urlscan.io logo urlscan.io
SecurityTrails logo

r.nizarstream.xyz Open in urlscan Pro
2606:4700:3031::6815:544e  Public Scan

Go To Rescan Add Verdict Report
URL: http://r.nizarstream.xyz/nba/stream/3447
Submission: On December 01 via manual from HK — Scanned from DE
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 36 IPs in 6 countries across 31 domains to perform 85 HTTP transactions. The main IP is 2606:4700:3031::6815:544e, located in United States and belongs to CLOUDFLARENET, US. The main domain is r.nizarstream.xyz.
This is the only time r.nizarstream.xyz was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
2 6 2606:4700:303... 13335 (CLOUDFLAR...)
2 2606:4700::68... 13335 (CLOUDFLAR...)
1 2a00:1450:400... 15169 (GOOGLE)
4 2606:4700::68... 13335 (CLOUDFLAR...)
2 2606:4700:303... 13335 (CLOUDFLAR...)
9 2a00:1450:400... 15169 (GOOGLE)
1 2606:4700:20:... 13335 (CLOUDFLAR...)
3 2600:9000:206... 16509 (AMAZON-02)
1 23.109.87.211 7979 (SERVERS-COM)
1 23.109.248.2 7979 (SERVERS-COM)
1 2606:4700::68... 13335 (CLOUDFLAR...)
4 2a06:98c1:312... 13335 (CLOUDFLAR...)
2 188.114.96.3 13335 (CLOUDFLAR...)
1 18.245.60.20 16509 (AMAZON-02)
2 18.245.60.13 16509 (AMAZON-02)
1 5 172.67.216.145 13335 (CLOUDFLAR...)
1 2a03:2880:f17... 32934 (FACEBOOK)
4 6 2a00:1450:400... 15169 (GOOGLE)
1 2606:4700:303... 13335 (CLOUDFLAR...)
2 5 2606:4700:10:... 13335 (CLOUDFLAR...)
2 2a00:1450:400... 15169 (GOOGLE)
2 139.45.197.245 9002 (RETN-AS)
2 2001:4860:480... 15169 (GOOGLE)
1 139.45.195.8 9002 (RETN-AS)
6 2606:4700:e2:... 13335 (CLOUDFLAR...)
1 173.233.139.164 7979 (SERVERS-COM)
2 2606:4700:e4:... 13335 (CLOUDFLAR...)
6 172.67.221.11 13335 (CLOUDFLAR...)
1 2606:4700:10:... 13335 (CLOUDFLAR...)
1 23.109.82.104 7979 (SERVERS-COM)
1 158.69.254.144 16276 (OVH)
1 2606:4700:303... 13335 (CLOUDFLAR...)
2 2a06:98c1:312... 13335 (CLOUDFLAR...)
1 2a00:1450:400... 15169 (GOOGLE)
6 62.182.80.93 30860 (YURTEH-AS)
85 36
6    2606:4700:3031::6815:544e (United States)

ASN13335 (CLOUDFLARENET, US)
r.nizarstream.xyz
2    2606:4700::6812:bcf (United States)

ASN13335 (CLOUDFLARENET, US)
maxcdn.bootstrapcdn.com
1    2a00:1450:4001:82f::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
ajax.googleapis.com
4    2606:4700::6810:5514 (United States)

ASN13335 (CLOUDFLARENET, US)
cdn.jsdelivr.net
2    2606:4700:3030::ac43:bca8 (United States)

ASN13335 (CLOUDFLARENET, US)
nizarstream.xyz
9    2a00:1450:4001:82f::2008 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.googletagmanager.com
1    2606:4700:20::ac43:4739 (United States)

ASN13335 (CLOUDFLARENET, US)
waust.at
3    2600:9000:206f:be00:1d:c6b0:9580:21 (United States)

ASN16509 (AMAZON-02, US)
d7tst6bnt99p2.cloudfront.net
1    23.109.87.211 (Netherlands)

ASN7979 (SERVERS-COM, US)
minningespeire.com
1    23.109.248.2 (Netherlands)

ASN7979 (SERVERS-COM, US)
anattospursier.com
1    2606:4700::6810:3865 (United States)

ASN13335 (CLOUDFLARENET, US)
static.cloudflareinsights.com
4    2a06:98c1:3121::3 (United States)

ASN13335 (CLOUDFLARENET, US)
liveon.sx
2    188.114.96.3 (Amsterdam, Netherlands)

ASN13335 (CLOUDFLARENET, US)
pogothere.xyz
1    18.245.60.20 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-18-245-60-20.fra60.r.cloudfront.net
tontrinevengre.com
2    18.245.60.13 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-18-245-60-13.fra60.r.cloudfront.net
tontrinevengre.com
5    172.67.216.145 (United States)

ASN13335 (CLOUDFLARENET, US)
dthechildren.org
1    2a03:2880:f173:81:face:b00c:0:25de (Amsterdam, Netherlands)

ASN32934 (FACEBOOK, US)
www.facebook.com
6    2a00:1450:4001:827::200d (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
accounts.google.com
1    2606:4700:3030::6815:1e22 (United States)

ASN13335 (CLOUDFLARENET, US)
arvigorothan.com
5    2606:4700:10::ac43:88d (United States)

ASN13335 (CLOUDFLARENET, US)
whos.amung.us
widgets.amung.us
2    2a00:1450:4001:802::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.google-analytics.com
2    139.45.197.245 (United Kingdom)

ASN9002 (RETN-AS, GB)
phaipaun.net
ptugnoaw.net
2    2001:4860:4802:32::36 (United States)

ASN15169 (GOOGLE, US)
region1.google-analytics.com
1    139.45.195.8 (United Kingdom)

ASN9002 (RETN-AS, GB)
my.rtmark.net
6    2606:4700:e2::ac40:8518 (United States)

ASN13335 (CLOUDFLARENET, US)
mvujvxc.com
1    173.233.139.164 (United States)

ASN7979 (SERVERS-COM, US)
sodainquired.com
2    2606:4700:e4::ac40:aa13 (United States)

ASN13335 (CLOUDFLARENET, US)
youradexchange.com
6    172.67.221.11 (United States)

ASN13335 (CLOUDFLARENET, US)
candlesouth.net
1    2606:4700:10::6814:5063 (United States)

ASN13335 (CLOUDFLARENET, US)
s10.histats.com
1    23.109.82.104 (Netherlands)

ASN7979 (SERVERS-COM, US)
qwy.qzqqnknavzjb.top
1    158.69.254.144 (Montreal, Canada)

ASN16276 (OVH, FR)
PTR: ns548341.ip-158-69-254.net
s4.histats.com
1    2606:4700:3031::6815:4a1b (United States)

ASN13335 (CLOUDFLARENET, US)
swarm.video
2    2a06:98c1:3120::9 (United States)

ASN13335 (CLOUDFLARENET, US)
awistats.com
1    2a00:1450:4001:827::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
fonts.googleapis.com
6    62.182.80.93 (Kyiv, Ukraine)

ASN30860 (YURTEH-AS, UA)
PTR: hosted-by.specialservers
ttdpqkjsy3j7vsxp.cdnministry.net
Apex Domain
Subdomains		 Transfer
9 googletagmanager.com
www.googletagmanager.com — Cisco Umbrella Rank: 36
135 KB
8 nizarstream.xyz
r.nizarstream.xyz
nizarstream.xyz
11 KB
6 cdnministry.net
ttdpqkjsy3j7vsxp.cdnministry.net
875 KB
6 candlesouth.net
candlesouth.net
64 KB
6 mvujvxc.com
mvujvxc.com
226 KB
6 google.com
accounts.google.com — Cisco Umbrella Rank: 23
3 KB
5 amung.us
whos.amung.us — Cisco Umbrella Rank: 17707
widgets.amung.us — Cisco Umbrella Rank: 33548
4 KB
5 dthechildren.org
dthechildren.org
2 KB
4 google-analytics.com
www.google-analytics.com — Cisco Umbrella Rank: 27
region1.google-analytics.com — Cisco Umbrella Rank: 2189
21 KB
4 liveon.sx
liveon.sx
16 KB
4 jsdelivr.net
cdn.jsdelivr.net — Cisco Umbrella Rank: 313
282 KB
3 tontrinevengre.com
tontrinevengre.com
4 KB
3 cloudfront.net
d7tst6bnt99p2.cloudfront.net
70 KB
2 awistats.com
awistats.com — Cisco Umbrella Rank: 403615
2 KB
2 histats.com
s10.histats.com — Cisco Umbrella Rank: 15174
s4.histats.com — Cisco Umbrella Rank: 14862
5 KB
2 youradexchange.com
youradexchange.com — Cisco Umbrella Rank: 35155
838 B
2 pogothere.xyz
pogothere.xyz — Cisco Umbrella Rank: 34161
101 KB
2 googleapis.com
ajax.googleapis.com — Cisco Umbrella Rank: 340
fonts.googleapis.com — Cisco Umbrella Rank: 29
31 KB
2 bootstrapcdn.com
maxcdn.bootstrapcdn.com — Cisco Umbrella Rank: 988
31 KB
1 swarm.video
swarm.video — Cisco Umbrella Rank: 358788
134 KB
1 qzqqnknavzjb.top
qwy.qzqqnknavzjb.top
1 KB
1 ptugnoaw.net
ptugnoaw.net
3 KB
1 sodainquired.com
sodainquired.com
1 rtmark.net
my.rtmark.net — Cisco Umbrella Rank: 12331
545 B
1 phaipaun.net
phaipaun.net — Cisco Umbrella Rank: 41677
2 KB
1 arvigorothan.com
arvigorothan.com — Cisco Umbrella Rank: 202777
28 KB
1 facebook.com
www.facebook.com — Cisco Umbrella Rank: 98
1 cloudflareinsights.com
static.cloudflareinsights.com — Cisco Umbrella Rank: 864
7 KB
1 anattospursier.com
anattospursier.com
1 KB
1 minningespeire.com
minningespeire.com
1 KB
1 waust.at
waust.at — Cisco Umbrella Rank: 43427
4 KB
85 31
Domain Requested by
9 www.googletagmanager.com r.nizarstream.xyz
www.googletagmanager.com
6 ttdpqkjsy3j7vsxp.cdnministry.net swarm.video
6 candlesouth.net liveon.sx
candlesouth.net
6 mvujvxc.com liveon.sx
mvujvxc.com
candlesouth.net
6 accounts.google.com 4 redirects r.nizarstream.xyz
6 r.nizarstream.xyz 2 redirects r.nizarstream.xyz
static.cloudflareinsights.com
5 dthechildren.org 1 redirects r.nizarstream.xyz
4 liveon.sx r.nizarstream.xyz
liveon.sx
4 cdn.jsdelivr.net r.nizarstream.xyz
candlesouth.net
3 whos.amung.us 2 redirects waust.at
3 tontrinevengre.com d7tst6bnt99p2.cloudfront.net
3 d7tst6bnt99p2.cloudfront.net r.nizarstream.xyz
tontrinevengre.com
2 awistats.com candlesouth.net
awistats.com
2 youradexchange.com mvujvxc.com
2 widgets.amung.us liveon.sx
candlesouth.net
2 region1.google-analytics.com www.googletagmanager.com
2 www.google-analytics.com www.googletagmanager.com
www.google-analytics.com
2 pogothere.xyz d7tst6bnt99p2.cloudfront.net
2 nizarstream.xyz r.nizarstream.xyz
2 maxcdn.bootstrapcdn.com r.nizarstream.xyz
1 fonts.googleapis.com candlesouth.net
1 swarm.video candlesouth.net
1 s4.histats.com s10.histats.com
1 qwy.qzqqnknavzjb.top liveon.sx
1 s10.histats.com liveon.sx
1 ptugnoaw.net arvigorothan.com
1 sodainquired.com liveon.sx
1 my.rtmark.net arvigorothan.com
1 phaipaun.net arvigorothan.com
1 arvigorothan.com r.nizarstream.xyz
1 www.facebook.com r.nizarstream.xyz
1 static.cloudflareinsights.com r.nizarstream.xyz
1 anattospursier.com r.nizarstream.xyz
1 minningespeire.com r.nizarstream.xyz
1 waust.at r.nizarstream.xyz
1 ajax.googleapis.com r.nizarstream.xyz
85 36

This site contains no links.

Subject Issuer Validity Valid
bootstrapcdn.com
GTS CA 1P5		 2023-11-30 -
2024-02-28		 3 months crt.sh
upload.video.google.com
GTS CA 1C3		 2023-10-23 -
2024-01-15		 3 months crt.sh
sni.cloudflaressl.com
Cloudflare Inc ECC CA-3		 2023-05-02 -
2024-05-01		 a year crt.sh
*.google-analytics.com
GTS CA 1C3		 2023-10-23 -
2024-01-15		 3 months crt.sh
liveon.sx
E1		 2023-10-08 -
2024-01-06		 3 months crt.sh
tontrinevengre.com
Amazon RSA 2048 M02		 2023-11-27 -
2024-12-25		 a year crt.sh
dthechildren.org
E1		 2023-11-29 -
2024-02-27		 3 months crt.sh
*.facebook.com
DigiCert SHA2 High Assurance Server CA		 2023-09-09 -
2023-12-08		 3 months crt.sh
arvigorothan.com
GTS CA 1P5		 2023-10-19 -
2024-01-17		 3 months crt.sh
phaipaun.net
R3		 2023-11-21 -
2024-02-19		 3 months crt.sh
rtmark.net
R3		 2023-10-07 -
2024-01-05		 3 months crt.sh
mvujvxc.com
GTS CA 1P5		 2023-11-27 -
2024-02-25		 3 months crt.sh
sodainquired.com
R3		 2023-11-26 -
2024-02-24		 3 months crt.sh
youradexchange.com
GTS CA 1P5		 2023-10-17 -
2024-01-15		 3 months crt.sh
candlesouth.net
GTS CA 1P5		 2023-10-31 -
2024-01-29		 3 months crt.sh
qwy.qzqqnknavzjb.top
R3		 2023-11-26 -
2024-02-24		 3 months crt.sh
histats.com
R3		 2023-11-23 -
2024-02-21		 3 months crt.sh
swarm.video
GTS CA 1P5		 2023-11-28 -
2024-02-26		 3 months crt.sh
awistats.com
GTS CA 1P5		 2023-11-30 -
2024-02-28		 3 months crt.sh
ttdpqkjsy3j7vsxp.cdnministry.net
R3		 2023-11-12 -
2024-02-10		 3 months crt.sh

This page contains 5 frames:

Primary Page: http://r.nizarstream.xyz/nba/stream/3447
Frame ID: F5B5B5561C4CE5B03A297F1CB80A688B
Requests: 46 HTTP requests in this frame

Frame: https://liveon.sx/ch38
Frame ID: 3A6CE7B4463B89B2DB8694AA5927F1DB
Requests: 13 HTTP requests in this frame

Frame: http://tontrinevengre.com/NUJVVDNUIDY5DFR/N3JGRy5ocQFzZ2cSVwI2JiAFVywhbQpFcHs3X1o3MTJBWiwhel1QNnBmdWAnEThnYhYMNmVfcnBmdXYTLQV9BxMFBWJ3KjQjV1AXLBUBYgMyEXVxAAQHX3grHQJLfgosN1lgKQAdV2EUDRJfADczZX5iFThhXHAAOTB+YhMWDFgFKBs4AnMUESNCZyVgB3lmDBoQcQ0vGhVAYxQ8P0RiKgcNV1g2IgBhUSgzFWF8BwYFRGIALQN5di0BB1ReexkGfX4BAh5DcgcyN2p3MQEHVF4pGBJbegYNDkJRBGUYakwHFABxd3A0I2pvEQZ5fgQXIm1QeBYfMnd3Oj0cRHsOEToCRAMTZH9scRMwdnBycGZxexAbH1ZbGCcWW2cTGhBEYREyPwNlBAAAZVsybRZ2XSMaLUdvBAMsAVRxFx5wcjJmFl9sEgxmA3EUMjxCbAAbH3BmA2EBcVkOGjpEcBIyLFRXKj0YdwYXJhcDXmQ/J1xbMmgTWlNwPyV3X3A
Frame ID: C481133990B0561A1E392734A1AAA331
Requests: 2 HTTP requests in this frame

Frame: http://tontrinevengre.com/c3ozWUUSGFA0ehJHUX8wARYOfHc1XwEfIUQOQC1zERRHYHwDSB06KRwPVz83HBRHdysWDhZrAyEYexsUPUoLCQ0JT2E6BxQgfRg1QSxmNSwxIl8SAho0ahAXCzR7DgBBPgMIFiQTUBoPITxWHgMDLXkcdQEvZh93JAMHGgNBSmESIjouUQgfAz5hCDwwFEcSByc/eBAiPjF8DzYZPmUPLBAiQxoUOy91P3UiMnwPLgE7RDovNhQCOg0aK2A/Ews4ahspVkh1ChA+KXY3dBA4STUfFixbDxxALEIBLjIVcgExNSxkEA0/EkQYFTUzBxoXOk1rMzE5K1t0HDAcdS0gKg11KB0YOAcBBhAjew0yIBxgYBMqHVAzByEJAhwrQhl1IxMmMHIXHxcrZXx3NT5LPiwkOXoTEyQwSz8pQjBVPiEbLVgbLjIXdT0WJBFgPxMEPn4PAAYyWzV0MStfAxRBGWk/AwMteQg1Vkhxfy8AFV0peD4sSjpxMRdbNxAyE2Rv
Frame ID: 761CC9C7F0C8A377B59921B706CE3145
Requests: 2 HTTP requests in this frame

Frame: https://candlesouth.net/embed/4o8n25qm1duhfl?skin=1
Frame ID: 3AEC9182AFE200B4783DEF3A97A49F44
Requests: 23 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page Title

Nizar Stream

Detected technologies

Overall confidence: 100%
Detected patterns
  • <link[^>]* href=[^>]*?bootstrap(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)[^>]*?(?:\.min)?\.css
  • bootstrap(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)[^>]*?(?:\.min)?\.js
Overall confidence: 100%
Detected patterns
  • static\.cloudflareinsights\.com/beacon(?:\.min)?\.js
Overall confidence: 100%
Detected patterns
  • google-analytics\.com/(?:ga|urchin|analytics)\.js
Overall confidence: 100%
Detected patterns
  • googletagmanager\.com/gtag/js
Overall confidence: 100%
Detected patterns
  • /([\d.]+)/jquery(?:\.min)?\.js
  • jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?
Overall confidence: 100%
Detected patterns
  • //cdn\.jsdelivr\.net/

