urlscan.io logo urlscan.io
SecurityTrails logo

buffstream.fun Open in urlscan Pro
2a06:98c1:3121::3  Public Scan

Go To Rescan Add Verdict Report
URL: https://buffstream.fun/embed77/?event=stack.html&link=1&domain=&force=https%3A%2F%2Fcdn.sportcast.life%2Fnginx.php%3Fid...
Submission: On July 06 via manual from MY — Scanned from NL
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 12 IPs in 3 countries across 14 domains to perform 25 HTTP transactions. The main IP is 2a06:98c1:3121::3, located in United States and belongs to CLOUDFLARENET, US. The main domain is buffstream.fun.
TLS certificate: Issued by Cloudflare Inc ECC CA-3 on August 12th 2021. Valid for: a year.
This is the only time buffstream.fun was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
3 2a06:98c1:312... 13335 (CLOUDFLAR...)
2 192.243.61.227 39572 (ADVANCEDH...)
1 6 2606:4700:303... 13335 (CLOUDFLAR...)
1 52.29.132.48 16509 (AMAZON-02)
1 192.243.61.225 39572 (ADVANCEDH...)
2 2a00:1450:400... 15169 (GOOGLE)
1 2001:4860:480... 15169 (GOOGLE)
2 2606:4700:e6:... 13335 (CLOUDFLAR...)
1 2001:4de0:ac1... 20446 (STACKPATH...)
2 2606:4700:303... 13335 (CLOUDFLAR...)
4 192.243.59.13 39572 (ADVANCEDH...)
25 12
3    2a06:98c1:3121::3 (United States)

ASN13335 (CLOUDFLARENET, US)
buffstream.fun
daddylive.top
2    192.243.61.227 (Ashburn, United States)

ASN39572 (ADVANCEDHOSTERS-AS, NL)
moderatepartsindependently.com
6    2606:4700:3031::6815:30f6 (United States)

ASN13335 (CLOUDFLARENET, US)
cdn.sportcast.life
1    52.29.132.48 (Frankfurt am Main, Germany)

ASN16509 (AMAZON-02, US)
PTR: ec2-52-29-132-48.eu-central-1.compute.amazonaws.com
simplewebanalysis.com
1    192.243.61.225 (Ashburn, United States)

ASN39572 (ADVANCEDHOSTERS-AS, NL)
poshhateful.com
2    2a00:1450:4001:80b::2008 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.googletagmanager.com
ssl.google-analytics.com
1    2001:4860:4802:32::178 (United States)

ASN15169 (GOOGLE, US)
www.google-analytics.com
2    2606:4700:e6::ac40:c921 (United States)

ASN13335 (CLOUDFLARENET, US)
olacast.live
1    2001:4de0:ac18::1:a:3b (Netherlands)

ASN20446 (STACKPATH-CDN, US)
code.jquery.com
2    2606:4700:3038::6815:eafe (United States)

ASN13335 (CLOUDFLARENET, US)
addresseepaper.com
4    192.243.59.13 (Ashburn, United States)

ASN39572 (ADVANCEDHOSTERS-AS, NL)
undooptimisticsuction.com
dismantlepenantiterrorist.com
Apex Domain
Subdomains		 Transfer
6 sportcast.life
cdn.sportcast.life
28 KB
2 dismantlepenantiterrorist.com
dismantlepenantiterrorist.com — Cisco Umbrella Rank: 146014
850 B
2 undooptimisticsuction.com
undooptimisticsuction.com
2 addresseepaper.com
addresseepaper.com — Cisco Umbrella Rank: 19014
47 KB
2 olacast.live
olacast.live
32 KB
2 google-analytics.com
www.google-analytics.com — Cisco Umbrella Rank: 49
ssl.google-analytics.com — Cisco Umbrella Rank: 390
37 KB
2 moderatepartsindependently.com
moderatepartsindependently.com
594 B
2 buffstream.fun
buffstream.fun
30 KB
1 jquery.com
code.jquery.com — Cisco Umbrella Rank: 630
30 KB
1 googletagmanager.com
www.googletagmanager.com — Cisco Umbrella Rank: 89
40 KB
1 daddylive.top
daddylive.top
1 KB
1 poshhateful.com
poshhateful.com — Cisco Umbrella Rank: 24336
329 B
1 simplewebanalysis.com
simplewebanalysis.com — Cisco Umbrella Rank: 14772
287 B
0 licenses4.me Failed
player.licenses4.me Failed
25 14
Domain Requested by
6 cdn.sportcast.life 1 redirects buffstream.fun
cdn.sportcast.life
2 dismantlepenantiterrorist.com buffstream.fun
2 undooptimisticsuction.com buffstream.fun
2 addresseepaper.com buffstream.fun
2 olacast.live daddylive.top
olacast.live
2 moderatepartsindependently.com buffstream.fun
2 buffstream.fun buffstream.fun
1 code.jquery.com olacast.live
1 ssl.google-analytics.com daddylive.top
1 www.google-analytics.com www.googletagmanager.com
1 www.googletagmanager.com cdn.sportcast.life
1 daddylive.top cdn.sportcast.life
1 poshhateful.com buffstream.fun
1 simplewebanalysis.com buffstream.fun
0 player.licenses4.me Failed olacast.live
25 15

This site contains no links.

