urlscan.io logo urlscan.io
SecurityTrails logo

player.nu6i-bg-net.com Open in urlscan Pro
2606:4700:20::ac43:4861  Public Scan

Go To Rescan Add Verdict Report
Submitted URL: https://player.nu6i-bg-net.com/e/K2d3V0ZVRHZZcW5PSC9JRk5HVG5PUT09#iss=ODguMjAzLjIwNi4yMzk=
Effective URL: https://player.nu6i-bg-net.com/player/embed_player.php?vpn=1&vid=1
Submission: On September 13 via manual from IT — Scanned from IT
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 11 IPs in 2 countries across 10 domains to perform 39 HTTP transactions. The main IP is 2606:4700:20::ac43:4861, located in United States and belongs to CLOUDFLARENET, US. The main domain is player.nu6i-bg-net.com.
TLS certificate: Issued by Cloudflare Inc ECC CA-3 on January 3rd 2023. Valid for: a year.
This is the only time player.nu6i-bg-net.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
22 2606:4700:20:... 13335 (CLOUDFLAR...)
5 2606:4700::68... 13335 (CLOUDFLAR...)
1 2a06:98c1:312... 13335 (CLOUDFLAR...)
1 2a00:1450:400... 15169 (GOOGLE)
1 2a00:1450:400... 15169 (GOOGLE)
1 2a00:1450:400... 15169 (GOOGLE)
1 2001:4860:486... 15169 (GOOGLE)
1 2606:4700:303... 13335 (CLOUDFLAR...)
1 2 2a06:98c1:312... 13335 (CLOUDFLAR...)
1 174.137.133.17 27257 (WEBAIR-IN...)
39 11
22    2606:4700:20::ac43:4861 (United States)

ASN13335 (CLOUDFLARENET, US)
player.nu6i-bg-net.com
5    2606:4700::6810:7caf (United States)

ASN13335 (CLOUDFLARENET, US)
unpkg.com
1    2a06:98c1:3121::3 (United States)

ASN13335 (CLOUDFLARENET, US)
commentsmodule.com
1    2a00:1450:4001:82a::2008 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.googletagmanager.com
1    2a00:1450:4001:831::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
fonts.googleapis.com
1    2a00:1450:4001:829::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
fonts.gstatic.com
1    2001:4860:4860::8888 (United States)

ASN15169 (GOOGLE, US)
dns.google
1    2606:4700:3031::ac43:c68b (United States)

ASN13335 (CLOUDFLARENET, US)
sadjklq.com
2    2a06:98c1:3120::3 (United States)

ASN13335 (CLOUDFLARENET, US)
marazma.com
1    174.137.133.17 (United States)

ASN27257 (WEBAIR-INTERNET, US)
xml.poprtb.com
Apex Domain
Subdomains		 Transfer
22 nu6i-bg-net.com
player.nu6i-bg-net.com
144 KB
5 unpkg.com
unpkg.com — Cisco Umbrella Rank: 1083
73 KB
2 marazma.com
marazma.com — Cisco Umbrella Rank: 156391
902 B
1 poprtb.com
xml.poprtb.com — Cisco Umbrella Rank: 133474
165 B
1 sadjklq.com
sadjklq.com — Cisco Umbrella Rank: 84893
1014 B
1 gstatic.com
fonts.gstatic.com
48 KB
1 googleapis.com
fonts.googleapis.com — Cisco Umbrella Rank: 56
1 KB
1 dns.google
dns.google — Cisco Umbrella Rank: 945 Failed
520 B
1 googletagmanager.com
www.googletagmanager.com — Cisco Umbrella Rank: 63 Failed
1 commentsmodule.com
commentsmodule.com — Cisco Umbrella Rank: 87926
39 10
Domain Requested by
22 player.nu6i-bg-net.com player.nu6i-bg-net.com
unpkg.com
5 unpkg.com player.nu6i-bg-net.com
2 marazma.com 1 redirects player.nu6i-bg-net.com
1 xml.poprtb.com
1 sadjklq.com player.nu6i-bg-net.com
sadjklq.com
1 fonts.gstatic.com fonts.googleapis.com
1 fonts.googleapis.com player.nu6i-bg-net.com
1 dns.google player.nu6i-bg-net.com
1 www.googletagmanager.com player.nu6i-bg-net.com
1 commentsmodule.com player.nu6i-bg-net.com
39 10

This site contains no links.

Subject Issuer Validity Valid
sni.cloudflaressl.com
Cloudflare Inc ECC CA-3		 2023-01-03 -
2024-01-03		 a year crt.sh
commentsmodule.com
GTS CA 1P5		 2023-08-14 -
2023-11-12		 3 months crt.sh
*.google-analytics.com
GTS CA 1C3		 2023-08-14 -
2023-11-06		 3 months crt.sh
upload.video.google.com
GTS CA 1C3		 2023-08-14 -
2023-11-06		 3 months crt.sh
*.gstatic.com
GTS CA 1C3		 2023-08-14 -
2023-11-06		 3 months crt.sh
dns.google
GTS CA 1C3		 2023-08-14 -
2023-11-06		 3 months crt.sh
sadjklq.com
GTS CA 1P5		 2023-07-27 -
2023-10-25		 3 months crt.sh
marazma.com
GTS CA 1P5		 2023-08-02 -
2023-10-31		 3 months crt.sh
*.poprtb.com
Sectigo RSA Domain Validation Secure Server CA		 2023-07-27 -
2024-07-26		 a year crt.sh

This page contains 3 frames:

Primary Page: https://player.nu6i-bg-net.com/player/embed_player.php?vpn=1&vid=1
Frame ID: AEEA0EF9A9F54F9CCBE6D8F66783AA7D
Requests: 36 HTTP requests in this frame

Frame: https://sadjklq.com/f.php?sid=212040
Frame ID: EAA567F39CEA191F657D2A77255F1B17
Requests: 1 HTTP requests in this frame

Frame: https://xml.poprtb.com/redirect?feed=491010&auth=OpDJQF&pubid=152420
Frame ID: 0FA12C9D840E1324EA3AFED24E11CD14
Requests: 2 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page Title

Not Found

Page URL History Show full URLs

  1. https://player.nu6i-bg-net.com/e/K2d3V0ZVRHZZcW5PSC9JRk5HVG5PUT09 Page URL
  2. https://player.nu6i-bg-net.com/player/embed_player.php?vpn=1&vid=1 Page URL

Detected technologies

Overall confidence: 100%
Detected patterns
  • \.php(?:$|\?)
Overall confidence: 100%
Detected patterns
  • ([\d.]+)?/modernizr(?:\.([\d.]+))?.*\.js
Overall confidence: 100%
Detected patterns
  • jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?

Page Statistics

39
Requests

90 %
HTTPS

90 %
IPv6

10
Domains

10
Subdomains

11
IPs

2
Countries

268 kB
Transfer

724 kB
Size

7
Cookies

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

  1. https://player.nu6i-bg-net.com/e/K2d3V0ZVRHZZcW5PSC9JRk5HVG5PUT09 Page URL
  2. https://player.nu6i-bg-net.com/player/embed_player.php?vpn=1&vid=1 Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 37
  • https://marazma.com/load HTTP 302
  • https://xml.poprtb.com/redirect?feed=491010&auth=OpDJQF&pubid=152420

39 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
K2d3V0ZVRHZZcW5PSC9JRk5HVG5PUT09
player.nu6i-bg-net.com/e/ 		140 KB
37 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://player.nu6i-bg-net.com/e/K2d3V0ZVRHZZcW5PSC9JRk5HVG5PUT09
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::ac43:4861 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
da37a7ecf10da85dd9b082774d02b66752f4617d0b8b3200343f550afd07e365
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block;

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.187 Safari/537.36
accept-language
it-IT,it;q=0.9