Page Statistics

85
Requests

74 %
HTTPS

63 %
IPv6

31
Domains

36
Subdomains

36
IPs

6
Countries

2060 kB
Transfer

4573 kB
Size

12
Cookies

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 7
  • http://r.nizarstream.xyz/css/reset.css HTTP 302
  • https://nizarstream.xyz/css/reset.css
Request Chain 9
  • http://r.nizarstream.xyz/nova/js/jquery.min.js HTTP 302
  • https://nizarstream.xyz/nova/js/jquery.min.js
Request Chain 24
  • https://accounts.google.com/ServiceLogin?passive=true&continue=https%3A%2F%2Fwww.google.com%2Ffavicon.ico&uilel=3&hl=en&service=mail HTTP 302
  • https://accounts.google.com/InteractiveLogin?continue=https://www.google.com/favicon.ico&hl=en&passive=true&service=mail&uilel=3&ifkv=ASKXGp1AWDIuRK2CmhEy-HXErnRuz2ZVSP2QGj-ulEFdINbZEosXuvkE3e-pQlcQsh8hxGKS-3tOyg HTTP 302
  • https://accounts.google.com/v3/signin/identifier?continue=https%3A%2F%2Fwww.google.com%2Ffavicon.ico&hl=en&ifkv=ASKXGp1AoF7W_ZlS9577DBBGCfsPfIjbcLPCg5KPwX4X2-ni5WdrYSt8IHpb7MSt0N5YfsFQuc1-XQ&passive=true&service=mail&uilel=3&flowName=GlifWebSignIn&flowEntry=ServiceLogin&dsh=S-50120239%3A1701396247417862&theme=glif
Request Chain 25
  • https://accounts.google.com/ServiceLogin?passive=true&continue=https%3A%2F%2Fwww.youtube.com%2Ffavicon.ico&uilel=3&hl=en&service=youtube HTTP 302
  • https://accounts.google.com/InteractiveLogin?continue=https://www.youtube.com/favicon.ico&hl=en&passive=true&service=youtube&uilel=3&ifkv=ASKXGp2GA9NmPNXeHEytfOLWBOKat03w7U8RS9khQpD1oca69mTZfLLnhUR-6pIkUR1JZpFtcbYOJQ HTTP 302
  • https://accounts.google.com/v3/signin/identifier?continue=https%3A%2F%2Fwww.youtube.com%2Ffavicon.ico&hl=en&ifkv=ASKXGp0eXb02xGyeQV7yK75A_mdJOaiKCj48U9kP3M8hHIr-b3ghsyIB8lue02H468LxJc2uMqDGSw&passive=true&service=youtube&uilel=3&flowName=GlifWebSignIn&flowEntry=ServiceLogin&dsh=S1392950988%3A1701396247469343&theme=glif
Request Chain 44
  • http://dthechildren.org/popunder.gif HTTP 301
  • https://dthechildren.org/popunder.gif
Request Chain 50
  • https://whos.amung.us/cwidget/livesport/000000ffffff.png HTTP 307
  • https://widgets.amung.us/draw/?w=colored&n=3188&c=000000ffffff&p=left
Request Chain 64
  • https://whos.amung.us/cwidget/15ky356qz4/000000ffffff.png HTTP 307
  • https://widgets.amung.us/draw/?w=colored&n=17000&c=000000ffffff&p=left

85 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
Primary Request 3447
r.nizarstream.xyz/nba/stream/ 		8 KB
3 KB 		Document
General
Check archive.org
Download Go to
Full URL
http://r.nizarstream.xyz/nba/stream/3447
Protocol
HTTP/1.1
Server
2606:4700:3031::6815:544e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare / PHP/7.4.33
Resource Hash
220af9c43c5e9f4157f218b860e4dc567a5d5c906d73deea0d0058292f0f27f5

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

CF-Cache-Status
DYNAMIC
CF-RAY
82e7c1eeef698fec-FRA
Connection
keep-alive
Content-Encoding
gzip
Content-Type
text/html; charset=UTF-8
Date
Fri, 01 Dec 2023 02:04:06 GMT
NEL
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Report-To
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=w3eyIhucZ%2BAQ4XTi%2Bm6Zx3wU%2FOWMkCe2ASQjKOWAT43CgHyqGmlj9MHGsyYEmWKXDpyc75oKgZG%2B2ZJUOn4GK1aRGZHEHDLNlxcbDpaoTPxPRRou51VS9n5%2BoEmuJjLP1ujtHbjAiad6RJCmzWk0kg%3D%3D"}],"group":"cf-nel","max_age":604800}
Server
cloudflare
Transfer-Encoding
chunked
alt-svc
h3=":443"; ma=86400
vary
Accept-Encoding
x-powered-by
PHP/7.4.33
x-turbo-charged-by
LiteSpeed
bootstrap.min.css
maxcdn.bootstrapcdn.com/bootstrap/3.3.7/css/ 		118 KB
20 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://maxcdn.bootstrapcdn.com/bootstrap/3.3.7/css/bootstrap.min.css
Requested by
Host: r.nizarstream.xyz
URL: http://r.nizarstream.xyz/nba/stream/3447
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6812:bcf , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
f75e846cc83bd11432f4b1e21a45f31bc85283d11d372f7b19accd1bf6a2635c
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
http://r.nizarstream.xyz/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date
Fri, 01 Dec 2023 02:04:07 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
x-content-type-options
nosniff
cf-cache-status
HIT
content-encoding
br
cdn-edgestorageid
1078
age
163837
cdn-cachedat
10/31/2023 18:59:36
cdn-pullzone
252412
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
last-modified
Mon, 25 Jan 2021 22:03:59 GMT
cdn-proxyver
1.04
cdn-requestpullcode
200
server
cloudflare
etag
W/"ec3bb52a00e176a7181d454dffaea219"
vary
Accept-Encoding
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cdn-cache
HIT
cdn-uid
b1941f61-b576-4f40-80de-5677acb38f74
cache-control
public, max-age=31919000
cdn-requestid
a99131ed71793c235969f4741b45dd0f
timing-allow-origin
*
cdn-requestcountrycode
DE
cdn-status
200
cf-ray
82e7c1efcc6b9b7c-FRA
cdn-requestpullsuccess
True
jquery.min.js
ajax.googleapis.com/ajax/libs/jquery/3.3.1/ 		85 KB
30 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://ajax.googleapis.com/ajax/libs/jquery/3.3.1/jquery.min.js
Requested by
Host: r.nizarstream.xyz
URL: http://r.nizarstream.xyz/nba/stream/3447
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82f::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
160a426ff2894252cd7cebbdd6d6b7da8fcd319c65b70468f10b6690c45d02ef
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
http://r.nizarstream.xyz/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date
Tue, 28 Nov 2023 20:27:30 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
192996
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/hosted-libraries-pushers
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
30399
x-xss-protection
0
last-modified
Tue, 03 Mar 2020 19:15:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="hosted-libraries-pushers"
vary
Accept-Encoding
report-to
{"group":"hosted-libraries-pushers","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/hosted-libraries-pushers"}]}
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=31536000, stale-while-revalidate=2592000
accept-ranges
bytes
timing-allow-origin
*
expires
Wed, 27 Nov 2024 20:27:30 GMT
bootstrap.min.js
maxcdn.bootstrapcdn.com/bootstrap/3.3.7/js/ 		36 KB
10 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://maxcdn.bootstrapcdn.com/bootstrap/3.3.7/js/bootstrap.min.js
Requested by
Host: r.nizarstream.xyz
URL: http://r.nizarstream.xyz/nba/stream/3447
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6812:bcf , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
53964478a7c634e8dad34ecc303dd8048d00dce4993906de1bacf67f663486ef
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
http://r.nizarstream.xyz/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date
Fri, 01 Dec 2023 02:04:07 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
x-content-type-options
nosniff
cf-cache-status
HIT
content-encoding
br
cdn-edgestorageid
1053
age
86324
cdn-cachedat
10/31/2023 19:27:53
cdn-pullzone
252412
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
last-modified
Mon, 25 Jan 2021 22:04:00 GMT
cdn-proxyver
1.04
cdn-requestpullcode
200
server
cloudflare
etag
W/"5869c96cc8f19086aee625d670d741f9"
vary
Accept-Encoding
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
cdn-cache
HIT
cdn-uid
b1941f61-b576-4f40-80de-5677acb38f74
cache-control
public, max-age=31919000
cdn-requestid
1a04ea32b2f4b219188fda8349c8680c
timing-allow-origin
*
cdn-requestcountrycode
DE
cdn-status
200
cf-ray
82e7c1efcc6d9b7c-FRA
cdn-requestpullsuccess
True
clappr.min.js
cdn.jsdelivr.net/clappr/latest/ 		517 KB
126 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.jsdelivr.net/clappr/latest/clappr.min.js
Requested by
Host: r.nizarstream.xyz
URL: http://r.nizarstream.xyz/nba/stream/3447
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6810:5514 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
cbcf0e85e906f9e8caf296fc6fd0cb8fcfb69b31e9ac570d63bd837fcf743f6f
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
http://r.nizarstream.xyz/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date
Fri, 01 Dec 2023 02:04:07 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
age
1558119
content-encoding
br
x-cache
HIT
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
x-served-by
cache-fra-eddf8230111-FRA
server
cloudflare
etag
W/"8156e-D6xFiaxzMytsrOCcfMOmYtKY+qo"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=DMos2ntgTkWpui2Mu7Dn52hmZyDiYOLY8wyA5SEhGWH%2FoYJYS3rC8qo4MyGyw5DWZpZnXjld1EKRIS%2FZmS9YFEmT6kvt0lgDS25RZoehZTFgKqY0PdAoaO9jjnhFxKwLztU0g4SfN%2FfhDRlrGLg%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
access-control-expose-headers
*
cache-control
public, max-age=31536000, s-maxage=31536000, immutable
timing-allow-origin
*
cf-ray
82e7c1efb8f73a94-FRA
level-selector.min.js
cdn.jsdelivr.net/clappr.level-selector/latest/ 		9 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.jsdelivr.net/clappr.level-selector/latest/level-selector.min.js
Requested by
Host: r.nizarstream.xyz
URL: http://r.nizarstream.xyz/nba/stream/3447
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6810:5514 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
23a715a6d8a35921f8c02eab19a93b6c9c42271ecfccbde0005476959e2edff9
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
http://r.nizarstream.xyz/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date
Fri, 01 Dec 2023 02:04:07 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
age
1725353
content-encoding
br
x-cache
HIT
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
x-served-by
cache-fra-eddf8230123-FRA
server
cloudflare
etag
W/"2524-9Cxz5uiSAcz1rVE5FbtBguw6QQw"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=CGYRQyf8NlDaFJHcOn0iLA4NzNM5YLPUWjutdp3r3ZTywT7J2gU0gkJkvzkc8%2FeQWQbLfmttK%2FlzWAGOyg5jjc0uyLYmGocgvXDqWkhAbK5I84rQuu3jQ2oOXfM9BCfy9Pgo%2FbGBJXdAQFCwwDQ%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
access-control-expose-headers
*
cache-control
public, max-age=31536000, s-maxage=31536000, immutable
timing-allow-origin
*
cf-ray
82e7c1efb8fa3a94-FRA
clappr-chromecast-plugin.js
cdn.jsdelivr.net/clappr.chromecast-plugin/latest/ 		67 KB
13 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.jsdelivr.net/clappr.chromecast-plugin/latest/clappr-chromecast-plugin.js
Requested by
Host: r.nizarstream.xyz
URL: http://r.nizarstream.xyz/nba/stream/3447
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6810:5514 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
37b98c3868451a3523a6f2a2ff240159431ce81bc8a1ab3ae3099ae7f4024b97
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
http://r.nizarstream.xyz/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date
Fri, 01 Dec 2023 02:04:07 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
age
254078
content-encoding
br
x-cache
HIT
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
x-served-by
cache-fra-eddf8230116-FRA
server
cloudflare
etag
W/"10d03-RHmlaMw21gVFkX7fZK8TTUNDrd8"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=bbeMfcqXVeVj6alJTrJklxu0K6sbqrzfTFbVrEP5%2Fu7l1k0EvvZfwuIlIOl0uF9axaNUpywZxjcGd2DB2K0Rjzvnm1ZwrPZfqzW336EQ%2BjHzkmorHMrwS8JNwMGfiz8XCP9TFWwTgzTrL%2B%2ByEXg%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
access-control-expose-headers
*
cache-control
public, max-age=31536000, s-maxage=31536000, immutable
timing-allow-origin
*
cf-ray
82e7c1efb8f93a94-FRA
main.css
r.nizarstream.xyz/css/ 		964 B
1 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
http://r.nizarstream.xyz/css/main.css
Requested by
Host: r.nizarstream.xyz
URL: http://r.nizarstream.xyz/nba/stream/3447
Protocol
HTTP/1.1
Server
2606:4700:3031::6815:544e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
8a7677cab0ad76f48f6de8e68dc6c2f9ede39df22694a3b7a9beef3c437140f9

Request headers

accept-language
de-DE,de;q=0.9
Referer
http://r.nizarstream.xyz/nba/stream/3447
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

Date
Fri, 01 Dec 2023 02:04:06 GMT
content-encoding
gzip
CF-Cache-Status
HIT
NEL
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Age
194102
Connection
keep-alive
alt-svc
h3=":443"; ma=86400
Content-Length
464
last-modified
Sun, 26 Nov 2023 02:02:38 GMT
Server
cloudflare
vary
Accept-Encoding
Report-To
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=e5BCnItDmrwKfLwUZu8ZBOui7CRSC%2BPaeInBIcoQ2%2BEhMWP7d7RZRGQ%2B5tSvVjtUos4DS7AVc7r5f9NiHItRCWXg%2B7hpojC8IwBF6R0JWiqV2Tq%2FHdx1Ut33sMasPuis3pOWVqIgN3qB1unbRuLgOA%3D%3D"}],"group":"cf-nel","max_age":604800}
Content-Type
text/css
cache-control
public, max-age=604800
x-turbo-charged-by
LiteSpeed
Accept-Ranges
bytes
CF-RAY
82e7c1ef4f9f8fec-FRA
expires
Tue, 05 Dec 2023 20:09:04 GMT
reset.css
nizarstream.xyz/css/
Redirect Chain
  • http://r.nizarstream.xyz/css/reset.css
  • https://nizarstream.xyz/css/reset.css
1 KB
1 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://nizarstream.xyz/css/reset.css
Requested by
Host: r.nizarstream.xyz
URL: http://r.nizarstream.xyz/nba/stream/3447
Protocol
H2
Server
2606:4700:3030::ac43:bca8 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
1e7e258b1d70704a67ece4e6e75daf2be5a0e6f84888d9f123e6193f45c3c39d

Request headers

accept-language
de-DE,de;q=0.9
Referer
http://r.nizarstream.xyz/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date
Fri, 01 Dec 2023 02:04:07 GMT
content-encoding
br
cf-cache-status
HIT
last-modified
Mon, 04 Sep 2023 02:50:20 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
age
501938
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=rahgXidOSOH764aBbCDcOpj8cFJDqNohu6vmuSBZ%2BwQ%2BQD0ps15BBGIrt9o9HOURqluQtQNiqUoNMl3Sf57GJDqCwaih4zrEHUulLH4g6pbP0B1hdqM0Sn1XzAUreJha%2FKgkjqYlkY1cRsOYcXM%3D"}],"group":"cf-nel","max_age":604800}
content-type
text/css
cache-control
public, max-age=604800
x-turbo-charged-by
LiteSpeed
cf-ray
82e7c1f04e2471a9-FRA
alt-svc
h3=":443"; ma=86400
expires
Sat, 02 Dec 2023 06:38:29 GMT

Redirect headers

Date
Fri, 01 Dec 2023 02:04:06 GMT
CF-Cache-Status
BYPASS
NEL
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Server
cloudflare
Transfer-Encoding
chunked
Report-To
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=yPVWA6QhvNem3Xv%2FOaTJYCTGnQHmyyjY0EsHRW8HNUnYa9wwQMVrkhhYN9p3FDso1LnqNDyjj8PmCpXvZtl7ONQATb6IHQaRI5iM8a%2BjtGB%2BWSdKYh1qVP0AAlBIaaGhQmLxKHfdvgpb4yD%2F1L3BQQ%3D%3D"}],"group":"cf-nel","max_age":604800}
Content-Type
text/html
location
https://nizarstream.xyz/css/reset.css
cache-control
no-cache, no-store, must-revalidate, max-age=0
x-turbo-charged-by
LiteSpeed
Vary
Accept-Encoding
Connection
keep-alive
CF-RAY
82e7c1ef8fbc8fec-FRA
alt-svc
h3=":443"; ma=86400
list.css
r.nizarstream.xyz/css/ 		19 KB
3 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
http://r.nizarstream.xyz/css/list.css
Requested by
Host: r.nizarstream.xyz
URL: http://r.nizarstream.xyz/nba/stream/3447
Protocol
HTTP/1.1
Server
2606:4700:3031::6815:544e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
a7fce36a4557fcda1d3496bc233cbd47934231b00ce6dc2f7660dcd3765cdece

Request headers

accept-language
de-DE,de;q=0.9
Referer
http://r.nizarstream.xyz/nba/stream/3447
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

Date
Fri, 01 Dec 2023 02:04:06 GMT
content-encoding
gzip
CF-Cache-Status
HIT
NEL
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Age
393180
Connection
keep-alive
alt-svc
h3=":443"; ma=86400
Content-Length
2727
last-modified
Sun, 26 Nov 2023 02:02:38 GMT
Server
cloudflare
vary
Accept-Encoding
Report-To
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=3veFZ9yRe%2B%2FVmNaBqieaK5LUx90sUhYzKbDJlxkVkxU3%2BW%2BmSIpVOdy27P9v%2BMq0W3Xp2zpGFiK%2FA%2BNVmxBTXCf4Zgy68HwTpi8n7SkQ75T4nH6V%2Bg442ZzkupzEEkmlIykbil7O41VNZey8%2B0QFNA%3D%3D"}],"group":"cf-nel","max_age":604800}
Content-Type
text/css
cache-control
public, max-age=604800
x-turbo-charged-by
LiteSpeed
Accept-Ranges
bytes
CF-RAY
82e7c1ef8ba10ba6-AMS
expires
Sun, 03 Dec 2023 12:51:06 GMT
jquery.min.js
nizarstream.xyz/nova/js/
Redirect Chain
  • http://r.nizarstream.xyz/nova/js/jquery.min.js
  • https://nizarstream.xyz/nova/js/jquery.min.js
0
0 		Script
General
Check archive.org
Download Go to
Full URL
https://nizarstream.xyz/nova/js/jquery.min.js
Requested by
Host: r.nizarstream.xyz
URL: http://r.nizarstream.xyz/nba/stream/3447
Protocol
H2
Server
2606:4700:3030::ac43:bca8 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
/
Resource Hash

Request headers

accept-language
de-DE,de;q=0.9
Referer
http://r.nizarstream.xyz/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

Redirect headers

Date
Fri, 01 Dec 2023 02:04:07 GMT
CF-Cache-Status
BYPASS
NEL
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Server
cloudflare
Transfer-Encoding
chunked
Report-To
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=eJvN16E9gPvqLQdQtQU8roOKdLtWsS6jDFEGNG8EOedcTSLTKhQyqhY0PSTifeG%2BSQXz9lLcFFA6SeRXU9W1XsNd1KYqArJXG%2Fnk48mTOpQJZscMY0hVZxdHVaLgqvshY8efKeWXhfeLZuQTLcvSWw%3D%3D"}],"group":"cf-nel","max_age":604800}
Content-Type
text/html
location
https://nizarstream.xyz/nova/js/jquery.min.js
cache-control
no-cache, no-store, must-revalidate, max-age=0
x-turbo-charged-by
LiteSpeed
Vary
Accept-Encoding
Connection
keep-alive
CF-RAY
82e7c1ef9d756633-AMS
alt-svc
h3=":443"; ma=86400
js
www.googletagmanager.com/gtag/ 		132 KB
51 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagmanager.com/gtag/js?id=UA-176080661-1
Requested by
Host: r.nizarstream.xyz
URL: http://r.nizarstream.xyz/nba/stream/3447
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82f::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
01638bfd4d292a2881b20392c38649180a0a1cb91f97f9c1c7d93dda684fe4ad
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
http://r.nizarstream.xyz/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date
Fri, 01 Dec 2023 02:04:07 GMT
content-encoding
br
strict-transport-security
max-age=31536000; includeSubDomains
server
Google Tag Manager
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
access-control-allow-headers
Cache-Control
content-length
51590
x-xss-protection
0
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires
Fri, 01 Dec 2023 02:04:07 GMT
s.js
waust.at/ 		8 KB
4 KB 		Script
General
Check archive.org
Download Go to
Full URL
http://waust.at/s.js
Requested by
Host: r.nizarstream.xyz
URL: http://r.nizarstream.xyz/nba/stream/3447
Protocol
HTTP/1.1
Server
2606:4700:20::ac43:4739 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
2052a227c361a7e99ea70f5bdcf54cd9e6c6b493dd4d20b73b376d94ce0dc0d1