Subject Issuer Validity Valid
sni.cloudflaressl.com
Cloudflare Inc ECC CA-3		 2021-08-12 -
2022-08-11		 a year crt.sh
moderatepartsindependently.com
R3		 2022-06-13 -
2022-09-11		 3 months crt.sh
simplewebanalysis.com
Amazon		 2022-04-01 -
2023-04-30		 a year crt.sh
poshhateful.com
R3		 2022-06-19 -
2022-09-17		 3 months crt.sh
*.google-analytics.com
GTS CA 1C3		 2022-06-06 -
2022-08-29		 3 months crt.sh
*.olacast.live
E1		 2022-05-22 -
2022-08-20		 3 months crt.sh
*.jquery.com
Sectigo RSA Domain Validation Secure Server CA		 2021-07-14 -
2022-08-14		 a year crt.sh
*.addresseepaper.com
E1		 2022-06-25 -
2022-09-23		 3 months crt.sh
undooptimisticsuction.com
R3		 2022-06-20 -
2022-09-18		 3 months crt.sh
dismantlepenantiterrorist.com
R3		 2022-06-30 -
2022-09-28		 3 months crt.sh

This page contains 7 frames:

Primary Page: https://buffstream.fun/embed77/?event=stack.html&link=1&domain=&force=https%3A%2F%2Fcdn.sportcast.life%2Fnginx.php%3Fid%3D111&ask=1657101600&lgt=14
Frame ID: A9D11D2DA4FA637492FE56A5E57433CA
Requests: 2 HTTP requests in this frame

Frame: https://buffstream.fun/frame2.php?place=aHR0cHM6Ly9jZG4uc3BvcnRjYXN0LmxpZmUvbmdpbngucGhwP2lkPTExMQ==&width=700&height=420&uniqid=1657100902&ask=1657101600&lgt=14
Frame ID: 560565A302279C8689A190EC08B0FBD3
Requests: 10 HTTP requests in this frame

Frame: https://cdn.sportcast.life/nginx.php?id=111
Frame ID: 5918CED178C7690C94C04F038C81A5EC
Requests: 4 HTTP requests in this frame

Frame: https://daddylive.top/livetv/stream-111.php
Frame ID: 9F4649B2EACF087527C3823522CB9FEE
Requests: 2 HTTP requests in this frame

Frame: https://cdn.sportcast.life/cdn-cgi/challenge-platform/h/g/scripts/alpha/invisible.js?ts=1657094400
Frame ID: 042722312DA6FBA2F2D9819CCA01954D
Requests: 3 HTTP requests in this frame

Frame: https://olacast.live/premiumtv/daddylive.php?id=111&noads=true
Frame ID: 74E3964601545CE7EFA30050B0D36848
Requests: 3 HTTP requests in this frame

Frame: https://player.licenses4.me/player.php?id=premium111&test=true
Frame ID: 204CD6DAEF8499FB5C39D2BC1215D8E1
Requests: 1 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page Title

Sportcast

Detected technologies

Overall confidence: 100%
Detected patterns
  • google-analytics\.com/(?:ga|urchin|analytics)\.js
Overall confidence: 100%
Detected patterns
  • googletagmanager\.com/gtag/js
Overall confidence: 100%
Detected patterns
  • jquery[.-]([\d.]*\d)[^/]*\.js
  • jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?

Page Statistics

25
Requests

96 %
HTTPS

64 %
IPv6

14
Domains

15
Subdomains

12
IPs

3
Countries

246 kB
Transfer

674 kB
Size

3
Cookies

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 6
  • https://cdn.sportcast.life/embed2/live111.php HTTP 301
  • https://daddylive.top/livetv/stream-111.php

25 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
Primary Request /
buffstream.fun/embed77/ 		7 KB
3 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://buffstream.fun/embed77/?event=stack.html&link=1&domain=&force=https%3A%2F%2Fcdn.sportcast.life%2Fnginx.php%3Fid%3D111&ask=1657101600&lgt=14
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a06:98c1:3121::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
3effc7bf6c93167a6ba6d31368187ffd8a2a5dc1904515a623b65107bcef1f92

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36
accept-language
nl-NL,nl;q=0.9

Response headers

alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
cf-cache-status
DYNAMIC
cf-ray
72676ca29ec90121-AMS
content-encoding
br
content-type
text/html; charset=UTF-8
date
Wed, 06 Jul 2022 09:48:22 GMT
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=ConVQXDL%2FgldsXvYYtgSWS1plcTQNQYvcNHfojF1SRLJWxe4E%2Fw39mfsJcfDDy4GpsC2axPkF3no9Nj9xjgpXoNlUVZpSszS2drPoLDgS1gW%2FzJ81om9OFMuCW6HRS5cV5CUah%2Bgik4FBcoUeQ%3D%3D"}],"group":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
invoke.js
moderatepartsindependently.com/93e57b70d5f506dddd687e4174119263/ 		0
0 		Script
General
Check archive.org
Download Go to
Full URL
https://moderatepartsindependently.com/93e57b70d5f506dddd687e4174119263/invoke.js
Requested by
Host: buffstream.fun
URL: https://buffstream.fun/embed77/?event=stack.html&link=1&domain=&force=https%3A%2F%2Fcdn.sportcast.life%2Fnginx.php%3Fid%3D111&ask=1657101600&lgt=14
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
192.243.61.227 Ashburn, United States, ASN39572 (ADVANCEDHOSTERS-AS, NL),
Reverse DNS
Software
nginx/1.22.0 /
Resource Hash

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://buffstream.fun/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

Date
Wed, 06 Jul 2022 09:48:24 GMT
Server
nginx/1.22.0
P3P
CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
Access-Control-Allow-Origin
*
Connection
keep-alive
Accept-CH
Device-Stock-UA,Sec-CH-UA-Full-Version-ListSec-CH-UA-MobileSec-CH-UA-Platform,Sec-CH-UA-Mobile,Sec-CH-UA-PlatformSec-CH-UA-ModelSec-CH-UA-Mobile,Sec-CH-UA-PlatformSec-CH-UA-Platform-Version,Sec-CH-UASec-CH-UA-MobileSec-CH-UA-Platform,User-Agent,X-Device-User-Agent,X-OperaMini-Phone-UA,X-UCBrowser-Device-UA
Content-Type
application/javascript
Content-Length
0
frame2.php
buffstream.fun/ Frame 5605 		70 KB
27 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://buffstream.fun/frame2.php?place=aHR0cHM6Ly9jZG4uc3BvcnRjYXN0LmxpZmUvbmdpbngucGhwP2lkPTExMQ==&width=700&height=420&uniqid=1657100902&ask=1657101600&lgt=14
Requested by
Host: buffstream.fun
URL: https://buffstream.fun/embed77/?event=stack.html&link=1&domain=&force=https%3A%2F%2Fcdn.sportcast.life%2Fnginx.php%3Fid%3D111&ask=1657101600&lgt=14
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a06:98c1:3121::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
401f0d48709bd477dc9919b642ae67fd267e43bcb4345d24a766234095b5e193

