buffstream.fun Open in urlscan Pro
2a06:98c1:3121::3 Public Scan

Go To Rescan
Add Verdict Report

URL:
http://buffstream.fun/webplayer2.php?t=alieztv&c=186273&lang=en&eid=58956762&lid=1865783&ci=258&si=4&ask=1654022700&kw=
Submission: On June 01 via api (June 1st 2022, 10:18:46 pm UTC) from US — Scanned from DE

Summary HTTP 9 Redirects Links 1 Behaviour Indicators

Summary

This website contacted 6 IPs in 2 countries across 7 domains to perform 9 HTTP transactions. The main IP is 2a06:98c1:3121::3, located in United States and belongs to CLOUDFLARENET, US. The main domain is buffstream.fun. The Cisco Umbrella rank of the primary domain is 689762.

This is the only time buffstream.fun was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
2	2a06:98c1:312... 2a06:98c1:3121::3	13335 (CLOUDFLAR...) (CLOUDFLARENET)
3	192.243.59.20 192.243.59.20	39572 (ADVANCEDH...) (ADVANCEDHOSTERS-AS)
1	3.123.59.125 3.123.59.125	16509 (AMAZON-02) (AMAZON-02)
1	2a06:98c1:312... 2a06:98c1:3120::3	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	192.243.61.227 192.243.61.227	39572 (ADVANCEDH...) (ADVANCEDHOSTERS-AS)
1	209.192.156.100 209.192.156.100	7979 (SERVERS-COM) (SERVERS-COM)
9	6

2 2a06:98c1:3121::3 (United States)

ASN13335 (CLOUDFLARENET, US)

buffstream.fun	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 192.243.59.20 (Ashburn, United States)

ASN39572 (ADVANCEDHOSTERS-AS, NL)

moderatepartsindependently.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
dismantlepenantiterrorist.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 3.123.59.125 (Frankfurt am Main, Germany)

ASN16509 (AMAZON-02, US)
PTR: ec2-3-123-59-125.eu-central-1.compute.amazonaws.com

simplewebanalysis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a06:98c1:3120::3 (United States)

ASN13335 (CLOUDFLARENET, US)

addresseepaper.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 192.243.61.227 (Ashburn, United States)

ASN39572 (ADVANCEDHOSTERS-AS, NL)

undooptimisticsuction.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 209.192.156.100 (United States)

ASN7979 (SERVERS-COM, US)

poshhateful.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
2	moderatepartsindependently.com moderatepartsindependently.com	477 B
2	buffstream.fun buffstream.fun — Cisco Umbrella Rank: 689762	29 KB
1	poshhateful.com poshhateful.com — Cisco Umbrella Rank: 26517	329 B
1	dismantlepenantiterrorist.com dismantlepenantiterrorist.com — Cisco Umbrella Rank: 147646	425 B
1	undooptimisticsuction.com undooptimisticsuction.com — Cisco Umbrella Rank: 42685
1	addresseepaper.com addresseepaper.com — Cisco Umbrella Rank: 20380	15 KB
1	simplewebanalysis.com simplewebanalysis.com — Cisco Umbrella Rank: 15533	287 B
9	7

	Domain	Requested by
2	moderatepartsindependently.com	buffstream.fun
2	buffstream.fun	buffstream.fun
1	poshhateful.com	buffstream.fun
1	dismantlepenantiterrorist.com	buffstream.fun
1	undooptimisticsuction.com	buffstream.fun
1	addresseepaper.com	buffstream.fun
1	simplewebanalysis.com	buffstream.fun
9	7

This site contains links to these domains. Also see Links.

Domain
undooptimisticsuction.com

Subject Issuer	Validity	Valid
simplewebanalysis.com Amazon	`2022-04-01` - `2023-04-30`	a year	crt.sh

This page contains 2 frames:

Primary Page: http://buffstream.fun/webplayer2.php?t=alieztv&c=186273&lang=en&eid=58956762&lid=1865783&ci=258&si=4&ask=1654022700&kw=
Frame ID: 38E67795C3CDCD1598F3FAF11A48F038
Requests: 8 HTTP requests in this frame

Frame: http://buffstream.fun/frame.php?place=Ly9lbWIuYXBsMTQwLm1lLw0KcGxheWVyL2xpdmUucGhwP2lkPTE4NjI3MyZ3PTcwMCZoPTQ4MA==&width=700&height=480&uniqid=6297e5c1e0635&ask=1654022700
Frame ID: 5088355EE500F2B90E225C3D2730F0E8
Requests: 1 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

Sportcast

Detected technologies

PHP (Programming Languages) Expand

Overall confidence: 100%
Detected patterns

\.php(?:$|\?)

