2157.gofenews.com Open in urlscan Pro
45.133.44.20  Public Scan

0 Outgoing links

These are links going to different origins than the main page.

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

1. https://54f10.gofenews.com/dannig/tube-player/index.html Page URL
2. https://0884.gofenews.com/tube-player/index.html?var=null&ymid=null&rc=1&mrc=0&fsc=0&zoneid=1781099&tburl=null&tbz=1762378&tag=0&swd=2xs4eumlc.com Page URL
3. https://2157.gofenews.com/tube-player/index.html?var=null&ymid=null&rc=2&mrc=0&fsc=0&zoneid=1781099&tburl=null&tbz=1762378&tag=0&swd=2xs4eumlc.com Page URL

---

Redirected requests

There were HTTP redirect chains for the following requests:

29 HTTP transactions Everything HTML Script AJAX CSS Image Expand all
0 data transactions

Method Protocol	Status	Resource Path	Size x-fer	Time Latency	Type MIME-Type	IP Location
GET H2	200	index.html Show response 54f10.gofenews.com/dannig/tube-player/	15 KB 16 KB	110ms 22ms	Document text/html	45.133.44.20 ADVANCEDHOSTERS-AS
General Check archive.org Show headers Download Go to Full URL https://54f10.gofenews.com/dannig/tube-player/index.html Protocol H2 Security TLS 1.3, , AES_256_GCM Server 45.133.44.20 Philadelphia, United States, ASN39572 (ADVANCEDHOSTERS-AS, NL), Reverse DNS Software nginx/1.24.0 / Resource Hash c9722915663a5626b778f60255e108338e0af09f0e6edc4307b3326e3fd14324 Request headers Accept-Language de-DE,de;q=0.9;q=0.9 Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36 Response headers accept-ranges bytes access-control-allow-headers Content-Type,X-Requested-With,X-Auth-Token,X-Openstack-Request-Id,X-Container-Meta-type,X-Container-Meta-Temp-URL-Key,Authorization access-control-allow-methods HEAD,GET,POST,PUT,PATCH,DELETE,OPTIONS access-control-allow-origin * access-control-expose-headers X-Container-Meta-Temp-Url-Key,X-Container-Bytes-Used,Last-Modified,X-Timestamp cache-control max-age=172800 content-length 15560 content-type text/html; charset=utf-8 date Sun, 28 Apr 2024 17:01:52 GMT etag bb086daba9d1e4ca87a17306cb066be3 expires Tue, 30 Apr 2024 17:01:52 GMT last-modified Wed, 22 Dec 2021 16:48:34 GMT server nginx/1.24.0 vary Accept-Encoding x-openstack-request-id tx5717ded8f3ea49579723e-0066221657 x-proxy-cache HIT x-timestamp 1640191713.77961 x-trans-id tx5717ded8f3ea49579723e-0066221657
GET H2	200	script.js Show response 2818.selornews.com/	8 KB 9 KB	86ms 24ms	Script application/javascript	45.133.44.20 ADVANCEDHOSTERS-AS
General Check archive.org Show headers Download Go to Full URL https://2818.selornews.com/script.js?slug=tube-player Requested by Host: 54f10.gofenews.com URL: https://54f10.gofenews.com/dannig/tube-player/index.html Protocol H2 Security TLS 1.3, , AES_256_GCM Server 45.133.44.20 Philadelphia, United States, ASN39572 (ADVANCEDHOSTERS-AS, NL), Reverse DNS Software nginx/1.24.0 / Resource Hash 384a69bf79962bc6a05496750e610be69633ddbb81d1c4015f11bffd1a37b332 Request headers Accept-Language de-DE,de;q=0.9;q=0.9 Referer https://54f10.gofenews.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36 Response headers expires Tue, 30 Apr 2024 17:01:52 GMT date Sun, 28 Apr 2024 17:01:52 GMT x-openstack-request-id txc43adb17fdb04255baba0-0066220914 content-length 8132 x-trans-id txc43adb17fdb04255baba0-0066220914 last-modified Wed, 27 Mar 2024 09:12:11 GMT server nginx/1.24.0 etag 368b6c073cb19a8c0e1fbfc118b9d694 vary Accept-Encoding access-control-allow-methods HEAD,GET,POST,PUT,PATCH,DELETE,OPTIONS content-type application/javascript; charset=utf-8 access-control-allow-origin * x-timestamp 1711530730.51091 access-control-expose-headers X-Container-Meta-Temp-Url-Key,X-Container-Bytes-Used,Last-Modified,X-Timestamp cache-control max-age=172800 accept-ranges bytes access-control-allow-headers Content-Type,X-Requested-With,X-Auth-Token,X-Openstack-Request-Id,X-Container-Meta-type,X-Container-Meta-Temp-URL-Key,Authorization x-proxy-cache HIT
GET H2	200	skip-button.webp 321.selornews.com/dannig/tube-player/img/	5 KB 6 KB	113ms 24ms	Image image/webp	45.133.44.20 ADVANCEDHOSTERS-AS
General Check archive.org Show headers Download Go to Show image Full URL https://321.selornews.com/dannig/tube-player/img/skip-button.webp Requested by Host: 54f10.gofenews.com URL: https://54f10.gofenews.com/dannig/tube-player/index.html Protocol H2 Security TLS 1.3, , AES_256_GCM Server 45.133.44.20 Philadelphia, United States, ASN39572 (ADVANCEDHOSTERS-AS, NL), Reverse DNS Software nginx/1.24.0 / Resource Hash 4d1449898da756c5bff9e9696a2c71ea1ab9e6e96c5dfec29885a63ac237eb3b Request headers Accept-Language de-DE,de;q=0.9;q=0.9 Referer User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36 Response headers expires Tue, 30 Apr 2024 17:01:52 GMT date Sun, 28 Apr 2024 17:01:52 GMT x-openstack-request-id txf99c61527e974564b4b91-00662229e9 content-length 5006 x-trans-id txf99c61527e974564b4b91-00662229e9 last-modified Mon, 21 Dec 2020 08:44:23 GMT server nginx/1.24.0 etag da2dc41d023f4fcc89675351f9117c3d vary Accept-Encoding access-control-allow-methods HEAD,GET,POST,PUT,PATCH,DELETE,OPTIONS content-type image/webp access-control-allow-origin * x-timestamp 1608540262.03735 access-control-expose-headers X-Container-Meta-Temp-Url-Key,X-Container-Bytes-Used,Last-Modified,X-Timestamp cache-control max-age=172800 accept-ranges bytes access-control-allow-headers Content-Type,X-Requested-With,X-Auth-Token,X-Openstack-Request-Id,X-Container-Meta-type,X-Container-Meta-Temp-URL-Key,Authorization x-proxy-cache HIT
GET H2	200	lib.js Show response 2xs4eumlc.com/pn21ywqw/z/sc/scssx/1781099/	28 KB 11 KB	122ms 36ms	Script text/javascript	212.117.190.201 SERVERS-COM
