fnNU-yfH3ACwcTk74tqDxN7nrQNF3JAXnI-kDVW3vZEBy7IRoDoO1LPLgiDdMxeEdfuCNKYgN0GQHKW0C0vLoXsw_Y56K3nqPcfnRJCUozd8NVCMreVbwstw==&nojs=0&ix=0&t=0&x=1600&y=1200&wcks=1&wgl=1&cnvs=1&os=0&md=0&bb=0&pl=Chrome%20PDF%20Plugin::Chrome%20PDF%20Viewer::Native%20Client&lang=en-US&pf=Linux%20x86_64&cd=24&0&pload=111
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
45.133.44.3 Philadelphia, United States, ASN39572 (ADVANCEDHOSTERS-AS, NL),
Reverse DNS
Software
nginx/1.18.0 /
Resource Hash
dccc56b4834577790633f041a5c730b0f283352e63c8509a9da3961b170b6f96

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36
Accept-Language
nl-NL,nl;q=0.9

Response headers

date
Fri, 03 Dec 2021 16:22:45 GMT
content-type
text/html; charset=utf-8
content-length
6611
server
nginx/1.18.0
last-modified
Tue, 26 Oct 2021 15:52:40 GMT
etag
f46a63e0e4e733d7ddc6f46da00863bf
x-timestamp
1635263559.76455
x-trans-id
txf9973ab5455e4f86ae257-00617824f3
x-openstack-request-id
txf9973ab5455e4f86ae257-00617824f3
cache-control
max-age=172800
access-control-allow-origin
*
access-control-allow-methods
HEAD,GET,POST,PUT,PATCH,DELETE,OPTIONS
access-control-allow-headers
Content-Type,X-Requested-With,X-Auth-Token,X-Openstack-Request-Id,X-Container-Meta-type,X-Container-Meta-Temp-URL-Key,Authorization
access-control-expose-headers
X-Container-Meta-Temp-Url-Key,X-Container-Bytes-Used,Last-Modified,X-Timestamp
expires
Sun, 05 Dec 2021 16:22:45 GMT
vary
Accept-Encoding
x-proxy-cache
HIT
accept-ranges
bytes
dupa.gif
kneeansweras.com/ 		43 B
123 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://kneeansweras.com/dupa.gif?z=1541502&var=1541501&pb=fdeb0896f6f745991ce0d467973311521638555765&psp=qqbCaaObp7HMPQ6tyEDBtiWATVfRMwTJ5sdjJzG5l0mf0mAZwUB9bSiQIBRd7IkTVlGO40Pj0V-cGoQDRPahRUKFAMU6DSCjuQ5tAhkY6OFwybslCYWLJH8YJ1vl8y5I6MzAGRWAZfnIECdi79i6aC4GYkNtTAkggLqoc6xt6CldAnu8w0NE4tgNFMRBsiTIdmwUTY9W-cBtAnty4BB_SBrSiRAy_InhN40X3cc6t59pHPwzxZq_lM3FRqbsxJwNQ2iQV86eSWX-vXtYxUv-EML0v7uwJAO37LmWrlmkzjRf_GrXhgF1TgHx5w-zUMc29WaXB9bPYhxApDTAcLPVU5pgiwZNog04CU1kVdnY2SrGmP3TlD7dKBPZQB8x3pYOHKR9JemMkSEers3RPpEj2nySWrDO2keZ473I1fXT_GS4FIyYS1V0oAUGISfeK2MzJGqs2bK5d9gsi8On03DCYyU_w6RFBTnNtj2fB1-hRU8YrdaIJkaojp4n6PnR3JOPC4piCVKeAmvcKlpfY2coUPchZqEPGXo25-on9wgRGRYRVuaE501nIyaz32XZ28fnNU-yfH3ACwcTk74tqDxN7nrQNF3JAXnI-kDVW3vZEBy7IRoDoO1LPLgiDdMxeEdfuCNKYgN0GQHKW0C0vLoXsw_Y56K3nqPcfnRJCUozd8NVCMreVbwstw==&pload=54
Requested by
Host: kneeansweras.com
URL: https://kneeansweras.com/?r=dir&zoneid=1541502&var=1541501&pb=fdeb0896f6f745991ce0d467973311521638555765&psp=qqbCaaObp7HMPQ6tyEDBtiWATVfRMwTJ5sdjJzG5l0mf0mAZwUB9bSiQIBRd7IkTVlGO40Pj0V-cGoQDRPahRUKFAMU6DSCjuQ5tAhkY6OFwybslCYWLJH8YJ1vl8y5I6MzAGRWAZfnIECdi79i6aC4GYkNtTAkggLqoc6xt6CldAnu8w0NE4tgNFMRBsiTIdmwUTY9W-cBtAnty4BB_SBrSiRAy_InhN40X3cc6t59pHPwzxZq_lM3FRqbsxJwNQ2iQV86eSWX-vXtYxUv-EML0v7uwJAO37LmWrlmkzjRf_GrXhgF1TgHx5w-zUMc29WaXB9bPYhxApDTAcLPVU5pgiwZNog04CU1kVdnY2SrGmP3TlD7dKBPZQB8x3pYOHKR9JemMkSEers3RPpEj2nySWrDO2keZ473I1fXT_GS4FIyYS1V0oAUGISfeK2MzJGqs2bK5d9gsi8On03DCYyU_w6RFBTnNtj2fB1-hRU8YrdaIJkaojp4n6PnR3JOPC4piCVKeAmvcKlpfY2coUPchZqEPGXo25-on9wgRGRYRVuaE501nIyaz32XZ28fnNU-yfH3ACwcTk74tqDxN7nrQNF3JAXnI-kDVW3vZEBy7IRoDoO1LPLgiDdMxeEdfuCNKYgN0GQHKW0C0vLoXsw_Y56K3nqPcfnRJCUozd8NVCMreVbwstw==&nojs=0&ix=0&t=0&x=1600&y=1200&wcks=1&wgl=1&cnvs=1&os=0&md=0&bb=0&pl=Chrome%20PDF%20Plugin::Chrome%20PDF%20Viewer::Native%20Client&lang=en-US&pf=Linux%20x86_64&cd=24&0&pload=111
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
109.206.162.83 , Netherlands, ASN50245 (SERVEREL-AS, NL),
Reverse DNS
83.162.serverel.net
Software
nginx /
Resource Hash

Request headers

Referer
Accept-Language
nl-NL,nl;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

date
Fri, 03 Dec 2021 16:22:45 GMT
server
nginx
timing-allow-origin
*
content-length
43
content-type
image/gif
script.js
123.selornews.com/dannig/common-player-arrow/ 		4 KB
5 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://123.selornews.com/dannig/common-player-arrow/script.js?a=19
Requested by
Host: 517s61.reminews.com
URL: https://517s61.reminews.com/dannig/common-player-arrow/index.html?var=1541502&ymid=211203112272a04b49a291435f88dd97eeb9&rc=1&mrc=0&fsc=0&zoneid=1601571&tburl=https://play-vids.com/?geo=nl&proxy=true
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
45.133.44.4 Philadelphia, United States, ASN39572 (ADVANCEDHOSTERS-AS, NL),
Reverse DNS
Software
nginx/1.18.0 /
Resource Hash
4d23eca65ee87fd5bce9aaefc863c5f836ad13dbb3069c72533bddfe2054d0d9

Request headers

Accept-Language
nl-NL,nl;q=0.9
Referer
https://517s61.reminews.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date
Fri, 03 Dec 2021 16:22:45 GMT
x-openstack-request-id
tx511d3042704c4fa98c709-00617824f4
x-trans-id
tx511d3042704c4fa98c709-00617824f4
x-timestamp
1631013005.68768
accept-ranges
bytes
expires
Sun, 05 Dec 2021 16:22:45 GMT
last-modified
Tue, 07 Sep 2021 11:10:06 GMT
server
nginx/1.18.0
etag
9d479878f1dadd7ee15cebf73891e8ae
vary
Accept-Encoding
access-control-allow-methods
HEAD,GET,POST,PUT,PATCH,DELETE,OPTIONS
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
access-control-expose-headers
X-Container-Meta-Temp-Url-Key,X-Container-Bytes-Used,Last-Modified,X-Timestamp
cache-control
max-age=172800
content-length
4281
access-control-allow-headers
Content-Type,X-Requested-With,X-Auth-Token,X-Openstack-Request-Id,X-Container-Meta-type,X-Container-Meta-Temp-URL-Key,Authorization
x-proxy-cache
HIT
icon1.png
123.selornews.com/dannig/common-player-arrow/img/ 		7 KB
8 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://123.selornews.com/dannig/common-player-arrow/img/icon1.png
Requested by
Host: 517s61.reminews.com
URL: https://517s61.reminews.com/dannig/common-player-arrow/index.html?var=1541502&ymid=211203112272a04b49a291435f88dd97eeb9&rc=1&mrc=0&fsc=0&zoneid=1601571&tburl=https://play-vids.com/?geo=nl&proxy=true
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
45.133.44.4 Philadelphia, United States, ASN39572 (ADVANCEDHOSTERS-AS, NL),
Reverse DNS
Software
nginx/1.18.0 /
Resource Hash

Request headers

Accept-Language
nl-NL,nl;q=0.9
Referer
https://517s61.reminews.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date
Fri, 03 Dec 2021 16:22:45 GMT
x-openstack-request-id
tx3a371b7f911d47879e956-00617824f4
x-trans-id
tx3a371b7f911d47879e956-00617824f4
x-timestamp
1621260766.56573
accept-ranges
bytes
expires
Sun, 05 Dec 2021 16:22:45 GMT
last-modified
Mon, 17 May 2021 14:12:47 GMT
server
nginx/1.18.0
etag
3d0ab5834c8bf7134e4d21fa3288317f
vary
Accept-Encoding
access-control-allow-methods
HEAD,GET,POST,PUT,PATCH,DELETE,OPTIONS
content-type
image/png
access-control-allow-origin
*
access-control-expose-headers
X-Container-Meta-Temp-Url-Key,X-Container-Bytes-Used,Last-Modified,X-Timestamp
cache-control
max-age=172800
content-length
7252
access-control-allow-headers
Content-Type,X-Requested-With,X-Auth-Token,X-Openstack-Request-Id,X-Container-Meta-type,X-Container-Meta-Temp-URL-Key,Authorization
x-proxy-cache
HIT
icon2.png
123.selornews.com/dannig/common-player-arrow/img/ 		4 KB
5 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://123.selornews.com/dannig/common-player-arrow/img/icon2.png
Requested by
Host: 517s61.reminews.com
URL: https://517s61.reminews.com/dannig/common-player-arrow/index.html?var=1541502&ymid=211203112272a04b49a291435f88dd97eeb9&rc=1&mrc=0&fsc=0&zoneid=1601571&tburl=https://play-vids.com/?geo=nl&proxy=true
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
45.133.44.4 Philadelphia, United States, ASN39572 (ADVANCEDHOSTERS-AS, NL),
Reverse DNS
Software
nginx/1.18.0 /
Resource Hash

Request headers

Accept-Language
nl-NL,nl;q=0.9
Referer
https://517s61.reminews.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date
Fri, 03 Dec 2021 16:22:45 GMT
x-openstack-request-id
txa9b08c83d6884e2e94886-00617824f0
x-trans-id
txa9b08c83d6884e2e94886-00617824f0
x-timestamp
1621260766.58366
accept-ranges
bytes
expires
Sun, 05 Dec 2021 16:22:45 GMT
last-modified
Mon, 17 May 2021 14:12:47 GMT
server
nginx/1.18.0
etag
c947d439eb93367f1af5b2a3d222f057
vary
Accept-Encoding
access-control-allow-methods
HEAD,GET,POST,PUT,PATCH,DELETE,OPTIONS
content-type
image/png
access-control-allow-origin
*
access-control-expose-headers
X-Container-Meta-Temp-Url-Key,X-Container-Bytes-Used,Last-Modified,X-Timestamp
cache-control
max-age=172800
content-length
4576
access-control-allow-headers
Content-Type,X-Requested-With,X-Auth-Token,X-Openstack-Request-Id,X-Container-Meta-type,X-Container-Meta-Temp-URL-Key,Authorization
x-proxy-cache
HIT
icon3.png
123.selornews.com/dannig/common-player-arrow/img/ 		8 KB
8 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://123.selornews.com/dannig/common-player-arrow/img/icon3.png
Requested by
Host: 517s61.reminews.com
URL: https://517s61.reminews.com/dannig/common-player-arrow/index.html?var=1541502&ymid=211203112272a04b49a291435f88dd97eeb9&rc=1&mrc=0&fsc=0&zoneid=1601571&tburl=https://play-vids.com/?geo=nl&proxy=true
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
45.133.44.4 Philadelphia, United States, ASN39572 (ADVANCEDHOSTERS-AS, NL),
Reverse DNS
Software
nginx/1.18.0 /
Resource Hash

Request headers

Accept-Language
nl-NL,nl;q=0.9
Referer
https://517s61.reminews.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date
Fri, 03 Dec 2021 16:22:45 GMT
x-openstack-request-id
txe836bc800dc74cab8c17e-00617824f0
x-trans-id
txe836bc800dc74cab8c17e-00617824f0
x-timestamp
1621260770.61859
accept-ranges
bytes
expires
Sun, 05 Dec 2021 16:22:45 GMT
last-modified
Mon, 17 May 2021 14:12:51 GMT
server
nginx/1.18.0
etag
8f3cc830da0b1fdf66bda7d1d734747b
vary
Accept-Encoding
access-control-allow-methods
HEAD,GET,POST,PUT,PATCH,DELETE,OPTIONS
content-type
image/png
access-control-allow-origin
*
access-control-expose-headers
X-Container-Meta-Temp-Url-Key,X-Container-Bytes-Used,Last-Modified,X-Timestamp
cache-control
max-age=172800
content-length
7847
access-control-allow-headers
Content-Type,X-Requested-With,X-Auth-Token,X-Openstack-Request-Id,X-Container-Meta-type,X-Container-Meta-Temp-URL-Key,Authorization
x-proxy-cache
HIT
icon4.png
123.selornews.com/dannig/common-player-arrow/img/ 		7 KB
7 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://123.selornews.com/dannig/common-player-arrow/img/icon4.png
Requested by
Host: 517s61.reminews.com
URL: https://517s61.reminews.com/dannig/common-player-arrow/index.html?var=1541502&ymid=211203112272a04b49a291435f88dd97eeb9&rc=1&mrc=0&fsc=0&zoneid=1601571&tburl=https://play-vids.com/?geo=nl&proxy=true
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
45.133.44.4 Philadelphia, United States, ASN39572 (ADVANCEDHOSTERS-AS, NL),
Reverse DNS
Software
nginx/1.18.0 /
Resource Hash

Request headers

Accept-Language
nl-NL,nl;q=0.9
Referer
https://517s61.reminews.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date
Fri, 03 Dec 2021 16:22:45 GMT
x-openstack-request-id
tx15b172dcb6084849bf123-00617824f0
x-trans-id
tx15b172dcb6084849bf123-00617824f0
x-timestamp
1621260766.57654
accept-ranges
bytes
expires
Sun, 05 Dec 2021 16:22:45 GMT
last-modified
Mon, 17 May 2021 14:12:47 GMT
server
nginx/1.18.0
etag
7ad7f32c1c0df7b4975cc41bda4ac435
vary
Accept-Encoding
access-control-allow-methods
HEAD,GET,POST,PUT,PATCH,DELETE,OPTIONS
content-type
image/png
access-control-allow-origin
*
access-control-expose-headers
X-Container-Meta-Temp-Url-Key,X-Container-Bytes-Used,Last-Modified,X-Timestamp
cache-control
max-age=172800
content-length
7032
access-control-allow-headers
Content-Type,X-Requested-With,X-Auth-Token,X-Openstack-Request-Id,X-Container-Meta-type,X-Container-Meta-Temp-URL-Key,Authorization
x-proxy-cache
HIT
icon5.png
123.selornews.com/dannig/common-player-arrow/img/ 		3 KB
4 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://123.selornews.com/dannig/common-player-arrow/img/icon5.png
Requested by
Host: 517s61.reminews.com
URL: https://517s61.reminews.com/dannig/common-player-arrow/index.html?var=1541502&ymid=211203112272a04b49a291435f88dd97eeb9&rc=1&mrc=0&fsc=0&zoneid=1601571&tburl=https://play-vids.com/?geo=nl&proxy=true
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
45.133.44.4 Philadelphia, United States, ASN39572 (ADVANCEDHOSTERS-AS, NL),
Reverse DNS
Software
nginx/1.18.0 /
Resource Hash

Request headers

Accept-Language
nl-NL,nl;q=0.9
Referer
https://517s61.reminews.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date
Fri, 03 Dec 2021 16:22:45 GMT
x-openstack-request-id
txb5043e51fe2e4d6988631-00617824f0
x-trans-id
txb5043e51fe2e4d6988631-00617824f0
x-timestamp
1621260766.74516
accept-ranges
bytes
expires
Sun, 05 Dec 2021 16:22:45 GMT
last-modified
Mon, 17 May 2021 14:12:47 GMT
server
nginx/1.18.0
etag
1e1a7582b5da63e10485d63f97abc9a0
vary
Accept-Encoding
access-control-allow-methods
HEAD,GET,POST,PUT,PATCH,DELETE,OPTIONS
content-type
image/png
access-control-allow-origin
*
access-control-expose-headers
X-Container-Meta-Temp-Url-Key,X-Container-Bytes-Used,Last-Modified,X-Timestamp
cache-control
max-age=172800
content-length
3264
access-control-allow-headers
Content-Type,X-Requested-With,X-Auth-Token,X-Openstack-Request-Id,X-Container-Meta-type,X-Container-Meta-Temp-URL-Key,Authorization
x-proxy-cache
HIT
icon7.png
123.selornews.com/dannig/common-player-arrow/img/ 		3 KB
4 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://123.selornews.com/dannig/common-player-arrow/img/icon7.png
Requested by
Host: 517s61.reminews.com
URL: https://517s61.reminews.com/dannig/common-player-arrow/index.html?var=1541502&ymid=211203112272a04b49a291435f88dd97eeb9&rc=1&mrc=0&fsc=0&zoneid=1601571&tburl=https://play-vids.com/?geo=nl&proxy=true
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
45.133.44.4 Philadelphia, United States, ASN39572 (ADVANCEDHOSTERS-AS, NL),
Reverse DNS
Software
nginx/1.18.0 /
Resource Hash

Request headers

Accept-Language
nl-NL,nl;q=0.9
Referer
https://517s61.reminews.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date
Fri, 03 Dec 2021 16:22:45 GMT
x-openstack-request-id
tx23eb648f44094a9e86fdc-00617824f0
x-trans-id
tx23eb648f44094a9e86fdc-00617824f0
x-timestamp
1621260767.43555
accept-ranges
bytes
expires
Sun, 05 Dec 2021 16:22:45 GMT
last-modified
Mon, 17 May 2021 14:12:48 GMT
server
nginx/1.18.0
etag
b512735542cb07b3b2dcf153a7dfe456
vary
Accept-Encoding
access-control-allow-methods
HEAD,GET,POST,PUT,PATCH,DELETE,OPTIONS
content-type
image/png
access-control-allow-origin
*
access-control-expose-headers
X-Container-Meta-Temp-Url-Key,X-Container-Bytes-Used,Last-Modified,X-Timestamp
cache-control
max-age=172800
content-length
3283
access-control-allow-headers
Content-Type,X-Requested-With,X-Auth-Token,X-Openstack-Request-Id,X-Container-Meta-type,X-Container-Meta-Temp-URL-Key,Authorization
x-proxy-cache
HIT
icon8.png
123.selornews.com/dannig/common-player-arrow/img/ 		4 KB
5 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://123.selornews.com/dannig/common-player-arrow/img/icon8.png
Requested by
Host: 517s61.reminews.com
URL: https://517s61.reminews.com/dannig/common-player-arrow/index.html?var=1541502&ymid=211203112272a04b49a291435f88dd97eeb9&rc=1&mrc=0&fsc=0&zoneid=1601571&tburl=https://play-vids.com/?geo=nl&proxy=true
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
45.133.44.4 Philadelphia, United States, ASN39572 (ADVANCEDHOSTERS-AS, NL),
Reverse DNS
Software
nginx/1.18.0 /
Resource Hash

Request headers

Accept-Language
nl-NL,nl;q=0.9
Referer
https://517s61.reminews.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date
Fri, 03 Dec 2021 16:22:45 GMT
x-openstack-request-id
tx287de7c84de84b77b385d-00617824f0
x-trans-id
tx287de7c84de84b77b385d-00617824f0
x-timestamp
1621260767.46514
accept-ranges
bytes
expires
Sun, 05 Dec 2021 16:22:45 GMT
last-modified
Mon, 17 May 2021 14:12:48 GMT
server
nginx/1.18.0
etag
f92d6474ebc6a3a0b576749cfb4afe98
vary
Accept-Encoding
access-control-allow-methods
HEAD,GET,POST,PUT,PATCH,DELETE,OPTIONS
content-type
image/png
access-control-allow-origin
*
access-control-expose-headers
X-Container-Meta-Temp-Url-Key,X-Container-Bytes-Used,Last-Modified,X-Timestamp
cache-control
max-age=172800
content-length
4064
access-control-allow-headers
Content-Type,X-Requested-With,X-Auth-Token,X-Openstack-Request-Id,X-Container-Meta-type,X-Container-Meta-Temp-URL-Key,Authorization
x-proxy-cache
HIT
afu.php
kneeansweras.com/ 		2 KB
1 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://kneeansweras.com/afu.php?zoneid=1541501&var=1541502
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
109.206.162.83 , Netherlands, ASN50245 (SERVEREL-AS, NL),
Reverse DNS
83.162.serverel.net
Software
nginx /
Resource Hash
1feef3d844e6304b58462fa10888842e2b2863b926c039c3ecdf9fd6c4b2b127

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36
Accept-Language
nl-NL,nl;q=0.9

Response headers

server
nginx
date
Fri, 03 Dec 2021 16:22:45 GMT
content-type
text/html; charset=utf-8
vary
Accept-Encoding
content-encoding
gzip
timing-allow-origin
*
submit.min.js
kneeansweras.com/ 		34 KB
14 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://kneeansweras.com/submit.min.js?2.0
Requested by
Host: kneeansweras.com
URL: https://kneeansweras.com/afu.php?zoneid=1541501&var=1541502
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
109.206.162.83 , Netherlands, ASN50245 (SERVEREL-AS, NL),
Reverse DNS
83.162.serverel.net
Software
nginx /
Resource Hash
85a367f436675a0f9ff723ab117c68ab0f704cd9f183bc40c8d5e06d647832b8

Request headers

Accept-Language
nl-NL,nl;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date
Fri, 03 Dec 2021 16:22:45 GMT
content-encoding
gzip
last-modified
Thu, 02 Dec 2021 12:43:17 GMT
server
nginx
etag
W/"61a8bf65-87fb"
vary
Accept-Encoding
content-type
application/javascript
timing-allow-origin
*
/
kneeansweras.com/ 		3 KB
2 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://kneeansweras.com/?r=dir&zoneid=1541501&var=1541502&pb=fdeb0896f6f745991ce0d467973311521638555765&psp=z9hyjXGnqTKkKFAjSL7Yb5zbhdktdpWlbnhB-gkdonKkxaBMP9njW9RRmVjaRv2j3FhSjfb61dpA18QOVWxh0yNsQ1fcxexa8EK_NcEmT84mBxOUI4hU-yJLknPVbqW5Wd4SMsBCcuPHtRNWn3Mkgzdiaurjxqr20rYokHTPcY1MC7txUIwn2z07FoDx6LSbhCwfwq_0rSox7cZ2t00CkDNnQQvws4KHNS_07C2fBD1lNFGCbwPAh660xNKHgkV5S6TngTLaqNxNwcRNmJQrQZyvxgSguyxgJ64vh-92hU9AJLHF5DHUfDp7bHBtpPPVXer2mwGtRe3rfGl8wjQDzAIF_Owf13647aSYqs-6eieHCuaOrcL_4382hC5KIEGcYxZ1SkM2jePQ8tMV0S7HaA3E5rLHUm-iN_yVfcompeWjJWgGqonzJlU_ck5Tut67MlbE6s7PpF-EY8StdnG-AX231idJOVAyvyC3IJR2dmX5KwJJuhEfQkN0KmGaCAv-bIiI710KG-puY9ksIBa1PqUs7iBpZv4K1SXmYxP_ay3dckoiTAkFyXoa3gTAdSVdCTiBFUpvirIMPJ6fixoKXyIF0abVSV69y5HQRPoIaS68VfPoVB4VG_vYfQgbg1eyhsQdKfDdxjjuvm3R-aj-vVzAU6DnxxOjIVon6ot9w9e9GwOPCtWSdw==&nojs=0&ix=0&t=0&x=1600&y=1200&wcks=1&wgl=1&cnvs=1&os=0&md=0&bb=0&pl=Chrome%20PDF%20Plugin::Chrome%20PDF%20Viewer::Native%20Client&lang=en-US&pf=Linux%20x86_64&cd=24&0&pload=104
Requested by
Host: kneeansweras.com
URL: https://kneeansweras.com/submit.min.js?2.0
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
109.206.162.83 , Netherlands, ASN50245 (SERVEREL-AS, NL),
Reverse DNS
83.162.serverel.net
Software
nginx /
Resource Hash
b26f9a02df697b328cfe3535a077b49fc3c7b1c5be51661e2049209ad8828844

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36
Accept-Language
nl-NL,nl;q=0.9

Response headers

server
nginx
date
Fri, 03 Dec 2021 16:22:46 GMT
content-type
text/html; charset=utf-8
vary
Accept-Encoding
content-encoding
gzip
timing-allow-origin
*
index.html
517s61.reminews.com/dannig/common-player-arrow/ 		6 KB
7 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://517s61.reminews.com/dannig/common-player-arrow/index.html?var=1541501&ymid=2112031122d312340dbbe34eba98b91b0719&rc=1&mrc=0&fsc=0&zoneid=1601571&tburl=https://play-vids.com/?geo=nl&proxy=true
Requested by
Host: kneeansweras.com
URL: https://kneeansweras.com/?r=dir&zoneid=1541501&var=1541502&pb=fdeb0896f6f745991ce0d467973311521638555765&psp=z9hyjXGnqTKkKFAjSL7Yb5zbhdktdpWlbnhB-gkdonKkxaBMP9njW9RRmVjaRv2j3FhSjfb61dpA18QOVWxh0yNsQ1fcxexa8EK_NcEmT84mBxOUI4hU-yJLknPVbqW5Wd4SMsBCcuPHtRNWn3Mkgzdiaurjxqr20rYokHTPcY1MC7txUIwn2z07FoDx6LSbhCwfwq_0rSox7cZ2t00CkDNnQQvws4KHNS_07C2fBD1lNFGCbwPAh660xNKHgkV5S6TngTLaqNxNwcRNmJQrQZyvxgSguyxgJ64vh-92hU9AJLHF5DHUfDp7bHBtpPPVXer2mwGtRe3rfGl8wjQDzAIF_Owf13647aSYqs-6eieHCuaOrcL_4382hC5KIEGcYxZ1SkM2jePQ8tMV0S7HaA3E5rLHUm-iN_yVfcompeWjJWgGqonzJlU_ck5Tut67MlbE6s7PpF-EY8StdnG-AX231idJOVAyvyC3IJR2dmX5KwJJuhEfQkN0KmGaCAv-bIiI710KG-puY9ksIBa1PqUs7iBpZv4K1SXmYxP_ay3dckoiTAkFyXoa3gTAdSVdCTiBFUpvirIMPJ6fixoKXyIF0abVSV69y5HQRPoIaS68VfPoVB4VG_vYfQgbg1eyhsQdKfDdxjjuvm3R-aj-vVzAU6DnxxOjIVon6ot9w9e9GwOPCtWSdw==&nojs=0&ix=0&t=0&x=1600&y=1200&wcks=1&wgl=1&cnvs=1&os=0&md=0&bb=0&pl=Chrome%20PDF%20Plugin::Chrome%20PDF%20Viewer::Native%20Client&lang=en-US&pf=Linux%20x86_64&cd=24&0&pload=104
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
45.133.44.3 Philadelphia, United States, ASN39572 (ADVANCEDHOSTERS-AS, NL),
Reverse DNS
Software
nginx/1.18.0 /
Resource Hash
dccc56b4834577790633f041a5c730b0f283352e63c8509a9da3961b170b6f96

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36
Accept-Language
nl-NL,nl;q=0.9

Response headers

date
Fri, 03 Dec 2021 16:22:46 GMT
content-type
text/html; charset=utf-8
content-length
6611
server
nginx/1.18.0
last-modified
Tue, 26 Oct 2021 15:52:40 GMT
etag
f46a63e0e4e733d7ddc6f46da00863bf
x-timestamp
1635263559.76455
x-trans-id
txf9973ab5455e4f86ae257-00617824f3
x-openstack-request-id
txf9973ab5455e4f86ae257-00617824f3
cache-control
max-age=172800
access-control-allow-origin
*
access-control-allow-methods
HEAD,GET,POST,PUT,PATCH,DELETE,OPTIONS
access-control-allow-headers
Content-Type,X-Requested-With,X-Auth-Token,X-Openstack-Request-Id,X-Container-Meta-type,X-Container-Meta-Temp-URL-Key,Authorization
access-control-expose-headers
X-Container-Meta-Temp-Url-Key,X-Container-Bytes-Used,Last-Modified,X-Timestamp
expires
Sun, 05 Dec 2021 16:22:46 GMT
vary
Accept-Encoding
x-proxy-cache
HIT
accept-ranges
bytes
dupa.gif
kneeansweras.com/ 		0
0
script.js
123.selornews.com/dannig/common-player-arrow/ 		4 KB
5 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://123.selornews.com/dannig/common-player-arrow/script.js?a=19
Requested by
Host: 517s61.reminews.com
URL: https://517s61.reminews.com/dannig/common-player-arrow/index.html?var=1541501&ymid=2112031122d312340dbbe34eba98b91b0719&rc=1&mrc=0&fsc=0&zoneid=1601571&tburl=https://play-vids.com/?geo=nl&proxy=true
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
45.133.44.4 Philadelphia, United States, ASN39572 (ADVANCEDHOSTERS-AS, NL),
Reverse DNS
Software
nginx/1.18.0 /
Resource Hash
4d23eca65ee87fd5bce9aaefc863c5f836ad13dbb3069c72533bddfe2054d0d9

Request headers

Accept-Language
nl-NL,nl;q=0.9
Referer
https://517s61.reminews.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date
Fri, 03 Dec 2021 16:22:46 GMT
x-openstack-request-id
tx511d3042704c4fa98c709-00617824f4
x-trans-id
tx511d3042704c4fa98c709-00617824f4
x-timestamp
1631013005.68768
accept-ranges
bytes
expires
Sun, 05 Dec 2021 16:22:46 GMT
last-modified
Tue, 07 Sep 2021 11:10:06 GMT
server
nginx/1.18.0
etag
9d479878f1dadd7ee15cebf73891e8ae
vary
Accept-Encoding
access-control-allow-methods
HEAD,GET,POST,PUT,PATCH,DELETE,OPTIONS
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
access-control-expose-headers
X-Container-Meta-Temp-Url-Key,X-Container-Bytes-Used,Last-Modified,X-Timestamp
cache-control
max-age=172800
content-length
4281
access-control-allow-headers
Content-Type,X-Requested-With,X-Auth-Token,X-Openstack-Request-Id,X-Container-Meta-type,X-Container-Meta-Temp-URL-Key,Authorization
x-proxy-cache
HIT
icon1.png
123.selornews.com/dannig/common-player-arrow/img/ 		7 KB
8 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://123.selornews.com/dannig/common-player-arrow/img/icon1.png
Requested by
Host: 517s61.reminews.com
URL: https://517s61.reminews.com/dannig/common-player-arrow/index.html?var=1541501&ymid=2112031122d312340dbbe34eba98b91b0719&rc=1&mrc=0&fsc=0&zoneid=1601571&tburl=https://play-vids.com/?geo=nl&proxy=true
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
45.133.44.4 Philadelphia, United States, ASN39572 (ADVANCEDHOSTERS-AS, NL),
Reverse DNS
Software
nginx/1.18.0 /
Resource Hash

Request headers

Accept-Language
nl-NL,nl;q=0.9
Referer
https://517s61.reminews.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date
Fri, 03 Dec 2021 16:22:46 GMT
x-openstack-request-id
tx3a371b7f911d47879e956-00617824f4
x-trans-id
tx3a371b7f911d47879e956-00617824f4
x-timestamp
1621260766.56573
accept-ranges
bytes
expires
Sun, 05 Dec 2021 16:22:46 GMT
last-modified
Mon, 17 May 2021 14:12:47 GMT
server
nginx/1.18.0
etag
3d0ab5834c8bf7134e4d21fa3288317f
vary
Accept-Encoding
access-control-allow-methods
HEAD,GET,POST,PUT,PATCH,DELETE,OPTIONS
content-type
image/png
access-control-allow-origin
*
access-control-expose-headers
X-Container-Meta-Temp-Url-Key,X-Container-Bytes-Used,Last-Modified,X-Timestamp
cache-control
max-age=172800
content-length
7252
access-control-allow-headers
Content-Type,X-Requested-With,X-Auth-Token,X-Openstack-Request-Id,X-Container-Meta-type,X-Container-Meta-Temp-URL-Key,Authorization
x-proxy-cache
HIT
icon2.png
123.selornews.com/dannig/common-player-arrow/img/ 		4 KB
5 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://123.selornews.com/dannig/common-player-arrow/img/icon2.png
Requested by
Host: 517s61.reminews.com
URL: https://517s61.reminews.com/dannig/common-player-arrow/index.html?var=1541501&ymid=2112031122d312340dbbe34eba98b91b0719&rc=1&mrc=0&fsc=0&zoneid=1601571&tburl=https://play-vids.com/?geo=nl&proxy=true
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
45.133.44.4 Philadelphia, United States, ASN39572 (ADVANCEDHOSTERS-AS, NL),
Reverse DNS
Software
nginx/1.18.0 /
Resource Hash

Request headers

Accept-Language
nl-NL,nl;q=0.9
Referer
https://517s61.reminews.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date
Fri, 03 Dec 2021 16:22:46 GMT
x-openstack-request-id
txa9b08c83d6884e2e94886-00617824f0
x-trans-id
txa9b08c83d6884e2e94886-00617824f0
x-timestamp
1621260766.58366
accept-ranges
bytes
expires
Sun, 05 Dec 2021 16:22:46 GMT
last-modified
Mon, 17 May 2021 14:12:47 GMT
server
nginx/1.18.0
etag
c947d439eb93367f1af5b2a3d222f057
vary
Accept-Encoding
access-control-allow-methods
HEAD,GET,POST,PUT,PATCH,DELETE,OPTIONS
content-type
image/png
access-control-allow-origin
*
access-control-expose-headers
X-Container-Meta-Temp-Url-Key,X-Container-Bytes-Used,Last-Modified,X-Timestamp
cache-control
max-age=172800
content-length
4576
access-control-allow-headers
Content-Type,X-Requested-With,X-Auth-Token,X-Openstack-Request-Id,X-Container-Meta-type,X-Container-Meta-Temp-URL-Key,Authorization
x-proxy-cache
HIT
icon3.png
123.selornews.com/dannig/common-player-arrow/img/ 		8 KB
8 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://123.selornews.com/dannig/common-player-arrow/img/icon3.png
Requested by
Host: 517s61.reminews.com
URL: https://517s61.reminews.com/dannig/common-player-arrow/index.html?var=1541501&ymid=2112031122d312340dbbe34eba98b91b0719&rc=1&mrc=0&fsc=0&zoneid=1601571&tburl=https://play-vids.com/?geo=nl&proxy=true
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
45.133.44.4 Philadelphia, United States, ASN39572 (ADVANCEDHOSTERS-AS, NL),
Reverse DNS
Software
nginx/1.18.0 /
Resource Hash

Request headers

Accept-Language
nl-NL,nl;q=0.9
Referer
https://517s61.reminews.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date
Fri, 03 Dec 2021 16:22:46 GMT
x-openstack-request-id
txe836bc800dc74cab8c17e-00617824f0
x-trans-id
txe836bc800dc74cab8c17e-00617824f0
x-timestamp
1621260770.61859
accept-ranges
bytes
expires
Sun, 05 Dec 2021 16:22:46 GMT
last-modified
Mon, 17 May 2021 14:12:51 GMT
server
nginx/1.18.0
etag
8f3cc830da0b1fdf66bda7d1d734747b
vary
Accept-Encoding
access-control-allow-methods
HEAD,GET,POST,PUT,PATCH,DELETE,OPTIONS
content-type
image/png
access-control-allow-origin
*
access-control-expose-headers
X-Container-Meta-Temp-Url-Key,X-Container-Bytes-Used,Last-Modified,X-Timestamp
cache-control
max-age=172800
content-length
7847
access-control-allow-headers
Content-Type,X-Requested-With,X-Auth-Token,X-Openstack-Request-Id,X-Container-Meta-type,X-Container-Meta-Temp-URL-Key,Authorization
x-proxy-cache
HIT
icon4.png
123.selornews.com/dannig/common-player-arrow/img/ 		7 KB
7 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://123.selornews.com/dannig/common-player-arrow/img/icon4.png
Requested by
Host: 517s61.reminews.com
URL: https://517s61.reminews.com/dannig/common-player-arrow/index.html?var=1541501&ymid=2112031122d312340dbbe34eba98b91b0719&rc=1&mrc=0&fsc=0&zoneid=1601571&tburl=https://play-vids.com/?geo=nl&proxy=true
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
45.133.44.4 Philadelphia, United States, ASN39572 (ADVANCEDHOSTERS-AS, NL),
Reverse DNS
Software
nginx/1.18.0 /
Resource Hash

Request headers

Accept-Language
nl-NL,nl;q=0.9
Referer
https://517s61.reminews.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date
Fri, 03 Dec 2021 16:22:46 GMT
x-openstack-request-id
tx15b172dcb6084849bf123-00617824f0
x-trans-id
tx15b172dcb6084849bf123-00617824f0
x-timestamp
1621260766.57654
accept-ranges
bytes
expires
Sun, 05 Dec 2021 16:22:46 GMT
last-modified
Mon, 17 May 2021 14:12:47 GMT
server
nginx/1.18.0
etag
7ad7f32c1c0df7b4975cc41bda4ac435
vary
Accept-Encoding
access-control-allow-methods
HEAD,GET,POST,PUT,PATCH,DELETE,OPTIONS
content-type
image/png
access-control-allow-origin
*
access-control-expose-headers
X-Container-Meta-Temp-Url-Key,X-Container-Bytes-Used,Last-Modified,X-Timestamp
cache-control
max-age=172800
content-length
7032
access-control-allow-headers
Content-Type,X-Requested-With,X-Auth-Token,X-Openstack-Request-Id,X-Container-Meta-type,X-Container-Meta-Temp-URL-Key,Authorization
x-proxy-cache
HIT
icon5.png
123.selornews.com/dannig/common-player-arrow/img/ 		3 KB
4 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://123.selornews.com/dannig/common-player-arrow/img/icon5.png
Requested by
Host: 517s61.reminews.com
URL: https://517s61.reminews.com/dannig/common-player-arrow/index.html?var=1541501&ymid=2112031122d312340dbbe34eba98b91b0719&rc=1&mrc=0&fsc=0&zoneid=1601571&tburl=https://play-vids.com/?geo=nl&proxy=true
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
45.133.44.4 Philadelphia, United States, ASN39572 (ADVANCEDHOSTERS-AS, NL),
Reverse DNS
Software
nginx/1.18.0 /
Resource Hash

Request headers

Accept-Language
nl-NL,nl;q=0.9
Referer
https://517s61.reminews.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date
Fri, 03 Dec 2021 16:22:46 GMT
x-openstack-request-id
txb5043e51fe2e4d6988631-00617824f0
x-trans-id
txb5043e51fe2e4d6988631-00617824f0
x-timestamp
1621260766.74516
accept-ranges
bytes
expires
Sun, 05 Dec 2021 16:22:46 GMT
last-modified
Mon, 17 May 2021 14:12:47 GMT
server
nginx/1.18.0
etag
1e1a7582b5da63e10485d63f97abc9a0
vary
Accept-Encoding
access-control-allow-methods
HEAD,GET,POST,PUT,PATCH,DELETE,OPTIONS
content-type
image/png
access-control-allow-origin
*
access-control-expose-headers
X-Container-Meta-Temp-Url-Key,X-Container-Bytes-Used,Last-Modified,X-Timestamp
cache-control
max-age=172800
content-length
3264
access-control-allow-headers
Content-Type,X-Requested-With,X-Auth-Token,X-Openstack-Request-Id,X-Container-Meta-type,X-Container-Meta-Temp-URL-Key,Authorization
x-proxy-cache
HIT
icon7.png
123.selornews.com/dannig/common-player-arrow/img/ 		3 KB
4 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://123.selornews.com/dannig/common-player-arrow/img/icon7.png
Requested by
Host: 517s61.reminews.com
URL: https://517s61.reminews.com/dannig/common-player-arrow/index.html?var=1541501&ymid=2112031122d312340dbbe34eba98b91b0719&rc=1&mrc=0&fsc=0&zoneid=1601571&tburl=https://play-vids.com/?geo=nl&proxy=true
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
45.133.44.4 Philadelphia, United States, ASN39572 (ADVANCEDHOSTERS-AS, NL),
Reverse DNS
Software
nginx/1.18.0 /
Resource Hash

Request headers

Accept-Language
nl-NL,nl;q=0.9
Referer
https://517s61.reminews.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date
Fri, 03 Dec 2021 16:22:46 GMT
x-openstack-request-id
tx23eb648f44094a9e86fdc-00617824f0
x-trans-id
tx23eb648f44094a9e86fdc-00617824f0
x-timestamp
1621260767.43555
accept-ranges
bytes
expires
Sun, 05 Dec 2021 16:22:46 GMT
last-modified
Mon, 17 May 2021 14:12:48 GMT
server
nginx/1.18.0
etag
b512735542cb07b3b2dcf153a7dfe456
vary
Accept-Encoding
access-control-allow-methods
HEAD,GET,POST,PUT,PATCH,DELETE,OPTIONS
content-type
image/png
access-control-allow-origin
*
access-control-expose-headers
X-Container-Meta-Temp-Url-Key,X-Container-Bytes-Used,Last-Modified,X-Timestamp
cache-control
max-age=172800
content-length
3283
access-control-allow-headers
Content-Type,X-Requested-With,X-Auth-Token,X-Openstack-Request-Id,X-Container-Meta-type,X-Container-Meta-Temp-URL-Key,Authorization
x-proxy-cache
HIT
icon8.png
123.selornews.com/dannig/common-player-arrow/img/ 		4 KB
5 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://123.selornews.com/dannig/common-player-arrow/img/icon8.png
Requested by
Host: 517s61.reminews.com
URL: https://517s61.reminews.com/dannig/common-player-arrow/index.html?var=1541501&ymid=2112031122d312340dbbe34eba98b91b0719&rc=1&mrc=0&fsc=0&zoneid=1601571&tburl=https://play-vids.com/?geo=nl&proxy=true
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
45.133.44.4 Philadelphia, United States, ASN39572 (ADVANCEDHOSTERS-AS, NL),
Reverse DNS
Software
nginx/1.18.0 /
Resource Hash

Request headers

Accept-Language
nl-NL,nl;q=0.9
Referer
https://517s61.reminews.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date
Fri, 03 Dec 2021 16:22:46 GMT
x-openstack-request-id
tx287de7c84de84b77b385d-00617824f0
x-trans-id
tx287de7c84de84b77b385d-00617824f0
x-timestamp
1621260767.46514
accept-ranges
bytes
expires
Sun, 05 Dec 2021 16:22:46 GMT
last-modified
Mon, 17 May 2021 14:12:48 GMT
server
nginx/1.18.0
etag
f92d6474ebc6a3a0b576749cfb4afe98
vary
Accept-Encoding
access-control-allow-methods
HEAD,GET,POST,PUT,PATCH,DELETE,OPTIONS
content-type
image/png
access-control-allow-origin
*
access-control-expose-headers
X-Container-Meta-Temp-Url-Key,X-Container-Bytes-Used,Last-Modified,X-Timestamp
cache-control
max-age=172800
content-length
4064
access-control-allow-headers
Content-Type,X-Requested-With,X-Auth-Token,X-Openstack-Request-Id,X-Container-Meta-type,X-Container-Meta-Temp-URL-Key,Authorization
x-proxy-cache
HIT
afu.php
kneeansweras.com/ 		2 KB
1 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://kneeansweras.com/afu.php?zoneid=1541502&var=1541501
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
109.206.162.83 , Netherlands, ASN50245 (SERVEREL-AS, NL),
Reverse DNS
83.162.serverel.net
Software
nginx /
Resource Hash
a979cb27d7e3434906e61947bd543718e7da03f24df8b469d56808a8570b4a1b

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36
Accept-Language
nl-NL,nl;q=0.9

Response headers

server
nginx
date
Fri, 03 Dec 2021 16:22:46 GMT
content-type
text/html; charset=utf-8
vary
Accept-Encoding
content-encoding
gzip
timing-allow-origin
*
submit.min.js
kneeansweras.com/ 		34 KB
14 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://kneeansweras.com/submit.min.js?2.0
Requested by
Host: kneeansweras.com
URL: https://kneeansweras.com/afu.php?zoneid=1541502&var=1541501
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
109.206.162.83 , Netherlands, ASN50245 (SERVEREL-AS, NL),
Reverse DNS
83.162.serverel.net
Software
nginx /
Resource Hash
85a367f436675a0f9ff723ab117c68ab0f704cd9f183bc40c8d5e06d647832b8

Request headers

Accept-Language
nl-NL,nl;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date
Fri, 03 Dec 2021 16:22:46 GMT
content-encoding
gzip
last-modified
Thu, 02 Dec 2021 12:43:17 GMT
server
nginx
etag
W/"61a8bf65-87fb"
vary
Accept-Encoding
content-type
application/javascript
timing-allow-origin
*
/
kneeansweras.com/ 		3 KB
2 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://kneeansweras.com/?r=dir&zoneid=1541502&var=1541501&pb=4b3ab314b204a90189f2334c11f203081638555766&psp=7krTY-8DEXaGZmmO2FnunrWhBQ3p388Ekgj82KJvl0NvI3G2aOWUjUg1Ns_1TYtI2dXP04fYoD-Fca_LcVr9WQlunW_QkDS9Sr9XJ2t7rgVlILH5Qq7-9WB0jCf7Ui4vkBqb0YKpMO1uXBlQPOB8XbJRT3vYJpdnuff-jOYdv00iWqpBJ0Rlf2OblF6LxvUGaFqQwwmd92qTA_ns_kbtlYfD-GMULsDL-taHGDO93CLUFvQ1g78Mh4GXudWreZ6K2CeGllUv8nvTY4dzV22REETSg4ENAjL006OGXK4EQFjwjyohSTiVkhxBNKVjb6B1Z-Ffbx1k5LMDJ2jaOl9LLdX_n43sLhtA1fp_YX69BcYz4iklmVDTdubz4fgcM3nkrdRpY01saSCDlymqvUmadzMrJn1N3E2auyXBfJp8DYhRq2dgjcHYdkvuFsJbfy_9VFA6PFI3VduWH2Qhc7UPWIOoNmoPvEumq90tJCcKVcIsqQKoY9g_J4cEg7worW60Cv4_YSONvhhPGRql3ijl8xwTDxo60XvlT9lcKDsA9Hm1ZGzOs2-vlX15kD4eK4pp1350-X0MS5DzTMYZ5kTo8JM2Esd3z_yIUhpCxfRaWV4u9p-ypn7-9xNcjPFQSzznM86WGNfy5WiuJw7Pt7Zr4TQct1G7isiES4qdMUF7lyC2D56t4q7g_g==&nojs=0&ix=0&t=0&x=1600&y=1200&wcks=1&wgl=1&cnvs=1&os=0&md=0&bb=0&pl=Chrome%20PDF%20Plugin::Chrome%20PDF%20Viewer::Native%20Client&lang=en-US&pf=Linux%20x86_64&cd=24&0&pload=102
Requested by
Host: kneeansweras.com
URL: https://kneeansweras.com/submit.min.js?2.0
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
109.206.162.83 , Netherlands, ASN50245 (SERVEREL-AS, NL),
Reverse DNS
83.162.serverel.net
Software
nginx /
Resource Hash
23b1e96ecaa4f6a1b1f389b412720e27bfc93602189a5e0f9aa311875155f0b2

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36
Accept-Language
nl-NL,nl;q=0.9

Response headers

server
nginx
date
Fri, 03 Dec 2021 16:22:46 GMT
content-type
text/html; charset=utf-8
vary
Accept-Encoding
content-encoding
gzip
timing-allow-origin
*
index.html
517s61.reminews.com/dannig/common-player-arrow/ 		6 KB
7 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://517s61.reminews.com/dannig/common-player-arrow/index.html?var=1541502&ymid=21120311228dde5d782d504634b2470a0a1c&rc=1&mrc=0&fsc=0&zoneid=1601571&tburl=https://play-vids.com/?geo=nl&proxy=true
Requested by
Host: kneeansweras.com
URL: https://kneeansweras.com/?r=dir&zoneid=1541502&var=1541501&pb=4b3ab314b204a90189f2334c11f203081638555766&psp=7krTY-8DEXaGZmmO2FnunrWhBQ3p388Ekgj82KJvl0NvI3G2aOWUjUg1Ns_1TYtI2dXP04fYoD-Fca_LcVr9WQlunW_QkDS9Sr9XJ2t7rgVlILH5Qq7-9WB0jCf7Ui4vkBqb0YKpMO1uXBlQPOB8XbJRT3vYJpdnuff-jOYdv00iWqpBJ0Rlf2OblF6LxvUGaFqQwwmd92qTA_ns_kbtlYfD-GMULsDL-taHGDO93CLUFvQ1g78Mh4GXudWreZ6K2CeGllUv8nvTY4dzV22REETSg4ENAjL006OGXK4EQFjwjyohSTiVkhxBNKVjb6B1Z-Ffbx1k5LMDJ2jaOl9LLdX_n43sLhtA1fp_YX69BcYz4iklmVDTdubz4fgcM3nkrdRpY01saSCDlymqvUmadzMrJn1N3E2auyXBfJp8DYhRq2dgjcHYdkvuFsJbfy_9VFA6PFI3VduWH2Qhc7UPWIOoNmoPvEumq90tJCcKVcIsqQKoY9g_J4cEg7worW60Cv4_YSONvhhPGRql3ijl8xwTDxo60XvlT9lcKDsA9Hm1ZGzOs2-vlX15kD4eK4pp1350-X0MS5DzTMYZ5kTo8JM2Esd3z_yIUhpCxfRaWV4u9p-ypn7-9xNcjPFQSzznM86WGNfy5WiuJw7Pt7Zr4TQct1G7isiES4qdMUF7lyC2D56t4q7g_g==&nojs=0&ix=0&t=0&x=1600&y=1200&wcks=1&wgl=1&cnvs=1&os=0&md=0&bb=0&pl=Chrome%20PDF%20Plugin::Chrome%20PDF%20Viewer::Native%20Client&lang=en-US&pf=Linux%20x86_64&cd=24&0&pload=102
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
45.133.44.3 Philadelphia, United States, ASN39572 (ADVANCEDHOSTERS-AS, NL),
Reverse DNS
Software
nginx/1.18.0 /
Resource Hash
dccc56b4834577790633f041a5c730b0f283352e63c8509a9da3961b170b6f96

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36
Accept-Language
nl-NL,nl;q=0.9

Response headers

date
Fri, 03 Dec 2021 16:22:46 GMT
content-type
text/html; charset=utf-8
content-length
6611
server
nginx/1.18.0
last-modified
Tue, 26 Oct 2021 15:52:40 GMT
etag
f46a63e0e4e733d7ddc6f46da00863bf
x-timestamp
1635263559.76455
x-trans-id
txf9973ab5455e4f86ae257-00617824f3
x-openstack-request-id
txf9973ab5455e4f86ae257-00617824f3
cache-control
max-age=172800
access-control-allow-origin
*
access-control-allow-methods
HEAD,GET,POST,PUT,PATCH,DELETE,OPTIONS
access-control-allow-headers
Content-Type,X-Requested-With,X-Auth-Token,X-Openstack-Request-Id,X-Container-Meta-type,X-Container-Meta-Temp-URL-Key,Authorization
access-control-expose-headers
X-Container-Meta-Temp-Url-Key,X-Container-Bytes-Used,Last-Modified,X-Timestamp
expires
Sun, 05 Dec 2021 16:22:46 GMT
vary
Accept-Encoding
x-proxy-cache
HIT
accept-ranges
bytes
dupa.gif
kneeansweras.com/ 		0
0
script.js
123.selornews.com/dannig/common-player-arrow/ 		4 KB
5 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://123.selornews.com/dannig/common-player-arrow/script.js?a=19
Requested by
Host: 517s61.reminews.com
URL: https://517s61.reminews.com/dannig/common-player-arrow/index.html?var=1541502&ymid=21120311228dde5d782d504634b2470a0a1c&rc=1&mrc=0&fsc=0&zoneid=1601571&tburl=https://play-vids.com/?geo=nl&proxy=true
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
45.133.44.4 Philadelphia, United States, ASN39572 (ADVANCEDHOSTERS-AS, NL),
Reverse DNS
Software
nginx/1.18.0 /
Resource Hash
4d23eca65ee87fd5bce9aaefc863c5f836ad13dbb3069c72533bddfe2054d0d9

Request headers

Accept-Language
nl-NL,nl;q=0.9
Referer
https://517s61.reminews.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date
Fri, 03 Dec 2021 16:22:46 GMT
x-openstack-request-id
tx511d3042704c4fa98c709-00617824f4
x-trans-id
tx511d3042704c4fa98c709-00617824f4
x-timestamp
1631013005.68768
accept-ranges
bytes
expires
Sun, 05 Dec 2021 16:22:46 GMT
last-modified
Tue, 07 Sep 2021 11:10:06 GMT
server
nginx/1.18.0
etag
9d479878f1dadd7ee15cebf73891e8ae
vary
Accept-Encoding
access-control-allow-methods
HEAD,GET,POST,PUT,PATCH,DELETE,OPTIONS
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
access-control-expose-headers
X-Container-Meta-Temp-Url-Key,X-Container-Bytes-Used,Last-Modified,X-Timestamp
cache-control
max-age=172800
content-length
4281
access-control-allow-headers
Content-Type,X-Requested-With,X-Auth-Token,X-Openstack-Request-Id,X-Container-Meta-type,X-Container-Meta-Temp-URL-Key,Authorization
x-proxy-cache
HIT
icon1.png
123.selornews.com/dannig/common-player-arrow/img/ 		7 KB
8 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://123.selornews.com/dannig/common-player-arrow/img/icon1.png
Requested by
Host: 517s61.reminews.com
URL: https://517s61.reminews.com/dannig/common-player-arrow/index.html?var=1541502&ymid=21120311228dde5d782d504634b2470a0a1c&rc=1&mrc=0&fsc=0&zoneid=1601571&tburl=https://play-vids.com/?geo=nl&proxy=true
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
45.133.44.4 Philadelphia, United States, ASN39572 (ADVANCEDHOSTERS-AS, NL),
Reverse DNS
Software
nginx/1.18.0 /
Resource Hash

Request headers

Accept-Language
nl-NL,nl;q=0.9
Referer
https://517s61.reminews.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date
Fri, 03 Dec 2021 16:22:46 GMT
x-openstack-request-id
tx3a371b7f911d47879e956-00617824f4
x-trans-id
tx3a371b7f911d47879e956-00617824f4
x-timestamp
1621260766.56573
accept-ranges
bytes
expires
Sun, 05 Dec 2021 16:22:46 GMT
last-modified
Mon, 17 May 2021 14:12:47 GMT
server
nginx/1.18.0
etag
3d0ab5834c8bf7134e4d21fa3288317f
vary
Accept-Encoding
access-control-allow-methods
HEAD,GET,POST,PUT,PATCH,DELETE,OPTIONS
content-type
image/png
access-control-allow-origin
*
access-control-expose-headers
X-Container-Meta-Temp-Url-Key,X-Container-Bytes-Used,Last-Modified,X-Timestamp
cache-control
max-age=172800
content-length
7252
access-control-allow-headers
Content-Type,X-Requested-With,X-Auth-Token,X-Openstack-Request-Id,X-Container-Meta-type,X-Container-Meta-Temp-URL-Key,Authorization
x-proxy-cache
HIT
icon2.png
123.selornews.com/dannig/common-player-arrow/img/ 		4 KB
5 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://123.selornews.com/dannig/common-player-arrow/img/icon2.png
Requested by
Host: 517s61.reminews.com
URL: https://517s61.reminews.com/dannig/common-player-arrow/index.html?var=1541502&ymid=21120311228dde5d782d504634b2470a0a1c&rc=1&mrc=0&fsc=0&zoneid=1601571&tburl=https://play-vids.com/?geo=nl&proxy=true
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
45.133.44.4 Philadelphia, United States, ASN39572 (ADVANCEDHOSTERS-AS, NL),
Reverse DNS
Software
nginx/1.18.0 /
Resource Hash

Request headers

Accept-Language
nl-NL,nl;q=0.9
Referer
https://517s61.reminews.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date
Fri, 03 Dec 2021 16:22:46 GMT
x-openstack-request-id
txa9b08c83d6884e2e94886-00617824f0
x-trans-id
txa9b08c83d6884e2e94886-00617824f0
x-timestamp
1621260766.58366
accept-ranges
bytes
expires
Sun, 05 Dec 2021 16:22:46 GMT
last-modified
Mon, 17 May 2021 14:12:47 GMT
server
nginx/1.18.0
etag
c947d439eb93367f1af5b2a3d222f057
vary
Accept-Encoding
access-control-allow-methods
HEAD,GET,POST,PUT,PATCH,DELETE,OPTIONS
content-type
image/png
access-control-allow-origin
*
access-control-expose-headers
X-Container-Meta-Temp-Url-Key,X-Container-Bytes-Used,Last-Modified,X-Timestamp
cache-control
max-age=172800
content-length
4576
access-control-allow-headers
Content-Type,X-Requested-With,X-Auth-Token,X-Openstack-Request-Id,X-Container-Meta-type,X-Container-Meta-Temp-URL-Key,Authorization
x-proxy-cache
HIT
icon3.png
123.selornews.com/dannig/common-player-arrow/img/ 		8 KB
8 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://123.selornews.com/dannig/common-player-arrow/img/icon3.png
Requested by
Host: 517s61.reminews.com
URL: https://517s61.reminews.com/dannig/common-player-arrow/index.html?var=1541502&ymid=21120311228dde5d782d504634b2470a0a1c&rc=1&mrc=0&fsc=0&zoneid=1601571&tburl=https://play-vids.com/?geo=nl&proxy=true
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
45.133.44.4 Philadelphia, United States, ASN39572 (ADVANCEDHOSTERS-AS, NL),
Reverse DNS
Software
nginx/1.18.0 /
Resource Hash

Request headers

Accept-Language
nl-NL,nl;q=0.9
Referer
https://517s61.reminews.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date
Fri, 03 Dec 2021 16:22:46 GMT
x-openstack-request-id
txe836bc800dc74cab8c17e-00617824f0
x-trans-id
txe836bc800dc74cab8c17e-00617824f0
x-timestamp
1621260770.61859
accept-ranges
bytes
expires
Sun, 05 Dec 2021 16:22:46 GMT
last-modified
Mon, 17 May 2021 14:12:51 GMT
server
nginx/1.18.0
etag
8f3cc830da0b1fdf66bda7d1d734747b
vary
Accept-Encoding
access-control-allow-methods
HEAD,GET,POST,PUT,PATCH,DELETE,OPTIONS
content-type
image/png
access-control-allow-origin
*
access-control-expose-headers
X-Container-Meta-Temp-Url-Key,X-Container-Bytes-Used,Last-Modified,X-Timestamp
cache-control
max-age=172800
content-length
7847
access-control-allow-headers
Content-Type,X-Requested-With,X-Auth-Token,X-Openstack-Request-Id,X-Container-Meta-type,X-Container-Meta-Temp-URL-Key,Authorization
x-proxy-cache
HIT
icon4.png
123.selornews.com/dannig/common-player-arrow/img/ 		7 KB
7 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://123.selornews.com/dannig/common-player-arrow/img/icon4.png
Requested by
Host: 517s61.reminews.com
URL: https://517s61.reminews.com/dannig/common-player-arrow/index.html?var=1541502&ymid=21120311228dde5d782d504634b2470a0a1c&rc=1&mrc=0&fsc=0&zoneid=1601571&tburl=https://play-vids.com/?geo=nl&proxy=true
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
45.133.44.4 Philadelphia, United States, ASN39572 (ADVANCEDHOSTERS-AS, NL),
Reverse DNS
Software
nginx/1.18.0 /
Resource Hash

Request headers

Accept-Language
nl-NL,nl;q=0.9
Referer
https://517s61.reminews.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date
Fri, 03 Dec 2021 16:22:46 GMT
x-openstack-request-id
tx15b172dcb6084849bf123-00617824f0
x-trans-id
tx15b172dcb6084849bf123-00617824f0
x-timestamp
1621260766.57654
accept-ranges
bytes
expires
Sun, 05 Dec 2021 16:22:46 GMT
last-modified
Mon, 17 May 2021 14:12:47 GMT
server
nginx/1.18.0
etag
7ad7f32c1c0df7b4975cc41bda4ac435
vary
Accept-Encoding
access-control-allow-methods
HEAD,GET,POST,PUT,PATCH,DELETE,OPTIONS
content-type
image/png
access-control-allow-origin
*
access-control-expose-headers
X-Container-Meta-Temp-Url-Key,X-Container-Bytes-Used,Last-Modified,X-Timestamp
cache-control
max-age=172800
content-length
7032
access-control-allow-headers
Content-Type,X-Requested-With,X-Auth-Token,X-Openstack-Request-Id,X-Container-Meta-type,X-Container-Meta-Temp-URL-Key,Authorization
x-proxy-cache
HIT
icon5.png
123.selornews.com/dannig/common-player-arrow/img/ 		3 KB
4 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://123.selornews.com/dannig/common-player-arrow/img/icon5.png
Requested by
Host: 517s61.reminews.com
URL: https://517s61.reminews.com/dannig/common-player-arrow/index.html?var=1541502&ymid=21120311228dde5d782d504634b2470a0a1c&rc=1&mrc=0&fsc=0&zoneid=1601571&tburl=https://play-vids.com/?geo=nl&proxy=true
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
45.133.44.4 Philadelphia, United States, ASN39572 (ADVANCEDHOSTERS-AS, NL),
Reverse DNS
Software
nginx/1.18.0 /
Resource Hash

Request headers

Accept-Language
nl-NL,nl;q=0.9
Referer
https://517s61.reminews.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date
Fri, 03 Dec 2021 16:22:46 GMT
x-openstack-request-id
txb5043e51fe2e4d6988631-00617824f0
x-trans-id
txb5043e51fe2e4d6988631-00617824f0
x-timestamp
1621260766.74516
accept-ranges
bytes
expires
Sun, 05 Dec 2021 16:22:46 GMT
last-modified
Mon, 17 May 2021 14:12:47 GMT
server
nginx/1.18.0
etag
1e1a7582b5da63e10485d63f97abc9a0
vary
Accept-Encoding
access-control-allow-methods
HEAD,GET,POST,PUT,PATCH,DELETE,OPTIONS
content-type
image/png
access-control-allow-origin
*
access-control-expose-headers
X-Container-Meta-Temp-Url-Key,X-Container-Bytes-Used,Last-Modified,X-Timestamp
cache-control
max-age=172800
content-length
3264
access-control-allow-headers
Content-Type,X-Requested-With,X-Auth-Token,X-Openstack-Request-Id,X-Container-Meta-type,X-Container-Meta-Temp-URL-Key,Authorization
x-proxy-cache
HIT
icon7.png
123.selornews.com/dannig/common-player-arrow/img/ 		3 KB
4 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://123.selornews.com/dannig/common-player-arrow/img/icon7.png
Requested by
Host: 517s61.reminews.com
URL: https://517s61.reminews.com/dannig/common-player-arrow/index.html?var=1541502&ymid=21120311228dde5d782d504634b2470a0a1c&rc=1&mrc=0&fsc=0&zoneid=1601571&tburl=https://play-vids.com/?geo=nl&proxy=true
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
45.133.44.4 Philadelphia, United States, ASN39572 (ADVANCEDHOSTERS-AS, NL),
Reverse DNS
Software
nginx/1.18.0 /
Resource Hash

Request headers

Accept-Language
nl-NL,nl;q=0.9
Referer
https://517s61.reminews.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date
Fri, 03 Dec 2021 16:22:46 GMT
x-openstack-request-id
tx23eb648f44094a9e86fdc-00617824f0
x-trans-id
tx23eb648f44094a9e86fdc-00617824f0
x-timestamp
1621260767.43555
accept-ranges
bytes
expires
Sun, 05 Dec 2021 16:22:46 GMT
last-modified
Mon, 17 May 2021 14:12:48 GMT
server
nginx/1.18.0
etag
b512735542cb07b3b2dcf153a7dfe456
vary
Accept-Encoding
access-control-allow-methods
HEAD,GET,POST,PUT,PATCH,DELETE,OPTIONS
content-type
image/png
access-control-allow-origin
*
access-control-expose-headers
X-Container-Meta-Temp-Url-Key,X-Container-Bytes-Used,Last-Modified,X-Timestamp
cache-control
max-age=172800
content-length
3283
access-control-allow-headers
Content-Type,X-Requested-With,X-Auth-Token,X-Openstack-Request-Id,X-Container-Meta-type,X-Container-Meta-Temp-URL-Key,Authorization
x-proxy-cache
HIT
icon8.png
123.selornews.com/dannig/common-player-arrow/img/ 		4 KB
5 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://123.selornews.com/dannig/common-player-arrow/img/icon8.png
Requested by
Host: 517s61.reminews.com
URL: https://517s61.reminews.com/dannig/common-player-arrow/index.html?var=1541502&ymid=21120311228dde5d782d504634b2470a0a1c&rc=1&mrc=0&fsc=0&zoneid=1601571&tburl=https://play-vids.com/?geo=nl&proxy=true
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
45.133.44.4 Philadelphia, United States, ASN39572 (ADVANCEDHOSTERS-AS, NL),
Reverse DNS
Software
nginx/1.18.0 /
Resource Hash

Request headers

Accept-Language
nl-NL,nl;q=0.9
Referer
https://517s61.reminews.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date
Fri, 03 Dec 2021 16:22:46 GMT
x-openstack-request-id
tx287de7c84de84b77b385d-00617824f0
x-trans-id
tx287de7c84de84b77b385d-00617824f0
x-timestamp
1621260767.46514
accept-ranges
bytes
expires
Sun, 05 Dec 2021 16:22:46 GMT
last-modified
Mon, 17 May 2021 14:12:48 GMT
server
nginx/1.18.0
etag
f92d6474ebc6a3a0b576749cfb4afe98
vary
Accept-Encoding
access-control-allow-methods
HEAD,GET,POST,PUT,PATCH,DELETE,OPTIONS
content-type
image/png
access-control-allow-origin
*
access-control-expose-headers
X-Container-Meta-Temp-Url-Key,X-Container-Bytes-Used,Last-Modified,X-Timestamp
cache-control
max-age=172800
content-length
4064
access-control-allow-headers
Content-Type,X-Requested-With,X-Auth-Token,X-Openstack-Request-Id,X-Container-Meta-type,X-Container-Meta-Temp-URL-Key,Authorization
x-proxy-cache
HIT
afu.php
kneeansweras.com/ 		2 KB
1 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://kneeansweras.com/afu.php?zoneid=1541501&var=1541502
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
109.206.162.83 , Netherlands, ASN50245 (SERVEREL-AS, NL),
Reverse DNS
83.162.serverel.net
Software
nginx /
Resource Hash
5b6f72885150bd99fdd9c7685e5f44109a6e7a868109e696a99ea863cfedaea8

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36
Accept-Language
nl-NL,nl;q=0.9

Response headers

server
nginx
date
Fri, 03 Dec 2021 16:22:46 GMT
content-type
text/html; charset=utf-8
vary
Accept-Encoding
content-encoding
gzip
timing-allow-origin
*
submit.min.js
kneeansweras.com/ 		34 KB
14 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://kneeansweras.com/submit.min.js?2.0
Requested by
Host: kneeansweras.com
URL: https://kneeansweras.com/afu.php?zoneid=1541501&var=1541502
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
109.206.162.83 , Netherlands, ASN50245 (SERVEREL-AS, NL),
Reverse DNS
83.162.serverel.net
Software
nginx /
Resource Hash
85a367f436675a0f9ff723ab117c68ab0f704cd9f183bc40c8d5e06d647832b8

Request headers

Accept-Language
nl-NL,nl;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date
Fri, 03 Dec 2021 16:22:46 GMT
content-encoding
gzip
last-modified
Thu, 02 Dec 2021 12:43:17 GMT
server
nginx
etag
W/"61a8bf65-87fb"
vary
Accept-Encoding
content-type
application/javascript
timing-allow-origin
*
/
kneeansweras.com/ 		3 KB
2 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://kneeansweras.com/?r=dir&zoneid=1541501&var=1541502&pb=4b3ab314b204a90189f2334c11f203081638555766&psp=IN7pd8aOc0wakdnrHX8gvet7OJkwkuKn3tKHFq2Mk6giScwkLVSkn49j6uex0ha0QQb7ZVV21B1hH2Vegm3-B8C6Tj_llDqvbdValTRLwLy1nulQbQjLoID3tEK4cN5rT9EQEWLv75K32duoYK22jebLbCm7h3VEaHl18YX4qoPstyyDn0OeoOvzdLQcB8f1tfK3hZIV8oAvbtmAGQwB5hHG2N2LQMOIewMkoLKlXHPNVA_7V1t2rDcLOwbrlUBe-b9zXwNq7uro5qfgLYCFqPGzVEB7S4QNFqXjPYwxRLvaPPaoFEtJlnR-QnuFvcBU3jbzpwdifw1iCuPWwMWKodJyWm6_RtFJqlPFvaVyfmQ7s2JyfxVt1j4H-5oHyl8GizB0IUFqQUWrIkdssnU_K0ebL4b5tibDdEmBwNRyt5vwcuPqJKYoR3I2Hq-7XPBlF4O4vaI5ujtthxAdkcYKi4o1YqDnyvTVDCE4x3mjqd84bVvBa2-AFQmYhy-tWWbEyMcnv5cHgjFmt7rIxe8k9s-SpQb_10IDtJ4W7cjAGy6KJxUe_VPgbdNkpql5KCPoRtAlzZzcLdJ8evMB4PIRsNmoLfAgJztvTx39AhsPGXSHKetEeBkx8hWUYIXcmkAUOCPZyHFWh-OuHwc_bsKSDoFmW4srdzqEPuQtYAnKoMYvJf8VUEx83w==&nojs=0&ix=0&t=0&x=1600&y=1200&wcks=1&wgl=1&cnvs=1&os=0&md=0&bb=0&pl=Chrome%20PDF%20Plugin::Chrome%20PDF%20Viewer::Native%20Client&lang=en-US&pf=Linux%20x86_64&cd=24&0&pload=103
Requested by
Host: kneeansweras.com
URL: https://kneeansweras.com/submit.min.js?2.0
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
109.206.162.83 , Netherlands, ASN50245 (SERVEREL-AS, NL),
Reverse DNS
83.162.serverel.net
Software
nginx /
Resource Hash
557a927b87b9f0554524d74350c53258a15c56a75a9cb4dfe0c3a2a9cd7b6d5a

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36
Accept-Language
nl-NL,nl;q=0.9

Response headers

server
nginx
date
Fri, 03 Dec 2021 16:22:46 GMT
content-type
text/html; charset=utf-8
vary
Accept-Encoding
content-encoding
gzip
timing-allow-origin
*
index.html
517s61.reminews.com/dannig/common-player-arrow/ 		6 KB
7 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://517s61.reminews.com/dannig/common-player-arrow/index.html?var=1541501&ymid=2112031122274fcafbaa56428185f2458a1a&rc=1&mrc=0&fsc=0&zoneid=1601571&tburl=https://play-vids.com/?geo=nl&proxy=true
Requested by
Host: kneeansweras.com
URL: https://kneeansweras.com/?r=dir&zoneid=1541501&var=1541502&pb=4b3ab314b204a90189f2334c11f203081638555766&psp=IN7pd8aOc0wakdnrHX8gvet7OJkwkuKn3tKHFq2Mk6giScwkLVSkn49j6uex0ha0QQb7ZVV21B1hH2Vegm3-B8C6Tj_llDqvbdValTRLwLy1nulQbQjLoID3tEK4cN5rT9EQEWLv75K32duoYK22jebLbCm7h3VEaHl18YX4qoPstyyDn0OeoOvzdLQcB8f1tfK3hZIV8oAvbtmAGQwB5hHG2N2LQMOIewMkoLKlXHPNVA_7V1t2rDcLOwbrlUBe-b9zXwNq7uro5qfgLYCFqPGzVEB7S4QNFqXjPYwxRLvaPPaoFEtJlnR-QnuFvcBU3jbzpwdifw1iCuPWwMWKodJyWm6_RtFJqlPFvaVyfmQ7s2JyfxVt1j4H-5oHyl8GizB0IUFqQUWrIkdssnU_K0ebL4b5tibDdEmBwNRyt5vwcuPqJKYoR3I2Hq-7XPBlF4O4vaI5ujtthxAdkcYKi4o1YqDnyvTVDCE4x3mjqd84bVvBa2-AFQmYhy-tWWbEyMcnv5cHgjFmt7rIxe8k9s-SpQb_10IDtJ4W7cjAGy6KJxUe_VPgbdNkpql5KCPoRtAlzZzcLdJ8evMB4PIRsNmoLfAgJztvTx39AhsPGXSHKetEeBkx8hWUYIXcmkAUOCPZyHFWh-OuHwc_bsKSDoFmW4srdzqEPuQtYAnKoMYvJf8VUEx83w==&nojs=0&ix=0&t=0&x=1600&y=1200&wcks=1&wgl=1&cnvs=1&os=0&md=0&bb=0&pl=Chrome%20PDF%20Plugin::Chrome%20PDF%20Viewer::Native%20Client&lang=en-US&pf=Linux%20x86_64&cd=24&0&pload=103
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
45.133.44.3 Philadelphia, United States, ASN39572 (ADVANCEDHOSTERS-AS, NL),
Reverse DNS
Software
nginx/1.18.0 /
Resource Hash
dccc56b4834577790633f041a5c730b0f283352e63c8509a9da3961b170b6f96

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36
Accept-Language
nl-NL,nl;q=0.9

Response headers

date
Fri, 03 Dec 2021 16:22:46 GMT
content-type
text/html; charset=utf-8
content-length
6611
server
nginx/1.18.0
last-modified
Tue, 26 Oct 2021 15:52:40 GMT
etag
f46a63e0e4e733d7ddc6f46da00863bf
x-timestamp
1635263559.76455
x-trans-id
txf9973ab5455e4f86ae257-00617824f3
x-openstack-request-id
txf9973ab5455e4f86ae257-00617824f3
cache-control
max-age=172800
access-control-allow-origin
*
access-control-allow-methods
HEAD,GET,POST,PUT,PATCH,DELETE,OPTIONS
access-control-allow-headers
Content-Type,X-Requested-With,X-Auth-Token,X-Openstack-Request-Id,X-Container-Meta-type,X-Container-Meta-Temp-URL-Key,Authorization
access-control-expose-headers
X-Container-Meta-Temp-Url-Key,X-Container-Bytes-Used,Last-Modified,X-Timestamp
expires
Sun, 05 Dec 2021 16:22:46 GMT
vary
Accept-Encoding
x-proxy-cache
HIT
accept-ranges
bytes
dupa.gif
kneeansweras.com/ 		0
0
script.js
123.selornews.com/dannig/common-player-arrow/ 		4 KB
5 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://123.selornews.com/dannig/common-player-arrow/script.js?a=19
Requested by
Host: 517s61.reminews.com
URL: https://517s61.reminews.com/dannig/common-player-arrow/index.html?var=1541501&ymid=2112031122274fcafbaa56428185f2458a1a&rc=1&mrc=0&fsc=0&zoneid=1601571&tburl=https://play-vids.com/?geo=nl&proxy=true
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
45.133.44.4 Philadelphia, United States, ASN39572 (ADVANCEDHOSTERS-AS, NL),
Reverse DNS
Software
nginx/1.18.0 /
Resource Hash
4d23eca65ee87fd5bce9aaefc863c5f836ad13dbb3069c72533bddfe2054d0d9

Request headers

Accept-Language
nl-NL,nl;q=0.9
Referer
https://517s61.reminews.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date
Fri, 03 Dec 2021 16:22:46 GMT
x-openstack-request-id
tx511d3042704c4fa98c709-00617824f4
x-trans-id
tx511d3042704c4fa98c709-00617824f4
x-timestamp
1631013005.68768
accept-ranges
bytes
expires
Sun, 05 Dec 2021 16:22:46 GMT
last-modified
Tue, 07 Sep 2021 11:10:06 GMT
server
nginx/1.18.0
etag
9d479878f1dadd7ee15cebf73891e8ae
vary
Accept-Encoding
access-control-allow-methods
HEAD,GET,POST,PUT,PATCH,DELETE,OPTIONS
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
access-control-expose-headers
X-Container-Meta-Temp-Url-Key,X-Container-Bytes-Used,Last-Modified,X-Timestamp
cache-control
max-age=172800
content-length
4281
access-control-allow-headers
Content-Type,X-Requested-With,X-Auth-Token,X-Openstack-Request-Id,X-Container-Meta-type,X-Container-Meta-Temp-URL-Key,Authorization
x-proxy-cache
HIT
icon1.png
123.selornews.com/dannig/common-player-arrow/img/ 		7 KB
8 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://123.selornews.com/dannig/common-player-arrow/img/icon1.png
Requested by
Host: 517s61.reminews.com
URL: https://517s61.reminews.com/dannig/common-player-arrow/index.html?var=1541501&ymid=2112031122274fcafbaa56428185f2458a1a&rc=1&mrc=0&fsc=0&zoneid=1601571&tburl=https://play-vids.com/?geo=nl&proxy=true
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
45.133.44.4 Philadelphia, United States, ASN39572 (ADVANCEDHOSTERS-AS, NL),
Reverse DNS
Software
nginx/1.18.0 /
Resource Hash
0515ddd9185d263874e7b66bb6d521fcd63b857aac5fed51c08df98026dafe27

Request headers

Accept-Language
nl-NL,nl;q=0.9
Referer
https://517s61.reminews.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date
Fri, 03 Dec 2021 16:22:46 GMT
x-openstack-request-id
tx3a371b7f911d47879e956-00617824f4
x-trans-id
tx3a371b7f911d47879e956-00617824f4
x-timestamp
1621260766.56573
accept-ranges
bytes
expires
Sun, 05 Dec 2021 16:22:46 GMT
last-modified
Mon, 17 May 2021 14:12:47 GMT
server
nginx/1.18.0
etag
3d0ab5834c8bf7134e4d21fa3288317f
vary
Accept-Encoding
access-control-allow-methods
HEAD,GET,POST,PUT,PATCH,DELETE,OPTIONS
content-type
image/png
access-control-allow-origin
*
access-control-expose-headers
X-Container-Meta-Temp-Url-Key,X-Container-Bytes-Used,Last-Modified,X-Timestamp
cache-control
max-age=172800
content-length
7252
access-control-allow-headers
Content-Type,X-Requested-With,X-Auth-Token,X-Openstack-Request-Id,X-Container-Meta-type,X-Container-Meta-Temp-URL-Key,Authorization
x-proxy-cache
HIT
icon2.png
123.selornews.com/dannig/common-player-arrow/img/ 		4 KB
5 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://123.selornews.com/dannig/common-player-arrow/img/icon2.png
Requested by
Host: 517s61.reminews.com
URL: https://517s61.reminews.com/dannig/common-player-arrow/index.html?var=1541501&ymid=2112031122274fcafbaa56428185f2458a1a&rc=1&mrc=0&fsc=0&zoneid=1601571&tburl=https://play-vids.com/?geo=nl&proxy=true
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
45.133.44.4 Philadelphia, United States, ASN39572 (ADVANCEDHOSTERS-AS, NL),
Reverse DNS
Software
nginx/1.18.0 /
Resource Hash

Request headers

Accept-Language
nl-NL,nl;q=0.9
Referer
https://517s61.reminews.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date
Fri, 03 Dec 2021 16:22:46 GMT
x-openstack-request-id
txa9b08c83d6884e2e94886-00617824f0
x-trans-id
txa9b08c83d6884e2e94886-00617824f0
x-timestamp
1621260766.58366
accept-ranges
bytes
expires
Sun, 05 Dec 2021 16:22:46 GMT
last-modified
Mon, 17 May 2021 14:12:47 GMT
server
nginx/1.18.0
etag
c947d439eb93367f1af5b2a3d222f057
vary
Accept-Encoding
access-control-allow-methods
HEAD,GET,POST,PUT,PATCH,DELETE,OPTIONS
content-type
image/png
access-control-allow-origin
*
access-control-expose-headers
X-Container-Meta-Temp-Url-Key,X-Container-Bytes-Used,Last-Modified,X-Timestamp
cache-control
max-age=172800
content-length
4576
access-control-allow-headers
Content-Type,X-Requested-With,X-Auth-Token,X-Openstack-Request-Id,X-Container-Meta-type,X-Container-Meta-Temp-URL-Key,Authorization
x-proxy-cache
HIT
icon3.png
123.selornews.com/dannig/common-player-arrow/img/ 		8 KB
8 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://123.selornews.com/dannig/common-player-arrow/img/icon3.png
Requested by
Host: 517s61.reminews.com
URL: https://517s61.reminews.com/dannig/common-player-arrow/index.html?var=1541501&ymid=2112031122274fcafbaa56428185f2458a1a&rc=1&mrc=0&fsc=0&zoneid=1601571&tburl=https://play-vids.com/?geo=nl&proxy=true
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
45.133.44.4 Philadelphia, United States, ASN39572 (ADVANCEDHOSTERS-AS, NL),
Reverse DNS
Software
nginx/1.18.0 /
Resource Hash

Request headers

Accept-Language
nl-NL,nl;q=0.9
Referer
https://517s61.reminews.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date
Fri, 03 Dec 2021 16:22:46 GMT
x-openstack-request-id
txe836bc800dc74cab8c17e-00617824f0
x-trans-id
txe836bc800dc74cab8c17e-00617824f0
x-timestamp
1621260770.61859
accept-ranges
bytes
expires
Sun, 05 Dec 2021 16:22:46 GMT
last-modified
Mon, 17 May 2021 14:12:51 GMT
server
nginx/1.18.0
etag
8f3cc830da0b1fdf66bda7d1d734747b
vary
Accept-Encoding
access-control-allow-methods
HEAD,GET,POST,PUT,PATCH,DELETE,OPTIONS
content-type
image/png
access-control-allow-origin
*
access-control-expose-headers
X-Container-Meta-Temp-Url-Key,X-Container-Bytes-Used,Last-Modified,X-Timestamp
cache-control
max-age=172800
content-length
7847
access-control-allow-headers
Content-Type,X-Requested-With,X-Auth-Token,X-Openstack-Request-Id,X-Container-Meta-type,X-Container-Meta-Temp-URL-Key,Authorization
x-proxy-cache
HIT
icon4.png
123.selornews.com/dannig/common-player-arrow/img/ 		7 KB
7 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://123.selornews.com/dannig/common-player-arrow/img/icon4.png
Requested by
Host: 517s61.reminews.com
URL: https://517s61.reminews.com/dannig/common-player-arrow/index.html?var=1541501&ymid=2112031122274fcafbaa56428185f2458a1a&rc=1&mrc=0&fsc=0&zoneid=1601571&tburl=https://play-vids.com/?geo=nl&proxy=true
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
45.133.44.4 Philadelphia, United States, ASN39572 (ADVANCEDHOSTERS-AS, NL),
Reverse DNS
Software
nginx/1.18.0 /
Resource Hash

Request headers

Accept-Language
nl-NL,nl;q=0.9
Referer
https://517s61.reminews.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date
Fri, 03 Dec 2021 16:22:46 GMT
x-openstack-request-id
tx15b172dcb6084849bf123-00617824f0
x-trans-id
tx15b172dcb6084849bf123-00617824f0
x-timestamp
1621260766.57654
accept-ranges
bytes
expires
Sun, 05 Dec 2021 16:22:46 GMT
last-modified
Mon, 17 May 2021 14:12:47 GMT
server
nginx/1.18.0
etag
7ad7f32c1c0df7b4975cc41bda4ac435
vary
Accept-Encoding
access-control-allow-methods
HEAD,GET,POST,PUT,PATCH,DELETE,OPTIONS
content-type
image/png
access-control-allow-origin
*
access-control-expose-headers
X-Container-Meta-Temp-Url-Key,X-Container-Bytes-Used,Last-Modified,X-Timestamp
cache-control
max-age=172800
content-length
7032
access-control-allow-headers
Content-Type,X-Requested-With,X-Auth-Token,X-Openstack-Request-Id,X-Container-Meta-type,X-Container-Meta-Temp-URL-Key,Authorization
x-proxy-cache
HIT
icon5.png
123.selornews.com/dannig/common-player-arrow/img/ 		3 KB
4 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://123.selornews.com/dannig/common-player-arrow/img/icon5.png
Requested by
Host: 517s61.reminews.com
URL: https://517s61.reminews.com/dannig/common-player-arrow/index.html?var=1541501&ymid=2112031122274fcafbaa56428185f2458a1a&rc=1&mrc=0&fsc=0&zoneid=1601571&tburl=https://play-vids.com/?geo=nl&proxy=true
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
45.133.44.4 Philadelphia, United States, ASN39572 (ADVANCEDHOSTERS-AS, NL),
Reverse DNS
Software
nginx/1.18.0 /
Resource Hash

Request headers

Accept-Language
nl-NL,nl;q=0.9
Referer
https://517s61.reminews.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date
Fri, 03 Dec 2021 16:22:46 GMT
x-openstack-request-id
txb5043e51fe2e4d6988631-00617824f0
x-trans-id
txb5043e51fe2e4d6988631-00617824f0
x-timestamp
1621260766.74516
accept-ranges
bytes
expires
Sun, 05 Dec 2021 16:22:46 GMT
last-modified
Mon, 17 May 2021 14:12:47 GMT
server
nginx/1.18.0
etag
1e1a7582b5da63e10485d63f97abc9a0
vary
Accept-Encoding
access-control-allow-methods
HEAD,GET,POST,PUT,PATCH,DELETE,OPTIONS
content-type
image/png
access-control-allow-origin
*
access-control-expose-headers
X-Container-Meta-Temp-Url-Key,X-Container-Bytes-Used,Last-Modified,X-Timestamp
cache-control
max-age=172800
content-length
3264
access-control-allow-headers
Content-Type,X-Requested-With,X-Auth-Token,X-Openstack-Request-Id,X-Container-Meta-type,X-Container-Meta-Temp-URL-Key,Authorization
x-proxy-cache
HIT
icon7.png
123.selornews.com/dannig/common-player-arrow/img/ 		3 KB
4 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://123.selornews.com/dannig/common-player-arrow/img/icon7.png
Requested by
Host: 517s61.reminews.com
URL: https://517s61.reminews.com/dannig/common-player-arrow/index.html?var=1541501&ymid=2112031122274fcafbaa56428185f2458a1a&rc=1&mrc=0&fsc=0&zoneid=1601571&tburl=https://play-vids.com/?geo=nl&proxy=true
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
45.133.44.4 Philadelphia, United States, ASN39572 (ADVANCEDHOSTERS-AS, NL),
Reverse DNS
Software
nginx/1.18.0 /
Resource Hash

Request headers

Accept-Language
nl-NL,nl;q=0.9
Referer
https://517s61.reminews.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date
Fri, 03 Dec 2021 16:22:46 GMT
x-openstack-request-id
tx23eb648f44094a9e86fdc-00617824f0
x-trans-id
tx23eb648f44094a9e86fdc-00617824f0
x-timestamp
1621260767.43555
accept-ranges
bytes
expires
Sun, 05 Dec 2021 16:22:46 GMT
last-modified
Mon, 17 May 2021 14:12:48 GMT
server
nginx/1.18.0
etag
b512735542cb07b3b2dcf153a7dfe456
vary
Accept-Encoding
access-control-allow-methods
HEAD,GET,POST,PUT,PATCH,DELETE,OPTIONS
content-type
image/png
access-control-allow-origin
*
access-control-expose-headers
X-Container-Meta-Temp-Url-Key,X-Container-Bytes-Used,Last-Modified,X-Timestamp
cache-control
max-age=172800
content-length
3283
access-control-allow-headers
Content-Type,X-Requested-With,X-Auth-Token,X-Openstack-Request-Id,X-Container-Meta-type,X-Container-Meta-Temp-URL-Key,Authorization
x-proxy-cache
HIT
icon8.png
123.selornews.com/dannig/common-player-arrow/img/ 		4 KB
5 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://123.selornews.com/dannig/common-player-arrow/img/icon8.png
Requested by
Host: 517s61.reminews.com
URL: https://517s61.reminews.com/dannig/common-player-arrow/index.html?var=1541501&ymid=2112031122274fcafbaa56428185f2458a1a&rc=1&mrc=0&fsc=0&zoneid=1601571&tburl=https://play-vids.com/?geo=nl&proxy=true
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
45.133.44.4 Philadelphia, United States, ASN39572 (ADVANCEDHOSTERS-AS, NL),
Reverse DNS
Software
nginx/1.18.0 /
Resource Hash

Request headers

Accept-Language
nl-NL,nl;q=0.9
Referer
https://517s61.reminews.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date
Fri, 03 Dec 2021 16:22:46 GMT
x-openstack-request-id
tx287de7c84de84b77b385d-00617824f0
x-trans-id
tx287de7c84de84b77b385d-00617824f0
x-timestamp
1621260767.46514
accept-ranges
bytes
expires
Sun, 05 Dec 2021 16:22:46 GMT
last-modified
Mon, 17 May 2021 14:12:48 GMT
server
nginx/1.18.0
etag
f92d6474ebc6a3a0b576749cfb4afe98
vary
Accept-Encoding
access-control-allow-methods
HEAD,GET,POST,PUT,PATCH,DELETE,OPTIONS
content-type
image/png
access-control-allow-origin
*
access-control-expose-headers
X-Container-Meta-Temp-Url-Key,X-Container-Bytes-Used,Last-Modified,X-Timestamp
cache-control
max-age=172800
content-length
4064
access-control-allow-headers
Content-Type,X-Requested-With,X-Auth-Token,X-Openstack-Request-Id,X-Container-Meta-type,X-Container-Meta-Temp-URL-Key,Authorization
x-proxy-cache
HIT
afu.php
kneeansweras.com/ 		2 KB
1 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://kneeansweras.com/afu.php?zoneid=1541502&var=1541501
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
109.206.162.83 , Netherlands, ASN50245 (SERVEREL-AS, NL),
Reverse DNS
83.162.serverel.net
Software
nginx /
Resource Hash
3c393f06d6b87bf6136cc933ac7c43698d2055e6afe846cf30ef07e79e101e74

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36
Accept-Language
nl-NL,nl;q=0.9

Response headers

server
nginx
date
Fri, 03 Dec 2021 16:22:46 GMT
content-type
text/html; charset=utf-8
vary
Accept-Encoding
content-encoding
gzip
timing-allow-origin
*
submit.min.js
kneeansweras.com/ 		34 KB
14 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://kneeansweras.com/submit.min.js?2.0
Requested by
Host: kneeansweras.com
URL: https://kneeansweras.com/afu.php?zoneid=1541502&var=1541501
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
109.206.162.83 , Netherlands, ASN50245 (SERVEREL-AS, NL),
Reverse DNS
83.162.serverel.net
Software
nginx /
Resource Hash
85a367f436675a0f9ff723ab117c68ab0f704cd9f183bc40c8d5e06d647832b8

Request headers

Accept-Language
nl-NL,nl;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date
Fri, 03 Dec 2021 16:22:46 GMT
content-encoding
gzip
last-modified
Thu, 02 Dec 2021 12:43:17 GMT
server
nginx
etag
W/"61a8bf65-87fb"
vary
Accept-Encoding
content-type
application/javascript
timing-allow-origin
*
/
kneeansweras.com/ 		3 KB
2 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://kneeansweras.com/?r=dir&zoneid=1541502&var=1541501&pb=4b3ab314b204a90189f2334c11f203081638555766&psp=9lTUFs1dKLUYtY9aPrqJEXBqlCpiPuVuZW871MndA2pB6CqLs9qHX3j0Rg1PSMV7tPR4rPq46lbZ8swkJTzWUOYbAibJbHNoCC1DMRtaYZJAhrCn0IN46LKZRNyP00xFLLaT2ZpgNdnNq9QVDT41yjD28FkgrcDJ6nSzTBsiC_dgZj7RZbM1iv-9oBzdRxuce6qjU6TbIBpGw-U8PWEcSw0ec7Nih41pYaL1DOwz80CcpEtfyCyxgW7-CAWHjplKAdwqMjyU_jwUuklS8GrRoMPXc4Oag4IkKy8pbbCxwyUR2W3HhRDHLsfarahSSFA1JkbrHgerlSckJQcrSpj-l4KqAx5EaQurrQ9YY_5Yi4Ef1ASbWQhPv0iptvVtMp-krT-75XNffPEe0fsioOl-Y9opmq3vl5sEyx09oMWm1cFTnMHR1Nt_SZRyNcMQxuKOgC9USx4Qhge78_WEfd0JklfzI4dko1fMHwOkb6Zu8n_mJqmZZxAl4uexmfaOgCbmNbvYmbyyHdF9s4XGGY8gCKdDvuN4oEuzA2aHzqmLXN4oLHtHZ1HuiYbKGQU61wXbwc7apBBdTiMrtsUHpfshTWM7517dCT2xbMaDFupnhl5UkJN65tm42pYz-RW5Gy2nxwZFRtYwm3Wuzs406s9HR3lQ7VZVwzca1xZtW65lSyzolWwpGQ2YYA==&nojs=0&ix=0&t=0&x=1600&y=1200&wcks=1&wgl=1&cnvs=1&os=0&md=0&bb=0&pl=Chrome%20PDF%20Plugin::Chrome%20PDF%20Viewer::Native%20Client&lang=en-US&pf=Linux%20x86_64&cd=24&0&pload=114
Requested by
Host: kneeansweras.com
URL: https://kneeansweras.com/submit.min.js?2.0
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
109.206.162.83 , Netherlands, ASN50245 (SERVEREL-AS, NL),
Reverse DNS
83.162.serverel.net
Software
nginx /
Resource Hash
812dd7afcb519af21fd40e2cb37490357b1b68ff730b50a010f6f8e4397d64f5

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36
Accept-Language
nl-NL,nl;q=0.9

Response headers

server
nginx
date
Fri, 03 Dec 2021 16:22:46 GMT
content-type
text/html; charset=utf-8
vary
Accept-Encoding
content-encoding
gzip
timing-allow-origin
*
index.html
517s61.reminews.com/dannig/common-player-arrow/ 		6 KB
7 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://517s61.reminews.com/dannig/common-player-arrow/index.html?var=1541502&ymid=2112031122277f52732f6748c3aadc417022&rc=1&mrc=0&fsc=0&zoneid=1601571&tburl=https://play-vids.com/?geo=nl&proxy=true
Requested by
Host: kneeansweras.com
URL: https://kneeansweras.com/?r=dir&zoneid=1541502&var=1541501&pb=4b3ab314b204a90189f2334c11f203081638555766&psp=9lTUFs1dKLUYtY9aPrqJEXBqlCpiPuVuZW871MndA2pB6CqLs9qHX3j0Rg1PSMV7tPR4rPq46lbZ8swkJTzWUOYbAibJbHNoCC1DMRtaYZJAhrCn0IN46LKZRNyP00xFLLaT2ZpgNdnNq9QVDT41yjD28FkgrcDJ6nSzTBsiC_dgZj7RZbM1iv-9oBzdRxuce6qjU6TbIBpGw-U8PWEcSw0ec7Nih41pYaL1DOwz80CcpEtfyCyxgW7-CAWHjplKAdwqMjyU_jwUuklS8GrRoMPXc4Oag4IkKy8pbbCxwyUR2W3HhRDHLsfarahSSFA1JkbrHgerlSckJQcrSpj-l4KqAx5EaQurrQ9YY_5Yi4Ef1ASbWQhPv0iptvVtMp-krT-75XNffPEe0fsioOl-Y9opmq3vl5sEyx09oMWm1cFTnMHR1Nt_SZRyNcMQxuKOgC9USx4Qhge78_WEfd0JklfzI4dko1fMHwOkb6Zu8n_mJqmZZxAl4uexmfaOgCbmNbvYmbyyHdF9s4XGGY8gCKdDvuN4oEuzA2aHzqmLXN4oLHtHZ1HuiYbKGQU61wXbwc7apBBdTiMrtsUHpfshTWM7517dCT2xbMaDFupnhl5UkJN65tm42pYz-RW5Gy2nxwZFRtYwm3Wuzs406s9HR3lQ7VZVwzca1xZtW65lSyzolWwpGQ2YYA==&nojs=0&ix=0&t=0&x=1600&y=1200&wcks=1&wgl=1&cnvs=1&os=0&md=0&bb=0&pl=Chrome%20PDF%20Plugin::Chrome%20PDF%20Viewer::Native%20Client&lang=en-US&pf=Linux%20x86_64&cd=24&0&pload=114
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
45.133.44.3 Philadelphia, United States, ASN39572 (ADVANCEDHOSTERS-AS, NL),
Reverse DNS
Software
nginx/1.18.0 /
Resource Hash
dccc56b4834577790633f041a5c730b0f283352e63c8509a9da3961b170b6f96

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36
Accept-Language
nl-NL,nl;q=0.9

Response headers

date
Fri, 03 Dec 2021 16:22:46 GMT
content-type
text/html; charset=utf-8
content-length
6611
server
nginx/1.18.0
last-modified
Tue, 26 Oct 2021 15:52:40 GMT
etag
f46a63e0e4e733d7ddc6f46da00863bf
x-timestamp
1635263559.76455
x-trans-id
txf9973ab5455e4f86ae257-00617824f3
x-openstack-request-id
txf9973ab5455e4f86ae257-00617824f3
cache-control
max-age=172800
access-control-allow-origin
*
access-control-allow-methods
HEAD,GET,POST,PUT,PATCH,DELETE,OPTIONS
access-control-allow-headers
Content-Type,X-Requested-With,X-Auth-Token,X-Openstack-Request-Id,X-Container-Meta-type,X-Container-Meta-Temp-URL-Key,Authorization
access-control-expose-headers
X-Container-Meta-Temp-Url-Key,X-Container-Bytes-Used,Last-Modified,X-Timestamp
expires
Sun, 05 Dec 2021 16:22:46 GMT
vary
Accept-Encoding
x-proxy-cache
HIT
accept-ranges
bytes
dupa.gif
kneeansweras.com/ 		0
0
script.js
123.selornews.com/dannig/common-player-arrow/ 		4 KB
5 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://123.selornews.com/dannig/common-player-arrow/script.js?a=19
Requested by
Host: 517s61.reminews.com
URL: https://517s61.reminews.com/dannig/common-player-arrow/index.html?var=1541502&ymid=2112031122277f52732f6748c3aadc417022&rc=1&mrc=0&fsc=0&zoneid=1601571&tburl=https://play-vids.com/?geo=nl&proxy=true
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
45.133.44.4 Philadelphia, United States, ASN39572 (ADVANCEDHOSTERS-AS, NL),
Reverse DNS
Software
nginx/1.18.0 /
Resource Hash
4d23eca65ee87fd5bce9aaefc863c5f836ad13dbb3069c72533bddfe2054d0d9

Request headers

Accept-Language
nl-NL,nl;q=0.9
Referer
https://517s61.reminews.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date
Fri, 03 Dec 2021 16:22:46 GMT
x-openstack-request-id
tx511d3042704c4fa98c709-00617824f4
x-trans-id
tx511d3042704c4fa98c709-00617824f4
x-timestamp
1631013005.68768
accept-ranges
bytes
expires
Sun, 05 Dec 2021 16:22:46 GMT
last-modified
Tue, 07 Sep 2021 11:10:06 GMT
server
nginx/1.18.0
etag
9d479878f1dadd7ee15cebf73891e8ae
vary
Accept-Encoding
access-control-allow-methods
HEAD,GET,POST,PUT,PATCH,DELETE,OPTIONS
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
access-control-expose-headers
X-Container-Meta-Temp-Url-Key,X-Container-Bytes-Used,Last-Modified,X-Timestamp
cache-control
max-age=172800
content-length
4281
access-control-allow-headers
Content-Type,X-Requested-With,X-Auth-Token,X-Openstack-Request-Id,X-Container-Meta-type,X-Container-Meta-Temp-URL-Key,Authorization
x-proxy-cache
HIT
icon1.png
123.selornews.com/dannig/common-player-arrow/img/ 		7 KB
8 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://123.selornews.com/dannig/common-player-arrow/img/icon1.png
Requested by
Host: 517s61.reminews.com
URL: https://517s61.reminews.com/dannig/common-player-arrow/index.html?var=1541502&ymid=2112031122277f52732f6748c3aadc417022&rc=1&mrc=0&fsc=0&zoneid=1601571&tburl=https://play-vids.com/?geo=nl&proxy=true
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
45.133.44.4 Philadelphia, United States, ASN39572 (ADVANCEDHOSTERS-AS, NL),
Reverse DNS
Software
nginx/1.18.0 /
Resource Hash

Request headers

Accept-Language
nl-NL,nl;q=0.9
Referer
https://517s61.reminews.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date
Fri, 03 Dec 2021 16:22:46 GMT
x-openstack-request-id
tx3a371b7f911d47879e956-00617824f4
x-trans-id
tx3a371b7f911d47879e956-00617824f4
x-timestamp
1621260766.56573
accept-ranges
bytes
expires
Sun, 05 Dec 2021 16:22:46 GMT
last-modified
Mon, 17 May 2021 14:12:47 GMT
server
nginx/1.18.0
etag
3d0ab5834c8bf7134e4d21fa3288317f
vary
Accept-Encoding
access-control-allow-methods
HEAD,GET,POST,PUT,PATCH,DELETE,OPTIONS
content-type
image/png
access-control-allow-origin
*
access-control-expose-headers
X-Container-Meta-Temp-Url-Key,X-Container-Bytes-Used,Last-Modified,X-Timestamp
cache-control
max-age=172800
content-length
7252
access-control-allow-headers
Content-Type,X-Requested-With,X-Auth-Token,X-Openstack-Request-Id,X-Container-Meta-type,X-Container-Meta-Temp-URL-Key,Authorization
x-proxy-cache
HIT
icon2.png
123.selornews.com/dannig/common-player-arrow/img/ 		4 KB
5 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://123.selornews.com/dannig/common-player-arrow/img/icon2.png
Requested by
Host: 517s61.reminews.com
URL: https://517s61.reminews.com/dannig/common-player-arrow/index.html?var=1541502&ymid=2112031122277f52732f6748c3aadc417022&rc=1&mrc=0&fsc=0&zoneid=1601571&tburl=https://play-vids.com/?geo=nl&proxy=true
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
45.133.44.4 Philadelphia, United States, ASN39572 (ADVANCEDHOSTERS-AS, NL),
Reverse DNS
Software
nginx/1.18.0 /
Resource Hash

Request headers

Accept-Language
nl-NL,nl;q=0.9
Referer
https://517s61.reminews.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date
Fri, 03 Dec 2021 16:22:46 GMT
x-openstack-request-id
txa9b08c83d6884e2e94886-00617824f0
x-trans-id
txa9b08c83d6884e2e94886-00617824f0
x-timestamp
1621260766.58366
accept-ranges
bytes
expires
Sun, 05 Dec 2021 16:22:46 GMT
last-modified
Mon, 17 May 2021 14:12:47 GMT
server
nginx/1.18.0
etag
c947d439eb93367f1af5b2a3d222f057
vary
Accept-Encoding
access-control-allow-methods
HEAD,GET,POST,PUT,PATCH,DELETE,OPTIONS
content-type
image/png
access-control-allow-origin
*
access-control-expose-headers
X-Container-Meta-Temp-Url-Key,X-Container-Bytes-Used,Last-Modified,X-Timestamp
cache-control
max-age=172800
content-length
4576
access-control-allow-headers
Content-Type,X-Requested-With,X-Auth-Token,X-Openstack-Request-Id,X-Container-Meta-type,X-Container-Meta-Temp-URL-Key,Authorization
x-proxy-cache
HIT
icon3.png
123.selornews.com/dannig/common-player-arrow/img/ 		8 KB
8 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://123.selornews.com/dannig/common-player-arrow/img/icon3.png
Requested by
Host: 517s61.reminews.com
URL: https://517s61.reminews.com/dannig/common-player-arrow/index.html?var=1541502&ymid=2112031122277f52732f6748c3aadc417022&rc=1&mrc=0&fsc=0&zoneid=1601571&tburl=https://play-vids.com/?geo=nl&proxy=true
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
45.133.44.4 Philadelphia, United States, ASN39572 (ADVANCEDHOSTERS-AS, NL),
Reverse DNS
Software
nginx/1.18.0 /
Resource Hash

Request headers

Accept-Language
nl-NL,nl;q=0.9
Referer
https://517s61.reminews.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date
Fri, 03 Dec 2021 16:22:46 GMT
x-openstack-request-id
txe836bc800dc74cab8c17e-00617824f0
x-trans-id
txe836bc800dc74cab8c17e-00617824f0
x-timestamp
1621260770.61859
accept-ranges
bytes
expires
Sun, 05 Dec 2021 16:22:46 GMT
last-modified
Mon, 17 May 2021 14:12:51 GMT
server
nginx/1.18.0
etag
8f3cc830da0b1fdf66bda7d1d734747b
vary
Accept-Encoding
access-control-allow-methods
HEAD,GET,POST,PUT,PATCH,DELETE,OPTIONS
content-type
image/png
access-control-allow-origin
*
access-control-expose-headers
X-Container-Meta-Temp-Url-Key,X-Container-Bytes-Used,Last-Modified,X-Timestamp
cache-control
max-age=172800
content-length
7847
access-control-allow-headers
Content-Type,X-Requested-With,X-Auth-Token,X-Openstack-Request-Id,X-Container-Meta-type,X-Container-Meta-Temp-URL-Key,Authorization
x-proxy-cache
HIT
icon4.png
123.selornews.com/dannig/common-player-arrow/img/ 		7 KB
7 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://123.selornews.com/dannig/common-player-arrow/img/icon4.png
Requested by
Host: 517s61.reminews.com
URL: https://517s61.reminews.com/dannig/common-player-arrow/index.html?var=1541502&ymid=2112031122277f52732f6748c3aadc417022&rc=1&mrc=0&fsc=0&zoneid=1601571&tburl=https://play-vids.com/?geo=nl&proxy=true
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
45.133.44.4 Philadelphia, United States, ASN39572 (ADVANCEDHOSTERS-AS, NL),
Reverse DNS
Software
nginx/1.18.0 /
Resource Hash

Request headers

Accept-Language
nl-NL,nl;q=0.9
Referer
https://517s61.reminews.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date
Fri, 03 Dec 2021 16:22:46 GMT
x-openstack-request-id
tx15b172dcb6084849bf123-00617824f0
x-trans-id
tx15b172dcb6084849bf123-00617824f0
x-timestamp
1621260766.57654
accept-ranges
bytes
expires
Sun, 05 Dec 2021 16:22:46 GMT
last-modified
Mon, 17 May 2021 14:12:47 GMT
server
nginx/1.18.0
etag
7ad7f32c1c0df7b4975cc41bda4ac435
vary
Accept-Encoding
access-control-allow-methods
HEAD,GET,POST,PUT,PATCH,DELETE,OPTIONS
content-type
image/png
access-control-allow-origin
*
access-control-expose-headers
X-Container-Meta-Temp-Url-Key,X-Container-Bytes-Used,Last-Modified,X-Timestamp
cache-control
max-age=172800
content-length
7032
access-control-allow-headers
Content-Type,X-Requested-With,X-Auth-Token,X-Openstack-Request-Id,X-Container-Meta-type,X-Container-Meta-Temp-URL-Key,Authorization
x-proxy-cache
HIT
icon5.png
123.selornews.com/dannig/common-player-arrow/img/ 		3 KB
4 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://123.selornews.com/dannig/common-player-arrow/img/icon5.png
Requested by
Host: 517s61.reminews.com
URL: https://517s61.reminews.com/dannig/common-player-arrow/index.html?var=1541502&ymid=2112031122277f52732f6748c3aadc417022&rc=1&mrc=0&fsc=0&zoneid=1601571&tburl=https://play-vids.com/?geo=nl&proxy=true
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
45.133.44.4 Philadelphia, United States, ASN39572 (ADVANCEDHOSTERS-AS, NL),
Reverse DNS
Software
nginx/1.18.0 /
Resource Hash

Request headers

Accept-Language
nl-NL,nl;q=0.9
Referer
https://517s61.reminews.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date
Fri, 03 Dec 2021 16:22:46 GMT
x-openstack-request-id
txb5043e51fe2e4d6988631-00617824f0
x-trans-id
txb5043e51fe2e4d6988631-00617824f0
x-timestamp
1621260766.74516
accept-ranges
bytes
expires
Sun, 05 Dec 2021 16:22:46 GMT
last-modified
Mon, 17 May 2021 14:12:47 GMT
server
nginx/1.18.0
etag
1e1a7582b5da63e10485d63f97abc9a0
vary
Accept-Encoding
access-control-allow-methods
HEAD,GET,POST,PUT,PATCH,DELETE,OPTIONS
content-type
image/png
access-control-allow-origin
*
access-control-expose-headers
X-Container-Meta-Temp-Url-Key,X-Container-Bytes-Used,Last-Modified,X-Timestamp
cache-control
max-age=172800
content-length
3264
access-control-allow-headers
Content-Type,X-Requested-With,X-Auth-Token,X-Openstack-Request-Id,X-Container-Meta-type,X-Container-Meta-Temp-URL-Key,Authorization
x-proxy-cache
HIT
icon7.png
123.selornews.com/dannig/common-player-arrow/img/ 		3 KB
4 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://123.selornews.com/dannig/common-player-arrow/img/icon7.png
Requested by
Host: 517s61.reminews.com
URL: https://517s61.reminews.com/dannig/common-player-arrow/index.html?var=1541502&ymid=2112031122277f52732f6748c3aadc417022&rc=1&mrc=0&fsc=0&zoneid=1601571&tburl=https://play-vids.com/?geo=nl&proxy=true
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
45.133.44.4 Philadelphia, United States, ASN39572 (ADVANCEDHOSTERS-AS, NL),
Reverse DNS
Software
nginx/1.18.0 /
Resource Hash

Request headers

Accept-Language
nl-NL,nl;q=0.9
Referer
https://517s61.reminews.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date
Fri, 03 Dec 2021 16:22:46 GMT
x-openstack-request-id
tx23eb648f44094a9e86fdc-00617824f0
x-trans-id
tx23eb648f44094a9e86fdc-00617824f0
x-timestamp
1621260767.43555
accept-ranges
bytes
expires
Sun, 05 Dec 2021 16:22:46 GMT
last-modified
Mon, 17 May 2021 14:12:48 GMT
server
nginx/1.18.0
etag
b512735542cb07b3b2dcf153a7dfe456
vary
Accept-Encoding
access-control-allow-methods
HEAD,GET,POST,PUT,PATCH,DELETE,OPTIONS
content-type
image/png
access-control-allow-origin
*
access-control-expose-headers
X-Container-Meta-Temp-Url-Key,X-Container-Bytes-Used,Last-Modified,X-Timestamp
cache-control
max-age=172800
content-length
3283
access-control-allow-headers
Content-Type,X-Requested-With,X-Auth-Token,X-Openstack-Request-Id,X-Container-Meta-type,X-Container-Meta-Temp-URL-Key,Authorization
x-proxy-cache
HIT
icon8.png
123.selornews.com/dannig/common-player-arrow/img/ 		4 KB
5 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://123.selornews.com/dannig/common-player-arrow/img/icon8.png
Requested by
Host: 517s61.reminews.com
URL: https://517s61.reminews.com/dannig/common-player-arrow/index.html?var=1541502&ymid=2112031122277f52732f6748c3aadc417022&rc=1&mrc=0&fsc=0&zoneid=1601571&tburl=https://play-vids.com/?geo=nl&proxy=true
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
45.133.44.4 Philadelphia, United States, ASN39572 (ADVANCEDHOSTERS-AS, NL),
Reverse DNS
Software
nginx/1.18.0 /
Resource Hash

Request headers

Accept-Language
nl-NL,nl;q=0.9
Referer
https://517s61.reminews.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date
Fri, 03 Dec 2021 16:22:46 GMT
x-openstack-request-id
tx287de7c84de84b77b385d-00617824f0
x-trans-id
tx287de7c84de84b77b385d-00617824f0
x-timestamp
1621260767.46514
accept-ranges
bytes
expires
Sun, 05 Dec 2021 16:22:46 GMT
last-modified
Mon, 17 May 2021 14:12:48 GMT
server
nginx/1.18.0
etag
f92d6474ebc6a3a0b576749cfb4afe98
vary
Accept-Encoding
access-control-allow-methods
HEAD,GET,POST,PUT,PATCH,DELETE,OPTIONS
content-type
image/png
access-control-allow-origin
*
access-control-expose-headers
X-Container-Meta-Temp-Url-Key,X-Container-Bytes-Used,Last-Modified,X-Timestamp
cache-control
max-age=172800
content-length
4064
access-control-allow-headers
Content-Type,X-Requested-With,X-Auth-Token,X-Openstack-Request-Id,X-Container-Meta-type,X-Container-Meta-Temp-URL-Key,Authorization
x-proxy-cache
HIT
afu.php
kneeansweras.com/ 		2 KB
1 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://kneeansweras.com/afu.php?zoneid=1541501&var=1541502
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
109.206.162.83 , Netherlands, ASN50245 (SERVEREL-AS, NL),
Reverse DNS
83.162.serverel.net
Software
nginx /
Resource Hash
c679eb5b4d384d45e6ad8b8f0a242bf0f3e9d2984f6206c3561e5df06a7d50b0

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36
Accept-Language
nl-NL,nl;q=0.9

Response headers

server
nginx
date
Fri, 03 Dec 2021 16:22:46 GMT
content-type
text/html; charset=utf-8
vary
Accept-Encoding
content-encoding
gzip
timing-allow-origin
*
submit.min.js
kneeansweras.com/ 		34 KB
14 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://kneeansweras.com/submit.min.js?2.0
Requested by
Host: kneeansweras.com
URL: https://kneeansweras.com/afu.php?zoneid=1541501&var=1541502
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
109.206.162.83 , Netherlands, ASN50245 (SERVEREL-AS, NL),
Reverse DNS
83.162.serverel.net
Software
nginx /
Resource Hash
85a367f436675a0f9ff723ab117c68ab0f704cd9f183bc40c8d5e06d647832b8

Request headers

Accept-Language
nl-NL,nl;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date
Fri, 03 Dec 2021 16:22:46 GMT
content-encoding
gzip
last-modified
Thu, 02 Dec 2021 12:43:17 GMT
server
nginx
etag
W/"61a8bf65-87fb"
vary
Accept-Encoding
content-type
application/javascript
timing-allow-origin
*
/
kneeansweras.com/ 		3 KB
2 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://kneeansweras.com/?r=dir&zoneid=1541501&var=1541502&pb=4b3ab314b204a90189f2334c11f203081638555766&psp=FLvT1XZBOiqOOAgHkTRIh8Iw-TwfXzWKgFXXOVZynBEUY1QZp1uJUlAl0HoEDFwYgdAMTpQqRbj4nfgZhvjU8JTMOavkyGS_5gz1pTasz57emE3c4J7d-FroSedYEPGl_rJ3HeC9DroO9tt96O8YnKiaWO2ynWIE9QB-W2bZs_wdngZg4hd1eZjjOgmAR7k9PhMsrqLrF6pY-MCkj-ro9cTadaPWPDVc8XR4k-uObJRu25K9A7P4Rqd2tC0O2JtYOH8ZtgjgwEvoAOKQbnqrTXgsafZHpXZM0LgmogWiKysdOs39GqxGQpMmCRQUrFHnzzlI5qxMqu4qFOlQ2cmYeehFIfnZbFBIbFHBV4U6gxjJrJrIZs4ID-Co3wgIY-nWSYDgsCfsMVLTPU2FL4DZsAuwsftPyS-V06mzIAzf5pIysi4x3GJ_7Ue9Xk2QkX52GkBneMhfkaRFiOeX2U5lzGy88U-ao3Q5QtMW566gAWIXXSQrwvA9l9hvh7I4tRok0xH6wdrScNzqNiXoxpJFTZA-qRfFyj93HuxOY91QwPf7MqZ54cKioVgLnQIB_hyvPXNNecR2o9ojla-SrU0JCgKt-HzBJcEvB9FkakA1ynryrKvG_AlVFpuY8AzQnUtHAzH8654nKFYlcUZ7PLz3B6DhtXkAc7Gq-ZfYmJyaH1E95-g-u4Gd8A==&nojs=0&ix=0&t=0&x=1600&y=1200&wcks=1&wgl=1&cnvs=1&os=0&md=0&bb=0&pl=Chrome%20PDF%20Plugin::Chrome%20PDF%20Viewer::Native%20Client&lang=en-US&pf=Linux%20x86_64&cd=24&0&pload=106
Requested by
Host: kneeansweras.com
URL: https://kneeansweras.com/submit.min.js?2.0
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
109.206.162.83 , Netherlands, ASN50245 (SERVEREL-AS, NL),
Reverse DNS
83.162.serverel.net
Software
nginx /
Resource Hash
8631fa7d25458e17937010ede0676e796c9e888c08edf63842ff6a27f814bb2c

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36
Accept-Language
nl-NL,nl;q=0.9

Response headers

server
nginx
date
Fri, 03 Dec 2021 16:22:46 GMT
content-type
text/html; charset=utf-8
vary
Accept-Encoding
content-encoding
gzip
timing-allow-origin
*
index.html
517s61.reminews.com/dannig/common-player-arrow/ 		6 KB
7 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://517s61.reminews.com/dannig/common-player-arrow/index.html?var=1541501&ymid=211203112245a1502adeec4e5cb4b4ca4fc6&rc=1&mrc=0&fsc=0&zoneid=1601571&tburl=https://play-vids.com/?geo=nl&proxy=true
Requested by
Host: kneeansweras.com
URL: https://kneeansweras.com/?r=dir&zoneid=1541501&var=1541502&pb=4b3ab314b204a90189f2334c11f203081638555766&psp=FLvT1XZBOiqOOAgHkTRIh8Iw-TwfXzWKgFXXOVZynBEUY1QZp1uJUlAl0HoEDFwYgdAMTpQqRbj4nfgZhvjU8JTMOavkyGS_5gz1pTasz57emE3c4J7d-FroSedYEPGl_rJ3HeC9DroO9tt96O8YnKiaWO2ynWIE9QB-W2bZs_wdngZg4hd1eZjjOgmAR7k9PhMsrqLrF6pY-MCkj-ro9cTadaPWPDVc8XR4k-uObJRu25K9A7P4Rqd2tC0O2JtYOH8ZtgjgwEvoAOKQbnqrTXgsafZHpXZM0LgmogWiKysdOs39GqxGQpMmCRQUrFHnzzlI5qxMqu4qFOlQ2cmYeehFIfnZbFBIbFHBV4U6gxjJrJrIZs4ID-Co3wgIY-nWSYDgsCfsMVLTPU2FL4DZsAuwsftPyS-V06mzIAzf5pIysi4x3GJ_7Ue9Xk2QkX52GkBneMhfkaRFiOeX2U5lzGy88U-ao3Q5QtMW566gAWIXXSQrwvA9l9hvh7I4tRok0xH6wdrScNzqNiXoxpJFTZA-qRfFyj93HuxOY91QwPf7MqZ54cKioVgLnQIB_hyvPXNNecR2o9ojla-SrU0JCgKt-HzBJcEvB9FkakA1ynryrKvG_AlVFpuY8AzQnUtHAzH8654nKFYlcUZ7PLz3B6DhtXkAc7Gq-ZfYmJyaH1E95-g-u4Gd8A==&nojs=0&ix=0&t=0&x=1600&y=1200&wcks=1&wgl=1&cnvs=1&os=0&md=0&bb=0&pl=Chrome%20PDF%20Plugin::Chrome%20PDF%20Viewer::Native%20Client&lang=en-US&pf=Linux%20x86_64&cd=24&0&pload=106
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
45.133.44.3 Philadelphia, United States, ASN39572 (ADVANCEDHOSTERS-AS, NL),
Reverse DNS
Software
nginx/1.18.0 /
Resource Hash
dccc56b4834577790633f041a5c730b0f283352e63c8509a9da3961b170b6f96

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36
Accept-Language
nl-NL,nl;q=0.9

Response headers

date
Fri, 03 Dec 2021 16:22:46 GMT
content-type
text/html; charset=utf-8
content-length
6611
server
nginx/1.18.0
last-modified
Tue, 26 Oct 2021 15:52:40 GMT
etag
f46a63e0e4e733d7ddc6f46da00863bf
x-timestamp
1635263559.76455
x-trans-id
txf9973ab5455e4f86ae257-00617824f3
x-openstack-request-id
txf9973ab5455e4f86ae257-00617824f3
cache-control
max-age=172800
access-control-allow-origin
*
access-control-allow-methods
HEAD,GET,POST,PUT,PATCH,DELETE,OPTIONS
access-control-allow-headers
Content-Type,X-Requested-With,X-Auth-Token,X-Openstack-Request-Id,X-Container-Meta-type,X-Container-Meta-Temp-URL-Key,Authorization
access-control-expose-headers
X-Container-Meta-Temp-Url-Key,X-Container-Bytes-Used,Last-Modified,X-Timestamp
expires
Sun, 05 Dec 2021 16:22:46 GMT
vary
Accept-Encoding
x-proxy-cache
HIT
accept-ranges
bytes
dupa.gif
kneeansweras.com/ 		0
0
script.js
123.selornews.com/dannig/common-player-arrow/ 		4 KB
5 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://123.selornews.com/dannig/common-player-arrow/script.js?a=19
Requested by
Host: 517s61.reminews.com
URL: https://517s61.reminews.com/dannig/common-player-arrow/index.html?var=1541501&ymid=211203112245a1502adeec4e5cb4b4ca4fc6&rc=1&mrc=0&fsc=0&zoneid=1601571&tburl=https://play-vids.com/?geo=nl&proxy=true
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
45.133.44.4 Philadelphia, United States, ASN39572 (ADVANCEDHOSTERS-AS, NL),
Reverse DNS
Software
nginx/1.18.0 /
Resource Hash
4d23eca65ee87fd5bce9aaefc863c5f836ad13dbb3069c72533bddfe2054d0d9

Request headers

Accept-Language
nl-NL,nl;q=0.9
Referer
https://517s61.reminews.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date
Fri, 03 Dec 2021 16:22:47 GMT
x-openstack-request-id
tx511d3042704c4fa98c709-00617824f4
x-trans-id
tx511d3042704c4fa98c709-00617824f4
x-timestamp
1631013005.68768
accept-ranges
bytes
expires
Sun, 05 Dec 2021 16:22:47 GMT
last-modified
Tue, 07 Sep 2021 11:10:06 GMT
server
nginx/1.18.0
etag
9d479878f1dadd7ee15cebf73891e8ae
vary
Accept-Encoding
access-control-allow-methods
HEAD,GET,POST,PUT,PATCH,DELETE,OPTIONS
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
access-control-expose-headers
X-Container-Meta-Temp-Url-Key,X-Container-Bytes-Used,Last-Modified,X-Timestamp
cache-control
max-age=172800
content-length
4281
access-control-allow-headers
Content-Type,X-Requested-With,X-Auth-Token,X-Openstack-Request-Id,X-Container-Meta-type,X-Container-Meta-Temp-URL-Key,Authorization
x-proxy-cache
HIT
icon1.png
123.selornews.com/dannig/common-player-arrow/img/ 		7 KB
8 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://123.selornews.com/dannig/common-player-arrow/img/icon1.png
Requested by
Host: 517s61.reminews.com
URL: https://517s61.reminews.com/dannig/common-player-arrow/index.html?var=1541501&ymid=211203112245a1502adeec4e5cb4b4ca4fc6&rc=1&mrc=0&fsc=0&zoneid=1601571&tburl=https://play-vids.com/?geo=nl&proxy=true
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
45.133.44.4 Philadelphia, United States, ASN39572 (ADVANCEDHOSTERS-AS, NL),
Reverse DNS
Software
nginx/1.18.0 /
Resource Hash
0515ddd9185d263874e7b66bb6d521fcd63b857aac5fed51c08df98026dafe27

Request headers

Accept-Language
nl-NL,nl;q=0.9
Referer
https://517s61.reminews.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date
Fri, 03 Dec 2021 16:22:47 GMT
x-openstack-request-id
tx3a371b7f911d47879e956-00617824f4
x-trans-id
tx3a371b7f911d47879e956-00617824f4
x-timestamp
1621260766.56573
accept-ranges
bytes
expires
Sun, 05 Dec 2021 16:22:47 GMT
last-modified
Mon, 17 May 2021 14:12:47 GMT
server
nginx/1.18.0
etag
3d0ab5834c8bf7134e4d21fa3288317f
vary
Accept-Encoding
access-control-allow-methods
HEAD,GET,POST,PUT,PATCH,DELETE,OPTIONS
content-type
image/png
access-control-allow-origin
*
access-control-expose-headers
X-Container-Meta-Temp-Url-Key,X-Container-Bytes-Used,Last-Modified,X-Timestamp
cache-control
max-age=172800
content-length
7252
access-control-allow-headers
Content-Type,X-Requested-With,X-Auth-Token,X-Openstack-Request-Id,X-Container-Meta-type,X-Container-Meta-Temp-URL-Key,Authorization
x-proxy-cache
HIT
icon2.png
123.selornews.com/dannig/common-player-arrow/img/ 		4 KB
5 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://123.selornews.com/dannig/common-player-arrow/img/icon2.png
Requested by
Host: 517s61.reminews.com
URL: https://517s61.reminews.com/dannig/common-player-arrow/index.html?var=1541501&ymid=211203112245a1502adeec4e5cb4b4ca4fc6&rc=1&mrc=0&fsc=0&zoneid=1601571&tburl=https://play-vids.com/?geo=nl&proxy=true
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
45.133.44.4 Philadelphia, United States, ASN39572 (ADVANCEDHOSTERS-AS, NL),
Reverse DNS
Software
nginx/1.18.0 /
Resource Hash

Request headers

Accept-Language
nl-NL,nl;q=0.9
Referer
https://517s61.reminews.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date
Fri, 03 Dec 2021 16:22:47 GMT
x-openstack-request-id
txa9b08c83d6884e2e94886-00617824f0
x-trans-id
txa9b08c83d6884e2e94886-00617824f0
x-timestamp
1621260766.58366
accept-ranges
bytes
expires
Sun, 05 Dec 2021 16:22:47 GMT
last-modified
Mon, 17 May 2021 14:12:47 GMT
server
nginx/1.18.0
etag
c947d439eb93367f1af5b2a3d222f057
vary
Accept-Encoding
access-control-allow-methods
HEAD,GET,POST,PUT,PATCH,DELETE,OPTIONS
content-type
image/png
access-control-allow-origin
*
access-control-expose-headers
X-Container-Meta-Temp-Url-Key,X-Container-Bytes-Used,Last-Modified,X-Timestamp
cache-control
max-age=172800
content-length
4576
access-control-allow-headers
Content-Type,X-Requested-With,X-Auth-Token,X-Openstack-Request-Id,X-Container-Meta-type,X-Container-Meta-Temp-URL-Key,Authorization
x-proxy-cache
HIT
icon3.png
123.selornews.com/dannig/common-player-arrow/img/ 		8 KB
8 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://123.selornews.com/dannig/common-player-arrow/img/icon3.png
Requested by
Host: 517s61.reminews.com
URL: https://517s61.reminews.com/dannig/common-player-arrow/index.html?var=1541501&ymid=211203112245a1502adeec4e5cb4b4ca4fc6&rc=1&mrc=0&fsc=0&zoneid=1601571&tburl=https://play-vids.com/?geo=nl&proxy=true
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
45.133.44.4 Philadelphia, United States, ASN39572 (ADVANCEDHOSTERS-AS, NL),
Reverse DNS
Software
nginx/1.18.0 /
Resource Hash

Request headers

Accept-Language
nl-NL,nl;q=0.9
Referer
https://517s61.reminews.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date
Fri, 03 Dec 2021 16:22:47 GMT
x-openstack-request-id
txe836bc800dc74cab8c17e-00617824f0
x-trans-id
txe836bc800dc74cab8c17e-00617824f0
x-timestamp
1621260770.61859
accept-ranges
bytes
expires
Sun, 05 Dec 2021 16:22:47 GMT
last-modified
Mon, 17 May 2021 14:12:51 GMT
server
nginx/1.18.0
etag
8f3cc830da0b1fdf66bda7d1d734747b
vary
Accept-Encoding
access-control-allow-methods
HEAD,GET,POST,PUT,PATCH,DELETE,OPTIONS
content-type
image/png
access-control-allow-origin
*
access-control-expose-headers
X-Container-Meta-Temp-Url-Key,X-Container-Bytes-Used,Last-Modified,X-Timestamp
cache-control
max-age=172800
content-length
7847
access-control-allow-headers
Content-Type,X-Requested-With,X-Auth-Token,X-Openstack-Request-Id,X-Container-Meta-type,X-Container-Meta-Temp-URL-Key,Authorization
x-proxy-cache
HIT
icon4.png
123.selornews.com/dannig/common-player-arrow/img/ 		7 KB
7 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://123.selornews.com/dannig/common-player-arrow/img/icon4.png
Requested by
Host: 517s61.reminews.com
URL: https://517s61.reminews.com/dannig/common-player-arrow/index.html?var=1541501&ymid=211203112245a1502adeec4e5cb4b4ca4fc6&rc=1&mrc=0&fsc=0&zoneid=1601571&tburl=https://play-vids.com/?geo=nl&proxy=true
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
45.133.44.4 Philadelphia, United States, ASN39572 (ADVANCEDHOSTERS-AS, NL),
Reverse DNS
Software
nginx/1.18.0 /
Resource Hash

Request headers

Accept-Language
nl-NL,nl;q=0.9
Referer
https://517s61.reminews.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date
Fri, 03 Dec 2021 16:22:47 GMT
x-openstack-request-id
tx15b172dcb6084849bf123-00617824f0
x-trans-id
tx15b172dcb6084849bf123-00617824f0
x-timestamp
1621260766.57654
accept-ranges
bytes
expires
Sun, 05 Dec 2021 16:22:47 GMT
last-modified
Mon, 17 May 2021 14:12:47 GMT
server
nginx/1.18.0
etag
7ad7f32c1c0df7b4975cc41bda4ac435
vary
Accept-Encoding
access-control-allow-methods
HEAD,GET,POST,PUT,PATCH,DELETE,OPTIONS
content-type
image/png
access-control-allow-origin
*
access-control-expose-headers
X-Container-Meta-Temp-Url-Key,X-Container-Bytes-Used,Last-Modified,X-Timestamp
cache-control
max-age=172800
content-length
7032
access-control-allow-headers
Content-Type,X-Requested-With,X-Auth-Token,X-Openstack-Request-Id,X-Container-Meta-type,X-Container-Meta-Temp-URL-Key,Authorization
x-proxy-cache
HIT
icon5.png
123.selornews.com/dannig/common-player-arrow/img/ 		3 KB
4 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://123.selornews.com/dannig/common-player-arrow/img/icon5.png
Requested by
Host: 517s61.reminews.com
URL: https://517s61.reminews.com/dannig/common-player-arrow/index.html?var=1541501&ymid=211203112245a1502adeec4e5cb4b4ca4fc6&rc=1&mrc=0&fsc=0&zoneid=1601571&tburl=https://play-vids.com/?geo=nl&proxy=true
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
45.133.44.4 Philadelphia, United States, ASN39572 (ADVANCEDHOSTERS-AS, NL),
Reverse DNS
Software
nginx/1.18.0 /
Resource Hash

Request headers

Accept-Language
nl-NL,nl;q=0.9
Referer
https://517s61.reminews.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date
Fri, 03 Dec 2021 16:22:47 GMT
x-openstack-request-id
txb5043e51fe2e4d6988631-00617824f0
x-trans-id
txb5043e51fe2e4d6988631-00617824f0
x-timestamp
1621260766.74516
accept-ranges
bytes
expires
Sun, 05 Dec 2021 16:22:47 GMT
last-modified
Mon, 17 May 2021 14:12:47 GMT
server
nginx/1.18.0
etag
1e1a7582b5da63e10485d63f97abc9a0
vary
Accept-Encoding
access-control-allow-methods
HEAD,GET,POST,PUT,PATCH,DELETE,OPTIONS
content-type
image/png
access-control-allow-origin
*
access-control-expose-headers
X-Container-Meta-Temp-Url-Key,X-Container-Bytes-Used,Last-Modified,X-Timestamp
cache-control
max-age=172800
content-length
3264
access-control-allow-headers
Content-Type,X-Requested-With,X-Auth-Token,X-Openstack-Request-Id,X-Container-Meta-type,X-Container-Meta-Temp-URL-Key,Authorization
x-proxy-cache
HIT
icon7.png
123.selornews.com/dannig/common-player-arrow/img/ 		3 KB
4 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://123.selornews.com/dannig/common-player-arrow/img/icon7.png
Requested by
Host: 517s61.reminews.com
URL: https://517s61.reminews.com/dannig/common-player-arrow/index.html?var=1541501&ymid=211203112245a1502adeec4e5cb4b4ca4fc6&rc=1&mrc=0&fsc=0&zoneid=1601571&tburl=https://play-vids.com/?geo=nl&proxy=true
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
45.133.44.4 Philadelphia, United States, ASN39572 (ADVANCEDHOSTERS-AS, NL),
Reverse DNS
Software
nginx/1.18.0 /
Resource Hash

Request headers

Accept-Language
nl-NL,nl;q=0.9
Referer
https://517s61.reminews.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date
Fri, 03 Dec 2021 16:22:47 GMT
x-openstack-request-id
tx23eb648f44094a9e86fdc-00617824f0
x-trans-id
tx23eb648f44094a9e86fdc-00617824f0
x-timestamp
1621260767.43555
accept-ranges
bytes
expires
Sun, 05 Dec 2021 16:22:47 GMT
last-modified
Mon, 17 May 2021 14:12:48 GMT
server
nginx/1.18.0
etag
b512735542cb07b3b2dcf153a7dfe456
vary
Accept-Encoding
access-control-allow-methods
HEAD,GET,POST,PUT,PATCH,DELETE,OPTIONS
content-type
image/png
access-control-allow-origin
*
access-control-expose-headers
X-Container-Meta-Temp-Url-Key,X-Container-Bytes-Used,Last-Modified,X-Timestamp
cache-control
max-age=172800
content-length
3283
access-control-allow-headers
Content-Type,X-Requested-With,X-Auth-Token,X-Openstack-Request-Id,X-Container-Meta-type,X-Container-Meta-Temp-URL-Key,Authorization
x-proxy-cache
HIT
icon8.png
123.selornews.com/dannig/common-player-arrow/img/ 		4 KB
5 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://123.selornews.com/dannig/common-player-arrow/img/icon8.png
Requested by
Host: 517s61.reminews.com
URL: https://517s61.reminews.com/dannig/common-player-arrow/index.html?var=1541501&ymid=211203112245a1502adeec4e5cb4b4ca4fc6&rc=1&mrc=0&fsc=0&zoneid=1601571&tburl=https://play-vids.com/?geo=nl&proxy=true
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
45.133.44.4 Philadelphia, United States, ASN39572 (ADVANCEDHOSTERS-AS, NL),
Reverse DNS
Software
nginx/1.18.0 /
Resource Hash

Request headers

Accept-Language
nl-NL,nl;q=0.9
Referer
https://517s61.reminews.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date
Fri, 03 Dec 2021 16:22:47 GMT
x-openstack-request-id
tx287de7c84de84b77b385d-00617824f0
x-trans-id
tx287de7c84de84b77b385d-00617824f0
x-timestamp
1621260767.46514
accept-ranges
bytes
expires
Sun, 05 Dec 2021 16:22:47 GMT
last-modified
Mon, 17 May 2021 14:12:48 GMT
server
nginx/1.18.0
etag
f92d6474ebc6a3a0b576749cfb4afe98
vary
Accept-Encoding
access-control-allow-methods
HEAD,GET,POST,PUT,PATCH,DELETE,OPTIONS
content-type
image/png
access-control-allow-origin
*
access-control-expose-headers
X-Container-Meta-Temp-Url-Key,X-Container-Bytes-Used,Last-Modified,X-Timestamp
cache-control
max-age=172800
content-length
4064
access-control-allow-headers
Content-Type,X-Requested-With,X-Auth-Token,X-Openstack-Request-Id,X-Container-Meta-type,X-Container-Meta-Temp-URL-Key,Authorization
x-proxy-cache
HIT
afu.php
kneeansweras.com/ 		2 KB
1 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://kneeansweras.com/afu.php?zoneid=1541502&var=1541501
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
109.206.162.83 , Netherlands, ASN50245 (SERVEREL-AS, NL),
Reverse DNS
83.162.serverel.net
Software
nginx /
Resource Hash
8e7e967e9d3cca11b0b43292ebe7ac5cbc410968d0caff7559d950ff801d0cf7

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36
Accept-Language
nl-NL,nl;q=0.9

Response headers

server
nginx
date
Fri, 03 Dec 2021 16:22:47 GMT
content-type
text/html; charset=utf-8
vary
Accept-Encoding
content-encoding
gzip
timing-allow-origin
*
submit.min.js
kneeansweras.com/ 		34 KB
14 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://kneeansweras.com/submit.min.js?2.0
Requested by
Host: kneeansweras.com
URL: https://kneeansweras.com/afu.php?zoneid=1541502&var=1541501
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
109.206.162.83 , Netherlands, ASN50245 (SERVEREL-AS, NL),
Reverse DNS
83.162.serverel.net
Software
nginx /
Resource Hash
85a367f436675a0f9ff723ab117c68ab0f704cd9f183bc40c8d5e06d647832b8

Request headers

Accept-Language
nl-NL,nl;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date
Fri, 03 Dec 2021 16:22:47 GMT
content-encoding
gzip
last-modified
Thu, 02 Dec 2021 12:43:17 GMT
server
nginx
etag
W/"61a8bf65-87fb"
vary
Accept-Encoding
content-type
application/javascript
timing-allow-origin
*
/
kneeansweras.com/ 		3 KB
2 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://kneeansweras.com/?r=dir&zoneid=1541502&var=1541501&pb=49bc048204b6abe9985c0cd8b82f5e861638555767&psp=4nMwpyErPv2cMBmP5N4GBoDmbUq7HXuSb8f5nDaPfrDztnPCxRoa7kcicT9zmwJzLBU97xqXzmkmxJhQLTOdks7OjeDrG7MenYuEN-0OxxisAknacwU_wAI28524GcnlhZa3_jxokKDme-HrEjs5j-_dG_aq_Vy2n3MuTkG3mjCoBi6NnZUN1u5s5XHwE4uGVBes22AXajwZHyl7FDkOXuQhp5NBJdNFXXI3tRHnCaNWfQ6G5Nhl1QEh_H8_yvbzvGVh7OeB63Iae-4w2q8xaNgxfJcBCbaWeLY21Ypx3iteviPsTawa7UCHuwwSv7-0RDQi7enk0VcWAuApChRK37jtVyEzcLY6Ee2aSqGPodnA3uM2WnI6ueOmyY5vE_nY_J-0JyjGPjQMoetwamJEACSrDiL9G1fVC9WmmowJLQ9hAKzsj7_tdCy6ZOlUbqnLqb9knG12z5W3OMoPv47ppuvV8BR7v46wr712wiHFymZb8nlcsdSJ2NEdlG4uakIkaOne8Ap8jMQf7B5OxYq8XboFOqq5ya3Bd2m35VEbAKExogqmDTDGxYHmr9ElEgi-H5rELPINI5UmHQ7XXXVKUzmoDt4GHFctCXUFQU6nlifi-hD5zIK4KZt9yb4wylZJ2ZkdY2mTEsG1ZqHwNujr_0vNmLyiyBMHEDZrSsDQEyoAudDksQS8Aw==&nojs=0&ix=0&t=0&x=1600&y=1200&wcks=1&wgl=1&cnvs=1&os=0&md=0&bb=0&pl=Chrome%20PDF%20Plugin::Chrome%20PDF%20Viewer::Native%20Client&lang=en-US&pf=Linux%20x86_64&cd=24&0&pload=108
Requested by
Host: kneeansweras.com
URL: https://kneeansweras.com/submit.min.js?2.0
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
109.206.162.83 , Netherlands, ASN50245 (SERVEREL-AS, NL),
Reverse DNS
83.162.serverel.net
Software
nginx /
Resource Hash
e1020d2affddda01f74e42b56c7c384cb973b90a9b6d40b5c6136d1f8d666ae7

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36
Accept-Language
nl-NL,nl;q=0.9

Response headers

server
nginx
date
Fri, 03 Dec 2021 16:22:47 GMT
content-type
text/html; charset=utf-8
vary
Accept-Encoding
content-encoding
gzip
timing-allow-origin
*
index.html
517s61.reminews.com/dannig/common-player-arrow/ 		6 KB
7 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://517s61.reminews.com/dannig/common-player-arrow/index.html?var=1541502&ymid=21120311229d22a114d2a1412d80598a0b00&rc=1&mrc=0&fsc=0&zoneid=1601571&tburl=https://play-vids.com/?geo=nl&proxy=true
Requested by
Host: kneeansweras.com
URL: https://kneeansweras.com/?r=dir&zoneid=1541502&var=1541501&pb=49bc048204b6abe9985c0cd8b82f5e861638555767&psp=4nMwpyErPv2cMBmP5N4GBoDmbUq7HXuSb8f5nDaPfrDztnPCxRoa7kcicT9zmwJzLBU97xqXzmkmxJhQLTOdks7OjeDrG7MenYuEN-0OxxisAknacwU_wAI28524GcnlhZa3_jxokKDme-HrEjs5j-_dG_aq_Vy2n3MuTkG3mjCoBi6NnZUN1u5s5XHwE4uGVBes22AXajwZHyl7FDkOXuQhp5NBJdNFXXI3tRHnCaNWfQ6G5Nhl1QEh_H8_yvbzvGVh7OeB63Iae-4w2q8xaNgxfJcBCbaWeLY21Ypx3iteviPsTawa7UCHuwwSv7-0RDQi7enk0VcWAuApChRK37jtVyEzcLY6Ee2aSqGPodnA3uM2WnI6ueOmyY5vE_nY_J-0JyjGPjQMoetwamJEACSrDiL9G1fVC9WmmowJLQ9hAKzsj7_tdCy6ZOlUbqnLqb9knG12z5W3OMoPv47ppuvV8BR7v46wr712wiHFymZb8nlcsdSJ2NEdlG4uakIkaOne8Ap8jMQf7B5OxYq8XboFOqq5ya3Bd2m35VEbAKExogqmDTDGxYHmr9ElEgi-H5rELPINI5UmHQ7XXXVKUzmoDt4GHFctCXUFQU6nlifi-hD5zIK4KZt9yb4wylZJ2ZkdY2mTEsG1ZqHwNujr_0vNmLyiyBMHEDZrSsDQEyoAudDksQS8Aw==&nojs=0&ix=0&t=0&x=1600&y=1200&wcks=1&wgl=1&cnvs=1&os=0&md=0&bb=0&pl=Chrome%20PDF%20Plugin::Chrome%20PDF%20Viewer::Native%20Client&lang=en-US&pf=Linux%20x86_64&cd=24&0&pload=108
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
45.133.44.3 Philadelphia, United States, ASN39572 (ADVANCEDHOSTERS-AS, NL),
Reverse DNS
Software
nginx/1.18.0 /
Resource Hash
dccc56b4834577790633f041a5c730b0f283352e63c8509a9da3961b170b6f96

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36
Accept-Language
nl-NL,nl;q=0.9

Response headers

date
Fri, 03 Dec 2021 16:22:47 GMT
content-type
text/html; charset=utf-8
content-length
6611
server
nginx/1.18.0
last-modified
Tue, 26 Oct 2021 15:52:40 GMT
etag
f46a63e0e4e733d7ddc6f46da00863bf
x-timestamp
1635263559.76455
x-trans-id
txf9973ab5455e4f86ae257-00617824f3
x-openstack-request-id
txf9973ab5455e4f86ae257-00617824f3
cache-control
max-age=172800
access-control-allow-origin
*
access-control-allow-methods
HEAD,GET,POST,PUT,PATCH,DELETE,OPTIONS
access-control-allow-headers
Content-Type,X-Requested-With,X-Auth-Token,X-Openstack-Request-Id,X-Container-Meta-type,X-Container-Meta-Temp-URL-Key,Authorization
access-control-expose-headers
X-Container-Meta-Temp-Url-Key,X-Container-Bytes-Used,Last-Modified,X-Timestamp
expires
Sun, 05 Dec 2021 16:22:47 GMT
vary
Accept-Encoding
x-proxy-cache
HIT
accept-ranges
bytes
dupa.gif
kneeansweras.com/ 		0
0
script.js
123.selornews.com/dannig/common-player-arrow/ 		4 KB
5 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://123.selornews.com/dannig/common-player-arrow/script.js?a=19
Requested by
Host: 517s61.reminews.com
URL: https://517s61.reminews.com/dannig/common-player-arrow/index.html?var=1541502&ymid=21120311229d22a114d2a1412d80598a0b00&rc=1&mrc=0&fsc=0&zoneid=1601571&tburl=https://play-vids.com/?geo=nl&proxy=true
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
45.133.44.4 Philadelphia, United States, ASN39572 (ADVANCEDHOSTERS-AS, NL),
Reverse DNS
Software
nginx/1.18.0 /
Resource Hash
4d23eca65ee87fd5bce9aaefc863c5f836ad13dbb3069c72533bddfe2054d0d9

Request headers

Accept-Language
nl-NL,nl;q=0.9
Referer
https://517s61.reminews.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date
Fri, 03 Dec 2021 16:22:47 GMT
x-openstack-request-id
tx511d3042704c4fa98c709-00617824f4
x-trans-id
tx511d3042704c4fa98c709-00617824f4
x-timestamp
1631013005.68768
accept-ranges
bytes
expires
Sun, 05 Dec 2021 16:22:47 GMT
last-modified
Tue, 07 Sep 2021 11:10:06 GMT
server
nginx/1.18.0
etag
9d479878f1dadd7ee15cebf73891e8ae
vary
Accept-Encoding
access-control-allow-methods
HEAD,GET,POST,PUT,PATCH,DELETE,OPTIONS
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
access-control-expose-headers
X-Container-Meta-Temp-Url-Key,X-Container-Bytes-Used,Last-Modified,X-Timestamp
cache-control
max-age=172800
content-length
4281
access-control-allow-headers
Content-Type,X-Requested-With,X-Auth-Token,X-Openstack-Request-Id,X-Container-Meta-type,X-Container-Meta-Temp-URL-Key,Authorization
x-proxy-cache
HIT
icon1.png
123.selornews.com/dannig/common-player-arrow/img/ 		7 KB
8 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://123.selornews.com/dannig/common-player-arrow/img/icon1.png
Requested by
Host: 517s61.reminews.com
URL: https://517s61.reminews.com/dannig/common-player-arrow/index.html?var=1541502&ymid=21120311229d22a114d2a1412d80598a0b00&rc=1&mrc=0&fsc=0&zoneid=1601571&tburl=https://play-vids.com/?geo=nl&proxy=true
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
45.133.44.4 Philadelphia, United States, ASN39572 (ADVANCEDHOSTERS-AS, NL),
Reverse DNS
Software
nginx/1.18.0 /
Resource Hash

Request headers

Accept-Language
nl-NL,nl;q=0.9
Referer
https://517s61.reminews.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date
Fri, 03 Dec 2021 16:22:47 GMT
x-openstack-request-id
tx3a371b7f911d47879e956-00617824f4
x-trans-id
tx3a371b7f911d47879e956-00617824f4
x-timestamp
1621260766.56573
accept-ranges
bytes
expires
Sun, 05 Dec 2021 16:22:47 GMT
last-modified
Mon, 17 May 2021 14:12:47 GMT
server
nginx/1.18.0
etag
3d0ab5834c8bf7134e4d21fa3288317f
vary
Accept-Encoding
access-control-allow-methods
HEAD,GET,POST,PUT,PATCH,DELETE,OPTIONS
content-type
image/png
access-control-allow-origin
*
access-control-expose-headers
X-Container-Meta-Temp-Url-Key,X-Container-Bytes-Used,Last-Modified,X-Timestamp
cache-control
max-age=172800
content-length
7252
access-control-allow-headers
Content-Type,X-Requested-With,X-Auth-Token,X-Openstack-Request-Id,X-Container-Meta-type,X-Container-Meta-Temp-URL-Key,Authorization
x-proxy-cache
HIT
icon2.png
123.selornews.com/dannig/common-player-arrow/img/ 		4 KB
5 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://123.selornews.com/dannig/common-player-arrow/img/icon2.png
Requested by
Host: 517s61.reminews.com
URL: https://517s61.reminews.com/dannig/common-player-arrow/index.html?var=1541502&ymid=21120311229d22a114d2a1412d80598a0b00&rc=1&mrc=0&fsc=0&zoneid=1601571&tburl=https://play-vids.com/?geo=nl&proxy=true
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
45.133.44.4 Philadelphia, United States, ASN39572 (ADVANCEDHOSTERS-AS, NL),
Reverse DNS
Software
nginx/1.18.0 /
Resource Hash

Request headers

Accept-Language
nl-NL,nl;q=0.9
Referer
https://517s61.reminews.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date
Fri, 03 Dec 2021 16:22:47 GMT
x-openstack-request-id
txa9b08c83d6884e2e94886-00617824f0
x-trans-id
txa9b08c83d6884e2e94886-00617824f0
x-timestamp
1621260766.58366
accept-ranges
bytes
expires
Sun, 05 Dec 2021 16:22:47 GMT
last-modified
Mon, 17 May 2021 14:12:47 GMT
server
nginx/1.18.0
etag
c947d439eb93367f1af5b2a3d222f057
vary
Accept-Encoding
access-control-allow-methods
HEAD,GET,POST,PUT,PATCH,DELETE,OPTIONS
content-type
image/png
access-control-allow-origin
*
access-control-expose-headers
X-Container-Meta-Temp-Url-Key,X-Container-Bytes-Used,Last-Modified,X-Timestamp
cache-control
max-age=172800
content-length
4576
access-control-allow-headers
Content-Type,X-Requested-With,X-Auth-Token,X-Openstack-Request-Id,X-Container-Meta-type,X-Container-Meta-Temp-URL-Key,Authorization
x-proxy-cache
HIT
icon3.png
123.selornews.com/dannig/common-player-arrow/img/ 		8 KB
8 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://123.selornews.com/dannig/common-player-arrow/img/icon3.png
Requested by
Host: 517s61.reminews.com
URL: https://517s61.reminews.com/dannig/common-player-arrow/index.html?var=1541502&ymid=21120311229d22a114d2a1412d80598a0b00&rc=1&mrc=0&fsc=0&zoneid=1601571&tburl=https://play-vids.com/?geo=nl&proxy=true
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
45.133.44.4 Philadelphia, United States, ASN39572 (ADVANCEDHOSTERS-AS, NL),
Reverse DNS
Software
nginx/1.18.0 /
Resource Hash

Request headers

Accept-Language
nl-NL,nl;q=0.9
Referer
https://517s61.reminews.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date
Fri, 03 Dec 2021 16:22:47 GMT
x-openstack-request-id
txe836bc800dc74cab8c17e-00617824f0
x-trans-id
txe836bc800dc74cab8c17e-00617824f0
x-timestamp
1621260770.61859
accept-ranges
bytes
expires
Sun, 05 Dec 2021 16:22:47 GMT
last-modified
Mon, 17 May 2021 14:12:51 GMT
server
nginx/1.18.0
etag
8f3cc830da0b1fdf66bda7d1d734747b
vary
Accept-Encoding
access-control-allow-methods
HEAD,GET,POST,PUT,PATCH,DELETE,OPTIONS
content-type
image/png
access-control-allow-origin
*
access-control-expose-headers
X-Container-Meta-Temp-Url-Key,X-Container-Bytes-Used,Last-Modified,X-Timestamp
cache-control
max-age=172800
content-length
7847
access-control-allow-headers
Content-Type,X-Requested-With,X-Auth-Token,X-Openstack-Request-Id,X-Container-Meta-type,X-Container-Meta-Temp-URL-Key,Authorization
x-proxy-cache
HIT
icon4.png
123.selornews.com/dannig/common-player-arrow/img/ 		7 KB
7 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://123.selornews.com/dannig/common-player-arrow/img/icon4.png
Requested by
Host: 517s61.reminews.com
URL: https://517s61.reminews.com/dannig/common-player-arrow/index.html?var=1541502&ymid=21120311229d22a114d2a1412d80598a0b00&rc=1&mrc=0&fsc=0&zoneid=1601571&tburl=https://play-vids.com/?geo=nl&proxy=true
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
45.133.44.4 Philadelphia, United States, ASN39572 (ADVANCEDHOSTERS-AS, NL),
Reverse DNS
Software
nginx/1.18.0 /
Resource Hash

Request headers

Accept-Language
nl-NL,nl;q=0.9
Referer
https://517s61.reminews.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date
Fri, 03 Dec 2021 16:22:47 GMT
x-openstack-request-id
tx15b172dcb6084849bf123-00617824f0
x-trans-id
tx15b172dcb6084849bf123-00617824f0
x-timestamp
1621260766.57654
accept-ranges
bytes
expires
Sun, 05 Dec 2021 16:22:47 GMT
last-modified
Mon, 17 May 2021 14:12:47 GMT
server
nginx/1.18.0
etag
7ad7f32c1c0df7b4975cc41bda4ac435
vary
Accept-Encoding
access-control-allow-methods
HEAD,GET,POST,PUT,PATCH,DELETE,OPTIONS
content-type
image/png
access-control-allow-origin
*
access-control-expose-headers
X-Container-Meta-Temp-Url-Key,X-Container-Bytes-Used,Last-Modified,X-Timestamp
cache-control
max-age=172800
content-length
7032
access-control-allow-headers
Content-Type,X-Requested-With,X-Auth-Token,X-Openstack-Request-Id,X-Container-Meta-type,X-Container-Meta-Temp-URL-Key,Authorization
x-proxy-cache
HIT
icon5.png
123.selornews.com/dannig/common-player-arrow/img/ 		3 KB
4 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://123.selornews.com/dannig/common-player-arrow/img/icon5.png
Requested by
Host: 517s61.reminews.com
URL: https://517s61.reminews.com/dannig/common-player-arrow/index.html?var=1541502&ymid=21120311229d22a114d2a1412d80598a0b00&rc=1&mrc=0&fsc=0&zoneid=1601571&tburl=https://play-vids.com/?geo=nl&proxy=true
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
45.133.44.4 Philadelphia, United States, ASN39572 (ADVANCEDHOSTERS-AS, NL),
Reverse DNS
Software
nginx/1.18.0 /
Resource Hash

Request headers

Accept-Language
nl-NL,nl;q=0.9
Referer
https://517s61.reminews.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date
Fri, 03 Dec 2021 16:22:47 GMT
x-openstack-request-id
txb5043e51fe2e4d6988631-00617824f0
x-trans-id
txb5043e51fe2e4d6988631-00617824f0
x-timestamp
1621260766.74516
accept-ranges
bytes
expires
Sun, 05 Dec 2021 16:22:47 GMT
last-modified
Mon, 17 May 2021 14:12:47 GMT
server
nginx/1.18.0
etag
1e1a7582b5da63e10485d63f97abc9a0
vary
Accept-Encoding
access-control-allow-methods
HEAD,GET,POST,PUT,PATCH,DELETE,OPTIONS
content-type
image/png
access-control-allow-origin
*
access-control-expose-headers
X-Container-Meta-Temp-Url-Key,X-Container-Bytes-Used,Last-Modified,X-Timestamp
cache-control
max-age=172800
content-length
3264
access-control-allow-headers
Content-Type,X-Requested-With,X-Auth-Token,X-Openstack-Request-Id,X-Container-Meta-type,X-Container-Meta-Temp-URL-Key,Authorization
x-proxy-cache
HIT
icon7.png
123.selornews.com/dannig/common-player-arrow/img/ 		3 KB
4 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://123.selornews.com/dannig/common-player-arrow/img/icon7.png
Requested by
Host: 517s61.reminews.com
URL: https://517s61.reminews.com/dannig/common-player-arrow/index.html?var=1541502&ymid=21120311229d22a114d2a1412d80598a0b00&rc=1&mrc=0&fsc=0&zoneid=1601571&tburl=https://play-vids.com/?geo=nl&proxy=true
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
45.133.44.4 Philadelphia, United States, ASN39572 (ADVANCEDHOSTERS-AS, NL),
Reverse DNS
Software
nginx/1.18.0 /
Resource Hash

Request headers

Accept-Language
nl-NL,nl;q=0.9
Referer
https://517s61.reminews.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date
Fri, 03 Dec 2021 16:22:47 GMT
x-openstack-request-id
tx23eb648f44094a9e86fdc-00617824f0
x-trans-id
tx23eb648f44094a9e86fdc-00617824f0
x-timestamp
1621260767.43555
accept-ranges
bytes
expires
Sun, 05 Dec 2021 16:22:47 GMT
last-modified
Mon, 17 May 2021 14:12:48 GMT
server
nginx/1.18.0
etag
b512735542cb07b3b2dcf153a7dfe456
vary
Accept-Encoding
access-control-allow-methods
HEAD,GET,POST,PUT,PATCH,DELETE,OPTIONS
content-type
image/png
access-control-allow-origin
*
access-control-expose-headers
X-Container-Meta-Temp-Url-Key,X-Container-Bytes-Used,Last-Modified,X-Timestamp
cache-control
max-age=172800
content-length
3283
access-control-allow-headers
Content-Type,X-Requested-With,X-Auth-Token,X-Openstack-Request-Id,X-Container-Meta-type,X-Container-Meta-Temp-URL-Key,Authorization
x-proxy-cache
HIT
icon8.png
123.selornews.com/dannig/common-player-arrow/img/ 		4 KB
5 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://123.selornews.com/dannig/common-player-arrow/img/icon8.png
Requested by
Host: 517s61.reminews.com
URL: https://517s61.reminews.com/dannig/common-player-arrow/index.html?var=1541502&ymid=21120311229d22a114d2a1412d80598a0b00&rc=1&mrc=0&fsc=0&zoneid=1601571&tburl=https://play-vids.com/?geo=nl&proxy=true
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
45.133.44.4 Philadelphia, United States, ASN39572 (ADVANCEDHOSTERS-AS, NL),
Reverse DNS
Software
nginx/1.18.0 /
Resource Hash

Request headers

Accept-Language
nl-NL,nl;q=0.9
Referer
https://517s61.reminews.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date
Fri, 03 Dec 2021 16:22:47 GMT
x-openstack-request-id
tx287de7c84de84b77b385d-00617824f0
x-trans-id
tx287de7c84de84b77b385d-00617824f0
x-timestamp
1621260767.46514
accept-ranges
bytes
expires
Sun, 05 Dec 2021 16:22:47 GMT
last-modified
Mon, 17 May 2021 14:12:48 GMT
server
nginx/1.18.0
etag
f92d6474ebc6a3a0b576749cfb4afe98
vary
Accept-Encoding
access-control-allow-methods
HEAD,GET,POST,PUT,PATCH,DELETE,OPTIONS
content-type
image/png
access-control-allow-origin
*
access-control-expose-headers
X-Container-Meta-Temp-Url-Key,X-Container-Bytes-Used,Last-Modified,X-Timestamp
cache-control
max-age=172800
content-length
4064
access-control-allow-headers
Content-Type,X-Requested-With,X-Auth-Token,X-Openstack-Request-Id,X-Container-Meta-type,X-Container-Meta-Temp-URL-Key,Authorization
x-proxy-cache
HIT
afu.php
kneeansweras.com/ 		2 KB
1 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://kneeansweras.com/afu.php?zoneid=1541501&var=1541502
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
109.206.162.83 , Netherlands, ASN50245 (SERVEREL-AS, NL),
Reverse DNS
83.162.serverel.net
Software
nginx /
Resource Hash
993d90465a68e961990256189305e6b92a7044ee39deed135a7d4bffd4aedbe4

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36
Accept-Language
nl-NL,nl;q=0.9

Response headers

server
nginx
date
Fri, 03 Dec 2021 16:22:47 GMT
content-type
text/html; charset=utf-8
vary
Accept-Encoding
content-encoding
gzip
timing-allow-origin
*
submit.min.js
kneeansweras.com/ 		34 KB
14 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://kneeansweras.com/submit.min.js?2.0
Requested by
Host: kneeansweras.com
URL: https://kneeansweras.com/afu.php?zoneid=1541501&var=1541502
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
109.206.162.83 , Netherlands, ASN50245 (SERVEREL-AS, NL),
Reverse DNS
83.162.serverel.net
Software
nginx /
Resource Hash
85a367f436675a0f9ff723ab117c68ab0f704cd9f183bc40c8d5e06d647832b8

Request headers

Accept-Language
nl-NL,nl;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date
Fri, 03 Dec 2021 16:22:47 GMT
content-encoding
gzip
last-modified
Thu, 02 Dec 2021 12:43:17 GMT
server
nginx
etag
W/"61a8bf65-87fb"
vary
Accept-Encoding
content-type
application/javascript
timing-allow-origin
*
/
kneeansweras.com/ 		3 KB
2 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://kneeansweras.com/?r=dir&zoneid=1541501&var=1541502&pb=49bc048204b6abe9985c0cd8b82f5e861638555767&psp=wbnJcY4Rc1f2udQfxEyLUkHRN6Ek3x96FewGv1nSX9vvviu2mWsMDsq8GCpy1VIasMu7V4FdTDSNrCIxlxHJM7fKAH9UE9FgPMXBqkTv0ZgrsuIPjijU_ItbS2Ir_j_lz73Jzy-zn_9o-x0-8meCWZ1Q4eV6qddo0y_gSRnQ7d-zzv3-kOemqeuTwmSxKHp5N8lNTucSjsntrESByTv3yBQSRnE6GjuQO_7PTyI45RcMr9-8A5OFVuzAT9uEFX_W9KwMIS19g_3tLwHp_VsVU7b2BB-fFQNoQ6QRS0D7aiWv0a1tlApwqiDlOb-aL7RQWQnS7hd1tCHWtFr4kyEo2G6w7rRBkXjq0KIETMfHN3vsTIWRNjR8dKF1_ElM1suJXGlQ37MWXcdBpmt7ra9I68zNumyhY_NgZeKlY3moJ1p_lgVN-U13enXyUxtBOkcRwh-XRkV8FRpCLEX84En9S0dB5VkgGKXg0dUVyYsKeK979V7QO9fcaK7E9GTefLtZ1WAwy5asiMeXHhCmn27xekAHu5lVA8fZBXOxG0P7GmvZiacq_ZdEcdcv6ULjRQuNn2cA3-EejHjO_bvo6xDd-vdlNT614Vg5WejSt-rEy-Zyg67AdxBRPceHqUPlb_LtXB25XfNzyy2Wyv-nCtX-K4Mp4qWzEqegg1sYkTmo5vazjG6oB2B-Zg==&nojs=0&ix=0&t=0&x=1600&y=1200&wcks=1&wgl=1&cnvs=1&os=0&md=0&bb=0&pl=Chrome%20PDF%20Plugin::Chrome%20PDF%20Viewer::Native%20Client&lang=en-US&pf=Linux%20x86_64&cd=24&0&pload=99
Requested by
Host: kneeansweras.com
URL: https://kneeansweras.com/submit.min.js?2.0
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
109.206.162.83 , Netherlands, ASN50245 (SERVEREL-AS, NL),
Reverse DNS
83.162.serverel.net
Software
nginx /
Resource Hash
df03b665848d9cb17f71ac3d0a9530e6359b5697be4276eb4000d18dce1d551b

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36
Accept-Language
nl-NL,nl;q=0.9

Response headers

server
nginx
date
Fri, 03 Dec 2021 16:22:47 GMT
content-type
text/html; charset=utf-8
vary
Accept-Encoding
content-encoding
gzip
timing-allow-origin
*
index.html
517s61.reminews.com/dannig/common-player-arrow/ 		6 KB
7 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://517s61.reminews.com/dannig/common-player-arrow/index.html?var=1541501&ymid=211203112231db1edb2cb24925a7d058a29a&rc=1&mrc=0&fsc=0&zoneid=1601571&tburl=https://play-vids.com/?geo=nl&proxy=true
Requested by
Host: kneeansweras.com
URL: https://kneeansweras.com/?r=dir&zoneid=1541501&var=1541502&pb=49bc048204b6abe9985c0cd8b82f5e861638555767&psp=wbnJcY4Rc1f2udQfxEyLUkHRN6Ek3x96FewGv1nSX9vvviu2mWsMDsq8GCpy1VIasMu7V4FdTDSNrCIxlxHJM7fKAH9UE9FgPMXBqkTv0ZgrsuIPjijU_ItbS2Ir_j_lz73Jzy-zn_9o-x0-8meCWZ1Q4eV6qddo0y_gSRnQ7d-zzv3-kOemqeuTwmSxKHp5N8lNTucSjsntrESByTv3yBQSRnE6GjuQO_7PTyI45RcMr9-8A5OFVuzAT9uEFX_W9KwMIS19g_3tLwHp_VsVU7b2BB-fFQNoQ6QRS0D7aiWv0a1tlApwqiDlOb-aL7RQWQnS7hd1tCHWtFr4kyEo2G6w7rRBkXjq0KIETMfHN3vsTIWRNjR8dKF1_ElM1suJXGlQ37MWXcdBpmt7ra9I68zNumyhY_NgZeKlY3moJ1p_lgVN-U13enXyUxtBOkcRwh-XRkV8FRpCLEX84En9S0dB5VkgGKXg0dUVyYsKeK979V7QO9fcaK7E9GTefLtZ1WAwy5asiMeXHhCmn27xekAHu5lVA8fZBXOxG0P7GmvZiacq_ZdEcdcv6ULjRQuNn2cA3-EejHjO_bvo6xDd-vdlNT614Vg5WejSt-rEy-Zyg67AdxBRPceHqUPlb_LtXB25XfNzyy2Wyv-nCtX-K4Mp4qWzEqegg1sYkTmo5vazjG6oB2B-Zg==&nojs=0&ix=0&t=0&x=1600&y=1200&wcks=1&wgl=1&cnvs=1&os=0&md=0&bb=0&pl=Chrome%20PDF%20Plugin::Chrome%20PDF%20Viewer::Native%20Client&lang=en-US&pf=Linux%20x86_64&cd=24&0&pload=99
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
45.133.44.3 Philadelphia, United States, ASN39572 (ADVANCEDHOSTERS-AS, NL),
Reverse DNS
Software
nginx/1.18.0 /
Resource Hash
dccc56b4834577790633f041a5c730b0f283352e63c8509a9da3961b170b6f96

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36
Accept-Language
nl-NL,nl;q=0.9

Response headers

date
Fri, 03 Dec 2021 16:22:47 GMT
content-type
text/html; charset=utf-8
content-length
6611
server
nginx/1.18.0
last-modified
Tue, 26 Oct 2021 15:52:40 GMT
etag
f46a63e0e4e733d7ddc6f46da00863bf
x-timestamp
1635263559.76455
x-trans-id
txf9973ab5455e4f86ae257-00617824f3
x-openstack-request-id
txf9973ab5455e4f86ae257-00617824f3
cache-control
max-age=172800
access-control-allow-origin
*
access-control-allow-methods
HEAD,GET,POST,PUT,PATCH,DELETE,OPTIONS
access-control-allow-headers
Content-Type,X-Requested-With,X-Auth-Token,X-Openstack-Request-Id,X-Container-Meta-type,X-Container-Meta-Temp-URL-Key,Authorization
access-control-expose-headers
X-Container-Meta-Temp-Url-Key,X-Container-Bytes-Used,Last-Modified,X-Timestamp
expires
Sun, 05 Dec 2021 16:22:47 GMT
vary
Accept-Encoding
x-proxy-cache
HIT
accept-ranges
bytes
dupa.gif
kneeansweras.com/ 		0
0
script.js
123.selornews.com/dannig/common-player-arrow/ 		4 KB
5 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://123.selornews.com/dannig/common-player-arrow/script.js?a=19
Requested by
Host: 517s61.reminews.com
URL: https://517s61.reminews.com/dannig/common-player-arrow/index.html?var=1541501&ymid=211203112231db1edb2cb24925a7d058a29a&rc=1&mrc=0&fsc=0&zoneid=1601571&tburl=https://play-vids.com/?geo=nl&proxy=true
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
45.133.44.4 Philadelphia, United States, ASN39572 (ADVANCEDHOSTERS-AS, NL),
Reverse DNS
Software
nginx/1.18.0 /
Resource Hash
4d23eca65ee87fd5bce9aaefc863c5f836ad13dbb3069c72533bddfe2054d0d9

Request headers

Accept-Language
nl-NL,nl;q=0.9
Referer
https://517s61.reminews.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date
Fri, 03 Dec 2021 16:22:47 GMT
x-openstack-request-id
tx511d3042704c4fa98c709-00617824f4
x-trans-id
tx511d3042704c4fa98c709-00617824f4
x-timestamp
1631013005.68768
accept-ranges
bytes
expires
Sun, 05 Dec 2021 16:22:47 GMT
last-modified
Tue, 07 Sep 2021 11:10:06 GMT
server
nginx/1.18.0
etag
9d479878f1dadd7ee15cebf73891e8ae
vary
Accept-Encoding
access-control-allow-methods
HEAD,GET,POST,PUT,PATCH,DELETE,OPTIONS
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
access-control-expose-headers
X-Container-Meta-Temp-Url-Key,X-Container-Bytes-Used,Last-Modified,X-Timestamp
cache-control
max-age=172800
content-length
4281
access-control-allow-headers
Content-Type,X-Requested-With,X-Auth-Token,X-Openstack-Request-Id,X-Container-Meta-type,X-Container-Meta-Temp-URL-Key,Authorization
x-proxy-cache
HIT
icon1.png
123.selornews.com/dannig/common-player-arrow/img/ 		7 KB
8 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://123.selornews.com/dannig/common-player-arrow/img/icon1.png
Requested by
Host: 517s61.reminews.com
URL: https://517s61.reminews.com/dannig/common-player-arrow/index.html?var=1541501&ymid=211203112231db1edb2cb24925a7d058a29a&rc=1&mrc=0&fsc=0&zoneid=1601571&tburl=https://play-vids.com/?geo=nl&proxy=true
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
45.133.44.4 Philadelphia, United States, ASN39572 (ADVANCEDHOSTERS-AS, NL),
Reverse DNS
Software
nginx/1.18.0 /
Resource Hash

Request headers

Accept-Language
nl-NL,nl;q=0.9
Referer
https://517s61.reminews.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date
Fri, 03 Dec 2021 16:22:47 GMT
x-openstack-request-id
tx3a371b7f911d47879e956-00617824f4
x-trans-id
tx3a371b7f911d47879e956-00617824f4
x-timestamp
1621260766.56573
accept-ranges
bytes
expires
Sun, 05 Dec 2021 16:22:47 GMT
last-modified
Mon, 17 May 2021 14:12:47 GMT
server
nginx/1.18.0
etag
3d0ab5834c8bf7134e4d21fa3288317f
vary
Accept-Encoding
access-control-allow-methods
HEAD,GET,POST,PUT,PATCH,DELETE,OPTIONS
content-type
image/png
access-control-allow-origin
*
access-control-expose-headers
X-Container-Meta-Temp-Url-Key,X-Container-Bytes-Used,Last-Modified,X-Timestamp
cache-control
max-age=172800
content-length
7252
access-control-allow-headers
Content-Type,X-Requested-With,X-Auth-Token,X-Openstack-Request-Id,X-Container-Meta-type,X-Container-Meta-Temp-URL-Key,Authorization
x-proxy-cache
HIT
icon2.png
123.selornews.com/dannig/common-player-arrow/img/ 		4 KB
5 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://123.selornews.com/dannig/common-player-arrow/img/icon2.png
Requested by
Host: 517s61.reminews.com
URL: https://517s61.reminews.com/dannig/common-player-arrow/index.html?var=1541501&ymid=211203112231db1edb2cb24925a7d058a29a&rc=1&mrc=0&fsc=0&zoneid=1601571&tburl=https://play-vids.com/?geo=nl&proxy=true
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
45.133.44.4 Philadelphia, United States, ASN39572 (ADVANCEDHOSTERS-AS, NL),
Reverse DNS
Software
nginx/1.18.0 /
Resource Hash

Request headers

Accept-Language
nl-NL,nl;q=0.9
Referer
https://517s61.reminews.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date
Fri, 03 Dec 2021 16:22:47 GMT
x-openstack-request-id
txa9b08c83d6884e2e94886-00617824f0
x-trans-id
txa9b08c83d6884e2e94886-00617824f0
x-timestamp
1621260766.58366
accept-ranges
bytes
expires
Sun, 05 Dec 2021 16:22:47 GMT
last-modified
Mon, 17 May 2021 14:12:47 GMT
server
nginx/1.18.0
etag
c947d439eb93367f1af5b2a3d222f057
vary
Accept-Encoding
access-control-allow-methods
HEAD,GET,POST,PUT,PATCH,DELETE,OPTIONS
content-type
image/png
access-control-allow-origin
*
access-control-expose-headers
X-Container-Meta-Temp-Url-Key,X-Container-Bytes-Used,Last-Modified,X-Timestamp
cache-control
max-age=172800
content-length
4576
access-control-allow-headers
Content-Type,X-Requested-With,X-Auth-Token,X-Openstack-Request-Id,X-Container-Meta-type,X-Container-Meta-Temp-URL-Key,Authorization
x-proxy-cache
HIT
icon3.png
123.selornews.com/dannig/common-player-arrow/img/ 		8 KB
8 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://123.selornews.com/dannig/common-player-arrow/img/icon3.png
Requested by
Host: 517s61.reminews.com
URL: https://517s61.reminews.com/dannig/common-player-arrow/index.html?var=1541501&ymid=211203112231db1edb2cb24925a7d058a29a&rc=1&mrc=0&fsc=0&zoneid=1601571&tburl=https://play-vids.com/?geo=nl&proxy=true
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
45.133.44.4 Philadelphia, United States, ASN39572 (ADVANCEDHOSTERS-AS, NL),
Reverse DNS
Software
nginx/1.18.0 /
Resource Hash

Request headers

Accept-Language
nl-NL,nl;q=0.9
Referer
https://517s61.reminews.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date
Fri, 03 Dec 2021 16:22:47 GMT
x-openstack-request-id
txe836bc800dc74cab8c17e-00617824f0
x-trans-id
txe836bc800dc74cab8c17e-00617824f0
x-timestamp
1621260770.61859
accept-ranges
bytes
expires
Sun, 05 Dec 2021 16:22:47 GMT
last-modified
Mon, 17 May 2021 14:12:51 GMT
server
nginx/1.18.0
etag
8f3cc830da0b1fdf66bda7d1d734747b
vary
Accept-Encoding
access-control-allow-methods
HEAD,GET,POST,PUT,PATCH,DELETE,OPTIONS
content-type
image/png
access-control-allow-origin
*
access-control-expose-headers
X-Container-Meta-Temp-Url-Key,X-Container-Bytes-Used,Last-Modified,X-Timestamp
cache-control
max-age=172800
content-length
7847
access-control-allow-headers
Content-Type,X-Requested-With,X-Auth-Token,X-Openstack-Request-Id,X-Container-Meta-type,X-Container-Meta-Temp-URL-Key,Authorization
x-proxy-cache
HIT
icon4.png
123.selornews.com/dannig/common-player-arrow/img/ 		7 KB
7 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://123.selornews.com/dannig/common-player-arrow/img/icon4.png
Requested by
Host: 517s61.reminews.com
URL: https://517s61.reminews.com/dannig/common-player-arrow/index.html?var=1541501&ymid=211203112231db1edb2cb24925a7d058a29a&rc=1&mrc=0&fsc=0&zoneid=1601571&tburl=https://play-vids.com/?geo=nl&proxy=true
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
45.133.44.4 Philadelphia, United States, ASN39572 (ADVANCEDHOSTERS-AS, NL),
Reverse DNS
Software
nginx/1.18.0 /
Resource Hash

Request headers

Accept-Language
nl-NL,nl;q=0.9
Referer
https://517s61.reminews.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date
Fri, 03 Dec 2021 16:22:47 GMT
x-openstack-request-id
tx15b172dcb6084849bf123-00617824f0
x-trans-id
tx15b172dcb6084849bf123-00617824f0
x-timestamp
1621260766.57654
accept-ranges
bytes
expires
Sun, 05 Dec 2021 16:22:47 GMT
last-modified
Mon, 17 May 2021 14:12:47 GMT
server
nginx/1.18.0
etag
7ad7f32c1c0df7b4975cc41bda4ac435
vary
Accept-Encoding
access-control-allow-methods
HEAD,GET,POST,PUT,PATCH,DELETE,OPTIONS
content-type
image/png
access-control-allow-origin
*
access-control-expose-headers
X-Container-Meta-Temp-Url-Key,X-Container-Bytes-Used,Last-Modified,X-Timestamp
cache-control
max-age=172800
content-length
7032
access-control-allow-headers
Content-Type,X-Requested-With,X-Auth-Token,X-Openstack-Request-Id,X-Container-Meta-type,X-Container-Meta-Temp-URL-Key,Authorization
x-proxy-cache
HIT
icon5.png
123.selornews.com/dannig/common-player-arrow/img/ 		3 KB
4 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://123.selornews.com/dannig/common-player-arrow/img/icon5.png
Requested by
Host: 517s61.reminews.com
URL: https://517s61.reminews.com/dannig/common-player-arrow/index.html?var=1541501&ymid=211203112231db1edb2cb24925a7d058a29a&rc=1&mrc=0&fsc=0&zoneid=1601571&tburl=https://play-vids.com/?geo=nl&proxy=true
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
45.133.44.4 Philadelphia, United States, ASN39572 (ADVANCEDHOSTERS-AS, NL),
Reverse DNS
Software
nginx/1.18.0 /
Resource Hash

Request headers

Accept-Language
nl-NL,nl;q=0.9
Referer
https://517s61.reminews.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date
Fri, 03 Dec 2021 16:22:47 GMT
x-openstack-request-id
txb5043e51fe2e4d6988631-00617824f0
x-trans-id
txb5043e51fe2e4d6988631-00617824f0
x-timestamp
1621260766.74516
accept-ranges
bytes
expires
Sun, 05 Dec 2021 16:22:47 GMT
last-modified
Mon, 17 May 2021 14:12:47 GMT
server
nginx/1.18.0
etag
1e1a7582b5da63e10485d63f97abc9a0
vary
Accept-Encoding
access-control-allow-methods
HEAD,GET,POST,PUT,PATCH,DELETE,OPTIONS
content-type
image/png
access-control-allow-origin
*
access-control-expose-headers
X-Container-Meta-Temp-Url-Key,X-Container-Bytes-Used,Last-Modified,X-Timestamp
cache-control
max-age=172800
content-length
3264
access-control-allow-headers
Content-Type,X-Requested-With,X-Auth-Token,X-Openstack-Request-Id,X-Container-Meta-type,X-Container-Meta-Temp-URL-Key,Authorization
x-proxy-cache
HIT
icon7.png
123.selornews.com/dannig/common-player-arrow/img/ 		3 KB
4 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://123.selornews.com/dannig/common-player-arrow/img/icon7.png
Requested by
Host: 517s61.reminews.com
URL: https://517s61.reminews.com/dannig/common-player-arrow/index.html?var=1541501&ymid=211203112231db1edb2cb24925a7d058a29a&rc=1&mrc=0&fsc=0&zoneid=1601571&tburl=https://play-vids.com/?geo=nl&proxy=true
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
45.133.44.4 Philadelphia, United States, ASN39572 (ADVANCEDHOSTERS-AS, NL),
Reverse DNS
Software
nginx/1.18.0 /
Resource Hash

Request headers

Accept-Language
nl-NL,nl;q=0.9
Referer
https://517s61.reminews.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date
Fri, 03 Dec 2021 16:22:47 GMT
x-openstack-request-id
tx23eb648f44094a9e86fdc-00617824f0
x-trans-id
tx23eb648f44094a9e86fdc-00617824f0
x-timestamp
1621260767.43555
accept-ranges
bytes
expires
Sun, 05 Dec 2021 16:22:47 GMT
last-modified
Mon, 17 May 2021 14:12:48 GMT
server
nginx/1.18.0
etag
b512735542cb07b3b2dcf153a7dfe456
vary
Accept-Encoding
access-control-allow-methods
HEAD,GET,POST,PUT,PATCH,DELETE,OPTIONS
content-type
image/png
access-control-allow-origin
*
access-control-expose-headers
X-Container-Meta-Temp-Url-Key,X-Container-Bytes-Used,Last-Modified,X-Timestamp
cache-control
max-age=172800
content-length
3283
access-control-allow-headers
Content-Type,X-Requested-With,X-Auth-Token,X-Openstack-Request-Id,X-Container-Meta-type,X-Container-Meta-Temp-URL-Key,Authorization
x-proxy-cache
HIT
icon8.png
123.selornews.com/dannig/common-player-arrow/img/ 		4 KB
5 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://123.selornews.com/dannig/common-player-arrow/img/icon8.png
Requested by
Host: 517s61.reminews.com
URL: https://517s61.reminews.com/dannig/common-player-arrow/index.html?var=1541501&ymid=211203112231db1edb2cb24925a7d058a29a&rc=1&mrc=0&fsc=0&zoneid=1601571&tburl=https://play-vids.com/?geo=nl&proxy=true
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
45.133.44.4 Philadelphia, United States, ASN39572 (ADVANCEDHOSTERS-AS, NL),
Reverse DNS
Software
nginx/1.18.0 /
Resource Hash

Request headers

Accept-Language
nl-NL,nl;q=0.9
Referer
https://517s61.reminews.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date
Fri, 03 Dec 2021 16:22:47 GMT
x-openstack-request-id
tx287de7c84de84b77b385d-00617824f0
x-trans-id
tx287de7c84de84b77b385d-00617824f0
x-timestamp
1621260767.46514
accept-ranges
bytes
expires
Sun, 05 Dec 2021 16:22:47 GMT
last-modified
Mon, 17 May 2021 14:12:48 GMT
server
nginx/1.18.0
etag
f92d6474ebc6a3a0b576749cfb4afe98
vary
Accept-Encoding
access-control-allow-methods
HEAD,GET,POST,PUT,PATCH,DELETE,OPTIONS
content-type
image/png
access-control-allow-origin
*
access-control-expose-headers
X-Container-Meta-Temp-Url-Key,X-Container-Bytes-Used,Last-Modified,X-Timestamp
cache-control
max-age=172800
content-length
4064
access-control-allow-headers
Content-Type,X-Requested-With,X-Auth-Token,X-Openstack-Request-Id,X-Container-Meta-type,X-Container-Meta-Temp-URL-Key,Authorization
x-proxy-cache
HIT
afu.php
kneeansweras.com/ 		2 KB
1 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://kneeansweras.com/afu.php?zoneid=1541502&var=1541501
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
109.206.162.83 , Netherlands, ASN50245 (SERVEREL-AS, NL),
Reverse DNS
83.162.serverel.net
Software
nginx /
Resource Hash
1e1f7e76232b079d69787995b86eb89c26bb439aa59f60fd638f267a2e55d309

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36
Accept-Language
nl-NL,nl;q=0.9

Response headers

server
nginx
date
Fri, 03 Dec 2021 16:22:47 GMT
content-type
text/html; charset=utf-8
vary
Accept-Encoding
content-encoding
gzip
timing-allow-origin
*
submit.min.js
kneeansweras.com/ 		34 KB
14 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://kneeansweras.com/submit.min.js?2.0
Requested by
Host: kneeansweras.com
URL: https://kneeansweras.com/afu.php?zoneid=1541502&var=1541501
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
109.206.162.83 , Netherlands, ASN50245 (SERVEREL-AS, NL),
Reverse DNS
83.162.serverel.net
Software
nginx /
Resource Hash
85a367f436675a0f9ff723ab117c68ab0f704cd9f183bc40c8d5e06d647832b8

Request headers

Accept-Language
nl-NL,nl;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date
Fri, 03 Dec 2021 16:22:47 GMT
content-encoding
gzip
last-modified
Thu, 02 Dec 2021 12:43:17 GMT
server
nginx
etag
W/"61a8bf65-87fb"
vary
Accept-Encoding
content-type
application/javascript
timing-allow-origin
*
/
kneeansweras.com/ 		3 KB
2 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://kneeansweras.com/?r=dir&zoneid=1541502&var=1541501&pb=49bc048204b6abe9985c0cd8b82f5e861638555767&psp=D0KGVb1vnQKmqAibilyBaefqMjO3x6GeCmclXngGa1OCN3BHXSrZAvvll9Xa0rHcR39Peal17o5rH9PBGqA7yxxWko05kgYMH2RRj-u7fVVGiJPkZyf8d7zAL1yali8HvrIRIt8LOBLdJu8fcMuP04rl1fAuWRqpSR5GadPyFlLcSc6kqXAY8QKCaZNvK4jJKPa61Tm5phLNmzH6gBa8sla34R4zt69D4Kj4DF-6Sv3sW6AAQ9P3us0p5CDzUbqxOd1nXYlgFkJU7VKzD8ApzifcOY4vWg9Pa-KwEFlOgCVHNYZjIbC4eZuZLuaNWm2hs5rj2NN2UhrkklOWMxH-1X-MbffQNZe2jhQ-IIWP7wKg_mD0bdBKsyCMWirScCgxcDLJJ222YaI7elVZCUUCuIW-qPG1VhUPKYnaLoMtsNU_cF_liKjIHeGMO4_1GIka74uFIUBSV7pSNK68sTDa2sX3nz4qDFUXJh3s6QmAImmZ6UEMwD5vXKi5IvXZcaxOIB-cbRwanATjx9swXbh9WdjPHBVj_IHARaVGhMpOxb72ZNdZIGx1KYqN6ow-qIhY1An4KsPSm52S1rbic9IA9cyEdOPSlwITzJ6F09fcqwU46puscxLNhztf6K6gF47_c6hQC1-lv9Iej2QrL7Xwke_MP0eqVJFYwSDt_cwePcoKSOm0cdUlVQ==&nojs=0&ix=0&t=0&x=1600&y=1200&wcks=1&wgl=1&cnvs=1&os=0&md=0&bb=0&pl=Chrome%20PDF%20Plugin::Chrome%20PDF%20Viewer::Native%20Client&lang=en-US&pf=Linux%20x86_64&cd=24&0&pload=137
Requested by
Host: kneeansweras.com
URL: https://kneeansweras.com/submit.min.js?2.0
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
109.206.162.83 , Netherlands, ASN50245 (SERVEREL-AS, NL),
Reverse DNS
83.162.serverel.net
Software
nginx /
Resource Hash
9bd3fcb580a8f0b1515c85f891f93114946f1a0bbdde9c641b3d01e995d69343

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36
Accept-Language
nl-NL,nl;q=0.9

Response headers

server
nginx
date
Fri, 03 Dec 2021 16:22:47 GMT
content-type
text/html; charset=utf-8
vary
Accept-Encoding
content-encoding
gzip
timing-allow-origin
*
index.html
517s61.reminews.com/dannig/common-player-arrow/ 		6 KB
7 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://517s61.reminews.com/dannig/common-player-arrow/index.html?var=1541502&ymid=211203112299663c5f17f2476bb079b6247d&rc=1&mrc=0&fsc=0&zoneid=1601571&tburl=https://play-vids.com/?geo=nl&proxy=true
Requested by
Host: kneeansweras.com
URL: https://kneeansweras.com/?r=dir&zoneid=1541502&var=1541501&pb=49bc048204b6abe9985c0cd8b82f5e861638555767&psp=D0KGVb1vnQKmqAibilyBaefqMjO3x6GeCmclXngGa1OCN3BHXSrZAvvll9Xa0rHcR39Peal17o5rH9PBGqA7yxxWko05kgYMH2RRj-u7fVVGiJPkZyf8d7zAL1yali8HvrIRIt8LOBLdJu8fcMuP04rl1fAuWRqpSR5GadPyFlLcSc6kqXAY8QKCaZNvK4jJKPa61Tm5phLNmzH6gBa8sla34R4zt69D4Kj4DF-6Sv3sW6AAQ9P3us0p5CDzUbqxOd1nXYlgFkJU7VKzD8ApzifcOY4vWg9Pa-KwEFlOgCVHNYZjIbC4eZuZLuaNWm2hs5rj2NN2UhrkklOWMxH-1X-MbffQNZe2jhQ-IIWP7wKg_mD0bdBKsyCMWirScCgxcDLJJ222YaI7elVZCUUCuIW-qPG1VhUPKYnaLoMtsNU_cF_liKjIHeGMO4_1GIka74uFIUBSV7pSNK68sTDa2sX3nz4qDFUXJh3s6QmAImmZ6UEMwD5vXKi5IvXZcaxOIB-cbRwanATjx9swXbh9WdjPHBVj_IHARaVGhMpOxb72ZNdZIGx1KYqN6ow-qIhY1An4KsPSm52S1rbic9IA9cyEdOPSlwITzJ6F09fcqwU46puscxLNhztf6K6gF47_c6hQC1-lv9Iej2QrL7Xwke_MP0eqVJFYwSDt_cwePcoKSOm0cdUlVQ==&nojs=0&ix=0&t=0&x=1600&y=1200&wcks=1&wgl=1&cnvs=1&os=0&md=0&bb=0&pl=Chrome%20PDF%20Plugin::Chrome%20PDF%20Viewer::Native%20Client&lang=en-US&pf=Linux%20x86_64&cd=24&0&pload=137
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
45.133.44.3 Philadelphia, United States, ASN39572 (ADVANCEDHOSTERS-AS, NL),
Reverse DNS
Software
nginx/1.18.0 /
Resource Hash
dccc56b4834577790633f041a5c730b0f283352e63c8509a9da3961b170b6f96

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36
Accept-Language
nl-NL,nl;q=0.9

Response headers

date
Fri, 03 Dec 2021 16:22:47 GMT
content-type
text/html; charset=utf-8
content-length
6611
server
nginx/1.18.0
last-modified
Tue, 26 Oct 2021 15:52:40 GMT
etag
f46a63e0e4e733d7ddc6f46da00863bf
x-timestamp
1635263559.76455
x-trans-id
txf9973ab5455e4f86ae257-00617824f3
x-openstack-request-id
txf9973ab5455e4f86ae257-00617824f3
cache-control
max-age=172800
access-control-allow-origin
*
access-control-allow-methods
HEAD,GET,POST,PUT,PATCH,DELETE,OPTIONS
access-control-allow-headers
Content-Type,X-Requested-With,X-Auth-Token,X-Openstack-Request-Id,X-Container-Meta-type,X-Container-Meta-Temp-URL-Key,Authorization
access-control-expose-headers
X-Container-Meta-Temp-Url-Key,X-Container-Bytes-Used,Last-Modified,X-Timestamp
expires
Sun, 05 Dec 2021 16:22:47 GMT
vary
Accept-Encoding
x-proxy-cache
HIT
accept-ranges
bytes
dupa.gif
kneeansweras.com/ 		0
0
script.js
123.selornews.com/dannig/common-player-arrow/ 		4 KB
5 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://123.selornews.com/dannig/common-player-arrow/script.js?a=19
Requested by
Host: 517s61.reminews.com
URL: https://517s61.reminews.com/dannig/common-player-arrow/index.html?var=1541502&ymid=211203112299663c5f17f2476bb079b6247d&rc=1&mrc=0&fsc=0&zoneid=1601571&tburl=https://play-vids.com/?geo=nl&proxy=true
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
45.133.44.4 Philadelphia, United States, ASN39572 (ADVANCEDHOSTERS-AS, NL),
Reverse DNS
Software
nginx/1.18.0 /
Resource Hash
4d23eca65ee87fd5bce9aaefc863c5f836ad13dbb3069c72533bddfe2054d0d9

Request headers

Accept-Language
nl-NL,nl;q=0.9
Referer
https://517s61.reminews.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date
Fri, 03 Dec 2021 16:22:47 GMT
x-openstack-request-id
tx511d3042704c4fa98c709-00617824f4
x-trans-id
tx511d3042704c4fa98c709-00617824f4
x-timestamp
1631013005.68768
accept-ranges
bytes
expires
Sun, 05 Dec 2021 16:22:47 GMT
last-modified
Tue, 07 Sep 2021 11:10:06 GMT
server
nginx/1.18.0
etag
9d479878f1dadd7ee15cebf73891e8ae
vary
Accept-Encoding
access-control-allow-methods
HEAD,GET,POST,PUT,PATCH,DELETE,OPTIONS
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
access-control-expose-headers
X-Container-Meta-Temp-Url-Key,X-Container-Bytes-Used,Last-Modified,X-Timestamp
cache-control
max-age=172800
content-length
4281
access-control-allow-headers
Content-Type,X-Requested-With,X-Auth-Token,X-Openstack-Request-Id,X-Container-Meta-type,X-Container-Meta-Temp-URL-Key,Authorization
x-proxy-cache
HIT
icon1.png
123.selornews.com/dannig/common-player-arrow/img/ 		7 KB
8 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://123.selornews.com/dannig/common-player-arrow/img/icon1.png
Requested by
Host: 517s61.reminews.com
URL: https://517s61.reminews.com/dannig/common-player-arrow/index.html?var=1541502&ymid=211203112299663c5f17f2476bb079b6247d&rc=1&mrc=0&fsc=0&zoneid=1601571&tburl=https://play-vids.com/?geo=nl&proxy=true
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
45.133.44.4 Philadelphia, United States, ASN39572 (ADVANCEDHOSTERS-AS, NL),
Reverse DNS
Software
nginx/1.18.0 /
Resource Hash
0515ddd9185d263874e7b66bb6d521fcd63b857aac5fed51c08df98026dafe27

Request headers

Accept-Language
nl-NL,nl;q=0.9
Referer
https://517s61.reminews.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date
Fri, 03 Dec 2021 16:22:47 GMT
x-openstack-request-id
tx3a371b7f911d47879e956-00617824f4
x-trans-id
tx3a371b7f911d47879e956-00617824f4
x-timestamp
1621260766.56573
accept-ranges
bytes
expires
Sun, 05 Dec 2021 16:22:47 GMT
last-modified
Mon, 17 May 2021 14:12:47 GMT
server
nginx/1.18.0
etag
3d0ab5834c8bf7134e4d21fa3288317f
vary
Accept-Encoding
access-control-allow-methods
HEAD,GET,POST,PUT,PATCH,DELETE,OPTIONS
content-type
image/png
access-control-allow-origin
*
access-control-expose-headers
X-Container-Meta-Temp-Url-Key,X-Container-Bytes-Used,Last-Modified,X-Timestamp
cache-control
max-age=172800
content-length
7252
access-control-allow-headers
Content-Type,X-Requested-With,X-Auth-Token,X-Openstack-Request-Id,X-Container-Meta-type,X-Container-Meta-Temp-URL-Key,Authorization
x-proxy-cache
HIT
icon2.png
123.selornews.com/dannig/common-player-arrow/img/ 		4 KB
5 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://123.selornews.com/dannig/common-player-arrow/img/icon2.png
Requested by
Host: 517s61.reminews.com
URL: https://517s61.reminews.com/dannig/common-player-arrow/index.html?var=1541502&ymid=211203112299663c5f17f2476bb079b6247d&rc=1&mrc=0&fsc=0&zoneid=1601571&tburl=https://play-vids.com/?geo=nl&proxy=true
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
45.133.44.4 Philadelphia, United States, ASN39572 (ADVANCEDHOSTERS-AS, NL),
Reverse DNS
Software
nginx/1.18.0 /
Resource Hash

Request headers

Accept-Language
nl-NL,nl;q=0.9
Referer
https://517s61.reminews.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date
Fri, 03 Dec 2021 16:22:47 GMT
x-openstack-request-id
txa9b08c83d6884e2e94886-00617824f0
x-trans-id
txa9b08c83d6884e2e94886-00617824f0
x-timestamp
1621260766.58366
accept-ranges
bytes
expires
Sun, 05 Dec 2021 16:22:47 GMT
last-modified
Mon, 17 May 2021 14:12:47 GMT
server
nginx/1.18.0
etag
c947d439eb93367f1af5b2a3d222f057
vary
Accept-Encoding
access-control-allow-methods
HEAD,GET,POST,PUT,PATCH,DELETE,OPTIONS
content-type
image/png
access-control-allow-origin
*
access-control-expose-headers
X-Container-Meta-Temp-Url-Key,X-Container-Bytes-Used,Last-Modified,X-Timestamp
cache-control
max-age=172800
content-length
4576
access-control-allow-headers
Content-Type,X-Requested-With,X-Auth-Token,X-Openstack-Request-Id,X-Container-Meta-type,X-Container-Meta-Temp-URL-Key,Authorization
x-proxy-cache
HIT
icon3.png
123.selornews.com/dannig/common-player-arrow/img/ 		8 KB
8 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://123.selornews.com/dannig/common-player-arrow/img/icon3.png
Requested by
Host: 517s61.reminews.com
URL: https://517s61.reminews.com/dannig/common-player-arrow/index.html?var=1541502&ymid=211203112299663c5f17f2476bb079b6247d&rc=1&mrc=0&fsc=0&zoneid=1601571&tburl=https://play-vids.com/?geo=nl&proxy=true
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
45.133.44.4 Philadelphia, United States, ASN39572 (ADVANCEDHOSTERS-AS, NL),
Reverse DNS
Software
nginx/1.18.0 /
Resource Hash

Request headers

Accept-Language
nl-NL,nl;q=0.9
Referer
https://517s61.reminews.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date
Fri, 03 Dec 2021 16:22:47 GMT
x-openstack-request-id
txe836bc800dc74cab8c17e-00617824f0
x-trans-id
txe836bc800dc74cab8c17e-00617824f0
x-timestamp
1621260770.61859
accept-ranges
bytes
expires
Sun, 05 Dec 2021 16:22:47 GMT
last-modified
Mon, 17 May 2021 14:12:51 GMT
server
nginx/1.18.0
etag
8f3cc830da0b1fdf66bda7d1d734747b
vary
Accept-Encoding
access-control-allow-methods
HEAD,GET,POST,PUT,PATCH,DELETE,OPTIONS
content-type
image/png
access-control-allow-origin
*
access-control-expose-headers
X-Container-Meta-Temp-Url-Key,X-Container-Bytes-Used,Last-Modified,X-Timestamp
cache-control
max-age=172800
content-length
7847
access-control-allow-headers
Content-Type,X-Requested-With,X-Auth-Token,X-Openstack-Request-Id,X-Container-Meta-type,X-Container-Meta-Temp-URL-Key,Authorization
x-proxy-cache
HIT
icon4.png
123.selornews.com/dannig/common-player-arrow/img/ 		7 KB
7 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://123.selornews.com/dannig/common-player-arrow/img/icon4.png
Requested by
Host: 517s61.reminews.com
URL: https://517s61.reminews.com/dannig/common-player-arrow/index.html?var=1541502&ymid=211203112299663c5f17f2476bb079b6247d&rc=1&mrc=0&fsc=0&zoneid=1601571&tburl=https://play-vids.com/?geo=nl&proxy=true
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
45.133.44.4 Philadelphia, United States, ASN39572 (ADVANCEDHOSTERS-AS, NL),
Reverse DNS
Software
nginx/1.18.0 /
Resource Hash

Request headers

Accept-Language
nl-NL,nl;q=0.9
Referer
https://517s61.reminews.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date
Fri, 03 Dec 2021 16:22:47 GMT
x-openstack-request-id
tx15b172dcb6084849bf123-00617824f0
x-trans-id
tx15b172dcb6084849bf123-00617824f0
x-timestamp
1621260766.57654
accept-ranges
bytes
expires
Sun, 05 Dec 2021 16:22:47 GMT
last-modified
Mon, 17 May 2021 14:12:47 GMT
server
nginx/1.18.0
etag
7ad7f32c1c0df7b4975cc41bda4ac435
vary
Accept-Encoding
access-control-allow-methods
HEAD,GET,POST,PUT,PATCH,DELETE,OPTIONS
content-type
image/png
access-control-allow-origin
*
access-control-expose-headers
X-Container-Meta-Temp-Url-Key,X-Container-Bytes-Used,Last-Modified,X-Timestamp
cache-control
max-age=172800
content-length
7032
access-control-allow-headers
Content-Type,X-Requested-With,X-Auth-Token,X-Openstack-Request-Id,X-Container-Meta-type,X-Container-Meta-Temp-URL-Key,Authorization
x-proxy-cache
HIT
icon5.png
123.selornews.com/dannig/common-player-arrow/img/ 		3 KB
4 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://123.selornews.com/dannig/common-player-arrow/img/icon5.png
Requested by
Host: 517s61.reminews.com
URL: https://517s61.reminews.com/dannig/common-player-arrow/index.html?var=1541502&ymid=211203112299663c5f17f2476bb079b6247d&rc=1&mrc=0&fsc=0&zoneid=1601571&tburl=https://play-vids.com/?geo=nl&proxy=true
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
45.133.44.4 Philadelphia, United States, ASN39572 (ADVANCEDHOSTERS-AS, NL),
Reverse DNS
Software
nginx/1.18.0 /
Resource Hash

Request headers

Accept-Language
nl-NL,nl;q=0.9
Referer
https://517s61.reminews.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date
Fri, 03 Dec 2021 16:22:47 GMT
x-openstack-request-id
txb5043e51fe2e4d6988631-00617824f0
x-trans-id
txb5043e51fe2e4d6988631-00617824f0
x-timestamp
1621260766.74516
accept-ranges
bytes
expires
Sun, 05 Dec 2021 16:22:47 GMT
last-modified
Mon, 17 May 2021 14:12:47 GMT
server
nginx/1.18.0
etag
1e1a7582b5da63e10485d63f97abc9a0
vary
Accept-Encoding
access-control-allow-methods
HEAD,GET,POST,PUT,PATCH,DELETE,OPTIONS
content-type
image/png
access-control-allow-origin
*
access-control-expose-headers
X-Container-Meta-Temp-Url-Key,X-Container-Bytes-Used,Last-Modified,X-Timestamp
cache-control
max-age=172800
content-length
3264
access-control-allow-headers
Content-Type,X-Requested-With,X-Auth-Token,X-Openstack-Request-Id,X-Container-Meta-type,X-Container-Meta-Temp-URL-Key,Authorization
x-proxy-cache
HIT
icon7.png
123.selornews.com/dannig/common-player-arrow/img/ 		3 KB
4 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://123.selornews.com/dannig/common-player-arrow/img/icon7.png
Requested by
Host: 517s61.reminews.com
URL: https://517s61.reminews.com/dannig/common-player-arrow/index.html?var=1541502&ymid=211203112299663c5f17f2476bb079b6247d&rc=1&mrc=0&fsc=0&zoneid=1601571&tburl=https://play-vids.com/?geo=nl&proxy=true
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
45.133.44.4 Philadelphia, United States, ASN39572 (ADVANCEDHOSTERS-AS, NL),
Reverse DNS
Software
nginx/1.18.0 /
Resource Hash

Request headers

Accept-Language
nl-NL,nl;q=0.9
Referer
https://517s61.reminews.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date
Fri, 03 Dec 2021 16:22:47 GMT
x-openstack-request-id
tx23eb648f44094a9e86fdc-00617824f0
x-trans-id
tx23eb648f44094a9e86fdc-00617824f0
x-timestamp
1621260767.43555
accept-ranges
bytes
expires
Sun, 05 Dec 2021 16:22:47 GMT
last-modified
Mon, 17 May 2021 14:12:48 GMT
server
nginx/1.18.0
etag
b512735542cb07b3b2dcf153a7dfe456
vary
Accept-Encoding
access-control-allow-methods
HEAD,GET,POST,PUT,PATCH,DELETE,OPTIONS
content-type
image/png
access-control-allow-origin
*
access-control-expose-headers
X-Container-Meta-Temp-Url-Key,X-Container-Bytes-Used,Last-Modified,X-Timestamp
cache-control
max-age=172800
content-length
3283
access-control-allow-headers
Content-Type,X-Requested-With,X-Auth-Token,X-Openstack-Request-Id,X-Container-Meta-type,X-Container-Meta-Temp-URL-Key,Authorization
x-proxy-cache
HIT
icon8.png
123.selornews.com/dannig/common-player-arrow/img/ 		4 KB
5 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://123.selornews.com/dannig/common-player-arrow/img/icon8.png
Requested by
Host: 517s61.reminews.com
URL: https://517s61.reminews.com/dannig/common-player-arrow/index.html?var=1541502&ymid=211203112299663c5f17f2476bb079b6247d&rc=1&mrc=0&fsc=0&zoneid=1601571&tburl=https://play-vids.com/?geo=nl&proxy=true
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
45.133.44.4 Philadelphia, United States, ASN39572 (ADVANCEDHOSTERS-AS, NL),
Reverse DNS
Software
nginx/1.18.0 /
Resource Hash

Request headers

Accept-Language
nl-NL,nl;q=0.9
Referer
https://517s61.reminews.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date
Fri, 03 Dec 2021 16:22:47 GMT
x-openstack-request-id
tx287de7c84de84b77b385d-00617824f0
x-trans-id
tx287de7c84de84b77b385d-00617824f0
x-timestamp
1621260767.46514
accept-ranges
bytes
expires
Sun, 05 Dec 2021 16:22:47 GMT
last-modified
Mon, 17 May 2021 14:12:48 GMT
server
nginx/1.18.0
etag
f92d6474ebc6a3a0b576749cfb4afe98
vary
Accept-Encoding
access-control-allow-methods
HEAD,GET,POST,PUT,PATCH,DELETE,OPTIONS
content-type
image/png
access-control-allow-origin
*
access-control-expose-headers
X-Container-Meta-Temp-Url-Key,X-Container-Bytes-Used,Last-Modified,X-Timestamp
cache-control
max-age=172800
content-length
4064
access-control-allow-headers
Content-Type,X-Requested-With,X-Auth-Token,X-Openstack-Request-Id,X-Container-Meta-type,X-Container-Meta-Temp-URL-Key,Authorization
x-proxy-cache
HIT
afu.php
kneeansweras.com/ 		2 KB
1 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://kneeansweras.com/afu.php?zoneid=1541501&var=1541502
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
109.206.162.83 , Netherlands, ASN50245 (SERVEREL-AS, NL),
Reverse DNS
83.162.serverel.net
Software
nginx /
Resource Hash
d84db2a1a897f7b7a3972fb59e2f5e11912f6b08c63a44a0024213aa766c851e

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36
Accept-Language
nl-NL,nl;q=0.9

Response headers

server
nginx
date
Fri, 03 Dec 2021 16:22:47 GMT
content-type
text/html; charset=utf-8
vary
Accept-Encoding
content-encoding
gzip
timing-allow-origin
*
submit.min.js
kneeansweras.com/ 		34 KB
14 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://kneeansweras.com/submit.min.js?2.0
Requested by
Host: kneeansweras.com
URL: https://kneeansweras.com/afu.php?zoneid=1541501&var=1541502
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
109.206.162.83 , Netherlands, ASN50245 (SERVEREL-AS, NL),
Reverse DNS
83.162.serverel.net
Software
nginx /
Resource Hash
85a367f436675a0f9ff723ab117c68ab0f704cd9f183bc40c8d5e06d647832b8

Request headers

Accept-Language
nl-NL,nl;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date
Fri, 03 Dec 2021 16:22:47 GMT
content-encoding
gzip
last-modified
Thu, 02 Dec 2021 12:43:17 GMT
server
nginx
etag
W/"61a8bf65-87fb"
vary
Accept-Encoding
content-type
application/javascript
timing-allow-origin
*
/
kneeansweras.com/ 		3 KB
2 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://kneeansweras.com/?r=dir&zoneid=1541501&var=1541502&pb=49bc048204b6abe9985c0cd8b82f5e861638555767&psp=5Zt5U1-_irosRR5KckN8kFF6-wdDHRmBG1xp0IvRZBrSjqxFvuvRLDG1gtYaWOY4aGgSG1sfPWJuKJ-L3k77rb1b3C5hBhhNQZnfjxMzXqBTurXxRwwl2NeTF4U1802OFFAPCIIXiEqyPrmK1-Qv9WvgetRxDnamOK4I7HCX80GZC2xOa2PBCtjaLtXbTUdy-gjc3VRyr6Jq47lnF49wiUicau_eGSJfN7SM4wwkqupOzD1TlcA2HzIEMKskt-P1TxqVWQ_6JXioSyIzc5rVcJEvsffxwo_ROgzPW1gDqEwOz1TgtyD6MvNsRsCQa-_n6dpH6Hf61AYmNR7OZ-gJ1A7MRjRZoFV2A0LL0v4V3OO671nLtPhFLkXvQDiV9k6ZuMX_Wd3hzSTzTIKpDaQmJiOlbzXSvCRHffNCtvYdcHcws0MrjzvCWfHcKdWSBlaHuGOHPK1R4MKFv086FEvruuwuTGJwAwSQOSKq8_QpbO6BYgrOaIYosTAA8yh2TDYRS0NOPEnr5yefl-j3VB3xTL4uaTn_dCXKSphLMAgJU0YgIwy6y5fZePRH5mNKdZ-8KD7Q55Ioo_cMegF9-U7XoLIOSen6uvOkgVBumtOeAxwmUnyPgCQ6G2siST7sIsLmHSMd0ByvEvx5m2erGOSGHAT9cqzaj_spvEXWvlnVrGbfxI4BTkwCDg==&nojs=0&ix=0&t=0&x=1600&y=1200&wcks=1&wgl=1&cnvs=1&os=0&md=0&bb=0&pl=Chrome%20PDF%20Plugin::Chrome%20PDF%20Viewer::Native%20Client&lang=en-US&pf=Linux%20x86_64&cd=24&0&pload=107
Requested by
Host: kneeansweras.com
URL: https://kneeansweras.com/submit.min.js?2.0
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
109.206.162.83 , Netherlands, ASN50245 (SERVEREL-AS, NL),
Reverse DNS
83.162.serverel.net
Software
nginx /
Resource Hash
0bd2f1eb7614100aad4c85b99ec06602f4b906b4bc091d95d373001c826cef60

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36
Accept-Language
nl-NL,nl;q=0.9

Response headers

server
nginx
date
Fri, 03 Dec 2021 16:22:47 GMT
content-type
text/html; charset=utf-8
vary
Accept-Encoding
content-encoding
gzip
timing-allow-origin
*
index.html
517s61.reminews.com/dannig/common-player-arrow/ 		6 KB
7 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://517s61.reminews.com/dannig/common-player-arrow/index.html?var=1541501&ymid=2112031122e998f53968834be18cb6e3dbed&rc=1&mrc=0&fsc=0&zoneid=1601571&tburl=https://play-vids.com/?geo=nl&proxy=true
Requested by
Host: kneeansweras.com
URL: https://kneeansweras.com/?r=dir&zoneid=1541501&var=1541502&pb=49bc048204b6abe9985c0cd8b82f5e861638555767&psp=5Zt5U1-_irosRR5KckN8kFF6-wdDHRmBG1xp0IvRZBrSjqxFvuvRLDG1gtYaWOY4aGgSG1sfPWJuKJ-L3k77rb1b3C5hBhhNQZnfjxMzXqBTurXxRwwl2NeTF4U1802OFFAPCIIXiEqyPrmK1-Qv9WvgetRxDnamOK4I7HCX80GZC2xOa2PBCtjaLtXbTUdy-gjc3VRyr6Jq47lnF49wiUicau_eGSJfN7SM4wwkqupOzD1TlcA2HzIEMKskt-P1TxqVWQ_6JXioSyIzc5rVcJEvsffxwo_ROgzPW1gDqEwOz1TgtyD6MvNsRsCQa-_n6dpH6Hf61AYmNR7OZ-gJ1A7MRjRZoFV2A0LL0v4V3OO671nLtPhFLkXvQDiV9k6ZuMX_Wd3hzSTzTIKpDaQmJiOlbzXSvCRHffNCtvYdcHcws0MrjzvCWfHcKdWSBlaHuGOHPK1R4MKFv086FEvruuwuTGJwAwSQOSKq8_QpbO6BYgrOaIYosTAA8yh2TDYRS0NOPEnr5yefl-j3VB3xTL4uaTn_dCXKSphLMAgJU0YgIwy6y5fZePRH5mNKdZ-8KD7Q55Ioo_cMegF9-U7XoLIOSen6uvOkgVBumtOeAxwmUnyPgCQ6G2siST7sIsLmHSMd0ByvEvx5m2erGOSGHAT9cqzaj_spvEXWvlnVrGbfxI4BTkwCDg==&nojs=0&ix=0&t=0&x=1600&y=1200&wcks=1&wgl=1&cnvs=1&os=0&md=0&bb=0&pl=Chrome%20PDF%20Plugin::Chrome%20PDF%20Viewer::Native%20Client&lang=en-US&pf=Linux%20x86_64&cd=24&0&pload=107
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
45.133.44.3 Philadelphia, United States, ASN39572 (ADVANCEDHOSTERS-AS, NL),
Reverse DNS
Software
nginx/1.18.0 /
Resource Hash
dccc56b4834577790633f041a5c730b0f283352e63c8509a9da3961b170b6f96

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36
Accept-Language
nl-NL,nl;q=0.9

Response headers

date
Fri, 03 Dec 2021 16:22:47 GMT
content-type
text/html; charset=utf-8
content-length
6611
server
nginx/1.18.0
last-modified
Tue, 26 Oct 2021 15:52:40 GMT
etag
f46a63e0e4e733d7ddc6f46da00863bf
x-timestamp
1635263559.76455
x-trans-id
txf9973ab5455e4f86ae257-00617824f3
x-openstack-request-id
txf9973ab5455e4f86ae257-00617824f3
cache-control
max-age=172800
access-control-allow-origin
*
access-control-allow-methods
HEAD,GET,POST,PUT,PATCH,DELETE,OPTIONS
access-control-allow-headers
Content-Type,X-Requested-With,X-Auth-Token,X-Openstack-Request-Id,X-Container-Meta-type,X-Container-Meta-Temp-URL-Key,Authorization
access-control-expose-headers
X-Container-Meta-Temp-Url-Key,X-Container-Bytes-Used,Last-Modified,X-Timestamp
expires
Sun, 05 Dec 2021 16:22:47 GMT
vary
Accept-Encoding
x-proxy-cache
HIT
accept-ranges
bytes
dupa.gif
kneeansweras.com/ 		0
0
script.js
123.selornews.com/dannig/common-player-arrow/ 		4 KB
5 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://123.selornews.com/dannig/common-player-arrow/script.js?a=19
Requested by
Host: 517s61.reminews.com
URL: https://517s61.reminews.com/dannig/common-player-arrow/index.html?var=1541501&ymid=2112031122e998f53968834be18cb6e3dbed&rc=1&mrc=0&fsc=0&zoneid=1601571&tburl=https://play-vids.com/?geo=nl&proxy=true
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
45.133.44.4 Philadelphia, United States, ASN39572 (ADVANCEDHOSTERS-AS, NL),
Reverse DNS
Software
nginx/1.18.0 /
Resource Hash
4d23eca65ee87fd5bce9aaefc863c5f836ad13dbb3069c72533bddfe2054d0d9

Request headers

Accept-Language
nl-NL,nl;q=0.9
Referer
https://517s61.reminews.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date
Fri, 03 Dec 2021 16:22:47 GMT
x-openstack-request-id
tx511d3042704c4fa98c709-00617824f4
x-trans-id
tx511d3042704c4fa98c709-00617824f4
x-timestamp
1631013005.68768
accept-ranges
bytes
expires
Sun, 05 Dec 2021 16:22:47 GMT
last-modified
Tue, 07 Sep 2021 11:10:06 GMT
server
nginx/1.18.0
etag
9d479878f1dadd7ee15cebf73891e8ae
vary
Accept-Encoding
access-control-allow-methods
HEAD,GET,POST,PUT,PATCH,DELETE,OPTIONS
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
access-control-expose-headers
X-Container-Meta-Temp-Url-Key,X-Container-Bytes-Used,Last-Modified,X-Timestamp
cache-control
max-age=172800
content-length
4281
access-control-allow-headers
Content-Type,X-Requested-With,X-Auth-Token,X-Openstack-Request-Id,X-Container-Meta-type,X-Container-Meta-Temp-URL-Key,Authorization
x-proxy-cache
HIT
icon1.png
123.selornews.com/dannig/common-player-arrow/img/ 		7 KB
8 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://123.selornews.com/dannig/common-player-arrow/img/icon1.png
Requested by
Host: 517s61.reminews.com
URL: https://517s61.reminews.com/dannig/common-player-arrow/index.html?var=1541501&ymid=2112031122e998f53968834be18cb6e3dbed&rc=1&mrc=0&fsc=0&zoneid=1601571&tburl=https://play-vids.com/?geo=nl&proxy=true
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
45.133.44.4 Philadelphia, United States, ASN39572 (ADVANCEDHOSTERS-AS, NL),
Reverse DNS
Software
nginx/1.18.0 /
Resource Hash

Request headers

Accept-Language
nl-NL,nl;q=0.9
Referer
https://517s61.reminews.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date
Fri, 03 Dec 2021 16:22:47 GMT
x-openstack-request-id
tx3a371b7f911d47879e956-00617824f4
x-trans-id
tx3a371b7f911d47879e956-00617824f4
x-timestamp
1621260766.56573
accept-ranges
bytes
expires
Sun, 05 Dec 2021 16:22:47 GMT
last-modified
Mon, 17 May 2021 14:12:47 GMT
server
nginx/1.18.0
etag
3d0ab5834c8bf7134e4d21fa3288317f
vary
Accept-Encoding
access-control-allow-methods
HEAD,GET,POST,PUT,PATCH,DELETE,OPTIONS
content-type
image/png
access-control-allow-origin
*
access-control-expose-headers
X-Container-Meta-Temp-Url-Key,X-Container-Bytes-Used,Last-Modified,X-Timestamp
cache-control
max-age=172800
content-length
7252
access-control-allow-headers
Content-Type,X-Requested-With,X-Auth-Token,X-Openstack-Request-Id,X-Container-Meta-type,X-Container-Meta-Temp-URL-Key,Authorization
x-proxy-cache
HIT
icon2.png
123.selornews.com/dannig/common-player-arrow/img/ 		4 KB
5 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://123.selornews.com/dannig/common-player-arrow/img/icon2.png
Requested by
Host: 517s61.reminews.com
URL: https://517s61.reminews.com/dannig/common-player-arrow/index.html?var=1541501&ymid=2112031122e998f53968834be18cb6e3dbed&rc=1&mrc=0&fsc=0&zoneid=1601571&tburl=https://play-vids.com/?geo=nl&proxy=true
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
45.133.44.4 Philadelphia, United States, ASN39572 (ADVANCEDHOSTERS-AS, NL),
Reverse DNS
Software
nginx/1.18.0 /
Resource Hash

Request headers

Accept-Language
nl-NL,nl;q=0.9
Referer
https://517s61.reminews.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date
Fri, 03 Dec 2021 16:22:47 GMT
x-openstack-request-id
txa9b08c83d6884e2e94886-00617824f0
x-trans-id
txa9b08c83d6884e2e94886-00617824f0
x-timestamp
1621260766.58366
accept-ranges
bytes
expires
Sun, 05 Dec 2021 16:22:47 GMT
last-modified
Mon, 17 May 2021 14:12:47 GMT
server
nginx/1.18.0
etag
c947d439eb93367f1af5b2a3d222f057
vary
Accept-Encoding
access-control-allow-methods
HEAD,GET,POST,PUT,PATCH,DELETE,OPTIONS
content-type
image/png
access-control-allow-origin
*
access-control-expose-headers
X-Container-Meta-Temp-Url-Key,X-Container-Bytes-Used,Last-Modified,X-Timestamp
cache-control
max-age=172800
content-length
4576
access-control-allow-headers
Content-Type,X-Requested-With,X-Auth-Token,X-Openstack-Request-Id,X-Container-Meta-type,X-Container-Meta-Temp-URL-Key,Authorization
x-proxy-cache
HIT
icon3.png
123.selornews.com/dannig/common-player-arrow/img/ 		8 KB
8 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://123.selornews.com/dannig/common-player-arrow/img/icon3.png
Requested by
Host: 517s61.reminews.com
URL: https://517s61.reminews.com/dannig/common-player-arrow/index.html?var=1541501&ymid=2112031122e998f53968834be18cb6e3dbed&rc=1&mrc=0&fsc=0&zoneid=1601571&tburl=https://play-vids.com/?geo=nl&proxy=true
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
45.133.44.4 Philadelphia, United States, ASN39572 (ADVANCEDHOSTERS-AS, NL),
Reverse DNS
Software
nginx/1.18.0 /
Resource Hash

Request headers

Accept-Language
nl-NL,nl;q=0.9
Referer
https://517s61.reminews.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date
Fri, 03 Dec 2021 16:22:47 GMT
x-openstack-request-id
txe836bc800dc74cab8c17e-00617824f0
x-trans-id
txe836bc800dc74cab8c17e-00617824f0
x-timestamp
1621260770.61859
accept-ranges
bytes
expires
Sun, 05 Dec 2021 16:22:47 GMT
last-modified
Mon, 17 May 2021 14:12:51 GMT
server
nginx/1.18.0
etag
8f3cc830da0b1fdf66bda7d1d734747b
vary
Accept-Encoding
access-control-allow-methods
HEAD,GET,POST,PUT,PATCH,DELETE,OPTIONS
content-type
image/png
access-control-allow-origin
*
access-control-expose-headers
X-Container-Meta-Temp-Url-Key,X-Container-Bytes-Used,Last-Modified,X-Timestamp
cache-control
max-age=172800
content-length
7847
access-control-allow-headers
Content-Type,X-Requested-With,X-Auth-Token,X-Openstack-Request-Id,X-Container-Meta-type,X-Container-Meta-Temp-URL-Key,Authorization
x-proxy-cache
HIT
icon4.png
123.selornews.com/dannig/common-player-arrow/img/ 		7 KB
7 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://123.selornews.com/dannig/common-player-arrow/img/icon4.png
Requested by
Host: 517s61.reminews.com
URL: https://517s61.reminews.com/dannig/common-player-arrow/index.html?var=1541501&ymid=2112031122e998f53968834be18cb6e3dbed&rc=1&mrc=0&fsc=0&zoneid=1601571&tburl=https://play-vids.com/?geo=nl&proxy=true
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
45.133.44.4 Philadelphia, United States, ASN39572 (ADVANCEDHOSTERS-AS, NL),
Reverse DNS
Software
nginx/1.18.0 /
Resource Hash

Request headers

Accept-Language
nl-NL,nl;q=0.9
Referer
https://517s61.reminews.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date
Fri, 03 Dec 2021 16:22:47 GMT
x-openstack-request-id
tx15b172dcb6084849bf123-00617824f0
x-trans-id
tx15b172dcb6084849bf123-00617824f0
x-timestamp
1621260766.57654
accept-ranges
bytes
expires
Sun, 05 Dec 2021 16:22:47 GMT
last-modified
Mon, 17 May 2021 14:12:47 GMT
server
nginx/1.18.0
etag
7ad7f32c1c0df7b4975cc41bda4ac435
vary
Accept-Encoding
access-control-allow-methods
HEAD,GET,POST,PUT,PATCH,DELETE,OPTIONS
content-type
image/png
access-control-allow-origin
*
access-control-expose-headers
X-Container-Meta-Temp-Url-Key,X-Container-Bytes-Used,Last-Modified,X-Timestamp
cache-control
max-age=172800
content-length
7032
access-control-allow-headers
Content-Type,X-Requested-With,X-Auth-Token,X-Openstack-Request-Id,X-Container-Meta-type,X-Container-Meta-Temp-URL-Key,Authorization
x-proxy-cache
HIT
icon5.png
123.selornews.com/dannig/common-player-arrow/img/ 		3 KB
4 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://123.selornews.com/dannig/common-player-arrow/img/icon5.png
Requested by
Host: 517s61.reminews.com
URL: https://517s61.reminews.com/dannig/common-player-arrow/index.html?var=1541501&ymid=2112031122e998f53968834be18cb6e3dbed&rc=1&mrc=0&fsc=0&zoneid=1601571&tburl=https://play-vids.com/?geo=nl&proxy=true
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
45.133.44.4 Philadelphia, United States, ASN39572 (ADVANCEDHOSTERS-AS, NL),
Reverse DNS
Software
nginx/1.18.0 /
Resource Hash

Request headers

Accept-Language
nl-NL,nl;q=0.9
Referer
https://517s61.reminews.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date
Fri, 03 Dec 2021 16:22:47 GMT
x-openstack-request-id
txb5043e51fe2e4d6988631-00617824f0
x-trans-id
txb5043e51fe2e4d6988631-00617824f0
x-timestamp
1621260766.74516
accept-ranges
bytes
expires
Sun, 05 Dec 2021 16:22:47 GMT
last-modified
Mon, 17 May 2021 14:12:47 GMT
server
nginx/1.18.0
etag
1e1a7582b5da63e10485d63f97abc9a0
vary
Accept-Encoding
access-control-allow-methods
HEAD,GET,POST,PUT,PATCH,DELETE,OPTIONS
content-type
image/png
access-control-allow-origin
*
access-control-expose-headers
X-Container-Meta-Temp-Url-Key,X-Container-Bytes-Used,Last-Modified,X-Timestamp
cache-control
max-age=172800
content-length
3264
access-control-allow-headers
Content-Type,X-Requested-With,X-Auth-Token,X-Openstack-Request-Id,X-Container-Meta-type,X-Container-Meta-Temp-URL-Key,Authorization
x-proxy-cache
HIT
icon7.png
123.selornews.com/dannig/common-player-arrow/img/ 		3 KB
4 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://123.selornews.com/dannig/common-player-arrow/img/icon7.png
Requested by
Host: 517s61.reminews.com
URL: https://517s61.reminews.com/dannig/common-player-arrow/index.html?var=1541501&ymid=2112031122e998f53968834be18cb6e3dbed&rc=1&mrc=0&fsc=0&zoneid=1601571&tburl=https://play-vids.com/?geo=nl&proxy=true
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
45.133.44.4 Philadelphia, United States, ASN39572 (ADVANCEDHOSTERS-AS, NL),
Reverse DNS
Software
nginx/1.18.0 /
Resource Hash

Request headers

Accept-Language
nl-NL,nl;q=0.9
Referer
https://517s61.reminews.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date
Fri, 03 Dec 2021 16:22:47 GMT
x-openstack-request-id
tx23eb648f44094a9e86fdc-00617824f0
x-trans-id
tx23eb648f44094a9e86fdc-00617824f0
x-timestamp
1621260767.43555
accept-ranges
bytes
expires
Sun, 05 Dec 2021 16:22:47 GMT
last-modified
Mon, 17 May 2021 14:12:48 GMT
server
nginx/1.18.0
etag
b512735542cb07b3b2dcf153a7dfe456
vary
Accept-Encoding
access-control-allow-methods
HEAD,GET,POST,PUT,PATCH,DELETE,OPTIONS
content-type
image/png
access-control-allow-origin
*
access-control-expose-headers
X-Container-Meta-Temp-Url-Key,X-Container-Bytes-Used,Last-Modified,X-Timestamp
cache-control
max-age=172800
content-length
3283
access-control-allow-headers
Content-Type,X-Requested-With,X-Auth-Token,X-Openstack-Request-Id,X-Container-Meta-type,X-Container-Meta-Temp-URL-Key,Authorization
x-proxy-cache
HIT
icon8.png
123.selornews.com/dannig/common-player-arrow/img/ 		4 KB
5 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://123.selornews.com/dannig/common-player-arrow/img/icon8.png
Requested by
Host: 517s61.reminews.com
URL: https://517s61.reminews.com/dannig/common-player-arrow/index.html?var=1541501&ymid=2112031122e998f53968834be18cb6e3dbed&rc=1&mrc=0&fsc=0&zoneid=1601571&tburl=https://play-vids.com/?geo=nl&proxy=true
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
45.133.44.4 Philadelphia, United States, ASN39572 (ADVANCEDHOSTERS-AS, NL),
Reverse DNS
Software
nginx/1.18.0 /
Resource Hash

Request headers

Accept-Language
nl-NL,nl;q=0.9
Referer
https://517s61.reminews.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date
Fri, 03 Dec 2021 16:22:47 GMT
x-openstack-request-id
tx287de7c84de84b77b385d-00617824f0
x-trans-id
tx287de7c84de84b77b385d-00617824f0
x-timestamp
1621260767.46514
accept-ranges
bytes
expires
Sun, 05 Dec 2021 16:22:47 GMT
last-modified
Mon, 17 May 2021 14:12:48 GMT
server
nginx/1.18.0
etag
f92d6474ebc6a3a0b576749cfb4afe98
vary
Accept-Encoding
access-control-allow-methods
HEAD,GET,POST,PUT,PATCH,DELETE,OPTIONS
content-type
image/png
access-control-allow-origin
*
access-control-expose-headers
X-Container-Meta-Temp-Url-Key,X-Container-Bytes-Used,Last-Modified,X-Timestamp
cache-control
max-age=172800
content-length
4064
access-control-allow-headers
Content-Type,X-Requested-With,X-Auth-Token,X-Openstack-Request-Id,X-Container-Meta-type,X-Container-Meta-Temp-URL-Key,Authorization
x-proxy-cache
HIT
afu.php
kneeansweras.com/ 		2 KB
1 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://kneeansweras.com/afu.php?zoneid=1541502&var=1541501
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
109.206.162.83 , Netherlands, ASN50245 (SERVEREL-AS, NL),
Reverse DNS
83.162.serverel.net
Software
nginx /
Resource Hash
636a86bb4abea1a06173cd5f619af48e9cc05012a2baf66feebb030d48d920d2

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36
Accept-Language
nl-NL,nl;q=0.9

Response headers

server
nginx
date
Fri, 03 Dec 2021 16:22:47 GMT
content-type
text/html; charset=utf-8
vary
Accept-Encoding
content-encoding
gzip
timing-allow-origin
*
submit.min.js
kneeansweras.com/ 		34 KB
14 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://kneeansweras.com/submit.min.js?2.0
Requested by
Host: kneeansweras.com
URL: https://kneeansweras.com/afu.php?zoneid=1541502&var=1541501
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
109.206.162.83 , Netherlands, ASN50245 (SERVEREL-AS, NL),
Reverse DNS
83.162.serverel.net
Software
nginx /
Resource Hash
85a367f436675a0f9ff723ab117c68ab0f704cd9f183bc40c8d5e06d647832b8

Request headers

Accept-Language
nl-NL,nl;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date
Fri, 03 Dec 2021 16:22:47 GMT
content-encoding
gzip
last-modified
Thu, 02 Dec 2021 12:43:17 GMT
server
nginx
etag
W/"61a8bf65-87fb"
vary
Accept-Encoding
content-type
application/javascript
timing-allow-origin
*
/
kneeansweras.com/ 		3 KB
2 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://kneeansweras.com/?r=dir&zoneid=1541502&var=1541501&pb=49bc048204b6abe9985c0cd8b82f5e861638555767&psp=2p4v2-ysjKbfLHF95dOnipTVyUOxmMFKeT_mTcUq5o_TjsScAiQ6r7LF3HeTIeCS0e58bmA5PVHf5E3pt6_-Mji42S1aT-WaRNz5dfCstSdrt5cvBHOpmYsZN6YuPVQZcmjERAOF6zxO9Vgw0pdV2kVhm8hnRajEEzQ1V1ikDDKzTW8SXdh451GeD9U8FTM93FGZlkX-ntL4RF9MqLpGtwuwgcGtL3A_Iee994b0T23M-WjEAWyXWgKENusXUio2IlgNIquMYv0jEm-yNjBgGootO3jzDjC61K8KI_9MTknTH3acwUlLVji4M4BOCUjj47PwAv5jPiVh5jc38CVPi3PtlNSviySwEsT-TVKhpvpOjgaruFC0x1ws-FuFizHyZOpL6M1tyL-gPthYT6mxjt3YDr2wf5DsuuFmkBzEr-wG5mHr3r6k08L5-5iC_s6BpcYHS_eEmfchHwjB1_K_K2qh9EVeEqXe2s18uazZyI8jgtlw5__P4OnqZRLbNSzpaZ7NoKzX_cHbWHeLC6FXDWc1valhu9geEz3TvoBvN5JAjuz8J-mcfT2l8d0HMAkzstNzMy3uU_zX6wn5pB2oDIdhtcV0r9FHtxZrjTL13O0ICUpnte-BsH_r7I2bhjSKndOX55nEdCP6SmmqPus_q5OALF4Z8D7v5LFPTMu-QDYQ0nuhLGp1wQ==&nojs=0&ix=0&t=0&x=1600&y=1200&wcks=1&wgl=1&cnvs=1&os=0&md=0&bb=0&pl=Chrome%20PDF%20Plugin::Chrome%20PDF%20Viewer::Native%20Client&lang=en-US&pf=Linux%20x86_64&cd=24&0&pload=118
Requested by
Host: kneeansweras.com
URL: https://kneeansweras.com/submit.min.js?2.0
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
109.206.162.83 , Netherlands, ASN50245 (SERVEREL-AS, NL),
Reverse DNS
83.162.serverel.net
Software
nginx /
Resource Hash
f012a36abab799c5d01ec9b86254ab61e7940feccd545c76f0da333c15855ebf

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36
Accept-Language
nl-NL,nl;q=0.9

Response headers

server
nginx
date
Fri, 03 Dec 2021 16:22:48 GMT
content-type
text/html; charset=utf-8
vary
Accept-Encoding
content-encoding
gzip
timing-allow-origin
*
index.html
517s61.reminews.com/dannig/common-player-arrow/ 		6 KB
7 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://517s61.reminews.com/dannig/common-player-arrow/index.html?var=1541502&ymid=21120311227369fb040c354c76b9d04266c8&rc=1&mrc=0&fsc=0&zoneid=1601571&tburl=https://play-vids.com/?geo=nl&proxy=true
Requested by
Host: kneeansweras.com
URL: https://kneeansweras.com/?r=dir&zoneid=1541502&var=1541501&pb=49bc048204b6abe9985c0cd8b82f5e861638555767&psp=2p4v2-ysjKbfLHF95dOnipTVyUOxmMFKeT_mTcUq5o_TjsScAiQ6r7LF3HeTIeCS0e58bmA5PVHf5E3pt6_-Mji42S1aT-WaRNz5dfCstSdrt5cvBHOpmYsZN6YuPVQZcmjERAOF6zxO9Vgw0pdV2kVhm8hnRajEEzQ1V1ikDDKzTW8SXdh451GeD9U8FTM93FGZlkX-ntL4RF9MqLpGtwuwgcGtL3A_Iee994b0T23M-WjEAWyXWgKENusXUio2IlgNIquMYv0jEm-yNjBgGootO3jzDjC61K8KI_9MTknTH3acwUlLVji4M4BOCUjj47PwAv5jPiVh5jc38CVPi3PtlNSviySwEsT-TVKhpvpOjgaruFC0x1ws-FuFizHyZOpL6M1tyL-gPthYT6mxjt3YDr2wf5DsuuFmkBzEr-wG5mHr3r6k08L5-5iC_s6BpcYHS_eEmfchHwjB1_K_K2qh9EVeEqXe2s18uazZyI8jgtlw5__P4OnqZRLbNSzpaZ7NoKzX_cHbWHeLC6FXDWc1valhu9geEz3TvoBvN5JAjuz8J-mcfT2l8d0HMAkzstNzMy3uU_zX6wn5pB2oDIdhtcV0r9FHtxZrjTL13O0ICUpnte-BsH_r7I2bhjSKndOX55nEdCP6SmmqPus_q5OALF4Z8D7v5LFPTMu-QDYQ0nuhLGp1wQ==&nojs=0&ix=0&t=0&x=1600&y=1200&wcks=1&wgl=1&cnvs=1&os=0&md=0&bb=0&pl=Chrome%20PDF%20Plugin::Chrome%20PDF%20Viewer::Native%20Client&lang=en-US&pf=Linux%20x86_64&cd=24&0&pload=118
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
45.133.44.3 Philadelphia, United States, ASN39572 (ADVANCEDHOSTERS-AS, NL),
Reverse DNS
Software
nginx/1.18.0 /
Resource Hash
dccc56b4834577790633f041a5c730b0f283352e63c8509a9da3961b170b6f96

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36
Accept-Language
nl-NL,nl;q=0.9

Response headers

date
Fri, 03 Dec 2021 16:22:48 GMT
content-type
text/html; charset=utf-8
content-length
6611
server
nginx/1.18.0
last-modified
Tue, 26 Oct 2021 15:52:40 GMT
etag
f46a63e0e4e733d7ddc6f46da00863bf
x-timestamp
1635263559.76455
x-trans-id
txf9973ab5455e4f86ae257-00617824f3
x-openstack-request-id
txf9973ab5455e4f86ae257-00617824f3
cache-control
max-age=172800
access-control-allow-origin
*
access-control-allow-methods
HEAD,GET,POST,PUT,PATCH,DELETE,OPTIONS
access-control-allow-headers
Content-Type,X-Requested-With,X-Auth-Token,X-Openstack-Request-Id,X-Container-Meta-type,X-Container-Meta-Temp-URL-Key,Authorization
access-control-expose-headers
X-Container-Meta-Temp-Url-Key,X-Container-Bytes-Used,Last-Modified,X-Timestamp
expires
Sun, 05 Dec 2021 16:22:48 GMT
vary
Accept-Encoding
x-proxy-cache
HIT
accept-ranges
bytes
dupa.gif
kneeansweras.com/ 		0
0
script.js
123.selornews.com/dannig/common-player-arrow/ 		4 KB
5 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://123.selornews.com/dannig/common-player-arrow/script.js?a=19
Requested by
Host: 517s61.reminews.com
URL: https://517s61.reminews.com/dannig/common-player-arrow/index.html?var=1541502&ymid=21120311227369fb040c354c76b9d04266c8&rc=1&mrc=0&fsc=0&zoneid=1601571&tburl=https://play-vids.com/?geo=nl&proxy=true
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
45.133.44.4 Philadelphia, United States, ASN39572 (ADVANCEDHOSTERS-AS, NL),
Reverse DNS
Software
nginx/1.18.0 /
Resource Hash
4d23eca65ee87fd5bce9aaefc863c5f836ad13dbb3069c72533bddfe2054d0d9

Request headers

Accept-Language
nl-NL,nl;q=0.9
Referer
https://517s61.reminews.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date
Fri, 03 Dec 2021 16:22:48 GMT
x-openstack-request-id
tx511d3042704c4fa98c709-00617824f4
x-trans-id
tx511d3042704c4fa98c709-00617824f4
x-timestamp
1631013005.68768
accept-ranges
bytes
expires
Sun, 05 Dec 2021 16:22:48 GMT
last-modified
Tue, 07 Sep 2021 11:10:06 GMT
server
nginx/1.18.0
etag
9d479878f1dadd7ee15cebf73891e8ae
vary
Accept-Encoding
access-control-allow-methods
HEAD,GET,POST,PUT,PATCH,DELETE,OPTIONS
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
access-control-expose-headers
X-Container-Meta-Temp-Url-Key,X-Container-Bytes-Used,Last-Modified,X-Timestamp
cache-control
max-age=172800
content-length
4281
access-control-allow-headers
Content-Type,X-Requested-With,X-Auth-Token,X-Openstack-Request-Id,X-Container-Meta-type,X-Container-Meta-Temp-URL-Key,Authorization
x-proxy-cache
HIT
icon1.png
123.selornews.com/dannig/common-player-arrow/img/ 		7 KB
8 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://123.selornews.com/dannig/common-player-arrow/img/icon1.png
Requested by
Host: 517s61.reminews.com
URL: https://517s61.reminews.com/dannig/common-player-arrow/index.html?var=1541502&ymid=21120311227369fb040c354c76b9d04266c8&rc=1&mrc=0&fsc=0&zoneid=1601571&tburl=https://play-vids.com/?geo=nl&proxy=true
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
45.133.44.4 Philadelphia, United States, ASN39572 (ADVANCEDHOSTERS-AS, NL),
Reverse DNS
Software
nginx/1.18.0 /
Resource Hash

Request headers

Accept-Language
nl-NL,nl;q=0.9
Referer
https://517s61.reminews.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date
Fri, 03 Dec 2021 16:22:48 GMT
x-openstack-request-id
tx3a371b7f911d47879e956-00617824f4
x-trans-id
tx3a371b7f911d47879e956-00617824f4
x-timestamp
1621260766.56573
accept-ranges
bytes
expires
Sun, 05 Dec 2021 16:22:48 GMT
last-modified
Mon, 17 May 2021 14:12:47 GMT
server
nginx/1.18.0
etag
3d0ab5834c8bf7134e4d21fa3288317f
vary
Accept-Encoding
access-control-allow-methods
HEAD,GET,POST,PUT,PATCH,DELETE,OPTIONS
content-type
image/png
access-control-allow-origin
*
access-control-expose-headers
X-Container-Meta-Temp-Url-Key,X-Container-Bytes-Used,Last-Modified,X-Timestamp
cache-control
max-age=172800
content-length
7252
access-control-allow-headers
Content-Type,X-Requested-With,X-Auth-Token,X-Openstack-Request-Id,X-Container-Meta-type,X-Container-Meta-Temp-URL-Key,Authorization
x-proxy-cache
HIT
icon2.png
123.selornews.com/dannig/common-player-arrow/img/ 		4 KB
5 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://123.selornews.com/dannig/common-player-arrow/img/icon2.png
Requested by
Host: 517s61.reminews.com
URL: https://517s61.reminews.com/dannig/common-player-arrow/index.html?var=1541502&ymid=21120311227369fb040c354c76b9d04266c8&rc=1&mrc=0&fsc=0&zoneid=1601571&tburl=https://play-vids.com/?geo=nl&proxy=true
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
45.133.44.4 Philadelphia, United States, ASN39572 (ADVANCEDHOSTERS-AS, NL),
Reverse DNS
Software
nginx/1.18.0 /
Resource Hash

Request headers

Accept-Language
nl-NL,nl;q=0.9
Referer
https://517s61.reminews.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date
Fri, 03 Dec 2021 16:22:48 GMT
x-openstack-request-id
txa9b08c83d6884e2e94886-00617824f0
x-trans-id
txa9b08c83d6884e2e94886-00617824f0
x-timestamp
1621260766.58366
accept-ranges
bytes
expires
Sun, 05 Dec 2021 16:22:48 GMT
last-modified
Mon, 17 May 2021 14:12:47 GMT
server
nginx/1.18.0
etag
c947d439eb93367f1af5b2a3d222f057
vary
Accept-Encoding
access-control-allow-methods
HEAD,GET,POST,PUT,PATCH,DELETE,OPTIONS
content-type
image/png
access-control-allow-origin
*
access-control-expose-headers
X-Container-Meta-Temp-Url-Key,X-Container-Bytes-Used,Last-Modified,X-Timestamp
cache-control
max-age=172800
content-length
4576
access-control-allow-headers
Content-Type,X-Requested-With,X-Auth-Token,X-Openstack-Request-Id,X-Container-Meta-type,X-Container-Meta-Temp-URL-Key,Authorization
x-proxy-cache
HIT
icon3.png
123.selornews.com/dannig/common-player-arrow/img/ 		8 KB
8 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://123.selornews.com/dannig/common-player-arrow/img/icon3.png
Requested by
Host: 517s61.reminews.com
URL: https://517s61.reminews.com/dannig/common-player-arrow/index.html?var=1541502&ymid=21120311227369fb040c354c76b9d04266c8&rc=1&mrc=0&fsc=0&zoneid=1601571&tburl=https://play-vids.com/?geo=nl&proxy=true
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
45.133.44.4 Philadelphia, United States, ASN39572 (ADVANCEDHOSTERS-AS, NL),
Reverse DNS
Software
nginx/1.18.0 /
Resource Hash

Request headers

Accept-Language
nl-NL,nl;q=0.9
Referer
https://517s61.reminews.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date
Fri, 03 Dec 2021 16:22:48 GMT
x-openstack-request-id
txe836bc800dc74cab8c17e-00617824f0
x-trans-id
txe836bc800dc74cab8c17e-00617824f0
x-timestamp
1621260770.61859
accept-ranges
bytes
expires
Sun, 05 Dec 2021 16:22:48 GMT
last-modified
Mon, 17 May 2021 14:12:51 GMT
server
nginx/1.18.0
etag
8f3cc830da0b1fdf66bda7d1d734747b
vary
Accept-Encoding
access-control-allow-methods
HEAD,GET,POST,PUT,PATCH,DELETE,OPTIONS
content-type
image/png
access-control-allow-origin
*
access-control-expose-headers
X-Container-Meta-Temp-Url-Key,X-Container-Bytes-Used,Last-Modified,X-Timestamp
cache-control
max-age=172800
content-length
7847
access-control-allow-headers
Content-Type,X-Requested-With,X-Auth-Token,X-Openstack-Request-Id,X-Container-Meta-type,X-Container-Meta-Temp-URL-Key,Authorization
x-proxy-cache
HIT
icon4.png
123.selornews.com/dannig/common-player-arrow/img/ 		7 KB
7 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://123.selornews.com/dannig/common-player-arrow/img/icon4.png
Requested by
Host: 517s61.reminews.com
URL: https://517s61.reminews.com/dannig/common-player-arrow/index.html?var=1541502&ymid=21120311227369fb040c354c76b9d04266c8&rc=1&mrc=0&fsc=0&zoneid=1601571&tburl=https://play-vids.com/?geo=nl&proxy=true
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
45.133.44.4 Philadelphia, United States, ASN39572 (ADVANCEDHOSTERS-AS, NL),
Reverse DNS
Software
nginx/1.18.0 /
Resource Hash

Request headers

Accept-Language
nl-NL,nl;q=0.9
Referer
https://517s61.reminews.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date
Fri, 03 Dec 2021 16:22:48 GMT
x-openstack-request-id
tx15b172dcb6084849bf123-00617824f0
x-trans-id
tx15b172dcb6084849bf123-00617824f0
x-timestamp
1621260766.57654
accept-ranges
bytes
expires
Sun, 05 Dec 2021 16:22:48 GMT
last-modified
Mon, 17 May 2021 14:12:47 GMT
server
nginx/1.18.0
etag
7ad7f32c1c0df7b4975cc41bda4ac435
vary
Accept-Encoding
access-control-allow-methods
HEAD,GET,POST,PUT,PATCH,DELETE,OPTIONS
content-type
image/png
access-control-allow-origin
*
access-control-expose-headers
X-Container-Meta-Temp-Url-Key,X-Container-Bytes-Used,Last-Modified,X-Timestamp
cache-control
max-age=172800
content-length
7032
access-control-allow-headers
Content-Type,X-Requested-With,X-Auth-Token,X-Openstack-Request-Id,X-Container-Meta-type,X-Container-Meta-Temp-URL-Key,Authorization
x-proxy-cache
HIT
icon5.png
123.selornews.com/dannig/common-player-arrow/img/ 		3 KB
4 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://123.selornews.com/dannig/common-player-arrow/img/icon5.png
Requested by
Host: 517s61.reminews.com
URL: https://517s61.reminews.com/dannig/common-player-arrow/index.html?var=1541502&ymid=21120311227369fb040c354c76b9d04266c8&rc=1&mrc=0&fsc=0&zoneid=1601571&tburl=https://play-vids.com/?geo=nl&proxy=true
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
45.133.44.4 Philadelphia, United States, ASN39572 (ADVANCEDHOSTERS-AS, NL),
Reverse DNS
Software
nginx/1.18.0 /
Resource Hash

Request headers

Accept-Language
nl-NL,nl;q=0.9
Referer
https://517s61.reminews.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date
Fri, 03 Dec 2021 16:22:48 GMT
x-openstack-request-id
txb5043e51fe2e4d6988631-00617824f0
x-trans-id
txb5043e51fe2e4d6988631-00617824f0
x-timestamp
1621260766.74516
accept-ranges
bytes
expires
Sun, 05 Dec 2021 16:22:48 GMT
last-modified
Mon, 17 May 2021 14:12:47 GMT
server
nginx/1.18.0
etag
1e1a7582b5da63e10485d63f97abc9a0
vary
Accept-Encoding
access-control-allow-methods
HEAD,GET,POST,PUT,PATCH,DELETE,OPTIONS
content-type
image/png
access-control-allow-origin
*
access-control-expose-headers
X-Container-Meta-Temp-Url-Key,X-Container-Bytes-Used,Last-Modified,X-Timestamp
cache-control
max-age=172800
content-length
3264
access-control-allow-headers
Content-Type,X-Requested-With,X-Auth-Token,X-Openstack-Request-Id,X-Container-Meta-type,X-Container-Meta-Temp-URL-Key,Authorization
x-proxy-cache
HIT
icon7.png
123.selornews.com/dannig/common-player-arrow/img/ 		3 KB
4 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://123.selornews.com/dannig/common-player-arrow/img/icon7.png
Requested by
Host: 517s61.reminews.com
URL: https://517s61.reminews.com/dannig/common-player-arrow/index.html?var=1541502&ymid=21120311227369fb040c354c76b9d04266c8&rc=1&mrc=0&fsc=0&zoneid=1601571&tburl=https://play-vids.com/?geo=nl&proxy=true
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
45.133.44.4 Philadelphia, United States, ASN39572 (ADVANCEDHOSTERS-AS, NL),
Reverse DNS
Software
nginx/1.18.0 /
Resource Hash

Request headers

Accept-Language
nl-NL,nl;q=0.9
Referer
https://517s61.reminews.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date
Fri, 03 Dec 2021 16:22:48 GMT
x-openstack-request-id
tx23eb648f44094a9e86fdc-00617824f0
x-trans-id
tx23eb648f44094a9e86fdc-00617824f0
x-timestamp
1621260767.43555
accept-ranges
bytes
expires
Sun, 05 Dec 2021 16:22:48 GMT
last-modified
Mon, 17 May 2021 14:12:48 GMT
server
nginx/1.18.0
etag
b512735542cb07b3b2dcf153a7dfe456
vary
Accept-Encoding
access-control-allow-methods
HEAD,GET,POST,PUT,PATCH,DELETE,OPTIONS
content-type
image/png
access-control-allow-origin
*
access-control-expose-headers
X-Container-Meta-Temp-Url-Key,X-Container-Bytes-Used,Last-Modified,X-Timestamp
cache-control
max-age=172800
content-length
3283
access-control-allow-headers
Content-Type,X-Requested-With,X-Auth-Token,X-Openstack-Request-Id,X-Container-Meta-type,X-Container-Meta-Temp-URL-Key,Authorization
x-proxy-cache
HIT
icon8.png
123.selornews.com/dannig/common-player-arrow/img/ 		4 KB
5 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://123.selornews.com/dannig/common-player-arrow/img/icon8.png
Requested by
Host: 517s61.reminews.com
URL: https://517s61.reminews.com/dannig/common-player-arrow/index.html?var=1541502&ymid=21120311227369fb040c354c76b9d04266c8&rc=1&mrc=0&fsc=0&zoneid=1601571&tburl=https://play-vids.com/?geo=nl&proxy=true
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
45.133.44.4 Philadelphia, United States, ASN39572 (ADVANCEDHOSTERS-AS, NL),
Reverse DNS
Software
nginx/1.18.0 /
Resource Hash

Request headers

Accept-Language
nl-NL,nl;q=0.9
Referer
https://517s61.reminews.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date
Fri, 03 Dec 2021 16:22:48 GMT
x-openstack-request-id
tx287de7c84de84b77b385d-00617824f0
x-trans-id
tx287de7c84de84b77b385d-00617824f0
x-timestamp
1621260767.46514
accept-ranges
bytes
expires
Sun, 05 Dec 2021 16:22:48 GMT
last-modified
Mon, 17 May 2021 14:12:48 GMT
server
nginx/1.18.0
etag
f92d6474ebc6a3a0b576749cfb4afe98
vary
Accept-Encoding
access-control-allow-methods
HEAD,GET,POST,PUT,PATCH,DELETE,OPTIONS
content-type
image/png
access-control-allow-origin
*
access-control-expose-headers
X-Container-Meta-Temp-Url-Key,X-Container-Bytes-Used,Last-Modified,X-Timestamp
cache-control
max-age=172800
content-length
4064
access-control-allow-headers
Content-Type,X-Requested-With,X-Auth-Token,X-Openstack-Request-Id,X-Container-Meta-type,X-Container-Meta-Temp-URL-Key,Authorization
x-proxy-cache
HIT
afu.php
kneeansweras.com/ 		2 KB
1 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://kneeansweras.com/afu.php?zoneid=1541501&var=1541502
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
109.206.162.83 , Netherlands, ASN50245 (SERVEREL-AS, NL),
Reverse DNS
83.162.serverel.net
Software
nginx /
Resource Hash
f763309eb3e31dda681edd3a6336d57d187f8aef9b4917e9d90cacdc41203f79

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36
Accept-Language
nl-NL,nl;q=0.9

Response headers

server
nginx
date
Fri, 03 Dec 2021 16:22:48 GMT
content-type
text/html; charset=utf-8
vary
Accept-Encoding
content-encoding
gzip
timing-allow-origin
*
submit.min.js
kneeansweras.com/ 		34 KB
14 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://kneeansweras.com/submit.min.js?2.0
Requested by
Host: kneeansweras.com
URL: https://kneeansweras.com/afu.php?zoneid=1541501&var=1541502
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
109.206.162.83 , Netherlands, ASN50245 (SERVEREL-AS, NL),
Reverse DNS
83.162.serverel.net
Software
nginx /
Resource Hash
85a367f436675a0f9ff723ab117c68ab0f704cd9f183bc40c8d5e06d647832b8

Request headers

Accept-Language
nl-NL,nl;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date
Fri, 03 Dec 2021 16:22:48 GMT
content-encoding
gzip
last-modified
Thu, 02 Dec 2021 12:43:17 GMT
server
nginx
etag
W/"61a8bf65-87fb"
vary
Accept-Encoding
content-type
application/javascript
timing-allow-origin
*
/
kneeansweras.com/ 		3 KB
2 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://kneeansweras.com/?r=dir&zoneid=1541501&var=1541502&pb=50af4087681193594b5a3cddeff226c41638555768&psp=WjjB2Yp-JGaL5XyXYPoIzsVu7BydMz_4OWZAYFJw3VEoORkTD-xQRRdtZciecIV-ByDtaT2jmBzl6pB9D9myeEaBkAYp4zf4UQ4P5M6acTrUIle61PhSS-Uwfwi6UIKJWePfcV85IUp8jRrB_pnQRrxeJzE_wWn20nG7jA4pJJwC8M3kIgMs31pBGsUo0Q-3-eUIyuo4RtqLlAHJDqWkI03jFXVQBlHbg2Qhq-6AEffS0weLFzFPR0XERZnPwk3O0hAUUoMvI9QTdYSHKpn3ANWx7JnRaVgyrTrt49ZSofO1Gy6INdBxnP3khbi-tN4rJmf1-usdcOz-nFF-oOyCw1glILKMm6hVPxaqgqgpczxrb5mWD2KVv80TElEano5KhuDnlqRHhRwFVEEfamgYU_-5TTL9naH4y-i62V1mMHmo5wokYflecyzheq2GuGmRL7TGGreUY3V0Z_PckjJiocoo6QS2hZSejfyC78-JuDQCesevgzp102f_7v7HgtNDOy7guQ-rRcFmn43rw-UHh9wmWlOyfjUgPpDgeBxlkkKoDlnhnBxRtadCJqgzxGM-mnHmPNt6kMjhSm6EznovZfSUt8sWbAq4-gr9U7_MMkSlJUqP02dTbV4QVTelNY16zTpfpTh75_E95FZrm9qjfAWnN_BWtX9jdWP8aBPuFW26jTTKH312RQ==&nojs=0&ix=0&t=0&x=1600&y=1200&wcks=1&wgl=1&cnvs=1&os=0&md=0&bb=0&pl=Chrome%20PDF%20Plugin::Chrome%20PDF%20Viewer::Native%20Client&lang=en-US&pf=Linux%20x86_64&cd=24&0&pload=104
Requested by
Host: kneeansweras.com
URL: https://kneeansweras.com/submit.min.js?2.0
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
109.206.162.83 , Netherlands, ASN50245 (SERVEREL-AS, NL),
Reverse DNS
83.162.serverel.net
Software
nginx /
Resource Hash
427cdb5c03b335e9b177719bc371718fb7a85ea1c58f65e8fec1d2ac60f70314

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36
Accept-Language
nl-NL,nl;q=0.9

Response headers

server
nginx
date
Fri, 03 Dec 2021 16:22:48 GMT
content-type
text/html; charset=utf-8
vary
Accept-Encoding
content-encoding
gzip
timing-allow-origin
*
index.html
517s61.reminews.com/dannig/common-player-arrow/ 		6 KB
7 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://517s61.reminews.com/dannig/common-player-arrow/index.html?var=1541501&ymid=2112031122ea2aeef4464e4cb4b5d08c371e&rc=1&mrc=0&fsc=0&zoneid=1601571&tburl=https://play-vids.com/?geo=nl&proxy=true
Requested by
Host: kneeansweras.com
URL: https://kneeansweras.com/?r=dir&zoneid=1541501&var=1541502&pb=50af4087681193594b5a3cddeff226c41638555768&psp=WjjB2Yp-JGaL5XyXYPoIzsVu7BydMz_4OWZAYFJw3VEoORkTD-xQRRdtZciecIV-ByDtaT2jmBzl6pB9D9myeEaBkAYp4zf4UQ4P5M6acTrUIle61PhSS-Uwfwi6UIKJWePfcV85IUp8jRrB_pnQRrxeJzE_wWn20nG7jA4pJJwC8M3kIgMs31pBGsUo0Q-3-eUIyuo4RtqLlAHJDqWkI03jFXVQBlHbg2Qhq-6AEffS0weLFzFPR0XERZnPwk3O0hAUUoMvI9QTdYSHKpn3ANWx7JnRaVgyrTrt49ZSofO1Gy6INdBxnP3khbi-tN4rJmf1-usdcOz-nFF-oOyCw1glILKMm6hVPxaqgqgpczxrb5mWD2KVv80TElEano5KhuDnlqRHhRwFVEEfamgYU_-5TTL9naH4y-i62V1mMHmo5wokYflecyzheq2GuGmRL7TGGreUY3V0Z_PckjJiocoo6QS2hZSejfyC78-JuDQCesevgzp102f_7v7HgtNDOy7guQ-rRcFmn43rw-UHh9wmWlOyfjUgPpDgeBxlkkKoDlnhnBxRtadCJqgzxGM-mnHmPNt6kMjhSm6EznovZfSUt8sWbAq4-gr9U7_MMkSlJUqP02dTbV4QVTelNY16zTpfpTh75_E95FZrm9qjfAWnN_BWtX9jdWP8aBPuFW26jTTKH312RQ==&nojs=0&ix=0&t=0&x=1600&y=1200&wcks=1&wgl=1&cnvs=1&os=0&md=0&bb=0&pl=Chrome%20PDF%20Plugin::Chrome%20PDF%20Viewer::Native%20Client&lang=en-US&pf=Linux%20x86_64&cd=24&0&pload=104
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
45.133.44.3 Philadelphia, United States, ASN39572 (ADVANCEDHOSTERS-AS, NL),
Reverse DNS
Software
nginx/1.18.0 /
Resource Hash
dccc56b4834577790633f041a5c730b0f283352e63c8509a9da3961b170b6f96

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36
Accept-Language
nl-NL,nl;q=0.9

Response headers

date
Fri, 03 Dec 2021 16:22:48 GMT
content-type
text/html; charset=utf-8
content-length
6611
server
nginx/1.18.0
last-modified
Tue, 26 Oct 2021 15:52:40 GMT
etag
f46a63e0e4e733d7ddc6f46da00863bf
x-timestamp
1635263559.76455
x-trans-id
txf9973ab5455e4f86ae257-00617824f3
x-openstack-request-id
txf9973ab5455e4f86ae257-00617824f3
cache-control
max-age=172800
access-control-allow-origin
*
access-control-allow-methods
HEAD,GET,POST,PUT,PATCH,DELETE,OPTIONS
access-control-allow-headers
Content-Type,X-Requested-With,X-Auth-Token,X-Openstack-Request-Id,X-Container-Meta-type,X-Container-Meta-Temp-URL-Key,Authorization
access-control-expose-headers
X-Container-Meta-Temp-Url-Key,X-Container-Bytes-Used,Last-Modified,X-Timestamp
expires
Sun, 05 Dec 2021 16:22:48 GMT
vary
Accept-Encoding
x-proxy-cache
HIT
accept-ranges
bytes
dupa.gif
kneeansweras.com/ 		0
0
script.js
123.selornews.com/dannig/common-player-arrow/ 		4 KB
5 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://123.selornews.com/dannig/common-player-arrow/script.js?a=19
Requested by
Host: 517s61.reminews.com
URL: https://517s61.reminews.com/dannig/common-player-arrow/index.html?var=1541501&ymid=2112031122ea2aeef4464e4cb4b5d08c371e&rc=1&mrc=0&fsc=0&zoneid=1601571&tburl=https://play-vids.com/?geo=nl&proxy=true
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
45.133.44.4 Philadelphia, United States, ASN39572 (ADVANCEDHOSTERS-AS, NL),
Reverse DNS
Software
nginx/1.18.0 /
Resource Hash
4d23eca65ee87fd5bce9aaefc863c5f836ad13dbb3069c72533bddfe2054d0d9

Request headers

Accept-Language
nl-NL,nl;q=0.9
Referer
https://517s61.reminews.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date
Fri, 03 Dec 2021 16:22:48 GMT
x-openstack-request-id
tx511d3042704c4fa98c709-00617824f4
x-trans-id
tx511d3042704c4fa98c709-00617824f4
x-timestamp
1631013005.68768
accept-ranges
bytes
expires
Sun, 05 Dec 2021 16:22:48 GMT
last-modified
Tue, 07 Sep 2021 11:10:06 GMT
server
nginx/1.18.0
etag
9d479878f1dadd7ee15cebf73891e8ae
vary
Accept-Encoding
access-control-allow-methods
HEAD,GET,POST,PUT,PATCH,DELETE,OPTIONS
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
access-control-expose-headers
X-Container-Meta-Temp-Url-Key,X-Container-Bytes-Used,Last-Modified,X-Timestamp
cache-control
max-age=172800
content-length
4281
access-control-allow-headers
Content-Type,X-Requested-With,X-Auth-Token,X-Openstack-Request-Id,X-Container-Meta-type,X-Container-Meta-Temp-URL-Key,Authorization
x-proxy-cache
HIT
icon1.png
123.selornews.com/dannig/common-player-arrow/img/ 		7 KB
8 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://123.selornews.com/dannig/common-player-arrow/img/icon1.png
Requested by
Host: 517s61.reminews.com
URL: https://517s61.reminews.com/dannig/common-player-arrow/index.html?var=1541501&ymid=2112031122ea2aeef4464e4cb4b5d08c371e&rc=1&mrc=0&fsc=0&zoneid=1601571&tburl=https://play-vids.com/?geo=nl&proxy=true
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
45.133.44.4 Philadelphia, United States, ASN39572 (ADVANCEDHOSTERS-AS, NL),
Reverse DNS
Software
nginx/1.18.0 /
Resource Hash

Request headers

Accept-Language
nl-NL,nl;q=0.9
Referer
https://517s61.reminews.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date
Fri, 03 Dec 2021 16:22:48 GMT
x-openstack-request-id
tx3a371b7f911d47879e956-00617824f4
x-trans-id
tx3a371b7f911d47879e956-00617824f4
x-timestamp
1621260766.56573
accept-ranges
bytes
expires
Sun, 05 Dec 2021 16:22:48 GMT
last-modified
Mon, 17 May 2021 14:12:47 GMT
server
nginx/1.18.0
etag
3d0ab5834c8bf7134e4d21fa3288317f
vary
Accept-Encoding
access-control-allow-methods
HEAD,GET,POST,PUT,PATCH,DELETE,OPTIONS
content-type
image/png
access-control-allow-origin
*
access-control-expose-headers
X-Container-Meta-Temp-Url-Key,X-Container-Bytes-Used,Last-Modified,X-Timestamp
cache-control
max-age=172800
content-length
7252
access-control-allow-headers
Content-Type,X-Requested-With,X-Auth-Token,X-Openstack-Request-Id,X-Container-Meta-type,X-Container-Meta-Temp-URL-Key,Authorization
x-proxy-cache
HIT
icon2.png
123.selornews.com/dannig/common-player-arrow/img/ 		4 KB
5 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://123.selornews.com/dannig/common-player-arrow/img/icon2.png
Requested by
Host: 517s61.reminews.com
URL: https://517s61.reminews.com/dannig/common-player-arrow/index.html?var=1541501&ymid=2112031122ea2aeef4464e4cb4b5d08c371e&rc=1&mrc=0&fsc=0&zoneid=1601571&tburl=https://play-vids.com/?geo=nl&proxy=true
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
45.133.44.4 Philadelphia, United States, ASN39572 (ADVANCEDHOSTERS-AS, NL),
Reverse DNS
Software
nginx/1.18.0 /
Resource Hash

Request headers

Accept-Language
nl-NL,nl;q=0.9
Referer
https://517s61.reminews.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date
Fri, 03 Dec 2021 16:22:48 GMT
x-openstack-request-id
txa9b08c83d6884e2e94886-00617824f0
x-trans-id
txa9b08c83d6884e2e94886-00617824f0
x-timestamp
1621260766.58366
accept-ranges
bytes
expires
Sun, 05 Dec 2021 16:22:48 GMT
last-modified
Mon, 17 May 2021 14:12:47 GMT
server
nginx/1.18.0
etag
c947d439eb93367f1af5b2a3d222f057
vary
Accept-Encoding
access-control-allow-methods
HEAD,GET,POST,PUT,PATCH,DELETE,OPTIONS
content-type
image/png
access-control-allow-origin
*
access-control-expose-headers
X-Container-Meta-Temp-Url-Key,X-Container-Bytes-Used,Last-Modified,X-Timestamp
cache-control
max-age=172800
content-length
4576
access-control-allow-headers
Content-Type,X-Requested-With,X-Auth-Token,X-Openstack-Request-Id,X-Container-Meta-type,X-Container-Meta-Temp-URL-Key,Authorization
x-proxy-cache
HIT
icon3.png
123.selornews.com/dannig/common-player-arrow/img/ 		8 KB
8 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://123.selornews.com/dannig/common-player-arrow/img/icon3.png
Requested by
Host: 517s61.reminews.com
URL: https://517s61.reminews.com/dannig/common-player-arrow/index.html?var=1541501&ymid=2112031122ea2aeef4464e4cb4b5d08c371e&rc=1&mrc=0&fsc=0&zoneid=1601571&tburl=https://play-vids.com/?geo=nl&proxy=true
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
45.133.44.4 Philadelphia, United States, ASN39572 (ADVANCEDHOSTERS-AS, NL),
Reverse DNS
Software
nginx/1.18.0 /
Resource Hash

Request headers

Accept-Language
nl-NL,nl;q=0.9
Referer
https://517s61.reminews.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date
Fri, 03 Dec 2021 16:22:48 GMT
x-openstack-request-id
txe836bc800dc74cab8c17e-00617824f0
x-trans-id
txe836bc800dc74cab8c17e-00617824f0
x-timestamp
1621260770.61859
accept-ranges
bytes
expires
Sun, 05 Dec 2021 16:22:48 GMT
last-modified
Mon, 17 May 2021 14:12:51 GMT
server
nginx/1.18.0
etag
8f3cc830da0b1fdf66bda7d1d734747b
vary
Accept-Encoding
access-control-allow-methods
HEAD,GET,POST,PUT,PATCH,DELETE,OPTIONS
content-type
image/png
access-control-allow-origin
*
access-control-expose-headers
X-Container-Meta-Temp-Url-Key,X-Container-Bytes-Used,Last-Modified,X-Timestamp
cache-control
max-age=172800
content-length
7847
access-control-allow-headers
Content-Type,X-Requested-With,X-Auth-Token,X-Openstack-Request-Id,X-Container-Meta-type,X-Container-Meta-Temp-URL-Key,Authorization
x-proxy-cache
HIT
icon4.png
123.selornews.com/dannig/common-player-arrow/img/ 		7 KB
7 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://123.selornews.com/dannig/common-player-arrow/img/icon4.png
Requested by
Host: 517s61.reminews.com
URL: https://517s61.reminews.com/dannig/common-player-arrow/index.html?var=1541501&ymid=2112031122ea2aeef4464e4cb4b5d08c371e&rc=1&mrc=0&fsc=0&zoneid=1601571&tburl=https://play-vids.com/?geo=nl&proxy=true
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
45.133.44.4 Philadelphia, United States, ASN39572 (ADVANCEDHOSTERS-AS, NL),
Reverse DNS
Software
nginx/1.18.0 /
Resource Hash

Request headers

Accept-Language
nl-NL,nl;q=0.9
Referer
https://517s61.reminews.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date
Fri, 03 Dec 2021 16:22:48 GMT
x-openstack-request-id
tx15b172dcb6084849bf123-00617824f0
x-trans-id
tx15b172dcb6084849bf123-00617824f0
x-timestamp
1621260766.57654
accept-ranges
bytes
expires
Sun, 05 Dec 2021 16:22:48 GMT
last-modified
Mon, 17 May 2021 14:12:47 GMT
server
nginx/1.18.0
etag
7ad7f32c1c0df7b4975cc41bda4ac435
vary
Accept-Encoding
access-control-allow-methods
HEAD,GET,POST,PUT,PATCH,DELETE,OPTIONS
content-type
image/png
access-control-allow-origin
*
access-control-expose-headers
X-Container-Meta-Temp-Url-Key,X-Container-Bytes-Used,Last-Modified,X-Timestamp
cache-control
max-age=172800
content-length
7032
access-control-allow-headers
Content-Type,X-Requested-With,X-Auth-Token,X-Openstack-Request-Id,X-Container-Meta-type,X-Container-Meta-Temp-URL-Key,Authorization
x-proxy-cache
HIT
icon5.png
123.selornews.com/dannig/common-player-arrow/img/ 		3 KB
4 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://123.selornews.com/dannig/common-player-arrow/img/icon5.png
Requested by
Host: 517s61.reminews.com
URL: https://517s61.reminews.com/dannig/common-player-arrow/index.html?var=1541501&ymid=2112031122ea2aeef4464e4cb4b5d08c371e&rc=1&mrc=0&fsc=0&zoneid=1601571&tburl=https://play-vids.com/?geo=nl&proxy=true
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
45.133.44.4 Philadelphia, United States, ASN39572 (ADVANCEDHOSTERS-AS, NL),
Reverse DNS
Software
nginx/1.18.0 /
Resource Hash

Request headers

Accept-Language
nl-NL,nl;q=0.9
Referer
https://517s61.reminews.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date
Fri, 03 Dec 2021 16:22:48 GMT
x-openstack-request-id
txb5043e51fe2e4d6988631-00617824f0
x-trans-id
txb5043e51fe2e4d6988631-00617824f0
x-timestamp
1621260766.74516
accept-ranges
bytes
expires
Sun, 05 Dec 2021 16:22:48 GMT
last-modified
Mon, 17 May 2021 14:12:47 GMT
server
nginx/1.18.0
etag
1e1a7582b5da63e10485d63f97abc9a0
vary
Accept-Encoding
access-control-allow-methods
HEAD,GET,POST,PUT,PATCH,DELETE,OPTIONS
content-type
image/png
access-control-allow-origin
*
access-control-expose-headers
X-Container-Meta-Temp-Url-Key,X-Container-Bytes-Used,Last-Modified,X-Timestamp
cache-control
max-age=172800
content-length
3264
access-control-allow-headers
Content-Type,X-Requested-With,X-Auth-Token,X-Openstack-Request-Id,X-Container-Meta-type,X-Container-Meta-Temp-URL-Key,Authorization
x-proxy-cache
HIT
icon7.png
123.selornews.com/dannig/common-player-arrow/img/ 		3 KB
4 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://123.selornews.com/dannig/common-player-arrow/img/icon7.png
Requested by
Host: 517s61.reminews.com
URL: https://517s61.reminews.com/dannig/common-player-arrow/index.html?var=1541501&ymid=2112031122ea2aeef4464e4cb4b5d08c371e&rc=1&mrc=0&fsc=0&zoneid=1601571&tburl=https://play-vids.com/?geo=nl&proxy=true
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
45.133.44.4 Philadelphia, United States, ASN39572 (ADVANCEDHOSTERS-AS, NL),
Reverse DNS
Software
nginx/1.18.0 /
Resource Hash

Request headers

Accept-Language
nl-NL,nl;q=0.9
Referer
https://517s61.reminews.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date
Fri, 03 Dec 2021 16:22:48 GMT
x-openstack-request-id
tx23eb648f44094a9e86fdc-00617824f0
x-trans-id
tx23eb648f44094a9e86fdc-00617824f0
x-timestamp
1621260767.43555
accept-ranges
bytes
expires
Sun, 05 Dec 2021 16:22:48 GMT
last-modified
Mon, 17 May 2021 14:12:48 GMT
server
nginx/1.18.0
etag
b512735542cb07b3b2dcf153a7dfe456
vary
Accept-Encoding
access-control-allow-methods
HEAD,GET,POST,PUT,PATCH,DELETE,OPTIONS
content-type
image/png
access-control-allow-origin
*
access-control-expose-headers
X-Container-Meta-Temp-Url-Key,X-Container-Bytes-Used,Last-Modified,X-Timestamp
cache-control
max-age=172800
content-length
3283
access-control-allow-headers
Content-Type,X-Requested-With,X-Auth-Token,X-Openstack-Request-Id,X-Container-Meta-type,X-Container-Meta-Temp-URL-Key,Authorization
x-proxy-cache
HIT
icon8.png
123.selornews.com/dannig/common-player-arrow/img/ 		4 KB
5 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://123.selornews.com/dannig/common-player-arrow/img/icon8.png
Requested by
Host: 517s61.reminews.com
URL: https://517s61.reminews.com/dannig/common-player-arrow/index.html?var=1541501&ymid=2112031122ea2aeef4464e4cb4b5d08c371e&rc=1&mrc=0&fsc=0&zoneid=1601571&tburl=https://play-vids.com/?geo=nl&proxy=true
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
45.133.44.4 Philadelphia, United States, ASN39572 (ADVANCEDHOSTERS-AS, NL),
Reverse DNS
Software
nginx/1.18.0 /
Resource Hash

Request headers

Accept-Language
nl-NL,nl;q=0.9
Referer
https://517s61.reminews.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date
Fri, 03 Dec 2021 16:22:48 GMT
x-openstack-request-id
tx287de7c84de84b77b385d-00617824f0
x-trans-id
tx287de7c84de84b77b385d-00617824f0
x-timestamp
1621260767.46514
accept-ranges
bytes
expires
Sun, 05 Dec 2021 16:22:48 GMT
last-modified
Mon, 17 May 2021 14:12:48 GMT
server
nginx/1.18.0
etag
f92d6474ebc6a3a0b576749cfb4afe98
vary
Accept-Encoding
access-control-allow-methods
HEAD,GET,POST,PUT,PATCH,DELETE,OPTIONS
content-type
image/png
access-control-allow-origin
*
access-control-expose-headers
X-Container-Meta-Temp-Url-Key,X-Container-Bytes-Used,Last-Modified,X-Timestamp
cache-control
max-age=172800
content-length
4064
access-control-allow-headers
Content-Type,X-Requested-With,X-Auth-Token,X-Openstack-Request-Id,X-Container-Meta-type,X-Container-Meta-Temp-URL-Key,Authorization
x-proxy-cache
HIT
afu.php
kneeansweras.com/ 		2 KB
1 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://kneeansweras.com/afu.php?zoneid=1541502&var=1541501
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
109.206.162.83 , Netherlands, ASN50245 (SERVEREL-AS, NL),
Reverse DNS
83.162.serverel.net
Software
nginx /
Resource Hash
d555018e666ba6124f5a5bbf20311cf02d735dd416d5b2f36b5c6a95c97c81bd

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36
Accept-Language
nl-NL,nl;q=0.9

Response headers

server
nginx
date
Fri, 03 Dec 2021 16:22:48 GMT
content-type
text/html; charset=utf-8
vary
Accept-Encoding
content-encoding
gzip
timing-allow-origin
*
submit.min.js
kneeansweras.com/ 		34 KB
14 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://kneeansweras.com/submit.min.js?2.0
Requested by
Host: kneeansweras.com
URL: https://kneeansweras.com/afu.php?zoneid=1541502&var=1541501
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
109.206.162.83 , Netherlands, ASN50245 (SERVEREL-AS, NL),
Reverse DNS
83.162.serverel.net
Software
nginx /
Resource Hash
85a367f436675a0f9ff723ab117c68ab0f704cd9f183bc40c8d5e06d647832b8

Request headers

Accept-Language
nl-NL,nl;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date
Fri, 03 Dec 2021 16:22:48 GMT
content-encoding
gzip
last-modified
Thu, 02 Dec 2021 12:43:17 GMT
server
nginx
etag
W/"61a8bf65-87fb"
vary
Accept-Encoding
content-type
application/javascript
timing-allow-origin
*
/
kneeansweras.com/ 		3 KB
2 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://kneeansweras.com/?r=dir&zoneid=1541502&var=1541501&pb=50af4087681193594b5a3cddeff226c41638555768&psp=D2xNXqlzY6qh48JFRpriZEas3TYUhwM3RAqz8jzLvoGUMCyQkrDel7awiAwk9cQbyOZ5pJ8lv6OS7-V2_XeYMaOLGxO260tk4VOa_oFb_YY1MWAEb_UFAz-xL5tsL81iSqFOD2OkumjLT1po1YBuGaNTgyjXzjoqI06Pvgn_L34FozeqxQgJWTAGEAThzV_yL7Pb6vJIrUorNqvtF64oCRWYqtxLd2jOtWyM_UTOQLyp5zGWpc5lNwOJLRaq9G6CmnbFsE2FpccbeQ1ZpM13CZLuz3Jd7eGwicW6JTtbaHyJlx6q9ZwEDTly45ECgzh4L2YIrhwv16vQnD_iaPogGV9dv1d8VHIyTPY-lyeNGs1gEjPQuGGpUo0ev8H4gPrXCe2tNe4I0fGAoDacc29O9uIqfx_dubhFywtoEM8bubF43LnVpIG4ahbf8tF5Ub5ENuJixOb5phezCfIwPwMJvOI4oZJUwbkTYxKYTy136WqWlBgtENqKV2CdhSvAktznY5Xf9wIrWE27Cmuh8MPChake0XB6cKyVVpPbhIvv1uza5ZfYhFaxryfqYWPCvqCaJTVMcjjQIW5hIVCRgF2Zkaof5xtn_VNKp0JYNMDw_uSfa13xAjrPnCmj2hw1O4dmhRCd0PN8ZbnUazTQF1-jbJhlnXVE1fjVFfiEqnjfAswMGia3xm11Zw==&nojs=0&ix=0&t=0&x=1600&y=1200&wcks=1&wgl=1&cnvs=1&os=0&md=0&bb=0&pl=Chrome%20PDF%20Plugin::Chrome%20PDF%20Viewer::Native%20Client&lang=en-US&pf=Linux%20x86_64&cd=24&0&pload=108
Requested by
Host: kneeansweras.com
URL: https://kneeansweras.com/submit.min.js?2.0
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
109.206.162.83 , Netherlands, ASN50245 (SERVEREL-AS, NL),
Reverse DNS
83.162.serverel.net
Software
nginx /
Resource Hash
a9ff88c96abf1a622e804bbecb59c4a5507b7f8c68ec8248ff27781cc12060ac

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36
Accept-Language
nl-NL,nl;q=0.9

Response headers

server
nginx
date
Fri, 03 Dec 2021 16:22:48 GMT
content-type
text/html; charset=utf-8
vary
Accept-Encoding
content-encoding
gzip
timing-allow-origin
*
index.html
517s61.reminews.com/dannig/common-player-arrow/ 		6 KB
7 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://517s61.reminews.com/dannig/common-player-arrow/index.html?var=1541502&ymid=21120311227e7e81f802b54d7482686361ca&rc=1&mrc=0&fsc=0&zoneid=1601571&tburl=https://play-vids.com/?geo=nl&proxy=true
Requested by
Host: kneeansweras.com
URL: https://kneeansweras.com/?r=dir&zoneid=1541502&var=1541501&pb=50af4087681193594b5a3cddeff226c41638555768&psp=D2xNXqlzY6qh48JFRpriZEas3TYUhwM3RAqz8jzLvoGUMCyQkrDel7awiAwk9cQbyOZ5pJ8lv6OS7-V2_XeYMaOLGxO260tk4VOa_oFb_YY1MWAEb_UFAz-xL5tsL81iSqFOD2OkumjLT1po1YBuGaNTgyjXzjoqI06Pvgn_L34FozeqxQgJWTAGEAThzV_yL7Pb6vJIrUorNqvtF64oCRWYqtxLd2jOtWyM_UTOQLyp5zGWpc5lNwOJLRaq9G6CmnbFsE2FpccbeQ1ZpM13CZLuz3Jd7eGwicW6JTtbaHyJlx6q9ZwEDTly45ECgzh4L2YIrhwv16vQnD_iaPogGV9dv1d8VHIyTPY-lyeNGs1gEjPQuGGpUo0ev8H4gPrXCe2tNe4I0fGAoDacc29O9uIqfx_dubhFywtoEM8bubF43LnVpIG4ahbf8tF5Ub5ENuJixOb5phezCfIwPwMJvOI4oZJUwbkTYxKYTy136WqWlBgtENqKV2CdhSvAktznY5Xf9wIrWE27Cmuh8MPChake0XB6cKyVVpPbhIvv1uza5ZfYhFaxryfqYWPCvqCaJTVMcjjQIW5hIVCRgF2Zkaof5xtn_VNKp0JYNMDw_uSfa13xAjrPnCmj2hw1O4dmhRCd0PN8ZbnUazTQF1-jbJhlnXVE1fjVFfiEqnjfAswMGia3xm11Zw==&nojs=0&ix=0&t=0&x=1600&y=1200&wcks=1&wgl=1&cnvs=1&os=0&md=0&bb=0&pl=Chrome%20PDF%20Plugin::Chrome%20PDF%20Viewer::Native%20Client&lang=en-US&pf=Linux%20x86_64&cd=24&0&pload=108
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
45.133.44.3 Philadelphia, United States, ASN39572 (ADVANCEDHOSTERS-AS, NL),
Reverse DNS
Software
nginx/1.18.0 /
Resource Hash
dccc56b4834577790633f041a5c730b0f283352e63c8509a9da3961b170b6f96

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36
Accept-Language
nl-NL,nl;q=0.9

Response headers

date
Fri, 03 Dec 2021 16:22:48 GMT
content-type
text/html; charset=utf-8
content-length
6611
server
nginx/1.18.0
last-modified
Tue, 26 Oct 2021 15:52:40 GMT
etag
f46a63e0e4e733d7ddc6f46da00863bf
x-timestamp
1635263559.76455
x-trans-id
txf9973ab5455e4f86ae257-00617824f3
x-openstack-request-id
txf9973ab5455e4f86ae257-00617824f3
cache-control
max-age=172800
access-control-allow-origin
*
access-control-allow-methods
HEAD,GET,POST,PUT,PATCH,DELETE,OPTIONS
access-control-allow-headers
Content-Type,X-Requested-With,X-Auth-Token,X-Openstack-Request-Id,X-Container-Meta-type,X-Container-Meta-Temp-URL-Key,Authorization
access-control-expose-headers
X-Container-Meta-Temp-Url-Key,X-Container-Bytes-Used,Last-Modified,X-Timestamp
expires
Sun, 05 Dec 2021 16:22:48 GMT
vary
Accept-Encoding
x-proxy-cache
HIT
accept-ranges
bytes
dupa.gif
kneeansweras.com/ 		0
0
script.js
123.selornews.com/dannig/common-player-arrow/ 		4 KB
5 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://123.selornews.com/dannig/common-player-arrow/script.js?a=19
Requested by
Host: 517s61.reminews.com
URL: https://517s61.reminews.com/dannig/common-player-arrow/index.html?var=1541502&ymid=21120311227e7e81f802b54d7482686361ca&rc=1&mrc=0&fsc=0&zoneid=1601571&tburl=https://play-vids.com/?geo=nl&proxy=true
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
45.133.44.4 Philadelphia, United States, ASN39572 (ADVANCEDHOSTERS-AS, NL),
Reverse DNS
Software
nginx/1.18.0 /
Resource Hash
4d23eca65ee87fd5bce9aaefc863c5f836ad13dbb3069c72533bddfe2054d0d9

Request headers

Accept-Language
nl-NL,nl;q=0.9
Referer
https://517s61.reminews.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date
Fri, 03 Dec 2021 16:22:48 GMT
x-openstack-request-id
tx511d3042704c4fa98c709-00617824f4
x-trans-id
tx511d3042704c4fa98c709-00617824f4
x-timestamp
1631013005.68768
accept-ranges
bytes
expires
Sun, 05 Dec 2021 16:22:48 GMT
last-modified
Tue, 07 Sep 2021 11:10:06 GMT
server
nginx/1.18.0
etag
9d479878f1dadd7ee15cebf73891e8ae
vary
Accept-Encoding
access-control-allow-methods
HEAD,GET,POST,PUT,PATCH,DELETE,OPTIONS
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
access-control-expose-headers
X-Container-Meta-Temp-Url-Key,X-Container-Bytes-Used,Last-Modified,X-Timestamp
cache-control
max-age=172800
content-length
4281
access-control-allow-headers
Content-Type,X-Requested-With,X-Auth-Token,X-Openstack-Request-Id,X-Container-Meta-type,X-Container-Meta-Temp-URL-Key,Authorization
x-proxy-cache
HIT
icon1.png
123.selornews.com/dannig/common-player-arrow/img/ 		7 KB
8 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://123.selornews.com/dannig/common-player-arrow/img/icon1.png
Requested by
Host: 517s61.reminews.com
URL: https://517s61.reminews.com/dannig/common-player-arrow/index.html?var=1541502&ymid=21120311227e7e81f802b54d7482686361ca&rc=1&mrc=0&fsc=0&zoneid=1601571&tburl=https://play-vids.com/?geo=nl&proxy=true
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
45.133.44.4 Philadelphia, United States, ASN39572 (ADVANCEDHOSTERS-AS, NL),
Reverse DNS
Software
nginx/1.18.0 /
Resource Hash

Request headers

Accept-Language
nl-NL,nl;q=0.9
Referer
https://517s61.reminews.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date
Fri, 03 Dec 2021 16:22:48 GMT
x-openstack-request-id
tx3a371b7f911d47879e956-00617824f4
x-trans-id
tx3a371b7f911d47879e956-00617824f4
x-timestamp
1621260766.56573
accept-ranges
bytes
expires
Sun, 05 Dec 2021 16:22:48 GMT
last-modified
Mon, 17 May 2021 14:12:47 GMT
server
nginx/1.18.0
etag
3d0ab5834c8bf7134e4d21fa3288317f
vary
Accept-Encoding
access-control-allow-methods
HEAD,GET,POST,PUT,PATCH,DELETE,OPTIONS
content-type
image/png
access-control-allow-origin
*
access-control-expose-headers
X-Container-Meta-Temp-Url-Key,X-Container-Bytes-Used,Last-Modified,X-Timestamp
cache-control
max-age=172800
content-length
7252
access-control-allow-headers
Content-Type,X-Requested-With,X-Auth-Token,X-Openstack-Request-Id,X-Container-Meta-type,X-Container-Meta-Temp-URL-Key,Authorization
x-proxy-cache
HIT
icon2.png
123.selornews.com/dannig/common-player-arrow/img/ 		4 KB
5 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://123.selornews.com/dannig/common-player-arrow/img/icon2.png
Requested by
Host: 517s61.reminews.com
URL: https://517s61.reminews.com/dannig/common-player-arrow/index.html?var=1541502&ymid=21120311227e7e81f802b54d7482686361ca&rc=1&mrc=0&fsc=0&zoneid=1601571&tburl=https://play-vids.com/?geo=nl&proxy=true
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
45.133.44.4 Philadelphia, United States, ASN39572 (ADVANCEDHOSTERS-AS, NL),
Reverse DNS
Software
nginx/1.18.0 /
Resource Hash

Request headers

Accept-Language
nl-NL,nl;q=0.9
Referer
https://517s61.reminews.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date
Fri, 03 Dec 2021 16:22:48 GMT
x-openstack-request-id
txa9b08c83d6884e2e94886-00617824f0
x-trans-id
txa9b08c83d6884e2e94886-00617824f0
x-timestamp
1621260766.58366
accept-ranges
bytes
expires
Sun, 05 Dec 2021 16:22:48 GMT
last-modified
Mon, 17 May 2021 14:12:47 GMT
server
nginx/1.18.0
etag
c947d439eb93367f1af5b2a3d222f057
vary
Accept-Encoding
access-control-allow-methods
HEAD,GET,POST,PUT,PATCH,DELETE,OPTIONS
content-type
image/png
access-control-allow-origin
*
access-control-expose-headers
X-Container-Meta-Temp-Url-Key,X-Container-Bytes-Used,Last-Modified,X-Timestamp
cache-control
max-age=172800
content-length
4576
access-control-allow-headers
Content-Type,X-Requested-With,X-Auth-Token,X-Openstack-Request-Id,X-Container-Meta-type,X-Container-Meta-Temp-URL-Key,Authorization
x-proxy-cache
HIT
icon3.png
123.selornews.com/dannig/common-player-arrow/img/ 		8 KB
8 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://123.selornews.com/dannig/common-player-arrow/img/icon3.png
Requested by
Host: 517s61.reminews.com
URL: https://517s61.reminews.com/dannig/common-player-arrow/index.html?var=1541502&ymid=21120311227e7e81f802b54d7482686361ca&rc=1&mrc=0&fsc=0&zoneid=1601571&tburl=https://play-vids.com/?geo=nl&proxy=true
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
45.133.44.4 Philadelphia, United States, ASN39572 (ADVANCEDHOSTERS-AS, NL),
Reverse DNS
Software
nginx/1.18.0 /
Resource Hash

Request headers

Accept-Language
nl-NL,nl;q=0.9
Referer
https://517s61.reminews.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date
Fri, 03 Dec 2021 16:22:48 GMT
x-openstack-request-id
txe836bc800dc74cab8c17e-00617824f0
x-trans-id
txe836bc800dc74cab8c17e-00617824f0
x-timestamp
1621260770.61859
accept-ranges
bytes
expires
Sun, 05 Dec 2021 16:22:48 GMT
last-modified
Mon, 17 May 2021 14:12:51 GMT
server
nginx/1.18.0
etag
8f3cc830da0b1fdf66bda7d1d734747b
vary
Accept-Encoding
access-control-allow-methods
HEAD,GET,POST,PUT,PATCH,DELETE,OPTIONS
content-type
image/png
access-control-allow-origin
*
access-control-expose-headers
X-Container-Meta-Temp-Url-Key,X-Container-Bytes-Used,Last-Modified,X-Timestamp
cache-control
max-age=172800
content-length
7847
access-control-allow-headers
Content-Type,X-Requested-With,X-Auth-Token,X-Openstack-Request-Id,X-Container-Meta-type,X-Container-Meta-Temp-URL-Key,Authorization
x-proxy-cache
HIT
icon4.png
123.selornews.com/dannig/common-player-arrow/img/ 		7 KB
7 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://123.selornews.com/dannig/common-player-arrow/img/icon4.png
Requested by
Host: 517s61.reminews.com
URL: https://517s61.reminews.com/dannig/common-player-arrow/index.html?var=1541502&ymid=21120311227e7e81f802b54d7482686361ca&rc=1&mrc=0&fsc=0&zoneid=1601571&tburl=https://play-vids.com/?geo=nl&proxy=true
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
45.133.44.4 Philadelphia, United States, ASN39572 (ADVANCEDHOSTERS-AS, NL),
Reverse DNS
Software
nginx/1.18.0 /
Resource Hash

Request headers

Accept-Language
nl-NL,nl;q=0.9
Referer
https://517s61.reminews.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date
Fri, 03 Dec 2021 16:22:48 GMT
x-openstack-request-id
tx15b172dcb6084849bf123-00617824f0
x-trans-id
tx15b172dcb6084849bf123-00617824f0
x-timestamp
1621260766.57654
accept-ranges
bytes
expires
Sun, 05 Dec 2021 16:22:48 GMT
last-modified
Mon, 17 May 2021 14:12:47 GMT
server
nginx/1.18.0
etag
7ad7f32c1c0df7b4975cc41bda4ac435
vary
Accept-Encoding
access-control-allow-methods
HEAD,GET,POST,PUT,PATCH,DELETE,OPTIONS
content-type
image/png
access-control-allow-origin
*
access-control-expose-headers
X-Container-Meta-Temp-Url-Key,X-Container-Bytes-Used,Last-Modified,X-Timestamp
cache-control
max-age=172800
content-length
7032
access-control-allow-headers
Content-Type,X-Requested-With,X-Auth-Token,X-Openstack-Request-Id,X-Container-Meta-type,X-Container-Meta-Temp-URL-Key,Authorization
x-proxy-cache
HIT
icon5.png
123.selornews.com/dannig/common-player-arrow/img/ 		3 KB
4 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://123.selornews.com/dannig/common-player-arrow/img/icon5.png
Requested by
Host: 517s61.reminews.com
URL: https://517s61.reminews.com/dannig/common-player-arrow/index.html?var=1541502&ymid=21120311227e7e81f802b54d7482686361ca&rc=1&mrc=0&fsc=0&zoneid=1601571&tburl=https://play-vids.com/?geo=nl&proxy=true
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
45.133.44.4 Philadelphia, United States, ASN39572 (ADVANCEDHOSTERS-AS, NL),
Reverse DNS
Software
nginx/1.18.0 /
Resource Hash

Request headers

Accept-Language
nl-NL,nl;q=0.9
Referer
https://517s61.reminews.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date
Fri, 03 Dec 2021 16:22:48 GMT
x-openstack-request-id
txb5043e51fe2e4d6988631-00617824f0
x-trans-id
txb5043e51fe2e4d6988631-00617824f0
x-timestamp
1621260766.74516
accept-ranges
bytes
expires
Sun, 05 Dec 2021 16:22:48 GMT
last-modified
Mon, 17 May 2021 14:12:47 GMT
server
nginx/1.18.0
etag
1e1a7582b5da63e10485d63f97abc9a0
vary
Accept-Encoding
access-control-allow-methods
HEAD,GET,POST,PUT,PATCH,DELETE,OPTIONS
content-type
image/png
access-control-allow-origin
*
access-control-expose-headers
X-Container-Meta-Temp-Url-Key,X-Container-Bytes-Used,Last-Modified,X-Timestamp
cache-control
max-age=172800
content-length
3264
access-control-allow-headers
Content-Type,X-Requested-With,X-Auth-Token,X-Openstack-Request-Id,X-Container-Meta-type,X-Container-Meta-Temp-URL-Key,Authorization
x-proxy-cache
HIT
icon7.png
123.selornews.com/dannig/common-player-arrow/img/ 		3 KB
4 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://123.selornews.com/dannig/common-player-arrow/img/icon7.png
Requested by
Host: 517s61.reminews.com
URL: https://517s61.reminews.com/dannig/common-player-arrow/index.html?var=1541502&ymid=21120311227e7e81f802b54d7482686361ca&rc=1&mrc=0&fsc=0&zoneid=1601571&tburl=https://play-vids.com/?geo=nl&proxy=true
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
45.133.44.4 Philadelphia, United States, ASN39572 (ADVANCEDHOSTERS-AS, NL),
Reverse DNS
Software
nginx/1.18.0 /
Resource Hash

Request headers

Accept-Language
nl-NL,nl;q=0.9
Referer
https://517s61.reminews.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date
Fri, 03 Dec 2021 16:22:48 GMT
x-openstack-request-id
tx23eb648f44094a9e86fdc-00617824f0
x-trans-id
tx23eb648f44094a9e86fdc-00617824f0
x-timestamp
1621260767.43555
accept-ranges
bytes
expires
Sun, 05 Dec 2021 16:22:48 GMT
last-modified
Mon, 17 May 2021 14:12:48 GMT
server
nginx/1.18.0
etag
b512735542cb07b3b2dcf153a7dfe456
vary
Accept-Encoding
access-control-allow-methods
HEAD,GET,POST,PUT,PATCH,DELETE,OPTIONS
content-type
image/png
access-control-allow-origin
*
access-control-expose-headers
X-Container-Meta-Temp-Url-Key,X-Container-Bytes-Used,Last-Modified,X-Timestamp
cache-control
max-age=172800
content-length
3283
access-control-allow-headers
Content-Type,X-Requested-With,X-Auth-Token,X-Openstack-Request-Id,X-Container-Meta-type,X-Container-Meta-Temp-URL-Key,Authorization
x-proxy-cache
HIT
icon8.png
123.selornews.com/dannig/common-player-arrow/img/ 		4 KB
5 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://123.selornews.com/dannig/common-player-arrow/img/icon8.png
Requested by
Host: 517s61.reminews.com
URL: https://517s61.reminews.com/dannig/common-player-arrow/index.html?var=1541502&ymid=21120311227e7e81f802b54d7482686361ca&rc=1&mrc=0&fsc=0&zoneid=1601571&tburl=https://play-vids.com/?geo=nl&proxy=true
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
45.133.44.4 Philadelphia, United States, ASN39572 (ADVANCEDHOSTERS-AS, NL),
Reverse DNS
Software
nginx/1.18.0 /
Resource Hash

Request headers

Accept-Language
nl-NL,nl;q=0.9
Referer
https://517s61.reminews.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date
Fri, 03 Dec 2021 16:22:48 GMT
x-openstack-request-id
tx287de7c84de84b77b385d-00617824f0
x-trans-id
tx287de7c84de84b77b385d-00617824f0
x-timestamp
1621260767.46514
accept-ranges
bytes
expires
Sun, 05 Dec 2021 16:22:48 GMT
last-modified
Mon, 17 May 2021 14:12:48 GMT
server
nginx/1.18.0
etag
f92d6474ebc6a3a0b576749cfb4afe98
vary
Accept-Encoding
access-control-allow-methods
HEAD,GET,POST,PUT,PATCH,DELETE,OPTIONS
content-type
image/png
access-control-allow-origin
*
access-control-expose-headers
X-Container-Meta-Temp-Url-Key,X-Container-Bytes-Used,Last-Modified,X-Timestamp
cache-control
max-age=172800
content-length
4064
access-control-allow-headers
Content-Type,X-Requested-With,X-Auth-Token,X-Openstack-Request-Id,X-Container-Meta-type,X-Container-Meta-Temp-URL-Key,Authorization
x-proxy-cache
HIT
afu.php
kneeansweras.com/ 		2 KB
1 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://kneeansweras.com/afu.php?zoneid=1541501&var=1541502
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
109.206.162.83 , Netherlands, ASN50245 (SERVEREL-AS, NL),
Reverse DNS
83.162.serverel.net
Software
nginx /
Resource Hash
9e6ddcb09e9ac3f172ec5a13e9022db191f31f620fd291a16091ad62c37f4445

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36
Accept-Language
nl-NL,nl;q=0.9

Response headers

server
nginx
date
Fri, 03 Dec 2021 16:22:48 GMT
content-type
text/html; charset=utf-8
vary
Accept-Encoding
content-encoding
gzip
timing-allow-origin
*
submit.min.js
kneeansweras.com/ 		34 KB
14 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://kneeansweras.com/submit.min.js?2.0
Requested by
Host: kneeansweras.com
URL: https://kneeansweras.com/afu.php?zoneid=1541501&var=1541502
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
109.206.162.83 , Netherlands, ASN50245 (SERVEREL-AS, NL),
Reverse DNS
83.162.serverel.net
Software
nginx /
Resource Hash
85a367f436675a0f9ff723ab117c68ab0f704cd9f183bc40c8d5e06d647832b8

Request headers

Accept-Language
nl-NL,nl;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date
Fri, 03 Dec 2021 16:22:48 GMT
content-encoding
gzip
last-modified
Thu, 02 Dec 2021 12:43:17 GMT
server
nginx
etag
W/"61a8bf65-87fb"
vary
Accept-Encoding
content-type
application/javascript
timing-allow-origin
*
/
kneeansweras.com/ 		3 KB
2 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://kneeansweras.com/?r=dir&zoneid=1541501&var=1541502&pb=50af4087681193594b5a3cddeff226c41638555768&psp=GBgZ3s-lMeW2V3iYdNxeryAEDg5jWxgDIgjRxtISyt3P9Mpz7_yq1vE7cG0zT8GcGTQ6RI3uFQ59Pteg_JnOktEku5ouh5naUKvqTQjbhVZVuHyzgf1y96nJtUuXYRZVwgeh5ge_8IUfwYy8Dt4aDJORZKdH7V4QBAwZbVdfJk0ONpaXDFLQX4RBHRfcCzNhfN_m2rG2sATPzmDJzJKZvWxS1xEtslUxnRTbL2uLgkBeezh0VAZLo5pfLIYew79r4clL-sJcxGKlkSNmpV57Yi8P85_kWDj_uuwE6_R6lovvrc7ooL3596CImoPSOtPQWbG1qmi3XhetSP-eL84Ri6T-DWij3UVUuSmfDEE2cG5KNDCQ0jbMmE5WmWjMvl2XEdG-q_7ZBDdNCcoqQzyqpwArfxXyKh55VlpPJfTxZWJz4dLHvx2nt0Nu3xLIU7rQuBHpggdtQEKoM6bpcBakYXxjz0B_y09IMLJeFM6Fl240c9SYQlAiuPd3XAQOsl0b_7pK5Cn3AvUVVBPzpK_2GDHcveSH9huJiGNJFSCS0rgjL6tdzPYvwusgJaiV1XLlT59BAfbijDKFfyz6au5cLFKwTjHvELZI2mpqyYmwdOolh9p7ptbwkt1YbbZ1zeJ6SerAPHJUL_UWs4yukjCbA9Om_rzxBfiTFGyUNcPkPH8izHywGJXIfg==&nojs=0&ix=0&t=0&x=1600&y=1200&wcks=1&wgl=1&cnvs=1&os=0&md=0&bb=0&pl=Chrome%20PDF%20Plugin::Chrome%20PDF%20Viewer::Native%20Client&lang=en-US&pf=Linux%20x86_64&cd=24&0&pload=115
Requested by
Host: kneeansweras.com
URL: https://kneeansweras.com/submit.min.js?2.0
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
109.206.162.83 , Netherlands, ASN50245 (SERVEREL-AS, NL),
Reverse DNS
83.162.serverel.net
Software
nginx /
Resource Hash
b6b5155f408fe2eec2a544ec0d0d758ffdfa1418a954900e8e8e9ef006312911

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36
Accept-Language
nl-NL,nl;q=0.9

Response headers

server
nginx
date
Fri, 03 Dec 2021 16:22:48 GMT
content-type
text/html; charset=utf-8
vary
Accept-Encoding
content-encoding
gzip
timing-allow-origin
*
index.html
517s61.reminews.com/dannig/common-player-arrow/ 		6 KB
7 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://517s61.reminews.com/dannig/common-player-arrow/index.html?var=1541501&ymid=2112031122e7e21bddb871437f9f46585a37&rc=1&mrc=0&fsc=0&zoneid=1601571&tburl=https://play-vids.com/?geo=nl&proxy=true
Requested by
Host: kneeansweras.com
URL: https://kneeansweras.com/?r=dir&zoneid=1541501&var=1541502&pb=50af4087681193594b5a3cddeff226c41638555768&psp=GBgZ3s-lMeW2V3iYdNxeryAEDg5jWxgDIgjRxtISyt3P9Mpz7_yq1vE7cG0zT8GcGTQ6RI3uFQ59Pteg_JnOktEku5ouh5naUKvqTQjbhVZVuHyzgf1y96nJtUuXYRZVwgeh5ge_8IUfwYy8Dt4aDJORZKdH7V4QBAwZbVdfJk0ONpaXDFLQX4RBHRfcCzNhfN_m2rG2sATPzmDJzJKZvWxS1xEtslUxnRTbL2uLgkBeezh0VAZLo5pfLIYew79r4clL-sJcxGKlkSNmpV57Yi8P85_kWDj_uuwE6_R6lovvrc7ooL3596CImoPSOtPQWbG1qmi3XhetSP-eL84Ri6T-DWij3UVUuSmfDEE2cG5KNDCQ0jbMmE5WmWjMvl2XEdG-q_7ZBDdNCcoqQzyqpwArfxXyKh55VlpPJfTxZWJz4dLHvx2nt0Nu3xLIU7rQuBHpggdtQEKoM6bpcBakYXxjz0B_y09IMLJeFM6Fl240c9SYQlAiuPd3XAQOsl0b_7pK5Cn3AvUVVBPzpK_2GDHcveSH9huJiGNJFSCS0rgjL6tdzPYvwusgJaiV1XLlT59BAfbijDKFfyz6au5cLFKwTjHvELZI2mpqyYmwdOolh9p7ptbwkt1YbbZ1zeJ6SerAPHJUL_UWs4yukjCbA9Om_rzxBfiTFGyUNcPkPH8izHywGJXIfg==&nojs=0&ix=0&t=0&x=1600&y=1200&wcks=1&wgl=1&cnvs=1&os=0&md=0&bb=0&pl=Chrome%20PDF%20Plugin::Chrome%20PDF%20Viewer::Native%20Client&lang=en-US&pf=Linux%20x86_64&cd=24&0&pload=115
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
45.133.44.3 Philadelphia, United States, ASN39572 (ADVANCEDHOSTERS-AS, NL),
Reverse DNS
Software
nginx/1.18.0 /
Resource Hash
dccc56b4834577790633f041a5c730b0f283352e63c8509a9da3961b170b6f96

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36
Accept-Language
nl-NL,nl;q=0.9

Response headers

date
Fri, 03 Dec 2021 16:22:48 GMT
content-type
text/html; charset=utf-8
content-length
6611
server
nginx/1.18.0
last-modified
Tue, 26 Oct 2021 15:52:40 GMT
etag
f46a63e0e4e733d7ddc6f46da00863bf
x-timestamp
1635263559.76455
x-trans-id
txf9973ab5455e4f86ae257-00617824f3
x-openstack-request-id
txf9973ab5455e4f86ae257-00617824f3
cache-control
max-age=172800
access-control-allow-origin
*
access-control-allow-methods
HEAD,GET,POST,PUT,PATCH,DELETE,OPTIONS
access-control-allow-headers
Content-Type,X-Requested-With,X-Auth-Token,X-Openstack-Request-Id,X-Container-Meta-type,X-Container-Meta-Temp-URL-Key,Authorization
access-control-expose-headers
X-Container-Meta-Temp-Url-Key,X-Container-Bytes-Used,Last-Modified,X-Timestamp
expires
Sun, 05 Dec 2021 16:22:48 GMT
vary
Accept-Encoding
x-proxy-cache
HIT
accept-ranges
bytes
dupa.gif
kneeansweras.com/ 		0
0
script.js
123.selornews.com/dannig/common-player-arrow/ 		4 KB
5 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://123.selornews.com/dannig/common-player-arrow/script.js?a=19
Requested by
Host: 517s61.reminews.com
URL: https://517s61.reminews.com/dannig/common-player-arrow/index.html?var=1541501&ymid=2112031122e7e21bddb871437f9f46585a37&rc=1&mrc=0&fsc=0&zoneid=1601571&tburl=https://play-vids.com/?geo=nl&proxy=true
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
45.133.44.4 Philadelphia, United States, ASN39572 (ADVANCEDHOSTERS-AS, NL),
Reverse DNS
Software
nginx/1.18.0 /
Resource Hash
4d23eca65ee87fd5bce9aaefc863c5f836ad13dbb3069c72533bddfe2054d0d9

Request headers

Accept-Language
nl-NL,nl;q=0.9
Referer
https://517s61.reminews.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date
Fri, 03 Dec 2021 16:22:48 GMT
x-openstack-request-id
tx511d3042704c4fa98c709-00617824f4
x-trans-id
tx511d3042704c4fa98c709-00617824f4
x-timestamp
1631013005.68768
accept-ranges
bytes
expires
Sun, 05 Dec 2021 16:22:48 GMT
last-modified
Tue, 07 Sep 2021 11:10:06 GMT
server
nginx/1.18.0
etag
9d479878f1dadd7ee15cebf73891e8ae
vary
Accept-Encoding
access-control-allow-methods
HEAD,GET,POST,PUT,PATCH,DELETE,OPTIONS
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
access-control-expose-headers
X-Container-Meta-Temp-Url-Key,X-Container-Bytes-Used,Last-Modified,X-Timestamp
cache-control
max-age=172800
content-length
4281
access-control-allow-headers
Content-Type,X-Requested-With,X-Auth-Token,X-Openstack-Request-Id,X-Container-Meta-type,X-Container-Meta-Temp-URL-Key,Authorization
x-proxy-cache
HIT
icon1.png
123.selornews.com/dannig/common-player-arrow/img/ 		7 KB
8 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://123.selornews.com/dannig/common-player-arrow/img/icon1.png
Requested by
Host: 517s61.reminews.com
URL: https://517s61.reminews.com/dannig/common-player-arrow/index.html?var=1541501&ymid=2112031122e7e21bddb871437f9f46585a37&rc=1&mrc=0&fsc=0&zoneid=1601571&tburl=https://play-vids.com/?geo=nl&proxy=true
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
45.133.44.4 Philadelphia, United States, ASN39572 (ADVANCEDHOSTERS-AS, NL),
Reverse DNS
Software
nginx/1.18.0 /
Resource Hash

Request headers

Accept-Language
nl-NL,nl;q=0.9
Referer
https://517s61.reminews.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date
Fri, 03 Dec 2021 16:22:48 GMT
x-openstack-request-id
tx3a371b7f911d47879e956-00617824f4
x-trans-id
tx3a371b7f911d47879e956-00617824f4
x-timestamp
1621260766.56573
accept-ranges
bytes
expires
Sun, 05 Dec 2021 16:22:48 GMT
last-modified
Mon, 17 May 2021 14:12:47 GMT
server
nginx/1.18.0
etag
3d0ab5834c8bf7134e4d21fa3288317f
vary
Accept-Encoding
access-control-allow-methods
HEAD,GET,POST,PUT,PATCH,DELETE,OPTIONS
content-type
image/png
access-control-allow-origin
*
access-control-expose-headers
X-Container-Meta-Temp-Url-Key,X-Container-Bytes-Used,Last-Modified,X-Timestamp
cache-control
max-age=172800
content-length
7252
access-control-allow-headers
Content-Type,X-Requested-With,X-Auth-Token,X-Openstack-Request-Id,X-Container-Meta-type,X-Container-Meta-Temp-URL-Key,Authorization
x-proxy-cache
HIT
icon2.png
123.selornews.com/dannig/common-player-arrow/img/ 		4 KB
5 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://123.selornews.com/dannig/common-player-arrow/img/icon2.png
Requested by
Host: 517s61.reminews.com
URL: https://517s61.reminews.com/dannig/common-player-arrow/index.html?var=1541501&ymid=2112031122e7e21bddb871437f9f46585a37&rc=1&mrc=0&fsc=0&zoneid=1601571&tburl=https://play-vids.com/?geo=nl&proxy=true
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
45.133.44.4 Philadelphia, United States, ASN39572 (ADVANCEDHOSTERS-AS, NL),
Reverse DNS
Software
nginx/1.18.0 /
Resource Hash

Request headers

Accept-Language
nl-NL,nl;q=0.9
Referer
https://517s61.reminews.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date
Fri, 03 Dec 2021 16:22:48 GMT
x-openstack-request-id
txa9b08c83d6884e2e94886-00617824f0
x-trans-id
txa9b08c83d6884e2e94886-00617824f0
x-timestamp
1621260766.58366
accept-ranges
bytes
expires
Sun, 05 Dec 2021 16:22:48 GMT
last-modified
Mon, 17 May 2021 14:12:47 GMT
server
nginx/1.18.0
etag
c947d439eb93367f1af5b2a3d222f057
vary
Accept-Encoding
access-control-allow-methods
HEAD,GET,POST,PUT,PATCH,DELETE,OPTIONS
content-type
image/png
access-control-allow-origin
*
access-control-expose-headers
X-Container-Meta-Temp-Url-Key,X-Container-Bytes-Used,Last-Modified,X-Timestamp
cache-control
max-age=172800
content-length
4576
access-control-allow-headers
Content-Type,X-Requested-With,X-Auth-Token,X-Openstack-Request-Id,X-Container-Meta-type,X-Container-Meta-Temp-URL-Key,Authorization
x-proxy-cache
HIT
icon3.png
123.selornews.com/dannig/common-player-arrow/img/ 		8 KB
8 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://123.selornews.com/dannig/common-player-arrow/img/icon3.png
Requested by
Host: 517s61.reminews.com
URL: https://517s61.reminews.com/dannig/common-player-arrow/index.html?var=1541501&ymid=2112031122e7e21bddb871437f9f46585a37&rc=1&mrc=0&fsc=0&zoneid=1601571&tburl=https://play-vids.com/?geo=nl&proxy=true
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
45.133.44.4 Philadelphia, United States, ASN39572 (ADVANCEDHOSTERS-AS, NL),
Reverse DNS
Software
nginx/1.18.0 /
Resource Hash

Request headers

Accept-Language
nl-NL,nl;q=0.9
Referer
https://517s61.reminews.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date
Fri, 03 Dec 2021 16:22:48 GMT
x-openstack-request-id
txe836bc800dc74cab8c17e-00617824f0
x-trans-id
txe836bc800dc74cab8c17e-00617824f0
x-timestamp
1621260770.61859
accept-ranges
bytes
expires
Sun, 05 Dec 2021 16:22:48 GMT
last-modified
Mon, 17 May 2021 14:12:51 GMT
server
nginx/1.18.0
etag
8f3cc830da0b1fdf66bda7d1d734747b
vary
Accept-Encoding
access-control-allow-methods
HEAD,GET,POST,PUT,PATCH,DELETE,OPTIONS
content-type
image/png
access-control-allow-origin
*
access-control-expose-headers
X-Container-Meta-Temp-Url-Key,X-Container-Bytes-Used,Last-Modified,X-Timestamp
cache-control
max-age=172800
content-length
7847
access-control-allow-headers
Content-Type,X-Requested-With,X-Auth-Token,X-Openstack-Request-Id,X-Container-Meta-type,X-Container-Meta-Temp-URL-Key,Authorization
x-proxy-cache
HIT
icon4.png
123.selornews.com/dannig/common-player-arrow/img/ 		7 KB
7 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://123.selornews.com/dannig/common-player-arrow/img/icon4.png
Requested by
Host: 517s61.reminews.com
URL: https://517s61.reminews.com/dannig/common-player-arrow/index.html?var=1541501&ymid=2112031122e7e21bddb871437f9f46585a37&rc=1&mrc=0&fsc=0&zoneid=1601571&tburl=https://play-vids.com/?geo=nl&proxy=true
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
45.133.44.4 Philadelphia, United States, ASN39572 (ADVANCEDHOSTERS-AS, NL),
Reverse DNS
Software
nginx/1.18.0 /
Resource Hash

Request headers

Accept-Language
nl-NL,nl;q=0.9
Referer
https://517s61.reminews.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date
Fri, 03 Dec 2021 16:22:48 GMT
x-openstack-request-id
tx15b172dcb6084849bf123-00617824f0
x-trans-id
tx15b172dcb6084849bf123-00617824f0
x-timestamp
1621260766.57654
accept-ranges
bytes
expires
Sun, 05 Dec 2021 16:22:48 GMT
last-modified
Mon, 17 May 2021 14:12:47 GMT
server
nginx/1.18.0
etag
7ad7f32c1c0df7b4975cc41bda4ac435
vary
Accept-Encoding
access-control-allow-methods
HEAD,GET,POST,PUT,PATCH,DELETE,OPTIONS
content-type
image/png
access-control-allow-origin
*
access-control-expose-headers
X-Container-Meta-Temp-Url-Key,X-Container-Bytes-Used,Last-Modified,X-Timestamp
cache-control
max-age=172800
content-length
7032
access-control-allow-headers
Content-Type,X-Requested-With,X-Auth-Token,X-Openstack-Request-Id,X-Container-Meta-type,X-Container-Meta-Temp-URL-Key,Authorization
x-proxy-cache
HIT
icon5.png
123.selornews.com/dannig/common-player-arrow/img/ 		3 KB
4 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://123.selornews.com/dannig/common-player-arrow/img/icon5.png
Requested by
Host: 517s61.reminews.com
URL: https://517s61.reminews.com/dannig/common-player-arrow/index.html?var=1541501&ymid=2112031122e7e21bddb871437f9f46585a37&rc=1&mrc=0&fsc=0&zoneid=1601571&tburl=https://play-vids.com/?geo=nl&proxy=true
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
45.133.44.4 Philadelphia, United States, ASN39572 (ADVANCEDHOSTERS-AS, NL),
Reverse DNS
Software
nginx/1.18.0 /
Resource Hash

Request headers

Accept-Language
nl-NL,nl;q=0.9
Referer
https://517s61.reminews.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date
Fri, 03 Dec 2021 16:22:48 GMT
x-openstack-request-id
txb5043e51fe2e4d6988631-00617824f0
x-trans-id
txb5043e51fe2e4d6988631-00617824f0
x-timestamp
1621260766.74516
accept-ranges
bytes
expires
Sun, 05 Dec 2021 16:22:48 GMT
last-modified
Mon, 17 May 2021 14:12:47 GMT
server
nginx/1.18.0
etag
1e1a7582b5da63e10485d63f97abc9a0
vary
Accept-Encoding
access-control-allow-methods
HEAD,GET,POST,PUT,PATCH,DELETE,OPTIONS
content-type
image/png
access-control-allow-origin
*
access-control-expose-headers
X-Container-Meta-Temp-Url-Key,X-Container-Bytes-Used,Last-Modified,X-Timestamp
cache-control
max-age=172800
content-length
3264
access-control-allow-headers
Content-Type,X-Requested-With,X-Auth-Token,X-Openstack-Request-Id,X-Container-Meta-type,X-Container-Meta-Temp-URL-Key,Authorization
x-proxy-cache
HIT
icon7.png
123.selornews.com/dannig/common-player-arrow/img/ 		3 KB
4 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://123.selornews.com/dannig/common-player-arrow/img/icon7.png
Requested by
Host: 517s61.reminews.com
URL: https://517s61.reminews.com/dannig/common-player-arrow/index.html?var=1541501&ymid=2112031122e7e21bddb871437f9f46585a37&rc=1&mrc=0&fsc=0&zoneid=1601571&tburl=https://play-vids.com/?geo=nl&proxy=true
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
45.133.44.4 Philadelphia, United States, ASN39572 (ADVANCEDHOSTERS-AS, NL),
Reverse DNS
Software
nginx/1.18.0 /
Resource Hash

Request headers

Accept-Language
nl-NL,nl;q=0.9
Referer
https://517s61.reminews.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date
Fri, 03 Dec 2021 16:22:48 GMT
x-openstack-request-id
tx23eb648f44094a9e86fdc-00617824f0
x-trans-id
tx23eb648f44094a9e86fdc-00617824f0
x-timestamp
1621260767.43555
accept-ranges
bytes
expires
Sun, 05 Dec 2021 16:22:48 GMT
last-modified
Mon, 17 May 2021 14:12:48 GMT
server
nginx/1.18.0
etag
b512735542cb07b3b2dcf153a7dfe456
vary
Accept-Encoding
access-control-allow-methods
HEAD,GET,POST,PUT,PATCH,DELETE,OPTIONS
content-type
image/png
access-control-allow-origin
*
access-control-expose-headers
X-Container-Meta-Temp-Url-Key,X-Container-Bytes-Used,Last-Modified,X-Timestamp
cache-control
max-age=172800
content-length
3283
access-control-allow-headers
Content-Type,X-Requested-With,X-Auth-Token,X-Openstack-Request-Id,X-Container-Meta-type,X-Container-Meta-Temp-URL-Key,Authorization
x-proxy-cache
HIT
icon8.png
123.selornews.com/dannig/common-player-arrow/img/ 		4 KB
5 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://123.selornews.com/dannig/common-player-arrow/img/icon8.png
Requested by
Host: 517s61.reminews.com
URL: https://517s61.reminews.com/dannig/common-player-arrow/index.html?var=1541501&ymid=2112031122e7e21bddb871437f9f46585a37&rc=1&mrc=0&fsc=0&zoneid=1601571&tburl=https://play-vids.com/?geo=nl&proxy=true
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
45.133.44.4 Philadelphia, United States, ASN39572 (ADVANCEDHOSTERS-AS, NL),
Reverse DNS
Software
nginx/1.18.0 /
Resource Hash

Request headers

Accept-Language
nl-NL,nl;q=0.9
Referer
https://517s61.reminews.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date
Fri, 03 Dec 2021 16:22:48 GMT
x-openstack-request-id
tx287de7c84de84b77b385d-00617824f0
x-trans-id
tx287de7c84de84b77b385d-00617824f0
x-timestamp
1621260767.46514
accept-ranges
bytes
expires
Sun, 05 Dec 2021 16:22:48 GMT
last-modified
Mon, 17 May 2021 14:12:48 GMT
server
nginx/1.18.0
etag
f92d6474ebc6a3a0b576749cfb4afe98
vary
Accept-Encoding
access-control-allow-methods
HEAD,GET,POST,PUT,PATCH,DELETE,OPTIONS
content-type
image/png
access-control-allow-origin
*
access-control-expose-headers
X-Container-Meta-Temp-Url-Key,X-Container-Bytes-Used,Last-Modified,X-Timestamp
cache-control
max-age=172800
content-length
4064
access-control-allow-headers
Content-Type,X-Requested-With,X-Auth-Token,X-Openstack-Request-Id,X-Container-Meta-type,X-Container-Meta-Temp-URL-Key,Authorization
x-proxy-cache
HIT
afu.php
kneeansweras.com/ 		2 KB
1 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://kneeansweras.com/afu.php?zoneid=1541502&var=1541501
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
109.206.162.83 , Netherlands, ASN50245 (SERVEREL-AS, NL),
Reverse DNS
83.162.serverel.net
Software
nginx /
Resource Hash
fc0accd33acde38f42da9bfad34920b836243923af116b65fc0d56e7c984eb8e

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36
Accept-Language
nl-NL,nl;q=0.9

Response headers

server
nginx
date
Fri, 03 Dec 2021 16:22:48 GMT
content-type
text/html; charset=utf-8
vary
Accept-Encoding
content-encoding
gzip
timing-allow-origin
*
submit.min.js
kneeansweras.com/ 		34 KB
14 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://kneeansweras.com/submit.min.js?2.0
Requested by
Host: kneeansweras.com
URL: https://kneeansweras.com/afu.php?zoneid=1541502&var=1541501
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
109.206.162.83 , Netherlands, ASN50245 (SERVEREL-AS, NL),
Reverse DNS
83.162.serverel.net
Software
nginx /
Resource Hash
85a367f436675a0f9ff723ab117c68ab0f704cd9f183bc40c8d5e06d647832b8

Request headers

Accept-Language
nl-NL,nl;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date
Fri, 03 Dec 2021 16:22:48 GMT
content-encoding
gzip
last-modified
Thu, 02 Dec 2021 12:43:17 GMT
server
nginx
etag
W/"61a8bf65-87fb"
vary
Accept-Encoding
content-type
application/javascript
timing-allow-origin
*
/
kneeansweras.com/ 		3 KB
2 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://kneeansweras.com/?r=dir&zoneid=1541502&var=1541501&pb=50af4087681193594b5a3cddeff226c41638555768&psp=Bq_nWk2sXJisywEBjD_q-O78d0GQdwaGg4mArNcQPjaEQYrh1Dstr9TBbZ5i_ehaCvWzh2j_lxW_4KV9Y0xxAr3Ci4ZLKK3-Z20eNNgnibtH45CzSXLxnxKH_hd2Tl6_xdg_KjYu7IKvxQNNRCWarII6c-Z1TvhtEzODCC41Aj3gKht6yLvzoQYe9xyjhd0SYPd8guAgN34lH8CVfWFqWrpzVlNTRnaHuX2FdOgRtMpMWaf8by9Mxi9uXxnOsVmRSjYHYmzj9M_ckkuCtYbqCet9Fl8TTAqRqZMdCjmhYVMnRdS9F61Tx38r_uIKmpmgjdVeyNOtftLQ8W_4_IM9KB7n6-meDb3wGBF-yXg7zmZUH41fOiMkEDwDyVG20HgFaLLjiEVoCcT-5n_0Pw7_RGt-8W1rWtVmfjUPHcs6e5FmX-geMa70CrIRKiUcA6o3uU1JJvA2hlkvJGLHjYIArVmo6AvnqVJ4_QuXVCaWiLirgNgy92ah7S1IaVApGbzsnJCWeAUiAXasqulZTePtzvYWUfuKuBsmUIfwOm4l5wJ-Ik4JtrrLJymL2m9YLVetQTgpttzBGJ2YCey9VO--z90gNnAnivpMUYZKMfjmDcmRYJhLe7lSE8hxmema52TNRXOb1y2fgjpOZQDLTpxCYLg03StqdN54To52oOguhzwnGAzRdlhZKg==&nojs=0&ix=0&t=0&x=1600&y=1200&wcks=1&wgl=1&cnvs=1&os=0&md=0&bb=0&pl=Chrome%20PDF%20Plugin::Chrome%20PDF%20Viewer::Native%20Client&lang=en-US&pf=Linux%20x86_64&cd=24&0&pload=107
Requested by
Host: kneeansweras.com
URL: https://kneeansweras.com/submit.min.js?2.0
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
109.206.162.83 , Netherlands, ASN50245 (SERVEREL-AS, NL),
Reverse DNS
83.162.serverel.net
Software
nginx /
Resource Hash
96a6a64f551403f9a778584cf7aa4e85e3a95a730488dffbdc3cbb18717a06ec

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36
Accept-Language
nl-NL,nl;q=0.9

Response headers

server
nginx
date
Fri, 03 Dec 2021 16:22:48 GMT
content-type
text/html; charset=utf-8
vary
Accept-Encoding
content-encoding
gzip
timing-allow-origin
*
index.html
517s61.reminews.com/dannig/common-player-arrow/ 		6 KB
7 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://517s61.reminews.com/dannig/common-player-arrow/index.html?var=1541502&ymid=2112031122eb1231434b7744e7a37bb9403e&rc=1&mrc=0&fsc=0&zoneid=1601571&tburl=https://play-vids.com/?geo=nl&proxy=true
Requested by
Host: kneeansweras.com
URL: https://kneeansweras.com/?r=dir&zoneid=1541502&var=1541501&pb=50af4087681193594b5a3cddeff226c41638555768&psp=Bq_nWk2sXJisywEBjD_q-O78d0GQdwaGg4mArNcQPjaEQYrh1Dstr9TBbZ5i_ehaCvWzh2j_lxW_4KV9Y0xxAr3Ci4ZLKK3-Z20eNNgnibtH45CzSXLxnxKH_hd2Tl6_xdg_KjYu7IKvxQNNRCWarII6c-Z1TvhtEzODCC41Aj3gKht6yLvzoQYe9xyjhd0SYPd8guAgN34lH8CVfWFqWrpzVlNTRnaHuX2FdOgRtMpMWaf8by9Mxi9uXxnOsVmRSjYHYmzj9M_ckkuCtYbqCet9Fl8TTAqRqZMdCjmhYVMnRdS9F61Tx38r_uIKmpmgjdVeyNOtftLQ8W_4_IM9KB7n6-meDb3wGBF-yXg7zmZUH41fOiMkEDwDyVG20HgFaLLjiEVoCcT-5n_0Pw7_RGt-8W1rWtVmfjUPHcs6e5FmX-geMa70CrIRKiUcA6o3uU1JJvA2hlkvJGLHjYIArVmo6AvnqVJ4_QuXVCaWiLirgNgy92ah7S1IaVApGbzsnJCWeAUiAXasqulZTePtzvYWUfuKuBsmUIfwOm4l5wJ-Ik4JtrrLJymL2m9YLVetQTgpttzBGJ2YCey9VO--z90gNnAnivpMUYZKMfjmDcmRYJhLe7lSE8hxmema52TNRXOb1y2fgjpOZQDLTpxCYLg03StqdN54To52oOguhzwnGAzRdlhZKg==&nojs=0&ix=0&t=0&x=1600&y=1200&wcks=1&wgl=1&cnvs=1&os=0&md=0&bb=0&pl=Chrome%20PDF%20Plugin::Chrome%20PDF%20Viewer::Native%20Client&lang=en-US&pf=Linux%20x86_64&cd=24&0&pload=107
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
45.133.44.3 Philadelphia, United States, ASN39572 (ADVANCEDHOSTERS-AS, NL),
Reverse DNS
Software
nginx/1.18.0 /
Resource Hash
dccc56b4834577790633f041a5c730b0f283352e63c8509a9da3961b170b6f96

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36
Accept-Language
nl-NL,nl;q=0.9

Response headers

date
Fri, 03 Dec 2021 16:22:48 GMT
content-type
text/html; charset=utf-8
content-length
6611
server
nginx/1.18.0
last-modified
Tue, 26 Oct 2021 15:52:40 GMT
etag
f46a63e0e4e733d7ddc6f46da00863bf
x-timestamp
1635263559.76455
x-trans-id
txf9973ab5455e4f86ae257-00617824f3
x-openstack-request-id
txf9973ab5455e4f86ae257-00617824f3
cache-control
max-age=172800
access-control-allow-origin
*
access-control-allow-methods
HEAD,GET,POST,PUT,PATCH,DELETE,OPTIONS
access-control-allow-headers
Content-Type,X-Requested-With,X-Auth-Token,X-Openstack-Request-Id,X-Container-Meta-type,X-Container-Meta-Temp-URL-Key,Authorization
access-control-expose-headers
X-Container-Meta-Temp-Url-Key,X-Container-Bytes-Used,Last-Modified,X-Timestamp
expires
Sun, 05 Dec 2021 16:22:48 GMT
vary
Accept-Encoding
x-proxy-cache
HIT
accept-ranges
bytes
dupa.gif
kneeansweras.com/ 		0
0
script.js
123.selornews.com/dannig/common-player-arrow/ 		4 KB
5 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://123.selornews.com/dannig/common-player-arrow/script.js?a=19
Requested by
Host: 517s61.reminews.com
URL: https://517s61.reminews.com/dannig/common-player-arrow/index.html?var=1541502&ymid=2112031122eb1231434b7744e7a37bb9403e&rc=1&mrc=0&fsc=0&zoneid=1601571&tburl=https://play-vids.com/?geo=nl&proxy=true
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
45.133.44.4 Philadelphia, United States, ASN39572 (ADVANCEDHOSTERS-AS, NL),
Reverse DNS
Software
nginx/1.18.0 /
Resource Hash
4d23eca65ee87fd5bce9aaefc863c5f836ad13dbb3069c72533bddfe2054d0d9

Request headers

Accept-Language
nl-NL,nl;q=0.9
Referer
https://517s61.reminews.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date
Fri, 03 Dec 2021 16:22:48 GMT
x-openstack-request-id
tx511d3042704c4fa98c709-00617824f4
x-trans-id
tx511d3042704c4fa98c709-00617824f4
x-timestamp
1631013005.68768
accept-ranges
bytes
expires
Sun, 05 Dec 2021 16:22:48 GMT
last-modified
Tue, 07 Sep 2021 11:10:06 GMT
server
nginx/1.18.0
etag
9d479878f1dadd7ee15cebf73891e8ae
vary
Accept-Encoding
access-control-allow-methods
HEAD,GET,POST,PUT,PATCH,DELETE,OPTIONS
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
access-control-expose-headers
X-Container-Meta-Temp-Url-Key,X-Container-Bytes-Used,Last-Modified,X-Timestamp
cache-control
max-age=172800
content-length
4281
access-control-allow-headers
Content-Type,X-Requested-With,X-Auth-Token,X-Openstack-Request-Id,X-Container-Meta-type,X-Container-Meta-Temp-URL-Key,Authorization
x-proxy-cache
HIT
icon1.png
123.selornews.com/dannig/common-player-arrow/img/ 		7 KB
8 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://123.selornews.com/dannig/common-player-arrow/img/icon1.png
Requested by
Host: 517s61.reminews.com
URL: https://517s61.reminews.com/dannig/common-player-arrow/index.html?var=1541502&ymid=2112031122eb1231434b7744e7a37bb9403e&rc=1&mrc=0&fsc=0&zoneid=1601571&tburl=https://play-vids.com/?geo=nl&proxy=true
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
45.133.44.4 Philadelphia, United States, ASN39572 (ADVANCEDHOSTERS-AS, NL),
Reverse DNS
Software
nginx/1.18.0 /
Resource Hash

Request headers

Accept-Language
nl-NL,nl;q=0.9
Referer
https://517s61.reminews.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date
Fri, 03 Dec 2021 16:22:48 GMT
x-openstack-request-id
tx3a371b7f911d47879e956-00617824f4
x-trans-id
tx3a371b7f911d47879e956-00617824f4
x-timestamp
1621260766.56573
accept-ranges
bytes
expires
Sun, 05 Dec 2021 16:22:48 GMT
last-modified
Mon, 17 May 2021 14:12:47 GMT
server
nginx/1.18.0
etag
3d0ab5834c8bf7134e4d21fa3288317f
vary
Accept-Encoding
access-control-allow-methods
HEAD,GET,POST,PUT,PATCH,DELETE,OPTIONS
content-type
image/png
access-control-allow-origin
*
access-control-expose-headers
X-Container-Meta-Temp-Url-Key,X-Container-Bytes-Used,Last-Modified,X-Timestamp
cache-control
max-age=172800
content-length
7252
access-control-allow-headers
Content-Type,X-Requested-With,X-Auth-Token,X-Openstack-Request-Id,X-Container-Meta-type,X-Container-Meta-Temp-URL-Key,Authorization
x-proxy-cache
HIT
icon2.png
123.selornews.com/dannig/common-player-arrow/img/ 		4 KB
5 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://123.selornews.com/dannig/common-player-arrow/img/icon2.png
Requested by
Host: 517s61.reminews.com
URL: https://517s61.reminews.com/dannig/common-player-arrow/index.html?var=1541502&ymid=2112031122eb1231434b7744e7a37bb9403e&rc=1&mrc=0&fsc=0&zoneid=1601571&tburl=https://play-vids.com/?geo=nl&proxy=true
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
45.133.44.4 Philadelphia, United States, ASN39572 (ADVANCEDHOSTERS-AS, NL),
Reverse DNS
Software
nginx/1.18.0 /
Resource Hash

Request headers

Accept-Language
nl-NL,nl;q=0.9
Referer
https://517s61.reminews.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date
Fri, 03 Dec 2021 16:22:49 GMT
x-openstack-request-id
txa9b08c83d6884e2e94886-00617824f0
x-trans-id
txa9b08c83d6884e2e94886-00617824f0
x-timestamp
1621260766.58366
accept-ranges
bytes
expires
Sun, 05 Dec 2021 16:22:49 GMT
last-modified
Mon, 17 May 2021 14:12:47 GMT
server
nginx/1.18.0
etag
c947d439eb93367f1af5b2a3d222f057
vary
Accept-Encoding
access-control-allow-methods
HEAD,GET,POST,PUT,PATCH,DELETE,OPTIONS
content-type
image/png
access-control-allow-origin
*
access-control-expose-headers
X-Container-Meta-Temp-Url-Key,X-Container-Bytes-Used,Last-Modified,X-Timestamp
cache-control
max-age=172800
content-length
4576
access-control-allow-headers
Content-Type,X-Requested-With,X-Auth-Token,X-Openstack-Request-Id,X-Container-Meta-type,X-Container-Meta-Temp-URL-Key,Authorization
x-proxy-cache
HIT
icon3.png
123.selornews.com/dannig/common-player-arrow/img/ 		8 KB
8 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://123.selornews.com/dannig/common-player-arrow/img/icon3.png
Requested by
Host: 517s61.reminews.com
URL: https://517s61.reminews.com/dannig/common-player-arrow/index.html?var=1541502&ymid=2112031122eb1231434b7744e7a37bb9403e&rc=1&mrc=0&fsc=0&zoneid=1601571&tburl=https://play-vids.com/?geo=nl&proxy=true
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
45.133.44.4 Philadelphia, United States, ASN39572 (ADVANCEDHOSTERS-AS, NL),
Reverse DNS
Software
nginx/1.18.0 /
Resource Hash

Request headers

Accept-Language
nl-NL,nl;q=0.9
Referer
https://517s61.reminews.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date
Fri, 03 Dec 2021 16:22:49 GMT
x-openstack-request-id
txe836bc800dc74cab8c17e-00617824f0
x-trans-id
txe836bc800dc74cab8c17e-00617824f0
x-timestamp
1621260770.61859
accept-ranges
bytes
expires
Sun, 05 Dec 2021 16:22:49 GMT
last-modified
Mon, 17 May 2021 14:12:51 GMT
server
nginx/1.18.0
etag
8f3cc830da0b1fdf66bda7d1d734747b
vary
Accept-Encoding
access-control-allow-methods
HEAD,GET,POST,PUT,PATCH,DELETE,OPTIONS
content-type
image/png
access-control-allow-origin
*
access-control-expose-headers
X-Container-Meta-Temp-Url-Key,X-Container-Bytes-Used,Last-Modified,X-Timestamp
cache-control
max-age=172800
content-length
7847
access-control-allow-headers
Content-Type,X-Requested-With,X-Auth-Token,X-Openstack-Request-Id,X-Container-Meta-type,X-Container-Meta-Temp-URL-Key,Authorization
x-proxy-cache
HIT
icon4.png
123.selornews.com/dannig/common-player-arrow/img/ 		7 KB
7 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://123.selornews.com/dannig/common-player-arrow/img/icon4.png
Requested by
Host: 517s61.reminews.com
URL: https://517s61.reminews.com/dannig/common-player-arrow/index.html?var=1541502&ymid=2112031122eb1231434b7744e7a37bb9403e&rc=1&mrc=0&fsc=0&zoneid=1601571&tburl=https://play-vids.com/?geo=nl&proxy=true
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
45.133.44.4 Philadelphia, United States, ASN39572 (ADVANCEDHOSTERS-AS, NL),
Reverse DNS
Software
nginx/1.18.0 /
Resource Hash

Request headers

Accept-Language
nl-NL,nl;q=0.9
Referer
https://517s61.reminews.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date
Fri, 03 Dec 2021 16:22:49 GMT
x-openstack-request-id
tx15b172dcb6084849bf123-00617824f0
x-trans-id
tx15b172dcb6084849bf123-00617824f0
x-timestamp
1621260766.57654
accept-ranges
bytes
expires
Sun, 05 Dec 2021 16:22:49 GMT
last-modified
Mon, 17 May 2021 14:12:47 GMT
server
nginx/1.18.0
etag
7ad7f32c1c0df7b4975cc41bda4ac435
vary
Accept-Encoding
access-control-allow-methods
HEAD,GET,POST,PUT,PATCH,DELETE,OPTIONS
content-type
image/png
access-control-allow-origin
*
access-control-expose-headers
X-Container-Meta-Temp-Url-Key,X-Container-Bytes-Used,Last-Modified,X-Timestamp
cache-control
max-age=172800
content-length
7032
access-control-allow-headers
Content-Type,X-Requested-With,X-Auth-Token,X-Openstack-Request-Id,X-Container-Meta-type,X-Container-Meta-Temp-URL-Key,Authorization
x-proxy-cache
HIT
icon5.png
123.selornews.com/dannig/common-player-arrow/img/ 		3 KB
4 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://123.selornews.com/dannig/common-player-arrow/img/icon5.png
Requested by
Host: 517s61.reminews.com
URL: https://517s61.reminews.com/dannig/common-player-arrow/index.html?var=1541502&ymid=2112031122eb1231434b7744e7a37bb9403e&rc=1&mrc=0&fsc=0&zoneid=1601571&tburl=https://play-vids.com/?geo=nl&proxy=true
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
45.133.44.4 Philadelphia, United States, ASN39572 (ADVANCEDHOSTERS-AS, NL),
Reverse DNS
Software
nginx/1.18.0 /
Resource Hash

Request headers

Accept-Language
nl-NL,nl;q=0.9
Referer
https://517s61.reminews.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date
Fri, 03 Dec 2021 16:22:49 GMT
x-openstack-request-id
txb5043e51fe2e4d6988631-00617824f0
x-trans-id
txb5043e51fe2e4d6988631-00617824f0
x-timestamp
1621260766.74516
accept-ranges
bytes
expires
Sun, 05 Dec 2021 16:22:49 GMT
last-modified
Mon, 17 May 2021 14:12:47 GMT
server
nginx/1.18.0
etag
1e1a7582b5da63e10485d63f97abc9a0
vary
Accept-Encoding
access-control-allow-methods
HEAD,GET,POST,PUT,PATCH,DELETE,OPTIONS
content-type
image/png
access-control-allow-origin
*
access-control-expose-headers
X-Container-Meta-Temp-Url-Key,X-Container-Bytes-Used,Last-Modified,X-Timestamp
cache-control
max-age=172800
content-length
3264
access-control-allow-headers
Content-Type,X-Requested-With,X-Auth-Token,X-Openstack-Request-Id,X-Container-Meta-type,X-Container-Meta-Temp-URL-Key,Authorization
x-proxy-cache
HIT
icon7.png
123.selornews.com/dannig/common-player-arrow/img/ 		3 KB
4 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://123.selornews.com/dannig/common-player-arrow/img/icon7.png
Requested by
Host: 517s61.reminews.com
URL: https://517s61.reminews.com/dannig/common-player-arrow/index.html?var=1541502&ymid=2112031122eb1231434b7744e7a37bb9403e&rc=1&mrc=0&fsc=0&zoneid=1601571&tburl=https://play-vids.com/?geo=nl&proxy=true
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
45.133.44.4 Philadelphia, United States, ASN39572 (ADVANCEDHOSTERS-AS, NL),
Reverse DNS
Software
nginx/1.18.0 /
Resource Hash

Request headers

Accept-Language
nl-NL,nl;q=0.9
Referer
https://517s61.reminews.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date
Fri, 03 Dec 2021 16:22:49 GMT
x-openstack-request-id
tx23eb648f44094a9e86fdc-00617824f0
x-trans-id
tx23eb648f44094a9e86fdc-00617824f0
x-timestamp
1621260767.43555
accept-ranges
bytes
expires
Sun, 05 Dec 2021 16:22:49 GMT
last-modified
Mon, 17 May 2021 14:12:48 GMT
server
nginx/1.18.0
etag
b512735542cb07b3b2dcf153a7dfe456
vary
Accept-Encoding
access-control-allow-methods
HEAD,GET,POST,PUT,PATCH,DELETE,OPTIONS
content-type
image/png
access-control-allow-origin
*
access-control-expose-headers
X-Container-Meta-Temp-Url-Key,X-Container-Bytes-Used,Last-Modified,X-Timestamp
cache-control
max-age=172800
content-length
3283
access-control-allow-headers
Content-Type,X-Requested-With,X-Auth-Token,X-Openstack-Request-Id,X-Container-Meta-type,X-Container-Meta-Temp-URL-Key,Authorization
x-proxy-cache
HIT
icon8.png
123.selornews.com/dannig/common-player-arrow/img/ 		4 KB
5 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://123.selornews.com/dannig/common-player-arrow/img/icon8.png
Requested by
Host: 517s61.reminews.com
URL: https://517s61.reminews.com/dannig/common-player-arrow/index.html?var=1541502&ymid=2112031122eb1231434b7744e7a37bb9403e&rc=1&mrc=0&fsc=0&zoneid=1601571&tburl=https://play-vids.com/?geo=nl&proxy=true
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
45.133.44.4 Philadelphia, United States, ASN39572 (ADVANCEDHOSTERS-AS, NL),
Reverse DNS
Software
nginx/1.18.0 /
Resource Hash

Request headers

Accept-Language
nl-NL,nl;q=0.9
Referer
https://517s61.reminews.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date
Fri, 03 Dec 2021 16:22:49 GMT
x-openstack-request-id
tx287de7c84de84b77b385d-00617824f0
x-trans-id
tx287de7c84de84b77b385d-00617824f0
x-timestamp
1621260767.46514
accept-ranges
bytes
expires
Sun, 05 Dec 2021 16:22:49 GMT
last-modified
Mon, 17 May 2021 14:12:48 GMT
server
nginx/1.18.0
etag
f92d6474ebc6a3a0b576749cfb4afe98
vary
Accept-Encoding
access-control-allow-methods
HEAD,GET,POST,PUT,PATCH,DELETE,OPTIONS
content-type
image/png
access-control-allow-origin
*
access-control-expose-headers
X-Container-Meta-Temp-Url-Key,X-Container-Bytes-Used,Last-Modified,X-Timestamp
cache-control
max-age=172800
content-length
4064
access-control-allow-headers
Content-Type,X-Requested-With,X-Auth-Token,X-Openstack-Request-Id,X-Container-Meta-type,X-Container-Meta-Temp-URL-Key,Authorization
x-proxy-cache
HIT
afu.php
kneeansweras.com/ 		2 KB
1 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://kneeansweras.com/afu.php?zoneid=1541501&var=1541502
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
109.206.162.83 , Netherlands, ASN50245 (SERVEREL-AS, NL),
Reverse DNS
83.162.serverel.net
Software
nginx /
Resource Hash
99919612925853518e3ef11296a8cc4c1dcf411d89c405362f018e329cbea8d3

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36
Accept-Language
nl-NL,nl;q=0.9

Response headers

server
nginx
date
Fri, 03 Dec 2021 16:22:49 GMT
content-type
text/html; charset=utf-8
vary
Accept-Encoding
content-encoding
gzip
timing-allow-origin
*
submit.min.js
kneeansweras.com/ 		34 KB
14 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://kneeansweras.com/submit.min.js?2.0
Requested by
Host: kneeansweras.com
URL: https://kneeansweras.com/afu.php?zoneid=1541501&var=1541502
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
109.206.162.83 , Netherlands, ASN50245 (SERVEREL-AS, NL),
Reverse DNS
83.162.serverel.net
Software
nginx /
Resource Hash
85a367f436675a0f9ff723ab117c68ab0f704cd9f183bc40c8d5e06d647832b8

Request headers

Accept-Language
nl-NL,nl;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date
Fri, 03 Dec 2021 16:22:49 GMT
content-encoding
gzip
last-modified
Thu, 02 Dec 2021 12:43:17 GMT
server
nginx
etag
W/"61a8bf65-87fb"
vary
Accept-Encoding
content-type
application/javascript
timing-allow-origin
*
/
kneeansweras.com/ 		3 KB
2 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://kneeansweras.com/?r=dir&zoneid=1541501&var=1541502&pb=8ba924a49fc342658365eb2670e52f671638555769&psp=tlogJFVVkeU0ya_z7m8nT8HaBETdSxjr1nfNwrIjtLsdoLhKcE42yf68G2vJfXe_QAXv4Ki5CKNBWKEIzL7faIwmNfQjAJ-wf3_4bxtSQdmbqXPxnDikFQPqYB100Q_gbRe9asaciWqEMVf_lmNXJ4iWsWIU66s0ohidT1Ni1lR4jCcFUjL5Dhw1o1QQB3_ddUIV5-6UhP21576YPEZAkM0MdxWKES2O2DIvfILqrs8wXs7xj0IvwgdmxwPv3U7jeYKXHUCjNFKD00eXeKtKeei8eUNVfaXFCjeN6ByTMCKFbReHElRGuNoXP17YSfmBdXrp_aTR25Gb2FvS6IcEZJ1PqETRDQ1ta3-Y8s2Q80vHmW3rzdvYfybdTyOaIWKjNRwxEmkKfqAWqMcZoSByRkzALRqNTrn1GH_GAn9018I_Ghohz0AXIgHpw_1Z2M5-nHGQW_b6ae08tFvC5RiFrPzQSULFGCaa8yrnSXnQZWtzsMZ4qf3wmfX_MLBCpQ8swbCT1rNxmABgamVRZKz-yNj9PRigN_HnQRM87Atj42FIfLREm_xS3BAcsYlfpWmMn3n83rka_gJP8QTJbUi0EMkGFf6r5v1QyMIT1kHF8m-07jV6JSOsFcUYjwjdpwx9uTXvgucQmqsM1UaVT7GCWq_fOPq0MOx1LjfvCpIGmfXUNixnMpNQNQ==&nojs=0&ix=0&t=0&x=1600&y=1200&wcks=1&wgl=1&cnvs=1&os=0&md=0&bb=0&pl=Chrome%20PDF%20Plugin::Chrome%20PDF%20Viewer::Native%20Client&lang=en-US&pf=Linux%20x86_64&cd=24&0&pload=97
Requested by
Host: kneeansweras.com
URL: https://kneeansweras.com/submit.min.js?2.0
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
109.206.162.83 , Netherlands, ASN50245 (SERVEREL-AS, NL),
Reverse DNS
83.162.serverel.net
Software
nginx /
Resource Hash
8fa6a6fe5109d317786fc5ff4916914a1d79c70916ef5374cd14cd77b93e0c6e

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36
Accept-Language
nl-NL,nl;q=0.9

Response headers

server
nginx
date
Fri, 03 Dec 2021 16:22:49 GMT
content-type
text/html; charset=utf-8
vary
Accept-Encoding
content-encoding
gzip
timing-allow-origin
*
index.html
517s61.reminews.com/dannig/common-player-arrow/ 		6 KB
7 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://517s61.reminews.com/dannig/common-player-arrow/index.html?var=1541501&ymid=2112031122254315e464524c0d9c2a16242b&rc=1&mrc=0&fsc=0&zoneid=1601571&tburl=https://play-vids.com/?geo=nl&proxy=true
Requested by
Host: kneeansweras.com
URL: https://kneeansweras.com/?r=dir&zoneid=1541501&var=1541502&pb=8ba924a49fc342658365eb2670e52f671638555769&psp=tlogJFVVkeU0ya_z7m8nT8HaBETdSxjr1nfNwrIjtLsdoLhKcE42yf68G2vJfXe_QAXv4Ki5CKNBWKEIzL7faIwmNfQjAJ-wf3_4bxtSQdmbqXPxnDikFQPqYB100Q_gbRe9asaciWqEMVf_lmNXJ4iWsWIU66s0ohidT1Ni1lR4jCcFUjL5Dhw1o1QQB3_ddUIV5-6UhP21576YPEZAkM0MdxWKES2O2DIvfILqrs8wXs7xj0IvwgdmxwPv3U7jeYKXHUCjNFKD00eXeKtKeei8eUNVfaXFCjeN6ByTMCKFbReHElRGuNoXP17YSfmBdXrp_aTR25Gb2FvS6IcEZJ1PqETRDQ1ta3-Y8s2Q80vHmW3rzdvYfybdTyOaIWKjNRwxEmkKfqAWqMcZoSByRkzALRqNTrn1GH_GAn9018I_Ghohz0AXIgHpw_1Z2M5-nHGQW_b6ae08tFvC5RiFrPzQSULFGCaa8yrnSXnQZWtzsMZ4qf3wmfX_MLBCpQ8swbCT1rNxmABgamVRZKz-yNj9PRigN_HnQRM87Atj42FIfLREm_xS3BAcsYlfpWmMn3n83rka_gJP8QTJbUi0EMkGFf6r5v1QyMIT1kHF8m-07jV6JSOsFcUYjwjdpwx9uTXvgucQmqsM1UaVT7GCWq_fOPq0MOx1LjfvCpIGmfXUNixnMpNQNQ==&nojs=0&ix=0&t=0&x=1600&y=1200&wcks=1&wgl=1&cnvs=1&os=0&md=0&bb=0&pl=Chrome%20PDF%20Plugin::Chrome%20PDF%20Viewer::Native%20Client&lang=en-US&pf=Linux%20x86_64&cd=24&0&pload=97
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
45.133.44.3 Philadelphia, United States, ASN39572 (ADVANCEDHOSTERS-AS, NL),
Reverse DNS
Software
nginx/1.18.0 /
Resource Hash
dccc56b4834577790633f041a5c730b0f283352e63c8509a9da3961b170b6f96

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36
Accept-Language
nl-NL,nl;q=0.9

Response headers

date
Fri, 03 Dec 2021 16:22:49 GMT
content-type
text/html; charset=utf-8
content-length
6611
server
nginx/1.18.0
last-modified
Tue, 26 Oct 2021 15:52:40 GMT
etag
f46a63e0e4e733d7ddc6f46da00863bf
x-timestamp
1635263559.76455
x-trans-id
txf9973ab5455e4f86ae257-00617824f3
x-openstack-request-id
txf9973ab5455e4f86ae257-00617824f3
cache-control
max-age=172800
access-control-allow-origin
*
access-control-allow-methods
HEAD,GET,POST,PUT,PATCH,DELETE,OPTIONS
access-control-allow-headers
Content-Type,X-Requested-With,X-Auth-Token,X-Openstack-Request-Id,X-Container-Meta-type,X-Container-Meta-Temp-URL-Key,Authorization
access-control-expose-headers
X-Container-Meta-Temp-Url-Key,X-Container-Bytes-Used,Last-Modified,X-Timestamp
expires
Sun, 05 Dec 2021 16:22:49 GMT
vary
Accept-Encoding
x-proxy-cache
HIT
accept-ranges
bytes
dupa.gif
kneeansweras.com/ 		0
0
script.js
123.selornews.com/dannig/common-player-arrow/ 		4 KB
5 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://123.selornews.com/dannig/common-player-arrow/script.js?a=19
Requested by
Host: 517s61.reminews.com
URL: https://517s61.reminews.com/dannig/common-player-arrow/index.html?var=1541501&ymid=2112031122254315e464524c0d9c2a16242b&rc=1&mrc=0&fsc=0&zoneid=1601571&tburl=https://play-vids.com/?geo=nl&proxy=true
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
45.133.44.4 Philadelphia, United States, ASN39572 (ADVANCEDHOSTERS-AS, NL),
Reverse DNS
Software
nginx/1.18.0 /
Resource Hash
4d23eca65ee87fd5bce9aaefc863c5f836ad13dbb3069c72533bddfe2054d0d9

Request headers

Accept-Language
nl-NL,nl;q=0.9
Referer
https://517s61.reminews.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date
Fri, 03 Dec 2021 16:22:49 GMT
x-openstack-request-id
tx511d3042704c4fa98c709-00617824f4
x-trans-id
tx511d3042704c4fa98c709-00617824f4
x-timestamp
1631013005.68768
accept-ranges
bytes
expires
Sun, 05 Dec 2021 16:22:49 GMT
last-modified
Tue, 07 Sep 2021 11:10:06 GMT
server
nginx/1.18.0
etag
9d479878f1dadd7ee15cebf73891e8ae
vary
Accept-Encoding
access-control-allow-methods
HEAD,GET,POST,PUT,PATCH,DELETE,OPTIONS
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
access-control-expose-headers
X-Container-Meta-Temp-Url-Key,X-Container-Bytes-Used,Last-Modified,X-Timestamp
cache-control
max-age=172800
content-length
4281
access-control-allow-headers
Content-Type,X-Requested-With,X-Auth-Token,X-Openstack-Request-Id,X-Container-Meta-type,X-Container-Meta-Temp-URL-Key,Authorization
x-proxy-cache
HIT
icon1.png
123.selornews.com/dannig/common-player-arrow/img/ 		7 KB
8 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://123.selornews.com/dannig/common-player-arrow/img/icon1.png
Requested by
Host: 517s61.reminews.com
URL: https://517s61.reminews.com/dannig/common-player-arrow/index.html?var=1541501&ymid=2112031122254315e464524c0d9c2a16242b&rc=1&mrc=0&fsc=0&zoneid=1601571&tburl=https://play-vids.com/?geo=nl&proxy=true
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
45.133.44.4 Philadelphia, United States, ASN39572 (ADVANCEDHOSTERS-AS, NL),
Reverse DNS
Software
nginx/1.18.0 /
Resource Hash

Request headers

Accept-Language
nl-NL,nl;q=0.9
Referer
https://517s61.reminews.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date
Fri, 03 Dec 2021 16:22:49 GMT
x-openstack-request-id
tx3a371b7f911d47879e956-00617824f4
x-trans-id
tx3a371b7f911d47879e956-00617824f4
x-timestamp
1621260766.56573
accept-ranges
bytes
expires
Sun, 05 Dec 2021 16:22:49 GMT
last-modified
Mon, 17 May 2021 14:12:47 GMT
server
nginx/1.18.0
etag
3d0ab5834c8bf7134e4d21fa3288317f
vary
Accept-Encoding
access-control-allow-methods
HEAD,GET,POST,PUT,PATCH,DELETE,OPTIONS
content-type
image/png
access-control-allow-origin
*
access-control-expose-headers
X-Container-Meta-Temp-Url-Key,X-Container-Bytes-Used,Last-Modified,X-Timestamp
cache-control
max-age=172800
content-length
7252
access-control-allow-headers
Content-Type,X-Requested-With,X-Auth-Token,X-Openstack-Request-Id,X-Container-Meta-type,X-Container-Meta-Temp-URL-Key,Authorization
x-proxy-cache
HIT
icon2.png
123.selornews.com/dannig/common-player-arrow/img/ 		4 KB
5 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://123.selornews.com/dannig/common-player-arrow/img/icon2.png
Requested by
Host: 517s61.reminews.com
URL: https://517s61.reminews.com/dannig/common-player-arrow/index.html?var=1541501&ymid=2112031122254315e464524c0d9c2a16242b&rc=1&mrc=0&fsc=0&zoneid=1601571&tburl=https://play-vids.com/?geo=nl&proxy=true
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
45.133.44.4 Philadelphia, United States, ASN39572 (ADVANCEDHOSTERS-AS, NL),
Reverse DNS
Software
nginx/1.18.0 /
Resource Hash

Request headers

Accept-Language
nl-NL,nl;q=0.9
Referer
https://517s61.reminews.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date
Fri, 03 Dec 2021 16:22:49 GMT
x-openstack-request-id
txa9b08c83d6884e2e94886-00617824f0
x-trans-id
txa9b08c83d6884e2e94886-00617824f0
x-timestamp
1621260766.58366
accept-ranges
bytes
expires
Sun, 05 Dec 2021 16:22:49 GMT
last-modified
Mon, 17 May 2021 14:12:47 GMT
server
nginx/1.18.0
etag
c947d439eb93367f1af5b2a3d222f057
vary
Accept-Encoding
access-control-allow-methods
HEAD,GET,POST,PUT,PATCH,DELETE,OPTIONS
content-type
image/png
access-control-allow-origin
*
access-control-expose-headers
X-Container-Meta-Temp-Url-Key,X-Container-Bytes-Used,Last-Modified,X-Timestamp
cache-control
max-age=172800
content-length
4576
access-control-allow-headers
Content-Type,X-Requested-With,X-Auth-Token,X-Openstack-Request-Id,X-Container-Meta-type,X-Container-Meta-Temp-URL-Key,Authorization
x-proxy-cache
HIT
icon3.png
123.selornews.com/dannig/common-player-arrow/img/ 		8 KB
8 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://123.selornews.com/dannig/common-player-arrow/img/icon3.png
Requested by
Host: 517s61.reminews.com
URL: https://517s61.reminews.com/dannig/common-player-arrow/index.html?var=1541501&ymid=2112031122254315e464524c0d9c2a16242b&rc=1&mrc=0&fsc=0&zoneid=1601571&tburl=https://play-vids.com/?geo=nl&proxy=true
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
45.133.44.4 Philadelphia, United States, ASN39572 (ADVANCEDHOSTERS-AS, NL),
Reverse DNS
Software
nginx/1.18.0 /
Resource Hash

Request headers

Accept-Language
nl-NL,nl;q=0.9
Referer
https://517s61.reminews.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date
Fri, 03 Dec 2021 16:22:49 GMT
x-openstack-request-id
txe836bc800dc74cab8c17e-00617824f0
x-trans-id
txe836bc800dc74cab8c17e-00617824f0
x-timestamp
1621260770.61859
accept-ranges
bytes
expires
Sun, 05 Dec 2021 16:22:49 GMT
last-modified
Mon, 17 May 2021 14:12:51 GMT
server
nginx/1.18.0
etag
8f3cc830da0b1fdf66bda7d1d734747b
vary
Accept-Encoding
access-control-allow-methods
HEAD,GET,POST,PUT,PATCH,DELETE,OPTIONS
content-type
image/png
access-control-allow-origin
*
access-control-expose-headers
X-Container-Meta-Temp-Url-Key,X-Container-Bytes-Used,Last-Modified,X-Timestamp
cache-control
max-age=172800
content-length
7847
access-control-allow-headers
Content-Type,X-Requested-With,X-Auth-Token,X-Openstack-Request-Id,X-Container-Meta-type,X-Container-Meta-Temp-URL-Key,Authorization
x-proxy-cache
HIT
icon4.png
123.selornews.com/dannig/common-player-arrow/img/ 		7 KB
7 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://123.selornews.com/dannig/common-player-arrow/img/icon4.png
Requested by
Host: 517s61.reminews.com
URL: https://517s61.reminews.com/dannig/common-player-arrow/index.html?var=1541501&ymid=2112031122254315e464524c0d9c2a16242b&rc=1&mrc=0&fsc=0&zoneid=1601571&tburl=https://play-vids.com/?geo=nl&proxy=true
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
45.133.44.4 Philadelphia, United States, ASN39572 (ADVANCEDHOSTERS-AS, NL),
Reverse DNS
Software
nginx/1.18.0 /
Resource Hash

Request headers

Accept-Language
nl-NL,nl;q=0.9
Referer
https://517s61.reminews.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date
Fri, 03 Dec 2021 16:22:49 GMT
x-openstack-request-id
tx15b172dcb6084849bf123-00617824f0
x-trans-id
tx15b172dcb6084849bf123-00617824f0
x-timestamp
1621260766.57654
accept-ranges
bytes
expires
Sun, 05 Dec 2021 16:22:49 GMT
last-modified
Mon, 17 May 2021 14:12:47 GMT
server
nginx/1.18.0
etag
7ad7f32c1c0df7b4975cc41bda4ac435
vary
Accept-Encoding
access-control-allow-methods
HEAD,GET,POST,PUT,PATCH,DELETE,OPTIONS
content-type
image/png
access-control-allow-origin
*
access-control-expose-headers
X-Container-Meta-Temp-Url-Key,X-Container-Bytes-Used,Last-Modified,X-Timestamp
cache-control
max-age=172800
content-length
7032
access-control-allow-headers
Content-Type,X-Requested-With,X-Auth-Token,X-Openstack-Request-Id,X-Container-Meta-type,X-Container-Meta-Temp-URL-Key,Authorization
x-proxy-cache
HIT
icon5.png
123.selornews.com/dannig/common-player-arrow/img/ 		3 KB
4 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://123.selornews.com/dannig/common-player-arrow/img/icon5.png
Requested by
Host: 517s61.reminews.com
URL: https://517s61.reminews.com/dannig/common-player-arrow/index.html?var=1541501&ymid=2112031122254315e464524c0d9c2a16242b&rc=1&mrc=0&fsc=0&zoneid=1601571&tburl=https://play-vids.com/?geo=nl&proxy=true
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
45.133.44.4 Philadelphia, United States, ASN39572 (ADVANCEDHOSTERS-AS, NL),
Reverse DNS
Software
nginx/1.18.0 /
Resource Hash

Request headers

Accept-Language
nl-NL,nl;q=0.9
Referer
https://517s61.reminews.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date
Fri, 03 Dec 2021 16:22:49 GMT
x-openstack-request-id
txb5043e51fe2e4d6988631-00617824f0
x-trans-id
txb5043e51fe2e4d6988631-00617824f0
x-timestamp
1621260766.74516
accept-ranges
bytes
expires
Sun, 05 Dec 2021 16:22:49 GMT
last-modified
Mon, 17 May 2021 14:12:47 GMT
server
nginx/1.18.0
etag
1e1a7582b5da63e10485d63f97abc9a0
vary
Accept-Encoding
access-control-allow-methods
HEAD,GET,POST,PUT,PATCH,DELETE,OPTIONS
content-type
image/png
access-control-allow-origin
*
access-control-expose-headers
X-Container-Meta-Temp-Url-Key,X-Container-Bytes-Used,Last-Modified,X-Timestamp
cache-control
max-age=172800
content-length
3264
access-control-allow-headers
Content-Type,X-Requested-With,X-Auth-Token,X-Openstack-Request-Id,X-Container-Meta-type,X-Container-Meta-Temp-URL-Key,Authorization
x-proxy-cache
HIT
icon7.png
123.selornews.com/dannig/common-player-arrow/img/ 		3 KB
4 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://123.selornews.com/dannig/common-player-arrow/img/icon7.png
Requested by
Host: 517s61.reminews.com
URL: https://517s61.reminews.com/dannig/common-player-arrow/index.html?var=1541501&ymid=2112031122254315e464524c0d9c2a16242b&rc=1&mrc=0&fsc=0&zoneid=1601571&tburl=https://play-vids.com/?geo=nl&proxy=true
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
45.133.44.4 Philadelphia, United States, ASN39572 (ADVANCEDHOSTERS-AS, NL),
Reverse DNS
Software
nginx/1.18.0 /
Resource Hash

Request headers

Accept-Language
nl-NL,nl;q=0.9
Referer
https://517s61.reminews.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date
Fri, 03 Dec 2021 16:22:49 GMT
x-openstack-request-id
tx23eb648f44094a9e86fdc-00617824f0
x-trans-id
tx23eb648f44094a9e86fdc-00617824f0
x-timestamp
1621260767.43555
accept-ranges
bytes
expires
Sun, 05 Dec 2021 16:22:49 GMT
last-modified
Mon, 17 May 2021 14:12:48 GMT
server
nginx/1.18.0
etag
b512735542cb07b3b2dcf153a7dfe456
vary
Accept-Encoding
access-control-allow-methods
HEAD,GET,POST,PUT,PATCH,DELETE,OPTIONS
content-type
image/png
access-control-allow-origin
*
access-control-expose-headers
X-Container-Meta-Temp-Url-Key,X-Container-Bytes-Used,Last-Modified,X-Timestamp
cache-control
max-age=172800
content-length
3283
access-control-allow-headers
Content-Type,X-Requested-With,X-Auth-Token,X-Openstack-Request-Id,X-Container-Meta-type,X-Container-Meta-Temp-URL-Key,Authorization
x-proxy-cache
HIT
icon8.png
123.selornews.com/dannig/common-player-arrow/img/ 		4 KB
5 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://123.selornews.com/dannig/common-player-arrow/img/icon8.png
Requested by
Host: 517s61.reminews.com
URL: https://517s61.reminews.com/dannig/common-player-arrow/index.html?var=1541501&ymid=2112031122254315e464524c0d9c2a16242b&rc=1&mrc=0&fsc=0&zoneid=1601571&tburl=https://play-vids.com/?geo=nl&proxy=true
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
45.133.44.4 Philadelphia, United States, ASN39572 (ADVANCEDHOSTERS-AS, NL),
Reverse DNS
Software
nginx/1.18.0 /
Resource Hash

Request headers

Accept-Language
nl-NL,nl;q=0.9
Referer
https://517s61.reminews.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date
Fri, 03 Dec 2021 16:22:49 GMT
x-openstack-request-id
tx287de7c84de84b77b385d-00617824f0
x-trans-id
tx287de7c84de84b77b385d-00617824f0
x-timestamp
1621260767.46514
accept-ranges
bytes
expires
Sun, 05 Dec 2021 16:22:49 GMT
last-modified
Mon, 17 May 2021 14:12:48 GMT
server
nginx/1.18.0
etag
f92d6474ebc6a3a0b576749cfb4afe98
vary
Accept-Encoding
access-control-allow-methods
HEAD,GET,POST,PUT,PATCH,DELETE,OPTIONS
content-type
image/png
access-control-allow-origin
*
access-control-expose-headers
X-Container-Meta-Temp-Url-Key,X-Container-Bytes-Used,Last-Modified,X-Timestamp
cache-control
max-age=172800
content-length
4064
access-control-allow-headers
Content-Type,X-Requested-With,X-Auth-Token,X-Openstack-Request-Id,X-Container-Meta-type,X-Container-Meta-Temp-URL-Key,Authorization
x-proxy-cache
HIT
afu.php
kneeansweras.com/ 		2 KB
1 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://kneeansweras.com/afu.php?zoneid=1541502&var=1541501
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
109.206.162.83 , Netherlands, ASN50245 (SERVEREL-AS, NL),
Reverse DNS
83.162.serverel.net
Software
nginx /
Resource Hash
43e09e9dd764eb2579290898ad540fbf6cf12d18b78406cac4cc2b9d77aa469e

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36
Accept-Language
nl-NL,nl;q=0.9

Response headers

server
nginx
date
Fri, 03 Dec 2021 16:22:49 GMT
content-type
text/html; charset=utf-8
vary
Accept-Encoding
content-encoding
gzip
timing-allow-origin
*
submit.min.js
kneeansweras.com/ 		34 KB
14 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://kneeansweras.com/submit.min.js?2.0
Requested by
Host: kneeansweras.com
URL: https://kneeansweras.com/afu.php?zoneid=1541502&var=1541501
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
109.206.162.83 , Netherlands, ASN50245 (SERVEREL-AS, NL),
Reverse DNS
83.162.serverel.net
Software
nginx /
Resource Hash
85a367f436675a0f9ff723ab117c68ab0f704cd9f183bc40c8d5e06d647832b8

Request headers

Accept-Language
nl-NL,nl;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date
Fri, 03 Dec 2021 16:22:49 GMT
content-encoding
gzip
last-modified
Thu, 02 Dec 2021 12:43:17 GMT
server
nginx
etag
W/"61a8bf65-87fb"
vary
Accept-Encoding
content-type
application/javascript
timing-allow-origin
*
/
kneeansweras.com/ 		3 KB
2 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://kneeansweras.com/?r=dir&zoneid=1541502&var=1541501&pb=8ba924a49fc342658365eb2670e52f671638555769&psp=kNweiItDdJhDGXmYakJwussQC01B3HIr5XCMQoIT6pnrWP1pBBmaR0-HlwlTcR833azoTSBqBVkS-cj4uOO2jas0BDGwR0W8LWPTR6c-SGi0PoWtEMMlk3NnHDaImcm8yngFqtOofife6lJjp6gL0giWYN5Qi37XK93l6FwwjB90mReiIbvW9pFWfRTFYv9e9Ia1uRGl27c6QlFwAJ5eGnCJg6KjUY7-kcz2BWAOuanb0Sk1f2Jue3_mXIBaaWfsHARg-mBllJa8Md5Jwxe0R4yZ-a_y4hPwFvl2v8pf1zHppH11Da02_iM07Q-De3a23xx5bvhSMvX_VYCS3MNvH6K4SdAZKNgxp-sJ9u15QKaNyJGiq4y0kMSQ9XHSAKPy6--Zb9SPrmX1ioEyeCuhGjFdKrxYET07viZCa49uAfQifia7m7EmDKQtCrDpDwJ5EqaISehjGhfq8mKiq38mT4ghuzzbJxFWBiO8uyL_tfwLwsZAqIAgTkmi9X2zhm4_1xEkZqCbdc1E_gO7qGxZwvVk61FbsjX3mrEiVPpxQt91WxAf7N1cpEVEIq8V92vsM_UEuomWTECpfc15cA3to5PjG_d-6cFo4edTMlb_oAiZbJyzmerRABGmPcindHX_fApw_Ump5KOBFMQSDdYXWjT9w--6GyCOrRhPJTsMVKkemgDK44zu7A==&nojs=0&ix=0&t=0&x=1600&y=1200&wcks=1&wgl=1&cnvs=1&os=0&md=0&bb=0&pl=Chrome%20PDF%20Plugin::Chrome%20PDF%20Viewer::Native%20Client&lang=en-US&pf=Linux%20x86_64&cd=24&0&pload=106
Requested by
Host: kneeansweras.com
URL: https://kneeansweras.com/submit.min.js?2.0
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
109.206.162.83 , Netherlands, ASN50245 (SERVEREL-AS, NL),
Reverse DNS
83.162.serverel.net
Software
nginx /
Resource Hash
9aafa208cc3602be9592d1c645034755cf34c4ed7622890db710c0775ae07a32

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36
Accept-Language
nl-NL,nl;q=0.9

Response headers

server
nginx
date
Fri, 03 Dec 2021 16:22:49 GMT
content-type
text/html; charset=utf-8
vary
Accept-Encoding
content-encoding
gzip
timing-allow-origin
*
index.html
517s61.reminews.com/dannig/common-player-arrow/ 		6 KB
7 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://517s61.reminews.com/dannig/common-player-arrow/index.html?var=1541502&ymid=2112031122fa05463c78a746e98acb682d0d&rc=1&mrc=0&fsc=0&zoneid=1601571&tburl=https://play-vids.com/?geo=nl&proxy=true
Requested by
Host: kneeansweras.com
URL: https://kneeansweras.com/?r=dir&zoneid=1541502&var=1541501&pb=8ba924a49fc342658365eb2670e52f671638555769&psp=kNweiItDdJhDGXmYakJwussQC01B3HIr5XCMQoIT6pnrWP1pBBmaR0-HlwlTcR833azoTSBqBVkS-cj4uOO2jas0BDGwR0W8LWPTR6c-SGi0PoWtEMMlk3NnHDaImcm8yngFqtOofife6lJjp6gL0giWYN5Qi37XK93l6FwwjB90mReiIbvW9pFWfRTFYv9e9Ia1uRGl27c6QlFwAJ5eGnCJg6KjUY7-kcz2BWAOuanb0Sk1f2Jue3_mXIBaaWfsHARg-mBllJa8Md5Jwxe0R4yZ-a_y4hPwFvl2v8pf1zHppH11Da02_iM07Q-De3a23xx5bvhSMvX_VYCS3MNvH6K4SdAZKNgxp-sJ9u15QKaNyJGiq4y0kMSQ9XHSAKPy6--Zb9SPrmX1ioEyeCuhGjFdKrxYET07viZCa49uAfQifia7m7EmDKQtCrDpDwJ5EqaISehjGhfq8mKiq38mT4ghuzzbJxFWBiO8uyL_tfwLwsZAqIAgTkmi9X2zhm4_1xEkZqCbdc1E_gO7qGxZwvVk61FbsjX3mrEiVPpxQt91WxAf7N1cpEVEIq8V92vsM_UEuomWTECpfc15cA3to5PjG_d-6cFo4edTMlb_oAiZbJyzmerRABGmPcindHX_fApw_Ump5KOBFMQSDdYXWjT9w--6GyCOrRhPJTsMVKkemgDK44zu7A==&nojs=0&ix=0&t=0&x=1600&y=1200&wcks=1&wgl=1&cnvs=1&os=0&md=0&bb=0&pl=Chrome%20PDF%20Plugin::Chrome%20PDF%20Viewer::Native%20Client&lang=en-US&pf=Linux%20x86_64&cd=24&0&pload=106
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
45.133.44.3 Philadelphia, United States, ASN39572 (ADVANCEDHOSTERS-AS, NL),
Reverse DNS
Software
nginx/1.18.0 /
Resource Hash
dccc56b4834577790633f041a5c730b0f283352e63c8509a9da3961b170b6f96

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36
Accept-Language
nl-NL,nl;q=0.9

Response headers

date
Fri, 03 Dec 2021 16:22:49 GMT
content-type
text/html; charset=utf-8
content-length
6611
server
nginx/1.18.0
last-modified
Tue, 26 Oct 2021 15:52:40 GMT
etag
f46a63e0e4e733d7ddc6f46da00863bf
x-timestamp
1635263559.76455
x-trans-id
txf9973ab5455e4f86ae257-00617824f3
x-openstack-request-id
txf9973ab5455e4f86ae257-00617824f3
cache-control
max-age=172800
access-control-allow-origin
*
access-control-allow-methods
HEAD,GET,POST,PUT,PATCH,DELETE,OPTIONS
access-control-allow-headers
Content-Type,X-Requested-With,X-Auth-Token,X-Openstack-Request-Id,X-Container-Meta-type,X-Container-Meta-Temp-URL-Key,Authorization
access-control-expose-headers
X-Container-Meta-Temp-Url-Key,X-Container-Bytes-Used,Last-Modified,X-Timestamp
expires
Sun, 05 Dec 2021 16:22:49 GMT
vary
Accept-Encoding
x-proxy-cache
HIT
accept-ranges
bytes
dupa.gif
kneeansweras.com/ 		0
0
script.js
123.selornews.com/dannig/common-player-arrow/ 		4 KB
5 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://123.selornews.com/dannig/common-player-arrow/script.js?a=19
Requested by
Host: 517s61.reminews.com
URL: https://517s61.reminews.com/dannig/common-player-arrow/index.html?var=1541502&ymid=2112031122fa05463c78a746e98acb682d0d&rc=1&mrc=0&fsc=0&zoneid=1601571&tburl=https://play-vids.com/?geo=nl&proxy=true
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
45.133.44.4 Philadelphia, United States, ASN39572 (ADVANCEDHOSTERS-AS, NL),
Reverse DNS
Software
nginx/1.18.0 /
Resource Hash
4d23eca65ee87fd5bce9aaefc863c5f836ad13dbb3069c72533bddfe2054d0d9

Request headers

Accept-Language
nl-NL,nl;q=0.9
Referer
https://517s61.reminews.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date
Fri, 03 Dec 2021 16:22:49 GMT
x-openstack-request-id
tx511d3042704c4fa98c709-00617824f4
x-trans-id
tx511d3042704c4fa98c709-00617824f4
x-timestamp
1631013005.68768
accept-ranges
bytes
expires
Sun, 05 Dec 2021 16:22:49 GMT
last-modified
Tue, 07 Sep 2021 11:10:06 GMT
server
nginx/1.18.0
etag
9d479878f1dadd7ee15cebf73891e8ae
vary
Accept-Encoding
access-control-allow-methods
HEAD,GET,POST,PUT,PATCH,DELETE,OPTIONS
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
access-control-expose-headers
X-Container-Meta-Temp-Url-Key,X-Container-Bytes-Used,Last-Modified,X-Timestamp
cache-control
max-age=172800
content-length
4281
access-control-allow-headers
Content-Type,X-Requested-With,X-Auth-Token,X-Openstack-Request-Id,X-Container-Meta-type,X-Container-Meta-Temp-URL-Key,Authorization
x-proxy-cache
HIT
icon1.png
123.selornews.com/dannig/common-player-arrow/img/ 		7 KB
8 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://123.selornews.com/dannig/common-player-arrow/img/icon1.png
Requested by
Host: 517s61.reminews.com
URL: https://517s61.reminews.com/dannig/common-player-arrow/index.html?var=1541502&ymid=2112031122fa05463c78a746e98acb682d0d&rc=1&mrc=0&fsc=0&zoneid=1601571&tburl=https://play-vids.com/?geo=nl&proxy=true
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
45.133.44.4 Philadelphia, United States, ASN39572 (ADVANCEDHOSTERS-AS, NL),
Reverse DNS
Software
nginx/1.18.0 /
Resource Hash
0515ddd9185d263874e7b66bb6d521fcd63b857aac5fed51c08df98026dafe27

Request headers

Accept-Language
nl-NL,nl;q=0.9
Referer
https://517s61.reminews.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date
Fri, 03 Dec 2021 16:22:49 GMT
x-openstack-request-id
tx3a371b7f911d47879e956-00617824f4
x-trans-id
tx3a371b7f911d47879e956-00617824f4
x-timestamp
1621260766.56573
accept-ranges
bytes
expires
Sun, 05 Dec 2021 16:22:49 GMT
last-modified
Mon, 17 May 2021 14:12:47 GMT
server
nginx/1.18.0
etag
3d0ab5834c8bf7134e4d21fa3288317f
vary
Accept-Encoding
access-control-allow-methods
HEAD,GET,POST,PUT,PATCH,DELETE,OPTIONS
content-type
image/png
access-control-allow-origin
*
access-control-expose-headers
X-Container-Meta-Temp-Url-Key,X-Container-Bytes-Used,Last-Modified,X-Timestamp
cache-control
max-age=172800
content-length
7252
access-control-allow-headers
Content-Type,X-Requested-With,X-Auth-Token,X-Openstack-Request-Id,X-Container-Meta-type,X-Container-Meta-Temp-URL-Key,Authorization
x-proxy-cache
HIT
icon2.png
123.selornews.com/dannig/common-player-arrow/img/ 		4 KB
5 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://123.selornews.com/dannig/common-player-arrow/img/icon2.png
Requested by
Host: 517s61.reminews.com
URL: https://517s61.reminews.com/dannig/common-player-arrow/index.html?var=1541502&ymid=2112031122fa05463c78a746e98acb682d0d&rc=1&mrc=0&fsc=0&zoneid=1601571&tburl=https://play-vids.com/?geo=nl&proxy=true
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
45.133.44.4 Philadelphia, United States, ASN39572 (ADVANCEDHOSTERS-AS, NL),
Reverse DNS
Software
nginx/1.18.0 /
Resource Hash

Request headers

Accept-Language
nl-NL,nl;q=0.9
Referer
https://517s61.reminews.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date
Fri, 03 Dec 2021 16:22:49 GMT
x-openstack-request-id
txa9b08c83d6884e2e94886-00617824f0
x-trans-id
txa9b08c83d6884e2e94886-00617824f0
x-timestamp
1621260766.58366
accept-ranges
bytes
expires
Sun, 05 Dec 2021 16:22:49 GMT
last-modified
Mon, 17 May 2021 14:12:47 GMT
server
nginx/1.18.0
etag
c947d439eb93367f1af5b2a3d222f057
vary
Accept-Encoding
access-control-allow-methods
HEAD,GET,POST,PUT,PATCH,DELETE,OPTIONS
content-type
image/png
access-control-allow-origin
*
access-control-expose-headers
X-Container-Meta-Temp-Url-Key,X-Container-Bytes-Used,Last-Modified,X-Timestamp
cache-control
max-age=172800
content-length
4576
access-control-allow-headers
Content-Type,X-Requested-With,X-Auth-Token,X-Openstack-Request-Id,X-Container-Meta-type,X-Container-Meta-Temp-URL-Key,Authorization
x-proxy-cache
HIT
icon3.png
123.selornews.com/dannig/common-player-arrow/img/ 		8 KB
8 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://123.selornews.com/dannig/common-player-arrow/img/icon3.png
Requested by
Host: 517s61.reminews.com
URL: https://517s61.reminews.com/dannig/common-player-arrow/index.html?var=1541502&ymid=2112031122fa05463c78a746e98acb682d0d&rc=1&mrc=0&fsc=0&zoneid=1601571&tburl=https://play-vids.com/?geo=nl&proxy=true
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
45.133.44.4 Philadelphia, United States, ASN39572 (ADVANCEDHOSTERS-AS, NL),
Reverse DNS
Software
nginx/1.18.0 /
Resource Hash

Request headers

Accept-Language
nl-NL,nl;q=0.9
Referer
https://517s61.reminews.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date
Fri, 03 Dec 2021 16:22:49 GMT
x-openstack-request-id
txe836bc800dc74cab8c17e-00617824f0
x-trans-id
txe836bc800dc74cab8c17e-00617824f0
x-timestamp
1621260770.61859
accept-ranges
bytes
expires
Sun, 05 Dec 2021 16:22:49 GMT
last-modified
Mon, 17 May 2021 14:12:51 GMT
server
nginx/1.18.0
etag
8f3cc830da0b1fdf66bda7d1d734747b
vary
Accept-Encoding
access-control-allow-methods
HEAD,GET,POST,PUT,PATCH,DELETE,OPTIONS
content-type
image/png
access-control-allow-origin
*
access-control-expose-headers
X-Container-Meta-Temp-Url-Key,X-Container-Bytes-Used,Last-Modified,X-Timestamp
cache-control
max-age=172800
content-length
7847
access-control-allow-headers
Content-Type,X-Requested-With,X-Auth-Token,X-Openstack-Request-Id,X-Container-Meta-type,X-Container-Meta-Temp-URL-Key,Authorization
x-proxy-cache
HIT
icon4.png
123.selornews.com/dannig/common-player-arrow/img/ 		7 KB
7 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://123.selornews.com/dannig/common-player-arrow/img/icon4.png
Requested by
Host: 517s61.reminews.com
URL: https://517s61.reminews.com/dannig/common-player-arrow/index.html?var=1541502&ymid=2112031122fa05463c78a746e98acb682d0d&rc=1&mrc=0&fsc=0&zoneid=1601571&tburl=https://play-vids.com/?geo=nl&proxy=true
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
45.133.44.4 Philadelphia, United States, ASN39572 (ADVANCEDHOSTERS-AS, NL),
Reverse DNS
Software
nginx/1.18.0 /
Resource Hash