Request headers

Referer
https://buffstream.fun/embed77/?event=stack.html&link=1&domain=&force=https%3A%2F%2Fcdn.sportcast.life%2Fnginx.php%3Fid%3D111&ask=1657101600&lgt=14
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36
accept-language
nl-NL,nl;q=0.9

Response headers

alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
cf-cache-status
DYNAMIC
cf-ray
72676ca34f970121-AMS
content-encoding
br
content-type
text/html; charset=UTF-8
date
Wed, 06 Jul 2022 09:48:22 GMT
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=4IitawqJvCgkDQBY4GAcjzRr9hD6B9dsUCSsgY4Ggb4nZXm4NkbjNtaNmFRE9%2BcmUxrt5BfJ53VfZnDN%2BecyN5zEh%2BlT6ycs5jlzRzURCrj%2FtHcdVjmiiLwVquBSvZ%2BeoWmYXApe7Bq0NxkhJQ%3D%3D"}],"group":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
nginx.php
cdn.sportcast.life/ Frame 5918 		2 KB
2 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://cdn.sportcast.life/nginx.php?id=111
Requested by
Host: buffstream.fun
URL: https://buffstream.fun/frame2.php?place=aHR0cHM6Ly9jZG4uc3BvcnRjYXN0LmxpZmUvbmdpbngucGhwP2lkPTExMQ==&width=700&height=420&uniqid=1657100902&ask=1657101600&lgt=14
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3031::6815:30f6 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
b6d3e95794fb69720a9519b976b56b5e63c56802b3cb0716d6eff4eabc46e3dc

Request headers

Referer
https://buffstream.fun/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36
accept-language
nl-NL,nl;q=0.9

Response headers

alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
cf-cache-status
DYNAMIC
cf-ray
72676ca60e59913c-FRA
content-encoding
br
content-type
text/html; charset=UTF-8
date
Wed, 06 Jul 2022 09:48:23 GMT
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Ff5zktALybvRLFkSpQwjBgKvZ%2F68IGnyFuv9uj2cpa5atz39e%2FJWF6nE2MsltrOIQVxorUnBGpjIbPjsuNj6%2Bec5wY%2F3xDQQqGBP4%2FoT39Kh38b7LMd6xUaYuDYzA5uQDS4ye5jDAHUn7ivwHFSal5g%3D"}],"group":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
x-cache-debug
/nginx.php?id=111 no-cache
9fef9045096b8ee3f302c900d0e9bd5a.json
moderatepartsindependently.com/9f/ef/90/ Frame 5605 		0
594 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://moderatepartsindependently.com/9f/ef/90/9fef9045096b8ee3f302c900d0e9bd5a.json
Requested by
Host: buffstream.fun
URL: https://buffstream.fun/frame2.php?place=aHR0cHM6Ly9jZG4uc3BvcnRjYXN0LmxpZmUvbmdpbngucGhwP2lkPTExMQ==&width=700&height=420&uniqid=1657100902&ask=1657101600&lgt=14
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
192.243.61.227 Ashburn, United States, ASN39572 (ADVANCEDHOSTERS-AS, NL),
Reverse DNS
Software
nginx/1.22.0 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://buffstream.fun/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

Date
Wed, 06 Jul 2022 09:48:24 GMT
Server
nginx/1.22.0
P3P
CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
Access-Control-Allow-Origin
*
Connection
keep-alive
Accept-CH
Device-Stock-UA,Sec-CH-UA-Full-Version-ListSec-CH-UA-MobileSec-CH-UA-Platform,Sec-CH-UA-Mobile,Sec-CH-UA-PlatformSec-CH-UA-ModelSec-CH-UA-Mobile,Sec-CH-UA-PlatformSec-CH-UA-Platform-Version,Sec-CH-UASec-CH-UA-MobileSec-CH-UA-Platform,User-Agent,X-Device-User-Agent,X-OperaMini-Phone-UA,X-UCBrowser-Device-UA
Content-Type
application/javascript
Content-Length
0
stats
simplewebanalysis.com/ Frame 5605 		40 B
287 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://simplewebanalysis.com/stats
Requested by
Host: buffstream.fun
URL: https://buffstream.fun/frame2.php?place=aHR0cHM6Ly9jZG4uc3BvcnRjYXN0LmxpZmUvbmdpbngucGhwP2lkPTExMQ==&width=700&height=420&uniqid=1657100902&ask=1657101600&lgt=14
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.29.132.48 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-29-132-48.eu-central-1.compute.amazonaws.com
Software
fasthttp /
Resource Hash
4763ad3707fd79ee60d52467a6500d0dc30e70f58044714659641dc2ece76620

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://buffstream.fun/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

access-control-allow-origin
https://buffstream.fun
date
Wed, 06 Jul 2022 09:48:23 GMT
access-control-allow-credentials
true
server
fasthttp
content-length
40
content-type
text/html; charset=UTF-8
advertisers.js
poshhateful.com/ Frame 5605 		0
329 B 		Script
General
Check archive.org
Download Go to
Full URL
https://poshhateful.com/advertisers.js
Requested by
Host: buffstream.fun
URL: https://buffstream.fun/frame2.php?place=aHR0cHM6Ly9jZG4uc3BvcnRjYXN0LmxpZmUvbmdpbngucGhwP2lkPTExMQ==&width=700&height=420&uniqid=1657100902&ask=1657101600&lgt=14
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
192.243.61.225 Ashburn, United States, ASN39572 (ADVANCEDHOSTERS-AS, NL),
Reverse DNS
Software
nginx/1.22.0 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=0; includeSubdomains