Response headers

cache-control
no-store, no-cache, must-revalidate, max-age=0, post-check=0, pre-check=0
cf-cache-status
DYNAMIC
cf-ray
80637c93dd770e8f-MXP
content-encoding
br
content-type
text/html; charset=utf-8
date
Wed, 13 Sep 2023 21:29:36 GMT
link
<//player.nu6i-bg-net.com>; rel=preconnect; crossorigin, <//global.stun.twilio.com>; rel=dns-prefetch; crossorigin, <//counter.yadro.ru>; rel=preconnect; crossorigin, <//imasdk.googleapis.com>; rel=preconnect; crossorigin, <//stun2.l.google.com>; rel=dns-prefetch; crossorigin, <//unpkg.com>; rel=preconnect; crossorigin, <//mc.yandex.ru>; rel=preconnect; crossorigin, <//cdn.jsdelivr.net>; rel=preconnect; crossorigin, <//signal.netu.tv>; rel=dns-prefetch; crossorigin,<//wss.commentsmodule.com>; rel=dns-prefetch; crossorigin, <//www.gstatic.com>; rel=preconnect; crossorigin, <//imasdk.googleapis.com>; rel=preconnect; crossorigin, <//storage.googleapis.com>; rel=preconnect; crossorigin, <//www.google.com>; rel=preconnect; crossorigin,<//a.labadena.com>; rel=preconnect; crossorigin, <//deliver.vkcdnservice.com>; rel=preconnect; crossorigin,<//vkcdnservice.appspot.com.storage.googleapis.com>; rel=preconnect; crossorigin, <//www.google.com>; rel=preconnect; crossorigin, <//www.recaptcha.net>; rel=preconnect; crossorigin, <//cdnjs.cloudflare.com>; rel=preconnect; crossorigin
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
p3p
policyref="http://www.example.com/w3c/p3p.xml", CP="CURa ADMa DEVa CONo HISa OUR IND DSP ALL COR"
pragma
no-cache
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=0U%2B2pxpWf09q5zx%2BANVPgiC8p4h5C8ZkD1aIhYBqVuMhJBXiPFEYqkjxrWgzCzV2BcO1V0hjMrNYi4ex2kNWGKwe9uwwJkNXj%2FDCG6xhRO4MKtwJ2exz5RIhzY7q2vDdAL0i329NglPKufbnUr22jw7s8rM%3D"}],"group":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
x-cache-status-inferno
MISS
x-content-type-options
nosniff
x-inferno-limit-req
PASSED
x-inferno-location
player
x-origin-location
player
x-robots-tag
'none, noindex, nofollow, noarchive, nosnippet, noodp, notranslate, noimageindex'
x-xss-protection
1; mode=block;
websocket_ip.min.js
player.nu6i-bg-net.com/js/ 		5 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://player.nu6i-bg-net.com/js/websocket_ip.min.js
Requested by
Host: player.nu6i-bg-net.com
URL: https://player.nu6i-bg-net.com/e/K2d3V0ZVRHZZcW5PSC9JRk5HVG5PUT09
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::ac43:4861 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
419b600e2a3d2523ed458633a946a9a07fcf046077f0ea79f3e435f154f04ee7

Request headers

accept-language
it-IT,it;q=0.9
Referer
https://player.nu6i-bg-net.com/e/K2d3V0ZVRHZZcW5PSC9JRk5HVG5PUT09
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.187 Safari/537.36

Response headers

date
Wed, 13 Sep 2023 21:29:36 GMT
content-encoding
br
x-cache-status-inferno-s
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-cache-status
HIT
age
2252267
x-inferno-location
static
accessing-static
1
pragma
cache
last-modified
Fri, 20 Jan 2023 13:44:36 GMT
server
cloudflare
etag
W/"63ca9ac4-121c"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=2LeiYZDBfshAx8lRnzN5bdl2TbsrNkkIYcY8X5cofPxrqP4oqiDEXvB0h3fY%2FqTxoxmKLo7nPomuQCv87zGP8Kc8GaZE%2BwLpadwMxQ8h37dP%2FAyOGSk1J7%2B63jIzWF3j%2FEEWBHvsojYm0CYP1B89fn8QhLM%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=31536000, stale-while-revalidate=30, stale-if-error=30
access-control-allow-credentials
true
cf-ray
80637c947e410e8f-MXP
rocket-loader.min.js
player.nu6i-bg-net.com/cdn-cgi/scripts/7d0fa10a/cloudflare-static/ 		12 KB
4 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://player.nu6i-bg-net.com/cdn-cgi/scripts/7d0fa10a/cloudflare-static/rocket-loader.min.js
Requested by
Host: player.nu6i-bg-net.com
URL: https://player.nu6i-bg-net.com/e/K2d3V0ZVRHZZcW5PSC9JRk5HVG5PUT09
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::ac43:4861 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
ccf00d1923b0131a10e0c6d26f95e5dee6ebf8621a27e83c5a2f68a2e0093142
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options DENY

Request headers

accept-language
it-IT,it;q=0.9
Referer
https://player.nu6i-bg-net.com/e/K2d3V0ZVRHZZcW5PSC9JRk5HVG5PUT09
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.187 Safari/537.36

Response headers

date
Wed, 13 Sep 2023 21:29:36 GMT
content-encoding
gzip
x-content-type-options
nosniff
last-modified
Mon, 11 Sep 2023 13:04:22 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
etag
W/"64ff1056-302c"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=QGQQk9g4JbFGtLInf51f5BrhRZFpRLoZJHFv%2BQzOdP6Mmik%2F6XQuB%2FiHOXp3bvDsqyQtuinz0TeYyCFalctd4Pp3grQ0iCvBAAnspRsaJktR64dTyirf92y50hIgdZHYVEsx8fHjVGBFiTTzYMF9xaGJBjk%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript
x-frame-options
DENY
cache-control
max-age=172800, public
cf-ray
80637c94be7f0e8f-MXP
expires
Fri, 15 Sep 2023 21:29:36 GMT
embed_player.3.css
player.nu6i-bg-net.com/styles/global/ 		4 KB
2 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://player.nu6i-bg-net.com/styles/global/embed_player.3.css?130
Requested by
Host: player.nu6i-bg-net.com
URL: https://player.nu6i-bg-net.com/e/K2d3V0ZVRHZZcW5PSC9JRk5HVG5PUT09
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::ac43:4861 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
c9190c55a43f22a3ac3a368b98a1010d3c7f44d1a4e29aff7c8b49d2a884261e

Request headers

accept-language
it-IT,it;q=0.9
Referer
https://player.nu6i-bg-net.com/e/K2d3V0ZVRHZZcW5PSC9JRk5HVG5PUT09
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.187 Safari/537.36

Response headers

date
Wed, 13 Sep 2023 21:29:36 GMT
content-encoding
br
x-cache-status-inferno-s
HIT
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
2252267
cf-polished
origSize=5889
x-inferno-location
static
accessing-static
1
pragma
cache
cf-bgj
minify
last-modified
Wed, 09 Dec 2020 22:16:37 GMT
server
cloudflare
etag
W/"5fd14cc5-1701"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=f8DEFXHqltG%2FqAdSXsztntO26%2Famm2QeVnCmOo6GqryHZOMdN17UbMSUzc2nFUfvFEEAJkePyMpvanxj%2FAaXILX4wg9mt63Y30I8byIs68IR3ZZN504bWrKfwGJq1jS57v9IOnGnzhhyXa%2F2hccT9bNlFYU%3D"}],"group":"cf-nel","max_age":604800}
content-type
text/css; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=31536000, stale-while-revalidate=30, stale-if-error=30
access-control-allow-credentials
true
cf-ray
80637c94eec40e8f-MXP
modernizr.js
player.nu6i-bg-net.com/js/video.jquery_plugs/ 		1 KB
932 B 		Script
General
Check archive.org
Download Go to
Full URL
https://player.nu6i-bg-net.com/js/video.jquery_plugs/modernizr.js?12
Requested by
Host: player.nu6i-bg-net.com
URL: https://player.nu6i-bg-net.com/e/K2d3V0ZVRHZZcW5PSC9JRk5HVG5PUT09
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::ac43:4861 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
458cc3be215bef898d5e6a41e25f0c022e6d5d5e61add13f13c01898bb53b9bc

Request headers

accept-language
it-IT,it;q=0.9
Referer
https://player.nu6i-bg-net.com/e/K2d3V0ZVRHZZcW5PSC9JRk5HVG5PUT09
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.187 Safari/537.36

Response headers

date
Wed, 13 Sep 2023 21:29:36 GMT
content-encoding
br
x-cache-status-inferno-s
HIT
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
2252267
x-inferno-location
static
accessing-static
1
pragma
cache
cf-bgj
minify
last-modified
Sun, 03 Jun 2018 17:19:35 GMT
server
cloudflare
etag
W/"5b142327-4cb"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Rts%2BwnFeVnly6r0LOOBMFSv5kTOzF9B0DgGm7KkIkBAva%2F8QIjjVg5BXI1oATfoLdKfZFRYJGfRfT%2Fupq9ofT%2FxefniCl99iUlJ0tATI9b%2FLksJiQIPAIch%2BqM7Gs3%2BEL%2FjxUB050y5u0dVaHDd05wIAbP0%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=31536000, stale-while-revalidate=30, stale-if-error=30
access-control-allow-credentials
true
cf-ray
80637c953f480e8f-MXP
progressbar.min.js
unpkg.com/progressbar.js@1.1.0/dist/ 		29 KB
9 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://unpkg.com/progressbar.js@1.1.0/dist/progressbar.min.js
Requested by
Host: player.nu6i-bg-net.com
URL: https://player.nu6i-bg-net.com/e/K2d3V0ZVRHZZcW5PSC9JRk5HVG5PUT09
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6810:7caf , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
73cdea3ea0691f9ac4150be0c937dc2ee7eaa10205168a84e41ef5c9e05784b7
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
it-IT,it;q=0.9
Referer
https://player.nu6i-bg-net.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.187 Safari/537.36

