urlscan.io logo urlscan.io
SecurityTrails logo

nizarstream.com Open in urlscan Pro
185.113.8.204  Public Scan

Go To Rescan Add Verdict Report
URL: https://nizarstream.com/
Submission: On July 02 via api from US — Scanned from NL
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 18 IPs in 5 countries across 15 domains to perform 38 HTTP transactions. The main IP is 185.113.8.204, located in Almere Stad, Netherlands and belongs to ALEXHOST, MD. The main domain is nizarstream.com.
TLS certificate: Issued by R3 on May 16th 2024. Valid for: 3 months.
This is the only time nizarstream.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
10 185.113.8.204 200019 (ALEXHOST)
1 2a00:1450:400... 15169 (GOOGLE)
3 2a00:1450:400... 15169 (GOOGLE)
2 104.17.24.14 13335 (CLOUDFLAR...)
1 2a04:4e42::649 54113 (FASTLY)
1 104.18.11.207 13335 (CLOUDFLAR...)
2 192.243.59.12 39572 (ADVANCEDH...)
1 172.67.71.57 13335 (CLOUDFLAR...)
1 2a00:1450:400... 15169 (GOOGLE)
5 142.250.185.162 15169 (GOOGLE)
3 139.45.197.244 9002 (RETN-AS)
1 172.67.8.141 13335 (CLOUDFLAR...)
1 139.45.195.8 9002 (RETN-AS)
1 172.67.193.52 13335 (CLOUDFLAR...)
1 139.45.195.254 9002 (RETN-AS)
2 2a00:1450:400... 15169 (GOOGLE)
1 172.64.152.106 13335 (CLOUDFLAR...)
38 18
10    185.113.8.204 (Almere Stad, Netherlands)

ASN200019 (ALEXHOST, MD)
PTR: nizarstream.com
nizarstream.com
1    2a00:1450:4001:81c::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
pagead2.googlesyndication.com
3    2a00:1450:4001:828::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
fonts.googleapis.com
2    104.17.24.14 (None, )

ASN13335 (CLOUDFLARENET, US)
cdnjs.cloudflare.com
1    2a04:4e42::649 (United States)

ASN54113 (FASTLY, US)
code.jquery.com
1    104.18.11.207 (None, )

ASN13335 (CLOUDFLARENET, US)
maxcdn.bootstrapcdn.com
2    192.243.59.12 (Ashburn, United States)

ASN39572 (ADVANCEDHOSTERS-AS, NL)
kindnessmarshalping.com
1    172.67.71.57 (United States)

ASN13335 (CLOUDFLARENET, US)
waust.at
1    2a00:1450:4001:82f::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
fonts.gstatic.com
5    142.250.185.162 (United States)

ASN15169 (GOOGLE, US)
PTR: fra16s51-in-f2.1e100.net
pagead2.googlesyndication.com
3    139.45.197.244 (United Kingdom)

ASN9002 (RETN-AS, GB)
ofleafeona.com
1    172.67.8.141 (United States)

ASN13335 (CLOUDFLARENET, US)
whos.amung.us
1    139.45.195.8 (United Kingdom)

ASN9002 (RETN-AS, GB)
my.rtmark.net
1    172.67.193.52 (United States)

ASN13335 (CLOUDFLARENET, US)
tzegilo.com
1    139.45.195.254 (United Kingdom)

ASN9002 (RETN-AS, GB)
fleraprt.com
2    2a00:1450:4001:80b::2001 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
tpc.googlesyndication.com
1    172.64.152.106 (San Francisco, United States)

ASN13335 (CLOUDFLARENET, US)
c.adskeeper.com
Apex Domain
Subdomains		 Transfer
10 nizarstream.com
nizarstream.com
105 KB
8 googlesyndication.com
pagead2.googlesyndication.com — Cisco Umbrella Rank: 137
tpc.googlesyndication.com — Cisco Umbrella Rank: 177
215 KB
3 ofleafeona.com
ofleafeona.com — Cisco Umbrella Rank: 238631
37 KB
3 googleapis.com
fonts.googleapis.com — Cisco Umbrella Rank: 83
2 KB
2 kindnessmarshalping.com
kindnessmarshalping.com
2 cloudflare.com
cdnjs.cloudflare.com — Cisco Umbrella Rank: 268
13 KB
1 adskeeper.com
c.adskeeper.com — Cisco Umbrella Rank: 29618
266 B
1 fleraprt.com
fleraprt.com — Cisco Umbrella Rank: 16791
485 B
1 tzegilo.com
tzegilo.com — Cisco Umbrella Rank: 17855
8 KB
1 rtmark.net
my.rtmark.net — Cisco Umbrella Rank: 8833
544 B
1 amung.us
whos.amung.us — Cisco Umbrella Rank: 14606
214 B
1 gstatic.com
fonts.gstatic.com
30 KB
1 waust.at
waust.at — Cisco Umbrella Rank: 38646
4 KB
1 bootstrapcdn.com
maxcdn.bootstrapcdn.com — Cisco Umbrella Rank: 1286
15 KB
1 jquery.com
code.jquery.com — Cisco Umbrella Rank: 816
24 KB
38 15
Domain Requested by
10 nizarstream.com nizarstream.com
6 pagead2.googlesyndication.com nizarstream.com
pagead2.googlesyndication.com
3 ofleafeona.com nizarstream.com
ofleafeona.com
3 fonts.googleapis.com nizarstream.com
2 tpc.googlesyndication.com pagead2.googlesyndication.com
tpc.googlesyndication.com
2 kindnessmarshalping.com nizarstream.com
2 cdnjs.cloudflare.com nizarstream.com
1 c.adskeeper.com
1 fleraprt.com tzegilo.com
1 tzegilo.com ofleafeona.com
1 my.rtmark.net ofleafeona.com
1 whos.amung.us waust.at
1 fonts.gstatic.com fonts.googleapis.com
1 waust.at nizarstream.com
1 maxcdn.bootstrapcdn.com nizarstream.com
1 code.jquery.com nizarstream.com
38 16
Subject Issuer Validity Valid
nizarstream.com
R3		 2024-05-16 -
2024-08-14		 3 months crt.sh
*.g.doubleclick.net
WR2		 2024-06-13 -
2024-09-05		 3 months crt.sh
upload.video.google.com
WR2		 2024-06-13 -
2024-09-05		 3 months crt.sh
cdnjs.cloudflare.com
E1		 2024-06-02 -
2024-08-31		 3 months crt.sh
*.jquery.com
Sectigo ECC Domain Validation Secure Server CA		 2024-06-25 -
2025-06-25		 a year crt.sh
bootstrapcdn.com
GTS CA 1P5		 2024-05-25 -
2024-08-23		 3 months crt.sh
kindnessmarshalping.com
R10		 2024-06-11 -
2024-09-09		 3 months crt.sh
waust.at
WE1		 2024-07-02 -
2024-09-30		 3 months crt.sh
*.gstatic.com
WR2		 2024-06-13 -
2024-09-05		 3 months crt.sh
ofleafeona.com
R3		 2024-04-30 -
2024-07-29		 3 months crt.sh
amung.us
GTS CA 1P5		 2024-05-09 -
2024-08-07		 3 months crt.sh
rtmark.net
R3		 2024-05-11 -
2024-08-09		 3 months crt.sh
tzegilo.com
GTS CA 1P5		 2024-05-28 -
2024-08-26		 3 months crt.sh
fleraprt.com
Sectigo RSA Domain Validation Secure Server CA		 2024-01-09 -
2025-01-13		 a year crt.sh
tpc.googlesyndication.com
WR2		 2024-06-13 -
2024-09-05		 3 months crt.sh
adskeeper.com
GTS CA 1P5		 2024-05-24 -
2024-08-22		 3 months crt.sh