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://buffstream.fun/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

Date
Wed, 06 Jul 2022 09:48:23 GMT
Server
nginx/1.22.0
Strict-Transport-Security
max-age=0; includeSubdomains
Content-Type
application/javascript
Cache-Control
no-cache
Connection
keep-alive
Content-Length
0
X-Request-ID
49f8066441958f59f9ba2b66131979bd
Expires
Thu, 01 Jan 1970 00:00:01 GMT
stream-111.php
daddylive.top/livetv/ Frame 9F46
Redirect Chain
  • https://cdn.sportcast.life/embed2/live111.php
  • https://daddylive.top/livetv/stream-111.php
1 KB
1 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://daddylive.top/livetv/stream-111.php
Requested by
Host: cdn.sportcast.life
URL: https://cdn.sportcast.life/nginx.php?id=111
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a06:98c1:3121::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
8abac4efeaa5c9d5a0a9be9a980f6d0431f5bbf5c48c73ee43b143d172ddf7e3
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36
accept-language
nl-NL,nl;q=0.9

Response headers

alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
cf-cache-status
DYNAMIC
cf-ray
72676ca98de4fa48-AMS
content-encoding
br
content-type
text/html; charset=UTF-8
date
Wed, 06 Jul 2022 09:48:24 GMT
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
greydedi
STALE
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
referrer-policy
no-referrer-when-downgrade
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=dTy1QxsKsaolsEXnMF1UHQOhf8k6kuUPQSnAaRb%2B97oHyT3w8Ly%2B5Tnemq%2BmQ7brJQlcURbNXObU44tMJmogC4nZvwC1kBwqEGaKHdHQi%2Fo%2B0xkru2CRyJZlTUQ9AbVdC0r8DqrHuaugY7e6"}],"group":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
x-content-type-options
nosniff
x-turbo-charged-by
LiteSpeed

Redirect headers

alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
cf-cache-status
DYNAMIC
cf-ray
72676ca6cbbe904e-FRA
content-type
text/html
date
Wed, 06 Jul 2022 09:48:23 GMT
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
location
https://daddylive.top/livetv/stream-111.php
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
referrer-policy
no-referrer
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=dFUDzBqrNVyi%2FwXDbxSSv07hJB%2FqoJivphx3GUMdfXgjuV5toOfDea0qUwYFL1piN6HClCWl5fCHSftFy6ylfKlrW39IviZFSmWqk12OwGLe8zqiDXFArafvknJ1uMO79idLPt53qOB57nQ5%2FWPg1mk%3D"}],"group":"cf-nel","max_age":604800}
server
cloudflare
js
www.googletagmanager.com/gtag/ Frame 5918 		103 KB
40 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagmanager.com/gtag/js?id=UA-97551325-28
Requested by
Host: cdn.sportcast.life
URL: https://cdn.sportcast.life/nginx.php?id=111
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:80b::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
402e88f6bc9ae5d54feea752b47f1d9d864d85668f9c957608bea123b0bfb376
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://cdn.sportcast.life/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date
Wed, 06 Jul 2022 09:48:23 GMT
content-encoding
br
vary
Accept-Encoding
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
40335
x-xss-protection
0
last-modified
Wed, 06 Jul 2022 09:00:00 GMT
server
Google Tag Manager
strict-transport-security
max-age=31536000; includeSubDomains
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
access-control-allow-headers
Cache-Control
expires
Wed, 06 Jul 2022 09:48:23 GMT
ga.js
cdn.sportcast.life/scripts/ Frame 5918 		144 B
694 B 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.sportcast.life/scripts/ga.js
Requested by
Host: cdn.sportcast.life
URL: https://cdn.sportcast.life/nginx.php?id=111
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3031::6815:30f6 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
a17f31d19960d6e3a299e1bebcc072c65a38342dd09fedb45cdce79507983963

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://cdn.sportcast.life/nginx.php?id=111
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date
Wed, 06 Jul 2022 09:48:23 GMT
content-encoding
br
cf-cache-status
HIT
last-modified
Mon, 25 Apr 2022 08:59:06 GMT
server
cloudflare
age
4002
etag
W/"626662da-90"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=nZen84QdyrcL%2B5IBOyfYSasBmLAOg3dZ3peAz8A43FnPyCl78dFX3XRq07uan7G01EiL%2B3Ob1%2BvTfvjnaciwr%2Fg9smUT%2BNV8thlHRzmkuwWMio%2BnPWw%2BjtoVxbaMN3CyC7nyjEypy7rtOddus%2Ffq6Cw%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript
cache-control
max-age=14400
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray
72676ca6cbbd904e-FRA
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
invisible.js
cdn.sportcast.life/cdn-cgi/challenge-platform/h/g/scripts/alpha/ Frame 0427 		46 KB
16 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.sportcast.life/cdn-cgi/challenge-platform/h/g/scripts/alpha/invisible.js?ts=1657094400
Requested by
Host: buffstream.fun
URL: https://buffstream.fun/embed77/?event=stack.html&link=1&domain=&force=https%3A%2F%2Fcdn.sportcast.life%2Fnginx.php%3Fid%3D111&ask=1657101600&lgt=14
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3031::6815:30f6 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
506aaeac9e46c600f29dc877905f4df1de9927dfdbbaf60add636f0c57f75c6f