Request headers

Accept-Language
nl-NL,nl;q=0.9
Referer
https://517s61.reminews.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date
Fri, 03 Dec 2021 16:22:49 GMT
x-openstack-request-id
tx15b172dcb6084849bf123-00617824f0
x-trans-id
tx15b172dcb6084849bf123-00617824f0
x-timestamp
1621260766.57654
accept-ranges
bytes
expires
Sun, 05 Dec 2021 16:22:49 GMT
last-modified
Mon, 17 May 2021 14:12:47 GMT
server
nginx/1.18.0
etag
7ad7f32c1c0df7b4975cc41bda4ac435
vary
Accept-Encoding
access-control-allow-methods
HEAD,GET,POST,PUT,PATCH,DELETE,OPTIONS
content-type
image/png
access-control-allow-origin
*
access-control-expose-headers
X-Container-Meta-Temp-Url-Key,X-Container-Bytes-Used,Last-Modified,X-Timestamp
cache-control
max-age=172800
content-length
7032
access-control-allow-headers
Content-Type,X-Requested-With,X-Auth-Token,X-Openstack-Request-Id,X-Container-Meta-type,X-Container-Meta-Temp-URL-Key,Authorization
x-proxy-cache
HIT
icon5.png
123.selornews.com/dannig/common-player-arrow/img/ 		3 KB
4 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://123.selornews.com/dannig/common-player-arrow/img/icon5.png
Requested by
Host: 517s61.reminews.com
URL: https://517s61.reminews.com/dannig/common-player-arrow/index.html?var=1541502&ymid=2112031122fa05463c78a746e98acb682d0d&rc=1&mrc=0&fsc=0&zoneid=1601571&tburl=https://play-vids.com/?geo=nl&proxy=true
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
45.133.44.4 Philadelphia, United States, ASN39572 (ADVANCEDHOSTERS-AS, NL),
Reverse DNS
Software
nginx/1.18.0 /
Resource Hash

Request headers

Accept-Language
nl-NL,nl;q=0.9
Referer
https://517s61.reminews.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date
Fri, 03 Dec 2021 16:22:49 GMT
x-openstack-request-id
txb5043e51fe2e4d6988631-00617824f0
x-trans-id
txb5043e51fe2e4d6988631-00617824f0
x-timestamp
1621260766.74516
accept-ranges
bytes
expires
Sun, 05 Dec 2021 16:22:49 GMT
last-modified
Mon, 17 May 2021 14:12:47 GMT
server
nginx/1.18.0
etag
1e1a7582b5da63e10485d63f97abc9a0
vary
Accept-Encoding
access-control-allow-methods
HEAD,GET,POST,PUT,PATCH,DELETE,OPTIONS
content-type
image/png
access-control-allow-origin
*
access-control-expose-headers
X-Container-Meta-Temp-Url-Key,X-Container-Bytes-Used,Last-Modified,X-Timestamp
cache-control
max-age=172800
content-length
3264
access-control-allow-headers
Content-Type,X-Requested-With,X-Auth-Token,X-Openstack-Request-Id,X-Container-Meta-type,X-Container-Meta-Temp-URL-Key,Authorization
x-proxy-cache
HIT
icon7.png
123.selornews.com/dannig/common-player-arrow/img/ 		3 KB
4 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://123.selornews.com/dannig/common-player-arrow/img/icon7.png
Requested by
Host: 517s61.reminews.com
URL: https://517s61.reminews.com/dannig/common-player-arrow/index.html?var=1541502&ymid=2112031122fa05463c78a746e98acb682d0d&rc=1&mrc=0&fsc=0&zoneid=1601571&tburl=https://play-vids.com/?geo=nl&proxy=true
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
45.133.44.4 Philadelphia, United States, ASN39572 (ADVANCEDHOSTERS-AS, NL),
Reverse DNS
Software
nginx/1.18.0 /
Resource Hash

Request headers

Accept-Language
nl-NL,nl;q=0.9
Referer
https://517s61.reminews.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date
Fri, 03 Dec 2021 16:22:49 GMT
x-openstack-request-id
tx23eb648f44094a9e86fdc-00617824f0
x-trans-id
tx23eb648f44094a9e86fdc-00617824f0
x-timestamp
1621260767.43555
accept-ranges
bytes
expires
Sun, 05 Dec 2021 16:22:49 GMT
last-modified
Mon, 17 May 2021 14:12:48 GMT
server
nginx/1.18.0
etag
b512735542cb07b3b2dcf153a7dfe456
vary
Accept-Encoding
access-control-allow-methods
HEAD,GET,POST,PUT,PATCH,DELETE,OPTIONS
content-type
image/png
access-control-allow-origin
*
access-control-expose-headers
X-Container-Meta-Temp-Url-Key,X-Container-Bytes-Used,Last-Modified,X-Timestamp
cache-control
max-age=172800
content-length
3283
access-control-allow-headers
Content-Type,X-Requested-With,X-Auth-Token,X-Openstack-Request-Id,X-Container-Meta-type,X-Container-Meta-Temp-URL-Key,Authorization
x-proxy-cache
HIT
icon8.png
123.selornews.com/dannig/common-player-arrow/img/ 		4 KB
5 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://123.selornews.com/dannig/common-player-arrow/img/icon8.png
Requested by
Host: 517s61.reminews.com
URL: https://517s61.reminews.com/dannig/common-player-arrow/index.html?var=1541502&ymid=2112031122fa05463c78a746e98acb682d0d&rc=1&mrc=0&fsc=0&zoneid=1601571&tburl=https://play-vids.com/?geo=nl&proxy=true
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
45.133.44.4 Philadelphia, United States, ASN39572 (ADVANCEDHOSTERS-AS, NL),
Reverse DNS
Software
nginx/1.18.0 /
Resource Hash

Request headers

Accept-Language
nl-NL,nl;q=0.9
Referer
https://517s61.reminews.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date
Fri, 03 Dec 2021 16:22:49 GMT
x-openstack-request-id
tx287de7c84de84b77b385d-00617824f0
x-trans-id
tx287de7c84de84b77b385d-00617824f0
x-timestamp
1621260767.46514
accept-ranges
bytes
expires
Sun, 05 Dec 2021 16:22:49 GMT
last-modified
Mon, 17 May 2021 14:12:48 GMT
server
nginx/1.18.0
etag
f92d6474ebc6a3a0b576749cfb4afe98
vary
Accept-Encoding
access-control-allow-methods
HEAD,GET,POST,PUT,PATCH,DELETE,OPTIONS
content-type
image/png
access-control-allow-origin
*
access-control-expose-headers
X-Container-Meta-Temp-Url-Key,X-Container-Bytes-Used,Last-Modified,X-Timestamp
cache-control
max-age=172800
content-length
4064
access-control-allow-headers
Content-Type,X-Requested-With,X-Auth-Token,X-Openstack-Request-Id,X-Container-Meta-type,X-Container-Meta-Temp-URL-Key,Authorization
x-proxy-cache
HIT
afu.php
kneeansweras.com/ 		2 KB
1 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://kneeansweras.com/afu.php?zoneid=1541501&var=1541502
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
109.206.162.83 , Netherlands, ASN50245 (SERVEREL-AS, NL),
Reverse DNS
83.162.serverel.net
Software
nginx /
Resource Hash
03474d6d6453879dd2379aaa4df51fe3ced46a67f700cbd26a6404802ea2eba1

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36
Accept-Language
nl-NL,nl;q=0.9

Response headers

server
nginx
date
Fri, 03 Dec 2021 16:22:49 GMT
content-type
text/html; charset=utf-8
vary
Accept-Encoding
content-encoding
gzip
timing-allow-origin
*
submit.min.js
kneeansweras.com/ 		34 KB
14 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://kneeansweras.com/submit.min.js?2.0
Requested by
Host: kneeansweras.com
URL: https://kneeansweras.com/afu.php?zoneid=1541501&var=1541502
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
109.206.162.83 , Netherlands, ASN50245 (SERVEREL-AS, NL),
Reverse DNS
83.162.serverel.net
Software
nginx /
Resource Hash
85a367f436675a0f9ff723ab117c68ab0f704cd9f183bc40c8d5e06d647832b8

Request headers

Accept-Language
nl-NL,nl;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date
Fri, 03 Dec 2021 16:22:49 GMT
content-encoding
gzip
last-modified
Thu, 02 Dec 2021 12:43:17 GMT
server
nginx
etag
W/"61a8bf65-87fb"
vary
Accept-Encoding
content-type
application/javascript
timing-allow-origin
*
/
kneeansweras.com/ 		3 KB
2 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://kneeansweras.com/?r=dir&zoneid=1541501&var=1541502&pb=8ba924a49fc342658365eb2670e52f671638555769&psp=Z5c0Ws_ReS9LRLdZPn5E5LDG1GO9f1P2Tc8VDA4Spz8yKBS_YwM7psiBqnDfKETXFzCce8P5w5JFuLgZ00JhCp4bkaT57u2Wn3Zr-1ToDX95-OrdLOyXeTGfecCiNf-bDqtck50qFPFfMR5p0NHGSQskOpe2LLdT6wt4BSsh3bT96s-x8dfvlk9IX7rtFPBYkR6rG13qEK_ZhczlHuS-Ev4xHmMmvrFUrndyuzkM0xQR0IeqLrzYn_xkAcSXbhbfr2Ofc_UVnm-oauDqm6FRjRMb6ax3fvPfUHjtQYT3NZ7yDOb1AQADzA_lJ1HyNXKfD0kp8997eZ1EoOFqvbCNgvrylXDsBHxPMBPcW7OUoaRwohaYC7fzC-CvXDPIYc2DOHsKCFpdWp_FX1C0CDV4VuuvOnUenROAD4811ciNO76uP_i7O7Rm3yT028GhAE54nkehGhMAiLJboepmYiZ-ICzfTnkfbl1bmA1Jlg3cGrThA-gs6yKkMZ3TA255_ia-ES-pEyZ0C8MLEiD0h6pjPrC1h6DPIB1zlpZgOh48U07E962yp0N3P1hqDZu_-fYlR6J20M_56iuBr8EnuYysl-DKbCYBRrDyu4LUXCo92JRkxwFlS_xOSR69G5lXWtLeHkAx5zL_A-kmT8R-Pse9vua8ACavD0TjFIUmtID4UTsbG6btGoLXMA==&nojs=0&ix=0&t=0&x=1600&y=1200&wcks=1&wgl=1&cnvs=1&os=0&md=0&bb=0&pl=Chrome%20PDF%20Plugin::Chrome%20PDF%20Viewer::Native%20Client&lang=en-US&pf=Linux%20x86_64&cd=24&0&pload=103
Requested by
Host: kneeansweras.com
URL: https://kneeansweras.com/submit.min.js?2.0
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
109.206.162.83 , Netherlands, ASN50245 (SERVEREL-AS, NL),
Reverse DNS
83.162.serverel.net
Software
nginx /
Resource Hash
52730be11b7b7013d632379714fa7f57d6dab58d992449fbdc55902c0f6ba45d

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36
Accept-Language
nl-NL,nl;q=0.9

Response headers

server
nginx
date
Fri, 03 Dec 2021 16:22:49 GMT
content-type
text/html; charset=utf-8
vary
Accept-Encoding
content-encoding
gzip
timing-allow-origin
*
index.html
517s61.reminews.com/dannig/common-player-arrow/ 		6 KB
7 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://517s61.reminews.com/dannig/common-player-arrow/index.html?var=1541501&ymid=211203112294cd4383d5724eb7b906845955&rc=1&mrc=0&fsc=0&zoneid=1601571&tburl=https://play-vids.com/?geo=nl&proxy=true
Requested by
Host: kneeansweras.com
URL: https://kneeansweras.com/?r=dir&zoneid=1541501&var=1541502&pb=8ba924a49fc342658365eb2670e52f671638555769&psp=Z5c0Ws_ReS9LRLdZPn5E5LDG1GO9f1P2Tc8VDA4Spz8yKBS_YwM7psiBqnDfKETXFzCce8P5w5JFuLgZ00JhCp4bkaT57u2Wn3Zr-1ToDX95-OrdLOyXeTGfecCiNf-bDqtck50qFPFfMR5p0NHGSQskOpe2LLdT6wt4BSsh3bT96s-x8dfvlk9IX7rtFPBYkR6rG13qEK_ZhczlHuS-Ev4xHmMmvrFUrndyuzkM0xQR0IeqLrzYn_xkAcSXbhbfr2Ofc_UVnm-oauDqm6FRjRMb6ax3fvPfUHjtQYT3NZ7yDOb1AQADzA_lJ1HyNXKfD0kp8997eZ1EoOFqvbCNgvrylXDsBHxPMBPcW7OUoaRwohaYC7fzC-CvXDPIYc2DOHsKCFpdWp_FX1C0CDV4VuuvOnUenROAD4811ciNO76uP_i7O7Rm3yT028GhAE54nkehGhMAiLJboepmYiZ-ICzfTnkfbl1bmA1Jlg3cGrThA-gs6yKkMZ3TA255_ia-ES-pEyZ0C8MLEiD0h6pjPrC1h6DPIB1zlpZgOh48U07E962yp0N3P1hqDZu_-fYlR6J20M_56iuBr8EnuYysl-DKbCYBRrDyu4LUXCo92JRkxwFlS_xOSR69G5lXWtLeHkAx5zL_A-kmT8R-Pse9vua8ACavD0TjFIUmtID4UTsbG6btGoLXMA==&nojs=0&ix=0&t=0&x=1600&y=1200&wcks=1&wgl=1&cnvs=1&os=0&md=0&bb=0&pl=Chrome%20PDF%20Plugin::Chrome%20PDF%20Viewer::Native%20Client&lang=en-US&pf=Linux%20x86_64&cd=24&0&pload=103
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
45.133.44.3 Philadelphia, United States, ASN39572 (ADVANCEDHOSTERS-AS, NL),
Reverse DNS
Software
nginx/1.18.0 /
Resource Hash
dccc56b4834577790633f041a5c730b0f283352e63c8509a9da3961b170b6f96

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36
Accept-Language
nl-NL,nl;q=0.9

Response headers

date
Fri, 03 Dec 2021 16:22:49 GMT
content-type
text/html; charset=utf-8
content-length
6611
server
nginx/1.18.0
last-modified
Tue, 26 Oct 2021 15:52:40 GMT
etag
f46a63e0e4e733d7ddc6f46da00863bf
x-timestamp
1635263559.76455
x-trans-id
txf9973ab5455e4f86ae257-00617824f3
x-openstack-request-id
txf9973ab5455e4f86ae257-00617824f3
cache-control
max-age=172800
access-control-allow-origin
*
access-control-allow-methods
HEAD,GET,POST,PUT,PATCH,DELETE,OPTIONS
access-control-allow-headers
Content-Type,X-Requested-With,X-Auth-Token,X-Openstack-Request-Id,X-Container-Meta-type,X-Container-Meta-Temp-URL-Key,Authorization
access-control-expose-headers
X-Container-Meta-Temp-Url-Key,X-Container-Bytes-Used,Last-Modified,X-Timestamp
expires
Sun, 05 Dec 2021 16:22:49 GMT
vary
Accept-Encoding
x-proxy-cache
HIT
accept-ranges
bytes
dupa.gif
kneeansweras.com/ 		0
0
script.js
123.selornews.com/dannig/common-player-arrow/ 		4 KB
5 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://123.selornews.com/dannig/common-player-arrow/script.js?a=19
Requested by
Host: 517s61.reminews.com
URL: https://517s61.reminews.com/dannig/common-player-arrow/index.html?var=1541501&ymid=211203112294cd4383d5724eb7b906845955&rc=1&mrc=0&fsc=0&zoneid=1601571&tburl=https://play-vids.com/?geo=nl&proxy=true
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
45.133.44.4 Philadelphia, United States, ASN39572 (ADVANCEDHOSTERS-AS, NL),
Reverse DNS
Software
nginx/1.18.0 /
Resource Hash
4d23eca65ee87fd5bce9aaefc863c5f836ad13dbb3069c72533bddfe2054d0d9

Request headers

Accept-Language
nl-NL,nl;q=0.9
Referer
https://517s61.reminews.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date
Fri, 03 Dec 2021 16:22:49 GMT
x-openstack-request-id
tx511d3042704c4fa98c709-00617824f4
x-trans-id
tx511d3042704c4fa98c709-00617824f4
x-timestamp
1631013005.68768
accept-ranges
bytes
expires
Sun, 05 Dec 2021 16:22:49 GMT
last-modified
Tue, 07 Sep 2021 11:10:06 GMT
server
nginx/1.18.0
etag
9d479878f1dadd7ee15cebf73891e8ae
vary
Accept-Encoding
access-control-allow-methods
HEAD,GET,POST,PUT,PATCH,DELETE,OPTIONS
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
access-control-expose-headers
X-Container-Meta-Temp-Url-Key,X-Container-Bytes-Used,Last-Modified,X-Timestamp
cache-control
max-age=172800
content-length
4281
access-control-allow-headers
Content-Type,X-Requested-With,X-Auth-Token,X-Openstack-Request-Id,X-Container-Meta-type,X-Container-Meta-Temp-URL-Key,Authorization
x-proxy-cache
HIT
icon1.png
123.selornews.com/dannig/common-player-arrow/img/ 		7 KB
8 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://123.selornews.com/dannig/common-player-arrow/img/icon1.png
Requested by
Host: 517s61.reminews.com
URL: https://517s61.reminews.com/dannig/common-player-arrow/index.html?var=1541501&ymid=211203112294cd4383d5724eb7b906845955&rc=1&mrc=0&fsc=0&zoneid=1601571&tburl=https://play-vids.com/?geo=nl&proxy=true
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
45.133.44.4 Philadelphia, United States, ASN39572 (ADVANCEDHOSTERS-AS, NL),
Reverse DNS
Software
nginx/1.18.0 /
Resource Hash
0515ddd9185d263874e7b66bb6d521fcd63b857aac5fed51c08df98026dafe27

Request headers

Accept-Language
nl-NL,nl;q=0.9
Referer
https://517s61.reminews.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date
Fri, 03 Dec 2021 16:22:49 GMT
x-openstack-request-id
tx3a371b7f911d47879e956-00617824f4
x-trans-id
tx3a371b7f911d47879e956-00617824f4
x-timestamp
1621260766.56573
accept-ranges
bytes
expires
Sun, 05 Dec 2021 16:22:49 GMT
last-modified
Mon, 17 May 2021 14:12:47 GMT
server
nginx/1.18.0
etag
3d0ab5834c8bf7134e4d21fa3288317f
vary
Accept-Encoding
access-control-allow-methods
HEAD,GET,POST,PUT,PATCH,DELETE,OPTIONS
content-type
image/png
access-control-allow-origin
*
access-control-expose-headers
X-Container-Meta-Temp-Url-Key,X-Container-Bytes-Used,Last-Modified,X-Timestamp
cache-control
max-age=172800
content-length
7252
access-control-allow-headers
Content-Type,X-Requested-With,X-Auth-Token,X-Openstack-Request-Id,X-Container-Meta-type,X-Container-Meta-Temp-URL-Key,Authorization
x-proxy-cache
HIT
icon2.png
123.selornews.com/dannig/common-player-arrow/img/ 		4 KB
5 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://123.selornews.com/dannig/common-player-arrow/img/icon2.png
Requested by
Host: 517s61.reminews.com
URL: https://517s61.reminews.com/dannig/common-player-arrow/index.html?var=1541501&ymid=211203112294cd4383d5724eb7b906845955&rc=1&mrc=0&fsc=0&zoneid=1601571&tburl=https://play-vids.com/?geo=nl&proxy=true
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
45.133.44.4 Philadelphia, United States, ASN39572 (ADVANCEDHOSTERS-AS, NL),
Reverse DNS
Software
nginx/1.18.0 /
Resource Hash

Request headers

Accept-Language
nl-NL,nl;q=0.9
Referer
https://517s61.reminews.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date
Fri, 03 Dec 2021 16:22:49 GMT
x-openstack-request-id
txa9b08c83d6884e2e94886-00617824f0
x-trans-id
txa9b08c83d6884e2e94886-00617824f0
x-timestamp
1621260766.58366
accept-ranges
bytes
expires
Sun, 05 Dec 2021 16:22:49 GMT
last-modified
Mon, 17 May 2021 14:12:47 GMT
server
nginx/1.18.0
etag
c947d439eb93367f1af5b2a3d222f057
vary
Accept-Encoding
access-control-allow-methods
HEAD,GET,POST,PUT,PATCH,DELETE,OPTIONS
content-type
image/png
access-control-allow-origin
*
access-control-expose-headers
X-Container-Meta-Temp-Url-Key,X-Container-Bytes-Used,Last-Modified,X-Timestamp
cache-control
max-age=172800
content-length
4576
access-control-allow-headers
Content-Type,X-Requested-With,X-Auth-Token,X-Openstack-Request-Id,X-Container-Meta-type,X-Container-Meta-Temp-URL-Key,Authorization
x-proxy-cache
HIT
icon3.png
123.selornews.com/dannig/common-player-arrow/img/ 		8 KB
8 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://123.selornews.com/dannig/common-player-arrow/img/icon3.png
Requested by
Host: 517s61.reminews.com
URL: https://517s61.reminews.com/dannig/common-player-arrow/index.html?var=1541501&ymid=211203112294cd4383d5724eb7b906845955&rc=1&mrc=0&fsc=0&zoneid=1601571&tburl=https://play-vids.com/?geo=nl&proxy=true
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
45.133.44.4 Philadelphia, United States, ASN39572 (ADVANCEDHOSTERS-AS, NL),
Reverse DNS
Software
nginx/1.18.0 /
Resource Hash

Request headers

Accept-Language
nl-NL,nl;q=0.9
Referer
https://517s61.reminews.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date
Fri, 03 Dec 2021 16:22:49 GMT
x-openstack-request-id
txe836bc800dc74cab8c17e-00617824f0
x-trans-id
txe836bc800dc74cab8c17e-00617824f0
x-timestamp
1621260770.61859
accept-ranges
bytes
expires
Sun, 05 Dec 2021 16:22:49 GMT
last-modified
Mon, 17 May 2021 14:12:51 GMT
server
nginx/1.18.0
etag
8f3cc830da0b1fdf66bda7d1d734747b
vary
Accept-Encoding
access-control-allow-methods
HEAD,GET,POST,PUT,PATCH,DELETE,OPTIONS
content-type
image/png
access-control-allow-origin
*
access-control-expose-headers
X-Container-Meta-Temp-Url-Key,X-Container-Bytes-Used,Last-Modified,X-Timestamp
cache-control
max-age=172800
content-length
7847
access-control-allow-headers
Content-Type,X-Requested-With,X-Auth-Token,X-Openstack-Request-Id,X-Container-Meta-type,X-Container-Meta-Temp-URL-Key,Authorization
x-proxy-cache
HIT
icon4.png
123.selornews.com/dannig/common-player-arrow/img/ 		7 KB
7 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://123.selornews.com/dannig/common-player-arrow/img/icon4.png
Requested by
Host: 517s61.reminews.com
URL: https://517s61.reminews.com/dannig/common-player-arrow/index.html?var=1541501&ymid=211203112294cd4383d5724eb7b906845955&rc=1&mrc=0&fsc=0&zoneid=1601571&tburl=https://play-vids.com/?geo=nl&proxy=true
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
45.133.44.4 Philadelphia, United States, ASN39572 (ADVANCEDHOSTERS-AS, NL),
Reverse DNS
Software
nginx/1.18.0 /
Resource Hash

Request headers

Accept-Language
nl-NL,nl;q=0.9
Referer
https://517s61.reminews.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date
Fri, 03 Dec 2021 16:22:49 GMT
x-openstack-request-id
tx15b172dcb6084849bf123-00617824f0
x-trans-id
tx15b172dcb6084849bf123-00617824f0
x-timestamp
1621260766.57654
accept-ranges
bytes
expires
Sun, 05 Dec 2021 16:22:49 GMT
last-modified
Mon, 17 May 2021 14:12:47 GMT
server
nginx/1.18.0
etag
7ad7f32c1c0df7b4975cc41bda4ac435
vary
Accept-Encoding
access-control-allow-methods
HEAD,GET,POST,PUT,PATCH,DELETE,OPTIONS
content-type
image/png
access-control-allow-origin
*
access-control-expose-headers
X-Container-Meta-Temp-Url-Key,X-Container-Bytes-Used,Last-Modified,X-Timestamp
cache-control
max-age=172800
content-length
7032
access-control-allow-headers
Content-Type,X-Requested-With,X-Auth-Token,X-Openstack-Request-Id,X-Container-Meta-type,X-Container-Meta-Temp-URL-Key,Authorization
x-proxy-cache
HIT
icon5.png
123.selornews.com/dannig/common-player-arrow/img/ 		3 KB
4 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://123.selornews.com/dannig/common-player-arrow/img/icon5.png
Requested by
Host: 517s61.reminews.com
URL: https://517s61.reminews.com/dannig/common-player-arrow/index.html?var=1541501&ymid=211203112294cd4383d5724eb7b906845955&rc=1&mrc=0&fsc=0&zoneid=1601571&tburl=https://play-vids.com/?geo=nl&proxy=true
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
45.133.44.4 Philadelphia, United States, ASN39572 (ADVANCEDHOSTERS-AS, NL),
Reverse DNS
Software
nginx/1.18.0 /
Resource Hash

Request headers

Accept-Language
nl-NL,nl;q=0.9
Referer
https://517s61.reminews.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date
Fri, 03 Dec 2021 16:22:49 GMT
x-openstack-request-id
txb5043e51fe2e4d6988631-00617824f0
x-trans-id
txb5043e51fe2e4d6988631-00617824f0
x-timestamp
1621260766.74516
accept-ranges
bytes
expires
Sun, 05 Dec 2021 16:22:49 GMT
last-modified
Mon, 17 May 2021 14:12:47 GMT
server
nginx/1.18.0
etag
1e1a7582b5da63e10485d63f97abc9a0
vary
Accept-Encoding
access-control-allow-methods
HEAD,GET,POST,PUT,PATCH,DELETE,OPTIONS
content-type
image/png
access-control-allow-origin
*
access-control-expose-headers
X-Container-Meta-Temp-Url-Key,X-Container-Bytes-Used,Last-Modified,X-Timestamp
cache-control
max-age=172800
content-length
3264
access-control-allow-headers
Content-Type,X-Requested-With,X-Auth-Token,X-Openstack-Request-Id,X-Container-Meta-type,X-Container-Meta-Temp-URL-Key,Authorization
x-proxy-cache
HIT
icon7.png
123.selornews.com/dannig/common-player-arrow/img/ 		3 KB
4 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://123.selornews.com/dannig/common-player-arrow/img/icon7.png
Requested by
Host: 517s61.reminews.com
URL: https://517s61.reminews.com/dannig/common-player-arrow/index.html?var=1541501&ymid=211203112294cd4383d5724eb7b906845955&rc=1&mrc=0&fsc=0&zoneid=1601571&tburl=https://play-vids.com/?geo=nl&proxy=true
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
45.133.44.4 Philadelphia, United States, ASN39572 (ADVANCEDHOSTERS-AS, NL),
Reverse DNS
Software
nginx/1.18.0 /
Resource Hash

Request headers

Accept-Language
nl-NL,nl;q=0.9
Referer
https://517s61.reminews.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date
Fri, 03 Dec 2021 16:22:49 GMT
x-openstack-request-id
tx23eb648f44094a9e86fdc-00617824f0
x-trans-id
tx23eb648f44094a9e86fdc-00617824f0
x-timestamp
1621260767.43555
accept-ranges
bytes
expires
Sun, 05 Dec 2021 16:22:49 GMT
last-modified
Mon, 17 May 2021 14:12:48 GMT
server
nginx/1.18.0
etag
b512735542cb07b3b2dcf153a7dfe456
vary
Accept-Encoding
access-control-allow-methods
HEAD,GET,POST,PUT,PATCH,DELETE,OPTIONS
content-type
image/png
access-control-allow-origin
*
access-control-expose-headers
X-Container-Meta-Temp-Url-Key,X-Container-Bytes-Used,Last-Modified,X-Timestamp
cache-control
max-age=172800
content-length
3283
access-control-allow-headers
Content-Type,X-Requested-With,X-Auth-Token,X-Openstack-Request-Id,X-Container-Meta-type,X-Container-Meta-Temp-URL-Key,Authorization
x-proxy-cache
HIT
icon8.png
123.selornews.com/dannig/common-player-arrow/img/ 		4 KB
5 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://123.selornews.com/dannig/common-player-arrow/img/icon8.png
Requested by
Host: 517s61.reminews.com
URL: https://517s61.reminews.com/dannig/common-player-arrow/index.html?var=1541501&ymid=211203112294cd4383d5724eb7b906845955&rc=1&mrc=0&fsc=0&zoneid=1601571&tburl=https://play-vids.com/?geo=nl&proxy=true
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
45.133.44.4 Philadelphia, United States, ASN39572 (ADVANCEDHOSTERS-AS, NL),
Reverse DNS
Software
nginx/1.18.0 /
Resource Hash

Request headers

Accept-Language
nl-NL,nl;q=0.9
Referer
https://517s61.reminews.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date
Fri, 03 Dec 2021 16:22:49 GMT
x-openstack-request-id
tx287de7c84de84b77b385d-00617824f0
x-trans-id
tx287de7c84de84b77b385d-00617824f0
x-timestamp
1621260767.46514
accept-ranges
bytes
expires
Sun, 05 Dec 2021 16:22:49 GMT
last-modified
Mon, 17 May 2021 14:12:48 GMT
server
nginx/1.18.0
etag
f92d6474ebc6a3a0b576749cfb4afe98
vary
Accept-Encoding
access-control-allow-methods
HEAD,GET,POST,PUT,PATCH,DELETE,OPTIONS
content-type
image/png
access-control-allow-origin
*
access-control-expose-headers
X-Container-Meta-Temp-Url-Key,X-Container-Bytes-Used,Last-Modified,X-Timestamp
cache-control
max-age=172800
content-length
4064
access-control-allow-headers
Content-Type,X-Requested-With,X-Auth-Token,X-Openstack-Request-Id,X-Container-Meta-type,X-Container-Meta-Temp-URL-Key,Authorization
x-proxy-cache
HIT
afu.php
kneeansweras.com/ 		2 KB
1 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://kneeansweras.com/afu.php?zoneid=1541502&var=1541501
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
109.206.162.83 , Netherlands, ASN50245 (SERVEREL-AS, NL),
Reverse DNS
83.162.serverel.net
Software
nginx /
Resource Hash
1d1348ba47a8feaf4a614c984a689e2b9a6555dd24451e8ad792cdd2a7447140

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36
Accept-Language
nl-NL,nl;q=0.9

Response headers

server
nginx
date
Fri, 03 Dec 2021 16:22:49 GMT
content-type
text/html; charset=utf-8
vary
Accept-Encoding
content-encoding
gzip
timing-allow-origin
*
submit.min.js
kneeansweras.com/ 		34 KB
14 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://kneeansweras.com/submit.min.js?2.0
Requested by
Host: kneeansweras.com
URL: https://kneeansweras.com/afu.php?zoneid=1541502&var=1541501
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
109.206.162.83 , Netherlands, ASN50245 (SERVEREL-AS, NL),
Reverse DNS
83.162.serverel.net
Software
nginx /
Resource Hash
85a367f436675a0f9ff723ab117c68ab0f704cd9f183bc40c8d5e06d647832b8

Request headers

Accept-Language
nl-NL,nl;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date
Fri, 03 Dec 2021 16:22:49 GMT
content-encoding
gzip
last-modified
Thu, 02 Dec 2021 12:43:17 GMT
server
nginx
etag
W/"61a8bf65-87fb"
vary
Accept-Encoding
content-type
application/javascript
timing-allow-origin
*
/
kneeansweras.com/ 		3 KB
2 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://kneeansweras.com/?r=dir&zoneid=1541502&var=1541501&pb=8ba924a49fc342658365eb2670e52f671638555769&psp=uCJqrVni_O-6YKPmaSFgmGRoC4XOsBNwBXxcBtL2j0cwSAwcH1sNgmqUhe5oNlLgfXLobZwALPLYvtve1lz-WB1t3BLkC3MryGyRvV9uzc9krnv7hEzpjRUUqVL4ujWRz0wWOXGqa_b0DH_eNrqDbsgPMpbgcwc7JReKYu1iaCBXGkooaiaxsl8TMDQ4BExRuwqX_88Wy-HVzV5oH_s8EJrJacU_9lzIiOksT9JMwjZaufh6yivxNaIBYi61PVi4AmX5c15TSe-dzGSfMZi4voorceh7mUiWg6k2N5BwZv8JCRQOC_P1fSwbm01mVm39YriQrYbnVSahr3otStdlcuLMalKNyuFBG4-sPxY5TK0iRsggy8qookU5yfx5rMp5Xg7KakHDdwDZJ3oYkCkTS4cqp6RV3UDVE9OtHmJ8-i94WD94xdvyFX7xbUQjXKMy_ccuJeWoarGpzdPlOSr-CbKxHd_yoWYgvyEEElNmtarEY0TOvXZOSfQZydmHurufXhzPV6kt4TSOXeLupk6-MHxe_OOqQAAn4FKLZARucAu1AGU9GcKF70OjqtLS-E8b3NhrikLom5ftTK4-qv7biM-rMRfW5Iea23AomtkK4oumRKYwJj3lLqouUuvbSl5gyuP987uUivIuXzRMdYnR-BniOSGOaYeJFmfFh0-0JMm84jMTo6111A==&nojs=0&ix=0&t=0&x=1600&y=1200&wcks=1&wgl=1&cnvs=1&os=0&md=0&bb=0&pl=Chrome%20PDF%20Plugin::Chrome%20PDF%20Viewer::Native%20Client&lang=en-US&pf=Linux%20x86_64&cd=24&0&pload=115
Requested by
Host: kneeansweras.com
URL: https://kneeansweras.com/submit.min.js?2.0
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
109.206.162.83 , Netherlands, ASN50245 (SERVEREL-AS, NL),
Reverse DNS
83.162.serverel.net
Software
nginx /
Resource Hash
c7da677ce5a1593fdb4492869be2df7be69cea1150aa5b09c6b8bb158200e6fc

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36
Accept-Language
nl-NL,nl;q=0.9

Response headers

server
nginx
date
Fri, 03 Dec 2021 16:22:49 GMT
content-type
text/html; charset=utf-8
vary
Accept-Encoding
content-encoding
gzip
timing-allow-origin
*
index.html
517s61.reminews.com/dannig/common-player-arrow/ 		6 KB
7 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://517s61.reminews.com/dannig/common-player-arrow/index.html?var=1541502&ymid=2112031122e8fa2be1b8e64aafa7b4a0544f&rc=1&mrc=0&fsc=0&zoneid=1601571&tburl=https://play-vids.com/?geo=nl&proxy=true
Requested by
Host: kneeansweras.com
URL: https://kneeansweras.com/?r=dir&zoneid=1541502&var=1541501&pb=8ba924a49fc342658365eb2670e52f671638555769&psp=uCJqrVni_O-6YKPmaSFgmGRoC4XOsBNwBXxcBtL2j0cwSAwcH1sNgmqUhe5oNlLgfXLobZwALPLYvtve1lz-WB1t3BLkC3MryGyRvV9uzc9krnv7hEzpjRUUqVL4ujWRz0wWOXGqa_b0DH_eNrqDbsgPMpbgcwc7JReKYu1iaCBXGkooaiaxsl8TMDQ4BExRuwqX_88Wy-HVzV5oH_s8EJrJacU_9lzIiOksT9JMwjZaufh6yivxNaIBYi61PVi4AmX5c15TSe-dzGSfMZi4voorceh7mUiWg6k2N5BwZv8JCRQOC_P1fSwbm01mVm39YriQrYbnVSahr3otStdlcuLMalKNyuFBG4-sPxY5TK0iRsggy8qookU5yfx5rMp5Xg7KakHDdwDZJ3oYkCkTS4cqp6RV3UDVE9OtHmJ8-i94WD94xdvyFX7xbUQjXKMy_ccuJeWoarGpzdPlOSr-CbKxHd_yoWYgvyEEElNmtarEY0TOvXZOSfQZydmHurufXhzPV6kt4TSOXeLupk6-MHxe_OOqQAAn4FKLZARucAu1AGU9GcKF70OjqtLS-E8b3NhrikLom5ftTK4-qv7biM-rMRfW5Iea23AomtkK4oumRKYwJj3lLqouUuvbSl5gyuP987uUivIuXzRMdYnR-BniOSGOaYeJFmfFh0-0JMm84jMTo6111A==&nojs=0&ix=0&t=0&x=1600&y=1200&wcks=1&wgl=1&cnvs=1&os=0&md=0&bb=0&pl=Chrome%20PDF%20Plugin::Chrome%20PDF%20Viewer::Native%20Client&lang=en-US&pf=Linux%20x86_64&cd=24&0&pload=115
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
45.133.44.3 Philadelphia, United States, ASN39572 (ADVANCEDHOSTERS-AS, NL),
Reverse DNS
Software
nginx/1.18.0 /
Resource Hash
dccc56b4834577790633f041a5c730b0f283352e63c8509a9da3961b170b6f96

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36
Accept-Language
nl-NL,nl;q=0.9

Response headers

date
Fri, 03 Dec 2021 16:22:49 GMT
content-type
text/html; charset=utf-8
content-length
6611
server
nginx/1.18.0
last-modified
Tue, 26 Oct 2021 15:52:40 GMT
etag
f46a63e0e4e733d7ddc6f46da00863bf
x-timestamp
1635263559.76455
x-trans-id
txf9973ab5455e4f86ae257-00617824f3
x-openstack-request-id
txf9973ab5455e4f86ae257-00617824f3
cache-control
max-age=172800
access-control-allow-origin
*
access-control-allow-methods
HEAD,GET,POST,PUT,PATCH,DELETE,OPTIONS
access-control-allow-headers
Content-Type,X-Requested-With,X-Auth-Token,X-Openstack-Request-Id,X-Container-Meta-type,X-Container-Meta-Temp-URL-Key,Authorization
access-control-expose-headers
X-Container-Meta-Temp-Url-Key,X-Container-Bytes-Used,Last-Modified,X-Timestamp
expires
Sun, 05 Dec 2021 16:22:49 GMT
vary
Accept-Encoding
x-proxy-cache
HIT
accept-ranges
bytes
dupa.gif
kneeansweras.com/ 		0
0
script.js
123.selornews.com/dannig/common-player-arrow/ 		4 KB
5 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://123.selornews.com/dannig/common-player-arrow/script.js?a=19
Requested by
Host: 517s61.reminews.com
URL: https://517s61.reminews.com/dannig/common-player-arrow/index.html?var=1541502&ymid=2112031122e8fa2be1b8e64aafa7b4a0544f&rc=1&mrc=0&fsc=0&zoneid=1601571&tburl=https://play-vids.com/?geo=nl&proxy=true
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
45.133.44.4 Philadelphia, United States, ASN39572 (ADVANCEDHOSTERS-AS, NL),
Reverse DNS
Software
nginx/1.18.0 /
Resource Hash
4d23eca65ee87fd5bce9aaefc863c5f836ad13dbb3069c72533bddfe2054d0d9

Request headers

Accept-Language
nl-NL,nl;q=0.9
Referer
https://517s61.reminews.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date
Fri, 03 Dec 2021 16:22:49 GMT
x-openstack-request-id
tx511d3042704c4fa98c709-00617824f4
x-trans-id
tx511d3042704c4fa98c709-00617824f4
x-timestamp
1631013005.68768
accept-ranges
bytes
expires
Sun, 05 Dec 2021 16:22:49 GMT
last-modified
Tue, 07 Sep 2021 11:10:06 GMT
server
nginx/1.18.0
etag
9d479878f1dadd7ee15cebf73891e8ae
vary
Accept-Encoding
access-control-allow-methods
HEAD,GET,POST,PUT,PATCH,DELETE,OPTIONS
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
access-control-expose-headers
X-Container-Meta-Temp-Url-Key,X-Container-Bytes-Used,Last-Modified,X-Timestamp
cache-control
max-age=172800
content-length
4281
access-control-allow-headers
Content-Type,X-Requested-With,X-Auth-Token,X-Openstack-Request-Id,X-Container-Meta-type,X-Container-Meta-Temp-URL-Key,Authorization
x-proxy-cache
HIT
icon1.png
123.selornews.com/dannig/common-player-arrow/img/ 		7 KB
8 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://123.selornews.com/dannig/common-player-arrow/img/icon1.png
Requested by
Host: 517s61.reminews.com
URL: https://517s61.reminews.com/dannig/common-player-arrow/index.html?var=1541502&ymid=2112031122e8fa2be1b8e64aafa7b4a0544f&rc=1&mrc=0&fsc=0&zoneid=1601571&tburl=https://play-vids.com/?geo=nl&proxy=true
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
45.133.44.4 Philadelphia, United States, ASN39572 (ADVANCEDHOSTERS-AS, NL),
Reverse DNS
Software
nginx/1.18.0 /
Resource Hash

Request headers

Accept-Language
nl-NL,nl;q=0.9
Referer
https://517s61.reminews.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date
Fri, 03 Dec 2021 16:22:49 GMT
x-openstack-request-id
tx3a371b7f911d47879e956-00617824f4
x-trans-id
tx3a371b7f911d47879e956-00617824f4
x-timestamp
1621260766.56573
accept-ranges
bytes
expires
Sun, 05 Dec 2021 16:22:49 GMT
last-modified
Mon, 17 May 2021 14:12:47 GMT
server
nginx/1.18.0
etag
3d0ab5834c8bf7134e4d21fa3288317f
vary
Accept-Encoding
access-control-allow-methods
HEAD,GET,POST,PUT,PATCH,DELETE,OPTIONS
content-type
image/png
access-control-allow-origin
*
access-control-expose-headers
X-Container-Meta-Temp-Url-Key,X-Container-Bytes-Used,Last-Modified,X-Timestamp
cache-control
max-age=172800
content-length
7252
access-control-allow-headers
Content-Type,X-Requested-With,X-Auth-Token,X-Openstack-Request-Id,X-Container-Meta-type,X-Container-Meta-Temp-URL-Key,Authorization
x-proxy-cache
HIT
icon2.png
123.selornews.com/dannig/common-player-arrow/img/ 		4 KB
5 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://123.selornews.com/dannig/common-player-arrow/img/icon2.png
Requested by
Host: 517s61.reminews.com
URL: https://517s61.reminews.com/dannig/common-player-arrow/index.html?var=1541502&ymid=2112031122e8fa2be1b8e64aafa7b4a0544f&rc=1&mrc=0&fsc=0&zoneid=1601571&tburl=https://play-vids.com/?geo=nl&proxy=true
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
45.133.44.4 Philadelphia, United States, ASN39572 (ADVANCEDHOSTERS-AS, NL),
Reverse DNS
Software
nginx/1.18.0 /
Resource Hash

Request headers

Accept-Language
nl-NL,nl;q=0.9
Referer
https://517s61.reminews.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date
Fri, 03 Dec 2021 16:22:49 GMT
x-openstack-request-id
txa9b08c83d6884e2e94886-00617824f0
x-trans-id
txa9b08c83d6884e2e94886-00617824f0
x-timestamp
1621260766.58366
accept-ranges
bytes
expires
Sun, 05 Dec 2021 16:22:49 GMT
last-modified
Mon, 17 May 2021 14:12:47 GMT
server
nginx/1.18.0
etag
c947d439eb93367f1af5b2a3d222f057
vary
Accept-Encoding
access-control-allow-methods
HEAD,GET,POST,PUT,PATCH,DELETE,OPTIONS
content-type
image/png
access-control-allow-origin
*
access-control-expose-headers
X-Container-Meta-Temp-Url-Key,X-Container-Bytes-Used,Last-Modified,X-Timestamp
cache-control
max-age=172800
content-length
4576
access-control-allow-headers
Content-Type,X-Requested-With,X-Auth-Token,X-Openstack-Request-Id,X-Container-Meta-type,X-Container-Meta-Temp-URL-Key,Authorization
x-proxy-cache
HIT
icon3.png
123.selornews.com/dannig/common-player-arrow/img/ 		8 KB
8 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://123.selornews.com/dannig/common-player-arrow/img/icon3.png
Requested by
Host: 517s61.reminews.com
URL: https://517s61.reminews.com/dannig/common-player-arrow/index.html?var=1541502&ymid=2112031122e8fa2be1b8e64aafa7b4a0544f&rc=1&mrc=0&fsc=0&zoneid=1601571&tburl=https://play-vids.com/?geo=nl&proxy=true
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
45.133.44.4 Philadelphia, United States, ASN39572 (ADVANCEDHOSTERS-AS, NL),
Reverse DNS
Software
nginx/1.18.0 /
Resource Hash

Request headers

Accept-Language
nl-NL,nl;q=0.9
Referer
https://517s61.reminews.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date
Fri, 03 Dec 2021 16:22:49 GMT
x-openstack-request-id
txe836bc800dc74cab8c17e-00617824f0
x-trans-id
txe836bc800dc74cab8c17e-00617824f0
x-timestamp
1621260770.61859
accept-ranges
bytes
expires
Sun, 05 Dec 2021 16:22:49 GMT
last-modified
Mon, 17 May 2021 14:12:51 GMT
server
nginx/1.18.0
etag
8f3cc830da0b1fdf66bda7d1d734747b
vary
Accept-Encoding
access-control-allow-methods
HEAD,GET,POST,PUT,PATCH,DELETE,OPTIONS
content-type
image/png
access-control-allow-origin
*
access-control-expose-headers
X-Container-Meta-Temp-Url-Key,X-Container-Bytes-Used,Last-Modified,X-Timestamp
cache-control
max-age=172800
content-length
7847
access-control-allow-headers
Content-Type,X-Requested-With,X-Auth-Token,X-Openstack-Request-Id,X-Container-Meta-type,X-Container-Meta-Temp-URL-Key,Authorization
x-proxy-cache
HIT
icon4.png
123.selornews.com/dannig/common-player-arrow/img/ 		7 KB
7 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://123.selornews.com/dannig/common-player-arrow/img/icon4.png
Requested by
Host: 517s61.reminews.com
URL: https://517s61.reminews.com/dannig/common-player-arrow/index.html?var=1541502&ymid=2112031122e8fa2be1b8e64aafa7b4a0544f&rc=1&mrc=0&fsc=0&zoneid=1601571&tburl=https://play-vids.com/?geo=nl&proxy=true
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
45.133.44.4 Philadelphia, United States, ASN39572 (ADVANCEDHOSTERS-AS, NL),
Reverse DNS
Software
nginx/1.18.0 /
Resource Hash

Request headers

Accept-Language
nl-NL,nl;q=0.9
Referer
https://517s61.reminews.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date
Fri, 03 Dec 2021 16:22:49 GMT
x-openstack-request-id
tx15b172dcb6084849bf123-00617824f0
x-trans-id
tx15b172dcb6084849bf123-00617824f0
x-timestamp
1621260766.57654
accept-ranges
bytes
expires
Sun, 05 Dec 2021 16:22:49 GMT
last-modified
Mon, 17 May 2021 14:12:47 GMT
server
nginx/1.18.0
etag
7ad7f32c1c0df7b4975cc41bda4ac435
vary
Accept-Encoding
access-control-allow-methods
HEAD,GET,POST,PUT,PATCH,DELETE,OPTIONS
content-type
image/png
access-control-allow-origin
*
access-control-expose-headers
X-Container-Meta-Temp-Url-Key,X-Container-Bytes-Used,Last-Modified,X-Timestamp
cache-control
max-age=172800
content-length
7032
access-control-allow-headers
Content-Type,X-Requested-With,X-Auth-Token,X-Openstack-Request-Id,X-Container-Meta-type,X-Container-Meta-Temp-URL-Key,Authorization
x-proxy-cache
HIT
icon5.png
123.selornews.com/dannig/common-player-arrow/img/ 		3 KB
4 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://123.selornews.com/dannig/common-player-arrow/img/icon5.png
Requested by
Host: 517s61.reminews.com
URL: https://517s61.reminews.com/dannig/common-player-arrow/index.html?var=1541502&ymid=2112031122e8fa2be1b8e64aafa7b4a0544f&rc=1&mrc=0&fsc=0&zoneid=1601571&tburl=https://play-vids.com/?geo=nl&proxy=true
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
45.133.44.4 Philadelphia, United States, ASN39572 (ADVANCEDHOSTERS-AS, NL),
Reverse DNS
Software
nginx/1.18.0 /
Resource Hash

Request headers

Accept-Language
nl-NL,nl;q=0.9
Referer
https://517s61.reminews.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date
Fri, 03 Dec 2021 16:22:49 GMT
x-openstack-request-id
txb5043e51fe2e4d6988631-00617824f0
x-trans-id
txb5043e51fe2e4d6988631-00617824f0
x-timestamp
1621260766.74516
accept-ranges
bytes
expires
Sun, 05 Dec 2021 16:22:49 GMT
last-modified
Mon, 17 May 2021 14:12:47 GMT
server
nginx/1.18.0
etag
1e1a7582b5da63e10485d63f97abc9a0
vary
Accept-Encoding
access-control-allow-methods
HEAD,GET,POST,PUT,PATCH,DELETE,OPTIONS
content-type
image/png
access-control-allow-origin
*
access-control-expose-headers
X-Container-Meta-Temp-Url-Key,X-Container-Bytes-Used,Last-Modified,X-Timestamp
cache-control
max-age=172800
content-length
3264
access-control-allow-headers
Content-Type,X-Requested-With,X-Auth-Token,X-Openstack-Request-Id,X-Container-Meta-type,X-Container-Meta-Temp-URL-Key,Authorization
x-proxy-cache
HIT
icon7.png
123.selornews.com/dannig/common-player-arrow/img/ 		3 KB
4 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://123.selornews.com/dannig/common-player-arrow/img/icon7.png
Requested by
Host: 517s61.reminews.com
URL: https://517s61.reminews.com/dannig/common-player-arrow/index.html?var=1541502&ymid=2112031122e8fa2be1b8e64aafa7b4a0544f&rc=1&mrc=0&fsc=0&zoneid=1601571&tburl=https://play-vids.com/?geo=nl&proxy=true
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
45.133.44.4 Philadelphia, United States, ASN39572 (ADVANCEDHOSTERS-AS, NL),
Reverse DNS
Software
nginx/1.18.0 /
Resource Hash

Request headers

Accept-Language
nl-NL,nl;q=0.9
Referer
https://517s61.reminews.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date
Fri, 03 Dec 2021 16:22:49 GMT
x-openstack-request-id
tx23eb648f44094a9e86fdc-00617824f0
x-trans-id
tx23eb648f44094a9e86fdc-00617824f0
x-timestamp
1621260767.43555
accept-ranges
bytes
expires
Sun, 05 Dec 2021 16:22:49 GMT
last-modified
Mon, 17 May 2021 14:12:48 GMT
server
nginx/1.18.0
etag
b512735542cb07b3b2dcf153a7dfe456
vary
Accept-Encoding
access-control-allow-methods
HEAD,GET,POST,PUT,PATCH,DELETE,OPTIONS
content-type
image/png
access-control-allow-origin
*
access-control-expose-headers
X-Container-Meta-Temp-Url-Key,X-Container-Bytes-Used,Last-Modified,X-Timestamp
cache-control
max-age=172800
content-length
3283
access-control-allow-headers
Content-Type,X-Requested-With,X-Auth-Token,X-Openstack-Request-Id,X-Container-Meta-type,X-Container-Meta-Temp-URL-Key,Authorization
x-proxy-cache
HIT
icon8.png
123.selornews.com/dannig/common-player-arrow/img/ 		4 KB
5 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://123.selornews.com/dannig/common-player-arrow/img/icon8.png
Requested by
Host: 517s61.reminews.com
URL: https://517s61.reminews.com/dannig/common-player-arrow/index.html?var=1541502&ymid=2112031122e8fa2be1b8e64aafa7b4a0544f&rc=1&mrc=0&fsc=0&zoneid=1601571&tburl=https://play-vids.com/?geo=nl&proxy=true
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
45.133.44.4 Philadelphia, United States, ASN39572 (ADVANCEDHOSTERS-AS, NL),
Reverse DNS
Software
nginx/1.18.0 /
Resource Hash

Request headers

Accept-Language
nl-NL,nl;q=0.9
Referer
https://517s61.reminews.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date
Fri, 03 Dec 2021 16:22:49 GMT
x-openstack-request-id
tx287de7c84de84b77b385d-00617824f0
x-trans-id
tx287de7c84de84b77b385d-00617824f0
x-timestamp
1621260767.46514
accept-ranges
bytes
expires
Sun, 05 Dec 2021 16:22:49 GMT
last-modified
Mon, 17 May 2021 14:12:48 GMT
server
nginx/1.18.0
etag
f92d6474ebc6a3a0b576749cfb4afe98
vary
Accept-Encoding
access-control-allow-methods
HEAD,GET,POST,PUT,PATCH,DELETE,OPTIONS
content-type
image/png
access-control-allow-origin
*
access-control-expose-headers
X-Container-Meta-Temp-Url-Key,X-Container-Bytes-Used,Last-Modified,X-Timestamp
cache-control
max-age=172800
content-length
4064
access-control-allow-headers
Content-Type,X-Requested-With,X-Auth-Token,X-Openstack-Request-Id,X-Container-Meta-type,X-Container-Meta-Temp-URL-Key,Authorization
x-proxy-cache
HIT
afu.php
kneeansweras.com/ 		2 KB
1 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://kneeansweras.com/afu.php?zoneid=1541501&var=1541502
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
109.206.162.83 , Netherlands, ASN50245 (SERVEREL-AS, NL),
Reverse DNS
83.162.serverel.net
Software
nginx /
Resource Hash
ec85ee78f861d18efb2113eef83f79664fe7279a66071e51effdd17dae37650a

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36
Accept-Language
nl-NL,nl;q=0.9

Response headers

server
nginx
date
Fri, 03 Dec 2021 16:22:49 GMT
content-type
text/html; charset=utf-8
vary
Accept-Encoding
content-encoding
gzip
timing-allow-origin
*
submit.min.js
kneeansweras.com/ 		34 KB
14 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://kneeansweras.com/submit.min.js?2.0
Requested by
Host: kneeansweras.com
URL: https://kneeansweras.com/afu.php?zoneid=1541501&var=1541502
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
109.206.162.83 , Netherlands, ASN50245 (SERVEREL-AS, NL),
Reverse DNS
83.162.serverel.net
Software
nginx /
Resource Hash
85a367f436675a0f9ff723ab117c68ab0f704cd9f183bc40c8d5e06d647832b8

Request headers

Accept-Language
nl-NL,nl;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date
Fri, 03 Dec 2021 16:22:49 GMT
content-encoding
gzip
last-modified
Thu, 02 Dec 2021 12:43:17 GMT
server
nginx
etag
W/"61a8bf65-87fb"
vary
Accept-Encoding
content-type
application/javascript
timing-allow-origin
*
/
kneeansweras.com/ 		3 KB
2 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://kneeansweras.com/?r=dir&zoneid=1541501&var=1541502&pb=8ba924a49fc342658365eb2670e52f671638555769&psp=5EHkrlSeuXTHML_Xfz19JxjFDOUwppc-fZevXkTRNsw1F2GWDDj942hcnZxnYYrRseKJa7Hm6eHfUtUGS8fdk-nHjUSkqwwuD6klCX9MWyX4oEQs0NcN-JY35HVhTh63jEuKjRjRggYNSR_y1Blk-LHaBAX9Dwhc6onrYNsbs7adGJrjIxD2gvhYohznavKI8ITSK4QHTnBukOMB3n3E-Fl3sYJEko0J8zFOGxHCUcKVK77nNrzslmYa_a5A0MaDDK54dbo_d494jIF93e05LWroh2_hgGvVslaAn2UD3Vc3OsKd1gXzPC-WfaT-ivj41bBBI3rnGOg4Ryr6-U41DwNoW_nbGCYcx2bt1hzzYn-8bMK4z9-AEn8-gJIkCVi5suDVJj3HJhUu9bgmMH6CB-DfMT22DToPNXusDE8eWhN_aGHIWiTGpS3RTxFswXXhgAjK29jFzbHVlI0NsUNHbhEKWkcgwh6ukGaDxtzoLhVcC8xaX9Bxo3sKFvHmQ8A_Do5MwerH55bYQjv7sJhaW3WfVocplC1QyMZDP2ZrvEBZ1c9uhXo3gqr0XsAc63v_GyNWdwkwXLJpoDbW7pEucr35iprZip0NVTLNrOoJOm_uJij3DgGQ5JC2oiU69OWW-fUbHG3AofV5mlmXWVOAr_oFVmIgzXmVig-_o-ENR7evK4RTc9mdAg==&nojs=0&ix=0&t=0&x=1600&y=1200&wcks=1&wgl=1&cnvs=1&os=0&md=0&bb=0&pl=Chrome%20PDF%20Plugin::Chrome%20PDF%20Viewer::Native%20Client&lang=en-US&pf=Linux%20x86_64&cd=24&0&pload=98
Requested by
Host: kneeansweras.com
URL: https://kneeansweras.com/submit.min.js?2.0
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
109.206.162.83 , Netherlands, ASN50245 (SERVEREL-AS, NL),
Reverse DNS
83.162.serverel.net
Software
nginx /
Resource Hash
3b3ac9bb18b8558d93b4478e08f659c0fad65ea2b476d8ac8220e690dd061864

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36
Accept-Language
nl-NL,nl;q=0.9

Response headers

server
nginx
date
Fri, 03 Dec 2021 16:22:49 GMT
content-type
text/html; charset=utf-8
vary
Accept-Encoding
content-encoding
gzip
timing-allow-origin
*
index.html
517s61.reminews.com/dannig/common-player-arrow/ 		6 KB
7 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://517s61.reminews.com/dannig/common-player-arrow/index.html?var=1541501&ymid=21120311221bd67206821a42408ed01ec4ed&rc=1&mrc=0&fsc=0&zoneid=1601571&tburl=https://play-vids.com/?geo=nl&proxy=true
Requested by
Host: kneeansweras.com
URL: https://kneeansweras.com/?r=dir&zoneid=1541501&var=1541502&pb=8ba924a49fc342658365eb2670e52f671638555769&psp=5EHkrlSeuXTHML_Xfz19JxjFDOUwppc-fZevXkTRNsw1F2GWDDj942hcnZxnYYrRseKJa7Hm6eHfUtUGS8fdk-nHjUSkqwwuD6klCX9MWyX4oEQs0NcN-JY35HVhTh63jEuKjRjRggYNSR_y1Blk-LHaBAX9Dwhc6onrYNsbs7adGJrjIxD2gvhYohznavKI8ITSK4QHTnBukOMB3n3E-Fl3sYJEko0J8zFOGxHCUcKVK77nNrzslmYa_a5A0MaDDK54dbo_d494jIF93e05LWroh2_hgGvVslaAn2UD3Vc3OsKd1gXzPC-WfaT-ivj41bBBI3rnGOg4Ryr6-U41DwNoW_nbGCYcx2bt1hzzYn-8bMK4z9-AEn8-gJIkCVi5suDVJj3HJhUu9bgmMH6CB-DfMT22DToPNXusDE8eWhN_aGHIWiTGpS3RTxFswXXhgAjK29jFzbHVlI0NsUNHbhEKWkcgwh6ukGaDxtzoLhVcC8xaX9Bxo3sKFvHmQ8A_Do5MwerH55bYQjv7sJhaW3WfVocplC1QyMZDP2ZrvEBZ1c9uhXo3gqr0XsAc63v_GyNWdwkwXLJpoDbW7pEucr35iprZip0NVTLNrOoJOm_uJij3DgGQ5JC2oiU69OWW-fUbHG3AofV5mlmXWVOAr_oFVmIgzXmVig-_o-ENR7evK4RTc9mdAg==&nojs=0&ix=0&t=0&x=1600&y=1200&wcks=1&wgl=1&cnvs=1&os=0&md=0&bb=0&pl=Chrome%20PDF%20Plugin::Chrome%20PDF%20Viewer::Native%20Client&lang=en-US&pf=Linux%20x86_64&cd=24&0&pload=98
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
45.133.44.3 Philadelphia, United States, ASN39572 (ADVANCEDHOSTERS-AS, NL),
Reverse DNS
Software
nginx/1.18.0 /
Resource Hash
dccc56b4834577790633f041a5c730b0f283352e63c8509a9da3961b170b6f96

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36
Accept-Language
nl-NL,nl;q=0.9

Response headers

date
Fri, 03 Dec 2021 16:22:50 GMT
content-type
text/html; charset=utf-8
content-length
6611
server
nginx/1.18.0
last-modified
Tue, 26 Oct 2021 15:52:40 GMT
etag
f46a63e0e4e733d7ddc6f46da00863bf
x-timestamp
1635263559.76455
x-trans-id
txf9973ab5455e4f86ae257-00617824f3
x-openstack-request-id
txf9973ab5455e4f86ae257-00617824f3
cache-control
max-age=172800
access-control-allow-origin
*
access-control-allow-methods
HEAD,GET,POST,PUT,PATCH,DELETE,OPTIONS
access-control-allow-headers
Content-Type,X-Requested-With,X-Auth-Token,X-Openstack-Request-Id,X-Container-Meta-type,X-Container-Meta-Temp-URL-Key,Authorization
access-control-expose-headers
X-Container-Meta-Temp-Url-Key,X-Container-Bytes-Used,Last-Modified,X-Timestamp
expires
Sun, 05 Dec 2021 16:22:50 GMT
vary
Accept-Encoding
x-proxy-cache
HIT
accept-ranges
bytes
dupa.gif
kneeansweras.com/ 		0
0
script.js
123.selornews.com/dannig/common-player-arrow/ 		4 KB
5 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://123.selornews.com/dannig/common-player-arrow/script.js?a=19
Requested by
Host: 517s61.reminews.com
URL: https://517s61.reminews.com/dannig/common-player-arrow/index.html?var=1541501&ymid=21120311221bd67206821a42408ed01ec4ed&rc=1&mrc=0&fsc=0&zoneid=1601571&tburl=https://play-vids.com/?geo=nl&proxy=true
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
45.133.44.4 Philadelphia, United States, ASN39572 (ADVANCEDHOSTERS-AS, NL),
Reverse DNS
Software
nginx/1.18.0 /
Resource Hash
4d23eca65ee87fd5bce9aaefc863c5f836ad13dbb3069c72533bddfe2054d0d9

Request headers

Accept-Language
nl-NL,nl;q=0.9
Referer
https://517s61.reminews.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date
Fri, 03 Dec 2021 16:22:50 GMT
x-openstack-request-id
tx511d3042704c4fa98c709-00617824f4
x-trans-id
tx511d3042704c4fa98c709-00617824f4
x-timestamp
1631013005.68768
accept-ranges
bytes
expires
Sun, 05 Dec 2021 16:22:50 GMT
last-modified
Tue, 07 Sep 2021 11:10:06 GMT
server
nginx/1.18.0
etag
9d479878f1dadd7ee15cebf73891e8ae
vary
Accept-Encoding
access-control-allow-methods
HEAD,GET,POST,PUT,PATCH,DELETE,OPTIONS
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
access-control-expose-headers
X-Container-Meta-Temp-Url-Key,X-Container-Bytes-Used,Last-Modified,X-Timestamp
cache-control
max-age=172800
content-length
4281
access-control-allow-headers
Content-Type,X-Requested-With,X-Auth-Token,X-Openstack-Request-Id,X-Container-Meta-type,X-Container-Meta-Temp-URL-Key,Authorization
x-proxy-cache
HIT
icon1.png
123.selornews.com/dannig/common-player-arrow/img/ 		7 KB
8 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://123.selornews.com/dannig/common-player-arrow/img/icon1.png
Requested by
Host: 517s61.reminews.com
URL: https://517s61.reminews.com/dannig/common-player-arrow/index.html?var=1541501&ymid=21120311221bd67206821a42408ed01ec4ed&rc=1&mrc=0&fsc=0&zoneid=1601571&tburl=https://play-vids.com/?geo=nl&proxy=true
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
45.133.44.4 Philadelphia, United States, ASN39572 (ADVANCEDHOSTERS-AS, NL),
Reverse DNS
Software
nginx/1.18.0 /
Resource Hash

Request headers

Accept-Language
nl-NL,nl;q=0.9
Referer
https://517s61.reminews.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date
Fri, 03 Dec 2021 16:22:50 GMT
x-openstack-request-id
tx3a371b7f911d47879e956-00617824f4
x-trans-id
tx3a371b7f911d47879e956-00617824f4
x-timestamp
1621260766.56573
accept-ranges
bytes
expires
Sun, 05 Dec 2021 16:22:50 GMT
last-modified
Mon, 17 May 2021 14:12:47 GMT
server
nginx/1.18.0
etag
3d0ab5834c8bf7134e4d21fa3288317f
vary
Accept-Encoding
access-control-allow-methods
HEAD,GET,POST,PUT,PATCH,DELETE,OPTIONS
content-type
image/png
access-control-allow-origin
*
access-control-expose-headers
X-Container-Meta-Temp-Url-Key,X-Container-Bytes-Used,Last-Modified,X-Timestamp
cache-control
max-age=172800
content-length
7252
access-control-allow-headers
Content-Type,X-Requested-With,X-Auth-Token,X-Openstack-Request-Id,X-Container-Meta-type,X-Container-Meta-Temp-URL-Key,Authorization
x-proxy-cache
HIT
icon2.png
123.selornews.com/dannig/common-player-arrow/img/ 		4 KB
5 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://123.selornews.com/dannig/common-player-arrow/img/icon2.png
Requested by
Host: 517s61.reminews.com
URL: https://517s61.reminews.com/dannig/common-player-arrow/index.html?var=1541501&ymid=21120311221bd67206821a42408ed01ec4ed&rc=1&mrc=0&fsc=0&zoneid=1601571&tburl=https://play-vids.com/?geo=nl&proxy=true
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
45.133.44.4 Philadelphia, United States, ASN39572 (ADVANCEDHOSTERS-AS, NL),
Reverse DNS
Software
nginx/1.18.0 /
Resource Hash

Request headers

Accept-Language
nl-NL,nl;q=0.9
Referer
https://517s61.reminews.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date
Fri, 03 Dec 2021 16:22:50 GMT
x-openstack-request-id
txa9b08c83d6884e2e94886-00617824f0
x-trans-id
txa9b08c83d6884e2e94886-00617824f0
x-timestamp
1621260766.58366
accept-ranges
bytes
expires
Sun, 05 Dec 2021 16:22:50 GMT
last-modified
Mon, 17 May 2021 14:12:47 GMT
server
nginx/1.18.0
etag
c947d439eb93367f1af5b2a3d222f057
vary
Accept-Encoding
access-control-allow-methods
HEAD,GET,POST,PUT,PATCH,DELETE,OPTIONS
content-type
image/png
access-control-allow-origin
*
access-control-expose-headers
X-Container-Meta-Temp-Url-Key,X-Container-Bytes-Used,Last-Modified,X-Timestamp
cache-control
max-age=172800
content-length
4576
access-control-allow-headers
Content-Type,X-Requested-With,X-Auth-Token,X-Openstack-Request-Id,X-Container-Meta-type,X-Container-Meta-Temp-URL-Key,Authorization
x-proxy-cache
HIT
icon3.png
123.selornews.com/dannig/common-player-arrow/img/ 		8 KB
8 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://123.selornews.com/dannig/common-player-arrow/img/icon3.png
Requested by
Host: 517s61.reminews.com
URL: https://517s61.reminews.com/dannig/common-player-arrow/index.html?var=1541501&ymid=21120311221bd67206821a42408ed01ec4ed&rc=1&mrc=0&fsc=0&zoneid=1601571&tburl=https://play-vids.com/?geo=nl&proxy=true
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
45.133.44.4 Philadelphia, United States, ASN39572 (ADVANCEDHOSTERS-AS, NL),
Reverse DNS
Software
nginx/1.18.0 /
Resource Hash

Request headers

Accept-Language
nl-NL,nl;q=0.9
Referer
https://517s61.reminews.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date
Fri, 03 Dec 2021 16:22:50 GMT
x-openstack-request-id
txe836bc800dc74cab8c17e-00617824f0
x-trans-id
txe836bc800dc74cab8c17e-00617824f0
x-timestamp
1621260770.61859
accept-ranges
bytes
expires
Sun, 05 Dec 2021 16:22:50 GMT
last-modified
Mon, 17 May 2021 14:12:51 GMT
server
nginx/1.18.0
etag
8f3cc830da0b1fdf66bda7d1d734747b
vary
Accept-Encoding
access-control-allow-methods
HEAD,GET,POST,PUT,PATCH,DELETE,OPTIONS
content-type
image/png
access-control-allow-origin
*
access-control-expose-headers
X-Container-Meta-Temp-Url-Key,X-Container-Bytes-Used,Last-Modified,X-Timestamp
cache-control
max-age=172800
content-length
7847
access-control-allow-headers
Content-Type,X-Requested-With,X-Auth-Token,X-Openstack-Request-Id,X-Container-Meta-type,X-Container-Meta-Temp-URL-Key,Authorization
x-proxy-cache
HIT
icon4.png
123.selornews.com/dannig/common-player-arrow/img/ 		7 KB
7 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://123.selornews.com/dannig/common-player-arrow/img/icon4.png
Requested by
Host: 517s61.reminews.com
URL: https://517s61.reminews.com/dannig/common-player-arrow/index.html?var=1541501&ymid=21120311221bd67206821a42408ed01ec4ed&rc=1&mrc=0&fsc=0&zoneid=1601571&tburl=https://play-vids.com/?geo=nl&proxy=true
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
45.133.44.4 Philadelphia, United States, ASN39572 (ADVANCEDHOSTERS-AS, NL),
Reverse DNS
Software
nginx/1.18.0 /
Resource Hash

Request headers

Accept-Language
nl-NL,nl;q=0.9
Referer
https://517s61.reminews.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date
Fri, 03 Dec 2021 16:22:50 GMT
x-openstack-request-id
tx15b172dcb6084849bf123-00617824f0
x-trans-id
tx15b172dcb6084849bf123-00617824f0
x-timestamp
1621260766.57654
accept-ranges
bytes
expires
Sun, 05 Dec 2021 16:22:50 GMT
last-modified
Mon, 17 May 2021 14:12:47 GMT
server
nginx/1.18.0
etag
7ad7f32c1c0df7b4975cc41bda4ac435
vary
Accept-Encoding
access-control-allow-methods
HEAD,GET,POST,PUT,PATCH,DELETE,OPTIONS
content-type
image/png
access-control-allow-origin
*
access-control-expose-headers
X-Container-Meta-Temp-Url-Key,X-Container-Bytes-Used,Last-Modified,X-Timestamp
cache-control
max-age=172800
content-length
7032
access-control-allow-headers
Content-Type,X-Requested-With,X-Auth-Token,X-Openstack-Request-Id,X-Container-Meta-type,X-Container-Meta-Temp-URL-Key,Authorization
x-proxy-cache
HIT
icon5.png
123.selornews.com/dannig/common-player-arrow/img/ 		3 KB
4 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://123.selornews.com/dannig/common-player-arrow/img/icon5.png
Requested by
Host: 517s61.reminews.com
URL: https://517s61.reminews.com/dannig/common-player-arrow/index.html?var=1541501&ymid=21120311221bd67206821a42408ed01ec4ed&rc=1&mrc=0&fsc=0&zoneid=1601571&tburl=https://play-vids.com/?geo=nl&proxy=true
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
45.133.44.4 Philadelphia, United States, ASN39572 (ADVANCEDHOSTERS-AS, NL),
Reverse DNS
Software
nginx/1.18.0 /
Resource Hash

Request headers

Accept-Language
nl-NL,nl;q=0.9
Referer
https://517s61.reminews.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date
Fri, 03 Dec 2021 16:22:50 GMT
x-openstack-request-id
txb5043e51fe2e4d6988631-00617824f0
x-trans-id
txb5043e51fe2e4d6988631-00617824f0
x-timestamp
1621260766.74516
accept-ranges
bytes
expires
Sun, 05 Dec 2021 16:22:50 GMT
last-modified
Mon, 17 May 2021 14:12:47 GMT
server
nginx/1.18.0
etag
1e1a7582b5da63e10485d63f97abc9a0
vary
Accept-Encoding
access-control-allow-methods
HEAD,GET,POST,PUT,PATCH,DELETE,OPTIONS
content-type
image/png
access-control-allow-origin
*
access-control-expose-headers
X-Container-Meta-Temp-Url-Key,X-Container-Bytes-Used,Last-Modified,X-Timestamp
cache-control
max-age=172800
content-length
3264
access-control-allow-headers
Content-Type,X-Requested-With,X-Auth-Token,X-Openstack-Request-Id,X-Container-Meta-type,X-Container-Meta-Temp-URL-Key,Authorization
x-proxy-cache
HIT
icon7.png
123.selornews.com/dannig/common-player-arrow/img/ 		3 KB
4 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://123.selornews.com/dannig/common-player-arrow/img/icon7.png
Requested by
Host: 517s61.reminews.com
URL: https://517s61.reminews.com/dannig/common-player-arrow/index.html?var=1541501&ymid=21120311221bd67206821a42408ed01ec4ed&rc=1&mrc=0&fsc=0&zoneid=1601571&tburl=https://play-vids.com/?geo=nl&proxy=true
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
45.133.44.4 Philadelphia, United States, ASN39572 (ADVANCEDHOSTERS-AS, NL),
Reverse DNS
Software
nginx/1.18.0 /
Resource Hash

Request headers

Accept-Language
nl-NL,nl;q=0.9
Referer
https://517s61.reminews.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date
Fri, 03 Dec 2021 16:22:50 GMT
x-openstack-request-id
tx23eb648f44094a9e86fdc-00617824f0
x-trans-id
tx23eb648f44094a9e86fdc-00617824f0
x-timestamp
1621260767.43555
accept-ranges
bytes
expires
Sun, 05 Dec 2021 16:22:50 GMT
last-modified
Mon, 17 May 2021 14:12:48 GMT
server
nginx/1.18.0
etag
b512735542cb07b3b2dcf153a7dfe456
vary
Accept-Encoding
access-control-allow-methods
HEAD,GET,POST,PUT,PATCH,DELETE,OPTIONS
content-type
image/png
access-control-allow-origin
*
access-control-expose-headers
X-Container-Meta-Temp-Url-Key,X-Container-Bytes-Used,Last-Modified,X-Timestamp
cache-control
max-age=172800
content-length
3283
access-control-allow-headers
Content-Type,X-Requested-With,X-Auth-Token,X-Openstack-Request-Id,X-Container-Meta-type,X-Container-Meta-Temp-URL-Key,Authorization
x-proxy-cache
HIT
icon8.png
123.selornews.com/dannig/common-player-arrow/img/ 		4 KB
5 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://123.selornews.com/dannig/common-player-arrow/img/icon8.png
Requested by
Host: 517s61.reminews.com
URL: https://517s61.reminews.com/dannig/common-player-arrow/index.html?var=1541501&ymid=21120311221bd67206821a42408ed01ec4ed&rc=1&mrc=0&fsc=0&zoneid=1601571&tburl=https://play-vids.com/?geo=nl&proxy=true
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
45.133.44.4 Philadelphia, United States, ASN39572 (ADVANCEDHOSTERS-AS, NL),
Reverse DNS
Software
nginx/1.18.0 /
Resource Hash

Request headers

Accept-Language
nl-NL,nl;q=0.9
Referer
https://517s61.reminews.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date
Fri, 03 Dec 2021 16:22:50 GMT
x-openstack-request-id
tx287de7c84de84b77b385d-00617824f0
x-trans-id
tx287de7c84de84b77b385d-00617824f0
x-timestamp
1621260767.46514
accept-ranges
bytes
expires
Sun, 05 Dec 2021 16:22:50 GMT
last-modified
Mon, 17 May 2021 14:12:48 GMT
server
nginx/1.18.0
etag
f92d6474ebc6a3a0b576749cfb4afe98
vary
Accept-Encoding
access-control-allow-methods
HEAD,GET,POST,PUT,PATCH,DELETE,OPTIONS
content-type
image/png
access-control-allow-origin
*
access-control-expose-headers
X-Container-Meta-Temp-Url-Key,X-Container-Bytes-Used,Last-Modified,X-Timestamp
cache-control
max-age=172800
content-length
4064
access-control-allow-headers
Content-Type,X-Requested-With,X-Auth-Token,X-Openstack-Request-Id,X-Container-Meta-type,X-Container-Meta-Temp-URL-Key,Authorization
x-proxy-cache
HIT
afu.php
kneeansweras.com/ 		2 KB
1 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://kneeansweras.com/afu.php?zoneid=1541502&var=1541501
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
109.206.162.83 , Netherlands, ASN50245 (SERVEREL-AS, NL),
Reverse DNS
83.162.serverel.net
Software
nginx /
Resource Hash
b6f4a9c7b72ec1eae73e7315fcddddac88d3e290c8f7eb894439b438800be640

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36
Accept-Language
nl-NL,nl;q=0.9

Response headers

server
nginx
date
Fri, 03 Dec 2021 16:22:50 GMT
content-type
text/html; charset=utf-8
vary
Accept-Encoding
content-encoding
gzip
timing-allow-origin
*
submit.min.js
kneeansweras.com/ 		34 KB
14 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://kneeansweras.com/submit.min.js?2.0
Requested by
Host: kneeansweras.com
URL: https://kneeansweras.com/afu.php?zoneid=1541502&var=1541501
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
109.206.162.83 , Netherlands, ASN50245 (SERVEREL-AS, NL),
Reverse DNS
83.162.serverel.net
Software
nginx /
Resource Hash
85a367f436675a0f9ff723ab117c68ab0f704cd9f183bc40c8d5e06d647832b8

Request headers

Accept-Language
nl-NL,nl;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date
Fri, 03 Dec 2021 16:22:50 GMT
content-encoding
gzip
last-modified
Thu, 02 Dec 2021 12:43:17 GMT
server
nginx
etag
W/"61a8bf65-87fb"
vary
Accept-Encoding
content-type
application/javascript
timing-allow-origin
*
/
kneeansweras.com/ 		3 KB
2 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://kneeansweras.com/?r=dir&zoneid=1541502&var=1541501&pb=70810cddfb84509069dc856b272996991638555770&psp=9GfiGThdeSTcjBxEBdlvGb4KEbfI14iAYkyfu3ytqcItFab9SQYca59EkhZ5O0KRf1xxiNUtkqP1Pxb-C9ROQlPoeYKIKIIv3qIg7MplZJpdURlcZK94O4OqJuPby2KnBwhojG7wKddNepwzw01UIqPfdysE1O-c7R1VD2LDL_txyW0GjAn2IpjpMcZurlhy8exW9CCJxWax2bgW08JMqcTJLhDmgcJoXAtosrRkYTWkGBsg5jBbE1tnf5rY0l7ipeesDNIUJ6ZgEU3fsGgRbmI1rK0tGEbtnXqpgVAXJMrVkrtgE8YBM5NPvUv4YHY0YMM7czfEHkTl14pSOqqyy5mDY8C_wNRzE9fqvOBauyNsUU6Wllvhpg1DzABVI39YVahDypSUn12ya7dWhXZh-EiBVvMY8jtVnNVgtBhu9YQs-BDGZ9x-XbsRriMZqw6uaI-EFZmgNEiIUWYIl3rxcAFFTITDMf7IaNaedo7shdSpQ3zvtAKHh2C51lzZjZ14htIj2-eLqXIZhID4BZkJfcJ0UyEmbbGd40XFSpVjA0cTMlfRD9fYlfOxuSKAeZA7uVZ_0Amk5aiGA67JxuOdaYLX7s0yIQXfPOOnFzIvtfMJiB0rLzJtg4GDPMoAQkdZDuTeeHuoxl2MYB6PoVCSjWsECB11jL-g1-Pe-UYFB7hixW4cmM5wzg==&nojs=0&ix=0&t=0&x=1600&y=1200&wcks=1&wgl=1&cnvs=1&os=0&md=0&bb=0&pl=Chrome%20PDF%20Plugin::Chrome%20PDF%20Viewer::Native%20Client&lang=en-US&pf=Linux%20x86_64&cd=24&0&pload=98
Requested by
Host: kneeansweras.com
URL: https://kneeansweras.com/submit.min.js?2.0
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
109.206.162.83 , Netherlands, ASN50245 (SERVEREL-AS, NL),
Reverse DNS
83.162.serverel.net
Software
nginx /
Resource Hash
4ca1f7c3f9f63f27606536d60878d272fede9c9106695fc2f89c9cec23ae7eed

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36
Accept-Language
nl-NL,nl;q=0.9

Response headers

server
nginx
date
Fri, 03 Dec 2021 16:22:50 GMT
content-type
text/html; charset=utf-8
vary
Accept-Encoding
content-encoding
gzip
timing-allow-origin
*
index.html
517s61.reminews.com/dannig/common-player-arrow/ 		6 KB
7 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://517s61.reminews.com/dannig/common-player-arrow/index.html?var=1541502&ymid=2112031122732d83ce502847a8aff7e74a91&rc=1&mrc=0&fsc=0&zoneid=1601571&tburl=https://play-vids.com/?geo=nl&proxy=true
Requested by
Host: kneeansweras.com
URL: https://kneeansweras.com/?r=dir&zoneid=1541502&var=1541501&pb=70810cddfb84509069dc856b272996991638555770&psp=9GfiGThdeSTcjBxEBdlvGb4KEbfI14iAYkyfu3ytqcItFab9SQYca59EkhZ5O0KRf1xxiNUtkqP1Pxb-C9ROQlPoeYKIKIIv3qIg7MplZJpdURlcZK94O4OqJuPby2KnBwhojG7wKddNepwzw01UIqPfdysE1O-c7R1VD2LDL_txyW0GjAn2IpjpMcZurlhy8exW9CCJxWax2bgW08JMqcTJLhDmgcJoXAtosrRkYTWkGBsg5jBbE1tnf5rY0l7ipeesDNIUJ6ZgEU3fsGgRbmI1rK0tGEbtnXqpgVAXJMrVkrtgE8YBM5NPvUv4YHY0YMM7czfEHkTl14pSOqqyy5mDY8C_wNRzE9fqvOBauyNsUU6Wllvhpg1DzABVI39YVahDypSUn12ya7dWhXZh-EiBVvMY8jtVnNVgtBhu9YQs-BDGZ9x-XbsRriMZqw6uaI-EFZmgNEiIUWYIl3rxcAFFTITDMf7IaNaedo7shdSpQ3zvtAKHh2C51lzZjZ14htIj2-eLqXIZhID4BZkJfcJ0UyEmbbGd40XFSpVjA0cTMlfRD9fYlfOxuSKAeZA7uVZ_0Amk5aiGA67JxuOdaYLX7s0yIQXfPOOnFzIvtfMJiB0rLzJtg4GDPMoAQkdZDuTeeHuoxl2MYB6PoVCSjWsECB11jL-g1-Pe-UYFB7hixW4cmM5wzg==&nojs=0&ix=0&t=0&x=1600&y=1200&wcks=1&wgl=1&cnvs=1&os=0&md=0&bb=0&pl=Chrome%20PDF%20Plugin::Chrome%20PDF%20Viewer::Native%20Client&lang=en-US&pf=Linux%20x86_64&cd=24&0&pload=98
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
45.133.44.3 Philadelphia, United States, ASN39572 (ADVANCEDHOSTERS-AS, NL),
Reverse DNS
Software
nginx/1.18.0 /
Resource Hash
dccc56b4834577790633f041a5c730b0f283352e63c8509a9da3961b170b6f96

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36
Accept-Language
nl-NL,nl;q=0.9

Response headers

date
Fri, 03 Dec 2021 16:22:50 GMT
content-type
text/html; charset=utf-8
content-length
6611
server
nginx/1.18.0
last-modified
Tue, 26 Oct 2021 15:52:40 GMT
etag
f46a63e0e4e733d7ddc6f46da00863bf
x-timestamp
1635263559.76455
x-trans-id
txf9973ab5455e4f86ae257-00617824f3
x-openstack-request-id
txf9973ab5455e4f86ae257-00617824f3
cache-control
max-age=172800
access-control-allow-origin
*
access-control-allow-methods
HEAD,GET,POST,PUT,PATCH,DELETE,OPTIONS
access-control-allow-headers
Content-Type,X-Requested-With,X-Auth-Token,X-Openstack-Request-Id,X-Container-Meta-type,X-Container-Meta-Temp-URL-Key,Authorization
access-control-expose-headers
X-Container-Meta-Temp-Url-Key,X-Container-Bytes-Used,Last-Modified,X-Timestamp
expires
Sun, 05 Dec 2021 16:22:50 GMT
vary
Accept-Encoding
x-proxy-cache
HIT
accept-ranges
bytes
dupa.gif
kneeansweras.com/ 		0
0
script.js
123.selornews.com/dannig/common-player-arrow/ 		4 KB
5 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://123.selornews.com/dannig/common-player-arrow/script.js?a=19
Requested by
Host: 517s61.reminews.com
URL: https://517s61.reminews.com/dannig/common-player-arrow/index.html?var=1541502&ymid=2112031122732d83ce502847a8aff7e74a91&rc=1&mrc=0&fsc=0&zoneid=1601571&tburl=https://play-vids.com/?geo=nl&proxy=true
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
45.133.44.4 Philadelphia, United States, ASN39572 (ADVANCEDHOSTERS-AS, NL),
Reverse DNS
Software
nginx/1.18.0 /
Resource Hash
4d23eca65ee87fd5bce9aaefc863c5f836ad13dbb3069c72533bddfe2054d0d9

Request headers

Accept-Language
nl-NL,nl;q=0.9
Referer
https://517s61.reminews.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date
Fri, 03 Dec 2021 16:22:50 GMT
x-openstack-request-id
tx511d3042704c4fa98c709-00617824f4
x-trans-id
tx511d3042704c4fa98c709-00617824f4
x-timestamp
1631013005.68768
accept-ranges
bytes
expires
Sun, 05 Dec 2021 16:22:50 GMT
last-modified
Tue, 07 Sep 2021 11:10:06 GMT
server
nginx/1.18.0
etag
9d479878f1dadd7ee15cebf73891e8ae
vary
Accept-Encoding
access-control-allow-methods
HEAD,GET,POST,PUT,PATCH,DELETE,OPTIONS
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
access-control-expose-headers
X-Container-Meta-Temp-Url-Key,X-Container-Bytes-Used,Last-Modified,X-Timestamp
cache-control
max-age=172800
content-length
4281
access-control-allow-headers
Content-Type,X-Requested-With,X-Auth-Token,X-Openstack-Request-Id,X-Container-Meta-type,X-Container-Meta-Temp-URL-Key,Authorization
x-proxy-cache
HIT
icon1.png
123.selornews.com/dannig/common-player-arrow/img/ 		7 KB
8 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://123.selornews.com/dannig/common-player-arrow/img/icon1.png
Requested by
Host: 517s61.reminews.com
URL: https://517s61.reminews.com/dannig/common-player-arrow/index.html?var=1541502&ymid=2112031122732d83ce502847a8aff7e74a91&rc=1&mrc=0&fsc=0&zoneid=1601571&tburl=https://play-vids.com/?geo=nl&proxy=true
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
45.133.44.4 Philadelphia, United States, ASN39572 (ADVANCEDHOSTERS-AS, NL),
Reverse DNS
Software
nginx/1.18.0 /
Resource Hash

Request headers

Accept-Language
nl-NL,nl;q=0.9
Referer
https://517s61.reminews.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date
Fri, 03 Dec 2021 16:22:50 GMT
x-openstack-request-id
tx3a371b7f911d47879e956-00617824f4
x-trans-id
tx3a371b7f911d47879e956-00617824f4
x-timestamp
1621260766.56573
accept-ranges
bytes
expires
Sun, 05 Dec 2021 16:22:50 GMT
last-modified
Mon, 17 May 2021 14:12:47 GMT
server
nginx/1.18.0
etag
3d0ab5834c8bf7134e4d21fa3288317f
vary
Accept-Encoding
access-control-allow-methods
HEAD,GET,POST,PUT,PATCH,DELETE,OPTIONS
content-type
image/png
access-control-allow-origin
*
access-control-expose-headers
X-Container-Meta-Temp-Url-Key,X-Container-Bytes-Used,Last-Modified,X-Timestamp
cache-control
max-age=172800
content-length
7252
access-control-allow-headers
Content-Type,X-Requested-With,X-Auth-Token,X-Openstack-Request-Id,X-Container-Meta-type,X-Container-Meta-Temp-URL-Key,Authorization
x-proxy-cache
HIT
icon2.png
123.selornews.com/dannig/common-player-arrow/img/ 		4 KB
5 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://123.selornews.com/dannig/common-player-arrow/img/icon2.png
Requested by
Host: 517s61.reminews.com
URL: https://517s61.reminews.com/dannig/common-player-arrow/index.html?var=1541502&ymid=2112031122732d83ce502847a8aff7e74a91&rc=1&mrc=0&fsc=0&zoneid=1601571&tburl=https://play-vids.com/?geo=nl&proxy=true
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
45.133.44.4 Philadelphia, United States, ASN39572 (ADVANCEDHOSTERS-AS, NL),
Reverse DNS
Software
nginx/1.18.0 /
Resource Hash

Request headers

Accept-Language
nl-NL,nl;q=0.9
Referer
https://517s61.reminews.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date
Fri, 03 Dec 2021 16:22:50 GMT
x-openstack-request-id
txa9b08c83d6884e2e94886-00617824f0
x-trans-id
txa9b08c83d6884e2e94886-00617824f0
x-timestamp
1621260766.58366
accept-ranges
bytes
expires
Sun, 05 Dec 2021 16:22:50 GMT
last-modified
Mon, 17 May 2021 14:12:47 GMT
server
nginx/1.18.0
etag
c947d439eb93367f1af5b2a3d222f057
vary
Accept-Encoding
access-control-allow-methods
HEAD,GET,POST,PUT,PATCH,DELETE,OPTIONS
content-type
image/png
access-control-allow-origin
*
access-control-expose-headers
X-Container-Meta-Temp-Url-Key,X-Container-Bytes-Used,Last-Modified,X-Timestamp
cache-control
max-age=172800
content-length
4576
access-control-allow-headers
Content-Type,X-Requested-With,X-Auth-Token,X-Openstack-Request-Id,X-Container-Meta-type,X-Container-Meta-Temp-URL-Key,Authorization
x-proxy-cache
HIT
icon3.png
123.selornews.com/dannig/common-player-arrow/img/ 		8 KB
8 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://123.selornews.com/dannig/common-player-arrow/img/icon3.png
Requested by
Host: 517s61.reminews.com
URL: https://517s61.reminews.com/dannig/common-player-arrow/index.html?var=1541502&ymid=2112031122732d83ce502847a8aff7e74a91&rc=1&mrc=0&fsc=0&zoneid=1601571&tburl=https://play-vids.com/?geo=nl&proxy=true
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
45.133.44.4 Philadelphia, United States, ASN39572 (ADVANCEDHOSTERS-AS, NL),
Reverse DNS
Software
nginx/1.18.0 /
Resource Hash

Request headers

Accept-Language
nl-NL,nl;q=0.9
Referer
https://517s61.reminews.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date
Fri, 03 Dec 2021 16:22:50 GMT
x-openstack-request-id
txe836bc800dc74cab8c17e-00617824f0
x-trans-id
txe836bc800dc74cab8c17e-00617824f0
x-timestamp
1621260770.61859
accept-ranges
bytes
expires
Sun, 05 Dec 2021 16:22:50 GMT
last-modified
Mon, 17 May 2021 14:12:51 GMT
server
nginx/1.18.0
etag
8f3cc830da0b1fdf66bda7d1d734747b
vary
Accept-Encoding
access-control-allow-methods
HEAD,GET,POST,PUT,PATCH,DELETE,OPTIONS
content-type
image/png
access-control-allow-origin
*
access-control-expose-headers
X-Container-Meta-Temp-Url-Key,X-Container-Bytes-Used,Last-Modified,X-Timestamp
cache-control
max-age=172800
content-length
7847
access-control-allow-headers
Content-Type,X-Requested-With,X-Auth-Token,X-Openstack-Request-Id,X-Container-Meta-type,X-Container-Meta-Temp-URL-Key,Authorization
x-proxy-cache
HIT
icon4.png
123.selornews.com/dannig/common-player-arrow/img/ 		7 KB
7 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://123.selornews.com/dannig/common-player-arrow/img/icon4.png
Requested by
Host: 517s61.reminews.com
URL: https://517s61.reminews.com/dannig/common-player-arrow/index.html?var=1541502&ymid=2112031122732d83ce502847a8aff7e74a91&rc=1&mrc=0&fsc=0&zoneid=1601571&tburl=https://play-vids.com/?geo=nl&proxy=true
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
45.133.44.4 Philadelphia, United States, ASN39572 (ADVANCEDHOSTERS-AS, NL),
Reverse DNS
Software
nginx/1.18.0 /
Resource Hash

Request headers

Accept-Language
nl-NL,nl;q=0.9
Referer
https://517s61.reminews.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date
Fri, 03 Dec 2021 16:22:50 GMT
x-openstack-request-id
tx15b172dcb6084849bf123-00617824f0
x-trans-id
tx15b172dcb6084849bf123-00617824f0
x-timestamp
1621260766.57654
accept-ranges
bytes
expires
Sun, 05 Dec 2021 16:22:50 GMT
last-modified
Mon, 17 May 2021 14:12:47 GMT
server
nginx/1.18.0
etag
7ad7f32c1c0df7b4975cc41bda4ac435
vary
Accept-Encoding
access-control-allow-methods
HEAD,GET,POST,PUT,PATCH,DELETE,OPTIONS
content-type
image/png
access-control-allow-origin
*
access-control-expose-headers
X-Container-Meta-Temp-Url-Key,X-Container-Bytes-Used,Last-Modified,X-Timestamp
cache-control
max-age=172800
content-length
7032
access-control-allow-headers
Content-Type,X-Requested-With,X-Auth-Token,X-Openstack-Request-Id,X-Container-Meta-type,X-Container-Meta-Temp-URL-Key,Authorization
x-proxy-cache
HIT
icon5.png
123.selornews.com/dannig/common-player-arrow/img/ 		3 KB
4 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://123.selornews.com/dannig/common-player-arrow/img/icon5.png
Requested by
Host: 517s61.reminews.com
URL: https://517s61.reminews.com/dannig/common-player-arrow/index.html?var=1541502&ymid=2112031122732d83ce502847a8aff7e74a91&rc=1&mrc=0&fsc=0&zoneid=1601571&tburl=https://play-vids.com/?geo=nl&proxy=true
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
45.133.44.4 Philadelphia, United States, ASN39572 (ADVANCEDHOSTERS-AS, NL),
Reverse DNS
Software
nginx/1.18.0 /
Resource Hash

Request headers

Accept-Language
nl-NL,nl;q=0.9
Referer
https://517s61.reminews.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date
Fri, 03 Dec 2021 16:22:50 GMT
x-openstack-request-id
txb5043e51fe2e4d6988631-00617824f0
x-trans-id
txb5043e51fe2e4d6988631-00617824f0
x-timestamp
1621260766.74516
accept-ranges
bytes
expires
Sun, 05 Dec 2021 16:22:50 GMT
last-modified
Mon, 17 May 2021 14:12:47 GMT
server
nginx/1.18.0
etag
1e1a7582b5da63e10485d63f97abc9a0
vary
Accept-Encoding
access-control-allow-methods
HEAD,GET,POST,PUT,PATCH,DELETE,OPTIONS
content-type
image/png
access-control-allow-origin
*
access-control-expose-headers
X-Container-Meta-Temp-Url-Key,X-Container-Bytes-Used,Last-Modified,X-Timestamp
cache-control
max-age=172800
content-length
3264
access-control-allow-headers
Content-Type,X-Requested-With,X-Auth-Token,X-Openstack-Request-Id,X-Container-Meta-type,X-Container-Meta-Temp-URL-Key,Authorization
x-proxy-cache
HIT
icon7.png
123.selornews.com/dannig/common-player-arrow/img/ 		3 KB
4 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://123.selornews.com/dannig/common-player-arrow/img/icon7.png
Requested by
Host: 517s61.reminews.com
URL: https://517s61.reminews.com/dannig/common-player-arrow/index.html?var=1541502&ymid=2112031122732d83ce502847a8aff7e74a91&rc=1&mrc=0&fsc=0&zoneid=1601571&tburl=https://play-vids.com/?geo=nl&proxy=true
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
45.133.44.4 Philadelphia, United States, ASN39572 (ADVANCEDHOSTERS-AS, NL),
Reverse DNS
Software
nginx/1.18.0 /
Resource Hash

Request headers

Accept-Language
nl-NL,nl;q=0.9
Referer
https://517s61.reminews.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date
Fri, 03 Dec 2021 16:22:50 GMT
x-openstack-request-id
tx23eb648f44094a9e86fdc-00617824f0
x-trans-id
tx23eb648f44094a9e86fdc-00617824f0
x-timestamp
1621260767.43555
accept-ranges
bytes
expires
Sun, 05 Dec 2021 16:22:50 GMT
last-modified
Mon, 17 May 2021 14:12:48 GMT
server
nginx/1.18.0
etag
b512735542cb07b3b2dcf153a7dfe456
vary
Accept-Encoding
access-control-allow-methods
HEAD,GET,POST,PUT,PATCH,DELETE,OPTIONS
content-type
image/png
access-control-allow-origin
*
access-control-expose-headers
X-Container-Meta-Temp-Url-Key,X-Container-Bytes-Used,Last-Modified,X-Timestamp
cache-control
max-age=172800
content-length
3283
access-control-allow-headers
Content-Type,X-Requested-With,X-Auth-Token,X-Openstack-Request-Id,X-Container-Meta-type,X-Container-Meta-Temp-URL-Key,Authorization
x-proxy-cache
HIT
icon8.png
123.selornews.com/dannig/common-player-arrow/img/ 		4 KB
5 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://123.selornews.com/dannig/common-player-arrow/img/icon8.png
Requested by
Host: 517s61.reminews.com
URL: https://517s61.reminews.com/dannig/common-player-arrow/index.html?var=1541502&ymid=2112031122732d83ce502847a8aff7e74a91&rc=1&mrc=0&fsc=0&zoneid=1601571&tburl=https://play-vids.com/?geo=nl&proxy=true
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
45.133.44.4 Philadelphia, United States, ASN39572 (ADVANCEDHOSTERS-AS, NL),
Reverse DNS
Software
nginx/1.18.0 /
Resource Hash

Request headers

Accept-Language
nl-NL,nl;q=0.9
Referer
https://517s61.reminews.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date
Fri, 03 Dec 2021 16:22:50 GMT
x-openstack-request-id
tx287de7c84de84b77b385d-00617824f0
x-trans-id
tx287de7c84de84b77b385d-00617824f0
x-timestamp
1621260767.46514
accept-ranges
bytes
expires
Sun, 05 Dec 2021 16:22:50 GMT
last-modified
Mon, 17 May 2021 14:12:48 GMT
server
nginx/1.18.0
etag
f92d6474ebc6a3a0b576749cfb4afe98
vary
Accept-Encoding
access-control-allow-methods
HEAD,GET,POST,PUT,PATCH,DELETE,OPTIONS
content-type
image/png
access-control-allow-origin
*
access-control-expose-headers
X-Container-Meta-Temp-Url-Key,X-Container-Bytes-Used,Last-Modified,X-Timestamp
cache-control
max-age=172800
content-length
4064
access-control-allow-headers
Content-Type,X-Requested-With,X-Auth-Token,X-Openstack-Request-Id,X-Container-Meta-type,X-Container-Meta-Temp-URL-Key,Authorization
x-proxy-cache
HIT
afu.php
kneeansweras.com/ 		2 KB
1 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://kneeansweras.com/afu.php?zoneid=1541501&var=1541502
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
109.206.162.83 , Netherlands, ASN50245 (SERVEREL-AS, NL),
Reverse DNS
83.162.serverel.net
Software
nginx /
Resource Hash
af54b8638904fcc1ce41426153ee2d53b4468b04d9687d4bfa16be59b1bf73c0

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36
Accept-Language
nl-NL,nl;q=0.9

Response headers

server
nginx
date
Fri, 03 Dec 2021 16:22:50 GMT
content-type
text/html; charset=utf-8
vary
Accept-Encoding
content-encoding
gzip
timing-allow-origin
*
submit.min.js
kneeansweras.com/ 		34 KB
14 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://kneeansweras.com/submit.min.js?2.0
Requested by
Host: kneeansweras.com
URL: https://kneeansweras.com/afu.php?zoneid=1541501&var=1541502
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
109.206.162.83 , Netherlands, ASN50245 (SERVEREL-AS, NL),
Reverse DNS
83.162.serverel.net
Software
nginx /
Resource Hash
85a367f436675a0f9ff723ab117c68ab0f704cd9f183bc40c8d5e06d647832b8

Request headers

Accept-Language
nl-NL,nl;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date
Fri, 03 Dec 2021 16:22:50 GMT
content-encoding
gzip
last-modified
Thu, 02 Dec 2021 12:43:17 GMT
server
nginx
etag
W/"61a8bf65-87fb"
vary
Accept-Encoding
content-type
application/javascript
timing-allow-origin
*
/
kneeansweras.com/ 		3 KB
2 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://kneeansweras.com/?r=dir&zoneid=1541501&var=1541502&pb=70810cddfb84509069dc856b272996991638555770&psp=L6YC95qVmEhjeYigZKlf3Gc_bnEkOUAk0zmuZ0E5UERRQN1ePjJgFYFiRvdmzn90iAUxGz1gaTiVAds0GXZEs6SE7LayZ4sZFaejBP1EqkqgDHuiexxdd5uyj-CdYVS8nPjwQV_3QbhVQTjfgz7w25io_OnZL2-QzGaFF1-X16ZBGAFG8tXkvFCOZ52eE_SxYdcBLviV5s4PhqZDuOZ2OH64f_Nm7-WenDoDrqGNPAfy4YUpoLFbL4y5nJ9qtzPHfGH8Ya3tSyezgAa0xLkvWng3sc5RNwfF1asEgWsTqNDC7N2Tc_i46RLCiQtZ12e5akmKYjwg7J0de5ES3jWY2UgimH-eovsxSs_xSOM0vy-lpDGLvKy3ZH7sKDRAI3DLDFonOkVbO6T14ziBoBsvnIeIvJL8ghYPdiysUoc4V9ZK5_zct0ZLFKHv_xLyZ8ZSNOdNQ65SCEgooXb35kd-ilQJLluq5BvJFwHhBaOl6O4vecb220JN7rZTqbLi0kF_EKZZZ9KBXH9CZoo8qm_pjY4sWf1_PbMN7yTUSkKNoRrCUk0Z5n-12zENStxBTbJ6vL9t55-pCHutTX7BGeGSma9jvXlrnOrFAetR-q9v0fa-jt-1vB1bpYXTnB6m_EnO9bidJwuwyhZUPYtLijtavDFM7pL47I22MqCb3IKtyF6HsOEiGZej2A==&nojs=0&ix=0&t=0&x=1600&y=1200&wcks=1&wgl=1&cnvs=1&os=0&md=0&bb=0&pl=Chrome%20PDF%20Plugin::Chrome%20PDF%20Viewer::Native%20Client&lang=en-US&pf=Linux%20x86_64&cd=24&0&pload=103
Requested by
Host: kneeansweras.com
URL: https://kneeansweras.com/submit.min.js?2.0
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
109.206.162.83 , Netherlands, ASN50245 (SERVEREL-AS, NL),
Reverse DNS
83.162.serverel.net
Software
nginx /
Resource Hash
88e59d0c572e340518eb4241f6c0eb7970931aa19ab52899f12a2fc516c0accd

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36
Accept-Language
nl-NL,nl;q=0.9

Response headers

server
nginx
date
Fri, 03 Dec 2021 16:22:50 GMT
content-type
text/html; charset=utf-8
vary
Accept-Encoding
content-encoding
gzip
timing-allow-origin
*
index.html
517s61.reminews.com/dannig/common-player-arrow/ 		6 KB
7 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://517s61.reminews.com/dannig/common-player-arrow/index.html?var=1541501&ymid=2112031122449f6c7828024b9e8c22cbd145&rc=1&mrc=0&fsc=0&zoneid=1601571&tburl=https://play-vids.com/?geo=nl&proxy=true
Requested by
Host: kneeansweras.com
URL: https://kneeansweras.com/?r=dir&zoneid=1541501&var=1541502&pb=70810cddfb84509069dc856b272996991638555770&psp=L6YC95qVmEhjeYigZKlf3Gc_bnEkOUAk0zmuZ0E5UERRQN1ePjJgFYFiRvdmzn90iAUxGz1gaTiVAds0GXZEs6SE7LayZ4sZFaejBP1EqkqgDHuiexxdd5uyj-CdYVS8nPjwQV_3QbhVQTjfgz7w25io_OnZL2-QzGaFF1-X16ZBGAFG8tXkvFCOZ52eE_SxYdcBLviV5s4PhqZDuOZ2OH64f_Nm7-WenDoDrqGNPAfy4YUpoLFbL4y5nJ9qtzPHfGH8Ya3tSyezgAa0xLkvWng3sc5RNwfF1asEgWsTqNDC7N2Tc_i46RLCiQtZ12e5akmKYjwg7J0de5ES3jWY2UgimH-eovsxSs_xSOM0vy-lpDGLvKy3ZH7sKDRAI3DLDFonOkVbO6T14ziBoBsvnIeIvJL8ghYPdiysUoc4V9ZK5_zct0ZLFKHv_xLyZ8ZSNOdNQ65SCEgooXb35kd-ilQJLluq5BvJFwHhBaOl6O4vecb220JN7rZTqbLi0kF_EKZZZ9KBXH9CZoo8qm_pjY4sWf1_PbMN7yTUSkKNoRrCUk0Z5n-12zENStxBTbJ6vL9t55-pCHutTX7BGeGSma9jvXlrnOrFAetR-q9v0fa-jt-1vB1bpYXTnB6m_EnO9bidJwuwyhZUPYtLijtavDFM7pL47I22MqCb3IKtyF6HsOEiGZej2A==&nojs=0&ix=0&t=0&x=1600&y=1200&wcks=1&wgl=1&cnvs=1&os=0&md=0&bb=0&pl=Chrome%20PDF%20Plugin::Chrome%20PDF%20Viewer::Native%20Client&lang=en-US&pf=Linux%20x86_64&cd=24&0&pload=103
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
45.133.44.3 Philadelphia, United States, ASN39572 (ADVANCEDHOSTERS-AS, NL),
Reverse DNS
Software
nginx/1.18.0 /
Resource Hash
dccc56b4834577790633f041a5c730b0f283352e63c8509a9da3961b170b6f96

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36
Accept-Language
nl-NL,nl;q=0.9

Response headers

date
Fri, 03 Dec 2021 16:22:50 GMT
content-type
text/html; charset=utf-8
content-length
6611
server
nginx/1.18.0
last-modified
Tue, 26 Oct 2021 15:52:40 GMT
etag
f46a63e0e4e733d7ddc6f46da00863bf
x-timestamp
1635263559.76455
x-trans-id
txf9973ab5455e4f86ae257-00617824f3
x-openstack-request-id
txf9973ab5455e4f86ae257-00617824f3
cache-control
max-age=172800
access-control-allow-origin
*
access-control-allow-methods
HEAD,GET,POST,PUT,PATCH,DELETE,OPTIONS
access-control-allow-headers
Content-Type,X-Requested-With,X-Auth-Token,X-Openstack-Request-Id,X-Container-Meta-type,X-Container-Meta-Temp-URL-Key,Authorization
access-control-expose-headers
X-Container-Meta-Temp-Url-Key,X-Container-Bytes-Used,Last-Modified,X-Timestamp
expires
Sun, 05 Dec 2021 16:22:50 GMT
vary
Accept-Encoding
x-proxy-cache
HIT
accept-ranges
bytes
dupa.gif
kneeansweras.com/ 		0
0
script.js
123.selornews.com/dannig/common-player-arrow/ 		4 KB
5 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://123.selornews.com/dannig/common-player-arrow/script.js?a=19
Requested by
Host: 517s61.reminews.com
URL: https://517s61.reminews.com/dannig/common-player-arrow/index.html?var=1541501&ymid=2112031122449f6c7828024b9e8c22cbd145&rc=1&mrc=0&fsc=0&zoneid=1601571&tburl=https://play-vids.com/?geo=nl&proxy=true
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
45.133.44.4 Philadelphia, United States, ASN39572 (ADVANCEDHOSTERS-AS, NL),
Reverse DNS
Software
nginx/1.18.0 /
Resource Hash
4d23eca65ee87fd5bce9aaefc863c5f836ad13dbb3069c72533bddfe2054d0d9

Request headers

Accept-Language
nl-NL,nl;q=0.9
Referer
https://517s61.reminews.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date
Fri, 03 Dec 2021 16:22:50 GMT
x-openstack-request-id
tx511d3042704c4fa98c709-00617824f4
x-trans-id
tx511d3042704c4fa98c709-00617824f4
x-timestamp
1631013005.68768
accept-ranges
bytes
expires
Sun, 05 Dec 2021 16:22:50 GMT
last-modified
Tue, 07 Sep 2021 11:10:06 GMT
server
nginx/1.18.0
etag
9d479878f1dadd7ee15cebf73891e8ae
vary
Accept-Encoding
access-control-allow-methods
HEAD,GET,POST,PUT,PATCH,DELETE,OPTIONS
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
access-control-expose-headers
X-Container-Meta-Temp-Url-Key,X-Container-Bytes-Used,Last-Modified,X-Timestamp
cache-control
max-age=172800
content-length
4281
access-control-allow-headers
Content-Type,X-Requested-With,X-Auth-Token,X-Openstack-Request-Id,X-Container-Meta-type,X-Container-Meta-Temp-URL-Key,Authorization
x-proxy-cache
HIT
icon1.png
123.selornews.com/dannig/common-player-arrow/img/ 		7 KB
8 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://123.selornews.com/dannig/common-player-arrow/img/icon1.png
Requested by
Host: 517s61.reminews.com
URL: https://517s61.reminews.com/dannig/common-player-arrow/index.html?var=1541501&ymid=2112031122449f6c7828024b9e8c22cbd145&rc=1&mrc=0&fsc=0&zoneid=1601571&tburl=https://play-vids.com/?geo=nl&proxy=true
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
45.133.44.4 Philadelphia, United States, ASN39572 (ADVANCEDHOSTERS-AS, NL),
Reverse DNS
Software
nginx/1.18.0 /
Resource Hash

Request headers

Accept-Language
nl-NL,nl;q=0.9
Referer
https://517s61.reminews.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date
Fri, 03 Dec 2021 16:22:50 GMT
x-openstack-request-id
tx3a371b7f911d47879e956-00617824f4
x-trans-id
tx3a371b7f911d47879e956-00617824f4
x-timestamp
1621260766.56573
accept-ranges
bytes
expires
Sun, 05 Dec 2021 16:22:50 GMT
last-modified
Mon, 17 May 2021 14:12:47 GMT
server
nginx/1.18.0
etag
3d0ab5834c8bf7134e4d21fa3288317f
vary
Accept-Encoding
access-control-allow-methods
HEAD,GET,POST,PUT,PATCH,DELETE,OPTIONS
content-type
image/png
access-control-allow-origin
*
access-control-expose-headers
X-Container-Meta-Temp-Url-Key,X-Container-Bytes-Used,Last-Modified,X-Timestamp
cache-control
max-age=172800
content-length
7252
access-control-allow-headers
Content-Type,X-Requested-With,X-Auth-Token,X-Openstack-Request-Id,X-Container-Meta-type,X-Container-Meta-Temp-URL-Key,Authorization
x-proxy-cache
HIT
icon2.png
123.selornews.com/dannig/common-player-arrow/img/ 		4 KB
5 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://123.selornews.com/dannig/common-player-arrow/img/icon2.png
Requested by
Host: 517s61.reminews.com
URL: https://517s61.reminews.com/dannig/common-player-arrow/index.html?var=1541501&ymid=2112031122449f6c7828024b9e8c22cbd145&rc=1&mrc=0&fsc=0&zoneid=1601571&tburl=https://play-vids.com/?geo=nl&proxy=true
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
45.133.44.4 Philadelphia, United States, ASN39572 (ADVANCEDHOSTERS-AS, NL),
Reverse DNS
Software
nginx/1.18.0 /
Resource Hash

Request headers

Accept-Language
nl-NL,nl;q=0.9
Referer
https://517s61.reminews.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date
Fri, 03 Dec 2021 16:22:50 GMT
x-openstack-request-id
txa9b08c83d6884e2e94886-00617824f0
x-trans-id
txa9b08c83d6884e2e94886-00617824f0
x-timestamp
1621260766.58366
accept-ranges
bytes
expires
Sun, 05 Dec 2021 16:22:50 GMT
last-modified
Mon, 17 May 2021 14:12:47 GMT
server
nginx/1.18.0
etag
c947d439eb93367f1af5b2a3d222f057
vary
Accept-Encoding
access-control-allow-methods
HEAD,GET,POST,PUT,PATCH,DELETE,OPTIONS
content-type
image/png
access-control-allow-origin
*
access-control-expose-headers
X-Container-Meta-Temp-Url-Key,X-Container-Bytes-Used,Last-Modified,X-Timestamp
cache-control
max-age=172800
content-length
4576
access-control-allow-headers
Content-Type,X-Requested-With,X-Auth-Token,X-Openstack-Request-Id,X-Container-Meta-type,X-Container-Meta-Temp-URL-Key,Authorization
x-proxy-cache
HIT
icon3.png
123.selornews.com/dannig/common-player-arrow/img/ 		8 KB
8 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://123.selornews.com/dannig/common-player-arrow/img/icon3.png
Requested by
Host: 517s61.reminews.com
URL: https://517s61.reminews.com/dannig/common-player-arrow/index.html?var=1541501&ymid=2112031122449f6c7828024b9e8c22cbd145&rc=1&mrc=0&fsc=0&zoneid=1601571&tburl=https://play-vids.com/?geo=nl&proxy=true
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
45.133.44.4 Philadelphia, United States, ASN39572 (ADVANCEDHOSTERS-AS, NL),
Reverse DNS
Software
nginx/1.18.0 /
Resource Hash

Request headers

Accept-Language
nl-NL,nl;q=0.9
Referer
https://517s61.reminews.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date
Fri, 03 Dec 2021 16:22:50 GMT
x-openstack-request-id
txe836bc800dc74cab8c17e-00617824f0
x-trans-id
txe836bc800dc74cab8c17e-00617824f0
x-timestamp
1621260770.61859
accept-ranges
bytes
expires
Sun, 05 Dec 2021 16:22:50 GMT
last-modified
Mon, 17 May 2021 14:12:51 GMT
server
nginx/1.18.0
etag
8f3cc830da0b1fdf66bda7d1d734747b
vary
Accept-Encoding
access-control-allow-methods
HEAD,GET,POST,PUT,PATCH,DELETE,OPTIONS
content-type
image/png
access-control-allow-origin
*
access-control-expose-headers
X-Container-Meta-Temp-Url-Key,X-Container-Bytes-Used,Last-Modified,X-Timestamp
cache-control
max-age=172800
content-length
7847
access-control-allow-headers
Content-Type,X-Requested-With,X-Auth-Token,X-Openstack-Request-Id,X-Container-Meta-type,X-Container-Meta-Temp-URL-Key,Authorization
x-proxy-cache
HIT
icon4.png
123.selornews.com/dannig/common-player-arrow/img/ 		7 KB
7 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://123.selornews.com/dannig/common-player-arrow/img/icon4.png
Requested by
Host: 517s61.reminews.com
URL: https://517s61.reminews.com/dannig/common-player-arrow/index.html?var=1541501&ymid=2112031122449f6c7828024b9e8c22cbd145&rc=1&mrc=0&fsc=0&zoneid=1601571&tburl=https://play-vids.com/?geo=nl&proxy=true
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
45.133.44.4 Philadelphia, United States, ASN39572 (ADVANCEDHOSTERS-AS, NL),
Reverse DNS
Software
nginx/1.18.0 /
Resource Hash

Request headers

Accept-Language
nl-NL,nl;q=0.9
Referer
https://517s61.reminews.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date
Fri, 03 Dec 2021 16:22:50 GMT
x-openstack-request-id
tx15b172dcb6084849bf123-00617824f0
x-trans-id
tx15b172dcb6084849bf123-00617824f0
x-timestamp
1621260766.57654
accept-ranges
bytes
expires
Sun, 05 Dec 2021 16:22:50 GMT
last-modified
Mon, 17 May 2021 14:12:47 GMT
server
nginx/1.18.0
etag
7ad7f32c1c0df7b4975cc41bda4ac435
vary
Accept-Encoding
access-control-allow-methods
HEAD,GET,POST,PUT,PATCH,DELETE,OPTIONS
content-type
image/png
access-control-allow-origin
*
access-control-expose-headers
X-Container-Meta-Temp-Url-Key,X-Container-Bytes-Used,Last-Modified,X-Timestamp
cache-control
max-age=172800
content-length
7032
access-control-allow-headers
Content-Type,X-Requested-With,X-Auth-Token,X-Openstack-Request-Id,X-Container-Meta-type,X-Container-Meta-Temp-URL-Key,Authorization
x-proxy-cache
HIT
icon5.png
123.selornews.com/dannig/common-player-arrow/img/ 		3 KB
4 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://123.selornews.com/dannig/common-player-arrow/img/icon5.png
Requested by
Host: 517s61.reminews.com
URL: https://517s61.reminews.com/dannig/common-player-arrow/index.html?var=1541501&ymid=2112031122449f6c7828024b9e8c22cbd145&rc=1&mrc=0&fsc=0&zoneid=1601571&tburl=https://play-vids.com/?geo=nl&proxy=true
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
45.133.44.4 Philadelphia, United States, ASN39572 (ADVANCEDHOSTERS-AS, NL),
Reverse DNS
Software
nginx/1.18.0 /
Resource Hash

Request headers

Accept-Language
nl-NL,nl;q=0.9
Referer
https://517s61.reminews.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date
Fri, 03 Dec 2021 16:22:50 GMT
x-openstack-request-id
txb5043e51fe2e4d6988631-00617824f0
x-trans-id
txb5043e51fe2e4d6988631-00617824f0
x-timestamp
1621260766.74516
accept-ranges
bytes
expires
Sun, 05 Dec 2021 16:22:50 GMT
last-modified
Mon, 17 May 2021 14:12:47 GMT
server
nginx/1.18.0
etag
1e1a7582b5da63e10485d63f97abc9a0
vary
Accept-Encoding
access-control-allow-methods
HEAD,GET,POST,PUT,PATCH,DELETE,OPTIONS
content-type
image/png
access-control-allow-origin
*
access-control-expose-headers
X-Container-Meta-Temp-Url-Key,X-Container-Bytes-Used,Last-Modified,X-Timestamp
cache-control
max-age=172800
content-length
3264
access-control-allow-headers
Content-Type,X-Requested-With,X-Auth-Token,X-Openstack-Request-Id,X-Container-Meta-type,X-Container-Meta-Temp-URL-Key,Authorization
x-proxy-cache
HIT
icon7.png
123.selornews.com/dannig/common-player-arrow/img/ 		3 KB
4 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://123.selornews.com/dannig/common-player-arrow/img/icon7.png
Requested by
Host: 517s61.reminews.com
URL: https://517s61.reminews.com/dannig/common-player-arrow/index.html?var=1541501&ymid=2112031122449f6c7828024b9e8c22cbd145&rc=1&mrc=0&fsc=0&zoneid=1601571&tburl=https://play-vids.com/?geo=nl&proxy=true
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
45.133.44.4 Philadelphia, United States, ASN39572 (ADVANCEDHOSTERS-AS, NL),
Reverse DNS
Software
nginx/1.18.0 /
Resource Hash

Request headers

Accept-Language
nl-NL,nl;q=0.9
Referer
https://517s61.reminews.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date
Fri, 03 Dec 2021 16:22:50 GMT
x-openstack-request-id
tx23eb648f44094a9e86fdc-00617824f0
x-trans-id
tx23eb648f44094a9e86fdc-00617824f0
x-timestamp
1621260767.43555
accept-ranges
bytes
expires
Sun, 05 Dec 2021 16:22:50 GMT
last-modified
Mon, 17 May 2021 14:12:48 GMT
server
nginx/1.18.0
etag
b512735542cb07b3b2dcf153a7dfe456
vary
Accept-Encoding
access-control-allow-methods
HEAD,GET,POST,PUT,PATCH,DELETE,OPTIONS
content-type
image/png
access-control-allow-origin
*
access-control-expose-headers
X-Container-Meta-Temp-Url-Key,X-Container-Bytes-Used,Last-Modified,X-Timestamp
cache-control
max-age=172800
content-length
3283
access-control-allow-headers
Content-Type,X-Requested-With,X-Auth-Token,X-Openstack-Request-Id,X-Container-Meta-type,X-Container-Meta-Temp-URL-Key,Authorization
x-proxy-cache
HIT
icon8.png
123.selornews.com/dannig/common-player-arrow/img/ 		4 KB
5 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://123.selornews.com/dannig/common-player-arrow/img/icon8.png
Requested by
Host: 517s61.reminews.com
URL: https://517s61.reminews.com/dannig/common-player-arrow/index.html?var=1541501&ymid=2112031122449f6c7828024b9e8c22cbd145&rc=1&mrc=0&fsc=0&zoneid=1601571&tburl=https://play-vids.com/?geo=nl&proxy=true
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
45.133.44.4 Philadelphia, United States, ASN39572 (ADVANCEDHOSTERS-AS, NL),
Reverse DNS
Software
nginx/1.18.0 /
Resource Hash

Request headers

Accept-Language
nl-NL,nl;q=0.9
Referer
https://517s61.reminews.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date
Fri, 03 Dec 2021 16:22:50 GMT
x-openstack-request-id
tx287de7c84de84b77b385d-00617824f0
x-trans-id
tx287de7c84de84b77b385d-00617824f0
x-timestamp
1621260767.46514
accept-ranges
bytes
expires
Sun, 05 Dec 2021 16:22:50 GMT
last-modified
Mon, 17 May 2021 14:12:48 GMT
server
nginx/1.18.0
etag
f92d6474ebc6a3a0b576749cfb4afe98
vary
Accept-Encoding
access-control-allow-methods
HEAD,GET,POST,PUT,PATCH,DELETE,OPTIONS
content-type
image/png
access-control-allow-origin
*
access-control-expose-headers
X-Container-Meta-Temp-Url-Key,X-Container-Bytes-Used,Last-Modified,X-Timestamp
cache-control
max-age=172800
content-length
4064
access-control-allow-headers
Content-Type,X-Requested-With,X-Auth-Token,X-Openstack-Request-Id,X-Container-Meta-type,X-Container-Meta-Temp-URL-Key,Authorization
x-proxy-cache
HIT
afu.php
kneeansweras.com/ 		2 KB
1 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://kneeansweras.com/afu.php?zoneid=1541502&var=1541501
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
109.206.162.83 , Netherlands, ASN50245 (SERVEREL-AS, NL),
Reverse DNS
83.162.serverel.net
Software
nginx /
Resource Hash
3df9ae5f9c70f9820a57ae78b10d1fb806c1c9d2e176231cd504f635bb3f7f8b

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36
Accept-Language
nl-NL,nl;q=0.9

Response headers

server
nginx
date
Fri, 03 Dec 2021 16:22:50 GMT
content-type
text/html; charset=utf-8
vary
Accept-Encoding
content-encoding
gzip
timing-allow-origin
*
submit.min.js
kneeansweras.com/ 		34 KB
14 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://kneeansweras.com/submit.min.js?2.0
Requested by
Host: kneeansweras.com
URL: https://kneeansweras.com/afu.php?zoneid=1541502&var=1541501
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
109.206.162.83 , Netherlands, ASN50245 (SERVEREL-AS, NL),
Reverse DNS
83.162.serverel.net
Software
nginx /
Resource Hash
85a367f436675a0f9ff723ab117c68ab0f704cd9f183bc40c8d5e06d647832b8

Request headers

Accept-Language
nl-NL,nl;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date
Fri, 03 Dec 2021 16:22:50 GMT
content-encoding
gzip
last-modified
Thu, 02 Dec 2021 12:43:17 GMT
server
nginx
etag
W/"61a8bf65-87fb"
vary
Accept-Encoding
content-type
application/javascript
timing-allow-origin
*
/
kneeansweras.com/ 		3 KB
2 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://kneeansweras.com/?r=dir&zoneid=1541502&var=1541501&pb=70810cddfb84509069dc856b272996991638555770&psp=16ro4R36VscLIdbOjWFeH1i5BIc6S38o_bIn0ztTlTd-95rv7w3PuKhsP4wmYXGr8WclkKG21aTTashNlMwq5EWsBkbcJ-JhlnymFIapCsfELs8QkAAJUVhfxK847ZgGCVr0IxWN6K1HcM_r22IGWaMglQrk2M63ef_4nrt584TUcAAPmQ96QHFH4EkGcWkP4uKF_M3Au0n8FDnZHFUGeq0AmCvC8BBklORk_qW4glYTqOxjoSP-FI833rhXWuN_neMl17oAPMv0Y-5__PPkFf6JnUuLO0b3VF3xW_258cCiLwJ30--HbZ4RKsdcQi5RqV-3fhxBNihkF1E84R5AIxSQYrSEn-6Lqj6hyQv12CdOBiielUs8VnrME2m1GlIwWPJ4CjAwlgEufnIuQJVwVN1PnP7j7pnaQXLlsWRJdLLq2O8VfusjIRZ1-lD8Qdh35vNMhyAC0BY3LoGBe7Zgyp-ba5l2PmmFWZe2Y2lOSIvG96bk1ZUFDeH8m4j1LdN56QYpAqYcxLbHKh_6jM34iLTEG-_PQwo3LUFCUjjBBzGk-RDD4zATXs4UY5ZLooO7vP0qpLTZsuBnVUke-9aFGyw-lgbN2cvKJ5tv6jAXrpY25yYA5gPyUe3F6BwkxqBahA0xtEYzP-wKIaEVhcjT1RQG-rUtAOvusEKAdswjZ27JIer6XySs7Q==&nojs=0&ix=0&t=0&x=1600&y=1200&wcks=1&wgl=1&cnvs=1&os=0&md=0&bb=0&pl=Chrome%20PDF%20Plugin::Chrome%20PDF%20Viewer::Native%20Client&lang=en-US&pf=Linux%20x86_64&cd=24&0&pload=127
Requested by
Host: kneeansweras.com
URL: https://kneeansweras.com/submit.min.js?2.0
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
109.206.162.83 , Netherlands, ASN50245 (SERVEREL-AS, NL),
Reverse DNS
83.162.serverel.net
Software
nginx /
Resource Hash
08952dee625b5ed3852bee19d4d5d5cc3ebcf5509456f18de30545829f51ee7d

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36
Accept-Language
nl-NL,nl;q=0.9

Response headers

server
nginx
date
Fri, 03 Dec 2021 16:22:50 GMT
content-type
text/html; charset=utf-8
vary
Accept-Encoding
content-encoding
gzip
timing-allow-origin
*
index.html
517s61.reminews.com/dannig/common-player-arrow/ 		6 KB
7 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://517s61.reminews.com/dannig/common-player-arrow/index.html?var=1541502&ymid=21120311220ebce5751f024acfb4f3d5db53&rc=1&mrc=0&fsc=0&zoneid=1601571&tburl=https://play-vids.com/?geo=nl&proxy=true
Requested by
Host: kneeansweras.com
URL: https://kneeansweras.com/?r=dir&zoneid=1541502&var=1541501&pb=70810cddfb84509069dc856b272996991638555770&psp=16ro4R36VscLIdbOjWFeH1i5BIc6S38o_bIn0ztTlTd-95rv7w3PuKhsP4wmYXGr8WclkKG21aTTashNlMwq5EWsBkbcJ-JhlnymFIapCsfELs8QkAAJUVhfxK847ZgGCVr0IxWN6K1HcM_r22IGWaMglQrk2M63ef_4nrt584TUcAAPmQ96QHFH4EkGcWkP4uKF_M3Au0n8FDnZHFUGeq0AmCvC8BBklORk_qW4glYTqOxjoSP-FI833rhXWuN_neMl17oAPMv0Y-5__PPkFf6JnUuLO0b3VF3xW_258cCiLwJ30--HbZ4RKsdcQi5RqV-3fhxBNihkF1E84R5AIxSQYrSEn-6Lqj6hyQv12CdOBiielUs8VnrME2m1GlIwWPJ4CjAwlgEufnIuQJVwVN1PnP7j7pnaQXLlsWRJdLLq2O8VfusjIRZ1-lD8Qdh35vNMhyAC0BY3LoGBe7Zgyp-ba5l2PmmFWZe2Y2lOSIvG96bk1ZUFDeH8m4j1LdN56QYpAqYcxLbHKh_6jM34iLTEG-_PQwo3LUFCUjjBBzGk-RDD4zATXs4UY5ZLooO7vP0qpLTZsuBnVUke-9aFGyw-lgbN2cvKJ5tv6jAXrpY25yYA5gPyUe3F6BwkxqBahA0xtEYzP-wKIaEVhcjT1RQG-rUtAOvusEKAdswjZ27JIer6XySs7Q==&nojs=0&ix=0&t=0&x=1600&y=1200&wcks=1&wgl=1&cnvs=1&os=0&md=0&bb=0&pl=Chrome%20PDF%20Plugin::Chrome%20PDF%20Viewer::Native%20Client&lang=en-US&pf=Linux%20x86_64&cd=24&0&pload=127
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
45.133.44.3 Philadelphia, United States, ASN39572 (ADVANCEDHOSTERS-AS, NL),
Reverse DNS
Software
nginx/1.18.0 /
Resource Hash
dccc56b4834577790633f041a5c730b0f283352e63c8509a9da3961b170b6f96

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36
Accept-Language
nl-NL,nl;q=0.9

Response headers

date
Fri, 03 Dec 2021 16:22:50 GMT
content-type
text/html; charset=utf-8
content-length
6611
server
nginx/1.18.0
last-modified
Tue, 26 Oct 2021 15:52:40 GMT
etag
f46a63e0e4e733d7ddc6f46da00863bf
x-timestamp
1635263559.76455
x-trans-id
txf9973ab5455e4f86ae257-00617824f3
x-openstack-request-id
txf9973ab5455e4f86ae257-00617824f3
cache-control
max-age=172800
access-control-allow-origin
*
access-control-allow-methods
HEAD,GET,POST,PUT,PATCH,DELETE,OPTIONS
access-control-allow-headers
Content-Type,X-Requested-With,X-Auth-Token,X-Openstack-Request-Id,X-Container-Meta-type,X-Container-Meta-Temp-URL-Key,Authorization
access-control-expose-headers
X-Container-Meta-Temp-Url-Key,X-Container-Bytes-Used,Last-Modified,X-Timestamp
expires
Sun, 05 Dec 2021 16:22:50 GMT
vary
Accept-Encoding
x-proxy-cache
HIT
accept-ranges
bytes
dupa.gif
kneeansweras.com/ 		0
0
script.js
123.selornews.com/dannig/common-player-arrow/ 		4 KB
5 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://123.selornews.com/dannig/common-player-arrow/script.js?a=19
Requested by
Host: 517s61.reminews.com
URL: https://517s61.reminews.com/dannig/common-player-arrow/index.html?var=1541502&ymid=21120311220ebce5751f024acfb4f3d5db53&rc=1&mrc=0&fsc=0&zoneid=1601571&tburl=https://play-vids.com/?geo=nl&proxy=true
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
45.133.44.4 Philadelphia, United States, ASN39572 (ADVANCEDHOSTERS-AS, NL),
Reverse DNS
Software
nginx/1.18.0 /
Resource Hash
4d23eca65ee87fd5bce9aaefc863c5f836ad13dbb3069c72533bddfe2054d0d9

Request headers

Accept-Language
nl-NL,nl;q=0.9
Referer
https://517s61.reminews.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date
Fri, 03 Dec 2021 16:22:50 GMT
x-openstack-request-id
tx511d3042704c4fa98c709-00617824f4
x-trans-id
tx511d3042704c4fa98c709-00617824f4
x-timestamp
1631013005.68768
accept-ranges
bytes
expires
Sun, 05 Dec 2021 16:22:50 GMT
last-modified
Tue, 07 Sep 2021 11:10:06 GMT
server
nginx/1.18.0
etag
9d479878f1dadd7ee15cebf73891e8ae
vary
Accept-Encoding
access-control-allow-methods
HEAD,GET,POST,PUT,PATCH,DELETE,OPTIONS
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
access-control-expose-headers
X-Container-Meta-Temp-Url-Key,X-Container-Bytes-Used,Last-Modified,X-Timestamp
cache-control
max-age=172800
content-length
4281
access-control-allow-headers
Content-Type,X-Requested-With,X-Auth-Token,X-Openstack-Request-Id,X-Container-Meta-type,X-Container-Meta-Temp-URL-Key,Authorization
x-proxy-cache
HIT
icon1.png
123.selornews.com/dannig/common-player-arrow/img/ 		7 KB
8 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://123.selornews.com/dannig/common-player-arrow/img/icon1.png
Requested by
Host: 517s61.reminews.com
URL: https://517s61.reminews.com/dannig/common-player-arrow/index.html?var=1541502&ymid=21120311220ebce5751f024acfb4f3d5db53&rc=1&mrc=0&fsc=0&zoneid=1601571&tburl=https://play-vids.com/?geo=nl&proxy=true
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
45.133.44.4 Philadelphia, United States, ASN39572 (ADVANCEDHOSTERS-AS, NL),
Reverse DNS
Software
nginx/1.18.0 /
Resource Hash

Request headers

Accept-Language
nl-NL,nl;q=0.9
Referer
https://517s61.reminews.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date
Fri, 03 Dec 2021 16:22:50 GMT
x-openstack-request-id
tx3a371b7f911d47879e956-00617824f4
x-trans-id
tx3a371b7f911d47879e956-00617824f4
x-timestamp
1621260766.56573
accept-ranges
bytes
expires
Sun, 05 Dec 2021 16:22:50 GMT
last-modified
Mon, 17 May 2021 14:12:47 GMT
server
nginx/1.18.0
etag
3d0ab5834c8bf7134e4d21fa3288317f
vary
Accept-Encoding
access-control-allow-methods
HEAD,GET,POST,PUT,PATCH,DELETE,OPTIONS
content-type
image/png
access-control-allow-origin
*
access-control-expose-headers
X-Container-Meta-Temp-Url-Key,X-Container-Bytes-Used,Last-Modified,X-Timestamp
cache-control
max-age=172800
content-length
7252
access-control-allow-headers
Content-Type,X-Requested-With,X-Auth-Token,X-Openstack-Request-Id,X-Container-Meta-type,X-Container-Meta-Temp-URL-Key,Authorization
x-proxy-cache
HIT
icon2.png
123.selornews.com/dannig/common-player-arrow/img/ 		4 KB
5 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://123.selornews.com/dannig/common-player-arrow/img/icon2.png
Requested by
Host: 517s61.reminews.com
URL: https://517s61.reminews.com/dannig/common-player-arrow/index.html?var=1541502&ymid=21120311220ebce5751f024acfb4f3d5db53&rc=1&mrc=0&fsc=0&zoneid=1601571&tburl=https://play-vids.com/?geo=nl&proxy=true
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
45.133.44.4 Philadelphia, United States, ASN39572 (ADVANCEDHOSTERS-AS, NL),
Reverse DNS
Software
nginx/1.18.0 /
Resource Hash

Request headers

Accept-Language
nl-NL,nl;q=0.9
Referer
https://517s61.reminews.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date
Fri, 03 Dec 2021 16:22:50 GMT
x-openstack-request-id
txa9b08c83d6884e2e94886-00617824f0
x-trans-id
txa9b08c83d6884e2e94886-00617824f0
x-timestamp
1621260766.58366
accept-ranges
bytes
expires
Sun, 05 Dec 2021 16:22:50 GMT
last-modified
Mon, 17 May 2021 14:12:47 GMT
server
nginx/1.18.0
etag
c947d439eb93367f1af5b2a3d222f057
vary
Accept-Encoding
access-control-allow-methods
HEAD,GET,POST,PUT,PATCH,DELETE,OPTIONS
content-type
image/png
access-control-allow-origin
*
access-control-expose-headers
X-Container-Meta-Temp-Url-Key,X-Container-Bytes-Used,Last-Modified,X-Timestamp
cache-control
max-age=172800
content-length
4576
access-control-allow-headers
Content-Type,X-Requested-With,X-Auth-Token,X-Openstack-Request-Id,X-Container-Meta-type,X-Container-Meta-Temp-URL-Key,Authorization
x-proxy-cache
HIT
icon3.png
123.selornews.com/dannig/common-player-arrow/img/ 		8 KB
8 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://123.selornews.com/dannig/common-player-arrow/img/icon3.png
Requested by
Host: 517s61.reminews.com
URL: https://517s61.reminews.com/dannig/common-player-arrow/index.html?var=1541502&ymid=21120311220ebce5751f024acfb4f3d5db53&rc=1&mrc=0&fsc=0&zoneid=1601571&tburl=https://play-vids.com/?geo=nl&proxy=true
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
45.133.44.4 Philadelphia, United States, ASN39572 (ADVANCEDHOSTERS-AS, NL),
Reverse DNS
Software
nginx/1.18.0 /
Resource Hash

Request headers

Accept-Language
nl-NL,nl;q=0.9
Referer
https://517s61.reminews.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date
Fri, 03 Dec 2021 16:22:50 GMT
x-openstack-request-id
txe836bc800dc74cab8c17e-00617824f0
x-trans-id
txe836bc800dc74cab8c17e-00617824f0
x-timestamp
1621260770.61859
accept-ranges
bytes
expires
Sun, 05 Dec 2021 16:22:50 GMT
last-modified
Mon, 17 May 2021 14:12:51 GMT
server
nginx/1.18.0
etag
8f3cc830da0b1fdf66bda7d1d734747b
vary
Accept-Encoding
access-control-allow-methods
HEAD,GET,POST,PUT,PATCH,DELETE,OPTIONS
content-type
image/png
access-control-allow-origin
*
access-control-expose-headers
X-Container-Meta-Temp-Url-Key,X-Container-Bytes-Used,Last-Modified,X-Timestamp
cache-control
max-age=172800
content-length
7847
access-control-allow-headers
Content-Type,X-Requested-With,X-Auth-Token,X-Openstack-Request-Id,X-Container-Meta-type,X-Container-Meta-Temp-URL-Key,Authorization
x-proxy-cache
HIT
icon4.png
123.selornews.com/dannig/common-player-arrow/img/ 		7 KB
7 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://123.selornews.com/dannig/common-player-arrow/img/icon4.png
Requested by
Host: 517s61.reminews.com
URL: https://517s61.reminews.com/dannig/common-player-arrow/index.html?var=1541502&ymid=21120311220ebce5751f024acfb4f3d5db53&rc=1&mrc=0&fsc=0&zoneid=1601571&tburl=https://play-vids.com/?geo=nl&proxy=true
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
45.133.44.4 Philadelphia, United States, ASN39572 (ADVANCEDHOSTERS-AS, NL),
Reverse DNS
Software
nginx/1.18.0 /
Resource Hash

Request headers

Accept-Language
nl-NL,nl;q=0.9
Referer
https://517s61.reminews.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date
Fri, 03 Dec 2021 16:22:50 GMT
x-openstack-request-id
tx15b172dcb6084849bf123-00617824f0
x-trans-id
tx15b172dcb6084849bf123-00617824f0
x-timestamp
1621260766.57654
accept-ranges
bytes
expires
Sun, 05 Dec 2021 16:22:50 GMT
last-modified
Mon, 17 May 2021 14:12:47 GMT
server
nginx/1.18.0
etag
7ad7f32c1c0df7b4975cc41bda4ac435
vary
Accept-Encoding
access-control-allow-methods
HEAD,GET,POST,PUT,PATCH,DELETE,OPTIONS
content-type
image/png
access-control-allow-origin
*
access-control-expose-headers
X-Container-Meta-Temp-Url-Key,X-Container-Bytes-Used,Last-Modified,X-Timestamp
cache-control
max-age=172800
content-length
7032
access-control-allow-headers
Content-Type,X-Requested-With,X-Auth-Token,X-Openstack-Request-Id,X-Container-Meta-type,X-Container-Meta-Temp-URL-Key,Authorization
x-proxy-cache
HIT
icon5.png
123.selornews.com/dannig/common-player-arrow/img/ 		3 KB
4 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://123.selornews.com/dannig/common-player-arrow/img/icon5.png
Requested by
Host: 517s61.reminews.com
URL: https://517s61.reminews.com/dannig/common-player-arrow/index.html?var=1541502&ymid=21120311220ebce5751f024acfb4f3d5db53&rc=1&mrc=0&fsc=0&zoneid=1601571&tburl=https://play-vids.com/?geo=nl&proxy=true
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
45.133.44.4 Philadelphia, United States, ASN39572 (ADVANCEDHOSTERS-AS, NL),
Reverse DNS
Software
nginx/1.18.0 /
Resource Hash

Request headers

Accept-Language
nl-NL,nl;q=0.9
Referer
https://517s61.reminews.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date
Fri, 03 Dec 2021 16:22:50 GMT
x-openstack-request-id
txb5043e51fe2e4d6988631-00617824f0
x-trans-id
txb5043e51fe2e4d6988631-00617824f0
x-timestamp
1621260766.74516
accept-ranges
bytes
expires
Sun, 05 Dec 2021 16:22:50 GMT
last-modified
Mon, 17 May 2021 14:12:47 GMT
server
nginx/1.18.0
etag
1e1a7582b5da63e10485d63f97abc9a0
vary
Accept-Encoding
access-control-allow-methods
HEAD,GET,POST,PUT,PATCH,DELETE,OPTIONS
content-type
image/png
access-control-allow-origin
*
access-control-expose-headers
X-Container-Meta-Temp-Url-Key,X-Container-Bytes-Used,Last-Modified,X-Timestamp
cache-control
max-age=172800
content-length
3264
access-control-allow-headers
Content-Type,X-Requested-With,X-Auth-Token,X-Openstack-Request-Id,X-Container-Meta-type,X-Container-Meta-Temp-URL-Key,Authorization
x-proxy-cache
HIT
icon7.png
123.selornews.com/dannig/common-player-arrow/img/ 		3 KB
4 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://123.selornews.com/dannig/common-player-arrow/img/icon7.png
Requested by
Host: 517s61.reminews.com
URL: https://517s61.reminews.com/dannig/common-player-arrow/index.html?var=1541502&ymid=21120311220ebce5751f024acfb4f3d5db53&rc=1&mrc=0&fsc=0&zoneid=1601571&tburl=https://play-vids.com/?geo=nl&proxy=true
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
45.133.44.4 Philadelphia, United States, ASN39572 (ADVANCEDHOSTERS-AS, NL),
Reverse DNS
Software
nginx/1.18.0 /
Resource Hash

Request headers

Accept-Language
nl-NL,nl;q=0.9
Referer
https://517s61.reminews.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date
Fri, 03 Dec 2021 16:22:50 GMT
x-openstack-request-id
tx23eb648f44094a9e86fdc-00617824f0
x-trans-id
tx23eb648f44094a9e86fdc-00617824f0
x-timestamp
1621260767.43555
accept-ranges
bytes
expires
Sun, 05 Dec 2021 16:22:50 GMT
last-modified
Mon, 17 May 2021 14:12:48 GMT
server
nginx/1.18.0
etag
b512735542cb07b3b2dcf153a7dfe456
vary
Accept-Encoding
access-control-allow-methods
HEAD,GET,POST,PUT,PATCH,DELETE,OPTIONS
content-type
image/png
access-control-allow-origin
*
access-control-expose-headers
X-Container-Meta-Temp-Url-Key,X-Container-Bytes-Used,Last-Modified,X-Timestamp
cache-control
max-age=172800
content-length
3283
access-control-allow-headers
Content-Type,X-Requested-With,X-Auth-Token,X-Openstack-Request-Id,X-Container-Meta-type,X-Container-Meta-Temp-URL-Key,Authorization
x-proxy-cache
HIT
icon8.png
123.selornews.com/dannig/common-player-arrow/img/ 		4 KB
5 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://123.selornews.com/dannig/common-player-arrow/img/icon8.png
Requested by
Host: 517s61.reminews.com
URL: https://517s61.reminews.com/dannig/common-player-arrow/index.html?var=1541502&ymid=21120311220ebce5751f024acfb4f3d5db53&rc=1&mrc=0&fsc=0&zoneid=1601571&tburl=https://play-vids.com/?geo=nl&proxy=true
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
45.133.44.4 Philadelphia, United States, ASN39572 (ADVANCEDHOSTERS-AS, NL),
Reverse DNS
Software
nginx/1.18.0 /
Resource Hash

Request headers

Accept-Language
nl-NL,nl;q=0.9
Referer
https://517s61.reminews.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date
Fri, 03 Dec 2021 16:22:50 GMT
x-openstack-request-id
tx287de7c84de84b77b385d-00617824f0
x-trans-id
tx287de7c84de84b77b385d-00617824f0
x-timestamp
1621260767.46514
accept-ranges
bytes
expires
Sun, 05 Dec 2021 16:22:50 GMT
last-modified
Mon, 17 May 2021 14:12:48 GMT
server
nginx/1.18.0
etag
f92d6474ebc6a3a0b576749cfb4afe98
vary
Accept-Encoding
access-control-allow-methods
HEAD,GET,POST,PUT,PATCH,DELETE,OPTIONS
content-type
image/png
access-control-allow-origin
*
access-control-expose-headers
X-Container-Meta-Temp-Url-Key,X-Container-Bytes-Used,Last-Modified,X-Timestamp
cache-control
max-age=172800
content-length
4064
access-control-allow-headers
Content-Type,X-Requested-With,X-Auth-Token,X-Openstack-Request-Id,X-Container-Meta-type,X-Container-Meta-Temp-URL-Key,Authorization
x-proxy-cache
HIT
afu.php
kneeansweras.com/ 		2 KB
1 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://kneeansweras.com/afu.php?zoneid=1541501&var=1541502
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
109.206.162.83 , Netherlands, ASN50245 (SERVEREL-AS, NL),
Reverse DNS
83.162.serverel.net
Software
nginx /
Resource Hash
fef9e63ff0633417e99ac3747bf1186a46581880faaeb8a2e271aedf63dca05e

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36
Accept-Language
nl-NL,nl;q=0.9

Response headers

server
nginx
date
Fri, 03 Dec 2021 16:22:50 GMT
content-type
text/html; charset=utf-8
vary
Accept-Encoding
content-encoding
gzip
timing-allow-origin
*
submit.min.js
kneeansweras.com/ 		34 KB
14 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://kneeansweras.com/submit.min.js?2.0
Requested by
Host: kneeansweras.com
URL: https://kneeansweras.com/afu.php?zoneid=1541501&var=1541502
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
109.206.162.83 , Netherlands, ASN50245 (SERVEREL-AS, NL),
Reverse DNS
83.162.serverel.net
Software
nginx /
Resource Hash
85a367f436675a0f9ff723ab117c68ab0f704cd9f183bc40c8d5e06d647832b8

Request headers

Accept-Language
nl-NL,nl;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date
Fri, 03 Dec 2021 16:22:50 GMT
content-encoding
gzip
last-modified
Thu, 02 Dec 2021 12:43:17 GMT
server
nginx
etag
W/"61a8bf65-87fb"
vary
Accept-Encoding
content-type
application/javascript
timing-allow-origin
*
/
kneeansweras.com/ 		3 KB
2 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://kneeansweras.com/?r=dir&zoneid=1541501&var=1541502&pb=70810cddfb84509069dc856b272996991638555770&psp=-KSJ3SKRD9hQzFS5o_H1TdANqp2A_nZUJGcOSHrNi48f3Nv3ynjFCYMFJKCEvlJ-sfr3eibiycHnpyGX6kKUEFWSy62NAGmHI6SrwdaMgI6OjDU3c6jWnEG81L9_UYwJiA31YdJ1v7pnActE8FhygIg2wv6rlQMdl31j-3N_bitHsAJGMaf0dyWv9wBFYCr2jhDuGjmF4v9WJ37T19alwB55g9RvPnA2wexKr6qxsRt4tClTBG1qK33_PlhhsrBKG-D6oGlD674fQDcyVPW0LqmwpesLHkhW_dQXQEQhQhkMQl_-9pD8noJiERRIpdoAlgdy9h294PUk-GWj082j5pQYY8CYgW6qbhTIWYOK2YZSbWcZjSTLZrM7ysxqte8ig0ceSQEtBam0S4MM-jm-iL0SmC8fJSt9dSBnRVdWclf_pCsXqeaSPJOxADzHQGirVBkqkIOJ2uonVNqp7v0L-muLyrQC3rJ5imJRy7J5pflXubxt3r_EprJYxLukl1b0exlGl60URLHtBZBBiRAkmjUVlEq4NoOAYwaGrpD-wvP6ytzRqCr3nDCUErRXNNTZiGYMzUiKcB0sz71Odo3otsLYb6DqQOYDJ0CyFbdw7GjcmoY86qi0_s8SAkHYr85lcAwTspPRBK0UAGDUaZ6gZWlzoxl2rIjEOn84BNFLdgX5UGnkhcpYRw==&nojs=0&ix=0&t=0&x=1600&y=1200&wcks=1&wgl=1&cnvs=1&os=0&md=0&bb=0&pl=Chrome%20PDF%20Plugin::Chrome%20PDF%20Viewer::Native%20Client&lang=en-US&pf=Linux%20x86_64&cd=24&0&pload=106
Requested by
Host: kneeansweras.com
URL: https://kneeansweras.com/submit.min.js?2.0
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
109.206.162.83 , Netherlands, ASN50245 (SERVEREL-AS, NL),
Reverse DNS
83.162.serverel.net
Software
nginx /
Resource Hash
5bb431dd6225028b5afa8371a0cd24aca0a65b8d08e6b2a5fbedf6fce166f7c4

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36
Accept-Language
nl-NL,nl;q=0.9

Response headers

server
nginx
date
Fri, 03 Dec 2021 16:22:50 GMT
content-type
text/html; charset=utf-8
vary
Accept-Encoding
content-encoding
gzip
timing-allow-origin
*
index.html
517s61.reminews.com/dannig/common-player-arrow/ 		6 KB
7 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://517s61.reminews.com/dannig/common-player-arrow/index.html?var=1541501&ymid=2112031122cc5adafba0c8497ab6a3e04335&rc=1&mrc=0&fsc=0&zoneid=1601571&tburl=https://play-vids.com/?geo=nl&proxy=true
Requested by
Host: kneeansweras.com
URL: https://kneeansweras.com/?r=dir&zoneid=1541501&var=1541502&pb=70810cddfb84509069dc856b272996991638555770&psp=-KSJ3SKRD9hQzFS5o_H1TdANqp2A_nZUJGcOSHrNi48f3Nv3ynjFCYMFJKCEvlJ-sfr3eibiycHnpyGX6kKUEFWSy62NAGmHI6SrwdaMgI6OjDU3c6jWnEG81L9_UYwJiA31YdJ1v7pnActE8FhygIg2wv6rlQMdl31j-3N_bitHsAJGMaf0dyWv9wBFYCr2jhDuGjmF4v9WJ37T19alwB55g9RvPnA2wexKr6qxsRt4tClTBG1qK33_PlhhsrBKG-D6oGlD674fQDcyVPW0LqmwpesLHkhW_dQXQEQhQhkMQl_-9pD8noJiERRIpdoAlgdy9h294PUk-GWj082j5pQYY8CYgW6qbhTIWYOK2YZSbWcZjSTLZrM7ysxqte8ig0ceSQEtBam0S4MM-jm-iL0SmC8fJSt9dSBnRVdWclf_pCsXqeaSPJOxADzHQGirVBkqkIOJ2uonVNqp7v0L-muLyrQC3rJ5imJRy7J5pflXubxt3r_EprJYxLukl1b0exlGl60URLHtBZBBiRAkmjUVlEq4NoOAYwaGrpD-wvP6ytzRqCr3nDCUErRXNNTZiGYMzUiKcB0sz71Odo3otsLYb6DqQOYDJ0CyFbdw7GjcmoY86qi0_s8SAkHYr85lcAwTspPRBK0UAGDUaZ6gZWlzoxl2rIjEOn84BNFLdgX5UGnkhcpYRw==&nojs=0&ix=0&t=0&x=1600&y=1200&wcks=1&wgl=1&cnvs=1&os=0&md=0&bb=0&pl=Chrome%20PDF%20Plugin::Chrome%20PDF%20Viewer::Native%20Client&lang=en-US&pf=Linux%20x86_64&cd=24&0&pload=106
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
45.133.44.3 Philadelphia, United States, ASN39572 (ADVANCEDHOSTERS-AS, NL),
Reverse DNS
Software
nginx/1.18.0 /
Resource Hash
dccc56b4834577790633f041a5c730b0f283352e63c8509a9da3961b170b6f96

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36
Accept-Language
nl-NL,nl;q=0.9

Response headers

date
Fri, 03 Dec 2021 16:22:50 GMT
content-type
text/html; charset=utf-8
content-length
6611
server
nginx/1.18.0
last-modified
Tue, 26 Oct 2021 15:52:40 GMT
etag
f46a63e0e4e733d7ddc6f46da00863bf
x-timestamp
1635263559.76455
x-trans-id
txf9973ab5455e4f86ae257-00617824f3
x-openstack-request-id
txf9973ab5455e4f86ae257-00617824f3
cache-control
max-age=172800
access-control-allow-origin
*
access-control-allow-methods
HEAD,GET,POST,PUT,PATCH,DELETE,OPTIONS
access-control-allow-headers
Content-Type,X-Requested-With,X-Auth-Token,X-Openstack-Request-Id,X-Container-Meta-type,X-Container-Meta-Temp-URL-Key,Authorization
access-control-expose-headers
X-Container-Meta-Temp-Url-Key,X-Container-Bytes-Used,Last-Modified,X-Timestamp
expires
Sun, 05 Dec 2021 16:22:50 GMT
vary
Accept-Encoding
x-proxy-cache
HIT
accept-ranges
bytes
dupa.gif
kneeansweras.com/ 		0
0
script.js
123.selornews.com/dannig/common-player-arrow/ 		4 KB
5 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://123.selornews.com/dannig/common-player-arrow/script.js?a=19
Requested by
Host: 517s61.reminews.com
URL: https://517s61.reminews.com/dannig/common-player-arrow/index.html?var=1541501&ymid=2112031122cc5adafba0c8497ab6a3e04335&rc=1&mrc=0&fsc=0&zoneid=1601571&tburl=https://play-vids.com/?geo=nl&proxy=true
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
45.133.44.4 Philadelphia, United States, ASN39572 (ADVANCEDHOSTERS-AS, NL),
Reverse DNS
Software
nginx/1.18.0 /
Resource Hash
4d23eca65ee87fd5bce9aaefc863c5f836ad13dbb3069c72533bddfe2054d0d9

Request headers

Accept-Language
nl-NL,nl;q=0.9
Referer
https://517s61.reminews.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date
Fri, 03 Dec 2021 16:22:50 GMT
x-openstack-request-id
tx511d3042704c4fa98c709-00617824f4
x-trans-id
tx511d3042704c4fa98c709-00617824f4
x-timestamp
1631013005.68768
accept-ranges
bytes
expires
Sun, 05 Dec 2021 16:22:50 GMT
last-modified
Tue, 07 Sep 2021 11:10:06 GMT
server
nginx/1.18.0
etag
9d479878f1dadd7ee15cebf73891e8ae
vary
Accept-Encoding
access-control-allow-methods
HEAD,GET,POST,PUT,PATCH,DELETE,OPTIONS
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
access-control-expose-headers
X-Container-Meta-Temp-Url-Key,X-Container-Bytes-Used,Last-Modified,X-Timestamp
cache-control
max-age=172800
content-length
4281
access-control-allow-headers
Content-Type,X-Requested-With,X-Auth-Token,X-Openstack-Request-Id,X-Container-Meta-type,X-Container-Meta-Temp-URL-Key,Authorization
x-proxy-cache
HIT
icon1.png
123.selornews.com/dannig/common-player-arrow/img/ 		7 KB
8 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://123.selornews.com/dannig/common-player-arrow/img/icon1.png
Requested by
Host: 517s61.reminews.com
URL: https://517s61.reminews.com/dannig/common-player-arrow/index.html?var=1541501&ymid=2112031122cc5adafba0c8497ab6a3e04335&rc=1&mrc=0&fsc=0&zoneid=1601571&tburl=https://play-vids.com/?geo=nl&proxy=true
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
45.133.44.4 Philadelphia, United States, ASN39572 (ADVANCEDHOSTERS-AS, NL),
Reverse DNS
Software
nginx/1.18.0 /
Resource Hash
0515ddd9185d263874e7b66bb6d521fcd63b857aac5fed51c08df98026dafe27

Request headers

Accept-Language
nl-NL,nl;q=0.9
Referer
https://517s61.reminews.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date
Fri, 03 Dec 2021 16:22:50 GMT
x-openstack-request-id
tx3a371b7f911d47879e956-00617824f4
x-trans-id
tx3a371b7f911d47879e956-00617824f4
x-timestamp
1621260766.56573
accept-ranges
bytes
expires
Sun, 05 Dec 2021 16:22:50 GMT
last-modified
Mon, 17 May 2021 14:12:47 GMT
server
nginx/1.18.0
etag
3d0ab5834c8bf7134e4d21fa3288317f
vary
Accept-Encoding
access-control-allow-methods
HEAD,GET,POST,PUT,PATCH,DELETE,OPTIONS
content-type
image/png
access-control-allow-origin
*
access-control-expose-headers
X-Container-Meta-Temp-Url-Key,X-Container-Bytes-Used,Last-Modified,X-Timestamp
cache-control
max-age=172800
content-length
7252
access-control-allow-headers
Content-Type,X-Requested-With,X-Auth-Token,X-Openstack-Request-Id,X-Container-Meta-type,X-Container-Meta-Temp-URL-Key,Authorization
x-proxy-cache
HIT
icon2.png
123.selornews.com/dannig/common-player-arrow/img/ 		4 KB
5 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://123.selornews.com/dannig/common-player-arrow/img/icon2.png
Requested by
Host: 517s61.reminews.com
URL: https://517s61.reminews.com/dannig/common-player-arrow/index.html?var=1541501&ymid=2112031122cc5adafba0c8497ab6a3e04335&rc=1&mrc=0&fsc=0&zoneid=1601571&tburl=https://play-vids.com/?geo=nl&proxy=true
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
45.133.44.4 Philadelphia, United States, ASN39572 (ADVANCEDHOSTERS-AS, NL),
Reverse DNS
Software
nginx/1.18.0 /
Resource Hash

Request headers

Accept-Language
nl-NL,nl;q=0.9
Referer
https://517s61.reminews.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date
Fri, 03 Dec 2021 16:22:50 GMT
x-openstack-request-id
txa9b08c83d6884e2e94886-00617824f0
x-trans-id
txa9b08c83d6884e2e94886-00617824f0
x-timestamp
1621260766.58366
accept-ranges
bytes
expires
Sun, 05 Dec 2021 16:22:50 GMT
last-modified
Mon, 17 May 2021 14:12:47 GMT
server
nginx/1.18.0
etag
c947d439eb93367f1af5b2a3d222f057
vary
Accept-Encoding
access-control-allow-methods
HEAD,GET,POST,PUT,PATCH,DELETE,OPTIONS
content-type
image/png
access-control-allow-origin
*
access-control-expose-headers
X-Container-Meta-Temp-Url-Key,X-Container-Bytes-Used,Last-Modified,X-Timestamp
cache-control
max-age=172800
content-length
4576
access-control-allow-headers
Content-Type,X-Requested-With,X-Auth-Token,X-Openstack-Request-Id,X-Container-Meta-type,X-Container-Meta-Temp-URL-Key,Authorization
x-proxy-cache
HIT
icon3.png
123.selornews.com/dannig/common-player-arrow/img/ 		8 KB
8 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://123.selornews.com/dannig/common-player-arrow/img/icon3.png
Requested by
Host: 517s61.reminews.com
URL: https://517s61.reminews.com/dannig/common-player-arrow/index.html?var=1541501&ymid=2112031122cc5adafba0c8497ab6a3e04335&rc=1&mrc=0&fsc=0&zoneid=1601571&tburl=https://play-vids.com/?geo=nl&proxy=true
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
45.133.44.4 Philadelphia, United States, ASN39572 (ADVANCEDHOSTERS-AS, NL),
Reverse DNS
Software
nginx/1.18.0 /
Resource Hash

Request headers

Accept-Language
nl-NL,nl;q=0.9
Referer
https://517s61.reminews.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date
Fri, 03 Dec 2021 16:22:50 GMT
x-openstack-request-id
txe836bc800dc74cab8c17e-00617824f0
x-trans-id
txe836bc800dc74cab8c17e-00617824f0
x-timestamp
1621260770.61859
accept-ranges
bytes
expires
Sun, 05 Dec 2021 16:22:50 GMT
last-modified
Mon, 17 May 2021 14:12:51 GMT
server
nginx/1.18.0
etag
8f3cc830da0b1fdf66bda7d1d734747b
vary
Accept-Encoding
access-control-allow-methods
HEAD,GET,POST,PUT,PATCH,DELETE,OPTIONS
content-type
image/png
access-control-allow-origin
*
access-control-expose-headers
X-Container-Meta-Temp-Url-Key,X-Container-Bytes-Used,Last-Modified,X-Timestamp
cache-control
max-age=172800
content-length
7847
access-control-allow-headers
Content-Type,X-Requested-With,X-Auth-Token,X-Openstack-Request-Id,X-Container-Meta-type,X-Container-Meta-Temp-URL-Key,Authorization
x-proxy-cache
HIT
icon4.png
123.selornews.com/dannig/common-player-arrow/img/ 		7 KB
7 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://123.selornews.com/dannig/common-player-arrow/img/icon4.png
Requested by
Host: 517s61.reminews.com
URL: https://517s61.reminews.com/dannig/common-player-arrow/index.html?var=1541501&ymid=2112031122cc5adafba0c8497ab6a3e04335&rc=1&mrc=0&fsc=0&zoneid=1601571&tburl=https://play-vids.com/?geo=nl&proxy=true
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
45.133.44.4 Philadelphia, United States, ASN39572 (ADVANCEDHOSTERS-AS, NL),
Reverse DNS
Software
nginx/1.18.0 /
Resource Hash

Request headers

Accept-Language
nl-NL,nl;q=0.9
Referer
https://517s61.reminews.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date
Fri, 03 Dec 2021 16:22:50 GMT
x-openstack-request-id
tx15b172dcb6084849bf123-00617824f0
x-trans-id
tx15b172dcb6084849bf123-00617824f0
x-timestamp
1621260766.57654
accept-ranges
bytes
expires
Sun, 05 Dec 2021 16:22:50 GMT
last-modified
Mon, 17 May 2021 14:12:47 GMT
server
nginx/1.18.0
etag
7ad7f32c1c0df7b4975cc41bda4ac435
vary
Accept-Encoding
access-control-allow-methods
HEAD,GET,POST,PUT,PATCH,DELETE,OPTIONS
content-type
image/png
access-control-allow-origin
*
access-control-expose-headers
X-Container-Meta-Temp-Url-Key,X-Container-Bytes-Used,Last-Modified,X-Timestamp
cache-control
max-age=172800
content-length
7032
access-control-allow-headers
Content-Type,X-Requested-With,X-Auth-Token,X-Openstack-Request-Id,X-Container-Meta-type,X-Container-Meta-Temp-URL-Key,Authorization
x-proxy-cache
HIT
icon5.png
123.selornews.com/dannig/common-player-arrow/img/ 		3 KB
4 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://123.selornews.com/dannig/common-player-arrow/img/icon5.png
Requested by
Host: 517s61.reminews.com
URL: https://517s61.reminews.com/dannig/common-player-arrow/index.html?var=1541501&ymid=2112031122cc5adafba0c8497ab6a3e04335&rc=1&mrc=0&fsc=0&zoneid=1601571&tburl=https://play-vids.com/?geo=nl&proxy=true
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
45.133.44.4 Philadelphia, United States, ASN39572 (ADVANCEDHOSTERS-AS, NL),
Reverse DNS
Software
nginx/1.18.0 /
Resource Hash

Request headers

Accept-Language
nl-NL,nl;q=0.9
Referer
https://517s61.reminews.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date
Fri, 03 Dec 2021 16:22:50 GMT
x-openstack-request-id
txb5043e51fe2e4d6988631-00617824f0
x-trans-id
txb5043e51fe2e4d6988631-00617824f0
x-timestamp
1621260766.74516
accept-ranges
bytes
expires
Sun, 05 Dec 2021 16:22:50 GMT
last-modified
Mon, 17 May 2021 14:12:47 GMT
server
nginx/1.18.0
etag
1e1a7582b5da63e10485d63f97abc9a0
vary
Accept-Encoding
access-control-allow-methods
HEAD,GET,POST,PUT,PATCH,DELETE,OPTIONS
content-type
image/png
access-control-allow-origin
*
access-control-expose-headers
X-Container-Meta-Temp-Url-Key,X-Container-Bytes-Used,Last-Modified,X-Timestamp
cache-control
max-age=172800
content-length
3264
access-control-allow-headers
Content-Type,X-Requested-With,X-Auth-Token,X-Openstack-Request-Id,X-Container-Meta-type,X-Container-Meta-Temp-URL-Key,Authorization
x-proxy-cache
HIT
icon7.png
123.selornews.com/dannig/common-player-arrow/img/ 		3 KB
4 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://123.selornews.com/dannig/common-player-arrow/img/icon7.png
Requested by
Host: 517s61.reminews.com
URL: https://517s61.reminews.com/dannig/common-player-arrow/index.html?var=1541501&ymid=2112031122cc5adafba0c8497ab6a3e04335&rc=1&mrc=0&fsc=0&zoneid=1601571&tburl=https://play-vids.com/?geo=nl&proxy=true
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
45.133.44.4 Philadelphia, United States, ASN39572 (ADVANCEDHOSTERS-AS, NL),
Reverse DNS
Software
nginx/1.18.0 /
Resource Hash

Request headers

Accept-Language
nl-NL,nl;q=0.9
Referer
https://517s61.reminews.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date
Fri, 03 Dec 2021 16:22:50 GMT
x-openstack-request-id
tx23eb648f44094a9e86fdc-00617824f0
x-trans-id
tx23eb648f44094a9e86fdc-00617824f0
x-timestamp
1621260767.43555
accept-ranges
bytes
expires
Sun, 05 Dec 2021 16:22:50 GMT
last-modified
Mon, 17 May 2021 14:12:48 GMT
server
nginx/1.18.0
etag
b512735542cb07b3b2dcf153a7dfe456
vary
Accept-Encoding
access-control-allow-methods
HEAD,GET,POST,PUT,PATCH,DELETE,OPTIONS
content-type
image/png
access-control-allow-origin
*
access-control-expose-headers
X-Container-Meta-Temp-Url-Key,X-Container-Bytes-Used,Last-Modified,X-Timestamp
cache-control
max-age=172800
content-length
3283
access-control-allow-headers
Content-Type,X-Requested-With,X-Auth-Token,X-Openstack-Request-Id,X-Container-Meta-type,X-Container-Meta-Temp-URL-Key,Authorization
x-proxy-cache
HIT
icon8.png
123.selornews.com/dannig/common-player-arrow/img/ 		4 KB
5 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://123.selornews.com/dannig/common-player-arrow/img/icon8.png
Requested by
Host: 517s61.reminews.com
URL: https://517s61.reminews.com/dannig/common-player-arrow/index.html?var=1541501&ymid=2112031122cc5adafba0c8497ab6a3e04335&rc=1&mrc=0&fsc=0&zoneid=1601571&tburl=https://play-vids.com/?geo=nl&proxy=true
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
45.133.44.4 Philadelphia, United States, ASN39572 (ADVANCEDHOSTERS-AS, NL),
Reverse DNS
Software
nginx/1.18.0 /
Resource Hash

Request headers

Accept-Language
nl-NL,nl;q=0.9
Referer
https://517s61.reminews.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date
Fri, 03 Dec 2021 16:22:50 GMT
x-openstack-request-id
tx287de7c84de84b77b385d-00617824f0
x-trans-id
tx287de7c84de84b77b385d-00617824f0
x-timestamp
1621260767.46514
accept-ranges
bytes
expires
Sun, 05 Dec 2021 16:22:50 GMT
last-modified
Mon, 17 May 2021 14:12:48 GMT
server
nginx/1.18.0
etag
f92d6474ebc6a3a0b576749cfb4afe98
vary
Accept-Encoding
access-control-allow-methods
HEAD,GET,POST,PUT,PATCH,DELETE,OPTIONS
content-type
image/png
access-control-allow-origin
*
access-control-expose-headers
X-Container-Meta-Temp-Url-Key,X-Container-Bytes-Used,Last-Modified,X-Timestamp
cache-control
max-age=172800
content-length
4064
access-control-allow-headers
Content-Type,X-Requested-With,X-Auth-Token,X-Openstack-Request-Id,X-Container-Meta-type,X-Container-Meta-Temp-URL-Key,Authorization
x-proxy-cache
HIT
afu.php
kneeansweras.com/ 		2 KB
1 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://kneeansweras.com/afu.php?zoneid=1541502&var=1541501
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
109.206.162.83 , Netherlands, ASN50245 (SERVEREL-AS, NL),
Reverse DNS
83.162.serverel.net
Software
nginx /
Resource Hash
e8ab2b9d173566d5a9d82d6f646379dcdfb689b699332f41ca0b4b24ac077a7d

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36
Accept-Language
nl-NL,nl;q=0.9

Response headers

server
nginx
date
Fri, 03 Dec 2021 16:22:50 GMT
content-type
text/html; charset=utf-8
vary
Accept-Encoding
content-encoding
gzip
timing-allow-origin
*
submit.min.js
kneeansweras.com/ 		34 KB
14 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://kneeansweras.com/submit.min.js?2.0
Requested by
Host: kneeansweras.com
URL: https://kneeansweras.com/afu.php?zoneid=1541502&var=1541501
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
109.206.162.83 , Netherlands, ASN50245 (SERVEREL-AS, NL),
Reverse DNS
83.162.serverel.net
Software
nginx /
Resource Hash
85a367f436675a0f9ff723ab117c68ab0f704cd9f183bc40c8d5e06d647832b8

Request headers

Accept-Language
nl-NL,nl;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date
Fri, 03 Dec 2021 16:22:51 GMT
content-encoding
gzip
last-modified
Thu, 02 Dec 2021 12:43:17 GMT
server
nginx
etag
W/"61a8bf65-87fb"
vary
Accept-Encoding
content-type
application/javascript
timing-allow-origin
*
/
kneeansweras.com/ 		3 KB
2 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://kneeansweras.com/?r=dir&zoneid=1541502&var=1541501&pb=70810cddfb84509069dc856b272996991638555770&psp=l6ON0LDJn7nDtsyBr45e_vmoApPPftlAZOZihexME3gujG6SZCXCN4b_Kf73C0_CPKG8K8F2nA5EmF8WVb6eaxR56eN1UDIbBrfNk5kfMI1dWKingSbYR04zEDC_PpYucpvel2DovmNXIVig64VU4Xoe5umbJOYhhq6wX_U73Yr2eZwAE0ldvc0N8GaKgXf5ALcJIvff7HRMblxACE5i3ZVgNiXMz3oNAzpzLb3FHkE7RYiz1DtImFnnmZzGYlEN_4mkQjT3plhg97l5z6sPUXomQH8tBP_nq2cExAczERQZnlJpZ-z8QyfH9Jp36vbvsnhAf16zA06YX-lS5mLfI6HZzxBI7FSMjs9EIk1zg7uEMOW8vpwBVlqTRfGavBEXdpW0A6beE-x7N0hti11jGjeKrmQbY_hrmLVvWY_FCZsJ8OLlOVenC9mY1A5IbW3x3k7m2ly9N8awsTiWs8WGPbxjZrk6lA0x2sn67Gluo94Km94-p8XqEInPTErpBrOii0cHJ1j02tg_UD85yAGc5Rve6hOzBQnB5Cqn2Qzd9E6aZ1LFIWVtf867qmJF6vMY8NxxmqYvmx6UBW2pXCga21dzvaQpyZUNyDY-OuXYnjC8_bRZZxtAdgy6Wcg0AE1QFe6yDS4i0NFHA2SwEn_hk2NmsL0o8KSjfqjStT1AYCDnXkaUx8-1dA==&nojs=0&ix=0&t=0&x=1600&y=1200&wcks=1&wgl=1&cnvs=1&os=0&md=0&bb=0&pl=Chrome%20PDF%20Plugin::Chrome%20PDF%20Viewer::Native%20Client&lang=en-US&pf=Linux%20x86_64&cd=24&0&pload=99
Requested by
Host: kneeansweras.com
URL: https://kneeansweras.com/submit.min.js?2.0
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
109.206.162.83 , Netherlands, ASN50245 (SERVEREL-AS, NL),
Reverse DNS
83.162.serverel.net
Software
nginx /
Resource Hash
0106cd817647380590425cfbc14b1c2ae0605de1a438b7861a8657d4acef3eab

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36
Accept-Language
nl-NL,nl;q=0.9

Response headers

server
nginx
date
Fri, 03 Dec 2021 16:22:51 GMT
content-type
text/html; charset=utf-8
vary
Accept-Encoding
content-encoding
gzip
timing-allow-origin
*
index.html
517s61.reminews.com/dannig/common-player-arrow/ 		6 KB
7 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://517s61.reminews.com/dannig/common-player-arrow/index.html?var=1541502&ymid=21120311220885a0570f6845089268a5447e&rc=1&mrc=0&fsc=0&zoneid=1601571&tburl=https://play-vids.com/?geo=nl&proxy=true
Requested by
Host: kneeansweras.com
URL: https://kneeansweras.com/?r=dir&zoneid=1541502&var=1541501&pb=70810cddfb84509069dc856b272996991638555770&psp=l6ON0LDJn7nDtsyBr45e_vmoApPPftlAZOZihexME3gujG6SZCXCN4b_Kf73C0_CPKG8K8F2nA5EmF8WVb6eaxR56eN1UDIbBrfNk5kfMI1dWKingSbYR04zEDC_PpYucpvel2DovmNXIVig64VU4Xoe5umbJOYhhq6wX_U73Yr2eZwAE0ldvc0N8GaKgXf5ALcJIvff7HRMblxACE5i3ZVgNiXMz3oNAzpzLb3FHkE7RYiz1DtImFnnmZzGYlEN_4mkQjT3plhg97l5z6sPUXomQH8tBP_nq2cExAczERQZnlJpZ-z8QyfH9Jp36vbvsnhAf16zA06YX-lS5mLfI6HZzxBI7FSMjs9EIk1zg7uEMOW8vpwBVlqTRfGavBEXdpW0A6beE-x7N0hti11jGjeKrmQbY_hrmLVvWY_FCZsJ8OLlOVenC9mY1A5IbW3x3k7m2ly9N8awsTiWs8WGPbxjZrk6lA0x2sn67Gluo94Km94-p8XqEInPTErpBrOii0cHJ1j02tg_UD85yAGc5Rve6hOzBQnB5Cqn2Qzd9E6aZ1LFIWVtf867qmJF6vMY8NxxmqYvmx6UBW2pXCga21dzvaQpyZUNyDY-OuXYnjC8_bRZZxtAdgy6Wcg0AE1QFe6yDS4i0NFHA2SwEn_hk2NmsL0o8KSjfqjStT1AYCDnXkaUx8-1dA==&nojs=0&ix=0&t=0&x=1600&y=1200&wcks=1&wgl=1&cnvs=1&os=0&md=0&bb=0&pl=Chrome%20PDF%20Plugin::Chrome%20PDF%20Viewer::Native%20Client&lang=en-US&pf=Linux%20x86_64&cd=24&0&pload=99
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
45.133.44.3 Philadelphia, United States, ASN39572 (ADVANCEDHOSTERS-AS, NL),
Reverse DNS
Software
nginx/1.18.0 /
Resource Hash
dccc56b4834577790633f041a5c730b0f283352e63c8509a9da3961b170b6f96

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36
Accept-Language
nl-NL,nl;q=0.9

Response headers

date
Fri, 03 Dec 2021 16:22:51 GMT
content-type
text/html; charset=utf-8
content-length
6611
server
nginx/1.18.0
last-modified
Tue, 26 Oct 2021 15:52:40 GMT
etag
f46a63e0e4e733d7ddc6f46da00863bf
x-timestamp
1635263559.76455
x-trans-id
txf9973ab5455e4f86ae257-00617824f3
x-openstack-request-id
txf9973ab5455e4f86ae257-00617824f3
cache-control
max-age=172800
access-control-allow-origin
*
access-control-allow-methods
HEAD,GET,POST,PUT,PATCH,DELETE,OPTIONS
access-control-allow-headers
Content-Type,X-Requested-With,X-Auth-Token,X-Openstack-Request-Id,X-Container-Meta-type,X-Container-Meta-Temp-URL-Key,Authorization
access-control-expose-headers
X-Container-Meta-Temp-Url-Key,X-Container-Bytes-Used,Last-Modified,X-Timestamp
expires
Sun, 05 Dec 2021 16:22:51 GMT
vary
Accept-Encoding
x-proxy-cache
HIT
accept-ranges
bytes
dupa.gif
kneeansweras.com/ 		0
0
script.js
123.selornews.com/dannig/common-player-arrow/ 		4 KB
5 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://123.selornews.com/dannig/common-player-arrow/script.js?a=19
Requested by
Host: 517s61.reminews.com
URL: https://517s61.reminews.com/dannig/common-player-arrow/index.html?var=1541502&ymid=21120311220885a0570f6845089268a5447e&rc=1&mrc=0&fsc=0&zoneid=1601571&tburl=https://play-vids.com/?geo=nl&proxy=true
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
45.133.44.4 Philadelphia, United States, ASN39572 (ADVANCEDHOSTERS-AS, NL),
Reverse DNS
Software
nginx/1.18.0 /
Resource Hash
4d23eca65ee87fd5bce9aaefc863c5f836ad13dbb3069c72533bddfe2054d0d9

Request headers

Accept-Language
nl-NL,nl;q=0.9
Referer
https://517s61.reminews.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date
Fri, 03 Dec 2021 16:22:51 GMT
x-openstack-request-id
tx511d3042704c4fa98c709-00617824f4
x-trans-id
tx511d3042704c4fa98c709-00617824f4
x-timestamp
1631013005.68768
accept-ranges
bytes
expires
Sun, 05 Dec 2021 16:22:51 GMT
last-modified
Tue, 07 Sep 2021 11:10:06 GMT
server
nginx/1.18.0
etag
9d479878f1dadd7ee15cebf73891e8ae
vary
Accept-Encoding
access-control-allow-methods
HEAD,GET,POST,PUT,PATCH,DELETE,OPTIONS
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
access-control-expose-headers
X-Container-Meta-Temp-Url-Key,X-Container-Bytes-Used,Last-Modified,X-Timestamp
cache-control
max-age=172800
content-length
4281
access-control-allow-headers
Content-Type,X-Requested-With,X-Auth-Token,X-Openstack-Request-Id,X-Container-Meta-type,X-Container-Meta-Temp-URL-Key,Authorization
x-proxy-cache
HIT
icon1.png
123.selornews.com/dannig/common-player-arrow/img/ 		7 KB
8 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://123.selornews.com/dannig/common-player-arrow/img/icon1.png
Requested by
Host: 517s61.reminews.com
URL: https://517s61.reminews.com/dannig/common-player-arrow/index.html?var=1541502&ymid=21120311220885a0570f6845089268a5447e&rc=1&mrc=0&fsc=0&zoneid=1601571&tburl=https://play-vids.com/?geo=nl&proxy=true
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
45.133.44.4 Philadelphia, United States, ASN39572 (ADVANCEDHOSTERS-AS, NL),
Reverse DNS
Software
nginx/1.18.0 /
Resource Hash

Request headers

Accept-Language
nl-NL,nl;q=0.9
Referer
https://517s61.reminews.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date
Fri, 03 Dec 2021 16:22:51 GMT
x-openstack-request-id
tx3a371b7f911d47879e956-00617824f4
x-trans-id
tx3a371b7f911d47879e956-00617824f4
x-timestamp
1621260766.56573
accept-ranges
bytes
expires
Sun, 05 Dec 2021 16:22:51 GMT
last-modified
Mon, 17 May 2021 14:12:47 GMT
server
nginx/1.18.0
etag
3d0ab5834c8bf7134e4d21fa3288317f
vary
Accept-Encoding
access-control-allow-methods
HEAD,GET,POST,PUT,PATCH,DELETE,OPTIONS
content-type
image/png
access-control-allow-origin
*
access-control-expose-headers
X-Container-Meta-Temp-Url-Key,X-Container-Bytes-Used,Last-Modified,X-Timestamp
cache-control
max-age=172800
content-length
7252
access-control-allow-headers
Content-Type,X-Requested-With,X-Auth-Token,X-Openstack-Request-Id,X-Container-Meta-type,X-Container-Meta-Temp-URL-Key,Authorization
x-proxy-cache
HIT
icon2.png
123.selornews.com/dannig/common-player-arrow/img/ 		4 KB
5 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://123.selornews.com/dannig/common-player-arrow/img/icon2.png
Requested by
Host: 517s61.reminews.com
URL: https://517s61.reminews.com/dannig/common-player-arrow/index.html?var=1541502&ymid=21120311220885a0570f6845089268a5447e&rc=1&mrc=0&fsc=0&zoneid=1601571&tburl=https://play-vids.com/?geo=nl&proxy=true
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
45.133.44.4 Philadelphia, United States, ASN39572 (ADVANCEDHOSTERS-AS, NL),
Reverse DNS
Software
nginx/1.18.0 /
Resource Hash

Request headers

Accept-Language
nl-NL,nl;q=0.9
Referer
https://517s61.reminews.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date
Fri, 03 Dec 2021 16:22:51 GMT
x-openstack-request-id
txa9b08c83d6884e2e94886-00617824f0
x-trans-id
txa9b08c83d6884e2e94886-00617824f0
x-timestamp
1621260766.58366
accept-ranges
bytes
expires
Sun, 05 Dec 2021 16:22:51 GMT
last-modified
Mon, 17 May 2021 14:12:47 GMT
server
nginx/1.18.0
etag
c947d439eb93367f1af5b2a3d222f057
vary
Accept-Encoding
access-control-allow-methods
HEAD,GET,POST,PUT,PATCH,DELETE,OPTIONS
content-type
image/png
access-control-allow-origin
*
access-control-expose-headers
X-Container-Meta-Temp-Url-Key,X-Container-Bytes-Used,Last-Modified,X-Timestamp
cache-control
max-age=172800
content-length
4576
access-control-allow-headers
Content-Type,X-Requested-With,X-Auth-Token,X-Openstack-Request-Id,X-Container-Meta-type,X-Container-Meta-Temp-URL-Key,Authorization
x-proxy-cache
HIT
icon3.png
123.selornews.com/dannig/common-player-arrow/img/ 		8 KB
8 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://123.selornews.com/dannig/common-player-arrow/img/icon3.png
Requested by
Host: 517s61.reminews.com
URL: https://517s61.reminews.com/dannig/common-player-arrow/index.html?var=1541502&ymid=21120311220885a0570f6845089268a5447e&rc=1&mrc=0&fsc=0&zoneid=1601571&tburl=https://play-vids.com/?geo=nl&proxy=true
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
45.133.44.4 Philadelphia, United States, ASN39572 (ADVANCEDHOSTERS-AS, NL),
Reverse DNS
Software
nginx/1.18.0 /
Resource Hash

Request headers

Accept-Language
nl-NL,nl;q=0.9
Referer
https://517s61.reminews.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date
Fri, 03 Dec 2021 16:22:51 GMT
x-openstack-request-id
txe836bc800dc74cab8c17e-00617824f0
x-trans-id
txe836bc800dc74cab8c17e-00617824f0
x-timestamp
1621260770.61859
accept-ranges
bytes
expires
Sun, 05 Dec 2021 16:22:51 GMT
last-modified
Mon, 17 May 2021 14:12:51 GMT
server
nginx/1.18.0
etag
8f3cc830da0b1fdf66bda7d1d734747b
vary
Accept-Encoding
access-control-allow-methods
HEAD,GET,POST,PUT,PATCH,DELETE,OPTIONS
content-type
image/png
access-control-allow-origin
*
access-control-expose-headers
X-Container-Meta-Temp-Url-Key,X-Container-Bytes-Used,Last-Modified,X-Timestamp
cache-control
max-age=172800
content-length
7847
access-control-allow-headers
Content-Type,X-Requested-With,X-Auth-Token,X-Openstack-Request-Id,X-Container-Meta-type,X-Container-Meta-Temp-URL-Key,Authorization
x-proxy-cache
HIT
icon4.png
123.selornews.com/dannig/common-player-arrow/img/ 		7 KB
7 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://123.selornews.com/dannig/common-player-arrow/img/icon4.png
Requested by
Host: 517s61.reminews.com
URL: https://517s61.reminews.com/dannig/common-player-arrow/index.html?var=1541502&ymid=21120311220885a0570f6845089268a5447e&rc=1&mrc=0&fsc=0&zoneid=1601571&tburl=https://play-vids.com/?geo=nl&proxy=true
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
45.133.44.4 Philadelphia, United States, ASN39572 (ADVANCEDHOSTERS-AS, NL),
Reverse DNS
Software
nginx/1.18.0 /
Resource Hash

Request headers

Accept-Language
nl-NL,nl;q=0.9
Referer
https://517s61.reminews.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date
Fri, 03 Dec 2021 16:22:51 GMT
x-openstack-request-id
tx15b172dcb6084849bf123-00617824f0
x-trans-id
tx15b172dcb6084849bf123-00617824f0
x-timestamp
1621260766.57654
accept-ranges
bytes
expires
Sun, 05 Dec 2021 16:22:51 GMT
last-modified
Mon, 17 May 2021 14:12:47 GMT
server
nginx/1.18.0
etag
7ad7f32c1c0df7b4975cc41bda4ac435
vary
Accept-Encoding
access-control-allow-methods
HEAD,GET,POST,PUT,PATCH,DELETE,OPTIONS
content-type
image/png
access-control-allow-origin
*
access-control-expose-headers
X-Container-Meta-Temp-Url-Key,X-Container-Bytes-Used,Last-Modified,X-Timestamp
cache-control
max-age=172800
content-length
7032
access-control-allow-headers
Content-Type,X-Requested-With,X-Auth-Token,X-Openstack-Request-Id,X-Container-Meta-type,X-Container-Meta-Temp-URL-Key,Authorization
x-proxy-cache
HIT
icon5.png
123.selornews.com/dannig/common-player-arrow/img/ 		3 KB
4 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://123.selornews.com/dannig/common-player-arrow/img/icon5.png
Requested by
Host: 517s61.reminews.com
URL: https://517s61.reminews.com/dannig/common-player-arrow/index.html?var=1541502&ymid=21120311220885a0570f6845089268a5447e&rc=1&mrc=0&fsc=0&zoneid=1601571&tburl=https://play-vids.com/?geo=nl&proxy=true
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
45.133.44.4 Philadelphia, United States, ASN39572 (ADVANCEDHOSTERS-AS, NL),
Reverse DNS
Software
nginx/1.18.0 /
Resource Hash

Request headers

Accept-Language
nl-NL,nl;q=0.9
Referer
https://517s61.reminews.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date
Fri, 03 Dec 2021 16:22:51 GMT
x-openstack-request-id
txb5043e51fe2e4d6988631-00617824f0
x-trans-id
txb5043e51fe2e4d6988631-00617824f0
x-timestamp
1621260766.74516
accept-ranges
bytes
expires
Sun, 05 Dec 2021 16:22:51 GMT
last-modified
Mon, 17 May 2021 14:12:47 GMT
server
nginx/1.18.0
etag
1e1a7582b5da63e10485d63f97abc9a0
vary
Accept-Encoding
access-control-allow-methods
HEAD,GET,POST,PUT,PATCH,DELETE,OPTIONS
content-type
image/png
access-control-allow-origin
*
access-control-expose-headers
X-Container-Meta-Temp-Url-Key,X-Container-Bytes-Used,Last-Modified,X-Timestamp
cache-control
max-age=172800
content-length
3264
access-control-allow-headers
Content-Type,X-Requested-With,X-Auth-Token,X-Openstack-Request-Id,X-Container-Meta-type,X-Container-Meta-Temp-URL-Key,Authorization
x-proxy-cache
HIT
icon7.png
123.selornews.com/dannig/common-player-arrow/img/ 		3 KB
4 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://123.selornews.com/dannig/common-player-arrow/img/icon7.png
Requested by
Host: 517s61.reminews.com
URL: https://517s61.reminews.com/dannig/common-player-arrow/index.html?var=1541502&ymid=21120311220885a0570f6845089268a5447e&rc=1&mrc=0&fsc=0&zoneid=1601571&tburl=https://play-vids.com/?geo=nl&proxy=true
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
45.133.44.4 Philadelphia, United States, ASN39572 (ADVANCEDHOSTERS-AS, NL),
Reverse DNS
Software
nginx/1.18.0 /
Resource Hash

Request headers

Accept-Language
nl-NL,nl;q=0.9
Referer
https://517s61.reminews.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date
Fri, 03 Dec 2021 16:22:51 GMT
x-openstack-request-id
tx23eb648f44094a9e86fdc-00617824f0
x-trans-id
tx23eb648f44094a9e86fdc-00617824f0
x-timestamp
1621260767.43555
accept-ranges
bytes
expires
Sun, 05 Dec 2021 16:22:51 GMT
last-modified
Mon, 17 May 2021 14:12:48 GMT
server
nginx/1.18.0
etag
b512735542cb07b3b2dcf153a7dfe456
vary
Accept-Encoding
access-control-allow-methods
HEAD,GET,POST,PUT,PATCH,DELETE,OPTIONS
content-type
image/png
access-control-allow-origin
*
access-control-expose-headers
X-Container-Meta-Temp-Url-Key,X-Container-Bytes-Used,Last-Modified,X-Timestamp
cache-control
max-age=172800
content-length
3283
access-control-allow-headers
Content-Type,X-Requested-With,X-Auth-Token,X-Openstack-Request-Id,X-Container-Meta-type,X-Container-Meta-Temp-URL-Key,Authorization
x-proxy-cache
HIT
icon8.png
123.selornews.com/dannig/common-player-arrow/img/ 		4 KB
5 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://123.selornews.com/dannig/common-player-arrow/img/icon8.png
Requested by
Host: 517s61.reminews.com
URL: https://517s61.reminews.com/dannig/common-player-arrow/index.html?var=1541502&ymid=21120311220885a0570f6845089268a5447e&rc=1&mrc=0&fsc=0&zoneid=1601571&tburl=https://play-vids.com/?geo=nl&proxy=true
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
45.133.44.4 Philadelphia, United States, ASN39572 (ADVANCEDHOSTERS-AS, NL),
Reverse DNS
Software
nginx/1.18.0 /
Resource Hash

Request headers

Accept-Language
nl-NL,nl;q=0.9
Referer
https://517s61.reminews.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date
Fri, 03 Dec 2021 16:22:51 GMT
x-openstack-request-id
tx287de7c84de84b77b385d-00617824f0
x-trans-id
tx287de7c84de84b77b385d-00617824f0
x-timestamp
1621260767.46514
accept-ranges
bytes
expires
Sun, 05 Dec 2021 16:22:51 GMT
last-modified
Mon, 17 May 2021 14:12:48 GMT
server
nginx/1.18.0
etag
f92d6474ebc6a3a0b576749cfb4afe98
vary
Accept-Encoding
access-control-allow-methods
HEAD,GET,POST,PUT,PATCH,DELETE,OPTIONS
content-type
image/png
access-control-allow-origin
*
access-control-expose-headers
X-Container-Meta-Temp-Url-Key,X-Container-Bytes-Used,Last-Modified,X-Timestamp
cache-control
max-age=172800
content-length
4064
access-control-allow-headers
Content-Type,X-Requested-With,X-Auth-Token,X-Openstack-Request-Id,X-Container-Meta-type,X-Container-Meta-Temp-URL-Key,Authorization
x-proxy-cache
HIT
afu.php
kneeansweras.com/ 		2 KB
1 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://kneeansweras.com/afu.php?zoneid=1541501&var=1541502
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
109.206.162.83 , Netherlands, ASN50245 (SERVEREL-AS, NL),
Reverse DNS
83.162.serverel.net
Software
nginx /
Resource Hash
a39a5ac17a55a09d37c05ba7c99d1ca93a672654384a57df10da88aa78cf9e24

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36
Accept-Language
nl-NL,nl;q=0.9

Response headers

server
nginx
date
Fri, 03 Dec 2021 16:22:51 GMT
content-type
text/html; charset=utf-8
vary
Accept-Encoding
content-encoding
gzip
timing-allow-origin
*
submit.min.js
kneeansweras.com/ 		34 KB
14 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://kneeansweras.com/submit.min.js?2.0
Requested by
Host: kneeansweras.com
URL: https://kneeansweras.com/afu.php?zoneid=1541501&var=1541502
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
109.206.162.83 , Netherlands, ASN50245 (SERVEREL-AS, NL),
Reverse DNS
83.162.serverel.net
Software
nginx /
Resource Hash
85a367f436675a0f9ff723ab117c68ab0f704cd9f183bc40c8d5e06d647832b8

Request headers

Accept-Language
nl-NL,nl;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date
Fri, 03 Dec 2021 16:22:51 GMT
content-encoding
gzip
last-modified
Thu, 02 Dec 2021 12:43:17 GMT
server
nginx
etag
W/"61a8bf65-87fb"
vary
Accept-Encoding
content-type
application/javascript
timing-allow-origin
*
/
kneeansweras.com/ 		3 KB
2 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://kneeansweras.com/?r=dir&zoneid=1541501&var=1541502&pb=84c607267541a81d905712c7293cba701638555771&psp=MsILgeUNcd_UxlW8wzeA8TXUuOoprGWLkfTzLgUGHESxgZeyjNxoddAIYDwZtrbVBzEWvJ_8LnypfU4wESo14kzWT9RDEXuAr8c0DHN1jLUq6sLcTjrcLpJosObyFmKN-83wo7YWc5zD1b1uECPLXyutk3zAK_z5FO_PSN5vMurKXn8c1fanLr_-Aftkl-8iDB4LUO485TS84ecstS3R7DmjvtqoFMi49mfIbnAogIxWEwr5qyOCKacYrHRFOY9DgUk_9D7uyZxDNWlpmCwXD7-J5PyHMbGI9yOwESb-NFX0theMcfIjZDh5fWBsRreKIZAKxXo4avAtt5lEml3mp5akqMYMkOXFGLI-5St47Wvev3-KGkMFijnB5BD8T3a6xRv34M8anozjDenthfturLNWu00LeTN7AUnfKox-Wkz00j1wcWdncCH2B929F334F7imw7qjoOTCtnmIUnVCFFob4xDCPYl7ZVU0IoQmL1dMS3q1eIrCRAARN5c7BpLtCa_h1Z-Ju9aq9s-VUkTf8ewWM5jgvwXu5VPLN77L-miQ16eTA-9p1pbokxR0N3f1APJZ5CfhasJoBzTQO_zplJY8m6lK97DpTktIauF4Os3GkRnjXUt-cMcFItwjCBE5En5XRes9dSTLmyQBlOTFqnLPZoEoSpgJ3EQDC0aDVyrFbNokq42sBw==&nojs=0&ix=0&t=0&x=1600&y=1200&wcks=1&wgl=1&cnvs=1&os=0&md=0&bb=0&pl=Chrome%20PDF%20Plugin::Chrome%20PDF%20Viewer::Native%20Client&lang=en-US&pf=Linux%20x86_64&cd=24&0&pload=102
Requested by
Host: kneeansweras.com
URL: https://kneeansweras.com/submit.min.js?2.0
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
109.206.162.83 , Netherlands, ASN50245 (SERVEREL-AS, NL),
Reverse DNS
83.162.serverel.net
Software
nginx /
Resource Hash
c9bc7a89875d652393ee51e61c781d82bb8bc180ebbac6c2d8bcf84dac477b63

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36
Accept-Language
nl-NL,nl;q=0.9

Response headers

server
nginx
date
Fri, 03 Dec 2021 16:22:51 GMT
content-type
text/html; charset=utf-8
vary
Accept-Encoding
content-encoding
gzip
timing-allow-origin
*
index.html
517s61.reminews.com/dannig/common-player-arrow/ 		6 KB
7 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://517s61.reminews.com/dannig/common-player-arrow/index.html?var=1541501&ymid=211203112292ecd42026494439a23b314160&rc=1&mrc=0&fsc=0&zoneid=1601571&tburl=https://play-vids.com/?geo=nl&proxy=true
Requested by
Host: kneeansweras.com
URL: https://kneeansweras.com/?r=dir&zoneid=1541501&var=1541502&pb=84c607267541a81d905712c7293cba701638555771&psp=MsILgeUNcd_UxlW8wzeA8TXUuOoprGWLkfTzLgUGHESxgZeyjNxoddAIYDwZtrbVBzEWvJ_8LnypfU4wESo14kzWT9RDEXuAr8c0DHN1jLUq6sLcTjrcLpJosObyFmKN-83wo7YWc5zD1b1uECPLXyutk3zAK_z5FO_PSN5vMurKXn8c1fanLr_-Aftkl-8iDB4LUO485TS84ecstS3R7DmjvtqoFMi49mfIbnAogIxWEwr5qyOCKacYrHRFOY9DgUk_9D7uyZxDNWlpmCwXD7-J5PyHMbGI9yOwESb-NFX0theMcfIjZDh5fWBsRreKIZAKxXo4avAtt5lEml3mp5akqMYMkOXFGLI-5St47Wvev3-KGkMFijnB5BD8T3a6xRv34M8anozjDenthfturLNWu00LeTN7AUnfKox-Wkz00j1wcWdncCH2B929F334F7imw7qjoOTCtnmIUnVCFFob4xDCPYl7ZVU0IoQmL1dMS3q1eIrCRAARN5c7BpLtCa_h1Z-Ju9aq9s-VUkTf8ewWM5jgvwXu5VPLN77L-miQ16eTA-9p1pbokxR0N3f1APJZ5CfhasJoBzTQO_zplJY8m6lK97DpTktIauF4Os3GkRnjXUt-cMcFItwjCBE5En5XRes9dSTLmyQBlOTFqnLPZoEoSpgJ3EQDC0aDVyrFbNokq42sBw==&nojs=0&ix=0&t=0&x=1600&y=1200&wcks=1&wgl=1&cnvs=1&os=0&md=0&bb=0&pl=Chrome%20PDF%20Plugin::Chrome%20PDF%20Viewer::Native%20Client&lang=en-US&pf=Linux%20x86_64&cd=24&0&pload=102
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
45.133.44.3 Philadelphia, United States, ASN39572 (ADVANCEDHOSTERS-AS, NL),
Reverse DNS
Software
nginx/1.18.0 /
Resource Hash
dccc56b4834577790633f041a5c730b0f283352e63c8509a9da3961b170b6f96

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36
Accept-Language
nl-NL,nl;q=0.9

Response headers

date
Fri, 03 Dec 2021 16:22:51 GMT
content-type
text/html; charset=utf-8
content-length
6611
server
nginx/1.18.0
last-modified
Tue, 26 Oct 2021 15:52:40 GMT
etag
f46a63e0e4e733d7ddc6f46da00863bf
x-timestamp
1635263559.76455
x-trans-id
txf9973ab5455e4f86ae257-00617824f3
x-openstack-request-id
txf9973ab5455e4f86ae257-00617824f3
cache-control
max-age=172800
access-control-allow-origin
*
access-control-allow-methods
HEAD,GET,POST,PUT,PATCH,DELETE,OPTIONS
access-control-allow-headers
Content-Type,X-Requested-With,X-Auth-Token,X-Openstack-Request-Id,X-Container-Meta-type,X-Container-Meta-Temp-URL-Key,Authorization
access-control-expose-headers
X-Container-Meta-Temp-Url-Key,X-Container-Bytes-Used,Last-Modified,X-Timestamp
expires
Sun, 05 Dec 2021 16:22:51 GMT
vary
Accept-Encoding
x-proxy-cache
HIT
accept-ranges
bytes
dupa.gif
kneeansweras.com/ 		0
0
script.js
123.selornews.com/dannig/common-player-arrow/ 		4 KB
5 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://123.selornews.com/dannig/common-player-arrow/script.js?a=19
Requested by
Host: 517s61.reminews.com
URL: https://517s61.reminews.com/dannig/common-player-arrow/index.html?var=1541501&ymid=211203112292ecd42026494439a23b314160&rc=1&mrc=0&fsc=0&zoneid=1601571&tburl=https://play-vids.com/?geo=nl&proxy=true
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
45.133.44.4 Philadelphia, United States, ASN39572 (ADVANCEDHOSTERS-AS, NL),
Reverse DNS
Software
nginx/1.18.0 /
Resource Hash
4d23eca65ee87fd5bce9aaefc863c5f836ad13dbb3069c72533bddfe2054d0d9

Request headers

Accept-Language
nl-NL,nl;q=0.9
Referer
https://517s61.reminews.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date
Fri, 03 Dec 2021 16:22:51 GMT
x-openstack-request-id
tx511d3042704c4fa98c709-00617824f4
x-trans-id
tx511d3042704c4fa98c709-00617824f4
x-timestamp
1631013005.68768
accept-ranges
bytes
expires
Sun, 05 Dec 2021 16:22:51 GMT
last-modified
Tue, 07 Sep 2021 11:10:06 GMT
server
nginx/1.18.0
etag
9d479878f1dadd7ee15cebf73891e8ae
vary
Accept-Encoding
access-control-allow-methods
HEAD,GET,POST,PUT,PATCH,DELETE,OPTIONS
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
access-control-expose-headers
X-Container-Meta-Temp-Url-Key,X-Container-Bytes-Used,Last-Modified,X-Timestamp
cache-control
max-age=172800
content-length
4281
access-control-allow-headers
Content-Type,X-Requested-With,X-Auth-Token,X-Openstack-Request-Id,X-Container-Meta-type,X-Container-Meta-Temp-URL-Key,Authorization
x-proxy-cache
HIT
icon1.png
123.selornews.com/dannig/common-player-arrow/img/ 		7 KB
8 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://123.selornews.com/dannig/common-player-arrow/img/icon1.png
Requested by
Host: 517s61.reminews.com
URL: https://517s61.reminews.com/dannig/common-player-arrow/index.html?var=1541501&ymid=211203112292ecd42026494439a23b314160&rc=1&mrc=0&fsc=0&zoneid=1601571&tburl=https://play-vids.com/?geo=nl&proxy=true
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
45.133.44.4 Philadelphia, United States, ASN39572 (ADVANCEDHOSTERS-AS, NL),
Reverse DNS
Software
nginx/1.18.0 /
Resource Hash

Request headers

Accept-Language
nl-NL,nl;q=0.9
Referer
https://517s61.reminews.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date
Fri, 03 Dec 2021 16:22:51 GMT
x-openstack-request-id
tx3a371b7f911d47879e956-00617824f4
x-trans-id
tx3a371b7f911d47879e956-00617824f4
x-timestamp
1621260766.56573
accept-ranges
bytes
expires
Sun, 05 Dec 2021 16:22:51 GMT
last-modified
Mon, 17 May 2021 14:12:47 GMT
server
nginx/1.18.0
etag
3d0ab5834c8bf7134e4d21fa3288317f
vary
Accept-Encoding
access-control-allow-methods
HEAD,GET,POST,PUT,PATCH,DELETE,OPTIONS
content-type
image/png
access-control-allow-origin
*
access-control-expose-headers
X-Container-Meta-Temp-Url-Key,X-Container-Bytes-Used,Last-Modified,X-Timestamp
cache-control
max-age=172800
content-length
7252
access-control-allow-headers
Content-Type,X-Requested-With,X-Auth-Token,X-Openstack-Request-Id,X-Container-Meta-type,X-Container-Meta-Temp-URL-Key,Authorization
x-proxy-cache
HIT
icon2.png
123.selornews.com/dannig/common-player-arrow/img/ 		4 KB
5 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://123.selornews.com/dannig/common-player-arrow/img/icon2.png
Requested by
Host: 517s61.reminews.com
URL: https://517s61.reminews.com/dannig/common-player-arrow/index.html?var=1541501&ymid=211203112292ecd42026494439a23b314160&rc=1&mrc=0&fsc=0&zoneid=1601571&tburl=https://play-vids.com/?geo=nl&proxy=true
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
45.133.44.4 Philadelphia, United States, ASN39572 (ADVANCEDHOSTERS-AS, NL),
Reverse DNS
Software
nginx/1.18.0 /
Resource Hash

Request headers

Accept-Language
nl-NL,nl;q=0.9
Referer
https://517s61.reminews.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date
Fri, 03 Dec 2021 16:22:51 GMT
x-openstack-request-id
txa9b08c83d6884e2e94886-00617824f0
x-trans-id
txa9b08c83d6884e2e94886-00617824f0
x-timestamp
1621260766.58366
accept-ranges
bytes
expires
Sun, 05 Dec 2021 16:22:51 GMT
last-modified
Mon, 17 May 2021 14:12:47 GMT
server
nginx/1.18.0
etag
c947d439eb93367f1af5b2a3d222f057
vary
Accept-Encoding
access-control-allow-methods
HEAD,GET,POST,PUT,PATCH,DELETE,OPTIONS
content-type
image/png
access-control-allow-origin
*
access-control-expose-headers
X-Container-Meta-Temp-Url-Key,X-Container-Bytes-Used,Last-Modified,X-Timestamp
cache-control
max-age=172800
content-length
4576
access-control-allow-headers
Content-Type,X-Requested-With,X-Auth-Token,X-Openstack-Request-Id,X-Container-Meta-type,X-Container-Meta-Temp-URL-Key,Authorization
x-proxy-cache
HIT
icon3.png
123.selornews.com/dannig/common-player-arrow/img/ 		8 KB
8 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://123.selornews.com/dannig/common-player-arrow/img/icon3.png
Requested by
Host: 517s61.reminews.com
URL: https://517s61.reminews.com/dannig/common-player-arrow/index.html?var=1541501&ymid=211203112292ecd42026494439a23b314160&rc=1&mrc=0&fsc=0&zoneid=1601571&tburl=https://play-vids.com/?geo=nl&proxy=true
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
45.133.44.4 Philadelphia, United States, ASN39572 (ADVANCEDHOSTERS-AS, NL),
Reverse DNS
Software
nginx/1.18.0 /
Resource Hash

Request headers

Accept-Language
nl-NL,nl;q=0.9
Referer
https://517s61.reminews.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date
Fri, 03 Dec 2021 16:22:51 GMT
x-openstack-request-id
txe836bc800dc74cab8c17e-00617824f0
x-trans-id
txe836bc800dc74cab8c17e-00617824f0
x-timestamp
1621260770.61859
accept-ranges
bytes
expires
Sun, 05 Dec 2021 16:22:51 GMT
last-modified
Mon, 17 May 2021 14:12:51 GMT
server
nginx/1.18.0
etag
8f3cc830da0b1fdf66bda7d1d734747b
vary
Accept-Encoding
access-control-allow-methods
HEAD,GET,POST,PUT,PATCH,DELETE,OPTIONS
content-type
image/png
access-control-allow-origin
*
access-control-expose-headers
X-Container-Meta-Temp-Url-Key,X-Container-Bytes-Used,Last-Modified,X-Timestamp
cache-control
max-age=172800
content-length
7847
access-control-allow-headers
Content-Type,X-Requested-With,X-Auth-Token,X-Openstack-Request-Id,X-Container-Meta-type,X-Container-Meta-Temp-URL-Key,Authorization
x-proxy-cache
HIT
icon4.png
123.selornews.com/dannig/common-player-arrow/img/ 		7 KB
7 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://123.selornews.com/dannig/common-player-arrow/img/icon4.png
Requested by
Host: 517s61.reminews.com
URL: https://517s61.reminews.com/dannig/common-player-arrow/index.html?var=1541501&ymid=211203112292ecd42026494439a23b314160&rc=1&mrc=0&fsc=0&zoneid=1601571&tburl=https://play-vids.com/?geo=nl&proxy=true
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
45.133.44.4 Philadelphia, United States, ASN39572 (ADVANCEDHOSTERS-AS, NL),
Reverse DNS
Software
nginx/1.18.0 /
Resource Hash

Request headers

Accept-Language
nl-NL,nl;q=0.9
Referer
https://517s61.reminews.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date
Fri, 03 Dec 2021 16:22:51 GMT
x-openstack-request-id
tx15b172dcb6084849bf123-00617824f0
x-trans-id
tx15b172dcb6084849bf123-00617824f0
x-timestamp
1621260766.57654
accept-ranges
bytes
expires
Sun, 05 Dec 2021 16:22:51 GMT
last-modified
Mon, 17 May 2021 14:12:47 GMT
server
nginx/1.18.0
etag
7ad7f32c1c0df7b4975cc41bda4ac435
vary
Accept-Encoding
access-control-allow-methods
HEAD,GET,POST,PUT,PATCH,DELETE,OPTIONS
content-type
image/png
access-control-allow-origin
*
access-control-expose-headers
X-Container-Meta-Temp-Url-Key,X-Container-Bytes-Used,Last-Modified,X-Timestamp
cache-control
max-age=172800
content-length
7032
access-control-allow-headers
Content-Type,X-Requested-With,X-Auth-Token,X-Openstack-Request-Id,X-Container-Meta-type,X-Container-Meta-Temp-URL-Key,Authorization
x-proxy-cache
HIT
icon5.png
123.selornews.com/dannig/common-player-arrow/img/ 		3 KB
4 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://123.selornews.com/dannig/common-player-arrow/img/icon5.png
Requested by
Host: 517s61.reminews.com
URL: https://517s61.reminews.com/dannig/common-player-arrow/index.html?var=1541501&ymid=211203112292ecd42026494439a23b314160&rc=1&mrc=0&fsc=0&zoneid=1601571&tburl=https://play-vids.com/?geo=nl&proxy=true
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
45.133.44.4 Philadelphia, United States, ASN39572 (ADVANCEDHOSTERS-AS, NL),
Reverse DNS
Software
nginx/1.18.0 /
Resource Hash

Request headers

Accept-Language
nl-NL,nl;q=0.9
Referer
https://517s61.reminews.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date
Fri, 03 Dec 2021 16:22:51 GMT
x-openstack-request-id
txb5043e51fe2e4d6988631-00617824f0
x-trans-id
txb5043e51fe2e4d6988631-00617824f0
x-timestamp
1621260766.74516
accept-ranges
bytes
expires
Sun, 05 Dec 2021 16:22:51 GMT
last-modified
Mon, 17 May 2021 14:12:47 GMT
server
nginx/1.18.0
etag
1e1a7582b5da63e10485d63f97abc9a0
vary
Accept-Encoding
access-control-allow-methods
HEAD,GET,POST,PUT,PATCH,DELETE,OPTIONS
content-type
image/png
access-control-allow-origin
*
access-control-expose-headers
X-Container-Meta-Temp-Url-Key,X-Container-Bytes-Used,Last-Modified,X-Timestamp
cache-control
max-age=172800
content-length
3264
access-control-allow-headers
Content-Type,X-Requested-With,X-Auth-Token,X-Openstack-Request-Id,X-Container-Meta-type,X-Container-Meta-Temp-URL-Key,Authorization
x-proxy-cache
HIT
icon7.png
123.selornews.com/dannig/common-player-arrow/img/ 		3 KB
4 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://123.selornews.com/dannig/common-player-arrow/img/icon7.png
Requested by
Host: 517s61.reminews.com
URL: https://517s61.reminews.com/dannig/common-player-arrow/index.html?var=1541501&ymid=211203112292ecd42026494439a23b314160&rc=1&mrc=0&fsc=0&zoneid=1601571&tburl=https://play-vids.com/?geo=nl&proxy=true
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
45.133.44.4 Philadelphia, United States, ASN39572 (ADVANCEDHOSTERS-AS, NL),
Reverse DNS
Software
nginx/1.18.0 /
Resource Hash

Request headers

Accept-Language
nl-NL,nl;q=0.9
Referer
https://517s61.reminews.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date
Fri, 03 Dec 2021 16:22:51 GMT
x-openstack-request-id
tx23eb648f44094a9e86fdc-00617824f0
x-trans-id
tx23eb648f44094a9e86fdc-00617824f0
x-timestamp
1621260767.43555
accept-ranges
bytes
expires
Sun, 05 Dec 2021 16:22:51 GMT
last-modified
Mon, 17 May 2021 14:12:48 GMT
server
nginx/1.18.0
etag
b512735542cb07b3b2dcf153a7dfe456
vary
Accept-Encoding
access-control-allow-methods
HEAD,GET,POST,PUT,PATCH,DELETE,OPTIONS
content-type
image/png
access-control-allow-origin
*
access-control-expose-headers
X-Container-Meta-Temp-Url-Key,X-Container-Bytes-Used,Last-Modified,X-Timestamp
cache-control
max-age=172800
content-length
3283
access-control-allow-headers
Content-Type,X-Requested-With,X-Auth-Token,X-Openstack-Request-Id,X-Container-Meta-type,X-Container-Meta-Temp-URL-Key,Authorization
x-proxy-cache
HIT
icon8.png
123.selornews.com/dannig/common-player-arrow/img/ 		4 KB
5 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://123.selornews.com/dannig/common-player-arrow/img/icon8.png
Requested by
Host: 517s61.reminews.com
URL: https://517s61.reminews.com/dannig/common-player-arrow/index.html?var=1541501&ymid=211203112292ecd42026494439a23b314160&rc=1&mrc=0&fsc=0&zoneid=1601571&tburl=https://play-vids.com/?geo=nl&proxy=true
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
45.133.44.4 Philadelphia, United States, ASN39572 (ADVANCEDHOSTERS-AS, NL),
Reverse DNS
Software
nginx/1.18.0 /
Resource Hash

Request headers

Accept-Language
nl-NL,nl;q=0.9
Referer
https://517s61.reminews.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date
Fri, 03 Dec 2021 16:22:51 GMT
x-openstack-request-id
tx287de7c84de84b77b385d-00617824f0
x-trans-id
tx287de7c84de84b77b385d-00617824f0
x-timestamp
1621260767.46514
accept-ranges
bytes
expires
Sun, 05 Dec 2021 16:22:51 GMT
last-modified
Mon, 17 May 2021 14:12:48 GMT
server
nginx/1.18.0
etag
f92d6474ebc6a3a0b576749cfb4afe98
vary
Accept-Encoding
access-control-allow-methods
HEAD,GET,POST,PUT,PATCH,DELETE,OPTIONS
content-type
image/png
access-control-allow-origin
*
access-control-expose-headers
X-Container-Meta-Temp-Url-Key,X-Container-Bytes-Used,Last-Modified,X-Timestamp
cache-control
max-age=172800
content-length
4064
access-control-allow-headers
Content-Type,X-Requested-With,X-Auth-Token,X-Openstack-Request-Id,X-Container-Meta-type,X-Container-Meta-Temp-URL-Key,Authorization
x-proxy-cache
HIT
afu.php
kneeansweras.com/ 		2 KB
1 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://kneeansweras.com/afu.php?zoneid=1541502&var=1541501
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
109.206.162.83 , Netherlands, ASN50245 (SERVEREL-AS, NL),
Reverse DNS
83.162.serverel.net
Software
nginx /
Resource Hash
fa469ceafb8c27fcf7c7245d972e7d477dd0c07d1faed75aa78fb82f51cd368b

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36
Accept-Language
nl-NL,nl;q=0.9

Response headers

server
nginx
date
Fri, 03 Dec 2021 16:22:51 GMT
content-type
text/html; charset=utf-8
vary
Accept-Encoding
content-encoding
gzip
timing-allow-origin
*
submit.min.js
kneeansweras.com/ 		34 KB
14 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://kneeansweras.com/submit.min.js?2.0
Requested by
Host: kneeansweras.com
URL: https://kneeansweras.com/afu.php?zoneid=1541502&var=1541501
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
109.206.162.83 , Netherlands, ASN50245 (SERVEREL-AS, NL),
Reverse DNS
83.162.serverel.net
Software
nginx /
Resource Hash
85a367f436675a0f9ff723ab117c68ab0f704cd9f183bc40c8d5e06d647832b8

Request headers

Accept-Language
nl-NL,nl;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date
Fri, 03 Dec 2021 16:22:51 GMT
content-encoding
gzip
last-modified
Thu, 02 Dec 2021 12:43:17 GMT
server
nginx
etag
W/"61a8bf65-87fb"
vary
Accept-Encoding
content-type
application/javascript
timing-allow-origin
*
/
kneeansweras.com/ 		3 KB
2 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://kneeansweras.com/?r=dir&zoneid=1541502&var=1541501&pb=84c607267541a81d905712c7293cba701638555771&psp=AK3CCNgmBrZhBzln8v0o_gj_HG0Z8DB6MHdsM4BvLpErj4im33JPRtIeH5a28MsNWNMWwuQaw6xNTIrkwAMpIOdyFllcYs2t2Vi0mRFZmPT36gVVZk4kw7HK4iukZUuNuIMISnYODapZfwdNKfRNCNcXGOcuK5bcCzlIurLYgQPn4oD0epnj01znLb9_epSNKop7cI5bn4TocYP-8xEKzSnvDpfpxZEBeIq3Szi2G2TZ43mQuu0QXtj6Ea--4upBy3Dwdq6Co8uQF2lNN6r6lYos36Y0aHg3wPZxE9njh2Jg5l-hQqGwoLL1zs7QD1vW-288OMmuShJmFY7_2_AiKw_W1xTcW0BDFYS5_qU-9WbohEJsEPuUKZCyNLneYbJ7PragnCL11KF7eICWKP4EXupdkTZlVL0ACwbaoMq-64nLnLVcMaSdKcVGkj_qdwmtdFbbH6yzrciWtAjwHWpStGpGErqJfdzebTfuQ4OP0e-gzdJTHhPOmRes-v6pyhtdxvca4bcj_nwbsnomRgLMVq1TFxrPnyA6BdbleAvJbfhp_KK_VRk1Zk556N1wtt1gm77Z0wN4jP65Zu8U0LowRa2FZcWs_Fu81U0HHoozAOBx0imwSHL0xIYOZgXDVlpdk_gv-i80eFv6TVRfpzQErmIknwxcatRiBZaSDbnQLs6sgFzXLdjecw==&nojs=0&ix=0&t=0&x=1600&y=1200&wcks=1&wgl=1&cnvs=1&os=0&md=0&bb=0&pl=Chrome%20PDF%20Plugin::Chrome%20PDF%20Viewer::Native%20Client&lang=en-US&pf=Linux%20x86_64&cd=24&0&pload=121
Requested by
Host: kneeansweras.com
URL: https://kneeansweras.com/submit.min.js?2.0
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
109.206.162.83 , Netherlands, ASN50245 (SERVEREL-AS, NL),
Reverse DNS
83.162.serverel.net
Software
nginx /
Resource Hash
e684bfbc46ef19a1f2a43cc10b799ab6d641843f4ad023318c611045483416e3

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36
Accept-Language
nl-NL,nl;q=0.9

Response headers

server
nginx
date
Fri, 03 Dec 2021 16:22:51 GMT
content-type
text/html; charset=utf-8
vary
Accept-Encoding
content-encoding
gzip
timing-allow-origin
*
index.html
517s61.reminews.com/dannig/common-player-arrow/ 		6 KB
7 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://517s61.reminews.com/dannig/common-player-arrow/index.html?var=1541502&ymid=211203112296d253f93253445e822a41d5d9&rc=1&mrc=0&fsc=0&zoneid=1601571&tburl=https://play-vids.com/?geo=nl&proxy=true
Requested by
Host: kneeansweras.com
URL: https://kneeansweras.com/?r=dir&zoneid=1541502&var=1541501&pb=84c607267541a81d905712c7293cba701638555771&psp=AK3CCNgmBrZhBzln8v0o_gj_HG0Z8DB6MHdsM4BvLpErj4im33JPRtIeH5a28MsNWNMWwuQaw6xNTIrkwAMpIOdyFllcYs2t2Vi0mRFZmPT36gVVZk4kw7HK4iukZUuNuIMISnYODapZfwdNKfRNCNcXGOcuK5bcCzlIurLYgQPn4oD0epnj01znLb9_epSNKop7cI5bn4TocYP-8xEKzSnvDpfpxZEBeIq3Szi2G2TZ43mQuu0QXtj6Ea--4upBy3Dwdq6Co8uQF2lNN6r6lYos36Y0aHg3wPZxE9njh2Jg5l-hQqGwoLL1zs7QD1vW-288OMmuShJmFY7_2_AiKw_W1xTcW0BDFYS5_qU-9WbohEJsEPuUKZCyNLneYbJ7PragnCL11KF7eICWKP4EXupdkTZlVL0ACwbaoMq-64nLnLVcMaSdKcVGkj_qdwmtdFbbH6yzrciWtAjwHWpStGpGErqJfdzebTfuQ4OP0e-gzdJTHhPOmRes-v6pyhtdxvca4bcj_nwbsnomRgLMVq1TFxrPnyA6BdbleAvJbfhp_KK_VRk1Zk556N1wtt1gm77Z0wN4jP65Zu8U0LowRa2FZcWs_Fu81U0HHoozAOBx0imwSHL0xIYOZgXDVlpdk_gv-i80eFv6TVRfpzQErmIknwxcatRiBZaSDbnQLs6sgFzXLdjecw==&nojs=0&ix=0&t=0&x=1600&y=1200&wcks=1&wgl=1&cnvs=1&os=0&md=0&bb=0&pl=Chrome%20PDF%20Plugin::Chrome%20PDF%20Viewer::Native%20Client&lang=en-US&pf=Linux%20x86_64&cd=24&0&pload=121
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
45.133.44.3 Philadelphia, United States, ASN39572 (ADVANCEDHOSTERS-AS, NL),
Reverse DNS
Software
nginx/1.18.0 /
Resource Hash
dccc56b4834577790633f041a5c730b0f283352e63c8509a9da3961b170b6f96

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36
Accept-Language
nl-NL,nl;q=0.9

Response headers

date
Fri, 03 Dec 2021 16:22:51 GMT
content-type
text/html; charset=utf-8
content-length
6611
server
nginx/1.18.0
last-modified
Tue, 26 Oct 2021 15:52:40 GMT
etag
f46a63e0e4e733d7ddc6f46da00863bf
x-timestamp
1635263559.76455
x-trans-id
txf9973ab5455e4f86ae257-00617824f3
x-openstack-request-id
txf9973ab5455e4f86ae257-00617824f3
cache-control
max-age=172800
access-control-allow-origin
*
access-control-allow-methods
HEAD,GET,POST,PUT,PATCH,DELETE,OPTIONS
access-control-allow-headers
Content-Type,X-Requested-With,X-Auth-Token,X-Openstack-Request-Id,X-Container-Meta-type,X-Container-Meta-Temp-URL-Key,Authorization
access-control-expose-headers
X-Container-Meta-Temp-Url-Key,X-Container-Bytes-Used,Last-Modified,X-Timestamp
expires
Sun, 05 Dec 2021 16:22:51 GMT
vary
Accept-Encoding
x-proxy-cache
HIT
accept-ranges
bytes
dupa.gif
kneeansweras.com/ 		0
0
script.js
123.selornews.com/dannig/common-player-arrow/ 		4 KB
5 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://123.selornews.com/dannig/common-player-arrow/script.js?a=19
Requested by
Host: 517s61.reminews.com
URL: https://517s61.reminews.com/dannig/common-player-arrow/index.html?var=1541502&ymid=211203112296d253f93253445e822a41d5d9&rc=1&mrc=0&fsc=0&zoneid=1601571&tburl=https://play-vids.com/?geo=nl&proxy=true
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
45.133.44.4 Philadelphia, United States, ASN39572 (ADVANCEDHOSTERS-AS, NL),
Reverse DNS
Software
nginx/1.18.0 /
Resource Hash
4d23eca65ee87fd5bce9aaefc863c5f836ad13dbb3069c72533bddfe2054d0d9

Request headers

Accept-Language
nl-NL,nl;q=0.9
Referer
https://517s61.reminews.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date
Fri, 03 Dec 2021 16:22:51 GMT
x-openstack-request-id
tx511d3042704c4fa98c709-00617824f4
x-trans-id
tx511d3042704c4fa98c709-00617824f4
x-timestamp
1631013005.68768
accept-ranges
bytes
expires
Sun, 05 Dec 2021 16:22:51 GMT
last-modified
Tue, 07 Sep 2021 11:10:06 GMT
server
nginx/1.18.0
etag
9d479878f1dadd7ee15cebf73891e8ae
vary
Accept-Encoding
access-control-allow-methods
HEAD,GET,POST,PUT,PATCH,DELETE,OPTIONS
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
access-control-expose-headers
X-Container-Meta-Temp-Url-Key,X-Container-Bytes-Used,Last-Modified,X-Timestamp
cache-control
max-age=172800
content-length
4281
access-control-allow-headers
Content-Type,X-Requested-With,X-Auth-Token,X-Openstack-Request-Id,X-Container-Meta-type,X-Container-Meta-Temp-URL-Key,Authorization
x-proxy-cache
HIT
icon1.png
123.selornews.com/dannig/common-player-arrow/img/ 		7 KB
8 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://123.selornews.com/dannig/common-player-arrow/img/icon1.png
Requested by
Host: 517s61.reminews.com
URL: https://517s61.reminews.com/dannig/common-player-arrow/index.html?var=1541502&ymid=211203112296d253f93253445e822a41d5d9&rc=1&mrc=0&fsc=0&zoneid=1601571&tburl=https://play-vids.com/?geo=nl&proxy=true
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
45.133.44.4 Philadelphia, United States, ASN39572 (ADVANCEDHOSTERS-AS, NL),
Reverse DNS
Software
nginx/1.18.0 /
Resource Hash

Request headers

Accept-Language
nl-NL,nl;q=0.9
Referer
https://517s61.reminews.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date
Fri, 03 Dec 2021 16:22:51 GMT
x-openstack-request-id
tx3a371b7f911d47879e956-00617824f4
x-trans-id
tx3a371b7f911d47879e956-00617824f4
x-timestamp
1621260766.56573
accept-ranges
bytes
expires
Sun, 05 Dec 2021 16:22:51 GMT
last-modified
Mon, 17 May 2021 14:12:47 GMT
server
nginx/1.18.0
etag
3d0ab5834c8bf7134e4d21fa3288317f
vary
Accept-Encoding
access-control-allow-methods
HEAD,GET,POST,PUT,PATCH,DELETE,OPTIONS
content-type
image/png
access-control-allow-origin
*
access-control-expose-headers
X-Container-Meta-Temp-Url-Key,X-Container-Bytes-Used,Last-Modified,X-Timestamp
cache-control
max-age=172800
content-length
7252
access-control-allow-headers
Content-Type,X-Requested-With,X-Auth-Token,X-Openstack-Request-Id,X-Container-Meta-type,X-Container-Meta-Temp-URL-Key,Authorization
x-proxy-cache
HIT
icon2.png
123.selornews.com/dannig/common-player-arrow/img/ 		4 KB
5 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://123.selornews.com/dannig/common-player-arrow/img/icon2.png
Requested by
Host: 517s61.reminews.com
URL: https://517s61.reminews.com/dannig/common-player-arrow/index.html?var=1541502&ymid=211203112296d253f93253445e822a41d5d9&rc=1&mrc=0&fsc=0&zoneid=1601571&tburl=https://play-vids.com/?geo=nl&proxy=true
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
45.133.44.4 Philadelphia, United States, ASN39572 (ADVANCEDHOSTERS-AS, NL),
Reverse DNS
Software
nginx/1.18.0 /
Resource Hash

Request headers

Accept-Language
nl-NL,nl;q=0.9
Referer
https://517s61.reminews.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date
Fri, 03 Dec 2021 16:22:51 GMT
x-openstack-request-id
txa9b08c83d6884e2e94886-00617824f0
x-trans-id
txa9b08c83d6884e2e94886-00617824f0
x-timestamp
1621260766.58366
accept-ranges
bytes
expires
Sun, 05 Dec 2021 16:22:51 GMT
last-modified
Mon, 17 May 2021 14:12:47 GMT
server
nginx/1.18.0
etag
c947d439eb93367f1af5b2a3d222f057
vary
Accept-Encoding
access-control-allow-methods
HEAD,GET,POST,PUT,PATCH,DELETE,OPTIONS
content-type
image/png
access-control-allow-origin
*
access-control-expose-headers
X-Container-Meta-Temp-Url-Key,X-Container-Bytes-Used,Last-Modified,X-Timestamp
cache-control
max-age=172800
content-length
4576
access-control-allow-headers
Content-Type,X-Requested-With,X-Auth-Token,X-Openstack-Request-Id,X-Container-Meta-type,X-Container-Meta-Temp-URL-Key,Authorization
x-proxy-cache
HIT
icon3.png
123.selornews.com/dannig/common-player-arrow/img/ 		8 KB
8 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://123.selornews.com/dannig/common-player-arrow/img/icon3.png
Requested by
Host: 517s61.reminews.com
URL: https://517s61.reminews.com/dannig/common-player-arrow/index.html?var=1541502&ymid=211203112296d253f93253445e822a41d5d9&rc=1&mrc=0&fsc=0&zoneid=1601571&tburl=https://play-vids.com/?geo=nl&proxy=true
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
45.133.44.4 Philadelphia, United States, ASN39572 (ADVANCEDHOSTERS-AS, NL),
Reverse DNS
Software
nginx/1.18.0 /
Resource Hash

Request headers

Accept-Language
nl-NL,nl;q=0.9
Referer
https://517s61.reminews.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date
Fri, 03 Dec 2021 16:22:51 GMT
x-openstack-request-id
txe836bc800dc74cab8c17e-00617824f0
x-trans-id
txe836bc800dc74cab8c17e-00617824f0
x-timestamp
1621260770.61859
accept-ranges
bytes
expires
Sun, 05 Dec 2021 16:22:51 GMT
last-modified
Mon, 17 May 2021 14:12:51 GMT
server
nginx/1.18.0
etag
8f3cc830da0b1fdf66bda7d1d734747b
vary
Accept-Encoding
access-control-allow-methods
HEAD,GET,POST,PUT,PATCH,DELETE,OPTIONS
content-type
image/png
access-control-allow-origin
*
access-control-expose-headers
X-Container-Meta-Temp-Url-Key,X-Container-Bytes-Used,Last-Modified,X-Timestamp
cache-control
max-age=172800
content-length
7847
access-control-allow-headers
Content-Type,X-Requested-With,X-Auth-Token,X-Openstack-Request-Id,X-Container-Meta-type,X-Container-Meta-Temp-URL-Key,Authorization
x-proxy-cache
HIT
icon4.png
123.selornews.com/dannig/common-player-arrow/img/ 		7 KB
7 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://123.selornews.com/dannig/common-player-arrow/img/icon4.png
Requested by
Host: 517s61.reminews.com
URL: https://517s61.reminews.com/dannig/common-player-arrow/index.html?var=1541502&ymid=211203112296d253f93253445e822a41d5d9&rc=1&mrc=0&fsc=0&zoneid=1601571&tburl=https://play-vids.com/?geo=nl&proxy=true
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
45.133.44.4 Philadelphia, United States, ASN39572 (ADVANCEDHOSTERS-AS, NL),
Reverse DNS
Software
nginx/1.18.0 /
Resource Hash

Request headers

Accept-Language
nl-NL,nl;q=0.9
Referer
https://517s61.reminews.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date
Fri, 03 Dec 2021 16:22:51 GMT
x-openstack-request-id
tx15b172dcb6084849bf123-00617824f0
x-trans-id
tx15b172dcb6084849bf123-00617824f0
x-timestamp
1621260766.57654
accept-ranges
bytes
expires
Sun, 05 Dec 2021 16:22:51 GMT
last-modified
Mon, 17 May 2021 14:12:47 GMT
server
nginx/1.18.0
etag
7ad7f32c1c0df7b4975cc41bda4ac435
vary
Accept-Encoding
access-control-allow-methods
HEAD,GET,POST,PUT,PATCH,DELETE,OPTIONS
content-type
image/png
access-control-allow-origin
*
access-control-expose-headers
X-Container-Meta-Temp-Url-Key,X-Container-Bytes-Used,Last-Modified,X-Timestamp
cache-control
max-age=172800
content-length
7032
access-control-allow-headers
Content-Type,X-Requested-With,X-Auth-Token,X-Openstack-Request-Id,X-Container-Meta-type,X-Container-Meta-Temp-URL-Key,Authorization
x-proxy-cache
HIT
icon5.png
123.selornews.com/dannig/common-player-arrow/img/ 		3 KB
4 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://123.selornews.com/dannig/common-player-arrow/img/icon5.png
Requested by
Host: 517s61.reminews.com
URL: https://517s61.reminews.com/dannig/common-player-arrow/index.html?var=1541502&ymid=211203112296d253f93253445e822a41d5d9&rc=1&mrc=0&fsc=0&zoneid=1601571&tburl=https://play-vids.com/?geo=nl&proxy=true
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
45.133.44.4 Philadelphia, United States, ASN39572 (ADVANCEDHOSTERS-AS, NL),
Reverse DNS
Software
nginx/1.18.0 /
Resource Hash

Request headers

Accept-Language
nl-NL,nl;q=0.9
Referer
https://517s61.reminews.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date
Fri, 03 Dec 2021 16:22:51 GMT
x-openstack-request-id
txb5043e51fe2e4d6988631-00617824f0
x-trans-id
txb5043e51fe2e4d6988631-00617824f0
x-timestamp
1621260766.74516
accept-ranges
bytes
expires
Sun, 05 Dec 2021 16:22:51 GMT
last-modified
Mon, 17 May 2021 14:12:47 GMT
server
nginx/1.18.0
etag
1e1a7582b5da63e10485d63f97abc9a0
vary
Accept-Encoding
access-control-allow-methods
HEAD,GET,POST,PUT,PATCH,DELETE,OPTIONS
content-type
image/png
access-control-allow-origin
*
access-control-expose-headers
X-Container-Meta-Temp-Url-Key,X-Container-Bytes-Used,Last-Modified,X-Timestamp
cache-control
max-age=172800
content-length
3264
access-control-allow-headers
Content-Type,X-Requested-With,X-Auth-Token,X-Openstack-Request-Id,X-Container-Meta-type,X-Container-Meta-Temp-URL-Key,Authorization
x-proxy-cache
HIT
icon7.png
123.selornews.com/dannig/common-player-arrow/img/ 		3 KB
4 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://123.selornews.com/dannig/common-player-arrow/img/icon7.png
Requested by
Host: 517s61.reminews.com
URL: https://517s61.reminews.com/dannig/common-player-arrow/index.html?var=1541502&ymid=211203112296d253f93253445e822a41d5d9&rc=1&mrc=0&fsc=0&zoneid=1601571&tburl=https://play-vids.com/?geo=nl&proxy=true
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
45.133.44.4 Philadelphia, United States, ASN39572 (ADVANCEDHOSTERS-AS, NL),
Reverse DNS
Software
nginx/1.18.0 /
Resource Hash

Request headers

Accept-Language
nl-NL,nl;q=0.9
Referer
https://517s61.reminews.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date
Fri, 03 Dec 2021 16:22:51 GMT
x-openstack-request-id
tx23eb648f44094a9e86fdc-00617824f0
x-trans-id
tx23eb648f44094a9e86fdc-00617824f0
x-timestamp
1621260767.43555
accept-ranges
bytes
expires
Sun, 05 Dec 2021 16:22:51 GMT
last-modified
Mon, 17 May 2021 14:12:48 GMT
server
nginx/1.18.0
etag
b512735542cb07b3b2dcf153a7dfe456
vary
Accept-Encoding
access-control-allow-methods
HEAD,GET,POST,PUT,PATCH,DELETE,OPTIONS
content-type
image/png
access-control-allow-origin
*
access-control-expose-headers
X-Container-Meta-Temp-Url-Key,X-Container-Bytes-Used,Last-Modified,X-Timestamp
cache-control
max-age=172800
content-length
3283
access-control-allow-headers
Content-Type,X-Requested-With,X-Auth-Token,X-Openstack-Request-Id,X-Container-Meta-type,X-Container-Meta-Temp-URL-Key,Authorization
x-proxy-cache
HIT
icon8.png
123.selornews.com/dannig/common-player-arrow/img/ 		4 KB
5 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://123.selornews.com/dannig/common-player-arrow/img/icon8.png
Requested by
Host: 517s61.reminews.com
URL: https://517s61.reminews.com/dannig/common-player-arrow/index.html?var=1541502&ymid=211203112296d253f93253445e822a41d5d9&rc=1&mrc=0&fsc=0&zoneid=1601571&tburl=https://play-vids.com/?geo=nl&proxy=true
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
45.133.44.4 Philadelphia, United States, ASN39572 (ADVANCEDHOSTERS-AS, NL),
Reverse DNS
Software
nginx/1.18.0 /
Resource Hash

Request headers

Accept-Language
nl-NL,nl;q=0.9
Referer
https://517s61.reminews.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date
Fri, 03 Dec 2021 16:22:51 GMT
x-openstack-request-id
tx287de7c84de84b77b385d-00617824f0
x-trans-id
tx287de7c84de84b77b385d-00617824f0
x-timestamp
1621260767.46514
accept-ranges
bytes
expires
Sun, 05 Dec 2021 16:22:51 GMT
last-modified
Mon, 17 May 2021 14:12:48 GMT
server
nginx/1.18.0
etag
f92d6474ebc6a3a0b576749cfb4afe98
vary
Accept-Encoding
access-control-allow-methods
HEAD,GET,POST,PUT,PATCH,DELETE,OPTIONS
content-type
image/png
access-control-allow-origin
*
access-control-expose-headers
X-Container-Meta-Temp-Url-Key,X-Container-Bytes-Used,Last-Modified,X-Timestamp
cache-control
max-age=172800
content-length
4064
access-control-allow-headers
Content-Type,X-Requested-With,X-Auth-Token,X-Openstack-Request-Id,X-Container-Meta-type,X-Container-Meta-Temp-URL-Key,Authorization
x-proxy-cache
HIT
afu.php
kneeansweras.com/ 		2 KB
1 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://kneeansweras.com/afu.php?zoneid=1541501&var=1541502
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
109.206.162.83 , Netherlands, ASN50245 (SERVEREL-AS, NL),
Reverse DNS
83.162.serverel.net
Software
nginx /
Resource Hash
cba23bdae04c712062b1f7aea5561f4dc16f5b5697470511884323397f906fd1

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36
Accept-Language
nl-NL,nl;q=0.9

Response headers

server
nginx
date
Fri, 03 Dec 2021 16:22:51 GMT
content-type
text/html; charset=utf-8
vary
Accept-Encoding
content-encoding
gzip
timing-allow-origin
*
submit.min.js
kneeansweras.com/ 		34 KB
14 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://kneeansweras.com/submit.min.js?2.0
Requested by
Host: kneeansweras.com
URL: https://kneeansweras.com/afu.php?zoneid=1541501&var=1541502
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
109.206.162.83 , Netherlands, ASN50245 (SERVEREL-AS, NL),
Reverse DNS
83.162.serverel.net
Software
nginx /
Resource Hash
85a367f436675a0f9ff723ab117c68ab0f704cd9f183bc40c8d5e06d647832b8

Request headers

Accept-Language
nl-NL,nl;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date
Fri, 03 Dec 2021 16:22:51 GMT
content-encoding
gzip
last-modified
Thu, 02 Dec 2021 12:43:17 GMT
server
nginx
etag
W/"61a8bf65-87fb"
vary
Accept-Encoding
content-type
application/javascript
timing-allow-origin
*
/
kneeansweras.com/ 		3 KB
2 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://kneeansweras.com/?r=dir&zoneid=1541501&var=1541502&pb=84c607267541a81d905712c7293cba701638555771&psp=Ovg9DZGV4nB2Mr6cXC4aZ7RMVOCsEI2afyuRuvZVzJrqtyB7xAv81hHQ_qPmc7fhuy1TtCxNkg-CjN8tk4ICbb37mZzLGp8xwQGeJbWjVZFWQpinf6RB-XVkrdvdJPH2eC8ITlGapTv9sJQ_hyXYRcZ1k3OGu1pJw26agM4AMN5l4pcpXoOLRFMMTnrTr8vyy1skB_sntluKdiwuN_e3ClSiwONUlPTTKq_1XrNKW5tKemf5Ldu7hOo8u5T7g1BjG90p06Wq6IuoDRYB83nrPPs1D-xJyvLvd-VHoAtRWuWVM4URWXj3gQ_unDuJZEEJMMbcGpWXJAMNKYRU_h1WTyki5NNq9QS66Zckz3LSIrYwUleDG0yv_Pcdvs4WyCTlcDRMvkfS7MZj0o3IXm4w9DjO0AEVdZp7aA-ttTbJUFx8sLFaH3hE8UThZrpl88THngFpTVBtTQzjpOFfnPj71rK6n2uvTx9oCxAWpaLiGdz2lDeU-fAcbqt4PhEAU1uduqhpx_tco8x5AlzzQHVyWTri0qVuWlzEP0lpGIyOkjYbijd72Zafj9lHB3z26VGtWfd-O4lBMYpQYUVkOTqt8hWKnizq3GcaHKUgLlkf3FZ7AFijqc_lSpqSSxFzIMD3ex5P_Hy_1Xx1jP_zZ4q0ez4kEkTSzMbRye_2KRMbDbHj9FESgk72Tw==&nojs=0&ix=0&t=0&x=1600&y=1200&wcks=1&wgl=1&cnvs=1&os=0&md=0&bb=0&pl=Chrome%20PDF%20Plugin::Chrome%20PDF%20Viewer::Native%20Client&lang=en-US&pf=Linux%20x86_64&cd=24&0&pload=105
Requested by
Host: kneeansweras.com
URL: https://kneeansweras.com/submit.min.js?2.0
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
109.206.162.83 , Netherlands, ASN50245 (SERVEREL-AS, NL),
Reverse DNS
83.162.serverel.net
Software
nginx /
Resource Hash
32f3cb9b76ba58a68a12dc6dc5721c08d25852d5e64d340d95eb356699228727

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36
Accept-Language
nl-NL,nl;q=0.9

Response headers

server
nginx
date
Fri, 03 Dec 2021 16:22:51 GMT
content-type
text/html; charset=utf-8
vary
Accept-Encoding
content-encoding
gzip
timing-allow-origin
*
index.html
517s61.reminews.com/dannig/common-player-arrow/ 		6 KB
7 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://517s61.reminews.com/dannig/common-player-arrow/index.html?var=1541501&ymid=21120311226fceee06adee45e1991f51414c&rc=1&mrc=0&fsc=0&zoneid=1601571&tburl=https://play-vids.com/?geo=nl&proxy=true
Requested by
Host: kneeansweras.com
URL: https://kneeansweras.com/?r=dir&zoneid=1541501&var=1541502&pb=84c607267541a81d905712c7293cba701638555771&psp=Ovg9DZGV4nB2Mr6cXC4aZ7RMVOCsEI2afyuRuvZVzJrqtyB7xAv81hHQ_qPmc7fhuy1TtCxNkg-CjN8tk4ICbb37mZzLGp8xwQGeJbWjVZFWQpinf6RB-XVkrdvdJPH2eC8ITlGapTv9sJQ_hyXYRcZ1k3OGu1pJw26agM4AMN5l4pcpXoOLRFMMTnrTr8vyy1skB_sntluKdiwuN_e3ClSiwONUlPTTKq_1XrNKW5tKemf5Ldu7hOo8u5T7g1BjG90p06Wq6IuoDRYB83nrPPs1D-xJyvLvd-VHoAtRWuWVM4URWXj3gQ_unDuJZEEJMMbcGpWXJAMNKYRU_h1WTyki5NNq9QS66Zckz3LSIrYwUleDG0yv_Pcdvs4WyCTlcDRMvkfS7MZj0o3IXm4w9DjO0AEVdZp7aA-ttTbJUFx8sLFaH3hE8UThZrpl88THngFpTVBtTQzjpOFfnPj71rK6n2uvTx9oCxAWpaLiGdz2lDeU-fAcbqt4PhEAU1uduqhpx_tco8x5AlzzQHVyWTri0qVuWlzEP0lpGIyOkjYbijd72Zafj9lHB3z26VGtWfd-O4lBMYpQYUVkOTqt8hWKnizq3GcaHKUgLlkf3FZ7AFijqc_lSpqSSxFzIMD3ex5P_Hy_1Xx1jP_zZ4q0ez4kEkTSzMbRye_2KRMbDbHj9FESgk72Tw==&nojs=0&ix=0&t=0&x=1600&y=1200&wcks=1&wgl=1&cnvs=1&os=0&md=0&bb=0&pl=Chrome%20PDF%20Plugin::Chrome%20PDF%20Viewer::Native%20Client&lang=en-US&pf=Linux%20x86_64&cd=24&0&pload=105
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
45.133.44.3 Philadelphia, United States, ASN39572 (ADVANCEDHOSTERS-AS, NL),
Reverse DNS
Software
nginx/1.18.0 /
Resource Hash
dccc56b4834577790633f041a5c730b0f283352e63c8509a9da3961b170b6f96

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36
Accept-Language
nl-NL,nl;q=0.9

Response headers

date
Fri, 03 Dec 2021 16:22:51 GMT
content-type
text/html; charset=utf-8
content-length
6611
server
nginx/1.18.0
last-modified
Tue, 26 Oct 2021 15:52:40 GMT
etag
f46a63e0e4e733d7ddc6f46da00863bf
x-timestamp
1635263559.76455
x-trans-id
txf9973ab5455e4f86ae257-00617824f3
x-openstack-request-id
txf9973ab5455e4f86ae257-00617824f3
cache-control
max-age=172800
access-control-allow-origin
*
access-control-allow-methods
HEAD,GET,POST,PUT,PATCH,DELETE,OPTIONS
access-control-allow-headers
Content-Type,X-Requested-With,X-Auth-Token,X-Openstack-Request-Id,X-Container-Meta-type,X-Container-Meta-Temp-URL-Key,Authorization
access-control-expose-headers
X-Container-Meta-Temp-Url-Key,X-Container-Bytes-Used,Last-Modified,X-Timestamp
expires
Sun, 05 Dec 2021 16:22:51 GMT
vary
Accept-Encoding
x-proxy-cache
HIT
accept-ranges
bytes
dupa.gif
kneeansweras.com/ 		43 B
123 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://kneeansweras.com/dupa.gif?z=1541501&var=1541502&pb=84c607267541a81d905712c7293cba701638555771&psp=Ovg9DZGV4nB2Mr6cXC4aZ7RMVOCsEI2afyuRuvZVzJrqtyB7xAv81hHQ_qPmc7fhuy1TtCxNkg-CjN8tk4ICbb37mZzLGp8xwQGeJbWjVZFWQpinf6RB-XVkrdvdJPH2eC8ITlGapTv9sJQ_hyXYRcZ1k3OGu1pJw26agM4AMN5l4pcpXoOLRFMMTnrTr8vyy1skB_sntluKdiwuN_e3ClSiwONUlPTTKq_1XrNKW5tKemf5Ldu7hOo8u5T7g1BjG90p06Wq6IuoDRYB83nrPPs1D-xJyvLvd-VHoAtRWuWVM4URWXj3gQ_unDuJZEEJMMbcGpWXJAMNKYRU_h1WTyki5NNq9QS66Zckz3LSIrYwUleDG0yv_Pcdvs4WyCTlcDRMvkfS7MZj0o3IXm4w9DjO0AEVdZp7aA-ttTbJUFx8sLFaH3hE8UThZrpl88THngFpTVBtTQzjpOFfnPj71rK6n2uvTx9oCxAWpaLiGdz2lDeU-fAcbqt4PhEAU1uduqhpx_tco8x5AlzzQHVyWTri0qVuWlzEP0lpGIyOkjYbijd72Zafj9lHB3z26VGtWfd-O4lBMYpQYUVkOTqt8hWKnizq3GcaHKUgLlkf3FZ7AFijqc_lSpqSSxFzIMD3ex5P_Hy_1Xx1jP_zZ4q0ez4kEkTSzMbRye_2KRMbDbHj9FESgk72Tw==&pload=44
Requested by
Host: kneeansweras.com
URL: https://kneeansweras.com/?r=dir&zoneid=1541501&var=1541502&pb=84c607267541a81d905712c7293cba701638555771&psp=Ovg9DZGV4nB2Mr6cXC4aZ7RMVOCsEI2afyuRuvZVzJrqtyB7xAv81hHQ_qPmc7fhuy1TtCxNkg-CjN8tk4ICbb37mZzLGp8xwQGeJbWjVZFWQpinf6RB-XVkrdvdJPH2eC8ITlGapTv9sJQ_hyXYRcZ1k3OGu1pJw26agM4AMN5l4pcpXoOLRFMMTnrTr8vyy1skB_sntluKdiwuN_e3ClSiwONUlPTTKq_1XrNKW5tKemf5Ldu7hOo8u5T7g1BjG90p06Wq6IuoDRYB83nrPPs1D-xJyvLvd-VHoAtRWuWVM4URWXj3gQ_unDuJZEEJMMbcGpWXJAMNKYRU_h1WTyki5NNq9QS66Zckz3LSIrYwUleDG0yv_Pcdvs4WyCTlcDRMvkfS7MZj0o3IXm4w9DjO0AEVdZp7aA-ttTbJUFx8sLFaH3hE8UThZrpl88THngFpTVBtTQzjpOFfnPj71rK6n2uvTx9oCxAWpaLiGdz2lDeU-fAcbqt4PhEAU1uduqhpx_tco8x5AlzzQHVyWTri0qVuWlzEP0lpGIyOkjYbijd72Zafj9lHB3z26VGtWfd-O4lBMYpQYUVkOTqt8hWKnizq3GcaHKUgLlkf3FZ7AFijqc_lSpqSSxFzIMD3ex5P_Hy_1Xx1jP_zZ4q0ez4kEkTSzMbRye_2KRMbDbHj9FESgk72Tw==&nojs=0&ix=0&t=0&x=1600&y=1200&wcks=1&wgl=1&cnvs=1&os=0&md=0&bb=0&pl=Chrome%20PDF%20Plugin::Chrome%20PDF%20Viewer::Native%20Client&lang=en-US&pf=Linux%20x86_64&cd=24&0&pload=105
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
109.206.162.83 , Netherlands, ASN50245 (SERVEREL-AS, NL),
Reverse DNS
83.162.serverel.net
Software
nginx /
Resource Hash

Request headers

Referer
Accept-Language
nl-NL,nl;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

date
Fri, 03 Dec 2021 16:22:51 GMT
server
nginx
timing-allow-origin
*
content-length
43
content-type
image/gif
script.js
123.selornews.com/dannig/common-player-arrow/ 		4 KB
5 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://123.selornews.com/dannig/common-player-arrow/script.js?a=19
Requested by
Host: 517s61.reminews.com
URL: https://517s61.reminews.com/dannig/common-player-arrow/index.html?var=1541501&ymid=21120311226fceee06adee45e1991f51414c&rc=1&mrc=0&fsc=0&zoneid=1601571&tburl=https://play-vids.com/?geo=nl&proxy=true
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
45.133.44.4 Philadelphia, United States, ASN39572 (ADVANCEDHOSTERS-AS, NL),
Reverse DNS
Software
nginx/1.18.0 /
Resource Hash
4d23eca65ee87fd5bce9aaefc863c5f836ad13dbb3069c72533bddfe2054d0d9

Request headers

Accept-Language
nl-NL,nl;q=0.9
Referer
https://517s61.reminews.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date
Fri, 03 Dec 2021 16:22:51 GMT
x-openstack-request-id
tx511d3042704c4fa98c709-00617824f4
x-trans-id
tx511d3042704c4fa98c709-00617824f4
x-timestamp
1631013005.68768
accept-ranges
bytes
expires
Sun, 05 Dec 2021 16:22:51 GMT
last-modified
Tue, 07 Sep 2021 11:10:06 GMT
server
nginx/1.18.0
etag
9d479878f1dadd7ee15cebf73891e8ae
vary
Accept-Encoding
access-control-allow-methods
HEAD,GET,POST,PUT,PATCH,DELETE,OPTIONS
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
access-control-expose-headers
X-Container-Meta-Temp-Url-Key,X-Container-Bytes-Used,Last-Modified,X-Timestamp
cache-control
max-age=172800
content-length
4281
access-control-allow-headers
Content-Type,X-Requested-With,X-Auth-Token,X-Openstack-Request-Id,X-Container-Meta-type,X-Container-Meta-Temp-URL-Key,Authorization
x-proxy-cache
HIT
icon1.png
123.selornews.com/dannig/common-player-arrow/img/ 		7 KB
8 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://123.selornews.com/dannig/common-player-arrow/img/icon1.png
Requested by
Host: 517s61.reminews.com
URL: https://517s61.reminews.com/dannig/common-player-arrow/index.html?var=1541501&ymid=21120311226fceee06adee45e1991f51414c&rc=1&mrc=0&fsc=0&zoneid=1601571&tburl=https://play-vids.com/?geo=nl&proxy=true
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
45.133.44.4 Philadelphia, United States, ASN39572 (ADVANCEDHOSTERS-AS, NL),
Reverse DNS
Software
nginx/1.18.0 /
Resource Hash
0515ddd9185d263874e7b66bb6d521fcd63b857aac5fed51c08df98026dafe27

Request headers

Accept-Language
nl-NL,nl;q=0.9
Referer
https://517s61.reminews.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date
Fri, 03 Dec 2021 16:22:51 GMT
x-openstack-request-id
tx3a371b7f911d47879e956-00617824f4
x-trans-id
tx3a371b7f911d47879e956-00617824f4
x-timestamp
1621260766.56573
accept-ranges
bytes
expires
Sun, 05 Dec 2021 16:22:51 GMT
last-modified
Mon, 17 May 2021 14:12:47 GMT
server
nginx/1.18.0
etag
3d0ab5834c8bf7134e4d21fa3288317f
vary
Accept-Encoding
access-control-allow-methods
HEAD,GET,POST,PUT,PATCH,DELETE,OPTIONS
content-type
image/png
access-control-allow-origin
*
access-control-expose-headers
X-Container-Meta-Temp-Url-Key,X-Container-Bytes-Used,Last-Modified,X-Timestamp
cache-control
max-age=172800
content-length
7252
access-control-allow-headers
Content-Type,X-Requested-With,X-Auth-Token,X-Openstack-Request-Id,X-Container-Meta-type,X-Container-Meta-Temp-URL-Key,Authorization
x-proxy-cache
HIT
icon2.png
123.selornews.com/dannig/common-player-arrow/img/ 		4 KB
5 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://123.selornews.com/dannig/common-player-arrow/img/icon2.png
Requested by
Host: 517s61.reminews.com
URL: https://517s61.reminews.com/dannig/common-player-arrow/index.html?var=1541501&ymid=21120311226fceee06adee45e1991f51414c&rc=1&mrc=0&fsc=0&zoneid=1601571&tburl=https://play-vids.com/?geo=nl&proxy=true
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
45.133.44.4 Philadelphia, United States, ASN39572 (ADVANCEDHOSTERS-AS, NL),
Reverse DNS
Software
nginx/1.18.0 /
Resource Hash

Request headers

Accept-Language
nl-NL,nl;q=0.9
Referer
https://517s61.reminews.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date
Fri, 03 Dec 2021 16:22:51 GMT
x-openstack-request-id
txa9b08c83d6884e2e94886-00617824f0
x-trans-id
txa9b08c83d6884e2e94886-00617824f0
x-timestamp
1621260766.58366
accept-ranges
bytes
expires
Sun, 05 Dec 2021 16:22:51 GMT
last-modified
Mon, 17 May 2021 14:12:47 GMT
server
nginx/1.18.0
etag
c947d439eb93367f1af5b2a3d222f057
vary
Accept-Encoding
access-control-allow-methods
HEAD,GET,POST,PUT,PATCH,DELETE,OPTIONS
content-type
image/png
access-control-allow-origin
*
access-control-expose-headers
X-Container-Meta-Temp-Url-Key,X-Container-Bytes-Used,Last-Modified,X-Timestamp
cache-control
max-age=172800
content-length
4576
access-control-allow-headers
Content-Type,X-Requested-With,X-Auth-Token,X-Openstack-Request-Id,X-Container-Meta-type,X-Container-Meta-Temp-URL-Key,Authorization
x-proxy-cache
HIT
icon3.png
123.selornews.com/dannig/common-player-arrow/img/ 		8 KB
8 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://123.selornews.com/dannig/common-player-arrow/img/icon3.png
Requested by
Host: 517s61.reminews.com
URL: https://517s61.reminews.com/dannig/common-player-arrow/index.html?var=1541501&ymid=21120311226fceee06adee45e1991f51414c&rc=1&mrc=0&fsc=0&zoneid=1601571&tburl=https://play-vids.com/?geo=nl&proxy=true
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
45.133.44.4 Philadelphia, United States, ASN39572 (ADVANCEDHOSTERS-AS, NL),
Reverse DNS
Software
nginx/1.18.0 /
Resource Hash

Request headers

Accept-Language
nl-NL,nl;q=0.9
Referer
https://517s61.reminews.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date
Fri, 03 Dec 2021 16:22:51 GMT
x-openstack-request-id
txe836bc800dc74cab8c17e-00617824f0
x-trans-id
txe836bc800dc74cab8c17e-00617824f0
x-timestamp
1621260770.61859
accept-ranges
bytes
expires
Sun, 05 Dec 2021 16:22:51 GMT
last-modified
Mon, 17 May 2021 14:12:51 GMT
server
nginx/1.18.0
etag
8f3cc830da0b1fdf66bda7d1d734747b
vary
Accept-Encoding
access-control-allow-methods
HEAD,GET,POST,PUT,PATCH,DELETE,OPTIONS
content-type
image/png
access-control-allow-origin
*
access-control-expose-headers
X-Container-Meta-Temp-Url-Key,X-Container-Bytes-Used,Last-Modified,X-Timestamp
cache-control
max-age=172800
content-length
7847
access-control-allow-headers
Content-Type,X-Requested-With,X-Auth-Token,X-Openstack-Request-Id,X-Container-Meta-type,X-Container-Meta-Temp-URL-Key,Authorization
x-proxy-cache
HIT
icon4.png
123.selornews.com/dannig/common-player-arrow/img/ 		7 KB
7 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://123.selornews.com/dannig/common-player-arrow/img/icon4.png
Requested by
Host: 517s61.reminews.com
URL: https://517s61.reminews.com/dannig/common-player-arrow/index.html?var=1541501&ymid=21120311226fceee06adee45e1991f51414c&rc=1&mrc=0&fsc=0&zoneid=1601571&tburl=https://play-vids.com/?geo=nl&proxy=true
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
45.133.44.4 Philadelphia, United States, ASN39572 (ADVANCEDHOSTERS-AS, NL),
Reverse DNS
Software
nginx/1.18.0 /
Resource Hash

Request headers

Accept-Language
nl-NL,nl;q=0.9
Referer
https://517s61.reminews.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date
Fri, 03 Dec 2021 16:22:51 GMT
x-openstack-request-id
tx15b172dcb6084849bf123-00617824f0
x-trans-id
tx15b172dcb6084849bf123-00617824f0
x-timestamp
1621260766.57654
accept-ranges
bytes
expires
Sun, 05 Dec 2021 16:22:51 GMT
last-modified
Mon, 17 May 2021 14:12:47 GMT
server
nginx/1.18.0
etag
7ad7f32c1c0df7b4975cc41bda4ac435
vary
Accept-Encoding
access-control-allow-methods
HEAD,GET,POST,PUT,PATCH,DELETE,OPTIONS
content-type
image/png
access-control-allow-origin
*
access-control-expose-headers
X-Container-Meta-Temp-Url-Key,X-Container-Bytes-Used,Last-Modified,X-Timestamp
cache-control
max-age=172800
content-length
7032
access-control-allow-headers
Content-Type,X-Requested-With,X-Auth-Token,X-Openstack-Request-Id,X-Container-Meta-type,X-Container-Meta-Temp-URL-Key,Authorization
x-proxy-cache
HIT
icon5.png
123.selornews.com/dannig/common-player-arrow/img/ 		3 KB
4 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://123.selornews.com/dannig/common-player-arrow/img/icon5.png
Requested by
Host: 517s61.reminews.com
URL: https://517s61.reminews.com/dannig/common-player-arrow/index.html?var=1541501&ymid=21120311226fceee06adee45e1991f51414c&rc=1&mrc=0&fsc=0&zoneid=1601571&tburl=https://play-vids.com/?geo=nl&proxy=true
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
45.133.44.4 Philadelphia, United States, ASN39572 (ADVANCEDHOSTERS-AS, NL),
Reverse DNS
Software
nginx/1.18.0 /
Resource Hash

Request headers

Accept-Language
nl-NL,nl;q=0.9
Referer
https://517s61.reminews.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date
Fri, 03 Dec 2021 16:22:51 GMT
x-openstack-request-id
txb5043e51fe2e4d6988631-00617824f0
x-trans-id
txb5043e51fe2e4d6988631-00617824f0
x-timestamp
1621260766.74516
accept-ranges
bytes
expires
Sun, 05 Dec 2021 16:22:51 GMT
last-modified
Mon, 17 May 2021 14:12:47 GMT
server
nginx/1.18.0
etag
1e1a7582b5da63e10485d63f97abc9a0
vary
Accept-Encoding
access-control-allow-methods
HEAD,GET,POST,PUT,PATCH,DELETE,OPTIONS
content-type
image/png
access-control-allow-origin
*
access-control-expose-headers
X-Container-Meta-Temp-Url-Key,X-Container-Bytes-Used,Last-Modified,X-Timestamp
cache-control
max-age=172800
content-length
3264
access-control-allow-headers
Content-Type,X-Requested-With,X-Auth-Token,X-Openstack-Request-Id,X-Container-Meta-type,X-Container-Meta-Temp-URL-Key,Authorization
x-proxy-cache
HIT
icon7.png
123.selornews.com/dannig/common-player-arrow/img/ 		3 KB
4 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://123.selornews.com/dannig/common-player-arrow/img/icon7.png
Requested by
Host: 517s61.reminews.com
URL: https://517s61.reminews.com/dannig/common-player-arrow/index.html?var=1541501&ymid=21120311226fceee06adee45e1991f51414c&rc=1&mrc=0&fsc=0&zoneid=1601571&tburl=https://play-vids.com/?geo=nl&proxy=true
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
45.133.44.4 Philadelphia, United States, ASN39572 (ADVANCEDHOSTERS-AS, NL),
Reverse DNS
Software
nginx/1.18.0 /
Resource Hash

Request headers

Accept-Language
nl-NL,nl;q=0.9
Referer
https://517s61.reminews.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date
Fri, 03 Dec 2021 16:22:51 GMT
x-openstack-request-id
tx23eb648f44094a9e86fdc-00617824f0
x-trans-id
tx23eb648f44094a9e86fdc-00617824f0
x-timestamp
1621260767.43555
accept-ranges
bytes
expires
Sun, 05 Dec 2021 16:22:51 GMT
last-modified
Mon, 17 May 2021 14:12:48 GMT
server
nginx/1.18.0
etag
b512735542cb07b3b2dcf153a7dfe456
vary
Accept-Encoding
access-control-allow-methods
HEAD,GET,POST,PUT,PATCH,DELETE,OPTIONS
content-type
image/png
access-control-allow-origin
*
access-control-expose-headers
X-Container-Meta-Temp-Url-Key,X-Container-Bytes-Used,Last-Modified,X-Timestamp
cache-control
max-age=172800
content-length
3283
access-control-allow-headers
Content-Type,X-Requested-With,X-Auth-Token,X-Openstack-Request-Id,X-Container-Meta-type,X-Container-Meta-Temp-URL-Key,Authorization
x-proxy-cache
HIT
icon8.png
123.selornews.com/dannig/common-player-arrow/img/ 		4 KB
5 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://123.selornews.com/dannig/common-player-arrow/img/icon8.png
Requested by
Host: 517s61.reminews.com
URL: https://517s61.reminews.com/dannig/common-player-arrow/index.html?var=1541501&ymid=21120311226fceee06adee45e1991f51414c&rc=1&mrc=0&fsc=0&zoneid=1601571&tburl=https://play-vids.com/?geo=nl&proxy=true
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
45.133.44.4 Philadelphia, United States, ASN39572 (ADVANCEDHOSTERS-AS, NL),
Reverse DNS
Software
nginx/1.18.0 /
Resource Hash

Request headers

Accept-Language
nl-NL,nl;q=0.9
Referer
https://517s61.reminews.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date
Fri, 03 Dec 2021 16:22:51 GMT
x-openstack-request-id
tx287de7c84de84b77b385d-00617824f0
x-trans-id
tx287de7c84de84b77b385d-00617824f0
x-timestamp
1621260767.46514
accept-ranges
bytes
expires
Sun, 05 Dec 2021 16:22:51 GMT
last-modified
Mon, 17 May 2021 14:12:48 GMT
server
nginx/1.18.0
etag
f92d6474ebc6a3a0b576749cfb4afe98
vary
Accept-Encoding
access-control-allow-methods
HEAD,GET,POST,PUT,PATCH,DELETE,OPTIONS
content-type
image/png
access-control-allow-origin
*
access-control-expose-headers
X-Container-Meta-Temp-Url-Key,X-Container-Bytes-Used,Last-Modified,X-Timestamp
cache-control
max-age=172800
content-length
4064
access-control-allow-headers
Content-Type,X-Requested-With,X-Auth-Token,X-Openstack-Request-Id,X-Container-Meta-type,X-Container-Meta-Temp-URL-Key,Authorization
x-proxy-cache
HIT
afu.php
kneeansweras.com/ 		2 KB
1 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://kneeansweras.com/afu.php?zoneid=1541502&var=1541501
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
109.206.162.83 , Netherlands, ASN50245 (SERVEREL-AS, NL),
Reverse DNS
83.162.serverel.net
Software
nginx /
Resource Hash
8917efcd47a150df42d8b8e6991879d55c5f3c9e0bf494038a860aa1a6ed92ed

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36
Accept-Language
nl-NL,nl;q=0.9

Response headers

server
nginx
date
Fri, 03 Dec 2021 16:22:51 GMT
content-type
text/html; charset=utf-8
vary
Accept-Encoding
content-encoding
gzip
timing-allow-origin
*
submit.min.js
kneeansweras.com/ 		34 KB
14 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://kneeansweras.com/submit.min.js?2.0
Requested by
Host: kneeansweras.com
URL: https://kneeansweras.com/afu.php?zoneid=1541502&var=1541501
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
109.206.162.83 , Netherlands, ASN50245 (SERVEREL-AS, NL),
Reverse DNS
83.162.serverel.net
Software
nginx /
Resource Hash
85a367f436675a0f9ff723ab117c68ab0f704cd9f183bc40c8d5e06d647832b8

Request headers

Accept-Language
nl-NL,nl;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date
Fri, 03 Dec 2021 16:22:51 GMT
content-encoding
gzip
last-modified
Thu, 02 Dec 2021 12:43:17 GMT
server
nginx
etag
W/"61a8bf65-87fb"
vary
Accept-Encoding
content-type
application/javascript
timing-allow-origin
*
/
kneeansweras.com/ 		3 KB
2 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://kneeansweras.com/?r=dir&zoneid=1541502&var=1541501&pb=84c607267541a81d905712c7293cba701638555771&psp=Z83PonF-QQALtPi4kqzLKZzkLMt8LRZ87xC6SlSGQuh_ecdzSnpDGf1RfA4k6QXNGhH59ZzL_IiT4jCVa7sihF8_LFBbtWj6MkkDLx69HsZwdFqK8awXSXORaVPaxgALyojbuNrMB-XgO9sLri1EAXCjouVye1ASnnyKrbq26_zrrBbL7d_WGWEl77wCBHYnShxG1RrYhZkxLSpA1SUuJZ2z6odgDYpXWV6M5HrQXM23DrY5hvKqpLhFj5zKtU_hPG4kzd9sXy5sjWCBPcrTUk3OTswSKrwXSX3p3ZGQc-0rMiqrpyao5rznDmz5Xje9wDE1BFuYfAIhJtAzu7oEBcu447AszbzI1UUqWrVxoVasQJNQhcrC2XF2slCZxod9GMSMg_0OjDmJ4Y7PVqoh5g-k0GcJm_loOq5EEYaDGHWfanPJthQ0TSnoFg7S_CHaXpoqbnuwhTQWWXB8p99DZFbfcpSPhub0n3dM6aPAWB2RFukso2_6ZU6IIWkcDxsgtflMPHb2g3wlq33bt8KnxHqAsvoJL8yUecdlS3HjzV02h-Xdi9eSzrRF8lbl95fSoPPZF8NazS7huluzXzZwhikqsb-unRjwioAPAU_6kSM_HzmMdrNZ8RrpLhmWAJO9HHh3xyQnxVgPvEJff0idd_pIfC7WM6a8bGr-f0EerxnW681nEIf-OQ==&nojs=0&ix=0&t=0&x=1600&y=1200&wcks=1&wgl=1&cnvs=1&os=0&md=0&bb=0&pl=Chrome%20PDF%20Plugin::Chrome%20PDF%20Viewer::Native%20Client&lang=en-US&pf=Linux%20x86_64&cd=24&0&pload=102
Requested by
Host: kneeansweras.com
URL: https://kneeansweras.com/submit.min.js?2.0
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
109.206.162.83 , Netherlands, ASN50245 (SERVEREL-AS, NL),
Reverse DNS
83.162.serverel.net
Software
nginx /
Resource Hash
e03a98e85690fac9c356864298fcebceaed1527948b5abd66b103ed9d39ae416

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36
Accept-Language
nl-NL,nl;q=0.9

Response headers

server
nginx
date
Fri, 03 Dec 2021 16:22:52 GMT
content-type
text/html; charset=utf-8
vary
Accept-Encoding
content-encoding
gzip
timing-allow-origin
*
index.html
517s61.reminews.com/dannig/common-player-arrow/ 		6 KB
7 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://517s61.reminews.com/dannig/common-player-arrow/index.html?var=1541502&ymid=2112031122d30455b880db4772bae2061f09&rc=1&mrc=0&fsc=0&zoneid=1601571&tburl=https://play-vids.com/?geo=nl&proxy=true
Requested by
Host: kneeansweras.com
URL: https://kneeansweras.com/?r=dir&zoneid=1541502&var=1541501&pb=84c607267541a81d905712c7293cba701638555771&psp=Z83PonF-QQALtPi4kqzLKZzkLMt8LRZ87xC6SlSGQuh_ecdzSnpDGf1RfA4k6QXNGhH59ZzL_IiT4jCVa7sihF8_LFBbtWj6MkkDLx69HsZwdFqK8awXSXORaVPaxgALyojbuNrMB-XgO9sLri1EAXCjouVye1ASnnyKrbq26_zrrBbL7d_WGWEl77wCBHYnShxG1RrYhZkxLSpA1SUuJZ2z6odgDYpXWV6M5HrQXM23DrY5hvKqpLhFj5zKtU_hPG4kzd9sXy5sjWCBPcrTUk3OTswSKrwXSX3p3ZGQc-0rMiqrpyao5rznDmz5Xje9wDE1BFuYfAIhJtAzu7oEBcu447AszbzI1UUqWrVxoVasQJNQhcrC2XF2slCZxod9GMSMg_0OjDmJ4Y7PVqoh5g-k0GcJm_loOq5EEYaDGHWfanPJthQ0TSnoFg7S_CHaXpoqbnuwhTQWWXB8p99DZFbfcpSPhub0n3dM6aPAWB2RFukso2_6ZU6IIWkcDxsgtflMPHb2g3wlq33bt8KnxHqAsvoJL8yUecdlS3HjzV02h-Xdi9eSzrRF8lbl95fSoPPZF8NazS7huluzXzZwhikqsb-unRjwioAPAU_6kSM_HzmMdrNZ8RrpLhmWAJO9HHh3xyQnxVgPvEJff0idd_pIfC7WM6a8bGr-f0EerxnW681nEIf-OQ==&nojs=0&ix=0&t=0&x=1600&y=1200&wcks=1&wgl=1&cnvs=1&os=0&md=0&bb=0&pl=Chrome%20PDF%20Plugin::Chrome%20PDF%20Viewer::Native%20Client&lang=en-US&pf=Linux%20x86_64&cd=24&0&pload=102
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
45.133.44.3 Philadelphia, United States, ASN39572 (ADVANCEDHOSTERS-AS, NL),
Reverse DNS
Software
nginx/1.18.0 /
Resource Hash
dccc56b4834577790633f041a5c730b0f283352e63c8509a9da3961b170b6f96

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36
Accept-Language
nl-NL,nl;q=0.9

Response headers

date
Fri, 03 Dec 2021 16:22:52 GMT
content-type
text/html; charset=utf-8
content-length
6611
server
nginx/1.18.0
last-modified
Tue, 26 Oct 2021 15:52:40 GMT
etag
f46a63e0e4e733d7ddc6f46da00863bf
x-timestamp
1635263559.76455
x-trans-id
txf9973ab5455e4f86ae257-00617824f3
x-openstack-request-id
txf9973ab5455e4f86ae257-00617824f3
cache-control
max-age=172800
access-control-allow-origin
*
access-control-allow-methods
HEAD,GET,POST,PUT,PATCH,DELETE,OPTIONS
access-control-allow-headers
Content-Type,X-Requested-With,X-Auth-Token,X-Openstack-Request-Id,X-Container-Meta-type,X-Container-Meta-Temp-URL-Key,Authorization
access-control-expose-headers
X-Container-Meta-Temp-Url-Key,X-Container-Bytes-Used,Last-Modified,X-Timestamp
expires
Sun, 05 Dec 2021 16:22:52 GMT
vary
Accept-Encoding
x-proxy-cache
HIT
accept-ranges
bytes
dupa.gif
kneeansweras.com/ 		0
0
script.js
123.selornews.com/dannig/common-player-arrow/ 		4 KB
5 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://123.selornews.com/dannig/common-player-arrow/script.js?a=19
Requested by
Host: 517s61.reminews.com
URL: https://517s61.reminews.com/dannig/common-player-arrow/index.html?var=1541502&ymid=2112031122d30455b880db4772bae2061f09&rc=1&mrc=0&fsc=0&zoneid=1601571&tburl=https://play-vids.com/?geo=nl&proxy=true
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
45.133.44.4 Philadelphia, United States, ASN39572 (ADVANCEDHOSTERS-AS, NL),
Reverse DNS
Software
nginx/1.18.0 /
Resource Hash
4d23eca65ee87fd5bce9aaefc863c5f836ad13dbb3069c72533bddfe2054d0d9

Request headers

Accept-Language
nl-NL,nl;q=0.9
Referer
https://517s61.reminews.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date
Fri, 03 Dec 2021 16:22:52 GMT
x-openstack-request-id
tx511d3042704c4fa98c709-00617824f4
x-trans-id
tx511d3042704c4fa98c709-00617824f4
x-timestamp
1631013005.68768
accept-ranges
bytes
expires
Sun, 05 Dec 2021 16:22:52 GMT
last-modified
Tue, 07 Sep 2021 11:10:06 GMT
server
nginx/1.18.0
etag
9d479878f1dadd7ee15cebf73891e8ae
vary
Accept-Encoding
access-control-allow-methods
HEAD,GET,POST,PUT,PATCH,DELETE,OPTIONS
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
access-control-expose-headers
X-Container-Meta-Temp-Url-Key,X-Container-Bytes-Used,Last-Modified,X-Timestamp
cache-control
max-age=172800
content-length
4281
access-control-allow-headers
Content-Type,X-Requested-With,X-Auth-Token,X-Openstack-Request-Id,X-Container-Meta-type,X-Container-Meta-Temp-URL-Key,Authorization
x-proxy-cache
HIT
icon1.png
123.selornews.com/dannig/common-player-arrow/img/ 		7 KB
8 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://123.selornews.com/dannig/common-player-arrow/img/icon1.png
Requested by
Host: 517s61.reminews.com
URL: https://517s61.reminews.com/dannig/common-player-arrow/index.html?var=1541502&ymid=2112031122d30455b880db4772bae2061f09&rc=1&mrc=0&fsc=0&zoneid=1601571&tburl=https://play-vids.com/?geo=nl&proxy=true
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
45.133.44.4 Philadelphia, United States, ASN39572 (ADVANCEDHOSTERS-AS, NL),
Reverse DNS
Software
nginx/1.18.0 /
Resource Hash
0515ddd9185d263874e7b66bb6d521fcd63b857aac5fed51c08df98026dafe27

Request headers

Accept-Language
nl-NL,nl;q=0.9
Referer
https://517s61.reminews.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date
Fri, 03 Dec 2021 16:22:52 GMT
x-openstack-request-id
tx3a371b7f911d47879e956-00617824f4
x-trans-id
tx3a371b7f911d47879e956-00617824f4
x-timestamp
1621260766.56573
accept-ranges
bytes
expires
Sun, 05 Dec 2021 16:22:52 GMT
last-modified
Mon, 17 May 2021 14:12:47 GMT
server
nginx/1.18.0
etag
3d0ab5834c8bf7134e4d21fa3288317f
vary
Accept-Encoding
access-control-allow-methods
HEAD,GET,POST,PUT,PATCH,DELETE,OPTIONS
content-type
image/png
access-control-allow-origin
*
access-control-expose-headers
X-Container-Meta-Temp-Url-Key,X-Container-Bytes-Used,Last-Modified,X-Timestamp
cache-control
max-age=172800
content-length
7252
access-control-allow-headers
Content-Type,X-Requested-With,X-Auth-Token,X-Openstack-Request-Id,X-Container-Meta-type,X-Container-Meta-Temp-URL-Key,Authorization
x-proxy-cache
HIT
icon2.png
123.selornews.com/dannig/common-player-arrow/img/ 		4 KB
5 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://123.selornews.com/dannig/common-player-arrow/img/icon2.png
Requested by
Host: 517s61.reminews.com
URL: https://517s61.reminews.com/dannig/common-player-arrow/index.html?var=1541502&ymid=2112031122d30455b880db4772bae2061f09&rc=1&mrc=0&fsc=0&zoneid=1601571&tburl=https://play-vids.com/?geo=nl&proxy=true
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
45.133.44.4 Philadelphia, United States, ASN39572 (ADVANCEDHOSTERS-AS, NL),
Reverse DNS
Software
nginx/1.18.0 /
Resource Hash

Request headers

Accept-Language
nl-NL,nl;q=0.9
Referer
https://517s61.reminews.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date
Fri, 03 Dec 2021 16:22:52 GMT
x-openstack-request-id
txa9b08c83d6884e2e94886-00617824f0
x-trans-id
txa9b08c83d6884e2e94886-00617824f0
x-timestamp
1621260766.58366
accept-ranges
bytes
expires
Sun, 05 Dec 2021 16:22:52 GMT
last-modified
Mon, 17 May 2021 14:12:47 GMT
server
nginx/1.18.0
etag
c947d439eb93367f1af5b2a3d222f057
vary
Accept-Encoding
access-control-allow-methods
HEAD,GET,POST,PUT,PATCH,DELETE,OPTIONS
content-type
image/png
access-control-allow-origin
*
access-control-expose-headers
X-Container-Meta-Temp-Url-Key,X-Container-Bytes-Used,Last-Modified,X-Timestamp
cache-control
max-age=172800
content-length
4576
access-control-allow-headers
Content-Type,X-Requested-With,X-Auth-Token,X-Openstack-Request-Id,X-Container-Meta-type,X-Container-Meta-Temp-URL-Key,Authorization
x-proxy-cache
HIT
icon3.png
123.selornews.com/dannig/common-player-arrow/img/ 		8 KB
8 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://123.selornews.com/dannig/common-player-arrow/img/icon3.png
Requested by
Host: 517s61.reminews.com
URL: https://517s61.reminews.com/dannig/common-player-arrow/index.html?var=1541502&ymid=2112031122d30455b880db4772bae2061f09&rc=1&mrc=0&fsc=0&zoneid=1601571&tburl=https://play-vids.com/?geo=nl&proxy=true
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
45.133.44.4 Philadelphia, United States, ASN39572 (ADVANCEDHOSTERS-AS, NL),
Reverse DNS
Software
nginx/1.18.0 /
Resource Hash

Request headers

Accept-Language
nl-NL,nl;q=0.9
Referer
https://517s61.reminews.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date
Fri, 03 Dec 2021 16:22:52 GMT
x-openstack-request-id
txe836bc800dc74cab8c17e-00617824f0
x-trans-id
txe836bc800dc74cab8c17e-00617824f0
x-timestamp
1621260770.61859
accept-ranges
bytes
expires
Sun, 05 Dec 2021 16:22:52 GMT
last-modified
Mon, 17 May 2021 14:12:51 GMT
server
nginx/1.18.0
etag
8f3cc830da0b1fdf66bda7d1d734747b
vary
Accept-Encoding
access-control-allow-methods
HEAD,GET,POST,PUT,PATCH,DELETE,OPTIONS
content-type
image/png
access-control-allow-origin
*
access-control-expose-headers
X-Container-Meta-Temp-Url-Key,X-Container-Bytes-Used,Last-Modified,X-Timestamp
cache-control
max-age=172800
content-length
7847
access-control-allow-headers
Content-Type,X-Requested-With,X-Auth-Token,X-Openstack-Request-Id,X-Container-Meta-type,X-Container-Meta-Temp-URL-Key,Authorization
x-proxy-cache
HIT
icon4.png
123.selornews.com/dannig/common-player-arrow/img/ 		7 KB
7 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://123.selornews.com/dannig/common-player-arrow/img/icon4.png
Requested by
Host: 517s61.reminews.com
URL: https://517s61.reminews.com/dannig/common-player-arrow/index.html?var=1541502&ymid=2112031122d30455b880db4772bae2061f09&rc=1&mrc=0&fsc=0&zoneid=1601571&tburl=https://play-vids.com/?geo=nl&proxy=true
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
45.133.44.4 Philadelphia, United States, ASN39572 (ADVANCEDHOSTERS-AS, NL),
Reverse DNS
Software
nginx/1.18.0 /
Resource Hash

Request headers

Accept-Language
nl-NL,nl;q=0.9
Referer
https://517s61.reminews.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date
Fri, 03 Dec 2021 16:22:52 GMT
x-openstack-request-id
tx15b172dcb6084849bf123-00617824f0
x-trans-id
tx15b172dcb6084849bf123-00617824f0
x-timestamp
1621260766.57654
accept-ranges
bytes
expires
Sun, 05 Dec 2021 16:22:52 GMT
last-modified
Mon, 17 May 2021 14:12:47 GMT
server
nginx/1.18.0
etag
7ad7f32c1c0df7b4975cc41bda4ac435
vary
Accept-Encoding
access-control-allow-methods
HEAD,GET,POST,PUT,PATCH,DELETE,OPTIONS
content-type
image/png
access-control-allow-origin
*
access-control-expose-headers
X-Container-Meta-Temp-Url-Key,X-Container-Bytes-Used,Last-Modified,X-Timestamp
cache-control
max-age=172800
content-length
7032
access-control-allow-headers
Content-Type,X-Requested-With,X-Auth-Token,X-Openstack-Request-Id,X-Container-Meta-type,X-Container-Meta-Temp-URL-Key,Authorization
x-proxy-cache
HIT
icon5.png
123.selornews.com/dannig/common-player-arrow/img/ 		3 KB
4 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://123.selornews.com/dannig/common-player-arrow/img/icon5.png
Requested by
Host: 517s61.reminews.com
URL: https://517s61.reminews.com/dannig/common-player-arrow/index.html?var=1541502&ymid=2112031122d30455b880db4772bae2061f09&rc=1&mrc=0&fsc=0&zoneid=1601571&tburl=https://play-vids.com/?geo=nl&proxy=true
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
45.133.44.4 Philadelphia, United States, ASN39572 (ADVANCEDHOSTERS-AS, NL),
Reverse DNS
Software
nginx/1.18.0 /
Resource Hash

Request headers

Accept-Language
nl-NL,nl;q=0.9
Referer
https://517s61.reminews.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date
Fri, 03 Dec 2021 16:22:52 GMT
x-openstack-request-id
txb5043e51fe2e4d6988631-00617824f0
x-trans-id
txb5043e51fe2e4d6988631-00617824f0
x-timestamp
1621260766.74516
accept-ranges
bytes
expires
Sun, 05 Dec 2021 16:22:52 GMT
last-modified
Mon, 17 May 2021 14:12:47 GMT
server
nginx/1.18.0
etag
1e1a7582b5da63e10485d63f97abc9a0
vary
Accept-Encoding
access-control-allow-methods
HEAD,GET,POST,PUT,PATCH,DELETE,OPTIONS
content-type
image/png
access-control-allow-origin
*
access-control-expose-headers
X-Container-Meta-Temp-Url-Key,X-Container-Bytes-Used,Last-Modified,X-Timestamp
cache-control
max-age=172800
content-length
3264
access-control-allow-headers
Content-Type,X-Requested-With,X-Auth-Token,X-Openstack-Request-Id,X-Container-Meta-type,X-Container-Meta-Temp-URL-Key,Authorization
x-proxy-cache
HIT
icon7.png
123.selornews.com/dannig/common-player-arrow/img/ 		3 KB
4 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://123.selornews.com/dannig/common-player-arrow/img/icon7.png
Requested by
Host: 517s61.reminews.com
URL: https://517s61.reminews.com/dannig/common-player-arrow/index.html?var=1541502&ymid=2112031122d30455b880db4772bae2061f09&rc=1&mrc=0&fsc=0&zoneid=1601571&tburl=https://play-vids.com/?geo=nl&proxy=true
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
45.133.44.4 Philadelphia, United States, ASN39572 (ADVANCEDHOSTERS-AS, NL),
Reverse DNS
Software
nginx/1.18.0 /
Resource Hash

Request headers

Accept-Language
nl-NL,nl;q=0.9
Referer
https://517s61.reminews.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date
Fri, 03 Dec 2021 16:22:52 GMT
x-openstack-request-id
tx23eb648f44094a9e86fdc-00617824f0
x-trans-id
tx23eb648f44094a9e86fdc-00617824f0
x-timestamp
1621260767.43555
accept-ranges
bytes
expires
Sun, 05 Dec 2021 16:22:52 GMT
last-modified
Mon, 17 May 2021 14:12:48 GMT
server
nginx/1.18.0
etag
b512735542cb07b3b2dcf153a7dfe456
vary
Accept-Encoding
access-control-allow-methods
HEAD,GET,POST,PUT,PATCH,DELETE,OPTIONS
content-type
image/png
access-control-allow-origin
*
access-control-expose-headers
X-Container-Meta-Temp-Url-Key,X-Container-Bytes-Used,Last-Modified,X-Timestamp
cache-control
max-age=172800
content-length
3283
access-control-allow-headers
Content-Type,X-Requested-With,X-Auth-Token,X-Openstack-Request-Id,X-Container-Meta-type,X-Container-Meta-Temp-URL-Key,Authorization
x-proxy-cache
HIT
icon8.png
123.selornews.com/dannig/common-player-arrow/img/ 		4 KB
5 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://123.selornews.com/dannig/common-player-arrow/img/icon8.png
Requested by
Host: 517s61.reminews.com
URL: https://517s61.reminews.com/dannig/common-player-arrow/index.html?var=1541502&ymid=2112031122d30455b880db4772bae2061f09&rc=1&mrc=0&fsc=0&zoneid=1601571&tburl=https://play-vids.com/?geo=nl&proxy=true
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
45.133.44.4 Philadelphia, United States, ASN39572 (ADVANCEDHOSTERS-AS, NL),
Reverse DNS
Software
nginx/1.18.0 /
Resource Hash

Request headers

Accept-Language
nl-NL,nl;q=0.9
Referer
https://517s61.reminews.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date
Fri, 03 Dec 2021 16:22:52 GMT
x-openstack-request-id
tx287de7c84de84b77b385d-00617824f0
x-trans-id
tx287de7c84de84b77b385d-00617824f0
x-timestamp
1621260767.46514
accept-ranges
bytes
expires
Sun, 05 Dec 2021 16:22:52 GMT
last-modified
Mon, 17 May 2021 14:12:48 GMT
server
nginx/1.18.0
etag
f92d6474ebc6a3a0b576749cfb4afe98
vary
Accept-Encoding
access-control-allow-methods
HEAD,GET,POST,PUT,PATCH,DELETE,OPTIONS
content-type
image/png
access-control-allow-origin
*
access-control-expose-headers
X-Container-Meta-Temp-Url-Key,X-Container-Bytes-Used,Last-Modified,X-Timestamp
cache-control
max-age=172800
content-length
4064
access-control-allow-headers
Content-Type,X-Requested-With,X-Auth-Token,X-Openstack-Request-Id,X-Container-Meta-type,X-Container-Meta-Temp-URL-Key,Authorization
x-proxy-cache
HIT
afu.php
kneeansweras.com/ 		2 KB
1 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://kneeansweras.com/afu.php?zoneid=1541501&var=1541502
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
109.206.162.83 , Netherlands, ASN50245 (SERVEREL-AS, NL),
Reverse DNS
83.162.serverel.net
Software
nginx /
Resource Hash
94c2421b8884b27714a0d04bf179a972421ea4bfc9b519f7310db8ffb131a3f5

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36
Accept-Language
nl-NL,nl;q=0.9

Response headers

server
nginx
date
Fri, 03 Dec 2021 16:22:52 GMT
content-type
text/html; charset=utf-8
vary
Accept-Encoding
content-encoding
gzip
timing-allow-origin
*
submit.min.js
kneeansweras.com/ 		34 KB
14 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://kneeansweras.com/submit.min.js?2.0
Requested by
Host: kneeansweras.com
URL: https://kneeansweras.com/afu.php?zoneid=1541501&var=1541502
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
109.206.162.83 , Netherlands, ASN50245 (SERVEREL-AS, NL),
Reverse DNS
83.162.serverel.net
Software
nginx /
Resource Hash
85a367f436675a0f9ff723ab117c68ab0f704cd9f183bc40c8d5e06d647832b8

Request headers

Accept-Language
nl-NL,nl;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date
Fri, 03 Dec 2021 16:22:52 GMT
content-encoding
gzip
last-modified
Thu, 02 Dec 2021 12:43:17 GMT
server
nginx
etag
W/"61a8bf65-87fb"
vary
Accept-Encoding
content-type
application/javascript
timing-allow-origin
*
/
kneeansweras.com/ 		3 KB
2 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://kneeansweras.com/?r=dir&zoneid=1541501&var=1541502&pb=0f9fb7e3891dd6b84a453baea88873541638555772&psp=rBi18Vmo7gPUMAGXxMtGMSrRwzJgQf6G3FirbS2O-Xh8Df8BIZJ4HfXOlzXqZhRL32MFOqVdHs64lFH7xqaOB-Q3Mo6i2kMBeh56OUZ-F7Zn8RC0mbaEkhBRlc20UwW3-_0yQoEusGMHtdWYKsEQdh-ePY47ZZIXge3h7KaY4v1r8WE9kIOl_4qnR0d7M2fALqigAuA-6Zhs88zNZkpMGKT52KfOxBzoeA3G_Hz3VasnqqTmKnUE0PyvdRkQHHvGiqpwCnkb_8fNOiIeCj5cIbtxv97Rx0fDtuEU92d2K5DwJLIu8nGdmWcV6qHQgmO1jgC1CJGzitVettVBay2rji9QRKHnvjYUuLZSGo3TBN6SdBR4qGnDc17LBc83B-X2-JzKTPI8PG2-9x0oemgrrqXxteoaVyIkA9MKSPiDpmrNQerucWbDbBiX12dvMK18fWm1beBTkQmEMMBqzFhEJEvae_Vo5U81pqhVURDm5r0m6tOP2OsjodEuKnkt0a8V0NQ-yCNfZtNA40E6cauZEfND77fWptvJv88BsVSBGlVGhSbbQf5wc363cv2rhQkPAXVcTHxkcgX2a7jm8XeybR3pSdqd8FSt_RftErGzkFCt6_D0ZzT_ktwpYaN_hoTlU5AI0upepAUWHBFurxh9FZS69uEMOrLImgGJVmnaw2kvLNq8GMrw_w==&nojs=0&ix=0&t=0&x=1600&y=1200&wcks=1&wgl=1&cnvs=1&os=0&md=0&bb=0&pl=Chrome%20PDF%20Plugin::Chrome%20PDF%20Viewer::Native%20Client&lang=en-US&pf=Linux%20x86_64&cd=24&0&pload=101
Requested by
Host: kneeansweras.com
URL: https://kneeansweras.com/submit.min.js?2.0
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
109.206.162.83 , Netherlands, ASN50245 (SERVEREL-AS, NL),
Reverse DNS
83.162.serverel.net
Software
nginx /
Resource Hash
4d2a51a771888c61ff25172d8877b9b9432554cfd6156cce110e41d6a0dc5143

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36
Accept-Language
nl-NL,nl;q=0.9

Response headers

server
nginx
date
Fri, 03 Dec 2021 16:22:52 GMT
content-type
text/html; charset=utf-8
vary
Accept-Encoding
content-encoding
gzip
timing-allow-origin
*
index.html
517s61.reminews.com/dannig/common-player-arrow/ 		6 KB
7 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://517s61.reminews.com/dannig/common-player-arrow/index.html?var=1541501&ymid=2112031122879814f3f9dc466aa4e41a4ea6&rc=1&mrc=0&fsc=0&zoneid=1601571&tburl=https://play-vids.com/?geo=nl&proxy=true
Requested by
Host: kneeansweras.com
URL: https://kneeansweras.com/?r=dir&zoneid=1541501&var=1541502&pb=0f9fb7e3891dd6b84a453baea88873541638555772&psp=rBi18Vmo7gPUMAGXxMtGMSrRwzJgQf6G3FirbS2O-Xh8Df8BIZJ4HfXOlzXqZhRL32MFOqVdHs64lFH7xqaOB-Q3Mo6i2kMBeh56OUZ-F7Zn8RC0mbaEkhBRlc20UwW3-_0yQoEusGMHtdWYKsEQdh-ePY47ZZIXge3h7KaY4v1r8WE9kIOl_4qnR0d7M2fALqigAuA-6Zhs88zNZkpMGKT52KfOxBzoeA3G_Hz3VasnqqTmKnUE0PyvdRkQHHvGiqpwCnkb_8fNOiIeCj5cIbtxv97Rx0fDtuEU92d2K5DwJLIu8nGdmWcV6qHQgmO1jgC1CJGzitVettVBay2rji9QRKHnvjYUuLZSGo3TBN6SdBR4qGnDc17LBc83B-X2-JzKTPI8PG2-9x0oemgrrqXxteoaVyIkA9MKSPiDpmrNQerucWbDbBiX12dvMK18fWm1beBTkQmEMMBqzFhEJEvae_Vo5U81pqhVURDm5r0m6tOP2OsjodEuKnkt0a8V0NQ-yCNfZtNA40E6cauZEfND77fWptvJv88BsVSBGlVGhSbbQf5wc363cv2rhQkPAXVcTHxkcgX2a7jm8XeybR3pSdqd8FSt_RftErGzkFCt6_D0ZzT_ktwpYaN_hoTlU5AI0upepAUWHBFurxh9FZS69uEMOrLImgGJVmnaw2kvLNq8GMrw_w==&nojs=0&ix=0&t=0&x=1600&y=1200&wcks=1&wgl=1&cnvs=1&os=0&md=0&bb=0&pl=Chrome%20PDF%20Plugin::Chrome%20PDF%20Viewer::Native%20Client&lang=en-US&pf=Linux%20x86_64&cd=24&0&pload=101
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
45.133.44.3 Philadelphia, United States, ASN39572 (ADVANCEDHOSTERS-AS, NL),
Reverse DNS
Software
nginx/1.18.0 /
Resource Hash
dccc56b4834577790633f041a5c730b0f283352e63c8509a9da3961b170b6f96

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36
Accept-Language
nl-NL,nl;q=0.9

Response headers

date
Fri, 03 Dec 2021 16:22:52 GMT
content-type
text/html; charset=utf-8
content-length
6611
server
nginx/1.18.0
last-modified
Tue, 26 Oct 2021 15:52:40 GMT
etag
f46a63e0e4e733d7ddc6f46da00863bf
x-timestamp
1635263559.76455
x-trans-id
txf9973ab5455e4f86ae257-00617824f3
x-openstack-request-id
txf9973ab5455e4f86ae257-00617824f3
cache-control
max-age=172800
access-control-allow-origin
*
access-control-allow-methods
HEAD,GET,POST,PUT,PATCH,DELETE,OPTIONS
access-control-allow-headers
Content-Type,X-Requested-With,X-Auth-Token,X-Openstack-Request-Id,X-Container-Meta-type,X-Container-Meta-Temp-URL-Key,Authorization
access-control-expose-headers
X-Container-Meta-Temp-Url-Key,X-Container-Bytes-Used,Last-Modified,X-Timestamp
expires
Sun, 05 Dec 2021 16:22:52 GMT
vary
Accept-Encoding
x-proxy-cache
HIT
accept-ranges
bytes
dupa.gif
kneeansweras.com/ 		0
0
script.js
123.selornews.com/dannig/common-player-arrow/ 		4 KB
5 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://123.selornews.com/dannig/common-player-arrow/script.js?a=19
Requested by
Host: 517s61.reminews.com
URL: https://517s61.reminews.com/dannig/common-player-arrow/index.html?var=1541501&ymid=2112031122879814f3f9dc466aa4e41a4ea6&rc=1&mrc=0&fsc=0&zoneid=1601571&tburl=https://play-vids.com/?geo=nl&proxy=true
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
45.133.44.4 Philadelphia, United States, ASN39572 (ADVANCEDHOSTERS-AS, NL),
Reverse DNS
Software
nginx/1.18.0 /
Resource Hash
4d23eca65ee87fd5bce9aaefc863c5f836ad13dbb3069c72533bddfe2054d0d9

Request headers

Accept-Language
nl-NL,nl;q=0.9
Referer
https://517s61.reminews.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date
Fri, 03 Dec 2021 16:22:52 GMT
x-openstack-request-id
tx511d3042704c4fa98c709-00617824f4
x-trans-id
tx511d3042704c4fa98c709-00617824f4
x-timestamp
1631013005.68768
accept-ranges
bytes
expires
Sun, 05 Dec 2021 16:22:52 GMT
last-modified
Tue, 07 Sep 2021 11:10:06 GMT
server
nginx/1.18.0
etag
9d479878f1dadd7ee15cebf73891e8ae
vary
Accept-Encoding
access-control-allow-methods
HEAD,GET,POST,PUT,PATCH,DELETE,OPTIONS
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
access-control-expose-headers
X-Container-Meta-Temp-Url-Key,X-Container-Bytes-Used,Last-Modified,X-Timestamp
cache-control
max-age=172800
content-length
4281
access-control-allow-headers
Content-Type,X-Requested-With,X-Auth-Token,X-Openstack-Request-Id,X-Container-Meta-type,X-Container-Meta-Temp-URL-Key,Authorization
x-proxy-cache
HIT
icon1.png
123.selornews.com/dannig/common-player-arrow/img/ 		7 KB
8 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://123.selornews.com/dannig/common-player-arrow/img/icon1.png
Requested by
Host: 517s61.reminews.com
URL: https://517s61.reminews.com/dannig/common-player-arrow/index.html?var=1541501&ymid=2112031122879814f3f9dc466aa4e41a4ea6&rc=1&mrc=0&fsc=0&zoneid=1601571&tburl=https://play-vids.com/?geo=nl&proxy=true
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
45.133.44.4 Philadelphia, United States, ASN39572 (ADVANCEDHOSTERS-AS, NL),
Reverse DNS
Software
nginx/1.18.0 /
Resource Hash
0515ddd9185d263874e7b66bb6d521fcd63b857aac5fed51c08df98026dafe27

Request headers

Accept-Language
nl-NL,nl;q=0.9
Referer
https://517s61.reminews.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date
Fri, 03 Dec 2021 16:22:52 GMT
x-openstack-request-id
tx3a371b7f911d47879e956-00617824f4
x-trans-id
tx3a371b7f911d47879e956-00617824f4
x-timestamp
1621260766.56573
accept-ranges
bytes
expires
Sun, 05 Dec 2021 16:22:52 GMT
last-modified
Mon, 17 May 2021 14:12:47 GMT
server
nginx/1.18.0
etag
3d0ab5834c8bf7134e4d21fa3288317f
vary
Accept-Encoding
access-control-allow-methods
HEAD,GET,POST,PUT,PATCH,DELETE,OPTIONS
content-type
image/png
access-control-allow-origin
*
access-control-expose-headers
X-Container-Meta-Temp-Url-Key,X-Container-Bytes-Used,Last-Modified,X-Timestamp
cache-control
max-age=172800
content-length
7252
access-control-allow-headers
Content-Type,X-Requested-With,X-Auth-Token,X-Openstack-Request-Id,X-Container-Meta-type,X-Container-Meta-Temp-URL-Key,Authorization
x-proxy-cache
HIT
icon2.png
123.selornews.com/dannig/common-player-arrow/img/ 		4 KB
5 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://123.selornews.com/dannig/common-player-arrow/img/icon2.png
Requested by
Host: 517s61.reminews.com
URL: https://517s61.reminews.com/dannig/common-player-arrow/index.html?var=1541501&ymid=2112031122879814f3f9dc466aa4e41a4ea6&rc=1&mrc=0&fsc=0&zoneid=1601571&tburl=https://play-vids.com/?geo=nl&proxy=true
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
45.133.44.4 Philadelphia, United States, ASN39572 (ADVANCEDHOSTERS-AS, NL),
Reverse DNS
Software
nginx/1.18.0 /
Resource Hash

Request headers

Accept-Language
nl-NL,nl;q=0.9
Referer
https://517s61.reminews.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date
Fri, 03 Dec 2021 16:22:52 GMT
x-openstack-request-id
txa9b08c83d6884e2e94886-00617824f0
x-trans-id
txa9b08c83d6884e2e94886-00617824f0
x-timestamp
1621260766.58366
accept-ranges
bytes
expires
Sun, 05 Dec 2021 16:22:52 GMT
last-modified
Mon, 17 May 2021 14:12:47 GMT
server
nginx/1.18.0
etag
c947d439eb93367f1af5b2a3d222f057
vary
Accept-Encoding
access-control-allow-methods
HEAD,GET,POST,PUT,PATCH,DELETE,OPTIONS
content-type
image/png
access-control-allow-origin
*
access-control-expose-headers
X-Container-Meta-Temp-Url-Key,X-Container-Bytes-Used,Last-Modified,X-Timestamp
cache-control
max-age=172800
content-length
4576
access-control-allow-headers
Content-Type,X-Requested-With,X-Auth-Token,X-Openstack-Request-Id,X-Container-Meta-type,X-Container-Meta-Temp-URL-Key,Authorization
x-proxy-cache
HIT
icon3.png
123.selornews.com/dannig/common-player-arrow/img/ 		8 KB
8 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://123.selornews.com/dannig/common-player-arrow/img/icon3.png
Requested by
Host: 517s61.reminews.com
URL: https://517s61.reminews.com/dannig/common-player-arrow/index.html?var=1541501&ymid=2112031122879814f3f9dc466aa4e41a4ea6&rc=1&mrc=0&fsc=0&zoneid=1601571&tburl=https://play-vids.com/?geo=nl&proxy=true
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
45.133.44.4 Philadelphia, United States, ASN39572 (ADVANCEDHOSTERS-AS, NL),
Reverse DNS
Software
nginx/1.18.0 /
Resource Hash

Request headers

Accept-Language
nl-NL,nl;q=0.9
Referer
https://517s61.reminews.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date
Fri, 03 Dec 2021 16:22:52 GMT
x-openstack-request-id
txe836bc800dc74cab8c17e-00617824f0
x-trans-id
txe836bc800dc74cab8c17e-00617824f0
x-timestamp
1621260770.61859
accept-ranges
bytes
expires
Sun, 05 Dec 2021 16:22:52 GMT
last-modified
Mon, 17 May 2021 14:12:51 GMT
server
nginx/1.18.0
etag
8f3cc830da0b1fdf66bda7d1d734747b
vary
Accept-Encoding
access-control-allow-methods
HEAD,GET,POST,PUT,PATCH,DELETE,OPTIONS
content-type
image/png
access-control-allow-origin
*
access-control-expose-headers
X-Container-Meta-Temp-Url-Key,X-Container-Bytes-Used,Last-Modified,X-Timestamp
cache-control
max-age=172800
content-length
7847
access-control-allow-headers
Content-Type,X-Requested-With,X-Auth-Token,X-Openstack-Request-Id,X-Container-Meta-type,X-Container-Meta-Temp-URL-Key,Authorization
x-proxy-cache
HIT
icon4.png
123.selornews.com/dannig/common-player-arrow/img/ 		7 KB
7 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://123.selornews.com/dannig/common-player-arrow/img/icon4.png
Requested by
Host: 517s61.reminews.com
URL: https://517s61.reminews.com/dannig/common-player-arrow/index.html?var=1541501&ymid=2112031122879814f3f9dc466aa4e41a4ea6&rc=1&mrc=0&fsc=0&zoneid=1601571&tburl=https://play-vids.com/?geo=nl&proxy=true
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
45.133.44.4 Philadelphia, United States, ASN39572 (ADVANCEDHOSTERS-AS, NL),
Reverse DNS
Software
nginx/1.18.0 /
Resource Hash

Request headers

Accept-Language
nl-NL,nl;q=0.9
Referer
https://517s61.reminews.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date
Fri, 03 Dec 2021 16:22:52 GMT
x-openstack-request-id
tx15b172dcb6084849bf123-00617824f0
x-trans-id
tx15b172dcb6084849bf123-00617824f0
x-timestamp
1621260766.57654
accept-ranges
bytes
expires
Sun, 05 Dec 2021 16:22:52 GMT
last-modified
Mon, 17 May 2021 14:12:47 GMT
server
nginx/1.18.0
etag
7ad7f32c1c0df7b4975cc41bda4ac435
vary
Accept-Encoding
access-control-allow-methods
HEAD,GET,POST,PUT,PATCH,DELETE,OPTIONS
content-type
image/png
access-control-allow-origin
*
access-control-expose-headers
X-Container-Meta-Temp-Url-Key,X-Container-Bytes-Used,Last-Modified,X-Timestamp
cache-control
max-age=172800
content-length
7032
access-control-allow-headers
Content-Type,X-Requested-With,X-Auth-Token,X-Openstack-Request-Id,X-Container-Meta-type,X-Container-Meta-Temp-URL-Key,Authorization
x-proxy-cache
HIT
icon5.png
123.selornews.com/dannig/common-player-arrow/img/ 		3 KB
4 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://123.selornews.com/dannig/common-player-arrow/img/icon5.png
Requested by
Host: 517s61.reminews.com
URL: https://517s61.reminews.com/dannig/common-player-arrow/index.html?var=1541501&ymid=2112031122879814f3f9dc466aa4e41a4ea6&rc=1&mrc=0&fsc=0&zoneid=1601571&tburl=https://play-vids.com/?geo=nl&proxy=true
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
45.133.44.4 Philadelphia, United States, ASN39572 (ADVANCEDHOSTERS-AS, NL),
Reverse DNS
Software
nginx/1.18.0 /
Resource Hash

Request headers

Accept-Language
nl-NL,nl;q=0.9
Referer
https://517s61.reminews.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date
Fri, 03 Dec 2021 16:22:52 GMT
x-openstack-request-id
txb5043e51fe2e4d6988631-00617824f0
x-trans-id
txb5043e51fe2e4d6988631-00617824f0
x-timestamp
1621260766.74516
accept-ranges
bytes
expires
Sun, 05 Dec 2021 16:22:52 GMT
last-modified
Mon, 17 May 2021 14:12:47 GMT
server
nginx/1.18.0
etag
1e1a7582b5da63e10485d63f97abc9a0
vary
Accept-Encoding
access-control-allow-methods
HEAD,GET,POST,PUT,PATCH,DELETE,OPTIONS
content-type
image/png
access-control-allow-origin
*
access-control-expose-headers
X-Container-Meta-Temp-Url-Key,X-Container-Bytes-Used,Last-Modified,X-Timestamp
cache-control
max-age=172800
content-length
3264
access-control-allow-headers
Content-Type,X-Requested-With,X-Auth-Token,X-Openstack-Request-Id,X-Container-Meta-type,X-Container-Meta-Temp-URL-Key,Authorization
x-proxy-cache
HIT
icon7.png
123.selornews.com/dannig/common-player-arrow/img/ 		3 KB
4 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://123.selornews.com/dannig/common-player-arrow/img/icon7.png
Requested by
Host: 517s61.reminews.com
URL: https://517s61.reminews.com/dannig/common-player-arrow/index.html?var=1541501&ymid=2112031122879814f3f9dc466aa4e41a4ea6&rc=1&mrc=0&fsc=0&zoneid=1601571&tburl=https://play-vids.com/?geo=nl&proxy=true
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
45.133.44.4 Philadelphia, United States, ASN39572 (ADVANCEDHOSTERS-AS, NL),
Reverse DNS
Software
nginx/1.18.0 /
Resource Hash

Request headers

Accept-Language
nl-NL,nl;q=0.9
Referer
https://517s61.reminews.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date
Fri, 03 Dec 2021 16:22:52 GMT
x-openstack-request-id
tx23eb648f44094a9e86fdc-00617824f0
x-trans-id
tx23eb648f44094a9e86fdc-00617824f0
x-timestamp
1621260767.43555
accept-ranges
bytes
expires
Sun, 05 Dec 2021 16:22:52 GMT
last-modified
Mon, 17 May 2021 14:12:48 GMT
server
nginx/1.18.0
etag
b512735542cb07b3b2dcf153a7dfe456
vary
Accept-Encoding
access-control-allow-methods
HEAD,GET,POST,PUT,PATCH,DELETE,OPTIONS
content-type
image/png
access-control-allow-origin
*
access-control-expose-headers
X-Container-Meta-Temp-Url-Key,X-Container-Bytes-Used,Last-Modified,X-Timestamp
cache-control
max-age=172800
content-length
3283
access-control-allow-headers
Content-Type,X-Requested-With,X-Auth-Token,X-Openstack-Request-Id,X-Container-Meta-type,X-Container-Meta-Temp-URL-Key,Authorization
x-proxy-cache
HIT
icon8.png
123.selornews.com/dannig/common-player-arrow/img/ 		4 KB
5 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://123.selornews.com/dannig/common-player-arrow/img/icon8.png
Requested by
Host: 517s61.reminews.com
URL: https://517s61.reminews.com/dannig/common-player-arrow/index.html?var=1541501&ymid=2112031122879814f3f9dc466aa4e41a4ea6&rc=1&mrc=0&fsc=0&zoneid=1601571&tburl=https://play-vids.com/?geo=nl&proxy=true
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
45.133.44.4 Philadelphia, United States, ASN39572 (ADVANCEDHOSTERS-AS, NL),
Reverse DNS
Software
nginx/1.18.0 /
Resource Hash

Request headers

Accept-Language
nl-NL,nl;q=0.9
Referer
https://517s61.reminews.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date
Fri, 03 Dec 2021 16:22:52 GMT
x-openstack-request-id
tx287de7c84de84b77b385d-00617824f0
x-trans-id
tx287de7c84de84b77b385d-00617824f0
x-timestamp
1621260767.46514
accept-ranges
bytes
expires
Sun, 05 Dec 2021 16:22:52 GMT
last-modified
Mon, 17 May 2021 14:12:48 GMT
server
nginx/1.18.0
etag
f92d6474ebc6a3a0b576749cfb4afe98
vary
Accept-Encoding
access-control-allow-methods
HEAD,GET,POST,PUT,PATCH,DELETE,OPTIONS
content-type
image/png
access-control-allow-origin
*
access-control-expose-headers
X-Container-Meta-Temp-Url-Key,X-Container-Bytes-Used,Last-Modified,X-Timestamp
cache-control
max-age=172800
content-length
4064
access-control-allow-headers
Content-Type,X-Requested-With,X-Auth-Token,X-Openstack-Request-Id,X-Container-Meta-type,X-Container-Meta-Temp-URL-Key,Authorization
x-proxy-cache
HIT
afu.php
kneeansweras.com/ 		2 KB
1 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://kneeansweras.com/afu.php?zoneid=1541502&var=1541501
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
109.206.162.83 , Netherlands, ASN50245 (SERVEREL-AS, NL),
Reverse DNS
83.162.serverel.net
Software
nginx /
Resource Hash
2c60502aa33be57b7de1686757d1a02cb8462170ed233da335f82168253737f1

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36
Accept-Language
nl-NL,nl;q=0.9

Response headers

server
nginx
date
Fri, 03 Dec 2021 16:22:52 GMT
content-type
text/html; charset=utf-8
vary
Accept-Encoding
content-encoding
gzip
timing-allow-origin
*
submit.min.js
kneeansweras.com/ 		34 KB
14 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://kneeansweras.com/submit.min.js?2.0
Requested by
Host: kneeansweras.com
URL: https://kneeansweras.com/afu.php?zoneid=1541502&var=1541501
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
109.206.162.83 , Netherlands, ASN50245 (SERVEREL-AS, NL),
Reverse DNS
83.162.serverel.net
Software
nginx /
Resource Hash
85a367f436675a0f9ff723ab117c68ab0f704cd9f183bc40c8d5e06d647832b8

Request headers

Accept-Language
nl-NL,nl;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date
Fri, 03 Dec 2021 16:22:52 GMT
content-encoding
gzip
last-modified
Thu, 02 Dec 2021 12:43:17 GMT
server
nginx
etag
W/"61a8bf65-87fb"
vary
Accept-Encoding
content-type
application/javascript
timing-allow-origin
*
/
kneeansweras.com/ 		3 KB
2 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://kneeansweras.com/?r=dir&zoneid=1541502&var=1541501&pb=0f9fb7e3891dd6b84a453baea88873541638555772&psp=e3YIdOzKiiMmALPryq1wrZPG-koMbqZi865gVbcpwC5hPRWXHhhYH5s2VaLGxFlq8qYk8ydkArLmmPWexEFFXnKJcKr9PfMJKbmVTyWMAnbuN2QKOqRsqFrDLloPzSs7XLv1kgNQSbl-Djwa_7151EQf1UWhWfS3bqKPaiDtI856umvLjUO1erIAYDFA4OKcVrGzNMHAXJYBILUrEAwStAM9gH4-iLmsOsqUBBCZcfv2OBQVrbFNvtW4PVU1bF2e-n3GuB7a8ldLpu9I1VtP_HWhVR3Dq2fdk85NU8wl6hhNRoQdYrak5XZZuGqDDF9UewdQ5mIckaWmjb-j8nwb9g8Br7xCzR0jcrCecBX-RmkE_i_dJAGnQDLq_IG05jARaZ8O9rbqHloOXO63xBmzxjqm7_JiDMZdJ3bvt0ecoSo8yt6kroJZeUz5i_DCcfU_eATynclZYuqMUJYjoJl_upJhLNMOE0g4P8p7lvwQf1jRORngBca2yrTNeDZcwm1_-frR3TN5efeBN_ci0yabwlg_ezb04oOqX2fLbgLu0mC_QUpP-uoEqcTVSMYcljLa0a2ExIJ-OXW7xcawWIixDmuubOvT4Zelf3L87iRtsuNTNnCO-i8VS2dLJIxr-WS9sm_dQYmZsZ8lLM6YBJ7xfWiVCgjTx-Rt3DPLtc6QpdOLg6GroG03Sw==&nojs=0&ix=0&t=0&x=1600&y=1200&wcks=1&wgl=1&cnvs=1&os=0&md=0&bb=0&pl=Chrome%20PDF%20Plugin::Chrome%20PDF%20Viewer::Native%20Client&lang=en-US&pf=Linux%20x86_64&cd=24&0&pload=106
Requested by
Host: kneeansweras.com
URL: https://kneeansweras.com/submit.min.js?2.0
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
109.206.162.83 , Netherlands, ASN50245 (SERVEREL-AS, NL),
Reverse DNS
83.162.serverel.net
Software
nginx /
Resource Hash
d49e82412d5038e6ef00785cb36c540dbafbc2d0fcb49efac55dae0059b1e5f6

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36
Accept-Language
nl-NL,nl;q=0.9

Response headers

server
nginx
date
Fri, 03 Dec 2021 16:22:52 GMT
content-type
text/html; charset=utf-8
vary
Accept-Encoding
content-encoding
gzip
timing-allow-origin
*
index.html
517s61.reminews.com/dannig/common-player-arrow/ 		6 KB
7 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://517s61.reminews.com/dannig/common-player-arrow/index.html?var=1541502&ymid=2112031122483aafe752be436b8d7a804111&rc=1&mrc=0&fsc=0&zoneid=1601571&tburl=https://play-vids.com/?geo=nl&proxy=true
Requested by
Host: kneeansweras.com
URL: https://kneeansweras.com/?r=dir&zoneid=1541502&var=1541501&pb=0f9fb7e3891dd6b84a453baea88873541638555772&psp=e3YIdOzKiiMmALPryq1wrZPG-koMbqZi865gVbcpwC5hPRWXHhhYH5s2VaLGxFlq8qYk8ydkArLmmPWexEFFXnKJcKr9PfMJKbmVTyWMAnbuN2QKOqRsqFrDLloPzSs7XLv1kgNQSbl-Djwa_7151EQf1UWhWfS3bqKPaiDtI856umvLjUO1erIAYDFA4OKcVrGzNMHAXJYBILUrEAwStAM9gH4-iLmsOsqUBBCZcfv2OBQVrbFNvtW4PVU1bF2e-n3GuB7a8ldLpu9I1VtP_HWhVR3Dq2fdk85NU8wl6hhNRoQdYrak5XZZuGqDDF9UewdQ5mIckaWmjb-j8nwb9g8Br7xCzR0jcrCecBX-RmkE_i_dJAGnQDLq_IG05jARaZ8O9rbqHloOXO63xBmzxjqm7_JiDMZdJ3bvt0ecoSo8yt6kroJZeUz5i_DCcfU_eATynclZYuqMUJYjoJl_upJhLNMOE0g4P8p7lvwQf1jRORngBca2yrTNeDZcwm1_-frR3TN5efeBN_ci0yabwlg_ezb04oOqX2fLbgLu0mC_QUpP-uoEqcTVSMYcljLa0a2ExIJ-OXW7xcawWIixDmuubOvT4Zelf3L87iRtsuNTNnCO-i8VS2dLJIxr-WS9sm_dQYmZsZ8lLM6YBJ7xfWiVCgjTx-Rt3DPLtc6QpdOLg6GroG03Sw==&nojs=0&ix=0&t=0&x=1600&y=1200&wcks=1&wgl=1&cnvs=1&os=0&md=0&bb=0&pl=Chrome%20PDF%20Plugin::Chrome%20PDF%20Viewer::Native%20Client&lang=en-US&pf=Linux%20x86_64&cd=24&0&pload=106
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
45.133.44.3 Philadelphia, United States, ASN39572 (ADVANCEDHOSTERS-AS, NL),
Reverse DNS
Software
nginx/1.18.0 /
Resource Hash
dccc56b4834577790633f041a5c730b0f283352e63c8509a9da3961b170b6f96

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36
Accept-Language
nl-NL,nl;q=0.9

Response headers

date
Fri, 03 Dec 2021 16:22:52 GMT
content-type
text/html; charset=utf-8
content-length
6611
server
nginx/1.18.0
last-modified
Tue, 26 Oct 2021 15:52:40 GMT
etag
f46a63e0e4e733d7ddc6f46da00863bf
x-timestamp
1635263559.76455
x-trans-id
txf9973ab5455e4f86ae257-00617824f3
x-openstack-request-id
txf9973ab5455e4f86ae257-00617824f3
cache-control
max-age=172800
access-control-allow-origin
*
access-control-allow-methods
HEAD,GET,POST,PUT,PATCH,DELETE,OPTIONS
access-control-allow-headers
Content-Type,X-Requested-With,X-Auth-Token,X-Openstack-Request-Id,X-Container-Meta-type,X-Container-Meta-Temp-URL-Key,Authorization
access-control-expose-headers
X-Container-Meta-Temp-Url-Key,X-Container-Bytes-Used,Last-Modified,X-Timestamp
expires
Sun, 05 Dec 2021 16:22:52 GMT
vary
Accept-Encoding
x-proxy-cache
HIT
accept-ranges
bytes
dupa.gif
kneeansweras.com/ 		0
0
script.js
123.selornews.com/dannig/common-player-arrow/ 		4 KB
5 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://123.selornews.com/dannig/common-player-arrow/script.js?a=19
Requested by
Host: 517s61.reminews.com
URL: https://517s61.reminews.com/dannig/common-player-arrow/index.html?var=1541502&ymid=2112031122483aafe752be436b8d7a804111&rc=1&mrc=0&fsc=0&zoneid=1601571&tburl=https://play-vids.com/?geo=nl&proxy=true
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
45.133.44.4 Philadelphia, United States, ASN39572 (ADVANCEDHOSTERS-AS, NL),
Reverse DNS
Software
nginx/1.18.0 /
Resource Hash
4d23eca65ee87fd5bce9aaefc863c5f836ad13dbb3069c72533bddfe2054d0d9

Request headers

Accept-Language
nl-NL,nl;q=0.9
Referer
https://517s61.reminews.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date
Fri, 03 Dec 2021 16:22:52 GMT
x-openstack-request-id
tx511d3042704c4fa98c709-00617824f4
x-trans-id
tx511d3042704c4fa98c709-00617824f4
x-timestamp
1631013005.68768
accept-ranges
bytes
expires
Sun, 05 Dec 2021 16:22:52 GMT
last-modified
Tue, 07 Sep 2021 11:10:06 GMT
server
nginx/1.18.0
etag
9d479878f1dadd7ee15cebf73891e8ae
vary
Accept-Encoding
access-control-allow-methods
HEAD,GET,POST,PUT,PATCH,DELETE,OPTIONS
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
access-control-expose-headers
X-Container-Meta-Temp-Url-Key,X-Container-Bytes-Used,Last-Modified,X-Timestamp
cache-control
max-age=172800
content-length
4281
access-control-allow-headers
Content-Type,X-Requested-With,X-Auth-Token,X-Openstack-Request-Id,X-Container-Meta-type,X-Container-Meta-Temp-URL-Key,Authorization
x-proxy-cache
HIT
icon1.png
123.selornews.com/dannig/common-player-arrow/img/ 		7 KB
8 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://123.selornews.com/dannig/common-player-arrow/img/icon1.png
Requested by
Host: 517s61.reminews.com
URL: https://517s61.reminews.com/dannig/common-player-arrow/index.html?var=1541502&ymid=2112031122483aafe752be436b8d7a804111&rc=1&mrc=0&fsc=0&zoneid=1601571&tburl=https://play-vids.com/?geo=nl&proxy=true
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
45.133.44.4 Philadelphia, United States, ASN39572 (ADVANCEDHOSTERS-AS, NL),
Reverse DNS
Software
nginx/1.18.0 /
Resource Hash
0515ddd9185d263874e7b66bb6d521fcd63b857aac5fed51c08df98026dafe27

Request headers

Accept-Language
nl-NL,nl;q=0.9
Referer
https://517s61.reminews.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date
Fri, 03 Dec 2021 16:22:52 GMT
x-openstack-request-id
tx3a371b7f911d47879e956-00617824f4
x-trans-id
tx3a371b7f911d47879e956-00617824f4
x-timestamp
1621260766.56573
accept-ranges
bytes
expires
Sun, 05 Dec 2021 16:22:52 GMT
last-modified
Mon, 17 May 2021 14:12:47 GMT
server
nginx/1.18.0
etag
3d0ab5834c8bf7134e4d21fa3288317f
vary
Accept-Encoding
access-control-allow-methods
HEAD,GET,POST,PUT,PATCH,DELETE,OPTIONS
content-type
image/png
access-control-allow-origin
*
access-control-expose-headers
X-Container-Meta-Temp-Url-Key,X-Container-Bytes-Used,Last-Modified,X-Timestamp
cache-control
max-age=172800
content-length
7252
access-control-allow-headers
Content-Type,X-Requested-With,X-Auth-Token,X-Openstack-Request-Id,X-Container-Meta-type,X-Container-Meta-Temp-URL-Key,Authorization
x-proxy-cache
HIT
icon2.png
123.selornews.com/dannig/common-player-arrow/img/ 		4 KB
5 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://123.selornews.com/dannig/common-player-arrow/img/icon2.png
Requested by
Host: 517s61.reminews.com
URL: https://517s61.reminews.com/dannig/common-player-arrow/index.html?var=1541502&ymid=2112031122483aafe752be436b8d7a804111&rc=1&mrc=0&fsc=0&zoneid=1601571&tburl=https://play-vids.com/?geo=nl&proxy=true
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
45.133.44.4 Philadelphia, United States, ASN39572 (ADVANCEDHOSTERS-AS, NL),
Reverse DNS
Software
nginx/1.18.0 /
Resource Hash

Request headers

Accept-Language
nl-NL,nl;q=0.9
Referer
https://517s61.reminews.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date
Fri, 03 Dec 2021 16:22:52 GMT
x-openstack-request-id
txa9b08c83d6884e2e94886-00617824f0
x-trans-id
txa9b08c83d6884e2e94886-00617824f0
x-timestamp
1621260766.58366
accept-ranges
bytes
expires
Sun, 05 Dec 2021 16:22:52 GMT
last-modified
Mon, 17 May 2021 14:12:47 GMT
server
nginx/1.18.0
etag
c947d439eb93367f1af5b2a3d222f057
vary
Accept-Encoding
access-control-allow-methods
HEAD,GET,POST,PUT,PATCH,DELETE,OPTIONS
content-type
image/png
access-control-allow-origin
*
access-control-expose-headers
X-Container-Meta-Temp-Url-Key,X-Container-Bytes-Used,Last-Modified,X-Timestamp
cache-control
max-age=172800
content-length
4576
access-control-allow-headers
Content-Type,X-Requested-With,X-Auth-Token,X-Openstack-Request-Id,X-Container-Meta-type,X-Container-Meta-Temp-URL-Key,Authorization
x-proxy-cache
HIT
icon3.png
123.selornews.com/dannig/common-player-arrow/img/ 		8 KB
8 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://123.selornews.com/dannig/common-player-arrow/img/icon3.png
Requested by
Host: 517s61.reminews.com
URL: https://517s61.reminews.com/dannig/common-player-arrow/index.html?var=1541502&ymid=2112031122483aafe752be436b8d7a804111&rc=1&mrc=0&fsc=0&zoneid=1601571&tburl=https://play-vids.com/?geo=nl&proxy=true
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
45.133.44.4 Philadelphia, United States, ASN39572 (ADVANCEDHOSTERS-AS, NL),
Reverse DNS
Software
nginx/1.18.0 /
Resource Hash

Request headers

Accept-Language
nl-NL,nl;q=0.9
Referer
https://517s61.reminews.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date
Fri, 03 Dec 2021 16:22:52 GMT
x-openstack-request-id
txe836bc800dc74cab8c17e-00617824f0
x-trans-id
txe836bc800dc74cab8c17e-00617824f0
x-timestamp
1621260770.61859
accept-ranges
bytes
expires
Sun, 05 Dec 2021 16:22:52 GMT
last-modified
Mon, 17 May 2021 14:12:51 GMT
server
nginx/1.18.0
etag
8f3cc830da0b1fdf66bda7d1d734747b
vary
Accept-Encoding
access-control-allow-methods
HEAD,GET,POST,PUT,PATCH,DELETE,OPTIONS
content-type
image/png
access-control-allow-origin
*
access-control-expose-headers
X-Container-Meta-Temp-Url-Key,X-Container-Bytes-Used,Last-Modified,X-Timestamp
cache-control
max-age=172800
content-length
7847
access-control-allow-headers
Content-Type,X-Requested-With,X-Auth-Token,X-Openstack-Request-Id,X-Container-Meta-type,X-Container-Meta-Temp-URL-Key,Authorization
x-proxy-cache
HIT
icon4.png
123.selornews.com/dannig/common-player-arrow/img/ 		7 KB
7 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://123.selornews.com/dannig/common-player-arrow/img/icon4.png
Requested by
Host: 517s61.reminews.com
URL: https://517s61.reminews.com/dannig/common-player-arrow/index.html?var=1541502&ymid=2112031122483aafe752be436b8d7a804111&rc=1&mrc=0&fsc=0&zoneid=1601571&tburl=https://play-vids.com/?geo=nl&proxy=true
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
45.133.44.4 Philadelphia, United States, ASN39572 (ADVANCEDHOSTERS-AS, NL),
Reverse DNS
Software
nginx/1.18.0 /
Resource Hash

Request headers

Accept-Language
nl-NL,nl;q=0.9
Referer
https://517s61.reminews.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date
Fri, 03 Dec 2021 16:22:52 GMT
x-openstack-request-id
tx15b172dcb6084849bf123-00617824f0
x-trans-id
tx15b172dcb6084849bf123-00617824f0
x-timestamp
1621260766.57654
accept-ranges
bytes
expires
Sun, 05 Dec 2021 16:22:52 GMT
last-modified
Mon, 17 May 2021 14:12:47 GMT
server
nginx/1.18.0
etag
7ad7f32c1c0df7b4975cc41bda4ac435
vary
Accept-Encoding
access-control-allow-methods
HEAD,GET,POST,PUT,PATCH,DELETE,OPTIONS
content-type
image/png
access-control-allow-origin
*
access-control-expose-headers
X-Container-Meta-Temp-Url-Key,X-Container-Bytes-Used,Last-Modified,X-Timestamp
cache-control
max-age=172800
content-length
7032
access-control-allow-headers
Content-Type,X-Requested-With,X-Auth-Token,X-Openstack-Request-Id,X-Container-Meta-type,X-Container-Meta-Temp-URL-Key,Authorization
x-proxy-cache
HIT
icon5.png
123.selornews.com/dannig/common-player-arrow/img/ 		3 KB
4 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://123.selornews.com/dannig/common-player-arrow/img/icon5.png
Requested by
Host: 517s61.reminews.com
URL: https://517s61.reminews.com/dannig/common-player-arrow/index.html?var=1541502&ymid=2112031122483aafe752be436b8d7a804111&rc=1&mrc=0&fsc=0&zoneid=1601571&tburl=https://play-vids.com/?geo=nl&proxy=true
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
45.133.44.4 Philadelphia, United States, ASN39572 (ADVANCEDHOSTERS-AS, NL),
Reverse DNS
Software
nginx/1.18.0 /
Resource Hash

Request headers

Accept-Language
nl-NL,nl;q=0.9
Referer
https://517s61.reminews.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date
Fri, 03 Dec 2021 16:22:52 GMT
x-openstack-request-id
txb5043e51fe2e4d6988631-00617824f0
x-trans-id
txb5043e51fe2e4d6988631-00617824f0
x-timestamp
1621260766.74516
accept-ranges
bytes
expires
Sun, 05 Dec 2021 16:22:52 GMT
last-modified
Mon, 17 May 2021 14:12:47 GMT
server
nginx/1.18.0
etag
1e1a7582b5da63e10485d63f97abc9a0
vary
Accept-Encoding
access-control-allow-methods
HEAD,GET,POST,PUT,PATCH,DELETE,OPTIONS
content-type
image/png
access-control-allow-origin
*
access-control-expose-headers
X-Container-Meta-Temp-Url-Key,X-Container-Bytes-Used,Last-Modified,X-Timestamp
cache-control
max-age=172800
content-length
3264
access-control-allow-headers
Content-Type,X-Requested-With,X-Auth-Token,X-Openstack-Request-Id,X-Container-Meta-type,X-Container-Meta-Temp-URL-Key,Authorization
x-proxy-cache
HIT
icon7.png
123.selornews.com/dannig/common-player-arrow/img/ 		3 KB
4 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://123.selornews.com/dannig/common-player-arrow/img/icon7.png
Requested by
Host: 517s61.reminews.com
URL: https://517s61.reminews.com/dannig/common-player-arrow/index.html?var=1541502&ymid=2112031122483aafe752be436b8d7a804111&rc=1&mrc=0&fsc=0&zoneid=1601571&tburl=https://play-vids.com/?geo=nl&proxy=true
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
45.133.44.4 Philadelphia, United States, ASN39572 (ADVANCEDHOSTERS-AS, NL),
Reverse DNS
Software
nginx/1.18.0 /
Resource Hash

Request headers

Accept-Language
nl-NL,nl;q=0.9
Referer
https://517s61.reminews.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date
Fri, 03 Dec 2021 16:22:52 GMT
x-openstack-request-id
tx23eb648f44094a9e86fdc-00617824f0
x-trans-id
tx23eb648f44094a9e86fdc-00617824f0
x-timestamp
1621260767.43555
accept-ranges
bytes
expires
Sun, 05 Dec 2021 16:22:52 GMT
last-modified
Mon, 17 May 2021 14:12:48 GMT
server
nginx/1.18.0
etag
b512735542cb07b3b2dcf153a7dfe456
vary
Accept-Encoding
access-control-allow-methods
HEAD,GET,POST,PUT,PATCH,DELETE,OPTIONS
content-type
image/png
access-control-allow-origin
*
access-control-expose-headers
X-Container-Meta-Temp-Url-Key,X-Container-Bytes-Used,Last-Modified,X-Timestamp
cache-control
max-age=172800
content-length
3283
access-control-allow-headers
Content-Type,X-Requested-With,X-Auth-Token,X-Openstack-Request-Id,X-Container-Meta-type,X-Container-Meta-Temp-URL-Key,Authorization
x-proxy-cache
HIT
icon8.png
123.selornews.com/dannig/common-player-arrow/img/ 		4 KB
5 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://123.selornews.com/dannig/common-player-arrow/img/icon8.png
Requested by
Host: 517s61.reminews.com
URL: https://517s61.reminews.com/dannig/common-player-arrow/index.html?var=1541502&ymid=2112031122483aafe752be436b8d7a804111&rc=1&mrc=0&fsc=0&zoneid=1601571&tburl=https://play-vids.com/?geo=nl&proxy=true
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
45.133.44.4 Philadelphia, United States, ASN39572 (ADVANCEDHOSTERS-AS, NL),
Reverse DNS
Software
nginx/1.18.0 /
Resource Hash

Request headers

Accept-Language
nl-NL,nl;q=0.9
Referer
https://517s61.reminews.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date
Fri, 03 Dec 2021 16:22:52 GMT
x-openstack-request-id
tx287de7c84de84b77b385d-00617824f0
x-trans-id
tx287de7c84de84b77b385d-00617824f0
x-timestamp
1621260767.46514
accept-ranges
bytes
expires
Sun, 05 Dec 2021 16:22:52 GMT
last-modified
Mon, 17 May 2021 14:12:48 GMT
server
nginx/1.18.0
etag
f92d6474ebc6a3a0b576749cfb4afe98
vary
Accept-Encoding
access-control-allow-methods
HEAD,GET,POST,PUT,PATCH,DELETE,OPTIONS
content-type
image/png
access-control-allow-origin
*
access-control-expose-headers
X-Container-Meta-Temp-Url-Key,X-Container-Bytes-Used,Last-Modified,X-Timestamp
cache-control
max-age=172800
content-length
4064
access-control-allow-headers
Content-Type,X-Requested-With,X-Auth-Token,X-Openstack-Request-Id,X-Container-Meta-type,X-Container-Meta-Temp-URL-Key,Authorization
x-proxy-cache
HIT
afu.php
kneeansweras.com/ 		2 KB
1 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://kneeansweras.com/afu.php?zoneid=1541501&var=1541502
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
109.206.162.83 , Netherlands, ASN50245 (SERVEREL-AS, NL),
Reverse DNS
83.162.serverel.net
Software
nginx /
Resource Hash
35fd4a5fcf78b4d6b11f69b3ea5080300641ff0837edd59381888777d7d2389a

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36
Accept-Language
nl-NL,nl;q=0.9

Response headers

server
nginx
date
Fri, 03 Dec 2021 16:22:52 GMT
content-type
text/html; charset=utf-8
vary
Accept-Encoding
content-encoding
gzip
timing-allow-origin
*
submit.min.js
kneeansweras.com/ 		34 KB
14 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://kneeansweras.com/submit.min.js?2.0
Requested by
Host: kneeansweras.com
URL: https://kneeansweras.com/afu.php?zoneid=1541501&var=1541502
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
109.206.162.83 , Netherlands, ASN50245 (SERVEREL-AS, NL),
Reverse DNS
83.162.serverel.net
Software
nginx /
Resource Hash
85a367f436675a0f9ff723ab117c68ab0f704cd9f183bc40c8d5e06d647832b8

Request headers

Accept-Language
nl-NL,nl;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date
Fri, 03 Dec 2021 16:22:52 GMT
content-encoding
gzip
last-modified
Thu, 02 Dec 2021 12:43:17 GMT
server
nginx
etag
W/"61a8bf65-87fb"
vary
Accept-Encoding
content-type
application/javascript
timing-allow-origin
*
/
kneeansweras.com/ 		3 KB
2 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://kneeansweras.com/?r=dir&zoneid=1541501&var=1541502&pb=0f9fb7e3891dd6b84a453baea88873541638555772&psp=gxg2JcCoC2QOekukaykbp35qGJYuRhj0kuPGAtmFNfyCt0ROW7aMDQ0loJ9hjBYoDNZFtELp3AX_isIh9s3AVrCSv-beSLHkIy9TuyYNgYi3EGUu0uXs1nbSsPSIyzrAPBNHsGeVq6qLktsxdvJ1D9ebqyFjQeKznH2TDKxwqUPEj8yNKfEO2CiVBhWJsl1pMrHEmMsUeqNTY4gB3svjuy0oVCciJ9CKyOR3Y0fDW7sFwqkzh2wXWGFat7nx8hRrWewByt-o1RfiX1hMnQGugzphEFnEonZsC497FXhSZgitT3j7AnGZWlKeHv9_J2UVcHjsFTSM9sXQdWx3_kdcmUxqUZo4W3m5uG2IogiCOs6ZrGmo1fWHo6RwEncDkHkiD8NMgtXWquHPNg_d07Bt8-1NU-QKC8T5DMem9GuMvUFHpfvSN-6Zy2lUVP40t6filegr7ZFqcBxqKZrSdqYbL5MTTQRJ-j8RJg01SPDi95qWo9LRQSe0tLBZLIoacYaeSTkdjNpkUFqpkf6SH75NB1LAwuxWQOmg9GIqb8ntNJ105zgzPndOo3WpGeyENGwcbL9dAaA4VMSq4-NCnz2SraY2DDjQxV95o2G3OZ4dALSbxyneEJMTuvWytVCZGHlUhPl7LIImFQgrBqJVP-RcW3NQskNmScu9gDjCPKPpyQ8xLLUYP2Vchw==&nojs=0&ix=0&t=0&x=1600&y=1200&wcks=1&wgl=1&cnvs=1&os=0&md=0&bb=0&pl=Chrome%20PDF%20Plugin::Chrome%20PDF%20Viewer::Native%20Client&lang=en-US&pf=Linux%20x86_64&cd=24&0&pload=109
Requested by
Host: kneeansweras.com
URL: https://kneeansweras.com/submit.min.js?2.0
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
109.206.162.83 , Netherlands, ASN50245 (SERVEREL-AS, NL),
Reverse DNS
83.162.serverel.net
Software
nginx /
Resource Hash
17d728aea104f56571e7bd1440be89c6b4bf7db96133df4c8576e8d595ff7ae4

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36
Accept-Language
nl-NL,nl;q=0.9

Response headers

server
nginx
date
Fri, 03 Dec 2021 16:22:52 GMT
content-type
text/html; charset=utf-8
vary
Accept-Encoding
content-encoding
gzip
timing-allow-origin
*
index.html
517s61.reminews.com/dannig/common-player-arrow/ 		6 KB
7 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://517s61.reminews.com/dannig/common-player-arrow/index.html?var=1541501&ymid=211203112255cf98ba6f8046b390a379c5c5&rc=1&mrc=0&fsc=0&zoneid=1601571&tburl=https://play-vids.com/?geo=nl&proxy=true
Requested by
Host: kneeansweras.com
URL: https://kneeansweras.com/?r=dir&zoneid=1541501&var=1541502&pb=0f9fb7e3891dd6b84a453baea88873541638555772&psp=gxg2JcCoC2QOekukaykbp35qGJYuRhj0kuPGAtmFNfyCt0ROW7aMDQ0loJ9hjBYoDNZFtELp3AX_isIh9s3AVrCSv-beSLHkIy9TuyYNgYi3EGUu0uXs1nbSsPSIyzrAPBNHsGeVq6qLktsxdvJ1D9ebqyFjQeKznH2TDKxwqUPEj8yNKfEO2CiVBhWJsl1pMrHEmMsUeqNTY4gB3svjuy0oVCciJ9CKyOR3Y0fDW7sFwqkzh2wXWGFat7nx8hRrWewByt-o1RfiX1hMnQGugzphEFnEonZsC497FXhSZgitT3j7AnGZWlKeHv9_J2UVcHjsFTSM9sXQdWx3_kdcmUxqUZo4W3m5uG2IogiCOs6ZrGmo1fWHo6RwEncDkHkiD8NMgtXWquHPNg_d07Bt8-1NU-QKC8T5DMem9GuMvUFHpfvSN-6Zy2lUVP40t6filegr7ZFqcBxqKZrSdqYbL5MTTQRJ-j8RJg01SPDi95qWo9LRQSe0tLBZLIoacYaeSTkdjNpkUFqpkf6SH75NB1LAwuxWQOmg9GIqb8ntNJ105zgzPndOo3WpGeyENGwcbL9dAaA4VMSq4-NCnz2SraY2DDjQxV95o2G3OZ4dALSbxyneEJMTuvWytVCZGHlUhPl7LIImFQgrBqJVP-RcW3NQskNmScu9gDjCPKPpyQ8xLLUYP2Vchw==&nojs=0&ix=0&t=0&x=1600&y=1200&wcks=1&wgl=1&cnvs=1&os=0&md=0&bb=0&pl=Chrome%20PDF%20Plugin::Chrome%20PDF%20Viewer::Native%20Client&lang=en-US&pf=Linux%20x86_64&cd=24&0&pload=109
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
45.133.44.3 Philadelphia, United States, ASN39572 (ADVANCEDHOSTERS-AS, NL),
Reverse DNS
Software
nginx/1.18.0 /
Resource Hash
dccc56b4834577790633f041a5c730b0f283352e63c8509a9da3961b170b6f96

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36
Accept-Language
nl-NL,nl;q=0.9

Response headers

date
Fri, 03 Dec 2021 16:22:52 GMT
content-type
text/html; charset=utf-8
content-length
6611
server
nginx/1.18.0
last-modified
Tue, 26 Oct 2021 15:52:40 GMT
etag
f46a63e0e4e733d7ddc6f46da00863bf
x-timestamp
1635263559.76455
x-trans-id
txf9973ab5455e4f86ae257-00617824f3
x-openstack-request-id
txf9973ab5455e4f86ae257-00617824f3
cache-control
max-age=172800
access-control-allow-origin
*
access-control-allow-methods
HEAD,GET,POST,PUT,PATCH,DELETE,OPTIONS
access-control-allow-headers
Content-Type,X-Requested-With,X-Auth-Token,X-Openstack-Request-Id,X-Container-Meta-type,X-Container-Meta-Temp-URL-Key,Authorization
access-control-expose-headers
X-Container-Meta-Temp-Url-Key,X-Container-Bytes-Used,Last-Modified,X-Timestamp
expires
Sun, 05 Dec 2021 16:22:52 GMT
vary
Accept-Encoding
x-proxy-cache
HIT
accept-ranges
bytes
dupa.gif
kneeansweras.com/ 		0
0
script.js
123.selornews.com/dannig/common-player-arrow/ 		4 KB
5 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://123.selornews.com/dannig/common-player-arrow/script.js?a=19
Requested by
Host: 517s61.reminews.com
URL: https://517s61.reminews.com/dannig/common-player-arrow/index.html?var=1541501&ymid=211203112255cf98ba6f8046b390a379c5c5&rc=1&mrc=0&fsc=0&zoneid=1601571&tburl=https://play-vids.com/?geo=nl&proxy=true
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
45.133.44.4 Philadelphia, United States, ASN39572 (ADVANCEDHOSTERS-AS, NL),
Reverse DNS
Software
nginx/1.18.0 /
Resource Hash
4d23eca65ee87fd5bce9aaefc863c5f836ad13dbb3069c72533bddfe2054d0d9

Request headers

Accept-Language
nl-NL,nl;q=0.9
Referer
https://517s61.reminews.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date
Fri, 03 Dec 2021 16:22:52 GMT
x-openstack-request-id
tx511d3042704c4fa98c709-00617824f4
x-trans-id
tx511d3042704c4fa98c709-00617824f4
x-timestamp
1631013005.68768
accept-ranges
bytes
expires
Sun, 05 Dec 2021 16:22:52 GMT
last-modified
Tue, 07 Sep 2021 11:10:06 GMT
server
nginx/1.18.0
etag
9d479878f1dadd7ee15cebf73891e8ae
vary
Accept-Encoding
access-control-allow-methods
HEAD,GET,POST,PUT,PATCH,DELETE,OPTIONS
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
access-control-expose-headers
X-Container-Meta-Temp-Url-Key,X-Container-Bytes-Used,Last-Modified,X-Timestamp
cache-control
max-age=172800
content-length
4281
access-control-allow-headers
Content-Type,X-Requested-With,X-Auth-Token,X-Openstack-Request-Id,X-Container-Meta-type,X-Container-Meta-Temp-URL-Key,Authorization
x-proxy-cache
HIT
icon1.png
123.selornews.com/dannig/common-player-arrow/img/ 		7 KB
8 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://123.selornews.com/dannig/common-player-arrow/img/icon1.png
Requested by
Host: 517s61.reminews.com
URL: https://517s61.reminews.com/dannig/common-player-arrow/index.html?var=1541501&ymid=211203112255cf98ba6f8046b390a379c5c5&rc=1&mrc=0&fsc=0&zoneid=1601571&tburl=https://play-vids.com/?geo=nl&proxy=true
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
45.133.44.4 Philadelphia, United States, ASN39572 (ADVANCEDHOSTERS-AS, NL),
Reverse DNS
Software
nginx/1.18.0 /
Resource Hash
0515ddd9185d263874e7b66bb6d521fcd63b857aac5fed51c08df98026dafe27

Request headers

Accept-Language
nl-NL,nl;q=0.9
Referer
https://517s61.reminews.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date
Fri, 03 Dec 2021 16:22:52 GMT
x-openstack-request-id
tx3a371b7f911d47879e956-00617824f4
x-trans-id
tx3a371b7f911d47879e956-00617824f4
x-timestamp
1621260766.56573
accept-ranges
bytes
expires
Sun, 05 Dec 2021 16:22:52 GMT
last-modified
Mon, 17 May 2021 14:12:47 GMT
server
nginx/1.18.0
etag
3d0ab5834c8bf7134e4d21fa3288317f
vary
Accept-Encoding
access-control-allow-methods
HEAD,GET,POST,PUT,PATCH,DELETE,OPTIONS
content-type
image/png
access-control-allow-origin
*
access-control-expose-headers
X-Container-Meta-Temp-Url-Key,X-Container-Bytes-Used,Last-Modified,X-Timestamp
cache-control
max-age=172800
content-length
7252
access-control-allow-headers
Content-Type,X-Requested-With,X-Auth-Token,X-Openstack-Request-Id,X-Container-Meta-type,X-Container-Meta-Temp-URL-Key,Authorization
x-proxy-cache
HIT
icon2.png
123.selornews.com/dannig/common-player-arrow/img/ 		4 KB
5 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://123.selornews.com/dannig/common-player-arrow/img/icon2.png
Requested by
Host: 517s61.reminews.com
URL: https://517s61.reminews.com/dannig/common-player-arrow/index.html?var=1541501&ymid=211203112255cf98ba6f8046b390a379c5c5&rc=1&mrc=0&fsc=0&zoneid=1601571&tburl=https://play-vids.com/?geo=nl&proxy=true
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
45.133.44.4 Philadelphia, United States, ASN39572 (ADVANCEDHOSTERS-AS, NL),
Reverse DNS
Software
nginx/1.18.0 /
Resource Hash

Request headers

Accept-Language
nl-NL,nl;q=0.9
Referer
https://517s61.reminews.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date
Fri, 03 Dec 2021 16:22:52 GMT
x-openstack-request-id
txa9b08c83d6884e2e94886-00617824f0
x-trans-id
txa9b08c83d6884e2e94886-00617824f0
x-timestamp
1621260766.58366
accept-ranges
bytes
expires
Sun, 05 Dec 2021 16:22:52 GMT
last-modified
Mon, 17 May 2021 14:12:47 GMT
server
nginx/1.18.0
etag
c947d439eb93367f1af5b2a3d222f057
vary
Accept-Encoding
access-control-allow-methods
HEAD,GET,POST,PUT,PATCH,DELETE,OPTIONS
content-type
image/png
access-control-allow-origin
*
access-control-expose-headers
X-Container-Meta-Temp-Url-Key,X-Container-Bytes-Used,Last-Modified,X-Timestamp
cache-control
max-age=172800
content-length
4576
access-control-allow-headers
Content-Type,X-Requested-With,X-Auth-Token,X-Openstack-Request-Id,X-Container-Meta-type,X-Container-Meta-Temp-URL-Key,Authorization
x-proxy-cache
HIT
icon3.png
123.selornews.com/dannig/common-player-arrow/img/ 		8 KB
8 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://123.selornews.com/dannig/common-player-arrow/img/icon3.png
Requested by
Host: 517s61.reminews.com
URL: https://517s61.reminews.com/dannig/common-player-arrow/index.html?var=1541501&ymid=211203112255cf98ba6f8046b390a379c5c5&rc=1&mrc=0&fsc=0&zoneid=1601571&tburl=https://play-vids.com/?geo=nl&proxy=true
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
45.133.44.4 Philadelphia, United States, ASN39572 (ADVANCEDHOSTERS-AS, NL),
Reverse DNS
Software
nginx/1.18.0 /
Resource Hash

Request headers

Accept-Language
nl-NL,nl;q=0.9
Referer
https://517s61.reminews.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date
Fri, 03 Dec 2021 16:22:52 GMT
x-openstack-request-id
txe836bc800dc74cab8c17e-00617824f0
x-trans-id
txe836bc800dc74cab8c17e-00617824f0
x-timestamp
1621260770.61859
accept-ranges
bytes
expires
Sun, 05 Dec 2021 16:22:52 GMT
last-modified
Mon, 17 May 2021 14:12:51 GMT
server
nginx/1.18.0
etag
8f3cc830da0b1fdf66bda7d1d734747b
vary
Accept-Encoding
access-control-allow-methods
HEAD,GET,POST,PUT,PATCH,DELETE,OPTIONS
content-type
image/png
access-control-allow-origin
*
access-control-expose-headers
X-Container-Meta-Temp-Url-Key,X-Container-Bytes-Used,Last-Modified,X-Timestamp
cache-control
max-age=172800
content-length
7847
access-control-allow-headers
Content-Type,X-Requested-With,X-Auth-Token,X-Openstack-Request-Id,X-Container-Meta-type,X-Container-Meta-Temp-URL-Key,Authorization
x-proxy-cache
HIT
icon4.png
123.selornews.com/dannig/common-player-arrow/img/ 		7 KB
7 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://123.selornews.com/dannig/common-player-arrow/img/icon4.png
Requested by
Host: 517s61.reminews.com
URL: https://517s61.reminews.com/dannig/common-player-arrow/index.html?var=1541501&ymid=211203112255cf98ba6f8046b390a379c5c5&rc=1&mrc=0&fsc=0&zoneid=1601571&tburl=https://play-vids.com/?geo=nl&proxy=true
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
45.133.44.4 Philadelphia, United States, ASN39572 (ADVANCEDHOSTERS-AS, NL),
Reverse DNS
Software
nginx/1.18.0 /
Resource Hash

Request headers

Accept-Language
nl-NL,nl;q=0.9
Referer
https://517s61.reminews.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date
Fri, 03 Dec 2021 16:22:52 GMT
x-openstack-request-id
tx15b172dcb6084849bf123-00617824f0
x-trans-id
tx15b172dcb6084849bf123-00617824f0
x-timestamp
1621260766.57654
accept-ranges
bytes
expires
Sun, 05 Dec 2021 16:22:52 GMT
last-modified
Mon, 17 May 2021 14:12:47 GMT
server
nginx/1.18.0
etag
7ad7f32c1c0df7b4975cc41bda4ac435
vary
Accept-Encoding
access-control-allow-methods
HEAD,GET,POST,PUT,PATCH,DELETE,OPTIONS
content-type
image/png
access-control-allow-origin
*
access-control-expose-headers
X-Container-Meta-Temp-Url-Key,X-Container-Bytes-Used,Last-Modified,X-Timestamp
cache-control
max-age=172800
content-length
7032
access-control-allow-headers
Content-Type,X-Requested-With,X-Auth-Token,X-Openstack-Request-Id,X-Container-Meta-type,X-Container-Meta-Temp-URL-Key,Authorization
x-proxy-cache
HIT
icon5.png
123.selornews.com/dannig/common-player-arrow/img/ 		3 KB
4 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://123.selornews.com/dannig/common-player-arrow/img/icon5.png
Requested by
Host: 517s61.reminews.com
URL: https://517s61.reminews.com/dannig/common-player-arrow/index.html?var=1541501&ymid=211203112255cf98ba6f8046b390a379c5c5&rc=1&mrc=0&fsc=0&zoneid=1601571&tburl=https://play-vids.com/?geo=nl&proxy=true
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
45.133.44.4 Philadelphia, United States, ASN39572 (ADVANCEDHOSTERS-AS, NL),
Reverse DNS
Software
nginx/1.18.0 /
Resource Hash

Request headers

Accept-Language
nl-NL,nl;q=0.9
Referer
https://517s61.reminews.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date
Fri, 03 Dec 2021 16:22:52 GMT
x-openstack-request-id
txb5043e51fe2e4d6988631-00617824f0
x-trans-id
txb5043e51fe2e4d6988631-00617824f0
x-timestamp
1621260766.74516
accept-ranges
bytes
expires
Sun, 05 Dec 2021 16:22:52 GMT
last-modified
Mon, 17 May 2021 14:12:47 GMT
server
nginx/1.18.0
etag
1e1a7582b5da63e10485d63f97abc9a0
vary
Accept-Encoding
access-control-allow-methods
HEAD,GET,POST,PUT,PATCH,DELETE,OPTIONS
content-type
image/png
access-control-allow-origin
*
access-control-expose-headers
X-Container-Meta-Temp-Url-Key,X-Container-Bytes-Used,Last-Modified,X-Timestamp
cache-control
max-age=172800
content-length
3264
access-control-allow-headers
Content-Type,X-Requested-With,X-Auth-Token,X-Openstack-Request-Id,X-Container-Meta-type,X-Container-Meta-Temp-URL-Key,Authorization
x-proxy-cache
HIT
icon7.png
123.selornews.com/dannig/common-player-arrow/img/ 		3 KB
4 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://123.selornews.com/dannig/common-player-arrow/img/icon7.png
Requested by
Host: 517s61.reminews.com
URL: https://517s61.reminews.com/dannig/common-player-arrow/index.html?var=1541501&ymid=211203112255cf98ba6f8046b390a379c5c5&rc=1&mrc=0&fsc=0&zoneid=1601571&tburl=https://play-vids.com/?geo=nl&proxy=true
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
45.133.44.4 Philadelphia, United States, ASN39572 (ADVANCEDHOSTERS-AS, NL),
Reverse DNS
Software
nginx/1.18.0 /
Resource Hash

Request headers

Accept-Language
nl-NL,nl;q=0.9
Referer
https://517s61.reminews.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date
Fri, 03 Dec 2021 16:22:52 GMT
x-openstack-request-id
tx23eb648f44094a9e86fdc-00617824f0
x-trans-id
tx23eb648f44094a9e86fdc-00617824f0
x-timestamp
1621260767.43555
accept-ranges
bytes
expires
Sun, 05 Dec 2021 16:22:52 GMT
last-modified
Mon, 17 May 2021 14:12:48 GMT
server
nginx/1.18.0
etag
b512735542cb07b3b2dcf153a7dfe456
vary
Accept-Encoding
access-control-allow-methods
HEAD,GET,POST,PUT,PATCH,DELETE,OPTIONS
content-type
image/png
access-control-allow-origin
*
access-control-expose-headers
X-Container-Meta-Temp-Url-Key,X-Container-Bytes-Used,Last-Modified,X-Timestamp
cache-control
max-age=172800
content-length
3283
access-control-allow-headers
Content-Type,X-Requested-With,X-Auth-Token,X-Openstack-Request-Id,X-Container-Meta-type,X-Container-Meta-Temp-URL-Key,Authorization
x-proxy-cache
HIT
icon8.png
123.selornews.com/dannig/common-player-arrow/img/ 		4 KB
5 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://123.selornews.com/dannig/common-player-arrow/img/icon8.png
Requested by
Host: 517s61.reminews.com
URL: https://517s61.reminews.com/dannig/common-player-arrow/index.html?var=1541501&ymid=211203112255cf98ba6f8046b390a379c5c5&rc=1&mrc=0&fsc=0&zoneid=1601571&tburl=https://play-vids.com/?geo=nl&proxy=true
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
45.133.44.4 Philadelphia, United States, ASN39572 (ADVANCEDHOSTERS-AS, NL),
Reverse DNS
Software
nginx/1.18.0 /
Resource Hash

Request headers

Accept-Language
nl-NL,nl;q=0.9
Referer
https://517s61.reminews.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date
Fri, 03 Dec 2021 16:22:52 GMT
x-openstack-request-id
tx287de7c84de84b77b385d-00617824f0
x-trans-id
tx287de7c84de84b77b385d-00617824f0
x-timestamp
1621260767.46514
accept-ranges
bytes
expires
Sun, 05 Dec 2021 16:22:52 GMT
last-modified
Mon, 17 May 2021 14:12:48 GMT
server
nginx/1.18.0
etag
f92d6474ebc6a3a0b576749cfb4afe98
vary
Accept-Encoding
access-control-allow-methods
HEAD,GET,POST,PUT,PATCH,DELETE,OPTIONS
content-type
image/png
access-control-allow-origin
*
access-control-expose-headers
X-Container-Meta-Temp-Url-Key,X-Container-Bytes-Used,Last-Modified,X-Timestamp
cache-control
max-age=172800
content-length
4064
access-control-allow-headers
Content-Type,X-Requested-With,X-Auth-Token,X-Openstack-Request-Id,X-Container-Meta-type,X-Container-Meta-Temp-URL-Key,Authorization
x-proxy-cache
HIT
afu.php
kneeansweras.com/ 		2 KB
1 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://kneeansweras.com/afu.php?zoneid=1541502&var=1541501
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
109.206.162.83 , Netherlands, ASN50245 (SERVEREL-AS, NL),
Reverse DNS
83.162.serverel.net
Software
nginx /
Resource Hash
aafd531301cb58ef73483d57dcf6d6dbc2f3d728abb3c4a0fa7b3a617265aefe

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36
Accept-Language
nl-NL,nl;q=0.9

Response headers

server
nginx
date
Fri, 03 Dec 2021 16:22:52 GMT
content-type
text/html; charset=utf-8
vary
Accept-Encoding
content-encoding
gzip
timing-allow-origin
*
submit.min.js
kneeansweras.com/ 		34 KB
14 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://kneeansweras.com/submit.min.js?2.0
Requested by
Host: kneeansweras.com
URL: https://kneeansweras.com/afu.php?zoneid=1541502&var=1541501
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
109.206.162.83 , Netherlands, ASN50245 (SERVEREL-AS, NL),
Reverse DNS
83.162.serverel.net
Software
nginx /
Resource Hash
85a367f436675a0f9ff723ab117c68ab0f704cd9f183bc40c8d5e06d647832b8

Request headers

Accept-Language
nl-NL,nl;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date
Fri, 03 Dec 2021 16:22:52 GMT
content-encoding
gzip
last-modified
Thu, 02 Dec 2021 12:43:17 GMT
server
nginx
etag
W/"61a8bf65-87fb"
vary
Accept-Encoding
content-type
application/javascript
timing-allow-origin
*
/
kneeansweras.com/ 		3 KB
2 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://kneeansweras.com/?r=dir&zoneid=1541502&var=1541501&pb=0f9fb7e3891dd6b84a453baea88873541638555772&psp=SfglY-mz0cFAFc-Yd4Dr1RZvQQqRRLbSGIht2Em67Ou7GSUAwee-HeEehXnYFynx_IG5d_sIfiHH-8wd8W6ounwKjg1ZhIWObwV4WofagsNi59SP3gJy6fP56yIjHklk1PwGN1TDfyBypw-uzADEUNmkB5wMXj2xVHAqbbbjqBLajD2cE8hb_iFBzz0RFXU4Qh_wfLD3xofAr8wuP4e9tOGM418kJMxSIlEJUnLdnRaOpfPpA24ivJ7FVYmeHh7IusCRMsiZPb0ivNNit45CQk17nS5iSNdreem4qLgAn-v9rOWHgmK2nDzUav5_ErkAgcu-kRcjTwcSunZFYI3ti5Fz7GJVNMUWP2hs45Zsb0AIVV5i1xBlOOB8wpahF_n-gd8i6-1Z55_6PIgFb4qetEkduFxxG_L1BCu6167FPlIBECafjaMhyyWDhUDe7Q_oISv0B8Qyo--zHNkUxmVufP93oKqZa3Umk8_bAKJTaklh6KXazqBkVj8dgr7Mmezwf0fd29B3SauKcp-01D6U-azO7FBRr1YOIirmC0ym2bscyQxfyeorOSqIUTE0hrZ8ZC7twlKky5ZYWPiu09qghKje_NCSHpuVJT1zauG3KjbVCBkZ7EaC1qBN2jjybcNeZejfyAvtNiq-0H7QQfnH49oM_LUUkl5oQVToFZPUDi2YHgRzN9qT3Q==&nojs=0&ix=0&t=0&x=1600&y=1200&wcks=1&wgl=1&cnvs=1&os=0&md=0&bb=0&pl=Chrome%20PDF%20Plugin::Chrome%20PDF%20Viewer::Native%20Client&lang=en-US&pf=Linux%20x86_64&cd=24&0&pload=105
Requested by
Host: kneeansweras.com
URL: https://kneeansweras.com/submit.min.js?2.0
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
109.206.162.83 , Netherlands, ASN50245 (SERVEREL-AS, NL),
Reverse DNS
83.162.serverel.net
Software
nginx /
Resource Hash
c5529298266d4fd7809c5b9577c6df76bd3e6f25ffead25254c3045dfa175387

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36
Accept-Language
nl-NL,nl;q=0.9

Response headers

server
nginx
date
Fri, 03 Dec 2021 16:22:52 GMT
content-type
text/html; charset=utf-8
vary
Accept-Encoding
content-encoding
gzip
timing-allow-origin
*
index.html
517s61.reminews.com/dannig/common-player-arrow/ 		6 KB
7 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://517s61.reminews.com/dannig/common-player-arrow/index.html?var=1541502&ymid=211203112202c868f25c854a8d8b66ecc806&rc=1&mrc=0&fsc=0&zoneid=1601571&tburl=https://play-vids.com/?geo=nl&proxy=true
Requested by
Host: kneeansweras.com
URL: https://kneeansweras.com/?r=dir&zoneid=1541502&var=1541501&pb=0f9fb7e3891dd6b84a453baea88873541638555772&psp=SfglY-mz0cFAFc-Yd4Dr1RZvQQqRRLbSGIht2Em67Ou7GSUAwee-HeEehXnYFynx_IG5d_sIfiHH-8wd8W6ounwKjg1ZhIWObwV4WofagsNi59SP3gJy6fP56yIjHklk1PwGN1TDfyBypw-uzADEUNmkB5wMXj2xVHAqbbbjqBLajD2cE8hb_iFBzz0RFXU4Qh_wfLD3xofAr8wuP4e9tOGM418kJMxSIlEJUnLdnRaOpfPpA24ivJ7FVYmeHh7IusCRMsiZPb0ivNNit45CQk17nS5iSNdreem4qLgAn-v9rOWHgmK2nDzUav5_ErkAgcu-kRcjTwcSunZFYI3ti5Fz7GJVNMUWP2hs45Zsb0AIVV5i1xBlOOB8wpahF_n-gd8i6-1Z55_6PIgFb4qetEkduFxxG_L1BCu6167FPlIBECafjaMhyyWDhUDe7Q_oISv0B8Qyo--zHNkUxmVufP93oKqZa3Umk8_bAKJTaklh6KXazqBkVj8dgr7Mmezwf0fd29B3SauKcp-01D6U-azO7FBRr1YOIirmC0ym2bscyQxfyeorOSqIUTE0hrZ8ZC7twlKky5ZYWPiu09qghKje_NCSHpuVJT1zauG3KjbVCBkZ7EaC1qBN2jjybcNeZejfyAvtNiq-0H7QQfnH49oM_LUUkl5oQVToFZPUDi2YHgRzN9qT3Q==&nojs=0&ix=0&t=0&x=1600&y=1200&wcks=1&wgl=1&cnvs=1&os=0&md=0&bb=0&pl=Chrome%20PDF%20Plugin::Chrome%20PDF%20Viewer::Native%20Client&lang=en-US&pf=Linux%20x86_64&cd=24&0&pload=105
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
45.133.44.3 Philadelphia, United States, ASN39572 (ADVANCEDHOSTERS-AS, NL),
Reverse DNS
Software
nginx/1.18.0 /
Resource Hash
dccc56b4834577790633f041a5c730b0f283352e63c8509a9da3961b170b6f96

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36
Accept-Language
nl-NL,nl;q=0.9

Response headers

date
Fri, 03 Dec 2021 16:22:52 GMT
content-type
text/html; charset=utf-8
content-length
6611
server
nginx/1.18.0
last-modified
Tue, 26 Oct 2021 15:52:40 GMT
etag
f46a63e0e4e733d7ddc6f46da00863bf
x-timestamp
1635263559.76455
x-trans-id
txf9973ab5455e4f86ae257-00617824f3
x-openstack-request-id
txf9973ab5455e4f86ae257-00617824f3
cache-control
max-age=172800
access-control-allow-origin
*
access-control-allow-methods
HEAD,GET,POST,PUT,PATCH,DELETE,OPTIONS
access-control-allow-headers
Content-Type,X-Requested-With,X-Auth-Token,X-Openstack-Request-Id,X-Container-Meta-type,X-Container-Meta-Temp-URL-Key,Authorization
access-control-expose-headers
X-Container-Meta-Temp-Url-Key,X-Container-Bytes-Used,Last-Modified,X-Timestamp
expires
Sun, 05 Dec 2021 16:22:52 GMT
vary
Accept-Encoding
x-proxy-cache
HIT
accept-ranges
bytes
dupa.gif
kneeansweras.com/ 		0
0
script.js
123.selornews.com/dannig/common-player-arrow/ 		4 KB
5 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://123.selornews.com/dannig/common-player-arrow/script.js?a=19
Requested by
Host: 517s61.reminews.com
URL: https://517s61.reminews.com/dannig/common-player-arrow/index.html?var=1541502&ymid=211203112202c868f25c854a8d8b66ecc806&rc=1&mrc=0&fsc=0&zoneid=1601571&tburl=https://play-vids.com/?geo=nl&proxy=true
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
45.133.44.4 Philadelphia, United States, ASN39572 (ADVANCEDHOSTERS-AS, NL),
Reverse DNS
Software
nginx/1.18.0 /
Resource Hash
4d23eca65ee87fd5bce9aaefc863c5f836ad13dbb3069c72533bddfe2054d0d9

Request headers

Accept-Language
nl-NL,nl;q=0.9
Referer
https://517s61.reminews.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date
Fri, 03 Dec 2021 16:22:53 GMT
x-openstack-request-id
tx511d3042704c4fa98c709-00617824f4
x-trans-id
tx511d3042704c4fa98c709-00617824f4
x-timestamp
1631013005.68768
accept-ranges
bytes
expires
Sun, 05 Dec 2021 16:22:53 GMT
last-modified
Tue, 07 Sep 2021 11:10:06 GMT
server
nginx/1.18.0
etag
9d479878f1dadd7ee15cebf73891e8ae
vary
Accept-Encoding
access-control-allow-methods
HEAD,GET,POST,PUT,PATCH,DELETE,OPTIONS
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
access-control-expose-headers
X-Container-Meta-Temp-Url-Key,X-Container-Bytes-Used,Last-Modified,X-Timestamp
cache-control
max-age=172800
content-length
4281
access-control-allow-headers
Content-Type,X-Requested-With,X-Auth-Token,X-Openstack-Request-Id,X-Container-Meta-type,X-Container-Meta-Temp-URL-Key,Authorization
x-proxy-cache
HIT
icon1.png
123.selornews.com/dannig/common-player-arrow/img/ 		7 KB
8 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://123.selornews.com/dannig/common-player-arrow/img/icon1.png
Requested by
Host: 517s61.reminews.com
URL: https://517s61.reminews.com/dannig/common-player-arrow/index.html?var=1541502&ymid=211203112202c868f25c854a8d8b66ecc806&rc=1&mrc=0&fsc=0&zoneid=1601571&tburl=https://play-vids.com/?geo=nl&proxy=true
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
45.133.44.4 Philadelphia, United States, ASN39572 (ADVANCEDHOSTERS-AS, NL),
Reverse DNS
Software
nginx/1.18.0 /
Resource Hash

Request headers

Accept-Language
nl-NL,nl;q=0.9
Referer
https://517s61.reminews.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date
Fri, 03 Dec 2021 16:22:53 GMT
x-openstack-request-id
tx3a371b7f911d47879e956-00617824f4
x-trans-id
tx3a371b7f911d47879e956-00617824f4
x-timestamp
1621260766.56573
accept-ranges
bytes
expires
Sun, 05 Dec 2021 16:22:53 GMT
last-modified
Mon, 17 May 2021 14:12:47 GMT
server
nginx/1.18.0
etag
3d0ab5834c8bf7134e4d21fa3288317f
vary
Accept-Encoding
access-control-allow-methods
HEAD,GET,POST,PUT,PATCH,DELETE,OPTIONS
content-type
image/png
access-control-allow-origin
*
access-control-expose-headers
X-Container-Meta-Temp-Url-Key,X-Container-Bytes-Used,Last-Modified,X-Timestamp
cache-control
max-age=172800
content-length
7252
access-control-allow-headers
Content-Type,X-Requested-With,X-Auth-Token,X-Openstack-Request-Id,X-Container-Meta-type,X-Container-Meta-Temp-URL-Key,Authorization
x-proxy-cache
HIT
icon2.png
123.selornews.com/dannig/common-player-arrow/img/ 		4 KB
5 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://123.selornews.com/dannig/common-player-arrow/img/icon2.png
Requested by
Host: 517s61.reminews.com
URL: https://517s61.reminews.com/dannig/common-player-arrow/index.html?var=1541502&ymid=211203112202c868f25c854a8d8b66ecc806&rc=1&mrc=0&fsc=0&zoneid=1601571&tburl=https://play-vids.com/?geo=nl&proxy=true
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
45.133.44.4 Philadelphia, United States, ASN39572 (ADVANCEDHOSTERS-AS, NL),
Reverse DNS
Software
nginx/1.18.0 /
Resource Hash

Request headers

Accept-Language
nl-NL,nl;q=0.9
Referer
https://517s61.reminews.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date
Fri, 03 Dec 2021 16:22:53 GMT
x-openstack-request-id
txa9b08c83d6884e2e94886-00617824f0
x-trans-id
txa9b08c83d6884e2e94886-00617824f0
x-timestamp
1621260766.58366
accept-ranges
bytes
expires
Sun, 05 Dec 2021 16:22:53 GMT
last-modified
Mon, 17 May 2021 14:12:47 GMT
server
nginx/1.18.0
etag
c947d439eb93367f1af5b2a3d222f057
vary
Accept-Encoding
access-control-allow-methods
HEAD,GET,POST,PUT,PATCH,DELETE,OPTIONS
content-type
image/png
access-control-allow-origin
*
access-control-expose-headers
X-Container-Meta-Temp-Url-Key,X-Container-Bytes-Used,Last-Modified,X-Timestamp
cache-control
max-age=172800
content-length
4576
access-control-allow-headers
Content-Type,X-Requested-With,X-Auth-Token,X-Openstack-Request-Id,X-Container-Meta-type,X-Container-Meta-Temp-URL-Key,Authorization
x-proxy-cache
HIT
icon3.png
123.selornews.com/dannig/common-player-arrow/img/ 		8 KB
8 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://123.selornews.com/dannig/common-player-arrow/img/icon3.png
Requested by
Host: 517s61.reminews.com
URL: https://517s61.reminews.com/dannig/common-player-arrow/index.html?var=1541502&ymid=211203112202c868f25c854a8d8b66ecc806&rc=1&mrc=0&fsc=0&zoneid=1601571&tburl=https://play-vids.com/?geo=nl&proxy=true
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
45.133.44.4 Philadelphia, United States, ASN39572 (ADVANCEDHOSTERS-AS, NL),
Reverse DNS
Software
nginx/1.18.0 /
Resource Hash

Request headers

Accept-Language
nl-NL,nl;q=0.9
Referer
https://517s61.reminews.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date
Fri, 03 Dec 2021 16:22:53 GMT
x-openstack-request-id
txe836bc800dc74cab8c17e-00617824f0
x-trans-id
txe836bc800dc74cab8c17e-00617824f0
x-timestamp
1621260770.61859
accept-ranges
bytes
expires
Sun, 05 Dec 2021 16:22:53 GMT
last-modified
Mon, 17 May 2021 14:12:51 GMT
server
nginx/1.18.0
etag
8f3cc830da0b1fdf66bda7d1d734747b
vary
Accept-Encoding
access-control-allow-methods
HEAD,GET,POST,PUT,PATCH,DELETE,OPTIONS
content-type
image/png
access-control-allow-origin
*
access-control-expose-headers
X-Container-Meta-Temp-Url-Key,X-Container-Bytes-Used,Last-Modified,X-Timestamp
cache-control
max-age=172800
content-length
7847
access-control-allow-headers
Content-Type,X-Requested-With,X-Auth-Token,X-Openstack-Request-Id,X-Container-Meta-type,X-Container-Meta-Temp-URL-Key,Authorization
x-proxy-cache
HIT
icon4.png
123.selornews.com/dannig/common-player-arrow/img/ 		7 KB
7 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://123.selornews.com/dannig/common-player-arrow/img/icon4.png
Requested by
Host: 517s61.reminews.com
URL: https://517s61.reminews.com/dannig/common-player-arrow/index.html?var=1541502&ymid=211203112202c868f25c854a8d8b66ecc806&rc=1&mrc=0&fsc=0&zoneid=1601571&tburl=https://play-vids.com/?geo=nl&proxy=true
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
45.133.44.4 Philadelphia, United States, ASN39572 (ADVANCEDHOSTERS-AS, NL),
Reverse DNS
Software
nginx/1.18.0 /
Resource Hash

Request headers

Accept-Language
nl-NL,nl;q=0.9
Referer
https://517s61.reminews.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date
Fri, 03 Dec 2021 16:22:53 GMT
x-openstack-request-id
tx15b172dcb6084849bf123-00617824f0
x-trans-id
tx15b172dcb6084849bf123-00617824f0
x-timestamp
1621260766.57654
accept-ranges
bytes
expires
Sun, 05 Dec 2021 16:22:53 GMT
last-modified
Mon, 17 May 2021 14:12:47 GMT
server
nginx/1.18.0
etag
7ad7f32c1c0df7b4975cc41bda4ac435
vary
Accept-Encoding
access-control-allow-methods
HEAD,GET,POST,PUT,PATCH,DELETE,OPTIONS
content-type
image/png
access-control-allow-origin
*
access-control-expose-headers
X-Container-Meta-Temp-Url-Key,X-Container-Bytes-Used,Last-Modified,X-Timestamp
cache-control
max-age=172800
content-length
7032
access-control-allow-headers
Content-Type,X-Requested-With,X-Auth-Token,X-Openstack-Request-Id,X-Container-Meta-type,X-Container-Meta-Temp-URL-Key,Authorization
x-proxy-cache
HIT
icon5.png
123.selornews.com/dannig/common-player-arrow/img/ 		3 KB
4 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://123.selornews.com/dannig/common-player-arrow/img/icon5.png
Requested by
Host: 517s61.reminews.com
URL: https://517s61.reminews.com/dannig/common-player-arrow/index.html?var=1541502&ymid=211203112202c868f25c854a8d8b66ecc806&rc=1&mrc=0&fsc=0&zoneid=1601571&tburl=https://play-vids.com/?geo=nl&proxy=true
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
45.133.44.4 Philadelphia, United States, ASN39572 (ADVANCEDHOSTERS-AS, NL),
Reverse DNS
Software
nginx/1.18.0 /
Resource Hash

Request headers

Accept-Language
nl-NL,nl;q=0.9
Referer
https://517s61.reminews.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date
Fri, 03 Dec 2021 16:22:53 GMT
x-openstack-request-id
txb5043e51fe2e4d6988631-00617824f0
x-trans-id
txb5043e51fe2e4d6988631-00617824f0
x-timestamp
1621260766.74516
accept-ranges
bytes
expires
Sun, 05 Dec 2021 16:22:53 GMT
last-modified
Mon, 17 May 2021 14:12:47 GMT
server
nginx/1.18.0
etag
1e1a7582b5da63e10485d63f97abc9a0
vary
Accept-Encoding
access-control-allow-methods
HEAD,GET,POST,PUT,PATCH,DELETE,OPTIONS
content-type
image/png
access-control-allow-origin
*
access-control-expose-headers
X-Container-Meta-Temp-Url-Key,X-Container-Bytes-Used,Last-Modified,X-Timestamp
cache-control
max-age=172800
content-length
3264
access-control-allow-headers
Content-Type,X-Requested-With,X-Auth-Token,X-Openstack-Request-Id,X-Container-Meta-type,X-Container-Meta-Temp-URL-Key,Authorization
x-proxy-cache
HIT
icon7.png
123.selornews.com/dannig/common-player-arrow/img/ 		3 KB
4 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://123.selornews.com/dannig/common-player-arrow/img/icon7.png
Requested by
Host: 517s61.reminews.com
URL: https://517s61.reminews.com/dannig/common-player-arrow/index.html?var=1541502&ymid=211203112202c868f25c854a8d8b66ecc806&rc=1&mrc=0&fsc=0&zoneid=1601571&tburl=https://play-vids.com/?geo=nl&proxy=true
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
45.133.44.4 Philadelphia, United States, ASN39572 (ADVANCEDHOSTERS-AS, NL),
Reverse DNS
Software
nginx/1.18.0 /
Resource Hash

Request headers

Accept-Language
nl-NL,nl;q=0.9
Referer
https://517s61.reminews.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date
Fri, 03 Dec 2021 16:22:53 GMT
x-openstack-request-id
tx23eb648f44094a9e86fdc-00617824f0
x-trans-id
tx23eb648f44094a9e86fdc-00617824f0
x-timestamp
1621260767.43555
accept-ranges
bytes
expires
Sun, 05 Dec 2021 16:22:53 GMT
last-modified
Mon, 17 May 2021 14:12:48 GMT
server
nginx/1.18.0
etag
b512735542cb07b3b2dcf153a7dfe456
vary
Accept-Encoding
access-control-allow-methods
HEAD,GET,POST,PUT,PATCH,DELETE,OPTIONS
content-type
image/png
access-control-allow-origin
*
access-control-expose-headers
X-Container-Meta-Temp-Url-Key,X-Container-Bytes-Used,Last-Modified,X-Timestamp
cache-control
max-age=172800
content-length
3283
access-control-allow-headers
Content-Type,X-Requested-With,X-Auth-Token,X-Openstack-Request-Id,X-Container-Meta-type,X-Container-Meta-Temp-URL-Key,Authorization
x-proxy-cache
HIT
icon8.png
123.selornews.com/dannig/common-player-arrow/img/ 		4 KB
5 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://123.selornews.com/dannig/common-player-arrow/img/icon8.png
Requested by
Host: 517s61.reminews.com
URL: https://517s61.reminews.com/dannig/common-player-arrow/index.html?var=1541502&ymid=211203112202c868f25c854a8d8b66ecc806&rc=1&mrc=0&fsc=0&zoneid=1601571&tburl=https://play-vids.com/?geo=nl&proxy=true
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
45.133.44.4 Philadelphia, United States, ASN39572 (ADVANCEDHOSTERS-AS, NL),
Reverse DNS
Software
nginx/1.18.0 /
Resource Hash

Request headers

Accept-Language
nl-NL,nl;q=0.9
Referer
https://517s61.reminews.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date
Fri, 03 Dec 2021 16:22:53 GMT
x-openstack-request-id
tx287de7c84de84b77b385d-00617824f0
x-trans-id
tx287de7c84de84b77b385d-00617824f0
x-timestamp
1621260767.46514
accept-ranges
bytes
expires
Sun, 05 Dec 2021 16:22:53 GMT
last-modified
Mon, 17 May 2021 14:12:48 GMT
server
nginx/1.18.0
etag
f92d6474ebc6a3a0b576749cfb4afe98
vary
Accept-Encoding
access-control-allow-methods
HEAD,GET,POST,PUT,PATCH,DELETE,OPTIONS
content-type
image/png
access-control-allow-origin
*
access-control-expose-headers
X-Container-Meta-Temp-Url-Key,X-Container-Bytes-Used,Last-Modified,X-Timestamp
cache-control
max-age=172800
content-length
4064
access-control-allow-headers
Content-Type,X-Requested-With,X-Auth-Token,X-Openstack-Request-Id,X-Container-Meta-type,X-Container-Meta-Temp-URL-Key,Authorization
x-proxy-cache
HIT
afu.php
kneeansweras.com/ 		2 KB
1 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://kneeansweras.com/afu.php?zoneid=1541501&var=1541502
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
109.206.162.83 , Netherlands, ASN50245 (SERVEREL-AS, NL),
Reverse DNS
83.162.serverel.net
Software
nginx /
Resource Hash
609973fd902ffe90ae0f5fd395c233555b3072034e0949b8ddc08063015abbe2

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36
Accept-Language
nl-NL,nl;q=0.9

Response headers

server
nginx
date
Fri, 03 Dec 2021 16:22:53 GMT
content-type
text/html; charset=utf-8
vary
Accept-Encoding
content-encoding
gzip
timing-allow-origin
*
submit.min.js
kneeansweras.com/ 		34 KB
14 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://kneeansweras.com/submit.min.js?2.0
Requested by
Host: kneeansweras.com
URL: https://kneeansweras.com/afu.php?zoneid=1541501&var=1541502
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
109.206.162.83 , Netherlands, ASN50245 (SERVEREL-AS, NL),
Reverse DNS
83.162.serverel.net
Software
nginx /
Resource Hash
85a367f436675a0f9ff723ab117c68ab0f704cd9f183bc40c8d5e06d647832b8

Request headers

Accept-Language
nl-NL,nl;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date
Fri, 03 Dec 2021 16:22:53 GMT
content-encoding
gzip
last-modified
Thu, 02 Dec 2021 12:43:17 GMT
server
nginx
etag
W/"61a8bf65-87fb"
vary
Accept-Encoding
content-type
application/javascript
timing-allow-origin
*
/
kneeansweras.com/ 		3 KB
2 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://kneeansweras.com/?r=dir&zoneid=1541501&var=1541502&pb=fd9320c7c3a5215f51a9fc8f124d502a1638555773&psp=xlEGANeRLxwUt9O4WXzkTRuu7IOa3mxUP7tbcyfHiHj7GUpQKU8SJTMNCiPrVmobgsTEFvs7GWvtXGN3QMcO9oQU80NjfYI-3ZTT1F5G8frHTwHNbr8qCv5VYsK_hfGFYmEk-g1rTrHI4y5VSwD4bHqFgij5mU2gwas0ixXDUSj0RZ-KLl0rDnDBWmarSZHXJHD9zzSfUZ6OV5-2rrNja0VlwKFFjqyJPLrsEs_nT8VF7wg3SjsGkrPk4JNXuVOTUCAVmjZEhbE26iuOrcnmV6VVtPjy00svbBewi3lokSb08Gsm6W0GkTbJH7GJMeUqPep5uMeJYkzQ2yC-Fm3wq3rmB8kTPjXS8t0crTsB60PHs5IDx25Pv2cRpafx-XafGrbxzgvCp5LgZXYFvzvezRLpLaHRV0BmE88e64n7zuTJ4lLZm2enaim2mYB_txT2iGYtAXxiyC1Gxnm9zxQ9WtdQp5bU9vBli3kiZazuygN0HTEWtab_HMQLIJPiVGE5cdks5ALnM7yLxTQQi8U9XBSrEZG6r1ICKlb9cKBaaFsr1iLKRerhN8UEwevdQbZg041aIfx7EaT_iJ6C3gtPwKaX-73oSmNVKgtLGk-qdXFObjFn9qsCfeqojq4ss_f4xAJD9KW1xkh7xEgnRMCPdzBjaqe4EDGwL1D66Gx3HFv462EtxkexXA==&nojs=0&ix=0&t=0&x=1600&y=1200&wcks=1&wgl=1&cnvs=1&os=0&md=0&bb=0&pl=Chrome%20PDF%20Plugin::Chrome%20PDF%20Viewer::Native%20Client&lang=en-US&pf=Linux%20x86_64&cd=24&0&pload=110
Requested by
Host: kneeansweras.com
URL: https://kneeansweras.com/submit.min.js?2.0
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
109.206.162.83 , Netherlands, ASN50245 (SERVEREL-AS, NL),
Reverse DNS
83.162.serverel.net
Software
nginx /
Resource Hash
84fda3591ce3535347275324855e558a869f3959b4a77094e4b4496105a4fff5

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36
Accept-Language
nl-NL,nl;q=0.9