This page contains 4 frames:

Primary Page: https://nizarstream.com/
Frame ID: 18A05115D497B44C0FCABC130CD68385
Requests: 35 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/pagead/html/r20240626/r20110914/zrt_lookup_fy2021.html
Frame ID: E77262366877B3DD1283C4125DE733E5
Requests: 1 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/pagead/ads?ltd_cs=1&client=ca-pub-1559802571670394&output=html&adk=1812271804&adf=3025194257&abgtt=1&lmt=1719944011&plat=2%3A16777216%2C3%3A16%2C4%3A16%2C9%3A134250504%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C30%3A1081344%2C32%3A32%2C41%3A32%2C42%3A32&format=0x0&url=https%3A%2F%2Fnizarstream.com%2F&pra=5&wgl=1&easpi=0&aihb=0&asro=0&ailel=30~31~27~1~2~4~6~7~8~9~10~11~12~13~14~15~16~17~18~19~20~21~24&aiael=30~31~27~1~2~4~6~7~8~9~10~11~12~13~14~15~16~17~18~19~20~21~24&aifxl=30_19~31_2~27_9&aiixl=30_6~31_8~27_3&aslmct=0.7&asamct=0.7&aipaq=1&aisaib=1&itsi=-1&uach=WyJXaW4zMiIsIjEwLjAuMCIsIng4NiIsIiIsIjEyNi4wLjY0NzguMTI2IixudWxsLDAsbnVsbCwiNjQiLFtbIk5vdC9BKUJyYW5kIiwiOC4wLjAuMCJdLFsiQ2hyb21pdW0iLCIxMjYuMC42NDc4LjEyNiJdLFsiR29vZ2xlIENocm9tZSIsIjEyNi4wLjY0NzguMTI2Il1dLDBd&dt=1719944011680&bpp=3&bdt=263&idt=296&shv=r20240626&mjsv=m202406260101&ptt=9&saldr=aa&abxe=1&eoidce=1&nras=1&correlator=1129118437590&frm=20&pv=2&ga_vid=1059849827.1719944012&ga_sid=1719944012&ga_hid=374968187&ga_fc=0&u_tz=120&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759837%2C44798934%2C95334508%2C95334526%2C95334565%2C95334573%2C95334828%2C31084926%2C95335246%2C31084184%2C21065725%2C31078663%2C31078668%2C31078670&oid=2&pvsid=2473154562416043&tmod=2044313004&uas=0&nvt=1&fsapi=1&fc=1920&brdim=100%2C100%2C100%2C100%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=32768&bc=31&bz=1&nt=1&ifi=1&uci=a!1&fsb=1&dtd=318
Frame ID: AEB16CEACD0EE3CC187C5B21602E27CF
Requests: 1 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Frame ID: 147347977335785A772C9ADB270C05CB
Requests: 1 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page Title

Nizar Stream

Detected technologies

Overall confidence: 100%
Detected patterns
  • <link[^>]* href=[^>]*?bootstrap(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)[^>]*?(?:\.min)?\.css
  • bootstrap(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)[^>]*?(?:\.min)?\.js
Overall confidence: 100%
Detected patterns
  • <link[^>]* href=[^>]+(?:([\d.]+)/)?(?:css/)?font-awesome(?:\.min)?\.css
  • <link[^>]* href=[^>]*?(?:F|f)o(?:n|r)t-?(?:A|a)wesome(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)
  • (?:F|f)o(?:n|r)t-?(?:A|a)wesome(?:.*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)
Overall confidence: 100%
Detected patterns
  • googlesyndication\.com/
Overall confidence: 100%
Detected patterns
  • <link[^>]* href=[^>]+fonts\.(?:googleapis|google)\.com
Overall confidence: 100%
Detected patterns
  • <script [^>]*src="[^"]*/popper\.js/([0-9.]+)
  • /popper\.js/([0-9.]+)
Overall confidence: 100%
Detected patterns
  • jquery[.-]([\d.]*\d)[^/]*\.js
  • jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?

Page Statistics

38
Requests

97 %
HTTPS

29 %
IPv6

15
Domains

16
Subdomains

18
IPs

5
Countries

454 kB
Transfer

1351 kB
Size

3
Cookies

Redirected requests

There were HTTP redirect chains for the following requests:

38 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
Primary Request /
nizarstream.com/ 		15 KB
4 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://nizarstream.com/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
185.113.8.204 Almere Stad, Netherlands, ASN200019 (ALEXHOST, MD),
Reverse DNS
nizarstream.com
Software
Apache /
Resource Hash
be064c2e66a2637ffb120a48950896875beea95a3ef39b4b6bebf2eaf796ffeb

Request headers

Accept-Language
nl-NL,nl;q=0.9;q=0.9
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
sec-ch-ua-mobile
?0
sec-ch-ua-platform
"Win32"

Response headers

content-encoding
gzip
content-length
3713
content-type
text/html; charset=UTF-8
date
Tue, 02 Jul 2024 18:13:31 GMT
server
Apache
vary
Accept-Encoding
adsbygoogle.js
pagead2.googlesyndication.com/pagead/js/ 		157 KB
52 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js
Requested by
Host: nizarstream.com
URL: https://nizarstream.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:81c::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
2dd196d8bf56019c5c5b337e8a0e7aa31eaf5fc6d4159de9a279d41108c87866
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://nizarstream.com/
Accept-Language
nl-NL,nl;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Tue, 02 Jul 2024 18:13:31 GMT
content-encoding
br
x-content-type-options
nosniff
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
52680
x-xss-protection
0
server
cafe
etag
14318482429109918039
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=3600, stale-while-revalidate=3600
timing-allow-origin
*
link
<https://googleads.g.doubleclick.net>; rel="preconnect"; crossorigin
expires
Tue, 02 Jul 2024 18:13:31 GMT
bootstrapb.css
nizarstream.com/ 		223 KB
27 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://nizarstream.com/bootstrapb.css
Requested by
Host: nizarstream.com
URL: https://nizarstream.com/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
185.113.8.204 Almere Stad, Netherlands, ASN200019 (ALEXHOST, MD),
Reverse DNS
nizarstream.com
Software
Apache /
Resource Hash
5eacb87d0d3c1575abe6bf763aae61049010cb33ae1ccf775ed66a0beadb6095

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://nizarstream.com/
Accept-Language
nl-NL,nl;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Tue, 02 Jul 2024 18:13:31 GMT
content-encoding
gzip
last-modified
Thu, 27 Jan 2022 01:22:21 GMT
server
Apache
etag
"37c98-5d686265acd40-gzip"
vary
Accept-Encoding
content-type
text/css
accept-ranges
bytes
content-length
28057
css
fonts.googleapis.com/ 		6 KB
736 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://fonts.googleapis.com/css?family=Comfortaa:300,400,700
Requested by
Host: nizarstream.com
URL: https://nizarstream.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:828::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
fe18dabdc82ab48d38f2187ea3259fed6529647433cb6ad9c24ce852a2df29ef
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://nizarstream.com/
Accept-Language
nl-NL,nl;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

strict-transport-security
max-age=31536000
date
Tue, 02 Jul 2024 18:13:31 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection
0
last-modified
Tue, 02 Jul 2024 18:13:31 GMT
server
ESF
cross-origin-opener-policy
same-origin-allow-popups
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Tue, 02 Jul 2024 18:13:31 GMT
css
fonts.googleapis.com/ 		1 KB
518 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://fonts.googleapis.com/css?family=Gabriela
Requested by
Host: nizarstream.com
URL: https://nizarstream.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:828::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
a6b74b3b0e089d6e0bcadf9b88e6ba0487c7e320c802267b5d9e1eb0651fdb6a
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://nizarstream.com/
Accept-Language
nl-NL,nl;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