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date
Wed, 06 Jul 2022 09:48:23 GMT
content-encoding
br
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=NMDb7q40Gr7dwQSGD%2FwtjBAtlIl1x3tfx9G%2FIVuWHDCsNae6F8eqaQ7fP33yP34C6DMWCc5K2U71AJwF%2F4JMKqHQfbYWo%2Bjm3zL2y0uOGAgjtzeOH%2FK46fDQAeO5ZoPHpqIvR5m7M3x6xdU8Xix888o%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript; charset=UTF-8
cache-control
max-age=14400, public
x-control-type-options
nosniff
cf-ray
72676ca6cbbf904e-FRA
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
pica.js
cdn.sportcast.life/cdn-cgi/challenge-platform/h/g/scripts/ Frame 0427 		23 KB
8 KB 		Other
General
Check archive.org
Download Go to
Full URL
https://cdn.sportcast.life/cdn-cgi/challenge-platform/h/g/scripts/pica.js
Requested by
Host: cdn.sportcast.life
URL: https://cdn.sportcast.life/nginx.php?id=111
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3031::6815:30f6 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
d33651124791f2edf2f0a53d5d1af4acadfe5b15e5cf92ec9e8c1559fb5808e8

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date
Wed, 06 Jul 2022 09:48:23 GMT
content-encoding
br
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=CRZCZ3Rg9SIFzpxgg1sJRvQApLt55RQGjZR8Hy%2F%2FdZE5NDQAIPfJfC%2FTKrzUy%2BuYR3Ro1ghuQ6expgNvjm%2FH%2BYGItdR8jLilU%2FK7ADo8slMRwt7lowc70EHtDAxg7Bz8FE5qKOMwNKEhKFphoyR7eAA%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript; charset=UTF-8
cache-control
max-age=604800, public
x-control-type-options
nosniff
cf-ray
72676ca75c7e904e-FRA
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
analytics.js
www.google-analytics.com/ Frame 5918 		49 KB
20 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.google-analytics.com/analytics.js
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=UA-97551325-28
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2001:4860:4802:32::178 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
a1925038db769477ab74b4df34350c35688a795bb718727b0f4292a4a78a6210
Security Headers
Name Value
Strict-Transport-Security max-age=10886400; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://cdn.sportcast.life/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

strict-transport-security
max-age=10886400; includeSubDomains; preload
content-encoding
gzip
x-content-type-options
nosniff
last-modified
Wed, 13 Apr 2022 21:02:38 GMT
server
Golfe2
age
3638
date
Wed, 06 Jul 2022 08:47:45 GMT
vary
Accept-Encoding
content-type
text/javascript
cache-control
public, max-age=7200
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
20006
expires
Wed, 06 Jul 2022 10:47:45 GMT
72676ca60e59913c
cdn.sportcast.life/cdn-cgi/challenge-platform/h/g/cv/result/ Frame 0427 		2 B
727 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://cdn.sportcast.life/cdn-cgi/challenge-platform/h/g/cv/result/72676ca60e59913c
Requested by
Host: cdn.sportcast.life
URL: https://cdn.sportcast.life/cdn-cgi/challenge-platform/h/g/scripts/alpha/invisible.js?ts=1657094400
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3031::6815:30f6 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
2689367b205c16ce32ed4200942b8b8b1e262dfc70d9bc9fbc77c49699a4f1df

Request headers

Referer
accept-language
nl-NL,nl;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36
Content-Type
application/json

Response headers

date
Wed, 06 Jul 2022 09:48:23 GMT
content-encoding
br
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=g%2BFttPl8FUsnPUE5hnymcdzDidiS3H0are3qonmqUCs%2F3gISjU%2BjKqnd%2BmdA7i%2BrlgWWlBG24K4hztJO7NziRv6faFs%2BwLLikQ%2FaPwICNbxTsd1k6Ql3O5ouAakGN5nr5nk5POxa0suRHOOvusZTNF0%3D"}],"group":"cf-nel","max_age":604800}
content-type
text/plain; charset=UTF-8
cf-ray
72676ca91f4a904e-FRA
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
ga.js
ssl.google-analytics.com/ Frame 9F46 		45 KB
17 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://ssl.google-analytics.com/ga.js
Requested by
Host: daddylive.top
URL: https://daddylive.top/livetv/stream-111.php
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:80b::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
1259ea99bd76596239bfd3102c679eb0a5052578dc526b0452f4d42f8bcdd45f
Security Headers
Name Value
Strict-Transport-Security max-age=10886400; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://daddylive.top/livetv/stream-111.php
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

strict-transport-security
max-age=10886400; includeSubDomains; preload
content-encoding
gzip
x-content-type-options
nosniff
last-modified
Wed, 13 Apr 2022 21:02:38 GMT
server
Golfe2
age
3450
date
Wed, 06 Jul 2022 08:50:54 GMT
vary
Accept-Encoding
content-type
text/javascript
cache-control
public, max-age=7200
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
17168
expires
Wed, 06 Jul 2022 10:50:54 GMT
daddylive.php
olacast.live/premiumtv/ Frame 74E3 		78 KB
30 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://olacast.live/premiumtv/daddylive.php?id=111&noads=true
Requested by
Host: daddylive.top
URL: https://daddylive.top/livetv/stream-111.php
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:e6::ac40:c921 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
39fd5965051a267f70dd600bf7a6f2afafab5dfd2881805c62aa4f7a1800c6dc

Request headers

Referer
https://daddylive.top/livetv/stream-111.php
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36
accept-language
nl-NL,nl;q=0.9