General Check archive.org Show headers Download Go to Full URL https://2xs4eumlc.com/pn21ywqw/z/sc/scssx/1781099/lib.js?ymid=null&var=null&tag=0 Requested by Host: 2818.selornews.com URL: https://2818.selornews.com/script.js?slug=tube-player Protocol H2 Security TLS 1.3, , AES_128_GCM Server 212.117.190.201 Luxembourg, Luxembourg, ASN7979 (SERVERS-COM, US), Reverse DNS Software nginx / Resource Hash 341047ce95201d63b60b891aacd730b490ff44a9df75cd24b44807fb3667b90f Request headers Accept-Language de-DE,de;q=0.9;q=0.9 Referer User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36 Response headers date Sun, 28 Apr 2024 17:01:53 GMT content-encoding gzip server nginx accept-ch sec-ch-ua-wow64,sec-ch-ua-full-version-list,sec-ch-ua,sec-ch-ua-platform,sec-ch-ua-mobile,sec-ch-ua-full-version,sec-ch-ua-platform-version,sec-ch-ua-arch,sec-ch-ua-bitness,sec-ch-ua-model,sec-ch-width,sec-ch-viewport-width,sec-ch-viewport-height,sec-ch-dpr,sec-ch-device-memory,sec-ch-rtt,sec-ch-prefers-color-scheme,sec-ch-prefers-reduced-motion,sec-ch-prefers-reduced-transparency,sec-ch-prefers-contrast,sec-ch-forced-colors,sec-ch-prefers-reduced-data vary Accept-Encoding content-type text/javascript; charset=utf-8 x-route-id script timing-allow-origin *
GET H2	200	tag.min.js Show response forlumineoner.com/pfe/current/	14 KB 6 KB	126ms 37ms	Script application/javascript	139.45.197.229 RETN-AS
General Check archive.org Show headers Download Go to Full URL https://forlumineoner.com/pfe/current/tag.min.js?pub=1&z=1781101&var=null|null|1781099 Requested by Host: 2xs4eumlc.com URL: https://2xs4eumlc.com/pn21ywqw/z/sc/scssx/1781099/lib.js?ymid=null&var=null&tag=0 Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 139.45.197.229 , United Kingdom, ASN9002 (RETN-AS, GB), Reverse DNS Software nginx / Resource Hash 7d8e97e9586d3f04c4a2a703692378868e49120c6159d079ae7ed1eca2ca2b5c Request headers Accept-Language de-DE,de;q=0.9;q=0.9 Referer User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36 Response headers pragma no-cache date Sun, 28 Apr 2024 17:01:53 GMT content-encoding gzip last-modified Thu, 25 Apr 2024 10:48:48 GMT server nginx etag W/"662a3510-3914" content-type application/javascript cache-control no-cache access-control-allow-credentials true
GET H2	200	universal.min.js Show response forlumineoner.com/pfe/current/	88 KB 33 KB	141ms 47ms	Fetch application/javascript	139.45.197.229 RETN-AS
General Check archive.org Show headers Download Go to Full URL https://forlumineoner.com/pfe/current/universal.min.js?v=3.1.504 Requested by Host: forlumineoner.com URL: https://forlumineoner.com/pfe/current/tag.min.js?pub=1&z=1781101&var=null|null|1781099 Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 139.45.197.229 , United Kingdom, ASN9002 (RETN-AS, GB), Reverse DNS Software nginx / Resource Hash 66f95b5eb4bf3dc3a13643e3e6776b18a2b15e0b881328e2ee012c73e679ad00 Request headers Accept-Language de-DE,de;q=0.9;q=0.9 Referer User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36 Response headers pragma no-cache date Sun, 28 Apr 2024 17:01:53 GMT content-encoding gzip last-modified Thu, 25 Apr 2024 10:48:48 GMT server nginx etag W/"662a3510-15efa" content-type application/javascript access-control-allow-origin https://54f10.gofenews.com cache-control no-cache access-control-allow-credentials true
GET H2	200	zone Show response forlumineoner.com/	866 B 1 KB	46ms 46ms	Fetch application/json	139.45.197.229 RETN-AS
General Check archive.org Show headers Download Go to Full URL https://forlumineoner.com/zone?pub=1&zone_id=1781101&is_mobile=false&domain=54f10.gofenews.com&var=null%7Cnull%7C1781099&ymid=&var_3=&tg=0&sw=3.1.504&ch=eyJhcmNoaXRlY3R1cmUiOiIiLCJiaXRuZXNzIjoiIiwiYnJhbmRzIjpbXSwiZnVsbFZlcnNpb25MaXN0IjpbXSwibW9iaWxlIjpmYWxzZSwibW9kZWwiOiIiLCJwbGF0Zm9ybSI6IiIsInBsYXRmb3JtVmVyc2lvbiI6IiIsIndvdzY0IjpmYWxzZX0= Requested by Host: forlumineoner.com URL: https://forlumineoner.com/pfe/current/tag.min.js?pub=1&z=1781101&var=null|null|1781099 Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 139.45.197.229 , United Kingdom, ASN9002 (RETN-AS, GB), Reverse DNS Software nginx / Resource Hash 31bdc014f4b7f9a6cc24cc973e02b3b6343e2615215d83e2a30ce56a788c582d Security Headers Name Value Strict-Transport-Security max-age=1 X-Content-Type-Options nosniff Request headers Accept-Language de-DE,de;q=0.9;q=0.9 Referer User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36 Response headers x-trace-id e4bf72b8d72495a0a22d4278cfc4813f date Sun, 28 Apr 2024 17:01:53 GMT strict-transport-security max-age=1 x-content-type-options nosniff server nginx accept-ch Sec-CH-UA, Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Mobile, Sec-CH-UA-Model content-type application/json; charset=utf-8 access-control-allow-origin https://54f10.gofenews.com access-control-allow-credentials true access-control-allow-headers Origin, X-Requested-With, X-Oaid, Content-Type, Accept content-length 866
OPTIONS H2	200	custom forlumineoner.com/	0 0	46ms 46ms	Preflight text/plain	139.45.197.229 RETN-AS
General Check archive.org Show headers Download Go to Full URL https://forlumineoner.com/custom Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 139.45.197.229 , United Kingdom, ASN9002 (RETN-AS, GB), Reverse DNS Software nginx / Resource Hash Request headers Accept */* Access-Control-Request-Headers content-type Access-Control-Request-Method POST Origin https://54f10.gofenews.com Sec-Fetch-Mode cors User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36 Response headers access-control-allow-credentials true access-control-allow-headers DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Authorization-Token,X-Oaid access-control-allow-methods GET, POST, OPTIONS access-control-allow-origin https://54f10.gofenews.com access-control-max-age 86400 content-length 0 content-type text/plain; charset=utf-8 date Sun, 28 Apr 2024 17:01:53 GMT server nginx