Response headers

server
nginx
date
Fri, 03 Dec 2021 16:22:53 GMT
content-type
text/html; charset=utf-8
vary
Accept-Encoding
content-encoding
gzip
timing-allow-origin
*
index.html
517s61.reminews.com/dannig/common-player-arrow/ 		6 KB
7 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://517s61.reminews.com/dannig/common-player-arrow/index.html?var=1541501&ymid=21120311220e153e1136a64ef79ab679580d&rc=1&mrc=0&fsc=0&zoneid=1601571&tburl=https://play-vids.com/?geo=nl&proxy=true
Requested by
Host: kneeansweras.com
URL: https://kneeansweras.com/?r=dir&zoneid=1541501&var=1541502&pb=fd9320c7c3a5215f51a9fc8f124d502a1638555773&psp=xlEGANeRLxwUt9O4WXzkTRuu7IOa3mxUP7tbcyfHiHj7GUpQKU8SJTMNCiPrVmobgsTEFvs7GWvtXGN3QMcO9oQU80NjfYI-3ZTT1F5G8frHTwHNbr8qCv5VYsK_hfGFYmEk-g1rTrHI4y5VSwD4bHqFgij5mU2gwas0ixXDUSj0RZ-KLl0rDnDBWmarSZHXJHD9zzSfUZ6OV5-2rrNja0VlwKFFjqyJPLrsEs_nT8VF7wg3SjsGkrPk4JNXuVOTUCAVmjZEhbE26iuOrcnmV6VVtPjy00svbBewi3lokSb08Gsm6W0GkTbJH7GJMeUqPep5uMeJYkzQ2yC-Fm3wq3rmB8kTPjXS8t0crTsB60PHs5IDx25Pv2cRpafx-XafGrbxzgvCp5LgZXYFvzvezRLpLaHRV0BmE88e64n7zuTJ4lLZm2enaim2mYB_txT2iGYtAXxiyC1Gxnm9zxQ9WtdQp5bU9vBli3kiZazuygN0HTEWtab_HMQLIJPiVGE5cdks5ALnM7yLxTQQi8U9XBSrEZG6r1ICKlb9cKBaaFsr1iLKRerhN8UEwevdQbZg041aIfx7EaT_iJ6C3gtPwKaX-73oSmNVKgtLGk-qdXFObjFn9qsCfeqojq4ss_f4xAJD9KW1xkh7xEgnRMCPdzBjaqe4EDGwL1D66Gx3HFv462EtxkexXA==&nojs=0&ix=0&t=0&x=1600&y=1200&wcks=1&wgl=1&cnvs=1&os=0&md=0&bb=0&pl=Chrome%20PDF%20Plugin::Chrome%20PDF%20Viewer::Native%20Client&lang=en-US&pf=Linux%20x86_64&cd=24&0&pload=110
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
45.133.44.3 Philadelphia, United States, ASN39572 (ADVANCEDHOSTERS-AS, NL),
Reverse DNS
Software
nginx/1.18.0 /
Resource Hash
dccc56b4834577790633f041a5c730b0f283352e63c8509a9da3961b170b6f96

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36
Accept-Language
nl-NL,nl;q=0.9

Response headers

date
Fri, 03 Dec 2021 16:22:53 GMT
content-type
text/html; charset=utf-8
content-length
6611
server
nginx/1.18.0
last-modified
Tue, 26 Oct 2021 15:52:40 GMT
etag
f46a63e0e4e733d7ddc6f46da00863bf
x-timestamp
1635263559.76455
x-trans-id
txf9973ab5455e4f86ae257-00617824f3
x-openstack-request-id
txf9973ab5455e4f86ae257-00617824f3
cache-control
max-age=172800
access-control-allow-origin
*
access-control-allow-methods
HEAD,GET,POST,PUT,PATCH,DELETE,OPTIONS
access-control-allow-headers
Content-Type,X-Requested-With,X-Auth-Token,X-Openstack-Request-Id,X-Container-Meta-type,X-Container-Meta-Temp-URL-Key,Authorization
access-control-expose-headers
X-Container-Meta-Temp-Url-Key,X-Container-Bytes-Used,Last-Modified,X-Timestamp
expires
Sun, 05 Dec 2021 16:22:53 GMT
vary
Accept-Encoding
x-proxy-cache
HIT
accept-ranges
bytes
dupa.gif
kneeansweras.com/ 		0
0
script.js
123.selornews.com/dannig/common-player-arrow/ 		4 KB
5 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://123.selornews.com/dannig/common-player-arrow/script.js?a=19
Requested by
Host: 517s61.reminews.com
URL: https://517s61.reminews.com/dannig/common-player-arrow/index.html?var=1541501&ymid=21120311220e153e1136a64ef79ab679580d&rc=1&mrc=0&fsc=0&zoneid=1601571&tburl=https://play-vids.com/?geo=nl&proxy=true
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
45.133.44.4 Philadelphia, United States, ASN39572 (ADVANCEDHOSTERS-AS, NL),
Reverse DNS
Software
nginx/1.18.0 /
Resource Hash
4d23eca65ee87fd5bce9aaefc863c5f836ad13dbb3069c72533bddfe2054d0d9

Request headers

Accept-Language
nl-NL,nl;q=0.9
Referer
https://517s61.reminews.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date
Fri, 03 Dec 2021 16:22:53 GMT
x-openstack-request-id
tx511d3042704c4fa98c709-00617824f4
x-trans-id
tx511d3042704c4fa98c709-00617824f4
x-timestamp
1631013005.68768
accept-ranges
bytes
expires
Sun, 05 Dec 2021 16:22:53 GMT
last-modified
Tue, 07 Sep 2021 11:10:06 GMT
server
nginx/1.18.0
etag
9d479878f1dadd7ee15cebf73891e8ae
vary
Accept-Encoding
access-control-allow-methods
HEAD,GET,POST,PUT,PATCH,DELETE,OPTIONS
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
access-control-expose-headers
X-Container-Meta-Temp-Url-Key,X-Container-Bytes-Used,Last-Modified,X-Timestamp
cache-control
max-age=172800
content-length
4281
access-control-allow-headers
Content-Type,X-Requested-With,X-Auth-Token,X-Openstack-Request-Id,X-Container-Meta-type,X-Container-Meta-Temp-URL-Key,Authorization
x-proxy-cache
HIT
icon1.png
123.selornews.com/dannig/common-player-arrow/img/ 		7 KB
8 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://123.selornews.com/dannig/common-player-arrow/img/icon1.png
Requested by
Host: 517s61.reminews.com
URL: https://517s61.reminews.com/dannig/common-player-arrow/index.html?var=1541501&ymid=21120311220e153e1136a64ef79ab679580d&rc=1&mrc=0&fsc=0&zoneid=1601571&tburl=https://play-vids.com/?geo=nl&proxy=true
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
45.133.44.4 Philadelphia, United States, ASN39572 (ADVANCEDHOSTERS-AS, NL),
Reverse DNS
Software
nginx/1.18.0 /
Resource Hash

Request headers

Accept-Language
nl-NL,nl;q=0.9
Referer
https://517s61.reminews.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date
Fri, 03 Dec 2021 16:22:53 GMT
x-openstack-request-id
tx3a371b7f911d47879e956-00617824f4
x-trans-id
tx3a371b7f911d47879e956-00617824f4
x-timestamp
1621260766.56573
accept-ranges
bytes
expires
Sun, 05 Dec 2021 16:22:53 GMT
last-modified
Mon, 17 May 2021 14:12:47 GMT
server
nginx/1.18.0
etag
3d0ab5834c8bf7134e4d21fa3288317f
vary
Accept-Encoding
access-control-allow-methods
HEAD,GET,POST,PUT,PATCH,DELETE,OPTIONS
content-type
image/png
access-control-allow-origin
*
access-control-expose-headers
X-Container-Meta-Temp-Url-Key,X-Container-Bytes-Used,Last-Modified,X-Timestamp
cache-control
max-age=172800
content-length
7252
access-control-allow-headers
Content-Type,X-Requested-With,X-Auth-Token,X-Openstack-Request-Id,X-Container-Meta-type,X-Container-Meta-Temp-URL-Key,Authorization
x-proxy-cache
HIT
icon2.png
123.selornews.com/dannig/common-player-arrow/img/ 		4 KB
5 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://123.selornews.com/dannig/common-player-arrow/img/icon2.png
Requested by
Host: 517s61.reminews.com
URL: https://517s61.reminews.com/dannig/common-player-arrow/index.html?var=1541501&ymid=21120311220e153e1136a64ef79ab679580d&rc=1&mrc=0&fsc=0&zoneid=1601571&tburl=https://play-vids.com/?geo=nl&proxy=true
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
45.133.44.4 Philadelphia, United States, ASN39572 (ADVANCEDHOSTERS-AS, NL),
Reverse DNS
Software
nginx/1.18.0 /
Resource Hash

Request headers

Accept-Language
nl-NL,nl;q=0.9
Referer
https://517s61.reminews.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date
Fri, 03 Dec 2021 16:22:53 GMT
x-openstack-request-id
txa9b08c83d6884e2e94886-00617824f0
x-trans-id
txa9b08c83d6884e2e94886-00617824f0
x-timestamp
1621260766.58366
accept-ranges
bytes
expires
Sun, 05 Dec 2021 16:22:53 GMT
last-modified
Mon, 17 May 2021 14:12:47 GMT
server
nginx/1.18.0
etag
c947d439eb93367f1af5b2a3d222f057
vary
Accept-Encoding
access-control-allow-methods
HEAD,GET,POST,PUT,PATCH,DELETE,OPTIONS
content-type
image/png
access-control-allow-origin
*
access-control-expose-headers
X-Container-Meta-Temp-Url-Key,X-Container-Bytes-Used,Last-Modified,X-Timestamp
cache-control
max-age=172800
content-length
4576
access-control-allow-headers
Content-Type,X-Requested-With,X-Auth-Token,X-Openstack-Request-Id,X-Container-Meta-type,X-Container-Meta-Temp-URL-Key,Authorization
x-proxy-cache
HIT
icon3.png
123.selornews.com/dannig/common-player-arrow/img/ 		8 KB
8 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://123.selornews.com/dannig/common-player-arrow/img/icon3.png
Requested by
Host: 517s61.reminews.com
URL: https://517s61.reminews.com/dannig/common-player-arrow/index.html?var=1541501&ymid=21120311220e153e1136a64ef79ab679580d&rc=1&mrc=0&fsc=0&zoneid=1601571&tburl=https://play-vids.com/?geo=nl&proxy=true
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
45.133.44.4 Philadelphia, United States, ASN39572 (ADVANCEDHOSTERS-AS, NL),
Reverse DNS
Software
nginx/1.18.0 /
Resource Hash

Request headers

Accept-Language
nl-NL,nl;q=0.9
Referer
https://517s61.reminews.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date
Fri, 03 Dec 2021 16:22:53 GMT
x-openstack-request-id
txe836bc800dc74cab8c17e-00617824f0
x-trans-id
txe836bc800dc74cab8c17e-00617824f0
x-timestamp
1621260770.61859
accept-ranges
bytes
expires
Sun, 05 Dec 2021 16:22:53 GMT
last-modified
Mon, 17 May 2021 14:12:51 GMT
server
nginx/1.18.0
etag
8f3cc830da0b1fdf66bda7d1d734747b
vary
Accept-Encoding
access-control-allow-methods
HEAD,GET,POST,PUT,PATCH,DELETE,OPTIONS
content-type
image/png
access-control-allow-origin
*
access-control-expose-headers
X-Container-Meta-Temp-Url-Key,X-Container-Bytes-Used,Last-Modified,X-Timestamp
cache-control
max-age=172800
content-length
7847
access-control-allow-headers
Content-Type,X-Requested-With,X-Auth-Token,X-Openstack-Request-Id,X-Container-Meta-type,X-Container-Meta-Temp-URL-Key,Authorization
x-proxy-cache
HIT
icon4.png
123.selornews.com/dannig/common-player-arrow/img/ 		7 KB
7 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://123.selornews.com/dannig/common-player-arrow/img/icon4.png
Requested by
Host: 517s61.reminews.com
URL: https://517s61.reminews.com/dannig/common-player-arrow/index.html?var=1541501&ymid=21120311220e153e1136a64ef79ab679580d&rc=1&mrc=0&fsc=0&zoneid=1601571&tburl=https://play-vids.com/?geo=nl&proxy=true
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
45.133.44.4 Philadelphia, United States, ASN39572 (ADVANCEDHOSTERS-AS, NL),
Reverse DNS
Software
nginx/1.18.0 /
Resource Hash

Request headers

Accept-Language
nl-NL,nl;q=0.9
Referer
https://517s61.reminews.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date
Fri, 03 Dec 2021 16:22:53 GMT
x-openstack-request-id
tx15b172dcb6084849bf123-00617824f0
x-trans-id
tx15b172dcb6084849bf123-00617824f0
x-timestamp
1621260766.57654
accept-ranges
bytes
expires
Sun, 05 Dec 2021 16:22:53 GMT
last-modified
Mon, 17 May 2021 14:12:47 GMT
server
nginx/1.18.0
etag
7ad7f32c1c0df7b4975cc41bda4ac435
vary
Accept-Encoding
access-control-allow-methods
HEAD,GET,POST,PUT,PATCH,DELETE,OPTIONS
content-type
image/png
access-control-allow-origin
*
access-control-expose-headers
X-Container-Meta-Temp-Url-Key,X-Container-Bytes-Used,Last-Modified,X-Timestamp
cache-control
max-age=172800
content-length
7032
access-control-allow-headers
Content-Type,X-Requested-With,X-Auth-Token,X-Openstack-Request-Id,X-Container-Meta-type,X-Container-Meta-Temp-URL-Key,Authorization
x-proxy-cache
HIT
icon5.png
123.selornews.com/dannig/common-player-arrow/img/ 		3 KB
4 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://123.selornews.com/dannig/common-player-arrow/img/icon5.png
Requested by
Host: 517s61.reminews.com
URL: https://517s61.reminews.com/dannig/common-player-arrow/index.html?var=1541501&ymid=21120311220e153e1136a64ef79ab679580d&rc=1&mrc=0&fsc=0&zoneid=1601571&tburl=https://play-vids.com/?geo=nl&proxy=true
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
45.133.44.4 Philadelphia, United States, ASN39572 (ADVANCEDHOSTERS-AS, NL),
Reverse DNS
Software
nginx/1.18.0 /
Resource Hash

Request headers

Accept-Language
nl-NL,nl;q=0.9
Referer
https://517s61.reminews.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date
Fri, 03 Dec 2021 16:22:53 GMT
x-openstack-request-id
txb5043e51fe2e4d6988631-00617824f0
x-trans-id
txb5043e51fe2e4d6988631-00617824f0
x-timestamp
1621260766.74516
accept-ranges
bytes
expires
Sun, 05 Dec 2021 16:22:53 GMT
last-modified
Mon, 17 May 2021 14:12:47 GMT
server
nginx/1.18.0
etag
1e1a7582b5da63e10485d63f97abc9a0
vary
Accept-Encoding
access-control-allow-methods
HEAD,GET,POST,PUT,PATCH,DELETE,OPTIONS
content-type
image/png
access-control-allow-origin
*
access-control-expose-headers
X-Container-Meta-Temp-Url-Key,X-Container-Bytes-Used,Last-Modified,X-Timestamp
cache-control
max-age=172800
content-length
3264
access-control-allow-headers
Content-Type,X-Requested-With,X-Auth-Token,X-Openstack-Request-Id,X-Container-Meta-type,X-Container-Meta-Temp-URL-Key,Authorization
x-proxy-cache
HIT
icon7.png
123.selornews.com/dannig/common-player-arrow/img/ 		3 KB
4 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://123.selornews.com/dannig/common-player-arrow/img/icon7.png
Requested by
Host: 517s61.reminews.com
URL: https://517s61.reminews.com/dannig/common-player-arrow/index.html?var=1541501&ymid=21120311220e153e1136a64ef79ab679580d&rc=1&mrc=0&fsc=0&zoneid=1601571&tburl=https://play-vids.com/?geo=nl&proxy=true
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
45.133.44.4 Philadelphia, United States, ASN39572 (ADVANCEDHOSTERS-AS, NL),
Reverse DNS
Software
nginx/1.18.0 /
Resource Hash

Request headers

Accept-Language
nl-NL,nl;q=0.9
Referer
https://517s61.reminews.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date
Fri, 03 Dec 2021 16:22:53 GMT
x-openstack-request-id
tx23eb648f44094a9e86fdc-00617824f0
x-trans-id
tx23eb648f44094a9e86fdc-00617824f0
x-timestamp
1621260767.43555
accept-ranges
bytes
expires
Sun, 05 Dec 2021 16:22:53 GMT
last-modified
Mon, 17 May 2021 14:12:48 GMT
server
nginx/1.18.0
etag
b512735542cb07b3b2dcf153a7dfe456
vary
Accept-Encoding
access-control-allow-methods
HEAD,GET,POST,PUT,PATCH,DELETE,OPTIONS
content-type
image/png
access-control-allow-origin
*
access-control-expose-headers
X-Container-Meta-Temp-Url-Key,X-Container-Bytes-Used,Last-Modified,X-Timestamp
cache-control
max-age=172800
content-length
3283
access-control-allow-headers
Content-Type,X-Requested-With,X-Auth-Token,X-Openstack-Request-Id,X-Container-Meta-type,X-Container-Meta-Temp-URL-Key,Authorization
x-proxy-cache
HIT
icon8.png
123.selornews.com/dannig/common-player-arrow/img/ 		4 KB
5 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://123.selornews.com/dannig/common-player-arrow/img/icon8.png
Requested by
Host: 517s61.reminews.com
URL: https://517s61.reminews.com/dannig/common-player-arrow/index.html?var=1541501&ymid=21120311220e153e1136a64ef79ab679580d&rc=1&mrc=0&fsc=0&zoneid=1601571&tburl=https://play-vids.com/?geo=nl&proxy=true
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
45.133.44.4 Philadelphia, United States, ASN39572 (ADVANCEDHOSTERS-AS, NL),
Reverse DNS
Software
nginx/1.18.0 /
Resource Hash

Request headers

Accept-Language
nl-NL,nl;q=0.9
Referer
https://517s61.reminews.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date
Fri, 03 Dec 2021 16:22:53 GMT
x-openstack-request-id
tx287de7c84de84b77b385d-00617824f0
x-trans-id
tx287de7c84de84b77b385d-00617824f0
x-timestamp
1621260767.46514
accept-ranges
bytes
expires
Sun, 05 Dec 2021 16:22:53 GMT
last-modified
Mon, 17 May 2021 14:12:48 GMT
server
nginx/1.18.0
etag
f92d6474ebc6a3a0b576749cfb4afe98
vary
Accept-Encoding
access-control-allow-methods
HEAD,GET,POST,PUT,PATCH,DELETE,OPTIONS
content-type
image/png
access-control-allow-origin
*
access-control-expose-headers
X-Container-Meta-Temp-Url-Key,X-Container-Bytes-Used,Last-Modified,X-Timestamp
cache-control
max-age=172800
content-length
4064
access-control-allow-headers
Content-Type,X-Requested-With,X-Auth-Token,X-Openstack-Request-Id,X-Container-Meta-type,X-Container-Meta-Temp-URL-Key,Authorization
x-proxy-cache
HIT
afu.php
kneeansweras.com/ 		2 KB
1 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://kneeansweras.com/afu.php?zoneid=1541502&var=1541501
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
109.206.162.83 , Netherlands, ASN50245 (SERVEREL-AS, NL),
Reverse DNS
83.162.serverel.net
Software
nginx /
Resource Hash
b2517027df4410eacff50b78a5986a5ea2ea7bf815000efc6857523668b498b0

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36
Accept-Language
nl-NL,nl;q=0.9

Response headers

server
nginx
date
Fri, 03 Dec 2021 16:22:53 GMT
content-type
text/html; charset=utf-8
vary
Accept-Encoding
content-encoding
gzip
timing-allow-origin
*
submit.min.js
kneeansweras.com/ 		34 KB
14 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://kneeansweras.com/submit.min.js?2.0
Requested by
Host: kneeansweras.com
URL: https://kneeansweras.com/afu.php?zoneid=1541502&var=1541501
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
109.206.162.83 , Netherlands, ASN50245 (SERVEREL-AS, NL),
Reverse DNS
83.162.serverel.net
Software
nginx /
Resource Hash
85a367f436675a0f9ff723ab117c68ab0f704cd9f183bc40c8d5e06d647832b8

Request headers

Accept-Language
nl-NL,nl;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date
Fri, 03 Dec 2021 16:22:53 GMT
content-encoding
gzip
last-modified
Thu, 02 Dec 2021 12:43:17 GMT
server
nginx
etag
W/"61a8bf65-87fb"
vary
Accept-Encoding
content-type
application/javascript
timing-allow-origin
*
/
kneeansweras.com/ 		3 KB
2 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://kneeansweras.com/?r=dir&zoneid=1541502&var=1541501&pb=fd9320c7c3a5215f51a9fc8f124d502a1638555773&psp=J6V0piKqhPGNV5uEtjzJlyfWDLJYc9RLEYTUUJyLk3UUQmLZhjiQwBeEfxamarR3o8NpLm3PYHCaXHBT9E_T_kTtIfz22lz19aUkZw_vMZ_g0gsL1-nvysmVa1TQaYPK51SoNDmwUaSGLuTkl0DaFkg8l_KYd_bGoTxzUDUPYE3B1AJbhOqizYDnFeZ3I5o3jKxHIBT1gLR2NLxziIHPWTfHH1qAsu-MANRrU_uV2R5QyiUjecRN5D2klAUu0OR3tF7OciLhiTs0Zzp1G4X1lb2G6tSqA2jVMBfWC4GwbChC1LcXsGGrkGgOduVN8lIylGaxtVCUBB72TXGuM0c6AGYo2u4vuQTFI6-QCa4Z-gR16ln4dXaKm3lD-P1o1Kl4Oik1fpfKIqhAHwx-1M1CYBG7sFfud8pGO2Cru1IuHQ7TXsvKNADtwgECtsqPoTDjcTDKzDc9kOn0eHur-1Y-HMjv4n3I1-XabRr_JmHcMhJBX5DdtD3jBQSLl9y6TfhqbGVLf0oaNJqwQgfRzpOXJuvxsjvum5JypLP4Z8wHil2BpnXGyntkjWKlB_wT7iOEYcxY8n7E7v51Jj_WAWXQoNR8trz94NnjpzJGJuZE35dEvMF7gKz1FRfryRhKFm9fWC7yBljAiQLhhnyOJhU3LtP_L6ilT72jCNddSxB2N-YiWy1-4o9cAQ==&nojs=0&ix=0&t=0&x=1600&y=1200&wcks=1&wgl=1&cnvs=1&os=0&md=0&bb=0&pl=Chrome%20PDF%20Plugin::Chrome%20PDF%20Viewer::Native%20Client&lang=en-US&pf=Linux%20x86_64&cd=24&0&pload=103
Requested by
Host: kneeansweras.com
URL: https://kneeansweras.com/submit.min.js?2.0
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
109.206.162.83 , Netherlands, ASN50245 (SERVEREL-AS, NL),
Reverse DNS
83.162.serverel.net
Software
nginx /
Resource Hash
040e4a2c25496f7d6c7d8d9eb6674ac451dc46378fa6c77109f74496b31cd255

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36
Accept-Language
nl-NL,nl;q=0.9

Response headers

server
nginx
date
Fri, 03 Dec 2021 16:22:53 GMT
content-type
text/html; charset=utf-8
vary
Accept-Encoding
content-encoding
gzip
timing-allow-origin
*
index.html
517s61.reminews.com/dannig/common-player-arrow/ 		6 KB
7 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://517s61.reminews.com/dannig/common-player-arrow/index.html?var=1541502&ymid=21120311228f1e61799a3c4dd6a225023bd2&rc=1&mrc=0&fsc=0&zoneid=1601571&tburl=https://play-vids.com/?geo=nl&proxy=true
Requested by
Host: kneeansweras.com
URL: https://kneeansweras.com/?r=dir&zoneid=1541502&var=1541501&pb=fd9320c7c3a5215f51a9fc8f124d502a1638555773&psp=J6V0piKqhPGNV5uEtjzJlyfWDLJYc9RLEYTUUJyLk3UUQmLZhjiQwBeEfxamarR3o8NpLm3PYHCaXHBT9E_T_kTtIfz22lz19aUkZw_vMZ_g0gsL1-nvysmVa1TQaYPK51SoNDmwUaSGLuTkl0DaFkg8l_KYd_bGoTxzUDUPYE3B1AJbhOqizYDnFeZ3I5o3jKxHIBT1gLR2NLxziIHPWTfHH1qAsu-MANRrU_uV2R5QyiUjecRN5D2klAUu0OR3tF7OciLhiTs0Zzp1G4X1lb2G6tSqA2jVMBfWC4GwbChC1LcXsGGrkGgOduVN8lIylGaxtVCUBB72TXGuM0c6AGYo2u4vuQTFI6-QCa4Z-gR16ln4dXaKm3lD-P1o1Kl4Oik1fpfKIqhAHwx-1M1CYBG7sFfud8pGO2Cru1IuHQ7TXsvKNADtwgECtsqPoTDjcTDKzDc9kOn0eHur-1Y-HMjv4n3I1-XabRr_JmHcMhJBX5DdtD3jBQSLl9y6TfhqbGVLf0oaNJqwQgfRzpOXJuvxsjvum5JypLP4Z8wHil2BpnXGyntkjWKlB_wT7iOEYcxY8n7E7v51Jj_WAWXQoNR8trz94NnjpzJGJuZE35dEvMF7gKz1FRfryRhKFm9fWC7yBljAiQLhhnyOJhU3LtP_L6ilT72jCNddSxB2N-YiWy1-4o9cAQ==&nojs=0&ix=0&t=0&x=1600&y=1200&wcks=1&wgl=1&cnvs=1&os=0&md=0&bb=0&pl=Chrome%20PDF%20Plugin::Chrome%20PDF%20Viewer::Native%20Client&lang=en-US&pf=Linux%20x86_64&cd=24&0&pload=103
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
45.133.44.3 Philadelphia, United States, ASN39572 (ADVANCEDHOSTERS-AS, NL),
Reverse DNS
Software
nginx/1.18.0 /
Resource Hash
dccc56b4834577790633f041a5c730b0f283352e63c8509a9da3961b170b6f96

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36
Accept-Language
nl-NL,nl;q=0.9

Response headers

date
Fri, 03 Dec 2021 16:22:53 GMT
content-type
text/html; charset=utf-8
content-length
6611
server
nginx/1.18.0
last-modified
Tue, 26 Oct 2021 15:52:40 GMT
etag
f46a63e0e4e733d7ddc6f46da00863bf
x-timestamp
1635263559.76455
x-trans-id
txf9973ab5455e4f86ae257-00617824f3
x-openstack-request-id
txf9973ab5455e4f86ae257-00617824f3
cache-control
max-age=172800
access-control-allow-origin
*
access-control-allow-methods
HEAD,GET,POST,PUT,PATCH,DELETE,OPTIONS
access-control-allow-headers
Content-Type,X-Requested-With,X-Auth-Token,X-Openstack-Request-Id,X-Container-Meta-type,X-Container-Meta-Temp-URL-Key,Authorization
access-control-expose-headers
X-Container-Meta-Temp-Url-Key,X-Container-Bytes-Used,Last-Modified,X-Timestamp
expires
Sun, 05 Dec 2021 16:22:53 GMT
vary
Accept-Encoding
x-proxy-cache
HIT
accept-ranges
bytes
dupa.gif
kneeansweras.com/ 		0
0
script.js
123.selornews.com/dannig/common-player-arrow/ 		4 KB
5 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://123.selornews.com/dannig/common-player-arrow/script.js?a=19
Requested by
Host: 517s61.reminews.com
URL: https://517s61.reminews.com/dannig/common-player-arrow/index.html?var=1541502&ymid=21120311228f1e61799a3c4dd6a225023bd2&rc=1&mrc=0&fsc=0&zoneid=1601571&tburl=https://play-vids.com/?geo=nl&proxy=true
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
45.133.44.4 Philadelphia, United States, ASN39572 (ADVANCEDHOSTERS-AS, NL),
Reverse DNS
Software
nginx/1.18.0 /
Resource Hash
4d23eca65ee87fd5bce9aaefc863c5f836ad13dbb3069c72533bddfe2054d0d9

Request headers

Accept-Language
nl-NL,nl;q=0.9
Referer
https://517s61.reminews.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date
Fri, 03 Dec 2021 16:22:53 GMT
x-openstack-request-id
tx511d3042704c4fa98c709-00617824f4
x-trans-id
tx511d3042704c4fa98c709-00617824f4
x-timestamp
1631013005.68768
accept-ranges
bytes
expires
Sun, 05 Dec 2021 16:22:53 GMT
last-modified
Tue, 07 Sep 2021 11:10:06 GMT
server
nginx/1.18.0
etag
9d479878f1dadd7ee15cebf73891e8ae
vary
Accept-Encoding
access-control-allow-methods
HEAD,GET,POST,PUT,PATCH,DELETE,OPTIONS
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
access-control-expose-headers
X-Container-Meta-Temp-Url-Key,X-Container-Bytes-Used,Last-Modified,X-Timestamp
cache-control
max-age=172800
content-length
4281
access-control-allow-headers
Content-Type,X-Requested-With,X-Auth-Token,X-Openstack-Request-Id,X-Container-Meta-type,X-Container-Meta-Temp-URL-Key,Authorization
x-proxy-cache
HIT
icon1.png
123.selornews.com/dannig/common-player-arrow/img/ 		7 KB
8 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://123.selornews.com/dannig/common-player-arrow/img/icon1.png
Requested by
Host: 517s61.reminews.com
URL: https://517s61.reminews.com/dannig/common-player-arrow/index.html?var=1541502&ymid=21120311228f1e61799a3c4dd6a225023bd2&rc=1&mrc=0&fsc=0&zoneid=1601571&tburl=https://play-vids.com/?geo=nl&proxy=true
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
45.133.44.4 Philadelphia, United States, ASN39572 (ADVANCEDHOSTERS-AS, NL),
Reverse DNS
Software
nginx/1.18.0 /
Resource Hash

Request headers

Accept-Language
nl-NL,nl;q=0.9
Referer
https://517s61.reminews.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date
Fri, 03 Dec 2021 16:22:53 GMT
x-openstack-request-id
tx3a371b7f911d47879e956-00617824f4
x-trans-id
tx3a371b7f911d47879e956-00617824f4
x-timestamp
1621260766.56573
accept-ranges
bytes
expires
Sun, 05 Dec 2021 16:22:53 GMT
last-modified
Mon, 17 May 2021 14:12:47 GMT
server
nginx/1.18.0
etag
3d0ab5834c8bf7134e4d21fa3288317f
vary
Accept-Encoding
access-control-allow-methods
HEAD,GET,POST,PUT,PATCH,DELETE,OPTIONS
content-type
image/png
access-control-allow-origin
*
access-control-expose-headers
X-Container-Meta-Temp-Url-Key,X-Container-Bytes-Used,Last-Modified,X-Timestamp
cache-control
max-age=172800
content-length
7252
access-control-allow-headers
Content-Type,X-Requested-With,X-Auth-Token,X-Openstack-Request-Id,X-Container-Meta-type,X-Container-Meta-Temp-URL-Key,Authorization
x-proxy-cache
HIT
icon2.png
123.selornews.com/dannig/common-player-arrow/img/ 		4 KB
5 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://123.selornews.com/dannig/common-player-arrow/img/icon2.png
Requested by
Host: 517s61.reminews.com
URL: https://517s61.reminews.com/dannig/common-player-arrow/index.html?var=1541502&ymid=21120311228f1e61799a3c4dd6a225023bd2&rc=1&mrc=0&fsc=0&zoneid=1601571&tburl=https://play-vids.com/?geo=nl&proxy=true
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
45.133.44.4 Philadelphia, United States, ASN39572 (ADVANCEDHOSTERS-AS, NL),
Reverse DNS
Software
nginx/1.18.0 /
Resource Hash

Request headers

Accept-Language
nl-NL,nl;q=0.9
Referer
https://517s61.reminews.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date
Fri, 03 Dec 2021 16:22:53 GMT
x-openstack-request-id
txa9b08c83d6884e2e94886-00617824f0
x-trans-id
txa9b08c83d6884e2e94886-00617824f0
x-timestamp
1621260766.58366
accept-ranges
bytes
expires
Sun, 05 Dec 2021 16:22:53 GMT
last-modified
Mon, 17 May 2021 14:12:47 GMT
server
nginx/1.18.0
etag
c947d439eb93367f1af5b2a3d222f057
vary
Accept-Encoding
access-control-allow-methods
HEAD,GET,POST,PUT,PATCH,DELETE,OPTIONS
content-type
image/png
access-control-allow-origin
*
access-control-expose-headers
X-Container-Meta-Temp-Url-Key,X-Container-Bytes-Used,Last-Modified,X-Timestamp
cache-control
max-age=172800
content-length
4576
access-control-allow-headers
Content-Type,X-Requested-With,X-Auth-Token,X-Openstack-Request-Id,X-Container-Meta-type,X-Container-Meta-Temp-URL-Key,Authorization
x-proxy-cache
HIT
icon3.png
123.selornews.com/dannig/common-player-arrow/img/ 		8 KB
8 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://123.selornews.com/dannig/common-player-arrow/img/icon3.png
Requested by
Host: 517s61.reminews.com
URL: https://517s61.reminews.com/dannig/common-player-arrow/index.html?var=1541502&ymid=21120311228f1e61799a3c4dd6a225023bd2&rc=1&mrc=0&fsc=0&zoneid=1601571&tburl=https://play-vids.com/?geo=nl&proxy=true
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
45.133.44.4 Philadelphia, United States, ASN39572 (ADVANCEDHOSTERS-AS, NL),
Reverse DNS
Software
nginx/1.18.0 /
Resource Hash

Request headers

Accept-Language
nl-NL,nl;q=0.9
Referer
https://517s61.reminews.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date
Fri, 03 Dec 2021 16:22:53 GMT
x-openstack-request-id
txe836bc800dc74cab8c17e-00617824f0
x-trans-id
txe836bc800dc74cab8c17e-00617824f0
x-timestamp
1621260770.61859
accept-ranges
bytes
expires
Sun, 05 Dec 2021 16:22:53 GMT
last-modified
Mon, 17 May 2021 14:12:51 GMT
server
nginx/1.18.0
etag
8f3cc830da0b1fdf66bda7d1d734747b
vary
Accept-Encoding
access-control-allow-methods
HEAD,GET,POST,PUT,PATCH,DELETE,OPTIONS
content-type
image/png
access-control-allow-origin
*
access-control-expose-headers
X-Container-Meta-Temp-Url-Key,X-Container-Bytes-Used,Last-Modified,X-Timestamp
cache-control
max-age=172800
content-length
7847
access-control-allow-headers
Content-Type,X-Requested-With,X-Auth-Token,X-Openstack-Request-Id,X-Container-Meta-type,X-Container-Meta-Temp-URL-Key,Authorization
x-proxy-cache
HIT
icon4.png
123.selornews.com/dannig/common-player-arrow/img/ 		7 KB
7 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://123.selornews.com/dannig/common-player-arrow/img/icon4.png
Requested by
Host: 517s61.reminews.com
URL: https://517s61.reminews.com/dannig/common-player-arrow/index.html?var=1541502&ymid=21120311228f1e61799a3c4dd6a225023bd2&rc=1&mrc=0&fsc=0&zoneid=1601571&tburl=https://play-vids.com/?geo=nl&proxy=true
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
45.133.44.4 Philadelphia, United States, ASN39572 (ADVANCEDHOSTERS-AS, NL),
Reverse DNS
Software
nginx/1.18.0 /
Resource Hash

Request headers

Accept-Language
nl-NL,nl;q=0.9
Referer
https://517s61.reminews.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date
Fri, 03 Dec 2021 16:22:53 GMT
x-openstack-request-id
tx15b172dcb6084849bf123-00617824f0
x-trans-id
tx15b172dcb6084849bf123-00617824f0
x-timestamp
1621260766.57654
accept-ranges
bytes
expires
Sun, 05 Dec 2021 16:22:53 GMT
last-modified
Mon, 17 May 2021 14:12:47 GMT
server
nginx/1.18.0
etag
7ad7f32c1c0df7b4975cc41bda4ac435
vary
Accept-Encoding
access-control-allow-methods
HEAD,GET,POST,PUT,PATCH,DELETE,OPTIONS
content-type
image/png
access-control-allow-origin
*
access-control-expose-headers
X-Container-Meta-Temp-Url-Key,X-Container-Bytes-Used,Last-Modified,X-Timestamp
cache-control
max-age=172800
content-length
7032
access-control-allow-headers
Content-Type,X-Requested-With,X-Auth-Token,X-Openstack-Request-Id,X-Container-Meta-type,X-Container-Meta-Temp-URL-Key,Authorization
x-proxy-cache
HIT
icon5.png
123.selornews.com/dannig/common-player-arrow/img/ 		3 KB
4 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://123.selornews.com/dannig/common-player-arrow/img/icon5.png
Requested by
Host: 517s61.reminews.com
URL: https://517s61.reminews.com/dannig/common-player-arrow/index.html?var=1541502&ymid=21120311228f1e61799a3c4dd6a225023bd2&rc=1&mrc=0&fsc=0&zoneid=1601571&tburl=https://play-vids.com/?geo=nl&proxy=true
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
45.133.44.4 Philadelphia, United States, ASN39572 (ADVANCEDHOSTERS-AS, NL),
Reverse DNS
Software
nginx/1.18.0 /
Resource Hash

Request headers

Accept-Language
nl-NL,nl;q=0.9
Referer
https://517s61.reminews.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date
Fri, 03 Dec 2021 16:22:53 GMT
x-openstack-request-id
txb5043e51fe2e4d6988631-00617824f0
x-trans-id
txb5043e51fe2e4d6988631-00617824f0
x-timestamp
1621260766.74516
accept-ranges
bytes
expires
Sun, 05 Dec 2021 16:22:53 GMT
last-modified
Mon, 17 May 2021 14:12:47 GMT
server
nginx/1.18.0
etag
1e1a7582b5da63e10485d63f97abc9a0
vary
Accept-Encoding
access-control-allow-methods
HEAD,GET,POST,PUT,PATCH,DELETE,OPTIONS
content-type
image/png
access-control-allow-origin
*
access-control-expose-headers
X-Container-Meta-Temp-Url-Key,X-Container-Bytes-Used,Last-Modified,X-Timestamp
cache-control
max-age=172800
content-length
3264
access-control-allow-headers
Content-Type,X-Requested-With,X-Auth-Token,X-Openstack-Request-Id,X-Container-Meta-type,X-Container-Meta-Temp-URL-Key,Authorization
x-proxy-cache
HIT
icon7.png
123.selornews.com/dannig/common-player-arrow/img/ 		3 KB
4 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://123.selornews.com/dannig/common-player-arrow/img/icon7.png
Requested by
Host: 517s61.reminews.com
URL: https://517s61.reminews.com/dannig/common-player-arrow/index.html?var=1541502&ymid=21120311228f1e61799a3c4dd6a225023bd2&rc=1&mrc=0&fsc=0&zoneid=1601571&tburl=https://play-vids.com/?geo=nl&proxy=true
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
45.133.44.4 Philadelphia, United States, ASN39572 (ADVANCEDHOSTERS-AS, NL),
Reverse DNS
Software
nginx/1.18.0 /
Resource Hash

Request headers

Accept-Language
nl-NL,nl;q=0.9
Referer
https://517s61.reminews.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date
Fri, 03 Dec 2021 16:22:53 GMT
x-openstack-request-id
tx23eb648f44094a9e86fdc-00617824f0
x-trans-id
tx23eb648f44094a9e86fdc-00617824f0
x-timestamp
1621260767.43555
accept-ranges
bytes
expires
Sun, 05 Dec 2021 16:22:53 GMT
last-modified
Mon, 17 May 2021 14:12:48 GMT
server
nginx/1.18.0
etag
b512735542cb07b3b2dcf153a7dfe456
vary
Accept-Encoding
access-control-allow-methods
HEAD,GET,POST,PUT,PATCH,DELETE,OPTIONS
content-type
image/png
access-control-allow-origin
*
access-control-expose-headers
X-Container-Meta-Temp-Url-Key,X-Container-Bytes-Used,Last-Modified,X-Timestamp
cache-control
max-age=172800
content-length
3283
access-control-allow-headers
Content-Type,X-Requested-With,X-Auth-Token,X-Openstack-Request-Id,X-Container-Meta-type,X-Container-Meta-Temp-URL-Key,Authorization
x-proxy-cache
HIT
icon8.png
123.selornews.com/dannig/common-player-arrow/img/ 		4 KB
5 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://123.selornews.com/dannig/common-player-arrow/img/icon8.png
Requested by
Host: 517s61.reminews.com
URL: https://517s61.reminews.com/dannig/common-player-arrow/index.html?var=1541502&ymid=21120311228f1e61799a3c4dd6a225023bd2&rc=1&mrc=0&fsc=0&zoneid=1601571&tburl=https://play-vids.com/?geo=nl&proxy=true
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
45.133.44.4 Philadelphia, United States, ASN39572 (ADVANCEDHOSTERS-AS, NL),
Reverse DNS
Software
nginx/1.18.0 /
Resource Hash

Request headers

Accept-Language
nl-NL,nl;q=0.9
Referer
https://517s61.reminews.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date
Fri, 03 Dec 2021 16:22:53 GMT
x-openstack-request-id
tx287de7c84de84b77b385d-00617824f0
x-trans-id
tx287de7c84de84b77b385d-00617824f0
x-timestamp
1621260767.46514
accept-ranges
bytes
expires
Sun, 05 Dec 2021 16:22:53 GMT
last-modified
Mon, 17 May 2021 14:12:48 GMT
server
nginx/1.18.0
etag
f92d6474ebc6a3a0b576749cfb4afe98
vary
Accept-Encoding
access-control-allow-methods
HEAD,GET,POST,PUT,PATCH,DELETE,OPTIONS
content-type
image/png
access-control-allow-origin
*
access-control-expose-headers
X-Container-Meta-Temp-Url-Key,X-Container-Bytes-Used,Last-Modified,X-Timestamp
cache-control
max-age=172800
content-length
4064
access-control-allow-headers
Content-Type,X-Requested-With,X-Auth-Token,X-Openstack-Request-Id,X-Container-Meta-type,X-Container-Meta-Temp-URL-Key,Authorization
x-proxy-cache
HIT
afu.php
kneeansweras.com/ 		2 KB
1 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://kneeansweras.com/afu.php?zoneid=1541501&var=1541502
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
109.206.162.83 , Netherlands, ASN50245 (SERVEREL-AS, NL),
Reverse DNS
83.162.serverel.net
Software
nginx /
Resource Hash
eb8d2f793d7cccd3713173a71ae88258d67088a2a603e377158802588d64b1f2

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36
Accept-Language
nl-NL,nl;q=0.9

Response headers

server
nginx
date
Fri, 03 Dec 2021 16:22:53 GMT
content-type
text/html; charset=utf-8
vary
Accept-Encoding
content-encoding
gzip
timing-allow-origin
*
submit.min.js
kneeansweras.com/ 		34 KB
14 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://kneeansweras.com/submit.min.js?2.0
Requested by
Host: kneeansweras.com
URL: https://kneeansweras.com/afu.php?zoneid=1541501&var=1541502
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
109.206.162.83 , Netherlands, ASN50245 (SERVEREL-AS, NL),
Reverse DNS
83.162.serverel.net
Software
nginx /
Resource Hash
85a367f436675a0f9ff723ab117c68ab0f704cd9f183bc40c8d5e06d647832b8

Request headers

Accept-Language
nl-NL,nl;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date
Fri, 03 Dec 2021 16:22:53 GMT
content-encoding
gzip
last-modified
Thu, 02 Dec 2021 12:43:17 GMT
server
nginx
etag
W/"61a8bf65-87fb"
vary
Accept-Encoding
content-type
application/javascript
timing-allow-origin
*
/
kneeansweras.com/ 		3 KB
2 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://kneeansweras.com/?r=dir&zoneid=1541501&var=1541502&pb=fd9320c7c3a5215f51a9fc8f124d502a1638555773&psp=x-1dUWWwJ4VS1sddHyj-EFInJrBdVkSfrdkuqCs1MKz7cTm2kt1o1i4tFvK81kLK6lv2mCNy1eAMowe4XWMbCQ9xBuo6bhel-FU5P6r9SYXkSXa3rjr5VR1YibyjoHU40G5KvlzFuziaql5jJtxIFsfO3yAGeRkcuQgoemiZB2h4ns2fQGKW8U6mdB30Jd1elwWL2QndJJZ6yZzG1Ts6EI9XnlMJNquSVDQSF-52c5DSVOOoRvfPDev4nfqySfibS4LLlYJjnDQPH2ZCGH7SGqRWrAGGN0G7ELf3iQS4WGh16NKugBMwNIk_uvFWkkBqEA-OP_uOuE_sjTsDb1ajafRZct386trSWMHiGpUNfH5W3ahOyOziTRVy36jhijE3nohmZ1Tvvo7xbcXUH5O2qus-9Sp_g3iOBuqZnUdzfZkKScvo9bcttFNMBVV5oL4JAM2AiIu8EzcZuirR69W1iunjQnsJLMo4UOCMyjx-2ZUnYlN2iAwcw6_XiiDKGJ1z2ycjve2wtFz-T-xZkvlmjNYACu-hRTaA7BT8jRcUQZJZLkB78-5ld1TiJl75_WGkmbiQaUVyZsAQAHHfSe92DpcxuNbhNgT_2SRajMloE49XvU_nWwik5wAq3K7VnXNVdtZF8o7DytWQ50rEemK2JmyR71hF6Yubf-mAslGYLnHtAWLXkQLwyQ==&nojs=0&ix=0&t=0&x=1600&y=1200&wcks=1&wgl=1&cnvs=1&os=0&md=0&bb=0&pl=Chrome%20PDF%20Plugin::Chrome%20PDF%20Viewer::Native%20Client&lang=en-US&pf=Linux%20x86_64&cd=24&0&pload=107
Requested by
Host: kneeansweras.com
URL: https://kneeansweras.com/submit.min.js?2.0
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
109.206.162.83 , Netherlands, ASN50245 (SERVEREL-AS, NL),
Reverse DNS
83.162.serverel.net
Software
nginx /
Resource Hash
02b175e4455439aa3e09033a229ff2018737f038bae0b3f1f889089efed97f10

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36
Accept-Language
nl-NL,nl;q=0.9

Response headers

server
nginx
date
Fri, 03 Dec 2021 16:22:53 GMT
content-type
text/html; charset=utf-8
vary
Accept-Encoding
content-encoding
gzip
timing-allow-origin
*
index.html
517s61.reminews.com/dannig/common-player-arrow/ 		6 KB
7 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://517s61.reminews.com/dannig/common-player-arrow/index.html?var=1541501&ymid=2112031122ebd75270443444978032c29d65&rc=1&mrc=0&fsc=0&zoneid=1601571&tburl=https://play-vids.com/?geo=nl&proxy=true
Requested by
Host: kneeansweras.com
URL: https://kneeansweras.com/?r=dir&zoneid=1541501&var=1541502&pb=fd9320c7c3a5215f51a9fc8f124d502a1638555773&psp=x-1dUWWwJ4VS1sddHyj-EFInJrBdVkSfrdkuqCs1MKz7cTm2kt1o1i4tFvK81kLK6lv2mCNy1eAMowe4XWMbCQ9xBuo6bhel-FU5P6r9SYXkSXa3rjr5VR1YibyjoHU40G5KvlzFuziaql5jJtxIFsfO3yAGeRkcuQgoemiZB2h4ns2fQGKW8U6mdB30Jd1elwWL2QndJJZ6yZzG1Ts6EI9XnlMJNquSVDQSF-52c5DSVOOoRvfPDev4nfqySfibS4LLlYJjnDQPH2ZCGH7SGqRWrAGGN0G7ELf3iQS4WGh16NKugBMwNIk_uvFWkkBqEA-OP_uOuE_sjTsDb1ajafRZct386trSWMHiGpUNfH5W3ahOyOziTRVy36jhijE3nohmZ1Tvvo7xbcXUH5O2qus-9Sp_g3iOBuqZnUdzfZkKScvo9bcttFNMBVV5oL4JAM2AiIu8EzcZuirR69W1iunjQnsJLMo4UOCMyjx-2ZUnYlN2iAwcw6_XiiDKGJ1z2ycjve2wtFz-T-xZkvlmjNYACu-hRTaA7BT8jRcUQZJZLkB78-5ld1TiJl75_WGkmbiQaUVyZsAQAHHfSe92DpcxuNbhNgT_2SRajMloE49XvU_nWwik5wAq3K7VnXNVdtZF8o7DytWQ50rEemK2JmyR71hF6Yubf-mAslGYLnHtAWLXkQLwyQ==&nojs=0&ix=0&t=0&x=1600&y=1200&wcks=1&wgl=1&cnvs=1&os=0&md=0&bb=0&pl=Chrome%20PDF%20Plugin::Chrome%20PDF%20Viewer::Native%20Client&lang=en-US&pf=Linux%20x86_64&cd=24&0&pload=107
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
45.133.44.3 Philadelphia, United States, ASN39572 (ADVANCEDHOSTERS-AS, NL),
Reverse DNS
Software
nginx/1.18.0 /
Resource Hash
dccc56b4834577790633f041a5c730b0f283352e63c8509a9da3961b170b6f96

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36
Accept-Language
nl-NL,nl;q=0.9

Response headers

date
Fri, 03 Dec 2021 16:22:53 GMT
content-type
text/html; charset=utf-8
content-length
6611
server
nginx/1.18.0
last-modified
Tue, 26 Oct 2021 15:52:40 GMT
etag
f46a63e0e4e733d7ddc6f46da00863bf
x-timestamp
1635263559.76455
x-trans-id
txf9973ab5455e4f86ae257-00617824f3
x-openstack-request-id
txf9973ab5455e4f86ae257-00617824f3
cache-control
max-age=172800
access-control-allow-origin
*
access-control-allow-methods
HEAD,GET,POST,PUT,PATCH,DELETE,OPTIONS
access-control-allow-headers
Content-Type,X-Requested-With,X-Auth-Token,X-Openstack-Request-Id,X-Container-Meta-type,X-Container-Meta-Temp-URL-Key,Authorization
access-control-expose-headers
X-Container-Meta-Temp-Url-Key,X-Container-Bytes-Used,Last-Modified,X-Timestamp
expires
Sun, 05 Dec 2021 16:22:53 GMT
vary
Accept-Encoding
x-proxy-cache
HIT
accept-ranges
bytes
dupa.gif
kneeansweras.com/ 		0
0
script.js
123.selornews.com/dannig/common-player-arrow/ 		4 KB
5 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://123.selornews.com/dannig/common-player-arrow/script.js?a=19
Requested by
Host: 517s61.reminews.com
URL: https://517s61.reminews.com/dannig/common-player-arrow/index.html?var=1541501&ymid=2112031122ebd75270443444978032c29d65&rc=1&mrc=0&fsc=0&zoneid=1601571&tburl=https://play-vids.com/?geo=nl&proxy=true
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
45.133.44.4 Philadelphia, United States, ASN39572 (ADVANCEDHOSTERS-AS, NL),
Reverse DNS
Software
nginx/1.18.0 /
Resource Hash
4d23eca65ee87fd5bce9aaefc863c5f836ad13dbb3069c72533bddfe2054d0d9

Request headers

Accept-Language
nl-NL,nl;q=0.9
Referer
https://517s61.reminews.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date
Fri, 03 Dec 2021 16:22:53 GMT
x-openstack-request-id
tx511d3042704c4fa98c709-00617824f4
x-trans-id
tx511d3042704c4fa98c709-00617824f4
x-timestamp
1631013005.68768
accept-ranges
bytes
expires
Sun, 05 Dec 2021 16:22:53 GMT
last-modified
Tue, 07 Sep 2021 11:10:06 GMT
server
nginx/1.18.0
etag
9d479878f1dadd7ee15cebf73891e8ae
vary
Accept-Encoding
access-control-allow-methods
HEAD,GET,POST,PUT,PATCH,DELETE,OPTIONS
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
access-control-expose-headers
X-Container-Meta-Temp-Url-Key,X-Container-Bytes-Used,Last-Modified,X-Timestamp
cache-control
max-age=172800
content-length
4281
access-control-allow-headers
Content-Type,X-Requested-With,X-Auth-Token,X-Openstack-Request-Id,X-Container-Meta-type,X-Container-Meta-Temp-URL-Key,Authorization
x-proxy-cache
HIT
icon1.png
123.selornews.com/dannig/common-player-arrow/img/ 		7 KB
8 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://123.selornews.com/dannig/common-player-arrow/img/icon1.png
Requested by
Host: 517s61.reminews.com
URL: https://517s61.reminews.com/dannig/common-player-arrow/index.html?var=1541501&ymid=2112031122ebd75270443444978032c29d65&rc=1&mrc=0&fsc=0&zoneid=1601571&tburl=https://play-vids.com/?geo=nl&proxy=true
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
45.133.44.4 Philadelphia, United States, ASN39572 (ADVANCEDHOSTERS-AS, NL),
Reverse DNS
Software
nginx/1.18.0 /
Resource Hash
0515ddd9185d263874e7b66bb6d521fcd63b857aac5fed51c08df98026dafe27

Request headers

Accept-Language
nl-NL,nl;q=0.9
Referer
https://517s61.reminews.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date
Fri, 03 Dec 2021 16:22:53 GMT
x-openstack-request-id
tx3a371b7f911d47879e956-00617824f4
x-trans-id
tx3a371b7f911d47879e956-00617824f4
x-timestamp
1621260766.56573
accept-ranges
bytes
expires
Sun, 05 Dec 2021 16:22:53 GMT
last-modified
Mon, 17 May 2021 14:12:47 GMT
server
nginx/1.18.0
etag
3d0ab5834c8bf7134e4d21fa3288317f
vary
Accept-Encoding
access-control-allow-methods
HEAD,GET,POST,PUT,PATCH,DELETE,OPTIONS
content-type
image/png
access-control-allow-origin
*
access-control-expose-headers
X-Container-Meta-Temp-Url-Key,X-Container-Bytes-Used,Last-Modified,X-Timestamp
cache-control
max-age=172800
content-length
7252
access-control-allow-headers
Content-Type,X-Requested-With,X-Auth-Token,X-Openstack-Request-Id,X-Container-Meta-type,X-Container-Meta-Temp-URL-Key,Authorization
x-proxy-cache
HIT
icon2.png
123.selornews.com/dannig/common-player-arrow/img/ 		4 KB
5 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://123.selornews.com/dannig/common-player-arrow/img/icon2.png
Requested by
Host: 517s61.reminews.com
URL: https://517s61.reminews.com/dannig/common-player-arrow/index.html?var=1541501&ymid=2112031122ebd75270443444978032c29d65&rc=1&mrc=0&fsc=0&zoneid=1601571&tburl=https://play-vids.com/?geo=nl&proxy=true
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
45.133.44.4 Philadelphia, United States, ASN39572 (ADVANCEDHOSTERS-AS, NL),
Reverse DNS
Software
nginx/1.18.0 /
Resource Hash

Request headers

Accept-Language
nl-NL,nl;q=0.9
Referer
https://517s61.reminews.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date
Fri, 03 Dec 2021 16:22:53 GMT
x-openstack-request-id
txa9b08c83d6884e2e94886-00617824f0
x-trans-id
txa9b08c83d6884e2e94886-00617824f0
x-timestamp
1621260766.58366
accept-ranges
bytes
expires
Sun, 05 Dec 2021 16:22:53 GMT
last-modified
Mon, 17 May 2021 14:12:47 GMT
server
nginx/1.18.0
etag
c947d439eb93367f1af5b2a3d222f057
vary
Accept-Encoding
access-control-allow-methods
HEAD,GET,POST,PUT,PATCH,DELETE,OPTIONS
content-type
image/png
access-control-allow-origin
*
access-control-expose-headers
X-Container-Meta-Temp-Url-Key,X-Container-Bytes-Used,Last-Modified,X-Timestamp
cache-control
max-age=172800
content-length
4576
access-control-allow-headers
Content-Type,X-Requested-With,X-Auth-Token,X-Openstack-Request-Id,X-Container-Meta-type,X-Container-Meta-Temp-URL-Key,Authorization
x-proxy-cache
HIT
icon3.png
123.selornews.com/dannig/common-player-arrow/img/ 		8 KB
8 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://123.selornews.com/dannig/common-player-arrow/img/icon3.png
Requested by
Host: 517s61.reminews.com
URL: https://517s61.reminews.com/dannig/common-player-arrow/index.html?var=1541501&ymid=2112031122ebd75270443444978032c29d65&rc=1&mrc=0&fsc=0&zoneid=1601571&tburl=https://play-vids.com/?geo=nl&proxy=true
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
45.133.44.4 Philadelphia, United States, ASN39572 (ADVANCEDHOSTERS-AS, NL),
Reverse DNS
Software
nginx/1.18.0 /
Resource Hash

Request headers

Accept-Language
nl-NL,nl;q=0.9
Referer
https://517s61.reminews.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date
Fri, 03 Dec 2021 16:22:53 GMT
x-openstack-request-id
txe836bc800dc74cab8c17e-00617824f0
x-trans-id
txe836bc800dc74cab8c17e-00617824f0
x-timestamp
1621260770.61859
accept-ranges
bytes
expires
Sun, 05 Dec 2021 16:22:53 GMT
last-modified
Mon, 17 May 2021 14:12:51 GMT
server
nginx/1.18.0
etag
8f3cc830da0b1fdf66bda7d1d734747b
vary
Accept-Encoding
access-control-allow-methods
HEAD,GET,POST,PUT,PATCH,DELETE,OPTIONS
content-type
image/png
access-control-allow-origin
*
access-control-expose-headers
X-Container-Meta-Temp-Url-Key,X-Container-Bytes-Used,Last-Modified,X-Timestamp
cache-control
max-age=172800
content-length
7847
access-control-allow-headers
Content-Type,X-Requested-With,X-Auth-Token,X-Openstack-Request-Id,X-Container-Meta-type,X-Container-Meta-Temp-URL-Key,Authorization
x-proxy-cache
HIT
icon4.png
123.selornews.com/dannig/common-player-arrow/img/ 		7 KB
7 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://123.selornews.com/dannig/common-player-arrow/img/icon4.png
Requested by
Host: 517s61.reminews.com
URL: https://517s61.reminews.com/dannig/common-player-arrow/index.html?var=1541501&ymid=2112031122ebd75270443444978032c29d65&rc=1&mrc=0&fsc=0&zoneid=1601571&tburl=https://play-vids.com/?geo=nl&proxy=true
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
45.133.44.4 Philadelphia, United States, ASN39572 (ADVANCEDHOSTERS-AS, NL),
Reverse DNS
Software
nginx/1.18.0 /
Resource Hash

Request headers

Accept-Language
nl-NL,nl;q=0.9
Referer
https://517s61.reminews.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date
Fri, 03 Dec 2021 16:22:53 GMT
x-openstack-request-id
tx15b172dcb6084849bf123-00617824f0
x-trans-id
tx15b172dcb6084849bf123-00617824f0
x-timestamp
1621260766.57654
accept-ranges
bytes
expires
Sun, 05 Dec 2021 16:22:53 GMT
last-modified
Mon, 17 May 2021 14:12:47 GMT
server
nginx/1.18.0
etag
7ad7f32c1c0df7b4975cc41bda4ac435
vary
Accept-Encoding
access-control-allow-methods
HEAD,GET,POST,PUT,PATCH,DELETE,OPTIONS
content-type
image/png
access-control-allow-origin
*
access-control-expose-headers
X-Container-Meta-Temp-Url-Key,X-Container-Bytes-Used,Last-Modified,X-Timestamp
cache-control
max-age=172800
content-length
7032
access-control-allow-headers
Content-Type,X-Requested-With,X-Auth-Token,X-Openstack-Request-Id,X-Container-Meta-type,X-Container-Meta-Temp-URL-Key,Authorization
x-proxy-cache
HIT
icon5.png
123.selornews.com/dannig/common-player-arrow/img/ 		3 KB
4 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://123.selornews.com/dannig/common-player-arrow/img/icon5.png
Requested by
Host: 517s61.reminews.com
URL: https://517s61.reminews.com/dannig/common-player-arrow/index.html?var=1541501&ymid=2112031122ebd75270443444978032c29d65&rc=1&mrc=0&fsc=0&zoneid=1601571&tburl=https://play-vids.com/?geo=nl&proxy=true
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
45.133.44.4 Philadelphia, United States, ASN39572 (ADVANCEDHOSTERS-AS, NL),
Reverse DNS
Software
nginx/1.18.0 /
Resource Hash

Request headers

Accept-Language
nl-NL,nl;q=0.9
Referer
https://517s61.reminews.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date
Fri, 03 Dec 2021 16:22:53 GMT
x-openstack-request-id
txb5043e51fe2e4d6988631-00617824f0
x-trans-id
txb5043e51fe2e4d6988631-00617824f0
x-timestamp
1621260766.74516
accept-ranges
bytes
expires
Sun, 05 Dec 2021 16:22:53 GMT
last-modified
Mon, 17 May 2021 14:12:47 GMT
server
nginx/1.18.0
etag
1e1a7582b5da63e10485d63f97abc9a0
vary
Accept-Encoding
access-control-allow-methods
HEAD,GET,POST,PUT,PATCH,DELETE,OPTIONS
content-type
image/png
access-control-allow-origin
*
access-control-expose-headers
X-Container-Meta-Temp-Url-Key,X-Container-Bytes-Used,Last-Modified,X-Timestamp
cache-control
max-age=172800
content-length
3264
access-control-allow-headers
Content-Type,X-Requested-With,X-Auth-Token,X-Openstack-Request-Id,X-Container-Meta-type,X-Container-Meta-Temp-URL-Key,Authorization
x-proxy-cache
HIT
icon7.png
123.selornews.com/dannig/common-player-arrow/img/ 		3 KB
4 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://123.selornews.com/dannig/common-player-arrow/img/icon7.png
Requested by
Host: 517s61.reminews.com
URL: https://517s61.reminews.com/dannig/common-player-arrow/index.html?var=1541501&ymid=2112031122ebd75270443444978032c29d65&rc=1&mrc=0&fsc=0&zoneid=1601571&tburl=https://play-vids.com/?geo=nl&proxy=true
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
45.133.44.4 Philadelphia, United States, ASN39572 (ADVANCEDHOSTERS-AS, NL),
Reverse DNS
Software
nginx/1.18.0 /
Resource Hash

Request headers

Accept-Language
nl-NL,nl;q=0.9
Referer
https://517s61.reminews.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date
Fri, 03 Dec 2021 16:22:53 GMT
x-openstack-request-id
tx23eb648f44094a9e86fdc-00617824f0
x-trans-id
tx23eb648f44094a9e86fdc-00617824f0
x-timestamp
1621260767.43555
accept-ranges
bytes
expires
Sun, 05 Dec 2021 16:22:53 GMT
last-modified
Mon, 17 May 2021 14:12:48 GMT
server
nginx/1.18.0
etag
b512735542cb07b3b2dcf153a7dfe456
vary
Accept-Encoding
access-control-allow-methods
HEAD,GET,POST,PUT,PATCH,DELETE,OPTIONS
content-type
image/png
access-control-allow-origin
*
access-control-expose-headers
X-Container-Meta-Temp-Url-Key,X-Container-Bytes-Used,Last-Modified,X-Timestamp
cache-control
max-age=172800
content-length
3283
access-control-allow-headers
Content-Type,X-Requested-With,X-Auth-Token,X-Openstack-Request-Id,X-Container-Meta-type,X-Container-Meta-Temp-URL-Key,Authorization
x-proxy-cache
HIT
icon8.png
123.selornews.com/dannig/common-player-arrow/img/ 		4 KB
5 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://123.selornews.com/dannig/common-player-arrow/img/icon8.png
Requested by
Host: 517s61.reminews.com
URL: https://517s61.reminews.com/dannig/common-player-arrow/index.html?var=1541501&ymid=2112031122ebd75270443444978032c29d65&rc=1&mrc=0&fsc=0&zoneid=1601571&tburl=https://play-vids.com/?geo=nl&proxy=true
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
45.133.44.4 Philadelphia, United States, ASN39572 (ADVANCEDHOSTERS-AS, NL),
Reverse DNS
Software
nginx/1.18.0 /
Resource Hash

Request headers

Accept-Language
nl-NL,nl;q=0.9
Referer
https://517s61.reminews.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date
Fri, 03 Dec 2021 16:22:53 GMT
x-openstack-request-id
tx287de7c84de84b77b385d-00617824f0
x-trans-id
tx287de7c84de84b77b385d-00617824f0
x-timestamp
1621260767.46514
accept-ranges
bytes
expires
Sun, 05 Dec 2021 16:22:53 GMT
last-modified
Mon, 17 May 2021 14:12:48 GMT
server
nginx/1.18.0
etag
f92d6474ebc6a3a0b576749cfb4afe98
vary
Accept-Encoding
access-control-allow-methods
HEAD,GET,POST,PUT,PATCH,DELETE,OPTIONS
content-type
image/png
access-control-allow-origin
*
access-control-expose-headers
X-Container-Meta-Temp-Url-Key,X-Container-Bytes-Used,Last-Modified,X-Timestamp
cache-control
max-age=172800
content-length
4064
access-control-allow-headers
Content-Type,X-Requested-With,X-Auth-Token,X-Openstack-Request-Id,X-Container-Meta-type,X-Container-Meta-Temp-URL-Key,Authorization
x-proxy-cache
HIT
afu.php
kneeansweras.com/ 		2 KB
1 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://kneeansweras.com/afu.php?zoneid=1541502&var=1541501
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
109.206.162.83 , Netherlands, ASN50245 (SERVEREL-AS, NL),
Reverse DNS
83.162.serverel.net
Software
nginx /
Resource Hash
25288962b38c8ae81be25a81bc692a6a5b489fd5317b9d356b6dbc02e03674a1

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36
Accept-Language
nl-NL,nl;q=0.9

Response headers

server
nginx
date
Fri, 03 Dec 2021 16:22:53 GMT
content-type
text/html; charset=utf-8
vary
Accept-Encoding
content-encoding
gzip
timing-allow-origin
*
submit.min.js
kneeansweras.com/ 		34 KB
14 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://kneeansweras.com/submit.min.js?2.0
Requested by
Host: kneeansweras.com
URL: https://kneeansweras.com/afu.php?zoneid=1541502&var=1541501
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
109.206.162.83 , Netherlands, ASN50245 (SERVEREL-AS, NL),
Reverse DNS
83.162.serverel.net
Software
nginx /
Resource Hash
85a367f436675a0f9ff723ab117c68ab0f704cd9f183bc40c8d5e06d647832b8

Request headers

Accept-Language
nl-NL,nl;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date
Fri, 03 Dec 2021 16:22:53 GMT
content-encoding
gzip
last-modified
Thu, 02 Dec 2021 12:43:17 GMT
server
nginx
etag
W/"61a8bf65-87fb"
vary
Accept-Encoding
content-type
application/javascript
timing-allow-origin
*
/
kneeansweras.com/ 		3 KB
2 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://kneeansweras.com/?r=dir&zoneid=1541502&var=1541501&pb=fd9320c7c3a5215f51a9fc8f124d502a1638555773&psp=TEd7hDikFiLgLugo5u86cvoEy6gUHFlnT74G3h3qtvDUqtJ-j35l5xcnAqL4xjcJ9c-kzsAtqAc6odNFvrK78An2aaW5oh1cW8Q1F9HTyNeLIStt8YN8Zz5RKus_Bq4z2zLjn8dMOmQeGTOKZ2KlKCyrxu0V80iFXLji3TxdzK342X8tbeljuxB2r3JtIt0q8ob8ecgMeUw3CGHRpSJaXU4pUMfM-tn4vNYecLrWx6WVS1_O-lcPzNz63D49Rj4hMjwCCKOD7aia-R8zkOjkbwwC0MzafLEnuq8VTL8Pl4oLqJJhvOAxmXTx57rnELa1zKopWYlmy4lc23aE-Ho4KtskcxBVoSN_7Cfp0jyPJNHCofJrvney_3GLvQjHc8nNskJ6ZNBiK0bJwQ2M-ai2_QTzib9DvmWGMRUbxcXkNcCpKD4Z_2Jnnc1T9opO9pDIlKevIiHLekYm4JBKWUpZkFKyjr_GdGfG7jPqJ9ckN55Kh226oevxg-YBjmmGTpDiiiIY8ChHNdFMh8tm1DugoKh_Esb7KZmsVutTH5Bfs5vsc4FBcIV3VezNZRDaArdxFfVN9pZV4hq4fldyXMaKrIBovGrPKNTgmm3lMLOFe0VEaEngy70GaVRqeWInOxKgD3BLYgJmeEwhq0f3SzdE-RZ7e-bFfYxqkkqczHFM5G-5-Vy5kKIMfA==&nojs=0&ix=0&t=0&x=1600&y=1200&wcks=1&wgl=1&cnvs=1&os=0&md=0&bb=0&pl=Chrome%20PDF%20Plugin::Chrome%20PDF%20Viewer::Native%20Client&lang=en-US&pf=Linux%20x86_64&cd=24&0&pload=106
Requested by
Host: kneeansweras.com
URL: https://kneeansweras.com/submit.min.js?2.0
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
109.206.162.83 , Netherlands, ASN50245 (SERVEREL-AS, NL),
Reverse DNS
83.162.serverel.net
Software
nginx /
Resource Hash
d84c7caad8eb4b1fdec227ed34b779ff4d2e09e7fedbc19e1bf9ad0f57f2f37f

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36
Accept-Language
nl-NL,nl;q=0.9

Response headers

server
nginx
date
Fri, 03 Dec 2021 16:22:53 GMT
content-type
text/html; charset=utf-8
vary
Accept-Encoding
content-encoding
gzip
timing-allow-origin
*
index.html
517s61.reminews.com/dannig/common-player-arrow/ 		6 KB
7 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://517s61.reminews.com/dannig/common-player-arrow/index.html?var=1541502&ymid=211203112288f12b8f0b9b497c8aac54cf41&rc=1&mrc=0&fsc=0&zoneid=1601571&tburl=https://play-vids.com/?geo=nl&proxy=true
Requested by
Host: kneeansweras.com
URL: https://kneeansweras.com/?r=dir&zoneid=1541502&var=1541501&pb=fd9320c7c3a5215f51a9fc8f124d502a1638555773&psp=TEd7hDikFiLgLugo5u86cvoEy6gUHFlnT74G3h3qtvDUqtJ-j35l5xcnAqL4xjcJ9c-kzsAtqAc6odNFvrK78An2aaW5oh1cW8Q1F9HTyNeLIStt8YN8Zz5RKus_Bq4z2zLjn8dMOmQeGTOKZ2KlKCyrxu0V80iFXLji3TxdzK342X8tbeljuxB2r3JtIt0q8ob8ecgMeUw3CGHRpSJaXU4pUMfM-tn4vNYecLrWx6WVS1_O-lcPzNz63D49Rj4hMjwCCKOD7aia-R8zkOjkbwwC0MzafLEnuq8VTL8Pl4oLqJJhvOAxmXTx57rnELa1zKopWYlmy4lc23aE-Ho4KtskcxBVoSN_7Cfp0jyPJNHCofJrvney_3GLvQjHc8nNskJ6ZNBiK0bJwQ2M-ai2_QTzib9DvmWGMRUbxcXkNcCpKD4Z_2Jnnc1T9opO9pDIlKevIiHLekYm4JBKWUpZkFKyjr_GdGfG7jPqJ9ckN55Kh226oevxg-YBjmmGTpDiiiIY8ChHNdFMh8tm1DugoKh_Esb7KZmsVutTH5Bfs5vsc4FBcIV3VezNZRDaArdxFfVN9pZV4hq4fldyXMaKrIBovGrPKNTgmm3lMLOFe0VEaEngy70GaVRqeWInOxKgD3BLYgJmeEwhq0f3SzdE-RZ7e-bFfYxqkkqczHFM5G-5-Vy5kKIMfA==&nojs=0&ix=0&t=0&x=1600&y=1200&wcks=1&wgl=1&cnvs=1&os=0&md=0&bb=0&pl=Chrome%20PDF%20Plugin::Chrome%20PDF%20Viewer::Native%20Client&lang=en-US&pf=Linux%20x86_64&cd=24&0&pload=106
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
45.133.44.3 Philadelphia, United States, ASN39572 (ADVANCEDHOSTERS-AS, NL),
Reverse DNS
Software
nginx/1.18.0 /
Resource Hash
dccc56b4834577790633f041a5c730b0f283352e63c8509a9da3961b170b6f96

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36
Accept-Language
nl-NL,nl;q=0.9

Response headers

date
Fri, 03 Dec 2021 16:22:53 GMT
content-type
text/html; charset=utf-8
content-length
6611
server
nginx/1.18.0
last-modified
Tue, 26 Oct 2021 15:52:40 GMT
etag
f46a63e0e4e733d7ddc6f46da00863bf
x-timestamp
1635263559.76455
x-trans-id
txf9973ab5455e4f86ae257-00617824f3
x-openstack-request-id
txf9973ab5455e4f86ae257-00617824f3
cache-control
max-age=172800
access-control-allow-origin
*
access-control-allow-methods
HEAD,GET,POST,PUT,PATCH,DELETE,OPTIONS
access-control-allow-headers
Content-Type,X-Requested-With,X-Auth-Token,X-Openstack-Request-Id,X-Container-Meta-type,X-Container-Meta-Temp-URL-Key,Authorization
access-control-expose-headers
X-Container-Meta-Temp-Url-Key,X-Container-Bytes-Used,Last-Modified,X-Timestamp
expires
Sun, 05 Dec 2021 16:22:53 GMT
vary
Accept-Encoding
x-proxy-cache
HIT
accept-ranges
bytes
dupa.gif
kneeansweras.com/ 		0
0
script.js
123.selornews.com/dannig/common-player-arrow/ 		4 KB
5 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://123.selornews.com/dannig/common-player-arrow/script.js?a=19
Requested by
Host: 517s61.reminews.com
URL: https://517s61.reminews.com/dannig/common-player-arrow/index.html?var=1541502&ymid=211203112288f12b8f0b9b497c8aac54cf41&rc=1&mrc=0&fsc=0&zoneid=1601571&tburl=https://play-vids.com/?geo=nl&proxy=true
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
45.133.44.4 Philadelphia, United States, ASN39572 (ADVANCEDHOSTERS-AS, NL),
Reverse DNS
Software
nginx/1.18.0 /
Resource Hash
4d23eca65ee87fd5bce9aaefc863c5f836ad13dbb3069c72533bddfe2054d0d9

Request headers

Accept-Language
nl-NL,nl;q=0.9
Referer
https://517s61.reminews.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date
Fri, 03 Dec 2021 16:22:53 GMT
x-openstack-request-id
tx511d3042704c4fa98c709-00617824f4
x-trans-id
tx511d3042704c4fa98c709-00617824f4
x-timestamp
1631013005.68768
accept-ranges
bytes
expires
Sun, 05 Dec 2021 16:22:53 GMT
last-modified
Tue, 07 Sep 2021 11:10:06 GMT
server
nginx/1.18.0
etag
9d479878f1dadd7ee15cebf73891e8ae
vary
Accept-Encoding
access-control-allow-methods
HEAD,GET,POST,PUT,PATCH,DELETE,OPTIONS
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
access-control-expose-headers
X-Container-Meta-Temp-Url-Key,X-Container-Bytes-Used,Last-Modified,X-Timestamp
cache-control
max-age=172800
content-length
4281
access-control-allow-headers
Content-Type,X-Requested-With,X-Auth-Token,X-Openstack-Request-Id,X-Container-Meta-type,X-Container-Meta-Temp-URL-Key,Authorization
x-proxy-cache
HIT
icon1.png
123.selornews.com/dannig/common-player-arrow/img/ 		7 KB
8 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://123.selornews.com/dannig/common-player-arrow/img/icon1.png
Requested by
Host: 517s61.reminews.com
URL: https://517s61.reminews.com/dannig/common-player-arrow/index.html?var=1541502&ymid=211203112288f12b8f0b9b497c8aac54cf41&rc=1&mrc=0&fsc=0&zoneid=1601571&tburl=https://play-vids.com/?geo=nl&proxy=true
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
45.133.44.4 Philadelphia, United States, ASN39572 (ADVANCEDHOSTERS-AS, NL),
Reverse DNS
Software
nginx/1.18.0 /
Resource Hash

Request headers

Accept-Language
nl-NL,nl;q=0.9
Referer
https://517s61.reminews.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date
Fri, 03 Dec 2021 16:22:53 GMT
x-openstack-request-id
tx3a371b7f911d47879e956-00617824f4
x-trans-id
tx3a371b7f911d47879e956-00617824f4
x-timestamp
1621260766.56573
accept-ranges
bytes
expires
Sun, 05 Dec 2021 16:22:53 GMT
last-modified
Mon, 17 May 2021 14:12:47 GMT
server
nginx/1.18.0
etag
3d0ab5834c8bf7134e4d21fa3288317f
vary
Accept-Encoding
access-control-allow-methods
HEAD,GET,POST,PUT,PATCH,DELETE,OPTIONS
content-type
image/png
access-control-allow-origin
*
access-control-expose-headers
X-Container-Meta-Temp-Url-Key,X-Container-Bytes-Used,Last-Modified,X-Timestamp
cache-control
max-age=172800
content-length
7252
access-control-allow-headers
Content-Type,X-Requested-With,X-Auth-Token,X-Openstack-Request-Id,X-Container-Meta-type,X-Container-Meta-Temp-URL-Key,Authorization
x-proxy-cache
HIT
icon2.png
123.selornews.com/dannig/common-player-arrow/img/ 		4 KB
5 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://123.selornews.com/dannig/common-player-arrow/img/icon2.png
Requested by
Host: 517s61.reminews.com
URL: https://517s61.reminews.com/dannig/common-player-arrow/index.html?var=1541502&ymid=211203112288f12b8f0b9b497c8aac54cf41&rc=1&mrc=0&fsc=0&zoneid=1601571&tburl=https://play-vids.com/?geo=nl&proxy=true
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
45.133.44.4 Philadelphia, United States, ASN39572 (ADVANCEDHOSTERS-AS, NL),
Reverse DNS
Software
nginx/1.18.0 /
Resource Hash

Request headers

Accept-Language
nl-NL,nl;q=0.9
Referer
https://517s61.reminews.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date
Fri, 03 Dec 2021 16:22:53 GMT
x-openstack-request-id
txa9b08c83d6884e2e94886-00617824f0
x-trans-id
txa9b08c83d6884e2e94886-00617824f0
x-timestamp
1621260766.58366
accept-ranges
bytes
expires
Sun, 05 Dec 2021 16:22:53 GMT
last-modified
Mon, 17 May 2021 14:12:47 GMT
server
nginx/1.18.0
etag
c947d439eb93367f1af5b2a3d222f057
vary
Accept-Encoding
access-control-allow-methods
HEAD,GET,POST,PUT,PATCH,DELETE,OPTIONS
content-type
image/png
access-control-allow-origin
*
access-control-expose-headers
X-Container-Meta-Temp-Url-Key,X-Container-Bytes-Used,Last-Modified,X-Timestamp
cache-control
max-age=172800
content-length
4576
access-control-allow-headers
Content-Type,X-Requested-With,X-Auth-Token,X-Openstack-Request-Id,X-Container-Meta-type,X-Container-Meta-Temp-URL-Key,Authorization
x-proxy-cache
HIT
icon3.png
123.selornews.com/dannig/common-player-arrow/img/ 		8 KB
8 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://123.selornews.com/dannig/common-player-arrow/img/icon3.png
Requested by
Host: 517s61.reminews.com
URL: https://517s61.reminews.com/dannig/common-player-arrow/index.html?var=1541502&ymid=211203112288f12b8f0b9b497c8aac54cf41&rc=1&mrc=0&fsc=0&zoneid=1601571&tburl=https://play-vids.com/?geo=nl&proxy=true
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
45.133.44.4 Philadelphia, United States, ASN39572 (ADVANCEDHOSTERS-AS, NL),
Reverse DNS
Software
nginx/1.18.0 /
Resource Hash

Request headers

Accept-Language
nl-NL,nl;q=0.9
Referer
https://517s61.reminews.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date
Fri, 03 Dec 2021 16:22:53 GMT
x-openstack-request-id
txe836bc800dc74cab8c17e-00617824f0
x-trans-id
txe836bc800dc74cab8c17e-00617824f0
x-timestamp
1621260770.61859
accept-ranges
bytes
expires
Sun, 05 Dec 2021 16:22:53 GMT
last-modified
Mon, 17 May 2021 14:12:51 GMT
server
nginx/1.18.0
etag
8f3cc830da0b1fdf66bda7d1d734747b
vary
Accept-Encoding
access-control-allow-methods
HEAD,GET,POST,PUT,PATCH,DELETE,OPTIONS
content-type
image/png
access-control-allow-origin
*
access-control-expose-headers
X-Container-Meta-Temp-Url-Key,X-Container-Bytes-Used,Last-Modified,X-Timestamp
cache-control
max-age=172800
content-length
7847
access-control-allow-headers
Content-Type,X-Requested-With,X-Auth-Token,X-Openstack-Request-Id,X-Container-Meta-type,X-Container-Meta-Temp-URL-Key,Authorization
x-proxy-cache
HIT
icon4.png
123.selornews.com/dannig/common-player-arrow/img/ 		7 KB
7 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://123.selornews.com/dannig/common-player-arrow/img/icon4.png
Requested by
Host: 517s61.reminews.com
URL: https://517s61.reminews.com/dannig/common-player-arrow/index.html?var=1541502&ymid=211203112288f12b8f0b9b497c8aac54cf41&rc=1&mrc=0&fsc=0&zoneid=1601571&tburl=https://play-vids.com/?geo=nl&proxy=true
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
45.133.44.4 Philadelphia, United States, ASN39572 (ADVANCEDHOSTERS-AS, NL),
Reverse DNS
Software
nginx/1.18.0 /
Resource Hash

Request headers

Accept-Language
nl-NL,nl;q=0.9
Referer
https://517s61.reminews.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date
Fri, 03 Dec 2021 16:22:53 GMT
x-openstack-request-id
tx15b172dcb6084849bf123-00617824f0
x-trans-id
tx15b172dcb6084849bf123-00617824f0
x-timestamp
1621260766.57654
accept-ranges
bytes
expires
Sun, 05 Dec 2021 16:22:53 GMT
last-modified
Mon, 17 May 2021 14:12:47 GMT
server
nginx/1.18.0
etag
7ad7f32c1c0df7b4975cc41bda4ac435
vary
Accept-Encoding
access-control-allow-methods
HEAD,GET,POST,PUT,PATCH,DELETE,OPTIONS
content-type
image/png
access-control-allow-origin
*
access-control-expose-headers
X-Container-Meta-Temp-Url-Key,X-Container-Bytes-Used,Last-Modified,X-Timestamp
cache-control
max-age=172800
content-length
7032
access-control-allow-headers
Content-Type,X-Requested-With,X-Auth-Token,X-Openstack-Request-Id,X-Container-Meta-type,X-Container-Meta-Temp-URL-Key,Authorization
x-proxy-cache
HIT
icon5.png
123.selornews.com/dannig/common-player-arrow/img/ 		3 KB
4 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://123.selornews.com/dannig/common-player-arrow/img/icon5.png
Requested by
Host: 517s61.reminews.com
URL: https://517s61.reminews.com/dannig/common-player-arrow/index.html?var=1541502&ymid=211203112288f12b8f0b9b497c8aac54cf41&rc=1&mrc=0&fsc=0&zoneid=1601571&tburl=https://play-vids.com/?geo=nl&proxy=true
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
45.133.44.4 Philadelphia, United States, ASN39572 (ADVANCEDHOSTERS-AS, NL),
Reverse DNS
Software
nginx/1.18.0 /
Resource Hash

Request headers

Accept-Language
nl-NL,nl;q=0.9
Referer
https://517s61.reminews.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date
Fri, 03 Dec 2021 16:22:53 GMT
x-openstack-request-id
txb5043e51fe2e4d6988631-00617824f0
x-trans-id
txb5043e51fe2e4d6988631-00617824f0
x-timestamp
1621260766.74516
accept-ranges
bytes
expires
Sun, 05 Dec 2021 16:22:53 GMT
last-modified
Mon, 17 May 2021 14:12:47 GMT
server
nginx/1.18.0
etag
1e1a7582b5da63e10485d63f97abc9a0
vary
Accept-Encoding
access-control-allow-methods
HEAD,GET,POST,PUT,PATCH,DELETE,OPTIONS
content-type
image/png
access-control-allow-origin
*
access-control-expose-headers
X-Container-Meta-Temp-Url-Key,X-Container-Bytes-Used,Last-Modified,X-Timestamp
cache-control
max-age=172800
content-length
3264
access-control-allow-headers
Content-Type,X-Requested-With,X-Auth-Token,X-Openstack-Request-Id,X-Container-Meta-type,X-Container-Meta-Temp-URL-Key,Authorization
x-proxy-cache
HIT
icon7.png
123.selornews.com/dannig/common-player-arrow/img/ 		3 KB
4 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://123.selornews.com/dannig/common-player-arrow/img/icon7.png
Requested by
Host: 517s61.reminews.com
URL: https://517s61.reminews.com/dannig/common-player-arrow/index.html?var=1541502&ymid=211203112288f12b8f0b9b497c8aac54cf41&rc=1&mrc=0&fsc=0&zoneid=1601571&tburl=https://play-vids.com/?geo=nl&proxy=true
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
45.133.44.4 Philadelphia, United States, ASN39572 (ADVANCEDHOSTERS-AS, NL),
Reverse DNS
Software
nginx/1.18.0 /
Resource Hash

Request headers

Accept-Language
nl-NL,nl;q=0.9
Referer
https://517s61.reminews.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date
Fri, 03 Dec 2021 16:22:53 GMT
x-openstack-request-id
tx23eb648f44094a9e86fdc-00617824f0
x-trans-id
tx23eb648f44094a9e86fdc-00617824f0
x-timestamp
1621260767.43555
accept-ranges
bytes
expires
Sun, 05 Dec 2021 16:22:53 GMT
last-modified
Mon, 17 May 2021 14:12:48 GMT
server
nginx/1.18.0
etag
b512735542cb07b3b2dcf153a7dfe456
vary
Accept-Encoding
access-control-allow-methods
HEAD,GET,POST,PUT,PATCH,DELETE,OPTIONS
content-type
image/png
access-control-allow-origin
*
access-control-expose-headers
X-Container-Meta-Temp-Url-Key,X-Container-Bytes-Used,Last-Modified,X-Timestamp
cache-control
max-age=172800
content-length
3283
access-control-allow-headers
Content-Type,X-Requested-With,X-Auth-Token,X-Openstack-Request-Id,X-Container-Meta-type,X-Container-Meta-Temp-URL-Key,Authorization
x-proxy-cache
HIT
icon8.png
123.selornews.com/dannig/common-player-arrow/img/ 		4 KB
5 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://123.selornews.com/dannig/common-player-arrow/img/icon8.png
Requested by
Host: 517s61.reminews.com
URL: https://517s61.reminews.com/dannig/common-player-arrow/index.html?var=1541502&ymid=211203112288f12b8f0b9b497c8aac54cf41&rc=1&mrc=0&fsc=0&zoneid=1601571&tburl=https://play-vids.com/?geo=nl&proxy=true
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
45.133.44.4 Philadelphia, United States, ASN39572 (ADVANCEDHOSTERS-AS, NL),
Reverse DNS
Software
nginx/1.18.0 /
Resource Hash

Request headers

Accept-Language
nl-NL,nl;q=0.9
Referer
https://517s61.reminews.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date
Fri, 03 Dec 2021 16:22:53 GMT
x-openstack-request-id
tx287de7c84de84b77b385d-00617824f0
x-trans-id
tx287de7c84de84b77b385d-00617824f0
x-timestamp
1621260767.46514
accept-ranges
bytes
expires
Sun, 05 Dec 2021 16:22:53 GMT
last-modified
Mon, 17 May 2021 14:12:48 GMT
server
nginx/1.18.0
etag
f92d6474ebc6a3a0b576749cfb4afe98
vary
Accept-Encoding
access-control-allow-methods
HEAD,GET,POST,PUT,PATCH,DELETE,OPTIONS
content-type
image/png
access-control-allow-origin
*
access-control-expose-headers
X-Container-Meta-Temp-Url-Key,X-Container-Bytes-Used,Last-Modified,X-Timestamp
cache-control
max-age=172800
content-length
4064
access-control-allow-headers
Content-Type,X-Requested-With,X-Auth-Token,X-Openstack-Request-Id,X-Container-Meta-type,X-Container-Meta-Temp-URL-Key,Authorization
x-proxy-cache
HIT
afu.php
kneeansweras.com/ 		2 KB
1 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://kneeansweras.com/afu.php?zoneid=1541501&var=1541502
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
109.206.162.83 , Netherlands, ASN50245 (SERVEREL-AS, NL),
Reverse DNS
83.162.serverel.net
Software
nginx /
Resource Hash
d1df533bd2c3121fb22e7358f4537040d68ac3a14ed647ba59f7d0f41d90dfba

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36
Accept-Language
nl-NL,nl;q=0.9

Response headers

server
nginx
date
Fri, 03 Dec 2021 16:22:53 GMT
content-type
text/html; charset=utf-8
vary
Accept-Encoding
content-encoding
gzip
timing-allow-origin
*
submit.min.js
kneeansweras.com/ 		34 KB
14 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://kneeansweras.com/submit.min.js?2.0
Requested by
Host: kneeansweras.com
URL: https://kneeansweras.com/afu.php?zoneid=1541501&var=1541502
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
109.206.162.83 , Netherlands, ASN50245 (SERVEREL-AS, NL),
Reverse DNS
83.162.serverel.net
Software
nginx /
Resource Hash
85a367f436675a0f9ff723ab117c68ab0f704cd9f183bc40c8d5e06d647832b8

Request headers

Accept-Language
nl-NL,nl;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date
Fri, 03 Dec 2021 16:22:53 GMT
content-encoding
gzip
last-modified
Thu, 02 Dec 2021 12:43:17 GMT
server
nginx
etag
W/"61a8bf65-87fb"
vary
Accept-Encoding
content-type
application/javascript
timing-allow-origin
*
/
kneeansweras.com/ 		3 KB
2 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://kneeansweras.com/?r=dir&zoneid=1541501&var=1541502&pb=fd9320c7c3a5215f51a9fc8f124d502a1638555773&psp=FsA8WMJKNx7DrN5hIE8S_uD7caMvW6fxv4Ekz7IMguOwAuRB2_-Er-x2imLliRoA3onHLVGwGeSSV4yKDsE9wGcS9uy9B5JYvt10MmfYct2VvOSmTC86pXLttpo2MCwPOJRdNPzUcc3rKjh7R1BEpK5SpEzkh9aLaUox4-0VE87Z4Is6MVnxlOOBNJAIJqO2pEVOXveg7rgQYYC1EKCl41pGgnTpx16cB_AtKGoiaFixv0ocJ1YbtXfUQ0Cev3iWc8yUw4Cg6wzZL0c9TaYI-pZH4b8TY9GuiwgGkFdLBqEW2PVD49g761SYQ_aQTNwoQUkf3uqV0cVjp_XXP0wfHvDESHewAZToQIUyV41Pbzvm6lWvyfWwZiefMoo1z6OIO6W1PwcXqAdz3bS7wFLxb4ev2wOspa0jMX2eaFGu6KQ2FvRcpOkSFjwAD3WEiYFcHBTfWh5nopmopGqzQUTRd1lxj30NuUv77nNqxPjLGX4M82smss41yoGTANTp_Fx76h4XUwXw21_rQNncBqVCK3XA9ktV253WxFjmfBMcy82A2bqbzTwNNpEVbjLYMt-H03qNEXisez40yn3cmUDZuF4iAuri7GLesomorH26j_e9UwTqoYmtQT0o5kxhr1URjbvSze_RRtZFUD47v3BGu1h1o3vCyPSUxSC0UoH4szctR68DrcJVDA==&nojs=0&ix=0&t=0&x=1600&y=1200&wcks=1&wgl=1&cnvs=1&os=0&md=0&bb=0&pl=Chrome%20PDF%20Plugin::Chrome%20PDF%20Viewer::Native%20Client&lang=en-US&pf=Linux%20x86_64&cd=24&0&pload=105
Requested by
Host: kneeansweras.com
URL: https://kneeansweras.com/submit.min.js?2.0
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
109.206.162.83 , Netherlands, ASN50245 (SERVEREL-AS, NL),
Reverse DNS
83.162.serverel.net
Software
nginx /
Resource Hash
60c48027b4a04276671710a5e90e2a1b93846bc472ae584e4e5d118b59385528

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36
Accept-Language
nl-NL,nl;q=0.9

Response headers

server
nginx
date
Fri, 03 Dec 2021 16:22:54 GMT
content-type
text/html; charset=utf-8
vary
Accept-Encoding
content-encoding
gzip
timing-allow-origin
*
index.html
517s61.reminews.com/dannig/common-player-arrow/ 		6 KB
7 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://517s61.reminews.com/dannig/common-player-arrow/index.html?var=1541501&ymid=2112031122fc5eda31c71e4a7995744a9a34&rc=1&mrc=0&fsc=0&zoneid=1601571&tburl=https://play-vids.com/?geo=nl&proxy=true
Requested by
Host: kneeansweras.com
URL: https://kneeansweras.com/?r=dir&zoneid=1541501&var=1541502&pb=fd9320c7c3a5215f51a9fc8f124d502a1638555773&psp=FsA8WMJKNx7DrN5hIE8S_uD7caMvW6fxv4Ekz7IMguOwAuRB2_-Er-x2imLliRoA3onHLVGwGeSSV4yKDsE9wGcS9uy9B5JYvt10MmfYct2VvOSmTC86pXLttpo2MCwPOJRdNPzUcc3rKjh7R1BEpK5SpEzkh9aLaUox4-0VE87Z4Is6MVnxlOOBNJAIJqO2pEVOXveg7rgQYYC1EKCl41pGgnTpx16cB_AtKGoiaFixv0ocJ1YbtXfUQ0Cev3iWc8yUw4Cg6wzZL0c9TaYI-pZH4b8TY9GuiwgGkFdLBqEW2PVD49g761SYQ_aQTNwoQUkf3uqV0cVjp_XXP0wfHvDESHewAZToQIUyV41Pbzvm6lWvyfWwZiefMoo1z6OIO6W1PwcXqAdz3bS7wFLxb4ev2wOspa0jMX2eaFGu6KQ2FvRcpOkSFjwAD3WEiYFcHBTfWh5nopmopGqzQUTRd1lxj30NuUv77nNqxPjLGX4M82smss41yoGTANTp_Fx76h4XUwXw21_rQNncBqVCK3XA9ktV253WxFjmfBMcy82A2bqbzTwNNpEVbjLYMt-H03qNEXisez40yn3cmUDZuF4iAuri7GLesomorH26j_e9UwTqoYmtQT0o5kxhr1URjbvSze_RRtZFUD47v3BGu1h1o3vCyPSUxSC0UoH4szctR68DrcJVDA==&nojs=0&ix=0&t=0&x=1600&y=1200&wcks=1&wgl=1&cnvs=1&os=0&md=0&bb=0&pl=Chrome%20PDF%20Plugin::Chrome%20PDF%20Viewer::Native%20Client&lang=en-US&pf=Linux%20x86_64&cd=24&0&pload=105
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
45.133.44.3 Philadelphia, United States, ASN39572 (ADVANCEDHOSTERS-AS, NL),
Reverse DNS
Software
nginx/1.18.0 /
Resource Hash
dccc56b4834577790633f041a5c730b0f283352e63c8509a9da3961b170b6f96

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36
Accept-Language
nl-NL,nl;q=0.9

Response headers

date
Fri, 03 Dec 2021 16:22:54 GMT
content-type
text/html; charset=utf-8
content-length
6611
server
nginx/1.18.0
last-modified
Tue, 26 Oct 2021 15:52:40 GMT
etag
f46a63e0e4e733d7ddc6f46da00863bf
x-timestamp
1635263559.76455
x-trans-id
txf9973ab5455e4f86ae257-00617824f3
x-openstack-request-id
txf9973ab5455e4f86ae257-00617824f3
cache-control
max-age=172800
access-control-allow-origin
*
access-control-allow-methods
HEAD,GET,POST,PUT,PATCH,DELETE,OPTIONS
access-control-allow-headers
Content-Type,X-Requested-With,X-Auth-Token,X-Openstack-Request-Id,X-Container-Meta-type,X-Container-Meta-Temp-URL-Key,Authorization
access-control-expose-headers
X-Container-Meta-Temp-Url-Key,X-Container-Bytes-Used,Last-Modified,X-Timestamp
expires
Sun, 05 Dec 2021 16:22:54 GMT
vary
Accept-Encoding
x-proxy-cache
HIT
accept-ranges
bytes
dupa.gif
kneeansweras.com/ 		0
0
script.js
123.selornews.com/dannig/common-player-arrow/ 		4 KB
5 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://123.selornews.com/dannig/common-player-arrow/script.js?a=19
Requested by
Host: 517s61.reminews.com
URL: https://517s61.reminews.com/dannig/common-player-arrow/index.html?var=1541501&ymid=2112031122fc5eda31c71e4a7995744a9a34&rc=1&mrc=0&fsc=0&zoneid=1601571&tburl=https://play-vids.com/?geo=nl&proxy=true
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
45.133.44.4 Philadelphia, United States, ASN39572 (ADVANCEDHOSTERS-AS, NL),
Reverse DNS
Software
nginx/1.18.0 /
Resource Hash
4d23eca65ee87fd5bce9aaefc863c5f836ad13dbb3069c72533bddfe2054d0d9

Request headers

Accept-Language
nl-NL,nl;q=0.9
Referer
https://517s61.reminews.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date
Fri, 03 Dec 2021 16:22:54 GMT
x-openstack-request-id
tx511d3042704c4fa98c709-00617824f4
x-trans-id
tx511d3042704c4fa98c709-00617824f4
x-timestamp
1631013005.68768
accept-ranges
bytes
expires
Sun, 05 Dec 2021 16:22:54 GMT
last-modified
Tue, 07 Sep 2021 11:10:06 GMT
server
nginx/1.18.0
etag
9d479878f1dadd7ee15cebf73891e8ae
vary
Accept-Encoding
access-control-allow-methods
HEAD,GET,POST,PUT,PATCH,DELETE,OPTIONS
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
access-control-expose-headers
X-Container-Meta-Temp-Url-Key,X-Container-Bytes-Used,Last-Modified,X-Timestamp
cache-control
max-age=172800
content-length
4281
access-control-allow-headers
Content-Type,X-Requested-With,X-Auth-Token,X-Openstack-Request-Id,X-Container-Meta-type,X-Container-Meta-Temp-URL-Key,Authorization
x-proxy-cache
HIT
icon1.png
123.selornews.com/dannig/common-player-arrow/img/ 		7 KB
8 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://123.selornews.com/dannig/common-player-arrow/img/icon1.png
Requested by
Host: 517s61.reminews.com
URL: https://517s61.reminews.com/dannig/common-player-arrow/index.html?var=1541501&ymid=2112031122fc5eda31c71e4a7995744a9a34&rc=1&mrc=0&fsc=0&zoneid=1601571&tburl=https://play-vids.com/?geo=nl&proxy=true
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
45.133.44.4 Philadelphia, United States, ASN39572 (ADVANCEDHOSTERS-AS, NL),
Reverse DNS
Software
nginx/1.18.0 /
Resource Hash
0515ddd9185d263874e7b66bb6d521fcd63b857aac5fed51c08df98026dafe27

Request headers

Accept-Language
nl-NL,nl;q=0.9
Referer
https://517s61.reminews.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date
Fri, 03 Dec 2021 16:22:54 GMT
x-openstack-request-id
tx3a371b7f911d47879e956-00617824f4
x-trans-id
tx3a371b7f911d47879e956-00617824f4
x-timestamp
1621260766.56573
accept-ranges
bytes
expires
Sun, 05 Dec 2021 16:22:54 GMT
last-modified
Mon, 17 May 2021 14:12:47 GMT
server
nginx/1.18.0
etag
3d0ab5834c8bf7134e4d21fa3288317f
vary
Accept-Encoding
access-control-allow-methods
HEAD,GET,POST,PUT,PATCH,DELETE,OPTIONS
content-type
image/png
access-control-allow-origin
*
access-control-expose-headers
X-Container-Meta-Temp-Url-Key,X-Container-Bytes-Used,Last-Modified,X-Timestamp
cache-control
max-age=172800
content-length
7252
access-control-allow-headers
Content-Type,X-Requested-With,X-Auth-Token,X-Openstack-Request-Id,X-Container-Meta-type,X-Container-Meta-Temp-URL-Key,Authorization
x-proxy-cache
HIT
icon2.png
123.selornews.com/dannig/common-player-arrow/img/ 		4 KB
5 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://123.selornews.com/dannig/common-player-arrow/img/icon2.png
Requested by
Host: 517s61.reminews.com
URL: https://517s61.reminews.com/dannig/common-player-arrow/index.html?var=1541501&ymid=2112031122fc5eda31c71e4a7995744a9a34&rc=1&mrc=0&fsc=0&zoneid=1601571&tburl=https://play-vids.com/?geo=nl&proxy=true
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
45.133.44.4 Philadelphia, United States, ASN39572 (ADVANCEDHOSTERS-AS, NL),
Reverse DNS
Software
nginx/1.18.0 /
Resource Hash

Request headers

Accept-Language
nl-NL,nl;q=0.9
Referer
https://517s61.reminews.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date
Fri, 03 Dec 2021 16:22:54 GMT
x-openstack-request-id
txa9b08c83d6884e2e94886-00617824f0
x-trans-id
txa9b08c83d6884e2e94886-00617824f0
x-timestamp
1621260766.58366
accept-ranges
bytes
expires
Sun, 05 Dec 2021 16:22:54 GMT
last-modified
Mon, 17 May 2021 14:12:47 GMT
server
nginx/1.18.0
etag
c947d439eb93367f1af5b2a3d222f057
vary
Accept-Encoding
access-control-allow-methods
HEAD,GET,POST,PUT,PATCH,DELETE,OPTIONS
content-type
image/png
access-control-allow-origin
*
access-control-expose-headers
X-Container-Meta-Temp-Url-Key,X-Container-Bytes-Used,Last-Modified,X-Timestamp
cache-control
max-age=172800
content-length
4576
access-control-allow-headers
Content-Type,X-Requested-With,X-Auth-Token,X-Openstack-Request-Id,X-Container-Meta-type,X-Container-Meta-Temp-URL-Key,Authorization
x-proxy-cache
HIT
icon3.png
123.selornews.com/dannig/common-player-arrow/img/ 		8 KB
8 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://123.selornews.com/dannig/common-player-arrow/img/icon3.png
Requested by
Host: 517s61.reminews.com
URL: https://517s61.reminews.com/dannig/common-player-arrow/index.html?var=1541501&ymid=2112031122fc5eda31c71e4a7995744a9a34&rc=1&mrc=0&fsc=0&zoneid=1601571&tburl=https://play-vids.com/?geo=nl&proxy=true
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
45.133.44.4 Philadelphia, United States, ASN39572 (ADVANCEDHOSTERS-AS, NL),
Reverse DNS
Software
nginx/1.18.0 /
Resource Hash

Request headers

Accept-Language
nl-NL,nl;q=0.9
Referer
https://517s61.reminews.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date
Fri, 03 Dec 2021 16:22:54 GMT
x-openstack-request-id
txe836bc800dc74cab8c17e-00617824f0
x-trans-id
txe836bc800dc74cab8c17e-00617824f0
x-timestamp
1621260770.61859
accept-ranges
bytes
expires
Sun, 05 Dec 2021 16:22:54 GMT
last-modified
Mon, 17 May 2021 14:12:51 GMT
server
nginx/1.18.0
etag
8f3cc830da0b1fdf66bda7d1d734747b
vary
Accept-Encoding
access-control-allow-methods
HEAD,GET,POST,PUT,PATCH,DELETE,OPTIONS
content-type
image/png
access-control-allow-origin
*
access-control-expose-headers
X-Container-Meta-Temp-Url-Key,X-Container-Bytes-Used,Last-Modified,X-Timestamp
cache-control
max-age=172800
content-length
7847
access-control-allow-headers
Content-Type,X-Requested-With,X-Auth-Token,X-Openstack-Request-Id,X-Container-Meta-type,X-Container-Meta-Temp-URL-Key,Authorization
x-proxy-cache
HIT
icon4.png
123.selornews.com/dannig/common-player-arrow/img/ 		7 KB
7 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://123.selornews.com/dannig/common-player-arrow/img/icon4.png
Requested by
Host: 517s61.reminews.com
URL: https://517s61.reminews.com/dannig/common-player-arrow/index.html?var=1541501&ymid=2112031122fc5eda31c71e4a7995744a9a34&rc=1&mrc=0&fsc=0&zoneid=1601571&tburl=https://play-vids.com/?geo=nl&proxy=true
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
45.133.44.4 Philadelphia, United States, ASN39572 (ADVANCEDHOSTERS-AS, NL),
Reverse DNS
Software
nginx/1.18.0 /
Resource Hash

Request headers

Accept-Language
nl-NL,nl;q=0.9
Referer
https://517s61.reminews.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date
Fri, 03 Dec 2021 16:22:54 GMT
x-openstack-request-id
tx15b172dcb6084849bf123-00617824f0
x-trans-id
tx15b172dcb6084849bf123-00617824f0
x-timestamp
1621260766.57654
accept-ranges
bytes
expires
Sun, 05 Dec 2021 16:22:54 GMT
last-modified
Mon, 17 May 2021 14:12:47 GMT
server
nginx/1.18.0
etag
7ad7f32c1c0df7b4975cc41bda4ac435
vary
Accept-Encoding
access-control-allow-methods
HEAD,GET,POST,PUT,PATCH,DELETE,OPTIONS
content-type
image/png
access-control-allow-origin
*
access-control-expose-headers
X-Container-Meta-Temp-Url-Key,X-Container-Bytes-Used,Last-Modified,X-Timestamp
cache-control
max-age=172800
content-length
7032
access-control-allow-headers
Content-Type,X-Requested-With,X-Auth-Token,X-Openstack-Request-Id,X-Container-Meta-type,X-Container-Meta-Temp-URL-Key,Authorization
x-proxy-cache
HIT
icon5.png
123.selornews.com/dannig/common-player-arrow/img/ 		3 KB
4 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://123.selornews.com/dannig/common-player-arrow/img/icon5.png
Requested by
Host: 517s61.reminews.com
URL: https://517s61.reminews.com/dannig/common-player-arrow/index.html?var=1541501&ymid=2112031122fc5eda31c71e4a7995744a9a34&rc=1&mrc=0&fsc=0&zoneid=1601571&tburl=https://play-vids.com/?geo=nl&proxy=true
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
45.133.44.4 Philadelphia, United States, ASN39572 (ADVANCEDHOSTERS-AS, NL),
Reverse DNS
Software
nginx/1.18.0 /
Resource Hash

Request headers

Accept-Language
nl-NL,nl;q=0.9
Referer
https://517s61.reminews.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date
Fri, 03 Dec 2021 16:22:54 GMT
x-openstack-request-id
txb5043e51fe2e4d6988631-00617824f0
x-trans-id
txb5043e51fe2e4d6988631-00617824f0
x-timestamp
1621260766.74516
accept-ranges
bytes
expires
Sun, 05 Dec 2021 16:22:54 GMT
last-modified
Mon, 17 May 2021 14:12:47 GMT
server
nginx/1.18.0
etag
1e1a7582b5da63e10485d63f97abc9a0
vary
Accept-Encoding
access-control-allow-methods
HEAD,GET,POST,PUT,PATCH,DELETE,OPTIONS
content-type
image/png
access-control-allow-origin
*
access-control-expose-headers
X-Container-Meta-Temp-Url-Key,X-Container-Bytes-Used,Last-Modified,X-Timestamp
cache-control
max-age=172800
content-length
3264
access-control-allow-headers
Content-Type,X-Requested-With,X-Auth-Token,X-Openstack-Request-Id,X-Container-Meta-type,X-Container-Meta-Temp-URL-Key,Authorization
x-proxy-cache
HIT
icon7.png
123.selornews.com/dannig/common-player-arrow/img/ 		3 KB
4 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://123.selornews.com/dannig/common-player-arrow/img/icon7.png
Requested by
Host: 517s61.reminews.com
URL: https://517s61.reminews.com/dannig/common-player-arrow/index.html?var=1541501&ymid=2112031122fc5eda31c71e4a7995744a9a34&rc=1&mrc=0&fsc=0&zoneid=1601571&tburl=https://play-vids.com/?geo=nl&proxy=true
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
45.133.44.4 Philadelphia, United States, ASN39572 (ADVANCEDHOSTERS-AS, NL),
Reverse DNS
Software
nginx/1.18.0 /
Resource Hash

Request headers

Accept-Language
nl-NL,nl;q=0.9
Referer
https://517s61.reminews.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date
Fri, 03 Dec 2021 16:22:54 GMT
x-openstack-request-id
tx23eb648f44094a9e86fdc-00617824f0
x-trans-id
tx23eb648f44094a9e86fdc-00617824f0
x-timestamp
1621260767.43555
accept-ranges
bytes
expires
Sun, 05 Dec 2021 16:22:54 GMT
last-modified
Mon, 17 May 2021 14:12:48 GMT
server
nginx/1.18.0
etag
b512735542cb07b3b2dcf153a7dfe456
vary
Accept-Encoding
access-control-allow-methods
HEAD,GET,POST,PUT,PATCH,DELETE,OPTIONS
content-type
image/png
access-control-allow-origin
*
access-control-expose-headers
X-Container-Meta-Temp-Url-Key,X-Container-Bytes-Used,Last-Modified,X-Timestamp
cache-control
max-age=172800
content-length
3283
access-control-allow-headers
Content-Type,X-Requested-With,X-Auth-Token,X-Openstack-Request-Id,X-Container-Meta-type,X-Container-Meta-Temp-URL-Key,Authorization
x-proxy-cache
HIT
icon8.png
123.selornews.com/dannig/common-player-arrow/img/ 		4 KB
5 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://123.selornews.com/dannig/common-player-arrow/img/icon8.png
Requested by
Host: 517s61.reminews.com
URL: https://517s61.reminews.com/dannig/common-player-arrow/index.html?var=1541501&ymid=2112031122fc5eda31c71e4a7995744a9a34&rc=1&mrc=0&fsc=0&zoneid=1601571&tburl=https://play-vids.com/?geo=nl&proxy=true
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
45.133.44.4 Philadelphia, United States, ASN39572 (ADVANCEDHOSTERS-AS, NL),
Reverse DNS
Software
nginx/1.18.0 /
Resource Hash

Request headers

Accept-Language
nl-NL,nl;q=0.9
Referer
https://517s61.reminews.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date
Fri, 03 Dec 2021 16:22:54 GMT
x-openstack-request-id
tx287de7c84de84b77b385d-00617824f0
x-trans-id
tx287de7c84de84b77b385d-00617824f0
x-timestamp
1621260767.46514
accept-ranges
bytes
expires
Sun, 05 Dec 2021 16:22:54 GMT
last-modified
Mon, 17 May 2021 14:12:48 GMT
server
nginx/1.18.0
etag
f92d6474ebc6a3a0b576749cfb4afe98
vary
Accept-Encoding
access-control-allow-methods
HEAD,GET,POST,PUT,PATCH,DELETE,OPTIONS
content-type
image/png
access-control-allow-origin
*
access-control-expose-headers
X-Container-Meta-Temp-Url-Key,X-Container-Bytes-Used,Last-Modified,X-Timestamp
cache-control
max-age=172800
content-length
4064
access-control-allow-headers
Content-Type,X-Requested-With,X-Auth-Token,X-Openstack-Request-Id,X-Container-Meta-type,X-Container-Meta-Temp-URL-Key,Authorization
x-proxy-cache
HIT
afu.php
kneeansweras.com/ 		2 KB
1 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://kneeansweras.com/afu.php?zoneid=1541502&var=1541501
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
109.206.162.83 , Netherlands, ASN50245 (SERVEREL-AS, NL),
Reverse DNS
83.162.serverel.net
Software
nginx /
Resource Hash
13a696a330a575e228ee0d055a14dba04681ce34d3e0537ad32119c62424efcf

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36
Accept-Language
nl-NL,nl;q=0.9

Response headers

server
nginx
date
Fri, 03 Dec 2021 16:22:54 GMT
content-type
text/html; charset=utf-8
vary
Accept-Encoding
content-encoding
gzip
timing-allow-origin
*
submit.min.js
kneeansweras.com/ 		34 KB
14 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://kneeansweras.com/submit.min.js?2.0
Requested by
Host: kneeansweras.com
URL: https://kneeansweras.com/afu.php?zoneid=1541502&var=1541501
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
109.206.162.83 , Netherlands, ASN50245 (SERVEREL-AS, NL),
Reverse DNS
83.162.serverel.net
Software
nginx /
Resource Hash
85a367f436675a0f9ff723ab117c68ab0f704cd9f183bc40c8d5e06d647832b8

Request headers

Accept-Language
nl-NL,nl;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date
Fri, 03 Dec 2021 16:22:54 GMT
content-encoding
gzip
last-modified
Thu, 02 Dec 2021 12:43:17 GMT
server
nginx
etag
W/"61a8bf65-87fb"
vary
Accept-Encoding
content-type
application/javascript
timing-allow-origin
*
/
kneeansweras.com/ 		3 KB
2 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://kneeansweras.com/?r=dir&zoneid=1541502&var=1541501&pb=cb9b7668389cb45936a30bd1c088eb721638555774&psp=MY7HeXzVAGqEuRSFNlR2CsfZ4-QkV9RpxIeGe8midFg9szhs1F8B_dT321nuE-_ypJwT7BrgC0WM3YAGiIh6XdLllP7Z01rQfVvqqcRHEWfVZc2LZKN3ztmcCfkkXJHB1lgQwUjJiXKpYRtO_jXwtkuykjFylntbhhpOCx606NVpxkaEn4xP8pk69AMan-TWzdg3lNY1mAi0ffW1fSGLOAVYlyrmRrN0BBRED756nOV5GZNdvxYnJ3RPzxnpUhOaPh9FZJ7PvbmGSr8_cvjjx5eNY5FXRTmBdPN9lXZppzmkuFfmJQvOff8HGT6a-muDCmb1qTRlZGg0TZPqmiEWEC2oHgV2aGX3fAmF7WOr-4ZMU3Po1xa20U4P7YFa59E6dzqcMCd2FcfgvUl9hwTn86wOCmw0p44WXn62s0fhzcTcmscQ5Ghrr6x_NC9EEDcyZNxVQWfBJIQy8uyhwRqHL1Qu8cK-XB-m9U8HxedEeKB_bCkqU0LhU22kbAQTYqebEmeZTOwtOT8NVjceNxfimiq_pKkNsGAVBjWxDilxxRxFrAaHUqh953wWan825lRo2d5deRxC0Rt6utQ6RL-nr0gqh9ttrLlrRtGgG6sA49yJ9jWsbrVtAtqYK4Roxw8os2eQWh7hxpLoF207XemVuuXJJvpVq62oAAnGDuBV1u_cK1WGuIi1yg==&nojs=0&ix=0&t=0&x=1600&y=1200&wcks=1&wgl=1&cnvs=1&os=0&md=0&bb=0&pl=Chrome%20PDF%20Plugin::Chrome%20PDF%20Viewer::Native%20Client&lang=en-US&pf=Linux%20x86_64&cd=24&0&pload=100
Requested by
Host: kneeansweras.com
URL: https://kneeansweras.com/submit.min.js?2.0
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
109.206.162.83 , Netherlands, ASN50245 (SERVEREL-AS, NL),
Reverse DNS
83.162.serverel.net
Software
nginx /
Resource Hash
eb90a87f44bf953d1515f4a7c3c8970aa57b3e86d83f2a406cc65a68f9d5bc0a

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36
Accept-Language
nl-NL,nl;q=0.9

Response headers

server
nginx
date
Fri, 03 Dec 2021 16:22:54 GMT
content-type
text/html; charset=utf-8
vary
Accept-Encoding
content-encoding
gzip
timing-allow-origin
*
index.html
517s61.reminews.com/dannig/common-player-arrow/ 		6 KB
7 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://517s61.reminews.com/dannig/common-player-arrow/index.html?var=1541502&ymid=2112031122327f994b5007449dbd909234a0&rc=1&mrc=0&fsc=0&zoneid=1601571&tburl=https://play-vids.com/?geo=nl&proxy=true
Requested by
Host: kneeansweras.com
URL: https://kneeansweras.com/?r=dir&zoneid=1541502&var=1541501&pb=cb9b7668389cb45936a30bd1c088eb721638555774&psp=MY7HeXzVAGqEuRSFNlR2CsfZ4-QkV9RpxIeGe8midFg9szhs1F8B_dT321nuE-_ypJwT7BrgC0WM3YAGiIh6XdLllP7Z01rQfVvqqcRHEWfVZc2LZKN3ztmcCfkkXJHB1lgQwUjJiXKpYRtO_jXwtkuykjFylntbhhpOCx606NVpxkaEn4xP8pk69AMan-TWzdg3lNY1mAi0ffW1fSGLOAVYlyrmRrN0BBRED756nOV5GZNdvxYnJ3RPzxnpUhOaPh9FZJ7PvbmGSr8_cvjjx5eNY5FXRTmBdPN9lXZppzmkuFfmJQvOff8HGT6a-muDCmb1qTRlZGg0TZPqmiEWEC2oHgV2aGX3fAmF7WOr-4ZMU3Po1xa20U4P7YFa59E6dzqcMCd2FcfgvUl9hwTn86wOCmw0p44WXn62s0fhzcTcmscQ5Ghrr6x_NC9EEDcyZNxVQWfBJIQy8uyhwRqHL1Qu8cK-XB-m9U8HxedEeKB_bCkqU0LhU22kbAQTYqebEmeZTOwtOT8NVjceNxfimiq_pKkNsGAVBjWxDilxxRxFrAaHUqh953wWan825lRo2d5deRxC0Rt6utQ6RL-nr0gqh9ttrLlrRtGgG6sA49yJ9jWsbrVtAtqYK4Roxw8os2eQWh7hxpLoF207XemVuuXJJvpVq62oAAnGDuBV1u_cK1WGuIi1yg==&nojs=0&ix=0&t=0&x=1600&y=1200&wcks=1&wgl=1&cnvs=1&os=0&md=0&bb=0&pl=Chrome%20PDF%20Plugin::Chrome%20PDF%20Viewer::Native%20Client&lang=en-US&pf=Linux%20x86_64&cd=24&0&pload=100
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
45.133.44.3 Philadelphia, United States, ASN39572 (ADVANCEDHOSTERS-AS, NL),
Reverse DNS
Software
nginx/1.18.0 /
Resource Hash
dccc56b4834577790633f041a5c730b0f283352e63c8509a9da3961b170b6f96

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36
Accept-Language
nl-NL,nl;q=0.9

Response headers

date
Fri, 03 Dec 2021 16:22:54 GMT
content-type
text/html; charset=utf-8
content-length
6611
server
nginx/1.18.0
last-modified
Tue, 26 Oct 2021 15:52:40 GMT
etag
f46a63e0e4e733d7ddc6f46da00863bf
x-timestamp
1635263559.76455
x-trans-id
txf9973ab5455e4f86ae257-00617824f3
x-openstack-request-id
txf9973ab5455e4f86ae257-00617824f3
cache-control
max-age=172800
access-control-allow-origin
*
access-control-allow-methods
HEAD,GET,POST,PUT,PATCH,DELETE,OPTIONS
access-control-allow-headers
Content-Type,X-Requested-With,X-Auth-Token,X-Openstack-Request-Id,X-Container-Meta-type,X-Container-Meta-Temp-URL-Key,Authorization
access-control-expose-headers
X-Container-Meta-Temp-Url-Key,X-Container-Bytes-Used,Last-Modified,X-Timestamp
expires
Sun, 05 Dec 2021 16:22:54 GMT
vary
Accept-Encoding
x-proxy-cache
HIT
accept-ranges
bytes
dupa.gif
kneeansweras.com/ 		0
0
script.js
123.selornews.com/dannig/common-player-arrow/ 		4 KB
5 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://123.selornews.com/dannig/common-player-arrow/script.js?a=19
Requested by
Host: 517s61.reminews.com
URL: https://517s61.reminews.com/dannig/common-player-arrow/index.html?var=1541502&ymid=2112031122327f994b5007449dbd909234a0&rc=1&mrc=0&fsc=0&zoneid=1601571&tburl=https://play-vids.com/?geo=nl&proxy=true
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
45.133.44.4 Philadelphia, United States, ASN39572 (ADVANCEDHOSTERS-AS, NL),
Reverse DNS
Software
nginx/1.18.0 /
Resource Hash
4d23eca65ee87fd5bce9aaefc863c5f836ad13dbb3069c72533bddfe2054d0d9

Request headers

Accept-Language
nl-NL,nl;q=0.9
Referer
https://517s61.reminews.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date
Fri, 03 Dec 2021 16:22:54 GMT
x-openstack-request-id
tx511d3042704c4fa98c709-00617824f4
x-trans-id
tx511d3042704c4fa98c709-00617824f4
x-timestamp
1631013005.68768
accept-ranges
bytes
expires
Sun, 05 Dec 2021 16:22:54 GMT
last-modified
Tue, 07 Sep 2021 11:10:06 GMT
server
nginx/1.18.0
etag
9d479878f1dadd7ee15cebf73891e8ae
vary
Accept-Encoding
access-control-allow-methods
HEAD,GET,POST,PUT,PATCH,DELETE,OPTIONS
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
access-control-expose-headers
X-Container-Meta-Temp-Url-Key,X-Container-Bytes-Used,Last-Modified,X-Timestamp
cache-control
max-age=172800
content-length
4281
access-control-allow-headers
Content-Type,X-Requested-With,X-Auth-Token,X-Openstack-Request-Id,X-Container-Meta-type,X-Container-Meta-Temp-URL-Key,Authorization
x-proxy-cache
HIT
icon1.png
123.selornews.com/dannig/common-player-arrow/img/ 		7 KB
8 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://123.selornews.com/dannig/common-player-arrow/img/icon1.png
Requested by
Host: 517s61.reminews.com
URL: https://517s61.reminews.com/dannig/common-player-arrow/index.html?var=1541502&ymid=2112031122327f994b5007449dbd909234a0&rc=1&mrc=0&fsc=0&zoneid=1601571&tburl=https://play-vids.com/?geo=nl&proxy=true
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
45.133.44.4 Philadelphia, United States, ASN39572 (ADVANCEDHOSTERS-AS, NL),
Reverse DNS
Software
nginx/1.18.0 /
Resource Hash
0515ddd9185d263874e7b66bb6d521fcd63b857aac5fed51c08df98026dafe27

Request headers

Accept-Language
nl-NL,nl;q=0.9
Referer
https://517s61.reminews.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date
Fri, 03 Dec 2021 16:22:54 GMT
x-openstack-request-id
tx3a371b7f911d47879e956-00617824f4
x-trans-id
tx3a371b7f911d47879e956-00617824f4
x-timestamp
1621260766.56573
accept-ranges
bytes
expires
Sun, 05 Dec 2021 16:22:54 GMT
last-modified
Mon, 17 May 2021 14:12:47 GMT
server
nginx/1.18.0
etag
3d0ab5834c8bf7134e4d21fa3288317f
vary
Accept-Encoding
access-control-allow-methods
HEAD,GET,POST,PUT,PATCH,DELETE,OPTIONS
content-type
image/png
access-control-allow-origin
*
access-control-expose-headers
X-Container-Meta-Temp-Url-Key,X-Container-Bytes-Used,Last-Modified,X-Timestamp
cache-control
max-age=172800
content-length
7252
access-control-allow-headers
Content-Type,X-Requested-With,X-Auth-Token,X-Openstack-Request-Id,X-Container-Meta-type,X-Container-Meta-Temp-URL-Key,Authorization
x-proxy-cache
HIT
icon2.png
123.selornews.com/dannig/common-player-arrow/img/ 		4 KB
5 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://123.selornews.com/dannig/common-player-arrow/img/icon2.png
Requested by
Host: 517s61.reminews.com
URL: https://517s61.reminews.com/dannig/common-player-arrow/index.html?var=1541502&ymid=2112031122327f994b5007449dbd909234a0&rc=1&mrc=0&fsc=0&zoneid=1601571&tburl=https://play-vids.com/?geo=nl&proxy=true
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
45.133.44.4 Philadelphia, United States, ASN39572 (ADVANCEDHOSTERS-AS, NL),
Reverse DNS
Software
nginx/1.18.0 /
Resource Hash

Request headers

Accept-Language
nl-NL,nl;q=0.9
Referer
https://517s61.reminews.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date
Fri, 03 Dec 2021 16:22:54 GMT
x-openstack-request-id
txa9b08c83d6884e2e94886-00617824f0
x-trans-id
txa9b08c83d6884e2e94886-00617824f0
x-timestamp
1621260766.58366
accept-ranges
bytes
expires
Sun, 05 Dec 2021 16:22:54 GMT
last-modified
Mon, 17 May 2021 14:12:47 GMT
server
nginx/1.18.0
etag
c947d439eb93367f1af5b2a3d222f057
vary
Accept-Encoding
access-control-allow-methods
HEAD,GET,POST,PUT,PATCH,DELETE,OPTIONS
content-type
image/png
access-control-allow-origin
*
access-control-expose-headers
X-Container-Meta-Temp-Url-Key,X-Container-Bytes-Used,Last-Modified,X-Timestamp
cache-control
max-age=172800
content-length
4576
access-control-allow-headers
Content-Type,X-Requested-With,X-Auth-Token,X-Openstack-Request-Id,X-Container-Meta-type,X-Container-Meta-Temp-URL-Key,Authorization
x-proxy-cache
HIT
icon3.png
123.selornews.com/dannig/common-player-arrow/img/ 		8 KB
8 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://123.selornews.com/dannig/common-player-arrow/img/icon3.png
Requested by
Host: 517s61.reminews.com
URL: https://517s61.reminews.com/dannig/common-player-arrow/index.html?var=1541502&ymid=2112031122327f994b5007449dbd909234a0&rc=1&mrc=0&fsc=0&zoneid=1601571&tburl=https://play-vids.com/?geo=nl&proxy=true
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
45.133.44.4 Philadelphia, United States, ASN39572 (ADVANCEDHOSTERS-AS, NL),
Reverse DNS
Software
nginx/1.18.0 /
Resource Hash

Request headers

Accept-Language
nl-NL,nl;q=0.9
Referer
https://517s61.reminews.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date
Fri, 03 Dec 2021 16:22:54 GMT
x-openstack-request-id
txe836bc800dc74cab8c17e-00617824f0
x-trans-id
txe836bc800dc74cab8c17e-00617824f0
x-timestamp
1621260770.61859
accept-ranges
bytes
expires
Sun, 05 Dec 2021 16:22:54 GMT
last-modified
Mon, 17 May 2021 14:12:51 GMT
server
nginx/1.18.0
etag
8f3cc830da0b1fdf66bda7d1d734747b
vary
Accept-Encoding
access-control-allow-methods
HEAD,GET,POST,PUT,PATCH,DELETE,OPTIONS
content-type
image/png
access-control-allow-origin
*
access-control-expose-headers
X-Container-Meta-Temp-Url-Key,X-Container-Bytes-Used,Last-Modified,X-Timestamp
cache-control
max-age=172800
content-length
7847
access-control-allow-headers
Content-Type,X-Requested-With,X-Auth-Token,X-Openstack-Request-Id,X-Container-Meta-type,X-Container-Meta-Temp-URL-Key,Authorization
x-proxy-cache
HIT
icon4.png
123.selornews.com/dannig/common-player-arrow/img/ 		7 KB
7 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://123.selornews.com/dannig/common-player-arrow/img/icon4.png
Requested by
Host: 517s61.reminews.com
URL: https://517s61.reminews.com/dannig/common-player-arrow/index.html?var=1541502&ymid=2112031122327f994b5007449dbd909234a0&rc=1&mrc=0&fsc=0&zoneid=1601571&tburl=https://play-vids.com/?geo=nl&proxy=true
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
45.133.44.4 Philadelphia, United States, ASN39572 (ADVANCEDHOSTERS-AS, NL),
Reverse DNS
Software
nginx/1.18.0 /
Resource Hash

Request headers

Accept-Language
nl-NL,nl;q=0.9
Referer
https://517s61.reminews.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date
Fri, 03 Dec 2021 16:22:54 GMT
x-openstack-request-id
tx15b172dcb6084849bf123-00617824f0
x-trans-id
tx15b172dcb6084849bf123-00617824f0
x-timestamp
1621260766.57654
accept-ranges
bytes
expires
Sun, 05 Dec 2021 16:22:54 GMT
last-modified
Mon, 17 May 2021 14:12:47 GMT
server
nginx/1.18.0
etag
7ad7f32c1c0df7b4975cc41bda4ac435
vary
Accept-Encoding
access-control-allow-methods
HEAD,GET,POST,PUT,PATCH,DELETE,OPTIONS
content-type
image/png
access-control-allow-origin
*
access-control-expose-headers
X-Container-Meta-Temp-Url-Key,X-Container-Bytes-Used,Last-Modified,X-Timestamp
cache-control
max-age=172800
content-length
7032
access-control-allow-headers
Content-Type,X-Requested-With,X-Auth-Token,X-Openstack-Request-Id,X-Container-Meta-type,X-Container-Meta-Temp-URL-Key,Authorization
x-proxy-cache
HIT
icon5.png
123.selornews.com/dannig/common-player-arrow/img/ 		3 KB
4 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://123.selornews.com/dannig/common-player-arrow/img/icon5.png
Requested by
Host: 517s61.reminews.com
URL: https://517s61.reminews.com/dannig/common-player-arrow/index.html?var=1541502&ymid=2112031122327f994b5007449dbd909234a0&rc=1&mrc=0&fsc=0&zoneid=1601571&tburl=https://play-vids.com/?geo=nl&proxy=true
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
45.133.44.4 Philadelphia, United States, ASN39572 (ADVANCEDHOSTERS-AS, NL),
Reverse DNS
Software
nginx/1.18.0 /
Resource Hash

Request headers

Accept-Language
nl-NL,nl;q=0.9
Referer
https://517s61.reminews.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date
Fri, 03 Dec 2021 16:22:54 GMT
x-openstack-request-id
txb5043e51fe2e4d6988631-00617824f0
x-trans-id
txb5043e51fe2e4d6988631-00617824f0
x-timestamp
1621260766.74516
accept-ranges
bytes
expires
Sun, 05 Dec 2021 16:22:54 GMT
last-modified
Mon, 17 May 2021 14:12:47 GMT
server
nginx/1.18.0
etag
1e1a7582b5da63e10485d63f97abc9a0
vary
Accept-Encoding
access-control-allow-methods
HEAD,GET,POST,PUT,PATCH,DELETE,OPTIONS
content-type
image/png
access-control-allow-origin
*
access-control-expose-headers
X-Container-Meta-Temp-Url-Key,X-Container-Bytes-Used,Last-Modified,X-Timestamp
cache-control
max-age=172800
content-length
3264
access-control-allow-headers
Content-Type,X-Requested-With,X-Auth-Token,X-Openstack-Request-Id,X-Container-Meta-type,X-Container-Meta-Temp-URL-Key,Authorization
x-proxy-cache
HIT
icon7.png
123.selornews.com/dannig/common-player-arrow/img/ 		3 KB
4 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://123.selornews.com/dannig/common-player-arrow/img/icon7.png
Requested by
Host: 517s61.reminews.com
URL: https://517s61.reminews.com/dannig/common-player-arrow/index.html?var=1541502&ymid=2112031122327f994b5007449dbd909234a0&rc=1&mrc=0&fsc=0&zoneid=1601571&tburl=https://play-vids.com/?geo=nl&proxy=true
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
45.133.44.4 Philadelphia, United States, ASN39572 (ADVANCEDHOSTERS-AS, NL),
Reverse DNS
Software
nginx/1.18.0 /
Resource Hash

Request headers

Accept-Language
nl-NL,nl;q=0.9
Referer
https://517s61.reminews.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date
Fri, 03 Dec 2021 16:22:54 GMT
x-openstack-request-id
tx23eb648f44094a9e86fdc-00617824f0
x-trans-id
tx23eb648f44094a9e86fdc-00617824f0
x-timestamp
1621260767.43555
accept-ranges
bytes
expires
Sun, 05 Dec 2021 16:22:54 GMT
last-modified
Mon, 17 May 2021 14:12:48 GMT
server
nginx/1.18.0
etag
b512735542cb07b3b2dcf153a7dfe456
vary
Accept-Encoding
access-control-allow-methods
HEAD,GET,POST,PUT,PATCH,DELETE,OPTIONS
content-type
image/png
access-control-allow-origin
*
access-control-expose-headers
X-Container-Meta-Temp-Url-Key,X-Container-Bytes-Used,Last-Modified,X-Timestamp
cache-control
max-age=172800
content-length
3283
access-control-allow-headers
Content-Type,X-Requested-With,X-Auth-Token,X-Openstack-Request-Id,X-Container-Meta-type,X-Container-Meta-Temp-URL-Key,Authorization
x-proxy-cache
HIT
icon8.png
123.selornews.com/dannig/common-player-arrow/img/ 		4 KB
5 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://123.selornews.com/dannig/common-player-arrow/img/icon8.png
Requested by
Host: 517s61.reminews.com
URL: https://517s61.reminews.com/dannig/common-player-arrow/index.html?var=1541502&ymid=2112031122327f994b5007449dbd909234a0&rc=1&mrc=0&fsc=0&zoneid=1601571&tburl=https://play-vids.com/?geo=nl&proxy=true
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
45.133.44.4 Philadelphia, United States, ASN39572 (ADVANCEDHOSTERS-AS, NL),
Reverse DNS
Software
nginx/1.18.0 /
Resource Hash

Request headers

Accept-Language
nl-NL,nl;q=0.9
Referer
https://517s61.reminews.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date
Fri, 03 Dec 2021 16:22:54 GMT
x-openstack-request-id
tx287de7c84de84b77b385d-00617824f0
x-trans-id
tx287de7c84de84b77b385d-00617824f0
x-timestamp
1621260767.46514
accept-ranges
bytes
expires
Sun, 05 Dec 2021 16:22:54 GMT
last-modified
Mon, 17 May 2021 14:12:48 GMT
server
nginx/1.18.0
etag
f92d6474ebc6a3a0b576749cfb4afe98
vary
Accept-Encoding
access-control-allow-methods
HEAD,GET,POST,PUT,PATCH,DELETE,OPTIONS
content-type
image/png
access-control-allow-origin
*
access-control-expose-headers
X-Container-Meta-Temp-Url-Key,X-Container-Bytes-Used,Last-Modified,X-Timestamp
cache-control
max-age=172800
content-length
4064
access-control-allow-headers
Content-Type,X-Requested-With,X-Auth-Token,X-Openstack-Request-Id,X-Container-Meta-type,X-Container-Meta-Temp-URL-Key,Authorization
x-proxy-cache
HIT
afu.php
kneeansweras.com/ 		2 KB
1 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://kneeansweras.com/afu.php?zoneid=1541501&var=1541502
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
109.206.162.83 , Netherlands, ASN50245 (SERVEREL-AS, NL),
Reverse DNS
83.162.serverel.net
Software
nginx /
Resource Hash
47d48ce0f0384c180fdbe85918580cd03b3b9545f2888b95fac2fdaa9742a926

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36
Accept-Language
nl-NL,nl;q=0.9

Response headers

server
nginx
date
Fri, 03 Dec 2021 16:22:54 GMT
content-type
text/html; charset=utf-8
vary
Accept-Encoding
content-encoding
gzip
timing-allow-origin
*
submit.min.js
kneeansweras.com/ 		34 KB
14 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://kneeansweras.com/submit.min.js?2.0
Requested by
Host: kneeansweras.com
URL: https://kneeansweras.com/afu.php?zoneid=1541501&var=1541502
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
109.206.162.83 , Netherlands, ASN50245 (SERVEREL-AS, NL),
Reverse DNS
83.162.serverel.net
Software
nginx /
Resource Hash
85a367f436675a0f9ff723ab117c68ab0f704cd9f183bc40c8d5e06d647832b8

Request headers

Accept-Language
nl-NL,nl;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date
Fri, 03 Dec 2021 16:22:54 GMT
content-encoding
gzip
last-modified
Thu, 02 Dec 2021 12:43:17 GMT
server
nginx
etag
W/"61a8bf65-87fb"
vary
Accept-Encoding
content-type
application/javascript
timing-allow-origin
*
/
kneeansweras.com/ 		3 KB
2 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://kneeansweras.com/?r=dir&zoneid=1541501&var=1541502&pb=cb9b7668389cb45936a30bd1c088eb721638555774&psp=UC_l36662dUTnU8V1p6ChWa3vZWrzcoySMsZAxdK_NbtG_5EtY_zlyWfWijgyNadQc5UH2uYB6Zst_9BwirkE3NbvmjXthmqhYFl4YGqgZzBP-xUg-zL1OPMfmjryebZlGS297Vj9ZViZp1c3Uc0Mnje1vo3HPq9p0EyThe_qeCs63U8oTeNuX-A3qWdhfrdaJVKY8Duv8gdorCxn-_H13mouzYU0YRTlvyXJSQjEFoqFgoR2Jof4_bQLzO_f3gQJZyLY-vOKuv2A19WtQiqDnHmUoglTTUAI17zr4DVc0Sza4FzTpdUaeWHEBa19YzhXiblZARPbDTgpr6DN7jkoTRbPULV6ZxPkwjHfUz7pGKbpo12tDgZXCnKE4INj7GvXuZapWqvzXmUH1x3d3oRqpUnojszFuYfhOFaddqYGLUP0-Cn_bTZ5CGPirkTTJOHMBpO1m7WyulARRIXGvaNZ7uvuSNVXXOvITV8HDSXO5Nt6JAA2MAOrm90g5R5hQepFFiouAtX_7o6XLdixlk8ZI5IPydZWtS59BTi_BFndkywjYSiJUKXca9VGOQihcHa7ebaNi-NwrPMgA_of4gxdhE9zkcoxn_grWobQa2ycrtPs8zx4BjNIfVrn314KQOTAfQYJ5T7coYcVVj943jMmvuAxg0QK8xKhCNDCOwd8t8phfyrnPGylA==&nojs=0&ix=0&t=0&x=1600&y=1200&wcks=1&wgl=1&cnvs=1&os=0&md=0&bb=0&pl=Chrome%20PDF%20Plugin::Chrome%20PDF%20Viewer::Native%20Client&lang=en-US&pf=Linux%20x86_64&cd=24&0&pload=103
Requested by
Host: kneeansweras.com
URL: https://kneeansweras.com/submit.min.js?2.0
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
109.206.162.83 , Netherlands, ASN50245 (SERVEREL-AS, NL),
Reverse DNS
83.162.serverel.net
Software
nginx /
Resource Hash
09f2e8bcacee1a1081541805b996db535994d9a4f7b3af536e1a83cc47f8c543

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36
Accept-Language
nl-NL,nl;q=0.9

Response headers

server
nginx
date
Fri, 03 Dec 2021 16:22:54 GMT
content-type
text/html; charset=utf-8
vary
Accept-Encoding
content-encoding
gzip
timing-allow-origin
*
index.html
517s61.reminews.com/dannig/common-player-arrow/ 		6 KB
7 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://517s61.reminews.com/dannig/common-player-arrow/index.html?var=1541501&ymid=21120311222db06c75512544318df4228dfc&rc=1&mrc=0&fsc=0&zoneid=1601571&tburl=https://play-vids.com/?geo=nl&proxy=true
Requested by
Host: kneeansweras.com
URL: https://kneeansweras.com/?r=dir&zoneid=1541501&var=1541502&pb=cb9b7668389cb45936a30bd1c088eb721638555774&psp=UC_l36662dUTnU8V1p6ChWa3vZWrzcoySMsZAxdK_NbtG_5EtY_zlyWfWijgyNadQc5UH2uYB6Zst_9BwirkE3NbvmjXthmqhYFl4YGqgZzBP-xUg-zL1OPMfmjryebZlGS297Vj9ZViZp1c3Uc0Mnje1vo3HPq9p0EyThe_qeCs63U8oTeNuX-A3qWdhfrdaJVKY8Duv8gdorCxn-_H13mouzYU0YRTlvyXJSQjEFoqFgoR2Jof4_bQLzO_f3gQJZyLY-vOKuv2A19WtQiqDnHmUoglTTUAI17zr4DVc0Sza4FzTpdUaeWHEBa19YzhXiblZARPbDTgpr6DN7jkoTRbPULV6ZxPkwjHfUz7pGKbpo12tDgZXCnKE4INj7GvXuZapWqvzXmUH1x3d3oRqpUnojszFuYfhOFaddqYGLUP0-Cn_bTZ5CGPirkTTJOHMBpO1m7WyulARRIXGvaNZ7uvuSNVXXOvITV8HDSXO5Nt6JAA2MAOrm90g5R5hQepFFiouAtX_7o6XLdixlk8ZI5IPydZWtS59BTi_BFndkywjYSiJUKXca9VGOQihcHa7ebaNi-NwrPMgA_of4gxdhE9zkcoxn_grWobQa2ycrtPs8zx4BjNIfVrn314KQOTAfQYJ5T7coYcVVj943jMmvuAxg0QK8xKhCNDCOwd8t8phfyrnPGylA==&nojs=0&ix=0&t=0&x=1600&y=1200&wcks=1&wgl=1&cnvs=1&os=0&md=0&bb=0&pl=Chrome%20PDF%20Plugin::Chrome%20PDF%20Viewer::Native%20Client&lang=en-US&pf=Linux%20x86_64&cd=24&0&pload=103
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
45.133.44.3 Philadelphia, United States, ASN39572 (ADVANCEDHOSTERS-AS, NL),
Reverse DNS
Software
nginx/1.18.0 /
Resource Hash
dccc56b4834577790633f041a5c730b0f283352e63c8509a9da3961b170b6f96

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36
Accept-Language
nl-NL,nl;q=0.9

Response headers

date
Fri, 03 Dec 2021 16:22:54 GMT
content-type
text/html; charset=utf-8
content-length
6611
server
nginx/1.18.0
last-modified
Tue, 26 Oct 2021 15:52:40 GMT
etag
f46a63e0e4e733d7ddc6f46da00863bf
x-timestamp
1635263559.76455
x-trans-id
txf9973ab5455e4f86ae257-00617824f3
x-openstack-request-id
txf9973ab5455e4f86ae257-00617824f3
cache-control
max-age=172800
access-control-allow-origin
*
access-control-allow-methods
HEAD,GET,POST,PUT,PATCH,DELETE,OPTIONS
access-control-allow-headers
Content-Type,X-Requested-With,X-Auth-Token,X-Openstack-Request-Id,X-Container-Meta-type,X-Container-Meta-Temp-URL-Key,Authorization
access-control-expose-headers
X-Container-Meta-Temp-Url-Key,X-Container-Bytes-Used,Last-Modified,X-Timestamp
expires
Sun, 05 Dec 2021 16:22:54 GMT
vary
Accept-Encoding
x-proxy-cache
HIT
accept-ranges
bytes
dupa.gif
kneeansweras.com/ 		43 B
123 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://kneeansweras.com/dupa.gif?z=1541501&var=1541502&pb=cb9b7668389cb45936a30bd1c088eb721638555774&psp=UC_l36662dUTnU8V1p6ChWa3vZWrzcoySMsZAxdK_NbtG_5EtY_zlyWfWijgyNadQc5UH2uYB6Zst_9BwirkE3NbvmjXthmqhYFl4YGqgZzBP-xUg-zL1OPMfmjryebZlGS297Vj9ZViZp1c3Uc0Mnje1vo3HPq9p0EyThe_qeCs63U8oTeNuX-A3qWdhfrdaJVKY8Duv8gdorCxn-_H13mouzYU0YRTlvyXJSQjEFoqFgoR2Jof4_bQLzO_f3gQJZyLY-vOKuv2A19WtQiqDnHmUoglTTUAI17zr4DVc0Sza4FzTpdUaeWHEBa19YzhXiblZARPbDTgpr6DN7jkoTRbPULV6ZxPkwjHfUz7pGKbpo12tDgZXCnKE4INj7GvXuZapWqvzXmUH1x3d3oRqpUnojszFuYfhOFaddqYGLUP0-Cn_bTZ5CGPirkTTJOHMBpO1m7WyulARRIXGvaNZ7uvuSNVXXOvITV8HDSXO5Nt6JAA2MAOrm90g5R5hQepFFiouAtX_7o6XLdixlk8ZI5IPydZWtS59BTi_BFndkywjYSiJUKXca9VGOQihcHa7ebaNi-NwrPMgA_of4gxdhE9zkcoxn_grWobQa2ycrtPs8zx4BjNIfVrn314KQOTAfQYJ5T7coYcVVj943jMmvuAxg0QK8xKhCNDCOwd8t8phfyrnPGylA==&pload=44
Requested by
Host: kneeansweras.com
URL: https://kneeansweras.com/?r=dir&zoneid=1541501&var=1541502&pb=cb9b7668389cb45936a30bd1c088eb721638555774&psp=UC_l36662dUTnU8V1p6ChWa3vZWrzcoySMsZAxdK_NbtG_5EtY_zlyWfWijgyNadQc5UH2uYB6Zst_9BwirkE3NbvmjXthmqhYFl4YGqgZzBP-xUg-zL1OPMfmjryebZlGS297Vj9ZViZp1c3Uc0Mnje1vo3HPq9p0EyThe_qeCs63U8oTeNuX-A3qWdhfrdaJVKY8Duv8gdorCxn-_H13mouzYU0YRTlvyXJSQjEFoqFgoR2Jof4_bQLzO_f3gQJZyLY-vOKuv2A19WtQiqDnHmUoglTTUAI17zr4DVc0Sza4FzTpdUaeWHEBa19YzhXiblZARPbDTgpr6DN7jkoTRbPULV6ZxPkwjHfUz7pGKbpo12tDgZXCnKE4INj7GvXuZapWqvzXmUH1x3d3oRqpUnojszFuYfhOFaddqYGLUP0-Cn_bTZ5CGPirkTTJOHMBpO1m7WyulARRIXGvaNZ7uvuSNVXXOvITV8HDSXO5Nt6JAA2MAOrm90g5R5hQepFFiouAtX_7o6XLdixlk8ZI5IPydZWtS59BTi_BFndkywjYSiJUKXca9VGOQihcHa7ebaNi-NwrPMgA_of4gxdhE9zkcoxn_grWobQa2ycrtPs8zx4BjNIfVrn314KQOTAfQYJ5T7coYcVVj943jMmvuAxg0QK8xKhCNDCOwd8t8phfyrnPGylA==&nojs=0&ix=0&t=0&x=1600&y=1200&wcks=1&wgl=1&cnvs=1&os=0&md=0&bb=0&pl=Chrome%20PDF%20Plugin::Chrome%20PDF%20Viewer::Native%20Client&lang=en-US&pf=Linux%20x86_64&cd=24&0&pload=103
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
109.206.162.83 , Netherlands, ASN50245 (SERVEREL-AS, NL),
Reverse DNS
83.162.serverel.net
Software
nginx /
Resource Hash

Request headers

Referer
Accept-Language
nl-NL,nl;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

date
Fri, 03 Dec 2021 16:22:54 GMT
server
nginx
timing-allow-origin
*
content-length
43
content-type
image/gif
script.js
123.selornews.com/dannig/common-player-arrow/ 		4 KB
5 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://123.selornews.com/dannig/common-player-arrow/script.js?a=19
Requested by
Host: 517s61.reminews.com
URL: https://517s61.reminews.com/dannig/common-player-arrow/index.html?var=1541501&ymid=21120311222db06c75512544318df4228dfc&rc=1&mrc=0&fsc=0&zoneid=1601571&tburl=https://play-vids.com/?geo=nl&proxy=true
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
45.133.44.4 Philadelphia, United States, ASN39572 (ADVANCEDHOSTERS-AS, NL),
Reverse DNS
Software
nginx/1.18.0 /
Resource Hash
4d23eca65ee87fd5bce9aaefc863c5f836ad13dbb3069c72533bddfe2054d0d9

Request headers

Accept-Language
nl-NL,nl;q=0.9
Referer
https://517s61.reminews.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date
Fri, 03 Dec 2021 16:22:54 GMT
x-openstack-request-id
tx511d3042704c4fa98c709-00617824f4
x-trans-id
tx511d3042704c4fa98c709-00617824f4
x-timestamp
1631013005.68768
accept-ranges
bytes
expires
Sun, 05 Dec 2021 16:22:54 GMT
last-modified
Tue, 07 Sep 2021 11:10:06 GMT
server
nginx/1.18.0
etag
9d479878f1dadd7ee15cebf73891e8ae
vary
Accept-Encoding
access-control-allow-methods
HEAD,GET,POST,PUT,PATCH,DELETE,OPTIONS
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
access-control-expose-headers
X-Container-Meta-Temp-Url-Key,X-Container-Bytes-Used,Last-Modified,X-Timestamp
cache-control
max-age=172800
content-length
4281
access-control-allow-headers
Content-Type,X-Requested-With,X-Auth-Token,X-Openstack-Request-Id,X-Container-Meta-type,X-Container-Meta-Temp-URL-Key,Authorization
x-proxy-cache
HIT
icon1.png
123.selornews.com/dannig/common-player-arrow/img/ 		7 KB
8 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://123.selornews.com/dannig/common-player-arrow/img/icon1.png
Requested by
Host: 517s61.reminews.com
URL: https://517s61.reminews.com/dannig/common-player-arrow/index.html?var=1541501&ymid=21120311222db06c75512544318df4228dfc&rc=1&mrc=0&fsc=0&zoneid=1601571&tburl=https://play-vids.com/?geo=nl&proxy=true
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
45.133.44.4 Philadelphia, United States, ASN39572 (ADVANCEDHOSTERS-AS, NL),
Reverse DNS
Software
nginx/1.18.0 /
Resource Hash
0515ddd9185d263874e7b66bb6d521fcd63b857aac5fed51c08df98026dafe27

Request headers

Accept-Language
nl-NL,nl;q=0.9
Referer
https://517s61.reminews.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date
Fri, 03 Dec 2021 16:22:54 GMT
x-openstack-request-id
tx3a371b7f911d47879e956-00617824f4
x-trans-id
tx3a371b7f911d47879e956-00617824f4
x-timestamp
1621260766.56573
accept-ranges
bytes
expires
Sun, 05 Dec 2021 16:22:54 GMT
last-modified
Mon, 17 May 2021 14:12:47 GMT
server
nginx/1.18.0
etag
3d0ab5834c8bf7134e4d21fa3288317f
vary
Accept-Encoding
access-control-allow-methods
HEAD,GET,POST,PUT,PATCH,DELETE,OPTIONS
content-type
image/png
access-control-allow-origin
*
access-control-expose-headers
X-Container-Meta-Temp-Url-Key,X-Container-Bytes-Used,Last-Modified,X-Timestamp
cache-control
max-age=172800
content-length
7252
access-control-allow-headers
Content-Type,X-Requested-With,X-Auth-Token,X-Openstack-Request-Id,X-Container-Meta-type,X-Container-Meta-Temp-URL-Key,Authorization
x-proxy-cache
HIT
icon2.png
123.selornews.com/dannig/common-player-arrow/img/ 		4 KB
5 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://123.selornews.com/dannig/common-player-arrow/img/icon2.png
Requested by
Host: 517s61.reminews.com
URL: https://517s61.reminews.com/dannig/common-player-arrow/index.html?var=1541501&ymid=21120311222db06c75512544318df4228dfc&rc=1&mrc=0&fsc=0&zoneid=1601571&tburl=https://play-vids.com/?geo=nl&proxy=true
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
45.133.44.4 Philadelphia, United States, ASN39572 (ADVANCEDHOSTERS-AS, NL),
Reverse DNS
Software
nginx/1.18.0 /
Resource Hash

Request headers

Accept-Language
nl-NL,nl;q=0.9
Referer
https://517s61.reminews.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date
Fri, 03 Dec 2021 16:22:54 GMT
x-openstack-request-id
txa9b08c83d6884e2e94886-00617824f0
x-trans-id
txa9b08c83d6884e2e94886-00617824f0
x-timestamp
1621260766.58366
accept-ranges
bytes
expires
Sun, 05 Dec 2021 16:22:54 GMT
last-modified
Mon, 17 May 2021 14:12:47 GMT
server
nginx/1.18.0
etag
c947d439eb93367f1af5b2a3d222f057
vary
Accept-Encoding
access-control-allow-methods
HEAD,GET,POST,PUT,PATCH,DELETE,OPTIONS
content-type
image/png
access-control-allow-origin
*
access-control-expose-headers
X-Container-Meta-Temp-Url-Key,X-Container-Bytes-Used,Last-Modified,X-Timestamp
cache-control
max-age=172800
content-length
4576
access-control-allow-headers
Content-Type,X-Requested-With,X-Auth-Token,X-Openstack-Request-Id,X-Container-Meta-type,X-Container-Meta-Temp-URL-Key,Authorization
x-proxy-cache
HIT
icon3.png
123.selornews.com/dannig/common-player-arrow/img/ 		8 KB
8 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://123.selornews.com/dannig/common-player-arrow/img/icon3.png
Requested by
Host: 517s61.reminews.com
URL: https://517s61.reminews.com/dannig/common-player-arrow/index.html?var=1541501&ymid=21120311222db06c75512544318df4228dfc&rc=1&mrc=0&fsc=0&zoneid=1601571&tburl=https://play-vids.com/?geo=nl&proxy=true
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
45.133.44.4 Philadelphia, United States, ASN39572 (ADVANCEDHOSTERS-AS, NL),
Reverse DNS
Software
nginx/1.18.0 /
Resource Hash

Request headers

Accept-Language
nl-NL,nl;q=0.9
Referer
https://517s61.reminews.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date
Fri, 03 Dec 2021 16:22:54 GMT
x-openstack-request-id
txe836bc800dc74cab8c17e-00617824f0
x-trans-id
txe836bc800dc74cab8c17e-00617824f0
x-timestamp
1621260770.61859
accept-ranges
bytes
expires
Sun, 05 Dec 2021 16:22:54 GMT
last-modified
Mon, 17 May 2021 14:12:51 GMT
server
nginx/1.18.0
etag
8f3cc830da0b1fdf66bda7d1d734747b
vary
Accept-Encoding
access-control-allow-methods
HEAD,GET,POST,PUT,PATCH,DELETE,OPTIONS
content-type
image/png
access-control-allow-origin
*
access-control-expose-headers
X-Container-Meta-Temp-Url-Key,X-Container-Bytes-Used,Last-Modified,X-Timestamp
cache-control
max-age=172800
content-length
7847
access-control-allow-headers
Content-Type,X-Requested-With,X-Auth-Token,X-Openstack-Request-Id,X-Container-Meta-type,X-Container-Meta-Temp-URL-Key,Authorization
x-proxy-cache
HIT
icon4.png
123.selornews.com/dannig/common-player-arrow/img/ 		7 KB
7 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://123.selornews.com/dannig/common-player-arrow/img/icon4.png
Requested by
Host: 517s61.reminews.com
URL: https://517s61.reminews.com/dannig/common-player-arrow/index.html?var=1541501&ymid=21120311222db06c75512544318df4228dfc&rc=1&mrc=0&fsc=0&zoneid=1601571&tburl=https://play-vids.com/?geo=nl&proxy=true
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
45.133.44.4 Philadelphia, United States, ASN39572 (ADVANCEDHOSTERS-AS, NL),
Reverse DNS
Software
nginx/1.18.0 /
Resource Hash

Request headers

Accept-Language
nl-NL,nl;q=0.9
Referer
https://517s61.reminews.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date
Fri, 03 Dec 2021 16:22:54 GMT
x-openstack-request-id
tx15b172dcb6084849bf123-00617824f0
x-trans-id
tx15b172dcb6084849bf123-00617824f0
x-timestamp
1621260766.57654
accept-ranges
bytes
expires
Sun, 05 Dec 2021 16:22:54 GMT
last-modified
Mon, 17 May 2021 14:12:47 GMT
server
nginx/1.18.0
etag
7ad7f32c1c0df7b4975cc41bda4ac435
vary
Accept-Encoding
access-control-allow-methods
HEAD,GET,POST,PUT,PATCH,DELETE,OPTIONS
content-type
image/png
access-control-allow-origin
*
access-control-expose-headers
X-Container-Meta-Temp-Url-Key,X-Container-Bytes-Used,Last-Modified,X-Timestamp
cache-control
max-age=172800
content-length
7032
access-control-allow-headers
Content-Type,X-Requested-With,X-Auth-Token,X-Openstack-Request-Id,X-Container-Meta-type,X-Container-Meta-Temp-URL-Key,Authorization
x-proxy-cache
HIT
icon5.png
123.selornews.com/dannig/common-player-arrow/img/ 		3 KB
4 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://123.selornews.com/dannig/common-player-arrow/img/icon5.png
Requested by
Host: 517s61.reminews.com
URL: https://517s61.reminews.com/dannig/common-player-arrow/index.html?var=1541501&ymid=21120311222db06c75512544318df4228dfc&rc=1&mrc=0&fsc=0&zoneid=1601571&tburl=https://play-vids.com/?geo=nl&proxy=true
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
45.133.44.4 Philadelphia, United States, ASN39572 (ADVANCEDHOSTERS-AS, NL),
Reverse DNS
Software
nginx/1.18.0 /
Resource Hash

Request headers

Accept-Language
nl-NL,nl;q=0.9
Referer
https://517s61.reminews.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date
Fri, 03 Dec 2021 16:22:54 GMT
x-openstack-request-id
txb5043e51fe2e4d6988631-00617824f0
x-trans-id
txb5043e51fe2e4d6988631-00617824f0
x-timestamp
1621260766.74516
accept-ranges
bytes
expires
Sun, 05 Dec 2021 16:22:54 GMT
last-modified
Mon, 17 May 2021 14:12:47 GMT
server
nginx/1.18.0
etag
1e1a7582b5da63e10485d63f97abc9a0
vary
Accept-Encoding
access-control-allow-methods
HEAD,GET,POST,PUT,PATCH,DELETE,OPTIONS
content-type
image/png
access-control-allow-origin
*
access-control-expose-headers
X-Container-Meta-Temp-Url-Key,X-Container-Bytes-Used,Last-Modified,X-Timestamp
cache-control
max-age=172800
content-length
3264
access-control-allow-headers
Content-Type,X-Requested-With,X-Auth-Token,X-Openstack-Request-Id,X-Container-Meta-type,X-Container-Meta-Temp-URL-Key,Authorization
x-proxy-cache
HIT
icon7.png
123.selornews.com/dannig/common-player-arrow/img/ 		3 KB
4 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://123.selornews.com/dannig/common-player-arrow/img/icon7.png
Requested by
Host: 517s61.reminews.com
URL: https://517s61.reminews.com/dannig/common-player-arrow/index.html?var=1541501&ymid=21120311222db06c75512544318df4228dfc&rc=1&mrc=0&fsc=0&zoneid=1601571&tburl=https://play-vids.com/?geo=nl&proxy=true
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
45.133.44.4 Philadelphia, United States, ASN39572 (ADVANCEDHOSTERS-AS, NL),
Reverse DNS
Software
nginx/1.18.0 /
Resource Hash

Request headers

Accept-Language
nl-NL,nl;q=0.9
Referer
https://517s61.reminews.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date
Fri, 03 Dec 2021 16:22:54 GMT
x-openstack-request-id
tx23eb648f44094a9e86fdc-00617824f0
x-trans-id
tx23eb648f44094a9e86fdc-00617824f0
x-timestamp
1621260767.43555
accept-ranges
bytes
expires
Sun, 05 Dec 2021 16:22:54 GMT
last-modified
Mon, 17 May 2021 14:12:48 GMT
server
nginx/1.18.0
etag
b512735542cb07b3b2dcf153a7dfe456
vary
Accept-Encoding
access-control-allow-methods
HEAD,GET,POST,PUT,PATCH,DELETE,OPTIONS
content-type
image/png
access-control-allow-origin
*
access-control-expose-headers
X-Container-Meta-Temp-Url-Key,X-Container-Bytes-Used,Last-Modified,X-Timestamp
cache-control
max-age=172800
content-length
3283
access-control-allow-headers
Content-Type,X-Requested-With,X-Auth-Token,X-Openstack-Request-Id,X-Container-Meta-type,X-Container-Meta-Temp-URL-Key,Authorization
x-proxy-cache
HIT
icon8.png
123.selornews.com/dannig/common-player-arrow/img/ 		4 KB
5 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://123.selornews.com/dannig/common-player-arrow/img/icon8.png
Requested by
Host: 517s61.reminews.com
URL: https://517s61.reminews.com/dannig/common-player-arrow/index.html?var=1541501&ymid=21120311222db06c75512544318df4228dfc&rc=1&mrc=0&fsc=0&zoneid=1601571&tburl=https://play-vids.com/?geo=nl&proxy=true
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
45.133.44.4 Philadelphia, United States, ASN39572 (ADVANCEDHOSTERS-AS, NL),
Reverse DNS
Software
nginx/1.18.0 /
Resource Hash

Request headers

Accept-Language
nl-NL,nl;q=0.9
Referer
https://517s61.reminews.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date
Fri, 03 Dec 2021 16:22:54 GMT
x-openstack-request-id
tx287de7c84de84b77b385d-00617824f0
x-trans-id
tx287de7c84de84b77b385d-00617824f0
x-timestamp
1621260767.46514
accept-ranges
bytes
expires
Sun, 05 Dec 2021 16:22:54 GMT
last-modified
Mon, 17 May 2021 14:12:48 GMT
server
nginx/1.18.0
etag
f92d6474ebc6a3a0b576749cfb4afe98
vary
Accept-Encoding
access-control-allow-methods
HEAD,GET,POST,PUT,PATCH,DELETE,OPTIONS
content-type
image/png
access-control-allow-origin
*
access-control-expose-headers
X-Container-Meta-Temp-Url-Key,X-Container-Bytes-Used,Last-Modified,X-Timestamp
cache-control
max-age=172800
content-length
4064
access-control-allow-headers
Content-Type,X-Requested-With,X-Auth-Token,X-Openstack-Request-Id,X-Container-Meta-type,X-Container-Meta-Temp-URL-Key,Authorization
x-proxy-cache
HIT
afu.php
kneeansweras.com/ 		2 KB
1 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://kneeansweras.com/afu.php?zoneid=1541502&var=1541501
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
109.206.162.83 , Netherlands, ASN50245 (SERVEREL-AS, NL),
Reverse DNS
83.162.serverel.net
Software
nginx /
Resource Hash
ddc5a42e5bdb324edea4fa71d431c922ea8313e8cb5fc63c2eb3fc69e9bf8c7d

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36
Accept-Language
nl-NL,nl;q=0.9

Response headers

server
nginx
date
Fri, 03 Dec 2021 16:22:54 GMT
content-type
text/html; charset=utf-8
vary
Accept-Encoding
content-encoding
gzip
timing-allow-origin
*
submit.min.js
kneeansweras.com/ 		34 KB
14 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://kneeansweras.com/submit.min.js?2.0
Requested by
Host: kneeansweras.com
URL: https://kneeansweras.com/afu.php?zoneid=1541502&var=1541501
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
109.206.162.83 , Netherlands, ASN50245 (SERVEREL-AS, NL),
Reverse DNS
83.162.serverel.net
Software
nginx /
Resource Hash
85a367f436675a0f9ff723ab117c68ab0f704cd9f183bc40c8d5e06d647832b8

Request headers

Accept-Language
nl-NL,nl;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date
Fri, 03 Dec 2021 16:22:54 GMT
content-encoding
gzip
last-modified
Thu, 02 Dec 2021 12:43:17 GMT
server
nginx
etag
W/"61a8bf65-87fb"
vary
Accept-Encoding
content-type
application/javascript
timing-allow-origin
*
/
kneeansweras.com/ 		3 KB
2 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://kneeansweras.com/?r=dir&zoneid=1541502&var=1541501&pb=cb9b7668389cb45936a30bd1c088eb721638555774&psp=NCD7KU28ux2k0rnao4eL5hoNSXLbnKrT4CTzar_3IoA9_Q9KHNVGjJKBEVw4U10iVSb5rM5aws7l2_VA6hzpHqbb4s020MefRaVBPTp-WQp-pu5sASovIoQjs32xhmPMYyvCBdBUGJEzLVuBPcBwUD_ouTNAsuac7uM8B34rxCvvrDl6atg4vZUHroKsTQTmzO3wQHZHvSIcLkNQ-DlGc1fu59SuXaS-44ngA_wnw0DkGuZgZbZdIK3vfxgQgZ-bkDR9pYJ9_OxRWLvfZni2UeRaVL1A10FXeLecA83XlCfuzKAasuYKSrlNywuT5S0PGbNdz_piPQcyQHPleIXoV9sdKx-64lQc8Kmo2ZQYrEn2y8Fdvr9RCjeEBrUNYUsH5Ev2EOEEKiG0Dco92VP-OhqpwX77a0_l2QWrXva1pWNWOxkOdYuSzljq-ueTruUir-GF2D23TwkbJT66c9euZdH8pp47SfXhn_z0JqSOZYarQQC1y4ibKSuXKFFEYhnrUj5HiipEmRiuCORif70gWqPdY3W1H9neMCpn1Dt6-9AIWsGajJzstdO88RGwky03WZBJm7PHTPYLmuNVFCyOqMWNKMbFW2AuDEq0ObuNNjjYrD3FdrG4DHy3qBqPZV8I7r9qRg1W9w9OTGvjSNtNvshe_jtsJ4KiiQ6EYsrg6qCPZqPaU6bVBw==&nojs=0&ix=0&t=0&x=1600&y=1200&wcks=1&wgl=1&cnvs=1&os=0&md=0&bb=0&pl=Chrome%20PDF%20Plugin::Chrome%20PDF%20Viewer::Native%20Client&lang=en-US&pf=Linux%20x86_64&cd=24&0&pload=123
Requested by
Host: kneeansweras.com
URL: https://kneeansweras.com/submit.min.js?2.0
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
109.206.162.83 , Netherlands, ASN50245 (SERVEREL-AS, NL),
Reverse DNS
83.162.serverel.net
Software
nginx /
Resource Hash
4a1ceac486e6291b49cc5396c88261f453c1e7ce0546fbb2317a486142058d00

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36
Accept-Language
nl-NL,nl;q=0.9

Response headers

server
nginx
date
Fri, 03 Dec 2021 16:22:54 GMT
content-type
text/html; charset=utf-8
vary
Accept-Encoding
content-encoding
gzip
timing-allow-origin
*
index.html
517s61.reminews.com/dannig/common-player-arrow/ 		6 KB
7 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://517s61.reminews.com/dannig/common-player-arrow/index.html?var=1541502&ymid=2112031122f9c9ae8cae6b4e828317cbc7d6&rc=1&mrc=0&fsc=0&zoneid=1601571&tburl=https://play-vids.com/?geo=nl&proxy=true
Requested by
Host: kneeansweras.com
URL: https://kneeansweras.com/?r=dir&zoneid=1541502&var=1541501&pb=cb9b7668389cb45936a30bd1c088eb721638555774&psp=NCD7KU28ux2k0rnao4eL5hoNSXLbnKrT4CTzar_3IoA9_Q9KHNVGjJKBEVw4U10iVSb5rM5aws7l2_VA6hzpHqbb4s020MefRaVBPTp-WQp-pu5sASovIoQjs32xhmPMYyvCBdBUGJEzLVuBPcBwUD_ouTNAsuac7uM8B34rxCvvrDl6atg4vZUHroKsTQTmzO3wQHZHvSIcLkNQ-DlGc1fu59SuXaS-44ngA_wnw0DkGuZgZbZdIK3vfxgQgZ-bkDR9pYJ9_OxRWLvfZni2UeRaVL1A10FXeLecA83XlCfuzKAasuYKSrlNywuT5S0PGbNdz_piPQcyQHPleIXoV9sdKx-64lQc8Kmo2ZQYrEn2y8Fdvr9RCjeEBrUNYUsH5Ev2EOEEKiG0Dco92VP-OhqpwX77a0_l2QWrXva1pWNWOxkOdYuSzljq-ueTruUir-GF2D23TwkbJT66c9euZdH8pp47SfXhn_z0JqSOZYarQQC1y4ibKSuXKFFEYhnrUj5HiipEmRiuCORif70gWqPdY3W1H9neMCpn1Dt6-9AIWsGajJzstdO88RGwky03WZBJm7PHTPYLmuNVFCyOqMWNKMbFW2AuDEq0ObuNNjjYrD3FdrG4DHy3qBqPZV8I7r9qRg1W9w9OTGvjSNtNvshe_jtsJ4KiiQ6EYsrg6qCPZqPaU6bVBw==&nojs=0&ix=0&t=0&x=1600&y=1200&wcks=1&wgl=1&cnvs=1&os=0&md=0&bb=0&pl=Chrome%20PDF%20Plugin::Chrome%20PDF%20Viewer::Native%20Client&lang=en-US&pf=Linux%20x86_64&cd=24&0&pload=123
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
45.133.44.3 Philadelphia, United States, ASN39572 (ADVANCEDHOSTERS-AS, NL),
Reverse DNS
Software
nginx/1.18.0 /
Resource Hash
dccc56b4834577790633f041a5c730b0f283352e63c8509a9da3961b170b6f96

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36
Accept-Language
nl-NL,nl;q=0.9

Response headers

date
Fri, 03 Dec 2021 16:22:54 GMT
content-type
text/html; charset=utf-8
content-length
6611
server
nginx/1.18.0
last-modified
Tue, 26 Oct 2021 15:52:40 GMT
etag
f46a63e0e4e733d7ddc6f46da00863bf
x-timestamp
1635263559.76455
x-trans-id
txf9973ab5455e4f86ae257-00617824f3
x-openstack-request-id
txf9973ab5455e4f86ae257-00617824f3
cache-control
max-age=172800
access-control-allow-origin
*
access-control-allow-methods
HEAD,GET,POST,PUT,PATCH,DELETE,OPTIONS
access-control-allow-headers
Content-Type,X-Requested-With,X-Auth-Token,X-Openstack-Request-Id,X-Container-Meta-type,X-Container-Meta-Temp-URL-Key,Authorization
access-control-expose-headers
X-Container-Meta-Temp-Url-Key,X-Container-Bytes-Used,Last-Modified,X-Timestamp
expires
Sun, 05 Dec 2021 16:22:54 GMT
vary
Accept-Encoding
x-proxy-cache
HIT
accept-ranges
bytes
dupa.gif
kneeansweras.com/ 		0
0
script.js
123.selornews.com/dannig/common-player-arrow/ 		4 KB
5 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://123.selornews.com/dannig/common-player-arrow/script.js?a=19
Requested by
Host: 517s61.reminews.com
URL: https://517s61.reminews.com/dannig/common-player-arrow/index.html?var=1541502&ymid=2112031122f9c9ae8cae6b4e828317cbc7d6&rc=1&mrc=0&fsc=0&zoneid=1601571&tburl=https://play-vids.com/?geo=nl&proxy=true
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
45.133.44.4 Philadelphia, United States, ASN39572 (ADVANCEDHOSTERS-AS, NL),
Reverse DNS
Software
nginx/1.18.0 /
Resource Hash
4d23eca65ee87fd5bce9aaefc863c5f836ad13dbb3069c72533bddfe2054d0d9

Request headers

Accept-Language
nl-NL,nl;q=0.9
Referer
https://517s61.reminews.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date
Fri, 03 Dec 2021 16:22:54 GMT
x-openstack-request-id
tx511d3042704c4fa98c709-00617824f4
x-trans-id
tx511d3042704c4fa98c709-00617824f4
x-timestamp
1631013005.68768
accept-ranges
bytes
expires
Sun, 05 Dec 2021 16:22:54 GMT
last-modified
Tue, 07 Sep 2021 11:10:06 GMT
server
nginx/1.18.0
etag
9d479878f1dadd7ee15cebf73891e8ae
vary
Accept-Encoding
access-control-allow-methods
HEAD,GET,POST,PUT,PATCH,DELETE,OPTIONS
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
access-control-expose-headers
X-Container-Meta-Temp-Url-Key,X-Container-Bytes-Used,Last-Modified,X-Timestamp
cache-control
max-age=172800
content-length
4281
access-control-allow-headers
Content-Type,X-Requested-With,X-Auth-Token,X-Openstack-Request-Id,X-Container-Meta-type,X-Container-Meta-Temp-URL-Key,Authorization
x-proxy-cache
HIT
icon1.png
123.selornews.com/dannig/common-player-arrow/img/ 		7 KB
8 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://123.selornews.com/dannig/common-player-arrow/img/icon1.png
Requested by
Host: 517s61.reminews.com
URL: https://517s61.reminews.com/dannig/common-player-arrow/index.html?var=1541502&ymid=2112031122f9c9ae8cae6b4e828317cbc7d6&rc=1&mrc=0&fsc=0&zoneid=1601571&tburl=https://play-vids.com/?geo=nl&proxy=true
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
45.133.44.4 Philadelphia, United States, ASN39572 (ADVANCEDHOSTERS-AS, NL),
Reverse DNS
Software
nginx/1.18.0 /
Resource Hash

Request headers

Accept-Language
nl-NL,nl;q=0.9
Referer
https://517s61.reminews.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date
Fri, 03 Dec 2021 16:22:54 GMT
x-openstack-request-id
tx3a371b7f911d47879e956-00617824f4
x-trans-id
tx3a371b7f911d47879e956-00617824f4
x-timestamp
1621260766.56573
accept-ranges
bytes
expires
Sun, 05 Dec 2021 16:22:54 GMT
last-modified
Mon, 17 May 2021 14:12:47 GMT
server
nginx/1.18.0
etag
3d0ab5834c8bf7134e4d21fa3288317f
vary
Accept-Encoding
access-control-allow-methods
HEAD,GET,POST,PUT,PATCH,DELETE,OPTIONS
content-type
image/png
access-control-allow-origin
*
access-control-expose-headers
X-Container-Meta-Temp-Url-Key,X-Container-Bytes-Used,Last-Modified,X-Timestamp
cache-control
max-age=172800
content-length
7252
access-control-allow-headers
Content-Type,X-Requested-With,X-Auth-Token,X-Openstack-Request-Id,X-Container-Meta-type,X-Container-Meta-Temp-URL-Key,Authorization
x-proxy-cache
HIT
icon2.png
123.selornews.com/dannig/common-player-arrow/img/ 		4 KB
5 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://123.selornews.com/dannig/common-player-arrow/img/icon2.png
Requested by
Host: 517s61.reminews.com
URL: https://517s61.reminews.com/dannig/common-player-arrow/index.html?var=1541502&ymid=2112031122f9c9ae8cae6b4e828317cbc7d6&rc=1&mrc=0&fsc=0&zoneid=1601571&tburl=https://play-vids.com/?geo=nl&proxy=true
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
45.133.44.4 Philadelphia, United States, ASN39572 (ADVANCEDHOSTERS-AS, NL),
Reverse DNS
Software
nginx/1.18.0 /
Resource Hash

Request headers

Accept-Language
nl-NL,nl;q=0.9
Referer
https://517s61.reminews.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date
Fri, 03 Dec 2021 16:22:54 GMT
x-openstack-request-id
txa9b08c83d6884e2e94886-00617824f0
x-trans-id
txa9b08c83d6884e2e94886-00617824f0
x-timestamp
1621260766.58366
accept-ranges
bytes
expires
Sun, 05 Dec 2021 16:22:54 GMT
last-modified
Mon, 17 May 2021 14:12:47 GMT
server
nginx/1.18.0
etag
c947d439eb93367f1af5b2a3d222f057
vary
Accept-Encoding
access-control-allow-methods
HEAD,GET,POST,PUT,PATCH,DELETE,OPTIONS
content-type
image/png
access-control-allow-origin
*
access-control-expose-headers
X-Container-Meta-Temp-Url-Key,X-Container-Bytes-Used,Last-Modified,X-Timestamp
cache-control
max-age=172800
content-length
4576
access-control-allow-headers
Content-Type,X-Requested-With,X-Auth-Token,X-Openstack-Request-Id,X-Container-Meta-type,X-Container-Meta-Temp-URL-Key,Authorization
x-proxy-cache
HIT
icon3.png
123.selornews.com/dannig/common-player-arrow/img/ 		8 KB
8 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://123.selornews.com/dannig/common-player-arrow/img/icon3.png
Requested by
Host: 517s61.reminews.com
URL: https://517s61.reminews.com/dannig/common-player-arrow/index.html?var=1541502&ymid=2112031122f9c9ae8cae6b4e828317cbc7d6&rc=1&mrc=0&fsc=0&zoneid=1601571&tburl=https://play-vids.com/?geo=nl&proxy=true
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
45.133.44.4 Philadelphia, United States, ASN39572 (ADVANCEDHOSTERS-AS, NL),
Reverse DNS
Software
nginx/1.18.0 /
Resource Hash

Request headers

Accept-Language
nl-NL,nl;q=0.9
Referer
https://517s61.reminews.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date
Fri, 03 Dec 2021 16:22:54 GMT
x-openstack-request-id
txe836bc800dc74cab8c17e-00617824f0
x-trans-id
txe836bc800dc74cab8c17e-00617824f0
x-timestamp
1621260770.61859
accept-ranges
bytes
expires
Sun, 05 Dec 2021 16:22:54 GMT
last-modified
Mon, 17 May 2021 14:12:51 GMT
server
nginx/1.18.0
etag
8f3cc830da0b1fdf66bda7d1d734747b
vary
Accept-Encoding
access-control-allow-methods
HEAD,GET,POST,PUT,PATCH,DELETE,OPTIONS
content-type
image/png
access-control-allow-origin
*
access-control-expose-headers
X-Container-Meta-Temp-Url-Key,X-Container-Bytes-Used,Last-Modified,X-Timestamp
cache-control
max-age=172800
content-length
7847
access-control-allow-headers
Content-Type,X-Requested-With,X-Auth-Token,X-Openstack-Request-Id,X-Container-Meta-type,X-Container-Meta-Temp-URL-Key,Authorization
x-proxy-cache
HIT
icon4.png
123.selornews.com/dannig/common-player-arrow/img/ 		7 KB
7 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://123.selornews.com/dannig/common-player-arrow/img/icon4.png
Requested by
Host: 517s61.reminews.com
URL: https://517s61.reminews.com/dannig/common-player-arrow/index.html?var=1541502&ymid=2112031122f9c9ae8cae6b4e828317cbc7d6&rc=1&mrc=0&fsc=0&zoneid=1601571&tburl=https://play-vids.com/?geo=nl&proxy=true
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
45.133.44.4 Philadelphia, United States, ASN39572 (ADVANCEDHOSTERS-AS, NL),
Reverse DNS
Software
nginx/1.18.0 /
Resource Hash

Request headers

Accept-Language
nl-NL,nl;q=0.9
Referer
https://517s61.reminews.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date
Fri, 03 Dec 2021 16:22:54 GMT
x-openstack-request-id
tx15b172dcb6084849bf123-00617824f0
x-trans-id
tx15b172dcb6084849bf123-00617824f0
x-timestamp
1621260766.57654
accept-ranges
bytes
expires
Sun, 05 Dec 2021 16:22:54 GMT
last-modified
Mon, 17 May 2021 14:12:47 GMT
server
nginx/1.18.0
etag
7ad7f32c1c0df7b4975cc41bda4ac435
vary
Accept-Encoding
access-control-allow-methods
HEAD,GET,POST,PUT,PATCH,DELETE,OPTIONS
content-type
image/png
access-control-allow-origin
*
access-control-expose-headers
X-Container-Meta-Temp-Url-Key,X-Container-Bytes-Used,Last-Modified,X-Timestamp
cache-control
max-age=172800
content-length
7032
access-control-allow-headers
Content-Type,X-Requested-With,X-Auth-Token,X-Openstack-Request-Id,X-Container-Meta-type,X-Container-Meta-Temp-URL-Key,Authorization
x-proxy-cache
HIT
icon5.png
123.selornews.com/dannig/common-player-arrow/img/ 		3 KB
4 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://123.selornews.com/dannig/common-player-arrow/img/icon5.png
Requested by
Host: 517s61.reminews.com
URL: https://517s61.reminews.com/dannig/common-player-arrow/index.html?var=1541502&ymid=2112031122f9c9ae8cae6b4e828317cbc7d6&rc=1&mrc=0&fsc=0&zoneid=1601571&tburl=https://play-vids.com/?geo=nl&proxy=true
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
45.133.44.4 Philadelphia, United States, ASN39572 (ADVANCEDHOSTERS-AS, NL),
Reverse DNS
Software
nginx/1.18.0 /
Resource Hash

Request headers

Accept-Language
nl-NL,nl;q=0.9
Referer
https://517s61.reminews.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date
Fri, 03 Dec 2021 16:22:54 GMT
x-openstack-request-id
txb5043e51fe2e4d6988631-00617824f0
x-trans-id
txb5043e51fe2e4d6988631-00617824f0
x-timestamp
1621260766.74516
accept-ranges
bytes
expires
Sun, 05 Dec 2021 16:22:54 GMT
last-modified
Mon, 17 May 2021 14:12:47 GMT
server
nginx/1.18.0
etag
1e1a7582b5da63e10485d63f97abc9a0
vary
Accept-Encoding
access-control-allow-methods
HEAD,GET,POST,PUT,PATCH,DELETE,OPTIONS
content-type
image/png
access-control-allow-origin
*
access-control-expose-headers
X-Container-Meta-Temp-Url-Key,X-Container-Bytes-Used,Last-Modified,X-Timestamp
cache-control
max-age=172800
content-length
3264
access-control-allow-headers
Content-Type,X-Requested-With,X-Auth-Token,X-Openstack-Request-Id,X-Container-Meta-type,X-Container-Meta-Temp-URL-Key,Authorization
x-proxy-cache
HIT
icon7.png
123.selornews.com/dannig/common-player-arrow/img/ 		3 KB
4 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://123.selornews.com/dannig/common-player-arrow/img/icon7.png
Requested by
Host: 517s61.reminews.com
URL: https://517s61.reminews.com/dannig/common-player-arrow/index.html?var=1541502&ymid=2112031122f9c9ae8cae6b4e828317cbc7d6&rc=1&mrc=0&fsc=0&zoneid=1601571&tburl=https://play-vids.com/?geo=nl&proxy=true
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
45.133.44.4 Philadelphia, United States, ASN39572 (ADVANCEDHOSTERS-AS, NL),
Reverse DNS
Software
nginx/1.18.0 /
Resource Hash

Request headers

Accept-Language
nl-NL,nl;q=0.9
Referer
https://517s61.reminews.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date
Fri, 03 Dec 2021 16:22:54 GMT
x-openstack-request-id
tx23eb648f44094a9e86fdc-00617824f0
x-trans-id
tx23eb648f44094a9e86fdc-00617824f0
x-timestamp
1621260767.43555
accept-ranges
bytes
expires
Sun, 05 Dec 2021 16:22:54 GMT
last-modified
Mon, 17 May 2021 14:12:48 GMT
server
nginx/1.18.0
etag
b512735542cb07b3b2dcf153a7dfe456
vary
Accept-Encoding
access-control-allow-methods
HEAD,GET,POST,PUT,PATCH,DELETE,OPTIONS
content-type
image/png
access-control-allow-origin
*
access-control-expose-headers
X-Container-Meta-Temp-Url-Key,X-Container-Bytes-Used,Last-Modified,X-Timestamp
cache-control
max-age=172800
content-length
3283
access-control-allow-headers
Content-Type,X-Requested-With,X-Auth-Token,X-Openstack-Request-Id,X-Container-Meta-type,X-Container-Meta-Temp-URL-Key,Authorization
x-proxy-cache
HIT
icon8.png
123.selornews.com/dannig/common-player-arrow/img/ 		4 KB
5 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://123.selornews.com/dannig/common-player-arrow/img/icon8.png
Requested by
Host: 517s61.reminews.com
URL: https://517s61.reminews.com/dannig/common-player-arrow/index.html?var=1541502&ymid=2112031122f9c9ae8cae6b4e828317cbc7d6&rc=1&mrc=0&fsc=0&zoneid=1601571&tburl=https://play-vids.com/?geo=nl&proxy=true
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
45.133.44.4 Philadelphia, United States, ASN39572 (ADVANCEDHOSTERS-AS, NL),
Reverse DNS
Software
nginx/1.18.0 /
Resource Hash

Request headers

Accept-Language
nl-NL,nl;q=0.9
Referer
https://517s61.reminews.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date
Fri, 03 Dec 2021 16:22:54 GMT
x-openstack-request-id
tx287de7c84de84b77b385d-00617824f0
x-trans-id
tx287de7c84de84b77b385d-00617824f0
x-timestamp
1621260767.46514
accept-ranges
bytes
expires
Sun, 05 Dec 2021 16:22:54 GMT
last-modified
Mon, 17 May 2021 14:12:48 GMT
server
nginx/1.18.0
etag
f92d6474ebc6a3a0b576749cfb4afe98
vary
Accept-Encoding
access-control-allow-methods
HEAD,GET,POST,PUT,PATCH,DELETE,OPTIONS
content-type
image/png
access-control-allow-origin
*
access-control-expose-headers
X-Container-Meta-Temp-Url-Key,X-Container-Bytes-Used,Last-Modified,X-Timestamp
cache-control
max-age=172800
content-length
4064
access-control-allow-headers
Content-Type,X-Requested-With,X-Auth-Token,X-Openstack-Request-Id,X-Container-Meta-type,X-Container-Meta-Temp-URL-Key,Authorization
x-proxy-cache
HIT
afu.php
kneeansweras.com/ 		2 KB
1 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://kneeansweras.com/afu.php?zoneid=1541501&var=1541502
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
109.206.162.83 , Netherlands, ASN50245 (SERVEREL-AS, NL),
Reverse DNS
83.162.serverel.net
Software
nginx /
Resource Hash
09106dcdf9b42eba6f0762c4d59b18e8f1348cb74da109963088e7f8b45a1d6e

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36
Accept-Language
nl-NL,nl;q=0.9

Response headers

server
nginx
date
Fri, 03 Dec 2021 16:22:54 GMT
content-type
text/html; charset=utf-8
vary
Accept-Encoding
content-encoding
gzip
timing-allow-origin
*
submit.min.js
kneeansweras.com/ 		34 KB
14 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://kneeansweras.com/submit.min.js?2.0
Requested by
Host: kneeansweras.com
URL: https://kneeansweras.com/afu.php?zoneid=1541501&var=1541502
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
109.206.162.83 , Netherlands, ASN50245 (SERVEREL-AS, NL),
Reverse DNS
83.162.serverel.net
Software
nginx /
Resource Hash
85a367f436675a0f9ff723ab117c68ab0f704cd9f183bc40c8d5e06d647832b8

Request headers

Accept-Language
nl-NL,nl;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date
Fri, 03 Dec 2021 16:22:54 GMT
content-encoding
gzip
last-modified
Thu, 02 Dec 2021 12:43:17 GMT
server
nginx
etag
W/"61a8bf65-87fb"
vary
Accept-Encoding
content-type
application/javascript
timing-allow-origin
*
/
kneeansweras.com/ 		3 KB
2 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://kneeansweras.com/?r=dir&zoneid=1541501&var=1541502&pb=cb9b7668389cb45936a30bd1c088eb721638555774&psp=yS1MUf9_Dk1y-sL_g1ktROf7tlsrQjC8YtZPBM4UDR_YprmRGyXN6NtZORkAce3jg6R6HB2hXNL3246hwwhWNEKuxkN5sY5G4AFCiQDD-hkP6OT5TRmstdDGiTvdhuvXFnB8jmRnn0nVuAZzg_Dbb7rcl-VT8krrY5NR5mQp7HL4i9w1z-6Dx2Low-12iLxO6quoB7xUl4qI_80Wv2WX3K703EMRUyMe0jrlXXA2A9R-2AKxVflm2GaNCPpKgwlgdJjWi-lASQ4JghrUkV-2QOzYuKNWHs-ZYGOBIRSlQe83_JyvVG7bIQ5_TjwwBvb3zJVQs00_laLag4kDteFU5rUGxqKX2wmzNqsj1vl-euFx4mslIiVWFYHY8mlasSHw_oFQN00b8f6HkFQJPYy8ZSx_9EQr03NhgbfhrnLYf4DcoO91Ct6A-tKwhNJwVnhXiYAeA1OF3Gpwv9vAO_1avV0A2PLDebrJe3lW94aXBU-vKMfteLxXCtyN7KswEWIQOVN2EgjRykduPCqyh258mNcNDews6uIA1DorC1tYK0AfuFusDn3soNuGhfuhwcIpSasJ1haUsyi1kF_a0JZXSbXSzjdb9EuMwBEwvahy8EsY5TsY31MVV6mK27Iv9Hy6mJkW8_xD6hxlTfZwtlCv64b7G8vqoyW38wzKYyhct2vGVoB6OaADlg==&nojs=0&ix=0&t=0&x=1600&y=1200&wcks=1&wgl=1&cnvs=1&os=0&md=0&bb=0&pl=Chrome%20PDF%20Plugin::Chrome%20PDF%20Viewer::Native%20Client&lang=en-US&pf=Linux%20x86_64&cd=24&0&pload=101
Requested by
Host: kneeansweras.com
URL: https://kneeansweras.com/submit.min.js?2.0
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
109.206.162.83 , Netherlands, ASN50245 (SERVEREL-AS, NL),
Reverse DNS
83.162.serverel.net
Software
nginx /
Resource Hash
a39957222dd9358aae175c5391975f3ee19d3b2bed7d41cd3a993ec3dee0f4d5

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36
Accept-Language
nl-NL,nl;q=0.9

Response headers

server
nginx
date
Fri, 03 Dec 2021 16:22:54 GMT
content-type
text/html; charset=utf-8
vary
Accept-Encoding
content-encoding
gzip
timing-allow-origin
*
index.html
517s61.reminews.com/dannig/common-player-arrow/ 		6 KB
7 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://517s61.reminews.com/dannig/common-player-arrow/index.html?var=1541501&ymid=211203112221daa349516647d98cb6a23bb7&rc=1&mrc=0&fsc=0&zoneid=1601571&tburl=https://play-vids.com/?geo=nl&proxy=true
Requested by
Host: kneeansweras.com
URL: https://kneeansweras.com/?r=dir&zoneid=1541501&var=1541502&pb=cb9b7668389cb45936a30bd1c088eb721638555774&psp=yS1MUf9_Dk1y-sL_g1ktROf7tlsrQjC8YtZPBM4UDR_YprmRGyXN6NtZORkAce3jg6R6HB2hXNL3246hwwhWNEKuxkN5sY5G4AFCiQDD-hkP6OT5TRmstdDGiTvdhuvXFnB8jmRnn0nVuAZzg_Dbb7rcl-VT8krrY5NR5mQp7HL4i9w1z-6Dx2Low-12iLxO6quoB7xUl4qI_80Wv2WX3K703EMRUyMe0jrlXXA2A9R-2AKxVflm2GaNCPpKgwlgdJjWi-lASQ4JghrUkV-2QOzYuKNWHs-ZYGOBIRSlQe83_JyvVG7bIQ5_TjwwBvb3zJVQs00_laLag4kDteFU5rUGxqKX2wmzNqsj1vl-euFx4mslIiVWFYHY8mlasSHw_oFQN00b8f6HkFQJPYy8ZSx_9EQr03NhgbfhrnLYf4DcoO91Ct6A-tKwhNJwVnhXiYAeA1OF3Gpwv9vAO_1avV0A2PLDebrJe3lW94aXBU-vKMfteLxXCtyN7KswEWIQOVN2EgjRykduPCqyh258mNcNDews6uIA1DorC1tYK0AfuFusDn3soNuGhfuhwcIpSasJ1haUsyi1kF_a0JZXSbXSzjdb9EuMwBEwvahy8EsY5TsY31MVV6mK27Iv9Hy6mJkW8_xD6hxlTfZwtlCv64b7G8vqoyW38wzKYyhct2vGVoB6OaADlg==&nojs=0&ix=0&t=0&x=1600&y=1200&wcks=1&wgl=1&cnvs=1&os=0&md=0&bb=0&pl=Chrome%20PDF%20Plugin::Chrome%20PDF%20Viewer::Native%20Client&lang=en-US&pf=Linux%20x86_64&cd=24&0&pload=101
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
45.133.44.3 Philadelphia, United States, ASN39572 (ADVANCEDHOSTERS-AS, NL),
Reverse DNS
Software
nginx/1.18.0 /
Resource Hash
dccc56b4834577790633f041a5c730b0f283352e63c8509a9da3961b170b6f96

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36
Accept-Language
nl-NL,nl;q=0.9

Response headers

date
Fri, 03 Dec 2021 16:22:55 GMT
content-type
text/html; charset=utf-8
content-length
6611
server
nginx/1.18.0
last-modified
Tue, 26 Oct 2021 15:52:40 GMT
etag
f46a63e0e4e733d7ddc6f46da00863bf
x-timestamp
1635263559.76455
x-trans-id
txf9973ab5455e4f86ae257-00617824f3
x-openstack-request-id
txf9973ab5455e4f86ae257-00617824f3
cache-control
max-age=172800
access-control-allow-origin
*
access-control-allow-methods
HEAD,GET,POST,PUT,PATCH,DELETE,OPTIONS
access-control-allow-headers
Content-Type,X-Requested-With,X-Auth-Token,X-Openstack-Request-Id,X-Container-Meta-type,X-Container-Meta-Temp-URL-Key,Authorization
access-control-expose-headers
X-Container-Meta-Temp-Url-Key,X-Container-Bytes-Used,Last-Modified,X-Timestamp
expires
Sun, 05 Dec 2021 16:22:55 GMT
vary
Accept-Encoding
x-proxy-cache
HIT
accept-ranges
bytes
dupa.gif
kneeansweras.com/ 		0
0
script.js
123.selornews.com/dannig/common-player-arrow/ 		4 KB
5 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://123.selornews.com/dannig/common-player-arrow/script.js?a=19
Requested by
Host: 517s61.reminews.com
URL: https://517s61.reminews.com/dannig/common-player-arrow/index.html?var=1541501&ymid=211203112221daa349516647d98cb6a23bb7&rc=1&mrc=0&fsc=0&zoneid=1601571&tburl=https://play-vids.com/?geo=nl&proxy=true
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
45.133.44.4 Philadelphia, United States, ASN39572 (ADVANCEDHOSTERS-AS, NL),
Reverse DNS
Software
nginx/1.18.0 /
Resource Hash
4d23eca65ee87fd5bce9aaefc863c5f836ad13dbb3069c72533bddfe2054d0d9

Request headers

Accept-Language
nl-NL,nl;q=0.9
Referer
https://517s61.reminews.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date
Fri, 03 Dec 2021 16:22:55 GMT
x-openstack-request-id
tx511d3042704c4fa98c709-00617824f4
x-trans-id
tx511d3042704c4fa98c709-00617824f4
x-timestamp
1631013005.68768
accept-ranges
bytes
expires
Sun, 05 Dec 2021 16:22:55 GMT
last-modified
Tue, 07 Sep 2021 11:10:06 GMT
server
nginx/1.18.0
etag
9d479878f1dadd7ee15cebf73891e8ae
vary
Accept-Encoding
access-control-allow-methods
HEAD,GET,POST,PUT,PATCH,DELETE,OPTIONS
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
access-control-expose-headers
X-Container-Meta-Temp-Url-Key,X-Container-Bytes-Used,Last-Modified,X-Timestamp
cache-control
max-age=172800
content-length
4281
access-control-allow-headers
Content-Type,X-Requested-With,X-Auth-Token,X-Openstack-Request-Id,X-Container-Meta-type,X-Container-Meta-Temp-URL-Key,Authorization
x-proxy-cache
HIT
icon1.png
123.selornews.com/dannig/common-player-arrow/img/ 		7 KB
8 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://123.selornews.com/dannig/common-player-arrow/img/icon1.png
Requested by
Host: 517s61.reminews.com
URL: https://517s61.reminews.com/dannig/common-player-arrow/index.html?var=1541501&ymid=211203112221daa349516647d98cb6a23bb7&rc=1&mrc=0&fsc=0&zoneid=1601571&tburl=https://play-vids.com/?geo=nl&proxy=true
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
45.133.44.4 Philadelphia, United States, ASN39572 (ADVANCEDHOSTERS-AS, NL),
Reverse DNS
Software
nginx/1.18.0 /
Resource Hash

Request headers

Accept-Language
nl-NL,nl;q=0.9
Referer
https://517s61.reminews.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date
Fri, 03 Dec 2021 16:22:55 GMT
x-openstack-request-id
tx3a371b7f911d47879e956-00617824f4
x-trans-id
tx3a371b7f911d47879e956-00617824f4
x-timestamp
1621260766.56573
accept-ranges
bytes
expires
Sun, 05 Dec 2021 16:22:55 GMT
last-modified
Mon, 17 May 2021 14:12:47 GMT
server
nginx/1.18.0
etag
3d0ab5834c8bf7134e4d21fa3288317f
vary
Accept-Encoding
access-control-allow-methods
HEAD,GET,POST,PUT,PATCH,DELETE,OPTIONS
content-type
image/png
access-control-allow-origin
*
access-control-expose-headers
X-Container-Meta-Temp-Url-Key,X-Container-Bytes-Used,Last-Modified,X-Timestamp
cache-control
max-age=172800
content-length
7252
access-control-allow-headers
Content-Type,X-Requested-With,X-Auth-Token,X-Openstack-Request-Id,X-Container-Meta-type,X-Container-Meta-Temp-URL-Key,Authorization
x-proxy-cache
HIT
icon2.png
123.selornews.com/dannig/common-player-arrow/img/ 		4 KB
5 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://123.selornews.com/dannig/common-player-arrow/img/icon2.png
Requested by
Host: 517s61.reminews.com
URL: https://517s61.reminews.com/dannig/common-player-arrow/index.html?var=1541501&ymid=211203112221daa349516647d98cb6a23bb7&rc=1&mrc=0&fsc=0&zoneid=1601571&tburl=https://play-vids.com/?geo=nl&proxy=true
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
45.133.44.4 Philadelphia, United States, ASN39572 (ADVANCEDHOSTERS-AS, NL),
Reverse DNS
Software
nginx/1.18.0 /
Resource Hash

Request headers

Accept-Language
nl-NL,nl;q=0.9
Referer
https://517s61.reminews.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date
Fri, 03 Dec 2021 16:22:55 GMT
x-openstack-request-id
txa9b08c83d6884e2e94886-00617824f0
x-trans-id
txa9b08c83d6884e2e94886-00617824f0
x-timestamp
1621260766.58366
accept-ranges
bytes
expires
Sun, 05 Dec 2021 16:22:55 GMT
last-modified
Mon, 17 May 2021 14:12:47 GMT
server
nginx/1.18.0
etag
c947d439eb93367f1af5b2a3d222f057
vary
Accept-Encoding
access-control-allow-methods
HEAD,GET,POST,PUT,PATCH,DELETE,OPTIONS
content-type
image/png
access-control-allow-origin
*
access-control-expose-headers
X-Container-Meta-Temp-Url-Key,X-Container-Bytes-Used,Last-Modified,X-Timestamp
cache-control
max-age=172800
content-length
4576
access-control-allow-headers
Content-Type,X-Requested-With,X-Auth-Token,X-Openstack-Request-Id,X-Container-Meta-type,X-Container-Meta-Temp-URL-Key,Authorization
x-proxy-cache
HIT
icon3.png
123.selornews.com/dannig/common-player-arrow/img/ 		8 KB
8 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://123.selornews.com/dannig/common-player-arrow/img/icon3.png
Requested by
Host: 517s61.reminews.com
URL: https://517s61.reminews.com/dannig/common-player-arrow/index.html?var=1541501&ymid=211203112221daa349516647d98cb6a23bb7&rc=1&mrc=0&fsc=0&zoneid=1601571&tburl=https://play-vids.com/?geo=nl&proxy=true
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
45.133.44.4 Philadelphia, United States, ASN39572 (ADVANCEDHOSTERS-AS, NL),
Reverse DNS
Software
nginx/1.18.0 /
Resource Hash

Request headers

Accept-Language
nl-NL,nl;q=0.9
Referer
https://517s61.reminews.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date
Fri, 03 Dec 2021 16:22:55 GMT
x-openstack-request-id
txe836bc800dc74cab8c17e-00617824f0
x-trans-id
txe836bc800dc74cab8c17e-00617824f0
x-timestamp
1621260770.61859
accept-ranges
bytes
expires
Sun, 05 Dec 2021 16:22:55 GMT
last-modified
Mon, 17 May 2021 14:12:51 GMT
server
nginx/1.18.0
etag
8f3cc830da0b1fdf66bda7d1d734747b
vary
Accept-Encoding
access-control-allow-methods
HEAD,GET,POST,PUT,PATCH,DELETE,OPTIONS
content-type
image/png
access-control-allow-origin
*
access-control-expose-headers
X-Container-Meta-Temp-Url-Key,X-Container-Bytes-Used,Last-Modified,X-Timestamp
cache-control
max-age=172800
content-length
7847
access-control-allow-headers
Content-Type,X-Requested-With,X-Auth-Token,X-Openstack-Request-Id,X-Container-Meta-type,X-Container-Meta-Temp-URL-Key,Authorization
x-proxy-cache
HIT
icon4.png
123.selornews.com/dannig/common-player-arrow/img/ 		7 KB
7 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://123.selornews.com/dannig/common-player-arrow/img/icon4.png
Requested by
Host: 517s61.reminews.com
URL: https://517s61.reminews.com/dannig/common-player-arrow/index.html?var=1541501&ymid=211203112221daa349516647d98cb6a23bb7&rc=1&mrc=0&fsc=0&zoneid=1601571&tburl=https://play-vids.com/?geo=nl&proxy=true
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
45.133.44.4 Philadelphia, United States, ASN39572 (ADVANCEDHOSTERS-AS, NL),
Reverse DNS
Software
nginx/1.18.0 /
Resource Hash

Request headers

Accept-Language
nl-NL,nl;q=0.9
Referer
https://517s61.reminews.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date
Fri, 03 Dec 2021 16:22:55 GMT
x-openstack-request-id
tx15b172dcb6084849bf123-00617824f0
x-trans-id
tx15b172dcb6084849bf123-00617824f0
x-timestamp
1621260766.57654
accept-ranges
bytes
expires
Sun, 05 Dec 2021 16:22:55 GMT
last-modified
Mon, 17 May 2021 14:12:47 GMT
server
nginx/1.18.0
etag
7ad7f32c1c0df7b4975cc41bda4ac435
vary
Accept-Encoding
access-control-allow-methods
HEAD,GET,POST,PUT,PATCH,DELETE,OPTIONS
content-type
image/png
access-control-allow-origin
*
access-control-expose-headers
X-Container-Meta-Temp-Url-Key,X-Container-Bytes-Used,Last-Modified,X-Timestamp
cache-control
max-age=172800
content-length
7032
access-control-allow-headers
Content-Type,X-Requested-With,X-Auth-Token,X-Openstack-Request-Id,X-Container-Meta-type,X-Container-Meta-Temp-URL-Key,Authorization
x-proxy-cache
HIT
icon5.png
123.selornews.com/dannig/common-player-arrow/img/ 		3 KB
4 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://123.selornews.com/dannig/common-player-arrow/img/icon5.png
Requested by
Host: 517s61.reminews.com
URL: https://517s61.reminews.com/dannig/common-player-arrow/index.html?var=1541501&ymid=211203112221daa349516647d98cb6a23bb7&rc=1&mrc=0&fsc=0&zoneid=1601571&tburl=https://play-vids.com/?geo=nl&proxy=true
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
45.133.44.4 Philadelphia, United States, ASN39572 (ADVANCEDHOSTERS-AS, NL),
Reverse DNS
Software
nginx/1.18.0 /
Resource Hash

Request headers

Accept-Language
nl-NL,nl;q=0.9
Referer
https://517s61.reminews.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date
Fri, 03 Dec 2021 16:22:55 GMT
x-openstack-request-id
txb5043e51fe2e4d6988631-00617824f0
x-trans-id
txb5043e51fe2e4d6988631-00617824f0
x-timestamp
1621260766.74516
accept-ranges
bytes
expires
Sun, 05 Dec 2021 16:22:55 GMT
last-modified
Mon, 17 May 2021 14:12:47 GMT
server
nginx/1.18.0
etag
1e1a7582b5da63e10485d63f97abc9a0
vary
Accept-Encoding
access-control-allow-methods
HEAD,GET,POST,PUT,PATCH,DELETE,OPTIONS
content-type
image/png
access-control-allow-origin
*
access-control-expose-headers
X-Container-Meta-Temp-Url-Key,X-Container-Bytes-Used,Last-Modified,X-Timestamp
cache-control
max-age=172800
content-length
3264
access-control-allow-headers
Content-Type,X-Requested-With,X-Auth-Token,X-Openstack-Request-Id,X-Container-Meta-type,X-Container-Meta-Temp-URL-Key,Authorization
x-proxy-cache
HIT
icon7.png
123.selornews.com/dannig/common-player-arrow/img/ 		3 KB
4 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://123.selornews.com/dannig/common-player-arrow/img/icon7.png
Requested by
Host: 517s61.reminews.com
URL: https://517s61.reminews.com/dannig/common-player-arrow/index.html?var=1541501&ymid=211203112221daa349516647d98cb6a23bb7&rc=1&mrc=0&fsc=0&zoneid=1601571&tburl=https://play-vids.com/?geo=nl&proxy=true
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
45.133.44.4 Philadelphia, United States, ASN39572 (ADVANCEDHOSTERS-AS, NL),
Reverse DNS
Software
nginx/1.18.0 /
Resource Hash

Request headers

Accept-Language
nl-NL,nl;q=0.9
Referer
https://517s61.reminews.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date
Fri, 03 Dec 2021 16:22:55 GMT
x-openstack-request-id
tx23eb648f44094a9e86fdc-00617824f0
x-trans-id
tx23eb648f44094a9e86fdc-00617824f0
x-timestamp
1621260767.43555
accept-ranges
bytes
expires
Sun, 05 Dec 2021 16:22:55 GMT
last-modified
Mon, 17 May 2021 14:12:48 GMT
server
nginx/1.18.0
etag
b512735542cb07b3b2dcf153a7dfe456
vary
Accept-Encoding
access-control-allow-methods
HEAD,GET,POST,PUT,PATCH,DELETE,OPTIONS
content-type
image/png
access-control-allow-origin
*
access-control-expose-headers
X-Container-Meta-Temp-Url-Key,X-Container-Bytes-Used,Last-Modified,X-Timestamp
cache-control
max-age=172800
content-length
3283
access-control-allow-headers
Content-Type,X-Requested-With,X-Auth-Token,X-Openstack-Request-Id,X-Container-Meta-type,X-Container-Meta-Temp-URL-Key,Authorization
x-proxy-cache
HIT
icon8.png
123.selornews.com/dannig/common-player-arrow/img/ 		4 KB
5 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://123.selornews.com/dannig/common-player-arrow/img/icon8.png
Requested by
Host: 517s61.reminews.com
URL: https://517s61.reminews.com/dannig/common-player-arrow/index.html?var=1541501&ymid=211203112221daa349516647d98cb6a23bb7&rc=1&mrc=0&fsc=0&zoneid=1601571&tburl=https://play-vids.com/?geo=nl&proxy=true
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
45.133.44.4 Philadelphia, United States, ASN39572 (ADVANCEDHOSTERS-AS, NL),
Reverse DNS
Software
nginx/1.18.0 /
Resource Hash

Request headers

Accept-Language
nl-NL,nl;q=0.9
Referer
https://517s61.reminews.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date
Fri, 03 Dec 2021 16:22:55 GMT
x-openstack-request-id
tx287de7c84de84b77b385d-00617824f0
x-trans-id
tx287de7c84de84b77b385d-00617824f0
x-timestamp
1621260767.46514
accept-ranges
bytes
expires
Sun, 05 Dec 2021 16:22:55 GMT
last-modified
Mon, 17 May 2021 14:12:48 GMT
server
nginx/1.18.0
etag
f92d6474ebc6a3a0b576749cfb4afe98
vary
Accept-Encoding
access-control-allow-methods
HEAD,GET,POST,PUT,PATCH,DELETE,OPTIONS
content-type
image/png
access-control-allow-origin
*
access-control-expose-headers
X-Container-Meta-Temp-Url-Key,X-Container-Bytes-Used,Last-Modified,X-Timestamp
cache-control
max-age=172800
content-length
4064
access-control-allow-headers
Content-Type,X-Requested-With,X-Auth-Token,X-Openstack-Request-Id,X-Container-Meta-type,X-Container-Meta-Temp-URL-Key,Authorization
x-proxy-cache
HIT
afu.php
kneeansweras.com/ 		2 KB
1 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://kneeansweras.com/afu.php?zoneid=1541502&var=1541501
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
109.206.162.83 , Netherlands, ASN50245 (SERVEREL-AS, NL),
Reverse DNS
83.162.serverel.net
Software
nginx /
Resource Hash
94a156ffce3adfa73b272a3b8c6eb83760ddfaa3ed147bb6ee2a460ffff9817b

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36
Accept-Language
nl-NL,nl;q=0.9

Response headers

server
nginx
date
Fri, 03 Dec 2021 16:22:55 GMT
content-type
text/html; charset=utf-8
vary
Accept-Encoding
content-encoding
gzip
timing-allow-origin
*
submit.min.js
kneeansweras.com/ 		34 KB
14 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://kneeansweras.com/submit.min.js?2.0
Requested by
Host: kneeansweras.com
URL: https://kneeansweras.com/afu.php?zoneid=1541502&var=1541501
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
109.206.162.83 , Netherlands, ASN50245 (SERVEREL-AS, NL),
Reverse DNS
83.162.serverel.net
Software
nginx /
Resource Hash
85a367f436675a0f9ff723ab117c68ab0f704cd9f183bc40c8d5e06d647832b8

Request headers

Accept-Language
nl-NL,nl;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date
Fri, 03 Dec 2021 16:22:55 GMT
content-encoding
gzip
last-modified
Thu, 02 Dec 2021 12:43:17 GMT
server
nginx
etag
W/"61a8bf65-87fb"
vary
Accept-Encoding
content-type
application/javascript
timing-allow-origin
*
/
kneeansweras.com/ 		3 KB
2 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://kneeansweras.com/?r=dir&zoneid=1541502&var=1541501&pb=d9f19068a3e4545e4569751e8929ea6f1638555775&psp=ZdgessHVkKbZ4AnF_lP66nbzZOlfCBp3BPG9vVjio7WFiCmlE1FtsPNkGX-9Xn0X8-gA7rla_aT6p-MmcUt3Mo50-xaacBZ4peQSV4y3Oe7XGgzlASfk0UV8FE9rHV0nFgmCTHNiNwjY0RCLU4QzG10ouebnOn9hVRkVshqSNCHWTY_LxRRPCT_ZRRdqcb1ek_6VPlrNG1CNPVJ6HbeMijxj_dXxAY2nbcTRQx7seVxTBYm92UzIGvqnjRk4ZMeJsvt6J8NiJ0cEK80xp6ixighz_hKjmY-mpLpuDVP8QzuhEMkRT6OgSVLyXTw7PWE19blmmc1ZCo3vUAVmoQ8KYlSZBjQsIpSRlItxWbeCHIQWiEPfGzoWHgy0qiqaeQ-HgsvCbu1Bo8nFKxw7hTz8mIzGsYF97rQqjzUzP_-RIr09qZaOQ76tAers7nzV5f5JITNQYHZ6_qIx7R8k7zgidtJfGdcYElx9IUpWK7GqI1UuxNaEGWvIa-vCcOEecVjT2rFnAfOTkJsBIFvOPdCWhUSpan0LAu1vMtiggGsLVUUISXVkoI7rKpzrp94ZxBIUwr6a8CVYD-1Qt3jdnzzeRkUwzw91deG-qGM2-m1J5WDjwd-gKQLvaJxzduM1brriulKlhsVuBmrH_P7fNJ2Rf8zlmvJpnTlI5aHAfRggVJ2IL9TbTTtqhA==&nojs=0&ix=0&t=0&x=1600&y=1200&wcks=1&wgl=1&cnvs=1&os=0&md=0&bb=0&pl=Chrome%20PDF%20Plugin::Chrome%20PDF%20Viewer::Native%20Client&lang=en-US&pf=Linux%20x86_64&cd=24&0&pload=102
Requested by
Host: kneeansweras.com
URL: https://kneeansweras.com/submit.min.js?2.0
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
109.206.162.83 , Netherlands, ASN50245 (SERVEREL-AS, NL),
Reverse DNS
83.162.serverel.net
Software
nginx /
Resource Hash
bc27d170db92abfc34f7a2b4e52f02fa13182f5d65854a6dc416bb7a09583103

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36
Accept-Language
nl-NL,nl;q=0.9

Response headers

server
nginx
date
Fri, 03 Dec 2021 16:22:55 GMT
content-type
text/html; charset=utf-8
vary
Accept-Encoding
content-encoding
gzip
timing-allow-origin
*
index.html
517s61.reminews.com/dannig/common-player-arrow/ 		6 KB
7 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://517s61.reminews.com/dannig/common-player-arrow/index.html?var=1541502&ymid=2112031122a32af811618841d3a1beecbb6f&rc=1&mrc=0&fsc=0&zoneid=1601571&tburl=https://play-vids.com/?geo=nl&proxy=true
Requested by
Host: kneeansweras.com
URL: https://kneeansweras.com/?r=dir&zoneid=1541502&var=1541501&pb=d9f19068a3e4545e4569751e8929ea6f1638555775&psp=ZdgessHVkKbZ4AnF_lP66nbzZOlfCBp3BPG9vVjio7WFiCmlE1FtsPNkGX-9Xn0X8-gA7rla_aT6p-MmcUt3Mo50-xaacBZ4peQSV4y3Oe7XGgzlASfk0UV8FE9rHV0nFgmCTHNiNwjY0RCLU4QzG10ouebnOn9hVRkVshqSNCHWTY_LxRRPCT_ZRRdqcb1ek_6VPlrNG1CNPVJ6HbeMijxj_dXxAY2nbcTRQx7seVxTBYm92UzIGvqnjRk4ZMeJsvt6J8NiJ0cEK80xp6ixighz_hKjmY-mpLpuDVP8QzuhEMkRT6OgSVLyXTw7PWE19blmmc1ZCo3vUAVmoQ8KYlSZBjQsIpSRlItxWbeCHIQWiEPfGzoWHgy0qiqaeQ-HgsvCbu1Bo8nFKxw7hTz8mIzGsYF97rQqjzUzP_-RIr09qZaOQ76tAers7nzV5f5JITNQYHZ6_qIx7R8k7zgidtJfGdcYElx9IUpWK7GqI1UuxNaEGWvIa-vCcOEecVjT2rFnAfOTkJsBIFvOPdCWhUSpan0LAu1vMtiggGsLVUUISXVkoI7rKpzrp94ZxBIUwr6a8CVYD-1Qt3jdnzzeRkUwzw91deG-qGM2-m1J5WDjwd-gKQLvaJxzduM1brriulKlhsVuBmrH_P7fNJ2Rf8zlmvJpnTlI5aHAfRggVJ2IL9TbTTtqhA==&nojs=0&ix=0&t=0&x=1600&y=1200&wcks=1&wgl=1&cnvs=1&os=0&md=0&bb=0&pl=Chrome%20PDF%20Plugin::Chrome%20PDF%20Viewer::Native%20Client&lang=en-US&pf=Linux%20x86_64&cd=24&0&pload=102
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
45.133.44.3 Philadelphia, United States, ASN39572 (ADVANCEDHOSTERS-AS, NL),
Reverse DNS
Software
nginx/1.18.0 /
Resource Hash
dccc56b4834577790633f041a5c730b0f283352e63c8509a9da3961b170b6f96

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36
Accept-Language
nl-NL,nl;q=0.9

Response headers

date
Fri, 03 Dec 2021 16:22:55 GMT
content-type
text/html; charset=utf-8
content-length
6611
server
nginx/1.18.0
last-modified
Tue, 26 Oct 2021 15:52:40 GMT
etag
f46a63e0e4e733d7ddc6f46da00863bf
x-timestamp
1635263559.76455
x-trans-id
txf9973ab5455e4f86ae257-00617824f3
x-openstack-request-id
txf9973ab5455e4f86ae257-00617824f3
cache-control
max-age=172800
access-control-allow-origin
*
access-control-allow-methods
HEAD,GET,POST,PUT,PATCH,DELETE,OPTIONS
access-control-allow-headers
Content-Type,X-Requested-With,X-Auth-Token,X-Openstack-Request-Id,X-Container-Meta-type,X-Container-Meta-Temp-URL-Key,Authorization
access-control-expose-headers
X-Container-Meta-Temp-Url-Key,X-Container-Bytes-Used,Last-Modified,X-Timestamp
expires
Sun, 05 Dec 2021 16:22:55 GMT
vary
Accept-Encoding
x-proxy-cache
HIT
accept-ranges
bytes
dupa.gif
kneeansweras.com/ 		0
0
script.js
123.selornews.com/dannig/common-player-arrow/ 		4 KB
5 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://123.selornews.com/dannig/common-player-arrow/script.js?a=19
Requested by
Host: 517s61.reminews.com
URL: https://517s61.reminews.com/dannig/common-player-arrow/index.html?var=1541502&ymid=2112031122a32af811618841d3a1beecbb6f&rc=1&mrc=0&fsc=0&zoneid=1601571&tburl=https://play-vids.com/?geo=nl&proxy=true
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
45.133.44.4 Philadelphia, United States, ASN39572 (ADVANCEDHOSTERS-AS, NL),
Reverse DNS
Software
nginx/1.18.0 /
Resource Hash
4d23eca65ee87fd5bce9aaefc863c5f836ad13dbb3069c72533bddfe2054d0d9

Request headers

Accept-Language
nl-NL,nl;q=0.9
Referer
https://517s61.reminews.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date
Fri, 03 Dec 2021 16:22:55 GMT
x-openstack-request-id
tx511d3042704c4fa98c709-00617824f4
x-trans-id
tx511d3042704c4fa98c709-00617824f4
x-timestamp
1631013005.68768
accept-ranges
bytes
expires
Sun, 05 Dec 2021 16:22:55 GMT
last-modified
Tue, 07 Sep 2021 11:10:06 GMT
server
nginx/1.18.0
etag
9d479878f1dadd7ee15cebf73891e8ae
vary
Accept-Encoding
access-control-allow-methods
HEAD,GET,POST,PUT,PATCH,DELETE,OPTIONS
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
access-control-expose-headers
X-Container-Meta-Temp-Url-Key,X-Container-Bytes-Used,Last-Modified,X-Timestamp
cache-control
max-age=172800
content-length
4281
access-control-allow-headers
Content-Type,X-Requested-With,X-Auth-Token,X-Openstack-Request-Id,X-Container-Meta-type,X-Container-Meta-Temp-URL-Key,Authorization
x-proxy-cache
HIT
icon1.png
123.selornews.com/dannig/common-player-arrow/img/ 		7 KB
8 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://123.selornews.com/dannig/common-player-arrow/img/icon1.png
Requested by
Host: 517s61.reminews.com
URL: https://517s61.reminews.com/dannig/common-player-arrow/index.html?var=1541502&ymid=2112031122a32af811618841d3a1beecbb6f&rc=1&mrc=0&fsc=0&zoneid=1601571&tburl=https://play-vids.com/?geo=nl&proxy=true
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
45.133.44.4 Philadelphia, United States, ASN39572 (ADVANCEDHOSTERS-AS, NL),
Reverse DNS
Software
nginx/1.18.0 /
Resource Hash

Request headers

Accept-Language
nl-NL,nl;q=0.9
Referer
https://517s61.reminews.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date
Fri, 03 Dec 2021 16:22:55 GMT
x-openstack-request-id
tx3a371b7f911d47879e956-00617824f4
x-trans-id
tx3a371b7f911d47879e956-00617824f4
x-timestamp
1621260766.56573
accept-ranges
bytes
expires
Sun, 05 Dec 2021 16:22:55 GMT
last-modified
Mon, 17 May 2021 14:12:47 GMT
server
nginx/1.18.0
etag
3d0ab5834c8bf7134e4d21fa3288317f
vary
Accept-Encoding
access-control-allow-methods
HEAD,GET,POST,PUT,PATCH,DELETE,OPTIONS
content-type
image/png
access-control-allow-origin
*
access-control-expose-headers
X-Container-Meta-Temp-Url-Key,X-Container-Bytes-Used,Last-Modified,X-Timestamp
cache-control
max-age=172800
content-length
7252
access-control-allow-headers
Content-Type,X-Requested-With,X-Auth-Token,X-Openstack-Request-Id,X-Container-Meta-type,X-Container-Meta-Temp-URL-Key,Authorization
x-proxy-cache
HIT
icon2.png
123.selornews.com/dannig/common-player-arrow/img/ 		4 KB
5 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://123.selornews.com/dannig/common-player-arrow/img/icon2.png
Requested by
Host: 517s61.reminews.com
URL: https://517s61.reminews.com/dannig/common-player-arrow/index.html?var=1541502&ymid=2112031122a32af811618841d3a1beecbb6f&rc=1&mrc=0&fsc=0&zoneid=1601571&tburl=https://play-vids.com/?geo=nl&proxy=true
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
45.133.44.4 Philadelphia, United States, ASN39572 (ADVANCEDHOSTERS-AS, NL),
Reverse DNS
Software
nginx/1.18.0 /
Resource Hash

Request headers

Accept-Language
nl-NL,nl;q=0.9
Referer
https://517s61.reminews.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date
Fri, 03 Dec 2021 16:22:55 GMT
x-openstack-request-id
txa9b08c83d6884e2e94886-00617824f0
x-trans-id
txa9b08c83d6884e2e94886-00617824f0
x-timestamp
1621260766.58366
accept-ranges
bytes
expires
Sun, 05 Dec 2021 16:22:55 GMT
last-modified
Mon, 17 May 2021 14:12:47 GMT
server
nginx/1.18.0
etag
c947d439eb93367f1af5b2a3d222f057
vary
Accept-Encoding
access-control-allow-methods
HEAD,GET,POST,PUT,PATCH,DELETE,OPTIONS
content-type
image/png
access-control-allow-origin
*
access-control-expose-headers
X-Container-Meta-Temp-Url-Key,X-Container-Bytes-Used,Last-Modified,X-Timestamp
cache-control
max-age=172800
content-length
4576
access-control-allow-headers
Content-Type,X-Requested-With,X-Auth-Token,X-Openstack-Request-Id,X-Container-Meta-type,X-Container-Meta-Temp-URL-Key,Authorization
x-proxy-cache
HIT
icon3.png
123.selornews.com/dannig/common-player-arrow/img/ 		8 KB
8 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://123.selornews.com/dannig/common-player-arrow/img/icon3.png
Requested by
Host: 517s61.reminews.com
URL: https://517s61.reminews.com/dannig/common-player-arrow/index.html?var=1541502&ymid=2112031122a32af811618841d3a1beecbb6f&rc=1&mrc=0&fsc=0&zoneid=1601571&tburl=https://play-vids.com/?geo=nl&proxy=true
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
45.133.44.4 Philadelphia, United States, ASN39572 (ADVANCEDHOSTERS-AS, NL),
Reverse DNS
Software
nginx/1.18.0 /
Resource Hash

Request headers

Accept-Language
nl-NL,nl;q=0.9
Referer
https://517s61.reminews.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date
Fri, 03 Dec 2021 16:22:55 GMT
x-openstack-request-id
txe836bc800dc74cab8c17e-00617824f0
x-trans-id
txe836bc800dc74cab8c17e-00617824f0
x-timestamp
1621260770.61859
accept-ranges
bytes
expires
Sun, 05 Dec 2021 16:22:55 GMT
last-modified
Mon, 17 May 2021 14:12:51 GMT
server
nginx/1.18.0
etag
8f3cc830da0b1fdf66bda7d1d734747b
vary
Accept-Encoding
access-control-allow-methods
HEAD,GET,POST,PUT,PATCH,DELETE,OPTIONS
content-type
image/png
access-control-allow-origin
*
access-control-expose-headers
X-Container-Meta-Temp-Url-Key,X-Container-Bytes-Used,Last-Modified,X-Timestamp
cache-control
max-age=172800
content-length
7847
access-control-allow-headers
Content-Type,X-Requested-With,X-Auth-Token,X-Openstack-Request-Id,X-Container-Meta-type,X-Container-Meta-Temp-URL-Key,Authorization
x-proxy-cache
HIT
icon4.png
123.selornews.com/dannig/common-player-arrow/img/ 		7 KB
7 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://123.selornews.com/dannig/common-player-arrow/img/icon4.png
Requested by
Host: 517s61.reminews.com
URL: https://517s61.reminews.com/dannig/common-player-arrow/index.html?var=1541502&ymid=2112031122a32af811618841d3a1beecbb6f&rc=1&mrc=0&fsc=0&zoneid=1601571&tburl=https://play-vids.com/?geo=nl&proxy=true
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
45.133.44.4 Philadelphia, United States, ASN39572 (ADVANCEDHOSTERS-AS, NL),
Reverse DNS
Software
nginx/1.18.0 /
Resource Hash

Request headers

Accept-Language
nl-NL,nl;q=0.9
Referer
https://517s61.reminews.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date
Fri, 03 Dec 2021 16:22:55 GMT
x-openstack-request-id
tx15b172dcb6084849bf123-00617824f0
x-trans-id
tx15b172dcb6084849bf123-00617824f0
x-timestamp
1621260766.57654
accept-ranges
bytes
expires
Sun, 05 Dec 2021 16:22:55 GMT
last-modified
Mon, 17 May 2021 14:12:47 GMT
server
nginx/1.18.0
etag
7ad7f32c1c0df7b4975cc41bda4ac435
vary
Accept-Encoding
access-control-allow-methods
HEAD,GET,POST,PUT,PATCH,DELETE,OPTIONS
content-type
image/png
access-control-allow-origin
*
access-control-expose-headers
X-Container-Meta-Temp-Url-Key,X-Container-Bytes-Used,Last-Modified,X-Timestamp
cache-control
max-age=172800
content-length
7032
access-control-allow-headers
Content-Type,X-Requested-With,X-Auth-Token,X-Openstack-Request-Id,X-Container-Meta-type,X-Container-Meta-Temp-URL-Key,Authorization
x-proxy-cache
HIT
icon5.png
123.selornews.com/dannig/common-player-arrow/img/ 		3 KB
4 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://123.selornews.com/dannig/common-player-arrow/img/icon5.png
Requested by
Host: 517s61.reminews.com
URL: https://517s61.reminews.com/dannig/common-player-arrow/index.html?var=1541502&ymid=2112031122a32af811618841d3a1beecbb6f&rc=1&mrc=0&fsc=0&zoneid=1601571&tburl=https://play-vids.com/?geo=nl&proxy=true
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
45.133.44.4 Philadelphia, United States, ASN39572 (ADVANCEDHOSTERS-AS, NL),
Reverse DNS
Software
nginx/1.18.0 /
Resource Hash

Request headers

Accept-Language
nl-NL,nl;q=0.9
Referer
https://517s61.reminews.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date
Fri, 03 Dec 2021 16:22:55 GMT
x-openstack-request-id
txb5043e51fe2e4d6988631-00617824f0
x-trans-id
txb5043e51fe2e4d6988631-00617824f0
x-timestamp
1621260766.74516
accept-ranges
bytes
expires
Sun, 05 Dec 2021 16:22:55 GMT
last-modified
Mon, 17 May 2021 14:12:47 GMT
server
nginx/1.18.0
etag
1e1a7582b5da63e10485d63f97abc9a0
vary
Accept-Encoding
access-control-allow-methods
HEAD,GET,POST,PUT,PATCH,DELETE,OPTIONS
content-type
image/png
access-control-allow-origin
*
access-control-expose-headers
X-Container-Meta-Temp-Url-Key,X-Container-Bytes-Used,Last-Modified,X-Timestamp
cache-control
max-age=172800
content-length
3264
access-control-allow-headers
Content-Type,X-Requested-With,X-Auth-Token,X-Openstack-Request-Id,X-Container-Meta-type,X-Container-Meta-Temp-URL-Key,Authorization
x-proxy-cache
HIT
icon7.png
123.selornews.com/dannig/common-player-arrow/img/ 		3 KB
4 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://123.selornews.com/dannig/common-player-arrow/img/icon7.png
Requested by
Host: 517s61.reminews.com
URL: https://517s61.reminews.com/dannig/common-player-arrow/index.html?var=1541502&ymid=2112031122a32af811618841d3a1beecbb6f&rc=1&mrc=0&fsc=0&zoneid=1601571&tburl=https://play-vids.com/?geo=nl&proxy=true
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
45.133.44.4 Philadelphia, United States, ASN39572 (ADVANCEDHOSTERS-AS, NL),
Reverse DNS
Software
nginx/1.18.0 /
Resource Hash

Request headers

Accept-Language
nl-NL,nl;q=0.9
Referer
https://517s61.reminews.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date
Fri, 03 Dec 2021 16:22:55 GMT
x-openstack-request-id
tx23eb648f44094a9e86fdc-00617824f0
x-trans-id
tx23eb648f44094a9e86fdc-00617824f0
x-timestamp
1621260767.43555
accept-ranges
bytes
expires
Sun, 05 Dec 2021 16:22:55 GMT
last-modified
Mon, 17 May 2021 14:12:48 GMT
server
nginx/1.18.0
etag
b512735542cb07b3b2dcf153a7dfe456
vary
Accept-Encoding
access-control-allow-methods
HEAD,GET,POST,PUT,PATCH,DELETE,OPTIONS
content-type
image/png
access-control-allow-origin
*
access-control-expose-headers
X-Container-Meta-Temp-Url-Key,X-Container-Bytes-Used,Last-Modified,X-Timestamp
cache-control
max-age=172800
content-length
3283
access-control-allow-headers
Content-Type,X-Requested-With,X-Auth-Token,X-Openstack-Request-Id,X-Container-Meta-type,X-Container-Meta-Temp-URL-Key,Authorization
x-proxy-cache
HIT
icon8.png
123.selornews.com/dannig/common-player-arrow/img/ 		4 KB
5 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://123.selornews.com/dannig/common-player-arrow/img/icon8.png
Requested by
Host: 517s61.reminews.com
URL: https://517s61.reminews.com/dannig/common-player-arrow/index.html?var=1541502&ymid=2112031122a32af811618841d3a1beecbb6f&rc=1&mrc=0&fsc=0&zoneid=1601571&tburl=https://play-vids.com/?geo=nl&proxy=true
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
45.133.44.4 Philadelphia, United States, ASN39572 (ADVANCEDHOSTERS-AS, NL),
Reverse DNS
Software
nginx/1.18.0 /
Resource Hash

Request headers

Accept-Language
nl-NL,nl;q=0.9
Referer
https://517s61.reminews.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date
Fri, 03 Dec 2021 16:22:55 GMT
x-openstack-request-id
tx287de7c84de84b77b385d-00617824f0
x-trans-id
tx287de7c84de84b77b385d-00617824f0
x-timestamp
1621260767.46514
accept-ranges
bytes
expires
Sun, 05 Dec 2021 16:22:55 GMT
last-modified
Mon, 17 May 2021 14:12:48 GMT
server
nginx/1.18.0
etag
f92d6474ebc6a3a0b576749cfb4afe98
vary
Accept-Encoding
access-control-allow-methods
HEAD,GET,POST,PUT,PATCH,DELETE,OPTIONS
content-type
image/png
access-control-allow-origin
*
access-control-expose-headers
X-Container-Meta-Temp-Url-Key,X-Container-Bytes-Used,Last-Modified,X-Timestamp
cache-control
max-age=172800
content-length
4064
access-control-allow-headers
Content-Type,X-Requested-With,X-Auth-Token,X-Openstack-Request-Id,X-Container-Meta-type,X-Container-Meta-Temp-URL-Key,Authorization
x-proxy-cache
HIT
afu.php
kneeansweras.com/ 		2 KB
1 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://kneeansweras.com/afu.php?zoneid=1541501&var=1541502
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
109.206.162.83 , Netherlands, ASN50245 (SERVEREL-AS, NL),
Reverse DNS
83.162.serverel.net
Software
nginx /
Resource Hash
8854f8cf3ff8479e7ee16746156c682ca2f30fe0ff1e117d1dd40746671bb06b

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36
Accept-Language
nl-NL,nl;q=0.9

Response headers

server
nginx
date
Fri, 03 Dec 2021 16:22:55 GMT
content-type
text/html; charset=utf-8
vary
Accept-Encoding
content-encoding
gzip
timing-allow-origin
*
submit.min.js
kneeansweras.com/ 		34 KB
14 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://kneeansweras.com/submit.min.js?2.0
Requested by
Host: kneeansweras.com
URL: https://kneeansweras.com/afu.php?zoneid=1541501&var=1541502
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
109.206.162.83 , Netherlands, ASN50245 (SERVEREL-AS, NL),
Reverse DNS
83.162.serverel.net
Software
nginx /
Resource Hash
85a367f436675a0f9ff723ab117c68ab0f704cd9f183bc40c8d5e06d647832b8

Request headers

Accept-Language
nl-NL,nl;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date
Fri, 03 Dec 2021 16:22:55 GMT
content-encoding
gzip
last-modified
Thu, 02 Dec 2021 12:43:17 GMT
server
nginx
etag
W/"61a8bf65-87fb"
vary
Accept-Encoding
content-type
application/javascript
timing-allow-origin
*
/
kneeansweras.com/ 		3 KB
2 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://kneeansweras.com/?r=dir&zoneid=1541501&var=1541502&pb=d9f19068a3e4545e4569751e8929ea6f1638555775&psp=DdzPkoCeAdYLKOVwDg1HfeGANUmg-NAb9gnyaUnU50YJ5eunIMfxyIE2w30OD893QAV0il9f3o2bfAafdxai_hnBb__rE8bXw-ZuVVnPOI05Y36Dj3xDD8xp2msv9gr9NQjnAh1dtWLmOCU5LWAOgDj7HEqVfdOQQVR-TvHc7TNZ1XtN7FyPTUnT3FSJAwsT6lESLBevPlazXGogYb27RG_xO_qt1FbYRYBZGpaNM26Q95ex9QZLv9aiqfsV6HIxvnqcV9TSYFFWIzR6cfmyxO_EYJnr8EGmaEQ0-N8uOQd_FwMJE3j0Sr7D1pCZ-8QWdMSrmzu4U6hgv5sv8CfvZMo0NZRSLGMjR1mmgYA8Rq-l6ImXVJBynC-JVnZpW3_71QOuOghaFLUWaoxF-zEQTKh3ChIzrEty9-bgi9h8fKYlHcEt9uLkAxOKgX1Q3xxQsYjwth2habkx_8TiiMFurCfvnnyAIqgtPAqGA1V2hMDtYBHqejKxItk4BWMSM61NVhibe6UKwDtow6MsDGFi2ISEtG3Ivp4HEoVXRwFtGBuGZSd5seHmpy8smkRVqUH20tIU6byIkfFL-9SIQ5ESYgV2YbF9hy2UFVlYn0oHOvEgL3fprk3NkjfINzgHkbOrbUa_97pPBDTf6W46xryq7Z2V0meCFh2RYXsQ8uNXwV0G6M_fZkHWkQ==&nojs=0&ix=0&t=0&x=1600&y=1200&wcks=1&wgl=1&cnvs=1&os=0&md=0&bb=0&pl=Chrome%20PDF%20Plugin::Chrome%20PDF%20Viewer::Native%20Client&lang=en-US&pf=Linux%20x86_64&cd=24&0&pload=109
Requested by
Host: kneeansweras.com
URL: https://kneeansweras.com/submit.min.js?2.0
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
109.206.162.83 , Netherlands, ASN50245 (SERVEREL-AS, NL),
Reverse DNS
83.162.serverel.net
Software
nginx /
Resource Hash
7d44b27c3f793c246e47967b5ce25f2018f23d2c62db2c1e092bb8fd8573bda5

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36
Accept-Language
nl-NL,nl;q=0.9

Response headers

server
nginx
date
Fri, 03 Dec 2021 16:22:55 GMT
content-type
text/html; charset=utf-8
vary
Accept-Encoding
content-encoding
gzip
timing-allow-origin
*
index.html
517s61.reminews.com/dannig/common-player-arrow/ 		6 KB
7 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://517s61.reminews.com/dannig/common-player-arrow/index.html?var=1541501&ymid=21120311222fb379fdfb7242f892a4c34ad6&rc=1&mrc=0&fsc=0&zoneid=1601571&tburl=https://play-vids.com/?geo=nl&proxy=true
Requested by
Host: kneeansweras.com
URL: https://kneeansweras.com/?r=dir&zoneid=1541501&var=1541502&pb=d9f19068a3e4545e4569751e8929ea6f1638555775&psp=DdzPkoCeAdYLKOVwDg1HfeGANUmg-NAb9gnyaUnU50YJ5eunIMfxyIE2w30OD893QAV0il9f3o2bfAafdxai_hnBb__rE8bXw-ZuVVnPOI05Y36Dj3xDD8xp2msv9gr9NQjnAh1dtWLmOCU5LWAOgDj7HEqVfdOQQVR-TvHc7TNZ1XtN7FyPTUnT3FSJAwsT6lESLBevPlazXGogYb27RG_xO_qt1FbYRYBZGpaNM26Q95ex9QZLv9aiqfsV6HIxvnqcV9TSYFFWIzR6cfmyxO_EYJnr8EGmaEQ0-N8uOQd_FwMJE3j0Sr7D1pCZ-8QWdMSrmzu4U6hgv5sv8CfvZMo0NZRSLGMjR1mmgYA8Rq-l6ImXVJBynC-JVnZpW3_71QOuOghaFLUWaoxF-zEQTKh3ChIzrEty9-bgi9h8fKYlHcEt9uLkAxOKgX1Q3xxQsYjwth2habkx_8TiiMFurCfvnnyAIqgtPAqGA1V2hMDtYBHqejKxItk4BWMSM61NVhibe6UKwDtow6MsDGFi2ISEtG3Ivp4HEoVXRwFtGBuGZSd5seHmpy8smkRVqUH20tIU6byIkfFL-9SIQ5ESYgV2YbF9hy2UFVlYn0oHOvEgL3fprk3NkjfINzgHkbOrbUa_97pPBDTf6W46xryq7Z2V0meCFh2RYXsQ8uNXwV0G6M_fZkHWkQ==&nojs=0&ix=0&t=0&x=1600&y=1200&wcks=1&wgl=1&cnvs=1&os=0&md=0&bb=0&pl=Chrome%20PDF%20Plugin::Chrome%20PDF%20Viewer::Native%20Client&lang=en-US&pf=Linux%20x86_64&cd=24&0&pload=109
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
45.133.44.3 Philadelphia, United States, ASN39572 (ADVANCEDHOSTERS-AS, NL),
Reverse DNS
Software
nginx/1.18.0 /
Resource Hash
dccc56b4834577790633f041a5c730b0f283352e63c8509a9da3961b170b6f96

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36
Accept-Language
nl-NL,nl;q=0.9

Response headers

date
Fri, 03 Dec 2021 16:22:55 GMT
content-type
text/html; charset=utf-8
content-length
6611
server
nginx/1.18.0
last-modified
Tue, 26 Oct 2021 15:52:40 GMT
etag
f46a63e0e4e733d7ddc6f46da00863bf
x-timestamp
1635263559.76455
x-trans-id
txf9973ab5455e4f86ae257-00617824f3
x-openstack-request-id
txf9973ab5455e4f86ae257-00617824f3
cache-control
max-age=172800
access-control-allow-origin
*
access-control-allow-methods
HEAD,GET,POST,PUT,PATCH,DELETE,OPTIONS
access-control-allow-headers
Content-Type,X-Requested-With,X-Auth-Token,X-Openstack-Request-Id,X-Container-Meta-type,X-Container-Meta-Temp-URL-Key,Authorization
access-control-expose-headers
X-Container-Meta-Temp-Url-Key,X-Container-Bytes-Used,Last-Modified,X-Timestamp
expires
Sun, 05 Dec 2021 16:22:55 GMT
vary
Accept-Encoding
x-proxy-cache
HIT
accept-ranges
bytes
dupa.gif
kneeansweras.com/ 		0
0
script.js
123.selornews.com/dannig/common-player-arrow/ 		4 KB
5 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://123.selornews.com/dannig/common-player-arrow/script.js?a=19
Requested by
Host: 517s61.reminews.com
URL: https://517s61.reminews.com/dannig/common-player-arrow/index.html?var=1541501&ymid=21120311222fb379fdfb7242f892a4c34ad6&rc=1&mrc=0&fsc=0&zoneid=1601571&tburl=https://play-vids.com/?geo=nl&proxy=true
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
45.133.44.4 Philadelphia, United States, ASN39572 (ADVANCEDHOSTERS-AS, NL),
Reverse DNS
Software
nginx/1.18.0 /
Resource Hash
4d23eca65ee87fd5bce9aaefc863c5f836ad13dbb3069c72533bddfe2054d0d9

Request headers

Accept-Language
nl-NL,nl;q=0.9
Referer
https://517s61.reminews.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date
Fri, 03 Dec 2021 16:22:55 GMT
x-openstack-request-id
tx511d3042704c4fa98c709-00617824f4
x-trans-id
tx511d3042704c4fa98c709-00617824f4
x-timestamp
1631013005.68768
accept-ranges
bytes
expires
Sun, 05 Dec 2021 16:22:55 GMT
last-modified
Tue, 07 Sep 2021 11:10:06 GMT
server
nginx/1.18.0
etag
9d479878f1dadd7ee15cebf73891e8ae
vary
Accept-Encoding
access-control-allow-methods
HEAD,GET,POST,PUT,PATCH,DELETE,OPTIONS
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
access-control-expose-headers
X-Container-Meta-Temp-Url-Key,X-Container-Bytes-Used,Last-Modified,X-Timestamp
cache-control
max-age=172800
content-length
4281
access-control-allow-headers
Content-Type,X-Requested-With,X-Auth-Token,X-Openstack-Request-Id,X-Container-Meta-type,X-Container-Meta-Temp-URL-Key,Authorization
x-proxy-cache
HIT
icon1.png
123.selornews.com/dannig/common-player-arrow/img/ 		7 KB
8 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://123.selornews.com/dannig/common-player-arrow/img/icon1.png
Requested by
Host: 517s61.reminews.com
URL: https://517s61.reminews.com/dannig/common-player-arrow/index.html?var=1541501&ymid=21120311222fb379fdfb7242f892a4c34ad6&rc=1&mrc=0&fsc=0&zoneid=1601571&tburl=https://play-vids.com/?geo=nl&proxy=true
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
45.133.44.4 Philadelphia, United States, ASN39572 (ADVANCEDHOSTERS-AS, NL),
Reverse DNS
Software
nginx/1.18.0 /
Resource Hash

Request headers

Accept-Language
nl-NL,nl;q=0.9
Referer
https://517s61.reminews.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date
Fri, 03 Dec 2021 16:22:55 GMT
x-openstack-request-id
tx3a371b7f911d47879e956-00617824f4
x-trans-id
tx3a371b7f911d47879e956-00617824f4
x-timestamp
1621260766.56573
accept-ranges
bytes
expires
Sun, 05 Dec 2021 16:22:55 GMT
last-modified
Mon, 17 May 2021 14:12:47 GMT
server
nginx/1.18.0
etag
3d0ab5834c8bf7134e4d21fa3288317f
vary
Accept-Encoding
access-control-allow-methods
HEAD,GET,POST,PUT,PATCH,DELETE,OPTIONS
content-type
image/png
access-control-allow-origin
*
access-control-expose-headers
X-Container-Meta-Temp-Url-Key,X-Container-Bytes-Used,Last-Modified,X-Timestamp
cache-control
max-age=172800
content-length
7252
access-control-allow-headers
Content-Type,X-Requested-With,X-Auth-Token,X-Openstack-Request-Id,X-Container-Meta-type,X-Container-Meta-Temp-URL-Key,Authorization
x-proxy-cache
HIT
icon2.png
123.selornews.com/dannig/common-player-arrow/img/ 		4 KB
5 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://123.selornews.com/dannig/common-player-arrow/img/icon2.png
Requested by
Host: 517s61.reminews.com
URL: https://517s61.reminews.com/dannig/common-player-arrow/index.html?var=1541501&ymid=21120311222fb379fdfb7242f892a4c34ad6&rc=1&mrc=0&fsc=0&zoneid=1601571&tburl=https://play-vids.com/?geo=nl&proxy=true
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
45.133.44.4 Philadelphia, United States, ASN39572 (ADVANCEDHOSTERS-AS, NL),
Reverse DNS
Software
nginx/1.18.0 /
Resource Hash

Request headers

Accept-Language
nl-NL,nl;q=0.9
Referer
https://517s61.reminews.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date
Fri, 03 Dec 2021 16:22:55 GMT
x-openstack-request-id
txa9b08c83d6884e2e94886-00617824f0
x-trans-id
txa9b08c83d6884e2e94886-00617824f0
x-timestamp
1621260766.58366
accept-ranges
bytes
expires
Sun, 05 Dec 2021 16:22:55 GMT
last-modified
Mon, 17 May 2021 14:12:47 GMT
server
nginx/1.18.0
etag
c947d439eb93367f1af5b2a3d222f057
vary
Accept-Encoding
access-control-allow-methods
HEAD,GET,POST,PUT,PATCH,DELETE,OPTIONS
content-type
image/png
access-control-allow-origin
*
access-control-expose-headers
X-Container-Meta-Temp-Url-Key,X-Container-Bytes-Used,Last-Modified,X-Timestamp
cache-control
max-age=172800
content-length
4576
access-control-allow-headers
Content-Type,X-Requested-With,X-Auth-Token,X-Openstack-Request-Id,X-Container-Meta-type,X-Container-Meta-Temp-URL-Key,Authorization
x-proxy-cache
HIT
icon3.png
123.selornews.com/dannig/common-player-arrow/img/ 		8 KB
8 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://123.selornews.com/dannig/common-player-arrow/img/icon3.png
Requested by
Host: 517s61.reminews.com
URL: https://517s61.reminews.com/dannig/common-player-arrow/index.html?var=1541501&ymid=21120311222fb379fdfb7242f892a4c34ad6&rc=1&mrc=0&fsc=0&zoneid=1601571&tburl=https://play-vids.com/?geo=nl&proxy=true
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
45.133.44.4 Philadelphia, United States, ASN39572 (ADVANCEDHOSTERS-AS, NL),
Reverse DNS
Software
nginx/1.18.0 /
Resource Hash

Request headers

Accept-Language
nl-NL,nl;q=0.9
Referer
https://517s61.reminews.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date
Fri, 03 Dec 2021 16:22:55 GMT
x-openstack-request-id
txe836bc800dc74cab8c17e-00617824f0
x-trans-id
txe836bc800dc74cab8c17e-00617824f0
x-timestamp
1621260770.61859
accept-ranges
bytes
expires
Sun, 05 Dec 2021 16:22:55 GMT
last-modified
Mon, 17 May 2021 14:12:51 GMT
server
nginx/1.18.0
etag
8f3cc830da0b1fdf66bda7d1d734747b
vary
Accept-Encoding
access-control-allow-methods
HEAD,GET,POST,PUT,PATCH,DELETE,OPTIONS
content-type
image/png
access-control-allow-origin
*
access-control-expose-headers
X-Container-Meta-Temp-Url-Key,X-Container-Bytes-Used,Last-Modified,X-Timestamp
cache-control
max-age=172800
content-length
7847
access-control-allow-headers
Content-Type,X-Requested-With,X-Auth-Token,X-Openstack-Request-Id,X-Container-Meta-type,X-Container-Meta-Temp-URL-Key,Authorization
x-proxy-cache
HIT
icon4.png
123.selornews.com/dannig/common-player-arrow/img/ 		7 KB
7 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://123.selornews.com/dannig/common-player-arrow/img/icon4.png
Requested by
Host: 517s61.reminews.com
URL: https://517s61.reminews.com/dannig/common-player-arrow/index.html?var=1541501&ymid=21120311222fb379fdfb7242f892a4c34ad6&rc=1&mrc=0&fsc=0&zoneid=1601571&tburl=https://play-vids.com/?geo=nl&proxy=true
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
45.133.44.4 Philadelphia, United States, ASN39572 (ADVANCEDHOSTERS-AS, NL),
Reverse DNS
Software
nginx/1.18.0 /
Resource Hash

Request headers

Accept-Language
nl-NL,nl;q=0.9
Referer
https://517s61.reminews.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date
Fri, 03 Dec 2021 16:22:55 GMT
x-openstack-request-id
tx15b172dcb6084849bf123-00617824f0
x-trans-id
tx15b172dcb6084849bf123-00617824f0
x-timestamp
1621260766.57654
accept-ranges
bytes
expires
Sun, 05 Dec 2021 16:22:55 GMT
last-modified
Mon, 17 May 2021 14:12:47 GMT
server
nginx/1.18.0
etag
7ad7f32c1c0df7b4975cc41bda4ac435
vary
Accept-Encoding
access-control-allow-methods
HEAD,GET,POST,PUT,PATCH,DELETE,OPTIONS
content-type
image/png
access-control-allow-origin
*
access-control-expose-headers
X-Container-Meta-Temp-Url-Key,X-Container-Bytes-Used,Last-Modified,X-Timestamp
cache-control
max-age=172800
content-length
7032
access-control-allow-headers
Content-Type,X-Requested-With,X-Auth-Token,X-Openstack-Request-Id,X-Container-Meta-type,X-Container-Meta-Temp-URL-Key,Authorization
x-proxy-cache
HIT
icon5.png
123.selornews.com/dannig/common-player-arrow/img/ 		3 KB
4 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://123.selornews.com/dannig/common-player-arrow/img/icon5.png
Requested by
Host: 517s61.reminews.com
URL: https://517s61.reminews.com/dannig/common-player-arrow/index.html?var=1541501&ymid=21120311222fb379fdfb7242f892a4c34ad6&rc=1&mrc=0&fsc=0&zoneid=1601571&tburl=https://play-vids.com/?geo=nl&proxy=true
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
45.133.44.4 Philadelphia, United States, ASN39572 (ADVANCEDHOSTERS-AS, NL),
Reverse DNS
Software
nginx/1.18.0 /
Resource Hash

Request headers

Accept-Language
nl-NL,nl;q=0.9
Referer
https://517s61.reminews.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date
Fri, 03 Dec 2021 16:22:55 GMT
x-openstack-request-id
txb5043e51fe2e4d6988631-00617824f0
x-trans-id
txb5043e51fe2e4d6988631-00617824f0
x-timestamp
1621260766.74516
accept-ranges
bytes
expires
Sun, 05 Dec 2021 16:22:55 GMT
last-modified
Mon, 17 May 2021 14:12:47 GMT
server
nginx/1.18.0
etag
1e1a7582b5da63e10485d63f97abc9a0
vary
Accept-Encoding
access-control-allow-methods
HEAD,GET,POST,PUT,PATCH,DELETE,OPTIONS
content-type
image/png
access-control-allow-origin
*
access-control-expose-headers
X-Container-Meta-Temp-Url-Key,X-Container-Bytes-Used,Last-Modified,X-Timestamp
cache-control
max-age=172800
content-length
3264
access-control-allow-headers
Content-Type,X-Requested-With,X-Auth-Token,X-Openstack-Request-Id,X-Container-Meta-type,X-Container-Meta-Temp-URL-Key,Authorization
x-proxy-cache
HIT
icon7.png
123.selornews.com/dannig/common-player-arrow/img/ 		3 KB
4 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://123.selornews.com/dannig/common-player-arrow/img/icon7.png
Requested by
Host: 517s61.reminews.com
URL: https://517s61.reminews.com/dannig/common-player-arrow/index.html?var=1541501&ymid=21120311222fb379fdfb7242f892a4c34ad6&rc=1&mrc=0&fsc=0&zoneid=1601571&tburl=https://play-vids.com/?geo=nl&proxy=true
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
45.133.44.4 Philadelphia, United States, ASN39572 (ADVANCEDHOSTERS-AS, NL),
Reverse DNS
Software
nginx/1.18.0 /
Resource Hash

Request headers

Accept-Language
nl-NL,nl;q=0.9
Referer
https://517s61.reminews.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date
Fri, 03 Dec 2021 16:22:55 GMT
x-openstack-request-id
tx23eb648f44094a9e86fdc-00617824f0
x-trans-id
tx23eb648f44094a9e86fdc-00617824f0
x-timestamp
1621260767.43555
accept-ranges
bytes
expires
Sun, 05 Dec 2021 16:22:55 GMT
last-modified
Mon, 17 May 2021 14:12:48 GMT
server
nginx/1.18.0
etag
b512735542cb07b3b2dcf153a7dfe456
vary
Accept-Encoding
access-control-allow-methods
HEAD,GET,POST,PUT,PATCH,DELETE,OPTIONS
content-type
image/png
access-control-allow-origin
*
access-control-expose-headers
X-Container-Meta-Temp-Url-Key,X-Container-Bytes-Used,Last-Modified,X-Timestamp
cache-control
max-age=172800
content-length
3283
access-control-allow-headers
Content-Type,X-Requested-With,X-Auth-Token,X-Openstack-Request-Id,X-Container-Meta-type,X-Container-Meta-Temp-URL-Key,Authorization
x-proxy-cache
HIT
icon8.png
123.selornews.com/dannig/common-player-arrow/img/ 		4 KB
5 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://123.selornews.com/dannig/common-player-arrow/img/icon8.png
Requested by
Host: 517s61.reminews.com
URL: https://517s61.reminews.com/dannig/common-player-arrow/index.html?var=1541501&ymid=21120311222fb379fdfb7242f892a4c34ad6&rc=1&mrc=0&fsc=0&zoneid=1601571&tburl=https://play-vids.com/?geo=nl&proxy=true
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
45.133.44.4 Philadelphia, United States, ASN39572 (ADVANCEDHOSTERS-AS, NL),
Reverse DNS
Software
nginx/1.18.0 /
Resource Hash

Request headers

Accept-Language
nl-NL,nl;q=0.9
Referer
https://517s61.reminews.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date
Fri, 03 Dec 2021 16:22:55 GMT
x-openstack-request-id
tx287de7c84de84b77b385d-00617824f0
x-trans-id
tx287de7c84de84b77b385d-00617824f0
x-timestamp
1621260767.46514
accept-ranges
bytes
expires
Sun, 05 Dec 2021 16:22:55 GMT
last-modified
Mon, 17 May 2021 14:12:48 GMT
server
nginx/1.18.0
etag
f92d6474ebc6a3a0b576749cfb4afe98
vary
Accept-Encoding
access-control-allow-methods
HEAD,GET,POST,PUT,PATCH,DELETE,OPTIONS
content-type
image/png
access-control-allow-origin
*
access-control-expose-headers
X-Container-Meta-Temp-Url-Key,X-Container-Bytes-Used,Last-Modified,X-Timestamp
cache-control
max-age=172800
content-length
4064
access-control-allow-headers
Content-Type,X-Requested-With,X-Auth-Token,X-Openstack-Request-Id,X-Container-Meta-type,X-Container-Meta-Temp-URL-Key,Authorization
x-proxy-cache
HIT
afu.php
kneeansweras.com/ 		2 KB
1 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://kneeansweras.com/afu.php?zoneid=1541502&var=1541501
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
109.206.162.83 , Netherlands, ASN50245 (SERVEREL-AS, NL),
Reverse DNS
83.162.serverel.net
Software
nginx /
Resource Hash
cbf67d92819fa6cb40556e421fc1f63ba28b01b34aaab28f055056b15dc7248d

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36
Accept-Language
nl-NL,nl;q=0.9

Response headers

server
nginx
date
Fri, 03 Dec 2021 16:22:55 GMT
content-type
text/html; charset=utf-8
vary
Accept-Encoding
content-encoding
gzip
timing-allow-origin
*
submit.min.js
kneeansweras.com/ 		34 KB
14 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://kneeansweras.com/submit.min.js?2.0
Requested by
Host: kneeansweras.com
URL: https://kneeansweras.com/afu.php?zoneid=1541502&var=1541501
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
109.206.162.83 , Netherlands, ASN50245 (SERVEREL-AS, NL),
Reverse DNS
83.162.serverel.net
Software
nginx /
Resource Hash
85a367f436675a0f9ff723ab117c68ab0f704cd9f183bc40c8d5e06d647832b8

Request headers

Accept-Language
nl-NL,nl;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date
Fri, 03 Dec 2021 16:22:55 GMT
content-encoding
gzip
last-modified
Thu, 02 Dec 2021 12:43:17 GMT
server
nginx
etag
W/"61a8bf65-87fb"
vary
Accept-Encoding
content-type
application/javascript
timing-allow-origin
*
/
kneeansweras.com/ 		3 KB
2 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://kneeansweras.com/?r=dir&zoneid=1541502&var=1541501&pb=d9f19068a3e4545e4569751e8929ea6f1638555775&psp=Aqe9Omoxjr1P3g-YPy3qGnHK4SHIoPjszbqmB2n7Yff_bT9uK0TXQZEr-4Kbf2MCoFnzXBKEOh-rKS_t20IShvDQeVAYgSbDa6cnNRI3o8e_cm3ULsTEyJGTzJT6Kuf9goHja7xTDw7VA7RxiaoV_9i2NQIscHMv-iJFdmQtgf7CvjYJ4-p1D5-Qtfxu5l7CIxf45q_16RyDKxEc-yrRqgIparHWLjvEGgQfd5FknUqO-fYQHb885CP_xElTJFpo_HxJSRi4tHr3Q8MnQRbW3FkblEe-VSf2fNw9hs6RTgATqL2t-8stoXn1416MYHLeKCfGgmIYsfOm0OMGkf54gNXw3mEYP4kRthAU3r7_oHKAePALA6fbADSlKcWfSAIAfcIEs22a5OJ79W-zSWNc5yXMljlx3ChbCm2bEKRci2zQV4aeXu9aWRY_NnYhb2NmehfDjRcyYGRwI4Frzvd8P6H-2DYVd9LSub7Q-g_x-RICGOtKhdRiMu1kp2O1QUBZ3sPHHDYeuwD1gzQwRn2KrZtqgFArJfKsu3JV0d_v9sbLGJ5-t4m0NZY_AFQvx6blpXMZ9BzXnNEjPO_ULIsMGQzWb4-371DpYb8_9okWYyxz04DkFb66iWrFv0_xgwpBsX9O6-F_YOZilLasfCic9UxeHINMqyvvMezwhhgoq__jXeLic5aX5A==&nojs=0&ix=0&t=0&x=1600&y=1200&wcks=1&wgl=1&cnvs=1&os=0&md=0&bb=0&pl=Chrome%20PDF%20Plugin::Chrome%20PDF%20Viewer::Native%20Client&lang=en-US&pf=Linux%20x86_64&cd=24&0&pload=101
Requested by
Host: kneeansweras.com
URL: https://kneeansweras.com/submit.min.js?2.0
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
109.206.162.83 , Netherlands, ASN50245 (SERVEREL-AS, NL),
Reverse DNS
83.162.serverel.net
Software
nginx /
Resource Hash
f383b2ad17ccb6377a742714df79da952c5d4ce761ca740bb8dfa483324b7173

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36
Accept-Language
nl-NL,nl;q=0.9

Response headers

server
nginx
date
Fri, 03 Dec 2021 16:22:55 GMT
content-type
text/html; charset=utf-8
vary
Accept-Encoding
content-encoding
gzip
timing-allow-origin
*
index.html
517s61.reminews.com/dannig/common-player-arrow/ 		6 KB
7 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://517s61.reminews.com/dannig/common-player-arrow/index.html?var=1541502&ymid=2112031122dc3b9fc316784b8481fda9e0cc&rc=1&mrc=0&fsc=0&zoneid=1601571&tburl=https://play-vids.com/?geo=nl&proxy=true
Requested by
Host: kneeansweras.com
URL: https://kneeansweras.com/?r=dir&zoneid=1541502&var=1541501&pb=d9f19068a3e4545e4569751e8929ea6f1638555775&psp=Aqe9Omoxjr1P3g-YPy3qGnHK4SHIoPjszbqmB2n7Yff_bT9uK0TXQZEr-4Kbf2MCoFnzXBKEOh-rKS_t20IShvDQeVAYgSbDa6cnNRI3o8e_cm3ULsTEyJGTzJT6Kuf9goHja7xTDw7VA7RxiaoV_9i2NQIscHMv-iJFdmQtgf7CvjYJ4-p1D5-Qtfxu5l7CIxf45q_16RyDKxEc-yrRqgIparHWLjvEGgQfd5FknUqO-fYQHb885CP_xElTJFpo_HxJSRi4tHr3Q8MnQRbW3FkblEe-VSf2fNw9hs6RTgATqL2t-8stoXn1416MYHLeKCfGgmIYsfOm0OMGkf54gNXw3mEYP4kRthAU3r7_oHKAePALA6fbADSlKcWfSAIAfcIEs22a5OJ79W-zSWNc5yXMljlx3ChbCm2bEKRci2zQV4aeXu9aWRY_NnYhb2NmehfDjRcyYGRwI4Frzvd8P6H-2DYVd9LSub7Q-g_x-RICGOtKhdRiMu1kp2O1QUBZ3sPHHDYeuwD1gzQwRn2KrZtqgFArJfKsu3JV0d_v9sbLGJ5-t4m0NZY_AFQvx6blpXMZ9BzXnNEjPO_ULIsMGQzWb4-371DpYb8_9okWYyxz04DkFb66iWrFv0_xgwpBsX9O6-F_YOZilLasfCic9UxeHINMqyvvMezwhhgoq__jXeLic5aX5A==&nojs=0&ix=0&t=0&x=1600&y=1200&wcks=1&wgl=1&cnvs=1&os=0&md=0&bb=0&pl=Chrome%20PDF%20Plugin::Chrome%20PDF%20Viewer::Native%20Client&lang=en-US&pf=Linux%20x86_64&cd=24&0&pload=101
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
45.133.44.3 Philadelphia, United States, ASN39572 (ADVANCEDHOSTERS-AS, NL),
Reverse DNS
Software
nginx/1.18.0 /
Resource Hash
dccc56b4834577790633f041a5c730b0f283352e63c8509a9da3961b170b6f96

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36
Accept-Language
nl-NL,nl;q=0.9

Response headers

date
Fri, 03 Dec 2021 16:22:55 GMT
content-type
text/html; charset=utf-8
content-length
6611
server
nginx/1.18.0
last-modified
Tue, 26 Oct 2021 15:52:40 GMT
etag
f46a63e0e4e733d7ddc6f46da00863bf
x-timestamp
1635263559.76455
x-trans-id
txf9973ab5455e4f86ae257-00617824f3
x-openstack-request-id
txf9973ab5455e4f86ae257-00617824f3
cache-control
max-age=172800
access-control-allow-origin
*
access-control-allow-methods
HEAD,GET,POST,PUT,PATCH,DELETE,OPTIONS
access-control-allow-headers
Content-Type,X-Requested-With,X-Auth-Token,X-Openstack-Request-Id,X-Container-Meta-type,X-Container-Meta-Temp-URL-Key,Authorization
access-control-expose-headers
X-Container-Meta-Temp-Url-Key,X-Container-Bytes-Used,Last-Modified,X-Timestamp
expires
Sun, 05 Dec 2021 16:22:55 GMT
vary
Accept-Encoding
x-proxy-cache
HIT
accept-ranges
bytes
dupa.gif
kneeansweras.com/ 		0
0
script.js
123.selornews.com/dannig/common-player-arrow/ 		4 KB
5 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://123.selornews.com/dannig/common-player-arrow/script.js?a=19
Requested by
Host: 517s61.reminews.com
URL: https://517s61.reminews.com/dannig/common-player-arrow/index.html?var=1541502&ymid=2112031122dc3b9fc316784b8481fda9e0cc&rc=1&mrc=0&fsc=0&zoneid=1601571&tburl=https://play-vids.com/?geo=nl&proxy=true
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
45.133.44.4 Philadelphia, United States, ASN39572 (ADVANCEDHOSTERS-AS, NL),
Reverse DNS
Software
nginx/1.18.0 /
Resource Hash
4d23eca65ee87fd5bce9aaefc863c5f836ad13dbb3069c72533bddfe2054d0d9

Request headers

Accept-Language
nl-NL,nl;q=0.9
Referer
https://517s61.reminews.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date
Fri, 03 Dec 2021 16:22:55 GMT
x-openstack-request-id
tx511d3042704c4fa98c709-00617824f4
x-trans-id
tx511d3042704c4fa98c709-00617824f4
x-timestamp
1631013005.68768
accept-ranges
bytes
expires
Sun, 05 Dec 2021 16:22:55 GMT
last-modified
Tue, 07 Sep 2021 11:10:06 GMT
server
nginx/1.18.0
etag
9d479878f1dadd7ee15cebf73891e8ae
vary
Accept-Encoding
access-control-allow-methods
HEAD,GET,POST,PUT,PATCH,DELETE,OPTIONS
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
access-control-expose-headers
X-Container-Meta-Temp-Url-Key,X-Container-Bytes-Used,Last-Modified,X-Timestamp
cache-control
max-age=172800
content-length
4281
access-control-allow-headers
Content-Type,X-Requested-With,X-Auth-Token,X-Openstack-Request-Id,X-Container-Meta-type,X-Container-Meta-Temp-URL-Key,Authorization
x-proxy-cache
HIT
icon1.png
123.selornews.com/dannig/common-player-arrow/img/ 		7 KB
8 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://123.selornews.com/dannig/common-player-arrow/img/icon1.png
Requested by
Host: 517s61.reminews.com
URL: https://517s61.reminews.com/dannig/common-player-arrow/index.html?var=1541502&ymid=2112031122dc3b9fc316784b8481fda9e0cc&rc=1&mrc=0&fsc=0&zoneid=1601571&tburl=https://play-vids.com/?geo=nl&proxy=true
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
45.133.44.4 Philadelphia, United States, ASN39572 (ADVANCEDHOSTERS-AS, NL),
Reverse DNS
Software
nginx/1.18.0 /
Resource Hash
0515ddd9185d263874e7b66bb6d521fcd63b857aac5fed51c08df98026dafe27

Request headers

Accept-Language
nl-NL,nl;q=0.9
Referer
https://517s61.reminews.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date
Fri, 03 Dec 2021 16:22:55 GMT
x-openstack-request-id
tx3a371b7f911d47879e956-00617824f4
x-trans-id
tx3a371b7f911d47879e956-00617824f4
x-timestamp
1621260766.56573
accept-ranges
bytes
expires
Sun, 05 Dec 2021 16:22:55 GMT
last-modified
Mon, 17 May 2021 14:12:47 GMT
server
nginx/1.18.0
etag
3d0ab5834c8bf7134e4d21fa3288317f
vary
Accept-Encoding
access-control-allow-methods
HEAD,GET,POST,PUT,PATCH,DELETE,OPTIONS
content-type
image/png
access-control-allow-origin
*
access-control-expose-headers
X-Container-Meta-Temp-Url-Key,X-Container-Bytes-Used,Last-Modified,X-Timestamp
cache-control
max-age=172800
content-length
7252
access-control-allow-headers
Content-Type,X-Requested-With,X-Auth-Token,X-Openstack-Request-Id,X-Container-Meta-type,X-Container-Meta-Temp-URL-Key,Authorization
x-proxy-cache
HIT
icon2.png
123.selornews.com/dannig/common-player-arrow/img/ 		4 KB
5 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://123.selornews.com/dannig/common-player-arrow/img/icon2.png
Requested by
Host: 517s61.reminews.com
URL: https://517s61.reminews.com/dannig/common-player-arrow/index.html?var=1541502&ymid=2112031122dc3b9fc316784b8481fda9e0cc&rc=1&mrc=0&fsc=0&zoneid=1601571&tburl=https://play-vids.com/?geo=nl&proxy=true
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
45.133.44.4 Philadelphia, United States, ASN39572 (ADVANCEDHOSTERS-AS, NL),
Reverse DNS
Software
nginx/1.18.0 /
Resource Hash

Request headers

Accept-Language
nl-NL,nl;q=0.9
Referer
https://517s61.reminews.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date
Fri, 03 Dec 2021 16:22:55 GMT
x-openstack-request-id
txa9b08c83d6884e2e94886-00617824f0
x-trans-id
txa9b08c83d6884e2e94886-00617824f0
x-timestamp
1621260766.58366
accept-ranges
bytes
expires
Sun, 05 Dec 2021 16:22:55 GMT
last-modified
Mon, 17 May 2021 14:12:47 GMT
server
nginx/1.18.0
etag
c947d439eb93367f1af5b2a3d222f057
vary
Accept-Encoding
access-control-allow-methods
HEAD,GET,POST,PUT,PATCH,DELETE,OPTIONS
content-type
image/png
access-control-allow-origin
*
access-control-expose-headers
X-Container-Meta-Temp-Url-Key,X-Container-Bytes-Used,Last-Modified,X-Timestamp
cache-control
max-age=172800
content-length
4576
access-control-allow-headers
Content-Type,X-Requested-With,X-Auth-Token,X-Openstack-Request-Id,X-Container-Meta-type,X-Container-Meta-Temp-URL-Key,Authorization
x-proxy-cache
HIT
icon3.png
123.selornews.com/dannig/common-player-arrow/img/ 		8 KB
8 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://123.selornews.com/dannig/common-player-arrow/img/icon3.png
Requested by
Host: 517s61.reminews.com
URL: https://517s61.reminews.com/dannig/common-player-arrow/index.html?var=1541502&ymid=2112031122dc3b9fc316784b8481fda9e0cc&rc=1&mrc=0&fsc=0&zoneid=1601571&tburl=https://play-vids.com/?geo=nl&proxy=true
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
45.133.44.4 Philadelphia, United States, ASN39572 (ADVANCEDHOSTERS-AS, NL),
Reverse DNS
Software
nginx/1.18.0 /
Resource Hash

Request headers

Accept-Language
nl-NL,nl;q=0.9
Referer
https://517s61.reminews.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date
Fri, 03 Dec 2021 16:22:55 GMT
x-openstack-request-id
txe836bc800dc74cab8c17e-00617824f0
x-trans-id
txe836bc800dc74cab8c17e-00617824f0
x-timestamp
1621260770.61859
accept-ranges
bytes
expires
Sun, 05 Dec 2021 16:22:55 GMT
last-modified
Mon, 17 May 2021 14:12:51 GMT
server
nginx/1.18.0
etag
8f3cc830da0b1fdf66bda7d1d734747b
vary
Accept-Encoding
access-control-allow-methods
HEAD,GET,POST,PUT,PATCH,DELETE,OPTIONS
content-type
image/png
access-control-allow-origin
*
access-control-expose-headers
X-Container-Meta-Temp-Url-Key,X-Container-Bytes-Used,Last-Modified,X-Timestamp
cache-control
max-age=172800
content-length
7847
access-control-allow-headers
Content-Type,X-Requested-With,X-Auth-Token,X-Openstack-Request-Id,X-Container-Meta-type,X-Container-Meta-Temp-URL-Key,Authorization
x-proxy-cache
HIT
icon4.png
123.selornews.com/dannig/common-player-arrow/img/ 		7 KB
7 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://123.selornews.com/dannig/common-player-arrow/img/icon4.png
Requested by
Host: 517s61.reminews.com
URL: https://517s61.reminews.com/dannig/common-player-arrow/index.html?var=1541502&ymid=2112031122dc3b9fc316784b8481fda9e0cc&rc=1&mrc=0&fsc=0&zoneid=1601571&tburl=https://play-vids.com/?geo=nl&proxy=true
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
45.133.44.4 Philadelphia, United States, ASN39572 (ADVANCEDHOSTERS-AS, NL),
Reverse DNS
Software
nginx/1.18.0 /
Resource Hash

Request headers

Accept-Language
nl-NL,nl;q=0.9
Referer
https://517s61.reminews.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date
Fri, 03 Dec 2021 16:22:55 GMT
x-openstack-request-id
tx15b172dcb6084849bf123-00617824f0
x-trans-id
tx15b172dcb6084849bf123-00617824f0
x-timestamp
1621260766.57654
accept-ranges
bytes
expires
Sun, 05 Dec 2021 16:22:55 GMT
last-modified
Mon, 17 May 2021 14:12:47 GMT
server
nginx/1.18.0
etag
7ad7f32c1c0df7b4975cc41bda4ac435
vary
Accept-Encoding
access-control-allow-methods
HEAD,GET,POST,PUT,PATCH,DELETE,OPTIONS
content-type
image/png
access-control-allow-origin
*
access-control-expose-headers
X-Container-Meta-Temp-Url-Key,X-Container-Bytes-Used,Last-Modified,X-Timestamp
cache-control
max-age=172800
content-length
7032
access-control-allow-headers
Content-Type,X-Requested-With,X-Auth-Token,X-Openstack-Request-Id,X-Container-Meta-type,X-Container-Meta-Temp-URL-Key,Authorization
x-proxy-cache
HIT
icon5.png
123.selornews.com/dannig/common-player-arrow/img/ 		3 KB
4 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://123.selornews.com/dannig/common-player-arrow/img/icon5.png
Requested by
Host: 517s61.reminews.com
URL: https://517s61.reminews.com/dannig/common-player-arrow/index.html?var=1541502&ymid=2112031122dc3b9fc316784b8481fda9e0cc&rc=1&mrc=0&fsc=0&zoneid=1601571&tburl=https://play-vids.com/?geo=nl&proxy=true
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
45.133.44.4 Philadelphia, United States, ASN39572 (ADVANCEDHOSTERS-AS, NL),
Reverse DNS
Software
nginx/1.18.0 /
Resource Hash

Request headers

Accept-Language
nl-NL,nl;q=0.9
Referer
https://517s61.reminews.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date
Fri, 03 Dec 2021 16:22:55 GMT
x-openstack-request-id
txb5043e51fe2e4d6988631-00617824f0
x-trans-id
txb5043e51fe2e4d6988631-00617824f0
x-timestamp
1621260766.74516
accept-ranges
bytes
expires
Sun, 05 Dec 2021 16:22:55 GMT
last-modified
Mon, 17 May 2021 14:12:47 GMT
server
nginx/1.18.0
etag
1e1a7582b5da63e10485d63f97abc9a0
vary
Accept-Encoding
access-control-allow-methods
HEAD,GET,POST,PUT,PATCH,DELETE,OPTIONS
content-type
image/png
access-control-allow-origin
*
access-control-expose-headers
X-Container-Meta-Temp-Url-Key,X-Container-Bytes-Used,Last-Modified,X-Timestamp
cache-control
max-age=172800
content-length
3264
access-control-allow-headers
Content-Type,X-Requested-With,X-Auth-Token,X-Openstack-Request-Id,X-Container-Meta-type,X-Container-Meta-Temp-URL-Key,Authorization
x-proxy-cache
HIT
icon7.png
123.selornews.com/dannig/common-player-arrow/img/ 		3 KB
4 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://123.selornews.com/dannig/common-player-arrow/img/icon7.png
Requested by
Host: 517s61.reminews.com
URL: https://517s61.reminews.com/dannig/common-player-arrow/index.html?var=1541502&ymid=2112031122dc3b9fc316784b8481fda9e0cc&rc=1&mrc=0&fsc=0&zoneid=1601571&tburl=https://play-vids.com/?geo=nl&proxy=true
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
45.133.44.4 Philadelphia, United States, ASN39572 (ADVANCEDHOSTERS-AS, NL),
Reverse DNS
Software
nginx/1.18.0 /
Resource Hash

Request headers

Accept-Language
nl-NL,nl;q=0.9
Referer
https://517s61.reminews.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date
Fri, 03 Dec 2021 16:22:55 GMT
x-openstack-request-id
tx23eb648f44094a9e86fdc-00617824f0
x-trans-id
tx23eb648f44094a9e86fdc-00617824f0
x-timestamp
1621260767.43555
accept-ranges
bytes
expires
Sun, 05 Dec 2021 16:22:55 GMT
last-modified
Mon, 17 May 2021 14:12:48 GMT
server
nginx/1.18.0
etag
b512735542cb07b3b2dcf153a7dfe456
vary
Accept-Encoding
access-control-allow-methods
HEAD,GET,POST,PUT,PATCH,DELETE,OPTIONS
content-type
image/png
access-control-allow-origin
*
access-control-expose-headers
X-Container-Meta-Temp-Url-Key,X-Container-Bytes-Used,Last-Modified,X-Timestamp
cache-control
max-age=172800
content-length
3283
access-control-allow-headers
Content-Type,X-Requested-With,X-Auth-Token,X-Openstack-Request-Id,X-Container-Meta-type,X-Container-Meta-Temp-URL-Key,Authorization
x-proxy-cache
HIT
icon8.png
123.selornews.com/dannig/common-player-arrow/img/ 		4 KB
5 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://123.selornews.com/dannig/common-player-arrow/img/icon8.png
Requested by
Host: 517s61.reminews.com
URL: https://517s61.reminews.com/dannig/common-player-arrow/index.html?var=1541502&ymid=2112031122dc3b9fc316784b8481fda9e0cc&rc=1&mrc=0&fsc=0&zoneid=1601571&tburl=https://play-vids.com/?geo=nl&proxy=true
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
45.133.44.4 Philadelphia, United States, ASN39572 (ADVANCEDHOSTERS-AS, NL),
Reverse DNS
Software
nginx/1.18.0 /
Resource Hash

Request headers

Accept-Language
nl-NL,nl;q=0.9
Referer
https://517s61.reminews.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date
Fri, 03 Dec 2021 16:22:55 GMT
x-openstack-request-id
tx287de7c84de84b77b385d-00617824f0
x-trans-id
tx287de7c84de84b77b385d-00617824f0
x-timestamp
1621260767.46514
accept-ranges
bytes
expires
Sun, 05 Dec 2021 16:22:55 GMT
last-modified
Mon, 17 May 2021 14:12:48 GMT
server
nginx/1.18.0
etag
f92d6474ebc6a3a0b576749cfb4afe98
vary
Accept-Encoding
access-control-allow-methods
HEAD,GET,POST,PUT,PATCH,DELETE,OPTIONS
content-type
image/png
access-control-allow-origin
*
access-control-expose-headers
X-Container-Meta-Temp-Url-Key,X-Container-Bytes-Used,Last-Modified,X-Timestamp
cache-control
max-age=172800
content-length
4064
access-control-allow-headers
Content-Type,X-Requested-With,X-Auth-Token,X-Openstack-Request-Id,X-Container-Meta-type,X-Container-Meta-Temp-URL-Key,Authorization
x-proxy-cache
HIT
afu.php
kneeansweras.com/ 		2 KB
1 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://kneeansweras.com/afu.php?zoneid=1541501&var=1541502
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
109.206.162.83 , Netherlands, ASN50245 (SERVEREL-AS, NL),
Reverse DNS
83.162.serverel.net
Software
nginx /
Resource Hash
9ed2a76ced20941f16df65060f6b3256f23886f6dabdc27c3deaa3f66ad42f8d

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36
Accept-Language
nl-NL,nl;q=0.9

Response headers

server
nginx
date
Fri, 03 Dec 2021 16:22:55 GMT
content-type
text/html; charset=utf-8
vary
Accept-Encoding
content-encoding
gzip
timing-allow-origin
*
submit.min.js
kneeansweras.com/ 		34 KB
14 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://kneeansweras.com/submit.min.js?2.0
Requested by
Host: kneeansweras.com
URL: https://kneeansweras.com/afu.php?zoneid=1541501&var=1541502
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
109.206.162.83 , Netherlands, ASN50245 (SERVEREL-AS, NL),
Reverse DNS
83.162.serverel.net
Software
nginx /
Resource Hash
85a367f436675a0f9ff723ab117c68ab0f704cd9f183bc40c8d5e06d647832b8

Request headers

Accept-Language
nl-NL,nl;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date
Fri, 03 Dec 2021 16:22:55 GMT
content-encoding
gzip
last-modified
Thu, 02 Dec 2021 12:43:17 GMT
server
nginx
etag
W/"61a8bf65-87fb"
vary
Accept-Encoding
content-type
application/javascript
timing-allow-origin
*
/
kneeansweras.com/ 		3 KB
2 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://kneeansweras.com/?r=dir&zoneid=1541501&var=1541502&pb=d9f19068a3e4545e4569751e8929ea6f1638555775&psp=1j6r96Pi69dz18JeoufWWEDB70mgGm2cVVsiIO2bbOwuVJfyLmZJG1OTx_DnpP4Qap_Qq8HJwl70rlvED0ll4zqzCDpcCU0RWCxIxQ_-BYs81tW5hgVJP5IdflhmwhZMSfPBGoiQ-sJ5lJq0cWfkWlghu8x6Bb1tmAaGdoHe-5DK-EOlusWHGELZCPJ22vtRM69509d3i6Edtb-WAn-cmzaJ8uLD7FAZXlMrx8gryAUH-n46aahpo06DO96fX3bICU4etnJqo9cyaZR4d2Mo8o3syVGMMq8q-2DyoKqu0HTpdyVXD2ssIUxcyAPHtCFVMAOWEaWRFunJBSt80FvRpWe1D2gHb-KrZiAdVEEHqWkwJPCjb8umwr5oZLlPlEEkXjFoVb9cX0o9Z3sjOXLUQdpqSg2Pb1Mw6sOaAws-ZHKdEImy7lnAMvdwxPN_pEOHaliZ_rIDFTPGjIeclbsPYiXZ_LZzGrTdY5roT82ZXxf5UuuxhCkcbqbbWdEGbU2tseYDKvcuOPSTZDRdgIlKJ_UBSNoiNrnHUr54PLOHYXewlrWT80gnrLA63hCP5e4Cnl5sF5dwZqyOOtnOlpVWwTs-ClqNfK5JYnO3Se_MJgc-ZDtPYV9_b0sb4wENZ51l3mDM2TeuLkiQ3mG9XHW4lS5hAwCtzqTp4zhHtzwkTEqurtUPkhlbIA==&nojs=0&ix=0&t=0&x=1600&y=1200&wcks=1&wgl=1&cnvs=1&os=0&md=0&bb=0&pl=Chrome%20PDF%20Plugin::Chrome%20PDF%20Viewer::Native%20Client&lang=en-US&pf=Linux%20x86_64&cd=24&0&pload=102
Requested by
Host: kneeansweras.com
URL: https://kneeansweras.com/submit.min.js?2.0
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
109.206.162.83 , Netherlands, ASN50245 (SERVEREL-AS, NL),
Reverse DNS
83.162.serverel.net
Software
nginx /
Resource Hash
17d1fa76c9af7a3cd9281260a732e218ac743834e38fb6f6f626231668d0b0ec

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36
Accept-Language
nl-NL,nl;q=0.9

Response headers

server
nginx
date
Fri, 03 Dec 2021 16:22:55 GMT
content-type
text/html; charset=utf-8
vary
Accept-Encoding
content-encoding
gzip
timing-allow-origin
*
index.html
517s61.reminews.com/dannig/common-player-arrow/ 		6 KB
7 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://517s61.reminews.com/dannig/common-player-arrow/index.html?var=1541501&ymid=21120311222e047363c7e94ab495db4765ed&rc=1&mrc=0&fsc=0&zoneid=1601571&tburl=https://play-vids.com/?geo=nl&proxy=true
Requested by
Host: kneeansweras.com
URL: https://kneeansweras.com/?r=dir&zoneid=1541501&var=1541502&pb=d9f19068a3e4545e4569751e8929ea6f1638555775&psp=1j6r96Pi69dz18JeoufWWEDB70mgGm2cVVsiIO2bbOwuVJfyLmZJG1OTx_DnpP4Qap_Qq8HJwl70rlvED0ll4zqzCDpcCU0RWCxIxQ_-BYs81tW5hgVJP5IdflhmwhZMSfPBGoiQ-sJ5lJq0cWfkWlghu8x6Bb1tmAaGdoHe-5DK-EOlusWHGELZCPJ22vtRM69509d3i6Edtb-WAn-cmzaJ8uLD7FAZXlMrx8gryAUH-n46aahpo06DO96fX3bICU4etnJqo9cyaZR4d2Mo8o3syVGMMq8q-2DyoKqu0HTpdyVXD2ssIUxcyAPHtCFVMAOWEaWRFunJBSt80FvRpWe1D2gHb-KrZiAdVEEHqWkwJPCjb8umwr5oZLlPlEEkXjFoVb9cX0o9Z3sjOXLUQdpqSg2Pb1Mw6sOaAws-ZHKdEImy7lnAMvdwxPN_pEOHaliZ_rIDFTPGjIeclbsPYiXZ_LZzGrTdY5roT82ZXxf5UuuxhCkcbqbbWdEGbU2tseYDKvcuOPSTZDRdgIlKJ_UBSNoiNrnHUr54PLOHYXewlrWT80gnrLA63hCP5e4Cnl5sF5dwZqyOOtnOlpVWwTs-ClqNfK5JYnO3Se_MJgc-ZDtPYV9_b0sb4wENZ51l3mDM2TeuLkiQ3mG9XHW4lS5hAwCtzqTp4zhHtzwkTEqurtUPkhlbIA==&nojs=0&ix=0&t=0&x=1600&y=1200&wcks=1&wgl=1&cnvs=1&os=0&md=0&bb=0&pl=Chrome%20PDF%20Plugin::Chrome%20PDF%20Viewer::Native%20Client&lang=en-US&pf=Linux%20x86_64&cd=24&0&pload=102
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
45.133.44.3 Philadelphia, United States, ASN39572 (ADVANCEDHOSTERS-AS, NL),
Reverse DNS
Software
nginx/1.18.0 /
Resource Hash
dccc56b4834577790633f041a5c730b0f283352e63c8509a9da3961b170b6f96

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36
Accept-Language
nl-NL,nl;q=0.9

Response headers

date
Fri, 03 Dec 2021 16:22:55 GMT
content-type
text/html; charset=utf-8
content-length
6611
server
nginx/1.18.0
last-modified
Tue, 26 Oct 2021 15:52:40 GMT
etag
f46a63e0e4e733d7ddc6f46da00863bf
x-timestamp
1635263559.76455
x-trans-id
txf9973ab5455e4f86ae257-00617824f3
x-openstack-request-id
txf9973ab5455e4f86ae257-00617824f3
cache-control
max-age=172800
access-control-allow-origin
*
access-control-allow-methods
HEAD,GET,POST,PUT,PATCH,DELETE,OPTIONS
access-control-allow-headers
Content-Type,X-Requested-With,X-Auth-Token,X-Openstack-Request-Id,X-Container-Meta-type,X-Container-Meta-Temp-URL-Key,Authorization
access-control-expose-headers
X-Container-Meta-Temp-Url-Key,X-Container-Bytes-Used,Last-Modified,X-Timestamp
expires
Sun, 05 Dec 2021 16:22:55 GMT
vary
Accept-Encoding
x-proxy-cache
HIT
accept-ranges
bytes
dupa.gif
kneeansweras.com/ 		0
0
script.js
123.selornews.com/dannig/common-player-arrow/ 		4 KB
5 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://123.selornews.com/dannig/common-player-arrow/script.js?a=19
Requested by
Host: 517s61.reminews.com
URL: https://517s61.reminews.com/dannig/common-player-arrow/index.html?var=1541501&ymid=21120311222e047363c7e94ab495db4765ed&rc=1&mrc=0&fsc=0&zoneid=1601571&tburl=https://play-vids.com/?geo=nl&proxy=true
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
45.133.44.4 Philadelphia, United States, ASN39572 (ADVANCEDHOSTERS-AS, NL),
Reverse DNS
Software
nginx/1.18.0 /
Resource Hash
4d23eca65ee87fd5bce9aaefc863c5f836ad13dbb3069c72533bddfe2054d0d9

Request headers

Accept-Language
nl-NL,nl;q=0.9
Referer
https://517s61.reminews.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date
Fri, 03 Dec 2021 16:22:55 GMT
x-openstack-request-id
tx511d3042704c4fa98c709-00617824f4
x-trans-id
tx511d3042704c4fa98c709-00617824f4
x-timestamp
1631013005.68768
accept-ranges
bytes
expires
Sun, 05 Dec 2021 16:22:55 GMT
last-modified
Tue, 07 Sep 2021 11:10:06 GMT
server
nginx/1.18.0
etag
9d479878f1dadd7ee15cebf73891e8ae
vary
Accept-Encoding
access-control-allow-methods
HEAD,GET,POST,PUT,PATCH,DELETE,OPTIONS
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
access-control-expose-headers
X-Container-Meta-Temp-Url-Key,X-Container-Bytes-Used,Last-Modified,X-Timestamp
cache-control
max-age=172800
content-length
4281
access-control-allow-headers
Content-Type,X-Requested-With,X-Auth-Token,X-Openstack-Request-Id,X-Container-Meta-type,X-Container-Meta-Temp-URL-Key,Authorization
x-proxy-cache
HIT
icon1.png
123.selornews.com/dannig/common-player-arrow/img/ 		7 KB
8 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://123.selornews.com/dannig/common-player-arrow/img/icon1.png
Requested by
Host: 517s61.reminews.com
URL: https://517s61.reminews.com/dannig/common-player-arrow/index.html?var=1541501&ymid=21120311222e047363c7e94ab495db4765ed&rc=1&mrc=0&fsc=0&zoneid=1601571&tburl=https://play-vids.com/?geo=nl&proxy=true
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
45.133.44.4 Philadelphia, United States, ASN39572 (ADVANCEDHOSTERS-AS, NL),
Reverse DNS
Software
nginx/1.18.0 /
Resource Hash
0515ddd9185d263874e7b66bb6d521fcd63b857aac5fed51c08df98026dafe27

Request headers

Accept-Language
nl-NL,nl;q=0.9
Referer
https://517s61.reminews.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date
Fri, 03 Dec 2021 16:22:55 GMT
x-openstack-request-id
tx3a371b7f911d47879e956-00617824f4
x-trans-id
tx3a371b7f911d47879e956-00617824f4
x-timestamp
1621260766.56573
accept-ranges
bytes
expires
Sun, 05 Dec 2021 16:22:55 GMT
last-modified
Mon, 17 May 2021 14:12:47 GMT
server
nginx/1.18.0
etag
3d0ab5834c8bf7134e4d21fa3288317f
vary
Accept-Encoding
access-control-allow-methods
HEAD,GET,POST,PUT,PATCH,DELETE,OPTIONS
content-type
image/png
access-control-allow-origin
*
access-control-expose-headers
X-Container-Meta-Temp-Url-Key,X-Container-Bytes-Used,Last-Modified,X-Timestamp
cache-control
max-age=172800
content-length
7252
access-control-allow-headers
Content-Type,X-Requested-With,X-Auth-Token,X-Openstack-Request-Id,X-Container-Meta-type,X-Container-Meta-Temp-URL-Key,Authorization
x-proxy-cache
HIT
icon2.png
123.selornews.com/dannig/common-player-arrow/img/ 		4 KB
5 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://123.selornews.com/dannig/common-player-arrow/img/icon2.png
Requested by
Host: 517s61.reminews.com
URL: https://517s61.reminews.com/dannig/common-player-arrow/index.html?var=1541501&ymid=21120311222e047363c7e94ab495db4765ed&rc=1&mrc=0&fsc=0&zoneid=1601571&tburl=https://play-vids.com/?geo=nl&proxy=true
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
45.133.44.4 Philadelphia, United States, ASN39572 (ADVANCEDHOSTERS-AS, NL),
Reverse DNS
Software
nginx/1.18.0 /
Resource Hash

Request headers

Accept-Language
nl-NL,nl;q=0.9
Referer
https://517s61.reminews.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date
Fri, 03 Dec 2021 16:22:55 GMT
x-openstack-request-id
txa9b08c83d6884e2e94886-00617824f0
x-trans-id
txa9b08c83d6884e2e94886-00617824f0
x-timestamp
1621260766.58366
accept-ranges
bytes
expires
Sun, 05 Dec 2021 16:22:55 GMT
last-modified
Mon, 17 May 2021 14:12:47 GMT
server
nginx/1.18.0
etag
c947d439eb93367f1af5b2a3d222f057
vary
Accept-Encoding
access-control-allow-methods
HEAD,GET,POST,PUT,PATCH,DELETE,OPTIONS
content-type
image/png
access-control-allow-origin
*
access-control-expose-headers
X-Container-Meta-Temp-Url-Key,X-Container-Bytes-Used,Last-Modified,X-Timestamp
cache-control
max-age=172800
content-length
4576
access-control-allow-headers
Content-Type,X-Requested-With,X-Auth-Token,X-Openstack-Request-Id,X-Container-Meta-type,X-Container-Meta-Temp-URL-Key,Authorization
x-proxy-cache
HIT
icon3.png
123.selornews.com/dannig/common-player-arrow/img/ 		8 KB
8 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://123.selornews.com/dannig/common-player-arrow/img/icon3.png
Requested by
Host: 517s61.reminews.com
URL: https://517s61.reminews.com/dannig/common-player-arrow/index.html?var=1541501&ymid=21120311222e047363c7e94ab495db4765ed&rc=1&mrc=0&fsc=0&zoneid=1601571&tburl=https://play-vids.com/?geo=nl&proxy=true
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
45.133.44.4 Philadelphia, United States, ASN39572 (ADVANCEDHOSTERS-AS, NL),
Reverse DNS
Software
nginx/1.18.0 /
Resource Hash

Request headers

Accept-Language
nl-NL,nl;q=0.9
Referer
https://517s61.reminews.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date
Fri, 03 Dec 2021 16:22:55 GMT
x-openstack-request-id
txe836bc800dc74cab8c17e-00617824f0
x-trans-id
txe836bc800dc74cab8c17e-00617824f0
x-timestamp
1621260770.61859
accept-ranges
bytes
expires
Sun, 05 Dec 2021 16:22:55 GMT
last-modified
Mon, 17 May 2021 14:12:51 GMT
server
nginx/1.18.0
etag
8f3cc830da0b1fdf66bda7d1d734747b
vary
Accept-Encoding
access-control-allow-methods
HEAD,GET,POST,PUT,PATCH,DELETE,OPTIONS
content-type
image/png
access-control-allow-origin
*
access-control-expose-headers
X-Container-Meta-Temp-Url-Key,X-Container-Bytes-Used,Last-Modified,X-Timestamp
cache-control
max-age=172800
content-length
7847
access-control-allow-headers
Content-Type,X-Requested-With,X-Auth-Token,X-Openstack-Request-Id,X-Container-Meta-type,X-Container-Meta-Temp-URL-Key,Authorization
x-proxy-cache
HIT
icon4.png
123.selornews.com/dannig/common-player-arrow/img/ 		7 KB
7 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://123.selornews.com/dannig/common-player-arrow/img/icon4.png
Requested by
Host: 517s61.reminews.com
URL: https://517s61.reminews.com/dannig/common-player-arrow/index.html?var=1541501&ymid=21120311222e047363c7e94ab495db4765ed&rc=1&mrc=0&fsc=0&zoneid=1601571&tburl=https://play-vids.com/?geo=nl&proxy=true
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
45.133.44.4 Philadelphia, United States, ASN39572 (ADVANCEDHOSTERS-AS, NL),
Reverse DNS
Software
nginx/1.18.0 /
Resource Hash

Request headers

Accept-Language
nl-NL,nl;q=0.9
Referer
https://517s61.reminews.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date
Fri, 03 Dec 2021 16:22:55 GMT
x-openstack-request-id
tx15b172dcb6084849bf123-00617824f0
x-trans-id
tx15b172dcb6084849bf123-00617824f0
x-timestamp
1621260766.57654
accept-ranges
bytes
expires
Sun, 05 Dec 2021 16:22:55 GMT
last-modified
Mon, 17 May 2021 14:12:47 GMT
server
nginx/1.18.0
etag
7ad7f32c1c0df7b4975cc41bda4ac435
vary
Accept-Encoding
access-control-allow-methods
HEAD,GET,POST,PUT,PATCH,DELETE,OPTIONS
content-type
image/png
access-control-allow-origin
*
access-control-expose-headers
X-Container-Meta-Temp-Url-Key,X-Container-Bytes-Used,Last-Modified,X-Timestamp
cache-control
max-age=172800
content-length
7032
access-control-allow-headers
Content-Type,X-Requested-With,X-Auth-Token,X-Openstack-Request-Id,X-Container-Meta-type,X-Container-Meta-Temp-URL-Key,Authorization
x-proxy-cache
HIT
icon5.png
123.selornews.com/dannig/common-player-arrow/img/ 		3 KB
4 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://123.selornews.com/dannig/common-player-arrow/img/icon5.png
Requested by
Host: 517s61.reminews.com
URL: https://517s61.reminews.com/dannig/common-player-arrow/index.html?var=1541501&ymid=21120311222e047363c7e94ab495db4765ed&rc=1&mrc=0&fsc=0&zoneid=1601571&tburl=https://play-vids.com/?geo=nl&proxy=true
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
45.133.44.4 Philadelphia, United States, ASN39572 (ADVANCEDHOSTERS-AS, NL),
Reverse DNS
Software
nginx/1.18.0 /
Resource Hash

Request headers

Accept-Language
nl-NL,nl;q=0.9
Referer
https://517s61.reminews.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date
Fri, 03 Dec 2021 16:22:55 GMT
x-openstack-request-id
txb5043e51fe2e4d6988631-00617824f0
x-trans-id
txb5043e51fe2e4d6988631-00617824f0
x-timestamp
1621260766.74516
accept-ranges
bytes
expires
Sun, 05 Dec 2021 16:22:55 GMT
last-modified
Mon, 17 May 2021 14:12:47 GMT
server
nginx/1.18.0
etag
1e1a7582b5da63e10485d63f97abc9a0
vary
Accept-Encoding
access-control-allow-methods
HEAD,GET,POST,PUT,PATCH,DELETE,OPTIONS
content-type
image/png
access-control-allow-origin
*
access-control-expose-headers
X-Container-Meta-Temp-Url-Key,X-Container-Bytes-Used,Last-Modified,X-Timestamp
cache-control
max-age=172800
content-length
3264
access-control-allow-headers
Content-Type,X-Requested-With,X-Auth-Token,X-Openstack-Request-Id,X-Container-Meta-type,X-Container-Meta-Temp-URL-Key,Authorization
x-proxy-cache
HIT
icon7.png
123.selornews.com/dannig/common-player-arrow/img/ 		3 KB
4 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://123.selornews.com/dannig/common-player-arrow/img/icon7.png
Requested by
Host: 517s61.reminews.com
URL: https://517s61.reminews.com/dannig/common-player-arrow/index.html?var=1541501&ymid=21120311222e047363c7e94ab495db4765ed&rc=1&mrc=0&fsc=0&zoneid=1601571&tburl=https://play-vids.com/?geo=nl&proxy=true
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
45.133.44.4 Philadelphia, United States, ASN39572 (ADVANCEDHOSTERS-AS, NL),
Reverse DNS
Software
nginx/1.18.0 /
Resource Hash

Request headers

Accept-Language
nl-NL,nl;q=0.9
Referer
https://517s61.reminews.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date
Fri, 03 Dec 2021 16:22:55 GMT
x-openstack-request-id
tx23eb648f44094a9e86fdc-00617824f0
x-trans-id
tx23eb648f44094a9e86fdc-00617824f0
x-timestamp
1621260767.43555
accept-ranges
bytes
expires
Sun, 05 Dec 2021 16:22:55 GMT
last-modified
Mon, 17 May 2021 14:12:48 GMT
server
nginx/1.18.0
etag
b512735542cb07b3b2dcf153a7dfe456
vary
Accept-Encoding
access-control-allow-methods
HEAD,GET,POST,PUT,PATCH,DELETE,OPTIONS
content-type
image/png
access-control-allow-origin
*
access-control-expose-headers
X-Container-Meta-Temp-Url-Key,X-Container-Bytes-Used,Last-Modified,X-Timestamp
cache-control
max-age=172800
content-length
3283
access-control-allow-headers
Content-Type,X-Requested-With,X-Auth-Token,X-Openstack-Request-Id,X-Container-Meta-type,X-Container-Meta-Temp-URL-Key,Authorization
x-proxy-cache
HIT
icon8.png
123.selornews.com/dannig/common-player-arrow/img/ 		4 KB
5 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://123.selornews.com/dannig/common-player-arrow/img/icon8.png
Requested by
Host: 517s61.reminews.com
URL: https://517s61.reminews.com/dannig/common-player-arrow/index.html?var=1541501&ymid=21120311222e047363c7e94ab495db4765ed&rc=1&mrc=0&fsc=0&zoneid=1601571&tburl=https://play-vids.com/?geo=nl&proxy=true
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
45.133.44.4 Philadelphia, United States, ASN39572 (ADVANCEDHOSTERS-AS, NL),
Reverse DNS
Software
nginx/1.18.0 /
Resource Hash

Request headers

Accept-Language
nl-NL,nl;q=0.9
Referer
https://517s61.reminews.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date
Fri, 03 Dec 2021 16:22:55 GMT
x-openstack-request-id
tx287de7c84de84b77b385d-00617824f0
x-trans-id
tx287de7c84de84b77b385d-00617824f0
x-timestamp
1621260767.46514
accept-ranges
bytes
expires
Sun, 05 Dec 2021 16:22:55 GMT
last-modified
Mon, 17 May 2021 14:12:48 GMT
server
nginx/1.18.0
etag
f92d6474ebc6a3a0b576749cfb4afe98
vary
Accept-Encoding
access-control-allow-methods
HEAD,GET,POST,PUT,PATCH,DELETE,OPTIONS
content-type
image/png
access-control-allow-origin
*
access-control-expose-headers
X-Container-Meta-Temp-Url-Key,X-Container-Bytes-Used,Last-Modified,X-Timestamp
cache-control
max-age=172800
content-length
4064
access-control-allow-headers
Content-Type,X-Requested-With,X-Auth-Token,X-Openstack-Request-Id,X-Container-Meta-type,X-Container-Meta-Temp-URL-Key,Authorization
x-proxy-cache
HIT
afu.php
kneeansweras.com/ 		2 KB
1 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://kneeansweras.com/afu.php?zoneid=1541502&var=1541501
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
109.206.162.83 , Netherlands, ASN50245 (SERVEREL-AS, NL),
Reverse DNS
83.162.serverel.net
Software
nginx /
Resource Hash
0a5fca16a2480125e21f80d962b09a39a65d6cb52260ee7ab12d02ffe84d4f1c

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36
Accept-Language
nl-NL,nl;q=0.9

Response headers

server
nginx
date
Fri, 03 Dec 2021 16:22:56 GMT
content-type
text/html; charset=utf-8
vary
Accept-Encoding
content-encoding
gzip
timing-allow-origin
*
submit.min.js
kneeansweras.com/ 		34 KB
14 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://kneeansweras.com/submit.min.js?2.0
Requested by
Host: kneeansweras.com
URL: https://kneeansweras.com/afu.php?zoneid=1541502&var=1541501
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
109.206.162.83 , Netherlands, ASN50245 (SERVEREL-AS, NL),
Reverse DNS
83.162.serverel.net
Software
nginx /
Resource Hash
85a367f436675a0f9ff723ab117c68ab0f704cd9f183bc40c8d5e06d647832b8

Request headers

Accept-Language
nl-NL,nl;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date
Fri, 03 Dec 2021 16:22:56 GMT
content-encoding
gzip
last-modified
Thu, 02 Dec 2021 12:43:17 GMT
server
nginx
etag
W/"61a8bf65-87fb"
vary
Accept-Encoding
content-type
application/javascript
timing-allow-origin
*
/
kneeansweras.com/ 		3 KB
2 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://kneeansweras.com/?r=dir&zoneid=1541502&var=1541501&pb=d9f19068a3e4545e4569751e8929ea6f1638555775&psp=vEUYU846uk4Yu21BUbxRzFuZFVr_v7MF_QeqXSNOa1up6QNUDSLrFwOhDlyv_beSs1jQGTB7aS8d3ubXrf22Jd9ZWMPvWRGb-jKyMOfPrRpHvosZnjW-JRvDOlH3ErIhJ109OYNSRWkHgiW2nuy0XBBIYXWgxP1DaomsgK00VP4sd789833qtneJEJwmrjkUOh-IKr5-PeqvklIwS6kXVCTX2U-VbB51GfC3VT7jV5BGD4zUBRfXDEKUP9GL6OdXADtpLgeaJQH2hHcOUVUx0ySZe8mzEr23bEiyLtFqXEsmr5XtMyigWL3JRqWr7p3MLEeWUy0YSJZv9ohCyrjAxKVfQ5X0ni4zVhvzMdOiYopZLzzgSCGnBEL1txx8DZibp_AurzijtbYaAPIbEvT-kPLZnK6BZfnwvYFFmSpqaDUXK6OZxsZvBv8YfnSFyA03_mluQtM5mdtBvBAO59qNx290TU6Bzk_-OcW2PckIUZV_5Dt12e5gabku5vm5lTFL7kAbiXwQTWMDh-lBGBvNrevU5aHdjR3w3rKwm5FWGFCqGJhSpmbtUw_n1lALyJi3HxOUzyuhGvw3OWIYRBIuPS22ICdng73qePA8-e_Epxu8We5n3jt8AaiuucTKNiRh6Q-oc6oOaQZP3oraHjjPDFasQEmokTSmjkaud4mQigPcbBRWFQrLKw==&nojs=0&ix=0&t=0&x=1600&y=1200&wcks=1&wgl=1&cnvs=1&os=0&md=0&bb=0&pl=Chrome%20PDF%20Plugin::Chrome%20PDF%20Viewer::Native%20Client&lang=en-US&pf=Linux%20x86_64&cd=24&0&pload=108
Requested by
Host: kneeansweras.com
URL: https://kneeansweras.com/submit.min.js?2.0
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
109.206.162.83 , Netherlands, ASN50245 (SERVEREL-AS, NL),
Reverse DNS
83.162.serverel.net
Software
nginx /
Resource Hash
448184115f3eb23819e82ce54bdc124c48550eb3373a3f256f2a9e89bae59c80

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36
Accept-Language
nl-NL,nl;q=0.9

Response headers

server
nginx
date
Fri, 03 Dec 2021 16:22:56 GMT
content-type
text/html; charset=utf-8
vary
Accept-Encoding
content-encoding
gzip
timing-allow-origin
*
index.html
517s61.reminews.com/dannig/common-player-arrow/ 		6 KB
7 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://517s61.reminews.com/dannig/common-player-arrow/index.html?var=1541502&ymid=2112031122465b1805ae4b4dffb788f5dcb2&rc=1&mrc=0&fsc=0&zoneid=1601571&tburl=https://play-vids.com/?geo=nl&proxy=true
Requested by
Host: kneeansweras.com
URL: https://kneeansweras.com/?r=dir&zoneid=1541502&var=1541501&pb=d9f19068a3e4545e4569751e8929ea6f1638555775&psp=vEUYU846uk4Yu21BUbxRzFuZFVr_v7MF_QeqXSNOa1up6QNUDSLrFwOhDlyv_beSs1jQGTB7aS8d3ubXrf22Jd9ZWMPvWRGb-jKyMOfPrRpHvosZnjW-JRvDOlH3ErIhJ109OYNSRWkHgiW2nuy0XBBIYXWgxP1DaomsgK00VP4sd789833qtneJEJwmrjkUOh-IKr5-PeqvklIwS6kXVCTX2U-VbB51GfC3VT7jV5BGD4zUBRfXDEKUP9GL6OdXADtpLgeaJQH2hHcOUVUx0ySZe8mzEr23bEiyLtFqXEsmr5XtMyigWL3JRqWr7p3MLEeWUy0YSJZv9ohCyrjAxKVfQ5X0ni4zVhvzMdOiYopZLzzgSCGnBEL1txx8DZibp_AurzijtbYaAPIbEvT-kPLZnK6BZfnwvYFFmSpqaDUXK6OZxsZvBv8YfnSFyA03_mluQtM5mdtBvBAO59qNx290TU6Bzk_-OcW2PckIUZV_5Dt12e5gabku5vm5lTFL7kAbiXwQTWMDh-lBGBvNrevU5aHdjR3w3rKwm5FWGFCqGJhSpmbtUw_n1lALyJi3HxOUzyuhGvw3OWIYRBIuPS22ICdng73qePA8-e_Epxu8We5n3jt8AaiuucTKNiRh6Q-oc6oOaQZP3oraHjjPDFasQEmokTSmjkaud4mQigPcbBRWFQrLKw==&nojs=0&ix=0&t=0&x=1600&y=1200&wcks=1&wgl=1&cnvs=1&os=0&md=0&bb=0&pl=Chrome%20PDF%20Plugin::Chrome%20PDF%20Viewer::Native%20Client&lang=en-US&pf=Linux%20x86_64&cd=24&0&pload=108
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
45.133.44.3 Philadelphia, United States, ASN39572 (ADVANCEDHOSTERS-AS, NL),
Reverse DNS
Software
nginx/1.18.0 /
Resource Hash
dccc56b4834577790633f041a5c730b0f283352e63c8509a9da3961b170b6f96

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36
Accept-Language
nl-NL,nl;q=0.9

Response headers

date
Fri, 03 Dec 2021 16:22:56 GMT
content-type
text/html; charset=utf-8
content-length
6611
server
nginx/1.18.0
last-modified
Tue, 26 Oct 2021 15:52:40 GMT
etag
f46a63e0e4e733d7ddc6f46da00863bf
x-timestamp
1635263559.76455
x-trans-id
txf9973ab5455e4f86ae257-00617824f3
x-openstack-request-id
txf9973ab5455e4f86ae257-00617824f3
cache-control
max-age=172800
access-control-allow-origin
*
access-control-allow-methods
HEAD,GET,POST,PUT,PATCH,DELETE,OPTIONS
access-control-allow-headers
Content-Type,X-Requested-With,X-Auth-Token,X-Openstack-Request-Id,X-Container-Meta-type,X-Container-Meta-Temp-URL-Key,Authorization
access-control-expose-headers
X-Container-Meta-Temp-Url-Key,X-Container-Bytes-Used,Last-Modified,X-Timestamp
expires
Sun, 05 Dec 2021 16:22:56 GMT
vary
Accept-Encoding
x-proxy-cache
HIT
accept-ranges
bytes
dupa.gif
kneeansweras.com/ 		0
0
script.js
123.selornews.com/dannig/common-player-arrow/ 		4 KB
5 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://123.selornews.com/dannig/common-player-arrow/script.js?a=19
Requested by
Host: 517s61.reminews.com
URL: https://517s61.reminews.com/dannig/common-player-arrow/index.html?var=1541502&ymid=2112031122465b1805ae4b4dffb788f5dcb2&rc=1&mrc=0&fsc=0&zoneid=1601571&tburl=https://play-vids.com/?geo=nl&proxy=true
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
45.133.44.4 Philadelphia, United States, ASN39572 (ADVANCEDHOSTERS-AS, NL),
Reverse DNS
Software
nginx/1.18.0 /
Resource Hash
4d23eca65ee87fd5bce9aaefc863c5f836ad13dbb3069c72533bddfe2054d0d9

Request headers

Accept-Language
nl-NL,nl;q=0.9
Referer
https://517s61.reminews.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date
Fri, 03 Dec 2021 16:22:56 GMT
x-openstack-request-id
tx511d3042704c4fa98c709-00617824f4
x-trans-id
tx511d3042704c4fa98c709-00617824f4
x-timestamp
1631013005.68768
accept-ranges
bytes
expires
Sun, 05 Dec 2021 16:22:56 GMT
last-modified
Tue, 07 Sep 2021 11:10:06 GMT
server
nginx/1.18.0
etag
9d479878f1dadd7ee15cebf73891e8ae
vary
Accept-Encoding
access-control-allow-methods
HEAD,GET,POST,PUT,PATCH,DELETE,OPTIONS
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
access-control-expose-headers
X-Container-Meta-Temp-Url-Key,X-Container-Bytes-Used,Last-Modified,X-Timestamp
cache-control
max-age=172800
content-length
4281
access-control-allow-headers
Content-Type,X-Requested-With,X-Auth-Token,X-Openstack-Request-Id,X-Container-Meta-type,X-Container-Meta-Temp-URL-Key,Authorization
x-proxy-cache
HIT
icon1.png
123.selornews.com/dannig/common-player-arrow/img/ 		7 KB
8 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://123.selornews.com/dannig/common-player-arrow/img/icon1.png
Requested by
Host: 517s61.reminews.com
URL: https://517s61.reminews.com/dannig/common-player-arrow/index.html?var=1541502&ymid=2112031122465b1805ae4b4dffb788f5dcb2&rc=1&mrc=0&fsc=0&zoneid=1601571&tburl=https://play-vids.com/?geo=nl&proxy=true
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
45.133.44.4 Philadelphia, United States, ASN39572 (ADVANCEDHOSTERS-AS, NL),
Reverse DNS
Software
nginx/1.18.0 /
Resource Hash
0515ddd9185d263874e7b66bb6d521fcd63b857aac5fed51c08df98026dafe27

Request headers

Accept-Language
nl-NL,nl;q=0.9
Referer
https://517s61.reminews.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date
Fri, 03 Dec 2021 16:22:56 GMT
x-openstack-request-id
tx3a371b7f911d47879e956-00617824f4
x-trans-id
tx3a371b7f911d47879e956-00617824f4
x-timestamp
1621260766.56573
accept-ranges
bytes
expires
Sun, 05 Dec 2021 16:22:56 GMT
last-modified
Mon, 17 May 2021 14:12:47 GMT
server
nginx/1.18.0
etag
3d0ab5834c8bf7134e4d21fa3288317f
vary
Accept-Encoding
access-control-allow-methods
HEAD,GET,POST,PUT,PATCH,DELETE,OPTIONS
content-type
image/png
access-control-allow-origin
*
access-control-expose-headers
X-Container-Meta-Temp-Url-Key,X-Container-Bytes-Used,Last-Modified,X-Timestamp
cache-control
max-age=172800
content-length
7252
access-control-allow-headers
Content-Type,X-Requested-With,X-Auth-Token,X-Openstack-Request-Id,X-Container-Meta-type,X-Container-Meta-Temp-URL-Key,Authorization
x-proxy-cache
HIT
icon2.png
123.selornews.com/dannig/common-player-arrow/img/ 		4 KB
5 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://123.selornews.com/dannig/common-player-arrow/img/icon2.png
Requested by
Host: 517s61.reminews.com
URL: https://517s61.reminews.com/dannig/common-player-arrow/index.html?var=1541502&ymid=2112031122465b1805ae4b4dffb788f5dcb2&rc=1&mrc=0&fsc=0&zoneid=1601571&tburl=https://play-vids.com/?geo=nl&proxy=true
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
45.133.44.4 Philadelphia, United States, ASN39572 (ADVANCEDHOSTERS-AS, NL),
Reverse DNS
Software
nginx/1.18.0 /
Resource Hash

Request headers

Accept-Language
nl-NL,nl;q=0.9
Referer
https://517s61.reminews.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date
Fri, 03 Dec 2021 16:22:56 GMT
x-openstack-request-id
txa9b08c83d6884e2e94886-00617824f0
x-trans-id
txa9b08c83d6884e2e94886-00617824f0
x-timestamp
1621260766.58366
accept-ranges
bytes
expires
Sun, 05 Dec 2021 16:22:56 GMT
last-modified
Mon, 17 May 2021 14:12:47 GMT
server
nginx/1.18.0
etag
c947d439eb93367f1af5b2a3d222f057
vary
Accept-Encoding
access-control-allow-methods
HEAD,GET,POST,PUT,PATCH,DELETE,OPTIONS
content-type
image/png
access-control-allow-origin
*
access-control-expose-headers
X-Container-Meta-Temp-Url-Key,X-Container-Bytes-Used,Last-Modified,X-Timestamp
cache-control
max-age=172800
content-length
4576
access-control-allow-headers
Content-Type,X-Requested-With,X-Auth-Token,X-Openstack-Request-Id,X-Container-Meta-type,X-Container-Meta-Temp-URL-Key,Authorization
x-proxy-cache
HIT
icon3.png
123.selornews.com/dannig/common-player-arrow/img/ 		8 KB
8 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://123.selornews.com/dannig/common-player-arrow/img/icon3.png
Requested by
Host: 517s61.reminews.com
URL: https://517s61.reminews.com/dannig/common-player-arrow/index.html?var=1541502&ymid=2112031122465b1805ae4b4dffb788f5dcb2&rc=1&mrc=0&fsc=0&zoneid=1601571&tburl=https://play-vids.com/?geo=nl&proxy=true
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
45.133.44.4 Philadelphia, United States, ASN39572 (ADVANCEDHOSTERS-AS, NL),
Reverse DNS
Software
nginx/1.18.0 /
Resource Hash

Request headers

Accept-Language
nl-NL,nl;q=0.9
Referer
https://517s61.reminews.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date
Fri, 03 Dec 2021 16:22:56 GMT
x-openstack-request-id
txe836bc800dc74cab8c17e-00617824f0
x-trans-id
txe836bc800dc74cab8c17e-00617824f0
x-timestamp
1621260770.61859
accept-ranges
bytes
expires
Sun, 05 Dec 2021 16:22:56 GMT
last-modified
Mon, 17 May 2021 14:12:51 GMT
server
nginx/1.18.0
etag
8f3cc830da0b1fdf66bda7d1d734747b
vary
Accept-Encoding
access-control-allow-methods
HEAD,GET,POST,PUT,PATCH,DELETE,OPTIONS
content-type
image/png
access-control-allow-origin
*
access-control-expose-headers
X-Container-Meta-Temp-Url-Key,X-Container-Bytes-Used,Last-Modified,X-Timestamp
cache-control
max-age=172800
content-length
7847
access-control-allow-headers
Content-Type,X-Requested-With,X-Auth-Token,X-Openstack-Request-Id,X-Container-Meta-type,X-Container-Meta-Temp-URL-Key,Authorization
x-proxy-cache
HIT
icon4.png
123.selornews.com/dannig/common-player-arrow/img/ 		7 KB
7 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://123.selornews.com/dannig/common-player-arrow/img/icon4.png
Requested by
Host: 517s61.reminews.com
URL: https://517s61.reminews.com/dannig/common-player-arrow/index.html?var=1541502&ymid=2112031122465b1805ae4b4dffb788f5dcb2&rc=1&mrc=0&fsc=0&zoneid=1601571&tburl=https://play-vids.com/?geo=nl&proxy=true
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
45.133.44.4 Philadelphia, United States, ASN39572 (ADVANCEDHOSTERS-AS, NL),
Reverse DNS
Software
nginx/1.18.0 /
Resource Hash

Request headers

Accept-Language
nl-NL,nl;q=0.9
Referer
https://517s61.reminews.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date
Fri, 03 Dec 2021 16:22:56 GMT
x-openstack-request-id
tx15b172dcb6084849bf123-00617824f0
x-trans-id
tx15b172dcb6084849bf123-00617824f0
x-timestamp
1621260766.57654
accept-ranges
bytes
expires
Sun, 05 Dec 2021 16:22:56 GMT
last-modified
Mon, 17 May 2021 14:12:47 GMT
server
nginx/1.18.0
etag
7ad7f32c1c0df7b4975cc41bda4ac435
vary
Accept-Encoding
access-control-allow-methods
HEAD,GET,POST,PUT,PATCH,DELETE,OPTIONS
content-type
image/png
access-control-allow-origin
*
access-control-expose-headers
X-Container-Meta-Temp-Url-Key,X-Container-Bytes-Used,Last-Modified,X-Timestamp
cache-control
max-age=172800
content-length
7032
access-control-allow-headers
Content-Type,X-Requested-With,X-Auth-Token,X-Openstack-Request-Id,X-Container-Meta-type,X-Container-Meta-Temp-URL-Key,Authorization
x-proxy-cache
HIT
icon5.png
123.selornews.com/dannig/common-player-arrow/img/ 		3 KB
4 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://123.selornews.com/dannig/common-player-arrow/img/icon5.png
Requested by
Host: 517s61.reminews.com
URL: https://517s61.reminews.com/dannig/common-player-arrow/index.html?var=1541502&ymid=2112031122465b1805ae4b4dffb788f5dcb2&rc=1&mrc=0&fsc=0&zoneid=1601571&tburl=https://play-vids.com/?geo=nl&proxy=true
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
45.133.44.4 Philadelphia, United States, ASN39572 (ADVANCEDHOSTERS-AS, NL),
Reverse DNS
Software
nginx/1.18.0 /
Resource Hash

Request headers

Accept-Language
nl-NL,nl;q=0.9
Referer
https://517s61.reminews.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date
Fri, 03 Dec 2021 16:22:56 GMT
x-openstack-request-id
txb5043e51fe2e4d6988631-00617824f0
x-trans-id
txb5043e51fe2e4d6988631-00617824f0
x-timestamp
1621260766.74516
accept-ranges
bytes
expires
Sun, 05 Dec 2021 16:22:56 GMT
last-modified
Mon, 17 May 2021 14:12:47 GMT
server
nginx/1.18.0
etag
1e1a7582b5da63e10485d63f97abc9a0
vary
Accept-Encoding
access-control-allow-methods
HEAD,GET,POST,PUT,PATCH,DELETE,OPTIONS
content-type
image/png
access-control-allow-origin
*
access-control-expose-headers
X-Container-Meta-Temp-Url-Key,X-Container-Bytes-Used,Last-Modified,X-Timestamp
cache-control
max-age=172800
content-length
3264
access-control-allow-headers
Content-Type,X-Requested-With,X-Auth-Token,X-Openstack-Request-Id,X-Container-Meta-type,X-Container-Meta-Temp-URL-Key,Authorization
x-proxy-cache
HIT
icon7.png
123.selornews.com/dannig/common-player-arrow/img/ 		3 KB
4 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://123.selornews.com/dannig/common-player-arrow/img/icon7.png
Requested by
Host: 517s61.reminews.com
URL: https://517s61.reminews.com/dannig/common-player-arrow/index.html?var=1541502&ymid=2112031122465b1805ae4b4dffb788f5dcb2&rc=1&mrc=0&fsc=0&zoneid=1601571&tburl=https://play-vids.com/?geo=nl&proxy=true
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
45.133.44.4 Philadelphia, United States, ASN39572 (ADVANCEDHOSTERS-AS, NL),
Reverse DNS
Software
nginx/1.18.0 /
Resource Hash

Request headers

Accept-Language
nl-NL,nl;q=0.9
Referer
https://517s61.reminews.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date
Fri, 03 Dec 2021 16:22:56 GMT
x-openstack-request-id
tx23eb648f44094a9e86fdc-00617824f0
x-trans-id
tx23eb648f44094a9e86fdc-00617824f0
x-timestamp
1621260767.43555
accept-ranges
bytes
expires
Sun, 05 Dec 2021 16:22:56 GMT
last-modified
Mon, 17 May 2021 14:12:48 GMT
server
nginx/1.18.0
etag
b512735542cb07b3b2dcf153a7dfe456
vary
Accept-Encoding
access-control-allow-methods
HEAD,GET,POST,PUT,PATCH,DELETE,OPTIONS
content-type
image/png
access-control-allow-origin
*
access-control-expose-headers
X-Container-Meta-Temp-Url-Key,X-Container-Bytes-Used,Last-Modified,X-Timestamp
cache-control
max-age=172800
content-length
3283
access-control-allow-headers
Content-Type,X-Requested-With,X-Auth-Token,X-Openstack-Request-Id,X-Container-Meta-type,X-Container-Meta-Temp-URL-Key,Authorization
x-proxy-cache
HIT
icon8.png
123.selornews.com/dannig/common-player-arrow/img/ 		4 KB
5 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://123.selornews.com/dannig/common-player-arrow/img/icon8.png
Requested by
Host: 517s61.reminews.com
URL: https://517s61.reminews.com/dannig/common-player-arrow/index.html?var=1541502&ymid=2112031122465b1805ae4b4dffb788f5dcb2&rc=1&mrc=0&fsc=0&zoneid=1601571&tburl=https://play-vids.com/?geo=nl&proxy=true
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
45.133.44.4 Philadelphia, United States, ASN39572 (ADVANCEDHOSTERS-AS, NL),
Reverse DNS
Software
nginx/1.18.0 /
Resource Hash

Request headers

Accept-Language
nl-NL,nl;q=0.9
Referer
https://517s61.reminews.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date
Fri, 03 Dec 2021 16:22:56 GMT
x-openstack-request-id
tx287de7c84de84b77b385d-00617824f0
x-trans-id
tx287de7c84de84b77b385d-00617824f0
x-timestamp
1621260767.46514
accept-ranges
bytes
expires
Sun, 05 Dec 2021 16:22:56 GMT
last-modified
Mon, 17 May 2021 14:12:48 GMT
server
nginx/1.18.0
etag
f92d6474ebc6a3a0b576749cfb4afe98
vary
Accept-Encoding
access-control-allow-methods
HEAD,GET,POST,PUT,PATCH,DELETE,OPTIONS
content-type
image/png
access-control-allow-origin
*
access-control-expose-headers
X-Container-Meta-Temp-Url-Key,X-Container-Bytes-Used,Last-Modified,X-Timestamp
cache-control
max-age=172800
content-length
4064
access-control-allow-headers
Content-Type,X-Requested-With,X-Auth-Token,X-Openstack-Request-Id,X-Container-Meta-type,X-Container-Meta-Temp-URL-Key,Authorization
x-proxy-cache
HIT
afu.php
kneeansweras.com/ 		2 KB
1 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://kneeansweras.com/afu.php?zoneid=1541501&var=1541502
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
109.206.162.83 , Netherlands, ASN50245 (SERVEREL-AS, NL),
Reverse DNS
83.162.serverel.net
Software
nginx /
Resource Hash
6c05d518a636013df1739368be5a3a73d8aa4f93f793cb6903f3377c583b5784

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36
Accept-Language
nl-NL,nl;q=0.9

Response headers

server
nginx
date
Fri, 03 Dec 2021 16:22:56 GMT
content-type
text/html; charset=utf-8
vary
Accept-Encoding
content-encoding
gzip
timing-allow-origin
*
submit.min.js
kneeansweras.com/ 		34 KB
14 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://kneeansweras.com/submit.min.js?2.0
Requested by
Host: kneeansweras.com
URL: https://kneeansweras.com/afu.php?zoneid=1541501&var=1541502
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
109.206.162.83 , Netherlands, ASN50245 (SERVEREL-AS, NL),
Reverse DNS
83.162.serverel.net
Software
nginx /
Resource Hash
85a367f436675a0f9ff723ab117c68ab0f704cd9f183bc40c8d5e06d647832b8

Request headers

Accept-Language
nl-NL,nl;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date
Fri, 03 Dec 2021 16:22:56 GMT
content-encoding
gzip
last-modified
Thu, 02 Dec 2021 12:43:17 GMT
server
nginx
etag
W/"61a8bf65-87fb"
vary
Accept-Encoding
content-type
application/javascript
timing-allow-origin
*
/
kneeansweras.com/ 		3 KB
2 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://kneeansweras.com/?r=dir&zoneid=1541501&var=1541502&pb=c988daaa13007264bb888dd3bff3860f1638555776&psp=twDThmkx8Kf-wa-G0CcxQ1GkmRLM6Ojeovc8ARb8E2iCk7y0dsRc3MdfWfmWPQLD5dcJzmp30YOik13BFPU8CM2TYiRJR4VrVZhVSyC_jYtx0dv3RjnweCncVbnDf4LS8QdAuHMDLJyJzIuw2mbePpRFmSyX_nmJcMZeczyykKBb-fY2NugQsFha8hAZ7Y0SK8HIHVnezJwCQlxBj-TwJUmg6CQva_xU5hcN4KtfAaXbSUHCfq4CN--6vuElISRIp33eFaviOD6txx14YZ2oV42QwVxzE1OgnW5Nl5nm0650GWAGLdjLrLp3L8UQ3LjsJj-EZXZz5h5-wu_ik8g-_KJLiW9yHQP8OKyUTc13kqzL5P9M20EEKYqbbyvLJlpyC_PyCiJRlgCWoGyzB_8MK9MTZdStHwXBnJUsDg_NBNLR1IKuRUHa3gFaf6K8mFMqVlOzxvATj0F34gz8EKmapfuvDy-eaMwNJTqkIuX82lvnf9mjGZxb2Z9NWY0DHsmBsH0mnr2seYgaqWq6IJN0w1_T2aQ1WLP5KpBA0cIT67yRl2Is0MqVGGcZwMcQJl9mKhUpOnzayCJUkyChUuqjlubCHs40xZqBJR70Yf93LWm3NXfvrdRzdqcSt5u4pjIqiIp83FsmtTmv4kWkTXUES5gaQGt7GT_t1WKE3gRZszJYQdDYfLYnnA==&nojs=0&ix=0&t=0&x=1600&y=1200&wcks=1&wgl=1&cnvs=1&os=0&md=0&bb=0&pl=Chrome%20PDF%20Plugin::Chrome%20PDF%20Viewer::Native%20Client&lang=en-US&pf=Linux%20x86_64&cd=24&0&pload=111
Requested by
Host: kneeansweras.com
URL: https://kneeansweras.com/submit.min.js?2.0
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
109.206.162.83 , Netherlands, ASN50245 (SERVEREL-AS, NL),
Reverse DNS
83.162.serverel.net
Software
nginx /
Resource Hash
2b794d73945bb4be4d23894c4d3c62d6a849bbe8188d6f209c9a43fe85ef4625

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36
Accept-Language
nl-NL,nl;q=0.9

Response headers

server
nginx
date
Fri, 03 Dec 2021 16:22:56 GMT
content-type
text/html; charset=utf-8
vary
Accept-Encoding
content-encoding
gzip
timing-allow-origin
*
index.html
517s61.reminews.com/dannig/common-player-arrow/ 		6 KB
7 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://517s61.reminews.com/dannig/common-player-arrow/index.html?var=1541501&ymid=2112031122aba3b1d1064c4d609fee9c1e5f&rc=1&mrc=0&fsc=0&zoneid=1601571&tburl=https://play-vids.com/?geo=nl&proxy=true
Requested by
Host: kneeansweras.com
URL: https://kneeansweras.com/?r=dir&zoneid=1541501&var=1541502&pb=c988daaa13007264bb888dd3bff3860f1638555776&psp=twDThmkx8Kf-wa-G0CcxQ1GkmRLM6Ojeovc8ARb8E2iCk7y0dsRc3MdfWfmWPQLD5dcJzmp30YOik13BFPU8CM2TYiRJR4VrVZhVSyC_jYtx0dv3RjnweCncVbnDf4LS8QdAuHMDLJyJzIuw2mbePpRFmSyX_nmJcMZeczyykKBb-fY2NugQsFha8hAZ7Y0SK8HIHVnezJwCQlxBj-TwJUmg6CQva_xU5hcN4KtfAaXbSUHCfq4CN--6vuElISRIp33eFaviOD6txx14YZ2oV42QwVxzE1OgnW5Nl5nm0650GWAGLdjLrLp3L8UQ3LjsJj-EZXZz5h5-wu_ik8g-_KJLiW9yHQP8OKyUTc13kqzL5P9M20EEKYqbbyvLJlpyC_PyCiJRlgCWoGyzB_8MK9MTZdStHwXBnJUsDg_NBNLR1IKuRUHa3gFaf6K8mFMqVlOzxvATj0F34gz8EKmapfuvDy-eaMwNJTqkIuX82lvnf9mjGZxb2Z9NWY0DHsmBsH0mnr2seYgaqWq6IJN0w1_T2aQ1WLP5KpBA0cIT67yRl2Is0MqVGGcZwMcQJl9mKhUpOnzayCJUkyChUuqjlubCHs40xZqBJR70Yf93LWm3NXfvrdRzdqcSt5u4pjIqiIp83FsmtTmv4kWkTXUES5gaQGt7GT_t1WKE3gRZszJYQdDYfLYnnA==&nojs=0&ix=0&t=0&x=1600&y=1200&wcks=1&wgl=1&cnvs=1&os=0&md=0&bb=0&pl=Chrome%20PDF%20Plugin::Chrome%20PDF%20Viewer::Native%20Client&lang=en-US&pf=Linux%20x86_64&cd=24&0&pload=111
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
45.133.44.3 Philadelphia, United States, ASN39572 (ADVANCEDHOSTERS-AS, NL),
Reverse DNS
Software
nginx/1.18.0 /
Resource Hash
dccc56b4834577790633f041a5c730b0f283352e63c8509a9da3961b170b6f96

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36
Accept-Language
nl-NL,nl;q=0.9

Response headers

date
Fri, 03 Dec 2021 16:22:56 GMT
content-type
text/html; charset=utf-8
content-length
6611
server
nginx/1.18.0
last-modified
Tue, 26 Oct 2021 15:52:40 GMT
etag
f46a63e0e4e733d7ddc6f46da00863bf
x-timestamp
1635263559.76455
x-trans-id
txf9973ab5455e4f86ae257-00617824f3
x-openstack-request-id
txf9973ab5455e4f86ae257-00617824f3
cache-control
max-age=172800
access-control-allow-origin
*
access-control-allow-methods
HEAD,GET,POST,PUT,PATCH,DELETE,OPTIONS
access-control-allow-headers
Content-Type,X-Requested-With,X-Auth-Token,X-Openstack-Request-Id,X-Container-Meta-type,X-Container-Meta-Temp-URL-Key,Authorization
access-control-expose-headers
X-Container-Meta-Temp-Url-Key,X-Container-Bytes-Used,Last-Modified,X-Timestamp
expires
Sun, 05 Dec 2021 16:22:56 GMT
vary
Accept-Encoding
x-proxy-cache
HIT
accept-ranges
bytes
dupa.gif
kneeansweras.com/ 		0
0
script.js
123.selornews.com/dannig/common-player-arrow/ 		4 KB
5 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://123.selornews.com/dannig/common-player-arrow/script.js?a=19
Requested by
Host: 517s61.reminews.com
URL: https://517s61.reminews.com/dannig/common-player-arrow/index.html?var=1541501&ymid=2112031122aba3b1d1064c4d609fee9c1e5f&rc=1&mrc=0&fsc=0&zoneid=1601571&tburl=https://play-vids.com/?geo=nl&proxy=true
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
45.133.44.4 Philadelphia, United States, ASN39572 (ADVANCEDHOSTERS-AS, NL),
Reverse DNS
Software
nginx/1.18.0 /
Resource Hash
4d23eca65ee87fd5bce9aaefc863c5f836ad13dbb3069c72533bddfe2054d0d9

Request headers

Accept-Language
nl-NL,nl;q=0.9
Referer
https://517s61.reminews.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date
Fri, 03 Dec 2021 16:22:56 GMT
x-openstack-request-id
tx511d3042704c4fa98c709-00617824f4
x-trans-id
tx511d3042704c4fa98c709-00617824f4
x-timestamp
1631013005.68768
accept-ranges
bytes
expires
Sun, 05 Dec 2021 16:22:56 GMT
last-modified
Tue, 07 Sep 2021 11:10:06 GMT
server
nginx/1.18.0
etag
9d479878f1dadd7ee15cebf73891e8ae
vary
Accept-Encoding
access-control-allow-methods
HEAD,GET,POST,PUT,PATCH,DELETE,OPTIONS
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
access-control-expose-headers
X-Container-Meta-Temp-Url-Key,X-Container-Bytes-Used,Last-Modified,X-Timestamp
cache-control
max-age=172800
content-length
4281
access-control-allow-headers
Content-Type,X-Requested-With,X-Auth-Token,X-Openstack-Request-Id,X-Container-Meta-type,X-Container-Meta-Temp-URL-Key,Authorization
x-proxy-cache
HIT
icon1.png
123.selornews.com/dannig/common-player-arrow/img/ 		7 KB
8 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://123.selornews.com/dannig/common-player-arrow/img/icon1.png
Requested by
Host: 517s61.reminews.com
URL: https://517s61.reminews.com/dannig/common-player-arrow/index.html?var=1541501&ymid=2112031122aba3b1d1064c4d609fee9c1e5f&rc=1&mrc=0&fsc=0&zoneid=1601571&tburl=https://play-vids.com/?geo=nl&proxy=true
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
45.133.44.4 Philadelphia, United States, ASN39572 (ADVANCEDHOSTERS-AS, NL),
Reverse DNS
Software
nginx/1.18.0 /
Resource Hash

Request headers

Accept-Language
nl-NL,nl;q=0.9
Referer
https://517s61.reminews.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date
Fri, 03 Dec 2021 16:22:56 GMT
x-openstack-request-id
tx3a371b7f911d47879e956-00617824f4
x-trans-id
tx3a371b7f911d47879e956-00617824f4
x-timestamp
1621260766.56573
accept-ranges
bytes
expires
Sun, 05 Dec 2021 16:22:56 GMT
last-modified
Mon, 17 May 2021 14:12:47 GMT
server
nginx/1.18.0
etag
3d0ab5834c8bf7134e4d21fa3288317f
vary
Accept-Encoding
access-control-allow-methods
HEAD,GET,POST,PUT,PATCH,DELETE,OPTIONS
content-type
image/png
access-control-allow-origin
*
access-control-expose-headers
X-Container-Meta-Temp-Url-Key,X-Container-Bytes-Used,Last-Modified,X-Timestamp
cache-control
max-age=172800
content-length
7252
access-control-allow-headers
Content-Type,X-Requested-With,X-Auth-Token,X-Openstack-Request-Id,X-Container-Meta-type,X-Container-Meta-Temp-URL-Key,Authorization
x-proxy-cache
HIT
icon2.png
123.selornews.com/dannig/common-player-arrow/img/ 		4 KB
5 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://123.selornews.com/dannig/common-player-arrow/img/icon2.png
Requested by
Host: 517s61.reminews.com
URL: https://517s61.reminews.com/dannig/common-player-arrow/index.html?var=1541501&ymid=2112031122aba3b1d1064c4d609fee9c1e5f&rc=1&mrc=0&fsc=0&zoneid=1601571&tburl=https://play-vids.com/?geo=nl&proxy=true
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
45.133.44.4 Philadelphia, United States, ASN39572 (ADVANCEDHOSTERS-AS, NL),
Reverse DNS
Software
nginx/1.18.0 /
Resource Hash

Request headers

Accept-Language
nl-NL,nl;q=0.9
Referer
https://517s61.reminews.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date
Fri, 03 Dec 2021 16:22:56 GMT
x-openstack-request-id
txa9b08c83d6884e2e94886-00617824f0
x-trans-id
txa9b08c83d6884e2e94886-00617824f0
x-timestamp
1621260766.58366
accept-ranges
bytes
expires
Sun, 05 Dec 2021 16:22:56 GMT
last-modified
Mon, 17 May 2021 14:12:47 GMT
server
nginx/1.18.0
etag
c947d439eb93367f1af5b2a3d222f057
vary
Accept-Encoding
access-control-allow-methods
HEAD,GET,POST,PUT,PATCH,DELETE,OPTIONS
content-type
image/png
access-control-allow-origin
*
access-control-expose-headers
X-Container-Meta-Temp-Url-Key,X-Container-Bytes-Used,Last-Modified,X-Timestamp
cache-control
max-age=172800
content-length
4576
access-control-allow-headers
Content-Type,X-Requested-With,X-Auth-Token,X-Openstack-Request-Id,X-Container-Meta-type,X-Container-Meta-Temp-URL-Key,Authorization
x-proxy-cache
HIT
icon3.png
123.selornews.com/dannig/common-player-arrow/img/ 		8 KB
8 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://123.selornews.com/dannig/common-player-arrow/img/icon3.png
Requested by
Host: 517s61.reminews.com
URL: https://517s61.reminews.com/dannig/common-player-arrow/index.html?var=1541501&ymid=2112031122aba3b1d1064c4d609fee9c1e5f&rc=1&mrc=0&fsc=0&zoneid=1601571&tburl=https://play-vids.com/?geo=nl&proxy=true
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
45.133.44.4 Philadelphia, United States, ASN39572 (ADVANCEDHOSTERS-AS, NL),
Reverse DNS
Software
nginx/1.18.0 /
Resource Hash

Request headers

Accept-Language
nl-NL,nl;q=0.9
Referer
https://517s61.reminews.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date
Fri, 03 Dec 2021 16:22:56 GMT
x-openstack-request-id
txe836bc800dc74cab8c17e-00617824f0
x-trans-id
txe836bc800dc74cab8c17e-00617824f0
x-timestamp
1621260770.61859
accept-ranges
bytes
expires
Sun, 05 Dec 2021 16:22:56 GMT
last-modified
Mon, 17 May 2021 14:12:51 GMT
server
nginx/1.18.0
etag
8f3cc830da0b1fdf66bda7d1d734747b
vary
Accept-Encoding
access-control-allow-methods
HEAD,GET,POST,PUT,PATCH,DELETE,OPTIONS
content-type
image/png
access-control-allow-origin
*
access-control-expose-headers
X-Container-Meta-Temp-Url-Key,X-Container-Bytes-Used,Last-Modified,X-Timestamp
cache-control
max-age=172800
content-length
7847
access-control-allow-headers
Content-Type,X-Requested-With,X-Auth-Token,X-Openstack-Request-Id,X-Container-Meta-type,X-Container-Meta-Temp-URL-Key,Authorization
x-proxy-cache
HIT
icon4.png
123.selornews.com/dannig/common-player-arrow/img/ 		7 KB
7 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://123.selornews.com/dannig/common-player-arrow/img/icon4.png
Requested by
Host: 517s61.reminews.com
URL: https://517s61.reminews.com/dannig/common-player-arrow/index.html?var=1541501&ymid=2112031122aba3b1d1064c4d609fee9c1e5f&rc=1&mrc=0&fsc=0&zoneid=1601571&tburl=https://play-vids.com/?geo=nl&proxy=true
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
45.133.44.4 Philadelphia, United States, ASN39572 (ADVANCEDHOSTERS-AS, NL),
Reverse DNS
Software
nginx/1.18.0 /
Resource Hash

Request headers

Accept-Language
nl-NL,nl;q=0.9
Referer
https://517s61.reminews.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date
Fri, 03 Dec 2021 16:22:56 GMT
x-openstack-request-id
tx15b172dcb6084849bf123-00617824f0
x-trans-id
tx15b172dcb6084849bf123-00617824f0
x-timestamp
1621260766.57654
accept-ranges
bytes
expires
Sun, 05 Dec 2021 16:22:56 GMT
last-modified
Mon, 17 May 2021 14:12:47 GMT
server
nginx/1.18.0
etag
7ad7f32c1c0df7b4975cc41bda4ac435
vary
Accept-Encoding
access-control-allow-methods
HEAD,GET,POST,PUT,PATCH,DELETE,OPTIONS
content-type
image/png
access-control-allow-origin
*
access-control-expose-headers
X-Container-Meta-Temp-Url-Key,X-Container-Bytes-Used,Last-Modified,X-Timestamp
cache-control
max-age=172800
content-length
7032
access-control-allow-headers
Content-Type,X-Requested-With,X-Auth-Token,X-Openstack-Request-Id,X-Container-Meta-type,X-Container-Meta-Temp-URL-Key,Authorization
x-proxy-cache
HIT
icon5.png
123.selornews.com/dannig/common-player-arrow/img/ 		3 KB
4 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://123.selornews.com/dannig/common-player-arrow/img/icon5.png
Requested by
Host: 517s61.reminews.com
URL: https://517s61.reminews.com/dannig/common-player-arrow/index.html?var=1541501&ymid=2112031122aba3b1d1064c4d609fee9c1e5f&rc=1&mrc=0&fsc=0&zoneid=1601571&tburl=https://play-vids.com/?geo=nl&proxy=true
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
45.133.44.4 Philadelphia, United States, ASN39572 (ADVANCEDHOSTERS-AS, NL),
Reverse DNS
Software
nginx/1.18.0 /
Resource Hash

Request headers

Accept-Language
nl-NL,nl;q=0.9
Referer
https://517s61.reminews.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date
Fri, 03 Dec 2021 16:22:56 GMT
x-openstack-request-id
txb5043e51fe2e4d6988631-00617824f0
x-trans-id
txb5043e51fe2e4d6988631-00617824f0
x-timestamp
1621260766.74516
accept-ranges
bytes
expires
Sun, 05 Dec 2021 16:22:56 GMT
last-modified
Mon, 17 May 2021 14:12:47 GMT
server
nginx/1.18.0
etag
1e1a7582b5da63e10485d63f97abc9a0
vary
Accept-Encoding
access-control-allow-methods
HEAD,GET,POST,PUT,PATCH,DELETE,OPTIONS
content-type
image/png
access-control-allow-origin
*
access-control-expose-headers
X-Container-Meta-Temp-Url-Key,X-Container-Bytes-Used,Last-Modified,X-Timestamp
cache-control
max-age=172800
content-length
3264
access-control-allow-headers
Content-Type,X-Requested-With,X-Auth-Token,X-Openstack-Request-Id,X-Container-Meta-type,X-Container-Meta-Temp-URL-Key,Authorization
x-proxy-cache
HIT
icon7.png
123.selornews.com/dannig/common-player-arrow/img/ 		3 KB
4 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://123.selornews.com/dannig/common-player-arrow/img/icon7.png
Requested by
Host: 517s61.reminews.com
URL: https://517s61.reminews.com/dannig/common-player-arrow/index.html?var=1541501&ymid=2112031122aba3b1d1064c4d609fee9c1e5f&rc=1&mrc=0&fsc=0&zoneid=1601571&tburl=https://play-vids.com/?geo=nl&proxy=true
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
45.133.44.4 Philadelphia, United States, ASN39572 (ADVANCEDHOSTERS-AS, NL),
Reverse DNS
Software
nginx/1.18.0 /
Resource Hash

Request headers

Accept-Language
nl-NL,nl;q=0.9
Referer
https://517s61.reminews.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date
Fri, 03 Dec 2021 16:22:56 GMT
x-openstack-request-id
tx23eb648f44094a9e86fdc-00617824f0
x-trans-id
tx23eb648f44094a9e86fdc-00617824f0
x-timestamp
1621260767.43555
accept-ranges
bytes
expires
Sun, 05 Dec 2021 16:22:56 GMT
last-modified
Mon, 17 May 2021 14:12:48 GMT
server
nginx/1.18.0
etag
b512735542cb07b3b2dcf153a7dfe456
vary
Accept-Encoding
access-control-allow-methods
HEAD,GET,POST,PUT,PATCH,DELETE,OPTIONS
content-type
image/png
access-control-allow-origin
*
access-control-expose-headers
X-Container-Meta-Temp-Url-Key,X-Container-Bytes-Used,Last-Modified,X-Timestamp
cache-control
max-age=172800
content-length
3283
access-control-allow-headers
Content-Type,X-Requested-With,X-Auth-Token,X-Openstack-Request-Id,X-Container-Meta-type,X-Container-Meta-Temp-URL-Key,Authorization
x-proxy-cache
HIT
icon8.png
123.selornews.com/dannig/common-player-arrow/img/ 		4 KB
5 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://123.selornews.com/dannig/common-player-arrow/img/icon8.png
Requested by
Host: 517s61.reminews.com
URL: https://517s61.reminews.com/dannig/common-player-arrow/index.html?var=1541501&ymid=2112031122aba3b1d1064c4d609fee9c1e5f&rc=1&mrc=0&fsc=0&zoneid=1601571&tburl=https://play-vids.com/?geo=nl&proxy=true
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
45.133.44.4 Philadelphia, United States, ASN39572 (ADVANCEDHOSTERS-AS, NL),
Reverse DNS
Software
nginx/1.18.0 /
Resource Hash

Request headers

Accept-Language
nl-NL,nl;q=0.9
Referer
https://517s61.reminews.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date
Fri, 03 Dec 2021 16:22:56 GMT
x-openstack-request-id
tx287de7c84de84b77b385d-00617824f0
x-trans-id
tx287de7c84de84b77b385d-00617824f0
x-timestamp
1621260767.46514
accept-ranges
bytes
expires
Sun, 05 Dec 2021 16:22:56 GMT
last-modified
Mon, 17 May 2021 14:12:48 GMT
server
nginx/1.18.0
etag
f92d6474ebc6a3a0b576749cfb4afe98
vary
Accept-Encoding
access-control-allow-methods
HEAD,GET,POST,PUT,PATCH,DELETE,OPTIONS
content-type
image/png
access-control-allow-origin
*
access-control-expose-headers
X-Container-Meta-Temp-Url-Key,X-Container-Bytes-Used,Last-Modified,X-Timestamp
cache-control
max-age=172800
content-length
4064
access-control-allow-headers
Content-Type,X-Requested-With,X-Auth-Token,X-Openstack-Request-Id,X-Container-Meta-type,X-Container-Meta-Temp-URL-Key,Authorization
x-proxy-cache
HIT
afu.php
kneeansweras.com/ 		2 KB
1 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://kneeansweras.com/afu.php?zoneid=1541502&var=1541501
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
109.206.162.83 , Netherlands, ASN50245 (SERVEREL-AS, NL),
Reverse DNS
83.162.serverel.net
Software
nginx /
Resource Hash
37b00565b295c6764af5bb51b2e44cd3a983832e7a3954fb0a079901779d76aa

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36
Accept-Language
nl-NL,nl;q=0.9

Response headers

server
nginx
date
Fri, 03 Dec 2021 16:22:56 GMT
content-type
text/html; charset=utf-8
vary
Accept-Encoding
content-encoding
gzip
timing-allow-origin
*
submit.min.js
kneeansweras.com/ 		34 KB
14 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://kneeansweras.com/submit.min.js?2.0
Requested by
Host: kneeansweras.com
URL: https://kneeansweras.com/afu.php?zoneid=1541502&var=1541501
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
109.206.162.83 , Netherlands, ASN50245 (SERVEREL-AS, NL),
Reverse DNS
83.162.serverel.net
Software
nginx /
Resource Hash
85a367f436675a0f9ff723ab117c68ab0f704cd9f183bc40c8d5e06d647832b8

Request headers

Accept-Language
nl-NL,nl;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date
Fri, 03 Dec 2021 16:22:56 GMT
content-encoding
gzip
last-modified
Thu, 02 Dec 2021 12:43:17 GMT
server
nginx
etag
W/"61a8bf65-87fb"
vary
Accept-Encoding
content-type
application/javascript
timing-allow-origin
*
/
kneeansweras.com/ 		3 KB
2 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://kneeansweras.com/?r=dir&zoneid=1541502&var=1541501&pb=c988daaa13007264bb888dd3bff3860f1638555776&psp=oFRCWR_xS0CqYaMvqTGWsPPIMpqq4D8mGZiRCLwJVWB4rdPl8ugiHpcpNaX6CfHjoK-Kj0Gu6WJiEGwPxxJjGG0sPsC2nquvIA5KBnbDgAkpml5w9RxsJe0Gflkmwlzd0i3aY-7L29LHXxVEW7wTfqZsVj778JcUMtuAY5MedIVy6nck3O4G4dko5f4rEOax1slg6thSmTCKcCRSFhPBYZ5S9aQLQFbT0jepEA3-lZN8nUF9EVu8Q2Z4G_LjJMYUksAUn1qtSK49P0cyBPCv38mBzW2KatAjFOlIG2XixF9bXT1KvMAZ0FV3_jFBd_AYWTv8FQG33aHZW6H9Jb86AHTy8cmhvJnuBRGlRzss8NGrmAHqTVuDWx7e9MIvbBSAGC6YfZjrysMsh0cWOEINtSgOteSRw3F0Fys4DIeGhQijH0nBNwseUGgwSCmQVfVgOmMnX54ULTMqHu5MxzBNIgEqhLRg7w2vHgLbcFLB4g8DAjJL5gOwX7blc8DFZJlxbsydYmmThEdQrZVJbYKxHITRreuUaAkMpAEzQP1FHK8F4EL9rlz_5IoGOWw2qJBur8Qety6J2boHBnF54KxXjW6CAvmY63cP4vdxiHVJADT7u8yUZOBiQUdcPBw3jAcbUajSJ3jyCajwl7m4qPnqc-cifvSO09SAqfOZWNjfDvEyU3Riq-jBcw==&nojs=0&ix=0&t=0&x=1600&y=1200&wcks=1&wgl=1&cnvs=1&os=0&md=0&bb=0&pl=Chrome%20PDF%20Plugin::Chrome%20PDF%20Viewer::Native%20Client&lang=en-US&pf=Linux%20x86_64&cd=24&0&pload=100
Requested by
Host: kneeansweras.com
URL: https://kneeansweras.com/submit.min.js?2.0
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
109.206.162.83 , Netherlands, ASN50245 (SERVEREL-AS, NL),
Reverse DNS
83.162.serverel.net
Software
nginx /
Resource Hash
989bae77e2c85fce46421eca94baec5dbfab2b5464577058e41c5ffe2463936d

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36
Accept-Language
nl-NL,nl;q=0.9

Response headers

server
nginx
date
Fri, 03 Dec 2021 16:22:56 GMT
content-type
text/html; charset=utf-8
vary
Accept-Encoding
content-encoding
gzip
timing-allow-origin
*
index.html
517s61.reminews.com/dannig/common-player-arrow/ 		6 KB
7 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://517s61.reminews.com/dannig/common-player-arrow/index.html?var=1541502&ymid=211203112232b0bdfecc0f4c3b8a86855fb0&rc=1&mrc=0&fsc=0&zoneid=1601571&tburl=https://play-vids.com/?geo=nl&proxy=true
Requested by
Host: kneeansweras.com
URL: https://kneeansweras.com/?r=dir&zoneid=1541502&var=1541501&pb=c988daaa13007264bb888dd3bff3860f1638555776&psp=oFRCWR_xS0CqYaMvqTGWsPPIMpqq4D8mGZiRCLwJVWB4rdPl8ugiHpcpNaX6CfHjoK-Kj0Gu6WJiEGwPxxJjGG0sPsC2nquvIA5KBnbDgAkpml5w9RxsJe0Gflkmwlzd0i3aY-7L29LHXxVEW7wTfqZsVj778JcUMtuAY5MedIVy6nck3O4G4dko5f4rEOax1slg6thSmTCKcCRSFhPBYZ5S9aQLQFbT0jepEA3-lZN8nUF9EVu8Q2Z4G_LjJMYUksAUn1qtSK49P0cyBPCv38mBzW2KatAjFOlIG2XixF9bXT1KvMAZ0FV3_jFBd_AYWTv8FQG33aHZW6H9Jb86AHTy8cmhvJnuBRGlRzss8NGrmAHqTVuDWx7e9MIvbBSAGC6YfZjrysMsh0cWOEINtSgOteSRw3F0Fys4DIeGhQijH0nBNwseUGgwSCmQVfVgOmMnX54ULTMqHu5MxzBNIgEqhLRg7w2vHgLbcFLB4g8DAjJL5gOwX7blc8DFZJlxbsydYmmThEdQrZVJbYKxHITRreuUaAkMpAEzQP1FHK8F4EL9rlz_5IoGOWw2qJBur8Qety6J2boHBnF54KxXjW6CAvmY63cP4vdxiHVJADT7u8yUZOBiQUdcPBw3jAcbUajSJ3jyCajwl7m4qPnqc-cifvSO09SAqfOZWNjfDvEyU3Riq-jBcw==&nojs=0&ix=0&t=0&x=1600&y=1200&wcks=1&wgl=1&cnvs=1&os=0&md=0&bb=0&pl=Chrome%20PDF%20Plugin::Chrome%20PDF%20Viewer::Native%20Client&lang=en-US&pf=Linux%20x86_64&cd=24&0&pload=100
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
45.133.44.3 Philadelphia, United States, ASN39572 (ADVANCEDHOSTERS-AS, NL),
Reverse DNS
Software
nginx/1.18.0 /
Resource Hash
dccc56b4834577790633f041a5c730b0f283352e63c8509a9da3961b170b6f96

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36
Accept-Language
nl-NL,nl;q=0.9

Response headers

date
Fri, 03 Dec 2021 16:22:56 GMT
content-type
text/html; charset=utf-8
content-length
6611
server
nginx/1.18.0
last-modified
Tue, 26 Oct 2021 15:52:40 GMT
etag
f46a63e0e4e733d7ddc6f46da00863bf
x-timestamp
1635263559.76455
x-trans-id
txf9973ab5455e4f86ae257-00617824f3
x-openstack-request-id
txf9973ab5455e4f86ae257-00617824f3
cache-control
max-age=172800
access-control-allow-origin
*
access-control-allow-methods
HEAD,GET,POST,PUT,PATCH,DELETE,OPTIONS
access-control-allow-headers
Content-Type,X-Requested-With,X-Auth-Token,X-Openstack-Request-Id,X-Container-Meta-type,X-Container-Meta-Temp-URL-Key,Authorization
access-control-expose-headers
X-Container-Meta-Temp-Url-Key,X-Container-Bytes-Used,Last-Modified,X-Timestamp
expires
Sun, 05 Dec 2021 16:22:56 GMT
vary
Accept-Encoding
x-proxy-cache
HIT
accept-ranges
bytes
dupa.gif
kneeansweras.com/ 		0
0
script.js
123.selornews.com/dannig/common-player-arrow/ 		4 KB
5 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://123.selornews.com/dannig/common-player-arrow/script.js?a=19
Requested by
Host: 517s61.reminews.com
URL: https://517s61.reminews.com/dannig/common-player-arrow/index.html?var=1541502&ymid=211203112232b0bdfecc0f4c3b8a86855fb0&rc=1&mrc=0&fsc=0&zoneid=1601571&tburl=https://play-vids.com/?geo=nl&proxy=true
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
45.133.44.4 Philadelphia, United States, ASN39572 (ADVANCEDHOSTERS-AS, NL),
Reverse DNS
Software
nginx/1.18.0 /
Resource Hash
4d23eca65ee87fd5bce9aaefc863c5f836ad13dbb3069c72533bddfe2054d0d9

Request headers

Accept-Language
nl-NL,nl;q=0.9
Referer
https://517s61.reminews.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date
Fri, 03 Dec 2021 16:22:56 GMT
x-openstack-request-id
tx511d3042704c4fa98c709-00617824f4
x-trans-id
tx511d3042704c4fa98c709-00617824f4
x-timestamp
1631013005.68768
accept-ranges
bytes
expires
Sun, 05 Dec 2021 16:22:56 GMT
last-modified
Tue, 07 Sep 2021 11:10:06 GMT
server
nginx/1.18.0
etag
9d479878f1dadd7ee15cebf73891e8ae
vary
Accept-Encoding
access-control-allow-methods
HEAD,GET,POST,PUT,PATCH,DELETE,OPTIONS
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
access-control-expose-headers
X-Container-Meta-Temp-Url-Key,X-Container-Bytes-Used,Last-Modified,X-Timestamp
cache-control
max-age=172800
content-length
4281
access-control-allow-headers
Content-Type,X-Requested-With,X-Auth-Token,X-Openstack-Request-Id,X-Container-Meta-type,X-Container-Meta-Temp-URL-Key,Authorization
x-proxy-cache
HIT
icon1.png
123.selornews.com/dannig/common-player-arrow/img/ 		7 KB
8 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://123.selornews.com/dannig/common-player-arrow/img/icon1.png
Requested by
Host: 517s61.reminews.com
URL: https://517s61.reminews.com/dannig/common-player-arrow/index.html?var=1541502&ymid=211203112232b0bdfecc0f4c3b8a86855fb0&rc=1&mrc=0&fsc=0&zoneid=1601571&tburl=https://play-vids.com/?geo=nl&proxy=true
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
45.133.44.4 Philadelphia, United States, ASN39572 (ADVANCEDHOSTERS-AS, NL),
Reverse DNS
Software
nginx/1.18.0 /
Resource Hash
0515ddd9185d263874e7b66bb6d521fcd63b857aac5fed51c08df98026dafe27

Request headers

Accept-Language
nl-NL,nl;q=0.9
Referer
https://517s61.reminews.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date
Fri, 03 Dec 2021 16:22:56 GMT
x-openstack-request-id
tx3a371b7f911d47879e956-00617824f4
x-trans-id
tx3a371b7f911d47879e956-00617824f4
x-timestamp
1621260766.56573
accept-ranges
bytes
expires
Sun, 05 Dec 2021 16:22:56 GMT
last-modified
Mon, 17 May 2021 14:12:47 GMT
server
nginx/1.18.0
etag
3d0ab5834c8bf7134e4d21fa3288317f
vary
Accept-Encoding
access-control-allow-methods
HEAD,GET,POST,PUT,PATCH,DELETE,OPTIONS
content-type
image/png
access-control-allow-origin
*
access-control-expose-headers
X-Container-Meta-Temp-Url-Key,X-Container-Bytes-Used,Last-Modified,X-Timestamp
cache-control
max-age=172800
content-length
7252
access-control-allow-headers
Content-Type,X-Requested-With,X-Auth-Token,X-Openstack-Request-Id,X-Container-Meta-type,X-Container-Meta-Temp-URL-Key,Authorization
x-proxy-cache
HIT
icon2.png
123.selornews.com/dannig/common-player-arrow/img/ 		4 KB
5 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://123.selornews.com/dannig/common-player-arrow/img/icon2.png
Requested by
Host: 517s61.reminews.com
URL: https://517s61.reminews.com/dannig/common-player-arrow/index.html?var=1541502&ymid=211203112232b0bdfecc0f4c3b8a86855fb0&rc=1&mrc=0&fsc=0&zoneid=1601571&tburl=https://play-vids.com/?geo=nl&proxy=true
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
45.133.44.4 Philadelphia, United States, ASN39572 (ADVANCEDHOSTERS-AS, NL),
Reverse DNS
Software
nginx/1.18.0 /
Resource Hash

Request headers

Accept-Language
nl-NL,nl;q=0.9
Referer
https://517s61.reminews.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date
Fri, 03 Dec 2021 16:22:56 GMT
x-openstack-request-id
txa9b08c83d6884e2e94886-00617824f0
x-trans-id
txa9b08c83d6884e2e94886-00617824f0
x-timestamp
1621260766.58366
accept-ranges
bytes
expires
Sun, 05 Dec 2021 16:22:56 GMT
last-modified
Mon, 17 May 2021 14:12:47 GMT
server
nginx/1.18.0
etag
c947d439eb93367f1af5b2a3d222f057
vary
Accept-Encoding
access-control-allow-methods
HEAD,GET,POST,PUT,PATCH,DELETE,OPTIONS
content-type
image/png
access-control-allow-origin
*
access-control-expose-headers
X-Container-Meta-Temp-Url-Key,X-Container-Bytes-Used,Last-Modified,X-Timestamp
cache-control
max-age=172800
content-length
4576
access-control-allow-headers
Content-Type,X-Requested-With,X-Auth-Token,X-Openstack-Request-Id,X-Container-Meta-type,X-Container-Meta-Temp-URL-Key,Authorization
x-proxy-cache
HIT
icon3.png
123.selornews.com/dannig/common-player-arrow/img/ 		8 KB
8 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://123.selornews.com/dannig/common-player-arrow/img/icon3.png
Requested by
Host: 517s61.reminews.com
URL: https://517s61.reminews.com/dannig/common-player-arrow/index.html?var=1541502&ymid=211203112232b0bdfecc0f4c3b8a86855fb0&rc=1&mrc=0&fsc=0&zoneid=1601571&tburl=https://play-vids.com/?geo=nl&proxy=true
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
45.133.44.4 Philadelphia, United States, ASN39572 (ADVANCEDHOSTERS-AS, NL),
Reverse DNS
Software
nginx/1.18.0 /
Resource Hash

Request headers

Accept-Language
nl-NL,nl;q=0.9
Referer
https://517s61.reminews.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date
Fri, 03 Dec 2021 16:22:56 GMT
x-openstack-request-id
txe836bc800dc74cab8c17e-00617824f0
x-trans-id
txe836bc800dc74cab8c17e-00617824f0
x-timestamp
1621260770.61859
accept-ranges
bytes
expires
Sun, 05 Dec 2021 16:22:56 GMT
last-modified
Mon, 17 May 2021 14:12:51 GMT
server
nginx/1.18.0
etag
8f3cc830da0b1fdf66bda7d1d734747b
vary
Accept-Encoding
access-control-allow-methods
HEAD,GET,POST,PUT,PATCH,DELETE,OPTIONS
content-type
image/png
access-control-allow-origin
*
access-control-expose-headers
X-Container-Meta-Temp-Url-Key,X-Container-Bytes-Used,Last-Modified,X-Timestamp
cache-control
max-age=172800
content-length
7847
access-control-allow-headers
Content-Type,X-Requested-With,X-Auth-Token,X-Openstack-Request-Id,X-Container-Meta-type,X-Container-Meta-Temp-URL-Key,Authorization
x-proxy-cache
HIT
icon4.png
123.selornews.com/dannig/common-player-arrow/img/ 		7 KB
7 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://123.selornews.com/dannig/common-player-arrow/img/icon4.png
Requested by
Host: 517s61.reminews.com
URL: https://517s61.reminews.com/dannig/common-player-arrow/index.html?var=1541502&ymid=211203112232b0bdfecc0f4c3b8a86855fb0&rc=1&mrc=0&fsc=0&zoneid=1601571&tburl=https://play-vids.com/?geo=nl&proxy=true
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
45.133.44.4 Philadelphia, United States, ASN39572 (ADVANCEDHOSTERS-AS, NL),
Reverse DNS
Software
nginx/1.18.0 /
Resource Hash

Request headers

Accept-Language
nl-NL,nl;q=0.9
Referer
https://517s61.reminews.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date
Fri, 03 Dec 2021 16:22:56 GMT
x-openstack-request-id
tx15b172dcb6084849bf123-00617824f0
x-trans-id
tx15b172dcb6084849bf123-00617824f0
x-timestamp
1621260766.57654
accept-ranges
bytes
expires
Sun, 05 Dec 2021 16:22:56 GMT
last-modified
Mon, 17 May 2021 14:12:47 GMT
server
nginx/1.18.0
etag
7ad7f32c1c0df7b4975cc41bda4ac435
vary
Accept-Encoding
access-control-allow-methods
HEAD,GET,POST,PUT,PATCH,DELETE,OPTIONS
content-type
image/png
access-control-allow-origin
*
access-control-expose-headers
X-Container-Meta-Temp-Url-Key,X-Container-Bytes-Used,Last-Modified,X-Timestamp
cache-control
max-age=172800
content-length
7032
access-control-allow-headers
Content-Type,X-Requested-With,X-Auth-Token,X-Openstack-Request-Id,X-Container-Meta-type,X-Container-Meta-Temp-URL-Key,Authorization
x-proxy-cache
HIT
icon5.png
123.selornews.com/dannig/common-player-arrow/img/ 		3 KB
4 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://123.selornews.com/dannig/common-player-arrow/img/icon5.png
Requested by
Host: 517s61.reminews.com
URL: https://517s61.reminews.com/dannig/common-player-arrow/index.html?var=1541502&ymid=211203112232b0bdfecc0f4c3b8a86855fb0&rc=1&mrc=0&fsc=0&zoneid=1601571&tburl=https://play-vids.com/?geo=nl&proxy=true
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
45.133.44.4 Philadelphia, United States, ASN39572 (ADVANCEDHOSTERS-AS, NL),
Reverse DNS
Software
nginx/1.18.0 /
Resource Hash

Request headers

Accept-Language
nl-NL,nl;q=0.9
Referer
https://517s61.reminews.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date
Fri, 03 Dec 2021 16:22:56 GMT
x-openstack-request-id
txb5043e51fe2e4d6988631-00617824f0
x-trans-id
txb5043e51fe2e4d6988631-00617824f0
x-timestamp
1621260766.74516
accept-ranges
bytes
expires
Sun, 05 Dec 2021 16:22:56 GMT
last-modified
Mon, 17 May 2021 14:12:47 GMT
server
nginx/1.18.0
etag
1e1a7582b5da63e10485d63f97abc9a0
vary
Accept-Encoding
access-control-allow-methods
HEAD,GET,POST,PUT,PATCH,DELETE,OPTIONS
content-type
image/png
access-control-allow-origin
*
access-control-expose-headers
X-Container-Meta-Temp-Url-Key,X-Container-Bytes-Used,Last-Modified,X-Timestamp
cache-control
max-age=172800
content-length
3264
access-control-allow-headers
Content-Type,X-Requested-With,X-Auth-Token,X-Openstack-Request-Id,X-Container-Meta-type,X-Container-Meta-Temp-URL-Key,Authorization
x-proxy-cache
HIT
icon7.png
123.selornews.com/dannig/common-player-arrow/img/ 		3 KB
4 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://123.selornews.com/dannig/common-player-arrow/img/icon7.png
Requested by
Host: 517s61.reminews.com
URL: https://517s61.reminews.com/dannig/common-player-arrow/index.html?var=1541502&ymid=211203112232b0bdfecc0f4c3b8a86855fb0&rc=1&mrc=0&fsc=0&zoneid=1601571&tburl=https://play-vids.com/?geo=nl&proxy=true
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
45.133.44.4 Philadelphia, United States, ASN39572 (ADVANCEDHOSTERS-AS, NL),
Reverse DNS
Software
nginx/1.18.0 /
Resource Hash

Request headers

Accept-Language
nl-NL,nl;q=0.9
Referer
https://517s61.reminews.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date
Fri, 03 Dec 2021 16:22:56 GMT
x-openstack-request-id
tx23eb648f44094a9e86fdc-00617824f0
x-trans-id
tx23eb648f44094a9e86fdc-00617824f0
x-timestamp
1621260767.43555
accept-ranges
bytes
expires
Sun, 05 Dec 2021 16:22:56 GMT
last-modified
Mon, 17 May 2021 14:12:48 GMT
server
nginx/1.18.0
etag
b512735542cb07b3b2dcf153a7dfe456
vary
Accept-Encoding
access-control-allow-methods
HEAD,GET,POST,PUT,PATCH,DELETE,OPTIONS
content-type
image/png
access-control-allow-origin
*
access-control-expose-headers
X-Container-Meta-Temp-Url-Key,X-Container-Bytes-Used,Last-Modified,X-Timestamp
cache-control
max-age=172800
content-length
3283
access-control-allow-headers
Content-Type,X-Requested-With,X-Auth-Token,X-Openstack-Request-Id,X-Container-Meta-type,X-Container-Meta-Temp-URL-Key,Authorization
x-proxy-cache
HIT
icon8.png
123.selornews.com/dannig/common-player-arrow/img/ 		4 KB
5 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://123.selornews.com/dannig/common-player-arrow/img/icon8.png
Requested by
Host: 517s61.reminews.com
URL: https://517s61.reminews.com/dannig/common-player-arrow/index.html?var=1541502&ymid=211203112232b0bdfecc0f4c3b8a86855fb0&rc=1&mrc=0&fsc=0&zoneid=1601571&tburl=https://play-vids.com/?geo=nl&proxy=true
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
45.133.44.4 Philadelphia, United States, ASN39572 (ADVANCEDHOSTERS-AS, NL),
Reverse DNS
Software
nginx/1.18.0 /
Resource Hash

Request headers

Accept-Language
nl-NL,nl;q=0.9
Referer
https://517s61.reminews.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date
Fri, 03 Dec 2021 16:22:56 GMT
x-openstack-request-id
tx287de7c84de84b77b385d-00617824f0
x-trans-id
tx287de7c84de84b77b385d-00617824f0
x-timestamp
1621260767.46514
accept-ranges
bytes
expires
Sun, 05 Dec 2021 16:22:56 GMT
last-modified
Mon, 17 May 2021 14:12:48 GMT
server
nginx/1.18.0
etag
f92d6474ebc6a3a0b576749cfb4afe98
vary
Accept-Encoding
access-control-allow-methods
HEAD,GET,POST,PUT,PATCH,DELETE,OPTIONS
content-type
image/png
access-control-allow-origin
*
access-control-expose-headers
X-Container-Meta-Temp-Url-Key,X-Container-Bytes-Used,Last-Modified,X-Timestamp
cache-control
max-age=172800
content-length
4064
access-control-allow-headers
Content-Type,X-Requested-With,X-Auth-Token,X-Openstack-Request-Id,X-Container-Meta-type,X-Container-Meta-Temp-URL-Key,Authorization
x-proxy-cache
HIT
afu.php
kneeansweras.com/ 		2 KB
1 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://kneeansweras.com/afu.php?zoneid=1541501&var=1541502
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
109.206.162.83 , Netherlands, ASN50245 (SERVEREL-AS, NL),
Reverse DNS
83.162.serverel.net
Software
nginx /
Resource Hash
8d15f4b87bad03068a4d2b20fdc34232882dd0a2bbf16b8ca143985441723217

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36
Accept-Language
nl-NL,nl;q=0.9

Response headers

server
nginx
date
Fri, 03 Dec 2021 16:22:56 GMT
content-type
text/html; charset=utf-8
vary
Accept-Encoding
content-encoding
gzip
timing-allow-origin
*
submit.min.js
kneeansweras.com/ 		34 KB
14 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://kneeansweras.com/submit.min.js?2.0
Requested by
Host: kneeansweras.com
URL: https://kneeansweras.com/afu.php?zoneid=1541501&var=1541502
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
109.206.162.83 , Netherlands, ASN50245 (SERVEREL-AS, NL),
Reverse DNS
83.162.serverel.net
Software
nginx /
Resource Hash
85a367f436675a0f9ff723ab117c68ab0f704cd9f183bc40c8d5e06d647832b8

Request headers

Accept-Language
nl-NL,nl;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date
Fri, 03 Dec 2021 16:22:56 GMT
content-encoding
gzip
last-modified
Thu, 02 Dec 2021 12:43:17 GMT
server
nginx
etag
W/"61a8bf65-87fb"
vary
Accept-Encoding
content-type
application/javascript
timing-allow-origin
*
/
kneeansweras.com/ 		3 KB
2 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://kneeansweras.com/?r=dir&zoneid=1541501&var=1541502&pb=c988daaa13007264bb888dd3bff3860f1638555776&psp=zze_wmg8qA3j9kv63TS172moHiF__zN-HtLOsjkzWmExA_c7XFQNzgAGg23THxy3rzFmfOhIAzmRgR4V2pBZlfw7AsGPFb-YK7mjFxGXXKdYuEVvEsEUjAhwctJ2IJ1_9bqYZx80ZY2ekcx-ZBYgNXDZeajuLKH8J3QBn9AUXafjlQgGyt1SQfm-9b29FkfbwurYOUkjlC5SAoEhNPypw7M74ufRJqwGd_AGUNh96kYdrwTy_X5KowHN_mluLG1J8T-_0s1BW_qnYrtanvYFJezFFLPTAbrKUWFlNGRC3r02iQJBsnB7PqLL25zr0220YGy8ADeLFGHytczECmlzOVeZFRaPetEh-EpB0ogx_DAkmgy4R7m9WvUzSGI_PhogU35muxArrJi_XZ97xODhv5fmyAzw_-mZCXDNHVtE54ZF0ELun2kDHqH0W4EshQfjK-03mvMFcjjfRxz565Hjy93F-StAczA6pT5iwEAbmIwG21fAdNY5CEpKdZHnyqbjbqAIXu3cdK2B8ie1Bzzc4AppHAD2LWDzjf0Bkac5V-rHV7F8doyzWVp7dbmVSB_EWNh1AtdAMiBjnw05wsenL7-rgn3_IZEGnUmLX3RBVA8Rl86IVAouXhTBzdC97XGBM8KouzLlbz8qoYFkn8Echg7kQwo9ynEGZV9OPxfNAK32xDkQP6m04g==&nojs=0&ix=0&t=0&x=1600&y=1200&wcks=1&wgl=1&cnvs=1&os=0&md=0&bb=0&pl=Chrome%20PDF%20Plugin::Chrome%20PDF%20Viewer::Native%20Client&lang=en-US&pf=Linux%20x86_64&cd=24&0&pload=104
Requested by
Host: kneeansweras.com
URL: https://kneeansweras.com/submit.min.js?2.0
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
109.206.162.83 , Netherlands, ASN50245 (SERVEREL-AS, NL),
Reverse DNS
83.162.serverel.net
Software
nginx /
Resource Hash
cf41fcd26618ad1269370b523ae535bf7930609770c0c27b74f8cfcef79435be

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36
Accept-Language
nl-NL,nl;q=0.9

Response headers

server
nginx
date
Fri, 03 Dec 2021 16:22:56 GMT
content-type
text/html; charset=utf-8
vary
Accept-Encoding
content-encoding
gzip
timing-allow-origin
*
index.html
517s61.reminews.com/dannig/common-player-arrow/ 		6 KB
7 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://517s61.reminews.com/dannig/common-player-arrow/index.html?var=1541501&ymid=211203112268680b23b41841f7bd7df77aed&rc=1&mrc=0&fsc=0&zoneid=1601571&tburl=https://play-vids.com/?geo=nl&proxy=true
Requested by
Host: kneeansweras.com
URL: https://kneeansweras.com/?r=dir&zoneid=1541501&var=1541502&pb=c988daaa13007264bb888dd3bff3860f1638555776&psp=zze_wmg8qA3j9kv63TS172moHiF__zN-HtLOsjkzWmExA_c7XFQNzgAGg23THxy3rzFmfOhIAzmRgR4V2pBZlfw7AsGPFb-YK7mjFxGXXKdYuEVvEsEUjAhwctJ2IJ1_9bqYZx80ZY2ekcx-ZBYgNXDZeajuLKH8J3QBn9AUXafjlQgGyt1SQfm-9b29FkfbwurYOUkjlC5SAoEhNPypw7M74ufRJqwGd_AGUNh96kYdrwTy_X5KowHN_mluLG1J8T-_0s1BW_qnYrtanvYFJezFFLPTAbrKUWFlNGRC3r02iQJBsnB7PqLL25zr0220YGy8ADeLFGHytczECmlzOVeZFRaPetEh-EpB0ogx_DAkmgy4R7m9WvUzSGI_PhogU35muxArrJi_XZ97xODhv5fmyAzw_-mZCXDNHVtE54ZF0ELun2kDHqH0W4EshQfjK-03mvMFcjjfRxz565Hjy93F-StAczA6pT5iwEAbmIwG21fAdNY5CEpKdZHnyqbjbqAIXu3cdK2B8ie1Bzzc4AppHAD2LWDzjf0Bkac5V-rHV7F8doyzWVp7dbmVSB_EWNh1AtdAMiBjnw05wsenL7-rgn3_IZEGnUmLX3RBVA8Rl86IVAouXhTBzdC97XGBM8KouzLlbz8qoYFkn8Echg7kQwo9ynEGZV9OPxfNAK32xDkQP6m04g==&nojs=0&ix=0&t=0&x=1600&y=1200&wcks=1&wgl=1&cnvs=1&os=0&md=0&bb=0&pl=Chrome%20PDF%20Plugin::Chrome%20PDF%20Viewer::Native%20Client&lang=en-US&pf=Linux%20x86_64&cd=24&0&pload=104
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
45.133.44.3 Philadelphia, United States, ASN39572 (ADVANCEDHOSTERS-AS, NL),
Reverse DNS
Software
nginx/1.18.0 /
Resource Hash
dccc56b4834577790633f041a5c730b0f283352e63c8509a9da3961b170b6f96

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36
Accept-Language
nl-NL,nl;q=0.9

Response headers

date
Fri, 03 Dec 2021 16:22:56 GMT
content-type
text/html; charset=utf-8
content-length
6611
server
nginx/1.18.0
last-modified
Tue, 26 Oct 2021 15:52:40 GMT
etag
f46a63e0e4e733d7ddc6f46da00863bf
x-timestamp
1635263559.76455
x-trans-id
txf9973ab5455e4f86ae257-00617824f3
x-openstack-request-id
txf9973ab5455e4f86ae257-00617824f3
cache-control
max-age=172800
access-control-allow-origin
*
access-control-allow-methods
HEAD,GET,POST,PUT,PATCH,DELETE,OPTIONS
access-control-allow-headers
Content-Type,X-Requested-With,X-Auth-Token,X-Openstack-Request-Id,X-Container-Meta-type,X-Container-Meta-Temp-URL-Key,Authorization
access-control-expose-headers
X-Container-Meta-Temp-Url-Key,X-Container-Bytes-Used,Last-Modified,X-Timestamp
expires
Sun, 05 Dec 2021 16:22:56 GMT
vary
Accept-Encoding
x-proxy-cache
HIT
accept-ranges
bytes
dupa.gif
kneeansweras.com/ 		0
0
script.js
123.selornews.com/dannig/common-player-arrow/ 		4 KB
5 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://123.selornews.com/dannig/common-player-arrow/script.js?a=19
Requested by
Host: 517s61.reminews.com
URL: https://517s61.reminews.com/dannig/common-player-arrow/index.html?var=1541501&ymid=211203112268680b23b41841f7bd7df77aed&rc=1&mrc=0&fsc=0&zoneid=1601571&tburl=https://play-vids.com/?geo=nl&proxy=true
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
45.133.44.4 Philadelphia, United States, ASN39572 (ADVANCEDHOSTERS-AS, NL),
Reverse DNS
Software
nginx/1.18.0 /
Resource Hash
4d23eca65ee87fd5bce9aaefc863c5f836ad13dbb3069c72533bddfe2054d0d9

Request headers

Accept-Language
nl-NL,nl;q=0.9
Referer
https://517s61.reminews.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date
Fri, 03 Dec 2021 16:22:56 GMT
x-openstack-request-id
tx511d3042704c4fa98c709-00617824f4
x-trans-id
tx511d3042704c4fa98c709-00617824f4
x-timestamp
1631013005.68768
accept-ranges
bytes
expires
Sun, 05 Dec 2021 16:22:56 GMT
last-modified
Tue, 07 Sep 2021 11:10:06 GMT
server
nginx/1.18.0
etag
9d479878f1dadd7ee15cebf73891e8ae
vary
Accept-Encoding
access-control-allow-methods
HEAD,GET,POST,PUT,PATCH,DELETE,OPTIONS
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
access-control-expose-headers
X-Container-Meta-Temp-Url-Key,X-Container-Bytes-Used,Last-Modified,X-Timestamp
cache-control
max-age=172800
content-length
4281
access-control-allow-headers
Content-Type,X-Requested-With,X-Auth-Token,X-Openstack-Request-Id,X-Container-Meta-type,X-Container-Meta-Temp-URL-Key,Authorization
x-proxy-cache
HIT
icon1.png
123.selornews.com/dannig/common-player-arrow/img/ 		7 KB
8 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://123.selornews.com/dannig/common-player-arrow/img/icon1.png
Requested by
Host: 517s61.reminews.com
URL: https://517s61.reminews.com/dannig/common-player-arrow/index.html?var=1541501&ymid=211203112268680b23b41841f7bd7df77aed&rc=1&mrc=0&fsc=0&zoneid=1601571&tburl=https://play-vids.com/?geo=nl&proxy=true
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
45.133.44.4 Philadelphia, United States, ASN39572 (ADVANCEDHOSTERS-AS, NL),
Reverse DNS
Software
nginx/1.18.0 /
Resource Hash

Request headers

Accept-Language
nl-NL,nl;q=0.9
Referer
https://517s61.reminews.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date
Fri, 03 Dec 2021 16:22:56 GMT
x-openstack-request-id
tx3a371b7f911d47879e956-00617824f4
x-trans-id
tx3a371b7f911d47879e956-00617824f4
x-timestamp
1621260766.56573
accept-ranges
bytes
expires
Sun, 05 Dec 2021 16:22:56 GMT
last-modified
Mon, 17 May 2021 14:12:47 GMT
server
nginx/1.18.0
etag
3d0ab5834c8bf7134e4d21fa3288317f
vary
Accept-Encoding
access-control-allow-methods
HEAD,GET,POST,PUT,PATCH,DELETE,OPTIONS
content-type
image/png
access-control-allow-origin
*
access-control-expose-headers
X-Container-Meta-Temp-Url-Key,X-Container-Bytes-Used,Last-Modified,X-Timestamp
cache-control
max-age=172800
content-length
7252
access-control-allow-headers
Content-Type,X-Requested-With,X-Auth-Token,X-Openstack-Request-Id,X-Container-Meta-type,X-Container-Meta-Temp-URL-Key,Authorization
x-proxy-cache
HIT
icon2.png
123.selornews.com/dannig/common-player-arrow/img/ 		4 KB
5 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://123.selornews.com/dannig/common-player-arrow/img/icon2.png
Requested by
Host: 517s61.reminews.com
URL: https://517s61.reminews.com/dannig/common-player-arrow/index.html?var=1541501&ymid=211203112268680b23b41841f7bd7df77aed&rc=1&mrc=0&fsc=0&zoneid=1601571&tburl=https://play-vids.com/?geo=nl&proxy=true
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
45.133.44.4 Philadelphia, United States, ASN39572 (ADVANCEDHOSTERS-AS, NL),
Reverse DNS
Software
nginx/1.18.0 /
Resource Hash

Request headers

Accept-Language
nl-NL,nl;q=0.9
Referer
https://517s61.reminews.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date
Fri, 03 Dec 2021 16:22:56 GMT
x-openstack-request-id
txa9b08c83d6884e2e94886-00617824f0
x-trans-id
txa9b08c83d6884e2e94886-00617824f0
x-timestamp
1621260766.58366
accept-ranges
bytes
expires
Sun, 05 Dec 2021 16:22:56 GMT
last-modified
Mon, 17 May 2021 14:12:47 GMT
server
nginx/1.18.0
etag
c947d439eb93367f1af5b2a3d222f057
vary
Accept-Encoding
access-control-allow-methods
HEAD,GET,POST,PUT,PATCH,DELETE,OPTIONS
content-type
image/png
access-control-allow-origin
*
access-control-expose-headers
X-Container-Meta-Temp-Url-Key,X-Container-Bytes-Used,Last-Modified,X-Timestamp
cache-control
max-age=172800
content-length
4576
access-control-allow-headers
Content-Type,X-Requested-With,X-Auth-Token,X-Openstack-Request-Id,X-Container-Meta-type,X-Container-Meta-Temp-URL-Key,Authorization
x-proxy-cache
HIT
icon3.png
123.selornews.com/dannig/common-player-arrow/img/ 		8 KB
8 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://123.selornews.com/dannig/common-player-arrow/img/icon3.png
Requested by
Host: 517s61.reminews.com
URL: https://517s61.reminews.com/dannig/common-player-arrow/index.html?var=1541501&ymid=211203112268680b23b41841f7bd7df77aed&rc=1&mrc=0&fsc=0&zoneid=1601571&tburl=https://play-vids.com/?geo=nl&proxy=true
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
45.133.44.4 Philadelphia, United States, ASN39572 (ADVANCEDHOSTERS-AS, NL),
Reverse DNS
Software
nginx/1.18.0 /
Resource Hash