Response headers

alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
cache-control
no-cache, no-store, must-revalidate
cf-cache-status
DYNAMIC
cf-ray
72676cabcda3b8a3-AMS
content-encoding
br
content-type
text/html; charset=UTF-8
date
Wed, 06 Jul 2022 09:48:24 GMT
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
max-age
0
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
pragma
no-cache
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=u5%2Bf2sxBKg2Bgo8uafrKR09JNrakEFrjR9CMT1w8AxJpoHF%2BjiHIaaA6Ys395BPaUOZiMpTTN%2BgjkCx4mawWQ7GufG0eWfAj%2BGmfpET%2B8bT78GKlVT6KC8Or9aUW2%2FrZMFJk8DseGCTzqLw%3D"}],"group":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
q_HVQTIRNKCVDn_t3H1Z2y_CuCE.js
olacast.live/cdn-cgi/apps/head/ Frame 74E3 		4 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://olacast.live/cdn-cgi/apps/head/q_HVQTIRNKCVDn_t3H1Z2y_CuCE.js
Requested by
Host: olacast.live
URL: https://olacast.live/premiumtv/daddylive.php?id=111&noads=true
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:e6::ac40:c921 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
1040e322eee43eddd19c9736b232f39f166212395009b2c44dee165d5a5d8eb4

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://olacast.live/premiumtv/daddylive.php?id=111&noads=true
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date
Wed, 06 Jul 2022 09:48:24 GMT
content-encoding
br
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
168393
max-age
0
content-type
application/javascript; charset=utf-8
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-amz-request-id
XAVER5TQCNY5V9B8
x-amz-id-2
e2V2vlAynPfYUZirlFP1Km2y0kXmvFUMMzI79snyrisNJIKf2DqkxGWuUBCQu9gA6WD29l0avoc=
pragma
no-cache
last-modified
Sat, 04 Jun 2022 18:35:51 GMT
server
cloudflare
etag
W/"f6b0b7fe41abcbb4e25f8be0d001ccfa"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=TxTaUvIKmk8Ntw9yNdrpRLdYMaR81LJYpTUDdk3NJbjAIJ250Q%2Fbm%2FaTDrLAyUt5vfgT5J81dWlMK1ZUpU2aBdqt32YDUPNPV7u0hS5HcH48l0oUspUUBOlv2XdHKyqKCV9iI2pq4eVyoQY%3D"}],"group":"cf-nel","max_age":604800}
x-amz-version-id
88wuetAmtSFcYZykGJ.QQmZxtR3qT.oO
cache-control
no-cache, no-store, must-revalidate
cf-ray
72676caf2caeb8a3-AMS
jquery-3.5.1.min.js
code.jquery.com/ Frame 74E3 		87 KB
30 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://code.jquery.com/jquery-3.5.1.min.js
Requested by
Host: olacast.live
URL: https://olacast.live/premiumtv/daddylive.php?id=111&noads=true
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2001:4de0:ac18::1:a:3b , Netherlands, ASN20446 (STACKPATH-CDN, US),
Reverse DNS
Software
nginx /
Resource Hash
f7f6a5894f1d19ddad6fa392b2ece2c5e578cbf7da4ea805b6885eb6985b6e3d

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://olacast.live/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date
Wed, 06 Jul 2022 09:48:24 GMT
content-encoding
gzip
last-modified
Wed, 16 Feb 2022 10:50:39 GMT
server
nginx
etag
W/"620cd6ff-15d84"
vary
Accept-Encoding
x-hw
1657100904.dop242.am5.t,1657100904.cds273.am5.hn,1657100904.cds312.am5.c
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
cache-control
max-age=315360000, public
accept-ranges
bytes
content-length
30879
sfp.js
addresseepaper.com/ Frame 5605 		79 KB
23 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://addresseepaper.com/sfp.js
Requested by
Host: buffstream.fun
URL: https://buffstream.fun/frame2.php?place=aHR0cHM6Ly9jZG4uc3BvcnRjYXN0LmxpZmUvbmdpbngucGhwP2lkPTExMQ==&width=700&height=420&uniqid=1657100902&ask=1657101600&lgt=14
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3038::6815:eafe , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
ec91098ecdf99168e077aa63fb41758d5d89be3165f73a7b6176a6ba4a24291d
Security Headers
Name Value
Strict-Transport-Security max-age=0; includeSubdomains

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://buffstream.fun/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date
Wed, 06 Jul 2022 09:48:24 GMT
content-encoding
br
vary
Accept-Encoding
cf-cache-status
EXPIRED
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
p3p
CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-request-id
d42409e6ff442ff0790c9539a4c675cb
last-modified
Wed, 06 Jul 2022 09:48:24 GMT
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security
max-age=0; includeSubdomains
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=3AJboVgbCrQUE7tH8G%2Bbx2rB7m4i2akmR3feID1SR%2B7HJ7N%2FmnQfCPwHCfnVGmfh%2F74FDxrH6lQ5I6RcvkC7WlYCmPHSsCBW2zu8attvHjhcVWr7ipV0248FCZyrbe7Y1JzZ2l55WkImP6RilEfGMlM%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
cache-control
max-age=14400
cf-ray
72676caf7c45b6fa-AMS
expires
Thu, 01 Jan 1970 00:00:01 GMT
e1c5157ca5df6869b964dc23f5e32700.js
undooptimisticsuction.com/e1/c5/15/ Frame 5605 		0
0 		Script
General
Check archive.org
Download Go to
Full URL
https://undooptimisticsuction.com/e1/c5/15/e1c5157ca5df6869b964dc23f5e32700.js
Requested by
Host: buffstream.fun
URL: https://buffstream.fun/frame2.php?place=aHR0cHM6Ly9jZG4uc3BvcnRjYXN0LmxpZmUvbmdpbngucGhwP2lkPTExMQ==&width=700&height=420&uniqid=1657100902&ask=1657101600&lgt=14
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
192.243.59.13 Ashburn, United States, ASN39572 (ADVANCEDHOSTERS-AS, NL),
Reverse DNS
Software
nginx/1.17.6 /
Resource Hash

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://buffstream.fun/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