Page Statistics

9
Requests

11 %
HTTPS

33 %
IPv6

7
Domains

7
Subdomains

6
IPs

2
Countries

46 kB
Transfer

121 kB
Size

5
Cookies

1 Outgoing links

These are links going to different origins than the main page.

URL: http://undooptimisticsuction.com/fvnd40pbn0?dpbtfnl=76&refer=http%3A%2F%2Fbuffstream.fun%2Fwebplayer2.php%3Ft%3Dalieztv%26c%3D186273%26lang%3Den%26eid%3D58956762%26lid%3D1865783%26ci%3D258%26si%3D4%26ask%3D1654022700%26kw%3D&kw=%5B%22sportcast%22%5D&key=9fef9045096b8ee3f302c900d0e9bd5a&scrWidth=1600&scrHeight=1200&tz=0&v=22.5.v.1&ship=&sub1=22.5.v.1&sub2=0&res=12.1053&dev=e&uuid=a62f10ac-04f6-4f4f-8302-08ce00757569%3A2%3A1

Search URL Search Domain Scan URL

Redirected requests

There were HTTP redirect chains for the following requests:

9 HTTP transactions
0 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H/1.1 200
OK Primary Request webplayer2.php Show response
buffstream.fun/ 73 KB
28 KB 242ms
224ms Document
text/html 2a06:98c1:3121::3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: http://buffstream.fun/webplayer2.php?t=alieztv&c=186273&lang=en&eid=58956762&lid=1865783&ci=258&si=4&ask=1654022700&kw=
Protocol: HTTP/1.1
Server: 2a06:98c1:3121::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: ceacb3e66c89dc5cdb88f30bc9a51de259aef3316d5b8e66207467762f00eb5d

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

CF-Cache-Status: DYNAMIC
CF-RAY: 714b539abe689c06-FRA
Connection: keep-alive
Content-Encoding: gzip
Content-Type: text/html; charset=ISO-8859-1
Date: Wed, 01 Jun 2022 22:18:41 GMT
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=4bCYFgDfK98kABqIRWqrIExBjq4eAklMBBNaY9dzSyp44wl0Wd3OtT%2FNQ8gah3zPDt1Ph0k1mFxTDYTt15O8ocPvAvTxu4ElYBE17amF9jgs37PXsUHtFW8RsNtRmsHbDjpzRKDT%2BY4HLOVvOg%3D%3D"}],"group":"cf-nel","max_age":604800}
Server: cloudflare
Transfer-Encoding: chunked
Vary: Accept-Encoding
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400

GET
H/1.1 403
Forbidden invoke.js
moderatepartsindependently.com/93e57b70d5f506dddd687e4174119263/ 0
0 459ms
98ms Script
application/javascript 192.243.59.20
ADVANCEDHOSTERS-AS

General

Check archive.org

Show headers Download Go to

Full URL: http://moderatepartsindependently.com/93e57b70d5f506dddd687e4174119263/invoke.js
Requested by: Host: buffstream.fun
URL: http://buffstream.fun/webplayer2.php?t=alieztv&c=186273&lang=en&eid=58956762&lid=1865783&ci=258&si=4&ask=1654022700&kw=
Protocol: HTTP/1.1
Server: 192.243.59.20 Ashburn, United States, ASN39572 (ADVANCEDHOSTERS-AS, NL),
Reverse DNS
Software: nginx/1.17.9 /
Resource Hash

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://buffstream.fun/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

Date: Wed, 01 Jun 2022 22:18:42 GMT
Server: nginx/1.17.9
P3P: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
Access-Control-Allow-Origin: *
Connection: keep-alive
Accept-CH: Device-Stock-UA,Sec-CH-UA,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version,Sec-CH-UA-PlatformSec-CH-UA-Platform-Version,User-Agent,X-OperaMini-Phone-UA,X-UCBrowser-Device-UA,x-Device-User-Agent
Content-Type: application/javascript
Content-Length: 0

GET
H/1.1 404
Not Found frame.php Show response
buffstream.fun/ Frame 5088 240 B
886 B 27ms
27ms Document
text/html 2a06:98c1:3121::3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: http://buffstream.fun/frame.php?place=Ly9lbWIuYXBsMTQwLm1lLw0KcGxheWVyL2xpdmUucGhwP2lkPTE4NjI3MyZ3PTcwMCZoPTQ4MA==&width=700&height=480&uniqid=6297e5c1e0635&ask=1654022700
Requested by: Host: buffstream.fun
URL: http://buffstream.fun/webplayer2.php?t=alieztv&c=186273&lang=en&eid=58956762&lid=1865783&ci=258&si=4&ask=1654022700&kw=
Protocol: HTTP/1.1
Server: 2a06:98c1:3121::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 33f4121492cd2cbd4bab6ae854484dc40bc354840000cb64f292ec99f9340971

