urlscan.io logo urlscan.io
SecurityTrails logo

nizarstream.xyz Open in urlscan Pro
185.113.8.204  Public Scan

Go To Rescan Add Verdict Report
Submitted URL: http://nizarstream.xyz/
Effective URL: https://nizarstream.xyz/
Submission: On June 24 via manual from IN — Scanned from NL
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 18 IPs in 5 countries across 16 domains to perform 41 HTTP transactions. The main IP is 185.113.8.204, located in Almere Stad, Netherlands and belongs to ALEXHOST, MD. The main domain is nizarstream.xyz.
TLS certificate: Issued by R3 on May 11th 2024. Valid for: 3 months.
This is the only time nizarstream.xyz was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
14 185.113.8.204 200019 (ALEXHOST)
1 104.17.24.14 13335 (CLOUDFLAR...)
2 104.18.10.207 13335 (CLOUDFLAR...)
1 2a00:1450:400... 15169 (GOOGLE)
3 2a04:4e42:200... 54113 (FASTLY)
3 172.240.108.84 7979 (SERVERS-COM)
2 2a00:1450:400... 15169 (GOOGLE)
1 172.67.71.57 13335 (CLOUDFLAR...)
4 139.45.197.244 9002 (RETN-AS)
1 172.67.8.141 13335 (CLOUDFLAR...)
2 2a00:1450:400... 15169 (GOOGLE)
1 139.45.195.8 9002 (RETN-AS)
1 2001:4860:480... 15169 (GOOGLE)
1 172.67.193.52 13335 (CLOUDFLAR...)
2 2606:4700:10:... 13335 (CLOUDFLAR...)
1 139.45.195.254 9002 (RETN-AS)
1 2a00:1450:400... ()
41 18
14    185.113.8.204 (Almere Stad, Netherlands)

ASN200019 (ALEXHOST, MD)
PTR: nizarstream.com
nizarstream.xyz
nizarstream.com
1    104.17.24.14 (None, )

ASN13335 (CLOUDFLARENET, US)
cdnjs.cloudflare.com
2    104.18.10.207 (None, )

ASN13335 (CLOUDFLARENET, US)
maxcdn.bootstrapcdn.com
1    2a00:1450:4001:82b::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
ajax.googleapis.com
3    2a04:4e42:200::485 (United States)

ASN54113 (FASTLY, US)
cdn.jsdelivr.net
3    172.240.108.84 (United States)

ASN7979 (SERVERS-COM, US)
kindnessmarshalping.com
2    2a00:1450:4001:80f::2008 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.googletagmanager.com
1    172.67.71.57 (United States)

ASN13335 (CLOUDFLARENET, US)
waust.at
4    139.45.197.244 (United Kingdom)

ASN9002 (RETN-AS, GB)
ofleafeona.com
1    172.67.8.141 (United States)

ASN13335 (CLOUDFLARENET, US)
whos.amung.us
2    2a00:1450:4001:80e::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.google-analytics.com
1    139.45.195.8 (United Kingdom)

ASN9002 (RETN-AS, GB)
my.rtmark.net
1    2001:4860:4802:32::36 (United States)

ASN15169 (GOOGLE, US)
region1.google-analytics.com
1    172.67.193.52 (United States)

ASN13335 (CLOUDFLARENET, US)
tzegilo.com
2    2606:4700:10::6816:20ac (United States)

ASN13335 (CLOUDFLARENET, US)
offerimage.com
1    139.45.195.254 (United Kingdom)

ASN9002 (RETN-AS, GB)
fleraprt.com
1    2a00:1450:4001:80f::200a (None, )

ASN- ()
fonts.googleapis.com
Apex Domain
Subdomains		 Transfer
13 nizarstream.xyz
nizarstream.xyz
45 KB
4 ofleafeona.com
ofleafeona.com — Cisco Umbrella Rank: 238631
36 KB
3 google-analytics.com
www.google-analytics.com — Cisco Umbrella Rank: 71
region1.google-analytics.com — Cisco Umbrella Rank: 2355
21 KB
3 kindnessmarshalping.com
kindnessmarshalping.com
3 jsdelivr.net
cdn.jsdelivr.net — Cisco Umbrella Rank: 381
146 KB
2 offerimage.com
offerimage.com — Cisco Umbrella Rank: 28139
26 KB
2 googletagmanager.com
www.googletagmanager.com — Cisco Umbrella Rank: 81
166 KB
2 googleapis.com
ajax.googleapis.com — Cisco Umbrella Rank: 469
fonts.googleapis.com
32 KB
2 bootstrapcdn.com
maxcdn.bootstrapcdn.com — Cisco Umbrella Rank: 1286
36 KB
1 nizarstream.com
nizarstream.com
39 KB
1 fleraprt.com
fleraprt.com — Cisco Umbrella Rank: 16791
485 B
1 tzegilo.com
tzegilo.com — Cisco Umbrella Rank: 17855
8 KB
1 rtmark.net
my.rtmark.net — Cisco Umbrella Rank: 8833
545 B
1 amung.us
whos.amung.us — Cisco Umbrella Rank: 14606
213 B
1 waust.at
waust.at — Cisco Umbrella Rank: 38646
4 KB
1 cloudflare.com
cdnjs.cloudflare.com — Cisco Umbrella Rank: 268
2 KB
41 16
Domain Requested by
13 nizarstream.xyz nizarstream.xyz
4 ofleafeona.com nizarstream.xyz
ofleafeona.com
3 kindnessmarshalping.com nizarstream.xyz
3 cdn.jsdelivr.net nizarstream.xyz
2 offerimage.com nizarstream.xyz
2 www.google-analytics.com www.googletagmanager.com
www.google-analytics.com
2 www.googletagmanager.com nizarstream.xyz
www.googletagmanager.com
2 maxcdn.bootstrapcdn.com nizarstream.xyz
1 fonts.googleapis.com ofleafeona.com
1 nizarstream.com
1 fleraprt.com tzegilo.com
1 tzegilo.com ofleafeona.com
1 region1.google-analytics.com www.googletagmanager.com
1 my.rtmark.net ofleafeona.com
1 whos.amung.us waust.at
1 waust.at nizarstream.xyz
1 ajax.googleapis.com nizarstream.xyz
1 cdnjs.cloudflare.com nizarstream.xyz
41 18

This site contains links to these domains. Also see Links.

Domain
watch.footybite.com
soccerlive.app
www.nbabite.com
www.nflbite.com
mlbbite.net
Subject Issuer Validity Valid
nizarstream.xyz
R3		 2024-05-11 -
2024-08-09		 3 months crt.sh
cdnjs.cloudflare.com
E1		 2024-06-02 -
2024-08-31		 3 months crt.sh
bootstrapcdn.com
GTS CA 1P5		 2024-05-25 -
2024-08-23		 3 months crt.sh
upload.video.google.com
WR2		 2024-06-03 -
2024-08-26		 3 months crt.sh
jsdelivr.net
GlobalSign Atlas R3 DV TLS CA 2023 Q3		 2023-09-27 -
2024-10-28		 a year crt.sh
kindnessmarshalping.com
R10		 2024-06-11 -
2024-09-09		 3 months crt.sh
*.google-analytics.com
WR2		 2024-06-03 -
2024-08-26		 3 months crt.sh
waust.at
GTS CA 1P5		 2024-05-04 -
2024-08-02		 3 months crt.sh
ofleafeona.com
R3		 2024-04-30 -
2024-07-29		 3 months crt.sh
amung.us
GTS CA 1P5		 2024-05-09 -
2024-08-07		 3 months crt.sh
rtmark.net
R3		 2024-05-11 -
2024-08-09		 3 months crt.sh
tzegilo.com
GTS CA 1P5		 2024-05-28 -
2024-08-26		 3 months crt.sh
offerimage.com
GTS CA 1P5		 2024-06-03 -
2024-09-01		 3 months crt.sh
fleraprt.com
Sectigo RSA Domain Validation Secure Server CA		 2024-01-09 -
2025-01-13		 a year crt.sh
nizarstream.com
R3		 2024-05-16 -
2024-08-14		 3 months crt.sh