Request headers

Accept-Language
nl-NL,nl;q=0.9
Referer
https://517s61.reminews.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date
Fri, 03 Dec 2021 16:22:56 GMT
x-openstack-request-id
txe836bc800dc74cab8c17e-00617824f0
x-trans-id
txe836bc800dc74cab8c17e-00617824f0
x-timestamp
1621260770.61859
accept-ranges
bytes
expires
Sun, 05 Dec 2021 16:22:56 GMT
last-modified
Mon, 17 May 2021 14:12:51 GMT
server
nginx/1.18.0
etag
8f3cc830da0b1fdf66bda7d1d734747b
vary
Accept-Encoding
access-control-allow-methods
HEAD,GET,POST,PUT,PATCH,DELETE,OPTIONS
content-type
image/png
access-control-allow-origin
*
access-control-expose-headers
X-Container-Meta-Temp-Url-Key,X-Container-Bytes-Used,Last-Modified,X-Timestamp
cache-control
max-age=172800
content-length
7847
access-control-allow-headers
Content-Type,X-Requested-With,X-Auth-Token,X-Openstack-Request-Id,X-Container-Meta-type,X-Container-Meta-Temp-URL-Key,Authorization
x-proxy-cache
HIT
icon4.png
123.selornews.com/dannig/common-player-arrow/img/ 		7 KB
7 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://123.selornews.com/dannig/common-player-arrow/img/icon4.png
Requested by
Host: 517s61.reminews.com
URL: https://517s61.reminews.com/dannig/common-player-arrow/index.html?var=1541501&ymid=211203112268680b23b41841f7bd7df77aed&rc=1&mrc=0&fsc=0&zoneid=1601571&tburl=https://play-vids.com/?geo=nl&proxy=true
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
45.133.44.4 Philadelphia, United States, ASN39572 (ADVANCEDHOSTERS-AS, NL),
Reverse DNS
Software
nginx/1.18.0 /
Resource Hash

Request headers

Accept-Language
nl-NL,nl;q=0.9
Referer
https://517s61.reminews.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date
Fri, 03 Dec 2021 16:22:56 GMT
x-openstack-request-id
tx15b172dcb6084849bf123-00617824f0
x-trans-id
tx15b172dcb6084849bf123-00617824f0
x-timestamp
1621260766.57654
accept-ranges
bytes
expires
Sun, 05 Dec 2021 16:22:56 GMT
last-modified
Mon, 17 May 2021 14:12:47 GMT
server
nginx/1.18.0
etag
7ad7f32c1c0df7b4975cc41bda4ac435
vary
Accept-Encoding
access-control-allow-methods
HEAD,GET,POST,PUT,PATCH,DELETE,OPTIONS
content-type
image/png
access-control-allow-origin
*
access-control-expose-headers
X-Container-Meta-Temp-Url-Key,X-Container-Bytes-Used,Last-Modified,X-Timestamp
cache-control
max-age=172800
content-length
7032
access-control-allow-headers
Content-Type,X-Requested-With,X-Auth-Token,X-Openstack-Request-Id,X-Container-Meta-type,X-Container-Meta-Temp-URL-Key,Authorization
x-proxy-cache
HIT
icon5.png
123.selornews.com/dannig/common-player-arrow/img/ 		3 KB
4 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://123.selornews.com/dannig/common-player-arrow/img/icon5.png
Requested by
Host: 517s61.reminews.com
URL: https://517s61.reminews.com/dannig/common-player-arrow/index.html?var=1541501&ymid=211203112268680b23b41841f7bd7df77aed&rc=1&mrc=0&fsc=0&zoneid=1601571&tburl=https://play-vids.com/?geo=nl&proxy=true
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
45.133.44.4 Philadelphia, United States, ASN39572 (ADVANCEDHOSTERS-AS, NL),
Reverse DNS
Software
nginx/1.18.0 /
Resource Hash

Request headers

Accept-Language
nl-NL,nl;q=0.9
Referer
https://517s61.reminews.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date
Fri, 03 Dec 2021 16:22:56 GMT
x-openstack-request-id
txb5043e51fe2e4d6988631-00617824f0
x-trans-id
txb5043e51fe2e4d6988631-00617824f0
x-timestamp
1621260766.74516
accept-ranges
bytes
expires
Sun, 05 Dec 2021 16:22:56 GMT
last-modified
Mon, 17 May 2021 14:12:47 GMT
server
nginx/1.18.0
etag
1e1a7582b5da63e10485d63f97abc9a0
vary
Accept-Encoding
access-control-allow-methods
HEAD,GET,POST,PUT,PATCH,DELETE,OPTIONS
content-type
image/png
access-control-allow-origin
*
access-control-expose-headers
X-Container-Meta-Temp-Url-Key,X-Container-Bytes-Used,Last-Modified,X-Timestamp
cache-control
max-age=172800
content-length
3264
access-control-allow-headers
Content-Type,X-Requested-With,X-Auth-Token,X-Openstack-Request-Id,X-Container-Meta-type,X-Container-Meta-Temp-URL-Key,Authorization
x-proxy-cache
HIT
icon7.png
123.selornews.com/dannig/common-player-arrow/img/ 		3 KB
4 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://123.selornews.com/dannig/common-player-arrow/img/icon7.png
Requested by
Host: 517s61.reminews.com
URL: https://517s61.reminews.com/dannig/common-player-arrow/index.html?var=1541501&ymid=211203112268680b23b41841f7bd7df77aed&rc=1&mrc=0&fsc=0&zoneid=1601571&tburl=https://play-vids.com/?geo=nl&proxy=true
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
45.133.44.4 Philadelphia, United States, ASN39572 (ADVANCEDHOSTERS-AS, NL),
Reverse DNS
Software
nginx/1.18.0 /
Resource Hash

Request headers

Accept-Language
nl-NL,nl;q=0.9
Referer
https://517s61.reminews.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date
Fri, 03 Dec 2021 16:22:56 GMT
x-openstack-request-id
tx23eb648f44094a9e86fdc-00617824f0
x-trans-id
tx23eb648f44094a9e86fdc-00617824f0
x-timestamp
1621260767.43555
accept-ranges
bytes
expires
Sun, 05 Dec 2021 16:22:56 GMT
last-modified
Mon, 17 May 2021 14:12:48 GMT
server
nginx/1.18.0
etag
b512735542cb07b3b2dcf153a7dfe456
vary
Accept-Encoding
access-control-allow-methods
HEAD,GET,POST,PUT,PATCH,DELETE,OPTIONS
content-type
image/png
access-control-allow-origin
*
access-control-expose-headers
X-Container-Meta-Temp-Url-Key,X-Container-Bytes-Used,Last-Modified,X-Timestamp
cache-control
max-age=172800
content-length
3283
access-control-allow-headers
Content-Type,X-Requested-With,X-Auth-Token,X-Openstack-Request-Id,X-Container-Meta-type,X-Container-Meta-Temp-URL-Key,Authorization
x-proxy-cache
HIT
icon8.png
123.selornews.com/dannig/common-player-arrow/img/ 		4 KB
5 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://123.selornews.com/dannig/common-player-arrow/img/icon8.png
Requested by
Host: 517s61.reminews.com
URL: https://517s61.reminews.com/dannig/common-player-arrow/index.html?var=1541501&ymid=211203112268680b23b41841f7bd7df77aed&rc=1&mrc=0&fsc=0&zoneid=1601571&tburl=https://play-vids.com/?geo=nl&proxy=true
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
45.133.44.4 Philadelphia, United States, ASN39572 (ADVANCEDHOSTERS-AS, NL),
Reverse DNS
Software
nginx/1.18.0 /
Resource Hash

Request headers

Accept-Language
nl-NL,nl;q=0.9
Referer
https://517s61.reminews.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date
Fri, 03 Dec 2021 16:22:56 GMT
x-openstack-request-id
tx287de7c84de84b77b385d-00617824f0
x-trans-id
tx287de7c84de84b77b385d-00617824f0
x-timestamp
1621260767.46514
accept-ranges
bytes
expires
Sun, 05 Dec 2021 16:22:56 GMT
last-modified
Mon, 17 May 2021 14:12:48 GMT
server
nginx/1.18.0
etag
f92d6474ebc6a3a0b576749cfb4afe98
vary
Accept-Encoding
access-control-allow-methods
HEAD,GET,POST,PUT,PATCH,DELETE,OPTIONS
content-type
image/png
access-control-allow-origin
*
access-control-expose-headers
X-Container-Meta-Temp-Url-Key,X-Container-Bytes-Used,Last-Modified,X-Timestamp
cache-control
max-age=172800
content-length
4064
access-control-allow-headers
Content-Type,X-Requested-With,X-Auth-Token,X-Openstack-Request-Id,X-Container-Meta-type,X-Container-Meta-Temp-URL-Key,Authorization
x-proxy-cache
HIT
afu.php
kneeansweras.com/ 		2 KB
1 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://kneeansweras.com/afu.php?zoneid=1541502&var=1541501
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
109.206.162.83 , Netherlands, ASN50245 (SERVEREL-AS, NL),
Reverse DNS
83.162.serverel.net
Software
nginx /
Resource Hash
05d8033a45f321f8e845cb44b5b9a8ff2bb09758cb319d86c613fa1721b69e1b

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36
Accept-Language
nl-NL,nl;q=0.9

Response headers

server
nginx
date
Fri, 03 Dec 2021 16:22:56 GMT
content-type
text/html; charset=utf-8
vary
Accept-Encoding
content-encoding
gzip
timing-allow-origin
*
submit.min.js
kneeansweras.com/ 		34 KB
14 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://kneeansweras.com/submit.min.js?2.0
Requested by
Host: kneeansweras.com
URL: https://kneeansweras.com/afu.php?zoneid=1541502&var=1541501
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
109.206.162.83 , Netherlands, ASN50245 (SERVEREL-AS, NL),
Reverse DNS
83.162.serverel.net
Software
nginx /
Resource Hash
85a367f436675a0f9ff723ab117c68ab0f704cd9f183bc40c8d5e06d647832b8

Request headers

Accept-Language
nl-NL,nl;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date
Fri, 03 Dec 2021 16:22:56 GMT
content-encoding
gzip
last-modified
Thu, 02 Dec 2021 12:43:17 GMT
server
nginx
etag
W/"61a8bf65-87fb"
vary
Accept-Encoding
content-type
application/javascript
timing-allow-origin
*
/
kneeansweras.com/ 		3 KB
2 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://kneeansweras.com/?r=dir&zoneid=1541502&var=1541501&pb=c988daaa13007264bb888dd3bff3860f1638555776&psp=OlRRi6ZPaeJ6DSwbX8WYlOpn5oTybFpucOTX0UHkhyXw5XeRlG_KNPY5Wspe__Bxrti-tanZdsqJrRufnj_HjFoGYPtxb4KWefUWwJ1h3fUekxmZto0QuxeipXLrQT_W0REYCcwyuHM7vD9IM1H5y4M29KtOnI1gYRKEuscGb0Qe6Vpadcl74_kEGlMJHDe72zSfMBg4jH7iqHIrjuvtpH9K9PxGjg0YBa63s7gRCKA1vxTEP39etFaxNs91zgI9IarcV9QisqDupneIj3Xt9ih9tIQf3cvuri-oRtIHDULZiFeEYrynw4yrNBWFbskdcZ53JGh3iTv0oelKMk0aMPUFuDf7Bj-qtaCqYkWlqtdkPC9I1TfFo8WcvlNAdXxvtGuWknFmTpQQGpdgmvfQHd17e4JGzng6uMNR2qAyL3G_A5zCFJD4B5NkxREiRziSEvfCObvBaq9xfKODbWSbGv8-lqOHtiJgZmH5yGTqdWCHtlQ85X_UTKHsYbZxW6narlREBO0qB-3Niz9kYdzX52HqbewadZ81Y5oAxOgFPYIXd3ieGh9Z8kQZd6sK-PBBi3ohf2Kk77JJrNwQ0dkSUhXhiHpCFi1kFZHakjCpMtIvDlXtA_GeEtHGXDmrBFQl5PgNXAKMrggmjn-yraLqQxYd20vwADw8ntgSbZM3VsI8Txm5BOayEw==&nojs=0&ix=0&t=0&x=1600&y=1200&wcks=1&wgl=1&cnvs=1&os=0&md=0&bb=0&pl=Chrome%20PDF%20Plugin::Chrome%20PDF%20Viewer::Native%20Client&lang=en-US&pf=Linux%20x86_64&cd=24&0&pload=102
Requested by
Host: kneeansweras.com
URL: https://kneeansweras.com/submit.min.js?2.0
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
109.206.162.83 , Netherlands, ASN50245 (SERVEREL-AS, NL),
Reverse DNS
83.162.serverel.net
Software
nginx /
Resource Hash
bea2e9bc8bc2ba2ecd5217a27e6bfe0cbcd267513b0db209054209fbf14777cb

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36
Accept-Language
nl-NL,nl;q=0.9

Response headers

server
nginx
date
Fri, 03 Dec 2021 16:22:56 GMT
content-type
text/html; charset=utf-8
vary
Accept-Encoding
content-encoding
gzip
timing-allow-origin
*
index.html
517s61.reminews.com/dannig/common-player-arrow/ 		6 KB
7 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://517s61.reminews.com/dannig/common-player-arrow/index.html?var=1541502&ymid=2112031122dfa3d4fbee8249b1991f6b6f4b&rc=1&mrc=0&fsc=0&zoneid=1601571&tburl=https://play-vids.com/?geo=nl&proxy=true
Requested by
Host: kneeansweras.com
URL: https://kneeansweras.com/?r=dir&zoneid=1541502&var=1541501&pb=c988daaa13007264bb888dd3bff3860f1638555776&psp=OlRRi6ZPaeJ6DSwbX8WYlOpn5oTybFpucOTX0UHkhyXw5XeRlG_KNPY5Wspe__Bxrti-tanZdsqJrRufnj_HjFoGYPtxb4KWefUWwJ1h3fUekxmZto0QuxeipXLrQT_W0REYCcwyuHM7vD9IM1H5y4M29KtOnI1gYRKEuscGb0Qe6Vpadcl74_kEGlMJHDe72zSfMBg4jH7iqHIrjuvtpH9K9PxGjg0YBa63s7gRCKA1vxTEP39etFaxNs91zgI9IarcV9QisqDupneIj3Xt9ih9tIQf3cvuri-oRtIHDULZiFeEYrynw4yrNBWFbskdcZ53JGh3iTv0oelKMk0aMPUFuDf7Bj-qtaCqYkWlqtdkPC9I1TfFo8WcvlNAdXxvtGuWknFmTpQQGpdgmvfQHd17e4JGzng6uMNR2qAyL3G_A5zCFJD4B5NkxREiRziSEvfCObvBaq9xfKODbWSbGv8-lqOHtiJgZmH5yGTqdWCHtlQ85X_UTKHsYbZxW6narlREBO0qB-3Niz9kYdzX52HqbewadZ81Y5oAxOgFPYIXd3ieGh9Z8kQZd6sK-PBBi3ohf2Kk77JJrNwQ0dkSUhXhiHpCFi1kFZHakjCpMtIvDlXtA_GeEtHGXDmrBFQl5PgNXAKMrggmjn-yraLqQxYd20vwADw8ntgSbZM3VsI8Txm5BOayEw==&nojs=0&ix=0&t=0&x=1600&y=1200&wcks=1&wgl=1&cnvs=1&os=0&md=0&bb=0&pl=Chrome%20PDF%20Plugin::Chrome%20PDF%20Viewer::Native%20Client&lang=en-US&pf=Linux%20x86_64&cd=24&0&pload=102
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
45.133.44.3 Philadelphia, United States, ASN39572 (ADVANCEDHOSTERS-AS, NL),
Reverse DNS
Software
nginx/1.18.0 /
Resource Hash
dccc56b4834577790633f041a5c730b0f283352e63c8509a9da3961b170b6f96

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36
Accept-Language
nl-NL,nl;q=0.9

Response headers

date
Fri, 03 Dec 2021 16:22:57 GMT
content-type
text/html; charset=utf-8
content-length
6611
server
nginx/1.18.0
last-modified
Tue, 26 Oct 2021 15:52:40 GMT
etag
f46a63e0e4e733d7ddc6f46da00863bf
x-timestamp
1635263559.76455
x-trans-id
txf9973ab5455e4f86ae257-00617824f3
x-openstack-request-id
txf9973ab5455e4f86ae257-00617824f3
cache-control
max-age=172800
access-control-allow-origin
*
access-control-allow-methods
HEAD,GET,POST,PUT,PATCH,DELETE,OPTIONS
access-control-allow-headers
Content-Type,X-Requested-With,X-Auth-Token,X-Openstack-Request-Id,X-Container-Meta-type,X-Container-Meta-Temp-URL-Key,Authorization
access-control-expose-headers
X-Container-Meta-Temp-Url-Key,X-Container-Bytes-Used,Last-Modified,X-Timestamp
expires
Sun, 05 Dec 2021 16:22:57 GMT
vary
Accept-Encoding
x-proxy-cache
HIT
accept-ranges
bytes
dupa.gif
kneeansweras.com/ 		0
0
script.js
123.selornews.com/dannig/common-player-arrow/ 		4 KB
5 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://123.selornews.com/dannig/common-player-arrow/script.js?a=19
Requested by
Host: 517s61.reminews.com
URL: https://517s61.reminews.com/dannig/common-player-arrow/index.html?var=1541502&ymid=2112031122dfa3d4fbee8249b1991f6b6f4b&rc=1&mrc=0&fsc=0&zoneid=1601571&tburl=https://play-vids.com/?geo=nl&proxy=true
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
45.133.44.4 Philadelphia, United States, ASN39572 (ADVANCEDHOSTERS-AS, NL),
Reverse DNS
Software
nginx/1.18.0 /
Resource Hash
4d23eca65ee87fd5bce9aaefc863c5f836ad13dbb3069c72533bddfe2054d0d9

Request headers

Accept-Language
nl-NL,nl;q=0.9
Referer
https://517s61.reminews.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date
Fri, 03 Dec 2021 16:22:57 GMT
x-openstack-request-id
tx511d3042704c4fa98c709-00617824f4
x-trans-id
tx511d3042704c4fa98c709-00617824f4
x-timestamp
1631013005.68768
accept-ranges
bytes
expires
Sun, 05 Dec 2021 16:22:57 GMT
last-modified
Tue, 07 Sep 2021 11:10:06 GMT
server
nginx/1.18.0
etag
9d479878f1dadd7ee15cebf73891e8ae
vary
Accept-Encoding
access-control-allow-methods
HEAD,GET,POST,PUT,PATCH,DELETE,OPTIONS
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
access-control-expose-headers
X-Container-Meta-Temp-Url-Key,X-Container-Bytes-Used,Last-Modified,X-Timestamp
cache-control
max-age=172800
content-length
4281
access-control-allow-headers
Content-Type,X-Requested-With,X-Auth-Token,X-Openstack-Request-Id,X-Container-Meta-type,X-Container-Meta-Temp-URL-Key,Authorization
x-proxy-cache
HIT
icon1.png
123.selornews.com/dannig/common-player-arrow/img/ 		7 KB
8 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://123.selornews.com/dannig/common-player-arrow/img/icon1.png
Requested by
Host: 517s61.reminews.com
URL: https://517s61.reminews.com/dannig/common-player-arrow/index.html?var=1541502&ymid=2112031122dfa3d4fbee8249b1991f6b6f4b&rc=1&mrc=0&fsc=0&zoneid=1601571&tburl=https://play-vids.com/?geo=nl&proxy=true
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
45.133.44.4 Philadelphia, United States, ASN39572 (ADVANCEDHOSTERS-AS, NL),
Reverse DNS
Software
nginx/1.18.0 /
Resource Hash

Request headers

Accept-Language
nl-NL,nl;q=0.9
Referer
https://517s61.reminews.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date
Fri, 03 Dec 2021 16:22:57 GMT
x-openstack-request-id
tx3a371b7f911d47879e956-00617824f4
x-trans-id
tx3a371b7f911d47879e956-00617824f4
x-timestamp
1621260766.56573
accept-ranges
bytes
expires
Sun, 05 Dec 2021 16:22:57 GMT
last-modified
Mon, 17 May 2021 14:12:47 GMT
server
nginx/1.18.0
etag
3d0ab5834c8bf7134e4d21fa3288317f
vary
Accept-Encoding
access-control-allow-methods
HEAD,GET,POST,PUT,PATCH,DELETE,OPTIONS
content-type
image/png
access-control-allow-origin
*
access-control-expose-headers
X-Container-Meta-Temp-Url-Key,X-Container-Bytes-Used,Last-Modified,X-Timestamp
cache-control
max-age=172800
content-length
7252
access-control-allow-headers
Content-Type,X-Requested-With,X-Auth-Token,X-Openstack-Request-Id,X-Container-Meta-type,X-Container-Meta-Temp-URL-Key,Authorization
x-proxy-cache
HIT
icon2.png
123.selornews.com/dannig/common-player-arrow/img/ 		4 KB
5 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://123.selornews.com/dannig/common-player-arrow/img/icon2.png
Requested by
Host: 517s61.reminews.com
URL: https://517s61.reminews.com/dannig/common-player-arrow/index.html?var=1541502&ymid=2112031122dfa3d4fbee8249b1991f6b6f4b&rc=1&mrc=0&fsc=0&zoneid=1601571&tburl=https://play-vids.com/?geo=nl&proxy=true
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
45.133.44.4 Philadelphia, United States, ASN39572 (ADVANCEDHOSTERS-AS, NL),
Reverse DNS
Software
nginx/1.18.0 /
Resource Hash

Request headers

Accept-Language
nl-NL,nl;q=0.9
Referer
https://517s61.reminews.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date
Fri, 03 Dec 2021 16:22:57 GMT
x-openstack-request-id
txa9b08c83d6884e2e94886-00617824f0
x-trans-id
txa9b08c83d6884e2e94886-00617824f0
x-timestamp
1621260766.58366
accept-ranges
bytes
expires
Sun, 05 Dec 2021 16:22:57 GMT
last-modified
Mon, 17 May 2021 14:12:47 GMT
server
nginx/1.18.0
etag
c947d439eb93367f1af5b2a3d222f057
vary
Accept-Encoding
access-control-allow-methods
HEAD,GET,POST,PUT,PATCH,DELETE,OPTIONS
content-type
image/png
access-control-allow-origin
*
access-control-expose-headers
X-Container-Meta-Temp-Url-Key,X-Container-Bytes-Used,Last-Modified,X-Timestamp
cache-control
max-age=172800
content-length
4576
access-control-allow-headers
Content-Type,X-Requested-With,X-Auth-Token,X-Openstack-Request-Id,X-Container-Meta-type,X-Container-Meta-Temp-URL-Key,Authorization
x-proxy-cache
HIT
icon3.png
123.selornews.com/dannig/common-player-arrow/img/ 		8 KB
8 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://123.selornews.com/dannig/common-player-arrow/img/icon3.png
Requested by
Host: 517s61.reminews.com
URL: https://517s61.reminews.com/dannig/common-player-arrow/index.html?var=1541502&ymid=2112031122dfa3d4fbee8249b1991f6b6f4b&rc=1&mrc=0&fsc=0&zoneid=1601571&tburl=https://play-vids.com/?geo=nl&proxy=true
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
45.133.44.4 Philadelphia, United States, ASN39572 (ADVANCEDHOSTERS-AS, NL),
Reverse DNS
Software
nginx/1.18.0 /
Resource Hash

Request headers

Accept-Language
nl-NL,nl;q=0.9
Referer
https://517s61.reminews.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date
Fri, 03 Dec 2021 16:22:57 GMT
x-openstack-request-id
txe836bc800dc74cab8c17e-00617824f0
x-trans-id
txe836bc800dc74cab8c17e-00617824f0
x-timestamp
1621260770.61859
accept-ranges
bytes
expires
Sun, 05 Dec 2021 16:22:57 GMT
last-modified
Mon, 17 May 2021 14:12:51 GMT
server
nginx/1.18.0
etag
8f3cc830da0b1fdf66bda7d1d734747b
vary
Accept-Encoding
access-control-allow-methods
HEAD,GET,POST,PUT,PATCH,DELETE,OPTIONS
content-type
image/png
access-control-allow-origin
*
access-control-expose-headers
X-Container-Meta-Temp-Url-Key,X-Container-Bytes-Used,Last-Modified,X-Timestamp
cache-control
max-age=172800
content-length
7847
access-control-allow-headers
Content-Type,X-Requested-With,X-Auth-Token,X-Openstack-Request-Id,X-Container-Meta-type,X-Container-Meta-Temp-URL-Key,Authorization
x-proxy-cache
HIT
icon4.png
123.selornews.com/dannig/common-player-arrow/img/ 		7 KB
7 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://123.selornews.com/dannig/common-player-arrow/img/icon4.png
Requested by
Host: 517s61.reminews.com
URL: https://517s61.reminews.com/dannig/common-player-arrow/index.html?var=1541502&ymid=2112031122dfa3d4fbee8249b1991f6b6f4b&rc=1&mrc=0&fsc=0&zoneid=1601571&tburl=https://play-vids.com/?geo=nl&proxy=true
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
45.133.44.4 Philadelphia, United States, ASN39572 (ADVANCEDHOSTERS-AS, NL),
Reverse DNS
Software
nginx/1.18.0 /
Resource Hash

Request headers

Accept-Language
nl-NL,nl;q=0.9
Referer
https://517s61.reminews.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date
Fri, 03 Dec 2021 16:22:57 GMT
x-openstack-request-id
tx15b172dcb6084849bf123-00617824f0
x-trans-id
tx15b172dcb6084849bf123-00617824f0
x-timestamp
1621260766.57654
accept-ranges
bytes
expires
Sun, 05 Dec 2021 16:22:57 GMT
last-modified
Mon, 17 May 2021 14:12:47 GMT
server
nginx/1.18.0
etag
7ad7f32c1c0df7b4975cc41bda4ac435
vary
Accept-Encoding
access-control-allow-methods
HEAD,GET,POST,PUT,PATCH,DELETE,OPTIONS
content-type
image/png
access-control-allow-origin
*
access-control-expose-headers
X-Container-Meta-Temp-Url-Key,X-Container-Bytes-Used,Last-Modified,X-Timestamp
cache-control
max-age=172800
content-length
7032
access-control-allow-headers
Content-Type,X-Requested-With,X-Auth-Token,X-Openstack-Request-Id,X-Container-Meta-type,X-Container-Meta-Temp-URL-Key,Authorization
x-proxy-cache
HIT
icon5.png
123.selornews.com/dannig/common-player-arrow/img/ 		3 KB
4 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://123.selornews.com/dannig/common-player-arrow/img/icon5.png
Requested by
Host: 517s61.reminews.com
URL: https://517s61.reminews.com/dannig/common-player-arrow/index.html?var=1541502&ymid=2112031122dfa3d4fbee8249b1991f6b6f4b&rc=1&mrc=0&fsc=0&zoneid=1601571&tburl=https://play-vids.com/?geo=nl&proxy=true
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
45.133.44.4 Philadelphia, United States, ASN39572 (ADVANCEDHOSTERS-AS, NL),
Reverse DNS
Software
nginx/1.18.0 /
Resource Hash

Request headers

Accept-Language
nl-NL,nl;q=0.9
Referer
https://517s61.reminews.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date
Fri, 03 Dec 2021 16:22:57 GMT
x-openstack-request-id
txb5043e51fe2e4d6988631-00617824f0
x-trans-id
txb5043e51fe2e4d6988631-00617824f0
x-timestamp
1621260766.74516
accept-ranges
bytes
expires
Sun, 05 Dec 2021 16:22:57 GMT
last-modified
Mon, 17 May 2021 14:12:47 GMT
server
nginx/1.18.0
etag
1e1a7582b5da63e10485d63f97abc9a0
vary
Accept-Encoding
access-control-allow-methods
HEAD,GET,POST,PUT,PATCH,DELETE,OPTIONS
content-type
image/png
access-control-allow-origin
*
access-control-expose-headers
X-Container-Meta-Temp-Url-Key,X-Container-Bytes-Used,Last-Modified,X-Timestamp
cache-control
max-age=172800
content-length
3264
access-control-allow-headers
Content-Type,X-Requested-With,X-Auth-Token,X-Openstack-Request-Id,X-Container-Meta-type,X-Container-Meta-Temp-URL-Key,Authorization
x-proxy-cache
HIT
icon7.png
123.selornews.com/dannig/common-player-arrow/img/ 		3 KB
4 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://123.selornews.com/dannig/common-player-arrow/img/icon7.png
Requested by
Host: 517s61.reminews.com
URL: https://517s61.reminews.com/dannig/common-player-arrow/index.html?var=1541502&ymid=2112031122dfa3d4fbee8249b1991f6b6f4b&rc=1&mrc=0&fsc=0&zoneid=1601571&tburl=https://play-vids.com/?geo=nl&proxy=true
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
45.133.44.4 Philadelphia, United States, ASN39572 (ADVANCEDHOSTERS-AS, NL),
Reverse DNS
Software
nginx/1.18.0 /
Resource Hash

Request headers

Accept-Language
nl-NL,nl;q=0.9
Referer
https://517s61.reminews.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date
Fri, 03 Dec 2021 16:22:57 GMT
x-openstack-request-id
tx23eb648f44094a9e86fdc-00617824f0
x-trans-id
tx23eb648f44094a9e86fdc-00617824f0
x-timestamp
1621260767.43555
accept-ranges
bytes
expires
Sun, 05 Dec 2021 16:22:57 GMT
last-modified
Mon, 17 May 2021 14:12:48 GMT
server
nginx/1.18.0
etag
b512735542cb07b3b2dcf153a7dfe456
vary
Accept-Encoding
access-control-allow-methods
HEAD,GET,POST,PUT,PATCH,DELETE,OPTIONS
content-type
image/png
access-control-allow-origin
*
access-control-expose-headers
X-Container-Meta-Temp-Url-Key,X-Container-Bytes-Used,Last-Modified,X-Timestamp
cache-control
max-age=172800
content-length
3283
access-control-allow-headers
Content-Type,X-Requested-With,X-Auth-Token,X-Openstack-Request-Id,X-Container-Meta-type,X-Container-Meta-Temp-URL-Key,Authorization
x-proxy-cache
HIT
icon8.png
123.selornews.com/dannig/common-player-arrow/img/ 		4 KB
5 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://123.selornews.com/dannig/common-player-arrow/img/icon8.png
Requested by
Host: 517s61.reminews.com
URL: https://517s61.reminews.com/dannig/common-player-arrow/index.html?var=1541502&ymid=2112031122dfa3d4fbee8249b1991f6b6f4b&rc=1&mrc=0&fsc=0&zoneid=1601571&tburl=https://play-vids.com/?geo=nl&proxy=true
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
45.133.44.4 Philadelphia, United States, ASN39572 (ADVANCEDHOSTERS-AS, NL),
Reverse DNS
Software
nginx/1.18.0 /
Resource Hash

Request headers

Accept-Language
nl-NL,nl;q=0.9
Referer
https://517s61.reminews.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date
Fri, 03 Dec 2021 16:22:57 GMT
x-openstack-request-id
tx287de7c84de84b77b385d-00617824f0
x-trans-id
tx287de7c84de84b77b385d-00617824f0
x-timestamp
1621260767.46514
accept-ranges
bytes
expires
Sun, 05 Dec 2021 16:22:57 GMT
last-modified
Mon, 17 May 2021 14:12:48 GMT
server
nginx/1.18.0
etag
f92d6474ebc6a3a0b576749cfb4afe98
vary
Accept-Encoding
access-control-allow-methods
HEAD,GET,POST,PUT,PATCH,DELETE,OPTIONS
content-type
image/png
access-control-allow-origin
*
access-control-expose-headers
X-Container-Meta-Temp-Url-Key,X-Container-Bytes-Used,Last-Modified,X-Timestamp
cache-control
max-age=172800
content-length
4064
access-control-allow-headers
Content-Type,X-Requested-With,X-Auth-Token,X-Openstack-Request-Id,X-Container-Meta-type,X-Container-Meta-Temp-URL-Key,Authorization
x-proxy-cache
HIT
afu.php
kneeansweras.com/ 		2 KB
1 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://kneeansweras.com/afu.php?zoneid=1541501&var=1541502
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
109.206.162.83 , Netherlands, ASN50245 (SERVEREL-AS, NL),
Reverse DNS
83.162.serverel.net
Software
nginx /
Resource Hash
d2dd667422bca6a656cd750b9673922c0cc6fae50714626a29782cd3e7ddbab0

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36
Accept-Language
nl-NL,nl;q=0.9

Response headers

server
nginx
date
Fri, 03 Dec 2021 16:22:57 GMT
content-type
text/html; charset=utf-8
vary
Accept-Encoding
content-encoding
gzip
timing-allow-origin
*
submit.min.js
kneeansweras.com/ 		34 KB
14 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://kneeansweras.com/submit.min.js?2.0
Requested by
Host: kneeansweras.com
URL: https://kneeansweras.com/afu.php?zoneid=1541501&var=1541502
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
109.206.162.83 , Netherlands, ASN50245 (SERVEREL-AS, NL),
Reverse DNS
83.162.serverel.net
Software
nginx /
Resource Hash
85a367f436675a0f9ff723ab117c68ab0f704cd9f183bc40c8d5e06d647832b8

Request headers

Accept-Language
nl-NL,nl;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date
Fri, 03 Dec 2021 16:22:57 GMT
content-encoding
gzip
last-modified
Thu, 02 Dec 2021 12:43:17 GMT
server
nginx
etag
W/"61a8bf65-87fb"
vary
Accept-Encoding
content-type
application/javascript
timing-allow-origin
*
/
kneeansweras.com/ 		3 KB
2 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://kneeansweras.com/?r=dir&zoneid=1541501&var=1541502&pb=5a5d9701cc59d66a173b2b9019d7a3771638555777&psp=Vub5bg01ctBBvMrJSkBHYdhxb7DdpL3WQ0TDFz7fVQzqLPRA01Ap0sHk-niL9H8M_qLgu9Vb94d77WSmPwpZ34OMWwUA8XVSnf8NYcYUlk7Yzuamkm2w5r5VJQNpg7mlBUpd-__W3cdhyoCl2MZgt01ENdo6YfgOZmYhuYRbqWrMqnPaW-d2wrNfPkSzBN69DH-sc33hRAlbHKWHvKCwn3mdW-GuO0BUztpQWLnogEtmLnk6W2vFDelC74GGEK3ToPN50RgjzgD1s8lELNtmBcqOrVTDXRhyPiehMdc3k_5M64EXnVmwxcURhPSlnS41LQrWG-UdEx_OpmWbe5PW_UhHtNXIYLPf-u3zzOR7s4EECpz4SIjhLPZ18-HctIEDGYHquN_Ix-gLyeyqDDJsKj7Jwdk56I353liPLZJ-050gZhvjalro0m1VVZncN7N10FoEJhuxLR4NPtthnQjfTC-HCaMiau86KRM6KAQ7gTsZ25PdqK2Ms_v8Y4mECeL5aqkIjXnuY_WzoUyMGHoEpjoexRJiM7ndnfSTRTvgSg5abxNm8gnv6LXjfmCtdNpAXFdf4KvG3Sdx58O_8TPOiNQHl57vw-2GFMEv4qJE71863rbot6VjNsMoT7M6-D8-39wylrnf6ek3_Fny42gQB4NJt3NJnnAePBox6dD3KcztSfnH2BLFog==&nojs=0&ix=0&t=0&x=1600&y=1200&wcks=1&wgl=1&cnvs=1&os=0&md=0&bb=0&pl=Chrome%20PDF%20Plugin::Chrome%20PDF%20Viewer::Native%20Client&lang=en-US&pf=Linux%20x86_64&cd=24&0&pload=101
Requested by
Host: kneeansweras.com
URL: https://kneeansweras.com/submit.min.js?2.0
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
109.206.162.83 , Netherlands, ASN50245 (SERVEREL-AS, NL),
Reverse DNS
83.162.serverel.net
Software
nginx /
Resource Hash
e5aec76555216ec22836d70a3dff9cc869640377c68cb38a44d092d61b5b680d

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36
Accept-Language
nl-NL,nl;q=0.9

Response headers

server
nginx
date
Fri, 03 Dec 2021 16:22:57 GMT
content-type
text/html; charset=utf-8
vary
Accept-Encoding
content-encoding
gzip
timing-allow-origin
*
index.html
517s61.reminews.com/dannig/common-player-arrow/ 		6 KB
7 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://517s61.reminews.com/dannig/common-player-arrow/index.html?var=1541501&ymid=211203112213416afdb2a64043a69e60397c&rc=1&mrc=0&fsc=0&zoneid=1601571&tburl=https://play-vids.com/?geo=nl&proxy=true
Requested by
Host: kneeansweras.com
URL: https://kneeansweras.com/?r=dir&zoneid=1541501&var=1541502&pb=5a5d9701cc59d66a173b2b9019d7a3771638555777&psp=Vub5bg01ctBBvMrJSkBHYdhxb7DdpL3WQ0TDFz7fVQzqLPRA01Ap0sHk-niL9H8M_qLgu9Vb94d77WSmPwpZ34OMWwUA8XVSnf8NYcYUlk7Yzuamkm2w5r5VJQNpg7mlBUpd-__W3cdhyoCl2MZgt01ENdo6YfgOZmYhuYRbqWrMqnPaW-d2wrNfPkSzBN69DH-sc33hRAlbHKWHvKCwn3mdW-GuO0BUztpQWLnogEtmLnk6W2vFDelC74GGEK3ToPN50RgjzgD1s8lELNtmBcqOrVTDXRhyPiehMdc3k_5M64EXnVmwxcURhPSlnS41LQrWG-UdEx_OpmWbe5PW_UhHtNXIYLPf-u3zzOR7s4EECpz4SIjhLPZ18-HctIEDGYHquN_Ix-gLyeyqDDJsKj7Jwdk56I353liPLZJ-050gZhvjalro0m1VVZncN7N10FoEJhuxLR4NPtthnQjfTC-HCaMiau86KRM6KAQ7gTsZ25PdqK2Ms_v8Y4mECeL5aqkIjXnuY_WzoUyMGHoEpjoexRJiM7ndnfSTRTvgSg5abxNm8gnv6LXjfmCtdNpAXFdf4KvG3Sdx58O_8TPOiNQHl57vw-2GFMEv4qJE71863rbot6VjNsMoT7M6-D8-39wylrnf6ek3_Fny42gQB4NJt3NJnnAePBox6dD3KcztSfnH2BLFog==&nojs=0&ix=0&t=0&x=1600&y=1200&wcks=1&wgl=1&cnvs=1&os=0&md=0&bb=0&pl=Chrome%20PDF%20Plugin::Chrome%20PDF%20Viewer::Native%20Client&lang=en-US&pf=Linux%20x86_64&cd=24&0&pload=101
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
45.133.44.3 Philadelphia, United States, ASN39572 (ADVANCEDHOSTERS-AS, NL),
Reverse DNS
Software
nginx/1.18.0 /
Resource Hash
dccc56b4834577790633f041a5c730b0f283352e63c8509a9da3961b170b6f96

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36
Accept-Language
nl-NL,nl;q=0.9

Response headers

date
Fri, 03 Dec 2021 16:22:57 GMT
content-type
text/html; charset=utf-8
content-length
6611
server
nginx/1.18.0
last-modified
Tue, 26 Oct 2021 15:52:40 GMT
etag
f46a63e0e4e733d7ddc6f46da00863bf
x-timestamp
1635263559.76455
x-trans-id
txf9973ab5455e4f86ae257-00617824f3
x-openstack-request-id
txf9973ab5455e4f86ae257-00617824f3
cache-control
max-age=172800
access-control-allow-origin
*
access-control-allow-methods
HEAD,GET,POST,PUT,PATCH,DELETE,OPTIONS
access-control-allow-headers
Content-Type,X-Requested-With,X-Auth-Token,X-Openstack-Request-Id,X-Container-Meta-type,X-Container-Meta-Temp-URL-Key,Authorization
access-control-expose-headers
X-Container-Meta-Temp-Url-Key,X-Container-Bytes-Used,Last-Modified,X-Timestamp
expires
Sun, 05 Dec 2021 16:22:57 GMT
vary
Accept-Encoding
x-proxy-cache
HIT
accept-ranges
bytes
dupa.gif
kneeansweras.com/ 		0
0
script.js
123.selornews.com/dannig/common-player-arrow/ 		4 KB
5 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://123.selornews.com/dannig/common-player-arrow/script.js?a=19
Requested by
Host: 517s61.reminews.com
URL: https://517s61.reminews.com/dannig/common-player-arrow/index.html?var=1541501&ymid=211203112213416afdb2a64043a69e60397c&rc=1&mrc=0&fsc=0&zoneid=1601571&tburl=https://play-vids.com/?geo=nl&proxy=true
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
45.133.44.4 Philadelphia, United States, ASN39572 (ADVANCEDHOSTERS-AS, NL),
Reverse DNS
Software
nginx/1.18.0 /
Resource Hash
4d23eca65ee87fd5bce9aaefc863c5f836ad13dbb3069c72533bddfe2054d0d9

Request headers

Accept-Language
nl-NL,nl;q=0.9
Referer
https://517s61.reminews.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date
Fri, 03 Dec 2021 16:22:57 GMT
x-openstack-request-id
tx511d3042704c4fa98c709-00617824f4
x-trans-id
tx511d3042704c4fa98c709-00617824f4
x-timestamp
1631013005.68768
accept-ranges
bytes
expires
Sun, 05 Dec 2021 16:22:57 GMT
last-modified
Tue, 07 Sep 2021 11:10:06 GMT
server
nginx/1.18.0
etag
9d479878f1dadd7ee15cebf73891e8ae
vary
Accept-Encoding
access-control-allow-methods
HEAD,GET,POST,PUT,PATCH,DELETE,OPTIONS
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
access-control-expose-headers
X-Container-Meta-Temp-Url-Key,X-Container-Bytes-Used,Last-Modified,X-Timestamp
cache-control
max-age=172800
content-length
4281
access-control-allow-headers
Content-Type,X-Requested-With,X-Auth-Token,X-Openstack-Request-Id,X-Container-Meta-type,X-Container-Meta-Temp-URL-Key,Authorization
x-proxy-cache
HIT
icon1.png
123.selornews.com/dannig/common-player-arrow/img/ 		7 KB
8 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://123.selornews.com/dannig/common-player-arrow/img/icon1.png
Requested by
Host: 517s61.reminews.com
URL: https://517s61.reminews.com/dannig/common-player-arrow/index.html?var=1541501&ymid=211203112213416afdb2a64043a69e60397c&rc=1&mrc=0&fsc=0&zoneid=1601571&tburl=https://play-vids.com/?geo=nl&proxy=true
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
45.133.44.4 Philadelphia, United States, ASN39572 (ADVANCEDHOSTERS-AS, NL),
Reverse DNS
Software
nginx/1.18.0 /
Resource Hash

Request headers

Accept-Language
nl-NL,nl;q=0.9
Referer
https://517s61.reminews.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date
Fri, 03 Dec 2021 16:22:57 GMT
x-openstack-request-id
tx3a371b7f911d47879e956-00617824f4
x-trans-id
tx3a371b7f911d47879e956-00617824f4
x-timestamp
1621260766.56573
accept-ranges
bytes
expires
Sun, 05 Dec 2021 16:22:57 GMT
last-modified
Mon, 17 May 2021 14:12:47 GMT
server
nginx/1.18.0
etag
3d0ab5834c8bf7134e4d21fa3288317f
vary
Accept-Encoding
access-control-allow-methods
HEAD,GET,POST,PUT,PATCH,DELETE,OPTIONS
content-type
image/png
access-control-allow-origin
*
access-control-expose-headers
X-Container-Meta-Temp-Url-Key,X-Container-Bytes-Used,Last-Modified,X-Timestamp
cache-control
max-age=172800
content-length
7252
access-control-allow-headers
Content-Type,X-Requested-With,X-Auth-Token,X-Openstack-Request-Id,X-Container-Meta-type,X-Container-Meta-Temp-URL-Key,Authorization
x-proxy-cache
HIT
icon2.png
123.selornews.com/dannig/common-player-arrow/img/ 		4 KB
5 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://123.selornews.com/dannig/common-player-arrow/img/icon2.png
Requested by
Host: 517s61.reminews.com
URL: https://517s61.reminews.com/dannig/common-player-arrow/index.html?var=1541501&ymid=211203112213416afdb2a64043a69e60397c&rc=1&mrc=0&fsc=0&zoneid=1601571&tburl=https://play-vids.com/?geo=nl&proxy=true
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
45.133.44.4 Philadelphia, United States, ASN39572 (ADVANCEDHOSTERS-AS, NL),
Reverse DNS
Software
nginx/1.18.0 /
Resource Hash

Request headers

Accept-Language
nl-NL,nl;q=0.9
Referer
https://517s61.reminews.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date
Fri, 03 Dec 2021 16:22:57 GMT
x-openstack-request-id
txa9b08c83d6884e2e94886-00617824f0
x-trans-id
txa9b08c83d6884e2e94886-00617824f0
x-timestamp
1621260766.58366
accept-ranges
bytes
expires
Sun, 05 Dec 2021 16:22:57 GMT
last-modified
Mon, 17 May 2021 14:12:47 GMT
server
nginx/1.18.0
etag
c947d439eb93367f1af5b2a3d222f057
vary
Accept-Encoding
access-control-allow-methods
HEAD,GET,POST,PUT,PATCH,DELETE,OPTIONS
content-type
image/png
access-control-allow-origin
*
access-control-expose-headers
X-Container-Meta-Temp-Url-Key,X-Container-Bytes-Used,Last-Modified,X-Timestamp
cache-control
max-age=172800
content-length
4576
access-control-allow-headers
Content-Type,X-Requested-With,X-Auth-Token,X-Openstack-Request-Id,X-Container-Meta-type,X-Container-Meta-Temp-URL-Key,Authorization
x-proxy-cache
HIT
icon3.png
123.selornews.com/dannig/common-player-arrow/img/ 		8 KB
8 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://123.selornews.com/dannig/common-player-arrow/img/icon3.png
Requested by
Host: 517s61.reminews.com
URL: https://517s61.reminews.com/dannig/common-player-arrow/index.html?var=1541501&ymid=211203112213416afdb2a64043a69e60397c&rc=1&mrc=0&fsc=0&zoneid=1601571&tburl=https://play-vids.com/?geo=nl&proxy=true
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
45.133.44.4 Philadelphia, United States, ASN39572 (ADVANCEDHOSTERS-AS, NL),
Reverse DNS
Software
nginx/1.18.0 /
Resource Hash

Request headers

Accept-Language
nl-NL,nl;q=0.9
Referer
https://517s61.reminews.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date
Fri, 03 Dec 2021 16:22:57 GMT
x-openstack-request-id
txe836bc800dc74cab8c17e-00617824f0
x-trans-id
txe836bc800dc74cab8c17e-00617824f0
x-timestamp
1621260770.61859
accept-ranges
bytes
expires
Sun, 05 Dec 2021 16:22:57 GMT
last-modified
Mon, 17 May 2021 14:12:51 GMT
server
nginx/1.18.0
etag
8f3cc830da0b1fdf66bda7d1d734747b
vary
Accept-Encoding
access-control-allow-methods
HEAD,GET,POST,PUT,PATCH,DELETE,OPTIONS
content-type
image/png
access-control-allow-origin
*
access-control-expose-headers
X-Container-Meta-Temp-Url-Key,X-Container-Bytes-Used,Last-Modified,X-Timestamp
cache-control
max-age=172800
content-length
7847
access-control-allow-headers
Content-Type,X-Requested-With,X-Auth-Token,X-Openstack-Request-Id,X-Container-Meta-type,X-Container-Meta-Temp-URL-Key,Authorization
x-proxy-cache
HIT
icon4.png
123.selornews.com/dannig/common-player-arrow/img/ 		7 KB
7 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://123.selornews.com/dannig/common-player-arrow/img/icon4.png
Requested by
Host: 517s61.reminews.com
URL: https://517s61.reminews.com/dannig/common-player-arrow/index.html?var=1541501&ymid=211203112213416afdb2a64043a69e60397c&rc=1&mrc=0&fsc=0&zoneid=1601571&tburl=https://play-vids.com/?geo=nl&proxy=true
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
45.133.44.4 Philadelphia, United States, ASN39572 (ADVANCEDHOSTERS-AS, NL),
Reverse DNS
Software
nginx/1.18.0 /
Resource Hash

Request headers

Accept-Language
nl-NL,nl;q=0.9
Referer
https://517s61.reminews.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date
Fri, 03 Dec 2021 16:22:57 GMT
x-openstack-request-id
tx15b172dcb6084849bf123-00617824f0
x-trans-id
tx15b172dcb6084849bf123-00617824f0
x-timestamp
1621260766.57654
accept-ranges
bytes
expires
Sun, 05 Dec 2021 16:22:57 GMT
last-modified
Mon, 17 May 2021 14:12:47 GMT
server
nginx/1.18.0
etag
7ad7f32c1c0df7b4975cc41bda4ac435
vary
Accept-Encoding
access-control-allow-methods
HEAD,GET,POST,PUT,PATCH,DELETE,OPTIONS
content-type
image/png
access-control-allow-origin
*
access-control-expose-headers
X-Container-Meta-Temp-Url-Key,X-Container-Bytes-Used,Last-Modified,X-Timestamp
cache-control
max-age=172800
content-length
7032
access-control-allow-headers
Content-Type,X-Requested-With,X-Auth-Token,X-Openstack-Request-Id,X-Container-Meta-type,X-Container-Meta-Temp-URL-Key,Authorization
x-proxy-cache
HIT
icon5.png
123.selornews.com/dannig/common-player-arrow/img/ 		3 KB
4 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://123.selornews.com/dannig/common-player-arrow/img/icon5.png
Requested by
Host: 517s61.reminews.com
URL: https://517s61.reminews.com/dannig/common-player-arrow/index.html?var=1541501&ymid=211203112213416afdb2a64043a69e60397c&rc=1&mrc=0&fsc=0&zoneid=1601571&tburl=https://play-vids.com/?geo=nl&proxy=true
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
45.133.44.4 Philadelphia, United States, ASN39572 (ADVANCEDHOSTERS-AS, NL),
Reverse DNS
Software
nginx/1.18.0 /
Resource Hash

Request headers

Accept-Language
nl-NL,nl;q=0.9
Referer
https://517s61.reminews.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date
Fri, 03 Dec 2021 16:22:57 GMT
x-openstack-request-id
txb5043e51fe2e4d6988631-00617824f0
x-trans-id
txb5043e51fe2e4d6988631-00617824f0
x-timestamp
1621260766.74516
accept-ranges
bytes
expires
Sun, 05 Dec 2021 16:22:57 GMT
last-modified
Mon, 17 May 2021 14:12:47 GMT
server
nginx/1.18.0
etag
1e1a7582b5da63e10485d63f97abc9a0
vary
Accept-Encoding
access-control-allow-methods
HEAD,GET,POST,PUT,PATCH,DELETE,OPTIONS
content-type
image/png
access-control-allow-origin
*
access-control-expose-headers
X-Container-Meta-Temp-Url-Key,X-Container-Bytes-Used,Last-Modified,X-Timestamp
cache-control
max-age=172800
content-length
3264
access-control-allow-headers
Content-Type,X-Requested-With,X-Auth-Token,X-Openstack-Request-Id,X-Container-Meta-type,X-Container-Meta-Temp-URL-Key,Authorization
x-proxy-cache
HIT
icon7.png
123.selornews.com/dannig/common-player-arrow/img/ 		3 KB
4 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://123.selornews.com/dannig/common-player-arrow/img/icon7.png
Requested by
Host: 517s61.reminews.com
URL: https://517s61.reminews.com/dannig/common-player-arrow/index.html?var=1541501&ymid=211203112213416afdb2a64043a69e60397c&rc=1&mrc=0&fsc=0&zoneid=1601571&tburl=https://play-vids.com/?geo=nl&proxy=true
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
45.133.44.4 Philadelphia, United States, ASN39572 (ADVANCEDHOSTERS-AS, NL),
Reverse DNS
Software
nginx/1.18.0 /
Resource Hash

Request headers

Accept-Language
nl-NL,nl;q=0.9
Referer
https://517s61.reminews.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date
Fri, 03 Dec 2021 16:22:57 GMT
x-openstack-request-id
tx23eb648f44094a9e86fdc-00617824f0
x-trans-id
tx23eb648f44094a9e86fdc-00617824f0
x-timestamp
1621260767.43555
accept-ranges
bytes
expires
Sun, 05 Dec 2021 16:22:57 GMT
last-modified
Mon, 17 May 2021 14:12:48 GMT
server
nginx/1.18.0
etag
b512735542cb07b3b2dcf153a7dfe456
vary
Accept-Encoding
access-control-allow-methods
HEAD,GET,POST,PUT,PATCH,DELETE,OPTIONS
content-type
image/png
access-control-allow-origin
*
access-control-expose-headers
X-Container-Meta-Temp-Url-Key,X-Container-Bytes-Used,Last-Modified,X-Timestamp
cache-control
max-age=172800
content-length
3283
access-control-allow-headers
Content-Type,X-Requested-With,X-Auth-Token,X-Openstack-Request-Id,X-Container-Meta-type,X-Container-Meta-Temp-URL-Key,Authorization
x-proxy-cache
HIT
icon8.png
123.selornews.com/dannig/common-player-arrow/img/ 		4 KB
5 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://123.selornews.com/dannig/common-player-arrow/img/icon8.png
Requested by
Host: 517s61.reminews.com
URL: https://517s61.reminews.com/dannig/common-player-arrow/index.html?var=1541501&ymid=211203112213416afdb2a64043a69e60397c&rc=1&mrc=0&fsc=0&zoneid=1601571&tburl=https://play-vids.com/?geo=nl&proxy=true
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
45.133.44.4 Philadelphia, United States, ASN39572 (ADVANCEDHOSTERS-AS, NL),
Reverse DNS
Software
nginx/1.18.0 /
Resource Hash

Request headers

Accept-Language
nl-NL,nl;q=0.9
Referer
https://517s61.reminews.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date
Fri, 03 Dec 2021 16:22:57 GMT
x-openstack-request-id
tx287de7c84de84b77b385d-00617824f0
x-trans-id
tx287de7c84de84b77b385d-00617824f0
x-timestamp
1621260767.46514
accept-ranges
bytes
expires
Sun, 05 Dec 2021 16:22:57 GMT
last-modified
Mon, 17 May 2021 14:12:48 GMT
server
nginx/1.18.0
etag
f92d6474ebc6a3a0b576749cfb4afe98
vary
Accept-Encoding
access-control-allow-methods
HEAD,GET,POST,PUT,PATCH,DELETE,OPTIONS
content-type
image/png
access-control-allow-origin
*
access-control-expose-headers
X-Container-Meta-Temp-Url-Key,X-Container-Bytes-Used,Last-Modified,X-Timestamp
cache-control
max-age=172800
content-length
4064
access-control-allow-headers
Content-Type,X-Requested-With,X-Auth-Token,X-Openstack-Request-Id,X-Container-Meta-type,X-Container-Meta-Temp-URL-Key,Authorization
x-proxy-cache
HIT
afu.php
kneeansweras.com/ 		2 KB
1 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://kneeansweras.com/afu.php?zoneid=1541502&var=1541501
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
109.206.162.83 , Netherlands, ASN50245 (SERVEREL-AS, NL),
Reverse DNS
83.162.serverel.net
Software
nginx /
Resource Hash
bb2820d1d3ab0f9a369c90c4a3ce6c7d3823d2e1f65c092df0a17316cc49a435

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36
Accept-Language
nl-NL,nl;q=0.9

Response headers

server
nginx
date
Fri, 03 Dec 2021 16:22:57 GMT
content-type
text/html; charset=utf-8
vary
Accept-Encoding
content-encoding
gzip
timing-allow-origin
*
submit.min.js
kneeansweras.com/ 		34 KB
14 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://kneeansweras.com/submit.min.js?2.0
Requested by
Host: kneeansweras.com
URL: https://kneeansweras.com/afu.php?zoneid=1541502&var=1541501
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
109.206.162.83 , Netherlands, ASN50245 (SERVEREL-AS, NL),
Reverse DNS
83.162.serverel.net
Software
nginx /
Resource Hash
85a367f436675a0f9ff723ab117c68ab0f704cd9f183bc40c8d5e06d647832b8

Request headers

Accept-Language
nl-NL,nl;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date
Fri, 03 Dec 2021 16:22:57 GMT
content-encoding
gzip
last-modified
Thu, 02 Dec 2021 12:43:17 GMT
server
nginx
etag
W/"61a8bf65-87fb"
vary
Accept-Encoding
content-type
application/javascript
timing-allow-origin
*
/
kneeansweras.com/ 		3 KB
2 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://kneeansweras.com/?r=dir&zoneid=1541502&var=1541501&pb=5a5d9701cc59d66a173b2b9019d7a3771638555777&psp=BGnga98JaSYPjoDzUct_aPxDPxYOl5yP7tW9Bm544sMr870CBulTJ_eP1tX8A4D8AkUwapjMseqaaIZLyVnk_Ys9b_EYbP5kXH8J7DU6P-aGnBaJaUmjvtii3Hm8V8l4EmmwZECE3PELf6aG3sV8hMX5O3bPfIFJKhiKcozzjwnSElevWytVrprYsngBtquG4JXHO7-KSpsNBgz-4VQLv4tpeNeoSZHxqtZ1GK3OkwADVR64lZ20As1OnpgR4GwjDsJhxOrRkhMh-XRnG4GYKbXFkuV-t9yaE_oqlJQLTb6YNJ3c4IG3Q7C9ZD0xEGJr0QJdyporpGZlVqDqVw-ra1x6eJEHKRG9dz_IlekbS-raW2Zref8DraxSOesxcT1uHw3EYk3pZi6Izk-UCZu_v9x5UgAp5KJSPJzRJ7ewQC-WGtjBz9J8g9vh5syRICkTqX8TZ_P0eL31L-mt0p1gFd_Aog67-dm9zMsRjaGrXPmwQAXAEIunlB_crqjYykXNN8vqWYpFiGLv_AWewm7FAcPd0FWcXyx2-HHCM2UFC3E8cv_-TBcNMBk83WUCJqHbHlT71JkvNkwo2kXag0hgKcjQEQqFGnNc_yvGcuwuDnwTa8rtHY4UF5R4nLkB-gMoJUbmLZi_aFptFOkhk7f0-WXO8Rrf7qTdc8XUulV7JyFIRmF8YOsHUQ==&nojs=0&ix=0&t=0&x=1600&y=1200&wcks=1&wgl=1&cnvs=1&os=0&md=0&bb=0&pl=Chrome%20PDF%20Plugin::Chrome%20PDF%20Viewer::Native%20Client&lang=en-US&pf=Linux%20x86_64&cd=24&0&pload=102
Requested by
Host: kneeansweras.com
URL: https://kneeansweras.com/submit.min.js?2.0
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
109.206.162.83 , Netherlands, ASN50245 (SERVEREL-AS, NL),
Reverse DNS
83.162.serverel.net
Software
nginx /
Resource Hash
9bbee820dce726370817824285a482bfe0f0172defd1a37d6d3eeb6f301ea94a

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36
Accept-Language
nl-NL,nl;q=0.9

Response headers

server
nginx
date
Fri, 03 Dec 2021 16:22:57 GMT
content-type
text/html; charset=utf-8
vary
Accept-Encoding
content-encoding
gzip
timing-allow-origin
*
index.html
517s61.reminews.com/dannig/common-player-arrow/ 		6 KB
7 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://517s61.reminews.com/dannig/common-player-arrow/index.html?var=1541502&ymid=21120311228b5ac456afbc48ffbb44c3414f&rc=1&mrc=0&fsc=0&zoneid=1601571&tburl=https://play-vids.com/?geo=nl&proxy=true
Requested by
Host: kneeansweras.com
URL: https://kneeansweras.com/?r=dir&zoneid=1541502&var=1541501&pb=5a5d9701cc59d66a173b2b9019d7a3771638555777&psp=BGnga98JaSYPjoDzUct_aPxDPxYOl5yP7tW9Bm544sMr870CBulTJ_eP1tX8A4D8AkUwapjMseqaaIZLyVnk_Ys9b_EYbP5kXH8J7DU6P-aGnBaJaUmjvtii3Hm8V8l4EmmwZECE3PELf6aG3sV8hMX5O3bPfIFJKhiKcozzjwnSElevWytVrprYsngBtquG4JXHO7-KSpsNBgz-4VQLv4tpeNeoSZHxqtZ1GK3OkwADVR64lZ20As1OnpgR4GwjDsJhxOrRkhMh-XRnG4GYKbXFkuV-t9yaE_oqlJQLTb6YNJ3c4IG3Q7C9ZD0xEGJr0QJdyporpGZlVqDqVw-ra1x6eJEHKRG9dz_IlekbS-raW2Zref8DraxSOesxcT1uHw3EYk3pZi6Izk-UCZu_v9x5UgAp5KJSPJzRJ7ewQC-WGtjBz9J8g9vh5syRICkTqX8TZ_P0eL31L-mt0p1gFd_Aog67-dm9zMsRjaGrXPmwQAXAEIunlB_crqjYykXNN8vqWYpFiGLv_AWewm7FAcPd0FWcXyx2-HHCM2UFC3E8cv_-TBcNMBk83WUCJqHbHlT71JkvNkwo2kXag0hgKcjQEQqFGnNc_yvGcuwuDnwTa8rtHY4UF5R4nLkB-gMoJUbmLZi_aFptFOkhk7f0-WXO8Rrf7qTdc8XUulV7JyFIRmF8YOsHUQ==&nojs=0&ix=0&t=0&x=1600&y=1200&wcks=1&wgl=1&cnvs=1&os=0&md=0&bb=0&pl=Chrome%20PDF%20Plugin::Chrome%20PDF%20Viewer::Native%20Client&lang=en-US&pf=Linux%20x86_64&cd=24&0&pload=102
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
45.133.44.3 Philadelphia, United States, ASN39572 (ADVANCEDHOSTERS-AS, NL),
Reverse DNS
Software
nginx/1.18.0 /
Resource Hash
dccc56b4834577790633f041a5c730b0f283352e63c8509a9da3961b170b6f96

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36
Accept-Language
nl-NL,nl;q=0.9

Response headers

date
Fri, 03 Dec 2021 16:22:57 GMT
content-type
text/html; charset=utf-8
content-length
6611
server
nginx/1.18.0
last-modified
Tue, 26 Oct 2021 15:52:40 GMT
etag
f46a63e0e4e733d7ddc6f46da00863bf
x-timestamp
1635263559.76455
x-trans-id
txf9973ab5455e4f86ae257-00617824f3
x-openstack-request-id
txf9973ab5455e4f86ae257-00617824f3
cache-control
max-age=172800
access-control-allow-origin
*
access-control-allow-methods
HEAD,GET,POST,PUT,PATCH,DELETE,OPTIONS
access-control-allow-headers
Content-Type,X-Requested-With,X-Auth-Token,X-Openstack-Request-Id,X-Container-Meta-type,X-Container-Meta-Temp-URL-Key,Authorization
access-control-expose-headers
X-Container-Meta-Temp-Url-Key,X-Container-Bytes-Used,Last-Modified,X-Timestamp
expires
Sun, 05 Dec 2021 16:22:57 GMT
vary
Accept-Encoding
x-proxy-cache
HIT
accept-ranges
bytes
dupa.gif
kneeansweras.com/ 		0
0
script.js
123.selornews.com/dannig/common-player-arrow/ 		4 KB
5 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://123.selornews.com/dannig/common-player-arrow/script.js?a=19
Requested by
Host: 517s61.reminews.com
URL: https://517s61.reminews.com/dannig/common-player-arrow/index.html?var=1541502&ymid=21120311228b5ac456afbc48ffbb44c3414f&rc=1&mrc=0&fsc=0&zoneid=1601571&tburl=https://play-vids.com/?geo=nl&proxy=true
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
45.133.44.4 Philadelphia, United States, ASN39572 (ADVANCEDHOSTERS-AS, NL),
Reverse DNS
Software
nginx/1.18.0 /
Resource Hash
4d23eca65ee87fd5bce9aaefc863c5f836ad13dbb3069c72533bddfe2054d0d9

Request headers

Accept-Language
nl-NL,nl;q=0.9
Referer
https://517s61.reminews.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date
Fri, 03 Dec 2021 16:22:57 GMT
x-openstack-request-id
tx511d3042704c4fa98c709-00617824f4
x-trans-id
tx511d3042704c4fa98c709-00617824f4
x-timestamp
1631013005.68768
accept-ranges
bytes
expires
Sun, 05 Dec 2021 16:22:57 GMT
last-modified
Tue, 07 Sep 2021 11:10:06 GMT
server
nginx/1.18.0
etag
9d479878f1dadd7ee15cebf73891e8ae
vary
Accept-Encoding
access-control-allow-methods
HEAD,GET,POST,PUT,PATCH,DELETE,OPTIONS
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
access-control-expose-headers
X-Container-Meta-Temp-Url-Key,X-Container-Bytes-Used,Last-Modified,X-Timestamp
cache-control
max-age=172800
content-length
4281
access-control-allow-headers
Content-Type,X-Requested-With,X-Auth-Token,X-Openstack-Request-Id,X-Container-Meta-type,X-Container-Meta-Temp-URL-Key,Authorization
x-proxy-cache
HIT
icon1.png
123.selornews.com/dannig/common-player-arrow/img/ 		7 KB
8 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://123.selornews.com/dannig/common-player-arrow/img/icon1.png
Requested by
Host: 517s61.reminews.com
URL: https://517s61.reminews.com/dannig/common-player-arrow/index.html?var=1541502&ymid=21120311228b5ac456afbc48ffbb44c3414f&rc=1&mrc=0&fsc=0&zoneid=1601571&tburl=https://play-vids.com/?geo=nl&proxy=true
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
45.133.44.4 Philadelphia, United States, ASN39572 (ADVANCEDHOSTERS-AS, NL),
Reverse DNS
Software
nginx/1.18.0 /
Resource Hash

Request headers

Accept-Language
nl-NL,nl;q=0.9
Referer
https://517s61.reminews.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date
Fri, 03 Dec 2021 16:22:57 GMT
x-openstack-request-id
tx3a371b7f911d47879e956-00617824f4
x-trans-id
tx3a371b7f911d47879e956-00617824f4
x-timestamp
1621260766.56573
accept-ranges
bytes
expires
Sun, 05 Dec 2021 16:22:57 GMT
last-modified
Mon, 17 May 2021 14:12:47 GMT
server
nginx/1.18.0
etag
3d0ab5834c8bf7134e4d21fa3288317f
vary
Accept-Encoding
access-control-allow-methods
HEAD,GET,POST,PUT,PATCH,DELETE,OPTIONS
content-type
image/png
access-control-allow-origin
*
access-control-expose-headers
X-Container-Meta-Temp-Url-Key,X-Container-Bytes-Used,Last-Modified,X-Timestamp
cache-control
max-age=172800
content-length
7252
access-control-allow-headers
Content-Type,X-Requested-With,X-Auth-Token,X-Openstack-Request-Id,X-Container-Meta-type,X-Container-Meta-Temp-URL-Key,Authorization
x-proxy-cache
HIT
icon2.png
123.selornews.com/dannig/common-player-arrow/img/ 		4 KB
5 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://123.selornews.com/dannig/common-player-arrow/img/icon2.png
Requested by
Host: 517s61.reminews.com
URL: https://517s61.reminews.com/dannig/common-player-arrow/index.html?var=1541502&ymid=21120311228b5ac456afbc48ffbb44c3414f&rc=1&mrc=0&fsc=0&zoneid=1601571&tburl=https://play-vids.com/?geo=nl&proxy=true
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
45.133.44.4 Philadelphia, United States, ASN39572 (ADVANCEDHOSTERS-AS, NL),
Reverse DNS
Software
nginx/1.18.0 /
Resource Hash

Request headers

Accept-Language
nl-NL,nl;q=0.9
Referer
https://517s61.reminews.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date
Fri, 03 Dec 2021 16:22:57 GMT
x-openstack-request-id
txa9b08c83d6884e2e94886-00617824f0
x-trans-id
txa9b08c83d6884e2e94886-00617824f0
x-timestamp
1621260766.58366
accept-ranges
bytes
expires
Sun, 05 Dec 2021 16:22:57 GMT
last-modified
Mon, 17 May 2021 14:12:47 GMT
server
nginx/1.18.0
etag
c947d439eb93367f1af5b2a3d222f057
vary
Accept-Encoding
access-control-allow-methods
HEAD,GET,POST,PUT,PATCH,DELETE,OPTIONS
content-type
image/png
access-control-allow-origin
*
access-control-expose-headers
X-Container-Meta-Temp-Url-Key,X-Container-Bytes-Used,Last-Modified,X-Timestamp
cache-control
max-age=172800
content-length
4576
access-control-allow-headers
Content-Type,X-Requested-With,X-Auth-Token,X-Openstack-Request-Id,X-Container-Meta-type,X-Container-Meta-Temp-URL-Key,Authorization
x-proxy-cache
HIT
icon3.png
123.selornews.com/dannig/common-player-arrow/img/ 		8 KB
8 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://123.selornews.com/dannig/common-player-arrow/img/icon3.png
Requested by
Host: 517s61.reminews.com
URL: https://517s61.reminews.com/dannig/common-player-arrow/index.html?var=1541502&ymid=21120311228b5ac456afbc48ffbb44c3414f&rc=1&mrc=0&fsc=0&zoneid=1601571&tburl=https://play-vids.com/?geo=nl&proxy=true
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
45.133.44.4 Philadelphia, United States, ASN39572 (ADVANCEDHOSTERS-AS, NL),
Reverse DNS
Software
nginx/1.18.0 /
Resource Hash

Request headers

Accept-Language
nl-NL,nl;q=0.9
Referer
https://517s61.reminews.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date
Fri, 03 Dec 2021 16:22:57 GMT
x-openstack-request-id
txe836bc800dc74cab8c17e-00617824f0
x-trans-id
txe836bc800dc74cab8c17e-00617824f0
x-timestamp
1621260770.61859
accept-ranges
bytes
expires
Sun, 05 Dec 2021 16:22:57 GMT
last-modified
Mon, 17 May 2021 14:12:51 GMT
server
nginx/1.18.0
etag
8f3cc830da0b1fdf66bda7d1d734747b
vary
Accept-Encoding
access-control-allow-methods
HEAD,GET,POST,PUT,PATCH,DELETE,OPTIONS
content-type
image/png
access-control-allow-origin
*
access-control-expose-headers
X-Container-Meta-Temp-Url-Key,X-Container-Bytes-Used,Last-Modified,X-Timestamp
cache-control
max-age=172800
content-length
7847
access-control-allow-headers
Content-Type,X-Requested-With,X-Auth-Token,X-Openstack-Request-Id,X-Container-Meta-type,X-Container-Meta-Temp-URL-Key,Authorization
x-proxy-cache
HIT
icon4.png
123.selornews.com/dannig/common-player-arrow/img/ 		7 KB
7 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://123.selornews.com/dannig/common-player-arrow/img/icon4.png
Requested by
Host: 517s61.reminews.com
URL: https://517s61.reminews.com/dannig/common-player-arrow/index.html?var=1541502&ymid=21120311228b5ac456afbc48ffbb44c3414f&rc=1&mrc=0&fsc=0&zoneid=1601571&tburl=https://play-vids.com/?geo=nl&proxy=true
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
45.133.44.4 Philadelphia, United States, ASN39572 (ADVANCEDHOSTERS-AS, NL),
Reverse DNS
Software
nginx/1.18.0 /
Resource Hash

Request headers

Accept-Language
nl-NL,nl;q=0.9
Referer
https://517s61.reminews.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date
Fri, 03 Dec 2021 16:22:57 GMT
x-openstack-request-id
tx15b172dcb6084849bf123-00617824f0
x-trans-id
tx15b172dcb6084849bf123-00617824f0
x-timestamp
1621260766.57654
accept-ranges
bytes
expires
Sun, 05 Dec 2021 16:22:57 GMT
last-modified
Mon, 17 May 2021 14:12:47 GMT
server
nginx/1.18.0
etag
7ad7f32c1c0df7b4975cc41bda4ac435
vary
Accept-Encoding
access-control-allow-methods
HEAD,GET,POST,PUT,PATCH,DELETE,OPTIONS
content-type
image/png
access-control-allow-origin
*
access-control-expose-headers
X-Container-Meta-Temp-Url-Key,X-Container-Bytes-Used,Last-Modified,X-Timestamp
cache-control
max-age=172800
content-length
7032
access-control-allow-headers
Content-Type,X-Requested-With,X-Auth-Token,X-Openstack-Request-Id,X-Container-Meta-type,X-Container-Meta-Temp-URL-Key,Authorization
x-proxy-cache
HIT
icon5.png
123.selornews.com/dannig/common-player-arrow/img/ 		3 KB
4 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://123.selornews.com/dannig/common-player-arrow/img/icon5.png
Requested by
Host: 517s61.reminews.com
URL: https://517s61.reminews.com/dannig/common-player-arrow/index.html?var=1541502&ymid=21120311228b5ac456afbc48ffbb44c3414f&rc=1&mrc=0&fsc=0&zoneid=1601571&tburl=https://play-vids.com/?geo=nl&proxy=true
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
45.133.44.4 Philadelphia, United States, ASN39572 (ADVANCEDHOSTERS-AS, NL),
Reverse DNS
Software
nginx/1.18.0 /
Resource Hash

Request headers

Accept-Language
nl-NL,nl;q=0.9
Referer
https://517s61.reminews.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date
Fri, 03 Dec 2021 16:22:57 GMT
x-openstack-request-id
txb5043e51fe2e4d6988631-00617824f0
x-trans-id
txb5043e51fe2e4d6988631-00617824f0
x-timestamp
1621260766.74516
accept-ranges
bytes
expires
Sun, 05 Dec 2021 16:22:57 GMT
last-modified
Mon, 17 May 2021 14:12:47 GMT
server
nginx/1.18.0
etag
1e1a7582b5da63e10485d63f97abc9a0
vary
Accept-Encoding
access-control-allow-methods
HEAD,GET,POST,PUT,PATCH,DELETE,OPTIONS
content-type
image/png
access-control-allow-origin
*
access-control-expose-headers
X-Container-Meta-Temp-Url-Key,X-Container-Bytes-Used,Last-Modified,X-Timestamp
cache-control
max-age=172800
content-length
3264
access-control-allow-headers
Content-Type,X-Requested-With,X-Auth-Token,X-Openstack-Request-Id,X-Container-Meta-type,X-Container-Meta-Temp-URL-Key,Authorization
x-proxy-cache
HIT
icon7.png
123.selornews.com/dannig/common-player-arrow/img/ 		3 KB
4 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://123.selornews.com/dannig/common-player-arrow/img/icon7.png
Requested by
Host: 517s61.reminews.com
URL: https://517s61.reminews.com/dannig/common-player-arrow/index.html?var=1541502&ymid=21120311228b5ac456afbc48ffbb44c3414f&rc=1&mrc=0&fsc=0&zoneid=1601571&tburl=https://play-vids.com/?geo=nl&proxy=true
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
45.133.44.4 Philadelphia, United States, ASN39572 (ADVANCEDHOSTERS-AS, NL),
Reverse DNS
Software
nginx/1.18.0 /
Resource Hash

Request headers

Accept-Language
nl-NL,nl;q=0.9
Referer
https://517s61.reminews.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date
Fri, 03 Dec 2021 16:22:57 GMT
x-openstack-request-id
tx23eb648f44094a9e86fdc-00617824f0
x-trans-id
tx23eb648f44094a9e86fdc-00617824f0
x-timestamp
1621260767.43555
accept-ranges
bytes
expires
Sun, 05 Dec 2021 16:22:57 GMT
last-modified
Mon, 17 May 2021 14:12:48 GMT
server
nginx/1.18.0
etag
b512735542cb07b3b2dcf153a7dfe456
vary
Accept-Encoding
access-control-allow-methods
HEAD,GET,POST,PUT,PATCH,DELETE,OPTIONS
content-type
image/png
access-control-allow-origin
*
access-control-expose-headers
X-Container-Meta-Temp-Url-Key,X-Container-Bytes-Used,Last-Modified,X-Timestamp
cache-control
max-age=172800
content-length
3283
access-control-allow-headers
Content-Type,X-Requested-With,X-Auth-Token,X-Openstack-Request-Id,X-Container-Meta-type,X-Container-Meta-Temp-URL-Key,Authorization
x-proxy-cache
HIT
icon8.png
123.selornews.com/dannig/common-player-arrow/img/ 		4 KB
5 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://123.selornews.com/dannig/common-player-arrow/img/icon8.png
Requested by
Host: 517s61.reminews.com
URL: https://517s61.reminews.com/dannig/common-player-arrow/index.html?var=1541502&ymid=21120311228b5ac456afbc48ffbb44c3414f&rc=1&mrc=0&fsc=0&zoneid=1601571&tburl=https://play-vids.com/?geo=nl&proxy=true
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
45.133.44.4 Philadelphia, United States, ASN39572 (ADVANCEDHOSTERS-AS, NL),
Reverse DNS
Software
nginx/1.18.0 /
Resource Hash

Request headers

Accept-Language
nl-NL,nl;q=0.9
Referer
https://517s61.reminews.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date
Fri, 03 Dec 2021 16:22:57 GMT
x-openstack-request-id
tx287de7c84de84b77b385d-00617824f0
x-trans-id
tx287de7c84de84b77b385d-00617824f0
x-timestamp
1621260767.46514
accept-ranges
bytes
expires
Sun, 05 Dec 2021 16:22:57 GMT
last-modified
Mon, 17 May 2021 14:12:48 GMT
server
nginx/1.18.0
etag
f92d6474ebc6a3a0b576749cfb4afe98
vary
Accept-Encoding
access-control-allow-methods
HEAD,GET,POST,PUT,PATCH,DELETE,OPTIONS
content-type
image/png
access-control-allow-origin
*
access-control-expose-headers
X-Container-Meta-Temp-Url-Key,X-Container-Bytes-Used,Last-Modified,X-Timestamp
cache-control
max-age=172800
content-length
4064
access-control-allow-headers
Content-Type,X-Requested-With,X-Auth-Token,X-Openstack-Request-Id,X-Container-Meta-type,X-Container-Meta-Temp-URL-Key,Authorization
x-proxy-cache
HIT
afu.php
kneeansweras.com/ 		2 KB
1 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://kneeansweras.com/afu.php?zoneid=1541501&var=1541502
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
109.206.162.83 , Netherlands, ASN50245 (SERVEREL-AS, NL),
Reverse DNS
83.162.serverel.net
Software
nginx /
Resource Hash
6b31e475c5c28a0c9ec5242a6e0e0d500393f7b1d1708b30e4ddebd848b5757b

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36
Accept-Language
nl-NL,nl;q=0.9

Response headers

server
nginx
date
Fri, 03 Dec 2021 16:22:57 GMT
content-type
text/html; charset=utf-8
vary
Accept-Encoding
content-encoding
gzip
timing-allow-origin
*
submit.min.js
kneeansweras.com/ 		34 KB
14 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://kneeansweras.com/submit.min.js?2.0
Requested by
Host: kneeansweras.com
URL: https://kneeansweras.com/afu.php?zoneid=1541501&var=1541502
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
109.206.162.83 , Netherlands, ASN50245 (SERVEREL-AS, NL),
Reverse DNS
83.162.serverel.net
Software
nginx /
Resource Hash
85a367f436675a0f9ff723ab117c68ab0f704cd9f183bc40c8d5e06d647832b8

Request headers

Accept-Language
nl-NL,nl;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date
Fri, 03 Dec 2021 16:22:57 GMT
content-encoding
gzip
last-modified
Thu, 02 Dec 2021 12:43:17 GMT
server
nginx
etag
W/"61a8bf65-87fb"
vary
Accept-Encoding
content-type
application/javascript
timing-allow-origin
*
/
kneeansweras.com/ 		3 KB
2 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://kneeansweras.com/?r=dir&zoneid=1541501&var=1541502&pb=5a5d9701cc59d66a173b2b9019d7a3771638555777&psp=1n0pVODsIxv3nwsPY-DYNuszSTE88gm6StAB6YeTeWnibDvqBHZr50SgMoiekGqOMZHuuRu4OOCNTvQbzjUQfo81o0SuX7RvhURyJRE2U88OpGNg-MMI6Vyu9DH_QUVu9F5weQw3kqui1KRrTBOIXi3uqQ3TqLTHvWJremgm83V9g3Xq-bWSITEn-AAFOd4H7qRD78rRd83y1xgnX_X3DRuHD5Ft9EJfHrN2sRMKwjykaLNT8_xYzgrkWR7BonmtUcwfpd38DrGjvr1y-gTJkUr4F_nA4OklybQcCqIul0uU8zwSJ1ZgRZ1EMsjj0yo1yxS6QtuJ8wxpyJHb_heg7S2XQyo6dUbwoEdqAGYIcwEqtmUtUtSh-OXZ7y19nmmJxbFhJ4i_yx8_sVNxQa73VliU1beZfnS1QuSFch93pI7go3_duK5OGe94JeXuGzjs7IY0tCmVno6N2_UKH284yQIGMQyQ62cmJHi9XPObxg28JvU8p93uPjt5aLzGXW6kX-KdhxkrZmmcq12YFTIdPHQrwIOjhCtIxkoNp7xkLOIXfSV6HqSrUQsor1FGk8BifG4MkRL-2TCMYVLcBtW2C6eSal8v4kzDk98Q9dC6CcxBs5R4dRYmRn82SnDiXGK_x9NiIhyL0T-kv0AfnqAt73w9fLT77982EkbWnpRLSdgdTBAl-NZ6Jg==&nojs=0&ix=0&t=0&x=1600&y=1200&wcks=1&wgl=1&cnvs=1&os=0&md=0&bb=0&pl=Chrome%20PDF%20Plugin::Chrome%20PDF%20Viewer::Native%20Client&lang=en-US&pf=Linux%20x86_64&cd=24&0&pload=103
Requested by
Host: kneeansweras.com
URL: https://kneeansweras.com/submit.min.js?2.0
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
109.206.162.83 , Netherlands, ASN50245 (SERVEREL-AS, NL),
Reverse DNS
83.162.serverel.net
Software
nginx /
Resource Hash
436d5c9a42faf3719d7117610fcda3c8a6455ac56dc7861899f1ca31a57e8b76

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36
Accept-Language
nl-NL,nl;q=0.9

Response headers

server
nginx
date
Fri, 03 Dec 2021 16:22:57 GMT
content-type
text/html; charset=utf-8
vary
Accept-Encoding
content-encoding
gzip
timing-allow-origin
*
index.html
517s61.reminews.com/dannig/common-player-arrow/ 		6 KB
7 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://517s61.reminews.com/dannig/common-player-arrow/index.html?var=1541501&ymid=2112031122cf6d9f57afd44a81a8679f4063&rc=1&mrc=0&fsc=0&zoneid=1601571&tburl=https://play-vids.com/?geo=nl&proxy=true
Requested by
Host: kneeansweras.com
URL: https://kneeansweras.com/?r=dir&zoneid=1541501&var=1541502&pb=5a5d9701cc59d66a173b2b9019d7a3771638555777&psp=1n0pVODsIxv3nwsPY-DYNuszSTE88gm6StAB6YeTeWnibDvqBHZr50SgMoiekGqOMZHuuRu4OOCNTvQbzjUQfo81o0SuX7RvhURyJRE2U88OpGNg-MMI6Vyu9DH_QUVu9F5weQw3kqui1KRrTBOIXi3uqQ3TqLTHvWJremgm83V9g3Xq-bWSITEn-AAFOd4H7qRD78rRd83y1xgnX_X3DRuHD5Ft9EJfHrN2sRMKwjykaLNT8_xYzgrkWR7BonmtUcwfpd38DrGjvr1y-gTJkUr4F_nA4OklybQcCqIul0uU8zwSJ1ZgRZ1EMsjj0yo1yxS6QtuJ8wxpyJHb_heg7S2XQyo6dUbwoEdqAGYIcwEqtmUtUtSh-OXZ7y19nmmJxbFhJ4i_yx8_sVNxQa73VliU1beZfnS1QuSFch93pI7go3_duK5OGe94JeXuGzjs7IY0tCmVno6N2_UKH284yQIGMQyQ62cmJHi9XPObxg28JvU8p93uPjt5aLzGXW6kX-KdhxkrZmmcq12YFTIdPHQrwIOjhCtIxkoNp7xkLOIXfSV6HqSrUQsor1FGk8BifG4MkRL-2TCMYVLcBtW2C6eSal8v4kzDk98Q9dC6CcxBs5R4dRYmRn82SnDiXGK_x9NiIhyL0T-kv0AfnqAt73w9fLT77982EkbWnpRLSdgdTBAl-NZ6Jg==&nojs=0&ix=0&t=0&x=1600&y=1200&wcks=1&wgl=1&cnvs=1&os=0&md=0&bb=0&pl=Chrome%20PDF%20Plugin::Chrome%20PDF%20Viewer::Native%20Client&lang=en-US&pf=Linux%20x86_64&cd=24&0&pload=103
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
45.133.44.3 Philadelphia, United States, ASN39572 (ADVANCEDHOSTERS-AS, NL),
Reverse DNS
Software
nginx/1.18.0 /
Resource Hash
dccc56b4834577790633f041a5c730b0f283352e63c8509a9da3961b170b6f96

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36
Accept-Language
nl-NL,nl;q=0.9

Response headers

date
Fri, 03 Dec 2021 16:22:57 GMT
content-type
text/html; charset=utf-8
content-length
6611
server
nginx/1.18.0
last-modified
Tue, 26 Oct 2021 15:52:40 GMT
etag
f46a63e0e4e733d7ddc6f46da00863bf
x-timestamp
1635263559.76455
x-trans-id
txf9973ab5455e4f86ae257-00617824f3
x-openstack-request-id
txf9973ab5455e4f86ae257-00617824f3
cache-control
max-age=172800
access-control-allow-origin
*
access-control-allow-methods
HEAD,GET,POST,PUT,PATCH,DELETE,OPTIONS
access-control-allow-headers
Content-Type,X-Requested-With,X-Auth-Token,X-Openstack-Request-Id,X-Container-Meta-type,X-Container-Meta-Temp-URL-Key,Authorization
access-control-expose-headers
X-Container-Meta-Temp-Url-Key,X-Container-Bytes-Used,Last-Modified,X-Timestamp
expires
Sun, 05 Dec 2021 16:22:57 GMT
vary
Accept-Encoding
x-proxy-cache
HIT
accept-ranges
bytes
dupa.gif
kneeansweras.com/ 		43 B
123 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://kneeansweras.com/dupa.gif?z=1541501&var=1541502&pb=5a5d9701cc59d66a173b2b9019d7a3771638555777&psp=1n0pVODsIxv3nwsPY-DYNuszSTE88gm6StAB6YeTeWnibDvqBHZr50SgMoiekGqOMZHuuRu4OOCNTvQbzjUQfo81o0SuX7RvhURyJRE2U88OpGNg-MMI6Vyu9DH_QUVu9F5weQw3kqui1KRrTBOIXi3uqQ3TqLTHvWJremgm83V9g3Xq-bWSITEn-AAFOd4H7qRD78rRd83y1xgnX_X3DRuHD5Ft9EJfHrN2sRMKwjykaLNT8_xYzgrkWR7BonmtUcwfpd38DrGjvr1y-gTJkUr4F_nA4OklybQcCqIul0uU8zwSJ1ZgRZ1EMsjj0yo1yxS6QtuJ8wxpyJHb_heg7S2XQyo6dUbwoEdqAGYIcwEqtmUtUtSh-OXZ7y19nmmJxbFhJ4i_yx8_sVNxQa73VliU1beZfnS1QuSFch93pI7go3_duK5OGe94JeXuGzjs7IY0tCmVno6N2_UKH284yQIGMQyQ62cmJHi9XPObxg28JvU8p93uPjt5aLzGXW6kX-KdhxkrZmmcq12YFTIdPHQrwIOjhCtIxkoNp7xkLOIXfSV6HqSrUQsor1FGk8BifG4MkRL-2TCMYVLcBtW2C6eSal8v4kzDk98Q9dC6CcxBs5R4dRYmRn82SnDiXGK_x9NiIhyL0T-kv0AfnqAt73w9fLT77982EkbWnpRLSdgdTBAl-NZ6Jg==&pload=56
Requested by
Host: kneeansweras.com
URL: https://kneeansweras.com/?r=dir&zoneid=1541501&var=1541502&pb=5a5d9701cc59d66a173b2b9019d7a3771638555777&psp=1n0pVODsIxv3nwsPY-DYNuszSTE88gm6StAB6YeTeWnibDvqBHZr50SgMoiekGqOMZHuuRu4OOCNTvQbzjUQfo81o0SuX7RvhURyJRE2U88OpGNg-MMI6Vyu9DH_QUVu9F5weQw3kqui1KRrTBOIXi3uqQ3TqLTHvWJremgm83V9g3Xq-bWSITEn-AAFOd4H7qRD78rRd83y1xgnX_X3DRuHD5Ft9EJfHrN2sRMKwjykaLNT8_xYzgrkWR7BonmtUcwfpd38DrGjvr1y-gTJkUr4F_nA4OklybQcCqIul0uU8zwSJ1ZgRZ1EMsjj0yo1yxS6QtuJ8wxpyJHb_heg7S2XQyo6dUbwoEdqAGYIcwEqtmUtUtSh-OXZ7y19nmmJxbFhJ4i_yx8_sVNxQa73VliU1beZfnS1QuSFch93pI7go3_duK5OGe94JeXuGzjs7IY0tCmVno6N2_UKH284yQIGMQyQ62cmJHi9XPObxg28JvU8p93uPjt5aLzGXW6kX-KdhxkrZmmcq12YFTIdPHQrwIOjhCtIxkoNp7xkLOIXfSV6HqSrUQsor1FGk8BifG4MkRL-2TCMYVLcBtW2C6eSal8v4kzDk98Q9dC6CcxBs5R4dRYmRn82SnDiXGK_x9NiIhyL0T-kv0AfnqAt73w9fLT77982EkbWnpRLSdgdTBAl-NZ6Jg==&nojs=0&ix=0&t=0&x=1600&y=1200&wcks=1&wgl=1&cnvs=1&os=0&md=0&bb=0&pl=Chrome%20PDF%20Plugin::Chrome%20PDF%20Viewer::Native%20Client&lang=en-US&pf=Linux%20x86_64&cd=24&0&pload=103
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
109.206.162.83 , Netherlands, ASN50245 (SERVEREL-AS, NL),
Reverse DNS
83.162.serverel.net
Software
nginx /
Resource Hash

Request headers

Referer
Accept-Language
nl-NL,nl;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

date
Fri, 03 Dec 2021 16:22:57 GMT
server
nginx
timing-allow-origin
*
content-length
43
content-type
image/gif
script.js
123.selornews.com/dannig/common-player-arrow/ 		4 KB
5 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://123.selornews.com/dannig/common-player-arrow/script.js?a=19
Requested by
Host: 517s61.reminews.com
URL: https://517s61.reminews.com/dannig/common-player-arrow/index.html?var=1541501&ymid=2112031122cf6d9f57afd44a81a8679f4063&rc=1&mrc=0&fsc=0&zoneid=1601571&tburl=https://play-vids.com/?geo=nl&proxy=true
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
45.133.44.4 Philadelphia, United States, ASN39572 (ADVANCEDHOSTERS-AS, NL),
Reverse DNS
Software
nginx/1.18.0 /
Resource Hash
4d23eca65ee87fd5bce9aaefc863c5f836ad13dbb3069c72533bddfe2054d0d9

Request headers

Accept-Language
nl-NL,nl;q=0.9
Referer
https://517s61.reminews.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date
Fri, 03 Dec 2021 16:22:57 GMT
x-openstack-request-id
tx511d3042704c4fa98c709-00617824f4
x-trans-id
tx511d3042704c4fa98c709-00617824f4
x-timestamp
1631013005.68768
accept-ranges
bytes
expires
Sun, 05 Dec 2021 16:22:57 GMT
last-modified
Tue, 07 Sep 2021 11:10:06 GMT
server
nginx/1.18.0
etag
9d479878f1dadd7ee15cebf73891e8ae
vary
Accept-Encoding
access-control-allow-methods
HEAD,GET,POST,PUT,PATCH,DELETE,OPTIONS
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
access-control-expose-headers
X-Container-Meta-Temp-Url-Key,X-Container-Bytes-Used,Last-Modified,X-Timestamp
cache-control
max-age=172800
content-length
4281
access-control-allow-headers
Content-Type,X-Requested-With,X-Auth-Token,X-Openstack-Request-Id,X-Container-Meta-type,X-Container-Meta-Temp-URL-Key,Authorization
x-proxy-cache
HIT
icon1.png
123.selornews.com/dannig/common-player-arrow/img/ 		7 KB
8 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://123.selornews.com/dannig/common-player-arrow/img/icon1.png
Requested by
Host: 517s61.reminews.com
URL: https://517s61.reminews.com/dannig/common-player-arrow/index.html?var=1541501&ymid=2112031122cf6d9f57afd44a81a8679f4063&rc=1&mrc=0&fsc=0&zoneid=1601571&tburl=https://play-vids.com/?geo=nl&proxy=true
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
45.133.44.4 Philadelphia, United States, ASN39572 (ADVANCEDHOSTERS-AS, NL),
Reverse DNS
Software
nginx/1.18.0 /
Resource Hash

Request headers

Accept-Language
nl-NL,nl;q=0.9
Referer
https://517s61.reminews.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date
Fri, 03 Dec 2021 16:22:57 GMT
x-openstack-request-id
tx3a371b7f911d47879e956-00617824f4
x-trans-id
tx3a371b7f911d47879e956-00617824f4
x-timestamp
1621260766.56573
accept-ranges
bytes
expires
Sun, 05 Dec 2021 16:22:57 GMT
last-modified
Mon, 17 May 2021 14:12:47 GMT
server
nginx/1.18.0
etag
3d0ab5834c8bf7134e4d21fa3288317f
vary
Accept-Encoding
access-control-allow-methods
HEAD,GET,POST,PUT,PATCH,DELETE,OPTIONS
content-type
image/png
access-control-allow-origin
*
access-control-expose-headers
X-Container-Meta-Temp-Url-Key,X-Container-Bytes-Used,Last-Modified,X-Timestamp
cache-control
max-age=172800
content-length
7252
access-control-allow-headers
Content-Type,X-Requested-With,X-Auth-Token,X-Openstack-Request-Id,X-Container-Meta-type,X-Container-Meta-Temp-URL-Key,Authorization
x-proxy-cache
HIT
icon2.png
123.selornews.com/dannig/common-player-arrow/img/ 		4 KB
5 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://123.selornews.com/dannig/common-player-arrow/img/icon2.png
Requested by
Host: 517s61.reminews.com
URL: https://517s61.reminews.com/dannig/common-player-arrow/index.html?var=1541501&ymid=2112031122cf6d9f57afd44a81a8679f4063&rc=1&mrc=0&fsc=0&zoneid=1601571&tburl=https://play-vids.com/?geo=nl&proxy=true
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
45.133.44.4 Philadelphia, United States, ASN39572 (ADVANCEDHOSTERS-AS, NL),
Reverse DNS
Software
nginx/1.18.0 /
Resource Hash

Request headers

Accept-Language
nl-NL,nl;q=0.9
Referer
https://517s61.reminews.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date
Fri, 03 Dec 2021 16:22:57 GMT
x-openstack-request-id
txa9b08c83d6884e2e94886-00617824f0
x-trans-id
txa9b08c83d6884e2e94886-00617824f0
x-timestamp
1621260766.58366
accept-ranges
bytes
expires
Sun, 05 Dec 2021 16:22:57 GMT
last-modified
Mon, 17 May 2021 14:12:47 GMT
server
nginx/1.18.0
etag
c947d439eb93367f1af5b2a3d222f057
vary
Accept-Encoding
access-control-allow-methods
HEAD,GET,POST,PUT,PATCH,DELETE,OPTIONS
content-type
image/png
access-control-allow-origin
*
access-control-expose-headers
X-Container-Meta-Temp-Url-Key,X-Container-Bytes-Used,Last-Modified,X-Timestamp
cache-control
max-age=172800
content-length
4576
access-control-allow-headers
Content-Type,X-Requested-With,X-Auth-Token,X-Openstack-Request-Id,X-Container-Meta-type,X-Container-Meta-Temp-URL-Key,Authorization
x-proxy-cache
HIT
icon3.png
123.selornews.com/dannig/common-player-arrow/img/ 		8 KB
8 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://123.selornews.com/dannig/common-player-arrow/img/icon3.png
Requested by
Host: 517s61.reminews.com
URL: https://517s61.reminews.com/dannig/common-player-arrow/index.html?var=1541501&ymid=2112031122cf6d9f57afd44a81a8679f4063&rc=1&mrc=0&fsc=0&zoneid=1601571&tburl=https://play-vids.com/?geo=nl&proxy=true
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
45.133.44.4 Philadelphia, United States, ASN39572 (ADVANCEDHOSTERS-AS, NL),
Reverse DNS
Software
nginx/1.18.0 /
Resource Hash

Request headers

Accept-Language
nl-NL,nl;q=0.9
Referer
https://517s61.reminews.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date
Fri, 03 Dec 2021 16:22:57 GMT
x-openstack-request-id
txe836bc800dc74cab8c17e-00617824f0
x-trans-id
txe836bc800dc74cab8c17e-00617824f0
x-timestamp
1621260770.61859
accept-ranges
bytes
expires
Sun, 05 Dec 2021 16:22:57 GMT
last-modified
Mon, 17 May 2021 14:12:51 GMT
server
nginx/1.18.0
etag
8f3cc830da0b1fdf66bda7d1d734747b
vary
Accept-Encoding
access-control-allow-methods
HEAD,GET,POST,PUT,PATCH,DELETE,OPTIONS
content-type
image/png
access-control-allow-origin
*
access-control-expose-headers
X-Container-Meta-Temp-Url-Key,X-Container-Bytes-Used,Last-Modified,X-Timestamp
cache-control
max-age=172800
content-length
7847
access-control-allow-headers
Content-Type,X-Requested-With,X-Auth-Token,X-Openstack-Request-Id,X-Container-Meta-type,X-Container-Meta-Temp-URL-Key,Authorization
x-proxy-cache
HIT
icon4.png
123.selornews.com/dannig/common-player-arrow/img/ 		7 KB
7 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://123.selornews.com/dannig/common-player-arrow/img/icon4.png
Requested by
Host: 517s61.reminews.com
URL: https://517s61.reminews.com/dannig/common-player-arrow/index.html?var=1541501&ymid=2112031122cf6d9f57afd44a81a8679f4063&rc=1&mrc=0&fsc=0&zoneid=1601571&tburl=https://play-vids.com/?geo=nl&proxy=true
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
45.133.44.4 Philadelphia, United States, ASN39572 (ADVANCEDHOSTERS-AS, NL),
Reverse DNS
Software
nginx/1.18.0 /
Resource Hash

Request headers

Accept-Language
nl-NL,nl;q=0.9
Referer
https://517s61.reminews.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date
Fri, 03 Dec 2021 16:22:57 GMT
x-openstack-request-id
tx15b172dcb6084849bf123-00617824f0
x-trans-id
tx15b172dcb6084849bf123-00617824f0
x-timestamp
1621260766.57654
accept-ranges
bytes
expires
Sun, 05 Dec 2021 16:22:57 GMT
last-modified
Mon, 17 May 2021 14:12:47 GMT
server
nginx/1.18.0
etag
7ad7f32c1c0df7b4975cc41bda4ac435
vary
Accept-Encoding
access-control-allow-methods
HEAD,GET,POST,PUT,PATCH,DELETE,OPTIONS
content-type
image/png
access-control-allow-origin
*
access-control-expose-headers
X-Container-Meta-Temp-Url-Key,X-Container-Bytes-Used,Last-Modified,X-Timestamp
cache-control
max-age=172800
content-length
7032
access-control-allow-headers
Content-Type,X-Requested-With,X-Auth-Token,X-Openstack-Request-Id,X-Container-Meta-type,X-Container-Meta-Temp-URL-Key,Authorization
x-proxy-cache
HIT
icon5.png
123.selornews.com/dannig/common-player-arrow/img/ 		3 KB
4 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://123.selornews.com/dannig/common-player-arrow/img/icon5.png
Requested by
Host: 517s61.reminews.com
URL: https://517s61.reminews.com/dannig/common-player-arrow/index.html?var=1541501&ymid=2112031122cf6d9f57afd44a81a8679f4063&rc=1&mrc=0&fsc=0&zoneid=1601571&tburl=https://play-vids.com/?geo=nl&proxy=true
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
45.133.44.4 Philadelphia, United States, ASN39572 (ADVANCEDHOSTERS-AS, NL),
Reverse DNS
Software
nginx/1.18.0 /
Resource Hash

Request headers

Accept-Language
nl-NL,nl;q=0.9
Referer
https://517s61.reminews.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date
Fri, 03 Dec 2021 16:22:57 GMT
x-openstack-request-id
txb5043e51fe2e4d6988631-00617824f0
x-trans-id
txb5043e51fe2e4d6988631-00617824f0
x-timestamp
1621260766.74516
accept-ranges
bytes
expires
Sun, 05 Dec 2021 16:22:57 GMT
last-modified
Mon, 17 May 2021 14:12:47 GMT
server
nginx/1.18.0
etag
1e1a7582b5da63e10485d63f97abc9a0
vary
Accept-Encoding
access-control-allow-methods
HEAD,GET,POST,PUT,PATCH,DELETE,OPTIONS
content-type
image/png
access-control-allow-origin
*
access-control-expose-headers
X-Container-Meta-Temp-Url-Key,X-Container-Bytes-Used,Last-Modified,X-Timestamp
cache-control
max-age=172800
content-length
3264
access-control-allow-headers
Content-Type,X-Requested-With,X-Auth-Token,X-Openstack-Request-Id,X-Container-Meta-type,X-Container-Meta-Temp-URL-Key,Authorization
x-proxy-cache
HIT
icon7.png
123.selornews.com/dannig/common-player-arrow/img/ 		3 KB
4 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://123.selornews.com/dannig/common-player-arrow/img/icon7.png
Requested by
Host: 517s61.reminews.com
URL: https://517s61.reminews.com/dannig/common-player-arrow/index.html?var=1541501&ymid=2112031122cf6d9f57afd44a81a8679f4063&rc=1&mrc=0&fsc=0&zoneid=1601571&tburl=https://play-vids.com/?geo=nl&proxy=true
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
45.133.44.4 Philadelphia, United States, ASN39572 (ADVANCEDHOSTERS-AS, NL),
Reverse DNS
Software
nginx/1.18.0 /
Resource Hash

Request headers

Accept-Language
nl-NL,nl;q=0.9
Referer
https://517s61.reminews.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date
Fri, 03 Dec 2021 16:22:57 GMT
x-openstack-request-id
tx23eb648f44094a9e86fdc-00617824f0
x-trans-id
tx23eb648f44094a9e86fdc-00617824f0
x-timestamp
1621260767.43555
accept-ranges
bytes
expires
Sun, 05 Dec 2021 16:22:57 GMT
last-modified
Mon, 17 May 2021 14:12:48 GMT
server
nginx/1.18.0
etag
b512735542cb07b3b2dcf153a7dfe456
vary
Accept-Encoding
access-control-allow-methods
HEAD,GET,POST,PUT,PATCH,DELETE,OPTIONS
content-type
image/png
access-control-allow-origin
*
access-control-expose-headers
X-Container-Meta-Temp-Url-Key,X-Container-Bytes-Used,Last-Modified,X-Timestamp
cache-control
max-age=172800
content-length
3283
access-control-allow-headers
Content-Type,X-Requested-With,X-Auth-Token,X-Openstack-Request-Id,X-Container-Meta-type,X-Container-Meta-Temp-URL-Key,Authorization
x-proxy-cache
HIT
icon8.png
123.selornews.com/dannig/common-player-arrow/img/ 		4 KB
5 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://123.selornews.com/dannig/common-player-arrow/img/icon8.png
Requested by
Host: 517s61.reminews.com
URL: https://517s61.reminews.com/dannig/common-player-arrow/index.html?var=1541501&ymid=2112031122cf6d9f57afd44a81a8679f4063&rc=1&mrc=0&fsc=0&zoneid=1601571&tburl=https://play-vids.com/?geo=nl&proxy=true
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
45.133.44.4 Philadelphia, United States, ASN39572 (ADVANCEDHOSTERS-AS, NL),
Reverse DNS
Software
nginx/1.18.0 /
Resource Hash

Request headers

Accept-Language
nl-NL,nl;q=0.9
Referer
https://517s61.reminews.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date
Fri, 03 Dec 2021 16:22:57 GMT
x-openstack-request-id
tx287de7c84de84b77b385d-00617824f0
x-trans-id
tx287de7c84de84b77b385d-00617824f0
x-timestamp
1621260767.46514
accept-ranges
bytes
expires
Sun, 05 Dec 2021 16:22:57 GMT
last-modified
Mon, 17 May 2021 14:12:48 GMT
server
nginx/1.18.0
etag
f92d6474ebc6a3a0b576749cfb4afe98
vary
Accept-Encoding
access-control-allow-methods
HEAD,GET,POST,PUT,PATCH,DELETE,OPTIONS
content-type
image/png
access-control-allow-origin
*
access-control-expose-headers
X-Container-Meta-Temp-Url-Key,X-Container-Bytes-Used,Last-Modified,X-Timestamp
cache-control
max-age=172800
content-length
4064
access-control-allow-headers
Content-Type,X-Requested-With,X-Auth-Token,X-Openstack-Request-Id,X-Container-Meta-type,X-Container-Meta-Temp-URL-Key,Authorization
x-proxy-cache
HIT
afu.php
kneeansweras.com/ 		2 KB
1 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://kneeansweras.com/afu.php?zoneid=1541502&var=1541501
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
109.206.162.83 , Netherlands, ASN50245 (SERVEREL-AS, NL),
Reverse DNS
83.162.serverel.net
Software
nginx /
Resource Hash
3de88f3ca75a41e23999ba58e994a2462a8cde8e562d1bbe982374899d1652a7

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36
Accept-Language
nl-NL,nl;q=0.9

Response headers

server
nginx
date
Fri, 03 Dec 2021 16:22:57 GMT
content-type
text/html; charset=utf-8
vary
Accept-Encoding
content-encoding
gzip
timing-allow-origin
*
submit.min.js
kneeansweras.com/ 		34 KB
14 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://kneeansweras.com/submit.min.js?2.0
Requested by
Host: kneeansweras.com
URL: https://kneeansweras.com/afu.php?zoneid=1541502&var=1541501
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
109.206.162.83 , Netherlands, ASN50245 (SERVEREL-AS, NL),
Reverse DNS
83.162.serverel.net
Software
nginx /
Resource Hash
85a367f436675a0f9ff723ab117c68ab0f704cd9f183bc40c8d5e06d647832b8

Request headers

Accept-Language
nl-NL,nl;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date
Fri, 03 Dec 2021 16:22:57 GMT
content-encoding
gzip
last-modified
Thu, 02 Dec 2021 12:43:17 GMT
server
nginx
etag
W/"61a8bf65-87fb"
vary
Accept-Encoding
content-type
application/javascript
timing-allow-origin
*
/
kneeansweras.com/ 		3 KB
2 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://kneeansweras.com/?r=dir&zoneid=1541502&var=1541501&pb=5a5d9701cc59d66a173b2b9019d7a3771638555777&psp=mxKZ4OxWr3qXnU80vkXAkNjsqV4Eu_Xw5-46ca2ta89Pewg-Kg4x6EflgmcFC_K0KTQ2QlDkNcnenn5qvTGKw4UKhvNubdzhPX5oHBCHXpsOA9zly9QR_bHHYvjwIMpKwWNfEj9iupQ8jYQ6Xjf8eO7yq8gY6QxKzU4S0Zm6YypvRio58fgdZ8VTe2YlJJs4vRVgnZP4juJImdEW7O87PZ4dhAmFhPD10oagJ8cNze6lB4ZTDFrng-xLLU7kmNDjKHL8fBzyEtTg47TBzaEzvGaDIIHNu2jwwgVfl68XsRFUDdzCqVlf8uhoYs4fQEQMIlKXuNKkHBcF0mE9wXKRTACdMXpu3ZnE_h2VH5PhQvFknaqaMAtOah31EvYN3uNd7MyoxZ3Nh4hV5FAM-MszEAm11AAAlmpbsjhuX_ki5wYlFUNznji_LI3gXtuOml0ARveY6phRz8mziaYcq4Tnfg8yRYAkatvIeKBWx4am19T3-14ZKmEzeA0yGKsEZG8DoxizrSDTtGDPVWoFI3XBj3YQhgaqG69N4KNFZ5sAa_k3In302V9tX_JxJfLOttta5fGWDvFqRGSzc7Ab684XQBjmmtspH3lYrY1W13HVAx0n9WKrGUYQxFHTg9qh9xP33uZXGKeDdevrQ9hQdkElCLYrujiRNLpsdoBIRvBBhlav46HlNgOcYw==&nojs=0&ix=0&t=0&x=1600&y=1200&wcks=1&wgl=1&cnvs=1&os=0&md=0&bb=0&pl=Chrome%20PDF%20Plugin::Chrome%20PDF%20Viewer::Native%20Client&lang=en-US&pf=Linux%20x86_64&cd=24&0&pload=101
Requested by
Host: kneeansweras.com
URL: https://kneeansweras.com/submit.min.js?2.0
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
109.206.162.83 , Netherlands, ASN50245 (SERVEREL-AS, NL),
Reverse DNS
83.162.serverel.net
Software
nginx /
Resource Hash
dc1bb7bd52b5bfbc58babef90b69439c5399cb4963c91d28601d9bcc4986664c

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36
Accept-Language
nl-NL,nl;q=0.9

Response headers

server
nginx
date
Fri, 03 Dec 2021 16:22:57 GMT
content-type
text/html; charset=utf-8
vary
Accept-Encoding
content-encoding
gzip
timing-allow-origin
*
index.html
517s61.reminews.com/dannig/common-player-arrow/ 		6 KB
7 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://517s61.reminews.com/dannig/common-player-arrow/index.html?var=1541502&ymid=2112031122677a493af01c4411a7ac5e3dee&rc=1&mrc=0&fsc=0&zoneid=1601571&tburl=https://play-vids.com/?geo=nl&proxy=true
Requested by
Host: kneeansweras.com
URL: https://kneeansweras.com/?r=dir&zoneid=1541502&var=1541501&pb=5a5d9701cc59d66a173b2b9019d7a3771638555777&psp=mxKZ4OxWr3qXnU80vkXAkNjsqV4Eu_Xw5-46ca2ta89Pewg-Kg4x6EflgmcFC_K0KTQ2QlDkNcnenn5qvTGKw4UKhvNubdzhPX5oHBCHXpsOA9zly9QR_bHHYvjwIMpKwWNfEj9iupQ8jYQ6Xjf8eO7yq8gY6QxKzU4S0Zm6YypvRio58fgdZ8VTe2YlJJs4vRVgnZP4juJImdEW7O87PZ4dhAmFhPD10oagJ8cNze6lB4ZTDFrng-xLLU7kmNDjKHL8fBzyEtTg47TBzaEzvGaDIIHNu2jwwgVfl68XsRFUDdzCqVlf8uhoYs4fQEQMIlKXuNKkHBcF0mE9wXKRTACdMXpu3ZnE_h2VH5PhQvFknaqaMAtOah31EvYN3uNd7MyoxZ3Nh4hV5FAM-MszEAm11AAAlmpbsjhuX_ki5wYlFUNznji_LI3gXtuOml0ARveY6phRz8mziaYcq4Tnfg8yRYAkatvIeKBWx4am19T3-14ZKmEzeA0yGKsEZG8DoxizrSDTtGDPVWoFI3XBj3YQhgaqG69N4KNFZ5sAa_k3In302V9tX_JxJfLOttta5fGWDvFqRGSzc7Ab684XQBjmmtspH3lYrY1W13HVAx0n9WKrGUYQxFHTg9qh9xP33uZXGKeDdevrQ9hQdkElCLYrujiRNLpsdoBIRvBBhlav46HlNgOcYw==&nojs=0&ix=0&t=0&x=1600&y=1200&wcks=1&wgl=1&cnvs=1&os=0&md=0&bb=0&pl=Chrome%20PDF%20Plugin::Chrome%20PDF%20Viewer::Native%20Client&lang=en-US&pf=Linux%20x86_64&cd=24&0&pload=101
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
45.133.44.3 Philadelphia, United States, ASN39572 (ADVANCEDHOSTERS-AS, NL),
Reverse DNS
Software
nginx/1.18.0 /
Resource Hash
dccc56b4834577790633f041a5c730b0f283352e63c8509a9da3961b170b6f96

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36
Accept-Language
nl-NL,nl;q=0.9

Response headers

date
Fri, 03 Dec 2021 16:22:58 GMT
content-type
text/html; charset=utf-8
content-length
6611
server
nginx/1.18.0
last-modified
Tue, 26 Oct 2021 15:52:40 GMT
etag
f46a63e0e4e733d7ddc6f46da00863bf
x-timestamp
1635263559.76455
x-trans-id
txf9973ab5455e4f86ae257-00617824f3
x-openstack-request-id
txf9973ab5455e4f86ae257-00617824f3
cache-control
max-age=172800
access-control-allow-origin
*
access-control-allow-methods
HEAD,GET,POST,PUT,PATCH,DELETE,OPTIONS
access-control-allow-headers
Content-Type,X-Requested-With,X-Auth-Token,X-Openstack-Request-Id,X-Container-Meta-type,X-Container-Meta-Temp-URL-Key,Authorization
access-control-expose-headers
X-Container-Meta-Temp-Url-Key,X-Container-Bytes-Used,Last-Modified,X-Timestamp
expires
Sun, 05 Dec 2021 16:22:58 GMT
vary
Accept-Encoding
x-proxy-cache
HIT
accept-ranges
bytes
dupa.gif
kneeansweras.com/ 		0
0
script.js
123.selornews.com/dannig/common-player-arrow/ 		4 KB
5 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://123.selornews.com/dannig/common-player-arrow/script.js?a=19
Requested by
Host: 517s61.reminews.com
URL: https://517s61.reminews.com/dannig/common-player-arrow/index.html?var=1541502&ymid=2112031122677a493af01c4411a7ac5e3dee&rc=1&mrc=0&fsc=0&zoneid=1601571&tburl=https://play-vids.com/?geo=nl&proxy=true
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
45.133.44.4 Philadelphia, United States, ASN39572 (ADVANCEDHOSTERS-AS, NL),
Reverse DNS
Software
nginx/1.18.0 /
Resource Hash
4d23eca65ee87fd5bce9aaefc863c5f836ad13dbb3069c72533bddfe2054d0d9

Request headers

Accept-Language
nl-NL,nl;q=0.9
Referer
https://517s61.reminews.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date
Fri, 03 Dec 2021 16:22:58 GMT
x-openstack-request-id
tx511d3042704c4fa98c709-00617824f4
x-trans-id
tx511d3042704c4fa98c709-00617824f4
x-timestamp
1631013005.68768
accept-ranges
bytes
expires
Sun, 05 Dec 2021 16:22:58 GMT
last-modified
Tue, 07 Sep 2021 11:10:06 GMT
server
nginx/1.18.0
etag
9d479878f1dadd7ee15cebf73891e8ae
vary
Accept-Encoding
access-control-allow-methods
HEAD,GET,POST,PUT,PATCH,DELETE,OPTIONS
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
access-control-expose-headers
X-Container-Meta-Temp-Url-Key,X-Container-Bytes-Used,Last-Modified,X-Timestamp
cache-control
max-age=172800
content-length
4281
access-control-allow-headers
Content-Type,X-Requested-With,X-Auth-Token,X-Openstack-Request-Id,X-Container-Meta-type,X-Container-Meta-Temp-URL-Key,Authorization
x-proxy-cache
HIT
icon1.png
123.selornews.com/dannig/common-player-arrow/img/ 		7 KB
8 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://123.selornews.com/dannig/common-player-arrow/img/icon1.png
Requested by
Host: 517s61.reminews.com
URL: https://517s61.reminews.com/dannig/common-player-arrow/index.html?var=1541502&ymid=2112031122677a493af01c4411a7ac5e3dee&rc=1&mrc=0&fsc=0&zoneid=1601571&tburl=https://play-vids.com/?geo=nl&proxy=true
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
45.133.44.4 Philadelphia, United States, ASN39572 (ADVANCEDHOSTERS-AS, NL),
Reverse DNS
Software
nginx/1.18.0 /
Resource Hash
0515ddd9185d263874e7b66bb6d521fcd63b857aac5fed51c08df98026dafe27

Request headers

Accept-Language
nl-NL,nl;q=0.9
Referer
https://517s61.reminews.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date
Fri, 03 Dec 2021 16:22:58 GMT
x-openstack-request-id
tx3a371b7f911d47879e956-00617824f4
x-trans-id
tx3a371b7f911d47879e956-00617824f4
x-timestamp
1621260766.56573
accept-ranges
bytes
expires
Sun, 05 Dec 2021 16:22:58 GMT
last-modified
Mon, 17 May 2021 14:12:47 GMT
server
nginx/1.18.0
etag
3d0ab5834c8bf7134e4d21fa3288317f
vary
Accept-Encoding
access-control-allow-methods
HEAD,GET,POST,PUT,PATCH,DELETE,OPTIONS
content-type
image/png
access-control-allow-origin
*
access-control-expose-headers
X-Container-Meta-Temp-Url-Key,X-Container-Bytes-Used,Last-Modified,X-Timestamp
cache-control
max-age=172800
content-length
7252
access-control-allow-headers
Content-Type,X-Requested-With,X-Auth-Token,X-Openstack-Request-Id,X-Container-Meta-type,X-Container-Meta-Temp-URL-Key,Authorization
x-proxy-cache
HIT
icon2.png
123.selornews.com/dannig/common-player-arrow/img/ 		4 KB
5 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://123.selornews.com/dannig/common-player-arrow/img/icon2.png
Requested by
Host: 517s61.reminews.com
URL: https://517s61.reminews.com/dannig/common-player-arrow/index.html?var=1541502&ymid=2112031122677a493af01c4411a7ac5e3dee&rc=1&mrc=0&fsc=0&zoneid=1601571&tburl=https://play-vids.com/?geo=nl&proxy=true
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
45.133.44.4 Philadelphia, United States, ASN39572 (ADVANCEDHOSTERS-AS, NL),
Reverse DNS
Software
nginx/1.18.0 /
Resource Hash

Request headers

Accept-Language
nl-NL,nl;q=0.9
Referer
https://517s61.reminews.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date
Fri, 03 Dec 2021 16:22:58 GMT
x-openstack-request-id
txa9b08c83d6884e2e94886-00617824f0
x-trans-id
txa9b08c83d6884e2e94886-00617824f0
x-timestamp
1621260766.58366
accept-ranges
bytes
expires
Sun, 05 Dec 2021 16:22:58 GMT
last-modified
Mon, 17 May 2021 14:12:47 GMT
server
nginx/1.18.0
etag
c947d439eb93367f1af5b2a3d222f057
vary
Accept-Encoding
access-control-allow-methods
HEAD,GET,POST,PUT,PATCH,DELETE,OPTIONS
content-type
image/png
access-control-allow-origin
*
access-control-expose-headers
X-Container-Meta-Temp-Url-Key,X-Container-Bytes-Used,Last-Modified,X-Timestamp
cache-control
max-age=172800
content-length
4576
access-control-allow-headers
Content-Type,X-Requested-With,X-Auth-Token,X-Openstack-Request-Id,X-Container-Meta-type,X-Container-Meta-Temp-URL-Key,Authorization
x-proxy-cache
HIT
icon3.png
123.selornews.com/dannig/common-player-arrow/img/ 		8 KB
8 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://123.selornews.com/dannig/common-player-arrow/img/icon3.png
Requested by
Host: 517s61.reminews.com
URL: https://517s61.reminews.com/dannig/common-player-arrow/index.html?var=1541502&ymid=2112031122677a493af01c4411a7ac5e3dee&rc=1&mrc=0&fsc=0&zoneid=1601571&tburl=https://play-vids.com/?geo=nl&proxy=true
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
45.133.44.4 Philadelphia, United States, ASN39572 (ADVANCEDHOSTERS-AS, NL),
Reverse DNS
Software
nginx/1.18.0 /
Resource Hash

Request headers

Accept-Language
nl-NL,nl;q=0.9
Referer
https://517s61.reminews.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date
Fri, 03 Dec 2021 16:22:58 GMT
x-openstack-request-id
txe836bc800dc74cab8c17e-00617824f0
x-trans-id
txe836bc800dc74cab8c17e-00617824f0
x-timestamp
1621260770.61859
accept-ranges
bytes
expires
Sun, 05 Dec 2021 16:22:58 GMT
last-modified
Mon, 17 May 2021 14:12:51 GMT
server
nginx/1.18.0
etag
8f3cc830da0b1fdf66bda7d1d734747b
vary
Accept-Encoding
access-control-allow-methods
HEAD,GET,POST,PUT,PATCH,DELETE,OPTIONS
content-type
image/png
access-control-allow-origin
*
access-control-expose-headers
X-Container-Meta-Temp-Url-Key,X-Container-Bytes-Used,Last-Modified,X-Timestamp
cache-control
max-age=172800
content-length
7847
access-control-allow-headers
Content-Type,X-Requested-With,X-Auth-Token,X-Openstack-Request-Id,X-Container-Meta-type,X-Container-Meta-Temp-URL-Key,Authorization
x-proxy-cache
HIT
icon4.png
123.selornews.com/dannig/common-player-arrow/img/ 		7 KB
7 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://123.selornews.com/dannig/common-player-arrow/img/icon4.png
Requested by
Host: 517s61.reminews.com
URL: https://517s61.reminews.com/dannig/common-player-arrow/index.html?var=1541502&ymid=2112031122677a493af01c4411a7ac5e3dee&rc=1&mrc=0&fsc=0&zoneid=1601571&tburl=https://play-vids.com/?geo=nl&proxy=true
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
45.133.44.4 Philadelphia, United States, ASN39572 (ADVANCEDHOSTERS-AS, NL),
Reverse DNS
Software
nginx/1.18.0 /
Resource Hash

Request headers

Accept-Language
nl-NL,nl;q=0.9
Referer
https://517s61.reminews.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date
Fri, 03 Dec 2021 16:22:58 GMT
x-openstack-request-id
tx15b172dcb6084849bf123-00617824f0
x-trans-id
tx15b172dcb6084849bf123-00617824f0
x-timestamp
1621260766.57654
accept-ranges
bytes
expires
Sun, 05 Dec 2021 16:22:58 GMT
last-modified
Mon, 17 May 2021 14:12:47 GMT
server
nginx/1.18.0
etag
7ad7f32c1c0df7b4975cc41bda4ac435
vary
Accept-Encoding
access-control-allow-methods
HEAD,GET,POST,PUT,PATCH,DELETE,OPTIONS
content-type
image/png
access-control-allow-origin
*
access-control-expose-headers
X-Container-Meta-Temp-Url-Key,X-Container-Bytes-Used,Last-Modified,X-Timestamp
cache-control
max-age=172800
content-length
7032
access-control-allow-headers
Content-Type,X-Requested-With,X-Auth-Token,X-Openstack-Request-Id,X-Container-Meta-type,X-Container-Meta-Temp-URL-Key,Authorization
x-proxy-cache
HIT
icon5.png
123.selornews.com/dannig/common-player-arrow/img/ 		3 KB
4 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://123.selornews.com/dannig/common-player-arrow/img/icon5.png
Requested by
Host: 517s61.reminews.com
URL: https://517s61.reminews.com/dannig/common-player-arrow/index.html?var=1541502&ymid=2112031122677a493af01c4411a7ac5e3dee&rc=1&mrc=0&fsc=0&zoneid=1601571&tburl=https://play-vids.com/?geo=nl&proxy=true
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
45.133.44.4 Philadelphia, United States, ASN39572 (ADVANCEDHOSTERS-AS, NL),
Reverse DNS
Software
nginx/1.18.0 /
Resource Hash

Request headers

Accept-Language
nl-NL,nl;q=0.9
Referer
https://517s61.reminews.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date
Fri, 03 Dec 2021 16:22:58 GMT
x-openstack-request-id
txb5043e51fe2e4d6988631-00617824f0
x-trans-id
txb5043e51fe2e4d6988631-00617824f0
x-timestamp
1621260766.74516
accept-ranges
bytes
expires
Sun, 05 Dec 2021 16:22:58 GMT
last-modified
Mon, 17 May 2021 14:12:47 GMT
server
nginx/1.18.0
etag
1e1a7582b5da63e10485d63f97abc9a0
vary
Accept-Encoding
access-control-allow-methods
HEAD,GET,POST,PUT,PATCH,DELETE,OPTIONS
content-type
image/png
access-control-allow-origin
*
access-control-expose-headers
X-Container-Meta-Temp-Url-Key,X-Container-Bytes-Used,Last-Modified,X-Timestamp
cache-control
max-age=172800
content-length
3264
access-control-allow-headers
Content-Type,X-Requested-With,X-Auth-Token,X-Openstack-Request-Id,X-Container-Meta-type,X-Container-Meta-Temp-URL-Key,Authorization
x-proxy-cache
HIT
icon7.png
123.selornews.com/dannig/common-player-arrow/img/ 		3 KB
4 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://123.selornews.com/dannig/common-player-arrow/img/icon7.png
Requested by
Host: 517s61.reminews.com
URL: https://517s61.reminews.com/dannig/common-player-arrow/index.html?var=1541502&ymid=2112031122677a493af01c4411a7ac5e3dee&rc=1&mrc=0&fsc=0&zoneid=1601571&tburl=https://play-vids.com/?geo=nl&proxy=true
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
45.133.44.4 Philadelphia, United States, ASN39572 (ADVANCEDHOSTERS-AS, NL),
Reverse DNS
Software
nginx/1.18.0 /
Resource Hash

Request headers

Accept-Language
nl-NL,nl;q=0.9
Referer
https://517s61.reminews.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date
Fri, 03 Dec 2021 16:22:58 GMT
x-openstack-request-id
tx23eb648f44094a9e86fdc-00617824f0
x-trans-id
tx23eb648f44094a9e86fdc-00617824f0
x-timestamp
1621260767.43555
accept-ranges
bytes
expires
Sun, 05 Dec 2021 16:22:58 GMT
last-modified
Mon, 17 May 2021 14:12:48 GMT
server
nginx/1.18.0
etag
b512735542cb07b3b2dcf153a7dfe456
vary
Accept-Encoding
access-control-allow-methods
HEAD,GET,POST,PUT,PATCH,DELETE,OPTIONS
content-type
image/png
access-control-allow-origin
*
access-control-expose-headers
X-Container-Meta-Temp-Url-Key,X-Container-Bytes-Used,Last-Modified,X-Timestamp
cache-control
max-age=172800
content-length
3283
access-control-allow-headers
Content-Type,X-Requested-With,X-Auth-Token,X-Openstack-Request-Id,X-Container-Meta-type,X-Container-Meta-Temp-URL-Key,Authorization
x-proxy-cache
HIT
icon8.png
123.selornews.com/dannig/common-player-arrow/img/ 		4 KB
5 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://123.selornews.com/dannig/common-player-arrow/img/icon8.png
Requested by
Host: 517s61.reminews.com
URL: https://517s61.reminews.com/dannig/common-player-arrow/index.html?var=1541502&ymid=2112031122677a493af01c4411a7ac5e3dee&rc=1&mrc=0&fsc=0&zoneid=1601571&tburl=https://play-vids.com/?geo=nl&proxy=true
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
45.133.44.4 Philadelphia, United States, ASN39572 (ADVANCEDHOSTERS-AS, NL),
Reverse DNS
Software
nginx/1.18.0 /
Resource Hash

Request headers

Accept-Language
nl-NL,nl;q=0.9
Referer
https://517s61.reminews.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date
Fri, 03 Dec 2021 16:22:58 GMT
x-openstack-request-id
tx287de7c84de84b77b385d-00617824f0
x-trans-id
tx287de7c84de84b77b385d-00617824f0
x-timestamp
1621260767.46514
accept-ranges
bytes
expires
Sun, 05 Dec 2021 16:22:58 GMT
last-modified
Mon, 17 May 2021 14:12:48 GMT
server
nginx/1.18.0
etag
f92d6474ebc6a3a0b576749cfb4afe98
vary
Accept-Encoding
access-control-allow-methods
HEAD,GET,POST,PUT,PATCH,DELETE,OPTIONS
content-type
image/png
access-control-allow-origin
*
access-control-expose-headers
X-Container-Meta-Temp-Url-Key,X-Container-Bytes-Used,Last-Modified,X-Timestamp
cache-control
max-age=172800
content-length
4064
access-control-allow-headers
Content-Type,X-Requested-With,X-Auth-Token,X-Openstack-Request-Id,X-Container-Meta-type,X-Container-Meta-Temp-URL-Key,Authorization
x-proxy-cache
HIT
afu.php
kneeansweras.com/ 		2 KB
1 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://kneeansweras.com/afu.php?zoneid=1541501&var=1541502
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
109.206.162.83 , Netherlands, ASN50245 (SERVEREL-AS, NL),
Reverse DNS
83.162.serverel.net
Software
nginx /
Resource Hash
9a69019e12892808a6f8923db8c9597807ac4032d737e17ce4366b1c78ad3032

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36
Accept-Language
nl-NL,nl;q=0.9

Response headers

server
nginx
date
Fri, 03 Dec 2021 16:22:58 GMT
content-type
text/html; charset=utf-8
vary
Accept-Encoding
content-encoding
gzip
timing-allow-origin
*
submit.min.js
kneeansweras.com/ 		34 KB
14 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://kneeansweras.com/submit.min.js?2.0
Requested by
Host: kneeansweras.com
URL: https://kneeansweras.com/afu.php?zoneid=1541501&var=1541502
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
109.206.162.83 , Netherlands, ASN50245 (SERVEREL-AS, NL),
Reverse DNS
83.162.serverel.net
Software
nginx /
Resource Hash
85a367f436675a0f9ff723ab117c68ab0f704cd9f183bc40c8d5e06d647832b8

Request headers

Accept-Language
nl-NL,nl;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date
Fri, 03 Dec 2021 16:22:58 GMT
content-encoding
gzip
last-modified
Thu, 02 Dec 2021 12:43:17 GMT
server
nginx
etag
W/"61a8bf65-87fb"
vary
Accept-Encoding
content-type
application/javascript
timing-allow-origin
*
/
kneeansweras.com/ 		3 KB
2 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://kneeansweras.com/?r=dir&zoneid=1541501&var=1541502&pb=7b8130b5790921f3eef41f1919b9337d1638555778&psp=kqN97rnExeTkJFgPISu89hq01dRBIndnZ3SywHb3KLTYh2ifCcUNXAAP3RfXNZMzwahsSHUge8TJT7_tiEp-rY00Ry1XXZUAKMpusxnwqWLDghRs-MJcJrglFlDGhr2mmF97ygT5Hf5wg5_aSAaxWo8DVQGvBZZSU-nDP-A1JLD7zWnlLktYlDj7t1AcZXavYqho1HyLdCpa50eBrntW3H1qEVPkIMdr1zposSPfpcAPbLmShlsPeF6S-phkWiS3dnJYugst_WqbNoAbBtrShVW3Apxoxo29b0nJ5VDc0PNYaCJMM4N_cTFGSsCWzQbhpGGJ9qPopa2FvoKkqHC2_9QN6V0rXV7F_DIraeoMTiqisYw-LlGtrAljOS6BYIWlp--db3SZCy-NLEf_Ruias-8HBEn7rJU5RaZMbZ7Cv-0Zy8aKFykqxgTeA-4GjGOW9XTjeQfEg0tpvLwywKAD-QNkvDkQnoQ0BoCAbc4oewkeKCWwbJ4m9UMVcjqz5qtzFifMjcS1fIlT6TeJVL-lJf9273e67LOa9MT_9fY67NB8hI2eHZBGwX4HZBi2MEG7dZBQZaWQOfi2Zc9LPUbOcPP9g7VBeka82NHI4WS2rSq2JnYvWL-xOxz8MoiEWejL3ByTLBeFhD7Uzr9zzqrybcZ1be3H4luM6YsZsS4i4-Stk60jIzSXqw==&nojs=0&ix=0&t=0&x=1600&y=1200&wcks=1&wgl=1&cnvs=1&os=0&md=0&bb=0&pl=Chrome%20PDF%20Plugin::Chrome%20PDF%20Viewer::Native%20Client&lang=en-US&pf=Linux%20x86_64&cd=24&0&pload=97
Requested by
Host: kneeansweras.com
URL: https://kneeansweras.com/submit.min.js?2.0
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
109.206.162.83 , Netherlands, ASN50245 (SERVEREL-AS, NL),
Reverse DNS
83.162.serverel.net
Software
nginx /
Resource Hash
5aa1be9b8ca4ce78a16056135bb376cdb75e85044b16cc54ed4ad3f540fcb5f2

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36
Accept-Language
nl-NL,nl;q=0.9

Response headers

server
nginx
date
Fri, 03 Dec 2021 16:22:58 GMT
content-type
text/html; charset=utf-8
vary
Accept-Encoding
content-encoding
gzip
timing-allow-origin
*
index.html
517s61.reminews.com/dannig/common-player-arrow/ 		6 KB
7 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://517s61.reminews.com/dannig/common-player-arrow/index.html?var=1541501&ymid=2112031122d09078d88cec4d15bc9ceb00e8&rc=1&mrc=0&fsc=0&zoneid=1601571&tburl=https://play-vids.com/?geo=nl&proxy=true
Requested by
Host: kneeansweras.com
URL: https://kneeansweras.com/?r=dir&zoneid=1541501&var=1541502&pb=7b8130b5790921f3eef41f1919b9337d1638555778&psp=kqN97rnExeTkJFgPISu89hq01dRBIndnZ3SywHb3KLTYh2ifCcUNXAAP3RfXNZMzwahsSHUge8TJT7_tiEp-rY00Ry1XXZUAKMpusxnwqWLDghRs-MJcJrglFlDGhr2mmF97ygT5Hf5wg5_aSAaxWo8DVQGvBZZSU-nDP-A1JLD7zWnlLktYlDj7t1AcZXavYqho1HyLdCpa50eBrntW3H1qEVPkIMdr1zposSPfpcAPbLmShlsPeF6S-phkWiS3dnJYugst_WqbNoAbBtrShVW3Apxoxo29b0nJ5VDc0PNYaCJMM4N_cTFGSsCWzQbhpGGJ9qPopa2FvoKkqHC2_9QN6V0rXV7F_DIraeoMTiqisYw-LlGtrAljOS6BYIWlp--db3SZCy-NLEf_Ruias-8HBEn7rJU5RaZMbZ7Cv-0Zy8aKFykqxgTeA-4GjGOW9XTjeQfEg0tpvLwywKAD-QNkvDkQnoQ0BoCAbc4oewkeKCWwbJ4m9UMVcjqz5qtzFifMjcS1fIlT6TeJVL-lJf9273e67LOa9MT_9fY67NB8hI2eHZBGwX4HZBi2MEG7dZBQZaWQOfi2Zc9LPUbOcPP9g7VBeka82NHI4WS2rSq2JnYvWL-xOxz8MoiEWejL3ByTLBeFhD7Uzr9zzqrybcZ1be3H4luM6YsZsS4i4-Stk60jIzSXqw==&nojs=0&ix=0&t=0&x=1600&y=1200&wcks=1&wgl=1&cnvs=1&os=0&md=0&bb=0&pl=Chrome%20PDF%20Plugin::Chrome%20PDF%20Viewer::Native%20Client&lang=en-US&pf=Linux%20x86_64&cd=24&0&pload=97
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
45.133.44.3 Philadelphia, United States, ASN39572 (ADVANCEDHOSTERS-AS, NL),
Reverse DNS
Software
nginx/1.18.0 /
Resource Hash
dccc56b4834577790633f041a5c730b0f283352e63c8509a9da3961b170b6f96

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36
Accept-Language
nl-NL,nl;q=0.9

Response headers

date
Fri, 03 Dec 2021 16:22:58 GMT
content-type
text/html; charset=utf-8
content-length
6611
server
nginx/1.18.0
last-modified
Tue, 26 Oct 2021 15:52:40 GMT
etag
f46a63e0e4e733d7ddc6f46da00863bf
x-timestamp
1635263559.76455
x-trans-id
txf9973ab5455e4f86ae257-00617824f3
x-openstack-request-id
txf9973ab5455e4f86ae257-00617824f3
cache-control
max-age=172800
access-control-allow-origin
*
access-control-allow-methods
HEAD,GET,POST,PUT,PATCH,DELETE,OPTIONS
access-control-allow-headers
Content-Type,X-Requested-With,X-Auth-Token,X-Openstack-Request-Id,X-Container-Meta-type,X-Container-Meta-Temp-URL-Key,Authorization
access-control-expose-headers
X-Container-Meta-Temp-Url-Key,X-Container-Bytes-Used,Last-Modified,X-Timestamp
expires
Sun, 05 Dec 2021 16:22:58 GMT
vary
Accept-Encoding
x-proxy-cache
HIT
accept-ranges
bytes
dupa.gif
kneeansweras.com/ 		0
0
script.js
123.selornews.com/dannig/common-player-arrow/ 		4 KB
5 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://123.selornews.com/dannig/common-player-arrow/script.js?a=19
Requested by
Host: 517s61.reminews.com
URL: https://517s61.reminews.com/dannig/common-player-arrow/index.html?var=1541501&ymid=2112031122d09078d88cec4d15bc9ceb00e8&rc=1&mrc=0&fsc=0&zoneid=1601571&tburl=https://play-vids.com/?geo=nl&proxy=true
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
45.133.44.4 Philadelphia, United States, ASN39572 (ADVANCEDHOSTERS-AS, NL),
Reverse DNS
Software
nginx/1.18.0 /
Resource Hash
4d23eca65ee87fd5bce9aaefc863c5f836ad13dbb3069c72533bddfe2054d0d9

Request headers

Accept-Language
nl-NL,nl;q=0.9
Referer
https://517s61.reminews.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date
Fri, 03 Dec 2021 16:22:58 GMT
x-openstack-request-id
tx511d3042704c4fa98c709-00617824f4
x-trans-id
tx511d3042704c4fa98c709-00617824f4
x-timestamp
1631013005.68768
accept-ranges
bytes
expires
Sun, 05 Dec 2021 16:22:58 GMT
last-modified
Tue, 07 Sep 2021 11:10:06 GMT
server
nginx/1.18.0
etag
9d479878f1dadd7ee15cebf73891e8ae
vary
Accept-Encoding
access-control-allow-methods
HEAD,GET,POST,PUT,PATCH,DELETE,OPTIONS
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
access-control-expose-headers
X-Container-Meta-Temp-Url-Key,X-Container-Bytes-Used,Last-Modified,X-Timestamp
cache-control
max-age=172800
content-length
4281
access-control-allow-headers
Content-Type,X-Requested-With,X-Auth-Token,X-Openstack-Request-Id,X-Container-Meta-type,X-Container-Meta-Temp-URL-Key,Authorization
x-proxy-cache
HIT
icon1.png
123.selornews.com/dannig/common-player-arrow/img/ 		7 KB
8 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://123.selornews.com/dannig/common-player-arrow/img/icon1.png
Requested by
Host: 517s61.reminews.com
URL: https://517s61.reminews.com/dannig/common-player-arrow/index.html?var=1541501&ymid=2112031122d09078d88cec4d15bc9ceb00e8&rc=1&mrc=0&fsc=0&zoneid=1601571&tburl=https://play-vids.com/?geo=nl&proxy=true
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
45.133.44.4 Philadelphia, United States, ASN39572 (ADVANCEDHOSTERS-AS, NL),
Reverse DNS
Software
nginx/1.18.0 /
Resource Hash

Request headers

Accept-Language
nl-NL,nl;q=0.9
Referer
https://517s61.reminews.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date
Fri, 03 Dec 2021 16:22:58 GMT
x-openstack-request-id
tx3a371b7f911d47879e956-00617824f4
x-trans-id
tx3a371b7f911d47879e956-00617824f4
x-timestamp
1621260766.56573
accept-ranges
bytes
expires
Sun, 05 Dec 2021 16:22:58 GMT
last-modified
Mon, 17 May 2021 14:12:47 GMT
server
nginx/1.18.0
etag
3d0ab5834c8bf7134e4d21fa3288317f
vary
Accept-Encoding
access-control-allow-methods
HEAD,GET,POST,PUT,PATCH,DELETE,OPTIONS
content-type
image/png
access-control-allow-origin
*
access-control-expose-headers
X-Container-Meta-Temp-Url-Key,X-Container-Bytes-Used,Last-Modified,X-Timestamp
cache-control
max-age=172800
content-length
7252
access-control-allow-headers
Content-Type,X-Requested-With,X-Auth-Token,X-Openstack-Request-Id,X-Container-Meta-type,X-Container-Meta-Temp-URL-Key,Authorization
x-proxy-cache
HIT
icon2.png
123.selornews.com/dannig/common-player-arrow/img/ 		4 KB
5 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://123.selornews.com/dannig/common-player-arrow/img/icon2.png
Requested by
Host: 517s61.reminews.com
URL: https://517s61.reminews.com/dannig/common-player-arrow/index.html?var=1541501&ymid=2112031122d09078d88cec4d15bc9ceb00e8&rc=1&mrc=0&fsc=0&zoneid=1601571&tburl=https://play-vids.com/?geo=nl&proxy=true
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
45.133.44.4 Philadelphia, United States, ASN39572 (ADVANCEDHOSTERS-AS, NL),
Reverse DNS
Software
nginx/1.18.0 /
Resource Hash

Request headers

Accept-Language
nl-NL,nl;q=0.9
Referer
https://517s61.reminews.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date
Fri, 03 Dec 2021 16:22:58 GMT
x-openstack-request-id
txa9b08c83d6884e2e94886-00617824f0
x-trans-id
txa9b08c83d6884e2e94886-00617824f0
x-timestamp
1621260766.58366
accept-ranges
bytes
expires
Sun, 05 Dec 2021 16:22:58 GMT
last-modified
Mon, 17 May 2021 14:12:47 GMT
server
nginx/1.18.0
etag
c947d439eb93367f1af5b2a3d222f057
vary
Accept-Encoding
access-control-allow-methods
HEAD,GET,POST,PUT,PATCH,DELETE,OPTIONS
content-type
image/png
access-control-allow-origin
*
access-control-expose-headers
X-Container-Meta-Temp-Url-Key,X-Container-Bytes-Used,Last-Modified,X-Timestamp
cache-control
max-age=172800
content-length
4576
access-control-allow-headers
Content-Type,X-Requested-With,X-Auth-Token,X-Openstack-Request-Id,X-Container-Meta-type,X-Container-Meta-Temp-URL-Key,Authorization
x-proxy-cache
HIT
icon3.png
123.selornews.com/dannig/common-player-arrow/img/ 		8 KB
8 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://123.selornews.com/dannig/common-player-arrow/img/icon3.png
Requested by
Host: 517s61.reminews.com
URL: https://517s61.reminews.com/dannig/common-player-arrow/index.html?var=1541501&ymid=2112031122d09078d88cec4d15bc9ceb00e8&rc=1&mrc=0&fsc=0&zoneid=1601571&tburl=https://play-vids.com/?geo=nl&proxy=true
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
45.133.44.4 Philadelphia, United States, ASN39572 (ADVANCEDHOSTERS-AS, NL),
Reverse DNS
Software
nginx/1.18.0 /
Resource Hash

Request headers

Accept-Language
nl-NL,nl;q=0.9
Referer
https://517s61.reminews.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date
Fri, 03 Dec 2021 16:22:58 GMT
x-openstack-request-id
txe836bc800dc74cab8c17e-00617824f0
x-trans-id
txe836bc800dc74cab8c17e-00617824f0
x-timestamp
1621260770.61859
accept-ranges
bytes
expires
Sun, 05 Dec 2021 16:22:58 GMT
last-modified
Mon, 17 May 2021 14:12:51 GMT
server
nginx/1.18.0
etag
8f3cc830da0b1fdf66bda7d1d734747b
vary
Accept-Encoding
access-control-allow-methods
HEAD,GET,POST,PUT,PATCH,DELETE,OPTIONS
content-type
image/png
access-control-allow-origin
*
access-control-expose-headers
X-Container-Meta-Temp-Url-Key,X-Container-Bytes-Used,Last-Modified,X-Timestamp
cache-control
max-age=172800
content-length
7847
access-control-allow-headers
Content-Type,X-Requested-With,X-Auth-Token,X-Openstack-Request-Id,X-Container-Meta-type,X-Container-Meta-Temp-URL-Key,Authorization
x-proxy-cache
HIT
icon4.png
123.selornews.com/dannig/common-player-arrow/img/ 		7 KB
7 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://123.selornews.com/dannig/common-player-arrow/img/icon4.png
Requested by
Host: 517s61.reminews.com
URL: https://517s61.reminews.com/dannig/common-player-arrow/index.html?var=1541501&ymid=2112031122d09078d88cec4d15bc9ceb00e8&rc=1&mrc=0&fsc=0&zoneid=1601571&tburl=https://play-vids.com/?geo=nl&proxy=true
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
45.133.44.4 Philadelphia, United States, ASN39572 (ADVANCEDHOSTERS-AS, NL),
Reverse DNS
Software
nginx/1.18.0 /
Resource Hash

Request headers

Accept-Language
nl-NL,nl;q=0.9
Referer
https://517s61.reminews.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date
Fri, 03 Dec 2021 16:22:58 GMT
x-openstack-request-id
tx15b172dcb6084849bf123-00617824f0
x-trans-id
tx15b172dcb6084849bf123-00617824f0
x-timestamp
1621260766.57654
accept-ranges
bytes
expires
Sun, 05 Dec 2021 16:22:58 GMT
last-modified
Mon, 17 May 2021 14:12:47 GMT
server
nginx/1.18.0
etag
7ad7f32c1c0df7b4975cc41bda4ac435
vary
Accept-Encoding
access-control-allow-methods
HEAD,GET,POST,PUT,PATCH,DELETE,OPTIONS
content-type
image/png
access-control-allow-origin
*
access-control-expose-headers
X-Container-Meta-Temp-Url-Key,X-Container-Bytes-Used,Last-Modified,X-Timestamp
cache-control
max-age=172800
content-length
7032
access-control-allow-headers
Content-Type,X-Requested-With,X-Auth-Token,X-Openstack-Request-Id,X-Container-Meta-type,X-Container-Meta-Temp-URL-Key,Authorization
x-proxy-cache
HIT
icon5.png
123.selornews.com/dannig/common-player-arrow/img/ 		3 KB
4 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://123.selornews.com/dannig/common-player-arrow/img/icon5.png
Requested by
Host: 517s61.reminews.com
URL: https://517s61.reminews.com/dannig/common-player-arrow/index.html?var=1541501&ymid=2112031122d09078d88cec4d15bc9ceb00e8&rc=1&mrc=0&fsc=0&zoneid=1601571&tburl=https://play-vids.com/?geo=nl&proxy=true
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
45.133.44.4 Philadelphia, United States, ASN39572 (ADVANCEDHOSTERS-AS, NL),
Reverse DNS
Software
nginx/1.18.0 /
Resource Hash

Request headers

Accept-Language
nl-NL,nl;q=0.9
Referer
https://517s61.reminews.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date
Fri, 03 Dec 2021 16:22:58 GMT
x-openstack-request-id
txb5043e51fe2e4d6988631-00617824f0
x-trans-id
txb5043e51fe2e4d6988631-00617824f0
x-timestamp
1621260766.74516
accept-ranges
bytes
expires
Sun, 05 Dec 2021 16:22:58 GMT
last-modified
Mon, 17 May 2021 14:12:47 GMT
server
nginx/1.18.0
etag
1e1a7582b5da63e10485d63f97abc9a0
vary
Accept-Encoding
access-control-allow-methods
HEAD,GET,POST,PUT,PATCH,DELETE,OPTIONS
content-type
image/png
access-control-allow-origin
*
access-control-expose-headers
X-Container-Meta-Temp-Url-Key,X-Container-Bytes-Used,Last-Modified,X-Timestamp
cache-control
max-age=172800
content-length
3264
access-control-allow-headers
Content-Type,X-Requested-With,X-Auth-Token,X-Openstack-Request-Id,X-Container-Meta-type,X-Container-Meta-Temp-URL-Key,Authorization
x-proxy-cache
HIT
icon7.png
123.selornews.com/dannig/common-player-arrow/img/ 		3 KB
4 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://123.selornews.com/dannig/common-player-arrow/img/icon7.png
Requested by
Host: 517s61.reminews.com
URL: https://517s61.reminews.com/dannig/common-player-arrow/index.html?var=1541501&ymid=2112031122d09078d88cec4d15bc9ceb00e8&rc=1&mrc=0&fsc=0&zoneid=1601571&tburl=https://play-vids.com/?geo=nl&proxy=true
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
45.133.44.4 Philadelphia, United States, ASN39572 (ADVANCEDHOSTERS-AS, NL),
Reverse DNS
Software
nginx/1.18.0 /
Resource Hash

Request headers

Accept-Language
nl-NL,nl;q=0.9
Referer
https://517s61.reminews.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date
Fri, 03 Dec 2021 16:22:58 GMT
x-openstack-request-id
tx23eb648f44094a9e86fdc-00617824f0
x-trans-id
tx23eb648f44094a9e86fdc-00617824f0
x-timestamp
1621260767.43555
accept-ranges
bytes
expires
Sun, 05 Dec 2021 16:22:58 GMT
last-modified
Mon, 17 May 2021 14:12:48 GMT
server
nginx/1.18.0
etag
b512735542cb07b3b2dcf153a7dfe456
vary
Accept-Encoding
access-control-allow-methods
HEAD,GET,POST,PUT,PATCH,DELETE,OPTIONS
content-type
image/png
access-control-allow-origin
*
access-control-expose-headers
X-Container-Meta-Temp-Url-Key,X-Container-Bytes-Used,Last-Modified,X-Timestamp
cache-control
max-age=172800
content-length
3283
access-control-allow-headers
Content-Type,X-Requested-With,X-Auth-Token,X-Openstack-Request-Id,X-Container-Meta-type,X-Container-Meta-Temp-URL-Key,Authorization
x-proxy-cache
HIT
icon8.png
123.selornews.com/dannig/common-player-arrow/img/ 		4 KB
5 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://123.selornews.com/dannig/common-player-arrow/img/icon8.png
Requested by
Host: 517s61.reminews.com
URL: https://517s61.reminews.com/dannig/common-player-arrow/index.html?var=1541501&ymid=2112031122d09078d88cec4d15bc9ceb00e8&rc=1&mrc=0&fsc=0&zoneid=1601571&tburl=https://play-vids.com/?geo=nl&proxy=true
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
45.133.44.4 Philadelphia, United States, ASN39572 (ADVANCEDHOSTERS-AS, NL),
Reverse DNS
Software
nginx/1.18.0 /
Resource Hash

Request headers

Accept-Language
nl-NL,nl;q=0.9
Referer
https://517s61.reminews.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date
Fri, 03 Dec 2021 16:22:58 GMT
x-openstack-request-id
tx287de7c84de84b77b385d-00617824f0
x-trans-id
tx287de7c84de84b77b385d-00617824f0
x-timestamp
1621260767.46514
accept-ranges
bytes
expires
Sun, 05 Dec 2021 16:22:58 GMT
last-modified
Mon, 17 May 2021 14:12:48 GMT
server
nginx/1.18.0
etag
f92d6474ebc6a3a0b576749cfb4afe98
vary
Accept-Encoding
access-control-allow-methods
HEAD,GET,POST,PUT,PATCH,DELETE,OPTIONS
content-type
image/png
access-control-allow-origin
*
access-control-expose-headers
X-Container-Meta-Temp-Url-Key,X-Container-Bytes-Used,Last-Modified,X-Timestamp
cache-control
max-age=172800
content-length
4064
access-control-allow-headers
Content-Type,X-Requested-With,X-Auth-Token,X-Openstack-Request-Id,X-Container-Meta-type,X-Container-Meta-Temp-URL-Key,Authorization
x-proxy-cache
HIT
afu.php
kneeansweras.com/ 		2 KB
1 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://kneeansweras.com/afu.php?zoneid=1541502&var=1541501
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
109.206.162.83 , Netherlands, ASN50245 (SERVEREL-AS, NL),
Reverse DNS
83.162.serverel.net
Software
nginx /
Resource Hash
a66c198ed1a475b9a0167125f3c5fe4206aac8af2fd9d3156a008d4af8f8977d

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36
Accept-Language
nl-NL,nl;q=0.9

Response headers

server
nginx
date
Fri, 03 Dec 2021 16:22:58 GMT
content-type
text/html; charset=utf-8
vary
Accept-Encoding
content-encoding
gzip
timing-allow-origin
*
submit.min.js
kneeansweras.com/ 		34 KB
14 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://kneeansweras.com/submit.min.js?2.0
Requested by
Host: kneeansweras.com
URL: https://kneeansweras.com/afu.php?zoneid=1541502&var=1541501
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
109.206.162.83 , Netherlands, ASN50245 (SERVEREL-AS, NL),
Reverse DNS
83.162.serverel.net
Software
nginx /
Resource Hash
85a367f436675a0f9ff723ab117c68ab0f704cd9f183bc40c8d5e06d647832b8

Request headers

Accept-Language
nl-NL,nl;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date
Fri, 03 Dec 2021 16:22:58 GMT
content-encoding
gzip
last-modified
Thu, 02 Dec 2021 12:43:17 GMT
server
nginx
etag
W/"61a8bf65-87fb"
vary
Accept-Encoding
content-type
application/javascript
timing-allow-origin
*
/
kneeansweras.com/ 		3 KB
2 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://kneeansweras.com/?r=dir&zoneid=1541502&var=1541501&pb=7b8130b5790921f3eef41f1919b9337d1638555778&psp=IHwe7hBnFUQzpKo1aF45aeGngXRwyHtQtEtce6MDvDQqXR-QjpAQkzpUvJE9r0zbJ2zEdwssjLt_5Ekrlf-IjdfUQdnWDLKuUSQ9_abOAPhrLtZ-ApVccJekk1J14C2J9h7YHqv1Pds5oKT97gSPWRcXQ0CuQzVEyarCWfWr0zu_3e5xq4uuHN4S4I3Txgni0VRyxvjRl7tztFd2Jly9Padwp07MWU1VIbk8PK-pPl_8rAaHA8PAMVp3Ag8gI9p7rF48ERFAp2cRYwwdqPmQKpGwkpiy14ypVm3WgT43g3TzlK9gqvaCOP_kHpf8G8HPvCTT8OeJAfQcflGujbLhpuzICGOC57-TB5Op4nebkrCn_3KDaBl_lICK045ygaEq8jYEbt249IDD8e4JHUY5DmM8jQ-nP9upzwAYH-i8cCH75QuAD1p8wxyH7tJ5uUDkqBDdUSeDHVkIBHX-142MaZyG_i48OHjgFuCLxH9cdFMKVmHHZCOjeORVf4NdVReHZ4JuhHpWUW4gLIze3kC-PjiBwKB6SVmtWdxjuDrSHblSsVlvoGx47-1La6zaO-tGWVqnwq1nJeuqFamAcLjdES5c_LY7rPYF-NCXezWj30FxOuww9A46m9X781IIQAhNHtjfR-smwG-NF8lEW6IXisSs97_-DGZvGLoy-GrH8dkMuqvpwwivig==&nojs=0&ix=0&t=0&x=1600&y=1200&wcks=1&wgl=1&cnvs=1&os=0&md=0&bb=0&pl=Chrome%20PDF%20Plugin::Chrome%20PDF%20Viewer::Native%20Client&lang=en-US&pf=Linux%20x86_64&cd=24&0&pload=103
Requested by
Host: kneeansweras.com
URL: https://kneeansweras.com/submit.min.js?2.0
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
109.206.162.83 , Netherlands, ASN50245 (SERVEREL-AS, NL),
Reverse DNS
83.162.serverel.net
Software
nginx /
Resource Hash
14746bb66b5ea7bd9ef4a6cf1c97dc93e397a1bf7523d9ecdf0a9aae1d1e27b2

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36
Accept-Language
nl-NL,nl;q=0.9

Response headers

server
nginx
date
Fri, 03 Dec 2021 16:22:58 GMT
content-type
text/html; charset=utf-8
vary
Accept-Encoding
content-encoding
gzip
timing-allow-origin
*
index.html
517s61.reminews.com/dannig/common-player-arrow/ 		6 KB
7 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://517s61.reminews.com/dannig/common-player-arrow/index.html?var=1541502&ymid=211203112220e806003c5b42a8a650f38e2b&rc=1&mrc=0&fsc=0&zoneid=1601571&tburl=https://play-vids.com/?geo=nl&proxy=true
Requested by
Host: kneeansweras.com
URL: https://kneeansweras.com/?r=dir&zoneid=1541502&var=1541501&pb=7b8130b5790921f3eef41f1919b9337d1638555778&psp=IHwe7hBnFUQzpKo1aF45aeGngXRwyHtQtEtce6MDvDQqXR-QjpAQkzpUvJE9r0zbJ2zEdwssjLt_5Ekrlf-IjdfUQdnWDLKuUSQ9_abOAPhrLtZ-ApVccJekk1J14C2J9h7YHqv1Pds5oKT97gSPWRcXQ0CuQzVEyarCWfWr0zu_3e5xq4uuHN4S4I3Txgni0VRyxvjRl7tztFd2Jly9Padwp07MWU1VIbk8PK-pPl_8rAaHA8PAMVp3Ag8gI9p7rF48ERFAp2cRYwwdqPmQKpGwkpiy14ypVm3WgT43g3TzlK9gqvaCOP_kHpf8G8HPvCTT8OeJAfQcflGujbLhpuzICGOC57-TB5Op4nebkrCn_3KDaBl_lICK045ygaEq8jYEbt249IDD8e4JHUY5DmM8jQ-nP9upzwAYH-i8cCH75QuAD1p8wxyH7tJ5uUDkqBDdUSeDHVkIBHX-142MaZyG_i48OHjgFuCLxH9cdFMKVmHHZCOjeORVf4NdVReHZ4JuhHpWUW4gLIze3kC-PjiBwKB6SVmtWdxjuDrSHblSsVlvoGx47-1La6zaO-tGWVqnwq1nJeuqFamAcLjdES5c_LY7rPYF-NCXezWj30FxOuww9A46m9X781IIQAhNHtjfR-smwG-NF8lEW6IXisSs97_-DGZvGLoy-GrH8dkMuqvpwwivig==&nojs=0&ix=0&t=0&x=1600&y=1200&wcks=1&wgl=1&cnvs=1&os=0&md=0&bb=0&pl=Chrome%20PDF%20Plugin::Chrome%20PDF%20Viewer::Native%20Client&lang=en-US&pf=Linux%20x86_64&cd=24&0&pload=103
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
45.133.44.3 Philadelphia, United States, ASN39572 (ADVANCEDHOSTERS-AS, NL),
Reverse DNS
Software
nginx/1.18.0 /
Resource Hash
dccc56b4834577790633f041a5c730b0f283352e63c8509a9da3961b170b6f96

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36
Accept-Language
nl-NL,nl;q=0.9

Response headers

date
Fri, 03 Dec 2021 16:22:58 GMT
content-type
text/html; charset=utf-8
content-length
6611
server
nginx/1.18.0
last-modified
Tue, 26 Oct 2021 15:52:40 GMT
etag
f46a63e0e4e733d7ddc6f46da00863bf
x-timestamp
1635263559.76455
x-trans-id
txf9973ab5455e4f86ae257-00617824f3
x-openstack-request-id
txf9973ab5455e4f86ae257-00617824f3
cache-control
max-age=172800
access-control-allow-origin
*
access-control-allow-methods
HEAD,GET,POST,PUT,PATCH,DELETE,OPTIONS
access-control-allow-headers
Content-Type,X-Requested-With,X-Auth-Token,X-Openstack-Request-Id,X-Container-Meta-type,X-Container-Meta-Temp-URL-Key,Authorization
access-control-expose-headers
X-Container-Meta-Temp-Url-Key,X-Container-Bytes-Used,Last-Modified,X-Timestamp
expires
Sun, 05 Dec 2021 16:22:58 GMT
vary
Accept-Encoding
x-proxy-cache
HIT
accept-ranges
bytes
dupa.gif
kneeansweras.com/ 		0
0
script.js
123.selornews.com/dannig/common-player-arrow/ 		4 KB
5 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://123.selornews.com/dannig/common-player-arrow/script.js?a=19
Requested by
Host: 517s61.reminews.com
URL: https://517s61.reminews.com/dannig/common-player-arrow/index.html?var=1541502&ymid=211203112220e806003c5b42a8a650f38e2b&rc=1&mrc=0&fsc=0&zoneid=1601571&tburl=https://play-vids.com/?geo=nl&proxy=true
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
45.133.44.4 Philadelphia, United States, ASN39572 (ADVANCEDHOSTERS-AS, NL),
Reverse DNS
Software
nginx/1.18.0 /
Resource Hash
4d23eca65ee87fd5bce9aaefc863c5f836ad13dbb3069c72533bddfe2054d0d9

Request headers

Accept-Language
nl-NL,nl;q=0.9
Referer
https://517s61.reminews.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date
Fri, 03 Dec 2021 16:22:58 GMT
x-openstack-request-id
tx511d3042704c4fa98c709-00617824f4
x-trans-id
tx511d3042704c4fa98c709-00617824f4
x-timestamp
1631013005.68768
accept-ranges
bytes
expires
Sun, 05 Dec 2021 16:22:58 GMT
last-modified
Tue, 07 Sep 2021 11:10:06 GMT
server
nginx/1.18.0
etag
9d479878f1dadd7ee15cebf73891e8ae
vary
Accept-Encoding
access-control-allow-methods
HEAD,GET,POST,PUT,PATCH,DELETE,OPTIONS
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
access-control-expose-headers
X-Container-Meta-Temp-Url-Key,X-Container-Bytes-Used,Last-Modified,X-Timestamp
cache-control
max-age=172800
content-length
4281
access-control-allow-headers
Content-Type,X-Requested-With,X-Auth-Token,X-Openstack-Request-Id,X-Container-Meta-type,X-Container-Meta-Temp-URL-Key,Authorization
x-proxy-cache
HIT
icon1.png
123.selornews.com/dannig/common-player-arrow/img/ 		7 KB
8 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://123.selornews.com/dannig/common-player-arrow/img/icon1.png
Requested by
Host: 517s61.reminews.com
URL: https://517s61.reminews.com/dannig/common-player-arrow/index.html?var=1541502&ymid=211203112220e806003c5b42a8a650f38e2b&rc=1&mrc=0&fsc=0&zoneid=1601571&tburl=https://play-vids.com/?geo=nl&proxy=true
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
45.133.44.4 Philadelphia, United States, ASN39572 (ADVANCEDHOSTERS-AS, NL),
Reverse DNS
Software
nginx/1.18.0 /
Resource Hash
0515ddd9185d263874e7b66bb6d521fcd63b857aac5fed51c08df98026dafe27

Request headers

Accept-Language
nl-NL,nl;q=0.9
Referer
https://517s61.reminews.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date
Fri, 03 Dec 2021 16:22:58 GMT
x-openstack-request-id
tx3a371b7f911d47879e956-00617824f4
x-trans-id
tx3a371b7f911d47879e956-00617824f4
x-timestamp
1621260766.56573
accept-ranges
bytes
expires
Sun, 05 Dec 2021 16:22:58 GMT
last-modified
Mon, 17 May 2021 14:12:47 GMT
server
nginx/1.18.0
etag
3d0ab5834c8bf7134e4d21fa3288317f
vary
Accept-Encoding
access-control-allow-methods
HEAD,GET,POST,PUT,PATCH,DELETE,OPTIONS
content-type
image/png
access-control-allow-origin
*
access-control-expose-headers
X-Container-Meta-Temp-Url-Key,X-Container-Bytes-Used,Last-Modified,X-Timestamp
cache-control
max-age=172800
content-length
7252
access-control-allow-headers
Content-Type,X-Requested-With,X-Auth-Token,X-Openstack-Request-Id,X-Container-Meta-type,X-Container-Meta-Temp-URL-Key,Authorization
x-proxy-cache
HIT
icon2.png
123.selornews.com/dannig/common-player-arrow/img/ 		4 KB
5 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://123.selornews.com/dannig/common-player-arrow/img/icon2.png
Requested by
Host: 517s61.reminews.com
URL: https://517s61.reminews.com/dannig/common-player-arrow/index.html?var=1541502&ymid=211203112220e806003c5b42a8a650f38e2b&rc=1&mrc=0&fsc=0&zoneid=1601571&tburl=https://play-vids.com/?geo=nl&proxy=true
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
45.133.44.4 Philadelphia, United States, ASN39572 (ADVANCEDHOSTERS-AS, NL),
Reverse DNS
Software
nginx/1.18.0 /
Resource Hash

Request headers

Accept-Language
nl-NL,nl;q=0.9
Referer
https://517s61.reminews.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date
Fri, 03 Dec 2021 16:22:58 GMT
x-openstack-request-id
txa9b08c83d6884e2e94886-00617824f0
x-trans-id
txa9b08c83d6884e2e94886-00617824f0
x-timestamp
1621260766.58366
accept-ranges
bytes
expires
Sun, 05 Dec 2021 16:22:58 GMT
last-modified
Mon, 17 May 2021 14:12:47 GMT
server
nginx/1.18.0
etag
c947d439eb93367f1af5b2a3d222f057
vary
Accept-Encoding
access-control-allow-methods
HEAD,GET,POST,PUT,PATCH,DELETE,OPTIONS
content-type
image/png
access-control-allow-origin
*
access-control-expose-headers
X-Container-Meta-Temp-Url-Key,X-Container-Bytes-Used,Last-Modified,X-Timestamp
cache-control
max-age=172800
content-length
4576
access-control-allow-headers
Content-Type,X-Requested-With,X-Auth-Token,X-Openstack-Request-Id,X-Container-Meta-type,X-Container-Meta-Temp-URL-Key,Authorization
x-proxy-cache
HIT
icon3.png
123.selornews.com/dannig/common-player-arrow/img/ 		8 KB
8 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://123.selornews.com/dannig/common-player-arrow/img/icon3.png
Requested by
Host: 517s61.reminews.com
URL: https://517s61.reminews.com/dannig/common-player-arrow/index.html?var=1541502&ymid=211203112220e806003c5b42a8a650f38e2b&rc=1&mrc=0&fsc=0&zoneid=1601571&tburl=https://play-vids.com/?geo=nl&proxy=true
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
45.133.44.4 Philadelphia, United States, ASN39572 (ADVANCEDHOSTERS-AS, NL),
Reverse DNS
Software
nginx/1.18.0 /
Resource Hash

Request headers

Accept-Language
nl-NL,nl;q=0.9
Referer
https://517s61.reminews.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date
Fri, 03 Dec 2021 16:22:58 GMT
x-openstack-request-id
txe836bc800dc74cab8c17e-00617824f0
x-trans-id
txe836bc800dc74cab8c17e-00617824f0
x-timestamp
1621260770.61859
accept-ranges
bytes
expires
Sun, 05 Dec 2021 16:22:58 GMT
last-modified
Mon, 17 May 2021 14:12:51 GMT
server
nginx/1.18.0
etag
8f3cc830da0b1fdf66bda7d1d734747b
vary
Accept-Encoding
access-control-allow-methods
HEAD,GET,POST,PUT,PATCH,DELETE,OPTIONS
content-type
image/png
access-control-allow-origin
*
access-control-expose-headers
X-Container-Meta-Temp-Url-Key,X-Container-Bytes-Used,Last-Modified,X-Timestamp
cache-control
max-age=172800
content-length
7847
access-control-allow-headers
Content-Type,X-Requested-With,X-Auth-Token,X-Openstack-Request-Id,X-Container-Meta-type,X-Container-Meta-Temp-URL-Key,Authorization
x-proxy-cache
HIT
icon4.png
123.selornews.com/dannig/common-player-arrow/img/ 		7 KB
7 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://123.selornews.com/dannig/common-player-arrow/img/icon4.png
Requested by
Host: 517s61.reminews.com
URL: https://517s61.reminews.com/dannig/common-player-arrow/index.html?var=1541502&ymid=211203112220e806003c5b42a8a650f38e2b&rc=1&mrc=0&fsc=0&zoneid=1601571&tburl=https://play-vids.com/?geo=nl&proxy=true
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
45.133.44.4 Philadelphia, United States, ASN39572 (ADVANCEDHOSTERS-AS, NL),
Reverse DNS
Software
nginx/1.18.0 /
Resource Hash

Request headers

Accept-Language
nl-NL,nl;q=0.9
Referer
https://517s61.reminews.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date
Fri, 03 Dec 2021 16:22:58 GMT
x-openstack-request-id
tx15b172dcb6084849bf123-00617824f0
x-trans-id
tx15b172dcb6084849bf123-00617824f0
x-timestamp
1621260766.57654
accept-ranges
bytes
expires
Sun, 05 Dec 2021 16:22:58 GMT
last-modified
Mon, 17 May 2021 14:12:47 GMT
server
nginx/1.18.0
etag
7ad7f32c1c0df7b4975cc41bda4ac435
vary
Accept-Encoding
access-control-allow-methods
HEAD,GET,POST,PUT,PATCH,DELETE,OPTIONS
content-type
image/png
access-control-allow-origin
*
access-control-expose-headers
X-Container-Meta-Temp-Url-Key,X-Container-Bytes-Used,Last-Modified,X-Timestamp
cache-control
max-age=172800
content-length
7032
access-control-allow-headers
Content-Type,X-Requested-With,X-Auth-Token,X-Openstack-Request-Id,X-Container-Meta-type,X-Container-Meta-Temp-URL-Key,Authorization
x-proxy-cache
HIT
icon5.png
123.selornews.com/dannig/common-player-arrow/img/ 		3 KB
4 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://123.selornews.com/dannig/common-player-arrow/img/icon5.png
Requested by
Host: 517s61.reminews.com
URL: https://517s61.reminews.com/dannig/common-player-arrow/index.html?var=1541502&ymid=211203112220e806003c5b42a8a650f38e2b&rc=1&mrc=0&fsc=0&zoneid=1601571&tburl=https://play-vids.com/?geo=nl&proxy=true
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
45.133.44.4 Philadelphia, United States, ASN39572 (ADVANCEDHOSTERS-AS, NL),
Reverse DNS
Software
nginx/1.18.0 /
Resource Hash

Request headers

Accept-Language
nl-NL,nl;q=0.9
Referer
https://517s61.reminews.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date
Fri, 03 Dec 2021 16:22:58 GMT
x-openstack-request-id
txb5043e51fe2e4d6988631-00617824f0
x-trans-id
txb5043e51fe2e4d6988631-00617824f0
x-timestamp
1621260766.74516
accept-ranges
bytes
expires
Sun, 05 Dec 2021 16:22:58 GMT
last-modified
Mon, 17 May 2021 14:12:47 GMT
server
nginx/1.18.0
etag
1e1a7582b5da63e10485d63f97abc9a0
vary
Accept-Encoding
access-control-allow-methods
HEAD,GET,POST,PUT,PATCH,DELETE,OPTIONS
content-type
image/png
access-control-allow-origin
*
access-control-expose-headers
X-Container-Meta-Temp-Url-Key,X-Container-Bytes-Used,Last-Modified,X-Timestamp
cache-control
max-age=172800
content-length
3264
access-control-allow-headers
Content-Type,X-Requested-With,X-Auth-Token,X-Openstack-Request-Id,X-Container-Meta-type,X-Container-Meta-Temp-URL-Key,Authorization
x-proxy-cache
HIT
icon7.png
123.selornews.com/dannig/common-player-arrow/img/ 		3 KB
4 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://123.selornews.com/dannig/common-player-arrow/img/icon7.png
Requested by
Host: 517s61.reminews.com
URL: https://517s61.reminews.com/dannig/common-player-arrow/index.html?var=1541502&ymid=211203112220e806003c5b42a8a650f38e2b&rc=1&mrc=0&fsc=0&zoneid=1601571&tburl=https://play-vids.com/?geo=nl&proxy=true
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
45.133.44.4 Philadelphia, United States, ASN39572 (ADVANCEDHOSTERS-AS, NL),
Reverse DNS
Software
nginx/1.18.0 /
Resource Hash

Request headers

Accept-Language
nl-NL,nl;q=0.9
Referer
https://517s61.reminews.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date
Fri, 03 Dec 2021 16:22:58 GMT
x-openstack-request-id
tx23eb648f44094a9e86fdc-00617824f0
x-trans-id
tx23eb648f44094a9e86fdc-00617824f0
x-timestamp
1621260767.43555
accept-ranges
bytes
expires
Sun, 05 Dec 2021 16:22:58 GMT
last-modified
Mon, 17 May 2021 14:12:48 GMT
server
nginx/1.18.0
etag
b512735542cb07b3b2dcf153a7dfe456
vary
Accept-Encoding
access-control-allow-methods
HEAD,GET,POST,PUT,PATCH,DELETE,OPTIONS
content-type
image/png
access-control-allow-origin
*
access-control-expose-headers
X-Container-Meta-Temp-Url-Key,X-Container-Bytes-Used,Last-Modified,X-Timestamp
cache-control
max-age=172800
content-length
3283
access-control-allow-headers
Content-Type,X-Requested-With,X-Auth-Token,X-Openstack-Request-Id,X-Container-Meta-type,X-Container-Meta-Temp-URL-Key,Authorization
x-proxy-cache
HIT
icon8.png
123.selornews.com/dannig/common-player-arrow/img/ 		4 KB
5 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://123.selornews.com/dannig/common-player-arrow/img/icon8.png
Requested by
Host: 517s61.reminews.com
URL: https://517s61.reminews.com/dannig/common-player-arrow/index.html?var=1541502&ymid=211203112220e806003c5b42a8a650f38e2b&rc=1&mrc=0&fsc=0&zoneid=1601571&tburl=https://play-vids.com/?geo=nl&proxy=true
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
45.133.44.4 Philadelphia, United States, ASN39572 (ADVANCEDHOSTERS-AS, NL),
Reverse DNS
Software
nginx/1.18.0 /
Resource Hash

Request headers

Accept-Language
nl-NL,nl;q=0.9
Referer
https://517s61.reminews.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date
Fri, 03 Dec 2021 16:22:58 GMT
x-openstack-request-id
tx287de7c84de84b77b385d-00617824f0
x-trans-id
tx287de7c84de84b77b385d-00617824f0
x-timestamp
1621260767.46514
accept-ranges
bytes
expires
Sun, 05 Dec 2021 16:22:58 GMT
last-modified
Mon, 17 May 2021 14:12:48 GMT
server
nginx/1.18.0
etag
f92d6474ebc6a3a0b576749cfb4afe98
vary
Accept-Encoding
access-control-allow-methods
HEAD,GET,POST,PUT,PATCH,DELETE,OPTIONS
content-type
image/png
access-control-allow-origin
*
access-control-expose-headers
X-Container-Meta-Temp-Url-Key,X-Container-Bytes-Used,Last-Modified,X-Timestamp
cache-control
max-age=172800
content-length
4064
access-control-allow-headers
Content-Type,X-Requested-With,X-Auth-Token,X-Openstack-Request-Id,X-Container-Meta-type,X-Container-Meta-Temp-URL-Key,Authorization
x-proxy-cache
HIT
afu.php
kneeansweras.com/ 		2 KB
1 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://kneeansweras.com/afu.php?zoneid=1541501&var=1541502
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
109.206.162.83 , Netherlands, ASN50245 (SERVEREL-AS, NL),
Reverse DNS
83.162.serverel.net
Software
nginx /
Resource Hash
f501bbc38122b0ee39393b3976c336d3d19fefef0498989f3da1aebe449b1c6f

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36
Accept-Language
nl-NL,nl;q=0.9

Response headers

server
nginx
date
Fri, 03 Dec 2021 16:22:58 GMT
content-type
text/html; charset=utf-8
vary
Accept-Encoding
content-encoding
gzip
timing-allow-origin
*
submit.min.js
kneeansweras.com/ 		34 KB
14 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://kneeansweras.com/submit.min.js?2.0
Requested by
Host: kneeansweras.com
URL: https://kneeansweras.com/afu.php?zoneid=1541501&var=1541502
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
109.206.162.83 , Netherlands, ASN50245 (SERVEREL-AS, NL),
Reverse DNS
83.162.serverel.net
Software
nginx /
Resource Hash
85a367f436675a0f9ff723ab117c68ab0f704cd9f183bc40c8d5e06d647832b8

Request headers

Accept-Language
nl-NL,nl;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date
Fri, 03 Dec 2021 16:22:58 GMT
content-encoding
gzip
last-modified
Thu, 02 Dec 2021 12:43:17 GMT
server
nginx
etag
W/"61a8bf65-87fb"
vary
Accept-Encoding
content-type
application/javascript
timing-allow-origin
*
/
kneeansweras.com/ 		3 KB
2 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://kneeansweras.com/?r=dir&zoneid=1541501&var=1541502&pb=7b8130b5790921f3eef41f1919b9337d1638555778&psp=n_15Cb4HHON_3bjCFmTlvdRnI27Eu3W9BlRvhhfu1xoWCWzXNYBQz7DN_EaweIVSJ5B8kLcnyiqh4y63bLCEGRGPOiPtxLWf3-uhdWr6EvXR9DfXVDwEYxMSSslQ4uoNydZObjO5uGaN1m8Ukli1E0AVpRItly5hvMhlBHQmVx0MUZCBRWdqx_gTuOoADeL_61HMaBTvXb1tXWTrYnAz7PIC9DGDJkSMpZSh-XuSbmQ-vjP0XhOlU3R2nZsLcgX67HeW79IsuOsNIaOxm7_B-T1lPGJyM-cQYCjdZLBmMO1NM4ZjyWrtyvEhXWXTlKdTuWitz-bKhcvE3wlWNRCdt3J-_blikEg_4HKDjQ38fDfrMbZ14UehPEKxJ_x0st7PUUFGCgmSFn6Yd1E18rCEC3X0LSELscWNgMLaGQl6YiEAc0FGkmqeHZyOBxkP9P4pTs-T9NVzXK3Q85IT5yQI-8qckeelpBmBVkdnZsiyzeoaGj5mdngGc33J0pE_9DCdpuHb6A7zup2cLMbimMQQMj00fVuBakp29afKMIpyAbQMfHPr7WqJuocAJ9bYMErFzeWAQwjMsWS9XG7oGjbh5whlZ2x5NR2kqLkTxo6wbeEvX7sAC17KAtTZxHzhxkzbZ5QaRwycX_yZMXA2JHShtEi4vgJItvuiaJlcQtU245ilnVFSQUu1WQ==&nojs=0&ix=0&t=0&x=1600&y=1200&wcks=1&wgl=1&cnvs=1&os=0&md=0&bb=0&pl=Chrome%20PDF%20Plugin::Chrome%20PDF%20Viewer::Native%20Client&lang=en-US&pf=Linux%20x86_64&cd=24&0&pload=112
Requested by
Host: kneeansweras.com
URL: https://kneeansweras.com/submit.min.js?2.0
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
109.206.162.83 , Netherlands, ASN50245 (SERVEREL-AS, NL),
Reverse DNS
83.162.serverel.net
Software
nginx /
Resource Hash
55858491783644434e31df917480b464e9b686dc76cc3469e14d28ca1622312b

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36
Accept-Language
nl-NL,nl;q=0.9

Response headers

server
nginx
date
Fri, 03 Dec 2021 16:22:58 GMT
content-type
text/html; charset=utf-8
vary
Accept-Encoding
content-encoding
gzip
timing-allow-origin
*
index.html
517s61.reminews.com/dannig/common-player-arrow/ 		6 KB
7 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://517s61.reminews.com/dannig/common-player-arrow/index.html?var=1541501&ymid=2112031122d1cb9f748ac64850a959a59987&rc=1&mrc=0&fsc=0&zoneid=1601571&tburl=https://play-vids.com/?geo=nl&proxy=true
Requested by
Host: kneeansweras.com
URL: https://kneeansweras.com/?r=dir&zoneid=1541501&var=1541502&pb=7b8130b5790921f3eef41f1919b9337d1638555778&psp=n_15Cb4HHON_3bjCFmTlvdRnI27Eu3W9BlRvhhfu1xoWCWzXNYBQz7DN_EaweIVSJ5B8kLcnyiqh4y63bLCEGRGPOiPtxLWf3-uhdWr6EvXR9DfXVDwEYxMSSslQ4uoNydZObjO5uGaN1m8Ukli1E0AVpRItly5hvMhlBHQmVx0MUZCBRWdqx_gTuOoADeL_61HMaBTvXb1tXWTrYnAz7PIC9DGDJkSMpZSh-XuSbmQ-vjP0XhOlU3R2nZsLcgX67HeW79IsuOsNIaOxm7_B-T1lPGJyM-cQYCjdZLBmMO1NM4ZjyWrtyvEhXWXTlKdTuWitz-bKhcvE3wlWNRCdt3J-_blikEg_4HKDjQ38fDfrMbZ14UehPEKxJ_x0st7PUUFGCgmSFn6Yd1E18rCEC3X0LSELscWNgMLaGQl6YiEAc0FGkmqeHZyOBxkP9P4pTs-T9NVzXK3Q85IT5yQI-8qckeelpBmBVkdnZsiyzeoaGj5mdngGc33J0pE_9DCdpuHb6A7zup2cLMbimMQQMj00fVuBakp29afKMIpyAbQMfHPr7WqJuocAJ9bYMErFzeWAQwjMsWS9XG7oGjbh5whlZ2x5NR2kqLkTxo6wbeEvX7sAC17KAtTZxHzhxkzbZ5QaRwycX_yZMXA2JHShtEi4vgJItvuiaJlcQtU245ilnVFSQUu1WQ==&nojs=0&ix=0&t=0&x=1600&y=1200&wcks=1&wgl=1&cnvs=1&os=0&md=0&bb=0&pl=Chrome%20PDF%20Plugin::Chrome%20PDF%20Viewer::Native%20Client&lang=en-US&pf=Linux%20x86_64&cd=24&0&pload=112
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
45.133.44.3 Philadelphia, United States, ASN39572 (ADVANCEDHOSTERS-AS, NL),
Reverse DNS
Software
nginx/1.18.0 /
Resource Hash
dccc56b4834577790633f041a5c730b0f283352e63c8509a9da3961b170b6f96

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36
Accept-Language
nl-NL,nl;q=0.9

Response headers

date
Fri, 03 Dec 2021 16:22:58 GMT
content-type
text/html; charset=utf-8
content-length
6611
server
nginx/1.18.0
last-modified
Tue, 26 Oct 2021 15:52:40 GMT
etag
f46a63e0e4e733d7ddc6f46da00863bf
x-timestamp
1635263559.76455
x-trans-id
txf9973ab5455e4f86ae257-00617824f3
x-openstack-request-id
txf9973ab5455e4f86ae257-00617824f3
cache-control
max-age=172800
access-control-allow-origin
*
access-control-allow-methods
HEAD,GET,POST,PUT,PATCH,DELETE,OPTIONS
access-control-allow-headers
Content-Type,X-Requested-With,X-Auth-Token,X-Openstack-Request-Id,X-Container-Meta-type,X-Container-Meta-Temp-URL-Key,Authorization
access-control-expose-headers
X-Container-Meta-Temp-Url-Key,X-Container-Bytes-Used,Last-Modified,X-Timestamp
expires
Sun, 05 Dec 2021 16:22:58 GMT
vary
Accept-Encoding
x-proxy-cache
HIT
accept-ranges
bytes
dupa.gif
kneeansweras.com/ 		0
0
script.js
123.selornews.com/dannig/common-player-arrow/ 		4 KB
5 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://123.selornews.com/dannig/common-player-arrow/script.js?a=19
Requested by
Host: 517s61.reminews.com
URL: https://517s61.reminews.com/dannig/common-player-arrow/index.html?var=1541501&ymid=2112031122d1cb9f748ac64850a959a59987&rc=1&mrc=0&fsc=0&zoneid=1601571&tburl=https://play-vids.com/?geo=nl&proxy=true
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
45.133.44.4 Philadelphia, United States, ASN39572 (ADVANCEDHOSTERS-AS, NL),
Reverse DNS
Software
nginx/1.18.0 /
Resource Hash
4d23eca65ee87fd5bce9aaefc863c5f836ad13dbb3069c72533bddfe2054d0d9

Request headers

Accept-Language
nl-NL,nl;q=0.9
Referer
https://517s61.reminews.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date
Fri, 03 Dec 2021 16:22:58 GMT
x-openstack-request-id
tx511d3042704c4fa98c709-00617824f4
x-trans-id
tx511d3042704c4fa98c709-00617824f4
x-timestamp
1631013005.68768
accept-ranges
bytes
expires
Sun, 05 Dec 2021 16:22:58 GMT
last-modified
Tue, 07 Sep 2021 11:10:06 GMT
server
nginx/1.18.0
etag
9d479878f1dadd7ee15cebf73891e8ae
vary
Accept-Encoding
access-control-allow-methods
HEAD,GET,POST,PUT,PATCH,DELETE,OPTIONS
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
access-control-expose-headers
X-Container-Meta-Temp-Url-Key,X-Container-Bytes-Used,Last-Modified,X-Timestamp
cache-control
max-age=172800
content-length
4281
access-control-allow-headers
Content-Type,X-Requested-With,X-Auth-Token,X-Openstack-Request-Id,X-Container-Meta-type,X-Container-Meta-Temp-URL-Key,Authorization
x-proxy-cache
HIT
icon1.png
123.selornews.com/dannig/common-player-arrow/img/ 		7 KB
8 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://123.selornews.com/dannig/common-player-arrow/img/icon1.png
Requested by
Host: 517s61.reminews.com
URL: https://517s61.reminews.com/dannig/common-player-arrow/index.html?var=1541501&ymid=2112031122d1cb9f748ac64850a959a59987&rc=1&mrc=0&fsc=0&zoneid=1601571&tburl=https://play-vids.com/?geo=nl&proxy=true
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
45.133.44.4 Philadelphia, United States, ASN39572 (ADVANCEDHOSTERS-AS, NL),
Reverse DNS
Software
nginx/1.18.0 /
Resource Hash

Request headers

Accept-Language
nl-NL,nl;q=0.9
Referer
https://517s61.reminews.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date
Fri, 03 Dec 2021 16:22:58 GMT
x-openstack-request-id
tx3a371b7f911d47879e956-00617824f4
x-trans-id
tx3a371b7f911d47879e956-00617824f4
x-timestamp
1621260766.56573
accept-ranges
bytes
expires
Sun, 05 Dec 2021 16:22:58 GMT
last-modified
Mon, 17 May 2021 14:12:47 GMT
server
nginx/1.18.0
etag
3d0ab5834c8bf7134e4d21fa3288317f
vary
Accept-Encoding
access-control-allow-methods
HEAD,GET,POST,PUT,PATCH,DELETE,OPTIONS
content-type
image/png
access-control-allow-origin
*
access-control-expose-headers
X-Container-Meta-Temp-Url-Key,X-Container-Bytes-Used,Last-Modified,X-Timestamp
cache-control
max-age=172800
content-length
7252
access-control-allow-headers
Content-Type,X-Requested-With,X-Auth-Token,X-Openstack-Request-Id,X-Container-Meta-type,X-Container-Meta-Temp-URL-Key,Authorization
x-proxy-cache
HIT
icon2.png
123.selornews.com/dannig/common-player-arrow/img/ 		4 KB
5 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://123.selornews.com/dannig/common-player-arrow/img/icon2.png
Requested by
Host: 517s61.reminews.com
URL: https://517s61.reminews.com/dannig/common-player-arrow/index.html?var=1541501&ymid=2112031122d1cb9f748ac64850a959a59987&rc=1&mrc=0&fsc=0&zoneid=1601571&tburl=https://play-vids.com/?geo=nl&proxy=true
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
45.133.44.4 Philadelphia, United States, ASN39572 (ADVANCEDHOSTERS-AS, NL),
Reverse DNS
Software
nginx/1.18.0 /
Resource Hash

Request headers

Accept-Language
nl-NL,nl;q=0.9
Referer
https://517s61.reminews.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date
Fri, 03 Dec 2021 16:22:58 GMT
x-openstack-request-id
txa9b08c83d6884e2e94886-00617824f0
x-trans-id
txa9b08c83d6884e2e94886-00617824f0
x-timestamp
1621260766.58366
accept-ranges
bytes
expires
Sun, 05 Dec 2021 16:22:58 GMT
last-modified
Mon, 17 May 2021 14:12:47 GMT
server
nginx/1.18.0
etag
c947d439eb93367f1af5b2a3d222f057
vary
Accept-Encoding
access-control-allow-methods
HEAD,GET,POST,PUT,PATCH,DELETE,OPTIONS
content-type
image/png
access-control-allow-origin
*
access-control-expose-headers
X-Container-Meta-Temp-Url-Key,X-Container-Bytes-Used,Last-Modified,X-Timestamp
cache-control
max-age=172800
content-length
4576
access-control-allow-headers
Content-Type,X-Requested-With,X-Auth-Token,X-Openstack-Request-Id,X-Container-Meta-type,X-Container-Meta-Temp-URL-Key,Authorization
x-proxy-cache
HIT
icon3.png
123.selornews.com/dannig/common-player-arrow/img/ 		8 KB
8 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://123.selornews.com/dannig/common-player-arrow/img/icon3.png
Requested by
Host: 517s61.reminews.com
URL: https://517s61.reminews.com/dannig/common-player-arrow/index.html?var=1541501&ymid=2112031122d1cb9f748ac64850a959a59987&rc=1&mrc=0&fsc=0&zoneid=1601571&tburl=https://play-vids.com/?geo=nl&proxy=true
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
45.133.44.4 Philadelphia, United States, ASN39572 (ADVANCEDHOSTERS-AS, NL),
Reverse DNS
Software
nginx/1.18.0 /
Resource Hash

Request headers

Accept-Language
nl-NL,nl;q=0.9
Referer
https://517s61.reminews.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date
Fri, 03 Dec 2021 16:22:58 GMT
x-openstack-request-id
txe836bc800dc74cab8c17e-00617824f0
x-trans-id
txe836bc800dc74cab8c17e-00617824f0
x-timestamp
1621260770.61859
accept-ranges
bytes
expires
Sun, 05 Dec 2021 16:22:58 GMT
last-modified
Mon, 17 May 2021 14:12:51 GMT
server
nginx/1.18.0
etag
8f3cc830da0b1fdf66bda7d1d734747b
vary
Accept-Encoding
access-control-allow-methods
HEAD,GET,POST,PUT,PATCH,DELETE,OPTIONS
content-type
image/png
access-control-allow-origin
*
access-control-expose-headers
X-Container-Meta-Temp-Url-Key,X-Container-Bytes-Used,Last-Modified,X-Timestamp
cache-control
max-age=172800
content-length
7847
access-control-allow-headers
Content-Type,X-Requested-With,X-Auth-Token,X-Openstack-Request-Id,X-Container-Meta-type,X-Container-Meta-Temp-URL-Key,Authorization
x-proxy-cache
HIT
icon4.png
123.selornews.com/dannig/common-player-arrow/img/ 		7 KB
7 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://123.selornews.com/dannig/common-player-arrow/img/icon4.png
Requested by
Host: 517s61.reminews.com
URL: https://517s61.reminews.com/dannig/common-player-arrow/index.html?var=1541501&ymid=2112031122d1cb9f748ac64850a959a59987&rc=1&mrc=0&fsc=0&zoneid=1601571&tburl=https://play-vids.com/?geo=nl&proxy=true
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
45.133.44.4 Philadelphia, United States, ASN39572 (ADVANCEDHOSTERS-AS, NL),
Reverse DNS
Software
nginx/1.18.0 /
Resource Hash

Request headers

Accept-Language
nl-NL,nl;q=0.9
Referer
https://517s61.reminews.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date
Fri, 03 Dec 2021 16:22:58 GMT
x-openstack-request-id
tx15b172dcb6084849bf123-00617824f0
x-trans-id
tx15b172dcb6084849bf123-00617824f0
x-timestamp
1621260766.57654
accept-ranges
bytes
expires
Sun, 05 Dec 2021 16:22:58 GMT
last-modified
Mon, 17 May 2021 14:12:47 GMT
server
nginx/1.18.0
etag
7ad7f32c1c0df7b4975cc41bda4ac435
vary
Accept-Encoding
access-control-allow-methods
HEAD,GET,POST,PUT,PATCH,DELETE,OPTIONS
content-type
image/png
access-control-allow-origin
*
access-control-expose-headers
X-Container-Meta-Temp-Url-Key,X-Container-Bytes-Used,Last-Modified,X-Timestamp
cache-control
max-age=172800
content-length
7032
access-control-allow-headers
Content-Type,X-Requested-With,X-Auth-Token,X-Openstack-Request-Id,X-Container-Meta-type,X-Container-Meta-Temp-URL-Key,Authorization
x-proxy-cache
HIT
icon5.png
123.selornews.com/dannig/common-player-arrow/img/ 		3 KB
4 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://123.selornews.com/dannig/common-player-arrow/img/icon5.png
Requested by
Host: 517s61.reminews.com
URL: https://517s61.reminews.com/dannig/common-player-arrow/index.html?var=1541501&ymid=2112031122d1cb9f748ac64850a959a59987&rc=1&mrc=0&fsc=0&zoneid=1601571&tburl=https://play-vids.com/?geo=nl&proxy=true
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
45.133.44.4 Philadelphia, United States, ASN39572 (ADVANCEDHOSTERS-AS, NL),
Reverse DNS
Software
nginx/1.18.0 /
Resource Hash

Request headers

Accept-Language
nl-NL,nl;q=0.9
Referer
https://517s61.reminews.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date
Fri, 03 Dec 2021 16:22:58 GMT
x-openstack-request-id
txb5043e51fe2e4d6988631-00617824f0
x-trans-id
txb5043e51fe2e4d6988631-00617824f0
x-timestamp
1621260766.74516
accept-ranges
bytes
expires
Sun, 05 Dec 2021 16:22:58 GMT
last-modified
Mon, 17 May 2021 14:12:47 GMT
server
nginx/1.18.0
etag
1e1a7582b5da63e10485d63f97abc9a0
vary
Accept-Encoding
access-control-allow-methods
HEAD,GET,POST,PUT,PATCH,DELETE,OPTIONS
content-type
image/png
access-control-allow-origin
*
access-control-expose-headers
X-Container-Meta-Temp-Url-Key,X-Container-Bytes-Used,Last-Modified,X-Timestamp
cache-control
max-age=172800
content-length
3264
access-control-allow-headers
Content-Type,X-Requested-With,X-Auth-Token,X-Openstack-Request-Id,X-Container-Meta-type,X-Container-Meta-Temp-URL-Key,Authorization
x-proxy-cache
HIT
icon7.png
123.selornews.com/dannig/common-player-arrow/img/ 		3 KB
4 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://123.selornews.com/dannig/common-player-arrow/img/icon7.png
Requested by
Host: 517s61.reminews.com
URL: https://517s61.reminews.com/dannig/common-player-arrow/index.html?var=1541501&ymid=2112031122d1cb9f748ac64850a959a59987&rc=1&mrc=0&fsc=0&zoneid=1601571&tburl=https://play-vids.com/?geo=nl&proxy=true
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
45.133.44.4 Philadelphia, United States, ASN39572 (ADVANCEDHOSTERS-AS, NL),
Reverse DNS
Software
nginx/1.18.0 /
Resource Hash

Request headers

Accept-Language
nl-NL,nl;q=0.9
Referer
https://517s61.reminews.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date
Fri, 03 Dec 2021 16:22:58 GMT
x-openstack-request-id
tx23eb648f44094a9e86fdc-00617824f0
x-trans-id
tx23eb648f44094a9e86fdc-00617824f0
x-timestamp
1621260767.43555
accept-ranges
bytes
expires
Sun, 05 Dec 2021 16:22:58 GMT
last-modified
Mon, 17 May 2021 14:12:48 GMT
server
nginx/1.18.0
etag
b512735542cb07b3b2dcf153a7dfe456
vary
Accept-Encoding
access-control-allow-methods
HEAD,GET,POST,PUT,PATCH,DELETE,OPTIONS
content-type
image/png
access-control-allow-origin
*
access-control-expose-headers
X-Container-Meta-Temp-Url-Key,X-Container-Bytes-Used,Last-Modified,X-Timestamp
cache-control
max-age=172800
content-length
3283
access-control-allow-headers
Content-Type,X-Requested-With,X-Auth-Token,X-Openstack-Request-Id,X-Container-Meta-type,X-Container-Meta-Temp-URL-Key,Authorization
x-proxy-cache
HIT
icon8.png
123.selornews.com/dannig/common-player-arrow/img/ 		4 KB
5 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://123.selornews.com/dannig/common-player-arrow/img/icon8.png
Requested by
Host: 517s61.reminews.com
URL: https://517s61.reminews.com/dannig/common-player-arrow/index.html?var=1541501&ymid=2112031122d1cb9f748ac64850a959a59987&rc=1&mrc=0&fsc=0&zoneid=1601571&tburl=https://play-vids.com/?geo=nl&proxy=true
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
45.133.44.4 Philadelphia, United States, ASN39572 (ADVANCEDHOSTERS-AS, NL),
Reverse DNS
Software
nginx/1.18.0 /
Resource Hash

Request headers

Accept-Language
nl-NL,nl;q=0.9
Referer
https://517s61.reminews.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date
Fri, 03 Dec 2021 16:22:58 GMT
x-openstack-request-id
tx287de7c84de84b77b385d-00617824f0
x-trans-id
tx287de7c84de84b77b385d-00617824f0
x-timestamp
1621260767.46514
accept-ranges
bytes
expires
Sun, 05 Dec 2021 16:22:58 GMT
last-modified
Mon, 17 May 2021 14:12:48 GMT
server
nginx/1.18.0
etag
f92d6474ebc6a3a0b576749cfb4afe98
vary
Accept-Encoding
access-control-allow-methods
HEAD,GET,POST,PUT,PATCH,DELETE,OPTIONS
content-type
image/png
access-control-allow-origin
*
access-control-expose-headers
X-Container-Meta-Temp-Url-Key,X-Container-Bytes-Used,Last-Modified,X-Timestamp
cache-control
max-age=172800
content-length
4064
access-control-allow-headers
Content-Type,X-Requested-With,X-Auth-Token,X-Openstack-Request-Id,X-Container-Meta-type,X-Container-Meta-Temp-URL-Key,Authorization
x-proxy-cache
HIT
afu.php
kneeansweras.com/ 		2 KB
1 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://kneeansweras.com/afu.php?zoneid=1541502&var=1541501
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
109.206.162.83 , Netherlands, ASN50245 (SERVEREL-AS, NL),
Reverse DNS
83.162.serverel.net
Software
nginx /
Resource Hash
af17fc2c613f8903859d252e13bf2d04b2f2c5823dc8f63397e0bb24efd53974

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36
Accept-Language
nl-NL,nl;q=0.9

Response headers

server
nginx
date
Fri, 03 Dec 2021 16:22:58 GMT
content-type
text/html; charset=utf-8
vary
Accept-Encoding
content-encoding
gzip
timing-allow-origin
*
submit.min.js
kneeansweras.com/ 		34 KB
14 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://kneeansweras.com/submit.min.js?2.0
Requested by
Host: kneeansweras.com
URL: https://kneeansweras.com/afu.php?zoneid=1541502&var=1541501
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
109.206.162.83 , Netherlands, ASN50245 (SERVEREL-AS, NL),
Reverse DNS
83.162.serverel.net
Software
nginx /
Resource Hash
85a367f436675a0f9ff723ab117c68ab0f704cd9f183bc40c8d5e06d647832b8

Request headers

Accept-Language
nl-NL,nl;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date
Fri, 03 Dec 2021 16:22:58 GMT
content-encoding
gzip
last-modified
Thu, 02 Dec 2021 12:43:17 GMT
server
nginx
etag
W/"61a8bf65-87fb"
vary
Accept-Encoding
content-type
application/javascript
timing-allow-origin
*
/
kneeansweras.com/ 		3 KB
2 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://kneeansweras.com/?r=dir&zoneid=1541502&var=1541501&pb=7b8130b5790921f3eef41f1919b9337d1638555778&psp=7j76XnH5wPK4RXgrLLZ2BgXGGB6wty_GD9ok8Cp_Xrh_0cmmTv4A8HWH9ne99vGCJ19LxeYi0MFyTx3wO7wcNBI3U_WzOATT8bbeNTZU_8vJBFBK2qTEQsgXE9Yz9Lw9PY5cciOUvBeJLAXZXGT_4hkzstk_4SXKsGgeBV9odN8RgLjMlREzBHizpO4_p2c0NQC0exxt4ug--9TperAcgQFAGmAP0tPwOu4oSj_N15uLc_2GEp_1KDYlWPC8lDErPg8Y4KsWpHTdv0AfxJ-4fFJyNA0W6fllu1uUTjQZzw1gfbXYXZ-GyUPysdooTqpCS7hmxf48nC_lJ-k9FwHwm7Oq14KB_43L5v6WfhoYkxxgSME4aUSrkp1lbGlsPT0wTyMlwn1V9gmR7pSRooNzKN8nBoJgjAf8dDbVSBH8_tf1kPhlbIkYiwPLnuinFwPSMTwMmuH4uz3EwWluXFveFSwrRsIzzJgb4A6UoCax8MwWYwzvypawUwmoFdteTU0Ut4A6g1kjTua9UcWQ2-EoFLPyQVuhhjTeaxcM25wdDpyFOhFBOVEHDZMd5-yL4m9vg1Ol3GIvfJUE4PN5_64s8QZH-Unn4hg04U_7UML2rxI63gKZXgt7DnoKHH54C40Vdc0sgcejz8dJRwADQwkTg_wwU01xiAVCBjsmRRQCTM3bllrrSc2HEw==&nojs=0&ix=0&t=0&x=1600&y=1200&wcks=1&wgl=1&cnvs=1&os=0&md=0&bb=0&pl=Chrome%20PDF%20Plugin::Chrome%20PDF%20Viewer::Native%20Client&lang=en-US&pf=Linux%20x86_64&cd=24&0&pload=101
Requested by
Host: kneeansweras.com
URL: https://kneeansweras.com/submit.min.js?2.0
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
109.206.162.83 , Netherlands, ASN50245 (SERVEREL-AS, NL),
Reverse DNS
83.162.serverel.net
Software
nginx /
Resource Hash
f875c1121dddb5345e2780561390c4bfe5795bab7d951f00c2c17e0377e2f7b5

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36
Accept-Language
nl-NL,nl;q=0.9

Response headers

server
nginx
date
Fri, 03 Dec 2021 16:22:58 GMT
content-type
text/html; charset=utf-8
vary
Accept-Encoding
content-encoding
gzip
timing-allow-origin
*
index.html
517s61.reminews.com/dannig/common-player-arrow/ 		6 KB
7 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://517s61.reminews.com/dannig/common-player-arrow/index.html?var=1541502&ymid=211203112295837e7621f54c92a684512854&rc=1&mrc=0&fsc=0&zoneid=1601571&tburl=https://play-vids.com/?geo=nl&proxy=true
Requested by
Host: kneeansweras.com
URL: https://kneeansweras.com/?r=dir&zoneid=1541502&var=1541501&pb=7b8130b5790921f3eef41f1919b9337d1638555778&psp=7j76XnH5wPK4RXgrLLZ2BgXGGB6wty_GD9ok8Cp_Xrh_0cmmTv4A8HWH9ne99vGCJ19LxeYi0MFyTx3wO7wcNBI3U_WzOATT8bbeNTZU_8vJBFBK2qTEQsgXE9Yz9Lw9PY5cciOUvBeJLAXZXGT_4hkzstk_4SXKsGgeBV9odN8RgLjMlREzBHizpO4_p2c0NQC0exxt4ug--9TperAcgQFAGmAP0tPwOu4oSj_N15uLc_2GEp_1KDYlWPC8lDErPg8Y4KsWpHTdv0AfxJ-4fFJyNA0W6fllu1uUTjQZzw1gfbXYXZ-GyUPysdooTqpCS7hmxf48nC_lJ-k9FwHwm7Oq14KB_43L5v6WfhoYkxxgSME4aUSrkp1lbGlsPT0wTyMlwn1V9gmR7pSRooNzKN8nBoJgjAf8dDbVSBH8_tf1kPhlbIkYiwPLnuinFwPSMTwMmuH4uz3EwWluXFveFSwrRsIzzJgb4A6UoCax8MwWYwzvypawUwmoFdteTU0Ut4A6g1kjTua9UcWQ2-EoFLPyQVuhhjTeaxcM25wdDpyFOhFBOVEHDZMd5-yL4m9vg1Ol3GIvfJUE4PN5_64s8QZH-Unn4hg04U_7UML2rxI63gKZXgt7DnoKHH54C40Vdc0sgcejz8dJRwADQwkTg_wwU01xiAVCBjsmRRQCTM3bllrrSc2HEw==&nojs=0&ix=0&t=0&x=1600&y=1200&wcks=1&wgl=1&cnvs=1&os=0&md=0&bb=0&pl=Chrome%20PDF%20Plugin::Chrome%20PDF%20Viewer::Native%20Client&lang=en-US&pf=Linux%20x86_64&cd=24&0&pload=101
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
45.133.44.3 Philadelphia, United States, ASN39572 (ADVANCEDHOSTERS-AS, NL),
Reverse DNS
Software
nginx/1.18.0 /
Resource Hash
dccc56b4834577790633f041a5c730b0f283352e63c8509a9da3961b170b6f96

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36
Accept-Language
nl-NL,nl;q=0.9

Response headers

date
Fri, 03 Dec 2021 16:22:58 GMT
content-type
text/html; charset=utf-8
content-length
6611
server
nginx/1.18.0
last-modified
Tue, 26 Oct 2021 15:52:40 GMT
etag
f46a63e0e4e733d7ddc6f46da00863bf
x-timestamp
1635263559.76455
x-trans-id
txf9973ab5455e4f86ae257-00617824f3
x-openstack-request-id
txf9973ab5455e4f86ae257-00617824f3
cache-control
max-age=172800
access-control-allow-origin
*
access-control-allow-methods
HEAD,GET,POST,PUT,PATCH,DELETE,OPTIONS
access-control-allow-headers
Content-Type,X-Requested-With,X-Auth-Token,X-Openstack-Request-Id,X-Container-Meta-type,X-Container-Meta-Temp-URL-Key,Authorization
access-control-expose-headers
X-Container-Meta-Temp-Url-Key,X-Container-Bytes-Used,Last-Modified,X-Timestamp
expires
Sun, 05 Dec 2021 16:22:58 GMT
vary
Accept-Encoding
x-proxy-cache
HIT
accept-ranges
bytes
dupa.gif
kneeansweras.com/ 		0
0
script.js
123.selornews.com/dannig/common-player-arrow/ 		4 KB
5 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://123.selornews.com/dannig/common-player-arrow/script.js?a=19
Requested by
Host: 517s61.reminews.com
URL: https://517s61.reminews.com/dannig/common-player-arrow/index.html?var=1541502&ymid=211203112295837e7621f54c92a684512854&rc=1&mrc=0&fsc=0&zoneid=1601571&tburl=https://play-vids.com/?geo=nl&proxy=true
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
45.133.44.4 Philadelphia, United States, ASN39572 (ADVANCEDHOSTERS-AS, NL),
Reverse DNS
Software
nginx/1.18.0 /
Resource Hash
4d23eca65ee87fd5bce9aaefc863c5f836ad13dbb3069c72533bddfe2054d0d9

Request headers

Accept-Language
nl-NL,nl;q=0.9
Referer
https://517s61.reminews.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date
Fri, 03 Dec 2021 16:22:58 GMT
x-openstack-request-id
tx511d3042704c4fa98c709-00617824f4
x-trans-id
tx511d3042704c4fa98c709-00617824f4
x-timestamp
1631013005.68768
accept-ranges
bytes
expires
Sun, 05 Dec 2021 16:22:58 GMT
last-modified
Tue, 07 Sep 2021 11:10:06 GMT
server
nginx/1.18.0
etag
9d479878f1dadd7ee15cebf73891e8ae
vary
Accept-Encoding
access-control-allow-methods
HEAD,GET,POST,PUT,PATCH,DELETE,OPTIONS
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
access-control-expose-headers
X-Container-Meta-Temp-Url-Key,X-Container-Bytes-Used,Last-Modified,X-Timestamp
cache-control
max-age=172800
content-length
4281
access-control-allow-headers
Content-Type,X-Requested-With,X-Auth-Token,X-Openstack-Request-Id,X-Container-Meta-type,X-Container-Meta-Temp-URL-Key,Authorization
x-proxy-cache
HIT
icon1.png
123.selornews.com/dannig/common-player-arrow/img/ 		7 KB
8 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://123.selornews.com/dannig/common-player-arrow/img/icon1.png
Requested by
Host: 517s61.reminews.com
URL: https://517s61.reminews.com/dannig/common-player-arrow/index.html?var=1541502&ymid=211203112295837e7621f54c92a684512854&rc=1&mrc=0&fsc=0&zoneid=1601571&tburl=https://play-vids.com/?geo=nl&proxy=true
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
45.133.44.4 Philadelphia, United States, ASN39572 (ADVANCEDHOSTERS-AS, NL),
Reverse DNS
Software
nginx/1.18.0 /
Resource Hash

Request headers

Accept-Language
nl-NL,nl;q=0.9
Referer
https://517s61.reminews.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date
Fri, 03 Dec 2021 16:22:58 GMT
x-openstack-request-id
tx3a371b7f911d47879e956-00617824f4
x-trans-id
tx3a371b7f911d47879e956-00617824f4
x-timestamp
1621260766.56573
accept-ranges
bytes
expires
Sun, 05 Dec 2021 16:22:58 GMT
last-modified
Mon, 17 May 2021 14:12:47 GMT
server
nginx/1.18.0
etag
3d0ab5834c8bf7134e4d21fa3288317f
vary
Accept-Encoding
access-control-allow-methods
HEAD,GET,POST,PUT,PATCH,DELETE,OPTIONS
content-type
image/png
access-control-allow-origin
*
access-control-expose-headers
X-Container-Meta-Temp-Url-Key,X-Container-Bytes-Used,Last-Modified,X-Timestamp
cache-control
max-age=172800
content-length
7252
access-control-allow-headers
Content-Type,X-Requested-With,X-Auth-Token,X-Openstack-Request-Id,X-Container-Meta-type,X-Container-Meta-Temp-URL-Key,Authorization
x-proxy-cache
HIT
icon2.png
123.selornews.com/dannig/common-player-arrow/img/ 		4 KB
5 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://123.selornews.com/dannig/common-player-arrow/img/icon2.png
Requested by
Host: 517s61.reminews.com
URL: https://517s61.reminews.com/dannig/common-player-arrow/index.html?var=1541502&ymid=211203112295837e7621f54c92a684512854&rc=1&mrc=0&fsc=0&zoneid=1601571&tburl=https://play-vids.com/?geo=nl&proxy=true
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
45.133.44.4 Philadelphia, United States, ASN39572 (ADVANCEDHOSTERS-AS, NL),
Reverse DNS
Software
nginx/1.18.0 /
Resource Hash

Request headers

Accept-Language
nl-NL,nl;q=0.9
Referer
https://517s61.reminews.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date
Fri, 03 Dec 2021 16:22:58 GMT
x-openstack-request-id
txa9b08c83d6884e2e94886-00617824f0
x-trans-id
txa9b08c83d6884e2e94886-00617824f0
x-timestamp
1621260766.58366
accept-ranges
bytes
expires
Sun, 05 Dec 2021 16:22:58 GMT
last-modified
Mon, 17 May 2021 14:12:47 GMT
server
nginx/1.18.0
etag
c947d439eb93367f1af5b2a3d222f057
vary
Accept-Encoding
access-control-allow-methods
HEAD,GET,POST,PUT,PATCH,DELETE,OPTIONS
content-type
image/png
access-control-allow-origin
*
access-control-expose-headers
X-Container-Meta-Temp-Url-Key,X-Container-Bytes-Used,Last-Modified,X-Timestamp
cache-control
max-age=172800
content-length
4576
access-control-allow-headers
Content-Type,X-Requested-With,X-Auth-Token,X-Openstack-Request-Id,X-Container-Meta-type,X-Container-Meta-Temp-URL-Key,Authorization
x-proxy-cache
HIT
icon3.png
123.selornews.com/dannig/common-player-arrow/img/ 		8 KB
8 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://123.selornews.com/dannig/common-player-arrow/img/icon3.png
Requested by
Host: 517s61.reminews.com
URL: https://517s61.reminews.com/dannig/common-player-arrow/index.html?var=1541502&ymid=211203112295837e7621f54c92a684512854&rc=1&mrc=0&fsc=0&zoneid=1601571&tburl=https://play-vids.com/?geo=nl&proxy=true
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
45.133.44.4 Philadelphia, United States, ASN39572 (ADVANCEDHOSTERS-AS, NL),
Reverse DNS
Software
nginx/1.18.0 /
Resource Hash

Request headers

Accept-Language
nl-NL,nl;q=0.9
Referer
https://517s61.reminews.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date
Fri, 03 Dec 2021 16:22:58 GMT
x-openstack-request-id
txe836bc800dc74cab8c17e-00617824f0
x-trans-id
txe836bc800dc74cab8c17e-00617824f0
x-timestamp
1621260770.61859
accept-ranges
bytes
expires
Sun, 05 Dec 2021 16:22:58 GMT
last-modified
Mon, 17 May 2021 14:12:51 GMT
server
nginx/1.18.0
etag
8f3cc830da0b1fdf66bda7d1d734747b
vary
Accept-Encoding
access-control-allow-methods
HEAD,GET,POST,PUT,PATCH,DELETE,OPTIONS
content-type
image/png
access-control-allow-origin
*
access-control-expose-headers
X-Container-Meta-Temp-Url-Key,X-Container-Bytes-Used,Last-Modified,X-Timestamp
cache-control
max-age=172800
content-length
7847
access-control-allow-headers
Content-Type,X-Requested-With,X-Auth-Token,X-Openstack-Request-Id,X-Container-Meta-type,X-Container-Meta-Temp-URL-Key,Authorization
x-proxy-cache
HIT
icon4.png
123.selornews.com/dannig/common-player-arrow/img/ 		7 KB
7 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://123.selornews.com/dannig/common-player-arrow/img/icon4.png
Requested by
Host: 517s61.reminews.com
URL: https://517s61.reminews.com/dannig/common-player-arrow/index.html?var=1541502&ymid=211203112295837e7621f54c92a684512854&rc=1&mrc=0&fsc=0&zoneid=1601571&tburl=https://play-vids.com/?geo=nl&proxy=true
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
45.133.44.4 Philadelphia, United States, ASN39572 (ADVANCEDHOSTERS-AS, NL),
Reverse DNS
Software
nginx/1.18.0 /
Resource Hash

Request headers

Accept-Language
nl-NL,nl;q=0.9
Referer
https://517s61.reminews.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date
Fri, 03 Dec 2021 16:22:58 GMT
x-openstack-request-id
tx15b172dcb6084849bf123-00617824f0
x-trans-id
tx15b172dcb6084849bf123-00617824f0
x-timestamp
1621260766.57654
accept-ranges
bytes
expires
Sun, 05 Dec 2021 16:22:58 GMT
last-modified
Mon, 17 May 2021 14:12:47 GMT
server
nginx/1.18.0
etag
7ad7f32c1c0df7b4975cc41bda4ac435
vary
Accept-Encoding
access-control-allow-methods
HEAD,GET,POST,PUT,PATCH,DELETE,OPTIONS
content-type
image/png
access-control-allow-origin
*
access-control-expose-headers
X-Container-Meta-Temp-Url-Key,X-Container-Bytes-Used,Last-Modified,X-Timestamp
cache-control
max-age=172800
content-length
7032
access-control-allow-headers
Content-Type,X-Requested-With,X-Auth-Token,X-Openstack-Request-Id,X-Container-Meta-type,X-Container-Meta-Temp-URL-Key,Authorization
x-proxy-cache
HIT
icon5.png
123.selornews.com/dannig/common-player-arrow/img/ 		3 KB
4 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://123.selornews.com/dannig/common-player-arrow/img/icon5.png
Requested by
Host: 517s61.reminews.com
URL: https://517s61.reminews.com/dannig/common-player-arrow/index.html?var=1541502&ymid=211203112295837e7621f54c92a684512854&rc=1&mrc=0&fsc=0&zoneid=1601571&tburl=https://play-vids.com/?geo=nl&proxy=true
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
45.133.44.4 Philadelphia, United States, ASN39572 (ADVANCEDHOSTERS-AS, NL),
Reverse DNS
Software
nginx/1.18.0 /
Resource Hash

Request headers

Accept-Language
nl-NL,nl;q=0.9
Referer
https://517s61.reminews.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date
Fri, 03 Dec 2021 16:22:58 GMT
x-openstack-request-id
txb5043e51fe2e4d6988631-00617824f0
x-trans-id
txb5043e51fe2e4d6988631-00617824f0
x-timestamp
1621260766.74516
accept-ranges
bytes
expires
Sun, 05 Dec 2021 16:22:58 GMT
last-modified
Mon, 17 May 2021 14:12:47 GMT
server
nginx/1.18.0
etag
1e1a7582b5da63e10485d63f97abc9a0
vary
Accept-Encoding
access-control-allow-methods
HEAD,GET,POST,PUT,PATCH,DELETE,OPTIONS
content-type
image/png
access-control-allow-origin
*
access-control-expose-headers
X-Container-Meta-Temp-Url-Key,X-Container-Bytes-Used,Last-Modified,X-Timestamp
cache-control
max-age=172800
content-length
3264
access-control-allow-headers
Content-Type,X-Requested-With,X-Auth-Token,X-Openstack-Request-Id,X-Container-Meta-type,X-Container-Meta-Temp-URL-Key,Authorization
x-proxy-cache
HIT
icon7.png
123.selornews.com/dannig/common-player-arrow/img/ 		3 KB
4 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://123.selornews.com/dannig/common-player-arrow/img/icon7.png
Requested by
Host: 517s61.reminews.com
URL: https://517s61.reminews.com/dannig/common-player-arrow/index.html?var=1541502&ymid=211203112295837e7621f54c92a684512854&rc=1&mrc=0&fsc=0&zoneid=1601571&tburl=https://play-vids.com/?geo=nl&proxy=true
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
45.133.44.4 Philadelphia, United States, ASN39572 (ADVANCEDHOSTERS-AS, NL),
Reverse DNS
Software
nginx/1.18.0 /
Resource Hash

Request headers

Accept-Language
nl-NL,nl;q=0.9
Referer
https://517s61.reminews.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date
Fri, 03 Dec 2021 16:22:58 GMT
x-openstack-request-id
tx23eb648f44094a9e86fdc-00617824f0
x-trans-id
tx23eb648f44094a9e86fdc-00617824f0
x-timestamp
1621260767.43555
accept-ranges
bytes
expires
Sun, 05 Dec 2021 16:22:58 GMT
last-modified
Mon, 17 May 2021 14:12:48 GMT
server
nginx/1.18.0
etag
b512735542cb07b3b2dcf153a7dfe456
vary
Accept-Encoding
access-control-allow-methods
HEAD,GET,POST,PUT,PATCH,DELETE,OPTIONS
content-type
image/png
access-control-allow-origin
*
access-control-expose-headers
X-Container-Meta-Temp-Url-Key,X-Container-Bytes-Used,Last-Modified,X-Timestamp
cache-control
max-age=172800
content-length
3283
access-control-allow-headers
Content-Type,X-Requested-With,X-Auth-Token,X-Openstack-Request-Id,X-Container-Meta-type,X-Container-Meta-Temp-URL-Key,Authorization
x-proxy-cache
HIT
icon8.png
123.selornews.com/dannig/common-player-arrow/img/ 		4 KB
5 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://123.selornews.com/dannig/common-player-arrow/img/icon8.png
Requested by
Host: 517s61.reminews.com
URL: https://517s61.reminews.com/dannig/common-player-arrow/index.html?var=1541502&ymid=211203112295837e7621f54c92a684512854&rc=1&mrc=0&fsc=0&zoneid=1601571&tburl=https://play-vids.com/?geo=nl&proxy=true
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
45.133.44.4 Philadelphia, United States, ASN39572 (ADVANCEDHOSTERS-AS, NL),
Reverse DNS
Software
nginx/1.18.0 /
Resource Hash

Request headers

Accept-Language
nl-NL,nl;q=0.9
Referer
https://517s61.reminews.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date
Fri, 03 Dec 2021 16:22:58 GMT
x-openstack-request-id
tx287de7c84de84b77b385d-00617824f0
x-trans-id
tx287de7c84de84b77b385d-00617824f0
x-timestamp
1621260767.46514
accept-ranges
bytes
expires
Sun, 05 Dec 2021 16:22:58 GMT
last-modified
Mon, 17 May 2021 14:12:48 GMT
server
nginx/1.18.0
etag
f92d6474ebc6a3a0b576749cfb4afe98
vary
Accept-Encoding
access-control-allow-methods
HEAD,GET,POST,PUT,PATCH,DELETE,OPTIONS
content-type
image/png
access-control-allow-origin
*
access-control-expose-headers
X-Container-Meta-Temp-Url-Key,X-Container-Bytes-Used,Last-Modified,X-Timestamp
cache-control
max-age=172800
content-length
4064
access-control-allow-headers
Content-Type,X-Requested-With,X-Auth-Token,X-Openstack-Request-Id,X-Container-Meta-type,X-Container-Meta-Temp-URL-Key,Authorization
x-proxy-cache
HIT
afu.php
kneeansweras.com/ 		2 KB
1 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://kneeansweras.com/afu.php?zoneid=1541501&var=1541502
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
109.206.162.83 , Netherlands, ASN50245 (SERVEREL-AS, NL),
Reverse DNS
83.162.serverel.net
Software
nginx /
Resource Hash
cc888b463063712310518e2c971ce4ae2bf4181b77776f74b4a6bbfedac48e05

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36
Accept-Language
nl-NL,nl;q=0.9

Response headers

server
nginx
date
Fri, 03 Dec 2021 16:22:58 GMT
content-type
text/html; charset=utf-8
vary
Accept-Encoding
content-encoding
gzip
timing-allow-origin
*
submit.min.js
kneeansweras.com/ 		34 KB
14 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://kneeansweras.com/submit.min.js?2.0
Requested by
Host: kneeansweras.com
URL: https://kneeansweras.com/afu.php?zoneid=1541501&var=1541502
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
109.206.162.83 , Netherlands, ASN50245 (SERVEREL-AS, NL),
Reverse DNS
83.162.serverel.net
Software
nginx /
Resource Hash
85a367f436675a0f9ff723ab117c68ab0f704cd9f183bc40c8d5e06d647832b8

Request headers

Accept-Language
nl-NL,nl;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date
Fri, 03 Dec 2021 16:22:59 GMT
content-encoding
gzip
last-modified
Thu, 02 Dec 2021 12:43:17 GMT
server
nginx
etag
W/"61a8bf65-87fb"
vary
Accept-Encoding
content-type
application/javascript
timing-allow-origin
*
/
kneeansweras.com/ 		3 KB
2 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://kneeansweras.com/?r=dir&zoneid=1541501&var=1541502&pb=7b8130b5790921f3eef41f1919b9337d1638555778&psp=8n6AXk8wPG08Bd43GUxdHdwLo7BdrS60yX6ZtFDvgfchUMv-K9X-CBJZzlf1P-3lBP9WN6EB55zCuvmuoHf80-iv0YUXdSEN9xhdIfV-nlU6jtjCFfeGil2ZumOXTMw6OPr8_x_LIAPDsKclsXJswnSqh3o-mcvbSUmQsLy4w7xJ28hT2lWOyRfpqDruoH9t7k2yWwpmJiFyPsCM8lcbb5v9kPY47Q2Oi1oFGjJqCufIt5U-0Z0Ly0MXPY7qNlaxRwSBqRiG1ZSXkuw8Xqne5biVXZgSzlQxkD2i5thHg9XmaumIjNdEH0cTUdV0EqnzKS8ZRoLqLiX6HLxIYrgmkbscu6TYc2ON-wpz7ivBAUVP8WWf2KAaH8M8kcLC0S0sIJPLh6H5OguUElvW9FdOgCMzNlU0N0q68P_QDCB6AdLgm9eEOufvlV0T8JS2Q0ihsnkYLhF-K0ZSCoZ9nu-IywT4p9u0qYGPuYgYTSycZ869b2pwh0cD4wBDzb2_zUHqFbPNjypl4wUgmDtYskd2wppUFUV5tBs9kabYq3Rut72UIrtqnArF10ETA4wisUrCxjnr0Hh22cHgzlhP_lAnv2rHkb2EQLfxJLrhqidTa1Q0QiTuV3kgF8HrK6fCuEAt_HlpF7WA3yGskGJ0fshjyHbUYvzFd4o074CboXjcgRmZrH5QjvpPjA==&nojs=0&ix=0&t=0&x=1600&y=1200&wcks=1&wgl=1&cnvs=1&os=0&md=0&bb=0&pl=Chrome%20PDF%20Plugin::Chrome%20PDF%20Viewer::Native%20Client&lang=en-US&pf=Linux%20x86_64&cd=24&0&pload=99
Requested by
Host: kneeansweras.com
URL: https://kneeansweras.com/submit.min.js?2.0
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
109.206.162.83 , Netherlands, ASN50245 (SERVEREL-AS, NL),
Reverse DNS
83.162.serverel.net
Software
nginx /
Resource Hash
a896aa974a3d80e36bc8b633903a612dfceeae3b62702d5d374e471994222a36

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36
Accept-Language
nl-NL,nl;q=0.9

Response headers

server
nginx
date
Fri, 03 Dec 2021 16:22:59 GMT
content-type
text/html; charset=utf-8
vary
Accept-Encoding
content-encoding
gzip
timing-allow-origin
*
index.html
517s61.reminews.com/dannig/common-player-arrow/ 		6 KB
7 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://517s61.reminews.com/dannig/common-player-arrow/index.html?var=1541501&ymid=2112031122d388307dbbab4bbf8848896d54&rc=1&mrc=0&fsc=0&zoneid=1601571&tburl=https://play-vids.com/?geo=nl&proxy=true
Requested by
Host: kneeansweras.com
URL: https://kneeansweras.com/?r=dir&zoneid=1541501&var=1541502&pb=7b8130b5790921f3eef41f1919b9337d1638555778&psp=8n6AXk8wPG08Bd43GUxdHdwLo7BdrS60yX6ZtFDvgfchUMv-K9X-CBJZzlf1P-3lBP9WN6EB55zCuvmuoHf80-iv0YUXdSEN9xhdIfV-nlU6jtjCFfeGil2ZumOXTMw6OPr8_x_LIAPDsKclsXJswnSqh3o-mcvbSUmQsLy4w7xJ28hT2lWOyRfpqDruoH9t7k2yWwpmJiFyPsCM8lcbb5v9kPY47Q2Oi1oFGjJqCufIt5U-0Z0Ly0MXPY7qNlaxRwSBqRiG1ZSXkuw8Xqne5biVXZgSzlQxkD2i5thHg9XmaumIjNdEH0cTUdV0EqnzKS8ZRoLqLiX6HLxIYrgmkbscu6TYc2ON-wpz7ivBAUVP8WWf2KAaH8M8kcLC0S0sIJPLh6H5OguUElvW9FdOgCMzNlU0N0q68P_QDCB6AdLgm9eEOufvlV0T8JS2Q0ihsnkYLhF-K0ZSCoZ9nu-IywT4p9u0qYGPuYgYTSycZ869b2pwh0cD4wBDzb2_zUHqFbPNjypl4wUgmDtYskd2wppUFUV5tBs9kabYq3Rut72UIrtqnArF10ETA4wisUrCxjnr0Hh22cHgzlhP_lAnv2rHkb2EQLfxJLrhqidTa1Q0QiTuV3kgF8HrK6fCuEAt_HlpF7WA3yGskGJ0fshjyHbUYvzFd4o074CboXjcgRmZrH5QjvpPjA==&nojs=0&ix=0&t=0&x=1600&y=1200&wcks=1&wgl=1&cnvs=1&os=0&md=0&bb=0&pl=Chrome%20PDF%20Plugin::Chrome%20PDF%20Viewer::Native%20Client&lang=en-US&pf=Linux%20x86_64&cd=24&0&pload=99
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
45.133.44.3 Philadelphia, United States, ASN39572 (ADVANCEDHOSTERS-AS, NL),
Reverse DNS
Software
nginx/1.18.0 /
Resource Hash
dccc56b4834577790633f041a5c730b0f283352e63c8509a9da3961b170b6f96

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36
Accept-Language
nl-NL,nl;q=0.9

Response headers

date
Fri, 03 Dec 2021 16:22:59 GMT
content-type
text/html; charset=utf-8
content-length
6611
server
nginx/1.18.0
last-modified
Tue, 26 Oct 2021 15:52:40 GMT
etag
f46a63e0e4e733d7ddc6f46da00863bf
x-timestamp
1635263559.76455
x-trans-id
txf9973ab5455e4f86ae257-00617824f3
x-openstack-request-id
txf9973ab5455e4f86ae257-00617824f3
cache-control
max-age=172800
access-control-allow-origin
*
access-control-allow-methods
HEAD,GET,POST,PUT,PATCH,DELETE,OPTIONS
access-control-allow-headers
Content-Type,X-Requested-With,X-Auth-Token,X-Openstack-Request-Id,X-Container-Meta-type,X-Container-Meta-Temp-URL-Key,Authorization
access-control-expose-headers
X-Container-Meta-Temp-Url-Key,X-Container-Bytes-Used,Last-Modified,X-Timestamp
expires
Sun, 05 Dec 2021 16:22:59 GMT
vary
Accept-Encoding
x-proxy-cache
HIT
accept-ranges
bytes
dupa.gif
kneeansweras.com/ 		0
0
script.js
123.selornews.com/dannig/common-player-arrow/ 		4 KB
5 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://123.selornews.com/dannig/common-player-arrow/script.js?a=19
Requested by
Host: 517s61.reminews.com
URL: https://517s61.reminews.com/dannig/common-player-arrow/index.html?var=1541501&ymid=2112031122d388307dbbab4bbf8848896d54&rc=1&mrc=0&fsc=0&zoneid=1601571&tburl=https://play-vids.com/?geo=nl&proxy=true
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
45.133.44.4 Philadelphia, United States, ASN39572 (ADVANCEDHOSTERS-AS, NL),
Reverse DNS
Software
nginx/1.18.0 /
Resource Hash
4d23eca65ee87fd5bce9aaefc863c5f836ad13dbb3069c72533bddfe2054d0d9

Request headers

Accept-Language
nl-NL,nl;q=0.9
Referer
https://517s61.reminews.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date
Fri, 03 Dec 2021 16:22:59 GMT
x-openstack-request-id
tx511d3042704c4fa98c709-00617824f4
x-trans-id
tx511d3042704c4fa98c709-00617824f4
x-timestamp
1631013005.68768
accept-ranges
bytes
expires
Sun, 05 Dec 2021 16:22:59 GMT
last-modified
Tue, 07 Sep 2021 11:10:06 GMT
server
nginx/1.18.0
etag
9d479878f1dadd7ee15cebf73891e8ae
vary
Accept-Encoding
access-control-allow-methods
HEAD,GET,POST,PUT,PATCH,DELETE,OPTIONS
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
access-control-expose-headers
X-Container-Meta-Temp-Url-Key,X-Container-Bytes-Used,Last-Modified,X-Timestamp
cache-control
max-age=172800
content-length
4281
access-control-allow-headers
Content-Type,X-Requested-With,X-Auth-Token,X-Openstack-Request-Id,X-Container-Meta-type,X-Container-Meta-Temp-URL-Key,Authorization
x-proxy-cache
HIT
icon1.png
123.selornews.com/dannig/common-player-arrow/img/ 		7 KB
8 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://123.selornews.com/dannig/common-player-arrow/img/icon1.png
Requested by
Host: 517s61.reminews.com
URL: https://517s61.reminews.com/dannig/common-player-arrow/index.html?var=1541501&ymid=2112031122d388307dbbab4bbf8848896d54&rc=1&mrc=0&fsc=0&zoneid=1601571&tburl=https://play-vids.com/?geo=nl&proxy=true
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
45.133.44.4 Philadelphia, United States, ASN39572 (ADVANCEDHOSTERS-AS, NL),
Reverse DNS
Software
nginx/1.18.0 /
Resource Hash

Request headers

Accept-Language
nl-NL,nl;q=0.9
Referer
https://517s61.reminews.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date
Fri, 03 Dec 2021 16:22:59 GMT
x-openstack-request-id
tx3a371b7f911d47879e956-00617824f4
x-trans-id
tx3a371b7f911d47879e956-00617824f4
x-timestamp
1621260766.56573
accept-ranges
bytes
expires
Sun, 05 Dec 2021 16:22:59 GMT
last-modified
Mon, 17 May 2021 14:12:47 GMT
server
nginx/1.18.0
etag
3d0ab5834c8bf7134e4d21fa3288317f
vary
Accept-Encoding
access-control-allow-methods
HEAD,GET,POST,PUT,PATCH,DELETE,OPTIONS
content-type
image/png
access-control-allow-origin
*
access-control-expose-headers
X-Container-Meta-Temp-Url-Key,X-Container-Bytes-Used,Last-Modified,X-Timestamp
cache-control
max-age=172800
content-length
7252
access-control-allow-headers
Content-Type,X-Requested-With,X-Auth-Token,X-Openstack-Request-Id,X-Container-Meta-type,X-Container-Meta-Temp-URL-Key,Authorization
x-proxy-cache
HIT
icon2.png
123.selornews.com/dannig/common-player-arrow/img/ 		4 KB
5 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://123.selornews.com/dannig/common-player-arrow/img/icon2.png
Requested by
Host: 517s61.reminews.com
URL: https://517s61.reminews.com/dannig/common-player-arrow/index.html?var=1541501&ymid=2112031122d388307dbbab4bbf8848896d54&rc=1&mrc=0&fsc=0&zoneid=1601571&tburl=https://play-vids.com/?geo=nl&proxy=true
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
45.133.44.4 Philadelphia, United States, ASN39572 (ADVANCEDHOSTERS-AS, NL),
Reverse DNS
Software
nginx/1.18.0 /
Resource Hash

Request headers

Accept-Language
nl-NL,nl;q=0.9
Referer
https://517s61.reminews.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date
Fri, 03 Dec 2021 16:22:59 GMT
x-openstack-request-id
txa9b08c83d6884e2e94886-00617824f0
x-trans-id
txa9b08c83d6884e2e94886-00617824f0
x-timestamp
1621260766.58366
accept-ranges
bytes
expires
Sun, 05 Dec 2021 16:22:59 GMT
last-modified
Mon, 17 May 2021 14:12:47 GMT
server
nginx/1.18.0
etag
c947d439eb93367f1af5b2a3d222f057
vary
Accept-Encoding
access-control-allow-methods
HEAD,GET,POST,PUT,PATCH,DELETE,OPTIONS
content-type
image/png
access-control-allow-origin
*
access-control-expose-headers
X-Container-Meta-Temp-Url-Key,X-Container-Bytes-Used,Last-Modified,X-Timestamp
cache-control
max-age=172800
content-length
4576
access-control-allow-headers
Content-Type,X-Requested-With,X-Auth-Token,X-Openstack-Request-Id,X-Container-Meta-type,X-Container-Meta-Temp-URL-Key,Authorization
x-proxy-cache
HIT
icon3.png
123.selornews.com/dannig/common-player-arrow/img/ 		8 KB
8 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://123.selornews.com/dannig/common-player-arrow/img/icon3.png
Requested by
Host: 517s61.reminews.com
URL: https://517s61.reminews.com/dannig/common-player-arrow/index.html?var=1541501&ymid=2112031122d388307dbbab4bbf8848896d54&rc=1&mrc=0&fsc=0&zoneid=1601571&tburl=https://play-vids.com/?geo=nl&proxy=true
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
45.133.44.4 Philadelphia, United States, ASN39572 (ADVANCEDHOSTERS-AS, NL),
Reverse DNS
Software
nginx/1.18.0 /
Resource Hash

Request headers

Accept-Language
nl-NL,nl;q=0.9
Referer
https://517s61.reminews.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date
Fri, 03 Dec 2021 16:22:59 GMT
x-openstack-request-id
txe836bc800dc74cab8c17e-00617824f0
x-trans-id
txe836bc800dc74cab8c17e-00617824f0
x-timestamp
1621260770.61859
accept-ranges
bytes
expires
Sun, 05 Dec 2021 16:22:59 GMT
last-modified
Mon, 17 May 2021 14:12:51 GMT
server
nginx/1.18.0
etag
8f3cc830da0b1fdf66bda7d1d734747b
vary
Accept-Encoding
access-control-allow-methods
HEAD,GET,POST,PUT,PATCH,DELETE,OPTIONS
content-type
image/png
access-control-allow-origin
*
access-control-expose-headers
X-Container-Meta-Temp-Url-Key,X-Container-Bytes-Used,Last-Modified,X-Timestamp
cache-control
max-age=172800
content-length
7847
access-control-allow-headers
Content-Type,X-Requested-With,X-Auth-Token,X-Openstack-Request-Id,X-Container-Meta-type,X-Container-Meta-Temp-URL-Key,Authorization
x-proxy-cache
HIT
icon4.png
123.selornews.com/dannig/common-player-arrow/img/ 		7 KB
7 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://123.selornews.com/dannig/common-player-arrow/img/icon4.png
Requested by
Host: 517s61.reminews.com
URL: https://517s61.reminews.com/dannig/common-player-arrow/index.html?var=1541501&ymid=2112031122d388307dbbab4bbf8848896d54&rc=1&mrc=0&fsc=0&zoneid=1601571&tburl=https://play-vids.com/?geo=nl&proxy=true
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
45.133.44.4 Philadelphia, United States, ASN39572 (ADVANCEDHOSTERS-AS, NL),
Reverse DNS
Software
nginx/1.18.0 /
Resource Hash

Request headers

Accept-Language
nl-NL,nl;q=0.9
Referer
https://517s61.reminews.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date
Fri, 03 Dec 2021 16:22:59 GMT
x-openstack-request-id
tx15b172dcb6084849bf123-00617824f0
x-trans-id
tx15b172dcb6084849bf123-00617824f0
x-timestamp
1621260766.57654
accept-ranges
bytes
expires
Sun, 05 Dec 2021 16:22:59 GMT
last-modified
Mon, 17 May 2021 14:12:47 GMT
server
nginx/1.18.0
etag
7ad7f32c1c0df7b4975cc41bda4ac435
vary
Accept-Encoding
access-control-allow-methods
HEAD,GET,POST,PUT,PATCH,DELETE,OPTIONS
content-type
image/png
access-control-allow-origin
*
access-control-expose-headers
X-Container-Meta-Temp-Url-Key,X-Container-Bytes-Used,Last-Modified,X-Timestamp
cache-control
max-age=172800
content-length
7032
access-control-allow-headers
Content-Type,X-Requested-With,X-Auth-Token,X-Openstack-Request-Id,X-Container-Meta-type,X-Container-Meta-Temp-URL-Key,Authorization
x-proxy-cache
HIT
icon5.png
123.selornews.com/dannig/common-player-arrow/img/ 		3 KB
4 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://123.selornews.com/dannig/common-player-arrow/img/icon5.png
Requested by
Host: 517s61.reminews.com
URL: https://517s61.reminews.com/dannig/common-player-arrow/index.html?var=1541501&ymid=2112031122d388307dbbab4bbf8848896d54&rc=1&mrc=0&fsc=0&zoneid=1601571&tburl=https://play-vids.com/?geo=nl&proxy=true
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
45.133.44.4 Philadelphia, United States, ASN39572 (ADVANCEDHOSTERS-AS, NL),
Reverse DNS
Software
nginx/1.18.0 /
Resource Hash

Request headers

Accept-Language
nl-NL,nl;q=0.9
Referer
https://517s61.reminews.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date
Fri, 03 Dec 2021 16:22:59 GMT
x-openstack-request-id
txb5043e51fe2e4d6988631-00617824f0
x-trans-id
txb5043e51fe2e4d6988631-00617824f0
x-timestamp
1621260766.74516
accept-ranges
bytes
expires
Sun, 05 Dec 2021 16:22:59 GMT
last-modified
Mon, 17 May 2021 14:12:47 GMT
server
nginx/1.18.0
etag
1e1a7582b5da63e10485d63f97abc9a0
vary
Accept-Encoding
access-control-allow-methods
HEAD,GET,POST,PUT,PATCH,DELETE,OPTIONS
content-type
image/png
access-control-allow-origin
*
access-control-expose-headers
X-Container-Meta-Temp-Url-Key,X-Container-Bytes-Used,Last-Modified,X-Timestamp
cache-control
max-age=172800
content-length
3264
access-control-allow-headers
Content-Type,X-Requested-With,X-Auth-Token,X-Openstack-Request-Id,X-Container-Meta-type,X-Container-Meta-Temp-URL-Key,Authorization
x-proxy-cache
HIT
icon7.png
123.selornews.com/dannig/common-player-arrow/img/ 		3 KB
4 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://123.selornews.com/dannig/common-player-arrow/img/icon7.png
Requested by
Host: 517s61.reminews.com
URL: https://517s61.reminews.com/dannig/common-player-arrow/index.html?var=1541501&ymid=2112031122d388307dbbab4bbf8848896d54&rc=1&mrc=0&fsc=0&zoneid=1601571&tburl=https://play-vids.com/?geo=nl&proxy=true
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
45.133.44.4 Philadelphia, United States, ASN39572 (ADVANCEDHOSTERS-AS, NL),
Reverse DNS
Software
nginx/1.18.0 /
Resource Hash

Request headers

Accept-Language
nl-NL,nl;q=0.9
Referer
https://517s61.reminews.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date
Fri, 03 Dec 2021 16:22:59 GMT
x-openstack-request-id
tx23eb648f44094a9e86fdc-00617824f0
x-trans-id
tx23eb648f44094a9e86fdc-00617824f0
x-timestamp
1621260767.43555
accept-ranges
bytes
expires
Sun, 05 Dec 2021 16:22:59 GMT
last-modified
Mon, 17 May 2021 14:12:48 GMT
server
nginx/1.18.0
etag
b512735542cb07b3b2dcf153a7dfe456
vary
Accept-Encoding
access-control-allow-methods
HEAD,GET,POST,PUT,PATCH,DELETE,OPTIONS
content-type
image/png
access-control-allow-origin
*
access-control-expose-headers
X-Container-Meta-Temp-Url-Key,X-Container-Bytes-Used,Last-Modified,X-Timestamp
cache-control
max-age=172800
content-length
3283
access-control-allow-headers
Content-Type,X-Requested-With,X-Auth-Token,X-Openstack-Request-Id,X-Container-Meta-type,X-Container-Meta-Temp-URL-Key,Authorization
x-proxy-cache
HIT
icon8.png
123.selornews.com/dannig/common-player-arrow/img/ 		4 KB
5 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://123.selornews.com/dannig/common-player-arrow/img/icon8.png
Requested by
Host: 517s61.reminews.com
URL: https://517s61.reminews.com/dannig/common-player-arrow/index.html?var=1541501&ymid=2112031122d388307dbbab4bbf8848896d54&rc=1&mrc=0&fsc=0&zoneid=1601571&tburl=https://play-vids.com/?geo=nl&proxy=true
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
45.133.44.4 Philadelphia, United States, ASN39572 (ADVANCEDHOSTERS-AS, NL),
Reverse DNS
Software
nginx/1.18.0 /
Resource Hash

Request headers

Accept-Language
nl-NL,nl;q=0.9
Referer
https://517s61.reminews.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date
Fri, 03 Dec 2021 16:22:59 GMT
x-openstack-request-id
tx287de7c84de84b77b385d-00617824f0
x-trans-id
tx287de7c84de84b77b385d-00617824f0
x-timestamp
1621260767.46514
accept-ranges
bytes
expires
Sun, 05 Dec 2021 16:22:59 GMT
last-modified
Mon, 17 May 2021 14:12:48 GMT
server
nginx/1.18.0
etag
f92d6474ebc6a3a0b576749cfb4afe98
vary
Accept-Encoding
access-control-allow-methods
HEAD,GET,POST,PUT,PATCH,DELETE,OPTIONS
content-type
image/png
access-control-allow-origin
*
access-control-expose-headers
X-Container-Meta-Temp-Url-Key,X-Container-Bytes-Used,Last-Modified,X-Timestamp
cache-control
max-age=172800
content-length
4064
access-control-allow-headers
Content-Type,X-Requested-With,X-Auth-Token,X-Openstack-Request-Id,X-Container-Meta-type,X-Container-Meta-Temp-URL-Key,Authorization
x-proxy-cache
HIT
afu.php
kneeansweras.com/ 		2 KB
1 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://kneeansweras.com/afu.php?zoneid=1541502&var=1541501
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
109.206.162.83 , Netherlands, ASN50245 (SERVEREL-AS, NL),
Reverse DNS
83.162.serverel.net
Software
nginx /
Resource Hash
5f1f5efdecee16e98f14c9b3710dbe3471586577f33e8539b0425103117e0cfd

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36
Accept-Language
nl-NL,nl;q=0.9

Response headers

server
nginx
date
Fri, 03 Dec 2021 16:22:59 GMT
content-type
text/html; charset=utf-8
vary
Accept-Encoding
content-encoding
gzip
timing-allow-origin
*
submit.min.js
kneeansweras.com/ 		34 KB
14 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://kneeansweras.com/submit.min.js?2.0
Requested by
Host: kneeansweras.com
URL: https://kneeansweras.com/afu.php?zoneid=1541502&var=1541501
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
109.206.162.83 , Netherlands, ASN50245 (SERVEREL-AS, NL),
Reverse DNS
83.162.serverel.net
Software
nginx /
Resource Hash
85a367f436675a0f9ff723ab117c68ab0f704cd9f183bc40c8d5e06d647832b8

Request headers

Accept-Language
nl-NL,nl;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date
Fri, 03 Dec 2021 16:22:59 GMT
content-encoding
gzip
last-modified
Thu, 02 Dec 2021 12:43:17 GMT
server
nginx
etag
W/"61a8bf65-87fb"
vary
Accept-Encoding
content-type
application/javascript
timing-allow-origin
*
/
kneeansweras.com/ 		3 KB
2 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://kneeansweras.com/?r=dir&zoneid=1541502&var=1541501&pb=6483f6f3e4eefa151d81634c3582306d1638555779&psp=ZOQ2ppid9Zu-vgcjDVfWWBJAwSRKAQC_BV92tmORF1BKG4MyJfIeZshbndRMGCLyp3fGgIlTe6nlTiDbwwA3WOrIiunDmsSn5e5jRMILOsKFStQ6wMCQtFti489jhjLnGRgutY2Lg6LJabfjnBg_Xe66CiylniXVwrQCQdKXCJu3WGfjJGnWKgMmFzlz7bd57O1_42fRD8tFX0Rb3r3jjVkXyK7ggrxnXenzqhT_gvJ1qg001vRnLVnj2Bzuvu2-aUdV5DLo7NVDJckVpCZl2Ip9OpjpsevOheMY9SCLisWjFi3DFmtMApQd1xCo7x_C-mUiEtC7cIfiy6ktCirZFkRD_2eB3-tYvYnvcAfcKD0-al-BZ48zCIzIqxsmYgOt64Nkkffe0toXAeJfVN5dQ1oc9-KCjaMAlp8_r37vkQf2CKEYKzG0ArJspDvZViSjtx9s2J_ZilXu3ZCKRhlwMX277y6KLMoDmtVsUbcV5IjjatHjnu6aeoQCwzYvQ2AlJyVIM_k7qUOLdEsMvvflhjdhVFfDLCQa3AljeAq42oQI8TIF9TCiBLUCovK8SG-Vnz2sCPPtef3zcwExTQBGCFE8X7k_fDneAHl1PZSVlXfD3XSps8tsK3AzxJJ-Pqz0bZ14FK38xLpnUrmtB9BTfWaISd83f8FmiP80LGCH5RfSBDWu4c3kJQ==&nojs=0&ix=0&t=0&x=1600&y=1200&wcks=1&wgl=1&cnvs=1&os=0&md=0&bb=0&pl=Chrome%20PDF%20Plugin::Chrome%20PDF%20Viewer::Native%20Client&lang=en-US&pf=Linux%20x86_64&cd=24&0&pload=99
Requested by
Host: kneeansweras.com
URL: https://kneeansweras.com/submit.min.js?2.0
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
109.206.162.83 , Netherlands, ASN50245 (SERVEREL-AS, NL),
Reverse DNS
83.162.serverel.net
Software
nginx /
Resource Hash
cea21ce8d72923ab8bc796069ddbdd0b7e01573cbbd5c273af38aa950cbbe2ed

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36
Accept-Language
nl-NL,nl;q=0.9

Response headers

server
nginx
date
Fri, 03 Dec 2021 16:22:59 GMT
content-type
text/html; charset=utf-8
vary
Accept-Encoding
content-encoding
gzip
timing-allow-origin
*
index.html
517s61.reminews.com/dannig/common-player-arrow/ 		6 KB
7 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://517s61.reminews.com/dannig/common-player-arrow/index.html?var=1541502&ymid=211203112244ef2ebad1ae43e9879cf44a2f&rc=1&mrc=0&fsc=0&zoneid=1601571&tburl=https://play-vids.com/?geo=nl&proxy=true
Requested by
Host: kneeansweras.com
URL: https://kneeansweras.com/?r=dir&zoneid=1541502&var=1541501&pb=6483f6f3e4eefa151d81634c3582306d1638555779&psp=ZOQ2ppid9Zu-vgcjDVfWWBJAwSRKAQC_BV92tmORF1BKG4MyJfIeZshbndRMGCLyp3fGgIlTe6nlTiDbwwA3WOrIiunDmsSn5e5jRMILOsKFStQ6wMCQtFti489jhjLnGRgutY2Lg6LJabfjnBg_Xe66CiylniXVwrQCQdKXCJu3WGfjJGnWKgMmFzlz7bd57O1_42fRD8tFX0Rb3r3jjVkXyK7ggrxnXenzqhT_gvJ1qg001vRnLVnj2Bzuvu2-aUdV5DLo7NVDJckVpCZl2Ip9OpjpsevOheMY9SCLisWjFi3DFmtMApQd1xCo7x_C-mUiEtC7cIfiy6ktCirZFkRD_2eB3-tYvYnvcAfcKD0-al-BZ48zCIzIqxsmYgOt64Nkkffe0toXAeJfVN5dQ1oc9-KCjaMAlp8_r37vkQf2CKEYKzG0ArJspDvZViSjtx9s2J_ZilXu3ZCKRhlwMX277y6KLMoDmtVsUbcV5IjjatHjnu6aeoQCwzYvQ2AlJyVIM_k7qUOLdEsMvvflhjdhVFfDLCQa3AljeAq42oQI8TIF9TCiBLUCovK8SG-Vnz2sCPPtef3zcwExTQBGCFE8X7k_fDneAHl1PZSVlXfD3XSps8tsK3AzxJJ-Pqz0bZ14FK38xLpnUrmtB9BTfWaISd83f8FmiP80LGCH5RfSBDWu4c3kJQ==&nojs=0&ix=0&t=0&x=1600&y=1200&wcks=1&wgl=1&cnvs=1&os=0&md=0&bb=0&pl=Chrome%20PDF%20Plugin::Chrome%20PDF%20Viewer::Native%20Client&lang=en-US&pf=Linux%20x86_64&cd=24&0&pload=99
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
45.133.44.3 Philadelphia, United States, ASN39572 (ADVANCEDHOSTERS-AS, NL),
Reverse DNS
Software
nginx/1.18.0 /
Resource Hash
dccc56b4834577790633f041a5c730b0f283352e63c8509a9da3961b170b6f96

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36
Accept-Language
nl-NL,nl;q=0.9

Response headers

date
Fri, 03 Dec 2021 16:22:59 GMT
content-type
text/html; charset=utf-8
content-length
6611
server
nginx/1.18.0
last-modified
Tue, 26 Oct 2021 15:52:40 GMT
etag
f46a63e0e4e733d7ddc6f46da00863bf
x-timestamp
1635263559.76455
x-trans-id
txf9973ab5455e4f86ae257-00617824f3
x-openstack-request-id
txf9973ab5455e4f86ae257-00617824f3
cache-control
max-age=172800
access-control-allow-origin
*
access-control-allow-methods
HEAD,GET,POST,PUT,PATCH,DELETE,OPTIONS
access-control-allow-headers
Content-Type,X-Requested-With,X-Auth-Token,X-Openstack-Request-Id,X-Container-Meta-type,X-Container-Meta-Temp-URL-Key,Authorization
access-control-expose-headers
X-Container-Meta-Temp-Url-Key,X-Container-Bytes-Used,Last-Modified,X-Timestamp
expires
Sun, 05 Dec 2021 16:22:59 GMT
vary
Accept-Encoding
x-proxy-cache
HIT
accept-ranges
bytes
dupa.gif
kneeansweras.com/ 		0
0
script.js
123.selornews.com/dannig/common-player-arrow/ 		4 KB
5 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://123.selornews.com/dannig/common-player-arrow/script.js?a=19
Requested by
Host: 517s61.reminews.com
URL: https://517s61.reminews.com/dannig/common-player-arrow/index.html?var=1541502&ymid=211203112244ef2ebad1ae43e9879cf44a2f&rc=1&mrc=0&fsc=0&zoneid=1601571&tburl=https://play-vids.com/?geo=nl&proxy=true
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
45.133.44.4 Philadelphia, United States, ASN39572 (ADVANCEDHOSTERS-AS, NL),
Reverse DNS
Software
nginx/1.18.0 /
Resource Hash
4d23eca65ee87fd5bce9aaefc863c5f836ad13dbb3069c72533bddfe2054d0d9

Request headers

Accept-Language
nl-NL,nl;q=0.9
Referer
https://517s61.reminews.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date
Fri, 03 Dec 2021 16:22:59 GMT
x-openstack-request-id
tx511d3042704c4fa98c709-00617824f4
x-trans-id
tx511d3042704c4fa98c709-00617824f4
x-timestamp
1631013005.68768
accept-ranges
bytes
expires
Sun, 05 Dec 2021 16:22:59 GMT
last-modified
Tue, 07 Sep 2021 11:10:06 GMT
server
nginx/1.18.0
etag
9d479878f1dadd7ee15cebf73891e8ae
vary
Accept-Encoding
access-control-allow-methods
HEAD,GET,POST,PUT,PATCH,DELETE,OPTIONS
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
access-control-expose-headers
X-Container-Meta-Temp-Url-Key,X-Container-Bytes-Used,Last-Modified,X-Timestamp
cache-control
max-age=172800
content-length
4281
access-control-allow-headers
Content-Type,X-Requested-With,X-Auth-Token,X-Openstack-Request-Id,X-Container-Meta-type,X-Container-Meta-Temp-URL-Key,Authorization
x-proxy-cache
HIT
icon1.png
123.selornews.com/dannig/common-player-arrow/img/ 		7 KB
8 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://123.selornews.com/dannig/common-player-arrow/img/icon1.png
Requested by
Host: 517s61.reminews.com
URL: https://517s61.reminews.com/dannig/common-player-arrow/index.html?var=1541502&ymid=211203112244ef2ebad1ae43e9879cf44a2f&rc=1&mrc=0&fsc=0&zoneid=1601571&tburl=https://play-vids.com/?geo=nl&proxy=true
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
45.133.44.4 Philadelphia, United States, ASN39572 (ADVANCEDHOSTERS-AS, NL),
Reverse DNS
Software
nginx/1.18.0 /
Resource Hash

Request headers

Accept-Language
nl-NL,nl;q=0.9
Referer
https://517s61.reminews.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date
Fri, 03 Dec 2021 16:22:59 GMT
x-openstack-request-id
tx3a371b7f911d47879e956-00617824f4
x-trans-id
tx3a371b7f911d47879e956-00617824f4
x-timestamp
1621260766.56573
accept-ranges
bytes
expires
Sun, 05 Dec 2021 16:22:59 GMT
last-modified
Mon, 17 May 2021 14:12:47 GMT
server
nginx/1.18.0
etag
3d0ab5834c8bf7134e4d21fa3288317f
vary
Accept-Encoding
access-control-allow-methods
HEAD,GET,POST,PUT,PATCH,DELETE,OPTIONS
content-type
image/png
access-control-allow-origin
*
access-control-expose-headers
X-Container-Meta-Temp-Url-Key,X-Container-Bytes-Used,Last-Modified,X-Timestamp
cache-control
max-age=172800
content-length
7252
access-control-allow-headers
Content-Type,X-Requested-With,X-Auth-Token,X-Openstack-Request-Id,X-Container-Meta-type,X-Container-Meta-Temp-URL-Key,Authorization
x-proxy-cache
HIT
icon2.png
123.selornews.com/dannig/common-player-arrow/img/ 		4 KB
5 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://123.selornews.com/dannig/common-player-arrow/img/icon2.png
Requested by
Host: 517s61.reminews.com
URL: https://517s61.reminews.com/dannig/common-player-arrow/index.html?var=1541502&ymid=211203112244ef2ebad1ae43e9879cf44a2f&rc=1&mrc=0&fsc=0&zoneid=1601571&tburl=https://play-vids.com/?geo=nl&proxy=true
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
45.133.44.4 Philadelphia, United States, ASN39572 (ADVANCEDHOSTERS-AS, NL),
Reverse DNS
Software
nginx/1.18.0 /
Resource Hash

Request headers

Accept-Language
nl-NL,nl;q=0.9
Referer
https://517s61.reminews.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date
Fri, 03 Dec 2021 16:22:59 GMT
x-openstack-request-id
txa9b08c83d6884e2e94886-00617824f0
x-trans-id
txa9b08c83d6884e2e94886-00617824f0
x-timestamp
1621260766.58366
accept-ranges
bytes
expires
Sun, 05 Dec 2021 16:22:59 GMT
last-modified
Mon, 17 May 2021 14:12:47 GMT
server
nginx/1.18.0
etag
c947d439eb93367f1af5b2a3d222f057
vary
Accept-Encoding
access-control-allow-methods
HEAD,GET,POST,PUT,PATCH,DELETE,OPTIONS
content-type
image/png
access-control-allow-origin
*
access-control-expose-headers
X-Container-Meta-Temp-Url-Key,X-Container-Bytes-Used,Last-Modified,X-Timestamp
cache-control
max-age=172800
content-length
4576
access-control-allow-headers
Content-Type,X-Requested-With,X-Auth-Token,X-Openstack-Request-Id,X-Container-Meta-type,X-Container-Meta-Temp-URL-Key,Authorization
x-proxy-cache
HIT
icon3.png
123.selornews.com/dannig/common-player-arrow/img/ 		8 KB
8 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://123.selornews.com/dannig/common-player-arrow/img/icon3.png
Requested by
Host: 517s61.reminews.com
URL: https://517s61.reminews.com/dannig/common-player-arrow/index.html?var=1541502&ymid=211203112244ef2ebad1ae43e9879cf44a2f&rc=1&mrc=0&fsc=0&zoneid=1601571&tburl=https://play-vids.com/?geo=nl&proxy=true
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
45.133.44.4 Philadelphia, United States, ASN39572 (ADVANCEDHOSTERS-AS, NL),
Reverse DNS
Software
nginx/1.18.0 /
Resource Hash

Request headers

Accept-Language
nl-NL,nl;q=0.9
Referer
https://517s61.reminews.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date
Fri, 03 Dec 2021 16:22:59 GMT
x-openstack-request-id
txe836bc800dc74cab8c17e-00617824f0
x-trans-id
txe836bc800dc74cab8c17e-00617824f0
x-timestamp
1621260770.61859
accept-ranges
bytes
expires
Sun, 05 Dec 2021 16:22:59 GMT
last-modified
Mon, 17 May 2021 14:12:51 GMT
server
nginx/1.18.0
etag
8f3cc830da0b1fdf66bda7d1d734747b
vary
Accept-Encoding
access-control-allow-methods
HEAD,GET,POST,PUT,PATCH,DELETE,OPTIONS
content-type
image/png
access-control-allow-origin
*
access-control-expose-headers
X-Container-Meta-Temp-Url-Key,X-Container-Bytes-Used,Last-Modified,X-Timestamp
cache-control
max-age=172800
content-length
7847
access-control-allow-headers
Content-Type,X-Requested-With,X-Auth-Token,X-Openstack-Request-Id,X-Container-Meta-type,X-Container-Meta-Temp-URL-Key,Authorization
x-proxy-cache
HIT
icon4.png
123.selornews.com/dannig/common-player-arrow/img/ 		7 KB
7 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://123.selornews.com/dannig/common-player-arrow/img/icon4.png
Requested by
Host: 517s61.reminews.com
URL: https://517s61.reminews.com/dannig/common-player-arrow/index.html?var=1541502&ymid=211203112244ef2ebad1ae43e9879cf44a2f&rc=1&mrc=0&fsc=0&zoneid=1601571&tburl=https://play-vids.com/?geo=nl&proxy=true
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
45.133.44.4 Philadelphia, United States, ASN39572 (ADVANCEDHOSTERS-AS, NL),
Reverse DNS
Software
nginx/1.18.0 /
Resource Hash

Request headers

Accept-Language
nl-NL,nl;q=0.9
Referer
https://517s61.reminews.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date
Fri, 03 Dec 2021 16:22:59 GMT
x-openstack-request-id
tx15b172dcb6084849bf123-00617824f0
x-trans-id
tx15b172dcb6084849bf123-00617824f0
x-timestamp
1621260766.57654
accept-ranges
bytes
expires
Sun, 05 Dec 2021 16:22:59 GMT
last-modified
Mon, 17 May 2021 14:12:47 GMT
server
nginx/1.18.0
etag
7ad7f32c1c0df7b4975cc41bda4ac435
vary
Accept-Encoding
access-control-allow-methods
HEAD,GET,POST,PUT,PATCH,DELETE,OPTIONS
content-type
image/png
access-control-allow-origin
*
access-control-expose-headers
X-Container-Meta-Temp-Url-Key,X-Container-Bytes-Used,Last-Modified,X-Timestamp
cache-control
max-age=172800
content-length
7032
access-control-allow-headers
Content-Type,X-Requested-With,X-Auth-Token,X-Openstack-Request-Id,X-Container-Meta-type,X-Container-Meta-Temp-URL-Key,Authorization
x-proxy-cache
HIT
icon5.png
123.selornews.com/dannig/common-player-arrow/img/ 		3 KB
4 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://123.selornews.com/dannig/common-player-arrow/img/icon5.png
Requested by
Host: 517s61.reminews.com
URL: https://517s61.reminews.com/dannig/common-player-arrow/index.html?var=1541502&ymid=211203112244ef2ebad1ae43e9879cf44a2f&rc=1&mrc=0&fsc=0&zoneid=1601571&tburl=https://play-vids.com/?geo=nl&proxy=true
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
45.133.44.4 Philadelphia, United States, ASN39572 (ADVANCEDHOSTERS-AS, NL),
Reverse DNS
Software
nginx/1.18.0 /
Resource Hash

Request headers

Accept-Language
nl-NL,nl;q=0.9
Referer
https://517s61.reminews.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date
Fri, 03 Dec 2021 16:22:59 GMT
x-openstack-request-id
txb5043e51fe2e4d6988631-00617824f0
x-trans-id
txb5043e51fe2e4d6988631-00617824f0
x-timestamp
1621260766.74516
accept-ranges
bytes
expires
Sun, 05 Dec 2021 16:22:59 GMT
last-modified
Mon, 17 May 2021 14:12:47 GMT
server
nginx/1.18.0
etag
1e1a7582b5da63e10485d63f97abc9a0
vary
Accept-Encoding
access-control-allow-methods
HEAD,GET,POST,PUT,PATCH,DELETE,OPTIONS
content-type
image/png
access-control-allow-origin
*
access-control-expose-headers
X-Container-Meta-Temp-Url-Key,X-Container-Bytes-Used,Last-Modified,X-Timestamp
cache-control
max-age=172800
content-length
3264
access-control-allow-headers
Content-Type,X-Requested-With,X-Auth-Token,X-Openstack-Request-Id,X-Container-Meta-type,X-Container-Meta-Temp-URL-Key,Authorization
x-proxy-cache
HIT
icon7.png
123.selornews.com/dannig/common-player-arrow/img/ 		3 KB
4 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://123.selornews.com/dannig/common-player-arrow/img/icon7.png
Requested by
Host: 517s61.reminews.com
URL: https://517s61.reminews.com/dannig/common-player-arrow/index.html?var=1541502&ymid=211203112244ef2ebad1ae43e9879cf44a2f&rc=1&mrc=0&fsc=0&zoneid=1601571&tburl=https://play-vids.com/?geo=nl&proxy=true
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
45.133.44.4 Philadelphia, United States, ASN39572 (ADVANCEDHOSTERS-AS, NL),
Reverse DNS
Software
nginx/1.18.0 /
Resource Hash

Request headers

Accept-Language
nl-NL,nl;q=0.9
Referer
https://517s61.reminews.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date
Fri, 03 Dec 2021 16:22:59 GMT
x-openstack-request-id
tx23eb648f44094a9e86fdc-00617824f0
x-trans-id
tx23eb648f44094a9e86fdc-00617824f0
x-timestamp
1621260767.43555
accept-ranges
bytes
expires
Sun, 05 Dec 2021 16:22:59 GMT
last-modified
Mon, 17 May 2021 14:12:48 GMT
server
nginx/1.18.0
etag
b512735542cb07b3b2dcf153a7dfe456
vary
Accept-Encoding
access-control-allow-methods
HEAD,GET,POST,PUT,PATCH,DELETE,OPTIONS
content-type
image/png
access-control-allow-origin
*
access-control-expose-headers
X-Container-Meta-Temp-Url-Key,X-Container-Bytes-Used,Last-Modified,X-Timestamp
cache-control
max-age=172800
content-length
3283
access-control-allow-headers
Content-Type,X-Requested-With,X-Auth-Token,X-Openstack-Request-Id,X-Container-Meta-type,X-Container-Meta-Temp-URL-Key,Authorization
x-proxy-cache
HIT
icon8.png
123.selornews.com/dannig/common-player-arrow/img/ 		4 KB
5 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://123.selornews.com/dannig/common-player-arrow/img/icon8.png
Requested by
Host: 517s61.reminews.com
URL: https://517s61.reminews.com/dannig/common-player-arrow/index.html?var=1541502&ymid=211203112244ef2ebad1ae43e9879cf44a2f&rc=1&mrc=0&fsc=0&zoneid=1601571&tburl=https://play-vids.com/?geo=nl&proxy=true
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
45.133.44.4 Philadelphia, United States, ASN39572 (ADVANCEDHOSTERS-AS, NL),
Reverse DNS
Software
nginx/1.18.0 /
Resource Hash

Request headers

Accept-Language
nl-NL,nl;q=0.9
Referer
https://517s61.reminews.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date
Fri, 03 Dec 2021 16:22:59 GMT
x-openstack-request-id
tx287de7c84de84b77b385d-00617824f0
x-trans-id
tx287de7c84de84b77b385d-00617824f0
x-timestamp
1621260767.46514
accept-ranges
bytes
expires
Sun, 05 Dec 2021 16:22:59 GMT
last-modified
Mon, 17 May 2021 14:12:48 GMT
server
nginx/1.18.0
etag
f92d6474ebc6a3a0b576749cfb4afe98
vary
Accept-Encoding
access-control-allow-methods
HEAD,GET,POST,PUT,PATCH,DELETE,OPTIONS
content-type
image/png
access-control-allow-origin
*
access-control-expose-headers
X-Container-Meta-Temp-Url-Key,X-Container-Bytes-Used,Last-Modified,X-Timestamp
cache-control
max-age=172800
content-length
4064
access-control-allow-headers
Content-Type,X-Requested-With,X-Auth-Token,X-Openstack-Request-Id,X-Container-Meta-type,X-Container-Meta-Temp-URL-Key,Authorization
x-proxy-cache
HIT
afu.php
kneeansweras.com/ 		2 KB
1 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://kneeansweras.com/afu.php?zoneid=1541501&var=1541502
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
109.206.162.83 , Netherlands, ASN50245 (SERVEREL-AS, NL),
Reverse DNS
83.162.serverel.net
Software
nginx /
Resource Hash
e65cb735ccdc86225712161e932cde15bd7d5e63780bc442b1e497983d32f41b

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36
Accept-Language
nl-NL,nl;q=0.9

Response headers

server
nginx
date
Fri, 03 Dec 2021 16:22:59 GMT
content-type
text/html; charset=utf-8
vary
Accept-Encoding
content-encoding
gzip
timing-allow-origin
*
submit.min.js
kneeansweras.com/ 		34 KB
14 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://kneeansweras.com/submit.min.js?2.0
Requested by
Host: kneeansweras.com
URL: https://kneeansweras.com/afu.php?zoneid=1541501&var=1541502
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
109.206.162.83 , Netherlands, ASN50245 (SERVEREL-AS, NL),
Reverse DNS
83.162.serverel.net
Software
nginx /
Resource Hash
85a367f436675a0f9ff723ab117c68ab0f704cd9f183bc40c8d5e06d647832b8

Request headers

Accept-Language
nl-NL,nl;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date
Fri, 03 Dec 2021 16:22:59 GMT
content-encoding
gzip
last-modified
Thu, 02 Dec 2021 12:43:17 GMT
server
nginx
etag
W/"61a8bf65-87fb"
vary
Accept-Encoding
content-type
application/javascript
timing-allow-origin
*
/
kneeansweras.com/ 		3 KB
2 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://kneeansweras.com/?r=dir&zoneid=1541501&var=1541502&pb=6483f6f3e4eefa151d81634c3582306d1638555779&psp=AGv1WtuE2PPXk02_Gtv5weW-D0Fnxf2J3M6ZUU07T7SvNxmN6OOQfUztKBAcakKtgsCEHO5APP0etU8xsRUam2pk6_OFYCZ3g1yPTr3zxvKEgYUQnSgQJoEjF0NqDNLnklyh4jSwvVtygJyyAeNLxbAsfJ9S6YfMe2MFSXmAEGDzdKYs-ONUADlGTmto4RNj9ah9PMGuz32VveiJOREeDarXftLRPs8Fp3mzv0L5fySKwj_OJlU9Mh5NKWTZ3hvAc1z-c1LBV6cJRJqbbAAdsc625ky39uRs62l06hpEuL801mUrEPKk1UHSFKWnKPJXLRX1WQzHKhfBOrBASyiX041A8FIHJb4CE78BIwlbYm3yp1aLgrekya_Ud53ESryw9z8eXH9wvJgW0ZBh6IMtc0KcU4c-l3QAhB7S_JPojhW7P3W-CB5JEFhyTihifPEahaktdN1TULtP86JB3CDLvv1D8x8FWjpD0iQHD5BjUvfjPYudGq44Lq9ovntwV011g1rnxXMxbPb19-rET0qfL6OAmfryw6JU9Y7TOZevWz6SaWiXiSyI_0EBxLYyBRpXgth5DTFL4nAO0BN0Cx1kO-bAyH39rrYBy52gOlnlPgv_js-wOwJnND8ymRvaS6X7O-dlQ2bXsJbs_CiQPMIQJreA7IfZW_2Bq6pJXVjwc5Jg0viYU1BHCg==&nojs=0&ix=0&t=0&x=1600&y=1200&wcks=1&wgl=1&cnvs=1&os=0&md=0&bb=0&pl=Chrome%20PDF%20Plugin::Chrome%20PDF%20Viewer::Native%20Client&lang=en-US&pf=Linux%20x86_64&cd=24&0&pload=103
Requested by
Host: kneeansweras.com
URL: https://kneeansweras.com/submit.min.js?2.0
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
109.206.162.83 , Netherlands, ASN50245 (SERVEREL-AS, NL),
Reverse DNS
83.162.serverel.net
Software
nginx /
Resource Hash
26c0a800ab504253244db2f872346a15da707671ee162128d362913503859b4f

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36
Accept-Language
nl-NL,nl;q=0.9

Response headers

server
nginx
date
Fri, 03 Dec 2021 16:22:59 GMT
content-type
text/html; charset=utf-8
vary
Accept-Encoding
content-encoding
gzip
timing-allow-origin
*
index.html
517s61.reminews.com/dannig/common-player-arrow/ 		6 KB
7 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://517s61.reminews.com/dannig/common-player-arrow/index.html?var=1541501&ymid=21120311226b4f37d4ccf842f7b2ca30ee9d&rc=1&mrc=0&fsc=0&zoneid=1601571&tburl=https://play-vids.com/?geo=nl&proxy=true
Requested by
Host: kneeansweras.com
URL: https://kneeansweras.com/?r=dir&zoneid=1541501&var=1541502&pb=6483f6f3e4eefa151d81634c3582306d1638555779&psp=AGv1WtuE2PPXk02_Gtv5weW-D0Fnxf2J3M6ZUU07T7SvNxmN6OOQfUztKBAcakKtgsCEHO5APP0etU8xsRUam2pk6_OFYCZ3g1yPTr3zxvKEgYUQnSgQJoEjF0NqDNLnklyh4jSwvVtygJyyAeNLxbAsfJ9S6YfMe2MFSXmAEGDzdKYs-ONUADlGTmto4RNj9ah9PMGuz32VveiJOREeDarXftLRPs8Fp3mzv0L5fySKwj_OJlU9Mh5NKWTZ3hvAc1z-c1LBV6cJRJqbbAAdsc625ky39uRs62l06hpEuL801mUrEPKk1UHSFKWnKPJXLRX1WQzHKhfBOrBASyiX041A8FIHJb4CE78BIwlbYm3yp1aLgrekya_Ud53ESryw9z8eXH9wvJgW0ZBh6IMtc0KcU4c-l3QAhB7S_JPojhW7P3W-CB5JEFhyTihifPEahaktdN1TULtP86JB3CDLvv1D8x8FWjpD0iQHD5BjUvfjPYudGq44Lq9ovntwV011g1rnxXMxbPb19-rET0qfL6OAmfryw6JU9Y7TOZevWz6SaWiXiSyI_0EBxLYyBRpXgth5DTFL4nAO0BN0Cx1kO-bAyH39rrYBy52gOlnlPgv_js-wOwJnND8ymRvaS6X7O-dlQ2bXsJbs_CiQPMIQJreA7IfZW_2Bq6pJXVjwc5Jg0viYU1BHCg==&nojs=0&ix=0&t=0&x=1600&y=1200&wcks=1&wgl=1&cnvs=1&os=0&md=0&bb=0&pl=Chrome%20PDF%20Plugin::Chrome%20PDF%20Viewer::Native%20Client&lang=en-US&pf=Linux%20x86_64&cd=24&0&pload=103
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
45.133.44.3 Philadelphia, United States, ASN39572 (ADVANCEDHOSTERS-AS, NL),
Reverse DNS
Software
nginx/1.18.0 /
Resource Hash
dccc56b4834577790633f041a5c730b0f283352e63c8509a9da3961b170b6f96

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36
Accept-Language
nl-NL,nl;q=0.9

Response headers

date
Fri, 03 Dec 2021 16:22:59 GMT
content-type
text/html; charset=utf-8
content-length
6611
server
nginx/1.18.0
last-modified
Tue, 26 Oct 2021 15:52:40 GMT
etag
f46a63e0e4e733d7ddc6f46da00863bf
x-timestamp
1635263559.76455
x-trans-id
txf9973ab5455e4f86ae257-00617824f3
x-openstack-request-id
txf9973ab5455e4f86ae257-00617824f3
cache-control
max-age=172800
access-control-allow-origin
*
access-control-allow-methods
HEAD,GET,POST,PUT,PATCH,DELETE,OPTIONS
access-control-allow-headers
Content-Type,X-Requested-With,X-Auth-Token,X-Openstack-Request-Id,X-Container-Meta-type,X-Container-Meta-Temp-URL-Key,Authorization
access-control-expose-headers
X-Container-Meta-Temp-Url-Key,X-Container-Bytes-Used,Last-Modified,X-Timestamp
expires
Sun, 05 Dec 2021 16:22:59 GMT
vary
Accept-Encoding
x-proxy-cache
HIT
accept-ranges
bytes
dupa.gif
kneeansweras.com/ 		0
0
script.js
123.selornews.com/dannig/common-player-arrow/ 		4 KB
5 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://123.selornews.com/dannig/common-player-arrow/script.js?a=19
Requested by
Host: 517s61.reminews.com
URL: https://517s61.reminews.com/dannig/common-player-arrow/index.html?var=1541501&ymid=21120311226b4f37d4ccf842f7b2ca30ee9d&rc=1&mrc=0&fsc=0&zoneid=1601571&tburl=https://play-vids.com/?geo=nl&proxy=true
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
45.133.44.4 Philadelphia, United States, ASN39572 (ADVANCEDHOSTERS-AS, NL),
Reverse DNS
Software
nginx/1.18.0 /
Resource Hash
4d23eca65ee87fd5bce9aaefc863c5f836ad13dbb3069c72533bddfe2054d0d9

Request headers

Accept-Language
nl-NL,nl;q=0.9
Referer
https://517s61.reminews.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date
Fri, 03 Dec 2021 16:22:59 GMT
x-openstack-request-id
tx511d3042704c4fa98c709-00617824f4
x-trans-id
tx511d3042704c4fa98c709-00617824f4
x-timestamp
1631013005.68768
accept-ranges
bytes
expires
Sun, 05 Dec 2021 16:22:59 GMT
last-modified
Tue, 07 Sep 2021 11:10:06 GMT
server
nginx/1.18.0
etag
9d479878f1dadd7ee15cebf73891e8ae
vary
Accept-Encoding
access-control-allow-methods
HEAD,GET,POST,PUT,PATCH,DELETE,OPTIONS
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
access-control-expose-headers
X-Container-Meta-Temp-Url-Key,X-Container-Bytes-Used,Last-Modified,X-Timestamp
cache-control
max-age=172800
content-length
4281
access-control-allow-headers
Content-Type,X-Requested-With,X-Auth-Token,X-Openstack-Request-Id,X-Container-Meta-type,X-Container-Meta-Temp-URL-Key,Authorization
x-proxy-cache
HIT
icon1.png
123.selornews.com/dannig/common-player-arrow/img/ 		7 KB
8 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://123.selornews.com/dannig/common-player-arrow/img/icon1.png
Requested by
Host: 517s61.reminews.com
URL: https://517s61.reminews.com/dannig/common-player-arrow/index.html?var=1541501&ymid=21120311226b4f37d4ccf842f7b2ca30ee9d&rc=1&mrc=0&fsc=0&zoneid=1601571&tburl=https://play-vids.com/?geo=nl&proxy=true
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
45.133.44.4 Philadelphia, United States, ASN39572 (ADVANCEDHOSTERS-AS, NL),
Reverse DNS
Software
nginx/1.18.0 /
Resource Hash
0515ddd9185d263874e7b66bb6d521fcd63b857aac5fed51c08df98026dafe27

Request headers

Accept-Language
nl-NL,nl;q=0.9
Referer
https://517s61.reminews.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date
Fri, 03 Dec 2021 16:22:59 GMT
x-openstack-request-id
tx3a371b7f911d47879e956-00617824f4
x-trans-id
tx3a371b7f911d47879e956-00617824f4
x-timestamp
1621260766.56573
accept-ranges
bytes
expires
Sun, 05 Dec 2021 16:22:59 GMT
last-modified
Mon, 17 May 2021 14:12:47 GMT
server
nginx/1.18.0
etag
3d0ab5834c8bf7134e4d21fa3288317f
vary
Accept-Encoding
access-control-allow-methods
HEAD,GET,POST,PUT,PATCH,DELETE,OPTIONS
content-type
image/png
access-control-allow-origin
*
access-control-expose-headers
X-Container-Meta-Temp-Url-Key,X-Container-Bytes-Used,Last-Modified,X-Timestamp
cache-control
max-age=172800
content-length
7252
access-control-allow-headers
Content-Type,X-Requested-With,X-Auth-Token,X-Openstack-Request-Id,X-Container-Meta-type,X-Container-Meta-Temp-URL-Key,Authorization
x-proxy-cache
HIT
icon2.png
123.selornews.com/dannig/common-player-arrow/img/ 		4 KB
5 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://123.selornews.com/dannig/common-player-arrow/img/icon2.png
Requested by
Host: 517s61.reminews.com
URL: https://517s61.reminews.com/dannig/common-player-arrow/index.html?var=1541501&ymid=21120311226b4f37d4ccf842f7b2ca30ee9d&rc=1&mrc=0&fsc=0&zoneid=1601571&tburl=https://play-vids.com/?geo=nl&proxy=true
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
45.133.44.4 Philadelphia, United States, ASN39572 (ADVANCEDHOSTERS-AS, NL),
Reverse DNS
Software
nginx/1.18.0 /
Resource Hash

Request headers

Accept-Language
nl-NL,nl;q=0.9
Referer
https://517s61.reminews.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date
Fri, 03 Dec 2021 16:22:59 GMT
x-openstack-request-id
txa9b08c83d6884e2e94886-00617824f0
x-trans-id
txa9b08c83d6884e2e94886-00617824f0
x-timestamp
1621260766.58366
accept-ranges
bytes
expires
Sun, 05 Dec 2021 16:22:59 GMT
last-modified
Mon, 17 May 2021 14:12:47 GMT
server
nginx/1.18.0
etag
c947d439eb93367f1af5b2a3d222f057
vary
Accept-Encoding
access-control-allow-methods
HEAD,GET,POST,PUT,PATCH,DELETE,OPTIONS
content-type
image/png
access-control-allow-origin
*
access-control-expose-headers
X-Container-Meta-Temp-Url-Key,X-Container-Bytes-Used,Last-Modified,X-Timestamp
cache-control
max-age=172800
content-length
4576
access-control-allow-headers
Content-Type,X-Requested-With,X-Auth-Token,X-Openstack-Request-Id,X-Container-Meta-type,X-Container-Meta-Temp-URL-Key,Authorization
x-proxy-cache
HIT
icon3.png
123.selornews.com/dannig/common-player-arrow/img/ 		8 KB
8 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://123.selornews.com/dannig/common-player-arrow/img/icon3.png
Requested by
Host: 517s61.reminews.com
URL: https://517s61.reminews.com/dannig/common-player-arrow/index.html?var=1541501&ymid=21120311226b4f37d4ccf842f7b2ca30ee9d&rc=1&mrc=0&fsc=0&zoneid=1601571&tburl=https://play-vids.com/?geo=nl&proxy=true
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
45.133.44.4 Philadelphia, United States, ASN39572 (ADVANCEDHOSTERS-AS, NL),
Reverse DNS
Software
nginx/1.18.0 /
Resource Hash

Request headers

Accept-Language
nl-NL,nl;q=0.9
Referer
https://517s61.reminews.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date
Fri, 03 Dec 2021 16:22:59 GMT
x-openstack-request-id
txe836bc800dc74cab8c17e-00617824f0
x-trans-id
txe836bc800dc74cab8c17e-00617824f0
x-timestamp
1621260770.61859
accept-ranges
bytes
expires
Sun, 05 Dec 2021 16:22:59 GMT
last-modified
Mon, 17 May 2021 14:12:51 GMT
server
nginx/1.18.0
etag
8f3cc830da0b1fdf66bda7d1d734747b
vary
Accept-Encoding
access-control-allow-methods
HEAD,GET,POST,PUT,PATCH,DELETE,OPTIONS
content-type
image/png
access-control-allow-origin
*
access-control-expose-headers
X-Container-Meta-Temp-Url-Key,X-Container-Bytes-Used,Last-Modified,X-Timestamp
cache-control
max-age=172800
content-length
7847
access-control-allow-headers
Content-Type,X-Requested-With,X-Auth-Token,X-Openstack-Request-Id,X-Container-Meta-type,X-Container-Meta-Temp-URL-Key,Authorization
x-proxy-cache
HIT
icon4.png
123.selornews.com/dannig/common-player-arrow/img/ 		7 KB
7 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://123.selornews.com/dannig/common-player-arrow/img/icon4.png
Requested by
Host: 517s61.reminews.com
URL: https://517s61.reminews.com/dannig/common-player-arrow/index.html?var=1541501&ymid=21120311226b4f37d4ccf842f7b2ca30ee9d&rc=1&mrc=0&fsc=0&zoneid=1601571&tburl=https://play-vids.com/?geo=nl&proxy=true
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
45.133.44.4 Philadelphia, United States, ASN39572 (ADVANCEDHOSTERS-AS, NL),
Reverse DNS
Software
nginx/1.18.0 /
Resource Hash

Request headers

Accept-Language
nl-NL,nl;q=0.9
Referer
https://517s61.reminews.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date
Fri, 03 Dec 2021 16:22:59 GMT
x-openstack-request-id
tx15b172dcb6084849bf123-00617824f0
x-trans-id
tx15b172dcb6084849bf123-00617824f0
x-timestamp
1621260766.57654
accept-ranges
bytes
expires
Sun, 05 Dec 2021 16:22:59 GMT
last-modified
Mon, 17 May 2021 14:12:47 GMT
server
nginx/1.18.0
etag
7ad7f32c1c0df7b4975cc41bda4ac435
vary
Accept-Encoding
access-control-allow-methods
HEAD,GET,POST,PUT,PATCH,DELETE,OPTIONS
content-type
image/png
access-control-allow-origin
*
access-control-expose-headers
X-Container-Meta-Temp-Url-Key,X-Container-Bytes-Used,Last-Modified,X-Timestamp
cache-control
max-age=172800
content-length
7032
access-control-allow-headers
Content-Type,X-Requested-With,X-Auth-Token,X-Openstack-Request-Id,X-Container-Meta-type,X-Container-Meta-Temp-URL-Key,Authorization
x-proxy-cache
HIT
icon5.png
123.selornews.com/dannig/common-player-arrow/img/ 		3 KB
4 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://123.selornews.com/dannig/common-player-arrow/img/icon5.png
Requested by
Host: 517s61.reminews.com
URL: https://517s61.reminews.com/dannig/common-player-arrow/index.html?var=1541501&ymid=21120311226b4f37d4ccf842f7b2ca30ee9d&rc=1&mrc=0&fsc=0&zoneid=1601571&tburl=https://play-vids.com/?geo=nl&proxy=true
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
45.133.44.4 Philadelphia, United States, ASN39572 (ADVANCEDHOSTERS-AS, NL),
Reverse DNS
Software
nginx/1.18.0 /
Resource Hash

Request headers

Accept-Language
nl-NL,nl;q=0.9
Referer
https://517s61.reminews.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date
Fri, 03 Dec 2021 16:22:59 GMT
x-openstack-request-id
txb5043e51fe2e4d6988631-00617824f0
x-trans-id
txb5043e51fe2e4d6988631-00617824f0
x-timestamp
1621260766.74516
accept-ranges
bytes
expires
Sun, 05 Dec 2021 16:22:59 GMT
last-modified
Mon, 17 May 2021 14:12:47 GMT
server
nginx/1.18.0
etag
1e1a7582b5da63e10485d63f97abc9a0
vary
Accept-Encoding
access-control-allow-methods
HEAD,GET,POST,PUT,PATCH,DELETE,OPTIONS
content-type
image/png
access-control-allow-origin
*
access-control-expose-headers
X-Container-Meta-Temp-Url-Key,X-Container-Bytes-Used,Last-Modified,X-Timestamp
cache-control
max-age=172800
content-length
3264
access-control-allow-headers
Content-Type,X-Requested-With,X-Auth-Token,X-Openstack-Request-Id,X-Container-Meta-type,X-Container-Meta-Temp-URL-Key,Authorization
x-proxy-cache
HIT
icon7.png
123.selornews.com/dannig/common-player-arrow/img/ 		3 KB
4 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://123.selornews.com/dannig/common-player-arrow/img/icon7.png
Requested by
Host: 517s61.reminews.com
URL: https://517s61.reminews.com/dannig/common-player-arrow/index.html?var=1541501&ymid=21120311226b4f37d4ccf842f7b2ca30ee9d&rc=1&mrc=0&fsc=0&zoneid=1601571&tburl=https://play-vids.com/?geo=nl&proxy=true
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
45.133.44.4 Philadelphia, United States, ASN39572 (ADVANCEDHOSTERS-AS, NL),
Reverse DNS
Software
nginx/1.18.0 /
Resource Hash

Request headers

Accept-Language
nl-NL,nl;q=0.9
Referer
https://517s61.reminews.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date
Fri, 03 Dec 2021 16:22:59 GMT
x-openstack-request-id
tx23eb648f44094a9e86fdc-00617824f0
x-trans-id
tx23eb648f44094a9e86fdc-00617824f0
x-timestamp
1621260767.43555
accept-ranges
bytes
expires
Sun, 05 Dec 2021 16:22:59 GMT
last-modified
Mon, 17 May 2021 14:12:48 GMT
server
nginx/1.18.0
etag
b512735542cb07b3b2dcf153a7dfe456
vary
Accept-Encoding
access-control-allow-methods
HEAD,GET,POST,PUT,PATCH,DELETE,OPTIONS
content-type
image/png
access-control-allow-origin
*
access-control-expose-headers
X-Container-Meta-Temp-Url-Key,X-Container-Bytes-Used,Last-Modified,X-Timestamp
cache-control
max-age=172800
content-length
3283
access-control-allow-headers
Content-Type,X-Requested-With,X-Auth-Token,X-Openstack-Request-Id,X-Container-Meta-type,X-Container-Meta-Temp-URL-Key,Authorization
x-proxy-cache
HIT
icon8.png
123.selornews.com/dannig/common-player-arrow/img/ 		4 KB
5 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://123.selornews.com/dannig/common-player-arrow/img/icon8.png
Requested by
Host: 517s61.reminews.com
URL: https://517s61.reminews.com/dannig/common-player-arrow/index.html?var=1541501&ymid=21120311226b4f37d4ccf842f7b2ca30ee9d&rc=1&mrc=0&fsc=0&zoneid=1601571&tburl=https://play-vids.com/?geo=nl&proxy=true
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
45.133.44.4 Philadelphia, United States, ASN39572 (ADVANCEDHOSTERS-AS, NL),
Reverse DNS
Software
nginx/1.18.0 /
Resource Hash

Request headers

Accept-Language
nl-NL,nl;q=0.9
Referer
https://517s61.reminews.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date
Fri, 03 Dec 2021 16:22:59 GMT
x-openstack-request-id
tx287de7c84de84b77b385d-00617824f0
x-trans-id
tx287de7c84de84b77b385d-00617824f0
x-timestamp
1621260767.46514
accept-ranges
bytes
expires
Sun, 05 Dec 2021 16:22:59 GMT
last-modified
Mon, 17 May 2021 14:12:48 GMT
server
nginx/1.18.0
etag
f92d6474ebc6a3a0b576749cfb4afe98
vary
Accept-Encoding
access-control-allow-methods
HEAD,GET,POST,PUT,PATCH,DELETE,OPTIONS
content-type
image/png
access-control-allow-origin
*
access-control-expose-headers
X-Container-Meta-Temp-Url-Key,X-Container-Bytes-Used,Last-Modified,X-Timestamp
cache-control
max-age=172800
content-length
4064
access-control-allow-headers
Content-Type,X-Requested-With,X-Auth-Token,X-Openstack-Request-Id,X-Container-Meta-type,X-Container-Meta-Temp-URL-Key,Authorization
x-proxy-cache
HIT
afu.php
kneeansweras.com/ 		2 KB
1 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://kneeansweras.com/afu.php?zoneid=1541502&var=1541501
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
109.206.162.83 , Netherlands, ASN50245 (SERVEREL-AS, NL),
Reverse DNS
83.162.serverel.net
Software
nginx /
Resource Hash
6a25d5770fb6fbfce87deb89676645239022411be8da0d9eb706000d4e15a7ee

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36
Accept-Language
nl-NL,nl;q=0.9

Response headers

server
nginx
date
Fri, 03 Dec 2021 16:22:59 GMT
content-type
text/html; charset=utf-8
vary
Accept-Encoding
content-encoding
gzip
timing-allow-origin
*
submit.min.js
kneeansweras.com/ 		34 KB
14 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://kneeansweras.com/submit.min.js?2.0
Requested by
Host: kneeansweras.com
URL: https://kneeansweras.com/afu.php?zoneid=1541502&var=1541501
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
109.206.162.83 , Netherlands, ASN50245 (SERVEREL-AS, NL),
Reverse DNS
83.162.serverel.net
Software
nginx /
Resource Hash
85a367f436675a0f9ff723ab117c68ab0f704cd9f183bc40c8d5e06d647832b8

Request headers

Accept-Language
nl-NL,nl;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date
Fri, 03 Dec 2021 16:22:59 GMT
content-encoding
gzip
last-modified
Thu, 02 Dec 2021 12:43:17 GMT
server
nginx
etag
W/"61a8bf65-87fb"
vary
Accept-Encoding
content-type
application/javascript
timing-allow-origin
*
/
kneeansweras.com/ 		3 KB
2 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://kneeansweras.com/?r=dir&zoneid=1541502&var=1541501&pb=6483f6f3e4eefa151d81634c3582306d1638555779&psp=0Ln9Kl3HYKhC4JFmkAkXst9aGIVrstbOPYZ-k8Bd8MIbD1H4iBaAmCSuhyDUK_FJVCtMzjrUjFw759GZU0AurdgFD9HKlHJXgnWnVdEIU5V9_ZGuRee8mTD_o1PuHGUbWSVM1tCbwMFYiM1svPbjy9Gt4b2173loOnpKWEPupvSlu4F2R5wbtY_Q5s5i_UAO7YI8m33awv4-13Ddz-4NFs5o6gHVd2Z0DV2lDgNulVuIubIKVf3UHbpaO5R39cO86q2EBQvDneIjvlPe6IcO5dYD50fx3_6gKryPkVfwuvQTa1KzPz82YZ8ldWsBOwq1Mu1KzYVEfNGKF_SEOaS2hpmUpw756yxycRr629PBlMD-S0-wXLGwkxuUWZiK6fR9rEvf5XbEi7kmdeLEwHRKF3es-7xEIVNIwCrAGIeyvR6XJsFig7ZJCBQ1soJwMbx3_xQ1h1u6yDdP9xoWzO7UrjLfueINrng5c5-6tsaNAtEAVMW3L5dH_bX3Gb5I2RSmIkQHc2VG6WvI9J7fBZr3X1RSTZCbU-7EMUALdEMAYG1qkbAxs4YzEkqEIzLGRdexe5rqwqtNuV9_Gsv5AiHDqEpJgO8QOOeJzNL41_UAqoe3CAWZZaRalR_cCaGMGUZc6sXiCe2BlUj7O97KGGOrgDk4Eau-Cyj1MxUnjR4vJTPQhK8_pqDX_w==&nojs=0&ix=0&t=0&x=1600&y=1200&wcks=1&wgl=1&cnvs=1&os=0&md=0&bb=0&pl=Chrome%20PDF%20Plugin::Chrome%20PDF%20Viewer::Native%20Client&lang=en-US&pf=Linux%20x86_64&cd=24&0&pload=103
Requested by
Host: kneeansweras.com
URL: https://kneeansweras.com/submit.min.js?2.0
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
109.206.162.83 , Netherlands, ASN50245 (SERVEREL-AS, NL),
Reverse DNS
83.162.serverel.net
Software
nginx /
Resource Hash
472c572a1d7685eb5b9a86d57e88166005b6aaea563011b40de7c95670e7dd9a

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36
Accept-Language
nl-NL,nl;q=0.9

Response headers

server
nginx
date
Fri, 03 Dec 2021 16:22:59 GMT
content-type
text/html; charset=utf-8
vary
Accept-Encoding
content-encoding
gzip
timing-allow-origin
*
index.html
517s61.reminews.com/dannig/common-player-arrow/ 		6 KB
7 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://517s61.reminews.com/dannig/common-player-arrow/index.html?var=1541502&ymid=21120311226689d9d7a5744269b6f1fa52d9&rc=1&mrc=0&fsc=0&zoneid=1601571&tburl=https://play-vids.com/?geo=nl&proxy=true
Requested by
Host: kneeansweras.com
URL: https://kneeansweras.com/?r=dir&zoneid=1541502&var=1541501&pb=6483f6f3e4eefa151d81634c3582306d1638555779&psp=0Ln9Kl3HYKhC4JFmkAkXst9aGIVrstbOPYZ-k8Bd8MIbD1H4iBaAmCSuhyDUK_FJVCtMzjrUjFw759GZU0AurdgFD9HKlHJXgnWnVdEIU5V9_ZGuRee8mTD_o1PuHGUbWSVM1tCbwMFYiM1svPbjy9Gt4b2173loOnpKWEPupvSlu4F2R5wbtY_Q5s5i_UAO7YI8m33awv4-13Ddz-4NFs5o6gHVd2Z0DV2lDgNulVuIubIKVf3UHbpaO5R39cO86q2EBQvDneIjvlPe6IcO5dYD50fx3_6gKryPkVfwuvQTa1KzPz82YZ8ldWsBOwq1Mu1KzYVEfNGKF_SEOaS2hpmUpw756yxycRr629PBlMD-S0-wXLGwkxuUWZiK6fR9rEvf5XbEi7kmdeLEwHRKF3es-7xEIVNIwCrAGIeyvR6XJsFig7ZJCBQ1soJwMbx3_xQ1h1u6yDdP9xoWzO7UrjLfueINrng5c5-6tsaNAtEAVMW3L5dH_bX3Gb5I2RSmIkQHc2VG6WvI9J7fBZr3X1RSTZCbU-7EMUALdEMAYG1qkbAxs4YzEkqEIzLGRdexe5rqwqtNuV9_Gsv5AiHDqEpJgO8QOOeJzNL41_UAqoe3CAWZZaRalR_cCaGMGUZc6sXiCe2BlUj7O97KGGOrgDk4Eau-Cyj1MxUnjR4vJTPQhK8_pqDX_w==&nojs=0&ix=0&t=0&x=1600&y=1200&wcks=1&wgl=1&cnvs=1&os=0&md=0&bb=0&pl=Chrome%20PDF%20Plugin::Chrome%20PDF%20Viewer::Native%20Client&lang=en-US&pf=Linux%20x86_64&cd=24&0&pload=103
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
45.133.44.3 Philadelphia, United States, ASN39572 (ADVANCEDHOSTERS-AS, NL),
Reverse DNS
Software
nginx/1.18.0 /
Resource Hash
dccc56b4834577790633f041a5c730b0f283352e63c8509a9da3961b170b6f96

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36
Accept-Language
nl-NL,nl;q=0.9

Response headers

date
Fri, 03 Dec 2021 16:22:59 GMT
content-type
text/html; charset=utf-8
content-length
6611
server
nginx/1.18.0
last-modified
Tue, 26 Oct 2021 15:52:40 GMT
etag
f46a63e0e4e733d7ddc6f46da00863bf
x-timestamp
1635263559.76455
x-trans-id
txf9973ab5455e4f86ae257-00617824f3
x-openstack-request-id
txf9973ab5455e4f86ae257-00617824f3
cache-control
max-age=172800
access-control-allow-origin
*
access-control-allow-methods
HEAD,GET,POST,PUT,PATCH,DELETE,OPTIONS
access-control-allow-headers
Content-Type,X-Requested-With,X-Auth-Token,X-Openstack-Request-Id,X-Container-Meta-type,X-Container-Meta-Temp-URL-Key,Authorization
access-control-expose-headers
X-Container-Meta-Temp-Url-Key,X-Container-Bytes-Used,Last-Modified,X-Timestamp
expires
Sun, 05 Dec 2021 16:22:59 GMT
vary
Accept-Encoding
x-proxy-cache
HIT
accept-ranges
bytes
dupa.gif
kneeansweras.com/ 		0
0
script.js
123.selornews.com/dannig/common-player-arrow/ 		4 KB
5 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://123.selornews.com/dannig/common-player-arrow/script.js?a=19
Requested by
Host: 517s61.reminews.com
URL: https://517s61.reminews.com/dannig/common-player-arrow/index.html?var=1541502&ymid=21120311226689d9d7a5744269b6f1fa52d9&rc=1&mrc=0&fsc=0&zoneid=1601571&tburl=https://play-vids.com/?geo=nl&proxy=true
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
45.133.44.4 Philadelphia, United States, ASN39572 (ADVANCEDHOSTERS-AS, NL),
Reverse DNS
Software
nginx/1.18.0 /
Resource Hash
4d23eca65ee87fd5bce9aaefc863c5f836ad13dbb3069c72533bddfe2054d0d9

Request headers

Accept-Language
nl-NL,nl;q=0.9
Referer
https://517s61.reminews.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date
Fri, 03 Dec 2021 16:22:59 GMT
x-openstack-request-id
tx511d3042704c4fa98c709-00617824f4
x-trans-id
tx511d3042704c4fa98c709-00617824f4
x-timestamp
1631013005.68768
accept-ranges
bytes
expires
Sun, 05 Dec 2021 16:22:59 GMT
last-modified
Tue, 07 Sep 2021 11:10:06 GMT
server
nginx/1.18.0
etag
9d479878f1dadd7ee15cebf73891e8ae
vary
Accept-Encoding
access-control-allow-methods
HEAD,GET,POST,PUT,PATCH,DELETE,OPTIONS
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
access-control-expose-headers
X-Container-Meta-Temp-Url-Key,X-Container-Bytes-Used,Last-Modified,X-Timestamp
cache-control
max-age=172800
content-length
4281
access-control-allow-headers
Content-Type,X-Requested-With,X-Auth-Token,X-Openstack-Request-Id,X-Container-Meta-type,X-Container-Meta-Temp-URL-Key,Authorization
x-proxy-cache
HIT
icon1.png
123.selornews.com/dannig/common-player-arrow/img/ 		7 KB
8 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://123.selornews.com/dannig/common-player-arrow/img/icon1.png
Requested by
Host: 517s61.reminews.com
URL: https://517s61.reminews.com/dannig/common-player-arrow/index.html?var=1541502&ymid=21120311226689d9d7a5744269b6f1fa52d9&rc=1&mrc=0&fsc=0&zoneid=1601571&tburl=https://play-vids.com/?geo=nl&proxy=true
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
45.133.44.4 Philadelphia, United States, ASN39572 (ADVANCEDHOSTERS-AS, NL),
Reverse DNS
Software
nginx/1.18.0 /
Resource Hash

Request headers

Accept-Language
nl-NL,nl;q=0.9
Referer
https://517s61.reminews.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date
Fri, 03 Dec 2021 16:22:59 GMT
x-openstack-request-id
tx3a371b7f911d47879e956-00617824f4
x-trans-id
tx3a371b7f911d47879e956-00617824f4
x-timestamp
1621260766.56573
accept-ranges
bytes
expires
Sun, 05 Dec 2021 16:22:59 GMT
last-modified
Mon, 17 May 2021 14:12:47 GMT
server
nginx/1.18.0
etag
3d0ab5834c8bf7134e4d21fa3288317f
vary
Accept-Encoding
access-control-allow-methods
HEAD,GET,POST,PUT,PATCH,DELETE,OPTIONS
content-type
image/png
access-control-allow-origin
*
access-control-expose-headers
X-Container-Meta-Temp-Url-Key,X-Container-Bytes-Used,Last-Modified,X-Timestamp
cache-control
max-age=172800
content-length
7252
access-control-allow-headers
Content-Type,X-Requested-With,X-Auth-Token,X-Openstack-Request-Id,X-Container-Meta-type,X-Container-Meta-Temp-URL-Key,Authorization
x-proxy-cache
HIT
icon2.png
123.selornews.com/dannig/common-player-arrow/img/ 		4 KB
5 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://123.selornews.com/dannig/common-player-arrow/img/icon2.png
Requested by
Host: 517s61.reminews.com
URL: https://517s61.reminews.com/dannig/common-player-arrow/index.html?var=1541502&ymid=21120311226689d9d7a5744269b6f1fa52d9&rc=1&mrc=0&fsc=0&zoneid=1601571&tburl=https://play-vids.com/?geo=nl&proxy=true
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
45.133.44.4 Philadelphia, United States, ASN39572 (ADVANCEDHOSTERS-AS, NL),
Reverse DNS
Software
nginx/1.18.0 /
Resource Hash

Request headers

Accept-Language
nl-NL,nl;q=0.9
Referer
https://517s61.reminews.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date
Fri, 03 Dec 2021 16:22:59 GMT
x-openstack-request-id
txa9b08c83d6884e2e94886-00617824f0
x-trans-id
txa9b08c83d6884e2e94886-00617824f0
x-timestamp
1621260766.58366
accept-ranges
bytes
expires
Sun, 05 Dec 2021 16:22:59 GMT
last-modified
Mon, 17 May 2021 14:12:47 GMT
server
nginx/1.18.0
etag
c947d439eb93367f1af5b2a3d222f057
vary
Accept-Encoding
access-control-allow-methods
HEAD,GET,POST,PUT,PATCH,DELETE,OPTIONS
content-type
image/png
access-control-allow-origin
*
access-control-expose-headers
X-Container-Meta-Temp-Url-Key,X-Container-Bytes-Used,Last-Modified,X-Timestamp
cache-control
max-age=172800
content-length
4576
access-control-allow-headers
Content-Type,X-Requested-With,X-Auth-Token,X-Openstack-Request-Id,X-Container-Meta-type,X-Container-Meta-Temp-URL-Key,Authorization
x-proxy-cache
HIT
icon3.png
123.selornews.com/dannig/common-player-arrow/img/ 		8 KB
8 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://123.selornews.com/dannig/common-player-arrow/img/icon3.png
Requested by
Host: 517s61.reminews.com
URL: https://517s61.reminews.com/dannig/common-player-arrow/index.html?var=1541502&ymid=21120311226689d9d7a5744269b6f1fa52d9&rc=1&mrc=0&fsc=0&zoneid=1601571&tburl=https://play-vids.com/?geo=nl&proxy=true
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
45.133.44.4 Philadelphia, United States, ASN39572 (ADVANCEDHOSTERS-AS, NL),
Reverse DNS
Software
nginx/1.18.0 /
Resource Hash

Request headers

Accept-Language
nl-NL,nl;q=0.9
Referer
https://517s61.reminews.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date
Fri, 03 Dec 2021 16:22:59 GMT
x-openstack-request-id
txe836bc800dc74cab8c17e-00617824f0
x-trans-id
txe836bc800dc74cab8c17e-00617824f0
x-timestamp
1621260770.61859
accept-ranges
bytes
expires
Sun, 05 Dec 2021 16:22:59 GMT
last-modified
Mon, 17 May 2021 14:12:51 GMT
server
nginx/1.18.0
etag
8f3cc830da0b1fdf66bda7d1d734747b
vary
Accept-Encoding
access-control-allow-methods
HEAD,GET,POST,PUT,PATCH,DELETE,OPTIONS
content-type
image/png
access-control-allow-origin
*
access-control-expose-headers
X-Container-Meta-Temp-Url-Key,X-Container-Bytes-Used,Last-Modified,X-Timestamp
cache-control
max-age=172800
content-length
7847
access-control-allow-headers
Content-Type,X-Requested-With,X-Auth-Token,X-Openstack-Request-Id,X-Container-Meta-type,X-Container-Meta-Temp-URL-Key,Authorization
x-proxy-cache
HIT
icon4.png
123.selornews.com/dannig/common-player-arrow/img/ 		7 KB
7 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://123.selornews.com/dannig/common-player-arrow/img/icon4.png
Requested by
Host: 517s61.reminews.com
URL: https://517s61.reminews.com/dannig/common-player-arrow/index.html?var=1541502&ymid=21120311226689d9d7a5744269b6f1fa52d9&rc=1&mrc=0&fsc=0&zoneid=1601571&tburl=https://play-vids.com/?geo=nl&proxy=true
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
45.133.44.4 Philadelphia, United States, ASN39572 (ADVANCEDHOSTERS-AS, NL),
Reverse DNS
Software
nginx/1.18.0 /
Resource Hash

Request headers

Accept-Language
nl-NL,nl;q=0.9
Referer
https://517s61.reminews.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date
Fri, 03 Dec 2021 16:22:59 GMT
x-openstack-request-id
tx15b172dcb6084849bf123-00617824f0
x-trans-id
tx15b172dcb6084849bf123-00617824f0
x-timestamp
1621260766.57654
accept-ranges
bytes
expires
Sun, 05 Dec 2021 16:22:59 GMT
last-modified
Mon, 17 May 2021 14:12:47 GMT
server
nginx/1.18.0
etag
7ad7f32c1c0df7b4975cc41bda4ac435
vary
Accept-Encoding
access-control-allow-methods
HEAD,GET,POST,PUT,PATCH,DELETE,OPTIONS
content-type
image/png
access-control-allow-origin
*
access-control-expose-headers
X-Container-Meta-Temp-Url-Key,X-Container-Bytes-Used,Last-Modified,X-Timestamp
cache-control
max-age=172800
content-length
7032
access-control-allow-headers
Content-Type,X-Requested-With,X-Auth-Token,X-Openstack-Request-Id,X-Container-Meta-type,X-Container-Meta-Temp-URL-Key,Authorization
x-proxy-cache
HIT
icon5.png
123.selornews.com/dannig/common-player-arrow/img/ 		3 KB
4 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://123.selornews.com/dannig/common-player-arrow/img/icon5.png
Requested by
Host: 517s61.reminews.com
URL: https://517s61.reminews.com/dannig/common-player-arrow/index.html?var=1541502&ymid=21120311226689d9d7a5744269b6f1fa52d9&rc=1&mrc=0&fsc=0&zoneid=1601571&tburl=https://play-vids.com/?geo=nl&proxy=true
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
45.133.44.4 Philadelphia, United States, ASN39572 (ADVANCEDHOSTERS-AS, NL),
Reverse DNS
Software
nginx/1.18.0 /
Resource Hash

Request headers

Accept-Language
nl-NL,nl;q=0.9
Referer
https://517s61.reminews.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date
Fri, 03 Dec 2021 16:22:59 GMT
x-openstack-request-id
txb5043e51fe2e4d6988631-00617824f0
x-trans-id
txb5043e51fe2e4d6988631-00617824f0
x-timestamp
1621260766.74516
accept-ranges
bytes
expires
Sun, 05 Dec 2021 16:22:59 GMT
last-modified
Mon, 17 May 2021 14:12:47 GMT
server
nginx/1.18.0
etag
1e1a7582b5da63e10485d63f97abc9a0
vary
Accept-Encoding
access-control-allow-methods
HEAD,GET,POST,PUT,PATCH,DELETE,OPTIONS
content-type
image/png
access-control-allow-origin
*
access-control-expose-headers
X-Container-Meta-Temp-Url-Key,X-Container-Bytes-Used,Last-Modified,X-Timestamp
cache-control
max-age=172800
content-length
3264
access-control-allow-headers
Content-Type,X-Requested-With,X-Auth-Token,X-Openstack-Request-Id,X-Container-Meta-type,X-Container-Meta-Temp-URL-Key,Authorization
x-proxy-cache
HIT
icon7.png
123.selornews.com/dannig/common-player-arrow/img/ 		3 KB
4 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://123.selornews.com/dannig/common-player-arrow/img/icon7.png
Requested by
Host: 517s61.reminews.com
URL: https://517s61.reminews.com/dannig/common-player-arrow/index.html?var=1541502&ymid=21120311226689d9d7a5744269b6f1fa52d9&rc=1&mrc=0&fsc=0&zoneid=1601571&tburl=https://play-vids.com/?geo=nl&proxy=true
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
45.133.44.4 Philadelphia, United States, ASN39572 (ADVANCEDHOSTERS-AS, NL),
Reverse DNS
Software
nginx/1.18.0 /
Resource Hash

Request headers

Accept-Language
nl-NL,nl;q=0.9
Referer
https://517s61.reminews.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date
Fri, 03 Dec 2021 16:22:59 GMT
x-openstack-request-id
tx23eb648f44094a9e86fdc-00617824f0
x-trans-id
tx23eb648f44094a9e86fdc-00617824f0
x-timestamp
1621260767.43555
accept-ranges
bytes
expires
Sun, 05 Dec 2021 16:22:59 GMT
last-modified
Mon, 17 May 2021 14:12:48 GMT
server
nginx/1.18.0
etag
b512735542cb07b3b2dcf153a7dfe456
vary
Accept-Encoding
access-control-allow-methods
HEAD,GET,POST,PUT,PATCH,DELETE,OPTIONS
content-type
image/png
access-control-allow-origin
*
access-control-expose-headers
X-Container-Meta-Temp-Url-Key,X-Container-Bytes-Used,Last-Modified,X-Timestamp
cache-control
max-age=172800
content-length
3283
access-control-allow-headers
Content-Type,X-Requested-With,X-Auth-Token,X-Openstack-Request-Id,X-Container-Meta-type,X-Container-Meta-Temp-URL-Key,Authorization
x-proxy-cache
HIT
icon8.png
123.selornews.com/dannig/common-player-arrow/img/ 		4 KB
5 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://123.selornews.com/dannig/common-player-arrow/img/icon8.png
Requested by
Host: 517s61.reminews.com
URL: https://517s61.reminews.com/dannig/common-player-arrow/index.html?var=1541502&ymid=21120311226689d9d7a5744269b6f1fa52d9&rc=1&mrc=0&fsc=0&zoneid=1601571&tburl=https://play-vids.com/?geo=nl&proxy=true
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
45.133.44.4 Philadelphia, United States, ASN39572 (ADVANCEDHOSTERS-AS, NL),
Reverse DNS
Software
nginx/1.18.0 /
Resource Hash

Request headers

Accept-Language
nl-NL,nl;q=0.9
Referer
https://517s61.reminews.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date
Fri, 03 Dec 2021 16:22:59 GMT
x-openstack-request-id
tx287de7c84de84b77b385d-00617824f0
x-trans-id
tx287de7c84de84b77b385d-00617824f0
x-timestamp
1621260767.46514
accept-ranges
bytes
expires
Sun, 05 Dec 2021 16:22:59 GMT
last-modified
Mon, 17 May 2021 14:12:48 GMT
server
nginx/1.18.0
etag
f92d6474ebc6a3a0b576749cfb4afe98
vary
Accept-Encoding
access-control-allow-methods
HEAD,GET,POST,PUT,PATCH,DELETE,OPTIONS
content-type
image/png
access-control-allow-origin
*
access-control-expose-headers
X-Container-Meta-Temp-Url-Key,X-Container-Bytes-Used,Last-Modified,X-Timestamp
cache-control
max-age=172800
content-length
4064
access-control-allow-headers
Content-Type,X-Requested-With,X-Auth-Token,X-Openstack-Request-Id,X-Container-Meta-type,X-Container-Meta-Temp-URL-Key,Authorization
x-proxy-cache
HIT
afu.php
kneeansweras.com/ 		2 KB
1 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://kneeansweras.com/afu.php?zoneid=1541501&var=1541502
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
109.206.162.83 , Netherlands, ASN50245 (SERVEREL-AS, NL),
Reverse DNS
83.162.serverel.net
Software
nginx /
Resource Hash
bd3468114b49889f85003b52b024c6aa4218a2f84072205a2b8e15b1105c7c30

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36
Accept-Language
nl-NL,nl;q=0.9

Response headers

server
nginx
date
Fri, 03 Dec 2021 16:22:59 GMT
content-type
text/html; charset=utf-8
vary
Accept-Encoding
content-encoding
gzip
timing-allow-origin
*
submit.min.js
kneeansweras.com/ 		34 KB
14 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://kneeansweras.com/submit.min.js?2.0
Requested by
Host: kneeansweras.com
URL: https://kneeansweras.com/afu.php?zoneid=1541501&var=1541502
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
109.206.162.83 , Netherlands, ASN50245 (SERVEREL-AS, NL),
Reverse DNS
83.162.serverel.net
Software
nginx /
Resource Hash
85a367f436675a0f9ff723ab117c68ab0f704cd9f183bc40c8d5e06d647832b8

Request headers

Accept-Language
nl-NL,nl;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date
Fri, 03 Dec 2021 16:22:59 GMT
content-encoding
gzip
last-modified
Thu, 02 Dec 2021 12:43:17 GMT
server
nginx
etag
W/"61a8bf65-87fb"
vary
Accept-Encoding
content-type
application/javascript
timing-allow-origin
*
/
kneeansweras.com/ 		3 KB
2 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://kneeansweras.com/?r=dir&zoneid=1541501&var=1541502&pb=6483f6f3e4eefa151d81634c3582306d1638555779&psp=amdFlu78JsPJEwYzB1aSq7M1vdB4TSyr4I5l8Qa_62k9yAmHk9iNoHsumPG_M1wddm6uTPWt3Mt7HJopo8_aL_dM2ohGl1weEhH1EAv0uu5Y93ohdop1RcJQc3iDlIubJvIMkyQEsnFjK70S54tJXgnyVyu4lYIIcRlzZD8SyVAf0zXVhU2nJkoZoMlKwYH_-vwF484TNST6rf-aK_xkQL-UtD2UMX8Zq9_5t3opemD0HfZcp3Wyztrl_Z4tF8RyyuA2i03PT1o8uiHvSuUvJ2kYaoYVlV_w8BCYRRHOajIQDke8pQtzzQBIu8LiP4ATOd146pX5rXWsC_pNrwkehM-t8rSeobU3JvvIFbFpnHP1T9Te50wqCeypV4JWjhRXuPOYZ2B1upbyvfKKPZottJyfP0dktvOoy8YILCnWrsTKeXnSZbyEXQyk0nLE5-mkTr9SlOzbHRsxsew2FuvgW9bQDIdimjGVak0BNFt_twZHLyuC2wlHeoOt_m26-HhH5I89tgOvoDq1LlF1NgINheVoVTUB1NOQs5hAFjnskkhd9ToC_YURtSwkU7eZVaq1ZyjOieabnzJXN6-8X47bwmt6CI8qdjwWJ5q5xx2v19cyz_7LoMADTkU3MT7JUMnns7onmTHg_fkMXVvIMqXn3EaFON3-DkDAPkKlMwRUQ9L2EOiu6j6QgA==&nojs=0&ix=0&t=0&x=1600&y=1200&wcks=1&wgl=1&cnvs=1&os=0&md=0&bb=0&pl=Chrome%20PDF%20Plugin::Chrome%20PDF%20Viewer::Native%20Client&lang=en-US&pf=Linux%20x86_64&cd=24&0&pload=100
Requested by
Host: kneeansweras.com
URL: https://kneeansweras.com/submit.min.js?2.0
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
109.206.162.83 , Netherlands, ASN50245 (SERVEREL-AS, NL),
Reverse DNS
83.162.serverel.net
Software
nginx /
Resource Hash
27c289050e670e4daa036a97724cfbc1cbb944ed010587db25af8a6daf65a0fa

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36
Accept-Language
nl-NL,nl;q=0.9

Response headers

server
nginx
date
Fri, 03 Dec 2021 16:22:59 GMT
content-type
text/html; charset=utf-8
vary
Accept-Encoding
content-encoding
gzip
timing-allow-origin
*
index.html
517s61.reminews.com/dannig/common-player-arrow/ 		6 KB
7 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://517s61.reminews.com/dannig/common-player-arrow/index.html?var=1541501&ymid=21120311226ee94b0332af48138ff8f9ee95&rc=1&mrc=0&fsc=0&zoneid=1601571&tburl=https://play-vids.com/?geo=nl&proxy=true
Requested by
Host: kneeansweras.com
URL: https://kneeansweras.com/?r=dir&zoneid=1541501&var=1541502&pb=6483f6f3e4eefa151d81634c3582306d1638555779&psp=amdFlu78JsPJEwYzB1aSq7M1vdB4TSyr4I5l8Qa_62k9yAmHk9iNoHsumPG_M1wddm6uTPWt3Mt7HJopo8_aL_dM2ohGl1weEhH1EAv0uu5Y93ohdop1RcJQc3iDlIubJvIMkyQEsnFjK70S54tJXgnyVyu4lYIIcRlzZD8SyVAf0zXVhU2nJkoZoMlKwYH_-vwF484TNST6rf-aK_xkQL-UtD2UMX8Zq9_5t3opemD0HfZcp3Wyztrl_Z4tF8RyyuA2i03PT1o8uiHvSuUvJ2kYaoYVlV_w8BCYRRHOajIQDke8pQtzzQBIu8LiP4ATOd146pX5rXWsC_pNrwkehM-t8rSeobU3JvvIFbFpnHP1T9Te50wqCeypV4JWjhRXuPOYZ2B1upbyvfKKPZottJyfP0dktvOoy8YILCnWrsTKeXnSZbyEXQyk0nLE5-mkTr9SlOzbHRsxsew2FuvgW9bQDIdimjGVak0BNFt_twZHLyuC2wlHeoOt_m26-HhH5I89tgOvoDq1LlF1NgINheVoVTUB1NOQs5hAFjnskkhd9ToC_YURtSwkU7eZVaq1ZyjOieabnzJXN6-8X47bwmt6CI8qdjwWJ5q5xx2v19cyz_7LoMADTkU3MT7JUMnns7onmTHg_fkMXVvIMqXn3EaFON3-DkDAPkKlMwRUQ9L2EOiu6j6QgA==&nojs=0&ix=0&t=0&x=1600&y=1200&wcks=1&wgl=1&cnvs=1&os=0&md=0&bb=0&pl=Chrome%20PDF%20Plugin::Chrome%20PDF%20Viewer::Native%20Client&lang=en-US&pf=Linux%20x86_64&cd=24&0&pload=100
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
45.133.44.3 Philadelphia, United States, ASN39572 (ADVANCEDHOSTERS-AS, NL),
Reverse DNS
Software
nginx/1.18.0 /
Resource Hash
dccc56b4834577790633f041a5c730b0f283352e63c8509a9da3961b170b6f96

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36
Accept-Language
nl-NL,nl;q=0.9

Response headers

date
Fri, 03 Dec 2021 16:23:00 GMT
content-type
text/html; charset=utf-8
content-length
6611
server
nginx/1.18.0
last-modified
Tue, 26 Oct 2021 15:52:40 GMT
etag
f46a63e0e4e733d7ddc6f46da00863bf
x-timestamp
1635263559.76455
x-trans-id
txf9973ab5455e4f86ae257-00617824f3
x-openstack-request-id
txf9973ab5455e4f86ae257-00617824f3
cache-control
max-age=172800
access-control-allow-origin
*
access-control-allow-methods
HEAD,GET,POST,PUT,PATCH,DELETE,OPTIONS
access-control-allow-headers
Content-Type,X-Requested-With,X-Auth-Token,X-Openstack-Request-Id,X-Container-Meta-type,X-Container-Meta-Temp-URL-Key,Authorization
access-control-expose-headers
X-Container-Meta-Temp-Url-Key,X-Container-Bytes-Used,Last-Modified,X-Timestamp
expires
Sun, 05 Dec 2021 16:23:00 GMT
vary
Accept-Encoding
x-proxy-cache
HIT
accept-ranges
bytes
dupa.gif
kneeansweras.com/ 		0
0
script.js
123.selornews.com/dannig/common-player-arrow/ 		4 KB
5 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://123.selornews.com/dannig/common-player-arrow/script.js?a=19
Requested by
Host: 517s61.reminews.com
URL: https://517s61.reminews.com/dannig/common-player-arrow/index.html?var=1541501&ymid=21120311226ee94b0332af48138ff8f9ee95&rc=1&mrc=0&fsc=0&zoneid=1601571&tburl=https://play-vids.com/?geo=nl&proxy=true
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
45.133.44.4 Philadelphia, United States, ASN39572 (ADVANCEDHOSTERS-AS, NL),
Reverse DNS
Software
nginx/1.18.0 /
Resource Hash
4d23eca65ee87fd5bce9aaefc863c5f836ad13dbb3069c72533bddfe2054d0d9

Request headers

Accept-Language
nl-NL,nl;q=0.9
Referer
https://517s61.reminews.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date
Fri, 03 Dec 2021 16:23:00 GMT
x-openstack-request-id
tx511d3042704c4fa98c709-00617824f4
x-trans-id
tx511d3042704c4fa98c709-00617824f4
x-timestamp
1631013005.68768
accept-ranges
bytes
expires
Sun, 05 Dec 2021 16:23:00 GMT
last-modified
Tue, 07 Sep 2021 11:10:06 GMT
server
nginx/1.18.0
etag
9d479878f1dadd7ee15cebf73891e8ae
vary
Accept-Encoding
access-control-allow-methods
HEAD,GET,POST,PUT,PATCH,DELETE,OPTIONS
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
access-control-expose-headers
X-Container-Meta-Temp-Url-Key,X-Container-Bytes-Used,Last-Modified,X-Timestamp
cache-control
max-age=172800
content-length
4281
access-control-allow-headers
Content-Type,X-Requested-With,X-Auth-Token,X-Openstack-Request-Id,X-Container-Meta-type,X-Container-Meta-Temp-URL-Key,Authorization
x-proxy-cache
HIT
icon1.png
123.selornews.com/dannig/common-player-arrow/img/ 		7 KB
8 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://123.selornews.com/dannig/common-player-arrow/img/icon1.png
Requested by
Host: 517s61.reminews.com
URL: https://517s61.reminews.com/dannig/common-player-arrow/index.html?var=1541501&ymid=21120311226ee94b0332af48138ff8f9ee95&rc=1&mrc=0&fsc=0&zoneid=1601571&tburl=https://play-vids.com/?geo=nl&proxy=true
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
45.133.44.4 Philadelphia, United States, ASN39572 (ADVANCEDHOSTERS-AS, NL),
Reverse DNS
Software
nginx/1.18.0 /
Resource Hash

Request headers

Accept-Language
nl-NL,nl;q=0.9
Referer
https://517s61.reminews.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date
Fri, 03 Dec 2021 16:23:00 GMT
x-openstack-request-id
tx3a371b7f911d47879e956-00617824f4
x-trans-id
tx3a371b7f911d47879e956-00617824f4
x-timestamp
1621260766.56573
accept-ranges
bytes
expires
Sun, 05 Dec 2021 16:23:00 GMT
last-modified
Mon, 17 May 2021 14:12:47 GMT
server
nginx/1.18.0
etag
3d0ab5834c8bf7134e4d21fa3288317f
vary
Accept-Encoding
access-control-allow-methods
HEAD,GET,POST,PUT,PATCH,DELETE,OPTIONS
content-type
image/png
access-control-allow-origin
*
access-control-expose-headers
X-Container-Meta-Temp-Url-Key,X-Container-Bytes-Used,Last-Modified,X-Timestamp
cache-control
max-age=172800
content-length
7252
access-control-allow-headers
Content-Type,X-Requested-With,X-Auth-Token,X-Openstack-Request-Id,X-Container-Meta-type,X-Container-Meta-Temp-URL-Key,Authorization
x-proxy-cache
HIT
icon2.png
123.selornews.com/dannig/common-player-arrow/img/ 		4 KB
5 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://123.selornews.com/dannig/common-player-arrow/img/icon2.png
Requested by
Host: 517s61.reminews.com
URL: https://517s61.reminews.com/dannig/common-player-arrow/index.html?var=1541501&ymid=21120311226ee94b0332af48138ff8f9ee95&rc=1&mrc=0&fsc=0&zoneid=1601571&tburl=https://play-vids.com/?geo=nl&proxy=true
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
45.133.44.4 Philadelphia, United States, ASN39572 (ADVANCEDHOSTERS-AS, NL),
Reverse DNS
Software
nginx/1.18.0 /
Resource Hash

Request headers

Accept-Language
nl-NL,nl;q=0.9
Referer
https://517s61.reminews.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date
Fri, 03 Dec 2021 16:23:00 GMT
x-openstack-request-id
txa9b08c83d6884e2e94886-00617824f0
x-trans-id
txa9b08c83d6884e2e94886-00617824f0
x-timestamp
1621260766.58366
accept-ranges
bytes
expires
Sun, 05 Dec 2021 16:23:00 GMT
last-modified
Mon, 17 May 2021 14:12:47 GMT
server
nginx/1.18.0
etag
c947d439eb93367f1af5b2a3d222f057
vary
Accept-Encoding
access-control-allow-methods
HEAD,GET,POST,PUT,PATCH,DELETE,OPTIONS
content-type
image/png
access-control-allow-origin
*
access-control-expose-headers
X-Container-Meta-Temp-Url-Key,X-Container-Bytes-Used,Last-Modified,X-Timestamp
cache-control
max-age=172800
content-length
4576
access-control-allow-headers
Content-Type,X-Requested-With,X-Auth-Token,X-Openstack-Request-Id,X-Container-Meta-type,X-Container-Meta-Temp-URL-Key,Authorization
x-proxy-cache
HIT
icon3.png
123.selornews.com/dannig/common-player-arrow/img/ 		8 KB
8 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://123.selornews.com/dannig/common-player-arrow/img/icon3.png
Requested by
Host: 517s61.reminews.com
URL: https://517s61.reminews.com/dannig/common-player-arrow/index.html?var=1541501&ymid=21120311226ee94b0332af48138ff8f9ee95&rc=1&mrc=0&fsc=0&zoneid=1601571&tburl=https://play-vids.com/?geo=nl&proxy=true
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
45.133.44.4 Philadelphia, United States, ASN39572 (ADVANCEDHOSTERS-AS, NL),
Reverse DNS
Software
nginx/1.18.0 /
Resource Hash

Request headers

Accept-Language
nl-NL,nl;q=0.9
Referer
https://517s61.reminews.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date
Fri, 03 Dec 2021 16:23:00 GMT
x-openstack-request-id
txe836bc800dc74cab8c17e-00617824f0
x-trans-id
txe836bc800dc74cab8c17e-00617824f0
x-timestamp
1621260770.61859
accept-ranges
bytes
expires
Sun, 05 Dec 2021 16:23:00 GMT
last-modified
Mon, 17 May 2021 14:12:51 GMT
server
nginx/1.18.0
etag
8f3cc830da0b1fdf66bda7d1d734747b
vary
Accept-Encoding
access-control-allow-methods
HEAD,GET,POST,PUT,PATCH,DELETE,OPTIONS
content-type
image/png
access-control-allow-origin
*
access-control-expose-headers
X-Container-Meta-Temp-Url-Key,X-Container-Bytes-Used,Last-Modified,X-Timestamp
cache-control
max-age=172800
content-length
7847
access-control-allow-headers
Content-Type,X-Requested-With,X-Auth-Token,X-Openstack-Request-Id,X-Container-Meta-type,X-Container-Meta-Temp-URL-Key,Authorization
x-proxy-cache
HIT
icon4.png
123.selornews.com/dannig/common-player-arrow/img/ 		7 KB
7 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://123.selornews.com/dannig/common-player-arrow/img/icon4.png
Requested by
Host: 517s61.reminews.com
URL: https://517s61.reminews.com/dannig/common-player-arrow/index.html?var=1541501&ymid=21120311226ee94b0332af48138ff8f9ee95&rc=1&mrc=0&fsc=0&zoneid=1601571&tburl=https://play-vids.com/?geo=nl&proxy=true
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
45.133.44.4 Philadelphia, United States, ASN39572 (ADVANCEDHOSTERS-AS, NL),
Reverse DNS
Software
nginx/1.18.0 /
Resource Hash

Request headers

Accept-Language
nl-NL,nl;q=0.9
Referer
https://517s61.reminews.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date
Fri, 03 Dec 2021 16:23:00 GMT
x-openstack-request-id
tx15b172dcb6084849bf123-00617824f0
x-trans-id
tx15b172dcb6084849bf123-00617824f0
x-timestamp
1621260766.57654
accept-ranges
bytes
expires
Sun, 05 Dec 2021 16:23:00 GMT
last-modified
Mon, 17 May 2021 14:12:47 GMT
server
nginx/1.18.0
etag
7ad7f32c1c0df7b4975cc41bda4ac435
vary
Accept-Encoding
access-control-allow-methods
HEAD,GET,POST,PUT,PATCH,DELETE,OPTIONS
content-type
image/png
access-control-allow-origin
*
access-control-expose-headers
X-Container-Meta-Temp-Url-Key,X-Container-Bytes-Used,Last-Modified,X-Timestamp
cache-control
max-age=172800
content-length
7032
access-control-allow-headers
Content-Type,X-Requested-With,X-Auth-Token,X-Openstack-Request-Id,X-Container-Meta-type,X-Container-Meta-Temp-URL-Key,Authorization
x-proxy-cache
HIT
icon5.png
123.selornews.com/dannig/common-player-arrow/img/ 		3 KB
4 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://123.selornews.com/dannig/common-player-arrow/img/icon5.png
Requested by
Host: 517s61.reminews.com
URL: https://517s61.reminews.com/dannig/common-player-arrow/index.html?var=1541501&ymid=21120311226ee94b0332af48138ff8f9ee95&rc=1&mrc=0&fsc=0&zoneid=1601571&tburl=https://play-vids.com/?geo=nl&proxy=true
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
45.133.44.4 Philadelphia, United States, ASN39572 (ADVANCEDHOSTERS-AS, NL),
Reverse DNS
Software
nginx/1.18.0 /
Resource Hash

Request headers

Accept-Language
nl-NL,nl;q=0.9
Referer
https://517s61.reminews.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date
Fri, 03 Dec 2021 16:23:00 GMT
x-openstack-request-id
txb5043e51fe2e4d6988631-00617824f0
x-trans-id
txb5043e51fe2e4d6988631-00617824f0
x-timestamp
1621260766.74516
accept-ranges
bytes
expires
Sun, 05 Dec 2021 16:23:00 GMT
last-modified
Mon, 17 May 2021 14:12:47 GMT
server
nginx/1.18.0
etag
1e1a7582b5da63e10485d63f97abc9a0
vary
Accept-Encoding
access-control-allow-methods
HEAD,GET,POST,PUT,PATCH,DELETE,OPTIONS
content-type
image/png
access-control-allow-origin
*
access-control-expose-headers
X-Container-Meta-Temp-Url-Key,X-Container-Bytes-Used,Last-Modified,X-Timestamp
cache-control
max-age=172800
content-length
3264
access-control-allow-headers
Content-Type,X-Requested-With,X-Auth-Token,X-Openstack-Request-Id,X-Container-Meta-type,X-Container-Meta-Temp-URL-Key,Authorization
x-proxy-cache
HIT
icon7.png
123.selornews.com/dannig/common-player-arrow/img/ 		3 KB
4 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://123.selornews.com/dannig/common-player-arrow/img/icon7.png
Requested by
Host: 517s61.reminews.com
URL: https://517s61.reminews.com/dannig/common-player-arrow/index.html?var=1541501&ymid=21120311226ee94b0332af48138ff8f9ee95&rc=1&mrc=0&fsc=0&zoneid=1601571&tburl=https://play-vids.com/?geo=nl&proxy=true
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
45.133.44.4 Philadelphia, United States, ASN39572 (ADVANCEDHOSTERS-AS, NL),
Reverse DNS
Software
nginx/1.18.0 /
Resource Hash

Request headers

Accept-Language
nl-NL,nl;q=0.9
Referer
https://517s61.reminews.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date
Fri, 03 Dec 2021 16:23:00 GMT
x-openstack-request-id
tx23eb648f44094a9e86fdc-00617824f0
x-trans-id
tx23eb648f44094a9e86fdc-00617824f0
x-timestamp
1621260767.43555
accept-ranges
bytes
expires
Sun, 05 Dec 2021 16:23:00 GMT
last-modified
Mon, 17 May 2021 14:12:48 GMT
server
nginx/1.18.0
etag
b512735542cb07b3b2dcf153a7dfe456
vary
Accept-Encoding
access-control-allow-methods
HEAD,GET,POST,PUT,PATCH,DELETE,OPTIONS
content-type
image/png
access-control-allow-origin
*
access-control-expose-headers
X-Container-Meta-Temp-Url-Key,X-Container-Bytes-Used,Last-Modified,X-Timestamp
cache-control
max-age=172800
content-length
3283
access-control-allow-headers
Content-Type,X-Requested-With,X-Auth-Token,X-Openstack-Request-Id,X-Container-Meta-type,X-Container-Meta-Temp-URL-Key,Authorization
x-proxy-cache
HIT
icon8.png
123.selornews.com/dannig/common-player-arrow/img/ 		4 KB
5 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://123.selornews.com/dannig/common-player-arrow/img/icon8.png
Requested by
Host: 517s61.reminews.com
URL: https://517s61.reminews.com/dannig/common-player-arrow/index.html?var=1541501&ymid=21120311226ee94b0332af48138ff8f9ee95&rc=1&mrc=0&fsc=0&zoneid=1601571&tburl=https://play-vids.com/?geo=nl&proxy=true
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
45.133.44.4 Philadelphia, United States, ASN39572 (ADVANCEDHOSTERS-AS, NL),
Reverse DNS
Software
nginx/1.18.0 /
Resource Hash

Request headers

Accept-Language
nl-NL,nl;q=0.9
Referer
https://517s61.reminews.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date
Fri, 03 Dec 2021 16:23:00 GMT
x-openstack-request-id
tx287de7c84de84b77b385d-00617824f0
x-trans-id
tx287de7c84de84b77b385d-00617824f0
x-timestamp
1621260767.46514
accept-ranges
bytes
expires
Sun, 05 Dec 2021 16:23:00 GMT
last-modified
Mon, 17 May 2021 14:12:48 GMT
server
nginx/1.18.0
etag
f92d6474ebc6a3a0b576749cfb4afe98
vary
Accept-Encoding
access-control-allow-methods
HEAD,GET,POST,PUT,PATCH,DELETE,OPTIONS
content-type
image/png
access-control-allow-origin
*
access-control-expose-headers
X-Container-Meta-Temp-Url-Key,X-Container-Bytes-Used,Last-Modified,X-Timestamp
cache-control
max-age=172800
content-length
4064
access-control-allow-headers
Content-Type,X-Requested-With,X-Auth-Token,X-Openstack-Request-Id,X-Container-Meta-type,X-Container-Meta-Temp-URL-Key,Authorization
x-proxy-cache
HIT
afu.php
kneeansweras.com/ 		2 KB
1 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://kneeansweras.com/afu.php?zoneid=1541502&var=1541501
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
109.206.162.83 , Netherlands, ASN50245 (SERVEREL-AS, NL),
Reverse DNS
83.162.serverel.net
Software
nginx /
Resource Hash
54633c5237e67dd86ca61e49663944f035527b016cdaa8452e4724c39534d826

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36
Accept-Language
nl-NL,nl;q=0.9

Response headers

server
nginx
date
Fri, 03 Dec 2021 16:23:00 GMT
content-type
text/html; charset=utf-8
vary
Accept-Encoding
content-encoding
gzip
timing-allow-origin
*
submit.min.js
kneeansweras.com/ 		34 KB
14 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://kneeansweras.com/submit.min.js?2.0
Requested by
Host: kneeansweras.com
URL: https://kneeansweras.com/afu.php?zoneid=1541502&var=1541501
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
109.206.162.83 , Netherlands, ASN50245 (SERVEREL-AS, NL),
Reverse DNS
83.162.serverel.net
Software
nginx /
Resource Hash
85a367f436675a0f9ff723ab117c68ab0f704cd9f183bc40c8d5e06d647832b8

Request headers

Accept-Language
nl-NL,nl;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date
Fri, 03 Dec 2021 16:23:00 GMT
content-encoding
gzip
last-modified
Thu, 02 Dec 2021 12:43:17 GMT
server
nginx
etag
W/"61a8bf65-87fb"
vary
Accept-Encoding
content-type
application/javascript
timing-allow-origin
*
/
kneeansweras.com/ 		3 KB
2 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://kneeansweras.com/?r=dir&zoneid=1541502&var=1541501&pb=586c9fa88c368e30110ae9853b524f961638555780&psp=W3CBXbxw-VqEBkYqoL-p0WE-8Gqkn7F69URfGxVMmHyD7PgBpd__SzSj_ZvgTqt4ySLLAaKZoITslWuog4H2gONYBMC4eI55YJe2Lzlk3XBHGAA1qK5uMwFBuzX5PsHAR54PvJ_Avl3MCYSmH6qnq2YHTQQ6ipfZJjK2S6-gjvMepF4_0XjdS1gZjxqzbZftH1gJDCLsqjfw5CTbJlD7zeE5pxEKR7euoR8hO_2K7hpMAwTR3HWbWNmi40K-myRBeL1S9s2bfEQ_hSf3Cfu8Xxr6fdZL3IMNAM7Rnox9ZIT51znpUSI0R-fbgh5VaJ8DSqneuZ0ZgrN4C9V33TDuImoVU3g-W1KWHjH41-1XenT30UUvTWW1D2Pd55iw-eFNzx__wwO_ILEVdXZq0SqUtusVjnx4X3cepNS0IcTk8Q40qblL6zw7UhkmT8RJxijMX3Kav0ueanNgrA6mJACPnWdlPftK1NPrdEel34QXfmw-kwBq5x9CqL_U_DbApYlN8J6EZ2jN5wjHVGU0FHLV6TW76rjHEJPMQ40avIAFjnrUxuq9E-V8tSxZA_hQtJfiqc0xFroJSgelwdbV4-fqiBBghqMgWoCjZnyIxeaaJQlgMy-r6Zmb1mNCxmvN7Tc6pvLMAE_6QkEzuGfcBhna1lBOtGko-P9TxvtEOugCHuJjBY1cPuNWMw==&nojs=0&ix=0&t=0&x=1600&y=1200&wcks=1&wgl=1&cnvs=1&os=0&md=0&bb=0&pl=Chrome%20PDF%20Plugin::Chrome%20PDF%20Viewer::Native%20Client&lang=en-US&pf=Linux%20x86_64&cd=24&0&pload=117
Requested by
Host: kneeansweras.com
URL: https://kneeansweras.com/submit.min.js?2.0
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
109.206.162.83 , Netherlands, ASN50245 (SERVEREL-AS, NL),
Reverse DNS
83.162.serverel.net
Software
nginx /
Resource Hash
5743d98591cd36a67e463bd631161125baf9ea92f783c35eb01ad53db36e4110

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36
Accept-Language
nl-NL,nl;q=0.9

Response headers

server
nginx
date
Fri, 03 Dec 2021 16:23:00 GMT
content-type
text/html; charset=utf-8
vary
Accept-Encoding
content-encoding
gzip
timing-allow-origin
*
index.html
517s61.reminews.com/dannig/common-player-arrow/ 		6 KB
7 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://517s61.reminews.com/dannig/common-player-arrow/index.html?var=1541502&ymid=21120311238589a6fd114042f1a4051301e8&rc=1&mrc=0&fsc=0&zoneid=1601571&tburl=https://play-vids.com/?geo=nl&proxy=true
Requested by
Host: kneeansweras.com
URL: https://kneeansweras.com/?r=dir&zoneid=1541502&var=1541501&pb=586c9fa88c368e30110ae9853b524f961638555780&psp=W3CBXbxw-VqEBkYqoL-p0WE-8Gqkn7F69URfGxVMmHyD7PgBpd__SzSj_ZvgTqt4ySLLAaKZoITslWuog4H2gONYBMC4eI55YJe2Lzlk3XBHGAA1qK5uMwFBuzX5PsHAR54PvJ_Avl3MCYSmH6qnq2YHTQQ6ipfZJjK2S6-gjvMepF4_0XjdS1gZjxqzbZftH1gJDCLsqjfw5CTbJlD7zeE5pxEKR7euoR8hO_2K7hpMAwTR3HWbWNmi40K-myRBeL1S9s2bfEQ_hSf3Cfu8Xxr6fdZL3IMNAM7Rnox9ZIT51znpUSI0R-fbgh5VaJ8DSqneuZ0ZgrN4C9V33TDuImoVU3g-W1KWHjH41-1XenT30UUvTWW1D2Pd55iw-eFNzx__wwO_ILEVdXZq0SqUtusVjnx4X3cepNS0IcTk8Q40qblL6zw7UhkmT8RJxijMX3Kav0ueanNgrA6mJACPnWdlPftK1NPrdEel34QXfmw-kwBq5x9CqL_U_DbApYlN8J6EZ2jN5wjHVGU0FHLV6TW76rjHEJPMQ40avIAFjnrUxuq9E-V8tSxZA_hQtJfiqc0xFroJSgelwdbV4-fqiBBghqMgWoCjZnyIxeaaJQlgMy-r6Zmb1mNCxmvN7Tc6pvLMAE_6QkEzuGfcBhna1lBOtGko-P9TxvtEOugCHuJjBY1cPuNWMw==&nojs=0&ix=0&t=0&x=1600&y=1200&wcks=1&wgl=1&cnvs=1&os=0&md=0&bb=0&pl=Chrome%20PDF%20Plugin::Chrome%20PDF%20Viewer::Native%20Client&lang=en-US&pf=Linux%20x86_64&cd=24&0&pload=117
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
45.133.44.3 Philadelphia, United States, ASN39572 (ADVANCEDHOSTERS-AS, NL),
Reverse DNS
Software
nginx/1.18.0 /
Resource Hash
dccc56b4834577790633f041a5c730b0f283352e63c8509a9da3961b170b6f96

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36
Accept-Language
nl-NL,nl;q=0.9

Response headers

date
Fri, 03 Dec 2021 16:23:00 GMT
content-type
text/html; charset=utf-8
content-length
6611
server
nginx/1.18.0
last-modified
Tue, 26 Oct 2021 15:52:40 GMT
etag
f46a63e0e4e733d7ddc6f46da00863bf
x-timestamp
1635263559.76455
x-trans-id
txf9973ab5455e4f86ae257-00617824f3
x-openstack-request-id
txf9973ab5455e4f86ae257-00617824f3
cache-control
max-age=172800
access-control-allow-origin
*
access-control-allow-methods
HEAD,GET,POST,PUT,PATCH,DELETE,OPTIONS
access-control-allow-headers
Content-Type,X-Requested-With,X-Auth-Token,X-Openstack-Request-Id,X-Container-Meta-type,X-Container-Meta-Temp-URL-Key,Authorization
access-control-expose-headers
X-Container-Meta-Temp-Url-Key,X-Container-Bytes-Used,Last-Modified,X-Timestamp
expires
Sun, 05 Dec 2021 16:23:00 GMT
vary
Accept-Encoding
x-proxy-cache
HIT
accept-ranges
bytes
dupa.gif
kneeansweras.com/ 		0
0
script.js
123.selornews.com/dannig/common-player-arrow/ 		4 KB
5 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://123.selornews.com/dannig/common-player-arrow/script.js?a=19
Requested by
Host: 517s61.reminews.com
URL: https://517s61.reminews.com/dannig/common-player-arrow/index.html?var=1541502&ymid=21120311238589a6fd114042f1a4051301e8&rc=1&mrc=0&fsc=0&zoneid=1601571&tburl=https://play-vids.com/?geo=nl&proxy=true
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
45.133.44.4 Philadelphia, United States, ASN39572 (ADVANCEDHOSTERS-AS, NL),
Reverse DNS
Software
nginx/1.18.0 /
Resource Hash
4d23eca65ee87fd5bce9aaefc863c5f836ad13dbb3069c72533bddfe2054d0d9

Request headers

Accept-Language
nl-NL,nl;q=0.9
Referer
https://517s61.reminews.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date
Fri, 03 Dec 2021 16:23:00 GMT
x-openstack-request-id
tx511d3042704c4fa98c709-00617824f4
x-trans-id
tx511d3042704c4fa98c709-00617824f4
x-timestamp
1631013005.68768
accept-ranges
bytes
expires
Sun, 05 Dec 2021 16:23:00 GMT
last-modified
Tue, 07 Sep 2021 11:10:06 GMT
server
nginx/1.18.0
etag
9d479878f1dadd7ee15cebf73891e8ae
vary
Accept-Encoding
access-control-allow-methods
HEAD,GET,POST,PUT,PATCH,DELETE,OPTIONS
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
access-control-expose-headers
X-Container-Meta-Temp-Url-Key,X-Container-Bytes-Used,Last-Modified,X-Timestamp
cache-control
max-age=172800
content-length
4281
access-control-allow-headers
Content-Type,X-Requested-With,X-Auth-Token,X-Openstack-Request-Id,X-Container-Meta-type,X-Container-Meta-Temp-URL-Key,Authorization
x-proxy-cache
HIT
icon1.png
123.selornews.com/dannig/common-player-arrow/img/ 		7 KB
8 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://123.selornews.com/dannig/common-player-arrow/img/icon1.png
Requested by
Host: 517s61.reminews.com
URL: https://517s61.reminews.com/dannig/common-player-arrow/index.html?var=1541502&ymid=21120311238589a6fd114042f1a4051301e8&rc=1&mrc=0&fsc=0&zoneid=1601571&tburl=https://play-vids.com/?geo=nl&proxy=true
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
45.133.44.4 Philadelphia, United States, ASN39572 (ADVANCEDHOSTERS-AS, NL),
Reverse DNS
Software
nginx/1.18.0 /
Resource Hash

Request headers

Accept-Language
nl-NL,nl;q=0.9
Referer
https://517s61.reminews.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date
Fri, 03 Dec 2021 16:23:00 GMT
x-openstack-request-id
tx3a371b7f911d47879e956-00617824f4
x-trans-id
tx3a371b7f911d47879e956-00617824f4
x-timestamp
1621260766.56573
accept-ranges
bytes
expires
Sun, 05 Dec 2021 16:23:00 GMT
last-modified
Mon, 17 May 2021 14:12:47 GMT
server
nginx/1.18.0
etag
3d0ab5834c8bf7134e4d21fa3288317f
vary
Accept-Encoding
access-control-allow-methods
HEAD,GET,POST,PUT,PATCH,DELETE,OPTIONS
content-type
image/png
access-control-allow-origin
*
access-control-expose-headers
X-Container-Meta-Temp-Url-Key,X-Container-Bytes-Used,Last-Modified,X-Timestamp
cache-control
max-age=172800
content-length
7252
access-control-allow-headers
Content-Type,X-Requested-With,X-Auth-Token,X-Openstack-Request-Id,X-Container-Meta-type,X-Container-Meta-Temp-URL-Key,Authorization
x-proxy-cache
HIT
icon2.png
123.selornews.com/dannig/common-player-arrow/img/ 		4 KB
5 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://123.selornews.com/dannig/common-player-arrow/img/icon2.png
Requested by
Host: 517s61.reminews.com
URL: https://517s61.reminews.com/dannig/common-player-arrow/index.html?var=1541502&ymid=21120311238589a6fd114042f1a4051301e8&rc=1&mrc=0&fsc=0&zoneid=1601571&tburl=https://play-vids.com/?geo=nl&proxy=true
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
45.133.44.4 Philadelphia, United States, ASN39572 (ADVANCEDHOSTERS-AS, NL),
Reverse DNS
Software
nginx/1.18.0 /
Resource Hash

Request headers

Accept-Language
nl-NL,nl;q=0.9
Referer
https://517s61.reminews.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date
Fri, 03 Dec 2021 16:23:00 GMT
x-openstack-request-id
txa9b08c83d6884e2e94886-00617824f0
x-trans-id
txa9b08c83d6884e2e94886-00617824f0
x-timestamp
1621260766.58366
accept-ranges
bytes
expires
Sun, 05 Dec 2021 16:23:00 GMT
last-modified
Mon, 17 May 2021 14:12:47 GMT
server
nginx/1.18.0
etag
c947d439eb93367f1af5b2a3d222f057
vary
Accept-Encoding
access-control-allow-methods
HEAD,GET,POST,PUT,PATCH,DELETE,OPTIONS
content-type
image/png
access-control-allow-origin
*
access-control-expose-headers
X-Container-Meta-Temp-Url-Key,X-Container-Bytes-Used,Last-Modified,X-Timestamp
cache-control
max-age=172800
content-length
4576
access-control-allow-headers
Content-Type,X-Requested-With,X-Auth-Token,X-Openstack-Request-Id,X-Container-Meta-type,X-Container-Meta-Temp-URL-Key,Authorization
x-proxy-cache
HIT
icon3.png
123.selornews.com/dannig/common-player-arrow/img/ 		8 KB
8 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://123.selornews.com/dannig/common-player-arrow/img/icon3.png
Requested by
Host: 517s61.reminews.com
URL: https://517s61.reminews.com/dannig/common-player-arrow/index.html?var=1541502&ymid=21120311238589a6fd114042f1a4051301e8&rc=1&mrc=0&fsc=0&zoneid=1601571&tburl=https://play-vids.com/?geo=nl&proxy=true
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
45.133.44.4 Philadelphia, United States, ASN39572 (ADVANCEDHOSTERS-AS, NL),
Reverse DNS
Software
nginx/1.18.0 /
Resource Hash

Request headers

Accept-Language
nl-NL,nl;q=0.9
Referer
https://517s61.reminews.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date
Fri, 03 Dec 2021 16:23:00 GMT
x-openstack-request-id
txe836bc800dc74cab8c17e-00617824f0
x-trans-id
txe836bc800dc74cab8c17e-00617824f0
x-timestamp
1621260770.61859
accept-ranges
bytes
expires
Sun, 05 Dec 2021 16:23:00 GMT
last-modified
Mon, 17 May 2021 14:12:51 GMT
server
nginx/1.18.0
etag
8f3cc830da0b1fdf66bda7d1d734747b
vary
Accept-Encoding
access-control-allow-methods
HEAD,GET,POST,PUT,PATCH,DELETE,OPTIONS
content-type
image/png
access-control-allow-origin
*
access-control-expose-headers
X-Container-Meta-Temp-Url-Key,X-Container-Bytes-Used,Last-Modified,X-Timestamp
cache-control
max-age=172800
content-length
7847
access-control-allow-headers
Content-Type,X-Requested-With,X-Auth-Token,X-Openstack-Request-Id,X-Container-Meta-type,X-Container-Meta-Temp-URL-Key,Authorization
x-proxy-cache
HIT
icon4.png
123.selornews.com/dannig/common-player-arrow/img/ 		7 KB
7 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://123.selornews.com/dannig/common-player-arrow/img/icon4.png
Requested by
Host: 517s61.reminews.com
URL: https://517s61.reminews.com/dannig/common-player-arrow/index.html?var=1541502&ymid=21120311238589a6fd114042f1a4051301e8&rc=1&mrc=0&fsc=0&zoneid=1601571&tburl=https://play-vids.com/?geo=nl&proxy=true
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
45.133.44.4 Philadelphia, United States, ASN39572 (ADVANCEDHOSTERS-AS, NL),
Reverse DNS
Software
nginx/1.18.0 /
Resource Hash

Request headers

Accept-Language
nl-NL,nl;q=0.9
Referer
https://517s61.reminews.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date
Fri, 03 Dec 2021 16:23:00 GMT
x-openstack-request-id
tx15b172dcb6084849bf123-00617824f0
x-trans-id
tx15b172dcb6084849bf123-00617824f0
x-timestamp
1621260766.57654
accept-ranges
bytes
expires
Sun, 05 Dec 2021 16:23:00 GMT
last-modified
Mon, 17 May 2021 14:12:47 GMT
server
nginx/1.18.0
etag
7ad7f32c1c0df7b4975cc41bda4ac435
vary
Accept-Encoding
access-control-allow-methods
HEAD,GET,POST,PUT,PATCH,DELETE,OPTIONS
content-type
image/png
access-control-allow-origin
*
access-control-expose-headers
X-Container-Meta-Temp-Url-Key,X-Container-Bytes-Used,Last-Modified,X-Timestamp
cache-control
max-age=172800
content-length
7032
access-control-allow-headers
Content-Type,X-Requested-With,X-Auth-Token,X-Openstack-Request-Id,X-Container-Meta-type,X-Container-Meta-Temp-URL-Key,Authorization
x-proxy-cache
HIT
icon5.png
123.selornews.com/dannig/common-player-arrow/img/ 		3 KB
4 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://123.selornews.com/dannig/common-player-arrow/img/icon5.png
Requested by
Host: 517s61.reminews.com
URL: https://517s61.reminews.com/dannig/common-player-arrow/index.html?var=1541502&ymid=21120311238589a6fd114042f1a4051301e8&rc=1&mrc=0&fsc=0&zoneid=1601571&tburl=https://play-vids.com/?geo=nl&proxy=true
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
45.133.44.4 Philadelphia, United States, ASN39572 (ADVANCEDHOSTERS-AS, NL),
Reverse DNS
Software
nginx/1.18.0 /
Resource Hash

Request headers

Accept-Language
nl-NL,nl;q=0.9
Referer
https://517s61.reminews.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date
Fri, 03 Dec 2021 16:23:00 GMT
x-openstack-request-id
txb5043e51fe2e4d6988631-00617824f0
x-trans-id
txb5043e51fe2e4d6988631-00617824f0
x-timestamp
1621260766.74516
accept-ranges
bytes
expires
Sun, 05 Dec 2021 16:23:00 GMT
last-modified
Mon, 17 May 2021 14:12:47 GMT
server
nginx/1.18.0
etag
1e1a7582b5da63e10485d63f97abc9a0
vary
Accept-Encoding
access-control-allow-methods
HEAD,GET,POST,PUT,PATCH,DELETE,OPTIONS
content-type
image/png
access-control-allow-origin
*
access-control-expose-headers
X-Container-Meta-Temp-Url-Key,X-Container-Bytes-Used,Last-Modified,X-Timestamp
cache-control
max-age=172800
content-length
3264
access-control-allow-headers
Content-Type,X-Requested-With,X-Auth-Token,X-Openstack-Request-Id,X-Container-Meta-type,X-Container-Meta-Temp-URL-Key,Authorization
x-proxy-cache
HIT
icon7.png
123.selornews.com/dannig/common-player-arrow/img/ 		3 KB
4 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://123.selornews.com/dannig/common-player-arrow/img/icon7.png
Requested by
Host: 517s61.reminews.com
URL: https://517s61.reminews.com/dannig/common-player-arrow/index.html?var=1541502&ymid=21120311238589a6fd114042f1a4051301e8&rc=1&mrc=0&fsc=0&zoneid=1601571&tburl=https://play-vids.com/?geo=nl&proxy=true
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
45.133.44.4 Philadelphia, United States, ASN39572 (ADVANCEDHOSTERS-AS, NL),
Reverse DNS
Software
nginx/1.18.0 /
Resource Hash

Request headers

Accept-Language
nl-NL,nl;q=0.9
Referer
https://517s61.reminews.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date
Fri, 03 Dec 2021 16:23:00 GMT
x-openstack-request-id
tx23eb648f44094a9e86fdc-00617824f0
x-trans-id
tx23eb648f44094a9e86fdc-00617824f0
x-timestamp
1621260767.43555
accept-ranges
bytes
expires
Sun, 05 Dec 2021 16:23:00 GMT
last-modified
Mon, 17 May 2021 14:12:48 GMT
server
nginx/1.18.0
etag
b512735542cb07b3b2dcf153a7dfe456
vary
Accept-Encoding
access-control-allow-methods
HEAD,GET,POST,PUT,PATCH,DELETE,OPTIONS
content-type
image/png
access-control-allow-origin
*
access-control-expose-headers
X-Container-Meta-Temp-Url-Key,X-Container-Bytes-Used,Last-Modified,X-Timestamp
cache-control
max-age=172800
content-length
3283
access-control-allow-headers
Content-Type,X-Requested-With,X-Auth-Token,X-Openstack-Request-Id,X-Container-Meta-type,X-Container-Meta-Temp-URL-Key,Authorization
x-proxy-cache
HIT
icon8.png
123.selornews.com/dannig/common-player-arrow/img/ 		4 KB
5 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://123.selornews.com/dannig/common-player-arrow/img/icon8.png
Requested by
Host: 517s61.reminews.com
URL: https://517s61.reminews.com/dannig/common-player-arrow/index.html?var=1541502&ymid=21120311238589a6fd114042f1a4051301e8&rc=1&mrc=0&fsc=0&zoneid=1601571&tburl=https://play-vids.com/?geo=nl&proxy=true
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
45.133.44.4 Philadelphia, United States, ASN39572 (ADVANCEDHOSTERS-AS, NL),
Reverse DNS
Software
nginx/1.18.0 /
Resource Hash

Request headers

Accept-Language
nl-NL,nl;q=0.9
Referer
https://517s61.reminews.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date
Fri, 03 Dec 2021 16:23:00 GMT
x-openstack-request-id
tx287de7c84de84b77b385d-00617824f0
x-trans-id
tx287de7c84de84b77b385d-00617824f0
x-timestamp
1621260767.46514
accept-ranges
bytes
expires
Sun, 05 Dec 2021 16:23:00 GMT
last-modified
Mon, 17 May 2021 14:12:48 GMT
server
nginx/1.18.0
etag
f92d6474ebc6a3a0b576749cfb4afe98
vary
Accept-Encoding
access-control-allow-methods
HEAD,GET,POST,PUT,PATCH,DELETE,OPTIONS
content-type
image/png
access-control-allow-origin
*
access-control-expose-headers
X-Container-Meta-Temp-Url-Key,X-Container-Bytes-Used,Last-Modified,X-Timestamp
cache-control
max-age=172800
content-length
4064
access-control-allow-headers
Content-Type,X-Requested-With,X-Auth-Token,X-Openstack-Request-Id,X-Container-Meta-type,X-Container-Meta-Temp-URL-Key,Authorization
x-proxy-cache
HIT
afu.php
kneeansweras.com/ 		2 KB
1 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://kneeansweras.com/afu.php?zoneid=1541501&var=1541502
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
109.206.162.83 , Netherlands, ASN50245 (SERVEREL-AS, NL),
Reverse DNS
83.162.serverel.net
Software
nginx /
Resource Hash
ddc5759a5ea82e3741d2fc6872f9ffd4b879f1073839eeb0b63efefd447fe182

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36
Accept-Language
nl-NL,nl;q=0.9

Response headers

server
nginx
date
Fri, 03 Dec 2021 16:23:00 GMT
content-type
text/html; charset=utf-8
vary
Accept-Encoding
content-encoding
gzip
timing-allow-origin
*
submit.min.js
kneeansweras.com/ 		34 KB
14 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://kneeansweras.com/submit.min.js?2.0
Requested by
Host: kneeansweras.com
URL: https://kneeansweras.com/afu.php?zoneid=1541501&var=1541502
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
109.206.162.83 , Netherlands, ASN50245 (SERVEREL-AS, NL),
Reverse DNS
83.162.serverel.net
Software
nginx /
Resource Hash
85a367f436675a0f9ff723ab117c68ab0f704cd9f183bc40c8d5e06d647832b8

Request headers

Accept-Language
nl-NL,nl;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date
Fri, 03 Dec 2021 16:23:00 GMT
content-encoding
gzip
last-modified
Thu, 02 Dec 2021 12:43:17 GMT
server
nginx
etag
W/"61a8bf65-87fb"
vary
Accept-Encoding
content-type
application/javascript
timing-allow-origin
*
/
kneeansweras.com/ 		3 KB
2 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://kneeansweras.com/?r=dir&zoneid=1541501&var=1541502&pb=586c9fa88c368e30110ae9853b524f961638555780&psp=up-2fGmAL_E4Tnyg1N8L9-kEmVrqSR8qlE0AsZD-WMc7Q2Dh4QHoz1Rw-dg5-0U4FAEcLEowp_m51Kyh_aLZJiIZ8yLtdCKH-3nA516FK3pIKexWIx_g2rUeO1zSeumatYXsYG06dok3YRdGHzTv0eFL7U0LkOIhqw2ntWAmgak_VP35DOX00xaeIot95tL_P_xiGW3Aa6OhHF_O_FPEhVMw8Fbqx7Bd_MWtG02Y2ZiWJlOLBpCcFgOS1qaE-gvIUKHMph5DCoApQY5insA6Hu7nk3QP1m7dEJomRQnV-tyv7H1V25jUjtpsqvgRiScqLxtbAxnzaatNxUioETYHWpPiMJavI7rzJ0P13A6m-4K9l2SDQySC0AFsqzxjVIRP5FL-9nhyKeSehs6yyfKvKsTe7ZDyIb8VoCYb9SmkL_6JG42OpXkLI4ex884MfnnwbN6F31sPI2xexrIzHMhyo6qj_rNOKvEDjPfGIbhzDGijuFwhu9iHg8bAjZeIy7bqnTsHyDEc0raCwGWf4If-MA5lL7uKeHmq-k9W9rIde_-2QuQRwbcG65jMZzqmfHiMvNAJgDHcSWQzDRq1kNnH59LEW9afc9TQwqIBh__YFGcrR6aLT5iAP5hdfgugTngeQpMnyuDpPE7JgkHSkeODdbFzasz_YfZd1ut6vH5IQTDktQ97OFiDlQ==&nojs=0&ix=0&t=0&x=1600&y=1200&wcks=1&wgl=1&cnvs=1&os=0&md=0&bb=0&pl=Chrome%20PDF%20Plugin::Chrome%20PDF%20Viewer::Native%20Client&lang=en-US&pf=Linux%20x86_64&cd=24&0&pload=115
Requested by
Host: kneeansweras.com
URL: https://kneeansweras.com/submit.min.js?2.0
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
109.206.162.83 , Netherlands, ASN50245 (SERVEREL-AS, NL),
Reverse DNS
83.162.serverel.net
Software
nginx /
Resource Hash
f53721deb441c0c8de5eff088652559428aac418444b9be125c1d279b68c0534

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36
Accept-Language
nl-NL,nl;q=0.9

Response headers

server
nginx
date
Fri, 03 Dec 2021 16:23:00 GMT
content-type
text/html; charset=utf-8
vary
Accept-Encoding
content-encoding
gzip
timing-allow-origin
*
index.html
517s61.reminews.com/dannig/common-player-arrow/ 		6 KB
7 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://517s61.reminews.com/dannig/common-player-arrow/index.html?var=1541501&ymid=2112031123e5e1879572fe43ff9021d3b47a&rc=1&mrc=0&fsc=0&zoneid=1601571&tburl=https://play-vids.com/?geo=nl&proxy=true
Requested by
Host: kneeansweras.com
URL: https://kneeansweras.com/?r=dir&zoneid=1541501&var=1541502&pb=586c9fa88c368e30110ae9853b524f961638555780&psp=up-2fGmAL_E4Tnyg1N8L9-kEmVrqSR8qlE0AsZD-WMc7Q2Dh4QHoz1Rw-dg5-0U4FAEcLEowp_m51Kyh_aLZJiIZ8yLtdCKH-3nA516FK3pIKexWIx_g2rUeO1zSeumatYXsYG06dok3YRdGHzTv0eFL7U0LkOIhqw2ntWAmgak_VP35DOX00xaeIot95tL_P_xiGW3Aa6OhHF_O_FPEhVMw8Fbqx7Bd_MWtG02Y2ZiWJlOLBpCcFgOS1qaE-gvIUKHMph5DCoApQY5insA6Hu7nk3QP1m7dEJomRQnV-tyv7H1V25jUjtpsqvgRiScqLxtbAxnzaatNxUioETYHWpPiMJavI7rzJ0P13A6m-4K9l2SDQySC0AFsqzxjVIRP5FL-9nhyKeSehs6yyfKvKsTe7ZDyIb8VoCYb9SmkL_6JG42OpXkLI4ex884MfnnwbN6F31sPI2xexrIzHMhyo6qj_rNOKvEDjPfGIbhzDGijuFwhu9iHg8bAjZeIy7bqnTsHyDEc0raCwGWf4If-MA5lL7uKeHmq-k9W9rIde_-2QuQRwbcG65jMZzqmfHiMvNAJgDHcSWQzDRq1kNnH59LEW9afc9TQwqIBh__YFGcrR6aLT5iAP5hdfgugTngeQpMnyuDpPE7JgkHSkeODdbFzasz_YfZd1ut6vH5IQTDktQ97OFiDlQ==&nojs=0&ix=0&t=0&x=1600&y=1200&wcks=1&wgl=1&cnvs=1&os=0&md=0&bb=0&pl=Chrome%20PDF%20Plugin::Chrome%20PDF%20Viewer::Native%20Client&lang=en-US&pf=Linux%20x86_64&cd=24&0&pload=115
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
45.133.44.3 Philadelphia, United States, ASN39572 (ADVANCEDHOSTERS-AS, NL),
Reverse DNS
Software
nginx/1.18.0 /
Resource Hash
dccc56b4834577790633f041a5c730b0f283352e63c8509a9da3961b170b6f96

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36
Accept-Language
nl-NL,nl;q=0.9

Response headers

date
Fri, 03 Dec 2021 16:23:00 GMT
content-type
text/html; charset=utf-8
content-length
6611
server
nginx/1.18.0
last-modified
Tue, 26 Oct 2021 15:52:40 GMT
etag
f46a63e0e4e733d7ddc6f46da00863bf
x-timestamp
1635263559.76455
x-trans-id
txf9973ab5455e4f86ae257-00617824f3
x-openstack-request-id
txf9973ab5455e4f86ae257-00617824f3
cache-control
max-age=172800
access-control-allow-origin
*
access-control-allow-methods
HEAD,GET,POST,PUT,PATCH,DELETE,OPTIONS
access-control-allow-headers
Content-Type,X-Requested-With,X-Auth-Token,X-Openstack-Request-Id,X-Container-Meta-type,X-Container-Meta-Temp-URL-Key,Authorization
access-control-expose-headers
X-Container-Meta-Temp-Url-Key,X-Container-Bytes-Used,Last-Modified,X-Timestamp
expires
Sun, 05 Dec 2021 16:23:00 GMT
vary
Accept-Encoding
x-proxy-cache
HIT
accept-ranges
bytes
dupa.gif
kneeansweras.com/ 		0
0
script.js
123.selornews.com/dannig/common-player-arrow/ 		4 KB
5 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://123.selornews.com/dannig/common-player-arrow/script.js?a=19
Requested by
Host: 517s61.reminews.com
URL: https://517s61.reminews.com/dannig/common-player-arrow/index.html?var=1541501&ymid=2112031123e5e1879572fe43ff9021d3b47a&rc=1&mrc=0&fsc=0&zoneid=1601571&tburl=https://play-vids.com/?geo=nl&proxy=true
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
45.133.44.4 Philadelphia, United States, ASN39572 (ADVANCEDHOSTERS-AS, NL),
Reverse DNS
Software
nginx/1.18.0 /
Resource Hash
4d23eca65ee87fd5bce9aaefc863c5f836ad13dbb3069c72533bddfe2054d0d9

Request headers

Accept-Language
nl-NL,nl;q=0.9
Referer
https://517s61.reminews.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date
Fri, 03 Dec 2021 16:23:00 GMT
x-openstack-request-id
tx511d3042704c4fa98c709-00617824f4
x-trans-id
tx511d3042704c4fa98c709-00617824f4
x-timestamp
1631013005.68768
accept-ranges
bytes
expires
Sun, 05 Dec 2021 16:23:00 GMT
last-modified
Tue, 07 Sep 2021 11:10:06 GMT
server
nginx/1.18.0
etag
9d479878f1dadd7ee15cebf73891e8ae
vary
Accept-Encoding
access-control-allow-methods
HEAD,GET,POST,PUT,PATCH,DELETE,OPTIONS
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
access-control-expose-headers
X-Container-Meta-Temp-Url-Key,X-Container-Bytes-Used,Last-Modified,X-Timestamp
cache-control
max-age=172800
content-length
4281
access-control-allow-headers
Content-Type,X-Requested-With,X-Auth-Token,X-Openstack-Request-Id,X-Container-Meta-type,X-Container-Meta-Temp-URL-Key,Authorization
x-proxy-cache
HIT
icon1.png
123.selornews.com/dannig/common-player-arrow/img/ 		7 KB
8 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://123.selornews.com/dannig/common-player-arrow/img/icon1.png
Requested by
Host: 517s61.reminews.com
URL: https://517s61.reminews.com/dannig/common-player-arrow/index.html?var=1541501&ymid=2112031123e5e1879572fe43ff9021d3b47a&rc=1&mrc=0&fsc=0&zoneid=1601571&tburl=https://play-vids.com/?geo=nl&proxy=true
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
45.133.44.4 Philadelphia, United States, ASN39572 (ADVANCEDHOSTERS-AS, NL),
Reverse DNS
Software
nginx/1.18.0 /
Resource Hash
0515ddd9185d263874e7b66bb6d521fcd63b857aac5fed51c08df98026dafe27

Request headers

Accept-Language
nl-NL,nl;q=0.9
Referer
https://517s61.reminews.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date
Fri, 03 Dec 2021 16:23:00 GMT
x-openstack-request-id
tx3a371b7f911d47879e956-00617824f4
x-trans-id
tx3a371b7f911d47879e956-00617824f4
x-timestamp
1621260766.56573
accept-ranges
bytes
expires
Sun, 05 Dec 2021 16:23:00 GMT
last-modified
Mon, 17 May 2021 14:12:47 GMT
server
nginx/1.18.0
etag
3d0ab5834c8bf7134e4d21fa3288317f
vary
Accept-Encoding
access-control-allow-methods
HEAD,GET,POST,PUT,PATCH,DELETE,OPTIONS
content-type
image/png
access-control-allow-origin
*
access-control-expose-headers
X-Container-Meta-Temp-Url-Key,X-Container-Bytes-Used,Last-Modified,X-Timestamp
cache-control
max-age=172800
content-length
7252
access-control-allow-headers
Content-Type,X-Requested-With,X-Auth-Token,X-Openstack-Request-Id,X-Container-Meta-type,X-Container-Meta-Temp-URL-Key,Authorization
x-proxy-cache
HIT
icon2.png
123.selornews.com/dannig/common-player-arrow/img/ 		4 KB
5 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://123.selornews.com/dannig/common-player-arrow/img/icon2.png
Requested by
Host: 517s61.reminews.com
URL: https://517s61.reminews.com/dannig/common-player-arrow/index.html?var=1541501&ymid=2112031123e5e1879572fe43ff9021d3b47a&rc=1&mrc=0&fsc=0&zoneid=1601571&tburl=https://play-vids.com/?geo=nl&proxy=true
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
45.133.44.4 Philadelphia, United States, ASN39572 (ADVANCEDHOSTERS-AS, NL),
Reverse DNS
Software
nginx/1.18.0 /
Resource Hash

Request headers

Accept-Language
nl-NL,nl;q=0.9
Referer
https://517s61.reminews.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date
Fri, 03 Dec 2021 16:23:00 GMT
x-openstack-request-id
txa9b08c83d6884e2e94886-00617824f0
x-trans-id
txa9b08c83d6884e2e94886-00617824f0
x-timestamp
1621260766.58366
accept-ranges
bytes
expires
Sun, 05 Dec 2021 16:23:00 GMT
last-modified
Mon, 17 May 2021 14:12:47 GMT
server
nginx/1.18.0
etag
c947d439eb93367f1af5b2a3d222f057
vary
Accept-Encoding
access-control-allow-methods
HEAD,GET,POST,PUT,PATCH,DELETE,OPTIONS
content-type
image/png
access-control-allow-origin
*
access-control-expose-headers
X-Container-Meta-Temp-Url-Key,X-Container-Bytes-Used,Last-Modified,X-Timestamp
cache-control
max-age=172800
content-length
4576
access-control-allow-headers
Content-Type,X-Requested-With,X-Auth-Token,X-Openstack-Request-Id,X-Container-Meta-type,X-Container-Meta-Temp-URL-Key,Authorization
x-proxy-cache
HIT
icon3.png
123.selornews.com/dannig/common-player-arrow/img/ 		8 KB
8 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://123.selornews.com/dannig/common-player-arrow/img/icon3.png
Requested by
Host: 517s61.reminews.com
URL: https://517s61.reminews.com/dannig/common-player-arrow/index.html?var=1541501&ymid=2112031123e5e1879572fe43ff9021d3b47a&rc=1&mrc=0&fsc=0&zoneid=1601571&tburl=https://play-vids.com/?geo=nl&proxy=true
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
45.133.44.4 Philadelphia, United States, ASN39572 (ADVANCEDHOSTERS-AS, NL),
Reverse DNS
Software
nginx/1.18.0 /
Resource Hash

Request headers

Accept-Language
nl-NL,nl;q=0.9
Referer
https://517s61.reminews.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date
Fri, 03 Dec 2021 16:23:00 GMT
x-openstack-request-id
txe836bc800dc74cab8c17e-00617824f0
x-trans-id
txe836bc800dc74cab8c17e-00617824f0
x-timestamp
1621260770.61859
accept-ranges
bytes
expires
Sun, 05 Dec 2021 16:23:00 GMT
last-modified
Mon, 17 May 2021 14:12:51 GMT
server
nginx/1.18.0
etag
8f3cc830da0b1fdf66bda7d1d734747b
vary
Accept-Encoding
access-control-allow-methods
HEAD,GET,POST,PUT,PATCH,DELETE,OPTIONS
content-type
image/png
access-control-allow-origin
*
access-control-expose-headers
X-Container-Meta-Temp-Url-Key,X-Container-Bytes-Used,Last-Modified,X-Timestamp
cache-control
max-age=172800
content-length
7847
access-control-allow-headers
Content-Type,X-Requested-With,X-Auth-Token,X-Openstack-Request-Id,X-Container-Meta-type,X-Container-Meta-Temp-URL-Key,Authorization
x-proxy-cache
HIT
icon4.png
123.selornews.com/dannig/common-player-arrow/img/ 		7 KB
7 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://123.selornews.com/dannig/common-player-arrow/img/icon4.png
Requested by
Host: 517s61.reminews.com
URL: https://517s61.reminews.com/dannig/common-player-arrow/index.html?var=1541501&ymid=2112031123e5e1879572fe43ff9021d3b47a&rc=1&mrc=0&fsc=0&zoneid=1601571&tburl=https://play-vids.com/?geo=nl&proxy=true
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
45.133.44.4 Philadelphia, United States, ASN39572 (ADVANCEDHOSTERS-AS, NL),
Reverse DNS
Software
nginx/1.18.0 /
Resource Hash

Request headers

Accept-Language
nl-NL,nl;q=0.9
Referer
https://517s61.reminews.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date
Fri, 03 Dec 2021 16:23:00 GMT
x-openstack-request-id
tx15b172dcb6084849bf123-00617824f0
x-trans-id
tx15b172dcb6084849bf123-00617824f0
x-timestamp
1621260766.57654
accept-ranges
bytes
expires
Sun, 05 Dec 2021 16:23:00 GMT
last-modified
Mon, 17 May 2021 14:12:47 GMT
server
nginx/1.18.0
etag
7ad7f32c1c0df7b4975cc41bda4ac435
vary
Accept-Encoding
access-control-allow-methods
HEAD,GET,POST,PUT,PATCH,DELETE,OPTIONS
content-type
image/png
access-control-allow-origin
*
access-control-expose-headers
X-Container-Meta-Temp-Url-Key,X-Container-Bytes-Used,Last-Modified,X-Timestamp
cache-control
max-age=172800
content-length
7032
access-control-allow-headers
Content-Type,X-Requested-With,X-Auth-Token,X-Openstack-Request-Id,X-Container-Meta-type,X-Container-Meta-Temp-URL-Key,Authorization
x-proxy-cache
HIT
icon5.png
123.selornews.com/dannig/common-player-arrow/img/ 		3 KB
4 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://123.selornews.com/dannig/common-player-arrow/img/icon5.png
Requested by
Host: 517s61.reminews.com
URL: https://517s61.reminews.com/dannig/common-player-arrow/index.html?var=1541501&ymid=2112031123e5e1879572fe43ff9021d3b47a&rc=1&mrc=0&fsc=0&zoneid=1601571&tburl=https://play-vids.com/?geo=nl&proxy=true
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
45.133.44.4 Philadelphia, United States, ASN39572 (ADVANCEDHOSTERS-AS, NL),
Reverse DNS
Software
nginx/1.18.0 /
Resource Hash

Request headers

Accept-Language
nl-NL,nl;q=0.9
Referer
https://517s61.reminews.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date
Fri, 03 Dec 2021 16:23:00 GMT
x-openstack-request-id
txb5043e51fe2e4d6988631-00617824f0
x-trans-id
txb5043e51fe2e4d6988631-00617824f0
x-timestamp
1621260766.74516
accept-ranges
bytes
expires
Sun, 05 Dec 2021 16:23:00 GMT
last-modified
Mon, 17 May 2021 14:12:47 GMT
server
nginx/1.18.0
etag
1e1a7582b5da63e10485d63f97abc9a0
vary
Accept-Encoding
access-control-allow-methods
HEAD,GET,POST,PUT,PATCH,DELETE,OPTIONS
content-type
image/png
access-control-allow-origin
*
access-control-expose-headers
X-Container-Meta-Temp-Url-Key,X-Container-Bytes-Used,Last-Modified,X-Timestamp
cache-control
max-age=172800
content-length
3264
access-control-allow-headers
Content-Type,X-Requested-With,X-Auth-Token,X-Openstack-Request-Id,X-Container-Meta-type,X-Container-Meta-Temp-URL-Key,Authorization
x-proxy-cache
HIT
icon7.png
123.selornews.com/dannig/common-player-arrow/img/ 		3 KB
4 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://123.selornews.com/dannig/common-player-arrow/img/icon7.png
Requested by
Host: 517s61.reminews.com
URL: https://517s61.reminews.com/dannig/common-player-arrow/index.html?var=1541501&ymid=2112031123e5e1879572fe43ff9021d3b47a&rc=1&mrc=0&fsc=0&zoneid=1601571&tburl=https://play-vids.com/?geo=nl&proxy=true
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
45.133.44.4 Philadelphia, United States, ASN39572 (ADVANCEDHOSTERS-AS, NL),
Reverse DNS
Software
nginx/1.18.0 /
Resource Hash

Request headers

Accept-Language
nl-NL,nl;q=0.9
Referer
https://517s61.reminews.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date
Fri, 03 Dec 2021 16:23:00 GMT
x-openstack-request-id
tx23eb648f44094a9e86fdc-00617824f0
x-trans-id
tx23eb648f44094a9e86fdc-00617824f0
x-timestamp
1621260767.43555
accept-ranges
bytes
expires
Sun, 05 Dec 2021 16:23:00 GMT
last-modified
Mon, 17 May 2021 14:12:48 GMT
server
nginx/1.18.0
etag
b512735542cb07b3b2dcf153a7dfe456
vary
Accept-Encoding
access-control-allow-methods
HEAD,GET,POST,PUT,PATCH,DELETE,OPTIONS
content-type
image/png
access-control-allow-origin
*
access-control-expose-headers
X-Container-Meta-Temp-Url-Key,X-Container-Bytes-Used,Last-Modified,X-Timestamp
cache-control
max-age=172800
content-length
3283
access-control-allow-headers
Content-Type,X-Requested-With,X-Auth-Token,X-Openstack-Request-Id,X-Container-Meta-type,X-Container-Meta-Temp-URL-Key,Authorization
x-proxy-cache
HIT
icon8.png
123.selornews.com/dannig/common-player-arrow/img/ 		4 KB
5 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://123.selornews.com/dannig/common-player-arrow/img/icon8.png
Requested by
Host: 517s61.reminews.com
URL: https://517s61.reminews.com/dannig/common-player-arrow/index.html?var=1541501&ymid=2112031123e5e1879572fe43ff9021d3b47a&rc=1&mrc=0&fsc=0&zoneid=1601571&tburl=https://play-vids.com/?geo=nl&proxy=true
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
45.133.44.4 Philadelphia, United States, ASN39572 (ADVANCEDHOSTERS-AS, NL),
Reverse DNS
Software
nginx/1.18.0 /
Resource Hash

Request headers

Accept-Language
nl-NL,nl;q=0.9
Referer
https://517s61.reminews.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date
Fri, 03 Dec 2021 16:23:00 GMT
x-openstack-request-id
tx287de7c84de84b77b385d-00617824f0
x-trans-id
tx287de7c84de84b77b385d-00617824f0
x-timestamp
1621260767.46514
accept-ranges
bytes
expires
Sun, 05 Dec 2021 16:23:00 GMT
last-modified
Mon, 17 May 2021 14:12:48 GMT
server
nginx/1.18.0
etag
f92d6474ebc6a3a0b576749cfb4afe98
vary
Accept-Encoding
access-control-allow-methods
HEAD,GET,POST,PUT,PATCH,DELETE,OPTIONS
content-type
image/png
access-control-allow-origin
*
access-control-expose-headers
X-Container-Meta-Temp-Url-Key,X-Container-Bytes-Used,Last-Modified,X-Timestamp
cache-control
max-age=172800
content-length
4064
access-control-allow-headers
Content-Type,X-Requested-With,X-Auth-Token,X-Openstack-Request-Id,X-Container-Meta-type,X-Container-Meta-Temp-URL-Key,Authorization
x-proxy-cache
HIT
afu.php
kneeansweras.com/ 		2 KB
1 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://kneeansweras.com/afu.php?zoneid=1541502&var=1541501
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
109.206.162.83 , Netherlands, ASN50245 (SERVEREL-AS, NL),
Reverse DNS
83.162.serverel.net
Software
nginx /
Resource Hash
c038638340ac0c51168244e25fa20858560d2dd30765eaae8c93f0f36bb2313b

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36
Accept-Language
nl-NL,nl;q=0.9

Response headers

server
nginx
date
Fri, 03 Dec 2021 16:23:00 GMT
content-type
text/html; charset=utf-8
vary
Accept-Encoding
content-encoding
gzip
timing-allow-origin
*
submit.min.js
kneeansweras.com/ 		34 KB
14 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://kneeansweras.com/submit.min.js?2.0
Requested by
Host: kneeansweras.com
URL: https://kneeansweras.com/afu.php?zoneid=1541502&var=1541501
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
109.206.162.83 , Netherlands, ASN50245 (SERVEREL-AS, NL),
Reverse DNS
83.162.serverel.net
Software
nginx /
Resource Hash
85a367f436675a0f9ff723ab117c68ab0f704cd9f183bc40c8d5e06d647832b8