Response headers

date
Wed, 13 Sep 2023 21:29:36 GMT
via
1.1 fly.io
x-content-type-options
nosniff
cf-cache-status
HIT
content-encoding
br
strict-transport-security
max-age=31536000; includeSubDomains; preload
age
14381037
last-modified
Sat, 26 Oct 1985 08:15:00 GMT
fly-request-id
01GWVMBR7YHJXTNXBM7HVD9N95-fra
server
cloudflare
etag
W/"7315-VGu3QlAvqjb4wruVTC8CgYdmBAQ"
vary
Accept-Encoding
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
cache-control
public, max-age=31536000
cf-ray
80637c95ada60e75-MXP
jquery.min.js
unpkg.com/jquery@2.2.4/dist/ 		84 KB
30 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://unpkg.com/jquery@2.2.4/dist/jquery.min.js
Requested by
Host: player.nu6i-bg-net.com
URL: https://player.nu6i-bg-net.com/e/K2d3V0ZVRHZZcW5PSC9JRk5HVG5PUT09
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6810:7caf , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
05b85d96f41fff14d8f608dad03ab71e2c1017c2da0914d7c59291bad7a54f8e
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
it-IT,it;q=0.9
Referer
https://player.nu6i-bg-net.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.187 Safari/537.36

Response headers

date
Wed, 13 Sep 2023 21:29:36 GMT
via
1.1 fly.io
x-content-type-options
nosniff
cf-cache-status
HIT
content-encoding
br
strict-transport-security
max-age=31536000; includeSubDomains; preload
age
21093496
last-modified
Fri, 20 May 2016 17:24:42 GMT
fly-request-id
01GPKJVS2NVBDWC92QT0D3RZHK-fra
server
cloudflare
etag
W/"14e4a-abtp4lyn1e8JNTF1hOYVPz/ZqIw"
vary
Accept-Encoding
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
cache-control
public, max-age=31536000
cf-ray
80637c95dde20e75-MXP
jquery.cookie.js
unpkg.com/jquery.cookie@1.4.1/ 		3 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://unpkg.com/jquery.cookie@1.4.1/jquery.cookie.js
Requested by
Host: player.nu6i-bg-net.com
URL: https://player.nu6i-bg-net.com/e/K2d3V0ZVRHZZcW5PSC9JRk5HVG5PUT09
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6810:7caf , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
b84161c9fbf7520cd14e7019f92120bd87a928a074156e91a992eba9fc9436e8
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
it-IT,it;q=0.9
Referer
https://player.nu6i-bg-net.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.187 Safari/537.36

Response headers

date
Wed, 13 Sep 2023 21:29:37 GMT
via
1.1 fly.io
x-content-type-options
nosniff
cf-cache-status
HIT
content-encoding
br
strict-transport-security
max-age=31536000; includeSubDomains; preload
age
7136865
last-modified
Sun, 27 Apr 2014 20:04:54 GMT
fly-request-id
01G67NVMNMHV1G39FFDGAH3G21-cdg
server
cloudflare
etag
W/"c31-MeG8xM+AWiwv7iH0je0eWY9koqg"
vary
Accept-Encoding
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
cache-control
public, max-age=31536000
cf-ray
80637c963e280e75-MXP
d_check.js
player.nu6i-bg-net.com/js/ 		3 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://player.nu6i-bg-net.com/js/d_check.js?34
Requested by
Host: player.nu6i-bg-net.com
URL: https://player.nu6i-bg-net.com/e/K2d3V0ZVRHZZcW5PSC9JRk5HVG5PUT09
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::ac43:4861 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
8ace85fc8a73d8a4fe87a23c0f4d0b016d78b2dba4027882d6a7a82862a72067

Request headers

accept-language
it-IT,it;q=0.9
Referer
https://player.nu6i-bg-net.com/e/K2d3V0ZVRHZZcW5PSC9JRk5HVG5PUT09
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.187 Safari/537.36

Response headers

date
Wed, 13 Sep 2023 21:29:37 GMT
content-encoding
br
x-cache-status-inferno-s
HIT
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
2252267
cf-polished
origSize=3466
x-inferno-location
static
accessing-static
1
pragma
cache
cf-bgj
minify
last-modified
Thu, 27 Feb 2020 14:57:53 GMT
server
cloudflare
etag
W/"5e57d8f1-d8a"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=MrlsdyJhKN%2FDL6z8QZ2vx69Yy%2BXoujBKPQlBCuKrvYzKrDm02qUKfrTFP6NIXiwcGwVZXQAs46dG%2F48Vl8AyDEqxlIRt%2Bri7EArHdd8GyxjBa%2F6fwm22wiiZTruRCGpH2EfiN0i5ZrfJwIz7XI4AHMznnms%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=31536000, stale-while-revalidate=30, stale-if-error=30
access-control-allow-credentials
true
cf-ray
80637c9668cc0e8f-MXP
js.load.1.js
commentsmodule.com/js/ 		5 KB
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://commentsmodule.com/js/js.load.1.js?7671134909230470
Requested by
Host: player.nu6i-bg-net.com
URL: https://player.nu6i-bg-net.com/e/K2d3V0ZVRHZZcW5PSC9JRk5HVG5PUT09
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a06:98c1:3121::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
Security Headers
Name Value
X-Frame-Options SAMEORIGIN

Request headers

accept-language
it-IT,it;q=0.9
Referer
https://player.nu6i-bg-net.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.187 Safari/537.36

Response headers

date
Wed, 13 Sep 2023 21:29:37 GMT
content-encoding
br
referrer-policy
same-origin
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
x-frame-options
SAMEORIGIN
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=WWk1m1NPiDiPGIHbboXRNtOA4H%2FyzCbfRJnecgGyZDvt0%2F6X9CMyN5MSQkpqdAtFPU4hzpC6qLIe6l5NWWnNX7f1SRCEU2dO3RGa7HO0C83swTGBFEB4LHMP7Yk%2FkLYAIPPKkCgduQ6yf1avjMHWLg8%3D"}],"group":"cf-nel","max_age":604800}
content-type
text/html; charset=UTF-8
vary
Accept-Encoding
access-control-allow-origin
*
cache-control
private, max-age=0, no-store, no-cache, must-revalidate, post-check=0, pre-check=0
cf-ray
80637c972e572c79-FRA
alt-svc
h3=":443"; ma=86400
expires
Thu, 01 Jan 1970 00:00:01 GMT
embed.220.js
player.nu6i-bg-net.com/js/ 		98 KB
29 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://player.nu6i-bg-net.com/js/embed.220.js?736
Requested by
Host: player.nu6i-bg-net.com
URL: https://player.nu6i-bg-net.com/e/K2d3V0ZVRHZZcW5PSC9JRk5HVG5PUT09
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::ac43:4861 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
3100e3dfc2aa57c5e6ac79de29f8265ea9d8b4092e1f72ba20dbccf5edea64e6

Request headers

accept-language
it-IT,it;q=0.9
Referer
https://player.nu6i-bg-net.com/e/K2d3V0ZVRHZZcW5PSC9JRk5HVG5PUT09
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.187 Safari/537.36

Response headers

date
Wed, 13 Sep 2023 21:29:37 GMT
content-encoding
br
x-cache-status-inferno-s
HIT
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
137553
cf-polished
origSize=172249
x-inferno-location
static
accessing-static
1
pragma
cache
cf-bgj
minify
last-modified
Tue, 12 Sep 2023 07:07:10 GMT
server
cloudflare
etag
W/"65000e1e-2a0d9"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=V4jqbZQu20QQEXyzrBkJZcUDfRYfEhsqO2JoZdKPrpA3sWlmadc7fdXlmVZ3pKmjwys%2Fbqf1gGzkcsup3nNZxxW6mZi7nrH8wP1H4f5uJJ0ZKcoxIM0to5clAQI6g5bd1C7M68ahCwm0Vt7fZB6%2BNRmqML0%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=31536000, stale-while-revalidate=30, stale-if-error=30
access-control-allow-credentials
true
cf-ray
80637c9699240e8f-MXP
popunder.js
player.nu6i-bg-net.com/ad/top/ 		19 B
565 B 		Script
General
Check archive.org
Download Go to
Full URL
https://player.nu6i-bg-net.com/ad/top/popunder.js
Requested by
Host: player.nu6i-bg-net.com
URL: https://player.nu6i-bg-net.com/e/K2d3V0ZVRHZZcW5PSC9JRk5HVG5PUT09
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::ac43:4861 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
42bb8bf6df8989c882f575e07cb92ebdfcb68711e27c9d76666d5f96a483195a

Request headers

accept-language
it-IT,it;q=0.9
Referer
https://player.nu6i-bg-net.com/e/K2d3V0ZVRHZZcW5PSC9JRk5HVG5PUT09
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.187 Safari/537.36