This page contains 2 frames:

Primary Page: https://nizarstream.xyz/
Frame ID: C3135C22875CD789DD41179D0447E7C0
Requests: 39 HTTP requests in this frame

Frame: https://fonts.googleapis.com/css2?family=Roboto:wght@100;300;400;500;700
Frame ID: F59C4D59CE5BF88975CEC7138EA06978
Requests: 2 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page Title

Nizar Stream

Page URL History Show full URLs

  1. http://nizarstream.xyz/ HTTP 307
    https://nizarstream.xyz/ Page URL

Detected technologies

Overall confidence: 100%
Detected patterns
  • <link[^>]* href=[^>]*?bootstrap(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)[^>]*?(?:\.min)?\.css
  • bootstrap(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)[^>]*?(?:\.min)?\.js
Overall confidence: 100%
Detected patterns
  • google-analytics\.com/(?:ga|urchin|analytics)\.js
Overall confidence: 100%
Detected patterns
  • googletagmanager\.com/gtag/js
Overall confidence: 100%
Detected patterns
  • /([\d.]+)/jquery(?:\.min)?\.js
  • jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?
Overall confidence: 100%
Detected patterns
  • //cdn\.jsdelivr\.net/

Page Statistics

41
Requests

100 %
HTTPS

41 %
IPv6

16
Domains

18
Subdomains

18
IPs

5
Countries

561 kB
Transfer

1749 kB
Size

6
Cookies

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

  1. http://nizarstream.xyz/ HTTP 307
    https://nizarstream.xyz/ Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

41 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
Primary Request /
nizarstream.xyz/
Redirect Chain
  • http://nizarstream.xyz/
  • https://nizarstream.xyz/
19 KB
3 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://nizarstream.xyz/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
185.113.8.204 Almere Stad, Netherlands, ASN200019 (ALEXHOST, MD),
Reverse DNS
nizarstream.com
Software
Apache /
Resource Hash
4a966767b4065f7965d6a4b14288798a5477960e93cfb81e6dd14e9815de82ce

Request headers

Accept-Language
nl-NL,nl;q=0.9;q=0.9
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

content-encoding
gzip
content-length
3336
content-type
text/html; charset=UTF-8
date
Mon, 24 Jun 2024 11:23:50 GMT
server
Apache
vary
Accept-Encoding

Redirect headers

Location
https://nizarstream.xyz/
Non-Authoritative-Reason
HttpsUpgrades
flag-icon.min.css
cdnjs.cloudflare.com/ajax/libs/flag-icon-css/2.3.1/css/ 		33 KB
2 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://cdnjs.cloudflare.com/ajax/libs/flag-icon-css/2.3.1/css/flag-icon.min.css
Requested by
Host: nizarstream.xyz
URL: https://nizarstream.xyz/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.17.24.14 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
1108d9c16e258ebb7d76ca276f25feb22ea46f182455d7b8ed3cbd1507a19d48
Security Headers
Name Value
Strict-Transport-Security max-age=15780000
X-Content-Type-Options nosniff

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://nizarstream.xyz/
Accept-Language
nl-NL,nl;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Mon, 24 Jun 2024 11:23:50 GMT
content-encoding
br
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
strict-transport-security
max-age=15780000
age
892082
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
content-length
1437
last-modified
Mon, 04 May 2020 16:10:05 GMT
server
cloudflare
cf-cdnjs-via
cfworker/kv
etag
"5eb03e5d-82c9"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=QozGvsSlXF4tOU5x4l0FegLyhQu80ieqUtCSn7QDOfNU60lN%2BLmBsa1O3%2BnMY%2BH84%2FqZrm5tuSAlmJkNzCbVid4zVp8Kakt3wE6qv3siH0bcTFV5Sv02BU88VvWCsT54szDnW1ao"}],"group":"cf-nel","max_age":604800}
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
public, max-age=30672000
accept-ranges
bytes
timing-allow-origin
*
cf-ray
898c5917fdd61c78-AMS
expires
Sat, 14 Jun 2025 11:23:50 GMT
bootstrap.min.css
maxcdn.bootstrapcdn.com/bootstrap/3.3.7/css/ 		118 KB
24 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://maxcdn.bootstrapcdn.com/bootstrap/3.3.7/css/bootstrap.min.css
Requested by
Host: nizarstream.xyz
URL: https://nizarstream.xyz/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.18.10.207 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
f75e846cc83bd11432f4b1e21a45f31bc85283d11d372f7b19accd1bf6a2635c
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://nizarstream.xyz/
Accept-Language
nl-NL,nl;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Mon, 24 Jun 2024 11:23:50 GMT
content-encoding
gzip
x-content-type-options
nosniff
cf-cache-status
HIT
cdn-edgestorageid
1078
strict-transport-security
max-age=31536000; includeSubDomains; preload
age
8884251
cdn-cachedat
10/31/2023 18:59:36
cdn-pullzone
252412
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
last-modified
Mon, 25 Jan 2021 22:03:59 GMT
cdn-proxyver
1.04
cdn-requestpullcode
200
server
cloudflare
etag
W/"ec3bb52a00e176a7181d454dffaea219"
vary
Accept-Encoding
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cdn-cache
HIT
cdn-uid
b1941f61-b576-4f40-80de-5677acb38f74
cache-control
public, max-age=31919000
cdn-requestid
a99131ed71793c235969f4741b45dd0f
timing-allow-origin
*
cdn-requestcountrycode
DE
cdn-status
200
cf-ray
898c59180f46d0c9-AMS
cdn-requestpullsuccess
True
jquery.min.js
ajax.googleapis.com/ajax/libs/jquery/3.3.1/ 		85 KB
30 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://ajax.googleapis.com/ajax/libs/jquery/3.3.1/jquery.min.js
Requested by
Host: nizarstream.xyz
URL: https://nizarstream.xyz/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82b::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
160a426ff2894252cd7cebbdd6d6b7da8fcd319c65b70468f10b6690c45d02ef
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://nizarstream.xyz/
Accept-Language
nl-NL,nl;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Wed, 19 Jun 2024 12:47:23 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
426987
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/hosted-libraries-pushers
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
30399
x-xss-protection
0
last-modified
Tue, 03 Mar 2020 19:15:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="hosted-libraries-pushers"
vary
Accept-Encoding
report-to
{"group":"hosted-libraries-pushers","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/hosted-libraries-pushers"}]}
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=31536000, stale-while-revalidate=2592000
accept-ranges
bytes
timing-allow-origin
*
expires
Thu, 19 Jun 2025 12:47:23 GMT
bootstrap.min.js
maxcdn.bootstrapcdn.com/bootstrap/3.3.7/js/ 		36 KB
12 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://maxcdn.bootstrapcdn.com/bootstrap/3.3.7/js/bootstrap.min.js
Requested by
Host: nizarstream.xyz
URL: https://nizarstream.xyz/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.18.10.207 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
53964478a7c634e8dad34ecc303dd8048d00dce4993906de1bacf67f663486ef
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://nizarstream.xyz/
Accept-Language
nl-NL,nl;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Mon, 24 Jun 2024 11:23:50 GMT
content-encoding
gzip
x-content-type-options
nosniff
cf-cache-status
HIT
cdn-edgestorageid
1053
strict-transport-security
max-age=31536000; includeSubDomains; preload
age
7995669
cdn-cachedat
10/31/2023 19:27:53
cdn-pullzone
252412
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
last-modified
Mon, 25 Jan 2021 22:04:00 GMT
cdn-proxyver
1.04
cdn-requestpullcode
200
server
cloudflare
etag
W/"5869c96cc8f19086aee625d670d741f9"
vary
Accept-Encoding
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
cdn-cache
HIT
cdn-uid
b1941f61-b576-4f40-80de-5677acb38f74
cache-control
public, max-age=31919000
cdn-requestid
1a04ea32b2f4b219188fda8349c8680c
timing-allow-origin
*
cdn-requestcountrycode
DE
cdn-status
200
cf-ray
898c5917ff39d0c9-AMS
cdn-requestpullsuccess
True
clappr.min.js
cdn.jsdelivr.net/clappr/latest/ 		517 KB
129 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.jsdelivr.net/clappr/latest/clappr.min.js
Requested by
Host: nizarstream.xyz
URL: https://nizarstream.xyz/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a04:4e42:200::485 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash
cbcf0e85e906f9e8caf296fc6fd0cb8fcfb69b31e9ac570d63bd837fcf743f6f
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://nizarstream.xyz/
Accept-Language
nl-NL,nl;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