Request headers

Accept-Language
nl-NL,nl;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date
Fri, 03 Dec 2021 16:23:00 GMT
content-encoding
gzip
last-modified
Thu, 02 Dec 2021 12:43:17 GMT
server
nginx
etag
W/"61a8bf65-87fb"
vary
Accept-Encoding
content-type
application/javascript
timing-allow-origin
*
/
kneeansweras.com/ 		3 KB
2 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://kneeansweras.com/?r=dir&zoneid=1541502&var=1541501&pb=586c9fa88c368e30110ae9853b524f961638555780&psp=WVPNE4iOLi98yDJbXIdhTAiADQecDSwP09xJajdpsJtBXXyh9IPdLsLaQQ7jbBPqhNF4O-twnnvmRc6n_lprdwUS9y869dCWzwQp3o4eR-sHrxuucMJjWdakoxWGTWivkwfy4xM6RIxpdxJn6DB5TJdbh88xr4CIjbGo-f-qMjwZa9azfnYN5RdblY8UJoTDvbdZVrxkmAueeW4eMZFK_3wkjbbCM6rBpJmtA86ynVJGYvv3TAQU23jc8u-QZPZQ8pjSQWjrJIjr3EwYjZshnajR6v6F0yhQnXexbpFvaxC-0FjJRXATmMKUd5Qb8D4C04evjOgfBvUVi_jsz8OQ4KBqKS2PDyHs3o4mmESYgw9SwopireaIKmu5_JZH0s-bZwtQiVB3jGsO76_qdDTfj9FOwjINU00ta38HHtlEOO80OMa48dy_CCoz6Jfhqkp82r1ZfKXN4URXv4hBVH4bCmg9CLrgltnVNcNbMj0hp12XUBX1eQPWGchZZvJzHI-t3EAiX_j1W3YRl7hlxVXN8FmgAnGbAN3Rm54p9LafbZ8x7L00hLvBfNTY8N1vS_3JpIRzOdpFpNuocSu1WOBdXitjHswCiK7X1RoFOkKG8RALpM73nOFtV30a8SFRKvDb-WypJgJfpIeSnKtMyzsU2-3TJ-rcJzhWTNV8kMWsgvRKZ48W51IFdA==&nojs=0&ix=0&t=0&x=1600&y=1200&wcks=1&wgl=1&cnvs=1&os=0&md=0&bb=0&pl=Chrome%20PDF%20Plugin::Chrome%20PDF%20Viewer::Native%20Client&lang=en-US&pf=Linux%20x86_64&cd=24&0&pload=115
Requested by
Host: kneeansweras.com
URL: https://kneeansweras.com/submit.min.js?2.0
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
109.206.162.83 , Netherlands, ASN50245 (SERVEREL-AS, NL),
Reverse DNS
83.162.serverel.net
Software
nginx /
Resource Hash
1583c70e904ecdc873cc49d35538f5438752875e7f8a0edd4f7a5befd44d31f2

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36
Accept-Language
nl-NL,nl;q=0.9

Response headers

server
nginx
date
Fri, 03 Dec 2021 16:23:00 GMT
content-type
text/html; charset=utf-8
vary
Accept-Encoding
content-encoding
gzip
timing-allow-origin
*
index.html
517s61.reminews.com/dannig/common-player-arrow/ 		6 KB
7 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://517s61.reminews.com/dannig/common-player-arrow/index.html?var=1541502&ymid=2112031123d83abf0c2d3c4d99b379a571cf&rc=1&mrc=0&fsc=0&zoneid=1601571&tburl=https://play-vids.com/?geo=nl&proxy=true
Requested by
Host: kneeansweras.com
URL: https://kneeansweras.com/?r=dir&zoneid=1541502&var=1541501&pb=586c9fa88c368e30110ae9853b524f961638555780&psp=WVPNE4iOLi98yDJbXIdhTAiADQecDSwP09xJajdpsJtBXXyh9IPdLsLaQQ7jbBPqhNF4O-twnnvmRc6n_lprdwUS9y869dCWzwQp3o4eR-sHrxuucMJjWdakoxWGTWivkwfy4xM6RIxpdxJn6DB5TJdbh88xr4CIjbGo-f-qMjwZa9azfnYN5RdblY8UJoTDvbdZVrxkmAueeW4eMZFK_3wkjbbCM6rBpJmtA86ynVJGYvv3TAQU23jc8u-QZPZQ8pjSQWjrJIjr3EwYjZshnajR6v6F0yhQnXexbpFvaxC-0FjJRXATmMKUd5Qb8D4C04evjOgfBvUVi_jsz8OQ4KBqKS2PDyHs3o4mmESYgw9SwopireaIKmu5_JZH0s-bZwtQiVB3jGsO76_qdDTfj9FOwjINU00ta38HHtlEOO80OMa48dy_CCoz6Jfhqkp82r1ZfKXN4URXv4hBVH4bCmg9CLrgltnVNcNbMj0hp12XUBX1eQPWGchZZvJzHI-t3EAiX_j1W3YRl7hlxVXN8FmgAnGbAN3Rm54p9LafbZ8x7L00hLvBfNTY8N1vS_3JpIRzOdpFpNuocSu1WOBdXitjHswCiK7X1RoFOkKG8RALpM73nOFtV30a8SFRKvDb-WypJgJfpIeSnKtMyzsU2-3TJ-rcJzhWTNV8kMWsgvRKZ48W51IFdA==&nojs=0&ix=0&t=0&x=1600&y=1200&wcks=1&wgl=1&cnvs=1&os=0&md=0&bb=0&pl=Chrome%20PDF%20Plugin::Chrome%20PDF%20Viewer::Native%20Client&lang=en-US&pf=Linux%20x86_64&cd=24&0&pload=115
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
45.133.44.3 Philadelphia, United States, ASN39572 (ADVANCEDHOSTERS-AS, NL),
Reverse DNS
Software
nginx/1.18.0 /
Resource Hash
dccc56b4834577790633f041a5c730b0f283352e63c8509a9da3961b170b6f96

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36
Accept-Language
nl-NL,nl;q=0.9

Response headers

date
Fri, 03 Dec 2021 16:23:00 GMT
content-type
text/html; charset=utf-8
content-length
6611
server
nginx/1.18.0
last-modified
Tue, 26 Oct 2021 15:52:40 GMT
etag
f46a63e0e4e733d7ddc6f46da00863bf
x-timestamp
1635263559.76455
x-trans-id
txf9973ab5455e4f86ae257-00617824f3
x-openstack-request-id
txf9973ab5455e4f86ae257-00617824f3
cache-control
max-age=172800
access-control-allow-origin
*
access-control-allow-methods
HEAD,GET,POST,PUT,PATCH,DELETE,OPTIONS
access-control-allow-headers
Content-Type,X-Requested-With,X-Auth-Token,X-Openstack-Request-Id,X-Container-Meta-type,X-Container-Meta-Temp-URL-Key,Authorization
access-control-expose-headers
X-Container-Meta-Temp-Url-Key,X-Container-Bytes-Used,Last-Modified,X-Timestamp
expires
Sun, 05 Dec 2021 16:23:00 GMT
vary
Accept-Encoding
x-proxy-cache
HIT
accept-ranges
bytes
dupa.gif
kneeansweras.com/ 		0
0
script.js
123.selornews.com/dannig/common-player-arrow/ 		4 KB
5 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://123.selornews.com/dannig/common-player-arrow/script.js?a=19
Requested by
Host: 517s61.reminews.com
URL: https://517s61.reminews.com/dannig/common-player-arrow/index.html?var=1541502&ymid=2112031123d83abf0c2d3c4d99b379a571cf&rc=1&mrc=0&fsc=0&zoneid=1601571&tburl=https://play-vids.com/?geo=nl&proxy=true
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
45.133.44.4 Philadelphia, United States, ASN39572 (ADVANCEDHOSTERS-AS, NL),
Reverse DNS
Software
nginx/1.18.0 /
Resource Hash
4d23eca65ee87fd5bce9aaefc863c5f836ad13dbb3069c72533bddfe2054d0d9

Request headers

Accept-Language
nl-NL,nl;q=0.9
Referer
https://517s61.reminews.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date
Fri, 03 Dec 2021 16:23:00 GMT
x-openstack-request-id
tx511d3042704c4fa98c709-00617824f4
x-trans-id
tx511d3042704c4fa98c709-00617824f4
x-timestamp
1631013005.68768
accept-ranges
bytes
expires
Sun, 05 Dec 2021 16:23:00 GMT
last-modified
Tue, 07 Sep 2021 11:10:06 GMT
server
nginx/1.18.0
etag
9d479878f1dadd7ee15cebf73891e8ae
vary
Accept-Encoding
access-control-allow-methods
HEAD,GET,POST,PUT,PATCH,DELETE,OPTIONS
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
access-control-expose-headers
X-Container-Meta-Temp-Url-Key,X-Container-Bytes-Used,Last-Modified,X-Timestamp
cache-control
max-age=172800
content-length
4281
access-control-allow-headers
Content-Type,X-Requested-With,X-Auth-Token,X-Openstack-Request-Id,X-Container-Meta-type,X-Container-Meta-Temp-URL-Key,Authorization
x-proxy-cache
HIT
icon1.png
123.selornews.com/dannig/common-player-arrow/img/ 		7 KB
8 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://123.selornews.com/dannig/common-player-arrow/img/icon1.png
Requested by
Host: 517s61.reminews.com
URL: https://517s61.reminews.com/dannig/common-player-arrow/index.html?var=1541502&ymid=2112031123d83abf0c2d3c4d99b379a571cf&rc=1&mrc=0&fsc=0&zoneid=1601571&tburl=https://play-vids.com/?geo=nl&proxy=true
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
45.133.44.4 Philadelphia, United States, ASN39572 (ADVANCEDHOSTERS-AS, NL),
Reverse DNS
Software
nginx/1.18.0 /
Resource Hash

Request headers

Accept-Language
nl-NL,nl;q=0.9
Referer
https://517s61.reminews.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date
Fri, 03 Dec 2021 16:23:00 GMT
x-openstack-request-id
tx3a371b7f911d47879e956-00617824f4
x-trans-id
tx3a371b7f911d47879e956-00617824f4
x-timestamp
1621260766.56573
accept-ranges
bytes
expires
Sun, 05 Dec 2021 16:23:00 GMT
last-modified
Mon, 17 May 2021 14:12:47 GMT
server
nginx/1.18.0
etag
3d0ab5834c8bf7134e4d21fa3288317f
vary
Accept-Encoding
access-control-allow-methods
HEAD,GET,POST,PUT,PATCH,DELETE,OPTIONS
content-type
image/png
access-control-allow-origin
*
access-control-expose-headers
X-Container-Meta-Temp-Url-Key,X-Container-Bytes-Used,Last-Modified,X-Timestamp
cache-control
max-age=172800
content-length
7252
access-control-allow-headers
Content-Type,X-Requested-With,X-Auth-Token,X-Openstack-Request-Id,X-Container-Meta-type,X-Container-Meta-Temp-URL-Key,Authorization
x-proxy-cache
HIT
icon2.png
123.selornews.com/dannig/common-player-arrow/img/ 		4 KB
5 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://123.selornews.com/dannig/common-player-arrow/img/icon2.png
Requested by
Host: 517s61.reminews.com
URL: https://517s61.reminews.com/dannig/common-player-arrow/index.html?var=1541502&ymid=2112031123d83abf0c2d3c4d99b379a571cf&rc=1&mrc=0&fsc=0&zoneid=1601571&tburl=https://play-vids.com/?geo=nl&proxy=true
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
45.133.44.4 Philadelphia, United States, ASN39572 (ADVANCEDHOSTERS-AS, NL),
Reverse DNS
Software
nginx/1.18.0 /
Resource Hash

Request headers

Accept-Language
nl-NL,nl;q=0.9
Referer
https://517s61.reminews.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date
Fri, 03 Dec 2021 16:23:00 GMT
x-openstack-request-id
txa9b08c83d6884e2e94886-00617824f0
x-trans-id
txa9b08c83d6884e2e94886-00617824f0
x-timestamp
1621260766.58366
accept-ranges
bytes
expires
Sun, 05 Dec 2021 16:23:00 GMT
last-modified
Mon, 17 May 2021 14:12:47 GMT
server
nginx/1.18.0
etag
c947d439eb93367f1af5b2a3d222f057
vary
Accept-Encoding
access-control-allow-methods
HEAD,GET,POST,PUT,PATCH,DELETE,OPTIONS
content-type
image/png
access-control-allow-origin
*
access-control-expose-headers
X-Container-Meta-Temp-Url-Key,X-Container-Bytes-Used,Last-Modified,X-Timestamp
cache-control
max-age=172800
content-length
4576
access-control-allow-headers
Content-Type,X-Requested-With,X-Auth-Token,X-Openstack-Request-Id,X-Container-Meta-type,X-Container-Meta-Temp-URL-Key,Authorization
x-proxy-cache
HIT
icon3.png
123.selornews.com/dannig/common-player-arrow/img/ 		8 KB
8 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://123.selornews.com/dannig/common-player-arrow/img/icon3.png
Requested by
Host: 517s61.reminews.com
URL: https://517s61.reminews.com/dannig/common-player-arrow/index.html?var=1541502&ymid=2112031123d83abf0c2d3c4d99b379a571cf&rc=1&mrc=0&fsc=0&zoneid=1601571&tburl=https://play-vids.com/?geo=nl&proxy=true
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
45.133.44.4 Philadelphia, United States, ASN39572 (ADVANCEDHOSTERS-AS, NL),
Reverse DNS
Software
nginx/1.18.0 /
Resource Hash

Request headers

Accept-Language
nl-NL,nl;q=0.9
Referer
https://517s61.reminews.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date
Fri, 03 Dec 2021 16:23:00 GMT
x-openstack-request-id
txe836bc800dc74cab8c17e-00617824f0
x-trans-id
txe836bc800dc74cab8c17e-00617824f0
x-timestamp
1621260770.61859
accept-ranges
bytes
expires
Sun, 05 Dec 2021 16:23:00 GMT
last-modified
Mon, 17 May 2021 14:12:51 GMT
server
nginx/1.18.0
etag
8f3cc830da0b1fdf66bda7d1d734747b
vary
Accept-Encoding
access-control-allow-methods
HEAD,GET,POST,PUT,PATCH,DELETE,OPTIONS
content-type
image/png
access-control-allow-origin
*
access-control-expose-headers
X-Container-Meta-Temp-Url-Key,X-Container-Bytes-Used,Last-Modified,X-Timestamp
cache-control
max-age=172800
content-length
7847
access-control-allow-headers
Content-Type,X-Requested-With,X-Auth-Token,X-Openstack-Request-Id,X-Container-Meta-type,X-Container-Meta-Temp-URL-Key,Authorization
x-proxy-cache
HIT
icon4.png
123.selornews.com/dannig/common-player-arrow/img/ 		7 KB
7 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://123.selornews.com/dannig/common-player-arrow/img/icon4.png
Requested by
Host: 517s61.reminews.com
URL: https://517s61.reminews.com/dannig/common-player-arrow/index.html?var=1541502&ymid=2112031123d83abf0c2d3c4d99b379a571cf&rc=1&mrc=0&fsc=0&zoneid=1601571&tburl=https://play-vids.com/?geo=nl&proxy=true
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
45.133.44.4 Philadelphia, United States, ASN39572 (ADVANCEDHOSTERS-AS, NL),
Reverse DNS
Software
nginx/1.18.0 /
Resource Hash

Request headers

Accept-Language
nl-NL,nl;q=0.9
Referer
https://517s61.reminews.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date
Fri, 03 Dec 2021 16:23:00 GMT
x-openstack-request-id
tx15b172dcb6084849bf123-00617824f0
x-trans-id
tx15b172dcb6084849bf123-00617824f0
x-timestamp
1621260766.57654
accept-ranges
bytes
expires
Sun, 05 Dec 2021 16:23:00 GMT
last-modified
Mon, 17 May 2021 14:12:47 GMT
server
nginx/1.18.0
etag
7ad7f32c1c0df7b4975cc41bda4ac435
vary
Accept-Encoding
access-control-allow-methods
HEAD,GET,POST,PUT,PATCH,DELETE,OPTIONS
content-type
image/png
access-control-allow-origin
*
access-control-expose-headers
X-Container-Meta-Temp-Url-Key,X-Container-Bytes-Used,Last-Modified,X-Timestamp
cache-control
max-age=172800
content-length
7032
access-control-allow-headers
Content-Type,X-Requested-With,X-Auth-Token,X-Openstack-Request-Id,X-Container-Meta-type,X-Container-Meta-Temp-URL-Key,Authorization
x-proxy-cache
HIT
icon5.png
123.selornews.com/dannig/common-player-arrow/img/ 		3 KB
4 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://123.selornews.com/dannig/common-player-arrow/img/icon5.png
Requested by
Host: 517s61.reminews.com
URL: https://517s61.reminews.com/dannig/common-player-arrow/index.html?var=1541502&ymid=2112031123d83abf0c2d3c4d99b379a571cf&rc=1&mrc=0&fsc=0&zoneid=1601571&tburl=https://play-vids.com/?geo=nl&proxy=true
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
45.133.44.4 Philadelphia, United States, ASN39572 (ADVANCEDHOSTERS-AS, NL),
Reverse DNS
Software
nginx/1.18.0 /
Resource Hash

Request headers

Accept-Language
nl-NL,nl;q=0.9
Referer
https://517s61.reminews.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date
Fri, 03 Dec 2021 16:23:00 GMT
x-openstack-request-id
txb5043e51fe2e4d6988631-00617824f0
x-trans-id
txb5043e51fe2e4d6988631-00617824f0
x-timestamp
1621260766.74516
accept-ranges
bytes
expires
Sun, 05 Dec 2021 16:23:00 GMT
last-modified
Mon, 17 May 2021 14:12:47 GMT
server
nginx/1.18.0
etag
1e1a7582b5da63e10485d63f97abc9a0
vary
Accept-Encoding
access-control-allow-methods
HEAD,GET,POST,PUT,PATCH,DELETE,OPTIONS
content-type
image/png
access-control-allow-origin
*
access-control-expose-headers
X-Container-Meta-Temp-Url-Key,X-Container-Bytes-Used,Last-Modified,X-Timestamp
cache-control
max-age=172800
content-length
3264
access-control-allow-headers
Content-Type,X-Requested-With,X-Auth-Token,X-Openstack-Request-Id,X-Container-Meta-type,X-Container-Meta-Temp-URL-Key,Authorization
x-proxy-cache
HIT
icon7.png
123.selornews.com/dannig/common-player-arrow/img/ 		3 KB
4 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://123.selornews.com/dannig/common-player-arrow/img/icon7.png
Requested by
Host: 517s61.reminews.com
URL: https://517s61.reminews.com/dannig/common-player-arrow/index.html?var=1541502&ymid=2112031123d83abf0c2d3c4d99b379a571cf&rc=1&mrc=0&fsc=0&zoneid=1601571&tburl=https://play-vids.com/?geo=nl&proxy=true
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
45.133.44.4 Philadelphia, United States, ASN39572 (ADVANCEDHOSTERS-AS, NL),
Reverse DNS
Software
nginx/1.18.0 /
Resource Hash

Request headers

Accept-Language
nl-NL,nl;q=0.9
Referer
https://517s61.reminews.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date
Fri, 03 Dec 2021 16:23:00 GMT
x-openstack-request-id
tx23eb648f44094a9e86fdc-00617824f0
x-trans-id
tx23eb648f44094a9e86fdc-00617824f0
x-timestamp
1621260767.43555
accept-ranges
bytes
expires
Sun, 05 Dec 2021 16:23:00 GMT
last-modified
Mon, 17 May 2021 14:12:48 GMT
server
nginx/1.18.0
etag
b512735542cb07b3b2dcf153a7dfe456
vary
Accept-Encoding
access-control-allow-methods
HEAD,GET,POST,PUT,PATCH,DELETE,OPTIONS
content-type
image/png
access-control-allow-origin
*
access-control-expose-headers
X-Container-Meta-Temp-Url-Key,X-Container-Bytes-Used,Last-Modified,X-Timestamp
cache-control
max-age=172800
content-length
3283
access-control-allow-headers
Content-Type,X-Requested-With,X-Auth-Token,X-Openstack-Request-Id,X-Container-Meta-type,X-Container-Meta-Temp-URL-Key,Authorization
x-proxy-cache
HIT
icon8.png
123.selornews.com/dannig/common-player-arrow/img/ 		4 KB
5 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://123.selornews.com/dannig/common-player-arrow/img/icon8.png
Requested by
Host: 517s61.reminews.com
URL: https://517s61.reminews.com/dannig/common-player-arrow/index.html?var=1541502&ymid=2112031123d83abf0c2d3c4d99b379a571cf&rc=1&mrc=0&fsc=0&zoneid=1601571&tburl=https://play-vids.com/?geo=nl&proxy=true
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
45.133.44.4 Philadelphia, United States, ASN39572 (ADVANCEDHOSTERS-AS, NL),
Reverse DNS
Software
nginx/1.18.0 /
Resource Hash

Request headers

Accept-Language
nl-NL,nl;q=0.9
Referer
https://517s61.reminews.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date
Fri, 03 Dec 2021 16:23:00 GMT
x-openstack-request-id
tx287de7c84de84b77b385d-00617824f0
x-trans-id
tx287de7c84de84b77b385d-00617824f0
x-timestamp
1621260767.46514
accept-ranges
bytes
expires
Sun, 05 Dec 2021 16:23:00 GMT
last-modified
Mon, 17 May 2021 14:12:48 GMT
server
nginx/1.18.0
etag
f92d6474ebc6a3a0b576749cfb4afe98
vary
Accept-Encoding
access-control-allow-methods
HEAD,GET,POST,PUT,PATCH,DELETE,OPTIONS
content-type
image/png
access-control-allow-origin
*
access-control-expose-headers
X-Container-Meta-Temp-Url-Key,X-Container-Bytes-Used,Last-Modified,X-Timestamp
cache-control
max-age=172800
content-length
4064
access-control-allow-headers
Content-Type,X-Requested-With,X-Auth-Token,X-Openstack-Request-Id,X-Container-Meta-type,X-Container-Meta-Temp-URL-Key,Authorization
x-proxy-cache
HIT
afu.php
kneeansweras.com/ 		2 KB
1 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://kneeansweras.com/afu.php?zoneid=1541501&var=1541502
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
109.206.162.83 , Netherlands, ASN50245 (SERVEREL-AS, NL),
Reverse DNS
83.162.serverel.net
Software
nginx /
Resource Hash
c978545842e45b2113cd0a390879d07930e82cddf2949e39ab0a4685fe58a5e5

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36
Accept-Language
nl-NL,nl;q=0.9

Response headers

server
nginx
date
Fri, 03 Dec 2021 16:23:00 GMT
content-type
text/html; charset=utf-8
vary
Accept-Encoding
content-encoding
gzip
timing-allow-origin
*
submit.min.js
kneeansweras.com/ 		34 KB
14 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://kneeansweras.com/submit.min.js?2.0
Requested by
Host: kneeansweras.com
URL: https://kneeansweras.com/afu.php?zoneid=1541501&var=1541502
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
109.206.162.83 , Netherlands, ASN50245 (SERVEREL-AS, NL),
Reverse DNS
83.162.serverel.net
Software
nginx /
Resource Hash
85a367f436675a0f9ff723ab117c68ab0f704cd9f183bc40c8d5e06d647832b8

Request headers

Accept-Language
nl-NL,nl;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date
Fri, 03 Dec 2021 16:23:00 GMT
content-encoding
gzip
last-modified
Thu, 02 Dec 2021 12:43:17 GMT
server
nginx
etag
W/"61a8bf65-87fb"
vary
Accept-Encoding
content-type
application/javascript
timing-allow-origin
*
/
kneeansweras.com/ 		3 KB
2 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://kneeansweras.com/?r=dir&zoneid=1541501&var=1541502&pb=586c9fa88c368e30110ae9853b524f961638555780&psp=tWWBdfRfy3jvUT-1PCLrwBnVdXAKG4_-Z4eMdVEP_CLsKcYpovfZLssEiLA46T0EPiryZL07PjfQo2vCbXKoIr3LqqSRD6wODi4TsS41O58EJuV1Tkrhz9HcvMXN2o72B3zfKRI7SWf4OptxdBXPMf5WtixdGVfNumP59sq0sFWz2ymfmesMwmcBAHiFbaTg0SV1eWydiVQZPoNVajlCQa6_aN0c17OIXTv24PRPmpaJdPdBXYeJDqzGwzXdNY9_ANOD1qk4ZQo_WeWJyZD35KGZI84_4P6b6TsFLA0Tu7UDNeSnuUEIOdY5KEndInV5bpjSSK-rngm4ax-L6n3M1tcojYOdU6LI2cvl9xJsEyePwi7ml_hk8VgIwCbsqPcXCVeNDY_qu-JcLNPrd7LQnsNpsuvoSEuYuYCKFNjAHMqipqPVAlct3rFIAJ6hbCu7P-jWofqYg5XzkT2ZiQW1jpJB370-wHUslvZ-zb5BVISKE8TMmO5YQhnz55iG1BG1uoITV4H8n_0G_rcVkP176tGgRLYEenEyEzJGTuIIcCqONyRN3iS2nI3whpxUnpkHwZ6HnC0ciqyksQ-t6RuuPhBcudAw9sgorre3rD96U_xp2YsKz10FL-Lv84fjPl1c_09qgScXNDc6tOT9XKGqtqCLqqn3FfZ2lpA-cyDXaz6ltEJ6NVdbwg==&nojs=0&ix=0&t=0&x=1600&y=1200&wcks=1&wgl=1&cnvs=1&os=0&md=0&bb=0&pl=Chrome%20PDF%20Plugin::Chrome%20PDF%20Viewer::Native%20Client&lang=en-US&pf=Linux%20x86_64&cd=24&0&pload=100
Requested by
Host: kneeansweras.com
URL: https://kneeansweras.com/submit.min.js?2.0
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
109.206.162.83 , Netherlands, ASN50245 (SERVEREL-AS, NL),
Reverse DNS
83.162.serverel.net
Software
nginx /
Resource Hash
cdc2a553917935223a3c75f8aa81b76598c30c6ff1adee8d9fc1054bd9e2b438

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36
Accept-Language
nl-NL,nl;q=0.9

Response headers

server
nginx
date
Fri, 03 Dec 2021 16:23:00 GMT
content-type
text/html; charset=utf-8
vary
Accept-Encoding
content-encoding
gzip
timing-allow-origin
*
index.html
517s61.reminews.com/dannig/common-player-arrow/ 		6 KB
7 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://517s61.reminews.com/dannig/common-player-arrow/index.html?var=1541501&ymid=2112031123c2a7447c3a32451da54a90c25d&rc=1&mrc=0&fsc=0&zoneid=1601571&tburl=https://play-vids.com/?geo=nl&proxy=true
Requested by
Host: kneeansweras.com
URL: https://kneeansweras.com/?r=dir&zoneid=1541501&var=1541502&pb=586c9fa88c368e30110ae9853b524f961638555780&psp=tWWBdfRfy3jvUT-1PCLrwBnVdXAKG4_-Z4eMdVEP_CLsKcYpovfZLssEiLA46T0EPiryZL07PjfQo2vCbXKoIr3LqqSRD6wODi4TsS41O58EJuV1Tkrhz9HcvMXN2o72B3zfKRI7SWf4OptxdBXPMf5WtixdGVfNumP59sq0sFWz2ymfmesMwmcBAHiFbaTg0SV1eWydiVQZPoNVajlCQa6_aN0c17OIXTv24PRPmpaJdPdBXYeJDqzGwzXdNY9_ANOD1qk4ZQo_WeWJyZD35KGZI84_4P6b6TsFLA0Tu7UDNeSnuUEIOdY5KEndInV5bpjSSK-rngm4ax-L6n3M1tcojYOdU6LI2cvl9xJsEyePwi7ml_hk8VgIwCbsqPcXCVeNDY_qu-JcLNPrd7LQnsNpsuvoSEuYuYCKFNjAHMqipqPVAlct3rFIAJ6hbCu7P-jWofqYg5XzkT2ZiQW1jpJB370-wHUslvZ-zb5BVISKE8TMmO5YQhnz55iG1BG1uoITV4H8n_0G_rcVkP176tGgRLYEenEyEzJGTuIIcCqONyRN3iS2nI3whpxUnpkHwZ6HnC0ciqyksQ-t6RuuPhBcudAw9sgorre3rD96U_xp2YsKz10FL-Lv84fjPl1c_09qgScXNDc6tOT9XKGqtqCLqqn3FfZ2lpA-cyDXaz6ltEJ6NVdbwg==&nojs=0&ix=0&t=0&x=1600&y=1200&wcks=1&wgl=1&cnvs=1&os=0&md=0&bb=0&pl=Chrome%20PDF%20Plugin::Chrome%20PDF%20Viewer::Native%20Client&lang=en-US&pf=Linux%20x86_64&cd=24&0&pload=100
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
45.133.44.3 Philadelphia, United States, ASN39572 (ADVANCEDHOSTERS-AS, NL),
Reverse DNS
Software
nginx/1.18.0 /
Resource Hash
dccc56b4834577790633f041a5c730b0f283352e63c8509a9da3961b170b6f96

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36
Accept-Language
nl-NL,nl;q=0.9

Response headers

date
Fri, 03 Dec 2021 16:23:00 GMT
content-type
text/html; charset=utf-8
content-length
6611
server
nginx/1.18.0
last-modified
Tue, 26 Oct 2021 15:52:40 GMT
etag
f46a63e0e4e733d7ddc6f46da00863bf
x-timestamp
1635263559.76455
x-trans-id
txf9973ab5455e4f86ae257-00617824f3
x-openstack-request-id
txf9973ab5455e4f86ae257-00617824f3
cache-control
max-age=172800
access-control-allow-origin
*
access-control-allow-methods
HEAD,GET,POST,PUT,PATCH,DELETE,OPTIONS
access-control-allow-headers
Content-Type,X-Requested-With,X-Auth-Token,X-Openstack-Request-Id,X-Container-Meta-type,X-Container-Meta-Temp-URL-Key,Authorization
access-control-expose-headers
X-Container-Meta-Temp-Url-Key,X-Container-Bytes-Used,Last-Modified,X-Timestamp
expires
Sun, 05 Dec 2021 16:23:00 GMT
vary
Accept-Encoding
x-proxy-cache
HIT
accept-ranges
bytes
dupa.gif
kneeansweras.com/ 		0
0
script.js
123.selornews.com/dannig/common-player-arrow/ 		4 KB
5 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://123.selornews.com/dannig/common-player-arrow/script.js?a=19
Requested by
Host: 517s61.reminews.com
URL: https://517s61.reminews.com/dannig/common-player-arrow/index.html?var=1541501&ymid=2112031123c2a7447c3a32451da54a90c25d&rc=1&mrc=0&fsc=0&zoneid=1601571&tburl=https://play-vids.com/?geo=nl&proxy=true
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
45.133.44.4 Philadelphia, United States, ASN39572 (ADVANCEDHOSTERS-AS, NL),
Reverse DNS
Software
nginx/1.18.0 /
Resource Hash
4d23eca65ee87fd5bce9aaefc863c5f836ad13dbb3069c72533bddfe2054d0d9

Request headers

Accept-Language
nl-NL,nl;q=0.9
Referer
https://517s61.reminews.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date
Fri, 03 Dec 2021 16:23:00 GMT
x-openstack-request-id
tx511d3042704c4fa98c709-00617824f4
x-trans-id
tx511d3042704c4fa98c709-00617824f4
x-timestamp
1631013005.68768
accept-ranges
bytes
expires
Sun, 05 Dec 2021 16:23:00 GMT
last-modified
Tue, 07 Sep 2021 11:10:06 GMT
server
nginx/1.18.0
etag
9d479878f1dadd7ee15cebf73891e8ae
vary
Accept-Encoding
access-control-allow-methods
HEAD,GET,POST,PUT,PATCH,DELETE,OPTIONS
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
access-control-expose-headers
X-Container-Meta-Temp-Url-Key,X-Container-Bytes-Used,Last-Modified,X-Timestamp
cache-control
max-age=172800
content-length
4281
access-control-allow-headers
Content-Type,X-Requested-With,X-Auth-Token,X-Openstack-Request-Id,X-Container-Meta-type,X-Container-Meta-Temp-URL-Key,Authorization
x-proxy-cache
HIT
icon1.png
123.selornews.com/dannig/common-player-arrow/img/ 		7 KB
8 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://123.selornews.com/dannig/common-player-arrow/img/icon1.png
Requested by
Host: 517s61.reminews.com
URL: https://517s61.reminews.com/dannig/common-player-arrow/index.html?var=1541501&ymid=2112031123c2a7447c3a32451da54a90c25d&rc=1&mrc=0&fsc=0&zoneid=1601571&tburl=https://play-vids.com/?geo=nl&proxy=true
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
45.133.44.4 Philadelphia, United States, ASN39572 (ADVANCEDHOSTERS-AS, NL),
Reverse DNS
Software
nginx/1.18.0 /
Resource Hash
0515ddd9185d263874e7b66bb6d521fcd63b857aac5fed51c08df98026dafe27

Request headers

Accept-Language
nl-NL,nl;q=0.9
Referer
https://517s61.reminews.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date
Fri, 03 Dec 2021 16:23:00 GMT
x-openstack-request-id
tx3a371b7f911d47879e956-00617824f4
x-trans-id
tx3a371b7f911d47879e956-00617824f4
x-timestamp
1621260766.56573
accept-ranges
bytes
expires
Sun, 05 Dec 2021 16:23:00 GMT
last-modified
Mon, 17 May 2021 14:12:47 GMT
server
nginx/1.18.0
etag
3d0ab5834c8bf7134e4d21fa3288317f
vary
Accept-Encoding
access-control-allow-methods
HEAD,GET,POST,PUT,PATCH,DELETE,OPTIONS
content-type
image/png
access-control-allow-origin
*
access-control-expose-headers
X-Container-Meta-Temp-Url-Key,X-Container-Bytes-Used,Last-Modified,X-Timestamp
cache-control
max-age=172800
content-length
7252
access-control-allow-headers
Content-Type,X-Requested-With,X-Auth-Token,X-Openstack-Request-Id,X-Container-Meta-type,X-Container-Meta-Temp-URL-Key,Authorization
x-proxy-cache
HIT
icon2.png
123.selornews.com/dannig/common-player-arrow/img/ 		4 KB
5 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://123.selornews.com/dannig/common-player-arrow/img/icon2.png
Requested by
Host: 517s61.reminews.com
URL: https://517s61.reminews.com/dannig/common-player-arrow/index.html?var=1541501&ymid=2112031123c2a7447c3a32451da54a90c25d&rc=1&mrc=0&fsc=0&zoneid=1601571&tburl=https://play-vids.com/?geo=nl&proxy=true
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
45.133.44.4 Philadelphia, United States, ASN39572 (ADVANCEDHOSTERS-AS, NL),
Reverse DNS
Software
nginx/1.18.0 /
Resource Hash

Request headers

Accept-Language
nl-NL,nl;q=0.9
Referer
https://517s61.reminews.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date
Fri, 03 Dec 2021 16:23:00 GMT
x-openstack-request-id
txa9b08c83d6884e2e94886-00617824f0
x-trans-id
txa9b08c83d6884e2e94886-00617824f0
x-timestamp
1621260766.58366
accept-ranges
bytes
expires
Sun, 05 Dec 2021 16:23:00 GMT
last-modified
Mon, 17 May 2021 14:12:47 GMT
server
nginx/1.18.0
etag
c947d439eb93367f1af5b2a3d222f057
vary
Accept-Encoding
access-control-allow-methods
HEAD,GET,POST,PUT,PATCH,DELETE,OPTIONS
content-type
image/png
access-control-allow-origin
*
access-control-expose-headers
X-Container-Meta-Temp-Url-Key,X-Container-Bytes-Used,Last-Modified,X-Timestamp
cache-control
max-age=172800
content-length
4576
access-control-allow-headers
Content-Type,X-Requested-With,X-Auth-Token,X-Openstack-Request-Id,X-Container-Meta-type,X-Container-Meta-Temp-URL-Key,Authorization
x-proxy-cache
HIT
icon3.png
123.selornews.com/dannig/common-player-arrow/img/ 		8 KB
8 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://123.selornews.com/dannig/common-player-arrow/img/icon3.png
Requested by
Host: 517s61.reminews.com
URL: https://517s61.reminews.com/dannig/common-player-arrow/index.html?var=1541501&ymid=2112031123c2a7447c3a32451da54a90c25d&rc=1&mrc=0&fsc=0&zoneid=1601571&tburl=https://play-vids.com/?geo=nl&proxy=true
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
45.133.44.4 Philadelphia, United States, ASN39572 (ADVANCEDHOSTERS-AS, NL),
Reverse DNS
Software
nginx/1.18.0 /
Resource Hash

Request headers

Accept-Language
nl-NL,nl;q=0.9
Referer
https://517s61.reminews.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date
Fri, 03 Dec 2021 16:23:00 GMT
x-openstack-request-id
txe836bc800dc74cab8c17e-00617824f0
x-trans-id
txe836bc800dc74cab8c17e-00617824f0
x-timestamp
1621260770.61859
accept-ranges
bytes
expires
Sun, 05 Dec 2021 16:23:00 GMT
last-modified
Mon, 17 May 2021 14:12:51 GMT
server
nginx/1.18.0
etag
8f3cc830da0b1fdf66bda7d1d734747b
vary
Accept-Encoding
access-control-allow-methods
HEAD,GET,POST,PUT,PATCH,DELETE,OPTIONS
content-type
image/png
access-control-allow-origin
*
access-control-expose-headers
X-Container-Meta-Temp-Url-Key,X-Container-Bytes-Used,Last-Modified,X-Timestamp
cache-control
max-age=172800
content-length
7847
access-control-allow-headers
Content-Type,X-Requested-With,X-Auth-Token,X-Openstack-Request-Id,X-Container-Meta-type,X-Container-Meta-Temp-URL-Key,Authorization
x-proxy-cache
HIT
icon4.png
123.selornews.com/dannig/common-player-arrow/img/ 		7 KB
7 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://123.selornews.com/dannig/common-player-arrow/img/icon4.png
Requested by
Host: 517s61.reminews.com
URL: https://517s61.reminews.com/dannig/common-player-arrow/index.html?var=1541501&ymid=2112031123c2a7447c3a32451da54a90c25d&rc=1&mrc=0&fsc=0&zoneid=1601571&tburl=https://play-vids.com/?geo=nl&proxy=true
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
45.133.44.4 Philadelphia, United States, ASN39572 (ADVANCEDHOSTERS-AS, NL),
Reverse DNS
Software
nginx/1.18.0 /
Resource Hash

Request headers

Accept-Language
nl-NL,nl;q=0.9
Referer
https://517s61.reminews.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date
Fri, 03 Dec 2021 16:23:00 GMT
x-openstack-request-id
tx15b172dcb6084849bf123-00617824f0
x-trans-id
tx15b172dcb6084849bf123-00617824f0
x-timestamp
1621260766.57654
accept-ranges
bytes
expires
Sun, 05 Dec 2021 16:23:00 GMT
last-modified
Mon, 17 May 2021 14:12:47 GMT
server
nginx/1.18.0
etag
7ad7f32c1c0df7b4975cc41bda4ac435
vary
Accept-Encoding
access-control-allow-methods
HEAD,GET,POST,PUT,PATCH,DELETE,OPTIONS
content-type
image/png
access-control-allow-origin
*
access-control-expose-headers
X-Container-Meta-Temp-Url-Key,X-Container-Bytes-Used,Last-Modified,X-Timestamp
cache-control
max-age=172800
content-length
7032
access-control-allow-headers
Content-Type,X-Requested-With,X-Auth-Token,X-Openstack-Request-Id,X-Container-Meta-type,X-Container-Meta-Temp-URL-Key,Authorization
x-proxy-cache
HIT
icon5.png
123.selornews.com/dannig/common-player-arrow/img/ 		3 KB
4 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://123.selornews.com/dannig/common-player-arrow/img/icon5.png
Requested by
Host: 517s61.reminews.com
URL: https://517s61.reminews.com/dannig/common-player-arrow/index.html?var=1541501&ymid=2112031123c2a7447c3a32451da54a90c25d&rc=1&mrc=0&fsc=0&zoneid=1601571&tburl=https://play-vids.com/?geo=nl&proxy=true
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
45.133.44.4 Philadelphia, United States, ASN39572 (ADVANCEDHOSTERS-AS, NL),
Reverse DNS
Software
nginx/1.18.0 /
Resource Hash

Request headers

Accept-Language
nl-NL,nl;q=0.9
Referer
https://517s61.reminews.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date
Fri, 03 Dec 2021 16:23:00 GMT
x-openstack-request-id
txb5043e51fe2e4d6988631-00617824f0
x-trans-id
txb5043e51fe2e4d6988631-00617824f0
x-timestamp
1621260766.74516
accept-ranges
bytes
expires
Sun, 05 Dec 2021 16:23:00 GMT
last-modified
Mon, 17 May 2021 14:12:47 GMT
server
nginx/1.18.0
etag
1e1a7582b5da63e10485d63f97abc9a0
vary
Accept-Encoding
access-control-allow-methods
HEAD,GET,POST,PUT,PATCH,DELETE,OPTIONS
content-type
image/png
access-control-allow-origin
*
access-control-expose-headers
X-Container-Meta-Temp-Url-Key,X-Container-Bytes-Used,Last-Modified,X-Timestamp
cache-control
max-age=172800
content-length
3264
access-control-allow-headers
Content-Type,X-Requested-With,X-Auth-Token,X-Openstack-Request-Id,X-Container-Meta-type,X-Container-Meta-Temp-URL-Key,Authorization
x-proxy-cache
HIT
icon7.png
123.selornews.com/dannig/common-player-arrow/img/ 		3 KB
4 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://123.selornews.com/dannig/common-player-arrow/img/icon7.png
Requested by
Host: 517s61.reminews.com
URL: https://517s61.reminews.com/dannig/common-player-arrow/index.html?var=1541501&ymid=2112031123c2a7447c3a32451da54a90c25d&rc=1&mrc=0&fsc=0&zoneid=1601571&tburl=https://play-vids.com/?geo=nl&proxy=true
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
45.133.44.4 Philadelphia, United States, ASN39572 (ADVANCEDHOSTERS-AS, NL),
Reverse DNS
Software
nginx/1.18.0 /
Resource Hash

Request headers

Accept-Language
nl-NL,nl;q=0.9
Referer
https://517s61.reminews.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date
Fri, 03 Dec 2021 16:23:00 GMT
x-openstack-request-id
tx23eb648f44094a9e86fdc-00617824f0
x-trans-id
tx23eb648f44094a9e86fdc-00617824f0
x-timestamp
1621260767.43555
accept-ranges
bytes
expires
Sun, 05 Dec 2021 16:23:00 GMT
last-modified
Mon, 17 May 2021 14:12:48 GMT
server
nginx/1.18.0
etag
b512735542cb07b3b2dcf153a7dfe456
vary
Accept-Encoding
access-control-allow-methods
HEAD,GET,POST,PUT,PATCH,DELETE,OPTIONS
content-type
image/png
access-control-allow-origin
*
access-control-expose-headers
X-Container-Meta-Temp-Url-Key,X-Container-Bytes-Used,Last-Modified,X-Timestamp
cache-control
max-age=172800
content-length
3283
access-control-allow-headers
Content-Type,X-Requested-With,X-Auth-Token,X-Openstack-Request-Id,X-Container-Meta-type,X-Container-Meta-Temp-URL-Key,Authorization
x-proxy-cache
HIT
icon8.png
123.selornews.com/dannig/common-player-arrow/img/ 		4 KB
5 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://123.selornews.com/dannig/common-player-arrow/img/icon8.png
Requested by
Host: 517s61.reminews.com
URL: https://517s61.reminews.com/dannig/common-player-arrow/index.html?var=1541501&ymid=2112031123c2a7447c3a32451da54a90c25d&rc=1&mrc=0&fsc=0&zoneid=1601571&tburl=https://play-vids.com/?geo=nl&proxy=true
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
45.133.44.4 Philadelphia, United States, ASN39572 (ADVANCEDHOSTERS-AS, NL),
Reverse DNS
Software
nginx/1.18.0 /
Resource Hash

Request headers

Accept-Language
nl-NL,nl;q=0.9
Referer
https://517s61.reminews.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date
Fri, 03 Dec 2021 16:23:00 GMT
x-openstack-request-id
tx287de7c84de84b77b385d-00617824f0
x-trans-id
tx287de7c84de84b77b385d-00617824f0
x-timestamp
1621260767.46514
accept-ranges
bytes
expires
Sun, 05 Dec 2021 16:23:00 GMT
last-modified
Mon, 17 May 2021 14:12:48 GMT
server
nginx/1.18.0
etag
f92d6474ebc6a3a0b576749cfb4afe98
vary
Accept-Encoding
access-control-allow-methods
HEAD,GET,POST,PUT,PATCH,DELETE,OPTIONS
content-type
image/png
access-control-allow-origin
*
access-control-expose-headers
X-Container-Meta-Temp-Url-Key,X-Container-Bytes-Used,Last-Modified,X-Timestamp
cache-control
max-age=172800
content-length
4064
access-control-allow-headers
Content-Type,X-Requested-With,X-Auth-Token,X-Openstack-Request-Id,X-Container-Meta-type,X-Container-Meta-Temp-URL-Key,Authorization
x-proxy-cache
HIT
afu.php
kneeansweras.com/ 		2 KB
1 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://kneeansweras.com/afu.php?zoneid=1541502&var=1541501
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
109.206.162.83 , Netherlands, ASN50245 (SERVEREL-AS, NL),
Reverse DNS
83.162.serverel.net
Software
nginx /
Resource Hash
36321a27294968352b28da19288a20a7ce3af70e955cc7da571ed2c1786f0a6a

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36
Accept-Language
nl-NL,nl;q=0.9

Response headers

server
nginx
date
Fri, 03 Dec 2021 16:23:00 GMT
content-type
text/html; charset=utf-8
vary
Accept-Encoding
content-encoding
gzip
timing-allow-origin
*
submit.min.js
kneeansweras.com/ 		34 KB
14 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://kneeansweras.com/submit.min.js?2.0
Requested by
Host: kneeansweras.com
URL: https://kneeansweras.com/afu.php?zoneid=1541502&var=1541501
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
109.206.162.83 , Netherlands, ASN50245 (SERVEREL-AS, NL),
Reverse DNS
83.162.serverel.net
Software
nginx /
Resource Hash
85a367f436675a0f9ff723ab117c68ab0f704cd9f183bc40c8d5e06d647832b8

Request headers

Accept-Language
nl-NL,nl;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date
Fri, 03 Dec 2021 16:23:00 GMT
content-encoding
gzip
last-modified
Thu, 02 Dec 2021 12:43:17 GMT
server
nginx
etag
W/"61a8bf65-87fb"
vary
Accept-Encoding
content-type
application/javascript
timing-allow-origin
*
/
kneeansweras.com/ 		3 KB
2 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://kneeansweras.com/?r=dir&zoneid=1541502&var=1541501&pb=586c9fa88c368e30110ae9853b524f961638555780&psp=WtALLhfwF0Hi4NtnLTIDKUWrCREZQFz_C3SNrzoJGuOPZIsbeLQwJnpRDdyBPFGprRZJRp5CTXSxVbeoG9VD8bHlAy-H0lc_awbl80PWEYRvvZ47R8v5fUXbzo1tGEkqkhfTstC1yBwP7uOIkhqSZE2_1wHJhN9_uWM_RyH2xvhVzSPn52xKf9aWfsY92PQ2ZxRtpyj6lq0HerttGRKx-t6oZmFsMKikYgDu8aCW0WBFKtLuvWsxF3fSPSeY39On9C1jItV8U-GqFxYhbgMoPjR9HEBBvrJnrwVJWOmXNQm_TcCOZZgkTgep3rOkHbcAUhzuzdS2bJlUmgToz9xk5fozVha7ZLmJeJrij3I4Tuj4ZOCnuoJCHJN08-_U-Dp4-1SPC83Vm76-wQard2gQc-yPJWo4u1nwNyMKn258EmEyhPEm2iOpbd7oIyYeD__jbJXb59zIj6hqK43MmXuUGhD_bC2RVrxDIeBbLdPKVlrsTJ34TkpTilJNLznirMN7_87dWpagRHD951CbW7XCkuoAsinw_RLMto7vaAgwikO-pvT_XHA8Kk4meAy_orP8DPgCifCe-LtSSvr33o2b1TfC0n9xMmetAlqfkbAo0L_pywlCV08GEyfa0kNjJGVK5aWacHVmPeoyZXHrMxxHPiRwDRv3cFd2nr0Z1jitPLDRNcbZOQNLwg==&nojs=0&ix=0&t=0&x=1600&y=1200&wcks=1&wgl=1&cnvs=1&os=0&md=0&bb=0&pl=Chrome%20PDF%20Plugin::Chrome%20PDF%20Viewer::Native%20Client&lang=en-US&pf=Linux%20x86_64&cd=24&0&pload=103
Requested by
Host: kneeansweras.com
URL: https://kneeansweras.com/submit.min.js?2.0
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
109.206.162.83 , Netherlands, ASN50245 (SERVEREL-AS, NL),
Reverse DNS
83.162.serverel.net
Software
nginx /
Resource Hash
5196b1933721cce5e9e8f31a2d479516ed9251133603bf866944cb25935b8e2f

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36
Accept-Language
nl-NL,nl;q=0.9

Response headers

server
nginx
date
Fri, 03 Dec 2021 16:23:01 GMT
content-type
text/html; charset=utf-8
vary
Accept-Encoding
content-encoding
gzip
timing-allow-origin
*
index.html
517s61.reminews.com/dannig/common-player-arrow/ 		6 KB
7 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://517s61.reminews.com/dannig/common-player-arrow/index.html?var=1541502&ymid=2112031123d2553c7dea7641fa9b2d4e70de&rc=1&mrc=0&fsc=0&zoneid=1601571&tburl=https://play-vids.com/?geo=nl&proxy=true
Requested by
Host: kneeansweras.com
URL: https://kneeansweras.com/?r=dir&zoneid=1541502&var=1541501&pb=586c9fa88c368e30110ae9853b524f961638555780&psp=WtALLhfwF0Hi4NtnLTIDKUWrCREZQFz_C3SNrzoJGuOPZIsbeLQwJnpRDdyBPFGprRZJRp5CTXSxVbeoG9VD8bHlAy-H0lc_awbl80PWEYRvvZ47R8v5fUXbzo1tGEkqkhfTstC1yBwP7uOIkhqSZE2_1wHJhN9_uWM_RyH2xvhVzSPn52xKf9aWfsY92PQ2ZxRtpyj6lq0HerttGRKx-t6oZmFsMKikYgDu8aCW0WBFKtLuvWsxF3fSPSeY39On9C1jItV8U-GqFxYhbgMoPjR9HEBBvrJnrwVJWOmXNQm_TcCOZZgkTgep3rOkHbcAUhzuzdS2bJlUmgToz9xk5fozVha7ZLmJeJrij3I4Tuj4ZOCnuoJCHJN08-_U-Dp4-1SPC83Vm76-wQard2gQc-yPJWo4u1nwNyMKn258EmEyhPEm2iOpbd7oIyYeD__jbJXb59zIj6hqK43MmXuUGhD_bC2RVrxDIeBbLdPKVlrsTJ34TkpTilJNLznirMN7_87dWpagRHD951CbW7XCkuoAsinw_RLMto7vaAgwikO-pvT_XHA8Kk4meAy_orP8DPgCifCe-LtSSvr33o2b1TfC0n9xMmetAlqfkbAo0L_pywlCV08GEyfa0kNjJGVK5aWacHVmPeoyZXHrMxxHPiRwDRv3cFd2nr0Z1jitPLDRNcbZOQNLwg==&nojs=0&ix=0&t=0&x=1600&y=1200&wcks=1&wgl=1&cnvs=1&os=0&md=0&bb=0&pl=Chrome%20PDF%20Plugin::Chrome%20PDF%20Viewer::Native%20Client&lang=en-US&pf=Linux%20x86_64&cd=24&0&pload=103
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
45.133.44.3 Philadelphia, United States, ASN39572 (ADVANCEDHOSTERS-AS, NL),
Reverse DNS
Software
nginx/1.18.0 /
Resource Hash
dccc56b4834577790633f041a5c730b0f283352e63c8509a9da3961b170b6f96

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36
Accept-Language
nl-NL,nl;q=0.9

Response headers

date
Fri, 03 Dec 2021 16:23:01 GMT
content-type
text/html; charset=utf-8
content-length
6611
server
nginx/1.18.0
last-modified
Tue, 26 Oct 2021 15:52:40 GMT
etag
f46a63e0e4e733d7ddc6f46da00863bf
x-timestamp
1635263559.76455
x-trans-id
txf9973ab5455e4f86ae257-00617824f3
x-openstack-request-id
txf9973ab5455e4f86ae257-00617824f3
cache-control
max-age=172800
access-control-allow-origin
*
access-control-allow-methods
HEAD,GET,POST,PUT,PATCH,DELETE,OPTIONS
access-control-allow-headers
Content-Type,X-Requested-With,X-Auth-Token,X-Openstack-Request-Id,X-Container-Meta-type,X-Container-Meta-Temp-URL-Key,Authorization
access-control-expose-headers
X-Container-Meta-Temp-Url-Key,X-Container-Bytes-Used,Last-Modified,X-Timestamp
expires
Sun, 05 Dec 2021 16:23:01 GMT
vary
Accept-Encoding
x-proxy-cache
HIT
accept-ranges
bytes
dupa.gif
kneeansweras.com/ 		0
0
script.js
123.selornews.com/dannig/common-player-arrow/ 		4 KB
5 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://123.selornews.com/dannig/common-player-arrow/script.js?a=19
Requested by
Host: 517s61.reminews.com
URL: https://517s61.reminews.com/dannig/common-player-arrow/index.html?var=1541502&ymid=2112031123d2553c7dea7641fa9b2d4e70de&rc=1&mrc=0&fsc=0&zoneid=1601571&tburl=https://play-vids.com/?geo=nl&proxy=true
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
45.133.44.4 Philadelphia, United States, ASN39572 (ADVANCEDHOSTERS-AS, NL),
Reverse DNS
Software
nginx/1.18.0 /
Resource Hash
4d23eca65ee87fd5bce9aaefc863c5f836ad13dbb3069c72533bddfe2054d0d9

Request headers

Accept-Language
nl-NL,nl;q=0.9
Referer
https://517s61.reminews.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date
Fri, 03 Dec 2021 16:23:01 GMT
x-openstack-request-id
tx511d3042704c4fa98c709-00617824f4
x-trans-id
tx511d3042704c4fa98c709-00617824f4
x-timestamp
1631013005.68768
accept-ranges
bytes
expires
Sun, 05 Dec 2021 16:23:01 GMT
last-modified
Tue, 07 Sep 2021 11:10:06 GMT
server
nginx/1.18.0
etag
9d479878f1dadd7ee15cebf73891e8ae
vary
Accept-Encoding
access-control-allow-methods
HEAD,GET,POST,PUT,PATCH,DELETE,OPTIONS
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
access-control-expose-headers
X-Container-Meta-Temp-Url-Key,X-Container-Bytes-Used,Last-Modified,X-Timestamp
cache-control
max-age=172800
content-length
4281
access-control-allow-headers
Content-Type,X-Requested-With,X-Auth-Token,X-Openstack-Request-Id,X-Container-Meta-type,X-Container-Meta-Temp-URL-Key,Authorization
x-proxy-cache
HIT
icon1.png
123.selornews.com/dannig/common-player-arrow/img/ 		7 KB
8 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://123.selornews.com/dannig/common-player-arrow/img/icon1.png
Requested by
Host: 517s61.reminews.com
URL: https://517s61.reminews.com/dannig/common-player-arrow/index.html?var=1541502&ymid=2112031123d2553c7dea7641fa9b2d4e70de&rc=1&mrc=0&fsc=0&zoneid=1601571&tburl=https://play-vids.com/?geo=nl&proxy=true
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
45.133.44.4 Philadelphia, United States, ASN39572 (ADVANCEDHOSTERS-AS, NL),
Reverse DNS
Software
nginx/1.18.0 /
Resource Hash

Request headers

Accept-Language
nl-NL,nl;q=0.9
Referer
https://517s61.reminews.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date
Fri, 03 Dec 2021 16:23:01 GMT
x-openstack-request-id
tx3a371b7f911d47879e956-00617824f4
x-trans-id
tx3a371b7f911d47879e956-00617824f4
x-timestamp
1621260766.56573
accept-ranges
bytes
expires
Sun, 05 Dec 2021 16:23:01 GMT
last-modified
Mon, 17 May 2021 14:12:47 GMT
server
nginx/1.18.0
etag
3d0ab5834c8bf7134e4d21fa3288317f
vary
Accept-Encoding
access-control-allow-methods
HEAD,GET,POST,PUT,PATCH,DELETE,OPTIONS
content-type
image/png
access-control-allow-origin
*
access-control-expose-headers
X-Container-Meta-Temp-Url-Key,X-Container-Bytes-Used,Last-Modified,X-Timestamp
cache-control
max-age=172800
content-length
7252
access-control-allow-headers
Content-Type,X-Requested-With,X-Auth-Token,X-Openstack-Request-Id,X-Container-Meta-type,X-Container-Meta-Temp-URL-Key,Authorization
x-proxy-cache
HIT
icon2.png
123.selornews.com/dannig/common-player-arrow/img/ 		4 KB
5 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://123.selornews.com/dannig/common-player-arrow/img/icon2.png
Requested by
Host: 517s61.reminews.com
URL: https://517s61.reminews.com/dannig/common-player-arrow/index.html?var=1541502&ymid=2112031123d2553c7dea7641fa9b2d4e70de&rc=1&mrc=0&fsc=0&zoneid=1601571&tburl=https://play-vids.com/?geo=nl&proxy=true
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
45.133.44.4 Philadelphia, United States, ASN39572 (ADVANCEDHOSTERS-AS, NL),
Reverse DNS
Software
nginx/1.18.0 /
Resource Hash

Request headers

Accept-Language
nl-NL,nl;q=0.9
Referer
https://517s61.reminews.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date
Fri, 03 Dec 2021 16:23:01 GMT
x-openstack-request-id
txa9b08c83d6884e2e94886-00617824f0
x-trans-id
txa9b08c83d6884e2e94886-00617824f0
x-timestamp
1621260766.58366
accept-ranges
bytes
expires
Sun, 05 Dec 2021 16:23:01 GMT
last-modified
Mon, 17 May 2021 14:12:47 GMT
server
nginx/1.18.0
etag
c947d439eb93367f1af5b2a3d222f057
vary
Accept-Encoding
access-control-allow-methods
HEAD,GET,POST,PUT,PATCH,DELETE,OPTIONS
content-type
image/png
access-control-allow-origin
*
access-control-expose-headers
X-Container-Meta-Temp-Url-Key,X-Container-Bytes-Used,Last-Modified,X-Timestamp
cache-control
max-age=172800
content-length
4576
access-control-allow-headers
Content-Type,X-Requested-With,X-Auth-Token,X-Openstack-Request-Id,X-Container-Meta-type,X-Container-Meta-Temp-URL-Key,Authorization
x-proxy-cache
HIT
icon3.png
123.selornews.com/dannig/common-player-arrow/img/ 		8 KB
8 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://123.selornews.com/dannig/common-player-arrow/img/icon3.png
Requested by
Host: 517s61.reminews.com
URL: https://517s61.reminews.com/dannig/common-player-arrow/index.html?var=1541502&ymid=2112031123d2553c7dea7641fa9b2d4e70de&rc=1&mrc=0&fsc=0&zoneid=1601571&tburl=https://play-vids.com/?geo=nl&proxy=true
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
45.133.44.4 Philadelphia, United States, ASN39572 (ADVANCEDHOSTERS-AS, NL),
Reverse DNS
Software
nginx/1.18.0 /
Resource Hash

Request headers

Accept-Language
nl-NL,nl;q=0.9
Referer
https://517s61.reminews.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date
Fri, 03 Dec 2021 16:23:01 GMT
x-openstack-request-id
txe836bc800dc74cab8c17e-00617824f0
x-trans-id
txe836bc800dc74cab8c17e-00617824f0
x-timestamp
1621260770.61859
accept-ranges
bytes
expires
Sun, 05 Dec 2021 16:23:01 GMT
last-modified
Mon, 17 May 2021 14:12:51 GMT
server
nginx/1.18.0
etag
8f3cc830da0b1fdf66bda7d1d734747b
vary
Accept-Encoding
access-control-allow-methods
HEAD,GET,POST,PUT,PATCH,DELETE,OPTIONS
content-type
image/png
access-control-allow-origin
*
access-control-expose-headers
X-Container-Meta-Temp-Url-Key,X-Container-Bytes-Used,Last-Modified,X-Timestamp
cache-control
max-age=172800
content-length
7847
access-control-allow-headers
Content-Type,X-Requested-With,X-Auth-Token,X-Openstack-Request-Id,X-Container-Meta-type,X-Container-Meta-Temp-URL-Key,Authorization
x-proxy-cache
HIT
icon4.png
123.selornews.com/dannig/common-player-arrow/img/ 		7 KB
7 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://123.selornews.com/dannig/common-player-arrow/img/icon4.png
Requested by
Host: 517s61.reminews.com
URL: https://517s61.reminews.com/dannig/common-player-arrow/index.html?var=1541502&ymid=2112031123d2553c7dea7641fa9b2d4e70de&rc=1&mrc=0&fsc=0&zoneid=1601571&tburl=https://play-vids.com/?geo=nl&proxy=true
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
45.133.44.4 Philadelphia, United States, ASN39572 (ADVANCEDHOSTERS-AS, NL),
Reverse DNS
Software
nginx/1.18.0 /
Resource Hash

Request headers

Accept-Language
nl-NL,nl;q=0.9
Referer
https://517s61.reminews.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date
Fri, 03 Dec 2021 16:23:01 GMT
x-openstack-request-id
tx15b172dcb6084849bf123-00617824f0
x-trans-id
tx15b172dcb6084849bf123-00617824f0
x-timestamp
1621260766.57654
accept-ranges
bytes
expires
Sun, 05 Dec 2021 16:23:01 GMT
last-modified
Mon, 17 May 2021 14:12:47 GMT
server
nginx/1.18.0
etag
7ad7f32c1c0df7b4975cc41bda4ac435
vary
Accept-Encoding
access-control-allow-methods
HEAD,GET,POST,PUT,PATCH,DELETE,OPTIONS
content-type
image/png
access-control-allow-origin
*
access-control-expose-headers
X-Container-Meta-Temp-Url-Key,X-Container-Bytes-Used,Last-Modified,X-Timestamp
cache-control
max-age=172800
content-length
7032
access-control-allow-headers
Content-Type,X-Requested-With,X-Auth-Token,X-Openstack-Request-Id,X-Container-Meta-type,X-Container-Meta-Temp-URL-Key,Authorization
x-proxy-cache
HIT
icon5.png
123.selornews.com/dannig/common-player-arrow/img/ 		3 KB
4 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://123.selornews.com/dannig/common-player-arrow/img/icon5.png
Requested by
Host: 517s61.reminews.com
URL: https://517s61.reminews.com/dannig/common-player-arrow/index.html?var=1541502&ymid=2112031123d2553c7dea7641fa9b2d4e70de&rc=1&mrc=0&fsc=0&zoneid=1601571&tburl=https://play-vids.com/?geo=nl&proxy=true
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
45.133.44.4 Philadelphia, United States, ASN39572 (ADVANCEDHOSTERS-AS, NL),
Reverse DNS
Software
nginx/1.18.0 /
Resource Hash

Request headers

Accept-Language
nl-NL,nl;q=0.9
Referer
https://517s61.reminews.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date
Fri, 03 Dec 2021 16:23:01 GMT
x-openstack-request-id
txb5043e51fe2e4d6988631-00617824f0
x-trans-id
txb5043e51fe2e4d6988631-00617824f0
x-timestamp
1621260766.74516
accept-ranges
bytes
expires
Sun, 05 Dec 2021 16:23:01 GMT
last-modified
Mon, 17 May 2021 14:12:47 GMT
server
nginx/1.18.0
etag
1e1a7582b5da63e10485d63f97abc9a0
vary
Accept-Encoding
access-control-allow-methods
HEAD,GET,POST,PUT,PATCH,DELETE,OPTIONS
content-type
image/png
access-control-allow-origin
*
access-control-expose-headers
X-Container-Meta-Temp-Url-Key,X-Container-Bytes-Used,Last-Modified,X-Timestamp
cache-control
max-age=172800
content-length
3264
access-control-allow-headers
Content-Type,X-Requested-With,X-Auth-Token,X-Openstack-Request-Id,X-Container-Meta-type,X-Container-Meta-Temp-URL-Key,Authorization
x-proxy-cache
HIT
icon7.png
123.selornews.com/dannig/common-player-arrow/img/ 		3 KB
4 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://123.selornews.com/dannig/common-player-arrow/img/icon7.png
Requested by
Host: 517s61.reminews.com
URL: https://517s61.reminews.com/dannig/common-player-arrow/index.html?var=1541502&ymid=2112031123d2553c7dea7641fa9b2d4e70de&rc=1&mrc=0&fsc=0&zoneid=1601571&tburl=https://play-vids.com/?geo=nl&proxy=true
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
45.133.44.4 Philadelphia, United States, ASN39572 (ADVANCEDHOSTERS-AS, NL),
Reverse DNS
Software
nginx/1.18.0 /
Resource Hash

Request headers

Accept-Language
nl-NL,nl;q=0.9
Referer
https://517s61.reminews.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date
Fri, 03 Dec 2021 16:23:01 GMT
x-openstack-request-id
tx23eb648f44094a9e86fdc-00617824f0
x-trans-id
tx23eb648f44094a9e86fdc-00617824f0
x-timestamp
1621260767.43555
accept-ranges
bytes
expires
Sun, 05 Dec 2021 16:23:01 GMT
last-modified
Mon, 17 May 2021 14:12:48 GMT
server
nginx/1.18.0
etag
b512735542cb07b3b2dcf153a7dfe456
vary
Accept-Encoding
access-control-allow-methods
HEAD,GET,POST,PUT,PATCH,DELETE,OPTIONS
content-type
image/png
access-control-allow-origin
*
access-control-expose-headers
X-Container-Meta-Temp-Url-Key,X-Container-Bytes-Used,Last-Modified,X-Timestamp
cache-control
max-age=172800
content-length
3283
access-control-allow-headers
Content-Type,X-Requested-With,X-Auth-Token,X-Openstack-Request-Id,X-Container-Meta-type,X-Container-Meta-Temp-URL-Key,Authorization
x-proxy-cache
HIT
icon8.png
123.selornews.com/dannig/common-player-arrow/img/ 		4 KB
5 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://123.selornews.com/dannig/common-player-arrow/img/icon8.png
Requested by
Host: 517s61.reminews.com
URL: https://517s61.reminews.com/dannig/common-player-arrow/index.html?var=1541502&ymid=2112031123d2553c7dea7641fa9b2d4e70de&rc=1&mrc=0&fsc=0&zoneid=1601571&tburl=https://play-vids.com/?geo=nl&proxy=true
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
45.133.44.4 Philadelphia, United States, ASN39572 (ADVANCEDHOSTERS-AS, NL),
Reverse DNS
Software
nginx/1.18.0 /
Resource Hash

Request headers

Accept-Language
nl-NL,nl;q=0.9
Referer
https://517s61.reminews.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date
Fri, 03 Dec 2021 16:23:01 GMT
x-openstack-request-id
tx287de7c84de84b77b385d-00617824f0
x-trans-id
tx287de7c84de84b77b385d-00617824f0
x-timestamp
1621260767.46514
accept-ranges
bytes
expires
Sun, 05 Dec 2021 16:23:01 GMT
last-modified
Mon, 17 May 2021 14:12:48 GMT
server
nginx/1.18.0
etag
f92d6474ebc6a3a0b576749cfb4afe98
vary
Accept-Encoding
access-control-allow-methods
HEAD,GET,POST,PUT,PATCH,DELETE,OPTIONS
content-type
image/png
access-control-allow-origin
*
access-control-expose-headers
X-Container-Meta-Temp-Url-Key,X-Container-Bytes-Used,Last-Modified,X-Timestamp
cache-control
max-age=172800
content-length
4064
access-control-allow-headers
Content-Type,X-Requested-With,X-Auth-Token,X-Openstack-Request-Id,X-Container-Meta-type,X-Container-Meta-Temp-URL-Key,Authorization
x-proxy-cache
HIT
afu.php
kneeansweras.com/ 		2 KB
1 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://kneeansweras.com/afu.php?zoneid=1541501&var=1541502
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
109.206.162.83 , Netherlands, ASN50245 (SERVEREL-AS, NL),
Reverse DNS
83.162.serverel.net
Software
nginx /
Resource Hash
aaa81b849c80a4d452186c585b7e4e3a3d2a181c7fcc3dc0893ea08ddb08dc7c

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36
Accept-Language
nl-NL,nl;q=0.9

Response headers

server
nginx
date
Fri, 03 Dec 2021 16:23:01 GMT
content-type
text/html; charset=utf-8
vary
Accept-Encoding
content-encoding
gzip
timing-allow-origin
*
submit.min.js
kneeansweras.com/ 		34 KB
14 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://kneeansweras.com/submit.min.js?2.0
Requested by
Host: kneeansweras.com
URL: https://kneeansweras.com/afu.php?zoneid=1541501&var=1541502
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
109.206.162.83 , Netherlands, ASN50245 (SERVEREL-AS, NL),
Reverse DNS
83.162.serverel.net
Software
nginx /
Resource Hash
85a367f436675a0f9ff723ab117c68ab0f704cd9f183bc40c8d5e06d647832b8

Request headers

Accept-Language
nl-NL,nl;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date
Fri, 03 Dec 2021 16:23:01 GMT
content-encoding
gzip
last-modified
Thu, 02 Dec 2021 12:43:17 GMT
server
nginx
etag
W/"61a8bf65-87fb"
vary
Accept-Encoding
content-type
application/javascript
timing-allow-origin
*
/
kneeansweras.com/ 		3 KB
2 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://kneeansweras.com/?r=dir&zoneid=1541501&var=1541502&pb=c7faa40d15ef954beccbc274315a1d5d1638555781&psp=2vd2HKYi-k4hFnbm0wOd9eJRO8QM_lzqAEueJmuTfkA_SseXH0NB8dIRHCmEjHn0y-TE91el5FM5-kFzwEu4ao5Y5qGF9k7f2C0ygVJ07loFQAa8vhPPED4_HLXyt_REoERGjek2ixECQOuxp_WUnT9OraQwjgS_1k4Kxx6pIMxq9xAodaDiUcevjgu02LRNDMHPN3_vPZxxLI-4c1ZHCzpEltL_mmww007HhEObCavisBEk6lG0aKnbye4BMUIWoE5PZqO1UVV3D8NlHxhymtQQfogZZTDyfKbSaZ61iS1DYED0t5_oa-p70EF2n6j9Hksl3XvO884ntzJ80xbcGT1DkpUqD51w4oc1E_SWCei0Xfk4ZezZVJM90bMcnPWqMCAH6dwjyq3k3F5Z-QVm_Tk4RH32_URZ-H4fccyMNrDIwjMNZt230FqvIOuX8pkFct4tJOAUNu1T_ji3Cpqz5NDSLdkQnUJ-He2uj1jnP8_6FhgF9x-taOrAEtHladqEZKYinqSCAW_4F-vqEpEeQcr9a39cfre0PrpfX1WAjnn-vwnw4OakmL2184p1PD3apcmZ6ldStdEjs_Tfl3FewuekeGB-UnqaTaz2V6csAIwb04U0398a71M4fOfnqsCm0t5wBFJYhM9566uQXM6xzvzfhfiDy0wRNUVhdl8xh43-wG7NodA3Rg==&nojs=0&ix=0&t=0&x=1600&y=1200&wcks=1&wgl=1&cnvs=1&os=0&md=0&bb=0&pl=Chrome%20PDF%20Plugin::Chrome%20PDF%20Viewer::Native%20Client&lang=en-US&pf=Linux%20x86_64&cd=24&0&pload=106
Requested by
Host: kneeansweras.com
URL: https://kneeansweras.com/submit.min.js?2.0
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
109.206.162.83 , Netherlands, ASN50245 (SERVEREL-AS, NL),
Reverse DNS
83.162.serverel.net
Software
nginx /
Resource Hash
061862fc4900e7c4eb66363d9d43d4c83b5d92c94b6e27903a82c0a806649ec4

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36
Accept-Language
nl-NL,nl;q=0.9

Response headers

server
nginx
date
Fri, 03 Dec 2021 16:23:01 GMT
content-type
text/html; charset=utf-8
vary
Accept-Encoding
content-encoding
gzip
timing-allow-origin
*
index.html
517s61.reminews.com/dannig/common-player-arrow/ 		6 KB
7 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://517s61.reminews.com/dannig/common-player-arrow/index.html?var=1541501&ymid=21120311230aec5e98c9c347e683978a5c71&rc=1&mrc=0&fsc=0&zoneid=1601571&tburl=https://play-vids.com/?geo=nl&proxy=true
Requested by
Host: kneeansweras.com
URL: https://kneeansweras.com/?r=dir&zoneid=1541501&var=1541502&pb=c7faa40d15ef954beccbc274315a1d5d1638555781&psp=2vd2HKYi-k4hFnbm0wOd9eJRO8QM_lzqAEueJmuTfkA_SseXH0NB8dIRHCmEjHn0y-TE91el5FM5-kFzwEu4ao5Y5qGF9k7f2C0ygVJ07loFQAa8vhPPED4_HLXyt_REoERGjek2ixECQOuxp_WUnT9OraQwjgS_1k4Kxx6pIMxq9xAodaDiUcevjgu02LRNDMHPN3_vPZxxLI-4c1ZHCzpEltL_mmww007HhEObCavisBEk6lG0aKnbye4BMUIWoE5PZqO1UVV3D8NlHxhymtQQfogZZTDyfKbSaZ61iS1DYED0t5_oa-p70EF2n6j9Hksl3XvO884ntzJ80xbcGT1DkpUqD51w4oc1E_SWCei0Xfk4ZezZVJM90bMcnPWqMCAH6dwjyq3k3F5Z-QVm_Tk4RH32_URZ-H4fccyMNrDIwjMNZt230FqvIOuX8pkFct4tJOAUNu1T_ji3Cpqz5NDSLdkQnUJ-He2uj1jnP8_6FhgF9x-taOrAEtHladqEZKYinqSCAW_4F-vqEpEeQcr9a39cfre0PrpfX1WAjnn-vwnw4OakmL2184p1PD3apcmZ6ldStdEjs_Tfl3FewuekeGB-UnqaTaz2V6csAIwb04U0398a71M4fOfnqsCm0t5wBFJYhM9566uQXM6xzvzfhfiDy0wRNUVhdl8xh43-wG7NodA3Rg==&nojs=0&ix=0&t=0&x=1600&y=1200&wcks=1&wgl=1&cnvs=1&os=0&md=0&bb=0&pl=Chrome%20PDF%20Plugin::Chrome%20PDF%20Viewer::Native%20Client&lang=en-US&pf=Linux%20x86_64&cd=24&0&pload=106
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
45.133.44.3 Philadelphia, United States, ASN39572 (ADVANCEDHOSTERS-AS, NL),
Reverse DNS
Software
nginx/1.18.0 /
Resource Hash
dccc56b4834577790633f041a5c730b0f283352e63c8509a9da3961b170b6f96

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36
Accept-Language
nl-NL,nl;q=0.9

Response headers

date
Fri, 03 Dec 2021 16:23:01 GMT
content-type
text/html; charset=utf-8
content-length
6611
server
nginx/1.18.0
last-modified
Tue, 26 Oct 2021 15:52:40 GMT
etag
f46a63e0e4e733d7ddc6f46da00863bf
x-timestamp
1635263559.76455
x-trans-id
txf9973ab5455e4f86ae257-00617824f3
x-openstack-request-id
txf9973ab5455e4f86ae257-00617824f3
cache-control
max-age=172800
access-control-allow-origin
*
access-control-allow-methods
HEAD,GET,POST,PUT,PATCH,DELETE,OPTIONS
access-control-allow-headers
Content-Type,X-Requested-With,X-Auth-Token,X-Openstack-Request-Id,X-Container-Meta-type,X-Container-Meta-Temp-URL-Key,Authorization
access-control-expose-headers
X-Container-Meta-Temp-Url-Key,X-Container-Bytes-Used,Last-Modified,X-Timestamp
expires
Sun, 05 Dec 2021 16:23:01 GMT
vary
Accept-Encoding
x-proxy-cache
HIT
accept-ranges
bytes
dupa.gif
kneeansweras.com/ 		0
0
script.js
123.selornews.com/dannig/common-player-arrow/ 		4 KB
5 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://123.selornews.com/dannig/common-player-arrow/script.js?a=19
Requested by
Host: 517s61.reminews.com
URL: https://517s61.reminews.com/dannig/common-player-arrow/index.html?var=1541501&ymid=21120311230aec5e98c9c347e683978a5c71&rc=1&mrc=0&fsc=0&zoneid=1601571&tburl=https://play-vids.com/?geo=nl&proxy=true
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
45.133.44.4 Philadelphia, United States, ASN39572 (ADVANCEDHOSTERS-AS, NL),
Reverse DNS
Software
nginx/1.18.0 /
Resource Hash
4d23eca65ee87fd5bce9aaefc863c5f836ad13dbb3069c72533bddfe2054d0d9

Request headers

Accept-Language
nl-NL,nl;q=0.9
Referer
https://517s61.reminews.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date
Fri, 03 Dec 2021 16:23:01 GMT
x-openstack-request-id
tx511d3042704c4fa98c709-00617824f4
x-trans-id
tx511d3042704c4fa98c709-00617824f4
x-timestamp
1631013005.68768
accept-ranges
bytes
expires
Sun, 05 Dec 2021 16:23:01 GMT
last-modified
Tue, 07 Sep 2021 11:10:06 GMT
server
nginx/1.18.0
etag
9d479878f1dadd7ee15cebf73891e8ae
vary
Accept-Encoding
access-control-allow-methods
HEAD,GET,POST,PUT,PATCH,DELETE,OPTIONS
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
access-control-expose-headers
X-Container-Meta-Temp-Url-Key,X-Container-Bytes-Used,Last-Modified,X-Timestamp
cache-control
max-age=172800
content-length
4281
access-control-allow-headers
Content-Type,X-Requested-With,X-Auth-Token,X-Openstack-Request-Id,X-Container-Meta-type,X-Container-Meta-Temp-URL-Key,Authorization
x-proxy-cache
HIT
icon1.png
123.selornews.com/dannig/common-player-arrow/img/ 		7 KB
8 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://123.selornews.com/dannig/common-player-arrow/img/icon1.png
Requested by
Host: 517s61.reminews.com
URL: https://517s61.reminews.com/dannig/common-player-arrow/index.html?var=1541501&ymid=21120311230aec5e98c9c347e683978a5c71&rc=1&mrc=0&fsc=0&zoneid=1601571&tburl=https://play-vids.com/?geo=nl&proxy=true
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
45.133.44.4 Philadelphia, United States, ASN39572 (ADVANCEDHOSTERS-AS, NL),
Reverse DNS
Software
nginx/1.18.0 /
Resource Hash
0515ddd9185d263874e7b66bb6d521fcd63b857aac5fed51c08df98026dafe27

Request headers

Accept-Language
nl-NL,nl;q=0.9
Referer
https://517s61.reminews.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date
Fri, 03 Dec 2021 16:23:01 GMT
x-openstack-request-id
tx3a371b7f911d47879e956-00617824f4
x-trans-id
tx3a371b7f911d47879e956-00617824f4
x-timestamp
1621260766.56573
accept-ranges
bytes
expires
Sun, 05 Dec 2021 16:23:01 GMT
last-modified
Mon, 17 May 2021 14:12:47 GMT
server
nginx/1.18.0
etag
3d0ab5834c8bf7134e4d21fa3288317f
vary
Accept-Encoding
access-control-allow-methods
HEAD,GET,POST,PUT,PATCH,DELETE,OPTIONS
content-type
image/png
access-control-allow-origin
*
access-control-expose-headers
X-Container-Meta-Temp-Url-Key,X-Container-Bytes-Used,Last-Modified,X-Timestamp
cache-control
max-age=172800
content-length
7252
access-control-allow-headers
Content-Type,X-Requested-With,X-Auth-Token,X-Openstack-Request-Id,X-Container-Meta-type,X-Container-Meta-Temp-URL-Key,Authorization
x-proxy-cache
HIT
icon2.png
123.selornews.com/dannig/common-player-arrow/img/ 		4 KB
5 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://123.selornews.com/dannig/common-player-arrow/img/icon2.png
Requested by
Host: 517s61.reminews.com
URL: https://517s61.reminews.com/dannig/common-player-arrow/index.html?var=1541501&ymid=21120311230aec5e98c9c347e683978a5c71&rc=1&mrc=0&fsc=0&zoneid=1601571&tburl=https://play-vids.com/?geo=nl&proxy=true
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
45.133.44.4 Philadelphia, United States, ASN39572 (ADVANCEDHOSTERS-AS, NL),
Reverse DNS
Software
nginx/1.18.0 /
Resource Hash

Request headers

Accept-Language
nl-NL,nl;q=0.9
Referer
https://517s61.reminews.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date
Fri, 03 Dec 2021 16:23:01 GMT
x-openstack-request-id
txa9b08c83d6884e2e94886-00617824f0
x-trans-id
txa9b08c83d6884e2e94886-00617824f0
x-timestamp
1621260766.58366
accept-ranges
bytes
expires
Sun, 05 Dec 2021 16:23:01 GMT
last-modified
Mon, 17 May 2021 14:12:47 GMT
server
nginx/1.18.0
etag
c947d439eb93367f1af5b2a3d222f057
vary
Accept-Encoding
access-control-allow-methods
HEAD,GET,POST,PUT,PATCH,DELETE,OPTIONS
content-type
image/png
access-control-allow-origin
*
access-control-expose-headers
X-Container-Meta-Temp-Url-Key,X-Container-Bytes-Used,Last-Modified,X-Timestamp
cache-control
max-age=172800
content-length
4576
access-control-allow-headers
Content-Type,X-Requested-With,X-Auth-Token,X-Openstack-Request-Id,X-Container-Meta-type,X-Container-Meta-Temp-URL-Key,Authorization
x-proxy-cache
HIT
icon3.png
123.selornews.com/dannig/common-player-arrow/img/ 		8 KB
8 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://123.selornews.com/dannig/common-player-arrow/img/icon3.png
Requested by
Host: 517s61.reminews.com
URL: https://517s61.reminews.com/dannig/common-player-arrow/index.html?var=1541501&ymid=21120311230aec5e98c9c347e683978a5c71&rc=1&mrc=0&fsc=0&zoneid=1601571&tburl=https://play-vids.com/?geo=nl&proxy=true
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
45.133.44.4 Philadelphia, United States, ASN39572 (ADVANCEDHOSTERS-AS, NL),
Reverse DNS
Software
nginx/1.18.0 /
Resource Hash

Request headers

Accept-Language
nl-NL,nl;q=0.9
Referer
https://517s61.reminews.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date
Fri, 03 Dec 2021 16:23:01 GMT
x-openstack-request-id
txe836bc800dc74cab8c17e-00617824f0
x-trans-id
txe836bc800dc74cab8c17e-00617824f0
x-timestamp
1621260770.61859
accept-ranges
bytes
expires
Sun, 05 Dec 2021 16:23:01 GMT
last-modified
Mon, 17 May 2021 14:12:51 GMT
server
nginx/1.18.0
etag
8f3cc830da0b1fdf66bda7d1d734747b
vary
Accept-Encoding
access-control-allow-methods
HEAD,GET,POST,PUT,PATCH,DELETE,OPTIONS
content-type
image/png
access-control-allow-origin
*
access-control-expose-headers
X-Container-Meta-Temp-Url-Key,X-Container-Bytes-Used,Last-Modified,X-Timestamp
cache-control
max-age=172800
content-length
7847
access-control-allow-headers
Content-Type,X-Requested-With,X-Auth-Token,X-Openstack-Request-Id,X-Container-Meta-type,X-Container-Meta-Temp-URL-Key,Authorization
x-proxy-cache
HIT
icon4.png
123.selornews.com/dannig/common-player-arrow/img/ 		7 KB
7 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://123.selornews.com/dannig/common-player-arrow/img/icon4.png
Requested by
Host: 517s61.reminews.com
URL: https://517s61.reminews.com/dannig/common-player-arrow/index.html?var=1541501&ymid=21120311230aec5e98c9c347e683978a5c71&rc=1&mrc=0&fsc=0&zoneid=1601571&tburl=https://play-vids.com/?geo=nl&proxy=true
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
45.133.44.4 Philadelphia, United States, ASN39572 (ADVANCEDHOSTERS-AS, NL),
Reverse DNS
Software
nginx/1.18.0 /
Resource Hash

Request headers

Accept-Language
nl-NL,nl;q=0.9
Referer
https://517s61.reminews.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date
Fri, 03 Dec 2021 16:23:01 GMT
x-openstack-request-id
tx15b172dcb6084849bf123-00617824f0
x-trans-id
tx15b172dcb6084849bf123-00617824f0
x-timestamp
1621260766.57654
accept-ranges
bytes
expires
Sun, 05 Dec 2021 16:23:01 GMT
last-modified
Mon, 17 May 2021 14:12:47 GMT
server
nginx/1.18.0
etag
7ad7f32c1c0df7b4975cc41bda4ac435
vary
Accept-Encoding
access-control-allow-methods
HEAD,GET,POST,PUT,PATCH,DELETE,OPTIONS
content-type
image/png
access-control-allow-origin
*
access-control-expose-headers
X-Container-Meta-Temp-Url-Key,X-Container-Bytes-Used,Last-Modified,X-Timestamp
cache-control
max-age=172800
content-length
7032
access-control-allow-headers
Content-Type,X-Requested-With,X-Auth-Token,X-Openstack-Request-Id,X-Container-Meta-type,X-Container-Meta-Temp-URL-Key,Authorization
x-proxy-cache
HIT
icon5.png
123.selornews.com/dannig/common-player-arrow/img/ 		3 KB
4 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://123.selornews.com/dannig/common-player-arrow/img/icon5.png
Requested by
Host: 517s61.reminews.com
URL: https://517s61.reminews.com/dannig/common-player-arrow/index.html?var=1541501&ymid=21120311230aec5e98c9c347e683978a5c71&rc=1&mrc=0&fsc=0&zoneid=1601571&tburl=https://play-vids.com/?geo=nl&proxy=true
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
45.133.44.4 Philadelphia, United States, ASN39572 (ADVANCEDHOSTERS-AS, NL),
Reverse DNS
Software
nginx/1.18.0 /
Resource Hash

Request headers

Accept-Language
nl-NL,nl;q=0.9
Referer
https://517s61.reminews.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date
Fri, 03 Dec 2021 16:23:01 GMT
x-openstack-request-id
txb5043e51fe2e4d6988631-00617824f0
x-trans-id
txb5043e51fe2e4d6988631-00617824f0
x-timestamp
1621260766.74516
accept-ranges
bytes
expires
Sun, 05 Dec 2021 16:23:01 GMT
last-modified
Mon, 17 May 2021 14:12:47 GMT
server
nginx/1.18.0
etag
1e1a7582b5da63e10485d63f97abc9a0
vary
Accept-Encoding
access-control-allow-methods
HEAD,GET,POST,PUT,PATCH,DELETE,OPTIONS
content-type
image/png
access-control-allow-origin
*
access-control-expose-headers
X-Container-Meta-Temp-Url-Key,X-Container-Bytes-Used,Last-Modified,X-Timestamp
cache-control
max-age=172800
content-length
3264
access-control-allow-headers
Content-Type,X-Requested-With,X-Auth-Token,X-Openstack-Request-Id,X-Container-Meta-type,X-Container-Meta-Temp-URL-Key,Authorization
x-proxy-cache
HIT
icon7.png
123.selornews.com/dannig/common-player-arrow/img/ 		3 KB
4 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://123.selornews.com/dannig/common-player-arrow/img/icon7.png
Requested by
Host: 517s61.reminews.com
URL: https://517s61.reminews.com/dannig/common-player-arrow/index.html?var=1541501&ymid=21120311230aec5e98c9c347e683978a5c71&rc=1&mrc=0&fsc=0&zoneid=1601571&tburl=https://play-vids.com/?geo=nl&proxy=true
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
45.133.44.4 Philadelphia, United States, ASN39572 (ADVANCEDHOSTERS-AS, NL),
Reverse DNS
Software
nginx/1.18.0 /
Resource Hash

Request headers

Accept-Language
nl-NL,nl;q=0.9
Referer
https://517s61.reminews.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date
Fri, 03 Dec 2021 16:23:01 GMT
x-openstack-request-id
tx23eb648f44094a9e86fdc-00617824f0
x-trans-id
tx23eb648f44094a9e86fdc-00617824f0
x-timestamp
1621260767.43555
accept-ranges
bytes
expires
Sun, 05 Dec 2021 16:23:01 GMT
last-modified
Mon, 17 May 2021 14:12:48 GMT
server
nginx/1.18.0
etag
b512735542cb07b3b2dcf153a7dfe456
vary
Accept-Encoding
access-control-allow-methods
HEAD,GET,POST,PUT,PATCH,DELETE,OPTIONS
content-type
image/png
access-control-allow-origin
*
access-control-expose-headers
X-Container-Meta-Temp-Url-Key,X-Container-Bytes-Used,Last-Modified,X-Timestamp
cache-control
max-age=172800
content-length
3283
access-control-allow-headers
Content-Type,X-Requested-With,X-Auth-Token,X-Openstack-Request-Id,X-Container-Meta-type,X-Container-Meta-Temp-URL-Key,Authorization
x-proxy-cache
HIT
icon8.png
123.selornews.com/dannig/common-player-arrow/img/ 		4 KB
5 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://123.selornews.com/dannig/common-player-arrow/img/icon8.png
Requested by
Host: 517s61.reminews.com
URL: https://517s61.reminews.com/dannig/common-player-arrow/index.html?var=1541501&ymid=21120311230aec5e98c9c347e683978a5c71&rc=1&mrc=0&fsc=0&zoneid=1601571&tburl=https://play-vids.com/?geo=nl&proxy=true
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
45.133.44.4 Philadelphia, United States, ASN39572 (ADVANCEDHOSTERS-AS, NL),
Reverse DNS
Software
nginx/1.18.0 /
Resource Hash

Request headers

Accept-Language
nl-NL,nl;q=0.9
Referer
https://517s61.reminews.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date
Fri, 03 Dec 2021 16:23:01 GMT
x-openstack-request-id
tx287de7c84de84b77b385d-00617824f0
x-trans-id
tx287de7c84de84b77b385d-00617824f0
x-timestamp
1621260767.46514
accept-ranges
bytes
expires
Sun, 05 Dec 2021 16:23:01 GMT
last-modified
Mon, 17 May 2021 14:12:48 GMT
server
nginx/1.18.0
etag
f92d6474ebc6a3a0b576749cfb4afe98
vary
Accept-Encoding
access-control-allow-methods
HEAD,GET,POST,PUT,PATCH,DELETE,OPTIONS
content-type
image/png
access-control-allow-origin
*
access-control-expose-headers
X-Container-Meta-Temp-Url-Key,X-Container-Bytes-Used,Last-Modified,X-Timestamp
cache-control
max-age=172800
content-length
4064
access-control-allow-headers
Content-Type,X-Requested-With,X-Auth-Token,X-Openstack-Request-Id,X-Container-Meta-type,X-Container-Meta-Temp-URL-Key,Authorization
x-proxy-cache
HIT
afu.php
kneeansweras.com/ 		2 KB
1 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://kneeansweras.com/afu.php?zoneid=1541502&var=1541501
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
109.206.162.83 , Netherlands, ASN50245 (SERVEREL-AS, NL),
Reverse DNS
83.162.serverel.net
Software
nginx /
Resource Hash
c39cc138bad6050e2fe9e957637f1ff84a8181966e0eeb2094452ed5123cdd45

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36
Accept-Language
nl-NL,nl;q=0.9

Response headers

server
nginx
date
Fri, 03 Dec 2021 16:23:01 GMT
content-type
text/html; charset=utf-8
vary
Accept-Encoding
content-encoding
gzip
timing-allow-origin
*
submit.min.js
kneeansweras.com/ 		34 KB
14 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://kneeansweras.com/submit.min.js?2.0
Requested by
Host: kneeansweras.com
URL: https://kneeansweras.com/afu.php?zoneid=1541502&var=1541501
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
109.206.162.83 , Netherlands, ASN50245 (SERVEREL-AS, NL),
Reverse DNS
83.162.serverel.net
Software
nginx /
Resource Hash
85a367f436675a0f9ff723ab117c68ab0f704cd9f183bc40c8d5e06d647832b8

Request headers

Accept-Language
nl-NL,nl;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date
Fri, 03 Dec 2021 16:23:01 GMT
content-encoding
gzip
last-modified
Thu, 02 Dec 2021 12:43:17 GMT
server
nginx
etag
W/"61a8bf65-87fb"
vary
Accept-Encoding
content-type
application/javascript
timing-allow-origin
*
/
kneeansweras.com/ 		3 KB
2 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://kneeansweras.com/?r=dir&zoneid=1541502&var=1541501&pb=c7faa40d15ef954beccbc274315a1d5d1638555781&psp=godB8b22VvZoAhZ4ic4nVWOwHKO8rEzOTcyc0mh9AVnn8axFtDTiEBJydU_CgXIaO3ycRU40h4WCuZxYbC0gwGRszBsm1p6wlfCFXEpyGENYKFnZR3lg9ZO4JS17W0YkolgzH0rIDimjYM69lg5rbYg91Ry0of-y0DU08cUsS3XZhIWMJKKpq9x3Wr-gna12KNP21nQ44xgiLxaUWTxZpSbas78B77e40EV57PEWxS93re-KYagBPexako9z-YDM8q6aq9-fpJwt7zi7y44IGQZt8SddOxfxaNo4qFDvtj-vA9bD_zOy4YfHhhrm-Aql-elTgmvrrSOLxQEDxWMG6OTlATrj-EqBRjQO0j_mgYpZPfFIwT3sCrJ-NUWVI06rvmHW_gDrjKF2rxk9NRsle55gurLr6bEl7qdM5rqnRt4UqYX-TkrIW2abzUChMoFyNP7-CXNljHJ7BoZA66pufsMTZRRnXGKliuJ1vNJ1jXW3gEvmQL42seRyZiCQVmsaZW_G2VsROZNzmL6xwdkZvP569JeQjVIS1Lq80fLITZmDYRRW3y91FxNOuS4cuFLsrMLTLJR07gHsYPWZbqu6ox17kAaia_Ptm5dPs-OcpHcKfyCv3DEh6d2rGP94aa4ewE5nERmm4iC7RwouvYfwRftcm6p1-H2ETu0GoEvNf_tN2UNPMhpt4A==&nojs=0&ix=0&t=0&x=1600&y=1200&wcks=1&wgl=1&cnvs=1&os=0&md=0&bb=0&pl=Chrome%20PDF%20Plugin::Chrome%20PDF%20Viewer::Native%20Client&lang=en-US&pf=Linux%20x86_64&cd=24&0&pload=114
Requested by
Host: kneeansweras.com
URL: https://kneeansweras.com/submit.min.js?2.0
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
109.206.162.83 , Netherlands, ASN50245 (SERVEREL-AS, NL),
Reverse DNS
83.162.serverel.net
Software
nginx /
Resource Hash
db43f78ccf48f7f6a8c999b25b07ea0ec22c009b5083c9b50acb9e75bac892ef

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36
Accept-Language
nl-NL,nl;q=0.9

Response headers

server
nginx
date
Fri, 03 Dec 2021 16:23:01 GMT
content-type
text/html; charset=utf-8
vary
Accept-Encoding
content-encoding
gzip
timing-allow-origin
*
index.html
517s61.reminews.com/dannig/common-player-arrow/ 		6 KB
7 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://517s61.reminews.com/dannig/common-player-arrow/index.html?var=1541502&ymid=211203112345f6b5419c0c4ea7b9f44accda&rc=1&mrc=0&fsc=0&zoneid=1601571&tburl=https://play-vids.com/?geo=nl&proxy=true
Requested by
Host: kneeansweras.com
URL: https://kneeansweras.com/?r=dir&zoneid=1541502&var=1541501&pb=c7faa40d15ef954beccbc274315a1d5d1638555781&psp=godB8b22VvZoAhZ4ic4nVWOwHKO8rEzOTcyc0mh9AVnn8axFtDTiEBJydU_CgXIaO3ycRU40h4WCuZxYbC0gwGRszBsm1p6wlfCFXEpyGENYKFnZR3lg9ZO4JS17W0YkolgzH0rIDimjYM69lg5rbYg91Ry0of-y0DU08cUsS3XZhIWMJKKpq9x3Wr-gna12KNP21nQ44xgiLxaUWTxZpSbas78B77e40EV57PEWxS93re-KYagBPexako9z-YDM8q6aq9-fpJwt7zi7y44IGQZt8SddOxfxaNo4qFDvtj-vA9bD_zOy4YfHhhrm-Aql-elTgmvrrSOLxQEDxWMG6OTlATrj-EqBRjQO0j_mgYpZPfFIwT3sCrJ-NUWVI06rvmHW_gDrjKF2rxk9NRsle55gurLr6bEl7qdM5rqnRt4UqYX-TkrIW2abzUChMoFyNP7-CXNljHJ7BoZA66pufsMTZRRnXGKliuJ1vNJ1jXW3gEvmQL42seRyZiCQVmsaZW_G2VsROZNzmL6xwdkZvP569JeQjVIS1Lq80fLITZmDYRRW3y91FxNOuS4cuFLsrMLTLJR07gHsYPWZbqu6ox17kAaia_Ptm5dPs-OcpHcKfyCv3DEh6d2rGP94aa4ewE5nERmm4iC7RwouvYfwRftcm6p1-H2ETu0GoEvNf_tN2UNPMhpt4A==&nojs=0&ix=0&t=0&x=1600&y=1200&wcks=1&wgl=1&cnvs=1&os=0&md=0&bb=0&pl=Chrome%20PDF%20Plugin::Chrome%20PDF%20Viewer::Native%20Client&lang=en-US&pf=Linux%20x86_64&cd=24&0&pload=114
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
45.133.44.3 Philadelphia, United States, ASN39572 (ADVANCEDHOSTERS-AS, NL),
Reverse DNS
Software
nginx/1.18.0 /
Resource Hash
dccc56b4834577790633f041a5c730b0f283352e63c8509a9da3961b170b6f96

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36
Accept-Language
nl-NL,nl;q=0.9

Response headers

date
Fri, 03 Dec 2021 16:23:01 GMT
content-type
text/html; charset=utf-8
content-length
6611
server
nginx/1.18.0
last-modified
Tue, 26 Oct 2021 15:52:40 GMT
etag
f46a63e0e4e733d7ddc6f46da00863bf
x-timestamp
1635263559.76455
x-trans-id
txf9973ab5455e4f86ae257-00617824f3
x-openstack-request-id
txf9973ab5455e4f86ae257-00617824f3
cache-control
max-age=172800
access-control-allow-origin
*
access-control-allow-methods
HEAD,GET,POST,PUT,PATCH,DELETE,OPTIONS
access-control-allow-headers
Content-Type,X-Requested-With,X-Auth-Token,X-Openstack-Request-Id,X-Container-Meta-type,X-Container-Meta-Temp-URL-Key,Authorization
access-control-expose-headers
X-Container-Meta-Temp-Url-Key,X-Container-Bytes-Used,Last-Modified,X-Timestamp
expires
Sun, 05 Dec 2021 16:23:01 GMT
vary
Accept-Encoding
x-proxy-cache
HIT
accept-ranges
bytes
dupa.gif
kneeansweras.com/ 		43 B
123 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://kneeansweras.com/dupa.gif?z=1541502&var=1541501&pb=c7faa40d15ef954beccbc274315a1d5d1638555781&psp=godB8b22VvZoAhZ4ic4nVWOwHKO8rEzOTcyc0mh9AVnn8axFtDTiEBJydU_CgXIaO3ycRU40h4WCuZxYbC0gwGRszBsm1p6wlfCFXEpyGENYKFnZR3lg9ZO4JS17W0YkolgzH0rIDimjYM69lg5rbYg91Ry0of-y0DU08cUsS3XZhIWMJKKpq9x3Wr-gna12KNP21nQ44xgiLxaUWTxZpSbas78B77e40EV57PEWxS93re-KYagBPexako9z-YDM8q6aq9-fpJwt7zi7y44IGQZt8SddOxfxaNo4qFDvtj-vA9bD_zOy4YfHhhrm-Aql-elTgmvrrSOLxQEDxWMG6OTlATrj-EqBRjQO0j_mgYpZPfFIwT3sCrJ-NUWVI06rvmHW_gDrjKF2rxk9NRsle55gurLr6bEl7qdM5rqnRt4UqYX-TkrIW2abzUChMoFyNP7-CXNljHJ7BoZA66pufsMTZRRnXGKliuJ1vNJ1jXW3gEvmQL42seRyZiCQVmsaZW_G2VsROZNzmL6xwdkZvP569JeQjVIS1Lq80fLITZmDYRRW3y91FxNOuS4cuFLsrMLTLJR07gHsYPWZbqu6ox17kAaia_Ptm5dPs-OcpHcKfyCv3DEh6d2rGP94aa4ewE5nERmm4iC7RwouvYfwRftcm6p1-H2ETu0GoEvNf_tN2UNPMhpt4A==&pload=45
Requested by
Host: kneeansweras.com
URL: https://kneeansweras.com/?r=dir&zoneid=1541502&var=1541501&pb=c7faa40d15ef954beccbc274315a1d5d1638555781&psp=godB8b22VvZoAhZ4ic4nVWOwHKO8rEzOTcyc0mh9AVnn8axFtDTiEBJydU_CgXIaO3ycRU40h4WCuZxYbC0gwGRszBsm1p6wlfCFXEpyGENYKFnZR3lg9ZO4JS17W0YkolgzH0rIDimjYM69lg5rbYg91Ry0of-y0DU08cUsS3XZhIWMJKKpq9x3Wr-gna12KNP21nQ44xgiLxaUWTxZpSbas78B77e40EV57PEWxS93re-KYagBPexako9z-YDM8q6aq9-fpJwt7zi7y44IGQZt8SddOxfxaNo4qFDvtj-vA9bD_zOy4YfHhhrm-Aql-elTgmvrrSOLxQEDxWMG6OTlATrj-EqBRjQO0j_mgYpZPfFIwT3sCrJ-NUWVI06rvmHW_gDrjKF2rxk9NRsle55gurLr6bEl7qdM5rqnRt4UqYX-TkrIW2abzUChMoFyNP7-CXNljHJ7BoZA66pufsMTZRRnXGKliuJ1vNJ1jXW3gEvmQL42seRyZiCQVmsaZW_G2VsROZNzmL6xwdkZvP569JeQjVIS1Lq80fLITZmDYRRW3y91FxNOuS4cuFLsrMLTLJR07gHsYPWZbqu6ox17kAaia_Ptm5dPs-OcpHcKfyCv3DEh6d2rGP94aa4ewE5nERmm4iC7RwouvYfwRftcm6p1-H2ETu0GoEvNf_tN2UNPMhpt4A==&nojs=0&ix=0&t=0&x=1600&y=1200&wcks=1&wgl=1&cnvs=1&os=0&md=0&bb=0&pl=Chrome%20PDF%20Plugin::Chrome%20PDF%20Viewer::Native%20Client&lang=en-US&pf=Linux%20x86_64&cd=24&0&pload=114
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
109.206.162.83 , Netherlands, ASN50245 (SERVEREL-AS, NL),
Reverse DNS
83.162.serverel.net
Software
nginx /
Resource Hash

Request headers

Referer
Accept-Language
nl-NL,nl;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

date
Fri, 03 Dec 2021 16:23:01 GMT
server
nginx
timing-allow-origin
*
content-length
43
content-type
image/gif
script.js
123.selornews.com/dannig/common-player-arrow/ 		4 KB
5 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://123.selornews.com/dannig/common-player-arrow/script.js?a=19
Requested by
Host: 517s61.reminews.com
URL: https://517s61.reminews.com/dannig/common-player-arrow/index.html?var=1541502&ymid=211203112345f6b5419c0c4ea7b9f44accda&rc=1&mrc=0&fsc=0&zoneid=1601571&tburl=https://play-vids.com/?geo=nl&proxy=true
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
45.133.44.4 Philadelphia, United States, ASN39572 (ADVANCEDHOSTERS-AS, NL),
Reverse DNS
Software
nginx/1.18.0 /
Resource Hash
4d23eca65ee87fd5bce9aaefc863c5f836ad13dbb3069c72533bddfe2054d0d9

Request headers

Accept-Language
nl-NL,nl;q=0.9
Referer
https://517s61.reminews.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date
Fri, 03 Dec 2021 16:23:01 GMT
x-openstack-request-id
tx511d3042704c4fa98c709-00617824f4
x-trans-id
tx511d3042704c4fa98c709-00617824f4
x-timestamp
1631013005.68768
accept-ranges
bytes
expires
Sun, 05 Dec 2021 16:23:01 GMT
last-modified
Tue, 07 Sep 2021 11:10:06 GMT
server
nginx/1.18.0
etag
9d479878f1dadd7ee15cebf73891e8ae
vary
Accept-Encoding
access-control-allow-methods
HEAD,GET,POST,PUT,PATCH,DELETE,OPTIONS
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
access-control-expose-headers
X-Container-Meta-Temp-Url-Key,X-Container-Bytes-Used,Last-Modified,X-Timestamp
cache-control
max-age=172800
content-length
4281
access-control-allow-headers
Content-Type,X-Requested-With,X-Auth-Token,X-Openstack-Request-Id,X-Container-Meta-type,X-Container-Meta-Temp-URL-Key,Authorization
x-proxy-cache
HIT
icon1.png
123.selornews.com/dannig/common-player-arrow/img/ 		7 KB
8 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://123.selornews.com/dannig/common-player-arrow/img/icon1.png
Requested by
Host: 517s61.reminews.com
URL: https://517s61.reminews.com/dannig/common-player-arrow/index.html?var=1541502&ymid=211203112345f6b5419c0c4ea7b9f44accda&rc=1&mrc=0&fsc=0&zoneid=1601571&tburl=https://play-vids.com/?geo=nl&proxy=true
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
45.133.44.4 Philadelphia, United States, ASN39572 (ADVANCEDHOSTERS-AS, NL),
Reverse DNS
Software
nginx/1.18.0 /
Resource Hash

Request headers

Accept-Language
nl-NL,nl;q=0.9
Referer
https://517s61.reminews.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date
Fri, 03 Dec 2021 16:23:01 GMT
x-openstack-request-id
tx3a371b7f911d47879e956-00617824f4
x-trans-id
tx3a371b7f911d47879e956-00617824f4
x-timestamp
1621260766.56573
accept-ranges
bytes
expires
Sun, 05 Dec 2021 16:23:01 GMT
last-modified
Mon, 17 May 2021 14:12:47 GMT
server
nginx/1.18.0
etag
3d0ab5834c8bf7134e4d21fa3288317f
vary
Accept-Encoding
access-control-allow-methods
HEAD,GET,POST,PUT,PATCH,DELETE,OPTIONS
content-type
image/png
access-control-allow-origin
*
access-control-expose-headers
X-Container-Meta-Temp-Url-Key,X-Container-Bytes-Used,Last-Modified,X-Timestamp
cache-control
max-age=172800
content-length
7252
access-control-allow-headers
Content-Type,X-Requested-With,X-Auth-Token,X-Openstack-Request-Id,X-Container-Meta-type,X-Container-Meta-Temp-URL-Key,Authorization
x-proxy-cache
HIT
icon2.png
123.selornews.com/dannig/common-player-arrow/img/ 		4 KB
5 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://123.selornews.com/dannig/common-player-arrow/img/icon2.png
Requested by
Host: 517s61.reminews.com
URL: https://517s61.reminews.com/dannig/common-player-arrow/index.html?var=1541502&ymid=211203112345f6b5419c0c4ea7b9f44accda&rc=1&mrc=0&fsc=0&zoneid=1601571&tburl=https://play-vids.com/?geo=nl&proxy=true
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
45.133.44.4 Philadelphia, United States, ASN39572 (ADVANCEDHOSTERS-AS, NL),
Reverse DNS
Software
nginx/1.18.0 /
Resource Hash

Request headers

Accept-Language
nl-NL,nl;q=0.9
Referer
https://517s61.reminews.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date
Fri, 03 Dec 2021 16:23:01 GMT
x-openstack-request-id
txa9b08c83d6884e2e94886-00617824f0
x-trans-id
txa9b08c83d6884e2e94886-00617824f0
x-timestamp
1621260766.58366
accept-ranges
bytes
expires
Sun, 05 Dec 2021 16:23:01 GMT
last-modified
Mon, 17 May 2021 14:12:47 GMT
server
nginx/1.18.0
etag
c947d439eb93367f1af5b2a3d222f057
vary
Accept-Encoding
access-control-allow-methods
HEAD,GET,POST,PUT,PATCH,DELETE,OPTIONS
content-type
image/png
access-control-allow-origin
*
access-control-expose-headers
X-Container-Meta-Temp-Url-Key,X-Container-Bytes-Used,Last-Modified,X-Timestamp
cache-control
max-age=172800
content-length
4576
access-control-allow-headers
Content-Type,X-Requested-With,X-Auth-Token,X-Openstack-Request-Id,X-Container-Meta-type,X-Container-Meta-Temp-URL-Key,Authorization
x-proxy-cache
HIT
icon3.png
123.selornews.com/dannig/common-player-arrow/img/ 		8 KB
8 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://123.selornews.com/dannig/common-player-arrow/img/icon3.png
Requested by
Host: 517s61.reminews.com
URL: https://517s61.reminews.com/dannig/common-player-arrow/index.html?var=1541502&ymid=211203112345f6b5419c0c4ea7b9f44accda&rc=1&mrc=0&fsc=0&zoneid=1601571&tburl=https://play-vids.com/?geo=nl&proxy=true
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
45.133.44.4 Philadelphia, United States, ASN39572 (ADVANCEDHOSTERS-AS, NL),
Reverse DNS
Software
nginx/1.18.0 /
Resource Hash

Request headers

Accept-Language
nl-NL,nl;q=0.9
Referer
https://517s61.reminews.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date
Fri, 03 Dec 2021 16:23:01 GMT
x-openstack-request-id
txe836bc800dc74cab8c17e-00617824f0
x-trans-id
txe836bc800dc74cab8c17e-00617824f0
x-timestamp
1621260770.61859
accept-ranges
bytes
expires
Sun, 05 Dec 2021 16:23:01 GMT
last-modified
Mon, 17 May 2021 14:12:51 GMT
server
nginx/1.18.0
etag
8f3cc830da0b1fdf66bda7d1d734747b
vary
Accept-Encoding
access-control-allow-methods
HEAD,GET,POST,PUT,PATCH,DELETE,OPTIONS
content-type
image/png
access-control-allow-origin
*
access-control-expose-headers
X-Container-Meta-Temp-Url-Key,X-Container-Bytes-Used,Last-Modified,X-Timestamp
cache-control
max-age=172800
content-length
7847
access-control-allow-headers
Content-Type,X-Requested-With,X-Auth-Token,X-Openstack-Request-Id,X-Container-Meta-type,X-Container-Meta-Temp-URL-Key,Authorization
x-proxy-cache
HIT
icon4.png
123.selornews.com/dannig/common-player-arrow/img/ 		7 KB
7 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://123.selornews.com/dannig/common-player-arrow/img/icon4.png
Requested by
Host: 517s61.reminews.com
URL: https://517s61.reminews.com/dannig/common-player-arrow/index.html?var=1541502&ymid=211203112345f6b5419c0c4ea7b9f44accda&rc=1&mrc=0&fsc=0&zoneid=1601571&tburl=https://play-vids.com/?geo=nl&proxy=true
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
45.133.44.4 Philadelphia, United States, ASN39572 (ADVANCEDHOSTERS-AS, NL),
Reverse DNS
Software
nginx/1.18.0 /
Resource Hash

Request headers

Accept-Language
nl-NL,nl;q=0.9
Referer
https://517s61.reminews.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date
Fri, 03 Dec 2021 16:23:01 GMT
x-openstack-request-id
tx15b172dcb6084849bf123-00617824f0
x-trans-id
tx15b172dcb6084849bf123-00617824f0
x-timestamp
1621260766.57654
accept-ranges
bytes
expires
Sun, 05 Dec 2021 16:23:01 GMT
last-modified
Mon, 17 May 2021 14:12:47 GMT
server
nginx/1.18.0
etag
7ad7f32c1c0df7b4975cc41bda4ac435
vary
Accept-Encoding
access-control-allow-methods
HEAD,GET,POST,PUT,PATCH,DELETE,OPTIONS
content-type
image/png
access-control-allow-origin
*
access-control-expose-headers
X-Container-Meta-Temp-Url-Key,X-Container-Bytes-Used,Last-Modified,X-Timestamp
cache-control
max-age=172800
content-length
7032
access-control-allow-headers
Content-Type,X-Requested-With,X-Auth-Token,X-Openstack-Request-Id,X-Container-Meta-type,X-Container-Meta-Temp-URL-Key,Authorization
x-proxy-cache
HIT
icon5.png
123.selornews.com/dannig/common-player-arrow/img/ 		3 KB
4 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://123.selornews.com/dannig/common-player-arrow/img/icon5.png
Requested by
Host: 517s61.reminews.com
URL: https://517s61.reminews.com/dannig/common-player-arrow/index.html?var=1541502&ymid=211203112345f6b5419c0c4ea7b9f44accda&rc=1&mrc=0&fsc=0&zoneid=1601571&tburl=https://play-vids.com/?geo=nl&proxy=true
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
45.133.44.4 Philadelphia, United States, ASN39572 (ADVANCEDHOSTERS-AS, NL),
Reverse DNS
Software
nginx/1.18.0 /
Resource Hash

Request headers

Accept-Language
nl-NL,nl;q=0.9
Referer
https://517s61.reminews.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date
Fri, 03 Dec 2021 16:23:01 GMT
x-openstack-request-id
txb5043e51fe2e4d6988631-00617824f0
x-trans-id
txb5043e51fe2e4d6988631-00617824f0
x-timestamp
1621260766.74516
accept-ranges
bytes
expires
Sun, 05 Dec 2021 16:23:01 GMT
last-modified
Mon, 17 May 2021 14:12:47 GMT
server
nginx/1.18.0
etag
1e1a7582b5da63e10485d63f97abc9a0
vary
Accept-Encoding
access-control-allow-methods
HEAD,GET,POST,PUT,PATCH,DELETE,OPTIONS
content-type
image/png
access-control-allow-origin
*
access-control-expose-headers
X-Container-Meta-Temp-Url-Key,X-Container-Bytes-Used,Last-Modified,X-Timestamp
cache-control
max-age=172800
content-length
3264
access-control-allow-headers
Content-Type,X-Requested-With,X-Auth-Token,X-Openstack-Request-Id,X-Container-Meta-type,X-Container-Meta-Temp-URL-Key,Authorization
x-proxy-cache
HIT
icon7.png
123.selornews.com/dannig/common-player-arrow/img/ 		3 KB
4 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://123.selornews.com/dannig/common-player-arrow/img/icon7.png
Requested by
Host: 517s61.reminews.com
URL: https://517s61.reminews.com/dannig/common-player-arrow/index.html?var=1541502&ymid=211203112345f6b5419c0c4ea7b9f44accda&rc=1&mrc=0&fsc=0&zoneid=1601571&tburl=https://play-vids.com/?geo=nl&proxy=true
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
45.133.44.4 Philadelphia, United States, ASN39572 (ADVANCEDHOSTERS-AS, NL),
Reverse DNS
Software
nginx/1.18.0 /
Resource Hash

Request headers

Accept-Language
nl-NL,nl;q=0.9
Referer
https://517s61.reminews.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date
Fri, 03 Dec 2021 16:23:01 GMT
x-openstack-request-id
tx23eb648f44094a9e86fdc-00617824f0
x-trans-id
tx23eb648f44094a9e86fdc-00617824f0
x-timestamp
1621260767.43555
accept-ranges
bytes
expires
Sun, 05 Dec 2021 16:23:01 GMT
last-modified
Mon, 17 May 2021 14:12:48 GMT
server
nginx/1.18.0
etag
b512735542cb07b3b2dcf153a7dfe456
vary
Accept-Encoding
access-control-allow-methods
HEAD,GET,POST,PUT,PATCH,DELETE,OPTIONS
content-type
image/png
access-control-allow-origin
*
access-control-expose-headers
X-Container-Meta-Temp-Url-Key,X-Container-Bytes-Used,Last-Modified,X-Timestamp
cache-control
max-age=172800
content-length
3283
access-control-allow-headers
Content-Type,X-Requested-With,X-Auth-Token,X-Openstack-Request-Id,X-Container-Meta-type,X-Container-Meta-Temp-URL-Key,Authorization
x-proxy-cache
HIT
icon8.png
123.selornews.com/dannig/common-player-arrow/img/ 		4 KB
5 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://123.selornews.com/dannig/common-player-arrow/img/icon8.png
Requested by
Host: 517s61.reminews.com
URL: https://517s61.reminews.com/dannig/common-player-arrow/index.html?var=1541502&ymid=211203112345f6b5419c0c4ea7b9f44accda&rc=1&mrc=0&fsc=0&zoneid=1601571&tburl=https://play-vids.com/?geo=nl&proxy=true
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
45.133.44.4 Philadelphia, United States, ASN39572 (ADVANCEDHOSTERS-AS, NL),
Reverse DNS
Software
nginx/1.18.0 /
Resource Hash

Request headers

Accept-Language
nl-NL,nl;q=0.9
Referer
https://517s61.reminews.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date
Fri, 03 Dec 2021 16:23:01 GMT
x-openstack-request-id
tx287de7c84de84b77b385d-00617824f0
x-trans-id
tx287de7c84de84b77b385d-00617824f0
x-timestamp
1621260767.46514
accept-ranges
bytes
expires
Sun, 05 Dec 2021 16:23:01 GMT
last-modified
Mon, 17 May 2021 14:12:48 GMT
server
nginx/1.18.0
etag
f92d6474ebc6a3a0b576749cfb4afe98
vary
Accept-Encoding
access-control-allow-methods
HEAD,GET,POST,PUT,PATCH,DELETE,OPTIONS
content-type
image/png
access-control-allow-origin
*
access-control-expose-headers
X-Container-Meta-Temp-Url-Key,X-Container-Bytes-Used,Last-Modified,X-Timestamp
cache-control
max-age=172800
content-length
4064
access-control-allow-headers
Content-Type,X-Requested-With,X-Auth-Token,X-Openstack-Request-Id,X-Container-Meta-type,X-Container-Meta-Temp-URL-Key,Authorization
x-proxy-cache
HIT
afu.php
kneeansweras.com/ 		2 KB
1 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://kneeansweras.com/afu.php?zoneid=1541501&var=1541502
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
109.206.162.83 , Netherlands, ASN50245 (SERVEREL-AS, NL),
Reverse DNS
83.162.serverel.net
Software
nginx /
Resource Hash
55c8f4d23add517b6259f78794df7da2943cf93695607f020a42f9e6718410bd

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36
Accept-Language
nl-NL,nl;q=0.9

Response headers

server
nginx
date
Fri, 03 Dec 2021 16:23:01 GMT
content-type
text/html; charset=utf-8
vary
Accept-Encoding
content-encoding
gzip
timing-allow-origin
*
submit.min.js
kneeansweras.com/ 		34 KB
14 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://kneeansweras.com/submit.min.js?2.0
Requested by
Host: kneeansweras.com
URL: https://kneeansweras.com/afu.php?zoneid=1541501&var=1541502
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
109.206.162.83 , Netherlands, ASN50245 (SERVEREL-AS, NL),
Reverse DNS
83.162.serverel.net
Software
nginx /
Resource Hash
85a367f436675a0f9ff723ab117c68ab0f704cd9f183bc40c8d5e06d647832b8

Request headers

Accept-Language
nl-NL,nl;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date
Fri, 03 Dec 2021 16:23:01 GMT
content-encoding
gzip
last-modified
Thu, 02 Dec 2021 12:43:17 GMT
server
nginx
etag
W/"61a8bf65-87fb"
vary
Accept-Encoding
content-type
application/javascript
timing-allow-origin
*
/
kneeansweras.com/ 		3 KB
2 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://kneeansweras.com/?r=dir&zoneid=1541501&var=1541502&pb=c7faa40d15ef954beccbc274315a1d5d1638555781&psp=Js8GWnooecSY49zyODjabnPpJszlT74uluqutZH7FMqYDh9zWdwJFOqFmUvSaQC1Ij3RpetXUA4r-ywPPucPwpOGWS897FQ_52kwjYIbHznw7eLr0y6JcW0VHUgexQSo0AnUvCo9ms86o_ixRBtp61ewXO0Zi4XrS8maRmH-aJPkA6Y--6xkYJnMhsU8MB4_iOyaueZhF7CWeBfrDu2dZS1DWyu4Gd8Sf0sdNN3I1V176p-Y3ck8IMa-riRuQo7QAPFZBP46RXxJIF3m363yejfYJ217LmGsZfgbWAaKn0-_Z6jrxfTPg7o1656sQwaAuMu0CQFuB-NCGrWF9VZ39Pas8X2Rz1wRB12Js6wuFw6BaFgGpnL2FdCPmH9PLQPkVA8AN2fR4nNhWt3aqTQj3sXFjf8UT9jJ8tnutnv_WPI0R-EdXCfaEibK37IpLacHGhLuWLeu_sz8rmU9mHexDxnzzldz-fhWJoEaRebNAIDeiMchZQZ38pwvyqHWZ5qyO_JqlLaPfG1C06q9U1uPpHuIrBtO76cezzaH7sosBhZngogZMc8vvmDFcgL23m9wESH9nE18g9iAw84kg_s0ki2X_sVA6ZU-ZKBHrmr_rK4M__HDW6ZayrxHlxzR-hBdKoTuGmBChpjhRMARJ6wmiGz_CT6YANbDlQVD2mfzXLlLJv7b42p6IQ==&nojs=0&ix=0&t=0&x=1600&y=1200&wcks=1&wgl=1&cnvs=1&os=0&md=0&bb=0&pl=Chrome%20PDF%20Plugin::Chrome%20PDF%20Viewer::Native%20Client&lang=en-US&pf=Linux%20x86_64&cd=24&0&pload=108
Requested by
Host: kneeansweras.com
URL: https://kneeansweras.com/submit.min.js?2.0
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
109.206.162.83 , Netherlands, ASN50245 (SERVEREL-AS, NL),
Reverse DNS
83.162.serverel.net
Software
nginx /
Resource Hash
d32cf89a0337289bf7516177d7f8a92899389d5c4c07922cfd4eed23336a3c28

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36
Accept-Language
nl-NL,nl;q=0.9

Response headers

server
nginx
date
Fri, 03 Dec 2021 16:23:01 GMT
content-type
text/html; charset=utf-8
vary
Accept-Encoding
content-encoding
gzip
timing-allow-origin
*
index.html
517s61.reminews.com/dannig/common-player-arrow/ 		6 KB
7 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://517s61.reminews.com/dannig/common-player-arrow/index.html?var=1541501&ymid=21120311230705416d46c34e28a8ff3733c6&rc=1&mrc=0&fsc=0&zoneid=1601571&tburl=https://play-vids.com/?geo=nl&proxy=true
Requested by
Host: kneeansweras.com
URL: https://kneeansweras.com/?r=dir&zoneid=1541501&var=1541502&pb=c7faa40d15ef954beccbc274315a1d5d1638555781&psp=Js8GWnooecSY49zyODjabnPpJszlT74uluqutZH7FMqYDh9zWdwJFOqFmUvSaQC1Ij3RpetXUA4r-ywPPucPwpOGWS897FQ_52kwjYIbHznw7eLr0y6JcW0VHUgexQSo0AnUvCo9ms86o_ixRBtp61ewXO0Zi4XrS8maRmH-aJPkA6Y--6xkYJnMhsU8MB4_iOyaueZhF7CWeBfrDu2dZS1DWyu4Gd8Sf0sdNN3I1V176p-Y3ck8IMa-riRuQo7QAPFZBP46RXxJIF3m363yejfYJ217LmGsZfgbWAaKn0-_Z6jrxfTPg7o1656sQwaAuMu0CQFuB-NCGrWF9VZ39Pas8X2Rz1wRB12Js6wuFw6BaFgGpnL2FdCPmH9PLQPkVA8AN2fR4nNhWt3aqTQj3sXFjf8UT9jJ8tnutnv_WPI0R-EdXCfaEibK37IpLacHGhLuWLeu_sz8rmU9mHexDxnzzldz-fhWJoEaRebNAIDeiMchZQZ38pwvyqHWZ5qyO_JqlLaPfG1C06q9U1uPpHuIrBtO76cezzaH7sosBhZngogZMc8vvmDFcgL23m9wESH9nE18g9iAw84kg_s0ki2X_sVA6ZU-ZKBHrmr_rK4M__HDW6ZayrxHlxzR-hBdKoTuGmBChpjhRMARJ6wmiGz_CT6YANbDlQVD2mfzXLlLJv7b42p6IQ==&nojs=0&ix=0&t=0&x=1600&y=1200&wcks=1&wgl=1&cnvs=1&os=0&md=0&bb=0&pl=Chrome%20PDF%20Plugin::Chrome%20PDF%20Viewer::Native%20Client&lang=en-US&pf=Linux%20x86_64&cd=24&0&pload=108
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
45.133.44.3 Philadelphia, United States, ASN39572 (ADVANCEDHOSTERS-AS, NL),
Reverse DNS
Software
nginx/1.18.0 /
Resource Hash
dccc56b4834577790633f041a5c730b0f283352e63c8509a9da3961b170b6f96

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36
Accept-Language
nl-NL,nl;q=0.9

Response headers

date
Fri, 03 Dec 2021 16:23:01 GMT
content-type
text/html; charset=utf-8
content-length
6611
server
nginx/1.18.0
last-modified
Tue, 26 Oct 2021 15:52:40 GMT
etag
f46a63e0e4e733d7ddc6f46da00863bf
x-timestamp
1635263559.76455
x-trans-id
txf9973ab5455e4f86ae257-00617824f3
x-openstack-request-id
txf9973ab5455e4f86ae257-00617824f3
cache-control
max-age=172800
access-control-allow-origin
*
access-control-allow-methods
HEAD,GET,POST,PUT,PATCH,DELETE,OPTIONS
access-control-allow-headers
Content-Type,X-Requested-With,X-Auth-Token,X-Openstack-Request-Id,X-Container-Meta-type,X-Container-Meta-Temp-URL-Key,Authorization
access-control-expose-headers
X-Container-Meta-Temp-Url-Key,X-Container-Bytes-Used,Last-Modified,X-Timestamp
expires
Sun, 05 Dec 2021 16:23:01 GMT
vary
Accept-Encoding
x-proxy-cache
HIT
accept-ranges
bytes
dupa.gif
kneeansweras.com/ 		0
0
script.js
123.selornews.com/dannig/common-player-arrow/ 		4 KB
5 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://123.selornews.com/dannig/common-player-arrow/script.js?a=19
Requested by
Host: 517s61.reminews.com
URL: https://517s61.reminews.com/dannig/common-player-arrow/index.html?var=1541501&ymid=21120311230705416d46c34e28a8ff3733c6&rc=1&mrc=0&fsc=0&zoneid=1601571&tburl=https://play-vids.com/?geo=nl&proxy=true
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
45.133.44.4 Philadelphia, United States, ASN39572 (ADVANCEDHOSTERS-AS, NL),
Reverse DNS
Software
nginx/1.18.0 /
Resource Hash
4d23eca65ee87fd5bce9aaefc863c5f836ad13dbb3069c72533bddfe2054d0d9

Request headers

Accept-Language
nl-NL,nl;q=0.9
Referer
https://517s61.reminews.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date
Fri, 03 Dec 2021 16:23:01 GMT
x-openstack-request-id
tx511d3042704c4fa98c709-00617824f4
x-trans-id
tx511d3042704c4fa98c709-00617824f4
x-timestamp
1631013005.68768
accept-ranges
bytes
expires
Sun, 05 Dec 2021 16:23:01 GMT
last-modified
Tue, 07 Sep 2021 11:10:06 GMT
server
nginx/1.18.0
etag
9d479878f1dadd7ee15cebf73891e8ae
vary
Accept-Encoding
access-control-allow-methods
HEAD,GET,POST,PUT,PATCH,DELETE,OPTIONS
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
access-control-expose-headers
X-Container-Meta-Temp-Url-Key,X-Container-Bytes-Used,Last-Modified,X-Timestamp
cache-control
max-age=172800
content-length
4281
access-control-allow-headers
Content-Type,X-Requested-With,X-Auth-Token,X-Openstack-Request-Id,X-Container-Meta-type,X-Container-Meta-Temp-URL-Key,Authorization
x-proxy-cache
HIT
icon1.png
123.selornews.com/dannig/common-player-arrow/img/ 		7 KB
8 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://123.selornews.com/dannig/common-player-arrow/img/icon1.png
Requested by
Host: 517s61.reminews.com
URL: https://517s61.reminews.com/dannig/common-player-arrow/index.html?var=1541501&ymid=21120311230705416d46c34e28a8ff3733c6&rc=1&mrc=0&fsc=0&zoneid=1601571&tburl=https://play-vids.com/?geo=nl&proxy=true
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
45.133.44.4 Philadelphia, United States, ASN39572 (ADVANCEDHOSTERS-AS, NL),
Reverse DNS
Software
nginx/1.18.0 /
Resource Hash
0515ddd9185d263874e7b66bb6d521fcd63b857aac5fed51c08df98026dafe27

Request headers

Accept-Language
nl-NL,nl;q=0.9
Referer
https://517s61.reminews.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date
Fri, 03 Dec 2021 16:23:01 GMT
x-openstack-request-id
tx3a371b7f911d47879e956-00617824f4
x-trans-id
tx3a371b7f911d47879e956-00617824f4
x-timestamp
1621260766.56573
accept-ranges
bytes
expires
Sun, 05 Dec 2021 16:23:01 GMT
last-modified
Mon, 17 May 2021 14:12:47 GMT
server
nginx/1.18.0
etag
3d0ab5834c8bf7134e4d21fa3288317f
vary
Accept-Encoding
access-control-allow-methods
HEAD,GET,POST,PUT,PATCH,DELETE,OPTIONS
content-type
image/png
access-control-allow-origin
*
access-control-expose-headers
X-Container-Meta-Temp-Url-Key,X-Container-Bytes-Used,Last-Modified,X-Timestamp
cache-control
max-age=172800
content-length
7252
access-control-allow-headers
Content-Type,X-Requested-With,X-Auth-Token,X-Openstack-Request-Id,X-Container-Meta-type,X-Container-Meta-Temp-URL-Key,Authorization
x-proxy-cache
HIT
icon2.png
123.selornews.com/dannig/common-player-arrow/img/ 		4 KB
5 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://123.selornews.com/dannig/common-player-arrow/img/icon2.png
Requested by
Host: 517s61.reminews.com
URL: https://517s61.reminews.com/dannig/common-player-arrow/index.html?var=1541501&ymid=21120311230705416d46c34e28a8ff3733c6&rc=1&mrc=0&fsc=0&zoneid=1601571&tburl=https://play-vids.com/?geo=nl&proxy=true
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
45.133.44.4 Philadelphia, United States, ASN39572 (ADVANCEDHOSTERS-AS, NL),
Reverse DNS
Software
nginx/1.18.0 /
Resource Hash

Request headers

Accept-Language
nl-NL,nl;q=0.9
Referer
https://517s61.reminews.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date
Fri, 03 Dec 2021 16:23:01 GMT
x-openstack-request-id
txa9b08c83d6884e2e94886-00617824f0
x-trans-id
txa9b08c83d6884e2e94886-00617824f0
x-timestamp
1621260766.58366
accept-ranges
bytes
expires
Sun, 05 Dec 2021 16:23:01 GMT
last-modified
Mon, 17 May 2021 14:12:47 GMT
server
nginx/1.18.0
etag
c947d439eb93367f1af5b2a3d222f057
vary
Accept-Encoding
access-control-allow-methods
HEAD,GET,POST,PUT,PATCH,DELETE,OPTIONS
content-type
image/png
access-control-allow-origin
*
access-control-expose-headers
X-Container-Meta-Temp-Url-Key,X-Container-Bytes-Used,Last-Modified,X-Timestamp
cache-control
max-age=172800
content-length
4576
access-control-allow-headers
Content-Type,X-Requested-With,X-Auth-Token,X-Openstack-Request-Id,X-Container-Meta-type,X-Container-Meta-Temp-URL-Key,Authorization
x-proxy-cache
HIT
icon3.png
123.selornews.com/dannig/common-player-arrow/img/ 		8 KB
8 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://123.selornews.com/dannig/common-player-arrow/img/icon3.png
Requested by
Host: 517s61.reminews.com
URL: https://517s61.reminews.com/dannig/common-player-arrow/index.html?var=1541501&ymid=21120311230705416d46c34e28a8ff3733c6&rc=1&mrc=0&fsc=0&zoneid=1601571&tburl=https://play-vids.com/?geo=nl&proxy=true
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
45.133.44.4 Philadelphia, United States, ASN39572 (ADVANCEDHOSTERS-AS, NL),
Reverse DNS
Software
nginx/1.18.0 /
Resource Hash

Request headers

Accept-Language
nl-NL,nl;q=0.9
Referer
https://517s61.reminews.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date
Fri, 03 Dec 2021 16:23:01 GMT
x-openstack-request-id
txe836bc800dc74cab8c17e-00617824f0
x-trans-id
txe836bc800dc74cab8c17e-00617824f0
x-timestamp
1621260770.61859
accept-ranges
bytes
expires
Sun, 05 Dec 2021 16:23:01 GMT
last-modified
Mon, 17 May 2021 14:12:51 GMT
server
nginx/1.18.0
etag
8f3cc830da0b1fdf66bda7d1d734747b
vary
Accept-Encoding
access-control-allow-methods
HEAD,GET,POST,PUT,PATCH,DELETE,OPTIONS
content-type
image/png
access-control-allow-origin
*
access-control-expose-headers
X-Container-Meta-Temp-Url-Key,X-Container-Bytes-Used,Last-Modified,X-Timestamp
cache-control
max-age=172800
content-length
7847
access-control-allow-headers
Content-Type,X-Requested-With,X-Auth-Token,X-Openstack-Request-Id,X-Container-Meta-type,X-Container-Meta-Temp-URL-Key,Authorization
x-proxy-cache
HIT
icon4.png
123.selornews.com/dannig/common-player-arrow/img/ 		7 KB
7 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://123.selornews.com/dannig/common-player-arrow/img/icon4.png
Requested by
Host: 517s61.reminews.com
URL: https://517s61.reminews.com/dannig/common-player-arrow/index.html?var=1541501&ymid=21120311230705416d46c34e28a8ff3733c6&rc=1&mrc=0&fsc=0&zoneid=1601571&tburl=https://play-vids.com/?geo=nl&proxy=true
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
45.133.44.4 Philadelphia, United States, ASN39572 (ADVANCEDHOSTERS-AS, NL),
Reverse DNS
Software
nginx/1.18.0 /
Resource Hash

Request headers

Accept-Language
nl-NL,nl;q=0.9
Referer
https://517s61.reminews.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date
Fri, 03 Dec 2021 16:23:01 GMT
x-openstack-request-id
tx15b172dcb6084849bf123-00617824f0
x-trans-id
tx15b172dcb6084849bf123-00617824f0
x-timestamp
1621260766.57654
accept-ranges
bytes
expires
Sun, 05 Dec 2021 16:23:01 GMT
last-modified
Mon, 17 May 2021 14:12:47 GMT
server
nginx/1.18.0
etag
7ad7f32c1c0df7b4975cc41bda4ac435
vary
Accept-Encoding
access-control-allow-methods
HEAD,GET,POST,PUT,PATCH,DELETE,OPTIONS
content-type
image/png
access-control-allow-origin
*
access-control-expose-headers
X-Container-Meta-Temp-Url-Key,X-Container-Bytes-Used,Last-Modified,X-Timestamp
cache-control
max-age=172800
content-length
7032
access-control-allow-headers
Content-Type,X-Requested-With,X-Auth-Token,X-Openstack-Request-Id,X-Container-Meta-type,X-Container-Meta-Temp-URL-Key,Authorization
x-proxy-cache
HIT
icon5.png
123.selornews.com/dannig/common-player-arrow/img/ 		3 KB
4 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://123.selornews.com/dannig/common-player-arrow/img/icon5.png
Requested by
Host: 517s61.reminews.com
URL: https://517s61.reminews.com/dannig/common-player-arrow/index.html?var=1541501&ymid=21120311230705416d46c34e28a8ff3733c6&rc=1&mrc=0&fsc=0&zoneid=1601571&tburl=https://play-vids.com/?geo=nl&proxy=true
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
45.133.44.4 Philadelphia, United States, ASN39572 (ADVANCEDHOSTERS-AS, NL),
Reverse DNS
Software
nginx/1.18.0 /
Resource Hash

Request headers

Accept-Language
nl-NL,nl;q=0.9
Referer
https://517s61.reminews.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date
Fri, 03 Dec 2021 16:23:01 GMT
x-openstack-request-id
txb5043e51fe2e4d6988631-00617824f0
x-trans-id
txb5043e51fe2e4d6988631-00617824f0
x-timestamp
1621260766.74516
accept-ranges
bytes
expires
Sun, 05 Dec 2021 16:23:01 GMT
last-modified
Mon, 17 May 2021 14:12:47 GMT
server
nginx/1.18.0
etag
1e1a7582b5da63e10485d63f97abc9a0
vary
Accept-Encoding
access-control-allow-methods
HEAD,GET,POST,PUT,PATCH,DELETE,OPTIONS
content-type
image/png
access-control-allow-origin
*
access-control-expose-headers
X-Container-Meta-Temp-Url-Key,X-Container-Bytes-Used,Last-Modified,X-Timestamp
cache-control
max-age=172800
content-length
3264
access-control-allow-headers
Content-Type,X-Requested-With,X-Auth-Token,X-Openstack-Request-Id,X-Container-Meta-type,X-Container-Meta-Temp-URL-Key,Authorization
x-proxy-cache
HIT
icon7.png
123.selornews.com/dannig/common-player-arrow/img/ 		3 KB
4 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://123.selornews.com/dannig/common-player-arrow/img/icon7.png
Requested by
Host: 517s61.reminews.com
URL: https://517s61.reminews.com/dannig/common-player-arrow/index.html?var=1541501&ymid=21120311230705416d46c34e28a8ff3733c6&rc=1&mrc=0&fsc=0&zoneid=1601571&tburl=https://play-vids.com/?geo=nl&proxy=true
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
45.133.44.4 Philadelphia, United States, ASN39572 (ADVANCEDHOSTERS-AS, NL),
Reverse DNS
Software
nginx/1.18.0 /
Resource Hash

Request headers

Accept-Language
nl-NL,nl;q=0.9
Referer
https://517s61.reminews.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date
Fri, 03 Dec 2021 16:23:01 GMT
x-openstack-request-id
tx23eb648f44094a9e86fdc-00617824f0
x-trans-id
tx23eb648f44094a9e86fdc-00617824f0
x-timestamp
1621260767.43555
accept-ranges
bytes
expires
Sun, 05 Dec 2021 16:23:01 GMT
last-modified
Mon, 17 May 2021 14:12:48 GMT
server
nginx/1.18.0
etag
b512735542cb07b3b2dcf153a7dfe456
vary
Accept-Encoding
access-control-allow-methods
HEAD,GET,POST,PUT,PATCH,DELETE,OPTIONS
content-type
image/png
access-control-allow-origin
*
access-control-expose-headers
X-Container-Meta-Temp-Url-Key,X-Container-Bytes-Used,Last-Modified,X-Timestamp
cache-control
max-age=172800
content-length
3283
access-control-allow-headers
Content-Type,X-Requested-With,X-Auth-Token,X-Openstack-Request-Id,X-Container-Meta-type,X-Container-Meta-Temp-URL-Key,Authorization
x-proxy-cache
HIT
icon8.png
123.selornews.com/dannig/common-player-arrow/img/ 		4 KB
5 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://123.selornews.com/dannig/common-player-arrow/img/icon8.png
Requested by
Host: 517s61.reminews.com
URL: https://517s61.reminews.com/dannig/common-player-arrow/index.html?var=1541501&ymid=21120311230705416d46c34e28a8ff3733c6&rc=1&mrc=0&fsc=0&zoneid=1601571&tburl=https://play-vids.com/?geo=nl&proxy=true
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
45.133.44.4 Philadelphia, United States, ASN39572 (ADVANCEDHOSTERS-AS, NL),
Reverse DNS
Software
nginx/1.18.0 /
Resource Hash

Request headers

Accept-Language
nl-NL,nl;q=0.9
Referer
https://517s61.reminews.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date
Fri, 03 Dec 2021 16:23:01 GMT
x-openstack-request-id
tx287de7c84de84b77b385d-00617824f0
x-trans-id
tx287de7c84de84b77b385d-00617824f0
x-timestamp
1621260767.46514
accept-ranges
bytes
expires
Sun, 05 Dec 2021 16:23:01 GMT
last-modified
Mon, 17 May 2021 14:12:48 GMT
server
nginx/1.18.0
etag
f92d6474ebc6a3a0b576749cfb4afe98
vary
Accept-Encoding
access-control-allow-methods
HEAD,GET,POST,PUT,PATCH,DELETE,OPTIONS
content-type
image/png
access-control-allow-origin
*
access-control-expose-headers
X-Container-Meta-Temp-Url-Key,X-Container-Bytes-Used,Last-Modified,X-Timestamp
cache-control
max-age=172800
content-length
4064
access-control-allow-headers
Content-Type,X-Requested-With,X-Auth-Token,X-Openstack-Request-Id,X-Container-Meta-type,X-Container-Meta-Temp-URL-Key,Authorization
x-proxy-cache
HIT
afu.php
kneeansweras.com/ 		2 KB
1 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://kneeansweras.com/afu.php?zoneid=1541502&var=1541501
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
109.206.162.83 , Netherlands, ASN50245 (SERVEREL-AS, NL),
Reverse DNS
83.162.serverel.net
Software
nginx /
Resource Hash
20393c6b7239025baa017b6c04151f5286ee96c9780f1e2f7bf37fa8c8b01bcd

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36
Accept-Language
nl-NL,nl;q=0.9

Response headers

server
nginx
date
Fri, 03 Dec 2021 16:23:01 GMT
content-type
text/html; charset=utf-8
vary
Accept-Encoding
content-encoding
gzip
timing-allow-origin
*
submit.min.js
kneeansweras.com/ 		34 KB
14 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://kneeansweras.com/submit.min.js?2.0
Requested by
Host: kneeansweras.com
URL: https://kneeansweras.com/afu.php?zoneid=1541502&var=1541501
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
109.206.162.83 , Netherlands, ASN50245 (SERVEREL-AS, NL),
Reverse DNS
83.162.serverel.net
Software
nginx /
Resource Hash
85a367f436675a0f9ff723ab117c68ab0f704cd9f183bc40c8d5e06d647832b8

Request headers

Accept-Language
nl-NL,nl;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date
Fri, 03 Dec 2021 16:23:01 GMT
content-encoding
gzip
last-modified
Thu, 02 Dec 2021 12:43:17 GMT
server
nginx
etag
W/"61a8bf65-87fb"
vary
Accept-Encoding
content-type
application/javascript
timing-allow-origin
*
/
kneeansweras.com/ 		3 KB
2 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://kneeansweras.com/?r=dir&zoneid=1541502&var=1541501&pb=c7faa40d15ef954beccbc274315a1d5d1638555781&psp=uPsuUfQYxR2CbdJA64_0GqxsHlkFhUNaUK_2E60Y1kuHQnZyteuwMXD0mh_aAjXdWWrYoTSChGQ_KqB5_PW3zyHnsS5NuEgkXu3wJnMpQtTkUSIfXdvIejk_sH9OBapjdhmtTwwf9b-4AGlxDfHLFTV9E-i2uuIKC0vAHWRqIeJyWZprEugofya3DiyUM5CuB0gzPtDfb0i_ABIosSv_GoK3WmuEuYrFwKoO2PY4mBO9-rBfo9_9NDhrRQqvH5T3CXw22AoCo3AjSP4UReDhn9td8k6n8owr8ZmrMco1V_np618LH0atatsnGbi6MdFxoQ9I_XVMhAE2NRzhYpjCgpHum6t0_FE5pySV6bvJoymp866Esp8RIVfeTSEuXdCkWcgzz718BRinXAtUT4LK1b4hJ5wTJwoyXvtIIDrD3MQKSa_d78TY9Plhh6-ceSeoTFKvHzhmUK_LOFw5SDBtNHD4Av1-eYBYPf0Z9MNCkmnAz4tIIZHEXR6kDFS8TeH3L2xxlsoRTu-pa3aCFM6ZUFrQeyF1ztcV98CdJWOqZUNsiWXgG2AouheKzOTw-bKtgUA1oaX6swo8BZWP06S8W8U-OizM4Inw9DOWd1QFQ2YSHjN0kDhvLXZt_bmXmn6pu-Q5mFZbU58fZlBv6pJz9jWUuOoRJW_hg_bUiobXtnIdpc82eAn69A==&nojs=0&ix=0&t=0&x=1600&y=1200&wcks=1&wgl=1&cnvs=1&os=0&md=0&bb=0&pl=Chrome%20PDF%20Plugin::Chrome%20PDF%20Viewer::Native%20Client&lang=en-US&pf=Linux%20x86_64&cd=24&0&pload=112
Requested by
Host: kneeansweras.com
URL: https://kneeansweras.com/submit.min.js?2.0
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
109.206.162.83 , Netherlands, ASN50245 (SERVEREL-AS, NL),
Reverse DNS
83.162.serverel.net
Software
nginx /
Resource Hash
a0de622a64271c02e653210b6c6ab0e52c3f8727ddf39314f13f0572873db5cf

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36
Accept-Language
nl-NL,nl;q=0.9

Response headers

server
nginx
date
Fri, 03 Dec 2021 16:23:01 GMT
content-type
text/html; charset=utf-8
vary
Accept-Encoding
content-encoding
gzip
timing-allow-origin
*
index.html
517s61.reminews.com/dannig/common-player-arrow/ 		6 KB
7 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://517s61.reminews.com/dannig/common-player-arrow/index.html?var=1541502&ymid=2112031123ffa0c0979d724c35b2a199dbc0&rc=1&mrc=0&fsc=0&zoneid=1601571&tburl=https://play-vids.com/?geo=nl&proxy=true
Requested by
Host: kneeansweras.com
URL: https://kneeansweras.com/?r=dir&zoneid=1541502&var=1541501&pb=c7faa40d15ef954beccbc274315a1d5d1638555781&psp=uPsuUfQYxR2CbdJA64_0GqxsHlkFhUNaUK_2E60Y1kuHQnZyteuwMXD0mh_aAjXdWWrYoTSChGQ_KqB5_PW3zyHnsS5NuEgkXu3wJnMpQtTkUSIfXdvIejk_sH9OBapjdhmtTwwf9b-4AGlxDfHLFTV9E-i2uuIKC0vAHWRqIeJyWZprEugofya3DiyUM5CuB0gzPtDfb0i_ABIosSv_GoK3WmuEuYrFwKoO2PY4mBO9-rBfo9_9NDhrRQqvH5T3CXw22AoCo3AjSP4UReDhn9td8k6n8owr8ZmrMco1V_np618LH0atatsnGbi6MdFxoQ9I_XVMhAE2NRzhYpjCgpHum6t0_FE5pySV6bvJoymp866Esp8RIVfeTSEuXdCkWcgzz718BRinXAtUT4LK1b4hJ5wTJwoyXvtIIDrD3MQKSa_d78TY9Plhh6-ceSeoTFKvHzhmUK_LOFw5SDBtNHD4Av1-eYBYPf0Z9MNCkmnAz4tIIZHEXR6kDFS8TeH3L2xxlsoRTu-pa3aCFM6ZUFrQeyF1ztcV98CdJWOqZUNsiWXgG2AouheKzOTw-bKtgUA1oaX6swo8BZWP06S8W8U-OizM4Inw9DOWd1QFQ2YSHjN0kDhvLXZt_bmXmn6pu-Q5mFZbU58fZlBv6pJz9jWUuOoRJW_hg_bUiobXtnIdpc82eAn69A==&nojs=0&ix=0&t=0&x=1600&y=1200&wcks=1&wgl=1&cnvs=1&os=0&md=0&bb=0&pl=Chrome%20PDF%20Plugin::Chrome%20PDF%20Viewer::Native%20Client&lang=en-US&pf=Linux%20x86_64&cd=24&0&pload=112
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
45.133.44.3 Philadelphia, United States, ASN39572 (ADVANCEDHOSTERS-AS, NL),
Reverse DNS
Software
nginx/1.18.0 /
Resource Hash
dccc56b4834577790633f041a5c730b0f283352e63c8509a9da3961b170b6f96

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36
Accept-Language
nl-NL,nl;q=0.9

Response headers

date
Fri, 03 Dec 2021 16:23:02 GMT
content-type
text/html; charset=utf-8
content-length
6611
server
nginx/1.18.0
last-modified
Tue, 26 Oct 2021 15:52:40 GMT
etag
f46a63e0e4e733d7ddc6f46da00863bf
x-timestamp
1635263559.76455
x-trans-id
txf9973ab5455e4f86ae257-00617824f3
x-openstack-request-id
txf9973ab5455e4f86ae257-00617824f3
cache-control
max-age=172800
access-control-allow-origin
*
access-control-allow-methods
HEAD,GET,POST,PUT,PATCH,DELETE,OPTIONS
access-control-allow-headers
Content-Type,X-Requested-With,X-Auth-Token,X-Openstack-Request-Id,X-Container-Meta-type,X-Container-Meta-Temp-URL-Key,Authorization
access-control-expose-headers
X-Container-Meta-Temp-Url-Key,X-Container-Bytes-Used,Last-Modified,X-Timestamp
expires
Sun, 05 Dec 2021 16:23:02 GMT
vary
Accept-Encoding
x-proxy-cache
HIT
accept-ranges
bytes
dupa.gif
kneeansweras.com/ 		0
0
script.js
123.selornews.com/dannig/common-player-arrow/ 		4 KB
5 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://123.selornews.com/dannig/common-player-arrow/script.js?a=19
Requested by
Host: 517s61.reminews.com
URL: https://517s61.reminews.com/dannig/common-player-arrow/index.html?var=1541502&ymid=2112031123ffa0c0979d724c35b2a199dbc0&rc=1&mrc=0&fsc=0&zoneid=1601571&tburl=https://play-vids.com/?geo=nl&proxy=true
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
45.133.44.4 Philadelphia, United States, ASN39572 (ADVANCEDHOSTERS-AS, NL),
Reverse DNS
Software
nginx/1.18.0 /
Resource Hash
4d23eca65ee87fd5bce9aaefc863c5f836ad13dbb3069c72533bddfe2054d0d9

Request headers

Accept-Language
nl-NL,nl;q=0.9
Referer
https://517s61.reminews.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date
Fri, 03 Dec 2021 16:23:02 GMT
x-openstack-request-id
tx511d3042704c4fa98c709-00617824f4
x-trans-id
tx511d3042704c4fa98c709-00617824f4
x-timestamp
1631013005.68768
accept-ranges
bytes
expires
Sun, 05 Dec 2021 16:23:02 GMT
last-modified
Tue, 07 Sep 2021 11:10:06 GMT
server
nginx/1.18.0
etag
9d479878f1dadd7ee15cebf73891e8ae
vary
Accept-Encoding
access-control-allow-methods
HEAD,GET,POST,PUT,PATCH,DELETE,OPTIONS
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
access-control-expose-headers
X-Container-Meta-Temp-Url-Key,X-Container-Bytes-Used,Last-Modified,X-Timestamp
cache-control
max-age=172800
content-length
4281
access-control-allow-headers
Content-Type,X-Requested-With,X-Auth-Token,X-Openstack-Request-Id,X-Container-Meta-type,X-Container-Meta-Temp-URL-Key,Authorization
x-proxy-cache
HIT
icon1.png
123.selornews.com/dannig/common-player-arrow/img/ 		7 KB
8 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://123.selornews.com/dannig/common-player-arrow/img/icon1.png
Requested by
Host: 517s61.reminews.com
URL: https://517s61.reminews.com/dannig/common-player-arrow/index.html?var=1541502&ymid=2112031123ffa0c0979d724c35b2a199dbc0&rc=1&mrc=0&fsc=0&zoneid=1601571&tburl=https://play-vids.com/?geo=nl&proxy=true
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
45.133.44.4 Philadelphia, United States, ASN39572 (ADVANCEDHOSTERS-AS, NL),
Reverse DNS
Software
nginx/1.18.0 /
Resource Hash
0515ddd9185d263874e7b66bb6d521fcd63b857aac5fed51c08df98026dafe27

Request headers

Accept-Language
nl-NL,nl;q=0.9
Referer
https://517s61.reminews.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date
Fri, 03 Dec 2021 16:23:02 GMT
x-openstack-request-id
tx3a371b7f911d47879e956-00617824f4
x-trans-id
tx3a371b7f911d47879e956-00617824f4
x-timestamp
1621260766.56573
accept-ranges
bytes
expires
Sun, 05 Dec 2021 16:23:02 GMT
last-modified
Mon, 17 May 2021 14:12:47 GMT
server
nginx/1.18.0
etag
3d0ab5834c8bf7134e4d21fa3288317f
vary
Accept-Encoding
access-control-allow-methods
HEAD,GET,POST,PUT,PATCH,DELETE,OPTIONS
content-type
image/png
access-control-allow-origin
*
access-control-expose-headers
X-Container-Meta-Temp-Url-Key,X-Container-Bytes-Used,Last-Modified,X-Timestamp
cache-control
max-age=172800
content-length
7252
access-control-allow-headers
Content-Type,X-Requested-With,X-Auth-Token,X-Openstack-Request-Id,X-Container-Meta-type,X-Container-Meta-Temp-URL-Key,Authorization
x-proxy-cache
HIT
icon2.png
123.selornews.com/dannig/common-player-arrow/img/ 		4 KB
5 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://123.selornews.com/dannig/common-player-arrow/img/icon2.png
Requested by
Host: 517s61.reminews.com
URL: https://517s61.reminews.com/dannig/common-player-arrow/index.html?var=1541502&ymid=2112031123ffa0c0979d724c35b2a199dbc0&rc=1&mrc=0&fsc=0&zoneid=1601571&tburl=https://play-vids.com/?geo=nl&proxy=true
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
45.133.44.4 Philadelphia, United States, ASN39572 (ADVANCEDHOSTERS-AS, NL),
Reverse DNS
Software
nginx/1.18.0 /
Resource Hash

Request headers

Accept-Language
nl-NL,nl;q=0.9
Referer
https://517s61.reminews.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date
Fri, 03 Dec 2021 16:23:02 GMT
x-openstack-request-id
txa9b08c83d6884e2e94886-00617824f0
x-trans-id
txa9b08c83d6884e2e94886-00617824f0
x-timestamp
1621260766.58366
accept-ranges
bytes
expires
Sun, 05 Dec 2021 16:23:02 GMT
last-modified
Mon, 17 May 2021 14:12:47 GMT
server
nginx/1.18.0
etag
c947d439eb93367f1af5b2a3d222f057
vary
Accept-Encoding
access-control-allow-methods
HEAD,GET,POST,PUT,PATCH,DELETE,OPTIONS
content-type
image/png
access-control-allow-origin
*
access-control-expose-headers
X-Container-Meta-Temp-Url-Key,X-Container-Bytes-Used,Last-Modified,X-Timestamp
cache-control
max-age=172800
content-length
4576
access-control-allow-headers
Content-Type,X-Requested-With,X-Auth-Token,X-Openstack-Request-Id,X-Container-Meta-type,X-Container-Meta-Temp-URL-Key,Authorization
x-proxy-cache
HIT
icon3.png
123.selornews.com/dannig/common-player-arrow/img/ 		8 KB
8 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://123.selornews.com/dannig/common-player-arrow/img/icon3.png
Requested by
Host: 517s61.reminews.com
URL: https://517s61.reminews.com/dannig/common-player-arrow/index.html?var=1541502&ymid=2112031123ffa0c0979d724c35b2a199dbc0&rc=1&mrc=0&fsc=0&zoneid=1601571&tburl=https://play-vids.com/?geo=nl&proxy=true
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
45.133.44.4 Philadelphia, United States, ASN39572 (ADVANCEDHOSTERS-AS, NL),
Reverse DNS
Software
nginx/1.18.0 /
Resource Hash

Request headers

Accept-Language
nl-NL,nl;q=0.9
Referer
https://517s61.reminews.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date
Fri, 03 Dec 2021 16:23:02 GMT
x-openstack-request-id
txe836bc800dc74cab8c17e-00617824f0
x-trans-id
txe836bc800dc74cab8c17e-00617824f0
x-timestamp
1621260770.61859
accept-ranges
bytes
expires
Sun, 05 Dec 2021 16:23:02 GMT
last-modified
Mon, 17 May 2021 14:12:51 GMT
server
nginx/1.18.0
etag
8f3cc830da0b1fdf66bda7d1d734747b
vary
Accept-Encoding
access-control-allow-methods
HEAD,GET,POST,PUT,PATCH,DELETE,OPTIONS
content-type
image/png
access-control-allow-origin
*
access-control-expose-headers
X-Container-Meta-Temp-Url-Key,X-Container-Bytes-Used,Last-Modified,X-Timestamp
cache-control
max-age=172800
content-length
7847
access-control-allow-headers
Content-Type,X-Requested-With,X-Auth-Token,X-Openstack-Request-Id,X-Container-Meta-type,X-Container-Meta-Temp-URL-Key,Authorization
x-proxy-cache
HIT
icon4.png
123.selornews.com/dannig/common-player-arrow/img/ 		7 KB
7 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://123.selornews.com/dannig/common-player-arrow/img/icon4.png
Requested by
Host: 517s61.reminews.com
URL: https://517s61.reminews.com/dannig/common-player-arrow/index.html?var=1541502&ymid=2112031123ffa0c0979d724c35b2a199dbc0&rc=1&mrc=0&fsc=0&zoneid=1601571&tburl=https://play-vids.com/?geo=nl&proxy=true
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
45.133.44.4 Philadelphia, United States, ASN39572 (ADVANCEDHOSTERS-AS, NL),
Reverse DNS
Software
nginx/1.18.0 /
Resource Hash

Request headers

Accept-Language
nl-NL,nl;q=0.9
Referer
https://517s61.reminews.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date
Fri, 03 Dec 2021 16:23:02 GMT
x-openstack-request-id
tx15b172dcb6084849bf123-00617824f0
x-trans-id
tx15b172dcb6084849bf123-00617824f0
x-timestamp
1621260766.57654
accept-ranges
bytes
expires
Sun, 05 Dec 2021 16:23:02 GMT
last-modified
Mon, 17 May 2021 14:12:47 GMT
server
nginx/1.18.0
etag
7ad7f32c1c0df7b4975cc41bda4ac435
vary
Accept-Encoding
access-control-allow-methods
HEAD,GET,POST,PUT,PATCH,DELETE,OPTIONS
content-type
image/png
access-control-allow-origin
*
access-control-expose-headers
X-Container-Meta-Temp-Url-Key,X-Container-Bytes-Used,Last-Modified,X-Timestamp
cache-control
max-age=172800
content-length
7032
access-control-allow-headers
Content-Type,X-Requested-With,X-Auth-Token,X-Openstack-Request-Id,X-Container-Meta-type,X-Container-Meta-Temp-URL-Key,Authorization
x-proxy-cache
HIT
icon5.png
123.selornews.com/dannig/common-player-arrow/img/ 		3 KB
4 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://123.selornews.com/dannig/common-player-arrow/img/icon5.png
Requested by
Host: 517s61.reminews.com
URL: https://517s61.reminews.com/dannig/common-player-arrow/index.html?var=1541502&ymid=2112031123ffa0c0979d724c35b2a199dbc0&rc=1&mrc=0&fsc=0&zoneid=1601571&tburl=https://play-vids.com/?geo=nl&proxy=true
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
45.133.44.4 Philadelphia, United States, ASN39572 (ADVANCEDHOSTERS-AS, NL),
Reverse DNS
Software
nginx/1.18.0 /
Resource Hash

Request headers

Accept-Language
nl-NL,nl;q=0.9
Referer
https://517s61.reminews.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date
Fri, 03 Dec 2021 16:23:02 GMT
x-openstack-request-id
txb5043e51fe2e4d6988631-00617824f0
x-trans-id
txb5043e51fe2e4d6988631-00617824f0
x-timestamp
1621260766.74516
accept-ranges
bytes
expires
Sun, 05 Dec 2021 16:23:02 GMT
last-modified
Mon, 17 May 2021 14:12:47 GMT
server
nginx/1.18.0
etag
1e1a7582b5da63e10485d63f97abc9a0
vary
Accept-Encoding
access-control-allow-methods
HEAD,GET,POST,PUT,PATCH,DELETE,OPTIONS
content-type
image/png
access-control-allow-origin
*
access-control-expose-headers
X-Container-Meta-Temp-Url-Key,X-Container-Bytes-Used,Last-Modified,X-Timestamp
cache-control
max-age=172800
content-length
3264
access-control-allow-headers
Content-Type,X-Requested-With,X-Auth-Token,X-Openstack-Request-Id,X-Container-Meta-type,X-Container-Meta-Temp-URL-Key,Authorization
x-proxy-cache
HIT
icon7.png
123.selornews.com/dannig/common-player-arrow/img/ 		3 KB
4 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://123.selornews.com/dannig/common-player-arrow/img/icon7.png
Requested by
Host: 517s61.reminews.com
URL: https://517s61.reminews.com/dannig/common-player-arrow/index.html?var=1541502&ymid=2112031123ffa0c0979d724c35b2a199dbc0&rc=1&mrc=0&fsc=0&zoneid=1601571&tburl=https://play-vids.com/?geo=nl&proxy=true
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
45.133.44.4 Philadelphia, United States, ASN39572 (ADVANCEDHOSTERS-AS, NL),
Reverse DNS
Software
nginx/1.18.0 /
Resource Hash

Request headers

Accept-Language
nl-NL,nl;q=0.9
Referer
https://517s61.reminews.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date
Fri, 03 Dec 2021 16:23:02 GMT
x-openstack-request-id
tx23eb648f44094a9e86fdc-00617824f0
x-trans-id
tx23eb648f44094a9e86fdc-00617824f0
x-timestamp
1621260767.43555
accept-ranges
bytes
expires
Sun, 05 Dec 2021 16:23:02 GMT
last-modified
Mon, 17 May 2021 14:12:48 GMT
server
nginx/1.18.0
etag
b512735542cb07b3b2dcf153a7dfe456
vary
Accept-Encoding
access-control-allow-methods
HEAD,GET,POST,PUT,PATCH,DELETE,OPTIONS
content-type
image/png
access-control-allow-origin
*
access-control-expose-headers
X-Container-Meta-Temp-Url-Key,X-Container-Bytes-Used,Last-Modified,X-Timestamp
cache-control
max-age=172800
content-length
3283
access-control-allow-headers
Content-Type,X-Requested-With,X-Auth-Token,X-Openstack-Request-Id,X-Container-Meta-type,X-Container-Meta-Temp-URL-Key,Authorization
x-proxy-cache
HIT
icon8.png
123.selornews.com/dannig/common-player-arrow/img/ 		4 KB
5 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://123.selornews.com/dannig/common-player-arrow/img/icon8.png
Requested by
Host: 517s61.reminews.com
URL: https://517s61.reminews.com/dannig/common-player-arrow/index.html?var=1541502&ymid=2112031123ffa0c0979d724c35b2a199dbc0&rc=1&mrc=0&fsc=0&zoneid=1601571&tburl=https://play-vids.com/?geo=nl&proxy=true
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
45.133.44.4 Philadelphia, United States, ASN39572 (ADVANCEDHOSTERS-AS, NL),
Reverse DNS
Software
nginx/1.18.0 /
Resource Hash

Request headers

Accept-Language
nl-NL,nl;q=0.9
Referer
https://517s61.reminews.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date
Fri, 03 Dec 2021 16:23:02 GMT
x-openstack-request-id
tx287de7c84de84b77b385d-00617824f0
x-trans-id
tx287de7c84de84b77b385d-00617824f0
x-timestamp
1621260767.46514
accept-ranges
bytes
expires
Sun, 05 Dec 2021 16:23:02 GMT
last-modified
Mon, 17 May 2021 14:12:48 GMT
server
nginx/1.18.0
etag
f92d6474ebc6a3a0b576749cfb4afe98
vary
Accept-Encoding
access-control-allow-methods
HEAD,GET,POST,PUT,PATCH,DELETE,OPTIONS
content-type
image/png
access-control-allow-origin
*
access-control-expose-headers
X-Container-Meta-Temp-Url-Key,X-Container-Bytes-Used,Last-Modified,X-Timestamp
cache-control
max-age=172800
content-length
4064
access-control-allow-headers
Content-Type,X-Requested-With,X-Auth-Token,X-Openstack-Request-Id,X-Container-Meta-type,X-Container-Meta-Temp-URL-Key,Authorization
x-proxy-cache
HIT
afu.php
kneeansweras.com/ 		2 KB
1 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://kneeansweras.com/afu.php?zoneid=1541501&var=1541502
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
109.206.162.83 , Netherlands, ASN50245 (SERVEREL-AS, NL),
Reverse DNS
83.162.serverel.net
Software
nginx /
Resource Hash
fde6ef876308daaaa20916e5573475c1616985a8de41d1096c060f3ca3bccea2

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36
Accept-Language
nl-NL,nl;q=0.9

Response headers

server
nginx
date
Fri, 03 Dec 2021 16:23:02 GMT
content-type
text/html; charset=utf-8
vary
Accept-Encoding
content-encoding
gzip
timing-allow-origin
*
submit.min.js
kneeansweras.com/ 		34 KB
14 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://kneeansweras.com/submit.min.js?2.0
Requested by
Host: kneeansweras.com
URL: https://kneeansweras.com/afu.php?zoneid=1541501&var=1541502
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
109.206.162.83 , Netherlands, ASN50245 (SERVEREL-AS, NL),
Reverse DNS
83.162.serverel.net
Software
nginx /
Resource Hash
85a367f436675a0f9ff723ab117c68ab0f704cd9f183bc40c8d5e06d647832b8

Request headers

Accept-Language
nl-NL,nl;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date
Fri, 03 Dec 2021 16:23:02 GMT
content-encoding
gzip
last-modified
Thu, 02 Dec 2021 12:43:17 GMT
server
nginx
etag
W/"61a8bf65-87fb"
vary
Accept-Encoding
content-type
application/javascript
timing-allow-origin
*
/
kneeansweras.com/ 		3 KB
2 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://kneeansweras.com/?r=dir&zoneid=1541501&var=1541502&pb=94861bd26ff71adbec89567b22a2ae001638555782&psp=k_yu6P112CFLw8qkVq3QhLQz_FXhtrVwPcz1QzNnoLqyBTZrJ_lX8pjll6zT4NNBy5I6mlMK0MPW-NDCbYKvuM0KPGbH_wyfjQHqQR4oYxbpxCh9of-E_VPLPXIIm-Eg4e6DwViWVxXIGJ3_VqB-AYopW3umvFiv99iKtwKJQwZ2mZ_KjKYp5cYHsKe5Y0uthXbluNlGTl5xHSEaEgCZvM_nL9tAKRYzRguLw0JdTa1rB6q-Yt1N3jdH4I0XcMjcdWld3oGlEGwB_oCxdMk2YO42mL12ofP2S01ow9GyQVxLa86_1R7v5RxoKP6QKJz03KPQGYKYWe2NfEQ48flINK3nz_ztJlDz9RjTmfMCoJ9H78Ke_T4Egz6cIsn-CibO8DnERfPL6ab5C_Gc1utGvFRUuygL_nD7BphMDHCx10n45rR4zzz1aQ1NNc0xw2NRNuW6PhNhyM58Kuf1cOuDmItPjf57w-cC3MS5qlZqwa7NHe23X8NGmVIhFBFC-YZj03v8PYrH_wqWzDABI8qTR3BhwdSkrnk7IJV8szE4hBbohyoUbPG9jtlE8AmfaW-hvTYS8RGPnqOXeGy2EgMWpIJH6eZuGmjTKd9Nhc1l49v71Q8Hkxo6ofYs0fi3Tj-gUqWO7IeWyUaS_YXhLErdkkVF5149bVDI3vqDxk_-1SS7HdFWbo862g==&nojs=0&ix=0&t=0&x=1600&y=1200&wcks=1&wgl=1&cnvs=1&os=0&md=0&bb=0&pl=Chrome%20PDF%20Plugin::Chrome%20PDF%20Viewer::Native%20Client&lang=en-US&pf=Linux%20x86_64&cd=24&0&pload=103
Requested by
Host: kneeansweras.com
URL: https://kneeansweras.com/submit.min.js?2.0
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
109.206.162.83 , Netherlands, ASN50245 (SERVEREL-AS, NL),
Reverse DNS
83.162.serverel.net
Software
nginx /
Resource Hash
38ed0bd5162f1ad60e3d6b3418ed2930f9c84639514954cda29ab16b9b4ea952

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36
Accept-Language
nl-NL,nl;q=0.9

Response headers

server
nginx
date
Fri, 03 Dec 2021 16:23:02 GMT
content-type
text/html; charset=utf-8
vary
Accept-Encoding
content-encoding
gzip
timing-allow-origin
*
index.html
517s61.reminews.com/dannig/common-player-arrow/ 		6 KB
7 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://517s61.reminews.com/dannig/common-player-arrow/index.html?var=1541501&ymid=21120311234eb45788fda642beaa4c31ccbb&rc=1&mrc=0&fsc=0&zoneid=1601571&tburl=https://play-vids.com/?geo=nl&proxy=true
Requested by
Host: kneeansweras.com
URL: https://kneeansweras.com/?r=dir&zoneid=1541501&var=1541502&pb=94861bd26ff71adbec89567b22a2ae001638555782&psp=k_yu6P112CFLw8qkVq3QhLQz_FXhtrVwPcz1QzNnoLqyBTZrJ_lX8pjll6zT4NNBy5I6mlMK0MPW-NDCbYKvuM0KPGbH_wyfjQHqQR4oYxbpxCh9of-E_VPLPXIIm-Eg4e6DwViWVxXIGJ3_VqB-AYopW3umvFiv99iKtwKJQwZ2mZ_KjKYp5cYHsKe5Y0uthXbluNlGTl5xHSEaEgCZvM_nL9tAKRYzRguLw0JdTa1rB6q-Yt1N3jdH4I0XcMjcdWld3oGlEGwB_oCxdMk2YO42mL12ofP2S01ow9GyQVxLa86_1R7v5RxoKP6QKJz03KPQGYKYWe2NfEQ48flINK3nz_ztJlDz9RjTmfMCoJ9H78Ke_T4Egz6cIsn-CibO8DnERfPL6ab5C_Gc1utGvFRUuygL_nD7BphMDHCx10n45rR4zzz1aQ1NNc0xw2NRNuW6PhNhyM58Kuf1cOuDmItPjf57w-cC3MS5qlZqwa7NHe23X8NGmVIhFBFC-YZj03v8PYrH_wqWzDABI8qTR3BhwdSkrnk7IJV8szE4hBbohyoUbPG9jtlE8AmfaW-hvTYS8RGPnqOXeGy2EgMWpIJH6eZuGmjTKd9Nhc1l49v71Q8Hkxo6ofYs0fi3Tj-gUqWO7IeWyUaS_YXhLErdkkVF5149bVDI3vqDxk_-1SS7HdFWbo862g==&nojs=0&ix=0&t=0&x=1600&y=1200&wcks=1&wgl=1&cnvs=1&os=0&md=0&bb=0&pl=Chrome%20PDF%20Plugin::Chrome%20PDF%20Viewer::Native%20Client&lang=en-US&pf=Linux%20x86_64&cd=24&0&pload=103
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
45.133.44.3 Philadelphia, United States, ASN39572 (ADVANCEDHOSTERS-AS, NL),
Reverse DNS
Software
nginx/1.18.0 /
Resource Hash
dccc56b4834577790633f041a5c730b0f283352e63c8509a9da3961b170b6f96

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36
Accept-Language
nl-NL,nl;q=0.9

Response headers

date
Fri, 03 Dec 2021 16:23:02 GMT
content-type
text/html; charset=utf-8
content-length
6611
server
nginx/1.18.0
last-modified
Tue, 26 Oct 2021 15:52:40 GMT
etag
f46a63e0e4e733d7ddc6f46da00863bf
x-timestamp
1635263559.76455
x-trans-id
txf9973ab5455e4f86ae257-00617824f3
x-openstack-request-id
txf9973ab5455e4f86ae257-00617824f3
cache-control
max-age=172800
access-control-allow-origin
*
access-control-allow-methods
HEAD,GET,POST,PUT,PATCH,DELETE,OPTIONS
access-control-allow-headers
Content-Type,X-Requested-With,X-Auth-Token,X-Openstack-Request-Id,X-Container-Meta-type,X-Container-Meta-Temp-URL-Key,Authorization
access-control-expose-headers
X-Container-Meta-Temp-Url-Key,X-Container-Bytes-Used,Last-Modified,X-Timestamp
expires
Sun, 05 Dec 2021 16:23:02 GMT
vary
Accept-Encoding
x-proxy-cache
HIT
accept-ranges
bytes
dupa.gif
kneeansweras.com/ 		0
0
script.js
123.selornews.com/dannig/common-player-arrow/ 		4 KB
5 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://123.selornews.com/dannig/common-player-arrow/script.js?a=19
Requested by
Host: 517s61.reminews.com
URL: https://517s61.reminews.com/dannig/common-player-arrow/index.html?var=1541501&ymid=21120311234eb45788fda642beaa4c31ccbb&rc=1&mrc=0&fsc=0&zoneid=1601571&tburl=https://play-vids.com/?geo=nl&proxy=true
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
45.133.44.4 Philadelphia, United States, ASN39572 (ADVANCEDHOSTERS-AS, NL),
Reverse DNS
Software
nginx/1.18.0 /
Resource Hash
4d23eca65ee87fd5bce9aaefc863c5f836ad13dbb3069c72533bddfe2054d0d9

Request headers

Accept-Language
nl-NL,nl;q=0.9
Referer
https://517s61.reminews.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date
Fri, 03 Dec 2021 16:23:02 GMT
x-openstack-request-id
tx511d3042704c4fa98c709-00617824f4
x-trans-id
tx511d3042704c4fa98c709-00617824f4
x-timestamp
1631013005.68768
accept-ranges
bytes
expires
Sun, 05 Dec 2021 16:23:02 GMT
last-modified
Tue, 07 Sep 2021 11:10:06 GMT
server
nginx/1.18.0
etag
9d479878f1dadd7ee15cebf73891e8ae
vary
Accept-Encoding
access-control-allow-methods
HEAD,GET,POST,PUT,PATCH,DELETE,OPTIONS
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
access-control-expose-headers
X-Container-Meta-Temp-Url-Key,X-Container-Bytes-Used,Last-Modified,X-Timestamp
cache-control
max-age=172800
content-length
4281
access-control-allow-headers
Content-Type,X-Requested-With,X-Auth-Token,X-Openstack-Request-Id,X-Container-Meta-type,X-Container-Meta-Temp-URL-Key,Authorization
x-proxy-cache
HIT
icon1.png
123.selornews.com/dannig/common-player-arrow/img/ 		7 KB
8 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://123.selornews.com/dannig/common-player-arrow/img/icon1.png
Requested by
Host: 517s61.reminews.com
URL: https://517s61.reminews.com/dannig/common-player-arrow/index.html?var=1541501&ymid=21120311234eb45788fda642beaa4c31ccbb&rc=1&mrc=0&fsc=0&zoneid=1601571&tburl=https://play-vids.com/?geo=nl&proxy=true
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
45.133.44.4 Philadelphia, United States, ASN39572 (ADVANCEDHOSTERS-AS, NL),
Reverse DNS
Software
nginx/1.18.0 /
Resource Hash

Request headers

Accept-Language
nl-NL,nl;q=0.9
Referer
https://517s61.reminews.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date
Fri, 03 Dec 2021 16:23:02 GMT
x-openstack-request-id
tx3a371b7f911d47879e956-00617824f4
x-trans-id
tx3a371b7f911d47879e956-00617824f4
x-timestamp
1621260766.56573
accept-ranges
bytes
expires
Sun, 05 Dec 2021 16:23:02 GMT
last-modified
Mon, 17 May 2021 14:12:47 GMT
server
nginx/1.18.0
etag
3d0ab5834c8bf7134e4d21fa3288317f
vary
Accept-Encoding
access-control-allow-methods
HEAD,GET,POST,PUT,PATCH,DELETE,OPTIONS
content-type
image/png
access-control-allow-origin
*
access-control-expose-headers
X-Container-Meta-Temp-Url-Key,X-Container-Bytes-Used,Last-Modified,X-Timestamp
cache-control
max-age=172800
content-length
7252
access-control-allow-headers
Content-Type,X-Requested-With,X-Auth-Token,X-Openstack-Request-Id,X-Container-Meta-type,X-Container-Meta-Temp-URL-Key,Authorization
x-proxy-cache
HIT
icon2.png
123.selornews.com/dannig/common-player-arrow/img/ 		4 KB
5 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://123.selornews.com/dannig/common-player-arrow/img/icon2.png
Requested by
Host: 517s61.reminews.com
URL: https://517s61.reminews.com/dannig/common-player-arrow/index.html?var=1541501&ymid=21120311234eb45788fda642beaa4c31ccbb&rc=1&mrc=0&fsc=0&zoneid=1601571&tburl=https://play-vids.com/?geo=nl&proxy=true
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
45.133.44.4 Philadelphia, United States, ASN39572 (ADVANCEDHOSTERS-AS, NL),
Reverse DNS
Software
nginx/1.18.0 /
Resource Hash

Request headers

Accept-Language
nl-NL,nl;q=0.9
Referer
https://517s61.reminews.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date
Fri, 03 Dec 2021 16:23:02 GMT
x-openstack-request-id
txa9b08c83d6884e2e94886-00617824f0
x-trans-id
txa9b08c83d6884e2e94886-00617824f0
x-timestamp
1621260766.58366
accept-ranges
bytes
expires
Sun, 05 Dec 2021 16:23:02 GMT
last-modified
Mon, 17 May 2021 14:12:47 GMT
server
nginx/1.18.0
etag
c947d439eb93367f1af5b2a3d222f057
vary
Accept-Encoding
access-control-allow-methods
HEAD,GET,POST,PUT,PATCH,DELETE,OPTIONS
content-type
image/png
access-control-allow-origin
*
access-control-expose-headers
X-Container-Meta-Temp-Url-Key,X-Container-Bytes-Used,Last-Modified,X-Timestamp
cache-control
max-age=172800
content-length
4576
access-control-allow-headers
Content-Type,X-Requested-With,X-Auth-Token,X-Openstack-Request-Id,X-Container-Meta-type,X-Container-Meta-Temp-URL-Key,Authorization
x-proxy-cache
HIT
icon3.png
123.selornews.com/dannig/common-player-arrow/img/ 		8 KB
8 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://123.selornews.com/dannig/common-player-arrow/img/icon3.png
Requested by
Host: 517s61.reminews.com
URL: https://517s61.reminews.com/dannig/common-player-arrow/index.html?var=1541501&ymid=21120311234eb45788fda642beaa4c31ccbb&rc=1&mrc=0&fsc=0&zoneid=1601571&tburl=https://play-vids.com/?geo=nl&proxy=true
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
45.133.44.4 Philadelphia, United States, ASN39572 (ADVANCEDHOSTERS-AS, NL),
Reverse DNS
Software
nginx/1.18.0 /
Resource Hash

Request headers

Accept-Language
nl-NL,nl;q=0.9
Referer
https://517s61.reminews.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date
Fri, 03 Dec 2021 16:23:02 GMT
x-openstack-request-id
txe836bc800dc74cab8c17e-00617824f0
x-trans-id
txe836bc800dc74cab8c17e-00617824f0
x-timestamp
1621260770.61859
accept-ranges
bytes
expires
Sun, 05 Dec 2021 16:23:02 GMT
last-modified
Mon, 17 May 2021 14:12:51 GMT
server
nginx/1.18.0
etag
8f3cc830da0b1fdf66bda7d1d734747b
vary
Accept-Encoding
access-control-allow-methods
HEAD,GET,POST,PUT,PATCH,DELETE,OPTIONS
content-type
image/png
access-control-allow-origin
*
access-control-expose-headers
X-Container-Meta-Temp-Url-Key,X-Container-Bytes-Used,Last-Modified,X-Timestamp
cache-control
max-age=172800
content-length
7847
access-control-allow-headers
Content-Type,X-Requested-With,X-Auth-Token,X-Openstack-Request-Id,X-Container-Meta-type,X-Container-Meta-Temp-URL-Key,Authorization
x-proxy-cache
HIT
icon4.png
123.selornews.com/dannig/common-player-arrow/img/ 		7 KB
7 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://123.selornews.com/dannig/common-player-arrow/img/icon4.png
Requested by
Host: 517s61.reminews.com
URL: https://517s61.reminews.com/dannig/common-player-arrow/index.html?var=1541501&ymid=21120311234eb45788fda642beaa4c31ccbb&rc=1&mrc=0&fsc=0&zoneid=1601571&tburl=https://play-vids.com/?geo=nl&proxy=true
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
45.133.44.4 Philadelphia, United States, ASN39572 (ADVANCEDHOSTERS-AS, NL),
Reverse DNS
Software
nginx/1.18.0 /
Resource Hash

Request headers

Accept-Language
nl-NL,nl;q=0.9
Referer
https://517s61.reminews.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date
Fri, 03 Dec 2021 16:23:02 GMT
x-openstack-request-id
tx15b172dcb6084849bf123-00617824f0
x-trans-id
tx15b172dcb6084849bf123-00617824f0
x-timestamp
1621260766.57654
accept-ranges
bytes
expires
Sun, 05 Dec 2021 16:23:02 GMT
last-modified
Mon, 17 May 2021 14:12:47 GMT
server
nginx/1.18.0
etag
7ad7f32c1c0df7b4975cc41bda4ac435
vary
Accept-Encoding
access-control-allow-methods
HEAD,GET,POST,PUT,PATCH,DELETE,OPTIONS
content-type
image/png
access-control-allow-origin
*
access-control-expose-headers
X-Container-Meta-Temp-Url-Key,X-Container-Bytes-Used,Last-Modified,X-Timestamp
cache-control
max-age=172800
content-length
7032
access-control-allow-headers
Content-Type,X-Requested-With,X-Auth-Token,X-Openstack-Request-Id,X-Container-Meta-type,X-Container-Meta-Temp-URL-Key,Authorization
x-proxy-cache
HIT
icon5.png
123.selornews.com/dannig/common-player-arrow/img/ 		3 KB
4 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://123.selornews.com/dannig/common-player-arrow/img/icon5.png
Requested by
Host: 517s61.reminews.com
URL: https://517s61.reminews.com/dannig/common-player-arrow/index.html?var=1541501&ymid=21120311234eb45788fda642beaa4c31ccbb&rc=1&mrc=0&fsc=0&zoneid=1601571&tburl=https://play-vids.com/?geo=nl&proxy=true
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
45.133.44.4 Philadelphia, United States, ASN39572 (ADVANCEDHOSTERS-AS, NL),
Reverse DNS
Software
nginx/1.18.0 /
Resource Hash

Request headers

Accept-Language
nl-NL,nl;q=0.9
Referer
https://517s61.reminews.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date
Fri, 03 Dec 2021 16:23:02 GMT
x-openstack-request-id
txb5043e51fe2e4d6988631-00617824f0
x-trans-id
txb5043e51fe2e4d6988631-00617824f0
x-timestamp
1621260766.74516
accept-ranges
bytes
expires
Sun, 05 Dec 2021 16:23:02 GMT
last-modified
Mon, 17 May 2021 14:12:47 GMT
server
nginx/1.18.0
etag
1e1a7582b5da63e10485d63f97abc9a0
vary
Accept-Encoding
access-control-allow-methods
HEAD,GET,POST,PUT,PATCH,DELETE,OPTIONS
content-type
image/png
access-control-allow-origin
*
access-control-expose-headers
X-Container-Meta-Temp-Url-Key,X-Container-Bytes-Used,Last-Modified,X-Timestamp
cache-control
max-age=172800
content-length
3264
access-control-allow-headers
Content-Type,X-Requested-With,X-Auth-Token,X-Openstack-Request-Id,X-Container-Meta-type,X-Container-Meta-Temp-URL-Key,Authorization
x-proxy-cache
HIT
icon7.png
123.selornews.com/dannig/common-player-arrow/img/ 		3 KB
4 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://123.selornews.com/dannig/common-player-arrow/img/icon7.png
Requested by
Host: 517s61.reminews.com
URL: https://517s61.reminews.com/dannig/common-player-arrow/index.html?var=1541501&ymid=21120311234eb45788fda642beaa4c31ccbb&rc=1&mrc=0&fsc=0&zoneid=1601571&tburl=https://play-vids.com/?geo=nl&proxy=true
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
45.133.44.4 Philadelphia, United States, ASN39572 (ADVANCEDHOSTERS-AS, NL),
Reverse DNS
Software
nginx/1.18.0 /
Resource Hash

Request headers

Accept-Language
nl-NL,nl;q=0.9
Referer
https://517s61.reminews.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date
Fri, 03 Dec 2021 16:23:02 GMT
x-openstack-request-id
tx23eb648f44094a9e86fdc-00617824f0
x-trans-id
tx23eb648f44094a9e86fdc-00617824f0
x-timestamp
1621260767.43555
accept-ranges
bytes
expires
Sun, 05 Dec 2021 16:23:02 GMT
last-modified
Mon, 17 May 2021 14:12:48 GMT
server
nginx/1.18.0
etag
b512735542cb07b3b2dcf153a7dfe456
vary
Accept-Encoding
access-control-allow-methods
HEAD,GET,POST,PUT,PATCH,DELETE,OPTIONS
content-type
image/png
access-control-allow-origin
*
access-control-expose-headers
X-Container-Meta-Temp-Url-Key,X-Container-Bytes-Used,Last-Modified,X-Timestamp
cache-control
max-age=172800
content-length
3283
access-control-allow-headers
Content-Type,X-Requested-With,X-Auth-Token,X-Openstack-Request-Id,X-Container-Meta-type,X-Container-Meta-Temp-URL-Key,Authorization
x-proxy-cache
HIT
icon8.png
123.selornews.com/dannig/common-player-arrow/img/ 		4 KB
5 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://123.selornews.com/dannig/common-player-arrow/img/icon8.png
Requested by
Host: 517s61.reminews.com
URL: https://517s61.reminews.com/dannig/common-player-arrow/index.html?var=1541501&ymid=21120311234eb45788fda642beaa4c31ccbb&rc=1&mrc=0&fsc=0&zoneid=1601571&tburl=https://play-vids.com/?geo=nl&proxy=true
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
45.133.44.4 Philadelphia, United States, ASN39572 (ADVANCEDHOSTERS-AS, NL),
Reverse DNS
Software
nginx/1.18.0 /
Resource Hash

Request headers

Accept-Language
nl-NL,nl;q=0.9
Referer
https://517s61.reminews.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date
Fri, 03 Dec 2021 16:23:02 GMT
x-openstack-request-id
tx287de7c84de84b77b385d-00617824f0
x-trans-id
tx287de7c84de84b77b385d-00617824f0
x-timestamp
1621260767.46514
accept-ranges
bytes
expires
Sun, 05 Dec 2021 16:23:02 GMT
last-modified
Mon, 17 May 2021 14:12:48 GMT
server
nginx/1.18.0
etag
f92d6474ebc6a3a0b576749cfb4afe98
vary
Accept-Encoding
access-control-allow-methods
HEAD,GET,POST,PUT,PATCH,DELETE,OPTIONS
content-type
image/png
access-control-allow-origin
*
access-control-expose-headers
X-Container-Meta-Temp-Url-Key,X-Container-Bytes-Used,Last-Modified,X-Timestamp
cache-control
max-age=172800
content-length
4064
access-control-allow-headers
Content-Type,X-Requested-With,X-Auth-Token,X-Openstack-Request-Id,X-Container-Meta-type,X-Container-Meta-Temp-URL-Key,Authorization
x-proxy-cache
HIT
afu.php
kneeansweras.com/ 		2 KB
1 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://kneeansweras.com/afu.php?zoneid=1541502&var=1541501
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
109.206.162.83 , Netherlands, ASN50245 (SERVEREL-AS, NL),
Reverse DNS
83.162.serverel.net
Software
nginx /
Resource Hash
f460be9dcfb0848ef9fdc018b36d8537045d8d6a73b737364bd49fc848b6e96d

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36
Accept-Language
nl-NL,nl;q=0.9

Response headers

server
nginx
date
Fri, 03 Dec 2021 16:23:02 GMT
content-type
text/html; charset=utf-8
vary
Accept-Encoding
content-encoding
gzip
timing-allow-origin
*
submit.min.js
kneeansweras.com/ 		34 KB
14 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://kneeansweras.com/submit.min.js?2.0
Requested by
Host: kneeansweras.com
URL: https://kneeansweras.com/afu.php?zoneid=1541502&var=1541501
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
109.206.162.83 , Netherlands, ASN50245 (SERVEREL-AS, NL),
Reverse DNS
83.162.serverel.net
Software
nginx /
Resource Hash
85a367f436675a0f9ff723ab117c68ab0f704cd9f183bc40c8d5e06d647832b8

Request headers

Accept-Language
nl-NL,nl;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date
Fri, 03 Dec 2021 16:23:02 GMT
content-encoding
gzip
last-modified
Thu, 02 Dec 2021 12:43:17 GMT
server
nginx
etag
W/"61a8bf65-87fb"
vary
Accept-Encoding
content-type
application/javascript
timing-allow-origin
*
/
kneeansweras.com/ 		3 KB
2 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://kneeansweras.com/?r=dir&zoneid=1541502&var=1541501&pb=94861bd26ff71adbec89567b22a2ae001638555782&psp=6s0NU5mAUhzfNyUCcjrwyaJ6zDCxcB-p8Nw4XzrQhC6EhoKRRYDr5NjZk32cmD6DGLP48yAMRoLAvsPMZACNXABfNYgv0sitlgTP-tvQ2r9U2Wh9nzZ4EzBTpNxnQSbwK9E3vTApmHPNWovazhrxGDNi36hRN9YYJXzaNll5S-_xYB2eeWTVLFwnL0WnZeHI7KggzqtMPhF4Au1_xMf-VUh4mVNenWuyeqgM0ztrRTb_3UgDLCvZqv4qglfXLoXHPHvwqGzykkOLKQ42wafWkAVGqai2db9ELwWUR3SuzWlMamgQsH9sVzp-1IO-hMH3BN-4XzRCrbar6DXx0KqGuNtQSPBv8MH0u_647bS8t3BFoT6RIfR7-ZGaj-RG7JLlymVNysjb5Uk7NudhWY4XsmOuuYe7-FW_M2W3o0vEEhDJOBAixLi4lZEt5f8Rad17GQi8jazpf0LmpHSIIxnhmzWVU9lGy5cbKfFxW_rvpDJ1Fsnm3GMVROIW7DeMFgRyBCPZE_37z8-TqfGC8bP9YnIuRKFccbHSM1CV0swVVwbnGokg6CXAl2Nwv5TLkmG36z2YVZ3sPqOTZtrH1TRBzAlvOtpH-SNuN9yRVaXlVY8ps2t5I127lsnSd-rCKypguEJhkGNlA1THpM6mP74GLMwhHlJe8rp-iaKaK_PZbOZqdDr8SqVFyw==&nojs=0&ix=0&t=0&x=1600&y=1200&wcks=1&wgl=1&cnvs=1&os=0&md=0&bb=0&pl=Chrome%20PDF%20Plugin::Chrome%20PDF%20Viewer::Native%20Client&lang=en-US&pf=Linux%20x86_64&cd=24&0&pload=104
Requested by
Host: kneeansweras.com
URL: https://kneeansweras.com/submit.min.js?2.0
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
109.206.162.83 , Netherlands, ASN50245 (SERVEREL-AS, NL),
Reverse DNS
83.162.serverel.net
Software
nginx /
Resource Hash
b3b93fed9ff0848c6b948b6101630973df416e8277a06e0345db1146dadd1234

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36
Accept-Language
nl-NL,nl;q=0.9

Response headers

server
nginx
date
Fri, 03 Dec 2021 16:23:02 GMT
content-type
text/html; charset=utf-8
vary
Accept-Encoding
content-encoding
gzip
timing-allow-origin
*
index.html
517s61.reminews.com/dannig/common-player-arrow/ 		6 KB
7 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://517s61.reminews.com/dannig/common-player-arrow/index.html?var=1541502&ymid=2112031123c4f58ed1fb0f4e7fb3f781ca24&rc=1&mrc=0&fsc=0&zoneid=1601571&tburl=https://play-vids.com/?geo=nl&proxy=true
Requested by
Host: kneeansweras.com
URL: https://kneeansweras.com/?r=dir&zoneid=1541502&var=1541501&pb=94861bd26ff71adbec89567b22a2ae001638555782&psp=6s0NU5mAUhzfNyUCcjrwyaJ6zDCxcB-p8Nw4XzrQhC6EhoKRRYDr5NjZk32cmD6DGLP48yAMRoLAvsPMZACNXABfNYgv0sitlgTP-tvQ2r9U2Wh9nzZ4EzBTpNxnQSbwK9E3vTApmHPNWovazhrxGDNi36hRN9YYJXzaNll5S-_xYB2eeWTVLFwnL0WnZeHI7KggzqtMPhF4Au1_xMf-VUh4mVNenWuyeqgM0ztrRTb_3UgDLCvZqv4qglfXLoXHPHvwqGzykkOLKQ42wafWkAVGqai2db9ELwWUR3SuzWlMamgQsH9sVzp-1IO-hMH3BN-4XzRCrbar6DXx0KqGuNtQSPBv8MH0u_647bS8t3BFoT6RIfR7-ZGaj-RG7JLlymVNysjb5Uk7NudhWY4XsmOuuYe7-FW_M2W3o0vEEhDJOBAixLi4lZEt5f8Rad17GQi8jazpf0LmpHSIIxnhmzWVU9lGy5cbKfFxW_rvpDJ1Fsnm3GMVROIW7DeMFgRyBCPZE_37z8-TqfGC8bP9YnIuRKFccbHSM1CV0swVVwbnGokg6CXAl2Nwv5TLkmG36z2YVZ3sPqOTZtrH1TRBzAlvOtpH-SNuN9yRVaXlVY8ps2t5I127lsnSd-rCKypguEJhkGNlA1THpM6mP74GLMwhHlJe8rp-iaKaK_PZbOZqdDr8SqVFyw==&nojs=0&ix=0&t=0&x=1600&y=1200&wcks=1&wgl=1&cnvs=1&os=0&md=0&bb=0&pl=Chrome%20PDF%20Plugin::Chrome%20PDF%20Viewer::Native%20Client&lang=en-US&pf=Linux%20x86_64&cd=24&0&pload=104
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
45.133.44.3 Philadelphia, United States, ASN39572 (ADVANCEDHOSTERS-AS, NL),
Reverse DNS
Software
nginx/1.18.0 /
Resource Hash
dccc56b4834577790633f041a5c730b0f283352e63c8509a9da3961b170b6f96

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36
Accept-Language
nl-NL,nl;q=0.9

Response headers

date
Fri, 03 Dec 2021 16:23:02 GMT
content-type
text/html; charset=utf-8
content-length
6611
server
nginx/1.18.0
last-modified
Tue, 26 Oct 2021 15:52:40 GMT
etag
f46a63e0e4e733d7ddc6f46da00863bf
x-timestamp
1635263559.76455
x-trans-id
txf9973ab5455e4f86ae257-00617824f3
x-openstack-request-id
txf9973ab5455e4f86ae257-00617824f3
cache-control
max-age=172800
access-control-allow-origin
*
access-control-allow-methods
HEAD,GET,POST,PUT,PATCH,DELETE,OPTIONS
access-control-allow-headers
Content-Type,X-Requested-With,X-Auth-Token,X-Openstack-Request-Id,X-Container-Meta-type,X-Container-Meta-Temp-URL-Key,Authorization
access-control-expose-headers
X-Container-Meta-Temp-Url-Key,X-Container-Bytes-Used,Last-Modified,X-Timestamp
expires
Sun, 05 Dec 2021 16:23:02 GMT
vary
Accept-Encoding
x-proxy-cache
HIT
accept-ranges
bytes
dupa.gif
kneeansweras.com/ 		0
0
script.js
123.selornews.com/dannig/common-player-arrow/ 		4 KB
5 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://123.selornews.com/dannig/common-player-arrow/script.js?a=19
Requested by
Host: 517s61.reminews.com
URL: https://517s61.reminews.com/dannig/common-player-arrow/index.html?var=1541502&ymid=2112031123c4f58ed1fb0f4e7fb3f781ca24&rc=1&mrc=0&fsc=0&zoneid=1601571&tburl=https://play-vids.com/?geo=nl&proxy=true
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
45.133.44.4 Philadelphia, United States, ASN39572 (ADVANCEDHOSTERS-AS, NL),
Reverse DNS
Software
nginx/1.18.0 /
Resource Hash
4d23eca65ee87fd5bce9aaefc863c5f836ad13dbb3069c72533bddfe2054d0d9

Request headers

Accept-Language
nl-NL,nl;q=0.9
Referer
https://517s61.reminews.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date
Fri, 03 Dec 2021 16:23:02 GMT
x-openstack-request-id
tx511d3042704c4fa98c709-00617824f4
x-trans-id
tx511d3042704c4fa98c709-00617824f4
x-timestamp
1631013005.68768
accept-ranges
bytes
expires
Sun, 05 Dec 2021 16:23:02 GMT
last-modified
Tue, 07 Sep 2021 11:10:06 GMT
server
nginx/1.18.0
etag
9d479878f1dadd7ee15cebf73891e8ae
vary
Accept-Encoding
access-control-allow-methods
HEAD,GET,POST,PUT,PATCH,DELETE,OPTIONS
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
access-control-expose-headers
X-Container-Meta-Temp-Url-Key,X-Container-Bytes-Used,Last-Modified,X-Timestamp
cache-control
max-age=172800
content-length
4281
access-control-allow-headers
Content-Type,X-Requested-With,X-Auth-Token,X-Openstack-Request-Id,X-Container-Meta-type,X-Container-Meta-Temp-URL-Key,Authorization
x-proxy-cache
HIT
icon1.png
123.selornews.com/dannig/common-player-arrow/img/ 		7 KB
8 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://123.selornews.com/dannig/common-player-arrow/img/icon1.png
Requested by
Host: 517s61.reminews.com
URL: https://517s61.reminews.com/dannig/common-player-arrow/index.html?var=1541502&ymid=2112031123c4f58ed1fb0f4e7fb3f781ca24&rc=1&mrc=0&fsc=0&zoneid=1601571&tburl=https://play-vids.com/?geo=nl&proxy=true
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
45.133.44.4 Philadelphia, United States, ASN39572 (ADVANCEDHOSTERS-AS, NL),
Reverse DNS
Software
nginx/1.18.0 /
Resource Hash

Request headers

Accept-Language
nl-NL,nl;q=0.9
Referer
https://517s61.reminews.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date
Fri, 03 Dec 2021 16:23:02 GMT
x-openstack-request-id
tx3a371b7f911d47879e956-00617824f4
x-trans-id
tx3a371b7f911d47879e956-00617824f4
x-timestamp
1621260766.56573
accept-ranges
bytes
expires
Sun, 05 Dec 2021 16:23:02 GMT
last-modified
Mon, 17 May 2021 14:12:47 GMT
server
nginx/1.18.0
etag
3d0ab5834c8bf7134e4d21fa3288317f
vary
Accept-Encoding
access-control-allow-methods
HEAD,GET,POST,PUT,PATCH,DELETE,OPTIONS
content-type
image/png
access-control-allow-origin
*
access-control-expose-headers
X-Container-Meta-Temp-Url-Key,X-Container-Bytes-Used,Last-Modified,X-Timestamp
cache-control
max-age=172800
content-length
7252
access-control-allow-headers
Content-Type,X-Requested-With,X-Auth-Token,X-Openstack-Request-Id,X-Container-Meta-type,X-Container-Meta-Temp-URL-Key,Authorization
x-proxy-cache
HIT
icon2.png
123.selornews.com/dannig/common-player-arrow/img/ 		4 KB
5 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://123.selornews.com/dannig/common-player-arrow/img/icon2.png
Requested by
Host: 517s61.reminews.com
URL: https://517s61.reminews.com/dannig/common-player-arrow/index.html?var=1541502&ymid=2112031123c4f58ed1fb0f4e7fb3f781ca24&rc=1&mrc=0&fsc=0&zoneid=1601571&tburl=https://play-vids.com/?geo=nl&proxy=true
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
45.133.44.4 Philadelphia, United States, ASN39572 (ADVANCEDHOSTERS-AS, NL),
Reverse DNS
Software
nginx/1.18.0 /
Resource Hash

Request headers

Accept-Language
nl-NL,nl;q=0.9
Referer
https://517s61.reminews.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date
Fri, 03 Dec 2021 16:23:02 GMT
x-openstack-request-id
txa9b08c83d6884e2e94886-00617824f0
x-trans-id
txa9b08c83d6884e2e94886-00617824f0
x-timestamp
1621260766.58366
accept-ranges
bytes
expires
Sun, 05 Dec 2021 16:23:02 GMT
last-modified
Mon, 17 May 2021 14:12:47 GMT
server
nginx/1.18.0
etag
c947d439eb93367f1af5b2a3d222f057
vary
Accept-Encoding
access-control-allow-methods
HEAD,GET,POST,PUT,PATCH,DELETE,OPTIONS
content-type
image/png
access-control-allow-origin
*
access-control-expose-headers
X-Container-Meta-Temp-Url-Key,X-Container-Bytes-Used,Last-Modified,X-Timestamp
cache-control
max-age=172800
content-length
4576
access-control-allow-headers
Content-Type,X-Requested-With,X-Auth-Token,X-Openstack-Request-Id,X-Container-Meta-type,X-Container-Meta-Temp-URL-Key,Authorization
x-proxy-cache
HIT
icon3.png
123.selornews.com/dannig/common-player-arrow/img/ 		8 KB
8 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://123.selornews.com/dannig/common-player-arrow/img/icon3.png
Requested by
Host: 517s61.reminews.com
URL: https://517s61.reminews.com/dannig/common-player-arrow/index.html?var=1541502&ymid=2112031123c4f58ed1fb0f4e7fb3f781ca24&rc=1&mrc=0&fsc=0&zoneid=1601571&tburl=https://play-vids.com/?geo=nl&proxy=true
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
45.133.44.4 Philadelphia, United States, ASN39572 (ADVANCEDHOSTERS-AS, NL),
Reverse DNS
Software
nginx/1.18.0 /
Resource Hash

Request headers

Accept-Language
nl-NL,nl;q=0.9
Referer
https://517s61.reminews.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date
Fri, 03 Dec 2021 16:23:02 GMT
x-openstack-request-id
txe836bc800dc74cab8c17e-00617824f0
x-trans-id
txe836bc800dc74cab8c17e-00617824f0
x-timestamp
1621260770.61859
accept-ranges
bytes
expires
Sun, 05 Dec 2021 16:23:02 GMT
last-modified
Mon, 17 May 2021 14:12:51 GMT
server
nginx/1.18.0
etag
8f3cc830da0b1fdf66bda7d1d734747b
vary
Accept-Encoding
access-control-allow-methods
HEAD,GET,POST,PUT,PATCH,DELETE,OPTIONS
content-type
image/png
access-control-allow-origin
*
access-control-expose-headers
X-Container-Meta-Temp-Url-Key,X-Container-Bytes-Used,Last-Modified,X-Timestamp
cache-control
max-age=172800
content-length
7847
access-control-allow-headers
Content-Type,X-Requested-With,X-Auth-Token,X-Openstack-Request-Id,X-Container-Meta-type,X-Container-Meta-Temp-URL-Key,Authorization
x-proxy-cache
HIT
icon4.png
123.selornews.com/dannig/common-player-arrow/img/ 		7 KB
7 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://123.selornews.com/dannig/common-player-arrow/img/icon4.png
Requested by
Host: 517s61.reminews.com
URL: https://517s61.reminews.com/dannig/common-player-arrow/index.html?var=1541502&ymid=2112031123c4f58ed1fb0f4e7fb3f781ca24&rc=1&mrc=0&fsc=0&zoneid=1601571&tburl=https://play-vids.com/?geo=nl&proxy=true
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
45.133.44.4 Philadelphia, United States, ASN39572 (ADVANCEDHOSTERS-AS, NL),
Reverse DNS
Software
nginx/1.18.0 /
Resource Hash

Request headers

Accept-Language
nl-NL,nl;q=0.9
Referer
https://517s61.reminews.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date
Fri, 03 Dec 2021 16:23:02 GMT
x-openstack-request-id
tx15b172dcb6084849bf123-00617824f0
x-trans-id
tx15b172dcb6084849bf123-00617824f0
x-timestamp
1621260766.57654
accept-ranges
bytes
expires
Sun, 05 Dec 2021 16:23:02 GMT
last-modified
Mon, 17 May 2021 14:12:47 GMT
server
nginx/1.18.0
etag
7ad7f32c1c0df7b4975cc41bda4ac435
vary
Accept-Encoding
access-control-allow-methods
HEAD,GET,POST,PUT,PATCH,DELETE,OPTIONS
content-type
image/png
access-control-allow-origin
*
access-control-expose-headers
X-Container-Meta-Temp-Url-Key,X-Container-Bytes-Used,Last-Modified,X-Timestamp
cache-control
max-age=172800
content-length
7032
access-control-allow-headers
Content-Type,X-Requested-With,X-Auth-Token,X-Openstack-Request-Id,X-Container-Meta-type,X-Container-Meta-Temp-URL-Key,Authorization
x-proxy-cache
HIT
icon5.png
123.selornews.com/dannig/common-player-arrow/img/ 		3 KB
4 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://123.selornews.com/dannig/common-player-arrow/img/icon5.png
Requested by
Host: 517s61.reminews.com
URL: https://517s61.reminews.com/dannig/common-player-arrow/index.html?var=1541502&ymid=2112031123c4f58ed1fb0f4e7fb3f781ca24&rc=1&mrc=0&fsc=0&zoneid=1601571&tburl=https://play-vids.com/?geo=nl&proxy=true
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
45.133.44.4 Philadelphia, United States, ASN39572 (ADVANCEDHOSTERS-AS, NL),
Reverse DNS
Software
nginx/1.18.0 /
Resource Hash

Request headers

Accept-Language
nl-NL,nl;q=0.9
Referer
https://517s61.reminews.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date
Fri, 03 Dec 2021 16:23:02 GMT
x-openstack-request-id
txb5043e51fe2e4d6988631-00617824f0
x-trans-id
txb5043e51fe2e4d6988631-00617824f0
x-timestamp
1621260766.74516
accept-ranges
bytes
expires
Sun, 05 Dec 2021 16:23:02 GMT
last-modified
Mon, 17 May 2021 14:12:47 GMT
server
nginx/1.18.0
etag
1e1a7582b5da63e10485d63f97abc9a0
vary
Accept-Encoding
access-control-allow-methods
HEAD,GET,POST,PUT,PATCH,DELETE,OPTIONS
content-type
image/png
access-control-allow-origin
*
access-control-expose-headers
X-Container-Meta-Temp-Url-Key,X-Container-Bytes-Used,Last-Modified,X-Timestamp
cache-control
max-age=172800
content-length
3264
access-control-allow-headers
Content-Type,X-Requested-With,X-Auth-Token,X-Openstack-Request-Id,X-Container-Meta-type,X-Container-Meta-Temp-URL-Key,Authorization
x-proxy-cache
HIT
icon7.png
123.selornews.com/dannig/common-player-arrow/img/ 		3 KB
4 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://123.selornews.com/dannig/common-player-arrow/img/icon7.png
Requested by
Host: 517s61.reminews.com
URL: https://517s61.reminews.com/dannig/common-player-arrow/index.html?var=1541502&ymid=2112031123c4f58ed1fb0f4e7fb3f781ca24&rc=1&mrc=0&fsc=0&zoneid=1601571&tburl=https://play-vids.com/?geo=nl&proxy=true
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
45.133.44.4 Philadelphia, United States, ASN39572 (ADVANCEDHOSTERS-AS, NL),
Reverse DNS
Software
nginx/1.18.0 /
Resource Hash

Request headers

Accept-Language
nl-NL,nl;q=0.9
Referer
https://517s61.reminews.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date
Fri, 03 Dec 2021 16:23:02 GMT
x-openstack-request-id
tx23eb648f44094a9e86fdc-00617824f0
x-trans-id
tx23eb648f44094a9e86fdc-00617824f0
x-timestamp
1621260767.43555
accept-ranges
bytes
expires
Sun, 05 Dec 2021 16:23:02 GMT
last-modified
Mon, 17 May 2021 14:12:48 GMT
server
nginx/1.18.0
etag
b512735542cb07b3b2dcf153a7dfe456
vary
Accept-Encoding
access-control-allow-methods
HEAD,GET,POST,PUT,PATCH,DELETE,OPTIONS
content-type
image/png
access-control-allow-origin
*
access-control-expose-headers
X-Container-Meta-Temp-Url-Key,X-Container-Bytes-Used,Last-Modified,X-Timestamp
cache-control
max-age=172800
content-length
3283
access-control-allow-headers
Content-Type,X-Requested-With,X-Auth-Token,X-Openstack-Request-Id,X-Container-Meta-type,X-Container-Meta-Temp-URL-Key,Authorization
x-proxy-cache
HIT
icon8.png
123.selornews.com/dannig/common-player-arrow/img/ 		4 KB
5 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://123.selornews.com/dannig/common-player-arrow/img/icon8.png
Requested by
Host: 517s61.reminews.com
URL: https://517s61.reminews.com/dannig/common-player-arrow/index.html?var=1541502&ymid=2112031123c4f58ed1fb0f4e7fb3f781ca24&rc=1&mrc=0&fsc=0&zoneid=1601571&tburl=https://play-vids.com/?geo=nl&proxy=true
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
45.133.44.4 Philadelphia, United States, ASN39572 (ADVANCEDHOSTERS-AS, NL),
Reverse DNS
Software
nginx/1.18.0 /
Resource Hash

Request headers

Accept-Language
nl-NL,nl;q=0.9
Referer
https://517s61.reminews.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date
Fri, 03 Dec 2021 16:23:02 GMT
x-openstack-request-id
tx287de7c84de84b77b385d-00617824f0
x-trans-id
tx287de7c84de84b77b385d-00617824f0
x-timestamp
1621260767.46514
accept-ranges
bytes
expires
Sun, 05 Dec 2021 16:23:02 GMT
last-modified
Mon, 17 May 2021 14:12:48 GMT
server
nginx/1.18.0
etag
f92d6474ebc6a3a0b576749cfb4afe98
vary
Accept-Encoding
access-control-allow-methods
HEAD,GET,POST,PUT,PATCH,DELETE,OPTIONS
content-type
image/png
access-control-allow-origin
*
access-control-expose-headers
X-Container-Meta-Temp-Url-Key,X-Container-Bytes-Used,Last-Modified,X-Timestamp
cache-control
max-age=172800
content-length
4064
access-control-allow-headers
Content-Type,X-Requested-With,X-Auth-Token,X-Openstack-Request-Id,X-Container-Meta-type,X-Container-Meta-Temp-URL-Key,Authorization
x-proxy-cache
HIT
afu.php
kneeansweras.com/ 		2 KB
1 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://kneeansweras.com/afu.php?zoneid=1541501&var=1541502
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
109.206.162.83 , Netherlands, ASN50245 (SERVEREL-AS, NL),
Reverse DNS
83.162.serverel.net
Software
nginx /
Resource Hash
6b6adc79b6fde8079e1e7c2e883331892fcbbc8d845f045b24566f72521cf4df

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36
Accept-Language
nl-NL,nl;q=0.9

Response headers

server
nginx
date
Fri, 03 Dec 2021 16:23:02 GMT
content-type
text/html; charset=utf-8
vary
Accept-Encoding
content-encoding
gzip
timing-allow-origin
*
submit.min.js
kneeansweras.com/ 		34 KB
14 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://kneeansweras.com/submit.min.js?2.0
Requested by
Host: kneeansweras.com
URL: https://kneeansweras.com/afu.php?zoneid=1541501&var=1541502
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
109.206.162.83 , Netherlands, ASN50245 (SERVEREL-AS, NL),
Reverse DNS
83.162.serverel.net
Software
nginx /
Resource Hash
85a367f436675a0f9ff723ab117c68ab0f704cd9f183bc40c8d5e06d647832b8

Request headers

Accept-Language
nl-NL,nl;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date
Fri, 03 Dec 2021 16:23:02 GMT
content-encoding
gzip
last-modified
Thu, 02 Dec 2021 12:43:17 GMT
server
nginx
etag
W/"61a8bf65-87fb"
vary
Accept-Encoding
content-type
application/javascript
timing-allow-origin
*
/
kneeansweras.com/ 		3 KB
2 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://kneeansweras.com/?r=dir&zoneid=1541501&var=1541502&pb=94861bd26ff71adbec89567b22a2ae001638555782&psp=pt3KNwBUFa6Oyfvm0fxENSVQPhJmN997GzCkDl1udnWh4QoI53szgWs3hTZUCflCln-nzW82h4n21CwxQaB4r1K_otSXWSM9N4sil4PAsmgrKxEbJtobuKTsRLGIdIoLDdRdlH-5XxqCVFweb1ayZPMCp5n-OzJAa5KNSTnuJODM9tfBk8q-tIGbKvcrdh1pDq_gefh8Zsl_tkTDgByOu34wr8xDU8STInEuJaHJGUKo7ovFkQqYO2jMvevsVqMZHlcfL6CYxSvIOBJminB9DZjYZvAh0h1siYzF3EVkRxmKifbD2dEqNW7F1-2AhYSOjn3i5h43nf5GyzpCIFLBVQ4QqF35Iy31LTchEbiiWGbAB-5HnO673NVVFdfslo937kBYCzb310vUkYf_fTNsQ4p6ApLIiXbYfwzXFksSNGp9D6-j-D6GRV9ZQXkQ3-NTfrLztKwKc7eSdof97fx4-DO7aZuYtmukLWi6whQEmfeDqbXfgtfVq3qM1wRgYeKHkazgkTeu3ToTxcnvlfqTyX8BfrqIRXssPH0OQIprM8c66jQz5Wb0V3JZ3LfSx2k63DjPK3-arAi76tgnOYWQKVNUGhAryE_4LD9m-0qkBEc1Hpb-4jfJmlW3x_aIkRAFDfg0Zl8ERzq3Rd2ydRe7VzN1nN354etgoC-TyAX_4MkS30CyLfszOA==&nojs=0&ix=0&t=0&x=1600&y=1200&wcks=1&wgl=1&cnvs=1&os=0&md=0&bb=0&pl=Chrome%20PDF%20Plugin::Chrome%20PDF%20Viewer::Native%20Client&lang=en-US&pf=Linux%20x86_64&cd=24&0&pload=103
Requested by
Host: kneeansweras.com
URL: https://kneeansweras.com/submit.min.js?2.0
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
109.206.162.83 , Netherlands, ASN50245 (SERVEREL-AS, NL),
Reverse DNS
83.162.serverel.net
Software
nginx /
Resource Hash
f31c4410a219fa581d0ca4a220bb898bf0956bfe04b6865f393be06c24f90fdd

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36
Accept-Language
nl-NL,nl;q=0.9

Response headers

server
nginx
date
Fri, 03 Dec 2021 16:23:02 GMT
content-type
text/html; charset=utf-8
vary
Accept-Encoding
content-encoding
gzip
timing-allow-origin
*
index.html
517s61.reminews.com/dannig/common-player-arrow/ 		6 KB
7 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://517s61.reminews.com/dannig/common-player-arrow/index.html?var=1541501&ymid=2112031123a8a6adb529944b1da167d7df57&rc=1&mrc=0&fsc=0&zoneid=1601571&tburl=https://play-vids.com/?geo=nl&proxy=true
Requested by
Host: kneeansweras.com
URL: https://kneeansweras.com/?r=dir&zoneid=1541501&var=1541502&pb=94861bd26ff71adbec89567b22a2ae001638555782&psp=pt3KNwBUFa6Oyfvm0fxENSVQPhJmN997GzCkDl1udnWh4QoI53szgWs3hTZUCflCln-nzW82h4n21CwxQaB4r1K_otSXWSM9N4sil4PAsmgrKxEbJtobuKTsRLGIdIoLDdRdlH-5XxqCVFweb1ayZPMCp5n-OzJAa5KNSTnuJODM9tfBk8q-tIGbKvcrdh1pDq_gefh8Zsl_tkTDgByOu34wr8xDU8STInEuJaHJGUKo7ovFkQqYO2jMvevsVqMZHlcfL6CYxSvIOBJminB9DZjYZvAh0h1siYzF3EVkRxmKifbD2dEqNW7F1-2AhYSOjn3i5h43nf5GyzpCIFLBVQ4QqF35Iy31LTchEbiiWGbAB-5HnO673NVVFdfslo937kBYCzb310vUkYf_fTNsQ4p6ApLIiXbYfwzXFksSNGp9D6-j-D6GRV9ZQXkQ3-NTfrLztKwKc7eSdof97fx4-DO7aZuYtmukLWi6whQEmfeDqbXfgtfVq3qM1wRgYeKHkazgkTeu3ToTxcnvlfqTyX8BfrqIRXssPH0OQIprM8c66jQz5Wb0V3JZ3LfSx2k63DjPK3-arAi76tgnOYWQKVNUGhAryE_4LD9m-0qkBEc1Hpb-4jfJmlW3x_aIkRAFDfg0Zl8ERzq3Rd2ydRe7VzN1nN354etgoC-TyAX_4MkS30CyLfszOA==&nojs=0&ix=0&t=0&x=1600&y=1200&wcks=1&wgl=1&cnvs=1&os=0&md=0&bb=0&pl=Chrome%20PDF%20Plugin::Chrome%20PDF%20Viewer::Native%20Client&lang=en-US&pf=Linux%20x86_64&cd=24&0&pload=103
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
45.133.44.3 Philadelphia, United States, ASN39572 (ADVANCEDHOSTERS-AS, NL),
Reverse DNS
Software
nginx/1.18.0 /
Resource Hash
dccc56b4834577790633f041a5c730b0f283352e63c8509a9da3961b170b6f96

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36
Accept-Language
nl-NL,nl;q=0.9

Response headers

date
Fri, 03 Dec 2021 16:23:02 GMT
content-type
text/html; charset=utf-8
content-length
6611
server
nginx/1.18.0
last-modified
Tue, 26 Oct 2021 15:52:40 GMT
etag
f46a63e0e4e733d7ddc6f46da00863bf
x-timestamp
1635263559.76455
x-trans-id
txf9973ab5455e4f86ae257-00617824f3
x-openstack-request-id
txf9973ab5455e4f86ae257-00617824f3
cache-control
max-age=172800
access-control-allow-origin
*
access-control-allow-methods
HEAD,GET,POST,PUT,PATCH,DELETE,OPTIONS
access-control-allow-headers
Content-Type,X-Requested-With,X-Auth-Token,X-Openstack-Request-Id,X-Container-Meta-type,X-Container-Meta-Temp-URL-Key,Authorization
access-control-expose-headers
X-Container-Meta-Temp-Url-Key,X-Container-Bytes-Used,Last-Modified,X-Timestamp
expires
Sun, 05 Dec 2021 16:23:02 GMT
vary
Accept-Encoding
x-proxy-cache
HIT
accept-ranges
bytes
dupa.gif
kneeansweras.com/ 		0
0
script.js
123.selornews.com/dannig/common-player-arrow/ 		4 KB
5 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://123.selornews.com/dannig/common-player-arrow/script.js?a=19
Requested by
Host: 517s61.reminews.com
URL: https://517s61.reminews.com/dannig/common-player-arrow/index.html?var=1541501&ymid=2112031123a8a6adb529944b1da167d7df57&rc=1&mrc=0&fsc=0&zoneid=1601571&tburl=https://play-vids.com/?geo=nl&proxy=true
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
45.133.44.4 Philadelphia, United States, ASN39572 (ADVANCEDHOSTERS-AS, NL),
Reverse DNS
Software
nginx/1.18.0 /
Resource Hash
4d23eca65ee87fd5bce9aaefc863c5f836ad13dbb3069c72533bddfe2054d0d9

Request headers

Accept-Language
nl-NL,nl;q=0.9
Referer
https://517s61.reminews.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date
Fri, 03 Dec 2021 16:23:02 GMT
x-openstack-request-id
tx511d3042704c4fa98c709-00617824f4
x-trans-id
tx511d3042704c4fa98c709-00617824f4
x-timestamp
1631013005.68768
accept-ranges
bytes
expires
Sun, 05 Dec 2021 16:23:02 GMT
last-modified
Tue, 07 Sep 2021 11:10:06 GMT
server
nginx/1.18.0
etag
9d479878f1dadd7ee15cebf73891e8ae
vary
Accept-Encoding
access-control-allow-methods
HEAD,GET,POST,PUT,PATCH,DELETE,OPTIONS
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
access-control-expose-headers
X-Container-Meta-Temp-Url-Key,X-Container-Bytes-Used,Last-Modified,X-Timestamp
cache-control
max-age=172800
content-length
4281
access-control-allow-headers
Content-Type,X-Requested-With,X-Auth-Token,X-Openstack-Request-Id,X-Container-Meta-type,X-Container-Meta-Temp-URL-Key,Authorization
x-proxy-cache
HIT
icon1.png
123.selornews.com/dannig/common-player-arrow/img/ 		7 KB
8 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://123.selornews.com/dannig/common-player-arrow/img/icon1.png
Requested by
Host: 517s61.reminews.com
URL: https://517s61.reminews.com/dannig/common-player-arrow/index.html?var=1541501&ymid=2112031123a8a6adb529944b1da167d7df57&rc=1&mrc=0&fsc=0&zoneid=1601571&tburl=https://play-vids.com/?geo=nl&proxy=true
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
45.133.44.4 Philadelphia, United States, ASN39572 (ADVANCEDHOSTERS-AS, NL),
Reverse DNS
Software
nginx/1.18.0 /
Resource Hash

Request headers

Accept-Language
nl-NL,nl;q=0.9
Referer
https://517s61.reminews.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date
Fri, 03 Dec 2021 16:23:02 GMT
x-openstack-request-id
tx3a371b7f911d47879e956-00617824f4
x-trans-id
tx3a371b7f911d47879e956-00617824f4
x-timestamp
1621260766.56573
accept-ranges
bytes
expires
Sun, 05 Dec 2021 16:23:02 GMT
last-modified
Mon, 17 May 2021 14:12:47 GMT
server
nginx/1.18.0
etag
3d0ab5834c8bf7134e4d21fa3288317f
vary
Accept-Encoding
access-control-allow-methods
HEAD,GET,POST,PUT,PATCH,DELETE,OPTIONS
content-type
image/png
access-control-allow-origin
*
access-control-expose-headers
X-Container-Meta-Temp-Url-Key,X-Container-Bytes-Used,Last-Modified,X-Timestamp
cache-control
max-age=172800
content-length
7252
access-control-allow-headers
Content-Type,X-Requested-With,X-Auth-Token,X-Openstack-Request-Id,X-Container-Meta-type,X-Container-Meta-Temp-URL-Key,Authorization
x-proxy-cache
HIT
icon2.png
123.selornews.com/dannig/common-player-arrow/img/ 		4 KB
5 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://123.selornews.com/dannig/common-player-arrow/img/icon2.png
Requested by
Host: 517s61.reminews.com
URL: https://517s61.reminews.com/dannig/common-player-arrow/index.html?var=1541501&ymid=2112031123a8a6adb529944b1da167d7df57&rc=1&mrc=0&fsc=0&zoneid=1601571&tburl=https://play-vids.com/?geo=nl&proxy=true
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
45.133.44.4 Philadelphia, United States, ASN39572 (ADVANCEDHOSTERS-AS, NL),
Reverse DNS
Software
nginx/1.18.0 /
Resource Hash

Request headers

Accept-Language
nl-NL,nl;q=0.9
Referer
https://517s61.reminews.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date
Fri, 03 Dec 2021 16:23:02 GMT
x-openstack-request-id
txa9b08c83d6884e2e94886-00617824f0
x-trans-id
txa9b08c83d6884e2e94886-00617824f0
x-timestamp
1621260766.58366
accept-ranges
bytes
expires
Sun, 05 Dec 2021 16:23:02 GMT
last-modified
Mon, 17 May 2021 14:12:47 GMT
server
nginx/1.18.0
etag
c947d439eb93367f1af5b2a3d222f057
vary
Accept-Encoding
access-control-allow-methods
HEAD,GET,POST,PUT,PATCH,DELETE,OPTIONS
content-type
image/png
access-control-allow-origin
*
access-control-expose-headers
X-Container-Meta-Temp-Url-Key,X-Container-Bytes-Used,Last-Modified,X-Timestamp
cache-control
max-age=172800
content-length
4576
access-control-allow-headers
Content-Type,X-Requested-With,X-Auth-Token,X-Openstack-Request-Id,X-Container-Meta-type,X-Container-Meta-Temp-URL-Key,Authorization
x-proxy-cache
HIT
icon3.png
123.selornews.com/dannig/common-player-arrow/img/ 		8 KB
8 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://123.selornews.com/dannig/common-player-arrow/img/icon3.png
Requested by
Host: 517s61.reminews.com
URL: https://517s61.reminews.com/dannig/common-player-arrow/index.html?var=1541501&ymid=2112031123a8a6adb529944b1da167d7df57&rc=1&mrc=0&fsc=0&zoneid=1601571&tburl=https://play-vids.com/?geo=nl&proxy=true
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
45.133.44.4 Philadelphia, United States, ASN39572 (ADVANCEDHOSTERS-AS, NL),
Reverse DNS
Software
nginx/1.18.0 /
Resource Hash

Request headers

Accept-Language
nl-NL,nl;q=0.9
Referer
https://517s61.reminews.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date
Fri, 03 Dec 2021 16:23:02 GMT
x-openstack-request-id
txe836bc800dc74cab8c17e-00617824f0
x-trans-id
txe836bc800dc74cab8c17e-00617824f0
x-timestamp
1621260770.61859
accept-ranges
bytes
expires
Sun, 05 Dec 2021 16:23:02 GMT
last-modified
Mon, 17 May 2021 14:12:51 GMT
server
nginx/1.18.0
etag
8f3cc830da0b1fdf66bda7d1d734747b
vary
Accept-Encoding
access-control-allow-methods
HEAD,GET,POST,PUT,PATCH,DELETE,OPTIONS
content-type
image/png
access-control-allow-origin
*
access-control-expose-headers
X-Container-Meta-Temp-Url-Key,X-Container-Bytes-Used,Last-Modified,X-Timestamp
cache-control
max-age=172800
content-length
7847
access-control-allow-headers
Content-Type,X-Requested-With,X-Auth-Token,X-Openstack-Request-Id,X-Container-Meta-type,X-Container-Meta-Temp-URL-Key,Authorization
x-proxy-cache
HIT
icon4.png
123.selornews.com/dannig/common-player-arrow/img/ 		7 KB
7 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://123.selornews.com/dannig/common-player-arrow/img/icon4.png
Requested by
Host: 517s61.reminews.com
URL: https://517s61.reminews.com/dannig/common-player-arrow/index.html?var=1541501&ymid=2112031123a8a6adb529944b1da167d7df57&rc=1&mrc=0&fsc=0&zoneid=1601571&tburl=https://play-vids.com/?geo=nl&proxy=true
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
45.133.44.4 Philadelphia, United States, ASN39572 (ADVANCEDHOSTERS-AS, NL),
Reverse DNS
Software
nginx/1.18.0 /
Resource Hash

Request headers

Accept-Language
nl-NL,nl;q=0.9
Referer
https://517s61.reminews.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date
Fri, 03 Dec 2021 16:23:02 GMT
x-openstack-request-id
tx15b172dcb6084849bf123-00617824f0
x-trans-id
tx15b172dcb6084849bf123-00617824f0
x-timestamp
1621260766.57654
accept-ranges
bytes
expires
Sun, 05 Dec 2021 16:23:02 GMT
last-modified
Mon, 17 May 2021 14:12:47 GMT
server
nginx/1.18.0
etag
7ad7f32c1c0df7b4975cc41bda4ac435
vary
Accept-Encoding
access-control-allow-methods
HEAD,GET,POST,PUT,PATCH,DELETE,OPTIONS
content-type
image/png
access-control-allow-origin
*
access-control-expose-headers
X-Container-Meta-Temp-Url-Key,X-Container-Bytes-Used,Last-Modified,X-Timestamp
cache-control
max-age=172800
content-length
7032
access-control-allow-headers
Content-Type,X-Requested-With,X-Auth-Token,X-Openstack-Request-Id,X-Container-Meta-type,X-Container-Meta-Temp-URL-Key,Authorization
x-proxy-cache
HIT
icon5.png
123.selornews.com/dannig/common-player-arrow/img/ 		3 KB
4 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://123.selornews.com/dannig/common-player-arrow/img/icon5.png
Requested by
Host: 517s61.reminews.com
URL: https://517s61.reminews.com/dannig/common-player-arrow/index.html?var=1541501&ymid=2112031123a8a6adb529944b1da167d7df57&rc=1&mrc=0&fsc=0&zoneid=1601571&tburl=https://play-vids.com/?geo=nl&proxy=true
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
45.133.44.4 Philadelphia, United States, ASN39572 (ADVANCEDHOSTERS-AS, NL),
Reverse DNS
Software
nginx/1.18.0 /
Resource Hash

Request headers

Accept-Language
nl-NL,nl;q=0.9
Referer
https://517s61.reminews.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date
Fri, 03 Dec 2021 16:23:02 GMT
x-openstack-request-id
txb5043e51fe2e4d6988631-00617824f0
x-trans-id
txb5043e51fe2e4d6988631-00617824f0
x-timestamp
1621260766.74516
accept-ranges
bytes
expires
Sun, 05 Dec 2021 16:23:02 GMT
last-modified
Mon, 17 May 2021 14:12:47 GMT
server
nginx/1.18.0
etag
1e1a7582b5da63e10485d63f97abc9a0
vary
Accept-Encoding
access-control-allow-methods
HEAD,GET,POST,PUT,PATCH,DELETE,OPTIONS
content-type
image/png
access-control-allow-origin
*
access-control-expose-headers
X-Container-Meta-Temp-Url-Key,X-Container-Bytes-Used,Last-Modified,X-Timestamp
cache-control
max-age=172800
content-length
3264
access-control-allow-headers
Content-Type,X-Requested-With,X-Auth-Token,X-Openstack-Request-Id,X-Container-Meta-type,X-Container-Meta-Temp-URL-Key,Authorization
x-proxy-cache
HIT
icon7.png
123.selornews.com/dannig/common-player-arrow/img/ 		3 KB
4 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://123.selornews.com/dannig/common-player-arrow/img/icon7.png
Requested by
Host: 517s61.reminews.com
URL: https://517s61.reminews.com/dannig/common-player-arrow/index.html?var=1541501&ymid=2112031123a8a6adb529944b1da167d7df57&rc=1&mrc=0&fsc=0&zoneid=1601571&tburl=https://play-vids.com/?geo=nl&proxy=true
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
45.133.44.4 Philadelphia, United States, ASN39572 (ADVANCEDHOSTERS-AS, NL),
Reverse DNS
Software
nginx/1.18.0 /
Resource Hash

Request headers

Accept-Language
nl-NL,nl;q=0.9
Referer
https://517s61.reminews.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date
Fri, 03 Dec 2021 16:23:02 GMT
x-openstack-request-id
tx23eb648f44094a9e86fdc-00617824f0
x-trans-id
tx23eb648f44094a9e86fdc-00617824f0
x-timestamp
1621260767.43555
accept-ranges
bytes
expires
Sun, 05 Dec 2021 16:23:02 GMT
last-modified
Mon, 17 May 2021 14:12:48 GMT
server
nginx/1.18.0
etag
b512735542cb07b3b2dcf153a7dfe456
vary
Accept-Encoding
access-control-allow-methods
HEAD,GET,POST,PUT,PATCH,DELETE,OPTIONS
content-type
image/png
access-control-allow-origin
*
access-control-expose-headers
X-Container-Meta-Temp-Url-Key,X-Container-Bytes-Used,Last-Modified,X-Timestamp
cache-control
max-age=172800
content-length
3283
access-control-allow-headers
Content-Type,X-Requested-With,X-Auth-Token,X-Openstack-Request-Id,X-Container-Meta-type,X-Container-Meta-Temp-URL-Key,Authorization
x-proxy-cache
HIT
icon8.png
123.selornews.com/dannig/common-player-arrow/img/ 		4 KB
5 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://123.selornews.com/dannig/common-player-arrow/img/icon8.png
Requested by
Host: 517s61.reminews.com
URL: https://517s61.reminews.com/dannig/common-player-arrow/index.html?var=1541501&ymid=2112031123a8a6adb529944b1da167d7df57&rc=1&mrc=0&fsc=0&zoneid=1601571&tburl=https://play-vids.com/?geo=nl&proxy=true
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
45.133.44.4 Philadelphia, United States, ASN39572 (ADVANCEDHOSTERS-AS, NL),
Reverse DNS
Software
nginx/1.18.0 /
Resource Hash

Request headers

Accept-Language
nl-NL,nl;q=0.9
Referer
https://517s61.reminews.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date
Fri, 03 Dec 2021 16:23:02 GMT
x-openstack-request-id
tx287de7c84de84b77b385d-00617824f0
x-trans-id
tx287de7c84de84b77b385d-00617824f0
x-timestamp
1621260767.46514
accept-ranges
bytes
expires
Sun, 05 Dec 2021 16:23:02 GMT
last-modified
Mon, 17 May 2021 14:12:48 GMT
server
nginx/1.18.0
etag
f92d6474ebc6a3a0b576749cfb4afe98
vary
Accept-Encoding
access-control-allow-methods
HEAD,GET,POST,PUT,PATCH,DELETE,OPTIONS
content-type
image/png
access-control-allow-origin
*
access-control-expose-headers
X-Container-Meta-Temp-Url-Key,X-Container-Bytes-Used,Last-Modified,X-Timestamp
cache-control
max-age=172800
content-length
4064
access-control-allow-headers
Content-Type,X-Requested-With,X-Auth-Token,X-Openstack-Request-Id,X-Container-Meta-type,X-Container-Meta-Temp-URL-Key,Authorization
x-proxy-cache
HIT
afu.php
kneeansweras.com/ 		2 KB
1 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://kneeansweras.com/afu.php?zoneid=1541502&var=1541501
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
109.206.162.83 , Netherlands, ASN50245 (SERVEREL-AS, NL),
Reverse DNS
83.162.serverel.net
Software
nginx /
Resource Hash
8b54e53ce266f39bf0eeeaccdcf87607950e0fa33aabeeebb3be6f5e3b2b065d

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36
Accept-Language
nl-NL,nl;q=0.9

Response headers

server
nginx
date
Fri, 03 Dec 2021 16:23:02 GMT
content-type
text/html; charset=utf-8
vary
Accept-Encoding
content-encoding
gzip
timing-allow-origin
*
submit.min.js
kneeansweras.com/ 		34 KB
14 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://kneeansweras.com/submit.min.js?2.0
Requested by
Host: kneeansweras.com
URL: https://kneeansweras.com/afu.php?zoneid=1541502&var=1541501
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
109.206.162.83 , Netherlands, ASN50245 (SERVEREL-AS, NL),
Reverse DNS
83.162.serverel.net
Software
nginx /
Resource Hash
85a367f436675a0f9ff723ab117c68ab0f704cd9f183bc40c8d5e06d647832b8

Request headers

Accept-Language
nl-NL,nl;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date
Fri, 03 Dec 2021 16:23:02 GMT
content-encoding
gzip
last-modified
Thu, 02 Dec 2021 12:43:17 GMT
server
nginx
etag
W/"61a8bf65-87fb"
vary
Accept-Encoding
content-type
application/javascript
timing-allow-origin
*
/
kneeansweras.com/ 		3 KB
2 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://kneeansweras.com/?r=dir&zoneid=1541502&var=1541501&pb=94861bd26ff71adbec89567b22a2ae001638555782&psp=wKhOcQ3gx3o5z5yCd_7OJEPxSXktahZWhpewpxzgxF7XoJLkuTKuHbAdc6nm4SoL_VVgz3nVxCzovnzrK5zdv8L1z6br2xSmWyDz1d4dxj0nwFpClM0So2wUdixrcJ6BWqi31uKg9m5V7p-faF44pLTj_txy-Ygf7X4AQgcn9tFqGKMtWiC2WxBOLN0axZXyQpKon2mne0jx9dRHE6CwOqeq8q_tvteRDosL9jHnlFS6BsjE0CeUalExd1UWPi86kcwdcDeBXPar5yZKXs9b_FvBjRZWFrvYh_jk3nRe0vmjPR-tVFtAFSi9rULF38TBxyno75wqcL2ldmIuDSYRIA7W7YsQZp237iqkMXc9qRG_Xik7A3-kLiUJBNfvdVnl_9Ik_p1zPK5G5GI7naww1z0LR3a7HEmEgSuWUbjmvvueKSIfc1V5R9lQHYRZPbLujLQi_m4c3RhpZBvjJ99XsKfGujBq-A61Fqfeug3j0aEXOV6qHNSxwu4lYoJcO7WAOFIn_ht3Sn9FtePDQ1JBMf_tw6mPdt1ZOch1RcRHZcalXomU1hNAqQwoUfIzyapaJ6c83OYqBiXSoT5BkOtxCKeDeZj1rgYUGLLDxXeXjB1VHe4jqLrAt8AVoOK7kD1kQKbZmTtv02LJiLBAcasig4QQvcB1wGJzwuFlavDV6mFZXlk4wuMXbw==&nojs=0&ix=0&t=0&x=1600&y=1200&wcks=1&wgl=1&cnvs=1&os=0&md=0&bb=0&pl=Chrome%20PDF%20Plugin::Chrome%20PDF%20Viewer::Native%20Client&lang=en-US&pf=Linux%20x86_64&cd=24&0&pload=121
Requested by
Host: kneeansweras.com
URL: https://kneeansweras.com/submit.min.js?2.0
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
109.206.162.83 , Netherlands, ASN50245 (SERVEREL-AS, NL),
Reverse DNS
83.162.serverel.net
Software
nginx /
Resource Hash
cd81858463b51aad32703cd3e919d128fcba2b21e5e70ef5970b7914aea49c13

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36
Accept-Language
nl-NL,nl;q=0.9

Response headers

server
nginx
date
Fri, 03 Dec 2021 16:23:02 GMT
content-type
text/html; charset=utf-8
vary
Accept-Encoding
content-encoding
gzip
timing-allow-origin
*
index.html
517s61.reminews.com/dannig/common-player-arrow/ 		6 KB
7 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://517s61.reminews.com/dannig/common-player-arrow/index.html?var=1541502&ymid=21120311230e62017cc5264ee1b877c7c437&rc=1&mrc=0&fsc=0&zoneid=1601571&tburl=https://play-vids.com/?geo=nl&proxy=true
Requested by
Host: kneeansweras.com
URL: https://kneeansweras.com/?r=dir&zoneid=1541502&var=1541501&pb=94861bd26ff71adbec89567b22a2ae001638555782&psp=wKhOcQ3gx3o5z5yCd_7OJEPxSXktahZWhpewpxzgxF7XoJLkuTKuHbAdc6nm4SoL_VVgz3nVxCzovnzrK5zdv8L1z6br2xSmWyDz1d4dxj0nwFpClM0So2wUdixrcJ6BWqi31uKg9m5V7p-faF44pLTj_txy-Ygf7X4AQgcn9tFqGKMtWiC2WxBOLN0axZXyQpKon2mne0jx9dRHE6CwOqeq8q_tvteRDosL9jHnlFS6BsjE0CeUalExd1UWPi86kcwdcDeBXPar5yZKXs9b_FvBjRZWFrvYh_jk3nRe0vmjPR-tVFtAFSi9rULF38TBxyno75wqcL2ldmIuDSYRIA7W7YsQZp237iqkMXc9qRG_Xik7A3-kLiUJBNfvdVnl_9Ik_p1zPK5G5GI7naww1z0LR3a7HEmEgSuWUbjmvvueKSIfc1V5R9lQHYRZPbLujLQi_m4c3RhpZBvjJ99XsKfGujBq-A61Fqfeug3j0aEXOV6qHNSxwu4lYoJcO7WAOFIn_ht3Sn9FtePDQ1JBMf_tw6mPdt1ZOch1RcRHZcalXomU1hNAqQwoUfIzyapaJ6c83OYqBiXSoT5BkOtxCKeDeZj1rgYUGLLDxXeXjB1VHe4jqLrAt8AVoOK7kD1kQKbZmTtv02LJiLBAcasig4QQvcB1wGJzwuFlavDV6mFZXlk4wuMXbw==&nojs=0&ix=0&t=0&x=1600&y=1200&wcks=1&wgl=1&cnvs=1&os=0&md=0&bb=0&pl=Chrome%20PDF%20Plugin::Chrome%20PDF%20Viewer::Native%20Client&lang=en-US&pf=Linux%20x86_64&cd=24&0&pload=121
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
45.133.44.3 Philadelphia, United States, ASN39572 (ADVANCEDHOSTERS-AS, NL),
Reverse DNS
Software
nginx/1.18.0 /
Resource Hash
dccc56b4834577790633f041a5c730b0f283352e63c8509a9da3961b170b6f96

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36
Accept-Language
nl-NL,nl;q=0.9

Response headers

date
Fri, 03 Dec 2021 16:23:02 GMT
content-type
text/html; charset=utf-8
content-length
6611
server
nginx/1.18.0
last-modified
Tue, 26 Oct 2021 15:52:40 GMT
etag
f46a63e0e4e733d7ddc6f46da00863bf
x-timestamp
1635263559.76455
x-trans-id
txf9973ab5455e4f86ae257-00617824f3
x-openstack-request-id
txf9973ab5455e4f86ae257-00617824f3
cache-control
max-age=172800
access-control-allow-origin
*
access-control-allow-methods
HEAD,GET,POST,PUT,PATCH,DELETE,OPTIONS
access-control-allow-headers
Content-Type,X-Requested-With,X-Auth-Token,X-Openstack-Request-Id,X-Container-Meta-type,X-Container-Meta-Temp-URL-Key,Authorization
access-control-expose-headers
X-Container-Meta-Temp-Url-Key,X-Container-Bytes-Used,Last-Modified,X-Timestamp
expires
Sun, 05 Dec 2021 16:23:02 GMT
vary
Accept-Encoding
x-proxy-cache
HIT
accept-ranges
bytes
dupa.gif
kneeansweras.com/ 		0
0
script.js
123.selornews.com/dannig/common-player-arrow/ 		4 KB
5 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://123.selornews.com/dannig/common-player-arrow/script.js?a=19
Requested by
Host: 517s61.reminews.com
URL: https://517s61.reminews.com/dannig/common-player-arrow/index.html?var=1541502&ymid=21120311230e62017cc5264ee1b877c7c437&rc=1&mrc=0&fsc=0&zoneid=1601571&tburl=https://play-vids.com/?geo=nl&proxy=true
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
45.133.44.4 Philadelphia, United States, ASN39572 (ADVANCEDHOSTERS-AS, NL),
Reverse DNS
Software
nginx/1.18.0 /
Resource Hash
4d23eca65ee87fd5bce9aaefc863c5f836ad13dbb3069c72533bddfe2054d0d9

Request headers

Accept-Language
nl-NL,nl;q=0.9
Referer
https://517s61.reminews.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date
Fri, 03 Dec 2021 16:23:02 GMT
x-openstack-request-id
tx511d3042704c4fa98c709-00617824f4
x-trans-id
tx511d3042704c4fa98c709-00617824f4
x-timestamp
1631013005.68768
accept-ranges
bytes
expires
Sun, 05 Dec 2021 16:23:02 GMT
last-modified
Tue, 07 Sep 2021 11:10:06 GMT
server
nginx/1.18.0
etag
9d479878f1dadd7ee15cebf73891e8ae
vary
Accept-Encoding
access-control-allow-methods
HEAD,GET,POST,PUT,PATCH,DELETE,OPTIONS
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
access-control-expose-headers
X-Container-Meta-Temp-Url-Key,X-Container-Bytes-Used,Last-Modified,X-Timestamp
cache-control
max-age=172800
content-length
4281
access-control-allow-headers
Content-Type,X-Requested-With,X-Auth-Token,X-Openstack-Request-Id,X-Container-Meta-type,X-Container-Meta-Temp-URL-Key,Authorization
x-proxy-cache
HIT
icon1.png
123.selornews.com/dannig/common-player-arrow/img/ 		7 KB
8 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://123.selornews.com/dannig/common-player-arrow/img/icon1.png
Requested by
Host: 517s61.reminews.com
URL: https://517s61.reminews.com/dannig/common-player-arrow/index.html?var=1541502&ymid=21120311230e62017cc5264ee1b877c7c437&rc=1&mrc=0&fsc=0&zoneid=1601571&tburl=https://play-vids.com/?geo=nl&proxy=true
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
45.133.44.4 Philadelphia, United States, ASN39572 (ADVANCEDHOSTERS-AS, NL),
Reverse DNS
Software
nginx/1.18.0 /
Resource Hash

Request headers

Accept-Language
nl-NL,nl;q=0.9
Referer
https://517s61.reminews.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date
Fri, 03 Dec 2021 16:23:02 GMT
x-openstack-request-id
tx3a371b7f911d47879e956-00617824f4
x-trans-id
tx3a371b7f911d47879e956-00617824f4
x-timestamp
1621260766.56573
accept-ranges
bytes
expires
Sun, 05 Dec 2021 16:23:02 GMT
last-modified
Mon, 17 May 2021 14:12:47 GMT
server
nginx/1.18.0
etag
3d0ab5834c8bf7134e4d21fa3288317f
vary
Accept-Encoding
access-control-allow-methods
HEAD,GET,POST,PUT,PATCH,DELETE,OPTIONS
content-type
image/png
access-control-allow-origin
*
access-control-expose-headers
X-Container-Meta-Temp-Url-Key,X-Container-Bytes-Used,Last-Modified,X-Timestamp
cache-control
max-age=172800
content-length
7252
access-control-allow-headers
Content-Type,X-Requested-With,X-Auth-Token,X-Openstack-Request-Id,X-Container-Meta-type,X-Container-Meta-Temp-URL-Key,Authorization
x-proxy-cache
HIT
icon2.png
123.selornews.com/dannig/common-player-arrow/img/ 		4 KB
5 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://123.selornews.com/dannig/common-player-arrow/img/icon2.png
Requested by
Host: 517s61.reminews.com
URL: https://517s61.reminews.com/dannig/common-player-arrow/index.html?var=1541502&ymid=21120311230e62017cc5264ee1b877c7c437&rc=1&mrc=0&fsc=0&zoneid=1601571&tburl=https://play-vids.com/?geo=nl&proxy=true
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
45.133.44.4 Philadelphia, United States, ASN39572 (ADVANCEDHOSTERS-AS, NL),
Reverse DNS
Software
nginx/1.18.0 /
Resource Hash

Request headers

Accept-Language
nl-NL,nl;q=0.9
Referer
https://517s61.reminews.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date
Fri, 03 Dec 2021 16:23:02 GMT
x-openstack-request-id
txa9b08c83d6884e2e94886-00617824f0
x-trans-id
txa9b08c83d6884e2e94886-00617824f0
x-timestamp
1621260766.58366
accept-ranges
bytes
expires
Sun, 05 Dec 2021 16:23:02 GMT
last-modified
Mon, 17 May 2021 14:12:47 GMT
server
nginx/1.18.0
etag
c947d439eb93367f1af5b2a3d222f057
vary
Accept-Encoding
access-control-allow-methods
HEAD,GET,POST,PUT,PATCH,DELETE,OPTIONS
content-type
image/png
access-control-allow-origin
*
access-control-expose-headers
X-Container-Meta-Temp-Url-Key,X-Container-Bytes-Used,Last-Modified,X-Timestamp
cache-control
max-age=172800
content-length
4576
access-control-allow-headers
Content-Type,X-Requested-With,X-Auth-Token,X-Openstack-Request-Id,X-Container-Meta-type,X-Container-Meta-Temp-URL-Key,Authorization
x-proxy-cache
HIT
icon3.png
123.selornews.com/dannig/common-player-arrow/img/ 		8 KB
8 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://123.selornews.com/dannig/common-player-arrow/img/icon3.png
Requested by
Host: 517s61.reminews.com
URL: https://517s61.reminews.com/dannig/common-player-arrow/index.html?var=1541502&ymid=21120311230e62017cc5264ee1b877c7c437&rc=1&mrc=0&fsc=0&zoneid=1601571&tburl=https://play-vids.com/?geo=nl&proxy=true
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
45.133.44.4 Philadelphia, United States, ASN39572 (ADVANCEDHOSTERS-AS, NL),
Reverse DNS
Software
nginx/1.18.0 /
Resource Hash

Request headers

Accept-Language
nl-NL,nl;q=0.9
Referer
https://517s61.reminews.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date
Fri, 03 Dec 2021 16:23:02 GMT
x-openstack-request-id
txe836bc800dc74cab8c17e-00617824f0
x-trans-id
txe836bc800dc74cab8c17e-00617824f0
x-timestamp
1621260770.61859
accept-ranges
bytes
expires
Sun, 05 Dec 2021 16:23:02 GMT
last-modified
Mon, 17 May 2021 14:12:51 GMT
server
nginx/1.18.0
etag
8f3cc830da0b1fdf66bda7d1d734747b
vary
Accept-Encoding
access-control-allow-methods
HEAD,GET,POST,PUT,PATCH,DELETE,OPTIONS
content-type
image/png
access-control-allow-origin
*
access-control-expose-headers
X-Container-Meta-Temp-Url-Key,X-Container-Bytes-Used,Last-Modified,X-Timestamp
cache-control
max-age=172800
content-length
7847
access-control-allow-headers
Content-Type,X-Requested-With,X-Auth-Token,X-Openstack-Request-Id,X-Container-Meta-type,X-Container-Meta-Temp-URL-Key,Authorization
x-proxy-cache
HIT
icon4.png
123.selornews.com/dannig/common-player-arrow/img/ 		7 KB
7 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://123.selornews.com/dannig/common-player-arrow/img/icon4.png
Requested by
Host: 517s61.reminews.com
URL: https://517s61.reminews.com/dannig/common-player-arrow/index.html?var=1541502&ymid=21120311230e62017cc5264ee1b877c7c437&rc=1&mrc=0&fsc=0&zoneid=1601571&tburl=https://play-vids.com/?geo=nl&proxy=true
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
45.133.44.4 Philadelphia, United States, ASN39572 (ADVANCEDHOSTERS-AS, NL),
Reverse DNS
Software
nginx/1.18.0 /
Resource Hash

Request headers

Accept-Language
nl-NL,nl;q=0.9
Referer
https://517s61.reminews.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date
Fri, 03 Dec 2021 16:23:02 GMT
x-openstack-request-id
tx15b172dcb6084849bf123-00617824f0
x-trans-id
tx15b172dcb6084849bf123-00617824f0
x-timestamp
1621260766.57654
accept-ranges
bytes
expires
Sun, 05 Dec 2021 16:23:02 GMT
last-modified
Mon, 17 May 2021 14:12:47 GMT
server
nginx/1.18.0
etag
7ad7f32c1c0df7b4975cc41bda4ac435
vary
Accept-Encoding
access-control-allow-methods
HEAD,GET,POST,PUT,PATCH,DELETE,OPTIONS
content-type
image/png
access-control-allow-origin
*
access-control-expose-headers
X-Container-Meta-Temp-Url-Key,X-Container-Bytes-Used,Last-Modified,X-Timestamp
cache-control
max-age=172800
content-length
7032
access-control-allow-headers
Content-Type,X-Requested-With,X-Auth-Token,X-Openstack-Request-Id,X-Container-Meta-type,X-Container-Meta-Temp-URL-Key,Authorization
x-proxy-cache
HIT
icon5.png
123.selornews.com/dannig/common-player-arrow/img/ 		3 KB
4 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://123.selornews.com/dannig/common-player-arrow/img/icon5.png
Requested by
Host: 517s61.reminews.com
URL: https://517s61.reminews.com/dannig/common-player-arrow/index.html?var=1541502&ymid=21120311230e62017cc5264ee1b877c7c437&rc=1&mrc=0&fsc=0&zoneid=1601571&tburl=https://play-vids.com/?geo=nl&proxy=true
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
45.133.44.4 Philadelphia, United States, ASN39572 (ADVANCEDHOSTERS-AS, NL),
Reverse DNS
Software
nginx/1.18.0 /
Resource Hash

Request headers

Accept-Language
nl-NL,nl;q=0.9
Referer
https://517s61.reminews.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date
Fri, 03 Dec 2021 16:23:02 GMT
x-openstack-request-id
txb5043e51fe2e4d6988631-00617824f0
x-trans-id
txb5043e51fe2e4d6988631-00617824f0
x-timestamp
1621260766.74516
accept-ranges
bytes
expires
Sun, 05 Dec 2021 16:23:02 GMT
last-modified
Mon, 17 May 2021 14:12:47 GMT
server
nginx/1.18.0
etag
1e1a7582b5da63e10485d63f97abc9a0
vary
Accept-Encoding
access-control-allow-methods
HEAD,GET,POST,PUT,PATCH,DELETE,OPTIONS
content-type
image/png
access-control-allow-origin
*
access-control-expose-headers
X-Container-Meta-Temp-Url-Key,X-Container-Bytes-Used,Last-Modified,X-Timestamp
cache-control
max-age=172800
content-length
3264
access-control-allow-headers
Content-Type,X-Requested-With,X-Auth-Token,X-Openstack-Request-Id,X-Container-Meta-type,X-Container-Meta-Temp-URL-Key,Authorization
x-proxy-cache
HIT
icon7.png
123.selornews.com/dannig/common-player-arrow/img/ 		3 KB
4 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://123.selornews.com/dannig/common-player-arrow/img/icon7.png
Requested by
Host: 517s61.reminews.com
URL: https://517s61.reminews.com/dannig/common-player-arrow/index.html?var=1541502&ymid=21120311230e62017cc5264ee1b877c7c437&rc=1&mrc=0&fsc=0&zoneid=1601571&tburl=https://play-vids.com/?geo=nl&proxy=true
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
45.133.44.4 Philadelphia, United States, ASN39572 (ADVANCEDHOSTERS-AS, NL),
Reverse DNS
Software
nginx/1.18.0 /
Resource Hash

Request headers

Accept-Language
nl-NL,nl;q=0.9
Referer
https://517s61.reminews.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date
Fri, 03 Dec 2021 16:23:02 GMT
x-openstack-request-id
tx23eb648f44094a9e86fdc-00617824f0
x-trans-id
tx23eb648f44094a9e86fdc-00617824f0
x-timestamp
1621260767.43555
accept-ranges
bytes
expires
Sun, 05 Dec 2021 16:23:02 GMT
last-modified
Mon, 17 May 2021 14:12:48 GMT
server
nginx/1.18.0
etag
b512735542cb07b3b2dcf153a7dfe456
vary
Accept-Encoding
access-control-allow-methods
HEAD,GET,POST,PUT,PATCH,DELETE,OPTIONS
content-type
image/png
access-control-allow-origin
*
access-control-expose-headers
X-Container-Meta-Temp-Url-Key,X-Container-Bytes-Used,Last-Modified,X-Timestamp
cache-control
max-age=172800
content-length
3283
access-control-allow-headers
Content-Type,X-Requested-With,X-Auth-Token,X-Openstack-Request-Id,X-Container-Meta-type,X-Container-Meta-Temp-URL-Key,Authorization
x-proxy-cache
HIT
icon8.png
123.selornews.com/dannig/common-player-arrow/img/ 		4 KB
5 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://123.selornews.com/dannig/common-player-arrow/img/icon8.png
Requested by
Host: 517s61.reminews.com
URL: https://517s61.reminews.com/dannig/common-player-arrow/index.html?var=1541502&ymid=21120311230e62017cc5264ee1b877c7c437&rc=1&mrc=0&fsc=0&zoneid=1601571&tburl=https://play-vids.com/?geo=nl&proxy=true
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
45.133.44.4 Philadelphia, United States, ASN39572 (ADVANCEDHOSTERS-AS, NL),
Reverse DNS
Software
nginx/1.18.0 /
Resource Hash

Request headers

Accept-Language
nl-NL,nl;q=0.9
Referer
https://517s61.reminews.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date
Fri, 03 Dec 2021 16:23:02 GMT
x-openstack-request-id
tx287de7c84de84b77b385d-00617824f0
x-trans-id
tx287de7c84de84b77b385d-00617824f0
x-timestamp
1621260767.46514
accept-ranges
bytes
expires
Sun, 05 Dec 2021 16:23:02 GMT
last-modified
Mon, 17 May 2021 14:12:48 GMT
server
nginx/1.18.0
etag
f92d6474ebc6a3a0b576749cfb4afe98
vary
Accept-Encoding
access-control-allow-methods
HEAD,GET,POST,PUT,PATCH,DELETE,OPTIONS
content-type
image/png
access-control-allow-origin
*
access-control-expose-headers
X-Container-Meta-Temp-Url-Key,X-Container-Bytes-Used,Last-Modified,X-Timestamp
cache-control
max-age=172800
content-length
4064
access-control-allow-headers
Content-Type,X-Requested-With,X-Auth-Token,X-Openstack-Request-Id,X-Container-Meta-type,X-Container-Meta-Temp-URL-Key,Authorization
x-proxy-cache
HIT
afu.php
kneeansweras.com/ 		2 KB
1 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://kneeansweras.com/afu.php?zoneid=1541501&var=1541502
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
109.206.162.83 , Netherlands, ASN50245 (SERVEREL-AS, NL),
Reverse DNS
83.162.serverel.net
Software
nginx /
Resource Hash
47cf66e8640e958ddb5085430ff0e7685c0d3cb5626592b5505baaa471b107ea

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36
Accept-Language
nl-NL,nl;q=0.9

Response headers

server
nginx
date
Fri, 03 Dec 2021 16:23:02 GMT
content-type
text/html; charset=utf-8
vary
Accept-Encoding
content-encoding
gzip
timing-allow-origin
*
submit.min.js
kneeansweras.com/ 		34 KB
14 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://kneeansweras.com/submit.min.js?2.0
Requested by
Host: kneeansweras.com
URL: https://kneeansweras.com/afu.php?zoneid=1541501&var=1541502
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
109.206.162.83 , Netherlands, ASN50245 (SERVEREL-AS, NL),
Reverse DNS
83.162.serverel.net
Software
nginx /
Resource Hash
85a367f436675a0f9ff723ab117c68ab0f704cd9f183bc40c8d5e06d647832b8

Request headers

Accept-Language
nl-NL,nl;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date
Fri, 03 Dec 2021 16:23:03 GMT
content-encoding
gzip
last-modified
Thu, 02 Dec 2021 12:43:17 GMT
server
nginx
etag
W/"61a8bf65-87fb"
vary
Accept-Encoding
content-type
application/javascript
timing-allow-origin
*
/
kneeansweras.com/ 		3 KB
2 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://kneeansweras.com/?r=dir&zoneid=1541501&var=1541502&pb=94861bd26ff71adbec89567b22a2ae001638555782&psp=bnJBKxvAA-u7gtwOaoZMYbAlzVnfJmaIYbToicPfwGaRmC6TnCXWz07HTiUTj9c5VacTIKKKXHw0OmD4TO593tQSiclrbSiSfyZ_upr1O2cF5ax04phjlfd7aTnsJ-6i04VR2j0Etum1fl6ScylYzvbFSokevm6FCzw36AOFofMlS1E-TLkkPEVvj5lePpZNZz8FMsRh82KCJVkX4DaNnKC2BUPqMfleGstpWLYSwgr9jO6jNKDFJm4FVOeG9-4JC9b6OZScdIKvs9J9-zkp9qYxDkWBcIT7ENqbURD8Wg3LbL3MPCkg_w07SV2tQNiReJ4phA6prrxbw7SZ_QHRwwxO9njo60bMH2Jd3fhW7gNuFwSXGeSfRJ0E7kxNEy6ji9afXT4UoACfZMukXrLg9v-65Cy0rOmir9EYrD3xuKtRbGS6TpoQBgBxTIBE2KGy7aLuS80iR_X42MOp-IWACDN7Z9JffQQdrTZ0kTfcRyAo5aasWkVnCKpSTmfOjItHR6CZtCghg86E_4d2ZEB9z_umVnZucOA8wE68oPbsQ2AfjAs0alMx95lU9cFe82pCRa0vTv035-alFP84M1Y9SRklB47g_dfz3BtMihB9PxGjsFGpRAOBj0XToc_yhKO0NXFe7EZnYGyB4oYlC8yNPMMKM3YoP4XrmsXPIig5RG0i59FvHWEJsw==&nojs=0&ix=0&t=0&x=1600&y=1200&wcks=1&wgl=1&cnvs=1&os=0&md=0&bb=0&pl=Chrome%20PDF%20Plugin::Chrome%20PDF%20Viewer::Native%20Client&lang=en-US&pf=Linux%20x86_64&cd=24&0&pload=106
Requested by
Host: kneeansweras.com
URL: https://kneeansweras.com/submit.min.js?2.0
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
109.206.162.83 , Netherlands, ASN50245 (SERVEREL-AS, NL),
Reverse DNS
83.162.serverel.net
Software
nginx /
Resource Hash
6ff2516698afec7c6d7737de8af60ceaacf609c53fd550ee6a467e35fdcc89b1

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36
Accept-Language
nl-NL,nl;q=0.9

Response headers

server
nginx
date
Fri, 03 Dec 2021 16:23:03 GMT
content-type
text/html; charset=utf-8
vary
Accept-Encoding
content-encoding
gzip
timing-allow-origin
*
index.html
517s61.reminews.com/dannig/common-player-arrow/ 		6 KB
7 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://517s61.reminews.com/dannig/common-player-arrow/index.html?var=1541501&ymid=21120311233e4d6e3954d04317b7efc48e62&rc=1&mrc=0&fsc=0&zoneid=1601571&tburl=https://play-vids.com/?geo=nl&proxy=true
Requested by
Host: kneeansweras.com
URL: https://kneeansweras.com/?r=dir&zoneid=1541501&var=1541502&pb=94861bd26ff71adbec89567b22a2ae001638555782&psp=bnJBKxvAA-u7gtwOaoZMYbAlzVnfJmaIYbToicPfwGaRmC6TnCXWz07HTiUTj9c5VacTIKKKXHw0OmD4TO593tQSiclrbSiSfyZ_upr1O2cF5ax04phjlfd7aTnsJ-6i04VR2j0Etum1fl6ScylYzvbFSokevm6FCzw36AOFofMlS1E-TLkkPEVvj5lePpZNZz8FMsRh82KCJVkX4DaNnKC2BUPqMfleGstpWLYSwgr9jO6jNKDFJm4FVOeG9-4JC9b6OZScdIKvs9J9-zkp9qYxDkWBcIT7ENqbURD8Wg3LbL3MPCkg_w07SV2tQNiReJ4phA6prrxbw7SZ_QHRwwxO9njo60bMH2Jd3fhW7gNuFwSXGeSfRJ0E7kxNEy6ji9afXT4UoACfZMukXrLg9v-65Cy0rOmir9EYrD3xuKtRbGS6TpoQBgBxTIBE2KGy7aLuS80iR_X42MOp-IWACDN7Z9JffQQdrTZ0kTfcRyAo5aasWkVnCKpSTmfOjItHR6CZtCghg86E_4d2ZEB9z_umVnZucOA8wE68oPbsQ2AfjAs0alMx95lU9cFe82pCRa0vTv035-alFP84M1Y9SRklB47g_dfz3BtMihB9PxGjsFGpRAOBj0XToc_yhKO0NXFe7EZnYGyB4oYlC8yNPMMKM3YoP4XrmsXPIig5RG0i59FvHWEJsw==&nojs=0&ix=0&t=0&x=1600&y=1200&wcks=1&wgl=1&cnvs=1&os=0&md=0&bb=0&pl=Chrome%20PDF%20Plugin::Chrome%20PDF%20Viewer::Native%20Client&lang=en-US&pf=Linux%20x86_64&cd=24&0&pload=106
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
45.133.44.3 Philadelphia, United States, ASN39572 (ADVANCEDHOSTERS-AS, NL),
Reverse DNS
Software
nginx/1.18.0 /
Resource Hash
dccc56b4834577790633f041a5c730b0f283352e63c8509a9da3961b170b6f96

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36
Accept-Language
nl-NL,nl;q=0.9

Response headers

date
Fri, 03 Dec 2021 16:23:03 GMT
content-type
text/html; charset=utf-8
content-length
6611
server
nginx/1.18.0
last-modified
Tue, 26 Oct 2021 15:52:40 GMT
etag
f46a63e0e4e733d7ddc6f46da00863bf
x-timestamp
1635263559.76455
x-trans-id
txf9973ab5455e4f86ae257-00617824f3
x-openstack-request-id
txf9973ab5455e4f86ae257-00617824f3
cache-control
max-age=172800
access-control-allow-origin
*
access-control-allow-methods
HEAD,GET,POST,PUT,PATCH,DELETE,OPTIONS
access-control-allow-headers
Content-Type,X-Requested-With,X-Auth-Token,X-Openstack-Request-Id,X-Container-Meta-type,X-Container-Meta-Temp-URL-Key,Authorization
access-control-expose-headers
X-Container-Meta-Temp-Url-Key,X-Container-Bytes-Used,Last-Modified,X-Timestamp
expires
Sun, 05 Dec 2021 16:23:03 GMT
vary
Accept-Encoding
x-proxy-cache
HIT
accept-ranges
bytes
dupa.gif
kneeansweras.com/ 		0
0
script.js
123.selornews.com/dannig/common-player-arrow/ 		4 KB
5 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://123.selornews.com/dannig/common-player-arrow/script.js?a=19
Requested by
Host: 517s61.reminews.com
URL: https://517s61.reminews.com/dannig/common-player-arrow/index.html?var=1541501&ymid=21120311233e4d6e3954d04317b7efc48e62&rc=1&mrc=0&fsc=0&zoneid=1601571&tburl=https://play-vids.com/?geo=nl&proxy=true
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
45.133.44.4 Philadelphia, United States, ASN39572 (ADVANCEDHOSTERS-AS, NL),
Reverse DNS
Software
nginx/1.18.0 /
Resource Hash
4d23eca65ee87fd5bce9aaefc863c5f836ad13dbb3069c72533bddfe2054d0d9

Request headers

Accept-Language
nl-NL,nl;q=0.9
Referer
https://517s61.reminews.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date
Fri, 03 Dec 2021 16:23:03 GMT
x-openstack-request-id
tx511d3042704c4fa98c709-00617824f4
x-trans-id
tx511d3042704c4fa98c709-00617824f4
x-timestamp
1631013005.68768
accept-ranges
bytes
expires
Sun, 05 Dec 2021 16:23:03 GMT
last-modified
Tue, 07 Sep 2021 11:10:06 GMT
server
nginx/1.18.0
etag
9d479878f1dadd7ee15cebf73891e8ae
vary
Accept-Encoding
access-control-allow-methods
HEAD,GET,POST,PUT,PATCH,DELETE,OPTIONS
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
access-control-expose-headers
X-Container-Meta-Temp-Url-Key,X-Container-Bytes-Used,Last-Modified,X-Timestamp
cache-control
max-age=172800
content-length
4281
access-control-allow-headers
Content-Type,X-Requested-With,X-Auth-Token,X-Openstack-Request-Id,X-Container-Meta-type,X-Container-Meta-Temp-URL-Key,Authorization
x-proxy-cache
HIT
icon1.png
123.selornews.com/dannig/common-player-arrow/img/ 		7 KB
8 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://123.selornews.com/dannig/common-player-arrow/img/icon1.png
Requested by
Host: 517s61.reminews.com
URL: https://517s61.reminews.com/dannig/common-player-arrow/index.html?var=1541501&ymid=21120311233e4d6e3954d04317b7efc48e62&rc=1&mrc=0&fsc=0&zoneid=1601571&tburl=https://play-vids.com/?geo=nl&proxy=true
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
45.133.44.4 Philadelphia, United States, ASN39572 (ADVANCEDHOSTERS-AS, NL),
Reverse DNS
Software
nginx/1.18.0 /
Resource Hash

Request headers

Accept-Language
nl-NL,nl;q=0.9
Referer
https://517s61.reminews.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date
Fri, 03 Dec 2021 16:23:03 GMT
x-openstack-request-id
tx3a371b7f911d47879e956-00617824f4
x-trans-id
tx3a371b7f911d47879e956-00617824f4
x-timestamp
1621260766.56573
accept-ranges
bytes
expires
Sun, 05 Dec 2021 16:23:03 GMT
last-modified
Mon, 17 May 2021 14:12:47 GMT
server
nginx/1.18.0
etag
3d0ab5834c8bf7134e4d21fa3288317f
vary
Accept-Encoding
access-control-allow-methods
HEAD,GET,POST,PUT,PATCH,DELETE,OPTIONS
content-type
image/png
access-control-allow-origin
*
access-control-expose-headers
X-Container-Meta-Temp-Url-Key,X-Container-Bytes-Used,Last-Modified,X-Timestamp
cache-control
max-age=172800
content-length
7252
access-control-allow-headers
Content-Type,X-Requested-With,X-Auth-Token,X-Openstack-Request-Id,X-Container-Meta-type,X-Container-Meta-Temp-URL-Key,Authorization
x-proxy-cache
HIT
icon2.png
123.selornews.com/dannig/common-player-arrow/img/ 		4 KB
5 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://123.selornews.com/dannig/common-player-arrow/img/icon2.png
Requested by
Host: 517s61.reminews.com
URL: https://517s61.reminews.com/dannig/common-player-arrow/index.html?var=1541501&ymid=21120311233e4d6e3954d04317b7efc48e62&rc=1&mrc=0&fsc=0&zoneid=1601571&tburl=https://play-vids.com/?geo=nl&proxy=true
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
45.133.44.4 Philadelphia, United States, ASN39572 (ADVANCEDHOSTERS-AS, NL),
Reverse DNS
Software
nginx/1.18.0 /
Resource Hash

Request headers

Accept-Language
nl-NL,nl;q=0.9
Referer
https://517s61.reminews.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date
Fri, 03 Dec 2021 16:23:03 GMT
x-openstack-request-id
txa9b08c83d6884e2e94886-00617824f0
x-trans-id
txa9b08c83d6884e2e94886-00617824f0
x-timestamp
1621260766.58366
accept-ranges
bytes
expires
Sun, 05 Dec 2021 16:23:03 GMT
last-modified
Mon, 17 May 2021 14:12:47 GMT
server
nginx/1.18.0
etag
c947d439eb93367f1af5b2a3d222f057
vary
Accept-Encoding
access-control-allow-methods
HEAD,GET,POST,PUT,PATCH,DELETE,OPTIONS
content-type
image/png
access-control-allow-origin
*
access-control-expose-headers
X-Container-Meta-Temp-Url-Key,X-Container-Bytes-Used,Last-Modified,X-Timestamp
cache-control
max-age=172800
content-length
4576
access-control-allow-headers
Content-Type,X-Requested-With,X-Auth-Token,X-Openstack-Request-Id,X-Container-Meta-type,X-Container-Meta-Temp-URL-Key,Authorization
x-proxy-cache
HIT
icon3.png
123.selornews.com/dannig/common-player-arrow/img/ 		8 KB
8 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://123.selornews.com/dannig/common-player-arrow/img/icon3.png
Requested by
Host: 517s61.reminews.com
URL: https://517s61.reminews.com/dannig/common-player-arrow/index.html?var=1541501&ymid=21120311233e4d6e3954d04317b7efc48e62&rc=1&mrc=0&fsc=0&zoneid=1601571&tburl=https://play-vids.com/?geo=nl&proxy=true
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
45.133.44.4 Philadelphia, United States, ASN39572 (ADVANCEDHOSTERS-AS, NL),
Reverse DNS
Software
nginx/1.18.0 /
Resource Hash

Request headers

Accept-Language
nl-NL,nl;q=0.9
Referer
https://517s61.reminews.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date
Fri, 03 Dec 2021 16:23:03 GMT
x-openstack-request-id
txe836bc800dc74cab8c17e-00617824f0
x-trans-id
txe836bc800dc74cab8c17e-00617824f0
x-timestamp
1621260770.61859
accept-ranges
bytes
expires
Sun, 05 Dec 2021 16:23:03 GMT
last-modified
Mon, 17 May 2021 14:12:51 GMT
server
nginx/1.18.0
etag
8f3cc830da0b1fdf66bda7d1d734747b
vary
Accept-Encoding
access-control-allow-methods
HEAD,GET,POST,PUT,PATCH,DELETE,OPTIONS
content-type
image/png
access-control-allow-origin
*
access-control-expose-headers
X-Container-Meta-Temp-Url-Key,X-Container-Bytes-Used,Last-Modified,X-Timestamp
cache-control
max-age=172800
content-length
7847
access-control-allow-headers
Content-Type,X-Requested-With,X-Auth-Token,X-Openstack-Request-Id,X-Container-Meta-type,X-Container-Meta-Temp-URL-Key,Authorization
x-proxy-cache
HIT
icon4.png
123.selornews.com/dannig/common-player-arrow/img/ 		7 KB
7 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://123.selornews.com/dannig/common-player-arrow/img/icon4.png
Requested by
Host: 517s61.reminews.com
URL: https://517s61.reminews.com/dannig/common-player-arrow/index.html?var=1541501&ymid=21120311233e4d6e3954d04317b7efc48e62&rc=1&mrc=0&fsc=0&zoneid=1601571&tburl=https://play-vids.com/?geo=nl&proxy=true
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
45.133.44.4 Philadelphia, United States, ASN39572 (ADVANCEDHOSTERS-AS, NL),
Reverse DNS
Software
nginx/1.18.0 /
Resource Hash

Request headers

Accept-Language
nl-NL,nl;q=0.9
Referer
https://517s61.reminews.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date
Fri, 03 Dec 2021 16:23:03 GMT
x-openstack-request-id
tx15b172dcb6084849bf123-00617824f0
x-trans-id
tx15b172dcb6084849bf123-00617824f0
x-timestamp
1621260766.57654
accept-ranges
bytes
expires
Sun, 05 Dec 2021 16:23:03 GMT
last-modified
Mon, 17 May 2021 14:12:47 GMT
server
nginx/1.18.0
etag
7ad7f32c1c0df7b4975cc41bda4ac435
vary
Accept-Encoding
access-control-allow-methods
HEAD,GET,POST,PUT,PATCH,DELETE,OPTIONS
content-type
image/png
access-control-allow-origin
*
access-control-expose-headers
X-Container-Meta-Temp-Url-Key,X-Container-Bytes-Used,Last-Modified,X-Timestamp
cache-control
max-age=172800
content-length
7032
access-control-allow-headers
Content-Type,X-Requested-With,X-Auth-Token,X-Openstack-Request-Id,X-Container-Meta-type,X-Container-Meta-Temp-URL-Key,Authorization
x-proxy-cache
HIT
icon5.png
123.selornews.com/dannig/common-player-arrow/img/ 		3 KB
4 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://123.selornews.com/dannig/common-player-arrow/img/icon5.png
Requested by
Host: 517s61.reminews.com
URL: https://517s61.reminews.com/dannig/common-player-arrow/index.html?var=1541501&ymid=21120311233e4d6e3954d04317b7efc48e62&rc=1&mrc=0&fsc=0&zoneid=1601571&tburl=https://play-vids.com/?geo=nl&proxy=true
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
45.133.44.4 Philadelphia, United States, ASN39572 (ADVANCEDHOSTERS-AS, NL),
Reverse DNS
Software
nginx/1.18.0 /
Resource Hash

Request headers

Accept-Language
nl-NL,nl;q=0.9
Referer
https://517s61.reminews.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date
Fri, 03 Dec 2021 16:23:03 GMT
x-openstack-request-id
txb5043e51fe2e4d6988631-00617824f0
x-trans-id
txb5043e51fe2e4d6988631-00617824f0
x-timestamp
1621260766.74516
accept-ranges
bytes
expires
Sun, 05 Dec 2021 16:23:03 GMT
last-modified
Mon, 17 May 2021 14:12:47 GMT
server
nginx/1.18.0
etag
1e1a7582b5da63e10485d63f97abc9a0
vary
Accept-Encoding
access-control-allow-methods
HEAD,GET,POST,PUT,PATCH,DELETE,OPTIONS
content-type
image/png
access-control-allow-origin
*
access-control-expose-headers
X-Container-Meta-Temp-Url-Key,X-Container-Bytes-Used,Last-Modified,X-Timestamp
cache-control
max-age=172800
content-length
3264
access-control-allow-headers
Content-Type,X-Requested-With,X-Auth-Token,X-Openstack-Request-Id,X-Container-Meta-type,X-Container-Meta-Temp-URL-Key,Authorization
x-proxy-cache
HIT
icon7.png
123.selornews.com/dannig/common-player-arrow/img/ 		3 KB
4 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://123.selornews.com/dannig/common-player-arrow/img/icon7.png
Requested by
Host: 517s61.reminews.com
URL: https://517s61.reminews.com/dannig/common-player-arrow/index.html?var=1541501&ymid=21120311233e4d6e3954d04317b7efc48e62&rc=1&mrc=0&fsc=0&zoneid=1601571&tburl=https://play-vids.com/?geo=nl&proxy=true
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
45.133.44.4 Philadelphia, United States, ASN39572 (ADVANCEDHOSTERS-AS, NL),
Reverse DNS
Software
nginx/1.18.0 /
Resource Hash

Request headers

Accept-Language
nl-NL,nl;q=0.9
Referer
https://517s61.reminews.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date
Fri, 03 Dec 2021 16:23:03 GMT
x-openstack-request-id
tx23eb648f44094a9e86fdc-00617824f0
x-trans-id
tx23eb648f44094a9e86fdc-00617824f0
x-timestamp
1621260767.43555
accept-ranges
bytes
expires
Sun, 05 Dec 2021 16:23:03 GMT
last-modified
Mon, 17 May 2021 14:12:48 GMT
server
nginx/1.18.0
etag
b512735542cb07b3b2dcf153a7dfe456
vary
Accept-Encoding
access-control-allow-methods
HEAD,GET,POST,PUT,PATCH,DELETE,OPTIONS
content-type
image/png
access-control-allow-origin
*
access-control-expose-headers
X-Container-Meta-Temp-Url-Key,X-Container-Bytes-Used,Last-Modified,X-Timestamp
cache-control
max-age=172800
content-length
3283
access-control-allow-headers
Content-Type,X-Requested-With,X-Auth-Token,X-Openstack-Request-Id,X-Container-Meta-type,X-Container-Meta-Temp-URL-Key,Authorization
x-proxy-cache
HIT
icon8.png
123.selornews.com/dannig/common-player-arrow/img/ 		4 KB
5 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://123.selornews.com/dannig/common-player-arrow/img/icon8.png
Requested by
Host: 517s61.reminews.com
URL: https://517s61.reminews.com/dannig/common-player-arrow/index.html?var=1541501&ymid=21120311233e4d6e3954d04317b7efc48e62&rc=1&mrc=0&fsc=0&zoneid=1601571&tburl=https://play-vids.com/?geo=nl&proxy=true
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
45.133.44.4 Philadelphia, United States, ASN39572 (ADVANCEDHOSTERS-AS, NL),
Reverse DNS
Software
nginx/1.18.0 /
Resource Hash

Request headers

Accept-Language
nl-NL,nl;q=0.9
Referer
https://517s61.reminews.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date
Fri, 03 Dec 2021 16:23:03 GMT
x-openstack-request-id
tx287de7c84de84b77b385d-00617824f0
x-trans-id
tx287de7c84de84b77b385d-00617824f0
x-timestamp
1621260767.46514
accept-ranges
bytes
expires
Sun, 05 Dec 2021 16:23:03 GMT
last-modified
Mon, 17 May 2021 14:12:48 GMT
server
nginx/1.18.0
etag
f92d6474ebc6a3a0b576749cfb4afe98
vary
Accept-Encoding
access-control-allow-methods
HEAD,GET,POST,PUT,PATCH,DELETE,OPTIONS
content-type
image/png
access-control-allow-origin
*
access-control-expose-headers
X-Container-Meta-Temp-Url-Key,X-Container-Bytes-Used,Last-Modified,X-Timestamp
cache-control
max-age=172800
content-length
4064
access-control-allow-headers
Content-Type,X-Requested-With,X-Auth-Token,X-Openstack-Request-Id,X-Container-Meta-type,X-Container-Meta-Temp-URL-Key,Authorization
x-proxy-cache
HIT
afu.php
kneeansweras.com/ 		2 KB
1 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://kneeansweras.com/afu.php?zoneid=1541502&var=1541501
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
109.206.162.83 , Netherlands, ASN50245 (SERVEREL-AS, NL),
Reverse DNS
83.162.serverel.net
Software
nginx /
Resource Hash
658285564b1c397834e7c7e73d74146fba137ea8549a9f3c7374031029971586

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36
Accept-Language
nl-NL,nl;q=0.9

Response headers

server
nginx
date
Fri, 03 Dec 2021 16:23:03 GMT
content-type
text/html; charset=utf-8
vary
Accept-Encoding
content-encoding
gzip
timing-allow-origin
*
submit.min.js
kneeansweras.com/ 		34 KB
14 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://kneeansweras.com/submit.min.js?2.0
Requested by
Host: kneeansweras.com
URL: https://kneeansweras.com/afu.php?zoneid=1541502&var=1541501
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
109.206.162.83 , Netherlands, ASN50245 (SERVEREL-AS, NL),
Reverse DNS
83.162.serverel.net
Software
nginx /
Resource Hash
85a367f436675a0f9ff723ab117c68ab0f704cd9f183bc40c8d5e06d647832b8

Request headers

Accept-Language
nl-NL,nl;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date
Fri, 03 Dec 2021 16:23:03 GMT
content-encoding
gzip
last-modified
Thu, 02 Dec 2021 12:43:17 GMT
server
nginx
etag
W/"61a8bf65-87fb"
vary
Accept-Encoding
content-type
application/javascript
timing-allow-origin
*
/
kneeansweras.com/ 		3 KB
2 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://kneeansweras.com/?r=dir&zoneid=1541502&var=1541501&pb=b9b2a3a0d6aeb2daea54738224aa55171638555783&psp=yATzeP6SECtGDHnhlokFj0n8cxTtWr25gjXZ-q2o6KBI3EY5pIMAjrTXrRgfuvuIwI_DpPyj_rDlZqWWc7o_dR_yWUvZS-sssCrAReN5q4IejGFgEjrurEo7Jif6u2uFQ-9j8EhivnlSpRqrJkHgbVygEon0LoA-ccNcF8pOhyR4F6GNHGgfjoZLlbPucKQ-k5OktIItMK6vA5oSSlrXis8wINuMY3Tya-u90duAYpjzM6HurfQ7LWw5bOezroXfsZfZFTjmXcF7_C9wfevfT0qa8PWaTKE6jyNIBLeeLBGxk64mAX5r4hSEvX4eqT5LjSZTGsrU2d2v1jc0Ta5CuUZDD28Avsi4lL9k2vyQpEM0r3xTYG9Ke4Q997W_a8p0aOSZ2jYaKJuWmDCEBmcLxEZjIpsfw2m2YzpXW0eEHgNaAgsfROWCuX6HeIPpDNfrjlb-sD1jmVQ-fuVqW8fF6rkPFdMXHRh9hIct0vSQAocMHp9I7Nb6j0BbhSuGbvOfYKXV2VhTS2J4DVBKUgSKYAlAp3QLa38adMfTkd5yK0izktZh5vY1LWm3dphKezWxj85vg5cp33KB3YTzgaUXFEtxsnN8B_66Ixqff7KfVtXKE9umsyYGCUc3pcVkOarGlDtVI7tW15cOdHHFsKhCj6BijQzswdKuECqcjnG7dHbhJMtg76d-LQ==&nojs=0&ix=0&t=0&x=1600&y=1200&wcks=1&wgl=1&cnvs=1&os=0&md=0&bb=0&pl=Chrome%20PDF%20Plugin::Chrome%20PDF%20Viewer::Native%20Client&lang=en-US&pf=Linux%20x86_64&cd=24&0&pload=107
Requested by
Host: kneeansweras.com
URL: https://kneeansweras.com/submit.min.js?2.0
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
109.206.162.83 , Netherlands, ASN50245 (SERVEREL-AS, NL),
Reverse DNS
83.162.serverel.net
Software
nginx /
Resource Hash
8bf8ee3de7244e0f141e873fed606b7541e7e5d35c89041d9fc4305b016e2a12

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36
Accept-Language
nl-NL,nl;q=0.9

Response headers

server
nginx
date
Fri, 03 Dec 2021 16:23:03 GMT
content-type
text/html; charset=utf-8
vary
Accept-Encoding
content-encoding
gzip
timing-allow-origin
*
index.html
517s61.reminews.com/dannig/common-player-arrow/ 		6 KB
7 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://517s61.reminews.com/dannig/common-player-arrow/index.html?var=1541502&ymid=2112031123694468540d9143a8a3f73091bf&rc=1&mrc=0&fsc=0&zoneid=1601571&tburl=https://play-vids.com/?geo=nl&proxy=true
Requested by
Host: kneeansweras.com
URL: https://kneeansweras.com/?r=dir&zoneid=1541502&var=1541501&pb=b9b2a3a0d6aeb2daea54738224aa55171638555783&psp=yATzeP6SECtGDHnhlokFj0n8cxTtWr25gjXZ-q2o6KBI3EY5pIMAjrTXrRgfuvuIwI_DpPyj_rDlZqWWc7o_dR_yWUvZS-sssCrAReN5q4IejGFgEjrurEo7Jif6u2uFQ-9j8EhivnlSpRqrJkHgbVygEon0LoA-ccNcF8pOhyR4F6GNHGgfjoZLlbPucKQ-k5OktIItMK6vA5oSSlrXis8wINuMY3Tya-u90duAYpjzM6HurfQ7LWw5bOezroXfsZfZFTjmXcF7_C9wfevfT0qa8PWaTKE6jyNIBLeeLBGxk64mAX5r4hSEvX4eqT5LjSZTGsrU2d2v1jc0Ta5CuUZDD28Avsi4lL9k2vyQpEM0r3xTYG9Ke4Q997W_a8p0aOSZ2jYaKJuWmDCEBmcLxEZjIpsfw2m2YzpXW0eEHgNaAgsfROWCuX6HeIPpDNfrjlb-sD1jmVQ-fuVqW8fF6rkPFdMXHRh9hIct0vSQAocMHp9I7Nb6j0BbhSuGbvOfYKXV2VhTS2J4DVBKUgSKYAlAp3QLa38adMfTkd5yK0izktZh5vY1LWm3dphKezWxj85vg5cp33KB3YTzgaUXFEtxsnN8B_66Ixqff7KfVtXKE9umsyYGCUc3pcVkOarGlDtVI7tW15cOdHHFsKhCj6BijQzswdKuECqcjnG7dHbhJMtg76d-LQ==&nojs=0&ix=0&t=0&x=1600&y=1200&wcks=1&wgl=1&cnvs=1&os=0&md=0&bb=0&pl=Chrome%20PDF%20Plugin::Chrome%20PDF%20Viewer::Native%20Client&lang=en-US&pf=Linux%20x86_64&cd=24&0&pload=107
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
45.133.44.3 Philadelphia, United States, ASN39572 (ADVANCEDHOSTERS-AS, NL),
Reverse DNS
Software
nginx/1.18.0 /
Resource Hash
dccc56b4834577790633f041a5c730b0f283352e63c8509a9da3961b170b6f96

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36
Accept-Language
nl-NL,nl;q=0.9

Response headers

date
Fri, 03 Dec 2021 16:23:03 GMT
content-type
text/html; charset=utf-8
content-length
6611
server
nginx/1.18.0
last-modified
Tue, 26 Oct 2021 15:52:40 GMT
etag
f46a63e0e4e733d7ddc6f46da00863bf
x-timestamp
1635263559.76455
x-trans-id
txf9973ab5455e4f86ae257-00617824f3
x-openstack-request-id
txf9973ab5455e4f86ae257-00617824f3
cache-control
max-age=172800
access-control-allow-origin
*
access-control-allow-methods
HEAD,GET,POST,PUT,PATCH,DELETE,OPTIONS
access-control-allow-headers
Content-Type,X-Requested-With,X-Auth-Token,X-Openstack-Request-Id,X-Container-Meta-type,X-Container-Meta-Temp-URL-Key,Authorization
access-control-expose-headers
X-Container-Meta-Temp-Url-Key,X-Container-Bytes-Used,Last-Modified,X-Timestamp
expires
Sun, 05 Dec 2021 16:23:03 GMT
vary
Accept-Encoding
x-proxy-cache
HIT
accept-ranges
bytes
dupa.gif
kneeansweras.com/ 		0
0
script.js
123.selornews.com/dannig/common-player-arrow/ 		4 KB
5 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://123.selornews.com/dannig/common-player-arrow/script.js?a=19
Requested by
Host: 517s61.reminews.com
URL: https://517s61.reminews.com/dannig/common-player-arrow/index.html?var=1541502&ymid=2112031123694468540d9143a8a3f73091bf&rc=1&mrc=0&fsc=0&zoneid=1601571&tburl=https://play-vids.com/?geo=nl&proxy=true
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
45.133.44.4 Philadelphia, United States, ASN39572 (ADVANCEDHOSTERS-AS, NL),
Reverse DNS
Software
nginx/1.18.0 /
Resource Hash
4d23eca65ee87fd5bce9aaefc863c5f836ad13dbb3069c72533bddfe2054d0d9

Request headers

Accept-Language
nl-NL,nl;q=0.9
Referer
https://517s61.reminews.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date
Fri, 03 Dec 2021 16:23:03 GMT
x-openstack-request-id
tx511d3042704c4fa98c709-00617824f4
x-trans-id
tx511d3042704c4fa98c709-00617824f4
x-timestamp
1631013005.68768
accept-ranges
bytes
expires
Sun, 05 Dec 2021 16:23:03 GMT
last-modified
Tue, 07 Sep 2021 11:10:06 GMT
server
nginx/1.18.0
etag
9d479878f1dadd7ee15cebf73891e8ae
vary
Accept-Encoding
access-control-allow-methods
HEAD,GET,POST,PUT,PATCH,DELETE,OPTIONS
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
access-control-expose-headers
X-Container-Meta-Temp-Url-Key,X-Container-Bytes-Used,Last-Modified,X-Timestamp
cache-control
max-age=172800
content-length
4281
access-control-allow-headers
Content-Type,X-Requested-With,X-Auth-Token,X-Openstack-Request-Id,X-Container-Meta-type,X-Container-Meta-Temp-URL-Key,Authorization
x-proxy-cache
HIT
icon1.png
123.selornews.com/dannig/common-player-arrow/img/ 		7 KB
8 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://123.selornews.com/dannig/common-player-arrow/img/icon1.png
Requested by
Host: 517s61.reminews.com
URL: https://517s61.reminews.com/dannig/common-player-arrow/index.html?var=1541502&ymid=2112031123694468540d9143a8a3f73091bf&rc=1&mrc=0&fsc=0&zoneid=1601571&tburl=https://play-vids.com/?geo=nl&proxy=true
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
45.133.44.4 Philadelphia, United States, ASN39572 (ADVANCEDHOSTERS-AS, NL),
Reverse DNS
Software
nginx/1.18.0 /
Resource Hash

Request headers

Accept-Language
nl-NL,nl;q=0.9
Referer
https://517s61.reminews.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date
Fri, 03 Dec 2021 16:23:03 GMT
x-openstack-request-id
tx3a371b7f911d47879e956-00617824f4
x-trans-id
tx3a371b7f911d47879e956-00617824f4
x-timestamp
1621260766.56573
accept-ranges
bytes
expires
Sun, 05 Dec 2021 16:23:03 GMT
last-modified
Mon, 17 May 2021 14:12:47 GMT
server
nginx/1.18.0
etag
3d0ab5834c8bf7134e4d21fa3288317f
vary
Accept-Encoding
access-control-allow-methods
HEAD,GET,POST,PUT,PATCH,DELETE,OPTIONS
content-type
image/png
access-control-allow-origin
*
access-control-expose-headers
X-Container-Meta-Temp-Url-Key,X-Container-Bytes-Used,Last-Modified,X-Timestamp
cache-control
max-age=172800
content-length
7252
access-control-allow-headers
Content-Type,X-Requested-With,X-Auth-Token,X-Openstack-Request-Id,X-Container-Meta-type,X-Container-Meta-Temp-URL-Key,Authorization
x-proxy-cache
HIT
icon2.png
123.selornews.com/dannig/common-player-arrow/img/ 		4 KB
5 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://123.selornews.com/dannig/common-player-arrow/img/icon2.png
Requested by
Host: 517s61.reminews.com
URL: https://517s61.reminews.com/dannig/common-player-arrow/index.html?var=1541502&ymid=2112031123694468540d9143a8a3f73091bf&rc=1&mrc=0&fsc=0&zoneid=1601571&tburl=https://play-vids.com/?geo=nl&proxy=true
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
45.133.44.4 Philadelphia, United States, ASN39572 (ADVANCEDHOSTERS-AS, NL),
Reverse DNS
Software
nginx/1.18.0 /
Resource Hash

Request headers

Accept-Language
nl-NL,nl;q=0.9
Referer
https://517s61.reminews.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date
Fri, 03 Dec 2021 16:23:03 GMT
x-openstack-request-id
txa9b08c83d6884e2e94886-00617824f0
x-trans-id
txa9b08c83d6884e2e94886-00617824f0
x-timestamp
1621260766.58366
accept-ranges
bytes
expires
Sun, 05 Dec 2021 16:23:03 GMT
last-modified
Mon, 17 May 2021 14:12:47 GMT
server
nginx/1.18.0
etag
c947d439eb93367f1af5b2a3d222f057
vary
Accept-Encoding
access-control-allow-methods
HEAD,GET,POST,PUT,PATCH,DELETE,OPTIONS
content-type
image/png
access-control-allow-origin
*
access-control-expose-headers
X-Container-Meta-Temp-Url-Key,X-Container-Bytes-Used,Last-Modified,X-Timestamp
cache-control
max-age=172800
content-length
4576
access-control-allow-headers
Content-Type,X-Requested-With,X-Auth-Token,X-Openstack-Request-Id,X-Container-Meta-type,X-Container-Meta-Temp-URL-Key,Authorization
x-proxy-cache
HIT
icon3.png
123.selornews.com/dannig/common-player-arrow/img/ 		8 KB
8 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://123.selornews.com/dannig/common-player-arrow/img/icon3.png
Requested by
Host: 517s61.reminews.com
URL: https://517s61.reminews.com/dannig/common-player-arrow/index.html?var=1541502&ymid=2112031123694468540d9143a8a3f73091bf&rc=1&mrc=0&fsc=0&zoneid=1601571&tburl=https://play-vids.com/?geo=nl&proxy=true
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
45.133.44.4 Philadelphia, United States, ASN39572 (ADVANCEDHOSTERS-AS, NL),
Reverse DNS
Software
nginx/1.18.0 /
Resource Hash

Request headers

Accept-Language
nl-NL,nl;q=0.9
Referer
https://517s61.reminews.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date
Fri, 03 Dec 2021 16:23:03 GMT
x-openstack-request-id
txe836bc800dc74cab8c17e-00617824f0
x-trans-id
txe836bc800dc74cab8c17e-00617824f0
x-timestamp
1621260770.61859
accept-ranges
bytes
expires
Sun, 05 Dec 2021 16:23:03 GMT
last-modified
Mon, 17 May 2021 14:12:51 GMT
server
nginx/1.18.0
etag
8f3cc830da0b1fdf66bda7d1d734747b
vary
Accept-Encoding
access-control-allow-methods
HEAD,GET,POST,PUT,PATCH,DELETE,OPTIONS
content-type
image/png
access-control-allow-origin
*
access-control-expose-headers
X-Container-Meta-Temp-Url-Key,X-Container-Bytes-Used,Last-Modified,X-Timestamp
cache-control
max-age=172800
content-length
7847
access-control-allow-headers
Content-Type,X-Requested-With,X-Auth-Token,X-Openstack-Request-Id,X-Container-Meta-type,X-Container-Meta-Temp-URL-Key,Authorization
x-proxy-cache
HIT
icon4.png
123.selornews.com/dannig/common-player-arrow/img/ 		7 KB
7 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://123.selornews.com/dannig/common-player-arrow/img/icon4.png
Requested by
Host: 517s61.reminews.com
URL: https://517s61.reminews.com/dannig/common-player-arrow/index.html?var=1541502&ymid=2112031123694468540d9143a8a3f73091bf&rc=1&mrc=0&fsc=0&zoneid=1601571&tburl=https://play-vids.com/?geo=nl&proxy=true
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
45.133.44.4 Philadelphia, United States, ASN39572 (ADVANCEDHOSTERS-AS, NL),
Reverse DNS
Software
nginx/1.18.0 /
Resource Hash

Request headers

Accept-Language
nl-NL,nl;q=0.9
Referer
https://517s61.reminews.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date
Fri, 03 Dec 2021 16:23:03 GMT
x-openstack-request-id
tx15b172dcb6084849bf123-00617824f0
x-trans-id
tx15b172dcb6084849bf123-00617824f0
x-timestamp
1621260766.57654
accept-ranges
bytes
expires
Sun, 05 Dec 2021 16:23:03 GMT
last-modified
Mon, 17 May 2021 14:12:47 GMT
server
nginx/1.18.0
etag
7ad7f32c1c0df7b4975cc41bda4ac435
vary
Accept-Encoding
access-control-allow-methods
HEAD,GET,POST,PUT,PATCH,DELETE,OPTIONS
content-type
image/png
access-control-allow-origin
*
access-control-expose-headers
X-Container-Meta-Temp-Url-Key,X-Container-Bytes-Used,Last-Modified,X-Timestamp
cache-control
max-age=172800
content-length
7032
access-control-allow-headers
Content-Type,X-Requested-With,X-Auth-Token,X-Openstack-Request-Id,X-Container-Meta-type,X-Container-Meta-Temp-URL-Key,Authorization
x-proxy-cache
HIT
icon5.png
123.selornews.com/dannig/common-player-arrow/img/ 		3 KB
4 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://123.selornews.com/dannig/common-player-arrow/img/icon5.png
Requested by
Host: 517s61.reminews.com
URL: https://517s61.reminews.com/dannig/common-player-arrow/index.html?var=1541502&ymid=2112031123694468540d9143a8a3f73091bf&rc=1&mrc=0&fsc=0&zoneid=1601571&tburl=https://play-vids.com/?geo=nl&proxy=true
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
45.133.44.4 Philadelphia, United States, ASN39572 (ADVANCEDHOSTERS-AS, NL),
Reverse DNS
Software
nginx/1.18.0 /
Resource Hash

Request headers

Accept-Language
nl-NL,nl;q=0.9
Referer
https://517s61.reminews.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date
Fri, 03 Dec 2021 16:23:03 GMT
x-openstack-request-id
txb5043e51fe2e4d6988631-00617824f0
x-trans-id
txb5043e51fe2e4d6988631-00617824f0
x-timestamp
1621260766.74516
accept-ranges
bytes
expires
Sun, 05 Dec 2021 16:23:03 GMT
last-modified
Mon, 17 May 2021 14:12:47 GMT
server
nginx/1.18.0
etag
1e1a7582b5da63e10485d63f97abc9a0
vary
Accept-Encoding
access-control-allow-methods
HEAD,GET,POST,PUT,PATCH,DELETE,OPTIONS
content-type
image/png
access-control-allow-origin
*
access-control-expose-headers
X-Container-Meta-Temp-Url-Key,X-Container-Bytes-Used,Last-Modified,X-Timestamp
cache-control
max-age=172800
content-length
3264
access-control-allow-headers
Content-Type,X-Requested-With,X-Auth-Token,X-Openstack-Request-Id,X-Container-Meta-type,X-Container-Meta-Temp-URL-Key,Authorization
x-proxy-cache
HIT
icon7.png
123.selornews.com/dannig/common-player-arrow/img/ 		3 KB
4 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://123.selornews.com/dannig/common-player-arrow/img/icon7.png
Requested by
Host: 517s61.reminews.com
URL: https://517s61.reminews.com/dannig/common-player-arrow/index.html?var=1541502&ymid=2112031123694468540d9143a8a3f73091bf&rc=1&mrc=0&fsc=0&zoneid=1601571&tburl=https://play-vids.com/?geo=nl&proxy=true
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
45.133.44.4 Philadelphia, United States, ASN39572 (ADVANCEDHOSTERS-AS, NL),
Reverse DNS
Software
nginx/1.18.0 /
Resource Hash

Request headers

Accept-Language
nl-NL,nl;q=0.9
Referer
https://517s61.reminews.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date
Fri, 03 Dec 2021 16:23:03 GMT
x-openstack-request-id
tx23eb648f44094a9e86fdc-00617824f0
x-trans-id
tx23eb648f44094a9e86fdc-00617824f0
x-timestamp
1621260767.43555
accept-ranges
bytes
expires
Sun, 05 Dec 2021 16:23:03 GMT
last-modified
Mon, 17 May 2021 14:12:48 GMT
server
nginx/1.18.0
etag
b512735542cb07b3b2dcf153a7dfe456
vary
Accept-Encoding
access-control-allow-methods
HEAD,GET,POST,PUT,PATCH,DELETE,OPTIONS
content-type
image/png
access-control-allow-origin
*
access-control-expose-headers
X-Container-Meta-Temp-Url-Key,X-Container-Bytes-Used,Last-Modified,X-Timestamp
cache-control
max-age=172800
content-length
3283
access-control-allow-headers
Content-Type,X-Requested-With,X-Auth-Token,X-Openstack-Request-Id,X-Container-Meta-type,X-Container-Meta-Temp-URL-Key,Authorization
x-proxy-cache
HIT
icon8.png
123.selornews.com/dannig/common-player-arrow/img/ 		4 KB
5 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://123.selornews.com/dannig/common-player-arrow/img/icon8.png
Requested by
Host: 517s61.reminews.com
URL: https://517s61.reminews.com/dannig/common-player-arrow/index.html?var=1541502&ymid=2112031123694468540d9143a8a3f73091bf&rc=1&mrc=0&fsc=0&zoneid=1601571&tburl=https://play-vids.com/?geo=nl&proxy=true
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
45.133.44.4 Philadelphia, United States, ASN39572 (ADVANCEDHOSTERS-AS, NL),
Reverse DNS
Software
nginx/1.18.0 /
Resource Hash

Request headers

Accept-Language
nl-NL,nl;q=0.9
Referer
https://517s61.reminews.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date
Fri, 03 Dec 2021 16:23:03 GMT
x-openstack-request-id
tx287de7c84de84b77b385d-00617824f0
x-trans-id
tx287de7c84de84b77b385d-00617824f0
x-timestamp
1621260767.46514
accept-ranges
bytes
expires
Sun, 05 Dec 2021 16:23:03 GMT
last-modified
Mon, 17 May 2021 14:12:48 GMT
server
nginx/1.18.0
etag
f92d6474ebc6a3a0b576749cfb4afe98
vary
Accept-Encoding
access-control-allow-methods
HEAD,GET,POST,PUT,PATCH,DELETE,OPTIONS
content-type
image/png
access-control-allow-origin
*
access-control-expose-headers
X-Container-Meta-Temp-Url-Key,X-Container-Bytes-Used,Last-Modified,X-Timestamp
cache-control
max-age=172800
content-length
4064
access-control-allow-headers
Content-Type,X-Requested-With,X-Auth-Token,X-Openstack-Request-Id,X-Container-Meta-type,X-Container-Meta-Temp-URL-Key,Authorization
x-proxy-cache
HIT
afu.php
kneeansweras.com/ 		2 KB
1 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://kneeansweras.com/afu.php?zoneid=1541501&var=1541502
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
109.206.162.83 , Netherlands, ASN50245 (SERVEREL-AS, NL),
Reverse DNS
83.162.serverel.net
Software
nginx /
Resource Hash
9befb55beafa21949f68ee9c2b112a0a4f6e87ba2085b451e1bd16763725f31b

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36
Accept-Language
nl-NL,nl;q=0.9

Response headers

server
nginx
date
Fri, 03 Dec 2021 16:23:03 GMT
content-type
text/html; charset=utf-8
vary
Accept-Encoding
content-encoding
gzip
timing-allow-origin
*
submit.min.js
kneeansweras.com/ 		34 KB
14 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://kneeansweras.com/submit.min.js?2.0
Requested by
Host: kneeansweras.com
URL: https://kneeansweras.com/afu.php?zoneid=1541501&var=1541502
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
109.206.162.83 , Netherlands, ASN50245 (SERVEREL-AS, NL),
Reverse DNS
83.162.serverel.net
Software
nginx /
Resource Hash
85a367f436675a0f9ff723ab117c68ab0f704cd9f183bc40c8d5e06d647832b8

Request headers

Accept-Language
nl-NL,nl;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date
Fri, 03 Dec 2021 16:23:03 GMT
content-encoding
gzip
last-modified
Thu, 02 Dec 2021 12:43:17 GMT
server
nginx
etag
W/"61a8bf65-87fb"
vary
Accept-Encoding
content-type
application/javascript
timing-allow-origin
*
/
kneeansweras.com/ 		3 KB
2 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://kneeansweras.com/?r=dir&zoneid=1541501&var=1541502&pb=b9b2a3a0d6aeb2daea54738224aa55171638555783&psp=_YSD4thseUvIhH6Hl6bH2vf0jYC_eu1pbDB4EPnvWGYWdEg3mnX3Y-gs6u1VrCcH8P2KNHE8T0OKpWrtStFdZuFe-H9bQ8ZU2QwYHV5oNWVhby8zzH-Rz4XeEKbj6nHCo9d9zZq0SxT0WTEBWCDBNhJ9MueomESTxBCWlcGs2uRUxmARamDAT1OsqrajzY8gQYS32rhe10fedcWcDfjtwDmHXUL7XxEcuDjwnRCw9sDAQDEJ23Zr_knihsZ-ITqd91zpIPHPWS9DCFD2t2MiJ4oFw0u2tVTpH--fX_ii80Y-ErpYay2Fkg6cDe9l-OcvkrtBXCLUm50bdLgzxCyJ3L-85Q3pUpZoaXm65rT9GNCgt-Tt8W-OKuWURqSRiZ0LI4Tfc8YtrDO9I4F_VQE4fP0ufwuaXgo58YhKYBYxU6iMVV2ud64zWb946teRfxFhbs6i6c-5mWjHcJqthHZl4hBbeiaJjU6JgMMNOwldbmLKl18MV6wzNM61WGF4LjoJQuIGX1Z_NMsfzL9X-bZJoupHgt8x5bY5QUYP8a1GNA-qm-xZKU0ZIjHYNkL0r7PsSJzGPPFntGJXiDlLPKDZu8825R2h6HBGwYwlVk-PQj7wsttsqtQfcZsbYn5xejdlPsO4ca2e--mOwt80pHseAoD6foyoUWeaJOdFssqOrlW87r97uuii1Q==&nojs=0&ix=0&t=0&x=1600&y=1200&wcks=1&wgl=1&cnvs=1&os=0&md=0&bb=0&pl=Chrome%20PDF%20Plugin::Chrome%20PDF%20Viewer::Native%20Client&lang=en-US&pf=Linux%20x86_64&cd=24&0&pload=126
Requested by
Host: kneeansweras.com
URL: https://kneeansweras.com/submit.min.js?2.0
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
109.206.162.83 , Netherlands, ASN50245 (SERVEREL-AS, NL),
Reverse DNS
83.162.serverel.net
Software
nginx /
Resource Hash
e743ae05ad4781043893c3c3c895aa5afc81a900d4594b4e17c999aa20f9745b

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36
Accept-Language
nl-NL,nl;q=0.9

Response headers

server
nginx
date
Fri, 03 Dec 2021 16:23:03 GMT
content-type
text/html; charset=utf-8
vary
Accept-Encoding
content-encoding
gzip
timing-allow-origin
*
index.html
517s61.reminews.com/dannig/common-player-arrow/ 		6 KB
7 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://517s61.reminews.com/dannig/common-player-arrow/index.html?var=1541501&ymid=21120311231ce80a36ec5947e88d25c219c3&rc=1&mrc=0&fsc=0&zoneid=1601571&tburl=https://play-vids.com/?geo=nl&proxy=true
Requested by
Host: kneeansweras.com
URL: https://kneeansweras.com/?r=dir&zoneid=1541501&var=1541502&pb=b9b2a3a0d6aeb2daea54738224aa55171638555783&psp=_YSD4thseUvIhH6Hl6bH2vf0jYC_eu1pbDB4EPnvWGYWdEg3mnX3Y-gs6u1VrCcH8P2KNHE8T0OKpWrtStFdZuFe-H9bQ8ZU2QwYHV5oNWVhby8zzH-Rz4XeEKbj6nHCo9d9zZq0SxT0WTEBWCDBNhJ9MueomESTxBCWlcGs2uRUxmARamDAT1OsqrajzY8gQYS32rhe10fedcWcDfjtwDmHXUL7XxEcuDjwnRCw9sDAQDEJ23Zr_knihsZ-ITqd91zpIPHPWS9DCFD2t2MiJ4oFw0u2tVTpH--fX_ii80Y-ErpYay2Fkg6cDe9l-OcvkrtBXCLUm50bdLgzxCyJ3L-85Q3pUpZoaXm65rT9GNCgt-Tt8W-OKuWURqSRiZ0LI4Tfc8YtrDO9I4F_VQE4fP0ufwuaXgo58YhKYBYxU6iMVV2ud64zWb946teRfxFhbs6i6c-5mWjHcJqthHZl4hBbeiaJjU6JgMMNOwldbmLKl18MV6wzNM61WGF4LjoJQuIGX1Z_NMsfzL9X-bZJoupHgt8x5bY5QUYP8a1GNA-qm-xZKU0ZIjHYNkL0r7PsSJzGPPFntGJXiDlLPKDZu8825R2h6HBGwYwlVk-PQj7wsttsqtQfcZsbYn5xejdlPsO4ca2e--mOwt80pHseAoD6foyoUWeaJOdFssqOrlW87r97uuii1Q==&nojs=0&ix=0&t=0&x=1600&y=1200&wcks=1&wgl=1&cnvs=1&os=0&md=0&bb=0&pl=Chrome%20PDF%20Plugin::Chrome%20PDF%20Viewer::Native%20Client&lang=en-US&pf=Linux%20x86_64&cd=24&0&pload=126
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
45.133.44.3 Philadelphia, United States, ASN39572 (ADVANCEDHOSTERS-AS, NL),
Reverse DNS
Software
nginx/1.18.0 /
Resource Hash
dccc56b4834577790633f041a5c730b0f283352e63c8509a9da3961b170b6f96

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36
Accept-Language
nl-NL,nl;q=0.9

Response headers

date
Fri, 03 Dec 2021 16:23:03 GMT
content-type
text/html; charset=utf-8
content-length
6611
server
nginx/1.18.0
last-modified
Tue, 26 Oct 2021 15:52:40 GMT
etag
f46a63e0e4e733d7ddc6f46da00863bf
x-timestamp
1635263559.76455
x-trans-id
txf9973ab5455e4f86ae257-00617824f3
x-openstack-request-id
txf9973ab5455e4f86ae257-00617824f3
cache-control
max-age=172800
access-control-allow-origin
*
access-control-allow-methods
HEAD,GET,POST,PUT,PATCH,DELETE,OPTIONS
access-control-allow-headers
Content-Type,X-Requested-With,X-Auth-Token,X-Openstack-Request-Id,X-Container-Meta-type,X-Container-Meta-Temp-URL-Key,Authorization
access-control-expose-headers
X-Container-Meta-Temp-Url-Key,X-Container-Bytes-Used,Last-Modified,X-Timestamp
expires
Sun, 05 Dec 2021 16:23:03 GMT
vary
Accept-Encoding
x-proxy-cache
HIT
accept-ranges
bytes
dupa.gif
kneeansweras.com/ 		0
0
script.js
123.selornews.com/dannig/common-player-arrow/ 		4 KB
5 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://123.selornews.com/dannig/common-player-arrow/script.js?a=19
Requested by
Host: 517s61.reminews.com
URL: https://517s61.reminews.com/dannig/common-player-arrow/index.html?var=1541501&ymid=21120311231ce80a36ec5947e88d25c219c3&rc=1&mrc=0&fsc=0&zoneid=1601571&tburl=https://play-vids.com/?geo=nl&proxy=true
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
45.133.44.4 Philadelphia, United States, ASN39572 (ADVANCEDHOSTERS-AS, NL),
Reverse DNS
Software
nginx/1.18.0 /
Resource Hash
4d23eca65ee87fd5bce9aaefc863c5f836ad13dbb3069c72533bddfe2054d0d9

Request headers

Accept-Language
nl-NL,nl;q=0.9
Referer
https://517s61.reminews.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date
Fri, 03 Dec 2021 16:23:03 GMT
x-openstack-request-id
tx511d3042704c4fa98c709-00617824f4
x-trans-id
tx511d3042704c4fa98c709-00617824f4
x-timestamp
1631013005.68768
accept-ranges
bytes
expires
Sun, 05 Dec 2021 16:23:03 GMT
last-modified
Tue, 07 Sep 2021 11:10:06 GMT
server
nginx/1.18.0
etag
9d479878f1dadd7ee15cebf73891e8ae
vary
Accept-Encoding
access-control-allow-methods
HEAD,GET,POST,PUT,PATCH,DELETE,OPTIONS
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
access-control-expose-headers
X-Container-Meta-Temp-Url-Key,X-Container-Bytes-Used,Last-Modified,X-Timestamp
cache-control
max-age=172800
content-length
4281
access-control-allow-headers
Content-Type,X-Requested-With,X-Auth-Token,X-Openstack-Request-Id,X-Container-Meta-type,X-Container-Meta-Temp-URL-Key,Authorization
x-proxy-cache
HIT
icon1.png
123.selornews.com/dannig/common-player-arrow/img/ 		7 KB
8 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://123.selornews.com/dannig/common-player-arrow/img/icon1.png
Requested by
Host: 517s61.reminews.com
URL: https://517s61.reminews.com/dannig/common-player-arrow/index.html?var=1541501&ymid=21120311231ce80a36ec5947e88d25c219c3&rc=1&mrc=0&fsc=0&zoneid=1601571&tburl=https://play-vids.com/?geo=nl&proxy=true
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
45.133.44.4 Philadelphia, United States, ASN39572 (ADVANCEDHOSTERS-AS, NL),
Reverse DNS
Software
nginx/1.18.0 /
Resource Hash

Request headers

Accept-Language
nl-NL,nl;q=0.9
Referer
https://517s61.reminews.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date
Fri, 03 Dec 2021 16:23:03 GMT
x-openstack-request-id
tx3a371b7f911d47879e956-00617824f4
x-trans-id
tx3a371b7f911d47879e956-00617824f4
x-timestamp
1621260766.56573
accept-ranges
bytes
expires
Sun, 05 Dec 2021 16:23:03 GMT
last-modified
Mon, 17 May 2021 14:12:47 GMT
server
nginx/1.18.0
etag
3d0ab5834c8bf7134e4d21fa3288317f
vary
Accept-Encoding
access-control-allow-methods
HEAD,GET,POST,PUT,PATCH,DELETE,OPTIONS
content-type
image/png
access-control-allow-origin
*
access-control-expose-headers
X-Container-Meta-Temp-Url-Key,X-Container-Bytes-Used,Last-Modified,X-Timestamp
cache-control
max-age=172800
content-length
7252
access-control-allow-headers
Content-Type,X-Requested-With,X-Auth-Token,X-Openstack-Request-Id,X-Container-Meta-type,X-Container-Meta-Temp-URL-Key,Authorization
x-proxy-cache
HIT
icon2.png
123.selornews.com/dannig/common-player-arrow/img/ 		0
0
icon3.png
123.selornews.com/dannig/common-player-arrow/img/ 		0
0
icon4.png
123.selornews.com/dannig/common-player-arrow/img/ 		0
0
icon5.png
123.selornews.com/dannig/common-player-arrow/img/ 		0
0
icon7.png
123.selornews.com/dannig/common-player-arrow/img/ 		0
0
icon8.png
123.selornews.com/dannig/common-player-arrow/img/ 		0
0
afu.php
kneeansweras.com/ 		2 KB
1 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://kneeansweras.com/afu.php?zoneid=1541502&var=1541501
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
109.206.162.83 , Netherlands, ASN50245 (SERVEREL-AS, NL),
Reverse DNS
83.162.serverel.net
Software
nginx /
Resource Hash
f3b0cddaf385c1b611dad07c821770504dacf5497bd700ddfac98f0e563ab026

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36
Accept-Language
nl-NL,nl;q=0.9

Response headers

server
nginx
date
Fri, 03 Dec 2021 16:23:03 GMT
content-type
text/html; charset=utf-8
vary
Accept-Encoding
content-encoding
gzip
timing-allow-origin
*
submit.min.js
kneeansweras.com/ 		34 KB
14 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://kneeansweras.com/submit.min.js?2.0
Requested by
Host: kneeansweras.com
URL: https://kneeansweras.com/afu.php?zoneid=1541502&var=1541501
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
109.206.162.83 , Netherlands, ASN50245 (SERVEREL-AS, NL),
Reverse DNS
83.162.serverel.net
Software
nginx /
Resource Hash
85a367f436675a0f9ff723ab117c68ab0f704cd9f183bc40c8d5e06d647832b8

Request headers

Accept-Language
nl-NL,nl;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date
Fri, 03 Dec 2021 16:23:03 GMT
content-encoding
gzip
last-modified
Thu, 02 Dec 2021 12:43:17 GMT
server
nginx
etag
W/"61a8bf65-87fb"
vary
Accept-Encoding
content-type
application/javascript
timing-allow-origin
*
/
kneeansweras.com/ 		3 KB
2 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://kneeansweras.com/?r=dir&zoneid=1541502&var=1541501&pb=b9b2a3a0d6aeb2daea54738224aa55171638555783&psp=Yy0QahBVxiyQtAtqiUnVR8S-WaREutFVpK43c8GvzHkrq59j4QZvSajMGLHhu7ghb26UNcSKAejN79n9trvxuEFZQR1UNEI9LijCMazxf1EHZaEBcs6xTwt8R26G3USzk6KOtgL9VbicFuLEGGM1UT-VYTDD0MqGJ6spMAxqIWuwO9KAexLgVJOegsi0DHYBMFfKD7GSsRgb6ZhEUi_1K4Qfvh0H7USFPPsqlJrPdv4RC3zz53A5cBvqf3d_E7ZrrFCwUDXCkiV3yu4cnpz5pBnrj9M0x8c6NLhuYnualptnWB_S2gReaYS_wmtV1Yr2j2C0hXMWKwCiX9Cz9iY_AU2pVy-TF5REovyNnCwiNZWkknIniJ1-Fe65CxwpzB1g3U1CMvLOIJzzABNPf8WrLrfYCm8Dtjm9GEVsrib-Wuv1Qr8-MJyQvIkBBoEzuDGPpe-ZgtyUUpynnKRVM0eRS-yirGVwnPL2KT5-8k8LqXw0X--Ad3hjq53B7C1yQE4utkvl_DHUPAwcec0-J_EDYpSCFFAcbTe7WWyy8A3usH8HsPArgnFPrXbDtTFW0sFi2CwcwYPaLipEvxL8a-RgCZOwDWenROGNd4LrI5M5AgYrprhMtTqGL1MM2G-swZbz5qxoRj6kvApuIArVDqPqOY4tmlCstVQZywq3rMEkDLICGcDBXNCQdQ==&nojs=0&ix=0&t=0&x=1600&y=1200&wcks=1&wgl=1&cnvs=1&os=0&md=0&bb=0&pl=Chrome%20PDF%20Plugin::Chrome%20PDF%20Viewer::Native%20Client&lang=en-US&pf=Linux%20x86_64&cd=24&0&pload=106
Requested by
Host: kneeansweras.com
URL: https://kneeansweras.com/submit.min.js?2.0
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
109.206.162.83 , Netherlands, ASN50245 (SERVEREL-AS, NL),
Reverse DNS
83.162.serverel.net
Software
nginx /
Resource Hash
a1c1ae22ce58f89684ebcd88a2fda6257be49abf7a2d5d0cff2ce7beea31c671

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36
Accept-Language
nl-NL,nl;q=0.9

Response headers

server
nginx
date
Fri, 03 Dec 2021 16:23:03 GMT
content-type
text/html; charset=utf-8
vary
Accept-Encoding
content-encoding
gzip
timing-allow-origin
*
index.html
517s61.reminews.com/dannig/common-player-arrow/ 		6 KB
7 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://517s61.reminews.com/dannig/common-player-arrow/index.html?var=1541502&ymid=2112031123bb8bc8e663d641a4bc9099995b&rc=1&mrc=0&fsc=0&zoneid=1601571&tburl=https://play-vids.com/?geo=nl&proxy=true
Requested by
Host: kneeansweras.com
URL: https://kneeansweras.com/?r=dir&zoneid=1541502&var=1541501&pb=b9b2a3a0d6aeb2daea54738224aa55171638555783&psp=Yy0QahBVxiyQtAtqiUnVR8S-WaREutFVpK43c8GvzHkrq59j4QZvSajMGLHhu7ghb26UNcSKAejN79n9trvxuEFZQR1UNEI9LijCMazxf1EHZaEBcs6xTwt8R26G3USzk6KOtgL9VbicFuLEGGM1UT-VYTDD0MqGJ6spMAxqIWuwO9KAexLgVJOegsi0DHYBMFfKD7GSsRgb6ZhEUi_1K4Qfvh0H7USFPPsqlJrPdv4RC3zz53A5cBvqf3d_E7ZrrFCwUDXCkiV3yu4cnpz5pBnrj9M0x8c6NLhuYnualptnWB_S2gReaYS_wmtV1Yr2j2C0hXMWKwCiX9Cz9iY_AU2pVy-TF5REovyNnCwiNZWkknIniJ1-Fe65CxwpzB1g3U1CMvLOIJzzABNPf8WrLrfYCm8Dtjm9GEVsrib-Wuv1Qr8-MJyQvIkBBoEzuDGPpe-ZgtyUUpynnKRVM0eRS-yirGVwnPL2KT5-8k8LqXw0X--Ad3hjq53B7C1yQE4utkvl_DHUPAwcec0-J_EDYpSCFFAcbTe7WWyy8A3usH8HsPArgnFPrXbDtTFW0sFi2CwcwYPaLipEvxL8a-RgCZOwDWenROGNd4LrI5M5AgYrprhMtTqGL1MM2G-swZbz5qxoRj6kvApuIArVDqPqOY4tmlCstVQZywq3rMEkDLICGcDBXNCQdQ==&nojs=0&ix=0&t=0&x=1600&y=1200&wcks=1&wgl=1&cnvs=1&os=0&md=0&bb=0&pl=Chrome%20PDF%20Plugin::Chrome%20PDF%20Viewer::Native%20Client&lang=en-US&pf=Linux%20x86_64&cd=24&0&pload=106
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
45.133.44.3 Philadelphia, United States, ASN39572 (ADVANCEDHOSTERS-AS, NL),
Reverse DNS
Software
nginx/1.18.0 /
Resource Hash
dccc56b4834577790633f041a5c730b0f283352e63c8509a9da3961b170b6f96

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36
Accept-Language
nl-NL,nl;q=0.9

Response headers

date
Fri, 03 Dec 2021 16:23:03 GMT
content-type
text/html; charset=utf-8
content-length
6611
server
nginx/1.18.0
last-modified
Tue, 26 Oct 2021 15:52:40 GMT
etag
f46a63e0e4e733d7ddc6f46da00863bf
x-timestamp
1635263559.76455
x-trans-id
txf9973ab5455e4f86ae257-00617824f3
x-openstack-request-id
txf9973ab5455e4f86ae257-00617824f3
cache-control
max-age=172800
access-control-allow-origin
*
access-control-allow-methods
HEAD,GET,POST,PUT,PATCH,DELETE,OPTIONS
access-control-allow-headers
Content-Type,X-Requested-With,X-Auth-Token,X-Openstack-Request-Id,X-Container-Meta-type,X-Container-Meta-Temp-URL-Key,Authorization
access-control-expose-headers
X-Container-Meta-Temp-Url-Key,X-Container-Bytes-Used,Last-Modified,X-Timestamp
expires
Sun, 05 Dec 2021 16:23:03 GMT
vary
Accept-Encoding
x-proxy-cache
HIT
accept-ranges
bytes
dupa.gif
kneeansweras.com/ 		0
0
script.js
123.selornews.com/dannig/common-player-arrow/ 		4 KB
5 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://123.selornews.com/dannig/common-player-arrow/script.js?a=19
Requested by
Host: 517s61.reminews.com
URL: https://517s61.reminews.com/dannig/common-player-arrow/index.html?var=1541502&ymid=2112031123bb8bc8e663d641a4bc9099995b&rc=1&mrc=0&fsc=0&zoneid=1601571&tburl=https://play-vids.com/?geo=nl&proxy=true
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
45.133.44.4 Philadelphia, United States, ASN39572 (ADVANCEDHOSTERS-AS, NL),
Reverse DNS
Software
nginx/1.18.0 /
Resource Hash
4d23eca65ee87fd5bce9aaefc863c5f836ad13dbb3069c72533bddfe2054d0d9

Request headers

Accept-Language
nl-NL,nl;q=0.9
Referer
https://517s61.reminews.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date
Fri, 03 Dec 2021 16:23:04 GMT
x-openstack-request-id
tx511d3042704c4fa98c709-00617824f4
x-trans-id
tx511d3042704c4fa98c709-00617824f4
x-timestamp
1631013005.68768
accept-ranges
bytes
expires
Sun, 05 Dec 2021 16:23:04 GMT
last-modified
Tue, 07 Sep 2021 11:10:06 GMT
server
nginx/1.18.0
etag
9d479878f1dadd7ee15cebf73891e8ae
vary
Accept-Encoding
access-control-allow-methods
HEAD,GET,POST,PUT,PATCH,DELETE,OPTIONS
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
access-control-expose-headers
X-Container-Meta-Temp-Url-Key,X-Container-Bytes-Used,Last-Modified,X-Timestamp
cache-control
max-age=172800
content-length
4281
access-control-allow-headers
Content-Type,X-Requested-With,X-Auth-Token,X-Openstack-Request-Id,X-Container-Meta-type,X-Container-Meta-Temp-URL-Key,Authorization
x-proxy-cache
HIT
icon1.png
123.selornews.com/dannig/common-player-arrow/img/ 		7 KB
8 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://123.selornews.com/dannig/common-player-arrow/img/icon1.png
Requested by
Host: 517s61.reminews.com
URL: https://517s61.reminews.com/dannig/common-player-arrow/index.html?var=1541502&ymid=2112031123bb8bc8e663d641a4bc9099995b&rc=1&mrc=0&fsc=0&zoneid=1601571&tburl=https://play-vids.com/?geo=nl&proxy=true
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
45.133.44.4 Philadelphia, United States, ASN39572 (ADVANCEDHOSTERS-AS, NL),
Reverse DNS
Software
nginx/1.18.0 /
Resource Hash
0515ddd9185d263874e7b66bb6d521fcd63b857aac5fed51c08df98026dafe27

Request headers

Accept-Language
nl-NL,nl;q=0.9
Referer
https://517s61.reminews.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date
Fri, 03 Dec 2021 16:23:04 GMT
x-openstack-request-id
tx3a371b7f911d47879e956-00617824f4
x-trans-id
tx3a371b7f911d47879e956-00617824f4
x-timestamp
1621260766.56573
accept-ranges
bytes
expires
Sun, 05 Dec 2021 16:23:04 GMT
last-modified
Mon, 17 May 2021 14:12:47 GMT
server
nginx/1.18.0
etag
3d0ab5834c8bf7134e4d21fa3288317f
vary
Accept-Encoding
access-control-allow-methods
HEAD,GET,POST,PUT,PATCH,DELETE,OPTIONS
content-type
image/png
access-control-allow-origin
*
access-control-expose-headers
X-Container-Meta-Temp-Url-Key,X-Container-Bytes-Used,Last-Modified,X-Timestamp
cache-control
max-age=172800
content-length
7252
access-control-allow-headers
Content-Type,X-Requested-With,X-Auth-Token,X-Openstack-Request-Id,X-Container-Meta-type,X-Container-Meta-Temp-URL-Key,Authorization
x-proxy-cache
HIT
icon2.png
123.selornews.com/dannig/common-player-arrow/img/ 		4 KB
5 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://123.selornews.com/dannig/common-player-arrow/img/icon2.png
Requested by
Host: 517s61.reminews.com
URL: https://517s61.reminews.com/dannig/common-player-arrow/index.html?var=1541502&ymid=2112031123bb8bc8e663d641a4bc9099995b&rc=1&mrc=0&fsc=0&zoneid=1601571&tburl=https://play-vids.com/?geo=nl&proxy=true
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
45.133.44.4 Philadelphia, United States, ASN39572 (ADVANCEDHOSTERS-AS, NL),
Reverse DNS
Software
nginx/1.18.0 /
Resource Hash

Request headers

Accept-Language
nl-NL,nl;q=0.9
Referer
https://517s61.reminews.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date
Fri, 03 Dec 2021 16:23:04 GMT
x-openstack-request-id
txa9b08c83d6884e2e94886-00617824f0
x-trans-id
txa9b08c83d6884e2e94886-00617824f0
x-timestamp
1621260766.58366
accept-ranges
bytes
expires
Sun, 05 Dec 2021 16:23:04 GMT
last-modified
Mon, 17 May 2021 14:12:47 GMT
server
nginx/1.18.0
etag
c947d439eb93367f1af5b2a3d222f057
vary
Accept-Encoding
access-control-allow-methods
HEAD,GET,POST,PUT,PATCH,DELETE,OPTIONS
content-type
image/png
access-control-allow-origin
*
access-control-expose-headers
X-Container-Meta-Temp-Url-Key,X-Container-Bytes-Used,Last-Modified,X-Timestamp
cache-control
max-age=172800
content-length
4576
access-control-allow-headers
Content-Type,X-Requested-With,X-Auth-Token,X-Openstack-Request-Id,X-Container-Meta-type,X-Container-Meta-Temp-URL-Key,Authorization
x-proxy-cache
HIT
icon3.png
123.selornews.com/dannig/common-player-arrow/img/ 		8 KB
8 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://123.selornews.com/dannig/common-player-arrow/img/icon3.png
Requested by
Host: 517s61.reminews.com
URL: https://517s61.reminews.com/dannig/common-player-arrow/index.html?var=1541502&ymid=2112031123bb8bc8e663d641a4bc9099995b&rc=1&mrc=0&fsc=0&zoneid=1601571&tburl=https://play-vids.com/?geo=nl&proxy=true
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
45.133.44.4 Philadelphia, United States, ASN39572 (ADVANCEDHOSTERS-AS, NL),
Reverse DNS
Software
nginx/1.18.0 /
Resource Hash

Request headers

Accept-Language
nl-NL,nl;q=0.9
Referer
https://517s61.reminews.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date
Fri, 03 Dec 2021 16:23:04 GMT
x-openstack-request-id
txe836bc800dc74cab8c17e-00617824f0
x-trans-id
txe836bc800dc74cab8c17e-00617824f0
x-timestamp
1621260770.61859
accept-ranges
bytes
expires
Sun, 05 Dec 2021 16:23:04 GMT
last-modified
Mon, 17 May 2021 14:12:51 GMT
server
nginx/1.18.0
etag
8f3cc830da0b1fdf66bda7d1d734747b
vary
Accept-Encoding
access-control-allow-methods
HEAD,GET,POST,PUT,PATCH,DELETE,OPTIONS
content-type
image/png
access-control-allow-origin
*
access-control-expose-headers
X-Container-Meta-Temp-Url-Key,X-Container-Bytes-Used,Last-Modified,X-Timestamp
cache-control
max-age=172800
content-length
7847
access-control-allow-headers
Content-Type,X-Requested-With,X-Auth-Token,X-Openstack-Request-Id,X-Container-Meta-type,X-Container-Meta-Temp-URL-Key,Authorization
x-proxy-cache
HIT
icon4.png
123.selornews.com/dannig/common-player-arrow/img/ 		7 KB
7 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://123.selornews.com/dannig/common-player-arrow/img/icon4.png
Requested by
Host: 517s61.reminews.com
URL: https://517s61.reminews.com/dannig/common-player-arrow/index.html?var=1541502&ymid=2112031123bb8bc8e663d641a4bc9099995b&rc=1&mrc=0&fsc=0&zoneid=1601571&tburl=https://play-vids.com/?geo=nl&proxy=true
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
45.133.44.4 Philadelphia, United States, ASN39572 (ADVANCEDHOSTERS-AS, NL),
Reverse DNS
Software
nginx/1.18.0 /
Resource Hash

Request headers

Accept-Language
nl-NL,nl;q=0.9
Referer
https://517s61.reminews.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date
Fri, 03 Dec 2021 16:23:04 GMT
x-openstack-request-id
tx15b172dcb6084849bf123-00617824f0
x-trans-id
tx15b172dcb6084849bf123-00617824f0
x-timestamp
1621260766.57654
accept-ranges
bytes
expires
Sun, 05 Dec 2021 16:23:04 GMT
last-modified
Mon, 17 May 2021 14:12:47 GMT
server
nginx/1.18.0
etag
7ad7f32c1c0df7b4975cc41bda4ac435
vary
Accept-Encoding
access-control-allow-methods
HEAD,GET,POST,PUT,PATCH,DELETE,OPTIONS
content-type
image/png
access-control-allow-origin
*
access-control-expose-headers
X-Container-Meta-Temp-Url-Key,X-Container-Bytes-Used,Last-Modified,X-Timestamp
cache-control
max-age=172800
content-length
7032
access-control-allow-headers
Content-Type,X-Requested-With,X-Auth-Token,X-Openstack-Request-Id,X-Container-Meta-type,X-Container-Meta-Temp-URL-Key,Authorization
x-proxy-cache
HIT
icon5.png
123.selornews.com/dannig/common-player-arrow/img/ 		3 KB
4 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://123.selornews.com/dannig/common-player-arrow/img/icon5.png
Requested by
Host: 517s61.reminews.com
URL: https://517s61.reminews.com/dannig/common-player-arrow/index.html?var=1541502&ymid=2112031123bb8bc8e663d641a4bc9099995b&rc=1&mrc=0&fsc=0&zoneid=1601571&tburl=https://play-vids.com/?geo=nl&proxy=true
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
45.133.44.4 Philadelphia, United States, ASN39572 (ADVANCEDHOSTERS-AS, NL),
Reverse DNS
Software
nginx/1.18.0 /
Resource Hash

Request headers

Accept-Language
nl-NL,nl;q=0.9
Referer
https://517s61.reminews.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date
Fri, 03 Dec 2021 16:23:04 GMT
x-openstack-request-id
txb5043e51fe2e4d6988631-00617824f0
x-trans-id
txb5043e51fe2e4d6988631-00617824f0
x-timestamp
1621260766.74516
accept-ranges
bytes
expires
Sun, 05 Dec 2021 16:23:04 GMT
last-modified
Mon, 17 May 2021 14:12:47 GMT
server
nginx/1.18.0
etag
1e1a7582b5da63e10485d63f97abc9a0
vary
Accept-Encoding
access-control-allow-methods
HEAD,GET,POST,PUT,PATCH,DELETE,OPTIONS
content-type
image/png
access-control-allow-origin
*
access-control-expose-headers
X-Container-Meta-Temp-Url-Key,X-Container-Bytes-Used,Last-Modified,X-Timestamp
cache-control
max-age=172800
content-length
3264
access-control-allow-headers
Content-Type,X-Requested-With,X-Auth-Token,X-Openstack-Request-Id,X-Container-Meta-type,X-Container-Meta-Temp-URL-Key,Authorization
x-proxy-cache
HIT
icon7.png
123.selornews.com/dannig/common-player-arrow/img/ 		3 KB
4 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://123.selornews.com/dannig/common-player-arrow/img/icon7.png
Requested by
Host: 517s61.reminews.com
URL: https://517s61.reminews.com/dannig/common-player-arrow/index.html?var=1541502&ymid=2112031123bb8bc8e663d641a4bc9099995b&rc=1&mrc=0&fsc=0&zoneid=1601571&tburl=https://play-vids.com/?geo=nl&proxy=true
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
45.133.44.4 Philadelphia, United States, ASN39572 (ADVANCEDHOSTERS-AS, NL),
Reverse DNS
Software
nginx/1.18.0 /
Resource Hash

Request headers

Accept-Language
nl-NL,nl;q=0.9
Referer
https://517s61.reminews.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date
Fri, 03 Dec 2021 16:23:04 GMT
x-openstack-request-id
tx23eb648f44094a9e86fdc-00617824f0
x-trans-id
tx23eb648f44094a9e86fdc-00617824f0
x-timestamp
1621260767.43555
accept-ranges
bytes
expires
Sun, 05 Dec 2021 16:23:04 GMT
last-modified
Mon, 17 May 2021 14:12:48 GMT
server
nginx/1.18.0
etag
b512735542cb07b3b2dcf153a7dfe456
vary
Accept-Encoding
access-control-allow-methods
HEAD,GET,POST,PUT,PATCH,DELETE,OPTIONS
content-type
image/png
access-control-allow-origin
*
access-control-expose-headers
X-Container-Meta-Temp-Url-Key,X-Container-Bytes-Used,Last-Modified,X-Timestamp
cache-control
max-age=172800
content-length
3283
access-control-allow-headers
Content-Type,X-Requested-With,X-Auth-Token,X-Openstack-Request-Id,X-Container-Meta-type,X-Container-Meta-Temp-URL-Key,Authorization
x-proxy-cache
HIT
icon8.png
123.selornews.com/dannig/common-player-arrow/img/ 		4 KB
5 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://123.selornews.com/dannig/common-player-arrow/img/icon8.png
Requested by
Host: 517s61.reminews.com
URL: https://517s61.reminews.com/dannig/common-player-arrow/index.html?var=1541502&ymid=2112031123bb8bc8e663d641a4bc9099995b&rc=1&mrc=0&fsc=0&zoneid=1601571&tburl=https://play-vids.com/?geo=nl&proxy=true
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
45.133.44.4 Philadelphia, United States, ASN39572 (ADVANCEDHOSTERS-AS, NL),
Reverse DNS
Software
nginx/1.18.0 /
Resource Hash

Request headers

Accept-Language
nl-NL,nl;q=0.9
Referer
https://517s61.reminews.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date
Fri, 03 Dec 2021 16:23:04 GMT
x-openstack-request-id
tx287de7c84de84b77b385d-00617824f0
x-trans-id
tx287de7c84de84b77b385d-00617824f0
x-timestamp
1621260767.46514
accept-ranges
bytes
expires
Sun, 05 Dec 2021 16:23:04 GMT
last-modified
Mon, 17 May 2021 14:12:48 GMT
server
nginx/1.18.0
etag
f92d6474ebc6a3a0b576749cfb4afe98
vary
Accept-Encoding
access-control-allow-methods
HEAD,GET,POST,PUT,PATCH,DELETE,OPTIONS
content-type
image/png
access-control-allow-origin
*
access-control-expose-headers
X-Container-Meta-Temp-Url-Key,X-Container-Bytes-Used,Last-Modified,X-Timestamp
cache-control
max-age=172800
content-length
4064
access-control-allow-headers
Content-Type,X-Requested-With,X-Auth-Token,X-Openstack-Request-Id,X-Container-Meta-type,X-Container-Meta-Temp-URL-Key,Authorization
x-proxy-cache
HIT
afu.php
kneeansweras.com/ 		2 KB
1 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://kneeansweras.com/afu.php?zoneid=1541501&var=1541502
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
109.206.162.83 , Netherlands, ASN50245 (SERVEREL-AS, NL),
Reverse DNS
83.162.serverel.net
Software
nginx /
Resource Hash
97e4ad9e7baabf0dc9d96d7eec2c90e6f4b51abae6716cfbe1502a08763ca42a

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36
Accept-Language
nl-NL,nl;q=0.9

Response headers

server
nginx
date
Fri, 03 Dec 2021 16:23:04 GMT
content-type
text/html; charset=utf-8
vary
Accept-Encoding
content-encoding
gzip
timing-allow-origin
*
submit.min.js
kneeansweras.com/ 		34 KB
14 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://kneeansweras.com/submit.min.js?2.0
Requested by
Host: kneeansweras.com
URL: https://kneeansweras.com/afu.php?zoneid=1541501&var=1541502
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
109.206.162.83 , Netherlands, ASN50245 (SERVEREL-AS, NL),
Reverse DNS
83.162.serverel.net
Software
nginx /
Resource Hash
85a367f436675a0f9ff723ab117c68ab0f704cd9f183bc40c8d5e06d647832b8

Request headers

Accept-Language
nl-NL,nl;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date
Fri, 03 Dec 2021 16:23:04 GMT
content-encoding
gzip
last-modified
Thu, 02 Dec 2021 12:43:17 GMT
server
nginx
etag
W/"61a8bf65-87fb"
vary
Accept-Encoding
content-type
application/javascript
timing-allow-origin
*
/
kneeansweras.com/ 		3 KB
2 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://kneeansweras.com/?r=dir&zoneid=1541501&var=1541502&pb=99d2679fdbee7ed704946d37ec67e0291638555784&psp=hzUJgqA7ebO_caOU9XWMz4tYDCJs2bhqkCFNs4BmOoHaWw8SwLgmsNx_WlwGKmcZlXfBxbYItP8zbR6ItOTZ3OJIu5nqjZyuPMu094DQn1xRPfFP8EXlDDPr4Ig4E9Q4TdOzpjMWM_dIyYBS08QQGc-neqjkuqaYmzOE2FOFsKqBYIYeHwk50o-ejWl8wxaj_4zd6mMilosfjLgTAOCzDtbgx08M2pgmZK3VYlHJu7bPhJTjeCNfSbMofW-ND2TCVtACYBniEAyFUjQ2cR7k8GLe9ejBv2RuVcQGh1zhWIxha8_T4Wtej5PbRecw-dyUgw9eL07jQEU2XdPz67FBXY5eyzHFfnJ9dhSc1TrjOApwGNoFomtc3Sbb7tDyHaZzEDa7Q2OYOt5GrwHo4WcIDAt7z604BTd8Vn0akLaA3YJJAeCsqKZzdN31PqnpYKwhezgF2ZUV4Oligtp_qmOu1L3JAPg_8dwOKaUSekPUwQfXPDPfCpwvrk6oNwe_1N9nF5dMpd8XW5xOdccdKLqH6Cp-Q1w51gI9tOhGshbuDjgtIOJU0GPxBqAsARVbtXCPwon10BgnzF1hBm1Ht-V9-nl-72WwKz7ypx_RYblDb21HBEb1h1kpQFHhSasoSDllTfOay6UFxJFLkuyNEG3pRIw_cjC996va0FHXxl9mIZsJx5LS3hALVw==&nojs=0&ix=0&t=0&x=1600&y=1200&wcks=1&wgl=1&cnvs=1&os=0&md=0&bb=0&pl=Chrome%20PDF%20Plugin::Chrome%20PDF%20Viewer::Native%20Client&lang=en-US&pf=Linux%20x86_64&cd=24&0&pload=106
Requested by
Host: kneeansweras.com
URL: https://kneeansweras.com/submit.min.js?2.0
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
109.206.162.83 , Netherlands, ASN50245 (SERVEREL-AS, NL),
Reverse DNS
83.162.serverel.net
Software
nginx /
Resource Hash
cabf24d4b51e5370bdba9b19a02d26a42cb93b4da8ba37daf0dc792ba643c9b8

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36
Accept-Language
nl-NL,nl;q=0.9

Response headers

server
nginx
date
Fri, 03 Dec 2021 16:23:04 GMT
content-type
text/html; charset=utf-8
vary
Accept-Encoding
content-encoding
gzip
timing-allow-origin
*
index.html
517s61.reminews.com/dannig/common-player-arrow/ 		6 KB
7 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://517s61.reminews.com/dannig/common-player-arrow/index.html?var=1541501&ymid=21120311230431d9ff93464eb4b2df35302d&rc=1&mrc=0&fsc=0&zoneid=1601571&tburl=https://play-vids.com/?geo=nl&proxy=true
Requested by
Host: kneeansweras.com
URL: https://kneeansweras.com/?r=dir&zoneid=1541501&var=1541502&pb=99d2679fdbee7ed704946d37ec67e0291638555784&psp=hzUJgqA7ebO_caOU9XWMz4tYDCJs2bhqkCFNs4BmOoHaWw8SwLgmsNx_WlwGKmcZlXfBxbYItP8zbR6ItOTZ3OJIu5nqjZyuPMu094DQn1xRPfFP8EXlDDPr4Ig4E9Q4TdOzpjMWM_dIyYBS08QQGc-neqjkuqaYmzOE2FOFsKqBYIYeHwk50o-ejWl8wxaj_4zd6mMilosfjLgTAOCzDtbgx08M2pgmZK3VYlHJu7bPhJTjeCNfSbMofW-ND2TCVtACYBniEAyFUjQ2cR7k8GLe9ejBv2RuVcQGh1zhWIxha8_T4Wtej5PbRecw-dyUgw9eL07jQEU2XdPz67FBXY5eyzHFfnJ9dhSc1TrjOApwGNoFomtc3Sbb7tDyHaZzEDa7Q2OYOt5GrwHo4WcIDAt7z604BTd8Vn0akLaA3YJJAeCsqKZzdN31PqnpYKwhezgF2ZUV4Oligtp_qmOu1L3JAPg_8dwOKaUSekPUwQfXPDPfCpwvrk6oNwe_1N9nF5dMpd8XW5xOdccdKLqH6Cp-Q1w51gI9tOhGshbuDjgtIOJU0GPxBqAsARVbtXCPwon10BgnzF1hBm1Ht-V9-nl-72WwKz7ypx_RYblDb21HBEb1h1kpQFHhSasoSDllTfOay6UFxJFLkuyNEG3pRIw_cjC996va0FHXxl9mIZsJx5LS3hALVw==&nojs=0&ix=0&t=0&x=1600&y=1200&wcks=1&wgl=1&cnvs=1&os=0&md=0&bb=0&pl=Chrome%20PDF%20Plugin::Chrome%20PDF%20Viewer::Native%20Client&lang=en-US&pf=Linux%20x86_64&cd=24&0&pload=106
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
45.133.44.3 Philadelphia, United States, ASN39572 (ADVANCEDHOSTERS-AS, NL),
Reverse DNS
Software
nginx/1.18.0 /
Resource Hash
dccc56b4834577790633f041a5c730b0f283352e63c8509a9da3961b170b6f96

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36
Accept-Language
nl-NL,nl;q=0.9

Response headers

date
Fri, 03 Dec 2021 16:23:04 GMT
content-type
text/html; charset=utf-8
content-length
6611
server
nginx/1.18.0
last-modified
Tue, 26 Oct 2021 15:52:40 GMT
etag
f46a63e0e4e733d7ddc6f46da00863bf
x-timestamp
1635263559.76455
x-trans-id
txf9973ab5455e4f86ae257-00617824f3
x-openstack-request-id
txf9973ab5455e4f86ae257-00617824f3
cache-control
max-age=172800
access-control-allow-origin
*
access-control-allow-methods
HEAD,GET,POST,PUT,PATCH,DELETE,OPTIONS
access-control-allow-headers
Content-Type,X-Requested-With,X-Auth-Token,X-Openstack-Request-Id,X-Container-Meta-type,X-Container-Meta-Temp-URL-Key,Authorization
access-control-expose-headers
X-Container-Meta-Temp-Url-Key,X-Container-Bytes-Used,Last-Modified,X-Timestamp
expires
Sun, 05 Dec 2021 16:23:04 GMT
vary
Accept-Encoding
x-proxy-cache
HIT
accept-ranges
bytes
dupa.gif
kneeansweras.com/ 		0
0
script.js
123.selornews.com/dannig/common-player-arrow/ 		4 KB
5 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://123.selornews.com/dannig/common-player-arrow/script.js?a=19
Requested by
Host: 517s61.reminews.com
URL: https://517s61.reminews.com/dannig/common-player-arrow/index.html?var=1541501&ymid=21120311230431d9ff93464eb4b2df35302d&rc=1&mrc=0&fsc=0&zoneid=1601571&tburl=https://play-vids.com/?geo=nl&proxy=true
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
45.133.44.4 Philadelphia, United States, ASN39572 (ADVANCEDHOSTERS-AS, NL),
Reverse DNS
Software
nginx/1.18.0 /
Resource Hash
4d23eca65ee87fd5bce9aaefc863c5f836ad13dbb3069c72533bddfe2054d0d9

Request headers

Accept-Language
nl-NL,nl;q=0.9
Referer
https://517s61.reminews.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date
Fri, 03 Dec 2021 16:23:04 GMT
x-openstack-request-id
tx511d3042704c4fa98c709-00617824f4
x-trans-id
tx511d3042704c4fa98c709-00617824f4
x-timestamp
1631013005.68768
accept-ranges
bytes
expires
Sun, 05 Dec 2021 16:23:04 GMT
last-modified
Tue, 07 Sep 2021 11:10:06 GMT
server
nginx/1.18.0
etag
9d479878f1dadd7ee15cebf73891e8ae
vary
Accept-Encoding
access-control-allow-methods
HEAD,GET,POST,PUT,PATCH,DELETE,OPTIONS
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
access-control-expose-headers
X-Container-Meta-Temp-Url-Key,X-Container-Bytes-Used,Last-Modified,X-Timestamp
cache-control
max-age=172800
content-length
4281
access-control-allow-headers
Content-Type,X-Requested-With,X-Auth-Token,X-Openstack-Request-Id,X-Container-Meta-type,X-Container-Meta-Temp-URL-Key,Authorization
x-proxy-cache
HIT
icon1.png
123.selornews.com/dannig/common-player-arrow/img/ 		7 KB
8 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://123.selornews.com/dannig/common-player-arrow/img/icon1.png
Requested by
Host: 517s61.reminews.com
URL: https://517s61.reminews.com/dannig/common-player-arrow/index.html?var=1541501&ymid=21120311230431d9ff93464eb4b2df35302d&rc=1&mrc=0&fsc=0&zoneid=1601571&tburl=https://play-vids.com/?geo=nl&proxy=true
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
45.133.44.4 Philadelphia, United States, ASN39572 (ADVANCEDHOSTERS-AS, NL),
Reverse DNS
Software
nginx/1.18.0 /
Resource Hash

Request headers

Accept-Language
nl-NL,nl;q=0.9
Referer
https://517s61.reminews.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date
Fri, 03 Dec 2021 16:23:04 GMT
x-openstack-request-id
tx3a371b7f911d47879e956-00617824f4
x-trans-id
tx3a371b7f911d47879e956-00617824f4
x-timestamp
1621260766.56573
accept-ranges
bytes
expires
Sun, 05 Dec 2021 16:23:04 GMT
last-modified
Mon, 17 May 2021 14:12:47 GMT
server
nginx/1.18.0
etag
3d0ab5834c8bf7134e4d21fa3288317f
vary
Accept-Encoding
access-control-allow-methods
HEAD,GET,POST,PUT,PATCH,DELETE,OPTIONS
content-type
image/png
access-control-allow-origin
*
access-control-expose-headers
X-Container-Meta-Temp-Url-Key,X-Container-Bytes-Used,Last-Modified,X-Timestamp
cache-control
max-age=172800
content-length
7252
access-control-allow-headers
Content-Type,X-Requested-With,X-Auth-Token,X-Openstack-Request-Id,X-Container-Meta-type,X-Container-Meta-Temp-URL-Key,Authorization
x-proxy-cache
HIT
icon2.png
123.selornews.com/dannig/common-player-arrow/img/ 		4 KB
5 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://123.selornews.com/dannig/common-player-arrow/img/icon2.png
Requested by
Host: 517s61.reminews.com
URL: https://517s61.reminews.com/dannig/common-player-arrow/index.html?var=1541501&ymid=21120311230431d9ff93464eb4b2df35302d&rc=1&mrc=0&fsc=0&zoneid=1601571&tburl=https://play-vids.com/?geo=nl&proxy=true
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
45.133.44.4 Philadelphia, United States, ASN39572 (ADVANCEDHOSTERS-AS, NL),
Reverse DNS
Software
nginx/1.18.0 /
Resource Hash

Request headers

Accept-Language
nl-NL,nl;q=0.9
Referer
https://517s61.reminews.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date
Fri, 03 Dec 2021 16:23:04 GMT
x-openstack-request-id
txa9b08c83d6884e2e94886-00617824f0
x-trans-id
txa9b08c83d6884e2e94886-00617824f0
x-timestamp
1621260766.58366
accept-ranges
bytes
expires
Sun, 05 Dec 2021 16:23:04 GMT
last-modified
Mon, 17 May 2021 14:12:47 GMT
server
nginx/1.18.0
etag
c947d439eb93367f1af5b2a3d222f057
vary
Accept-Encoding
access-control-allow-methods
HEAD,GET,POST,PUT,PATCH,DELETE,OPTIONS
content-type
image/png
access-control-allow-origin
*
access-control-expose-headers
X-Container-Meta-Temp-Url-Key,X-Container-Bytes-Used,Last-Modified,X-Timestamp
cache-control
max-age=172800
content-length
4576
access-control-allow-headers
Content-Type,X-Requested-With,X-Auth-Token,X-Openstack-Request-Id,X-Container-Meta-type,X-Container-Meta-Temp-URL-Key,Authorization
x-proxy-cache
HIT
icon3.png
123.selornews.com/dannig/common-player-arrow/img/ 		8 KB
8 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://123.selornews.com/dannig/common-player-arrow/img/icon3.png
Requested by
Host: 517s61.reminews.com
URL: https://517s61.reminews.com/dannig/common-player-arrow/index.html?var=1541501&ymid=21120311230431d9ff93464eb4b2df35302d&rc=1&mrc=0&fsc=0&zoneid=1601571&tburl=https://play-vids.com/?geo=nl&proxy=true
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
45.133.44.4 Philadelphia, United States, ASN39572 (ADVANCEDHOSTERS-AS, NL),
Reverse DNS
Software
nginx/1.18.0 /
Resource Hash

Request headers

Accept-Language
nl-NL,nl;q=0.9
Referer
https://517s61.reminews.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date
Fri, 03 Dec 2021 16:23:04 GMT
x-openstack-request-id
txe836bc800dc74cab8c17e-00617824f0
x-trans-id
txe836bc800dc74cab8c17e-00617824f0
x-timestamp
1621260770.61859
accept-ranges
bytes
expires
Sun, 05 Dec 2021 16:23:04 GMT
last-modified
Mon, 17 May 2021 14:12:51 GMT
server
nginx/1.18.0
etag
8f3cc830da0b1fdf66bda7d1d734747b
vary
Accept-Encoding
access-control-allow-methods
HEAD,GET,POST,PUT,PATCH,DELETE,OPTIONS
content-type
image/png
access-control-allow-origin
*
access-control-expose-headers
X-Container-Meta-Temp-Url-Key,X-Container-Bytes-Used,Last-Modified,X-Timestamp
cache-control
max-age=172800
content-length
7847
access-control-allow-headers
Content-Type,X-Requested-With,X-Auth-Token,X-Openstack-Request-Id,X-Container-Meta-type,X-Container-Meta-Temp-URL-Key,Authorization
x-proxy-cache
HIT
icon4.png
123.selornews.com/dannig/common-player-arrow/img/ 		7 KB
7 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://123.selornews.com/dannig/common-player-arrow/img/icon4.png
Requested by
Host: 517s61.reminews.com
URL: https://517s61.reminews.com/dannig/common-player-arrow/index.html?var=1541501&ymid=21120311230431d9ff93464eb4b2df35302d&rc=1&mrc=0&fsc=0&zoneid=1601571&tburl=https://play-vids.com/?geo=nl&proxy=true
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
45.133.44.4 Philadelphia, United States, ASN39572 (ADVANCEDHOSTERS-AS, NL),
Reverse DNS
Software
nginx/1.18.0 /
Resource Hash

Request headers

Accept-Language
nl-NL,nl;q=0.9
Referer
https://517s61.reminews.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date
Fri, 03 Dec 2021 16:23:04 GMT
x-openstack-request-id
tx15b172dcb6084849bf123-00617824f0
x-trans-id
tx15b172dcb6084849bf123-00617824f0
x-timestamp
1621260766.57654
accept-ranges
bytes
expires
Sun, 05 Dec 2021 16:23:04 GMT
last-modified
Mon, 17 May 2021 14:12:47 GMT
server
nginx/1.18.0
etag
7ad7f32c1c0df7b4975cc41bda4ac435
vary
Accept-Encoding
access-control-allow-methods
HEAD,GET,POST,PUT,PATCH,DELETE,OPTIONS
content-type
image/png
access-control-allow-origin
*
access-control-expose-headers
X-Container-Meta-Temp-Url-Key,X-Container-Bytes-Used,Last-Modified,X-Timestamp
cache-control
max-age=172800
content-length
7032
access-control-allow-headers
Content-Type,X-Requested-With,X-Auth-Token,X-Openstack-Request-Id,X-Container-Meta-type,X-Container-Meta-Temp-URL-Key,Authorization
x-proxy-cache
HIT
icon5.png
123.selornews.com/dannig/common-player-arrow/img/ 		3 KB
4 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://123.selornews.com/dannig/common-player-arrow/img/icon5.png
Requested by
Host: 517s61.reminews.com
URL: https://517s61.reminews.com/dannig/common-player-arrow/index.html?var=1541501&ymid=21120311230431d9ff93464eb4b2df35302d&rc=1&mrc=0&fsc=0&zoneid=1601571&tburl=https://play-vids.com/?geo=nl&proxy=true
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
45.133.44.4 Philadelphia, United States, ASN39572 (ADVANCEDHOSTERS-AS, NL),
Reverse DNS
Software
nginx/1.18.0 /
Resource Hash

Request headers

Accept-Language
nl-NL,nl;q=0.9
Referer
https://517s61.reminews.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date
Fri, 03 Dec 2021 16:23:04 GMT
x-openstack-request-id
txb5043e51fe2e4d6988631-00617824f0
x-trans-id
txb5043e51fe2e4d6988631-00617824f0
x-timestamp
1621260766.74516
accept-ranges
bytes
expires
Sun, 05 Dec 2021 16:23:04 GMT
last-modified
Mon, 17 May 2021 14:12:47 GMT
server
nginx/1.18.0
etag
1e1a7582b5da63e10485d63f97abc9a0
vary
Accept-Encoding
access-control-allow-methods
HEAD,GET,POST,PUT,PATCH,DELETE,OPTIONS
content-type
image/png
access-control-allow-origin
*
access-control-expose-headers
X-Container-Meta-Temp-Url-Key,X-Container-Bytes-Used,Last-Modified,X-Timestamp
cache-control
max-age=172800
content-length
3264
access-control-allow-headers
Content-Type,X-Requested-With,X-Auth-Token,X-Openstack-Request-Id,X-Container-Meta-type,X-Container-Meta-Temp-URL-Key,Authorization
x-proxy-cache
HIT
icon7.png
123.selornews.com/dannig/common-player-arrow/img/ 		3 KB
4 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://123.selornews.com/dannig/common-player-arrow/img/icon7.png
Requested by
Host: 517s61.reminews.com
URL: https://517s61.reminews.com/dannig/common-player-arrow/index.html?var=1541501&ymid=21120311230431d9ff93464eb4b2df35302d&rc=1&mrc=0&fsc=0&zoneid=1601571&tburl=https://play-vids.com/?geo=nl&proxy=true
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
45.133.44.4 Philadelphia, United States, ASN39572 (ADVANCEDHOSTERS-AS, NL),
Reverse DNS
Software
nginx/1.18.0 /
Resource Hash

Request headers

Accept-Language
nl-NL,nl;q=0.9
Referer
https://517s61.reminews.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date
Fri, 03 Dec 2021 16:23:04 GMT
x-openstack-request-id
tx23eb648f44094a9e86fdc-00617824f0
x-trans-id
tx23eb648f44094a9e86fdc-00617824f0
x-timestamp
1621260767.43555
accept-ranges
bytes
expires
Sun, 05 Dec 2021 16:23:04 GMT
last-modified
Mon, 17 May 2021 14:12:48 GMT
server
nginx/1.18.0
etag
b512735542cb07b3b2dcf153a7dfe456
vary
Accept-Encoding
access-control-allow-methods
HEAD,GET,POST,PUT,PATCH,DELETE,OPTIONS
content-type
image/png
access-control-allow-origin
*
access-control-expose-headers
X-Container-Meta-Temp-Url-Key,X-Container-Bytes-Used,Last-Modified,X-Timestamp
cache-control
max-age=172800
content-length
3283
access-control-allow-headers
Content-Type,X-Requested-With,X-Auth-Token,X-Openstack-Request-Id,X-Container-Meta-type,X-Container-Meta-Temp-URL-Key,Authorization
x-proxy-cache
HIT
icon8.png
123.selornews.com/dannig/common-player-arrow/img/ 		4 KB
5 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://123.selornews.com/dannig/common-player-arrow/img/icon8.png
Requested by
Host: 517s61.reminews.com
URL: https://517s61.reminews.com/dannig/common-player-arrow/index.html?var=1541501&ymid=21120311230431d9ff93464eb4b2df35302d&rc=1&mrc=0&fsc=0&zoneid=1601571&tburl=https://play-vids.com/?geo=nl&proxy=true
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
45.133.44.4 Philadelphia, United States, ASN39572 (ADVANCEDHOSTERS-AS, NL),
Reverse DNS
Software
nginx/1.18.0 /
Resource Hash

Request headers

Accept-Language
nl-NL,nl;q=0.9
Referer
https://517s61.reminews.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date
Fri, 03 Dec 2021 16:23:04 GMT
x-openstack-request-id
tx287de7c84de84b77b385d-00617824f0
x-trans-id
tx287de7c84de84b77b385d-00617824f0
x-timestamp
1621260767.46514
accept-ranges
bytes
expires
Sun, 05 Dec 2021 16:23:04 GMT
last-modified
Mon, 17 May 2021 14:12:48 GMT
server
nginx/1.18.0
etag
f92d6474ebc6a3a0b576749cfb4afe98
vary
Accept-Encoding
access-control-allow-methods
HEAD,GET,POST,PUT,PATCH,DELETE,OPTIONS
content-type
image/png
access-control-allow-origin
*
access-control-expose-headers
X-Container-Meta-Temp-Url-Key,X-Container-Bytes-Used,Last-Modified,X-Timestamp
cache-control
max-age=172800
content-length
4064
access-control-allow-headers
Content-Type,X-Requested-With,X-Auth-Token,X-Openstack-Request-Id,X-Container-Meta-type,X-Container-Meta-Temp-URL-Key,Authorization
x-proxy-cache
HIT
afu.php
kneeansweras.com/ 		2 KB
1 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://kneeansweras.com/afu.php?zoneid=1541502&var=1541501
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
109.206.162.83 , Netherlands, ASN50245 (SERVEREL-AS, NL),
Reverse DNS
83.162.serverel.net
Software
nginx /
Resource Hash
3bd1a19d87e29dbd811441e94e8ad17ca4c7576f806e6cf75225c0487b7c497b

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36
Accept-Language
nl-NL,nl;q=0.9

Response headers

server
nginx
date
Fri, 03 Dec 2021 16:23:04 GMT
content-type
text/html; charset=utf-8
vary
Accept-Encoding
content-encoding
gzip
timing-allow-origin
*
submit.min.js
kneeansweras.com/ 		34 KB
14 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://kneeansweras.com/submit.min.js?2.0
Requested by
Host: kneeansweras.com
URL: https://kneeansweras.com/afu.php?zoneid=1541502&var=1541501
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
109.206.162.83 , Netherlands, ASN50245 (SERVEREL-AS, NL),
Reverse DNS
83.162.serverel.net
Software
nginx /
Resource Hash
85a367f436675a0f9ff723ab117c68ab0f704cd9f183bc40c8d5e06d647832b8

Request headers

Accept-Language
nl-NL,nl;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date
Fri, 03 Dec 2021 16:23:04 GMT
content-encoding
gzip
last-modified
Thu, 02 Dec 2021 12:43:17 GMT
server
nginx
etag
W/"61a8bf65-87fb"
vary
Accept-Encoding
content-type
application/javascript
timing-allow-origin
*
/
kneeansweras.com/ 		3 KB
2 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://kneeansweras.com/?r=dir&zoneid=1541502&var=1541501&pb=99d2679fdbee7ed704946d37ec67e0291638555784&psp=9RjfZzpEHGv4vG2laqKlKQMjQs-S11pAoVVNOIBcx7n4N3JmROMTeQ14lAaUVaoIgJF5Znh_FDYVrC1LU3jg7aD3z51SEowHUIrui7T8xPZciGXXmQO0A6Rw9CthoGFwSyilGEdwwNewy_Tlw9hpR-wiSukt46jZZ1Gc8QHO-QKLGo2fSSrufbeERk84MiMw2HKEptRVpG1Ta0fIbs1-nkw9MiWvysKAk4Kqqyh7Q5zJ8UWP9zGHA0nRvm7Nuqvim2qeO3VJJsa6h1E3hDs79eMJhUzFLCF2INte3bpFzKOcwVSzXgryLyObX_IupnxoXNGpaTEgfbdwGwzTdzBOmFHfHBcGPqHCc-Vfke4gh9_JhbsH5YbxDusnvFWb3Y26rocrmVXjbMY0Ez7viQRvAufuMs_aqdYEOGFTpHqeo_HiIBhwM9plwba_fzEhfk_mV2pUOUSDs0jZ4jjxPXeCA_EKffcH6Q88iCgr95PjCX5uBSBvTir3Z7se1uQyioHDRWoZYO76L-b3Ur6sZTOo7MOIcGdX7fBaKF2GzXzsOg7mkeqXyrF_NtIEORRWBH44Z8rwXwUS_mMR56Kv0ATbaV5CVdGYEISI0BxqOQgdBTG_mLPTcURQkScToUpGIyRtKnPOeM6KbPSZfCKj8amvE6CvX9O6PbuFdMOWfN5KvbBj0nlqoAkMKg==&nojs=0&ix=0&t=0&x=1600&y=1200&wcks=1&wgl=1&cnvs=1&os=0&md=0&bb=0&pl=Chrome%20PDF%20Plugin::Chrome%20PDF%20Viewer::Native%20Client&lang=en-US&pf=Linux%20x86_64&cd=24&0&pload=104
Requested by
Host: kneeansweras.com
URL: https://kneeansweras.com/submit.min.js?2.0
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
109.206.162.83 , Netherlands, ASN50245 (SERVEREL-AS, NL),
Reverse DNS
83.162.serverel.net
Software
nginx /
Resource Hash

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36
Accept-Language
nl-NL,nl;q=0.9

Response headers

server
nginx
date
Fri, 03 Dec 2021 16:23:04 GMT
content-type
text/html; charset=utf-8
vary
Accept-Encoding
content-encoding
gzip
timing-allow-origin
*
index.html
517s61.reminews.com/dannig/common-player-arrow/ 		6 KB
7 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://517s61.reminews.com/dannig/common-player-arrow/index.html?var=1541502&ymid=2112031123f2c0ee73e9a7487a99c466ab3f&rc=1&mrc=0&fsc=0&zoneid=1601571&tburl=https://play-vids.com/?geo=nl&proxy=true
Requested by
Host: kneeansweras.com
URL: https://kneeansweras.com/?r=dir&zoneid=1541502&var=1541501&pb=99d2679fdbee7ed704946d37ec67e0291638555784&psp=9RjfZzpEHGv4vG2laqKlKQMjQs-S11pAoVVNOIBcx7n4N3JmROMTeQ14lAaUVaoIgJF5Znh_FDYVrC1LU3jg7aD3z51SEowHUIrui7T8xPZciGXXmQO0A6Rw9CthoGFwSyilGEdwwNewy_Tlw9hpR-wiSukt46jZZ1Gc8QHO-QKLGo2fSSrufbeERk84MiMw2HKEptRVpG1Ta0fIbs1-nkw9MiWvysKAk4Kqqyh7Q5zJ8UWP9zGHA0nRvm7Nuqvim2qeO3VJJsa6h1E3hDs79eMJhUzFLCF2INte3bpFzKOcwVSzXgryLyObX_IupnxoXNGpaTEgfbdwGwzTdzBOmFHfHBcGPqHCc-Vfke4gh9_JhbsH5YbxDusnvFWb3Y26rocrmVXjbMY0Ez7viQRvAufuMs_aqdYEOGFTpHqeo_HiIBhwM9plwba_fzEhfk_mV2pUOUSDs0jZ4jjxPXeCA_EKffcH6Q88iCgr95PjCX5uBSBvTir3Z7se1uQyioHDRWoZYO76L-b3Ur6sZTOo7MOIcGdX7fBaKF2GzXzsOg7mkeqXyrF_NtIEORRWBH44Z8rwXwUS_mMR56Kv0ATbaV5CVdGYEISI0BxqOQgdBTG_mLPTcURQkScToUpGIyRtKnPOeM6KbPSZfCKj8amvE6CvX9O6PbuFdMOWfN5KvbBj0nlqoAkMKg==&nojs=0&ix=0&t=0&x=1600&y=1200&wcks=1&wgl=1&cnvs=1&os=0&md=0&bb=0&pl=Chrome%20PDF%20Plugin::Chrome%20PDF%20Viewer::Native%20Client&lang=en-US&pf=Linux%20x86_64&cd=24&0&pload=104
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
45.133.44.3 Philadelphia, United States, ASN39572 (ADVANCEDHOSTERS-AS, NL),
Reverse DNS
Software
nginx/1.18.0 /
Resource Hash
dccc56b4834577790633f041a5c730b0f283352e63c8509a9da3961b170b6f96

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36
Accept-Language
nl-NL,nl;q=0.9

Response headers

date
Fri, 03 Dec 2021 16:23:04 GMT
content-type
text/html; charset=utf-8
content-length
6611
server
nginx/1.18.0
last-modified
Tue, 26 Oct 2021 15:52:40 GMT
etag
f46a63e0e4e733d7ddc6f46da00863bf
x-timestamp
1635263559.76455
x-trans-id
txf9973ab5455e4f86ae257-00617824f3
x-openstack-request-id
txf9973ab5455e4f86ae257-00617824f3
cache-control
max-age=172800
access-control-allow-origin
*
access-control-allow-methods
HEAD,GET,POST,PUT,PATCH,DELETE,OPTIONS
access-control-allow-headers
Content-Type,X-Requested-With,X-Auth-Token,X-Openstack-Request-Id,X-Container-Meta-type,X-Container-Meta-Temp-URL-Key,Authorization
access-control-expose-headers
X-Container-Meta-Temp-Url-Key,X-Container-Bytes-Used,Last-Modified,X-Timestamp
expires
Sun, 05 Dec 2021 16:23:04 GMT
vary
Accept-Encoding
x-proxy-cache
HIT
accept-ranges
bytes
dupa.gif
kneeansweras.com/ 		0
0
script.js
123.selornews.com/dannig/common-player-arrow/ 		4 KB
5 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://123.selornews.com/dannig/common-player-arrow/script.js?a=19
Requested by
Host: 517s61.reminews.com
URL: https://517s61.reminews.com/dannig/common-player-arrow/index.html?var=1541502&ymid=2112031123f2c0ee73e9a7487a99c466ab3f&rc=1&mrc=0&fsc=0&zoneid=1601571&tburl=https://play-vids.com/?geo=nl&proxy=true
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
45.133.44.4 Philadelphia, United States, ASN39572 (ADVANCEDHOSTERS-AS, NL),
Reverse DNS
Software
nginx/1.18.0 /
Resource Hash
4d23eca65ee87fd5bce9aaefc863c5f836ad13dbb3069c72533bddfe2054d0d9

Request headers

Accept-Language
nl-NL,nl;q=0.9
Referer
https://517s61.reminews.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date
Fri, 03 Dec 2021 16:23:04 GMT
x-openstack-request-id
tx511d3042704c4fa98c709-00617824f4
x-trans-id
tx511d3042704c4fa98c709-00617824f4
x-timestamp
1631013005.68768
accept-ranges
bytes
expires
Sun, 05 Dec 2021 16:23:04 GMT
last-modified
Tue, 07 Sep 2021 11:10:06 GMT
server
nginx/1.18.0
etag
9d479878f1dadd7ee15cebf73891e8ae
vary
Accept-Encoding
access-control-allow-methods
HEAD,GET,POST,PUT,PATCH,DELETE,OPTIONS
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
access-control-expose-headers
X-Container-Meta-Temp-Url-Key,X-Container-Bytes-Used,Last-Modified,X-Timestamp
cache-control
max-age=172800
content-length
4281
access-control-allow-headers
Content-Type,X-Requested-With,X-Auth-Token,X-Openstack-Request-Id,X-Container-Meta-type,X-Container-Meta-Temp-URL-Key,Authorization
x-proxy-cache
HIT
icon1.png
123.selornews.com/dannig/common-player-arrow/img/ 		7 KB
8 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://123.selornews.com/dannig/common-player-arrow/img/icon1.png
Requested by
Host: 517s61.reminews.com
URL: https://517s61.reminews.com/dannig/common-player-arrow/index.html?var=1541502&ymid=2112031123f2c0ee73e9a7487a99c466ab3f&rc=1&mrc=0&fsc=0&zoneid=1601571&tburl=https://play-vids.com/?geo=nl&proxy=true
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
45.133.44.4 Philadelphia, United States, ASN39572 (ADVANCEDHOSTERS-AS, NL),
Reverse DNS
Software
nginx/1.18.0 /
Resource Hash

Request headers

Accept-Language
nl-NL,nl;q=0.9
Referer
https://517s61.reminews.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date
Fri, 03 Dec 2021 16:23:04 GMT
x-openstack-request-id
tx3a371b7f911d47879e956-00617824f4
x-trans-id
tx3a371b7f911d47879e956-00617824f4
x-timestamp
1621260766.56573
accept-ranges
bytes
expires
Sun, 05 Dec 2021 16:23:04 GMT
last-modified
Mon, 17 May 2021 14:12:47 GMT
server
nginx/1.18.0
etag
3d0ab5834c8bf7134e4d21fa3288317f
vary
Accept-Encoding
access-control-allow-methods
HEAD,GET,POST,PUT,PATCH,DELETE,OPTIONS
content-type
image/png
access-control-allow-origin
*
access-control-expose-headers
X-Container-Meta-Temp-Url-Key,X-Container-Bytes-Used,Last-Modified,X-Timestamp
cache-control
max-age=172800
content-length
7252
access-control-allow-headers
Content-Type,X-Requested-With,X-Auth-Token,X-Openstack-Request-Id,X-Container-Meta-type,X-Container-Meta-Temp-URL-Key,Authorization
x-proxy-cache
HIT
icon2.png
123.selornews.com/dannig/common-player-arrow/img/ 		4 KB
5 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://123.selornews.com/dannig/common-player-arrow/img/icon2.png
Requested by
Host: 517s61.reminews.com
URL: https://517s61.reminews.com/dannig/common-player-arrow/index.html?var=1541502&ymid=2112031123f2c0ee73e9a7487a99c466ab3f&rc=1&mrc=0&fsc=0&zoneid=1601571&tburl=https://play-vids.com/?geo=nl&proxy=true
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
45.133.44.4 Philadelphia, United States, ASN39572 (ADVANCEDHOSTERS-AS, NL),
Reverse DNS
Software
nginx/1.18.0 /
Resource Hash

Request headers

Accept-Language
nl-NL,nl;q=0.9
Referer
https://517s61.reminews.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date
Fri, 03 Dec 2021 16:23:04 GMT
x-openstack-request-id
txa9b08c83d6884e2e94886-00617824f0
x-trans-id
txa9b08c83d6884e2e94886-00617824f0
x-timestamp
1621260766.58366
accept-ranges
bytes
expires
Sun, 05 Dec 2021 16:23:04 GMT
last-modified
Mon, 17 May 2021 14:12:47 GMT
server
nginx/1.18.0
etag
c947d439eb93367f1af5b2a3d222f057
vary
Accept-Encoding
access-control-allow-methods
HEAD,GET,POST,PUT,PATCH,DELETE,OPTIONS
content-type
image/png
access-control-allow-origin
*
access-control-expose-headers
X-Container-Meta-Temp-Url-Key,X-Container-Bytes-Used,Last-Modified,X-Timestamp
cache-control
max-age=172800
content-length
4576
access-control-allow-headers
Content-Type,X-Requested-With,X-Auth-Token,X-Openstack-Request-Id,X-Container-Meta-type,X-Container-Meta-Temp-URL-Key,Authorization
x-proxy-cache
HIT
icon3.png
123.selornews.com/dannig/common-player-arrow/img/ 		8 KB
8 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://123.selornews.com/dannig/common-player-arrow/img/icon3.png
Requested by
Host: 517s61.reminews.com
URL: https://517s61.reminews.com/dannig/common-player-arrow/index.html?var=1541502&ymid=2112031123f2c0ee73e9a7487a99c466ab3f&rc=1&mrc=0&fsc=0&zoneid=1601571&tburl=https://play-vids.com/?geo=nl&proxy=true
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
45.133.44.4 Philadelphia, United States, ASN39572 (ADVANCEDHOSTERS-AS, NL),
Reverse DNS
Software
nginx/1.18.0 /
Resource Hash

Request headers

Accept-Language
nl-NL,nl;q=0.9
Referer
https://517s61.reminews.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date
Fri, 03 Dec 2021 16:23:04 GMT
x-openstack-request-id
txe836bc800dc74cab8c17e-00617824f0
x-trans-id
txe836bc800dc74cab8c17e-00617824f0
x-timestamp
1621260770.61859
accept-ranges
bytes
expires
Sun, 05 Dec 2021 16:23:04 GMT
last-modified
Mon, 17 May 2021 14:12:51 GMT
server
nginx/1.18.0
etag
8f3cc830da0b1fdf66bda7d1d734747b
vary
Accept-Encoding
access-control-allow-methods
HEAD,GET,POST,PUT,PATCH,DELETE,OPTIONS
content-type
image/png
access-control-allow-origin
*
access-control-expose-headers
X-Container-Meta-Temp-Url-Key,X-Container-Bytes-Used,Last-Modified,X-Timestamp
cache-control
max-age=172800
content-length
7847
access-control-allow-headers
Content-Type,X-Requested-With,X-Auth-Token,X-Openstack-Request-Id,X-Container-Meta-type,X-Container-Meta-Temp-URL-Key,Authorization
x-proxy-cache
HIT
icon4.png
123.selornews.com/dannig/common-player-arrow/img/ 		7 KB
7 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://123.selornews.com/dannig/common-player-arrow/img/icon4.png
Requested by
Host: 517s61.reminews.com
URL: https://517s61.reminews.com/dannig/common-player-arrow/index.html?var=1541502&ymid=2112031123f2c0ee73e9a7487a99c466ab3f&rc=1&mrc=0&fsc=0&zoneid=1601571&tburl=https://play-vids.com/?geo=nl&proxy=true
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
45.133.44.4 Philadelphia, United States, ASN39572 (ADVANCEDHOSTERS-AS, NL),
Reverse DNS
Software
nginx/1.18.0 /
Resource Hash

Request headers

Accept-Language
nl-NL,nl;q=0.9
Referer
https://517s61.reminews.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date
Fri, 03 Dec 2021 16:23:04 GMT
x-openstack-request-id
tx15b172dcb6084849bf123-00617824f0
x-trans-id
tx15b172dcb6084849bf123-00617824f0
x-timestamp
1621260766.57654
accept-ranges
bytes
expires
Sun, 05 Dec 2021 16:23:04 GMT
last-modified
Mon, 17 May 2021 14:12:47 GMT
server
nginx/1.18.0
etag
7ad7f32c1c0df7b4975cc41bda4ac435
vary
Accept-Encoding
access-control-allow-methods
HEAD,GET,POST,PUT,PATCH,DELETE,OPTIONS
content-type
image/png
access-control-allow-origin
*
access-control-expose-headers
X-Container-Meta-Temp-Url-Key,X-Container-Bytes-Used,Last-Modified,X-Timestamp
cache-control
max-age=172800
content-length
7032
access-control-allow-headers
Content-Type,X-Requested-With,X-Auth-Token,X-Openstack-Request-Id,X-Container-Meta-type,X-Container-Meta-Temp-URL-Key,Authorization
x-proxy-cache
HIT
icon5.png
123.selornews.com/dannig/common-player-arrow/img/ 		3 KB
4 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://123.selornews.com/dannig/common-player-arrow/img/icon5.png
Requested by
Host: 517s61.reminews.com
URL: https://517s61.reminews.com/dannig/common-player-arrow/index.html?var=1541502&ymid=2112031123f2c0ee73e9a7487a99c466ab3f&rc=1&mrc=0&fsc=0&zoneid=1601571&tburl=https://play-vids.com/?geo=nl&proxy=true
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
45.133.44.4 Philadelphia, United States, ASN39572 (ADVANCEDHOSTERS-AS, NL),
Reverse DNS
Software
nginx/1.18.0 /
Resource Hash

Request headers

Accept-Language
nl-NL,nl;q=0.9
Referer
https://517s61.reminews.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date
Fri, 03 Dec 2021 16:23:04 GMT
x-openstack-request-id
txb5043e51fe2e4d6988631-00617824f0
x-trans-id
txb5043e51fe2e4d6988631-00617824f0
x-timestamp
1621260766.74516
accept-ranges
bytes
expires
Sun, 05 Dec 2021 16:23:04 GMT
last-modified
Mon, 17 May 2021 14:12:47 GMT
server
nginx/1.18.0
etag
1e1a7582b5da63e10485d63f97abc9a0
vary
Accept-Encoding
access-control-allow-methods
HEAD,GET,POST,PUT,PATCH,DELETE,OPTIONS
content-type
image/png
access-control-allow-origin
*
access-control-expose-headers
X-Container-Meta-Temp-Url-Key,X-Container-Bytes-Used,Last-Modified,X-Timestamp
cache-control
max-age=172800
content-length
3264
access-control-allow-headers
Content-Type,X-Requested-With,X-Auth-Token,X-Openstack-Request-Id,X-Container-Meta-type,X-Container-Meta-Temp-URL-Key,Authorization
x-proxy-cache
HIT
icon7.png
123.selornews.com/dannig/common-player-arrow/img/ 		3 KB
4 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://123.selornews.com/dannig/common-player-arrow/img/icon7.png
Requested by
Host: 517s61.reminews.com
URL: https://517s61.reminews.com/dannig/common-player-arrow/index.html?var=1541502&ymid=2112031123f2c0ee73e9a7487a99c466ab3f&rc=1&mrc=0&fsc=0&zoneid=1601571&tburl=https://play-vids.com/?geo=nl&proxy=true
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
45.133.44.4 Philadelphia, United States, ASN39572 (ADVANCEDHOSTERS-AS, NL),
Reverse DNS
Software
nginx/1.18.0 /
Resource Hash

Request headers

Accept-Language
nl-NL,nl;q=0.9
Referer
https://517s61.reminews.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date
Fri, 03 Dec 2021 16:23:04 GMT
x-openstack-request-id
tx23eb648f44094a9e86fdc-00617824f0
x-trans-id
tx23eb648f44094a9e86fdc-00617824f0
x-timestamp
1621260767.43555
accept-ranges
bytes
expires
Sun, 05 Dec 2021 16:23:04 GMT
last-modified
Mon, 17 May 2021 14:12:48 GMT
server
nginx/1.18.0
etag
b512735542cb07b3b2dcf153a7dfe456
vary
Accept-Encoding
access-control-allow-methods
HEAD,GET,POST,PUT,PATCH,DELETE,OPTIONS
content-type
image/png
access-control-allow-origin
*
access-control-expose-headers
X-Container-Meta-Temp-Url-Key,X-Container-Bytes-Used,Last-Modified,X-Timestamp
cache-control
max-age=172800
content-length
3283
access-control-allow-headers
Content-Type,X-Requested-With,X-Auth-Token,X-Openstack-Request-Id,X-Container-Meta-type,X-Container-Meta-Temp-URL-Key,Authorization
x-proxy-cache
HIT
icon8.png
123.selornews.com/dannig/common-player-arrow/img/ 		4 KB
5 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://123.selornews.com/dannig/common-player-arrow/img/icon8.png
Requested by
Host: 517s61.reminews.com
URL: https://517s61.reminews.com/dannig/common-player-arrow/index.html?var=1541502&ymid=2112031123f2c0ee73e9a7487a99c466ab3f&rc=1&mrc=0&fsc=0&zoneid=1601571&tburl=https://play-vids.com/?geo=nl&proxy=true
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
45.133.44.4 Philadelphia, United States, ASN39572 (ADVANCEDHOSTERS-AS, NL),
Reverse DNS
Software
nginx/1.18.0 /
Resource Hash

Request headers

Accept-Language
nl-NL,nl;q=0.9
Referer
https://517s61.reminews.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date
Fri, 03 Dec 2021 16:23:04 GMT
x-openstack-request-id
tx287de7c84de84b77b385d-00617824f0
x-trans-id
tx287de7c84de84b77b385d-00617824f0
x-timestamp
1621260767.46514
accept-ranges
bytes
expires
Sun, 05 Dec 2021 16:23:04 GMT
last-modified
Mon, 17 May 2021 14:12:48 GMT
server
nginx/1.18.0
etag
f92d6474ebc6a3a0b576749cfb4afe98
vary
Accept-Encoding
access-control-allow-methods
HEAD,GET,POST,PUT,PATCH,DELETE,OPTIONS
content-type
image/png
access-control-allow-origin
*
access-control-expose-headers
X-Container-Meta-Temp-Url-Key,X-Container-Bytes-Used,Last-Modified,X-Timestamp
cache-control
max-age=172800
content-length
4064
access-control-allow-headers
Content-Type,X-Requested-With,X-Auth-Token,X-Openstack-Request-Id,X-Container-Meta-type,X-Container-Meta-Temp-URL-Key,Authorization
x-proxy-cache
HIT
afu.php
kneeansweras.com/ 		2 KB
1 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://kneeansweras.com/afu.php?zoneid=1541501&var=1541502
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
109.206.162.83 , Netherlands, ASN50245 (SERVEREL-AS, NL),
Reverse DNS
83.162.serverel.net
Software
nginx /
Resource Hash
a207080e84b4f5b6a624e27d7f230cc95138109f1f517ca41dd1816495e0c502

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36
Accept-Language
nl-NL,nl;q=0.9