strict-transport-security
max-age=31536000
date
Tue, 02 Jul 2024 18:13:31 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection
0
last-modified
Tue, 02 Jul 2024 18:13:31 GMT
server
ESF
cross-origin-opener-policy
same-origin-allow-popups
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Tue, 02 Jul 2024 18:13:31 GMT
css
fonts.googleapis.com/ 		2 KB
968 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://fonts.googleapis.com/css?family=Montserrat
Requested by
Host: nizarstream.com
URL: https://nizarstream.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:828::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
11f0f33f9711ca7551b10cdff821a5c9b8ab7d74055c1d84adf61708991774a4
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://nizarstream.com/
Accept-Language
nl-NL,nl;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

strict-transport-security
max-age=31536000
date
Tue, 02 Jul 2024 18:13:31 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection
0
last-modified
Tue, 02 Jul 2024 17:53:20 GMT
server
ESF
cross-origin-opener-policy
same-origin-allow-popups
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Tue, 02 Jul 2024 18:13:31 GMT
stylemain.css
nizarstream.com/css/ 		4 KB
1 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://nizarstream.com/css/stylemain.css
Requested by
Host: nizarstream.com
URL: https://nizarstream.com/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
185.113.8.204 Almere Stad, Netherlands, ASN200019 (ALEXHOST, MD),
Reverse DNS
nizarstream.com
Software
Apache /
Resource Hash
5483fd7c2b0b4c37ac3dbd22c2784623c5124f1475b986317a64e28738898c25

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://nizarstream.com/
Accept-Language
nl-NL,nl;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Tue, 02 Jul 2024 18:13:31 GMT
content-encoding
gzip
last-modified
Thu, 27 Jan 2022 01:22:21 GMT
server
Apache
etag
"f80-5d686265acd40-gzip"
vary
Accept-Encoding
content-type
text/css
accept-ranges
bytes
content-length
1244
font-awesome.min.css
cdnjs.cloudflare.com/ajax/libs/font-awesome/4.7.0/css/ 		30 KB
6 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://cdnjs.cloudflare.com/ajax/libs/font-awesome/4.7.0/css/font-awesome.min.css
Requested by
Host: nizarstream.com
URL: https://nizarstream.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.17.24.14 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
799aeb25cc0373fdee0e1b1db7ad6c2f6a0e058dfadaa3379689f583213190bd
Security Headers
Name Value
Strict-Transport-Security max-age=15780000
X-Content-Type-Options nosniff

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://nizarstream.com/
Accept-Language
nl-NL,nl;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Tue, 02 Jul 2024 18:13:31 GMT
content-encoding
br
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
strict-transport-security
max-age=15780000
age
86790
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
content-length
5631
last-modified
Mon, 04 May 2020 16:10:07 GMT
server
cloudflare
cf-cdnjs-via
cfworker/kv
etag
"5eb03e5f-7918"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=%2Fz3E4qfbyctNFT7opejM1EPeb9c99G94msEgLfswVmXS4jJBgTD9tNAHOyS4gSbYntCVtjw2IdcDLFrficYheLQQeFKbpK0Gxe%2BfmsW%2Bkb9vU5jURagwPlZIm2taKm1gVi8h9QGe"}],"group":"cf-nel","max_age":604800}
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
public, max-age=30672000
accept-ranges
bytes
timing-allow-origin
*
cf-ray
89d09c37ad846706-AMS
expires
Sun, 22 Jun 2025 18:13:31 GMT
jquery-3.2.1.slim.min.js
code.jquery.com/ 		68 KB
24 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://code.jquery.com/jquery-3.2.1.slim.min.js
Requested by
Host: nizarstream.com
URL: https://nizarstream.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a04:4e42::649 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx /
Resource Hash
9365920887b11b33a3dc4ba28a0f93951f200341263e3b9cefd384798e4be398

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://nizarstream.com/
Origin
https://nizarstream.com
Accept-Language
nl-NL,nl;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Tue, 02 Jul 2024 18:13:31 GMT
content-encoding
gzip
via
1.1 varnish, 1.1 varnish
age
5226633
x-cache
HIT, HIT
content-length
23856
x-served-by
cache-lga21963-LGA, cache-ams21033-AMS
last-modified
Fri, 18 Oct 1991 12:00:00 GMT
server
nginx
x-timer
S1719944011.482340,VS0,VE0
etag
W/"28feccc0-10fdd"
vary
Accept-Encoding
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
cache-control
public, max-age=31536000, stale-while-revalidate=604800
accept-ranges
bytes
x-cache-hits
125396, 74704
popper.min.js
cdnjs.cloudflare.com/ajax/libs/popper.js/1.12.9/umd/ 		19 KB
7 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdnjs.cloudflare.com/ajax/libs/popper.js/1.12.9/umd/popper.min.js
Requested by
Host: nizarstream.com
URL: https://nizarstream.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.17.24.14 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
a52f7aa54d7bcaafa056ee0a050262dfc5694ae28dee8b4cac3429af37ff0d66
Security Headers
Name Value
Strict-Transport-Security max-age=15780000
X-Content-Type-Options nosniff

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://nizarstream.com/
Origin
https://nizarstream.com
Accept-Language
nl-NL,nl;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Tue, 02 Jul 2024 18:13:31 GMT
content-encoding
br
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
strict-transport-security
max-age=15780000
age
80694
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
content-length
6157
last-modified
Mon, 04 May 2020 16:15:37 GMT
server
cloudflare
cf-cdnjs-via
cfworker/kv
etag
"5eb03fa9-4af4"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=FyIynkvGw4p7K9kyRSNLzRH2pEyqM8EV80RVJygl%2F1p%2F846HMxqY4rSAQN2SQnMs5%2FFyMqsCN%2BDKfqiqtrJ%2FOGo%2BR3AUBay4pQdvbmhR6V%2B0qN6kYseofGrz70kvoUbfSz%2FpmVnT"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
cache-control
public, max-age=30672000
accept-ranges
bytes
timing-allow-origin
*
cf-ray
89d09c37a8401c82-AMS
expires
Sun, 22 Jun 2025 18:13:31 GMT
bootstrap.min.js
maxcdn.bootstrapcdn.com/bootstrap/4.0.0/js/ 		48 KB
15 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://maxcdn.bootstrapcdn.com/bootstrap/4.0.0/js/bootstrap.min.js
Requested by
Host: nizarstream.com
URL: https://nizarstream.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.18.11.207 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e7ed36ceee5450b4243bbc35188afabdfb4280c7c57597001de0ed167299b01b
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://nizarstream.com/
Origin
https://nizarstream.com
Accept-Language
nl-NL,nl;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Tue, 02 Jul 2024 18:13:31 GMT
content-encoding
gzip
x-content-type-options
nosniff
cf-cache-status
HIT
cdn-edgestorageid
865
strict-transport-security
max-age=31536000; includeSubDomains; preload
age
9594702
cdn-cachedat
12/21/2023 20:03:03
cdn-pullzone
252412
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
last-modified
Mon, 25 Jan 2021 22:04:04 GMT
cdn-proxyver
1.04
cdn-requestpullcode
200
server
cloudflare
etag
W/"14d449eb8876fa55e1ef3c2cc52b0c17"
vary
Accept-Encoding
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
cdn-cache
HIT
cdn-uid
b1941f61-b576-4f40-80de-5677acb38f74
cache-control
public, max-age=31919000
cdn-requestid
37676494a0fb3cf8dd0389f2ed8a0606
timing-allow-origin
*
cdn-requestcountrycode
DE
cdn-status
200
cf-ray
89d09c37ab3ba009-AMS
cdn-requestpullsuccess
True
invoke.js
kindnessmarshalping.com/4f45e567af833c2b9f12278660c1e5f6/ 		0
0 		Script
General
Check archive.org
Download Go to
Full URL
https://kindnessmarshalping.com/4f45e567af833c2b9f12278660c1e5f6/invoke.js
Requested by
Host: nizarstream.com
URL: https://nizarstream.com/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
192.243.59.12 Ashburn, United States, ASN39572 (ADVANCEDHOSTERS-AS, NL),
Reverse DNS
Software
nginx/1.19.5 /
Resource Hash