strict-transport-security
max-age=31536000; includeSubDomains; preload
content-encoding
br
x-content-type-options
nosniff
date
Mon, 24 Jun 2024 11:23:50 GMT
age
2947707
x-cache
HIT, HIT
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443";ma=86400,h3-29=":443";ma=86400,h3-27=":443";ma=86400
content-length
131690
x-served-by
cache-fra-etou8220143-FRA, cache-bru1480073-BRU
etag
W/"8156e-D6xFiaxzMytsrOCcfMOmYtKY+qo"
vary
Accept-Encoding
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
access-control-expose-headers
*
cache-control
public, max-age=31536000, s-maxage=31536000, immutable
accept-ranges
bytes
timing-allow-origin
*
level-selector.min.js
cdn.jsdelivr.net/clappr.level-selector/latest/ 		9 KB
4 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.jsdelivr.net/clappr.level-selector/latest/level-selector.min.js
Requested by
Host: nizarstream.xyz
URL: https://nizarstream.xyz/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a04:4e42:200::485 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash
23a715a6d8a35921f8c02eab19a93b6c9c42271ecfccbde0005476959e2edff9
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://nizarstream.xyz/
Accept-Language
nl-NL,nl;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

strict-transport-security
max-age=31536000; includeSubDomains; preload
content-encoding
br
x-content-type-options
nosniff
date
Mon, 24 Jun 2024 11:23:50 GMT
age
464609
x-cache
HIT, HIT
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443";ma=86400,h3-29=":443";ma=86400,h3-27=":443";ma=86400
content-length
3219
x-served-by
cache-fra-eddf8230115-FRA, cache-bru1480073-BRU
etag
W/"2524-9Cxz5uiSAcz1rVE5FbtBguw6QQw"
vary
Accept-Encoding
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
access-control-expose-headers
*
cache-control
public, max-age=31536000, s-maxage=31536000, immutable
accept-ranges
bytes
timing-allow-origin
*
clappr-chromecast-plugin.js
cdn.jsdelivr.net/clappr.chromecast-plugin/latest/ 		67 KB
13 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.jsdelivr.net/clappr.chromecast-plugin/latest/clappr-chromecast-plugin.js
Requested by
Host: nizarstream.xyz
URL: https://nizarstream.xyz/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a04:4e42:200::485 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash
37b98c3868451a3523a6f2a2ff240159431ce81bc8a1ab3ae3099ae7f4024b97
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://nizarstream.xyz/
Accept-Language
nl-NL,nl;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

strict-transport-security
max-age=31536000; includeSubDomains; preload
content-encoding
br
x-content-type-options
nosniff
date
Mon, 24 Jun 2024 11:23:50 GMT
age
1051623
x-cache
HIT, HIT
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443";ma=86400,h3-29=":443";ma=86400,h3-27=":443";ma=86400
content-length
13442
x-served-by
cache-fra-etou8220070-FRA, cache-bru1480073-BRU
etag
W/"10d03-RHmlaMw21gVFkX7fZK8TTUNDrd8"
vary
Accept-Encoding
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
access-control-expose-headers
*
cache-control
public, max-age=31536000, s-maxage=31536000, immutable
accept-ranges
bytes
timing-allow-origin
*
main.css
nizarstream.xyz/css/ 		946 B
546 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://nizarstream.xyz/css/main.css
Requested by
Host: nizarstream.xyz
URL: https://nizarstream.xyz/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
185.113.8.204 Almere Stad, Netherlands, ASN200019 (ALEXHOST, MD),
Reverse DNS
nizarstream.com
Software
Apache /
Resource Hash
f0eb040c93ef2eb3f33388082051f49f99145a5a7de33015268a7d1a833958ed

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://nizarstream.xyz/
Accept-Language
nl-NL,nl;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Mon, 24 Jun 2024 11:23:50 GMT
content-encoding
gzip
last-modified
Sun, 26 Nov 2023 23:02:11 GMT
server
Apache
etag
"3b2-60b162cea42c0-gzip"
vary
Accept-Encoding
content-type
text/css
accept-ranges
bytes
content-length
458
reset.css
nizarstream.xyz/css/ 		1 KB
718 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://nizarstream.xyz/css/reset.css
Requested by
Host: nizarstream.xyz
URL: https://nizarstream.xyz/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
185.113.8.204 Almere Stad, Netherlands, ASN200019 (ALEXHOST, MD),
Reverse DNS
nizarstream.com
Software
Apache /
Resource Hash
1e7e258b1d70704a67ece4e6e75daf2be5a0e6f84888d9f123e6193f45c3c39d

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://nizarstream.xyz/
Accept-Language
nl-NL,nl;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Mon, 24 Jun 2024 11:23:50 GMT
content-encoding
gzip
last-modified
Mon, 04 Sep 2023 02:50:20 GMT
server
Apache
etag
"494-6047f922c5300-gzip"
vary
Accept-Encoding
content-type
text/css
accept-ranges
bytes
content-length
641
list.css
nizarstream.xyz/css/ 		19 KB
3 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://nizarstream.xyz/css/list.css
Requested by
Host: nizarstream.xyz
URL: https://nizarstream.xyz/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
185.113.8.204 Almere Stad, Netherlands, ASN200019 (ALEXHOST, MD),
Reverse DNS
nizarstream.com
Software
Apache /
Resource Hash
a7fce36a4557fcda1d3496bc233cbd47934231b00ce6dc2f7660dcd3765cdece

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://nizarstream.xyz/
Accept-Language
nl-NL,nl;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Mon, 24 Jun 2024 11:23:50 GMT
content-encoding
gzip
last-modified
Mon, 04 Sep 2023 02:50:20 GMT
server
Apache
etag
"4b5e-6047f922c5300-gzip"
vary
Accept-Encoding
content-type
text/css
accept-ranges
bytes
content-length
2725
flags.css
nizarstream.xyz/css/ 		12 KB
2 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://nizarstream.xyz/css/flags.css
Requested by
Host: nizarstream.xyz
URL: https://nizarstream.xyz/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
185.113.8.204 Almere Stad, Netherlands, ASN200019 (ALEXHOST, MD),
Reverse DNS
nizarstream.com
Software
Apache /
Resource Hash
120545b715843a9d4703e9d2c49adbb9a5f7cffadeb40acd7464895f7fefb7d7

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://nizarstream.xyz/
Accept-Language
nl-NL,nl;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Mon, 24 Jun 2024 11:23:50 GMT
content-encoding
gzip
last-modified
Mon, 04 Sep 2023 02:50:20 GMT
server
Apache
etag
"2f2e-6047f922c5300-gzip"
vary
Accept-Encoding
content-type
text/css
accept-ranges
bytes
content-length
1851
jquery.min.js
nizarstream.xyz/js/ 		91 KB
32 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://nizarstream.xyz/js/jquery.min.js
Requested by
Host: nizarstream.xyz
URL: https://nizarstream.xyz/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
185.113.8.204 Almere Stad, Netherlands, ASN200019 (ALEXHOST, MD),
Reverse DNS
nizarstream.com
Software
Apache /
Resource Hash
fa411409e767595b83bf12f7204d69a856031ec9466998358316f6cbbfedd8a6