Response headers

server
nginx
date
Fri, 03 Dec 2021 16:23:04 GMT
content-type
text/html; charset=utf-8
vary
Accept-Encoding
content-encoding
gzip
timing-allow-origin
*
submit.min.js
kneeansweras.com/ 		34 KB
14 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://kneeansweras.com/submit.min.js?2.0
Requested by
Host: kneeansweras.com
URL: https://kneeansweras.com/afu.php?zoneid=1541501&var=1541502
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
109.206.162.83 , Netherlands, ASN50245 (SERVEREL-AS, NL),
Reverse DNS
83.162.serverel.net
Software
nginx /
Resource Hash
85a367f436675a0f9ff723ab117c68ab0f704cd9f183bc40c8d5e06d647832b8

Request headers

Accept-Language
nl-NL,nl;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date
Fri, 03 Dec 2021 16:23:04 GMT
content-encoding
gzip
last-modified
Thu, 02 Dec 2021 12:43:17 GMT
server
nginx
etag
W/"61a8bf65-87fb"
vary
Accept-Encoding
content-type
application/javascript
timing-allow-origin
*
/
kneeansweras.com/ 		3 KB
2 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://kneeansweras.com/?r=dir&zoneid=1541501&var=1541502&pb=99d2679fdbee7ed704946d37ec67e0291638555784&psp=oqaYyTGYw10A-qrQqFWWi45yWWcBGA9GilfOWlFUOfgeJ7mRqo0berbqwpHrOVGuvaVRkkd5lowt85SPBsQdZml_Sqy3ZtTRn8p1rEIg-OoiKZQUm9y3ZpxEOvO0kgQLcMOlB8OXD7TH0x_PWkApvNT4UMemsNwxEwMFq5hxU8i1OZGqaqAgykUH88rJSsXnFnVwBToOXxrKE8izB5i94Ta4amMWNJJ5135oZZtI5Qf5EmbZSuHTkSUMP5QqBAbI9rw7_IIshiO1Zbgl2wsrKJsun7mMsuu3N8si9UC8Alrno7JiLJiuJ4GCCEjwxHCTrjXT6Y0wwrNsVsB1IKg7uIS_SYOasK3fYG3fd-mY166NWmjPO5u44t7Ij5jjHCkTdMTP8B9XR1sWe-ChUov-JvDGtaWIEqUVIlOD4iOQtjTHp1sV236aUsp7H3e3qc7y3_8xnxbyWZLiuGwroYQ0JvYHrBYRrRqPHvLeTW6t3DfAbPUo8L4ekIXpWztzQpiAiY0lFD9LONY2zR83OO1ZVUdJ4pmSxbw-K0SSms9O_DCCG_MhoPKYvO9z1B6jhVUe1Q1NIO2YZKAa2KEXdcTuDNSM5DOck4Zs7ob8svPErB2HNMzaqjxREb33aVELTqeaegdsp-l-_UiCxPaQ0ypHv9a2ItF8MFKh4YvkJ88kjZ08epEkA4x4JA==&nojs=0&ix=0&t=0&x=1600&y=1200&wcks=1&wgl=1&cnvs=1&os=0&md=0&bb=0&pl=Chrome%20PDF%20Plugin::Chrome%20PDF%20Viewer::Native%20Client&lang=en-US&pf=Linux%20x86_64&cd=24&0&pload=103
Requested by
Host: kneeansweras.com
URL: https://kneeansweras.com/submit.min.js?2.0
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
109.206.162.83 , Netherlands, ASN50245 (SERVEREL-AS, NL),
Reverse DNS
83.162.serverel.net
Software
nginx /
Resource Hash

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36
Accept-Language
nl-NL,nl;q=0.9

Response headers

server
nginx
date
Fri, 03 Dec 2021 16:23:04 GMT
content-type
text/html; charset=utf-8
vary
Accept-Encoding
content-encoding
gzip
timing-allow-origin
*
index.html
517s61.reminews.com/dannig/common-player-arrow/ 		6 KB
7 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://517s61.reminews.com/dannig/common-player-arrow/index.html?var=1541501&ymid=21120311235d93dc8162ec45eda7ea55d0cc&rc=1&mrc=0&fsc=0&zoneid=1601571&tburl=https://play-vids.com/?geo=nl&proxy=true
Requested by
Host: kneeansweras.com
URL: https://kneeansweras.com/?r=dir&zoneid=1541501&var=1541502&pb=99d2679fdbee7ed704946d37ec67e0291638555784&psp=oqaYyTGYw10A-qrQqFWWi45yWWcBGA9GilfOWlFUOfgeJ7mRqo0berbqwpHrOVGuvaVRkkd5lowt85SPBsQdZml_Sqy3ZtTRn8p1rEIg-OoiKZQUm9y3ZpxEOvO0kgQLcMOlB8OXD7TH0x_PWkApvNT4UMemsNwxEwMFq5hxU8i1OZGqaqAgykUH88rJSsXnFnVwBToOXxrKE8izB5i94Ta4amMWNJJ5135oZZtI5Qf5EmbZSuHTkSUMP5QqBAbI9rw7_IIshiO1Zbgl2wsrKJsun7mMsuu3N8si9UC8Alrno7JiLJiuJ4GCCEjwxHCTrjXT6Y0wwrNsVsB1IKg7uIS_SYOasK3fYG3fd-mY166NWmjPO5u44t7Ij5jjHCkTdMTP8B9XR1sWe-ChUov-JvDGtaWIEqUVIlOD4iOQtjTHp1sV236aUsp7H3e3qc7y3_8xnxbyWZLiuGwroYQ0JvYHrBYRrRqPHvLeTW6t3DfAbPUo8L4ekIXpWztzQpiAiY0lFD9LONY2zR83OO1ZVUdJ4pmSxbw-K0SSms9O_DCCG_MhoPKYvO9z1B6jhVUe1Q1NIO2YZKAa2KEXdcTuDNSM5DOck4Zs7ob8svPErB2HNMzaqjxREb33aVELTqeaegdsp-l-_UiCxPaQ0ypHv9a2ItF8MFKh4YvkJ88kjZ08epEkA4x4JA==&nojs=0&ix=0&t=0&x=1600&y=1200&wcks=1&wgl=1&cnvs=1&os=0&md=0&bb=0&pl=Chrome%20PDF%20Plugin::Chrome%20PDF%20Viewer::Native%20Client&lang=en-US&pf=Linux%20x86_64&cd=24&0&pload=103
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
45.133.44.3 Philadelphia, United States, ASN39572 (ADVANCEDHOSTERS-AS, NL),
Reverse DNS
Software
nginx/1.18.0 /
Resource Hash
dccc56b4834577790633f041a5c730b0f283352e63c8509a9da3961b170b6f96

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36
Accept-Language
nl-NL,nl;q=0.9

Response headers

date
Fri, 03 Dec 2021 16:23:04 GMT
content-type
text/html; charset=utf-8
content-length
6611
server
nginx/1.18.0
last-modified
Tue, 26 Oct 2021 15:52:40 GMT
etag
f46a63e0e4e733d7ddc6f46da00863bf
x-timestamp
1635263559.76455
x-trans-id
txf9973ab5455e4f86ae257-00617824f3
x-openstack-request-id
txf9973ab5455e4f86ae257-00617824f3
cache-control
max-age=172800
access-control-allow-origin
*
access-control-allow-methods
HEAD,GET,POST,PUT,PATCH,DELETE,OPTIONS
access-control-allow-headers
Content-Type,X-Requested-With,X-Auth-Token,X-Openstack-Request-Id,X-Container-Meta-type,X-Container-Meta-Temp-URL-Key,Authorization
access-control-expose-headers
X-Container-Meta-Temp-Url-Key,X-Container-Bytes-Used,Last-Modified,X-Timestamp
expires
Sun, 05 Dec 2021 16:23:04 GMT
vary
Accept-Encoding
x-proxy-cache
HIT
accept-ranges
bytes
dupa.gif
kneeansweras.com/ 		0
0
script.js
123.selornews.com/dannig/common-player-arrow/ 		4 KB
5 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://123.selornews.com/dannig/common-player-arrow/script.js?a=19
Requested by
Host: 517s61.reminews.com
URL: https://517s61.reminews.com/dannig/common-player-arrow/index.html?var=1541501&ymid=21120311235d93dc8162ec45eda7ea55d0cc&rc=1&mrc=0&fsc=0&zoneid=1601571&tburl=https://play-vids.com/?geo=nl&proxy=true
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
45.133.44.4 Philadelphia, United States, ASN39572 (ADVANCEDHOSTERS-AS, NL),
Reverse DNS
Software
nginx/1.18.0 /
Resource Hash

Request headers

Accept-Language
nl-NL,nl;q=0.9
Referer
https://517s61.reminews.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date
Fri, 03 Dec 2021 16:23:04 GMT
x-openstack-request-id
tx511d3042704c4fa98c709-00617824f4
x-trans-id
tx511d3042704c4fa98c709-00617824f4
x-timestamp
1631013005.68768
accept-ranges
bytes
expires
Sun, 05 Dec 2021 16:23:04 GMT
last-modified
Tue, 07 Sep 2021 11:10:06 GMT
server
nginx/1.18.0
etag
9d479878f1dadd7ee15cebf73891e8ae
vary
Accept-Encoding
access-control-allow-methods
HEAD,GET,POST,PUT,PATCH,DELETE,OPTIONS
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
access-control-expose-headers
X-Container-Meta-Temp-Url-Key,X-Container-Bytes-Used,Last-Modified,X-Timestamp
cache-control
max-age=172800
content-length
4281
access-control-allow-headers
Content-Type,X-Requested-With,X-Auth-Token,X-Openstack-Request-Id,X-Container-Meta-type,X-Container-Meta-Temp-URL-Key,Authorization
x-proxy-cache
HIT
icon1.png
123.selornews.com/dannig/common-player-arrow/img/ 		7 KB
8 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://123.selornews.com/dannig/common-player-arrow/img/icon1.png
Requested by
Host: 517s61.reminews.com
URL: https://517s61.reminews.com/dannig/common-player-arrow/index.html?var=1541501&ymid=21120311235d93dc8162ec45eda7ea55d0cc&rc=1&mrc=0&fsc=0&zoneid=1601571&tburl=https://play-vids.com/?geo=nl&proxy=true
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
45.133.44.4 Philadelphia, United States, ASN39572 (ADVANCEDHOSTERS-AS, NL),
Reverse DNS
Software
nginx/1.18.0 /
Resource Hash

Request headers

Accept-Language
nl-NL,nl;q=0.9
Referer
https://517s61.reminews.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date
Fri, 03 Dec 2021 16:23:04 GMT
x-openstack-request-id
tx3a371b7f911d47879e956-00617824f4
x-trans-id
tx3a371b7f911d47879e956-00617824f4
x-timestamp
1621260766.56573
accept-ranges
bytes
expires
Sun, 05 Dec 2021 16:23:04 GMT
last-modified
Mon, 17 May 2021 14:12:47 GMT
server
nginx/1.18.0
etag
3d0ab5834c8bf7134e4d21fa3288317f
vary
Accept-Encoding
access-control-allow-methods
HEAD,GET,POST,PUT,PATCH,DELETE,OPTIONS
content-type
image/png
access-control-allow-origin
*
access-control-expose-headers
X-Container-Meta-Temp-Url-Key,X-Container-Bytes-Used,Last-Modified,X-Timestamp
cache-control
max-age=172800
content-length
7252
access-control-allow-headers
Content-Type,X-Requested-With,X-Auth-Token,X-Openstack-Request-Id,X-Container-Meta-type,X-Container-Meta-Temp-URL-Key,Authorization
x-proxy-cache
HIT
icon2.png
123.selornews.com/dannig/common-player-arrow/img/ 		4 KB
5 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://123.selornews.com/dannig/common-player-arrow/img/icon2.png
Requested by
Host: 517s61.reminews.com
URL: https://517s61.reminews.com/dannig/common-player-arrow/index.html?var=1541501&ymid=21120311235d93dc8162ec45eda7ea55d0cc&rc=1&mrc=0&fsc=0&zoneid=1601571&tburl=https://play-vids.com/?geo=nl&proxy=true
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
45.133.44.4 Philadelphia, United States, ASN39572 (ADVANCEDHOSTERS-AS, NL),
Reverse DNS
Software
nginx/1.18.0 /
Resource Hash

Request headers

Accept-Language
nl-NL,nl;q=0.9
Referer
https://517s61.reminews.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date
Fri, 03 Dec 2021 16:23:04 GMT
x-openstack-request-id
txa9b08c83d6884e2e94886-00617824f0
x-trans-id
txa9b08c83d6884e2e94886-00617824f0
x-timestamp
1621260766.58366
accept-ranges
bytes
expires
Sun, 05 Dec 2021 16:23:04 GMT
last-modified
Mon, 17 May 2021 14:12:47 GMT
server
nginx/1.18.0
etag
c947d439eb93367f1af5b2a3d222f057
vary
Accept-Encoding
access-control-allow-methods
HEAD,GET,POST,PUT,PATCH,DELETE,OPTIONS
content-type
image/png
access-control-allow-origin
*
access-control-expose-headers
X-Container-Meta-Temp-Url-Key,X-Container-Bytes-Used,Last-Modified,X-Timestamp
cache-control
max-age=172800
content-length
4576
access-control-allow-headers
Content-Type,X-Requested-With,X-Auth-Token,X-Openstack-Request-Id,X-Container-Meta-type,X-Container-Meta-Temp-URL-Key,Authorization
x-proxy-cache
HIT
icon3.png
123.selornews.com/dannig/common-player-arrow/img/ 		8 KB
8 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://123.selornews.com/dannig/common-player-arrow/img/icon3.png
Requested by
Host: 517s61.reminews.com
URL: https://517s61.reminews.com/dannig/common-player-arrow/index.html?var=1541501&ymid=21120311235d93dc8162ec45eda7ea55d0cc&rc=1&mrc=0&fsc=0&zoneid=1601571&tburl=https://play-vids.com/?geo=nl&proxy=true
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
45.133.44.4 Philadelphia, United States, ASN39572 (ADVANCEDHOSTERS-AS, NL),
Reverse DNS
Software
nginx/1.18.0 /
Resource Hash

Request headers

Accept-Language
nl-NL,nl;q=0.9
Referer
https://517s61.reminews.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date
Fri, 03 Dec 2021 16:23:04 GMT
x-openstack-request-id
txe836bc800dc74cab8c17e-00617824f0
x-trans-id
txe836bc800dc74cab8c17e-00617824f0
x-timestamp
1621260770.61859
accept-ranges
bytes
expires
Sun, 05 Dec 2021 16:23:04 GMT
last-modified
Mon, 17 May 2021 14:12:51 GMT
server
nginx/1.18.0
etag
8f3cc830da0b1fdf66bda7d1d734747b
vary
Accept-Encoding
access-control-allow-methods
HEAD,GET,POST,PUT,PATCH,DELETE,OPTIONS
content-type
image/png
access-control-allow-origin
*
access-control-expose-headers
X-Container-Meta-Temp-Url-Key,X-Container-Bytes-Used,Last-Modified,X-Timestamp
cache-control
max-age=172800
content-length
7847
access-control-allow-headers
Content-Type,X-Requested-With,X-Auth-Token,X-Openstack-Request-Id,X-Container-Meta-type,X-Container-Meta-Temp-URL-Key,Authorization
x-proxy-cache
HIT
icon4.png
123.selornews.com/dannig/common-player-arrow/img/ 		7 KB
7 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://123.selornews.com/dannig/common-player-arrow/img/icon4.png
Requested by
Host: 517s61.reminews.com
URL: https://517s61.reminews.com/dannig/common-player-arrow/index.html?var=1541501&ymid=21120311235d93dc8162ec45eda7ea55d0cc&rc=1&mrc=0&fsc=0&zoneid=1601571&tburl=https://play-vids.com/?geo=nl&proxy=true
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
45.133.44.4 Philadelphia, United States, ASN39572 (ADVANCEDHOSTERS-AS, NL),
Reverse DNS
Software
nginx/1.18.0 /
Resource Hash

Request headers

Accept-Language
nl-NL,nl;q=0.9
Referer
https://517s61.reminews.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date
Fri, 03 Dec 2021 16:23:04 GMT
x-openstack-request-id
tx15b172dcb6084849bf123-00617824f0
x-trans-id
tx15b172dcb6084849bf123-00617824f0
x-timestamp
1621260766.57654
accept-ranges
bytes
expires
Sun, 05 Dec 2021 16:23:04 GMT
last-modified
Mon, 17 May 2021 14:12:47 GMT
server
nginx/1.18.0
etag
7ad7f32c1c0df7b4975cc41bda4ac435
vary
Accept-Encoding
access-control-allow-methods
HEAD,GET,POST,PUT,PATCH,DELETE,OPTIONS
content-type
image/png
access-control-allow-origin
*
access-control-expose-headers
X-Container-Meta-Temp-Url-Key,X-Container-Bytes-Used,Last-Modified,X-Timestamp
cache-control
max-age=172800
content-length
7032
access-control-allow-headers
Content-Type,X-Requested-With,X-Auth-Token,X-Openstack-Request-Id,X-Container-Meta-type,X-Container-Meta-Temp-URL-Key,Authorization
x-proxy-cache
HIT
icon5.png
123.selornews.com/dannig/common-player-arrow/img/ 		3 KB
4 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://123.selornews.com/dannig/common-player-arrow/img/icon5.png
Requested by
Host: 517s61.reminews.com
URL: https://517s61.reminews.com/dannig/common-player-arrow/index.html?var=1541501&ymid=21120311235d93dc8162ec45eda7ea55d0cc&rc=1&mrc=0&fsc=0&zoneid=1601571&tburl=https://play-vids.com/?geo=nl&proxy=true
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
45.133.44.4 Philadelphia, United States, ASN39572 (ADVANCEDHOSTERS-AS, NL),
Reverse DNS
Software
nginx/1.18.0 /
Resource Hash

Request headers

Accept-Language
nl-NL,nl;q=0.9
Referer
https://517s61.reminews.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date
Fri, 03 Dec 2021 16:23:04 GMT
x-openstack-request-id
txb5043e51fe2e4d6988631-00617824f0
x-trans-id
txb5043e51fe2e4d6988631-00617824f0
x-timestamp
1621260766.74516
accept-ranges
bytes
expires
Sun, 05 Dec 2021 16:23:04 GMT
last-modified
Mon, 17 May 2021 14:12:47 GMT
server
nginx/1.18.0
etag
1e1a7582b5da63e10485d63f97abc9a0
vary
Accept-Encoding
access-control-allow-methods
HEAD,GET,POST,PUT,PATCH,DELETE,OPTIONS
content-type
image/png
access-control-allow-origin
*
access-control-expose-headers
X-Container-Meta-Temp-Url-Key,X-Container-Bytes-Used,Last-Modified,X-Timestamp
cache-control
max-age=172800
content-length
3264
access-control-allow-headers
Content-Type,X-Requested-With,X-Auth-Token,X-Openstack-Request-Id,X-Container-Meta-type,X-Container-Meta-Temp-URL-Key,Authorization
x-proxy-cache
HIT
icon7.png
123.selornews.com/dannig/common-player-arrow/img/ 		3 KB
4 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://123.selornews.com/dannig/common-player-arrow/img/icon7.png
Requested by
Host: 517s61.reminews.com
URL: https://517s61.reminews.com/dannig/common-player-arrow/index.html?var=1541501&ymid=21120311235d93dc8162ec45eda7ea55d0cc&rc=1&mrc=0&fsc=0&zoneid=1601571&tburl=https://play-vids.com/?geo=nl&proxy=true
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
45.133.44.4 Philadelphia, United States, ASN39572 (ADVANCEDHOSTERS-AS, NL),
Reverse DNS
Software
nginx/1.18.0 /
Resource Hash

Request headers

Accept-Language
nl-NL,nl;q=0.9
Referer
https://517s61.reminews.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date
Fri, 03 Dec 2021 16:23:04 GMT
x-openstack-request-id
tx23eb648f44094a9e86fdc-00617824f0
x-trans-id
tx23eb648f44094a9e86fdc-00617824f0
x-timestamp
1621260767.43555
accept-ranges
bytes
expires
Sun, 05 Dec 2021 16:23:04 GMT
last-modified
Mon, 17 May 2021 14:12:48 GMT
server
nginx/1.18.0
etag
b512735542cb07b3b2dcf153a7dfe456
vary
Accept-Encoding
access-control-allow-methods
HEAD,GET,POST,PUT,PATCH,DELETE,OPTIONS
content-type
image/png
access-control-allow-origin
*
access-control-expose-headers
X-Container-Meta-Temp-Url-Key,X-Container-Bytes-Used,Last-Modified,X-Timestamp
cache-control
max-age=172800
content-length
3283
access-control-allow-headers
Content-Type,X-Requested-With,X-Auth-Token,X-Openstack-Request-Id,X-Container-Meta-type,X-Container-Meta-Temp-URL-Key,Authorization
x-proxy-cache
HIT
icon8.png
123.selornews.com/dannig/common-player-arrow/img/ 		4 KB
5 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://123.selornews.com/dannig/common-player-arrow/img/icon8.png
Requested by
Host: 517s61.reminews.com
URL: https://517s61.reminews.com/dannig/common-player-arrow/index.html?var=1541501&ymid=21120311235d93dc8162ec45eda7ea55d0cc&rc=1&mrc=0&fsc=0&zoneid=1601571&tburl=https://play-vids.com/?geo=nl&proxy=true
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
45.133.44.4 Philadelphia, United States, ASN39572 (ADVANCEDHOSTERS-AS, NL),
Reverse DNS
Software
nginx/1.18.0 /
Resource Hash

Request headers

Accept-Language
nl-NL,nl;q=0.9
Referer
https://517s61.reminews.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date
Fri, 03 Dec 2021 16:23:04 GMT
x-openstack-request-id
tx287de7c84de84b77b385d-00617824f0
x-trans-id
tx287de7c84de84b77b385d-00617824f0
x-timestamp
1621260767.46514
accept-ranges
bytes
expires
Sun, 05 Dec 2021 16:23:04 GMT
last-modified
Mon, 17 May 2021 14:12:48 GMT
server
nginx/1.18.0
etag
f92d6474ebc6a3a0b576749cfb4afe98
vary
Accept-Encoding
access-control-allow-methods
HEAD,GET,POST,PUT,PATCH,DELETE,OPTIONS
content-type
image/png
access-control-allow-origin
*
access-control-expose-headers
X-Container-Meta-Temp-Url-Key,X-Container-Bytes-Used,Last-Modified,X-Timestamp
cache-control
max-age=172800
content-length
4064
access-control-allow-headers
Content-Type,X-Requested-With,X-Auth-Token,X-Openstack-Request-Id,X-Container-Meta-type,X-Container-Meta-Temp-URL-Key,Authorization
x-proxy-cache
HIT
afu.php
kneeansweras.com/ 		2 KB
1 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://kneeansweras.com/afu.php?zoneid=1541502&var=1541501
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
109.206.162.83 , Netherlands, ASN50245 (SERVEREL-AS, NL),
Reverse DNS
83.162.serverel.net
Software
nginx /
Resource Hash
39ed63454d035c017bd719719371daca4c03b4c4a00c279ce3c6393093df58d4

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36
Accept-Language
nl-NL,nl;q=0.9

Response headers

server
nginx
date
Fri, 03 Dec 2021 16:23:04 GMT
content-type
text/html; charset=utf-8
vary
Accept-Encoding
content-encoding
gzip
timing-allow-origin
*
submit.min.js
kneeansweras.com/ 		34 KB
14 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://kneeansweras.com/submit.min.js?2.0
Requested by
Host: kneeansweras.com
URL: https://kneeansweras.com/afu.php?zoneid=1541502&var=1541501
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
109.206.162.83 , Netherlands, ASN50245 (SERVEREL-AS, NL),
Reverse DNS
83.162.serverel.net
Software
nginx /
Resource Hash
85a367f436675a0f9ff723ab117c68ab0f704cd9f183bc40c8d5e06d647832b8

Request headers

Accept-Language
nl-NL,nl;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date
Fri, 03 Dec 2021 16:23:04 GMT
content-encoding
gzip
last-modified
Thu, 02 Dec 2021 12:43:17 GMT
server
nginx
etag
W/"61a8bf65-87fb"
vary
Accept-Encoding
content-type
application/javascript
timing-allow-origin
*
/
kneeansweras.com/ 		3 KB
2 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://kneeansweras.com/?r=dir&zoneid=1541502&var=1541501&pb=99d2679fdbee7ed704946d37ec67e0291638555784&psp=AULdnCs45UrvKwufB2fsulnTN3yFBsmETyR0SJCsURqEPu3oo--fcrXQ5gfgUealryDyLdd7ciSwCqlYUhUGcQRc1bpxHU1Y7Bmo3dP4AcDd38X-ELWpgez_YJ_uunkec3rOAkrF7PxG3Kn_6qlJLRSLV1FmP1nU9CuJmQbJ-Q1S1H8PGfPl8-XsfkKhuWHNJGHMk9xntCh8gAX_6VBfX8IZQNcJ5_P4aHMq8KEgfSiQkHMOVSQhK9PQ85v69jmy55m6MhXyyNIXiAbjwXXwEo-WexvVu9wi2zUdlnY6_vLJGO__F5pONPDvfOS9R82c4EOJbNvU74LyBgprptuHzIaa-90qqVEDn5M0pt7G7TYMadBN2Lng6K5h4wbss0Q9-Th70BtOCfKeK1N0aJep82Z_1IHkCum1rc___EDR6ZNBV7s8a69c6tT-Tjy0CaWRHglAimCCT0shEm_eQ741o12wIlHCdaqJkfPH3jsSsAA04MlRDn2FjF7r0oP0rTe6z2z-vEr0uFbZEh7Vzf7QaYJIKkNHkoMKmALw127rKTByzdg-aZ_t1fPW_7DHGwswwVqWBf4X8McWzNrA69j23-VqPcJOQf1OzvbUJ2YVfViaRknN6qxXRukhOm8h04S2XbiXPHQLg4Nxis6h8vpFTmgFMNp2gDcpvDtWvdz8IUezjyJ-rOHxLA==&nojs=0&ix=0&t=0&x=1600&y=1200&wcks=1&wgl=1&cnvs=1&os=0&md=0&bb=0&pl=Chrome%20PDF%20Plugin::Chrome%20PDF%20Viewer::Native%20Client&lang=en-US&pf=Linux%20x86_64&cd=24&0&pload=104
Requested by
Host: kneeansweras.com
URL: https://kneeansweras.com/submit.min.js?2.0
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
109.206.162.83 , Netherlands, ASN50245 (SERVEREL-AS, NL),
Reverse DNS
83.162.serverel.net
Software
nginx /
Resource Hash

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36
Accept-Language
nl-NL,nl;q=0.9

Response headers

server
nginx
date
Fri, 03 Dec 2021 16:23:04 GMT
content-type
text/html; charset=utf-8
vary
Accept-Encoding
content-encoding
gzip
timing-allow-origin
*
index.html
517s61.reminews.com/dannig/common-player-arrow/ 		6 KB
7 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://517s61.reminews.com/dannig/common-player-arrow/index.html?var=1541502&ymid=2112031123f0b63f746e6d4ad494b23d0535&rc=1&mrc=0&fsc=0&zoneid=1601571&tburl=https://play-vids.com/?geo=nl&proxy=true
Requested by
Host: kneeansweras.com
URL: https://kneeansweras.com/?r=dir&zoneid=1541502&var=1541501&pb=99d2679fdbee7ed704946d37ec67e0291638555784&psp=AULdnCs45UrvKwufB2fsulnTN3yFBsmETyR0SJCsURqEPu3oo--fcrXQ5gfgUealryDyLdd7ciSwCqlYUhUGcQRc1bpxHU1Y7Bmo3dP4AcDd38X-ELWpgez_YJ_uunkec3rOAkrF7PxG3Kn_6qlJLRSLV1FmP1nU9CuJmQbJ-Q1S1H8PGfPl8-XsfkKhuWHNJGHMk9xntCh8gAX_6VBfX8IZQNcJ5_P4aHMq8KEgfSiQkHMOVSQhK9PQ85v69jmy55m6MhXyyNIXiAbjwXXwEo-WexvVu9wi2zUdlnY6_vLJGO__F5pONPDvfOS9R82c4EOJbNvU74LyBgprptuHzIaa-90qqVEDn5M0pt7G7TYMadBN2Lng6K5h4wbss0Q9-Th70BtOCfKeK1N0aJep82Z_1IHkCum1rc___EDR6ZNBV7s8a69c6tT-Tjy0CaWRHglAimCCT0shEm_eQ741o12wIlHCdaqJkfPH3jsSsAA04MlRDn2FjF7r0oP0rTe6z2z-vEr0uFbZEh7Vzf7QaYJIKkNHkoMKmALw127rKTByzdg-aZ_t1fPW_7DHGwswwVqWBf4X8McWzNrA69j23-VqPcJOQf1OzvbUJ2YVfViaRknN6qxXRukhOm8h04S2XbiXPHQLg4Nxis6h8vpFTmgFMNp2gDcpvDtWvdz8IUezjyJ-rOHxLA==&nojs=0&ix=0&t=0&x=1600&y=1200&wcks=1&wgl=1&cnvs=1&os=0&md=0&bb=0&pl=Chrome%20PDF%20Plugin::Chrome%20PDF%20Viewer::Native%20Client&lang=en-US&pf=Linux%20x86_64&cd=24&0&pload=104
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
45.133.44.3 Philadelphia, United States, ASN39572 (ADVANCEDHOSTERS-AS, NL),
Reverse DNS
Software
nginx/1.18.0 /
Resource Hash
dccc56b4834577790633f041a5c730b0f283352e63c8509a9da3961b170b6f96

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36
Accept-Language
nl-NL,nl;q=0.9

Response headers

date
Fri, 03 Dec 2021 16:23:04 GMT
content-type
text/html; charset=utf-8
content-length
6611
server
nginx/1.18.0
last-modified
Tue, 26 Oct 2021 15:52:40 GMT
etag
f46a63e0e4e733d7ddc6f46da00863bf
x-timestamp
1635263559.76455
x-trans-id
txf9973ab5455e4f86ae257-00617824f3
x-openstack-request-id
txf9973ab5455e4f86ae257-00617824f3
cache-control
max-age=172800
access-control-allow-origin
*
access-control-allow-methods
HEAD,GET,POST,PUT,PATCH,DELETE,OPTIONS
access-control-allow-headers
Content-Type,X-Requested-With,X-Auth-Token,X-Openstack-Request-Id,X-Container-Meta-type,X-Container-Meta-Temp-URL-Key,Authorization
access-control-expose-headers
X-Container-Meta-Temp-Url-Key,X-Container-Bytes-Used,Last-Modified,X-Timestamp
expires
Sun, 05 Dec 2021 16:23:04 GMT
vary
Accept-Encoding
x-proxy-cache
HIT
accept-ranges
bytes
dupa.gif
kneeansweras.com/ 		0
0
script.js
123.selornews.com/dannig/common-player-arrow/ 		4 KB
5 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://123.selornews.com/dannig/common-player-arrow/script.js?a=19
Requested by
Host: 517s61.reminews.com
URL: https://517s61.reminews.com/dannig/common-player-arrow/index.html?var=1541502&ymid=2112031123f0b63f746e6d4ad494b23d0535&rc=1&mrc=0&fsc=0&zoneid=1601571&tburl=https://play-vids.com/?geo=nl&proxy=true
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
45.133.44.4 Philadelphia, United States, ASN39572 (ADVANCEDHOSTERS-AS, NL),
Reverse DNS
Software
nginx/1.18.0 /
Resource Hash
4d23eca65ee87fd5bce9aaefc863c5f836ad13dbb3069c72533bddfe2054d0d9

Request headers

Accept-Language
nl-NL,nl;q=0.9
Referer
https://517s61.reminews.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date
Fri, 03 Dec 2021 16:23:04 GMT
x-openstack-request-id
tx511d3042704c4fa98c709-00617824f4
x-trans-id
tx511d3042704c4fa98c709-00617824f4
x-timestamp
1631013005.68768
accept-ranges
bytes
expires
Sun, 05 Dec 2021 16:23:04 GMT
last-modified
Tue, 07 Sep 2021 11:10:06 GMT
server
nginx/1.18.0
etag
9d479878f1dadd7ee15cebf73891e8ae
vary
Accept-Encoding
access-control-allow-methods
HEAD,GET,POST,PUT,PATCH,DELETE,OPTIONS
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
access-control-expose-headers
X-Container-Meta-Temp-Url-Key,X-Container-Bytes-Used,Last-Modified,X-Timestamp
cache-control
max-age=172800
content-length
4281
access-control-allow-headers
Content-Type,X-Requested-With,X-Auth-Token,X-Openstack-Request-Id,X-Container-Meta-type,X-Container-Meta-Temp-URL-Key,Authorization
x-proxy-cache
HIT
icon1.png
123.selornews.com/dannig/common-player-arrow/img/ 		7 KB
8 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://123.selornews.com/dannig/common-player-arrow/img/icon1.png
Requested by
Host: 517s61.reminews.com
URL: https://517s61.reminews.com/dannig/common-player-arrow/index.html?var=1541502&ymid=2112031123f0b63f746e6d4ad494b23d0535&rc=1&mrc=0&fsc=0&zoneid=1601571&tburl=https://play-vids.com/?geo=nl&proxy=true
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
45.133.44.4 Philadelphia, United States, ASN39572 (ADVANCEDHOSTERS-AS, NL),
Reverse DNS
Software
nginx/1.18.0 /
Resource Hash
0515ddd9185d263874e7b66bb6d521fcd63b857aac5fed51c08df98026dafe27

Request headers

Accept-Language
nl-NL,nl;q=0.9
Referer
https://517s61.reminews.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date
Fri, 03 Dec 2021 16:23:04 GMT
x-openstack-request-id
tx3a371b7f911d47879e956-00617824f4
x-trans-id
tx3a371b7f911d47879e956-00617824f4
x-timestamp
1621260766.56573
accept-ranges
bytes
expires
Sun, 05 Dec 2021 16:23:04 GMT
last-modified
Mon, 17 May 2021 14:12:47 GMT
server
nginx/1.18.0
etag
3d0ab5834c8bf7134e4d21fa3288317f
vary
Accept-Encoding
access-control-allow-methods
HEAD,GET,POST,PUT,PATCH,DELETE,OPTIONS
content-type
image/png
access-control-allow-origin
*
access-control-expose-headers
X-Container-Meta-Temp-Url-Key,X-Container-Bytes-Used,Last-Modified,X-Timestamp
cache-control
max-age=172800
content-length
7252
access-control-allow-headers
Content-Type,X-Requested-With,X-Auth-Token,X-Openstack-Request-Id,X-Container-Meta-type,X-Container-Meta-Temp-URL-Key,Authorization
x-proxy-cache
HIT
icon2.png
123.selornews.com/dannig/common-player-arrow/img/ 		4 KB
5 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://123.selornews.com/dannig/common-player-arrow/img/icon2.png
Requested by
Host: 517s61.reminews.com
URL: https://517s61.reminews.com/dannig/common-player-arrow/index.html?var=1541502&ymid=2112031123f0b63f746e6d4ad494b23d0535&rc=1&mrc=0&fsc=0&zoneid=1601571&tburl=https://play-vids.com/?geo=nl&proxy=true
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
45.133.44.4 Philadelphia, United States, ASN39572 (ADVANCEDHOSTERS-AS, NL),
Reverse DNS
Software
nginx/1.18.0 /
Resource Hash

Request headers

Accept-Language
nl-NL,nl;q=0.9
Referer
https://517s61.reminews.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date
Fri, 03 Dec 2021 16:23:04 GMT
x-openstack-request-id
txa9b08c83d6884e2e94886-00617824f0
x-trans-id
txa9b08c83d6884e2e94886-00617824f0
x-timestamp
1621260766.58366
accept-ranges
bytes
expires
Sun, 05 Dec 2021 16:23:04 GMT
last-modified
Mon, 17 May 2021 14:12:47 GMT
server
nginx/1.18.0
etag
c947d439eb93367f1af5b2a3d222f057
vary
Accept-Encoding
access-control-allow-methods
HEAD,GET,POST,PUT,PATCH,DELETE,OPTIONS
content-type
image/png
access-control-allow-origin
*
access-control-expose-headers
X-Container-Meta-Temp-Url-Key,X-Container-Bytes-Used,Last-Modified,X-Timestamp
cache-control
max-age=172800
content-length
4576
access-control-allow-headers
Content-Type,X-Requested-With,X-Auth-Token,X-Openstack-Request-Id,X-Container-Meta-type,X-Container-Meta-Temp-URL-Key,Authorization
x-proxy-cache
HIT
icon3.png
123.selornews.com/dannig/common-player-arrow/img/ 		8 KB
8 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://123.selornews.com/dannig/common-player-arrow/img/icon3.png
Requested by
Host: 517s61.reminews.com
URL: https://517s61.reminews.com/dannig/common-player-arrow/index.html?var=1541502&ymid=2112031123f0b63f746e6d4ad494b23d0535&rc=1&mrc=0&fsc=0&zoneid=1601571&tburl=https://play-vids.com/?geo=nl&proxy=true
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
45.133.44.4 Philadelphia, United States, ASN39572 (ADVANCEDHOSTERS-AS, NL),
Reverse DNS
Software
nginx/1.18.0 /
Resource Hash

Request headers

Accept-Language
nl-NL,nl;q=0.9
Referer
https://517s61.reminews.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date
Fri, 03 Dec 2021 16:23:04 GMT
x-openstack-request-id
txe836bc800dc74cab8c17e-00617824f0
x-trans-id
txe836bc800dc74cab8c17e-00617824f0
x-timestamp
1621260770.61859
accept-ranges
bytes
expires
Sun, 05 Dec 2021 16:23:04 GMT
last-modified
Mon, 17 May 2021 14:12:51 GMT
server
nginx/1.18.0
etag
8f3cc830da0b1fdf66bda7d1d734747b
vary
Accept-Encoding
access-control-allow-methods
HEAD,GET,POST,PUT,PATCH,DELETE,OPTIONS
content-type
image/png
access-control-allow-origin
*
access-control-expose-headers
X-Container-Meta-Temp-Url-Key,X-Container-Bytes-Used,Last-Modified,X-Timestamp
cache-control
max-age=172800
content-length
7847
access-control-allow-headers
Content-Type,X-Requested-With,X-Auth-Token,X-Openstack-Request-Id,X-Container-Meta-type,X-Container-Meta-Temp-URL-Key,Authorization
x-proxy-cache
HIT
icon4.png
123.selornews.com/dannig/common-player-arrow/img/ 		7 KB
7 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://123.selornews.com/dannig/common-player-arrow/img/icon4.png
Requested by
Host: 517s61.reminews.com
URL: https://517s61.reminews.com/dannig/common-player-arrow/index.html?var=1541502&ymid=2112031123f0b63f746e6d4ad494b23d0535&rc=1&mrc=0&fsc=0&zoneid=1601571&tburl=https://play-vids.com/?geo=nl&proxy=true
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
45.133.44.4 Philadelphia, United States, ASN39572 (ADVANCEDHOSTERS-AS, NL),
Reverse DNS
Software
nginx/1.18.0 /
Resource Hash

Request headers

Accept-Language
nl-NL,nl;q=0.9
Referer
https://517s61.reminews.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date
Fri, 03 Dec 2021 16:23:04 GMT
x-openstack-request-id
tx15b172dcb6084849bf123-00617824f0
x-trans-id
tx15b172dcb6084849bf123-00617824f0
x-timestamp
1621260766.57654
accept-ranges
bytes
expires
Sun, 05 Dec 2021 16:23:04 GMT
last-modified
Mon, 17 May 2021 14:12:47 GMT
server
nginx/1.18.0
etag
7ad7f32c1c0df7b4975cc41bda4ac435
vary
Accept-Encoding
access-control-allow-methods
HEAD,GET,POST,PUT,PATCH,DELETE,OPTIONS
content-type
image/png
access-control-allow-origin
*
access-control-expose-headers
X-Container-Meta-Temp-Url-Key,X-Container-Bytes-Used,Last-Modified,X-Timestamp
cache-control
max-age=172800
content-length
7032
access-control-allow-headers
Content-Type,X-Requested-With,X-Auth-Token,X-Openstack-Request-Id,X-Container-Meta-type,X-Container-Meta-Temp-URL-Key,Authorization
x-proxy-cache
HIT
icon5.png
123.selornews.com/dannig/common-player-arrow/img/ 		3 KB
4 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://123.selornews.com/dannig/common-player-arrow/img/icon5.png
Requested by
Host: 517s61.reminews.com
URL: https://517s61.reminews.com/dannig/common-player-arrow/index.html?var=1541502&ymid=2112031123f0b63f746e6d4ad494b23d0535&rc=1&mrc=0&fsc=0&zoneid=1601571&tburl=https://play-vids.com/?geo=nl&proxy=true
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
45.133.44.4 Philadelphia, United States, ASN39572 (ADVANCEDHOSTERS-AS, NL),
Reverse DNS
Software
nginx/1.18.0 /
Resource Hash

Request headers

Accept-Language
nl-NL,nl;q=0.9
Referer
https://517s61.reminews.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date
Fri, 03 Dec 2021 16:23:04 GMT
x-openstack-request-id
txb5043e51fe2e4d6988631-00617824f0
x-trans-id
txb5043e51fe2e4d6988631-00617824f0
x-timestamp
1621260766.74516
accept-ranges
bytes
expires
Sun, 05 Dec 2021 16:23:04 GMT
last-modified
Mon, 17 May 2021 14:12:47 GMT
server
nginx/1.18.0
etag
1e1a7582b5da63e10485d63f97abc9a0
vary
Accept-Encoding
access-control-allow-methods
HEAD,GET,POST,PUT,PATCH,DELETE,OPTIONS
content-type
image/png
access-control-allow-origin
*
access-control-expose-headers
X-Container-Meta-Temp-Url-Key,X-Container-Bytes-Used,Last-Modified,X-Timestamp
cache-control
max-age=172800
content-length
3264
access-control-allow-headers
Content-Type,X-Requested-With,X-Auth-Token,X-Openstack-Request-Id,X-Container-Meta-type,X-Container-Meta-Temp-URL-Key,Authorization
x-proxy-cache
HIT
icon7.png
123.selornews.com/dannig/common-player-arrow/img/ 		3 KB
4 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://123.selornews.com/dannig/common-player-arrow/img/icon7.png
Requested by
Host: 517s61.reminews.com
URL: https://517s61.reminews.com/dannig/common-player-arrow/index.html?var=1541502&ymid=2112031123f0b63f746e6d4ad494b23d0535&rc=1&mrc=0&fsc=0&zoneid=1601571&tburl=https://play-vids.com/?geo=nl&proxy=true
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
45.133.44.4 Philadelphia, United States, ASN39572 (ADVANCEDHOSTERS-AS, NL),
Reverse DNS
Software
nginx/1.18.0 /
Resource Hash

Request headers

Accept-Language
nl-NL,nl;q=0.9
Referer
https://517s61.reminews.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date
Fri, 03 Dec 2021 16:23:04 GMT
x-openstack-request-id
tx23eb648f44094a9e86fdc-00617824f0
x-trans-id
tx23eb648f44094a9e86fdc-00617824f0
x-timestamp
1621260767.43555
accept-ranges
bytes
expires
Sun, 05 Dec 2021 16:23:04 GMT
last-modified
Mon, 17 May 2021 14:12:48 GMT
server
nginx/1.18.0
etag
b512735542cb07b3b2dcf153a7dfe456
vary
Accept-Encoding
access-control-allow-methods
HEAD,GET,POST,PUT,PATCH,DELETE,OPTIONS
content-type
image/png
access-control-allow-origin
*
access-control-expose-headers
X-Container-Meta-Temp-Url-Key,X-Container-Bytes-Used,Last-Modified,X-Timestamp
cache-control
max-age=172800
content-length
3283
access-control-allow-headers
Content-Type,X-Requested-With,X-Auth-Token,X-Openstack-Request-Id,X-Container-Meta-type,X-Container-Meta-Temp-URL-Key,Authorization
x-proxy-cache
HIT
icon8.png
123.selornews.com/dannig/common-player-arrow/img/ 		4 KB
5 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://123.selornews.com/dannig/common-player-arrow/img/icon8.png
Requested by
Host: 517s61.reminews.com
URL: https://517s61.reminews.com/dannig/common-player-arrow/index.html?var=1541502&ymid=2112031123f0b63f746e6d4ad494b23d0535&rc=1&mrc=0&fsc=0&zoneid=1601571&tburl=https://play-vids.com/?geo=nl&proxy=true
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
45.133.44.4 Philadelphia, United States, ASN39572 (ADVANCEDHOSTERS-AS, NL),
Reverse DNS
Software
nginx/1.18.0 /
Resource Hash

Request headers

Accept-Language
nl-NL,nl;q=0.9
Referer
https://517s61.reminews.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date
Fri, 03 Dec 2021 16:23:04 GMT
x-openstack-request-id
tx287de7c84de84b77b385d-00617824f0
x-trans-id
tx287de7c84de84b77b385d-00617824f0
x-timestamp
1621260767.46514
accept-ranges
bytes
expires
Sun, 05 Dec 2021 16:23:04 GMT
last-modified
Mon, 17 May 2021 14:12:48 GMT
server
nginx/1.18.0
etag
f92d6474ebc6a3a0b576749cfb4afe98
vary
Accept-Encoding
access-control-allow-methods
HEAD,GET,POST,PUT,PATCH,DELETE,OPTIONS
content-type
image/png
access-control-allow-origin
*
access-control-expose-headers
X-Container-Meta-Temp-Url-Key,X-Container-Bytes-Used,Last-Modified,X-Timestamp
cache-control
max-age=172800
content-length
4064
access-control-allow-headers
Content-Type,X-Requested-With,X-Auth-Token,X-Openstack-Request-Id,X-Container-Meta-type,X-Container-Meta-Temp-URL-Key,Authorization
x-proxy-cache
HIT
afu.php
kneeansweras.com/ 		2 KB
1 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://kneeansweras.com/afu.php?zoneid=1541501&var=1541502
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
109.206.162.83 , Netherlands, ASN50245 (SERVEREL-AS, NL),
Reverse DNS
83.162.serverel.net
Software
nginx /
Resource Hash
8ed801dec0b5c14538364ea76670d877b4643abf3fc666c529154581b96014ff

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36
Accept-Language
nl-NL,nl;q=0.9

Response headers

server
nginx
date
Fri, 03 Dec 2021 16:23:04 GMT
content-type
text/html; charset=utf-8
vary
Accept-Encoding
content-encoding
gzip
timing-allow-origin
*
submit.min.js
kneeansweras.com/ 		34 KB
14 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://kneeansweras.com/submit.min.js?2.0
Requested by
Host: kneeansweras.com
URL: https://kneeansweras.com/afu.php?zoneid=1541501&var=1541502
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
109.206.162.83 , Netherlands, ASN50245 (SERVEREL-AS, NL),
Reverse DNS
83.162.serverel.net
Software
nginx /
Resource Hash
85a367f436675a0f9ff723ab117c68ab0f704cd9f183bc40c8d5e06d647832b8

Request headers

Accept-Language
nl-NL,nl;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date
Fri, 03 Dec 2021 16:23:05 GMT
content-encoding
gzip
last-modified
Thu, 02 Dec 2021 12:43:17 GMT
server
nginx
etag
W/"61a8bf65-87fb"
vary
Accept-Encoding
content-type
application/javascript
timing-allow-origin
*
/
kneeansweras.com/ 		3 KB
2 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://kneeansweras.com/?r=dir&zoneid=1541501&var=1541502&pb=99d2679fdbee7ed704946d37ec67e0291638555784&psp=WZxeMFBNdWJQTWC41_HAE5rjvAzAXtPBY0MFxlpk3sCMzLik_0HMGDlXny1GQM92nsyJ4j3JZ_g_tom9vhUDGmm1Aeih78jEExTI678jJZx28CtSvdBEZTZuWfW6IGUYMjp4IrSMto3uQAJNmqYg4vMpKI8homZxSXJUGgIr53M7J7ZywcKeqKE1qDff_sXokBxK7-f6Wlae5iKLZMqKKV01wixayZIk06WACUirTojFjza3E6GjVASofosd2wm7wE4z3yChkTaCX-fwieQMFAYQ9kLIO6nJtLymsnh1GLa7pGaqFBfJXq9wxewBXcDynWUUyG_Gp7iNskwavXlntpwvUvHaYji256GOKMcm3cQVBksKQeGWN4wi9NoN5sK_EhF7aIyQ4T5yRpKOvc8jLfELvweQBvWXJsTeK-a-8VyjHqfaYXOlSp6llateLRXoP1LuDePD-TBotfKvgsSp9fKkKMm_XXWN1-C4NH-Pre1noMD2xxwhGyZisbFSoDKKn456gW3yW_dITzwL06WWqqkrHGK3TwdSfwSOOuI8CHWB9JYj51PpQqOdj6Hr7Fymtmkfr9F_qnU9VNTySkrRspAw7H2h3Y6Y6Q8rd0J94X5qDZ_r1OB97DMdRHB9h6_yYkGmdJcv-6K5yKvrgJx2LksVwcvbyOnCh9tvVYiBHVpooiU45OdiUg==&nojs=0&ix=0&t=0&x=1600&y=1200&wcks=1&wgl=1&cnvs=1&os=0&md=0&bb=0&pl=Chrome%20PDF%20Plugin::Chrome%20PDF%20Viewer::Native%20Client&lang=en-US&pf=Linux%20x86_64&cd=24&0&pload=107
Requested by
Host: kneeansweras.com
URL: https://kneeansweras.com/submit.min.js?2.0
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
109.206.162.83 , Netherlands, ASN50245 (SERVEREL-AS, NL),
Reverse DNS
83.162.serverel.net
Software
nginx /
Resource Hash

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36
Accept-Language
nl-NL,nl;q=0.9

Response headers

server
nginx
date
Fri, 03 Dec 2021 16:23:05 GMT
content-type
text/html; charset=utf-8
vary
Accept-Encoding
content-encoding
gzip
timing-allow-origin
*
index.html
517s61.reminews.com/dannig/common-player-arrow/ 		6 KB
7 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://517s61.reminews.com/dannig/common-player-arrow/index.html?var=1541501&ymid=21120311231318ba21eb9d4311b83f814730&rc=1&mrc=0&fsc=0&zoneid=1601571&tburl=https://play-vids.com/?geo=nl&proxy=true
Requested by
Host: kneeansweras.com
URL: https://kneeansweras.com/?r=dir&zoneid=1541501&var=1541502&pb=99d2679fdbee7ed704946d37ec67e0291638555784&psp=WZxeMFBNdWJQTWC41_HAE5rjvAzAXtPBY0MFxlpk3sCMzLik_0HMGDlXny1GQM92nsyJ4j3JZ_g_tom9vhUDGmm1Aeih78jEExTI678jJZx28CtSvdBEZTZuWfW6IGUYMjp4IrSMto3uQAJNmqYg4vMpKI8homZxSXJUGgIr53M7J7ZywcKeqKE1qDff_sXokBxK7-f6Wlae5iKLZMqKKV01wixayZIk06WACUirTojFjza3E6GjVASofosd2wm7wE4z3yChkTaCX-fwieQMFAYQ9kLIO6nJtLymsnh1GLa7pGaqFBfJXq9wxewBXcDynWUUyG_Gp7iNskwavXlntpwvUvHaYji256GOKMcm3cQVBksKQeGWN4wi9NoN5sK_EhF7aIyQ4T5yRpKOvc8jLfELvweQBvWXJsTeK-a-8VyjHqfaYXOlSp6llateLRXoP1LuDePD-TBotfKvgsSp9fKkKMm_XXWN1-C4NH-Pre1noMD2xxwhGyZisbFSoDKKn456gW3yW_dITzwL06WWqqkrHGK3TwdSfwSOOuI8CHWB9JYj51PpQqOdj6Hr7Fymtmkfr9F_qnU9VNTySkrRspAw7H2h3Y6Y6Q8rd0J94X5qDZ_r1OB97DMdRHB9h6_yYkGmdJcv-6K5yKvrgJx2LksVwcvbyOnCh9tvVYiBHVpooiU45OdiUg==&nojs=0&ix=0&t=0&x=1600&y=1200&wcks=1&wgl=1&cnvs=1&os=0&md=0&bb=0&pl=Chrome%20PDF%20Plugin::Chrome%20PDF%20Viewer::Native%20Client&lang=en-US&pf=Linux%20x86_64&cd=24&0&pload=107
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
45.133.44.3 Philadelphia, United States, ASN39572 (ADVANCEDHOSTERS-AS, NL),
Reverse DNS
Software
nginx/1.18.0 /
Resource Hash

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36
Accept-Language
nl-NL,nl;q=0.9

Response headers

date
Fri, 03 Dec 2021 16:23:05 GMT
content-type
text/html; charset=utf-8
content-length
6611
server
nginx/1.18.0
last-modified
Tue, 26 Oct 2021 15:52:40 GMT
etag
f46a63e0e4e733d7ddc6f46da00863bf
x-timestamp
1635263559.76455
x-trans-id
txf9973ab5455e4f86ae257-00617824f3
x-openstack-request-id
txf9973ab5455e4f86ae257-00617824f3
cache-control
max-age=172800
access-control-allow-origin
*
access-control-allow-methods
HEAD,GET,POST,PUT,PATCH,DELETE,OPTIONS
access-control-allow-headers
Content-Type,X-Requested-With,X-Auth-Token,X-Openstack-Request-Id,X-Container-Meta-type,X-Container-Meta-Temp-URL-Key,Authorization
access-control-expose-headers
X-Container-Meta-Temp-Url-Key,X-Container-Bytes-Used,Last-Modified,X-Timestamp
expires
Sun, 05 Dec 2021 16:23:05 GMT
vary
Accept-Encoding
x-proxy-cache
HIT
accept-ranges
bytes
dupa.gif
kneeansweras.com/ 		0
0
script.js
123.selornews.com/dannig/common-player-arrow/ 		4 KB
5 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://123.selornews.com/dannig/common-player-arrow/script.js?a=19
Requested by
Host: 517s61.reminews.com
URL: https://517s61.reminews.com/dannig/common-player-arrow/index.html?var=1541501&ymid=21120311231318ba21eb9d4311b83f814730&rc=1&mrc=0&fsc=0&zoneid=1601571&tburl=https://play-vids.com/?geo=nl&proxy=true
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
45.133.44.4 Philadelphia, United States, ASN39572 (ADVANCEDHOSTERS-AS, NL),
Reverse DNS
Software
nginx/1.18.0 /
Resource Hash

Request headers

Accept-Language
nl-NL,nl;q=0.9
Referer
https://517s61.reminews.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date
Fri, 03 Dec 2021 16:23:05 GMT
x-openstack-request-id
tx511d3042704c4fa98c709-00617824f4
x-trans-id
tx511d3042704c4fa98c709-00617824f4
x-timestamp
1631013005.68768
accept-ranges
bytes
expires
Sun, 05 Dec 2021 16:23:05 GMT
last-modified
Tue, 07 Sep 2021 11:10:06 GMT
server
nginx/1.18.0
etag
9d479878f1dadd7ee15cebf73891e8ae
vary
Accept-Encoding
access-control-allow-methods
HEAD,GET,POST,PUT,PATCH,DELETE,OPTIONS
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
access-control-expose-headers
X-Container-Meta-Temp-Url-Key,X-Container-Bytes-Used,Last-Modified,X-Timestamp
cache-control
max-age=172800
content-length
4281
access-control-allow-headers
Content-Type,X-Requested-With,X-Auth-Token,X-Openstack-Request-Id,X-Container-Meta-type,X-Container-Meta-Temp-URL-Key,Authorization
x-proxy-cache
HIT
icon1.png
123.selornews.com/dannig/common-player-arrow/img/ 		7 KB
8 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://123.selornews.com/dannig/common-player-arrow/img/icon1.png
Requested by
Host: 517s61.reminews.com
URL: https://517s61.reminews.com/dannig/common-player-arrow/index.html?var=1541501&ymid=21120311231318ba21eb9d4311b83f814730&rc=1&mrc=0&fsc=0&zoneid=1601571&tburl=https://play-vids.com/?geo=nl&proxy=true
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
45.133.44.4 Philadelphia, United States, ASN39572 (ADVANCEDHOSTERS-AS, NL),
Reverse DNS
Software
nginx/1.18.0 /
Resource Hash

Request headers

Accept-Language
nl-NL,nl;q=0.9
Referer
https://517s61.reminews.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date
Fri, 03 Dec 2021 16:23:05 GMT
x-openstack-request-id
tx3a371b7f911d47879e956-00617824f4
x-trans-id
tx3a371b7f911d47879e956-00617824f4
x-timestamp
1621260766.56573
accept-ranges
bytes
expires
Sun, 05 Dec 2021 16:23:05 GMT
last-modified
Mon, 17 May 2021 14:12:47 GMT
server
nginx/1.18.0
etag
3d0ab5834c8bf7134e4d21fa3288317f
vary
Accept-Encoding
access-control-allow-methods
HEAD,GET,POST,PUT,PATCH,DELETE,OPTIONS
content-type
image/png
access-control-allow-origin
*
access-control-expose-headers
X-Container-Meta-Temp-Url-Key,X-Container-Bytes-Used,Last-Modified,X-Timestamp
cache-control
max-age=172800
content-length
7252
access-control-allow-headers
Content-Type,X-Requested-With,X-Auth-Token,X-Openstack-Request-Id,X-Container-Meta-type,X-Container-Meta-Temp-URL-Key,Authorization
x-proxy-cache
HIT
icon2.png
123.selornews.com/dannig/common-player-arrow/img/ 		4 KB
5 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://123.selornews.com/dannig/common-player-arrow/img/icon2.png
Requested by
Host: 517s61.reminews.com
URL: https://517s61.reminews.com/dannig/common-player-arrow/index.html?var=1541501&ymid=21120311231318ba21eb9d4311b83f814730&rc=1&mrc=0&fsc=0&zoneid=1601571&tburl=https://play-vids.com/?geo=nl&proxy=true
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
45.133.44.4 Philadelphia, United States, ASN39572 (ADVANCEDHOSTERS-AS, NL),
Reverse DNS
Software
nginx/1.18.0 /
Resource Hash

Request headers

Accept-Language
nl-NL,nl;q=0.9
Referer
https://517s61.reminews.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date
Fri, 03 Dec 2021 16:23:05 GMT
x-openstack-request-id
txa9b08c83d6884e2e94886-00617824f0
x-trans-id
txa9b08c83d6884e2e94886-00617824f0
x-timestamp
1621260766.58366
accept-ranges
bytes
expires
Sun, 05 Dec 2021 16:23:05 GMT
last-modified
Mon, 17 May 2021 14:12:47 GMT
server
nginx/1.18.0
etag
c947d439eb93367f1af5b2a3d222f057
vary
Accept-Encoding
access-control-allow-methods
HEAD,GET,POST,PUT,PATCH,DELETE,OPTIONS
content-type
image/png
access-control-allow-origin
*
access-control-expose-headers
X-Container-Meta-Temp-Url-Key,X-Container-Bytes-Used,Last-Modified,X-Timestamp
cache-control
max-age=172800
content-length
4576
access-control-allow-headers
Content-Type,X-Requested-With,X-Auth-Token,X-Openstack-Request-Id,X-Container-Meta-type,X-Container-Meta-Temp-URL-Key,Authorization
x-proxy-cache
HIT
icon3.png
123.selornews.com/dannig/common-player-arrow/img/ 		8 KB
8 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://123.selornews.com/dannig/common-player-arrow/img/icon3.png
Requested by
Host: 517s61.reminews.com
URL: https://517s61.reminews.com/dannig/common-player-arrow/index.html?var=1541501&ymid=21120311231318ba21eb9d4311b83f814730&rc=1&mrc=0&fsc=0&zoneid=1601571&tburl=https://play-vids.com/?geo=nl&proxy=true
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
45.133.44.4 Philadelphia, United States, ASN39572 (ADVANCEDHOSTERS-AS, NL),
Reverse DNS
Software
nginx/1.18.0 /
Resource Hash

Request headers

Accept-Language
nl-NL,nl;q=0.9
Referer
https://517s61.reminews.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date
Fri, 03 Dec 2021 16:23:05 GMT
x-openstack-request-id
txe836bc800dc74cab8c17e-00617824f0
x-trans-id
txe836bc800dc74cab8c17e-00617824f0
x-timestamp
1621260770.61859
accept-ranges
bytes
expires
Sun, 05 Dec 2021 16:23:05 GMT
last-modified
Mon, 17 May 2021 14:12:51 GMT
server
nginx/1.18.0
etag
8f3cc830da0b1fdf66bda7d1d734747b
vary
Accept-Encoding
access-control-allow-methods
HEAD,GET,POST,PUT,PATCH,DELETE,OPTIONS
content-type
image/png
access-control-allow-origin
*
access-control-expose-headers
X-Container-Meta-Temp-Url-Key,X-Container-Bytes-Used,Last-Modified,X-Timestamp
cache-control
max-age=172800
content-length
7847
access-control-allow-headers
Content-Type,X-Requested-With,X-Auth-Token,X-Openstack-Request-Id,X-Container-Meta-type,X-Container-Meta-Temp-URL-Key,Authorization
x-proxy-cache
HIT
icon4.png
123.selornews.com/dannig/common-player-arrow/img/ 		7 KB
7 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://123.selornews.com/dannig/common-player-arrow/img/icon4.png
Requested by
Host: 517s61.reminews.com
URL: https://517s61.reminews.com/dannig/common-player-arrow/index.html?var=1541501&ymid=21120311231318ba21eb9d4311b83f814730&rc=1&mrc=0&fsc=0&zoneid=1601571&tburl=https://play-vids.com/?geo=nl&proxy=true
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
45.133.44.4 Philadelphia, United States, ASN39572 (ADVANCEDHOSTERS-AS, NL),
Reverse DNS
Software
nginx/1.18.0 /
Resource Hash

Request headers

Accept-Language
nl-NL,nl;q=0.9
Referer
https://517s61.reminews.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date
Fri, 03 Dec 2021 16:23:05 GMT
x-openstack-request-id
tx15b172dcb6084849bf123-00617824f0
x-trans-id
tx15b172dcb6084849bf123-00617824f0
x-timestamp
1621260766.57654
accept-ranges
bytes
expires
Sun, 05 Dec 2021 16:23:05 GMT
last-modified
Mon, 17 May 2021 14:12:47 GMT
server
nginx/1.18.0
etag
7ad7f32c1c0df7b4975cc41bda4ac435
vary
Accept-Encoding
access-control-allow-methods
HEAD,GET,POST,PUT,PATCH,DELETE,OPTIONS
content-type
image/png
access-control-allow-origin
*
access-control-expose-headers
X-Container-Meta-Temp-Url-Key,X-Container-Bytes-Used,Last-Modified,X-Timestamp
cache-control
max-age=172800
content-length
7032
access-control-allow-headers
Content-Type,X-Requested-With,X-Auth-Token,X-Openstack-Request-Id,X-Container-Meta-type,X-Container-Meta-Temp-URL-Key,Authorization
x-proxy-cache
HIT
icon5.png
123.selornews.com/dannig/common-player-arrow/img/ 		3 KB
4 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://123.selornews.com/dannig/common-player-arrow/img/icon5.png
Requested by
Host: 517s61.reminews.com
URL: https://517s61.reminews.com/dannig/common-player-arrow/index.html?var=1541501&ymid=21120311231318ba21eb9d4311b83f814730&rc=1&mrc=0&fsc=0&zoneid=1601571&tburl=https://play-vids.com/?geo=nl&proxy=true
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
45.133.44.4 Philadelphia, United States, ASN39572 (ADVANCEDHOSTERS-AS, NL),
Reverse DNS
Software
nginx/1.18.0 /
Resource Hash

Request headers

Accept-Language
nl-NL,nl;q=0.9
Referer
https://517s61.reminews.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date
Fri, 03 Dec 2021 16:23:05 GMT
x-openstack-request-id
txb5043e51fe2e4d6988631-00617824f0
x-trans-id
txb5043e51fe2e4d6988631-00617824f0
x-timestamp
1621260766.74516
accept-ranges
bytes
expires
Sun, 05 Dec 2021 16:23:05 GMT
last-modified
Mon, 17 May 2021 14:12:47 GMT
server
nginx/1.18.0
etag
1e1a7582b5da63e10485d63f97abc9a0
vary
Accept-Encoding
access-control-allow-methods
HEAD,GET,POST,PUT,PATCH,DELETE,OPTIONS
content-type
image/png
access-control-allow-origin
*
access-control-expose-headers
X-Container-Meta-Temp-Url-Key,X-Container-Bytes-Used,Last-Modified,X-Timestamp
cache-control
max-age=172800
content-length
3264
access-control-allow-headers
Content-Type,X-Requested-With,X-Auth-Token,X-Openstack-Request-Id,X-Container-Meta-type,X-Container-Meta-Temp-URL-Key,Authorization
x-proxy-cache
HIT
icon7.png
123.selornews.com/dannig/common-player-arrow/img/ 		3 KB
4 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://123.selornews.com/dannig/common-player-arrow/img/icon7.png
Requested by
Host: 517s61.reminews.com
URL: https://517s61.reminews.com/dannig/common-player-arrow/index.html?var=1541501&ymid=21120311231318ba21eb9d4311b83f814730&rc=1&mrc=0&fsc=0&zoneid=1601571&tburl=https://play-vids.com/?geo=nl&proxy=true
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
45.133.44.4 Philadelphia, United States, ASN39572 (ADVANCEDHOSTERS-AS, NL),
Reverse DNS
Software
nginx/1.18.0 /
Resource Hash

Request headers

Accept-Language
nl-NL,nl;q=0.9
Referer
https://517s61.reminews.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date
Fri, 03 Dec 2021 16:23:05 GMT
x-openstack-request-id
tx23eb648f44094a9e86fdc-00617824f0
x-trans-id
tx23eb648f44094a9e86fdc-00617824f0
x-timestamp
1621260767.43555
accept-ranges
bytes
expires
Sun, 05 Dec 2021 16:23:05 GMT
last-modified
Mon, 17 May 2021 14:12:48 GMT
server
nginx/1.18.0
etag
b512735542cb07b3b2dcf153a7dfe456
vary
Accept-Encoding
access-control-allow-methods
HEAD,GET,POST,PUT,PATCH,DELETE,OPTIONS
content-type
image/png
access-control-allow-origin
*
access-control-expose-headers
X-Container-Meta-Temp-Url-Key,X-Container-Bytes-Used,Last-Modified,X-Timestamp
cache-control
max-age=172800
content-length
3283
access-control-allow-headers
Content-Type,X-Requested-With,X-Auth-Token,X-Openstack-Request-Id,X-Container-Meta-type,X-Container-Meta-Temp-URL-Key,Authorization
x-proxy-cache
HIT
icon8.png
123.selornews.com/dannig/common-player-arrow/img/ 		4 KB
5 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://123.selornews.com/dannig/common-player-arrow/img/icon8.png
Requested by
Host: 517s61.reminews.com
URL: https://517s61.reminews.com/dannig/common-player-arrow/index.html?var=1541501&ymid=21120311231318ba21eb9d4311b83f814730&rc=1&mrc=0&fsc=0&zoneid=1601571&tburl=https://play-vids.com/?geo=nl&proxy=true
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
45.133.44.4 Philadelphia, United States, ASN39572 (ADVANCEDHOSTERS-AS, NL),
Reverse DNS
Software
nginx/1.18.0 /
Resource Hash

Request headers

Accept-Language
nl-NL,nl;q=0.9
Referer
https://517s61.reminews.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date
Fri, 03 Dec 2021 16:23:05 GMT
x-openstack-request-id
tx287de7c84de84b77b385d-00617824f0
x-trans-id
tx287de7c84de84b77b385d-00617824f0
x-timestamp
1621260767.46514
accept-ranges
bytes
expires
Sun, 05 Dec 2021 16:23:05 GMT
last-modified
Mon, 17 May 2021 14:12:48 GMT
server
nginx/1.18.0
etag
f92d6474ebc6a3a0b576749cfb4afe98
vary
Accept-Encoding
access-control-allow-methods
HEAD,GET,POST,PUT,PATCH,DELETE,OPTIONS
content-type
image/png
access-control-allow-origin
*
access-control-expose-headers
X-Container-Meta-Temp-Url-Key,X-Container-Bytes-Used,Last-Modified,X-Timestamp
cache-control
max-age=172800
content-length
4064
access-control-allow-headers
Content-Type,X-Requested-With,X-Auth-Token,X-Openstack-Request-Id,X-Container-Meta-type,X-Container-Meta-Temp-URL-Key,Authorization
x-proxy-cache
HIT
afu.php
kneeansweras.com/ 		2 KB
1 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://kneeansweras.com/afu.php?zoneid=1541502&var=1541501
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
109.206.162.83 , Netherlands, ASN50245 (SERVEREL-AS, NL),
Reverse DNS
83.162.serverel.net
Software
nginx /
Resource Hash
1583c5d49b004f2a6ca67c4411322a77880ddc6a59dc6103e8fdd0f92871d8e2

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36
Accept-Language
nl-NL,nl;q=0.9

Response headers

server
nginx
date
Fri, 03 Dec 2021 16:23:05 GMT
content-type
text/html; charset=utf-8
vary
Accept-Encoding
content-encoding
gzip
timing-allow-origin
*
submit.min.js
kneeansweras.com/ 		34 KB
14 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://kneeansweras.com/submit.min.js?2.0
Requested by
Host: kneeansweras.com
URL: https://kneeansweras.com/afu.php?zoneid=1541502&var=1541501
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
109.206.162.83 , Netherlands, ASN50245 (SERVEREL-AS, NL),
Reverse DNS
83.162.serverel.net
Software
nginx /
Resource Hash
85a367f436675a0f9ff723ab117c68ab0f704cd9f183bc40c8d5e06d647832b8

Request headers

Accept-Language
nl-NL,nl;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date
Fri, 03 Dec 2021 16:23:05 GMT
content-encoding
gzip
last-modified
Thu, 02 Dec 2021 12:43:17 GMT
server
nginx
etag
W/"61a8bf65-87fb"
vary
Accept-Encoding
content-type
application/javascript
timing-allow-origin
*
/
kneeansweras.com/ 		3 KB
2 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://kneeansweras.com/?r=dir&zoneid=1541502&var=1541501&pb=c5e7174345369ec4eb0115ed8811fdc11638555785&psp=4IirRo0dQ77spXeZatoU5fiN3A-3RXVkQDZg1KIY-7TNQBmozu1CkxkzrPYxhf3vurgcE4ySXdocD28qYKzmU3EHL5sE_OMsFXgEwX9gxuSWzzIBrM1YqC5znrGPawATSUq5b__9LScakMnOLoGxk53nyfEHAc81b0iwrLmspgTGK0KPfvLVDmv7PX2UEM8YVD2w2DdcUeWnUIV1jlioeZ6R9YCfYYIW7sx1NGlssRuiWKoax8n46KbCBgfE5MVROHTiY_A3Jpnlo9HlG5eEEz1aNFBeXdUkvGVdUH08E84naOoe7yR96zwssrpZ8uM3eE4cpUEs3Y9B-EgOKUHmD3KCmAw6bYtmHcM08wenZpsO1ZfS7PZwpTVob2Ypn7K5ejc0yAPH42CjBqtyizWsjSpZKnjahHbQe3bHoNxgjrKGtkcPmn1FkwX6uu6aR556gXFzQOO_OBgxaWtYsfBwDODDNcZ8DGrPEffx3pETZzu49SGTt3scrR5GvbsCedA0anCP-hzbSzlMFEk1a07oH2e7_LI9PnQA3a0VnnJ_Lh8v7tP-Y_UHphRZn2IjiyTVk_8CEVACKDHWB1dFDLJl0zEdXKD-YRs8QJmOFZGOXHoSqeOBiCBV6zbAWRvO_JltwbmeymRC3Q4HvbT9S9FGcJUs9SU-cK311lWlXElb_lOGd90YBGwtig==&nojs=0&ix=0&t=0&x=1600&y=1200&wcks=1&wgl=1&cnvs=1&os=0&md=0&bb=0&pl=Chrome%20PDF%20Plugin::Chrome%20PDF%20Viewer::Native%20Client&lang=en-US&pf=Linux%20x86_64&cd=24&0&pload=105
Requested by
Host: kneeansweras.com
URL: https://kneeansweras.com/submit.min.js?2.0
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
109.206.162.83 , Netherlands, ASN50245 (SERVEREL-AS, NL),
Reverse DNS
83.162.serverel.net
Software
nginx /
Resource Hash
884b2ea1fbc525ee2aa15ba1e736b774e482e40ed450d44127f4762b3727e57d

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36
Accept-Language
nl-NL,nl;q=0.9

Response headers

server
nginx
date
Fri, 03 Dec 2021 16:23:05 GMT
content-type
text/html; charset=utf-8
vary
Accept-Encoding
content-encoding
gzip
timing-allow-origin
*
index.html
517s61.reminews.com/dannig/common-player-arrow/ 		6 KB
7 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://517s61.reminews.com/dannig/common-player-arrow/index.html?var=1541502&ymid=21120311230ae9a0d1eff24f0bad8d6758d0&rc=1&mrc=0&fsc=0&zoneid=1601571&tburl=https://play-vids.com/?geo=nl&proxy=true
Requested by
Host: kneeansweras.com
URL: https://kneeansweras.com/?r=dir&zoneid=1541502&var=1541501&pb=c5e7174345369ec4eb0115ed8811fdc11638555785&psp=4IirRo0dQ77spXeZatoU5fiN3A-3RXVkQDZg1KIY-7TNQBmozu1CkxkzrPYxhf3vurgcE4ySXdocD28qYKzmU3EHL5sE_OMsFXgEwX9gxuSWzzIBrM1YqC5znrGPawATSUq5b__9LScakMnOLoGxk53nyfEHAc81b0iwrLmspgTGK0KPfvLVDmv7PX2UEM8YVD2w2DdcUeWnUIV1jlioeZ6R9YCfYYIW7sx1NGlssRuiWKoax8n46KbCBgfE5MVROHTiY_A3Jpnlo9HlG5eEEz1aNFBeXdUkvGVdUH08E84naOoe7yR96zwssrpZ8uM3eE4cpUEs3Y9B-EgOKUHmD3KCmAw6bYtmHcM08wenZpsO1ZfS7PZwpTVob2Ypn7K5ejc0yAPH42CjBqtyizWsjSpZKnjahHbQe3bHoNxgjrKGtkcPmn1FkwX6uu6aR556gXFzQOO_OBgxaWtYsfBwDODDNcZ8DGrPEffx3pETZzu49SGTt3scrR5GvbsCedA0anCP-hzbSzlMFEk1a07oH2e7_LI9PnQA3a0VnnJ_Lh8v7tP-Y_UHphRZn2IjiyTVk_8CEVACKDHWB1dFDLJl0zEdXKD-YRs8QJmOFZGOXHoSqeOBiCBV6zbAWRvO_JltwbmeymRC3Q4HvbT9S9FGcJUs9SU-cK311lWlXElb_lOGd90YBGwtig==&nojs=0&ix=0&t=0&x=1600&y=1200&wcks=1&wgl=1&cnvs=1&os=0&md=0&bb=0&pl=Chrome%20PDF%20Plugin::Chrome%20PDF%20Viewer::Native%20Client&lang=en-US&pf=Linux%20x86_64&cd=24&0&pload=105
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
45.133.44.3 Philadelphia, United States, ASN39572 (ADVANCEDHOSTERS-AS, NL),
Reverse DNS
Software
nginx/1.18.0 /
Resource Hash
dccc56b4834577790633f041a5c730b0f283352e63c8509a9da3961b170b6f96

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36
Accept-Language
nl-NL,nl;q=0.9

Response headers

date
Fri, 03 Dec 2021 16:23:05 GMT
content-type
text/html; charset=utf-8
content-length
6611
server
nginx/1.18.0
last-modified
Tue, 26 Oct 2021 15:52:40 GMT
etag
f46a63e0e4e733d7ddc6f46da00863bf
x-timestamp
1635263559.76455
x-trans-id
txf9973ab5455e4f86ae257-00617824f3
x-openstack-request-id
txf9973ab5455e4f86ae257-00617824f3
cache-control
max-age=172800
access-control-allow-origin
*
access-control-allow-methods
HEAD,GET,POST,PUT,PATCH,DELETE,OPTIONS
access-control-allow-headers
Content-Type,X-Requested-With,X-Auth-Token,X-Openstack-Request-Id,X-Container-Meta-type,X-Container-Meta-Temp-URL-Key,Authorization
access-control-expose-headers
X-Container-Meta-Temp-Url-Key,X-Container-Bytes-Used,Last-Modified,X-Timestamp
expires
Sun, 05 Dec 2021 16:23:05 GMT
vary
Accept-Encoding
x-proxy-cache
HIT
accept-ranges
bytes
dupa.gif
kneeansweras.com/ 		0
0
script.js
123.selornews.com/dannig/common-player-arrow/ 		4 KB
5 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://123.selornews.com/dannig/common-player-arrow/script.js?a=19
Requested by
Host: 517s61.reminews.com
URL: https://517s61.reminews.com/dannig/common-player-arrow/index.html?var=1541502&ymid=21120311230ae9a0d1eff24f0bad8d6758d0&rc=1&mrc=0&fsc=0&zoneid=1601571&tburl=https://play-vids.com/?geo=nl&proxy=true
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
45.133.44.4 Philadelphia, United States, ASN39572 (ADVANCEDHOSTERS-AS, NL),
Reverse DNS
Software
nginx/1.18.0 /
Resource Hash
4d23eca65ee87fd5bce9aaefc863c5f836ad13dbb3069c72533bddfe2054d0d9

Request headers

Accept-Language
nl-NL,nl;q=0.9
Referer
https://517s61.reminews.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date
Fri, 03 Dec 2021 16:23:05 GMT
x-openstack-request-id
tx511d3042704c4fa98c709-00617824f4
x-trans-id
tx511d3042704c4fa98c709-00617824f4
x-timestamp
1631013005.68768
accept-ranges
bytes
expires
Sun, 05 Dec 2021 16:23:05 GMT
last-modified
Tue, 07 Sep 2021 11:10:06 GMT
server
nginx/1.18.0
etag
9d479878f1dadd7ee15cebf73891e8ae
vary
Accept-Encoding
access-control-allow-methods
HEAD,GET,POST,PUT,PATCH,DELETE,OPTIONS
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
access-control-expose-headers
X-Container-Meta-Temp-Url-Key,X-Container-Bytes-Used,Last-Modified,X-Timestamp
cache-control
max-age=172800
content-length
4281
access-control-allow-headers
Content-Type,X-Requested-With,X-Auth-Token,X-Openstack-Request-Id,X-Container-Meta-type,X-Container-Meta-Temp-URL-Key,Authorization
x-proxy-cache
HIT
icon1.png
123.selornews.com/dannig/common-player-arrow/img/ 		7 KB
8 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://123.selornews.com/dannig/common-player-arrow/img/icon1.png
Requested by
Host: 517s61.reminews.com
URL: https://517s61.reminews.com/dannig/common-player-arrow/index.html?var=1541502&ymid=21120311230ae9a0d1eff24f0bad8d6758d0&rc=1&mrc=0&fsc=0&zoneid=1601571&tburl=https://play-vids.com/?geo=nl&proxy=true
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
45.133.44.4 Philadelphia, United States, ASN39572 (ADVANCEDHOSTERS-AS, NL),
Reverse DNS
Software
nginx/1.18.0 /
Resource Hash

Request headers

Accept-Language
nl-NL,nl;q=0.9
Referer
https://517s61.reminews.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date
Fri, 03 Dec 2021 16:23:05 GMT
x-openstack-request-id
tx3a371b7f911d47879e956-00617824f4
x-trans-id
tx3a371b7f911d47879e956-00617824f4
x-timestamp
1621260766.56573
accept-ranges
bytes
expires
Sun, 05 Dec 2021 16:23:05 GMT
last-modified
Mon, 17 May 2021 14:12:47 GMT
server
nginx/1.18.0
etag
3d0ab5834c8bf7134e4d21fa3288317f
vary
Accept-Encoding
access-control-allow-methods
HEAD,GET,POST,PUT,PATCH,DELETE,OPTIONS
content-type
image/png
access-control-allow-origin
*
access-control-expose-headers
X-Container-Meta-Temp-Url-Key,X-Container-Bytes-Used,Last-Modified,X-Timestamp
cache-control
max-age=172800
content-length
7252
access-control-allow-headers
Content-Type,X-Requested-With,X-Auth-Token,X-Openstack-Request-Id,X-Container-Meta-type,X-Container-Meta-Temp-URL-Key,Authorization
x-proxy-cache
HIT
icon2.png
123.selornews.com/dannig/common-player-arrow/img/ 		4 KB
5 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://123.selornews.com/dannig/common-player-arrow/img/icon2.png
Requested by
Host: 517s61.reminews.com
URL: https://517s61.reminews.com/dannig/common-player-arrow/index.html?var=1541502&ymid=21120311230ae9a0d1eff24f0bad8d6758d0&rc=1&mrc=0&fsc=0&zoneid=1601571&tburl=https://play-vids.com/?geo=nl&proxy=true
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
45.133.44.4 Philadelphia, United States, ASN39572 (ADVANCEDHOSTERS-AS, NL),
Reverse DNS
Software
nginx/1.18.0 /
Resource Hash

Request headers

Accept-Language
nl-NL,nl;q=0.9
Referer
https://517s61.reminews.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date
Fri, 03 Dec 2021 16:23:05 GMT
x-openstack-request-id
txa9b08c83d6884e2e94886-00617824f0
x-trans-id
txa9b08c83d6884e2e94886-00617824f0
x-timestamp
1621260766.58366
accept-ranges
bytes
expires
Sun, 05 Dec 2021 16:23:05 GMT
last-modified
Mon, 17 May 2021 14:12:47 GMT
server
nginx/1.18.0
etag
c947d439eb93367f1af5b2a3d222f057
vary
Accept-Encoding
access-control-allow-methods
HEAD,GET,POST,PUT,PATCH,DELETE,OPTIONS
content-type
image/png
access-control-allow-origin
*
access-control-expose-headers
X-Container-Meta-Temp-Url-Key,X-Container-Bytes-Used,Last-Modified,X-Timestamp
cache-control
max-age=172800
content-length
4576
access-control-allow-headers
Content-Type,X-Requested-With,X-Auth-Token,X-Openstack-Request-Id,X-Container-Meta-type,X-Container-Meta-Temp-URL-Key,Authorization
x-proxy-cache
HIT
icon3.png
123.selornews.com/dannig/common-player-arrow/img/ 		8 KB
8 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://123.selornews.com/dannig/common-player-arrow/img/icon3.png
Requested by
Host: 517s61.reminews.com
URL: https://517s61.reminews.com/dannig/common-player-arrow/index.html?var=1541502&ymid=21120311230ae9a0d1eff24f0bad8d6758d0&rc=1&mrc=0&fsc=0&zoneid=1601571&tburl=https://play-vids.com/?geo=nl&proxy=true
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
45.133.44.4 Philadelphia, United States, ASN39572 (ADVANCEDHOSTERS-AS, NL),
Reverse DNS
Software
nginx/1.18.0 /
Resource Hash

Request headers

Accept-Language
nl-NL,nl;q=0.9
Referer
https://517s61.reminews.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date
Fri, 03 Dec 2021 16:23:05 GMT
x-openstack-request-id
txe836bc800dc74cab8c17e-00617824f0
x-trans-id
txe836bc800dc74cab8c17e-00617824f0
x-timestamp
1621260770.61859
accept-ranges
bytes
expires
Sun, 05 Dec 2021 16:23:05 GMT
last-modified
Mon, 17 May 2021 14:12:51 GMT
server
nginx/1.18.0
etag
8f3cc830da0b1fdf66bda7d1d734747b
vary
Accept-Encoding
access-control-allow-methods
HEAD,GET,POST,PUT,PATCH,DELETE,OPTIONS
content-type
image/png
access-control-allow-origin
*
access-control-expose-headers
X-Container-Meta-Temp-Url-Key,X-Container-Bytes-Used,Last-Modified,X-Timestamp
cache-control
max-age=172800
content-length
7847
access-control-allow-headers
Content-Type,X-Requested-With,X-Auth-Token,X-Openstack-Request-Id,X-Container-Meta-type,X-Container-Meta-Temp-URL-Key,Authorization
x-proxy-cache
HIT
icon4.png
123.selornews.com/dannig/common-player-arrow/img/ 		7 KB
7 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://123.selornews.com/dannig/common-player-arrow/img/icon4.png
Requested by
Host: 517s61.reminews.com
URL: https://517s61.reminews.com/dannig/common-player-arrow/index.html?var=1541502&ymid=21120311230ae9a0d1eff24f0bad8d6758d0&rc=1&mrc=0&fsc=0&zoneid=1601571&tburl=https://play-vids.com/?geo=nl&proxy=true
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
45.133.44.4 Philadelphia, United States, ASN39572 (ADVANCEDHOSTERS-AS, NL),
Reverse DNS
Software
nginx/1.18.0 /
Resource Hash

Request headers

Accept-Language
nl-NL,nl;q=0.9
Referer
https://517s61.reminews.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date
Fri, 03 Dec 2021 16:23:05 GMT
x-openstack-request-id
tx15b172dcb6084849bf123-00617824f0
x-trans-id
tx15b172dcb6084849bf123-00617824f0
x-timestamp
1621260766.57654
accept-ranges
bytes
expires
Sun, 05 Dec 2021 16:23:05 GMT
last-modified
Mon, 17 May 2021 14:12:47 GMT
server
nginx/1.18.0
etag
7ad7f32c1c0df7b4975cc41bda4ac435
vary
Accept-Encoding
access-control-allow-methods
HEAD,GET,POST,PUT,PATCH,DELETE,OPTIONS
content-type
image/png
access-control-allow-origin
*
access-control-expose-headers
X-Container-Meta-Temp-Url-Key,X-Container-Bytes-Used,Last-Modified,X-Timestamp
cache-control
max-age=172800
content-length
7032
access-control-allow-headers
Content-Type,X-Requested-With,X-Auth-Token,X-Openstack-Request-Id,X-Container-Meta-type,X-Container-Meta-Temp-URL-Key,Authorization
x-proxy-cache
HIT
icon5.png
123.selornews.com/dannig/common-player-arrow/img/ 		3 KB
4 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://123.selornews.com/dannig/common-player-arrow/img/icon5.png
Requested by
Host: 517s61.reminews.com
URL: https://517s61.reminews.com/dannig/common-player-arrow/index.html?var=1541502&ymid=21120311230ae9a0d1eff24f0bad8d6758d0&rc=1&mrc=0&fsc=0&zoneid=1601571&tburl=https://play-vids.com/?geo=nl&proxy=true
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
45.133.44.4 Philadelphia, United States, ASN39572 (ADVANCEDHOSTERS-AS, NL),
Reverse DNS
Software
nginx/1.18.0 /
Resource Hash

Request headers

Accept-Language
nl-NL,nl;q=0.9
Referer
https://517s61.reminews.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date
Fri, 03 Dec 2021 16:23:05 GMT
x-openstack-request-id
txb5043e51fe2e4d6988631-00617824f0
x-trans-id
txb5043e51fe2e4d6988631-00617824f0
x-timestamp
1621260766.74516
accept-ranges
bytes
expires
Sun, 05 Dec 2021 16:23:05 GMT
last-modified
Mon, 17 May 2021 14:12:47 GMT
server
nginx/1.18.0
etag
1e1a7582b5da63e10485d63f97abc9a0
vary
Accept-Encoding
access-control-allow-methods
HEAD,GET,POST,PUT,PATCH,DELETE,OPTIONS
content-type
image/png
access-control-allow-origin
*
access-control-expose-headers
X-Container-Meta-Temp-Url-Key,X-Container-Bytes-Used,Last-Modified,X-Timestamp
cache-control
max-age=172800
content-length
3264
access-control-allow-headers
Content-Type,X-Requested-With,X-Auth-Token,X-Openstack-Request-Id,X-Container-Meta-type,X-Container-Meta-Temp-URL-Key,Authorization
x-proxy-cache
HIT
icon7.png
123.selornews.com/dannig/common-player-arrow/img/ 		3 KB
4 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://123.selornews.com/dannig/common-player-arrow/img/icon7.png
Requested by
Host: 517s61.reminews.com
URL: https://517s61.reminews.com/dannig/common-player-arrow/index.html?var=1541502&ymid=21120311230ae9a0d1eff24f0bad8d6758d0&rc=1&mrc=0&fsc=0&zoneid=1601571&tburl=https://play-vids.com/?geo=nl&proxy=true
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
45.133.44.4 Philadelphia, United States, ASN39572 (ADVANCEDHOSTERS-AS, NL),
Reverse DNS
Software
nginx/1.18.0 /
Resource Hash

Request headers

Accept-Language
nl-NL,nl;q=0.9
Referer
https://517s61.reminews.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date
Fri, 03 Dec 2021 16:23:05 GMT
x-openstack-request-id
tx23eb648f44094a9e86fdc-00617824f0
x-trans-id
tx23eb648f44094a9e86fdc-00617824f0
x-timestamp
1621260767.43555
accept-ranges
bytes
expires
Sun, 05 Dec 2021 16:23:05 GMT
last-modified
Mon, 17 May 2021 14:12:48 GMT
server
nginx/1.18.0
etag
b512735542cb07b3b2dcf153a7dfe456
vary
Accept-Encoding
access-control-allow-methods
HEAD,GET,POST,PUT,PATCH,DELETE,OPTIONS
content-type
image/png
access-control-allow-origin
*
access-control-expose-headers
X-Container-Meta-Temp-Url-Key,X-Container-Bytes-Used,Last-Modified,X-Timestamp
cache-control
max-age=172800
content-length
3283
access-control-allow-headers
Content-Type,X-Requested-With,X-Auth-Token,X-Openstack-Request-Id,X-Container-Meta-type,X-Container-Meta-Temp-URL-Key,Authorization
x-proxy-cache
HIT
icon8.png
123.selornews.com/dannig/common-player-arrow/img/ 		4 KB
5 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://123.selornews.com/dannig/common-player-arrow/img/icon8.png
Requested by
Host: 517s61.reminews.com
URL: https://517s61.reminews.com/dannig/common-player-arrow/index.html?var=1541502&ymid=21120311230ae9a0d1eff24f0bad8d6758d0&rc=1&mrc=0&fsc=0&zoneid=1601571&tburl=https://play-vids.com/?geo=nl&proxy=true
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
45.133.44.4 Philadelphia, United States, ASN39572 (ADVANCEDHOSTERS-AS, NL),
Reverse DNS
Software
nginx/1.18.0 /
Resource Hash

Request headers

Accept-Language
nl-NL,nl;q=0.9
Referer
https://517s61.reminews.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date
Fri, 03 Dec 2021 16:23:05 GMT
x-openstack-request-id
tx287de7c84de84b77b385d-00617824f0
x-trans-id
tx287de7c84de84b77b385d-00617824f0
x-timestamp
1621260767.46514
accept-ranges
bytes
expires
Sun, 05 Dec 2021 16:23:05 GMT
last-modified
Mon, 17 May 2021 14:12:48 GMT
server
nginx/1.18.0
etag
f92d6474ebc6a3a0b576749cfb4afe98
vary
Accept-Encoding
access-control-allow-methods
HEAD,GET,POST,PUT,PATCH,DELETE,OPTIONS
content-type
image/png
access-control-allow-origin
*
access-control-expose-headers
X-Container-Meta-Temp-Url-Key,X-Container-Bytes-Used,Last-Modified,X-Timestamp
cache-control
max-age=172800
content-length
4064
access-control-allow-headers
Content-Type,X-Requested-With,X-Auth-Token,X-Openstack-Request-Id,X-Container-Meta-type,X-Container-Meta-Temp-URL-Key,Authorization
x-proxy-cache
HIT
afu.php
kneeansweras.com/ 		2 KB
1 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://kneeansweras.com/afu.php?zoneid=1541501&var=1541502
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
109.206.162.83 , Netherlands, ASN50245 (SERVEREL-AS, NL),
Reverse DNS
83.162.serverel.net
Software
nginx /
Resource Hash
77c2e2d2a9dda44f879e75745845b9bff7263b25825252a81c6c718d9807c52b

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36
Accept-Language
nl-NL,nl;q=0.9

Response headers

server
nginx
date
Fri, 03 Dec 2021 16:23:05 GMT
content-type
text/html; charset=utf-8
vary
Accept-Encoding
content-encoding
gzip
timing-allow-origin
*
submit.min.js
kneeansweras.com/ 		34 KB
14 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://kneeansweras.com/submit.min.js?2.0
Requested by
Host: kneeansweras.com
URL: https://kneeansweras.com/afu.php?zoneid=1541501&var=1541502
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
109.206.162.83 , Netherlands, ASN50245 (SERVEREL-AS, NL),
Reverse DNS
83.162.serverel.net
Software
nginx /
Resource Hash
85a367f436675a0f9ff723ab117c68ab0f704cd9f183bc40c8d5e06d647832b8

Request headers

Accept-Language
nl-NL,nl;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date
Fri, 03 Dec 2021 16:23:05 GMT
content-encoding
gzip
last-modified
Thu, 02 Dec 2021 12:43:17 GMT
server
nginx
etag
W/"61a8bf65-87fb"
vary
Accept-Encoding
content-type
application/javascript
timing-allow-origin
*
/
kneeansweras.com/ 		3 KB
2 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://kneeansweras.com/?r=dir&zoneid=1541501&var=1541502&pb=c5e7174345369ec4eb0115ed8811fdc11638555785&psp=T6Z4cAxqeh8yBagRKSzOMT_dAPFjd_6gHrjYbBKxgC9CrWfBbdLo37RTtB2AmSdxoAPlyNH7CoIv7krxv3o1j51TxKF3gwKvLX8HdTCtsVu1SPwblwLafG-RggXGRtH0JE_0Cv9bad0TRDzkqhWpvExBF12iAOSLqHAbmSN6e267MUwEUA1lOBYW0QWBNkqhrUZY9MmVrkzn7PxwGExmf-N6xHnByiN4laDx-VYliM2y1giH6Gq2q5SgxnSrJZ4VEaBcCNkRaeV5oK2ImA4fCJqHcBoklvRJsvtvbmOiM5xGkEL2cVzVcXUSX0yTizWl5Z_CLUrkBTncqJmDwuE_72jvLwRktdzQ9VXMOPdKmZzoX-53_Zg9tJZ6RAsKRHuoxEE9RgWj_gyyamo0tlTmzWNlNdcqiqAM1PSt7F4m4I7Y-6aAwf8UIhr_yC_QY71dTHcI8Rgwin3NZwmz5GdKl7Qy_aPQW7_u7aUIZXx7fcKucMIm6aq3RHIxA43jnE1SDUhV-P0W3AHZCuI3XB4B_Lu0oTmqtQTWEF526HTbhkVqzWS-YgEyRb2ljV7BQpxtZPGK8rcdAyE95MaudsBe_CvooRGPWAqqKCTG1FDFpk4X321CLGE3DGnOIk8AoomDbuSzZ2BQUwXcKhLCfNyi26l3tqtx40syyP5pNnhKhswIhIgpiafHRA==&nojs=0&ix=0&t=0&x=1600&y=1200&wcks=1&wgl=1&cnvs=1&os=0&md=0&bb=0&pl=Chrome%20PDF%20Plugin::Chrome%20PDF%20Viewer::Native%20Client&lang=en-US&pf=Linux%20x86_64&cd=24&0&pload=102
Requested by
Host: kneeansweras.com
URL: https://kneeansweras.com/submit.min.js?2.0
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
109.206.162.83 , Netherlands, ASN50245 (SERVEREL-AS, NL),
Reverse DNS
83.162.serverel.net
Software
nginx /
Resource Hash
d69738e40b6dc84fe1d2ad6e6b01bdddc147e219e012e6f7c42f25fdca2a2a8d

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36
Accept-Language
nl-NL,nl;q=0.9

Response headers

server
nginx
date
Fri, 03 Dec 2021 16:23:05 GMT
content-type
text/html; charset=utf-8
vary
Accept-Encoding
content-encoding
gzip
timing-allow-origin
*
index.html
517s61.reminews.com/dannig/common-player-arrow/ 		6 KB
7 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://517s61.reminews.com/dannig/common-player-arrow/index.html?var=1541501&ymid=2112031123cd6dca9745e541e7a07248b3b6&rc=1&mrc=0&fsc=0&zoneid=1601571&tburl=https://play-vids.com/?geo=nl&proxy=true
Requested by
Host: kneeansweras.com
URL: https://kneeansweras.com/?r=dir&zoneid=1541501&var=1541502&pb=c5e7174345369ec4eb0115ed8811fdc11638555785&psp=T6Z4cAxqeh8yBagRKSzOMT_dAPFjd_6gHrjYbBKxgC9CrWfBbdLo37RTtB2AmSdxoAPlyNH7CoIv7krxv3o1j51TxKF3gwKvLX8HdTCtsVu1SPwblwLafG-RggXGRtH0JE_0Cv9bad0TRDzkqhWpvExBF12iAOSLqHAbmSN6e267MUwEUA1lOBYW0QWBNkqhrUZY9MmVrkzn7PxwGExmf-N6xHnByiN4laDx-VYliM2y1giH6Gq2q5SgxnSrJZ4VEaBcCNkRaeV5oK2ImA4fCJqHcBoklvRJsvtvbmOiM5xGkEL2cVzVcXUSX0yTizWl5Z_CLUrkBTncqJmDwuE_72jvLwRktdzQ9VXMOPdKmZzoX-53_Zg9tJZ6RAsKRHuoxEE9RgWj_gyyamo0tlTmzWNlNdcqiqAM1PSt7F4m4I7Y-6aAwf8UIhr_yC_QY71dTHcI8Rgwin3NZwmz5GdKl7Qy_aPQW7_u7aUIZXx7fcKucMIm6aq3RHIxA43jnE1SDUhV-P0W3AHZCuI3XB4B_Lu0oTmqtQTWEF526HTbhkVqzWS-YgEyRb2ljV7BQpxtZPGK8rcdAyE95MaudsBe_CvooRGPWAqqKCTG1FDFpk4X321CLGE3DGnOIk8AoomDbuSzZ2BQUwXcKhLCfNyi26l3tqtx40syyP5pNnhKhswIhIgpiafHRA==&nojs=0&ix=0&t=0&x=1600&y=1200&wcks=1&wgl=1&cnvs=1&os=0&md=0&bb=0&pl=Chrome%20PDF%20Plugin::Chrome%20PDF%20Viewer::Native%20Client&lang=en-US&pf=Linux%20x86_64&cd=24&0&pload=102
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
45.133.44.3 Philadelphia, United States, ASN39572 (ADVANCEDHOSTERS-AS, NL),
Reverse DNS
Software
nginx/1.18.0 /
Resource Hash
dccc56b4834577790633f041a5c730b0f283352e63c8509a9da3961b170b6f96

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36
Accept-Language
nl-NL,nl;q=0.9

Response headers

date
Fri, 03 Dec 2021 16:23:05 GMT
content-type
text/html; charset=utf-8
content-length
6611
server
nginx/1.18.0
last-modified
Tue, 26 Oct 2021 15:52:40 GMT
etag
f46a63e0e4e733d7ddc6f46da00863bf
x-timestamp
1635263559.76455
x-trans-id
txf9973ab5455e4f86ae257-00617824f3
x-openstack-request-id
txf9973ab5455e4f86ae257-00617824f3
cache-control
max-age=172800
access-control-allow-origin
*
access-control-allow-methods
HEAD,GET,POST,PUT,PATCH,DELETE,OPTIONS
access-control-allow-headers
Content-Type,X-Requested-With,X-Auth-Token,X-Openstack-Request-Id,X-Container-Meta-type,X-Container-Meta-Temp-URL-Key,Authorization
access-control-expose-headers
X-Container-Meta-Temp-Url-Key,X-Container-Bytes-Used,Last-Modified,X-Timestamp
expires
Sun, 05 Dec 2021 16:23:05 GMT
vary
Accept-Encoding
x-proxy-cache
HIT
accept-ranges
bytes
dupa.gif
kneeansweras.com/ 		0
0
script.js
123.selornews.com/dannig/common-player-arrow/ 		4 KB
5 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://123.selornews.com/dannig/common-player-arrow/script.js?a=19
Requested by
Host: 517s61.reminews.com
URL: https://517s61.reminews.com/dannig/common-player-arrow/index.html?var=1541501&ymid=2112031123cd6dca9745e541e7a07248b3b6&rc=1&mrc=0&fsc=0&zoneid=1601571&tburl=https://play-vids.com/?geo=nl&proxy=true
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
45.133.44.4 Philadelphia, United States, ASN39572 (ADVANCEDHOSTERS-AS, NL),
Reverse DNS
Software
nginx/1.18.0 /
Resource Hash
4d23eca65ee87fd5bce9aaefc863c5f836ad13dbb3069c72533bddfe2054d0d9

Request headers

Accept-Language
nl-NL,nl;q=0.9
Referer
https://517s61.reminews.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date
Fri, 03 Dec 2021 16:23:05 GMT
x-openstack-request-id
tx511d3042704c4fa98c709-00617824f4
x-trans-id
tx511d3042704c4fa98c709-00617824f4
x-timestamp
1631013005.68768
accept-ranges
bytes
expires
Sun, 05 Dec 2021 16:23:05 GMT
last-modified
Tue, 07 Sep 2021 11:10:06 GMT
server
nginx/1.18.0
etag
9d479878f1dadd7ee15cebf73891e8ae
vary
Accept-Encoding
access-control-allow-methods
HEAD,GET,POST,PUT,PATCH,DELETE,OPTIONS
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
access-control-expose-headers
X-Container-Meta-Temp-Url-Key,X-Container-Bytes-Used,Last-Modified,X-Timestamp
cache-control
max-age=172800
content-length
4281
access-control-allow-headers
Content-Type,X-Requested-With,X-Auth-Token,X-Openstack-Request-Id,X-Container-Meta-type,X-Container-Meta-Temp-URL-Key,Authorization
x-proxy-cache
HIT
icon1.png
123.selornews.com/dannig/common-player-arrow/img/ 		7 KB
8 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://123.selornews.com/dannig/common-player-arrow/img/icon1.png
Requested by
Host: 517s61.reminews.com
URL: https://517s61.reminews.com/dannig/common-player-arrow/index.html?var=1541501&ymid=2112031123cd6dca9745e541e7a07248b3b6&rc=1&mrc=0&fsc=0&zoneid=1601571&tburl=https://play-vids.com/?geo=nl&proxy=true
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
45.133.44.4 Philadelphia, United States, ASN39572 (ADVANCEDHOSTERS-AS, NL),
Reverse DNS
Software
nginx/1.18.0 /
Resource Hash

Request headers

Accept-Language
nl-NL,nl;q=0.9
Referer
https://517s61.reminews.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date
Fri, 03 Dec 2021 16:23:05 GMT
x-openstack-request-id
tx3a371b7f911d47879e956-00617824f4
x-trans-id
tx3a371b7f911d47879e956-00617824f4
x-timestamp
1621260766.56573
accept-ranges
bytes
expires
Sun, 05 Dec 2021 16:23:05 GMT
last-modified
Mon, 17 May 2021 14:12:47 GMT
server
nginx/1.18.0
etag
3d0ab5834c8bf7134e4d21fa3288317f
vary
Accept-Encoding
access-control-allow-methods
HEAD,GET,POST,PUT,PATCH,DELETE,OPTIONS
content-type
image/png
access-control-allow-origin
*
access-control-expose-headers
X-Container-Meta-Temp-Url-Key,X-Container-Bytes-Used,Last-Modified,X-Timestamp
cache-control
max-age=172800
content-length
7252
access-control-allow-headers
Content-Type,X-Requested-With,X-Auth-Token,X-Openstack-Request-Id,X-Container-Meta-type,X-Container-Meta-Temp-URL-Key,Authorization
x-proxy-cache
HIT
icon2.png
123.selornews.com/dannig/common-player-arrow/img/ 		4 KB
5 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://123.selornews.com/dannig/common-player-arrow/img/icon2.png
Requested by
Host: 517s61.reminews.com
URL: https://517s61.reminews.com/dannig/common-player-arrow/index.html?var=1541501&ymid=2112031123cd6dca9745e541e7a07248b3b6&rc=1&mrc=0&fsc=0&zoneid=1601571&tburl=https://play-vids.com/?geo=nl&proxy=true
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
45.133.44.4 Philadelphia, United States, ASN39572 (ADVANCEDHOSTERS-AS, NL),
Reverse DNS
Software
nginx/1.18.0 /
Resource Hash

Request headers

Accept-Language
nl-NL,nl;q=0.9
Referer
https://517s61.reminews.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date
Fri, 03 Dec 2021 16:23:05 GMT
x-openstack-request-id
txa9b08c83d6884e2e94886-00617824f0
x-trans-id
txa9b08c83d6884e2e94886-00617824f0
x-timestamp
1621260766.58366
accept-ranges
bytes
expires
Sun, 05 Dec 2021 16:23:05 GMT
last-modified
Mon, 17 May 2021 14:12:47 GMT
server
nginx/1.18.0
etag
c947d439eb93367f1af5b2a3d222f057
vary
Accept-Encoding
access-control-allow-methods
HEAD,GET,POST,PUT,PATCH,DELETE,OPTIONS
content-type
image/png
access-control-allow-origin
*
access-control-expose-headers
X-Container-Meta-Temp-Url-Key,X-Container-Bytes-Used,Last-Modified,X-Timestamp
cache-control
max-age=172800
content-length
4576
access-control-allow-headers
Content-Type,X-Requested-With,X-Auth-Token,X-Openstack-Request-Id,X-Container-Meta-type,X-Container-Meta-Temp-URL-Key,Authorization
x-proxy-cache
HIT
icon3.png
123.selornews.com/dannig/common-player-arrow/img/ 		8 KB
8 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://123.selornews.com/dannig/common-player-arrow/img/icon3.png
Requested by
Host: 517s61.reminews.com
URL: https://517s61.reminews.com/dannig/common-player-arrow/index.html?var=1541501&ymid=2112031123cd6dca9745e541e7a07248b3b6&rc=1&mrc=0&fsc=0&zoneid=1601571&tburl=https://play-vids.com/?geo=nl&proxy=true
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
45.133.44.4 Philadelphia, United States, ASN39572 (ADVANCEDHOSTERS-AS, NL),
Reverse DNS
Software
nginx/1.18.0 /
Resource Hash

Request headers

Accept-Language
nl-NL,nl;q=0.9
Referer
https://517s61.reminews.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date
Fri, 03 Dec 2021 16:23:05 GMT
x-openstack-request-id
txe836bc800dc74cab8c17e-00617824f0
x-trans-id
txe836bc800dc74cab8c17e-00617824f0
x-timestamp
1621260770.61859
accept-ranges
bytes
expires
Sun, 05 Dec 2021 16:23:05 GMT
last-modified
Mon, 17 May 2021 14:12:51 GMT
server
nginx/1.18.0
etag
8f3cc830da0b1fdf66bda7d1d734747b
vary
Accept-Encoding
access-control-allow-methods
HEAD,GET,POST,PUT,PATCH,DELETE,OPTIONS
content-type
image/png
access-control-allow-origin
*
access-control-expose-headers
X-Container-Meta-Temp-Url-Key,X-Container-Bytes-Used,Last-Modified,X-Timestamp
cache-control
max-age=172800
content-length
7847
access-control-allow-headers
Content-Type,X-Requested-With,X-Auth-Token,X-Openstack-Request-Id,X-Container-Meta-type,X-Container-Meta-Temp-URL-Key,Authorization
x-proxy-cache
HIT
icon4.png
123.selornews.com/dannig/common-player-arrow/img/ 		7 KB
7 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://123.selornews.com/dannig/common-player-arrow/img/icon4.png
Requested by
Host: 517s61.reminews.com
URL: https://517s61.reminews.com/dannig/common-player-arrow/index.html?var=1541501&ymid=2112031123cd6dca9745e541e7a07248b3b6&rc=1&mrc=0&fsc=0&zoneid=1601571&tburl=https://play-vids.com/?geo=nl&proxy=true
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
45.133.44.4 Philadelphia, United States, ASN39572 (ADVANCEDHOSTERS-AS, NL),
Reverse DNS
Software
nginx/1.18.0 /
Resource Hash

Request headers

Accept-Language
nl-NL,nl;q=0.9
Referer
https://517s61.reminews.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date
Fri, 03 Dec 2021 16:23:05 GMT
x-openstack-request-id
tx15b172dcb6084849bf123-00617824f0
x-trans-id
tx15b172dcb6084849bf123-00617824f0
x-timestamp
1621260766.57654
accept-ranges
bytes
expires
Sun, 05 Dec 2021 16:23:05 GMT
last-modified
Mon, 17 May 2021 14:12:47 GMT
server
nginx/1.18.0
etag
7ad7f32c1c0df7b4975cc41bda4ac435
vary
Accept-Encoding
access-control-allow-methods
HEAD,GET,POST,PUT,PATCH,DELETE,OPTIONS
content-type
image/png
access-control-allow-origin
*
access-control-expose-headers
X-Container-Meta-Temp-Url-Key,X-Container-Bytes-Used,Last-Modified,X-Timestamp
cache-control
max-age=172800
content-length
7032
access-control-allow-headers
Content-Type,X-Requested-With,X-Auth-Token,X-Openstack-Request-Id,X-Container-Meta-type,X-Container-Meta-Temp-URL-Key,Authorization
x-proxy-cache
HIT
icon5.png
123.selornews.com/dannig/common-player-arrow/img/ 		3 KB
4 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://123.selornews.com/dannig/common-player-arrow/img/icon5.png
Requested by
Host: 517s61.reminews.com
URL: https://517s61.reminews.com/dannig/common-player-arrow/index.html?var=1541501&ymid=2112031123cd6dca9745e541e7a07248b3b6&rc=1&mrc=0&fsc=0&zoneid=1601571&tburl=https://play-vids.com/?geo=nl&proxy=true
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
45.133.44.4 Philadelphia, United States, ASN39572 (ADVANCEDHOSTERS-AS, NL),
Reverse DNS
Software
nginx/1.18.0 /
Resource Hash

Request headers

Accept-Language
nl-NL,nl;q=0.9
Referer
https://517s61.reminews.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date
Fri, 03 Dec 2021 16:23:05 GMT
x-openstack-request-id
txb5043e51fe2e4d6988631-00617824f0
x-trans-id
txb5043e51fe2e4d6988631-00617824f0
x-timestamp
1621260766.74516
accept-ranges
bytes
expires
Sun, 05 Dec 2021 16:23:05 GMT
last-modified
Mon, 17 May 2021 14:12:47 GMT
server
nginx/1.18.0
etag
1e1a7582b5da63e10485d63f97abc9a0
vary
Accept-Encoding
access-control-allow-methods
HEAD,GET,POST,PUT,PATCH,DELETE,OPTIONS
content-type
image/png
access-control-allow-origin
*
access-control-expose-headers
X-Container-Meta-Temp-Url-Key,X-Container-Bytes-Used,Last-Modified,X-Timestamp
cache-control
max-age=172800
content-length
3264
access-control-allow-headers
Content-Type,X-Requested-With,X-Auth-Token,X-Openstack-Request-Id,X-Container-Meta-type,X-Container-Meta-Temp-URL-Key,Authorization
x-proxy-cache
HIT
icon7.png
123.selornews.com/dannig/common-player-arrow/img/ 		3 KB
4 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://123.selornews.com/dannig/common-player-arrow/img/icon7.png
Requested by
Host: 517s61.reminews.com
URL: https://517s61.reminews.com/dannig/common-player-arrow/index.html?var=1541501&ymid=2112031123cd6dca9745e541e7a07248b3b6&rc=1&mrc=0&fsc=0&zoneid=1601571&tburl=https://play-vids.com/?geo=nl&proxy=true
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
45.133.44.4 Philadelphia, United States, ASN39572 (ADVANCEDHOSTERS-AS, NL),
Reverse DNS
Software
nginx/1.18.0 /
Resource Hash

Request headers

Accept-Language
nl-NL,nl;q=0.9
Referer
https://517s61.reminews.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date
Fri, 03 Dec 2021 16:23:05 GMT
x-openstack-request-id
tx23eb648f44094a9e86fdc-00617824f0
x-trans-id
tx23eb648f44094a9e86fdc-00617824f0
x-timestamp
1621260767.43555
accept-ranges
bytes
expires
Sun, 05 Dec 2021 16:23:05 GMT
last-modified
Mon, 17 May 2021 14:12:48 GMT
server
nginx/1.18.0
etag
b512735542cb07b3b2dcf153a7dfe456
vary
Accept-Encoding
access-control-allow-methods
HEAD,GET,POST,PUT,PATCH,DELETE,OPTIONS
content-type
image/png
access-control-allow-origin
*
access-control-expose-headers
X-Container-Meta-Temp-Url-Key,X-Container-Bytes-Used,Last-Modified,X-Timestamp
cache-control
max-age=172800
content-length
3283
access-control-allow-headers
Content-Type,X-Requested-With,X-Auth-Token,X-Openstack-Request-Id,X-Container-Meta-type,X-Container-Meta-Temp-URL-Key,Authorization
x-proxy-cache
HIT
icon8.png
123.selornews.com/dannig/common-player-arrow/img/ 		4 KB
5 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://123.selornews.com/dannig/common-player-arrow/img/icon8.png
Requested by
Host: 517s61.reminews.com
URL: https://517s61.reminews.com/dannig/common-player-arrow/index.html?var=1541501&ymid=2112031123cd6dca9745e541e7a07248b3b6&rc=1&mrc=0&fsc=0&zoneid=1601571&tburl=https://play-vids.com/?geo=nl&proxy=true
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
45.133.44.4 Philadelphia, United States, ASN39572 (ADVANCEDHOSTERS-AS, NL),
Reverse DNS
Software
nginx/1.18.0 /
Resource Hash

Request headers

Accept-Language
nl-NL,nl;q=0.9
Referer
https://517s61.reminews.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date
Fri, 03 Dec 2021 16:23:05 GMT
x-openstack-request-id
tx287de7c84de84b77b385d-00617824f0
x-trans-id
tx287de7c84de84b77b385d-00617824f0
x-timestamp
1621260767.46514
accept-ranges
bytes
expires
Sun, 05 Dec 2021 16:23:05 GMT
last-modified
Mon, 17 May 2021 14:12:48 GMT
server
nginx/1.18.0
etag
f92d6474ebc6a3a0b576749cfb4afe98
vary
Accept-Encoding
access-control-allow-methods
HEAD,GET,POST,PUT,PATCH,DELETE,OPTIONS
content-type
image/png
access-control-allow-origin
*
access-control-expose-headers
X-Container-Meta-Temp-Url-Key,X-Container-Bytes-Used,Last-Modified,X-Timestamp
cache-control
max-age=172800
content-length
4064
access-control-allow-headers
Content-Type,X-Requested-With,X-Auth-Token,X-Openstack-Request-Id,X-Container-Meta-type,X-Container-Meta-Temp-URL-Key,Authorization
x-proxy-cache
HIT
afu.php
kneeansweras.com/ 		2 KB
1 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://kneeansweras.com/afu.php?zoneid=1541502&var=1541501
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
109.206.162.83 , Netherlands, ASN50245 (SERVEREL-AS, NL),
Reverse DNS
83.162.serverel.net
Software
nginx /
Resource Hash
0b5036812b9922e5cbdcaef555101ba2a684c67b01a46b5fb90f5046596d9a2f

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36
Accept-Language
nl-NL,nl;q=0.9

Response headers

server
nginx
date
Fri, 03 Dec 2021 16:23:05 GMT
content-type
text/html; charset=utf-8
vary
Accept-Encoding
content-encoding
gzip
timing-allow-origin
*
submit.min.js
kneeansweras.com/ 		34 KB
14 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://kneeansweras.com/submit.min.js?2.0
Requested by
Host: kneeansweras.com
URL: https://kneeansweras.com/afu.php?zoneid=1541502&var=1541501
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
109.206.162.83 , Netherlands, ASN50245 (SERVEREL-AS, NL),
Reverse DNS
83.162.serverel.net
Software
nginx /
Resource Hash
85a367f436675a0f9ff723ab117c68ab0f704cd9f183bc40c8d5e06d647832b8

Request headers

Accept-Language
nl-NL,nl;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date
Fri, 03 Dec 2021 16:23:05 GMT
content-encoding
gzip
last-modified
Thu, 02 Dec 2021 12:43:17 GMT
server
nginx
etag
W/"61a8bf65-87fb"
vary
Accept-Encoding
content-type
application/javascript
timing-allow-origin
*
/
kneeansweras.com/ 		3 KB
2 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://kneeansweras.com/?r=dir&zoneid=1541502&var=1541501&pb=c5e7174345369ec4eb0115ed8811fdc11638555785&psp=ukwDyDTm1i51_TGybBOEshW8QBf_CFezPOyupnJMa3yc7fvihFRci9r4GkF8LLyfE9Ml6E11d7wGGijUxzgyz_7amkkwVvUkbhAw2R6DCOAEF5eZDLYGc12lyw8X7NreW901SJwze3-ut1a5_AmRBOVtJGNPDenaOMR8bQXOT4gRuc84VEAGv993lKC7W_xabZUydn_edh0B07dRcfcpjDRlLLJtt2cDZzGkO8xhcQYf0I0_JHip_h77hqjyjF6t28YlbGrizaWVPyfyXJX212ssPnbrkuUWQArm9eLkSMcIZl1Bni7mX25AsmLnl6rzs7P7kKqiEb-78U_a--T5DY5BVHzoGlx2wFP98B_EPW1gKdr7iowkxltroDI00nZBKonU8CM4KskXZxjowjpObDjarfDpaW632_7CQt23jDBl8-XaInz8GPjkerrGjevnqPv8IdrE9wRs5B_lvd2R9DaPp2TieQZD35iitxU9EQrJujVW5ckbVLlLY-QK3iC3dOa3eXYyyJJ9wFaoXkH-HRyQ9l2_Fya3VpgPMJRJ_uzdtyxgcS7lMOALttfVdSsomQJwoPDZlgQD3TsRqhI2dI8Ll7otl7sw0BFsKGsvs822gmJrJOL0Ovdu1O9HDCmG9syNyrpiEdp4krMdbF63c1gbuAYi6Uadix95idX9ZrbCIbv06dTRTg==&nojs=0&ix=0&t=0&x=1600&y=1200&wcks=1&wgl=1&cnvs=1&os=0&md=0&bb=0&pl=Chrome%20PDF%20Plugin::Chrome%20PDF%20Viewer::Native%20Client&lang=en-US&pf=Linux%20x86_64&cd=24&0&pload=100
Requested by
Host: kneeansweras.com
URL: https://kneeansweras.com/submit.min.js?2.0
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
109.206.162.83 , Netherlands, ASN50245 (SERVEREL-AS, NL),
Reverse DNS
83.162.serverel.net
Software
nginx /
Resource Hash
870920c2b4d77ff6091980856a117520fd65a99ffa14d5f12d29f01da2f94bb3

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36
Accept-Language
nl-NL,nl;q=0.9

Response headers

server
nginx
date
Fri, 03 Dec 2021 16:23:05 GMT
content-type
text/html; charset=utf-8
vary
Accept-Encoding
content-encoding
gzip
timing-allow-origin
*
index.html
517s61.reminews.com/dannig/common-player-arrow/ 		6 KB
7 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://517s61.reminews.com/dannig/common-player-arrow/index.html?var=1541502&ymid=21120311231b78fb1bf9bb4ef78fedd3d6d0&rc=1&mrc=0&fsc=0&zoneid=1601571&tburl=https://play-vids.com/?geo=nl&proxy=true
Requested by
Host: kneeansweras.com
URL: https://kneeansweras.com/?r=dir&zoneid=1541502&var=1541501&pb=c5e7174345369ec4eb0115ed8811fdc11638555785&psp=ukwDyDTm1i51_TGybBOEshW8QBf_CFezPOyupnJMa3yc7fvihFRci9r4GkF8LLyfE9Ml6E11d7wGGijUxzgyz_7amkkwVvUkbhAw2R6DCOAEF5eZDLYGc12lyw8X7NreW901SJwze3-ut1a5_AmRBOVtJGNPDenaOMR8bQXOT4gRuc84VEAGv993lKC7W_xabZUydn_edh0B07dRcfcpjDRlLLJtt2cDZzGkO8xhcQYf0I0_JHip_h77hqjyjF6t28YlbGrizaWVPyfyXJX212ssPnbrkuUWQArm9eLkSMcIZl1Bni7mX25AsmLnl6rzs7P7kKqiEb-78U_a--T5DY5BVHzoGlx2wFP98B_EPW1gKdr7iowkxltroDI00nZBKonU8CM4KskXZxjowjpObDjarfDpaW632_7CQt23jDBl8-XaInz8GPjkerrGjevnqPv8IdrE9wRs5B_lvd2R9DaPp2TieQZD35iitxU9EQrJujVW5ckbVLlLY-QK3iC3dOa3eXYyyJJ9wFaoXkH-HRyQ9l2_Fya3VpgPMJRJ_uzdtyxgcS7lMOALttfVdSsomQJwoPDZlgQD3TsRqhI2dI8Ll7otl7sw0BFsKGsvs822gmJrJOL0Ovdu1O9HDCmG9syNyrpiEdp4krMdbF63c1gbuAYi6Uadix95idX9ZrbCIbv06dTRTg==&nojs=0&ix=0&t=0&x=1600&y=1200&wcks=1&wgl=1&cnvs=1&os=0&md=0&bb=0&pl=Chrome%20PDF%20Plugin::Chrome%20PDF%20Viewer::Native%20Client&lang=en-US&pf=Linux%20x86_64&cd=24&0&pload=100
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
45.133.44.3 Philadelphia, United States, ASN39572 (ADVANCEDHOSTERS-AS, NL),
Reverse DNS
Software
nginx/1.18.0 /
Resource Hash
dccc56b4834577790633f041a5c730b0f283352e63c8509a9da3961b170b6f96

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36
Accept-Language
nl-NL,nl;q=0.9

Response headers

date
Fri, 03 Dec 2021 16:23:05 GMT
content-type
text/html; charset=utf-8
content-length
6611
server
nginx/1.18.0
last-modified
Tue, 26 Oct 2021 15:52:40 GMT
etag
f46a63e0e4e733d7ddc6f46da00863bf
x-timestamp
1635263559.76455
x-trans-id
txf9973ab5455e4f86ae257-00617824f3
x-openstack-request-id
txf9973ab5455e4f86ae257-00617824f3
cache-control
max-age=172800
access-control-allow-origin
*
access-control-allow-methods
HEAD,GET,POST,PUT,PATCH,DELETE,OPTIONS
access-control-allow-headers
Content-Type,X-Requested-With,X-Auth-Token,X-Openstack-Request-Id,X-Container-Meta-type,X-Container-Meta-Temp-URL-Key,Authorization
access-control-expose-headers
X-Container-Meta-Temp-Url-Key,X-Container-Bytes-Used,Last-Modified,X-Timestamp
expires
Sun, 05 Dec 2021 16:23:05 GMT
vary
Accept-Encoding
x-proxy-cache
HIT
accept-ranges
bytes
dupa.gif
kneeansweras.com/ 		0
0
script.js
123.selornews.com/dannig/common-player-arrow/ 		4 KB
5 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://123.selornews.com/dannig/common-player-arrow/script.js?a=19
Requested by
Host: 517s61.reminews.com
URL: https://517s61.reminews.com/dannig/common-player-arrow/index.html?var=1541502&ymid=21120311231b78fb1bf9bb4ef78fedd3d6d0&rc=1&mrc=0&fsc=0&zoneid=1601571&tburl=https://play-vids.com/?geo=nl&proxy=true
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
45.133.44.4 Philadelphia, United States, ASN39572 (ADVANCEDHOSTERS-AS, NL),
Reverse DNS
Software
nginx/1.18.0 /
Resource Hash
4d23eca65ee87fd5bce9aaefc863c5f836ad13dbb3069c72533bddfe2054d0d9

Request headers

Accept-Language
nl-NL,nl;q=0.9
Referer
https://517s61.reminews.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date
Fri, 03 Dec 2021 16:23:05 GMT
x-openstack-request-id
tx511d3042704c4fa98c709-00617824f4
x-trans-id
tx511d3042704c4fa98c709-00617824f4
x-timestamp
1631013005.68768
accept-ranges
bytes
expires
Sun, 05 Dec 2021 16:23:05 GMT
last-modified
Tue, 07 Sep 2021 11:10:06 GMT
server
nginx/1.18.0
etag
9d479878f1dadd7ee15cebf73891e8ae
vary
Accept-Encoding
access-control-allow-methods
HEAD,GET,POST,PUT,PATCH,DELETE,OPTIONS
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
access-control-expose-headers
X-Container-Meta-Temp-Url-Key,X-Container-Bytes-Used,Last-Modified,X-Timestamp
cache-control
max-age=172800
content-length
4281
access-control-allow-headers
Content-Type,X-Requested-With,X-Auth-Token,X-Openstack-Request-Id,X-Container-Meta-type,X-Container-Meta-Temp-URL-Key,Authorization
x-proxy-cache
HIT
icon1.png
123.selornews.com/dannig/common-player-arrow/img/ 		7 KB
8 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://123.selornews.com/dannig/common-player-arrow/img/icon1.png
Requested by
Host: 517s61.reminews.com
URL: https://517s61.reminews.com/dannig/common-player-arrow/index.html?var=1541502&ymid=21120311231b78fb1bf9bb4ef78fedd3d6d0&rc=1&mrc=0&fsc=0&zoneid=1601571&tburl=https://play-vids.com/?geo=nl&proxy=true
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
45.133.44.4 Philadelphia, United States, ASN39572 (ADVANCEDHOSTERS-AS, NL),
Reverse DNS
Software
nginx/1.18.0 /
Resource Hash

Request headers

Accept-Language
nl-NL,nl;q=0.9
Referer
https://517s61.reminews.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date
Fri, 03 Dec 2021 16:23:05 GMT
x-openstack-request-id
tx3a371b7f911d47879e956-00617824f4
x-trans-id
tx3a371b7f911d47879e956-00617824f4
x-timestamp
1621260766.56573
accept-ranges
bytes
expires
Sun, 05 Dec 2021 16:23:05 GMT
last-modified
Mon, 17 May 2021 14:12:47 GMT
server
nginx/1.18.0
etag
3d0ab5834c8bf7134e4d21fa3288317f
vary
Accept-Encoding
access-control-allow-methods
HEAD,GET,POST,PUT,PATCH,DELETE,OPTIONS
content-type
image/png
access-control-allow-origin
*
access-control-expose-headers
X-Container-Meta-Temp-Url-Key,X-Container-Bytes-Used,Last-Modified,X-Timestamp
cache-control
max-age=172800
content-length
7252
access-control-allow-headers
Content-Type,X-Requested-With,X-Auth-Token,X-Openstack-Request-Id,X-Container-Meta-type,X-Container-Meta-Temp-URL-Key,Authorization
x-proxy-cache
HIT
icon2.png
123.selornews.com/dannig/common-player-arrow/img/ 		4 KB
5 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://123.selornews.com/dannig/common-player-arrow/img/icon2.png
Requested by
Host: 517s61.reminews.com
URL: https://517s61.reminews.com/dannig/common-player-arrow/index.html?var=1541502&ymid=21120311231b78fb1bf9bb4ef78fedd3d6d0&rc=1&mrc=0&fsc=0&zoneid=1601571&tburl=https://play-vids.com/?geo=nl&proxy=true
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
45.133.44.4 Philadelphia, United States, ASN39572 (ADVANCEDHOSTERS-AS, NL),
Reverse DNS
Software
nginx/1.18.0 /
Resource Hash

Request headers

Accept-Language
nl-NL,nl;q=0.9
Referer
https://517s61.reminews.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date
Fri, 03 Dec 2021 16:23:05 GMT
x-openstack-request-id
txa9b08c83d6884e2e94886-00617824f0
x-trans-id
txa9b08c83d6884e2e94886-00617824f0
x-timestamp
1621260766.58366
accept-ranges
bytes
expires
Sun, 05 Dec 2021 16:23:05 GMT
last-modified
Mon, 17 May 2021 14:12:47 GMT
server
nginx/1.18.0
etag
c947d439eb93367f1af5b2a3d222f057
vary
Accept-Encoding
access-control-allow-methods
HEAD,GET,POST,PUT,PATCH,DELETE,OPTIONS
content-type
image/png
access-control-allow-origin
*
access-control-expose-headers
X-Container-Meta-Temp-Url-Key,X-Container-Bytes-Used,Last-Modified,X-Timestamp
cache-control
max-age=172800
content-length
4576
access-control-allow-headers
Content-Type,X-Requested-With,X-Auth-Token,X-Openstack-Request-Id,X-Container-Meta-type,X-Container-Meta-Temp-URL-Key,Authorization
x-proxy-cache
HIT
icon3.png
123.selornews.com/dannig/common-player-arrow/img/ 		8 KB
8 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://123.selornews.com/dannig/common-player-arrow/img/icon3.png
Requested by
Host: 517s61.reminews.com
URL: https://517s61.reminews.com/dannig/common-player-arrow/index.html?var=1541502&ymid=21120311231b78fb1bf9bb4ef78fedd3d6d0&rc=1&mrc=0&fsc=0&zoneid=1601571&tburl=https://play-vids.com/?geo=nl&proxy=true
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
45.133.44.4 Philadelphia, United States, ASN39572 (ADVANCEDHOSTERS-AS, NL),
Reverse DNS
Software
nginx/1.18.0 /
Resource Hash

Request headers

Accept-Language
nl-NL,nl;q=0.9
Referer
https://517s61.reminews.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date
Fri, 03 Dec 2021 16:23:05 GMT
x-openstack-request-id
txe836bc800dc74cab8c17e-00617824f0
x-trans-id
txe836bc800dc74cab8c17e-00617824f0
x-timestamp
1621260770.61859
accept-ranges
bytes
expires
Sun, 05 Dec 2021 16:23:05 GMT
last-modified
Mon, 17 May 2021 14:12:51 GMT
server
nginx/1.18.0
etag
8f3cc830da0b1fdf66bda7d1d734747b
vary
Accept-Encoding
access-control-allow-methods
HEAD,GET,POST,PUT,PATCH,DELETE,OPTIONS
content-type
image/png
access-control-allow-origin
*
access-control-expose-headers
X-Container-Meta-Temp-Url-Key,X-Container-Bytes-Used,Last-Modified,X-Timestamp
cache-control
max-age=172800
content-length
7847
access-control-allow-headers
Content-Type,X-Requested-With,X-Auth-Token,X-Openstack-Request-Id,X-Container-Meta-type,X-Container-Meta-Temp-URL-Key,Authorization
x-proxy-cache
HIT
icon4.png
123.selornews.com/dannig/common-player-arrow/img/ 		7 KB
7 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://123.selornews.com/dannig/common-player-arrow/img/icon4.png
Requested by
Host: 517s61.reminews.com
URL: https://517s61.reminews.com/dannig/common-player-arrow/index.html?var=1541502&ymid=21120311231b78fb1bf9bb4ef78fedd3d6d0&rc=1&mrc=0&fsc=0&zoneid=1601571&tburl=https://play-vids.com/?geo=nl&proxy=true
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
45.133.44.4 Philadelphia, United States, ASN39572 (ADVANCEDHOSTERS-AS, NL),
Reverse DNS
Software
nginx/1.18.0 /
Resource Hash

Request headers

Accept-Language
nl-NL,nl;q=0.9
Referer
https://517s61.reminews.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date
Fri, 03 Dec 2021 16:23:05 GMT
x-openstack-request-id
tx15b172dcb6084849bf123-00617824f0
x-trans-id
tx15b172dcb6084849bf123-00617824f0
x-timestamp
1621260766.57654
accept-ranges
bytes
expires
Sun, 05 Dec 2021 16:23:05 GMT
last-modified
Mon, 17 May 2021 14:12:47 GMT
server
nginx/1.18.0
etag
7ad7f32c1c0df7b4975cc41bda4ac435
vary
Accept-Encoding
access-control-allow-methods
HEAD,GET,POST,PUT,PATCH,DELETE,OPTIONS
content-type
image/png
access-control-allow-origin
*
access-control-expose-headers
X-Container-Meta-Temp-Url-Key,X-Container-Bytes-Used,Last-Modified,X-Timestamp
cache-control
max-age=172800
content-length
7032
access-control-allow-headers
Content-Type,X-Requested-With,X-Auth-Token,X-Openstack-Request-Id,X-Container-Meta-type,X-Container-Meta-Temp-URL-Key,Authorization
x-proxy-cache
HIT
icon5.png
123.selornews.com/dannig/common-player-arrow/img/ 		3 KB
4 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://123.selornews.com/dannig/common-player-arrow/img/icon5.png
Requested by
Host: 517s61.reminews.com
URL: https://517s61.reminews.com/dannig/common-player-arrow/index.html?var=1541502&ymid=21120311231b78fb1bf9bb4ef78fedd3d6d0&rc=1&mrc=0&fsc=0&zoneid=1601571&tburl=https://play-vids.com/?geo=nl&proxy=true
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
45.133.44.4 Philadelphia, United States, ASN39572 (ADVANCEDHOSTERS-AS, NL),
Reverse DNS
Software
nginx/1.18.0 /
Resource Hash

Request headers

Accept-Language
nl-NL,nl;q=0.9
Referer
https://517s61.reminews.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date
Fri, 03 Dec 2021 16:23:05 GMT
x-openstack-request-id
txb5043e51fe2e4d6988631-00617824f0
x-trans-id
txb5043e51fe2e4d6988631-00617824f0
x-timestamp
1621260766.74516
accept-ranges
bytes
expires
Sun, 05 Dec 2021 16:23:05 GMT
last-modified
Mon, 17 May 2021 14:12:47 GMT
server
nginx/1.18.0
etag
1e1a7582b5da63e10485d63f97abc9a0
vary
Accept-Encoding
access-control-allow-methods
HEAD,GET,POST,PUT,PATCH,DELETE,OPTIONS
content-type
image/png
access-control-allow-origin
*
access-control-expose-headers
X-Container-Meta-Temp-Url-Key,X-Container-Bytes-Used,Last-Modified,X-Timestamp
cache-control
max-age=172800
content-length
3264
access-control-allow-headers
Content-Type,X-Requested-With,X-Auth-Token,X-Openstack-Request-Id,X-Container-Meta-type,X-Container-Meta-Temp-URL-Key,Authorization
x-proxy-cache
HIT
icon7.png
123.selornews.com/dannig/common-player-arrow/img/ 		3 KB
4 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://123.selornews.com/dannig/common-player-arrow/img/icon7.png
Requested by
Host: 517s61.reminews.com
URL: https://517s61.reminews.com/dannig/common-player-arrow/index.html?var=1541502&ymid=21120311231b78fb1bf9bb4ef78fedd3d6d0&rc=1&mrc=0&fsc=0&zoneid=1601571&tburl=https://play-vids.com/?geo=nl&proxy=true
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
45.133.44.4 Philadelphia, United States, ASN39572 (ADVANCEDHOSTERS-AS, NL),
Reverse DNS
Software
nginx/1.18.0 /
Resource Hash

Request headers

Accept-Language
nl-NL,nl;q=0.9
Referer
https://517s61.reminews.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date
Fri, 03 Dec 2021 16:23:05 GMT
x-openstack-request-id
tx23eb648f44094a9e86fdc-00617824f0
x-trans-id
tx23eb648f44094a9e86fdc-00617824f0
x-timestamp
1621260767.43555
accept-ranges
bytes
expires
Sun, 05 Dec 2021 16:23:05 GMT
last-modified
Mon, 17 May 2021 14:12:48 GMT
server
nginx/1.18.0
etag
b512735542cb07b3b2dcf153a7dfe456
vary
Accept-Encoding
access-control-allow-methods
HEAD,GET,POST,PUT,PATCH,DELETE,OPTIONS
content-type
image/png
access-control-allow-origin
*
access-control-expose-headers
X-Container-Meta-Temp-Url-Key,X-Container-Bytes-Used,Last-Modified,X-Timestamp
cache-control
max-age=172800
content-length
3283
access-control-allow-headers
Content-Type,X-Requested-With,X-Auth-Token,X-Openstack-Request-Id,X-Container-Meta-type,X-Container-Meta-Temp-URL-Key,Authorization
x-proxy-cache
HIT
icon8.png
123.selornews.com/dannig/common-player-arrow/img/ 		4 KB
5 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://123.selornews.com/dannig/common-player-arrow/img/icon8.png
Requested by
Host: 517s61.reminews.com
URL: https://517s61.reminews.com/dannig/common-player-arrow/index.html?var=1541502&ymid=21120311231b78fb1bf9bb4ef78fedd3d6d0&rc=1&mrc=0&fsc=0&zoneid=1601571&tburl=https://play-vids.com/?geo=nl&proxy=true
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
45.133.44.4 Philadelphia, United States, ASN39572 (ADVANCEDHOSTERS-AS, NL),
Reverse DNS
Software
nginx/1.18.0 /
Resource Hash

Request headers

Accept-Language
nl-NL,nl;q=0.9
Referer
https://517s61.reminews.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date
Fri, 03 Dec 2021 16:23:05 GMT
x-openstack-request-id
tx287de7c84de84b77b385d-00617824f0
x-trans-id
tx287de7c84de84b77b385d-00617824f0
x-timestamp
1621260767.46514
accept-ranges
bytes
expires
Sun, 05 Dec 2021 16:23:05 GMT
last-modified
Mon, 17 May 2021 14:12:48 GMT
server
nginx/1.18.0
etag
f92d6474ebc6a3a0b576749cfb4afe98
vary
Accept-Encoding
access-control-allow-methods
HEAD,GET,POST,PUT,PATCH,DELETE,OPTIONS
content-type
image/png
access-control-allow-origin
*
access-control-expose-headers
X-Container-Meta-Temp-Url-Key,X-Container-Bytes-Used,Last-Modified,X-Timestamp
cache-control
max-age=172800
content-length
4064
access-control-allow-headers
Content-Type,X-Requested-With,X-Auth-Token,X-Openstack-Request-Id,X-Container-Meta-type,X-Container-Meta-Temp-URL-Key,Authorization
x-proxy-cache
HIT
afu.php
kneeansweras.com/ 		2 KB
1 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://kneeansweras.com/afu.php?zoneid=1541501&var=1541502
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
109.206.162.83 , Netherlands, ASN50245 (SERVEREL-AS, NL),
Reverse DNS
83.162.serverel.net
Software
nginx /
Resource Hash
895ad9eeb3ee88938b6225901a804f9644a250cac3177e136cefc117570dbdcd

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36
Accept-Language
nl-NL,nl;q=0.9

Response headers

server
nginx
date
Fri, 03 Dec 2021 16:23:05 GMT
content-type
text/html; charset=utf-8
vary
Accept-Encoding
content-encoding
gzip
timing-allow-origin
*
submit.min.js
kneeansweras.com/ 		34 KB
14 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://kneeansweras.com/submit.min.js?2.0
Requested by
Host: kneeansweras.com
URL: https://kneeansweras.com/afu.php?zoneid=1541501&var=1541502
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
109.206.162.83 , Netherlands, ASN50245 (SERVEREL-AS, NL),
Reverse DNS
83.162.serverel.net
Software
nginx /
Resource Hash
85a367f436675a0f9ff723ab117c68ab0f704cd9f183bc40c8d5e06d647832b8

Request headers

Accept-Language
nl-NL,nl;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date
Fri, 03 Dec 2021 16:23:05 GMT
content-encoding
gzip
last-modified
Thu, 02 Dec 2021 12:43:17 GMT
server
nginx
etag
W/"61a8bf65-87fb"
vary
Accept-Encoding
content-type
application/javascript
timing-allow-origin
*
/
kneeansweras.com/ 		3 KB
2 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://kneeansweras.com/?r=dir&zoneid=1541501&var=1541502&pb=c5e7174345369ec4eb0115ed8811fdc11638555785&psp=E_HPHFnemVJeSRVGzaGeS6BzYNiFFqi_c3BUBD9b49UUt3M9ZL91-gFadbSU9N7QW13H6XLF_unOzH8GtuOmMVXatbcNegSizEjKvLv1W5o4O_nGjEToCrSNv6_JUW0kDge22ecPuZ0nxOrl5E19sNNaWZJK--ZuONVn6cGdNrTjfioY1N4U3xUEIJADrGZsfQySlN0x-H7Zr9lh8uXt-V7fIE0mmyZdaipGqxBB3bkSxmyskhtKAQg1v9eJwmvF9bZKUjGXq2zGnapcqeV4bUECXdMQZtFY8zN1WDv871emXSIRSHiYQYoSS0Lh9t2los437XTlVLwA0m2Rme-DdzSPUHdhXDdDPHuGX5p49rT6IFuxBD9rjgU8etq30mFjJQ22gMSWi_rUPimtTWgHErW9SiYjBrqI9Y9FOajLpaYgra032bVmq39O93ecQNl0MRnFHYb8VJMTITVn21qz_ag2tuXb9U-P881Ke6oTh39YgdDAdTy03IFfIAqYWZgVkGpnfo2lxFwWYNx2iel9XCHJMrm1wt_CU-fuIjgxljTGA6969Dwc6iLEfDRgVEIO6-A8C0TBiWnOL4b6l-AzzcMBRSoRbRER5QZueE6ZO5O0G0K0XVYTnVKn5rDopjGWwcvwKtgDZUNlsMv6saLS6G5k_82JVHkvnSVO2-OgE90xyGTi1qGpuQ==&nojs=0&ix=0&t=0&x=1600&y=1200&wcks=1&wgl=1&cnvs=1&os=0&md=0&bb=0&pl=Chrome%20PDF%20Plugin::Chrome%20PDF%20Viewer::Native%20Client&lang=en-US&pf=Linux%20x86_64&cd=24&0&pload=124
Requested by
Host: kneeansweras.com
URL: https://kneeansweras.com/submit.min.js?2.0
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
109.206.162.83 , Netherlands, ASN50245 (SERVEREL-AS, NL),
Reverse DNS
83.162.serverel.net
Software
nginx /
Resource Hash
6162b10d975eace60a53460216194dd5dca9240ac4869a724d50cd4d6de293ab

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36
Accept-Language
nl-NL,nl;q=0.9

Response headers

server
nginx
date
Fri, 03 Dec 2021 16:23:05 GMT
content-type
text/html; charset=utf-8
vary
Accept-Encoding
content-encoding
gzip
timing-allow-origin
*
index.html
517s61.reminews.com/dannig/common-player-arrow/ 		6 KB
7 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://517s61.reminews.com/dannig/common-player-arrow/index.html?var=1541501&ymid=21120311236d970b91640247c1858a1bfeaa&rc=1&mrc=0&fsc=0&zoneid=1601571&tburl=https://play-vids.com/?geo=nl&proxy=true
Requested by
Host: kneeansweras.com
URL: https://kneeansweras.com/?r=dir&zoneid=1541501&var=1541502&pb=c5e7174345369ec4eb0115ed8811fdc11638555785&psp=E_HPHFnemVJeSRVGzaGeS6BzYNiFFqi_c3BUBD9b49UUt3M9ZL91-gFadbSU9N7QW13H6XLF_unOzH8GtuOmMVXatbcNegSizEjKvLv1W5o4O_nGjEToCrSNv6_JUW0kDge22ecPuZ0nxOrl5E19sNNaWZJK--ZuONVn6cGdNrTjfioY1N4U3xUEIJADrGZsfQySlN0x-H7Zr9lh8uXt-V7fIE0mmyZdaipGqxBB3bkSxmyskhtKAQg1v9eJwmvF9bZKUjGXq2zGnapcqeV4bUECXdMQZtFY8zN1WDv871emXSIRSHiYQYoSS0Lh9t2los437XTlVLwA0m2Rme-DdzSPUHdhXDdDPHuGX5p49rT6IFuxBD9rjgU8etq30mFjJQ22gMSWi_rUPimtTWgHErW9SiYjBrqI9Y9FOajLpaYgra032bVmq39O93ecQNl0MRnFHYb8VJMTITVn21qz_ag2tuXb9U-P881Ke6oTh39YgdDAdTy03IFfIAqYWZgVkGpnfo2lxFwWYNx2iel9XCHJMrm1wt_CU-fuIjgxljTGA6969Dwc6iLEfDRgVEIO6-A8C0TBiWnOL4b6l-AzzcMBRSoRbRER5QZueE6ZO5O0G0K0XVYTnVKn5rDopjGWwcvwKtgDZUNlsMv6saLS6G5k_82JVHkvnSVO2-OgE90xyGTi1qGpuQ==&nojs=0&ix=0&t=0&x=1600&y=1200&wcks=1&wgl=1&cnvs=1&os=0&md=0&bb=0&pl=Chrome%20PDF%20Plugin::Chrome%20PDF%20Viewer::Native%20Client&lang=en-US&pf=Linux%20x86_64&cd=24&0&pload=124
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
45.133.44.3 Philadelphia, United States, ASN39572 (ADVANCEDHOSTERS-AS, NL),
Reverse DNS
Software
nginx/1.18.0 /
Resource Hash
dccc56b4834577790633f041a5c730b0f283352e63c8509a9da3961b170b6f96

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36
Accept-Language
nl-NL,nl;q=0.9

Response headers

date
Fri, 03 Dec 2021 16:23:05 GMT
content-type
text/html; charset=utf-8
content-length
6611
server
nginx/1.18.0
last-modified
Tue, 26 Oct 2021 15:52:40 GMT
etag
f46a63e0e4e733d7ddc6f46da00863bf
x-timestamp
1635263559.76455
x-trans-id
txf9973ab5455e4f86ae257-00617824f3
x-openstack-request-id
txf9973ab5455e4f86ae257-00617824f3
cache-control
max-age=172800
access-control-allow-origin
*
access-control-allow-methods
HEAD,GET,POST,PUT,PATCH,DELETE,OPTIONS
access-control-allow-headers
Content-Type,X-Requested-With,X-Auth-Token,X-Openstack-Request-Id,X-Container-Meta-type,X-Container-Meta-Temp-URL-Key,Authorization
access-control-expose-headers
X-Container-Meta-Temp-Url-Key,X-Container-Bytes-Used,Last-Modified,X-Timestamp
expires
Sun, 05 Dec 2021 16:23:05 GMT
vary
Accept-Encoding
x-proxy-cache
HIT
accept-ranges
bytes
dupa.gif
kneeansweras.com/ 		0
0
script.js
123.selornews.com/dannig/common-player-arrow/ 		4 KB
5 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://123.selornews.com/dannig/common-player-arrow/script.js?a=19
Requested by
Host: 517s61.reminews.com
URL: https://517s61.reminews.com/dannig/common-player-arrow/index.html?var=1541501&ymid=21120311236d970b91640247c1858a1bfeaa&rc=1&mrc=0&fsc=0&zoneid=1601571&tburl=https://play-vids.com/?geo=nl&proxy=true
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
45.133.44.4 Philadelphia, United States, ASN39572 (ADVANCEDHOSTERS-AS, NL),
Reverse DNS
Software
nginx/1.18.0 /
Resource Hash
4d23eca65ee87fd5bce9aaefc863c5f836ad13dbb3069c72533bddfe2054d0d9

Request headers

Accept-Language
nl-NL,nl;q=0.9
Referer
https://517s61.reminews.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date
Fri, 03 Dec 2021 16:23:06 GMT
x-openstack-request-id
tx511d3042704c4fa98c709-00617824f4
x-trans-id
tx511d3042704c4fa98c709-00617824f4
x-timestamp
1631013005.68768
accept-ranges
bytes
expires
Sun, 05 Dec 2021 16:23:06 GMT
last-modified
Tue, 07 Sep 2021 11:10:06 GMT
server
nginx/1.18.0
etag
9d479878f1dadd7ee15cebf73891e8ae
vary
Accept-Encoding
access-control-allow-methods
HEAD,GET,POST,PUT,PATCH,DELETE,OPTIONS
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
access-control-expose-headers
X-Container-Meta-Temp-Url-Key,X-Container-Bytes-Used,Last-Modified,X-Timestamp
cache-control
max-age=172800
content-length
4281
access-control-allow-headers
Content-Type,X-Requested-With,X-Auth-Token,X-Openstack-Request-Id,X-Container-Meta-type,X-Container-Meta-Temp-URL-Key,Authorization
x-proxy-cache
HIT
icon1.png
123.selornews.com/dannig/common-player-arrow/img/ 		7 KB
8 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://123.selornews.com/dannig/common-player-arrow/img/icon1.png
Requested by
Host: 517s61.reminews.com
URL: https://517s61.reminews.com/dannig/common-player-arrow/index.html?var=1541501&ymid=21120311236d970b91640247c1858a1bfeaa&rc=1&mrc=0&fsc=0&zoneid=1601571&tburl=https://play-vids.com/?geo=nl&proxy=true
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
45.133.44.4 Philadelphia, United States, ASN39572 (ADVANCEDHOSTERS-AS, NL),
Reverse DNS
Software
nginx/1.18.0 /
Resource Hash
0515ddd9185d263874e7b66bb6d521fcd63b857aac5fed51c08df98026dafe27

Request headers

Accept-Language
nl-NL,nl;q=0.9
Referer
https://517s61.reminews.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date
Fri, 03 Dec 2021 16:23:06 GMT
x-openstack-request-id
tx3a371b7f911d47879e956-00617824f4
x-trans-id
tx3a371b7f911d47879e956-00617824f4
x-timestamp
1621260766.56573
accept-ranges
bytes
expires
Sun, 05 Dec 2021 16:23:06 GMT
last-modified
Mon, 17 May 2021 14:12:47 GMT
server
nginx/1.18.0
etag
3d0ab5834c8bf7134e4d21fa3288317f
vary
Accept-Encoding
access-control-allow-methods
HEAD,GET,POST,PUT,PATCH,DELETE,OPTIONS
content-type
image/png
access-control-allow-origin
*
access-control-expose-headers
X-Container-Meta-Temp-Url-Key,X-Container-Bytes-Used,Last-Modified,X-Timestamp
cache-control
max-age=172800
content-length
7252
access-control-allow-headers
Content-Type,X-Requested-With,X-Auth-Token,X-Openstack-Request-Id,X-Container-Meta-type,X-Container-Meta-Temp-URL-Key,Authorization
x-proxy-cache
HIT
icon2.png
123.selornews.com/dannig/common-player-arrow/img/ 		4 KB
5 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://123.selornews.com/dannig/common-player-arrow/img/icon2.png
Requested by
Host: 517s61.reminews.com
URL: https://517s61.reminews.com/dannig/common-player-arrow/index.html?var=1541501&ymid=21120311236d970b91640247c1858a1bfeaa&rc=1&mrc=0&fsc=0&zoneid=1601571&tburl=https://play-vids.com/?geo=nl&proxy=true
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
45.133.44.4 Philadelphia, United States, ASN39572 (ADVANCEDHOSTERS-AS, NL),
Reverse DNS
Software
nginx/1.18.0 /
Resource Hash

Request headers

Accept-Language
nl-NL,nl;q=0.9
Referer
https://517s61.reminews.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date
Fri, 03 Dec 2021 16:23:06 GMT
x-openstack-request-id
txa9b08c83d6884e2e94886-00617824f0
x-trans-id
txa9b08c83d6884e2e94886-00617824f0
x-timestamp
1621260766.58366
accept-ranges
bytes
expires
Sun, 05 Dec 2021 16:23:06 GMT
last-modified
Mon, 17 May 2021 14:12:47 GMT
server
nginx/1.18.0
etag
c947d439eb93367f1af5b2a3d222f057
vary
Accept-Encoding
access-control-allow-methods
HEAD,GET,POST,PUT,PATCH,DELETE,OPTIONS
content-type
image/png
access-control-allow-origin
*
access-control-expose-headers
X-Container-Meta-Temp-Url-Key,X-Container-Bytes-Used,Last-Modified,X-Timestamp
cache-control
max-age=172800
content-length
4576
access-control-allow-headers
Content-Type,X-Requested-With,X-Auth-Token,X-Openstack-Request-Id,X-Container-Meta-type,X-Container-Meta-Temp-URL-Key,Authorization
x-proxy-cache
HIT
icon3.png
123.selornews.com/dannig/common-player-arrow/img/ 		8 KB
8 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://123.selornews.com/dannig/common-player-arrow/img/icon3.png
Requested by
Host: 517s61.reminews.com
URL: https://517s61.reminews.com/dannig/common-player-arrow/index.html?var=1541501&ymid=21120311236d970b91640247c1858a1bfeaa&rc=1&mrc=0&fsc=0&zoneid=1601571&tburl=https://play-vids.com/?geo=nl&proxy=true
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
45.133.44.4 Philadelphia, United States, ASN39572 (ADVANCEDHOSTERS-AS, NL),
Reverse DNS
Software
nginx/1.18.0 /
Resource Hash

Request headers

Accept-Language
nl-NL,nl;q=0.9
Referer
https://517s61.reminews.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date
Fri, 03 Dec 2021 16:23:06 GMT
x-openstack-request-id
txe836bc800dc74cab8c17e-00617824f0
x-trans-id
txe836bc800dc74cab8c17e-00617824f0
x-timestamp
1621260770.61859
accept-ranges
bytes
expires
Sun, 05 Dec 2021 16:23:06 GMT
last-modified
Mon, 17 May 2021 14:12:51 GMT
server
nginx/1.18.0
etag
8f3cc830da0b1fdf66bda7d1d734747b
vary
Accept-Encoding
access-control-allow-methods
HEAD,GET,POST,PUT,PATCH,DELETE,OPTIONS
content-type
image/png
access-control-allow-origin
*
access-control-expose-headers
X-Container-Meta-Temp-Url-Key,X-Container-Bytes-Used,Last-Modified,X-Timestamp
cache-control
max-age=172800
content-length
7847
access-control-allow-headers
Content-Type,X-Requested-With,X-Auth-Token,X-Openstack-Request-Id,X-Container-Meta-type,X-Container-Meta-Temp-URL-Key,Authorization
x-proxy-cache
HIT
icon4.png
123.selornews.com/dannig/common-player-arrow/img/ 		7 KB
7 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://123.selornews.com/dannig/common-player-arrow/img/icon4.png
Requested by
Host: 517s61.reminews.com
URL: https://517s61.reminews.com/dannig/common-player-arrow/index.html?var=1541501&ymid=21120311236d970b91640247c1858a1bfeaa&rc=1&mrc=0&fsc=0&zoneid=1601571&tburl=https://play-vids.com/?geo=nl&proxy=true
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
45.133.44.4 Philadelphia, United States, ASN39572 (ADVANCEDHOSTERS-AS, NL),
Reverse DNS
Software
nginx/1.18.0 /
Resource Hash

Request headers

Accept-Language
nl-NL,nl;q=0.9
Referer
https://517s61.reminews.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date
Fri, 03 Dec 2021 16:23:06 GMT
x-openstack-request-id
tx15b172dcb6084849bf123-00617824f0
x-trans-id
tx15b172dcb6084849bf123-00617824f0
x-timestamp
1621260766.57654
accept-ranges
bytes
expires
Sun, 05 Dec 2021 16:23:06 GMT
last-modified
Mon, 17 May 2021 14:12:47 GMT
server
nginx/1.18.0
etag
7ad7f32c1c0df7b4975cc41bda4ac435
vary
Accept-Encoding
access-control-allow-methods
HEAD,GET,POST,PUT,PATCH,DELETE,OPTIONS
content-type
image/png
access-control-allow-origin
*
access-control-expose-headers
X-Container-Meta-Temp-Url-Key,X-Container-Bytes-Used,Last-Modified,X-Timestamp
cache-control
max-age=172800
content-length
7032
access-control-allow-headers
Content-Type,X-Requested-With,X-Auth-Token,X-Openstack-Request-Id,X-Container-Meta-type,X-Container-Meta-Temp-URL-Key,Authorization
x-proxy-cache
HIT
icon5.png
123.selornews.com/dannig/common-player-arrow/img/ 		3 KB
4 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://123.selornews.com/dannig/common-player-arrow/img/icon5.png
Requested by
Host: 517s61.reminews.com
URL: https://517s61.reminews.com/dannig/common-player-arrow/index.html?var=1541501&ymid=21120311236d970b91640247c1858a1bfeaa&rc=1&mrc=0&fsc=0&zoneid=1601571&tburl=https://play-vids.com/?geo=nl&proxy=true
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
45.133.44.4 Philadelphia, United States, ASN39572 (ADVANCEDHOSTERS-AS, NL),
Reverse DNS
Software
nginx/1.18.0 /
Resource Hash

Request headers

Accept-Language
nl-NL,nl;q=0.9
Referer
https://517s61.reminews.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date
Fri, 03 Dec 2021 16:23:06 GMT
x-openstack-request-id
txb5043e51fe2e4d6988631-00617824f0
x-trans-id
txb5043e51fe2e4d6988631-00617824f0
x-timestamp
1621260766.74516
accept-ranges
bytes
expires
Sun, 05 Dec 2021 16:23:06 GMT
last-modified
Mon, 17 May 2021 14:12:47 GMT
server
nginx/1.18.0
etag
1e1a7582b5da63e10485d63f97abc9a0
vary
Accept-Encoding
access-control-allow-methods
HEAD,GET,POST,PUT,PATCH,DELETE,OPTIONS
content-type
image/png
access-control-allow-origin
*
access-control-expose-headers
X-Container-Meta-Temp-Url-Key,X-Container-Bytes-Used,Last-Modified,X-Timestamp
cache-control
max-age=172800
content-length
3264
access-control-allow-headers
Content-Type,X-Requested-With,X-Auth-Token,X-Openstack-Request-Id,X-Container-Meta-type,X-Container-Meta-Temp-URL-Key,Authorization
x-proxy-cache
HIT
icon7.png
123.selornews.com/dannig/common-player-arrow/img/ 		3 KB
4 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://123.selornews.com/dannig/common-player-arrow/img/icon7.png
Requested by
Host: 517s61.reminews.com
URL: https://517s61.reminews.com/dannig/common-player-arrow/index.html?var=1541501&ymid=21120311236d970b91640247c1858a1bfeaa&rc=1&mrc=0&fsc=0&zoneid=1601571&tburl=https://play-vids.com/?geo=nl&proxy=true
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
45.133.44.4 Philadelphia, United States, ASN39572 (ADVANCEDHOSTERS-AS, NL),
Reverse DNS
Software
nginx/1.18.0 /
Resource Hash

Request headers

Accept-Language
nl-NL,nl;q=0.9
Referer
https://517s61.reminews.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date
Fri, 03 Dec 2021 16:23:06 GMT
x-openstack-request-id
tx23eb648f44094a9e86fdc-00617824f0
x-trans-id
tx23eb648f44094a9e86fdc-00617824f0
x-timestamp
1621260767.43555
accept-ranges
bytes
expires
Sun, 05 Dec 2021 16:23:06 GMT
last-modified
Mon, 17 May 2021 14:12:48 GMT
server
nginx/1.18.0
etag
b512735542cb07b3b2dcf153a7dfe456
vary
Accept-Encoding
access-control-allow-methods
HEAD,GET,POST,PUT,PATCH,DELETE,OPTIONS
content-type
image/png
access-control-allow-origin
*
access-control-expose-headers
X-Container-Meta-Temp-Url-Key,X-Container-Bytes-Used,Last-Modified,X-Timestamp
cache-control
max-age=172800
content-length
3283
access-control-allow-headers
Content-Type,X-Requested-With,X-Auth-Token,X-Openstack-Request-Id,X-Container-Meta-type,X-Container-Meta-Temp-URL-Key,Authorization
x-proxy-cache
HIT
icon8.png
123.selornews.com/dannig/common-player-arrow/img/ 		4 KB
5 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://123.selornews.com/dannig/common-player-arrow/img/icon8.png
Requested by
Host: 517s61.reminews.com
URL: https://517s61.reminews.com/dannig/common-player-arrow/index.html?var=1541501&ymid=21120311236d970b91640247c1858a1bfeaa&rc=1&mrc=0&fsc=0&zoneid=1601571&tburl=https://play-vids.com/?geo=nl&proxy=true
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
45.133.44.4 Philadelphia, United States, ASN39572 (ADVANCEDHOSTERS-AS, NL),
Reverse DNS
Software
nginx/1.18.0 /
Resource Hash

Request headers

Accept-Language
nl-NL,nl;q=0.9
Referer
https://517s61.reminews.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date
Fri, 03 Dec 2021 16:23:06 GMT
x-openstack-request-id
tx287de7c84de84b77b385d-00617824f0
x-trans-id
tx287de7c84de84b77b385d-00617824f0
x-timestamp
1621260767.46514
accept-ranges
bytes
expires
Sun, 05 Dec 2021 16:23:06 GMT
last-modified
Mon, 17 May 2021 14:12:48 GMT
server
nginx/1.18.0
etag
f92d6474ebc6a3a0b576749cfb4afe98
vary
Accept-Encoding
access-control-allow-methods
HEAD,GET,POST,PUT,PATCH,DELETE,OPTIONS
content-type
image/png
access-control-allow-origin
*
access-control-expose-headers
X-Container-Meta-Temp-Url-Key,X-Container-Bytes-Used,Last-Modified,X-Timestamp
cache-control
max-age=172800
content-length
4064
access-control-allow-headers
Content-Type,X-Requested-With,X-Auth-Token,X-Openstack-Request-Id,X-Container-Meta-type,X-Container-Meta-Temp-URL-Key,Authorization
x-proxy-cache
HIT
afu.php
kneeansweras.com/ 		2 KB
1 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://kneeansweras.com/afu.php?zoneid=1541502&var=1541501
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
109.206.162.83 , Netherlands, ASN50245 (SERVEREL-AS, NL),
Reverse DNS
83.162.serverel.net
Software
nginx /
Resource Hash
43f4736f5b9cc3f330e5959829b41ad801ca2ee9e255ccacf94de39362a08a39

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36
Accept-Language
nl-NL,nl;q=0.9

Response headers

server
nginx
date
Fri, 03 Dec 2021 16:23:06 GMT
content-type
text/html; charset=utf-8
vary
Accept-Encoding
content-encoding
gzip
timing-allow-origin
*
submit.min.js
kneeansweras.com/ 		34 KB
14 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://kneeansweras.com/submit.min.js?2.0
Requested by
Host: kneeansweras.com
URL: https://kneeansweras.com/afu.php?zoneid=1541502&var=1541501
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
109.206.162.83 , Netherlands, ASN50245 (SERVEREL-AS, NL),
Reverse DNS
83.162.serverel.net
Software
nginx /
Resource Hash
85a367f436675a0f9ff723ab117c68ab0f704cd9f183bc40c8d5e06d647832b8

Request headers

Accept-Language
nl-NL,nl;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date
Fri, 03 Dec 2021 16:23:06 GMT
content-encoding
gzip
last-modified
Thu, 02 Dec 2021 12:43:17 GMT
server
nginx
etag
W/"61a8bf65-87fb"
vary
Accept-Encoding
content-type
application/javascript
timing-allow-origin
*
/
kneeansweras.com/ 		3 KB
2 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://kneeansweras.com/?r=dir&zoneid=1541502&var=1541501&pb=8972fe0676f5560ae3c24b137e758cd91638555786&psp=_g0CjzrxsNBMcyVos0SIl62Jzm7oHDAgpvma4peAv2qiOaL255_8o9PB1tYh-idORsrelXeaBDznRuE4HUWUs5TI1QseD28Vv5krtxIYquzl3UdYzNZPGLY0QMDP0oAEOEjGw6ly1z-JOQwMIDWJezPCy5MHpxFEn9kGPu1_w60wdt4oC_T3eA_c1IMR2WRxQAeV_df7BePlxU3j_RdyxUQSViXrGSzud3TDcasJmd-CD0D1s59Nn618rX9Lt3x3MuNW_hd4OEl-0WeSCYHbLj2dWlwdG5n8Py-P80vxC8tjxZe-hHVxQAmGiIf5BTkPwXmr2SnCUp5tS0tifQsinQuim79N7-hsWDBnOWl32KXaW4Opz0u1i6Br99-GsEwoMV5GlwsoTCjKX7DfCX15v2GjLuKHgSB621Zklh0eW5ylEMSCIDj8zhLtaAUIXigjMjhD1Bqn_YdeELoKFsrn2xJZUL7MX7TRmv2D3Y4NUV-D49TpTwLwkyaKwMNdWoPsKchpQs24RddSlw6WZjdqSmvptmyLA9RXLvL2zNBUyRCtELOqKyaDY52vwyYKGNEExMUhMqQV8ojscgXBtX0j3XvFPNYv5WzcvjusyP-0tl9IpxLA_JmYDvyuU85XsHXtH9y1JyVMd9fbPJ6As-AyV3U2m8-lgm50BwX-CMy-VGh5Z-tn_83Psw==&nojs=0&ix=0&t=0&x=1600&y=1200&wcks=1&wgl=1&cnvs=1&os=0&md=0&bb=0&pl=Chrome%20PDF%20Plugin::Chrome%20PDF%20Viewer::Native%20Client&lang=en-US&pf=Linux%20x86_64&cd=24&0&pload=104
Requested by
Host: kneeansweras.com
URL: https://kneeansweras.com/submit.min.js?2.0
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
109.206.162.83 , Netherlands, ASN50245 (SERVEREL-AS, NL),
Reverse DNS
83.162.serverel.net
Software
nginx /
Resource Hash
45d721b6cf878e54c17e44b7035ae711d8b7b16937bc0139084101ba6927b6da

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36
Accept-Language
nl-NL,nl;q=0.9

Response headers

server
nginx
date
Fri, 03 Dec 2021 16:23:06 GMT
content-type
text/html; charset=utf-8
vary
Accept-Encoding
content-encoding
gzip
timing-allow-origin
*
index.html
517s61.reminews.com/dannig/common-player-arrow/ 		6 KB
7 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://517s61.reminews.com/dannig/common-player-arrow/index.html?var=1541502&ymid=2112031123fbd17386115e40beb777ada1ef&rc=1&mrc=0&fsc=0&zoneid=1601571&tburl=https://play-vids.com/?geo=nl&proxy=true
Requested by
Host: kneeansweras.com
URL: https://kneeansweras.com/?r=dir&zoneid=1541502&var=1541501&pb=8972fe0676f5560ae3c24b137e758cd91638555786&psp=_g0CjzrxsNBMcyVos0SIl62Jzm7oHDAgpvma4peAv2qiOaL255_8o9PB1tYh-idORsrelXeaBDznRuE4HUWUs5TI1QseD28Vv5krtxIYquzl3UdYzNZPGLY0QMDP0oAEOEjGw6ly1z-JOQwMIDWJezPCy5MHpxFEn9kGPu1_w60wdt4oC_T3eA_c1IMR2WRxQAeV_df7BePlxU3j_RdyxUQSViXrGSzud3TDcasJmd-CD0D1s59Nn618rX9Lt3x3MuNW_hd4OEl-0WeSCYHbLj2dWlwdG5n8Py-P80vxC8tjxZe-hHVxQAmGiIf5BTkPwXmr2SnCUp5tS0tifQsinQuim79N7-hsWDBnOWl32KXaW4Opz0u1i6Br99-GsEwoMV5GlwsoTCjKX7DfCX15v2GjLuKHgSB621Zklh0eW5ylEMSCIDj8zhLtaAUIXigjMjhD1Bqn_YdeELoKFsrn2xJZUL7MX7TRmv2D3Y4NUV-D49TpTwLwkyaKwMNdWoPsKchpQs24RddSlw6WZjdqSmvptmyLA9RXLvL2zNBUyRCtELOqKyaDY52vwyYKGNEExMUhMqQV8ojscgXBtX0j3XvFPNYv5WzcvjusyP-0tl9IpxLA_JmYDvyuU85XsHXtH9y1JyVMd9fbPJ6As-AyV3U2m8-lgm50BwX-CMy-VGh5Z-tn_83Psw==&nojs=0&ix=0&t=0&x=1600&y=1200&wcks=1&wgl=1&cnvs=1&os=0&md=0&bb=0&pl=Chrome%20PDF%20Plugin::Chrome%20PDF%20Viewer::Native%20Client&lang=en-US&pf=Linux%20x86_64&cd=24&0&pload=104
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
45.133.44.3 Philadelphia, United States, ASN39572 (ADVANCEDHOSTERS-AS, NL),
Reverse DNS
Software
nginx/1.18.0 /
Resource Hash
dccc56b4834577790633f041a5c730b0f283352e63c8509a9da3961b170b6f96

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36
Accept-Language
nl-NL,nl;q=0.9

Response headers

date
Fri, 03 Dec 2021 16:23:06 GMT
content-type
text/html; charset=utf-8
content-length
6611
server
nginx/1.18.0
last-modified
Tue, 26 Oct 2021 15:52:40 GMT
etag
f46a63e0e4e733d7ddc6f46da00863bf
x-timestamp
1635263559.76455
x-trans-id
txf9973ab5455e4f86ae257-00617824f3
x-openstack-request-id
txf9973ab5455e4f86ae257-00617824f3
cache-control
max-age=172800
access-control-allow-origin
*
access-control-allow-methods
HEAD,GET,POST,PUT,PATCH,DELETE,OPTIONS
access-control-allow-headers
Content-Type,X-Requested-With,X-Auth-Token,X-Openstack-Request-Id,X-Container-Meta-type,X-Container-Meta-Temp-URL-Key,Authorization
access-control-expose-headers
X-Container-Meta-Temp-Url-Key,X-Container-Bytes-Used,Last-Modified,X-Timestamp
expires
Sun, 05 Dec 2021 16:23:06 GMT
vary
Accept-Encoding
x-proxy-cache
HIT
accept-ranges
bytes
dupa.gif
kneeansweras.com/ 		0
0
script.js
123.selornews.com/dannig/common-player-arrow/ 		4 KB
5 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://123.selornews.com/dannig/common-player-arrow/script.js?a=19
Requested by
Host: 517s61.reminews.com
URL: https://517s61.reminews.com/dannig/common-player-arrow/index.html?var=1541502&ymid=2112031123fbd17386115e40beb777ada1ef&rc=1&mrc=0&fsc=0&zoneid=1601571&tburl=https://play-vids.com/?geo=nl&proxy=true
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
45.133.44.4 Philadelphia, United States, ASN39572 (ADVANCEDHOSTERS-AS, NL),
Reverse DNS
Software
nginx/1.18.0 /
Resource Hash
4d23eca65ee87fd5bce9aaefc863c5f836ad13dbb3069c72533bddfe2054d0d9

Request headers

Accept-Language
nl-NL,nl;q=0.9
Referer
https://517s61.reminews.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date
Fri, 03 Dec 2021 16:23:06 GMT
x-openstack-request-id
tx511d3042704c4fa98c709-00617824f4
x-trans-id
tx511d3042704c4fa98c709-00617824f4
x-timestamp
1631013005.68768
accept-ranges
bytes
expires
Sun, 05 Dec 2021 16:23:06 GMT
last-modified
Tue, 07 Sep 2021 11:10:06 GMT
server
nginx/1.18.0
etag
9d479878f1dadd7ee15cebf73891e8ae
vary
Accept-Encoding
access-control-allow-methods
HEAD,GET,POST,PUT,PATCH,DELETE,OPTIONS
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
access-control-expose-headers
X-Container-Meta-Temp-Url-Key,X-Container-Bytes-Used,Last-Modified,X-Timestamp
cache-control
max-age=172800
content-length
4281
access-control-allow-headers
Content-Type,X-Requested-With,X-Auth-Token,X-Openstack-Request-Id,X-Container-Meta-type,X-Container-Meta-Temp-URL-Key,Authorization
x-proxy-cache
HIT
icon1.png
123.selornews.com/dannig/common-player-arrow/img/ 		7 KB
8 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://123.selornews.com/dannig/common-player-arrow/img/icon1.png
Requested by
Host: 517s61.reminews.com
URL: https://517s61.reminews.com/dannig/common-player-arrow/index.html?var=1541502&ymid=2112031123fbd17386115e40beb777ada1ef&rc=1&mrc=0&fsc=0&zoneid=1601571&tburl=https://play-vids.com/?geo=nl&proxy=true
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
45.133.44.4 Philadelphia, United States, ASN39572 (ADVANCEDHOSTERS-AS, NL),
Reverse DNS
Software
nginx/1.18.0 /
Resource Hash
0515ddd9185d263874e7b66bb6d521fcd63b857aac5fed51c08df98026dafe27

Request headers

Accept-Language
nl-NL,nl;q=0.9
Referer
https://517s61.reminews.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date
Fri, 03 Dec 2021 16:23:06 GMT
x-openstack-request-id
tx3a371b7f911d47879e956-00617824f4
x-trans-id
tx3a371b7f911d47879e956-00617824f4
x-timestamp
1621260766.56573
accept-ranges
bytes
expires
Sun, 05 Dec 2021 16:23:06 GMT
last-modified
Mon, 17 May 2021 14:12:47 GMT
server
nginx/1.18.0
etag
3d0ab5834c8bf7134e4d21fa3288317f
vary
Accept-Encoding
access-control-allow-methods
HEAD,GET,POST,PUT,PATCH,DELETE,OPTIONS
content-type
image/png
access-control-allow-origin
*
access-control-expose-headers
X-Container-Meta-Temp-Url-Key,X-Container-Bytes-Used,Last-Modified,X-Timestamp
cache-control
max-age=172800
content-length
7252
access-control-allow-headers
Content-Type,X-Requested-With,X-Auth-Token,X-Openstack-Request-Id,X-Container-Meta-type,X-Container-Meta-Temp-URL-Key,Authorization
x-proxy-cache
HIT
icon2.png
123.selornews.com/dannig/common-player-arrow/img/ 		4 KB
5 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://123.selornews.com/dannig/common-player-arrow/img/icon2.png
Requested by
Host: 517s61.reminews.com
URL: https://517s61.reminews.com/dannig/common-player-arrow/index.html?var=1541502&ymid=2112031123fbd17386115e40beb777ada1ef&rc=1&mrc=0&fsc=0&zoneid=1601571&tburl=https://play-vids.com/?geo=nl&proxy=true
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
45.133.44.4 Philadelphia, United States, ASN39572 (ADVANCEDHOSTERS-AS, NL),
Reverse DNS
Software
nginx/1.18.0 /
Resource Hash

Request headers

Accept-Language
nl-NL,nl;q=0.9
Referer
https://517s61.reminews.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date
Fri, 03 Dec 2021 16:23:06 GMT
x-openstack-request-id
txa9b08c83d6884e2e94886-00617824f0
x-trans-id
txa9b08c83d6884e2e94886-00617824f0
x-timestamp
1621260766.58366
accept-ranges
bytes
expires
Sun, 05 Dec 2021 16:23:06 GMT
last-modified
Mon, 17 May 2021 14:12:47 GMT
server
nginx/1.18.0
etag
c947d439eb93367f1af5b2a3d222f057
vary
Accept-Encoding
access-control-allow-methods
HEAD,GET,POST,PUT,PATCH,DELETE,OPTIONS
content-type
image/png
access-control-allow-origin
*
access-control-expose-headers
X-Container-Meta-Temp-Url-Key,X-Container-Bytes-Used,Last-Modified,X-Timestamp
cache-control
max-age=172800
content-length
4576
access-control-allow-headers
Content-Type,X-Requested-With,X-Auth-Token,X-Openstack-Request-Id,X-Container-Meta-type,X-Container-Meta-Temp-URL-Key,Authorization
x-proxy-cache
HIT
icon3.png
123.selornews.com/dannig/common-player-arrow/img/ 		8 KB
8 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://123.selornews.com/dannig/common-player-arrow/img/icon3.png
Requested by
Host: 517s61.reminews.com
URL: https://517s61.reminews.com/dannig/common-player-arrow/index.html?var=1541502&ymid=2112031123fbd17386115e40beb777ada1ef&rc=1&mrc=0&fsc=0&zoneid=1601571&tburl=https://play-vids.com/?geo=nl&proxy=true
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
45.133.44.4 Philadelphia, United States, ASN39572 (ADVANCEDHOSTERS-AS, NL),
Reverse DNS
Software
nginx/1.18.0 /
Resource Hash

Request headers

Accept-Language
nl-NL,nl;q=0.9
Referer
https://517s61.reminews.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date
Fri, 03 Dec 2021 16:23:06 GMT
x-openstack-request-id
txe836bc800dc74cab8c17e-00617824f0
x-trans-id
txe836bc800dc74cab8c17e-00617824f0
x-timestamp
1621260770.61859
accept-ranges
bytes
expires
Sun, 05 Dec 2021 16:23:06 GMT
last-modified
Mon, 17 May 2021 14:12:51 GMT
server
nginx/1.18.0
etag
8f3cc830da0b1fdf66bda7d1d734747b
vary
Accept-Encoding
access-control-allow-methods
HEAD,GET,POST,PUT,PATCH,DELETE,OPTIONS
content-type
image/png
access-control-allow-origin
*
access-control-expose-headers
X-Container-Meta-Temp-Url-Key,X-Container-Bytes-Used,Last-Modified,X-Timestamp
cache-control
max-age=172800
content-length
7847
access-control-allow-headers
Content-Type,X-Requested-With,X-Auth-Token,X-Openstack-Request-Id,X-Container-Meta-type,X-Container-Meta-Temp-URL-Key,Authorization
x-proxy-cache
HIT
icon4.png
123.selornews.com/dannig/common-player-arrow/img/ 		7 KB
7 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://123.selornews.com/dannig/common-player-arrow/img/icon4.png
Requested by
Host: 517s61.reminews.com
URL: https://517s61.reminews.com/dannig/common-player-arrow/index.html?var=1541502&ymid=2112031123fbd17386115e40beb777ada1ef&rc=1&mrc=0&fsc=0&zoneid=1601571&tburl=https://play-vids.com/?geo=nl&proxy=true
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
45.133.44.4 Philadelphia, United States, ASN39572 (ADVANCEDHOSTERS-AS, NL),
Reverse DNS
Software
nginx/1.18.0 /
Resource Hash

Request headers

Accept-Language
nl-NL,nl;q=0.9
Referer
https://517s61.reminews.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date
Fri, 03 Dec 2021 16:23:06 GMT
x-openstack-request-id
tx15b172dcb6084849bf123-00617824f0
x-trans-id
tx15b172dcb6084849bf123-00617824f0
x-timestamp
1621260766.57654
accept-ranges
bytes
expires
Sun, 05 Dec 2021 16:23:06 GMT
last-modified
Mon, 17 May 2021 14:12:47 GMT
server
nginx/1.18.0
etag
7ad7f32c1c0df7b4975cc41bda4ac435
vary
Accept-Encoding
access-control-allow-methods
HEAD,GET,POST,PUT,PATCH,DELETE,OPTIONS
content-type
image/png
access-control-allow-origin
*
access-control-expose-headers
X-Container-Meta-Temp-Url-Key,X-Container-Bytes-Used,Last-Modified,X-Timestamp
cache-control
max-age=172800
content-length
7032
access-control-allow-headers
Content-Type,X-Requested-With,X-Auth-Token,X-Openstack-Request-Id,X-Container-Meta-type,X-Container-Meta-Temp-URL-Key,Authorization
x-proxy-cache
HIT
icon5.png
123.selornews.com/dannig/common-player-arrow/img/ 		3 KB
4 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://123.selornews.com/dannig/common-player-arrow/img/icon5.png
Requested by
Host: 517s61.reminews.com
URL: https://517s61.reminews.com/dannig/common-player-arrow/index.html?var=1541502&ymid=2112031123fbd17386115e40beb777ada1ef&rc=1&mrc=0&fsc=0&zoneid=1601571&tburl=https://play-vids.com/?geo=nl&proxy=true
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
45.133.44.4 Philadelphia, United States, ASN39572 (ADVANCEDHOSTERS-AS, NL),
Reverse DNS
Software
nginx/1.18.0 /
Resource Hash

Request headers

Accept-Language
nl-NL,nl;q=0.9
Referer
https://517s61.reminews.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date
Fri, 03 Dec 2021 16:23:06 GMT
x-openstack-request-id
txb5043e51fe2e4d6988631-00617824f0
x-trans-id
txb5043e51fe2e4d6988631-00617824f0
x-timestamp
1621260766.74516
accept-ranges
bytes
expires
Sun, 05 Dec 2021 16:23:06 GMT
last-modified
Mon, 17 May 2021 14:12:47 GMT
server
nginx/1.18.0
etag
1e1a7582b5da63e10485d63f97abc9a0
vary
Accept-Encoding
access-control-allow-methods
HEAD,GET,POST,PUT,PATCH,DELETE,OPTIONS
content-type
image/png
access-control-allow-origin
*
access-control-expose-headers
X-Container-Meta-Temp-Url-Key,X-Container-Bytes-Used,Last-Modified,X-Timestamp
cache-control
max-age=172800
content-length
3264
access-control-allow-headers
Content-Type,X-Requested-With,X-Auth-Token,X-Openstack-Request-Id,X-Container-Meta-type,X-Container-Meta-Temp-URL-Key,Authorization
x-proxy-cache
HIT
icon7.png
123.selornews.com/dannig/common-player-arrow/img/ 		3 KB
4 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://123.selornews.com/dannig/common-player-arrow/img/icon7.png
Requested by
Host: 517s61.reminews.com
URL: https://517s61.reminews.com/dannig/common-player-arrow/index.html?var=1541502&ymid=2112031123fbd17386115e40beb777ada1ef&rc=1&mrc=0&fsc=0&zoneid=1601571&tburl=https://play-vids.com/?geo=nl&proxy=true
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
45.133.44.4 Philadelphia, United States, ASN39572 (ADVANCEDHOSTERS-AS, NL),
Reverse DNS
Software
nginx/1.18.0 /
Resource Hash

Request headers

Accept-Language
nl-NL,nl;q=0.9
Referer
https://517s61.reminews.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date
Fri, 03 Dec 2021 16:23:06 GMT
x-openstack-request-id
tx23eb648f44094a9e86fdc-00617824f0
x-trans-id
tx23eb648f44094a9e86fdc-00617824f0
x-timestamp
1621260767.43555
accept-ranges
bytes
expires
Sun, 05 Dec 2021 16:23:06 GMT
last-modified
Mon, 17 May 2021 14:12:48 GMT
server
nginx/1.18.0
etag
b512735542cb07b3b2dcf153a7dfe456
vary
Accept-Encoding
access-control-allow-methods
HEAD,GET,POST,PUT,PATCH,DELETE,OPTIONS
content-type
image/png
access-control-allow-origin
*
access-control-expose-headers
X-Container-Meta-Temp-Url-Key,X-Container-Bytes-Used,Last-Modified,X-Timestamp
cache-control
max-age=172800
content-length
3283
access-control-allow-headers
Content-Type,X-Requested-With,X-Auth-Token,X-Openstack-Request-Id,X-Container-Meta-type,X-Container-Meta-Temp-URL-Key,Authorization
x-proxy-cache
HIT
icon8.png
123.selornews.com/dannig/common-player-arrow/img/ 		4 KB
5 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://123.selornews.com/dannig/common-player-arrow/img/icon8.png
Requested by
Host: 517s61.reminews.com
URL: https://517s61.reminews.com/dannig/common-player-arrow/index.html?var=1541502&ymid=2112031123fbd17386115e40beb777ada1ef&rc=1&mrc=0&fsc=0&zoneid=1601571&tburl=https://play-vids.com/?geo=nl&proxy=true
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
45.133.44.4 Philadelphia, United States, ASN39572 (ADVANCEDHOSTERS-AS, NL),
Reverse DNS
Software
nginx/1.18.0 /
Resource Hash

Request headers

Accept-Language
nl-NL,nl;q=0.9
Referer
https://517s61.reminews.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date
Fri, 03 Dec 2021 16:23:06 GMT
x-openstack-request-id
tx287de7c84de84b77b385d-00617824f0
x-trans-id
tx287de7c84de84b77b385d-00617824f0
x-timestamp
1621260767.46514
accept-ranges
bytes
expires
Sun, 05 Dec 2021 16:23:06 GMT
last-modified
Mon, 17 May 2021 14:12:48 GMT
server
nginx/1.18.0
etag
f92d6474ebc6a3a0b576749cfb4afe98
vary
Accept-Encoding
access-control-allow-methods
HEAD,GET,POST,PUT,PATCH,DELETE,OPTIONS
content-type
image/png
access-control-allow-origin
*
access-control-expose-headers
X-Container-Meta-Temp-Url-Key,X-Container-Bytes-Used,Last-Modified,X-Timestamp
cache-control
max-age=172800
content-length
4064
access-control-allow-headers
Content-Type,X-Requested-With,X-Auth-Token,X-Openstack-Request-Id,X-Container-Meta-type,X-Container-Meta-Temp-URL-Key,Authorization
x-proxy-cache
HIT
afu.php
kneeansweras.com/ 		2 KB
1 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://kneeansweras.com/afu.php?zoneid=1541501&var=1541502
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
109.206.162.83 , Netherlands, ASN50245 (SERVEREL-AS, NL),
Reverse DNS
83.162.serverel.net
Software
nginx /
Resource Hash
29900fdefd04c81a112b2ed7619ad82b3fdf41accf53ca40d4b0912333cfaa2b

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36
Accept-Language
nl-NL,nl;q=0.9

Response headers

server
nginx
date
Fri, 03 Dec 2021 16:23:06 GMT
content-type
text/html; charset=utf-8
vary
Accept-Encoding
content-encoding
gzip
timing-allow-origin
*
submit.min.js
kneeansweras.com/ 		34 KB
14 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://kneeansweras.com/submit.min.js?2.0
Requested by
Host: kneeansweras.com
URL: https://kneeansweras.com/afu.php?zoneid=1541501&var=1541502
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
109.206.162.83 , Netherlands, ASN50245 (SERVEREL-AS, NL),
Reverse DNS
83.162.serverel.net
Software
nginx /
Resource Hash
85a367f436675a0f9ff723ab117c68ab0f704cd9f183bc40c8d5e06d647832b8

Request headers

Accept-Language
nl-NL,nl;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date
Fri, 03 Dec 2021 16:23:06 GMT
content-encoding
gzip
last-modified
Thu, 02 Dec 2021 12:43:17 GMT
server
nginx
etag
W/"61a8bf65-87fb"
vary
Accept-Encoding
content-type
application/javascript
timing-allow-origin
*
/
kneeansweras.com/ 		3 KB
2 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://kneeansweras.com/?r=dir&zoneid=1541501&var=1541502&pb=8972fe0676f5560ae3c24b137e758cd91638555786&psp=T2us53jSN2cMiW0ED32HCy_vkr4fnW7MSOAxh6qVVhoVlSg1efvpNsLYBP7gy02oLSVTKVFisseMI3yLDaxBkuVWJ1wVqZiVzn5lJm2eZB8FSFfgs4blbXZBGe92xntceDDV2vMTSYnnTOeAvQnDlQ-24o_akZHGlf7_pt1PbrZIQbBluGDUICC-OfOx9MoK6PCskepEFUJRCO-2UJDhMxIh9IdjJidfCzDyaeURI8bmDTSiaPCjkb09YJLmx1zr21NFxvXsYk1l2lHNPzhxaTxmXNHFoyvIM-C9ilmZWAVn10R53xHeNe_hE5ow4u5Ffh9Am7S2J3IhPgVAZFlSdLAaNac8LV4qVd5d4_tKGDaZholGxqq34znFCoqNhFstXq66qodTq7PbOoVM8IoWa0oenwGiNo5ZEvM4dNS_HrBPHKiuE0G2qHui7Sx4f3GadActMwjXynunk8sISrQTDhd01PCzbiSbdr2U17q6WxrGF6R_1Xw_xkV5cC1oxjkdCb3sSGCSm66tCZtEjcW_SeymW-XuY2hQ7tcQmPHWFGrYtbmJ9J82gqgKyK-NYl11pYFYejkBct9T-QxxsgrKszF6VP_33yMGQpyLaHjcK7QFpT57-3M-LBr3G0M9dj6TYaIcRbrzpcjS5xpoic_t5sN03Gz3dgpe1rL8W98KgcKlTfXllQFzNg==&nojs=0&ix=0&t=0&x=1600&y=1200&wcks=1&wgl=1&cnvs=1&os=0&md=0&bb=0&pl=Chrome%20PDF%20Plugin::Chrome%20PDF%20Viewer::Native%20Client&lang=en-US&pf=Linux%20x86_64&cd=24&0&pload=102
Requested by
Host: kneeansweras.com
URL: https://kneeansweras.com/submit.min.js?2.0
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
109.206.162.83 , Netherlands, ASN50245 (SERVEREL-AS, NL),
Reverse DNS
83.162.serverel.net
Software
nginx /
Resource Hash
23281c74ef9ee680bb6b7b9d2fb78b46eae8a416f2e6471efbdec977bd7527b5

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36
Accept-Language
nl-NL,nl;q=0.9

Response headers

server
nginx
date
Fri, 03 Dec 2021 16:23:06 GMT
content-type
text/html; charset=utf-8
vary
Accept-Encoding
content-encoding
gzip
timing-allow-origin
*
index.html
517s61.reminews.com/dannig/common-player-arrow/ 		6 KB
7 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://517s61.reminews.com/dannig/common-player-arrow/index.html?var=1541501&ymid=2112031123e6f8bfeeb0e940fab0203b0279&rc=1&mrc=0&fsc=0&zoneid=1601571&tburl=https://play-vids.com/?geo=nl&proxy=true
Requested by
Host: kneeansweras.com
URL: https://kneeansweras.com/?r=dir&zoneid=1541501&var=1541502&pb=8972fe0676f5560ae3c24b137e758cd91638555786&psp=T2us53jSN2cMiW0ED32HCy_vkr4fnW7MSOAxh6qVVhoVlSg1efvpNsLYBP7gy02oLSVTKVFisseMI3yLDaxBkuVWJ1wVqZiVzn5lJm2eZB8FSFfgs4blbXZBGe92xntceDDV2vMTSYnnTOeAvQnDlQ-24o_akZHGlf7_pt1PbrZIQbBluGDUICC-OfOx9MoK6PCskepEFUJRCO-2UJDhMxIh9IdjJidfCzDyaeURI8bmDTSiaPCjkb09YJLmx1zr21NFxvXsYk1l2lHNPzhxaTxmXNHFoyvIM-C9ilmZWAVn10R53xHeNe_hE5ow4u5Ffh9Am7S2J3IhPgVAZFlSdLAaNac8LV4qVd5d4_tKGDaZholGxqq34znFCoqNhFstXq66qodTq7PbOoVM8IoWa0oenwGiNo5ZEvM4dNS_HrBPHKiuE0G2qHui7Sx4f3GadActMwjXynunk8sISrQTDhd01PCzbiSbdr2U17q6WxrGF6R_1Xw_xkV5cC1oxjkdCb3sSGCSm66tCZtEjcW_SeymW-XuY2hQ7tcQmPHWFGrYtbmJ9J82gqgKyK-NYl11pYFYejkBct9T-QxxsgrKszF6VP_33yMGQpyLaHjcK7QFpT57-3M-LBr3G0M9dj6TYaIcRbrzpcjS5xpoic_t5sN03Gz3dgpe1rL8W98KgcKlTfXllQFzNg==&nojs=0&ix=0&t=0&x=1600&y=1200&wcks=1&wgl=1&cnvs=1&os=0&md=0&bb=0&pl=Chrome%20PDF%20Plugin::Chrome%20PDF%20Viewer::Native%20Client&lang=en-US&pf=Linux%20x86_64&cd=24&0&pload=102
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
45.133.44.3 Philadelphia, United States, ASN39572 (ADVANCEDHOSTERS-AS, NL),
Reverse DNS
Software
nginx/1.18.0 /
Resource Hash
dccc56b4834577790633f041a5c730b0f283352e63c8509a9da3961b170b6f96

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36
Accept-Language
nl-NL,nl;q=0.9

Response headers

date
Fri, 03 Dec 2021 16:23:06 GMT
content-type
text/html; charset=utf-8
content-length
6611
server
nginx/1.18.0
last-modified
Tue, 26 Oct 2021 15:52:40 GMT
etag
f46a63e0e4e733d7ddc6f46da00863bf
x-timestamp
1635263559.76455
x-trans-id
txf9973ab5455e4f86ae257-00617824f3
x-openstack-request-id
txf9973ab5455e4f86ae257-00617824f3
cache-control
max-age=172800
access-control-allow-origin
*
access-control-allow-methods
HEAD,GET,POST,PUT,PATCH,DELETE,OPTIONS
access-control-allow-headers
Content-Type,X-Requested-With,X-Auth-Token,X-Openstack-Request-Id,X-Container-Meta-type,X-Container-Meta-Temp-URL-Key,Authorization
access-control-expose-headers
X-Container-Meta-Temp-Url-Key,X-Container-Bytes-Used,Last-Modified,X-Timestamp
expires
Sun, 05 Dec 2021 16:23:06 GMT
vary
Accept-Encoding
x-proxy-cache
HIT
accept-ranges
bytes
dupa.gif
kneeansweras.com/ 		0
0
script.js
123.selornews.com/dannig/common-player-arrow/ 		4 KB
5 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://123.selornews.com/dannig/common-player-arrow/script.js?a=19
Requested by
Host: 517s61.reminews.com
URL: https://517s61.reminews.com/dannig/common-player-arrow/index.html?var=1541501&ymid=2112031123e6f8bfeeb0e940fab0203b0279&rc=1&mrc=0&fsc=0&zoneid=1601571&tburl=https://play-vids.com/?geo=nl&proxy=true
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
45.133.44.4 Philadelphia, United States, ASN39572 (ADVANCEDHOSTERS-AS, NL),
Reverse DNS
Software
nginx/1.18.0 /
Resource Hash
4d23eca65ee87fd5bce9aaefc863c5f836ad13dbb3069c72533bddfe2054d0d9

Request headers

Accept-Language
nl-NL,nl;q=0.9
Referer
https://517s61.reminews.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date
Fri, 03 Dec 2021 16:23:06 GMT
x-openstack-request-id
tx511d3042704c4fa98c709-00617824f4
x-trans-id
tx511d3042704c4fa98c709-00617824f4
x-timestamp
1631013005.68768
accept-ranges
bytes
expires
Sun, 05 Dec 2021 16:23:06 GMT
last-modified
Tue, 07 Sep 2021 11:10:06 GMT
server
nginx/1.18.0
etag
9d479878f1dadd7ee15cebf73891e8ae
vary
Accept-Encoding
access-control-allow-methods
HEAD,GET,POST,PUT,PATCH,DELETE,OPTIONS
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
access-control-expose-headers
X-Container-Meta-Temp-Url-Key,X-Container-Bytes-Used,Last-Modified,X-Timestamp
cache-control
max-age=172800
content-length
4281
access-control-allow-headers
Content-Type,X-Requested-With,X-Auth-Token,X-Openstack-Request-Id,X-Container-Meta-type,X-Container-Meta-Temp-URL-Key,Authorization
x-proxy-cache
HIT
icon1.png
123.selornews.com/dannig/common-player-arrow/img/ 		7 KB
8 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://123.selornews.com/dannig/common-player-arrow/img/icon1.png
Requested by
Host: 517s61.reminews.com
URL: https://517s61.reminews.com/dannig/common-player-arrow/index.html?var=1541501&ymid=2112031123e6f8bfeeb0e940fab0203b0279&rc=1&mrc=0&fsc=0&zoneid=1601571&tburl=https://play-vids.com/?geo=nl&proxy=true
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
45.133.44.4 Philadelphia, United States, ASN39572 (ADVANCEDHOSTERS-AS, NL),
Reverse DNS
Software
nginx/1.18.0 /
Resource Hash

Request headers

Accept-Language
nl-NL,nl;q=0.9
Referer
https://517s61.reminews.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date
Fri, 03 Dec 2021 16:23:06 GMT
x-openstack-request-id
tx3a371b7f911d47879e956-00617824f4
x-trans-id
tx3a371b7f911d47879e956-00617824f4
x-timestamp
1621260766.56573
accept-ranges
bytes
expires
Sun, 05 Dec 2021 16:23:06 GMT
last-modified
Mon, 17 May 2021 14:12:47 GMT
server
nginx/1.18.0
etag
3d0ab5834c8bf7134e4d21fa3288317f
vary
Accept-Encoding
access-control-allow-methods
HEAD,GET,POST,PUT,PATCH,DELETE,OPTIONS
content-type
image/png
access-control-allow-origin
*
access-control-expose-headers
X-Container-Meta-Temp-Url-Key,X-Container-Bytes-Used,Last-Modified,X-Timestamp
cache-control
max-age=172800
content-length
7252
access-control-allow-headers
Content-Type,X-Requested-With,X-Auth-Token,X-Openstack-Request-Id,X-Container-Meta-type,X-Container-Meta-Temp-URL-Key,Authorization
x-proxy-cache
HIT
icon2.png
123.selornews.com/dannig/common-player-arrow/img/ 		4 KB
5 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://123.selornews.com/dannig/common-player-arrow/img/icon2.png
Requested by
Host: 517s61.reminews.com
URL: https://517s61.reminews.com/dannig/common-player-arrow/index.html?var=1541501&ymid=2112031123e6f8bfeeb0e940fab0203b0279&rc=1&mrc=0&fsc=0&zoneid=1601571&tburl=https://play-vids.com/?geo=nl&proxy=true
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
45.133.44.4 Philadelphia, United States, ASN39572 (ADVANCEDHOSTERS-AS, NL),
Reverse DNS
Software
nginx/1.18.0 /
Resource Hash

Request headers

Accept-Language
nl-NL,nl;q=0.9
Referer
https://517s61.reminews.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date
Fri, 03 Dec 2021 16:23:06 GMT
x-openstack-request-id
txa9b08c83d6884e2e94886-00617824f0
x-trans-id
txa9b08c83d6884e2e94886-00617824f0
x-timestamp
1621260766.58366
accept-ranges
bytes
expires
Sun, 05 Dec 2021 16:23:06 GMT
last-modified
Mon, 17 May 2021 14:12:47 GMT
server
nginx/1.18.0
etag
c947d439eb93367f1af5b2a3d222f057
vary
Accept-Encoding
access-control-allow-methods
HEAD,GET,POST,PUT,PATCH,DELETE,OPTIONS
content-type
image/png
access-control-allow-origin
*
access-control-expose-headers
X-Container-Meta-Temp-Url-Key,X-Container-Bytes-Used,Last-Modified,X-Timestamp
cache-control
max-age=172800
content-length
4576
access-control-allow-headers
Content-Type,X-Requested-With,X-Auth-Token,X-Openstack-Request-Id,X-Container-Meta-type,X-Container-Meta-Temp-URL-Key,Authorization
x-proxy-cache
HIT
icon3.png
123.selornews.com/dannig/common-player-arrow/img/ 		8 KB
8 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://123.selornews.com/dannig/common-player-arrow/img/icon3.png
Requested by
Host: 517s61.reminews.com
URL: https://517s61.reminews.com/dannig/common-player-arrow/index.html?var=1541501&ymid=2112031123e6f8bfeeb0e940fab0203b0279&rc=1&mrc=0&fsc=0&zoneid=1601571&tburl=https://play-vids.com/?geo=nl&proxy=true
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
45.133.44.4 Philadelphia, United States, ASN39572 (ADVANCEDHOSTERS-AS, NL),
Reverse DNS
Software
nginx/1.18.0 /
Resource Hash

Request headers

Accept-Language
nl-NL,nl;q=0.9
Referer
https://517s61.reminews.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date
Fri, 03 Dec 2021 16:23:06 GMT
x-openstack-request-id
txe836bc800dc74cab8c17e-00617824f0
x-trans-id
txe836bc800dc74cab8c17e-00617824f0
x-timestamp
1621260770.61859
accept-ranges
bytes
expires
Sun, 05 Dec 2021 16:23:06 GMT
last-modified
Mon, 17 May 2021 14:12:51 GMT
server
nginx/1.18.0
etag
8f3cc830da0b1fdf66bda7d1d734747b
vary
Accept-Encoding
access-control-allow-methods
HEAD,GET,POST,PUT,PATCH,DELETE,OPTIONS
content-type
image/png
access-control-allow-origin
*
access-control-expose-headers
X-Container-Meta-Temp-Url-Key,X-Container-Bytes-Used,Last-Modified,X-Timestamp
cache-control
max-age=172800
content-length
7847
access-control-allow-headers
Content-Type,X-Requested-With,X-Auth-Token,X-Openstack-Request-Id,X-Container-Meta-type,X-Container-Meta-Temp-URL-Key,Authorization
x-proxy-cache
HIT
icon4.png
123.selornews.com/dannig/common-player-arrow/img/ 		7 KB
7 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://123.selornews.com/dannig/common-player-arrow/img/icon4.png
Requested by
Host: 517s61.reminews.com
URL: https://517s61.reminews.com/dannig/common-player-arrow/index.html?var=1541501&ymid=2112031123e6f8bfeeb0e940fab0203b0279&rc=1&mrc=0&fsc=0&zoneid=1601571&tburl=https://play-vids.com/?geo=nl&proxy=true
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
45.133.44.4 Philadelphia, United States, ASN39572 (ADVANCEDHOSTERS-AS, NL),
Reverse DNS
Software
nginx/1.18.0 /
Resource Hash

Request headers

Accept-Language
nl-NL,nl;q=0.9
Referer
https://517s61.reminews.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date
Fri, 03 Dec 2021 16:23:06 GMT
x-openstack-request-id
tx15b172dcb6084849bf123-00617824f0
x-trans-id
tx15b172dcb6084849bf123-00617824f0
x-timestamp
1621260766.57654
accept-ranges
bytes
expires
Sun, 05 Dec 2021 16:23:06 GMT
last-modified
Mon, 17 May 2021 14:12:47 GMT
server
nginx/1.18.0
etag
7ad7f32c1c0df7b4975cc41bda4ac435
vary
Accept-Encoding
access-control-allow-methods
HEAD,GET,POST,PUT,PATCH,DELETE,OPTIONS
content-type
image/png
access-control-allow-origin
*
access-control-expose-headers
X-Container-Meta-Temp-Url-Key,X-Container-Bytes-Used,Last-Modified,X-Timestamp
cache-control
max-age=172800
content-length
7032
access-control-allow-headers
Content-Type,X-Requested-With,X-Auth-Token,X-Openstack-Request-Id,X-Container-Meta-type,X-Container-Meta-Temp-URL-Key,Authorization
x-proxy-cache
HIT
icon5.png
123.selornews.com/dannig/common-player-arrow/img/ 		3 KB
4 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://123.selornews.com/dannig/common-player-arrow/img/icon5.png
Requested by
Host: 517s61.reminews.com
URL: https://517s61.reminews.com/dannig/common-player-arrow/index.html?var=1541501&ymid=2112031123e6f8bfeeb0e940fab0203b0279&rc=1&mrc=0&fsc=0&zoneid=1601571&tburl=https://play-vids.com/?geo=nl&proxy=true
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
45.133.44.4 Philadelphia, United States, ASN39572 (ADVANCEDHOSTERS-AS, NL),
Reverse DNS
Software
nginx/1.18.0 /
Resource Hash

Request headers

Accept-Language
nl-NL,nl;q=0.9
Referer
https://517s61.reminews.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date
Fri, 03 Dec 2021 16:23:06 GMT
x-openstack-request-id
txb5043e51fe2e4d6988631-00617824f0
x-trans-id
txb5043e51fe2e4d6988631-00617824f0
x-timestamp
1621260766.74516
accept-ranges
bytes
expires
Sun, 05 Dec 2021 16:23:06 GMT
last-modified
Mon, 17 May 2021 14:12:47 GMT
server
nginx/1.18.0
etag
1e1a7582b5da63e10485d63f97abc9a0
vary
Accept-Encoding
access-control-allow-methods
HEAD,GET,POST,PUT,PATCH,DELETE,OPTIONS
content-type
image/png
access-control-allow-origin
*
access-control-expose-headers
X-Container-Meta-Temp-Url-Key,X-Container-Bytes-Used,Last-Modified,X-Timestamp
cache-control
max-age=172800
content-length
3264
access-control-allow-headers
Content-Type,X-Requested-With,X-Auth-Token,X-Openstack-Request-Id,X-Container-Meta-type,X-Container-Meta-Temp-URL-Key,Authorization
x-proxy-cache
HIT
icon7.png
123.selornews.com/dannig/common-player-arrow/img/ 		3 KB
4 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://123.selornews.com/dannig/common-player-arrow/img/icon7.png
Requested by
Host: 517s61.reminews.com
URL: https://517s61.reminews.com/dannig/common-player-arrow/index.html?var=1541501&ymid=2112031123e6f8bfeeb0e940fab0203b0279&rc=1&mrc=0&fsc=0&zoneid=1601571&tburl=https://play-vids.com/?geo=nl&proxy=true
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
45.133.44.4 Philadelphia, United States, ASN39572 (ADVANCEDHOSTERS-AS, NL),
Reverse DNS
Software
nginx/1.18.0 /
Resource Hash

Request headers

Accept-Language
nl-NL,nl;q=0.9
Referer
https://517s61.reminews.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date
Fri, 03 Dec 2021 16:23:06 GMT
x-openstack-request-id
tx23eb648f44094a9e86fdc-00617824f0
x-trans-id
tx23eb648f44094a9e86fdc-00617824f0
x-timestamp
1621260767.43555
accept-ranges
bytes
expires
Sun, 05 Dec 2021 16:23:06 GMT
last-modified
Mon, 17 May 2021 14:12:48 GMT
server
nginx/1.18.0
etag
b512735542cb07b3b2dcf153a7dfe456
vary
Accept-Encoding
access-control-allow-methods
HEAD,GET,POST,PUT,PATCH,DELETE,OPTIONS
content-type
image/png
access-control-allow-origin
*
access-control-expose-headers
X-Container-Meta-Temp-Url-Key,X-Container-Bytes-Used,Last-Modified,X-Timestamp
cache-control
max-age=172800
content-length
3283
access-control-allow-headers
Content-Type,X-Requested-With,X-Auth-Token,X-Openstack-Request-Id,X-Container-Meta-type,X-Container-Meta-Temp-URL-Key,Authorization
x-proxy-cache
HIT
icon8.png
123.selornews.com/dannig/common-player-arrow/img/ 		4 KB
5 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://123.selornews.com/dannig/common-player-arrow/img/icon8.png
Requested by
Host: 517s61.reminews.com
URL: https://517s61.reminews.com/dannig/common-player-arrow/index.html?var=1541501&ymid=2112031123e6f8bfeeb0e940fab0203b0279&rc=1&mrc=0&fsc=0&zoneid=1601571&tburl=https://play-vids.com/?geo=nl&proxy=true
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
45.133.44.4 Philadelphia, United States, ASN39572 (ADVANCEDHOSTERS-AS, NL),
Reverse DNS
Software
nginx/1.18.0 /
Resource Hash

Request headers

Accept-Language
nl-NL,nl;q=0.9
Referer
https://517s61.reminews.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date
Fri, 03 Dec 2021 16:23:06 GMT
x-openstack-request-id
tx287de7c84de84b77b385d-00617824f0
x-trans-id
tx287de7c84de84b77b385d-00617824f0
x-timestamp
1621260767.46514
accept-ranges
bytes
expires
Sun, 05 Dec 2021 16:23:06 GMT
last-modified
Mon, 17 May 2021 14:12:48 GMT
server
nginx/1.18.0
etag
f92d6474ebc6a3a0b576749cfb4afe98
vary
Accept-Encoding
access-control-allow-methods
HEAD,GET,POST,PUT,PATCH,DELETE,OPTIONS
content-type
image/png
access-control-allow-origin
*
access-control-expose-headers
X-Container-Meta-Temp-Url-Key,X-Container-Bytes-Used,Last-Modified,X-Timestamp
cache-control
max-age=172800
content-length
4064
access-control-allow-headers
Content-Type,X-Requested-With,X-Auth-Token,X-Openstack-Request-Id,X-Container-Meta-type,X-Container-Meta-Temp-URL-Key,Authorization
x-proxy-cache
HIT
afu.php
kneeansweras.com/ 		2 KB
1 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://kneeansweras.com/afu.php?zoneid=1541502&var=1541501
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
109.206.162.83 , Netherlands, ASN50245 (SERVEREL-AS, NL),
Reverse DNS
83.162.serverel.net
Software
nginx /
Resource Hash
75e1bf6a6c35756b30996f58d8b5cff9f6ba81b0dbc28cf7126b61496d99a270

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36
Accept-Language
nl-NL,nl;q=0.9

Response headers

server
nginx
date
Fri, 03 Dec 2021 16:23:06 GMT
content-type
text/html; charset=utf-8
vary
Accept-Encoding
content-encoding
gzip
timing-allow-origin
*
submit.min.js
kneeansweras.com/ 		34 KB
14 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://kneeansweras.com/submit.min.js?2.0
Requested by
Host: kneeansweras.com
URL: https://kneeansweras.com/afu.php?zoneid=1541502&var=1541501
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
109.206.162.83 , Netherlands, ASN50245 (SERVEREL-AS, NL),
Reverse DNS
83.162.serverel.net
Software
nginx /
Resource Hash
85a367f436675a0f9ff723ab117c68ab0f704cd9f183bc40c8d5e06d647832b8

Request headers

Accept-Language
nl-NL,nl;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date
Fri, 03 Dec 2021 16:23:06 GMT
content-encoding
gzip
last-modified
Thu, 02 Dec 2021 12:43:17 GMT
server
nginx
etag
W/"61a8bf65-87fb"
vary
Accept-Encoding
content-type
application/javascript
timing-allow-origin
*
/
kneeansweras.com/ 		3 KB
2 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://kneeansweras.com/?r=dir&zoneid=1541502&var=1541501&pb=8972fe0676f5560ae3c24b137e758cd91638555786&psp=9ui9DZxdO1DeIF8xO9YiBL3gLGVoz6J-PpgRVtDKEjQOOgKYMOea6LeS9dzejivGlyOockcaTnep6PgxGJT-oKTcFN9asOaZ19Q7e7qiLXa3Ktg4_G8cc0MjqesWm717Y2yC28P51DQo0qp9FpB91Ajmid5ZhD8WJ5IYjngU9J4QqwcmHxQ637jBHKHDnKEcg1Rdu8cx23UnXhgGqCn2pgqM1sBW_eUcpjsin9i9gjg2Q8gSdO1o-TGDZts7QHF6Uze5aT1lKpEcq5kSAI5uURXwsGZMqOVy32ZnpLcDuQcrCIEAu14-aV7lbsy9UBdjN4T68iB1BI1sQLK9WUY8v10kGV46lqFO2ESEUgE3JuFx8rup70FNYIMCUIZ1oSteNVfy7K3Ds_p2gRBRdRGVsijnVTXQ2_uvOL69isKgGAHblZ4OelbGwBANi9J88ZhkIucUHbPMBsMsueKOZSMZn1s0ulOebyRN_X8y-AmGVI9j4vae6Pze2nAK64WYJ7j1kzYGfscEKshUmDu3Sj6nsiyQfzNPONGE9Fh8YU2aWdVq9Z6LILhsESCyYVAsARvzY4Sl8jopSnDzG2nxUCxBYDShLshpWukx8-3HM49IBhb67nHkn-n_3gTFcprXYJoOC7ZZAEfG2QTBAWHeTDWsI__dIoRX_t9UJhAfPWYGr2ZXZHEqBa6MQA==&nojs=0&ix=0&t=0&x=1600&y=1200&wcks=1&wgl=1&cnvs=1&os=0&md=0&bb=0&pl=Chrome%20PDF%20Plugin::Chrome%20PDF%20Viewer::Native%20Client&lang=en-US&pf=Linux%20x86_64&cd=24&0&pload=105
Requested by
Host: kneeansweras.com
URL: https://kneeansweras.com/submit.min.js?2.0
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
109.206.162.83 , Netherlands, ASN50245 (SERVEREL-AS, NL),
Reverse DNS
83.162.serverel.net
Software
nginx /
Resource Hash
5acd67c3a766188c22c6ad42948285d6044910cdaf50e8cb9a4b9a0572555610

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36
Accept-Language
nl-NL,nl;q=0.9

Response headers

server
nginx
date
Fri, 03 Dec 2021 16:23:06 GMT
content-type
text/html; charset=utf-8
vary
Accept-Encoding
content-encoding
gzip
timing-allow-origin
*
index.html
517s61.reminews.com/dannig/common-player-arrow/ 		6 KB
7 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://517s61.reminews.com/dannig/common-player-arrow/index.html?var=1541502&ymid=2112031123cac9cfc2d81a4cf3b33894f95c&rc=1&mrc=0&fsc=0&zoneid=1601571&tburl=https://play-vids.com/?geo=nl&proxy=true
Requested by
Host: kneeansweras.com
URL: https://kneeansweras.com/?r=dir&zoneid=1541502&var=1541501&pb=8972fe0676f5560ae3c24b137e758cd91638555786&psp=9ui9DZxdO1DeIF8xO9YiBL3gLGVoz6J-PpgRVtDKEjQOOgKYMOea6LeS9dzejivGlyOockcaTnep6PgxGJT-oKTcFN9asOaZ19Q7e7qiLXa3Ktg4_G8cc0MjqesWm717Y2yC28P51DQo0qp9FpB91Ajmid5ZhD8WJ5IYjngU9J4QqwcmHxQ637jBHKHDnKEcg1Rdu8cx23UnXhgGqCn2pgqM1sBW_eUcpjsin9i9gjg2Q8gSdO1o-TGDZts7QHF6Uze5aT1lKpEcq5kSAI5uURXwsGZMqOVy32ZnpLcDuQcrCIEAu14-aV7lbsy9UBdjN4T68iB1BI1sQLK9WUY8v10kGV46lqFO2ESEUgE3JuFx8rup70FNYIMCUIZ1oSteNVfy7K3Ds_p2gRBRdRGVsijnVTXQ2_uvOL69isKgGAHblZ4OelbGwBANi9J88ZhkIucUHbPMBsMsueKOZSMZn1s0ulOebyRN_X8y-AmGVI9j4vae6Pze2nAK64WYJ7j1kzYGfscEKshUmDu3Sj6nsiyQfzNPONGE9Fh8YU2aWdVq9Z6LILhsESCyYVAsARvzY4Sl8jopSnDzG2nxUCxBYDShLshpWukx8-3HM49IBhb67nHkn-n_3gTFcprXYJoOC7ZZAEfG2QTBAWHeTDWsI__dIoRX_t9UJhAfPWYGr2ZXZHEqBa6MQA==&nojs=0&ix=0&t=0&x=1600&y=1200&wcks=1&wgl=1&cnvs=1&os=0&md=0&bb=0&pl=Chrome%20PDF%20Plugin::Chrome%20PDF%20Viewer::Native%20Client&lang=en-US&pf=Linux%20x86_64&cd=24&0&pload=105
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
45.133.44.3 Philadelphia, United States, ASN39572 (ADVANCEDHOSTERS-AS, NL),
Reverse DNS
Software
nginx/1.18.0 /
Resource Hash
dccc56b4834577790633f041a5c730b0f283352e63c8509a9da3961b170b6f96

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36
Accept-Language
nl-NL,nl;q=0.9

Response headers

date
Fri, 03 Dec 2021 16:23:06 GMT
content-type
text/html; charset=utf-8
content-length
6611
server
nginx/1.18.0
last-modified
Tue, 26 Oct 2021 15:52:40 GMT
etag
f46a63e0e4e733d7ddc6f46da00863bf
x-timestamp
1635263559.76455
x-trans-id
txf9973ab5455e4f86ae257-00617824f3
x-openstack-request-id
txf9973ab5455e4f86ae257-00617824f3
cache-control
max-age=172800
access-control-allow-origin
*
access-control-allow-methods
HEAD,GET,POST,PUT,PATCH,DELETE,OPTIONS
access-control-allow-headers
Content-Type,X-Requested-With,X-Auth-Token,X-Openstack-Request-Id,X-Container-Meta-type,X-Container-Meta-Temp-URL-Key,Authorization
access-control-expose-headers
X-Container-Meta-Temp-Url-Key,X-Container-Bytes-Used,Last-Modified,X-Timestamp
expires
Sun, 05 Dec 2021 16:23:06 GMT
vary
Accept-Encoding
x-proxy-cache
HIT
accept-ranges
bytes
dupa.gif
kneeansweras.com/ 		0
0
script.js
123.selornews.com/dannig/common-player-arrow/ 		4 KB
5 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://123.selornews.com/dannig/common-player-arrow/script.js?a=19
Requested by
Host: 517s61.reminews.com
URL: https://517s61.reminews.com/dannig/common-player-arrow/index.html?var=1541502&ymid=2112031123cac9cfc2d81a4cf3b33894f95c&rc=1&mrc=0&fsc=0&zoneid=1601571&tburl=https://play-vids.com/?geo=nl&proxy=true
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
45.133.44.4 Philadelphia, United States, ASN39572 (ADVANCEDHOSTERS-AS, NL),
Reverse DNS
Software
nginx/1.18.0 /
Resource Hash
4d23eca65ee87fd5bce9aaefc863c5f836ad13dbb3069c72533bddfe2054d0d9

Request headers

Accept-Language
nl-NL,nl;q=0.9
Referer
https://517s61.reminews.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date
Fri, 03 Dec 2021 16:23:06 GMT
x-openstack-request-id
tx511d3042704c4fa98c709-00617824f4
x-trans-id
tx511d3042704c4fa98c709-00617824f4
x-timestamp
1631013005.68768
accept-ranges
bytes
expires
Sun, 05 Dec 2021 16:23:06 GMT
last-modified
Tue, 07 Sep 2021 11:10:06 GMT
server
nginx/1.18.0
etag
9d479878f1dadd7ee15cebf73891e8ae
vary
Accept-Encoding
access-control-allow-methods
HEAD,GET,POST,PUT,PATCH,DELETE,OPTIONS
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
access-control-expose-headers
X-Container-Meta-Temp-Url-Key,X-Container-Bytes-Used,Last-Modified,X-Timestamp
cache-control
max-age=172800
content-length
4281
access-control-allow-headers
Content-Type,X-Requested-With,X-Auth-Token,X-Openstack-Request-Id,X-Container-Meta-type,X-Container-Meta-Temp-URL-Key,Authorization
x-proxy-cache
HIT
icon1.png
123.selornews.com/dannig/common-player-arrow/img/ 		7 KB
8 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://123.selornews.com/dannig/common-player-arrow/img/icon1.png
Requested by
Host: 517s61.reminews.com
URL: https://517s61.reminews.com/dannig/common-player-arrow/index.html?var=1541502&ymid=2112031123cac9cfc2d81a4cf3b33894f95c&rc=1&mrc=0&fsc=0&zoneid=1601571&tburl=https://play-vids.com/?geo=nl&proxy=true
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
45.133.44.4 Philadelphia, United States, ASN39572 (ADVANCEDHOSTERS-AS, NL),
Reverse DNS
Software
nginx/1.18.0 /
Resource Hash

Request headers

Accept-Language
nl-NL,nl;q=0.9
Referer
https://517s61.reminews.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date
Fri, 03 Dec 2021 16:23:06 GMT
x-openstack-request-id
tx3a371b7f911d47879e956-00617824f4
x-trans-id
tx3a371b7f911d47879e956-00617824f4
x-timestamp
1621260766.56573
accept-ranges
bytes
expires
Sun, 05 Dec 2021 16:23:06 GMT
last-modified
Mon, 17 May 2021 14:12:47 GMT
server
nginx/1.18.0
etag
3d0ab5834c8bf7134e4d21fa3288317f
vary
Accept-Encoding
access-control-allow-methods
HEAD,GET,POST,PUT,PATCH,DELETE,OPTIONS
content-type
image/png
access-control-allow-origin
*
access-control-expose-headers
X-Container-Meta-Temp-Url-Key,X-Container-Bytes-Used,Last-Modified,X-Timestamp
cache-control
max-age=172800
content-length
7252
access-control-allow-headers
Content-Type,X-Requested-With,X-Auth-Token,X-Openstack-Request-Id,X-Container-Meta-type,X-Container-Meta-Temp-URL-Key,Authorization
x-proxy-cache
HIT
icon2.png
123.selornews.com/dannig/common-player-arrow/img/ 		4 KB
5 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://123.selornews.com/dannig/common-player-arrow/img/icon2.png
Requested by
Host: 517s61.reminews.com
URL: https://517s61.reminews.com/dannig/common-player-arrow/index.html?var=1541502&ymid=2112031123cac9cfc2d81a4cf3b33894f95c&rc=1&mrc=0&fsc=0&zoneid=1601571&tburl=https://play-vids.com/?geo=nl&proxy=true
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
45.133.44.4 Philadelphia, United States, ASN39572 (ADVANCEDHOSTERS-AS, NL),
Reverse DNS
Software
nginx/1.18.0 /
Resource Hash

Request headers

Accept-Language
nl-NL,nl;q=0.9
Referer
https://517s61.reminews.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date
Fri, 03 Dec 2021 16:23:06 GMT
x-openstack-request-id
txa9b08c83d6884e2e94886-00617824f0
x-trans-id
txa9b08c83d6884e2e94886-00617824f0
x-timestamp
1621260766.58366
accept-ranges
bytes
expires
Sun, 05 Dec 2021 16:23:06 GMT
last-modified
Mon, 17 May 2021 14:12:47 GMT
server
nginx/1.18.0
etag
c947d439eb93367f1af5b2a3d222f057
vary
Accept-Encoding
access-control-allow-methods
HEAD,GET,POST,PUT,PATCH,DELETE,OPTIONS
content-type
image/png
access-control-allow-origin
*
access-control-expose-headers
X-Container-Meta-Temp-Url-Key,X-Container-Bytes-Used,Last-Modified,X-Timestamp
cache-control
max-age=172800
content-length
4576
access-control-allow-headers
Content-Type,X-Requested-With,X-Auth-Token,X-Openstack-Request-Id,X-Container-Meta-type,X-Container-Meta-Temp-URL-Key,Authorization
x-proxy-cache
HIT
icon3.png
123.selornews.com/dannig/common-player-arrow/img/ 		8 KB
8 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://123.selornews.com/dannig/common-player-arrow/img/icon3.png
Requested by
Host: 517s61.reminews.com
URL: https://517s61.reminews.com/dannig/common-player-arrow/index.html?var=1541502&ymid=2112031123cac9cfc2d81a4cf3b33894f95c&rc=1&mrc=0&fsc=0&zoneid=1601571&tburl=https://play-vids.com/?geo=nl&proxy=true
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
45.133.44.4 Philadelphia, United States, ASN39572 (ADVANCEDHOSTERS-AS, NL),
Reverse DNS
Software
nginx/1.18.0 /
Resource Hash

Request headers

Accept-Language
nl-NL,nl;q=0.9
Referer
https://517s61.reminews.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date
Fri, 03 Dec 2021 16:23:06 GMT
x-openstack-request-id
txe836bc800dc74cab8c17e-00617824f0
x-trans-id
txe836bc800dc74cab8c17e-00617824f0
x-timestamp
1621260770.61859
accept-ranges
bytes
expires
Sun, 05 Dec 2021 16:23:06 GMT
last-modified
Mon, 17 May 2021 14:12:51 GMT
server
nginx/1.18.0
etag
8f3cc830da0b1fdf66bda7d1d734747b
vary
Accept-Encoding
access-control-allow-methods
HEAD,GET,POST,PUT,PATCH,DELETE,OPTIONS
content-type
image/png
access-control-allow-origin
*
access-control-expose-headers
X-Container-Meta-Temp-Url-Key,X-Container-Bytes-Used,Last-Modified,X-Timestamp
cache-control
max-age=172800
content-length
7847
access-control-allow-headers
Content-Type,X-Requested-With,X-Auth-Token,X-Openstack-Request-Id,X-Container-Meta-type,X-Container-Meta-Temp-URL-Key,Authorization
x-proxy-cache
HIT
icon4.png
123.selornews.com/dannig/common-player-arrow/img/ 		7 KB
7 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://123.selornews.com/dannig/common-player-arrow/img/icon4.png
Requested by
Host: 517s61.reminews.com
URL: https://517s61.reminews.com/dannig/common-player-arrow/index.html?var=1541502&ymid=2112031123cac9cfc2d81a4cf3b33894f95c&rc=1&mrc=0&fsc=0&zoneid=1601571&tburl=https://play-vids.com/?geo=nl&proxy=true
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
45.133.44.4 Philadelphia, United States, ASN39572 (ADVANCEDHOSTERS-AS, NL),
Reverse DNS
Software
nginx/1.18.0 /
Resource Hash

Request headers

Accept-Language
nl-NL,nl;q=0.9
Referer
https://517s61.reminews.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date
Fri, 03 Dec 2021 16:23:06 GMT
x-openstack-request-id
tx15b172dcb6084849bf123-00617824f0
x-trans-id
tx15b172dcb6084849bf123-00617824f0
x-timestamp
1621260766.57654
accept-ranges
bytes
expires
Sun, 05 Dec 2021 16:23:06 GMT
last-modified
Mon, 17 May 2021 14:12:47 GMT
server
nginx/1.18.0
etag
7ad7f32c1c0df7b4975cc41bda4ac435
vary
Accept-Encoding
access-control-allow-methods
HEAD,GET,POST,PUT,PATCH,DELETE,OPTIONS
content-type
image/png
access-control-allow-origin
*
access-control-expose-headers
X-Container-Meta-Temp-Url-Key,X-Container-Bytes-Used,Last-Modified,X-Timestamp
cache-control
max-age=172800
content-length
7032
access-control-allow-headers
Content-Type,X-Requested-With,X-Auth-Token,X-Openstack-Request-Id,X-Container-Meta-type,X-Container-Meta-Temp-URL-Key,Authorization
x-proxy-cache
HIT
icon5.png
123.selornews.com/dannig/common-player-arrow/img/ 		3 KB
4 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://123.selornews.com/dannig/common-player-arrow/img/icon5.png
Requested by
Host: 517s61.reminews.com
URL: https://517s61.reminews.com/dannig/common-player-arrow/index.html?var=1541502&ymid=2112031123cac9cfc2d81a4cf3b33894f95c&rc=1&mrc=0&fsc=0&zoneid=1601571&tburl=https://play-vids.com/?geo=nl&proxy=true
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
45.133.44.4 Philadelphia, United States, ASN39572 (ADVANCEDHOSTERS-AS, NL),
Reverse DNS
Software
nginx/1.18.0 /
Resource Hash

Request headers

Accept-Language
nl-NL,nl;q=0.9
Referer
https://517s61.reminews.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date
Fri, 03 Dec 2021 16:23:06 GMT
x-openstack-request-id
txb5043e51fe2e4d6988631-00617824f0
x-trans-id
txb5043e51fe2e4d6988631-00617824f0
x-timestamp
1621260766.74516
accept-ranges
bytes
expires
Sun, 05 Dec 2021 16:23:06 GMT
last-modified
Mon, 17 May 2021 14:12:47 GMT
server
nginx/1.18.0
etag
1e1a7582b5da63e10485d63f97abc9a0
vary
Accept-Encoding
access-control-allow-methods
HEAD,GET,POST,PUT,PATCH,DELETE,OPTIONS
content-type
image/png
access-control-allow-origin
*
access-control-expose-headers
X-Container-Meta-Temp-Url-Key,X-Container-Bytes-Used,Last-Modified,X-Timestamp
cache-control
max-age=172800
content-length
3264
access-control-allow-headers
Content-Type,X-Requested-With,X-Auth-Token,X-Openstack-Request-Id,X-Container-Meta-type,X-Container-Meta-Temp-URL-Key,Authorization
x-proxy-cache
HIT
icon7.png
123.selornews.com/dannig/common-player-arrow/img/ 		3 KB
4 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://123.selornews.com/dannig/common-player-arrow/img/icon7.png
Requested by
Host: 517s61.reminews.com
URL: https://517s61.reminews.com/dannig/common-player-arrow/index.html?var=1541502&ymid=2112031123cac9cfc2d81a4cf3b33894f95c&rc=1&mrc=0&fsc=0&zoneid=1601571&tburl=https://play-vids.com/?geo=nl&proxy=true
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
45.133.44.4 Philadelphia, United States, ASN39572 (ADVANCEDHOSTERS-AS, NL),
Reverse DNS
Software
nginx/1.18.0 /
Resource Hash

Request headers

Accept-Language
nl-NL,nl;q=0.9
Referer
https://517s61.reminews.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date
Fri, 03 Dec 2021 16:23:06 GMT
x-openstack-request-id
tx23eb648f44094a9e86fdc-00617824f0
x-trans-id
tx23eb648f44094a9e86fdc-00617824f0
x-timestamp
1621260767.43555
accept-ranges
bytes
expires
Sun, 05 Dec 2021 16:23:06 GMT
last-modified
Mon, 17 May 2021 14:12:48 GMT
server
nginx/1.18.0
etag
b512735542cb07b3b2dcf153a7dfe456
vary
Accept-Encoding
access-control-allow-methods
HEAD,GET,POST,PUT,PATCH,DELETE,OPTIONS
content-type
image/png
access-control-allow-origin
*
access-control-expose-headers
X-Container-Meta-Temp-Url-Key,X-Container-Bytes-Used,Last-Modified,X-Timestamp
cache-control
max-age=172800
content-length
3283
access-control-allow-headers
Content-Type,X-Requested-With,X-Auth-Token,X-Openstack-Request-Id,X-Container-Meta-type,X-Container-Meta-Temp-URL-Key,Authorization
x-proxy-cache
HIT
icon8.png
123.selornews.com/dannig/common-player-arrow/img/ 		4 KB
5 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://123.selornews.com/dannig/common-player-arrow/img/icon8.png
Requested by
Host: 517s61.reminews.com
URL: https://517s61.reminews.com/dannig/common-player-arrow/index.html?var=1541502&ymid=2112031123cac9cfc2d81a4cf3b33894f95c&rc=1&mrc=0&fsc=0&zoneid=1601571&tburl=https://play-vids.com/?geo=nl&proxy=true
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
45.133.44.4 Philadelphia, United States, ASN39572 (ADVANCEDHOSTERS-AS, NL),
Reverse DNS
Software
nginx/1.18.0 /
Resource Hash

Request headers

Accept-Language
nl-NL,nl;q=0.9
Referer
https://517s61.reminews.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date
Fri, 03 Dec 2021 16:23:06 GMT
x-openstack-request-id
tx287de7c84de84b77b385d-00617824f0
x-trans-id
tx287de7c84de84b77b385d-00617824f0
x-timestamp
1621260767.46514
accept-ranges
bytes
expires
Sun, 05 Dec 2021 16:23:06 GMT
last-modified
Mon, 17 May 2021 14:12:48 GMT
server
nginx/1.18.0
etag
f92d6474ebc6a3a0b576749cfb4afe98
vary
Accept-Encoding
access-control-allow-methods
HEAD,GET,POST,PUT,PATCH,DELETE,OPTIONS
content-type
image/png
access-control-allow-origin
*
access-control-expose-headers
X-Container-Meta-Temp-Url-Key,X-Container-Bytes-Used,Last-Modified,X-Timestamp
cache-control
max-age=172800
content-length
4064
access-control-allow-headers
Content-Type,X-Requested-With,X-Auth-Token,X-Openstack-Request-Id,X-Container-Meta-type,X-Container-Meta-Temp-URL-Key,Authorization
x-proxy-cache
HIT
afu.php
kneeansweras.com/ 		2 KB
1 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://kneeansweras.com/afu.php?zoneid=1541501&var=1541502
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
109.206.162.83 , Netherlands, ASN50245 (SERVEREL-AS, NL),
Reverse DNS
83.162.serverel.net
Software
nginx /
Resource Hash
faf7a3ed3fc9a334d8817cb6a3de470d5aea2e0546cf0d822e95a201dbfd728e

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36
Accept-Language
nl-NL,nl;q=0.9

Response headers

server
nginx
date
Fri, 03 Dec 2021 16:23:06 GMT
content-type
text/html; charset=utf-8
vary
Accept-Encoding
content-encoding
gzip
timing-allow-origin
*
submit.min.js
kneeansweras.com/ 		34 KB
14 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://kneeansweras.com/submit.min.js?2.0
Requested by
Host: kneeansweras.com
URL: https://kneeansweras.com/afu.php?zoneid=1541501&var=1541502
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
109.206.162.83 , Netherlands, ASN50245 (SERVEREL-AS, NL),
Reverse DNS
83.162.serverel.net
Software
nginx /
Resource Hash
85a367f436675a0f9ff723ab117c68ab0f704cd9f183bc40c8d5e06d647832b8

Request headers

Accept-Language
nl-NL,nl;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date
Fri, 03 Dec 2021 16:23:06 GMT
content-encoding
gzip
last-modified
Thu, 02 Dec 2021 12:43:17 GMT
server
nginx
etag
W/"61a8bf65-87fb"
vary
Accept-Encoding
content-type
application/javascript
timing-allow-origin
*
/
kneeansweras.com/ 		3 KB
2 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://kneeansweras.com/?r=dir&zoneid=1541501&var=1541502&pb=8972fe0676f5560ae3c24b137e758cd91638555786&psp=3o17rcs7YKKHqDPSOczDSP1_hWdm3e8vIq98Kt2c9YMfoxsXnLnQAIAZRTbtcoVczMyci-MUG2euU0NrLwawpIL8VhotGWfYCTrTleiWfX7LkZd9NzUMMCIfIEIg-c9dDLKa5yGoKjIzTOyBBu1GNd2K4yN5PhXPDF9F68mFkGD97kLIxHz-Tcm1G5EXzbBBpS6H_ttyGCKZml5wpvqHvsK0lhMdknLOmfJdgz0O-SXkl3QboVLBCK3eYXlpKN-YZkaXg3XVwr1kaHm1ipUaZKKxPbZ3J8BbQ7IZmmuhcPV7QTLnM-EGSG275Hjc2nKtGo_-mYBwbNlZRXSOeCnSIY92VMMCB6_Og0J665ME2SOEZ0qTOekTXEvp9HwEsqWtVApPe3TpgcTR-DwExv1Ezf1iEY1gj1MSGbvx1pE0eqcExWI8n9fx2d5cnspJeHlSTapIbLvL-uJhb_h3yI9FO2_RHyaCWI1wlruI_wuNWue0HiLqybw9keyRX8BQUHvwFGw-ogFWln2CBSa6tWvg7nuy1IKObmzezfAA2tbRb6KnU_LjmxsrGhl2kYj_nybjxeGek3m1uuSd3k3EN3aVNwovDwBa1XvajXcE-Yhu4PrAnYmn95MbiT9Oxrc_4Fk0yXlQebd0cvuJyJHfddIL2u0CSwuWN4nj-iwJ73dbBPWpAIBTpf8OcQ==&nojs=0&ix=0&t=0&x=1600&y=1200&wcks=1&wgl=1&cnvs=1&os=0&md=0&bb=0&pl=Chrome%20PDF%20Plugin::Chrome%20PDF%20Viewer::Native%20Client&lang=en-US&pf=Linux%20x86_64&cd=24&0&pload=102
Requested by
Host: kneeansweras.com
URL: https://kneeansweras.com/submit.min.js?2.0
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
109.206.162.83 , Netherlands, ASN50245 (SERVEREL-AS, NL),
Reverse DNS
83.162.serverel.net
Software
nginx /
Resource Hash
11660de13b4c55d497bcce3185ac6e33ce888e734a708ae1b1cd2b8f9edc9c56

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36
Accept-Language
nl-NL,nl;q=0.9

Response headers

server
nginx
date
Fri, 03 Dec 2021 16:23:06 GMT
content-type
text/html; charset=utf-8
vary
Accept-Encoding
content-encoding
gzip
timing-allow-origin
*
index.html
517s61.reminews.com/dannig/common-player-arrow/ 		6 KB
7 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://517s61.reminews.com/dannig/common-player-arrow/index.html?var=1541501&ymid=21120311230f6545a24f1b457bba1e1d7911&rc=1&mrc=0&fsc=0&zoneid=1601571&tburl=https://play-vids.com/?geo=nl&proxy=true
Requested by
Host: kneeansweras.com
URL: https://kneeansweras.com/?r=dir&zoneid=1541501&var=1541502&pb=8972fe0676f5560ae3c24b137e758cd91638555786&psp=3o17rcs7YKKHqDPSOczDSP1_hWdm3e8vIq98Kt2c9YMfoxsXnLnQAIAZRTbtcoVczMyci-MUG2euU0NrLwawpIL8VhotGWfYCTrTleiWfX7LkZd9NzUMMCIfIEIg-c9dDLKa5yGoKjIzTOyBBu1GNd2K4yN5PhXPDF9F68mFkGD97kLIxHz-Tcm1G5EXzbBBpS6H_ttyGCKZml5wpvqHvsK0lhMdknLOmfJdgz0O-SXkl3QboVLBCK3eYXlpKN-YZkaXg3XVwr1kaHm1ipUaZKKxPbZ3J8BbQ7IZmmuhcPV7QTLnM-EGSG275Hjc2nKtGo_-mYBwbNlZRXSOeCnSIY92VMMCB6_Og0J665ME2SOEZ0qTOekTXEvp9HwEsqWtVApPe3TpgcTR-DwExv1Ezf1iEY1gj1MSGbvx1pE0eqcExWI8n9fx2d5cnspJeHlSTapIbLvL-uJhb_h3yI9FO2_RHyaCWI1wlruI_wuNWue0HiLqybw9keyRX8BQUHvwFGw-ogFWln2CBSa6tWvg7nuy1IKObmzezfAA2tbRb6KnU_LjmxsrGhl2kYj_nybjxeGek3m1uuSd3k3EN3aVNwovDwBa1XvajXcE-Yhu4PrAnYmn95MbiT9Oxrc_4Fk0yXlQebd0cvuJyJHfddIL2u0CSwuWN4nj-iwJ73dbBPWpAIBTpf8OcQ==&nojs=0&ix=0&t=0&x=1600&y=1200&wcks=1&wgl=1&cnvs=1&os=0&md=0&bb=0&pl=Chrome%20PDF%20Plugin::Chrome%20PDF%20Viewer::Native%20Client&lang=en-US&pf=Linux%20x86_64&cd=24&0&pload=102
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
45.133.44.3 Philadelphia, United States, ASN39572 (ADVANCEDHOSTERS-AS, NL),
Reverse DNS
Software
nginx/1.18.0 /
Resource Hash
dccc56b4834577790633f041a5c730b0f283352e63c8509a9da3961b170b6f96

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36
Accept-Language
nl-NL,nl;q=0.9

Response headers

date
Fri, 03 Dec 2021 16:23:06 GMT
content-type
text/html; charset=utf-8
content-length
6611
server
nginx/1.18.0
last-modified
Tue, 26 Oct 2021 15:52:40 GMT
etag
f46a63e0e4e733d7ddc6f46da00863bf
x-timestamp
1635263559.76455
x-trans-id
txf9973ab5455e4f86ae257-00617824f3
x-openstack-request-id
txf9973ab5455e4f86ae257-00617824f3
cache-control
max-age=172800
access-control-allow-origin
*
access-control-allow-methods
HEAD,GET,POST,PUT,PATCH,DELETE,OPTIONS
access-control-allow-headers
Content-Type,X-Requested-With,X-Auth-Token,X-Openstack-Request-Id,X-Container-Meta-type,X-Container-Meta-Temp-URL-Key,Authorization
access-control-expose-headers
X-Container-Meta-Temp-Url-Key,X-Container-Bytes-Used,Last-Modified,X-Timestamp
expires
Sun, 05 Dec 2021 16:23:06 GMT
vary
Accept-Encoding
x-proxy-cache
HIT
accept-ranges
bytes
dupa.gif
kneeansweras.com/ 		0
0
script.js
123.selornews.com/dannig/common-player-arrow/ 		4 KB
5 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://123.selornews.com/dannig/common-player-arrow/script.js?a=19
Requested by
Host: 517s61.reminews.com
URL: https://517s61.reminews.com/dannig/common-player-arrow/index.html?var=1541501&ymid=21120311230f6545a24f1b457bba1e1d7911&rc=1&mrc=0&fsc=0&zoneid=1601571&tburl=https://play-vids.com/?geo=nl&proxy=true
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
45.133.44.4 Philadelphia, United States, ASN39572 (ADVANCEDHOSTERS-AS, NL),
Reverse DNS
Software
nginx/1.18.0 /
Resource Hash
4d23eca65ee87fd5bce9aaefc863c5f836ad13dbb3069c72533bddfe2054d0d9

Request headers

Accept-Language
nl-NL,nl;q=0.9
Referer
https://517s61.reminews.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date
Fri, 03 Dec 2021 16:23:06 GMT
x-openstack-request-id
tx511d3042704c4fa98c709-00617824f4
x-trans-id
tx511d3042704c4fa98c709-00617824f4
x-timestamp
1631013005.68768
accept-ranges
bytes
expires
Sun, 05 Dec 2021 16:23:06 GMT
last-modified
Tue, 07 Sep 2021 11:10:06 GMT
server
nginx/1.18.0
etag
9d479878f1dadd7ee15cebf73891e8ae
vary
Accept-Encoding
access-control-allow-methods
HEAD,GET,POST,PUT,PATCH,DELETE,OPTIONS
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
access-control-expose-headers
X-Container-Meta-Temp-Url-Key,X-Container-Bytes-Used,Last-Modified,X-Timestamp
cache-control
max-age=172800
content-length
4281
access-control-allow-headers
Content-Type,X-Requested-With,X-Auth-Token,X-Openstack-Request-Id,X-Container-Meta-type,X-Container-Meta-Temp-URL-Key,Authorization
x-proxy-cache
HIT
icon1.png
123.selornews.com/dannig/common-player-arrow/img/ 		7 KB
8 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://123.selornews.com/dannig/common-player-arrow/img/icon1.png
Requested by
Host: 517s61.reminews.com
URL: https://517s61.reminews.com/dannig/common-player-arrow/index.html?var=1541501&ymid=21120311230f6545a24f1b457bba1e1d7911&rc=1&mrc=0&fsc=0&zoneid=1601571&tburl=https://play-vids.com/?geo=nl&proxy=true
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
45.133.44.4 Philadelphia, United States, ASN39572 (ADVANCEDHOSTERS-AS, NL),
Reverse DNS
Software
nginx/1.18.0 /
Resource Hash

Request headers

Accept-Language
nl-NL,nl;q=0.9
Referer
https://517s61.reminews.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date
Fri, 03 Dec 2021 16:23:06 GMT
x-openstack-request-id
tx3a371b7f911d47879e956-00617824f4
x-trans-id
tx3a371b7f911d47879e956-00617824f4
x-timestamp
1621260766.56573
accept-ranges
bytes
expires
Sun, 05 Dec 2021 16:23:06 GMT
last-modified
Mon, 17 May 2021 14:12:47 GMT
server
nginx/1.18.0
etag
3d0ab5834c8bf7134e4d21fa3288317f
vary
Accept-Encoding
access-control-allow-methods
HEAD,GET,POST,PUT,PATCH,DELETE,OPTIONS
content-type
image/png
access-control-allow-origin
*
access-control-expose-headers
X-Container-Meta-Temp-Url-Key,X-Container-Bytes-Used,Last-Modified,X-Timestamp
cache-control
max-age=172800
content-length
7252
access-control-allow-headers
Content-Type,X-Requested-With,X-Auth-Token,X-Openstack-Request-Id,X-Container-Meta-type,X-Container-Meta-Temp-URL-Key,Authorization
x-proxy-cache
HIT
icon2.png
123.selornews.com/dannig/common-player-arrow/img/ 		4 KB
5 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://123.selornews.com/dannig/common-player-arrow/img/icon2.png
Requested by
Host: 517s61.reminews.com
URL: https://517s61.reminews.com/dannig/common-player-arrow/index.html?var=1541501&ymid=21120311230f6545a24f1b457bba1e1d7911&rc=1&mrc=0&fsc=0&zoneid=1601571&tburl=https://play-vids.com/?geo=nl&proxy=true
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
45.133.44.4 Philadelphia, United States, ASN39572 (ADVANCEDHOSTERS-AS, NL),
Reverse DNS
Software
nginx/1.18.0 /
Resource Hash

Request headers

Accept-Language
nl-NL,nl;q=0.9
Referer
https://517s61.reminews.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date
Fri, 03 Dec 2021 16:23:06 GMT
x-openstack-request-id
txa9b08c83d6884e2e94886-00617824f0
x-trans-id
txa9b08c83d6884e2e94886-00617824f0
x-timestamp
1621260766.58366
accept-ranges
bytes
expires
Sun, 05 Dec 2021 16:23:06 GMT
last-modified
Mon, 17 May 2021 14:12:47 GMT
server
nginx/1.18.0
etag
c947d439eb93367f1af5b2a3d222f057
vary
Accept-Encoding
access-control-allow-methods
HEAD,GET,POST,PUT,PATCH,DELETE,OPTIONS
content-type
image/png
access-control-allow-origin
*
access-control-expose-headers
X-Container-Meta-Temp-Url-Key,X-Container-Bytes-Used,Last-Modified,X-Timestamp
cache-control
max-age=172800
content-length
4576
access-control-allow-headers
Content-Type,X-Requested-With,X-Auth-Token,X-Openstack-Request-Id,X-Container-Meta-type,X-Container-Meta-Temp-URL-Key,Authorization
x-proxy-cache
HIT
icon3.png
123.selornews.com/dannig/common-player-arrow/img/ 		8 KB
8 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://123.selornews.com/dannig/common-player-arrow/img/icon3.png
Requested by
Host: 517s61.reminews.com
URL: https://517s61.reminews.com/dannig/common-player-arrow/index.html?var=1541501&ymid=21120311230f6545a24f1b457bba1e1d7911&rc=1&mrc=0&fsc=0&zoneid=1601571&tburl=https://play-vids.com/?geo=nl&proxy=true
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
45.133.44.4 Philadelphia, United States, ASN39572 (ADVANCEDHOSTERS-AS, NL),
Reverse DNS
Software
nginx/1.18.0 /
Resource Hash

Request headers

Accept-Language
nl-NL,nl;q=0.9
Referer
https://517s61.reminews.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date
Fri, 03 Dec 2021 16:23:06 GMT
x-openstack-request-id
txe836bc800dc74cab8c17e-00617824f0
x-trans-id
txe836bc800dc74cab8c17e-00617824f0
x-timestamp
1621260770.61859
accept-ranges
bytes
expires
Sun, 05 Dec 2021 16:23:06 GMT
last-modified
Mon, 17 May 2021 14:12:51 GMT
server
nginx/1.18.0
etag
8f3cc830da0b1fdf66bda7d1d734747b
vary
Accept-Encoding
access-control-allow-methods
HEAD,GET,POST,PUT,PATCH,DELETE,OPTIONS
content-type
image/png
access-control-allow-origin
*
access-control-expose-headers
X-Container-Meta-Temp-Url-Key,X-Container-Bytes-Used,Last-Modified,X-Timestamp
cache-control
max-age=172800
content-length
7847
access-control-allow-headers
Content-Type,X-Requested-With,X-Auth-Token,X-Openstack-Request-Id,X-Container-Meta-type,X-Container-Meta-Temp-URL-Key,Authorization
x-proxy-cache
HIT
icon4.png
123.selornews.com/dannig/common-player-arrow/img/ 		7 KB
7 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://123.selornews.com/dannig/common-player-arrow/img/icon4.png
Requested by
Host: 517s61.reminews.com
URL: https://517s61.reminews.com/dannig/common-player-arrow/index.html?var=1541501&ymid=21120311230f6545a24f1b457bba1e1d7911&rc=1&mrc=0&fsc=0&zoneid=1601571&tburl=https://play-vids.com/?geo=nl&proxy=true
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
45.133.44.4 Philadelphia, United States, ASN39572 (ADVANCEDHOSTERS-AS, NL),
Reverse DNS
Software
nginx/1.18.0 /
Resource Hash

Request headers

Accept-Language
nl-NL,nl;q=0.9
Referer
https://517s61.reminews.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date
Fri, 03 Dec 2021 16:23:06 GMT
x-openstack-request-id
tx15b172dcb6084849bf123-00617824f0
x-trans-id
tx15b172dcb6084849bf123-00617824f0
x-timestamp
1621260766.57654
accept-ranges
bytes
expires
Sun, 05 Dec 2021 16:23:06 GMT
last-modified
Mon, 17 May 2021 14:12:47 GMT
server
nginx/1.18.0
etag
7ad7f32c1c0df7b4975cc41bda4ac435
vary
Accept-Encoding
access-control-allow-methods
HEAD,GET,POST,PUT,PATCH,DELETE,OPTIONS
content-type
image/png
access-control-allow-origin
*
access-control-expose-headers
X-Container-Meta-Temp-Url-Key,X-Container-Bytes-Used,Last-Modified,X-Timestamp
cache-control
max-age=172800
content-length
7032
access-control-allow-headers
Content-Type,X-Requested-With,X-Auth-Token,X-Openstack-Request-Id,X-Container-Meta-type,X-Container-Meta-Temp-URL-Key,Authorization
x-proxy-cache
HIT
icon5.png
123.selornews.com/dannig/common-player-arrow/img/ 		3 KB
4 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://123.selornews.com/dannig/common-player-arrow/img/icon5.png
Requested by
Host: 517s61.reminews.com
URL: https://517s61.reminews.com/dannig/common-player-arrow/index.html?var=1541501&ymid=21120311230f6545a24f1b457bba1e1d7911&rc=1&mrc=0&fsc=0&zoneid=1601571&tburl=https://play-vids.com/?geo=nl&proxy=true
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
45.133.44.4 Philadelphia, United States, ASN39572 (ADVANCEDHOSTERS-AS, NL),
Reverse DNS
Software
nginx/1.18.0 /
Resource Hash

Request headers

Accept-Language
nl-NL,nl;q=0.9
Referer
https://517s61.reminews.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date
Fri, 03 Dec 2021 16:23:06 GMT
x-openstack-request-id
txb5043e51fe2e4d6988631-00617824f0
x-trans-id
txb5043e51fe2e4d6988631-00617824f0
x-timestamp
1621260766.74516
accept-ranges
bytes
expires
Sun, 05 Dec 2021 16:23:06 GMT
last-modified
Mon, 17 May 2021 14:12:47 GMT
server
nginx/1.18.0
etag
1e1a7582b5da63e10485d63f97abc9a0
vary
Accept-Encoding
access-control-allow-methods
HEAD,GET,POST,PUT,PATCH,DELETE,OPTIONS
content-type
image/png
access-control-allow-origin
*
access-control-expose-headers
X-Container-Meta-Temp-Url-Key,X-Container-Bytes-Used,Last-Modified,X-Timestamp
cache-control
max-age=172800
content-length
3264
access-control-allow-headers
Content-Type,X-Requested-With,X-Auth-Token,X-Openstack-Request-Id,X-Container-Meta-type,X-Container-Meta-Temp-URL-Key,Authorization
x-proxy-cache
HIT
icon7.png
123.selornews.com/dannig/common-player-arrow/img/ 		3 KB
4 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://123.selornews.com/dannig/common-player-arrow/img/icon7.png
Requested by
Host: 517s61.reminews.com
URL: https://517s61.reminews.com/dannig/common-player-arrow/index.html?var=1541501&ymid=21120311230f6545a24f1b457bba1e1d7911&rc=1&mrc=0&fsc=0&zoneid=1601571&tburl=https://play-vids.com/?geo=nl&proxy=true
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
45.133.44.4 Philadelphia, United States, ASN39572 (ADVANCEDHOSTERS-AS, NL),
Reverse DNS
Software
nginx/1.18.0 /
Resource Hash

Request headers

Accept-Language
nl-NL,nl;q=0.9
Referer
https://517s61.reminews.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date
Fri, 03 Dec 2021 16:23:06 GMT
x-openstack-request-id
tx23eb648f44094a9e86fdc-00617824f0
x-trans-id
tx23eb648f44094a9e86fdc-00617824f0
x-timestamp
1621260767.43555
accept-ranges
bytes
expires
Sun, 05 Dec 2021 16:23:06 GMT
last-modified
Mon, 17 May 2021 14:12:48 GMT
server
nginx/1.18.0
etag
b512735542cb07b3b2dcf153a7dfe456
vary
Accept-Encoding
access-control-allow-methods
HEAD,GET,POST,PUT,PATCH,DELETE,OPTIONS
content-type
image/png
access-control-allow-origin
*
access-control-expose-headers
X-Container-Meta-Temp-Url-Key,X-Container-Bytes-Used,Last-Modified,X-Timestamp
cache-control
max-age=172800
content-length
3283
access-control-allow-headers
Content-Type,X-Requested-With,X-Auth-Token,X-Openstack-Request-Id,X-Container-Meta-type,X-Container-Meta-Temp-URL-Key,Authorization
x-proxy-cache
HIT
icon8.png
123.selornews.com/dannig/common-player-arrow/img/ 		4 KB
5 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://123.selornews.com/dannig/common-player-arrow/img/icon8.png
Requested by
Host: 517s61.reminews.com
URL: https://517s61.reminews.com/dannig/common-player-arrow/index.html?var=1541501&ymid=21120311230f6545a24f1b457bba1e1d7911&rc=1&mrc=0&fsc=0&zoneid=1601571&tburl=https://play-vids.com/?geo=nl&proxy=true
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
45.133.44.4 Philadelphia, United States, ASN39572 (ADVANCEDHOSTERS-AS, NL),
Reverse DNS
Software
nginx/1.18.0 /
Resource Hash

Request headers

Accept-Language
nl-NL,nl;q=0.9
Referer
https://517s61.reminews.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date
Fri, 03 Dec 2021 16:23:06 GMT
x-openstack-request-id
tx287de7c84de84b77b385d-00617824f0
x-trans-id
tx287de7c84de84b77b385d-00617824f0
x-timestamp
1621260767.46514
accept-ranges
bytes
expires
Sun, 05 Dec 2021 16:23:06 GMT
last-modified
Mon, 17 May 2021 14:12:48 GMT
server
nginx/1.18.0
etag
f92d6474ebc6a3a0b576749cfb4afe98
vary
Accept-Encoding
access-control-allow-methods
HEAD,GET,POST,PUT,PATCH,DELETE,OPTIONS
content-type
image/png
access-control-allow-origin
*
access-control-expose-headers
X-Container-Meta-Temp-Url-Key,X-Container-Bytes-Used,Last-Modified,X-Timestamp
cache-control
max-age=172800
content-length
4064
access-control-allow-headers
Content-Type,X-Requested-With,X-Auth-Token,X-Openstack-Request-Id,X-Container-Meta-type,X-Container-Meta-Temp-URL-Key,Authorization
x-proxy-cache
HIT
afu.php
kneeansweras.com/ 		2 KB
1 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://kneeansweras.com/afu.php?zoneid=1541502&var=1541501
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
109.206.162.83 , Netherlands, ASN50245 (SERVEREL-AS, NL),
Reverse DNS
83.162.serverel.net
Software
nginx /
Resource Hash
453e60081f2ea28d0faf48392687b781ebe9443f6c9f6dbff680bb0b240b3e90

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36
Accept-Language
nl-NL,nl;q=0.9

Response headers

server
nginx
date
Fri, 03 Dec 2021 16:23:06 GMT
content-type
text/html; charset=utf-8
vary
Accept-Encoding
content-encoding
gzip
timing-allow-origin
*
submit.min.js
kneeansweras.com/ 		34 KB
14 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://kneeansweras.com/submit.min.js?2.0
Requested by
Host: kneeansweras.com
URL: https://kneeansweras.com/afu.php?zoneid=1541502&var=1541501
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
109.206.162.83 , Netherlands, ASN50245 (SERVEREL-AS, NL),
Reverse DNS
83.162.serverel.net
Software
nginx /
Resource Hash
85a367f436675a0f9ff723ab117c68ab0f704cd9f183bc40c8d5e06d647832b8

Request headers

Accept-Language
nl-NL,nl;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date
Fri, 03 Dec 2021 16:23:06 GMT
content-encoding
gzip
last-modified
Thu, 02 Dec 2021 12:43:17 GMT
server
nginx
etag
W/"61a8bf65-87fb"
vary
Accept-Encoding
content-type
application/javascript
timing-allow-origin
*
/
kneeansweras.com/ 		3 KB
2 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://kneeansweras.com/?r=dir&zoneid=1541502&var=1541501&pb=8972fe0676f5560ae3c24b137e758cd91638555786&psp=HXIbNzsGgmObCPfYKipgAyXHsJpzwDSQVnOrDCxkaBJNyIPyDzPaSFqMJzpWewklh4StWrYmZ17QWVm3FYH2kQXnFPhnSBNPROWk2V4BHtyl0s0TJYnXZSqopL_IlFFP89ye1KvKCGl3JP2--9KVqqgd_X0VCgbRvLVL2HZ53uUjoRWU_gL_1jr2aulKaOvyQApY0dTv766vMbPwhzYJ59ymZbfzexd4g47LSmCxgAkVCUVdQ7SMMS3i4sR6Cit7HjLB7Voi1XLnKaGwe7HqKtOfVSJey75mWPixQivmkcGtV-khOatiLHnHfcv3SxquQxwhscSgIdeuRDCFJOIi9s3h0AGEl0bEtzgs9hdJL1sMHYMmsQv2DmPJ318m4Jbn_ySA6RkT_rDCNrlfREPIMXB8dHhtNNtqW4rYXG_41Fsu3P08YDP_VnSHuYmDuCqJRUnGKJhB1JhkDg4oGfUkAv9aIq3DPrhDM81NhMCHH_vsUxLMziL3hQbpKHA5HhhN5gFoEAqpNrzEkLAY3xdHD_DSg30YyCSQMOO8Uh885rdiwt0GuraRreAKpVwQbSOVr0brrR29sCLovghU5NNPhtLg9NI6i4hlW3VmcXwkWbU5ZZZco3KNUqbpG85ksyOT-RB7qqOMszmx3U1MB1rB8JVoQbB0NTrEtts1FgN19JugskOenDRXEQ==&nojs=0&ix=0&t=0&x=1600&y=1200&wcks=1&wgl=1&cnvs=1&os=0&md=0&bb=0&pl=Chrome%20PDF%20Plugin::Chrome%20PDF%20Viewer::Native%20Client&lang=en-US&pf=Linux%20x86_64&cd=24&0&pload=100
Requested by
Host: kneeansweras.com
URL: https://kneeansweras.com/submit.min.js?2.0
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
109.206.162.83 , Netherlands, ASN50245 (SERVEREL-AS, NL),
Reverse DNS
83.162.serverel.net
Software
nginx /
Resource Hash
d5cc8fa84ba48413683baa44c7fba3b4f4c45074b34fc53f258d62bea7845101

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36
Accept-Language
nl-NL,nl;q=0.9

Response headers

server
nginx
date
Fri, 03 Dec 2021 16:23:07 GMT
content-type
text/html; charset=utf-8
vary
Accept-Encoding
content-encoding
gzip
timing-allow-origin
*
index.html
517s61.reminews.com/dannig/common-player-arrow/ 		6 KB
7 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://517s61.reminews.com/dannig/common-player-arrow/index.html?var=1541502&ymid=2112031123e9b34f67ce37431183cdbf7770&rc=1&mrc=0&fsc=0&zoneid=1601571&tburl=https://play-vids.com/?geo=nl&proxy=true
Requested by
Host: kneeansweras.com
URL: https://kneeansweras.com/?r=dir&zoneid=1541502&var=1541501&pb=8972fe0676f5560ae3c24b137e758cd91638555786&psp=HXIbNzsGgmObCPfYKipgAyXHsJpzwDSQVnOrDCxkaBJNyIPyDzPaSFqMJzpWewklh4StWrYmZ17QWVm3FYH2kQXnFPhnSBNPROWk2V4BHtyl0s0TJYnXZSqopL_IlFFP89ye1KvKCGl3JP2--9KVqqgd_X0VCgbRvLVL2HZ53uUjoRWU_gL_1jr2aulKaOvyQApY0dTv766vMbPwhzYJ59ymZbfzexd4g47LSmCxgAkVCUVdQ7SMMS3i4sR6Cit7HjLB7Voi1XLnKaGwe7HqKtOfVSJey75mWPixQivmkcGtV-khOatiLHnHfcv3SxquQxwhscSgIdeuRDCFJOIi9s3h0AGEl0bEtzgs9hdJL1sMHYMmsQv2DmPJ318m4Jbn_ySA6RkT_rDCNrlfREPIMXB8dHhtNNtqW4rYXG_41Fsu3P08YDP_VnSHuYmDuCqJRUnGKJhB1JhkDg4oGfUkAv9aIq3DPrhDM81NhMCHH_vsUxLMziL3hQbpKHA5HhhN5gFoEAqpNrzEkLAY3xdHD_DSg30YyCSQMOO8Uh885rdiwt0GuraRreAKpVwQbSOVr0brrR29sCLovghU5NNPhtLg9NI6i4hlW3VmcXwkWbU5ZZZco3KNUqbpG85ksyOT-RB7qqOMszmx3U1MB1rB8JVoQbB0NTrEtts1FgN19JugskOenDRXEQ==&nojs=0&ix=0&t=0&x=1600&y=1200&wcks=1&wgl=1&cnvs=1&os=0&md=0&bb=0&pl=Chrome%20PDF%20Plugin::Chrome%20PDF%20Viewer::Native%20Client&lang=en-US&pf=Linux%20x86_64&cd=24&0&pload=100
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
45.133.44.3 Philadelphia, United States, ASN39572 (ADVANCEDHOSTERS-AS, NL),
Reverse DNS
Software
nginx/1.18.0 /
Resource Hash
dccc56b4834577790633f041a5c730b0f283352e63c8509a9da3961b170b6f96

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36
Accept-Language
nl-NL,nl;q=0.9

Response headers

date
Fri, 03 Dec 2021 16:23:07 GMT
content-type
text/html; charset=utf-8
content-length
6611
server
nginx/1.18.0
last-modified
Tue, 26 Oct 2021 15:52:40 GMT
etag
f46a63e0e4e733d7ddc6f46da00863bf
x-timestamp
1635263559.76455
x-trans-id
txf9973ab5455e4f86ae257-00617824f3
x-openstack-request-id
txf9973ab5455e4f86ae257-00617824f3
cache-control
max-age=172800
access-control-allow-origin
*
access-control-allow-methods
HEAD,GET,POST,PUT,PATCH,DELETE,OPTIONS
access-control-allow-headers
Content-Type,X-Requested-With,X-Auth-Token,X-Openstack-Request-Id,X-Container-Meta-type,X-Container-Meta-Temp-URL-Key,Authorization
access-control-expose-headers
X-Container-Meta-Temp-Url-Key,X-Container-Bytes-Used,Last-Modified,X-Timestamp
expires
Sun, 05 Dec 2021 16:23:07 GMT
vary
Accept-Encoding
x-proxy-cache
HIT
accept-ranges
bytes
dupa.gif
kneeansweras.com/ 		0
0
script.js
123.selornews.com/dannig/common-player-arrow/ 		4 KB
5 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://123.selornews.com/dannig/common-player-arrow/script.js?a=19
Requested by
Host: 517s61.reminews.com
URL: https://517s61.reminews.com/dannig/common-player-arrow/index.html?var=1541502&ymid=2112031123e9b34f67ce37431183cdbf7770&rc=1&mrc=0&fsc=0&zoneid=1601571&tburl=https://play-vids.com/?geo=nl&proxy=true
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
45.133.44.4 Philadelphia, United States, ASN39572 (ADVANCEDHOSTERS-AS, NL),
Reverse DNS
Software
nginx/1.18.0 /
Resource Hash
4d23eca65ee87fd5bce9aaefc863c5f836ad13dbb3069c72533bddfe2054d0d9

Request headers

Accept-Language
nl-NL,nl;q=0.9
Referer
https://517s61.reminews.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date
Fri, 03 Dec 2021 16:23:07 GMT
x-openstack-request-id
tx511d3042704c4fa98c709-00617824f4
x-trans-id
tx511d3042704c4fa98c709-00617824f4
x-timestamp
1631013005.68768
accept-ranges
bytes
expires
Sun, 05 Dec 2021 16:23:07 GMT
last-modified
Tue, 07 Sep 2021 11:10:06 GMT
server
nginx/1.18.0
etag
9d479878f1dadd7ee15cebf73891e8ae
vary
Accept-Encoding
access-control-allow-methods
HEAD,GET,POST,PUT,PATCH,DELETE,OPTIONS
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
access-control-expose-headers
X-Container-Meta-Temp-Url-Key,X-Container-Bytes-Used,Last-Modified,X-Timestamp
cache-control
max-age=172800
content-length
4281
access-control-allow-headers
Content-Type,X-Requested-With,X-Auth-Token,X-Openstack-Request-Id,X-Container-Meta-type,X-Container-Meta-Temp-URL-Key,Authorization
x-proxy-cache
HIT
icon1.png
123.selornews.com/dannig/common-player-arrow/img/ 		7 KB
8 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://123.selornews.com/dannig/common-player-arrow/img/icon1.png
Requested by
Host: 517s61.reminews.com
URL: https://517s61.reminews.com/dannig/common-player-arrow/index.html?var=1541502&ymid=2112031123e9b34f67ce37431183cdbf7770&rc=1&mrc=0&fsc=0&zoneid=1601571&tburl=https://play-vids.com/?geo=nl&proxy=true
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
45.133.44.4 Philadelphia, United States, ASN39572 (ADVANCEDHOSTERS-AS, NL),
Reverse DNS
Software
nginx/1.18.0 /
Resource Hash
0515ddd9185d263874e7b66bb6d521fcd63b857aac5fed51c08df98026dafe27

Request headers

Accept-Language
nl-NL,nl;q=0.9
Referer
https://517s61.reminews.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date
Fri, 03 Dec 2021 16:23:07 GMT
x-openstack-request-id
tx3a371b7f911d47879e956-00617824f4
x-trans-id
tx3a371b7f911d47879e956-00617824f4
x-timestamp
1621260766.56573
accept-ranges
bytes
expires
Sun, 05 Dec 2021 16:23:07 GMT
last-modified
Mon, 17 May 2021 14:12:47 GMT
server
nginx/1.18.0
etag
3d0ab5834c8bf7134e4d21fa3288317f
vary
Accept-Encoding
access-control-allow-methods
HEAD,GET,POST,PUT,PATCH,DELETE,OPTIONS
content-type
image/png
access-control-allow-origin
*
access-control-expose-headers
X-Container-Meta-Temp-Url-Key,X-Container-Bytes-Used,Last-Modified,X-Timestamp
cache-control
max-age=172800
content-length
7252
access-control-allow-headers
Content-Type,X-Requested-With,X-Auth-Token,X-Openstack-Request-Id,X-Container-Meta-type,X-Container-Meta-Temp-URL-Key,Authorization
x-proxy-cache
HIT
icon2.png
123.selornews.com/dannig/common-player-arrow/img/ 		4 KB
5 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://123.selornews.com/dannig/common-player-arrow/img/icon2.png
Requested by
Host: 517s61.reminews.com
URL: https://517s61.reminews.com/dannig/common-player-arrow/index.html?var=1541502&ymid=2112031123e9b34f67ce37431183cdbf7770&rc=1&mrc=0&fsc=0&zoneid=1601571&tburl=https://play-vids.com/?geo=nl&proxy=true
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
45.133.44.4 Philadelphia, United States, ASN39572 (ADVANCEDHOSTERS-AS, NL),
Reverse DNS
Software
nginx/1.18.0 /
Resource Hash

Request headers

Accept-Language
nl-NL,nl;q=0.9
Referer
https://517s61.reminews.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date
Fri, 03 Dec 2021 16:23:07 GMT
x-openstack-request-id
txa9b08c83d6884e2e94886-00617824f0
x-trans-id
txa9b08c83d6884e2e94886-00617824f0
x-timestamp
1621260766.58366
accept-ranges
bytes
expires
Sun, 05 Dec 2021 16:23:07 GMT
last-modified
Mon, 17 May 2021 14:12:47 GMT
server
nginx/1.18.0
etag
c947d439eb93367f1af5b2a3d222f057
vary
Accept-Encoding
access-control-allow-methods
HEAD,GET,POST,PUT,PATCH,DELETE,OPTIONS
content-type
image/png
access-control-allow-origin
*
access-control-expose-headers
X-Container-Meta-Temp-Url-Key,X-Container-Bytes-Used,Last-Modified,X-Timestamp
cache-control
max-age=172800
content-length
4576
access-control-allow-headers
Content-Type,X-Requested-With,X-Auth-Token,X-Openstack-Request-Id,X-Container-Meta-type,X-Container-Meta-Temp-URL-Key,Authorization
x-proxy-cache
HIT
icon3.png
123.selornews.com/dannig/common-player-arrow/img/ 		8 KB
8 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://123.selornews.com/dannig/common-player-arrow/img/icon3.png
Requested by
Host: 517s61.reminews.com
URL: https://517s61.reminews.com/dannig/common-player-arrow/index.html?var=1541502&ymid=2112031123e9b34f67ce37431183cdbf7770&rc=1&mrc=0&fsc=0&zoneid=1601571&tburl=https://play-vids.com/?geo=nl&proxy=true
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
45.133.44.4 Philadelphia, United States, ASN39572 (ADVANCEDHOSTERS-AS, NL),
Reverse DNS
Software
nginx/1.18.0 /
Resource Hash

Request headers

Accept-Language
nl-NL,nl;q=0.9
Referer
https://517s61.reminews.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date
Fri, 03 Dec 2021 16:23:07 GMT
x-openstack-request-id
txe836bc800dc74cab8c17e-00617824f0
x-trans-id
txe836bc800dc74cab8c17e-00617824f0
x-timestamp
1621260770.61859
accept-ranges
bytes
expires
Sun, 05 Dec 2021 16:23:07 GMT
last-modified
Mon, 17 May 2021 14:12:51 GMT
server
nginx/1.18.0
etag
8f3cc830da0b1fdf66bda7d1d734747b
vary
Accept-Encoding
access-control-allow-methods
HEAD,GET,POST,PUT,PATCH,DELETE,OPTIONS
content-type
image/png
access-control-allow-origin
*
access-control-expose-headers
X-Container-Meta-Temp-Url-Key,X-Container-Bytes-Used,Last-Modified,X-Timestamp
cache-control
max-age=172800
content-length
7847
access-control-allow-headers
Content-Type,X-Requested-With,X-Auth-Token,X-Openstack-Request-Id,X-Container-Meta-type,X-Container-Meta-Temp-URL-Key,Authorization
x-proxy-cache
HIT
icon4.png
123.selornews.com/dannig/common-player-arrow/img/ 		7 KB
7 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://123.selornews.com/dannig/common-player-arrow/img/icon4.png
Requested by
Host: 517s61.reminews.com
URL: https://517s61.reminews.com/dannig/common-player-arrow/index.html?var=1541502&ymid=2112031123e9b34f67ce37431183cdbf7770&rc=1&mrc=0&fsc=0&zoneid=1601571&tburl=https://play-vids.com/?geo=nl&proxy=true
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
45.133.44.4 Philadelphia, United States, ASN39572 (ADVANCEDHOSTERS-AS, NL),
Reverse DNS
Software
nginx/1.18.0 /
Resource Hash

Request headers

Accept-Language
nl-NL,nl;q=0.9
Referer
https://517s61.reminews.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date
Fri, 03 Dec 2021 16:23:07 GMT
x-openstack-request-id
tx15b172dcb6084849bf123-00617824f0
x-trans-id
tx15b172dcb6084849bf123-00617824f0
x-timestamp
1621260766.57654
accept-ranges
bytes
expires
Sun, 05 Dec 2021 16:23:07 GMT
last-modified
Mon, 17 May 2021 14:12:47 GMT
server
nginx/1.18.0
etag
7ad7f32c1c0df7b4975cc41bda4ac435
vary
Accept-Encoding
access-control-allow-methods
HEAD,GET,POST,PUT,PATCH,DELETE,OPTIONS
content-type
image/png
access-control-allow-origin
*
access-control-expose-headers
X-Container-Meta-Temp-Url-Key,X-Container-Bytes-Used,Last-Modified,X-Timestamp
cache-control
max-age=172800
content-length
7032
access-control-allow-headers
Content-Type,X-Requested-With,X-Auth-Token,X-Openstack-Request-Id,X-Container-Meta-type,X-Container-Meta-Temp-URL-Key,Authorization
x-proxy-cache
HIT
icon5.png
123.selornews.com/dannig/common-player-arrow/img/ 		3 KB
4 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://123.selornews.com/dannig/common-player-arrow/img/icon5.png
Requested by
Host: 517s61.reminews.com
URL: https://517s61.reminews.com/dannig/common-player-arrow/index.html?var=1541502&ymid=2112031123e9b34f67ce37431183cdbf7770&rc=1&mrc=0&fsc=0&zoneid=1601571&tburl=https://play-vids.com/?geo=nl&proxy=true
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
45.133.44.4 Philadelphia, United States, ASN39572 (ADVANCEDHOSTERS-AS, NL),
Reverse DNS
Software
nginx/1.18.0 /
Resource Hash

Request headers

Accept-Language
nl-NL,nl;q=0.9
Referer
https://517s61.reminews.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date
Fri, 03 Dec 2021 16:23:07 GMT
x-openstack-request-id
txb5043e51fe2e4d6988631-00617824f0
x-trans-id
txb5043e51fe2e4d6988631-00617824f0
x-timestamp
1621260766.74516
accept-ranges
bytes
expires
Sun, 05 Dec 2021 16:23:07 GMT
last-modified
Mon, 17 May 2021 14:12:47 GMT
server
nginx/1.18.0
etag
1e1a7582b5da63e10485d63f97abc9a0
vary
Accept-Encoding
access-control-allow-methods
HEAD,GET,POST,PUT,PATCH,DELETE,OPTIONS
content-type
image/png
access-control-allow-origin
*
access-control-expose-headers
X-Container-Meta-Temp-Url-Key,X-Container-Bytes-Used,Last-Modified,X-Timestamp
cache-control
max-age=172800
content-length
3264
access-control-allow-headers
Content-Type,X-Requested-With,X-Auth-Token,X-Openstack-Request-Id,X-Container-Meta-type,X-Container-Meta-Temp-URL-Key,Authorization
x-proxy-cache
HIT
icon7.png
123.selornews.com/dannig/common-player-arrow/img/ 		3 KB
4 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://123.selornews.com/dannig/common-player-arrow/img/icon7.png
Requested by
Host: 517s61.reminews.com
URL: https://517s61.reminews.com/dannig/common-player-arrow/index.html?var=1541502&ymid=2112031123e9b34f67ce37431183cdbf7770&rc=1&mrc=0&fsc=0&zoneid=1601571&tburl=https://play-vids.com/?geo=nl&proxy=true
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
45.133.44.4 Philadelphia, United States, ASN39572 (ADVANCEDHOSTERS-AS, NL),
Reverse DNS
Software
nginx/1.18.0 /
Resource Hash

Request headers

Accept-Language
nl-NL,nl;q=0.9
Referer
https://517s61.reminews.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date
Fri, 03 Dec 2021 16:23:07 GMT
x-openstack-request-id
tx23eb648f44094a9e86fdc-00617824f0
x-trans-id
tx23eb648f44094a9e86fdc-00617824f0
x-timestamp
1621260767.43555
accept-ranges
bytes
expires
Sun, 05 Dec 2021 16:23:07 GMT
last-modified
Mon, 17 May 2021 14:12:48 GMT
server
nginx/1.18.0
etag
b512735542cb07b3b2dcf153a7dfe456
vary
Accept-Encoding
access-control-allow-methods
HEAD,GET,POST,PUT,PATCH,DELETE,OPTIONS
content-type
image/png
access-control-allow-origin
*
access-control-expose-headers
X-Container-Meta-Temp-Url-Key,X-Container-Bytes-Used,Last-Modified,X-Timestamp
cache-control
max-age=172800
content-length
3283
access-control-allow-headers
Content-Type,X-Requested-With,X-Auth-Token,X-Openstack-Request-Id,X-Container-Meta-type,X-Container-Meta-Temp-URL-Key,Authorization
x-proxy-cache
HIT
icon8.png
123.selornews.com/dannig/common-player-arrow/img/ 		4 KB
5 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://123.selornews.com/dannig/common-player-arrow/img/icon8.png
Requested by
Host: 517s61.reminews.com
URL: https://517s61.reminews.com/dannig/common-player-arrow/index.html?var=1541502&ymid=2112031123e9b34f67ce37431183cdbf7770&rc=1&mrc=0&fsc=0&zoneid=1601571&tburl=https://play-vids.com/?geo=nl&proxy=true
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
45.133.44.4 Philadelphia, United States, ASN39572 (ADVANCEDHOSTERS-AS, NL),
Reverse DNS
Software
nginx/1.18.0 /
Resource Hash

Request headers

Accept-Language
nl-NL,nl;q=0.9
Referer
https://517s61.reminews.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date
Fri, 03 Dec 2021 16:23:07 GMT
x-openstack-request-id
tx287de7c84de84b77b385d-00617824f0
x-trans-id
tx287de7c84de84b77b385d-00617824f0
x-timestamp
1621260767.46514
accept-ranges
bytes
expires
Sun, 05 Dec 2021 16:23:07 GMT
last-modified
Mon, 17 May 2021 14:12:48 GMT
server
nginx/1.18.0
etag
f92d6474ebc6a3a0b576749cfb4afe98
vary
Accept-Encoding
access-control-allow-methods
HEAD,GET,POST,PUT,PATCH,DELETE,OPTIONS
content-type
image/png
access-control-allow-origin
*
access-control-expose-headers
X-Container-Meta-Temp-Url-Key,X-Container-Bytes-Used,Last-Modified,X-Timestamp
cache-control
max-age=172800
content-length
4064
access-control-allow-headers
Content-Type,X-Requested-With,X-Auth-Token,X-Openstack-Request-Id,X-Container-Meta-type,X-Container-Meta-Temp-URL-Key,Authorization
x-proxy-cache
HIT
afu.php
kneeansweras.com/ 		2 KB
1 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://kneeansweras.com/afu.php?zoneid=1541501&var=1541502
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
109.206.162.83 , Netherlands, ASN50245 (SERVEREL-AS, NL),
Reverse DNS
83.162.serverel.net
Software
nginx /
Resource Hash
9732430a2854bd8f93e79011b835deecad59c940f36d1139f41012a3eb5d7f69

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36
Accept-Language
nl-NL,nl;q=0.9

Response headers

server
nginx
date
Fri, 03 Dec 2021 16:23:07 GMT
content-type
text/html; charset=utf-8
vary
Accept-Encoding
content-encoding
gzip
timing-allow-origin
*
submit.min.js
kneeansweras.com/ 		34 KB
14 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://kneeansweras.com/submit.min.js?2.0
Requested by
Host: kneeansweras.com
URL: https://kneeansweras.com/afu.php?zoneid=1541501&var=1541502
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
109.206.162.83 , Netherlands, ASN50245 (SERVEREL-AS, NL),
Reverse DNS
83.162.serverel.net
Software
nginx /
Resource Hash
85a367f436675a0f9ff723ab117c68ab0f704cd9f183bc40c8d5e06d647832b8

Request headers

Accept-Language
nl-NL,nl;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date
Fri, 03 Dec 2021 16:23:07 GMT
content-encoding
gzip
last-modified
Thu, 02 Dec 2021 12:43:17 GMT
server
nginx
etag
W/"61a8bf65-87fb"
vary
Accept-Encoding
content-type
application/javascript
timing-allow-origin
*
/
kneeansweras.com/ 		3 KB
2 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://kneeansweras.com/?r=dir&zoneid=1541501&var=1541502&pb=69b5eb3d0a49ed1ec2673bbfd6730df51638555787&psp=jGS4etGE1AA60Rqk8rvAv1QoDxNZQuBTLL678mAOZiqWRQeQbQSzIB8QfRlB5agNFMl255QtsK-TWzIFmHxH4aU1jfQQNlUmB0cGy4TCQ81du6uxJlaQZCfutvZyzIlykua6HHWWWqYaJ0v_KfX8NKu0uE6o64e8AzmlML-9dk4KhwgE5nCAk774reBBWvZUmgVNQ9uqQnkM7QkUVdMAxqTiGxprm8J5S3CBlJaWnmYNLIzbDeOgikdGRdFXCjpvTHriAH6Sjk1MMzffRlAAgKtsRx717nSxS6VQMVc7H3KawAVkp228zJ3cZ9kCEJJXo7dyaV_7flq1J-IdljSgqbPtA3OcrGwFr3x4W8LKE_7x7z3djnaQd6vNYfqIUVQUKv2xjGVHarePADJbCBmHL3JvCPRwETdPxK_yaPW6uEaRgwqfsIGmmEC8RAZvSACI9GAyvWLQFF4rNW-IFyQGq189rxUvekLwBnWAFSq6S7IWlMBrnSS3UhG7KSmUpJfIuNr0TsbDOFzP2ofl-p1pNXLf_Fv_56weXiIaqeJJ0iRxVFC_QyOu8XmLHL93XQifMd1H06Fsd7-Yc4ijEYMvAn0nGsp7-6zzR4UIzd4lfI0ZfqrVS4TcravhbUk5upEyCaQNow0GB-AGMBLL-QaoF7TvWyB74WpGhrBsJicDKUU-vu5IUKbjXQ==&nojs=0&ix=0&t=0&x=1600&y=1200&wcks=1&wgl=1&cnvs=1&os=0&md=0&bb=0&pl=Chrome%20PDF%20Plugin::Chrome%20PDF%20Viewer::Native%20Client&lang=en-US&pf=Linux%20x86_64&cd=24&0&pload=109
Requested by
Host: kneeansweras.com
URL: https://kneeansweras.com/submit.min.js?2.0
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
109.206.162.83 , Netherlands, ASN50245 (SERVEREL-AS, NL),
Reverse DNS
83.162.serverel.net
Software
nginx /
Resource Hash
15d5d8bff295f732e62b2251ffc71de78580031132e4fce67f02f87fe2288892

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36
Accept-Language
nl-NL,nl;q=0.9

Response headers

server
nginx
date
Fri, 03 Dec 2021 16:23:07 GMT
content-type
text/html; charset=utf-8
vary
Accept-Encoding
content-encoding
gzip
timing-allow-origin
*
index.html
517s61.reminews.com/dannig/common-player-arrow/ 		6 KB
7 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://517s61.reminews.com/dannig/common-player-arrow/index.html?var=1541501&ymid=2112031123bfba04b7b2a44e8b865fcca7b8&rc=1&mrc=0&fsc=0&zoneid=1601571&tburl=https://play-vids.com/?geo=nl&proxy=true
Requested by
Host: kneeansweras.com
URL: https://kneeansweras.com/?r=dir&zoneid=1541501&var=1541502&pb=69b5eb3d0a49ed1ec2673bbfd6730df51638555787&psp=jGS4etGE1AA60Rqk8rvAv1QoDxNZQuBTLL678mAOZiqWRQeQbQSzIB8QfRlB5agNFMl255QtsK-TWzIFmHxH4aU1jfQQNlUmB0cGy4TCQ81du6uxJlaQZCfutvZyzIlykua6HHWWWqYaJ0v_KfX8NKu0uE6o64e8AzmlML-9dk4KhwgE5nCAk774reBBWvZUmgVNQ9uqQnkM7QkUVdMAxqTiGxprm8J5S3CBlJaWnmYNLIzbDeOgikdGRdFXCjpvTHriAH6Sjk1MMzffRlAAgKtsRx717nSxS6VQMVc7H3KawAVkp228zJ3cZ9kCEJJXo7dyaV_7flq1J-IdljSgqbPtA3OcrGwFr3x4W8LKE_7x7z3djnaQd6vNYfqIUVQUKv2xjGVHarePADJbCBmHL3JvCPRwETdPxK_yaPW6uEaRgwqfsIGmmEC8RAZvSACI9GAyvWLQFF4rNW-IFyQGq189rxUvekLwBnWAFSq6S7IWlMBrnSS3UhG7KSmUpJfIuNr0TsbDOFzP2ofl-p1pNXLf_Fv_56weXiIaqeJJ0iRxVFC_QyOu8XmLHL93XQifMd1H06Fsd7-Yc4ijEYMvAn0nGsp7-6zzR4UIzd4lfI0ZfqrVS4TcravhbUk5upEyCaQNow0GB-AGMBLL-QaoF7TvWyB74WpGhrBsJicDKUU-vu5IUKbjXQ==&nojs=0&ix=0&t=0&x=1600&y=1200&wcks=1&wgl=1&cnvs=1&os=0&md=0&bb=0&pl=Chrome%20PDF%20Plugin::Chrome%20PDF%20Viewer::Native%20Client&lang=en-US&pf=Linux%20x86_64&cd=24&0&pload=109
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
45.133.44.3 Philadelphia, United States, ASN39572 (ADVANCEDHOSTERS-AS, NL),
Reverse DNS
Software
nginx/1.18.0 /
Resource Hash
dccc56b4834577790633f041a5c730b0f283352e63c8509a9da3961b170b6f96

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36
Accept-Language
nl-NL,nl;q=0.9

Response headers

date
Fri, 03 Dec 2021 16:23:07 GMT
content-type
text/html; charset=utf-8
content-length
6611
server
nginx/1.18.0
last-modified
Tue, 26 Oct 2021 15:52:40 GMT
etag
f46a63e0e4e733d7ddc6f46da00863bf
x-timestamp
1635263559.76455
x-trans-id
txf9973ab5455e4f86ae257-00617824f3
x-openstack-request-id
txf9973ab5455e4f86ae257-00617824f3
cache-control
max-age=172800
access-control-allow-origin
*
access-control-allow-methods
HEAD,GET,POST,PUT,PATCH,DELETE,OPTIONS
access-control-allow-headers
Content-Type,X-Requested-With,X-Auth-Token,X-Openstack-Request-Id,X-Container-Meta-type,X-Container-Meta-Temp-URL-Key,Authorization
access-control-expose-headers
X-Container-Meta-Temp-Url-Key,X-Container-Bytes-Used,Last-Modified,X-Timestamp
expires
Sun, 05 Dec 2021 16:23:07 GMT
vary
Accept-Encoding
x-proxy-cache
HIT
accept-ranges
bytes
dupa.gif
kneeansweras.com/ 		0
0
script.js
123.selornews.com/dannig/common-player-arrow/ 		4 KB
5 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://123.selornews.com/dannig/common-player-arrow/script.js?a=19
Requested by
Host: 517s61.reminews.com
URL: https://517s61.reminews.com/dannig/common-player-arrow/index.html?var=1541501&ymid=2112031123bfba04b7b2a44e8b865fcca7b8&rc=1&mrc=0&fsc=0&zoneid=1601571&tburl=https://play-vids.com/?geo=nl&proxy=true
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
45.133.44.4 Philadelphia, United States, ASN39572 (ADVANCEDHOSTERS-AS, NL),
Reverse DNS
Software
nginx/1.18.0 /
Resource Hash
4d23eca65ee87fd5bce9aaefc863c5f836ad13dbb3069c72533bddfe2054d0d9

Request headers

Accept-Language
nl-NL,nl;q=0.9
Referer
https://517s61.reminews.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date
Fri, 03 Dec 2021 16:23:07 GMT
x-openstack-request-id
tx511d3042704c4fa98c709-00617824f4
x-trans-id
tx511d3042704c4fa98c709-00617824f4
x-timestamp
1631013005.68768
accept-ranges
bytes
expires
Sun, 05 Dec 2021 16:23:07 GMT
last-modified
Tue, 07 Sep 2021 11:10:06 GMT
server
nginx/1.18.0
etag
9d479878f1dadd7ee15cebf73891e8ae
vary
Accept-Encoding
access-control-allow-methods
HEAD,GET,POST,PUT,PATCH,DELETE,OPTIONS
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
access-control-expose-headers
X-Container-Meta-Temp-Url-Key,X-Container-Bytes-Used,Last-Modified,X-Timestamp
cache-control
max-age=172800
content-length
4281
access-control-allow-headers
Content-Type,X-Requested-With,X-Auth-Token,X-Openstack-Request-Id,X-Container-Meta-type,X-Container-Meta-Temp-URL-Key,Authorization
x-proxy-cache
HIT
icon1.png
123.selornews.com/dannig/common-player-arrow/img/ 		7 KB
8 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://123.selornews.com/dannig/common-player-arrow/img/icon1.png
Requested by
Host: 517s61.reminews.com
URL: https://517s61.reminews.com/dannig/common-player-arrow/index.html?var=1541501&ymid=2112031123bfba04b7b2a44e8b865fcca7b8&rc=1&mrc=0&fsc=0&zoneid=1601571&tburl=https://play-vids.com/?geo=nl&proxy=true
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
45.133.44.4 Philadelphia, United States, ASN39572 (ADVANCEDHOSTERS-AS, NL),
Reverse DNS
Software
nginx/1.18.0 /
Resource Hash
0515ddd9185d263874e7b66bb6d521fcd63b857aac5fed51c08df98026dafe27

Request headers

Accept-Language
nl-NL,nl;q=0.9
Referer
https://517s61.reminews.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date
Fri, 03 Dec 2021 16:23:07 GMT
x-openstack-request-id
tx3a371b7f911d47879e956-00617824f4
x-trans-id
tx3a371b7f911d47879e956-00617824f4
x-timestamp
1621260766.56573
accept-ranges
bytes
expires
Sun, 05 Dec 2021 16:23:07 GMT
last-modified
Mon, 17 May 2021 14:12:47 GMT
server
nginx/1.18.0
etag
3d0ab5834c8bf7134e4d21fa3288317f
vary
Accept-Encoding
access-control-allow-methods
HEAD,GET,POST,PUT,PATCH,DELETE,OPTIONS
content-type
image/png
access-control-allow-origin
*
access-control-expose-headers
X-Container-Meta-Temp-Url-Key,X-Container-Bytes-Used,Last-Modified,X-Timestamp
cache-control
max-age=172800
content-length
7252
access-control-allow-headers
Content-Type,X-Requested-With,X-Auth-Token,X-Openstack-Request-Id,X-Container-Meta-type,X-Container-Meta-Temp-URL-Key,Authorization
x-proxy-cache
HIT
icon2.png
123.selornews.com/dannig/common-player-arrow/img/ 		4 KB
5 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://123.selornews.com/dannig/common-player-arrow/img/icon2.png
Requested by
Host: 517s61.reminews.com
URL: https://517s61.reminews.com/dannig/common-player-arrow/index.html?var=1541501&ymid=2112031123bfba04b7b2a44e8b865fcca7b8&rc=1&mrc=0&fsc=0&zoneid=1601571&tburl=https://play-vids.com/?geo=nl&proxy=true
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
45.133.44.4 Philadelphia, United States, ASN39572 (ADVANCEDHOSTERS-AS, NL),
Reverse DNS
Software
nginx/1.18.0 /
Resource Hash

Request headers

Accept-Language
nl-NL,nl;q=0.9
Referer
https://517s61.reminews.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date
Fri, 03 Dec 2021 16:23:07 GMT
x-openstack-request-id
txa9b08c83d6884e2e94886-00617824f0
x-trans-id
txa9b08c83d6884e2e94886-00617824f0
x-timestamp
1621260766.58366
accept-ranges
bytes
expires
Sun, 05 Dec 2021 16:23:07 GMT
last-modified
Mon, 17 May 2021 14:12:47 GMT
server
nginx/1.18.0
etag
c947d439eb93367f1af5b2a3d222f057
vary
Accept-Encoding
access-control-allow-methods
HEAD,GET,POST,PUT,PATCH,DELETE,OPTIONS
content-type
image/png
access-control-allow-origin
*
access-control-expose-headers
X-Container-Meta-Temp-Url-Key,X-Container-Bytes-Used,Last-Modified,X-Timestamp
cache-control
max-age=172800
content-length
4576
access-control-allow-headers
Content-Type,X-Requested-With,X-Auth-Token,X-Openstack-Request-Id,X-Container-Meta-type,X-Container-Meta-Temp-URL-Key,Authorization
x-proxy-cache
HIT
icon3.png
123.selornews.com/dannig/common-player-arrow/img/ 		8 KB
8 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://123.selornews.com/dannig/common-player-arrow/img/icon3.png
Requested by
Host: 517s61.reminews.com
URL: https://517s61.reminews.com/dannig/common-player-arrow/index.html?var=1541501&ymid=2112031123bfba04b7b2a44e8b865fcca7b8&rc=1&mrc=0&fsc=0&zoneid=1601571&tburl=https://play-vids.com/?geo=nl&proxy=true
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
45.133.44.4 Philadelphia, United States, ASN39572 (ADVANCEDHOSTERS-AS, NL),
Reverse DNS
Software
nginx/1.18.0 /
Resource Hash

Request headers

Accept-Language
nl-NL,nl;q=0.9
Referer
https://517s61.reminews.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date
Fri, 03 Dec 2021 16:23:07 GMT
x-openstack-request-id
txe836bc800dc74cab8c17e-00617824f0
x-trans-id
txe836bc800dc74cab8c17e-00617824f0
x-timestamp
1621260770.61859
accept-ranges
bytes
expires
Sun, 05 Dec 2021 16:23:07 GMT
last-modified
Mon, 17 May 2021 14:12:51 GMT
server
nginx/1.18.0
etag
8f3cc830da0b1fdf66bda7d1d734747b
vary
Accept-Encoding
access-control-allow-methods
HEAD,GET,POST,PUT,PATCH,DELETE,OPTIONS
content-type
image/png
access-control-allow-origin
*
access-control-expose-headers
X-Container-Meta-Temp-Url-Key,X-Container-Bytes-Used,Last-Modified,X-Timestamp
cache-control
max-age=172800
content-length
7847
access-control-allow-headers
Content-Type,X-Requested-With,X-Auth-Token,X-Openstack-Request-Id,X-Container-Meta-type,X-Container-Meta-Temp-URL-Key,Authorization
x-proxy-cache
HIT
icon4.png
123.selornews.com/dannig/common-player-arrow/img/ 		7 KB
7 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://123.selornews.com/dannig/common-player-arrow/img/icon4.png
Requested by
Host: 517s61.reminews.com
URL: https://517s61.reminews.com/dannig/common-player-arrow/index.html?var=1541501&ymid=2112031123bfba04b7b2a44e8b865fcca7b8&rc=1&mrc=0&fsc=0&zoneid=1601571&tburl=https://play-vids.com/?geo=nl&proxy=true
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
45.133.44.4 Philadelphia, United States, ASN39572 (ADVANCEDHOSTERS-AS, NL),
Reverse DNS
Software
nginx/1.18.0 /
Resource Hash

Request headers

Accept-Language
nl-NL,nl;q=0.9
Referer
https://517s61.reminews.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date
Fri, 03 Dec 2021 16:23:07 GMT
x-openstack-request-id
tx15b172dcb6084849bf123-00617824f0
x-trans-id
tx15b172dcb6084849bf123-00617824f0
x-timestamp
1621260766.57654
accept-ranges
bytes
expires
Sun, 05 Dec 2021 16:23:07 GMT
last-modified
Mon, 17 May 2021 14:12:47 GMT
server
nginx/1.18.0
etag
7ad7f32c1c0df7b4975cc41bda4ac435
vary
Accept-Encoding
access-control-allow-methods
HEAD,GET,POST,PUT,PATCH,DELETE,OPTIONS
content-type
image/png
access-control-allow-origin
*
access-control-expose-headers
X-Container-Meta-Temp-Url-Key,X-Container-Bytes-Used,Last-Modified,X-Timestamp
cache-control
max-age=172800
content-length
7032
access-control-allow-headers
Content-Type,X-Requested-With,X-Auth-Token,X-Openstack-Request-Id,X-Container-Meta-type,X-Container-Meta-Temp-URL-Key,Authorization
x-proxy-cache
HIT
icon5.png
123.selornews.com/dannig/common-player-arrow/img/ 		3 KB
4 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://123.selornews.com/dannig/common-player-arrow/img/icon5.png
Requested by
Host: 517s61.reminews.com
URL: https://517s61.reminews.com/dannig/common-player-arrow/index.html?var=1541501&ymid=2112031123bfba04b7b2a44e8b865fcca7b8&rc=1&mrc=0&fsc=0&zoneid=1601571&tburl=https://play-vids.com/?geo=nl&proxy=true
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
45.133.44.4 Philadelphia, United States, ASN39572 (ADVANCEDHOSTERS-AS, NL),
Reverse DNS
Software
nginx/1.18.0 /
Resource Hash

Request headers

Accept-Language
nl-NL,nl;q=0.9
Referer
https://517s61.reminews.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date
Fri, 03 Dec 2021 16:23:07 GMT
x-openstack-request-id
txb5043e51fe2e4d6988631-00617824f0
x-trans-id
txb5043e51fe2e4d6988631-00617824f0
x-timestamp
1621260766.74516
accept-ranges
bytes
expires
Sun, 05 Dec 2021 16:23:07 GMT
last-modified
Mon, 17 May 2021 14:12:47 GMT
server
nginx/1.18.0
etag
1e1a7582b5da63e10485d63f97abc9a0
vary
Accept-Encoding
access-control-allow-methods
HEAD,GET,POST,PUT,PATCH,DELETE,OPTIONS
content-type
image/png
access-control-allow-origin
*
access-control-expose-headers
X-Container-Meta-Temp-Url-Key,X-Container-Bytes-Used,Last-Modified,X-Timestamp
cache-control
max-age=172800
content-length
3264
access-control-allow-headers
Content-Type,X-Requested-With,X-Auth-Token,X-Openstack-Request-Id,X-Container-Meta-type,X-Container-Meta-Temp-URL-Key,Authorization
x-proxy-cache
HIT
icon7.png
123.selornews.com/dannig/common-player-arrow/img/ 		3 KB
4 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://123.selornews.com/dannig/common-player-arrow/img/icon7.png
Requested by
Host: 517s61.reminews.com
URL: https://517s61.reminews.com/dannig/common-player-arrow/index.html?var=1541501&ymid=2112031123bfba04b7b2a44e8b865fcca7b8&rc=1&mrc=0&fsc=0&zoneid=1601571&tburl=https://play-vids.com/?geo=nl&proxy=true
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
45.133.44.4 Philadelphia, United States, ASN39572 (ADVANCEDHOSTERS-AS, NL),
Reverse DNS
Software
nginx/1.18.0 /
Resource Hash

Request headers

Accept-Language
nl-NL,nl;q=0.9
Referer
https://517s61.reminews.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date
Fri, 03 Dec 2021 16:23:07 GMT
x-openstack-request-id
tx23eb648f44094a9e86fdc-00617824f0
x-trans-id
tx23eb648f44094a9e86fdc-00617824f0
x-timestamp
1621260767.43555
accept-ranges
bytes
expires
Sun, 05 Dec 2021 16:23:07 GMT
last-modified
Mon, 17 May 2021 14:12:48 GMT
server
nginx/1.18.0
etag
b512735542cb07b3b2dcf153a7dfe456
vary
Accept-Encoding
access-control-allow-methods
HEAD,GET,POST,PUT,PATCH,DELETE,OPTIONS
content-type
image/png
access-control-allow-origin
*
access-control-expose-headers
X-Container-Meta-Temp-Url-Key,X-Container-Bytes-Used,Last-Modified,X-Timestamp
cache-control
max-age=172800
content-length
3283
access-control-allow-headers
Content-Type,X-Requested-With,X-Auth-Token,X-Openstack-Request-Id,X-Container-Meta-type,X-Container-Meta-Temp-URL-Key,Authorization
x-proxy-cache
HIT
icon8.png
123.selornews.com/dannig/common-player-arrow/img/ 		4 KB
5 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://123.selornews.com/dannig/common-player-arrow/img/icon8.png
Requested by
Host: 517s61.reminews.com
URL: https://517s61.reminews.com/dannig/common-player-arrow/index.html?var=1541501&ymid=2112031123bfba04b7b2a44e8b865fcca7b8&rc=1&mrc=0&fsc=0&zoneid=1601571&tburl=https://play-vids.com/?geo=nl&proxy=true
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
45.133.44.4 Philadelphia, United States, ASN39572 (ADVANCEDHOSTERS-AS, NL),
Reverse DNS
Software
nginx/1.18.0 /
Resource Hash

Request headers

Accept-Language
nl-NL,nl;q=0.9
Referer
https://517s61.reminews.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date
Fri, 03 Dec 2021 16:23:07 GMT
x-openstack-request-id
tx287de7c84de84b77b385d-00617824f0
x-trans-id
tx287de7c84de84b77b385d-00617824f0
x-timestamp
1621260767.46514
accept-ranges
bytes
expires
Sun, 05 Dec 2021 16:23:07 GMT
last-modified
Mon, 17 May 2021 14:12:48 GMT
server
nginx/1.18.0
etag
f92d6474ebc6a3a0b576749cfb4afe98
vary
Accept-Encoding
access-control-allow-methods
HEAD,GET,POST,PUT,PATCH,DELETE,OPTIONS
content-type
image/png
access-control-allow-origin
*
access-control-expose-headers
X-Container-Meta-Temp-Url-Key,X-Container-Bytes-Used,Last-Modified,X-Timestamp
cache-control
max-age=172800
content-length
4064
access-control-allow-headers
Content-Type,X-Requested-With,X-Auth-Token,X-Openstack-Request-Id,X-Container-Meta-type,X-Container-Meta-Temp-URL-Key,Authorization
x-proxy-cache
HIT
afu.php
kneeansweras.com/ 		2 KB
1 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://kneeansweras.com/afu.php?zoneid=1541502&var=1541501
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
109.206.162.83 , Netherlands, ASN50245 (SERVEREL-AS, NL),
Reverse DNS
83.162.serverel.net
Software
nginx /
Resource Hash
4fb8ef64d9aae371018b2e1e70d40bd8baae340c065a9cfb286ddf23d3ee0d41

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36
Accept-Language
nl-NL,nl;q=0.9

Response headers

server
nginx
date
Fri, 03 Dec 2021 16:23:07 GMT
content-type
text/html; charset=utf-8
vary
Accept-Encoding
content-encoding
gzip
timing-allow-origin
*
submit.min.js
kneeansweras.com/ 		34 KB
14 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://kneeansweras.com/submit.min.js?2.0
Requested by
Host: kneeansweras.com
URL: https://kneeansweras.com/afu.php?zoneid=1541502&var=1541501
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
109.206.162.83 , Netherlands, ASN50245 (SERVEREL-AS, NL),
Reverse DNS
83.162.serverel.net
Software
nginx /
Resource Hash
85a367f436675a0f9ff723ab117c68ab0f704cd9f183bc40c8d5e06d647832b8

Request headers

Accept-Language
nl-NL,nl;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date
Fri, 03 Dec 2021 16:23:07 GMT
content-encoding
gzip
last-modified
Thu, 02 Dec 2021 12:43:17 GMT
server
nginx
etag
W/"61a8bf65-87fb"
vary
Accept-Encoding
content-type
application/javascript
timing-allow-origin
*
/
kneeansweras.com/ 		3 KB
2 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://kneeansweras.com/?r=dir&zoneid=1541502&var=1541501&pb=69b5eb3d0a49ed1ec2673bbfd6730df51638555787&psp=qnucJyJwtyQ_GMAhoqbwb5ro0XRRe7J1wRfTxwr8exivynAhHwQwfgKHcmHPBnGHVTiT3_0CcX3ZXjCRFqPEAbVIPDffW1HVd_YXcyPKf-i1AGXyIU5tyQ8uOnaQe0jVNNlEESyNhDcTbMd74I1CqkSsW8qcyHqhGMiOhmsuFeerFrWU8a4CG9AYcWL7TIW4UsIYVnM03bvKeFhtJBJLCtr__2iAqBYnQ3_Ppu0XFrLVwzoM2LbQUXYPcqfAG4No8Cv5ARCipjJYphQgfQr5loZFdiSNYIcv8j8eCq_Ex1s1ST94Mz47qfvx5Mt_8Yx7D5mlFXHgkBW89KVMjING5El_im3qemsQlbmZK2Fu97eDgJG3IBTmPhlPKuIGlndYqVNuZG7JW8G4AlwCdp61GchCBvYS9NJB091Z7ICvK0soOk5lbc6zQLUR_DoWHN1NwoC1HZOuQnfPJ3CpuTvCa8MLNXG_GsEwfHM2bA3nKStyiE_UDgBTSQKobnNGsb0V5vZ92PNfXn_pP78TU3X1buXbo4CSQ_Xjb2T7M-pZuvP-c_EbzN4BlrKlDy1fcDUp4gCtYMXLApnKSruh46VUw8QcX123oXcxudaUHObTOFzuLWyDxeq1kPjodq2RNfIhPXKEpx4jScONBhUn_tG4CDOX3oUmKjyevYd5bQc-qIXue9punY8zxw==&nojs=0&ix=0&t=0&x=1600&y=1200&wcks=1&wgl=1&cnvs=1&os=0&md=0&bb=0&pl=Chrome%20PDF%20Plugin::Chrome%20PDF%20Viewer::Native%20Client&lang=en-US&pf=Linux%20x86_64&cd=24&0&pload=100
Requested by
Host: kneeansweras.com
URL: https://kneeansweras.com/submit.min.js?2.0
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
109.206.162.83 , Netherlands, ASN50245 (SERVEREL-AS, NL),
Reverse DNS
83.162.serverel.net
Software
nginx /
Resource Hash
75b11984fc11cac41d5eb46218098511108adb3cc94685989dc08e8072e1bd54

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36
Accept-Language
nl-NL,nl;q=0.9

Response headers

server
nginx
date
Fri, 03 Dec 2021 16:23:07 GMT
content-type
text/html; charset=utf-8
vary
Accept-Encoding
content-encoding
gzip
timing-allow-origin
*
index.html
517s61.reminews.com/dannig/common-player-arrow/ 		6 KB
7 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://517s61.reminews.com/dannig/common-player-arrow/index.html?var=1541502&ymid=21120311235d438d80f81c428e8c8199c938&rc=1&mrc=0&fsc=0&zoneid=1601571&tburl=https://play-vids.com/?geo=nl&proxy=true
Requested by
Host: kneeansweras.com
URL: https://kneeansweras.com/?r=dir&zoneid=1541502&var=1541501&pb=69b5eb3d0a49ed1ec2673bbfd6730df51638555787&psp=qnucJyJwtyQ_GMAhoqbwb5ro0XRRe7J1wRfTxwr8exivynAhHwQwfgKHcmHPBnGHVTiT3_0CcX3ZXjCRFqPEAbVIPDffW1HVd_YXcyPKf-i1AGXyIU5tyQ8uOnaQe0jVNNlEESyNhDcTbMd74I1CqkSsW8qcyHqhGMiOhmsuFeerFrWU8a4CG9AYcWL7TIW4UsIYVnM03bvKeFhtJBJLCtr__2iAqBYnQ3_Ppu0XFrLVwzoM2LbQUXYPcqfAG4No8Cv5ARCipjJYphQgfQr5loZFdiSNYIcv8j8eCq_Ex1s1ST94Mz47qfvx5Mt_8Yx7D5mlFXHgkBW89KVMjING5El_im3qemsQlbmZK2Fu97eDgJG3IBTmPhlPKuIGlndYqVNuZG7JW8G4AlwCdp61GchCBvYS9NJB091Z7ICvK0soOk5lbc6zQLUR_DoWHN1NwoC1HZOuQnfPJ3CpuTvCa8MLNXG_GsEwfHM2bA3nKStyiE_UDgBTSQKobnNGsb0V5vZ92PNfXn_pP78TU3X1buXbo4CSQ_Xjb2T7M-pZuvP-c_EbzN4BlrKlDy1fcDUp4gCtYMXLApnKSruh46VUw8QcX123oXcxudaUHObTOFzuLWyDxeq1kPjodq2RNfIhPXKEpx4jScONBhUn_tG4CDOX3oUmKjyevYd5bQc-qIXue9punY8zxw==&nojs=0&ix=0&t=0&x=1600&y=1200&wcks=1&wgl=1&cnvs=1&os=0&md=0&bb=0&pl=Chrome%20PDF%20Plugin::Chrome%20PDF%20Viewer::Native%20Client&lang=en-US&pf=Linux%20x86_64&cd=24&0&pload=100
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
45.133.44.3 Philadelphia, United States, ASN39572 (ADVANCEDHOSTERS-AS, NL),
Reverse DNS
Software
nginx/1.18.0 /
Resource Hash
dccc56b4834577790633f041a5c730b0f283352e63c8509a9da3961b170b6f96

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36
Accept-Language
nl-NL,nl;q=0.9

Response headers

date
Fri, 03 Dec 2021 16:23:07 GMT
content-type
text/html; charset=utf-8
content-length
6611
server
nginx/1.18.0
last-modified
Tue, 26 Oct 2021 15:52:40 GMT
etag
f46a63e0e4e733d7ddc6f46da00863bf
x-timestamp
1635263559.76455
x-trans-id
txf9973ab5455e4f86ae257-00617824f3
x-openstack-request-id
txf9973ab5455e4f86ae257-00617824f3
cache-control
max-age=172800
access-control-allow-origin
*
access-control-allow-methods
HEAD,GET,POST,PUT,PATCH,DELETE,OPTIONS
access-control-allow-headers
Content-Type,X-Requested-With,X-Auth-Token,X-Openstack-Request-Id,X-Container-Meta-type,X-Container-Meta-Temp-URL-Key,Authorization
access-control-expose-headers
X-Container-Meta-Temp-Url-Key,X-Container-Bytes-Used,Last-Modified,X-Timestamp
expires
Sun, 05 Dec 2021 16:23:07 GMT
vary
Accept-Encoding
x-proxy-cache
HIT
accept-ranges
bytes
dupa.gif
kneeansweras.com/ 		0
0
script.js
123.selornews.com/dannig/common-player-arrow/ 		4 KB
5 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://123.selornews.com/dannig/common-player-arrow/script.js?a=19
Requested by
Host: 517s61.reminews.com
URL: https://517s61.reminews.com/dannig/common-player-arrow/index.html?var=1541502&ymid=21120311235d438d80f81c428e8c8199c938&rc=1&mrc=0&fsc=0&zoneid=1601571&tburl=https://play-vids.com/?geo=nl&proxy=true
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
45.133.44.4 Philadelphia, United States, ASN39572 (ADVANCEDHOSTERS-AS, NL),
Reverse DNS
Software
nginx/1.18.0 /
Resource Hash
4d23eca65ee87fd5bce9aaefc863c5f836ad13dbb3069c72533bddfe2054d0d9

Request headers

Accept-Language
nl-NL,nl;q=0.9
Referer
https://517s61.reminews.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date
Fri, 03 Dec 2021 16:23:07 GMT
x-openstack-request-id
tx511d3042704c4fa98c709-00617824f4
x-trans-id
tx511d3042704c4fa98c709-00617824f4
x-timestamp
1631013005.68768
accept-ranges
bytes
expires
Sun, 05 Dec 2021 16:23:07 GMT
last-modified
Tue, 07 Sep 2021 11:10:06 GMT
server
nginx/1.18.0
etag
9d479878f1dadd7ee15cebf73891e8ae
vary
Accept-Encoding
access-control-allow-methods
HEAD,GET,POST,PUT,PATCH,DELETE,OPTIONS
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
access-control-expose-headers
X-Container-Meta-Temp-Url-Key,X-Container-Bytes-Used,Last-Modified,X-Timestamp
cache-control
max-age=172800
content-length
4281
access-control-allow-headers
Content-Type,X-Requested-With,X-Auth-Token,X-Openstack-Request-Id,X-Container-Meta-type,X-Container-Meta-Temp-URL-Key,Authorization
x-proxy-cache
HIT
icon1.png
123.selornews.com/dannig/common-player-arrow/img/ 		7 KB
8 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://123.selornews.com/dannig/common-player-arrow/img/icon1.png
Requested by
Host: 517s61.reminews.com
URL: https://517s61.reminews.com/dannig/common-player-arrow/index.html?var=1541502&ymid=21120311235d438d80f81c428e8c8199c938&rc=1&mrc=0&fsc=0&zoneid=1601571&tburl=https://play-vids.com/?geo=nl&proxy=true
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
45.133.44.4 Philadelphia, United States, ASN39572 (ADVANCEDHOSTERS-AS, NL),
Reverse DNS
Software
nginx/1.18.0 /
Resource Hash

Request headers

Accept-Language
nl-NL,nl;q=0.9
Referer
https://517s61.reminews.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date
Fri, 03 Dec 2021 16:23:07 GMT
x-openstack-request-id
tx3a371b7f911d47879e956-00617824f4
x-trans-id
tx3a371b7f911d47879e956-00617824f4
x-timestamp
1621260766.56573
accept-ranges
bytes
expires
Sun, 05 Dec 2021 16:23:07 GMT
last-modified
Mon, 17 May 2021 14:12:47 GMT
server
nginx/1.18.0
etag
3d0ab5834c8bf7134e4d21fa3288317f
vary
Accept-Encoding
access-control-allow-methods
HEAD,GET,POST,PUT,PATCH,DELETE,OPTIONS
content-type
image/png
access-control-allow-origin
*
access-control-expose-headers
X-Container-Meta-Temp-Url-Key,X-Container-Bytes-Used,Last-Modified,X-Timestamp
cache-control
max-age=172800
content-length
7252
access-control-allow-headers
Content-Type,X-Requested-With,X-Auth-Token,X-Openstack-Request-Id,X-Container-Meta-type,X-Container-Meta-Temp-URL-Key,Authorization
x-proxy-cache
HIT
icon2.png
123.selornews.com/dannig/common-player-arrow/img/ 		4 KB
5 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://123.selornews.com/dannig/common-player-arrow/img/icon2.png
Requested by
Host: 517s61.reminews.com
URL: https://517s61.reminews.com/dannig/common-player-arrow/index.html?var=1541502&ymid=21120311235d438d80f81c428e8c8199c938&rc=1&mrc=0&fsc=0&zoneid=1601571&tburl=https://play-vids.com/?geo=nl&proxy=true
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
45.133.44.4 Philadelphia, United States, ASN39572 (ADVANCEDHOSTERS-AS, NL),
Reverse DNS
Software
nginx/1.18.0 /
Resource Hash

Request headers

Accept-Language
nl-NL,nl;q=0.9
Referer
https://517s61.reminews.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date
Fri, 03 Dec 2021 16:23:07 GMT
x-openstack-request-id
txa9b08c83d6884e2e94886-00617824f0
x-trans-id
txa9b08c83d6884e2e94886-00617824f0
x-timestamp
1621260766.58366
accept-ranges
bytes
expires
Sun, 05 Dec 2021 16:23:07 GMT
last-modified
Mon, 17 May 2021 14:12:47 GMT
server
nginx/1.18.0
etag
c947d439eb93367f1af5b2a3d222f057
vary
Accept-Encoding
access-control-allow-methods
HEAD,GET,POST,PUT,PATCH,DELETE,OPTIONS
content-type
image/png
access-control-allow-origin
*
access-control-expose-headers
X-Container-Meta-Temp-Url-Key,X-Container-Bytes-Used,Last-Modified,X-Timestamp
cache-control
max-age=172800
content-length
4576
access-control-allow-headers
Content-Type,X-Requested-With,X-Auth-Token,X-Openstack-Request-Id,X-Container-Meta-type,X-Container-Meta-Temp-URL-Key,Authorization
x-proxy-cache
HIT
icon3.png
123.selornews.com/dannig/common-player-arrow/img/ 		8 KB
8 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://123.selornews.com/dannig/common-player-arrow/img/icon3.png
Requested by
Host: 517s61.reminews.com
URL: https://517s61.reminews.com/dannig/common-player-arrow/index.html?var=1541502&ymid=21120311235d438d80f81c428e8c8199c938&rc=1&mrc=0&fsc=0&zoneid=1601571&tburl=https://play-vids.com/?geo=nl&proxy=true
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
45.133.44.4 Philadelphia, United States, ASN39572 (ADVANCEDHOSTERS-AS, NL),
Reverse DNS
Software
nginx/1.18.0 /
Resource Hash

Request headers

Accept-Language
nl-NL,nl;q=0.9
Referer
https://517s61.reminews.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date
Fri, 03 Dec 2021 16:23:07 GMT
x-openstack-request-id
txe836bc800dc74cab8c17e-00617824f0
x-trans-id
txe836bc800dc74cab8c17e-00617824f0
x-timestamp
1621260770.61859
accept-ranges
bytes
expires
Sun, 05 Dec 2021 16:23:07 GMT
last-modified
Mon, 17 May 2021 14:12:51 GMT
server
nginx/1.18.0
etag
8f3cc830da0b1fdf66bda7d1d734747b
vary
Accept-Encoding
access-control-allow-methods
HEAD,GET,POST,PUT,PATCH,DELETE,OPTIONS
content-type
image/png
access-control-allow-origin
*
access-control-expose-headers
X-Container-Meta-Temp-Url-Key,X-Container-Bytes-Used,Last-Modified,X-Timestamp
cache-control
max-age=172800
content-length
7847
access-control-allow-headers
Content-Type,X-Requested-With,X-Auth-Token,X-Openstack-Request-Id,X-Container-Meta-type,X-Container-Meta-Temp-URL-Key,Authorization
x-proxy-cache
HIT
icon4.png
123.selornews.com/dannig/common-player-arrow/img/ 		7 KB
7 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://123.selornews.com/dannig/common-player-arrow/img/icon4.png
Requested by
Host: 517s61.reminews.com
URL: https://517s61.reminews.com/dannig/common-player-arrow/index.html?var=1541502&ymid=21120311235d438d80f81c428e8c8199c938&rc=1&mrc=0&fsc=0&zoneid=1601571&tburl=https://play-vids.com/?geo=nl&proxy=true
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
45.133.44.4 Philadelphia, United States, ASN39572 (ADVANCEDHOSTERS-AS, NL),
Reverse DNS
Software
nginx/1.18.0 /
Resource Hash

Request headers

Accept-Language
nl-NL,nl;q=0.9
Referer
https://517s61.reminews.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date
Fri, 03 Dec 2021 16:23:07 GMT
x-openstack-request-id
tx15b172dcb6084849bf123-00617824f0
x-trans-id
tx15b172dcb6084849bf123-00617824f0
x-timestamp
1621260766.57654
accept-ranges
bytes
expires
Sun, 05 Dec 2021 16:23:07 GMT
last-modified
Mon, 17 May 2021 14:12:47 GMT
server
nginx/1.18.0
etag
7ad7f32c1c0df7b4975cc41bda4ac435
vary
Accept-Encoding
access-control-allow-methods
HEAD,GET,POST,PUT,PATCH,DELETE,OPTIONS
content-type
image/png
access-control-allow-origin
*
access-control-expose-headers
X-Container-Meta-Temp-Url-Key,X-Container-Bytes-Used,Last-Modified,X-Timestamp
cache-control
max-age=172800
content-length
7032
access-control-allow-headers
Content-Type,X-Requested-With,X-Auth-Token,X-Openstack-Request-Id,X-Container-Meta-type,X-Container-Meta-Temp-URL-Key,Authorization
x-proxy-cache
HIT
icon5.png
123.selornews.com/dannig/common-player-arrow/img/ 		3 KB
4 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://123.selornews.com/dannig/common-player-arrow/img/icon5.png
Requested by
Host: 517s61.reminews.com
URL: https://517s61.reminews.com/dannig/common-player-arrow/index.html?var=1541502&ymid=21120311235d438d80f81c428e8c8199c938&rc=1&mrc=0&fsc=0&zoneid=1601571&tburl=https://play-vids.com/?geo=nl&proxy=true
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
45.133.44.4 Philadelphia, United States, ASN39572 (ADVANCEDHOSTERS-AS, NL),
Reverse DNS
Software
nginx/1.18.0 /
Resource Hash

Request headers

Accept-Language
nl-NL,nl;q=0.9
Referer
https://517s61.reminews.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date
Fri, 03 Dec 2021 16:23:07 GMT
x-openstack-request-id
txb5043e51fe2e4d6988631-00617824f0
x-trans-id
txb5043e51fe2e4d6988631-00617824f0
x-timestamp
1621260766.74516
accept-ranges
bytes
expires
Sun, 05 Dec 2021 16:23:07 GMT
last-modified
Mon, 17 May 2021 14:12:47 GMT
server
nginx/1.18.0
etag
1e1a7582b5da63e10485d63f97abc9a0
vary
Accept-Encoding
access-control-allow-methods
HEAD,GET,POST,PUT,PATCH,DELETE,OPTIONS
content-type
image/png
access-control-allow-origin
*
access-control-expose-headers
X-Container-Meta-Temp-Url-Key,X-Container-Bytes-Used,Last-Modified,X-Timestamp
cache-control
max-age=172800
content-length
3264
access-control-allow-headers
Content-Type,X-Requested-With,X-Auth-Token,X-Openstack-Request-Id,X-Container-Meta-type,X-Container-Meta-Temp-URL-Key,Authorization
x-proxy-cache
HIT
icon7.png
123.selornews.com/dannig/common-player-arrow/img/ 		3 KB
4 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://123.selornews.com/dannig/common-player-arrow/img/icon7.png
Requested by
Host: 517s61.reminews.com
URL: https://517s61.reminews.com/dannig/common-player-arrow/index.html?var=1541502&ymid=21120311235d438d80f81c428e8c8199c938&rc=1&mrc=0&fsc=0&zoneid=1601571&tburl=https://play-vids.com/?geo=nl&proxy=true
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
45.133.44.4 Philadelphia, United States, ASN39572 (ADVANCEDHOSTERS-AS, NL),
Reverse DNS
Software
nginx/1.18.0 /
Resource Hash

Request headers

Accept-Language
nl-NL,nl;q=0.9
Referer
https://517s61.reminews.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date
Fri, 03 Dec 2021 16:23:07 GMT
x-openstack-request-id
tx23eb648f44094a9e86fdc-00617824f0
x-trans-id
tx23eb648f44094a9e86fdc-00617824f0
x-timestamp
1621260767.43555
accept-ranges
bytes
expires
Sun, 05 Dec 2021 16:23:07 GMT
last-modified
Mon, 17 May 2021 14:12:48 GMT
server
nginx/1.18.0
etag
b512735542cb07b3b2dcf153a7dfe456
vary
Accept-Encoding
access-control-allow-methods
HEAD,GET,POST,PUT,PATCH,DELETE,OPTIONS
content-type
image/png
access-control-allow-origin
*
access-control-expose-headers
X-Container-Meta-Temp-Url-Key,X-Container-Bytes-Used,Last-Modified,X-Timestamp
cache-control
max-age=172800
content-length
3283
access-control-allow-headers
Content-Type,X-Requested-With,X-Auth-Token,X-Openstack-Request-Id,X-Container-Meta-type,X-Container-Meta-Temp-URL-Key,Authorization
x-proxy-cache
HIT
icon8.png
123.selornews.com/dannig/common-player-arrow/img/ 		4 KB
5 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://123.selornews.com/dannig/common-player-arrow/img/icon8.png
Requested by
Host: 517s61.reminews.com
URL: https://517s61.reminews.com/dannig/common-player-arrow/index.html?var=1541502&ymid=21120311235d438d80f81c428e8c8199c938&rc=1&mrc=0&fsc=0&zoneid=1601571&tburl=https://play-vids.com/?geo=nl&proxy=true
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
45.133.44.4 Philadelphia, United States, ASN39572 (ADVANCEDHOSTERS-AS, NL),
Reverse DNS
Software
nginx/1.18.0 /
Resource Hash

Request headers

Accept-Language
nl-NL,nl;q=0.9
Referer
https://517s61.reminews.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date
Fri, 03 Dec 2021 16:23:07 GMT
x-openstack-request-id
tx287de7c84de84b77b385d-00617824f0
x-trans-id
tx287de7c84de84b77b385d-00617824f0
x-timestamp
1621260767.46514
accept-ranges
bytes
expires
Sun, 05 Dec 2021 16:23:07 GMT
last-modified
Mon, 17 May 2021 14:12:48 GMT
server
nginx/1.18.0
etag
f92d6474ebc6a3a0b576749cfb4afe98
vary
Accept-Encoding
access-control-allow-methods
HEAD,GET,POST,PUT,PATCH,DELETE,OPTIONS
content-type
image/png
access-control-allow-origin
*
access-control-expose-headers
X-Container-Meta-Temp-Url-Key,X-Container-Bytes-Used,Last-Modified,X-Timestamp
cache-control
max-age=172800
content-length
4064
access-control-allow-headers
Content-Type,X-Requested-With,X-Auth-Token,X-Openstack-Request-Id,X-Container-Meta-type,X-Container-Meta-Temp-URL-Key,Authorization
x-proxy-cache
HIT
afu.php
kneeansweras.com/ 		2 KB
1 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://kneeansweras.com/afu.php?zoneid=1541501&var=1541502
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
109.206.162.83 , Netherlands, ASN50245 (SERVEREL-AS, NL),
Reverse DNS
83.162.serverel.net
Software
nginx /
Resource Hash
31ba58761ec6e70b2f57893b9cdc9a52c47a829c8221ef99cc4bc603aa6eff92

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36
Accept-Language
nl-NL,nl;q=0.9

Response headers

server
nginx
date
Fri, 03 Dec 2021 16:23:07 GMT
content-type
text/html; charset=utf-8
vary
Accept-Encoding
content-encoding
gzip
timing-allow-origin
*
submit.min.js
kneeansweras.com/ 		34 KB
14 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://kneeansweras.com/submit.min.js?2.0
Requested by
Host: kneeansweras.com
URL: https://kneeansweras.com/afu.php?zoneid=1541501&var=1541502
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
109.206.162.83 , Netherlands, ASN50245 (SERVEREL-AS, NL),
Reverse DNS
83.162.serverel.net
Software
nginx /
Resource Hash
85a367f436675a0f9ff723ab117c68ab0f704cd9f183bc40c8d5e06d647832b8

Request headers

Accept-Language
nl-NL,nl;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date
Fri, 03 Dec 2021 16:23:07 GMT
content-encoding
gzip
last-modified
Thu, 02 Dec 2021 12:43:17 GMT
server
nginx
etag
W/"61a8bf65-87fb"
vary
Accept-Encoding
content-type
application/javascript
timing-allow-origin
*
/
kneeansweras.com/ 		3 KB
2 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://kneeansweras.com/?r=dir&zoneid=1541501&var=1541502&pb=69b5eb3d0a49ed1ec2673bbfd6730df51638555787&psp=xFIvhIuh9tv1JdJvPXmm0CZPbeINiILGMQZlW9M4HRNVCpxsgVdJ8SUWpczD5F9wN9pjjbvCHNpcOHbLwbQ8NxYFjLvlR8x7-e6jwCSuc7YSjVl9QDlCuTUCVsKv8TWB7h5_go042ocRb0xwvaElU20yLtrgN49K18pDWHai6DUX3KGHrP4iN0K46X5q89riaazhnSrH7xYgEzeQNXNHuFEvrux6H6sjX6bvY_gxkvzdxDxu6JbDCsqN7aLcRNsIj0Mv9W_xx8uum-x5IOkApEL5bT4Xd82swdgzKtiaL-_7Gz4Y5bRnMkvqvojx709Qj5GtK8uR9S-POKHcETanpb7hfGFBQn37Z9T5Pse6jc6GkeZOPmXfmz70Q2TfBBT_lNOU6e7LoI_nTDPXZlzSoFxvmPPGnZ8z8n8worbPyi3M4I5yUA5kMXDYm21xDdQOxV2ARqWGalAxoKZwMT-ke3Czll6mAP--6eYtgL824IOuKN0PhNALYHw60AsDLy1QL_KHruSBjbTltQNEu5Rvx1tx70gMByFOqldRJffR-Y-Rn5cJLFaZXnWrRy6KGvPlNsas429Tg0FG6c3WbxNyR2WEHQU9V_44U8vKqFmkBwwcDkecZrEeJ197Qt50dNbmKnYtU8E0zhFUFtEJw5S7DPoTAQaMOSUZ6ueb26yzY__ic49lEkvPiQ==&nojs=0&ix=0&t=0&x=1600&y=1200&wcks=1&wgl=1&cnvs=1&os=0&md=0&bb=0&pl=Chrome%20PDF%20Plugin::Chrome%20PDF%20Viewer::Native%20Client&lang=en-US&pf=Linux%20x86_64&cd=24&0&pload=101
Requested by
Host: kneeansweras.com
URL: https://kneeansweras.com/submit.min.js?2.0
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
109.206.162.83 , Netherlands, ASN50245 (SERVEREL-AS, NL),
Reverse DNS
83.162.serverel.net
Software
nginx /
Resource Hash
d8701aac87c85c2c80714ede9b0d938b9c17fe6794a18aeacd9201cdf44c9093

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36
Accept-Language
nl-NL,nl;q=0.9

Response headers

server
nginx
date
Fri, 03 Dec 2021 16:23:07 GMT
content-type
text/html; charset=utf-8
vary
Accept-Encoding
content-encoding
gzip
timing-allow-origin
*
index.html
517s61.reminews.com/dannig/common-player-arrow/ 		6 KB
7 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://517s61.reminews.com/dannig/common-player-arrow/index.html?var=1541501&ymid=2112031123230b3a09fecd419587192fd9c8&rc=1&mrc=0&fsc=0&zoneid=1601571&tburl=https://play-vids.com/?geo=nl&proxy=true
Requested by
Host: kneeansweras.com
URL: https://kneeansweras.com/?r=dir&zoneid=1541501&var=1541502&pb=69b5eb3d0a49ed1ec2673bbfd6730df51638555787&psp=xFIvhIuh9tv1JdJvPXmm0CZPbeINiILGMQZlW9M4HRNVCpxsgVdJ8SUWpczD5F9wN9pjjbvCHNpcOHbLwbQ8NxYFjLvlR8x7-e6jwCSuc7YSjVl9QDlCuTUCVsKv8TWB7h5_go042ocRb0xwvaElU20yLtrgN49K18pDWHai6DUX3KGHrP4iN0K46X5q89riaazhnSrH7xYgEzeQNXNHuFEvrux6H6sjX6bvY_gxkvzdxDxu6JbDCsqN7aLcRNsIj0Mv9W_xx8uum-x5IOkApEL5bT4Xd82swdgzKtiaL-_7Gz4Y5bRnMkvqvojx709Qj5GtK8uR9S-POKHcETanpb7hfGFBQn37Z9T5Pse6jc6GkeZOPmXfmz70Q2TfBBT_lNOU6e7LoI_nTDPXZlzSoFxvmPPGnZ8z8n8worbPyi3M4I5yUA5kMXDYm21xDdQOxV2ARqWGalAxoKZwMT-ke3Czll6mAP--6eYtgL824IOuKN0PhNALYHw60AsDLy1QL_KHruSBjbTltQNEu5Rvx1tx70gMByFOqldRJffR-Y-Rn5cJLFaZXnWrRy6KGvPlNsas429Tg0FG6c3WbxNyR2WEHQU9V_44U8vKqFmkBwwcDkecZrEeJ197Qt50dNbmKnYtU8E0zhFUFtEJw5S7DPoTAQaMOSUZ6ueb26yzY__ic49lEkvPiQ==&nojs=0&ix=0&t=0&x=1600&y=1200&wcks=1&wgl=1&cnvs=1&os=0&md=0&bb=0&pl=Chrome%20PDF%20Plugin::Chrome%20PDF%20Viewer::Native%20Client&lang=en-US&pf=Linux%20x86_64&cd=24&0&pload=101
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
45.133.44.3 Philadelphia, United States, ASN39572 (ADVANCEDHOSTERS-AS, NL),
Reverse DNS
Software
nginx/1.18.0 /
Resource Hash
dccc56b4834577790633f041a5c730b0f283352e63c8509a9da3961b170b6f96

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36
Accept-Language
nl-NL,nl;q=0.9

Response headers

date
Fri, 03 Dec 2021 16:23:07 GMT
content-type
text/html; charset=utf-8
content-length
6611
server
nginx/1.18.0
last-modified
Tue, 26 Oct 2021 15:52:40 GMT
etag
f46a63e0e4e733d7ddc6f46da00863bf
x-timestamp
1635263559.76455
x-trans-id
txf9973ab5455e4f86ae257-00617824f3
x-openstack-request-id
txf9973ab5455e4f86ae257-00617824f3
cache-control
max-age=172800
access-control-allow-origin
*
access-control-allow-methods
HEAD,GET,POST,PUT,PATCH,DELETE,OPTIONS
access-control-allow-headers
Content-Type,X-Requested-With,X-Auth-Token,X-Openstack-Request-Id,X-Container-Meta-type,X-Container-Meta-Temp-URL-Key,Authorization
access-control-expose-headers
X-Container-Meta-Temp-Url-Key,X-Container-Bytes-Used,Last-Modified,X-Timestamp
expires
Sun, 05 Dec 2021 16:23:07 GMT
vary
Accept-Encoding
x-proxy-cache
HIT
accept-ranges
bytes
dupa.gif
kneeansweras.com/ 		0
0
script.js
123.selornews.com/dannig/common-player-arrow/ 		4 KB
5 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://123.selornews.com/dannig/common-player-arrow/script.js?a=19
Requested by
Host: 517s61.reminews.com
URL: https://517s61.reminews.com/dannig/common-player-arrow/index.html?var=1541501&ymid=2112031123230b3a09fecd419587192fd9c8&rc=1&mrc=0&fsc=0&zoneid=1601571&tburl=https://play-vids.com/?geo=nl&proxy=true
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
45.133.44.4 Philadelphia, United States, ASN39572 (ADVANCEDHOSTERS-AS, NL),
Reverse DNS
Software
nginx/1.18.0 /
Resource Hash
4d23eca65ee87fd5bce9aaefc863c5f836ad13dbb3069c72533bddfe2054d0d9

Request headers

Accept-Language
nl-NL,nl;q=0.9
Referer
https://517s61.reminews.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date
Fri, 03 Dec 2021 16:23:07 GMT
x-openstack-request-id
tx511d3042704c4fa98c709-00617824f4
x-trans-id
tx511d3042704c4fa98c709-00617824f4
x-timestamp
1631013005.68768
accept-ranges
bytes
expires
Sun, 05 Dec 2021 16:23:07 GMT
last-modified
Tue, 07 Sep 2021 11:10:06 GMT
server
nginx/1.18.0
etag
9d479878f1dadd7ee15cebf73891e8ae
vary
Accept-Encoding
access-control-allow-methods
HEAD,GET,POST,PUT,PATCH,DELETE,OPTIONS
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
access-control-expose-headers
X-Container-Meta-Temp-Url-Key,X-Container-Bytes-Used,Last-Modified,X-Timestamp
cache-control
max-age=172800
content-length
4281
access-control-allow-headers
Content-Type,X-Requested-With,X-Auth-Token,X-Openstack-Request-Id,X-Container-Meta-type,X-Container-Meta-Temp-URL-Key,Authorization
x-proxy-cache
HIT
icon1.png
123.selornews.com/dannig/common-player-arrow/img/ 		7 KB
8 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://123.selornews.com/dannig/common-player-arrow/img/icon1.png
Requested by
Host: 517s61.reminews.com
URL: https://517s61.reminews.com/dannig/common-player-arrow/index.html?var=1541501&ymid=2112031123230b3a09fecd419587192fd9c8&rc=1&mrc=0&fsc=0&zoneid=1601571&tburl=https://play-vids.com/?geo=nl&proxy=true
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
45.133.44.4 Philadelphia, United States, ASN39572 (ADVANCEDHOSTERS-AS, NL),
Reverse DNS
Software
nginx/1.18.0 /
Resource Hash
0515ddd9185d263874e7b66bb6d521fcd63b857aac5fed51c08df98026dafe27

Request headers

Accept-Language
nl-NL,nl;q=0.9
Referer
https://517s61.reminews.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date
Fri, 03 Dec 2021 16:23:07 GMT
x-openstack-request-id
tx3a371b7f911d47879e956-00617824f4
x-trans-id
tx3a371b7f911d47879e956-00617824f4
x-timestamp
1621260766.56573
accept-ranges
bytes
expires
Sun, 05 Dec 2021 16:23:07 GMT
last-modified
Mon, 17 May 2021 14:12:47 GMT
server
nginx/1.18.0
etag
3d0ab5834c8bf7134e4d21fa3288317f
vary
Accept-Encoding
access-control-allow-methods
HEAD,GET,POST,PUT,PATCH,DELETE,OPTIONS
content-type
image/png
access-control-allow-origin
*
access-control-expose-headers
X-Container-Meta-Temp-Url-Key,X-Container-Bytes-Used,Last-Modified,X-Timestamp
cache-control
max-age=172800
content-length
7252
access-control-allow-headers
Content-Type,X-Requested-With,X-Auth-Token,X-Openstack-Request-Id,X-Container-Meta-type,X-Container-Meta-Temp-URL-Key,Authorization
x-proxy-cache
HIT
icon2.png
123.selornews.com/dannig/common-player-arrow/img/ 		4 KB
5 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://123.selornews.com/dannig/common-player-arrow/img/icon2.png
Requested by
Host: 517s61.reminews.com
URL: https://517s61.reminews.com/dannig/common-player-arrow/index.html?var=1541501&ymid=2112031123230b3a09fecd419587192fd9c8&rc=1&mrc=0&fsc=0&zoneid=1601571&tburl=https://play-vids.com/?geo=nl&proxy=true
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
45.133.44.4 Philadelphia, United States, ASN39572 (ADVANCEDHOSTERS-AS, NL),
Reverse DNS
Software
nginx/1.18.0 /
Resource Hash

Request headers

Accept-Language
nl-NL,nl;q=0.9
Referer
https://517s61.reminews.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date
Fri, 03 Dec 2021 16:23:07 GMT
x-openstack-request-id
txa9b08c83d6884e2e94886-00617824f0
x-trans-id
txa9b08c83d6884e2e94886-00617824f0
x-timestamp
1621260766.58366
accept-ranges
bytes
expires
Sun, 05 Dec 2021 16:23:07 GMT
last-modified
Mon, 17 May 2021 14:12:47 GMT
server
nginx/1.18.0
etag
c947d439eb93367f1af5b2a3d222f057
vary
Accept-Encoding
access-control-allow-methods
HEAD,GET,POST,PUT,PATCH,DELETE,OPTIONS
content-type
image/png
access-control-allow-origin
*
access-control-expose-headers
X-Container-Meta-Temp-Url-Key,X-Container-Bytes-Used,Last-Modified,X-Timestamp
cache-control
max-age=172800
content-length
4576
access-control-allow-headers
Content-Type,X-Requested-With,X-Auth-Token,X-Openstack-Request-Id,X-Container-Meta-type,X-Container-Meta-Temp-URL-Key,Authorization
x-proxy-cache
HIT
icon3.png
123.selornews.com/dannig/common-player-arrow/img/ 		8 KB
8 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://123.selornews.com/dannig/common-player-arrow/img/icon3.png
Requested by
Host: 517s61.reminews.com
URL: https://517s61.reminews.com/dannig/common-player-arrow/index.html?var=1541501&ymid=2112031123230b3a09fecd419587192fd9c8&rc=1&mrc=0&fsc=0&zoneid=1601571&tburl=https://play-vids.com/?geo=nl&proxy=true
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
45.133.44.4 Philadelphia, United States, ASN39572 (ADVANCEDHOSTERS-AS, NL),
Reverse DNS
Software
nginx/1.18.0 /
Resource Hash

Request headers

Accept-Language
nl-NL,nl;q=0.9
Referer
https://517s61.reminews.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date
Fri, 03 Dec 2021 16:23:07 GMT
x-openstack-request-id
txe836bc800dc74cab8c17e-00617824f0
x-trans-id
txe836bc800dc74cab8c17e-00617824f0
x-timestamp
1621260770.61859
accept-ranges
bytes
expires
Sun, 05 Dec 2021 16:23:07 GMT
last-modified
Mon, 17 May 2021 14:12:51 GMT
server
nginx/1.18.0
etag
8f3cc830da0b1fdf66bda7d1d734747b
vary
Accept-Encoding
access-control-allow-methods
HEAD,GET,POST,PUT,PATCH,DELETE,OPTIONS
content-type
image/png
access-control-allow-origin
*
access-control-expose-headers
X-Container-Meta-Temp-Url-Key,X-Container-Bytes-Used,Last-Modified,X-Timestamp
cache-control
max-age=172800
content-length
7847
access-control-allow-headers
Content-Type,X-Requested-With,X-Auth-Token,X-Openstack-Request-Id,X-Container-Meta-type,X-Container-Meta-Temp-URL-Key,Authorization
x-proxy-cache
HIT
icon4.png
123.selornews.com/dannig/common-player-arrow/img/ 		7 KB
7 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://123.selornews.com/dannig/common-player-arrow/img/icon4.png
Requested by
Host: 517s61.reminews.com
URL: https://517s61.reminews.com/dannig/common-player-arrow/index.html?var=1541501&ymid=2112031123230b3a09fecd419587192fd9c8&rc=1&mrc=0&fsc=0&zoneid=1601571&tburl=https://play-vids.com/?geo=nl&proxy=true
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
45.133.44.4 Philadelphia, United States, ASN39572 (ADVANCEDHOSTERS-AS, NL),
Reverse DNS
Software
nginx/1.18.0 /
Resource Hash

Request headers

Accept-Language
nl-NL,nl;q=0.9
Referer
https://517s61.reminews.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date
Fri, 03 Dec 2021 16:23:07 GMT
x-openstack-request-id
tx15b172dcb6084849bf123-00617824f0
x-trans-id
tx15b172dcb6084849bf123-00617824f0
x-timestamp
1621260766.57654
accept-ranges
bytes
expires
Sun, 05 Dec 2021 16:23:07 GMT
last-modified
Mon, 17 May 2021 14:12:47 GMT
server
nginx/1.18.0
etag
7ad7f32c1c0df7b4975cc41bda4ac435
vary
Accept-Encoding
access-control-allow-methods
HEAD,GET,POST,PUT,PATCH,DELETE,OPTIONS
content-type
image/png
access-control-allow-origin
*
access-control-expose-headers
X-Container-Meta-Temp-Url-Key,X-Container-Bytes-Used,Last-Modified,X-Timestamp
cache-control
max-age=172800
content-length
7032
access-control-allow-headers
Content-Type,X-Requested-With,X-Auth-Token,X-Openstack-Request-Id,X-Container-Meta-type,X-Container-Meta-Temp-URL-Key,Authorization
x-proxy-cache
HIT
icon5.png
123.selornews.com/dannig/common-player-arrow/img/ 		3 KB
4 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://123.selornews.com/dannig/common-player-arrow/img/icon5.png
Requested by
Host: 517s61.reminews.com
URL: https://517s61.reminews.com/dannig/common-player-arrow/index.html?var=1541501&ymid=2112031123230b3a09fecd419587192fd9c8&rc=1&mrc=0&fsc=0&zoneid=1601571&tburl=https://play-vids.com/?geo=nl&proxy=true
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
45.133.44.4 Philadelphia, United States, ASN39572 (ADVANCEDHOSTERS-AS, NL),
Reverse DNS
Software
nginx/1.18.0 /
Resource Hash

Request headers

Accept-Language
nl-NL,nl;q=0.9
Referer
https://517s61.reminews.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date
Fri, 03 Dec 2021 16:23:07 GMT
x-openstack-request-id
txb5043e51fe2e4d6988631-00617824f0
x-trans-id
txb5043e51fe2e4d6988631-00617824f0
x-timestamp
1621260766.74516
accept-ranges
bytes
expires
Sun, 05 Dec 2021 16:23:07 GMT
last-modified
Mon, 17 May 2021 14:12:47 GMT
server
nginx/1.18.0
etag
1e1a7582b5da63e10485d63f97abc9a0
vary
Accept-Encoding
access-control-allow-methods
HEAD,GET,POST,PUT,PATCH,DELETE,OPTIONS
content-type
image/png
access-control-allow-origin
*
access-control-expose-headers
X-Container-Meta-Temp-Url-Key,X-Container-Bytes-Used,Last-Modified,X-Timestamp
cache-control
max-age=172800
content-length
3264
access-control-allow-headers
Content-Type,X-Requested-With,X-Auth-Token,X-Openstack-Request-Id,X-Container-Meta-type,X-Container-Meta-Temp-URL-Key,Authorization
x-proxy-cache
HIT
icon7.png
123.selornews.com/dannig/common-player-arrow/img/ 		3 KB
4 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://123.selornews.com/dannig/common-player-arrow/img/icon7.png
Requested by
Host: 517s61.reminews.com
URL: https://517s61.reminews.com/dannig/common-player-arrow/index.html?var=1541501&ymid=2112031123230b3a09fecd419587192fd9c8&rc=1&mrc=0&fsc=0&zoneid=1601571&tburl=https://play-vids.com/?geo=nl&proxy=true
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
45.133.44.4 Philadelphia, United States, ASN39572 (ADVANCEDHOSTERS-AS, NL),
Reverse DNS
Software
nginx/1.18.0 /
Resource Hash

Request headers

Accept-Language
nl-NL,nl;q=0.9
Referer
https://517s61.reminews.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date
Fri, 03 Dec 2021 16:23:07 GMT
x-openstack-request-id
tx23eb648f44094a9e86fdc-00617824f0
x-trans-id
tx23eb648f44094a9e86fdc-00617824f0
x-timestamp
1621260767.43555
accept-ranges
bytes
expires
Sun, 05 Dec 2021 16:23:07 GMT
last-modified
Mon, 17 May 2021 14:12:48 GMT
server
nginx/1.18.0
etag
b512735542cb07b3b2dcf153a7dfe456
vary
Accept-Encoding
access-control-allow-methods
HEAD,GET,POST,PUT,PATCH,DELETE,OPTIONS
content-type
image/png
access-control-allow-origin
*
access-control-expose-headers
X-Container-Meta-Temp-Url-Key,X-Container-Bytes-Used,Last-Modified,X-Timestamp
cache-control
max-age=172800
content-length
3283
access-control-allow-headers
Content-Type,X-Requested-With,X-Auth-Token,X-Openstack-Request-Id,X-Container-Meta-type,X-Container-Meta-Temp-URL-Key,Authorization
x-proxy-cache
HIT
icon8.png
123.selornews.com/dannig/common-player-arrow/img/ 		4 KB
5 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://123.selornews.com/dannig/common-player-arrow/img/icon8.png
Requested by
Host: 517s61.reminews.com
URL: https://517s61.reminews.com/dannig/common-player-arrow/index.html?var=1541501&ymid=2112031123230b3a09fecd419587192fd9c8&rc=1&mrc=0&fsc=0&zoneid=1601571&tburl=https://play-vids.com/?geo=nl&proxy=true
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
45.133.44.4 Philadelphia, United States, ASN39572 (ADVANCEDHOSTERS-AS, NL),
Reverse DNS
Software
nginx/1.18.0 /
Resource Hash

Request headers

Accept-Language
nl-NL,nl;q=0.9
Referer
https://517s61.reminews.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date
Fri, 03 Dec 2021 16:23:07 GMT
x-openstack-request-id
tx287de7c84de84b77b385d-00617824f0
x-trans-id
tx287de7c84de84b77b385d-00617824f0
x-timestamp
1621260767.46514
accept-ranges
bytes
expires
Sun, 05 Dec 2021 16:23:07 GMT
last-modified
Mon, 17 May 2021 14:12:48 GMT
server
nginx/1.18.0
etag
f92d6474ebc6a3a0b576749cfb4afe98
vary
Accept-Encoding
access-control-allow-methods
HEAD,GET,POST,PUT,PATCH,DELETE,OPTIONS
content-type
image/png
access-control-allow-origin
*
access-control-expose-headers
X-Container-Meta-Temp-Url-Key,X-Container-Bytes-Used,Last-Modified,X-Timestamp
cache-control
max-age=172800
content-length
4064
access-control-allow-headers
Content-Type,X-Requested-With,X-Auth-Token,X-Openstack-Request-Id,X-Container-Meta-type,X-Container-Meta-Temp-URL-Key,Authorization
x-proxy-cache
HIT
afu.php
kneeansweras.com/ 		2 KB
1 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://kneeansweras.com/afu.php?zoneid=1541502&var=1541501
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
109.206.162.83 , Netherlands, ASN50245 (SERVEREL-AS, NL),
Reverse DNS
83.162.serverel.net
Software
nginx /
Resource Hash
4fbb54ed253147677d160e1f77a89e12cd617cd08fe26e1963fd5d375ec25748

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36
Accept-Language
nl-NL,nl;q=0.9

Response headers

server
nginx
date
Fri, 03 Dec 2021 16:23:07 GMT
content-type
text/html; charset=utf-8
vary
Accept-Encoding
content-encoding
gzip
timing-allow-origin
*
submit.min.js
kneeansweras.com/ 		34 KB
14 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://kneeansweras.com/submit.min.js?2.0
Requested by
Host: kneeansweras.com
URL: https://kneeansweras.com/afu.php?zoneid=1541502&var=1541501
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
109.206.162.83 , Netherlands, ASN50245 (SERVEREL-AS, NL),
Reverse DNS
83.162.serverel.net
Software
nginx /
Resource Hash
85a367f436675a0f9ff723ab117c68ab0f704cd9f183bc40c8d5e06d647832b8

Request headers

Accept-Language
nl-NL,nl;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date
Fri, 03 Dec 2021 16:23:07 GMT
content-encoding
gzip
last-modified
Thu, 02 Dec 2021 12:43:17 GMT
server
nginx
etag
W/"61a8bf65-87fb"
vary
Accept-Encoding
content-type
application/javascript
timing-allow-origin
*
/
kneeansweras.com/ 		3 KB
2 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://kneeansweras.com/?r=dir&zoneid=1541502&var=1541501&pb=69b5eb3d0a49ed1ec2673bbfd6730df51638555787&psp=A24uiwbcKO7sjwC4BhbtrlD-I6fpo47k-Y_Nw5XP-KBPU_2iJgyvFzt3UK1Yv401gqkYJXOUE2rpPNuFfz5pS9pCLkBPW5HFmY5apWj-JnBoH63dh1171_fAKJ1ZneZ3pyQuf9CfBnCXGvKdPmFirqj8M8sHziHo2Y4mBCjx86DvQ-ZYn5QFuZeave_lcZjYRtzDU1EyPUZecKvnQALu2aYtvNUv41iwJI1oedY7thHXWPQ-6xD6xGXrpEUEw6njS96jP5DNzGsiKniZiUJl9H4qtgyaMWaON_uAjvg5bglYhxFzuvmHzifdBKhXdd32qvTNB52gXh2lchjv1OxpdZj0zMBiXByk_YY3tE66VPDBGhVs--tBpjVcrtIcfOrV11KcqOM_hu6WMI7l16H9uU6qc3VQKYotu3gDhc0y187MXKNkG1opwD-u84XBN_y_k3xhQAYtrXGhRDHfh9a6AIfO3gnrwmYe-og2j1UMIARB5FW33y6X4OiXYzORS5-Dg108T_cbUO0ghAmSiumh6c5WZz9GruHTieGIO67O8jnMWYODI2dVgHo5Tvf_FAI6DI21xG9DYdH7kWjT9gGAefNbFrgCSBdHv4ctqmNK7QPusgswyS-jIcXeXZSx-MIrpsl0o8dFf0HA1MQbroqTPHA-WjiBxOgw59E7es2iCMBKUfqKzmxJEg==&nojs=0&ix=0&t=0&x=1600&y=1200&wcks=1&wgl=1&cnvs=1&os=0&md=0&bb=0&pl=Chrome%20PDF%20Plugin::Chrome%20PDF%20Viewer::Native%20Client&lang=en-US&pf=Linux%20x86_64&cd=24&0&pload=103
Requested by
Host: kneeansweras.com
URL: https://kneeansweras.com/submit.min.js?2.0
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
109.206.162.83 , Netherlands, ASN50245 (SERVEREL-AS, NL),
Reverse DNS
83.162.serverel.net
Software
nginx /
Resource Hash
90bfac81f1fa297e3e66bf89ae94a475d7585e77a241ba21700a43fae0f5fdb7

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36
Accept-Language
nl-NL,nl;q=0.9

Response headers

server
nginx
date
Fri, 03 Dec 2021 16:23:07 GMT
content-type
text/html; charset=utf-8
vary
Accept-Encoding
content-encoding
gzip
timing-allow-origin
*
index.html
517s61.reminews.com/dannig/common-player-arrow/ 		6 KB
7 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://517s61.reminews.com/dannig/common-player-arrow/index.html?var=1541502&ymid=2112031123562f2d309c2545fa9b1fc95910&rc=1&mrc=0&fsc=0&zoneid=1601571&tburl=https://play-vids.com/?geo=nl&proxy=true
Requested by
Host: kneeansweras.com
URL: https://kneeansweras.com/?r=dir&zoneid=1541502&var=1541501&pb=69b5eb3d0a49ed1ec2673bbfd6730df51638555787&psp=A24uiwbcKO7sjwC4BhbtrlD-I6fpo47k-Y_Nw5XP-KBPU_2iJgyvFzt3UK1Yv401gqkYJXOUE2rpPNuFfz5pS9pCLkBPW5HFmY5apWj-JnBoH63dh1171_fAKJ1ZneZ3pyQuf9CfBnCXGvKdPmFirqj8M8sHziHo2Y4mBCjx86DvQ-ZYn5QFuZeave_lcZjYRtzDU1EyPUZecKvnQALu2aYtvNUv41iwJI1oedY7thHXWPQ-6xD6xGXrpEUEw6njS96jP5DNzGsiKniZiUJl9H4qtgyaMWaON_uAjvg5bglYhxFzuvmHzifdBKhXdd32qvTNB52gXh2lchjv1OxpdZj0zMBiXByk_YY3tE66VPDBGhVs--tBpjVcrtIcfOrV11KcqOM_hu6WMI7l16H9uU6qc3VQKYotu3gDhc0y187MXKNkG1opwD-u84XBN_y_k3xhQAYtrXGhRDHfh9a6AIfO3gnrwmYe-og2j1UMIARB5FW33y6X4OiXYzORS5-Dg108T_cbUO0ghAmSiumh6c5WZz9GruHTieGIO67O8jnMWYODI2dVgHo5Tvf_FAI6DI21xG9DYdH7kWjT9gGAefNbFrgCSBdHv4ctqmNK7QPusgswyS-jIcXeXZSx-MIrpsl0o8dFf0HA1MQbroqTPHA-WjiBxOgw59E7es2iCMBKUfqKzmxJEg==&nojs=0&ix=0&t=0&x=1600&y=1200&wcks=1&wgl=1&cnvs=1&os=0&md=0&bb=0&pl=Chrome%20PDF%20Plugin::Chrome%20PDF%20Viewer::Native%20Client&lang=en-US&pf=Linux%20x86_64&cd=24&0&pload=103
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
45.133.44.3 Philadelphia, United States, ASN39572 (ADVANCEDHOSTERS-AS, NL),
Reverse DNS
Software
nginx/1.18.0 /
Resource Hash
dccc56b4834577790633f041a5c730b0f283352e63c8509a9da3961b170b6f96

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36
Accept-Language
nl-NL,nl;q=0.9

Response headers

date
Fri, 03 Dec 2021 16:23:07 GMT
content-type
text/html; charset=utf-8
content-length
6611
server
nginx/1.18.0
last-modified
Tue, 26 Oct 2021 15:52:40 GMT
etag
f46a63e0e4e733d7ddc6f46da00863bf
x-timestamp
1635263559.76455
x-trans-id
txf9973ab5455e4f86ae257-00617824f3
x-openstack-request-id
txf9973ab5455e4f86ae257-00617824f3
cache-control
max-age=172800
access-control-allow-origin
*
access-control-allow-methods
HEAD,GET,POST,PUT,PATCH,DELETE,OPTIONS
access-control-allow-headers
Content-Type,X-Requested-With,X-Auth-Token,X-Openstack-Request-Id,X-Container-Meta-type,X-Container-Meta-Temp-URL-Key,Authorization
access-control-expose-headers
X-Container-Meta-Temp-Url-Key,X-Container-Bytes-Used,Last-Modified,X-Timestamp
expires
Sun, 05 Dec 2021 16:23:07 GMT
vary
Accept-Encoding
x-proxy-cache
HIT
accept-ranges
bytes
dupa.gif
kneeansweras.com/ 		0
0
script.js
123.selornews.com/dannig/common-player-arrow/ 		4 KB
5 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://123.selornews.com/dannig/common-player-arrow/script.js?a=19
Requested by
Host: 517s61.reminews.com
URL: https://517s61.reminews.com/dannig/common-player-arrow/index.html?var=1541502&ymid=2112031123562f2d309c2545fa9b1fc95910&rc=1&mrc=0&fsc=0&zoneid=1601571&tburl=https://play-vids.com/?geo=nl&proxy=true
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
45.133.44.4 Philadelphia, United States, ASN39572 (ADVANCEDHOSTERS-AS, NL),
Reverse DNS
Software
nginx/1.18.0 /
Resource Hash
4d23eca65ee87fd5bce9aaefc863c5f836ad13dbb3069c72533bddfe2054d0d9

Request headers

Accept-Language
nl-NL,nl;q=0.9
Referer
https://517s61.reminews.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date
Fri, 03 Dec 2021 16:23:07 GMT
x-openstack-request-id
tx511d3042704c4fa98c709-00617824f4
x-trans-id
tx511d3042704c4fa98c709-00617824f4
x-timestamp
1631013005.68768
accept-ranges
bytes
expires
Sun, 05 Dec 2021 16:23:07 GMT
last-modified
Tue, 07 Sep 2021 11:10:06 GMT
server
nginx/1.18.0
etag
9d479878f1dadd7ee15cebf73891e8ae
vary
Accept-Encoding
access-control-allow-methods
HEAD,GET,POST,PUT,PATCH,DELETE,OPTIONS
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
access-control-expose-headers
X-Container-Meta-Temp-Url-Key,X-Container-Bytes-Used,Last-Modified,X-Timestamp
cache-control
max-age=172800
content-length
4281
access-control-allow-headers
Content-Type,X-Requested-With,X-Auth-Token,X-Openstack-Request-Id,X-Container-Meta-type,X-Container-Meta-Temp-URL-Key,Authorization
x-proxy-cache
HIT
icon1.png
123.selornews.com/dannig/common-player-arrow/img/ 		7 KB
8 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://123.selornews.com/dannig/common-player-arrow/img/icon1.png
Requested by
Host: 517s61.reminews.com
URL: https://517s61.reminews.com/dannig/common-player-arrow/index.html?var=1541502&ymid=2112031123562f2d309c2545fa9b1fc95910&rc=1&mrc=0&fsc=0&zoneid=1601571&tburl=https://play-vids.com/?geo=nl&proxy=true
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
45.133.44.4 Philadelphia, United States, ASN39572 (ADVANCEDHOSTERS-AS, NL),
Reverse DNS
Software
nginx/1.18.0 /
Resource Hash

Request headers

Accept-Language
nl-NL,nl;q=0.9
Referer
https://517s61.reminews.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date
Fri, 03 Dec 2021 16:23:07 GMT
x-openstack-request-id
tx3a371b7f911d47879e956-00617824f4
x-trans-id
tx3a371b7f911d47879e956-00617824f4
x-timestamp
1621260766.56573
accept-ranges
bytes
expires
Sun, 05 Dec 2021 16:23:07 GMT
last-modified
Mon, 17 May 2021 14:12:47 GMT
server
nginx/1.18.0
etag
3d0ab5834c8bf7134e4d21fa3288317f
vary
Accept-Encoding
access-control-allow-methods
HEAD,GET,POST,PUT,PATCH,DELETE,OPTIONS
content-type
image/png
access-control-allow-origin
*
access-control-expose-headers
X-Container-Meta-Temp-Url-Key,X-Container-Bytes-Used,Last-Modified,X-Timestamp
cache-control
max-age=172800
content-length
7252
access-control-allow-headers
Content-Type,X-Requested-With,X-Auth-Token,X-Openstack-Request-Id,X-Container-Meta-type,X-Container-Meta-Temp-URL-Key,Authorization
x-proxy-cache
HIT
icon2.png
123.selornews.com/dannig/common-player-arrow/img/ 		4 KB
5 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://123.selornews.com/dannig/common-player-arrow/img/icon2.png
Requested by
Host: 517s61.reminews.com
URL: https://517s61.reminews.com/dannig/common-player-arrow/index.html?var=1541502&ymid=2112031123562f2d309c2545fa9b1fc95910&rc=1&mrc=0&fsc=0&zoneid=1601571&tburl=https://play-vids.com/?geo=nl&proxy=true
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
45.133.44.4 Philadelphia, United States, ASN39572 (ADVANCEDHOSTERS-AS, NL),
Reverse DNS
Software
nginx/1.18.0 /
Resource Hash

Request headers

Accept-Language
nl-NL,nl;q=0.9
Referer
https://517s61.reminews.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date
Fri, 03 Dec 2021 16:23:07 GMT
x-openstack-request-id
txa9b08c83d6884e2e94886-00617824f0
x-trans-id
txa9b08c83d6884e2e94886-00617824f0
x-timestamp
1621260766.58366
accept-ranges
bytes
expires
Sun, 05 Dec 2021 16:23:07 GMT
last-modified
Mon, 17 May 2021 14:12:47 GMT
server
nginx/1.18.0
etag
c947d439eb93367f1af5b2a3d222f057
vary
Accept-Encoding
access-control-allow-methods
HEAD,GET,POST,PUT,PATCH,DELETE,OPTIONS
content-type
image/png
access-control-allow-origin
*
access-control-expose-headers
X-Container-Meta-Temp-Url-Key,X-Container-Bytes-Used,Last-Modified,X-Timestamp
cache-control
max-age=172800
content-length
4576
access-control-allow-headers
Content-Type,X-Requested-With,X-Auth-Token,X-Openstack-Request-Id,X-Container-Meta-type,X-Container-Meta-Temp-URL-Key,Authorization
x-proxy-cache
HIT
icon3.png
123.selornews.com/dannig/common-player-arrow/img/ 		8 KB
8 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://123.selornews.com/dannig/common-player-arrow/img/icon3.png
Requested by
Host: 517s61.reminews.com
URL: https://517s61.reminews.com/dannig/common-player-arrow/index.html?var=1541502&ymid=2112031123562f2d309c2545fa9b1fc95910&rc=1&mrc=0&fsc=0&zoneid=1601571&tburl=https://play-vids.com/?geo=nl&proxy=true
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
45.133.44.4 Philadelphia, United States, ASN39572 (ADVANCEDHOSTERS-AS, NL),
Reverse DNS
Software
nginx/1.18.0 /
Resource Hash

Request headers

Accept-Language
nl-NL,nl;q=0.9
Referer
https://517s61.reminews.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date
Fri, 03 Dec 2021 16:23:07 GMT
x-openstack-request-id
txe836bc800dc74cab8c17e-00617824f0
x-trans-id
txe836bc800dc74cab8c17e-00617824f0
x-timestamp
1621260770.61859
accept-ranges
bytes
expires
Sun, 05 Dec 2021 16:23:07 GMT
last-modified
Mon, 17 May 2021 14:12:51 GMT
server
nginx/1.18.0
etag
8f3cc830da0b1fdf66bda7d1d734747b
vary
Accept-Encoding
access-control-allow-methods
HEAD,GET,POST,PUT,PATCH,DELETE,OPTIONS
content-type
image/png
access-control-allow-origin
*
access-control-expose-headers
X-Container-Meta-Temp-Url-Key,X-Container-Bytes-Used,Last-Modified,X-Timestamp
cache-control
max-age=172800
content-length
7847
access-control-allow-headers
Content-Type,X-Requested-With,X-Auth-Token,X-Openstack-Request-Id,X-Container-Meta-type,X-Container-Meta-Temp-URL-Key,Authorization
x-proxy-cache
HIT
icon4.png
123.selornews.com/dannig/common-player-arrow/img/ 		7 KB
7 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://123.selornews.com/dannig/common-player-arrow/img/icon4.png
Requested by
Host: 517s61.reminews.com
URL: https://517s61.reminews.com/dannig/common-player-arrow/index.html?var=1541502&ymid=2112031123562f2d309c2545fa9b1fc95910&rc=1&mrc=0&fsc=0&zoneid=1601571&tburl=https://play-vids.com/?geo=nl&proxy=true
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
45.133.44.4 Philadelphia, United States, ASN39572 (ADVANCEDHOSTERS-AS, NL),
Reverse DNS
Software
nginx/1.18.0 /
Resource Hash

Request headers

Accept-Language
nl-NL,nl;q=0.9
Referer
https://517s61.reminews.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date
Fri, 03 Dec 2021 16:23:07 GMT
x-openstack-request-id
tx15b172dcb6084849bf123-00617824f0
x-trans-id
tx15b172dcb6084849bf123-00617824f0
x-timestamp
1621260766.57654
accept-ranges
bytes
expires
Sun, 05 Dec 2021 16:23:07 GMT
last-modified
Mon, 17 May 2021 14:12:47 GMT
server
nginx/1.18.0
etag
7ad7f32c1c0df7b4975cc41bda4ac435
vary
Accept-Encoding
access-control-allow-methods
HEAD,GET,POST,PUT,PATCH,DELETE,OPTIONS
content-type
image/png
access-control-allow-origin
*
access-control-expose-headers
X-Container-Meta-Temp-Url-Key,X-Container-Bytes-Used,Last-Modified,X-Timestamp
cache-control
max-age=172800
content-length
7032
access-control-allow-headers
Content-Type,X-Requested-With,X-Auth-Token,X-Openstack-Request-Id,X-Container-Meta-type,X-Container-Meta-Temp-URL-Key,Authorization
x-proxy-cache
HIT
icon5.png
123.selornews.com/dannig/common-player-arrow/img/ 		3 KB
4 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://123.selornews.com/dannig/common-player-arrow/img/icon5.png
Requested by
Host: 517s61.reminews.com
URL: https://517s61.reminews.com/dannig/common-player-arrow/index.html?var=1541502&ymid=2112031123562f2d309c2545fa9b1fc95910&rc=1&mrc=0&fsc=0&zoneid=1601571&tburl=https://play-vids.com/?geo=nl&proxy=true
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
45.133.44.4 Philadelphia, United States, ASN39572 (ADVANCEDHOSTERS-AS, NL),
Reverse DNS
Software
nginx/1.18.0 /
Resource Hash

Request headers

Accept-Language
nl-NL,nl;q=0.9
Referer
https://517s61.reminews.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date
Fri, 03 Dec 2021 16:23:07 GMT
x-openstack-request-id
txb5043e51fe2e4d6988631-00617824f0
x-trans-id
txb5043e51fe2e4d6988631-00617824f0
x-timestamp
1621260766.74516
accept-ranges
bytes
expires
Sun, 05 Dec 2021 16:23:07 GMT
last-modified
Mon, 17 May 2021 14:12:47 GMT
server
nginx/1.18.0
etag
1e1a7582b5da63e10485d63f97abc9a0
vary
Accept-Encoding
access-control-allow-methods
HEAD,GET,POST,PUT,PATCH,DELETE,OPTIONS
content-type
image/png
access-control-allow-origin
*
access-control-expose-headers
X-Container-Meta-Temp-Url-Key,X-Container-Bytes-Used,Last-Modified,X-Timestamp
cache-control
max-age=172800
content-length
3264
access-control-allow-headers
Content-Type,X-Requested-With,X-Auth-Token,X-Openstack-Request-Id,X-Container-Meta-type,X-Container-Meta-Temp-URL-Key,Authorization
x-proxy-cache
HIT
icon7.png
123.selornews.com/dannig/common-player-arrow/img/ 		3 KB
4 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://123.selornews.com/dannig/common-player-arrow/img/icon7.png
Requested by
Host: 517s61.reminews.com
URL: https://517s61.reminews.com/dannig/common-player-arrow/index.html?var=1541502&ymid=2112031123562f2d309c2545fa9b1fc95910&rc=1&mrc=0&fsc=0&zoneid=1601571&tburl=https://play-vids.com/?geo=nl&proxy=true
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
45.133.44.4 Philadelphia, United States, ASN39572 (ADVANCEDHOSTERS-AS, NL),
Reverse DNS
Software
nginx/1.18.0 /
Resource Hash

Request headers

Accept-Language
nl-NL,nl;q=0.9
Referer
https://517s61.reminews.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date
Fri, 03 Dec 2021 16:23:07 GMT
x-openstack-request-id
tx23eb648f44094a9e86fdc-00617824f0
x-trans-id
tx23eb648f44094a9e86fdc-00617824f0
x-timestamp
1621260767.43555
accept-ranges
bytes
expires
Sun, 05 Dec 2021 16:23:07 GMT
last-modified
Mon, 17 May 2021 14:12:48 GMT
server
nginx/1.18.0
etag
b512735542cb07b3b2dcf153a7dfe456
vary
Accept-Encoding
access-control-allow-methods
HEAD,GET,POST,PUT,PATCH,DELETE,OPTIONS
content-type
image/png
access-control-allow-origin
*
access-control-expose-headers
X-Container-Meta-Temp-Url-Key,X-Container-Bytes-Used,Last-Modified,X-Timestamp
cache-control
max-age=172800
content-length
3283
access-control-allow-headers
Content-Type,X-Requested-With,X-Auth-Token,X-Openstack-Request-Id,X-Container-Meta-type,X-Container-Meta-Temp-URL-Key,Authorization
x-proxy-cache
HIT
icon8.png
123.selornews.com/dannig/common-player-arrow/img/ 		4 KB
5 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://123.selornews.com/dannig/common-player-arrow/img/icon8.png
Requested by
Host: 517s61.reminews.com
URL: https://517s61.reminews.com/dannig/common-player-arrow/index.html?var=1541502&ymid=2112031123562f2d309c2545fa9b1fc95910&rc=1&mrc=0&fsc=0&zoneid=1601571&tburl=https://play-vids.com/?geo=nl&proxy=true
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
45.133.44.4 Philadelphia, United States, ASN39572 (ADVANCEDHOSTERS-AS, NL),
Reverse DNS
Software
nginx/1.18.0 /
Resource Hash

Request headers

Accept-Language
nl-NL,nl;q=0.9
Referer
https://517s61.reminews.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date
Fri, 03 Dec 2021 16:23:07 GMT
x-openstack-request-id
tx287de7c84de84b77b385d-00617824f0
x-trans-id
tx287de7c84de84b77b385d-00617824f0
x-timestamp
1621260767.46514
accept-ranges
bytes
expires
Sun, 05 Dec 2021 16:23:07 GMT
last-modified
Mon, 17 May 2021 14:12:48 GMT
server
nginx/1.18.0
etag
f92d6474ebc6a3a0b576749cfb4afe98
vary
Accept-Encoding
access-control-allow-methods
HEAD,GET,POST,PUT,PATCH,DELETE,OPTIONS
content-type
image/png
access-control-allow-origin
*
access-control-expose-headers
X-Container-Meta-Temp-Url-Key,X-Container-Bytes-Used,Last-Modified,X-Timestamp
cache-control
max-age=172800
content-length
4064
access-control-allow-headers
Content-Type,X-Requested-With,X-Auth-Token,X-Openstack-Request-Id,X-Container-Meta-type,X-Container-Meta-Temp-URL-Key,Authorization
x-proxy-cache
HIT
afu.php
kneeansweras.com/ 		2 KB
1 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://kneeansweras.com/afu.php?zoneid=1541501&var=1541502
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
109.206.162.83 , Netherlands, ASN50245 (SERVEREL-AS, NL),
Reverse DNS
83.162.serverel.net
Software
nginx /
Resource Hash
3d2bdb7eeb79c2948c75f13524024bbb1148e65d232fb97d1ab408b90cabe7ae

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36
Accept-Language
nl-NL,nl;q=0.9

Response headers

server
nginx
date
Fri, 03 Dec 2021 16:23:07 GMT
content-type
text/html; charset=utf-8
vary
Accept-Encoding
content-encoding
gzip
timing-allow-origin
*
submit.min.js
kneeansweras.com/ 		34 KB
14 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://kneeansweras.com/submit.min.js?2.0
Requested by
Host: kneeansweras.com
URL: https://kneeansweras.com/afu.php?zoneid=1541501&var=1541502
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
109.206.162.83 , Netherlands, ASN50245 (SERVEREL-AS, NL),
Reverse DNS
83.162.serverel.net
Software
nginx /
Resource Hash
85a367f436675a0f9ff723ab117c68ab0f704cd9f183bc40c8d5e06d647832b8

Request headers

Accept-Language
nl-NL,nl;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date
Fri, 03 Dec 2021 16:23:07 GMT
content-encoding
gzip
last-modified
Thu, 02 Dec 2021 12:43:17 GMT
server
nginx
etag
W/"61a8bf65-87fb"
vary
Accept-Encoding
content-type
application/javascript
timing-allow-origin
*
/
kneeansweras.com/ 		3 KB
2 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://kneeansweras.com/?r=dir&zoneid=1541501&var=1541502&pb=69b5eb3d0a49ed1ec2673bbfd6730df51638555787&psp=b9JvUmSi_sW214qDG09wa6duN_ezCWBYrfin826GUmB3Mtj9-U9AWdVlaOMSp5--57gQs_x4xAQISyr0VX-tDN5YPNGUv7umMTSu4485IomDby4NRw4pxR7HXnD-RFvRyAHFK8w7CiePOhcW94aFcJlqBpHBdhmG-UrFSnh1c2bVji5sjANjwRFIVnT6hUiqcYX_WMv7DOyk8DX_YrBHyaXxI9XKLxMMRYn8gVRjvE8KWSEwZsp2ZMowbFGDFFvykJQJrxtyGVPKnipVfYM-z6Mn_faCQrbRAubhYBZnGZz4HLTRtTYVFohjP752KzGiqClHp6HpjL3W1SmrcvSQWbPo41MmNPF6dHAwUglcHewCOZhjPqUsdrFlZczKlIsOuVdIz1Jt6dBQk-716kRA9OiRMVmoBfUDDqwnX8BWG1NWoPl4zW6SVOIOKCwfWjUaYjd8ndP-wuLSL7z2O48HshWXoIdTAekmXD3UJvNAh9ZLPuPVN81ZntPFZktKcPq1qz1TBiBYWsqZ3VBeoDy8P3_z2TlyH_HYY7T32iEjwg3eUSWMG1h96qDHbVrR-laVzppHwbm0edUty89xPGFgZ1jG7cn8oV0-g1pCtQAqEW7BuFkjIv8heJLYAFyHigALlmt0oZ_8P-O0r9NxnO8y31lCb63B5cR_59ZE5o_o9qCgWi__WDHCkg==&nojs=0&ix=0&t=0&x=1600&y=1200&wcks=1&wgl=1&cnvs=1&os=0&md=0&bb=0&pl=Chrome%20PDF%20Plugin::Chrome%20PDF%20Viewer::Native%20Client&lang=en-US&pf=Linux%20x86_64&cd=24&0&pload=103
Requested by
Host: kneeansweras.com
URL: https://kneeansweras.com/submit.min.js?2.0
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
109.206.162.83 , Netherlands, ASN50245 (SERVEREL-AS, NL),
Reverse DNS
83.162.serverel.net
Software
nginx /
Resource Hash
a8ccd91d65cd504cc4395fb0736b33b76219459befc31ea848162bcfe7cadfa0

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36
Accept-Language
nl-NL,nl;q=0.9

Response headers

server
nginx
date
Fri, 03 Dec 2021 16:23:08 GMT
content-type
text/html; charset=utf-8
vary
Accept-Encoding
content-encoding
gzip
timing-allow-origin
*
index.html
517s61.reminews.com/dannig/common-player-arrow/ 		6 KB
7 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://517s61.reminews.com/dannig/common-player-arrow/index.html?var=1541501&ymid=211203112353cb4c5bfb87481e9eea9b96fd&rc=1&mrc=0&fsc=0&zoneid=1601571&tburl=https://play-vids.com/?geo=nl&proxy=true
Requested by
Host: kneeansweras.com
URL: https://kneeansweras.com/?r=dir&zoneid=1541501&var=1541502&pb=69b5eb3d0a49ed1ec2673bbfd6730df51638555787&psp=b9JvUmSi_sW214qDG09wa6duN_ezCWBYrfin826GUmB3Mtj9-U9AWdVlaOMSp5--57gQs_x4xAQISyr0VX-tDN5YPNGUv7umMTSu4485IomDby4NRw4pxR7HXnD-RFvRyAHFK8w7CiePOhcW94aFcJlqBpHBdhmG-UrFSnh1c2bVji5sjANjwRFIVnT6hUiqcYX_WMv7DOyk8DX_YrBHyaXxI9XKLxMMRYn8gVRjvE8KWSEwZsp2ZMowbFGDFFvykJQJrxtyGVPKnipVfYM-z6Mn_faCQrbRAubhYBZnGZz4HLTRtTYVFohjP752KzGiqClHp6HpjL3W1SmrcvSQWbPo41MmNPF6dHAwUglcHewCOZhjPqUsdrFlZczKlIsOuVdIz1Jt6dBQk-716kRA9OiRMVmoBfUDDqwnX8BWG1NWoPl4zW6SVOIOKCwfWjUaYjd8ndP-wuLSL7z2O48HshWXoIdTAekmXD3UJvNAh9ZLPuPVN81ZntPFZktKcPq1qz1TBiBYWsqZ3VBeoDy8P3_z2TlyH_HYY7T32iEjwg3eUSWMG1h96qDHbVrR-laVzppHwbm0edUty89xPGFgZ1jG7cn8oV0-g1pCtQAqEW7BuFkjIv8heJLYAFyHigALlmt0oZ_8P-O0r9NxnO8y31lCb63B5cR_59ZE5o_o9qCgWi__WDHCkg==&nojs=0&ix=0&t=0&x=1600&y=1200&wcks=1&wgl=1&cnvs=1&os=0&md=0&bb=0&pl=Chrome%20PDF%20Plugin::Chrome%20PDF%20Viewer::Native%20Client&lang=en-US&pf=Linux%20x86_64&cd=24&0&pload=103
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
45.133.44.3 Philadelphia, United States, ASN39572 (ADVANCEDHOSTERS-AS, NL),
Reverse DNS
Software
nginx/1.18.0 /
Resource Hash
dccc56b4834577790633f041a5c730b0f283352e63c8509a9da3961b170b6f96

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36
Accept-Language
nl-NL,nl;q=0.9

Response headers

date
Fri, 03 Dec 2021 16:23:08 GMT
content-type
text/html; charset=utf-8
content-length
6611
server
nginx/1.18.0
last-modified
Tue, 26 Oct 2021 15:52:40 GMT
etag
f46a63e0e4e733d7ddc6f46da00863bf
x-timestamp
1635263559.76455
x-trans-id
txf9973ab5455e4f86ae257-00617824f3
x-openstack-request-id
txf9973ab5455e4f86ae257-00617824f3
cache-control
max-age=172800
access-control-allow-origin
*
access-control-allow-methods
HEAD,GET,POST,PUT,PATCH,DELETE,OPTIONS
access-control-allow-headers
Content-Type,X-Requested-With,X-Auth-Token,X-Openstack-Request-Id,X-Container-Meta-type,X-Container-Meta-Temp-URL-Key,Authorization
access-control-expose-headers
X-Container-Meta-Temp-Url-Key,X-Container-Bytes-Used,Last-Modified,X-Timestamp
expires
Sun, 05 Dec 2021 16:23:08 GMT
vary
Accept-Encoding
x-proxy-cache
HIT
accept-ranges
bytes
dupa.gif
kneeansweras.com/ 		0
0
script.js
123.selornews.com/dannig/common-player-arrow/ 		4 KB
5 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://123.selornews.com/dannig/common-player-arrow/script.js?a=19
Requested by
Host: 517s61.reminews.com
URL: https://517s61.reminews.com/dannig/common-player-arrow/index.html?var=1541501&ymid=211203112353cb4c5bfb87481e9eea9b96fd&rc=1&mrc=0&fsc=0&zoneid=1601571&tburl=https://play-vids.com/?geo=nl&proxy=true
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
45.133.44.4 Philadelphia, United States, ASN39572 (ADVANCEDHOSTERS-AS, NL),
Reverse DNS
Software
nginx/1.18.0 /
Resource Hash

Request headers

Accept-Language
nl-NL,nl;q=0.9
Referer
https://517s61.reminews.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date
Fri, 03 Dec 2021 16:23:08 GMT
x-openstack-request-id
tx511d3042704c4fa98c709-00617824f4
x-trans-id
tx511d3042704c4fa98c709-00617824f4
x-timestamp
1631013005.68768
accept-ranges
bytes
expires
Sun, 05 Dec 2021 16:23:08 GMT
last-modified
Tue, 07 Sep 2021 11:10:06 GMT
server
nginx/1.18.0
etag
9d479878f1dadd7ee15cebf73891e8ae
vary
Accept-Encoding
access-control-allow-methods
HEAD,GET,POST,PUT,PATCH,DELETE,OPTIONS
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
access-control-expose-headers
X-Container-Meta-Temp-Url-Key,X-Container-Bytes-Used,Last-Modified,X-Timestamp
cache-control
max-age=172800
content-length
4281
access-control-allow-headers
Content-Type,X-Requested-With,X-Auth-Token,X-Openstack-Request-Id,X-Container-Meta-type,X-Container-Meta-Temp-URL-Key,Authorization
x-proxy-cache
HIT
icon1.png
123.selornews.com/dannig/common-player-arrow/img/ 		7 KB
8 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://123.selornews.com/dannig/common-player-arrow/img/icon1.png
Requested by
Host: 517s61.reminews.com
URL: https://517s61.reminews.com/dannig/common-player-arrow/index.html?var=1541501&ymid=211203112353cb4c5bfb87481e9eea9b96fd&rc=1&mrc=0&fsc=0&zoneid=1601571&tburl=https://play-vids.com/?geo=nl&proxy=true
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
45.133.44.4 Philadelphia, United States, ASN39572 (ADVANCEDHOSTERS-AS, NL),
Reverse DNS
Software
nginx/1.18.0 /
Resource Hash

Request headers

Accept-Language
nl-NL,nl;q=0.9
Referer
https://517s61.reminews.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date
Fri, 03 Dec 2021 16:23:08 GMT
x-openstack-request-id
tx3a371b7f911d47879e956-00617824f4
x-trans-id
tx3a371b7f911d47879e956-00617824f4
x-timestamp
1621260766.56573
accept-ranges
bytes
expires
Sun, 05 Dec 2021 16:23:08 GMT
last-modified
Mon, 17 May 2021 14:12:47 GMT
server
nginx/1.18.0
etag
3d0ab5834c8bf7134e4d21fa3288317f
vary
Accept-Encoding
access-control-allow-methods
HEAD,GET,POST,PUT,PATCH,DELETE,OPTIONS
content-type
image/png
access-control-allow-origin
*
access-control-expose-headers
X-Container-Meta-Temp-Url-Key,X-Container-Bytes-Used,Last-Modified,X-Timestamp
cache-control
max-age=172800
content-length
7252
access-control-allow-headers
Content-Type,X-Requested-With,X-Auth-Token,X-Openstack-Request-Id,X-Container-Meta-type,X-Container-Meta-Temp-URL-Key,Authorization
x-proxy-cache
HIT
icon2.png
123.selornews.com/dannig/common-player-arrow/img/ 		4 KB
5 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://123.selornews.com/dannig/common-player-arrow/img/icon2.png
Requested by
Host: 517s61.reminews.com
URL: https://517s61.reminews.com/dannig/common-player-arrow/index.html?var=1541501&ymid=211203112353cb4c5bfb87481e9eea9b96fd&rc=1&mrc=0&fsc=0&zoneid=1601571&tburl=https://play-vids.com/?geo=nl&proxy=true
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
45.133.44.4 Philadelphia, United States, ASN39572 (ADVANCEDHOSTERS-AS, NL),
Reverse DNS
Software
nginx/1.18.0 /
Resource Hash

Request headers

Accept-Language
nl-NL,nl;q=0.9
Referer
https://517s61.reminews.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date
Fri, 03 Dec 2021 16:23:08 GMT
x-openstack-request-id
txa9b08c83d6884e2e94886-00617824f0
x-trans-id
txa9b08c83d6884e2e94886-00617824f0
x-timestamp
1621260766.58366
accept-ranges
bytes
expires
Sun, 05 Dec 2021 16:23:08 GMT
last-modified
Mon, 17 May 2021 14:12:47 GMT
server
nginx/1.18.0
etag
c947d439eb93367f1af5b2a3d222f057
vary
Accept-Encoding
access-control-allow-methods
HEAD,GET,POST,PUT,PATCH,DELETE,OPTIONS
content-type
image/png
access-control-allow-origin
*
access-control-expose-headers
X-Container-Meta-Temp-Url-Key,X-Container-Bytes-Used,Last-Modified,X-Timestamp
cache-control
max-age=172800
content-length
4576
access-control-allow-headers
Content-Type,X-Requested-With,X-Auth-Token,X-Openstack-Request-Id,X-Container-Meta-type,X-Container-Meta-Temp-URL-Key,Authorization
x-proxy-cache
HIT
icon3.png
123.selornews.com/dannig/common-player-arrow/img/ 		8 KB
8 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://123.selornews.com/dannig/common-player-arrow/img/icon3.png
Requested by
Host: 517s61.reminews.com
URL: https://517s61.reminews.com/dannig/common-player-arrow/index.html?var=1541501&ymid=211203112353cb4c5bfb87481e9eea9b96fd&rc=1&mrc=0&fsc=0&zoneid=1601571&tburl=https://play-vids.com/?geo=nl&proxy=true
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
45.133.44.4 Philadelphia, United States, ASN39572 (ADVANCEDHOSTERS-AS, NL),
Reverse DNS
Software
nginx/1.18.0 /
Resource Hash

Request headers

Accept-Language
nl-NL,nl;q=0.9
Referer
https://517s61.reminews.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date
Fri, 03 Dec 2021 16:23:08 GMT
x-openstack-request-id
txe836bc800dc74cab8c17e-00617824f0
x-trans-id
txe836bc800dc74cab8c17e-00617824f0
x-timestamp
1621260770.61859
accept-ranges
bytes
expires
Sun, 05 Dec 2021 16:23:08 GMT
last-modified
Mon, 17 May 2021 14:12:51 GMT
server
nginx/1.18.0
etag
8f3cc830da0b1fdf66bda7d1d734747b
vary
Accept-Encoding
access-control-allow-methods
HEAD,GET,POST,PUT,PATCH,DELETE,OPTIONS
content-type
image/png
access-control-allow-origin
*
access-control-expose-headers
X-Container-Meta-Temp-Url-Key,X-Container-Bytes-Used,Last-Modified,X-Timestamp
cache-control
max-age=172800
content-length
7847
access-control-allow-headers
Content-Type,X-Requested-With,X-Auth-Token,X-Openstack-Request-Id,X-Container-Meta-type,X-Container-Meta-Temp-URL-Key,Authorization
x-proxy-cache
HIT
icon4.png
123.selornews.com/dannig/common-player-arrow/img/ 		7 KB
7 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://123.selornews.com/dannig/common-player-arrow/img/icon4.png
Requested by
Host: 517s61.reminews.com
URL: https://517s61.reminews.com/dannig/common-player-arrow/index.html?var=1541501&ymid=211203112353cb4c5bfb87481e9eea9b96fd&rc=1&mrc=0&fsc=0&zoneid=1601571&tburl=https://play-vids.com/?geo=nl&proxy=true
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
45.133.44.4 Philadelphia, United States, ASN39572 (ADVANCEDHOSTERS-AS, NL),
Reverse DNS
Software
nginx/1.18.0 /
Resource Hash