OPTIONS H2	200	custom forlumineoner.com/	0 0	46ms 46ms	Preflight text/plain	139.45.197.229 RETN-AS
General Check archive.org Show headers Download Go to Full URL https://forlumineoner.com/custom Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 139.45.197.229 , United Kingdom, ASN9002 (RETN-AS, GB), Reverse DNS Software nginx / Resource Hash Request headers Accept */* Access-Control-Request-Headers content-type Access-Control-Request-Method POST Origin https://54f10.gofenews.com Sec-Fetch-Mode cors User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36 Response headers access-control-allow-credentials true access-control-allow-headers DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Authorization-Token,X-Oaid access-control-allow-methods GET, POST, OPTIONS access-control-allow-origin https://54f10.gofenews.com access-control-max-age 86400 content-length 0 content-type text/plain; charset=utf-8 date Sun, 28 Apr 2024 17:01:53 GMT server nginx
POST H2	200	custom Show response forlumineoner.com/	39 B 443 B	38ms 37ms	Fetch application/json	139.45.197.229 RETN-AS
General Check archive.org Show headers Download Go to Full URL https://forlumineoner.com/custom Requested by Host: 54f10.gofenews.com URL: https://54f10.gofenews.com/dannig/tube-player/index.html Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 139.45.197.229 , United Kingdom, ASN9002 (RETN-AS, GB), Reverse DNS Software nginx / Resource Hash ff752c1c79bb2c0347c5a8b7f069fa2772047324dbbadf77d21cec4b26ee3881 Security Headers Name Value Strict-Transport-Security max-age=1 X-Content-Type-Options nosniff Request headers Referer Accept-Language de-DE,de;q=0.9;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36 Content-Type application/json Response headers x-trace-id eed889587cd804fb4a9645924a216411 date Sun, 28 Apr 2024 17:01:53 GMT strict-transport-security max-age=1 x-content-type-options nosniff server nginx accept-ch Sec-CH-UA, Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Mobile, Sec-CH-UA-Model content-type application/json; charset=utf-8 access-control-allow-origin https://54f10.gofenews.com access-control-allow-credentials true access-control-allow-headers Origin, X-Requested-With, X-Oaid, Content-Type, Accept content-length 39
POST H2	200	custom Show response forlumineoner.com/	39 B 442 B	39ms 39ms	Fetch application/json	139.45.197.229 RETN-AS
General Check archive.org Show headers Download Go to Full URL https://forlumineoner.com/custom Requested by Host: 54f10.gofenews.com URL: https://54f10.gofenews.com/dannig/tube-player/index.html Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 139.45.197.229 , United Kingdom, ASN9002 (RETN-AS, GB), Reverse DNS Software nginx / Resource Hash ff752c1c79bb2c0347c5a8b7f069fa2772047324dbbadf77d21cec4b26ee3881 Security Headers Name Value Strict-Transport-Security max-age=1 X-Content-Type-Options nosniff Request headers Referer Accept-Language de-DE,de;q=0.9;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36 Content-Type application/json Response headers x-trace-id 9560faa80ba12304c3cd791512a08efa date Sun, 28 Apr 2024 17:01:53 GMT strict-transport-security max-age=1 x-content-type-options nosniff server nginx accept-ch Sec-CH-UA, Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Mobile, Sec-CH-UA-Model content-type application/json; charset=utf-8 access-control-allow-origin https://54f10.gofenews.com access-control-allow-credentials true access-control-allow-headers Origin, X-Requested-With, X-Oaid, Content-Type, Accept content-length 39
OPTIONS H2	200	custom forlumineoner.com/	0 0	46ms 46ms	Preflight text/plain	139.45.197.229 RETN-AS
General Check archive.org Show headers Download Go to Full URL https://forlumineoner.com/custom Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 139.45.197.229 , United Kingdom, ASN9002 (RETN-AS, GB), Reverse DNS Software nginx / Resource Hash Request headers Accept */* Access-Control-Request-Headers content-type Access-Control-Request-Method POST Origin https://54f10.gofenews.com Sec-Fetch-Mode cors User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36 Response headers access-control-allow-credentials true access-control-allow-headers DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Authorization-Token,X-Oaid access-control-allow-methods GET, POST, OPTIONS access-control-allow-origin https://54f10.gofenews.com access-control-max-age 86400 content-length 0 content-type text/plain; charset=utf-8 date Sun, 28 Apr 2024 17:01:53 GMT server nginx
POST H2	200	custom Show response forlumineoner.com/	39 B 443 B	38ms 38ms	Fetch application/json	139.45.197.229 RETN-AS
General Check archive.org Show headers Download Go to Full URL https://forlumineoner.com/custom Requested by Host: 54f10.gofenews.com URL: https://54f10.gofenews.com/dannig/tube-player/index.html Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 139.45.197.229 , United Kingdom, ASN9002 (RETN-AS, GB), Reverse DNS Software nginx / Resource Hash ff752c1c79bb2c0347c5a8b7f069fa2772047324dbbadf77d21cec4b26ee3881 Security Headers Name Value Strict-Transport-Security max-age=1 X-Content-Type-Options nosniff Request headers Referer Accept-Language de-DE,de;q=0.9;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36 Content-Type application/json Response headers x-trace-id af2238707dad57423f1ba099098efee7 date Sun, 28 Apr 2024 17:01:53 GMT strict-transport-security max-age=1 x-content-type-options nosniff server nginx accept-ch Sec-CH-UA, Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Mobile, Sec-CH-UA-Model content-type application/json; charset=utf-8 access-control-allow-origin https://54f10.gofenews.com access-control-allow-credentials true access-control-allow-headers Origin, X-Requested-With, X-Oaid, Content-Type, Accept content-length 39