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://nizarstream.xyz/
Accept-Language
nl-NL,nl;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Mon, 24 Jun 2024 11:23:50 GMT
content-encoding
gzip
last-modified
Mon, 04 Sep 2023 02:50:20 GMT
server
Apache
etag
"16bb0-6047f922c5300-gzip"
vary
Accept-Encoding
content-type
text/javascript
accept-ranges
bytes
content-length
32808
invoke.js
kindnessmarshalping.com/627bb8e8ef98a07042aaf5d06c21d935/ 		0
0 		Script
General
Check archive.org
Download Go to
Full URL
https://kindnessmarshalping.com/627bb8e8ef98a07042aaf5d06c21d935/invoke.js
Requested by
Host: nizarstream.xyz
URL: https://nizarstream.xyz/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
172.240.108.84 , United States, ASN7979 (SERVERS-COM, US),
Reverse DNS
Software
nginx/1.21.6 /
Resource Hash

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://nizarstream.xyz/
Accept-Language
nl-NL,nl;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

Date
Mon, 24 Jun 2024 11:23:51 GMT
Server
nginx/1.21.6
Accept-CH
Device-Stock-UA,Sec-CH-UA,Sec-CH-UA-Full-Version,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version,Sec-CH-UA-PlatformUser-Agent,User-Agent,X-Device-User-Agent,X-OperaMini-Phone-UA,X-UCBrowser-Device-UA
P3P
CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
Access-Control-Allow-Origin
*
Content-Type
application/javascript
Connection
keep-alive
Content-Length
0
invoke.js
kindnessmarshalping.com/b38f9f09558b88a0eb542a21e28cf134/ 		0
0 		Script
General
Check archive.org
Download Go to
Full URL
https://kindnessmarshalping.com/b38f9f09558b88a0eb542a21e28cf134/invoke.js
Requested by
Host: nizarstream.xyz
URL: https://nizarstream.xyz/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
172.240.108.84 , United States, ASN7979 (SERVERS-COM, US),
Reverse DNS
Software
nginx/1.21.6 /
Resource Hash

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://nizarstream.xyz/
Accept-Language
nl-NL,nl;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

Date
Mon, 24 Jun 2024 11:23:51 GMT
Server
nginx/1.21.6
Accept-CH
Device-Stock-UA,Sec-CH-UA,Sec-CH-UA-Full-Version,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version,Sec-CH-UA-PlatformUser-Agent,User-Agent,X-Device-User-Agent,X-OperaMini-Phone-UA,X-UCBrowser-Device-UA
P3P
CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
Access-Control-Allow-Origin
*
Content-Type
application/javascript
Connection
keep-alive
Content-Length
0
football.png
nizarstream.xyz/ 		4 KB
4 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://nizarstream.xyz/football.png
Requested by
Host: nizarstream.xyz
URL: https://nizarstream.xyz/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
185.113.8.204 Almere Stad, Netherlands, ASN200019 (ALEXHOST, MD),
Reverse DNS
nizarstream.com
Software
Apache /
Resource Hash
4a4a65309cb37cc74b304bdeece0b710e5fa162063bab7a7e2e2e3730d6e68f0

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://nizarstream.xyz/
Accept-Language
nl-NL,nl;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Mon, 24 Jun 2024 11:23:50 GMT
last-modified
Mon, 04 Sep 2023 02:50:20 GMT
server
Apache
accept-ranges
bytes
etag
"e27-6047f922c5300"
content-length
3623
content-type
image/png
js
www.googletagmanager.com/gtag/ 		198 KB
72 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagmanager.com/gtag/js?id=UA-176080661-1
Requested by
Host: nizarstream.xyz
URL: https://nizarstream.xyz/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:80f::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
9254795ad350379efdfc9056e13ee41f6b963a6b8100df219cc7718932915eb4
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://nizarstream.xyz/
Accept-Language
nl-NL,nl;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Mon, 24 Jun 2024 11:23:50 GMT
content-encoding
br
strict-transport-security
max-age=31536000; includeSubDomains
server
Google Tag Manager
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
access-control-allow-headers
Cache-Control
content-length
73593
x-xss-protection
0
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires
Mon, 24 Jun 2024 11:23:50 GMT
s.js
waust.at/ 		8 KB
4 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://waust.at/s.js
Requested by
Host: nizarstream.xyz
URL: https://nizarstream.xyz/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.67.71.57 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
2052a227c361a7e99ea70f5bdcf54cd9e6c6b493dd4d20b73b376d94ce0dc0d1

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://nizarstream.xyz/
Accept-Language
nl-NL,nl;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Mon, 24 Jun 2024 11:23:50 GMT
content-encoding
gzip
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
2911
alt-svc
h3=":443"; ma=86400
last-modified
Thu, 12 Jan 2023 17:19:44 GMT
server
cloudflare
etag
W/"63c04130-2170"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=NDAnNUHEkMkmxT%2FLYHPv5aXaySLea2yNEQFTDBbEueF2oIsPyRQtDG6W6W7PEBbkBxaAoTehWjbTcNnsIfwIjH73kHF4xso2wvJqz4DFR0AQLY2kWBYh%2F3Cr"}],"group":"cf-nel","max_age":604800}
content-type
application/x-javascript
access-control-allow-origin
*
cache-control
max-age=86400
cf-ray
898c59198dcfb98f-AMS
expires
Tue, 25 Jun 2024 10:35:19 GMT
invoke.js
kindnessmarshalping.com/b38f9f09558b88a0eb542a21e28cf134/ 		0
0 		Script
General
Check archive.org
Download Go to
Full URL
https://kindnessmarshalping.com/b38f9f09558b88a0eb542a21e28cf134/invoke.js
Requested by
Host: nizarstream.xyz
URL: https://nizarstream.xyz/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
172.240.108.84 , United States, ASN7979 (SERVERS-COM, US),
Reverse DNS
Software
nginx/1.21.6 /
Resource Hash

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://nizarstream.xyz/
Accept-Language
nl-NL,nl;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

Date
Mon, 24 Jun 2024 11:23:51 GMT
Server
nginx/1.21.6
Accept-CH
Device-Stock-UA,Sec-CH-UA,Sec-CH-UA-Full-Version,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version,Sec-CH-UA-PlatformUser-Agent,User-Agent,X-Device-User-Agent,X-OperaMini-Phone-UA,X-UCBrowser-Device-UA
P3P
CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
Access-Control-Allow-Origin
*
Content-Type
application/javascript
Connection
keep-alive
Content-Length
0
Mark%20Simonson%20-%20Proxima%20Nova%20Alt%20Regular-webfont.woff2
nizarstream.xyz/fonts/ 		0
0 		Font
General
Check archive.org
Download Go to
Full URL
https://nizarstream.xyz/fonts/Mark%20Simonson%20-%20Proxima%20Nova%20Alt%20Regular-webfont.woff2
Requested by
Host: nizarstream.xyz
URL: https://nizarstream.xyz/css/list.css
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
185.113.8.204 Almere Stad, Netherlands, ASN200019 (ALEXHOST, MD),
Reverse DNS
nizarstream.com
Software
Apache /
Resource Hash

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://nizarstream.xyz/css/list.css
Origin
https://nizarstream.xyz
Accept-Language
nl-NL,nl;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Mon, 24 Jun 2024 11:23:51 GMT
server
Apache
content-length
381
content-type
text/html; charset=iso-8859-1
Mark%20Simonson%20-%20Proxima%20Nova%20Semibold-webfont.woff2
nizarstream.xyz/fonts/ 		0
0 		Font
General
Check archive.org
Download Go to
Full URL
https://nizarstream.xyz/fonts/Mark%20Simonson%20-%20Proxima%20Nova%20Semibold-webfont.woff2
Requested by
Host: nizarstream.xyz
URL: https://nizarstream.xyz/css/list.css
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
185.113.8.204 Almere Stad, Netherlands, ASN200019 (ALEXHOST, MD),
Reverse DNS
nizarstream.com
Software
Apache /
Resource Hash