Date
Wed, 06 Jul 2022 09:48:26 GMT
Server
nginx/1.17.6
P3P
CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
Access-Control-Allow-Origin
*
Connection
keep-alive
Accept-CH
Device-Stock-UA,Sec-CH-UA-Full-Version-ListSec-CH-UA-MobileSec-CH-UA-Platform,Sec-CH-UA-Mobile,Sec-CH-UA-PlatformSec-CH-UA-ModelSec-CH-UA-Mobile,Sec-CH-UA-PlatformSec-CH-UA-Platform-Version,Sec-CH-UASec-CH-UA-MobileSec-CH-UA-Platform,User-Agent,X-Device-User-Agent,X-OperaMini-Phone-UA,X-UCBrowser-Device-UA
Content-Type
application/javascript
Content-Length
0
player.php
player.licenses4.me/ Frame 204C 		0
0
pxf.gif
dismantlepenantiterrorist.com/ Frame 5605 		1 B
425 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dismantlepenantiterrorist.com/pxf.gif?uuid=29df1e45-132f-429b-ae16-91d4e8d0a52a&eb=d141fc753c4dc92138847cf684e0f25d&te=a2d0ce014e78ed2cbdd2e7e815a3f70a&ua=Mozilla%2F5.0%20(Windows%20NT%2010.0%3B%20Win64%3B%20x64)%20AppleWebKit%2F537.36%20(KHTML%2C%20like%20Gecko)%20Chrome%2F103.0.5060.53%20Safari%2F537.36&dev=r&res=12.31&b_frame=1&pk=9fef9045096b8ee3f302c900d0e9bd5a&bl=en-US&sr=1200x1600&sz=1200x1600&hjs=9
Requested by
Host: buffstream.fun
URL: https://buffstream.fun/frame2.php?place=aHR0cHM6Ly9jZG4uc3BvcnRjYXN0LmxpZmUvbmdpbngucGhwP2lkPTExMQ==&width=700&height=420&uniqid=1657100902&ask=1657101600&lgt=14
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
192.243.59.13 Ashburn, United States, ASN39572 (ADVANCEDHOSTERS-AS, NL),
Reverse DNS
Software
nginx/1.17.6 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=0; includeSubdomains

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://buffstream.fun/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

Date
Wed, 06 Jul 2022 09:48:25 GMT
Server
nginx/1.17.6
Strict-Transport-Security
max-age=0; includeSubdomains
P3P
CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
Access-Control-Allow-Origin
*
Cache-Control
no-cache
Connection
keep-alive
Content-Type
image/gif
Content-Length
1
X-Request-ID
d159934f6005ff85e7473acf4a5fc739
Expires
Thu, 01 Jan 1970 00:00:01 GMT
sfp.js
addresseepaper.com/ Frame 5605 		79 KB
23 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://addresseepaper.com/sfp.js
Requested by
Host: buffstream.fun
URL: https://buffstream.fun/frame2.php?place=aHR0cHM6Ly9jZG4uc3BvcnRjYXN0LmxpZmUvbmdpbngucGhwP2lkPTExMQ==&width=700&height=420&uniqid=1657100902&ask=1657101600&lgt=14
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3038::6815:eafe , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
ec91098ecdf99168e077aa63fb41758d5d89be3165f73a7b6176a6ba4a24291d
Security Headers
Name Value
Strict-Transport-Security max-age=0; includeSubdomains

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://buffstream.fun/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date
Wed, 06 Jul 2022 09:48:28 GMT
content-encoding
br
vary
Accept-Encoding
cf-cache-status
EXPIRED
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
p3p
CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-request-id
091d14851ca133b4d2b0cd23680cecf8
last-modified
Wed, 06 Jul 2022 09:48:27 GMT
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security
max-age=0; includeSubdomains
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=h0gi84ncpXytCXYlaC%2FwcZcFiE8a477kI15YWINhzYIkWwV2QW%2F2pL%2F7fqRyeVZA5uLBsXccnj5ktkmjLwXAL450mlf%2BVqK8PipFmQ9mTkdwi7JiemDvqM22QYDwKmUqz8p1i3awEGnKl6jsp2BI9d4%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
cache-control
max-age=14400
cf-ray
72676cc36effb8fa-AMS
expires
Thu, 01 Jan 1970 00:00:01 GMT
e1c5157ca5df6869b964dc23f5e32700.js
undooptimisticsuction.com/e1/c5/15/ Frame 5605 		0
0 		Script
General
Check archive.org
Download Go to
Full URL
https://undooptimisticsuction.com/e1/c5/15/e1c5157ca5df6869b964dc23f5e32700.js
Requested by
Host: buffstream.fun
URL: https://buffstream.fun/frame2.php?place=aHR0cHM6Ly9jZG4uc3BvcnRjYXN0LmxpZmUvbmdpbngucGhwP2lkPTExMQ==&width=700&height=420&uniqid=1657100902&ask=1657101600&lgt=14
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
192.243.59.13 Ashburn, United States, ASN39572 (ADVANCEDHOSTERS-AS, NL),
Reverse DNS
Software
nginx/1.17.6 /
Resource Hash

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://buffstream.fun/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

Date
Wed, 06 Jul 2022 09:48:28 GMT
Server
nginx/1.17.6
P3P
CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
Access-Control-Allow-Origin
*
Connection
keep-alive
Accept-CH
Device-Stock-UA,Sec-CH-UA-Full-Version-ListSec-CH-UA-MobileSec-CH-UA-Platform,Sec-CH-UA-Mobile,Sec-CH-UA-PlatformSec-CH-UA-ModelSec-CH-UA-Mobile,Sec-CH-UA-PlatformSec-CH-UA-Platform-Version,Sec-CH-UASec-CH-UA-MobileSec-CH-UA-Platform,User-Agent,X-Device-User-Agent,X-OperaMini-Phone-UA,X-UCBrowser-Device-UA
Content-Type
application/javascript
Content-Length
0
pxf.gif
dismantlepenantiterrorist.com/ Frame 5605 		1 B
425 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dismantlepenantiterrorist.com/pxf.gif?uuid=29df1e45-132f-429b-ae16-91d4e8d0a52a&eb=d141fc753c4dc92138847cf684e0f25d&te=a2d0ce014e78ed2cbdd2e7e815a3f70a&ua=Mozilla%2F5.0%20(Windows%20NT%2010.0%3B%20Win64%3B%20x64)%20AppleWebKit%2F537.36%20(KHTML%2C%20like%20Gecko)%20Chrome%2F103.0.5060.53%20Safari%2F537.36&dev=r&res=13.31&b_frame=1&pk=9fef9045096b8ee3f302c900d0e9bd5a&bl=en-US&sr=1200x1600&sz=1200x1600&hjs=9
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
192.243.59.13 Ashburn, United States, ASN39572 (ADVANCEDHOSTERS-AS, NL),
Reverse DNS
Software
nginx/1.17.6 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=0; includeSubdomains