Request headers

Accept-Language
nl-NL,nl;q=0.9
Referer
https://517s61.reminews.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date
Fri, 03 Dec 2021 16:23:08 GMT
x-openstack-request-id
tx15b172dcb6084849bf123-00617824f0
x-trans-id
tx15b172dcb6084849bf123-00617824f0
x-timestamp
1621260766.57654
accept-ranges
bytes
expires
Sun, 05 Dec 2021 16:23:08 GMT
last-modified
Mon, 17 May 2021 14:12:47 GMT
server
nginx/1.18.0
etag
7ad7f32c1c0df7b4975cc41bda4ac435
vary
Accept-Encoding
access-control-allow-methods
HEAD,GET,POST,PUT,PATCH,DELETE,OPTIONS
content-type
image/png
access-control-allow-origin
*
access-control-expose-headers
X-Container-Meta-Temp-Url-Key,X-Container-Bytes-Used,Last-Modified,X-Timestamp
cache-control
max-age=172800
content-length
7032
access-control-allow-headers
Content-Type,X-Requested-With,X-Auth-Token,X-Openstack-Request-Id,X-Container-Meta-type,X-Container-Meta-Temp-URL-Key,Authorization
x-proxy-cache
HIT
icon5.png
123.selornews.com/dannig/common-player-arrow/img/ 		3 KB
4 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://123.selornews.com/dannig/common-player-arrow/img/icon5.png
Requested by
Host: 517s61.reminews.com
URL: https://517s61.reminews.com/dannig/common-player-arrow/index.html?var=1541501&ymid=211203112353cb4c5bfb87481e9eea9b96fd&rc=1&mrc=0&fsc=0&zoneid=1601571&tburl=https://play-vids.com/?geo=nl&proxy=true
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
45.133.44.4 Philadelphia, United States, ASN39572 (ADVANCEDHOSTERS-AS, NL),
Reverse DNS
Software
nginx/1.18.0 /
Resource Hash

Request headers

Accept-Language
nl-NL,nl;q=0.9
Referer
https://517s61.reminews.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date
Fri, 03 Dec 2021 16:23:08 GMT
x-openstack-request-id
txb5043e51fe2e4d6988631-00617824f0
x-trans-id
txb5043e51fe2e4d6988631-00617824f0
x-timestamp
1621260766.74516
accept-ranges
bytes
expires
Sun, 05 Dec 2021 16:23:08 GMT
last-modified
Mon, 17 May 2021 14:12:47 GMT
server
nginx/1.18.0
etag
1e1a7582b5da63e10485d63f97abc9a0
vary
Accept-Encoding
access-control-allow-methods
HEAD,GET,POST,PUT,PATCH,DELETE,OPTIONS
content-type
image/png
access-control-allow-origin
*
access-control-expose-headers
X-Container-Meta-Temp-Url-Key,X-Container-Bytes-Used,Last-Modified,X-Timestamp
cache-control
max-age=172800
content-length
3264
access-control-allow-headers
Content-Type,X-Requested-With,X-Auth-Token,X-Openstack-Request-Id,X-Container-Meta-type,X-Container-Meta-Temp-URL-Key,Authorization
x-proxy-cache
HIT
icon7.png
123.selornews.com/dannig/common-player-arrow/img/ 		3 KB
4 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://123.selornews.com/dannig/common-player-arrow/img/icon7.png
Requested by
Host: 517s61.reminews.com
URL: https://517s61.reminews.com/dannig/common-player-arrow/index.html?var=1541501&ymid=211203112353cb4c5bfb87481e9eea9b96fd&rc=1&mrc=0&fsc=0&zoneid=1601571&tburl=https://play-vids.com/?geo=nl&proxy=true
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
45.133.44.4 Philadelphia, United States, ASN39572 (ADVANCEDHOSTERS-AS, NL),
Reverse DNS
Software
nginx/1.18.0 /
Resource Hash

Request headers

Accept-Language
nl-NL,nl;q=0.9
Referer
https://517s61.reminews.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date
Fri, 03 Dec 2021 16:23:08 GMT
x-openstack-request-id
tx23eb648f44094a9e86fdc-00617824f0
x-trans-id
tx23eb648f44094a9e86fdc-00617824f0
x-timestamp
1621260767.43555
accept-ranges
bytes
expires
Sun, 05 Dec 2021 16:23:08 GMT
last-modified
Mon, 17 May 2021 14:12:48 GMT
server
nginx/1.18.0
etag
b512735542cb07b3b2dcf153a7dfe456
vary
Accept-Encoding
access-control-allow-methods
HEAD,GET,POST,PUT,PATCH,DELETE,OPTIONS
content-type
image/png
access-control-allow-origin
*
access-control-expose-headers
X-Container-Meta-Temp-Url-Key,X-Container-Bytes-Used,Last-Modified,X-Timestamp
cache-control
max-age=172800
content-length
3283
access-control-allow-headers
Content-Type,X-Requested-With,X-Auth-Token,X-Openstack-Request-Id,X-Container-Meta-type,X-Container-Meta-Temp-URL-Key,Authorization
x-proxy-cache
HIT
icon8.png
123.selornews.com/dannig/common-player-arrow/img/ 		4 KB
5 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://123.selornews.com/dannig/common-player-arrow/img/icon8.png
Requested by
Host: 517s61.reminews.com
URL: https://517s61.reminews.com/dannig/common-player-arrow/index.html?var=1541501&ymid=211203112353cb4c5bfb87481e9eea9b96fd&rc=1&mrc=0&fsc=0&zoneid=1601571&tburl=https://play-vids.com/?geo=nl&proxy=true
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
45.133.44.4 Philadelphia, United States, ASN39572 (ADVANCEDHOSTERS-AS, NL),
Reverse DNS
Software
nginx/1.18.0 /
Resource Hash

Request headers

Accept-Language
nl-NL,nl;q=0.9
Referer
https://517s61.reminews.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date
Fri, 03 Dec 2021 16:23:08 GMT
x-openstack-request-id
tx287de7c84de84b77b385d-00617824f0
x-trans-id
tx287de7c84de84b77b385d-00617824f0
x-timestamp
1621260767.46514
accept-ranges
bytes
expires
Sun, 05 Dec 2021 16:23:08 GMT
last-modified
Mon, 17 May 2021 14:12:48 GMT
server
nginx/1.18.0
etag
f92d6474ebc6a3a0b576749cfb4afe98
vary
Accept-Encoding
access-control-allow-methods
HEAD,GET,POST,PUT,PATCH,DELETE,OPTIONS
content-type
image/png
access-control-allow-origin
*
access-control-expose-headers
X-Container-Meta-Temp-Url-Key,X-Container-Bytes-Used,Last-Modified,X-Timestamp
cache-control
max-age=172800
content-length
4064
access-control-allow-headers
Content-Type,X-Requested-With,X-Auth-Token,X-Openstack-Request-Id,X-Container-Meta-type,X-Container-Meta-Temp-URL-Key,Authorization
x-proxy-cache
HIT
afu.php
kneeansweras.com/ 		2 KB
1 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://kneeansweras.com/afu.php?zoneid=1541502&var=1541501
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
109.206.162.83 , Netherlands, ASN50245 (SERVEREL-AS, NL),
Reverse DNS
83.162.serverel.net
Software
nginx /
Resource Hash
ac4b1bed15eacc9db0890d119d6e4af92c78469ed46a0f0d5965a42c7dff1ec6

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36
Accept-Language
nl-NL,nl;q=0.9

Response headers

server
nginx
date
Fri, 03 Dec 2021 16:23:08 GMT
content-type
text/html; charset=utf-8
vary
Accept-Encoding
content-encoding
gzip
timing-allow-origin
*
submit.min.js
kneeansweras.com/ 		34 KB
14 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://kneeansweras.com/submit.min.js?2.0
Requested by
Host: kneeansweras.com
URL: https://kneeansweras.com/afu.php?zoneid=1541502&var=1541501
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
109.206.162.83 , Netherlands, ASN50245 (SERVEREL-AS, NL),
Reverse DNS
83.162.serverel.net
Software
nginx /
Resource Hash
85a367f436675a0f9ff723ab117c68ab0f704cd9f183bc40c8d5e06d647832b8

Request headers

Accept-Language
nl-NL,nl;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date
Fri, 03 Dec 2021 16:23:08 GMT
content-encoding
gzip
last-modified
Thu, 02 Dec 2021 12:43:17 GMT
server
nginx
etag
W/"61a8bf65-87fb"
vary
Accept-Encoding
content-type
application/javascript
timing-allow-origin
*
/
kneeansweras.com/ 		3 KB
2 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://kneeansweras.com/?r=dir&zoneid=1541502&var=1541501&pb=0245dd2aa2841230c0ef5fd80fe6c3e01638555788&psp=4d7X6BXhpi9w5cXR400nheDrsSoJwl047Z-TGOuwaZfxqnqoYGZ5fNysXTpaWNXs7odo1v4SL5OWjRTcSqtwdKEAk7-55HGVPYTSqfdV7Rzq0RcO37ASFF1Ox1LaBHD6xumESP3786atbzM9mYmU4qmK6vlyz-Egyyq8I-6kdS-5KQxQv0WdUV07PA48DViy9fbolj-litILD6kyBchckhc2B8o_Pcxtcl_gwfXIoah-K-4igdqDb3GL0cerAbbuYIMNHU0pc25-ccy3q2V6-92_xnOrT1rNYWjO07Oh_AiFDM_DyHl9bXc4YzrFxvnbDl01IdpJTKvEulMh23DNDEHPOY2TTYXMeK8xU5xqKcwrsuvECZqhQDUzle8AHroaiFd21qwxDuiEqQzuN9_pVk2uyt_gYVeTGvWMkipD28zxTbCqzGuyBKZTmWWh7fvvXeXyp7UeYiVbdokBJV9Hr9n20-d8CZ0oibu7FOOd8eq6C6E1xN8yGrqeHciEuBiYyCAM6c_UHG9o-KBjCdWqI2TNIViVLBu5hKpu_cyeKh-z0xVoOfql5SY5AsacfwVUwORACgXUfM2BLaEOR4bkxoGxfeBN26ettzFvOHKhth-QXmLCrhcnt61OyVXbBjiSJEJcRds2qAQEB2Zf_sJ9tmwvW-aOHoJA0V1QX6AP5m2v0xeCiNjpZw==&nojs=0&ix=0&t=0&x=1600&y=1200&wcks=1&wgl=1&cnvs=1&os=0&md=0&bb=0&pl=Chrome%20PDF%20Plugin::Chrome%20PDF%20Viewer::Native%20Client&lang=en-US&pf=Linux%20x86_64&cd=24&0&pload=105
Requested by
Host: kneeansweras.com
URL: https://kneeansweras.com/submit.min.js?2.0
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
109.206.162.83 , Netherlands, ASN50245 (SERVEREL-AS, NL),
Reverse DNS
83.162.serverel.net
Software
nginx /
Resource Hash
b370de49b431a14d5b2d8678683089520053459996ec4f2cb4719bab1446efa5

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36
Accept-Language
nl-NL,nl;q=0.9

Response headers

server
nginx
date
Fri, 03 Dec 2021 16:23:08 GMT
content-type
text/html; charset=utf-8
vary
Accept-Encoding
content-encoding
gzip
timing-allow-origin
*
index.html
517s61.reminews.com/dannig/common-player-arrow/ 		6 KB
7 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://517s61.reminews.com/dannig/common-player-arrow/index.html?var=1541502&ymid=211203112367b550e1ecca457380b26e155e&rc=1&mrc=0&fsc=0&zoneid=1601571&tburl=https://play-vids.com/?geo=nl&proxy=true
Requested by
Host: kneeansweras.com
URL: https://kneeansweras.com/?r=dir&zoneid=1541502&var=1541501&pb=0245dd2aa2841230c0ef5fd80fe6c3e01638555788&psp=4d7X6BXhpi9w5cXR400nheDrsSoJwl047Z-TGOuwaZfxqnqoYGZ5fNysXTpaWNXs7odo1v4SL5OWjRTcSqtwdKEAk7-55HGVPYTSqfdV7Rzq0RcO37ASFF1Ox1LaBHD6xumESP3786atbzM9mYmU4qmK6vlyz-Egyyq8I-6kdS-5KQxQv0WdUV07PA48DViy9fbolj-litILD6kyBchckhc2B8o_Pcxtcl_gwfXIoah-K-4igdqDb3GL0cerAbbuYIMNHU0pc25-ccy3q2V6-92_xnOrT1rNYWjO07Oh_AiFDM_DyHl9bXc4YzrFxvnbDl01IdpJTKvEulMh23DNDEHPOY2TTYXMeK8xU5xqKcwrsuvECZqhQDUzle8AHroaiFd21qwxDuiEqQzuN9_pVk2uyt_gYVeTGvWMkipD28zxTbCqzGuyBKZTmWWh7fvvXeXyp7UeYiVbdokBJV9Hr9n20-d8CZ0oibu7FOOd8eq6C6E1xN8yGrqeHciEuBiYyCAM6c_UHG9o-KBjCdWqI2TNIViVLBu5hKpu_cyeKh-z0xVoOfql5SY5AsacfwVUwORACgXUfM2BLaEOR4bkxoGxfeBN26ettzFvOHKhth-QXmLCrhcnt61OyVXbBjiSJEJcRds2qAQEB2Zf_sJ9tmwvW-aOHoJA0V1QX6AP5m2v0xeCiNjpZw==&nojs=0&ix=0&t=0&x=1600&y=1200&wcks=1&wgl=1&cnvs=1&os=0&md=0&bb=0&pl=Chrome%20PDF%20Plugin::Chrome%20PDF%20Viewer::Native%20Client&lang=en-US&pf=Linux%20x86_64&cd=24&0&pload=105
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
45.133.44.3 Philadelphia, United States, ASN39572 (ADVANCEDHOSTERS-AS, NL),
Reverse DNS
Software
nginx/1.18.0 /
Resource Hash
dccc56b4834577790633f041a5c730b0f283352e63c8509a9da3961b170b6f96

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36
Accept-Language
nl-NL,nl;q=0.9

Response headers

date
Fri, 03 Dec 2021 16:23:08 GMT
content-type
text/html; charset=utf-8
content-length
6611
server
nginx/1.18.0
last-modified
Tue, 26 Oct 2021 15:52:40 GMT
etag
f46a63e0e4e733d7ddc6f46da00863bf
x-timestamp
1635263559.76455
x-trans-id
txf9973ab5455e4f86ae257-00617824f3
x-openstack-request-id
txf9973ab5455e4f86ae257-00617824f3
cache-control
max-age=172800
access-control-allow-origin
*
access-control-allow-methods
HEAD,GET,POST,PUT,PATCH,DELETE,OPTIONS
access-control-allow-headers
Content-Type,X-Requested-With,X-Auth-Token,X-Openstack-Request-Id,X-Container-Meta-type,X-Container-Meta-Temp-URL-Key,Authorization
access-control-expose-headers
X-Container-Meta-Temp-Url-Key,X-Container-Bytes-Used,Last-Modified,X-Timestamp
expires
Sun, 05 Dec 2021 16:23:08 GMT
vary
Accept-Encoding
x-proxy-cache
HIT
accept-ranges
bytes
dupa.gif
kneeansweras.com/ 		0
0
script.js
123.selornews.com/dannig/common-player-arrow/ 		4 KB
5 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://123.selornews.com/dannig/common-player-arrow/script.js?a=19
Requested by
Host: 517s61.reminews.com
URL: https://517s61.reminews.com/dannig/common-player-arrow/index.html?var=1541502&ymid=211203112367b550e1ecca457380b26e155e&rc=1&mrc=0&fsc=0&zoneid=1601571&tburl=https://play-vids.com/?geo=nl&proxy=true
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
45.133.44.4 Philadelphia, United States, ASN39572 (ADVANCEDHOSTERS-AS, NL),
Reverse DNS
Software
nginx/1.18.0 /
Resource Hash
4d23eca65ee87fd5bce9aaefc863c5f836ad13dbb3069c72533bddfe2054d0d9

Request headers

Accept-Language
nl-NL,nl;q=0.9
Referer
https://517s61.reminews.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date
Fri, 03 Dec 2021 16:23:08 GMT
x-openstack-request-id
tx511d3042704c4fa98c709-00617824f4
x-trans-id
tx511d3042704c4fa98c709-00617824f4
x-timestamp
1631013005.68768
accept-ranges
bytes
expires
Sun, 05 Dec 2021 16:23:08 GMT
last-modified
Tue, 07 Sep 2021 11:10:06 GMT
server
nginx/1.18.0
etag
9d479878f1dadd7ee15cebf73891e8ae
vary
Accept-Encoding
access-control-allow-methods
HEAD,GET,POST,PUT,PATCH,DELETE,OPTIONS
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
access-control-expose-headers
X-Container-Meta-Temp-Url-Key,X-Container-Bytes-Used,Last-Modified,X-Timestamp
cache-control
max-age=172800
content-length
4281
access-control-allow-headers
Content-Type,X-Requested-With,X-Auth-Token,X-Openstack-Request-Id,X-Container-Meta-type,X-Container-Meta-Temp-URL-Key,Authorization
x-proxy-cache
HIT
icon1.png
123.selornews.com/dannig/common-player-arrow/img/ 		7 KB
8 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://123.selornews.com/dannig/common-player-arrow/img/icon1.png
Requested by
Host: 517s61.reminews.com
URL: https://517s61.reminews.com/dannig/common-player-arrow/index.html?var=1541502&ymid=211203112367b550e1ecca457380b26e155e&rc=1&mrc=0&fsc=0&zoneid=1601571&tburl=https://play-vids.com/?geo=nl&proxy=true
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
45.133.44.4 Philadelphia, United States, ASN39572 (ADVANCEDHOSTERS-AS, NL),
Reverse DNS
Software
nginx/1.18.0 /
Resource Hash

Request headers

Accept-Language
nl-NL,nl;q=0.9
Referer
https://517s61.reminews.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date
Fri, 03 Dec 2021 16:23:08 GMT
x-openstack-request-id
tx3a371b7f911d47879e956-00617824f4
x-trans-id
tx3a371b7f911d47879e956-00617824f4
x-timestamp
1621260766.56573
accept-ranges
bytes
expires
Sun, 05 Dec 2021 16:23:08 GMT
last-modified
Mon, 17 May 2021 14:12:47 GMT
server
nginx/1.18.0
etag
3d0ab5834c8bf7134e4d21fa3288317f
vary
Accept-Encoding
access-control-allow-methods
HEAD,GET,POST,PUT,PATCH,DELETE,OPTIONS
content-type
image/png
access-control-allow-origin
*
access-control-expose-headers
X-Container-Meta-Temp-Url-Key,X-Container-Bytes-Used,Last-Modified,X-Timestamp
cache-control
max-age=172800
content-length
7252
access-control-allow-headers
Content-Type,X-Requested-With,X-Auth-Token,X-Openstack-Request-Id,X-Container-Meta-type,X-Container-Meta-Temp-URL-Key,Authorization
x-proxy-cache
HIT
icon2.png
123.selornews.com/dannig/common-player-arrow/img/ 		4 KB
5 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://123.selornews.com/dannig/common-player-arrow/img/icon2.png
Requested by
Host: 517s61.reminews.com
URL: https://517s61.reminews.com/dannig/common-player-arrow/index.html?var=1541502&ymid=211203112367b550e1ecca457380b26e155e&rc=1&mrc=0&fsc=0&zoneid=1601571&tburl=https://play-vids.com/?geo=nl&proxy=true
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
45.133.44.4 Philadelphia, United States, ASN39572 (ADVANCEDHOSTERS-AS, NL),
Reverse DNS
Software
nginx/1.18.0 /
Resource Hash

Request headers

Accept-Language
nl-NL,nl;q=0.9
Referer
https://517s61.reminews.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date
Fri, 03 Dec 2021 16:23:08 GMT
x-openstack-request-id
txa9b08c83d6884e2e94886-00617824f0
x-trans-id
txa9b08c83d6884e2e94886-00617824f0
x-timestamp
1621260766.58366
accept-ranges
bytes
expires
Sun, 05 Dec 2021 16:23:08 GMT
last-modified
Mon, 17 May 2021 14:12:47 GMT
server
nginx/1.18.0
etag
c947d439eb93367f1af5b2a3d222f057
vary
Accept-Encoding
access-control-allow-methods
HEAD,GET,POST,PUT,PATCH,DELETE,OPTIONS
content-type
image/png
access-control-allow-origin
*
access-control-expose-headers
X-Container-Meta-Temp-Url-Key,X-Container-Bytes-Used,Last-Modified,X-Timestamp
cache-control
max-age=172800
content-length
4576
access-control-allow-headers
Content-Type,X-Requested-With,X-Auth-Token,X-Openstack-Request-Id,X-Container-Meta-type,X-Container-Meta-Temp-URL-Key,Authorization
x-proxy-cache
HIT
icon3.png
123.selornews.com/dannig/common-player-arrow/img/ 		8 KB
8 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://123.selornews.com/dannig/common-player-arrow/img/icon3.png
Requested by
Host: 517s61.reminews.com
URL: https://517s61.reminews.com/dannig/common-player-arrow/index.html?var=1541502&ymid=211203112367b550e1ecca457380b26e155e&rc=1&mrc=0&fsc=0&zoneid=1601571&tburl=https://play-vids.com/?geo=nl&proxy=true
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
45.133.44.4 Philadelphia, United States, ASN39572 (ADVANCEDHOSTERS-AS, NL),
Reverse DNS
Software
nginx/1.18.0 /
Resource Hash

Request headers

Accept-Language
nl-NL,nl;q=0.9
Referer
https://517s61.reminews.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date
Fri, 03 Dec 2021 16:23:08 GMT
x-openstack-request-id
txe836bc800dc74cab8c17e-00617824f0
x-trans-id
txe836bc800dc74cab8c17e-00617824f0
x-timestamp
1621260770.61859
accept-ranges
bytes
expires
Sun, 05 Dec 2021 16:23:08 GMT
last-modified
Mon, 17 May 2021 14:12:51 GMT
server
nginx/1.18.0
etag
8f3cc830da0b1fdf66bda7d1d734747b
vary
Accept-Encoding
access-control-allow-methods
HEAD,GET,POST,PUT,PATCH,DELETE,OPTIONS
content-type
image/png
access-control-allow-origin
*
access-control-expose-headers
X-Container-Meta-Temp-Url-Key,X-Container-Bytes-Used,Last-Modified,X-Timestamp
cache-control
max-age=172800
content-length
7847
access-control-allow-headers
Content-Type,X-Requested-With,X-Auth-Token,X-Openstack-Request-Id,X-Container-Meta-type,X-Container-Meta-Temp-URL-Key,Authorization
x-proxy-cache
HIT
icon4.png
123.selornews.com/dannig/common-player-arrow/img/ 		7 KB
7 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://123.selornews.com/dannig/common-player-arrow/img/icon4.png
Requested by
Host: 517s61.reminews.com
URL: https://517s61.reminews.com/dannig/common-player-arrow/index.html?var=1541502&ymid=211203112367b550e1ecca457380b26e155e&rc=1&mrc=0&fsc=0&zoneid=1601571&tburl=https://play-vids.com/?geo=nl&proxy=true
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
45.133.44.4 Philadelphia, United States, ASN39572 (ADVANCEDHOSTERS-AS, NL),
Reverse DNS
Software
nginx/1.18.0 /
Resource Hash

Request headers

Accept-Language
nl-NL,nl;q=0.9
Referer
https://517s61.reminews.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date
Fri, 03 Dec 2021 16:23:08 GMT
x-openstack-request-id
tx15b172dcb6084849bf123-00617824f0
x-trans-id
tx15b172dcb6084849bf123-00617824f0
x-timestamp
1621260766.57654
accept-ranges
bytes
expires
Sun, 05 Dec 2021 16:23:08 GMT
last-modified
Mon, 17 May 2021 14:12:47 GMT
server
nginx/1.18.0
etag
7ad7f32c1c0df7b4975cc41bda4ac435
vary
Accept-Encoding
access-control-allow-methods
HEAD,GET,POST,PUT,PATCH,DELETE,OPTIONS
content-type
image/png
access-control-allow-origin
*
access-control-expose-headers
X-Container-Meta-Temp-Url-Key,X-Container-Bytes-Used,Last-Modified,X-Timestamp
cache-control
max-age=172800
content-length
7032
access-control-allow-headers
Content-Type,X-Requested-With,X-Auth-Token,X-Openstack-Request-Id,X-Container-Meta-type,X-Container-Meta-Temp-URL-Key,Authorization
x-proxy-cache
HIT
icon5.png
123.selornews.com/dannig/common-player-arrow/img/ 		3 KB
4 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://123.selornews.com/dannig/common-player-arrow/img/icon5.png
Requested by
Host: 517s61.reminews.com
URL: https://517s61.reminews.com/dannig/common-player-arrow/index.html?var=1541502&ymid=211203112367b550e1ecca457380b26e155e&rc=1&mrc=0&fsc=0&zoneid=1601571&tburl=https://play-vids.com/?geo=nl&proxy=true
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
45.133.44.4 Philadelphia, United States, ASN39572 (ADVANCEDHOSTERS-AS, NL),
Reverse DNS
Software
nginx/1.18.0 /
Resource Hash

Request headers

Accept-Language
nl-NL,nl;q=0.9
Referer
https://517s61.reminews.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date
Fri, 03 Dec 2021 16:23:08 GMT
x-openstack-request-id
txb5043e51fe2e4d6988631-00617824f0
x-trans-id
txb5043e51fe2e4d6988631-00617824f0
x-timestamp
1621260766.74516
accept-ranges
bytes
expires
Sun, 05 Dec 2021 16:23:08 GMT
last-modified
Mon, 17 May 2021 14:12:47 GMT
server
nginx/1.18.0
etag
1e1a7582b5da63e10485d63f97abc9a0
vary
Accept-Encoding
access-control-allow-methods
HEAD,GET,POST,PUT,PATCH,DELETE,OPTIONS
content-type
image/png
access-control-allow-origin
*
access-control-expose-headers
X-Container-Meta-Temp-Url-Key,X-Container-Bytes-Used,Last-Modified,X-Timestamp
cache-control
max-age=172800
content-length
3264
access-control-allow-headers
Content-Type,X-Requested-With,X-Auth-Token,X-Openstack-Request-Id,X-Container-Meta-type,X-Container-Meta-Temp-URL-Key,Authorization
x-proxy-cache
HIT
icon7.png
123.selornews.com/dannig/common-player-arrow/img/ 		3 KB
4 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://123.selornews.com/dannig/common-player-arrow/img/icon7.png
Requested by
Host: 517s61.reminews.com
URL: https://517s61.reminews.com/dannig/common-player-arrow/index.html?var=1541502&ymid=211203112367b550e1ecca457380b26e155e&rc=1&mrc=0&fsc=0&zoneid=1601571&tburl=https://play-vids.com/?geo=nl&proxy=true
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
45.133.44.4 Philadelphia, United States, ASN39572 (ADVANCEDHOSTERS-AS, NL),
Reverse DNS
Software
nginx/1.18.0 /
Resource Hash

Request headers

Accept-Language
nl-NL,nl;q=0.9
Referer
https://517s61.reminews.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date
Fri, 03 Dec 2021 16:23:08 GMT
x-openstack-request-id
tx23eb648f44094a9e86fdc-00617824f0
x-trans-id
tx23eb648f44094a9e86fdc-00617824f0
x-timestamp
1621260767.43555
accept-ranges
bytes
expires
Sun, 05 Dec 2021 16:23:08 GMT
last-modified
Mon, 17 May 2021 14:12:48 GMT
server
nginx/1.18.0
etag
b512735542cb07b3b2dcf153a7dfe456
vary
Accept-Encoding
access-control-allow-methods
HEAD,GET,POST,PUT,PATCH,DELETE,OPTIONS
content-type
image/png
access-control-allow-origin
*
access-control-expose-headers
X-Container-Meta-Temp-Url-Key,X-Container-Bytes-Used,Last-Modified,X-Timestamp
cache-control
max-age=172800
content-length
3283
access-control-allow-headers
Content-Type,X-Requested-With,X-Auth-Token,X-Openstack-Request-Id,X-Container-Meta-type,X-Container-Meta-Temp-URL-Key,Authorization
x-proxy-cache
HIT
icon8.png
123.selornews.com/dannig/common-player-arrow/img/ 		4 KB
5 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://123.selornews.com/dannig/common-player-arrow/img/icon8.png
Requested by
Host: 517s61.reminews.com
URL: https://517s61.reminews.com/dannig/common-player-arrow/index.html?var=1541502&ymid=211203112367b550e1ecca457380b26e155e&rc=1&mrc=0&fsc=0&zoneid=1601571&tburl=https://play-vids.com/?geo=nl&proxy=true
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
45.133.44.4 Philadelphia, United States, ASN39572 (ADVANCEDHOSTERS-AS, NL),
Reverse DNS
Software
nginx/1.18.0 /
Resource Hash

Request headers

Accept-Language
nl-NL,nl;q=0.9
Referer
https://517s61.reminews.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date
Fri, 03 Dec 2021 16:23:08 GMT
x-openstack-request-id
tx287de7c84de84b77b385d-00617824f0
x-trans-id
tx287de7c84de84b77b385d-00617824f0
x-timestamp
1621260767.46514
accept-ranges
bytes
expires
Sun, 05 Dec 2021 16:23:08 GMT
last-modified
Mon, 17 May 2021 14:12:48 GMT
server
nginx/1.18.0
etag
f92d6474ebc6a3a0b576749cfb4afe98
vary
Accept-Encoding
access-control-allow-methods
HEAD,GET,POST,PUT,PATCH,DELETE,OPTIONS
content-type
image/png
access-control-allow-origin
*
access-control-expose-headers
X-Container-Meta-Temp-Url-Key,X-Container-Bytes-Used,Last-Modified,X-Timestamp
cache-control
max-age=172800
content-length
4064
access-control-allow-headers
Content-Type,X-Requested-With,X-Auth-Token,X-Openstack-Request-Id,X-Container-Meta-type,X-Container-Meta-Temp-URL-Key,Authorization
x-proxy-cache
HIT
afu.php
kneeansweras.com/ 		2 KB
1 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://kneeansweras.com/afu.php?zoneid=1541501&var=1541502
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
109.206.162.83 , Netherlands, ASN50245 (SERVEREL-AS, NL),
Reverse DNS
83.162.serverel.net
Software
nginx /
Resource Hash
72bbba23934625cadb8c8f02bc61fd979324bcad7d80a6189ec99b51e8be6d9a

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36
Accept-Language
nl-NL,nl;q=0.9

Response headers

server
nginx
date
Fri, 03 Dec 2021 16:23:08 GMT
content-type
text/html; charset=utf-8
vary
Accept-Encoding
content-encoding
gzip
timing-allow-origin
*
submit.min.js
kneeansweras.com/ 		34 KB
14 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://kneeansweras.com/submit.min.js?2.0
Requested by
Host: kneeansweras.com
URL: https://kneeansweras.com/afu.php?zoneid=1541501&var=1541502
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
109.206.162.83 , Netherlands, ASN50245 (SERVEREL-AS, NL),
Reverse DNS
83.162.serverel.net
Software
nginx /
Resource Hash
85a367f436675a0f9ff723ab117c68ab0f704cd9f183bc40c8d5e06d647832b8

Request headers

Accept-Language
nl-NL,nl;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date
Fri, 03 Dec 2021 16:23:08 GMT
content-encoding
gzip
last-modified
Thu, 02 Dec 2021 12:43:17 GMT
server
nginx
etag
W/"61a8bf65-87fb"
vary
Accept-Encoding
content-type
application/javascript
timing-allow-origin
*
/
kneeansweras.com/ 		3 KB
2 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://kneeansweras.com/?r=dir&zoneid=1541501&var=1541502&pb=0245dd2aa2841230c0ef5fd80fe6c3e01638555788&psp=rqq2DYmJR7DbSIvedp01tm8eFG3zrr_1KG_5os4hSPjgXclnXKiM9RNkXYBNV3qCGPhrlmtXex_YWF9W9IPHvSp45x2nXK73epDUyNk39qv646cauG5JiaNYXFKuYbJ2u3Qj247YkNrjOSjVRiobypskaq7xWejmXtNMFnAj-Llvth3dN2SWaqetMjy_Dk_bnD0FHPNDKKdhqcOasAmnmqh6qj69_oswrZGYE3jcwWPkBDKW0SKT_6VzUZgHHIxmypEZDzHjRCGn7-QYQgFqwnWq4L-MXa05WmFLP4Nrg3HNtZM3B0tBuGA8XjGOnqoNIpl9vpDWp5Z3ixuwE9VR_-MoLipi8M_eserDwj4pnXAKIVetglqGLZ27itMunxgWkFXKwU_zY5Tc4U99Iv9eUq-zRMmgFTqAE3DltQp4psiwo5P3tzso8uxrVfyMQq4_i0HrTZBZgrF4C_2NfVWKeyzTSDIenrXiA9wl9qIkfgmaxFA_39Swz7K8fGqgJauyhqlswFSQMztTFOo4h5DoGknz-hm3YO6G9w7Pj6ylPRz-KR57XbAWpgQ0WgNVxXBn9jzH0OSoKZSLXd0OfzjoQ8TyQ70OfiITBLf3fBVzFa13A8xKBfiowNZOjStXRyT903cd6N5jYgKQSwJBvfm_yzVI-OCzMxHKxHNBok1iZKlvUjzv-OI_RQ==&nojs=0&ix=0&t=0&x=1600&y=1200&wcks=1&wgl=1&cnvs=1&os=0&md=0&bb=0&pl=Chrome%20PDF%20Plugin::Chrome%20PDF%20Viewer::Native%20Client&lang=en-US&pf=Linux%20x86_64&cd=24&0&pload=105
Requested by
Host: kneeansweras.com
URL: https://kneeansweras.com/submit.min.js?2.0
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
109.206.162.83 , Netherlands, ASN50245 (SERVEREL-AS, NL),
Reverse DNS
83.162.serverel.net
Software
nginx /
Resource Hash
8b106c804fd68707f45fc6fb6d633f90516528b519a0b030ccbfb191f964111e

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36
Accept-Language
nl-NL,nl;q=0.9

Response headers

server
nginx
date
Fri, 03 Dec 2021 16:23:08 GMT
content-type
text/html; charset=utf-8
vary
Accept-Encoding
content-encoding
gzip
timing-allow-origin
*
index.html
517s61.reminews.com/dannig/common-player-arrow/ 		6 KB
7 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://517s61.reminews.com/dannig/common-player-arrow/index.html?var=1541501&ymid=2112031123ae80a12fb94e4bb68fb115891d&rc=1&mrc=0&fsc=0&zoneid=1601571&tburl=https://play-vids.com/?geo=nl&proxy=true
Requested by
Host: kneeansweras.com
URL: https://kneeansweras.com/?r=dir&zoneid=1541501&var=1541502&pb=0245dd2aa2841230c0ef5fd80fe6c3e01638555788&psp=rqq2DYmJR7DbSIvedp01tm8eFG3zrr_1KG_5os4hSPjgXclnXKiM9RNkXYBNV3qCGPhrlmtXex_YWF9W9IPHvSp45x2nXK73epDUyNk39qv646cauG5JiaNYXFKuYbJ2u3Qj247YkNrjOSjVRiobypskaq7xWejmXtNMFnAj-Llvth3dN2SWaqetMjy_Dk_bnD0FHPNDKKdhqcOasAmnmqh6qj69_oswrZGYE3jcwWPkBDKW0SKT_6VzUZgHHIxmypEZDzHjRCGn7-QYQgFqwnWq4L-MXa05WmFLP4Nrg3HNtZM3B0tBuGA8XjGOnqoNIpl9vpDWp5Z3ixuwE9VR_-MoLipi8M_eserDwj4pnXAKIVetglqGLZ27itMunxgWkFXKwU_zY5Tc4U99Iv9eUq-zRMmgFTqAE3DltQp4psiwo5P3tzso8uxrVfyMQq4_i0HrTZBZgrF4C_2NfVWKeyzTSDIenrXiA9wl9qIkfgmaxFA_39Swz7K8fGqgJauyhqlswFSQMztTFOo4h5DoGknz-hm3YO6G9w7Pj6ylPRz-KR57XbAWpgQ0WgNVxXBn9jzH0OSoKZSLXd0OfzjoQ8TyQ70OfiITBLf3fBVzFa13A8xKBfiowNZOjStXRyT903cd6N5jYgKQSwJBvfm_yzVI-OCzMxHKxHNBok1iZKlvUjzv-OI_RQ==&nojs=0&ix=0&t=0&x=1600&y=1200&wcks=1&wgl=1&cnvs=1&os=0&md=0&bb=0&pl=Chrome%20PDF%20Plugin::Chrome%20PDF%20Viewer::Native%20Client&lang=en-US&pf=Linux%20x86_64&cd=24&0&pload=105
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
45.133.44.3 Philadelphia, United States, ASN39572 (ADVANCEDHOSTERS-AS, NL),
Reverse DNS
Software
nginx/1.18.0 /
Resource Hash
dccc56b4834577790633f041a5c730b0f283352e63c8509a9da3961b170b6f96

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36
Accept-Language
nl-NL,nl;q=0.9

Response headers

date
Fri, 03 Dec 2021 16:23:08 GMT
content-type
text/html; charset=utf-8
content-length
6611
server
nginx/1.18.0
last-modified
Tue, 26 Oct 2021 15:52:40 GMT
etag
f46a63e0e4e733d7ddc6f46da00863bf
x-timestamp
1635263559.76455
x-trans-id
txf9973ab5455e4f86ae257-00617824f3
x-openstack-request-id
txf9973ab5455e4f86ae257-00617824f3
cache-control
max-age=172800
access-control-allow-origin
*
access-control-allow-methods
HEAD,GET,POST,PUT,PATCH,DELETE,OPTIONS
access-control-allow-headers
Content-Type,X-Requested-With,X-Auth-Token,X-Openstack-Request-Id,X-Container-Meta-type,X-Container-Meta-Temp-URL-Key,Authorization
access-control-expose-headers
X-Container-Meta-Temp-Url-Key,X-Container-Bytes-Used,Last-Modified,X-Timestamp
expires
Sun, 05 Dec 2021 16:23:08 GMT
vary
Accept-Encoding
x-proxy-cache
HIT
accept-ranges
bytes
dupa.gif
kneeansweras.com/ 		0
0
script.js
123.selornews.com/dannig/common-player-arrow/ 		4 KB
5 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://123.selornews.com/dannig/common-player-arrow/script.js?a=19
Requested by
Host: 517s61.reminews.com
URL: https://517s61.reminews.com/dannig/common-player-arrow/index.html?var=1541501&ymid=2112031123ae80a12fb94e4bb68fb115891d&rc=1&mrc=0&fsc=0&zoneid=1601571&tburl=https://play-vids.com/?geo=nl&proxy=true
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
45.133.44.4 Philadelphia, United States, ASN39572 (ADVANCEDHOSTERS-AS, NL),
Reverse DNS
Software
nginx/1.18.0 /
Resource Hash
4d23eca65ee87fd5bce9aaefc863c5f836ad13dbb3069c72533bddfe2054d0d9

Request headers

Accept-Language
nl-NL,nl;q=0.9
Referer
https://517s61.reminews.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date
Fri, 03 Dec 2021 16:23:08 GMT
x-openstack-request-id
tx511d3042704c4fa98c709-00617824f4
x-trans-id
tx511d3042704c4fa98c709-00617824f4
x-timestamp
1631013005.68768
accept-ranges
bytes
expires
Sun, 05 Dec 2021 16:23:08 GMT
last-modified
Tue, 07 Sep 2021 11:10:06 GMT
server
nginx/1.18.0
etag
9d479878f1dadd7ee15cebf73891e8ae
vary
Accept-Encoding
access-control-allow-methods
HEAD,GET,POST,PUT,PATCH,DELETE,OPTIONS
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
access-control-expose-headers
X-Container-Meta-Temp-Url-Key,X-Container-Bytes-Used,Last-Modified,X-Timestamp
cache-control
max-age=172800
content-length
4281
access-control-allow-headers
Content-Type,X-Requested-With,X-Auth-Token,X-Openstack-Request-Id,X-Container-Meta-type,X-Container-Meta-Temp-URL-Key,Authorization
x-proxy-cache
HIT
icon1.png
123.selornews.com/dannig/common-player-arrow/img/ 		7 KB
8 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://123.selornews.com/dannig/common-player-arrow/img/icon1.png
Requested by
Host: 517s61.reminews.com
URL: https://517s61.reminews.com/dannig/common-player-arrow/index.html?var=1541501&ymid=2112031123ae80a12fb94e4bb68fb115891d&rc=1&mrc=0&fsc=0&zoneid=1601571&tburl=https://play-vids.com/?geo=nl&proxy=true
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
45.133.44.4 Philadelphia, United States, ASN39572 (ADVANCEDHOSTERS-AS, NL),
Reverse DNS
Software
nginx/1.18.0 /
Resource Hash
0515ddd9185d263874e7b66bb6d521fcd63b857aac5fed51c08df98026dafe27

Request headers

Accept-Language
nl-NL,nl;q=0.9
Referer
https://517s61.reminews.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date
Fri, 03 Dec 2021 16:23:08 GMT
x-openstack-request-id
tx3a371b7f911d47879e956-00617824f4
x-trans-id
tx3a371b7f911d47879e956-00617824f4
x-timestamp
1621260766.56573
accept-ranges
bytes
expires
Sun, 05 Dec 2021 16:23:08 GMT
last-modified
Mon, 17 May 2021 14:12:47 GMT
server
nginx/1.18.0
etag
3d0ab5834c8bf7134e4d21fa3288317f
vary
Accept-Encoding
access-control-allow-methods
HEAD,GET,POST,PUT,PATCH,DELETE,OPTIONS
content-type
image/png
access-control-allow-origin
*
access-control-expose-headers
X-Container-Meta-Temp-Url-Key,X-Container-Bytes-Used,Last-Modified,X-Timestamp
cache-control
max-age=172800
content-length
7252
access-control-allow-headers
Content-Type,X-Requested-With,X-Auth-Token,X-Openstack-Request-Id,X-Container-Meta-type,X-Container-Meta-Temp-URL-Key,Authorization
x-proxy-cache
HIT
icon2.png
123.selornews.com/dannig/common-player-arrow/img/ 		4 KB
5 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://123.selornews.com/dannig/common-player-arrow/img/icon2.png
Requested by
Host: 517s61.reminews.com
URL: https://517s61.reminews.com/dannig/common-player-arrow/index.html?var=1541501&ymid=2112031123ae80a12fb94e4bb68fb115891d&rc=1&mrc=0&fsc=0&zoneid=1601571&tburl=https://play-vids.com/?geo=nl&proxy=true
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
45.133.44.4 Philadelphia, United States, ASN39572 (ADVANCEDHOSTERS-AS, NL),
Reverse DNS
Software
nginx/1.18.0 /
Resource Hash

Request headers

Accept-Language
nl-NL,nl;q=0.9
Referer
https://517s61.reminews.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date
Fri, 03 Dec 2021 16:23:08 GMT
x-openstack-request-id
txa9b08c83d6884e2e94886-00617824f0
x-trans-id
txa9b08c83d6884e2e94886-00617824f0
x-timestamp
1621260766.58366
accept-ranges
bytes
expires
Sun, 05 Dec 2021 16:23:08 GMT
last-modified
Mon, 17 May 2021 14:12:47 GMT
server
nginx/1.18.0
etag
c947d439eb93367f1af5b2a3d222f057
vary
Accept-Encoding
access-control-allow-methods
HEAD,GET,POST,PUT,PATCH,DELETE,OPTIONS
content-type
image/png
access-control-allow-origin
*
access-control-expose-headers
X-Container-Meta-Temp-Url-Key,X-Container-Bytes-Used,Last-Modified,X-Timestamp
cache-control
max-age=172800
content-length
4576
access-control-allow-headers
Content-Type,X-Requested-With,X-Auth-Token,X-Openstack-Request-Id,X-Container-Meta-type,X-Container-Meta-Temp-URL-Key,Authorization
x-proxy-cache
HIT
icon3.png
123.selornews.com/dannig/common-player-arrow/img/ 		8 KB
8 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://123.selornews.com/dannig/common-player-arrow/img/icon3.png
Requested by
Host: 517s61.reminews.com
URL: https://517s61.reminews.com/dannig/common-player-arrow/index.html?var=1541501&ymid=2112031123ae80a12fb94e4bb68fb115891d&rc=1&mrc=0&fsc=0&zoneid=1601571&tburl=https://play-vids.com/?geo=nl&proxy=true
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
45.133.44.4 Philadelphia, United States, ASN39572 (ADVANCEDHOSTERS-AS, NL),
Reverse DNS
Software
nginx/1.18.0 /
Resource Hash

Request headers

Accept-Language
nl-NL,nl;q=0.9
Referer
https://517s61.reminews.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date
Fri, 03 Dec 2021 16:23:08 GMT
x-openstack-request-id
txe836bc800dc74cab8c17e-00617824f0
x-trans-id
txe836bc800dc74cab8c17e-00617824f0
x-timestamp
1621260770.61859
accept-ranges
bytes
expires
Sun, 05 Dec 2021 16:23:08 GMT
last-modified
Mon, 17 May 2021 14:12:51 GMT
server
nginx/1.18.0
etag
8f3cc830da0b1fdf66bda7d1d734747b
vary
Accept-Encoding
access-control-allow-methods
HEAD,GET,POST,PUT,PATCH,DELETE,OPTIONS
content-type
image/png
access-control-allow-origin
*
access-control-expose-headers
X-Container-Meta-Temp-Url-Key,X-Container-Bytes-Used,Last-Modified,X-Timestamp
cache-control
max-age=172800
content-length
7847
access-control-allow-headers
Content-Type,X-Requested-With,X-Auth-Token,X-Openstack-Request-Id,X-Container-Meta-type,X-Container-Meta-Temp-URL-Key,Authorization
x-proxy-cache
HIT
icon4.png
123.selornews.com/dannig/common-player-arrow/img/ 		7 KB
7 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://123.selornews.com/dannig/common-player-arrow/img/icon4.png
Requested by
Host: 517s61.reminews.com
URL: https://517s61.reminews.com/dannig/common-player-arrow/index.html?var=1541501&ymid=2112031123ae80a12fb94e4bb68fb115891d&rc=1&mrc=0&fsc=0&zoneid=1601571&tburl=https://play-vids.com/?geo=nl&proxy=true
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
45.133.44.4 Philadelphia, United States, ASN39572 (ADVANCEDHOSTERS-AS, NL),
Reverse DNS
Software
nginx/1.18.0 /
Resource Hash

Request headers

Accept-Language
nl-NL,nl;q=0.9
Referer
https://517s61.reminews.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date
Fri, 03 Dec 2021 16:23:08 GMT
x-openstack-request-id
tx15b172dcb6084849bf123-00617824f0
x-trans-id
tx15b172dcb6084849bf123-00617824f0
x-timestamp
1621260766.57654
accept-ranges
bytes
expires
Sun, 05 Dec 2021 16:23:08 GMT
last-modified
Mon, 17 May 2021 14:12:47 GMT
server
nginx/1.18.0
etag
7ad7f32c1c0df7b4975cc41bda4ac435
vary
Accept-Encoding
access-control-allow-methods
HEAD,GET,POST,PUT,PATCH,DELETE,OPTIONS
content-type
image/png
access-control-allow-origin
*
access-control-expose-headers
X-Container-Meta-Temp-Url-Key,X-Container-Bytes-Used,Last-Modified,X-Timestamp
cache-control
max-age=172800
content-length
7032
access-control-allow-headers
Content-Type,X-Requested-With,X-Auth-Token,X-Openstack-Request-Id,X-Container-Meta-type,X-Container-Meta-Temp-URL-Key,Authorization
x-proxy-cache
HIT
icon5.png
123.selornews.com/dannig/common-player-arrow/img/ 		3 KB
4 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://123.selornews.com/dannig/common-player-arrow/img/icon5.png
Requested by
Host: 517s61.reminews.com
URL: https://517s61.reminews.com/dannig/common-player-arrow/index.html?var=1541501&ymid=2112031123ae80a12fb94e4bb68fb115891d&rc=1&mrc=0&fsc=0&zoneid=1601571&tburl=https://play-vids.com/?geo=nl&proxy=true
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
45.133.44.4 Philadelphia, United States, ASN39572 (ADVANCEDHOSTERS-AS, NL),
Reverse DNS
Software
nginx/1.18.0 /
Resource Hash

Request headers

Accept-Language
nl-NL,nl;q=0.9
Referer
https://517s61.reminews.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date
Fri, 03 Dec 2021 16:23:08 GMT
x-openstack-request-id
txb5043e51fe2e4d6988631-00617824f0
x-trans-id
txb5043e51fe2e4d6988631-00617824f0
x-timestamp
1621260766.74516
accept-ranges
bytes
expires
Sun, 05 Dec 2021 16:23:08 GMT
last-modified
Mon, 17 May 2021 14:12:47 GMT
server
nginx/1.18.0
etag
1e1a7582b5da63e10485d63f97abc9a0
vary
Accept-Encoding
access-control-allow-methods
HEAD,GET,POST,PUT,PATCH,DELETE,OPTIONS
content-type
image/png
access-control-allow-origin
*
access-control-expose-headers
X-Container-Meta-Temp-Url-Key,X-Container-Bytes-Used,Last-Modified,X-Timestamp
cache-control
max-age=172800
content-length
3264
access-control-allow-headers
Content-Type,X-Requested-With,X-Auth-Token,X-Openstack-Request-Id,X-Container-Meta-type,X-Container-Meta-Temp-URL-Key,Authorization
x-proxy-cache
HIT
icon7.png
123.selornews.com/dannig/common-player-arrow/img/ 		3 KB
4 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://123.selornews.com/dannig/common-player-arrow/img/icon7.png
Requested by
Host: 517s61.reminews.com
URL: https://517s61.reminews.com/dannig/common-player-arrow/index.html?var=1541501&ymid=2112031123ae80a12fb94e4bb68fb115891d&rc=1&mrc=0&fsc=0&zoneid=1601571&tburl=https://play-vids.com/?geo=nl&proxy=true
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
45.133.44.4 Philadelphia, United States, ASN39572 (ADVANCEDHOSTERS-AS, NL),
Reverse DNS
Software
nginx/1.18.0 /
Resource Hash

Request headers

Accept-Language
nl-NL,nl;q=0.9
Referer
https://517s61.reminews.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date
Fri, 03 Dec 2021 16:23:08 GMT
x-openstack-request-id
tx23eb648f44094a9e86fdc-00617824f0
x-trans-id
tx23eb648f44094a9e86fdc-00617824f0
x-timestamp
1621260767.43555
accept-ranges
bytes
expires
Sun, 05 Dec 2021 16:23:08 GMT
last-modified
Mon, 17 May 2021 14:12:48 GMT
server
nginx/1.18.0
etag
b512735542cb07b3b2dcf153a7dfe456
vary
Accept-Encoding
access-control-allow-methods
HEAD,GET,POST,PUT,PATCH,DELETE,OPTIONS
content-type
image/png
access-control-allow-origin
*
access-control-expose-headers
X-Container-Meta-Temp-Url-Key,X-Container-Bytes-Used,Last-Modified,X-Timestamp
cache-control
max-age=172800
content-length
3283
access-control-allow-headers
Content-Type,X-Requested-With,X-Auth-Token,X-Openstack-Request-Id,X-Container-Meta-type,X-Container-Meta-Temp-URL-Key,Authorization
x-proxy-cache
HIT
icon8.png
123.selornews.com/dannig/common-player-arrow/img/ 		4 KB
5 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://123.selornews.com/dannig/common-player-arrow/img/icon8.png
Requested by
Host: 517s61.reminews.com
URL: https://517s61.reminews.com/dannig/common-player-arrow/index.html?var=1541501&ymid=2112031123ae80a12fb94e4bb68fb115891d&rc=1&mrc=0&fsc=0&zoneid=1601571&tburl=https://play-vids.com/?geo=nl&proxy=true
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
45.133.44.4 Philadelphia, United States, ASN39572 (ADVANCEDHOSTERS-AS, NL),
Reverse DNS
Software
nginx/1.18.0 /
Resource Hash

Request headers

Accept-Language
nl-NL,nl;q=0.9
Referer
https://517s61.reminews.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date
Fri, 03 Dec 2021 16:23:08 GMT
x-openstack-request-id
tx287de7c84de84b77b385d-00617824f0
x-trans-id
tx287de7c84de84b77b385d-00617824f0
x-timestamp
1621260767.46514
accept-ranges
bytes
expires
Sun, 05 Dec 2021 16:23:08 GMT
last-modified
Mon, 17 May 2021 14:12:48 GMT
server
nginx/1.18.0
etag
f92d6474ebc6a3a0b576749cfb4afe98
vary
Accept-Encoding
access-control-allow-methods
HEAD,GET,POST,PUT,PATCH,DELETE,OPTIONS
content-type
image/png
access-control-allow-origin
*
access-control-expose-headers
X-Container-Meta-Temp-Url-Key,X-Container-Bytes-Used,Last-Modified,X-Timestamp
cache-control
max-age=172800
content-length
4064
access-control-allow-headers
Content-Type,X-Requested-With,X-Auth-Token,X-Openstack-Request-Id,X-Container-Meta-type,X-Container-Meta-Temp-URL-Key,Authorization
x-proxy-cache
HIT
afu.php
kneeansweras.com/ 		2 KB
1 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://kneeansweras.com/afu.php?zoneid=1541502&var=1541501
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
109.206.162.83 , Netherlands, ASN50245 (SERVEREL-AS, NL),
Reverse DNS
83.162.serverel.net
Software
nginx /
Resource Hash
0fc81f05c8a93a189f332c69d2a561090008b7479cb94ce1bb0e9f704ba679a0

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36
Accept-Language
nl-NL,nl;q=0.9

Response headers

server
nginx
date
Fri, 03 Dec 2021 16:23:08 GMT
content-type
text/html; charset=utf-8
vary
Accept-Encoding
content-encoding
gzip
timing-allow-origin
*
submit.min.js
kneeansweras.com/ 		34 KB
14 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://kneeansweras.com/submit.min.js?2.0
Requested by
Host: kneeansweras.com
URL: https://kneeansweras.com/afu.php?zoneid=1541502&var=1541501
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
109.206.162.83 , Netherlands, ASN50245 (SERVEREL-AS, NL),
Reverse DNS
83.162.serverel.net
Software
nginx /
Resource Hash
85a367f436675a0f9ff723ab117c68ab0f704cd9f183bc40c8d5e06d647832b8

Request headers

Accept-Language
nl-NL,nl;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date
Fri, 03 Dec 2021 16:23:08 GMT
content-encoding
gzip
last-modified
Thu, 02 Dec 2021 12:43:17 GMT
server
nginx
etag
W/"61a8bf65-87fb"
vary
Accept-Encoding
content-type
application/javascript
timing-allow-origin
*
/
kneeansweras.com/ 		3 KB
2 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://kneeansweras.com/?r=dir&zoneid=1541502&var=1541501&pb=0245dd2aa2841230c0ef5fd80fe6c3e01638555788&psp=pq0WzPdmGRDSigukVIP_VzUW5se9_503i72ATbx3rpoFrQBkSJ43l6aE2-tPlvZN9YAEw7vVtobSmtgj9G06q2ZUrUWQ-abIA74LKKBA201RdkTkkRoLC9Luy8d5poLD7jsafvdJ4nsIqj8mHKb0PKzNosb6hGF9Dle9mLjL2J5KE3dNUV-4LQrV2mrbnH5--w9Q9tLnQ6QQirKgPiDwAjuyRwU951wt9LBbAvWl08HrbFoHFpBjBOBpW9HEd0pVUUDFkRfAy04g9uKAo8DGQdURtuoWAKIr2c6dFYxsKnJXad8WVQpYVuPAMdgnXfoYpAae9b_fi7nxwTDqnyOdubMgv5d6LTV7NXDX9MXhgCv9X_Oe9U_Dcj6Ct9-MO0ZedKB8xQRQ5UvNRyBLRyC7bt6jFFLrGfP7UFPBcOnsJ1Qji-sU-_UOfvlOByMpxbbDYTBbc9mytOSDQ5egJ9lGoTpzr2zkhxDhUpHgn1coiIdJpLEqp1-SsJfyNnW7yMtl8wbEgn_MuPI_4_1lFtQCr6t7ZemwJHoGsx36QNldfqVkdWnJ-NeSeOTPorTHMcGCGFeJz2D-8tbXtfjfvMhYIfASc8vezoDIuMI5dkBZVygJs0dnmDELxTQ7HLBPyIzoD5Sfv_CBi1jCdKfERlKASDLZB7WF_1JmmAWxAMi3fu7IK3Ua1WX_cA==&nojs=0&ix=0&t=0&x=1600&y=1200&wcks=1&wgl=1&cnvs=1&os=0&md=0&bb=0&pl=Chrome%20PDF%20Plugin::Chrome%20PDF%20Viewer::Native%20Client&lang=en-US&pf=Linux%20x86_64&cd=24&0&pload=106
Requested by
Host: kneeansweras.com
URL: https://kneeansweras.com/submit.min.js?2.0
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
109.206.162.83 , Netherlands, ASN50245 (SERVEREL-AS, NL),
Reverse DNS
83.162.serverel.net
Software
nginx /
Resource Hash
b1805abc562c355089fc8eed72595fe8e8844cce79966c01cf067cb3a612b09c

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36
Accept-Language
nl-NL,nl;q=0.9

Response headers

server
nginx
date
Fri, 03 Dec 2021 16:23:08 GMT
content-type
text/html; charset=utf-8
vary
Accept-Encoding
content-encoding
gzip
timing-allow-origin
*
index.html
517s61.reminews.com/dannig/common-player-arrow/ 		6 KB
7 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://517s61.reminews.com/dannig/common-player-arrow/index.html?var=1541502&ymid=211203112352e0aa44d972492890e5a3b22b&rc=1&mrc=0&fsc=0&zoneid=1601571&tburl=https://play-vids.com/?geo=nl&proxy=true
Requested by
Host: kneeansweras.com
URL: https://kneeansweras.com/?r=dir&zoneid=1541502&var=1541501&pb=0245dd2aa2841230c0ef5fd80fe6c3e01638555788&psp=pq0WzPdmGRDSigukVIP_VzUW5se9_503i72ATbx3rpoFrQBkSJ43l6aE2-tPlvZN9YAEw7vVtobSmtgj9G06q2ZUrUWQ-abIA74LKKBA201RdkTkkRoLC9Luy8d5poLD7jsafvdJ4nsIqj8mHKb0PKzNosb6hGF9Dle9mLjL2J5KE3dNUV-4LQrV2mrbnH5--w9Q9tLnQ6QQirKgPiDwAjuyRwU951wt9LBbAvWl08HrbFoHFpBjBOBpW9HEd0pVUUDFkRfAy04g9uKAo8DGQdURtuoWAKIr2c6dFYxsKnJXad8WVQpYVuPAMdgnXfoYpAae9b_fi7nxwTDqnyOdubMgv5d6LTV7NXDX9MXhgCv9X_Oe9U_Dcj6Ct9-MO0ZedKB8xQRQ5UvNRyBLRyC7bt6jFFLrGfP7UFPBcOnsJ1Qji-sU-_UOfvlOByMpxbbDYTBbc9mytOSDQ5egJ9lGoTpzr2zkhxDhUpHgn1coiIdJpLEqp1-SsJfyNnW7yMtl8wbEgn_MuPI_4_1lFtQCr6t7ZemwJHoGsx36QNldfqVkdWnJ-NeSeOTPorTHMcGCGFeJz2D-8tbXtfjfvMhYIfASc8vezoDIuMI5dkBZVygJs0dnmDELxTQ7HLBPyIzoD5Sfv_CBi1jCdKfERlKASDLZB7WF_1JmmAWxAMi3fu7IK3Ua1WX_cA==&nojs=0&ix=0&t=0&x=1600&y=1200&wcks=1&wgl=1&cnvs=1&os=0&md=0&bb=0&pl=Chrome%20PDF%20Plugin::Chrome%20PDF%20Viewer::Native%20Client&lang=en-US&pf=Linux%20x86_64&cd=24&0&pload=106
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
45.133.44.3 Philadelphia, United States, ASN39572 (ADVANCEDHOSTERS-AS, NL),
Reverse DNS
Software
nginx/1.18.0 /
Resource Hash
dccc56b4834577790633f041a5c730b0f283352e63c8509a9da3961b170b6f96

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36
Accept-Language
nl-NL,nl;q=0.9

Response headers

date
Fri, 03 Dec 2021 16:23:08 GMT
content-type
text/html; charset=utf-8
content-length
6611
server
nginx/1.18.0
last-modified
Tue, 26 Oct 2021 15:52:40 GMT
etag
f46a63e0e4e733d7ddc6f46da00863bf
x-timestamp
1635263559.76455
x-trans-id
txf9973ab5455e4f86ae257-00617824f3
x-openstack-request-id
txf9973ab5455e4f86ae257-00617824f3
cache-control
max-age=172800
access-control-allow-origin
*
access-control-allow-methods
HEAD,GET,POST,PUT,PATCH,DELETE,OPTIONS
access-control-allow-headers
Content-Type,X-Requested-With,X-Auth-Token,X-Openstack-Request-Id,X-Container-Meta-type,X-Container-Meta-Temp-URL-Key,Authorization
access-control-expose-headers
X-Container-Meta-Temp-Url-Key,X-Container-Bytes-Used,Last-Modified,X-Timestamp
expires
Sun, 05 Dec 2021 16:23:08 GMT
vary
Accept-Encoding
x-proxy-cache
HIT
accept-ranges
bytes
dupa.gif
kneeansweras.com/ 		0
0
script.js
123.selornews.com/dannig/common-player-arrow/ 		4 KB
5 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://123.selornews.com/dannig/common-player-arrow/script.js?a=19
Requested by
Host: 517s61.reminews.com
URL: https://517s61.reminews.com/dannig/common-player-arrow/index.html?var=1541502&ymid=211203112352e0aa44d972492890e5a3b22b&rc=1&mrc=0&fsc=0&zoneid=1601571&tburl=https://play-vids.com/?geo=nl&proxy=true
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
45.133.44.4 Philadelphia, United States, ASN39572 (ADVANCEDHOSTERS-AS, NL),
Reverse DNS
Software
nginx/1.18.0 /
Resource Hash
4d23eca65ee87fd5bce9aaefc863c5f836ad13dbb3069c72533bddfe2054d0d9

Request headers

Accept-Language
nl-NL,nl;q=0.9
Referer
https://517s61.reminews.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date
Fri, 03 Dec 2021 16:23:08 GMT
x-openstack-request-id
tx511d3042704c4fa98c709-00617824f4
x-trans-id
tx511d3042704c4fa98c709-00617824f4
x-timestamp
1631013005.68768
accept-ranges
bytes
expires
Sun, 05 Dec 2021 16:23:08 GMT
last-modified
Tue, 07 Sep 2021 11:10:06 GMT
server
nginx/1.18.0
etag
9d479878f1dadd7ee15cebf73891e8ae
vary
Accept-Encoding
access-control-allow-methods
HEAD,GET,POST,PUT,PATCH,DELETE,OPTIONS
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
access-control-expose-headers
X-Container-Meta-Temp-Url-Key,X-Container-Bytes-Used,Last-Modified,X-Timestamp
cache-control
max-age=172800
content-length
4281
access-control-allow-headers
Content-Type,X-Requested-With,X-Auth-Token,X-Openstack-Request-Id,X-Container-Meta-type,X-Container-Meta-Temp-URL-Key,Authorization
x-proxy-cache
HIT
icon1.png
123.selornews.com/dannig/common-player-arrow/img/ 		7 KB
8 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://123.selornews.com/dannig/common-player-arrow/img/icon1.png
Requested by
Host: 517s61.reminews.com
URL: https://517s61.reminews.com/dannig/common-player-arrow/index.html?var=1541502&ymid=211203112352e0aa44d972492890e5a3b22b&rc=1&mrc=0&fsc=0&zoneid=1601571&tburl=https://play-vids.com/?geo=nl&proxy=true
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
45.133.44.4 Philadelphia, United States, ASN39572 (ADVANCEDHOSTERS-AS, NL),
Reverse DNS
Software
nginx/1.18.0 /
Resource Hash
0515ddd9185d263874e7b66bb6d521fcd63b857aac5fed51c08df98026dafe27

Request headers

Accept-Language
nl-NL,nl;q=0.9
Referer
https://517s61.reminews.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date
Fri, 03 Dec 2021 16:23:08 GMT
x-openstack-request-id
tx3a371b7f911d47879e956-00617824f4
x-trans-id
tx3a371b7f911d47879e956-00617824f4
x-timestamp
1621260766.56573
accept-ranges
bytes
expires
Sun, 05 Dec 2021 16:23:08 GMT
last-modified
Mon, 17 May 2021 14:12:47 GMT
server
nginx/1.18.0
etag
3d0ab5834c8bf7134e4d21fa3288317f
vary
Accept-Encoding
access-control-allow-methods
HEAD,GET,POST,PUT,PATCH,DELETE,OPTIONS
content-type
image/png
access-control-allow-origin
*
access-control-expose-headers
X-Container-Meta-Temp-Url-Key,X-Container-Bytes-Used,Last-Modified,X-Timestamp
cache-control
max-age=172800
content-length
7252
access-control-allow-headers
Content-Type,X-Requested-With,X-Auth-Token,X-Openstack-Request-Id,X-Container-Meta-type,X-Container-Meta-Temp-URL-Key,Authorization
x-proxy-cache
HIT
icon2.png
123.selornews.com/dannig/common-player-arrow/img/ 		4 KB
5 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://123.selornews.com/dannig/common-player-arrow/img/icon2.png
Requested by
Host: 517s61.reminews.com
URL: https://517s61.reminews.com/dannig/common-player-arrow/index.html?var=1541502&ymid=211203112352e0aa44d972492890e5a3b22b&rc=1&mrc=0&fsc=0&zoneid=1601571&tburl=https://play-vids.com/?geo=nl&proxy=true
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
45.133.44.4 Philadelphia, United States, ASN39572 (ADVANCEDHOSTERS-AS, NL),
Reverse DNS
Software
nginx/1.18.0 /
Resource Hash

Request headers

Accept-Language
nl-NL,nl;q=0.9
Referer
https://517s61.reminews.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date
Fri, 03 Dec 2021 16:23:08 GMT
x-openstack-request-id
txa9b08c83d6884e2e94886-00617824f0
x-trans-id
txa9b08c83d6884e2e94886-00617824f0
x-timestamp
1621260766.58366
accept-ranges
bytes
expires
Sun, 05 Dec 2021 16:23:08 GMT
last-modified
Mon, 17 May 2021 14:12:47 GMT
server
nginx/1.18.0
etag
c947d439eb93367f1af5b2a3d222f057
vary
Accept-Encoding
access-control-allow-methods
HEAD,GET,POST,PUT,PATCH,DELETE,OPTIONS
content-type
image/png
access-control-allow-origin
*
access-control-expose-headers
X-Container-Meta-Temp-Url-Key,X-Container-Bytes-Used,Last-Modified,X-Timestamp
cache-control
max-age=172800
content-length
4576
access-control-allow-headers
Content-Type,X-Requested-With,X-Auth-Token,X-Openstack-Request-Id,X-Container-Meta-type,X-Container-Meta-Temp-URL-Key,Authorization
x-proxy-cache
HIT
icon3.png
123.selornews.com/dannig/common-player-arrow/img/ 		8 KB
8 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://123.selornews.com/dannig/common-player-arrow/img/icon3.png
Requested by
Host: 517s61.reminews.com
URL: https://517s61.reminews.com/dannig/common-player-arrow/index.html?var=1541502&ymid=211203112352e0aa44d972492890e5a3b22b&rc=1&mrc=0&fsc=0&zoneid=1601571&tburl=https://play-vids.com/?geo=nl&proxy=true
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
45.133.44.4 Philadelphia, United States, ASN39572 (ADVANCEDHOSTERS-AS, NL),
Reverse DNS
Software
nginx/1.18.0 /
Resource Hash

Request headers

Accept-Language
nl-NL,nl;q=0.9
Referer
https://517s61.reminews.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date
Fri, 03 Dec 2021 16:23:08 GMT
x-openstack-request-id
txe836bc800dc74cab8c17e-00617824f0
x-trans-id
txe836bc800dc74cab8c17e-00617824f0
x-timestamp
1621260770.61859
accept-ranges
bytes
expires
Sun, 05 Dec 2021 16:23:08 GMT
last-modified
Mon, 17 May 2021 14:12:51 GMT
server
nginx/1.18.0
etag
8f3cc830da0b1fdf66bda7d1d734747b
vary
Accept-Encoding
access-control-allow-methods
HEAD,GET,POST,PUT,PATCH,DELETE,OPTIONS
content-type
image/png
access-control-allow-origin
*
access-control-expose-headers
X-Container-Meta-Temp-Url-Key,X-Container-Bytes-Used,Last-Modified,X-Timestamp
cache-control
max-age=172800
content-length
7847
access-control-allow-headers
Content-Type,X-Requested-With,X-Auth-Token,X-Openstack-Request-Id,X-Container-Meta-type,X-Container-Meta-Temp-URL-Key,Authorization
x-proxy-cache
HIT
icon4.png
123.selornews.com/dannig/common-player-arrow/img/ 		7 KB
7 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://123.selornews.com/dannig/common-player-arrow/img/icon4.png
Requested by
Host: 517s61.reminews.com
URL: https://517s61.reminews.com/dannig/common-player-arrow/index.html?var=1541502&ymid=211203112352e0aa44d972492890e5a3b22b&rc=1&mrc=0&fsc=0&zoneid=1601571&tburl=https://play-vids.com/?geo=nl&proxy=true
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
45.133.44.4 Philadelphia, United States, ASN39572 (ADVANCEDHOSTERS-AS, NL),
Reverse DNS
Software
nginx/1.18.0 /
Resource Hash

Request headers

Accept-Language
nl-NL,nl;q=0.9
Referer
https://517s61.reminews.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date
Fri, 03 Dec 2021 16:23:08 GMT
x-openstack-request-id
tx15b172dcb6084849bf123-00617824f0
x-trans-id
tx15b172dcb6084849bf123-00617824f0
x-timestamp
1621260766.57654
accept-ranges
bytes
expires
Sun, 05 Dec 2021 16:23:08 GMT
last-modified
Mon, 17 May 2021 14:12:47 GMT
server
nginx/1.18.0
etag
7ad7f32c1c0df7b4975cc41bda4ac435
vary
Accept-Encoding
access-control-allow-methods
HEAD,GET,POST,PUT,PATCH,DELETE,OPTIONS
content-type
image/png
access-control-allow-origin
*
access-control-expose-headers
X-Container-Meta-Temp-Url-Key,X-Container-Bytes-Used,Last-Modified,X-Timestamp
cache-control
max-age=172800
content-length
7032
access-control-allow-headers
Content-Type,X-Requested-With,X-Auth-Token,X-Openstack-Request-Id,X-Container-Meta-type,X-Container-Meta-Temp-URL-Key,Authorization
x-proxy-cache
HIT
icon5.png
123.selornews.com/dannig/common-player-arrow/img/ 		3 KB
4 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://123.selornews.com/dannig/common-player-arrow/img/icon5.png
Requested by
Host: 517s61.reminews.com
URL: https://517s61.reminews.com/dannig/common-player-arrow/index.html?var=1541502&ymid=211203112352e0aa44d972492890e5a3b22b&rc=1&mrc=0&fsc=0&zoneid=1601571&tburl=https://play-vids.com/?geo=nl&proxy=true
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
45.133.44.4 Philadelphia, United States, ASN39572 (ADVANCEDHOSTERS-AS, NL),
Reverse DNS
Software
nginx/1.18.0 /
Resource Hash

Request headers

Accept-Language
nl-NL,nl;q=0.9
Referer
https://517s61.reminews.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date
Fri, 03 Dec 2021 16:23:08 GMT
x-openstack-request-id
txb5043e51fe2e4d6988631-00617824f0
x-trans-id
txb5043e51fe2e4d6988631-00617824f0
x-timestamp
1621260766.74516
accept-ranges
bytes
expires
Sun, 05 Dec 2021 16:23:08 GMT
last-modified
Mon, 17 May 2021 14:12:47 GMT
server
nginx/1.18.0
etag
1e1a7582b5da63e10485d63f97abc9a0
vary
Accept-Encoding
access-control-allow-methods
HEAD,GET,POST,PUT,PATCH,DELETE,OPTIONS
content-type
image/png
access-control-allow-origin
*
access-control-expose-headers
X-Container-Meta-Temp-Url-Key,X-Container-Bytes-Used,Last-Modified,X-Timestamp
cache-control
max-age=172800
content-length
3264
access-control-allow-headers
Content-Type,X-Requested-With,X-Auth-Token,X-Openstack-Request-Id,X-Container-Meta-type,X-Container-Meta-Temp-URL-Key,Authorization
x-proxy-cache
HIT
icon7.png
123.selornews.com/dannig/common-player-arrow/img/ 		3 KB
4 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://123.selornews.com/dannig/common-player-arrow/img/icon7.png
Requested by
Host: 517s61.reminews.com
URL: https://517s61.reminews.com/dannig/common-player-arrow/index.html?var=1541502&ymid=211203112352e0aa44d972492890e5a3b22b&rc=1&mrc=0&fsc=0&zoneid=1601571&tburl=https://play-vids.com/?geo=nl&proxy=true
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
45.133.44.4 Philadelphia, United States, ASN39572 (ADVANCEDHOSTERS-AS, NL),
Reverse DNS
Software
nginx/1.18.0 /
Resource Hash

Request headers

Accept-Language
nl-NL,nl;q=0.9
Referer
https://517s61.reminews.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date
Fri, 03 Dec 2021 16:23:08 GMT
x-openstack-request-id
tx23eb648f44094a9e86fdc-00617824f0
x-trans-id
tx23eb648f44094a9e86fdc-00617824f0
x-timestamp
1621260767.43555
accept-ranges
bytes
expires
Sun, 05 Dec 2021 16:23:08 GMT
last-modified
Mon, 17 May 2021 14:12:48 GMT
server
nginx/1.18.0
etag
b512735542cb07b3b2dcf153a7dfe456
vary
Accept-Encoding
access-control-allow-methods
HEAD,GET,POST,PUT,PATCH,DELETE,OPTIONS
content-type
image/png
access-control-allow-origin
*
access-control-expose-headers
X-Container-Meta-Temp-Url-Key,X-Container-Bytes-Used,Last-Modified,X-Timestamp
cache-control
max-age=172800
content-length
3283
access-control-allow-headers
Content-Type,X-Requested-With,X-Auth-Token,X-Openstack-Request-Id,X-Container-Meta-type,X-Container-Meta-Temp-URL-Key,Authorization
x-proxy-cache
HIT
icon8.png
123.selornews.com/dannig/common-player-arrow/img/ 		4 KB
5 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://123.selornews.com/dannig/common-player-arrow/img/icon8.png
Requested by
Host: 517s61.reminews.com
URL: https://517s61.reminews.com/dannig/common-player-arrow/index.html?var=1541502&ymid=211203112352e0aa44d972492890e5a3b22b&rc=1&mrc=0&fsc=0&zoneid=1601571&tburl=https://play-vids.com/?geo=nl&proxy=true
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
45.133.44.4 Philadelphia, United States, ASN39572 (ADVANCEDHOSTERS-AS, NL),
Reverse DNS
Software
nginx/1.18.0 /
Resource Hash

Request headers

Accept-Language
nl-NL,nl;q=0.9
Referer
https://517s61.reminews.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date
Fri, 03 Dec 2021 16:23:08 GMT
x-openstack-request-id
tx287de7c84de84b77b385d-00617824f0
x-trans-id
tx287de7c84de84b77b385d-00617824f0
x-timestamp
1621260767.46514
accept-ranges
bytes
expires
Sun, 05 Dec 2021 16:23:08 GMT
last-modified
Mon, 17 May 2021 14:12:48 GMT
server
nginx/1.18.0
etag
f92d6474ebc6a3a0b576749cfb4afe98
vary
Accept-Encoding
access-control-allow-methods
HEAD,GET,POST,PUT,PATCH,DELETE,OPTIONS
content-type
image/png
access-control-allow-origin
*
access-control-expose-headers
X-Container-Meta-Temp-Url-Key,X-Container-Bytes-Used,Last-Modified,X-Timestamp
cache-control
max-age=172800
content-length
4064
access-control-allow-headers
Content-Type,X-Requested-With,X-Auth-Token,X-Openstack-Request-Id,X-Container-Meta-type,X-Container-Meta-Temp-URL-Key,Authorization
x-proxy-cache
HIT
afu.php
kneeansweras.com/ 		2 KB
1 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://kneeansweras.com/afu.php?zoneid=1541501&var=1541502
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
109.206.162.83 , Netherlands, ASN50245 (SERVEREL-AS, NL),
Reverse DNS
83.162.serverel.net
Software
nginx /
Resource Hash
ac57fa2ed228279df33e6f3dd29d69edc9e343ef219046390b46753a142b67a0

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36
Accept-Language
nl-NL,nl;q=0.9

Response headers

server
nginx
date
Fri, 03 Dec 2021 16:23:08 GMT
content-type
text/html; charset=utf-8
vary
Accept-Encoding
content-encoding
gzip
timing-allow-origin
*
submit.min.js
kneeansweras.com/ 		34 KB
14 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://kneeansweras.com/submit.min.js?2.0
Requested by
Host: kneeansweras.com
URL: https://kneeansweras.com/afu.php?zoneid=1541501&var=1541502
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
109.206.162.83 , Netherlands, ASN50245 (SERVEREL-AS, NL),
Reverse DNS
83.162.serverel.net
Software
nginx /
Resource Hash
85a367f436675a0f9ff723ab117c68ab0f704cd9f183bc40c8d5e06d647832b8

Request headers

Accept-Language
nl-NL,nl;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date
Fri, 03 Dec 2021 16:23:08 GMT
content-encoding
gzip
last-modified
Thu, 02 Dec 2021 12:43:17 GMT
server
nginx
etag
W/"61a8bf65-87fb"
vary
Accept-Encoding
content-type
application/javascript
timing-allow-origin
*
/
kneeansweras.com/ 		3 KB
2 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://kneeansweras.com/?r=dir&zoneid=1541501&var=1541502&pb=0245dd2aa2841230c0ef5fd80fe6c3e01638555788&psp=t0opSoAbLKxlaO9qTae8_2uElFEtguUD0W90g3wCLnbCPQXW6rg6U-YuHi3e4v-ArtresbxKp6hG_mJVkcos1QzKAG4iYddSEKleZt6yF0w-uE9TVCXW5ywRGVD3-ZHZZDQ8xeJNUsXNDN68ngk8nb5cFhNBfEicQrtJ5ciesJSXhtfIEE5QvYvt62lQdh2pcK5ov6q68Teqix6-EMNxwIWh22dXtvEYpiucU1lQ06rEai4ILCczL324rgo8D18fwVnhT2kKXx3aifSMXFOcP8JXQFeQwgEBcKFln3K-8xVgzF4nRaZ5TvvdpZ7IatpzxiPbL_jET71gHMnbk4_JQXr3_-RY3iRGe6ku0qZM6ku_aGvS-0XBfL3AhiLs5hVd-FeyRsg7hQG2Se6LYnwJf7q97L-zrGNndzWL_hy-6hvFkeEmEUcYZ0yem-rIX2YFzmVosnolp7SZ0njsbC-zVz_La9c5pkBaV-ZtK1zyIPSPmx_jM6vrK32o-PCWYdBVhUx8yqFD_fx0BFOfPqEVwG8CBYpM6dHhfoXlu-jmDtLKdMVr8h6pqoI8k0S3B4ykdv2Ci5K03fU4_bHBgFXFgsiLisAuxwIzaUOHs5iSG7JfSk_Eb63CqyHwYI7o5figyMsirSESulb0rb3Ai5YdaXkx0MXbLSdPekBIzNcqrXOWTg3KRrUqZQ==&nojs=0&ix=0&t=0&x=1600&y=1200&wcks=1&wgl=1&cnvs=1&os=0&md=0&bb=0&pl=Chrome%20PDF%20Plugin::Chrome%20PDF%20Viewer::Native%20Client&lang=en-US&pf=Linux%20x86_64&cd=24&0&pload=116
Requested by
Host: kneeansweras.com
URL: https://kneeansweras.com/submit.min.js?2.0
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
109.206.162.83 , Netherlands, ASN50245 (SERVEREL-AS, NL),
Reverse DNS
83.162.serverel.net
Software
nginx /
Resource Hash
f07a40bddebf9cfb2241b61e94fb61a812b0419c24bfcdddb77429016f6cc268

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36
Accept-Language
nl-NL,nl;q=0.9

Response headers

server
nginx
date
Fri, 03 Dec 2021 16:23:09 GMT
content-type
text/html; charset=utf-8
vary
Accept-Encoding
content-encoding
gzip
timing-allow-origin
*
index.html
517s61.reminews.com/dannig/common-player-arrow/ 		6 KB
7 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://517s61.reminews.com/dannig/common-player-arrow/index.html?var=1541501&ymid=2112031123c7e71ced9e0640ad8d54ee841c&rc=1&mrc=0&fsc=0&zoneid=1601571&tburl=https://play-vids.com/?geo=nl&proxy=true
Requested by
Host: kneeansweras.com
URL: https://kneeansweras.com/?r=dir&zoneid=1541501&var=1541502&pb=0245dd2aa2841230c0ef5fd80fe6c3e01638555788&psp=t0opSoAbLKxlaO9qTae8_2uElFEtguUD0W90g3wCLnbCPQXW6rg6U-YuHi3e4v-ArtresbxKp6hG_mJVkcos1QzKAG4iYddSEKleZt6yF0w-uE9TVCXW5ywRGVD3-ZHZZDQ8xeJNUsXNDN68ngk8nb5cFhNBfEicQrtJ5ciesJSXhtfIEE5QvYvt62lQdh2pcK5ov6q68Teqix6-EMNxwIWh22dXtvEYpiucU1lQ06rEai4ILCczL324rgo8D18fwVnhT2kKXx3aifSMXFOcP8JXQFeQwgEBcKFln3K-8xVgzF4nRaZ5TvvdpZ7IatpzxiPbL_jET71gHMnbk4_JQXr3_-RY3iRGe6ku0qZM6ku_aGvS-0XBfL3AhiLs5hVd-FeyRsg7hQG2Se6LYnwJf7q97L-zrGNndzWL_hy-6hvFkeEmEUcYZ0yem-rIX2YFzmVosnolp7SZ0njsbC-zVz_La9c5pkBaV-ZtK1zyIPSPmx_jM6vrK32o-PCWYdBVhUx8yqFD_fx0BFOfPqEVwG8CBYpM6dHhfoXlu-jmDtLKdMVr8h6pqoI8k0S3B4ykdv2Ci5K03fU4_bHBgFXFgsiLisAuxwIzaUOHs5iSG7JfSk_Eb63CqyHwYI7o5figyMsirSESulb0rb3Ai5YdaXkx0MXbLSdPekBIzNcqrXOWTg3KRrUqZQ==&nojs=0&ix=0&t=0&x=1600&y=1200&wcks=1&wgl=1&cnvs=1&os=0&md=0&bb=0&pl=Chrome%20PDF%20Plugin::Chrome%20PDF%20Viewer::Native%20Client&lang=en-US&pf=Linux%20x86_64&cd=24&0&pload=116
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
45.133.44.3 Philadelphia, United States, ASN39572 (ADVANCEDHOSTERS-AS, NL),
Reverse DNS
Software
nginx/1.18.0 /
Resource Hash
dccc56b4834577790633f041a5c730b0f283352e63c8509a9da3961b170b6f96

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36
Accept-Language
nl-NL,nl;q=0.9

Response headers

date
Fri, 03 Dec 2021 16:23:09 GMT
content-type
text/html; charset=utf-8
content-length
6611
server
nginx/1.18.0
last-modified
Tue, 26 Oct 2021 15:52:40 GMT
etag
f46a63e0e4e733d7ddc6f46da00863bf
x-timestamp
1635263559.76455
x-trans-id
txf9973ab5455e4f86ae257-00617824f3
x-openstack-request-id
txf9973ab5455e4f86ae257-00617824f3
cache-control
max-age=172800
access-control-allow-origin
*
access-control-allow-methods
HEAD,GET,POST,PUT,PATCH,DELETE,OPTIONS
access-control-allow-headers
Content-Type,X-Requested-With,X-Auth-Token,X-Openstack-Request-Id,X-Container-Meta-type,X-Container-Meta-Temp-URL-Key,Authorization
access-control-expose-headers
X-Container-Meta-Temp-Url-Key,X-Container-Bytes-Used,Last-Modified,X-Timestamp
expires
Sun, 05 Dec 2021 16:23:09 GMT
vary
Accept-Encoding
x-proxy-cache
HIT
accept-ranges
bytes
dupa.gif
kneeansweras.com/ 		0
0
script.js
123.selornews.com/dannig/common-player-arrow/ 		4 KB
5 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://123.selornews.com/dannig/common-player-arrow/script.js?a=19
Requested by
Host: 517s61.reminews.com
URL: https://517s61.reminews.com/dannig/common-player-arrow/index.html?var=1541501&ymid=2112031123c7e71ced9e0640ad8d54ee841c&rc=1&mrc=0&fsc=0&zoneid=1601571&tburl=https://play-vids.com/?geo=nl&proxy=true
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
45.133.44.4 Philadelphia, United States, ASN39572 (ADVANCEDHOSTERS-AS, NL),
Reverse DNS
Software
nginx/1.18.0 /
Resource Hash
4d23eca65ee87fd5bce9aaefc863c5f836ad13dbb3069c72533bddfe2054d0d9

Request headers

Accept-Language
nl-NL,nl;q=0.9
Referer
https://517s61.reminews.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date
Fri, 03 Dec 2021 16:23:09 GMT
x-openstack-request-id
tx511d3042704c4fa98c709-00617824f4
x-trans-id
tx511d3042704c4fa98c709-00617824f4
x-timestamp
1631013005.68768
accept-ranges
bytes
expires
Sun, 05 Dec 2021 16:23:09 GMT
last-modified
Tue, 07 Sep 2021 11:10:06 GMT
server
nginx/1.18.0
etag
9d479878f1dadd7ee15cebf73891e8ae
vary
Accept-Encoding
access-control-allow-methods
HEAD,GET,POST,PUT,PATCH,DELETE,OPTIONS
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
access-control-expose-headers
X-Container-Meta-Temp-Url-Key,X-Container-Bytes-Used,Last-Modified,X-Timestamp
cache-control
max-age=172800
content-length
4281
access-control-allow-headers
Content-Type,X-Requested-With,X-Auth-Token,X-Openstack-Request-Id,X-Container-Meta-type,X-Container-Meta-Temp-URL-Key,Authorization
x-proxy-cache
HIT
icon1.png
123.selornews.com/dannig/common-player-arrow/img/ 		7 KB
8 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://123.selornews.com/dannig/common-player-arrow/img/icon1.png
Requested by
Host: 517s61.reminews.com
URL: https://517s61.reminews.com/dannig/common-player-arrow/index.html?var=1541501&ymid=2112031123c7e71ced9e0640ad8d54ee841c&rc=1&mrc=0&fsc=0&zoneid=1601571&tburl=https://play-vids.com/?geo=nl&proxy=true
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
45.133.44.4 Philadelphia, United States, ASN39572 (ADVANCEDHOSTERS-AS, NL),
Reverse DNS
Software
nginx/1.18.0 /
Resource Hash

Request headers

Accept-Language
nl-NL,nl;q=0.9
Referer
https://517s61.reminews.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date
Fri, 03 Dec 2021 16:23:09 GMT
x-openstack-request-id
tx3a371b7f911d47879e956-00617824f4
x-trans-id
tx3a371b7f911d47879e956-00617824f4
x-timestamp
1621260766.56573
accept-ranges
bytes
expires
Sun, 05 Dec 2021 16:23:09 GMT
last-modified
Mon, 17 May 2021 14:12:47 GMT
server
nginx/1.18.0
etag
3d0ab5834c8bf7134e4d21fa3288317f
vary
Accept-Encoding
access-control-allow-methods
HEAD,GET,POST,PUT,PATCH,DELETE,OPTIONS
content-type
image/png
access-control-allow-origin
*
access-control-expose-headers
X-Container-Meta-Temp-Url-Key,X-Container-Bytes-Used,Last-Modified,X-Timestamp
cache-control
max-age=172800
content-length
7252
access-control-allow-headers
Content-Type,X-Requested-With,X-Auth-Token,X-Openstack-Request-Id,X-Container-Meta-type,X-Container-Meta-Temp-URL-Key,Authorization
x-proxy-cache
HIT
icon2.png
123.selornews.com/dannig/common-player-arrow/img/ 		4 KB
5 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://123.selornews.com/dannig/common-player-arrow/img/icon2.png
Requested by
Host: 517s61.reminews.com
URL: https://517s61.reminews.com/dannig/common-player-arrow/index.html?var=1541501&ymid=2112031123c7e71ced9e0640ad8d54ee841c&rc=1&mrc=0&fsc=0&zoneid=1601571&tburl=https://play-vids.com/?geo=nl&proxy=true
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
45.133.44.4 Philadelphia, United States, ASN39572 (ADVANCEDHOSTERS-AS, NL),
Reverse DNS
Software
nginx/1.18.0 /
Resource Hash

Request headers

Accept-Language
nl-NL,nl;q=0.9
Referer
https://517s61.reminews.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date
Fri, 03 Dec 2021 16:23:09 GMT
x-openstack-request-id
txa9b08c83d6884e2e94886-00617824f0
x-trans-id
txa9b08c83d6884e2e94886-00617824f0
x-timestamp
1621260766.58366
accept-ranges
bytes
expires
Sun, 05 Dec 2021 16:23:09 GMT
last-modified
Mon, 17 May 2021 14:12:47 GMT
server
nginx/1.18.0
etag
c947d439eb93367f1af5b2a3d222f057
vary
Accept-Encoding
access-control-allow-methods
HEAD,GET,POST,PUT,PATCH,DELETE,OPTIONS
content-type
image/png
access-control-allow-origin
*
access-control-expose-headers
X-Container-Meta-Temp-Url-Key,X-Container-Bytes-Used,Last-Modified,X-Timestamp
cache-control
max-age=172800
content-length
4576
access-control-allow-headers
Content-Type,X-Requested-With,X-Auth-Token,X-Openstack-Request-Id,X-Container-Meta-type,X-Container-Meta-Temp-URL-Key,Authorization
x-proxy-cache
HIT
icon3.png
123.selornews.com/dannig/common-player-arrow/img/ 		8 KB
8 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://123.selornews.com/dannig/common-player-arrow/img/icon3.png
Requested by
Host: 517s61.reminews.com
URL: https://517s61.reminews.com/dannig/common-player-arrow/index.html?var=1541501&ymid=2112031123c7e71ced9e0640ad8d54ee841c&rc=1&mrc=0&fsc=0&zoneid=1601571&tburl=https://play-vids.com/?geo=nl&proxy=true
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
45.133.44.4 Philadelphia, United States, ASN39572 (ADVANCEDHOSTERS-AS, NL),
Reverse DNS
Software
nginx/1.18.0 /
Resource Hash

Request headers

Accept-Language
nl-NL,nl;q=0.9
Referer
https://517s61.reminews.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date
Fri, 03 Dec 2021 16:23:09 GMT
x-openstack-request-id
txe836bc800dc74cab8c17e-00617824f0
x-trans-id
txe836bc800dc74cab8c17e-00617824f0
x-timestamp
1621260770.61859
accept-ranges
bytes
expires
Sun, 05 Dec 2021 16:23:09 GMT
last-modified
Mon, 17 May 2021 14:12:51 GMT
server
nginx/1.18.0
etag
8f3cc830da0b1fdf66bda7d1d734747b
vary
Accept-Encoding
access-control-allow-methods
HEAD,GET,POST,PUT,PATCH,DELETE,OPTIONS
content-type
image/png
access-control-allow-origin
*
access-control-expose-headers
X-Container-Meta-Temp-Url-Key,X-Container-Bytes-Used,Last-Modified,X-Timestamp
cache-control
max-age=172800
content-length
7847
access-control-allow-headers
Content-Type,X-Requested-With,X-Auth-Token,X-Openstack-Request-Id,X-Container-Meta-type,X-Container-Meta-Temp-URL-Key,Authorization
x-proxy-cache
HIT
icon4.png
123.selornews.com/dannig/common-player-arrow/img/ 		7 KB
7 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://123.selornews.com/dannig/common-player-arrow/img/icon4.png
Requested by
Host: 517s61.reminews.com
URL: https://517s61.reminews.com/dannig/common-player-arrow/index.html?var=1541501&ymid=2112031123c7e71ced9e0640ad8d54ee841c&rc=1&mrc=0&fsc=0&zoneid=1601571&tburl=https://play-vids.com/?geo=nl&proxy=true
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
45.133.44.4 Philadelphia, United States, ASN39572 (ADVANCEDHOSTERS-AS, NL),
Reverse DNS
Software
nginx/1.18.0 /
Resource Hash

Request headers

Accept-Language
nl-NL,nl;q=0.9
Referer
https://517s61.reminews.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date
Fri, 03 Dec 2021 16:23:09 GMT
x-openstack-request-id
tx15b172dcb6084849bf123-00617824f0
x-trans-id
tx15b172dcb6084849bf123-00617824f0
x-timestamp
1621260766.57654
accept-ranges
bytes
expires
Sun, 05 Dec 2021 16:23:09 GMT
last-modified
Mon, 17 May 2021 14:12:47 GMT
server
nginx/1.18.0
etag
7ad7f32c1c0df7b4975cc41bda4ac435
vary
Accept-Encoding
access-control-allow-methods
HEAD,GET,POST,PUT,PATCH,DELETE,OPTIONS
content-type
image/png
access-control-allow-origin
*
access-control-expose-headers
X-Container-Meta-Temp-Url-Key,X-Container-Bytes-Used,Last-Modified,X-Timestamp
cache-control
max-age=172800
content-length
7032
access-control-allow-headers
Content-Type,X-Requested-With,X-Auth-Token,X-Openstack-Request-Id,X-Container-Meta-type,X-Container-Meta-Temp-URL-Key,Authorization
x-proxy-cache
HIT
icon5.png
123.selornews.com/dannig/common-player-arrow/img/ 		3 KB
4 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://123.selornews.com/dannig/common-player-arrow/img/icon5.png
Requested by
Host: 517s61.reminews.com
URL: https://517s61.reminews.com/dannig/common-player-arrow/index.html?var=1541501&ymid=2112031123c7e71ced9e0640ad8d54ee841c&rc=1&mrc=0&fsc=0&zoneid=1601571&tburl=https://play-vids.com/?geo=nl&proxy=true
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
45.133.44.4 Philadelphia, United States, ASN39572 (ADVANCEDHOSTERS-AS, NL),
Reverse DNS
Software
nginx/1.18.0 /
Resource Hash

Request headers

Accept-Language
nl-NL,nl;q=0.9
Referer
https://517s61.reminews.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date
Fri, 03 Dec 2021 16:23:09 GMT
x-openstack-request-id
txb5043e51fe2e4d6988631-00617824f0
x-trans-id
txb5043e51fe2e4d6988631-00617824f0
x-timestamp
1621260766.74516
accept-ranges
bytes
expires
Sun, 05 Dec 2021 16:23:09 GMT
last-modified
Mon, 17 May 2021 14:12:47 GMT
server
nginx/1.18.0
etag
1e1a7582b5da63e10485d63f97abc9a0
vary
Accept-Encoding
access-control-allow-methods
HEAD,GET,POST,PUT,PATCH,DELETE,OPTIONS
content-type
image/png
access-control-allow-origin
*
access-control-expose-headers
X-Container-Meta-Temp-Url-Key,X-Container-Bytes-Used,Last-Modified,X-Timestamp
cache-control
max-age=172800
content-length
3264
access-control-allow-headers
Content-Type,X-Requested-With,X-Auth-Token,X-Openstack-Request-Id,X-Container-Meta-type,X-Container-Meta-Temp-URL-Key,Authorization
x-proxy-cache
HIT
icon7.png
123.selornews.com/dannig/common-player-arrow/img/ 		3 KB
4 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://123.selornews.com/dannig/common-player-arrow/img/icon7.png
Requested by
Host: 517s61.reminews.com
URL: https://517s61.reminews.com/dannig/common-player-arrow/index.html?var=1541501&ymid=2112031123c7e71ced9e0640ad8d54ee841c&rc=1&mrc=0&fsc=0&zoneid=1601571&tburl=https://play-vids.com/?geo=nl&proxy=true
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
45.133.44.4 Philadelphia, United States, ASN39572 (ADVANCEDHOSTERS-AS, NL),
Reverse DNS
Software
nginx/1.18.0 /
Resource Hash

Request headers

Accept-Language
nl-NL,nl;q=0.9
Referer
https://517s61.reminews.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date
Fri, 03 Dec 2021 16:23:09 GMT
x-openstack-request-id
tx23eb648f44094a9e86fdc-00617824f0
x-trans-id
tx23eb648f44094a9e86fdc-00617824f0
x-timestamp
1621260767.43555
accept-ranges
bytes
expires
Sun, 05 Dec 2021 16:23:09 GMT
last-modified
Mon, 17 May 2021 14:12:48 GMT
server
nginx/1.18.0
etag
b512735542cb07b3b2dcf153a7dfe456
vary
Accept-Encoding
access-control-allow-methods
HEAD,GET,POST,PUT,PATCH,DELETE,OPTIONS
content-type
image/png
access-control-allow-origin
*
access-control-expose-headers
X-Container-Meta-Temp-Url-Key,X-Container-Bytes-Used,Last-Modified,X-Timestamp
cache-control
max-age=172800
content-length
3283
access-control-allow-headers
Content-Type,X-Requested-With,X-Auth-Token,X-Openstack-Request-Id,X-Container-Meta-type,X-Container-Meta-Temp-URL-Key,Authorization
x-proxy-cache
HIT
icon8.png
123.selornews.com/dannig/common-player-arrow/img/ 		4 KB
5 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://123.selornews.com/dannig/common-player-arrow/img/icon8.png
Requested by
Host: 517s61.reminews.com
URL: https://517s61.reminews.com/dannig/common-player-arrow/index.html?var=1541501&ymid=2112031123c7e71ced9e0640ad8d54ee841c&rc=1&mrc=0&fsc=0&zoneid=1601571&tburl=https://play-vids.com/?geo=nl&proxy=true
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
45.133.44.4 Philadelphia, United States, ASN39572 (ADVANCEDHOSTERS-AS, NL),
Reverse DNS
Software
nginx/1.18.0 /
Resource Hash

Request headers

Accept-Language
nl-NL,nl;q=0.9
Referer
https://517s61.reminews.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date
Fri, 03 Dec 2021 16:23:09 GMT
x-openstack-request-id
tx287de7c84de84b77b385d-00617824f0
x-trans-id
tx287de7c84de84b77b385d-00617824f0
x-timestamp
1621260767.46514
accept-ranges
bytes
expires
Sun, 05 Dec 2021 16:23:09 GMT
last-modified
Mon, 17 May 2021 14:12:48 GMT
server
nginx/1.18.0
etag
f92d6474ebc6a3a0b576749cfb4afe98
vary
Accept-Encoding
access-control-allow-methods
HEAD,GET,POST,PUT,PATCH,DELETE,OPTIONS
content-type
image/png
access-control-allow-origin
*
access-control-expose-headers
X-Container-Meta-Temp-Url-Key,X-Container-Bytes-Used,Last-Modified,X-Timestamp
cache-control
max-age=172800
content-length
4064
access-control-allow-headers
Content-Type,X-Requested-With,X-Auth-Token,X-Openstack-Request-Id,X-Container-Meta-type,X-Container-Meta-Temp-URL-Key,Authorization
x-proxy-cache
HIT
afu.php
kneeansweras.com/ 		2 KB
1 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://kneeansweras.com/afu.php?zoneid=1541502&var=1541501
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
109.206.162.83 , Netherlands, ASN50245 (SERVEREL-AS, NL),
Reverse DNS
83.162.serverel.net
Software
nginx /
Resource Hash
ed0829a54e4895642801840f1841b11720e61e6dffe11395c3bc8906cbf78ba7

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36
Accept-Language
nl-NL,nl;q=0.9

Response headers

server
nginx
date
Fri, 03 Dec 2021 16:23:09 GMT
content-type
text/html; charset=utf-8
vary
Accept-Encoding
content-encoding
gzip
timing-allow-origin
*
submit.min.js
kneeansweras.com/ 		34 KB
14 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://kneeansweras.com/submit.min.js?2.0
Requested by
Host: kneeansweras.com
URL: https://kneeansweras.com/afu.php?zoneid=1541502&var=1541501
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
109.206.162.83 , Netherlands, ASN50245 (SERVEREL-AS, NL),
Reverse DNS
83.162.serverel.net
Software
nginx /
Resource Hash
85a367f436675a0f9ff723ab117c68ab0f704cd9f183bc40c8d5e06d647832b8

Request headers

Accept-Language
nl-NL,nl;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date
Fri, 03 Dec 2021 16:23:09 GMT
content-encoding
gzip
last-modified
Thu, 02 Dec 2021 12:43:17 GMT
server
nginx
etag
W/"61a8bf65-87fb"
vary
Accept-Encoding
content-type
application/javascript
timing-allow-origin
*
/
kneeansweras.com/ 		3 KB
2 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://kneeansweras.com/?r=dir&zoneid=1541502&var=1541501&pb=495bce6f770101e310f4cb193b35e8321638555789&psp=63t-pGcfS2UQmv4AWv8i7Q3en27mmijrjxv4HEfrzDztEJHX9GzmTwd6Jbl0birxuGp4aOmCxqBU6XCDynN4k6sFIzPG3D7lDpAQLFkjwuXjEUnqixsdtF-lhWzR92ofVKmDrEprZVduBrPdUtleTIGWEeZHR_iO0ASthiuemMgXT82IRzUE8xD9PFY82yYiKkZEv7RJpmlW4mTqQfPOKuSIKCLPrZdZ8Om5LBxn-3rW3PiBK5j7riPUn6_ck0N_y5xUxkASaNBpSUl-uPu7cPZ5HD6rJRYnqEZq_kYrNt_AMGzYyhN_lOadGE-pIA9JFTIsnBYDH50nP2J4t3-3hMMYTJGQZCGnXtRn1fwo6rlfB0h1kbFaXaDvPKSflyQzx6AK2eH3C5JRNDY6yZKPrbcJBOkmeawcx4hBt8NO-ZMLW8LvF4EGaeo0Wuyp8d9wTajTnEEczCMDJQgLlYiqR9gkO6oidAO2dHjAa_Xk8znanU45g-F-cMu-tocNYVuHezxDnUX94TKVteenwAPh3Qlbd4JqFiEiB5KUoVL9o8aIyxhDRx8S2-D-LLSkqeT2j8nIhyFmGcmOuJRR2OcYOoy15WNlu5uE94LdEVIUxwauzdOqks35_3muEtpOABM-DiZpckY_KDw6BVxOCNsWQ-SVtBmDy2j3kJsIni401Lr2r0FoukPuMA==&nojs=0&ix=0&t=0&x=1600&y=1200&wcks=1&wgl=1&cnvs=1&os=0&md=0&bb=0&pl=Chrome%20PDF%20Plugin::Chrome%20PDF%20Viewer::Native%20Client&lang=en-US&pf=Linux%20x86_64&cd=24&0&pload=103
Requested by
Host: kneeansweras.com
URL: https://kneeansweras.com/submit.min.js?2.0
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
109.206.162.83 , Netherlands, ASN50245 (SERVEREL-AS, NL),
Reverse DNS
83.162.serverel.net
Software
nginx /
Resource Hash
63cbb8a6fca6722bd9646ca2d68711d663c8881262c9caf0354edd13045b7486

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36
Accept-Language
nl-NL,nl;q=0.9

Response headers

server
nginx
date
Fri, 03 Dec 2021 16:23:09 GMT
content-type
text/html; charset=utf-8
vary
Accept-Encoding
content-encoding
gzip
timing-allow-origin
*
index.html
517s61.reminews.com/dannig/common-player-arrow/ 		6 KB
7 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://517s61.reminews.com/dannig/common-player-arrow/index.html?var=1541502&ymid=2112031123ff38001bfd494c0ebe2084c328&rc=1&mrc=0&fsc=0&zoneid=1601571&tburl=https://play-vids.com/?geo=nl&proxy=true
Requested by
Host: kneeansweras.com
URL: https://kneeansweras.com/?r=dir&zoneid=1541502&var=1541501&pb=495bce6f770101e310f4cb193b35e8321638555789&psp=63t-pGcfS2UQmv4AWv8i7Q3en27mmijrjxv4HEfrzDztEJHX9GzmTwd6Jbl0birxuGp4aOmCxqBU6XCDynN4k6sFIzPG3D7lDpAQLFkjwuXjEUnqixsdtF-lhWzR92ofVKmDrEprZVduBrPdUtleTIGWEeZHR_iO0ASthiuemMgXT82IRzUE8xD9PFY82yYiKkZEv7RJpmlW4mTqQfPOKuSIKCLPrZdZ8Om5LBxn-3rW3PiBK5j7riPUn6_ck0N_y5xUxkASaNBpSUl-uPu7cPZ5HD6rJRYnqEZq_kYrNt_AMGzYyhN_lOadGE-pIA9JFTIsnBYDH50nP2J4t3-3hMMYTJGQZCGnXtRn1fwo6rlfB0h1kbFaXaDvPKSflyQzx6AK2eH3C5JRNDY6yZKPrbcJBOkmeawcx4hBt8NO-ZMLW8LvF4EGaeo0Wuyp8d9wTajTnEEczCMDJQgLlYiqR9gkO6oidAO2dHjAa_Xk8znanU45g-F-cMu-tocNYVuHezxDnUX94TKVteenwAPh3Qlbd4JqFiEiB5KUoVL9o8aIyxhDRx8S2-D-LLSkqeT2j8nIhyFmGcmOuJRR2OcYOoy15WNlu5uE94LdEVIUxwauzdOqks35_3muEtpOABM-DiZpckY_KDw6BVxOCNsWQ-SVtBmDy2j3kJsIni401Lr2r0FoukPuMA==&nojs=0&ix=0&t=0&x=1600&y=1200&wcks=1&wgl=1&cnvs=1&os=0&md=0&bb=0&pl=Chrome%20PDF%20Plugin::Chrome%20PDF%20Viewer::Native%20Client&lang=en-US&pf=Linux%20x86_64&cd=24&0&pload=103
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
45.133.44.3 Philadelphia, United States, ASN39572 (ADVANCEDHOSTERS-AS, NL),
Reverse DNS
Software
nginx/1.18.0 /
Resource Hash
dccc56b4834577790633f041a5c730b0f283352e63c8509a9da3961b170b6f96

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36
Accept-Language
nl-NL,nl;q=0.9

Response headers

date
Fri, 03 Dec 2021 16:23:09 GMT
content-type
text/html; charset=utf-8
content-length
6611
server
nginx/1.18.0
last-modified
Tue, 26 Oct 2021 15:52:40 GMT
etag
f46a63e0e4e733d7ddc6f46da00863bf
x-timestamp
1635263559.76455
x-trans-id
txf9973ab5455e4f86ae257-00617824f3
x-openstack-request-id
txf9973ab5455e4f86ae257-00617824f3
cache-control
max-age=172800
access-control-allow-origin
*
access-control-allow-methods
HEAD,GET,POST,PUT,PATCH,DELETE,OPTIONS
access-control-allow-headers
Content-Type,X-Requested-With,X-Auth-Token,X-Openstack-Request-Id,X-Container-Meta-type,X-Container-Meta-Temp-URL-Key,Authorization
access-control-expose-headers
X-Container-Meta-Temp-Url-Key,X-Container-Bytes-Used,Last-Modified,X-Timestamp
expires
Sun, 05 Dec 2021 16:23:09 GMT
vary
Accept-Encoding
x-proxy-cache
HIT
accept-ranges
bytes
dupa.gif
kneeansweras.com/ 		0
0
script.js
123.selornews.com/dannig/common-player-arrow/ 		4 KB
5 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://123.selornews.com/dannig/common-player-arrow/script.js?a=19
Requested by
Host: 517s61.reminews.com
URL: https://517s61.reminews.com/dannig/common-player-arrow/index.html?var=1541502&ymid=2112031123ff38001bfd494c0ebe2084c328&rc=1&mrc=0&fsc=0&zoneid=1601571&tburl=https://play-vids.com/?geo=nl&proxy=true
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
45.133.44.4 Philadelphia, United States, ASN39572 (ADVANCEDHOSTERS-AS, NL),
Reverse DNS
Software
nginx/1.18.0 /
Resource Hash

Request headers

Accept-Language
nl-NL,nl;q=0.9
Referer
https://517s61.reminews.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date
Fri, 03 Dec 2021 16:23:09 GMT
x-openstack-request-id
tx511d3042704c4fa98c709-00617824f4
x-trans-id
tx511d3042704c4fa98c709-00617824f4
x-timestamp
1631013005.68768
accept-ranges
bytes
expires
Sun, 05 Dec 2021 16:23:09 GMT
last-modified
Tue, 07 Sep 2021 11:10:06 GMT
server
nginx/1.18.0
etag
9d479878f1dadd7ee15cebf73891e8ae
vary
Accept-Encoding
access-control-allow-methods
HEAD,GET,POST,PUT,PATCH,DELETE,OPTIONS
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
access-control-expose-headers
X-Container-Meta-Temp-Url-Key,X-Container-Bytes-Used,Last-Modified,X-Timestamp
cache-control
max-age=172800
content-length
4281
access-control-allow-headers
Content-Type,X-Requested-With,X-Auth-Token,X-Openstack-Request-Id,X-Container-Meta-type,X-Container-Meta-Temp-URL-Key,Authorization
x-proxy-cache
HIT
icon1.png
123.selornews.com/dannig/common-player-arrow/img/ 		7 KB
8 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://123.selornews.com/dannig/common-player-arrow/img/icon1.png
Requested by
Host: 517s61.reminews.com
URL: https://517s61.reminews.com/dannig/common-player-arrow/index.html?var=1541502&ymid=2112031123ff38001bfd494c0ebe2084c328&rc=1&mrc=0&fsc=0&zoneid=1601571&tburl=https://play-vids.com/?geo=nl&proxy=true
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
45.133.44.4 Philadelphia, United States, ASN39572 (ADVANCEDHOSTERS-AS, NL),
Reverse DNS
Software
nginx/1.18.0 /
Resource Hash

Request headers

Accept-Language
nl-NL,nl;q=0.9
Referer
https://517s61.reminews.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date
Fri, 03 Dec 2021 16:23:09 GMT
x-openstack-request-id
tx3a371b7f911d47879e956-00617824f4
x-trans-id
tx3a371b7f911d47879e956-00617824f4
x-timestamp
1621260766.56573
accept-ranges
bytes
expires
Sun, 05 Dec 2021 16:23:09 GMT
last-modified
Mon, 17 May 2021 14:12:47 GMT
server
nginx/1.18.0
etag
3d0ab5834c8bf7134e4d21fa3288317f
vary
Accept-Encoding
access-control-allow-methods
HEAD,GET,POST,PUT,PATCH,DELETE,OPTIONS
content-type
image/png
access-control-allow-origin
*
access-control-expose-headers
X-Container-Meta-Temp-Url-Key,X-Container-Bytes-Used,Last-Modified,X-Timestamp
cache-control
max-age=172800
content-length
7252
access-control-allow-headers
Content-Type,X-Requested-With,X-Auth-Token,X-Openstack-Request-Id,X-Container-Meta-type,X-Container-Meta-Temp-URL-Key,Authorization
x-proxy-cache
HIT
icon2.png
123.selornews.com/dannig/common-player-arrow/img/ 		4 KB
5 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://123.selornews.com/dannig/common-player-arrow/img/icon2.png
Requested by
Host: 517s61.reminews.com
URL: https://517s61.reminews.com/dannig/common-player-arrow/index.html?var=1541502&ymid=2112031123ff38001bfd494c0ebe2084c328&rc=1&mrc=0&fsc=0&zoneid=1601571&tburl=https://play-vids.com/?geo=nl&proxy=true
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
45.133.44.4 Philadelphia, United States, ASN39572 (ADVANCEDHOSTERS-AS, NL),
Reverse DNS
Software
nginx/1.18.0 /
Resource Hash

Request headers

Accept-Language
nl-NL,nl;q=0.9
Referer
https://517s61.reminews.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date
Fri, 03 Dec 2021 16:23:09 GMT
x-openstack-request-id
txa9b08c83d6884e2e94886-00617824f0
x-trans-id
txa9b08c83d6884e2e94886-00617824f0
x-timestamp
1621260766.58366
accept-ranges
bytes
expires
Sun, 05 Dec 2021 16:23:09 GMT
last-modified
Mon, 17 May 2021 14:12:47 GMT
server
nginx/1.18.0
etag
c947d439eb93367f1af5b2a3d222f057
vary
Accept-Encoding
access-control-allow-methods
HEAD,GET,POST,PUT,PATCH,DELETE,OPTIONS
content-type
image/png
access-control-allow-origin
*
access-control-expose-headers
X-Container-Meta-Temp-Url-Key,X-Container-Bytes-Used,Last-Modified,X-Timestamp
cache-control
max-age=172800
content-length
4576
access-control-allow-headers
Content-Type,X-Requested-With,X-Auth-Token,X-Openstack-Request-Id,X-Container-Meta-type,X-Container-Meta-Temp-URL-Key,Authorization
x-proxy-cache
HIT
icon3.png
123.selornews.com/dannig/common-player-arrow/img/ 		8 KB
8 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://123.selornews.com/dannig/common-player-arrow/img/icon3.png
Requested by
Host: 517s61.reminews.com
URL: https://517s61.reminews.com/dannig/common-player-arrow/index.html?var=1541502&ymid=2112031123ff38001bfd494c0ebe2084c328&rc=1&mrc=0&fsc=0&zoneid=1601571&tburl=https://play-vids.com/?geo=nl&proxy=true
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
45.133.44.4 Philadelphia, United States, ASN39572 (ADVANCEDHOSTERS-AS, NL),
Reverse DNS
Software
nginx/1.18.0 /
Resource Hash

Request headers

Accept-Language
nl-NL,nl;q=0.9
Referer
https://517s61.reminews.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date
Fri, 03 Dec 2021 16:23:09 GMT
x-openstack-request-id
txe836bc800dc74cab8c17e-00617824f0
x-trans-id
txe836bc800dc74cab8c17e-00617824f0
x-timestamp
1621260770.61859
accept-ranges
bytes
expires
Sun, 05 Dec 2021 16:23:09 GMT
last-modified
Mon, 17 May 2021 14:12:51 GMT
server
nginx/1.18.0
etag
8f3cc830da0b1fdf66bda7d1d734747b
vary
Accept-Encoding
access-control-allow-methods
HEAD,GET,POST,PUT,PATCH,DELETE,OPTIONS
content-type
image/png
access-control-allow-origin
*
access-control-expose-headers
X-Container-Meta-Temp-Url-Key,X-Container-Bytes-Used,Last-Modified,X-Timestamp
cache-control
max-age=172800
content-length
7847
access-control-allow-headers
Content-Type,X-Requested-With,X-Auth-Token,X-Openstack-Request-Id,X-Container-Meta-type,X-Container-Meta-Temp-URL-Key,Authorization
x-proxy-cache
HIT
icon4.png
123.selornews.com/dannig/common-player-arrow/img/ 		7 KB
7 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://123.selornews.com/dannig/common-player-arrow/img/icon4.png
Requested by
Host: 517s61.reminews.com
URL: https://517s61.reminews.com/dannig/common-player-arrow/index.html?var=1541502&ymid=2112031123ff38001bfd494c0ebe2084c328&rc=1&mrc=0&fsc=0&zoneid=1601571&tburl=https://play-vids.com/?geo=nl&proxy=true
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
45.133.44.4 Philadelphia, United States, ASN39572 (ADVANCEDHOSTERS-AS, NL),
Reverse DNS
Software
nginx/1.18.0 /
Resource Hash

Request headers

Accept-Language
nl-NL,nl;q=0.9
Referer
https://517s61.reminews.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date
Fri, 03 Dec 2021 16:23:09 GMT
x-openstack-request-id
tx15b172dcb6084849bf123-00617824f0
x-trans-id
tx15b172dcb6084849bf123-00617824f0
x-timestamp
1621260766.57654
accept-ranges
bytes
expires
Sun, 05 Dec 2021 16:23:09 GMT
last-modified
Mon, 17 May 2021 14:12:47 GMT
server
nginx/1.18.0
etag
7ad7f32c1c0df7b4975cc41bda4ac435
vary
Accept-Encoding
access-control-allow-methods
HEAD,GET,POST,PUT,PATCH,DELETE,OPTIONS
content-type
image/png
access-control-allow-origin
*
access-control-expose-headers
X-Container-Meta-Temp-Url-Key,X-Container-Bytes-Used,Last-Modified,X-Timestamp
cache-control
max-age=172800
content-length
7032
access-control-allow-headers
Content-Type,X-Requested-With,X-Auth-Token,X-Openstack-Request-Id,X-Container-Meta-type,X-Container-Meta-Temp-URL-Key,Authorization
x-proxy-cache
HIT
icon5.png
123.selornews.com/dannig/common-player-arrow/img/ 		3 KB
4 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://123.selornews.com/dannig/common-player-arrow/img/icon5.png
Requested by
Host: 517s61.reminews.com
URL: https://517s61.reminews.com/dannig/common-player-arrow/index.html?var=1541502&ymid=2112031123ff38001bfd494c0ebe2084c328&rc=1&mrc=0&fsc=0&zoneid=1601571&tburl=https://play-vids.com/?geo=nl&proxy=true
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
45.133.44.4 Philadelphia, United States, ASN39572 (ADVANCEDHOSTERS-AS, NL),
Reverse DNS
Software
nginx/1.18.0 /
Resource Hash

Request headers

Accept-Language
nl-NL,nl;q=0.9
Referer
https://517s61.reminews.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date
Fri, 03 Dec 2021 16:23:09 GMT
x-openstack-request-id
txb5043e51fe2e4d6988631-00617824f0
x-trans-id
txb5043e51fe2e4d6988631-00617824f0
x-timestamp
1621260766.74516
accept-ranges
bytes
expires
Sun, 05 Dec 2021 16:23:09 GMT
last-modified
Mon, 17 May 2021 14:12:47 GMT
server
nginx/1.18.0
etag
1e1a7582b5da63e10485d63f97abc9a0
vary
Accept-Encoding
access-control-allow-methods
HEAD,GET,POST,PUT,PATCH,DELETE,OPTIONS
content-type
image/png
access-control-allow-origin
*
access-control-expose-headers
X-Container-Meta-Temp-Url-Key,X-Container-Bytes-Used,Last-Modified,X-Timestamp
cache-control
max-age=172800
content-length
3264
access-control-allow-headers
Content-Type,X-Requested-With,X-Auth-Token,X-Openstack-Request-Id,X-Container-Meta-type,X-Container-Meta-Temp-URL-Key,Authorization
x-proxy-cache
HIT
icon7.png
123.selornews.com/dannig/common-player-arrow/img/ 		3 KB
4 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://123.selornews.com/dannig/common-player-arrow/img/icon7.png
Requested by
Host: 517s61.reminews.com
URL: https://517s61.reminews.com/dannig/common-player-arrow/index.html?var=1541502&ymid=2112031123ff38001bfd494c0ebe2084c328&rc=1&mrc=0&fsc=0&zoneid=1601571&tburl=https://play-vids.com/?geo=nl&proxy=true
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
45.133.44.4 Philadelphia, United States, ASN39572 (ADVANCEDHOSTERS-AS, NL),
Reverse DNS
Software
nginx/1.18.0 /
Resource Hash

Request headers

Accept-Language
nl-NL,nl;q=0.9
Referer
https://517s61.reminews.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date
Fri, 03 Dec 2021 16:23:09 GMT
x-openstack-request-id
tx23eb648f44094a9e86fdc-00617824f0
x-trans-id
tx23eb648f44094a9e86fdc-00617824f0
x-timestamp
1621260767.43555
accept-ranges
bytes
expires
Sun, 05 Dec 2021 16:23:09 GMT
last-modified
Mon, 17 May 2021 14:12:48 GMT
server
nginx/1.18.0
etag
b512735542cb07b3b2dcf153a7dfe456
vary
Accept-Encoding
access-control-allow-methods
HEAD,GET,POST,PUT,PATCH,DELETE,OPTIONS
content-type
image/png
access-control-allow-origin
*
access-control-expose-headers
X-Container-Meta-Temp-Url-Key,X-Container-Bytes-Used,Last-Modified,X-Timestamp
cache-control
max-age=172800
content-length
3283
access-control-allow-headers
Content-Type,X-Requested-With,X-Auth-Token,X-Openstack-Request-Id,X-Container-Meta-type,X-Container-Meta-Temp-URL-Key,Authorization
x-proxy-cache
HIT
icon8.png
123.selornews.com/dannig/common-player-arrow/img/ 		4 KB
5 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://123.selornews.com/dannig/common-player-arrow/img/icon8.png
Requested by
Host: 517s61.reminews.com
URL: https://517s61.reminews.com/dannig/common-player-arrow/index.html?var=1541502&ymid=2112031123ff38001bfd494c0ebe2084c328&rc=1&mrc=0&fsc=0&zoneid=1601571&tburl=https://play-vids.com/?geo=nl&proxy=true
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
45.133.44.4 Philadelphia, United States, ASN39572 (ADVANCEDHOSTERS-AS, NL),
Reverse DNS
Software
nginx/1.18.0 /
Resource Hash

Request headers

Accept-Language
nl-NL,nl;q=0.9
Referer
https://517s61.reminews.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date
Fri, 03 Dec 2021 16:23:09 GMT
x-openstack-request-id
tx287de7c84de84b77b385d-00617824f0
x-trans-id
tx287de7c84de84b77b385d-00617824f0
x-timestamp
1621260767.46514
accept-ranges
bytes
expires
Sun, 05 Dec 2021 16:23:09 GMT
last-modified
Mon, 17 May 2021 14:12:48 GMT
server
nginx/1.18.0
etag
f92d6474ebc6a3a0b576749cfb4afe98
vary
Accept-Encoding
access-control-allow-methods
HEAD,GET,POST,PUT,PATCH,DELETE,OPTIONS
content-type
image/png
access-control-allow-origin
*
access-control-expose-headers
X-Container-Meta-Temp-Url-Key,X-Container-Bytes-Used,Last-Modified,X-Timestamp
cache-control
max-age=172800
content-length
4064
access-control-allow-headers
Content-Type,X-Requested-With,X-Auth-Token,X-Openstack-Request-Id,X-Container-Meta-type,X-Container-Meta-Temp-URL-Key,Authorization
x-proxy-cache
HIT
afu.php
kneeansweras.com/ 		2 KB
1 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://kneeansweras.com/afu.php?zoneid=1541501&var=1541502
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
109.206.162.83 , Netherlands, ASN50245 (SERVEREL-AS, NL),
Reverse DNS
83.162.serverel.net
Software
nginx /
Resource Hash
cf17380b6f3e6473de3b8cf633f9dba58e91bfe56b2c9e0eb9a3012995373190

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36
Accept-Language
nl-NL,nl;q=0.9

Response headers

server
nginx
date
Fri, 03 Dec 2021 16:23:09 GMT
content-type
text/html; charset=utf-8
vary
Accept-Encoding
content-encoding
gzip
timing-allow-origin
*
submit.min.js
kneeansweras.com/ 		34 KB
14 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://kneeansweras.com/submit.min.js?2.0
Requested by
Host: kneeansweras.com
URL: https://kneeansweras.com/afu.php?zoneid=1541501&var=1541502
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
109.206.162.83 , Netherlands, ASN50245 (SERVEREL-AS, NL),
Reverse DNS
83.162.serverel.net
Software
nginx /
Resource Hash
85a367f436675a0f9ff723ab117c68ab0f704cd9f183bc40c8d5e06d647832b8

Request headers

Accept-Language
nl-NL,nl;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date
Fri, 03 Dec 2021 16:23:09 GMT
content-encoding
gzip
last-modified
Thu, 02 Dec 2021 12:43:17 GMT
server
nginx
etag
W/"61a8bf65-87fb"
vary
Accept-Encoding
content-type
application/javascript
timing-allow-origin
*
/
kneeansweras.com/ 		3 KB
2 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://kneeansweras.com/?r=dir&zoneid=1541501&var=1541502&pb=495bce6f770101e310f4cb193b35e8321638555789&psp=e2XAfLLq2T1tty72JwvX384NXG-9hzQ9mTdN4Z_qpdZTYo6S-7RJzSkDSptFvi-YDilUEeMqMCvx9pShuXwcM9Kbvs-Ur2QUq2sp0H15Lb0ZHtZ2hjjcWlU1Pp9PfjOXR7zAgyCS2AEqXPMZlT3CWdE9vqEuY77UvR0yYG5t8gx7Ksz-O7jdg7BxWzXMeXJfVB1McamHI_qrzuQNn36H-FDYFOsIWZNEjUFjXmFVGCrfHFD-10Ex7m8F7FN8cUwYqz7YNgdGMwslL9LPcwMdER6WGuOscWn-MWR41Hj7UAr9tnUOhMyqS5C7gpHbkOwe7DqDt8eJxdUu9dRmiSaCaOo2tstsixRXOByn5GmIMGsNRmUVXJfdHzIT392WaO84KMH_kKKutvJ1YaglT6tYZVTWXycm-GuCvovqOL1jIjDCrrxnf42sprNAU2nITsghDNe3e5wpx-YIQsB-jjhcX5QvjkyFjpJX27HATgvT1Xf5MgC6tRuY1SaYNuAyRrO-VwnT8RXxOHxzU-oyDaN-pp8GvVLN7nvIO_lrra_nZdiwp4de8ckGjw3Z004-lEOYWf0EW6f3rEDSbrn_uk6FKqG-n7jNOhWUc6UEKbETSVU57Qm4SlGXYJzwabUcTUkDdiKJCwWSlomwZQ48tUtu7_5oqqjkyf-8KAalVA7H__15flA9GJAC7w==&nojs=0&ix=0&t=0&x=1600&y=1200&wcks=1&wgl=1&cnvs=1&os=0&md=0&bb=0&pl=Chrome%20PDF%20Plugin::Chrome%20PDF%20Viewer::Native%20Client&lang=en-US&pf=Linux%20x86_64&cd=24&0&pload=475
Requested by
Host: kneeansweras.com
URL: https://kneeansweras.com/submit.min.js?2.0
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
109.206.162.83 , Netherlands, ASN50245 (SERVEREL-AS, NL),
Reverse DNS
83.162.serverel.net
Software
nginx /
Resource Hash

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36
Accept-Language
nl-NL,nl;q=0.9

Response headers

server
nginx
date
Fri, 03 Dec 2021 16:23:09 GMT
content-type
text/html; charset=utf-8
vary
Accept-Encoding
content-encoding
gzip
timing-allow-origin
*
index.html
517s61.reminews.com/dannig/common-player-arrow/ 		6 KB
7 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://517s61.reminews.com/dannig/common-player-arrow/index.html?var=1541501&ymid=2112031123f8ac35a2cf4b4d5cbe527c5939&rc=1&mrc=0&fsc=0&zoneid=1601571&tburl=https://play-vids.com/?geo=nl&proxy=true
Requested by
Host: kneeansweras.com
URL: https://kneeansweras.com/?r=dir&zoneid=1541501&var=1541502&pb=495bce6f770101e310f4cb193b35e8321638555789&psp=e2XAfLLq2T1tty72JwvX384NXG-9hzQ9mTdN4Z_qpdZTYo6S-7RJzSkDSptFvi-YDilUEeMqMCvx9pShuXwcM9Kbvs-Ur2QUq2sp0H15Lb0ZHtZ2hjjcWlU1Pp9PfjOXR7zAgyCS2AEqXPMZlT3CWdE9vqEuY77UvR0yYG5t8gx7Ksz-O7jdg7BxWzXMeXJfVB1McamHI_qrzuQNn36H-FDYFOsIWZNEjUFjXmFVGCrfHFD-10Ex7m8F7FN8cUwYqz7YNgdGMwslL9LPcwMdER6WGuOscWn-MWR41Hj7UAr9tnUOhMyqS5C7gpHbkOwe7DqDt8eJxdUu9dRmiSaCaOo2tstsixRXOByn5GmIMGsNRmUVXJfdHzIT392WaO84KMH_kKKutvJ1YaglT6tYZVTWXycm-GuCvovqOL1jIjDCrrxnf42sprNAU2nITsghDNe3e5wpx-YIQsB-jjhcX5QvjkyFjpJX27HATgvT1Xf5MgC6tRuY1SaYNuAyRrO-VwnT8RXxOHxzU-oyDaN-pp8GvVLN7nvIO_lrra_nZdiwp4de8ckGjw3Z004-lEOYWf0EW6f3rEDSbrn_uk6FKqG-n7jNOhWUc6UEKbETSVU57Qm4SlGXYJzwabUcTUkDdiKJCwWSlomwZQ48tUtu7_5oqqjkyf-8KAalVA7H__15flA9GJAC7w==&nojs=0&ix=0&t=0&x=1600&y=1200&wcks=1&wgl=1&cnvs=1&os=0&md=0&bb=0&pl=Chrome%20PDF%20Plugin::Chrome%20PDF%20Viewer::Native%20Client&lang=en-US&pf=Linux%20x86_64&cd=24&0&pload=475
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
45.133.44.3 Philadelphia, United States, ASN39572 (ADVANCEDHOSTERS-AS, NL),
Reverse DNS
Software
nginx/1.18.0 /
Resource Hash
dccc56b4834577790633f041a5c730b0f283352e63c8509a9da3961b170b6f96

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36
Accept-Language
nl-NL,nl;q=0.9

Response headers

date
Fri, 03 Dec 2021 16:23:09 GMT
content-type
text/html; charset=utf-8
content-length
6611
server
nginx/1.18.0
last-modified
Tue, 26 Oct 2021 15:52:40 GMT
etag
f46a63e0e4e733d7ddc6f46da00863bf
x-timestamp
1635263559.76455
x-trans-id
txf9973ab5455e4f86ae257-00617824f3
x-openstack-request-id
txf9973ab5455e4f86ae257-00617824f3
cache-control
max-age=172800
access-control-allow-origin
*
access-control-allow-methods
HEAD,GET,POST,PUT,PATCH,DELETE,OPTIONS
access-control-allow-headers
Content-Type,X-Requested-With,X-Auth-Token,X-Openstack-Request-Id,X-Container-Meta-type,X-Container-Meta-Temp-URL-Key,Authorization
access-control-expose-headers
X-Container-Meta-Temp-Url-Key,X-Container-Bytes-Used,Last-Modified,X-Timestamp
expires
Sun, 05 Dec 2021 16:23:09 GMT
vary
Accept-Encoding
x-proxy-cache
HIT
accept-ranges
bytes
dupa.gif
kneeansweras.com/ 		0
0
script.js
123.selornews.com/dannig/common-player-arrow/ 		4 KB
5 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://123.selornews.com/dannig/common-player-arrow/script.js?a=19
Requested by
Host: 517s61.reminews.com
URL: https://517s61.reminews.com/dannig/common-player-arrow/index.html?var=1541501&ymid=2112031123f8ac35a2cf4b4d5cbe527c5939&rc=1&mrc=0&fsc=0&zoneid=1601571&tburl=https://play-vids.com/?geo=nl&proxy=true
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
45.133.44.4 Philadelphia, United States, ASN39572 (ADVANCEDHOSTERS-AS, NL),
Reverse DNS
Software
nginx/1.18.0 /
Resource Hash

Request headers

Accept-Language
nl-NL,nl;q=0.9
Referer
https://517s61.reminews.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date
Fri, 03 Dec 2021 16:23:09 GMT
x-openstack-request-id
tx511d3042704c4fa98c709-00617824f4
x-trans-id
tx511d3042704c4fa98c709-00617824f4
x-timestamp
1631013005.68768
accept-ranges
bytes
expires
Sun, 05 Dec 2021 16:23:09 GMT
last-modified
Tue, 07 Sep 2021 11:10:06 GMT
server
nginx/1.18.0
etag
9d479878f1dadd7ee15cebf73891e8ae
vary
Accept-Encoding
access-control-allow-methods
HEAD,GET,POST,PUT,PATCH,DELETE,OPTIONS
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
access-control-expose-headers
X-Container-Meta-Temp-Url-Key,X-Container-Bytes-Used,Last-Modified,X-Timestamp
cache-control
max-age=172800
content-length
4281
access-control-allow-headers
Content-Type,X-Requested-With,X-Auth-Token,X-Openstack-Request-Id,X-Container-Meta-type,X-Container-Meta-Temp-URL-Key,Authorization
x-proxy-cache
HIT
icon1.png
123.selornews.com/dannig/common-player-arrow/img/ 		7 KB
8 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://123.selornews.com/dannig/common-player-arrow/img/icon1.png
Requested by
Host: 517s61.reminews.com
URL: https://517s61.reminews.com/dannig/common-player-arrow/index.html?var=1541501&ymid=2112031123f8ac35a2cf4b4d5cbe527c5939&rc=1&mrc=0&fsc=0&zoneid=1601571&tburl=https://play-vids.com/?geo=nl&proxy=true
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
45.133.44.4 Philadelphia, United States, ASN39572 (ADVANCEDHOSTERS-AS, NL),
Reverse DNS
Software
nginx/1.18.0 /
Resource Hash

Request headers

Accept-Language
nl-NL,nl;q=0.9
Referer
https://517s61.reminews.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date
Fri, 03 Dec 2021 16:23:09 GMT
x-openstack-request-id
tx3a371b7f911d47879e956-00617824f4
x-trans-id
tx3a371b7f911d47879e956-00617824f4
x-timestamp
1621260766.56573
accept-ranges
bytes
expires
Sun, 05 Dec 2021 16:23:09 GMT
last-modified
Mon, 17 May 2021 14:12:47 GMT
server
nginx/1.18.0
etag
3d0ab5834c8bf7134e4d21fa3288317f
vary
Accept-Encoding
access-control-allow-methods
HEAD,GET,POST,PUT,PATCH,DELETE,OPTIONS
content-type
image/png
access-control-allow-origin
*
access-control-expose-headers
X-Container-Meta-Temp-Url-Key,X-Container-Bytes-Used,Last-Modified,X-Timestamp
cache-control
max-age=172800
content-length
7252
access-control-allow-headers
Content-Type,X-Requested-With,X-Auth-Token,X-Openstack-Request-Id,X-Container-Meta-type,X-Container-Meta-Temp-URL-Key,Authorization
x-proxy-cache
HIT
icon2.png
123.selornews.com/dannig/common-player-arrow/img/ 		4 KB
5 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://123.selornews.com/dannig/common-player-arrow/img/icon2.png
Requested by
Host: 517s61.reminews.com
URL: https://517s61.reminews.com/dannig/common-player-arrow/index.html?var=1541501&ymid=2112031123f8ac35a2cf4b4d5cbe527c5939&rc=1&mrc=0&fsc=0&zoneid=1601571&tburl=https://play-vids.com/?geo=nl&proxy=true
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
45.133.44.4 Philadelphia, United States, ASN39572 (ADVANCEDHOSTERS-AS, NL),
Reverse DNS
Software
nginx/1.18.0 /
Resource Hash

Request headers

Accept-Language
nl-NL,nl;q=0.9
Referer
https://517s61.reminews.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date
Fri, 03 Dec 2021 16:23:09 GMT
x-openstack-request-id
txa9b08c83d6884e2e94886-00617824f0
x-trans-id
txa9b08c83d6884e2e94886-00617824f0
x-timestamp
1621260766.58366
accept-ranges
bytes
expires
Sun, 05 Dec 2021 16:23:09 GMT
last-modified
Mon, 17 May 2021 14:12:47 GMT
server
nginx/1.18.0
etag
c947d439eb93367f1af5b2a3d222f057
vary
Accept-Encoding
access-control-allow-methods
HEAD,GET,POST,PUT,PATCH,DELETE,OPTIONS
content-type
image/png
access-control-allow-origin
*
access-control-expose-headers
X-Container-Meta-Temp-Url-Key,X-Container-Bytes-Used,Last-Modified,X-Timestamp
cache-control
max-age=172800
content-length
4576
access-control-allow-headers
Content-Type,X-Requested-With,X-Auth-Token,X-Openstack-Request-Id,X-Container-Meta-type,X-Container-Meta-Temp-URL-Key,Authorization
x-proxy-cache
HIT
icon3.png
123.selornews.com/dannig/common-player-arrow/img/ 		8 KB
8 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://123.selornews.com/dannig/common-player-arrow/img/icon3.png
Requested by
Host: 517s61.reminews.com
URL: https://517s61.reminews.com/dannig/common-player-arrow/index.html?var=1541501&ymid=2112031123f8ac35a2cf4b4d5cbe527c5939&rc=1&mrc=0&fsc=0&zoneid=1601571&tburl=https://play-vids.com/?geo=nl&proxy=true
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
45.133.44.4 Philadelphia, United States, ASN39572 (ADVANCEDHOSTERS-AS, NL),
Reverse DNS
Software
nginx/1.18.0 /
Resource Hash

Request headers

Accept-Language
nl-NL,nl;q=0.9
Referer
https://517s61.reminews.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date
Fri, 03 Dec 2021 16:23:09 GMT
x-openstack-request-id
txe836bc800dc74cab8c17e-00617824f0
x-trans-id
txe836bc800dc74cab8c17e-00617824f0
x-timestamp
1621260770.61859
accept-ranges
bytes
expires
Sun, 05 Dec 2021 16:23:09 GMT
last-modified
Mon, 17 May 2021 14:12:51 GMT
server
nginx/1.18.0
etag
8f3cc830da0b1fdf66bda7d1d734747b
vary
Accept-Encoding
access-control-allow-methods
HEAD,GET,POST,PUT,PATCH,DELETE,OPTIONS
content-type
image/png
access-control-allow-origin
*
access-control-expose-headers
X-Container-Meta-Temp-Url-Key,X-Container-Bytes-Used,Last-Modified,X-Timestamp
cache-control
max-age=172800
content-length
7847
access-control-allow-headers
Content-Type,X-Requested-With,X-Auth-Token,X-Openstack-Request-Id,X-Container-Meta-type,X-Container-Meta-Temp-URL-Key,Authorization
x-proxy-cache
HIT
icon4.png
123.selornews.com/dannig/common-player-arrow/img/ 		7 KB
7 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://123.selornews.com/dannig/common-player-arrow/img/icon4.png
Requested by
Host: 517s61.reminews.com
URL: https://517s61.reminews.com/dannig/common-player-arrow/index.html?var=1541501&ymid=2112031123f8ac35a2cf4b4d5cbe527c5939&rc=1&mrc=0&fsc=0&zoneid=1601571&tburl=https://play-vids.com/?geo=nl&proxy=true
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
45.133.44.4 Philadelphia, United States, ASN39572 (ADVANCEDHOSTERS-AS, NL),
Reverse DNS
Software
nginx/1.18.0 /
Resource Hash

Request headers

Accept-Language
nl-NL,nl;q=0.9
Referer
https://517s61.reminews.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date
Fri, 03 Dec 2021 16:23:09 GMT
x-openstack-request-id
tx15b172dcb6084849bf123-00617824f0
x-trans-id
tx15b172dcb6084849bf123-00617824f0
x-timestamp
1621260766.57654
accept-ranges
bytes
expires
Sun, 05 Dec 2021 16:23:09 GMT
last-modified
Mon, 17 May 2021 14:12:47 GMT
server
nginx/1.18.0
etag
7ad7f32c1c0df7b4975cc41bda4ac435
vary
Accept-Encoding
access-control-allow-methods
HEAD,GET,POST,PUT,PATCH,DELETE,OPTIONS
content-type
image/png
access-control-allow-origin
*
access-control-expose-headers
X-Container-Meta-Temp-Url-Key,X-Container-Bytes-Used,Last-Modified,X-Timestamp
cache-control
max-age=172800
content-length
7032
access-control-allow-headers
Content-Type,X-Requested-With,X-Auth-Token,X-Openstack-Request-Id,X-Container-Meta-type,X-Container-Meta-Temp-URL-Key,Authorization
x-proxy-cache
HIT
icon5.png
123.selornews.com/dannig/common-player-arrow/img/ 		3 KB
4 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://123.selornews.com/dannig/common-player-arrow/img/icon5.png
Requested by
Host: 517s61.reminews.com
URL: https://517s61.reminews.com/dannig/common-player-arrow/index.html?var=1541501&ymid=2112031123f8ac35a2cf4b4d5cbe527c5939&rc=1&mrc=0&fsc=0&zoneid=1601571&tburl=https://play-vids.com/?geo=nl&proxy=true
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
45.133.44.4 Philadelphia, United States, ASN39572 (ADVANCEDHOSTERS-AS, NL),
Reverse DNS
Software
nginx/1.18.0 /
Resource Hash

Request headers

Accept-Language
nl-NL,nl;q=0.9
Referer
https://517s61.reminews.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date
Fri, 03 Dec 2021 16:23:09 GMT
x-openstack-request-id
txb5043e51fe2e4d6988631-00617824f0
x-trans-id
txb5043e51fe2e4d6988631-00617824f0
x-timestamp
1621260766.74516
accept-ranges
bytes
expires
Sun, 05 Dec 2021 16:23:09 GMT
last-modified
Mon, 17 May 2021 14:12:47 GMT
server
nginx/1.18.0
etag
1e1a7582b5da63e10485d63f97abc9a0
vary
Accept-Encoding
access-control-allow-methods
HEAD,GET,POST,PUT,PATCH,DELETE,OPTIONS
content-type
image/png
access-control-allow-origin
*
access-control-expose-headers
X-Container-Meta-Temp-Url-Key,X-Container-Bytes-Used,Last-Modified,X-Timestamp
cache-control
max-age=172800
content-length
3264
access-control-allow-headers
Content-Type,X-Requested-With,X-Auth-Token,X-Openstack-Request-Id,X-Container-Meta-type,X-Container-Meta-Temp-URL-Key,Authorization
x-proxy-cache
HIT
icon7.png
123.selornews.com/dannig/common-player-arrow/img/ 		3 KB
4 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://123.selornews.com/dannig/common-player-arrow/img/icon7.png
Requested by
Host: 517s61.reminews.com
URL: https://517s61.reminews.com/dannig/common-player-arrow/index.html?var=1541501&ymid=2112031123f8ac35a2cf4b4d5cbe527c5939&rc=1&mrc=0&fsc=0&zoneid=1601571&tburl=https://play-vids.com/?geo=nl&proxy=true
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
45.133.44.4 Philadelphia, United States, ASN39572 (ADVANCEDHOSTERS-AS, NL),
Reverse DNS
Software
nginx/1.18.0 /
Resource Hash

Request headers

Accept-Language
nl-NL,nl;q=0.9
Referer
https://517s61.reminews.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date
Fri, 03 Dec 2021 16:23:09 GMT
x-openstack-request-id
tx23eb648f44094a9e86fdc-00617824f0
x-trans-id
tx23eb648f44094a9e86fdc-00617824f0
x-timestamp
1621260767.43555
accept-ranges
bytes
expires
Sun, 05 Dec 2021 16:23:09 GMT
last-modified
Mon, 17 May 2021 14:12:48 GMT
server
nginx/1.18.0
etag
b512735542cb07b3b2dcf153a7dfe456
vary
Accept-Encoding
access-control-allow-methods
HEAD,GET,POST,PUT,PATCH,DELETE,OPTIONS
content-type
image/png
access-control-allow-origin
*
access-control-expose-headers
X-Container-Meta-Temp-Url-Key,X-Container-Bytes-Used,Last-Modified,X-Timestamp
cache-control
max-age=172800
content-length
3283
access-control-allow-headers
Content-Type,X-Requested-With,X-Auth-Token,X-Openstack-Request-Id,X-Container-Meta-type,X-Container-Meta-Temp-URL-Key,Authorization
x-proxy-cache
HIT
icon8.png
123.selornews.com/dannig/common-player-arrow/img/ 		4 KB
5 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://123.selornews.com/dannig/common-player-arrow/img/icon8.png
Requested by
Host: 517s61.reminews.com
URL: https://517s61.reminews.com/dannig/common-player-arrow/index.html?var=1541501&ymid=2112031123f8ac35a2cf4b4d5cbe527c5939&rc=1&mrc=0&fsc=0&zoneid=1601571&tburl=https://play-vids.com/?geo=nl&proxy=true
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
45.133.44.4 Philadelphia, United States, ASN39572 (ADVANCEDHOSTERS-AS, NL),
Reverse DNS
Software
nginx/1.18.0 /
Resource Hash

Request headers

Accept-Language
nl-NL,nl;q=0.9
Referer
https://517s61.reminews.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date
Fri, 03 Dec 2021 16:23:09 GMT
x-openstack-request-id
tx287de7c84de84b77b385d-00617824f0
x-trans-id
tx287de7c84de84b77b385d-00617824f0
x-timestamp
1621260767.46514
accept-ranges
bytes
expires
Sun, 05 Dec 2021 16:23:09 GMT
last-modified
Mon, 17 May 2021 14:12:48 GMT
server
nginx/1.18.0
etag
f92d6474ebc6a3a0b576749cfb4afe98
vary
Accept-Encoding
access-control-allow-methods
HEAD,GET,POST,PUT,PATCH,DELETE,OPTIONS
content-type
image/png
access-control-allow-origin
*
access-control-expose-headers
X-Container-Meta-Temp-Url-Key,X-Container-Bytes-Used,Last-Modified,X-Timestamp
cache-control
max-age=172800
content-length
4064
access-control-allow-headers
Content-Type,X-Requested-With,X-Auth-Token,X-Openstack-Request-Id,X-Container-Meta-type,X-Container-Meta-Temp-URL-Key,Authorization
x-proxy-cache
HIT
afu.php
kneeansweras.com/ 		2 KB
1 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://kneeansweras.com/afu.php?zoneid=1541502&var=1541501
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
109.206.162.83 , Netherlands, ASN50245 (SERVEREL-AS, NL),
Reverse DNS
83.162.serverel.net
Software
nginx /
Resource Hash
8eaa4db70f09cc7ed33b80ad6967512972eefd106903bbdd4738849ab24ce068

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36
Accept-Language
nl-NL,nl;q=0.9

Response headers

server
nginx
date
Fri, 03 Dec 2021 16:23:09 GMT
content-type
text/html; charset=utf-8
vary
Accept-Encoding
content-encoding
gzip
timing-allow-origin
*
submit.min.js
kneeansweras.com/ 		34 KB
14 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://kneeansweras.com/submit.min.js?2.0
Requested by
Host: kneeansweras.com
URL: https://kneeansweras.com/afu.php?zoneid=1541502&var=1541501
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
109.206.162.83 , Netherlands, ASN50245 (SERVEREL-AS, NL),
Reverse DNS
83.162.serverel.net
Software
nginx /
Resource Hash
85a367f436675a0f9ff723ab117c68ab0f704cd9f183bc40c8d5e06d647832b8

Request headers

Accept-Language
nl-NL,nl;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date
Fri, 03 Dec 2021 16:23:09 GMT
content-encoding
gzip
last-modified
Thu, 02 Dec 2021 12:43:17 GMT
server
nginx
etag
W/"61a8bf65-87fb"
vary
Accept-Encoding
content-type
application/javascript
timing-allow-origin
*
/
kneeansweras.com/ 		3 KB
2 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://kneeansweras.com/?r=dir&zoneid=1541502&var=1541501&pb=495bce6f770101e310f4cb193b35e8321638555789&psp=-cWpJC7-fUQaKsS__nBRfed9ILfsiOSEWkFGeWq8xDQpPojGrCf-QEIqsZmnctdvYkv9Fd75SvdjeXTna_BRrlDWTy0j2zzpSyMIESxXwXMJLwamJPEEQBJaaYyMNw8SCPKnu6E2pYg4RJ2uHj-MrLRE2dMML7uS_iSms_P_OTVQA8mg9NFmDX2MaX14coPn4zTdICkgK2XRDsK_u1t6DvTAueM84gVguXbqijDMOZxKqReEWgwnonVYlDV51b01gepo-4mXqHF5ZnlaTrxk8M3FZ7ZloAWs37AfSR8ScSDRNgTaKfXi4iJ7df9DCORFEkKRD_P1-cr6VvahvH2b3UG3taIIumRG5Wlp4e_CeKrwFrSAzsgcrOL0HsQ_9P5jnoCL4XNDes6xeo1CSqs8pIc0URjncKe3PGKyjjEa0Ee11utRyyUoQl5dmOxmCIQZvCAtQodr4jY21VHiJ3n-Kwu8CcQQNQBZk8OkRkyJswWdHv_dInNLTvDJjF2ub4cuq04awVdZ2hterigeIW7uf8LyLyyDHZkaepFogVrSbCB4F56kN33FBnVuNC_oeY7c5-dd7U8g_BM3aVe0OtezKN_t7CzTe--egFoG6T3czgi-7GtrhIkTCMoXsNI3taxcIB7uMrzyYX_69NaOYPaeXwLXzuh_Q-_P_pfbPnS3CQSMW0KXSMWrBg==&nojs=0&ix=0&t=0&x=1600&y=1200&wcks=1&wgl=1&cnvs=1&os=0&md=0&bb=0&pl=Chrome%20PDF%20Plugin::Chrome%20PDF%20Viewer::Native%20Client&lang=en-US&pf=Linux%20x86_64&cd=24&0&pload=112
Requested by
Host: kneeansweras.com
URL: https://kneeansweras.com/submit.min.js?2.0
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
109.206.162.83 , Netherlands, ASN50245 (SERVEREL-AS, NL),
Reverse DNS
83.162.serverel.net
Software
nginx /
Resource Hash
eb011c6a2f1ab0519e3275a124fa3fe825f14971af472277111cdbb8f133cb52

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36
Accept-Language
nl-NL,nl;q=0.9

Response headers

server
nginx
date
Fri, 03 Dec 2021 16:23:10 GMT
content-type
text/html; charset=utf-8
vary
Accept-Encoding
content-encoding
gzip
timing-allow-origin
*
index.html
517s61.reminews.com/dannig/common-player-arrow/ 		6 KB
7 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://517s61.reminews.com/dannig/common-player-arrow/index.html?var=1541502&ymid=2112031123cb928b94cdb544cfa3506aa0b4&rc=1&mrc=0&fsc=0&zoneid=1601571&tburl=https://play-vids.com/?geo=nl&proxy=true
Requested by
Host: kneeansweras.com
URL: https://kneeansweras.com/?r=dir&zoneid=1541502&var=1541501&pb=495bce6f770101e310f4cb193b35e8321638555789&psp=-cWpJC7-fUQaKsS__nBRfed9ILfsiOSEWkFGeWq8xDQpPojGrCf-QEIqsZmnctdvYkv9Fd75SvdjeXTna_BRrlDWTy0j2zzpSyMIESxXwXMJLwamJPEEQBJaaYyMNw8SCPKnu6E2pYg4RJ2uHj-MrLRE2dMML7uS_iSms_P_OTVQA8mg9NFmDX2MaX14coPn4zTdICkgK2XRDsK_u1t6DvTAueM84gVguXbqijDMOZxKqReEWgwnonVYlDV51b01gepo-4mXqHF5ZnlaTrxk8M3FZ7ZloAWs37AfSR8ScSDRNgTaKfXi4iJ7df9DCORFEkKRD_P1-cr6VvahvH2b3UG3taIIumRG5Wlp4e_CeKrwFrSAzsgcrOL0HsQ_9P5jnoCL4XNDes6xeo1CSqs8pIc0URjncKe3PGKyjjEa0Ee11utRyyUoQl5dmOxmCIQZvCAtQodr4jY21VHiJ3n-Kwu8CcQQNQBZk8OkRkyJswWdHv_dInNLTvDJjF2ub4cuq04awVdZ2hterigeIW7uf8LyLyyDHZkaepFogVrSbCB4F56kN33FBnVuNC_oeY7c5-dd7U8g_BM3aVe0OtezKN_t7CzTe--egFoG6T3czgi-7GtrhIkTCMoXsNI3taxcIB7uMrzyYX_69NaOYPaeXwLXzuh_Q-_P_pfbPnS3CQSMW0KXSMWrBg==&nojs=0&ix=0&t=0&x=1600&y=1200&wcks=1&wgl=1&cnvs=1&os=0&md=0&bb=0&pl=Chrome%20PDF%20Plugin::Chrome%20PDF%20Viewer::Native%20Client&lang=en-US&pf=Linux%20x86_64&cd=24&0&pload=112
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
45.133.44.3 Philadelphia, United States, ASN39572 (ADVANCEDHOSTERS-AS, NL),
Reverse DNS
Software
nginx/1.18.0 /
Resource Hash
dccc56b4834577790633f041a5c730b0f283352e63c8509a9da3961b170b6f96

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36
Accept-Language
nl-NL,nl;q=0.9

Response headers

date
Fri, 03 Dec 2021 16:23:10 GMT
content-type
text/html; charset=utf-8
content-length
6611
server
nginx/1.18.0
last-modified
Tue, 26 Oct 2021 15:52:40 GMT
etag
f46a63e0e4e733d7ddc6f46da00863bf
x-timestamp
1635263559.76455
x-trans-id
txf9973ab5455e4f86ae257-00617824f3
x-openstack-request-id
txf9973ab5455e4f86ae257-00617824f3
cache-control
max-age=172800
access-control-allow-origin
*
access-control-allow-methods
HEAD,GET,POST,PUT,PATCH,DELETE,OPTIONS
access-control-allow-headers
Content-Type,X-Requested-With,X-Auth-Token,X-Openstack-Request-Id,X-Container-Meta-type,X-Container-Meta-Temp-URL-Key,Authorization
access-control-expose-headers
X-Container-Meta-Temp-Url-Key,X-Container-Bytes-Used,Last-Modified,X-Timestamp
expires
Sun, 05 Dec 2021 16:23:10 GMT
vary
Accept-Encoding
x-proxy-cache
HIT
accept-ranges
bytes
dupa.gif
kneeansweras.com/ 		0
0
script.js
123.selornews.com/dannig/common-player-arrow/ 		4 KB
5 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://123.selornews.com/dannig/common-player-arrow/script.js?a=19
Requested by
Host: 517s61.reminews.com
URL: https://517s61.reminews.com/dannig/common-player-arrow/index.html?var=1541502&ymid=2112031123cb928b94cdb544cfa3506aa0b4&rc=1&mrc=0&fsc=0&zoneid=1601571&tburl=https://play-vids.com/?geo=nl&proxy=true
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
45.133.44.4 Philadelphia, United States, ASN39572 (ADVANCEDHOSTERS-AS, NL),
Reverse DNS
Software
nginx/1.18.0 /
Resource Hash
4d23eca65ee87fd5bce9aaefc863c5f836ad13dbb3069c72533bddfe2054d0d9

Request headers

Accept-Language
nl-NL,nl;q=0.9
Referer
https://517s61.reminews.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date
Fri, 03 Dec 2021 16:23:10 GMT
x-openstack-request-id
tx511d3042704c4fa98c709-00617824f4
x-trans-id
tx511d3042704c4fa98c709-00617824f4
x-timestamp
1631013005.68768
accept-ranges
bytes
expires
Sun, 05 Dec 2021 16:23:10 GMT
last-modified
Tue, 07 Sep 2021 11:10:06 GMT
server
nginx/1.18.0
etag
9d479878f1dadd7ee15cebf73891e8ae
vary
Accept-Encoding
access-control-allow-methods
HEAD,GET,POST,PUT,PATCH,DELETE,OPTIONS
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
access-control-expose-headers
X-Container-Meta-Temp-Url-Key,X-Container-Bytes-Used,Last-Modified,X-Timestamp
cache-control
max-age=172800
content-length
4281
access-control-allow-headers
Content-Type,X-Requested-With,X-Auth-Token,X-Openstack-Request-Id,X-Container-Meta-type,X-Container-Meta-Temp-URL-Key,Authorization
x-proxy-cache
HIT
icon1.png
123.selornews.com/dannig/common-player-arrow/img/ 		7 KB
8 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://123.selornews.com/dannig/common-player-arrow/img/icon1.png
Requested by
Host: 517s61.reminews.com
URL: https://517s61.reminews.com/dannig/common-player-arrow/index.html?var=1541502&ymid=2112031123cb928b94cdb544cfa3506aa0b4&rc=1&mrc=0&fsc=0&zoneid=1601571&tburl=https://play-vids.com/?geo=nl&proxy=true
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
45.133.44.4 Philadelphia, United States, ASN39572 (ADVANCEDHOSTERS-AS, NL),
Reverse DNS
Software
nginx/1.18.0 /
Resource Hash

Request headers

Accept-Language
nl-NL,nl;q=0.9
Referer
https://517s61.reminews.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date
Fri, 03 Dec 2021 16:23:10 GMT
x-openstack-request-id
tx3a371b7f911d47879e956-00617824f4
x-trans-id
tx3a371b7f911d47879e956-00617824f4
x-timestamp
1621260766.56573
accept-ranges
bytes
expires
Sun, 05 Dec 2021 16:23:10 GMT
last-modified
Mon, 17 May 2021 14:12:47 GMT
server
nginx/1.18.0
etag
3d0ab5834c8bf7134e4d21fa3288317f
vary
Accept-Encoding
access-control-allow-methods
HEAD,GET,POST,PUT,PATCH,DELETE,OPTIONS
content-type
image/png
access-control-allow-origin
*
access-control-expose-headers
X-Container-Meta-Temp-Url-Key,X-Container-Bytes-Used,Last-Modified,X-Timestamp
cache-control
max-age=172800
content-length
7252
access-control-allow-headers
Content-Type,X-Requested-With,X-Auth-Token,X-Openstack-Request-Id,X-Container-Meta-type,X-Container-Meta-Temp-URL-Key,Authorization
x-proxy-cache
HIT
icon2.png
123.selornews.com/dannig/common-player-arrow/img/ 		4 KB
5 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://123.selornews.com/dannig/common-player-arrow/img/icon2.png
Requested by
Host: 517s61.reminews.com
URL: https://517s61.reminews.com/dannig/common-player-arrow/index.html?var=1541502&ymid=2112031123cb928b94cdb544cfa3506aa0b4&rc=1&mrc=0&fsc=0&zoneid=1601571&tburl=https://play-vids.com/?geo=nl&proxy=true
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
45.133.44.4 Philadelphia, United States, ASN39572 (ADVANCEDHOSTERS-AS, NL),
Reverse DNS
Software
nginx/1.18.0 /
Resource Hash

Request headers

Accept-Language
nl-NL,nl;q=0.9
Referer
https://517s61.reminews.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date
Fri, 03 Dec 2021 16:23:10 GMT
x-openstack-request-id
txa9b08c83d6884e2e94886-00617824f0
x-trans-id
txa9b08c83d6884e2e94886-00617824f0
x-timestamp
1621260766.58366
accept-ranges
bytes
expires
Sun, 05 Dec 2021 16:23:10 GMT
last-modified
Mon, 17 May 2021 14:12:47 GMT
server
nginx/1.18.0
etag
c947d439eb93367f1af5b2a3d222f057
vary
Accept-Encoding
access-control-allow-methods
HEAD,GET,POST,PUT,PATCH,DELETE,OPTIONS
content-type
image/png
access-control-allow-origin
*
access-control-expose-headers
X-Container-Meta-Temp-Url-Key,X-Container-Bytes-Used,Last-Modified,X-Timestamp
cache-control
max-age=172800
content-length
4576
access-control-allow-headers
Content-Type,X-Requested-With,X-Auth-Token,X-Openstack-Request-Id,X-Container-Meta-type,X-Container-Meta-Temp-URL-Key,Authorization
x-proxy-cache
HIT
icon3.png
123.selornews.com/dannig/common-player-arrow/img/ 		8 KB
8 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://123.selornews.com/dannig/common-player-arrow/img/icon3.png
Requested by
Host: 517s61.reminews.com
URL: https://517s61.reminews.com/dannig/common-player-arrow/index.html?var=1541502&ymid=2112031123cb928b94cdb544cfa3506aa0b4&rc=1&mrc=0&fsc=0&zoneid=1601571&tburl=https://play-vids.com/?geo=nl&proxy=true
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
45.133.44.4 Philadelphia, United States, ASN39572 (ADVANCEDHOSTERS-AS, NL),
Reverse DNS
Software
nginx/1.18.0 /
Resource Hash

Request headers

Accept-Language
nl-NL,nl;q=0.9
Referer
https://517s61.reminews.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date
Fri, 03 Dec 2021 16:23:10 GMT
x-openstack-request-id
txe836bc800dc74cab8c17e-00617824f0
x-trans-id
txe836bc800dc74cab8c17e-00617824f0
x-timestamp
1621260770.61859
accept-ranges
bytes
expires
Sun, 05 Dec 2021 16:23:10 GMT
last-modified
Mon, 17 May 2021 14:12:51 GMT
server
nginx/1.18.0
etag
8f3cc830da0b1fdf66bda7d1d734747b
vary
Accept-Encoding
access-control-allow-methods
HEAD,GET,POST,PUT,PATCH,DELETE,OPTIONS
content-type
image/png
access-control-allow-origin
*
access-control-expose-headers
X-Container-Meta-Temp-Url-Key,X-Container-Bytes-Used,Last-Modified,X-Timestamp
cache-control
max-age=172800
content-length
7847
access-control-allow-headers
Content-Type,X-Requested-With,X-Auth-Token,X-Openstack-Request-Id,X-Container-Meta-type,X-Container-Meta-Temp-URL-Key,Authorization
x-proxy-cache
HIT
icon4.png
123.selornews.com/dannig/common-player-arrow/img/ 		7 KB
7 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://123.selornews.com/dannig/common-player-arrow/img/icon4.png
Requested by
Host: 517s61.reminews.com
URL: https://517s61.reminews.com/dannig/common-player-arrow/index.html?var=1541502&ymid=2112031123cb928b94cdb544cfa3506aa0b4&rc=1&mrc=0&fsc=0&zoneid=1601571&tburl=https://play-vids.com/?geo=nl&proxy=true
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
45.133.44.4 Philadelphia, United States, ASN39572 (ADVANCEDHOSTERS-AS, NL),
Reverse DNS
Software
nginx/1.18.0 /
Resource Hash

Request headers

Accept-Language
nl-NL,nl;q=0.9
Referer
https://517s61.reminews.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date
Fri, 03 Dec 2021 16:23:10 GMT
x-openstack-request-id
tx15b172dcb6084849bf123-00617824f0
x-trans-id
tx15b172dcb6084849bf123-00617824f0
x-timestamp
1621260766.57654
accept-ranges
bytes
expires
Sun, 05 Dec 2021 16:23:10 GMT
last-modified
Mon, 17 May 2021 14:12:47 GMT
server
nginx/1.18.0
etag
7ad7f32c1c0df7b4975cc41bda4ac435
vary
Accept-Encoding
access-control-allow-methods
HEAD,GET,POST,PUT,PATCH,DELETE,OPTIONS
content-type
image/png
access-control-allow-origin
*
access-control-expose-headers
X-Container-Meta-Temp-Url-Key,X-Container-Bytes-Used,Last-Modified,X-Timestamp
cache-control
max-age=172800
content-length
7032
access-control-allow-headers
Content-Type,X-Requested-With,X-Auth-Token,X-Openstack-Request-Id,X-Container-Meta-type,X-Container-Meta-Temp-URL-Key,Authorization
x-proxy-cache
HIT
icon5.png
123.selornews.com/dannig/common-player-arrow/img/ 		3 KB
4 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://123.selornews.com/dannig/common-player-arrow/img/icon5.png
Requested by
Host: 517s61.reminews.com
URL: https://517s61.reminews.com/dannig/common-player-arrow/index.html?var=1541502&ymid=2112031123cb928b94cdb544cfa3506aa0b4&rc=1&mrc=0&fsc=0&zoneid=1601571&tburl=https://play-vids.com/?geo=nl&proxy=true
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
45.133.44.4 Philadelphia, United States, ASN39572 (ADVANCEDHOSTERS-AS, NL),
Reverse DNS
Software
nginx/1.18.0 /
Resource Hash

Request headers

Accept-Language
nl-NL,nl;q=0.9
Referer
https://517s61.reminews.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date
Fri, 03 Dec 2021 16:23:10 GMT
x-openstack-request-id
txb5043e51fe2e4d6988631-00617824f0
x-trans-id
txb5043e51fe2e4d6988631-00617824f0
x-timestamp
1621260766.74516
accept-ranges
bytes
expires
Sun, 05 Dec 2021 16:23:10 GMT
last-modified
Mon, 17 May 2021 14:12:47 GMT
server
nginx/1.18.0
etag
1e1a7582b5da63e10485d63f97abc9a0
vary
Accept-Encoding
access-control-allow-methods
HEAD,GET,POST,PUT,PATCH,DELETE,OPTIONS
content-type
image/png
access-control-allow-origin
*
access-control-expose-headers
X-Container-Meta-Temp-Url-Key,X-Container-Bytes-Used,Last-Modified,X-Timestamp
cache-control
max-age=172800
content-length
3264
access-control-allow-headers
Content-Type,X-Requested-With,X-Auth-Token,X-Openstack-Request-Id,X-Container-Meta-type,X-Container-Meta-Temp-URL-Key,Authorization
x-proxy-cache
HIT
icon7.png
123.selornews.com/dannig/common-player-arrow/img/ 		3 KB
4 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://123.selornews.com/dannig/common-player-arrow/img/icon7.png
Requested by
Host: 517s61.reminews.com
URL: https://517s61.reminews.com/dannig/common-player-arrow/index.html?var=1541502&ymid=2112031123cb928b94cdb544cfa3506aa0b4&rc=1&mrc=0&fsc=0&zoneid=1601571&tburl=https://play-vids.com/?geo=nl&proxy=true
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
45.133.44.4 Philadelphia, United States, ASN39572 (ADVANCEDHOSTERS-AS, NL),
Reverse DNS
Software
nginx/1.18.0 /
Resource Hash

Request headers

Accept-Language
nl-NL,nl;q=0.9
Referer
https://517s61.reminews.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date
Fri, 03 Dec 2021 16:23:10 GMT
x-openstack-request-id
tx23eb648f44094a9e86fdc-00617824f0
x-trans-id
tx23eb648f44094a9e86fdc-00617824f0
x-timestamp
1621260767.43555
accept-ranges
bytes
expires
Sun, 05 Dec 2021 16:23:10 GMT
last-modified
Mon, 17 May 2021 14:12:48 GMT
server
nginx/1.18.0
etag
b512735542cb07b3b2dcf153a7dfe456
vary
Accept-Encoding
access-control-allow-methods
HEAD,GET,POST,PUT,PATCH,DELETE,OPTIONS
content-type
image/png
access-control-allow-origin
*
access-control-expose-headers
X-Container-Meta-Temp-Url-Key,X-Container-Bytes-Used,Last-Modified,X-Timestamp
cache-control
max-age=172800
content-length
3283
access-control-allow-headers
Content-Type,X-Requested-With,X-Auth-Token,X-Openstack-Request-Id,X-Container-Meta-type,X-Container-Meta-Temp-URL-Key,Authorization
x-proxy-cache
HIT
icon8.png
123.selornews.com/dannig/common-player-arrow/img/ 		4 KB
5 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://123.selornews.com/dannig/common-player-arrow/img/icon8.png
Requested by
Host: 517s61.reminews.com
URL: https://517s61.reminews.com/dannig/common-player-arrow/index.html?var=1541502&ymid=2112031123cb928b94cdb544cfa3506aa0b4&rc=1&mrc=0&fsc=0&zoneid=1601571&tburl=https://play-vids.com/?geo=nl&proxy=true
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
45.133.44.4 Philadelphia, United States, ASN39572 (ADVANCEDHOSTERS-AS, NL),
Reverse DNS
Software
nginx/1.18.0 /
Resource Hash

Request headers

Accept-Language
nl-NL,nl;q=0.9
Referer
https://517s61.reminews.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date
Fri, 03 Dec 2021 16:23:10 GMT
x-openstack-request-id
tx287de7c84de84b77b385d-00617824f0
x-trans-id
tx287de7c84de84b77b385d-00617824f0
x-timestamp
1621260767.46514
accept-ranges
bytes
expires
Sun, 05 Dec 2021 16:23:10 GMT
last-modified
Mon, 17 May 2021 14:12:48 GMT
server
nginx/1.18.0
etag
f92d6474ebc6a3a0b576749cfb4afe98
vary
Accept-Encoding
access-control-allow-methods
HEAD,GET,POST,PUT,PATCH,DELETE,OPTIONS
content-type
image/png
access-control-allow-origin
*
access-control-expose-headers
X-Container-Meta-Temp-Url-Key,X-Container-Bytes-Used,Last-Modified,X-Timestamp
cache-control
max-age=172800
content-length
4064
access-control-allow-headers
Content-Type,X-Requested-With,X-Auth-Token,X-Openstack-Request-Id,X-Container-Meta-type,X-Container-Meta-Temp-URL-Key,Authorization
x-proxy-cache
HIT
afu.php
kneeansweras.com/ 		2 KB
1 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://kneeansweras.com/afu.php?zoneid=1541501&var=1541502
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
109.206.162.83 , Netherlands, ASN50245 (SERVEREL-AS, NL),
Reverse DNS
83.162.serverel.net
Software
nginx /
Resource Hash
d2a8140fe4976011624521468b3cb4a3c9367cc0a89e04163b04da13c577ffc0

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36
Accept-Language
nl-NL,nl;q=0.9

Response headers

server
nginx
date
Fri, 03 Dec 2021 16:23:10 GMT
content-type
text/html; charset=utf-8
vary
Accept-Encoding
content-encoding
gzip
timing-allow-origin
*
submit.min.js
kneeansweras.com/ 		34 KB
14 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://kneeansweras.com/submit.min.js?2.0
Requested by
Host: kneeansweras.com
URL: https://kneeansweras.com/afu.php?zoneid=1541501&var=1541502
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
109.206.162.83 , Netherlands, ASN50245 (SERVEREL-AS, NL),
Reverse DNS
83.162.serverel.net
Software
nginx /
Resource Hash
85a367f436675a0f9ff723ab117c68ab0f704cd9f183bc40c8d5e06d647832b8

Request headers

Accept-Language
nl-NL,nl;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date
Fri, 03 Dec 2021 16:23:10 GMT
content-encoding
gzip
last-modified
Thu, 02 Dec 2021 12:43:17 GMT
server
nginx
etag
W/"61a8bf65-87fb"
vary
Accept-Encoding
content-type
application/javascript
timing-allow-origin
*
/
kneeansweras.com/ 		3 KB
2 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://kneeansweras.com/?r=dir&zoneid=1541501&var=1541502&pb=f769bd8914aa866f70b4705b7ba1c7c91638555790&psp=YAQE1HNetRwbTYpw3zIp7L5clFZcZQeUkLVpU8vFCjbo0E-rlL0NdWSpTyhA5FdcIuhggb0jIowkGOtoZwi271-o1D7eL2ysT89YK6sQyOHpWgN8WavDD6ZVTo_m2ccRmz5LNmQY8-zZM_XJOoPOD8qRXO8Z0_apPgVxyvtzZbqrbKX2ghspWCGCJ1PY18beoUAAy445Q9hgbqwSrDspXkJczfvTj6xR7O0ZYXEhi221N4zwdv6xbYn4J0LzylIj7-wX0RNWDwQWWbdle_BMH1yZVHXmGRbm7KYG-BievVshUwymCl92r831VfFE-ryQVISCspN3syfm5Dty1mkJzFCjP0LaadaYAjbWHyd2f43vdaGic_LdSC5Ucihg2QjrFRjG_qoxU4E7KPV-Fkr9b0kzw2kwrgBBLLEvcqVt6cX-XA3H3rQGeUkNfbZxNKrToKwFi-_WmxXzt0mwdfq-bqmvtqq3TocHIWd53hfmaqTbq8FPZWsduFiTBq239-9Nozq6eZvmwqavid6N8JZ1Afde45ke6X7TrbHlTyI3cNubQJ0lwYK4dD2x2uwPKVbmqVD9RKbnY7rKNzhSEp-rVpTyAs87FZoWBU2LLymbQhKhGXGKxs1auQpmtBnEbuP5cuSRFuYVadQHOG6--y3qsQE_93kJsk7HCWpuqQkfrI6x3dvLQ0gkUQ==&nojs=0&ix=0&t=0&x=1600&y=1200&wcks=1&wgl=1&cnvs=1&os=0&md=0&bb=0&pl=Chrome%20PDF%20Plugin::Chrome%20PDF%20Viewer::Native%20Client&lang=en-US&pf=Linux%20x86_64&cd=24&0&pload=100
Requested by
Host: kneeansweras.com
URL: https://kneeansweras.com/submit.min.js?2.0
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
109.206.162.83 , Netherlands, ASN50245 (SERVEREL-AS, NL),
Reverse DNS
83.162.serverel.net
Software
nginx /
Resource Hash
637aa4e2fecbfba8faa58c3c7ae57d0e329cafb95e77f9475dad26828524b5b5

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36
Accept-Language
nl-NL,nl;q=0.9

Response headers

server
nginx
date
Fri, 03 Dec 2021 16:23:10 GMT
content-type
text/html; charset=utf-8
vary
Accept-Encoding
content-encoding
gzip
timing-allow-origin
*
index.html
517s61.reminews.com/dannig/common-player-arrow/ 		6 KB
7 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://517s61.reminews.com/dannig/common-player-arrow/index.html?var=1541501&ymid=21120311231a532113f4f44716ada29eebc2&rc=1&mrc=0&fsc=0&zoneid=1601571&tburl=https://play-vids.com/?geo=nl&proxy=true
Requested by
Host: kneeansweras.com
URL: https://kneeansweras.com/?r=dir&zoneid=1541501&var=1541502&pb=f769bd8914aa866f70b4705b7ba1c7c91638555790&psp=YAQE1HNetRwbTYpw3zIp7L5clFZcZQeUkLVpU8vFCjbo0E-rlL0NdWSpTyhA5FdcIuhggb0jIowkGOtoZwi271-o1D7eL2ysT89YK6sQyOHpWgN8WavDD6ZVTo_m2ccRmz5LNmQY8-zZM_XJOoPOD8qRXO8Z0_apPgVxyvtzZbqrbKX2ghspWCGCJ1PY18beoUAAy445Q9hgbqwSrDspXkJczfvTj6xR7O0ZYXEhi221N4zwdv6xbYn4J0LzylIj7-wX0RNWDwQWWbdle_BMH1yZVHXmGRbm7KYG-BievVshUwymCl92r831VfFE-ryQVISCspN3syfm5Dty1mkJzFCjP0LaadaYAjbWHyd2f43vdaGic_LdSC5Ucihg2QjrFRjG_qoxU4E7KPV-Fkr9b0kzw2kwrgBBLLEvcqVt6cX-XA3H3rQGeUkNfbZxNKrToKwFi-_WmxXzt0mwdfq-bqmvtqq3TocHIWd53hfmaqTbq8FPZWsduFiTBq239-9Nozq6eZvmwqavid6N8JZ1Afde45ke6X7TrbHlTyI3cNubQJ0lwYK4dD2x2uwPKVbmqVD9RKbnY7rKNzhSEp-rVpTyAs87FZoWBU2LLymbQhKhGXGKxs1auQpmtBnEbuP5cuSRFuYVadQHOG6--y3qsQE_93kJsk7HCWpuqQkfrI6x3dvLQ0gkUQ==&nojs=0&ix=0&t=0&x=1600&y=1200&wcks=1&wgl=1&cnvs=1&os=0&md=0&bb=0&pl=Chrome%20PDF%20Plugin::Chrome%20PDF%20Viewer::Native%20Client&lang=en-US&pf=Linux%20x86_64&cd=24&0&pload=100
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
45.133.44.3 Philadelphia, United States, ASN39572 (ADVANCEDHOSTERS-AS, NL),
Reverse DNS
Software
nginx/1.18.0 /
Resource Hash
dccc56b4834577790633f041a5c730b0f283352e63c8509a9da3961b170b6f96

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36
Accept-Language
nl-NL,nl;q=0.9

Response headers

date
Fri, 03 Dec 2021 16:23:10 GMT
content-type
text/html; charset=utf-8
content-length
6611
server
nginx/1.18.0
last-modified
Tue, 26 Oct 2021 15:52:40 GMT
etag
f46a63e0e4e733d7ddc6f46da00863bf
x-timestamp
1635263559.76455
x-trans-id
txf9973ab5455e4f86ae257-00617824f3
x-openstack-request-id
txf9973ab5455e4f86ae257-00617824f3
cache-control
max-age=172800
access-control-allow-origin
*
access-control-allow-methods
HEAD,GET,POST,PUT,PATCH,DELETE,OPTIONS
access-control-allow-headers
Content-Type,X-Requested-With,X-Auth-Token,X-Openstack-Request-Id,X-Container-Meta-type,X-Container-Meta-Temp-URL-Key,Authorization
access-control-expose-headers
X-Container-Meta-Temp-Url-Key,X-Container-Bytes-Used,Last-Modified,X-Timestamp
expires
Sun, 05 Dec 2021 16:23:10 GMT
vary
Accept-Encoding
x-proxy-cache
HIT
accept-ranges
bytes
dupa.gif
kneeansweras.com/ 		0
0
script.js
123.selornews.com/dannig/common-player-arrow/ 		4 KB
5 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://123.selornews.com/dannig/common-player-arrow/script.js?a=19
Requested by
Host: 517s61.reminews.com
URL: https://517s61.reminews.com/dannig/common-player-arrow/index.html?var=1541501&ymid=21120311231a532113f4f44716ada29eebc2&rc=1&mrc=0&fsc=0&zoneid=1601571&tburl=https://play-vids.com/?geo=nl&proxy=true
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
45.133.44.4 Philadelphia, United States, ASN39572 (ADVANCEDHOSTERS-AS, NL),
Reverse DNS
Software
nginx/1.18.0 /
Resource Hash
4d23eca65ee87fd5bce9aaefc863c5f836ad13dbb3069c72533bddfe2054d0d9

Request headers

Accept-Language
nl-NL,nl;q=0.9
Referer
https://517s61.reminews.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date
Fri, 03 Dec 2021 16:23:10 GMT
x-openstack-request-id
tx511d3042704c4fa98c709-00617824f4
x-trans-id
tx511d3042704c4fa98c709-00617824f4
x-timestamp
1631013005.68768
accept-ranges
bytes
expires
Sun, 05 Dec 2021 16:23:10 GMT
last-modified
Tue, 07 Sep 2021 11:10:06 GMT
server
nginx/1.18.0
etag
9d479878f1dadd7ee15cebf73891e8ae
vary
Accept-Encoding
access-control-allow-methods
HEAD,GET,POST,PUT,PATCH,DELETE,OPTIONS
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
access-control-expose-headers
X-Container-Meta-Temp-Url-Key,X-Container-Bytes-Used,Last-Modified,X-Timestamp
cache-control
max-age=172800
content-length
4281
access-control-allow-headers
Content-Type,X-Requested-With,X-Auth-Token,X-Openstack-Request-Id,X-Container-Meta-type,X-Container-Meta-Temp-URL-Key,Authorization
x-proxy-cache
HIT
icon1.png
123.selornews.com/dannig/common-player-arrow/img/ 		7 KB
8 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://123.selornews.com/dannig/common-player-arrow/img/icon1.png
Requested by
Host: 517s61.reminews.com
URL: https://517s61.reminews.com/dannig/common-player-arrow/index.html?var=1541501&ymid=21120311231a532113f4f44716ada29eebc2&rc=1&mrc=0&fsc=0&zoneid=1601571&tburl=https://play-vids.com/?geo=nl&proxy=true
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
45.133.44.4 Philadelphia, United States, ASN39572 (ADVANCEDHOSTERS-AS, NL),
Reverse DNS
Software
nginx/1.18.0 /
Resource Hash

Request headers

Accept-Language
nl-NL,nl;q=0.9
Referer
https://517s61.reminews.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date
Fri, 03 Dec 2021 16:23:10 GMT
x-openstack-request-id
tx3a371b7f911d47879e956-00617824f4
x-trans-id
tx3a371b7f911d47879e956-00617824f4
x-timestamp
1621260766.56573
accept-ranges
bytes
expires
Sun, 05 Dec 2021 16:23:10 GMT
last-modified
Mon, 17 May 2021 14:12:47 GMT
server
nginx/1.18.0
etag
3d0ab5834c8bf7134e4d21fa3288317f
vary
Accept-Encoding
access-control-allow-methods
HEAD,GET,POST,PUT,PATCH,DELETE,OPTIONS
content-type
image/png
access-control-allow-origin
*
access-control-expose-headers
X-Container-Meta-Temp-Url-Key,X-Container-Bytes-Used,Last-Modified,X-Timestamp
cache-control
max-age=172800
content-length
7252
access-control-allow-headers
Content-Type,X-Requested-With,X-Auth-Token,X-Openstack-Request-Id,X-Container-Meta-type,X-Container-Meta-Temp-URL-Key,Authorization
x-proxy-cache
HIT
icon2.png
123.selornews.com/dannig/common-player-arrow/img/ 		4 KB
5 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://123.selornews.com/dannig/common-player-arrow/img/icon2.png
Requested by
Host: 517s61.reminews.com
URL: https://517s61.reminews.com/dannig/common-player-arrow/index.html?var=1541501&ymid=21120311231a532113f4f44716ada29eebc2&rc=1&mrc=0&fsc=0&zoneid=1601571&tburl=https://play-vids.com/?geo=nl&proxy=true
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
45.133.44.4 Philadelphia, United States, ASN39572 (ADVANCEDHOSTERS-AS, NL),
Reverse DNS
Software
nginx/1.18.0 /
Resource Hash

Request headers

Accept-Language
nl-NL,nl;q=0.9
Referer
https://517s61.reminews.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date
Fri, 03 Dec 2021 16:23:10 GMT
x-openstack-request-id
txa9b08c83d6884e2e94886-00617824f0
x-trans-id
txa9b08c83d6884e2e94886-00617824f0
x-timestamp
1621260766.58366
accept-ranges
bytes
expires
Sun, 05 Dec 2021 16:23:10 GMT
last-modified
Mon, 17 May 2021 14:12:47 GMT
server
nginx/1.18.0
etag
c947d439eb93367f1af5b2a3d222f057
vary
Accept-Encoding
access-control-allow-methods
HEAD,GET,POST,PUT,PATCH,DELETE,OPTIONS
content-type
image/png
access-control-allow-origin
*
access-control-expose-headers
X-Container-Meta-Temp-Url-Key,X-Container-Bytes-Used,Last-Modified,X-Timestamp
cache-control
max-age=172800
content-length
4576
access-control-allow-headers
Content-Type,X-Requested-With,X-Auth-Token,X-Openstack-Request-Id,X-Container-Meta-type,X-Container-Meta-Temp-URL-Key,Authorization
x-proxy-cache
HIT
icon3.png
123.selornews.com/dannig/common-player-arrow/img/ 		8 KB
8 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://123.selornews.com/dannig/common-player-arrow/img/icon3.png
Requested by
Host: 517s61.reminews.com
URL: https://517s61.reminews.com/dannig/common-player-arrow/index.html?var=1541501&ymid=21120311231a532113f4f44716ada29eebc2&rc=1&mrc=0&fsc=0&zoneid=1601571&tburl=https://play-vids.com/?geo=nl&proxy=true
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
45.133.44.4 Philadelphia, United States, ASN39572 (ADVANCEDHOSTERS-AS, NL),
Reverse DNS
Software
nginx/1.18.0 /
Resource Hash

Request headers

Accept-Language
nl-NL,nl;q=0.9
Referer
https://517s61.reminews.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date
Fri, 03 Dec 2021 16:23:10 GMT
x-openstack-request-id
txe836bc800dc74cab8c17e-00617824f0
x-trans-id
txe836bc800dc74cab8c17e-00617824f0
x-timestamp
1621260770.61859
accept-ranges
bytes
expires
Sun, 05 Dec 2021 16:23:10 GMT
last-modified
Mon, 17 May 2021 14:12:51 GMT
server
nginx/1.18.0
etag
8f3cc830da0b1fdf66bda7d1d734747b
vary
Accept-Encoding
access-control-allow-methods
HEAD,GET,POST,PUT,PATCH,DELETE,OPTIONS
content-type
image/png
access-control-allow-origin
*
access-control-expose-headers
X-Container-Meta-Temp-Url-Key,X-Container-Bytes-Used,Last-Modified,X-Timestamp
cache-control
max-age=172800
content-length
7847
access-control-allow-headers
Content-Type,X-Requested-With,X-Auth-Token,X-Openstack-Request-Id,X-Container-Meta-type,X-Container-Meta-Temp-URL-Key,Authorization
x-proxy-cache
HIT
icon4.png
123.selornews.com/dannig/common-player-arrow/img/ 		7 KB
7 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://123.selornews.com/dannig/common-player-arrow/img/icon4.png
Requested by
Host: 517s61.reminews.com
URL: https://517s61.reminews.com/dannig/common-player-arrow/index.html?var=1541501&ymid=21120311231a532113f4f44716ada29eebc2&rc=1&mrc=0&fsc=0&zoneid=1601571&tburl=https://play-vids.com/?geo=nl&proxy=true
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
45.133.44.4 Philadelphia, United States, ASN39572 (ADVANCEDHOSTERS-AS, NL),
Reverse DNS
Software
nginx/1.18.0 /
Resource Hash

Request headers

Accept-Language
nl-NL,nl;q=0.9
Referer
https://517s61.reminews.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date
Fri, 03 Dec 2021 16:23:10 GMT
x-openstack-request-id
tx15b172dcb6084849bf123-00617824f0
x-trans-id
tx15b172dcb6084849bf123-00617824f0
x-timestamp
1621260766.57654
accept-ranges
bytes
expires
Sun, 05 Dec 2021 16:23:10 GMT
last-modified
Mon, 17 May 2021 14:12:47 GMT
server
nginx/1.18.0
etag
7ad7f32c1c0df7b4975cc41bda4ac435
vary
Accept-Encoding
access-control-allow-methods
HEAD,GET,POST,PUT,PATCH,DELETE,OPTIONS
content-type
image/png
access-control-allow-origin
*
access-control-expose-headers
X-Container-Meta-Temp-Url-Key,X-Container-Bytes-Used,Last-Modified,X-Timestamp
cache-control
max-age=172800
content-length
7032
access-control-allow-headers
Content-Type,X-Requested-With,X-Auth-Token,X-Openstack-Request-Id,X-Container-Meta-type,X-Container-Meta-Temp-URL-Key,Authorization
x-proxy-cache
HIT
icon5.png
123.selornews.com/dannig/common-player-arrow/img/ 		3 KB
4 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://123.selornews.com/dannig/common-player-arrow/img/icon5.png
Requested by
Host: 517s61.reminews.com
URL: https://517s61.reminews.com/dannig/common-player-arrow/index.html?var=1541501&ymid=21120311231a532113f4f44716ada29eebc2&rc=1&mrc=0&fsc=0&zoneid=1601571&tburl=https://play-vids.com/?geo=nl&proxy=true
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
45.133.44.4 Philadelphia, United States, ASN39572 (ADVANCEDHOSTERS-AS, NL),
Reverse DNS
Software
nginx/1.18.0 /
Resource Hash

Request headers

Accept-Language
nl-NL,nl;q=0.9
Referer
https://517s61.reminews.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date
Fri, 03 Dec 2021 16:23:10 GMT
x-openstack-request-id
txb5043e51fe2e4d6988631-00617824f0
x-trans-id
txb5043e51fe2e4d6988631-00617824f0
x-timestamp
1621260766.74516
accept-ranges
bytes
expires
Sun, 05 Dec 2021 16:23:10 GMT
last-modified
Mon, 17 May 2021 14:12:47 GMT
server
nginx/1.18.0
etag
1e1a7582b5da63e10485d63f97abc9a0
vary
Accept-Encoding
access-control-allow-methods
HEAD,GET,POST,PUT,PATCH,DELETE,OPTIONS
content-type
image/png
access-control-allow-origin
*
access-control-expose-headers
X-Container-Meta-Temp-Url-Key,X-Container-Bytes-Used,Last-Modified,X-Timestamp
cache-control
max-age=172800
content-length
3264
access-control-allow-headers
Content-Type,X-Requested-With,X-Auth-Token,X-Openstack-Request-Id,X-Container-Meta-type,X-Container-Meta-Temp-URL-Key,Authorization
x-proxy-cache
HIT
icon7.png
123.selornews.com/dannig/common-player-arrow/img/ 		3 KB
4 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://123.selornews.com/dannig/common-player-arrow/img/icon7.png
Requested by
Host: 517s61.reminews.com
URL: https://517s61.reminews.com/dannig/common-player-arrow/index.html?var=1541501&ymid=21120311231a532113f4f44716ada29eebc2&rc=1&mrc=0&fsc=0&zoneid=1601571&tburl=https://play-vids.com/?geo=nl&proxy=true
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
45.133.44.4 Philadelphia, United States, ASN39572 (ADVANCEDHOSTERS-AS, NL),
Reverse DNS
Software
nginx/1.18.0 /
Resource Hash

Request headers

Accept-Language
nl-NL,nl;q=0.9
Referer
https://517s61.reminews.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date
Fri, 03 Dec 2021 16:23:10 GMT
x-openstack-request-id
tx23eb648f44094a9e86fdc-00617824f0
x-trans-id
tx23eb648f44094a9e86fdc-00617824f0
x-timestamp
1621260767.43555
accept-ranges
bytes
expires
Sun, 05 Dec 2021 16:23:10 GMT
last-modified
Mon, 17 May 2021 14:12:48 GMT
server
nginx/1.18.0
etag
b512735542cb07b3b2dcf153a7dfe456
vary
Accept-Encoding
access-control-allow-methods
HEAD,GET,POST,PUT,PATCH,DELETE,OPTIONS
content-type
image/png
access-control-allow-origin
*
access-control-expose-headers
X-Container-Meta-Temp-Url-Key,X-Container-Bytes-Used,Last-Modified,X-Timestamp
cache-control
max-age=172800
content-length
3283
access-control-allow-headers
Content-Type,X-Requested-With,X-Auth-Token,X-Openstack-Request-Id,X-Container-Meta-type,X-Container-Meta-Temp-URL-Key,Authorization
x-proxy-cache
HIT
icon8.png
123.selornews.com/dannig/common-player-arrow/img/ 		4 KB
5 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://123.selornews.com/dannig/common-player-arrow/img/icon8.png
Requested by
Host: 517s61.reminews.com
URL: https://517s61.reminews.com/dannig/common-player-arrow/index.html?var=1541501&ymid=21120311231a532113f4f44716ada29eebc2&rc=1&mrc=0&fsc=0&zoneid=1601571&tburl=https://play-vids.com/?geo=nl&proxy=true
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
45.133.44.4 Philadelphia, United States, ASN39572 (ADVANCEDHOSTERS-AS, NL),
Reverse DNS
Software
nginx/1.18.0 /
Resource Hash

Request headers

Accept-Language
nl-NL,nl;q=0.9
Referer
https://517s61.reminews.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date
Fri, 03 Dec 2021 16:23:10 GMT
x-openstack-request-id
tx287de7c84de84b77b385d-00617824f0
x-trans-id
tx287de7c84de84b77b385d-00617824f0
x-timestamp
1621260767.46514
accept-ranges
bytes
expires
Sun, 05 Dec 2021 16:23:10 GMT
last-modified
Mon, 17 May 2021 14:12:48 GMT
server
nginx/1.18.0
etag
f92d6474ebc6a3a0b576749cfb4afe98
vary
Accept-Encoding
access-control-allow-methods
HEAD,GET,POST,PUT,PATCH,DELETE,OPTIONS
content-type
image/png
access-control-allow-origin
*
access-control-expose-headers
X-Container-Meta-Temp-Url-Key,X-Container-Bytes-Used,Last-Modified,X-Timestamp
cache-control
max-age=172800
content-length
4064
access-control-allow-headers
Content-Type,X-Requested-With,X-Auth-Token,X-Openstack-Request-Id,X-Container-Meta-type,X-Container-Meta-Temp-URL-Key,Authorization
x-proxy-cache
HIT
afu.php
kneeansweras.com/ 		2 KB
1 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://kneeansweras.com/afu.php?zoneid=1541502&var=1541501
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
109.206.162.83 , Netherlands, ASN50245 (SERVEREL-AS, NL),
Reverse DNS
83.162.serverel.net
Software
nginx /
Resource Hash
8b5174279b43e8e10f414602674406b1925564696fa38f0e87319f9f92fb6548

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36
Accept-Language
nl-NL,nl;q=0.9

Response headers

server
nginx
date
Fri, 03 Dec 2021 16:23:10 GMT
content-type
text/html; charset=utf-8
vary
Accept-Encoding
content-encoding
gzip
timing-allow-origin
*
submit.min.js
kneeansweras.com/ 		34 KB
14 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://kneeansweras.com/submit.min.js?2.0
Requested by
Host: kneeansweras.com
URL: https://kneeansweras.com/afu.php?zoneid=1541502&var=1541501
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
109.206.162.83 , Netherlands, ASN50245 (SERVEREL-AS, NL),
Reverse DNS
83.162.serverel.net
Software
nginx /
Resource Hash
85a367f436675a0f9ff723ab117c68ab0f704cd9f183bc40c8d5e06d647832b8

Request headers

Accept-Language
nl-NL,nl;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date
Fri, 03 Dec 2021 16:23:10 GMT
content-encoding
gzip
last-modified
Thu, 02 Dec 2021 12:43:17 GMT
server
nginx
etag
W/"61a8bf65-87fb"
vary
Accept-Encoding
content-type
application/javascript
timing-allow-origin
*
/
kneeansweras.com/ 		3 KB
2 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://kneeansweras.com/?r=dir&zoneid=1541502&var=1541501&pb=f769bd8914aa866f70b4705b7ba1c7c91638555790&psp=UPhNa1yaQuDIoAQ777ZI_jB-WZPGp2NBwuz0T5asFgeQxza4nSnlhm0zrNVj_ZzsToX7xqpO1b7CpqTLCn8o3GdmgNkRNOKTPmvhuMUGqDTjp7BQWRoB81mfZx0T7kNBXN6XgjXudfKhcE83oNVAPXQQyai3DnQtxfvVSbplc_kByXmuzy1QZrsJI8VLnT4IE0RHGBiTfPZcPtAo7EWvdOA7wRb6vH5NXRtpjzisaifl_W2XYY4s5ZIHYEoqeaNolp5mceo2RaJkU_8HhdJQvqmndT-omeqIP9AIgs0DhLvTPbqdUi95VNi0NWuES6N58U8lpPYAYrLofmfwa6Yk06yHaMCrXTVcrKW4pMZvvaaUGQNIUaKdwow2pSUwI2sVS2Riy4mz4iW0QBwkbE0oy0hOganGP7sd4tgIL9cU98_So5CEjH_Lklp49qoPvw1oVMUMfxQ0EYjmj-TwvQSF9nIYu8aHmEZzxiVELUVlx8eDK7F5LBU3H5dEFNOvpQDB3VM9a5v3Gio0qhBp63_BVp__DY0nDYl2jQpwxJYWoPLE5vFEJRq_amNYnD0n-9D_ysUyRPczXscQVYJOIn_KRW4v9p2dwTPn5UDEjC2yplsii6qstU2jqsj7spmffFLhiJ69X2928xDiZskS7u5IJl1n0qoQ9uCgTJpWLfXXI9otnqx0SBU9IA==&nojs=0&ix=0&t=0&x=1600&y=1200&wcks=1&wgl=1&cnvs=1&os=0&md=0&bb=0&pl=Chrome%20PDF%20Plugin::Chrome%20PDF%20Viewer::Native%20Client&lang=en-US&pf=Linux%20x86_64&cd=24&0&pload=103
Requested by
Host: kneeansweras.com
URL: https://kneeansweras.com/submit.min.js?2.0
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
109.206.162.83 , Netherlands, ASN50245 (SERVEREL-AS, NL),
Reverse DNS
83.162.serverel.net
Software
nginx /
Resource Hash
14a63ffbc14737b7a308d7a44bd1ded3223f20473f36ad71914df52d5e64b9b7

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36
Accept-Language
nl-NL,nl;q=0.9

Response headers

server
nginx
date
Fri, 03 Dec 2021 16:23:10 GMT
content-type
text/html; charset=utf-8
vary
Accept-Encoding
content-encoding
gzip
timing-allow-origin
*
index.html
517s61.reminews.com/dannig/common-player-arrow/ 		6 KB
7 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://517s61.reminews.com/dannig/common-player-arrow/index.html?var=1541502&ymid=2112031123ae1187fe5b4f4da0a138e72166&rc=1&mrc=0&fsc=0&zoneid=1601571&tburl=https://play-vids.com/?geo=nl&proxy=true
Requested by
Host: kneeansweras.com
URL: https://kneeansweras.com/?r=dir&zoneid=1541502&var=1541501&pb=f769bd8914aa866f70b4705b7ba1c7c91638555790&psp=UPhNa1yaQuDIoAQ777ZI_jB-WZPGp2NBwuz0T5asFgeQxza4nSnlhm0zrNVj_ZzsToX7xqpO1b7CpqTLCn8o3GdmgNkRNOKTPmvhuMUGqDTjp7BQWRoB81mfZx0T7kNBXN6XgjXudfKhcE83oNVAPXQQyai3DnQtxfvVSbplc_kByXmuzy1QZrsJI8VLnT4IE0RHGBiTfPZcPtAo7EWvdOA7wRb6vH5NXRtpjzisaifl_W2XYY4s5ZIHYEoqeaNolp5mceo2RaJkU_8HhdJQvqmndT-omeqIP9AIgs0DhLvTPbqdUi95VNi0NWuES6N58U8lpPYAYrLofmfwa6Yk06yHaMCrXTVcrKW4pMZvvaaUGQNIUaKdwow2pSUwI2sVS2Riy4mz4iW0QBwkbE0oy0hOganGP7sd4tgIL9cU98_So5CEjH_Lklp49qoPvw1oVMUMfxQ0EYjmj-TwvQSF9nIYu8aHmEZzxiVELUVlx8eDK7F5LBU3H5dEFNOvpQDB3VM9a5v3Gio0qhBp63_BVp__DY0nDYl2jQpwxJYWoPLE5vFEJRq_amNYnD0n-9D_ysUyRPczXscQVYJOIn_KRW4v9p2dwTPn5UDEjC2yplsii6qstU2jqsj7spmffFLhiJ69X2928xDiZskS7u5IJl1n0qoQ9uCgTJpWLfXXI9otnqx0SBU9IA==&nojs=0&ix=0&t=0&x=1600&y=1200&wcks=1&wgl=1&cnvs=1&os=0&md=0&bb=0&pl=Chrome%20PDF%20Plugin::Chrome%20PDF%20Viewer::Native%20Client&lang=en-US&pf=Linux%20x86_64&cd=24&0&pload=103
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
45.133.44.3 Philadelphia, United States, ASN39572 (ADVANCEDHOSTERS-AS, NL),
Reverse DNS
Software
nginx/1.18.0 /
Resource Hash
dccc56b4834577790633f041a5c730b0f283352e63c8509a9da3961b170b6f96

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36
Accept-Language
nl-NL,nl;q=0.9

Response headers

date
Fri, 03 Dec 2021 16:23:10 GMT
content-type
text/html; charset=utf-8
content-length
6611
server
nginx/1.18.0
last-modified
Tue, 26 Oct 2021 15:52:40 GMT
etag
f46a63e0e4e733d7ddc6f46da00863bf
x-timestamp
1635263559.76455
x-trans-id
txf9973ab5455e4f86ae257-00617824f3
x-openstack-request-id
txf9973ab5455e4f86ae257-00617824f3
cache-control
max-age=172800
access-control-allow-origin
*
access-control-allow-methods
HEAD,GET,POST,PUT,PATCH,DELETE,OPTIONS
access-control-allow-headers
Content-Type,X-Requested-With,X-Auth-Token,X-Openstack-Request-Id,X-Container-Meta-type,X-Container-Meta-Temp-URL-Key,Authorization
access-control-expose-headers
X-Container-Meta-Temp-Url-Key,X-Container-Bytes-Used,Last-Modified,X-Timestamp
expires
Sun, 05 Dec 2021 16:23:10 GMT
vary
Accept-Encoding
x-proxy-cache
HIT
accept-ranges
bytes
dupa.gif
kneeansweras.com/ 		0
0
script.js
123.selornews.com/dannig/common-player-arrow/ 		4 KB
5 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://123.selornews.com/dannig/common-player-arrow/script.js?a=19
Requested by
Host: 517s61.reminews.com
URL: https://517s61.reminews.com/dannig/common-player-arrow/index.html?var=1541502&ymid=2112031123ae1187fe5b4f4da0a138e72166&rc=1&mrc=0&fsc=0&zoneid=1601571&tburl=https://play-vids.com/?geo=nl&proxy=true
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
45.133.44.4 Philadelphia, United States, ASN39572 (ADVANCEDHOSTERS-AS, NL),
Reverse DNS
Software
nginx/1.18.0 /
Resource Hash
4d23eca65ee87fd5bce9aaefc863c5f836ad13dbb3069c72533bddfe2054d0d9

Request headers

Accept-Language
nl-NL,nl;q=0.9
Referer
https://517s61.reminews.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date
Fri, 03 Dec 2021 16:23:10 GMT
x-openstack-request-id
tx511d3042704c4fa98c709-00617824f4
x-trans-id
tx511d3042704c4fa98c709-00617824f4
x-timestamp
1631013005.68768
accept-ranges
bytes
expires
Sun, 05 Dec 2021 16:23:10 GMT
last-modified
Tue, 07 Sep 2021 11:10:06 GMT
server
nginx/1.18.0
etag
9d479878f1dadd7ee15cebf73891e8ae
vary
Accept-Encoding
access-control-allow-methods
HEAD,GET,POST,PUT,PATCH,DELETE,OPTIONS
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
access-control-expose-headers
X-Container-Meta-Temp-Url-Key,X-Container-Bytes-Used,Last-Modified,X-Timestamp
cache-control
max-age=172800
content-length
4281
access-control-allow-headers
Content-Type,X-Requested-With,X-Auth-Token,X-Openstack-Request-Id,X-Container-Meta-type,X-Container-Meta-Temp-URL-Key,Authorization
x-proxy-cache
HIT
icon1.png
123.selornews.com/dannig/common-player-arrow/img/ 		7 KB
8 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://123.selornews.com/dannig/common-player-arrow/img/icon1.png
Requested by
Host: 517s61.reminews.com
URL: https://517s61.reminews.com/dannig/common-player-arrow/index.html?var=1541502&ymid=2112031123ae1187fe5b4f4da0a138e72166&rc=1&mrc=0&fsc=0&zoneid=1601571&tburl=https://play-vids.com/?geo=nl&proxy=true
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
45.133.44.4 Philadelphia, United States, ASN39572 (ADVANCEDHOSTERS-AS, NL),
Reverse DNS
Software
nginx/1.18.0 /
Resource Hash

Request headers

Accept-Language
nl-NL,nl;q=0.9
Referer
https://517s61.reminews.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date
Fri, 03 Dec 2021 16:23:10 GMT
x-openstack-request-id
tx3a371b7f911d47879e956-00617824f4
x-trans-id
tx3a371b7f911d47879e956-00617824f4
x-timestamp
1621260766.56573
accept-ranges
bytes
expires
Sun, 05 Dec 2021 16:23:10 GMT
last-modified
Mon, 17 May 2021 14:12:47 GMT
server
nginx/1.18.0
etag
3d0ab5834c8bf7134e4d21fa3288317f
vary
Accept-Encoding
access-control-allow-methods
HEAD,GET,POST,PUT,PATCH,DELETE,OPTIONS
content-type
image/png
access-control-allow-origin
*
access-control-expose-headers
X-Container-Meta-Temp-Url-Key,X-Container-Bytes-Used,Last-Modified,X-Timestamp
cache-control
max-age=172800
content-length
7252
access-control-allow-headers
Content-Type,X-Requested-With,X-Auth-Token,X-Openstack-Request-Id,X-Container-Meta-type,X-Container-Meta-Temp-URL-Key,Authorization
x-proxy-cache
HIT
icon2.png
123.selornews.com/dannig/common-player-arrow/img/ 		4 KB
5 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://123.selornews.com/dannig/common-player-arrow/img/icon2.png
Requested by
Host: 517s61.reminews.com
URL: https://517s61.reminews.com/dannig/common-player-arrow/index.html?var=1541502&ymid=2112031123ae1187fe5b4f4da0a138e72166&rc=1&mrc=0&fsc=0&zoneid=1601571&tburl=https://play-vids.com/?geo=nl&proxy=true
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
45.133.44.4 Philadelphia, United States, ASN39572 (ADVANCEDHOSTERS-AS, NL),
Reverse DNS
Software
nginx/1.18.0 /
Resource Hash

Request headers

Accept-Language
nl-NL,nl;q=0.9
Referer
https://517s61.reminews.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date
Fri, 03 Dec 2021 16:23:10 GMT
x-openstack-request-id
txa9b08c83d6884e2e94886-00617824f0
x-trans-id
txa9b08c83d6884e2e94886-00617824f0
x-timestamp
1621260766.58366
accept-ranges
bytes
expires
Sun, 05 Dec 2021 16:23:10 GMT
last-modified
Mon, 17 May 2021 14:12:47 GMT
server
nginx/1.18.0
etag
c947d439eb93367f1af5b2a3d222f057
vary
Accept-Encoding
access-control-allow-methods
HEAD,GET,POST,PUT,PATCH,DELETE,OPTIONS
content-type
image/png
access-control-allow-origin
*
access-control-expose-headers
X-Container-Meta-Temp-Url-Key,X-Container-Bytes-Used,Last-Modified,X-Timestamp
cache-control
max-age=172800
content-length
4576
access-control-allow-headers
Content-Type,X-Requested-With,X-Auth-Token,X-Openstack-Request-Id,X-Container-Meta-type,X-Container-Meta-Temp-URL-Key,Authorization
x-proxy-cache
HIT
icon3.png
123.selornews.com/dannig/common-player-arrow/img/ 		8 KB
8 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://123.selornews.com/dannig/common-player-arrow/img/icon3.png
Requested by
Host: 517s61.reminews.com
URL: https://517s61.reminews.com/dannig/common-player-arrow/index.html?var=1541502&ymid=2112031123ae1187fe5b4f4da0a138e72166&rc=1&mrc=0&fsc=0&zoneid=1601571&tburl=https://play-vids.com/?geo=nl&proxy=true
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
45.133.44.4 Philadelphia, United States, ASN39572 (ADVANCEDHOSTERS-AS, NL),
Reverse DNS
Software
nginx/1.18.0 /
Resource Hash

Request headers

Accept-Language
nl-NL,nl;q=0.9
Referer
https://517s61.reminews.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date
Fri, 03 Dec 2021 16:23:10 GMT
x-openstack-request-id
txe836bc800dc74cab8c17e-00617824f0
x-trans-id
txe836bc800dc74cab8c17e-00617824f0
x-timestamp
1621260770.61859
accept-ranges
bytes
expires
Sun, 05 Dec 2021 16:23:10 GMT
last-modified
Mon, 17 May 2021 14:12:51 GMT
server
nginx/1.18.0
etag
8f3cc830da0b1fdf66bda7d1d734747b
vary
Accept-Encoding
access-control-allow-methods
HEAD,GET,POST,PUT,PATCH,DELETE,OPTIONS
content-type
image/png
access-control-allow-origin
*
access-control-expose-headers
X-Container-Meta-Temp-Url-Key,X-Container-Bytes-Used,Last-Modified,X-Timestamp
cache-control
max-age=172800
content-length
7847
access-control-allow-headers
Content-Type,X-Requested-With,X-Auth-Token,X-Openstack-Request-Id,X-Container-Meta-type,X-Container-Meta-Temp-URL-Key,Authorization
x-proxy-cache
HIT
icon4.png
123.selornews.com/dannig/common-player-arrow/img/ 		7 KB
7 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://123.selornews.com/dannig/common-player-arrow/img/icon4.png
Requested by
Host: 517s61.reminews.com
URL: https://517s61.reminews.com/dannig/common-player-arrow/index.html?var=1541502&ymid=2112031123ae1187fe5b4f4da0a138e72166&rc=1&mrc=0&fsc=0&zoneid=1601571&tburl=https://play-vids.com/?geo=nl&proxy=true
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
45.133.44.4 Philadelphia, United States, ASN39572 (ADVANCEDHOSTERS-AS, NL),
Reverse DNS
Software
nginx/1.18.0 /
Resource Hash

Request headers

Accept-Language
nl-NL,nl;q=0.9
Referer
https://517s61.reminews.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date
Fri, 03 Dec 2021 16:23:10 GMT
x-openstack-request-id
tx15b172dcb6084849bf123-00617824f0
x-trans-id
tx15b172dcb6084849bf123-00617824f0
x-timestamp
1621260766.57654
accept-ranges
bytes
expires
Sun, 05 Dec 2021 16:23:10 GMT
last-modified
Mon, 17 May 2021 14:12:47 GMT
server
nginx/1.18.0
etag
7ad7f32c1c0df7b4975cc41bda4ac435
vary
Accept-Encoding
access-control-allow-methods
HEAD,GET,POST,PUT,PATCH,DELETE,OPTIONS
content-type
image/png
access-control-allow-origin
*
access-control-expose-headers
X-Container-Meta-Temp-Url-Key,X-Container-Bytes-Used,Last-Modified,X-Timestamp
cache-control
max-age=172800
content-length
7032
access-control-allow-headers
Content-Type,X-Requested-With,X-Auth-Token,X-Openstack-Request-Id,X-Container-Meta-type,X-Container-Meta-Temp-URL-Key,Authorization
x-proxy-cache
HIT
icon5.png
123.selornews.com/dannig/common-player-arrow/img/ 		3 KB
4 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://123.selornews.com/dannig/common-player-arrow/img/icon5.png
Requested by
Host: 517s61.reminews.com
URL: https://517s61.reminews.com/dannig/common-player-arrow/index.html?var=1541502&ymid=2112031123ae1187fe5b4f4da0a138e72166&rc=1&mrc=0&fsc=0&zoneid=1601571&tburl=https://play-vids.com/?geo=nl&proxy=true
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
45.133.44.4 Philadelphia, United States, ASN39572 (ADVANCEDHOSTERS-AS, NL),
Reverse DNS
Software
nginx/1.18.0 /
Resource Hash

Request headers

Accept-Language
nl-NL,nl;q=0.9
Referer
https://517s61.reminews.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date
Fri, 03 Dec 2021 16:23:10 GMT
x-openstack-request-id
txb5043e51fe2e4d6988631-00617824f0
x-trans-id
txb5043e51fe2e4d6988631-00617824f0
x-timestamp
1621260766.74516
accept-ranges
bytes
expires
Sun, 05 Dec 2021 16:23:10 GMT
last-modified
Mon, 17 May 2021 14:12:47 GMT
server
nginx/1.18.0
etag
1e1a7582b5da63e10485d63f97abc9a0
vary
Accept-Encoding
access-control-allow-methods
HEAD,GET,POST,PUT,PATCH,DELETE,OPTIONS
content-type
image/png
access-control-allow-origin
*
access-control-expose-headers
X-Container-Meta-Temp-Url-Key,X-Container-Bytes-Used,Last-Modified,X-Timestamp
cache-control
max-age=172800
content-length
3264
access-control-allow-headers
Content-Type,X-Requested-With,X-Auth-Token,X-Openstack-Request-Id,X-Container-Meta-type,X-Container-Meta-Temp-URL-Key,Authorization
x-proxy-cache
HIT
icon7.png
123.selornews.com/dannig/common-player-arrow/img/ 		3 KB
4 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://123.selornews.com/dannig/common-player-arrow/img/icon7.png
Requested by
Host: 517s61.reminews.com
URL: https://517s61.reminews.com/dannig/common-player-arrow/index.html?var=1541502&ymid=2112031123ae1187fe5b4f4da0a138e72166&rc=1&mrc=0&fsc=0&zoneid=1601571&tburl=https://play-vids.com/?geo=nl&proxy=true
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
45.133.44.4 Philadelphia, United States, ASN39572 (ADVANCEDHOSTERS-AS, NL),
Reverse DNS
Software
nginx/1.18.0 /
Resource Hash

Request headers

Accept-Language
nl-NL,nl;q=0.9
Referer
https://517s61.reminews.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date
Fri, 03 Dec 2021 16:23:10 GMT
x-openstack-request-id
tx23eb648f44094a9e86fdc-00617824f0
x-trans-id
tx23eb648f44094a9e86fdc-00617824f0
x-timestamp
1621260767.43555
accept-ranges
bytes
expires
Sun, 05 Dec 2021 16:23:10 GMT
last-modified
Mon, 17 May 2021 14:12:48 GMT
server
nginx/1.18.0
etag
b512735542cb07b3b2dcf153a7dfe456
vary
Accept-Encoding
access-control-allow-methods
HEAD,GET,POST,PUT,PATCH,DELETE,OPTIONS
content-type
image/png
access-control-allow-origin
*
access-control-expose-headers
X-Container-Meta-Temp-Url-Key,X-Container-Bytes-Used,Last-Modified,X-Timestamp
cache-control
max-age=172800
content-length
3283
access-control-allow-headers
Content-Type,X-Requested-With,X-Auth-Token,X-Openstack-Request-Id,X-Container-Meta-type,X-Container-Meta-Temp-URL-Key,Authorization
x-proxy-cache
HIT
icon8.png
123.selornews.com/dannig/common-player-arrow/img/ 		4 KB
5 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://123.selornews.com/dannig/common-player-arrow/img/icon8.png
Requested by
Host: 517s61.reminews.com
URL: https://517s61.reminews.com/dannig/common-player-arrow/index.html?var=1541502&ymid=2112031123ae1187fe5b4f4da0a138e72166&rc=1&mrc=0&fsc=0&zoneid=1601571&tburl=https://play-vids.com/?geo=nl&proxy=true
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
45.133.44.4 Philadelphia, United States, ASN39572 (ADVANCEDHOSTERS-AS, NL),
Reverse DNS
Software
nginx/1.18.0 /
Resource Hash

Request headers

Accept-Language
nl-NL,nl;q=0.9
Referer
https://517s61.reminews.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date
Fri, 03 Dec 2021 16:23:10 GMT
x-openstack-request-id
tx287de7c84de84b77b385d-00617824f0
x-trans-id
tx287de7c84de84b77b385d-00617824f0
x-timestamp
1621260767.46514
accept-ranges
bytes
expires
Sun, 05 Dec 2021 16:23:10 GMT
last-modified
Mon, 17 May 2021 14:12:48 GMT
server
nginx/1.18.0
etag
f92d6474ebc6a3a0b576749cfb4afe98
vary
Accept-Encoding
access-control-allow-methods
HEAD,GET,POST,PUT,PATCH,DELETE,OPTIONS
content-type
image/png
access-control-allow-origin
*
access-control-expose-headers
X-Container-Meta-Temp-Url-Key,X-Container-Bytes-Used,Last-Modified,X-Timestamp
cache-control
max-age=172800
content-length
4064
access-control-allow-headers
Content-Type,X-Requested-With,X-Auth-Token,X-Openstack-Request-Id,X-Container-Meta-type,X-Container-Meta-Temp-URL-Key,Authorization
x-proxy-cache
HIT
afu.php
kneeansweras.com/ 		2 KB
1 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://kneeansweras.com/afu.php?zoneid=1541501&var=1541502
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
109.206.162.83 , Netherlands, ASN50245 (SERVEREL-AS, NL),
Reverse DNS
83.162.serverel.net
Software
nginx /
Resource Hash
65c61534c3b1597c82e18a1a58aa758203770b14acf043f813e730b3c86b2c2b

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36
Accept-Language
nl-NL,nl;q=0.9

Response headers

server
nginx
date
Fri, 03 Dec 2021 16:23:10 GMT
content-type
text/html; charset=utf-8
vary
Accept-Encoding
content-encoding
gzip
timing-allow-origin
*
submit.min.js
kneeansweras.com/ 		34 KB
14 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://kneeansweras.com/submit.min.js?2.0
Requested by
Host: kneeansweras.com
URL: https://kneeansweras.com/afu.php?zoneid=1541501&var=1541502
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
109.206.162.83 , Netherlands, ASN50245 (SERVEREL-AS, NL),
Reverse DNS
83.162.serverel.net
Software
nginx /
Resource Hash
85a367f436675a0f9ff723ab117c68ab0f704cd9f183bc40c8d5e06d647832b8

Request headers

Accept-Language
nl-NL,nl;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date
Fri, 03 Dec 2021 16:23:10 GMT
content-encoding
gzip
last-modified
Thu, 02 Dec 2021 12:43:17 GMT
server
nginx
etag
W/"61a8bf65-87fb"
vary
Accept-Encoding
content-type
application/javascript
timing-allow-origin
*
/
kneeansweras.com/ 		3 KB
2 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://kneeansweras.com/?r=dir&zoneid=1541501&var=1541502&pb=f769bd8914aa866f70b4705b7ba1c7c91638555790&psp=_4rR-Ees8eShSOECwl9fpdKzCMhTfHwhZ-QXonIse0tkLmq_p6O0NZ77rdZ-mZXHBDBmwaNmPTejm51d5s13XoT_IPtYLjZg2rNWuJRLaeh03j7SPU4sNC_SLMsZKa4c0OTBBRdjp18t5mpKMr-zDO3FSUYv0kBq4U3i9Z0ofpljnRA7vB6g-Bkoe_b16bPR6re3sLd0ocD_gxCJNoHePt3ormtCTyqL8HaJMq4ZVdjqhVA9rQ_6afHP3UWH5mGjkZBDlE6GS1SubiSgI5ChWCTNuQPM7SOnHr7uCoJ0ES-2XVcBh4V-ujamlEm1WuwUCN0p9PHT15hWGEBa59d3fh_O2dOMBOi03ayXXm6uErB-kLawilfkTUx0uibRII_FgrSBSH8T6_jZzzTlcOlUwZp3YV3CYNxeNDvOktC9Ys_k3TsV2nN2O2GwbOwM1gHQDdZyqu_eeuV1dZRBPj68gFs3ssnZ5MXBpJBOBVCThzYXn81STaPMSzh2qCDSJ-Oo0sq1gykhB4f-Tb6050SUsU3y33XpTJRkK66uO-nnzzKF_eQ5JxEqiDHYAxd-ELkofYHaNW0mCS6mMVg9OfjqcM_fArOmERcgK27gH28z5eiZqTqcHf-AwqJgvM0uytsrdMaxHfxTpFLYTqV3LxHDKACrr-f6b182x1Cyk7iKA8I7uC9jTJH5Yw==&nojs=0&ix=0&t=0&x=1600&y=1200&wcks=1&wgl=1&cnvs=1&os=0&md=0&bb=0&pl=Chrome%20PDF%20Plugin::Chrome%20PDF%20Viewer::Native%20Client&lang=en-US&pf=Linux%20x86_64&cd=24&0&pload=103
Requested by
Host: kneeansweras.com
URL: https://kneeansweras.com/submit.min.js?2.0
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
109.206.162.83 , Netherlands, ASN50245 (SERVEREL-AS, NL),
Reverse DNS
83.162.serverel.net
Software
nginx /
Resource Hash
4ca23aaa068be59fbeb5d37871a5bcefc9ff1197cff51f18a914b1f784d4a001

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36
Accept-Language
nl-NL,nl;q=0.9

Response headers

server
nginx
date
Fri, 03 Dec 2021 16:23:10 GMT
content-type
text/html; charset=utf-8
vary
Accept-Encoding
content-encoding
gzip
timing-allow-origin
*
index.html
517s61.reminews.com/dannig/common-player-arrow/ 		6 KB
7 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://517s61.reminews.com/dannig/common-player-arrow/index.html?var=1541501&ymid=2112031123690353c0d2a94448a2a6be98af&rc=1&mrc=0&fsc=0&zoneid=1601571&tburl=https://play-vids.com/?geo=nl&proxy=true
Requested by
Host: kneeansweras.com
URL: https://kneeansweras.com/?r=dir&zoneid=1541501&var=1541502&pb=f769bd8914aa866f70b4705b7ba1c7c91638555790&psp=_4rR-Ees8eShSOECwl9fpdKzCMhTfHwhZ-QXonIse0tkLmq_p6O0NZ77rdZ-mZXHBDBmwaNmPTejm51d5s13XoT_IPtYLjZg2rNWuJRLaeh03j7SPU4sNC_SLMsZKa4c0OTBBRdjp18t5mpKMr-zDO3FSUYv0kBq4U3i9Z0ofpljnRA7vB6g-Bkoe_b16bPR6re3sLd0ocD_gxCJNoHePt3ormtCTyqL8HaJMq4ZVdjqhVA9rQ_6afHP3UWH5mGjkZBDlE6GS1SubiSgI5ChWCTNuQPM7SOnHr7uCoJ0ES-2XVcBh4V-ujamlEm1WuwUCN0p9PHT15hWGEBa59d3fh_O2dOMBOi03ayXXm6uErB-kLawilfkTUx0uibRII_FgrSBSH8T6_jZzzTlcOlUwZp3YV3CYNxeNDvOktC9Ys_k3TsV2nN2O2GwbOwM1gHQDdZyqu_eeuV1dZRBPj68gFs3ssnZ5MXBpJBOBVCThzYXn81STaPMSzh2qCDSJ-Oo0sq1gykhB4f-Tb6050SUsU3y33XpTJRkK66uO-nnzzKF_eQ5JxEqiDHYAxd-ELkofYHaNW0mCS6mMVg9OfjqcM_fArOmERcgK27gH28z5eiZqTqcHf-AwqJgvM0uytsrdMaxHfxTpFLYTqV3LxHDKACrr-f6b182x1Cyk7iKA8I7uC9jTJH5Yw==&nojs=0&ix=0&t=0&x=1600&y=1200&wcks=1&wgl=1&cnvs=1&os=0&md=0&bb=0&pl=Chrome%20PDF%20Plugin::Chrome%20PDF%20Viewer::Native%20Client&lang=en-US&pf=Linux%20x86_64&cd=24&0&pload=103
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
45.133.44.3 Philadelphia, United States, ASN39572 (ADVANCEDHOSTERS-AS, NL),
Reverse DNS
Software
nginx/1.18.0 /
Resource Hash
dccc56b4834577790633f041a5c730b0f283352e63c8509a9da3961b170b6f96

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36
Accept-Language
nl-NL,nl;q=0.9

Response headers

date
Fri, 03 Dec 2021 16:23:10 GMT
content-type
text/html; charset=utf-8
content-length
6611
server
nginx/1.18.0
last-modified
Tue, 26 Oct 2021 15:52:40 GMT
etag
f46a63e0e4e733d7ddc6f46da00863bf
x-timestamp
1635263559.76455
x-trans-id
txf9973ab5455e4f86ae257-00617824f3
x-openstack-request-id
txf9973ab5455e4f86ae257-00617824f3
cache-control
max-age=172800
access-control-allow-origin
*
access-control-allow-methods
HEAD,GET,POST,PUT,PATCH,DELETE,OPTIONS
access-control-allow-headers
Content-Type,X-Requested-With,X-Auth-Token,X-Openstack-Request-Id,X-Container-Meta-type,X-Container-Meta-Temp-URL-Key,Authorization
access-control-expose-headers
X-Container-Meta-Temp-Url-Key,X-Container-Bytes-Used,Last-Modified,X-Timestamp
expires
Sun, 05 Dec 2021 16:23:10 GMT
vary
Accept-Encoding
x-proxy-cache
HIT
accept-ranges
bytes
dupa.gif
kneeansweras.com/ 		0
0
script.js
123.selornews.com/dannig/common-player-arrow/ 		4 KB
5 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://123.selornews.com/dannig/common-player-arrow/script.js?a=19
Requested by
Host: 517s61.reminews.com
URL: https://517s61.reminews.com/dannig/common-player-arrow/index.html?var=1541501&ymid=2112031123690353c0d2a94448a2a6be98af&rc=1&mrc=0&fsc=0&zoneid=1601571&tburl=https://play-vids.com/?geo=nl&proxy=true
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
45.133.44.4 Philadelphia, United States, ASN39572 (ADVANCEDHOSTERS-AS, NL),
Reverse DNS
Software
nginx/1.18.0 /
Resource Hash
4d23eca65ee87fd5bce9aaefc863c5f836ad13dbb3069c72533bddfe2054d0d9

Request headers

Accept-Language
nl-NL,nl;q=0.9
Referer
https://517s61.reminews.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date
Fri, 03 Dec 2021 16:23:10 GMT
x-openstack-request-id
tx511d3042704c4fa98c709-00617824f4
x-trans-id
tx511d3042704c4fa98c709-00617824f4
x-timestamp
1631013005.68768
accept-ranges
bytes
expires
Sun, 05 Dec 2021 16:23:10 GMT
last-modified
Tue, 07 Sep 2021 11:10:06 GMT
server
nginx/1.18.0
etag
9d479878f1dadd7ee15cebf73891e8ae
vary
Accept-Encoding
access-control-allow-methods
HEAD,GET,POST,PUT,PATCH,DELETE,OPTIONS
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
access-control-expose-headers
X-Container-Meta-Temp-Url-Key,X-Container-Bytes-Used,Last-Modified,X-Timestamp
cache-control
max-age=172800
content-length
4281
access-control-allow-headers
Content-Type,X-Requested-With,X-Auth-Token,X-Openstack-Request-Id,X-Container-Meta-type,X-Container-Meta-Temp-URL-Key,Authorization
x-proxy-cache
HIT
icon1.png
123.selornews.com/dannig/common-player-arrow/img/ 		7 KB
8 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://123.selornews.com/dannig/common-player-arrow/img/icon1.png
Requested by
Host: 517s61.reminews.com
URL: https://517s61.reminews.com/dannig/common-player-arrow/index.html?var=1541501&ymid=2112031123690353c0d2a94448a2a6be98af&rc=1&mrc=0&fsc=0&zoneid=1601571&tburl=https://play-vids.com/?geo=nl&proxy=true
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
45.133.44.4 Philadelphia, United States, ASN39572 (ADVANCEDHOSTERS-AS, NL),
Reverse DNS
Software
nginx/1.18.0 /
Resource Hash

Request headers

Accept-Language
nl-NL,nl;q=0.9
Referer
https://517s61.reminews.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date
Fri, 03 Dec 2021 16:23:10 GMT
x-openstack-request-id
tx3a371b7f911d47879e956-00617824f4
x-trans-id
tx3a371b7f911d47879e956-00617824f4
x-timestamp
1621260766.56573
accept-ranges
bytes
expires
Sun, 05 Dec 2021 16:23:10 GMT
last-modified
Mon, 17 May 2021 14:12:47 GMT
server
nginx/1.18.0
etag
3d0ab5834c8bf7134e4d21fa3288317f
vary
Accept-Encoding
access-control-allow-methods
HEAD,GET,POST,PUT,PATCH,DELETE,OPTIONS
content-type
image/png
access-control-allow-origin
*
access-control-expose-headers
X-Container-Meta-Temp-Url-Key,X-Container-Bytes-Used,Last-Modified,X-Timestamp
cache-control
max-age=172800
content-length
7252
access-control-allow-headers
Content-Type,X-Requested-With,X-Auth-Token,X-Openstack-Request-Id,X-Container-Meta-type,X-Container-Meta-Temp-URL-Key,Authorization
x-proxy-cache
HIT
icon2.png
123.selornews.com/dannig/common-player-arrow/img/ 		4 KB
5 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://123.selornews.com/dannig/common-player-arrow/img/icon2.png
Requested by
Host: 517s61.reminews.com
URL: https://517s61.reminews.com/dannig/common-player-arrow/index.html?var=1541501&ymid=2112031123690353c0d2a94448a2a6be98af&rc=1&mrc=0&fsc=0&zoneid=1601571&tburl=https://play-vids.com/?geo=nl&proxy=true
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
45.133.44.4 Philadelphia, United States, ASN39572 (ADVANCEDHOSTERS-AS, NL),
Reverse DNS
Software
nginx/1.18.0 /
Resource Hash

Request headers

Accept-Language
nl-NL,nl;q=0.9
Referer
https://517s61.reminews.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date
Fri, 03 Dec 2021 16:23:10 GMT
x-openstack-request-id
txa9b08c83d6884e2e94886-00617824f0
x-trans-id
txa9b08c83d6884e2e94886-00617824f0
x-timestamp
1621260766.58366
accept-ranges
bytes
expires
Sun, 05 Dec 2021 16:23:10 GMT
last-modified
Mon, 17 May 2021 14:12:47 GMT
server
nginx/1.18.0
etag
c947d439eb93367f1af5b2a3d222f057
vary
Accept-Encoding
access-control-allow-methods
HEAD,GET,POST,PUT,PATCH,DELETE,OPTIONS
content-type
image/png
access-control-allow-origin
*
access-control-expose-headers
X-Container-Meta-Temp-Url-Key,X-Container-Bytes-Used,Last-Modified,X-Timestamp
cache-control
max-age=172800
content-length
4576
access-control-allow-headers
Content-Type,X-Requested-With,X-Auth-Token,X-Openstack-Request-Id,X-Container-Meta-type,X-Container-Meta-Temp-URL-Key,Authorization
x-proxy-cache
HIT
icon3.png
123.selornews.com/dannig/common-player-arrow/img/ 		8 KB
8 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://123.selornews.com/dannig/common-player-arrow/img/icon3.png
Requested by
Host: 517s61.reminews.com
URL: https://517s61.reminews.com/dannig/common-player-arrow/index.html?var=1541501&ymid=2112031123690353c0d2a94448a2a6be98af&rc=1&mrc=0&fsc=0&zoneid=1601571&tburl=https://play-vids.com/?geo=nl&proxy=true
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
45.133.44.4 Philadelphia, United States, ASN39572 (ADVANCEDHOSTERS-AS, NL),
Reverse DNS
Software
nginx/1.18.0 /
Resource Hash

Request headers

Accept-Language
nl-NL,nl;q=0.9
Referer
https://517s61.reminews.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date
Fri, 03 Dec 2021 16:23:10 GMT
x-openstack-request-id
txe836bc800dc74cab8c17e-00617824f0
x-trans-id
txe836bc800dc74cab8c17e-00617824f0
x-timestamp
1621260770.61859
accept-ranges
bytes
expires
Sun, 05 Dec 2021 16:23:10 GMT
last-modified
Mon, 17 May 2021 14:12:51 GMT
server
nginx/1.18.0
etag
8f3cc830da0b1fdf66bda7d1d734747b
vary
Accept-Encoding
access-control-allow-methods
HEAD,GET,POST,PUT,PATCH,DELETE,OPTIONS
content-type
image/png
access-control-allow-origin
*
access-control-expose-headers
X-Container-Meta-Temp-Url-Key,X-Container-Bytes-Used,Last-Modified,X-Timestamp
cache-control
max-age=172800
content-length
7847
access-control-allow-headers
Content-Type,X-Requested-With,X-Auth-Token,X-Openstack-Request-Id,X-Container-Meta-type,X-Container-Meta-Temp-URL-Key,Authorization
x-proxy-cache
HIT
icon4.png
123.selornews.com/dannig/common-player-arrow/img/ 		7 KB
7 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://123.selornews.com/dannig/common-player-arrow/img/icon4.png
Requested by
Host: 517s61.reminews.com
URL: https://517s61.reminews.com/dannig/common-player-arrow/index.html?var=1541501&ymid=2112031123690353c0d2a94448a2a6be98af&rc=1&mrc=0&fsc=0&zoneid=1601571&tburl=https://play-vids.com/?geo=nl&proxy=true
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
45.133.44.4 Philadelphia, United States, ASN39572 (ADVANCEDHOSTERS-AS, NL),
Reverse DNS
Software
nginx/1.18.0 /
Resource Hash

Request headers

Accept-Language
nl-NL,nl;q=0.9
Referer
https://517s61.reminews.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date
Fri, 03 Dec 2021 16:23:10 GMT
x-openstack-request-id
tx15b172dcb6084849bf123-00617824f0
x-trans-id
tx15b172dcb6084849bf123-00617824f0
x-timestamp
1621260766.57654
accept-ranges
bytes
expires
Sun, 05 Dec 2021 16:23:10 GMT
last-modified
Mon, 17 May 2021 14:12:47 GMT
server
nginx/1.18.0
etag
7ad7f32c1c0df7b4975cc41bda4ac435
vary
Accept-Encoding
access-control-allow-methods
HEAD,GET,POST,PUT,PATCH,DELETE,OPTIONS
content-type
image/png
access-control-allow-origin
*
access-control-expose-headers
X-Container-Meta-Temp-Url-Key,X-Container-Bytes-Used,Last-Modified,X-Timestamp
cache-control
max-age=172800
content-length
7032
access-control-allow-headers
Content-Type,X-Requested-With,X-Auth-Token,X-Openstack-Request-Id,X-Container-Meta-type,X-Container-Meta-Temp-URL-Key,Authorization
x-proxy-cache
HIT
icon5.png
123.selornews.com/dannig/common-player-arrow/img/ 		3 KB
4 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://123.selornews.com/dannig/common-player-arrow/img/icon5.png
Requested by
Host: 517s61.reminews.com
URL: https://517s61.reminews.com/dannig/common-player-arrow/index.html?var=1541501&ymid=2112031123690353c0d2a94448a2a6be98af&rc=1&mrc=0&fsc=0&zoneid=1601571&tburl=https://play-vids.com/?geo=nl&proxy=true
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
45.133.44.4 Philadelphia, United States, ASN39572 (ADVANCEDHOSTERS-AS, NL),
Reverse DNS
Software
nginx/1.18.0 /
Resource Hash

Request headers

Accept-Language
nl-NL,nl;q=0.9
Referer
https://517s61.reminews.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date
Fri, 03 Dec 2021 16:23:10 GMT
x-openstack-request-id
txb5043e51fe2e4d6988631-00617824f0
x-trans-id
txb5043e51fe2e4d6988631-00617824f0
x-timestamp
1621260766.74516
accept-ranges
bytes
expires
Sun, 05 Dec 2021 16:23:10 GMT
last-modified
Mon, 17 May 2021 14:12:47 GMT
server
nginx/1.18.0
etag
1e1a7582b5da63e10485d63f97abc9a0
vary
Accept-Encoding
access-control-allow-methods
HEAD,GET,POST,PUT,PATCH,DELETE,OPTIONS
content-type
image/png
access-control-allow-origin
*
access-control-expose-headers
X-Container-Meta-Temp-Url-Key,X-Container-Bytes-Used,Last-Modified,X-Timestamp
cache-control
max-age=172800
content-length
3264
access-control-allow-headers
Content-Type,X-Requested-With,X-Auth-Token,X-Openstack-Request-Id,X-Container-Meta-type,X-Container-Meta-Temp-URL-Key,Authorization
x-proxy-cache
HIT
icon7.png
123.selornews.com/dannig/common-player-arrow/img/ 		3 KB
4 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://123.selornews.com/dannig/common-player-arrow/img/icon7.png
Requested by
Host: 517s61.reminews.com
URL: https://517s61.reminews.com/dannig/common-player-arrow/index.html?var=1541501&ymid=2112031123690353c0d2a94448a2a6be98af&rc=1&mrc=0&fsc=0&zoneid=1601571&tburl=https://play-vids.com/?geo=nl&proxy=true
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
45.133.44.4 Philadelphia, United States, ASN39572 (ADVANCEDHOSTERS-AS, NL),
Reverse DNS
Software
nginx/1.18.0 /
Resource Hash

Request headers

Accept-Language
nl-NL,nl;q=0.9
Referer
https://517s61.reminews.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date
Fri, 03 Dec 2021 16:23:10 GMT
x-openstack-request-id
tx23eb648f44094a9e86fdc-00617824f0
x-trans-id
tx23eb648f44094a9e86fdc-00617824f0
x-timestamp
1621260767.43555
accept-ranges
bytes
expires
Sun, 05 Dec 2021 16:23:10 GMT
last-modified
Mon, 17 May 2021 14:12:48 GMT
server
nginx/1.18.0
etag
b512735542cb07b3b2dcf153a7dfe456
vary
Accept-Encoding
access-control-allow-methods
HEAD,GET,POST,PUT,PATCH,DELETE,OPTIONS
content-type
image/png
access-control-allow-origin
*
access-control-expose-headers
X-Container-Meta-Temp-Url-Key,X-Container-Bytes-Used,Last-Modified,X-Timestamp
cache-control
max-age=172800
content-length
3283
access-control-allow-headers
Content-Type,X-Requested-With,X-Auth-Token,X-Openstack-Request-Id,X-Container-Meta-type,X-Container-Meta-Temp-URL-Key,Authorization
x-proxy-cache
HIT
icon8.png
123.selornews.com/dannig/common-player-arrow/img/ 		4 KB
5 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://123.selornews.com/dannig/common-player-arrow/img/icon8.png
Requested by
Host: 517s61.reminews.com
URL: https://517s61.reminews.com/dannig/common-player-arrow/index.html?var=1541501&ymid=2112031123690353c0d2a94448a2a6be98af&rc=1&mrc=0&fsc=0&zoneid=1601571&tburl=https://play-vids.com/?geo=nl&proxy=true
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
45.133.44.4 Philadelphia, United States, ASN39572 (ADVANCEDHOSTERS-AS, NL),
Reverse DNS
Software
nginx/1.18.0 /
Resource Hash

Request headers

Accept-Language
nl-NL,nl;q=0.9
Referer
https://517s61.reminews.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date
Fri, 03 Dec 2021 16:23:10 GMT
x-openstack-request-id
tx287de7c84de84b77b385d-00617824f0
x-trans-id
tx287de7c84de84b77b385d-00617824f0
x-timestamp
1621260767.46514
accept-ranges
bytes
expires
Sun, 05 Dec 2021 16:23:10 GMT
last-modified
Mon, 17 May 2021 14:12:48 GMT
server
nginx/1.18.0
etag
f92d6474ebc6a3a0b576749cfb4afe98
vary
Accept-Encoding
access-control-allow-methods
HEAD,GET,POST,PUT,PATCH,DELETE,OPTIONS
content-type
image/png
access-control-allow-origin
*
access-control-expose-headers
X-Container-Meta-Temp-Url-Key,X-Container-Bytes-Used,Last-Modified,X-Timestamp
cache-control
max-age=172800
content-length
4064
access-control-allow-headers
Content-Type,X-Requested-With,X-Auth-Token,X-Openstack-Request-Id,X-Container-Meta-type,X-Container-Meta-Temp-URL-Key,Authorization
x-proxy-cache
HIT
afu.php
kneeansweras.com/ 		2 KB
1 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://kneeansweras.com/afu.php?zoneid=1541502&var=1541501
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
109.206.162.83 , Netherlands, ASN50245 (SERVEREL-AS, NL),
Reverse DNS
83.162.serverel.net
Software
nginx /
Resource Hash
9d9cf1f5655437ef1919abf7f5ac0043296da443e7e5faa9f69f931ffbe728fe

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36
Accept-Language
nl-NL,nl;q=0.9

Response headers

server
nginx
date
Fri, 03 Dec 2021 16:23:10 GMT
content-type
text/html; charset=utf-8
vary
Accept-Encoding
content-encoding
gzip
timing-allow-origin
*
submit.min.js
kneeansweras.com/ 		34 KB
14 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://kneeansweras.com/submit.min.js?2.0
Requested by
Host: kneeansweras.com
URL: https://kneeansweras.com/afu.php?zoneid=1541502&var=1541501
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
109.206.162.83 , Netherlands, ASN50245 (SERVEREL-AS, NL),
Reverse DNS
83.162.serverel.net
Software
nginx /
Resource Hash
85a367f436675a0f9ff723ab117c68ab0f704cd9f183bc40c8d5e06d647832b8

Request headers

Accept-Language
nl-NL,nl;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date
Fri, 03 Dec 2021 16:23:10 GMT
content-encoding
gzip
last-modified
Thu, 02 Dec 2021 12:43:17 GMT
server
nginx
etag
W/"61a8bf65-87fb"
vary
Accept-Encoding
content-type
application/javascript
timing-allow-origin
*
/
kneeansweras.com/ 		3 KB
2 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://kneeansweras.com/?r=dir&zoneid=1541502&var=1541501&pb=f769bd8914aa866f70b4705b7ba1c7c91638555790&psp=rd7fjw7GvGkf9SjaWXkv78DyVDDSnKa2OBWmwk_MhFUhcMEZbw0ERWYBnAWDJKnocZxrfYUv3Yl4PsJQAHbtXL54cmqU0sjSCkq_88q_3iTLLqVEtw8SflgpWCGeuI2Oli1st8qBDxitB39UOk4JssEri2Y5AwHaXUy_BuND9hvrD8aH1qsAPZxIc6ybad4Q-xDsorFo_ngBSUBRZ5ZjqWNAaAvxtKlj0XgjJ0V8c1H58W8w5kvG9dmSpfum1ff1zAlRrweVaofyuDkrslZyaAq4O_5kq5IF2W2iL6FRG9f81a7nDBFks74LHMgk9TJugP-4vEnyKrPk4FzyLHgSQAfGtI_d4VG3ZPNZF1CrGwRNkhJ83xsPGsgOZ2uXM_OFnTyNwPHAcDo8b3Ck9tITOgNUPCM_qn6gNjIjeQ8imm4JH_A-sfSdZ9-lC65spuB951zxJlnbM2GmI4mWFptZcZ-cqgA_SfBgTL-WsoKdcpDtptBZAF06_dywpy2E1xC4iu8RXylgo8URb70HFivar05_dycOvZ4w7RJiOhl9d6KJlwobgq_VAvnmkgmyz6ar09EFMN6WWqlVssWGonjI2C7EPv8VSyGGG1hQ-k_U4Ii3TjFLRxcsg_JzvMd3YrseEkv39KZXOUrjoN2LZCn-DxHo8h0YoEPkvra1QwVVbQWf_pn5beW4oA==&nojs=0&ix=0&t=0&x=1600&y=1200&wcks=1&wgl=1&cnvs=1&os=0&md=0&bb=0&pl=Chrome%20PDF%20Plugin::Chrome%20PDF%20Viewer::Native%20Client&lang=en-US&pf=Linux%20x86_64&cd=24&0&pload=104
Requested by
Host: kneeansweras.com
URL: https://kneeansweras.com/submit.min.js?2.0
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
109.206.162.83 , Netherlands, ASN50245 (SERVEREL-AS, NL),
Reverse DNS
83.162.serverel.net
Software
nginx /
Resource Hash
2acd41ee7aa43d6f3b44fca46015395be5865d1461b31dac7e9fe2cab399808a

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36
Accept-Language
nl-NL,nl;q=0.9

Response headers

server
nginx
date
Fri, 03 Dec 2021 16:23:10 GMT
content-type
text/html; charset=utf-8
vary
Accept-Encoding
content-encoding
gzip
timing-allow-origin
*
index.html
517s61.reminews.com/dannig/common-player-arrow/ 		6 KB
7 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://517s61.reminews.com/dannig/common-player-arrow/index.html?var=1541502&ymid=2112031123b408e0a5bbf048faa8c4561d6b&rc=1&mrc=0&fsc=0&zoneid=1601571&tburl=https://play-vids.com/?geo=nl&proxy=true
Requested by
Host: kneeansweras.com
URL: https://kneeansweras.com/?r=dir&zoneid=1541502&var=1541501&pb=f769bd8914aa866f70b4705b7ba1c7c91638555790&psp=rd7fjw7GvGkf9SjaWXkv78DyVDDSnKa2OBWmwk_MhFUhcMEZbw0ERWYBnAWDJKnocZxrfYUv3Yl4PsJQAHbtXL54cmqU0sjSCkq_88q_3iTLLqVEtw8SflgpWCGeuI2Oli1st8qBDxitB39UOk4JssEri2Y5AwHaXUy_BuND9hvrD8aH1qsAPZxIc6ybad4Q-xDsorFo_ngBSUBRZ5ZjqWNAaAvxtKlj0XgjJ0V8c1H58W8w5kvG9dmSpfum1ff1zAlRrweVaofyuDkrslZyaAq4O_5kq5IF2W2iL6FRG9f81a7nDBFks74LHMgk9TJugP-4vEnyKrPk4FzyLHgSQAfGtI_d4VG3ZPNZF1CrGwRNkhJ83xsPGsgOZ2uXM_OFnTyNwPHAcDo8b3Ck9tITOgNUPCM_qn6gNjIjeQ8imm4JH_A-sfSdZ9-lC65spuB951zxJlnbM2GmI4mWFptZcZ-cqgA_SfBgTL-WsoKdcpDtptBZAF06_dywpy2E1xC4iu8RXylgo8URb70HFivar05_dycOvZ4w7RJiOhl9d6KJlwobgq_VAvnmkgmyz6ar09EFMN6WWqlVssWGonjI2C7EPv8VSyGGG1hQ-k_U4Ii3TjFLRxcsg_JzvMd3YrseEkv39KZXOUrjoN2LZCn-DxHo8h0YoEPkvra1QwVVbQWf_pn5beW4oA==&nojs=0&ix=0&t=0&x=1600&y=1200&wcks=1&wgl=1&cnvs=1&os=0&md=0&bb=0&pl=Chrome%20PDF%20Plugin::Chrome%20PDF%20Viewer::Native%20Client&lang=en-US&pf=Linux%20x86_64&cd=24&0&pload=104
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
45.133.44.3 Philadelphia, United States, ASN39572 (ADVANCEDHOSTERS-AS, NL),
Reverse DNS
Software
nginx/1.18.0 /
Resource Hash
dccc56b4834577790633f041a5c730b0f283352e63c8509a9da3961b170b6f96

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36
Accept-Language
nl-NL,nl;q=0.9

Response headers

date
Fri, 03 Dec 2021 16:23:10 GMT
content-type
text/html; charset=utf-8
content-length
6611
server
nginx/1.18.0
last-modified
Tue, 26 Oct 2021 15:52:40 GMT
etag
f46a63e0e4e733d7ddc6f46da00863bf
x-timestamp
1635263559.76455
x-trans-id
txf9973ab5455e4f86ae257-00617824f3
x-openstack-request-id
txf9973ab5455e4f86ae257-00617824f3
cache-control
max-age=172800
access-control-allow-origin
*
access-control-allow-methods
HEAD,GET,POST,PUT,PATCH,DELETE,OPTIONS
access-control-allow-headers
Content-Type,X-Requested-With,X-Auth-Token,X-Openstack-Request-Id,X-Container-Meta-type,X-Container-Meta-Temp-URL-Key,Authorization
access-control-expose-headers
X-Container-Meta-Temp-Url-Key,X-Container-Bytes-Used,Last-Modified,X-Timestamp
expires
Sun, 05 Dec 2021 16:23:10 GMT
vary
Accept-Encoding
x-proxy-cache
HIT
accept-ranges
bytes
dupa.gif
kneeansweras.com/ 		0
0
script.js
123.selornews.com/dannig/common-player-arrow/ 		4 KB
5 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://123.selornews.com/dannig/common-player-arrow/script.js?a=19
Requested by
Host: 517s61.reminews.com
URL: https://517s61.reminews.com/dannig/common-player-arrow/index.html?var=1541502&ymid=2112031123b408e0a5bbf048faa8c4561d6b&rc=1&mrc=0&fsc=0&zoneid=1601571&tburl=https://play-vids.com/?geo=nl&proxy=true
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
45.133.44.4 Philadelphia, United States, ASN39572 (ADVANCEDHOSTERS-AS, NL),
Reverse DNS
Software
nginx/1.18.0 /
Resource Hash
4d23eca65ee87fd5bce9aaefc863c5f836ad13dbb3069c72533bddfe2054d0d9

Request headers

Accept-Language
nl-NL,nl;q=0.9
Referer
https://517s61.reminews.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date
Fri, 03 Dec 2021 16:23:10 GMT
x-openstack-request-id
tx511d3042704c4fa98c709-00617824f4
x-trans-id
tx511d3042704c4fa98c709-00617824f4
x-timestamp
1631013005.68768
accept-ranges
bytes
expires
Sun, 05 Dec 2021 16:23:10 GMT
last-modified
Tue, 07 Sep 2021 11:10:06 GMT
server
nginx/1.18.0
etag
9d479878f1dadd7ee15cebf73891e8ae
vary
Accept-Encoding
access-control-allow-methods
HEAD,GET,POST,PUT,PATCH,DELETE,OPTIONS
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
access-control-expose-headers
X-Container-Meta-Temp-Url-Key,X-Container-Bytes-Used,Last-Modified,X-Timestamp
cache-control
max-age=172800
content-length
4281
access-control-allow-headers
Content-Type,X-Requested-With,X-Auth-Token,X-Openstack-Request-Id,X-Container-Meta-type,X-Container-Meta-Temp-URL-Key,Authorization
x-proxy-cache
HIT
icon1.png
123.selornews.com/dannig/common-player-arrow/img/ 		7 KB
8 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://123.selornews.com/dannig/common-player-arrow/img/icon1.png
Requested by
Host: 517s61.reminews.com
URL: https://517s61.reminews.com/dannig/common-player-arrow/index.html?var=1541502&ymid=2112031123b408e0a5bbf048faa8c4561d6b&rc=1&mrc=0&fsc=0&zoneid=1601571&tburl=https://play-vids.com/?geo=nl&proxy=true
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
45.133.44.4 Philadelphia, United States, ASN39572 (ADVANCEDHOSTERS-AS, NL),
Reverse DNS
Software
nginx/1.18.0 /
Resource Hash

Request headers

Accept-Language
nl-NL,nl;q=0.9
Referer
https://517s61.reminews.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date
Fri, 03 Dec 2021 16:23:10 GMT
x-openstack-request-id
tx3a371b7f911d47879e956-00617824f4
x-trans-id
tx3a371b7f911d47879e956-00617824f4
x-timestamp
1621260766.56573
accept-ranges
bytes
expires
Sun, 05 Dec 2021 16:23:10 GMT
last-modified
Mon, 17 May 2021 14:12:47 GMT
server
nginx/1.18.0
etag
3d0ab5834c8bf7134e4d21fa3288317f
vary
Accept-Encoding
access-control-allow-methods
HEAD,GET,POST,PUT,PATCH,DELETE,OPTIONS
content-type
image/png
access-control-allow-origin
*
access-control-expose-headers
X-Container-Meta-Temp-Url-Key,X-Container-Bytes-Used,Last-Modified,X-Timestamp
cache-control
max-age=172800
content-length
7252
access-control-allow-headers
Content-Type,X-Requested-With,X-Auth-Token,X-Openstack-Request-Id,X-Container-Meta-type,X-Container-Meta-Temp-URL-Key,Authorization
x-proxy-cache
HIT
icon2.png
123.selornews.com/dannig/common-player-arrow/img/ 		4 KB
5 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://123.selornews.com/dannig/common-player-arrow/img/icon2.png
Requested by
Host: 517s61.reminews.com
URL: https://517s61.reminews.com/dannig/common-player-arrow/index.html?var=1541502&ymid=2112031123b408e0a5bbf048faa8c4561d6b&rc=1&mrc=0&fsc=0&zoneid=1601571&tburl=https://play-vids.com/?geo=nl&proxy=true
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
45.133.44.4 Philadelphia, United States, ASN39572 (ADVANCEDHOSTERS-AS, NL),
Reverse DNS
Software
nginx/1.18.0 /
Resource Hash

Request headers

Accept-Language
nl-NL,nl;q=0.9
Referer
https://517s61.reminews.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date
Fri, 03 Dec 2021 16:23:10 GMT
x-openstack-request-id
txa9b08c83d6884e2e94886-00617824f0
x-trans-id
txa9b08c83d6884e2e94886-00617824f0
x-timestamp
1621260766.58366
accept-ranges
bytes
expires
Sun, 05 Dec 2021 16:23:10 GMT
last-modified
Mon, 17 May 2021 14:12:47 GMT
server
nginx/1.18.0
etag
c947d439eb93367f1af5b2a3d222f057
vary
Accept-Encoding
access-control-allow-methods
HEAD,GET,POST,PUT,PATCH,DELETE,OPTIONS
content-type
image/png
access-control-allow-origin
*
access-control-expose-headers
X-Container-Meta-Temp-Url-Key,X-Container-Bytes-Used,Last-Modified,X-Timestamp
cache-control
max-age=172800
content-length
4576
access-control-allow-headers
Content-Type,X-Requested-With,X-Auth-Token,X-Openstack-Request-Id,X-Container-Meta-type,X-Container-Meta-Temp-URL-Key,Authorization
x-proxy-cache
HIT
icon3.png
123.selornews.com/dannig/common-player-arrow/img/ 		8 KB
8 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://123.selornews.com/dannig/common-player-arrow/img/icon3.png
Requested by
Host: 517s61.reminews.com
URL: https://517s61.reminews.com/dannig/common-player-arrow/index.html?var=1541502&ymid=2112031123b408e0a5bbf048faa8c4561d6b&rc=1&mrc=0&fsc=0&zoneid=1601571&tburl=https://play-vids.com/?geo=nl&proxy=true
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
45.133.44.4 Philadelphia, United States, ASN39572 (ADVANCEDHOSTERS-AS, NL),
Reverse DNS
Software
nginx/1.18.0 /
Resource Hash

Request headers

Accept-Language
nl-NL,nl;q=0.9
Referer
https://517s61.reminews.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date
Fri, 03 Dec 2021 16:23:10 GMT
x-openstack-request-id
txe836bc800dc74cab8c17e-00617824f0
x-trans-id
txe836bc800dc74cab8c17e-00617824f0
x-timestamp
1621260770.61859
accept-ranges
bytes
expires
Sun, 05 Dec 2021 16:23:10 GMT
last-modified
Mon, 17 May 2021 14:12:51 GMT
server
nginx/1.18.0
etag
8f3cc830da0b1fdf66bda7d1d734747b
vary
Accept-Encoding
access-control-allow-methods
HEAD,GET,POST,PUT,PATCH,DELETE,OPTIONS
content-type
image/png
access-control-allow-origin
*
access-control-expose-headers
X-Container-Meta-Temp-Url-Key,X-Container-Bytes-Used,Last-Modified,X-Timestamp
cache-control
max-age=172800
content-length
7847
access-control-allow-headers
Content-Type,X-Requested-With,X-Auth-Token,X-Openstack-Request-Id,X-Container-Meta-type,X-Container-Meta-Temp-URL-Key,Authorization
x-proxy-cache
HIT
icon4.png
123.selornews.com/dannig/common-player-arrow/img/ 		7 KB
7 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://123.selornews.com/dannig/common-player-arrow/img/icon4.png
Requested by
Host: 517s61.reminews.com
URL: https://517s61.reminews.com/dannig/common-player-arrow/index.html?var=1541502&ymid=2112031123b408e0a5bbf048faa8c4561d6b&rc=1&mrc=0&fsc=0&zoneid=1601571&tburl=https://play-vids.com/?geo=nl&proxy=true
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
45.133.44.4 Philadelphia, United States, ASN39572 (ADVANCEDHOSTERS-AS, NL),
Reverse DNS
Software
nginx/1.18.0 /
Resource Hash

Request headers

Accept-Language
nl-NL,nl;q=0.9
Referer
https://517s61.reminews.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date
Fri, 03 Dec 2021 16:23:11 GMT
x-openstack-request-id
tx15b172dcb6084849bf123-00617824f0
x-trans-id
tx15b172dcb6084849bf123-00617824f0
x-timestamp
1621260766.57654
accept-ranges
bytes
expires
Sun, 05 Dec 2021 16:23:11 GMT
last-modified
Mon, 17 May 2021 14:12:47 GMT
server
nginx/1.18.0
etag
7ad7f32c1c0df7b4975cc41bda4ac435
vary
Accept-Encoding
access-control-allow-methods
HEAD,GET,POST,PUT,PATCH,DELETE,OPTIONS
content-type
image/png
access-control-allow-origin
*
access-control-expose-headers
X-Container-Meta-Temp-Url-Key,X-Container-Bytes-Used,Last-Modified,X-Timestamp
cache-control
max-age=172800
content-length
7032
access-control-allow-headers
Content-Type,X-Requested-With,X-Auth-Token,X-Openstack-Request-Id,X-Container-Meta-type,X-Container-Meta-Temp-URL-Key,Authorization
x-proxy-cache
HIT
icon5.png
123.selornews.com/dannig/common-player-arrow/img/ 		3 KB
4 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://123.selornews.com/dannig/common-player-arrow/img/icon5.png
Requested by
Host: 517s61.reminews.com
URL: https://517s61.reminews.com/dannig/common-player-arrow/index.html?var=1541502&ymid=2112031123b408e0a5bbf048faa8c4561d6b&rc=1&mrc=0&fsc=0&zoneid=1601571&tburl=https://play-vids.com/?geo=nl&proxy=true
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
45.133.44.4 Philadelphia, United States, ASN39572 (ADVANCEDHOSTERS-AS, NL),
Reverse DNS
Software
nginx/1.18.0 /
Resource Hash

Request headers

Accept-Language
nl-NL,nl;q=0.9
Referer
https://517s61.reminews.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date
Fri, 03 Dec 2021 16:23:11 GMT
x-openstack-request-id
txb5043e51fe2e4d6988631-00617824f0
x-trans-id
txb5043e51fe2e4d6988631-00617824f0
x-timestamp
1621260766.74516
accept-ranges
bytes
expires
Sun, 05 Dec 2021 16:23:11 GMT
last-modified
Mon, 17 May 2021 14:12:47 GMT
server
nginx/1.18.0
etag
1e1a7582b5da63e10485d63f97abc9a0
vary
Accept-Encoding
access-control-allow-methods
HEAD,GET,POST,PUT,PATCH,DELETE,OPTIONS
content-type
image/png
access-control-allow-origin
*
access-control-expose-headers
X-Container-Meta-Temp-Url-Key,X-Container-Bytes-Used,Last-Modified,X-Timestamp
cache-control
max-age=172800
content-length
3264
access-control-allow-headers
Content-Type,X-Requested-With,X-Auth-Token,X-Openstack-Request-Id,X-Container-Meta-type,X-Container-Meta-Temp-URL-Key,Authorization
x-proxy-cache
HIT
icon7.png
123.selornews.com/dannig/common-player-arrow/img/ 		3 KB
4 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://123.selornews.com/dannig/common-player-arrow/img/icon7.png
Requested by
Host: 517s61.reminews.com
URL: https://517s61.reminews.com/dannig/common-player-arrow/index.html?var=1541502&ymid=2112031123b408e0a5bbf048faa8c4561d6b&rc=1&mrc=0&fsc=0&zoneid=1601571&tburl=https://play-vids.com/?geo=nl&proxy=true
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
45.133.44.4 Philadelphia, United States, ASN39572 (ADVANCEDHOSTERS-AS, NL),
Reverse DNS
Software
nginx/1.18.0 /
Resource Hash

Request headers

Accept-Language
nl-NL,nl;q=0.9
Referer
https://517s61.reminews.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date
Fri, 03 Dec 2021 16:23:11 GMT
x-openstack-request-id
tx23eb648f44094a9e86fdc-00617824f0
x-trans-id
tx23eb648f44094a9e86fdc-00617824f0
x-timestamp
1621260767.43555
accept-ranges
bytes
expires
Sun, 05 Dec 2021 16:23:11 GMT
last-modified
Mon, 17 May 2021 14:12:48 GMT
server
nginx/1.18.0
etag
b512735542cb07b3b2dcf153a7dfe456
vary
Accept-Encoding
access-control-allow-methods
HEAD,GET,POST,PUT,PATCH,DELETE,OPTIONS
content-type
image/png
access-control-allow-origin
*
access-control-expose-headers
X-Container-Meta-Temp-Url-Key,X-Container-Bytes-Used,Last-Modified,X-Timestamp
cache-control
max-age=172800
content-length
3283
access-control-allow-headers
Content-Type,X-Requested-With,X-Auth-Token,X-Openstack-Request-Id,X-Container-Meta-type,X-Container-Meta-Temp-URL-Key,Authorization
x-proxy-cache
HIT
icon8.png
123.selornews.com/dannig/common-player-arrow/img/ 		4 KB
5 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://123.selornews.com/dannig/common-player-arrow/img/icon8.png
Requested by
Host: 517s61.reminews.com
URL: https://517s61.reminews.com/dannig/common-player-arrow/index.html?var=1541502&ymid=2112031123b408e0a5bbf048faa8c4561d6b&rc=1&mrc=0&fsc=0&zoneid=1601571&tburl=https://play-vids.com/?geo=nl&proxy=true
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
45.133.44.4 Philadelphia, United States, ASN39572 (ADVANCEDHOSTERS-AS, NL),
Reverse DNS
Software
nginx/1.18.0 /
Resource Hash

Request headers

Accept-Language
nl-NL,nl;q=0.9
Referer
https://517s61.reminews.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date
Fri, 03 Dec 2021 16:23:11 GMT
x-openstack-request-id
tx287de7c84de84b77b385d-00617824f0
x-trans-id
tx287de7c84de84b77b385d-00617824f0
x-timestamp
1621260767.46514
accept-ranges
bytes
expires
Sun, 05 Dec 2021 16:23:11 GMT
last-modified
Mon, 17 May 2021 14:12:48 GMT
server
nginx/1.18.0
etag
f92d6474ebc6a3a0b576749cfb4afe98
vary
Accept-Encoding
access-control-allow-methods
HEAD,GET,POST,PUT,PATCH,DELETE,OPTIONS
content-type
image/png
access-control-allow-origin
*
access-control-expose-headers
X-Container-Meta-Temp-Url-Key,X-Container-Bytes-Used,Last-Modified,X-Timestamp
cache-control
max-age=172800
content-length
4064
access-control-allow-headers
Content-Type,X-Requested-With,X-Auth-Token,X-Openstack-Request-Id,X-Container-Meta-type,X-Container-Meta-Temp-URL-Key,Authorization
x-proxy-cache
HIT
afu.php
kneeansweras.com/ 		2 KB
1 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://kneeansweras.com/afu.php?zoneid=1541501&var=1541502
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
109.206.162.83 , Netherlands, ASN50245 (SERVEREL-AS, NL),
Reverse DNS
83.162.serverel.net
Software
nginx /
Resource Hash
0ed6d35beb13e76ecdc8894b826a33930872d7df4aa933cd3e755c0d4c9fbd1d

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36
Accept-Language
nl-NL,nl;q=0.9

Response headers

server
nginx
date
Fri, 03 Dec 2021 16:23:11 GMT
content-type
text/html; charset=utf-8
vary
Accept-Encoding
content-encoding
gzip
timing-allow-origin
*
submit.min.js
kneeansweras.com/ 		34 KB
14 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://kneeansweras.com/submit.min.js?2.0
Requested by
Host: kneeansweras.com
URL: https://kneeansweras.com/afu.php?zoneid=1541501&var=1541502
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
109.206.162.83 , Netherlands, ASN50245 (SERVEREL-AS, NL),
Reverse DNS
83.162.serverel.net
Software
nginx /
Resource Hash
85a367f436675a0f9ff723ab117c68ab0f704cd9f183bc40c8d5e06d647832b8

Request headers

Accept-Language
nl-NL,nl;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date
Fri, 03 Dec 2021 16:23:11 GMT
content-encoding
gzip
last-modified
Thu, 02 Dec 2021 12:43:17 GMT
server
nginx
etag
W/"61a8bf65-87fb"
vary
Accept-Encoding
content-type
application/javascript
timing-allow-origin
*
/
kneeansweras.com/ 		3 KB
2 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://kneeansweras.com/?r=dir&zoneid=1541501&var=1541502&pb=cf1c6c26f33db445ca202d224aff256f1638555791&psp=BnSjbBOx0kxjk3c81qmeJzG1gRJ0A2b_7AGvZ78Z1CWA1Ro8GZE1niwgIOwPNF2t-39xjU_4mWp7mCei0eHhE85ksEAxXXaRo4vBeMd7GHeBReuNEXmjNLDw1Ki9dqqA7WAF4smDWQDA9--IWPIBua39q67Mr6NWv-TNo13-yijwX4xsx6CFKmTDgtjZ6FdV39Xiz2n11gKYoiWmRbk5K8GyWIlYhdrZziYeMRl_UwJq0MOBF5cLRk5zuYQT6dD_agBLDwyrxUVY58G5JAj9X_kKnBTY9QP16Q0AhgmEg30BR3sFoAhob38SFR9gUWTxvIvYfY0JeAJd7Hb0G70kzw0roHAeE1egYS2S_ec0f2-Ino-bJU2ehm9RHXgh1pRet48ZoZkppSLf0UsSYue9DeO5xzibQd1npQA20VgNkIgQ68TRHxsBRhuIv6KDm6_u2qrO32P1lFzXQfdFowz2Bt9hHyRuFlul1We6VqLSJGsmKUtphBzI59MUWZiRigvsmFupbuMtFta-fOh3rnmXABTiTeDiuKRTMYO0HCSQQzyDMpItClVOC6e5Uf98bLm_GmlSFwKpMCqgWJDQ4iJ36SbkwXbRZYvQ7aifdIsW4MDW9Qqp-7QOc9lb-c4HTNZTg6w8N8w2PqW6GiNW2kicCuHxV5-F-8tfAc7WviNJ3ITXRF1bm_383g==&nojs=0&ix=0&t=0&x=1600&y=1200&wcks=1&wgl=1&cnvs=1&os=0&md=0&bb=0&pl=Chrome%20PDF%20Plugin::Chrome%20PDF%20Viewer::Native%20Client&lang=en-US&pf=Linux%20x86_64&cd=24&0&pload=102
Requested by
Host: kneeansweras.com
URL: https://kneeansweras.com/submit.min.js?2.0
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
109.206.162.83 , Netherlands, ASN50245 (SERVEREL-AS, NL),
Reverse DNS
83.162.serverel.net
Software
nginx /
Resource Hash
0b1acc65c8e6f91f83ce23027c0a71bde90f3f2c57d97cace80c35b9fbfe3de8

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36
Accept-Language
nl-NL,nl;q=0.9

Response headers

server
nginx
date
Fri, 03 Dec 2021 16:23:11 GMT
content-type
text/html; charset=utf-8
vary
Accept-Encoding
content-encoding
gzip
timing-allow-origin
*
index.html
517s61.reminews.com/dannig/common-player-arrow/ 		6 KB
7 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://517s61.reminews.com/dannig/common-player-arrow/index.html?var=1541501&ymid=21120311236d35495a51f84bf08ea39721e6&rc=1&mrc=0&fsc=0&zoneid=1601571&tburl=https://play-vids.com/?geo=nl&proxy=true
Requested by
Host: kneeansweras.com
URL: https://kneeansweras.com/?r=dir&zoneid=1541501&var=1541502&pb=cf1c6c26f33db445ca202d224aff256f1638555791&psp=BnSjbBOx0kxjk3c81qmeJzG1gRJ0A2b_7AGvZ78Z1CWA1Ro8GZE1niwgIOwPNF2t-39xjU_4mWp7mCei0eHhE85ksEAxXXaRo4vBeMd7GHeBReuNEXmjNLDw1Ki9dqqA7WAF4smDWQDA9--IWPIBua39q67Mr6NWv-TNo13-yijwX4xsx6CFKmTDgtjZ6FdV39Xiz2n11gKYoiWmRbk5K8GyWIlYhdrZziYeMRl_UwJq0MOBF5cLRk5zuYQT6dD_agBLDwyrxUVY58G5JAj9X_kKnBTY9QP16Q0AhgmEg30BR3sFoAhob38SFR9gUWTxvIvYfY0JeAJd7Hb0G70kzw0roHAeE1egYS2S_ec0f2-Ino-bJU2ehm9RHXgh1pRet48ZoZkppSLf0UsSYue9DeO5xzibQd1npQA20VgNkIgQ68TRHxsBRhuIv6KDm6_u2qrO32P1lFzXQfdFowz2Bt9hHyRuFlul1We6VqLSJGsmKUtphBzI59MUWZiRigvsmFupbuMtFta-fOh3rnmXABTiTeDiuKRTMYO0HCSQQzyDMpItClVOC6e5Uf98bLm_GmlSFwKpMCqgWJDQ4iJ36SbkwXbRZYvQ7aifdIsW4MDW9Qqp-7QOc9lb-c4HTNZTg6w8N8w2PqW6GiNW2kicCuHxV5-F-8tfAc7WviNJ3ITXRF1bm_383g==&nojs=0&ix=0&t=0&x=1600&y=1200&wcks=1&wgl=1&cnvs=1&os=0&md=0&bb=0&pl=Chrome%20PDF%20Plugin::Chrome%20PDF%20Viewer::Native%20Client&lang=en-US&pf=Linux%20x86_64&cd=24&0&pload=102
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
45.133.44.3 Philadelphia, United States, ASN39572 (ADVANCEDHOSTERS-AS, NL),
Reverse DNS
Software
nginx/1.18.0 /
Resource Hash
dccc56b4834577790633f041a5c730b0f283352e63c8509a9da3961b170b6f96

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36
Accept-Language
nl-NL,nl;q=0.9

Response headers

date
Fri, 03 Dec 2021 16:23:11 GMT
content-type
text/html; charset=utf-8
content-length
6611
server
nginx/1.18.0
last-modified
Tue, 26 Oct 2021 15:52:40 GMT
etag
f46a63e0e4e733d7ddc6f46da00863bf
x-timestamp
1635263559.76455
x-trans-id
txf9973ab5455e4f86ae257-00617824f3
x-openstack-request-id
txf9973ab5455e4f86ae257-00617824f3
cache-control
max-age=172800
access-control-allow-origin
*
access-control-allow-methods
HEAD,GET,POST,PUT,PATCH,DELETE,OPTIONS
access-control-allow-headers
Content-Type,X-Requested-With,X-Auth-Token,X-Openstack-Request-Id,X-Container-Meta-type,X-Container-Meta-Temp-URL-Key,Authorization
access-control-expose-headers
X-Container-Meta-Temp-Url-Key,X-Container-Bytes-Used,Last-Modified,X-Timestamp
expires
Sun, 05 Dec 2021 16:23:11 GMT
vary
Accept-Encoding
x-proxy-cache
HIT
accept-ranges
bytes
dupa.gif
kneeansweras.com/ 		0
0
script.js
123.selornews.com/dannig/common-player-arrow/ 		4 KB
5 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://123.selornews.com/dannig/common-player-arrow/script.js?a=19
Requested by
Host: 517s61.reminews.com
URL: https://517s61.reminews.com/dannig/common-player-arrow/index.html?var=1541501&ymid=21120311236d35495a51f84bf08ea39721e6&rc=1&mrc=0&fsc=0&zoneid=1601571&tburl=https://play-vids.com/?geo=nl&proxy=true
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
45.133.44.4 Philadelphia, United States, ASN39572 (ADVANCEDHOSTERS-AS, NL),
Reverse DNS
Software
nginx/1.18.0 /
Resource Hash
4d23eca65ee87fd5bce9aaefc863c5f836ad13dbb3069c72533bddfe2054d0d9

Request headers

Accept-Language
nl-NL,nl;q=0.9
Referer
https://517s61.reminews.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date
Fri, 03 Dec 2021 16:23:11 GMT
x-openstack-request-id
tx511d3042704c4fa98c709-00617824f4
x-trans-id
tx511d3042704c4fa98c709-00617824f4
x-timestamp
1631013005.68768
accept-ranges
bytes
expires
Sun, 05 Dec 2021 16:23:11 GMT
last-modified
Tue, 07 Sep 2021 11:10:06 GMT
server
nginx/1.18.0
etag
9d479878f1dadd7ee15cebf73891e8ae
vary
Accept-Encoding
access-control-allow-methods
HEAD,GET,POST,PUT,PATCH,DELETE,OPTIONS
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
access-control-expose-headers
X-Container-Meta-Temp-Url-Key,X-Container-Bytes-Used,Last-Modified,X-Timestamp
cache-control
max-age=172800
content-length
4281
access-control-allow-headers
Content-Type,X-Requested-With,X-Auth-Token,X-Openstack-Request-Id,X-Container-Meta-type,X-Container-Meta-Temp-URL-Key,Authorization
x-proxy-cache
HIT
icon1.png
123.selornews.com/dannig/common-player-arrow/img/ 		7 KB
8 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://123.selornews.com/dannig/common-player-arrow/img/icon1.png
Requested by
Host: 517s61.reminews.com
URL: https://517s61.reminews.com/dannig/common-player-arrow/index.html?var=1541501&ymid=21120311236d35495a51f84bf08ea39721e6&rc=1&mrc=0&fsc=0&zoneid=1601571&tburl=https://play-vids.com/?geo=nl&proxy=true
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
45.133.44.4 Philadelphia, United States, ASN39572 (ADVANCEDHOSTERS-AS, NL),
Reverse DNS
Software
nginx/1.18.0 /
Resource Hash

Request headers

Accept-Language
nl-NL,nl;q=0.9
Referer
https://517s61.reminews.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date
Fri, 03 Dec 2021 16:23:11 GMT
x-openstack-request-id
tx3a371b7f911d47879e956-00617824f4
x-trans-id
tx3a371b7f911d47879e956-00617824f4
x-timestamp
1621260766.56573
accept-ranges
bytes
expires
Sun, 05 Dec 2021 16:23:11 GMT
last-modified
Mon, 17 May 2021 14:12:47 GMT
server
nginx/1.18.0
etag
3d0ab5834c8bf7134e4d21fa3288317f
vary
Accept-Encoding
access-control-allow-methods
HEAD,GET,POST,PUT,PATCH,DELETE,OPTIONS
content-type
image/png
access-control-allow-origin
*
access-control-expose-headers
X-Container-Meta-Temp-Url-Key,X-Container-Bytes-Used,Last-Modified,X-Timestamp
cache-control
max-age=172800
content-length
7252
access-control-allow-headers
Content-Type,X-Requested-With,X-Auth-Token,X-Openstack-Request-Id,X-Container-Meta-type,X-Container-Meta-Temp-URL-Key,Authorization
x-proxy-cache
HIT
icon2.png
123.selornews.com/dannig/common-player-arrow/img/ 		4 KB
5 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://123.selornews.com/dannig/common-player-arrow/img/icon2.png
Requested by
Host: 517s61.reminews.com
URL: https://517s61.reminews.com/dannig/common-player-arrow/index.html?var=1541501&ymid=21120311236d35495a51f84bf08ea39721e6&rc=1&mrc=0&fsc=0&zoneid=1601571&tburl=https://play-vids.com/?geo=nl&proxy=true
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
45.133.44.4 Philadelphia, United States, ASN39572 (ADVANCEDHOSTERS-AS, NL),
Reverse DNS
Software
nginx/1.18.0 /
Resource Hash

Request headers

Accept-Language
nl-NL,nl;q=0.9
Referer
https://517s61.reminews.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date
Fri, 03 Dec 2021 16:23:11 GMT
x-openstack-request-id
txa9b08c83d6884e2e94886-00617824f0
x-trans-id
txa9b08c83d6884e2e94886-00617824f0
x-timestamp
1621260766.58366
accept-ranges
bytes
expires
Sun, 05 Dec 2021 16:23:11 GMT
last-modified
Mon, 17 May 2021 14:12:47 GMT
server
nginx/1.18.0
etag
c947d439eb93367f1af5b2a3d222f057
vary
Accept-Encoding
access-control-allow-methods
HEAD,GET,POST,PUT,PATCH,DELETE,OPTIONS
content-type
image/png
access-control-allow-origin
*
access-control-expose-headers
X-Container-Meta-Temp-Url-Key,X-Container-Bytes-Used,Last-Modified,X-Timestamp
cache-control
max-age=172800
content-length
4576
access-control-allow-headers
Content-Type,X-Requested-With,X-Auth-Token,X-Openstack-Request-Id,X-Container-Meta-type,X-Container-Meta-Temp-URL-Key,Authorization
x-proxy-cache
HIT
icon3.png
123.selornews.com/dannig/common-player-arrow/img/ 		8 KB
8 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://123.selornews.com/dannig/common-player-arrow/img/icon3.png
Requested by
Host: 517s61.reminews.com
URL: https://517s61.reminews.com/dannig/common-player-arrow/index.html?var=1541501&ymid=21120311236d35495a51f84bf08ea39721e6&rc=1&mrc=0&fsc=0&zoneid=1601571&tburl=https://play-vids.com/?geo=nl&proxy=true
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
45.133.44.4 Philadelphia, United States, ASN39572 (ADVANCEDHOSTERS-AS, NL),
Reverse DNS
Software
nginx/1.18.0 /
Resource Hash

Request headers

Accept-Language
nl-NL,nl;q=0.9
Referer
https://517s61.reminews.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date
Fri, 03 Dec 2021 16:23:11 GMT
x-openstack-request-id
txe836bc800dc74cab8c17e-00617824f0
x-trans-id
txe836bc800dc74cab8c17e-00617824f0
x-timestamp
1621260770.61859
accept-ranges
bytes
expires
Sun, 05 Dec 2021 16:23:11 GMT
last-modified
Mon, 17 May 2021 14:12:51 GMT
server
nginx/1.18.0
etag
8f3cc830da0b1fdf66bda7d1d734747b
vary
Accept-Encoding
access-control-allow-methods
HEAD,GET,POST,PUT,PATCH,DELETE,OPTIONS
content-type
image/png
access-control-allow-origin
*
access-control-expose-headers
X-Container-Meta-Temp-Url-Key,X-Container-Bytes-Used,Last-Modified,X-Timestamp
cache-control
max-age=172800
content-length
7847
access-control-allow-headers
Content-Type,X-Requested-With,X-Auth-Token,X-Openstack-Request-Id,X-Container-Meta-type,X-Container-Meta-Temp-URL-Key,Authorization
x-proxy-cache
HIT
icon4.png
123.selornews.com/dannig/common-player-arrow/img/ 		7 KB
7 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://123.selornews.com/dannig/common-player-arrow/img/icon4.png
Requested by
Host: 517s61.reminews.com
URL: https://517s61.reminews.com/dannig/common-player-arrow/index.html?var=1541501&ymid=21120311236d35495a51f84bf08ea39721e6&rc=1&mrc=0&fsc=0&zoneid=1601571&tburl=https://play-vids.com/?geo=nl&proxy=true
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
45.133.44.4 Philadelphia, United States, ASN39572 (ADVANCEDHOSTERS-AS, NL),
Reverse DNS
Software
nginx/1.18.0 /
Resource Hash

Request headers

Accept-Language
nl-NL,nl;q=0.9
Referer
https://517s61.reminews.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date
Fri, 03 Dec 2021 16:23:11 GMT
x-openstack-request-id
tx15b172dcb6084849bf123-00617824f0
x-trans-id
tx15b172dcb6084849bf123-00617824f0
x-timestamp
1621260766.57654
accept-ranges
bytes
expires
Sun, 05 Dec 2021 16:23:11 GMT
last-modified
Mon, 17 May 2021 14:12:47 GMT
server
nginx/1.18.0
etag
7ad7f32c1c0df7b4975cc41bda4ac435
vary
Accept-Encoding
access-control-allow-methods
HEAD,GET,POST,PUT,PATCH,DELETE,OPTIONS
content-type
image/png
access-control-allow-origin
*
access-control-expose-headers
X-Container-Meta-Temp-Url-Key,X-Container-Bytes-Used,Last-Modified,X-Timestamp
cache-control
max-age=172800
content-length
7032
access-control-allow-headers
Content-Type,X-Requested-With,X-Auth-Token,X-Openstack-Request-Id,X-Container-Meta-type,X-Container-Meta-Temp-URL-Key,Authorization
x-proxy-cache
HIT
icon5.png
123.selornews.com/dannig/common-player-arrow/img/ 		3 KB
4 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://123.selornews.com/dannig/common-player-arrow/img/icon5.png
Requested by
Host: 517s61.reminews.com
URL: https://517s61.reminews.com/dannig/common-player-arrow/index.html?var=1541501&ymid=21120311236d35495a51f84bf08ea39721e6&rc=1&mrc=0&fsc=0&zoneid=1601571&tburl=https://play-vids.com/?geo=nl&proxy=true
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
45.133.44.4 Philadelphia, United States, ASN39572 (ADVANCEDHOSTERS-AS, NL),
Reverse DNS
Software
nginx/1.18.0 /
Resource Hash

Request headers

Accept-Language
nl-NL,nl;q=0.9
Referer
https://517s61.reminews.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date
Fri, 03 Dec 2021 16:23:11 GMT
x-openstack-request-id
txb5043e51fe2e4d6988631-00617824f0
x-trans-id
txb5043e51fe2e4d6988631-00617824f0
x-timestamp
1621260766.74516
accept-ranges
bytes
expires
Sun, 05 Dec 2021 16:23:11 GMT
last-modified
Mon, 17 May 2021 14:12:47 GMT
server
nginx/1.18.0
etag
1e1a7582b5da63e10485d63f97abc9a0
vary
Accept-Encoding
access-control-allow-methods
HEAD,GET,POST,PUT,PATCH,DELETE,OPTIONS
content-type
image/png
access-control-allow-origin
*
access-control-expose-headers
X-Container-Meta-Temp-Url-Key,X-Container-Bytes-Used,Last-Modified,X-Timestamp
cache-control
max-age=172800
content-length
3264
access-control-allow-headers
Content-Type,X-Requested-With,X-Auth-Token,X-Openstack-Request-Id,X-Container-Meta-type,X-Container-Meta-Temp-URL-Key,Authorization
x-proxy-cache
HIT
icon7.png
123.selornews.com/dannig/common-player-arrow/img/ 		3 KB
4 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://123.selornews.com/dannig/common-player-arrow/img/icon7.png
Requested by
Host: 517s61.reminews.com
URL: https://517s61.reminews.com/dannig/common-player-arrow/index.html?var=1541501&ymid=21120311236d35495a51f84bf08ea39721e6&rc=1&mrc=0&fsc=0&zoneid=1601571&tburl=https://play-vids.com/?geo=nl&proxy=true
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
45.133.44.4 Philadelphia, United States, ASN39572 (ADVANCEDHOSTERS-AS, NL),
Reverse DNS
Software
nginx/1.18.0 /
Resource Hash

Request headers

Accept-Language
nl-NL,nl;q=0.9
Referer
https://517s61.reminews.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date
Fri, 03 Dec 2021 16:23:11 GMT
x-openstack-request-id
tx23eb648f44094a9e86fdc-00617824f0
x-trans-id
tx23eb648f44094a9e86fdc-00617824f0
x-timestamp
1621260767.43555
accept-ranges
bytes
expires
Sun, 05 Dec 2021 16:23:11 GMT
last-modified
Mon, 17 May 2021 14:12:48 GMT
server
nginx/1.18.0
etag
b512735542cb07b3b2dcf153a7dfe456
vary
Accept-Encoding
access-control-allow-methods
HEAD,GET,POST,PUT,PATCH,DELETE,OPTIONS
content-type
image/png
access-control-allow-origin
*
access-control-expose-headers
X-Container-Meta-Temp-Url-Key,X-Container-Bytes-Used,Last-Modified,X-Timestamp
cache-control
max-age=172800
content-length
3283
access-control-allow-headers
Content-Type,X-Requested-With,X-Auth-Token,X-Openstack-Request-Id,X-Container-Meta-type,X-Container-Meta-Temp-URL-Key,Authorization
x-proxy-cache
HIT
icon8.png
123.selornews.com/dannig/common-player-arrow/img/ 		4 KB
5 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://123.selornews.com/dannig/common-player-arrow/img/icon8.png
Requested by
Host: 517s61.reminews.com
URL: https://517s61.reminews.com/dannig/common-player-arrow/index.html?var=1541501&ymid=21120311236d35495a51f84bf08ea39721e6&rc=1&mrc=0&fsc=0&zoneid=1601571&tburl=https://play-vids.com/?geo=nl&proxy=true
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
45.133.44.4 Philadelphia, United States, ASN39572 (ADVANCEDHOSTERS-AS, NL),
Reverse DNS
Software
nginx/1.18.0 /
Resource Hash

Request headers

Accept-Language
nl-NL,nl;q=0.9
Referer
https://517s61.reminews.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date
Fri, 03 Dec 2021 16:23:11 GMT
x-openstack-request-id
tx287de7c84de84b77b385d-00617824f0
x-trans-id
tx287de7c84de84b77b385d-00617824f0
x-timestamp
1621260767.46514
accept-ranges
bytes
expires
Sun, 05 Dec 2021 16:23:11 GMT
last-modified
Mon, 17 May 2021 14:12:48 GMT
server
nginx/1.18.0
etag
f92d6474ebc6a3a0b576749cfb4afe98
vary
Accept-Encoding
access-control-allow-methods
HEAD,GET,POST,PUT,PATCH,DELETE,OPTIONS
content-type
image/png
access-control-allow-origin
*
access-control-expose-headers
X-Container-Meta-Temp-Url-Key,X-Container-Bytes-Used,Last-Modified,X-Timestamp
cache-control
max-age=172800
content-length
4064
access-control-allow-headers
Content-Type,X-Requested-With,X-Auth-Token,X-Openstack-Request-Id,X-Container-Meta-type,X-Container-Meta-Temp-URL-Key,Authorization
x-proxy-cache
HIT
afu.php
kneeansweras.com/ 		2 KB
1 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://kneeansweras.com/afu.php?zoneid=1541502&var=1541501
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
109.206.162.83 , Netherlands, ASN50245 (SERVEREL-AS, NL),
Reverse DNS
83.162.serverel.net
Software
nginx /
Resource Hash
0b31750cfa6351889a7f51591973eabde6b537fe3ec52c1fdad278c143bae6a3

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36
Accept-Language
nl-NL,nl;q=0.9

Response headers

server
nginx
date
Fri, 03 Dec 2021 16:23:11 GMT
content-type
text/html; charset=utf-8
vary
Accept-Encoding
content-encoding
gzip
timing-allow-origin
*
submit.min.js
kneeansweras.com/ 		34 KB
14 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://kneeansweras.com/submit.min.js?2.0
Requested by
Host: kneeansweras.com
URL: https://kneeansweras.com/afu.php?zoneid=1541502&var=1541501
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
109.206.162.83 , Netherlands, ASN50245 (SERVEREL-AS, NL),
Reverse DNS
83.162.serverel.net
Software
nginx /
Resource Hash
85a367f436675a0f9ff723ab117c68ab0f704cd9f183bc40c8d5e06d647832b8

Request headers

Accept-Language
nl-NL,nl;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date
Fri, 03 Dec 2021 16:23:11 GMT
content-encoding
gzip
last-modified
Thu, 02 Dec 2021 12:43:17 GMT
server
nginx
etag
W/"61a8bf65-87fb"
vary
Accept-Encoding
content-type
application/javascript
timing-allow-origin
*
/
kneeansweras.com/ 		3 KB
2 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://kneeansweras.com/?r=dir&zoneid=1541502&var=1541501&pb=cf1c6c26f33db445ca202d224aff256f1638555791&psp=Nz9VO2rLPBHmrrcQ2UQvRzhNazqKCrtZ6kNyKqb4v0zJIlHYgsw0MwZM-W7VRJfudZJRYIT6Prwnf9JU5fgI6LbOa4-_3749TvRvmD3Z267bI7TkM4Ue_WOnaQHe6nA-XbCJ7t4fJ6NgH-O9IlAl7Fha4-UnA0K4qVx9-6AvktpiTTAbIHQygEqkZuOhCOJKOCmdJbVccpXWf7yXroGsloMhtN2iKN_M5e44SVVW5XEY0hAGqX18oYtMDlNwcJVgg4bViMDmzA2jbUj30vOBVokS9p1TtyZ5TELJy3Gd-HYBSOfWGWR0UY02CtPNh1-O6oU3_dhyNafrfoLXbCyD9cOdClzpuau4KDaUMvtCAATd-Lykfjr4-rsFvev-des6gdQPcrjTfzr9ytgwQIC4P_KNwUs4wZczMaqfpOHuQJbM4h8t7SDwTbbbABEPai6D0-31R4Tx4xIJq98pfDxSWSl4n2q9zWHFXMVFUjlL2W2VstLcoIyik4enkpA8zhpL_CEe8ue39jDA1Y6gjybrxJ1E0em0UCcRqqJEvb2WhLjujaftj7KHV0Dmsno-1KlKouW53PooOvHXT93LwdeIoHyRWL3rr-AR0FCrqGxpu0LqyuT0YB9H-yTnSLoAi5SljwxQ8w0ZwltMvfNY9Y-3yudiLM9eWFOYrNrJZjP7BB5MyTTNirktQw==&nojs=0&ix=0&t=0&x=1600&y=1200&wcks=1&wgl=1&cnvs=1&os=0&md=0&bb=0&pl=Chrome%20PDF%20Plugin::Chrome%20PDF%20Viewer::Native%20Client&lang=en-US&pf=Linux%20x86_64&cd=24&0&pload=102
Requested by
Host: kneeansweras.com
URL: https://kneeansweras.com/submit.min.js?2.0
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
109.206.162.83 , Netherlands, ASN50245 (SERVEREL-AS, NL),
Reverse DNS
83.162.serverel.net
Software
nginx /
Resource Hash
dc4833f549caf025214d022b93c5dc73d75baf1e20344138f138b528e766bdfa

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36
Accept-Language
nl-NL,nl;q=0.9

Response headers

server
nginx
date
Fri, 03 Dec 2021 16:23:11 GMT
content-type
text/html; charset=utf-8
vary
Accept-Encoding
content-encoding
gzip
timing-allow-origin
*
index.html
517s61.reminews.com/dannig/common-player-arrow/ 		6 KB
7 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://517s61.reminews.com/dannig/common-player-arrow/index.html?var=1541502&ymid=21120311238322eae0a5df4eaba8f7b32442&rc=1&mrc=0&fsc=0&zoneid=1601571&tburl=https://play-vids.com/?geo=nl&proxy=true
Requested by
Host: kneeansweras.com
URL: https://kneeansweras.com/?r=dir&zoneid=1541502&var=1541501&pb=cf1c6c26f33db445ca202d224aff256f1638555791&psp=Nz9VO2rLPBHmrrcQ2UQvRzhNazqKCrtZ6kNyKqb4v0zJIlHYgsw0MwZM-W7VRJfudZJRYIT6Prwnf9JU5fgI6LbOa4-_3749TvRvmD3Z267bI7TkM4Ue_WOnaQHe6nA-XbCJ7t4fJ6NgH-O9IlAl7Fha4-UnA0K4qVx9-6AvktpiTTAbIHQygEqkZuOhCOJKOCmdJbVccpXWf7yXroGsloMhtN2iKN_M5e44SVVW5XEY0hAGqX18oYtMDlNwcJVgg4bViMDmzA2jbUj30vOBVokS9p1TtyZ5TELJy3Gd-HYBSOfWGWR0UY02CtPNh1-O6oU3_dhyNafrfoLXbCyD9cOdClzpuau4KDaUMvtCAATd-Lykfjr4-rsFvev-des6gdQPcrjTfzr9ytgwQIC4P_KNwUs4wZczMaqfpOHuQJbM4h8t7SDwTbbbABEPai6D0-31R4Tx4xIJq98pfDxSWSl4n2q9zWHFXMVFUjlL2W2VstLcoIyik4enkpA8zhpL_CEe8ue39jDA1Y6gjybrxJ1E0em0UCcRqqJEvb2WhLjujaftj7KHV0Dmsno-1KlKouW53PooOvHXT93LwdeIoHyRWL3rr-AR0FCrqGxpu0LqyuT0YB9H-yTnSLoAi5SljwxQ8w0ZwltMvfNY9Y-3yudiLM9eWFOYrNrJZjP7BB5MyTTNirktQw==&nojs=0&ix=0&t=0&x=1600&y=1200&wcks=1&wgl=1&cnvs=1&os=0&md=0&bb=0&pl=Chrome%20PDF%20Plugin::Chrome%20PDF%20Viewer::Native%20Client&lang=en-US&pf=Linux%20x86_64&cd=24&0&pload=102
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
45.133.44.3 Philadelphia, United States, ASN39572 (ADVANCEDHOSTERS-AS, NL),
Reverse DNS
Software
nginx/1.18.0 /
Resource Hash
dccc56b4834577790633f041a5c730b0f283352e63c8509a9da3961b170b6f96

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36
Accept-Language
nl-NL,nl;q=0.9

Response headers

date
Fri, 03 Dec 2021 16:23:11 GMT
content-type
text/html; charset=utf-8
content-length
6611
server
nginx/1.18.0
last-modified
Tue, 26 Oct 2021 15:52:40 GMT
etag
f46a63e0e4e733d7ddc6f46da00863bf
x-timestamp
1635263559.76455
x-trans-id
txf9973ab5455e4f86ae257-00617824f3
x-openstack-request-id
txf9973ab5455e4f86ae257-00617824f3
cache-control
max-age=172800
access-control-allow-origin
*
access-control-allow-methods
HEAD,GET,POST,PUT,PATCH,DELETE,OPTIONS
access-control-allow-headers
Content-Type,X-Requested-With,X-Auth-Token,X-Openstack-Request-Id,X-Container-Meta-type,X-Container-Meta-Temp-URL-Key,Authorization
access-control-expose-headers
X-Container-Meta-Temp-Url-Key,X-Container-Bytes-Used,Last-Modified,X-Timestamp
expires
Sun, 05 Dec 2021 16:23:11 GMT
vary
Accept-Encoding
x-proxy-cache
HIT
accept-ranges
bytes
dupa.gif
kneeansweras.com/ 		0
0
script.js
123.selornews.com/dannig/common-player-arrow/ 		4 KB
5 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://123.selornews.com/dannig/common-player-arrow/script.js?a=19
Requested by
Host: 517s61.reminews.com
URL: https://517s61.reminews.com/dannig/common-player-arrow/index.html?var=1541502&ymid=21120311238322eae0a5df4eaba8f7b32442&rc=1&mrc=0&fsc=0&zoneid=1601571&tburl=https://play-vids.com/?geo=nl&proxy=true
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
45.133.44.4 Philadelphia, United States, ASN39572 (ADVANCEDHOSTERS-AS, NL),
Reverse DNS
Software
nginx/1.18.0 /
Resource Hash
4d23eca65ee87fd5bce9aaefc863c5f836ad13dbb3069c72533bddfe2054d0d9

Request headers

Accept-Language
nl-NL,nl;q=0.9
Referer
https://517s61.reminews.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date
Fri, 03 Dec 2021 16:23:11 GMT
x-openstack-request-id
tx511d3042704c4fa98c709-00617824f4
x-trans-id
tx511d3042704c4fa98c709-00617824f4
x-timestamp
1631013005.68768
accept-ranges
bytes
expires
Sun, 05 Dec 2021 16:23:11 GMT
last-modified
Tue, 07 Sep 2021 11:10:06 GMT
server
nginx/1.18.0
etag
9d479878f1dadd7ee15cebf73891e8ae
vary
Accept-Encoding
access-control-allow-methods
HEAD,GET,POST,PUT,PATCH,DELETE,OPTIONS
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
access-control-expose-headers
X-Container-Meta-Temp-Url-Key,X-Container-Bytes-Used,Last-Modified,X-Timestamp
cache-control
max-age=172800
content-length
4281
access-control-allow-headers
Content-Type,X-Requested-With,X-Auth-Token,X-Openstack-Request-Id,X-Container-Meta-type,X-Container-Meta-Temp-URL-Key,Authorization
x-proxy-cache
HIT
icon1.png
123.selornews.com/dannig/common-player-arrow/img/ 		7 KB
8 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://123.selornews.com/dannig/common-player-arrow/img/icon1.png
Requested by
Host: 517s61.reminews.com
URL: https://517s61.reminews.com/dannig/common-player-arrow/index.html?var=1541502&ymid=21120311238322eae0a5df4eaba8f7b32442&rc=1&mrc=0&fsc=0&zoneid=1601571&tburl=https://play-vids.com/?geo=nl&proxy=true
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
45.133.44.4 Philadelphia, United States, ASN39572 (ADVANCEDHOSTERS-AS, NL),
Reverse DNS
Software
nginx/1.18.0 /
Resource Hash

Request headers

Accept-Language
nl-NL,nl;q=0.9
Referer
https://517s61.reminews.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date
Fri, 03 Dec 2021 16:23:11 GMT
x-openstack-request-id
tx3a371b7f911d47879e956-00617824f4
x-trans-id
tx3a371b7f911d47879e956-00617824f4
x-timestamp
1621260766.56573
accept-ranges
bytes
expires
Sun, 05 Dec 2021 16:23:11 GMT
last-modified
Mon, 17 May 2021 14:12:47 GMT
server
nginx/1.18.0
etag
3d0ab5834c8bf7134e4d21fa3288317f
vary
Accept-Encoding
access-control-allow-methods
HEAD,GET,POST,PUT,PATCH,DELETE,OPTIONS
content-type
image/png
access-control-allow-origin
*
access-control-expose-headers
X-Container-Meta-Temp-Url-Key,X-Container-Bytes-Used,Last-Modified,X-Timestamp
cache-control
max-age=172800
content-length
7252
access-control-allow-headers
Content-Type,X-Requested-With,X-Auth-Token,X-Openstack-Request-Id,X-Container-Meta-type,X-Container-Meta-Temp-URL-Key,Authorization
x-proxy-cache
HIT
icon2.png
123.selornews.com/dannig/common-player-arrow/img/ 		4 KB
5 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://123.selornews.com/dannig/common-player-arrow/img/icon2.png
Requested by
Host: 517s61.reminews.com
URL: https://517s61.reminews.com/dannig/common-player-arrow/index.html?var=1541502&ymid=21120311238322eae0a5df4eaba8f7b32442&rc=1&mrc=0&fsc=0&zoneid=1601571&tburl=https://play-vids.com/?geo=nl&proxy=true
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
45.133.44.4 Philadelphia, United States, ASN39572 (ADVANCEDHOSTERS-AS, NL),
Reverse DNS
Software
nginx/1.18.0 /
Resource Hash

Request headers

Accept-Language
nl-NL,nl;q=0.9
Referer
https://517s61.reminews.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date
Fri, 03 Dec 2021 16:23:11 GMT
x-openstack-request-id
txa9b08c83d6884e2e94886-00617824f0
x-trans-id
txa9b08c83d6884e2e94886-00617824f0
x-timestamp
1621260766.58366
accept-ranges
bytes
expires
Sun, 05 Dec 2021 16:23:11 GMT
last-modified
Mon, 17 May 2021 14:12:47 GMT
server
nginx/1.18.0
etag
c947d439eb93367f1af5b2a3d222f057
vary
Accept-Encoding
access-control-allow-methods
HEAD,GET,POST,PUT,PATCH,DELETE,OPTIONS
content-type
image/png
access-control-allow-origin
*
access-control-expose-headers
X-Container-Meta-Temp-Url-Key,X-Container-Bytes-Used,Last-Modified,X-Timestamp
cache-control
max-age=172800
content-length
4576
access-control-allow-headers
Content-Type,X-Requested-With,X-Auth-Token,X-Openstack-Request-Id,X-Container-Meta-type,X-Container-Meta-Temp-URL-Key,Authorization
x-proxy-cache
HIT
icon3.png
123.selornews.com/dannig/common-player-arrow/img/ 		8 KB
8 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://123.selornews.com/dannig/common-player-arrow/img/icon3.png
Requested by
Host: 517s61.reminews.com
URL: https://517s61.reminews.com/dannig/common-player-arrow/index.html?var=1541502&ymid=21120311238322eae0a5df4eaba8f7b32442&rc=1&mrc=0&fsc=0&zoneid=1601571&tburl=https://play-vids.com/?geo=nl&proxy=true
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
45.133.44.4 Philadelphia, United States, ASN39572 (ADVANCEDHOSTERS-AS, NL),
Reverse DNS
Software
nginx/1.18.0 /
Resource Hash

Request headers

Accept-Language
nl-NL,nl;q=0.9
Referer
https://517s61.reminews.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date
Fri, 03 Dec 2021 16:23:11 GMT
x-openstack-request-id
txe836bc800dc74cab8c17e-00617824f0
x-trans-id
txe836bc800dc74cab8c17e-00617824f0
x-timestamp
1621260770.61859
accept-ranges
bytes
expires
Sun, 05 Dec 2021 16:23:11 GMT
last-modified
Mon, 17 May 2021 14:12:51 GMT
server
nginx/1.18.0
etag
8f3cc830da0b1fdf66bda7d1d734747b
vary
Accept-Encoding
access-control-allow-methods
HEAD,GET,POST,PUT,PATCH,DELETE,OPTIONS
content-type
image/png
access-control-allow-origin
*
access-control-expose-headers
X-Container-Meta-Temp-Url-Key,X-Container-Bytes-Used,Last-Modified,X-Timestamp
cache-control
max-age=172800
content-length
7847
access-control-allow-headers
Content-Type,X-Requested-With,X-Auth-Token,X-Openstack-Request-Id,X-Container-Meta-type,X-Container-Meta-Temp-URL-Key,Authorization
x-proxy-cache
HIT
icon4.png
123.selornews.com/dannig/common-player-arrow/img/ 		7 KB
7 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://123.selornews.com/dannig/common-player-arrow/img/icon4.png
Requested by
Host: 517s61.reminews.com
URL: https://517s61.reminews.com/dannig/common-player-arrow/index.html?var=1541502&ymid=21120311238322eae0a5df4eaba8f7b32442&rc=1&mrc=0&fsc=0&zoneid=1601571&tburl=https://play-vids.com/?geo=nl&proxy=true
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
45.133.44.4 Philadelphia, United States, ASN39572 (ADVANCEDHOSTERS-AS, NL),
Reverse DNS
Software
nginx/1.18.0 /
Resource Hash

Request headers

Accept-Language
nl-NL,nl;q=0.9
Referer
https://517s61.reminews.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date
Fri, 03 Dec 2021 16:23:11 GMT
x-openstack-request-id
tx15b172dcb6084849bf123-00617824f0
x-trans-id
tx15b172dcb6084849bf123-00617824f0
x-timestamp
1621260766.57654
accept-ranges
bytes
expires
Sun, 05 Dec 2021 16:23:11 GMT
last-modified
Mon, 17 May 2021 14:12:47 GMT
server
nginx/1.18.0
etag
7ad7f32c1c0df7b4975cc41bda4ac435
vary
Accept-Encoding
access-control-allow-methods
HEAD,GET,POST,PUT,PATCH,DELETE,OPTIONS
content-type
image/png
access-control-allow-origin
*
access-control-expose-headers
X-Container-Meta-Temp-Url-Key,X-Container-Bytes-Used,Last-Modified,X-Timestamp
cache-control
max-age=172800
content-length
7032
access-control-allow-headers
Content-Type,X-Requested-With,X-Auth-Token,X-Openstack-Request-Id,X-Container-Meta-type,X-Container-Meta-Temp-URL-Key,Authorization
x-proxy-cache
HIT
icon5.png
123.selornews.com/dannig/common-player-arrow/img/ 		3 KB
4 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://123.selornews.com/dannig/common-player-arrow/img/icon5.png
Requested by
Host: 517s61.reminews.com
URL: https://517s61.reminews.com/dannig/common-player-arrow/index.html?var=1541502&ymid=21120311238322eae0a5df4eaba8f7b32442&rc=1&mrc=0&fsc=0&zoneid=1601571&tburl=https://play-vids.com/?geo=nl&proxy=true
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
45.133.44.4 Philadelphia, United States, ASN39572 (ADVANCEDHOSTERS-AS, NL),
Reverse DNS
Software
nginx/1.18.0 /
Resource Hash

Request headers

Accept-Language
nl-NL,nl;q=0.9
Referer
https://517s61.reminews.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date
Fri, 03 Dec 2021 16:23:11 GMT
x-openstack-request-id
txb5043e51fe2e4d6988631-00617824f0
x-trans-id
txb5043e51fe2e4d6988631-00617824f0
x-timestamp
1621260766.74516
accept-ranges
bytes
expires
Sun, 05 Dec 2021 16:23:11 GMT
last-modified
Mon, 17 May 2021 14:12:47 GMT
server
nginx/1.18.0
etag
1e1a7582b5da63e10485d63f97abc9a0
vary
Accept-Encoding
access-control-allow-methods
HEAD,GET,POST,PUT,PATCH,DELETE,OPTIONS
content-type
image/png
access-control-allow-origin
*
access-control-expose-headers
X-Container-Meta-Temp-Url-Key,X-Container-Bytes-Used,Last-Modified,X-Timestamp
cache-control
max-age=172800
content-length
3264
access-control-allow-headers
Content-Type,X-Requested-With,X-Auth-Token,X-Openstack-Request-Id,X-Container-Meta-type,X-Container-Meta-Temp-URL-Key,Authorization
x-proxy-cache
HIT
icon7.png
123.selornews.com/dannig/common-player-arrow/img/ 		3 KB
4 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://123.selornews.com/dannig/common-player-arrow/img/icon7.png
Requested by
Host: 517s61.reminews.com
URL: https://517s61.reminews.com/dannig/common-player-arrow/index.html?var=1541502&ymid=21120311238322eae0a5df4eaba8f7b32442&rc=1&mrc=0&fsc=0&zoneid=1601571&tburl=https://play-vids.com/?geo=nl&proxy=true
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
45.133.44.4 Philadelphia, United States, ASN39572 (ADVANCEDHOSTERS-AS, NL),
Reverse DNS
Software
nginx/1.18.0 /
Resource Hash

Request headers

Accept-Language
nl-NL,nl;q=0.9
Referer
https://517s61.reminews.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date
Fri, 03 Dec 2021 16:23:11 GMT
x-openstack-request-id
tx23eb648f44094a9e86fdc-00617824f0
x-trans-id
tx23eb648f44094a9e86fdc-00617824f0
x-timestamp
1621260767.43555
accept-ranges
bytes
expires
Sun, 05 Dec 2021 16:23:11 GMT
last-modified
Mon, 17 May 2021 14:12:48 GMT
server
nginx/1.18.0
etag
b512735542cb07b3b2dcf153a7dfe456
vary
Accept-Encoding
access-control-allow-methods
HEAD,GET,POST,PUT,PATCH,DELETE,OPTIONS
content-type
image/png
access-control-allow-origin
*
access-control-expose-headers
X-Container-Meta-Temp-Url-Key,X-Container-Bytes-Used,Last-Modified,X-Timestamp
cache-control
max-age=172800
content-length
3283
access-control-allow-headers
Content-Type,X-Requested-With,X-Auth-Token,X-Openstack-Request-Id,X-Container-Meta-type,X-Container-Meta-Temp-URL-Key,Authorization
x-proxy-cache
HIT
icon8.png
123.selornews.com/dannig/common-player-arrow/img/ 		4 KB
5 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://123.selornews.com/dannig/common-player-arrow/img/icon8.png
Requested by
Host: 517s61.reminews.com
URL: https://517s61.reminews.com/dannig/common-player-arrow/index.html?var=1541502&ymid=21120311238322eae0a5df4eaba8f7b32442&rc=1&mrc=0&fsc=0&zoneid=1601571&tburl=https://play-vids.com/?geo=nl&proxy=true
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
45.133.44.4 Philadelphia, United States, ASN39572 (ADVANCEDHOSTERS-AS, NL),
Reverse DNS
Software
nginx/1.18.0 /
Resource Hash

Request headers

Accept-Language
nl-NL,nl;q=0.9
Referer
https://517s61.reminews.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date
Fri, 03 Dec 2021 16:23:11 GMT
x-openstack-request-id
tx287de7c84de84b77b385d-00617824f0
x-trans-id
tx287de7c84de84b77b385d-00617824f0
x-timestamp
1621260767.46514
accept-ranges
bytes
expires
Sun, 05 Dec 2021 16:23:11 GMT
last-modified
Mon, 17 May 2021 14:12:48 GMT
server
nginx/1.18.0
etag
f92d6474ebc6a3a0b576749cfb4afe98
vary
Accept-Encoding
access-control-allow-methods
HEAD,GET,POST,PUT,PATCH,DELETE,OPTIONS
content-type
image/png
access-control-allow-origin
*
access-control-expose-headers
X-Container-Meta-Temp-Url-Key,X-Container-Bytes-Used,Last-Modified,X-Timestamp
cache-control
max-age=172800
content-length
4064
access-control-allow-headers
Content-Type,X-Requested-With,X-Auth-Token,X-Openstack-Request-Id,X-Container-Meta-type,X-Container-Meta-Temp-URL-Key,Authorization
x-proxy-cache
HIT
afu.php
kneeansweras.com/ 		2 KB
1 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://kneeansweras.com/afu.php?zoneid=1541501&var=1541502
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
109.206.162.83 , Netherlands, ASN50245 (SERVEREL-AS, NL),
Reverse DNS
83.162.serverel.net
Software
nginx /
Resource Hash
d54bbc1d34faa28261cf8f866d99d71385901754208736e60248e69321790fd2

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36
Accept-Language
nl-NL,nl;q=0.9

Response headers

server
nginx
date
Fri, 03 Dec 2021 16:23:11 GMT
content-type
text/html; charset=utf-8
vary
Accept-Encoding
content-encoding
gzip
timing-allow-origin
*
submit.min.js
kneeansweras.com/ 		34 KB
14 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://kneeansweras.com/submit.min.js?2.0
Requested by
Host: kneeansweras.com
URL: https://kneeansweras.com/afu.php?zoneid=1541501&var=1541502
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
109.206.162.83 , Netherlands, ASN50245 (SERVEREL-AS, NL),
Reverse DNS
83.162.serverel.net
Software
nginx /
Resource Hash
85a367f436675a0f9ff723ab117c68ab0f704cd9f183bc40c8d5e06d647832b8

Request headers

Accept-Language
nl-NL,nl;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date
Fri, 03 Dec 2021 16:23:11 GMT
content-encoding
gzip
last-modified
Thu, 02 Dec 2021 12:43:17 GMT
server
nginx
etag
W/"61a8bf65-87fb"
vary
Accept-Encoding
content-type
application/javascript
timing-allow-origin
*
/
kneeansweras.com/ 		3 KB
2 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://kneeansweras.com/?r=dir&zoneid=1541501&var=1541502&pb=cf1c6c26f33db445ca202d224aff256f1638555791&psp=Mkj0Gc3ntoNh8e1mbFI_o23QQ9RYkaSQoj4jfP5keTcBAeVaexG7_lkNX6wJfNwZ8QfFw-Wc6cBf22v6CiuxiYBdA8hONsQhyoQNKBf-yMfvKJxlkUG2bQ2SBSWBn2zWvSbWsKl3VfWH0OGGIS8RiQAxW1zTCnkQXI34nOm_BZY182Pl9Si-9wmqN5nmyRa89WV26u9bYNkrkjrxwsmRcelcJ9nq6zBiXqMF8elugc-TFQeO31YaamwLZdIPWh41jtSuT3B2zWjMXGysyEVNi8jw9cfk_1SBB1ufegd4sqQb6s-hvVPJomgorMdHCYfL3GFmKn5zJSteb1_mlFOnc5tHZS0LS9S2FOueFsBzKe-OlplEFxZgG-2og7Noqpug0Y3ewTYcob0Q-8EDxcnw1xyqnNC2Mb3hJN8xrITH0sNjX6MwObVA09voW3M4NKblu8oEa6QjZRVBvpMDJ6HHhbjEBYIr4tt2W4EBH-QJPECb7Ql8rtiLo5CTPnRylA6BgPNECQS9LgfCoDBqCvtLQ9mE0MawH3btY7-grrF5pjIb3u-rzyzUZaKaQUnkcM43PhmRZekVSICdIiv4loSzyzUWRHQbfPhDNqsLKb6uxFQTyHf6-L65Zfyyf701s7ikrI-3iBUPstF0XcxizLmwuQGbRXZOwKT95kOPFD6DnbOsfAw_dqOH6g==&nojs=0&ix=0&t=0&x=1600&y=1200&wcks=1&wgl=1&cnvs=1&os=0&md=0&bb=0&pl=Chrome%20PDF%20Plugin::Chrome%20PDF%20Viewer::Native%20Client&lang=en-US&pf=Linux%20x86_64&cd=24&0&pload=102
Requested by
Host: kneeansweras.com
URL: https://kneeansweras.com/submit.min.js?2.0
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
109.206.162.83 , Netherlands, ASN50245 (SERVEREL-AS, NL),
Reverse DNS
83.162.serverel.net
Software
nginx /
Resource Hash
f1c3bc896a0513990ba213670d1a48f467db7931587a00dc2f6b7e7a570d82fe

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36
Accept-Language
nl-NL,nl;q=0.9

Response headers

server
nginx
date
Fri, 03 Dec 2021 16:23:11 GMT
content-type
text/html; charset=utf-8
vary
Accept-Encoding
content-encoding
gzip
timing-allow-origin
*
index.html
517s61.reminews.com/dannig/common-player-arrow/ 		6 KB
7 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://517s61.reminews.com/dannig/common-player-arrow/index.html?var=1541501&ymid=21120311236907a3616782407d9813f31e76&rc=1&mrc=0&fsc=0&zoneid=1601571&tburl=https://play-vids.com/?geo=nl&proxy=true
Requested by
Host: kneeansweras.com
URL: https://kneeansweras.com/?r=dir&zoneid=1541501&var=1541502&pb=cf1c6c26f33db445ca202d224aff256f1638555791&psp=Mkj0Gc3ntoNh8e1mbFI_o23QQ9RYkaSQoj4jfP5keTcBAeVaexG7_lkNX6wJfNwZ8QfFw-Wc6cBf22v6CiuxiYBdA8hONsQhyoQNKBf-yMfvKJxlkUG2bQ2SBSWBn2zWvSbWsKl3VfWH0OGGIS8RiQAxW1zTCnkQXI34nOm_BZY182Pl9Si-9wmqN5nmyRa89WV26u9bYNkrkjrxwsmRcelcJ9nq6zBiXqMF8elugc-TFQeO31YaamwLZdIPWh41jtSuT3B2zWjMXGysyEVNi8jw9cfk_1SBB1ufegd4sqQb6s-hvVPJomgorMdHCYfL3GFmKn5zJSteb1_mlFOnc5tHZS0LS9S2FOueFsBzKe-OlplEFxZgG-2og7Noqpug0Y3ewTYcob0Q-8EDxcnw1xyqnNC2Mb3hJN8xrITH0sNjX6MwObVA09voW3M4NKblu8oEa6QjZRVBvpMDJ6HHhbjEBYIr4tt2W4EBH-QJPECb7Ql8rtiLo5CTPnRylA6BgPNECQS9LgfCoDBqCvtLQ9mE0MawH3btY7-grrF5pjIb3u-rzyzUZaKaQUnkcM43PhmRZekVSICdIiv4loSzyzUWRHQbfPhDNqsLKb6uxFQTyHf6-L65Zfyyf701s7ikrI-3iBUPstF0XcxizLmwuQGbRXZOwKT95kOPFD6DnbOsfAw_dqOH6g==&nojs=0&ix=0&t=0&x=1600&y=1200&wcks=1&wgl=1&cnvs=1&os=0&md=0&bb=0&pl=Chrome%20PDF%20Plugin::Chrome%20PDF%20Viewer::Native%20Client&lang=en-US&pf=Linux%20x86_64&cd=24&0&pload=102
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
45.133.44.3 Philadelphia, United States, ASN39572 (ADVANCEDHOSTERS-AS, NL),
Reverse DNS
Software
nginx/1.18.0 /
Resource Hash
dccc56b4834577790633f041a5c730b0f283352e63c8509a9da3961b170b6f96

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36
Accept-Language
nl-NL,nl;q=0.9

Response headers

date
Fri, 03 Dec 2021 16:23:11 GMT
content-type
text/html; charset=utf-8
content-length
6611
server
nginx/1.18.0
last-modified
Tue, 26 Oct 2021 15:52:40 GMT
etag
f46a63e0e4e733d7ddc6f46da00863bf
x-timestamp
1635263559.76455
x-trans-id
txf9973ab5455e4f86ae257-00617824f3
x-openstack-request-id
txf9973ab5455e4f86ae257-00617824f3
cache-control
max-age=172800
access-control-allow-origin
*
access-control-allow-methods
HEAD,GET,POST,PUT,PATCH,DELETE,OPTIONS
access-control-allow-headers
Content-Type,X-Requested-With,X-Auth-Token,X-Openstack-Request-Id,X-Container-Meta-type,X-Container-Meta-Temp-URL-Key,Authorization
access-control-expose-headers
X-Container-Meta-Temp-Url-Key,X-Container-Bytes-Used,Last-Modified,X-Timestamp
expires
Sun, 05 Dec 2021 16:23:11 GMT
vary
Accept-Encoding
x-proxy-cache
HIT
accept-ranges
bytes
dupa.gif
kneeansweras.com/ 		0
0
script.js
123.selornews.com/dannig/common-player-arrow/ 		4 KB
5 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://123.selornews.com/dannig/common-player-arrow/script.js?a=19
Requested by
Host: 517s61.reminews.com
URL: https://517s61.reminews.com/dannig/common-player-arrow/index.html?var=1541501&ymid=21120311236907a3616782407d9813f31e76&rc=1&mrc=0&fsc=0&zoneid=1601571&tburl=https://play-vids.com/?geo=nl&proxy=true
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
45.133.44.4 Philadelphia, United States, ASN39572 (ADVANCEDHOSTERS-AS, NL),
Reverse DNS
Software
nginx/1.18.0 /
Resource Hash
4d23eca65ee87fd5bce9aaefc863c5f836ad13dbb3069c72533bddfe2054d0d9

Request headers

Accept-Language
nl-NL,nl;q=0.9
Referer
https://517s61.reminews.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date
Fri, 03 Dec 2021 16:23:11 GMT
x-openstack-request-id
tx511d3042704c4fa98c709-00617824f4
x-trans-id
tx511d3042704c4fa98c709-00617824f4
x-timestamp
1631013005.68768
accept-ranges
bytes
expires
Sun, 05 Dec 2021 16:23:11 GMT
last-modified
Tue, 07 Sep 2021 11:10:06 GMT
server
nginx/1.18.0
etag
9d479878f1dadd7ee15cebf73891e8ae
vary
Accept-Encoding
access-control-allow-methods
HEAD,GET,POST,PUT,PATCH,DELETE,OPTIONS
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
access-control-expose-headers
X-Container-Meta-Temp-Url-Key,X-Container-Bytes-Used,Last-Modified,X-Timestamp
cache-control
max-age=172800
content-length
4281
access-control-allow-headers
Content-Type,X-Requested-With,X-Auth-Token,X-Openstack-Request-Id,X-Container-Meta-type,X-Container-Meta-Temp-URL-Key,Authorization
x-proxy-cache
HIT
icon1.png
123.selornews.com/dannig/common-player-arrow/img/ 		7 KB
8 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://123.selornews.com/dannig/common-player-arrow/img/icon1.png
Requested by
Host: 517s61.reminews.com
URL: https://517s61.reminews.com/dannig/common-player-arrow/index.html?var=1541501&ymid=21120311236907a3616782407d9813f31e76&rc=1&mrc=0&fsc=0&zoneid=1601571&tburl=https://play-vids.com/?geo=nl&proxy=true
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
45.133.44.4 Philadelphia, United States, ASN39572 (ADVANCEDHOSTERS-AS, NL),
Reverse DNS
Software
nginx/1.18.0 /
Resource Hash

Request headers

Accept-Language
nl-NL,nl;q=0.9
Referer
https://517s61.reminews.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date
Fri, 03 Dec 2021 16:23:11 GMT
x-openstack-request-id
tx3a371b7f911d47879e956-00617824f4
x-trans-id
tx3a371b7f911d47879e956-00617824f4
x-timestamp
1621260766.56573
accept-ranges
bytes
expires
Sun, 05 Dec 2021 16:23:11 GMT
last-modified
Mon, 17 May 2021 14:12:47 GMT
server
nginx/1.18.0
etag
3d0ab5834c8bf7134e4d21fa3288317f
vary
Accept-Encoding
access-control-allow-methods
HEAD,GET,POST,PUT,PATCH,DELETE,OPTIONS
content-type
image/png
access-control-allow-origin
*
access-control-expose-headers
X-Container-Meta-Temp-Url-Key,X-Container-Bytes-Used,Last-Modified,X-Timestamp
cache-control
max-age=172800
content-length
7252
access-control-allow-headers
Content-Type,X-Requested-With,X-Auth-Token,X-Openstack-Request-Id,X-Container-Meta-type,X-Container-Meta-Temp-URL-Key,Authorization
x-proxy-cache
HIT
icon2.png
123.selornews.com/dannig/common-player-arrow/img/ 		4 KB
5 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://123.selornews.com/dannig/common-player-arrow/img/icon2.png
Requested by
Host: 517s61.reminews.com
URL: https://517s61.reminews.com/dannig/common-player-arrow/index.html?var=1541501&ymid=21120311236907a3616782407d9813f31e76&rc=1&mrc=0&fsc=0&zoneid=1601571&tburl=https://play-vids.com/?geo=nl&proxy=true
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
45.133.44.4 Philadelphia, United States, ASN39572 (ADVANCEDHOSTERS-AS, NL),
Reverse DNS
Software
nginx/1.18.0 /
Resource Hash

Request headers

Accept-Language
nl-NL,nl;q=0.9
Referer
https://517s61.reminews.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date
Fri, 03 Dec 2021 16:23:11 GMT
x-openstack-request-id
txa9b08c83d6884e2e94886-00617824f0
x-trans-id
txa9b08c83d6884e2e94886-00617824f0
x-timestamp
1621260766.58366
accept-ranges
bytes
expires
Sun, 05 Dec 2021 16:23:11 GMT
last-modified
Mon, 17 May 2021 14:12:47 GMT
server
nginx/1.18.0
etag
c947d439eb93367f1af5b2a3d222f057
vary
Accept-Encoding
access-control-allow-methods
HEAD,GET,POST,PUT,PATCH,DELETE,OPTIONS
content-type
image/png
access-control-allow-origin
*
access-control-expose-headers
X-Container-Meta-Temp-Url-Key,X-Container-Bytes-Used,Last-Modified,X-Timestamp
cache-control
max-age=172800
content-length
4576
access-control-allow-headers
Content-Type,X-Requested-With,X-Auth-Token,X-Openstack-Request-Id,X-Container-Meta-type,X-Container-Meta-Temp-URL-Key,Authorization
x-proxy-cache
HIT
icon3.png
123.selornews.com/dannig/common-player-arrow/img/ 		8 KB
8 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://123.selornews.com/dannig/common-player-arrow/img/icon3.png
Requested by
Host: 517s61.reminews.com
URL: https://517s61.reminews.com/dannig/common-player-arrow/index.html?var=1541501&ymid=21120311236907a3616782407d9813f31e76&rc=1&mrc=0&fsc=0&zoneid=1601571&tburl=https://play-vids.com/?geo=nl&proxy=true
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
45.133.44.4 Philadelphia, United States, ASN39572 (ADVANCEDHOSTERS-AS, NL),
Reverse DNS
Software
nginx/1.18.0 /
Resource Hash

Request headers

Accept-Language
nl-NL,nl;q=0.9
Referer
https://517s61.reminews.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date
Fri, 03 Dec 2021 16:23:11 GMT
x-openstack-request-id
txe836bc800dc74cab8c17e-00617824f0
x-trans-id
txe836bc800dc74cab8c17e-00617824f0
x-timestamp
1621260770.61859
accept-ranges
bytes
expires
Sun, 05 Dec 2021 16:23:11 GMT
last-modified
Mon, 17 May 2021 14:12:51 GMT
server
nginx/1.18.0
etag
8f3cc830da0b1fdf66bda7d1d734747b
vary
Accept-Encoding
access-control-allow-methods
HEAD,GET,POST,PUT,PATCH,DELETE,OPTIONS
content-type
image/png
access-control-allow-origin
*
access-control-expose-headers
X-Container-Meta-Temp-Url-Key,X-Container-Bytes-Used,Last-Modified,X-Timestamp
cache-control
max-age=172800
content-length
7847
access-control-allow-headers
Content-Type,X-Requested-With,X-Auth-Token,X-Openstack-Request-Id,X-Container-Meta-type,X-Container-Meta-Temp-URL-Key,Authorization
x-proxy-cache
HIT
icon4.png
123.selornews.com/dannig/common-player-arrow/img/ 		7 KB
7 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://123.selornews.com/dannig/common-player-arrow/img/icon4.png
Requested by
Host: 517s61.reminews.com
URL: https://517s61.reminews.com/dannig/common-player-arrow/index.html?var=1541501&ymid=21120311236907a3616782407d9813f31e76&rc=1&mrc=0&fsc=0&zoneid=1601571&tburl=https://play-vids.com/?geo=nl&proxy=true
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
45.133.44.4 Philadelphia, United States, ASN39572 (ADVANCEDHOSTERS-AS, NL),
Reverse DNS
Software
nginx/1.18.0 /
Resource Hash

Request headers

Accept-Language
nl-NL,nl;q=0.9
Referer
https://517s61.reminews.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date
Fri, 03 Dec 2021 16:23:11 GMT
x-openstack-request-id
tx15b172dcb6084849bf123-00617824f0
x-trans-id
tx15b172dcb6084849bf123-00617824f0
x-timestamp
1621260766.57654
accept-ranges
bytes
expires
Sun, 05 Dec 2021 16:23:11 GMT
last-modified
Mon, 17 May 2021 14:12:47 GMT
server
nginx/1.18.0
etag
7ad7f32c1c0df7b4975cc41bda4ac435
vary
Accept-Encoding
access-control-allow-methods
HEAD,GET,POST,PUT,PATCH,DELETE,OPTIONS
content-type
image/png
access-control-allow-origin
*
access-control-expose-headers
X-Container-Meta-Temp-Url-Key,X-Container-Bytes-Used,Last-Modified,X-Timestamp
cache-control
max-age=172800
content-length
7032
access-control-allow-headers
Content-Type,X-Requested-With,X-Auth-Token,X-Openstack-Request-Id,X-Container-Meta-type,X-Container-Meta-Temp-URL-Key,Authorization
x-proxy-cache
HIT
icon5.png
123.selornews.com/dannig/common-player-arrow/img/ 		3 KB
4 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://123.selornews.com/dannig/common-player-arrow/img/icon5.png
Requested by
Host: 517s61.reminews.com
URL: https://517s61.reminews.com/dannig/common-player-arrow/index.html?var=1541501&ymid=21120311236907a3616782407d9813f31e76&rc=1&mrc=0&fsc=0&zoneid=1601571&tburl=https://play-vids.com/?geo=nl&proxy=true
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
45.133.44.4 Philadelphia, United States, ASN39572 (ADVANCEDHOSTERS-AS, NL),
Reverse DNS
Software
nginx/1.18.0 /
Resource Hash

Request headers

Accept-Language
nl-NL,nl;q=0.9
Referer
https://517s61.reminews.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date
Fri, 03 Dec 2021 16:23:11 GMT
x-openstack-request-id
txb5043e51fe2e4d6988631-00617824f0
x-trans-id
txb5043e51fe2e4d6988631-00617824f0
x-timestamp
1621260766.74516
accept-ranges
bytes
expires
Sun, 05 Dec 2021 16:23:11 GMT
last-modified
Mon, 17 May 2021 14:12:47 GMT
server
nginx/1.18.0
etag
1e1a7582b5da63e10485d63f97abc9a0
vary
Accept-Encoding
access-control-allow-methods
HEAD,GET,POST,PUT,PATCH,DELETE,OPTIONS
content-type
image/png
access-control-allow-origin
*
access-control-expose-headers
X-Container-Meta-Temp-Url-Key,X-Container-Bytes-Used,Last-Modified,X-Timestamp
cache-control
max-age=172800
content-length
3264
access-control-allow-headers
Content-Type,X-Requested-With,X-Auth-Token,X-Openstack-Request-Id,X-Container-Meta-type,X-Container-Meta-Temp-URL-Key,Authorization
x-proxy-cache
HIT
icon7.png
123.selornews.com/dannig/common-player-arrow/img/ 		3 KB
4 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://123.selornews.com/dannig/common-player-arrow/img/icon7.png
Requested by
Host: 517s61.reminews.com
URL: https://517s61.reminews.com/dannig/common-player-arrow/index.html?var=1541501&ymid=21120311236907a3616782407d9813f31e76&rc=1&mrc=0&fsc=0&zoneid=1601571&tburl=https://play-vids.com/?geo=nl&proxy=true
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
45.133.44.4 Philadelphia, United States, ASN39572 (ADVANCEDHOSTERS-AS, NL),
Reverse DNS
Software
nginx/1.18.0 /
Resource Hash

Request headers

Accept-Language
nl-NL,nl;q=0.9
Referer
https://517s61.reminews.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date
Fri, 03 Dec 2021 16:23:11 GMT
x-openstack-request-id
tx23eb648f44094a9e86fdc-00617824f0
x-trans-id
tx23eb648f44094a9e86fdc-00617824f0
x-timestamp
1621260767.43555
accept-ranges
bytes
expires
Sun, 05 Dec 2021 16:23:11 GMT
last-modified
Mon, 17 May 2021 14:12:48 GMT
server
nginx/1.18.0
etag
b512735542cb07b3b2dcf153a7dfe456
vary
Accept-Encoding
access-control-allow-methods
HEAD,GET,POST,PUT,PATCH,DELETE,OPTIONS
content-type
image/png
access-control-allow-origin
*
access-control-expose-headers
X-Container-Meta-Temp-Url-Key,X-Container-Bytes-Used,Last-Modified,X-Timestamp
cache-control
max-age=172800
content-length
3283
access-control-allow-headers
Content-Type,X-Requested-With,X-Auth-Token,X-Openstack-Request-Id,X-Container-Meta-type,X-Container-Meta-Temp-URL-Key,Authorization
x-proxy-cache
HIT
icon8.png
123.selornews.com/dannig/common-player-arrow/img/ 		4 KB
5 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://123.selornews.com/dannig/common-player-arrow/img/icon8.png
Requested by
Host: 517s61.reminews.com
URL: https://517s61.reminews.com/dannig/common-player-arrow/index.html?var=1541501&ymid=21120311236907a3616782407d9813f31e76&rc=1&mrc=0&fsc=0&zoneid=1601571&tburl=https://play-vids.com/?geo=nl&proxy=true
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
45.133.44.4 Philadelphia, United States, ASN39572 (ADVANCEDHOSTERS-AS, NL),
Reverse DNS
Software
nginx/1.18.0 /
Resource Hash

Request headers

Accept-Language
nl-NL,nl;q=0.9
Referer
https://517s61.reminews.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date
Fri, 03 Dec 2021 16:23:11 GMT
x-openstack-request-id
tx287de7c84de84b77b385d-00617824f0
x-trans-id
tx287de7c84de84b77b385d-00617824f0
x-timestamp
1621260767.46514
accept-ranges
bytes
expires
Sun, 05 Dec 2021 16:23:11 GMT
last-modified
Mon, 17 May 2021 14:12:48 GMT
server
nginx/1.18.0
etag
f92d6474ebc6a3a0b576749cfb4afe98
vary
Accept-Encoding
access-control-allow-methods
HEAD,GET,POST,PUT,PATCH,DELETE,OPTIONS
content-type
image/png
access-control-allow-origin
*
access-control-expose-headers
X-Container-Meta-Temp-Url-Key,X-Container-Bytes-Used,Last-Modified,X-Timestamp
cache-control
max-age=172800
content-length
4064
access-control-allow-headers
Content-Type,X-Requested-With,X-Auth-Token,X-Openstack-Request-Id,X-Container-Meta-type,X-Container-Meta-Temp-URL-Key,Authorization
x-proxy-cache
HIT
afu.php
kneeansweras.com/ 		2 KB
1 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://kneeansweras.com/afu.php?zoneid=1541502&var=1541501
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
109.206.162.83 , Netherlands, ASN50245 (SERVEREL-AS, NL),
Reverse DNS
83.162.serverel.net
Software
nginx /
Resource Hash
e44fd880af2d116dc43734c9e7d76247de3ea9ee0b6fe34125d35c56090666e7

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36
Accept-Language
nl-NL,nl;q=0.9

Response headers

server
nginx
date
Fri, 03 Dec 2021 16:23:11 GMT
content-type
text/html; charset=utf-8
vary
Accept-Encoding
content-encoding
gzip
timing-allow-origin
*
submit.min.js
kneeansweras.com/ 		34 KB
14 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://kneeansweras.com/submit.min.js?2.0
Requested by
Host: kneeansweras.com
URL: https://kneeansweras.com/afu.php?zoneid=1541502&var=1541501
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
109.206.162.83 , Netherlands, ASN50245 (SERVEREL-AS, NL),
Reverse DNS
83.162.serverel.net
Software
nginx /
Resource Hash
85a367f436675a0f9ff723ab117c68ab0f704cd9f183bc40c8d5e06d647832b8

Request headers

Accept-Language
nl-NL,nl;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date
Fri, 03 Dec 2021 16:23:11 GMT
content-encoding
gzip
last-modified
Thu, 02 Dec 2021 12:43:17 GMT
server
nginx
etag
W/"61a8bf65-87fb"
vary
Accept-Encoding
content-type
application/javascript
timing-allow-origin
*
/
kneeansweras.com/ 		3 KB
2 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://kneeansweras.com/?r=dir&zoneid=1541502&var=1541501&pb=cf1c6c26f33db445ca202d224aff256f1638555791&psp=mIUXM5_f-KEcbLZzP2U-ulLKVhHi4WeM7Drf6NQmzzw-SLYhRo6ucaNpXDaaDRm-b6VLXiqsQST0mm4MZ13jAaZLTBI6hajyaG_9ApC-_GBhBJzi3GneV32zTvA9K9AmIyboYMzMIUWEgaJ1QI5qNceOpMOZ7rzCrPO0ZNuuDIuWEvM68Sh86o7clx5qE7p9U2D2-AKBXaznvfWYwtI7SYH_Ho7pJvhF53bGhVZcH5quBARXmWwe877loJKIwG-6YiK17oDGajFaBT79FBY3rt1xDrG5zROwrq8fe7QFiPTv6xjk1ceAB1VD0M6qMQ2PbglP_A2rVNpR3t5ntE4vphBXUkURm1NZU6TCG9O-UFHAqEsV1A3cMRALGsr4swIzTUetnP3Ij4pT79BYg5pX9XW6pBbdaU9dNjnTBhUrzYF87ODJuA2t-3jbE4jLfg6sMJzRP3twX7YwErv5uCu_qmPdPQtFTeMsT53arv40lfdTldbmV1G6ghry9LN064PKq3LdBJK3vBGXSlFqIKvf7oq53t-KfvqtQj3q2ZMudRU8iWD_cmMVN4itKdsRnfNKv669Qev66B32d5HKcyTB-V-M1BVpYIfwTrJSz9GZJipgc0yPQQPwUhs20Wbtj1EtgrxANKgzzdUIZkA-y85r20vIu4IKkkfPg7m6sXChpRBZq5x9DwXCsA==&nojs=0&ix=0&t=0&x=1600&y=1200&wcks=1&wgl=1&cnvs=1&os=0&md=0&bb=0&pl=Chrome%20PDF%20Plugin::Chrome%20PDF%20Viewer::Native%20Client&lang=en-US&pf=Linux%20x86_64&cd=24&0&pload=106
Requested by
Host: kneeansweras.com
URL: https://kneeansweras.com/submit.min.js?2.0
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
109.206.162.83 , Netherlands, ASN50245 (SERVEREL-AS, NL),
Reverse DNS
83.162.serverel.net
Software
nginx /
Resource Hash
1cc3caedbabb43516cc3a274518248d1138c05daa251c8eefbdb6a37d1cedbf5

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36
Accept-Language
nl-NL,nl;q=0.9

Response headers

server
nginx
date
Fri, 03 Dec 2021 16:23:11 GMT
content-type
text/html; charset=utf-8
vary
Accept-Encoding
content-encoding
gzip
timing-allow-origin
*
index.html
517s61.reminews.com/dannig/common-player-arrow/ 		6 KB
7 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://517s61.reminews.com/dannig/common-player-arrow/index.html?var=1541502&ymid=21120311239871d8c1cf4340039a312ae372&rc=1&mrc=0&fsc=0&zoneid=1601571&tburl=https://play-vids.com/?geo=nl&proxy=true
Requested by
Host: kneeansweras.com
URL: https://kneeansweras.com/?r=dir&zoneid=1541502&var=1541501&pb=cf1c6c26f33db445ca202d224aff256f1638555791&psp=mIUXM5_f-KEcbLZzP2U-ulLKVhHi4WeM7Drf6NQmzzw-SLYhRo6ucaNpXDaaDRm-b6VLXiqsQST0mm4MZ13jAaZLTBI6hajyaG_9ApC-_GBhBJzi3GneV32zTvA9K9AmIyboYMzMIUWEgaJ1QI5qNceOpMOZ7rzCrPO0ZNuuDIuWEvM68Sh86o7clx5qE7p9U2D2-AKBXaznvfWYwtI7SYH_Ho7pJvhF53bGhVZcH5quBARXmWwe877loJKIwG-6YiK17oDGajFaBT79FBY3rt1xDrG5zROwrq8fe7QFiPTv6xjk1ceAB1VD0M6qMQ2PbglP_A2rVNpR3t5ntE4vphBXUkURm1NZU6TCG9O-UFHAqEsV1A3cMRALGsr4swIzTUetnP3Ij4pT79BYg5pX9XW6pBbdaU9dNjnTBhUrzYF87ODJuA2t-3jbE4jLfg6sMJzRP3twX7YwErv5uCu_qmPdPQtFTeMsT53arv40lfdTldbmV1G6ghry9LN064PKq3LdBJK3vBGXSlFqIKvf7oq53t-KfvqtQj3q2ZMudRU8iWD_cmMVN4itKdsRnfNKv669Qev66B32d5HKcyTB-V-M1BVpYIfwTrJSz9GZJipgc0yPQQPwUhs20Wbtj1EtgrxANKgzzdUIZkA-y85r20vIu4IKkkfPg7m6sXChpRBZq5x9DwXCsA==&nojs=0&ix=0&t=0&x=1600&y=1200&wcks=1&wgl=1&cnvs=1&os=0&md=0&bb=0&pl=Chrome%20PDF%20Plugin::Chrome%20PDF%20Viewer::Native%20Client&lang=en-US&pf=Linux%20x86_64&cd=24&0&pload=106
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
45.133.44.3 Philadelphia, United States, ASN39572 (ADVANCEDHOSTERS-AS, NL),
Reverse DNS
Software
nginx/1.18.0 /
Resource Hash
dccc56b4834577790633f041a5c730b0f283352e63c8509a9da3961b170b6f96

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36
Accept-Language
nl-NL,nl;q=0.9

Response headers

date
Fri, 03 Dec 2021 16:23:11 GMT
content-type
text/html; charset=utf-8
content-length
6611
server
nginx/1.18.0
last-modified
Tue, 26 Oct 2021 15:52:40 GMT
etag
f46a63e0e4e733d7ddc6f46da00863bf
x-timestamp
1635263559.76455
x-trans-id
txf9973ab5455e4f86ae257-00617824f3
x-openstack-request-id
txf9973ab5455e4f86ae257-00617824f3
cache-control
max-age=172800
access-control-allow-origin
*
access-control-allow-methods
HEAD,GET,POST,PUT,PATCH,DELETE,OPTIONS
access-control-allow-headers
Content-Type,X-Requested-With,X-Auth-Token,X-Openstack-Request-Id,X-Container-Meta-type,X-Container-Meta-Temp-URL-Key,Authorization
access-control-expose-headers
X-Container-Meta-Temp-Url-Key,X-Container-Bytes-Used,Last-Modified,X-Timestamp
expires
Sun, 05 Dec 2021 16:23:11 GMT
vary
Accept-Encoding
x-proxy-cache
HIT
accept-ranges
bytes
dupa.gif
kneeansweras.com/ 		0
0
script.js
123.selornews.com/dannig/common-player-arrow/ 		4 KB
5 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://123.selornews.com/dannig/common-player-arrow/script.js?a=19
Requested by
Host: 517s61.reminews.com
URL: https://517s61.reminews.com/dannig/common-player-arrow/index.html?var=1541502&ymid=21120311239871d8c1cf4340039a312ae372&rc=1&mrc=0&fsc=0&zoneid=1601571&tburl=https://play-vids.com/?geo=nl&proxy=true
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
45.133.44.4 Philadelphia, United States, ASN39572 (ADVANCEDHOSTERS-AS, NL),
Reverse DNS
Software
nginx/1.18.0 /
Resource Hash
4d23eca65ee87fd5bce9aaefc863c5f836ad13dbb3069c72533bddfe2054d0d9

Request headers

Accept-Language
nl-NL,nl;q=0.9
Referer
https://517s61.reminews.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date
Fri, 03 Dec 2021 16:23:11 GMT
x-openstack-request-id
tx511d3042704c4fa98c709-00617824f4
x-trans-id
tx511d3042704c4fa98c709-00617824f4
x-timestamp
1631013005.68768
accept-ranges
bytes
expires
Sun, 05 Dec 2021 16:23:11 GMT
last-modified
Tue, 07 Sep 2021 11:10:06 GMT
server
nginx/1.18.0
etag
9d479878f1dadd7ee15cebf73891e8ae
vary
Accept-Encoding
access-control-allow-methods
HEAD,GET,POST,PUT,PATCH,DELETE,OPTIONS
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
access-control-expose-headers
X-Container-Meta-Temp-Url-Key,X-Container-Bytes-Used,Last-Modified,X-Timestamp
cache-control
max-age=172800
content-length
4281
access-control-allow-headers
Content-Type,X-Requested-With,X-Auth-Token,X-Openstack-Request-Id,X-Container-Meta-type,X-Container-Meta-Temp-URL-Key,Authorization
x-proxy-cache
HIT
icon1.png
123.selornews.com/dannig/common-player-arrow/img/ 		7 KB
8 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://123.selornews.com/dannig/common-player-arrow/img/icon1.png
Requested by
Host: 517s61.reminews.com
URL: https://517s61.reminews.com/dannig/common-player-arrow/index.html?var=1541502&ymid=21120311239871d8c1cf4340039a312ae372&rc=1&mrc=0&fsc=0&zoneid=1601571&tburl=https://play-vids.com/?geo=nl&proxy=true
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
45.133.44.4 Philadelphia, United States, ASN39572 (ADVANCEDHOSTERS-AS, NL),
Reverse DNS
Software
nginx/1.18.0 /
Resource Hash

Request headers

Accept-Language
nl-NL,nl;q=0.9
Referer
https://517s61.reminews.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date
Fri, 03 Dec 2021 16:23:11 GMT
x-openstack-request-id
tx3a371b7f911d47879e956-00617824f4
x-trans-id
tx3a371b7f911d47879e956-00617824f4
x-timestamp
1621260766.56573
accept-ranges
bytes
expires
Sun, 05 Dec 2021 16:23:11 GMT
last-modified
Mon, 17 May 2021 14:12:47 GMT
server
nginx/1.18.0
etag
3d0ab5834c8bf7134e4d21fa3288317f
vary
Accept-Encoding
access-control-allow-methods
HEAD,GET,POST,PUT,PATCH,DELETE,OPTIONS
content-type
image/png
access-control-allow-origin
*
access-control-expose-headers
X-Container-Meta-Temp-Url-Key,X-Container-Bytes-Used,Last-Modified,X-Timestamp
cache-control
max-age=172800
content-length
7252
access-control-allow-headers
Content-Type,X-Requested-With,X-Auth-Token,X-Openstack-Request-Id,X-Container-Meta-type,X-Container-Meta-Temp-URL-Key,Authorization
x-proxy-cache
HIT
icon2.png
123.selornews.com/dannig/common-player-arrow/img/ 		4 KB
5 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://123.selornews.com/dannig/common-player-arrow/img/icon2.png
Requested by
Host: 517s61.reminews.com
URL: https://517s61.reminews.com/dannig/common-player-arrow/index.html?var=1541502&ymid=21120311239871d8c1cf4340039a312ae372&rc=1&mrc=0&fsc=0&zoneid=1601571&tburl=https://play-vids.com/?geo=nl&proxy=true
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
45.133.44.4 Philadelphia, United States, ASN39572 (ADVANCEDHOSTERS-AS, NL),
Reverse DNS
Software
nginx/1.18.0 /
Resource Hash

Request headers

Accept-Language
nl-NL,nl;q=0.9
Referer
https://517s61.reminews.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date
Fri, 03 Dec 2021 16:23:11 GMT
x-openstack-request-id
txa9b08c83d6884e2e94886-00617824f0
x-trans-id
txa9b08c83d6884e2e94886-00617824f0
x-timestamp
1621260766.58366
accept-ranges
bytes
expires
Sun, 05 Dec 2021 16:23:11 GMT
last-modified
Mon, 17 May 2021 14:12:47 GMT
server
nginx/1.18.0
etag
c947d439eb93367f1af5b2a3d222f057
vary
Accept-Encoding
access-control-allow-methods
HEAD,GET,POST,PUT,PATCH,DELETE,OPTIONS
content-type
image/png
access-control-allow-origin
*
access-control-expose-headers
X-Container-Meta-Temp-Url-Key,X-Container-Bytes-Used,Last-Modified,X-Timestamp
cache-control
max-age=172800
content-length
4576
access-control-allow-headers
Content-Type,X-Requested-With,X-Auth-Token,X-Openstack-Request-Id,X-Container-Meta-type,X-Container-Meta-Temp-URL-Key,Authorization
x-proxy-cache
HIT
icon3.png
123.selornews.com/dannig/common-player-arrow/img/ 		8 KB
8 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://123.selornews.com/dannig/common-player-arrow/img/icon3.png
Requested by
Host: 517s61.reminews.com
URL: https://517s61.reminews.com/dannig/common-player-arrow/index.html?var=1541502&ymid=21120311239871d8c1cf4340039a312ae372&rc=1&mrc=0&fsc=0&zoneid=1601571&tburl=https://play-vids.com/?geo=nl&proxy=true
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
45.133.44.4 Philadelphia, United States, ASN39572 (ADVANCEDHOSTERS-AS, NL),
Reverse DNS
Software
nginx/1.18.0 /
Resource Hash

Request headers

Accept-Language
nl-NL,nl;q=0.9
Referer
https://517s61.reminews.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date
Fri, 03 Dec 2021 16:23:11 GMT
x-openstack-request-id
txe836bc800dc74cab8c17e-00617824f0
x-trans-id
txe836bc800dc74cab8c17e-00617824f0
x-timestamp
1621260770.61859
accept-ranges
bytes
expires
Sun, 05 Dec 2021 16:23:11 GMT
last-modified
Mon, 17 May 2021 14:12:51 GMT
server
nginx/1.18.0
etag
8f3cc830da0b1fdf66bda7d1d734747b
vary
Accept-Encoding
access-control-allow-methods
HEAD,GET,POST,PUT,PATCH,DELETE,OPTIONS
content-type
image/png
access-control-allow-origin
*
access-control-expose-headers
X-Container-Meta-Temp-Url-Key,X-Container-Bytes-Used,Last-Modified,X-Timestamp
cache-control
max-age=172800
content-length
7847
access-control-allow-headers
Content-Type,X-Requested-With,X-Auth-Token,X-Openstack-Request-Id,X-Container-Meta-type,X-Container-Meta-Temp-URL-Key,Authorization
x-proxy-cache
HIT
icon4.png
123.selornews.com/dannig/common-player-arrow/img/ 		7 KB
7 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://123.selornews.com/dannig/common-player-arrow/img/icon4.png
Requested by
Host: 517s61.reminews.com
URL: https://517s61.reminews.com/dannig/common-player-arrow/index.html?var=1541502&ymid=21120311239871d8c1cf4340039a312ae372&rc=1&mrc=0&fsc=0&zoneid=1601571&tburl=https://play-vids.com/?geo=nl&proxy=true
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
45.133.44.4 Philadelphia, United States, ASN39572 (ADVANCEDHOSTERS-AS, NL),
Reverse DNS
Software
nginx/1.18.0 /
Resource Hash

Request headers

Accept-Language
nl-NL,nl;q=0.9
Referer
https://517s61.reminews.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date
Fri, 03 Dec 2021 16:23:11 GMT
x-openstack-request-id
tx15b172dcb6084849bf123-00617824f0
x-trans-id
tx15b172dcb6084849bf123-00617824f0
x-timestamp
1621260766.57654
accept-ranges
bytes
expires
Sun, 05 Dec 2021 16:23:11 GMT
last-modified
Mon, 17 May 2021 14:12:47 GMT
server
nginx/1.18.0
etag
7ad7f32c1c0df7b4975cc41bda4ac435
vary
Accept-Encoding
access-control-allow-methods
HEAD,GET,POST,PUT,PATCH,DELETE,OPTIONS
content-type
image/png
access-control-allow-origin
*
access-control-expose-headers
X-Container-Meta-Temp-Url-Key,X-Container-Bytes-Used,Last-Modified,X-Timestamp
cache-control
max-age=172800
content-length
7032
access-control-allow-headers
Content-Type,X-Requested-With,X-Auth-Token,X-Openstack-Request-Id,X-Container-Meta-type,X-Container-Meta-Temp-URL-Key,Authorization
x-proxy-cache
HIT
icon5.png
123.selornews.com/dannig/common-player-arrow/img/ 		3 KB
4 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://123.selornews.com/dannig/common-player-arrow/img/icon5.png
Requested by
Host: 517s61.reminews.com
URL: https://517s61.reminews.com/dannig/common-player-arrow/index.html?var=1541502&ymid=21120311239871d8c1cf4340039a312ae372&rc=1&mrc=0&fsc=0&zoneid=1601571&tburl=https://play-vids.com/?geo=nl&proxy=true
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
45.133.44.4 Philadelphia, United States, ASN39572 (ADVANCEDHOSTERS-AS, NL),
Reverse DNS
Software
nginx/1.18.0 /
Resource Hash

Request headers

Accept-Language
nl-NL,nl;q=0.9
Referer
https://517s61.reminews.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date
Fri, 03 Dec 2021 16:23:11 GMT
x-openstack-request-id
txb5043e51fe2e4d6988631-00617824f0
x-trans-id
txb5043e51fe2e4d6988631-00617824f0
x-timestamp
1621260766.74516
accept-ranges
bytes
expires
Sun, 05 Dec 2021 16:23:11 GMT
last-modified
Mon, 17 May 2021 14:12:47 GMT
server
nginx/1.18.0
etag
1e1a7582b5da63e10485d63f97abc9a0
vary
Accept-Encoding
access-control-allow-methods
HEAD,GET,POST,PUT,PATCH,DELETE,OPTIONS
content-type
image/png
access-control-allow-origin
*
access-control-expose-headers
X-Container-Meta-Temp-Url-Key,X-Container-Bytes-Used,Last-Modified,X-Timestamp
cache-control
max-age=172800
content-length
3264
access-control-allow-headers
Content-Type,X-Requested-With,X-Auth-Token,X-Openstack-Request-Id,X-Container-Meta-type,X-Container-Meta-Temp-URL-Key,Authorization
x-proxy-cache
HIT
icon7.png
123.selornews.com/dannig/common-player-arrow/img/ 		3 KB
4 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://123.selornews.com/dannig/common-player-arrow/img/icon7.png
Requested by
Host: 517s61.reminews.com
URL: https://517s61.reminews.com/dannig/common-player-arrow/index.html?var=1541502&ymid=21120311239871d8c1cf4340039a312ae372&rc=1&mrc=0&fsc=0&zoneid=1601571&tburl=https://play-vids.com/?geo=nl&proxy=true
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
45.133.44.4 Philadelphia, United States, ASN39572 (ADVANCEDHOSTERS-AS, NL),
Reverse DNS
Software
nginx/1.18.0 /
Resource Hash

Request headers

Accept-Language
nl-NL,nl;q=0.9
Referer
https://517s61.reminews.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date
Fri, 03 Dec 2021 16:23:11 GMT
x-openstack-request-id
tx23eb648f44094a9e86fdc-00617824f0
x-trans-id
tx23eb648f44094a9e86fdc-00617824f0
x-timestamp
1621260767.43555
accept-ranges
bytes
expires
Sun, 05 Dec 2021 16:23:11 GMT
last-modified
Mon, 17 May 2021 14:12:48 GMT
server
nginx/1.18.0
etag
b512735542cb07b3b2dcf153a7dfe456
vary
Accept-Encoding
access-control-allow-methods
HEAD,GET,POST,PUT,PATCH,DELETE,OPTIONS
content-type
image/png
access-control-allow-origin
*
access-control-expose-headers
X-Container-Meta-Temp-Url-Key,X-Container-Bytes-Used,Last-Modified,X-Timestamp
cache-control
max-age=172800
content-length
3283
access-control-allow-headers
Content-Type,X-Requested-With,X-Auth-Token,X-Openstack-Request-Id,X-Container-Meta-type,X-Container-Meta-Temp-URL-Key,Authorization
x-proxy-cache
HIT
icon8.png
123.selornews.com/dannig/common-player-arrow/img/ 		4 KB
5 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://123.selornews.com/dannig/common-player-arrow/img/icon8.png
Requested by
Host: 517s61.reminews.com
URL: https://517s61.reminews.com/dannig/common-player-arrow/index.html?var=1541502&ymid=21120311239871d8c1cf4340039a312ae372&rc=1&mrc=0&fsc=0&zoneid=1601571&tburl=https://play-vids.com/?geo=nl&proxy=true
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
45.133.44.4 Philadelphia, United States, ASN39572 (ADVANCEDHOSTERS-AS, NL),
Reverse DNS
Software
nginx/1.18.0 /
Resource Hash

Request headers

Accept-Language
nl-NL,nl;q=0.9
Referer
https://517s61.reminews.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date
Fri, 03 Dec 2021 16:23:11 GMT
x-openstack-request-id
tx287de7c84de84b77b385d-00617824f0
x-trans-id
tx287de7c84de84b77b385d-00617824f0
x-timestamp
1621260767.46514
accept-ranges
bytes
expires
Sun, 05 Dec 2021 16:23:11 GMT
last-modified
Mon, 17 May 2021 14:12:48 GMT
server
nginx/1.18.0
etag
f92d6474ebc6a3a0b576749cfb4afe98
vary
Accept-Encoding
access-control-allow-methods
HEAD,GET,POST,PUT,PATCH,DELETE,OPTIONS
content-type
image/png
access-control-allow-origin
*
access-control-expose-headers
X-Container-Meta-Temp-Url-Key,X-Container-Bytes-Used,Last-Modified,X-Timestamp
cache-control
max-age=172800
content-length
4064
access-control-allow-headers
Content-Type,X-Requested-With,X-Auth-Token,X-Openstack-Request-Id,X-Container-Meta-type,X-Container-Meta-Temp-URL-Key,Authorization
x-proxy-cache
HIT
afu.php
kneeansweras.com/ 		2 KB
1 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://kneeansweras.com/afu.php?zoneid=1541501&var=1541502
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
109.206.162.83 , Netherlands, ASN50245 (SERVEREL-AS, NL),
Reverse DNS
83.162.serverel.net
Software
nginx /
Resource Hash
bf4138ac37e3271acc4718aac283cfce433cc14fefa508ff633e313e47ffa960

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36
Accept-Language
nl-NL,nl;q=0.9

Response headers

server
nginx
date
Fri, 03 Dec 2021 16:23:11 GMT
content-type
text/html; charset=utf-8
vary
Accept-Encoding
content-encoding
gzip
timing-allow-origin
*
submit.min.js
kneeansweras.com/ 		34 KB
14 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://kneeansweras.com/submit.min.js?2.0
Requested by
Host: kneeansweras.com
URL: https://kneeansweras.com/afu.php?zoneid=1541501&var=1541502
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
109.206.162.83 , Netherlands, ASN50245 (SERVEREL-AS, NL),
Reverse DNS
83.162.serverel.net
Software
nginx /
Resource Hash
85a367f436675a0f9ff723ab117c68ab0f704cd9f183bc40c8d5e06d647832b8

Request headers

Accept-Language
nl-NL,nl;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date
Fri, 03 Dec 2021 16:23:11 GMT
content-encoding
gzip
last-modified
Thu, 02 Dec 2021 12:43:17 GMT
server
nginx
etag
W/"61a8bf65-87fb"
vary
Accept-Encoding
content-type
application/javascript
timing-allow-origin
*
/
kneeansweras.com/ 		3 KB
2 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://kneeansweras.com/?r=dir&zoneid=1541501&var=1541502&pb=cf1c6c26f33db445ca202d224aff256f1638555791&psp=vN7B3j8sdVYXbC3kwgAAdWMeMgjgWkU0wieG3pbk_R0KDPa8wTDWQf8YCQqQYf56xUDm11tYwZMITryqJDTDA_65Makr4WiFglyHITPJqDE-tDFRCiPh2hrMMCW1pcTTisjJZfhowub8T_fb-JnrLMgVrk8e1KO01h0sTbilL9TBiWVZ3SqXx45qkzWjSNyKhWm3Fi-N_GU2ZtHapzWw5gVabhloETCmMLpRk5ozXe-hUhT6MkAhY3zbjkqjF-yAaaTlH358lz7ofuKYZeRIc66x-hoWDiD66Qrh3VaICmfVebNNY8205BeWkdR8KpNq-DqiedoiH8nAEN507bW9x4VSVGxuzTxf4Ycufw2Kq5wzzHqK6-Dbyqv311rm_-rUCNo6A16Qpo8Z2Gv6XkXJLtScxmeA5D30v9CaLMvdCeOWHsNtMioQ97OETshzoL5bMynLBvLKBRz8E1yD1e5XA3dCJL_ktdEbuELOwL3Sn1-C4njxLzRCZICSA4fzp3cDYzt9yeYL-2L8WZoJm8X5BDTqzQczNmUFY0OQTqs5jdTAcDdQ8ovvJE1pemC7dGv1pg6_IMP-zRzk-vMSLeMmMWHIoica-S4PppkGe5YKlbkI7qLDEHkKG8TOcHgsq6x8vzQtpUMcG18SfNQWcQVRIGefqkJX1ZFCrtHt0y6McpWzybAKz8lfeg==&nojs=0&ix=0&t=0&x=1600&y=1200&wcks=1&wgl=1&cnvs=1&os=0&md=0&bb=0&pl=Chrome%20PDF%20Plugin::Chrome%20PDF%20Viewer::Native%20Client&lang=en-US&pf=Linux%20x86_64&cd=24&0&pload=105
Requested by
Host: kneeansweras.com
URL: https://kneeansweras.com/submit.min.js?2.0
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
109.206.162.83 , Netherlands, ASN50245 (SERVEREL-AS, NL),
Reverse DNS
83.162.serverel.net
Software
nginx /
Resource Hash
b1969a167b7b9661deea7e21866115a11753ab1d891e8704279e2040c775fb1f

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36
Accept-Language
nl-NL,nl;q=0.9

Response headers

server
nginx
date
Fri, 03 Dec 2021 16:23:12 GMT
content-type
text/html; charset=utf-8
vary
Accept-Encoding
content-encoding
gzip
timing-allow-origin
*
index.html
517s61.reminews.com/dannig/common-player-arrow/ 		6 KB
7 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://517s61.reminews.com/dannig/common-player-arrow/index.html?var=1541501&ymid=21120311231f900fd2941a454f908b25ea0d&rc=1&mrc=0&fsc=0&zoneid=1601571&tburl=https://play-vids.com/?geo=nl&proxy=true
Requested by
Host: kneeansweras.com
URL: https://kneeansweras.com/?r=dir&zoneid=1541501&var=1541502&pb=cf1c6c26f33db445ca202d224aff256f1638555791&psp=vN7B3j8sdVYXbC3kwgAAdWMeMgjgWkU0wieG3pbk_R0KDPa8wTDWQf8YCQqQYf56xUDm11tYwZMITryqJDTDA_65Makr4WiFglyHITPJqDE-tDFRCiPh2hrMMCW1pcTTisjJZfhowub8T_fb-JnrLMgVrk8e1KO01h0sTbilL9TBiWVZ3SqXx45qkzWjSNyKhWm3Fi-N_GU2ZtHapzWw5gVabhloETCmMLpRk5ozXe-hUhT6MkAhY3zbjkqjF-yAaaTlH358lz7ofuKYZeRIc66x-hoWDiD66Qrh3VaICmfVebNNY8205BeWkdR8KpNq-DqiedoiH8nAEN507bW9x4VSVGxuzTxf4Ycufw2Kq5wzzHqK6-Dbyqv311rm_-rUCNo6A16Qpo8Z2Gv6XkXJLtScxmeA5D30v9CaLMvdCeOWHsNtMioQ97OETshzoL5bMynLBvLKBRz8E1yD1e5XA3dCJL_ktdEbuELOwL3Sn1-C4njxLzRCZICSA4fzp3cDYzt9yeYL-2L8WZoJm8X5BDTqzQczNmUFY0OQTqs5jdTAcDdQ8ovvJE1pemC7dGv1pg6_IMP-zRzk-vMSLeMmMWHIoica-S4PppkGe5YKlbkI7qLDEHkKG8TOcHgsq6x8vzQtpUMcG18SfNQWcQVRIGefqkJX1ZFCrtHt0y6McpWzybAKz8lfeg==&nojs=0&ix=0&t=0&x=1600&y=1200&wcks=1&wgl=1&cnvs=1&os=0&md=0&bb=0&pl=Chrome%20PDF%20Plugin::Chrome%20PDF%20Viewer::Native%20Client&lang=en-US&pf=Linux%20x86_64&cd=24&0&pload=105
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
45.133.44.3 Philadelphia, United States, ASN39572 (ADVANCEDHOSTERS-AS, NL),
Reverse DNS
Software
nginx/1.18.0 /
Resource Hash
dccc56b4834577790633f041a5c730b0f283352e63c8509a9da3961b170b6f96

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36
Accept-Language
nl-NL,nl;q=0.9

Response headers

date
Fri, 03 Dec 2021 16:23:12 GMT
content-type
text/html; charset=utf-8
content-length
6611
server
nginx/1.18.0
last-modified
Tue, 26 Oct 2021 15:52:40 GMT
etag
f46a63e0e4e733d7ddc6f46da00863bf
x-timestamp
1635263559.76455
x-trans-id
txf9973ab5455e4f86ae257-00617824f3
x-openstack-request-id
txf9973ab5455e4f86ae257-00617824f3
cache-control
max-age=172800
access-control-allow-origin
*
access-control-allow-methods
HEAD,GET,POST,PUT,PATCH,DELETE,OPTIONS
access-control-allow-headers
Content-Type,X-Requested-With,X-Auth-Token,X-Openstack-Request-Id,X-Container-Meta-type,X-Container-Meta-Temp-URL-Key,Authorization
access-control-expose-headers
X-Container-Meta-Temp-Url-Key,X-Container-Bytes-Used,Last-Modified,X-Timestamp
expires
Sun, 05 Dec 2021 16:23:12 GMT
vary
Accept-Encoding
x-proxy-cache
HIT
accept-ranges
bytes
dupa.gif
kneeansweras.com/ 		0
0
script.js
123.selornews.com/dannig/common-player-arrow/ 		4 KB
5 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://123.selornews.com/dannig/common-player-arrow/script.js?a=19
Requested by
Host: 517s61.reminews.com
URL: https://517s61.reminews.com/dannig/common-player-arrow/index.html?var=1541501&ymid=21120311231f900fd2941a454f908b25ea0d&rc=1&mrc=0&fsc=0&zoneid=1601571&tburl=https://play-vids.com/?geo=nl&proxy=true
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
45.133.44.4 Philadelphia, United States, ASN39572 (ADVANCEDHOSTERS-AS, NL),
Reverse DNS
Software
nginx/1.18.0 /
Resource Hash
4d23eca65ee87fd5bce9aaefc863c5f836ad13dbb3069c72533bddfe2054d0d9

Request headers

Accept-Language
nl-NL,nl;q=0.9
Referer
https://517s61.reminews.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date
Fri, 03 Dec 2021 16:23:12 GMT
x-openstack-request-id
tx511d3042704c4fa98c709-00617824f4
x-trans-id
tx511d3042704c4fa98c709-00617824f4
x-timestamp
1631013005.68768
accept-ranges
bytes
expires
Sun, 05 Dec 2021 16:23:12 GMT
last-modified
Tue, 07 Sep 2021 11:10:06 GMT
server
nginx/1.18.0
etag
9d479878f1dadd7ee15cebf73891e8ae
vary
Accept-Encoding
access-control-allow-methods
HEAD,GET,POST,PUT,PATCH,DELETE,OPTIONS
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
access-control-expose-headers
X-Container-Meta-Temp-Url-Key,X-Container-Bytes-Used,Last-Modified,X-Timestamp
cache-control
max-age=172800
content-length
4281
access-control-allow-headers
Content-Type,X-Requested-With,X-Auth-Token,X-Openstack-Request-Id,X-Container-Meta-type,X-Container-Meta-Temp-URL-Key,Authorization
x-proxy-cache
HIT
icon1.png
123.selornews.com/dannig/common-player-arrow/img/ 		7 KB
8 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://123.selornews.com/dannig/common-player-arrow/img/icon1.png
Requested by
Host: 517s61.reminews.com
URL: https://517s61.reminews.com/dannig/common-player-arrow/index.html?var=1541501&ymid=21120311231f900fd2941a454f908b25ea0d&rc=1&mrc=0&fsc=0&zoneid=1601571&tburl=https://play-vids.com/?geo=nl&proxy=true
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
45.133.44.4 Philadelphia, United States, ASN39572 (ADVANCEDHOSTERS-AS, NL),
Reverse DNS
Software
nginx/1.18.0 /
Resource Hash

Request headers

Accept-Language
nl-NL,nl;q=0.9
Referer
https://517s61.reminews.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date
Fri, 03 Dec 2021 16:23:12 GMT
x-openstack-request-id
tx3a371b7f911d47879e956-00617824f4
x-trans-id
tx3a371b7f911d47879e956-00617824f4
x-timestamp
1621260766.56573
accept-ranges
bytes
expires
Sun, 05 Dec 2021 16:23:12 GMT
last-modified
Mon, 17 May 2021 14:12:47 GMT
server
nginx/1.18.0
etag
3d0ab5834c8bf7134e4d21fa3288317f
vary
Accept-Encoding
access-control-allow-methods
HEAD,GET,POST,PUT,PATCH,DELETE,OPTIONS
content-type
image/png
access-control-allow-origin
*
access-control-expose-headers
X-Container-Meta-Temp-Url-Key,X-Container-Bytes-Used,Last-Modified,X-Timestamp
cache-control
max-age=172800
content-length
7252
access-control-allow-headers
Content-Type,X-Requested-With,X-Auth-Token,X-Openstack-Request-Id,X-Container-Meta-type,X-Container-Meta-Temp-URL-Key,Authorization
x-proxy-cache
HIT
icon2.png
123.selornews.com/dannig/common-player-arrow/img/ 		4 KB
5 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://123.selornews.com/dannig/common-player-arrow/img/icon2.png
Requested by
Host: 517s61.reminews.com
URL: https://517s61.reminews.com/dannig/common-player-arrow/index.html?var=1541501&ymid=21120311231f900fd2941a454f908b25ea0d&rc=1&mrc=0&fsc=0&zoneid=1601571&tburl=https://play-vids.com/?geo=nl&proxy=true
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
45.133.44.4 Philadelphia, United States, ASN39572 (ADVANCEDHOSTERS-AS, NL),
Reverse DNS
Software
nginx/1.18.0 /
Resource Hash

Request headers

Accept-Language
nl-NL,nl;q=0.9
Referer
https://517s61.reminews.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date
Fri, 03 Dec 2021 16:23:12 GMT
x-openstack-request-id
txa9b08c83d6884e2e94886-00617824f0
x-trans-id
txa9b08c83d6884e2e94886-00617824f0
x-timestamp
1621260766.58366
accept-ranges
bytes
expires
Sun, 05 Dec 2021 16:23:12 GMT
last-modified
Mon, 17 May 2021 14:12:47 GMT
server
nginx/1.18.0
etag
c947d439eb93367f1af5b2a3d222f057
vary
Accept-Encoding
access-control-allow-methods
HEAD,GET,POST,PUT,PATCH,DELETE,OPTIONS
content-type
image/png
access-control-allow-origin
*
access-control-expose-headers
X-Container-Meta-Temp-Url-Key,X-Container-Bytes-Used,Last-Modified,X-Timestamp
cache-control
max-age=172800
content-length
4576
access-control-allow-headers
Content-Type,X-Requested-With,X-Auth-Token,X-Openstack-Request-Id,X-Container-Meta-type,X-Container-Meta-Temp-URL-Key,Authorization
x-proxy-cache
HIT
icon3.png
123.selornews.com/dannig/common-player-arrow/img/ 		8 KB
8 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://123.selornews.com/dannig/common-player-arrow/img/icon3.png
Requested by
Host: 517s61.reminews.com
URL: https://517s61.reminews.com/dannig/common-player-arrow/index.html?var=1541501&ymid=21120311231f900fd2941a454f908b25ea0d&rc=1&mrc=0&fsc=0&zoneid=1601571&tburl=https://play-vids.com/?geo=nl&proxy=true
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
45.133.44.4 Philadelphia, United States, ASN39572 (ADVANCEDHOSTERS-AS, NL),
Reverse DNS
Software
nginx/1.18.0 /
Resource Hash

Request headers

Accept-Language
nl-NL,nl;q=0.9
Referer
https://517s61.reminews.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date
Fri, 03 Dec 2021 16:23:12 GMT
x-openstack-request-id
txe836bc800dc74cab8c17e-00617824f0
x-trans-id
txe836bc800dc74cab8c17e-00617824f0
x-timestamp
1621260770.61859
accept-ranges
bytes
expires
Sun, 05 Dec 2021 16:23:12 GMT
last-modified
Mon, 17 May 2021 14:12:51 GMT
server
nginx/1.18.0
etag
8f3cc830da0b1fdf66bda7d1d734747b
vary
Accept-Encoding
access-control-allow-methods
HEAD,GET,POST,PUT,PATCH,DELETE,OPTIONS
content-type
image/png
access-control-allow-origin
*
access-control-expose-headers
X-Container-Meta-Temp-Url-Key,X-Container-Bytes-Used,Last-Modified,X-Timestamp
cache-control
max-age=172800
content-length
7847
access-control-allow-headers
Content-Type,X-Requested-With,X-Auth-Token,X-Openstack-Request-Id,X-Container-Meta-type,X-Container-Meta-Temp-URL-Key,Authorization
x-proxy-cache
HIT
icon4.png
123.selornews.com/dannig/common-player-arrow/img/ 		7 KB
7 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://123.selornews.com/dannig/common-player-arrow/img/icon4.png
Requested by
Host: 517s61.reminews.com
URL: https://517s61.reminews.com/dannig/common-player-arrow/index.html?var=1541501&ymid=21120311231f900fd2941a454f908b25ea0d&rc=1&mrc=0&fsc=0&zoneid=1601571&tburl=https://play-vids.com/?geo=nl&proxy=true
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
45.133.44.4 Philadelphia, United States, ASN39572 (ADVANCEDHOSTERS-AS, NL),
Reverse DNS
Software
nginx/1.18.0 /
Resource Hash

Request headers

Accept-Language
nl-NL,nl;q=0.9
Referer
https://517s61.reminews.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date
Fri, 03 Dec 2021 16:23:12 GMT
x-openstack-request-id
tx15b172dcb6084849bf123-00617824f0
x-trans-id
tx15b172dcb6084849bf123-00617824f0
x-timestamp
1621260766.57654
accept-ranges
bytes
expires
Sun, 05 Dec 2021 16:23:12 GMT
last-modified
Mon, 17 May 2021 14:12:47 GMT
server
nginx/1.18.0
etag
7ad7f32c1c0df7b4975cc41bda4ac435
vary
Accept-Encoding
access-control-allow-methods
HEAD,GET,POST,PUT,PATCH,DELETE,OPTIONS
content-type
image/png
access-control-allow-origin
*
access-control-expose-headers
X-Container-Meta-Temp-Url-Key,X-Container-Bytes-Used,Last-Modified,X-Timestamp
cache-control
max-age=172800
content-length
7032
access-control-allow-headers
Content-Type,X-Requested-With,X-Auth-Token,X-Openstack-Request-Id,X-Container-Meta-type,X-Container-Meta-Temp-URL-Key,Authorization
x-proxy-cache
HIT
icon5.png
123.selornews.com/dannig/common-player-arrow/img/ 		3 KB
4 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://123.selornews.com/dannig/common-player-arrow/img/icon5.png
Requested by
Host: 517s61.reminews.com
URL: https://517s61.reminews.com/dannig/common-player-arrow/index.html?var=1541501&ymid=21120311231f900fd2941a454f908b25ea0d&rc=1&mrc=0&fsc=0&zoneid=1601571&tburl=https://play-vids.com/?geo=nl&proxy=true
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
45.133.44.4 Philadelphia, United States, ASN39572 (ADVANCEDHOSTERS-AS, NL),
Reverse DNS
Software
nginx/1.18.0 /
Resource Hash

Request headers

Accept-Language
nl-NL,nl;q=0.9
Referer
https://517s61.reminews.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date
Fri, 03 Dec 2021 16:23:12 GMT
x-openstack-request-id
txb5043e51fe2e4d6988631-00617824f0
x-trans-id
txb5043e51fe2e4d6988631-00617824f0
x-timestamp
1621260766.74516
accept-ranges
bytes
expires
Sun, 05 Dec 2021 16:23:12 GMT
last-modified
Mon, 17 May 2021 14:12:47 GMT
server
nginx/1.18.0
etag
1e1a7582b5da63e10485d63f97abc9a0
vary
Accept-Encoding
access-control-allow-methods
HEAD,GET,POST,PUT,PATCH,DELETE,OPTIONS
content-type
image/png
access-control-allow-origin
*
access-control-expose-headers
X-Container-Meta-Temp-Url-Key,X-Container-Bytes-Used,Last-Modified,X-Timestamp
cache-control
max-age=172800
content-length
3264
access-control-allow-headers
Content-Type,X-Requested-With,X-Auth-Token,X-Openstack-Request-Id,X-Container-Meta-type,X-Container-Meta-Temp-URL-Key,Authorization
x-proxy-cache
HIT
icon7.png
123.selornews.com/dannig/common-player-arrow/img/ 		3 KB
4 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://123.selornews.com/dannig/common-player-arrow/img/icon7.png
Requested by
Host: 517s61.reminews.com
URL: https://517s61.reminews.com/dannig/common-player-arrow/index.html?var=1541501&ymid=21120311231f900fd2941a454f908b25ea0d&rc=1&mrc=0&fsc=0&zoneid=1601571&tburl=https://play-vids.com/?geo=nl&proxy=true
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
45.133.44.4 Philadelphia, United States, ASN39572 (ADVANCEDHOSTERS-AS, NL),
Reverse DNS
Software
nginx/1.18.0 /
Resource Hash

Request headers

Accept-Language
nl-NL,nl;q=0.9
Referer
https://517s61.reminews.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date
Fri, 03 Dec 2021 16:23:12 GMT
x-openstack-request-id
tx23eb648f44094a9e86fdc-00617824f0
x-trans-id
tx23eb648f44094a9e86fdc-00617824f0
x-timestamp
1621260767.43555
accept-ranges
bytes
expires
Sun, 05 Dec 2021 16:23:12 GMT
last-modified
Mon, 17 May 2021 14:12:48 GMT
server
nginx/1.18.0
etag
b512735542cb07b3b2dcf153a7dfe456
vary
Accept-Encoding
access-control-allow-methods
HEAD,GET,POST,PUT,PATCH,DELETE,OPTIONS
content-type
image/png
access-control-allow-origin
*
access-control-expose-headers
X-Container-Meta-Temp-Url-Key,X-Container-Bytes-Used,Last-Modified,X-Timestamp
cache-control
max-age=172800
content-length
3283
access-control-allow-headers
Content-Type,X-Requested-With,X-Auth-Token,X-Openstack-Request-Id,X-Container-Meta-type,X-Container-Meta-Temp-URL-Key,Authorization
x-proxy-cache
HIT
icon8.png
123.selornews.com/dannig/common-player-arrow/img/ 		4 KB
5 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://123.selornews.com/dannig/common-player-arrow/img/icon8.png
Requested by
Host: 517s61.reminews.com
URL: https://517s61.reminews.com/dannig/common-player-arrow/index.html?var=1541501&ymid=21120311231f900fd2941a454f908b25ea0d&rc=1&mrc=0&fsc=0&zoneid=1601571&tburl=https://play-vids.com/?geo=nl&proxy=true
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
45.133.44.4 Philadelphia, United States, ASN39572 (ADVANCEDHOSTERS-AS, NL),
Reverse DNS
Software
nginx/1.18.0 /
Resource Hash

Request headers

Accept-Language
nl-NL,nl;q=0.9
Referer
https://517s61.reminews.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date
Fri, 03 Dec 2021 16:23:12 GMT
x-openstack-request-id
tx287de7c84de84b77b385d-00617824f0
x-trans-id
tx287de7c84de84b77b385d-00617824f0
x-timestamp
1621260767.46514
accept-ranges
bytes
expires
Sun, 05 Dec 2021 16:23:12 GMT
last-modified
Mon, 17 May 2021 14:12:48 GMT
server
nginx/1.18.0
etag
f92d6474ebc6a3a0b576749cfb4afe98
vary
Accept-Encoding
access-control-allow-methods
HEAD,GET,POST,PUT,PATCH,DELETE,OPTIONS
content-type
image/png
access-control-allow-origin
*
access-control-expose-headers
X-Container-Meta-Temp-Url-Key,X-Container-Bytes-Used,Last-Modified,X-Timestamp
cache-control
max-age=172800
content-length
4064
access-control-allow-headers
Content-Type,X-Requested-With,X-Auth-Token,X-Openstack-Request-Id,X-Container-Meta-type,X-Container-Meta-Temp-URL-Key,Authorization
x-proxy-cache
HIT
afu.php
kneeansweras.com/ 		2 KB
1 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://kneeansweras.com/afu.php?zoneid=1541502&var=1541501
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
109.206.162.83 , Netherlands, ASN50245 (SERVEREL-AS, NL),
Reverse DNS
83.162.serverel.net
Software
nginx /
Resource Hash
a8c115e5270edafae5cfd2dc4375fb3e088ddf70428e62702c921bbe24234f55

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36
Accept-Language
nl-NL,nl;q=0.9

Response headers

server
nginx
date
Fri, 03 Dec 2021 16:23:12 GMT
content-type
text/html; charset=utf-8
vary
Accept-Encoding
content-encoding
gzip
timing-allow-origin
*
submit.min.js
kneeansweras.com/ 		34 KB
14 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://kneeansweras.com/submit.min.js?2.0
Requested by
Host: kneeansweras.com
URL: https://kneeansweras.com/afu.php?zoneid=1541502&var=1541501
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
109.206.162.83 , Netherlands, ASN50245 (SERVEREL-AS, NL),
Reverse DNS
83.162.serverel.net
Software
nginx /
Resource Hash
85a367f436675a0f9ff723ab117c68ab0f704cd9f183bc40c8d5e06d647832b8

Request headers

Accept-Language
nl-NL,nl;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date
Fri, 03 Dec 2021 16:23:12 GMT
content-encoding
gzip
last-modified
Thu, 02 Dec 2021 12:43:17 GMT
server
nginx
etag
W/"61a8bf65-87fb"
vary
Accept-Encoding
content-type
application/javascript
timing-allow-origin
*
/
kneeansweras.com/ 		3 KB
2 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://kneeansweras.com/?r=dir&zoneid=1541502&var=1541501&pb=dc50e079b7273137e162de095e5f4dca1638555792&psp=jM93fDe_0Ks1EKXvNsXQf_h7CG1oRKbFJPWcBNNRhwtUBmVPBfJgeXXAWC8SJGEyWTvebigooF1Ofv7S4NpzV8BXKuWfXXH0PHf9jD9Jxh9cWVuEdY8k-ellCo_GzOWWIz1iDoHSgsgaVY2NcYsZxqtgBdTi32jtgxjzuU-JjGe_CorNG1Y7JlBjZBdrRGfz78tmO_g22LO-cH5XvsaEUam4c8uP_00YCBJhswOHGpaGB3YVF3bdMkv5sVCcLj-4SkXok33O6yszGhNlll-w7MOGSnu_VWd_GEGClkO2ALfbPVmne2lBKFQfnJG6QFqr4vUNXM3ZpuYfP0kPo6IFM4JQ5SpPQKqp1Qsezw-G9IcpXyOl-bktYFLRmiB_g6MZ9dhyKdLgsxwd55ezt-VzYCBUi4cHH_8mB8hzkbhqyLxmVwSDB9Q4zzwhsKdG5zjnv4zKmAZ8Ebr1e1sbdzyGQ1lVTaTR9SIXT26PkvCda1iNm-YwRGnzfkdpODdCThoX1YAEHK4K8S3F8iP0_BlPW6CLEPYkqZfDuU3QZS1LL6c9OKXlP-32v1ESAsieGgL6X_6hXd74caH-J9qH36uv80dVFNkcsBP0O2ZkjVNjGFKVRm3t273sEe3O8QllC5mvcuIcvFm6RlKDPV7YelCm4KV1I657tWHft5n24I1i1gNzUT_mQv0VlA==&nojs=0&ix=0&t=0&x=1600&y=1200&wcks=1&wgl=1&cnvs=1&os=0&md=0&bb=0&pl=Chrome%20PDF%20Plugin::Chrome%20PDF%20Viewer::Native%20Client&lang=en-US&pf=Linux%20x86_64&cd=24&0&pload=101
Requested by
Host: kneeansweras.com
URL: https://kneeansweras.com/submit.min.js?2.0
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
109.206.162.83 , Netherlands, ASN50245 (SERVEREL-AS, NL),
Reverse DNS
83.162.serverel.net
Software
nginx /
Resource Hash
c79e419c1b9aeace88d62b986e066330f2d432b152f923387e077920742c805e

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36
Accept-Language
nl-NL,nl;q=0.9

Response headers

server
nginx
date
Fri, 03 Dec 2021 16:23:12 GMT
content-type
text/html; charset=utf-8
vary
Accept-Encoding
content-encoding
gzip
timing-allow-origin
*
index.html
517s61.reminews.com/dannig/common-player-arrow/ 		6 KB
7 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://517s61.reminews.com/dannig/common-player-arrow/index.html?var=1541502&ymid=2112031123d52a1533639246bdbb7465c877&rc=1&mrc=0&fsc=0&zoneid=1601571&tburl=https://play-vids.com/?geo=nl&proxy=true
Requested by
Host: kneeansweras.com
URL: https://kneeansweras.com/?r=dir&zoneid=1541502&var=1541501&pb=dc50e079b7273137e162de095e5f4dca1638555792&psp=jM93fDe_0Ks1EKXvNsXQf_h7CG1oRKbFJPWcBNNRhwtUBmVPBfJgeXXAWC8SJGEyWTvebigooF1Ofv7S4NpzV8BXKuWfXXH0PHf9jD9Jxh9cWVuEdY8k-ellCo_GzOWWIz1iDoHSgsgaVY2NcYsZxqtgBdTi32jtgxjzuU-JjGe_CorNG1Y7JlBjZBdrRGfz78tmO_g22LO-cH5XvsaEUam4c8uP_00YCBJhswOHGpaGB3YVF3bdMkv5sVCcLj-4SkXok33O6yszGhNlll-w7MOGSnu_VWd_GEGClkO2ALfbPVmne2lBKFQfnJG6QFqr4vUNXM3ZpuYfP0kPo6IFM4JQ5SpPQKqp1Qsezw-G9IcpXyOl-bktYFLRmiB_g6MZ9dhyKdLgsxwd55ezt-VzYCBUi4cHH_8mB8hzkbhqyLxmVwSDB9Q4zzwhsKdG5zjnv4zKmAZ8Ebr1e1sbdzyGQ1lVTaTR9SIXT26PkvCda1iNm-YwRGnzfkdpODdCThoX1YAEHK4K8S3F8iP0_BlPW6CLEPYkqZfDuU3QZS1LL6c9OKXlP-32v1ESAsieGgL6X_6hXd74caH-J9qH36uv80dVFNkcsBP0O2ZkjVNjGFKVRm3t273sEe3O8QllC5mvcuIcvFm6RlKDPV7YelCm4KV1I657tWHft5n24I1i1gNzUT_mQv0VlA==&nojs=0&ix=0&t=0&x=1600&y=1200&wcks=1&wgl=1&cnvs=1&os=0&md=0&bb=0&pl=Chrome%20PDF%20Plugin::Chrome%20PDF%20Viewer::Native%20Client&lang=en-US&pf=Linux%20x86_64&cd=24&0&pload=101
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
45.133.44.3 Philadelphia, United States, ASN39572 (ADVANCEDHOSTERS-AS, NL),
Reverse DNS
Software
nginx/1.18.0 /
Resource Hash
dccc56b4834577790633f041a5c730b0f283352e63c8509a9da3961b170b6f96

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36
Accept-Language
nl-NL,nl;q=0.9

Response headers

date
Fri, 03 Dec 2021 16:23:12 GMT
content-type
text/html; charset=utf-8
content-length
6611
server
nginx/1.18.0
last-modified
Tue, 26 Oct 2021 15:52:40 GMT
etag
f46a63e0e4e733d7ddc6f46da00863bf
x-timestamp
1635263559.76455
x-trans-id
txf9973ab5455e4f86ae257-00617824f3
x-openstack-request-id
txf9973ab5455e4f86ae257-00617824f3
cache-control
max-age=172800
access-control-allow-origin
*
access-control-allow-methods
HEAD,GET,POST,PUT,PATCH,DELETE,OPTIONS
access-control-allow-headers
Content-Type,X-Requested-With,X-Auth-Token,X-Openstack-Request-Id,X-Container-Meta-type,X-Container-Meta-Temp-URL-Key,Authorization
access-control-expose-headers
X-Container-Meta-Temp-Url-Key,X-Container-Bytes-Used,Last-Modified,X-Timestamp
expires
Sun, 05 Dec 2021 16:23:12 GMT
vary
Accept-Encoding
x-proxy-cache
HIT
accept-ranges
bytes
dupa.gif
kneeansweras.com/ 		0
0
script.js
123.selornews.com/dannig/common-player-arrow/ 		4 KB
5 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://123.selornews.com/dannig/common-player-arrow/script.js?a=19
Requested by
Host: 517s61.reminews.com
URL: https://517s61.reminews.com/dannig/common-player-arrow/index.html?var=1541502&ymid=2112031123d52a1533639246bdbb7465c877&rc=1&mrc=0&fsc=0&zoneid=1601571&tburl=https://play-vids.com/?geo=nl&proxy=true
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
45.133.44.4 Philadelphia, United States, ASN39572 (ADVANCEDHOSTERS-AS, NL),
Reverse DNS
Software
nginx/1.18.0 /
Resource Hash
4d23eca65ee87fd5bce9aaefc863c5f836ad13dbb3069c72533bddfe2054d0d9