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://nizarstream.xyz/css/list.css
Origin
https://nizarstream.xyz
Accept-Language
nl-NL,nl;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Mon, 24 Jun 2024 11:23:51 GMT
server
Apache
content-length
381
content-type
text/html; charset=iso-8859-1
Mark%20Simonson%20-%20Proxima%20Nova%20Semibold-webfont.woff
nizarstream.xyz/fonts/ 		0
0 		Font
General
Check archive.org
Download Go to
Full URL
https://nizarstream.xyz/fonts/Mark%20Simonson%20-%20Proxima%20Nova%20Semibold-webfont.woff
Requested by
Host: nizarstream.xyz
URL: https://nizarstream.xyz/css/list.css
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
185.113.8.204 Almere Stad, Netherlands, ASN200019 (ALEXHOST, MD),
Reverse DNS
nizarstream.com
Software
Apache /
Resource Hash

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://nizarstream.xyz/css/list.css
Origin
https://nizarstream.xyz
Accept-Language
nl-NL,nl;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Mon, 24 Jun 2024 11:23:51 GMT
server
Apache
content-length
381
content-type
text/html; charset=iso-8859-1
Mark%20Simonson%20-%20Proxima%20Nova%20Alt%20Regular-webfont.woff
nizarstream.xyz/fonts/ 		0
0 		Font
General
Check archive.org
Download Go to
Full URL
https://nizarstream.xyz/fonts/Mark%20Simonson%20-%20Proxima%20Nova%20Alt%20Regular-webfont.woff
Requested by
Host: nizarstream.xyz
URL: https://nizarstream.xyz/css/list.css
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
185.113.8.204 Almere Stad, Netherlands, ASN200019 (ALEXHOST, MD),
Reverse DNS
nizarstream.com
Software
Apache /
Resource Hash

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://nizarstream.xyz/css/list.css
Origin
https://nizarstream.xyz
Accept-Language
nl-NL,nl;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Mon, 24 Jun 2024 11:23:51 GMT
server
Apache
content-length
381
content-type
text/html; charset=iso-8859-1
Mark%20Simonson%20-%20Proxima%20Nova%20Alt%20Regular-webfont.ttf
nizarstream.xyz/fonts/ 		0
0 		Font
General
Check archive.org
Download Go to
Full URL
https://nizarstream.xyz/fonts/Mark%20Simonson%20-%20Proxima%20Nova%20Alt%20Regular-webfont.ttf
Requested by
Host: nizarstream.xyz
URL: https://nizarstream.xyz/css/list.css
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
185.113.8.204 Almere Stad, Netherlands, ASN200019 (ALEXHOST, MD),
Reverse DNS
nizarstream.com
Software
Apache /
Resource Hash

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://nizarstream.xyz/css/list.css
Origin
https://nizarstream.xyz
Accept-Language
nl-NL,nl;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Mon, 24 Jun 2024 11:23:51 GMT
server
Apache
content-length
381
content-type
text/html; charset=iso-8859-1
Mark%20Simonson%20-%20Proxima%20Nova%20Semibold-webfont.ttf
nizarstream.xyz/fonts/ 		0
0 		Font
General
Check archive.org
Download Go to
Full URL
https://nizarstream.xyz/fonts/Mark%20Simonson%20-%20Proxima%20Nova%20Semibold-webfont.ttf
Requested by
Host: nizarstream.xyz
URL: https://nizarstream.xyz/css/list.css
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
185.113.8.204 Almere Stad, Netherlands, ASN200019 (ALEXHOST, MD),
Reverse DNS
nizarstream.com
Software
Apache /
Resource Hash

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://nizarstream.xyz/css/list.css
Origin
https://nizarstream.xyz
Accept-Language
nl-NL,nl;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Mon, 24 Jun 2024 11:23:51 GMT
server
Apache
content-length
381
content-type
text/html; charset=iso-8859-1
7093851
ofleafeona.com/401/ 		87 KB
34 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://ofleafeona.com/401/7093851
Requested by
Host: nizarstream.xyz
URL: https://nizarstream.xyz/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
139.45.197.244 , United Kingdom, ASN9002 (RETN-AS, GB),
Reverse DNS
Software
nginx /
Resource Hash
dfdfe490901d257c4c7c07a2f33523c83a60ab1f0c891f57baa27a565f653ea7
Security Headers
Name Value
Strict-Transport-Security max-age=1
X-Content-Type-Options nosniff

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://nizarstream.xyz/
Accept-Language
nl-NL,nl;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Mon, 24 Jun 2024 11:23:51 GMT
strict-transport-security
max-age=1
x-content-type-options
nosniff
content-encoding
gzip
x-trace-id
d5f1aea772fc4c930ae51c5dbd92d553
pragma
no-cache
server
nginx
accept-ch
Sec-CH-UA, Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Mobile, Sec-CH-UA-Model
vary
Origin
content-type
application/javascript
access-control-allow-origin
*
access-control-expose-headers
Link
cache-control
no-cache, no-store, no-transform, must-revalidate, private, max-age=0
access-control-allow-credentials
true
timing-allow-origin
*, *
expires
Tue, 11 Jan 1994 10:00:00 GMT
/
whos.amung.us/pingjs/ 		28 B
213 B 		Script
General
Check archive.org
Download Go to
Full URL
https://whos.amung.us/pingjs/?k=i4ripbuzdd&t=Nizar%20Stream&c=s&x=https%3A%2F%2Fnizarstream.xyz%2F&y=&a=0&d=1.157&v=27&r=4007
Requested by
Host: waust.at
URL: https://waust.at/s.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.67.8.141 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
914d6178f4a53bfbc3b45c5babeb96f8ca6969f51677b8b1cd9a2f98cec4a56e

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://nizarstream.xyz/
Accept-Language
nl-NL,nl;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Mon, 24 Jun 2024 11:23:52 GMT
content-encoding
gzip
cf-cache-status
DYNAMIC
server
cloudflare
cf-ray
898c59220a959fd8-AMS
alt-svc
h3=":443"; ma=86400
content-type
text/javascript;charset=UTF-8
js
www.googletagmanager.com/gtag/ 		270 KB
94 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagmanager.com/gtag/js?id=G-L8FZ1M8TLB&l=dataLayer&cx=c
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=UA-176080661-1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:80f::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
d2df8cdcef55ca9fc8b1d59a95197005437e54a6a12351ad9b52273304a5a916
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://nizarstream.xyz/
Accept-Language
nl-NL,nl;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Mon, 24 Jun 2024 11:23:51 GMT
content-encoding
br
strict-transport-security
max-age=31536000; includeSubDomains
server
Google Tag Manager
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
access-control-allow-headers
Cache-Control
content-length
95986
x-xss-protection
0
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires
Mon, 24 Jun 2024 11:23:51 GMT
analytics.js
www.google-analytics.com/ 		52 KB
21 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.google-analytics.com/analytics.js
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=UA-176080661-1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:80e::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
de36e50194320a7d3ef1ace9bd34a875a8bd458b253c061979dd628e9bf49afd
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://nizarstream.xyz/
Accept-Language
nl-NL,nl;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

strict-transport-security
max-age=31536000; includeSubDomains; preload
content-encoding
gzip
x-content-type-options
nosniff
date
Mon, 24 Jun 2024 09:41:03 GMT
last-modified
Tue, 12 Dec 2023 18:09:08 GMT
server
Golfe2
age
6169
vary
Accept-Encoding
content-type
text/javascript
cache-control
public, max-age=7200
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
20994
expires
Mon, 24 Jun 2024 11:41:03 GMT
gid.js
my.rtmark.net/ 		65 B
545 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://my.rtmark.net/gid.js
Requested by
Host: ofleafeona.com
URL: https://ofleafeona.com/401/7093851
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
139.45.195.8 , United Kingdom, ASN9002 (RETN-AS, GB),
Reverse DNS
Software
nginx /
Resource Hash
84380fde62ec6cd5427aeb3aab8f9f11d7efee197418a834ad26f1a8524b93dc
Security Headers
Name Value
Strict-Transport-Security max-age=1
X-Content-Type-Options nosniff