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://nizarstream.com/
Accept-Language
nl-NL,nl;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

Date
Tue, 02 Jul 2024 18:13:32 GMT
Server
nginx/1.19.5
Accept-CH
Device-Stock-UA,Sec-CH-UA,Sec-CH-UA-Full-Version,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version,Sec-CH-UA-PlatformUser-Agent,User-Agent,X-Device-User-Agent,X-OperaMini-Phone-UA,X-UCBrowser-Device-UA
P3P
CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
Access-Control-Allow-Origin
*
Content-Type
application/javascript
Connection
keep-alive
Content-Length
0
main2.js
nizarstream.com/js/ 		20 KB
7 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://nizarstream.com/js/main2.js
Requested by
Host: nizarstream.com
URL: https://nizarstream.com/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
185.113.8.204 Almere Stad, Netherlands, ASN200019 (ALEXHOST, MD),
Reverse DNS
nizarstream.com
Software
Apache /
Resource Hash
a124706d5dc1d9d500a79c3dc5ca0768e891789fa43b6267aa563d62f142ff4e

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://nizarstream.com/
Accept-Language
nl-NL,nl;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Tue, 02 Jul 2024 18:13:31 GMT
content-encoding
gzip
last-modified
Mon, 04 Sep 2023 16:28:18 GMT
server
Apache
etag
"4eea-6048aff732c80-gzip"
vary
Accept-Encoding
content-type
text/javascript
accept-ranges
bytes
content-length
7150
jquery-3.3.1.slim.min.js
nizarstream.com/js/ 		68 KB
24 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://nizarstream.com/js/jquery-3.3.1.slim.min.js
Requested by
Host: nizarstream.com
URL: https://nizarstream.com/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
185.113.8.204 Almere Stad, Netherlands, ASN200019 (ALEXHOST, MD),
Reverse DNS
nizarstream.com
Software
Apache /
Resource Hash
70b4350974032b3dc18d0c8e5642ca305440412d205c6ae88499f1ccd957af13

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://nizarstream.com/
Accept-Language
nl-NL,nl;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Tue, 02 Jul 2024 18:13:31 GMT
content-encoding
gzip
last-modified
Mon, 04 Sep 2023 16:28:56 GMT
server
Apache
etag
"1111e-6048b01b70200-gzip"
vary
Accept-Encoding
content-type
text/javascript
accept-ranges
bytes
content-length
24082
timezone.js
nizarstream.com/js/ 		4 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://nizarstream.com/js/timezone.js
Requested by
Host: nizarstream.com
URL: https://nizarstream.com/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
185.113.8.204 Almere Stad, Netherlands, ASN200019 (ALEXHOST, MD),
Reverse DNS
nizarstream.com
Software
Apache /
Resource Hash
57d48a427db17be62c4b0af345b7a9d94512cafe20e163aac4b4bdc5cd60fcf6

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://nizarstream.com/
Accept-Language
nl-NL,nl;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Tue, 02 Jul 2024 18:13:31 GMT
content-encoding
gzip
last-modified
Mon, 04 Sep 2023 16:28:49 GMT
server
Apache
etag
"e29-6048b014c3240-gzip"
vary
Accept-Encoding
content-type
text/javascript
accept-ranges
bytes
content-length
1327
clock.js
nizarstream.com/js/ 		6 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://nizarstream.com/js/clock.js
Requested by
Host: nizarstream.com
URL: https://nizarstream.com/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
185.113.8.204 Almere Stad, Netherlands, ASN200019 (ALEXHOST, MD),
Reverse DNS
nizarstream.com
Software
Apache /
Resource Hash
fd1c653f692d50569060b2c809d5f499c27360d93ea4a11974be7c76af98147a

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://nizarstream.com/
Accept-Language
nl-NL,nl;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Tue, 02 Jul 2024 18:13:31 GMT
content-encoding
gzip
last-modified
Mon, 04 Sep 2023 16:28:51 GMT
server
Apache
etag
"18f3-6048b016ab6c0-gzip"
vary
Accept-Encoding
content-type
text/javascript
accept-ranges
bytes
content-length
1863
s.js
waust.at/ 		8 KB
4 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://waust.at/s.js
Requested by
Host: nizarstream.com
URL: https://nizarstream.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.67.71.57 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
2052a227c361a7e99ea70f5bdcf54cd9e6c6b493dd4d20b73b376d94ce0dc0d1

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://nizarstream.com/
Accept-Language
nl-NL,nl;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Tue, 02 Jul 2024 18:13:31 GMT
content-encoding
gzip
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
2037
alt-svc
h3=":443"; ma=86400
last-modified
Thu, 12 Jan 2023 17:19:48 GMT
server
cloudflare
etag
W/"63c04134-2170"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=iRRHWfVV%2FJD8WJ8pyX3bJAKDSMYkaCJsm%2FSrEuDFvgovgId6pUJ%2BOS1H7rqNvxmqcNILikc3zl715d8Q9wMHrIm8mPX5ssC8%2BSRAMI56pal342lBGB6K9EnM"}],"group":"cf-nel","max_age":604800}
content-type
application/x-javascript
access-control-allow-origin
*
cache-control
max-age=86400
cf-ray
89d09c3898e50bcc-AMS
expires
Wed, 03 Jul 2024 17:39:34 GMT
flags.css
nizarstream.com/ 		0
0 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://nizarstream.com/flags.css
Requested by
Host: nizarstream.com
URL: https://nizarstream.com/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
185.113.8.204 Almere Stad, Netherlands, ASN200019 (ALEXHOST, MD),
Reverse DNS
nizarstream.com
Software
Apache /
Resource Hash