Request headers

accept-language
de-DE,de;q=0.9
Referer
http://r.nizarstream.xyz/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

Date
Fri, 01 Dec 2023 02:04:07 GMT
content-encoding
gzip
CF-Cache-Status
HIT
NEL
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Age
2798
Transfer-Encoding
chunked
Connection
keep-alive
last-modified
Thu, 12 Jan 2023 17:19:26 GMT
Server
cloudflare
etag
W/"63c0411e-2170"
Vary
Accept-Encoding
Report-To
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=JCrGwd0%2BFcdoMx8XJFRZbFcUf6SorPxBIecNI3nsc24gxsL%2F%2FI2eQl0EmfvICOBo147PKCRW0bIhjQK%2FhgtVpxouSa%2Fz3Cgay61yg3nLOdEQi5GLNRhzBaRlylH2eUfZyPm87EEJ"}],"group":"cf-nel","max_age":604800}
Content-Type
application/x-javascript
access-control-allow-origin
*
cache-control
max-age=86400
CF-RAY
82e7c1f0f9b237fb-FRA
expires
Sat, 02 Dec 2023 01:17:29 GMT
/
d7tst6bnt99p2.cloudfront.net/ 		205 KB
68 KB 		Script
General
Check archive.org
Download Go to
Full URL
http://d7tst6bnt99p2.cloudfront.net/?btstd=999221
Requested by
Host: r.nizarstream.xyz
URL: http://r.nizarstream.xyz/nba/stream/3447
Protocol
HTTP/1.1
Server
2600:9000:206f:be00:1d:c6b0:9580:21 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
/
Resource Hash
811f78e0b28b4b57bedb4d3b640e889b0e40207f8ce899e6613e7d9861b461be

Request headers

accept-language
de-DE,de;q=0.9
Referer
http://r.nizarstream.xyz/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

Pragma
no-cache
Date
Fri, 01 Dec 2023 02:04:07 GMT
Content-Encoding
gzip
Via
1.1 5ab5e654a3dc7079aad7ac64ec697d82.cloudfront.net (CloudFront)
X-Amz-Cf-Pop
FRA56-C1
X-Cache
Miss from cloudfront
access-control-allow-origin
*
Cache-Control
no-store, no-cache, proxy-revalidate, must-revalidate, private, no-transform
Connection
keep-alive
Content-Length
69476
X-Amz-Cf-Id
Dc6FVBK248eRTWmhyQrQJ18Mg3ov7o9mddLfx_Bi23cy3uyTXdwJ2g==
70786
minningespeire.com/r6X56mSR0CMea/ 		0
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
http://minningespeire.com/r6X56mSR0CMea/70786
Requested by
Host: r.nizarstream.xyz
URL: http://r.nizarstream.xyz/nba/stream/3447
Protocol
HTTP/1.1
Server
23.109.87.211 , Netherlands, ASN7979 (SERVERS-COM, US),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=1
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
http://r.nizarstream.xyz/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

Date
Fri, 01 Dec 2023 02:04:07 GMT
Content-Encoding
gzip
X-Content-Type-Options
nosniff
Strict-Transport-Security
max-age=1
Transfer-Encoding
chunked
Connection
keep-alive
Server
nginx
Accept-ch
sec-ch-ua-platform-version,sec-ch-ua-model,sec-ch-ua-full-version
Access-Control-Max-Age
600
Access-Control-Allow-Methods
GET, POST, OPTIONS
Content-Type
application/javascript; charset=utf-8
Access-Control-Allow-Origin
http://r.nizarstream.xyz
Vary
Accept-Encoding
Access-Control-Allow-Credentials
true
Keep-Alive
timeout=20
Access-Control-Allow-Headers
content-type, megageocheckolololo, x-forwarded-for, x-requested-with, cache-control, pragma, expires
70797
anattospursier.com/gGxRf8CI0QDbGGw/ 		6 B
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
http://anattospursier.com/gGxRf8CI0QDbGGw/70797
Requested by
Host: r.nizarstream.xyz
URL: http://r.nizarstream.xyz/nba/stream/3447
Protocol
HTTP/1.1
Server
23.109.248.2 , Netherlands, ASN7979 (SERVERS-COM, US),
Reverse DNS
Software
nginx /
Resource Hash
74c1971a5c7f3f1cfb81b7a0a8717cee5a45841844104566e00bbfca271943ce
Security Headers
Name Value
Strict-Transport-Security max-age=1
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN

Request headers

accept-language
de-DE,de;q=0.9
Referer
http://r.nizarstream.xyz/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

Date
Fri, 01 Dec 2023 02:04:07 GMT
Content-Encoding
gzip
X-Content-Type-Options
nosniff
Strict-Transport-Security
max-age=1
Transfer-Encoding
chunked
Connection
keep-alive
Server
nginx
Accept-ch
sec-ch-ua-platform-version,sec-ch-ua-model,sec-ch-ua-full-version
Access-Control-Max-Age
600
Access-Control-Allow-Methods
GET, POST, OPTIONS
Content-Type
application/javascript; charset=utf-8
Access-Control-Allow-Origin
http://r.nizarstream.xyz
X-Frame-Options
SAMEORIGIN
Access-Control-Allow-Credentials
true
Vary
Accept-Encoding
Keep-Alive
timeout=20
Access-Control-Allow-Headers
content-type, megageocheckolololo, x-forwarded-for, x-requested-with, cache-control, pragma, expires
v84a3a4012de94ce1a686ba8c167c359c1696973893317
static.cloudflareinsights.com/beacon.min.js/ 		20 KB
7 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://static.cloudflareinsights.com/beacon.min.js/v84a3a4012de94ce1a686ba8c167c359c1696973893317
Requested by
Host: r.nizarstream.xyz
URL: http://r.nizarstream.xyz/nba/stream/3447
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6810:3865 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
6153d13804862b0fc1c016cf1129f34cb7c6185f2cf4bf1a3a862eecdab50101

Request headers

Referer
http://r.nizarstream.xyz/
Origin
http://r.nizarstream.xyz
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date
Fri, 01 Dec 2023 02:04:07 GMT
content-encoding
gzip
last-modified
Tue, 10 Oct 2023 21:38:13 GMT
server
cloudflare
etag
W/"2023.10.0"
vary
Accept-Encoding
content-type
text/javascript;charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=86400
cross-origin-resource-policy
cross-origin
cf-ray
82e7c1f10c2530d8-FRA
ch38
liveon.sx/ Frame 3A6C 		33 KB
14 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://liveon.sx/ch38
Requested by
Host: r.nizarstream.xyz
URL: http://r.nizarstream.xyz/nba/stream/3447
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a06:98c1:3121::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
143bf72ea27d96ca650a6db4c437d5546cde0828a74a0ad1364fad5b8810966a

Request headers

Referer
http://r.nizarstream.xyz/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

alt-svc
h3=":443"; ma=86400
cf-cache-status
DYNAMIC
cf-ray
82e7c1f15fd103a0-FRA
content-encoding
br
content-type
text/html; charset=UTF-8
date
Fri, 01 Dec 2023 02:04:07 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=WMkAUJtvVroXoG4cmPaEun6u3z1VfJpRNCZpJ3143m2ulFj6EwADZjwr0mvGZ74b795Wbp4x8gfy8EuCdmq%2FZre9a8MLnbjgCCSvtIEyzl45LJHeSYYYRHejuXSK57OrocDI0WH1Wac%3D"}],"group":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
asd100.bin
pogothere.xyz/ 		100 KB
100 KB 		Fetch
General
Check archive.org
Download Go to
Full URL
https://pogothere.xyz/asd100.bin
Requested by
Host: d7tst6bnt99p2.cloudfront.net
URL: http://d7tst6bnt99p2.cloudfront.net/?btstd=999221
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
188.114.96.3 Amsterdam, Netherlands, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
f627ca4c2c322f15db26152df306bd4f983f0146409b81a4341b9b340c365a16

Request headers

accept-language
de-DE,de;q=0.9
Referer
http://r.nizarstream.xyz/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date
Fri, 01 Dec 2023 02:04:07 GMT
cf-cache-status
MISS
last-modified
Fri, 01 Dec 2023 02:04:07 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
access-control-allow-methods
GET
content-type
binary/octet-stream
access-control-allow-origin
http://r.nizarstream.xyz
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=r6qgQK%2FnJ7D%2BN6HHohy%2BgNpXHVq%2F%2F5k5Rrs4kHE7y1fmvnAdrKTn4MEz0TpycfGv1JsmLhm5BC%2F2yeT9kWHUo%2F2eIp5xWXKsqbc1iniSGQMy1wg%2Fe29pZOPi3Yz%2Bg7ni"}],"group":"cf-nel","max_age":604800}
cache-control
max-age=14400
access-control-allow-credentials
true
cf-ray
82e7c1f19a8a1c94-AMS
access-control-allow-headers
X-Requested-With, content-type
alt-svc
h3=":443"; ma=86400
/
pogothere.xyz/ 		26 B
615 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://pogothere.xyz/
Requested by
Host: d7tst6bnt99p2.cloudfront.net
URL: http://d7tst6bnt99p2.cloudfront.net/?btstd=999221
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
188.114.96.3 Amsterdam, Netherlands, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
254dbf53e4176b2cdba75f3542553fb9362e4dbb526ac055b82a04da9bbeb6b7

Request headers

accept-language
de-DE,de;q=0.9
Referer
http://r.nizarstream.xyz/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date
Fri, 01 Dec 2023 02:04:07 GMT
content-encoding
br
cf-cache-status
DYNAMIC
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=rGwz17oXXkbqgOwVJQ9jOL2kIvNpoKo0AIavJmaPaqE8OqVAAUvHLfAVCRn8yIava7Lk3tser26cSn%2B%2FsD5GtmQalvukgJzYZVGzrbJYFdXxd2eaRtOcnQKk0csAZlYJ"}],"group":"cf-nel","max_age":604800}
access-control-allow-methods
GET
access-control-allow-origin
http://r.nizarstream.xyz
content-type
text/plain
access-control-allow-credentials
true
cf-ray
82e7c1f19a8b1c94-AMS
access-control-allow-headers
X-Requested-With, content-type
alt-svc
h3=":443"; ma=86400
utx
tontrinevengre.com/ 		0
540 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://tontrinevengre.com/utx?cb=uA182loQnmcz&top=r.nizarstream.xyz&tid=999221
Requested by
Host: d7tst6bnt99p2.cloudfront.net
URL: http://d7tst6bnt99p2.cloudfront.net/?btstd=999221
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.245.60.20 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-245-60-20.fra60.r.cloudfront.net
Software
openresty/1.17.8.2 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
http://r.nizarstream.xyz/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 01 Dec 2023 02:04:07 GMT
via
1.1 97e94c27c00c2a3986c6b205fc51001e.cloudfront.net (CloudFront)
server
openresty/1.17.8.2
accept-ch
DPR, Width, Viewport-Width, Device-Memory, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version, Sec-CH-UA, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List
x-amz-cf-pop
FRA60-P5
x-cache
Miss from cloudfront
p3p
CP="NID DSP ALL COR"
access-control-allow-origin
http://r.nizarstream.xyz
cache-control
no-store, no-cache, must-revalidate, no-transform
access-control-allow-credentials
true
x-amz-cf-id
lmP6IE6Y35cGdsKSRmqNXXDm57bs4YvMs3ruACBkPTic-zjPfzJXPQ==
J1xbMmgTWlNwPyV3X3A
tontrinevengre.com/NUJVVDNUIDY5DFR/N3JGRy5ocQFzZ2cSVwI2JiAFVywhbQpFcHs3X1o3MTJBWiwhel1QNnBmdWAnEThnYhYMNmVfcnBmdXYTLQV9BxMFBWJ3KjQjV1AXLBUBYgMyEXVxAAQHX3grHQJLfgosN1lgKQAdV2EUDRJfADczZX5iFThhXHAAOT... Frame C481 		3 KB
2 KB 		Document
General
Check archive.org
Download Go to
Full URL
http://tontrinevengre.com/NUJVVDNUIDY5DFR/N3JGRy5ocQFzZ2cSVwI2JiAFVywhbQpFcHs3X1o3MTJBWiwhel1QNnBmdWAnEThnYhYMNmVfcnBmdXYTLQV9BxMFBWJ3KjQjV1AXLBUBYgMyEXVxAAQHX3grHQJLfgosN1lgKQAdV2EUDRJfADczZX5iFThhXHAAOTB+YhMWDFgFKBs4AnMUESNCZyVgB3lmDBoQcQ0vGhVAYxQ8P0RiKgcNV1g2IgBhUSgzFWF8BwYFRGIALQN5di0BB1ReexkGfX4BAh5DcgcyN2p3MQEHVF4pGBJbegYNDkJRBGUYakwHFABxd3A0I2pvEQZ5fgQXIm1QeBYfMnd3Oj0cRHsOEToCRAMTZH9scRMwdnBycGZxexAbH1ZbGCcWW2cTGhBEYREyPwNlBAAAZVsybRZ2XSMaLUdvBAMsAVRxFx5wcjJmFl9sEgxmA3EUMjxCbAAbH3BmA2EBcVkOGjpEcBIyLFRXKj0YdwYXJhcDXmQ/J1xbMmgTWlNwPyV3X3A
Requested by
Host: d7tst6bnt99p2.cloudfront.net
URL: http://d7tst6bnt99p2.cloudfront.net/?btstd=999221
Protocol
HTTP/1.1
Server
18.245.60.13 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-245-60-13.fra60.r.cloudfront.net
Software
openresty/1.17.8.2 /
Resource Hash
75d388ed7f0a7a80c6a25b3f88f7944d63630b5e630744ef5757e698503ee854

Request headers

Referer
http://r.nizarstream.xyz/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

Accept-CH
DPR, Width, Viewport-Width, Device-Memory, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version, Sec-CH-UA, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List
Connection
keep-alive
Content-Length
1231
Content-Type
text/html
Date
Fri, 01 Dec 2023 02:04:07 GMT
P3P
CP="NID DSP ALL COR"
Pragma
no-cache
Server
openresty/1.17.8.2
Via
1.1 c9b44fbd4230c7c5b0750a98fbcd9df6.cloudfront.net (CloudFront)
X-Amz-Cf-Id
cJ42n9KkTO-1qEKwukjwCjhZU0oAAj9o3qj9NGYqqceQRBjzG3lr3Q==
X-Amz-Cf-Pop
FRA60-P5
X-Cache
Miss from cloudfront
cache-control
no-store, no-cache, must-revalidate, no-transform
content-encoding
gzip
AwMteQg1Vkhxfy8AFV0peD4sSjpxMRdbNxAyE2Rv
tontrinevengre.com/c3ozWUUSGFA0ehJHUX8wARYOfHc1XwEfIUQOQC1zERRHYHwDSB06KRwPVz83HBRHdysWDhZrAyEYexsUPUoLCQ0JT2E6BxQgfRg1QSxmNSwxIl8SAho0ahAXCzR7DgBBPgMIFiQTUBoPITxWHgMDLXkcdQEvZh93JAMHGgNBSmESIjouUQ... Frame 761C 		3 KB
2 KB 		Document
General
Check archive.org
Download Go to
Full URL
http://tontrinevengre.com/c3ozWUUSGFA0ehJHUX8wARYOfHc1XwEfIUQOQC1zERRHYHwDSB06KRwPVz83HBRHdysWDhZrAyEYexsUPUoLCQ0JT2E6BxQgfRg1QSxmNSwxIl8SAho0ahAXCzR7DgBBPgMIFiQTUBoPITxWHgMDLXkcdQEvZh93JAMHGgNBSmESIjouUQgfAz5hCDwwFEcSByc/eBAiPjF8DzYZPmUPLBAiQxoUOy91P3UiMnwPLgE7RDovNhQCOg0aK2A/Ews4ahspVkh1ChA+KXY3dBA4STUfFixbDxxALEIBLjIVcgExNSxkEA0/EkQYFTUzBxoXOk1rMzE5K1t0HDAcdS0gKg11KB0YOAcBBhAjew0yIBxgYBMqHVAzByEJAhwrQhl1IxMmMHIXHxcrZXx3NT5LPiwkOXoTEyQwSz8pQjBVPiEbLVgbLjIXdT0WJBFgPxMEPn4PAAYyWzV0MStfAxRBGWk/AwMteQg1Vkhxfy8AFV0peD4sSjpxMRdbNxAyE2Rv
Requested by
Host: d7tst6bnt99p2.cloudfront.net
URL: http://d7tst6bnt99p2.cloudfront.net/?btstd=999221
Protocol
HTTP/1.1
Server
18.245.60.13 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-245-60-13.fra60.r.cloudfront.net
Software
openresty/1.17.8.2 /
Resource Hash
57ec51043bd730b87d5df9aeb3e20ddb4935f76934b408959bcb3b6f7882f948

Request headers

Referer
http://r.nizarstream.xyz/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

Accept-CH
DPR, Width, Viewport-Width, Device-Memory, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version, Sec-CH-UA, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List
Connection
keep-alive
Content-Length
1222
Content-Type
text/html
Date
Fri, 01 Dec 2023 02:04:07 GMT
P3P
CP="NID DSP ALL COR"
Pragma
no-cache
Server
openresty/1.17.8.2
Via
1.1 79a075303cab256e952b4b0679e1182c.cloudfront.net (CloudFront)
X-Amz-Cf-Id
q6Y0khIwYqvfP_UzCUUpW8sMkluK43iqeiLDW3oCbZOBzLXqact91A==
X-Amz-Cf-Pop
FRA60-P5
X-Cache
Miss from cloudfront
cache-control
no-store, no-cache, must-revalidate, no-transform
content-encoding
gzip
cDJsZUhfDQ8WdRIACxwSN3g0MhkqYDkzeSJwOjMfKHQDJx02f0oRIRQPVVxxQgBdQzgZVlFUbgNGDRE9Aw9dQyEeVANYbgYPXUt7RBxfUWZAFBlYeVZGHAQvTQNKFTwEXlFUf0ADX1x+QgZbVHBD
dthechildren.org/ 		0
385 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dthechildren.org/cDJsZUhfDQ8WdRIACxwSN3g0MhkqYDkzeSJwOjMfKHQDJx02f0oRIRQPVVxxQgBdQzgZVlFUbgNGDRE9Aw9dQyEeVANYbgYPXUt7RBxfUWZAFBlYeVZGHAQvTQNKFTwEXlFUf0ADX1x+QgZbVHBD
Requested by
Host: r.nizarstream.xyz
URL: http://r.nizarstream.xyz/nba/stream/3447
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.67.216.145 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
http://r.nizarstream.xyz/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date
Fri, 01 Dec 2023 02:04:07 GMT
cf-cache-status
DYNAMIC
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=RNC7rm%2BvmzfFsfAvDTcIxlT5cDO0cChBp6C2E1aTqJ3NtLaT7bOnhHJRkPdQAVUhQFIgSuuJn1fQ6iaHVz9G7mGuORaVGqNGKXbY9ZOveDhQO428lVk022d8Wi86BP4TV%2Fyd"}],"group":"cf-nel","max_age":604800}
access-control-allow-origin
*
cf-ray
82e7c1f1de9b2c45-FRA
alt-svc
h3=":443"; ma=86400
login.php
www.facebook.com/ 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.facebook.com/login.php?next=https%3A%2F%2Fwww.facebook.com%2Ffavicon.ico%3F_rdr%3Dp
Requested by
Host: r.nizarstream.xyz
URL: http://r.nizarstream.xyz/nba/stream/3447
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a03:2880:f173:81:face:b00c:0:25de Amsterdam, Netherlands, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
http://r.nizarstream.xyz/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers
identifier
accounts.google.com/v3/signin/
Redirect Chain
  • https://accounts.google.com/ServiceLogin?passive=true&continue=https%3A%2F%2Fwww.google.com%2Ffavicon.ico&uilel=3&hl=en&service=mail
  • https://accounts.google.com/InteractiveLogin?continue=https://www.google.com/favicon.ico&hl=en&passive=true&service=mail&uilel=3&ifkv=ASKXGp1AWDIuRK2CmhEy-HXErnRuz2ZVSP2QGj-ulEFdINbZEosXuvkE3e-pQlc...
  • https://accounts.google.com/v3/signin/identifier?continue=https%3A%2F%2Fwww.google.com%2Ffavicon.ico&hl=en&ifkv=ASKXGp1AoF7W_ZlS9577DBBGCfsPfIjbcLPCg5KPwX4X2-ni5WdrYSt8IHpb7MSt0N5YfsFQuc1-XQ&passiv...
0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://accounts.google.com/v3/signin/identifier?continue=https%3A%2F%2Fwww.google.com%2Ffavicon.ico&hl=en&ifkv=ASKXGp1AoF7W_ZlS9577DBBGCfsPfIjbcLPCg5KPwX4X2-ni5WdrYSt8IHpb7MSt0N5YfsFQuc1-XQ&passive=true&service=mail&uilel=3&flowName=GlifWebSignIn&flowEntry=ServiceLogin&dsh=S-50120239%3A1701396247417862&theme=glif
Requested by
Host: r.nizarstream.xyz
URL: http://r.nizarstream.xyz/nba/stream/3447
Protocol
H2
Server
2a00:1450:4001:827::200d Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
http://r.nizarstream.xyz/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