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://nizarstream.xyz/
Accept-Language
nl-NL,nl;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Mon, 24 Jun 2024 11:23:52 GMT
strict-transport-security
max-age=1
x-content-type-options
nosniff
server
nginx
access-control-allow-methods
POST, GET, OPTIONS, PUT, DELETE
content-type
application/json; charset=utf-8
access-control-allow-origin
https://nizarstream.xyz
access-control-expose-headers
Authorization
access-control-allow-credentials
true
timing-allow-origin
*, *
access-control-allow-headers
Accept, Content-Type, Content-Length, Accept-Encoding, Authorization,X-CSRF-Token
content-length
65
collect
region1.google-analytics.com/g/ 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://region1.google-analytics.com/g/collect?v=2&tid=G-L8FZ1M8TLB&gtm=45je46j0v869163772za200&_p=1719228231215&gcd=13l3l3l2l1&npa=1&dma_cps=sypham&dma=1&tag_exp=0&cid=2134592246.1719228232&ul=nl-nl&sr=1600x1200&uaa=x86&uab=64&uafvl=Not%252FA)Brand%3B8.0.0.0%7CChromium%3B126.0.6478.114%7CGoogle%2520Chrome%3B126.0.6478.114&uamb=0&uam=&uap=Win32&uapv=10.0.0&uaw=0&are=1&frm=0&pscdl=noapi&_eu=AAAI&_s=1&sid=1719228232&sct=1&seg=0&dl=https%3A%2F%2Fnizarstream.xyz%2F&dt=Nizar%20Stream&en=page_view&_fv=1&_nsi=1&_ss=1&tfd=1948&_z=fetch
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-L8FZ1M8TLB&l=dataLayer&cx=c
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2001:4860:4802:32::36 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://nizarstream.xyz/
Accept-Language
nl-NL,nl;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

pragma
no-cache
date
Mon, 24 Jun 2024 11:23:52 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://nizarstream.xyz
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
7093851
ofleafeona.com/500/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://ofleafeona.com/500/7093851?excludes=&oaid=0800858dbddb434af847dd02e246a4a8&fs=0&cf=0&sw=1600&sh=1200&sah=1200&wx=160&wy=160&ww=1600&wh=1200&cw=1600&wiw=1600&wih=1200&wfc=0&pl=https%3A%2F%2Fnizarstream.xyz%2F&drf=&np=1&pt=0&nb=1&ng=1&ix=0&nw=1&tb=false&tzofs=120&btz=Europe%2FAmsterdam&bto=-120&os=win32&os_version=10.0.0&is_mobile=false&browser_version=126.0.6478.114&js_build=8&sw_version=v1.349.1
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
139.45.197.244 , United Kingdom, ASN9002 (RETN-AS, GB),
Reverse DNS
Software
nginx /
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=1
X-Content-Type-Options nosniff

Request headers

Accept
*/*
Access-Control-Request-Headers
content-type
Access-Control-Request-Method
GET
Origin
https://nizarstream.xyz
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

accept-ch
Sec-CH-UA, Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Mobile, Sec-CH-UA-Model
access-control-allow-credentials
true
access-control-allow-headers
Accept, Content-Type, Content-Length, Accept-Encoding, baggage, sentry-trace
access-control-allow-methods
GET, POST, OPTIONS
access-control-allow-origin
https://nizarstream.xyz
access-control-max-age
600
allow
GET, OPTIONS
content-length
0
date
Mon, 24 Jun 2024 11:23:52 GMT
server
nginx
strict-transport-security
max-age=1
timing-allow-origin
*
vary
Origin Access-Control-Request-Method Access-Control-Request-Headers
x-content-type-options
nosniff
stattag.js
tzegilo.com/ 		19 KB
8 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tzegilo.com/stattag.js
Requested by
Host: ofleafeona.com
URL: https://ofleafeona.com/401/7093851
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.67.193.52 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
b267db45ca3e86031685aaad2b03b8f39c4e0bd97959da2c7a88a0b326059b7b

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://nizarstream.xyz/
Accept-Language
nl-NL,nl;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Mon, 24 Jun 2024 11:23:52 GMT
content-encoding
zstd
cf-cache-status
HIT
last-modified
Thu, 23 May 2024 07:36:35 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
age
2977
etag
W/"664ef203-4b1f"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=n%2FnFUHqBHt4j8B1A2b8AFqDWtlmwDVm1bbTkv4Zf6LG5qvlsFE0Dydyi0Z94RMEAyWtHqvqJyQszypbhRS31iSZqtDqfbcY3KNM%2BjvHRVPQbIR8Ea%2F4ZTLH2YCRakQ%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript
cache-control
max-age=14400
cf-ray
898c59235a670e10-AMS
link
<https://flerap.com/>; rel=preconnect; crossorigin, <https://fleraprt.com/>; rel=preconnect; crossorigin
alt-svc
h3=":443"; ma=86400
7093851
ofleafeona.com/500/ 		2 KB
1 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://ofleafeona.com/500/7093851?excludes=&oaid=0800858dbddb434af847dd02e246a4a8&fs=0&cf=0&sw=1600&sh=1200&sah=1200&wx=160&wy=160&ww=1600&wh=1200&cw=1600&wiw=1600&wih=1200&wfc=0&pl=https%3A%2F%2Fnizarstream.xyz%2F&drf=&np=1&pt=0&nb=1&ng=1&ix=0&nw=1&tb=false&tzofs=120&btz=Europe%2FAmsterdam&bto=-120&os=win32&os_version=10.0.0&is_mobile=false&browser_version=126.0.6478.114&js_build=8&sw_version=v1.349.1
Requested by
Host: ofleafeona.com
URL: https://ofleafeona.com/401/7093851
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
139.45.197.244 , United Kingdom, ASN9002 (RETN-AS, GB),
Reverse DNS
Software
nginx /
Resource Hash
9132fddcebbfc591c1115d511ee35f829ec7b8141d2866c043e8207cf760de51
Security Headers
Name Value
Strict-Transport-Security max-age=1
X-Content-Type-Options nosniff

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
sec-ch-ua-platform
"Win32"
Referer
https://nizarstream.xyz/
Accept-Language
nl-NL,nl;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
Content-Type
application/json

Response headers

date
Mon, 24 Jun 2024 11:23:52 GMT
strict-transport-security
max-age=1
x-content-type-options
nosniff
content-encoding
gzip
x-trace-id
8cefa58eac11d062051c2e2dd1fce3d3
pragma
no-cache
server
nginx
accept-ch
Sec-CH-UA, Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Mobile, Sec-CH-UA-Model
vary
Origin
content-type
application/javascript
access-control-allow-origin
https://nizarstream.xyz
access-control-expose-headers
Link
cache-control
no-cache, no-store, no-transform, must-revalidate, private, max-age=0
access-control-allow-credentials
true
timing-allow-origin
*, *
expires
Tue, 11 Jan 1994 10:00:00 GMT
collect
www.google-analytics.com/j/ 		1 B
206 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://www.google-analytics.com/j/collect?v=1&_v=j101&a=1006980979&t=pageview&_s=1&dl=https%3A%2F%2Fnizarstream.xyz%2F&ul=nl-nl&de=UTF-8&dt=Nizar%20Stream&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=YADAAUABAAAAACAAI~&jid=1533174395&gjid=373783266&cid=2134592246.1719228232&tid=UA-176080661-1&_gid=1577607268.1719228232&_r=1&gtm=457e46j0za200&gcd=13l3l3l2l1&dma_cps=sypham&dma=1&tag_exp=0&jsscut=1&npa=1&z=360574699
Requested by
Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:80e::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
sec-ch-ua-platform
"Win32"
Referer
https://nizarstream.xyz/
Accept-Language
nl-NL,nl;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Mon, 24 Jun 2024 11:23:52 GMT
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://nizarstream.xyz
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
1
expires
Fri, 01 Jan 1990 00:00:00 GMT
truncated
/ 		439 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
f6d82f567d08ec91a1b6ef0d4abf21be7a2d3dbc0a41c122584ea3536755b3ac