Response headers

date
Wed, 13 Sep 2023 21:29:37 GMT
x-cache-status-inferno-s
HIT
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
2252267
cf-polished
origSize=21
content-length
19
x-inferno-location
static
accessing-static
1
pragma
cache
cf-bgj
minify
last-modified
Wed, 15 Sep 2021 14:06:22 GMT
server
cloudflare
etag
"6141fdde-15"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=ClySJNHqu9gIzWN%2B0rCy%2BlykUPOojj6Srxm1FtS0wZ80c134TDhHl0CfxgRe5Df7eQM9vIoBOCbSAq%2BnROW0Uo9a5jQHiIw0Thls2SKVXL088Ms%2BNNjrUEsm7IDHk2GPDfjRhY3nDVHdLWtWybRfxuvyfoo%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=31536000, stale-while-revalidate=30, stale-if-error=30
access-control-allow-credentials
true
accept-ranges
bytes
cf-ray
80637c9709c50e8f-MXP
ns.html
www.googletagmanager.com/ 		0
0
embed_player.php
player.nu6i-bg-net.com/player/ 		0
0
Primary Request embed_player.php
player.nu6i-bg-net.com/player/ 		46 KB
15 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://player.nu6i-bg-net.com/player/embed_player.php?vpn=1&vid=1
Requested by
Host: player.nu6i-bg-net.com
URL: https://player.nu6i-bg-net.com/e/K2d3V0ZVRHZZcW5PSC9JRk5HVG5PUT09
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::ac43:4861 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
7205b8e897c6a14c37837f6e5dc537ff5c5d2869551a62a31f32f8785d56e45d
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block;

Request headers

Referer
https://player.nu6i-bg-net.com/e/K2d3V0ZVRHZZcW5PSC9JRk5HVG5PUT09
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.187 Safari/537.36
accept-language
it-IT,it;q=0.9

Response headers

cache-control
no-store, no-cache, must-revalidate, max-age=0, post-check=0, pre-check=0
cf-cache-status
DYNAMIC
cf-ray
80637c976a7c0e8f-MXP
content-encoding
br
content-type
text/html; charset=UTF-8
date
Wed, 13 Sep 2023 21:29:37 GMT
link
<//player.nu6i-bg-net.com>; rel=preconnect; crossorigin, <//global.stun.twilio.com>; rel=dns-prefetch; crossorigin, <//counter.yadro.ru>; rel=preconnect; crossorigin, <//imasdk.googleapis.com>; rel=preconnect; crossorigin, <//stun2.l.google.com>; rel=dns-prefetch; crossorigin, <//unpkg.com>; rel=preconnect; crossorigin, <//mc.yandex.ru>; rel=preconnect; crossorigin, <//cdn.jsdelivr.net>; rel=preconnect; crossorigin, <//signal.netu.tv>; rel=dns-prefetch; crossorigin,<//wss.commentsmodule.com>; rel=dns-prefetch; crossorigin, <//www.gstatic.com>; rel=preconnect; crossorigin, <//imasdk.googleapis.com>; rel=preconnect; crossorigin, <//storage.googleapis.com>; rel=preconnect; crossorigin, <//www.google.com>; rel=preconnect; crossorigin,<//a.labadena.com>; rel=preconnect; crossorigin, <//deliver.vkcdnservice.com>; rel=preconnect; crossorigin,<//vkcdnservice.appspot.com.storage.googleapis.com>; rel=preconnect; crossorigin, <//www.google.com>; rel=preconnect; crossorigin, <//www.recaptcha.net>; rel=preconnect; crossorigin, <//cdnjs.cloudflare.com>; rel=preconnect; crossorigin
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
p3p
policyref="http://www.example.com/w3c/p3p.xml", CP="CURa ADMa DEVa CONo HISa OUR IND DSP ALL COR"
pragma
no-cache
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=wOTlUI6h56%2FcGU86haRX2Mdbo7sqcsXe7eK6uqOwpohRiEoO74rZBjuxWGTMiC21vcvGjFx8O6V%2B%2BPan%2FUpnUpga0ZSnWqSHH6Xd6JOyDiYrLz90Glri052lKoc2THAGs63UHDBdGrZq8f2g0Z1xZSmKKbg%3D"}],"group":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
x-cache-status-inferno
MISS
x-content-type-options
nosniff
x-inferno-limit-req
PASSED
x-inferno-location
player
x-origin-location
player
x-robots-tag
'none, noindex, nofollow, noarchive, nosnippet, noodp, notranslate, noimageindex'
x-xss-protection
1; mode=block;
resolve
dns.google/ 		0
0
websocket_ip.min.js
player.nu6i-bg-net.com/js/ 		5 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://player.nu6i-bg-net.com/js/websocket_ip.min.js
Requested by
Host: player.nu6i-bg-net.com
URL: https://player.nu6i-bg-net.com/player/embed_player.php?vpn=1&vid=1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::ac43:4861 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
419b600e2a3d2523ed458633a946a9a07fcf046077f0ea79f3e435f154f04ee7

Request headers

accept-language
it-IT,it;q=0.9
Referer
https://player.nu6i-bg-net.com/player/embed_player.php?vpn=1&vid=1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.187 Safari/537.36

Response headers

date
Wed, 13 Sep 2023 21:29:37 GMT
content-encoding
br
x-cache-status-inferno-s
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-cache-status
HIT
age
2252268
x-inferno-location
static
accessing-static
1
pragma
cache
last-modified
Fri, 20 Jan 2023 13:44:36 GMT
server
cloudflare
etag
W/"63ca9ac4-121c"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=n%2FwIQqdSdIy77W%2Fimr8pxUmKjfpUaCxY%2Bc4GlJ1Vu5UzdwixwvA0%2FBqP7CAqqbtweN0aXg1p25syvZAaesfTbjTxyMGxmacqWlFmBA1wkGh9q50i9RrX3sSv0avSvPQRYwkkVvJQMGmh9R3HcuMfRgPGIOM%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=31536000, stale-while-revalidate=30, stale-if-error=30
access-control-allow-credentials
true
cf-ray
80637c983b940e8f-MXP
rocket-loader.min.js
player.nu6i-bg-net.com/cdn-cgi/scripts/7d0fa10a/cloudflare-static/ 		12 KB
4 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://player.nu6i-bg-net.com/cdn-cgi/scripts/7d0fa10a/cloudflare-static/rocket-loader.min.js
Requested by
Host: player.nu6i-bg-net.com
URL: https://player.nu6i-bg-net.com/player/embed_player.php?vpn=1&vid=1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::ac43:4861 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
ccf00d1923b0131a10e0c6d26f95e5dee6ebf8621a27e83c5a2f68a2e0093142
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options DENY

Request headers

accept-language
it-IT,it;q=0.9
Referer
https://player.nu6i-bg-net.com/player/embed_player.php?vpn=1&vid=1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.187 Safari/537.36

Response headers

date
Wed, 13 Sep 2023 21:29:37 GMT
content-encoding
gzip
x-content-type-options
nosniff
last-modified
Mon, 11 Sep 2023 13:04:22 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
etag
W/"64ff1056-302c"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=ZGiEHpb4p7DAfdPLi%2Fb%2BruknmbAy7TYw8H0Z3jOVN%2FGQuH6rqAhxvRl48k%2BB0pE%2B1v9bzPa57Op39j9ncrP8DIwpnjkwaP5AcjtqC15vj9Np3ZX5WNGs%2B3JPN67SyHTif8eCxGp%2BfdnPyBn8SbjvM5za8q8%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript
x-frame-options
DENY
cache-control
max-age=172800, public
cf-ray
80637c986bd90e8f-MXP
expires
Fri, 15 Sep 2023 21:29:37 GMT
jquery.min.js
unpkg.com/jquery@2.2.4/dist/ 		84 KB
30 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://unpkg.com/jquery@2.2.4/dist/jquery.min.js
Requested by
Host: player.nu6i-bg-net.com
URL: https://player.nu6i-bg-net.com/player/embed_player.php?vpn=1&vid=1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6810:7caf , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
05b85d96f41fff14d8f608dad03ab71e2c1017c2da0914d7c59291bad7a54f8e
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
it-IT,it;q=0.9
Referer
https://player.nu6i-bg-net.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.187 Safari/537.36

Response headers

date
Wed, 13 Sep 2023 21:29:37 GMT
via
1.1 fly.io
x-content-type-options
nosniff
cf-cache-status
HIT
content-encoding
br
strict-transport-security
max-age=31536000; includeSubDomains; preload
age
21093497
last-modified
Fri, 20 May 2016 17:24:42 GMT
fly-request-id
01GPKJVS2NVBDWC92QT0D3RZHK-fra
server
cloudflare
etag
W/"14e4a-abtp4lyn1e8JNTF1hOYVPz/ZqIw"
vary
Accept-Encoding
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
cache-control
public, max-age=31536000
cf-ray
80637c9898950e75-MXP
jquery.cookie.js
unpkg.com/jquery.cookie@1.4.1/ 		3 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://unpkg.com/jquery.cookie@1.4.1/jquery.cookie.js
Requested by
Host: player.nu6i-bg-net.com
URL: https://player.nu6i-bg-net.com/player/embed_player.php?vpn=1&vid=1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6810:7caf , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
b84161c9fbf7520cd14e7019f92120bd87a928a074156e91a992eba9fc9436e8
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
it-IT,it;q=0.9
Referer
https://player.nu6i-bg-net.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.187 Safari/537.36