Redirect headers

date
Fri, 01 Dec 2023 02:04:07 GMT
strict-transport-security
max-age=31536000; includeSubDomains
content-encoding
gzip
content-security-policy
script-src 'report-sample' 'nonce-nvjsPWrg6BQHn7v_8fbwQA' 'unsafe-inline' 'unsafe-eval';object-src 'none';base-uri 'self';report-uri /cspreport, require-trusted-types-for 'script';report-uri /cspreport
x-content-type-options
nosniff
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
402
x-xss-protection
1; mode=block
pragma
no-cache
server
GSE
x-frame-options
DENY
report-to
{"group":"coop_gse_qebhlk","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/gse_qebhlk"}]}
content-type
text/html; charset=UTF-8
location
https://accounts.google.com/v3/signin/identifier?continue=https%3A%2F%2Fwww.google.com%2Ffavicon.ico&hl=en&ifkv=ASKXGp1AoF7W_ZlS9577DBBGCfsPfIjbcLPCg5KPwX4X2-ni5WdrYSt8IHpb7MSt0N5YfsFQuc1-XQ&passive=true&service=mail&uilel=3&flowName=GlifWebSignIn&flowEntry=ServiceLogin&dsh=S-50120239%3A1701396247417862&theme=glif
cache-control
no-cache, no-store, max-age=0, must-revalidate
cross-origin-opener-policy-report-only
same-origin; report-to="coop_gse_qebhlk"
expires
Mon, 01 Jan 1990 00:00:00 GMT
identifier
accounts.google.com/v3/signin/
Redirect Chain
  • https://accounts.google.com/ServiceLogin?passive=true&continue=https%3A%2F%2Fwww.youtube.com%2Ffavicon.ico&uilel=3&hl=en&service=youtube
  • https://accounts.google.com/InteractiveLogin?continue=https://www.youtube.com/favicon.ico&hl=en&passive=true&service=youtube&uilel=3&ifkv=ASKXGp2GA9NmPNXeHEytfOLWBOKat03w7U8RS9khQpD1oca69mTZfLLnhUR...
  • https://accounts.google.com/v3/signin/identifier?continue=https%3A%2F%2Fwww.youtube.com%2Ffavicon.ico&hl=en&ifkv=ASKXGp0eXb02xGyeQV7yK75A_mdJOaiKCj48U9kP3M8hHIr-b3ghsyIB8lue02H468LxJc2uMqDGSw&passi...
0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://accounts.google.com/v3/signin/identifier?continue=https%3A%2F%2Fwww.youtube.com%2Ffavicon.ico&hl=en&ifkv=ASKXGp0eXb02xGyeQV7yK75A_mdJOaiKCj48U9kP3M8hHIr-b3ghsyIB8lue02H468LxJc2uMqDGSw&passive=true&service=youtube&uilel=3&flowName=GlifWebSignIn&flowEntry=ServiceLogin&dsh=S1392950988%3A1701396247469343&theme=glif
Requested by
Host: r.nizarstream.xyz
URL: http://r.nizarstream.xyz/nba/stream/3447
Protocol
H2
Server
2a00:1450:4001:827::200d Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
http://r.nizarstream.xyz/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

Redirect headers

date
Fri, 01 Dec 2023 02:04:07 GMT
strict-transport-security
max-age=31536000; includeSubDomains
content-encoding
gzip
content-security-policy
require-trusted-types-for 'script';report-uri /cspreport, script-src 'report-sample' 'nonce-nDK1j_qC9IYsNzx1pbZi_g' 'unsafe-inline' 'unsafe-eval';object-src 'none';base-uri 'self';report-uri /cspreport
x-content-type-options
nosniff
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
406
x-xss-protection
1; mode=block
pragma
no-cache
server
GSE
x-frame-options
DENY
report-to
{"group":"coop_gse_qebhlk","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/gse_qebhlk"}]}
content-type
text/html; charset=UTF-8
location
https://accounts.google.com/v3/signin/identifier?continue=https%3A%2F%2Fwww.youtube.com%2Ffavicon.ico&hl=en&ifkv=ASKXGp0eXb02xGyeQV7yK75A_mdJOaiKCj48U9kP3M8hHIr-b3ghsyIB8lue02H468LxJc2uMqDGSw&passive=true&service=youtube&uilel=3&flowName=GlifWebSignIn&flowEntry=ServiceLogin&dsh=S1392950988%3A1701396247469343&theme=glif
cache-control
no-cache, no-store, max-age=0, must-revalidate
cross-origin-opener-policy-report-only
same-origin; report-to="coop_gse_qebhlk"
expires
Mon, 01 Jan 1990 00:00:00 GMT
OUdKa1UWeCkYaFh3HCUAC3IeCDtVKh0tOQAheCUCYSkEXg9VLGwfPF16c1JsC3V8TSVQI3dabR80PgohTDR3WnNQKSwEaB8xd1p7CWl4RWEfMndac003KwxoCGE6HyFVentcZQh0c11nDXB4WmM
dthechildren.org/ 		0
246 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dthechildren.org/OUdKa1UWeCkYaFh3HCUAC3IeCDtVKh0tOQAheCUCYSkEXg9VLGwfPF16c1JsC3V8TSVQI3dabR80PgohTDR3WnNQKSwEaB8xd1p7CWl4RWEfMndac003KwxoCGE6HyFVentcZQh0c11nDXB4WmM
Requested by
Host: r.nizarstream.xyz
URL: http://r.nizarstream.xyz/nba/stream/3447
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.67.216.145 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
http://r.nizarstream.xyz/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date
Fri, 01 Dec 2023 02:04:07 GMT
cf-cache-status
DYNAMIC
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=d8FqglVQguen4s%2FsRf2p3Ww4UwuyqRK0txBWOGKiGyIEbNtxbWAM5lV9KXC3v1W0dL44NuTA%2BcMBbIz8aPe%2FezMX47vZrydYZ%2Bby5jUuWnmfZOWfFfRNIrENrAMkguKHxxtc"}],"group":"cf-nel","max_age":604800}
access-control-allow-origin
*
cf-ray
82e7c1f1de9c2c45-FRA
alt-svc
h3=":443"; ma=86400
tag.min.js
arvigorothan.com/ 		79 KB
28 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://arvigorothan.com/tag.min.js
Requested by
Host: r.nizarstream.xyz
URL: http://r.nizarstream.xyz/nba/stream/3447
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3030::6815:1e22 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
4cf877fea21245f7ede988e65032ff8f3094b9d3b341c826df407c6bcc0f88ba

Request headers

accept-language
de-DE,de;q=0.9
Referer
http://r.nizarstream.xyz/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date
Fri, 01 Dec 2023 02:04:07 GMT
content-encoding
br
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
77378
alt-svc
h3=":443"; ma=86400
x-trace-id
1a4b20e012625dc6694ab8f5754f57c4
pragma
no-cache
last-modified
Wed, 29 Nov 2023 09:53:22 GMT
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version, Sec-CH-UA-Wow64
server
cloudflare
access-control-max-age
86400
access-control-allow-methods
GET, POST, OPTIONS
content-type
text/javascript; charset=utf-8
access-control-allow-origin
*
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=OiZyilhjdlSWD%2Ft4ld%2B7ChITSINGynCnwDwT961BGwDp2revCq795ncLO0wGP3SBXBvT1l3ypflbQQHiWjaIkUrgRXHloaKg%2Bn3m1tPm%2B8FfeamhqA1Xfvc15kqHQpXUk%2BSrKpi8tvsSh1CoK5iU"}],"group":"cf-nel","max_age":604800}
cache-control
max-age=86400
access-control-allow-credentials
true
vary
Accept-Encoding
timing-allow-origin
*
access-control-allow-headers
Accept, Content-Type, Content-Length, Accept-Encoding, baggage, sentry-trace
cf-ray
82e7c1f1cadb1e18-FRA
expires
Fri, 01 Dec 2023 04:34:29 GMT
/
whos.amung.us/pingjs/ 		29 B
313 B 		Script
General
Check archive.org
Download Go to
Full URL
http://whos.amung.us/pingjs/?k=i4ripbuzdd&t=Nizar%20Stream&c=s&x=http%3A%2F%2Fr.nizarstream.xyz%2Fnba%2Fstream%2F3447&y=&a=0&d=0&v=27&r=502
Requested by
Host: waust.at
URL: http://waust.at/s.js
Protocol
HTTP/1.1
Server
2606:4700:10::ac43:88d , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
04449e1576487f054de0317aaf2ab7023393a1c4f14b9a90812d169285eec9fe

Request headers

accept-language
de-DE,de;q=0.9
Referer
http://r.nizarstream.xyz/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

Date
Fri, 01 Dec 2023 02:04:07 GMT
content-encoding
gzip
CF-Cache-Status
DYNAMIC
Server
cloudflare
Transfer-Encoding
chunked
Content-Type
text/javascript;charset=UTF-8
Connection
keep-alive
CF-RAY
82e7c1f1af0f91f6-FRA
js
www.googletagmanager.com/gtag/ 		241 KB
84 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagmanager.com/gtag/js?id=G-L8FZ1M8TLB&l=dataLayer&cx=c
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=UA-176080661-1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82f::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
12879640eb8ddd73bae98ebc73bba433b1d91edcda54c565903dff5886061a9d
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
http://r.nizarstream.xyz/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date
Fri, 01 Dec 2023 02:04:07 GMT
content-encoding
br
strict-transport-security
max-age=31536000; includeSubDomains
server
Google Tag Manager
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
access-control-allow-headers
Cache-Control
content-length
85553
x-xss-protection
0
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires
Fri, 01 Dec 2023 02:04:07 GMT
analytics.js
www.google-analytics.com/ 		52 KB
21 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.google-analytics.com/analytics.js
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=UA-176080661-1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:802::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
de36e50194320a7d3ef1ace9bd34a875a8bd458b253c061979dd628e9bf49afd
Security Headers
Name Value
Strict-Transport-Security max-age=10886400; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
http://r.nizarstream.xyz/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

strict-transport-security
max-age=10886400; includeSubDomains; preload
content-encoding
gzip
x-content-type-options
nosniff
date
Fri, 01 Dec 2023 01:49:38 GMT
last-modified
Mon, 12 Jun 2023 18:23:07 GMT
server
Golfe2
age
869
vary
Accept-Encoding
content-type
text/javascript
cache-control
public, max-age=7200
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
20994
expires
Fri, 01 Dec 2023 03:49:38 GMT
a
www.googletagmanager.com/ 		0
57 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.googletagmanager.com/a?id=UA-176080661-1&v=3&t=t&pid=206635164&cv=1&rv=3bt0&tc=2&es=1&e=gtm.init_consent&eid=-1&h=Ag&dl=r.nizarstream.xyz%2Fnba%2Fstream%2F3447&tdp=UA-176080661-1;;0;0;0&z=0
Requested by
Host: r.nizarstream.xyz
URL: http://r.nizarstream.xyz/nba/stream/3447
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82f::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
http://r.nizarstream.xyz/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date
Fri, 01 Dec 2023 02:04:07 GMT
server
Google Tag Manager
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
content-type
text/html
td
www.googletagmanager.com/ 		0
130 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.googletagmanager.com/td?id=UA-176080661-1&v=3&t=t&pid=206635164&cv=1&rv=3bt0&tc=2&es=1&e=gtm.init_consent&eid=-1&h=Ag&dl=r.nizarstream.xyz%2Fnba%2Fstream%2F3447&tdp=UA-176080661-1;;0;0;0&z=0
Requested by
Host: r.nizarstream.xyz
URL: http://r.nizarstream.xyz/nba/stream/3447
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82f::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
http://r.nizarstream.xyz/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 01 Dec 2023 02:04:07 GMT
server
Golfe2
content-type
image/gif
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
a
www.googletagmanager.com/ 		0
49 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.googletagmanager.com/a?id=UA-176080661-1&v=3&t=t&pid=206635164&cv=1&rv=3bt0&tc=2&es=1&e=gtm.init&eid=0&h=Ag&z=0
Requested by
Host: r.nizarstream.xyz
URL: http://r.nizarstream.xyz/nba/stream/3447
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82f::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
http://r.nizarstream.xyz/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date
Fri, 01 Dec 2023 02:04:07 GMT
server
Google Tag Manager
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
content-type
text/html
a
www.googletagmanager.com/ 		0
49 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.googletagmanager.com/a?id=UA-176080661-1&v=3&t=t&pid=206635164&cv=1&rv=3bt0&tc=2&es=1&e=gtag.config&eid=1&h=Ag&tr=1rep.1zone&ti=1rep.1zone&z=0
Requested by
Host: r.nizarstream.xyz
URL: http://r.nizarstream.xyz/nba/stream/3447
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82f::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
http://r.nizarstream.xyz/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date
Fri, 01 Dec 2023 02:04:07 GMT
server
Google Tag Manager
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
content-type
text/html
a
www.googletagmanager.com/ 		0
49 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.googletagmanager.com/a?id=UA-176080661-1&v=3&t=t&pid=206635164&cv=1&rv=3bt0&tc=2&es=1&e=gtag.config&eid=2&h=Ag&epr=1UA&z=0
Requested by
Host: r.nizarstream.xyz
URL: http://r.nizarstream.xyz/nba/stream/3447
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82f::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
http://r.nizarstream.xyz/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date
Fri, 01 Dec 2023 02:04:07 GMT
server
Google Tag Manager
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
content-type
text/html
a
www.googletagmanager.com/ 		0
49 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.googletagmanager.com/a?id=UA-176080661-1&v=3&t=t&pid=206635164&cv=1&rv=3bt0&tc=2&es=1&e=gtm.dom&eid=3&h=Ag&z=0
Requested by
Host: r.nizarstream.xyz
URL: http://r.nizarstream.xyz/nba/stream/3447
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82f::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
http://r.nizarstream.xyz/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date
Fri, 01 Dec 2023 02:04:07 GMT
server
Google Tag Manager
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
content-type
text/html
/
phaipaun.net/5/6522317/ 		3 KB
2 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://phaipaun.net/5/6522317/?oo=1&js_build=iclick-v1.635.0
Requested by
Host: arvigorothan.com
URL: https://arvigorothan.com/tag.min.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
139.45.197.245 , United Kingdom, ASN9002 (RETN-AS, GB),
Reverse DNS
Software
nginx /
Resource Hash
f01c8ad2fcb517d9bc54da8f3b72c3e7005e1eb5618d36cfb19a405b2cbd0df4

Request headers

accept-language
de-DE,de;q=0.9
Referer
http://r.nizarstream.xyz/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date
Fri, 01 Dec 2023 02:04:07 GMT
content-encoding
gzip
x-trace-id
449538cbc07ab6efa41a39aaf125b755
pragma
no-cache, no-cache
server
nginx
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version, Sec-CH-UA-Wow64
access-control-max-age
86400
access-control-allow-methods
GET, POST, OPTIONS
content-type
application/json
access-control-allow-origin
http://r.nizarstream.xyz
cache-control
no-transform, no-store, no-cache, must-revalidate, max-age=0, no-store, no-cache, must-revalidate, max-age=0
access-control-allow-credentials
true
timing-allow-origin
*
link
<https://my.rtmark.net>; rel="preconnect dns-prefetch",<https://propeller-tracking.com>; rel="preconnect dns-prefetch",<https://sr7pv7n5x.com>; rel="preconnect dns-prefetch"
access-control-allow-headers
Accept, Content-Type, Content-Length, Accept-Encoding, baggage, sentry-trace
expires
Tue, 11 Jan 1994 10:00:00 GMT, Mon, 26 Jul 1997 05:00:00 GMT
collect
region1.google-analytics.com/g/ 		0
255 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://region1.google-analytics.com/g/collect?v=2&tid=G-L8FZ1M8TLB&gtm=45je3bt0v869163772&_p=1701396247138&gcd=11l1l1l1l1&dma_cps=sypham&dma=1&cid=2028540869.1701396247&ul=en-us&sr=1600x1200&_eu=AAAI&_s=1&sid=1701396247&sct=1&seg=0&dl=http%3A%2F%2Fr.nizarstream.xyz%2Fnba%2Fstream%2F3447&dt=Nizar%20Stream&en=page_view&_fv=1&_nsi=1&_ss=1&tfd=580
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-L8FZ1M8TLB&l=dataLayer&cx=c
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2001:4860:4802:32::36 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
http://r.nizarstream.xyz/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 01 Dec 2023 02:04:07 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
http://r.nizarstream.xyz
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
truncated
/ 		439 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
f6d82f567d08ec91a1b6ef0d4abf21be7a2d3dbc0a41c122584ea3536755b3ac

Request headers

accept-language
de-DE,de;q=0.9
Referer
http://r.nizarstream.xyz/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