GET H2	200	index.html Show response 0884.gofenews.com/tube-player/	15 KB 16 KB	62ms 30ms	Document text/html	45.133.44.20 ADVANCEDHOSTERS-AS
General Check archive.org Show headers Download Go to Full URL https://0884.gofenews.com/tube-player/index.html?var=null&ymid=null&rc=1&mrc=0&fsc=0&zoneid=1781099&tburl=null&tbz=1762378&tag=0&swd=2xs4eumlc.com Requested by Host: 2818.selornews.com URL: https://2818.selornews.com/script.js?slug=tube-player Protocol H2 Security TLS 1.3, , AES_256_GCM Server 45.133.44.20 Philadelphia, United States, ASN39572 (ADVANCEDHOSTERS-AS, NL), Reverse DNS Software nginx/1.24.0 / Resource Hash c9722915663a5626b778f60255e108338e0af09f0e6edc4307b3326e3fd14324 Request headers Accept-Language de-DE,de;q=0.9;q=0.9 Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36 Response headers accept-ranges bytes access-control-allow-headers Content-Type,X-Requested-With,X-Auth-Token,X-Openstack-Request-Id,X-Container-Meta-type,X-Container-Meta-Temp-URL-Key,Authorization access-control-allow-methods HEAD,GET,POST,PUT,PATCH,DELETE,OPTIONS access-control-allow-origin * access-control-expose-headers X-Container-Meta-Temp-Url-Key,X-Container-Bytes-Used,Last-Modified,X-Timestamp cache-control max-age=172800 content-length 15560 content-type text/html; charset=utf-8 date Sun, 28 Apr 2024 17:01:53 GMT etag bb086daba9d1e4ca87a17306cb066be3 expires Tue, 30 Apr 2024 17:01:53 GMT last-modified Wed, 22 Dec 2021 16:41:12 GMT server nginx/1.24.0 vary Accept-Encoding x-openstack-request-id txac6cc1c9ea5d4693b7020-006622295a x-proxy-cache HIT x-timestamp 1640191271.89714 x-trans-id txac6cc1c9ea5d4693b7020-006622295a
GET H2	200	script.js Show response 2818.selornews.com/	8 KB 0	0ms 0ms	Script application/javascript	45.133.44.20 ADVANCEDHOSTERS-AS
General Check archive.org Show headers Download Go to Full URL https://2818.selornews.com/script.js?slug=tube-player Requested by Host: 0884.gofenews.com URL: https://0884.gofenews.com/tube-player/index.html?var=null&ymid=null&rc=1&mrc=0&fsc=0&zoneid=1781099&tburl=null&tbz=1762378&tag=0&swd=2xs4eumlc.com Protocol H2 Security TLS 1.3, , AES_256_GCM Server 45.133.44.20 Philadelphia, United States, ASN39572 (ADVANCEDHOSTERS-AS, NL), Reverse DNS Software nginx/1.24.0 / Resource Hash 384a69bf79962bc6a05496750e610be69633ddbb81d1c4015f11bffd1a37b332 Request headers Accept-Language de-DE,de;q=0.9;q=0.9 Referer https://0884.gofenews.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36 Response headers expires Tue, 30 Apr 2024 17:01:52 GMT date Sun, 28 Apr 2024 17:01:52 GMT x-openstack-request-id txc43adb17fdb04255baba0-0066220914 content-length 8132 x-trans-id txc43adb17fdb04255baba0-0066220914 last-modified Wed, 27 Mar 2024 09:12:11 GMT server nginx/1.24.0 etag 368b6c073cb19a8c0e1fbfc118b9d694 vary Accept-Encoding access-control-allow-methods HEAD,GET,POST,PUT,PATCH,DELETE,OPTIONS content-type application/javascript; charset=utf-8 access-control-allow-origin * x-timestamp 1711530730.51091 access-control-expose-headers X-Container-Meta-Temp-Url-Key,X-Container-Bytes-Used,Last-Modified,X-Timestamp cache-control max-age=172800 accept-ranges bytes access-control-allow-headers Content-Type,X-Requested-With,X-Auth-Token,X-Openstack-Request-Id,X-Container-Meta-type,X-Container-Meta-Temp-URL-Key,Authorization x-proxy-cache HIT
GET H2	200	skip-button.webp 321.selornews.com/dannig/tube-player/img/	5 KB 0	0ms 0ms	Image image/webp	45.133.44.20 ADVANCEDHOSTERS-AS
General Check archive.org Show headers Download Go to Show image Full URL https://321.selornews.com/dannig/tube-player/img/skip-button.webp Requested by Host: 0884.gofenews.com URL: https://0884.gofenews.com/tube-player/index.html?var=null&ymid=null&rc=1&mrc=0&fsc=0&zoneid=1781099&tburl=null&tbz=1762378&tag=0&swd=2xs4eumlc.com Protocol H2 Security TLS 1.3, , AES_256_GCM Server 45.133.44.20 Philadelphia, United States, ASN39572 (ADVANCEDHOSTERS-AS, NL), Reverse DNS Software nginx/1.24.0 / Resource Hash 4d1449898da756c5bff9e9696a2c71ea1ab9e6e96c5dfec29885a63ac237eb3b Request headers Accept-Language de-DE,de;q=0.9;q=0.9 Referer User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36 Response headers expires Tue, 30 Apr 2024 17:01:52 GMT date Sun, 28 Apr 2024 17:01:52 GMT x-openstack-request-id txf99c61527e974564b4b91-00662229e9 content-length 5006 x-trans-id txf99c61527e974564b4b91-00662229e9 last-modified Mon, 21 Dec 2020 08:44:23 GMT server nginx/1.24.0 etag da2dc41d023f4fcc89675351f9117c3d vary Accept-Encoding access-control-allow-methods HEAD,GET,POST,PUT,PATCH,DELETE,OPTIONS content-type image/webp access-control-allow-origin * x-timestamp 1608540262.03735 access-control-expose-headers X-Container-Meta-Temp-Url-Key,X-Container-Bytes-Used,Last-Modified,X-Timestamp cache-control max-age=172800 accept-ranges bytes access-control-allow-headers Content-Type,X-Requested-With,X-Auth-Token,X-Openstack-Request-Id,X-Container-Meta-type,X-Container-Meta-Temp-URL-Key,Authorization x-proxy-cache HIT