Request headers

Accept-Language
nl-NL,nl;q=0.9;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

Content-Type
image/gif
7ae53f48399de6cca2c05f47aef553bf.png
offerimage.com/www/images/ 		26 KB
26 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://offerimage.com/www/images/7ae53f48399de6cca2c05f47aef553bf.png
Requested by
Host: nizarstream.xyz
URL: https://nizarstream.xyz/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::6816:20ac , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
1dd3f30f262af6e298b319d2ac385455a35b6be32b5fa64ee327a2f7075d21cf

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://nizarstream.xyz/
Accept-Language
nl-NL,nl;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Mon, 24 Jun 2024 11:23:52 GMT
cf-cache-status
HIT
last-modified
Sat, 22 Jun 2024 23:50:52 GMT
server
cloudflare
age
40983
etag
"6677635c-6894"
vary
Accept-Encoding
content-type
image/png
cache-control
max-age=86400
accept-ranges
bytes
timing-allow-origin
*
cf-ray
898c5923faee9f93-AMS
content-length
26772
expires
Tue, 25 Jun 2024 00:00:49 GMT
add
fleraprt.com/log/ 		12 B
485 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://fleraprt.com/log/add?cid=1db9169f-90f4-4b2d-b517-bc47aab19c1f&ruid=d313035a-5992-4bff-958e-0e52df86486c
Requested by
Host: tzegilo.com
URL: https://tzegilo.com/stattag.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
139.45.195.254 , United Kingdom, ASN9002 (RETN-AS, GB),
Reverse DNS
Software
nginx/1.19.10 /
Resource Hash
fe85cceb474303eb80a5ca9a60b16d92208a8e0b38647647654b0c42447b51f7

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
sec-ch-ua-platform
"Win32"
Referer
https://nizarstream.xyz/
Accept-Language
nl-NL,nl;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

Date
Mon, 24 Jun 2024 11:23:52 GMT
Server
nginx/1.19.10
Access-Control-Allow-Methods
POST, GET, OPTIONS, PUT, DELETE
Content-Type
application/json; charset=utf-8
Access-Control-Allow-Origin
https://nizarstream.xyz
Access-Control-Allow-Credentials
true
Connection
keep-alive
Access-Control-Allow-Headers
Accept, Content-Type, Content-Length, Accept-Encoding, X-CSRF-Token, Authorization, X-Forwarded-For, If-None-Match
Content-Length
12
iconnizar.jpg
nizarstream.com/ 		39 KB
39 KB 		Other
General
Check archive.org
Download Go to
Full URL
https://nizarstream.com/iconnizar.jpg
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
185.113.8.204 Almere Stad, Netherlands, ASN200019 (ALEXHOST, MD),
Reverse DNS
nizarstream.com
Software
Apache /
Resource Hash
f2e69463a942e5f474d7d84659b2373b19db4172e0006a4eff974de3edbda6ff

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://nizarstream.xyz/
Accept-Language
nl-NL,nl;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Mon, 24 Jun 2024 11:23:52 GMT
last-modified
Thu, 27 Jan 2022 01:22:21 GMT
server
Apache
accept-ranges
bytes
etag
"9a9e-5d686265acd40"
content-length
39582
content-type
image/jpeg
8CsG81P2LifVjTP9YINb3rgKjBj9y2t3m3QY_dvKbUHcMnXl1lHKVAwuEQN5qTFwBBkX_OQ6bL7oWM6g-h-1d4ktlLPgPzo2fv0vuLxpcud4r5HmtK_KUQHEkhOa0o_i4_j08WdZZCmumCIxA435M_phDEhIEM53Iyb4xkPTNWpti3d8kk5yt4PehqyS0IVyzbVfO...
ofleafeona.com/impression/ 		43 B
531 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ofleafeona.com/impression/8CsG81P2LifVjTP9YINb3rgKjBj9y2t3m3QY_dvKbUHcMnXl1lHKVAwuEQN5qTFwBBkX_OQ6bL7oWM6g-h-1d4ktlLPgPzo2fv0vuLxpcud4r5HmtK_KUQHEkhOa0o_i4_j08WdZZCmumCIxA435M_phDEhIEM53Iyb4xkPTNWpti3d8kk5yt4PehqyS0IVyzbVfOgtqKp-l6E1pkDHlitYL6HgNuwRbfZx7sJjv1rP88mr0WCmjkxg_K6gkTCMc_fVF6Nq2vOydQL5VLtX2H_5ZVhEtzFiGibdd7Hp9b3HqNF73U_YzgBvw7z47fnXFFSBknDaH7c82VzC8MVrEuwwXUS1qdakGtKVZ7DT9LXmtukHQ55U6mhoQSyq3AVRy?_z=7093851&fs=0&cf=0&sw=1600&sh=1200&sah=1200&wx=160&wy=160&ww=1600&wh=1200&cw=1600&wiw=1600&wih=1200&wfc=0&pl=https%3A%2F%2Fnizarstream.xyz%2F&drf=&np=1&pt=0&nb=1&ng=1&ix=0&nw=1&tb=false&tzofs=120&btz=Europe%2FAmsterdam&bto=-120&os=win32&os_version=10.0.0&is_mobile=false&browser_version=126.0.6478.114&js_build=8&sw_version=v1.349.1
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
139.45.197.244 , United Kingdom, ASN9002 (RETN-AS, GB),
Reverse DNS
Software
nginx /
Resource Hash
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49
Security Headers
Name Value
Strict-Transport-Security max-age=1
X-Content-Type-Options nosniff

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://nizarstream.xyz/
Accept-Language
nl-NL,nl;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Mon, 24 Jun 2024 11:23:56 GMT
strict-transport-security
max-age=1
x-content-type-options
nosniff
content-length
43
x-trace-id
b7a4799a995039be71cfad6e908ce7c7
pragma
no-cache
server
nginx
accept-ch
Sec-CH-UA, Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Mobile, Sec-CH-UA-Model
vary
Origin
content-type
image/gif
access-control-allow-origin
*
access-control-expose-headers
Link
cache-control
no-cache, no-store, no-transform, must-revalidate, private, max-age=0
access-control-allow-credentials
true
timing-allow-origin
*, *
expires
Tue, 11 Jan 1994 10:00:00 GMT
css2
fonts.googleapis.com/ Frame F59C 		11 KB
1 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://fonts.googleapis.com/css2?family=Roboto:wght@100;300;400;500;700
Requested by
Host: ofleafeona.com
URL: https://ofleafeona.com/401/7093851
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:80f::200a -, , ASN (),
Reverse DNS
Software
ESF /
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
Accept-Language
nl-NL,nl;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

strict-transport-security
max-age=31536000
date
Mon, 24 Jun 2024 11:23:56 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection
0
last-modified
Mon, 24 Jun 2024 10:01:52 GMT
server
ESF
cross-origin-opener-policy
same-origin-allow-popups
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Mon, 24 Jun 2024 11:23:56 GMT
7ae53f48399de6cca2c05f47aef553bf.png
offerimage.com/www/images/ Frame F59C 		26 KB
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://offerimage.com/www/images/7ae53f48399de6cca2c05f47aef553bf.png
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::6816:20ac , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
1dd3f30f262af6e298b319d2ac385455a35b6be32b5fa64ee327a2f7075d21cf