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://nizarstream.com/
Accept-Language
nl-NL,nl;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Tue, 02 Jul 2024 18:13:31 GMT
content-encoding
gzip
last-modified
Thu, 27 Jan 2022 01:22:21 GMT
server
Apache
etag
"c9f-5d686265acd40-gzip"
vary
Accept-Encoding
content-type
text/html
accept-ranges
bytes
content-length
1227
1Ptsg8LJRfWJmhDAuUs4TYFq.woff2
fonts.gstatic.com/s/comfortaa/v45/ 		30 KB
30 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/comfortaa/v45/1Ptsg8LJRfWJmhDAuUs4TYFq.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Comfortaa:300,400,700
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82f::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
2b4fc84ee04adaaab536bfd9e79fd2d30cf6c16eb85e4ac25c692b3a4a2b91e5
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://fonts.googleapis.com/
Origin
https://nizarstream.com
Accept-Language
nl-NL,nl;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Thu, 27 Jun 2024 23:58:30 GMT
x-content-type-options
nosniff
age
411301
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
30512
x-xss-protection
0
last-modified
Thu, 24 Aug 2023 20:50:19 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Fri, 27 Jun 2025 23:58:30 GMT
show_ads_impl_with_ama_fy2021.js
pagead2.googlesyndication.com/pagead/managed/js/adsense/m202406260101/ 		425 KB
143 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202406260101/show_ads_impl_with_ama_fy2021.js?client=ca-pub-1559802571670394&plah=nizarstream.com&aplac=true&bust=31084926
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.185.162 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s51-in-f2.1e100.net
Software
cafe /
Resource Hash
013ac6da92ffe4bc38e196c85911803a95fb7ee51471680944076c268b50338c
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://nizarstream.com/
Accept-Language
nl-NL,nl;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Tue, 02 Jul 2024 18:13:31 GMT
content-encoding
br
x-content-type-options
nosniff
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
146854
x-xss-protection
0
server
cafe
etag
9552645929676296989
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
cache-control
private, max-age=3600, stale-while-revalidate=3600
timing-allow-origin
*
expires
Tue, 02 Jul 2024 18:13:31 GMT
zrt_lookup_fy2021.html
pagead2.googlesyndication.com/pagead/html/r20240626/r20110914/ Frame E772 		0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/html/r20240626/r20110914/zrt_lookup_fy2021.html
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202406260101/show_ads_impl_with_ama_fy2021.js?client=ca-pub-1559802571670394&plah=nizarstream.com&aplac=true&bust=31084926
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.185.162 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s51-in-f2.1e100.net
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
nl-NL,nl;q=0.9;q=0.9
Referer
https://nizarstream.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
sec-ch-ua-mobile
?0
sec-ch-ua-platform
"Win32"

Response headers

age
45640
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
public, max-age=1209600
content-encoding
br
content-length
4164
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Tue, 02 Jul 2024 05:32:52 GMT
etag
9187630395144177108
expires
Tue, 16 Jul 2024 05:32:52 GMT
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
server
cafe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
gen_204
pagead2.googlesyndication.com/pagead/ 		0
20 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=ach_evt&tn=DIV&cls=navbar%20navbar-expand-lg%20fixed-top%20navbar-dark%20bg-primary&ign=false&pw=1600&ph=1200&x=0&y=0
Requested by
Host: nizarstream.com
URL: https://nizarstream.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.185.162 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s51-in-f2.1e100.net
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://nizarstream.com/
Accept-Language
nl-NL,nl;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

pragma
no-cache
date
Tue, 02 Jul 2024 18:13:32 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
ads
pagead2.googlesyndication.com/pagead/ Frame AEB1 		0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/ads?ltd_cs=1&client=ca-pub-1559802571670394&output=html&adk=1812271804&adf=3025194257&abgtt=1&lmt=1719944011&plat=2%3A16777216%2C3%3A16%2C4%3A16%2C9%3A134250504%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C30%3A1081344%2C32%3A32%2C41%3A32%2C42%3A32&format=0x0&url=https%3A%2F%2Fnizarstream.com%2F&pra=5&wgl=1&easpi=0&aihb=0&asro=0&ailel=30~31~27~1~2~4~6~7~8~9~10~11~12~13~14~15~16~17~18~19~20~21~24&aiael=30~31~27~1~2~4~6~7~8~9~10~11~12~13~14~15~16~17~18~19~20~21~24&aifxl=30_19~31_2~27_9&aiixl=30_6~31_8~27_3&aslmct=0.7&asamct=0.7&aipaq=1&aisaib=1&itsi=-1&uach=WyJXaW4zMiIsIjEwLjAuMCIsIng4NiIsIiIsIjEyNi4wLjY0NzguMTI2IixudWxsLDAsbnVsbCwiNjQiLFtbIk5vdC9BKUJyYW5kIiwiOC4wLjAuMCJdLFsiQ2hyb21pdW0iLCIxMjYuMC42NDc4LjEyNiJdLFsiR29vZ2xlIENocm9tZSIsIjEyNi4wLjY0NzguMTI2Il1dLDBd&dt=1719944011680&bpp=3&bdt=263&idt=296&shv=r20240626&mjsv=m202406260101&ptt=9&saldr=aa&abxe=1&eoidce=1&nras=1&correlator=1129118437590&frm=20&pv=2&ga_vid=1059849827.1719944012&ga_sid=1719944012&ga_hid=374968187&ga_fc=0&u_tz=120&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759837%2C44798934%2C95334508%2C95334526%2C95334565%2C95334573%2C95334828%2C31084926%2C95335246%2C31084184%2C21065725%2C31078663%2C31078668%2C31078670&oid=2&pvsid=2473154562416043&tmod=2044313004&uas=0&nvt=1&fsapi=1&fc=1920&brdim=100%2C100%2C100%2C100%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=32768&bc=31&bz=1&nt=1&ifi=1&uci=a!1&fsb=1&dtd=318
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202406260101/show_ads_impl_with_ama_fy2021.js?client=ca-pub-1559802571670394&plah=nizarstream.com&aplac=true&bust=31084926
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.185.162 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s51-in-f2.1e100.net
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
nl-NL,nl;q=0.9;q=0.9
Referer
https://nizarstream.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
sec-ch-ua-mobile
?0
sec-ch-ua-platform
"Win32"

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-encoding
br
content-length
46
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Tue, 02 Jul 2024 18:13:32 GMT
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
server
cafe
timing-allow-origin
*
x-content-type-options
nosniff
x-xss-protection
0
invoke.js
kindnessmarshalping.com/4f45e567af833c2b9f12278660c1e5f6/ 		0
0 		Script
General
Check archive.org
Download Go to
Full URL
https://kindnessmarshalping.com/4f45e567af833c2b9f12278660c1e5f6/invoke.js
Requested by
Host: nizarstream.com
URL: https://nizarstream.com/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
192.243.59.12 Ashburn, United States, ASN39572 (ADVANCEDHOSTERS-AS, NL),
Reverse DNS
Software
nginx/1.19.5 /
Resource Hash

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://nizarstream.com/
Accept-Language
nl-NL,nl;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

Date
Tue, 02 Jul 2024 18:13:32 GMT
Server
nginx/1.19.5
Accept-CH
Device-Stock-UA,Sec-CH-UA,Sec-CH-UA-Full-Version,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version,Sec-CH-UA-PlatformUser-Agent,User-Agent,X-Device-User-Agent,X-OperaMini-Phone-UA,X-UCBrowser-Device-UA
P3P
CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
Access-Control-Allow-Origin
*
Content-Type
application/javascript
Connection
keep-alive
Content-Length
0
7093851
ofleafeona.com/401/ 		87 KB
34 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://ofleafeona.com/401/7093851
Requested by
Host: nizarstream.com
URL: https://nizarstream.com/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
139.45.197.244 , United Kingdom, ASN9002 (RETN-AS, GB),
Reverse DNS
Software
nginx /
Resource Hash
bfec3a41c07dce3fc50e5480932253a84c3ee53941aeb048a3471e7925c19158
Security Headers
Name Value
Strict-Transport-Security max-age=1
X-Content-Type-Options nosniff

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://nizarstream.com/
Accept-Language
nl-NL,nl;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Tue, 02 Jul 2024 18:13:32 GMT
strict-transport-security
max-age=1
x-content-type-options
nosniff
content-encoding
gzip
x-trace-id
ad5480dc8cdbaf33674006e428dd9163
pragma
no-cache
server
nginx
accept-ch
Sec-CH-UA, Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Mobile, Sec-CH-UA-Model
vary
Origin
content-type
application/javascript
access-control-allow-origin
*
access-control-expose-headers
Link
cache-control
no-cache, no-store, no-transform, must-revalidate, private, max-age=0
access-control-allow-credentials
true
timing-allow-origin
*, *
expires
Tue, 11 Jan 1994 10:00:00 GMT
/
whos.amung.us/pingjs/ 		29 B
214 B 		Script
General
Check archive.org
Download Go to
Full URL
https://whos.amung.us/pingjs/?k=i4ripbuzdd&t=Nizar%20Stream&c=s&x=https%3A%2F%2Fnizarstream.com%2F&y=&a=0&d=1.296&v=27&r=7465
Requested by
Host: waust.at
URL: https://waust.at/s.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.67.8.141 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
62af6b709dc7d57b8aec43ad39d03136d4e5899ed465ee9e53401705c7ab4d0a