Response headers

date
Wed, 13 Sep 2023 21:29:37 GMT
via
1.1 fly.io
x-content-type-options
nosniff
cf-cache-status
HIT
content-encoding
br
strict-transport-security
max-age=31536000; includeSubDomains; preload
age
7136866
last-modified
Sun, 27 Apr 2014 20:04:54 GMT
fly-request-id
01G67NVMNMHV1G39FFDGAH3G21-cdg
server
cloudflare
etag
W/"c31-MeG8xM+AWiwv7iH0je0eWY9koqg"
vary
Accept-Encoding
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
cache-control
public, max-age=31536000
cf-ray
80637c98d9050e75-MXP
d_check.js
player.nu6i-bg-net.com/js/ 		3 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://player.nu6i-bg-net.com/js/d_check.js?34
Requested by
Host: player.nu6i-bg-net.com
URL: https://player.nu6i-bg-net.com/player/embed_player.php?vpn=1&vid=1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::ac43:4861 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
8ace85fc8a73d8a4fe87a23c0f4d0b016d78b2dba4027882d6a7a82862a72067

Request headers

accept-language
it-IT,it;q=0.9
Referer
https://player.nu6i-bg-net.com/player/embed_player.php?vpn=1&vid=1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.187 Safari/537.36

Response headers

date
Wed, 13 Sep 2023 21:29:37 GMT
content-encoding
br
x-cache-status-inferno-s
HIT
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
2252267
cf-polished
origSize=3466
x-inferno-location
static
accessing-static
1
pragma
cache
cf-bgj
minify
last-modified
Thu, 27 Feb 2020 14:57:53 GMT
server
cloudflare
etag
W/"5e57d8f1-d8a"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=JAsWQpW9etprnAvu0727XWpgTw%2B8XmYHrsaETZYZEeHa25EEfdy3yhWBD0FC2ICICx9lD%2Bd2ooPsPg77zw7IhB2zufEwF0l1K6etYmMU7rWpNdzmps0kAvM2%2Fr0w1rwukMQNk711BOF6o9wLsWu9Qad2yT0%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=31536000, stale-while-revalidate=30, stale-if-error=30
access-control-allow-credentials
true
cf-ray
80637c990c830e8f-MXP
embed.220.js
player.nu6i-bg-net.com/js/ 		98 KB
29 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://player.nu6i-bg-net.com/js/embed.220.js?736
Requested by
Host: player.nu6i-bg-net.com
URL: https://player.nu6i-bg-net.com/player/embed_player.php?vpn=1&vid=1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::ac43:4861 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
3100e3dfc2aa57c5e6ac79de29f8265ea9d8b4092e1f72ba20dbccf5edea64e6

Request headers

accept-language
it-IT,it;q=0.9
Referer
https://player.nu6i-bg-net.com/player/embed_player.php?vpn=1&vid=1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.187 Safari/537.36

Response headers

date
Wed, 13 Sep 2023 21:29:37 GMT
content-encoding
br
x-cache-status-inferno-s
HIT
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
137553
cf-polished
origSize=172249
x-inferno-location
static
accessing-static
1
pragma
cache
cf-bgj
minify
last-modified
Tue, 12 Sep 2023 07:07:10 GMT
server
cloudflare
etag
W/"65000e1e-2a0d9"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=eSVfur3swTyzYJIiF4TgLeUm2wEcXgcwjsuxgVJVfDY8q%2FuOGfhcR4mIqhNJ0hqvO%2FKRKZlIxNNfsn3bTBmsYfajuufzi7xRil4j0SeDwx22zMQ5p3wKWmqVHSWh2hnXJdVP2f1jB3UyRNs3WmJpPJE8iKg%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=31536000, stale-while-revalidate=30, stale-if-error=30
access-control-allow-credentials
true
cf-ray
80637c993cbb0e8f-MXP
popunder.js
player.nu6i-bg-net.com/ad/top/ 		19 B
386 B 		Script
General
Check archive.org
Download Go to
Full URL
https://player.nu6i-bg-net.com/ad/top/popunder.js
Requested by
Host: player.nu6i-bg-net.com
URL: https://player.nu6i-bg-net.com/player/embed_player.php?vpn=1&vid=1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::ac43:4861 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
42bb8bf6df8989c882f575e07cb92ebdfcb68711e27c9d76666d5f96a483195a

Request headers

accept-language
it-IT,it;q=0.9
Referer
https://player.nu6i-bg-net.com/player/embed_player.php?vpn=1&vid=1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.187 Safari/537.36

Response headers

date
Wed, 13 Sep 2023 21:29:37 GMT
x-cache-status-inferno-s
HIT
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
2252267
cf-polished
origSize=21
content-length
19
x-inferno-location
static
accessing-static
1
pragma
cache
cf-bgj
minify
last-modified
Wed, 15 Sep 2021 14:06:22 GMT
server
cloudflare
etag
"6141fdde-15"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=oLW75b0L8mYI5gU8ld8VqeKu6FwK2Qv%2FEorzSy4FvDH1KjAj6fo%2B0%2BcNop2rpW0TUoYedCsobT%2F7fz3q11ZVEsi52YS%2BcQ%2B3DB7Qsvo8y%2FgCTpsmAiwwFkVyJTru%2FxsMU3xqvMX7Up0L6SoDhkFvyTuu8GU%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=31536000, stale-while-revalidate=30, stale-if-error=30
access-control-allow-credentials
true
accept-ranges
bytes
cf-ray
80637c998d1a0e8f-MXP
ns.html
www.googletagmanager.com/ 		0
0 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagmanager.com/ns.html?id=GTM-WBDQQ5
Requested by
Host: player.nu6i-bg-net.com
URL: https://player.nu6i-bg-net.com/player/embed_player.php?vpn=1&vid=1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82a::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
it-IT,it;q=0.9
Referer
https://player.nu6i-bg-net.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.187 Safari/537.36

Response headers
embed_player.3.css
player.nu6i-bg-net.com/styles/global/ 		4 KB
2 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://player.nu6i-bg-net.com/styles/global/embed_player.3.css?130
Requested by
Host: player.nu6i-bg-net.com
URL: https://player.nu6i-bg-net.com/player/embed_player.php?vpn=1&vid=1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::ac43:4861 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
c9190c55a43f22a3ac3a368b98a1010d3c7f44d1a4e29aff7c8b49d2a884261e

Request headers

accept-language
it-IT,it;q=0.9
Referer
https://player.nu6i-bg-net.com/player/embed_player.php?vpn=1&vid=1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.187 Safari/537.36

Response headers

date
Wed, 13 Sep 2023 21:29:37 GMT
content-encoding
br
x-cache-status-inferno-s
HIT
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
2252268
cf-polished
origSize=5889
x-inferno-location
static
accessing-static
1
pragma
cache
cf-bgj
minify
last-modified
Wed, 09 Dec 2020 22:16:37 GMT
server
cloudflare
etag
W/"5fd14cc5-1701"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=0YHvfkJrZmrUpSYWLmSXQ5Cmin2BNEEceRY932bc8AlEjrJDCFlKoDozri%2BOOinwAZO7DBIfdkJY%2BVh1s2r93GbRrX4%2FlIHTGUAsmn3V4ZmhcaELmL70yxm7vwp13DaHYYmoc5uxMzAg8Ajt8cX0aYWaxX0%3D"}],"group":"cf-nel","max_age":604800}
content-type
text/css; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=31536000, stale-while-revalidate=30, stale-if-error=30
access-control-allow-credentials
true
cf-ray
80637c9a0dd70e8f-MXP
script-2.12.5.js
player.nu6i-bg-net.com/js/ 		13 KB
5 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://player.nu6i-bg-net.com/js/script-2.12.5.js
Requested by
Host: player.nu6i-bg-net.com
URL: https://player.nu6i-bg-net.com/js/embed.220.js?736
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::ac43:4861 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
2e73134c5fd83ac5b68259ceb7127b33cbfa240131089ffdbdb6580c47acf496

Request headers

accept-language
it-IT,it;q=0.9
Referer
https://player.nu6i-bg-net.com/player/embed_player.php?vpn=1&vid=1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.187 Safari/537.36

Response headers

date
Wed, 13 Sep 2023 21:29:37 GMT
content-encoding
br
x-cache-status-inferno-s
HIT
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
2252267
cf-polished
origSize=19640
x-inferno-location
static
accessing-static
1
pragma
cache
cf-bgj
minify
last-modified
Tue, 01 Dec 2020 19:28:37 GMT
server
cloudflare
etag
W/"5fc69965-4cb8"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=LAjR7VU%2FXV5zHaxg5M8uM4grSHwPdE7xwRw4SDyRV7n08HhixsYu2zxwa9yOjNiGNCn3IlPkmAUrlKKoVf%2F1XX124t%2FshZa%2B6Pz9DZ1cjt1cpG%2F9EHXl1WMfZP7w%2FoaYY5NGBp9GqE%2BBf8oU0yU4QVjzBrg%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=31536000, stale-while-revalidate=30, stale-if-error=30
access-control-allow-credentials
true
cf-ray
80637c9a3e040e8f-MXP
trace
player.nu6i-bg-net.com/cdn-cgi/ 		322 B
422 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://player.nu6i-bg-net.com/cdn-cgi/trace
Requested by
Host: unpkg.com
URL: https://unpkg.com/jquery@2.2.4/dist/jquery.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::ac43:4861 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
f14b9f2ff0255b18da41d3232e6b77ea31a877f9420fb21529962c44df199f56
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options DENY