Request headers

Referer: http://buffstream.fun/webplayer2.php?t=alieztv&c=186273&lang=en&eid=58956762&lid=1865783&ci=258&si=4&ask=1654022700&kw=
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

CF-Cache-Status: DYNAMIC
CF-RAY: 714b539c79599c06-FRA
Connection: keep-alive
Content-Encoding: gzip
Content-Type: text/html; charset=UTF-8
Date: Wed, 01 Jun 2022 22:18:42 GMT
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=UZ9gufSwmCKqNSffmoyv8OUR3G8yTZ3zVfk42FMtr2irtE0c7loBqxlp1co%2BwuDBjaMZz8caGtM6v0rF%2FOq8cmhyLnbqpePBpmDSTALmgLeKJLc00Waifj6sjMx%2BFLnBerBYywgCaUS%2Bnt3HUg%3D%3D"}],"group":"cf-nel","max_age":604800}
Server: cloudflare
Transfer-Encoding: chunked
Vary: Accept-Encoding
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400

GET
H/1.1 403
Forbidden 9fef9045096b8ee3f302c900d0e9bd5a.json Show response
moderatepartsindependently.com/9f/ef/90/ 0
477 B 437ms
95ms XHR
application/javascript 192.243.59.20
ADVANCEDHOSTERS-AS

General

Check archive.org

Show headers Download Go to

Full URL: http://moderatepartsindependently.com/9f/ef/90/9fef9045096b8ee3f302c900d0e9bd5a.json
Requested by: Host: buffstream.fun
URL: http://buffstream.fun/webplayer2.php?t=alieztv&c=186273&lang=en&eid=58956762&lid=1865783&ci=258&si=4&ask=1654022700&kw=
Protocol: HTTP/1.1
Server: 192.243.59.20 Ashburn, United States, ASN39572 (ADVANCEDHOSTERS-AS, NL),
Reverse DNS
Software: nginx/1.17.9 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://buffstream.fun/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

Date: Wed, 01 Jun 2022 22:18:42 GMT
Server: nginx/1.17.9
P3P: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
Access-Control-Allow-Origin: *
Connection: keep-alive
Accept-CH: Device-Stock-UA,Sec-CH-UA,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version,Sec-CH-UA-PlatformSec-CH-UA-Platform-Version,User-Agent,X-OperaMini-Phone-UA,X-UCBrowser-Device-UA,x-Device-User-Agent
Content-Type: application/javascript
Content-Length: 0

GET
H2 200 stats Show response
simplewebanalysis.com/ 40 B
287 B 32ms
7ms XHR
text/html 3.123.59.125
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://simplewebanalysis.com/stats
Requested by: Host: buffstream.fun
URL: http://buffstream.fun/webplayer2.php?t=alieztv&c=186273&lang=en&eid=58956762&lid=1865783&ci=258&si=4&ask=1654022700&kw=
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 3.123.59.125 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-3-123-59-125.eu-central-1.compute.amazonaws.com
Software: fasthttp /
Resource Hash: a3c06abb8440459e7f22c4386d9b542c387b51d61963cdfc2d79905718b4de58

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://buffstream.fun/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

access-control-allow-origin: http://buffstream.fun
date: Wed, 01 Jun 2022 22:18:42 GMT
access-control-allow-credentials: true
server: fasthttp
content-length: 40
content-type: text/html; charset=UTF-8

GET
H/1.1 200
OK sfp.js Show response
addresseepaper.com/ 48 KB
15 KB 225ms
206ms Script
application/javascript 2a06:98c1:3120::3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

http://addresseepaper.com/sfp.js

Requested by

Host: buffstream.fun
URL: http://buffstream.fun/webplayer2.php?t=alieztv&c=186273&lang=en&eid=58956762&lid=1865783&ci=258&si=4&ask=1654022700&kw=

Protocol

HTTP/1.1

Server

2a06:98c1:3120::3 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

473dfe26e5ad478a354a003498bcb7f683108aecef6b8facf6ed5dbf42caccec

Security Headers

Name	Value
Strict-Transport-Security	max-age=0; includeSubdomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://buffstream.fun/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