GET H2	200	lib.js Show response 2xs4eumlc.com/pn21ywqw/z/sc/scssx/1781099/	28 KB 11 KB	35ms 34ms	Script text/javascript	212.117.190.201 SERVERS-COM
General Check archive.org Show headers Download Go to Full URL https://2xs4eumlc.com/pn21ywqw/z/sc/scssx/1781099/lib.js?ymid=null&var=null&tag=0 Requested by Host: 2818.selornews.com URL: https://2818.selornews.com/script.js?slug=tube-player Protocol H2 Security TLS 1.3, , AES_128_GCM Server 212.117.190.201 Luxembourg, Luxembourg, ASN7979 (SERVERS-COM, US), Reverse DNS Software nginx / Resource Hash d062672e247d0fe8e80f4dc70da4c8208cc4b5ce92053089165e584ec2dbacc8 Request headers Accept-Language de-DE,de;q=0.9;q=0.9 Referer User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36 Response headers date Sun, 28 Apr 2024 17:01:54 GMT content-encoding gzip server nginx accept-ch sec-ch-ua-wow64,sec-ch-ua-full-version-list,sec-ch-ua,sec-ch-ua-platform,sec-ch-ua-mobile,sec-ch-ua-full-version,sec-ch-ua-platform-version,sec-ch-ua-arch,sec-ch-ua-bitness,sec-ch-ua-model,sec-ch-width,sec-ch-viewport-width,sec-ch-viewport-height,sec-ch-dpr,sec-ch-device-memory,sec-ch-rtt,sec-ch-prefers-color-scheme,sec-ch-prefers-reduced-motion,sec-ch-prefers-reduced-transparency,sec-ch-prefers-contrast,sec-ch-forced-colors,sec-ch-prefers-reduced-data vary Accept-Encoding content-type text/javascript; charset=utf-8 x-route-id script timing-allow-origin *
GET H2	200	tag.min.js Show response forlumineoner.com/pfe/current/	14 KB 142 B	38ms 37ms	Script application/javascript	139.45.197.229 RETN-AS
General Check archive.org Show headers Download Go to Full URL https://forlumineoner.com/pfe/current/tag.min.js?pub=1&z=1781101&var=null|null|1781099 Requested by Host: 2xs4eumlc.com URL: https://2xs4eumlc.com/pn21ywqw/z/sc/scssx/1781099/lib.js?ymid=null&var=null&tag=0 Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 139.45.197.229 , United Kingdom, ASN9002 (RETN-AS, GB), Reverse DNS Software nginx / Resource Hash 7d8e97e9586d3f04c4a2a703692378868e49120c6159d079ae7ed1eca2ca2b5c Request headers Accept-Language de-DE,de;q=0.9;q=0.9 Referer User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36 Response headers pragma no-cache date Sun, 28 Apr 2024 17:01:54 GMT content-encoding gzip last-modified Thu, 25 Apr 2024 10:48:48 GMT server nginx etag W/"662a3510-3914" content-type application/javascript cache-control no-cache access-control-allow-credentials true
GET H2	200	universal.min.js Show response forlumineoner.com/pfe/current/	88 KB 183 B	47ms 46ms	Fetch application/javascript	139.45.197.229 RETN-AS
General Check archive.org Show headers Download Go to Full URL https://forlumineoner.com/pfe/current/universal.min.js?v=3.1.504 Requested by Host: forlumineoner.com URL: https://forlumineoner.com/pfe/current/tag.min.js?pub=1&z=1781101&var=null|null|1781099 Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 139.45.197.229 , United Kingdom, ASN9002 (RETN-AS, GB), Reverse DNS Software nginx / Resource Hash 66f95b5eb4bf3dc3a13643e3e6776b18a2b15e0b881328e2ee012c73e679ad00 Request headers Accept-Language de-DE,de;q=0.9;q=0.9 Referer User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36 Response headers pragma no-cache date Sun, 28 Apr 2024 17:01:54 GMT content-encoding gzip last-modified Thu, 25 Apr 2024 10:48:48 GMT server nginx etag W/"662a3510-15efa" content-type application/javascript access-control-allow-origin https://0884.gofenews.com cache-control no-cache access-control-allow-credentials true
GET H2	200	zone Show response forlumineoner.com/	866 B 1 KB	41ms 41ms	Fetch application/json	139.45.197.229 RETN-AS
General Check archive.org Show headers Download Go to Full URL https://forlumineoner.com/zone?pub=1&zone_id=1781101&is_mobile=false&domain=0884.gofenews.com&var=null%7Cnull%7C1781099&ymid=&var_3=&tg=0&sw=3.1.504&ch=eyJhcmNoaXRlY3R1cmUiOiIiLCJiaXRuZXNzIjoiIiwiYnJhbmRzIjpbXSwiZnVsbFZlcnNpb25MaXN0IjpbXSwibW9iaWxlIjpmYWxzZSwibW9kZWwiOiIiLCJwbGF0Zm9ybSI6IiIsInBsYXRmb3JtVmVyc2lvbiI6IiIsIndvdzY0IjpmYWxzZX0= Requested by Host: forlumineoner.com URL: https://forlumineoner.com/pfe/current/tag.min.js?pub=1&z=1781101&var=null|null|1781099 Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 139.45.197.229 , United Kingdom, ASN9002 (RETN-AS, GB), Reverse DNS Software nginx / Resource Hash 31bdc014f4b7f9a6cc24cc973e02b3b6343e2615215d83e2a30ce56a788c582d Security Headers Name Value Strict-Transport-Security max-age=1 X-Content-Type-Options nosniff Request headers Accept-Language de-DE,de;q=0.9;q=0.9 Referer User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36 Response headers x-trace-id 132de066745362201942a0a4ffe80295 date Sun, 28 Apr 2024 17:01:54 GMT strict-transport-security max-age=1 x-content-type-options nosniff server nginx accept-ch Sec-CH-UA, Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Mobile, Sec-CH-UA-Model content-type application/json; charset=utf-8 access-control-allow-origin https://0884.gofenews.com access-control-allow-credentials true access-control-allow-headers Origin, X-Requested-With, X-Oaid, Content-Type, Accept content-length 866
OPTIONS H2	200	custom forlumineoner.com/	0 0	46ms 46ms	Preflight text/plain	139.45.197.229 RETN-AS
General Check archive.org Show headers Download Go to Full URL https://forlumineoner.com/custom Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 139.45.197.229 , United Kingdom, ASN9002 (RETN-AS, GB), Reverse DNS Software nginx / Resource Hash Request headers Accept */* Access-Control-Request-Headers content-type Access-Control-Request-Method POST Origin https://0884.gofenews.com Sec-Fetch-Mode cors User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36 Response headers access-control-allow-credentials true access-control-allow-headers DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Authorization-Token,X-Oaid access-control-allow-methods GET, POST, OPTIONS access-control-allow-origin https://0884.gofenews.com access-control-max-age 86400 content-length 0 content-type text/plain; charset=utf-8 date Sun, 28 Apr 2024 17:01:54 GMT server nginx