Content-Type
image/gif
CQxQN2QPQQBhawdeUyA2WAgEFDBQSlMiHVxKHycjUkUIdTVXFl5uf1MWWm5oEBldMWQCXk0jNl1FVDwqRg5SJSNODB8mOAsVVikwWhRYdmtwTRdjfARIESQwWBxWJCoTSgk9LRNKCWJpGEgcYBsTSgkkMFhODXZqdF0LYyEATBB2awYZSS-M1Uw9cMTJfDBxhHwNL...
d7tst6bnt99p2.cloudfront.net/UeDlTWTYbVj0/ Frame C481 		729 B
926 B 		Script
General
Check archive.org
Download Go to
Full URL
http://d7tst6bnt99p2.cloudfront.net/UeDlTWTYbVj0/CQxQN2QPQQBhawdeUyA2WAgEFDBQSlMiHVxKHycjUkUIdTVXFl5uf1MWWm5oEBldMWQCXk0jNl1FVDwqRg5SJSNODB8mOAsVVikwWhRYdmtwTRdjfARIESQwWBxWJCoTSgk9LRNKCWJpGEgcYBsTSgkkMFhODXZqdF0LYyEATBB2awYZSS-M1Uw9cMTJfDBxhHwNLDn1qAF0LY3FdEE0+NRNKenZrBhRQODwTSgk0PFUTVnp8BEhaOytZFVx2a3BJCGp3BlYPY20DVghqYBNKCSA4UBlLOnwEPgxgbhhLD3UsC0k
Requested by
Host: tontrinevengre.com
URL: http://tontrinevengre.com/NUJVVDNUIDY5DFR/N3JGRy5ocQFzZ2cSVwI2JiAFVywhbQpFcHs3X1o3MTJBWiwhel1QNnBmdWAnEThnYhYMNmVfcnBmdXYTLQV9BxMFBWJ3KjQjV1AXLBUBYgMyEXVxAAQHX3grHQJLfgosN1lgKQAdV2EUDRJfADczZX5iFThhXHAAOTB+YhMWDFgFKBs4AnMUESNCZyVgB3lmDBoQcQ0vGhVAYxQ8P0RiKgcNV1g2IgBhUSgzFWF8BwYFRGIALQN5di0BB1ReexkGfX4BAh5DcgcyN2p3MQEHVF4pGBJbegYNDkJRBGUYakwHFABxd3A0I2pvEQZ5fgQXIm1QeBYfMnd3Oj0cRHsOEToCRAMTZH9scRMwdnBycGZxexAbH1ZbGCcWW2cTGhBEYREyPwNlBAAAZVsybRZ2XSMaLUdvBAMsAVRxFx5wcjJmFl9sEgxmA3EUMjxCbAAbH3BmA2EBcVkOGjpEcBIyLFRXKj0YdwYXJhcDXmQ/J1xbMmgTWlNwPyV3X3A
Protocol
HTTP/1.1
Server
2600:9000:206f:be00:1d:c6b0:9580:21 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
/
Resource Hash
f3ad99e29e50da40a009995644e1e81c7be9ac78b897c78a4baf9a68ccdc3fb7

Request headers

accept-language
de-DE,de;q=0.9
Referer
http://tontrinevengre.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

Date
Fri, 01 Dec 2023 02:04:07 GMT
Content-Encoding
gzip
Via
1.1 5ab5e654a3dc7079aad7ac64ec697d82.cloudfront.net (CloudFront)
X-Amz-Cf-Pop
FRA56-C1
X-Cache
Miss from cloudfront
access-control-allow-origin
*
Cache-Control
max-age=31556926
Connection
keep-alive
Content-Length
539
X-Amz-Cf-Id
_0r0zqjF9AYnpEAnN6gdSqrU8XOy7DCR0b60sW3uQOFG7nPgzeapXw==
DxgiWCIJVWJxfl1JfgdhWkBkAmFdSWkSfVwDMVEuHhl1BQlZQ2cZfFpWJQp+
d7tst6bnt99p2.cloudfront.net/RbHBQN08PHz5RcBgZNAp2VUliBXlKGiNYIRxNHWE2D0QSWicCJRFeGFpWJE0rUUF2Wy4CF20RKgITbQZpDRQyCntKBTEKIgMKOVsjDVVicXpCQHUFf0QHOVkrAwcjEn1cHiQSfVxBYBl/SUMSEn1cBzlZeVhVY3VqXkAoAXt... Frame 761C 		198 B
577 B 		Script
General
Check archive.org
Download Go to
Full URL
http://d7tst6bnt99p2.cloudfront.net/RbHBQN08PHz5RcBgZNAp2VUliBXlKGiNYIRxNHWE2D0QSWicCJRFeGFpWJE0rUUF2Wy4CF20RKgITbQZpDRQyCntKBTEKIgMKOVsjDVVicXpCQHUFf0QHOVkrAwcjEn1cHiQSfVxBYBl/SUMSEn1cBzlZeVhVY3VqXkAoAXtFVWIHLhwAPFI4CRI7XjtJQh-YCfFteYwFqXkB4XCcYHTwSfS9VYgcjBRs1En1cFzVUJANZdQV/DxgiWCIJVWJxfl1JfgdhWkBkAmFdSWkSfVwDMVEuHhl1BQlZQ2cZfFpWJQp+
Requested by
Host: tontrinevengre.com
URL: http://tontrinevengre.com/c3ozWUUSGFA0ehJHUX8wARYOfHc1XwEfIUQOQC1zERRHYHwDSB06KRwPVz83HBRHdysWDhZrAyEYexsUPUoLCQ0JT2E6BxQgfRg1QSxmNSwxIl8SAho0ahAXCzR7DgBBPgMIFiQTUBoPITxWHgMDLXkcdQEvZh93JAMHGgNBSmESIjouUQgfAz5hCDwwFEcSByc/eBAiPjF8DzYZPmUPLBAiQxoUOy91P3UiMnwPLgE7RDovNhQCOg0aK2A/Ews4ahspVkh1ChA+KXY3dBA4STUfFixbDxxALEIBLjIVcgExNSxkEA0/EkQYFTUzBxoXOk1rMzE5K1t0HDAcdS0gKg11KB0YOAcBBhAjew0yIBxgYBMqHVAzByEJAhwrQhl1IxMmMHIXHxcrZXx3NT5LPiwkOXoTEyQwSz8pQjBVPiEbLVgbLjIXdT0WJBFgPxMEPn4PAAYyWzV0MStfAxRBGWk/AwMteQg1Vkhxfy8AFV0peD4sSjpxMRdbNxAyE2Rv
Protocol
HTTP/1.1
Server
2600:9000:206f:be00:1d:c6b0:9580:21 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
/
Resource Hash
03600d03ebad47a64a4a7723b5c740c05ff75dbb7a93118b943c0e77a066ed78

Request headers

accept-language
de-DE,de;q=0.9
Referer
http://tontrinevengre.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

Date
Fri, 01 Dec 2023 02:04:07 GMT
Content-Encoding
gzip
Via
1.1 2fc0d20914c32e5cd76477ed042298d0.cloudfront.net (CloudFront)
X-Amz-Cf-Pop
FRA56-C1
X-Cache
Miss from cloudfront
access-control-allow-origin
*
Cache-Control
max-age=31556926
Connection
keep-alive
Content-Length
190
X-Amz-Cf-Id
-BzfX8z6jI7CGCK3IBGfcIq9g_Q-b5pLSQjsEziZn_Xfq0pi5XNlaQ==
ZRxVVWxnBkhRZCEPU1N2YwdRWHptBVdWemQKQBUyNVVbUGQkRhINf2UFVlBxbQRUVXVhBV4
dthechildren.org/QlQyZmFta1EVXBBkWiU0FQIXVCcnDGgNNywCSgI2AAZWLhE6DmQ3RzY9VltYe20AVFBkJFsCXHNyQRIANiFBW1JyZANACCwyXVtRcmQDQBd/ 		0
245 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dthechildren.org/QlQyZmFta1EVXBBkWiU0FQIXVCcnDGgNNywCSgI2AAZWLhE6DmQ3RzY9VltYe20AVFBkJFsCXHNyQRIANiFBW1JyZANACCwyXVtRcmQDQBd/ZRxVVWxnBkhRZCEPU1N2YwdRWHptBVdWemQKQBUyNVVbUGQkRhINf2UFVlBxbQRUVXVhBV4
Requested by
Host: r.nizarstream.xyz
URL: http://r.nizarstream.xyz/nba/stream/3447
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.67.216.145 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
http://r.nizarstream.xyz/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date
Fri, 01 Dec 2023 02:04:07 GMT
cf-cache-status
DYNAMIC
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=iB6oH8ZkN5LnmsMDrOP%2BV%2BFdkgMJ7GCCtIjeKK0SJWKeAUEqWnuTJ8THt8MSf7RvW9OzVlzQpaJRCm2vqTbA6%2F82oK0hO6m4CHZUBhm9oMobGIf4%2BNvi2qSxhrmf7P1y1LAQ"}],"group":"cf-nel","max_age":604800}
access-control-allow-origin
*
cf-ray
82e7c1f38f622c45-FRA
alt-svc
h3=":443"; ma=86400
collect
www.google-analytics.com/j/ 		1 B
207 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://www.google-analytics.com/j/collect?v=1&_v=j101&a=1780855199&t=pageview&_s=1&dl=http%3A%2F%2Fr.nizarstream.xyz%2Fnba%2Fstream%2F3447&ul=en-us&de=UTF-8&dt=Nizar%20Stream&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=YADAAUABAAAAACAAI~&jid=1857210670&gjid=1591263924&cid=2028540869.1701396247&tid=UA-176080661-1&_gid=455296452.1701396248&_r=1&gtm=457e3bt0&gcd=11l1l1l1l1&dma_cps=sypham&dma=1&jsscut=1&z=2006759233
Requested by
Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:802::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
http://r.nizarstream.xyz/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Fri, 01 Dec 2023 02:04:07 GMT
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
http://r.nizarstream.xyz
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
1
expires
Fri, 01 Jan 1990 00:00:00 GMT
popunder.gif
dthechildren.org/
Redirect Chain
  • http://dthechildren.org/popunder.gif
  • https://dthechildren.org/popunder.gif
35 B
530 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dthechildren.org/popunder.gif
Requested by
Host: r.nizarstream.xyz
URL: http://r.nizarstream.xyz/nba/stream/3447
Protocol
H3
Server
172.67.216.145 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Request headers

accept-language
de-DE,de;q=0.9
Referer
http://r.nizarstream.xyz/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

pragma
public
date
Fri, 01 Dec 2023 02:04:08 GMT
cf-cache-status
HIT
last-modified
Thu, 30 Nov 2023 19:35:46 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
age
23302
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=JKf7gkZh9IZvoCJvEqTuvMOO7Ev1V3rMFxftHAtAqWauEs1ZCbza0fZvQ5c0xQH34IMSm2fnSMq%2FOE5VXtG%2Fh%2BYJaVrCSbxcdxyFjXexDzrkErNTnJhZcF82ImIm6qfPWmiJ"}],"group":"cf-nel","max_age":604800}
content-type
image/gif
access-control-allow-origin
*
cache-control
public, max-age=604800, immutable
cf-ray
82e7c1f63a9a65a5-FRA
alt-svc
h3=":443"; ma=86400

Redirect headers

Date
Fri, 01 Dec 2023 02:04:07 GMT
NEL
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Server
cloudflare
Transfer-Encoding
chunked
Report-To
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=rkPWa%2FS%2FGKiEnab%2FtvnJOAuVh6k9CvPYErDo6VWjnAdP1NF6zlou2csd4IBQY4s%2Fw7LfL3QvGeifhYeSoOY0%2FCSuaRsfbAiDwFxKXvfWTrVwEuRKuDfE3BtSpI46BME5LJwm"}],"group":"cf-nel","max_age":604800}
Location
https://dthechildren.org/popunder.gif
Cache-Control
max-age=3600
Vary
Accept-Encoding
Connection
keep-alive
CF-RAY
82e7c1f56ed187bd-SIN
alt-svc
h3=":443"; ma=86400
Expires
Fri, 01 Dec 2023 03:04:07 GMT
gid.js
my.rtmark.net/ 		65 B
545 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://my.rtmark.net/gid.js?userId=dd0b9a775dd04b23b16289082dbc22d8
Requested by
Host: arvigorothan.com
URL: https://arvigorothan.com/tag.min.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
139.45.195.8 , United Kingdom, ASN9002 (RETN-AS, GB),
Reverse DNS
Software
nginx /
Resource Hash
52523bd8a2f98ebb6249d4e2708710c002628623208d8832fdbeaf15f3c646ef
Security Headers
Name Value
Strict-Transport-Security max-age=1
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
http://r.nizarstream.xyz/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date
Fri, 01 Dec 2023 02:04:07 GMT
strict-transport-security
max-age=1
x-content-type-options
nosniff
server
nginx
access-control-allow-methods
POST, GET, OPTIONS, PUT, DELETE
content-type
application/json; charset=utf-8
access-control-allow-origin
http://r.nizarstream.xyz
access-control-expose-headers
Authorization
access-control-allow-credentials
true
timing-allow-origin
*, *
access-control-allow-headers
Accept, Content-Type, Content-Length, Accept-Encoding, Authorization,X-CSRF-Token
content-length
65
style.css
liveon.sx/css/ Frame 3A6C 		1 KB
718 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://liveon.sx/css/style.css
Requested by
Host: liveon.sx
URL: https://liveon.sx/ch38
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a06:98c1:3121::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
28160a19cfb42195ee308b0882331c39b8ae115eba06ecd2fa4a5d726fdd4d57

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://liveon.sx/ch38
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date
Fri, 01 Dec 2023 02:04:07 GMT
content-encoding
br
cf-cache-status
HIT
last-modified
Thu, 11 Feb 2021 21:01:37 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
age
258198
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=wzRgwa0gamcTyr8%2Bn3Zr0o4bxkkMtlLFR5srq7P7zhgSPkvtbvi%2F026O2KNOSN1xRHSJYi89nUuYI4xZ%2FxAr8fchEgEyoAoHlXaXLuv43b84WnGKIfG5qRmHhPxclw%2B3m3IkwoGI0U0%3D"}],"group":"cf-nel","max_age":604800}
content-type
text/css
cache-control
public, max-age=604800
cf-ray
82e7c1f3e94903a0-FRA
alt-svc
h3=":443"; ma=86400
expires
Tue, 05 Dec 2023 02:20:49 GMT
custom.css
liveon.sx/css/ Frame 3A6C 		1 KB
894 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://liveon.sx/css/custom.css
Requested by
Host: liveon.sx
URL: https://liveon.sx/ch38
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a06:98c1:3121::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
21741f4c3c1cc76603f88a6a05de3686be778084ef201b52c4d27839afed55e2

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://liveon.sx/ch38
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date
Fri, 01 Dec 2023 02:04:07 GMT
content-encoding
br
cf-cache-status
HIT
last-modified
Sun, 20 Aug 2023 08:21:15 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
age
165692
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=WmJT7mEuePB%2BGiGzUnuyPdD%2BE7U0swHYAcBmvfNDV5PztLQQFds%2F%2BsurxMyhSveCbs7OYxFWyqoZblcpdyKOhkZLzwBhk5EX0oqCIyazbwmWXpc%2FsMMnElimr33zIVh1NXP%2Bzazblv0%3D"}],"group":"cf-nel","max_age":604800}
content-type
text/css
cache-control
public, max-age=604800
cf-ray
82e7c1f3f94a03a0-FRA
alt-svc
h3=":443"; ma=86400
expires
Wed, 06 Dec 2023 04:02:35 GMT
utils.js
mvujvxc.com/script/ Frame 3A6C 		169 KB
53 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://mvujvxc.com/script/utils.js
Requested by
Host: liveon.sx
URL: https://liveon.sx/ch38
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:e2::ac40:8518 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
a813ed10d3ee16f528fbd98defdfb629e6f098d897137b95c887650041ccf67f

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://liveon.sx/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date
Fri, 01 Dec 2023 02:04:07 GMT
content-encoding
br
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
235
x-guploader-uploadid
ABPtcPqM2uVlwHY27oZoyxbg_uNgNefEEFzM1t8z7HktrGoPV5RbnN3MQdQvnQ9vhFH2V15GE6tvocKXzfVdlg9_MwDrsg
x-goog-storage-class
MULTI_REGIONAL
x-goog-metageneration
2
x-goog-stored-content-encoding
identity
alt-svc
h3=":443"; ma=86400
last-modified
Mon, 27 Nov 2023 09:43:35 GMT
server
cloudflare
etag
W/"5f094b8a3032f9b5b156ee0fc869b69c"
vary
Accept-Encoding
x-goog-hash
crc32c=qHOSqg==, md5=XwlLijAy+bWxVu4PyGm2nA==
x-goog-generation
1701078215031777
content-type
text/javascript
access-control-allow-origin
*
access-control-expose-headers
Content-Length, Date, Server, Transfer-Encoding, X-GUploader-UploadID, X-Google-Trace
cache-control
public, max-age=14400
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=dgcYUEb1R5j%2BvwQwUzWVpUp%2BKwwY1%2B5IBdqbWDX8TjopPC2hvvjmobNHxSR9gk3hPMiQZueasKD%2BqSMvELX4o3KnrHg0l%2BEtKC%2FmFsIwEKh%2BpX4yUiwAV979%2BXatGTndN1X36iW3Jm7jiA%3D%3D"}],"group":"cf-nel","max_age":604800}
x-goog-stored-content-length
172787
cf-ray
82e7c1f50917b97b-AMS
expires
Fri, 01 Dec 2023 02:06:34 GMT
b5d5e2cbaa884029b13637009b94e342.js
sodainquired.com/b5/d5/e2/ Frame 3A6C 		0
0 		Script
General
Check archive.org
Download Go to
Full URL
https://sodainquired.com/b5/d5/e2/b5d5e2cbaa884029b13637009b94e342.js
Requested by
Host: liveon.sx
URL: https://liveon.sx/ch38
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
173.233.139.164 , United States, ASN7979 (SERVERS-COM, US),
Reverse DNS
Software
nginx/1.21.6 /
Resource Hash

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://liveon.sx/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

Date
Fri, 01 Dec 2023 02:04:08 GMT
Server
nginx/1.21.6
Accept-CH
Device-Stock-UA,Sec-CH-UA,Sec-CH-UA-Full-Version,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version,User-Agent,X-Device-User-Agent,X-OperaMini-Phone-UA,X-UCBrowser-Device-UA
P3P
CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
Access-Control-Allow-Origin
*
Content-Type
application/javascript
Connection
keep-alive
Content-Length
0
/
widgets.amung.us/draw/ Frame 3A6C
Redirect Chain
  • https://whos.amung.us/cwidget/livesport/000000ffffff.png
  • https://widgets.amung.us/draw/?w=colored&n=3188&c=000000ffffff&p=left
2 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://widgets.amung.us/draw/?w=colored&n=3188&c=000000ffffff&p=left
Requested by
Host: liveon.sx
URL: https://liveon.sx/ch38
Protocol
H2
Server
2606:4700:10::ac43:88d , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
5f7ddb3861270b813fdc09a8dced6496d7bd936c56b27a6ff0060c9010b6f7c2

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://liveon.sx/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date
Fri, 01 Dec 2023 02:04:08 GMT
cf-cache-status
MISS
last-modified
Fri, 01 Dec 2023 02:04:08 GMT
server
cloudflare
vary
Accept-Encoding
content-type
image/png
access-control-allow-origin
*
cache-control
max-age=2678400
content-disposition
filename=wau-widget.png
cf-ray
82e7c1f69fad2c39-FRA
expires
Sat, 02 Dec 2023 02:04:08 GMT