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://buffstream.fun/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

Date
Wed, 06 Jul 2022 09:48:28 GMT
Server
nginx/1.17.6
Strict-Transport-Security
max-age=0; includeSubdomains
P3P
CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
Access-Control-Allow-Origin
*
Cache-Control
no-cache
Connection
keep-alive
Content-Type
image/gif
Content-Length
1
X-Request-ID
b1f0c564ca9b7eb6174b0f9847bf7edd
Expires
Thu, 01 Jan 1970 00:00:01 GMT

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain
player.licenses4.me
URL
https://player.licenses4.me/player.php?id=premium111&test=true

Verdicts & Comments Add Verdict or Comment

11 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| 0 object| oncontextlost object| oncontextrestored function| structuredClone object| launchQueue object| onbeforematch function| getScreenDetails function| queryLocalFonts object| navigation function| notLoad object| atOptions

3 Cookies

Domain/Path Name / Value
simplewebanalysis.com/ Name: uid_id2
Value: 29df1e45-132f-429b-ae16-91d4e8d0a52a:3:1
buffstream.fun/ Name: dom3ic8zudi28v8lr6fgphwffqoz0j6c
Value: 29df1e45-132f-429b-ae16-91d4e8d0a52a%3A3%3A1
.sportcast.life/ Name: __cf_bm
Value: M_tsMC4POElwD0wYAyUewViKjLhh2ryp3LTKjegON2o-1657100903-0-AV7DliLRenzc79XDjEOKYoFjSQqeogYzMaihmLOBbq66uAkQYf9nh1x8bD6FHyP4TOwTD6Loh9FHcsC0FdQJ6NB1mBndZpfwvO40O1NVl/C0drNnQgOophRR5MnjfAL2QQ==

4 Console Messages

Source Level URL
Text
network error URL: https://moderatepartsindependently.com/9f/ef/90/9fef9045096b8ee3f302c900d0e9bd5a.json
Message:
Failed to load resource: the server responded with a status of 403 (Forbidden)
network error URL: https://moderatepartsindependently.com/93e57b70d5f506dddd687e4174119263/invoke.js
Message:
Failed to load resource: the server responded with a status of 403 (Forbidden)
network error URL: https://undooptimisticsuction.com/e1/c5/15/e1c5157ca5df6869b964dc23f5e32700.js
Message:
Failed to load resource: the server responded with a status of 403 (Forbidden)
network error URL: https://undooptimisticsuction.com/e1/c5/15/e1c5157ca5df6869b964dc23f5e32700.js
Message:
Failed to load resource: the server responded with a status of 403 (Forbidden)

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

addresseepaper.com
buffstream.fun
cdn.sportcast.life
code.jquery.com
daddylive.top
dismantlepenantiterrorist.com
moderatepartsindependently.com
olacast.live
player.licenses4.me
poshhateful.com
simplewebanalysis.com
ssl.google-analytics.com
undooptimisticsuction.com
www.google-analytics.com
www.googletagmanager.com
player.licenses4.me
192.243.59.13
192.243.61.225
192.243.61.227
2001:4860:4802:32::178
2001:4de0:ac18::1:a:3b
2606:4700:3031::6815:30f6
2606:4700:3038::6815:eafe
2606:4700:e6::ac40:c921
2a00:1450:4001:80b::2008
2a06:98c1:3121::3
52.29.132.48
1040e322eee43eddd19c9736b232f39f166212395009b2c44dee165d5a5d8eb4
1259ea99bd76596239bfd3102c679eb0a5052578dc526b0452f4d42f8bcdd45f
2689367b205c16ce32ed4200942b8b8b1e262dfc70d9bc9fbc77c49699a4f1df
39fd5965051a267f70dd600bf7a6f2afafab5dfd2881805c62aa4f7a1800c6dc
3effc7bf6c93167a6ba6d31368187ffd8a2a5dc1904515a623b65107bcef1f92
401f0d48709bd477dc9919b642ae67fd267e43bcb4345d24a766234095b5e193
402e88f6bc9ae5d54feea752b47f1d9d864d85668f9c957608bea123b0bfb376
4763ad3707fd79ee60d52467a6500d0dc30e70f58044714659641dc2ece76620
506aaeac9e46c600f29dc877905f4df1de9927dfdbbaf60add636f0c57f75c6f
8abac4efeaa5c9d5a0a9be9a980f6d0431f5bbf5c48c73ee43b143d172ddf7e3
a17f31d19960d6e3a299e1bebcc072c65a38342dd09fedb45cdce79507983963
a1925038db769477ab74b4df34350c35688a795bb718727b0f4292a4a78a6210
b6d3e95794fb69720a9519b976b56b5e63c56802b3cb0716d6eff4eabc46e3dc
d33651124791f2edf2f0a53d5d1af4acadfe5b15e5cf92ec9e8c1559fb5808e8
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
ec91098ecdf99168e077aa63fb41758d5d89be3165f73a7b6176a6ba4a24291d
f7f6a5894f1d19ddad6fa392b2ece2c5e578cbf7da4ea805b6885eb6985b6e3d