OPTIONS H2	200	custom forlumineoner.com/	0 0	47ms 47ms	Preflight text/plain	139.45.197.229 RETN-AS
General Check archive.org Show headers Download Go to Full URL https://forlumineoner.com/custom Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 139.45.197.229 , United Kingdom, ASN9002 (RETN-AS, GB), Reverse DNS Software nginx / Resource Hash Request headers Accept */* Access-Control-Request-Headers content-type Access-Control-Request-Method POST Origin https://0884.gofenews.com Sec-Fetch-Mode cors User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36 Response headers access-control-allow-credentials true access-control-allow-headers DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Authorization-Token,X-Oaid access-control-allow-methods GET, POST, OPTIONS access-control-allow-origin https://0884.gofenews.com access-control-max-age 86400 content-length 0 content-type text/plain; charset=utf-8 date Sun, 28 Apr 2024 17:01:54 GMT server nginx
POST H2	200	custom Show response forlumineoner.com/	39 B 442 B	40ms 38ms	Fetch application/json	139.45.197.229 RETN-AS
General Check archive.org Show headers Download Go to Full URL https://forlumineoner.com/custom Requested by Host: 54f10.gofenews.com URL: https://54f10.gofenews.com/dannig/tube-player/index.html Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 139.45.197.229 , United Kingdom, ASN9002 (RETN-AS, GB), Reverse DNS Software nginx / Resource Hash ff752c1c79bb2c0347c5a8b7f069fa2772047324dbbadf77d21cec4b26ee3881 Security Headers Name Value Strict-Transport-Security max-age=1 X-Content-Type-Options nosniff Request headers Referer Accept-Language de-DE,de;q=0.9;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36 Content-Type application/json Response headers x-trace-id e0ce136d57c96de460ee64627c93b987 date Sun, 28 Apr 2024 17:01:54 GMT strict-transport-security max-age=1 x-content-type-options nosniff server nginx accept-ch Sec-CH-UA, Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Mobile, Sec-CH-UA-Model content-type application/json; charset=utf-8 access-control-allow-origin https://0884.gofenews.com access-control-allow-credentials true access-control-allow-headers Origin, X-Requested-With, X-Oaid, Content-Type, Accept content-length 39
POST H2	200	custom Show response forlumineoner.com/	39 B 442 B	41ms 40ms	Fetch application/json	139.45.197.229 RETN-AS
General Check archive.org Show headers Download Go to Full URL https://forlumineoner.com/custom Requested by Host: 54f10.gofenews.com URL: https://54f10.gofenews.com/dannig/tube-player/index.html Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 139.45.197.229 , United Kingdom, ASN9002 (RETN-AS, GB), Reverse DNS Software nginx / Resource Hash ff752c1c79bb2c0347c5a8b7f069fa2772047324dbbadf77d21cec4b26ee3881 Security Headers Name Value Strict-Transport-Security max-age=1 X-Content-Type-Options nosniff Request headers Referer Accept-Language de-DE,de;q=0.9;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36 Content-Type application/json Response headers x-trace-id 5c298f1408b39ba3a53b260a0e610dda date Sun, 28 Apr 2024 17:01:54 GMT strict-transport-security max-age=1 x-content-type-options nosniff server nginx accept-ch Sec-CH-UA, Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Mobile, Sec-CH-UA-Model content-type application/json; charset=utf-8 access-control-allow-origin https://0884.gofenews.com access-control-allow-credentials true access-control-allow-headers Origin, X-Requested-With, X-Oaid, Content-Type, Accept content-length 39
OPTIONS H2	200	custom forlumineoner.com/	0 0	46ms 46ms	Preflight text/plain	139.45.197.229 RETN-AS
General Check archive.org Show headers Download Go to Full URL https://forlumineoner.com/custom Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 139.45.197.229 , United Kingdom, ASN9002 (RETN-AS, GB), Reverse DNS Software nginx / Resource Hash Request headers Accept */* Access-Control-Request-Headers content-type Access-Control-Request-Method POST Origin https://0884.gofenews.com Sec-Fetch-Mode cors User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36 Response headers access-control-allow-credentials true access-control-allow-headers DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Authorization-Token,X-Oaid access-control-allow-methods GET, POST, OPTIONS access-control-allow-origin https://0884.gofenews.com access-control-max-age 86400 content-length 0 content-type text/plain; charset=utf-8 date Sun, 28 Apr 2024 17:01:54 GMT server nginx
POST H2	200	custom Show response forlumineoner.com/	39 B 442 B	39ms 38ms	Fetch application/json	139.45.197.229 RETN-AS