Redirect headers

location
https://widgets.amung.us/draw/?w=colored&n=3188&c=000000ffffff&p=left
date
Fri, 01 Dec 2023 02:04:08 GMT
cache-control
no-cache, no-store, must-revalidate
cf-cache-status
DYNAMIC
server
cloudflare
cf-ray
82e7c1f50e9a2c39-FRA
content-type
text/html; charset=UTF-8
/
ptugnoaw.net/ 		2 KB
3 KB 		Fetch
General
Check archive.org
Download Go to
Full URL
http://ptugnoaw.net/?rb=2gGvGMeEnLUHwjzabegHrQBI6ZAGfaBIIFjWE5GNqqQjMAdpmtBA5vK-lPWTy_9INBpsZczWZt-aPfDBTaG8f3WapnoGXlsipgNhl65lr-ohUOnksJ7KBD-pkq5H91KvdLF-jybumLFuOia570b7S6APmU5N9M0I9uNU4tj35Z_Y31AD-xwGDXsSjkAY6It9vOt5dOEcWqaOKvPthB7F0Ob0O2sNaCEssFSiq_A4CF87zz3FAMBeULfSWKIKsL_s6AmSfQ3ml_IkyMqPKVfnkyedfRd0mETr&request_ab2=0&zoneid=6522317&js_build=iclick-v1.635.0&fs=0&cf=0&sw=1600&sh=1200&sah=1200&wx=0&wy=0&ww=1600&wh=1200&cw=1600&wih=1200&wiw=1600&wfc=3&pl=http%3A%2F%2Fr.nizarstream.xyz%2Fnba%2Fstream%2F3447&drf=&np=1&pt=0&nb=1&ng=1&ix=0&nw=1&tb=false&wgl=Intel%20Iris%20OpenGL%20Engine&js_build=iclick-v1.635.0&bs=16969fdc-2d3f-47f3-be99-af2b1389ee09&userId=dd0b9a775dd04b23b16289082dbc22d8&m=link
Requested by
Host: arvigorothan.com
URL: https://arvigorothan.com/tag.min.js
Protocol
HTTP/1.1
Server
139.45.197.245 , United Kingdom, ASN9002 (RETN-AS, GB),
Reverse DNS
Software
nginx /
Resource Hash
d492b1de7fab065eb2fccdffe6c369df61414abf71690493856e232447ec0bb2
Security Headers
Name Value
Strict-Transport-Security max-age=1
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
http://r.nizarstream.xyz/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

Date
Fri, 01 Dec 2023 02:04:07 GMT
Strict-Transport-Security
max-age=1
X-Content-Type-Options
nosniff
Content-Encoding
gzip
Transfer-Encoding
chunked
Connection
keep-alive
X-Trace-Id
8d0a43a122fc674afc1b409800b3cb4c
Pragma
no-cache
Server
nginx
Accept-Ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version, Sec-CH-UA-Wow64
Access-Control-Max-Age
86400
Access-Control-Allow-Methods
GET, POST, OPTIONS
Content-Type
application/json
Access-Control-Allow-Origin
http://r.nizarstream.xyz
Cache-Control
no-transform, no-store, no-cache, must-revalidate, max-age=0
Access-Control-Allow-Credentials
true
Timing-Allow-Origin
*, *
Access-Control-Allow-Headers
Accept, Content-Type, Content-Length, Accept-Encoding, baggage, sentry-trace
Expires
Tue, 11 Jan 1994 10:00:00 GMT
suv5.js
mvujvxc.com/script/ Frame 3A6C 		95 KB
32 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://mvujvxc.com/script/suv5.js
Requested by
Host: mvujvxc.com
URL: https://mvujvxc.com/script/utils.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:e2::ac40:8518 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
219c3739b8028f93404314f6f990bd95f2b58ff3650b1058e38581cb75fbccb2

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://liveon.sx/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date
Fri, 01 Dec 2023 02:04:07 GMT
content-encoding
br
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
235
x-guploader-uploadid
ABPtcPp34RiZzGsrBx4D7WZTwfHcZp55-FiQqDdhM3LUWh87C1Et9xuiEL3JXag8qZcuhNoWYp5jLYNUBdB4m-Rw0U0dtubJ6ryT
x-goog-storage-class
MULTI_REGIONAL
x-goog-metageneration
2
x-goog-stored-content-encoding
identity
alt-svc
h3=":443"; ma=86400
last-modified
Mon, 27 Nov 2023 09:42:24 GMT
server
cloudflare
etag
W/"b0ef17dd4d9e449598f5e6f724b17761"
vary
Accept-Encoding
x-goog-hash
crc32c=RNemrA==, md5=sO8X3U2eRJWY9eb3JLF3YQ==
x-goog-generation
1701078144239592
content-type
text/javascript
access-control-allow-origin
*
access-control-expose-headers
Content-Length, Date, Server, Transfer-Encoding, X-GUploader-UploadID, X-Google-Trace
cache-control
public, max-age=14400
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=5YXlR1PEujDngCqF7ckLa3YNE5C35CTisPBVjovBqBeK4BAyn1Zab7VP2E%2B63ivEsqbY6RvHqAOSZ2euEwvBjKA9aIC8Jfv7bEzWKnjfUGXixGsWgZoyGvbZBtMrnsXD3aLWiV42N1PsxA%3D%3D"}],"group":"cf-nel","max_age":604800}
x-goog-stored-content-length
97361
cf-ray
82e7c1f5c98bb97b-AMS
expires
Fri, 01 Dec 2023 02:17:11 GMT
suurl5.php
youradexchange.com/script/ Frame 3A6C 		1 B
528 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://youradexchange.com/script/suurl5.php?r=2278415&cbur=0.8396069035746505&cbiframe=1&cbWidth=1037&cbHeight=583&cbtitle=&cbpage=http%3A%2F%2Fr.nizarstream.xyz%2F&cbref=&cbdescription=&cbkeywords=&cbcdn=mvujvxc.com&ts=1701396248016&srs=bc4b936d8cd2b94db9e838fdac86b9f9&atv=38.3&abtg=1
Requested by
Host: mvujvxc.com
URL: https://mvujvxc.com/script/suv5.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:e4::ac40:aa13 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
01ba4719c80b6fe911b091a7c05124b64eeece964e09c058ef8f9805daca546b

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://liveon.sx/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date
Fri, 01 Dec 2023 02:04:08 GMT
via
1.1 google
cf-cache-status
DYNAMIC
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=exx1CnFTAsmABFFihrCwAUPoyyqRLIi1FzUoQ8tEAYE2QbBZcVFB5rbQOjq3STWxPL6qMGOzlP%2FdQhTzBWNmrUawkuoNMJZPLF3AqT05kuodHigiWEfG5gUCxfSSd4j%2FmyR7kr%2BkTQwkmzsj0uJageI%3D"}],"group":"cf-nel","max_age":604800}
access-control-allow-methods
GET, POST, OPTIONS
access-control-allow-origin
*
content-type
text/html; charset=utf-8
cf-ray
82e7c1f6dceb1c89-AMS
access-control-allow-headers
Content-Type
alt-svc
h3=":443"; ma=86400
ut.js
mvujvxc.com/script/ Frame 3A6C 		80 KB
29 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://mvujvxc.com/script/ut.js?cb=1701396248035
Requested by
Host: mvujvxc.com
URL: https://mvujvxc.com/script/utils.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:e2::ac40:8518 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
9720389cce25ec1cab24bdd9f5cf52654dbe8f80335d66b59655bc30c46760cc

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://liveon.sx/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date
Fri, 01 Dec 2023 02:04:08 GMT
content-encoding
br
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
239
x-guploader-uploadid
ABPtcPrUjQoTHpDVSsIgZsptSmc29KEdqr_Lims-2jaBhWiRcKS17nBLjWXf6X_ZSHOjeIWLerGAsGbZWOcDy3KrGjLn0g
x-goog-storage-class
MULTI_REGIONAL
x-goog-metageneration
2
x-goog-stored-content-encoding
identity
alt-svc
h3=":443"; ma=86400
last-modified
Mon, 27 Nov 2023 09:43:21 GMT
server
cloudflare
etag
W/"8524ed50555070834018d14c28e292e5"
vary
Accept-Encoding
x-goog-hash
crc32c=GKpGKQ==, md5=hSTtUFVQcINAGNFMKOKS5Q==
x-goog-generation
1701078201797678
content-type
text/javascript
access-control-allow-origin
*
cache-control
public, max-age=14400
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=KREckGE4gxpp%2BR79A2zKI%2BWRpHBZOKhNlyTm9SY6ygKfdi9xsoxpAU6KUIw0YARlk6n5fG3yXOmPgLgzeH37Q9hByjGgaIlXqV8kqV%2FpHUz0GQatx4JFubyUWVl0rxQfvGRJD3lFMvUt5g%3D%3D"}],"group":"cf-nel","max_age":604800}
x-goog-stored-content-length
82099
cf-ray
82e7c1f659dab97b-AMS
expires
Fri, 01 Dec 2023 02:52:04 GMT
4o8n25qm1duhfl
candlesouth.net/embed/ Frame 3AEC 		12 KB
6 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://candlesouth.net/embed/4o8n25qm1duhfl?skin=1
Requested by
Host: liveon.sx
URL: https://liveon.sx/ch38
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.67.221.11 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
02be677cbb8e2c302ce4d5fedb6d033cdf85e7c7bda806dd6e742acb9ba9440b

Request headers

Referer
https://liveon.sx/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

alt-svc
h3=":443"; ma=86400
cf-cache-status
DYNAMIC
cf-ray
82e7c1fbedf63609-FRA
content-encoding
br
content-type
text/html; charset=UTF-8
date
Fri, 01 Dec 2023 02:04:09 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=FZWB%2FjbTL%2B6GkY5l6dcwg1CVXay4zz4JY7BGny7iItWoBonSYAol64ud4ZF17CE38zl5me4jSXFiMgKMEJNJdq9gS62O4wgQVsvUlBiT9kNs%2FJdKPGUhesVQ%2BJnAlszu1nM%3D"}],"group":"cf-nel","max_age":604800}
server
cloudflare
js15_as.js
s10.histats.com/ Frame 3A6C 		11 KB
5 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://s10.histats.com/js15_as.js
Requested by
Host: liveon.sx
URL: https://liveon.sx/ch38
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::6814:5063 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
2defe59e357a7d0683c8283ac42841db404a0884cae2eaecebf4b676e559dede

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://liveon.sx/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date
Fri, 01 Dec 2023 02:04:08 GMT
content-encoding
gzip
cf-cache-status
HIT
last-modified
Thu, 16 Apr 2020 10:44:16 GMT
server
cloudflare
age
2825
etag
"-375139978"
vary
Accept-Encoding
content-type
text/javascript
cache-control
max-age=28800
accept-ranges
bytes
cf-ray
82e7c1fbd99e92c9-FRA
content-length
4547
x.png
liveon.sx/img/ Frame 3A6C 		820 B
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://liveon.sx/img/x.png
Requested by
Host: liveon.sx
URL: https://liveon.sx/css/custom.css
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a06:98c1:3121::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
d866b53b42cab9ab12eab829552d60ebfedb10489b7385d78c5da9a50272c749

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://liveon.sx/css/custom.css
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date
Fri, 01 Dec 2023 02:04:08 GMT
cf-cache-status
HIT
last-modified
Sat, 17 Oct 2020 09:54:47 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
age
155410
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=s95yOrS1jLhxzEf6xz3o5N%2Fz4PCFh8HjdeYFTginUoIokzBGbUkBpvLwLJzqw%2BA4lj92AiJFQJz%2FDrsxjqeXdHBV3sowdVfWU5jbxxZ4RUx%2F2YHGZn%2FvZ0g1yT4uwFSoGZKXaVo9a1Q%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/png
cache-control
public, max-age=604800
accept-ranges
bytes
cf-ray
82e7c1fb58b54d85-FRA
alt-svc
h3=":443"; ma=86400
content-length
820
expires
Wed, 06 Dec 2023 06:53:58 GMT
krwkea
qwy.qzqqnknavzjb.top/knvnqnmlbqvzr/ Frame 3A6C 		0
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://qwy.qzqqnknavzjb.top/knvnqnmlbqvzr/krwkea?d=1
Requested by
Host: liveon.sx
URL: https://liveon.sx/ch38
Protocol
HTTP/1.1
Security
TLS 1.2, RSA, AES_128_CBC
Server
23.109.82.104 , Netherlands, ASN7979 (SERVERS-COM, US),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=1
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://liveon.sx/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

Date
Fri, 01 Dec 2023 02:04:09 GMT
Content-Encoding
gzip
X-Content-Type-Options
nosniff
Strict-Transport-Security
max-age=1
Transfer-Encoding
chunked
Connection
keep-alive
Server
nginx
Accept-ch
sec-ch-ua-platform-version,sec-ch-ua-model,sec-ch-ua-full-version
Access-Control-Max-Age
600
Access-Control-Allow-Methods
GET, POST, OPTIONS
Content-Type
application/javascript; charset=utf-8
Access-Control-Allow-Origin
https://liveon.sx
Vary
Accept-Encoding
Access-Control-Allow-Credentials
true
Keep-Alive
timeout=20
Access-Control-Allow-Headers
content-type, megageocheckolololo, x-forwarded-for, x-requested-with, cache-control, pragma, expires
0.php
s4.histats.com/stats/ Frame 3A6C 		52 B
186 B 		Script
General
Check archive.org
Download Go to
Full URL
https://s4.histats.com/stats/0.php?3681769&@f16&@g1&@h0&@i0&@j0&@k0&@l0&@mLive%20Footbal%20Streaming%20-%20Live%20Premier%20League&@n0&@ohttp%3A%2F%2Fr.nizarstream.xyz%2F&@q0&@r0&@s0&@ten-US&@u1600&@b1:-118837648&@b3:1701396249&@b4:js15_as.js&@b5:60&@a-_0.2.1&@vhttps%3A%2F%2Fliveon.sx%2Fch38&@w
Requested by
Host: s10.histats.com
URL: https://s10.histats.com/js15_as.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
158.69.254.144 Montreal, Canada, ASN16276 (OVH, FR),
Reverse DNS
ns548341.ip-158-69-254.net
Software
/
Resource Hash
5f9b8b3135a99cf299f7ac983a1ecb22c5dbf20e61fa34b18e0769da089934a4

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://liveon.sx/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

Date
Fri, 01 Dec 2023 02:04:09 GMT
Connection
close
Content-Length
52
Content-Type
text/html;charset=UTF-8
embed.min.css
candlesouth.net/css/ Frame 3AEC 		1 KB
884 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://candlesouth.net/css/embed.min.css?v=0.5
Requested by
Host: candlesouth.net
URL: https://candlesouth.net/embed/4o8n25qm1duhfl?skin=1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.67.221.11 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
2c7cf941b4eb9254e850875107ded812b5cf2da9de46f85919561f2a73876257

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://candlesouth.net/embed/4o8n25qm1duhfl?skin=1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date
Fri, 01 Dec 2023 02:04:09 GMT
content-encoding
br
cf-cache-status
HIT
last-modified
Thu, 09 Jun 2022 09:49:16 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
age
78731
etag
W/"62a1c21c-4f0"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=LFtO3sfKf1iUyl2Dgw%2FoJYNs%2FaIa6W8HN84WPWOZPxPg9hsZ0y0TRsVxKbzTmOElzA3p30N3MnCnB9YM%2BB%2FkPa0OdgS5Fq75M8ExLdhsgHvOV6%2FcHSgYPU4aNkhGMIVWhdk%3D"}],"group":"cf-nel","max_age":604800}
content-type
text/css
cache-control
max-age=608400
cf-ray
82e7c1fc9e533609-FRA
alt-svc
h3=":443"; ma=86400
expires
Thu, 07 Dec 2023 05:11:58 GMT
jquery.min.js
candlesouth.net/js/ Frame 3AEC 		85 KB
31 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://candlesouth.net/js/jquery.min.js
Requested by
Host: candlesouth.net
URL: https://candlesouth.net/embed/4o8n25qm1duhfl?skin=1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.67.221.11 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
87083882cc6015984eb0411a99d3981817f5dc5c90ba24f0940420c5548d82de

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://candlesouth.net/embed/4o8n25qm1duhfl?skin=1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date
Fri, 01 Dec 2023 02:04:09 GMT
content-encoding
br
cf-cache-status
HIT
last-modified
Mon, 09 Nov 2020 18:05:02 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
age
151353
etag
W/"5fa984ce-15283"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=AaL7XWzysgkGma3NSpc6bX6Dnym%2FPwkdXEo8tC7Po%2B4BRkEcw9BNFnuT8p7CFiSjEsg4OculI6SJO%2BRQFbaO2fPf9s8f7MRlwjC9MZBezQrL6OT1FA90FhEw0Kq4ok%2Fo8Ug%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript
cache-control
max-age=608400
cf-ray
82e7c1fc9e553609-FRA
alt-svc
h3=":443"; ma=86400
expires
Wed, 06 Dec 2023 09:01:36 GMT
j79z9kzty.js
swarm.video/ Frame 3AEC 		532 KB
134 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://swarm.video/j79z9kzty.js?v=1.1
Requested by
Host: candlesouth.net
URL: https://candlesouth.net/embed/4o8n25qm1duhfl?skin=1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3031::6815:4a1b , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare / Express
Resource Hash
7c260f5e1dcb04331e9fb5ea2c0a5b82552133dd170d219384ec76afb1ec9b3d

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://candlesouth.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date
Fri, 01 Dec 2023 02:04:09 GMT
content-encoding
br
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
81104
cf-polished
origSize=545594
x-powered-by
Express
alt-svc
h3=":443"; ma=86400
cf-bgj
minify
last-modified
Mon, 10 Jul 2023 00:04:26 GMT
server
cloudflare
etag
W/"8533a-1893d1d213a"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=DC6EQ7BZwKFuDSSMbKfEkHJOaiPOIRJbn4BkVjwcerZ7t4adyd1tgC0xSgWIxAxl%2BLdgV5o6OvowVPOWdma%2FDFo%2BmUDzz5rIwPSVPXHzoOAYhgl5kf%2B7qvVX7FvjuMCwMOJEqoTz39CLuQ%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript; charset=UTF-8
cache-control
public, max-age=31536000
cf-ray
82e7c1fd3da9f128-CDG
clappr.min.js
cdn.jsdelivr.net/npm/clappr@latest/dist/ Frame 3AEC 		513 KB
139 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.jsdelivr.net/npm/clappr@latest/dist/clappr.min.js
Requested by
Host: candlesouth.net
URL: https://candlesouth.net/embed/4o8n25qm1duhfl?skin=1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6810:5514 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
db7ce4b1edd2c3701c3f2585f7cbd70857173195489a99703ab39de16fa45b6c
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://candlesouth.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date
Fri, 01 Dec 2023 02:04:09 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
age
38450
x-jsd-version
0.3.13
content-encoding
br
x-cache
HIT
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
x-served-by
cache-fra-eddf8230071-FRA
x-jsd-version-type
version
server
cloudflare
etag
W/"80319-k2KF+cjIWnSaHvjPxNXoS36ivIk"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=L12H6vfwl4yrYvmIGCV6dQwwXM7FkMimeewjdsAD61H2Hev46v0jyd1kCLLTPLel2CSNxp8WTZsCi81TeE%2F9%2FvhbtiC8jExjt7elRrAWDirnXuadA32224VnzOAqV5UStk3M5ztj3CH4JCmAOWE%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
access-control-expose-headers
*
cache-control
public, max-age=604800, s-maxage=43200
timing-allow-origin
*
cf-ray
82e7c1fc98ce3a94-FRA
/
widgets.amung.us/draw/ Frame 3AEC
Redirect Chain
  • https://whos.amung.us/cwidget/15ky356qz4/000000ffffff.png
  • https://widgets.amung.us/draw/?w=colored&n=17000&c=000000ffffff&p=left
1 KB
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://widgets.amung.us/draw/?w=colored&n=17000&c=000000ffffff&p=left
Requested by
Host: candlesouth.net
URL: https://candlesouth.net/embed/4o8n25qm1duhfl?skin=1
Protocol
H2
Server
2606:4700:10::ac43:88d , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
6863f744e7f53ec35d881a373c8077415101724cb5c037048e2438fbff57c918