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://nizarstream.com/
Accept-Language
nl-NL,nl;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Tue, 02 Jul 2024 18:13:32 GMT
content-encoding
gzip
cf-cache-status
DYNAMIC
server
cloudflare
cf-ray
89d09c3f095d1c82-AMS
alt-svc
h3=":443"; ma=86400
content-type
text/javascript;charset=UTF-8
gid.js
my.rtmark.net/ 		65 B
544 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://my.rtmark.net/gid.js
Requested by
Host: ofleafeona.com
URL: https://ofleafeona.com/401/7093851
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
139.45.195.8 , United Kingdom, ASN9002 (RETN-AS, GB),
Reverse DNS
Software
nginx /
Resource Hash
a576b2d868b00562a9092051a84dccae44cd7c87f91bc316d1fc1b3aa28189d6
Security Headers
Name Value
Strict-Transport-Security max-age=1
X-Content-Type-Options nosniff

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://nizarstream.com/
Accept-Language
nl-NL,nl;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Tue, 02 Jul 2024 18:13:32 GMT
strict-transport-security
max-age=1
x-content-type-options
nosniff
server
nginx
access-control-allow-methods
POST, GET, OPTIONS, PUT, DELETE
content-type
application/json; charset=utf-8
access-control-allow-origin
https://nizarstream.com
access-control-expose-headers
Authorization
access-control-allow-credentials
true
timing-allow-origin
*, *
access-control-allow-headers
Accept, Content-Type, Content-Length, Accept-Encoding, Authorization,X-CSRF-Token
content-length
65
truncated
/ 		439 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
f6d82f567d08ec91a1b6ef0d4abf21be7a2d3dbc0a41c122584ea3536755b3ac

Request headers

Accept-Language
nl-NL,nl;q=0.9;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

Content-Type
image/gif
sodar
pagead2.googlesyndication.com/getconfig/ 		16 KB
12 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gda&tv=r20240626&st=env
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202406260101/show_ads_impl_with_ama_fy2021.js?client=ca-pub-1559802571670394&plah=nizarstream.com&aplac=true&bust=31084926
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.185.162 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s51-in-f2.1e100.net
Software
cafe /
Resource Hash
d294d8ad8b6abeceabca3b89cc4917ddb333aacc36000b902fcef32e46f50684
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://nizarstream.com/
Accept-Language
nl-NL,nl;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Tue, 02 Jul 2024 18:13:32 GMT
content-encoding
br
x-content-type-options
nosniff
server
cafe
content-type
application/json; charset=UTF-8
access-control-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
12738
x-xss-protection
0
iconnizar.jpg
nizarstream.com/ 		39 KB
39 KB 		Other
General
Check archive.org
Download Go to
Full URL
https://nizarstream.com/iconnizar.jpg
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
185.113.8.204 Almere Stad, Netherlands, ASN200019 (ALEXHOST, MD),
Reverse DNS
nizarstream.com
Software
Apache /
Resource Hash
f2e69463a942e5f474d7d84659b2373b19db4172e0006a4eff974de3edbda6ff

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://nizarstream.com/
Accept-Language
nl-NL,nl;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Tue, 02 Jul 2024 18:13:32 GMT
last-modified
Thu, 27 Jan 2022 01:22:21 GMT
server
Apache
accept-ranges
bytes
etag
"9a9e-5d686265acd40"
content-length
39582
content-type
image/jpeg
stattag.js
tzegilo.com/ 		16 KB
8 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tzegilo.com/stattag.js
Requested by
Host: ofleafeona.com
URL: https://ofleafeona.com/401/7093851
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.67.193.52 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
55d9a9f3965fa8c9d7ac125fb53798ebe9a8494be560cd583ce9003aeb5b2ba9

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://nizarstream.com/
Accept-Language
nl-NL,nl;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Tue, 02 Jul 2024 18:13:32 GMT
content-encoding
br
cf-cache-status
HIT
last-modified
Tue, 25 Jun 2024 13:48:34 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
age
5921
etag
W/"667acab2-404e"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=iH0EyuaoFr3JdiLU34PyKRa5npdjSEKBE%2FpIsWgfC0kpMaTdQTsoWP6gdhNn4WW2m3YG3VHdmhMA%2FAZY5XmUP%2Brvg5D6EUn0A1%2BLQh2dq1bvXe3lsuPOaP7VhOo5EQ%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript
cache-control
max-age=14400
cf-ray
89d09c4038b366d2-AMS
link
<https://flerap.com/>; rel=preconnect; crossorigin, <https://fleraprt.com/>; rel=preconnect; crossorigin
alt-svc
h3=":443"; ma=86400
iconnizar.jpg
nizarstream.com/ 		39 KB
0 		Other
General
Check archive.org
Download Go to
Full URL
https://nizarstream.com/iconnizar.jpg
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
185.113.8.204 Almere Stad, Netherlands, ASN200019 (ALEXHOST, MD),
Reverse DNS
nizarstream.com
Software
Apache /
Resource Hash
f2e69463a942e5f474d7d84659b2373b19db4172e0006a4eff974de3edbda6ff

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://nizarstream.com/
Accept-Language
nl-NL,nl;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Tue, 02 Jul 2024 18:13:32 GMT
last-modified
Thu, 27 Jan 2022 01:22:21 GMT
server
Apache
accept-ranges
bytes
etag
"9a9e-5d686265acd40"
content-length
39582
content-type
image/jpeg
add
fleraprt.com/log/ 		12 B
485 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://fleraprt.com/log/add?cid=1db9169f-90f4-4b2d-b517-bc47aab19c1f&ruid=42770d8e-cf93-4b0e-ad38-24896f499c49
Requested by
Host: tzegilo.com
URL: https://tzegilo.com/stattag.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
139.45.195.254 , United Kingdom, ASN9002 (RETN-AS, GB),
Reverse DNS
Software
nginx/1.19.10 /
Resource Hash
fe85cceb474303eb80a5ca9a60b16d92208a8e0b38647647654b0c42447b51f7

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
sec-ch-ua-platform
"Win32"
Referer
https://nizarstream.com/
Accept-Language
nl-NL,nl;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

Date
Tue, 02 Jul 2024 18:13:33 GMT
Server
nginx/1.19.10
Access-Control-Allow-Methods
POST, GET, OPTIONS, PUT, DELETE
Content-Type
application/json; charset=utf-8
Access-Control-Allow-Origin
https://nizarstream.com
Access-Control-Allow-Credentials
true
Connection
keep-alive
Access-Control-Allow-Headers
Accept, Content-Type, Content-Length, Accept-Encoding, X-CSRF-Token, Authorization, X-Forwarded-For, If-None-Match
Content-Length
12
sodar2.js
tpc.googlesyndication.com/sodar/ 		17 KB
7 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/sodar2.js
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202406260101/show_ads_impl_with_ama_fy2021.js?client=ca-pub-1559802571670394&plah=nizarstream.com&aplac=true&bust=31084926
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:80b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://nizarstream.com/
Accept-Language
nl-NL,nl;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Tue, 02 Jul 2024 18:13:33 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
6386
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
etag
"1637097310169751"
vary
Accept-Encoding
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
expires
Tue, 02 Jul 2024 18:13:33 GMT
7093851
ofleafeona.com/500/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://ofleafeona.com/500/7093851?excludes=&oaid=08008da92937421dfa943de1455fbb5c&fs=0&cf=0&sw=1600&sh=1200&sah=1200&wx=100&wy=100&ww=1600&wh=1200&cw=1600&wiw=1600&wih=1200&wfc=2&pl=https%3A%2F%2Fnizarstream.com%2F&drf=&np=1&pt=0&nb=1&ng=1&ix=0&nw=1&tb=false&tzofs=120&btz=Europe%2FAmsterdam&bto=-120&jsp=1&os=win32&os_version=10.0.0&is_mobile=false&browser_version=126.0.6478.126&js_build=8&sw_version=v1.351.0
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
139.45.197.244 , United Kingdom, ASN9002 (RETN-AS, GB),
Reverse DNS
Software
nginx /
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=1
X-Content-Type-Options nosniff