General Check archive.org Show headers Download Go to Full URL https://forlumineoner.com/custom Requested by Host: 54f10.gofenews.com URL: https://54f10.gofenews.com/dannig/tube-player/index.html Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 139.45.197.229 , United Kingdom, ASN9002 (RETN-AS, GB), Reverse DNS Software nginx / Resource Hash ff752c1c79bb2c0347c5a8b7f069fa2772047324dbbadf77d21cec4b26ee3881 Security Headers Name Value Strict-Transport-Security max-age=1 X-Content-Type-Options nosniff Request headers Referer Accept-Language de-DE,de;q=0.9;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36 Content-Type application/json Response headers x-trace-id 82eec002f79df74c95842c9e9c4d2a7b date Sun, 28 Apr 2024 17:01:54 GMT strict-transport-security max-age=1 x-content-type-options nosniff server nginx accept-ch Sec-CH-UA, Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Mobile, Sec-CH-UA-Model content-type application/json; charset=utf-8 access-control-allow-origin https://0884.gofenews.com access-control-allow-credentials true access-control-allow-headers Origin, X-Requested-With, X-Oaid, Content-Type, Accept content-length 39
GET H2	200	Primary Request index.html Show response 2157.gofenews.com/tube-player/	15 KB 16 KB	60ms 30ms	Document text/html	45.133.44.20 ADVANCEDHOSTERS-AS
General Check archive.org Show headers Download Go to Full URL https://2157.gofenews.com/tube-player/index.html?var=null&ymid=null&rc=2&mrc=0&fsc=0&zoneid=1781099&tburl=null&tbz=1762378&tag=0&swd=2xs4eumlc.com Requested by Host: 2818.selornews.com URL: https://2818.selornews.com/script.js?slug=tube-player Protocol H2 Security TLS 1.3, , AES_256_GCM Server 45.133.44.20 Philadelphia, United States, ASN39572 (ADVANCEDHOSTERS-AS, NL), Reverse DNS Software nginx/1.24.0 / Resource Hash c9722915663a5626b778f60255e108338e0af09f0e6edc4307b3326e3fd14324 Request headers Accept-Language de-DE,de;q=0.9;q=0.9 Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36 Response headers accept-ranges bytes access-control-allow-headers Content-Type,X-Requested-With,X-Auth-Token,X-Openstack-Request-Id,X-Container-Meta-type,X-Container-Meta-Temp-URL-Key,Authorization access-control-allow-methods HEAD,GET,POST,PUT,PATCH,DELETE,OPTIONS access-control-allow-origin * access-control-expose-headers X-Container-Meta-Temp-Url-Key,X-Container-Bytes-Used,Last-Modified,X-Timestamp cache-control max-age=172800 content-length 15560 content-type text/html; charset=utf-8 date Sun, 28 Apr 2024 17:01:56 GMT etag bb086daba9d1e4ca87a17306cb066be3 expires Tue, 30 Apr 2024 17:01:56 GMT last-modified Wed, 22 Dec 2021 16:41:12 GMT server nginx/1.24.0 vary Accept-Encoding x-openstack-request-id txac6cc1c9ea5d4693b7020-006622295a x-proxy-cache HIT x-timestamp 1640191271.89714 x-trans-id txac6cc1c9ea5d4693b7020-006622295a
GET H2	200	script.js Show response 2818.selornews.com/	8 KB 0	0ms 0ms	Script application/javascript	45.133.44.20 ADVANCEDHOSTERS-AS
General Check archive.org Show headers Download Go to Full URL https://2818.selornews.com/script.js?slug=tube-player Requested by Host: 2157.gofenews.com URL: https://2157.gofenews.com/tube-player/index.html?var=null&ymid=null&rc=2&mrc=0&fsc=0&zoneid=1781099&tburl=null&tbz=1762378&tag=0&swd=2xs4eumlc.com Protocol H2 Security TLS 1.3, , AES_256_GCM Server 45.133.44.20 Philadelphia, United States, ASN39572 (ADVANCEDHOSTERS-AS, NL), Reverse DNS Software nginx/1.24.0 / Resource Hash 384a69bf79962bc6a05496750e610be69633ddbb81d1c4015f11bffd1a37b332 Request headers Accept-Language de-DE,de;q=0.9;q=0.9 Referer https://2157.gofenews.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36 Response headers expires Tue, 30 Apr 2024 17:01:52 GMT date Sun, 28 Apr 2024 17:01:52 GMT x-openstack-request-id txc43adb17fdb04255baba0-0066220914 content-length 8132 x-trans-id txc43adb17fdb04255baba0-0066220914 last-modified Wed, 27 Mar 2024 09:12:11 GMT server nginx/1.24.0 etag 368b6c073cb19a8c0e1fbfc118b9d694 vary Accept-Encoding access-control-allow-methods HEAD,GET,POST,PUT,PATCH,DELETE,OPTIONS content-type application/javascript; charset=utf-8 access-control-allow-origin * x-timestamp 1711530730.51091 access-control-expose-headers X-Container-Meta-Temp-Url-Key,X-Container-Bytes-Used,Last-Modified,X-Timestamp cache-control max-age=172800 accept-ranges bytes access-control-allow-headers Content-Type,X-Requested-With,X-Auth-Token,X-Openstack-Request-Id,X-Container-Meta-type,X-Container-Meta-Temp-URL-Key,Authorization x-proxy-cache HIT
GET H2	200	skip-button.webp 321.selornews.com/dannig/tube-player/img/	5 KB 0	0ms 0ms	Image image/webp	45.133.44.20 ADVANCEDHOSTERS-AS
General Check archive.org Show headers Download Go to Show image Full URL https://321.selornews.com/dannig/tube-player/img/skip-button.webp Requested by Host: 2157.gofenews.com URL: https://2157.gofenews.com/tube-player/index.html?var=null&ymid=null&rc=2&mrc=0&fsc=0&zoneid=1781099&tburl=null&tbz=1762378&tag=0&swd=2xs4eumlc.com Protocol H2 Security TLS 1.3, , AES_256_GCM Server 45.133.44.20 Philadelphia, United States, ASN39572 (ADVANCEDHOSTERS-AS, NL), Reverse DNS Software nginx/1.24.0 / Resource Hash 4d1449898da756c5bff9e9696a2c71ea1ab9e6e96c5dfec29885a63ac237eb3b Request headers Accept-Language de-DE,de;q=0.9;q=0.9 Referer User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36 Response headers expires Tue, 30 Apr 2024 17:01:52 GMT date Sun, 28 Apr 2024 17:01:52 GMT x-openstack-request-id txf99c61527e974564b4b91-00662229e9 content-length 5006 x-trans-id txf99c61527e974564b4b91-00662229e9 last-modified Mon, 21 Dec 2020 08:44:23 GMT server nginx/1.24.0 etag da2dc41d023f4fcc89675351f9117c3d vary Accept-Encoding access-control-allow-methods HEAD,GET,POST,PUT,PATCH,DELETE,OPTIONS content-type image/webp access-control-allow-origin * x-timestamp 1608540262.03735 access-control-expose-headers X-Container-Meta-Temp-Url-Key,X-Container-Bytes-Used,Last-Modified,X-Timestamp cache-control max-age=172800 accept-ranges bytes access-control-allow-headers Content-Type,X-Requested-With,X-Auth-Token,X-Openstack-Request-Id,X-Container-Meta-type,X-Container-Meta-Temp-URL-Key,Authorization x-proxy-cache HIT