Request headers

Accept
*/*
Referer
https://player.nu6i-bg-net.com/player/embed_player.php?vpn=1&vid=1
X-Requested-With
XMLHttpRequest
accept-language
it-IT,it;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.187 Safari/537.36

Response headers

date
Wed, 13 Sep 2023 21:29:37 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cloudflare
x-frame-options
DENY
content-type
text/plain
access-control-allow-origin
*
cache-control
no-cache
cf-ray
80637c9a4e0b0e8f-MXP
expires
Thu, 01 Jan 1970 00:00:01 GMT
segment.css
player.nu6i-bg-net.com/styles/global/ 		502 B
571 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://player.nu6i-bg-net.com/styles/global/segment.css?11
Requested by
Host: player.nu6i-bg-net.com
URL: https://player.nu6i-bg-net.com/player/embed_player.php?vpn=1&vid=1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::ac43:4861 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
6345fa1213faa8b9545959f54ae43d001657c8365dbc2fc6cc61a33840b77482

Request headers

accept-language
it-IT,it;q=0.9
Referer
https://player.nu6i-bg-net.com/player/embed_player.php?vpn=1&vid=1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.187 Safari/537.36

Response headers

date
Wed, 13 Sep 2023 21:29:37 GMT
content-encoding
br
x-cache-status-inferno-s
MISS
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
23532
cf-polished
origSize=616
x-inferno-location
static
accessing-static
1
pragma
cache
cf-bgj
minify
last-modified
Sun, 17 Mar 2019 16:12:54 GMT
server
cloudflare
etag
W/"5c8e7206-268"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=wa%2FCfJqwm9AqHMAYINQ9YxcyRD97aWgB7Fkkyr0fa1FlFJhViuOPzQ3ZvqG4Nc9T2zgRySbsPkcO8QtkMNe%2B9REYE3j%2BIHH7ftKOuUi2FtFFTAEOdpaiIP3MNemzX0aNRi%2FHsaj0%2BGTAXBiWteki7WTYAaU%3D"}],"group":"cf-nel","max_age":604800}
content-type
text/css; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=31536000, stale-while-revalidate=30, stale-if-error=30
access-control-allow-credentials
true
cf-ray
80637c9a4e0c0e8f-MXP
embed_menu.css
player.nu6i-bg-net.com/styles/cbv2new/theme/ 		7 KB
2 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://player.nu6i-bg-net.com/styles/cbv2new/theme/embed_menu.css?21
Requested by
Host: player.nu6i-bg-net.com
URL: https://player.nu6i-bg-net.com/player/embed_player.php?vpn=1&vid=1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::ac43:4861 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
ebe422d20cc67ee7114f810f902b39f381655680dc71729222318e88ceda20ca

Request headers

accept-language
it-IT,it;q=0.9
Referer
https://player.nu6i-bg-net.com/player/embed_player.php?vpn=1&vid=1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.187 Safari/537.36

Response headers

date
Wed, 13 Sep 2023 21:29:37 GMT
content-encoding
br
x-cache-status-inferno-s
HIT
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
2252408
cf-polished
origSize=9920
x-inferno-location
static
accessing-static
1
pragma
cache
cf-bgj
minify
last-modified
Wed, 02 Dec 2020 01:21:09 GMT
server
cloudflare
etag
W/"5fc6ec05-26c0"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=1LOlda7clhIUhiw0NPTXb9DouABSx8mm2f9hluyILT7Sxjs%2Bth%2BMWXBEHvDbQLiruW7BXrmi63yVBVgM%2FhThJEk9sL%2BfXJedjj%2FnXQTPnU%2FbcI5251rUD2az7qm5XS5e%2BRxMSRxYJ91lQ%2Fg%2BuoaViHCCry0%3D"}],"group":"cf-nel","max_age":604800}
content-type
text/css; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=31536000, stale-while-revalidate=30, stale-if-error=30
access-control-allow-credentials
true
cf-ray
80637c9a6e3e0e8f-MXP
css
fonts.googleapis.com/ 		5 KB
1 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://fonts.googleapis.com/css?family=Open+Sans:400,300&subset=latin,cyrillic
Requested by
Host: player.nu6i-bg-net.com
URL: https://player.nu6i-bg-net.com/styles/cbv2new/theme/embed_menu.css?21
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:831::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
785b3c6cc775a90a0c69c4ca9228dce8d19e91fdbea991ce3ed438f3e77e38c2
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

accept-language
it-IT,it;q=0.9
Referer
https://player.nu6i-bg-net.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.187 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
date
Wed, 13 Sep 2023 21:29:37 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection
0
last-modified
Wed, 13 Sep 2023 20:36:59 GMT
server
ESF
cross-origin-opener-policy
same-origin-allow-popups
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Wed, 13 Sep 2023 21:29:37 GMT
segment.7.js
player.nu6i-bg-net.com/js/ 		5 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://player.nu6i-bg-net.com/js/segment.7.js?157
Requested by
Host: player.nu6i-bg-net.com
URL: https://player.nu6i-bg-net.com/player/embed_player.php?vpn=1&vid=1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::ac43:4861 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
6901b9396618b67ceb356c7d4c0389c48f88a1d25b80e45b209c5a820044ea45

Request headers

accept-language
it-IT,it;q=0.9
Referer
https://player.nu6i-bg-net.com/player/embed_player.php?vpn=1&vid=1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.187 Safari/537.36

Response headers

date
Wed, 13 Sep 2023 21:29:37 GMT
content-encoding
br
x-cache-status-inferno-s
HIT
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
2252405
cf-polished
origSize=7169
x-inferno-location
static
accessing-static
1
pragma
cache
cf-bgj
minify
last-modified
Fri, 10 Dec 2021 17:25:16 GMT
server
cloudflare
etag
W/"61b38d7c-1c01"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=j%2B5og2Kl0554W%2B959qi8Lto8VWQL5g%2B2Os2MQG0YYySjHy%2Brjgt9CR4P0tA%2BpR%2BQioOl0e0BfIuQc7eVT3w%2B%2BXf%2BZ4OujEUbjxV7SA3zsRKuJQGv9%2FMD5lyHhrINJ5HFFP%2B2Rcwu3SBayT52kggnpScG3qE%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=31536000, stale-while-revalidate=30, stale-if-error=30
access-control-allow-credentials
true
cf-ray
80637c9b3f630e8f-MXP
memvYaGs126MiZpBA-UvWbX2vVnXBbObj2OVTS-muw.woff2
fonts.gstatic.com/s/opensans/v35/ 		47 KB
48 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/opensans/v35/memvYaGs126MiZpBA-UvWbX2vVnXBbObj2OVTS-muw.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Open+Sans:400,300&subset=latin,cyrillic
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:829::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
7c7818c25a18e8a38553fcbcbc2ad0b5e964103a7d2e494f82815e3f70bf3fc5
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
https://player.nu6i-bg-net.com
accept-language
it-IT,it;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.187 Safari/537.36

Response headers

date
Sat, 09 Sep 2023 00:05:03 GMT
x-content-type-options
nosniff
age
422674
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
48412
x-xss-protection
0
last-modified
Tue, 02 May 2023 15:08:53 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Sun, 08 Sep 2024 00:05:03 GMT
resolve
dns.google/ 		321 B
520 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://dns.google/resolve?name=213.127.145.192.in-addr.arpa&type=PTR&cd=true
Requested by
Host: player.nu6i-bg-net.com
URL: https://player.nu6i-bg-net.com/player/embed_player.php?vpn=1&vid=1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2001:4860:4860::8888 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
HTTP server (unknown) /
Resource Hash
5369a27d56b5559db77f71923cd9c415642b66b63139b509cab1a1cbb4272fda
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

accept-language
it-IT,it;q=0.9
Referer
https://player.nu6i-bg-net.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.187 Safari/537.36

Response headers

strict-transport-security
max-age=31536000; includeSubDomains; preload
date
Wed, 13 Sep 2023 21:29:37 GMT
x-content-type-options
nosniff
content-encoding
gzip
server
HTTP server (unknown)
x-frame-options
SAMEORIGIN
content-type
application/json; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=1800
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
225
x-xss-protection
0
expires
Wed, 13 Sep 2023 21:29:37 GMT
netu.php
sadjklq.com/ 		1 KB
1014 B 		Script
General
Check archive.org
Download Go to
Full URL
https://sadjklq.com/netu.php
Requested by
Host: player.nu6i-bg-net.com
URL: https://player.nu6i-bg-net.com/cdn-cgi/scripts/7d0fa10a/cloudflare-static/rocket-loader.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3031::ac43:c68b , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare / PHP/7.1.33
Resource Hash
5a1c2863ee52bc9fc00e97531543fd3e7bb77b042d591753c3ef0fe4dc760bf3