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
Accept-Language
nl-NL,nl;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Mon, 24 Jun 2024 11:23:52 GMT
cf-cache-status
HIT
last-modified
Sat, 22 Jun 2024 23:50:52 GMT
server
cloudflare
age
40983
etag
"6677635c-6894"
vary
Accept-Encoding
content-type
image/png
cache-control
max-age=86400
accept-ranges
bytes
timing-allow-origin
*
cf-ray
898c5923faee9f93-AMS
content-length
26772
expires
Tue, 25 Jun 2024 00:00:49 GMT

Verdicts & Comments Add Verdict or Comment

45 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

undefined| event object| fence object| sharedStorage function| $ function| jQuery function| Zepto object| Clappr function| LevelSelector function| ChromecastPlugin object| atOptions undefined| current_channel function| gtag object| dataLayer object| _wau object| google_tag_manager object| google_tag_data object| WAU_ren function| WAU_small function| WAU_small_request function| WAU_r_s function| WAU_insert function| WAU_legacy_b function| WAU_la function| WAU_addCommas function| WAU_lrd function| WAU_lrs function| WAU_cps function| docReady string| GoogleAnalyticsObject function| ga object| zfgstorage object| 23q4wy75q7g object| zfgformats object| syncCallbacks object| webpushlogs function| onYouTubeIframeAPIReady object| gaGlobal boolean| __lwkemfd9q__ object| gaplugins object| gaData object| x string| x1 string| x2 object| __ds3dcV__ number| __qwe33wweq__

6 Cookies

Domain/Path Name / Value
my.rtmark.net/ Name: ID
Value: 0800858dbddb434af847dd02e246a4a8
.nizarstream.xyz/ Name: _ga_L8FZ1M8TLB
Value: GS1.1.1719228232.1.0.1719228232.0.0.0
.nizarstream.xyz/ Name: _ga
Value: GA1.2.2134592246.1719228232
.nizarstream.xyz/ Name: _gid
Value: GA1.2.1577607268.1719228232
.nizarstream.xyz/ Name: _gat_gtag_UA_176080661_1
Value: 1
ofleafeona.com/ Name: OAID
Value: 0800858dbddb434af847dd02e246a4a8

9 Console Messages

Source Level URL
Text
network error URL: https://kindnessmarshalping.com/627bb8e8ef98a07042aaf5d06c21d935/invoke.js
Message:
Failed to load resource: the server responded with a status of 403 (Forbidden)
network error URL: https://kindnessmarshalping.com/b38f9f09558b88a0eb542a21e28cf134/invoke.js
Message:
Failed to load resource: the server responded with a status of 403 (Forbidden)
network error URL: https://nizarstream.xyz/fonts/Mark%20Simonson%20-%20Proxima%20Nova%20Semibold-webfont.woff2
Message:
Failed to load resource: the server responded with a status of 404 ()
network error URL: https://nizarstream.xyz/fonts/Mark%20Simonson%20-%20Proxima%20Nova%20Alt%20Regular-webfont.woff2
Message:
Failed to load resource: the server responded with a status of 404 ()
network error URL: https://nizarstream.xyz/fonts/Mark%20Simonson%20-%20Proxima%20Nova%20Alt%20Regular-webfont.woff
Message:
Failed to load resource: the server responded with a status of 404 ()
network error URL: https://nizarstream.xyz/fonts/Mark%20Simonson%20-%20Proxima%20Nova%20Semibold-webfont.woff
Message:
Failed to load resource: the server responded with a status of 404 ()
network error URL: https://kindnessmarshalping.com/b38f9f09558b88a0eb542a21e28cf134/invoke.js
Message:
Failed to load resource: the server responded with a status of 403 (Forbidden)
network error URL: https://nizarstream.xyz/fonts/Mark%20Simonson%20-%20Proxima%20Nova%20Alt%20Regular-webfont.ttf
Message:
Failed to load resource: the server responded with a status of 404 ()
network error URL: https://nizarstream.xyz/fonts/Mark%20Simonson%20-%20Proxima%20Nova%20Semibold-webfont.ttf
Message:
Failed to load resource: the server responded with a status of 404 ()

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

ajax.googleapis.com
cdn.jsdelivr.net
cdnjs.cloudflare.com
fleraprt.com
fonts.googleapis.com
kindnessmarshalping.com
maxcdn.bootstrapcdn.com
my.rtmark.net
nizarstream.com
nizarstream.xyz
offerimage.com
ofleafeona.com
region1.google-analytics.com
tzegilo.com
waust.at
whos.amung.us
www.google-analytics.com
www.googletagmanager.com
104.17.24.14
104.18.10.207
139.45.195.254
139.45.195.8
139.45.197.244
172.240.108.84
172.67.193.52
172.67.71.57
172.67.8.141
185.113.8.204
2001:4860:4802:32::36
2606:4700:10::6816:20ac
2a00:1450:4001:80e::200e
2a00:1450:4001:80f::2008
2a00:1450:4001:80f::200a
2a00:1450:4001:82b::200a
2a04:4e42:200::485
1108d9c16e258ebb7d76ca276f25feb22ea46f182455d7b8ed3cbd1507a19d48
120545b715843a9d4703e9d2c49adbb9a5f7cffadeb40acd7464895f7fefb7d7
160a426ff2894252cd7cebbdd6d6b7da8fcd319c65b70468f10b6690c45d02ef
1dd3f30f262af6e298b319d2ac385455a35b6be32b5fa64ee327a2f7075d21cf
1e7e258b1d70704a67ece4e6e75daf2be5a0e6f84888d9f123e6193f45c3c39d
2052a227c361a7e99ea70f5bdcf54cd9e6c6b493dd4d20b73b376d94ce0dc0d1
23a715a6d8a35921f8c02eab19a93b6c9c42271ecfccbde0005476959e2edff9
37b98c3868451a3523a6f2a2ff240159431ce81bc8a1ab3ae3099ae7f4024b97
4a4a65309cb37cc74b304bdeece0b710e5fa162063bab7a7e2e2e3730d6e68f0
4a966767b4065f7965d6a4b14288798a5477960e93cfb81e6dd14e9815de82ce
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49
53964478a7c634e8dad34ecc303dd8048d00dce4993906de1bacf67f663486ef
6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b
84380fde62ec6cd5427aeb3aab8f9f11d7efee197418a834ad26f1a8524b93dc
9132fddcebbfc591c1115d511ee35f829ec7b8141d2866c043e8207cf760de51
914d6178f4a53bfbc3b45c5babeb96f8ca6969f51677b8b1cd9a2f98cec4a56e
9254795ad350379efdfc9056e13ee41f6b963a6b8100df219cc7718932915eb4
a7fce36a4557fcda1d3496bc233cbd47934231b00ce6dc2f7660dcd3765cdece
b267db45ca3e86031685aaad2b03b8f39c4e0bd97959da2c7a88a0b326059b7b
cbcf0e85e906f9e8caf296fc6fd0cb8fcfb69b31e9ac570d63bd837fcf743f6f
d2df8cdcef55ca9fc8b1d59a95197005437e54a6a12351ad9b52273304a5a916
de36e50194320a7d3ef1ace9bd34a875a8bd458b253c061979dd628e9bf49afd
dfdfe490901d257c4c7c07a2f33523c83a60ab1f0c891f57baa27a565f653ea7
f0eb040c93ef2eb3f33388082051f49f99145a5a7de33015268a7d1a833958ed
f2e69463a942e5f474d7d84659b2373b19db4172e0006a4eff974de3edbda6ff
f6d82f567d08ec91a1b6ef0d4abf21be7a2d3dbc0a41c122584ea3536755b3ac
f75e846cc83bd11432f4b1e21a45f31bc85283d11d372f7b19accd1bf6a2635c
fa411409e767595b83bf12f7204d69a856031ec9466998358316f6cbbfedd8a6
fe85cceb474303eb80a5ca9a60b16d92208a8e0b38647647654b0c42447b51f7