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://candlesouth.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date
Fri, 01 Dec 2023 02:04:09 GMT
cf-cache-status
HIT
last-modified
Thu, 30 Nov 2023 17:52:05 GMT
server
cloudflare
age
29524
vary
Accept-Encoding
content-type
image/png
access-control-allow-origin
*
cache-control
max-age=2678400
content-disposition
filename=wau-widget.png
cf-ray
82e7c1fe1cda2c39-FRA
expires
Fri, 01 Dec 2023 17:52:05 GMT

Redirect headers

location
https://widgets.amung.us/draw/?w=colored&n=17000&c=000000ffffff&p=left
date
Fri, 01 Dec 2023 02:04:09 GMT
cache-control
max-age=295
cf-cache-status
DYNAMIC
server
cloudflare
cf-ray
82e7c1fc9b9b2c39-FRA
content-type
text/html; charset=UTF-8
script.js
awistats.com/js/ Frame 3AEC 		1 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://awistats.com/js/script.js
Requested by
Host: candlesouth.net
URL: https://candlesouth.net/embed/4o8n25qm1duhfl?skin=1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a06:98c1:3120::9 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
021f0fd27042b279a49e982215c6dc3c3ab84e95b35553a119dfdbd50af6be94
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://candlesouth.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date
Fri, 01 Dec 2023 02:04:09 GMT
content-encoding
br
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
1533
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
last-modified
Fri, 01 Dec 2023 01:38:36 GMT
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=06tQCVIC6r6jdww0xs%2BN%2BhOGnizNZSzi29BKL7tS2qL02V2iG4lvJQ5%2BuAdp3oxWu0Um8uKf71GS6G%2BzoQSII7b503Y%2FFiw%2BD%2B4lsZbhIGmxfibWqnd8zav%2Fw11rKaO9jA1xMucXQPUtB0g%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript
access-control-allow-origin
*
cache-control
public, max-age=86400, must-revalidate
cf-ray
82e7c1fd29c33801-FRA
deb.js
candlesouth.net/ Frame 3AEC 		25 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://candlesouth.net/deb.js
Requested by
Host: candlesouth.net
URL: https://candlesouth.net/embed/4o8n25qm1duhfl?skin=1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.67.221.11 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
00f55721ec6181d9c16cc365dfe2ca9aab2fb8008ffe22ded892085019fd33b5

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://candlesouth.net/embed/4o8n25qm1duhfl?skin=1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date
Fri, 01 Dec 2023 02:04:09 GMT
content-encoding
br
cf-cache-status
HIT
last-modified
Wed, 22 Feb 2023 13:57:38 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
age
117700
etag
W/"63f61f52-6450"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=cBIU4goyUfCDDXmKsBLmWaUTY2DFyRFlhn0v2d%2Ba8tO8K26hT9H1hCSpI74Xsld7vn0pAG%2BhrlkqtG0ILItlKPqUuL8SMyNmGeUOfkw6NIonXyWpIx0wO8i8VaWYhb8aBMg%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript
cache-control
max-age=608400
cf-ray
82e7c1fc9e563609-FRA
alt-svc
h3=":443"; ma=86400
expires
Wed, 06 Dec 2023 18:22:29 GMT
css
fonts.googleapis.com/ Frame 3AEC 		1 KB
817 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://fonts.googleapis.com/css?family=Lato:400,700
Requested by
Host: candlesouth.net
URL: https://candlesouth.net/css/embed.min.css?v=0.5
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:827::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
83bb47871b3895cd8f4bf5da67037710b6d9a9e1fab80d03b579cd83a448fe23
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://candlesouth.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
date
Fri, 01 Dec 2023 02:04:09 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection
0
last-modified
Fri, 01 Dec 2023 01:28:54 GMT
server
ESF
cross-origin-opener-policy
same-origin-allow-popups
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Fri, 01 Dec 2023 02:04:09 GMT
utils.js
mvujvxc.com/script/ Frame 3AEC 		169 KB
52 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://mvujvxc.com/script/utils.js
Requested by
Host: candlesouth.net
URL: https://candlesouth.net/embed/4o8n25qm1duhfl?skin=1
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:e2::ac40:8518 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
a813ed10d3ee16f528fbd98defdfb629e6f098d897137b95c887650041ccf67f

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://candlesouth.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date
Fri, 01 Dec 2023 02:04:09 GMT
content-encoding
br
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
245
x-guploader-uploadid
ABPtcPq5UZFyMHhlsSIBOsI7lA4qEVjOr1AmfKSjLoy0Jy6moB95Ng8gVYMD0oCtVoKW6qguY5NlHxhjE3gmXiy_ZyfDEKgbDbiV
x-goog-storage-class
MULTI_REGIONAL
x-goog-metageneration
2
x-goog-stored-content-encoding
identity
alt-svc
h3=":443"; ma=86400
last-modified
Mon, 27 Nov 2023 09:43:35 GMT
server
cloudflare
etag
W/"5f094b8a3032f9b5b156ee0fc869b69c"
vary
Accept-Encoding
x-goog-hash
crc32c=qHOSqg==, md5=XwlLijAy+bWxVu4PyGm2nA==
x-goog-generation
1701078215031777
content-type
text/javascript
access-control-allow-origin
*
access-control-expose-headers
Content-Length, Date, Server, Transfer-Encoding, X-GUploader-UploadID, X-Google-Trace
cache-control
public, max-age=14400
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=%2BALFqvnBO668SRcZdlXqd3VeNMMSuneScoP0%2FTmQaTZXQz7oo%2BYy%2BVxGoLMs5qWlWdVanZ10B6bYWnuZ%2BXSGlgOTkbhC1XyNr1DXyT%2Bzxrxp2bRdlHRLZF0pgoVGYbXh%2BoiA2XtGVpocNQ%3D%3D"}],"group":"cf-nel","max_age":604800}
x-goog-stored-content-length
172787
cf-ray
82e7c1fe39e4669e-AMS
expires
Fri, 01 Dec 2023 02:43:42 GMT
event
awistats.com/api/ Frame 3AEC 		2 B
520 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://awistats.com/api/event
Requested by
Host: awistats.com
URL: https://awistats.com/js/script.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a06:98c1:3120::9 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
2689367b205c16ce32ed4200942b8b8b1e262dfc70d9bc9fbc77c49699a4f1df

Request headers

Referer
https://candlesouth.net/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36
Content-Type
text/plain

Response headers

date
Fri, 01 Dec 2023 02:04:09 GMT
cf-cache-status
DYNAMIC
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=L7WRHEpghhsoNkLmk4vhMCmxU3zJJ78ntMBNNXGP2%2FA9wMLuUwJkvvZnPWSx2ZfK%2FDHK7nkHNEcUchetwrdundXnRlaNz1L15C99tNmCMfBM6MxpCga8FX8x1L%2B2H9SQhpwqBMSH8R7p73A%3D"}],"group":"cf-nel","max_age":604800}
content-type
text/plain; charset=utf-8
access-control-allow-origin
*
access-control-expose-headers
cache-control
max-age=0, private, must-revalidate
access-control-allow-credentials
true
cf-ray
82e7c1feaa8e0a65-AMS
alt-svc
h3=":443"; ma=86400
content-length
2
x-request-id
F5yS39wvTfJvs8pAGW8B
controls2.png
candlesouth.net/players/ Frame 3AEC 		15 KB
15 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://candlesouth.net/players/controls2.png
Requested by
Host: candlesouth.net
URL: https://candlesouth.net/embed/4o8n25qm1duhfl?skin=1
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.67.221.11 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
d2f81b0353240fd7a6efa655c0a07818afa1ac98e91a3c2471b8a07fc3005d02

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://candlesouth.net/embed/4o8n25qm1duhfl?skin=1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date
Fri, 01 Dec 2023 02:04:09 GMT
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
257072
alt-svc
h3=":443"; ma=86400
content-length
15040
last-modified
Wed, 27 Apr 2022 17:44:39 GMT
server
cloudflare
etag
"62698107-3ac0"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=s5nrSY2xZdrbIbFNtmfUVqSlQCcsPnuRLCynfKe58Nj2v%2BtTpluP1p6lDy7IPXbGpOIVF5vbcVu7RvJunvG7Cy7C1kfFE69epNGEqe8Z3pG%2B8wJ7wQuCRIodfUWjY7PW9Eg%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/png
cache-control
max-age=608400
accept-ranges
bytes
cf-ray
82e7c1fe697a3c83-CDG
expires
Tue, 05 Dec 2023 03:39:37 GMT
4o8n25qm1duhfl.m3u8
ttdpqkjsy3j7vsxp.cdnministry.net/hls/ Frame 3AEC 		936 B
1 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://ttdpqkjsy3j7vsxp.cdnministry.net:8443/hls/4o8n25qm1duhfl.m3u8?s=on5kUtid7_M6hZHiZvSsDg&e=1701417848
Requested by
Host: swarm.video
URL: https://swarm.video/j79z9kzty.js?v=1.1
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
62.182.80.93 Kyiv, Ukraine, ASN30860 (YURTEH-AS, UA),
Reverse DNS
hosted-by.specialservers
Software
nginx/1.24.0 /
Resource Hash
e0a7180d22ec292954e6aa19b17f8cacbf2bbe33f1d5aeef899d7b2b7b84f18b

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://candlesouth.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

Date
Fri, 01 Dec 2023 02:04:02 GMT
Last-Modified
Fri, 01 Dec 2023 02:04:00 GMT
Server
nginx/1.24.0
ETag
"65693f10-3a8"
Content-Type
application/vnd.apple.mpegurl
Access-Control-Allow-Origin
*
Access-Control-Expose-Headers
Content-Length,Content-Range
Cache-Control
no-cache
Connection
keep-alive
Accept-Ranges
bytes
Access-Control-Allow-Headers
Range
Content-Length
936
ut.js
mvujvxc.com/script/ Frame 3AEC 		80 KB
29 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://mvujvxc.com/script/ut.js?cb=1701396249465
Requested by
Host: mvujvxc.com
URL: https://mvujvxc.com/script/utils.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:e2::ac40:8518 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
9720389cce25ec1cab24bdd9f5cf52654dbe8f80335d66b59655bc30c46760cc

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://candlesouth.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date
Fri, 01 Dec 2023 02:04:09 GMT
content-encoding
br
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
243
x-guploader-uploadid
ABPtcPpRPipJ_BvHsORa1U0lKVAUQCkm2pKPsc--FQWO5Ug4XLFzey0mKW3qU9IuWc_Wg_7YqJHd0aD3SlJ0d93UXQpfWW_bWaT2
x-goog-storage-class
MULTI_REGIONAL
x-goog-metageneration
2
x-goog-stored-content-encoding
identity
alt-svc
h3=":443"; ma=86400
last-modified
Mon, 27 Nov 2023 09:43:21 GMT
server
cloudflare
etag
W/"8524ed50555070834018d14c28e292e5"
vary
Accept-Encoding
x-goog-hash
crc32c=GKpGKQ==, md5=hSTtUFVQcINAGNFMKOKS5Q==
x-goog-generation
1701078201797678
content-type
text/javascript
access-control-allow-origin
*
cache-control
public, max-age=14400
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=GSfA6Zw5z%2F4X7YDM9k%2Bvh%2BUNHrCswmz6YUIdFOEjAJz4VIDh6nVKnXJIHAPo6DeB%2FTn0F2up3gqDJJJ2jVQDJ0xhShDSsmWeHa3abI4g3aWVMOx5DShbCIcRbRYQ9x2PMGlcExNCqi22tA%3D%3D"}],"group":"cf-nel","max_age":604800}
x-goog-stored-content-length
82099
cf-ray
82e7c1ff4a8c669e-AMS
expires
Fri, 01 Dec 2023 02:49:48 GMT
suv5.js
mvujvxc.com/script/ Frame 3AEC 		95 KB
32 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://mvujvxc.com/script/suv5.js
Requested by
Host: mvujvxc.com
URL: https://mvujvxc.com/script/utils.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:e2::ac40:8518 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
219c3739b8028f93404314f6f990bd95f2b58ff3650b1058e38581cb75fbccb2

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://candlesouth.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date
Fri, 01 Dec 2023 02:04:09 GMT
content-encoding
br
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
242
x-guploader-uploadid
ABPtcPp34RiZzGsrBx4D7WZTwfHcZp55-FiQqDdhM3LUWh87C1Et9xuiEL3JXag8qZcuhNoWYp5jLYNUBdB4m-Rw0U0dtubJ6ryT
x-goog-storage-class
MULTI_REGIONAL
x-goog-metageneration
2
x-goog-stored-content-encoding
identity
alt-svc
h3=":443"; ma=86400
last-modified
Mon, 27 Nov 2023 09:42:24 GMT
server
cloudflare
etag
W/"b0ef17dd4d9e449598f5e6f724b17761"
vary
Accept-Encoding
x-goog-hash
crc32c=RNemrA==, md5=sO8X3U2eRJWY9eb3JLF3YQ==
x-goog-generation
1701078144239592
content-type
text/javascript
access-control-allow-origin
*
access-control-expose-headers
Content-Length, Date, Server, Transfer-Encoding, X-GUploader-UploadID, X-Google-Trace
cache-control
public, max-age=14400
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=D0lS1z4FHemQhHb68whYS2Qy95iU3PG6%2FF6ttL2ZVX85xrVXmGfL0IApgsUjQKst4lvPCPL8VFDWnN8AzWn6Yo6HaZPTxXKPZdlimUOzZwDr8y%2BY12hTX6tCIa0u4XZDhZoGxYHXH4Hpkw%3D%3D"}],"group":"cf-nel","max_age":604800}
x-goog-stored-content-length
97361
cf-ray
82e7c1ff4a8d669e-AMS
expires
Fri, 01 Dec 2023 02:17:11 GMT
suurl5.php
youradexchange.com/script/ Frame 3AEC 		1 B
310 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://youradexchange.com/script/suurl5.php?r=7108866&cbur=0.994570764374006&cbiframe=1&cbWidth=1037&cbHeight=583&cbtitle=&cbpage=https%3A%2F%2Fliveon.sx%2F&cbref=&cbdescription=&cbkeywords=&cbcdn=mvujvxc.com&ts=1701396249522&srs=7cf76779f791d34fcf8859785cd3f6f6&atv=38.3-sw-adbl-suv5&abtg=1
Requested by
Host: mvujvxc.com
URL: https://mvujvxc.com/script/suv5.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:e4::ac40:aa13 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
01ba4719c80b6fe911b091a7c05124b64eeece964e09c058ef8f9805daca546b

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://candlesouth.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date
Fri, 01 Dec 2023 02:04:09 GMT
via
1.1 google
cf-cache-status
DYNAMIC
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=gPiEO2RPmQUVCAEA86GMgR5vH5bFQBXLRSQAdOAYqDwgN136OCN994xuZg6Vw1GjkugE%2FD8YE5vhbR4tcOYaY%2FO2PIbA0SzQf86nRh2nGjrw9%2Fep02LKBOUu8nOtArQq6Z%2BCC3iIvmSkHwgyHU0YOno%3D"}],"group":"cf-nel","max_age":604800}
access-control-allow-methods
GET, POST, OPTIONS
access-control-allow-origin
*
content-type
text/html; charset=utf-8
cf-ray
82e7c1ff9b8d1c89-AMS
access-control-allow-headers
Content-Type
alt-svc
h3=":443"; ma=86400
rum
r.nizarstream.xyz/cdn-cgi/ 		0
378 B 		XHR
General
Check archive.org
Download Go to
Full URL
http://r.nizarstream.xyz/cdn-cgi/rum?
Requested by
Host: static.cloudflareinsights.com
URL: https://static.cloudflareinsights.com/beacon.min.js/v84a3a4012de94ce1a686ba8c167c359c1696973893317
Protocol
HTTP/1.1
Server
2606:4700:3031::6815:544e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options DENY

Request headers

Referer
http://r.nizarstream.xyz/nba/stream/3447
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36
content-type
application/json

Response headers

Date
Fri, 01 Dec 2023 02:04:09 GMT
X-Content-Type-Options
nosniff
Server
cloudflare
vary
Origin
access-control-max-age
86400
access-control-allow-methods
POST,OPTIONS
access-control-allow-origin
http://r.nizarstream.xyz
X-Frame-Options
DENY
access-control-allow-credentials
true
Connection
keep-alive
CF-RAY
82e7c1ffd8936633-AMS
4o8n25qm1duhfl.m3u8
ttdpqkjsy3j7vsxp.cdnministry.net/hls/ Frame 3AEC 		936 B
1 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://ttdpqkjsy3j7vsxp.cdnministry.net:8443/hls/4o8n25qm1duhfl.m3u8?s=on5kUtid7_M6hZHiZvSsDg&e=1701417848
Requested by
Host: swarm.video
URL: https://swarm.video/j79z9kzty.js?v=1.1
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
62.182.80.93 Kyiv, Ukraine, ASN30860 (YURTEH-AS, UA),
Reverse DNS
hosted-by.specialservers
Software
nginx/1.24.0 /
Resource Hash
e0a7180d22ec292954e6aa19b17f8cacbf2bbe33f1d5aeef899d7b2b7b84f18b

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://candlesouth.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

Date
Fri, 01 Dec 2023 02:04:02 GMT
Last-Modified
Fri, 01 Dec 2023 02:04:00 GMT
Server
nginx/1.24.0
ETag
"65693f10-3a8"
Content-Type
application/vnd.apple.mpegurl
Access-Control-Allow-Origin
*
Access-Control-Expose-Headers
Content-Length,Content-Range
Cache-Control
no-cache
Connection
keep-alive
Accept-Ranges
bytes
Access-Control-Allow-Headers
Range
Content-Length
936
4o8n25qm1duhfl-959100030.ts
ttdpqkjsy3j7vsxp.cdnministry.net/hls/ Frame 3AEC 		396 KB
396 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://ttdpqkjsy3j7vsxp.cdnministry.net:8443/hls/4o8n25qm1duhfl-959100030.ts
Requested by
Host: swarm.video
URL: https://swarm.video/j79z9kzty.js?v=1.1
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
62.182.80.93 Kyiv, Ukraine, ASN30860 (YURTEH-AS, UA),
Reverse DNS
hosted-by.specialservers
Software
nginx/1.24.0 /
Resource Hash
bab2b3b7ca04a6ba31d215b6fac9d9133b47ef833c617f45b187b87ac514deb4

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://candlesouth.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

Date
Fri, 01 Dec 2023 02:04:02 GMT
Last-Modified
Fri, 01 Dec 2023 02:03:04 GMT
Server
nginx/1.24.0
ETag
"65693ed8-6300c"
Content-Type
video/mp2t
Access-Control-Allow-Origin
*
Access-Control-Expose-Headers
Content-Length,Content-Range
Cache-Control
no-cache
Connection
keep-alive
Accept-Ranges
bytes
Access-Control-Allow-Headers
Range
Content-Length
405516
4o8n25qm1duhfl-959400000.ts
ttdpqkjsy3j7vsxp.cdnministry.net/hls/ Frame 3AEC 		473 KB
474 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://ttdpqkjsy3j7vsxp.cdnministry.net:8443/hls/4o8n25qm1duhfl-959400000.ts
Requested by
Host: swarm.video
URL: https://swarm.video/j79z9kzty.js?v=1.1
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
62.182.80.93 Kyiv, Ukraine, ASN30860 (YURTEH-AS, UA),
Reverse DNS
hosted-by.specialservers
Software
nginx/1.24.0 /
Resource Hash
e22bb3779a521e1382acf760298d5b0033feab531a7e20541d351ea29f806d3b

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://candlesouth.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