Request headers

Accept-Language
nl-NL,nl;q=0.9
Referer
https://517s61.reminews.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date
Fri, 03 Dec 2021 16:23:12 GMT
x-openstack-request-id
tx511d3042704c4fa98c709-00617824f4
x-trans-id
tx511d3042704c4fa98c709-00617824f4
x-timestamp
1631013005.68768
accept-ranges
bytes
expires
Sun, 05 Dec 2021 16:23:12 GMT
last-modified
Tue, 07 Sep 2021 11:10:06 GMT
server
nginx/1.18.0
etag
9d479878f1dadd7ee15cebf73891e8ae
vary
Accept-Encoding
access-control-allow-methods
HEAD,GET,POST,PUT,PATCH,DELETE,OPTIONS
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
access-control-expose-headers
X-Container-Meta-Temp-Url-Key,X-Container-Bytes-Used,Last-Modified,X-Timestamp
cache-control
max-age=172800
content-length
4281
access-control-allow-headers
Content-Type,X-Requested-With,X-Auth-Token,X-Openstack-Request-Id,X-Container-Meta-type,X-Container-Meta-Temp-URL-Key,Authorization
x-proxy-cache
HIT
icon1.png
123.selornews.com/dannig/common-player-arrow/img/ 		7 KB
8 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://123.selornews.com/dannig/common-player-arrow/img/icon1.png
Requested by
Host: 517s61.reminews.com
URL: https://517s61.reminews.com/dannig/common-player-arrow/index.html?var=1541502&ymid=2112031123d52a1533639246bdbb7465c877&rc=1&mrc=0&fsc=0&zoneid=1601571&tburl=https://play-vids.com/?geo=nl&proxy=true
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
45.133.44.4 Philadelphia, United States, ASN39572 (ADVANCEDHOSTERS-AS, NL),
Reverse DNS
Software
nginx/1.18.0 /
Resource Hash

Request headers

Accept-Language
nl-NL,nl;q=0.9
Referer
https://517s61.reminews.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date
Fri, 03 Dec 2021 16:23:12 GMT
x-openstack-request-id
tx3a371b7f911d47879e956-00617824f4
x-trans-id
tx3a371b7f911d47879e956-00617824f4
x-timestamp
1621260766.56573
accept-ranges
bytes
expires
Sun, 05 Dec 2021 16:23:12 GMT
last-modified
Mon, 17 May 2021 14:12:47 GMT
server
nginx/1.18.0
etag
3d0ab5834c8bf7134e4d21fa3288317f
vary
Accept-Encoding
access-control-allow-methods
HEAD,GET,POST,PUT,PATCH,DELETE,OPTIONS
content-type
image/png
access-control-allow-origin
*
access-control-expose-headers
X-Container-Meta-Temp-Url-Key,X-Container-Bytes-Used,Last-Modified,X-Timestamp
cache-control
max-age=172800
content-length
7252
access-control-allow-headers
Content-Type,X-Requested-With,X-Auth-Token,X-Openstack-Request-Id,X-Container-Meta-type,X-Container-Meta-Temp-URL-Key,Authorization
x-proxy-cache
HIT
icon2.png
123.selornews.com/dannig/common-player-arrow/img/ 		4 KB
5 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://123.selornews.com/dannig/common-player-arrow/img/icon2.png
Requested by
Host: 517s61.reminews.com
URL: https://517s61.reminews.com/dannig/common-player-arrow/index.html?var=1541502&ymid=2112031123d52a1533639246bdbb7465c877&rc=1&mrc=0&fsc=0&zoneid=1601571&tburl=https://play-vids.com/?geo=nl&proxy=true
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
45.133.44.4 Philadelphia, United States, ASN39572 (ADVANCEDHOSTERS-AS, NL),
Reverse DNS
Software
nginx/1.18.0 /
Resource Hash

Request headers

Accept-Language
nl-NL,nl;q=0.9
Referer
https://517s61.reminews.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date
Fri, 03 Dec 2021 16:23:12 GMT
x-openstack-request-id
txa9b08c83d6884e2e94886-00617824f0
x-trans-id
txa9b08c83d6884e2e94886-00617824f0
x-timestamp
1621260766.58366
accept-ranges
bytes
expires
Sun, 05 Dec 2021 16:23:12 GMT
last-modified
Mon, 17 May 2021 14:12:47 GMT
server
nginx/1.18.0
etag
c947d439eb93367f1af5b2a3d222f057
vary
Accept-Encoding
access-control-allow-methods
HEAD,GET,POST,PUT,PATCH,DELETE,OPTIONS
content-type
image/png
access-control-allow-origin
*
access-control-expose-headers
X-Container-Meta-Temp-Url-Key,X-Container-Bytes-Used,Last-Modified,X-Timestamp
cache-control
max-age=172800
content-length
4576
access-control-allow-headers
Content-Type,X-Requested-With,X-Auth-Token,X-Openstack-Request-Id,X-Container-Meta-type,X-Container-Meta-Temp-URL-Key,Authorization
x-proxy-cache
HIT
icon3.png
123.selornews.com/dannig/common-player-arrow/img/ 		8 KB
8 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://123.selornews.com/dannig/common-player-arrow/img/icon3.png
Requested by
Host: 517s61.reminews.com
URL: https://517s61.reminews.com/dannig/common-player-arrow/index.html?var=1541502&ymid=2112031123d52a1533639246bdbb7465c877&rc=1&mrc=0&fsc=0&zoneid=1601571&tburl=https://play-vids.com/?geo=nl&proxy=true
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
45.133.44.4 Philadelphia, United States, ASN39572 (ADVANCEDHOSTERS-AS, NL),
Reverse DNS
Software
nginx/1.18.0 /
Resource Hash

Request headers

Accept-Language
nl-NL,nl;q=0.9
Referer
https://517s61.reminews.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date
Fri, 03 Dec 2021 16:23:12 GMT
x-openstack-request-id
txe836bc800dc74cab8c17e-00617824f0
x-trans-id
txe836bc800dc74cab8c17e-00617824f0
x-timestamp
1621260770.61859
accept-ranges
bytes
expires
Sun, 05 Dec 2021 16:23:12 GMT
last-modified
Mon, 17 May 2021 14:12:51 GMT
server
nginx/1.18.0
etag
8f3cc830da0b1fdf66bda7d1d734747b
vary
Accept-Encoding
access-control-allow-methods
HEAD,GET,POST,PUT,PATCH,DELETE,OPTIONS
content-type
image/png
access-control-allow-origin
*
access-control-expose-headers
X-Container-Meta-Temp-Url-Key,X-Container-Bytes-Used,Last-Modified,X-Timestamp
cache-control
max-age=172800
content-length
7847
access-control-allow-headers
Content-Type,X-Requested-With,X-Auth-Token,X-Openstack-Request-Id,X-Container-Meta-type,X-Container-Meta-Temp-URL-Key,Authorization
x-proxy-cache
HIT
icon4.png
123.selornews.com/dannig/common-player-arrow/img/ 		7 KB
7 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://123.selornews.com/dannig/common-player-arrow/img/icon4.png
Requested by
Host: 517s61.reminews.com
URL: https://517s61.reminews.com/dannig/common-player-arrow/index.html?var=1541502&ymid=2112031123d52a1533639246bdbb7465c877&rc=1&mrc=0&fsc=0&zoneid=1601571&tburl=https://play-vids.com/?geo=nl&proxy=true
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
45.133.44.4 Philadelphia, United States, ASN39572 (ADVANCEDHOSTERS-AS, NL),
Reverse DNS
Software
nginx/1.18.0 /
Resource Hash

Request headers

Accept-Language
nl-NL,nl;q=0.9
Referer
https://517s61.reminews.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date
Fri, 03 Dec 2021 16:23:12 GMT
x-openstack-request-id
tx15b172dcb6084849bf123-00617824f0
x-trans-id
tx15b172dcb6084849bf123-00617824f0
x-timestamp
1621260766.57654
accept-ranges
bytes
expires
Sun, 05 Dec 2021 16:23:12 GMT
last-modified
Mon, 17 May 2021 14:12:47 GMT
server
nginx/1.18.0
etag
7ad7f32c1c0df7b4975cc41bda4ac435
vary
Accept-Encoding
access-control-allow-methods
HEAD,GET,POST,PUT,PATCH,DELETE,OPTIONS
content-type
image/png
access-control-allow-origin
*
access-control-expose-headers
X-Container-Meta-Temp-Url-Key,X-Container-Bytes-Used,Last-Modified,X-Timestamp
cache-control
max-age=172800
content-length
7032
access-control-allow-headers
Content-Type,X-Requested-With,X-Auth-Token,X-Openstack-Request-Id,X-Container-Meta-type,X-Container-Meta-Temp-URL-Key,Authorization
x-proxy-cache
HIT
icon5.png
123.selornews.com/dannig/common-player-arrow/img/ 		3 KB
4 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://123.selornews.com/dannig/common-player-arrow/img/icon5.png
Requested by
Host: 517s61.reminews.com
URL: https://517s61.reminews.com/dannig/common-player-arrow/index.html?var=1541502&ymid=2112031123d52a1533639246bdbb7465c877&rc=1&mrc=0&fsc=0&zoneid=1601571&tburl=https://play-vids.com/?geo=nl&proxy=true
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
45.133.44.4 Philadelphia, United States, ASN39572 (ADVANCEDHOSTERS-AS, NL),
Reverse DNS
Software
nginx/1.18.0 /
Resource Hash

Request headers

Accept-Language
nl-NL,nl;q=0.9
Referer
https://517s61.reminews.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date
Fri, 03 Dec 2021 16:23:12 GMT
x-openstack-request-id
txb5043e51fe2e4d6988631-00617824f0
x-trans-id
txb5043e51fe2e4d6988631-00617824f0
x-timestamp
1621260766.74516
accept-ranges
bytes
expires
Sun, 05 Dec 2021 16:23:12 GMT
last-modified
Mon, 17 May 2021 14:12:47 GMT
server
nginx/1.18.0
etag
1e1a7582b5da63e10485d63f97abc9a0
vary
Accept-Encoding
access-control-allow-methods
HEAD,GET,POST,PUT,PATCH,DELETE,OPTIONS
content-type
image/png
access-control-allow-origin
*
access-control-expose-headers
X-Container-Meta-Temp-Url-Key,X-Container-Bytes-Used,Last-Modified,X-Timestamp
cache-control
max-age=172800
content-length
3264
access-control-allow-headers
Content-Type,X-Requested-With,X-Auth-Token,X-Openstack-Request-Id,X-Container-Meta-type,X-Container-Meta-Temp-URL-Key,Authorization
x-proxy-cache
HIT
icon7.png
123.selornews.com/dannig/common-player-arrow/img/ 		3 KB
4 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://123.selornews.com/dannig/common-player-arrow/img/icon7.png
Requested by
Host: 517s61.reminews.com
URL: https://517s61.reminews.com/dannig/common-player-arrow/index.html?var=1541502&ymid=2112031123d52a1533639246bdbb7465c877&rc=1&mrc=0&fsc=0&zoneid=1601571&tburl=https://play-vids.com/?geo=nl&proxy=true
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
45.133.44.4 Philadelphia, United States, ASN39572 (ADVANCEDHOSTERS-AS, NL),
Reverse DNS
Software
nginx/1.18.0 /
Resource Hash

Request headers

Accept-Language
nl-NL,nl;q=0.9
Referer
https://517s61.reminews.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date
Fri, 03 Dec 2021 16:23:12 GMT
x-openstack-request-id
tx23eb648f44094a9e86fdc-00617824f0
x-trans-id
tx23eb648f44094a9e86fdc-00617824f0
x-timestamp
1621260767.43555
accept-ranges
bytes
expires
Sun, 05 Dec 2021 16:23:12 GMT
last-modified
Mon, 17 May 2021 14:12:48 GMT
server
nginx/1.18.0
etag
b512735542cb07b3b2dcf153a7dfe456
vary
Accept-Encoding
access-control-allow-methods
HEAD,GET,POST,PUT,PATCH,DELETE,OPTIONS
content-type
image/png
access-control-allow-origin
*
access-control-expose-headers
X-Container-Meta-Temp-Url-Key,X-Container-Bytes-Used,Last-Modified,X-Timestamp
cache-control
max-age=172800
content-length
3283
access-control-allow-headers
Content-Type,X-Requested-With,X-Auth-Token,X-Openstack-Request-Id,X-Container-Meta-type,X-Container-Meta-Temp-URL-Key,Authorization
x-proxy-cache
HIT
icon8.png
123.selornews.com/dannig/common-player-arrow/img/ 		4 KB
5 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://123.selornews.com/dannig/common-player-arrow/img/icon8.png
Requested by
Host: 517s61.reminews.com
URL: https://517s61.reminews.com/dannig/common-player-arrow/index.html?var=1541502&ymid=2112031123d52a1533639246bdbb7465c877&rc=1&mrc=0&fsc=0&zoneid=1601571&tburl=https://play-vids.com/?geo=nl&proxy=true
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
45.133.44.4 Philadelphia, United States, ASN39572 (ADVANCEDHOSTERS-AS, NL),
Reverse DNS
Software
nginx/1.18.0 /
Resource Hash

Request headers

Accept-Language
nl-NL,nl;q=0.9
Referer
https://517s61.reminews.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date
Fri, 03 Dec 2021 16:23:12 GMT
x-openstack-request-id
tx287de7c84de84b77b385d-00617824f0
x-trans-id
tx287de7c84de84b77b385d-00617824f0
x-timestamp
1621260767.46514
accept-ranges
bytes
expires
Sun, 05 Dec 2021 16:23:12 GMT
last-modified
Mon, 17 May 2021 14:12:48 GMT
server
nginx/1.18.0
etag
f92d6474ebc6a3a0b576749cfb4afe98
vary
Accept-Encoding
access-control-allow-methods
HEAD,GET,POST,PUT,PATCH,DELETE,OPTIONS
content-type
image/png
access-control-allow-origin
*
access-control-expose-headers
X-Container-Meta-Temp-Url-Key,X-Container-Bytes-Used,Last-Modified,X-Timestamp
cache-control
max-age=172800
content-length
4064
access-control-allow-headers
Content-Type,X-Requested-With,X-Auth-Token,X-Openstack-Request-Id,X-Container-Meta-type,X-Container-Meta-Temp-URL-Key,Authorization
x-proxy-cache
HIT
afu.php
kneeansweras.com/ 		2 KB
1 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://kneeansweras.com/afu.php?zoneid=1541501&var=1541502
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
109.206.162.83 , Netherlands, ASN50245 (SERVEREL-AS, NL),
Reverse DNS
83.162.serverel.net
Software
nginx /
Resource Hash
7c3a968904f56ad5926cc74e91e56ee580a5dd46aa358e8e87688b83ae421024

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36
Accept-Language
nl-NL,nl;q=0.9

Response headers

server
nginx
date
Fri, 03 Dec 2021 16:23:12 GMT
content-type
text/html; charset=utf-8
vary
Accept-Encoding
content-encoding
gzip
timing-allow-origin
*
submit.min.js
kneeansweras.com/ 		34 KB
14 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://kneeansweras.com/submit.min.js?2.0
Requested by
Host: kneeansweras.com
URL: https://kneeansweras.com/afu.php?zoneid=1541501&var=1541502
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
109.206.162.83 , Netherlands, ASN50245 (SERVEREL-AS, NL),
Reverse DNS
83.162.serverel.net
Software
nginx /
Resource Hash
85a367f436675a0f9ff723ab117c68ab0f704cd9f183bc40c8d5e06d647832b8

Request headers

Accept-Language
nl-NL,nl;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date
Fri, 03 Dec 2021 16:23:12 GMT
content-encoding
gzip
last-modified
Thu, 02 Dec 2021 12:43:17 GMT
server
nginx
etag
W/"61a8bf65-87fb"
vary
Accept-Encoding
content-type
application/javascript
timing-allow-origin
*
/
kneeansweras.com/ 		3 KB
2 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://kneeansweras.com/?r=dir&zoneid=1541501&var=1541502&pb=dc50e079b7273137e162de095e5f4dca1638555792&psp=ZPgZmEJ6vmFQRXO2YjIIgiKF17FJ9Y-VmFzCI9CM_CXsBfk3-23dpv1RqIOrOqv23WlRpZIIGkJD0gjrshwMsptSMHrr_moLLXzipDCbKtuE50W1XKFleRhlVSLcDRWcu5_81SW7RV16pGg2ytkvHvEgYSturZFd75JX-SvaKc_AphMjxiPuOB2chZ9wdU4EwDrjCl7GZjNyu27W4j5xv0Rf77hrFkuOxPn9cuQZQhHSsNwnUm9JXjSoSls3qjldQ8MJvPA7nZ0XSkvqpI8hJUle4XG5ot4cvEEDglauxmoRpr-uilBcmGGz1kYhK4zTeasEt62e5cc-zxxHKgNjTjodk6lz1FeMyfiNsH5dmXxgYuVIfh7l8lednzfvlsJfTqpFAm8frJBZf1W1b4dnFnmHVFiC-46qTMRyOk2sjTPpRoU1rv63k6iHHKcy9WVDOCkBAywFUpFwo74yvsIlQaW_Rk8Fc01yjB4rsAWALE8FpQ6SLv1UIHT1XKpY8UlHFLjRujsscuPxMWyQXa3TykxDuIN6O14FJG1EY3hTRZr0Yw54w61qWqLWgKyR3BNukZ3K8UcUX5-J62TXcLDdYaLzyiyg_WrWNhTqShPMRIQPRY73o1iaYxLZyvgOMYAOJXIpPxx_6DE2gigrcJvdXLRb8HzN7ul0oPPqHq32S8UyULfnD6EAJg==&nojs=0&ix=0&t=0&x=1600&y=1200&wcks=1&wgl=1&cnvs=1&os=0&md=0&bb=0&pl=Chrome%20PDF%20Plugin::Chrome%20PDF%20Viewer::Native%20Client&lang=en-US&pf=Linux%20x86_64&cd=24&0&pload=105
Requested by
Host: kneeansweras.com
URL: https://kneeansweras.com/submit.min.js?2.0
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
109.206.162.83 , Netherlands, ASN50245 (SERVEREL-AS, NL),
Reverse DNS
83.162.serverel.net
Software
nginx /
Resource Hash
4761978f4f4a11ef7947bd9bb98111ea725c2e351d9fe6dc76ffd66615599682

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36
Accept-Language
nl-NL,nl;q=0.9

Response headers

server
nginx
date
Fri, 03 Dec 2021 16:23:12 GMT
content-type
text/html; charset=utf-8
vary
Accept-Encoding
content-encoding
gzip
timing-allow-origin
*
index.html
517s61.reminews.com/dannig/common-player-arrow/ 		6 KB
7 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://517s61.reminews.com/dannig/common-player-arrow/index.html?var=1541501&ymid=2112031123f1a437d6c4f047cc9ab351e988&rc=1&mrc=0&fsc=0&zoneid=1601571&tburl=https://play-vids.com/?geo=nl&proxy=true
Requested by
Host: kneeansweras.com
URL: https://kneeansweras.com/?r=dir&zoneid=1541501&var=1541502&pb=dc50e079b7273137e162de095e5f4dca1638555792&psp=ZPgZmEJ6vmFQRXO2YjIIgiKF17FJ9Y-VmFzCI9CM_CXsBfk3-23dpv1RqIOrOqv23WlRpZIIGkJD0gjrshwMsptSMHrr_moLLXzipDCbKtuE50W1XKFleRhlVSLcDRWcu5_81SW7RV16pGg2ytkvHvEgYSturZFd75JX-SvaKc_AphMjxiPuOB2chZ9wdU4EwDrjCl7GZjNyu27W4j5xv0Rf77hrFkuOxPn9cuQZQhHSsNwnUm9JXjSoSls3qjldQ8MJvPA7nZ0XSkvqpI8hJUle4XG5ot4cvEEDglauxmoRpr-uilBcmGGz1kYhK4zTeasEt62e5cc-zxxHKgNjTjodk6lz1FeMyfiNsH5dmXxgYuVIfh7l8lednzfvlsJfTqpFAm8frJBZf1W1b4dnFnmHVFiC-46qTMRyOk2sjTPpRoU1rv63k6iHHKcy9WVDOCkBAywFUpFwo74yvsIlQaW_Rk8Fc01yjB4rsAWALE8FpQ6SLv1UIHT1XKpY8UlHFLjRujsscuPxMWyQXa3TykxDuIN6O14FJG1EY3hTRZr0Yw54w61qWqLWgKyR3BNukZ3K8UcUX5-J62TXcLDdYaLzyiyg_WrWNhTqShPMRIQPRY73o1iaYxLZyvgOMYAOJXIpPxx_6DE2gigrcJvdXLRb8HzN7ul0oPPqHq32S8UyULfnD6EAJg==&nojs=0&ix=0&t=0&x=1600&y=1200&wcks=1&wgl=1&cnvs=1&os=0&md=0&bb=0&pl=Chrome%20PDF%20Plugin::Chrome%20PDF%20Viewer::Native%20Client&lang=en-US&pf=Linux%20x86_64&cd=24&0&pload=105
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
45.133.44.3 Philadelphia, United States, ASN39572 (ADVANCEDHOSTERS-AS, NL),
Reverse DNS
Software
nginx/1.18.0 /
Resource Hash
dccc56b4834577790633f041a5c730b0f283352e63c8509a9da3961b170b6f96

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36
Accept-Language
nl-NL,nl;q=0.9

Response headers

date
Fri, 03 Dec 2021 16:23:12 GMT
content-type
text/html; charset=utf-8
content-length
6611
server
nginx/1.18.0
last-modified
Tue, 26 Oct 2021 15:52:40 GMT
etag
f46a63e0e4e733d7ddc6f46da00863bf
x-timestamp
1635263559.76455
x-trans-id
txf9973ab5455e4f86ae257-00617824f3
x-openstack-request-id
txf9973ab5455e4f86ae257-00617824f3
cache-control
max-age=172800
access-control-allow-origin
*
access-control-allow-methods
HEAD,GET,POST,PUT,PATCH,DELETE,OPTIONS
access-control-allow-headers
Content-Type,X-Requested-With,X-Auth-Token,X-Openstack-Request-Id,X-Container-Meta-type,X-Container-Meta-Temp-URL-Key,Authorization
access-control-expose-headers
X-Container-Meta-Temp-Url-Key,X-Container-Bytes-Used,Last-Modified,X-Timestamp
expires
Sun, 05 Dec 2021 16:23:12 GMT
vary
Accept-Encoding
x-proxy-cache
HIT
accept-ranges
bytes
dupa.gif
kneeansweras.com/ 		0
0
script.js
123.selornews.com/dannig/common-player-arrow/ 		4 KB
5 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://123.selornews.com/dannig/common-player-arrow/script.js?a=19
Requested by
Host: 517s61.reminews.com
URL: https://517s61.reminews.com/dannig/common-player-arrow/index.html?var=1541501&ymid=2112031123f1a437d6c4f047cc9ab351e988&rc=1&mrc=0&fsc=0&zoneid=1601571&tburl=https://play-vids.com/?geo=nl&proxy=true
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
45.133.44.4 Philadelphia, United States, ASN39572 (ADVANCEDHOSTERS-AS, NL),
Reverse DNS
Software
nginx/1.18.0 /
Resource Hash

Request headers

Accept-Language
nl-NL,nl;q=0.9
Referer
https://517s61.reminews.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date
Fri, 03 Dec 2021 16:23:12 GMT
x-openstack-request-id
tx511d3042704c4fa98c709-00617824f4
x-trans-id
tx511d3042704c4fa98c709-00617824f4
x-timestamp
1631013005.68768
accept-ranges
bytes
expires
Sun, 05 Dec 2021 16:23:12 GMT
last-modified
Tue, 07 Sep 2021 11:10:06 GMT
server
nginx/1.18.0
etag
9d479878f1dadd7ee15cebf73891e8ae
vary
Accept-Encoding
access-control-allow-methods
HEAD,GET,POST,PUT,PATCH,DELETE,OPTIONS
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
access-control-expose-headers
X-Container-Meta-Temp-Url-Key,X-Container-Bytes-Used,Last-Modified,X-Timestamp
cache-control
max-age=172800
content-length
4281
access-control-allow-headers
Content-Type,X-Requested-With,X-Auth-Token,X-Openstack-Request-Id,X-Container-Meta-type,X-Container-Meta-Temp-URL-Key,Authorization
x-proxy-cache
HIT
icon1.png
123.selornews.com/dannig/common-player-arrow/img/ 		7 KB
8 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://123.selornews.com/dannig/common-player-arrow/img/icon1.png
Requested by
Host: 517s61.reminews.com
URL: https://517s61.reminews.com/dannig/common-player-arrow/index.html?var=1541501&ymid=2112031123f1a437d6c4f047cc9ab351e988&rc=1&mrc=0&fsc=0&zoneid=1601571&tburl=https://play-vids.com/?geo=nl&proxy=true
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
45.133.44.4 Philadelphia, United States, ASN39572 (ADVANCEDHOSTERS-AS, NL),
Reverse DNS
Software
nginx/1.18.0 /
Resource Hash

Request headers

Accept-Language
nl-NL,nl;q=0.9
Referer
https://517s61.reminews.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date
Fri, 03 Dec 2021 16:23:12 GMT
x-openstack-request-id
tx3a371b7f911d47879e956-00617824f4
x-trans-id
tx3a371b7f911d47879e956-00617824f4
x-timestamp
1621260766.56573
accept-ranges
bytes
expires
Sun, 05 Dec 2021 16:23:12 GMT
last-modified
Mon, 17 May 2021 14:12:47 GMT
server
nginx/1.18.0
etag
3d0ab5834c8bf7134e4d21fa3288317f
vary
Accept-Encoding
access-control-allow-methods
HEAD,GET,POST,PUT,PATCH,DELETE,OPTIONS
content-type
image/png
access-control-allow-origin
*
access-control-expose-headers
X-Container-Meta-Temp-Url-Key,X-Container-Bytes-Used,Last-Modified,X-Timestamp
cache-control
max-age=172800
content-length
7252
access-control-allow-headers
Content-Type,X-Requested-With,X-Auth-Token,X-Openstack-Request-Id,X-Container-Meta-type,X-Container-Meta-Temp-URL-Key,Authorization
x-proxy-cache
HIT
icon2.png
123.selornews.com/dannig/common-player-arrow/img/ 		4 KB
5 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://123.selornews.com/dannig/common-player-arrow/img/icon2.png
Requested by
Host: 517s61.reminews.com
URL: https://517s61.reminews.com/dannig/common-player-arrow/index.html?var=1541501&ymid=2112031123f1a437d6c4f047cc9ab351e988&rc=1&mrc=0&fsc=0&zoneid=1601571&tburl=https://play-vids.com/?geo=nl&proxy=true
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
45.133.44.4 Philadelphia, United States, ASN39572 (ADVANCEDHOSTERS-AS, NL),
Reverse DNS
Software
nginx/1.18.0 /
Resource Hash

Request headers

Accept-Language
nl-NL,nl;q=0.9
Referer
https://517s61.reminews.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date
Fri, 03 Dec 2021 16:23:12 GMT
x-openstack-request-id
txa9b08c83d6884e2e94886-00617824f0
x-trans-id
txa9b08c83d6884e2e94886-00617824f0
x-timestamp
1621260766.58366
accept-ranges
bytes
expires
Sun, 05 Dec 2021 16:23:12 GMT
last-modified
Mon, 17 May 2021 14:12:47 GMT
server
nginx/1.18.0
etag
c947d439eb93367f1af5b2a3d222f057
vary
Accept-Encoding
access-control-allow-methods
HEAD,GET,POST,PUT,PATCH,DELETE,OPTIONS
content-type
image/png
access-control-allow-origin
*
access-control-expose-headers
X-Container-Meta-Temp-Url-Key,X-Container-Bytes-Used,Last-Modified,X-Timestamp
cache-control
max-age=172800
content-length
4576
access-control-allow-headers
Content-Type,X-Requested-With,X-Auth-Token,X-Openstack-Request-Id,X-Container-Meta-type,X-Container-Meta-Temp-URL-Key,Authorization
x-proxy-cache
HIT
icon3.png
123.selornews.com/dannig/common-player-arrow/img/ 		8 KB
8 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://123.selornews.com/dannig/common-player-arrow/img/icon3.png
Requested by
Host: 517s61.reminews.com
URL: https://517s61.reminews.com/dannig/common-player-arrow/index.html?var=1541501&ymid=2112031123f1a437d6c4f047cc9ab351e988&rc=1&mrc=0&fsc=0&zoneid=1601571&tburl=https://play-vids.com/?geo=nl&proxy=true
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
45.133.44.4 Philadelphia, United States, ASN39572 (ADVANCEDHOSTERS-AS, NL),
Reverse DNS
Software
nginx/1.18.0 /
Resource Hash

Request headers

Accept-Language
nl-NL,nl;q=0.9
Referer
https://517s61.reminews.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date
Fri, 03 Dec 2021 16:23:12 GMT
x-openstack-request-id
txe836bc800dc74cab8c17e-00617824f0
x-trans-id
txe836bc800dc74cab8c17e-00617824f0
x-timestamp
1621260770.61859
accept-ranges
bytes
expires
Sun, 05 Dec 2021 16:23:12 GMT
last-modified
Mon, 17 May 2021 14:12:51 GMT
server
nginx/1.18.0
etag
8f3cc830da0b1fdf66bda7d1d734747b
vary
Accept-Encoding
access-control-allow-methods
HEAD,GET,POST,PUT,PATCH,DELETE,OPTIONS
content-type
image/png
access-control-allow-origin
*
access-control-expose-headers
X-Container-Meta-Temp-Url-Key,X-Container-Bytes-Used,Last-Modified,X-Timestamp
cache-control
max-age=172800
content-length
7847
access-control-allow-headers
Content-Type,X-Requested-With,X-Auth-Token,X-Openstack-Request-Id,X-Container-Meta-type,X-Container-Meta-Temp-URL-Key,Authorization
x-proxy-cache
HIT
icon4.png
123.selornews.com/dannig/common-player-arrow/img/ 		7 KB
7 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://123.selornews.com/dannig/common-player-arrow/img/icon4.png
Requested by
Host: 517s61.reminews.com
URL: https://517s61.reminews.com/dannig/common-player-arrow/index.html?var=1541501&ymid=2112031123f1a437d6c4f047cc9ab351e988&rc=1&mrc=0&fsc=0&zoneid=1601571&tburl=https://play-vids.com/?geo=nl&proxy=true
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
45.133.44.4 Philadelphia, United States, ASN39572 (ADVANCEDHOSTERS-AS, NL),
Reverse DNS
Software
nginx/1.18.0 /
Resource Hash

Request headers

Accept-Language
nl-NL,nl;q=0.9
Referer
https://517s61.reminews.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date
Fri, 03 Dec 2021 16:23:12 GMT
x-openstack-request-id
tx15b172dcb6084849bf123-00617824f0
x-trans-id
tx15b172dcb6084849bf123-00617824f0
x-timestamp
1621260766.57654
accept-ranges
bytes
expires
Sun, 05 Dec 2021 16:23:12 GMT
last-modified
Mon, 17 May 2021 14:12:47 GMT
server
nginx/1.18.0
etag
7ad7f32c1c0df7b4975cc41bda4ac435
vary
Accept-Encoding
access-control-allow-methods
HEAD,GET,POST,PUT,PATCH,DELETE,OPTIONS
content-type
image/png
access-control-allow-origin
*
access-control-expose-headers
X-Container-Meta-Temp-Url-Key,X-Container-Bytes-Used,Last-Modified,X-Timestamp
cache-control
max-age=172800
content-length
7032
access-control-allow-headers
Content-Type,X-Requested-With,X-Auth-Token,X-Openstack-Request-Id,X-Container-Meta-type,X-Container-Meta-Temp-URL-Key,Authorization
x-proxy-cache
HIT
icon5.png
123.selornews.com/dannig/common-player-arrow/img/ 		3 KB
4 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://123.selornews.com/dannig/common-player-arrow/img/icon5.png
Requested by
Host: 517s61.reminews.com
URL: https://517s61.reminews.com/dannig/common-player-arrow/index.html?var=1541501&ymid=2112031123f1a437d6c4f047cc9ab351e988&rc=1&mrc=0&fsc=0&zoneid=1601571&tburl=https://play-vids.com/?geo=nl&proxy=true
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
45.133.44.4 Philadelphia, United States, ASN39572 (ADVANCEDHOSTERS-AS, NL),
Reverse DNS
Software
nginx/1.18.0 /
Resource Hash

Request headers

Accept-Language
nl-NL,nl;q=0.9
Referer
https://517s61.reminews.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date
Fri, 03 Dec 2021 16:23:12 GMT
x-openstack-request-id
txb5043e51fe2e4d6988631-00617824f0
x-trans-id
txb5043e51fe2e4d6988631-00617824f0
x-timestamp
1621260766.74516
accept-ranges
bytes
expires
Sun, 05 Dec 2021 16:23:12 GMT
last-modified
Mon, 17 May 2021 14:12:47 GMT
server
nginx/1.18.0
etag
1e1a7582b5da63e10485d63f97abc9a0
vary
Accept-Encoding
access-control-allow-methods
HEAD,GET,POST,PUT,PATCH,DELETE,OPTIONS
content-type
image/png
access-control-allow-origin
*
access-control-expose-headers
X-Container-Meta-Temp-Url-Key,X-Container-Bytes-Used,Last-Modified,X-Timestamp
cache-control
max-age=172800
content-length
3264
access-control-allow-headers
Content-Type,X-Requested-With,X-Auth-Token,X-Openstack-Request-Id,X-Container-Meta-type,X-Container-Meta-Temp-URL-Key,Authorization
x-proxy-cache
HIT
icon7.png
123.selornews.com/dannig/common-player-arrow/img/ 		3 KB
4 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://123.selornews.com/dannig/common-player-arrow/img/icon7.png
Requested by
Host: 517s61.reminews.com
URL: https://517s61.reminews.com/dannig/common-player-arrow/index.html?var=1541501&ymid=2112031123f1a437d6c4f047cc9ab351e988&rc=1&mrc=0&fsc=0&zoneid=1601571&tburl=https://play-vids.com/?geo=nl&proxy=true
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
45.133.44.4 Philadelphia, United States, ASN39572 (ADVANCEDHOSTERS-AS, NL),
Reverse DNS
Software
nginx/1.18.0 /
Resource Hash

Request headers

Accept-Language
nl-NL,nl;q=0.9
Referer
https://517s61.reminews.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date
Fri, 03 Dec 2021 16:23:12 GMT
x-openstack-request-id
tx23eb648f44094a9e86fdc-00617824f0
x-trans-id
tx23eb648f44094a9e86fdc-00617824f0
x-timestamp
1621260767.43555
accept-ranges
bytes
expires
Sun, 05 Dec 2021 16:23:12 GMT
last-modified
Mon, 17 May 2021 14:12:48 GMT
server
nginx/1.18.0
etag
b512735542cb07b3b2dcf153a7dfe456
vary
Accept-Encoding
access-control-allow-methods
HEAD,GET,POST,PUT,PATCH,DELETE,OPTIONS
content-type
image/png
access-control-allow-origin
*
access-control-expose-headers
X-Container-Meta-Temp-Url-Key,X-Container-Bytes-Used,Last-Modified,X-Timestamp
cache-control
max-age=172800
content-length
3283
access-control-allow-headers
Content-Type,X-Requested-With,X-Auth-Token,X-Openstack-Request-Id,X-Container-Meta-type,X-Container-Meta-Temp-URL-Key,Authorization
x-proxy-cache
HIT
icon8.png
123.selornews.com/dannig/common-player-arrow/img/ 		4 KB
5 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://123.selornews.com/dannig/common-player-arrow/img/icon8.png
Requested by
Host: 517s61.reminews.com
URL: https://517s61.reminews.com/dannig/common-player-arrow/index.html?var=1541501&ymid=2112031123f1a437d6c4f047cc9ab351e988&rc=1&mrc=0&fsc=0&zoneid=1601571&tburl=https://play-vids.com/?geo=nl&proxy=true
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
45.133.44.4 Philadelphia, United States, ASN39572 (ADVANCEDHOSTERS-AS, NL),
Reverse DNS
Software
nginx/1.18.0 /
Resource Hash

Request headers

Accept-Language
nl-NL,nl;q=0.9
Referer
https://517s61.reminews.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date
Fri, 03 Dec 2021 16:23:12 GMT
x-openstack-request-id
tx287de7c84de84b77b385d-00617824f0
x-trans-id
tx287de7c84de84b77b385d-00617824f0
x-timestamp
1621260767.46514
accept-ranges
bytes
expires
Sun, 05 Dec 2021 16:23:12 GMT
last-modified
Mon, 17 May 2021 14:12:48 GMT
server
nginx/1.18.0
etag
f92d6474ebc6a3a0b576749cfb4afe98
vary
Accept-Encoding
access-control-allow-methods
HEAD,GET,POST,PUT,PATCH,DELETE,OPTIONS
content-type
image/png
access-control-allow-origin
*
access-control-expose-headers
X-Container-Meta-Temp-Url-Key,X-Container-Bytes-Used,Last-Modified,X-Timestamp
cache-control
max-age=172800
content-length
4064
access-control-allow-headers
Content-Type,X-Requested-With,X-Auth-Token,X-Openstack-Request-Id,X-Container-Meta-type,X-Container-Meta-Temp-URL-Key,Authorization
x-proxy-cache
HIT
afu.php
kneeansweras.com/ 		2 KB
1 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://kneeansweras.com/afu.php?zoneid=1541502&var=1541501
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
109.206.162.83 , Netherlands, ASN50245 (SERVEREL-AS, NL),
Reverse DNS
83.162.serverel.net
Software
nginx /
Resource Hash
69d26333fe4622b44d7c3fbcdbe8586b9465f0f3f7c89e41155361c2d6b42c42

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36
Accept-Language
nl-NL,nl;q=0.9

Response headers

server
nginx
date
Fri, 03 Dec 2021 16:23:12 GMT
content-type
text/html; charset=utf-8
vary
Accept-Encoding
content-encoding
gzip
timing-allow-origin
*
submit.min.js
kneeansweras.com/ 		34 KB
14 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://kneeansweras.com/submit.min.js?2.0
Requested by
Host: kneeansweras.com
URL: https://kneeansweras.com/afu.php?zoneid=1541502&var=1541501
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
109.206.162.83 , Netherlands, ASN50245 (SERVEREL-AS, NL),
Reverse DNS
83.162.serverel.net
Software
nginx /
Resource Hash
85a367f436675a0f9ff723ab117c68ab0f704cd9f183bc40c8d5e06d647832b8

Request headers

Accept-Language
nl-NL,nl;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date
Fri, 03 Dec 2021 16:23:12 GMT
content-encoding
gzip
last-modified
Thu, 02 Dec 2021 12:43:17 GMT
server
nginx
etag
W/"61a8bf65-87fb"
vary
Accept-Encoding
content-type
application/javascript
timing-allow-origin
*
/
kneeansweras.com/ 		3 KB
2 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://kneeansweras.com/?r=dir&zoneid=1541502&var=1541501&pb=dc50e079b7273137e162de095e5f4dca1638555792&psp=mOb5OH9bJddf18CREcm7Vg-B61MPgaKOEEcgcEauS4TrgGMxuuqdf1L2UOv4owVh2BWAdGsFGZlWc6J_W0lNiDKsdAsQs_P_JLpR56XM5S7sPnv-Rn6qG_uKbY6XEEjy3zt_Jh77nheyEicJywDTwbd4xFsjB2NOebyF6x5tsJS6yN9fL0yOvhLYoeLHQ213XCdFmTl7z8DLy5InLmbozdiqjs4YCHyAqtkFej_o6J8NJcOQmY39RGNGD5XP2Qg11R5G0V2UVXaY37Cu9aFQCxOTFXYT-PRYtTTw-AmsM-lbnouiHTE7atYtzEmnoiq4fRcdUnwlGyYFpzBNOsU2v3GitL4pnOFNQFUOEw6j7KpNInc19bbg1IPzTN2HKPnNiyZapEjyQtmXGBYHoDGgHXy5ZlEbf2FTxXacAdlYA4nAlVTI8oWgQnzb8uDm8wobLwVMJK3AYsoDZAXvWF_EFFjJ6NHjeTOvU4HgBVSKmu3alxjehyctWJKmunJoTiMjrIHJ9emLE7yI4ltbbveMMZ5dcxkb-3UVlwaXnxxlagD0Q0NAFHYpFz-AEtKS-iarZXJPsVG1wOOkmbWGLYMNFEdlFMZXwfl3FucWHGIJIy1lT81EMUnN8kubLGppKfDrPtUCb7bn8bZVMu2CyzufutliD0B_bulaPN3wyDg3hiaeNbfPvavHpw==&nojs=0&ix=0&t=0&x=1600&y=1200&wcks=1&wgl=1&cnvs=1&os=0&md=0&bb=0&pl=Chrome%20PDF%20Plugin::Chrome%20PDF%20Viewer::Native%20Client&lang=en-US&pf=Linux%20x86_64&cd=24&0&pload=138
Requested by
Host: kneeansweras.com
URL: https://kneeansweras.com/submit.min.js?2.0
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
109.206.162.83 , Netherlands, ASN50245 (SERVEREL-AS, NL),
Reverse DNS
83.162.serverel.net
Software
nginx /
Resource Hash
a28e10884956d7a1aa85ec9e4a752cf64c3fb8bb85f5d43c102ced66167a6d9b

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36
Accept-Language
nl-NL,nl;q=0.9

Response headers

server
nginx
date
Fri, 03 Dec 2021 16:23:12 GMT
content-type
text/html; charset=utf-8
vary
Accept-Encoding
content-encoding
gzip
timing-allow-origin
*
index.html
517s61.reminews.com/dannig/common-player-arrow/ 		6 KB
7 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://517s61.reminews.com/dannig/common-player-arrow/index.html?var=1541502&ymid=211203112368f5d98fb94348a6ad764a6e42&rc=1&mrc=0&fsc=0&zoneid=1601571&tburl=https://play-vids.com/?geo=nl&proxy=true
Requested by
Host: kneeansweras.com
URL: https://kneeansweras.com/?r=dir&zoneid=1541502&var=1541501&pb=dc50e079b7273137e162de095e5f4dca1638555792&psp=mOb5OH9bJddf18CREcm7Vg-B61MPgaKOEEcgcEauS4TrgGMxuuqdf1L2UOv4owVh2BWAdGsFGZlWc6J_W0lNiDKsdAsQs_P_JLpR56XM5S7sPnv-Rn6qG_uKbY6XEEjy3zt_Jh77nheyEicJywDTwbd4xFsjB2NOebyF6x5tsJS6yN9fL0yOvhLYoeLHQ213XCdFmTl7z8DLy5InLmbozdiqjs4YCHyAqtkFej_o6J8NJcOQmY39RGNGD5XP2Qg11R5G0V2UVXaY37Cu9aFQCxOTFXYT-PRYtTTw-AmsM-lbnouiHTE7atYtzEmnoiq4fRcdUnwlGyYFpzBNOsU2v3GitL4pnOFNQFUOEw6j7KpNInc19bbg1IPzTN2HKPnNiyZapEjyQtmXGBYHoDGgHXy5ZlEbf2FTxXacAdlYA4nAlVTI8oWgQnzb8uDm8wobLwVMJK3AYsoDZAXvWF_EFFjJ6NHjeTOvU4HgBVSKmu3alxjehyctWJKmunJoTiMjrIHJ9emLE7yI4ltbbveMMZ5dcxkb-3UVlwaXnxxlagD0Q0NAFHYpFz-AEtKS-iarZXJPsVG1wOOkmbWGLYMNFEdlFMZXwfl3FucWHGIJIy1lT81EMUnN8kubLGppKfDrPtUCb7bn8bZVMu2CyzufutliD0B_bulaPN3wyDg3hiaeNbfPvavHpw==&nojs=0&ix=0&t=0&x=1600&y=1200&wcks=1&wgl=1&cnvs=1&os=0&md=0&bb=0&pl=Chrome%20PDF%20Plugin::Chrome%20PDF%20Viewer::Native%20Client&lang=en-US&pf=Linux%20x86_64&cd=24&0&pload=138
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
45.133.44.3 Philadelphia, United States, ASN39572 (ADVANCEDHOSTERS-AS, NL),
Reverse DNS
Software
nginx/1.18.0 /
Resource Hash
dccc56b4834577790633f041a5c730b0f283352e63c8509a9da3961b170b6f96

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36
Accept-Language
nl-NL,nl;q=0.9

Response headers

date
Fri, 03 Dec 2021 16:23:12 GMT
content-type
text/html; charset=utf-8
content-length
6611
server
nginx/1.18.0
last-modified
Tue, 26 Oct 2021 15:52:40 GMT
etag
f46a63e0e4e733d7ddc6f46da00863bf
x-timestamp
1635263559.76455
x-trans-id
txf9973ab5455e4f86ae257-00617824f3
x-openstack-request-id
txf9973ab5455e4f86ae257-00617824f3
cache-control
max-age=172800
access-control-allow-origin
*
access-control-allow-methods
HEAD,GET,POST,PUT,PATCH,DELETE,OPTIONS
access-control-allow-headers
Content-Type,X-Requested-With,X-Auth-Token,X-Openstack-Request-Id,X-Container-Meta-type,X-Container-Meta-Temp-URL-Key,Authorization
access-control-expose-headers
X-Container-Meta-Temp-Url-Key,X-Container-Bytes-Used,Last-Modified,X-Timestamp
expires
Sun, 05 Dec 2021 16:23:12 GMT
vary
Accept-Encoding
x-proxy-cache
HIT
accept-ranges
bytes
dupa.gif
kneeansweras.com/ 		0
0
script.js
123.selornews.com/dannig/common-player-arrow/ 		4 KB
5 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://123.selornews.com/dannig/common-player-arrow/script.js?a=19
Requested by
Host: 517s61.reminews.com
URL: https://517s61.reminews.com/dannig/common-player-arrow/index.html?var=1541502&ymid=211203112368f5d98fb94348a6ad764a6e42&rc=1&mrc=0&fsc=0&zoneid=1601571&tburl=https://play-vids.com/?geo=nl&proxy=true
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
45.133.44.4 Philadelphia, United States, ASN39572 (ADVANCEDHOSTERS-AS, NL),
Reverse DNS
Software
nginx/1.18.0 /
Resource Hash
4d23eca65ee87fd5bce9aaefc863c5f836ad13dbb3069c72533bddfe2054d0d9

Request headers

Accept-Language
nl-NL,nl;q=0.9
Referer
https://517s61.reminews.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date
Fri, 03 Dec 2021 16:23:13 GMT
x-openstack-request-id
tx6b9d6a665c1049d689b35-00617824f0
x-trans-id
tx6b9d6a665c1049d689b35-00617824f0
x-timestamp
1631013005.68768
accept-ranges
bytes
expires
Sun, 05 Dec 2021 16:23:13 GMT
last-modified
Tue, 07 Sep 2021 11:10:06 GMT
server
nginx/1.18.0
etag
9d479878f1dadd7ee15cebf73891e8ae
vary
Accept-Encoding
access-control-allow-methods
HEAD,GET,POST,PUT,PATCH,DELETE,OPTIONS
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
access-control-expose-headers
X-Container-Meta-Temp-Url-Key,X-Container-Bytes-Used,Last-Modified,X-Timestamp
cache-control
max-age=172800
content-length
4281
access-control-allow-headers
Content-Type,X-Requested-With,X-Auth-Token,X-Openstack-Request-Id,X-Container-Meta-type,X-Container-Meta-Temp-URL-Key,Authorization
x-proxy-cache
HIT
icon1.png
123.selornews.com/dannig/common-player-arrow/img/ 		7 KB
8 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://123.selornews.com/dannig/common-player-arrow/img/icon1.png
Requested by
Host: 517s61.reminews.com
URL: https://517s61.reminews.com/dannig/common-player-arrow/index.html?var=1541502&ymid=211203112368f5d98fb94348a6ad764a6e42&rc=1&mrc=0&fsc=0&zoneid=1601571&tburl=https://play-vids.com/?geo=nl&proxy=true
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
45.133.44.4 Philadelphia, United States, ASN39572 (ADVANCEDHOSTERS-AS, NL),
Reverse DNS
Software
nginx/1.18.0 /
Resource Hash

Request headers

Accept-Language
nl-NL,nl;q=0.9
Referer
https://517s61.reminews.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date
Fri, 03 Dec 2021 16:23:13 GMT
x-openstack-request-id
tx49179b220e3d4b2a8ab8c-00617824f3
x-trans-id
tx49179b220e3d4b2a8ab8c-00617824f3
x-timestamp
1621260766.56573
accept-ranges
bytes
expires
Sun, 05 Dec 2021 16:23:13 GMT
last-modified
Mon, 17 May 2021 14:12:47 GMT
server
nginx/1.18.0
etag
3d0ab5834c8bf7134e4d21fa3288317f
vary
Accept-Encoding
access-control-allow-methods
HEAD,GET,POST,PUT,PATCH,DELETE,OPTIONS
content-type
image/png
access-control-allow-origin
*
access-control-expose-headers
X-Container-Meta-Temp-Url-Key,X-Container-Bytes-Used,Last-Modified,X-Timestamp
cache-control
max-age=172800
content-length
7252
access-control-allow-headers
Content-Type,X-Requested-With,X-Auth-Token,X-Openstack-Request-Id,X-Container-Meta-type,X-Container-Meta-Temp-URL-Key,Authorization
x-proxy-cache
HIT
icon2.png
123.selornews.com/dannig/common-player-arrow/img/ 		4 KB
5 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://123.selornews.com/dannig/common-player-arrow/img/icon2.png
Requested by
Host: 517s61.reminews.com
URL: https://517s61.reminews.com/dannig/common-player-arrow/index.html?var=1541502&ymid=211203112368f5d98fb94348a6ad764a6e42&rc=1&mrc=0&fsc=0&zoneid=1601571&tburl=https://play-vids.com/?geo=nl&proxy=true
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
45.133.44.4 Philadelphia, United States, ASN39572 (ADVANCEDHOSTERS-AS, NL),
Reverse DNS
Software
nginx/1.18.0 /
Resource Hash

Request headers

Accept-Language
nl-NL,nl;q=0.9
Referer
https://517s61.reminews.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date
Fri, 03 Dec 2021 16:23:13 GMT
x-openstack-request-id
txf76832240ecf49d5a5794-00617824f3
x-trans-id
txf76832240ecf49d5a5794-00617824f3
x-timestamp
1621260766.58366
accept-ranges
bytes
expires
Sun, 05 Dec 2021 16:23:13 GMT
last-modified
Mon, 17 May 2021 14:12:47 GMT
server
nginx/1.18.0
etag
c947d439eb93367f1af5b2a3d222f057
vary
Accept-Encoding
access-control-allow-methods
HEAD,GET,POST,PUT,PATCH,DELETE,OPTIONS
content-type
image/png
access-control-allow-origin
*
access-control-expose-headers
X-Container-Meta-Temp-Url-Key,X-Container-Bytes-Used,Last-Modified,X-Timestamp
cache-control
max-age=172800
content-length
4576
access-control-allow-headers
Content-Type,X-Requested-With,X-Auth-Token,X-Openstack-Request-Id,X-Container-Meta-type,X-Container-Meta-Temp-URL-Key,Authorization
x-proxy-cache
HIT
icon3.png
123.selornews.com/dannig/common-player-arrow/img/ 		8 KB
8 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://123.selornews.com/dannig/common-player-arrow/img/icon3.png
Requested by
Host: 517s61.reminews.com
URL: https://517s61.reminews.com/dannig/common-player-arrow/index.html?var=1541502&ymid=211203112368f5d98fb94348a6ad764a6e42&rc=1&mrc=0&fsc=0&zoneid=1601571&tburl=https://play-vids.com/?geo=nl&proxy=true
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
45.133.44.4 Philadelphia, United States, ASN39572 (ADVANCEDHOSTERS-AS, NL),
Reverse DNS
Software
nginx/1.18.0 /
Resource Hash

Request headers

Accept-Language
nl-NL,nl;q=0.9
Referer
https://517s61.reminews.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date
Fri, 03 Dec 2021 16:23:13 GMT
x-openstack-request-id
tx71cc30c578354a508345c-00617824f3
x-trans-id
tx71cc30c578354a508345c-00617824f3
x-timestamp
1621260770.61859
accept-ranges
bytes
expires
Sun, 05 Dec 2021 16:23:13 GMT
last-modified
Mon, 17 May 2021 14:12:51 GMT
server
nginx/1.18.0
etag
8f3cc830da0b1fdf66bda7d1d734747b
vary
Accept-Encoding
access-control-allow-methods
HEAD,GET,POST,PUT,PATCH,DELETE,OPTIONS
content-type
image/png
access-control-allow-origin
*
access-control-expose-headers
X-Container-Meta-Temp-Url-Key,X-Container-Bytes-Used,Last-Modified,X-Timestamp
cache-control
max-age=172800
content-length
7847
access-control-allow-headers
Content-Type,X-Requested-With,X-Auth-Token,X-Openstack-Request-Id,X-Container-Meta-type,X-Container-Meta-Temp-URL-Key,Authorization
x-proxy-cache
HIT
icon4.png
123.selornews.com/dannig/common-player-arrow/img/ 		7 KB
7 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://123.selornews.com/dannig/common-player-arrow/img/icon4.png
Requested by
Host: 517s61.reminews.com
URL: https://517s61.reminews.com/dannig/common-player-arrow/index.html?var=1541502&ymid=211203112368f5d98fb94348a6ad764a6e42&rc=1&mrc=0&fsc=0&zoneid=1601571&tburl=https://play-vids.com/?geo=nl&proxy=true
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
45.133.44.4 Philadelphia, United States, ASN39572 (ADVANCEDHOSTERS-AS, NL),
Reverse DNS
Software
nginx/1.18.0 /
Resource Hash

Request headers

Accept-Language
nl-NL,nl;q=0.9
Referer
https://517s61.reminews.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date
Fri, 03 Dec 2021 16:23:13 GMT
x-openstack-request-id
txb8f1856cff034b1197491-00617824f3
x-trans-id
txb8f1856cff034b1197491-00617824f3
x-timestamp
1621260766.57654
accept-ranges
bytes
expires
Sun, 05 Dec 2021 16:23:13 GMT
last-modified
Mon, 17 May 2021 14:12:47 GMT
server
nginx/1.18.0
etag
7ad7f32c1c0df7b4975cc41bda4ac435
vary
Accept-Encoding
access-control-allow-methods
HEAD,GET,POST,PUT,PATCH,DELETE,OPTIONS
content-type
image/png
access-control-allow-origin
*
access-control-expose-headers
X-Container-Meta-Temp-Url-Key,X-Container-Bytes-Used,Last-Modified,X-Timestamp
cache-control
max-age=172800
content-length
7032
access-control-allow-headers
Content-Type,X-Requested-With,X-Auth-Token,X-Openstack-Request-Id,X-Container-Meta-type,X-Container-Meta-Temp-URL-Key,Authorization
x-proxy-cache
HIT
icon5.png
123.selornews.com/dannig/common-player-arrow/img/ 		3 KB
4 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://123.selornews.com/dannig/common-player-arrow/img/icon5.png
Requested by
Host: 517s61.reminews.com
URL: https://517s61.reminews.com/dannig/common-player-arrow/index.html?var=1541502&ymid=211203112368f5d98fb94348a6ad764a6e42&rc=1&mrc=0&fsc=0&zoneid=1601571&tburl=https://play-vids.com/?geo=nl&proxy=true
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
45.133.44.4 Philadelphia, United States, ASN39572 (ADVANCEDHOSTERS-AS, NL),
Reverse DNS
Software
nginx/1.18.0 /
Resource Hash

Request headers

Accept-Language
nl-NL,nl;q=0.9
Referer
https://517s61.reminews.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date
Fri, 03 Dec 2021 16:23:13 GMT
x-openstack-request-id
txe9633a68a18a4aaaa2453-00617824f3
x-trans-id
txe9633a68a18a4aaaa2453-00617824f3
x-timestamp
1621260766.74516
accept-ranges
bytes
expires
Sun, 05 Dec 2021 16:23:13 GMT
last-modified
Mon, 17 May 2021 14:12:47 GMT
server
nginx/1.18.0
etag
1e1a7582b5da63e10485d63f97abc9a0
vary
Accept-Encoding
access-control-allow-methods
HEAD,GET,POST,PUT,PATCH,DELETE,OPTIONS
content-type
image/png
access-control-allow-origin
*
access-control-expose-headers
X-Container-Meta-Temp-Url-Key,X-Container-Bytes-Used,Last-Modified,X-Timestamp
cache-control
max-age=172800
content-length
3264
access-control-allow-headers
Content-Type,X-Requested-With,X-Auth-Token,X-Openstack-Request-Id,X-Container-Meta-type,X-Container-Meta-Temp-URL-Key,Authorization
x-proxy-cache
HIT
icon7.png
123.selornews.com/dannig/common-player-arrow/img/ 		3 KB
4 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://123.selornews.com/dannig/common-player-arrow/img/icon7.png
Requested by
Host: 517s61.reminews.com
URL: https://517s61.reminews.com/dannig/common-player-arrow/index.html?var=1541502&ymid=211203112368f5d98fb94348a6ad764a6e42&rc=1&mrc=0&fsc=0&zoneid=1601571&tburl=https://play-vids.com/?geo=nl&proxy=true
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
45.133.44.4 Philadelphia, United States, ASN39572 (ADVANCEDHOSTERS-AS, NL),
Reverse DNS
Software
nginx/1.18.0 /
Resource Hash

Request headers

Accept-Language
nl-NL,nl;q=0.9
Referer
https://517s61.reminews.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date
Fri, 03 Dec 2021 16:23:13 GMT
x-openstack-request-id
tx34a03d7df0264ed29dc57-00617824f3
x-trans-id
tx34a03d7df0264ed29dc57-00617824f3
x-timestamp
1621260767.43555
accept-ranges
bytes
expires
Sun, 05 Dec 2021 16:23:13 GMT
last-modified
Mon, 17 May 2021 14:12:48 GMT
server
nginx/1.18.0
etag
b512735542cb07b3b2dcf153a7dfe456
vary
Accept-Encoding
access-control-allow-methods
HEAD,GET,POST,PUT,PATCH,DELETE,OPTIONS
content-type
image/png
access-control-allow-origin
*
access-control-expose-headers
X-Container-Meta-Temp-Url-Key,X-Container-Bytes-Used,Last-Modified,X-Timestamp
cache-control
max-age=172800
content-length
3283
access-control-allow-headers
Content-Type,X-Requested-With,X-Auth-Token,X-Openstack-Request-Id,X-Container-Meta-type,X-Container-Meta-Temp-URL-Key,Authorization
x-proxy-cache
HIT
icon8.png
123.selornews.com/dannig/common-player-arrow/img/ 		4 KB
5 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://123.selornews.com/dannig/common-player-arrow/img/icon8.png
Requested by
Host: 517s61.reminews.com
URL: https://517s61.reminews.com/dannig/common-player-arrow/index.html?var=1541502&ymid=211203112368f5d98fb94348a6ad764a6e42&rc=1&mrc=0&fsc=0&zoneid=1601571&tburl=https://play-vids.com/?geo=nl&proxy=true
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
45.133.44.4 Philadelphia, United States, ASN39572 (ADVANCEDHOSTERS-AS, NL),
Reverse DNS
Software
nginx/1.18.0 /
Resource Hash

Request headers

Accept-Language
nl-NL,nl;q=0.9
Referer
https://517s61.reminews.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date
Fri, 03 Dec 2021 16:23:13 GMT
x-openstack-request-id
tx60e53b5eea60419197c7e-00617824f3
x-trans-id
tx60e53b5eea60419197c7e-00617824f3
x-timestamp
1621260767.46514
accept-ranges
bytes
expires
Sun, 05 Dec 2021 16:23:13 GMT
last-modified
Mon, 17 May 2021 14:12:48 GMT
server
nginx/1.18.0
etag
f92d6474ebc6a3a0b576749cfb4afe98
vary
Accept-Encoding
access-control-allow-methods
HEAD,GET,POST,PUT,PATCH,DELETE,OPTIONS
content-type
image/png
access-control-allow-origin
*
access-control-expose-headers
X-Container-Meta-Temp-Url-Key,X-Container-Bytes-Used,Last-Modified,X-Timestamp
cache-control
max-age=172800
content-length
4064
access-control-allow-headers
Content-Type,X-Requested-With,X-Auth-Token,X-Openstack-Request-Id,X-Container-Meta-type,X-Container-Meta-Temp-URL-Key,Authorization
x-proxy-cache
HIT
afu.php
kneeansweras.com/ 		2 KB
1 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://kneeansweras.com/afu.php?zoneid=1541501&var=1541502
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
109.206.162.83 , Netherlands, ASN50245 (SERVEREL-AS, NL),
Reverse DNS
83.162.serverel.net
Software
nginx /
Resource Hash
dd5943c59008f797d4a592dd086fdf0631d48ff21959334a7d15f94230c84745

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36
Accept-Language
nl-NL,nl;q=0.9

Response headers

server
nginx
date
Fri, 03 Dec 2021 16:23:13 GMT
content-type
text/html; charset=utf-8
vary
Accept-Encoding
content-encoding
gzip
timing-allow-origin
*
submit.min.js
kneeansweras.com/ 		34 KB
14 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://kneeansweras.com/submit.min.js?2.0
Requested by
Host: kneeansweras.com
URL: https://kneeansweras.com/afu.php?zoneid=1541501&var=1541502
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
109.206.162.83 , Netherlands, ASN50245 (SERVEREL-AS, NL),
Reverse DNS
83.162.serverel.net
Software
nginx /
Resource Hash
85a367f436675a0f9ff723ab117c68ab0f704cd9f183bc40c8d5e06d647832b8

Request headers

Accept-Language
nl-NL,nl;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date
Fri, 03 Dec 2021 16:23:13 GMT
content-encoding
gzip
last-modified
Thu, 02 Dec 2021 12:43:17 GMT
server
nginx
etag
W/"61a8bf65-87fb"
vary
Accept-Encoding
content-type
application/javascript
timing-allow-origin
*
/
kneeansweras.com/ 		3 KB
2 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://kneeansweras.com/?r=dir&zoneid=1541501&var=1541502&pb=33cbb9184d45525d9026e831abf9a0f81638555793&psp=KjqEjDPw7M90fUZvBUq1QF3_bz-UOAFMe_dxyM1zTEuMPj-RpyDH_L7USoRtEAOMDHaRToV1Q436l_X2eP1A-JjMH2vR380iXQ7CsRhWKCJEqgZlKD21OjK-9060l8x4Us6FNOMDq3BKzeon2SK9PusS0YLgYOEzBFy6YmhZpXvxvD0zuzpObBFZoSlbKfIJdCPb5h2wV2MReJTF8U3M0wlkCxE_iCP6GdQIubGeTvLlJK5K2VheYUldC0ooEK55d0160hY34MIA1LlzdO_ZVUOfAluWijcWGdy-9A3Todnovmk7yn-IL1I1BJkBxfH6bkqy1ZlnKDWi9UFaynoWM84EEPP6ZmvUUBRPFCHwRVwVCaKl1KJv4u1e20yseItrCaX77pxLIpKBbeU0OWCkwlgcBY4ztKbs2dlv-gfOHcYgJoBaPy5dTStqoVKq5wBUyHlRvdfNdXGUAnRUE5tONh0MyPh76EoP1YMVSK-apas7ccTGoOAOkdapFfZJzQgzZTJuixNQjcjimIAvHdtmD1yfSr1bxqhiFQQcBDRVC8PzhHYG94SOIrSSPnOuab4bpkt3PkCVf9R5sxSoy7qS449aAgyNDRUPV_oZBNgTOZ397_s2hSaLKJNk6uRvQ9lHXa46qKwTpXUgb1WzzQ0CwogmlqunjsyCgFWGoS7QeltSAQfVZ6QZuA==&nojs=0&ix=0&t=0&x=1600&y=1200&wcks=1&wgl=1&cnvs=1&os=0&md=0&bb=0&pl=Chrome%20PDF%20Plugin::Chrome%20PDF%20Viewer::Native%20Client&lang=en-US&pf=Linux%20x86_64&cd=24&0&pload=106
Requested by
Host: kneeansweras.com
URL: https://kneeansweras.com/submit.min.js?2.0
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
109.206.162.83 , Netherlands, ASN50245 (SERVEREL-AS, NL),
Reverse DNS
83.162.serverel.net
Software
nginx /
Resource Hash
6a9b811a8093164905e358bc20c80f3a30bdfd963d7fbf1ddc1dc92accf36c05

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36
Accept-Language
nl-NL,nl;q=0.9

Response headers

server
nginx
date
Fri, 03 Dec 2021 16:23:13 GMT
content-type
text/html; charset=utf-8
vary
Accept-Encoding
content-encoding
gzip
timing-allow-origin
*
index.html
517s61.reminews.com/dannig/common-player-arrow/ 		6 KB
7 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://517s61.reminews.com/dannig/common-player-arrow/index.html?var=1541501&ymid=2112031123bd350b18d1de46038fed9a11c6&rc=1&mrc=0&fsc=0&zoneid=1601571&tburl=https://play-vids.com/?geo=nl&proxy=true
Requested by
Host: kneeansweras.com
URL: https://kneeansweras.com/?r=dir&zoneid=1541501&var=1541502&pb=33cbb9184d45525d9026e831abf9a0f81638555793&psp=KjqEjDPw7M90fUZvBUq1QF3_bz-UOAFMe_dxyM1zTEuMPj-RpyDH_L7USoRtEAOMDHaRToV1Q436l_X2eP1A-JjMH2vR380iXQ7CsRhWKCJEqgZlKD21OjK-9060l8x4Us6FNOMDq3BKzeon2SK9PusS0YLgYOEzBFy6YmhZpXvxvD0zuzpObBFZoSlbKfIJdCPb5h2wV2MReJTF8U3M0wlkCxE_iCP6GdQIubGeTvLlJK5K2VheYUldC0ooEK55d0160hY34MIA1LlzdO_ZVUOfAluWijcWGdy-9A3Todnovmk7yn-IL1I1BJkBxfH6bkqy1ZlnKDWi9UFaynoWM84EEPP6ZmvUUBRPFCHwRVwVCaKl1KJv4u1e20yseItrCaX77pxLIpKBbeU0OWCkwlgcBY4ztKbs2dlv-gfOHcYgJoBaPy5dTStqoVKq5wBUyHlRvdfNdXGUAnRUE5tONh0MyPh76EoP1YMVSK-apas7ccTGoOAOkdapFfZJzQgzZTJuixNQjcjimIAvHdtmD1yfSr1bxqhiFQQcBDRVC8PzhHYG94SOIrSSPnOuab4bpkt3PkCVf9R5sxSoy7qS449aAgyNDRUPV_oZBNgTOZ397_s2hSaLKJNk6uRvQ9lHXa46qKwTpXUgb1WzzQ0CwogmlqunjsyCgFWGoS7QeltSAQfVZ6QZuA==&nojs=0&ix=0&t=0&x=1600&y=1200&wcks=1&wgl=1&cnvs=1&os=0&md=0&bb=0&pl=Chrome%20PDF%20Plugin::Chrome%20PDF%20Viewer::Native%20Client&lang=en-US&pf=Linux%20x86_64&cd=24&0&pload=106
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
45.133.44.3 Philadelphia, United States, ASN39572 (ADVANCEDHOSTERS-AS, NL),
Reverse DNS
Software
nginx/1.18.0 /
Resource Hash
dccc56b4834577790633f041a5c730b0f283352e63c8509a9da3961b170b6f96

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36
Accept-Language
nl-NL,nl;q=0.9

Response headers

date
Fri, 03 Dec 2021 16:23:13 GMT
content-type
text/html; charset=utf-8
content-length
6611
server
nginx/1.18.0
last-modified
Tue, 26 Oct 2021 15:52:40 GMT
etag
f46a63e0e4e733d7ddc6f46da00863bf
x-timestamp
1635263559.76455
x-trans-id
txf9973ab5455e4f86ae257-00617824f3
x-openstack-request-id
txf9973ab5455e4f86ae257-00617824f3
cache-control
max-age=172800
access-control-allow-origin
*
access-control-allow-methods
HEAD,GET,POST,PUT,PATCH,DELETE,OPTIONS
access-control-allow-headers
Content-Type,X-Requested-With,X-Auth-Token,X-Openstack-Request-Id,X-Container-Meta-type,X-Container-Meta-Temp-URL-Key,Authorization
access-control-expose-headers
X-Container-Meta-Temp-Url-Key,X-Container-Bytes-Used,Last-Modified,X-Timestamp
expires
Sun, 05 Dec 2021 16:23:13 GMT
vary
Accept-Encoding
x-proxy-cache
HIT
accept-ranges
bytes
dupa.gif
kneeansweras.com/ 		0
0
script.js
123.selornews.com/dannig/common-player-arrow/ 		4 KB
5 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://123.selornews.com/dannig/common-player-arrow/script.js?a=19
Requested by
Host: 517s61.reminews.com
URL: https://517s61.reminews.com/dannig/common-player-arrow/index.html?var=1541501&ymid=2112031123bd350b18d1de46038fed9a11c6&rc=1&mrc=0&fsc=0&zoneid=1601571&tburl=https://play-vids.com/?geo=nl&proxy=true
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
45.133.44.4 Philadelphia, United States, ASN39572 (ADVANCEDHOSTERS-AS, NL),
Reverse DNS
Software
nginx/1.18.0 /
Resource Hash
4d23eca65ee87fd5bce9aaefc863c5f836ad13dbb3069c72533bddfe2054d0d9

Request headers

Accept-Language
nl-NL,nl;q=0.9
Referer
https://517s61.reminews.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date
Fri, 03 Dec 2021 16:23:13 GMT
x-openstack-request-id
tx6b9d6a665c1049d689b35-00617824f0
x-trans-id
tx6b9d6a665c1049d689b35-00617824f0
x-timestamp
1631013005.68768
accept-ranges
bytes
expires
Sun, 05 Dec 2021 16:23:13 GMT
last-modified
Tue, 07 Sep 2021 11:10:06 GMT
server
nginx/1.18.0
etag
9d479878f1dadd7ee15cebf73891e8ae
vary
Accept-Encoding
access-control-allow-methods
HEAD,GET,POST,PUT,PATCH,DELETE,OPTIONS
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
access-control-expose-headers
X-Container-Meta-Temp-Url-Key,X-Container-Bytes-Used,Last-Modified,X-Timestamp
cache-control
max-age=172800
content-length
4281
access-control-allow-headers
Content-Type,X-Requested-With,X-Auth-Token,X-Openstack-Request-Id,X-Container-Meta-type,X-Container-Meta-Temp-URL-Key,Authorization
x-proxy-cache
HIT
icon1.png
123.selornews.com/dannig/common-player-arrow/img/ 		7 KB
8 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://123.selornews.com/dannig/common-player-arrow/img/icon1.png
Requested by
Host: 517s61.reminews.com
URL: https://517s61.reminews.com/dannig/common-player-arrow/index.html?var=1541501&ymid=2112031123bd350b18d1de46038fed9a11c6&rc=1&mrc=0&fsc=0&zoneid=1601571&tburl=https://play-vids.com/?geo=nl&proxy=true
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
45.133.44.4 Philadelphia, United States, ASN39572 (ADVANCEDHOSTERS-AS, NL),
Reverse DNS
Software
nginx/1.18.0 /
Resource Hash
0515ddd9185d263874e7b66bb6d521fcd63b857aac5fed51c08df98026dafe27

Request headers

Accept-Language
nl-NL,nl;q=0.9
Referer
https://517s61.reminews.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date
Fri, 03 Dec 2021 16:23:13 GMT
x-openstack-request-id
tx49179b220e3d4b2a8ab8c-00617824f3
x-trans-id
tx49179b220e3d4b2a8ab8c-00617824f3
x-timestamp
1621260766.56573
accept-ranges
bytes
expires
Sun, 05 Dec 2021 16:23:13 GMT
last-modified
Mon, 17 May 2021 14:12:47 GMT
server
nginx/1.18.0
etag
3d0ab5834c8bf7134e4d21fa3288317f
vary
Accept-Encoding
access-control-allow-methods
HEAD,GET,POST,PUT,PATCH,DELETE,OPTIONS
content-type
image/png
access-control-allow-origin
*
access-control-expose-headers
X-Container-Meta-Temp-Url-Key,X-Container-Bytes-Used,Last-Modified,X-Timestamp
cache-control
max-age=172800
content-length
7252
access-control-allow-headers
Content-Type,X-Requested-With,X-Auth-Token,X-Openstack-Request-Id,X-Container-Meta-type,X-Container-Meta-Temp-URL-Key,Authorization
x-proxy-cache
HIT
icon2.png
123.selornews.com/dannig/common-player-arrow/img/ 		4 KB
5 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://123.selornews.com/dannig/common-player-arrow/img/icon2.png
Requested by
Host: 517s61.reminews.com
URL: https://517s61.reminews.com/dannig/common-player-arrow/index.html?var=1541501&ymid=2112031123bd350b18d1de46038fed9a11c6&rc=1&mrc=0&fsc=0&zoneid=1601571&tburl=https://play-vids.com/?geo=nl&proxy=true
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
45.133.44.4 Philadelphia, United States, ASN39572 (ADVANCEDHOSTERS-AS, NL),
Reverse DNS
Software
nginx/1.18.0 /
Resource Hash

Request headers

Accept-Language
nl-NL,nl;q=0.9
Referer
https://517s61.reminews.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date
Fri, 03 Dec 2021 16:23:13 GMT
x-openstack-request-id
txf76832240ecf49d5a5794-00617824f3
x-trans-id
txf76832240ecf49d5a5794-00617824f3
x-timestamp
1621260766.58366
accept-ranges
bytes
expires
Sun, 05 Dec 2021 16:23:13 GMT
last-modified
Mon, 17 May 2021 14:12:47 GMT
server
nginx/1.18.0
etag
c947d439eb93367f1af5b2a3d222f057
vary
Accept-Encoding
access-control-allow-methods
HEAD,GET,POST,PUT,PATCH,DELETE,OPTIONS
content-type
image/png
access-control-allow-origin
*
access-control-expose-headers
X-Container-Meta-Temp-Url-Key,X-Container-Bytes-Used,Last-Modified,X-Timestamp
cache-control
max-age=172800
content-length
4576
access-control-allow-headers
Content-Type,X-Requested-With,X-Auth-Token,X-Openstack-Request-Id,X-Container-Meta-type,X-Container-Meta-Temp-URL-Key,Authorization
x-proxy-cache
HIT
icon3.png
123.selornews.com/dannig/common-player-arrow/img/ 		8 KB
8 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://123.selornews.com/dannig/common-player-arrow/img/icon3.png
Requested by
Host: 517s61.reminews.com
URL: https://517s61.reminews.com/dannig/common-player-arrow/index.html?var=1541501&ymid=2112031123bd350b18d1de46038fed9a11c6&rc=1&mrc=0&fsc=0&zoneid=1601571&tburl=https://play-vids.com/?geo=nl&proxy=true
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
45.133.44.4 Philadelphia, United States, ASN39572 (ADVANCEDHOSTERS-AS, NL),
Reverse DNS
Software
nginx/1.18.0 /
Resource Hash

Request headers

Accept-Language
nl-NL,nl;q=0.9
Referer
https://517s61.reminews.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date
Fri, 03 Dec 2021 16:23:13 GMT
x-openstack-request-id
tx71cc30c578354a508345c-00617824f3
x-trans-id
tx71cc30c578354a508345c-00617824f3
x-timestamp
1621260770.61859
accept-ranges
bytes
expires
Sun, 05 Dec 2021 16:23:13 GMT
last-modified
Mon, 17 May 2021 14:12:51 GMT
server
nginx/1.18.0
etag
8f3cc830da0b1fdf66bda7d1d734747b
vary
Accept-Encoding
access-control-allow-methods
HEAD,GET,POST,PUT,PATCH,DELETE,OPTIONS
content-type
image/png
access-control-allow-origin
*
access-control-expose-headers
X-Container-Meta-Temp-Url-Key,X-Container-Bytes-Used,Last-Modified,X-Timestamp
cache-control
max-age=172800
content-length
7847
access-control-allow-headers
Content-Type,X-Requested-With,X-Auth-Token,X-Openstack-Request-Id,X-Container-Meta-type,X-Container-Meta-Temp-URL-Key,Authorization
x-proxy-cache
HIT
icon4.png
123.selornews.com/dannig/common-player-arrow/img/ 		7 KB
7 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://123.selornews.com/dannig/common-player-arrow/img/icon4.png
Requested by
Host: 517s61.reminews.com
URL: https://517s61.reminews.com/dannig/common-player-arrow/index.html?var=1541501&ymid=2112031123bd350b18d1de46038fed9a11c6&rc=1&mrc=0&fsc=0&zoneid=1601571&tburl=https://play-vids.com/?geo=nl&proxy=true
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
45.133.44.4 Philadelphia, United States, ASN39572 (ADVANCEDHOSTERS-AS, NL),
Reverse DNS
Software
nginx/1.18.0 /
Resource Hash

Request headers

Accept-Language
nl-NL,nl;q=0.9
Referer
https://517s61.reminews.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date
Fri, 03 Dec 2021 16:23:13 GMT
x-openstack-request-id
txb8f1856cff034b1197491-00617824f3
x-trans-id
txb8f1856cff034b1197491-00617824f3
x-timestamp
1621260766.57654
accept-ranges
bytes
expires
Sun, 05 Dec 2021 16:23:13 GMT
last-modified
Mon, 17 May 2021 14:12:47 GMT
server
nginx/1.18.0
etag
7ad7f32c1c0df7b4975cc41bda4ac435
vary
Accept-Encoding
access-control-allow-methods
HEAD,GET,POST,PUT,PATCH,DELETE,OPTIONS
content-type
image/png
access-control-allow-origin
*
access-control-expose-headers
X-Container-Meta-Temp-Url-Key,X-Container-Bytes-Used,Last-Modified,X-Timestamp
cache-control
max-age=172800
content-length
7032
access-control-allow-headers
Content-Type,X-Requested-With,X-Auth-Token,X-Openstack-Request-Id,X-Container-Meta-type,X-Container-Meta-Temp-URL-Key,Authorization
x-proxy-cache
HIT
icon5.png
123.selornews.com/dannig/common-player-arrow/img/ 		3 KB
4 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://123.selornews.com/dannig/common-player-arrow/img/icon5.png
Requested by
Host: 517s61.reminews.com
URL: https://517s61.reminews.com/dannig/common-player-arrow/index.html?var=1541501&ymid=2112031123bd350b18d1de46038fed9a11c6&rc=1&mrc=0&fsc=0&zoneid=1601571&tburl=https://play-vids.com/?geo=nl&proxy=true
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
45.133.44.4 Philadelphia, United States, ASN39572 (ADVANCEDHOSTERS-AS, NL),
Reverse DNS
Software
nginx/1.18.0 /
Resource Hash

Request headers

Accept-Language
nl-NL,nl;q=0.9
Referer
https://517s61.reminews.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date
Fri, 03 Dec 2021 16:23:13 GMT
x-openstack-request-id
txe9633a68a18a4aaaa2453-00617824f3
x-trans-id
txe9633a68a18a4aaaa2453-00617824f3
x-timestamp
1621260766.74516
accept-ranges
bytes
expires
Sun, 05 Dec 2021 16:23:13 GMT
last-modified
Mon, 17 May 2021 14:12:47 GMT
server
nginx/1.18.0
etag
1e1a7582b5da63e10485d63f97abc9a0
vary
Accept-Encoding
access-control-allow-methods
HEAD,GET,POST,PUT,PATCH,DELETE,OPTIONS
content-type
image/png
access-control-allow-origin
*
access-control-expose-headers
X-Container-Meta-Temp-Url-Key,X-Container-Bytes-Used,Last-Modified,X-Timestamp
cache-control
max-age=172800
content-length
3264
access-control-allow-headers
Content-Type,X-Requested-With,X-Auth-Token,X-Openstack-Request-Id,X-Container-Meta-type,X-Container-Meta-Temp-URL-Key,Authorization
x-proxy-cache
HIT
icon7.png
123.selornews.com/dannig/common-player-arrow/img/ 		3 KB
4 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://123.selornews.com/dannig/common-player-arrow/img/icon7.png
Requested by
Host: 517s61.reminews.com
URL: https://517s61.reminews.com/dannig/common-player-arrow/index.html?var=1541501&ymid=2112031123bd350b18d1de46038fed9a11c6&rc=1&mrc=0&fsc=0&zoneid=1601571&tburl=https://play-vids.com/?geo=nl&proxy=true
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
45.133.44.4 Philadelphia, United States, ASN39572 (ADVANCEDHOSTERS-AS, NL),
Reverse DNS
Software
nginx/1.18.0 /
Resource Hash

Request headers

Accept-Language
nl-NL,nl;q=0.9
Referer
https://517s61.reminews.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date
Fri, 03 Dec 2021 16:23:13 GMT
x-openstack-request-id
tx34a03d7df0264ed29dc57-00617824f3
x-trans-id
tx34a03d7df0264ed29dc57-00617824f3
x-timestamp
1621260767.43555
accept-ranges
bytes
expires
Sun, 05 Dec 2021 16:23:13 GMT
last-modified
Mon, 17 May 2021 14:12:48 GMT
server
nginx/1.18.0
etag
b512735542cb07b3b2dcf153a7dfe456
vary
Accept-Encoding
access-control-allow-methods
HEAD,GET,POST,PUT,PATCH,DELETE,OPTIONS
content-type
image/png
access-control-allow-origin
*
access-control-expose-headers
X-Container-Meta-Temp-Url-Key,X-Container-Bytes-Used,Last-Modified,X-Timestamp
cache-control
max-age=172800
content-length
3283
access-control-allow-headers
Content-Type,X-Requested-With,X-Auth-Token,X-Openstack-Request-Id,X-Container-Meta-type,X-Container-Meta-Temp-URL-Key,Authorization
x-proxy-cache
HIT
icon8.png
123.selornews.com/dannig/common-player-arrow/img/ 		4 KB
5 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://123.selornews.com/dannig/common-player-arrow/img/icon8.png
Requested by
Host: 517s61.reminews.com
URL: https://517s61.reminews.com/dannig/common-player-arrow/index.html?var=1541501&ymid=2112031123bd350b18d1de46038fed9a11c6&rc=1&mrc=0&fsc=0&zoneid=1601571&tburl=https://play-vids.com/?geo=nl&proxy=true
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
45.133.44.4 Philadelphia, United States, ASN39572 (ADVANCEDHOSTERS-AS, NL),
Reverse DNS
Software
nginx/1.18.0 /
Resource Hash

Request headers

Accept-Language
nl-NL,nl;q=0.9
Referer
https://517s61.reminews.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date
Fri, 03 Dec 2021 16:23:13 GMT
x-openstack-request-id
tx60e53b5eea60419197c7e-00617824f3
x-trans-id
tx60e53b5eea60419197c7e-00617824f3
x-timestamp
1621260767.46514
accept-ranges
bytes
expires
Sun, 05 Dec 2021 16:23:13 GMT
last-modified
Mon, 17 May 2021 14:12:48 GMT
server
nginx/1.18.0
etag
f92d6474ebc6a3a0b576749cfb4afe98
vary
Accept-Encoding
access-control-allow-methods
HEAD,GET,POST,PUT,PATCH,DELETE,OPTIONS
content-type
image/png
access-control-allow-origin
*
access-control-expose-headers
X-Container-Meta-Temp-Url-Key,X-Container-Bytes-Used,Last-Modified,X-Timestamp
cache-control
max-age=172800
content-length
4064
access-control-allow-headers
Content-Type,X-Requested-With,X-Auth-Token,X-Openstack-Request-Id,X-Container-Meta-type,X-Container-Meta-Temp-URL-Key,Authorization
x-proxy-cache
HIT
afu.php
kneeansweras.com/ 		2 KB
1 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://kneeansweras.com/afu.php?zoneid=1541502&var=1541501
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
109.206.162.83 , Netherlands, ASN50245 (SERVEREL-AS, NL),
Reverse DNS
83.162.serverel.net
Software
nginx /
Resource Hash
1d3441124f312e84f1953b6f26bfe1ee4193fdf1ad8b99ceb5a1d6bc0eb3d7ef

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36
Accept-Language
nl-NL,nl;q=0.9

Response headers

server
nginx
date
Fri, 03 Dec 2021 16:23:13 GMT
content-type
text/html; charset=utf-8
vary
Accept-Encoding
content-encoding
gzip
timing-allow-origin
*
submit.min.js
kneeansweras.com/ 		34 KB
14 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://kneeansweras.com/submit.min.js?2.0
Requested by
Host: kneeansweras.com
URL: https://kneeansweras.com/afu.php?zoneid=1541502&var=1541501
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
109.206.162.83 , Netherlands, ASN50245 (SERVEREL-AS, NL),
Reverse DNS
83.162.serverel.net
Software
nginx /
Resource Hash
85a367f436675a0f9ff723ab117c68ab0f704cd9f183bc40c8d5e06d647832b8

Request headers

Accept-Language
nl-NL,nl;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date
Fri, 03 Dec 2021 16:23:13 GMT
content-encoding
gzip
last-modified
Thu, 02 Dec 2021 12:43:17 GMT
server
nginx
etag
W/"61a8bf65-87fb"
vary
Accept-Encoding
content-type
application/javascript
timing-allow-origin
*
/
kneeansweras.com/ 		3 KB
2 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://kneeansweras.com/?r=dir&zoneid=1541502&var=1541501&pb=33cbb9184d45525d9026e831abf9a0f81638555793&psp=ycKkJ0L8gJOgw8m7VO94A9G9Vm69EqSZ48IsJ-rWAjFRgfOdhAI-tWyXWSZmrHKtRGLChf7YmOLg0p-bpC-dFmfhYrH3CIslK3Vx5JmRzvegb3iepsAyVaSe_MCacS9fUf4bJSBbwplx5Knv3wZWPRh1mBwansDC93Iqhf3nmp_hY649LJTLhOotluIKCT2YjozENVIcuqDPAG3QrPw38xFT5RnoG0oTHA8Y_McFwWj5OSVyS3CHgurrLiSm-k7f13yYxkPkXL06HoYxmZkgVv1HcfMiGAw6uNB3FdL7e3yf990b_Ttjzt7_TkFTIOfNfxhE1VkdPB7m4YTzLBJygXKU6NsswU1xhJ1GNa7h1i-tITnJfrToOZDiVn6vxyhAXH_ti6HGIUu2kSZJ8UduB09iSksuNp6obWyJEMp-wdf3SnSNi9anGe1iMD6O7UAE6rZ-y_Od9DVD-oZpZ_mw_ZcFzqw-5nYSnrJF8QpKNHEb9SFklG6d1e_aw38BY16koQOKTterwYDtltnCds9C1EnKb7cfJ-iUCHEzsEGLzn18AKhXE6LgYzONvLRjqw3soyRcPtMsAVSfQ9DSx3t-Jm3Cja8GKAqJ0lQlageBRQ7pBjGLHXlRsJzauLoDSkDvvrn9vLnbaOxA5v-21xYFjZJzBwo9cSwYa9xUTGCxoXGBfvUzkyHEqA==&nojs=0&ix=0&t=0&x=1600&y=1200&wcks=1&wgl=1&cnvs=1&os=0&md=0&bb=0&pl=Chrome%20PDF%20Plugin::Chrome%20PDF%20Viewer::Native%20Client&lang=en-US&pf=Linux%20x86_64&cd=24&0&pload=104
Requested by
Host: kneeansweras.com
URL: https://kneeansweras.com/submit.min.js?2.0
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
109.206.162.83 , Netherlands, ASN50245 (SERVEREL-AS, NL),
Reverse DNS
83.162.serverel.net
Software
nginx /
Resource Hash

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36
Accept-Language
nl-NL,nl;q=0.9

Response headers

server
nginx
date
Fri, 03 Dec 2021 16:23:13 GMT
content-type
text/html; charset=utf-8
vary
Accept-Encoding
content-encoding
gzip
timing-allow-origin
*
index.html
517s61.reminews.com/dannig/common-player-arrow/ 		6 KB
7 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://517s61.reminews.com/dannig/common-player-arrow/index.html?var=1541502&ymid=211203112352e98a4e4e85491691f8893360&rc=1&mrc=0&fsc=0&zoneid=1601571&tburl=https://play-vids.com/?geo=nl&proxy=true
Requested by
Host: kneeansweras.com
URL: https://kneeansweras.com/?r=dir&zoneid=1541502&var=1541501&pb=33cbb9184d45525d9026e831abf9a0f81638555793&psp=ycKkJ0L8gJOgw8m7VO94A9G9Vm69EqSZ48IsJ-rWAjFRgfOdhAI-tWyXWSZmrHKtRGLChf7YmOLg0p-bpC-dFmfhYrH3CIslK3Vx5JmRzvegb3iepsAyVaSe_MCacS9fUf4bJSBbwplx5Knv3wZWPRh1mBwansDC93Iqhf3nmp_hY649LJTLhOotluIKCT2YjozENVIcuqDPAG3QrPw38xFT5RnoG0oTHA8Y_McFwWj5OSVyS3CHgurrLiSm-k7f13yYxkPkXL06HoYxmZkgVv1HcfMiGAw6uNB3FdL7e3yf990b_Ttjzt7_TkFTIOfNfxhE1VkdPB7m4YTzLBJygXKU6NsswU1xhJ1GNa7h1i-tITnJfrToOZDiVn6vxyhAXH_ti6HGIUu2kSZJ8UduB09iSksuNp6obWyJEMp-wdf3SnSNi9anGe1iMD6O7UAE6rZ-y_Od9DVD-oZpZ_mw_ZcFzqw-5nYSnrJF8QpKNHEb9SFklG6d1e_aw38BY16koQOKTterwYDtltnCds9C1EnKb7cfJ-iUCHEzsEGLzn18AKhXE6LgYzONvLRjqw3soyRcPtMsAVSfQ9DSx3t-Jm3Cja8GKAqJ0lQlageBRQ7pBjGLHXlRsJzauLoDSkDvvrn9vLnbaOxA5v-21xYFjZJzBwo9cSwYa9xUTGCxoXGBfvUzkyHEqA==&nojs=0&ix=0&t=0&x=1600&y=1200&wcks=1&wgl=1&cnvs=1&os=0&md=0&bb=0&pl=Chrome%20PDF%20Plugin::Chrome%20PDF%20Viewer::Native%20Client&lang=en-US&pf=Linux%20x86_64&cd=24&0&pload=104
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
45.133.44.3 Philadelphia, United States, ASN39572 (ADVANCEDHOSTERS-AS, NL),
Reverse DNS
Software
nginx/1.18.0 /
Resource Hash
dccc56b4834577790633f041a5c730b0f283352e63c8509a9da3961b170b6f96

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36
Accept-Language
nl-NL,nl;q=0.9

Response headers

date
Fri, 03 Dec 2021 16:23:13 GMT
content-type
text/html; charset=utf-8
content-length
6611
server
nginx/1.18.0
last-modified
Tue, 26 Oct 2021 15:52:40 GMT
etag
f46a63e0e4e733d7ddc6f46da00863bf
x-timestamp
1635263559.76455
x-trans-id
txf9973ab5455e4f86ae257-00617824f3
x-openstack-request-id
txf9973ab5455e4f86ae257-00617824f3
cache-control
max-age=172800
access-control-allow-origin
*
access-control-allow-methods
HEAD,GET,POST,PUT,PATCH,DELETE,OPTIONS
access-control-allow-headers
Content-Type,X-Requested-With,X-Auth-Token,X-Openstack-Request-Id,X-Container-Meta-type,X-Container-Meta-Temp-URL-Key,Authorization
access-control-expose-headers
X-Container-Meta-Temp-Url-Key,X-Container-Bytes-Used,Last-Modified,X-Timestamp
expires
Sun, 05 Dec 2021 16:23:13 GMT
vary
Accept-Encoding
x-proxy-cache
HIT
accept-ranges
bytes
dupa.gif
kneeansweras.com/ 		0
0
script.js
123.selornews.com/dannig/common-player-arrow/ 		4 KB
5 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://123.selornews.com/dannig/common-player-arrow/script.js?a=19
Requested by
Host: 517s61.reminews.com
URL: https://517s61.reminews.com/dannig/common-player-arrow/index.html?var=1541502&ymid=211203112352e98a4e4e85491691f8893360&rc=1&mrc=0&fsc=0&zoneid=1601571&tburl=https://play-vids.com/?geo=nl&proxy=true
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
45.133.44.4 Philadelphia, United States, ASN39572 (ADVANCEDHOSTERS-AS, NL),
Reverse DNS
Software
nginx/1.18.0 /
Resource Hash
4d23eca65ee87fd5bce9aaefc863c5f836ad13dbb3069c72533bddfe2054d0d9

Request headers

Accept-Language
nl-NL,nl;q=0.9
Referer
https://517s61.reminews.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date
Fri, 03 Dec 2021 16:23:13 GMT
x-openstack-request-id
tx6b9d6a665c1049d689b35-00617824f0
x-trans-id
tx6b9d6a665c1049d689b35-00617824f0
x-timestamp
1631013005.68768
accept-ranges
bytes
expires
Sun, 05 Dec 2021 16:23:13 GMT
last-modified
Tue, 07 Sep 2021 11:10:06 GMT
server
nginx/1.18.0
etag
9d479878f1dadd7ee15cebf73891e8ae
vary
Accept-Encoding
access-control-allow-methods
HEAD,GET,POST,PUT,PATCH,DELETE,OPTIONS
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
access-control-expose-headers
X-Container-Meta-Temp-Url-Key,X-Container-Bytes-Used,Last-Modified,X-Timestamp
cache-control
max-age=172800
content-length
4281
access-control-allow-headers
Content-Type,X-Requested-With,X-Auth-Token,X-Openstack-Request-Id,X-Container-Meta-type,X-Container-Meta-Temp-URL-Key,Authorization
x-proxy-cache
HIT
icon1.png
123.selornews.com/dannig/common-player-arrow/img/ 		7 KB
8 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://123.selornews.com/dannig/common-player-arrow/img/icon1.png
Requested by
Host: 517s61.reminews.com
URL: https://517s61.reminews.com/dannig/common-player-arrow/index.html?var=1541502&ymid=211203112352e98a4e4e85491691f8893360&rc=1&mrc=0&fsc=0&zoneid=1601571&tburl=https://play-vids.com/?geo=nl&proxy=true
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
45.133.44.4 Philadelphia, United States, ASN39572 (ADVANCEDHOSTERS-AS, NL),
Reverse DNS
Software
nginx/1.18.0 /
Resource Hash

Request headers

Accept-Language
nl-NL,nl;q=0.9
Referer
https://517s61.reminews.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date
Fri, 03 Dec 2021 16:23:13 GMT
x-openstack-request-id
tx49179b220e3d4b2a8ab8c-00617824f3
x-trans-id
tx49179b220e3d4b2a8ab8c-00617824f3
x-timestamp
1621260766.56573
accept-ranges
bytes
expires
Sun, 05 Dec 2021 16:23:13 GMT
last-modified
Mon, 17 May 2021 14:12:47 GMT
server
nginx/1.18.0
etag
3d0ab5834c8bf7134e4d21fa3288317f
vary
Accept-Encoding
access-control-allow-methods
HEAD,GET,POST,PUT,PATCH,DELETE,OPTIONS
content-type
image/png
access-control-allow-origin
*
access-control-expose-headers
X-Container-Meta-Temp-Url-Key,X-Container-Bytes-Used,Last-Modified,X-Timestamp
cache-control
max-age=172800
content-length
7252
access-control-allow-headers
Content-Type,X-Requested-With,X-Auth-Token,X-Openstack-Request-Id,X-Container-Meta-type,X-Container-Meta-Temp-URL-Key,Authorization
x-proxy-cache
HIT
icon2.png
123.selornews.com/dannig/common-player-arrow/img/ 		4 KB
5 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://123.selornews.com/dannig/common-player-arrow/img/icon2.png
Requested by
Host: 517s61.reminews.com
URL: https://517s61.reminews.com/dannig/common-player-arrow/index.html?var=1541502&ymid=211203112352e98a4e4e85491691f8893360&rc=1&mrc=0&fsc=0&zoneid=1601571&tburl=https://play-vids.com/?geo=nl&proxy=true
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
45.133.44.4 Philadelphia, United States, ASN39572 (ADVANCEDHOSTERS-AS, NL),
Reverse DNS
Software
nginx/1.18.0 /
Resource Hash

Request headers

Accept-Language
nl-NL,nl;q=0.9
Referer
https://517s61.reminews.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date
Fri, 03 Dec 2021 16:23:13 GMT
x-openstack-request-id
txf76832240ecf49d5a5794-00617824f3
x-trans-id
txf76832240ecf49d5a5794-00617824f3
x-timestamp
1621260766.58366
accept-ranges
bytes
expires
Sun, 05 Dec 2021 16:23:13 GMT
last-modified
Mon, 17 May 2021 14:12:47 GMT
server
nginx/1.18.0
etag
c947d439eb93367f1af5b2a3d222f057
vary
Accept-Encoding
access-control-allow-methods
HEAD,GET,POST,PUT,PATCH,DELETE,OPTIONS
content-type
image/png
access-control-allow-origin
*
access-control-expose-headers
X-Container-Meta-Temp-Url-Key,X-Container-Bytes-Used,Last-Modified,X-Timestamp
cache-control
max-age=172800
content-length
4576
access-control-allow-headers
Content-Type,X-Requested-With,X-Auth-Token,X-Openstack-Request-Id,X-Container-Meta-type,X-Container-Meta-Temp-URL-Key,Authorization
x-proxy-cache
HIT
icon3.png
123.selornews.com/dannig/common-player-arrow/img/ 		8 KB
8 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://123.selornews.com/dannig/common-player-arrow/img/icon3.png
Requested by
Host: 517s61.reminews.com
URL: https://517s61.reminews.com/dannig/common-player-arrow/index.html?var=1541502&ymid=211203112352e98a4e4e85491691f8893360&rc=1&mrc=0&fsc=0&zoneid=1601571&tburl=https://play-vids.com/?geo=nl&proxy=true
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
45.133.44.4 Philadelphia, United States, ASN39572 (ADVANCEDHOSTERS-AS, NL),
Reverse DNS
Software
nginx/1.18.0 /
Resource Hash

Request headers

Accept-Language
nl-NL,nl;q=0.9
Referer
https://517s61.reminews.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date
Fri, 03 Dec 2021 16:23:13 GMT
x-openstack-request-id
tx71cc30c578354a508345c-00617824f3
x-trans-id
tx71cc30c578354a508345c-00617824f3
x-timestamp
1621260770.61859
accept-ranges
bytes
expires
Sun, 05 Dec 2021 16:23:13 GMT
last-modified
Mon, 17 May 2021 14:12:51 GMT
server
nginx/1.18.0
etag
8f3cc830da0b1fdf66bda7d1d734747b
vary
Accept-Encoding
access-control-allow-methods
HEAD,GET,POST,PUT,PATCH,DELETE,OPTIONS
content-type
image/png
access-control-allow-origin
*
access-control-expose-headers
X-Container-Meta-Temp-Url-Key,X-Container-Bytes-Used,Last-Modified,X-Timestamp
cache-control
max-age=172800
content-length
7847
access-control-allow-headers
Content-Type,X-Requested-With,X-Auth-Token,X-Openstack-Request-Id,X-Container-Meta-type,X-Container-Meta-Temp-URL-Key,Authorization
x-proxy-cache
HIT
icon4.png
123.selornews.com/dannig/common-player-arrow/img/ 		7 KB
7 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://123.selornews.com/dannig/common-player-arrow/img/icon4.png
Requested by
Host: 517s61.reminews.com
URL: https://517s61.reminews.com/dannig/common-player-arrow/index.html?var=1541502&ymid=211203112352e98a4e4e85491691f8893360&rc=1&mrc=0&fsc=0&zoneid=1601571&tburl=https://play-vids.com/?geo=nl&proxy=true
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
45.133.44.4 Philadelphia, United States, ASN39572 (ADVANCEDHOSTERS-AS, NL),
Reverse DNS
Software
nginx/1.18.0 /
Resource Hash

Request headers

Accept-Language
nl-NL,nl;q=0.9
Referer
https://517s61.reminews.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date
Fri, 03 Dec 2021 16:23:13 GMT
x-openstack-request-id
txb8f1856cff034b1197491-00617824f3
x-trans-id
txb8f1856cff034b1197491-00617824f3
x-timestamp
1621260766.57654
accept-ranges
bytes
expires
Sun, 05 Dec 2021 16:23:13 GMT
last-modified
Mon, 17 May 2021 14:12:47 GMT
server
nginx/1.18.0
etag
7ad7f32c1c0df7b4975cc41bda4ac435
vary
Accept-Encoding
access-control-allow-methods
HEAD,GET,POST,PUT,PATCH,DELETE,OPTIONS
content-type
image/png
access-control-allow-origin
*
access-control-expose-headers
X-Container-Meta-Temp-Url-Key,X-Container-Bytes-Used,Last-Modified,X-Timestamp
cache-control
max-age=172800
content-length
7032
access-control-allow-headers
Content-Type,X-Requested-With,X-Auth-Token,X-Openstack-Request-Id,X-Container-Meta-type,X-Container-Meta-Temp-URL-Key,Authorization
x-proxy-cache
HIT
icon5.png
123.selornews.com/dannig/common-player-arrow/img/ 		3 KB
4 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://123.selornews.com/dannig/common-player-arrow/img/icon5.png
Requested by
Host: 517s61.reminews.com
URL: https://517s61.reminews.com/dannig/common-player-arrow/index.html?var=1541502&ymid=211203112352e98a4e4e85491691f8893360&rc=1&mrc=0&fsc=0&zoneid=1601571&tburl=https://play-vids.com/?geo=nl&proxy=true
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
45.133.44.4 Philadelphia, United States, ASN39572 (ADVANCEDHOSTERS-AS, NL),
Reverse DNS
Software
nginx/1.18.0 /
Resource Hash

Request headers

Accept-Language
nl-NL,nl;q=0.9
Referer
https://517s61.reminews.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date
Fri, 03 Dec 2021 16:23:13 GMT
x-openstack-request-id
txe9633a68a18a4aaaa2453-00617824f3
x-trans-id
txe9633a68a18a4aaaa2453-00617824f3
x-timestamp
1621260766.74516
accept-ranges
bytes
expires
Sun, 05 Dec 2021 16:23:13 GMT
last-modified
Mon, 17 May 2021 14:12:47 GMT
server
nginx/1.18.0
etag
1e1a7582b5da63e10485d63f97abc9a0
vary
Accept-Encoding
access-control-allow-methods
HEAD,GET,POST,PUT,PATCH,DELETE,OPTIONS
content-type
image/png
access-control-allow-origin
*
access-control-expose-headers
X-Container-Meta-Temp-Url-Key,X-Container-Bytes-Used,Last-Modified,X-Timestamp
cache-control
max-age=172800
content-length
3264
access-control-allow-headers
Content-Type,X-Requested-With,X-Auth-Token,X-Openstack-Request-Id,X-Container-Meta-type,X-Container-Meta-Temp-URL-Key,Authorization
x-proxy-cache
HIT
icon7.png
123.selornews.com/dannig/common-player-arrow/img/ 		3 KB
4 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://123.selornews.com/dannig/common-player-arrow/img/icon7.png
Requested by
Host: 517s61.reminews.com
URL: https://517s61.reminews.com/dannig/common-player-arrow/index.html?var=1541502&ymid=211203112352e98a4e4e85491691f8893360&rc=1&mrc=0&fsc=0&zoneid=1601571&tburl=https://play-vids.com/?geo=nl&proxy=true
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
45.133.44.4 Philadelphia, United States, ASN39572 (ADVANCEDHOSTERS-AS, NL),
Reverse DNS
Software
nginx/1.18.0 /
Resource Hash

Request headers

Accept-Language
nl-NL,nl;q=0.9
Referer
https://517s61.reminews.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date
Fri, 03 Dec 2021 16:23:13 GMT
x-openstack-request-id
tx34a03d7df0264ed29dc57-00617824f3
x-trans-id
tx34a03d7df0264ed29dc57-00617824f3
x-timestamp
1621260767.43555
accept-ranges
bytes
expires
Sun, 05 Dec 2021 16:23:13 GMT
last-modified
Mon, 17 May 2021 14:12:48 GMT
server
nginx/1.18.0
etag
b512735542cb07b3b2dcf153a7dfe456
vary
Accept-Encoding
access-control-allow-methods
HEAD,GET,POST,PUT,PATCH,DELETE,OPTIONS
content-type
image/png
access-control-allow-origin
*
access-control-expose-headers
X-Container-Meta-Temp-Url-Key,X-Container-Bytes-Used,Last-Modified,X-Timestamp
cache-control
max-age=172800
content-length
3283
access-control-allow-headers
Content-Type,X-Requested-With,X-Auth-Token,X-Openstack-Request-Id,X-Container-Meta-type,X-Container-Meta-Temp-URL-Key,Authorization
x-proxy-cache
HIT
icon8.png
123.selornews.com/dannig/common-player-arrow/img/ 		4 KB
5 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://123.selornews.com/dannig/common-player-arrow/img/icon8.png
Requested by
Host: 517s61.reminews.com
URL: https://517s61.reminews.com/dannig/common-player-arrow/index.html?var=1541502&ymid=211203112352e98a4e4e85491691f8893360&rc=1&mrc=0&fsc=0&zoneid=1601571&tburl=https://play-vids.com/?geo=nl&proxy=true
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
45.133.44.4 Philadelphia, United States, ASN39572 (ADVANCEDHOSTERS-AS, NL),
Reverse DNS
Software
nginx/1.18.0 /
Resource Hash

Request headers

Accept-Language
nl-NL,nl;q=0.9
Referer
https://517s61.reminews.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date
Fri, 03 Dec 2021 16:23:13 GMT
x-openstack-request-id
tx60e53b5eea60419197c7e-00617824f3
x-trans-id
tx60e53b5eea60419197c7e-00617824f3
x-timestamp
1621260767.46514
accept-ranges
bytes
expires
Sun, 05 Dec 2021 16:23:13 GMT
last-modified
Mon, 17 May 2021 14:12:48 GMT
server
nginx/1.18.0
etag
f92d6474ebc6a3a0b576749cfb4afe98
vary
Accept-Encoding
access-control-allow-methods
HEAD,GET,POST,PUT,PATCH,DELETE,OPTIONS
content-type
image/png
access-control-allow-origin
*
access-control-expose-headers
X-Container-Meta-Temp-Url-Key,X-Container-Bytes-Used,Last-Modified,X-Timestamp
cache-control
max-age=172800
content-length
4064
access-control-allow-headers
Content-Type,X-Requested-With,X-Auth-Token,X-Openstack-Request-Id,X-Container-Meta-type,X-Container-Meta-Temp-URL-Key,Authorization
x-proxy-cache
HIT
afu.php
kneeansweras.com/ 		2 KB
1 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://kneeansweras.com/afu.php?zoneid=1541501&var=1541502
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
109.206.162.83 , Netherlands, ASN50245 (SERVEREL-AS, NL),
Reverse DNS
83.162.serverel.net
Software
nginx /
Resource Hash
6702bfec76998a1942311d59413ceb63e6c3a7857b7c7c081ddb34ef74bcd41c

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36
Accept-Language
nl-NL,nl;q=0.9

Response headers

server
nginx
date
Fri, 03 Dec 2021 16:23:13 GMT
content-type
text/html; charset=utf-8
vary
Accept-Encoding
content-encoding
gzip
timing-allow-origin
*
submit.min.js
kneeansweras.com/ 		34 KB
14 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://kneeansweras.com/submit.min.js?2.0
Requested by
Host: kneeansweras.com
URL: https://kneeansweras.com/afu.php?zoneid=1541501&var=1541502
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
109.206.162.83 , Netherlands, ASN50245 (SERVEREL-AS, NL),
Reverse DNS
83.162.serverel.net
Software
nginx /
Resource Hash

Request headers

Accept-Language
nl-NL,nl;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date
Fri, 03 Dec 2021 16:23:13 GMT
content-encoding
gzip
last-modified
Thu, 02 Dec 2021 12:43:17 GMT
server
nginx
etag
W/"61a8bf65-87fb"
vary
Accept-Encoding
content-type
application/javascript
timing-allow-origin
*
/
kneeansweras.com/ 		3 KB
2 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://kneeansweras.com/?r=dir&zoneid=1541501&var=1541502&pb=33cbb9184d45525d9026e831abf9a0f81638555793&psp=c_NsZZwINH-Wv-FthVq6hDKk3OfSx-bjmBBxhiNnFWY-tj62TxVkIzF5L_oU3oIEow5qsMIqFXFBj0zMDEiwwAjX6gg3kqdciXXJR4iD9NErIqOvq89mIG5Yqzg83oZWyIJ3UqyPDZoHSW_AAfGSVJ_qGpLww1LX1XuxFnk6_LfArzX2BWEl78t37FWBhkjLgw4kszR3-JJRsF-ObAQZVuUM2Ttz7WNABPtLiZxzzJchRuuNtyFzITJflWcSBXhz6RK6TFfISXHMWzBtshMlXu3b7rK84pU-q0JNZMP3VIE1dUDoNP-nXNPIkrjqfKjv56YC-eSNW5QKsUIgOCkl_KUkgx5IAsmUdMRg0TkcxIBzb6yUJuE6wVlG3MdtDtmb8YwD6NT07NDuVXenH8HAaC-vnpygqtSyphR0tQX4SBBbfvrfdCh6b9a2VzOnJKTpl5ImCmkn0NbseAUiq-aRg9AHnp1M8lP-Ubvdws6ZybQ8y8amc1A-DGm0HWRHR0K_EK3MnEXO0JtrSw6tMYQ9dOZ7O-CameArE-_gMd9-M4iXl-BX7arLDaBpiFl-SMSsbqUPo2OGTtcC59yP7b1j-hyF7EvMc6dvASjtg0M--KFW2jGLhfHk6tY7FV1uRA0UKTP9NuU9inQOqjAVoT_Yx27_jw63bJZiow9hu-XEI2cy6yc5-XUotQ==&nojs=0&ix=0&t=0&x=1600&y=1200&wcks=1&wgl=1&cnvs=1&os=0&md=0&bb=0&pl=Chrome%20PDF%20Plugin::Chrome%20PDF%20Viewer::Native%20Client&lang=en-US&pf=Linux%20x86_64&cd=24&0&pload=355
Requested by
Host: kneeansweras.com
URL: https://kneeansweras.com/submit.min.js?2.0
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
109.206.162.83 , Netherlands, ASN50245 (SERVEREL-AS, NL),
Reverse DNS
83.162.serverel.net
Software
nginx /
Resource Hash
83c7c2b8bc5798d3352116a8ec5ed2dbf4af836fd6cf1e5c1db20fb041edea75

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36
Accept-Language
nl-NL,nl;q=0.9

Response headers

server
nginx
date
Fri, 03 Dec 2021 16:23:13 GMT
content-type
text/html; charset=utf-8
vary
Accept-Encoding
content-encoding
gzip
timing-allow-origin
*
index.html
517s61.reminews.com/dannig/common-player-arrow/ 		6 KB
7 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://517s61.reminews.com/dannig/common-player-arrow/index.html?var=1541501&ymid=21120311231567f2b0ad784d2aa3712d2da6&rc=1&mrc=0&fsc=0&zoneid=1601571&tburl=https://play-vids.com/?geo=nl&proxy=true
Requested by
Host: kneeansweras.com
URL: https://kneeansweras.com/?r=dir&zoneid=1541501&var=1541502&pb=33cbb9184d45525d9026e831abf9a0f81638555793&psp=c_NsZZwINH-Wv-FthVq6hDKk3OfSx-bjmBBxhiNnFWY-tj62TxVkIzF5L_oU3oIEow5qsMIqFXFBj0zMDEiwwAjX6gg3kqdciXXJR4iD9NErIqOvq89mIG5Yqzg83oZWyIJ3UqyPDZoHSW_AAfGSVJ_qGpLww1LX1XuxFnk6_LfArzX2BWEl78t37FWBhkjLgw4kszR3-JJRsF-ObAQZVuUM2Ttz7WNABPtLiZxzzJchRuuNtyFzITJflWcSBXhz6RK6TFfISXHMWzBtshMlXu3b7rK84pU-q0JNZMP3VIE1dUDoNP-nXNPIkrjqfKjv56YC-eSNW5QKsUIgOCkl_KUkgx5IAsmUdMRg0TkcxIBzb6yUJuE6wVlG3MdtDtmb8YwD6NT07NDuVXenH8HAaC-vnpygqtSyphR0tQX4SBBbfvrfdCh6b9a2VzOnJKTpl5ImCmkn0NbseAUiq-aRg9AHnp1M8lP-Ubvdws6ZybQ8y8amc1A-DGm0HWRHR0K_EK3MnEXO0JtrSw6tMYQ9dOZ7O-CameArE-_gMd9-M4iXl-BX7arLDaBpiFl-SMSsbqUPo2OGTtcC59yP7b1j-hyF7EvMc6dvASjtg0M--KFW2jGLhfHk6tY7FV1uRA0UKTP9NuU9inQOqjAVoT_Yx27_jw63bJZiow9hu-XEI2cy6yc5-XUotQ==&nojs=0&ix=0&t=0&x=1600&y=1200&wcks=1&wgl=1&cnvs=1&os=0&md=0&bb=0&pl=Chrome%20PDF%20Plugin::Chrome%20PDF%20Viewer::Native%20Client&lang=en-US&pf=Linux%20x86_64&cd=24&0&pload=355
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
45.133.44.3 Philadelphia, United States, ASN39572 (ADVANCEDHOSTERS-AS, NL),
Reverse DNS
Software
nginx/1.18.0 /
Resource Hash
dccc56b4834577790633f041a5c730b0f283352e63c8509a9da3961b170b6f96

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36
Accept-Language
nl-NL,nl;q=0.9

Response headers

date
Fri, 03 Dec 2021 16:23:13 GMT
content-type
text/html; charset=utf-8
content-length
6611
server
nginx/1.18.0
last-modified
Tue, 26 Oct 2021 15:52:40 GMT
etag
f46a63e0e4e733d7ddc6f46da00863bf
x-timestamp
1635263559.76455
x-trans-id
txf9973ab5455e4f86ae257-00617824f3
x-openstack-request-id
txf9973ab5455e4f86ae257-00617824f3
cache-control
max-age=172800
access-control-allow-origin
*
access-control-allow-methods
HEAD,GET,POST,PUT,PATCH,DELETE,OPTIONS
access-control-allow-headers
Content-Type,X-Requested-With,X-Auth-Token,X-Openstack-Request-Id,X-Container-Meta-type,X-Container-Meta-Temp-URL-Key,Authorization
access-control-expose-headers
X-Container-Meta-Temp-Url-Key,X-Container-Bytes-Used,Last-Modified,X-Timestamp
expires
Sun, 05 Dec 2021 16:23:13 GMT
vary
Accept-Encoding
x-proxy-cache
HIT
accept-ranges
bytes
dupa.gif
kneeansweras.com/ 		43 B
123 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://kneeansweras.com/dupa.gif?z=1541501&var=1541502&pb=33cbb9184d45525d9026e831abf9a0f81638555793&psp=c_NsZZwINH-Wv-FthVq6hDKk3OfSx-bjmBBxhiNnFWY-tj62TxVkIzF5L_oU3oIEow5qsMIqFXFBj0zMDEiwwAjX6gg3kqdciXXJR4iD9NErIqOvq89mIG5Yqzg83oZWyIJ3UqyPDZoHSW_AAfGSVJ_qGpLww1LX1XuxFnk6_LfArzX2BWEl78t37FWBhkjLgw4kszR3-JJRsF-ObAQZVuUM2Ttz7WNABPtLiZxzzJchRuuNtyFzITJflWcSBXhz6RK6TFfISXHMWzBtshMlXu3b7rK84pU-q0JNZMP3VIE1dUDoNP-nXNPIkrjqfKjv56YC-eSNW5QKsUIgOCkl_KUkgx5IAsmUdMRg0TkcxIBzb6yUJuE6wVlG3MdtDtmb8YwD6NT07NDuVXenH8HAaC-vnpygqtSyphR0tQX4SBBbfvrfdCh6b9a2VzOnJKTpl5ImCmkn0NbseAUiq-aRg9AHnp1M8lP-Ubvdws6ZybQ8y8amc1A-DGm0HWRHR0K_EK3MnEXO0JtrSw6tMYQ9dOZ7O-CameArE-_gMd9-M4iXl-BX7arLDaBpiFl-SMSsbqUPo2OGTtcC59yP7b1j-hyF7EvMc6dvASjtg0M--KFW2jGLhfHk6tY7FV1uRA0UKTP9NuU9inQOqjAVoT_Yx27_jw63bJZiow9hu-XEI2cy6yc5-XUotQ==&pload=45
Requested by
Host: kneeansweras.com
URL: https://kneeansweras.com/?r=dir&zoneid=1541501&var=1541502&pb=33cbb9184d45525d9026e831abf9a0f81638555793&psp=c_NsZZwINH-Wv-FthVq6hDKk3OfSx-bjmBBxhiNnFWY-tj62TxVkIzF5L_oU3oIEow5qsMIqFXFBj0zMDEiwwAjX6gg3kqdciXXJR4iD9NErIqOvq89mIG5Yqzg83oZWyIJ3UqyPDZoHSW_AAfGSVJ_qGpLww1LX1XuxFnk6_LfArzX2BWEl78t37FWBhkjLgw4kszR3-JJRsF-ObAQZVuUM2Ttz7WNABPtLiZxzzJchRuuNtyFzITJflWcSBXhz6RK6TFfISXHMWzBtshMlXu3b7rK84pU-q0JNZMP3VIE1dUDoNP-nXNPIkrjqfKjv56YC-eSNW5QKsUIgOCkl_KUkgx5IAsmUdMRg0TkcxIBzb6yUJuE6wVlG3MdtDtmb8YwD6NT07NDuVXenH8HAaC-vnpygqtSyphR0tQX4SBBbfvrfdCh6b9a2VzOnJKTpl5ImCmkn0NbseAUiq-aRg9AHnp1M8lP-Ubvdws6ZybQ8y8amc1A-DGm0HWRHR0K_EK3MnEXO0JtrSw6tMYQ9dOZ7O-CameArE-_gMd9-M4iXl-BX7arLDaBpiFl-SMSsbqUPo2OGTtcC59yP7b1j-hyF7EvMc6dvASjtg0M--KFW2jGLhfHk6tY7FV1uRA0UKTP9NuU9inQOqjAVoT_Yx27_jw63bJZiow9hu-XEI2cy6yc5-XUotQ==&nojs=0&ix=0&t=0&x=1600&y=1200&wcks=1&wgl=1&cnvs=1&os=0&md=0&bb=0&pl=Chrome%20PDF%20Plugin::Chrome%20PDF%20Viewer::Native%20Client&lang=en-US&pf=Linux%20x86_64&cd=24&0&pload=355
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
109.206.162.83 , Netherlands, ASN50245 (SERVEREL-AS, NL),
Reverse DNS
83.162.serverel.net
Software
nginx /
Resource Hash

Request headers

Referer
Accept-Language
nl-NL,nl;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

date
Fri, 03 Dec 2021 16:23:14 GMT
server
nginx
timing-allow-origin
*
content-length
43
content-type
image/gif
script.js
123.selornews.com/dannig/common-player-arrow/ 		4 KB
5 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://123.selornews.com/dannig/common-player-arrow/script.js?a=19
Requested by
Host: 517s61.reminews.com
URL: https://517s61.reminews.com/dannig/common-player-arrow/index.html?var=1541501&ymid=21120311231567f2b0ad784d2aa3712d2da6&rc=1&mrc=0&fsc=0&zoneid=1601571&tburl=https://play-vids.com/?geo=nl&proxy=true
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
45.133.44.4 Philadelphia, United States, ASN39572 (ADVANCEDHOSTERS-AS, NL),
Reverse DNS
Software
nginx/1.18.0 /
Resource Hash
4d23eca65ee87fd5bce9aaefc863c5f836ad13dbb3069c72533bddfe2054d0d9

Request headers

Accept-Language
nl-NL,nl;q=0.9
Referer
https://517s61.reminews.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date
Fri, 03 Dec 2021 16:23:14 GMT
x-openstack-request-id
tx6b9d6a665c1049d689b35-00617824f0
x-trans-id
tx6b9d6a665c1049d689b35-00617824f0
x-timestamp
1631013005.68768
accept-ranges
bytes
expires
Sun, 05 Dec 2021 16:23:14 GMT
last-modified
Tue, 07 Sep 2021 11:10:06 GMT
server
nginx/1.18.0
etag
9d479878f1dadd7ee15cebf73891e8ae
vary
Accept-Encoding
access-control-allow-methods
HEAD,GET,POST,PUT,PATCH,DELETE,OPTIONS
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
access-control-expose-headers
X-Container-Meta-Temp-Url-Key,X-Container-Bytes-Used,Last-Modified,X-Timestamp
cache-control
max-age=172800
content-length
4281
access-control-allow-headers
Content-Type,X-Requested-With,X-Auth-Token,X-Openstack-Request-Id,X-Container-Meta-type,X-Container-Meta-Temp-URL-Key,Authorization
x-proxy-cache
HIT
icon1.png
123.selornews.com/dannig/common-player-arrow/img/ 		7 KB
8 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://123.selornews.com/dannig/common-player-arrow/img/icon1.png
Requested by
Host: 517s61.reminews.com
URL: https://517s61.reminews.com/dannig/common-player-arrow/index.html?var=1541501&ymid=21120311231567f2b0ad784d2aa3712d2da6&rc=1&mrc=0&fsc=0&zoneid=1601571&tburl=https://play-vids.com/?geo=nl&proxy=true
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
45.133.44.4 Philadelphia, United States, ASN39572 (ADVANCEDHOSTERS-AS, NL),
Reverse DNS
Software
nginx/1.18.0 /
Resource Hash

Request headers

Accept-Language
nl-NL,nl;q=0.9
Referer
https://517s61.reminews.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date
Fri, 03 Dec 2021 16:23:14 GMT
x-openstack-request-id
tx49179b220e3d4b2a8ab8c-00617824f3
x-trans-id
tx49179b220e3d4b2a8ab8c-00617824f3
x-timestamp
1621260766.56573
accept-ranges
bytes
expires
Sun, 05 Dec 2021 16:23:14 GMT
last-modified
Mon, 17 May 2021 14:12:47 GMT
server
nginx/1.18.0
etag
3d0ab5834c8bf7134e4d21fa3288317f
vary
Accept-Encoding
access-control-allow-methods
HEAD,GET,POST,PUT,PATCH,DELETE,OPTIONS
content-type
image/png
access-control-allow-origin
*
access-control-expose-headers
X-Container-Meta-Temp-Url-Key,X-Container-Bytes-Used,Last-Modified,X-Timestamp
cache-control
max-age=172800
content-length
7252
access-control-allow-headers
Content-Type,X-Requested-With,X-Auth-Token,X-Openstack-Request-Id,X-Container-Meta-type,X-Container-Meta-Temp-URL-Key,Authorization
x-proxy-cache
HIT
icon2.png
123.selornews.com/dannig/common-player-arrow/img/ 		4 KB
5 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://123.selornews.com/dannig/common-player-arrow/img/icon2.png
Requested by
Host: 517s61.reminews.com
URL: https://517s61.reminews.com/dannig/common-player-arrow/index.html?var=1541501&ymid=21120311231567f2b0ad784d2aa3712d2da6&rc=1&mrc=0&fsc=0&zoneid=1601571&tburl=https://play-vids.com/?geo=nl&proxy=true
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
45.133.44.4 Philadelphia, United States, ASN39572 (ADVANCEDHOSTERS-AS, NL),
Reverse DNS
Software
nginx/1.18.0 /
Resource Hash

Request headers

Accept-Language
nl-NL,nl;q=0.9
Referer
https://517s61.reminews.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date
Fri, 03 Dec 2021 16:23:14 GMT
x-openstack-request-id
txf76832240ecf49d5a5794-00617824f3
x-trans-id
txf76832240ecf49d5a5794-00617824f3
x-timestamp
1621260766.58366
accept-ranges
bytes
expires
Sun, 05 Dec 2021 16:23:14 GMT
last-modified
Mon, 17 May 2021 14:12:47 GMT
server
nginx/1.18.0
etag
c947d439eb93367f1af5b2a3d222f057
vary
Accept-Encoding
access-control-allow-methods
HEAD,GET,POST,PUT,PATCH,DELETE,OPTIONS
content-type
image/png
access-control-allow-origin
*
access-control-expose-headers
X-Container-Meta-Temp-Url-Key,X-Container-Bytes-Used,Last-Modified,X-Timestamp
cache-control
max-age=172800
content-length
4576
access-control-allow-headers
Content-Type,X-Requested-With,X-Auth-Token,X-Openstack-Request-Id,X-Container-Meta-type,X-Container-Meta-Temp-URL-Key,Authorization
x-proxy-cache
HIT
icon3.png
123.selornews.com/dannig/common-player-arrow/img/ 		8 KB
8 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://123.selornews.com/dannig/common-player-arrow/img/icon3.png
Requested by
Host: 517s61.reminews.com
URL: https://517s61.reminews.com/dannig/common-player-arrow/index.html?var=1541501&ymid=21120311231567f2b0ad784d2aa3712d2da6&rc=1&mrc=0&fsc=0&zoneid=1601571&tburl=https://play-vids.com/?geo=nl&proxy=true
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
45.133.44.4 Philadelphia, United States, ASN39572 (ADVANCEDHOSTERS-AS, NL),
Reverse DNS
Software
nginx/1.18.0 /
Resource Hash

Request headers

Accept-Language
nl-NL,nl;q=0.9
Referer
https://517s61.reminews.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date
Fri, 03 Dec 2021 16:23:14 GMT
x-openstack-request-id
tx71cc30c578354a508345c-00617824f3
x-trans-id
tx71cc30c578354a508345c-00617824f3
x-timestamp
1621260770.61859
accept-ranges
bytes
expires
Sun, 05 Dec 2021 16:23:14 GMT
last-modified
Mon, 17 May 2021 14:12:51 GMT
server
nginx/1.18.0
etag
8f3cc830da0b1fdf66bda7d1d734747b
vary
Accept-Encoding
access-control-allow-methods
HEAD,GET,POST,PUT,PATCH,DELETE,OPTIONS
content-type
image/png
access-control-allow-origin
*
access-control-expose-headers
X-Container-Meta-Temp-Url-Key,X-Container-Bytes-Used,Last-Modified,X-Timestamp
cache-control
max-age=172800
content-length
7847
access-control-allow-headers
Content-Type,X-Requested-With,X-Auth-Token,X-Openstack-Request-Id,X-Container-Meta-type,X-Container-Meta-Temp-URL-Key,Authorization
x-proxy-cache
HIT
icon4.png
123.selornews.com/dannig/common-player-arrow/img/ 		7 KB
7 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://123.selornews.com/dannig/common-player-arrow/img/icon4.png
Requested by
Host: 517s61.reminews.com
URL: https://517s61.reminews.com/dannig/common-player-arrow/index.html?var=1541501&ymid=21120311231567f2b0ad784d2aa3712d2da6&rc=1&mrc=0&fsc=0&zoneid=1601571&tburl=https://play-vids.com/?geo=nl&proxy=true
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
45.133.44.4 Philadelphia, United States, ASN39572 (ADVANCEDHOSTERS-AS, NL),
Reverse DNS
Software
nginx/1.18.0 /
Resource Hash

Request headers

Accept-Language
nl-NL,nl;q=0.9
Referer
https://517s61.reminews.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date
Fri, 03 Dec 2021 16:23:14 GMT
x-openstack-request-id
txb8f1856cff034b1197491-00617824f3
x-trans-id
txb8f1856cff034b1197491-00617824f3
x-timestamp
1621260766.57654
accept-ranges
bytes
expires
Sun, 05 Dec 2021 16:23:14 GMT
last-modified
Mon, 17 May 2021 14:12:47 GMT
server
nginx/1.18.0
etag
7ad7f32c1c0df7b4975cc41bda4ac435
vary
Accept-Encoding
access-control-allow-methods
HEAD,GET,POST,PUT,PATCH,DELETE,OPTIONS
content-type
image/png
access-control-allow-origin
*
access-control-expose-headers
X-Container-Meta-Temp-Url-Key,X-Container-Bytes-Used,Last-Modified,X-Timestamp
cache-control
max-age=172800
content-length
7032
access-control-allow-headers
Content-Type,X-Requested-With,X-Auth-Token,X-Openstack-Request-Id,X-Container-Meta-type,X-Container-Meta-Temp-URL-Key,Authorization
x-proxy-cache
HIT
icon5.png
123.selornews.com/dannig/common-player-arrow/img/ 		3 KB
4 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://123.selornews.com/dannig/common-player-arrow/img/icon5.png
Requested by
Host: 517s61.reminews.com
URL: https://517s61.reminews.com/dannig/common-player-arrow/index.html?var=1541501&ymid=21120311231567f2b0ad784d2aa3712d2da6&rc=1&mrc=0&fsc=0&zoneid=1601571&tburl=https://play-vids.com/?geo=nl&proxy=true
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
45.133.44.4 Philadelphia, United States, ASN39572 (ADVANCEDHOSTERS-AS, NL),
Reverse DNS
Software
nginx/1.18.0 /
Resource Hash

Request headers

Accept-Language
nl-NL,nl;q=0.9
Referer
https://517s61.reminews.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date
Fri, 03 Dec 2021 16:23:14 GMT
x-openstack-request-id
txe9633a68a18a4aaaa2453-00617824f3
x-trans-id
txe9633a68a18a4aaaa2453-00617824f3
x-timestamp
1621260766.74516
accept-ranges
bytes
expires
Sun, 05 Dec 2021 16:23:14 GMT
last-modified
Mon, 17 May 2021 14:12:47 GMT
server
nginx/1.18.0
etag
1e1a7582b5da63e10485d63f97abc9a0
vary
Accept-Encoding
access-control-allow-methods
HEAD,GET,POST,PUT,PATCH,DELETE,OPTIONS
content-type
image/png
access-control-allow-origin
*
access-control-expose-headers
X-Container-Meta-Temp-Url-Key,X-Container-Bytes-Used,Last-Modified,X-Timestamp
cache-control
max-age=172800
content-length
3264
access-control-allow-headers
Content-Type,X-Requested-With,X-Auth-Token,X-Openstack-Request-Id,X-Container-Meta-type,X-Container-Meta-Temp-URL-Key,Authorization
x-proxy-cache
HIT
icon7.png
123.selornews.com/dannig/common-player-arrow/img/ 		3 KB
4 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://123.selornews.com/dannig/common-player-arrow/img/icon7.png
Requested by
Host: 517s61.reminews.com
URL: https://517s61.reminews.com/dannig/common-player-arrow/index.html?var=1541501&ymid=21120311231567f2b0ad784d2aa3712d2da6&rc=1&mrc=0&fsc=0&zoneid=1601571&tburl=https://play-vids.com/?geo=nl&proxy=true
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
45.133.44.4 Philadelphia, United States, ASN39572 (ADVANCEDHOSTERS-AS, NL),
Reverse DNS
Software
nginx/1.18.0 /
Resource Hash

Request headers

Accept-Language
nl-NL,nl;q=0.9
Referer
https://517s61.reminews.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date
Fri, 03 Dec 2021 16:23:14 GMT
x-openstack-request-id
tx34a03d7df0264ed29dc57-00617824f3
x-trans-id
tx34a03d7df0264ed29dc57-00617824f3
x-timestamp
1621260767.43555
accept-ranges
bytes
expires
Sun, 05 Dec 2021 16:23:14 GMT
last-modified
Mon, 17 May 2021 14:12:48 GMT
server
nginx/1.18.0
etag
b512735542cb07b3b2dcf153a7dfe456
vary
Accept-Encoding
access-control-allow-methods
HEAD,GET,POST,PUT,PATCH,DELETE,OPTIONS
content-type
image/png
access-control-allow-origin
*
access-control-expose-headers
X-Container-Meta-Temp-Url-Key,X-Container-Bytes-Used,Last-Modified,X-Timestamp
cache-control
max-age=172800
content-length
3283
access-control-allow-headers
Content-Type,X-Requested-With,X-Auth-Token,X-Openstack-Request-Id,X-Container-Meta-type,X-Container-Meta-Temp-URL-Key,Authorization
x-proxy-cache
HIT
icon8.png
123.selornews.com/dannig/common-player-arrow/img/ 		4 KB
5 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://123.selornews.com/dannig/common-player-arrow/img/icon8.png
Requested by
Host: 517s61.reminews.com
URL: https://517s61.reminews.com/dannig/common-player-arrow/index.html?var=1541501&ymid=21120311231567f2b0ad784d2aa3712d2da6&rc=1&mrc=0&fsc=0&zoneid=1601571&tburl=https://play-vids.com/?geo=nl&proxy=true
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
45.133.44.4 Philadelphia, United States, ASN39572 (ADVANCEDHOSTERS-AS, NL),
Reverse DNS
Software
nginx/1.18.0 /
Resource Hash

Request headers

Accept-Language
nl-NL,nl;q=0.9
Referer
https://517s61.reminews.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date
Fri, 03 Dec 2021 16:23:14 GMT
x-openstack-request-id
tx60e53b5eea60419197c7e-00617824f3
x-trans-id
tx60e53b5eea60419197c7e-00617824f3
x-timestamp
1621260767.46514
accept-ranges
bytes
expires
Sun, 05 Dec 2021 16:23:14 GMT
last-modified
Mon, 17 May 2021 14:12:48 GMT
server
nginx/1.18.0
etag
f92d6474ebc6a3a0b576749cfb4afe98
vary
Accept-Encoding
access-control-allow-methods
HEAD,GET,POST,PUT,PATCH,DELETE,OPTIONS
content-type
image/png
access-control-allow-origin
*
access-control-expose-headers
X-Container-Meta-Temp-Url-Key,X-Container-Bytes-Used,Last-Modified,X-Timestamp
cache-control
max-age=172800
content-length
4064
access-control-allow-headers
Content-Type,X-Requested-With,X-Auth-Token,X-Openstack-Request-Id,X-Container-Meta-type,X-Container-Meta-Temp-URL-Key,Authorization
x-proxy-cache
HIT
afu.php
kneeansweras.com/ 		2 KB
1 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://kneeansweras.com/afu.php?zoneid=1541502&var=1541501
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
109.206.162.83 , Netherlands, ASN50245 (SERVEREL-AS, NL),
Reverse DNS
83.162.serverel.net
Software
nginx /
Resource Hash
1900eea86a21db5f578ab47351f41fc618a1d106d5baff4080dcc2441536e1a5

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36
Accept-Language
nl-NL,nl;q=0.9

Response headers

server
nginx
date
Fri, 03 Dec 2021 16:23:14 GMT
content-type
text/html; charset=utf-8
vary
Accept-Encoding
content-encoding
gzip
timing-allow-origin
*
submit.min.js
kneeansweras.com/ 		34 KB
14 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://kneeansweras.com/submit.min.js?2.0
Requested by
Host: kneeansweras.com
URL: https://kneeansweras.com/afu.php?zoneid=1541502&var=1541501
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
109.206.162.83 , Netherlands, ASN50245 (SERVEREL-AS, NL),
Reverse DNS
83.162.serverel.net
Software
nginx /
Resource Hash
85a367f436675a0f9ff723ab117c68ab0f704cd9f183bc40c8d5e06d647832b8

Request headers

Accept-Language
nl-NL,nl;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date
Fri, 03 Dec 2021 16:23:14 GMT
content-encoding
gzip
last-modified
Thu, 02 Dec 2021 12:43:17 GMT
server
nginx
etag
W/"61a8bf65-87fb"
vary
Accept-Encoding
content-type
application/javascript
timing-allow-origin
*
Primary Request /
kneeansweras.com/ 		3 KB
2 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://kneeansweras.com/?r=dir&zoneid=1541502&var=1541501&pb=81f41098a74799f2ccd7c12d88e183a51638555794&psp=WbOFTamuScodDMMPUjk2KrjTXIViCXIAVY1uENJJ10WLJBeogLH6khjq3Pw9x9dKXK3LeU3R7q60Zwzi_64agH8fQSlAr7X3_fvMBtgCy-5bfobdT-bnfrlGW3Qhi9RCXLbNWB6BfuZrCur86UjHD4_BogpWaOI_TwVobFb2noSYXdJ4vjNWrMByRBvB38rIeE9hoGymmcIOKFO4tjDHfP1KYv-V4ae86SeRAottuPWoo2fvdXPs7kkmNNhDTr0rm29hMr899IJuIsifqg_MScG1XBoX_umXb2MRPp9kcQqDkFGTc1cQOvL67gSwou-zH5qtnoXsSSREiNK29wZo1RdA4CB_cIC1_pNGKXdYmsq45zWrvdTCDO6Erq_QHLxKsWyCkWrnsTD_OluANcXrBkrrs6t-q4piBhGvrRGi9MQrcyH4it-xhiMC76y5nVv7RvpTrJkTf8l4L6A2q0xjqHzwr_SJC_hrgtADYWREeYpwEhBJaG6peFY7l5E86cM7DWVdcSX4rZospdDzm7SJCNBmFp6n-3A18ucIPugycPVDFZsUtRgmtwap9_SKYtqJzs_wWDQpiEQp7Aalw2MgmHwuQCETuvuezXZ6tjVGN--BDaRTJ9XdYEGT6k9FkzHbMi8V_gZlSgu2HJfhITR8UlwF-0_TTOysgZwGPEuKf-FvSDNvjyOAGQ==&nojs=0&ix=0&t=0&x=1600&y=1200&wcks=1&wgl=1&cnvs=1&os=0&md=0&bb=0&pl=Chrome%20PDF%20Plugin::Chrome%20PDF%20Viewer::Native%20Client&lang=en-US&pf=Linux%20x86_64&cd=24&0&pload=102
Requested by
Host: kneeansweras.com
URL: https://kneeansweras.com/submit.min.js?2.0
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
109.206.162.83 , Netherlands, ASN50245 (SERVEREL-AS, NL),
Reverse DNS
83.162.serverel.net
Software
nginx /
Resource Hash
2747f581f3850a6a5b41a1d498129b807bb5605a92a6bee8272734422aea494c

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36
Accept-Language
nl-NL,nl;q=0.9

Response headers

server
nginx
date
Fri, 03 Dec 2021 16:23:14 GMT
content-type
text/html; charset=utf-8
vary
Accept-Encoding
content-encoding
gzip
timing-allow-origin
*
index.html
517s61.reminews.com/dannig/common-player-arrow/ 		0
0
dupa.gif
kneeansweras.com/ 		0
0

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain
kneeansweras.com
URL
https://kneeansweras.com/dupa.gif?z=1541502&var=1541501&pb=d7a53d1bb7d22e5df7315e46fac23a1c1638555764&psp=ELAe9LQk7SJpTi0sbsET0bkkdScFOLkTeqSYxp9mAuvtCFSgPX5Eux9tQaR3Ka-ogdVMBv49Ef2AqPN5f905CBXfJRNqK_ynit0sxBFTPUvAaea3uePFC77ZWipgzDm_JWZBQUD8kaDc4Qt6kK2aq_A0yPF6b5400L3EWdF-qOU16OZQeIMdr9cBa3CCVkjjlc1nNqSOfI8odVaDGNiSNLBBwl_330x9L7zufF3i7s-OfOoWJ4wz2eeAvQujqNH-KK_iuxcpXeM278RkKdQzxkEc-OHxEZeZe4uQA2BOEIH8ZCAqJb3onrwLN04mA2sHU1y8KLlRD_fd7fD61cxbSXLgEvUZquTk8siqBUFVSyR-HrcBSGe17JkTwkn2bJArqcRf9bHuOWtnVpwo2IpAf_FwXIZ4LVzieouxoEGTx7rK4lCndFQ4NGfYwwElH2Dj0mEr5toZp3stpAlEQlVVkdO93c_xh_sGGGkUXBZmzlU5Ay3ODGpbg6pVOQiAxRSr8e-aqO5Oy-s-HDsHWd3QLcpLyIFq9M8nU6J35ypzazfJdzVEtMF7iS9-eSD3-FXcmR2t_HnFIPpC1vlifuLMtl50xV-smZOGrIK7TSG7eWLH0s2CfUgAOswlLKn95Hdzgd6Uws3GWxGFBGa4NIqZrULKos2ZBCy9YQc3HkYlkQMoXDP2T-hbAg==&pload=49
Domain
kneeansweras.com
URL
https://kneeansweras.com/dupa.gif?z=1541502&var=1541501&pb=d7a53d1bb7d22e5df7315e46fac23a1c1638555764&psp=eEhHyW8l0M12ypw7Y1DnTmBVrMgwyO1m8Yfhn1100OetVMXDNTT7jtdkMHTJuS45lm8iOXsSgrQTDgj-HH3UOzuHaSigx4lDvH1GFVRJGWRfvgsONl4ISdPVWvRHYH5TOUmXroBe8EZe9iur2dYXmCHk556K5ILKuRhzBFqWJwqgjZ3LhxRvW-lrxfDG_SkEpQ6WzBfHfP8yrCtt33_VxN0JexT2m7RdAMfdq3IQhK01Tr2YdhJGl1PhhwVf_vBoyXwcaNkkYzsLDQlb_CsOe37KRkca8dvSmGMNFVp_wmmhzeKRqLaj9tLkpwpa6YYO--qxZMiQNYOg4hEx1xqewDXRf9EmryX_AC5Hue3f7IUCilBuIWHI3O5CT7tojo289419dSv2tMQZYCrmbeBhpzOQsuGgVxd1Yr71d2t-WXJKLqHicd2UOR1-xIHqOn9X07rlxf4y8y8sXzJhR-N5QxJcLb3AXax0kGeZwx43lVOzNcqK1dG-6xDu6dK-9-S2x8c7iQFWXpa7HUMPs9eHYRrVsASGvgBxWKJ5j4Huo_RL63_KVr04AMi_Dv3JAj0tRG27OmlbT9PQHwANOXswdW5zEBn5VMzG56s4nzBE7HWyMi5KIh3PgSVsOjUxVPCh023mBo9XNQmnhxrtFnFqbnwnYlCa4FhVpbR-fsV5aYVHJeRs53d21g==&pload=43
Domain
kneeansweras.com
URL
https://kneeansweras.com/dupa.gif?z=1541501&var=1541502&pb=d7a53d1bb7d22e5df7315e46fac23a1c1638555764&psp=f8WV40hkK3Xzin9T9ptCxr5xAZXShQQPEDX1f63tNgXcD8l7NcjWWTPcPTlfB3lUgiTrTtO3N3RJVV_29NGZQJRHo7dyh0PcuCVM99w4eZRGNUvaVS0d32j72XQv7YrZytUr9bfcJSwlzESxm_8Y5vKYYHff-Dwr5q5CdPiE82JHCJBOtSk3D2F1MkV7kg7KCPBYuIBe0gpU2X_HGY-GA_yIAUitZ9lDKqe69P34o33kOHq7NSRxeM440xtUOgO5KqJqBbbNYXyyAYwwn0U8zyiOzO35audmX0Y7-1UA3OTDrzcC-oDyaAyXrxxugB5hR74nOoCkoz4-2CWqHECazEYdpJv3_a5WNeNth7FCEu2EEEQQYXPE83m8G143sGrWJw7zENx9KNSkRvXKrg-gpd2FGMZ5kR8W-sbeQufKFDh4Tp05ncFYeieOEtLekgLl9LuVQ2u2sFStTPk6KVWsHrk9fMQZDnEbEfI6teR60csAJb9Fn3U8kXzN9rsj2BhC3E2MHLjUC9ZEGJ3pXGdxcME8EWIxHSNYeSZxV72PkIoZK8ihxIaNhI24HQmGoyq475jJMp22YaIxMJ5GA9W4UKyeNV9W8uCvNl-TIs02eLgFeJcfN5Sv8zrrSqOTncE3MQilGHQDH1ryvGSRuoEWM9ujVkI8XiM2maqAJqkkwidjgmIGrUjAhQ==&pload=41
Domain
kneeansweras.com
URL
https://kneeansweras.com/dupa.gif?z=1541502&var=1541501&pb=fdeb0896f6f745991ce0d467973311521638555765&psp=hVRY7bVos7UXqwGQ-YYmsa0hiH2SUJqRCQTcJR1_Gcp03ixYgvMN8PsUuGzmObIVCLHC-F03XRidAou6Hej3JwutDXNuvKK-J3oGihErqU7DaobgHPXHFuCHFK7qmkmd7JAVGbn6hrsudGUTTowV6Zh4g--mWVlyxEl_f1o4Ih_26H7cNFiP1E4olUPD22WYG-DySU9GksEyIc1n_7OOn2ZkYVebvbHYhC92wDUK5HbCSw4Q0FRaiPwZyQb0a3qboroKhkUVv8InGIAM5D0BFVHHtJe5KMB5tDLGoJLF7PTJr5f3VuoEHTpYPZIOKaxTXeF3W79RZAnPTjPMhVSsqhRiPmUzZZ_Eu8lUHcoYZlsjZGbeYkxB5fnFEcyewEyqIBPHgT0yE21VbGfbdN-oPCtfzkwwUvcpvg49L8NZ-CBl2LVRTIy19keWVkRSWOF-6XjR6bRcv6AJeiUgchFjWVZy6N2ggLy7VHhmUoLBwmTB4vPR-WBKYF2U_63W_VIOq6KsnHdu9Az7LXz5eZHZuGwkP9y7vCpCP8lZe3K-aH43TQJZBps1UsXdv6uTSHCIHGOkadiqH6uTs4klvx0HJ5CkGp-Gstgda5H2Z-8qMaHJHJU7NS_VW7jYuAalkhfTZOeKXXtTQ1ca3Vcpsct5LtpUBLm6yEPgLlPu5YRFIsVKmmz05m8ogQ==&pload=43
Domain
kneeansweras.com
URL
https://kneeansweras.com/dupa.gif?z=1541501&var=1541502&pb=fdeb0896f6f745991ce0d467973311521638555765&psp=kmIbzkxiM2Se0b9tVdn5n8nEP6bXqXqNxhDPf3iH6L2_ix5xybFjTI0DOgASKfXy9cpLAGif_U1FKAZcYj3WLiE6nEoax4dkCchU8O8H6rFjxI3IWOIYi6t4yFUq8j2viDRuMlmhLWfBGErnJkWC49OG5nMG83fmUYnQ5nKCywdrlv89KHHKtaNSwiAWCYnuetYCa0YwC8PemWzzSncrUE9k-vi4sFVg6ByjDK6AMO2bGRT2GLguanE88BI8FpjwWMGL1a-oblCoK0rlAW1iJzUIxWMRDtI7L6N6Eqymn-Ysw-diYVazqDRtRwjYSO8UwMMsAEyhcPuEocuDC5WCjyTevY_KXSinQ6BHgjhv--8sdYOQ3wGqSHZkpv6WCR5Cqicml9WM_9DE6A0v6JgNMmVBNkyCLQ0hIroAoWvfxwq0DNaWsO2feeHmRj6rXfptmG_7kpaI5GEsxC51Hqt3Pu8hbjyKlydlXnTCd7U3z101DznwIUQfthcURjR-gWFdIkZALX_97CmsGbZtFQhBL8cILd24hhO5v2R_o_KXtzgyQyFj6ipnYwiNq75M67PlUHSi_OuR-Iwm9sdr2e7jtE4dquFshpg4OYUHk0p7Zgn3GdAZsj0txZvGmZq1GhrKsAAEifMzZL31GSvi3Zh4ybflMS5i_a1Ix74OdrTrl1C45T-4PnIlkQ==&pload=52
Domain
kneeansweras.com
URL
https://kneeansweras.com/dupa.gif?z=1541501&var=1541502&pb=fdeb0896f6f745991ce0d467973311521638555765&psp=z9hyjXGnqTKkKFAjSL7Yb5zbhdktdpWlbnhB-gkdonKkxaBMP9njW9RRmVjaRv2j3FhSjfb61dpA18QOVWxh0yNsQ1fcxexa8EK_NcEmT84mBxOUI4hU-yJLknPVbqW5Wd4SMsBCcuPHtRNWn3Mkgzdiaurjxqr20rYokHTPcY1MC7txUIwn2z07FoDx6LSbhCwfwq_0rSox7cZ2t00CkDNnQQvws4KHNS_07C2fBD1lNFGCbwPAh660xNKHgkV5S6TngTLaqNxNwcRNmJQrQZyvxgSguyxgJ64vh-92hU9AJLHF5DHUfDp7bHBtpPPVXer2mwGtRe3rfGl8wjQDzAIF_Owf13647aSYqs-6eieHCuaOrcL_4382hC5KIEGcYxZ1SkM2jePQ8tMV0S7HaA3E5rLHUm-iN_yVfcompeWjJWgGqonzJlU_ck5Tut67MlbE6s7PpF-EY8StdnG-AX231idJOVAyvyC3IJR2dmX5KwJJuhEfQkN0KmGaCAv-bIiI710KG-puY9ksIBa1PqUs7iBpZv4K1SXmYxP_ay3dckoiTAkFyXoa3gTAdSVdCTiBFUpvirIMPJ6fixoKXyIF0abVSV69y5HQRPoIaS68VfPoVB4VG_vYfQgbg1eyhsQdKfDdxjjuvm3R-aj-vVzAU6DnxxOjIVon6ot9w9e9GwOPCtWSdw==&pload=52
Domain
kneeansweras.com
URL
https://kneeansweras.com/dupa.gif?z=1541502&var=1541501&pb=4b3ab314b204a90189f2334c11f203081638555766&psp=7krTY-8DEXaGZmmO2FnunrWhBQ3p388Ekgj82KJvl0NvI3G2aOWUjUg1Ns_1TYtI2dXP04fYoD-Fca_LcVr9WQlunW_QkDS9Sr9XJ2t7rgVlILH5Qq7-9WB0jCf7Ui4vkBqb0YKpMO1uXBlQPOB8XbJRT3vYJpdnuff-jOYdv00iWqpBJ0Rlf2OblF6LxvUGaFqQwwmd92qTA_ns_kbtlYfD-GMULsDL-taHGDO93CLUFvQ1g78Mh4GXudWreZ6K2CeGllUv8nvTY4dzV22REETSg4ENAjL006OGXK4EQFjwjyohSTiVkhxBNKVjb6B1Z-Ffbx1k5LMDJ2jaOl9LLdX_n43sLhtA1fp_YX69BcYz4iklmVDTdubz4fgcM3nkrdRpY01saSCDlymqvUmadzMrJn1N3E2auyXBfJp8DYhRq2dgjcHYdkvuFsJbfy_9VFA6PFI3VduWH2Qhc7UPWIOoNmoPvEumq90tJCcKVcIsqQKoY9g_J4cEg7worW60Cv4_YSONvhhPGRql3ijl8xwTDxo60XvlT9lcKDsA9Hm1ZGzOs2-vlX15kD4eK4pp1350-X0MS5DzTMYZ5kTo8JM2Esd3z_yIUhpCxfRaWV4u9p-ypn7-9xNcjPFQSzznM86WGNfy5WiuJw7Pt7Zr4TQct1G7isiES4qdMUF7lyC2D56t4q7g_g==&pload=43
Domain
kneeansweras.com
URL
https://kneeansweras.com/dupa.gif?z=1541501&var=1541502&pb=4b3ab314b204a90189f2334c11f203081638555766&psp=IN7pd8aOc0wakdnrHX8gvet7OJkwkuKn3tKHFq2Mk6giScwkLVSkn49j6uex0ha0QQb7ZVV21B1hH2Vegm3-B8C6Tj_llDqvbdValTRLwLy1nulQbQjLoID3tEK4cN5rT9EQEWLv75K32duoYK22jebLbCm7h3VEaHl18YX4qoPstyyDn0OeoOvzdLQcB8f1tfK3hZIV8oAvbtmAGQwB5hHG2N2LQMOIewMkoLKlXHPNVA_7V1t2rDcLOwbrlUBe-b9zXwNq7uro5qfgLYCFqPGzVEB7S4QNFqXjPYwxRLvaPPaoFEtJlnR-QnuFvcBU3jbzpwdifw1iCuPWwMWKodJyWm6_RtFJqlPFvaVyfmQ7s2JyfxVt1j4H-5oHyl8GizB0IUFqQUWrIkdssnU_K0ebL4b5tibDdEmBwNRyt5vwcuPqJKYoR3I2Hq-7XPBlF4O4vaI5ujtthxAdkcYKi4o1YqDnyvTVDCE4x3mjqd84bVvBa2-AFQmYhy-tWWbEyMcnv5cHgjFmt7rIxe8k9s-SpQb_10IDtJ4W7cjAGy6KJxUe_VPgbdNkpql5KCPoRtAlzZzcLdJ8evMB4PIRsNmoLfAgJztvTx39AhsPGXSHKetEeBkx8hWUYIXcmkAUOCPZyHFWh-OuHwc_bsKSDoFmW4srdzqEPuQtYAnKoMYvJf8VUEx83w==&pload=45
Domain
kneeansweras.com
URL
https://kneeansweras.com/dupa.gif?z=1541502&var=1541501&pb=4b3ab314b204a90189f2334c11f203081638555766&psp=9lTUFs1dKLUYtY9aPrqJEXBqlCpiPuVuZW871MndA2pB6CqLs9qHX3j0Rg1PSMV7tPR4rPq46lbZ8swkJTzWUOYbAibJbHNoCC1DMRtaYZJAhrCn0IN46LKZRNyP00xFLLaT2ZpgNdnNq9QVDT41yjD28FkgrcDJ6nSzTBsiC_dgZj7RZbM1iv-9oBzdRxuce6qjU6TbIBpGw-U8PWEcSw0ec7Nih41pYaL1DOwz80CcpEtfyCyxgW7-CAWHjplKAdwqMjyU_jwUuklS8GrRoMPXc4Oag4IkKy8pbbCxwyUR2W3HhRDHLsfarahSSFA1JkbrHgerlSckJQcrSpj-l4KqAx5EaQurrQ9YY_5Yi4Ef1ASbWQhPv0iptvVtMp-krT-75XNffPEe0fsioOl-Y9opmq3vl5sEyx09oMWm1cFTnMHR1Nt_SZRyNcMQxuKOgC9USx4Qhge78_WEfd0JklfzI4dko1fMHwOkb6Zu8n_mJqmZZxAl4uexmfaOgCbmNbvYmbyyHdF9s4XGGY8gCKdDvuN4oEuzA2aHzqmLXN4oLHtHZ1HuiYbKGQU61wXbwc7apBBdTiMrtsUHpfshTWM7517dCT2xbMaDFupnhl5UkJN65tm42pYz-RW5Gy2nxwZFRtYwm3Wuzs406s9HR3lQ7VZVwzca1xZtW65lSyzolWwpGQ2YYA==&pload=46
Domain
kneeansweras.com
URL
https://kneeansweras.com/dupa.gif?z=1541501&var=1541502&pb=4b3ab314b204a90189f2334c11f203081638555766&psp=FLvT1XZBOiqOOAgHkTRIh8Iw-TwfXzWKgFXXOVZynBEUY1QZp1uJUlAl0HoEDFwYgdAMTpQqRbj4nfgZhvjU8JTMOavkyGS_5gz1pTasz57emE3c4J7d-FroSedYEPGl_rJ3HeC9DroO9tt96O8YnKiaWO2ynWIE9QB-W2bZs_wdngZg4hd1eZjjOgmAR7k9PhMsrqLrF6pY-MCkj-ro9cTadaPWPDVc8XR4k-uObJRu25K9A7P4Rqd2tC0O2JtYOH8ZtgjgwEvoAOKQbnqrTXgsafZHpXZM0LgmogWiKysdOs39GqxGQpMmCRQUrFHnzzlI5qxMqu4qFOlQ2cmYeehFIfnZbFBIbFHBV4U6gxjJrJrIZs4ID-Co3wgIY-nWSYDgsCfsMVLTPU2FL4DZsAuwsftPyS-V06mzIAzf5pIysi4x3GJ_7Ue9Xk2QkX52GkBneMhfkaRFiOeX2U5lzGy88U-ao3Q5QtMW566gAWIXXSQrwvA9l9hvh7I4tRok0xH6wdrScNzqNiXoxpJFTZA-qRfFyj93HuxOY91QwPf7MqZ54cKioVgLnQIB_hyvPXNNecR2o9ojla-SrU0JCgKt-HzBJcEvB9FkakA1ynryrKvG_AlVFpuY8AzQnUtHAzH8654nKFYlcUZ7PLz3B6DhtXkAc7Gq-ZfYmJyaH1E95-g-u4Gd8A==&pload=68
Domain
kneeansweras.com
URL
https://kneeansweras.com/dupa.gif?z=1541502&var=1541501&pb=49bc048204b6abe9985c0cd8b82f5e861638555767&psp=4nMwpyErPv2cMBmP5N4GBoDmbUq7HXuSb8f5nDaPfrDztnPCxRoa7kcicT9zmwJzLBU97xqXzmkmxJhQLTOdks7OjeDrG7MenYuEN-0OxxisAknacwU_wAI28524GcnlhZa3_jxokKDme-HrEjs5j-_dG_aq_Vy2n3MuTkG3mjCoBi6NnZUN1u5s5XHwE4uGVBes22AXajwZHyl7FDkOXuQhp5NBJdNFXXI3tRHnCaNWfQ6G5Nhl1QEh_H8_yvbzvGVh7OeB63Iae-4w2q8xaNgxfJcBCbaWeLY21Ypx3iteviPsTawa7UCHuwwSv7-0RDQi7enk0VcWAuApChRK37jtVyEzcLY6Ee2aSqGPodnA3uM2WnI6ueOmyY5vE_nY_J-0JyjGPjQMoetwamJEACSrDiL9G1fVC9WmmowJLQ9hAKzsj7_tdCy6ZOlUbqnLqb9knG12z5W3OMoPv47ppuvV8BR7v46wr712wiHFymZb8nlcsdSJ2NEdlG4uakIkaOne8Ap8jMQf7B5OxYq8XboFOqq5ya3Bd2m35VEbAKExogqmDTDGxYHmr9ElEgi-H5rELPINI5UmHQ7XXXVKUzmoDt4GHFctCXUFQU6nlifi-hD5zIK4KZt9yb4wylZJ2ZkdY2mTEsG1ZqHwNujr_0vNmLyiyBMHEDZrSsDQEyoAudDksQS8Aw==&pload=44
Domain
kneeansweras.com
URL
https://kneeansweras.com/dupa.gif?z=1541501&var=1541502&pb=49bc048204b6abe9985c0cd8b82f5e861638555767&psp=wbnJcY4Rc1f2udQfxEyLUkHRN6Ek3x96FewGv1nSX9vvviu2mWsMDsq8GCpy1VIasMu7V4FdTDSNrCIxlxHJM7fKAH9UE9FgPMXBqkTv0ZgrsuIPjijU_ItbS2Ir_j_lz73Jzy-zn_9o-x0-8meCWZ1Q4eV6qddo0y_gSRnQ7d-zzv3-kOemqeuTwmSxKHp5N8lNTucSjsntrESByTv3yBQSRnE6GjuQO_7PTyI45RcMr9-8A5OFVuzAT9uEFX_W9KwMIS19g_3tLwHp_VsVU7b2BB-fFQNoQ6QRS0D7aiWv0a1tlApwqiDlOb-aL7RQWQnS7hd1tCHWtFr4kyEo2G6w7rRBkXjq0KIETMfHN3vsTIWRNjR8dKF1_ElM1suJXGlQ37MWXcdBpmt7ra9I68zNumyhY_NgZeKlY3moJ1p_lgVN-U13enXyUxtBOkcRwh-XRkV8FRpCLEX84En9S0dB5VkgGKXg0dUVyYsKeK979V7QO9fcaK7E9GTefLtZ1WAwy5asiMeXHhCmn27xekAHu5lVA8fZBXOxG0P7GmvZiacq_ZdEcdcv6ULjRQuNn2cA3-EejHjO_bvo6xDd-vdlNT614Vg5WejSt-rEy-Zyg67AdxBRPceHqUPlb_LtXB25XfNzyy2Wyv-nCtX-K4Mp4qWzEqegg1sYkTmo5vazjG6oB2B-Zg==&pload=43
Domain
kneeansweras.com
URL
https://kneeansweras.com/dupa.gif?z=1541502&var=1541501&pb=49bc048204b6abe9985c0cd8b82f5e861638555767&psp=D0KGVb1vnQKmqAibilyBaefqMjO3x6GeCmclXngGa1OCN3BHXSrZAvvll9Xa0rHcR39Peal17o5rH9PBGqA7yxxWko05kgYMH2RRj-u7fVVGiJPkZyf8d7zAL1yali8HvrIRIt8LOBLdJu8fcMuP04rl1fAuWRqpSR5GadPyFlLcSc6kqXAY8QKCaZNvK4jJKPa61Tm5phLNmzH6gBa8sla34R4zt69D4Kj4DF-6Sv3sW6AAQ9P3us0p5CDzUbqxOd1nXYlgFkJU7VKzD8ApzifcOY4vWg9Pa-KwEFlOgCVHNYZjIbC4eZuZLuaNWm2hs5rj2NN2UhrkklOWMxH-1X-MbffQNZe2jhQ-IIWP7wKg_mD0bdBKsyCMWirScCgxcDLJJ222YaI7elVZCUUCuIW-qPG1VhUPKYnaLoMtsNU_cF_liKjIHeGMO4_1GIka74uFIUBSV7pSNK68sTDa2sX3nz4qDFUXJh3s6QmAImmZ6UEMwD5vXKi5IvXZcaxOIB-cbRwanATjx9swXbh9WdjPHBVj_IHARaVGhMpOxb72ZNdZIGx1KYqN6ow-qIhY1An4KsPSm52S1rbic9IA9cyEdOPSlwITzJ6F09fcqwU46puscxLNhztf6K6gF47_c6hQC1-lv9Iej2QrL7Xwke_MP0eqVJFYwSDt_cwePcoKSOm0cdUlVQ==&pload=50
Domain
kneeansweras.com
URL
https://kneeansweras.com/dupa.gif?z=1541501&var=1541502&pb=49bc048204b6abe9985c0cd8b82f5e861638555767&psp=5Zt5U1-_irosRR5KckN8kFF6-wdDHRmBG1xp0IvRZBrSjqxFvuvRLDG1gtYaWOY4aGgSG1sfPWJuKJ-L3k77rb1b3C5hBhhNQZnfjxMzXqBTurXxRwwl2NeTF4U1802OFFAPCIIXiEqyPrmK1-Qv9WvgetRxDnamOK4I7HCX80GZC2xOa2PBCtjaLtXbTUdy-gjc3VRyr6Jq47lnF49wiUicau_eGSJfN7SM4wwkqupOzD1TlcA2HzIEMKskt-P1TxqVWQ_6JXioSyIzc5rVcJEvsffxwo_ROgzPW1gDqEwOz1TgtyD6MvNsRsCQa-_n6dpH6Hf61AYmNR7OZ-gJ1A7MRjRZoFV2A0LL0v4V3OO671nLtPhFLkXvQDiV9k6ZuMX_Wd3hzSTzTIKpDaQmJiOlbzXSvCRHffNCtvYdcHcws0MrjzvCWfHcKdWSBlaHuGOHPK1R4MKFv086FEvruuwuTGJwAwSQOSKq8_QpbO6BYgrOaIYosTAA8yh2TDYRS0NOPEnr5yefl-j3VB3xTL4uaTn_dCXKSphLMAgJU0YgIwy6y5fZePRH5mNKdZ-8KD7Q55Ioo_cMegF9-U7XoLIOSen6uvOkgVBumtOeAxwmUnyPgCQ6G2siST7sIsLmHSMd0ByvEvx5m2erGOSGHAT9cqzaj_spvEXWvlnVrGbfxI4BTkwCDg==&pload=55
Domain
kneeansweras.com
URL
https://kneeansweras.com/dupa.gif?z=1541502&var=1541501&pb=49bc048204b6abe9985c0cd8b82f5e861638555767&psp=2p4v2-ysjKbfLHF95dOnipTVyUOxmMFKeT_mTcUq5o_TjsScAiQ6r7LF3HeTIeCS0e58bmA5PVHf5E3pt6_-Mji42S1aT-WaRNz5dfCstSdrt5cvBHOpmYsZN6YuPVQZcmjERAOF6zxO9Vgw0pdV2kVhm8hnRajEEzQ1V1ikDDKzTW8SXdh451GeD9U8FTM93FGZlkX-ntL4RF9MqLpGtwuwgcGtL3A_Iee994b0T23M-WjEAWyXWgKENusXUio2IlgNIquMYv0jEm-yNjBgGootO3jzDjC61K8KI_9MTknTH3acwUlLVji4M4BOCUjj47PwAv5jPiVh5jc38CVPi3PtlNSviySwEsT-TVKhpvpOjgaruFC0x1ws-FuFizHyZOpL6M1tyL-gPthYT6mxjt3YDr2wf5DsuuFmkBzEr-wG5mHr3r6k08L5-5iC_s6BpcYHS_eEmfchHwjB1_K_K2qh9EVeEqXe2s18uazZyI8jgtlw5__P4OnqZRLbNSzpaZ7NoKzX_cHbWHeLC6FXDWc1valhu9geEz3TvoBvN5JAjuz8J-mcfT2l8d0HMAkzstNzMy3uU_zX6wn5pB2oDIdhtcV0r9FHtxZrjTL13O0ICUpnte-BsH_r7I2bhjSKndOX55nEdCP6SmmqPus_q5OALF4Z8D7v5LFPTMu-QDYQ0nuhLGp1wQ==&pload=43
Domain
kneeansweras.com
URL
https://kneeansweras.com/dupa.gif?z=1541501&var=1541502&pb=50af4087681193594b5a3cddeff226c41638555768&psp=WjjB2Yp-JGaL5XyXYPoIzsVu7BydMz_4OWZAYFJw3VEoORkTD-xQRRdtZciecIV-ByDtaT2jmBzl6pB9D9myeEaBkAYp4zf4UQ4P5M6acTrUIle61PhSS-Uwfwi6UIKJWePfcV85IUp8jRrB_pnQRrxeJzE_wWn20nG7jA4pJJwC8M3kIgMs31pBGsUo0Q-3-eUIyuo4RtqLlAHJDqWkI03jFXVQBlHbg2Qhq-6AEffS0weLFzFPR0XERZnPwk3O0hAUUoMvI9QTdYSHKpn3ANWx7JnRaVgyrTrt49ZSofO1Gy6INdBxnP3khbi-tN4rJmf1-usdcOz-nFF-oOyCw1glILKMm6hVPxaqgqgpczxrb5mWD2KVv80TElEano5KhuDnlqRHhRwFVEEfamgYU_-5TTL9naH4y-i62V1mMHmo5wokYflecyzheq2GuGmRL7TGGreUY3V0Z_PckjJiocoo6QS2hZSejfyC78-JuDQCesevgzp102f_7v7HgtNDOy7guQ-rRcFmn43rw-UHh9wmWlOyfjUgPpDgeBxlkkKoDlnhnBxRtadCJqgzxGM-mnHmPNt6kMjhSm6EznovZfSUt8sWbAq4-gr9U7_MMkSlJUqP02dTbV4QVTelNY16zTpfpTh75_E95FZrm9qjfAWnN_BWtX9jdWP8aBPuFW26jTTKH312RQ==&pload=44
Domain
kneeansweras.com
URL
https://kneeansweras.com/dupa.gif?z=1541502&var=1541501&pb=50af4087681193594b5a3cddeff226c41638555768&psp=D2xNXqlzY6qh48JFRpriZEas3TYUhwM3RAqz8jzLvoGUMCyQkrDel7awiAwk9cQbyOZ5pJ8lv6OS7-V2_XeYMaOLGxO260tk4VOa_oFb_YY1MWAEb_UFAz-xL5tsL81iSqFOD2OkumjLT1po1YBuGaNTgyjXzjoqI06Pvgn_L34FozeqxQgJWTAGEAThzV_yL7Pb6vJIrUorNqvtF64oCRWYqtxLd2jOtWyM_UTOQLyp5zGWpc5lNwOJLRaq9G6CmnbFsE2FpccbeQ1ZpM13CZLuz3Jd7eGwicW6JTtbaHyJlx6q9ZwEDTly45ECgzh4L2YIrhwv16vQnD_iaPogGV9dv1d8VHIyTPY-lyeNGs1gEjPQuGGpUo0ev8H4gPrXCe2tNe4I0fGAoDacc29O9uIqfx_dubhFywtoEM8bubF43LnVpIG4ahbf8tF5Ub5ENuJixOb5phezCfIwPwMJvOI4oZJUwbkTYxKYTy136WqWlBgtENqKV2CdhSvAktznY5Xf9wIrWE27Cmuh8MPChake0XB6cKyVVpPbhIvv1uza5ZfYhFaxryfqYWPCvqCaJTVMcjjQIW5hIVCRgF2Zkaof5xtn_VNKp0JYNMDw_uSfa13xAjrPnCmj2hw1O4dmhRCd0PN8ZbnUazTQF1-jbJhlnXVE1fjVFfiEqnjfAswMGia3xm11Zw==&pload=44
Domain
kneeansweras.com
URL
https://kneeansweras.com/dupa.gif?z=1541501&var=1541502&pb=50af4087681193594b5a3cddeff226c41638555768&psp=GBgZ3s-lMeW2V3iYdNxeryAEDg5jWxgDIgjRxtISyt3P9Mpz7_yq1vE7cG0zT8GcGTQ6RI3uFQ59Pteg_JnOktEku5ouh5naUKvqTQjbhVZVuHyzgf1y96nJtUuXYRZVwgeh5ge_8IUfwYy8Dt4aDJORZKdH7V4QBAwZbVdfJk0ONpaXDFLQX4RBHRfcCzNhfN_m2rG2sATPzmDJzJKZvWxS1xEtslUxnRTbL2uLgkBeezh0VAZLo5pfLIYew79r4clL-sJcxGKlkSNmpV57Yi8P85_kWDj_uuwE6_R6lovvrc7ooL3596CImoPSOtPQWbG1qmi3XhetSP-eL84Ri6T-DWij3UVUuSmfDEE2cG5KNDCQ0jbMmE5WmWjMvl2XEdG-q_7ZBDdNCcoqQzyqpwArfxXyKh55VlpPJfTxZWJz4dLHvx2nt0Nu3xLIU7rQuBHpggdtQEKoM6bpcBakYXxjz0B_y09IMLJeFM6Fl240c9SYQlAiuPd3XAQOsl0b_7pK5Cn3AvUVVBPzpK_2GDHcveSH9huJiGNJFSCS0rgjL6tdzPYvwusgJaiV1XLlT59BAfbijDKFfyz6au5cLFKwTjHvELZI2mpqyYmwdOolh9p7ptbwkt1YbbZ1zeJ6SerAPHJUL_UWs4yukjCbA9Om_rzxBfiTFGyUNcPkPH8izHywGJXIfg==&pload=43
Domain
kneeansweras.com
URL
https://kneeansweras.com/dupa.gif?z=1541502&var=1541501&pb=50af4087681193594b5a3cddeff226c41638555768&psp=Bq_nWk2sXJisywEBjD_q-O78d0GQdwaGg4mArNcQPjaEQYrh1Dstr9TBbZ5i_ehaCvWzh2j_lxW_4KV9Y0xxAr3Ci4ZLKK3-Z20eNNgnibtH45CzSXLxnxKH_hd2Tl6_xdg_KjYu7IKvxQNNRCWarII6c-Z1TvhtEzODCC41Aj3gKht6yLvzoQYe9xyjhd0SYPd8guAgN34lH8CVfWFqWrpzVlNTRnaHuX2FdOgRtMpMWaf8by9Mxi9uXxnOsVmRSjYHYmzj9M_ckkuCtYbqCet9Fl8TTAqRqZMdCjmhYVMnRdS9F61Tx38r_uIKmpmgjdVeyNOtftLQ8W_4_IM9KB7n6-meDb3wGBF-yXg7zmZUH41fOiMkEDwDyVG20HgFaLLjiEVoCcT-5n_0Pw7_RGt-8W1rWtVmfjUPHcs6e5FmX-geMa70CrIRKiUcA6o3uU1JJvA2hlkvJGLHjYIArVmo6AvnqVJ4_QuXVCaWiLirgNgy92ah7S1IaVApGbzsnJCWeAUiAXasqulZTePtzvYWUfuKuBsmUIfwOm4l5wJ-Ik4JtrrLJymL2m9YLVetQTgpttzBGJ2YCey9VO--z90gNnAnivpMUYZKMfjmDcmRYJhLe7lSE8hxmema52TNRXOb1y2fgjpOZQDLTpxCYLg03StqdN54To52oOguhzwnGAzRdlhZKg==&pload=50
Domain
kneeansweras.com
URL
https://kneeansweras.com/dupa.gif?z=1541501&var=1541502&pb=8ba924a49fc342658365eb2670e52f671638555769&psp=tlogJFVVkeU0ya_z7m8nT8HaBETdSxjr1nfNwrIjtLsdoLhKcE42yf68G2vJfXe_QAXv4Ki5CKNBWKEIzL7faIwmNfQjAJ-wf3_4bxtSQdmbqXPxnDikFQPqYB100Q_gbRe9asaciWqEMVf_lmNXJ4iWsWIU66s0ohidT1Ni1lR4jCcFUjL5Dhw1o1QQB3_ddUIV5-6UhP21576YPEZAkM0MdxWKES2O2DIvfILqrs8wXs7xj0IvwgdmxwPv3U7jeYKXHUCjNFKD00eXeKtKeei8eUNVfaXFCjeN6ByTMCKFbReHElRGuNoXP17YSfmBdXrp_aTR25Gb2FvS6IcEZJ1PqETRDQ1ta3-Y8s2Q80vHmW3rzdvYfybdTyOaIWKjNRwxEmkKfqAWqMcZoSByRkzALRqNTrn1GH_GAn9018I_Ghohz0AXIgHpw_1Z2M5-nHGQW_b6ae08tFvC5RiFrPzQSULFGCaa8yrnSXnQZWtzsMZ4qf3wmfX_MLBCpQ8swbCT1rNxmABgamVRZKz-yNj9PRigN_HnQRM87Atj42FIfLREm_xS3BAcsYlfpWmMn3n83rka_gJP8QTJbUi0EMkGFf6r5v1QyMIT1kHF8m-07jV6JSOsFcUYjwjdpwx9uTXvgucQmqsM1UaVT7GCWq_fOPq0MOx1LjfvCpIGmfXUNixnMpNQNQ==&pload=46
Domain
kneeansweras.com
URL
https://kneeansweras.com/dupa.gif?z=1541502&var=1541501&pb=8ba924a49fc342658365eb2670e52f671638555769&psp=kNweiItDdJhDGXmYakJwussQC01B3HIr5XCMQoIT6pnrWP1pBBmaR0-HlwlTcR833azoTSBqBVkS-cj4uOO2jas0BDGwR0W8LWPTR6c-SGi0PoWtEMMlk3NnHDaImcm8yngFqtOofife6lJjp6gL0giWYN5Qi37XK93l6FwwjB90mReiIbvW9pFWfRTFYv9e9Ia1uRGl27c6QlFwAJ5eGnCJg6KjUY7-kcz2BWAOuanb0Sk1f2Jue3_mXIBaaWfsHARg-mBllJa8Md5Jwxe0R4yZ-a_y4hPwFvl2v8pf1zHppH11Da02_iM07Q-De3a23xx5bvhSMvX_VYCS3MNvH6K4SdAZKNgxp-sJ9u15QKaNyJGiq4y0kMSQ9XHSAKPy6--Zb9SPrmX1ioEyeCuhGjFdKrxYET07viZCa49uAfQifia7m7EmDKQtCrDpDwJ5EqaISehjGhfq8mKiq38mT4ghuzzbJxFWBiO8uyL_tfwLwsZAqIAgTkmi9X2zhm4_1xEkZqCbdc1E_gO7qGxZwvVk61FbsjX3mrEiVPpxQt91WxAf7N1cpEVEIq8V92vsM_UEuomWTECpfc15cA3to5PjG_d-6cFo4edTMlb_oAiZbJyzmerRABGmPcindHX_fApw_Ump5KOBFMQSDdYXWjT9w--6GyCOrRhPJTsMVKkemgDK44zu7A==&pload=45
Domain
kneeansweras.com
URL
https://kneeansweras.com/dupa.gif?z=1541501&var=1541502&pb=8ba924a49fc342658365eb2670e52f671638555769&psp=Z5c0Ws_ReS9LRLdZPn5E5LDG1GO9f1P2Tc8VDA4Spz8yKBS_YwM7psiBqnDfKETXFzCce8P5w5JFuLgZ00JhCp4bkaT57u2Wn3Zr-1ToDX95-OrdLOyXeTGfecCiNf-bDqtck50qFPFfMR5p0NHGSQskOpe2LLdT6wt4BSsh3bT96s-x8dfvlk9IX7rtFPBYkR6rG13qEK_ZhczlHuS-Ev4xHmMmvrFUrndyuzkM0xQR0IeqLrzYn_xkAcSXbhbfr2Ofc_UVnm-oauDqm6FRjRMb6ax3fvPfUHjtQYT3NZ7yDOb1AQADzA_lJ1HyNXKfD0kp8997eZ1EoOFqvbCNgvrylXDsBHxPMBPcW7OUoaRwohaYC7fzC-CvXDPIYc2DOHsKCFpdWp_FX1C0CDV4VuuvOnUenROAD4811ciNO76uP_i7O7Rm3yT028GhAE54nkehGhMAiLJboepmYiZ-ICzfTnkfbl1bmA1Jlg3cGrThA-gs6yKkMZ3TA255_ia-ES-pEyZ0C8MLEiD0h6pjPrC1h6DPIB1zlpZgOh48U07E962yp0N3P1hqDZu_-fYlR6J20M_56iuBr8EnuYysl-DKbCYBRrDyu4LUXCo92JRkxwFlS_xOSR69G5lXWtLeHkAx5zL_A-kmT8R-Pse9vua8ACavD0TjFIUmtID4UTsbG6btGoLXMA==&pload=45
Domain
kneeansweras.com
URL
https://kneeansweras.com/dupa.gif?z=1541502&var=1541501&pb=8ba924a49fc342658365eb2670e52f671638555769&psp=uCJqrVni_O-6YKPmaSFgmGRoC4XOsBNwBXxcBtL2j0cwSAwcH1sNgmqUhe5oNlLgfXLobZwALPLYvtve1lz-WB1t3BLkC3MryGyRvV9uzc9krnv7hEzpjRUUqVL4ujWRz0wWOXGqa_b0DH_eNrqDbsgPMpbgcwc7JReKYu1iaCBXGkooaiaxsl8TMDQ4BExRuwqX_88Wy-HVzV5oH_s8EJrJacU_9lzIiOksT9JMwjZaufh6yivxNaIBYi61PVi4AmX5c15TSe-dzGSfMZi4voorceh7mUiWg6k2N5BwZv8JCRQOC_P1fSwbm01mVm39YriQrYbnVSahr3otStdlcuLMalKNyuFBG4-sPxY5TK0iRsggy8qookU5yfx5rMp5Xg7KakHDdwDZJ3oYkCkTS4cqp6RV3UDVE9OtHmJ8-i94WD94xdvyFX7xbUQjXKMy_ccuJeWoarGpzdPlOSr-CbKxHd_yoWYgvyEEElNmtarEY0TOvXZOSfQZydmHurufXhzPV6kt4TSOXeLupk6-MHxe_OOqQAAn4FKLZARucAu1AGU9GcKF70OjqtLS-E8b3NhrikLom5ftTK4-qv7biM-rMRfW5Iea23AomtkK4oumRKYwJj3lLqouUuvbSl5gyuP987uUivIuXzRMdYnR-BniOSGOaYeJFmfFh0-0JMm84jMTo6111A==&pload=43
Domain
kneeansweras.com
URL
https://kneeansweras.com/dupa.gif?z=1541501&var=1541502&pb=8ba924a49fc342658365eb2670e52f671638555769&psp=5EHkrlSeuXTHML_Xfz19JxjFDOUwppc-fZevXkTRNsw1F2GWDDj942hcnZxnYYrRseKJa7Hm6eHfUtUGS8fdk-nHjUSkqwwuD6klCX9MWyX4oEQs0NcN-JY35HVhTh63jEuKjRjRggYNSR_y1Blk-LHaBAX9Dwhc6onrYNsbs7adGJrjIxD2gvhYohznavKI8ITSK4QHTnBukOMB3n3E-Fl3sYJEko0J8zFOGxHCUcKVK77nNrzslmYa_a5A0MaDDK54dbo_d494jIF93e05LWroh2_hgGvVslaAn2UD3Vc3OsKd1gXzPC-WfaT-ivj41bBBI3rnGOg4Ryr6-U41DwNoW_nbGCYcx2bt1hzzYn-8bMK4z9-AEn8-gJIkCVi5suDVJj3HJhUu9bgmMH6CB-DfMT22DToPNXusDE8eWhN_aGHIWiTGpS3RTxFswXXhgAjK29jFzbHVlI0NsUNHbhEKWkcgwh6ukGaDxtzoLhVcC8xaX9Bxo3sKFvHmQ8A_Do5MwerH55bYQjv7sJhaW3WfVocplC1QyMZDP2ZrvEBZ1c9uhXo3gqr0XsAc63v_GyNWdwkwXLJpoDbW7pEucr35iprZip0NVTLNrOoJOm_uJij3DgGQ5JC2oiU69OWW-fUbHG3AofV5mlmXWVOAr_oFVmIgzXmVig-_o-ENR7evK4RTc9mdAg==&pload=46
Domain
kneeansweras.com
URL
https://kneeansweras.com/dupa.gif?z=1541502&var=1541501&pb=70810cddfb84509069dc856b272996991638555770&psp=9GfiGThdeSTcjBxEBdlvGb4KEbfI14iAYkyfu3ytqcItFab9SQYca59EkhZ5O0KRf1xxiNUtkqP1Pxb-C9ROQlPoeYKIKIIv3qIg7MplZJpdURlcZK94O4OqJuPby2KnBwhojG7wKddNepwzw01UIqPfdysE1O-c7R1VD2LDL_txyW0GjAn2IpjpMcZurlhy8exW9CCJxWax2bgW08JMqcTJLhDmgcJoXAtosrRkYTWkGBsg5jBbE1tnf5rY0l7ipeesDNIUJ6ZgEU3fsGgRbmI1rK0tGEbtnXqpgVAXJMrVkrtgE8YBM5NPvUv4YHY0YMM7czfEHkTl14pSOqqyy5mDY8C_wNRzE9fqvOBauyNsUU6Wllvhpg1DzABVI39YVahDypSUn12ya7dWhXZh-EiBVvMY8jtVnNVgtBhu9YQs-BDGZ9x-XbsRriMZqw6uaI-EFZmgNEiIUWYIl3rxcAFFTITDMf7IaNaedo7shdSpQ3zvtAKHh2C51lzZjZ14htIj2-eLqXIZhID4BZkJfcJ0UyEmbbGd40XFSpVjA0cTMlfRD9fYlfOxuSKAeZA7uVZ_0Amk5aiGA67JxuOdaYLX7s0yIQXfPOOnFzIvtfMJiB0rLzJtg4GDPMoAQkdZDuTeeHuoxl2MYB6PoVCSjWsECB11jL-g1-Pe-UYFB7hixW4cmM5wzg==&pload=49
Domain
kneeansweras.com
URL
https://kneeansweras.com/dupa.gif?z=1541501&var=1541502&pb=70810cddfb84509069dc856b272996991638555770&psp=L6YC95qVmEhjeYigZKlf3Gc_bnEkOUAk0zmuZ0E5UERRQN1ePjJgFYFiRvdmzn90iAUxGz1gaTiVAds0GXZEs6SE7LayZ4sZFaejBP1EqkqgDHuiexxdd5uyj-CdYVS8nPjwQV_3QbhVQTjfgz7w25io_OnZL2-QzGaFF1-X16ZBGAFG8tXkvFCOZ52eE_SxYdcBLviV5s4PhqZDuOZ2OH64f_Nm7-WenDoDrqGNPAfy4YUpoLFbL4y5nJ9qtzPHfGH8Ya3tSyezgAa0xLkvWng3sc5RNwfF1asEgWsTqNDC7N2Tc_i46RLCiQtZ12e5akmKYjwg7J0de5ES3jWY2UgimH-eovsxSs_xSOM0vy-lpDGLvKy3ZH7sKDRAI3DLDFonOkVbO6T14ziBoBsvnIeIvJL8ghYPdiysUoc4V9ZK5_zct0ZLFKHv_xLyZ8ZSNOdNQ65SCEgooXb35kd-ilQJLluq5BvJFwHhBaOl6O4vecb220JN7rZTqbLi0kF_EKZZZ9KBXH9CZoo8qm_pjY4sWf1_PbMN7yTUSkKNoRrCUk0Z5n-12zENStxBTbJ6vL9t55-pCHutTX7BGeGSma9jvXlrnOrFAetR-q9v0fa-jt-1vB1bpYXTnB6m_EnO9bidJwuwyhZUPYtLijtavDFM7pL47I22MqCb3IKtyF6HsOEiGZej2A==&pload=45
Domain
kneeansweras.com
URL
https://kneeansweras.com/dupa.gif?z=1541502&var=1541501&pb=70810cddfb84509069dc856b272996991638555770&psp=16ro4R36VscLIdbOjWFeH1i5BIc6S38o_bIn0ztTlTd-95rv7w3PuKhsP4wmYXGr8WclkKG21aTTashNlMwq5EWsBkbcJ-JhlnymFIapCsfELs8QkAAJUVhfxK847ZgGCVr0IxWN6K1HcM_r22IGWaMglQrk2M63ef_4nrt584TUcAAPmQ96QHFH4EkGcWkP4uKF_M3Au0n8FDnZHFUGeq0AmCvC8BBklORk_qW4glYTqOxjoSP-FI833rhXWuN_neMl17oAPMv0Y-5__PPkFf6JnUuLO0b3VF3xW_258cCiLwJ30--HbZ4RKsdcQi5RqV-3fhxBNihkF1E84R5AIxSQYrSEn-6Lqj6hyQv12CdOBiielUs8VnrME2m1GlIwWPJ4CjAwlgEufnIuQJVwVN1PnP7j7pnaQXLlsWRJdLLq2O8VfusjIRZ1-lD8Qdh35vNMhyAC0BY3LoGBe7Zgyp-ba5l2PmmFWZe2Y2lOSIvG96bk1ZUFDeH8m4j1LdN56QYpAqYcxLbHKh_6jM34iLTEG-_PQwo3LUFCUjjBBzGk-RDD4zATXs4UY5ZLooO7vP0qpLTZsuBnVUke-9aFGyw-lgbN2cvKJ5tv6jAXrpY25yYA5gPyUe3F6BwkxqBahA0xtEYzP-wKIaEVhcjT1RQG-rUtAOvusEKAdswjZ27JIer6XySs7Q==&pload=51
Domain
kneeansweras.com
URL
https://kneeansweras.com/dupa.gif?z=1541501&var=1541502&pb=70810cddfb84509069dc856b272996991638555770&psp=-KSJ3SKRD9hQzFS5o_H1TdANqp2A_nZUJGcOSHrNi48f3Nv3ynjFCYMFJKCEvlJ-sfr3eibiycHnpyGX6kKUEFWSy62NAGmHI6SrwdaMgI6OjDU3c6jWnEG81L9_UYwJiA31YdJ1v7pnActE8FhygIg2wv6rlQMdl31j-3N_bitHsAJGMaf0dyWv9wBFYCr2jhDuGjmF4v9WJ37T19alwB55g9RvPnA2wexKr6qxsRt4tClTBG1qK33_PlhhsrBKG-D6oGlD674fQDcyVPW0LqmwpesLHkhW_dQXQEQhQhkMQl_-9pD8noJiERRIpdoAlgdy9h294PUk-GWj082j5pQYY8CYgW6qbhTIWYOK2YZSbWcZjSTLZrM7ysxqte8ig0ceSQEtBam0S4MM-jm-iL0SmC8fJSt9dSBnRVdWclf_pCsXqeaSPJOxADzHQGirVBkqkIOJ2uonVNqp7v0L-muLyrQC3rJ5imJRy7J5pflXubxt3r_EprJYxLukl1b0exlGl60URLHtBZBBiRAkmjUVlEq4NoOAYwaGrpD-wvP6ytzRqCr3nDCUErRXNNTZiGYMzUiKcB0sz71Odo3otsLYb6DqQOYDJ0CyFbdw7GjcmoY86qi0_s8SAkHYr85lcAwTspPRBK0UAGDUaZ6gZWlzoxl2rIjEOn84BNFLdgX5UGnkhcpYRw==&pload=47
Domain
kneeansweras.com
URL
https://kneeansweras.com/dupa.gif?z=1541502&var=1541501&pb=70810cddfb84509069dc856b272996991638555770&psp=l6ON0LDJn7nDtsyBr45e_vmoApPPftlAZOZihexME3gujG6SZCXCN4b_Kf73C0_CPKG8K8F2nA5EmF8WVb6eaxR56eN1UDIbBrfNk5kfMI1dWKingSbYR04zEDC_PpYucpvel2DovmNXIVig64VU4Xoe5umbJOYhhq6wX_U73Yr2eZwAE0ldvc0N8GaKgXf5ALcJIvff7HRMblxACE5i3ZVgNiXMz3oNAzpzLb3FHkE7RYiz1DtImFnnmZzGYlEN_4mkQjT3plhg97l5z6sPUXomQH8tBP_nq2cExAczERQZnlJpZ-z8QyfH9Jp36vbvsnhAf16zA06YX-lS5mLfI6HZzxBI7FSMjs9EIk1zg7uEMOW8vpwBVlqTRfGavBEXdpW0A6beE-x7N0hti11jGjeKrmQbY_hrmLVvWY_FCZsJ8OLlOVenC9mY1A5IbW3x3k7m2ly9N8awsTiWs8WGPbxjZrk6lA0x2sn67Gluo94Km94-p8XqEInPTErpBrOii0cHJ1j02tg_UD85yAGc5Rve6hOzBQnB5Cqn2Qzd9E6aZ1LFIWVtf867qmJF6vMY8NxxmqYvmx6UBW2pXCga21dzvaQpyZUNyDY-OuXYnjC8_bRZZxtAdgy6Wcg0AE1QFe6yDS4i0NFHA2SwEn_hk2NmsL0o8KSjfqjStT1AYCDnXkaUx8-1dA==&pload=46
Domain
kneeansweras.com
URL
https://kneeansweras.com/dupa.gif?z=1541501&var=1541502&pb=84c607267541a81d905712c7293cba701638555771&psp=MsILgeUNcd_UxlW8wzeA8TXUuOoprGWLkfTzLgUGHESxgZeyjNxoddAIYDwZtrbVBzEWvJ_8LnypfU4wESo14kzWT9RDEXuAr8c0DHN1jLUq6sLcTjrcLpJosObyFmKN-83wo7YWc5zD1b1uECPLXyutk3zAK_z5FO_PSN5vMurKXn8c1fanLr_-Aftkl-8iDB4LUO485TS84ecstS3R7DmjvtqoFMi49mfIbnAogIxWEwr5qyOCKacYrHRFOY9DgUk_9D7uyZxDNWlpmCwXD7-J5PyHMbGI9yOwESb-NFX0theMcfIjZDh5fWBsRreKIZAKxXo4avAtt5lEml3mp5akqMYMkOXFGLI-5St47Wvev3-KGkMFijnB5BD8T3a6xRv34M8anozjDenthfturLNWu00LeTN7AUnfKox-Wkz00j1wcWdncCH2B929F334F7imw7qjoOTCtnmIUnVCFFob4xDCPYl7ZVU0IoQmL1dMS3q1eIrCRAARN5c7BpLtCa_h1Z-Ju9aq9s-VUkTf8ewWM5jgvwXu5VPLN77L-miQ16eTA-9p1pbokxR0N3f1APJZ5CfhasJoBzTQO_zplJY8m6lK97DpTktIauF4Os3GkRnjXUt-cMcFItwjCBE5En5XRes9dSTLmyQBlOTFqnLPZoEoSpgJ3EQDC0aDVyrFbNokq42sBw==&pload=49
Domain
kneeansweras.com
URL
https://kneeansweras.com/dupa.gif?z=1541502&var=1541501&pb=84c607267541a81d905712c7293cba701638555771&psp=AK3CCNgmBrZhBzln8v0o_gj_HG0Z8DB6MHdsM4BvLpErj4im33JPRtIeH5a28MsNWNMWwuQaw6xNTIrkwAMpIOdyFllcYs2t2Vi0mRFZmPT36gVVZk4kw7HK4iukZUuNuIMISnYODapZfwdNKfRNCNcXGOcuK5bcCzlIurLYgQPn4oD0epnj01znLb9_epSNKop7cI5bn4TocYP-8xEKzSnvDpfpxZEBeIq3Szi2G2TZ43mQuu0QXtj6Ea--4upBy3Dwdq6Co8uQF2lNN6r6lYos36Y0aHg3wPZxE9njh2Jg5l-hQqGwoLL1zs7QD1vW-288OMmuShJmFY7_2_AiKw_W1xTcW0BDFYS5_qU-9WbohEJsEPuUKZCyNLneYbJ7PragnCL11KF7eICWKP4EXupdkTZlVL0ACwbaoMq-64nLnLVcMaSdKcVGkj_qdwmtdFbbH6yzrciWtAjwHWpStGpGErqJfdzebTfuQ4OP0e-gzdJTHhPOmRes-v6pyhtdxvca4bcj_nwbsnomRgLMVq1TFxrPnyA6BdbleAvJbfhp_KK_VRk1Zk556N1wtt1gm77Z0wN4jP65Zu8U0LowRa2FZcWs_Fu81U0HHoozAOBx0imwSHL0xIYOZgXDVlpdk_gv-i80eFv6TVRfpzQErmIknwxcatRiBZaSDbnQLs6sgFzXLdjecw==&pload=50
Domain
kneeansweras.com
URL
https://kneeansweras.com/dupa.gif?z=1541502&var=1541501&pb=84c607267541a81d905712c7293cba701638555771&psp=Z83PonF-QQALtPi4kqzLKZzkLMt8LRZ87xC6SlSGQuh_ecdzSnpDGf1RfA4k6QXNGhH59ZzL_IiT4jCVa7sihF8_LFBbtWj6MkkDLx69HsZwdFqK8awXSXORaVPaxgALyojbuNrMB-XgO9sLri1EAXCjouVye1ASnnyKrbq26_zrrBbL7d_WGWEl77wCBHYnShxG1RrYhZkxLSpA1SUuJZ2z6odgDYpXWV6M5HrQXM23DrY5hvKqpLhFj5zKtU_hPG4kzd9sXy5sjWCBPcrTUk3OTswSKrwXSX3p3ZGQc-0rMiqrpyao5rznDmz5Xje9wDE1BFuYfAIhJtAzu7oEBcu447AszbzI1UUqWrVxoVasQJNQhcrC2XF2slCZxod9GMSMg_0OjDmJ4Y7PVqoh5g-k0GcJm_loOq5EEYaDGHWfanPJthQ0TSnoFg7S_CHaXpoqbnuwhTQWWXB8p99DZFbfcpSPhub0n3dM6aPAWB2RFukso2_6ZU6IIWkcDxsgtflMPHb2g3wlq33bt8KnxHqAsvoJL8yUecdlS3HjzV02h-Xdi9eSzrRF8lbl95fSoPPZF8NazS7huluzXzZwhikqsb-unRjwioAPAU_6kSM_HzmMdrNZ8RrpLhmWAJO9HHh3xyQnxVgPvEJff0idd_pIfC7WM6a8bGr-f0EerxnW681nEIf-OQ==&pload=47
Domain
kneeansweras.com
URL
https://kneeansweras.com/dupa.gif?z=1541501&var=1541502&pb=0f9fb7e3891dd6b84a453baea88873541638555772&psp=rBi18Vmo7gPUMAGXxMtGMSrRwzJgQf6G3FirbS2O-Xh8Df8BIZJ4HfXOlzXqZhRL32MFOqVdHs64lFH7xqaOB-Q3Mo6i2kMBeh56OUZ-F7Zn8RC0mbaEkhBRlc20UwW3-_0yQoEusGMHtdWYKsEQdh-ePY47ZZIXge3h7KaY4v1r8WE9kIOl_4qnR0d7M2fALqigAuA-6Zhs88zNZkpMGKT52KfOxBzoeA3G_Hz3VasnqqTmKnUE0PyvdRkQHHvGiqpwCnkb_8fNOiIeCj5cIbtxv97Rx0fDtuEU92d2K5DwJLIu8nGdmWcV6qHQgmO1jgC1CJGzitVettVBay2rji9QRKHnvjYUuLZSGo3TBN6SdBR4qGnDc17LBc83B-X2-JzKTPI8PG2-9x0oemgrrqXxteoaVyIkA9MKSPiDpmrNQerucWbDbBiX12dvMK18fWm1beBTkQmEMMBqzFhEJEvae_Vo5U81pqhVURDm5r0m6tOP2OsjodEuKnkt0a8V0NQ-yCNfZtNA40E6cauZEfND77fWptvJv88BsVSBGlVGhSbbQf5wc363cv2rhQkPAXVcTHxkcgX2a7jm8XeybR3pSdqd8FSt_RftErGzkFCt6_D0ZzT_ktwpYaN_hoTlU5AI0upepAUWHBFurxh9FZS69uEMOrLImgGJVmnaw2kvLNq8GMrw_w==&pload=44
Domain
kneeansweras.com
URL
https://kneeansweras.com/dupa.gif?z=1541502&var=1541501&pb=0f9fb7e3891dd6b84a453baea88873541638555772&psp=e3YIdOzKiiMmALPryq1wrZPG-koMbqZi865gVbcpwC5hPRWXHhhYH5s2VaLGxFlq8qYk8ydkArLmmPWexEFFXnKJcKr9PfMJKbmVTyWMAnbuN2QKOqRsqFrDLloPzSs7XLv1kgNQSbl-Djwa_7151EQf1UWhWfS3bqKPaiDtI856umvLjUO1erIAYDFA4OKcVrGzNMHAXJYBILUrEAwStAM9gH4-iLmsOsqUBBCZcfv2OBQVrbFNvtW4PVU1bF2e-n3GuB7a8ldLpu9I1VtP_HWhVR3Dq2fdk85NU8wl6hhNRoQdYrak5XZZuGqDDF9UewdQ5mIckaWmjb-j8nwb9g8Br7xCzR0jcrCecBX-RmkE_i_dJAGnQDLq_IG05jARaZ8O9rbqHloOXO63xBmzxjqm7_JiDMZdJ3bvt0ecoSo8yt6kroJZeUz5i_DCcfU_eATynclZYuqMUJYjoJl_upJhLNMOE0g4P8p7lvwQf1jRORngBca2yrTNeDZcwm1_-frR3TN5efeBN_ci0yabwlg_ezb04oOqX2fLbgLu0mC_QUpP-uoEqcTVSMYcljLa0a2ExIJ-OXW7xcawWIixDmuubOvT4Zelf3L87iRtsuNTNnCO-i8VS2dLJIxr-WS9sm_dQYmZsZ8lLM6YBJ7xfWiVCgjTx-Rt3DPLtc6QpdOLg6GroG03Sw==&pload=45
Domain
kneeansweras.com
URL
https://kneeansweras.com/dupa.gif?z=1541501&var=1541502&pb=0f9fb7e3891dd6b84a453baea88873541638555772&psp=gxg2JcCoC2QOekukaykbp35qGJYuRhj0kuPGAtmFNfyCt0ROW7aMDQ0loJ9hjBYoDNZFtELp3AX_isIh9s3AVrCSv-beSLHkIy9TuyYNgYi3EGUu0uXs1nbSsPSIyzrAPBNHsGeVq6qLktsxdvJ1D9ebqyFjQeKznH2TDKxwqUPEj8yNKfEO2CiVBhWJsl1pMrHEmMsUeqNTY4gB3svjuy0oVCciJ9CKyOR3Y0fDW7sFwqkzh2wXWGFat7nx8hRrWewByt-o1RfiX1hMnQGugzphEFnEonZsC497FXhSZgitT3j7AnGZWlKeHv9_J2UVcHjsFTSM9sXQdWx3_kdcmUxqUZo4W3m5uG2IogiCOs6ZrGmo1fWHo6RwEncDkHkiD8NMgtXWquHPNg_d07Bt8-1NU-QKC8T5DMem9GuMvUFHpfvSN-6Zy2lUVP40t6filegr7ZFqcBxqKZrSdqYbL5MTTQRJ-j8RJg01SPDi95qWo9LRQSe0tLBZLIoacYaeSTkdjNpkUFqpkf6SH75NB1LAwuxWQOmg9GIqb8ntNJ105zgzPndOo3WpGeyENGwcbL9dAaA4VMSq4-NCnz2SraY2DDjQxV95o2G3OZ4dALSbxyneEJMTuvWytVCZGHlUhPl7LIImFQgrBqJVP-RcW3NQskNmScu9gDjCPKPpyQ8xLLUYP2Vchw==&pload=46
Domain
kneeansweras.com
URL
https://kneeansweras.com/dupa.gif?z=1541502&var=1541501&pb=0f9fb7e3891dd6b84a453baea88873541638555772&psp=SfglY-mz0cFAFc-Yd4Dr1RZvQQqRRLbSGIht2Em67Ou7GSUAwee-HeEehXnYFynx_IG5d_sIfiHH-8wd8W6ounwKjg1ZhIWObwV4WofagsNi59SP3gJy6fP56yIjHklk1PwGN1TDfyBypw-uzADEUNmkB5wMXj2xVHAqbbbjqBLajD2cE8hb_iFBzz0RFXU4Qh_wfLD3xofAr8wuP4e9tOGM418kJMxSIlEJUnLdnRaOpfPpA24ivJ7FVYmeHh7IusCRMsiZPb0ivNNit45CQk17nS5iSNdreem4qLgAn-v9rOWHgmK2nDzUav5_ErkAgcu-kRcjTwcSunZFYI3ti5Fz7GJVNMUWP2hs45Zsb0AIVV5i1xBlOOB8wpahF_n-gd8i6-1Z55_6PIgFb4qetEkduFxxG_L1BCu6167FPlIBECafjaMhyyWDhUDe7Q_oISv0B8Qyo--zHNkUxmVufP93oKqZa3Umk8_bAKJTaklh6KXazqBkVj8dgr7Mmezwf0fd29B3SauKcp-01D6U-azO7FBRr1YOIirmC0ym2bscyQxfyeorOSqIUTE0hrZ8ZC7twlKky5ZYWPiu09qghKje_NCSHpuVJT1zauG3KjbVCBkZ7EaC1qBN2jjybcNeZejfyAvtNiq-0H7QQfnH49oM_LUUkl5oQVToFZPUDi2YHgRzN9qT3Q==&pload=43
Domain
kneeansweras.com
URL
https://kneeansweras.com/dupa.gif?z=1541501&var=1541502&pb=fd9320c7c3a5215f51a9fc8f124d502a1638555773&psp=xlEGANeRLxwUt9O4WXzkTRuu7IOa3mxUP7tbcyfHiHj7GUpQKU8SJTMNCiPrVmobgsTEFvs7GWvtXGN3QMcO9oQU80NjfYI-3ZTT1F5G8frHTwHNbr8qCv5VYsK_hfGFYmEk-g1rTrHI4y5VSwD4bHqFgij5mU2gwas0ixXDUSj0RZ-KLl0rDnDBWmarSZHXJHD9zzSfUZ6OV5-2rrNja0VlwKFFjqyJPLrsEs_nT8VF7wg3SjsGkrPk4JNXuVOTUCAVmjZEhbE26iuOrcnmV6VVtPjy00svbBewi3lokSb08Gsm6W0GkTbJH7GJMeUqPep5uMeJYkzQ2yC-Fm3wq3rmB8kTPjXS8t0crTsB60PHs5IDx25Pv2cRpafx-XafGrbxzgvCp5LgZXYFvzvezRLpLaHRV0BmE88e64n7zuTJ4lLZm2enaim2mYB_txT2iGYtAXxiyC1Gxnm9zxQ9WtdQp5bU9vBli3kiZazuygN0HTEWtab_HMQLIJPiVGE5cdks5ALnM7yLxTQQi8U9XBSrEZG6r1ICKlb9cKBaaFsr1iLKRerhN8UEwevdQbZg041aIfx7EaT_iJ6C3gtPwKaX-73oSmNVKgtLGk-qdXFObjFn9qsCfeqojq4ss_f4xAJD9KW1xkh7xEgnRMCPdzBjaqe4EDGwL1D66Gx3HFv462EtxkexXA==&pload=45
Domain
kneeansweras.com
URL
https://kneeansweras.com/dupa.gif?z=1541502&var=1541501&pb=fd9320c7c3a5215f51a9fc8f124d502a1638555773&psp=J6V0piKqhPGNV5uEtjzJlyfWDLJYc9RLEYTUUJyLk3UUQmLZhjiQwBeEfxamarR3o8NpLm3PYHCaXHBT9E_T_kTtIfz22lz19aUkZw_vMZ_g0gsL1-nvysmVa1TQaYPK51SoNDmwUaSGLuTkl0DaFkg8l_KYd_bGoTxzUDUPYE3B1AJbhOqizYDnFeZ3I5o3jKxHIBT1gLR2NLxziIHPWTfHH1qAsu-MANRrU_uV2R5QyiUjecRN5D2klAUu0OR3tF7OciLhiTs0Zzp1G4X1lb2G6tSqA2jVMBfWC4GwbChC1LcXsGGrkGgOduVN8lIylGaxtVCUBB72TXGuM0c6AGYo2u4vuQTFI6-QCa4Z-gR16ln4dXaKm3lD-P1o1Kl4Oik1fpfKIqhAHwx-1M1CYBG7sFfud8pGO2Cru1IuHQ7TXsvKNADtwgECtsqPoTDjcTDKzDc9kOn0eHur-1Y-HMjv4n3I1-XabRr_JmHcMhJBX5DdtD3jBQSLl9y6TfhqbGVLf0oaNJqwQgfRzpOXJuvxsjvum5JypLP4Z8wHil2BpnXGyntkjWKlB_wT7iOEYcxY8n7E7v51Jj_WAWXQoNR8trz94NnjpzJGJuZE35dEvMF7gKz1FRfryRhKFm9fWC7yBljAiQLhhnyOJhU3LtP_L6ilT72jCNddSxB2N-YiWy1-4o9cAQ==&pload=76
Domain
kneeansweras.com
URL
https://kneeansweras.com/dupa.gif?z=1541501&var=1541502&pb=fd9320c7c3a5215f51a9fc8f124d502a1638555773&psp=x-1dUWWwJ4VS1sddHyj-EFInJrBdVkSfrdkuqCs1MKz7cTm2kt1o1i4tFvK81kLK6lv2mCNy1eAMowe4XWMbCQ9xBuo6bhel-FU5P6r9SYXkSXa3rjr5VR1YibyjoHU40G5KvlzFuziaql5jJtxIFsfO3yAGeRkcuQgoemiZB2h4ns2fQGKW8U6mdB30Jd1elwWL2QndJJZ6yZzG1Ts6EI9XnlMJNquSVDQSF-52c5DSVOOoRvfPDev4nfqySfibS4LLlYJjnDQPH2ZCGH7SGqRWrAGGN0G7ELf3iQS4WGh16NKugBMwNIk_uvFWkkBqEA-OP_uOuE_sjTsDb1ajafRZct386trSWMHiGpUNfH5W3ahOyOziTRVy36jhijE3nohmZ1Tvvo7xbcXUH5O2qus-9Sp_g3iOBuqZnUdzfZkKScvo9bcttFNMBVV5oL4JAM2AiIu8EzcZuirR69W1iunjQnsJLMo4UOCMyjx-2ZUnYlN2iAwcw6_XiiDKGJ1z2ycjve2wtFz-T-xZkvlmjNYACu-hRTaA7BT8jRcUQZJZLkB78-5ld1TiJl75_WGkmbiQaUVyZsAQAHHfSe92DpcxuNbhNgT_2SRajMloE49XvU_nWwik5wAq3K7VnXNVdtZF8o7DytWQ50rEemK2JmyR71hF6Yubf-mAslGYLnHtAWLXkQLwyQ==&pload=62
Domain
kneeansweras.com
URL
https://kneeansweras.com/dupa.gif?z=1541502&var=1541501&pb=fd9320c7c3a5215f51a9fc8f124d502a1638555773&psp=TEd7hDikFiLgLugo5u86cvoEy6gUHFlnT74G3h3qtvDUqtJ-j35l5xcnAqL4xjcJ9c-kzsAtqAc6odNFvrK78An2aaW5oh1cW8Q1F9HTyNeLIStt8YN8Zz5RKus_Bq4z2zLjn8dMOmQeGTOKZ2KlKCyrxu0V80iFXLji3TxdzK342X8tbeljuxB2r3JtIt0q8ob8ecgMeUw3CGHRpSJaXU4pUMfM-tn4vNYecLrWx6WVS1_O-lcPzNz63D49Rj4hMjwCCKOD7aia-R8zkOjkbwwC0MzafLEnuq8VTL8Pl4oLqJJhvOAxmXTx57rnELa1zKopWYlmy4lc23aE-Ho4KtskcxBVoSN_7Cfp0jyPJNHCofJrvney_3GLvQjHc8nNskJ6ZNBiK0bJwQ2M-ai2_QTzib9DvmWGMRUbxcXkNcCpKD4Z_2Jnnc1T9opO9pDIlKevIiHLekYm4JBKWUpZkFKyjr_GdGfG7jPqJ9ckN55Kh226oevxg-YBjmmGTpDiiiIY8ChHNdFMh8tm1DugoKh_Esb7KZmsVutTH5Bfs5vsc4FBcIV3VezNZRDaArdxFfVN9pZV4hq4fldyXMaKrIBovGrPKNTgmm3lMLOFe0VEaEngy70GaVRqeWInOxKgD3BLYgJmeEwhq0f3SzdE-RZ7e-bFfYxqkkqczHFM5G-5-Vy5kKIMfA==&pload=62
Domain
kneeansweras.com
URL
https://kneeansweras.com/dupa.gif?z=1541501&var=1541502&pb=fd9320c7c3a5215f51a9fc8f124d502a1638555773&psp=FsA8WMJKNx7DrN5hIE8S_uD7caMvW6fxv4Ekz7IMguOwAuRB2_-Er-x2imLliRoA3onHLVGwGeSSV4yKDsE9wGcS9uy9B5JYvt10MmfYct2VvOSmTC86pXLttpo2MCwPOJRdNPzUcc3rKjh7R1BEpK5SpEzkh9aLaUox4-0VE87Z4Is6MVnxlOOBNJAIJqO2pEVOXveg7rgQYYC1EKCl41pGgnTpx16cB_AtKGoiaFixv0ocJ1YbtXfUQ0Cev3iWc8yUw4Cg6wzZL0c9TaYI-pZH4b8TY9GuiwgGkFdLBqEW2PVD49g761SYQ_aQTNwoQUkf3uqV0cVjp_XXP0wfHvDESHewAZToQIUyV41Pbzvm6lWvyfWwZiefMoo1z6OIO6W1PwcXqAdz3bS7wFLxb4ev2wOspa0jMX2eaFGu6KQ2FvRcpOkSFjwAD3WEiYFcHBTfWh5nopmopGqzQUTRd1lxj30NuUv77nNqxPjLGX4M82smss41yoGTANTp_Fx76h4XUwXw21_rQNncBqVCK3XA9ktV253WxFjmfBMcy82A2bqbzTwNNpEVbjLYMt-H03qNEXisez40yn3cmUDZuF4iAuri7GLesomorH26j_e9UwTqoYmtQT0o5kxhr1URjbvSze_RRtZFUD47v3BGu1h1o3vCyPSUxSC0UoH4szctR68DrcJVDA==&pload=43
Domain
kneeansweras.com
URL
https://kneeansweras.com/dupa.gif?z=1541502&var=1541501&pb=cb9b7668389cb45936a30bd1c088eb721638555774&psp=MY7HeXzVAGqEuRSFNlR2CsfZ4-QkV9RpxIeGe8midFg9szhs1F8B_dT321nuE-_ypJwT7BrgC0WM3YAGiIh6XdLllP7Z01rQfVvqqcRHEWfVZc2LZKN3ztmcCfkkXJHB1lgQwUjJiXKpYRtO_jXwtkuykjFylntbhhpOCx606NVpxkaEn4xP8pk69AMan-TWzdg3lNY1mAi0ffW1fSGLOAVYlyrmRrN0BBRED756nOV5GZNdvxYnJ3RPzxnpUhOaPh9FZJ7PvbmGSr8_cvjjx5eNY5FXRTmBdPN9lXZppzmkuFfmJQvOff8HGT6a-muDCmb1qTRlZGg0TZPqmiEWEC2oHgV2aGX3fAmF7WOr-4ZMU3Po1xa20U4P7YFa59E6dzqcMCd2FcfgvUl9hwTn86wOCmw0p44WXn62s0fhzcTcmscQ5Ghrr6x_NC9EEDcyZNxVQWfBJIQy8uyhwRqHL1Qu8cK-XB-m9U8HxedEeKB_bCkqU0LhU22kbAQTYqebEmeZTOwtOT8NVjceNxfimiq_pKkNsGAVBjWxDilxxRxFrAaHUqh953wWan825lRo2d5deRxC0Rt6utQ6RL-nr0gqh9ttrLlrRtGgG6sA49yJ9jWsbrVtAtqYK4Roxw8os2eQWh7hxpLoF207XemVuuXJJvpVq62oAAnGDuBV1u_cK1WGuIi1yg==&pload=44
Domain
kneeansweras.com
URL
https://kneeansweras.com/dupa.gif?z=1541502&var=1541501&pb=cb9b7668389cb45936a30bd1c088eb721638555774&psp=NCD7KU28ux2k0rnao4eL5hoNSXLbnKrT4CTzar_3IoA9_Q9KHNVGjJKBEVw4U10iVSb5rM5aws7l2_VA6hzpHqbb4s020MefRaVBPTp-WQp-pu5sASovIoQjs32xhmPMYyvCBdBUGJEzLVuBPcBwUD_ouTNAsuac7uM8B34rxCvvrDl6atg4vZUHroKsTQTmzO3wQHZHvSIcLkNQ-DlGc1fu59SuXaS-44ngA_wnw0DkGuZgZbZdIK3vfxgQgZ-bkDR9pYJ9_OxRWLvfZni2UeRaVL1A10FXeLecA83XlCfuzKAasuYKSrlNywuT5S0PGbNdz_piPQcyQHPleIXoV9sdKx-64lQc8Kmo2ZQYrEn2y8Fdvr9RCjeEBrUNYUsH5Ev2EOEEKiG0Dco92VP-OhqpwX77a0_l2QWrXva1pWNWOxkOdYuSzljq-ueTruUir-GF2D23TwkbJT66c9euZdH8pp47SfXhn_z0JqSOZYarQQC1y4ibKSuXKFFEYhnrUj5HiipEmRiuCORif70gWqPdY3W1H9neMCpn1Dt6-9AIWsGajJzstdO88RGwky03WZBJm7PHTPYLmuNVFCyOqMWNKMbFW2AuDEq0ObuNNjjYrD3FdrG4DHy3qBqPZV8I7r9qRg1W9w9OTGvjSNtNvshe_jtsJ4KiiQ6EYsrg6qCPZqPaU6bVBw==&pload=46
Domain
kneeansweras.com
URL
https://kneeansweras.com/dupa.gif?z=1541501&var=1541502&pb=cb9b7668389cb45936a30bd1c088eb721638555774&psp=yS1MUf9_Dk1y-sL_g1ktROf7tlsrQjC8YtZPBM4UDR_YprmRGyXN6NtZORkAce3jg6R6HB2hXNL3246hwwhWNEKuxkN5sY5G4AFCiQDD-hkP6OT5TRmstdDGiTvdhuvXFnB8jmRnn0nVuAZzg_Dbb7rcl-VT8krrY5NR5mQp7HL4i9w1z-6Dx2Low-12iLxO6quoB7xUl4qI_80Wv2WX3K703EMRUyMe0jrlXXA2A9R-2AKxVflm2GaNCPpKgwlgdJjWi-lASQ4JghrUkV-2QOzYuKNWHs-ZYGOBIRSlQe83_JyvVG7bIQ5_TjwwBvb3zJVQs00_laLag4kDteFU5rUGxqKX2wmzNqsj1vl-euFx4mslIiVWFYHY8mlasSHw_oFQN00b8f6HkFQJPYy8ZSx_9EQr03NhgbfhrnLYf4DcoO91Ct6A-tKwhNJwVnhXiYAeA1OF3Gpwv9vAO_1avV0A2PLDebrJe3lW94aXBU-vKMfteLxXCtyN7KswEWIQOVN2EgjRykduPCqyh258mNcNDews6uIA1DorC1tYK0AfuFusDn3soNuGhfuhwcIpSasJ1haUsyi1kF_a0JZXSbXSzjdb9EuMwBEwvahy8EsY5TsY31MVV6mK27Iv9Hy6mJkW8_xD6hxlTfZwtlCv64b7G8vqoyW38wzKYyhct2vGVoB6OaADlg==&pload=52
Domain
kneeansweras.com
URL
https://kneeansweras.com/dupa.gif?z=1541502&var=1541501&pb=d9f19068a3e4545e4569751e8929ea6f1638555775&psp=ZdgessHVkKbZ4AnF_lP66nbzZOlfCBp3BPG9vVjio7WFiCmlE1FtsPNkGX-9Xn0X8-gA7rla_aT6p-MmcUt3Mo50-xaacBZ4peQSV4y3Oe7XGgzlASfk0UV8FE9rHV0nFgmCTHNiNwjY0RCLU4QzG10ouebnOn9hVRkVshqSNCHWTY_LxRRPCT_ZRRdqcb1ek_6VPlrNG1CNPVJ6HbeMijxj_dXxAY2nbcTRQx7seVxTBYm92UzIGvqnjRk4ZMeJsvt6J8NiJ0cEK80xp6ixighz_hKjmY-mpLpuDVP8QzuhEMkRT6OgSVLyXTw7PWE19blmmc1ZCo3vUAVmoQ8KYlSZBjQsIpSRlItxWbeCHIQWiEPfGzoWHgy0qiqaeQ-HgsvCbu1Bo8nFKxw7hTz8mIzGsYF97rQqjzUzP_-RIr09qZaOQ76tAers7nzV5f5JITNQYHZ6_qIx7R8k7zgidtJfGdcYElx9IUpWK7GqI1UuxNaEGWvIa-vCcOEecVjT2rFnAfOTkJsBIFvOPdCWhUSpan0LAu1vMtiggGsLVUUISXVkoI7rKpzrp94ZxBIUwr6a8CVYD-1Qt3jdnzzeRkUwzw91deG-qGM2-m1J5WDjwd-gKQLvaJxzduM1brriulKlhsVuBmrH_P7fNJ2Rf8zlmvJpnTlI5aHAfRggVJ2IL9TbTTtqhA==&pload=41
Domain
kneeansweras.com
URL
https://kneeansweras.com/dupa.gif?z=1541501&var=1541502&pb=d9f19068a3e4545e4569751e8929ea6f1638555775&psp=DdzPkoCeAdYLKOVwDg1HfeGANUmg-NAb9gnyaUnU50YJ5eunIMfxyIE2w30OD893QAV0il9f3o2bfAafdxai_hnBb__rE8bXw-ZuVVnPOI05Y36Dj3xDD8xp2msv9gr9NQjnAh1dtWLmOCU5LWAOgDj7HEqVfdOQQVR-TvHc7TNZ1XtN7FyPTUnT3FSJAwsT6lESLBevPlazXGogYb27RG_xO_qt1FbYRYBZGpaNM26Q95ex9QZLv9aiqfsV6HIxvnqcV9TSYFFWIzR6cfmyxO_EYJnr8EGmaEQ0-N8uOQd_FwMJE3j0Sr7D1pCZ-8QWdMSrmzu4U6hgv5sv8CfvZMo0NZRSLGMjR1mmgYA8Rq-l6ImXVJBynC-JVnZpW3_71QOuOghaFLUWaoxF-zEQTKh3ChIzrEty9-bgi9h8fKYlHcEt9uLkAxOKgX1Q3xxQsYjwth2habkx_8TiiMFurCfvnnyAIqgtPAqGA1V2hMDtYBHqejKxItk4BWMSM61NVhibe6UKwDtow6MsDGFi2ISEtG3Ivp4HEoVXRwFtGBuGZSd5seHmpy8smkRVqUH20tIU6byIkfFL-9SIQ5ESYgV2YbF9hy2UFVlYn0oHOvEgL3fprk3NkjfINzgHkbOrbUa_97pPBDTf6W46xryq7Z2V0meCFh2RYXsQ8uNXwV0G6M_fZkHWkQ==&pload=54
Domain
kneeansweras.com
URL
https://kneeansweras.com/dupa.gif?z=1541502&var=1541501&pb=d9f19068a3e4545e4569751e8929ea6f1638555775&psp=Aqe9Omoxjr1P3g-YPy3qGnHK4SHIoPjszbqmB2n7Yff_bT9uK0TXQZEr-4Kbf2MCoFnzXBKEOh-rKS_t20IShvDQeVAYgSbDa6cnNRI3o8e_cm3ULsTEyJGTzJT6Kuf9goHja7xTDw7VA7RxiaoV_9i2NQIscHMv-iJFdmQtgf7CvjYJ4-p1D5-Qtfxu5l7CIxf45q_16RyDKxEc-yrRqgIparHWLjvEGgQfd5FknUqO-fYQHb885CP_xElTJFpo_HxJSRi4tHr3Q8MnQRbW3FkblEe-VSf2fNw9hs6RTgATqL2t-8stoXn1416MYHLeKCfGgmIYsfOm0OMGkf54gNXw3mEYP4kRthAU3r7_oHKAePALA6fbADSlKcWfSAIAfcIEs22a5OJ79W-zSWNc5yXMljlx3ChbCm2bEKRci2zQV4aeXu9aWRY_NnYhb2NmehfDjRcyYGRwI4Frzvd8P6H-2DYVd9LSub7Q-g_x-RICGOtKhdRiMu1kp2O1QUBZ3sPHHDYeuwD1gzQwRn2KrZtqgFArJfKsu3JV0d_v9sbLGJ5-t4m0NZY_AFQvx6blpXMZ9BzXnNEjPO_ULIsMGQzWb4-371DpYb8_9okWYyxz04DkFb66iWrFv0_xgwpBsX9O6-F_YOZilLasfCic9UxeHINMqyvvMezwhhgoq__jXeLic5aX5A==&pload=44
Domain
kneeansweras.com
URL
https://kneeansweras.com/dupa.gif?z=1541501&var=1541502&pb=d9f19068a3e4545e4569751e8929ea6f1638555775&psp=1j6r96Pi69dz18JeoufWWEDB70mgGm2cVVsiIO2bbOwuVJfyLmZJG1OTx_DnpP4Qap_Qq8HJwl70rlvED0ll4zqzCDpcCU0RWCxIxQ_-BYs81tW5hgVJP5IdflhmwhZMSfPBGoiQ-sJ5lJq0cWfkWlghu8x6Bb1tmAaGdoHe-5DK-EOlusWHGELZCPJ22vtRM69509d3i6Edtb-WAn-cmzaJ8uLD7FAZXlMrx8gryAUH-n46aahpo06DO96fX3bICU4etnJqo9cyaZR4d2Mo8o3syVGMMq8q-2DyoKqu0HTpdyVXD2ssIUxcyAPHtCFVMAOWEaWRFunJBSt80FvRpWe1D2gHb-KrZiAdVEEHqWkwJPCjb8umwr5oZLlPlEEkXjFoVb9cX0o9Z3sjOXLUQdpqSg2Pb1Mw6sOaAws-ZHKdEImy7lnAMvdwxPN_pEOHaliZ_rIDFTPGjIeclbsPYiXZ_LZzGrTdY5roT82ZXxf5UuuxhCkcbqbbWdEGbU2tseYDKvcuOPSTZDRdgIlKJ_UBSNoiNrnHUr54PLOHYXewlrWT80gnrLA63hCP5e4Cnl5sF5dwZqyOOtnOlpVWwTs-ClqNfK5JYnO3Se_MJgc-ZDtPYV9_b0sb4wENZ51l3mDM2TeuLkiQ3mG9XHW4lS5hAwCtzqTp4zhHtzwkTEqurtUPkhlbIA==&pload=48
Domain
kneeansweras.com
URL
https://kneeansweras.com/dupa.gif?z=1541502&var=1541501&pb=d9f19068a3e4545e4569751e8929ea6f1638555775&psp=vEUYU846uk4Yu21BUbxRzFuZFVr_v7MF_QeqXSNOa1up6QNUDSLrFwOhDlyv_beSs1jQGTB7aS8d3ubXrf22Jd9ZWMPvWRGb-jKyMOfPrRpHvosZnjW-JRvDOlH3ErIhJ109OYNSRWkHgiW2nuy0XBBIYXWgxP1DaomsgK00VP4sd789833qtneJEJwmrjkUOh-IKr5-PeqvklIwS6kXVCTX2U-VbB51GfC3VT7jV5BGD4zUBRfXDEKUP9GL6OdXADtpLgeaJQH2hHcOUVUx0ySZe8mzEr23bEiyLtFqXEsmr5XtMyigWL3JRqWr7p3MLEeWUy0YSJZv9ohCyrjAxKVfQ5X0ni4zVhvzMdOiYopZLzzgSCGnBEL1txx8DZibp_AurzijtbYaAPIbEvT-kPLZnK6BZfnwvYFFmSpqaDUXK6OZxsZvBv8YfnSFyA03_mluQtM5mdtBvBAO59qNx290TU6Bzk_-OcW2PckIUZV_5Dt12e5gabku5vm5lTFL7kAbiXwQTWMDh-lBGBvNrevU5aHdjR3w3rKwm5FWGFCqGJhSpmbtUw_n1lALyJi3HxOUzyuhGvw3OWIYRBIuPS22ICdng73qePA8-e_Epxu8We5n3jt8AaiuucTKNiRh6Q-oc6oOaQZP3oraHjjPDFasQEmokTSmjkaud4mQigPcbBRWFQrLKw==&pload=49
Domain
kneeansweras.com
URL
https://kneeansweras.com/dupa.gif?z=1541501&var=1541502&pb=c988daaa13007264bb888dd3bff3860f1638555776&psp=twDThmkx8Kf-wa-G0CcxQ1GkmRLM6Ojeovc8ARb8E2iCk7y0dsRc3MdfWfmWPQLD5dcJzmp30YOik13BFPU8CM2TYiRJR4VrVZhVSyC_jYtx0dv3RjnweCncVbnDf4LS8QdAuHMDLJyJzIuw2mbePpRFmSyX_nmJcMZeczyykKBb-fY2NugQsFha8hAZ7Y0SK8HIHVnezJwCQlxBj-TwJUmg6CQva_xU5hcN4KtfAaXbSUHCfq4CN--6vuElISRIp33eFaviOD6txx14YZ2oV42QwVxzE1OgnW5Nl5nm0650GWAGLdjLrLp3L8UQ3LjsJj-EZXZz5h5-wu_ik8g-_KJLiW9yHQP8OKyUTc13kqzL5P9M20EEKYqbbyvLJlpyC_PyCiJRlgCWoGyzB_8MK9MTZdStHwXBnJUsDg_NBNLR1IKuRUHa3gFaf6K8mFMqVlOzxvATj0F34gz8EKmapfuvDy-eaMwNJTqkIuX82lvnf9mjGZxb2Z9NWY0DHsmBsH0mnr2seYgaqWq6IJN0w1_T2aQ1WLP5KpBA0cIT67yRl2Is0MqVGGcZwMcQJl9mKhUpOnzayCJUkyChUuqjlubCHs40xZqBJR70Yf93LWm3NXfvrdRzdqcSt5u4pjIqiIp83FsmtTmv4kWkTXUES5gaQGt7GT_t1WKE3gRZszJYQdDYfLYnnA==&pload=44
Domain
kneeansweras.com
URL
https://kneeansweras.com/dupa.gif?z=1541502&var=1541501&pb=c988daaa13007264bb888dd3bff3860f1638555776&psp=oFRCWR_xS0CqYaMvqTGWsPPIMpqq4D8mGZiRCLwJVWB4rdPl8ugiHpcpNaX6CfHjoK-Kj0Gu6WJiEGwPxxJjGG0sPsC2nquvIA5KBnbDgAkpml5w9RxsJe0Gflkmwlzd0i3aY-7L29LHXxVEW7wTfqZsVj778JcUMtuAY5MedIVy6nck3O4G4dko5f4rEOax1slg6thSmTCKcCRSFhPBYZ5S9aQLQFbT0jepEA3-lZN8nUF9EVu8Q2Z4G_LjJMYUksAUn1qtSK49P0cyBPCv38mBzW2KatAjFOlIG2XixF9bXT1KvMAZ0FV3_jFBd_AYWTv8FQG33aHZW6H9Jb86AHTy8cmhvJnuBRGlRzss8NGrmAHqTVuDWx7e9MIvbBSAGC6YfZjrysMsh0cWOEINtSgOteSRw3F0Fys4DIeGhQijH0nBNwseUGgwSCmQVfVgOmMnX54ULTMqHu5MxzBNIgEqhLRg7w2vHgLbcFLB4g8DAjJL5gOwX7blc8DFZJlxbsydYmmThEdQrZVJbYKxHITRreuUaAkMpAEzQP1FHK8F4EL9rlz_5IoGOWw2qJBur8Qety6J2boHBnF54KxXjW6CAvmY63cP4vdxiHVJADT7u8yUZOBiQUdcPBw3jAcbUajSJ3jyCajwl7m4qPnqc-cifvSO09SAqfOZWNjfDvEyU3Riq-jBcw==&pload=47
Domain
kneeansweras.com
URL
https://kneeansweras.com/dupa.gif?z=1541501&var=1541502&pb=c988daaa13007264bb888dd3bff3860f1638555776&psp=zze_wmg8qA3j9kv63TS172moHiF__zN-HtLOsjkzWmExA_c7XFQNzgAGg23THxy3rzFmfOhIAzmRgR4V2pBZlfw7AsGPFb-YK7mjFxGXXKdYuEVvEsEUjAhwctJ2IJ1_9bqYZx80ZY2ekcx-ZBYgNXDZeajuLKH8J3QBn9AUXafjlQgGyt1SQfm-9b29FkfbwurYOUkjlC5SAoEhNPypw7M74ufRJqwGd_AGUNh96kYdrwTy_X5KowHN_mluLG1J8T-_0s1BW_qnYrtanvYFJezFFLPTAbrKUWFlNGRC3r02iQJBsnB7PqLL25zr0220YGy8ADeLFGHytczECmlzOVeZFRaPetEh-EpB0ogx_DAkmgy4R7m9WvUzSGI_PhogU35muxArrJi_XZ97xODhv5fmyAzw_-mZCXDNHVtE54ZF0ELun2kDHqH0W4EshQfjK-03mvMFcjjfRxz565Hjy93F-StAczA6pT5iwEAbmIwG21fAdNY5CEpKdZHnyqbjbqAIXu3cdK2B8ie1Bzzc4AppHAD2LWDzjf0Bkac5V-rHV7F8doyzWVp7dbmVSB_EWNh1AtdAMiBjnw05wsenL7-rgn3_IZEGnUmLX3RBVA8Rl86IVAouXhTBzdC97XGBM8KouzLlbz8qoYFkn8Echg7kQwo9ynEGZV9OPxfNAK32xDkQP6m04g==&pload=50
Domain
kneeansweras.com
URL
https://kneeansweras.com/dupa.gif?z=1541502&var=1541501&pb=c988daaa13007264bb888dd3bff3860f1638555776&psp=OlRRi6ZPaeJ6DSwbX8WYlOpn5oTybFpucOTX0UHkhyXw5XeRlG_KNPY5Wspe__Bxrti-tanZdsqJrRufnj_HjFoGYPtxb4KWefUWwJ1h3fUekxmZto0QuxeipXLrQT_W0REYCcwyuHM7vD9IM1H5y4M29KtOnI1gYRKEuscGb0Qe6Vpadcl74_kEGlMJHDe72zSfMBg4jH7iqHIrjuvtpH9K9PxGjg0YBa63s7gRCKA1vxTEP39etFaxNs91zgI9IarcV9QisqDupneIj3Xt9ih9tIQf3cvuri-oRtIHDULZiFeEYrynw4yrNBWFbskdcZ53JGh3iTv0oelKMk0aMPUFuDf7Bj-qtaCqYkWlqtdkPC9I1TfFo8WcvlNAdXxvtGuWknFmTpQQGpdgmvfQHd17e4JGzng6uMNR2qAyL3G_A5zCFJD4B5NkxREiRziSEvfCObvBaq9xfKODbWSbGv8-lqOHtiJgZmH5yGTqdWCHtlQ85X_UTKHsYbZxW6narlREBO0qB-3Niz9kYdzX52HqbewadZ81Y5oAxOgFPYIXd3ieGh9Z8kQZd6sK-PBBi3ohf2Kk77JJrNwQ0dkSUhXhiHpCFi1kFZHakjCpMtIvDlXtA_GeEtHGXDmrBFQl5PgNXAKMrggmjn-yraLqQxYd20vwADw8ntgSbZM3VsI8Txm5BOayEw==&pload=43
Domain
kneeansweras.com
URL
https://kneeansweras.com/dupa.gif?z=1541501&var=1541502&pb=5a5d9701cc59d66a173b2b9019d7a3771638555777&psp=Vub5bg01ctBBvMrJSkBHYdhxb7DdpL3WQ0TDFz7fVQzqLPRA01Ap0sHk-niL9H8M_qLgu9Vb94d77WSmPwpZ34OMWwUA8XVSnf8NYcYUlk7Yzuamkm2w5r5VJQNpg7mlBUpd-__W3cdhyoCl2MZgt01ENdo6YfgOZmYhuYRbqWrMqnPaW-d2wrNfPkSzBN69DH-sc33hRAlbHKWHvKCwn3mdW-GuO0BUztpQWLnogEtmLnk6W2vFDelC74GGEK3ToPN50RgjzgD1s8lELNtmBcqOrVTDXRhyPiehMdc3k_5M64EXnVmwxcURhPSlnS41LQrWG-UdEx_OpmWbe5PW_UhHtNXIYLPf-u3zzOR7s4EECpz4SIjhLPZ18-HctIEDGYHquN_Ix-gLyeyqDDJsKj7Jwdk56I353liPLZJ-050gZhvjalro0m1VVZncN7N10FoEJhuxLR4NPtthnQjfTC-HCaMiau86KRM6KAQ7gTsZ25PdqK2Ms_v8Y4mECeL5aqkIjXnuY_WzoUyMGHoEpjoexRJiM7ndnfSTRTvgSg5abxNm8gnv6LXjfmCtdNpAXFdf4KvG3Sdx58O_8TPOiNQHl57vw-2GFMEv4qJE71863rbot6VjNsMoT7M6-D8-39wylrnf6ek3_Fny42gQB4NJt3NJnnAePBox6dD3KcztSfnH2BLFog==&pload=57
Domain
kneeansweras.com
URL
https://kneeansweras.com/dupa.gif?z=1541502&var=1541501&pb=5a5d9701cc59d66a173b2b9019d7a3771638555777&psp=BGnga98JaSYPjoDzUct_aPxDPxYOl5yP7tW9Bm544sMr870CBulTJ_eP1tX8A4D8AkUwapjMseqaaIZLyVnk_Ys9b_EYbP5kXH8J7DU6P-aGnBaJaUmjvtii3Hm8V8l4EmmwZECE3PELf6aG3sV8hMX5O3bPfIFJKhiKcozzjwnSElevWytVrprYsngBtquG4JXHO7-KSpsNBgz-4VQLv4tpeNeoSZHxqtZ1GK3OkwADVR64lZ20As1OnpgR4GwjDsJhxOrRkhMh-XRnG4GYKbXFkuV-t9yaE_oqlJQLTb6YNJ3c4IG3Q7C9ZD0xEGJr0QJdyporpGZlVqDqVw-ra1x6eJEHKRG9dz_IlekbS-raW2Zref8DraxSOesxcT1uHw3EYk3pZi6Izk-UCZu_v9x5UgAp5KJSPJzRJ7ewQC-WGtjBz9J8g9vh5syRICkTqX8TZ_P0eL31L-mt0p1gFd_Aog67-dm9zMsRjaGrXPmwQAXAEIunlB_crqjYykXNN8vqWYpFiGLv_AWewm7FAcPd0FWcXyx2-HHCM2UFC3E8cv_-TBcNMBk83WUCJqHbHlT71JkvNkwo2kXag0hgKcjQEQqFGnNc_yvGcuwuDnwTa8rtHY4UF5R4nLkB-gMoJUbmLZi_aFptFOkhk7f0-WXO8Rrf7qTdc8XUulV7JyFIRmF8YOsHUQ==&pload=49
Domain
kneeansweras.com
URL
https://kneeansweras.com/dupa.gif?z=1541502&var=1541501&pb=5a5d9701cc59d66a173b2b9019d7a3771638555777&psp=mxKZ4OxWr3qXnU80vkXAkNjsqV4Eu_Xw5-46ca2ta89Pewg-Kg4x6EflgmcFC_K0KTQ2QlDkNcnenn5qvTGKw4UKhvNubdzhPX5oHBCHXpsOA9zly9QR_bHHYvjwIMpKwWNfEj9iupQ8jYQ6Xjf8eO7yq8gY6QxKzU4S0Zm6YypvRio58fgdZ8VTe2YlJJs4vRVgnZP4juJImdEW7O87PZ4dhAmFhPD10oagJ8cNze6lB4ZTDFrng-xLLU7kmNDjKHL8fBzyEtTg47TBzaEzvGaDIIHNu2jwwgVfl68XsRFUDdzCqVlf8uhoYs4fQEQMIlKXuNKkHBcF0mE9wXKRTACdMXpu3ZnE_h2VH5PhQvFknaqaMAtOah31EvYN3uNd7MyoxZ3Nh4hV5FAM-MszEAm11AAAlmpbsjhuX_ki5wYlFUNznji_LI3gXtuOml0ARveY6phRz8mziaYcq4Tnfg8yRYAkatvIeKBWx4am19T3-14ZKmEzeA0yGKsEZG8DoxizrSDTtGDPVWoFI3XBj3YQhgaqG69N4KNFZ5sAa_k3In302V9tX_JxJfLOttta5fGWDvFqRGSzc7Ab684XQBjmmtspH3lYrY1W13HVAx0n9WKrGUYQxFHTg9qh9xP33uZXGKeDdevrQ9hQdkElCLYrujiRNLpsdoBIRvBBhlav46HlNgOcYw==&pload=48
Domain
kneeansweras.com
URL
https://kneeansweras.com/dupa.gif?z=1541501&var=1541502&pb=7b8130b5790921f3eef41f1919b9337d1638555778&psp=kqN97rnExeTkJFgPISu89hq01dRBIndnZ3SywHb3KLTYh2ifCcUNXAAP3RfXNZMzwahsSHUge8TJT7_tiEp-rY00Ry1XXZUAKMpusxnwqWLDghRs-MJcJrglFlDGhr2mmF97ygT5Hf5wg5_aSAaxWo8DVQGvBZZSU-nDP-A1JLD7zWnlLktYlDj7t1AcZXavYqho1HyLdCpa50eBrntW3H1qEVPkIMdr1zposSPfpcAPbLmShlsPeF6S-phkWiS3dnJYugst_WqbNoAbBtrShVW3Apxoxo29b0nJ5VDc0PNYaCJMM4N_cTFGSsCWzQbhpGGJ9qPopa2FvoKkqHC2_9QN6V0rXV7F_DIraeoMTiqisYw-LlGtrAljOS6BYIWlp--db3SZCy-NLEf_Ruias-8HBEn7rJU5RaZMbZ7Cv-0Zy8aKFykqxgTeA-4GjGOW9XTjeQfEg0tpvLwywKAD-QNkvDkQnoQ0BoCAbc4oewkeKCWwbJ4m9UMVcjqz5qtzFifMjcS1fIlT6TeJVL-lJf9273e67LOa9MT_9fY67NB8hI2eHZBGwX4HZBi2MEG7dZBQZaWQOfi2Zc9LPUbOcPP9g7VBeka82NHI4WS2rSq2JnYvWL-xOxz8MoiEWejL3ByTLBeFhD7Uzr9zzqrybcZ1be3H4luM6YsZsS4i4-Stk60jIzSXqw==&pload=45
Domain
kneeansweras.com
URL
https://kneeansweras.com/dupa.gif?z=1541502&var=1541501&pb=7b8130b5790921f3eef41f1919b9337d1638555778&psp=IHwe7hBnFUQzpKo1aF45aeGngXRwyHtQtEtce6MDvDQqXR-QjpAQkzpUvJE9r0zbJ2zEdwssjLt_5Ekrlf-IjdfUQdnWDLKuUSQ9_abOAPhrLtZ-ApVccJekk1J14C2J9h7YHqv1Pds5oKT97gSPWRcXQ0CuQzVEyarCWfWr0zu_3e5xq4uuHN4S4I3Txgni0VRyxvjRl7tztFd2Jly9Padwp07MWU1VIbk8PK-pPl_8rAaHA8PAMVp3Ag8gI9p7rF48ERFAp2cRYwwdqPmQKpGwkpiy14ypVm3WgT43g3TzlK9gqvaCOP_kHpf8G8HPvCTT8OeJAfQcflGujbLhpuzICGOC57-TB5Op4nebkrCn_3KDaBl_lICK045ygaEq8jYEbt249IDD8e4JHUY5DmM8jQ-nP9upzwAYH-i8cCH75QuAD1p8wxyH7tJ5uUDkqBDdUSeDHVkIBHX-142MaZyG_i48OHjgFuCLxH9cdFMKVmHHZCOjeORVf4NdVReHZ4JuhHpWUW4gLIze3kC-PjiBwKB6SVmtWdxjuDrSHblSsVlvoGx47-1La6zaO-tGWVqnwq1nJeuqFamAcLjdES5c_LY7rPYF-NCXezWj30FxOuww9A46m9X781IIQAhNHtjfR-smwG-NF8lEW6IXisSs97_-DGZvGLoy-GrH8dkMuqvpwwivig==&pload=45
Domain
kneeansweras.com
URL
https://kneeansweras.com/dupa.gif?z=1541501&var=1541502&pb=7b8130b5790921f3eef41f1919b9337d1638555778&psp=n_15Cb4HHON_3bjCFmTlvdRnI27Eu3W9BlRvhhfu1xoWCWzXNYBQz7DN_EaweIVSJ5B8kLcnyiqh4y63bLCEGRGPOiPtxLWf3-uhdWr6EvXR9DfXVDwEYxMSSslQ4uoNydZObjO5uGaN1m8Ukli1E0AVpRItly5hvMhlBHQmVx0MUZCBRWdqx_gTuOoADeL_61HMaBTvXb1tXWTrYnAz7PIC9DGDJkSMpZSh-XuSbmQ-vjP0XhOlU3R2nZsLcgX67HeW79IsuOsNIaOxm7_B-T1lPGJyM-cQYCjdZLBmMO1NM4ZjyWrtyvEhXWXTlKdTuWitz-bKhcvE3wlWNRCdt3J-_blikEg_4HKDjQ38fDfrMbZ14UehPEKxJ_x0st7PUUFGCgmSFn6Yd1E18rCEC3X0LSELscWNgMLaGQl6YiEAc0FGkmqeHZyOBxkP9P4pTs-T9NVzXK3Q85IT5yQI-8qckeelpBmBVkdnZsiyzeoaGj5mdngGc33J0pE_9DCdpuHb6A7zup2cLMbimMQQMj00fVuBakp29afKMIpyAbQMfHPr7WqJuocAJ9bYMErFzeWAQwjMsWS9XG7oGjbh5whlZ2x5NR2kqLkTxo6wbeEvX7sAC17KAtTZxHzhxkzbZ5QaRwycX_yZMXA2JHShtEi4vgJItvuiaJlcQtU245ilnVFSQUu1WQ==&pload=54
Domain
kneeansweras.com
URL
https://kneeansweras.com/dupa.gif?z=1541502&var=1541501&pb=7b8130b5790921f3eef41f1919b9337d1638555778&psp=7j76XnH5wPK4RXgrLLZ2BgXGGB6wty_GD9ok8Cp_Xrh_0cmmTv4A8HWH9ne99vGCJ19LxeYi0MFyTx3wO7wcNBI3U_WzOATT8bbeNTZU_8vJBFBK2qTEQsgXE9Yz9Lw9PY5cciOUvBeJLAXZXGT_4hkzstk_4SXKsGgeBV9odN8RgLjMlREzBHizpO4_p2c0NQC0exxt4ug--9TperAcgQFAGmAP0tPwOu4oSj_N15uLc_2GEp_1KDYlWPC8lDErPg8Y4KsWpHTdv0AfxJ-4fFJyNA0W6fllu1uUTjQZzw1gfbXYXZ-GyUPysdooTqpCS7hmxf48nC_lJ-k9FwHwm7Oq14KB_43L5v6WfhoYkxxgSME4aUSrkp1lbGlsPT0wTyMlwn1V9gmR7pSRooNzKN8nBoJgjAf8dDbVSBH8_tf1kPhlbIkYiwPLnuinFwPSMTwMmuH4uz3EwWluXFveFSwrRsIzzJgb4A6UoCax8MwWYwzvypawUwmoFdteTU0Ut4A6g1kjTua9UcWQ2-EoFLPyQVuhhjTeaxcM25wdDpyFOhFBOVEHDZMd5-yL4m9vg1Ol3GIvfJUE4PN5_64s8QZH-Unn4hg04U_7UML2rxI63gKZXgt7DnoKHH54C40Vdc0sgcejz8dJRwADQwkTg_wwU01xiAVCBjsmRRQCTM3bllrrSc2HEw==&pload=45
Domain
kneeansweras.com
URL
https://kneeansweras.com/dupa.gif?z=1541501&var=1541502&pb=7b8130b5790921f3eef41f1919b9337d1638555778&psp=8n6AXk8wPG08Bd43GUxdHdwLo7BdrS60yX6ZtFDvgfchUMv-K9X-CBJZzlf1P-3lBP9WN6EB55zCuvmuoHf80-iv0YUXdSEN9xhdIfV-nlU6jtjCFfeGil2ZumOXTMw6OPr8_x_LIAPDsKclsXJswnSqh3o-mcvbSUmQsLy4w7xJ28hT2lWOyRfpqDruoH9t7k2yWwpmJiFyPsCM8lcbb5v9kPY47Q2Oi1oFGjJqCufIt5U-0Z0Ly0MXPY7qNlaxRwSBqRiG1ZSXkuw8Xqne5biVXZgSzlQxkD2i5thHg9XmaumIjNdEH0cTUdV0EqnzKS8ZRoLqLiX6HLxIYrgmkbscu6TYc2ON-wpz7ivBAUVP8WWf2KAaH8M8kcLC0S0sIJPLh6H5OguUElvW9FdOgCMzNlU0N0q68P_QDCB6AdLgm9eEOufvlV0T8JS2Q0ihsnkYLhF-K0ZSCoZ9nu-IywT4p9u0qYGPuYgYTSycZ869b2pwh0cD4wBDzb2_zUHqFbPNjypl4wUgmDtYskd2wppUFUV5tBs9kabYq3Rut72UIrtqnArF10ETA4wisUrCxjnr0Hh22cHgzlhP_lAnv2rHkb2EQLfxJLrhqidTa1Q0QiTuV3kgF8HrK6fCuEAt_HlpF7WA3yGskGJ0fshjyHbUYvzFd4o074CboXjcgRmZrH5QjvpPjA==&pload=45
Domain
kneeansweras.com
URL
https://kneeansweras.com/dupa.gif?z=1541502&var=1541501&pb=6483f6f3e4eefa151d81634c3582306d1638555779&psp=ZOQ2ppid9Zu-vgcjDVfWWBJAwSRKAQC_BV92tmORF1BKG4MyJfIeZshbndRMGCLyp3fGgIlTe6nlTiDbwwA3WOrIiunDmsSn5e5jRMILOsKFStQ6wMCQtFti489jhjLnGRgutY2Lg6LJabfjnBg_Xe66CiylniXVwrQCQdKXCJu3WGfjJGnWKgMmFzlz7bd57O1_42fRD8tFX0Rb3r3jjVkXyK7ggrxnXenzqhT_gvJ1qg001vRnLVnj2Bzuvu2-aUdV5DLo7NVDJckVpCZl2Ip9OpjpsevOheMY9SCLisWjFi3DFmtMApQd1xCo7x_C-mUiEtC7cIfiy6ktCirZFkRD_2eB3-tYvYnvcAfcKD0-al-BZ48zCIzIqxsmYgOt64Nkkffe0toXAeJfVN5dQ1oc9-KCjaMAlp8_r37vkQf2CKEYKzG0ArJspDvZViSjtx9s2J_ZilXu3ZCKRhlwMX277y6KLMoDmtVsUbcV5IjjatHjnu6aeoQCwzYvQ2AlJyVIM_k7qUOLdEsMvvflhjdhVFfDLCQa3AljeAq42oQI8TIF9TCiBLUCovK8SG-Vnz2sCPPtef3zcwExTQBGCFE8X7k_fDneAHl1PZSVlXfD3XSps8tsK3AzxJJ-Pqz0bZ14FK38xLpnUrmtB9BTfWaISd83f8FmiP80LGCH5RfSBDWu4c3kJQ==&pload=45
Domain
kneeansweras.com
URL
https://kneeansweras.com/dupa.gif?z=1541501&var=1541502&pb=6483f6f3e4eefa151d81634c3582306d1638555779&psp=AGv1WtuE2PPXk02_Gtv5weW-D0Fnxf2J3M6ZUU07T7SvNxmN6OOQfUztKBAcakKtgsCEHO5APP0etU8xsRUam2pk6_OFYCZ3g1yPTr3zxvKEgYUQnSgQJoEjF0NqDNLnklyh4jSwvVtygJyyAeNLxbAsfJ9S6YfMe2MFSXmAEGDzdKYs-ONUADlGTmto4RNj9ah9PMGuz32VveiJOREeDarXftLRPs8Fp3mzv0L5fySKwj_OJlU9Mh5NKWTZ3hvAc1z-c1LBV6cJRJqbbAAdsc625ky39uRs62l06hpEuL801mUrEPKk1UHSFKWnKPJXLRX1WQzHKhfBOrBASyiX041A8FIHJb4CE78BIwlbYm3yp1aLgrekya_Ud53ESryw9z8eXH9wvJgW0ZBh6IMtc0KcU4c-l3QAhB7S_JPojhW7P3W-CB5JEFhyTihifPEahaktdN1TULtP86JB3CDLvv1D8x8FWjpD0iQHD5BjUvfjPYudGq44Lq9ovntwV011g1rnxXMxbPb19-rET0qfL6OAmfryw6JU9Y7TOZevWz6SaWiXiSyI_0EBxLYyBRpXgth5DTFL4nAO0BN0Cx1kO-bAyH39rrYBy52gOlnlPgv_js-wOwJnND8ymRvaS6X7O-dlQ2bXsJbs_CiQPMIQJreA7IfZW_2Bq6pJXVjwc5Jg0viYU1BHCg==&pload=45
Domain
kneeansweras.com
URL
https://kneeansweras.com/dupa.gif?z=1541502&var=1541501&pb=6483f6f3e4eefa151d81634c3582306d1638555779&psp=0Ln9Kl3HYKhC4JFmkAkXst9aGIVrstbOPYZ-k8Bd8MIbD1H4iBaAmCSuhyDUK_FJVCtMzjrUjFw759GZU0AurdgFD9HKlHJXgnWnVdEIU5V9_ZGuRee8mTD_o1PuHGUbWSVM1tCbwMFYiM1svPbjy9Gt4b2173loOnpKWEPupvSlu4F2R5wbtY_Q5s5i_UAO7YI8m33awv4-13Ddz-4NFs5o6gHVd2Z0DV2lDgNulVuIubIKVf3UHbpaO5R39cO86q2EBQvDneIjvlPe6IcO5dYD50fx3_6gKryPkVfwuvQTa1KzPz82YZ8ldWsBOwq1Mu1KzYVEfNGKF_SEOaS2hpmUpw756yxycRr629PBlMD-S0-wXLGwkxuUWZiK6fR9rEvf5XbEi7kmdeLEwHRKF3es-7xEIVNIwCrAGIeyvR6XJsFig7ZJCBQ1soJwMbx3_xQ1h1u6yDdP9xoWzO7UrjLfueINrng5c5-6tsaNAtEAVMW3L5dH_bX3Gb5I2RSmIkQHc2VG6WvI9J7fBZr3X1RSTZCbU-7EMUALdEMAYG1qkbAxs4YzEkqEIzLGRdexe5rqwqtNuV9_Gsv5AiHDqEpJgO8QOOeJzNL41_UAqoe3CAWZZaRalR_cCaGMGUZc6sXiCe2BlUj7O97KGGOrgDk4Eau-Cyj1MxUnjR4vJTPQhK8_pqDX_w==&pload=45
Domain
kneeansweras.com
URL
https://kneeansweras.com/dupa.gif?z=1541501&var=1541502&pb=6483f6f3e4eefa151d81634c3582306d1638555779&psp=amdFlu78JsPJEwYzB1aSq7M1vdB4TSyr4I5l8Qa_62k9yAmHk9iNoHsumPG_M1wddm6uTPWt3Mt7HJopo8_aL_dM2ohGl1weEhH1EAv0uu5Y93ohdop1RcJQc3iDlIubJvIMkyQEsnFjK70S54tJXgnyVyu4lYIIcRlzZD8SyVAf0zXVhU2nJkoZoMlKwYH_-vwF484TNST6rf-aK_xkQL-UtD2UMX8Zq9_5t3opemD0HfZcp3Wyztrl_Z4tF8RyyuA2i03PT1o8uiHvSuUvJ2kYaoYVlV_w8BCYRRHOajIQDke8pQtzzQBIu8LiP4ATOd146pX5rXWsC_pNrwkehM-t8rSeobU3JvvIFbFpnHP1T9Te50wqCeypV4JWjhRXuPOYZ2B1upbyvfKKPZottJyfP0dktvOoy8YILCnWrsTKeXnSZbyEXQyk0nLE5-mkTr9SlOzbHRsxsew2FuvgW9bQDIdimjGVak0BNFt_twZHLyuC2wlHeoOt_m26-HhH5I89tgOvoDq1LlF1NgINheVoVTUB1NOQs5hAFjnskkhd9ToC_YURtSwkU7eZVaq1ZyjOieabnzJXN6-8X47bwmt6CI8qdjwWJ5q5xx2v19cyz_7LoMADTkU3MT7JUMnns7onmTHg_fkMXVvIMqXn3EaFON3-DkDAPkKlMwRUQ9L2EOiu6j6QgA==&pload=44
Domain
kneeansweras.com
URL
https://kneeansweras.com/dupa.gif?z=1541502&var=1541501&pb=586c9fa88c368e30110ae9853b524f961638555780&psp=W3CBXbxw-VqEBkYqoL-p0WE-8Gqkn7F69URfGxVMmHyD7PgBpd__SzSj_ZvgTqt4ySLLAaKZoITslWuog4H2gONYBMC4eI55YJe2Lzlk3XBHGAA1qK5uMwFBuzX5PsHAR54PvJ_Avl3MCYSmH6qnq2YHTQQ6ipfZJjK2S6-gjvMepF4_0XjdS1gZjxqzbZftH1gJDCLsqjfw5CTbJlD7zeE5pxEKR7euoR8hO_2K7hpMAwTR3HWbWNmi40K-myRBeL1S9s2bfEQ_hSf3Cfu8Xxr6fdZL3IMNAM7Rnox9ZIT51znpUSI0R-fbgh5VaJ8DSqneuZ0ZgrN4C9V33TDuImoVU3g-W1KWHjH41-1XenT30UUvTWW1D2Pd55iw-eFNzx__wwO_ILEVdXZq0SqUtusVjnx4X3cepNS0IcTk8Q40qblL6zw7UhkmT8RJxijMX3Kav0ueanNgrA6mJACPnWdlPftK1NPrdEel34QXfmw-kwBq5x9CqL_U_DbApYlN8J6EZ2jN5wjHVGU0FHLV6TW76rjHEJPMQ40avIAFjnrUxuq9E-V8tSxZA_hQtJfiqc0xFroJSgelwdbV4-fqiBBghqMgWoCjZnyIxeaaJQlgMy-r6Zmb1mNCxmvN7Tc6pvLMAE_6QkEzuGfcBhna1lBOtGko-P9TxvtEOugCHuJjBY1cPuNWMw==&pload=52
Domain
kneeansweras.com
URL
https://kneeansweras.com/dupa.gif?z=1541501&var=1541502&pb=586c9fa88c368e30110ae9853b524f961638555780&psp=up-2fGmAL_E4Tnyg1N8L9-kEmVrqSR8qlE0AsZD-WMc7Q2Dh4QHoz1Rw-dg5-0U4FAEcLEowp_m51Kyh_aLZJiIZ8yLtdCKH-3nA516FK3pIKexWIx_g2rUeO1zSeumatYXsYG06dok3YRdGHzTv0eFL7U0LkOIhqw2ntWAmgak_VP35DOX00xaeIot95tL_P_xiGW3Aa6OhHF_O_FPEhVMw8Fbqx7Bd_MWtG02Y2ZiWJlOLBpCcFgOS1qaE-gvIUKHMph5DCoApQY5insA6Hu7nk3QP1m7dEJomRQnV-tyv7H1V25jUjtpsqvgRiScqLxtbAxnzaatNxUioETYHWpPiMJavI7rzJ0P13A6m-4K9l2SDQySC0AFsqzxjVIRP5FL-9nhyKeSehs6yyfKvKsTe7ZDyIb8VoCYb9SmkL_6JG42OpXkLI4ex884MfnnwbN6F31sPI2xexrIzHMhyo6qj_rNOKvEDjPfGIbhzDGijuFwhu9iHg8bAjZeIy7bqnTsHyDEc0raCwGWf4If-MA5lL7uKeHmq-k9W9rIde_-2QuQRwbcG65jMZzqmfHiMvNAJgDHcSWQzDRq1kNnH59LEW9afc9TQwqIBh__YFGcrR6aLT5iAP5hdfgugTngeQpMnyuDpPE7JgkHSkeODdbFzasz_YfZd1ut6vH5IQTDktQ97OFiDlQ==&pload=44
Domain
kneeansweras.com
URL
https://kneeansweras.com/dupa.gif?z=1541502&var=1541501&pb=586c9fa88c368e30110ae9853b524f961638555780&psp=WVPNE4iOLi98yDJbXIdhTAiADQecDSwP09xJajdpsJtBXXyh9IPdLsLaQQ7jbBPqhNF4O-twnnvmRc6n_lprdwUS9y869dCWzwQp3o4eR-sHrxuucMJjWdakoxWGTWivkwfy4xM6RIxpdxJn6DB5TJdbh88xr4CIjbGo-f-qMjwZa9azfnYN5RdblY8UJoTDvbdZVrxkmAueeW4eMZFK_3wkjbbCM6rBpJmtA86ynVJGYvv3TAQU23jc8u-QZPZQ8pjSQWjrJIjr3EwYjZshnajR6v6F0yhQnXexbpFvaxC-0FjJRXATmMKUd5Qb8D4C04evjOgfBvUVi_jsz8OQ4KBqKS2PDyHs3o4mmESYgw9SwopireaIKmu5_JZH0s-bZwtQiVB3jGsO76_qdDTfj9FOwjINU00ta38HHtlEOO80OMa48dy_CCoz6Jfhqkp82r1ZfKXN4URXv4hBVH4bCmg9CLrgltnVNcNbMj0hp12XUBX1eQPWGchZZvJzHI-t3EAiX_j1W3YRl7hlxVXN8FmgAnGbAN3Rm54p9LafbZ8x7L00hLvBfNTY8N1vS_3JpIRzOdpFpNuocSu1WOBdXitjHswCiK7X1RoFOkKG8RALpM73nOFtV30a8SFRKvDb-WypJgJfpIeSnKtMyzsU2-3TJ-rcJzhWTNV8kMWsgvRKZ48W51IFdA==&pload=43
Domain
kneeansweras.com
URL
https://kneeansweras.com/dupa.gif?z=1541501&var=1541502&pb=586c9fa88c368e30110ae9853b524f961638555780&psp=tWWBdfRfy3jvUT-1PCLrwBnVdXAKG4_-Z4eMdVEP_CLsKcYpovfZLssEiLA46T0EPiryZL07PjfQo2vCbXKoIr3LqqSRD6wODi4TsS41O58EJuV1Tkrhz9HcvMXN2o72B3zfKRI7SWf4OptxdBXPMf5WtixdGVfNumP59sq0sFWz2ymfmesMwmcBAHiFbaTg0SV1eWydiVQZPoNVajlCQa6_aN0c17OIXTv24PRPmpaJdPdBXYeJDqzGwzXdNY9_ANOD1qk4ZQo_WeWJyZD35KGZI84_4P6b6TsFLA0Tu7UDNeSnuUEIOdY5KEndInV5bpjSSK-rngm4ax-L6n3M1tcojYOdU6LI2cvl9xJsEyePwi7ml_hk8VgIwCbsqPcXCVeNDY_qu-JcLNPrd7LQnsNpsuvoSEuYuYCKFNjAHMqipqPVAlct3rFIAJ6hbCu7P-jWofqYg5XzkT2ZiQW1jpJB370-wHUslvZ-zb5BVISKE8TMmO5YQhnz55iG1BG1uoITV4H8n_0G_rcVkP176tGgRLYEenEyEzJGTuIIcCqONyRN3iS2nI3whpxUnpkHwZ6HnC0ciqyksQ-t6RuuPhBcudAw9sgorre3rD96U_xp2YsKz10FL-Lv84fjPl1c_09qgScXNDc6tOT9XKGqtqCLqqn3FfZ2lpA-cyDXaz6ltEJ6NVdbwg==&pload=49
Domain
kneeansweras.com
URL
https://kneeansweras.com/dupa.gif?z=1541502&var=1541501&pb=586c9fa88c368e30110ae9853b524f961638555780&psp=WtALLhfwF0Hi4NtnLTIDKUWrCREZQFz_C3SNrzoJGuOPZIsbeLQwJnpRDdyBPFGprRZJRp5CTXSxVbeoG9VD8bHlAy-H0lc_awbl80PWEYRvvZ47R8v5fUXbzo1tGEkqkhfTstC1yBwP7uOIkhqSZE2_1wHJhN9_uWM_RyH2xvhVzSPn52xKf9aWfsY92PQ2ZxRtpyj6lq0HerttGRKx-t6oZmFsMKikYgDu8aCW0WBFKtLuvWsxF3fSPSeY39On9C1jItV8U-GqFxYhbgMoPjR9HEBBvrJnrwVJWOmXNQm_TcCOZZgkTgep3rOkHbcAUhzuzdS2bJlUmgToz9xk5fozVha7ZLmJeJrij3I4Tuj4ZOCnuoJCHJN08-_U-Dp4-1SPC83Vm76-wQard2gQc-yPJWo4u1nwNyMKn258EmEyhPEm2iOpbd7oIyYeD__jbJXb59zIj6hqK43MmXuUGhD_bC2RVrxDIeBbLdPKVlrsTJ34TkpTilJNLznirMN7_87dWpagRHD951CbW7XCkuoAsinw_RLMto7vaAgwikO-pvT_XHA8Kk4meAy_orP8DPgCifCe-LtSSvr33o2b1TfC0n9xMmetAlqfkbAo0L_pywlCV08GEyfa0kNjJGVK5aWacHVmPeoyZXHrMxxHPiRwDRv3cFd2nr0Z1jitPLDRNcbZOQNLwg==&pload=45
Domain
kneeansweras.com
URL
https://kneeansweras.com/dupa.gif?z=1541501&var=1541502&pb=c7faa40d15ef954beccbc274315a1d5d1638555781&psp=2vd2HKYi-k4hFnbm0wOd9eJRO8QM_lzqAEueJmuTfkA_SseXH0NB8dIRHCmEjHn0y-TE91el5FM5-kFzwEu4ao5Y5qGF9k7f2C0ygVJ07loFQAa8vhPPED4_HLXyt_REoERGjek2ixECQOuxp_WUnT9OraQwjgS_1k4Kxx6pIMxq9xAodaDiUcevjgu02LRNDMHPN3_vPZxxLI-4c1ZHCzpEltL_mmww007HhEObCavisBEk6lG0aKnbye4BMUIWoE5PZqO1UVV3D8NlHxhymtQQfogZZTDyfKbSaZ61iS1DYED0t5_oa-p70EF2n6j9Hksl3XvO884ntzJ80xbcGT1DkpUqD51w4oc1E_SWCei0Xfk4ZezZVJM90bMcnPWqMCAH6dwjyq3k3F5Z-QVm_Tk4RH32_URZ-H4fccyMNrDIwjMNZt230FqvIOuX8pkFct4tJOAUNu1T_ji3Cpqz5NDSLdkQnUJ-He2uj1jnP8_6FhgF9x-taOrAEtHladqEZKYinqSCAW_4F-vqEpEeQcr9a39cfre0PrpfX1WAjnn-vwnw4OakmL2184p1PD3apcmZ6ldStdEjs_Tfl3FewuekeGB-UnqaTaz2V6csAIwb04U0398a71M4fOfnqsCm0t5wBFJYhM9566uQXM6xzvzfhfiDy0wRNUVhdl8xh43-wG7NodA3Rg==&pload=46
Domain
kneeansweras.com
URL
https://kneeansweras.com/dupa.gif?z=1541501&var=1541502&pb=c7faa40d15ef954beccbc274315a1d5d1638555781&psp=Js8GWnooecSY49zyODjabnPpJszlT74uluqutZH7FMqYDh9zWdwJFOqFmUvSaQC1Ij3RpetXUA4r-ywPPucPwpOGWS897FQ_52kwjYIbHznw7eLr0y6JcW0VHUgexQSo0AnUvCo9ms86o_ixRBtp61ewXO0Zi4XrS8maRmH-aJPkA6Y--6xkYJnMhsU8MB4_iOyaueZhF7CWeBfrDu2dZS1DWyu4Gd8Sf0sdNN3I1V176p-Y3ck8IMa-riRuQo7QAPFZBP46RXxJIF3m363yejfYJ217LmGsZfgbWAaKn0-_Z6jrxfTPg7o1656sQwaAuMu0CQFuB-NCGrWF9VZ39Pas8X2Rz1wRB12Js6wuFw6BaFgGpnL2FdCPmH9PLQPkVA8AN2fR4nNhWt3aqTQj3sXFjf8UT9jJ8tnutnv_WPI0R-EdXCfaEibK37IpLacHGhLuWLeu_sz8rmU9mHexDxnzzldz-fhWJoEaRebNAIDeiMchZQZ38pwvyqHWZ5qyO_JqlLaPfG1C06q9U1uPpHuIrBtO76cezzaH7sosBhZngogZMc8vvmDFcgL23m9wESH9nE18g9iAw84kg_s0ki2X_sVA6ZU-ZKBHrmr_rK4M__HDW6ZayrxHlxzR-hBdKoTuGmBChpjhRMARJ6wmiGz_CT6YANbDlQVD2mfzXLlLJv7b42p6IQ==&pload=43
Domain
kneeansweras.com
URL
https://kneeansweras.com/dupa.gif?z=1541502&var=1541501&pb=c7faa40d15ef954beccbc274315a1d5d1638555781&psp=uPsuUfQYxR2CbdJA64_0GqxsHlkFhUNaUK_2E60Y1kuHQnZyteuwMXD0mh_aAjXdWWrYoTSChGQ_KqB5_PW3zyHnsS5NuEgkXu3wJnMpQtTkUSIfXdvIejk_sH9OBapjdhmtTwwf9b-4AGlxDfHLFTV9E-i2uuIKC0vAHWRqIeJyWZprEugofya3DiyUM5CuB0gzPtDfb0i_ABIosSv_GoK3WmuEuYrFwKoO2PY4mBO9-rBfo9_9NDhrRQqvH5T3CXw22AoCo3AjSP4UReDhn9td8k6n8owr8ZmrMco1V_np618LH0atatsnGbi6MdFxoQ9I_XVMhAE2NRzhYpjCgpHum6t0_FE5pySV6bvJoymp866Esp8RIVfeTSEuXdCkWcgzz718BRinXAtUT4LK1b4hJ5wTJwoyXvtIIDrD3MQKSa_d78TY9Plhh6-ceSeoTFKvHzhmUK_LOFw5SDBtNHD4Av1-eYBYPf0Z9MNCkmnAz4tIIZHEXR6kDFS8TeH3L2xxlsoRTu-pa3aCFM6ZUFrQeyF1ztcV98CdJWOqZUNsiWXgG2AouheKzOTw-bKtgUA1oaX6swo8BZWP06S8W8U-OizM4Inw9DOWd1QFQ2YSHjN0kDhvLXZt_bmXmn6pu-Q5mFZbU58fZlBv6pJz9jWUuOoRJW_hg_bUiobXtnIdpc82eAn69A==&pload=46
Domain
kneeansweras.com
URL
https://kneeansweras.com/dupa.gif?z=1541501&var=1541502&pb=94861bd26ff71adbec89567b22a2ae001638555782&psp=k_yu6P112CFLw8qkVq3QhLQz_FXhtrVwPcz1QzNnoLqyBTZrJ_lX8pjll6zT4NNBy5I6mlMK0MPW-NDCbYKvuM0KPGbH_wyfjQHqQR4oYxbpxCh9of-E_VPLPXIIm-Eg4e6DwViWVxXIGJ3_VqB-AYopW3umvFiv99iKtwKJQwZ2mZ_KjKYp5cYHsKe5Y0uthXbluNlGTl5xHSEaEgCZvM_nL9tAKRYzRguLw0JdTa1rB6q-Yt1N3jdH4I0XcMjcdWld3oGlEGwB_oCxdMk2YO42mL12ofP2S01ow9GyQVxLa86_1R7v5RxoKP6QKJz03KPQGYKYWe2NfEQ48flINK3nz_ztJlDz9RjTmfMCoJ9H78Ke_T4Egz6cIsn-CibO8DnERfPL6ab5C_Gc1utGvFRUuygL_nD7BphMDHCx10n45rR4zzz1aQ1NNc0xw2NRNuW6PhNhyM58Kuf1cOuDmItPjf57w-cC3MS5qlZqwa7NHe23X8NGmVIhFBFC-YZj03v8PYrH_wqWzDABI8qTR3BhwdSkrnk7IJV8szE4hBbohyoUbPG9jtlE8AmfaW-hvTYS8RGPnqOXeGy2EgMWpIJH6eZuGmjTKd9Nhc1l49v71Q8Hkxo6ofYs0fi3Tj-gUqWO7IeWyUaS_YXhLErdkkVF5149bVDI3vqDxk_-1SS7HdFWbo862g==&pload=46
Domain
kneeansweras.com
URL
https://kneeansweras.com/dupa.gif?z=1541502&var=1541501&pb=94861bd26ff71adbec89567b22a2ae001638555782&psp=6s0NU5mAUhzfNyUCcjrwyaJ6zDCxcB-p8Nw4XzrQhC6EhoKRRYDr5NjZk32cmD6DGLP48yAMRoLAvsPMZACNXABfNYgv0sitlgTP-tvQ2r9U2Wh9nzZ4EzBTpNxnQSbwK9E3vTApmHPNWovazhrxGDNi36hRN9YYJXzaNll5S-_xYB2eeWTVLFwnL0WnZeHI7KggzqtMPhF4Au1_xMf-VUh4mVNenWuyeqgM0ztrRTb_3UgDLCvZqv4qglfXLoXHPHvwqGzykkOLKQ42wafWkAVGqai2db9ELwWUR3SuzWlMamgQsH9sVzp-1IO-hMH3BN-4XzRCrbar6DXx0KqGuNtQSPBv8MH0u_647bS8t3BFoT6RIfR7-ZGaj-RG7JLlymVNysjb5Uk7NudhWY4XsmOuuYe7-FW_M2W3o0vEEhDJOBAixLi4lZEt5f8Rad17GQi8jazpf0LmpHSIIxnhmzWVU9lGy5cbKfFxW_rvpDJ1Fsnm3GMVROIW7DeMFgRyBCPZE_37z8-TqfGC8bP9YnIuRKFccbHSM1CV0swVVwbnGokg6CXAl2Nwv5TLkmG36z2YVZ3sPqOTZtrH1TRBzAlvOtpH-SNuN9yRVaXlVY8ps2t5I127lsnSd-rCKypguEJhkGNlA1THpM6mP74GLMwhHlJe8rp-iaKaK_PZbOZqdDr8SqVFyw==&pload=56
Domain
kneeansweras.com
URL
https://kneeansweras.com/dupa.gif?z=1541501&var=1541502&pb=94861bd26ff71adbec89567b22a2ae001638555782&psp=pt3KNwBUFa6Oyfvm0fxENSVQPhJmN997GzCkDl1udnWh4QoI53szgWs3hTZUCflCln-nzW82h4n21CwxQaB4r1K_otSXWSM9N4sil4PAsmgrKxEbJtobuKTsRLGIdIoLDdRdlH-5XxqCVFweb1ayZPMCp5n-OzJAa5KNSTnuJODM9tfBk8q-tIGbKvcrdh1pDq_gefh8Zsl_tkTDgByOu34wr8xDU8STInEuJaHJGUKo7ovFkQqYO2jMvevsVqMZHlcfL6CYxSvIOBJminB9DZjYZvAh0h1siYzF3EVkRxmKifbD2dEqNW7F1-2AhYSOjn3i5h43nf5GyzpCIFLBVQ4QqF35Iy31LTchEbiiWGbAB-5HnO673NVVFdfslo937kBYCzb310vUkYf_fTNsQ4p6ApLIiXbYfwzXFksSNGp9D6-j-D6GRV9ZQXkQ3-NTfrLztKwKc7eSdof97fx4-DO7aZuYtmukLWi6whQEmfeDqbXfgtfVq3qM1wRgYeKHkazgkTeu3ToTxcnvlfqTyX8BfrqIRXssPH0OQIprM8c66jQz5Wb0V3JZ3LfSx2k63DjPK3-arAi76tgnOYWQKVNUGhAryE_4LD9m-0qkBEc1Hpb-4jfJmlW3x_aIkRAFDfg0Zl8ERzq3Rd2ydRe7VzN1nN354etgoC-TyAX_4MkS30CyLfszOA==&pload=43
Domain
kneeansweras.com
URL
https://kneeansweras.com/dupa.gif?z=1541502&var=1541501&pb=94861bd26ff71adbec89567b22a2ae001638555782&psp=wKhOcQ3gx3o5z5yCd_7OJEPxSXktahZWhpewpxzgxF7XoJLkuTKuHbAdc6nm4SoL_VVgz3nVxCzovnzrK5zdv8L1z6br2xSmWyDz1d4dxj0nwFpClM0So2wUdixrcJ6BWqi31uKg9m5V7p-faF44pLTj_txy-Ygf7X4AQgcn9tFqGKMtWiC2WxBOLN0axZXyQpKon2mne0jx9dRHE6CwOqeq8q_tvteRDosL9jHnlFS6BsjE0CeUalExd1UWPi86kcwdcDeBXPar5yZKXs9b_FvBjRZWFrvYh_jk3nRe0vmjPR-tVFtAFSi9rULF38TBxyno75wqcL2ldmIuDSYRIA7W7YsQZp237iqkMXc9qRG_Xik7A3-kLiUJBNfvdVnl_9Ik_p1zPK5G5GI7naww1z0LR3a7HEmEgSuWUbjmvvueKSIfc1V5R9lQHYRZPbLujLQi_m4c3RhpZBvjJ99XsKfGujBq-A61Fqfeug3j0aEXOV6qHNSxwu4lYoJcO7WAOFIn_ht3Sn9FtePDQ1JBMf_tw6mPdt1ZOch1RcRHZcalXomU1hNAqQwoUfIzyapaJ6c83OYqBiXSoT5BkOtxCKeDeZj1rgYUGLLDxXeXjB1VHe4jqLrAt8AVoOK7kD1kQKbZmTtv02LJiLBAcasig4QQvcB1wGJzwuFlavDV6mFZXlk4wuMXbw==&pload=45
Domain
kneeansweras.com
URL
https://kneeansweras.com/dupa.gif?z=1541501&var=1541502&pb=94861bd26ff71adbec89567b22a2ae001638555782&psp=bnJBKxvAA-u7gtwOaoZMYbAlzVnfJmaIYbToicPfwGaRmC6TnCXWz07HTiUTj9c5VacTIKKKXHw0OmD4TO593tQSiclrbSiSfyZ_upr1O2cF5ax04phjlfd7aTnsJ-6i04VR2j0Etum1fl6ScylYzvbFSokevm6FCzw36AOFofMlS1E-TLkkPEVvj5lePpZNZz8FMsRh82KCJVkX4DaNnKC2BUPqMfleGstpWLYSwgr9jO6jNKDFJm4FVOeG9-4JC9b6OZScdIKvs9J9-zkp9qYxDkWBcIT7ENqbURD8Wg3LbL3MPCkg_w07SV2tQNiReJ4phA6prrxbw7SZ_QHRwwxO9njo60bMH2Jd3fhW7gNuFwSXGeSfRJ0E7kxNEy6ji9afXT4UoACfZMukXrLg9v-65Cy0rOmir9EYrD3xuKtRbGS6TpoQBgBxTIBE2KGy7aLuS80iR_X42MOp-IWACDN7Z9JffQQdrTZ0kTfcRyAo5aasWkVnCKpSTmfOjItHR6CZtCghg86E_4d2ZEB9z_umVnZucOA8wE68oPbsQ2AfjAs0alMx95lU9cFe82pCRa0vTv035-alFP84M1Y9SRklB47g_dfz3BtMihB9PxGjsFGpRAOBj0XToc_yhKO0NXFe7EZnYGyB4oYlC8yNPMMKM3YoP4XrmsXPIig5RG0i59FvHWEJsw==&pload=44
Domain
kneeansweras.com
URL
https://kneeansweras.com/dupa.gif?z=1541502&var=1541501&pb=b9b2a3a0d6aeb2daea54738224aa55171638555783&psp=yATzeP6SECtGDHnhlokFj0n8cxTtWr25gjXZ-q2o6KBI3EY5pIMAjrTXrRgfuvuIwI_DpPyj_rDlZqWWc7o_dR_yWUvZS-sssCrAReN5q4IejGFgEjrurEo7Jif6u2uFQ-9j8EhivnlSpRqrJkHgbVygEon0LoA-ccNcF8pOhyR4F6GNHGgfjoZLlbPucKQ-k5OktIItMK6vA5oSSlrXis8wINuMY3Tya-u90duAYpjzM6HurfQ7LWw5bOezroXfsZfZFTjmXcF7_C9wfevfT0qa8PWaTKE6jyNIBLeeLBGxk64mAX5r4hSEvX4eqT5LjSZTGsrU2d2v1jc0Ta5CuUZDD28Avsi4lL9k2vyQpEM0r3xTYG9Ke4Q997W_a8p0aOSZ2jYaKJuWmDCEBmcLxEZjIpsfw2m2YzpXW0eEHgNaAgsfROWCuX6HeIPpDNfrjlb-sD1jmVQ-fuVqW8fF6rkPFdMXHRh9hIct0vSQAocMHp9I7Nb6j0BbhSuGbvOfYKXV2VhTS2J4DVBKUgSKYAlAp3QLa38adMfTkd5yK0izktZh5vY1LWm3dphKezWxj85vg5cp33KB3YTzgaUXFEtxsnN8B_66Ixqff7KfVtXKE9umsyYGCUc3pcVkOarGlDtVI7tW15cOdHHFsKhCj6BijQzswdKuECqcjnG7dHbhJMtg76d-LQ==&pload=45
Domain
kneeansweras.com
URL
https://kneeansweras.com/dupa.gif?z=1541501&var=1541502&pb=b9b2a3a0d6aeb2daea54738224aa55171638555783&psp=_YSD4thseUvIhH6Hl6bH2vf0jYC_eu1pbDB4EPnvWGYWdEg3mnX3Y-gs6u1VrCcH8P2KNHE8T0OKpWrtStFdZuFe-H9bQ8ZU2QwYHV5oNWVhby8zzH-Rz4XeEKbj6nHCo9d9zZq0SxT0WTEBWCDBNhJ9MueomESTxBCWlcGs2uRUxmARamDAT1OsqrajzY8gQYS32rhe10fedcWcDfjtwDmHXUL7XxEcuDjwnRCw9sDAQDEJ23Zr_knihsZ-ITqd91zpIPHPWS9DCFD2t2MiJ4oFw0u2tVTpH--fX_ii80Y-ErpYay2Fkg6cDe9l-OcvkrtBXCLUm50bdLgzxCyJ3L-85Q3pUpZoaXm65rT9GNCgt-Tt8W-OKuWURqSRiZ0LI4Tfc8YtrDO9I4F_VQE4fP0ufwuaXgo58YhKYBYxU6iMVV2ud64zWb946teRfxFhbs6i6c-5mWjHcJqthHZl4hBbeiaJjU6JgMMNOwldbmLKl18MV6wzNM61WGF4LjoJQuIGX1Z_NMsfzL9X-bZJoupHgt8x5bY5QUYP8a1GNA-qm-xZKU0ZIjHYNkL0r7PsSJzGPPFntGJXiDlLPKDZu8825R2h6HBGwYwlVk-PQj7wsttsqtQfcZsbYn5xejdlPsO4ca2e--mOwt80pHseAoD6foyoUWeaJOdFssqOrlW87r97uuii1Q==&pload=45
Domain
123.selornews.com
URL
https://123.selornews.com/dannig/common-player-arrow/img/icon2.png
Domain
123.selornews.com
URL
https://123.selornews.com/dannig/common-player-arrow/img/icon3.png
Domain
123.selornews.com
URL
https://123.selornews.com/dannig/common-player-arrow/img/icon4.png
Domain
123.selornews.com
URL
https://123.selornews.com/dannig/common-player-arrow/img/icon5.png
Domain
123.selornews.com
URL
https://123.selornews.com/dannig/common-player-arrow/img/icon7.png
Domain
123.selornews.com
URL
https://123.selornews.com/dannig/common-player-arrow/img/icon8.png
Domain
kneeansweras.com
URL
https://kneeansweras.com/dupa.gif?z=1541502&var=1541501&pb=b9b2a3a0d6aeb2daea54738224aa55171638555783&psp=Yy0QahBVxiyQtAtqiUnVR8S-WaREutFVpK43c8GvzHkrq59j4QZvSajMGLHhu7ghb26UNcSKAejN79n9trvxuEFZQR1UNEI9LijCMazxf1EHZaEBcs6xTwt8R26G3USzk6KOtgL9VbicFuLEGGM1UT-VYTDD0MqGJ6spMAxqIWuwO9KAexLgVJOegsi0DHYBMFfKD7GSsRgb6ZhEUi_1K4Qfvh0H7USFPPsqlJrPdv4RC3zz53A5cBvqf3d_E7ZrrFCwUDXCkiV3yu4cnpz5pBnrj9M0x8c6NLhuYnualptnWB_S2gReaYS_wmtV1Yr2j2C0hXMWKwCiX9Cz9iY_AU2pVy-TF5REovyNnCwiNZWkknIniJ1-Fe65CxwpzB1g3U1CMvLOIJzzABNPf8WrLrfYCm8Dtjm9GEVsrib-Wuv1Qr8-MJyQvIkBBoEzuDGPpe-ZgtyUUpynnKRVM0eRS-yirGVwnPL2KT5-8k8LqXw0X--Ad3hjq53B7C1yQE4utkvl_DHUPAwcec0-J_EDYpSCFFAcbTe7WWyy8A3usH8HsPArgnFPrXbDtTFW0sFi2CwcwYPaLipEvxL8a-RgCZOwDWenROGNd4LrI5M5AgYrprhMtTqGL1MM2G-swZbz5qxoRj6kvApuIArVDqPqOY4tmlCstVQZywq3rMEkDLICGcDBXNCQdQ==&pload=58
Domain
kneeansweras.com
URL
https://kneeansweras.com/dupa.gif?z=1541501&var=1541502&pb=99d2679fdbee7ed704946d37ec67e0291638555784&psp=hzUJgqA7ebO_caOU9XWMz4tYDCJs2bhqkCFNs4BmOoHaWw8SwLgmsNx_WlwGKmcZlXfBxbYItP8zbR6ItOTZ3OJIu5nqjZyuPMu094DQn1xRPfFP8EXlDDPr4Ig4E9Q4TdOzpjMWM_dIyYBS08QQGc-neqjkuqaYmzOE2FOFsKqBYIYeHwk50o-ejWl8wxaj_4zd6mMilosfjLgTAOCzDtbgx08M2pgmZK3VYlHJu7bPhJTjeCNfSbMofW-ND2TCVtACYBniEAyFUjQ2cR7k8GLe9ejBv2RuVcQGh1zhWIxha8_T4Wtej5PbRecw-dyUgw9eL07jQEU2XdPz67FBXY5eyzHFfnJ9dhSc1TrjOApwGNoFomtc3Sbb7tDyHaZzEDa7Q2OYOt5GrwHo4WcIDAt7z604BTd8Vn0akLaA3YJJAeCsqKZzdN31PqnpYKwhezgF2ZUV4Oligtp_qmOu1L3JAPg_8dwOKaUSekPUwQfXPDPfCpwvrk6oNwe_1N9nF5dMpd8XW5xOdccdKLqH6Cp-Q1w51gI9tOhGshbuDjgtIOJU0GPxBqAsARVbtXCPwon10BgnzF1hBm1Ht-V9-nl-72WwKz7ypx_RYblDb21HBEb1h1kpQFHhSasoSDllTfOay6UFxJFLkuyNEG3pRIw_cjC996va0FHXxl9mIZsJx5LS3hALVw==&pload=59
Domain
kneeansweras.com
URL
https://kneeansweras.com/dupa.gif?z=1541502&var=1541501&pb=99d2679fdbee7ed704946d37ec67e0291638555784&psp=9RjfZzpEHGv4vG2laqKlKQMjQs-S11pAoVVNOIBcx7n4N3JmROMTeQ14lAaUVaoIgJF5Znh_FDYVrC1LU3jg7aD3z51SEowHUIrui7T8xPZciGXXmQO0A6Rw9CthoGFwSyilGEdwwNewy_Tlw9hpR-wiSukt46jZZ1Gc8QHO-QKLGo2fSSrufbeERk84MiMw2HKEptRVpG1Ta0fIbs1-nkw9MiWvysKAk4Kqqyh7Q5zJ8UWP9zGHA0nRvm7Nuqvim2qeO3VJJsa6h1E3hDs79eMJhUzFLCF2INte3bpFzKOcwVSzXgryLyObX_IupnxoXNGpaTEgfbdwGwzTdzBOmFHfHBcGPqHCc-Vfke4gh9_JhbsH5YbxDusnvFWb3Y26rocrmVXjbMY0Ez7viQRvAufuMs_aqdYEOGFTpHqeo_HiIBhwM9plwba_fzEhfk_mV2pUOUSDs0jZ4jjxPXeCA_EKffcH6Q88iCgr95PjCX5uBSBvTir3Z7se1uQyioHDRWoZYO76L-b3Ur6sZTOo7MOIcGdX7fBaKF2GzXzsOg7mkeqXyrF_NtIEORRWBH44Z8rwXwUS_mMR56Kv0ATbaV5CVdGYEISI0BxqOQgdBTG_mLPTcURQkScToUpGIyRtKnPOeM6KbPSZfCKj8amvE6CvX9O6PbuFdMOWfN5KvbBj0nlqoAkMKg==&pload=47
Domain
kneeansweras.com
URL
https://kneeansweras.com/dupa.gif?z=1541501&var=1541502&pb=99d2679fdbee7ed704946d37ec67e0291638555784&psp=oqaYyTGYw10A-qrQqFWWi45yWWcBGA9GilfOWlFUOfgeJ7mRqo0berbqwpHrOVGuvaVRkkd5lowt85SPBsQdZml_Sqy3ZtTRn8p1rEIg-OoiKZQUm9y3ZpxEOvO0kgQLcMOlB8OXD7TH0x_PWkApvNT4UMemsNwxEwMFq5hxU8i1OZGqaqAgykUH88rJSsXnFnVwBToOXxrKE8izB5i94Ta4amMWNJJ5135oZZtI5Qf5EmbZSuHTkSUMP5QqBAbI9rw7_IIshiO1Zbgl2wsrKJsun7mMsuu3N8si9UC8Alrno7JiLJiuJ4GCCEjwxHCTrjXT6Y0wwrNsVsB1IKg7uIS_SYOasK3fYG3fd-mY166NWmjPO5u44t7Ij5jjHCkTdMTP8B9XR1sWe-ChUov-JvDGtaWIEqUVIlOD4iOQtjTHp1sV236aUsp7H3e3qc7y3_8xnxbyWZLiuGwroYQ0JvYHrBYRrRqPHvLeTW6t3DfAbPUo8L4ekIXpWztzQpiAiY0lFD9LONY2zR83OO1ZVUdJ4pmSxbw-K0SSms9O_DCCG_MhoPKYvO9z1B6jhVUe1Q1NIO2YZKAa2KEXdcTuDNSM5DOck4Zs7ob8svPErB2HNMzaqjxREb33aVELTqeaegdsp-l-_UiCxPaQ0ypHv9a2ItF8MFKh4YvkJ88kjZ08epEkA4x4JA==&pload=55
Domain
kneeansweras.com
URL
https://kneeansweras.com/dupa.gif?z=1541502&var=1541501&pb=99d2679fdbee7ed704946d37ec67e0291638555784&psp=AULdnCs45UrvKwufB2fsulnTN3yFBsmETyR0SJCsURqEPu3oo--fcrXQ5gfgUealryDyLdd7ciSwCqlYUhUGcQRc1bpxHU1Y7Bmo3dP4AcDd38X-ELWpgez_YJ_uunkec3rOAkrF7PxG3Kn_6qlJLRSLV1FmP1nU9CuJmQbJ-Q1S1H8PGfPl8-XsfkKhuWHNJGHMk9xntCh8gAX_6VBfX8IZQNcJ5_P4aHMq8KEgfSiQkHMOVSQhK9PQ85v69jmy55m6MhXyyNIXiAbjwXXwEo-WexvVu9wi2zUdlnY6_vLJGO__F5pONPDvfOS9R82c4EOJbNvU74LyBgprptuHzIaa-90qqVEDn5M0pt7G7TYMadBN2Lng6K5h4wbss0Q9-Th70BtOCfKeK1N0aJep82Z_1IHkCum1rc___EDR6ZNBV7s8a69c6tT-Tjy0CaWRHglAimCCT0shEm_eQ741o12wIlHCdaqJkfPH3jsSsAA04MlRDn2FjF7r0oP0rTe6z2z-vEr0uFbZEh7Vzf7QaYJIKkNHkoMKmALw127rKTByzdg-aZ_t1fPW_7DHGwswwVqWBf4X8McWzNrA69j23-VqPcJOQf1OzvbUJ2YVfViaRknN6qxXRukhOm8h04S2XbiXPHQLg4Nxis6h8vpFTmgFMNp2gDcpvDtWvdz8IUezjyJ-rOHxLA==&pload=46
Domain
kneeansweras.com
URL
https://kneeansweras.com/dupa.gif?z=1541501&var=1541502&pb=99d2679fdbee7ed704946d37ec67e0291638555784&psp=WZxeMFBNdWJQTWC41_HAE5rjvAzAXtPBY0MFxlpk3sCMzLik_0HMGDlXny1GQM92nsyJ4j3JZ_g_tom9vhUDGmm1Aeih78jEExTI678jJZx28CtSvdBEZTZuWfW6IGUYMjp4IrSMto3uQAJNmqYg4vMpKI8homZxSXJUGgIr53M7J7ZywcKeqKE1qDff_sXokBxK7-f6Wlae5iKLZMqKKV01wixayZIk06WACUirTojFjza3E6GjVASofosd2wm7wE4z3yChkTaCX-fwieQMFAYQ9kLIO6nJtLymsnh1GLa7pGaqFBfJXq9wxewBXcDynWUUyG_Gp7iNskwavXlntpwvUvHaYji256GOKMcm3cQVBksKQeGWN4wi9NoN5sK_EhF7aIyQ4T5yRpKOvc8jLfELvweQBvWXJsTeK-a-8VyjHqfaYXOlSp6llateLRXoP1LuDePD-TBotfKvgsSp9fKkKMm_XXWN1-C4NH-Pre1noMD2xxwhGyZisbFSoDKKn456gW3yW_dITzwL06WWqqkrHGK3TwdSfwSOOuI8CHWB9JYj51PpQqOdj6Hr7Fymtmkfr9F_qnU9VNTySkrRspAw7H2h3Y6Y6Q8rd0J94X5qDZ_r1OB97DMdRHB9h6_yYkGmdJcv-6K5yKvrgJx2LksVwcvbyOnCh9tvVYiBHVpooiU45OdiUg==&pload=46
Domain
kneeansweras.com
URL
https://kneeansweras.com/dupa.gif?z=1541502&var=1541501&pb=c5e7174345369ec4eb0115ed8811fdc11638555785&psp=4IirRo0dQ77spXeZatoU5fiN3A-3RXVkQDZg1KIY-7TNQBmozu1CkxkzrPYxhf3vurgcE4ySXdocD28qYKzmU3EHL5sE_OMsFXgEwX9gxuSWzzIBrM1YqC5znrGPawATSUq5b__9LScakMnOLoGxk53nyfEHAc81b0iwrLmspgTGK0KPfvLVDmv7PX2UEM8YVD2w2DdcUeWnUIV1jlioeZ6R9YCfYYIW7sx1NGlssRuiWKoax8n46KbCBgfE5MVROHTiY_A3Jpnlo9HlG5eEEz1aNFBeXdUkvGVdUH08E84naOoe7yR96zwssrpZ8uM3eE4cpUEs3Y9B-EgOKUHmD3KCmAw6bYtmHcM08wenZpsO1ZfS7PZwpTVob2Ypn7K5ejc0yAPH42CjBqtyizWsjSpZKnjahHbQe3bHoNxgjrKGtkcPmn1FkwX6uu6aR556gXFzQOO_OBgxaWtYsfBwDODDNcZ8DGrPEffx3pETZzu49SGTt3scrR5GvbsCedA0anCP-hzbSzlMFEk1a07oH2e7_LI9PnQA3a0VnnJ_Lh8v7tP-Y_UHphRZn2IjiyTVk_8CEVACKDHWB1dFDLJl0zEdXKD-YRs8QJmOFZGOXHoSqeOBiCBV6zbAWRvO_JltwbmeymRC3Q4HvbT9S9FGcJUs9SU-cK311lWlXElb_lOGd90YBGwtig==&pload=44
Domain
kneeansweras.com
URL
https://kneeansweras.com/dupa.gif?z=1541501&var=1541502&pb=c5e7174345369ec4eb0115ed8811fdc11638555785&psp=T6Z4cAxqeh8yBagRKSzOMT_dAPFjd_6gHrjYbBKxgC9CrWfBbdLo37RTtB2AmSdxoAPlyNH7CoIv7krxv3o1j51TxKF3gwKvLX8HdTCtsVu1SPwblwLafG-RggXGRtH0JE_0Cv9bad0TRDzkqhWpvExBF12iAOSLqHAbmSN6e267MUwEUA1lOBYW0QWBNkqhrUZY9MmVrkzn7PxwGExmf-N6xHnByiN4laDx-VYliM2y1giH6Gq2q5SgxnSrJZ4VEaBcCNkRaeV5oK2ImA4fCJqHcBoklvRJsvtvbmOiM5xGkEL2cVzVcXUSX0yTizWl5Z_CLUrkBTncqJmDwuE_72jvLwRktdzQ9VXMOPdKmZzoX-53_Zg9tJZ6RAsKRHuoxEE9RgWj_gyyamo0tlTmzWNlNdcqiqAM1PSt7F4m4I7Y-6aAwf8UIhr_yC_QY71dTHcI8Rgwin3NZwmz5GdKl7Qy_aPQW7_u7aUIZXx7fcKucMIm6aq3RHIxA43jnE1SDUhV-P0W3AHZCuI3XB4B_Lu0oTmqtQTWEF526HTbhkVqzWS-YgEyRb2ljV7BQpxtZPGK8rcdAyE95MaudsBe_CvooRGPWAqqKCTG1FDFpk4X321CLGE3DGnOIk8AoomDbuSzZ2BQUwXcKhLCfNyi26l3tqtx40syyP5pNnhKhswIhIgpiafHRA==&pload=51
Domain
kneeansweras.com
URL
https://kneeansweras.com/dupa.gif?z=1541502&var=1541501&pb=c5e7174345369ec4eb0115ed8811fdc11638555785&psp=ukwDyDTm1i51_TGybBOEshW8QBf_CFezPOyupnJMa3yc7fvihFRci9r4GkF8LLyfE9Ml6E11d7wGGijUxzgyz_7amkkwVvUkbhAw2R6DCOAEF5eZDLYGc12lyw8X7NreW901SJwze3-ut1a5_AmRBOVtJGNPDenaOMR8bQXOT4gRuc84VEAGv993lKC7W_xabZUydn_edh0B07dRcfcpjDRlLLJtt2cDZzGkO8xhcQYf0I0_JHip_h77hqjyjF6t28YlbGrizaWVPyfyXJX212ssPnbrkuUWQArm9eLkSMcIZl1Bni7mX25AsmLnl6rzs7P7kKqiEb-78U_a--T5DY5BVHzoGlx2wFP98B_EPW1gKdr7iowkxltroDI00nZBKonU8CM4KskXZxjowjpObDjarfDpaW632_7CQt23jDBl8-XaInz8GPjkerrGjevnqPv8IdrE9wRs5B_lvd2R9DaPp2TieQZD35iitxU9EQrJujVW5ckbVLlLY-QK3iC3dOa3eXYyyJJ9wFaoXkH-HRyQ9l2_Fya3VpgPMJRJ_uzdtyxgcS7lMOALttfVdSsomQJwoPDZlgQD3TsRqhI2dI8Ll7otl7sw0BFsKGsvs822gmJrJOL0Ovdu1O9HDCmG9syNyrpiEdp4krMdbF63c1gbuAYi6Uadix95idX9ZrbCIbv06dTRTg==&pload=52
Domain
kneeansweras.com
URL
https://kneeansweras.com/dupa.gif?z=1541501&var=1541502&pb=c5e7174345369ec4eb0115ed8811fdc11638555785&psp=E_HPHFnemVJeSRVGzaGeS6BzYNiFFqi_c3BUBD9b49UUt3M9ZL91-gFadbSU9N7QW13H6XLF_unOzH8GtuOmMVXatbcNegSizEjKvLv1W5o4O_nGjEToCrSNv6_JUW0kDge22ecPuZ0nxOrl5E19sNNaWZJK--ZuONVn6cGdNrTjfioY1N4U3xUEIJADrGZsfQySlN0x-H7Zr9lh8uXt-V7fIE0mmyZdaipGqxBB3bkSxmyskhtKAQg1v9eJwmvF9bZKUjGXq2zGnapcqeV4bUECXdMQZtFY8zN1WDv871emXSIRSHiYQYoSS0Lh9t2los437XTlVLwA0m2Rme-DdzSPUHdhXDdDPHuGX5p49rT6IFuxBD9rjgU8etq30mFjJQ22gMSWi_rUPimtTWgHErW9SiYjBrqI9Y9FOajLpaYgra032bVmq39O93ecQNl0MRnFHYb8VJMTITVn21qz_ag2tuXb9U-P881Ke6oTh39YgdDAdTy03IFfIAqYWZgVkGpnfo2lxFwWYNx2iel9XCHJMrm1wt_CU-fuIjgxljTGA6969Dwc6iLEfDRgVEIO6-A8C0TBiWnOL4b6l-AzzcMBRSoRbRER5QZueE6ZO5O0G0K0XVYTnVKn5rDopjGWwcvwKtgDZUNlsMv6saLS6G5k_82JVHkvnSVO2-OgE90xyGTi1qGpuQ==&pload=44
Domain
kneeansweras.com
URL
https://kneeansweras.com/dupa.gif?z=1541502&var=1541501&pb=8972fe0676f5560ae3c24b137e758cd91638555786&psp=_g0CjzrxsNBMcyVos0SIl62Jzm7oHDAgpvma4peAv2qiOaL255_8o9PB1tYh-idORsrelXeaBDznRuE4HUWUs5TI1QseD28Vv5krtxIYquzl3UdYzNZPGLY0QMDP0oAEOEjGw6ly1z-JOQwMIDWJezPCy5MHpxFEn9kGPu1_w60wdt4oC_T3eA_c1IMR2WRxQAeV_df7BePlxU3j_RdyxUQSViXrGSzud3TDcasJmd-CD0D1s59Nn618rX9Lt3x3MuNW_hd4OEl-0WeSCYHbLj2dWlwdG5n8Py-P80vxC8tjxZe-hHVxQAmGiIf5BTkPwXmr2SnCUp5tS0tifQsinQuim79N7-hsWDBnOWl32KXaW4Opz0u1i6Br99-GsEwoMV5GlwsoTCjKX7DfCX15v2GjLuKHgSB621Zklh0eW5ylEMSCIDj8zhLtaAUIXigjMjhD1Bqn_YdeELoKFsrn2xJZUL7MX7TRmv2D3Y4NUV-D49TpTwLwkyaKwMNdWoPsKchpQs24RddSlw6WZjdqSmvptmyLA9RXLvL2zNBUyRCtELOqKyaDY52vwyYKGNEExMUhMqQV8ojscgXBtX0j3XvFPNYv5WzcvjusyP-0tl9IpxLA_JmYDvyuU85XsHXtH9y1JyVMd9fbPJ6As-AyV3U2m8-lgm50BwX-CMy-VGh5Z-tn_83Psw==&pload=45
Domain
kneeansweras.com
URL
https://kneeansweras.com/dupa.gif?z=1541501&var=1541502&pb=8972fe0676f5560ae3c24b137e758cd91638555786&psp=T2us53jSN2cMiW0ED32HCy_vkr4fnW7MSOAxh6qVVhoVlSg1efvpNsLYBP7gy02oLSVTKVFisseMI3yLDaxBkuVWJ1wVqZiVzn5lJm2eZB8FSFfgs4blbXZBGe92xntceDDV2vMTSYnnTOeAvQnDlQ-24o_akZHGlf7_pt1PbrZIQbBluGDUICC-OfOx9MoK6PCskepEFUJRCO-2UJDhMxIh9IdjJidfCzDyaeURI8bmDTSiaPCjkb09YJLmx1zr21NFxvXsYk1l2lHNPzhxaTxmXNHFoyvIM-C9ilmZWAVn10R53xHeNe_hE5ow4u5Ffh9Am7S2J3IhPgVAZFlSdLAaNac8LV4qVd5d4_tKGDaZholGxqq34znFCoqNhFstXq66qodTq7PbOoVM8IoWa0oenwGiNo5ZEvM4dNS_HrBPHKiuE0G2qHui7Sx4f3GadActMwjXynunk8sISrQTDhd01PCzbiSbdr2U17q6WxrGF6R_1Xw_xkV5cC1oxjkdCb3sSGCSm66tCZtEjcW_SeymW-XuY2hQ7tcQmPHWFGrYtbmJ9J82gqgKyK-NYl11pYFYejkBct9T-QxxsgrKszF6VP_33yMGQpyLaHjcK7QFpT57-3M-LBr3G0M9dj6TYaIcRbrzpcjS5xpoic_t5sN03Gz3dgpe1rL8W98KgcKlTfXllQFzNg==&pload=48
Domain
kneeansweras.com
URL
https://kneeansweras.com/dupa.gif?z=1541502&var=1541501&pb=8972fe0676f5560ae3c24b137e758cd91638555786&psp=9ui9DZxdO1DeIF8xO9YiBL3gLGVoz6J-PpgRVtDKEjQOOgKYMOea6LeS9dzejivGlyOockcaTnep6PgxGJT-oKTcFN9asOaZ19Q7e7qiLXa3Ktg4_G8cc0MjqesWm717Y2yC28P51DQo0qp9FpB91Ajmid5ZhD8WJ5IYjngU9J4QqwcmHxQ637jBHKHDnKEcg1Rdu8cx23UnXhgGqCn2pgqM1sBW_eUcpjsin9i9gjg2Q8gSdO1o-TGDZts7QHF6Uze5aT1lKpEcq5kSAI5uURXwsGZMqOVy32ZnpLcDuQcrCIEAu14-aV7lbsy9UBdjN4T68iB1BI1sQLK9WUY8v10kGV46lqFO2ESEUgE3JuFx8rup70FNYIMCUIZ1oSteNVfy7K3Ds_p2gRBRdRGVsijnVTXQ2_uvOL69isKgGAHblZ4OelbGwBANi9J88ZhkIucUHbPMBsMsueKOZSMZn1s0ulOebyRN_X8y-AmGVI9j4vae6Pze2nAK64WYJ7j1kzYGfscEKshUmDu3Sj6nsiyQfzNPONGE9Fh8YU2aWdVq9Z6LILhsESCyYVAsARvzY4Sl8jopSnDzG2nxUCxBYDShLshpWukx8-3HM49IBhb67nHkn-n_3gTFcprXYJoOC7ZZAEfG2QTBAWHeTDWsI__dIoRX_t9UJhAfPWYGr2ZXZHEqBa6MQA==&pload=49
Domain
kneeansweras.com
URL
https://kneeansweras.com/dupa.gif?z=1541501&var=1541502&pb=8972fe0676f5560ae3c24b137e758cd91638555786&psp=3o17rcs7YKKHqDPSOczDSP1_hWdm3e8vIq98Kt2c9YMfoxsXnLnQAIAZRTbtcoVczMyci-MUG2euU0NrLwawpIL8VhotGWfYCTrTleiWfX7LkZd9NzUMMCIfIEIg-c9dDLKa5yGoKjIzTOyBBu1GNd2K4yN5PhXPDF9F68mFkGD97kLIxHz-Tcm1G5EXzbBBpS6H_ttyGCKZml5wpvqHvsK0lhMdknLOmfJdgz0O-SXkl3QboVLBCK3eYXlpKN-YZkaXg3XVwr1kaHm1ipUaZKKxPbZ3J8BbQ7IZmmuhcPV7QTLnM-EGSG275Hjc2nKtGo_-mYBwbNlZRXSOeCnSIY92VMMCB6_Og0J665ME2SOEZ0qTOekTXEvp9HwEsqWtVApPe3TpgcTR-DwExv1Ezf1iEY1gj1MSGbvx1pE0eqcExWI8n9fx2d5cnspJeHlSTapIbLvL-uJhb_h3yI9FO2_RHyaCWI1wlruI_wuNWue0HiLqybw9keyRX8BQUHvwFGw-ogFWln2CBSa6tWvg7nuy1IKObmzezfAA2tbRb6KnU_LjmxsrGhl2kYj_nybjxeGek3m1uuSd3k3EN3aVNwovDwBa1XvajXcE-Yhu4PrAnYmn95MbiT9Oxrc_4Fk0yXlQebd0cvuJyJHfddIL2u0CSwuWN4nj-iwJ73dbBPWpAIBTpf8OcQ==&pload=46
Domain
kneeansweras.com
URL
https://kneeansweras.com/dupa.gif?z=1541502&var=1541501&pb=8972fe0676f5560ae3c24b137e758cd91638555786&psp=HXIbNzsGgmObCPfYKipgAyXHsJpzwDSQVnOrDCxkaBJNyIPyDzPaSFqMJzpWewklh4StWrYmZ17QWVm3FYH2kQXnFPhnSBNPROWk2V4BHtyl0s0TJYnXZSqopL_IlFFP89ye1KvKCGl3JP2--9KVqqgd_X0VCgbRvLVL2HZ53uUjoRWU_gL_1jr2aulKaOvyQApY0dTv766vMbPwhzYJ59ymZbfzexd4g47LSmCxgAkVCUVdQ7SMMS3i4sR6Cit7HjLB7Voi1XLnKaGwe7HqKtOfVSJey75mWPixQivmkcGtV-khOatiLHnHfcv3SxquQxwhscSgIdeuRDCFJOIi9s3h0AGEl0bEtzgs9hdJL1sMHYMmsQv2DmPJ318m4Jbn_ySA6RkT_rDCNrlfREPIMXB8dHhtNNtqW4rYXG_41Fsu3P08YDP_VnSHuYmDuCqJRUnGKJhB1JhkDg4oGfUkAv9aIq3DPrhDM81NhMCHH_vsUxLMziL3hQbpKHA5HhhN5gFoEAqpNrzEkLAY3xdHD_DSg30YyCSQMOO8Uh885rdiwt0GuraRreAKpVwQbSOVr0brrR29sCLovghU5NNPhtLg9NI6i4hlW3VmcXwkWbU5ZZZco3KNUqbpG85ksyOT-RB7qqOMszmx3U1MB1rB8JVoQbB0NTrEtts1FgN19JugskOenDRXEQ==&pload=47
Domain
kneeansweras.com
URL
https://kneeansweras.com/dupa.gif?z=1541501&var=1541502&pb=69b5eb3d0a49ed1ec2673bbfd6730df51638555787&psp=jGS4etGE1AA60Rqk8rvAv1QoDxNZQuBTLL678mAOZiqWRQeQbQSzIB8QfRlB5agNFMl255QtsK-TWzIFmHxH4aU1jfQQNlUmB0cGy4TCQ81du6uxJlaQZCfutvZyzIlykua6HHWWWqYaJ0v_KfX8NKu0uE6o64e8AzmlML-9dk4KhwgE5nCAk774reBBWvZUmgVNQ9uqQnkM7QkUVdMAxqTiGxprm8J5S3CBlJaWnmYNLIzbDeOgikdGRdFXCjpvTHriAH6Sjk1MMzffRlAAgKtsRx717nSxS6VQMVc7H3KawAVkp228zJ3cZ9kCEJJXo7dyaV_7flq1J-IdljSgqbPtA3OcrGwFr3x4W8LKE_7x7z3djnaQd6vNYfqIUVQUKv2xjGVHarePADJbCBmHL3JvCPRwETdPxK_yaPW6uEaRgwqfsIGmmEC8RAZvSACI9GAyvWLQFF4rNW-IFyQGq189rxUvekLwBnWAFSq6S7IWlMBrnSS3UhG7KSmUpJfIuNr0TsbDOFzP2ofl-p1pNXLf_Fv_56weXiIaqeJJ0iRxVFC_QyOu8XmLHL93XQifMd1H06Fsd7-Yc4ijEYMvAn0nGsp7-6zzR4UIzd4lfI0ZfqrVS4TcravhbUk5upEyCaQNow0GB-AGMBLL-QaoF7TvWyB74WpGhrBsJicDKUU-vu5IUKbjXQ==&pload=44
Domain
kneeansweras.com
URL
https://kneeansweras.com/dupa.gif?z=1541502&var=1541501&pb=69b5eb3d0a49ed1ec2673bbfd6730df51638555787&psp=qnucJyJwtyQ_GMAhoqbwb5ro0XRRe7J1wRfTxwr8exivynAhHwQwfgKHcmHPBnGHVTiT3_0CcX3ZXjCRFqPEAbVIPDffW1HVd_YXcyPKf-i1AGXyIU5tyQ8uOnaQe0jVNNlEESyNhDcTbMd74I1CqkSsW8qcyHqhGMiOhmsuFeerFrWU8a4CG9AYcWL7TIW4UsIYVnM03bvKeFhtJBJLCtr__2iAqBYnQ3_Ppu0XFrLVwzoM2LbQUXYPcqfAG4No8Cv5ARCipjJYphQgfQr5loZFdiSNYIcv8j8eCq_Ex1s1ST94Mz47qfvx5Mt_8Yx7D5mlFXHgkBW89KVMjING5El_im3qemsQlbmZK2Fu97eDgJG3IBTmPhlPKuIGlndYqVNuZG7JW8G4AlwCdp61GchCBvYS9NJB091Z7ICvK0soOk5lbc6zQLUR_DoWHN1NwoC1HZOuQnfPJ3CpuTvCa8MLNXG_GsEwfHM2bA3nKStyiE_UDgBTSQKobnNGsb0V5vZ92PNfXn_pP78TU3X1buXbo4CSQ_Xjb2T7M-pZuvP-c_EbzN4BlrKlDy1fcDUp4gCtYMXLApnKSruh46VUw8QcX123oXcxudaUHObTOFzuLWyDxeq1kPjodq2RNfIhPXKEpx4jScONBhUn_tG4CDOX3oUmKjyevYd5bQc-qIXue9punY8zxw==&pload=43
Domain
kneeansweras.com
URL
https://kneeansweras.com/dupa.gif?z=1541501&var=1541502&pb=69b5eb3d0a49ed1ec2673bbfd6730df51638555787&psp=xFIvhIuh9tv1JdJvPXmm0CZPbeINiILGMQZlW9M4HRNVCpxsgVdJ8SUWpczD5F9wN9pjjbvCHNpcOHbLwbQ8NxYFjLvlR8x7-e6jwCSuc7YSjVl9QDlCuTUCVsKv8TWB7h5_go042ocRb0xwvaElU20yLtrgN49K18pDWHai6DUX3KGHrP4iN0K46X5q89riaazhnSrH7xYgEzeQNXNHuFEvrux6H6sjX6bvY_gxkvzdxDxu6JbDCsqN7aLcRNsIj0Mv9W_xx8uum-x5IOkApEL5bT4Xd82swdgzKtiaL-_7Gz4Y5bRnMkvqvojx709Qj5GtK8uR9S-POKHcETanpb7hfGFBQn37Z9T5Pse6jc6GkeZOPmXfmz70Q2TfBBT_lNOU6e7LoI_nTDPXZlzSoFxvmPPGnZ8z8n8worbPyi3M4I5yUA5kMXDYm21xDdQOxV2ARqWGalAxoKZwMT-ke3Czll6mAP--6eYtgL824IOuKN0PhNALYHw60AsDLy1QL_KHruSBjbTltQNEu5Rvx1tx70gMByFOqldRJffR-Y-Rn5cJLFaZXnWrRy6KGvPlNsas429Tg0FG6c3WbxNyR2WEHQU9V_44U8vKqFmkBwwcDkecZrEeJ197Qt50dNbmKnYtU8E0zhFUFtEJw5S7DPoTAQaMOSUZ6ueb26yzY__ic49lEkvPiQ==&pload=46
Domain
kneeansweras.com
URL
https://kneeansweras.com/dupa.gif?z=1541502&var=1541501&pb=69b5eb3d0a49ed1ec2673bbfd6730df51638555787&psp=A24uiwbcKO7sjwC4BhbtrlD-I6fpo47k-Y_Nw5XP-KBPU_2iJgyvFzt3UK1Yv401gqkYJXOUE2rpPNuFfz5pS9pCLkBPW5HFmY5apWj-JnBoH63dh1171_fAKJ1ZneZ3pyQuf9CfBnCXGvKdPmFirqj8M8sHziHo2Y4mBCjx86DvQ-ZYn5QFuZeave_lcZjYRtzDU1EyPUZecKvnQALu2aYtvNUv41iwJI1oedY7thHXWPQ-6xD6xGXrpEUEw6njS96jP5DNzGsiKniZiUJl9H4qtgyaMWaON_uAjvg5bglYhxFzuvmHzifdBKhXdd32qvTNB52gXh2lchjv1OxpdZj0zMBiXByk_YY3tE66VPDBGhVs--tBpjVcrtIcfOrV11KcqOM_hu6WMI7l16H9uU6qc3VQKYotu3gDhc0y187MXKNkG1opwD-u84XBN_y_k3xhQAYtrXGhRDHfh9a6AIfO3gnrwmYe-og2j1UMIARB5FW33y6X4OiXYzORS5-Dg108T_cbUO0ghAmSiumh6c5WZz9GruHTieGIO67O8jnMWYODI2dVgHo5Tvf_FAI6DI21xG9DYdH7kWjT9gGAefNbFrgCSBdHv4ctqmNK7QPusgswyS-jIcXeXZSx-MIrpsl0o8dFf0HA1MQbroqTPHA-WjiBxOgw59E7es2iCMBKUfqKzmxJEg==&pload=46
Domain
kneeansweras.com
URL
https://kneeansweras.com/dupa.gif?z=1541501&var=1541502&pb=69b5eb3d0a49ed1ec2673bbfd6730df51638555787&psp=b9JvUmSi_sW214qDG09wa6duN_ezCWBYrfin826GUmB3Mtj9-U9AWdVlaOMSp5--57gQs_x4xAQISyr0VX-tDN5YPNGUv7umMTSu4485IomDby4NRw4pxR7HXnD-RFvRyAHFK8w7CiePOhcW94aFcJlqBpHBdhmG-UrFSnh1c2bVji5sjANjwRFIVnT6hUiqcYX_WMv7DOyk8DX_YrBHyaXxI9XKLxMMRYn8gVRjvE8KWSEwZsp2ZMowbFGDFFvykJQJrxtyGVPKnipVfYM-z6Mn_faCQrbRAubhYBZnGZz4HLTRtTYVFohjP752KzGiqClHp6HpjL3W1SmrcvSQWbPo41MmNPF6dHAwUglcHewCOZhjPqUsdrFlZczKlIsOuVdIz1Jt6dBQk-716kRA9OiRMVmoBfUDDqwnX8BWG1NWoPl4zW6SVOIOKCwfWjUaYjd8ndP-wuLSL7z2O48HshWXoIdTAekmXD3UJvNAh9ZLPuPVN81ZntPFZktKcPq1qz1TBiBYWsqZ3VBeoDy8P3_z2TlyH_HYY7T32iEjwg3eUSWMG1h96qDHbVrR-laVzppHwbm0edUty89xPGFgZ1jG7cn8oV0-g1pCtQAqEW7BuFkjIv8heJLYAFyHigALlmt0oZ_8P-O0r9NxnO8y31lCb63B5cR_59ZE5o_o9qCgWi__WDHCkg==&pload=44
Domain
kneeansweras.com
URL
https://kneeansweras.com/dupa.gif?z=1541502&var=1541501&pb=0245dd2aa2841230c0ef5fd80fe6c3e01638555788&psp=4d7X6BXhpi9w5cXR400nheDrsSoJwl047Z-TGOuwaZfxqnqoYGZ5fNysXTpaWNXs7odo1v4SL5OWjRTcSqtwdKEAk7-55HGVPYTSqfdV7Rzq0RcO37ASFF1Ox1LaBHD6xumESP3786atbzM9mYmU4qmK6vlyz-Egyyq8I-6kdS-5KQxQv0WdUV07PA48DViy9fbolj-litILD6kyBchckhc2B8o_Pcxtcl_gwfXIoah-K-4igdqDb3GL0cerAbbuYIMNHU0pc25-ccy3q2V6-92_xnOrT1rNYWjO07Oh_AiFDM_DyHl9bXc4YzrFxvnbDl01IdpJTKvEulMh23DNDEHPOY2TTYXMeK8xU5xqKcwrsuvECZqhQDUzle8AHroaiFd21qwxDuiEqQzuN9_pVk2uyt_gYVeTGvWMkipD28zxTbCqzGuyBKZTmWWh7fvvXeXyp7UeYiVbdokBJV9Hr9n20-d8CZ0oibu7FOOd8eq6C6E1xN8yGrqeHciEuBiYyCAM6c_UHG9o-KBjCdWqI2TNIViVLBu5hKpu_cyeKh-z0xVoOfql5SY5AsacfwVUwORACgXUfM2BLaEOR4bkxoGxfeBN26ettzFvOHKhth-QXmLCrhcnt61OyVXbBjiSJEJcRds2qAQEB2Zf_sJ9tmwvW-aOHoJA0V1QX6AP5m2v0xeCiNjpZw==&pload=53
Domain
kneeansweras.com
URL
https://kneeansweras.com/dupa.gif?z=1541501&var=1541502&pb=0245dd2aa2841230c0ef5fd80fe6c3e01638555788&psp=rqq2DYmJR7DbSIvedp01tm8eFG3zrr_1KG_5os4hSPjgXclnXKiM9RNkXYBNV3qCGPhrlmtXex_YWF9W9IPHvSp45x2nXK73epDUyNk39qv646cauG5JiaNYXFKuYbJ2u3Qj247YkNrjOSjVRiobypskaq7xWejmXtNMFnAj-Llvth3dN2SWaqetMjy_Dk_bnD0FHPNDKKdhqcOasAmnmqh6qj69_oswrZGYE3jcwWPkBDKW0SKT_6VzUZgHHIxmypEZDzHjRCGn7-QYQgFqwnWq4L-MXa05WmFLP4Nrg3HNtZM3B0tBuGA8XjGOnqoNIpl9vpDWp5Z3ixuwE9VR_-MoLipi8M_eserDwj4pnXAKIVetglqGLZ27itMunxgWkFXKwU_zY5Tc4U99Iv9eUq-zRMmgFTqAE3DltQp4psiwo5P3tzso8uxrVfyMQq4_i0HrTZBZgrF4C_2NfVWKeyzTSDIenrXiA9wl9qIkfgmaxFA_39Swz7K8fGqgJauyhqlswFSQMztTFOo4h5DoGknz-hm3YO6G9w7Pj6ylPRz-KR57XbAWpgQ0WgNVxXBn9jzH0OSoKZSLXd0OfzjoQ8TyQ70OfiITBLf3fBVzFa13A8xKBfiowNZOjStXRyT903cd6N5jYgKQSwJBvfm_yzVI-OCzMxHKxHNBok1iZKlvUjzv-OI_RQ==&pload=56
Domain
kneeansweras.com
URL
https://kneeansweras.com/dupa.gif?z=1541502&var=1541501&pb=0245dd2aa2841230c0ef5fd80fe6c3e01638555788&psp=pq0WzPdmGRDSigukVIP_VzUW5se9_503i72ATbx3rpoFrQBkSJ43l6aE2-tPlvZN9YAEw7vVtobSmtgj9G06q2ZUrUWQ-abIA74LKKBA201RdkTkkRoLC9Luy8d5poLD7jsafvdJ4nsIqj8mHKb0PKzNosb6hGF9Dle9mLjL2J5KE3dNUV-4LQrV2mrbnH5--w9Q9tLnQ6QQirKgPiDwAjuyRwU951wt9LBbAvWl08HrbFoHFpBjBOBpW9HEd0pVUUDFkRfAy04g9uKAo8DGQdURtuoWAKIr2c6dFYxsKnJXad8WVQpYVuPAMdgnXfoYpAae9b_fi7nxwTDqnyOdubMgv5d6LTV7NXDX9MXhgCv9X_Oe9U_Dcj6Ct9-MO0ZedKB8xQRQ5UvNRyBLRyC7bt6jFFLrGfP7UFPBcOnsJ1Qji-sU-_UOfvlOByMpxbbDYTBbc9mytOSDQ5egJ9lGoTpzr2zkhxDhUpHgn1coiIdJpLEqp1-SsJfyNnW7yMtl8wbEgn_MuPI_4_1lFtQCr6t7ZemwJHoGsx36QNldfqVkdWnJ-NeSeOTPorTHMcGCGFeJz2D-8tbXtfjfvMhYIfASc8vezoDIuMI5dkBZVygJs0dnmDELxTQ7HLBPyIzoD5Sfv_CBi1jCdKfERlKASDLZB7WF_1JmmAWxAMi3fu7IK3Ua1WX_cA==&pload=44
Domain
kneeansweras.com
URL
https://kneeansweras.com/dupa.gif?z=1541501&var=1541502&pb=0245dd2aa2841230c0ef5fd80fe6c3e01638555788&psp=t0opSoAbLKxlaO9qTae8_2uElFEtguUD0W90g3wCLnbCPQXW6rg6U-YuHi3e4v-ArtresbxKp6hG_mJVkcos1QzKAG4iYddSEKleZt6yF0w-uE9TVCXW5ywRGVD3-ZHZZDQ8xeJNUsXNDN68ngk8nb5cFhNBfEicQrtJ5ciesJSXhtfIEE5QvYvt62lQdh2pcK5ov6q68Teqix6-EMNxwIWh22dXtvEYpiucU1lQ06rEai4ILCczL324rgo8D18fwVnhT2kKXx3aifSMXFOcP8JXQFeQwgEBcKFln3K-8xVgzF4nRaZ5TvvdpZ7IatpzxiPbL_jET71gHMnbk4_JQXr3_-RY3iRGe6ku0qZM6ku_aGvS-0XBfL3AhiLs5hVd-FeyRsg7hQG2Se6LYnwJf7q97L-zrGNndzWL_hy-6hvFkeEmEUcYZ0yem-rIX2YFzmVosnolp7SZ0njsbC-zVz_La9c5pkBaV-ZtK1zyIPSPmx_jM6vrK32o-PCWYdBVhUx8yqFD_fx0BFOfPqEVwG8CBYpM6dHhfoXlu-jmDtLKdMVr8h6pqoI8k0S3B4ykdv2Ci5K03fU4_bHBgFXFgsiLisAuxwIzaUOHs5iSG7JfSk_Eb63CqyHwYI7o5figyMsirSESulb0rb3Ai5YdaXkx0MXbLSdPekBIzNcqrXOWTg3KRrUqZQ==&pload=67
Domain
kneeansweras.com
URL
https://kneeansweras.com/dupa.gif?z=1541502&var=1541501&pb=495bce6f770101e310f4cb193b35e8321638555789&psp=63t-pGcfS2UQmv4AWv8i7Q3en27mmijrjxv4HEfrzDztEJHX9GzmTwd6Jbl0birxuGp4aOmCxqBU6XCDynN4k6sFIzPG3D7lDpAQLFkjwuXjEUnqixsdtF-lhWzR92ofVKmDrEprZVduBrPdUtleTIGWEeZHR_iO0ASthiuemMgXT82IRzUE8xD9PFY82yYiKkZEv7RJpmlW4mTqQfPOKuSIKCLPrZdZ8Om5LBxn-3rW3PiBK5j7riPUn6_ck0N_y5xUxkASaNBpSUl-uPu7cPZ5HD6rJRYnqEZq_kYrNt_AMGzYyhN_lOadGE-pIA9JFTIsnBYDH50nP2J4t3-3hMMYTJGQZCGnXtRn1fwo6rlfB0h1kbFaXaDvPKSflyQzx6AK2eH3C5JRNDY6yZKPrbcJBOkmeawcx4hBt8NO-ZMLW8LvF4EGaeo0Wuyp8d9wTajTnEEczCMDJQgLlYiqR9gkO6oidAO2dHjAa_Xk8znanU45g-F-cMu-tocNYVuHezxDnUX94TKVteenwAPh3Qlbd4JqFiEiB5KUoVL9o8aIyxhDRx8S2-D-LLSkqeT2j8nIhyFmGcmOuJRR2OcYOoy15WNlu5uE94LdEVIUxwauzdOqks35_3muEtpOABM-DiZpckY_KDw6BVxOCNsWQ-SVtBmDy2j3kJsIni401Lr2r0FoukPuMA==&pload=46
Domain
kneeansweras.com
URL
https://kneeansweras.com/dupa.gif?z=1541501&var=1541502&pb=495bce6f770101e310f4cb193b35e8321638555789&psp=e2XAfLLq2T1tty72JwvX384NXG-9hzQ9mTdN4Z_qpdZTYo6S-7RJzSkDSptFvi-YDilUEeMqMCvx9pShuXwcM9Kbvs-Ur2QUq2sp0H15Lb0ZHtZ2hjjcWlU1Pp9PfjOXR7zAgyCS2AEqXPMZlT3CWdE9vqEuY77UvR0yYG5t8gx7Ksz-O7jdg7BxWzXMeXJfVB1McamHI_qrzuQNn36H-FDYFOsIWZNEjUFjXmFVGCrfHFD-10Ex7m8F7FN8cUwYqz7YNgdGMwslL9LPcwMdER6WGuOscWn-MWR41Hj7UAr9tnUOhMyqS5C7gpHbkOwe7DqDt8eJxdUu9dRmiSaCaOo2tstsixRXOByn5GmIMGsNRmUVXJfdHzIT392WaO84KMH_kKKutvJ1YaglT6tYZVTWXycm-GuCvovqOL1jIjDCrrxnf42sprNAU2nITsghDNe3e5wpx-YIQsB-jjhcX5QvjkyFjpJX27HATgvT1Xf5MgC6tRuY1SaYNuAyRrO-VwnT8RXxOHxzU-oyDaN-pp8GvVLN7nvIO_lrra_nZdiwp4de8ckGjw3Z004-lEOYWf0EW6f3rEDSbrn_uk6FKqG-n7jNOhWUc6UEKbETSVU57Qm4SlGXYJzwabUcTUkDdiKJCwWSlomwZQ48tUtu7_5oqqjkyf-8KAalVA7H__15flA9GJAC7w==&pload=50
Domain
kneeansweras.com
URL
https://kneeansweras.com/dupa.gif?z=1541502&var=1541501&pb=495bce6f770101e310f4cb193b35e8321638555789&psp=-cWpJC7-fUQaKsS__nBRfed9ILfsiOSEWkFGeWq8xDQpPojGrCf-QEIqsZmnctdvYkv9Fd75SvdjeXTna_BRrlDWTy0j2zzpSyMIESxXwXMJLwamJPEEQBJaaYyMNw8SCPKnu6E2pYg4RJ2uHj-MrLRE2dMML7uS_iSms_P_OTVQA8mg9NFmDX2MaX14coPn4zTdICkgK2XRDsK_u1t6DvTAueM84gVguXbqijDMOZxKqReEWgwnonVYlDV51b01gepo-4mXqHF5ZnlaTrxk8M3FZ7ZloAWs37AfSR8ScSDRNgTaKfXi4iJ7df9DCORFEkKRD_P1-cr6VvahvH2b3UG3taIIumRG5Wlp4e_CeKrwFrSAzsgcrOL0HsQ_9P5jnoCL4XNDes6xeo1CSqs8pIc0URjncKe3PGKyjjEa0Ee11utRyyUoQl5dmOxmCIQZvCAtQodr4jY21VHiJ3n-Kwu8CcQQNQBZk8OkRkyJswWdHv_dInNLTvDJjF2ub4cuq04awVdZ2hterigeIW7uf8LyLyyDHZkaepFogVrSbCB4F56kN33FBnVuNC_oeY7c5-dd7U8g_BM3aVe0OtezKN_t7CzTe--egFoG6T3czgi-7GtrhIkTCMoXsNI3taxcIB7uMrzyYX_69NaOYPaeXwLXzuh_Q-_P_pfbPnS3CQSMW0KXSMWrBg==&pload=45
Domain
kneeansweras.com
URL
https://kneeansweras.com/dupa.gif?z=1541501&var=1541502&pb=f769bd8914aa866f70b4705b7ba1c7c91638555790&psp=YAQE1HNetRwbTYpw3zIp7L5clFZcZQeUkLVpU8vFCjbo0E-rlL0NdWSpTyhA5FdcIuhggb0jIowkGOtoZwi271-o1D7eL2ysT89YK6sQyOHpWgN8WavDD6ZVTo_m2ccRmz5LNmQY8-zZM_XJOoPOD8qRXO8Z0_apPgVxyvtzZbqrbKX2ghspWCGCJ1PY18beoUAAy445Q9hgbqwSrDspXkJczfvTj6xR7O0ZYXEhi221N4zwdv6xbYn4J0LzylIj7-wX0RNWDwQWWbdle_BMH1yZVHXmGRbm7KYG-BievVshUwymCl92r831VfFE-ryQVISCspN3syfm5Dty1mkJzFCjP0LaadaYAjbWHyd2f43vdaGic_LdSC5Ucihg2QjrFRjG_qoxU4E7KPV-Fkr9b0kzw2kwrgBBLLEvcqVt6cX-XA3H3rQGeUkNfbZxNKrToKwFi-_WmxXzt0mwdfq-bqmvtqq3TocHIWd53hfmaqTbq8FPZWsduFiTBq239-9Nozq6eZvmwqavid6N8JZ1Afde45ke6X7TrbHlTyI3cNubQJ0lwYK4dD2x2uwPKVbmqVD9RKbnY7rKNzhSEp-rVpTyAs87FZoWBU2LLymbQhKhGXGKxs1auQpmtBnEbuP5cuSRFuYVadQHOG6--y3qsQE_93kJsk7HCWpuqQkfrI6x3dvLQ0gkUQ==&pload=45
Domain
kneeansweras.com
URL
https://kneeansweras.com/dupa.gif?z=1541502&var=1541501&pb=f769bd8914aa866f70b4705b7ba1c7c91638555790&psp=UPhNa1yaQuDIoAQ777ZI_jB-WZPGp2NBwuz0T5asFgeQxza4nSnlhm0zrNVj_ZzsToX7xqpO1b7CpqTLCn8o3GdmgNkRNOKTPmvhuMUGqDTjp7BQWRoB81mfZx0T7kNBXN6XgjXudfKhcE83oNVAPXQQyai3DnQtxfvVSbplc_kByXmuzy1QZrsJI8VLnT4IE0RHGBiTfPZcPtAo7EWvdOA7wRb6vH5NXRtpjzisaifl_W2XYY4s5ZIHYEoqeaNolp5mceo2RaJkU_8HhdJQvqmndT-omeqIP9AIgs0DhLvTPbqdUi95VNi0NWuES6N58U8lpPYAYrLofmfwa6Yk06yHaMCrXTVcrKW4pMZvvaaUGQNIUaKdwow2pSUwI2sVS2Riy4mz4iW0QBwkbE0oy0hOganGP7sd4tgIL9cU98_So5CEjH_Lklp49qoPvw1oVMUMfxQ0EYjmj-TwvQSF9nIYu8aHmEZzxiVELUVlx8eDK7F5LBU3H5dEFNOvpQDB3VM9a5v3Gio0qhBp63_BVp__DY0nDYl2jQpwxJYWoPLE5vFEJRq_amNYnD0n-9D_ysUyRPczXscQVYJOIn_KRW4v9p2dwTPn5UDEjC2yplsii6qstU2jqsj7spmffFLhiJ69X2928xDiZskS7u5IJl1n0qoQ9uCgTJpWLfXXI9otnqx0SBU9IA==&pload=46
Domain
kneeansweras.com
URL
https://kneeansweras.com/dupa.gif?z=1541501&var=1541502&pb=f769bd8914aa866f70b4705b7ba1c7c91638555790&psp=_4rR-Ees8eShSOECwl9fpdKzCMhTfHwhZ-QXonIse0tkLmq_p6O0NZ77rdZ-mZXHBDBmwaNmPTejm51d5s13XoT_IPtYLjZg2rNWuJRLaeh03j7SPU4sNC_SLMsZKa4c0OTBBRdjp18t5mpKMr-zDO3FSUYv0kBq4U3i9Z0ofpljnRA7vB6g-Bkoe_b16bPR6re3sLd0ocD_gxCJNoHePt3ormtCTyqL8HaJMq4ZVdjqhVA9rQ_6afHP3UWH5mGjkZBDlE6GS1SubiSgI5ChWCTNuQPM7SOnHr7uCoJ0ES-2XVcBh4V-ujamlEm1WuwUCN0p9PHT15hWGEBa59d3fh_O2dOMBOi03ayXXm6uErB-kLawilfkTUx0uibRII_FgrSBSH8T6_jZzzTlcOlUwZp3YV3CYNxeNDvOktC9Ys_k3TsV2nN2O2GwbOwM1gHQDdZyqu_eeuV1dZRBPj68gFs3ssnZ5MXBpJBOBVCThzYXn81STaPMSzh2qCDSJ-Oo0sq1gykhB4f-Tb6050SUsU3y33XpTJRkK66uO-nnzzKF_eQ5JxEqiDHYAxd-ELkofYHaNW0mCS6mMVg9OfjqcM_fArOmERcgK27gH28z5eiZqTqcHf-AwqJgvM0uytsrdMaxHfxTpFLYTqV3LxHDKACrr-f6b182x1Cyk7iKA8I7uC9jTJH5Yw==&pload=68
Domain
kneeansweras.com
URL
https://kneeansweras.com/dupa.gif?z=1541502&var=1541501&pb=f769bd8914aa866f70b4705b7ba1c7c91638555790&psp=rd7fjw7GvGkf9SjaWXkv78DyVDDSnKa2OBWmwk_MhFUhcMEZbw0ERWYBnAWDJKnocZxrfYUv3Yl4PsJQAHbtXL54cmqU0sjSCkq_88q_3iTLLqVEtw8SflgpWCGeuI2Oli1st8qBDxitB39UOk4JssEri2Y5AwHaXUy_BuND9hvrD8aH1qsAPZxIc6ybad4Q-xDsorFo_ngBSUBRZ5ZjqWNAaAvxtKlj0XgjJ0V8c1H58W8w5kvG9dmSpfum1ff1zAlRrweVaofyuDkrslZyaAq4O_5kq5IF2W2iL6FRG9f81a7nDBFks74LHMgk9TJugP-4vEnyKrPk4FzyLHgSQAfGtI_d4VG3ZPNZF1CrGwRNkhJ83xsPGsgOZ2uXM_OFnTyNwPHAcDo8b3Ck9tITOgNUPCM_qn6gNjIjeQ8imm4JH_A-sfSdZ9-lC65spuB951zxJlnbM2GmI4mWFptZcZ-cqgA_SfBgTL-WsoKdcpDtptBZAF06_dywpy2E1xC4iu8RXylgo8URb70HFivar05_dycOvZ4w7RJiOhl9d6KJlwobgq_VAvnmkgmyz6ar09EFMN6WWqlVssWGonjI2C7EPv8VSyGGG1hQ-k_U4Ii3TjFLRxcsg_JzvMd3YrseEkv39KZXOUrjoN2LZCn-DxHo8h0YoEPkvra1QwVVbQWf_pn5beW4oA==&pload=47
Domain
kneeansweras.com
URL
https://kneeansweras.com/dupa.gif?z=1541501&var=1541502&pb=cf1c6c26f33db445ca202d224aff256f1638555791&psp=BnSjbBOx0kxjk3c81qmeJzG1gRJ0A2b_7AGvZ78Z1CWA1Ro8GZE1niwgIOwPNF2t-39xjU_4mWp7mCei0eHhE85ksEAxXXaRo4vBeMd7GHeBReuNEXmjNLDw1Ki9dqqA7WAF4smDWQDA9--IWPIBua39q67Mr6NWv-TNo13-yijwX4xsx6CFKmTDgtjZ6FdV39Xiz2n11gKYoiWmRbk5K8GyWIlYhdrZziYeMRl_UwJq0MOBF5cLRk5zuYQT6dD_agBLDwyrxUVY58G5JAj9X_kKnBTY9QP16Q0AhgmEg30BR3sFoAhob38SFR9gUWTxvIvYfY0JeAJd7Hb0G70kzw0roHAeE1egYS2S_ec0f2-Ino-bJU2ehm9RHXgh1pRet48ZoZkppSLf0UsSYue9DeO5xzibQd1npQA20VgNkIgQ68TRHxsBRhuIv6KDm6_u2qrO32P1lFzXQfdFowz2Bt9hHyRuFlul1We6VqLSJGsmKUtphBzI59MUWZiRigvsmFupbuMtFta-fOh3rnmXABTiTeDiuKRTMYO0HCSQQzyDMpItClVOC6e5Uf98bLm_GmlSFwKpMCqgWJDQ4iJ36SbkwXbRZYvQ7aifdIsW4MDW9Qqp-7QOc9lb-c4HTNZTg6w8N8w2PqW6GiNW2kicCuHxV5-F-8tfAc7WviNJ3ITXRF1bm_383g==&pload=53
Domain
kneeansweras.com
URL
https://kneeansweras.com/dupa.gif?z=1541502&var=1541501&pb=cf1c6c26f33db445ca202d224aff256f1638555791&psp=Nz9VO2rLPBHmrrcQ2UQvRzhNazqKCrtZ6kNyKqb4v0zJIlHYgsw0MwZM-W7VRJfudZJRYIT6Prwnf9JU5fgI6LbOa4-_3749TvRvmD3Z267bI7TkM4Ue_WOnaQHe6nA-XbCJ7t4fJ6NgH-O9IlAl7Fha4-UnA0K4qVx9-6AvktpiTTAbIHQygEqkZuOhCOJKOCmdJbVccpXWf7yXroGsloMhtN2iKN_M5e44SVVW5XEY0hAGqX18oYtMDlNwcJVgg4bViMDmzA2jbUj30vOBVokS9p1TtyZ5TELJy3Gd-HYBSOfWGWR0UY02CtPNh1-O6oU3_dhyNafrfoLXbCyD9cOdClzpuau4KDaUMvtCAATd-Lykfjr4-rsFvev-des6gdQPcrjTfzr9ytgwQIC4P_KNwUs4wZczMaqfpOHuQJbM4h8t7SDwTbbbABEPai6D0-31R4Tx4xIJq98pfDxSWSl4n2q9zWHFXMVFUjlL2W2VstLcoIyik4enkpA8zhpL_CEe8ue39jDA1Y6gjybrxJ1E0em0UCcRqqJEvb2WhLjujaftj7KHV0Dmsno-1KlKouW53PooOvHXT93LwdeIoHyRWL3rr-AR0FCrqGxpu0LqyuT0YB9H-yTnSLoAi5SljwxQ8w0ZwltMvfNY9Y-3yudiLM9eWFOYrNrJZjP7BB5MyTTNirktQw==&pload=49
Domain
kneeansweras.com
URL
https://kneeansweras.com/dupa.gif?z=1541501&var=1541502&pb=cf1c6c26f33db445ca202d224aff256f1638555791&psp=Mkj0Gc3ntoNh8e1mbFI_o23QQ9RYkaSQoj4jfP5keTcBAeVaexG7_lkNX6wJfNwZ8QfFw-Wc6cBf22v6CiuxiYBdA8hONsQhyoQNKBf-yMfvKJxlkUG2bQ2SBSWBn2zWvSbWsKl3VfWH0OGGIS8RiQAxW1zTCnkQXI34nOm_BZY182Pl9Si-9wmqN5nmyRa89WV26u9bYNkrkjrxwsmRcelcJ9nq6zBiXqMF8elugc-TFQeO31YaamwLZdIPWh41jtSuT3B2zWjMXGysyEVNi8jw9cfk_1SBB1ufegd4sqQb6s-hvVPJomgorMdHCYfL3GFmKn5zJSteb1_mlFOnc5tHZS0LS9S2FOueFsBzKe-OlplEFxZgG-2og7Noqpug0Y3ewTYcob0Q-8EDxcnw1xyqnNC2Mb3hJN8xrITH0sNjX6MwObVA09voW3M4NKblu8oEa6QjZRVBvpMDJ6HHhbjEBYIr4tt2W4EBH-QJPECb7Ql8rtiLo5CTPnRylA6BgPNECQS9LgfCoDBqCvtLQ9mE0MawH3btY7-grrF5pjIb3u-rzyzUZaKaQUnkcM43PhmRZekVSICdIiv4loSzyzUWRHQbfPhDNqsLKb6uxFQTyHf6-L65Zfyyf701s7ikrI-3iBUPstF0XcxizLmwuQGbRXZOwKT95kOPFD6DnbOsfAw_dqOH6g==&pload=82
Domain
kneeansweras.com
URL
https://kneeansweras.com/dupa.gif?z=1541502&var=1541501&pb=cf1c6c26f33db445ca202d224aff256f1638555791&psp=mIUXM5_f-KEcbLZzP2U-ulLKVhHi4WeM7Drf6NQmzzw-SLYhRo6ucaNpXDaaDRm-b6VLXiqsQST0mm4MZ13jAaZLTBI6hajyaG_9ApC-_GBhBJzi3GneV32zTvA9K9AmIyboYMzMIUWEgaJ1QI5qNceOpMOZ7rzCrPO0ZNuuDIuWEvM68Sh86o7clx5qE7p9U2D2-AKBXaznvfWYwtI7SYH_Ho7pJvhF53bGhVZcH5quBARXmWwe877loJKIwG-6YiK17oDGajFaBT79FBY3rt1xDrG5zROwrq8fe7QFiPTv6xjk1ceAB1VD0M6qMQ2PbglP_A2rVNpR3t5ntE4vphBXUkURm1NZU6TCG9O-UFHAqEsV1A3cMRALGsr4swIzTUetnP3Ij4pT79BYg5pX9XW6pBbdaU9dNjnTBhUrzYF87ODJuA2t-3jbE4jLfg6sMJzRP3twX7YwErv5uCu_qmPdPQtFTeMsT53arv40lfdTldbmV1G6ghry9LN064PKq3LdBJK3vBGXSlFqIKvf7oq53t-KfvqtQj3q2ZMudRU8iWD_cmMVN4itKdsRnfNKv669Qev66B32d5HKcyTB-V-M1BVpYIfwTrJSz9GZJipgc0yPQQPwUhs20Wbtj1EtgrxANKgzzdUIZkA-y85r20vIu4IKkkfPg7m6sXChpRBZq5x9DwXCsA==&pload=47
Domain
kneeansweras.com
URL
https://kneeansweras.com/dupa.gif?z=1541501&var=1541502&pb=cf1c6c26f33db445ca202d224aff256f1638555791&psp=vN7B3j8sdVYXbC3kwgAAdWMeMgjgWkU0wieG3pbk_R0KDPa8wTDWQf8YCQqQYf56xUDm11tYwZMITryqJDTDA_65Makr4WiFglyHITPJqDE-tDFRCiPh2hrMMCW1pcTTisjJZfhowub8T_fb-JnrLMgVrk8e1KO01h0sTbilL9TBiWVZ3SqXx45qkzWjSNyKhWm3Fi-N_GU2ZtHapzWw5gVabhloETCmMLpRk5ozXe-hUhT6MkAhY3zbjkqjF-yAaaTlH358lz7ofuKYZeRIc66x-hoWDiD66Qrh3VaICmfVebNNY8205BeWkdR8KpNq-DqiedoiH8nAEN507bW9x4VSVGxuzTxf4Ycufw2Kq5wzzHqK6-Dbyqv311rm_-rUCNo6A16Qpo8Z2Gv6XkXJLtScxmeA5D30v9CaLMvdCeOWHsNtMioQ97OETshzoL5bMynLBvLKBRz8E1yD1e5XA3dCJL_ktdEbuELOwL3Sn1-C4njxLzRCZICSA4fzp3cDYzt9yeYL-2L8WZoJm8X5BDTqzQczNmUFY0OQTqs5jdTAcDdQ8ovvJE1pemC7dGv1pg6_IMP-zRzk-vMSLeMmMWHIoica-S4PppkGe5YKlbkI7qLDEHkKG8TOcHgsq6x8vzQtpUMcG18SfNQWcQVRIGefqkJX1ZFCrtHt0y6McpWzybAKz8lfeg==&pload=52
Domain
kneeansweras.com
URL
https://kneeansweras.com/dupa.gif?z=1541502&var=1541501&pb=dc50e079b7273137e162de095e5f4dca1638555792&psp=jM93fDe_0Ks1EKXvNsXQf_h7CG1oRKbFJPWcBNNRhwtUBmVPBfJgeXXAWC8SJGEyWTvebigooF1Ofv7S4NpzV8BXKuWfXXH0PHf9jD9Jxh9cWVuEdY8k-ellCo_GzOWWIz1iDoHSgsgaVY2NcYsZxqtgBdTi32jtgxjzuU-JjGe_CorNG1Y7JlBjZBdrRGfz78tmO_g22LO-cH5XvsaEUam4c8uP_00YCBJhswOHGpaGB3YVF3bdMkv5sVCcLj-4SkXok33O6yszGhNlll-w7MOGSnu_VWd_GEGClkO2ALfbPVmne2lBKFQfnJG6QFqr4vUNXM3ZpuYfP0kPo6IFM4JQ5SpPQKqp1Qsezw-G9IcpXyOl-bktYFLRmiB_g6MZ9dhyKdLgsxwd55ezt-VzYCBUi4cHH_8mB8hzkbhqyLxmVwSDB9Q4zzwhsKdG5zjnv4zKmAZ8Ebr1e1sbdzyGQ1lVTaTR9SIXT26PkvCda1iNm-YwRGnzfkdpODdCThoX1YAEHK4K8S3F8iP0_BlPW6CLEPYkqZfDuU3QZS1LL6c9OKXlP-32v1ESAsieGgL6X_6hXd74caH-J9qH36uv80dVFNkcsBP0O2ZkjVNjGFKVRm3t273sEe3O8QllC5mvcuIcvFm6RlKDPV7YelCm4KV1I657tWHft5n24I1i1gNzUT_mQv0VlA==&pload=44
Domain
kneeansweras.com
URL
https://kneeansweras.com/dupa.gif?z=1541501&var=1541502&pb=dc50e079b7273137e162de095e5f4dca1638555792&psp=ZPgZmEJ6vmFQRXO2YjIIgiKF17FJ9Y-VmFzCI9CM_CXsBfk3-23dpv1RqIOrOqv23WlRpZIIGkJD0gjrshwMsptSMHrr_moLLXzipDCbKtuE50W1XKFleRhlVSLcDRWcu5_81SW7RV16pGg2ytkvHvEgYSturZFd75JX-SvaKc_AphMjxiPuOB2chZ9wdU4EwDrjCl7GZjNyu27W4j5xv0Rf77hrFkuOxPn9cuQZQhHSsNwnUm9JXjSoSls3qjldQ8MJvPA7nZ0XSkvqpI8hJUle4XG5ot4cvEEDglauxmoRpr-uilBcmGGz1kYhK4zTeasEt62e5cc-zxxHKgNjTjodk6lz1FeMyfiNsH5dmXxgYuVIfh7l8lednzfvlsJfTqpFAm8frJBZf1W1b4dnFnmHVFiC-46qTMRyOk2sjTPpRoU1rv63k6iHHKcy9WVDOCkBAywFUpFwo74yvsIlQaW_Rk8Fc01yjB4rsAWALE8FpQ6SLv1UIHT1XKpY8UlHFLjRujsscuPxMWyQXa3TykxDuIN6O14FJG1EY3hTRZr0Yw54w61qWqLWgKyR3BNukZ3K8UcUX5-J62TXcLDdYaLzyiyg_WrWNhTqShPMRIQPRY73o1iaYxLZyvgOMYAOJXIpPxx_6DE2gigrcJvdXLRb8HzN7ul0oPPqHq32S8UyULfnD6EAJg==&pload=49
Domain
kneeansweras.com
URL
https://kneeansweras.com/dupa.gif?z=1541502&var=1541501&pb=dc50e079b7273137e162de095e5f4dca1638555792&psp=mOb5OH9bJddf18CREcm7Vg-B61MPgaKOEEcgcEauS4TrgGMxuuqdf1L2UOv4owVh2BWAdGsFGZlWc6J_W0lNiDKsdAsQs_P_JLpR56XM5S7sPnv-Rn6qG_uKbY6XEEjy3zt_Jh77nheyEicJywDTwbd4xFsjB2NOebyF6x5tsJS6yN9fL0yOvhLYoeLHQ213XCdFmTl7z8DLy5InLmbozdiqjs4YCHyAqtkFej_o6J8NJcOQmY39RGNGD5XP2Qg11R5G0V2UVXaY37Cu9aFQCxOTFXYT-PRYtTTw-AmsM-lbnouiHTE7atYtzEmnoiq4fRcdUnwlGyYFpzBNOsU2v3GitL4pnOFNQFUOEw6j7KpNInc19bbg1IPzTN2HKPnNiyZapEjyQtmXGBYHoDGgHXy5ZlEbf2FTxXacAdlYA4nAlVTI8oWgQnzb8uDm8wobLwVMJK3AYsoDZAXvWF_EFFjJ6NHjeTOvU4HgBVSKmu3alxjehyctWJKmunJoTiMjrIHJ9emLE7yI4ltbbveMMZ5dcxkb-3UVlwaXnxxlagD0Q0NAFHYpFz-AEtKS-iarZXJPsVG1wOOkmbWGLYMNFEdlFMZXwfl3FucWHGIJIy1lT81EMUnN8kubLGppKfDrPtUCb7bn8bZVMu2CyzufutliD0B_bulaPN3wyDg3hiaeNbfPvavHpw==&pload=90
Domain
kneeansweras.com
URL
https://kneeansweras.com/dupa.gif?z=1541501&var=1541502&pb=33cbb9184d45525d9026e831abf9a0f81638555793&psp=KjqEjDPw7M90fUZvBUq1QF3_bz-UOAFMe_dxyM1zTEuMPj-RpyDH_L7USoRtEAOMDHaRToV1Q436l_X2eP1A-JjMH2vR380iXQ7CsRhWKCJEqgZlKD21OjK-9060l8x4Us6FNOMDq3BKzeon2SK9PusS0YLgYOEzBFy6YmhZpXvxvD0zuzpObBFZoSlbKfIJdCPb5h2wV2MReJTF8U3M0wlkCxE_iCP6GdQIubGeTvLlJK5K2VheYUldC0ooEK55d0160hY34MIA1LlzdO_ZVUOfAluWijcWGdy-9A3Todnovmk7yn-IL1I1BJkBxfH6bkqy1ZlnKDWi9UFaynoWM84EEPP6ZmvUUBRPFCHwRVwVCaKl1KJv4u1e20yseItrCaX77pxLIpKBbeU0OWCkwlgcBY4ztKbs2dlv-gfOHcYgJoBaPy5dTStqoVKq5wBUyHlRvdfNdXGUAnRUE5tONh0MyPh76EoP1YMVSK-apas7ccTGoOAOkdapFfZJzQgzZTJuixNQjcjimIAvHdtmD1yfSr1bxqhiFQQcBDRVC8PzhHYG94SOIrSSPnOuab4bpkt3PkCVf9R5sxSoy7qS449aAgyNDRUPV_oZBNgTOZ397_s2hSaLKJNk6uRvQ9lHXa46qKwTpXUgb1WzzQ0CwogmlqunjsyCgFWGoS7QeltSAQfVZ6QZuA==&pload=47
Domain
kneeansweras.com
URL
https://kneeansweras.com/dupa.gif?z=1541502&var=1541501&pb=33cbb9184d45525d9026e831abf9a0f81638555793&psp=ycKkJ0L8gJOgw8m7VO94A9G9Vm69EqSZ48IsJ-rWAjFRgfOdhAI-tWyXWSZmrHKtRGLChf7YmOLg0p-bpC-dFmfhYrH3CIslK3Vx5JmRzvegb3iepsAyVaSe_MCacS9fUf4bJSBbwplx5Knv3wZWPRh1mBwansDC93Iqhf3nmp_hY649LJTLhOotluIKCT2YjozENVIcuqDPAG3QrPw38xFT5RnoG0oTHA8Y_McFwWj5OSVyS3CHgurrLiSm-k7f13yYxkPkXL06HoYxmZkgVv1HcfMiGAw6uNB3FdL7e3yf990b_Ttjzt7_TkFTIOfNfxhE1VkdPB7m4YTzLBJygXKU6NsswU1xhJ1GNa7h1i-tITnJfrToOZDiVn6vxyhAXH_ti6HGIUu2kSZJ8UduB09iSksuNp6obWyJEMp-wdf3SnSNi9anGe1iMD6O7UAE6rZ-y_Od9DVD-oZpZ_mw_ZcFzqw-5nYSnrJF8QpKNHEb9SFklG6d1e_aw38BY16koQOKTterwYDtltnCds9C1EnKb7cfJ-iUCHEzsEGLzn18AKhXE6LgYzONvLRjqw3soyRcPtMsAVSfQ9DSx3t-Jm3Cja8GKAqJ0lQlageBRQ7pBjGLHXlRsJzauLoDSkDvvrn9vLnbaOxA5v-21xYFjZJzBwo9cSwYa9xUTGCxoXGBfvUzkyHEqA==&pload=61
Domain
517s61.reminews.com
URL
https://517s61.reminews.com/dannig/common-player-arrow/index.html?var=1541502&ymid=21120311239542a91363734c65b082f91ee5&rc=1&mrc=0&fsc=0&zoneid=1601571&tburl=https://play-vids.com/?geo=nl&proxy=true
Domain
kneeansweras.com
URL
https://kneeansweras.com/dupa.gif?z=1541502&var=1541501&pb=81f41098a74799f2ccd7c12d88e183a51638555794&psp=WbOFTamuScodDMMPUjk2KrjTXIViCXIAVY1uENJJ10WLJBeogLH6khjq3Pw9x9dKXK3LeU3R7q60Zwzi_64agH8fQSlAr7X3_fvMBtgCy-5bfobdT-bnfrlGW3Qhi9RCXLbNWB6BfuZrCur86UjHD4_BogpWaOI_TwVobFb2noSYXdJ4vjNWrMByRBvB38rIeE9hoGymmcIOKFO4tjDHfP1KYv-V4ae86SeRAottuPWoo2fvdXPs7kkmNNhDTr0rm29hMr899IJuIsifqg_MScG1XBoX_umXb2MRPp9kcQqDkFGTc1cQOvL67gSwou-zH5qtnoXsSSREiNK29wZo1RdA4CB_cIC1_pNGKXdYmsq45zWrvdTCDO6Erq_QHLxKsWyCkWrnsTD_OluANcXrBkrrs6t-q4piBhGvrRGi9MQrcyH4it-xhiMC76y5nVv7RvpTrJkTf8l4L6A2q0xjqHzwr_SJC_hrgtADYWREeYpwEhBJaG6peFY7l5E86cM7DWVdcSX4rZospdDzm7SJCNBmFp6n-3A18ucIPugycPVDFZsUtRgmtwap9_SKYtqJzs_wWDQpiEQp7Aalw2MgmHwuQCETuvuezXZ6tjVGN--BDaRTJ9XdYEGT6k9FkzHbMi8V_gZlSgu2HJfhITR8UlwF-0_TTOysgZwGPEuKf-FvSDNvjyOAGQ==&pload=45

Verdicts & Comments Add Verdict or Comment

6 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| onbeforexrselect function| reportError boolean| originAgentCluster object| scheduler string| options string| lary

4 Cookies

Domain/Path Name / Value
kneeansweras.com/ Name: UID
Value: 211203112251b0ce33de084847adad1467c7
kneeansweras.com/ Name: OXCCLK
Value: ABPemAAAAAAAAACA
kneeansweras.com/ Name: OXPCLK
Value: AAHg4AAAAAAAAACA
kneeansweras.com/ Name: ppucnt
Value: 128

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

123.selornews.com
517s61.reminews.com
kneeansweras.com
123.selornews.com
517s61.reminews.com
kneeansweras.com
109.206.162.83
45.133.44.3
45.133.44.4
0106cd817647380590425cfbc14b1c2ae0605de1a438b7861a8657d4acef3eab
018332852f96d8f4ab65abeb771ec7d6927e0cdb560d78739466f067a3a271ce
02b175e4455439aa3e09033a229ff2018737f038bae0b3f1f889089efed97f10
03474d6d6453879dd2379aaa4df51fe3ced46a67f700cbd26a6404802ea2eba1
040e4a2c25496f7d6c7d8d9eb6674ac451dc46378fa6c77109f74496b31cd255
0515ddd9185d263874e7b66bb6d521fcd63b857aac5fed51c08df98026dafe27
05d8033a45f321f8e845cb44b5b9a8ff2bb09758cb319d86c613fa1721b69e1b
061862fc4900e7c4eb66363d9d43d4c83b5d92c94b6e27903a82c0a806649ec4
08952dee625b5ed3852bee19d4d5d5cc3ebcf5509456f18de30545829f51ee7d
09106dcdf9b42eba6f0762c4d59b18e8f1348cb74da109963088e7f8b45a1d6e
09f2e8bcacee1a1081541805b996db535994d9a4f7b3af536e1a83cc47f8c543
0a5fca16a2480125e21f80d962b09a39a65d6cb52260ee7ab12d02ffe84d4f1c
0b1acc65c8e6f91f83ce23027c0a71bde90f3f2c57d97cace80c35b9fbfe3de8
0b31750cfa6351889a7f51591973eabde6b537fe3ec52c1fdad278c143bae6a3
0b5036812b9922e5cbdcaef555101ba2a684c67b01a46b5fb90f5046596d9a2f
0bd2f1eb7614100aad4c85b99ec06602f4b906b4bc091d95d373001c826cef60
0ed6d35beb13e76ecdc8894b826a33930872d7df4aa933cd3e755c0d4c9fbd1d
0fc81f05c8a93a189f332c69d2a561090008b7479cb94ce1bb0e9f704ba679a0
102ce07b5d1613eea1e88e22b103818def3423a877695f0807add7a6eae5ca48
11660de13b4c55d497bcce3185ac6e33ce888e734a708ae1b1cd2b8f9edc9c56
13a696a330a575e228ee0d055a14dba04681ce34d3e0537ad32119c62424efcf
14746bb66b5ea7bd9ef4a6cf1c97dc93e397a1bf7523d9ecdf0a9aae1d1e27b2
14a63ffbc14737b7a308d7a44bd1ded3223f20473f36ad71914df52d5e64b9b7
15798f614410af82da8504dede473c53dad053e1d167e2fba26c8e7379cf8113
1583c5d49b004f2a6ca67c4411322a77880ddc6a59dc6103e8fdd0f92871d8e2
1583c70e904ecdc873cc49d35538f5438752875e7f8a0edd4f7a5befd44d31f2
15d5d8bff295f732e62b2251ffc71de78580031132e4fce67f02f87fe2288892
17d1fa76c9af7a3cd9281260a732e218ac743834e38fb6f6f626231668d0b0ec
17d728aea104f56571e7bd1440be89c6b4bf7db96133df4c8576e8d595ff7ae4
1900eea86a21db5f578ab47351f41fc618a1d106d5baff4080dcc2441536e1a5
1cc3caedbabb43516cc3a274518248d1138c05daa251c8eefbdb6a37d1cedbf5
1d1348ba47a8feaf4a614c984a689e2b9a6555dd24451e8ad792cdd2a7447140
1d3441124f312e84f1953b6f26bfe1ee4193fdf1ad8b99ceb5a1d6bc0eb3d7ef
1e1f7e76232b079d69787995b86eb89c26bb439aa59f60fd638f267a2e55d309
1feef3d844e6304b58462fa10888842e2b2863b926c039c3ecdf9fd6c4b2b127
20393c6b7239025baa017b6c04151f5286ee96c9780f1e2f7bf37fa8c8b01bcd
23281c74ef9ee680bb6b7b9d2fb78b46eae8a416f2e6471efbdec977bd7527b5
23b1e96ecaa4f6a1b1f389b412720e27bfc93602189a5e0f9aa311875155f0b2
25288962b38c8ae81be25a81bc692a6a5b489fd5317b9d356b6dbc02e03674a1
26c0a800ab504253244db2f872346a15da707671ee162128d362913503859b4f
2747f581f3850a6a5b41a1d498129b807bb5605a92a6bee8272734422aea494c
27c289050e670e4daa036a97724cfbc1cbb944ed010587db25af8a6daf65a0fa
29900fdefd04c81a112b2ed7619ad82b3fdf41accf53ca40d4b0912333cfaa2b
2acd41ee7aa43d6f3b44fca46015395be5865d1461b31dac7e9fe2cab399808a
2b794d73945bb4be4d23894c4d3c62d6a849bbe8188d6f209c9a43fe85ef4625
2c60502aa33be57b7de1686757d1a02cb8462170ed233da335f82168253737f1
31ba58761ec6e70b2f57893b9cdc9a52c47a829c8221ef99cc4bc603aa6eff92
32f3cb9b76ba58a68a12dc6dc5721c08d25852d5e64d340d95eb356699228727
35fd4a5fcf78b4d6b11f69b3ea5080300641ff0837edd59381888777d7d2389a
36321a27294968352b28da19288a20a7ce3af70e955cc7da571ed2c1786f0a6a
37b00565b295c6764af5bb51b2e44cd3a983832e7a3954fb0a079901779d76aa
38ed0bd5162f1ad60e3d6b3418ed2930f9c84639514954cda29ab16b9b4ea952
39ed63454d035c017bd719719371daca4c03b4c4a00c279ce3c6393093df58d4
3b3ac9bb18b8558d93b4478e08f659c0fad65ea2b476d8ac8220e690dd061864
3bd1a19d87e29dbd811441e94e8ad17ca4c7576f806e6cf75225c0487b7c497b
3c393f06d6b87bf6136cc933ac7c43698d2055e6afe846cf30ef07e79e101e74
3d2bdb7eeb79c2948c75f13524024bbb1148e65d232fb97d1ab408b90cabe7ae
3de88f3ca75a41e23999ba58e994a2462a8cde8e562d1bbe982374899d1652a7
3df9ae5f9c70f9820a57ae78b10d1fb806c1c9d2e176231cd504f635bb3f7f8b
427cdb5c03b335e9b177719bc371718fb7a85ea1c58f65e8fec1d2ac60f70314
436d5c9a42faf3719d7117610fcda3c8a6455ac56dc7861899f1ca31a57e8b76
43e09e9dd764eb2579290898ad540fbf6cf12d18b78406cac4cc2b9d77aa469e
43f4736f5b9cc3f330e5959829b41ad801ca2ee9e255ccacf94de39362a08a39
448184115f3eb23819e82ce54bdc124c48550eb3373a3f256f2a9e89bae59c80
453e60081f2ea28d0faf48392687b781ebe9443f6c9f6dbff680bb0b240b3e90
45d721b6cf878e54c17e44b7035ae711d8b7b16937bc0139084101ba6927b6da
472c572a1d7685eb5b9a86d57e88166005b6aaea563011b40de7c95670e7dd9a
4761978f4f4a11ef7947bd9bb98111ea725c2e351d9fe6dc76ffd66615599682
47cf66e8640e958ddb5085430ff0e7685c0d3cb5626592b5505baaa471b107ea
47d48ce0f0384c180fdbe85918580cd03b3b9545f2888b95fac2fdaa9742a926
4a1ceac486e6291b49cc5396c88261f453c1e7ce0546fbb2317a486142058d00
4b920b605b447309d74e9bb03b62c9538f302d454844473bb9d389c341534c70
4ca1f7c3f9f63f27606536d60878d272fede9c9106695fc2f89c9cec23ae7eed
4ca23aaa068be59fbeb5d37871a5bcefc9ff1197cff51f18a914b1f784d4a001
4cae06c28e92a7c593661c838d0b94e476c476ea614b8e58d01cf77b71e6f4a0
4d23eca65ee87fd5bce9aaefc863c5f836ad13dbb3069c72533bddfe2054d0d9
4d2a51a771888c61ff25172d8877b9b9432554cfd6156cce110e41d6a0dc5143
4fb8ef64d9aae371018b2e1e70d40bd8baae340c065a9cfb286ddf23d3ee0d41
4fbb54ed253147677d160e1f77a89e12cd617cd08fe26e1963fd5d375ec25748
5196b1933721cce5e9e8f31a2d479516ed9251133603bf866944cb25935b8e2f
52730be11b7b7013d632379714fa7f57d6dab58d992449fbdc55902c0f6ba45d
54633c5237e67dd86ca61e49663944f035527b016cdaa8452e4724c39534d826
557a927b87b9f0554524d74350c53258a15c56a75a9cb4dfe0c3a2a9cd7b6d5a
55858491783644434e31df917480b464e9b686dc76cc3469e14d28ca1622312b
55c8f4d23add517b6259f78794df7da2943cf93695607f020a42f9e6718410bd
5743d98591cd36a67e463bd631161125baf9ea92f783c35eb01ad53db36e4110
5aa1be9b8ca4ce78a16056135bb376cdb75e85044b16cc54ed4ad3f540fcb5f2
5acd67c3a766188c22c6ad42948285d6044910cdaf50e8cb9a4b9a0572555610
5b6f72885150bd99fdd9c7685e5f44109a6e7a868109e696a99ea863cfedaea8
5bb431dd6225028b5afa8371a0cd24aca0a65b8d08e6b2a5fbedf6fce166f7c4
5c62f468cb101044e88b66c81e8345ad68dfa96b65dc3d5d55fb83d8c7b9bd9b
5f1f5efdecee16e98f14c9b3710dbe3471586577f33e8539b0425103117e0cfd
609973fd902ffe90ae0f5fd395c233555b3072034e0949b8ddc08063015abbe2
60c48027b4a04276671710a5e90e2a1b93846bc472ae584e4e5d118b59385528
6162b10d975eace60a53460216194dd5dca9240ac4869a724d50cd4d6de293ab
636a86bb4abea1a06173cd5f619af48e9cc05012a2baf66feebb030d48d920d2
637aa4e2fecbfba8faa58c3c7ae57d0e329cafb95e77f9475dad26828524b5b5
63cbb8a6fca6722bd9646ca2d68711d663c8881262c9caf0354edd13045b7486
658285564b1c397834e7c7e73d74146fba137ea8549a9f3c7374031029971586
65c61534c3b1597c82e18a1a58aa758203770b14acf043f813e730b3c86b2c2b
6702bfec76998a1942311d59413ceb63e6c3a7857b7c7c081ddb34ef74bcd41c
69d26333fe4622b44d7c3fbcdbe8586b9465f0f3f7c89e41155361c2d6b42c42
6a25d5770fb6fbfce87deb89676645239022411be8da0d9eb706000d4e15a7ee
6a9b811a8093164905e358bc20c80f3a30bdfd963d7fbf1ddc1dc92accf36c05
6b31e475c5c28a0c9ec5242a6e0e0d500393f7b1d1708b30e4ddebd848b5757b
6b6adc79b6fde8079e1e7c2e883331892fcbbc8d845f045b24566f72521cf4df
6c05d518a636013df1739368be5a3a73d8aa4f93f793cb6903f3377c583b5784
6ff2516698afec7c6d7737de8af60ceaacf609c53fd550ee6a467e35fdcc89b1
7038395ad3f1aba1d667480f6d1cc6b562e30995e6e11007643e10acbaebdebe
72bbba23934625cadb8c8f02bc61fd979324bcad7d80a6189ec99b51e8be6d9a
74b51681b0bd384c36e628a4cc27ef17a83d3d45824da58f95729148d4bfce2f
75b11984fc11cac41d5eb46218098511108adb3cc94685989dc08e8072e1bd54
75e1bf6a6c35756b30996f58d8b5cff9f6ba81b0dbc28cf7126b61496d99a270
77c2e2d2a9dda44f879e75745845b9bff7263b25825252a81c6c718d9807c52b
7c3a968904f56ad5926cc74e91e56ee580a5dd46aa358e8e87688b83ae421024
7d44b27c3f793c246e47967b5ce25f2018f23d2c62db2c1e092bb8fd8573bda5
812dd7afcb519af21fd40e2cb37490357b1b68ff730b50a010f6f8e4397d64f5
83c7c2b8bc5798d3352116a8ec5ed2dbf4af836fd6cf1e5c1db20fb041edea75
84fda3591ce3535347275324855e558a869f3959b4a77094e4b4496105a4fff5
85a367f436675a0f9ff723ab117c68ab0f704cd9f183bc40c8d5e06d647832b8
8631fa7d25458e17937010ede0676e796c9e888c08edf63842ff6a27f814bb2c
870920c2b4d77ff6091980856a117520fd65a99ffa14d5f12d29f01da2f94bb3
884b2ea1fbc525ee2aa15ba1e736b774e482e40ed450d44127f4762b3727e57d
8854f8cf3ff8479e7ee16746156c682ca2f30fe0ff1e117d1dd40746671bb06b
88e59d0c572e340518eb4241f6c0eb7970931aa19ab52899f12a2fc516c0accd
8917efcd47a150df42d8b8e6991879d55c5f3c9e0bf494038a860aa1a6ed92ed
895ad9eeb3ee88938b6225901a804f9644a250cac3177e136cefc117570dbdcd
8b106c804fd68707f45fc6fb6d633f90516528b519a0b030ccbfb191f964111e
8b5174279b43e8e10f414602674406b1925564696fa38f0e87319f9f92fb6548
8b54e53ce266f39bf0eeeaccdcf87607950e0fa33aabeeebb3be6f5e3b2b065d
8bf8ee3de7244e0f141e873fed606b7541e7e5d35c89041d9fc4305b016e2a12
8d15f4b87bad03068a4d2b20fdc34232882dd0a2bbf16b8ca143985441723217
8e7e967e9d3cca11b0b43292ebe7ac5cbc410968d0caff7559d950ff801d0cf7
8eaa4db70f09cc7ed33b80ad6967512972eefd106903bbdd4738849ab24ce068
8ed801dec0b5c14538364ea76670d877b4643abf3fc666c529154581b96014ff
8fa6a6fe5109d317786fc5ff4916914a1d79c70916ef5374cd14cd77b93e0c6e
90bfac81f1fa297e3e66bf89ae94a475d7585e77a241ba21700a43fae0f5fdb7
9219323db8757aefacb3f274eb5755b9c2b17a8c11c8e53583d7f9cd7330baa0
94a156ffce3adfa73b272a3b8c6eb83760ddfaa3ed147bb6ee2a460ffff9817b
94c2421b8884b27714a0d04bf179a972421ea4bfc9b519f7310db8ffb131a3f5
96a6a64f551403f9a778584cf7aa4e85e3a95a730488dffbdc3cbb18717a06ec
9732430a2854bd8f93e79011b835deecad59c940f36d1139f41012a3eb5d7f69
97e4ad9e7baabf0dc9d96d7eec2c90e6f4b51abae6716cfbe1502a08763ca42a
989bae77e2c85fce46421eca94baec5dbfab2b5464577058e41c5ffe2463936d
993d90465a68e961990256189305e6b92a7044ee39deed135a7d4bffd4aedbe4
99919612925853518e3ef11296a8cc4c1dcf411d89c405362f018e329cbea8d3
9a69019e12892808a6f8923db8c9597807ac4032d737e17ce4366b1c78ad3032
9aafa208cc3602be9592d1c645034755cf34c4ed7622890db710c0775ae07a32
9accaebb1b1ea76a74fdcabb1a6b557b692ba319430ea6b932c6318fa0b6168e
9bbee820dce726370817824285a482bfe0f0172defd1a37d6d3eeb6f301ea94a
9bd3fcb580a8f0b1515c85f891f93114946f1a0bbdde9c641b3d01e995d69343
9befb55beafa21949f68ee9c2b112a0a4f6e87ba2085b451e1bd16763725f31b
9d9b7105cfbd3e31532a87405d46740aabfef3f3e0bcd72c7c235def6f9d8e09
9d9cf1f5655437ef1919abf7f5ac0043296da443e7e5faa9f69f931ffbe728fe
9e6ddcb09e9ac3f172ec5a13e9022db191f31f620fd291a16091ad62c37f4445
9ed2a76ced20941f16df65060f6b3256f23886f6dabdc27c3deaa3f66ad42f8d
a0de622a64271c02e653210b6c6ab0e52c3f8727ddf39314f13f0572873db5cf
a1c1ae22ce58f89684ebcd88a2fda6257be49abf7a2d5d0cff2ce7beea31c671
a207080e84b4f5b6a624e27d7f230cc95138109f1f517ca41dd1816495e0c502
a28e10884956d7a1aa85ec9e4a752cf64c3fb8bb85f5d43c102ced66167a6d9b
a39957222dd9358aae175c5391975f3ee19d3b2bed7d41cd3a993ec3dee0f4d5
a39a5ac17a55a09d37c05ba7c99d1ca93a672654384a57df10da88aa78cf9e24
a66c198ed1a475b9a0167125f3c5fe4206aac8af2fd9d3156a008d4af8f8977d
a896aa974a3d80e36bc8b633903a612dfceeae3b62702d5d374e471994222a36
a8c115e5270edafae5cfd2dc4375fb3e088ddf70428e62702c921bbe24234f55
a8ccd91d65cd504cc4395fb0736b33b76219459befc31ea848162bcfe7cadfa0
a979cb27d7e3434906e61947bd543718e7da03f24df8b469d56808a8570b4a1b
a9ff88c96abf1a622e804bbecb59c4a5507b7f8c68ec8248ff27781cc12060ac
aaa81b849c80a4d452186c585b7e4e3a3d2a181c7fcc3dc0893ea08ddb08dc7c
aafd531301cb58ef73483d57dcf6d6dbc2f3d728abb3c4a0fa7b3a617265aefe
ac4b1bed15eacc9db0890d119d6e4af92c78469ed46a0f0d5965a42c7dff1ec6
ac57fa2ed228279df33e6f3dd29d69edc9e343ef219046390b46753a142b67a0
acfc0aedcf699b4c4c78893b0da27d16fab585a6fb295a8aabc4a4e7a1a6adbc
af17fc2c613f8903859d252e13bf2d04b2f2c5823dc8f63397e0bb24efd53974
af54b8638904fcc1ce41426153ee2d53b4468b04d9687d4bfa16be59b1bf73c0
b1805abc562c355089fc8eed72595fe8e8844cce79966c01cf067cb3a612b09c
b1969a167b7b9661deea7e21866115a11753ab1d891e8704279e2040c775fb1f
b2517027df4410eacff50b78a5986a5ea2ea7bf815000efc6857523668b498b0
b26f9a02df697b328cfe3535a077b49fc3c7b1c5be51661e2049209ad8828844
b370de49b431a14d5b2d8678683089520053459996ec4f2cb4719bab1446efa5
b3b93fed9ff0848c6b948b6101630973df416e8277a06e0345db1146dadd1234
b6b5155f408fe2eec2a544ec0d0d758ffdfa1418a954900e8e8e9ef006312911
b6f4a9c7b72ec1eae73e7315fcddddac88d3e290c8f7eb894439b438800be640
b9bda3c90da6f20277017e4df04ba354e2ea99112fb6803b12c9cd83cd3ea7e3
bb2820d1d3ab0f9a369c90c4a3ce6c7d3823d2e1f65c092df0a17316cc49a435
bc27d170db92abfc34f7a2b4e52f02fa13182f5d65854a6dc416bb7a09583103
bd3468114b49889f85003b52b024c6aa4218a2f84072205a2b8e15b1105c7c30
bea2e9bc8bc2ba2ecd5217a27e6bfe0cbcd267513b0db209054209fbf14777cb
bf4138ac37e3271acc4718aac283cfce433cc14fefa508ff633e313e47ffa960
c038638340ac0c51168244e25fa20858560d2dd30765eaae8c93f0f36bb2313b
c0d497bcd5d6d920c5b5a858479639c8e23a9480306c73bd87286505f56844cb
c39cc138bad6050e2fe9e957637f1ff84a8181966e0eeb2094452ed5123cdd45
c5529298266d4fd7809c5b9577c6df76bd3e6f25ffead25254c3045dfa175387
c679eb5b4d384d45e6ad8b8f0a242bf0f3e9d2984f6206c3561e5df06a7d50b0
c79e419c1b9aeace88d62b986e066330f2d432b152f923387e077920742c805e
c7da677ce5a1593fdb4492869be2df7be69cea1150aa5b09c6b8bb158200e6fc
c978545842e45b2113cd0a390879d07930e82cddf2949e39ab0a4685fe58a5e5
c9bc7a89875d652393ee51e61c781d82bb8bc180ebbac6c2d8bcf84dac477b63
cabf24d4b51e5370bdba9b19a02d26a42cb93b4da8ba37daf0dc792ba643c9b8
cba23bdae04c712062b1f7aea5561f4dc16f5b5697470511884323397f906fd1
cbf67d92819fa6cb40556e421fc1f63ba28b01b34aaab28f055056b15dc7248d
cc712ec54c0f97ac1ff152febf2a77c1e86c5cded5a8c6d38ebffb84f7aaf375
cc888b463063712310518e2c971ce4ae2bf4181b77776f74b4a6bbfedac48e05
cd81858463b51aad32703cd3e919d128fcba2b21e5e70ef5970b7914aea49c13
cdc2a553917935223a3c75f8aa81b76598c30c6ff1adee8d9fc1054bd9e2b438
cea21ce8d72923ab8bc796069ddbdd0b7e01573cbbd5c273af38aa950cbbe2ed
cf17380b6f3e6473de3b8cf633f9dba58e91bfe56b2c9e0eb9a3012995373190
cf41fcd26618ad1269370b523ae535bf7930609770c0c27b74f8cfcef79435be
d1df533bd2c3121fb22e7358f4537040d68ac3a14ed647ba59f7d0f41d90dfba
d2a8140fe4976011624521468b3cb4a3c9367cc0a89e04163b04da13c577ffc0
d2dd667422bca6a656cd750b9673922c0cc6fae50714626a29782cd3e7ddbab0
d32cf89a0337289bf7516177d7f8a92899389d5c4c07922cfd4eed23336a3c28
d49e82412d5038e6ef00785cb36c540dbafbc2d0fcb49efac55dae0059b1e5f6
d54bbc1d34faa28261cf8f866d99d71385901754208736e60248e69321790fd2
d555018e666ba6124f5a5bbf20311cf02d735dd416d5b2f36b5c6a95c97c81bd
d5cc8fa84ba48413683baa44c7fba3b4f4c45074b34fc53f258d62bea7845101
d69738e40b6dc84fe1d2ad6e6b01bdddc147e219e012e6f7c42f25fdca2a2a8d
d84c7caad8eb4b1fdec227ed34b779ff4d2e09e7fedbc19e1bf9ad0f57f2f37f
d84db2a1a897f7b7a3972fb59e2f5e11912f6b08c63a44a0024213aa766c851e
d8701aac87c85c2c80714ede9b0d938b9c17fe6794a18aeacd9201cdf44c9093
db43f78ccf48f7f6a8c999b25b07ea0ec22c009b5083c9b50acb9e75bac892ef
dc1bb7bd52b5bfbc58babef90b69439c5399cb4963c91d28601d9bcc4986664c
dc4833f549caf025214d022b93c5dc73d75baf1e20344138f138b528e766bdfa
dccc56b4834577790633f041a5c730b0f283352e63c8509a9da3961b170b6f96
dd5943c59008f797d4a592dd086fdf0631d48ff21959334a7d15f94230c84745
ddc5759a5ea82e3741d2fc6872f9ffd4b879f1073839eeb0b63efefd447fe182
ddc5a42e5bdb324edea4fa71d431c922ea8313e8cb5fc63c2eb3fc69e9bf8c7d
df03b665848d9cb17f71ac3d0a9530e6359b5697be4276eb4000d18dce1d551b
e03a98e85690fac9c356864298fcebceaed1527948b5abd66b103ed9d39ae416
e1020d2affddda01f74e42b56c7c384cb973b90a9b6d40b5c6136d1f8d666ae7
e3ae9adbb60bc1549eb189fd9d770fa96889360a1e7800aaa9b27a1b68d1315e
e44fd880af2d116dc43734c9e7d76247de3ea9ee0b6fe34125d35c56090666e7
e5aec76555216ec22836d70a3dff9cc869640377c68cb38a44d092d61b5b680d
e65cb735ccdc86225712161e932cde15bd7d5e63780bc442b1e497983d32f41b
e684bfbc46ef19a1f2a43cc10b799ab6d641843f4ad023318c611045483416e3
e743ae05ad4781043893c3c3c895aa5afc81a900d4594b4e17c999aa20f9745b
e8ab2b9d173566d5a9d82d6f646379dcdfb689b699332f41ca0b4b24ac077a7d
eb011c6a2f1ab0519e3275a124fa3fe825f14971af472277111cdbb8f133cb52
eb8d2f793d7cccd3713173a71ae88258d67088a2a603e377158802588d64b1f2
eb90a87f44bf953d1515f4a7c3c8970aa57b3e86d83f2a406cc65a68f9d5bc0a
ec85ee78f861d18efb2113eef83f79664fe7279a66071e51effdd17dae37650a
ed0829a54e4895642801840f1841b11720e61e6dffe11395c3bc8906cbf78ba7
f012a36abab799c5d01ec9b86254ab61e7940feccd545c76f0da333c15855ebf
f07a40bddebf9cfb2241b61e94fb61a812b0419c24bfcdddb77429016f6cc268
f1c3bc896a0513990ba213670d1a48f467db7931587a00dc2f6b7e7a570d82fe
f31c4410a219fa581d0ca4a220bb898bf0956bfe04b6865f393be06c24f90fdd
f383b2ad17ccb6377a742714df79da952c5d4ce761ca740bb8dfa483324b7173
f3b0cddaf385c1b611dad07c821770504dacf5497bd700ddfac98f0e563ab026
f460be9dcfb0848ef9fdc018b36d8537045d8d6a73b737364bd49fc848b6e96d
f501bbc38122b0ee39393b3976c336d3d19fefef0498989f3da1aebe449b1c6f
f53721deb441c0c8de5eff088652559428aac418444b9be125c1d279b68c0534
f763309eb3e31dda681edd3a6336d57d187f8aef9b4917e9d90cacdc41203f79
f875c1121dddb5345e2780561390c4bfe5795bab7d951f00c2c17e0377e2f7b5
fa469ceafb8c27fcf7c7245d972e7d477dd0c07d1faed75aa78fb82f51cd368b
faf7a3ed3fc9a334d8817cb6a3de470d5aea2e0546cf0d822e95a201dbfd728e
fc0accd33acde38f42da9bfad34920b836243923af116b65fc0d56e7c984eb8e
fde6ef876308daaaa20916e5573475c1616985a8de41d1096c060f3ca3bccea2
fef9e63ff0633417e99ac3747bf1186a46581880faaeb8a2e271aedf63dca05e