Request headers

Accept
*/*
Access-Control-Request-Headers
content-type
Access-Control-Request-Method
GET
Origin
https://nizarstream.com
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

accept-ch
Sec-CH-UA, Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Mobile, Sec-CH-UA-Model
access-control-allow-credentials
true
access-control-allow-headers
Accept, Content-Type, Content-Length, Accept-Encoding, baggage, sentry-trace
access-control-allow-methods
GET, POST, OPTIONS
access-control-allow-origin
https://nizarstream.com
access-control-max-age
600
allow
GET, OPTIONS
content-length
0
date
Tue, 02 Jul 2024 18:13:33 GMT
server
nginx
strict-transport-security
max-age=1
timing-allow-origin
*
vary
Origin Access-Control-Request-Method Access-Control-Request-Headers
x-content-type-options
nosniff
7093851
ofleafeona.com/500/ 		2 KB
3 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://ofleafeona.com/500/7093851?excludes=&oaid=08008da92937421dfa943de1455fbb5c&fs=0&cf=0&sw=1600&sh=1200&sah=1200&wx=100&wy=100&ww=1600&wh=1200&cw=1600&wiw=1600&wih=1200&wfc=2&pl=https%3A%2F%2Fnizarstream.com%2F&drf=&np=1&pt=0&nb=1&ng=1&ix=0&nw=1&tb=false&tzofs=120&btz=Europe%2FAmsterdam&bto=-120&jsp=1&os=win32&os_version=10.0.0&is_mobile=false&browser_version=126.0.6478.126&js_build=8&sw_version=v1.351.0
Requested by
Host: ofleafeona.com
URL: https://ofleafeona.com/401/7093851
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
139.45.197.244 , United Kingdom, ASN9002 (RETN-AS, GB),
Reverse DNS
Software
nginx /
Resource Hash
5d0c17d354f26c02e92ccb36c851e52ea90d42e60203b09a7d58be16b4f6f9ac
Security Headers
Name Value
Strict-Transport-Security max-age=1
X-Content-Type-Options nosniff

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
sec-ch-ua-platform
"Win32"
Referer
https://nizarstream.com/
Accept-Language
nl-NL,nl;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
Content-Type
application/json

Response headers

date
Tue, 02 Jul 2024 18:13:33 GMT
strict-transport-security
max-age=1
x-content-type-options
nosniff
content-encoding
gzip
x-trace-id
fe0c6c497f4439e0b642ab673c07b25f
pragma
no-cache
server
nginx
accept-ch
Sec-CH-UA, Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Mobile, Sec-CH-UA-Model
vary
Origin
content-type
application/javascript
access-control-allow-origin
https://nizarstream.com
access-control-expose-headers
Link
cache-control
no-cache, no-store, no-transform, must-revalidate, private, max-age=0
access-control-allow-credentials
true
timing-allow-origin
*, *
expires
Tue, 11 Jan 1994 10:00:00 GMT
runner.html
tpc.googlesyndication.com/sodar/sodar2/225/ Frame 1473 		0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:80b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
nl-NL,nl;q=0.9;q=0.9
Referer
https://nizarstream.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
sec-ch-ua-mobile
?0
sec-ch-ua-platform
"Win32"

Response headers

accept-ranges
bytes
age
17947
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
public, max-age=31536000
content-encoding
gzip
content-length
5046
content-type
text/html
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy
cross-origin
date
Tue, 02 Jul 2024 13:14:26 GMT
expires
Wed, 02 Jul 2025 13:14:26 GMT
last-modified
Mon, 21 Jun 2021 20:47:05 GMT
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server
sffe
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
c
c.adskeeper.com/ 		43 B
266 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://c.adskeeper.com/c?pv=2&v=0|0|0|CbD0w2yJjggTRR-FVsaXRuXm6dwUOeQO5rjuLTkFFJDgVRpabzkNvaAeGlUNTSCHpRWsIMgWcPyULdWITvZGWqbCpXOST-gB8p4xJfF4aAw*&cid=1605225&f=1&h2=hivDUb_g1du7or-JgaA8tMBE2jaiK1qq8RJq43zft0uw3l43Dy6wVwIccUKw8vqu&rid=z7093851zb11875684bcNLcp1ph2024070213h&psid=7093851
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.64.152.106 San Francisco, United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
aa03dc59bdca72631d2301e4297cfa030bd31b907dc138e7b973d12311c90a22
Security Headers
Name Value
Strict-Transport-Security max-age=15768000; includeSubdomains; preload
X-Content-Type-Options nosniff

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://nizarstream.com/
Accept-Language
nl-NL,nl;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Tue, 02 Jul 2024 18:13:33 GMT
strict-transport-security
max-age=15768000; includeSubdomains; preload
x-content-type-options
nosniff
cf-cache-status
DYNAMIC
x-mg-request-uuid
5454300e-fd6b-4e3a-b6f3-8770db9ba4a6
server
cloudflare
content-type
image/gif
cf-ray
89d09c43287b66a3-AMS
alt-svc
h3=":443"; ma=86400
content-length
43
sodar
pagead2.googlesyndication.com/pagead/ 		0
0

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain
pagead2.googlesyndication.com
URL
https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&t=2&li=gda_r20240626&jk=2473154562416043&bg=!09Cl0J_NAAaO6Fnqrug7ADQBe5WfOL4o24NRq9_8J6c6Bi9EX2MT8IaG0ra-v_7oFPpkp-Z3CPRKYVZgFkBhy4fwknx4AgAAAVBSAAAABmgBB34ANVBcJu1rP-SNUFTXozM-cWZvQmIbVQvtB9iwAv_ENn73G2fSzC-Roa7MoA-XgkxcC0yrTCtLCgAHLU1kad4MEpkCpKYYuH7rONsxjc2ETnmc_GpKrLQqcZJK4_ck314PEqkICpRZuJ64Je1ipNpCDABy7rHG36I8RQntGjB1cC-sgW5EJfuyVq6VGAZmXE5Y8RTZ18F67ASe9qmRe1tKFU5EqVh0mbuhR6FNU93ZFNyVnG4SNy9A_w_be2xlbEmE5Y0f1hbvXhT549o5XCNrhmECUQWw52sYWcLft1FgHlABU3x5EMmFe5-DLgJlPZMzRkZGzbu2i5hCWqa5xPbNWAPIz-C91XOY7QxYAYLLNYtZH4hZ8MWtMDsHLGBoSV7A-3kkVhXrmv-5631_9zV_O7e5PaUVSM7SZMJUQO9eM43nN5xr68pS2udYnnagwKOVF6Uoz1Vy29B5VyYXQc80bRlKKnMAgFMb1fW2T-Nf5wegCo7Cqs70HPdcm6MqU4WF9vjp2tZLJ7vhXOyq50CUXTYJWCTBxKlANjQXR0YZYsUz85vc_RxyqGxCO4XgU0OVs6dS63snMvKcW3oLQKT7xnux7cL_oyOIfWtRPyDiH24xycbCb52yNPyUjS9qhaLbKiV9gQ55h-I0fiL6acB5ZUlKKhXNTW5UYmAL2C2T5wKgZGDMEw_jKHQascBS6ZMtTuljKmLj-4r5TC-BEK_bLMyhFYlSPd_-SVjbWt7FOGzR_DPWMStTBMlM-sYIvpe9Ke7phP5Tlfn_K5XQif87kTcOj1Oaqgrfpd94FsG-Te1M0hqAr9Eo-oogMeF1M8DD3zSvQNuGOtDxd3xe314H7y35KtFLNRPtZWGmpLVrDpZnnvCz1c63FLSnMVrIiF8Z6eDS2OqagNU98MMnuhz_Q1698BXkq8OC84dPU43neAIPLnxJwkxU1SghJQVQvQ622MeZg-Xw4vh8gpQk0a3K7N8gIWFELpI