8 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

function| requestPermission function| R6dd object| zfgformats object| sdk boolean| installOnFly boolean| zfgloadedpush boolean| zfgloadedpushopt boolean| zfgloadedpushcode

2 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

			Domain/Path	Expires	Name / Value
			2xs4eumlc.com/	1970-01-21 05:46:37	Name: CHCK Value: 1
			2xs4eumlc.com/	1970-01-21 05:46:37	Name: UID Value: 240428120127299d1fe11648778897fc7e02

5 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
other	warning	URL: https://54f10.gofenews.com/dannig/tube-player/index.html Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://54f10.gofenews.com/dannig/tube-player/index.html Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://0884.gofenews.com/tube-player/index.html?var=null&ymid=null&rc=1&mrc=0&fsc=0&zoneid=1781099&tburl=null&tbz=1762378&tag=0&swd=2xs4eumlc.com Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://0884.gofenews.com/tube-player/index.html?var=null&ymid=null&rc=1&mrc=0&fsc=0&zoneid=1781099&tburl=null&tbz=1762378&tag=0&swd=2xs4eumlc.com Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://0884.gofenews.com/tube-player/index.html?var=null&ymid=null&rc=1&mrc=0&fsc=0&zoneid=1781099&tburl=null&tbz=1762378&tag=0&swd=2xs4eumlc.com Message: Third-party cookie will be blocked. Learn more in the Issues tab.

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

0884.gofenews.com
2157.gofenews.com
2818.selornews.com
2xs4eumlc.com
321.selornews.com
54f10.gofenews.com
forlumineoner.com
139.45.197.229
212.117.190.201
45.133.44.20
31bdc014f4b7f9a6cc24cc973e02b3b6343e2615215d83e2a30ce56a788c582d
341047ce95201d63b60b891aacd730b490ff44a9df75cd24b44807fb3667b90f
384a69bf79962bc6a05496750e610be69633ddbb81d1c4015f11bffd1a37b332
4d1449898da756c5bff9e9696a2c71ea1ab9e6e96c5dfec29885a63ac237eb3b
66f95b5eb4bf3dc3a13643e3e6776b18a2b15e0b881328e2ee012c73e679ad00
7d8e97e9586d3f04c4a2a703692378868e49120c6159d079ae7ed1eca2ca2b5c
c9722915663a5626b778f60255e108338e0af09f0e6edc4307b3326e3fd14324
d062672e247d0fe8e80f4dc70da4c8208cc4b5ce92053089165e584ec2dbacc8
ff752c1c79bb2c0347c5a8b7f069fa2772047324dbbadf77d21cec4b26ee3881