Request headers

accept-language
it-IT,it;q=0.9
Referer
https://player.nu6i-bg-net.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.187 Safari/537.36

Response headers

date
Wed, 13 Sep 2023 21:29:37 GMT
content-encoding
br
cf-cache-status
DYNAMIC
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
x-powered-by
PHP/7.1.33
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=FdUE8g6L1y0M8XrztDv0tvIkxvvoWtFULpH7AZ%2BszrSYRGJqSj7pMqXMM%2FQQURMI8SrmTRkc8eKZO95jejrN2OG2deVVrUyD%2BUVycqsepFEHqNBV%2F3rdKOSrQF1j7tNzU1emoCSHYuSAbQ%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript
cf-ray
80637c9bf8af5a37-MXP
alt-svc
h3=":443"; ma=86400
s.js
player.nu6i-bg-net.com/cdn-cgi/zaraz/ 		5 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://player.nu6i-bg-net.com/cdn-cgi/zaraz/s.js?z=JTdCJTIyZXhlY3V0ZWQlMjIlM0ElNUIlNUQlMkMlMjJ0JTIyJTNBJTIyVmlkZW8lMjBwbGF5ZXIlMjAlMjIlMkMlMjJ4JTIyJTNBMC41NjY1Mjk1MTM5MDYyMTgzJTJDJTIydyUyMiUzQTE2MDAlMkMlMjJoJTIyJTNBMTIwMCUyQyUyMmolMjIlM0ExMjAwJTJDJTIyZSUyMiUzQTE2MDAlMkMlMjJsJTIyJTNBJTIyaHR0cHMlM0ElMkYlMkZwbGF5ZXIubnU2aS1iZy1uZXQuY29tJTJGcGxheWVyJTJGZW1iZWRfcGxheWVyLnBocCUzRnZwbiUzRDElMjZ2aWQlM0QxJTIzaXNzJTNETWpBd01UcGhZemc2TWpRNk5EUTZPakU1JTIyJTJDJTIyciUyMiUzQSUyMmh0dHBzJTNBJTJGJTJGcGxheWVyLm51NmktYmctbmV0LmNvbSUyRmUlMkZLMmQzVjBaVlJIWlpjVzVQU0M5SlJrNUhWRzVQVVQwOSUyMiUyQyUyMmslMjIlM0EyNCUyQyUyMm4lMjIlM0ElMjJVVEYtOCUyMiUyQyUyMm8lMjIlM0EtMTIwJTJDJTIycSUyMiUzQSU1QiU1RCU3RA==
Requested by
Host: player.nu6i-bg-net.com
URL: https://player.nu6i-bg-net.com/player/embed_player.php?vpn=1&vid=1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::ac43:4861 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
cd5c54bda27821bc6e29d31fa56420680861ff1b3109c6b3c83e86508ebf2d0c

Request headers

accept-language
it-IT,it;q=0.9
Referer
https://player.nu6i-bg-net.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.187 Safari/537.36

Response headers

date
Wed, 13 Sep 2023 21:29:37 GMT
content-encoding
br
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
access-control-max-age
600
vary
Origin, Accept-Encoding
access-control-allow-methods
GET, HEAD, POST, OPTIONS
access-control-allow-origin
https://player.nu6i-bg-net.com
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Pd0CnTQLuBtGBf%2BAvg%2BjiTZqck8aqkKuy5ibHFRXr0ZfAP9dyqYv9EsbCBr%2BV7lv9ro%2F0a94cWdg1eYIcfk6DWwQNYrbNOhFtIJ6f3ryMKyy7fdXvWh7a2x8uiTwcTLBrdIytlwEZ3DDl3kgNM15%2BhLvPRc%3D"}],"group":"cf-nel","max_age":604800}
content-type
text/javascript; charset=utf-8
access-control-allow-credentials
true
cf-ray
80637c9baff00e8f-MXP
access-control-allow-headers
Content-Type, Set-Cookie, Cache-Control
ajax.php
player.nu6i-bg-net.com/ 		0
681 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://player.nu6i-bg-net.com/ajax.php?mode=insert_script
Requested by
Host: unpkg.com
URL: https://unpkg.com/jquery@2.2.4/dist/jquery.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::ac43:4861 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 1; mode=block;

Request headers

Accept
*/*
Referer
https://player.nu6i-bg-net.com/player/embed_player.php?vpn=1&vid=1
X-Requested-With
XMLHttpRequest
accept-language
it-IT,it;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.187 Safari/537.36
Content-Type
application/x-www-form-urlencoded; charset=UTF-8

Response headers

date
Wed, 13 Sep 2023 21:29:38 GMT
content-encoding
br
x-content-type-options
nosniff
cf-cache-status
DYNAMIC
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
p3p
policyref="http://www.example.com/w3c/p3p.xml", CP="CURa ADMa DEVa CONo HISa OUR IND DSP ALL COR"
x-xss-protection
1; mode=block;
x-inferno-location
ajax
server
cloudflare
x-frame-options
DENY
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=ouTAjhL2CUVZDm%2FdK%2FirjUolQIY4eilu2YobjJE6iF0FsEQOyLQH71bsoexLqMclG%2FrfouwQu6uIN9FRAlzLhuTiQm4RkTB1ZqzRIUxUDhtqXV%2BUDAH6rg6dT8oGxOpDVkYxLEzVR7R5q5l5OelFX1B5KCE%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/json; charset=UTF-8
vary
Accept-Encoding
access-control-allow-origin
*
cache-control
no-store, no-cache, private
access-control-allow-credentials
true
x-origin-location
ajax
x-robots-tag
'none, noindex, nofollow, noarchive, nosnippet, noodp, notranslate, noimageindex'
cf-ray
80637c9c288f0e8f-MXP
f.php
sadjklq.com/ Frame EAA5 		0
0
zxwk7krOl5
marazma.com/sub/ Frame 0FA1 		233 B
584 B 		Document
General
Check archive.org
Download Go to
Full URL
https://marazma.com/sub/zxwk7krOl5
Requested by
Host: player.nu6i-bg-net.com
URL: https://player.nu6i-bg-net.com/e/K2d3V0ZVRHZZcW5PSC9JRk5HVG5PUT09
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a06:98c1:3120::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
02c5f57a077940444e91a2e72b8cdeefb95ae3e30822371c8161be3f04d2bda4

Request headers

Referer
https://player.nu6i-bg-net.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.187 Safari/537.36
accept-language
it-IT,it;q=0.9

Response headers

alt-svc
h3=":443"; ma=86400
cf-cache-status
DYNAMIC
cf-ray
80637ca91b9dbaac-MXP
content-encoding
br
content-type
text/html; charset=utf-8
date
Wed, 13 Sep 2023 21:29:40 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=ASJgDKsu8yWoSPNaeh5GAmxdrJNl0DQyVgiXB85hWjmGtr6VEeUT4HG6IvRtc8MH7a61K60%2F0%2FqgSrS9WmQ4ksRrmbvkkWVhNCin96rvJCfwtyvYmhvNDnpVvDXgl0EPWOraCRHcCaFf%2Bg%3D%3D"}],"group":"cf-nel","max_age":604800}
server
cloudflare
redirect
xml.poprtb.com/ Frame 0FA1
Redirect Chain
  • https://marazma.com/load
  • https://xml.poprtb.com/redirect?feed=491010&auth=OpDJQF&pubid=152420
0
165 B 		Document
General
Check archive.org
Download Go to
Full URL
https://xml.poprtb.com/redirect?feed=491010&auth=OpDJQF&pubid=152420
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
174.137.133.17 , United States, ASN27257 (WEBAIR-INTERNET, US),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Content-Type
application/x-www-form-urlencoded
Origin
https://marazma.com
Referer
https://marazma.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.187 Safari/537.36
accept-language
it-IT,it;q=0.9

Response headers

Age
0
Cache-Control
no-store
Connection
keep-alive
Content-Length
0
Date
Wed, 13 Sep 2023 21:29:40 GMT
Pragma
no-cache
Server
nginx

Redirect headers

alt-svc
h3=":443"; ma=86400
cf-cache-status
DYNAMIC
cf-ray
80637ca9cc9abaac-MXP
content-type
text/html; charset=utf-8
date
Wed, 13 Sep 2023 21:29:40 GMT
location
https://xml.poprtb.com/redirect?feed=491010&auth=OpDJQF&pubid=152420
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=KCXKKwCrQYH4xtHyyxqF%2FoSM1So2qJjbP32LjI9M95hRRbQlCC8GBPmnr%2BI%2BgloEM3eEmIBehelGbvzKRtvw0xCAlVHYtFSPTdy%2BLlCJ%2BS%2FLXXYoHI6CRsBKXIMAzj2Je6zyA2u1fOuOZw%3D%3D"}],"group":"cf-nel","max_age":604800}
server
cloudflare