Date
Fri, 01 Dec 2023 02:04:02 GMT
Last-Modified
Fri, 01 Dec 2023 02:03:06 GMT
Server
nginx/1.24.0
ETag
"65693eda-76538"
Content-Type
video/mp2t
Access-Control-Allow-Origin
*
Access-Control-Expose-Headers
Content-Length,Content-Range
Cache-Control
no-cache
Connection
keep-alive
Accept-Ranges
bytes
Access-Control-Allow-Headers
Range
Content-Length
484664
cad628c7-24fa-486d-a15f-63d3182a9d06
https://candlesouth.net/ Frame 3AEC 		61 KB
0 		Other
General
Check archive.org
Download Go to
Full URL
blob:https://candlesouth.net/cad628c7-24fa-486d-a15f-63d3182a9d06
Protocol
BLOB
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
f3df85209b2b1ac67299be46d247e8cc6c7fc42d0b153c00b557f76c2b32a8cc

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

Content-Length
62280
Content-Type
text/javascript
controls3.png
candlesouth.net/players/ Frame 3AEC 		5 KB
6 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://candlesouth.net/players/controls3.png
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.67.221.11 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
4a98caefaf84fc9446c03a2e5f04a48117aea9fa8a6972b41c30a700d95a8977

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://candlesouth.net/embed/4o8n25qm1duhfl?skin=1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date
Fri, 01 Dec 2023 02:04:09 GMT
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
135431
alt-svc
h3=":443"; ma=86400
content-length
5398
last-modified
Mon, 23 May 2022 09:11:48 GMT
server
cloudflare
etag
"628b4fd4-1516"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=ma2Y8%2F7t4ZGUsWb%2BsPY5AJhmZXwwWiSwow0R8BtXYdDpAamVA6kqCWD64rzVgiuPZlXKE3OBHusmQISDFDxtU45V4cN2VdUh5QOjT%2FUf0FeCS6zBX9rGZeRUIhJ3FMPom2I%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/png
cache-control
max-age=608400
accept-ranges
bytes
cf-ray
82e7c200aa8e3c83-CDG
expires
Wed, 06 Dec 2023 13:26:58 GMT
a
www.googletagmanager.com/ 		0
11 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.googletagmanager.com/a?id=UA-176080661-1&v=3&t=t&pid=206635164&cv=1&rv=3bt0&tc=2&es=1&e=gtm.load&eid=10&u=Ag&h=Ag&z=0
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82f::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
http://r.nizarstream.xyz/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date
Fri, 01 Dec 2023 02:04:10 GMT
server
Google Tag Manager
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
content-type
text/html
4o8n25qm1duhfl.m3u8
ttdpqkjsy3j7vsxp.cdnministry.net/hls/ Frame 3AEC 		936 B
1 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://ttdpqkjsy3j7vsxp.cdnministry.net:8443/hls/4o8n25qm1duhfl.m3u8?s=on5kUtid7_M6hZHiZvSsDg&e=1701417848
Requested by
Host: swarm.video
URL: https://swarm.video/j79z9kzty.js?v=1.1
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
62.182.80.93 Kyiv, Ukraine, ASN30860 (YURTEH-AS, UA),
Reverse DNS
hosted-by.specialservers
Software
nginx/1.24.0 /
Resource Hash
b9e761c82861ca809aa17561f67e9b33b0b236826da43c5bf99e329f15434d1f

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://candlesouth.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

Date
Fri, 01 Dec 2023 02:04:04 GMT
Last-Modified
Fri, 01 Dec 2023 02:04:03 GMT
Server
nginx/1.24.0
ETag
"65693f13-3a8"
Content-Type
application/vnd.apple.mpegurl
Access-Control-Allow-Origin
*
Access-Control-Expose-Headers
Content-Length,Content-Range
Cache-Control
no-cache
Connection
keep-alive
Accept-Ranges
bytes
Access-Control-Allow-Headers
Range
Content-Length
936
4o8n25qm1duhfl.m3u8
ttdpqkjsy3j7vsxp.cdnministry.net/hls/ Frame 3AEC 		936 B
1 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://ttdpqkjsy3j7vsxp.cdnministry.net:8443/hls/4o8n25qm1duhfl.m3u8?s=on5kUtid7_M6hZHiZvSsDg&e=1701417848
Requested by
Host: swarm.video
URL: https://swarm.video/j79z9kzty.js?v=1.1
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
62.182.80.93 Kyiv, Ukraine, ASN30860 (YURTEH-AS, UA),
Reverse DNS
hosted-by.specialservers
Software
nginx/1.24.0 /
Resource Hash
b9e761c82861ca809aa17561f67e9b33b0b236826da43c5bf99e329f15434d1f

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://candlesouth.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

Date
Fri, 01 Dec 2023 02:04:05 GMT
Last-Modified
Fri, 01 Dec 2023 02:04:03 GMT
Server
nginx/1.24.0
ETag
"65693f13-3a8"
Content-Type
application/vnd.apple.mpegurl
Access-Control-Allow-Origin
*
Access-Control-Expose-Headers
Content-Length,Content-Range
Cache-Control
no-cache
Connection
keep-alive
Accept-Ranges
bytes
Access-Control-Allow-Headers
Range
Content-Length
936
collect
region1.google-analytics.com/g/ 		0
54 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://region1.google-analytics.com/g/collect?v=2&tid=G-L8FZ1M8TLB&gtm=45je3bt0v869163772&_p=1701396247138&gcd=11l1l1l1l1&dma_cps=sypham&dma=1&cid=2028540869.1701396247&ul=en-us&sr=1600x1200&_eu=AEAI&_s=2&sid=1701396247&sct=1&seg=0&dl=http%3A%2F%2Fr.nizarstream.xyz%2Fnba%2Fstream%2F3447&dt=Nizar%20Stream&en=scroll&epn.percent_scrolled=90&_et=4&tfd=5586
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-L8FZ1M8TLB&l=dataLayer&cx=c
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2001:4860:4802:32::36 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
http://r.nizarstream.xyz/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 01 Dec 2023 02:04:12 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
http://r.nizarstream.xyz
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Verdicts & Comments Add Verdict or Comment

46 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| 0 function| $ function| jQuery function| Zepto object| Clappr function| LevelSelector function| ChromecastPlugin function| gtag object| dataLayer object| _wau number| LAST_CORRECT_EVENT_TIME object| utr_999221 number| userTrackingInterval number| _1818272276 object| WAU_ren function| WAU_small function| WAU_small_request function| WAU_r_s function| WAU_insert function| WAU_legacy_b function| WAU_la function| WAU_addCommas function| WAU_lrd function| WAU_lrs function| WAU_cps function| docReady object| __cfBeacon object| google_tag_manager object| google_tag_data string| GoogleAnalyticsObject function| ga object| zfgstorage object| i1fvvceeux8 object| zfgformats function| onClickTrigger boolean| zfgloadedpopup function| onYouTubeIframeAPIReady object| gaGlobal object| x string| x1 string| x2 number| iinf object| gaplugins object| gaData boolean| zfgonclickfirst object| syncCallbacks

12 Cookies

Domain/Path Name / Value
.nizarstream.xyz/ Name: _ga_L8FZ1M8TLB
Value: GS1.1.1701396247.1.0.1701396247.0.0.0
pogothere.xyz/ Name: csu
Value: 524757989717808@1@1701396247
.nizarstream.xyz/ Name: _ga
Value: GA1.2.2028540869.1701396247
.nizarstream.xyz/ Name: _gid
Value: GA1.2.455296452.1701396248
.nizarstream.xyz/ Name: _gat_gtag_UA_176080661_1
Value: 1
phaipaun.net/ Name: OAID
Value: dd0b9a775dd04b23b16289082dbc22d8
phaipaun.net/ Name: oaidts
Value: 1701396247
my.rtmark.net/ Name: ID
Value: dd0b9a775dd04b23b16289082dbc22d8
r.nizarstream.xyz/ Name: prefetchAd_6522317
Value: true
candlesouth.net/ Name: hf1
Value: 1
qwy.qzqqnknavzjb.top/ Name: GL_UI4
Value: eJw9jVtOwzAURPNOgSYwUhbAEhKlpfgTsQg%2BIz9uU9PErhyTiN1jIcHXHI3OaKIoSppHxGuRI%2F3iRzwzxc5StO2p74m9ikNLrBenXh6IM%2FbCjrjTy%2BC5mMhn2C0zd37wa4b9SIacloO0iio8BeuvuRq7mQy5cNyoCvkcjKlCKZzdFnJNiszwmVC8X5wNmc%2F80zqkXccCaxM4bpHYpUnre5Qf2qgwrPdIurauiwgPt4n7s3XzoFURIx8dV4T4DTvJPY3WfaNUtFy9vQF2UsO%2F%2F%2Fubbl2LQtGqZTi3%2FkLuBydKTkY%3D
qwy.qzqqnknavzjb.top/ Name: GL_GI10
Value: eJwVxEEKgzAQBdDMLCKFKnzqOQIJiu6rdOEp1IbiwiSMonj7tov3lFJc3sFLQuFsY6ytjLOtcTXoA%2B568ByQvbysY7hAkoMl5KD5Z4Ee%2FHX6CRw23J5RUpRx96CkCbzH%2F9u7VKBDP75P1BW8

7 Console Messages

Source Level URL
Text
network error URL: https://nizarstream.xyz/nova/js/jquery.min.js
Message:
Failed to load resource: the server responded with a status of 404 ()
network error URL: https://accounts.google.com/v3/signin/identifier?continue=https%3A%2F%2Fwww.google.com%2Ffavicon.ico&hl=en&ifkv=ASKXGp1AoF7W_ZlS9577DBBGCfsPfIjbcLPCg5KPwX4X2-ni5WdrYSt8IHpb7MSt0N5YfsFQuc1-XQ&passive=true&service=mail&uilel=3&flowName=GlifWebSignIn&flowEntry=ServiceLogin&dsh=S-50120239%3A1701396247417862&theme=glif
Message:
Failed to load resource: the server responded with a status of 403 ()
network error URL: https://accounts.google.com/v3/signin/identifier?continue=https%3A%2F%2Fwww.youtube.com%2Ffavicon.ico&hl=en&ifkv=ASKXGp0eXb02xGyeQV7yK75A_mdJOaiKCj48U9kP3M8hHIr-b3ghsyIB8lue02H468LxJc2uMqDGSw&passive=true&service=youtube&uilel=3&flowName=GlifWebSignIn&flowEntry=ServiceLogin&dsh=S1392950988%3A1701396247469343&theme=glif
Message:
Failed to load resource: the server responded with a status of 403 ()
security warning URL: https://liveon.sx/ch38
Message:
Mixed Content: The page at 'https://liveon.sx/ch38' was loaded over HTTPS, but requested an insecure element 'http://whos.amung.us/cwidget/livesport/000000ffffff.png'. This request was automatically upgraded to HTTPS, For more information see https://blog.chromium.org/2019/10/no-more-mixed-messages-about-https.html
network error URL: https://sodainquired.com/b5/d5/e2/b5d5e2cbaa884029b13637009b94e342.js
Message:
Failed to load resource: the server responded with a status of 403 (Forbidden)
security warning URL: https://liveon.sx/ch38(Line 41)
Message:
Mixed Content: The page at 'https://liveon.sx/ch38' was loaded over HTTPS, but requested an insecure element 'http://whos.amung.us/cwidget/livesport/000000ffffff.png'. This request was automatically upgraded to HTTPS, For more information see https://blog.chromium.org/2019/10/no-more-mixed-messages-about-https.html
rendering warning URL: https://candlesouth.net/embed/4o8n25qm1duhfl?skin=1(Line 5)
Message:
Error parsing a meta element's content: ';' is not a valid key-value pair separator. Please use ',' instead.

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

accounts.google.com
ajax.googleapis.com
anattospursier.com
arvigorothan.com
awistats.com
candlesouth.net
cdn.jsdelivr.net
d7tst6bnt99p2.cloudfront.net
dthechildren.org
fonts.googleapis.com
liveon.sx
maxcdn.bootstrapcdn.com
minningespeire.com
mvujvxc.com
my.rtmark.net
nizarstream.xyz
phaipaun.net
pogothere.xyz
ptugnoaw.net
qwy.qzqqnknavzjb.top
r.nizarstream.xyz
region1.google-analytics.com
s10.histats.com
s4.histats.com
sodainquired.com
static.cloudflareinsights.com
swarm.video
tontrinevengre.com
ttdpqkjsy3j7vsxp.cdnministry.net
waust.at
whos.amung.us
widgets.amung.us
www.facebook.com
www.google-analytics.com
www.googletagmanager.com
youradexchange.com
139.45.195.8
139.45.197.245
158.69.254.144
172.67.216.145
172.67.221.11
173.233.139.164
18.245.60.13
18.245.60.20
188.114.96.3
2001:4860:4802:32::36
23.109.248.2
23.109.82.104
23.109.87.211
2600:9000:206f:be00:1d:c6b0:9580:21
2606:4700:10::6814:5063
2606:4700:10::ac43:88d
2606:4700:20::ac43:4739
2606:4700:3030::6815:1e22
2606:4700:3030::ac43:bca8
2606:4700:3031::6815:4a1b
2606:4700:3031::6815:544e
2606:4700::6810:3865
2606:4700::6810:5514
2606:4700::6812:bcf
2606:4700:e2::ac40:8518
2606:4700:e4::ac40:aa13
2a00:1450:4001:802::200e
2a00:1450:4001:827::200a
2a00:1450:4001:827::200d
2a00:1450:4001:82f::2008
2a00:1450:4001:82f::200a
2a03:2880:f173:81:face:b00c:0:25de
2a06:98c1:3120::9
2a06:98c1:3121::3
62.182.80.93
00f55721ec6181d9c16cc365dfe2ca9aab2fb8008ffe22ded892085019fd33b5
01638bfd4d292a2881b20392c38649180a0a1cb91f97f9c1c7d93dda684fe4ad
01ba4719c80b6fe911b091a7c05124b64eeece964e09c058ef8f9805daca546b
021f0fd27042b279a49e982215c6dc3c3ab84e95b35553a119dfdbd50af6be94
02be677cbb8e2c302ce4d5fedb6d033cdf85e7c7bda806dd6e742acb9ba9440b
03600d03ebad47a64a4a7723b5c740c05ff75dbb7a93118b943c0e77a066ed78
04449e1576487f054de0317aaf2ab7023393a1c4f14b9a90812d169285eec9fe
12879640eb8ddd73bae98ebc73bba433b1d91edcda54c565903dff5886061a9d
143bf72ea27d96ca650a6db4c437d5546cde0828a74a0ad1364fad5b8810966a
160a426ff2894252cd7cebbdd6d6b7da8fcd319c65b70468f10b6690c45d02ef
1e7e258b1d70704a67ece4e6e75daf2be5a0e6f84888d9f123e6193f45c3c39d
2052a227c361a7e99ea70f5bdcf54cd9e6c6b493dd4d20b73b376d94ce0dc0d1
21741f4c3c1cc76603f88a6a05de3686be778084ef201b52c4d27839afed55e2
219c3739b8028f93404314f6f990bd95f2b58ff3650b1058e38581cb75fbccb2
220af9c43c5e9f4157f218b860e4dc567a5d5c906d73deea0d0058292f0f27f5
23a715a6d8a35921f8c02eab19a93b6c9c42271ecfccbde0005476959e2edff9
254dbf53e4176b2cdba75f3542553fb9362e4dbb526ac055b82a04da9bbeb6b7
2689367b205c16ce32ed4200942b8b8b1e262dfc70d9bc9fbc77c49699a4f1df
28160a19cfb42195ee308b0882331c39b8ae115eba06ecd2fa4a5d726fdd4d57
2c7cf941b4eb9254e850875107ded812b5cf2da9de46f85919561f2a73876257
2defe59e357a7d0683c8283ac42841db404a0884cae2eaecebf4b676e559dede
37b98c3868451a3523a6f2a2ff240159431ce81bc8a1ab3ae3099ae7f4024b97
4a98caefaf84fc9446c03a2e5f04a48117aea9fa8a6972b41c30a700d95a8977
4cf877fea21245f7ede988e65032ff8f3094b9d3b341c826df407c6bcc0f88ba
52523bd8a2f98ebb6249d4e2708710c002628623208d8832fdbeaf15f3c646ef
53964478a7c634e8dad34ecc303dd8048d00dce4993906de1bacf67f663486ef
57ec51043bd730b87d5df9aeb3e20ddb4935f76934b408959bcb3b6f7882f948
5f7ddb3861270b813fdc09a8dced6496d7bd936c56b27a6ff0060c9010b6f7c2
5f9b8b3135a99cf299f7ac983a1ecb22c5dbf20e61fa34b18e0769da089934a4
6153d13804862b0fc1c016cf1129f34cb7c6185f2cf4bf1a3a862eecdab50101
6863f744e7f53ec35d881a373c8077415101724cb5c037048e2438fbff57c918
6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b
74c1971a5c7f3f1cfb81b7a0a8717cee5a45841844104566e00bbfca271943ce
75d388ed7f0a7a80c6a25b3f88f7944d63630b5e630744ef5757e698503ee854
7c260f5e1dcb04331e9fb5ea2c0a5b82552133dd170d219384ec76afb1ec9b3d
811f78e0b28b4b57bedb4d3b640e889b0e40207f8ce899e6613e7d9861b461be
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
83bb47871b3895cd8f4bf5da67037710b6d9a9e1fab80d03b579cd83a448fe23
87083882cc6015984eb0411a99d3981817f5dc5c90ba24f0940420c5548d82de
8a7677cab0ad76f48f6de8e68dc6c2f9ede39df22694a3b7a9beef3c437140f9
9720389cce25ec1cab24bdd9f5cf52654dbe8f80335d66b59655bc30c46760cc
a7fce36a4557fcda1d3496bc233cbd47934231b00ce6dc2f7660dcd3765cdece
a813ed10d3ee16f528fbd98defdfb629e6f098d897137b95c887650041ccf67f
b9e761c82861ca809aa17561f67e9b33b0b236826da43c5bf99e329f15434d1f
bab2b3b7ca04a6ba31d215b6fac9d9133b47ef833c617f45b187b87ac514deb4
cbcf0e85e906f9e8caf296fc6fd0cb8fcfb69b31e9ac570d63bd837fcf743f6f
d2f81b0353240fd7a6efa655c0a07818afa1ac98e91a3c2471b8a07fc3005d02
d492b1de7fab065eb2fccdffe6c369df61414abf71690493856e232447ec0bb2
d866b53b42cab9ab12eab829552d60ebfedb10489b7385d78c5da9a50272c749
db7ce4b1edd2c3701c3f2585f7cbd70857173195489a99703ab39de16fa45b6c
de36e50194320a7d3ef1ace9bd34a875a8bd458b253c061979dd628e9bf49afd
e0a7180d22ec292954e6aa19b17f8cacbf2bbe33f1d5aeef899d7b2b7b84f18b
e22bb3779a521e1382acf760298d5b0033feab531a7e20541d351ea29f806d3b
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
f01c8ad2fcb517d9bc54da8f3b72c3e7005e1eb5618d36cfb19a405b2cbd0df4
f3ad99e29e50da40a009995644e1e81c7be9ac78b897c78a4baf9a68ccdc3fb7
f3df85209b2b1ac67299be46d247e8cc6c7fc42d0b153c00b557f76c2b32a8cc
f627ca4c2c322f15db26152df306bd4f983f0146409b81a4341b9b340c365a16
f6d82f567d08ec91a1b6ef0d4abf21be7a2d3dbc0a41c122584ea3536755b3ac
f75e846cc83bd11432f4b1e21a45f31bc85283d11d372f7b19accd1bf6a2635c