Verdicts & Comments Add Verdict or Comment

91 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| 0 object| 1 undefined| event object| fence object| sharedStorage string| str function| $ function| jQuery function| Popper object| bootstrap object| atOptions object| google_js_reporting_queue number| google_srt object| google_persistent_state_async object| google_logging_queue number| tmod object| google_ad_modifications object| ggeac boolean| google_measure_js_timing object| google_tag_data boolean| google_plmetrics object| google_reactive_ads_global_state object| adsbygoogle object| google_sa_queue function| google_process_slots function| google_spfd number| google_unique_id object| google_sv_map number| google_rum_task_id_counter string| google_user_agent_client_hint function| google_sa_impl object| google_image_requests number| google_global_correlator object| google_prev_clients object| gaGlobal object| ampInaboxIframes object| ampInaboxPendingMessages string| COOKIE_NAME object| options object| d number| defaultTimeZone number| defaultTimeZone_mins number| timeZoneVar number| timeZoneVar_mins string| timezone number| timezone_hr number| timezone_mins number| dateIndex object| rightNow object| jan1 object| june1 string| temp object| jan2 object| june2 number| std_time_offset number| daylight_time_offset string| dst number| hemisphere function| changeTimeZone function| startTime function| convert function| checkTime function| gtag object| dataLayer object| _wau object| WAU_ren function| WAU_small function| WAU_small_request function| WAU_r_s function| WAU_insert function| WAU_legacy_b function| WAU_la function| WAU_addCommas function| WAU_lrd function| WAU_lrs function| WAU_cps function| docReady object| zonetime number| t object| zfgstorage object| 0tax7hrjt68n object| zfgformats object| syncCallbacks object| webpushlogs object| x string| x1 string| x2 boolean| __lwkemfd9q__ object| __ds3dcV__ object| GoogleGcLKhOms number| __qwe33wweq__

3 Cookies

Domain/Path Name / Value
nizarstream.com/ Name: website_clock
Value: %2B02%3A00
my.rtmark.net/ Name: ID
Value: 08008da92937421dfa943de1455fbb5c
ofleafeona.com/ Name: OAID
Value: 08008da92937421dfa943de1455fbb5c

3 Console Messages

Source Level URL
Text
network error URL: https://nizarstream.com/flags.css
Message:
Failed to load resource: the server responded with a status of 404 ()
network error URL: https://kindnessmarshalping.com/4f45e567af833c2b9f12278660c1e5f6/invoke.js
Message:
Failed to load resource: the server responded with a status of 403 (Forbidden)
network error URL: https://kindnessmarshalping.com/4f45e567af833c2b9f12278660c1e5f6/invoke.js
Message:
Failed to load resource: the server responded with a status of 403 (Forbidden)

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

c.adskeeper.com
cdnjs.cloudflare.com
code.jquery.com
fleraprt.com
fonts.googleapis.com
fonts.gstatic.com
kindnessmarshalping.com
maxcdn.bootstrapcdn.com
my.rtmark.net
nizarstream.com
ofleafeona.com
pagead2.googlesyndication.com
tpc.googlesyndication.com
tzegilo.com
waust.at
whos.amung.us
pagead2.googlesyndication.com
104.17.24.14
104.18.11.207
139.45.195.254
139.45.195.8
139.45.197.244
142.250.185.162
172.64.152.106
172.67.193.52
172.67.71.57
172.67.8.141
185.113.8.204
192.243.59.12
2a00:1450:4001:80b::2001
2a00:1450:4001:81c::2002
2a00:1450:4001:828::200a
2a00:1450:4001:82f::2003
2a04:4e42::649
013ac6da92ffe4bc38e196c85911803a95fb7ee51471680944076c268b50338c
11f0f33f9711ca7551b10cdff821a5c9b8ab7d74055c1d84adf61708991774a4
2052a227c361a7e99ea70f5bdcf54cd9e6c6b493dd4d20b73b376d94ce0dc0d1
2b4fc84ee04adaaab536bfd9e79fd2d30cf6c16eb85e4ac25c692b3a4a2b91e5
2dd196d8bf56019c5c5b337e8a0e7aa31eaf5fc6d4159de9a279d41108c87866
5483fd7c2b0b4c37ac3dbd22c2784623c5124f1475b986317a64e28738898c25
55d9a9f3965fa8c9d7ac125fb53798ebe9a8494be560cd583ce9003aeb5b2ba9
57d48a427db17be62c4b0af345b7a9d94512cafe20e163aac4b4bdc5cd60fcf6
5d0c17d354f26c02e92ccb36c851e52ea90d42e60203b09a7d58be16b4f6f9ac
5eacb87d0d3c1575abe6bf763aae61049010cb33ae1ccf775ed66a0beadb6095
61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb
62af6b709dc7d57b8aec43ad39d03136d4e5899ed465ee9e53401705c7ab4d0a
70b4350974032b3dc18d0c8e5642ca305440412d205c6ae88499f1ccd957af13
799aeb25cc0373fdee0e1b1db7ad6c2f6a0e058dfadaa3379689f583213190bd
9365920887b11b33a3dc4ba28a0f93951f200341263e3b9cefd384798e4be398
a124706d5dc1d9d500a79c3dc5ca0768e891789fa43b6267aa563d62f142ff4e
a52f7aa54d7bcaafa056ee0a050262dfc5694ae28dee8b4cac3429af37ff0d66
a576b2d868b00562a9092051a84dccae44cd7c87f91bc316d1fc1b3aa28189d6
a6b74b3b0e089d6e0bcadf9b88e6ba0487c7e320c802267b5d9e1eb0651fdb6a
aa03dc59bdca72631d2301e4297cfa030bd31b907dc138e7b973d12311c90a22
be064c2e66a2637ffb120a48950896875beea95a3ef39b4b6bebf2eaf796ffeb
bfec3a41c07dce3fc50e5480932253a84c3ee53941aeb048a3471e7925c19158
d294d8ad8b6abeceabca3b89cc4917ddb333aacc36000b902fcef32e46f50684
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e7ed36ceee5450b4243bbc35188afabdfb4280c7c57597001de0ed167299b01b
f2e69463a942e5f474d7d84659b2373b19db4172e0006a4eff974de3edbda6ff
f6d82f567d08ec91a1b6ef0d4abf21be7a2d3dbc0a41c122584ea3536755b3ac
fd1c653f692d50569060b2c809d5f499c27360d93ea4a11974be7c76af98147a
fe18dabdc82ab48d38f2187ea3259fed6529647433cb6ad9c24ce852a2df29ef
fe85cceb474303eb80a5ca9a60b16d92208a8e0b38647647654b0c42447b51f7