Date: Wed, 01 Jun 2022 22:18:42 GMT
Content-Encoding: gzip
CF-Cache-Status: EXPIRED
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Transfer-Encoding: chunked
P3P: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=w6D%2BzCLkJfvoHDCy5xHspzThjg%2BhPSpYREGZKf9CchA7aaI9FH%2Fyp6Lxa0RX3uX97EJ0%2FIj3ZHHgwTBmS1imdkNHyqnJtFXypNaanm7Lqh4Wqu1v7FwNmY6grDzh3mW1PCuTXV4aTRbcpOyuB2%2BqSyM%3D"}],"group":"cf-nel","max_age":604800}
Connection: keep-alive
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Request-ID: edb5b78cf96781b9ad97cacf0fce2dd5
Last-Modified: Wed, 01 Jun 2022 22:18:42 GMT
Server: cloudflare
Vary: Accept-Encoding
Strict-Transport-Security: max-age=0; includeSubdomains
Content-Type: application/javascript; charset=utf-8
Access-Control-Allow-Origin: *
Cache-Control: max-age=14400
CF-RAY: 714b539f7b179bd1-FRA
Expires: Thu, 01 Jan 1970 00:00:01 GMT

GET
H/1.1 403
Forbidden e1c5157ca5df6869b964dc23f5e32700.js
undooptimisticsuction.com/e1/c5/15/ 0
0 302ms
95ms Script
application/javascript 192.243.61.227
ADVANCEDHOSTERS-AS

General

Check archive.org

Show headers Download Go to

Full URL: http://undooptimisticsuction.com/e1/c5/15/e1c5157ca5df6869b964dc23f5e32700.js
Requested by: Host: buffstream.fun
URL: http://buffstream.fun/webplayer2.php?t=alieztv&c=186273&lang=en&eid=58956762&lid=1865783&ci=258&si=4&ask=1654022700&kw=
Protocol: HTTP/1.1
Server: 192.243.61.227 Ashburn, United States, ASN39572 (ADVANCEDHOSTERS-AS, NL),
Reverse DNS
Software: nginx/1.22.0 /
Resource Hash

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://buffstream.fun/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

Date: Wed, 01 Jun 2022 22:18:42 GMT
Server: nginx/1.22.0
P3P: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
Access-Control-Allow-Origin: *
Connection: keep-alive
Accept-CH: Device-Stock-UA,Sec-CH-UA,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version,Sec-CH-UA-PlatformSec-CH-UA-Platform-Version,User-Agent,X-OperaMini-Phone-UA,X-UCBrowser-Device-UA,x-Device-User-Agent
Content-Type: application/javascript
Content-Length: 0

GET
H/1.1 200
OK pxf.gif
dismantlepenantiterrorist.com/ 1 B
425 B 304ms
99ms Image
image/gif 192.243.59.20
ADVANCEDHOSTERS-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL

http://dismantlepenantiterrorist.com/pxf.gif?uuid=a62f10ac-04f6-4f4f-8302-08ce00757569&eb=efbb3001091eb0a1eb34475ee51206a9&te=74e880769e9f86c73d6ae7d92777c9a2&ua=Mozilla%2F5.0%20(Windows%20NT%2010.0%3B%20Win64%3B%20x64)%20AppleWebKit%2F537.36%20(KHTML%2C%20like%20Gecko)%20Chrome%2F102.0.5005.61%20Safari%2F537.36&dev=e&res=12.1053&b_frame=0&pk=9fef9045096b8ee3f302c900d0e9bd5a&bl=en-US&sr=1200x1600&sz=1200x1600&hjs=22

Requested by

Host: buffstream.fun
URL: http://buffstream.fun/webplayer2.php?t=alieztv&c=186273&lang=en&eid=58956762&lid=1865783&ci=258&si=4&ask=1654022700&kw=

Protocol

HTTP/1.1

Server

192.243.59.20 Ashburn, United States, ASN39572 (ADVANCEDHOSTERS-AS, NL),

Reverse DNS

Software

nginx/1.17.9 /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=0; includeSubdomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://buffstream.fun/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

Date: Wed, 01 Jun 2022 22:18:42 GMT
Server: nginx/1.17.9
Strict-Transport-Security: max-age=0; includeSubdomains
P3P: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
Access-Control-Allow-Origin: *
Cache-Control: no-cache
Connection: keep-alive
Content-Type: image/gif
Content-Length: 1
X-Request-ID: 61cc89d7b1759c90a89d44fe6e63478b
Expires: Thu, 01 Jan 1970 00:00:01 GMT

GET
H/1.1 200
OK advertisers.js Show response
poshhateful.com/ 0
329 B 319ms
155ms Script
application/javascript 209.192.156.100
SERVERS-COM