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain
www.googletagmanager.com
URL
https://www.googletagmanager.com/ns.html?id=GTM-WBDQQ5
Domain
player.nu6i-bg-net.com
URL
https://player.nu6i-bg-net.com/player/embed_player.php?vpn=1&vid=1
Domain
dns.google
URL
https://dns.google/resolve?name=213.127.145.192.in-addr.arpa&type=PTR&cd=true
Domain
sadjklq.com
URL
https://sadjklq.com/f.php?sid=212040

Verdicts & Comments Add Verdict or Comment

233 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| 0 object| documentPictureInPicture string| popns string| suburl string| ws string| adtype string| adfree number| data_downloaded function| is_ipv4 function| is_ipv6 object| simpleIPRegex function| peer function| publicIPs function| getIPTypes function| getIPv4 function| getIPv6 function| getIPs boolean| is_g function| isPrivateIP function| check_dns boolean| new_ad undefined| fuckAdBlock boolean| isporn boolean| was_click undefined| olplayer object| html5 boolean| UvtB object| zarazData object| zaraz undefined| referrer undefined| dms undefined| itemdms undefined| hostRedirection function| openAuc function| $ function| jQuery function| is_touch_device function| isMobileDevice object| device number| ancestorOriginCount string| spotUrl string| vasturl number| openedSecondPop boolean| was_inserted string| checkbadisffref string| userid string| server_referer string| videoid boolean| adblockcheck string| popref string| adscorestored boolean| adscoreload function| ignoreerror boolean| isChrome boolean| isIE11 undefined| standalonevw string| userAgentvw boolean| safarivw boolean| chromebr boolean| iosvw boolean| vwview object| canvas object| gl object| debugInfo string| vendor string| renderer function| randomInteger function| isInViewport function| loadCss function| showLoad boolean| passiveSupported object| options function| loadJs function| loadIss function| isM function| onProgress undefined| data_beacon number| sendedtraffic boolean| send_traffic_usage_doing object| send_traffic_usage_timer boolean| new_req_send function| sendtrafficusage function| checkIOSVersion function| detectWebGLContext function| supportWC function| webgl_support function| webgl_detect function| makeid function| generateRnd function| escapeHTML function| getJsonFromUrl function| self_top number| wpop number| hpop number| leftpop number| toppop function| openpopplayer string| refer object| ancarray object| ancl string| key function| getQueryVariable function| getIframeSize function| randsize number| h_pp number| w_pp function| resizeFunction function| urldecode function| isWindowFramed function| getFlashVersion undefined| timer function| load_banner undefined| tip_player string| version boolean| flashInstalled function| secondsToHms boolean| wasStarted function| localStor object| keysObj string| item function| googl function| getCookie function| secondsTimeSpanToHMS function| check_p2p function| check_hidden object| _0xf70b function| un object| _0x6d2b function| _0x2b93 function| parse_data function| ban_cf boolean| dest_fired function| dest object| _0xa761 function| dynamicallyLoadScript function| afterCf function| parseCloudflareInfo function| playVideojs function| getCloudflareInfo string| uid string| testcookie string| teststorage string| testsesstorage object| tid object| date boolean| sendLogWas function| sendLogGo function| sendLog function| lazyLoadImages undefined| timeout1 undefined| timeout2 boolean| dont_start number| tryagain number| minimalUserResponseInMiliseconds boolean| devtools function| fcheck function| tcheck boolean| wassch function| check_old function| check function| evcheck function| supportES6old function| supportES6 object| BetterJsPop function| merge_intervals undefined| gol undefined| ev undefined| tp number| itext object| textes function| countdown function| display function| player_init_js function| checksndb function| CustomHashFunctionExt function| M function| X function| V function| Y function| md5_cmn function| md5_ff function| md5_gg function| md5_hh function| md5_ii function| safe_add function| bit_rol function| randomStringExt function| generateHashExt function| goasg boolean| chprvstr function| change_prewiev function| change_prewiev_st function| goafterevent function| olplayer_ready function| openpopplayerin function| player_buttons function| player_srt_fix function| someFunction function| convert_srt_to_vtt function| rInterval function| rtimeOut number| ysel function| runBD object| my_config object| devtoolsDetector number| duration function| time function| onPlay string| pop boolean| ad_ad string| ad string| ppage string| ppref string| sesshash object| __NA object| overlay_as_script string| file_name_v function| pt boolean| noPopunder boolean| fireds function| sel_pl_f function| createTable string| form_data string| pl_data boolean| wastitlesearch function| search_vid_f object| __cfQR object| dataLayer object| script function| load_if function| check_is_g object| iFrame boolean| __cfRLUnblockHandlers

7 Cookies

Domain/Path Name / Value
player.nu6i-bg-net.com/ Name: uid
Value: h9_cqwtDI2p0ay4rf0nivoALWe-3m7BH
.nu6i-bg-net.com/ Name: google-analytics_v4_f32a__engagementStart
Value: 1694640577875
.nu6i-bg-net.com/ Name: google-analytics_v4_f32a__counter
Value: 1
.nu6i-bg-net.com/ Name: google-analytics_v4_f32a__ga4sid
Value: 828930541
.nu6i-bg-net.com/ Name: google-analytics_v4_f32a__session_counter
Value: 1
.nu6i-bg-net.com/ Name: google-analytics_v4_f32a__ga4
Value: ec75fc98-aab9-448b-bd2e-9e1913e2abda
.nu6i-bg-net.com/ Name: google-analytics_v4_f32a__let
Value: 1694640577875

4 Console Messages

Source Level URL
Text
network error URL: https://commentsmodule.com/js/js.load.1.js?7671134909230470
Message:
Failed to load resource: the server responded with a status of 403 ()
other warning URL: https://sadjklq.com/netu.php(Line 3)
Message:
Unrecognized feature: 'bluetooth'.
other warning URL: https://sadjklq.com/netu.php(Line 3)
Message:
Unrecognized feature: 'document-domain'.
other warning URL: https://sadjklq.com/netu.php(Line 3)
Message:
Unrecognized feature: 'web-share'.

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header Value
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block;

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

commentsmodule.com
dns.google
fonts.googleapis.com
fonts.gstatic.com
marazma.com
player.nu6i-bg-net.com
sadjklq.com
unpkg.com
www.googletagmanager.com
xml.poprtb.com
dns.google
player.nu6i-bg-net.com
sadjklq.com
www.googletagmanager.com
174.137.133.17
2001:4860:4860::8888
2606:4700:20::ac43:4861
2606:4700:3031::ac43:c68b
2606:4700::6810:7caf
2a00:1450:4001:829::2003
2a00:1450:4001:82a::2008
2a00:1450:4001:831::200a
2a06:98c1:3120::3
2a06:98c1:3121::3
02c5f57a077940444e91a2e72b8cdeefb95ae3e30822371c8161be3f04d2bda4
05b85d96f41fff14d8f608dad03ab71e2c1017c2da0914d7c59291bad7a54f8e
2e73134c5fd83ac5b68259ceb7127b33cbfa240131089ffdbdb6580c47acf496
3100e3dfc2aa57c5e6ac79de29f8265ea9d8b4092e1f72ba20dbccf5edea64e6
419b600e2a3d2523ed458633a946a9a07fcf046077f0ea79f3e435f154f04ee7
42bb8bf6df8989c882f575e07cb92ebdfcb68711e27c9d76666d5f96a483195a
458cc3be215bef898d5e6a41e25f0c022e6d5d5e61add13f13c01898bb53b9bc
5369a27d56b5559db77f71923cd9c415642b66b63139b509cab1a1cbb4272fda
5a1c2863ee52bc9fc00e97531543fd3e7bb77b042d591753c3ef0fe4dc760bf3
6345fa1213faa8b9545959f54ae43d001657c8365dbc2fc6cc61a33840b77482
6901b9396618b67ceb356c7d4c0389c48f88a1d25b80e45b209c5a820044ea45
7205b8e897c6a14c37837f6e5dc537ff5c5d2869551a62a31f32f8785d56e45d
73cdea3ea0691f9ac4150be0c937dc2ee7eaa10205168a84e41ef5c9e05784b7
785b3c6cc775a90a0c69c4ca9228dce8d19e91fdbea991ce3ed438f3e77e38c2
7c7818c25a18e8a38553fcbcbc2ad0b5e964103a7d2e494f82815e3f70bf3fc5
8ace85fc8a73d8a4fe87a23c0f4d0b016d78b2dba4027882d6a7a82862a72067
b84161c9fbf7520cd14e7019f92120bd87a928a074156e91a992eba9fc9436e8
c9190c55a43f22a3ac3a368b98a1010d3c7f44d1a4e29aff7c8b49d2a884261e
ccf00d1923b0131a10e0c6d26f95e5dee6ebf8621a27e83c5a2f68a2e0093142
cd5c54bda27821bc6e29d31fa56420680861ff1b3109c6b3c83e86508ebf2d0c
da37a7ecf10da85dd9b082774d02b66752f4617d0b8b3200343f550afd07e365
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
ebe422d20cc67ee7114f810f902b39f381655680dc71729222318e88ceda20ca
f14b9f2ff0255b18da41d3232e6b77ea31a877f9420fb21529962c44df199f56