General

Check archive.org

Show headers Download Go to

Full URL

http://poshhateful.com/advertisers.js

Requested by

Host: buffstream.fun
URL: http://buffstream.fun/webplayer2.php?t=alieztv&c=186273&lang=en&eid=58956762&lid=1865783&ci=258&si=4&ask=1654022700&kw=

Protocol

HTTP/1.1

Server

209.192.156.100 , United States, ASN7979 (SERVERS-COM, US),

Reverse DNS

Software

nginx/1.14.2 /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=0; includeSubdomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://buffstream.fun/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

Date: Wed, 01 Jun 2022 22:18:42 GMT
Server: nginx/1.14.2
Strict-Transport-Security: max-age=0; includeSubdomains
Content-Type: application/javascript
Cache-Control: no-cache
Connection: keep-alive
Content-Length: 0
X-Request-ID: 21fb18786684c82cb56a49b29547f407
Expires: Thu, 01 Jan 1970 00:00:01 GMT

Verdicts & Comments Add Verdict or Comment

17 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

5 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
buffstream.fun/	1970-01-20 04:11:53	Name: lngesessid Value: 305cbcd98f4fe99ab4e8c0033e0e6415
buffstream.fun/	1970-01-20 04:11:53	Name: charset Value: ISO-8859-1
simplewebanalysis.com/	1970-01-23 19:04:41	Name: uid_id2 Value: a62f10ac-04f6-4f4f-8302-08ce00757569:2:1
buffstream.fun/	1970-01-20 03:38:46	Name: dom3ic8zudi28v8lr6fgphwffqoz0j6c Value: a62f10ac-04f6-4f4f-8302-08ce00757569%3A2%3A1
buffstream.fun/	1970-01-20 03:28:49	Name: ppu_main_9fef9045096b8ee3f302c900d0e9bd5a Value: 1

4 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
network	error	URL: http://buffstream.fun/frame.php?place=Ly9lbWIuYXBsMTQwLm1lLw0KcGxheWVyL2xpdmUucGhwP2lkPTE4NjI3MyZ3PTcwMCZoPTQ4MA==&width=700&height=480&uniqid=6297e5c1e0635&ask=1654022700 Message: Failed to load resource: the server responded with a status of 404 (Not Found)
network	error	URL: http://moderatepartsindependently.com/9f/ef/90/9fef9045096b8ee3f302c900d0e9bd5a.json Message: Failed to load resource: the server responded with a status of 403 (Forbidden)
network	error	URL: http://moderatepartsindependently.com/93e57b70d5f506dddd687e4174119263/invoke.js Message: Failed to load resource: the server responded with a status of 403 (Forbidden)
network	error	URL: http://undooptimisticsuction.com/e1/c5/15/e1c5157ca5df6869b964dc23f5e32700.js Message: Failed to load resource: the server responded with a status of 403 (Forbidden)

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

addresseepaper.com
buffstream.fun
dismantlepenantiterrorist.com
moderatepartsindependently.com
poshhateful.com
simplewebanalysis.com
undooptimisticsuction.com
192.243.59.20
192.243.61.227
209.192.156.100
2a06:98c1:3120::3
2a06:98c1:3121::3
3.123.59.125
33f4121492cd2cbd4bab6ae854484dc40bc354840000cb64f292ec99f9340971
473dfe26e5ad478a354a003498bcb7f683108aecef6b8facf6ed5dbf42caccec
a3c06abb8440459e7f22c4386d9b542c387b51d61963cdfc2d79905718b4de58
ceacb3e66c89dc5cdb88f30bc9a51de259aef3316d5b8e66207467762f00eb5d
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

buffstream.fun Open in urlscan Pro 2a06:98c1:3121::3 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Detected technologies

Page Statistics

9 Requests

11 %HTTPS

33 %IPv6

7 Domains

7 Subdomains

6 IPs

2 Countries

46 kBTransfer

121 kBSize

5 Cookies

1 Outgoing links

Redirected requests

9 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 0 data transactions

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Verdicts & Comments Add Verdict or Comment

17 JavaScript Global Variables

5 Cookies

4 Console Messages

Indicators

buffstream.fun Open in urlscan Pro
2a06:98c1:3121::3 Public Scan

Screenshot
Live screenshot

Full Image

9
Requests

11 %
HTTPS

33 %
IPv6

7
Domains

7
Subdomains

6
IPs

2
Countries

46 kB
Transfer

121 kB
Size

5
Cookies

9 HTTP transactions
0 data transactions