urlscan.io logo urlscan.io
SecurityTrails logo

1stream.buzz Open in urlscan Pro
2a06:98c1:3121::3  Public Scan

Go To Rescan Add Verdict Report
URL: https://1stream.buzz/fr/
Submission: On November 09 via manual from DE — Scanned from NL
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 6 IPs in 3 countries across 6 domains to perform 9 HTTP transactions. The main IP is 2a06:98c1:3121::3, located in United States and belongs to CLOUDFLARENET, US. The main domain is 1stream.buzz. The Cisco Umbrella rank of the primary domain is 539702.
TLS certificate: Issued by GTS CA 1P5 on October 1st 2023. Valid for: 3 months.
This is the only time 1stream.buzz was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
2 2a06:98c1:312... 13335 (CLOUDFLAR...)
3 139.45.197.242 9002 (RETN-AS)
1 2a02:26f0:480... 20940 (AKAMAI-ASN1)
1 2a00:1450:400... 15169 (GOOGLE)
1 139.45.195.8 9002 (RETN-AS)
1 2a00:1450:400... 15169 (GOOGLE)
9 6
2    2a06:98c1:3121::3 (United States)

ASN13335 (CLOUDFLARENET, US)
1stream.buzz
3    139.45.197.242 (United Kingdom)

ASN9002 (RETN-AS, GB)
dukingdraon.com
1    2a02:26f0:480:d::210:f147 (Frankfurt am Main, Germany)

ASN20940 (AKAMAI-ASN1, NL)
i.pinimg.com
1    2a00:1450:4001:813::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
pagead2.googlesyndication.com
1    139.45.195.8 (United Kingdom)

ASN9002 (RETN-AS, GB)
my.rtmark.net
1    2a00:1450:4001:809::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
googleads.g.doubleclick.net
Apex Domain
Subdomains		 Transfer
3 dukingdraon.com
dukingdraon.com — Cisco Umbrella Rank: 280201
30 KB
2 1stream.buzz
1stream.buzz — Cisco Umbrella Rank: 539702
22 KB
1 doubleclick.net
googleads.g.doubleclick.net — Cisco Umbrella Rank: 33
5 KB
1 rtmark.net
my.rtmark.net — Cisco Umbrella Rank: 11206
543 B
1 googlesyndication.com
pagead2.googlesyndication.com — Cisco Umbrella Rank: 97
51 KB
1 pinimg.com
i.pinimg.com — Cisco Umbrella Rank: 1904
507 KB
9 6
Domain Requested by
3 dukingdraon.com 1stream.buzz
dukingdraon.com
2 1stream.buzz 1stream.buzz
1 googleads.g.doubleclick.net pagead2.googlesyndication.com
1 my.rtmark.net dukingdraon.com
1 pagead2.googlesyndication.com 1stream.buzz
1 i.pinimg.com 1stream.buzz
9 6

This site contains no links.

Subject Issuer Validity Valid
1stream.buzz
GTS CA 1P5		 2023-10-01 -
2023-12-30		 3 months crt.sh
dukingdraon.com
R3		 2023-08-28 -
2023-11-26		 3 months crt.sh
i2.pinimg.com
DigiCert Global G2 TLS RSA SHA256 2020 CA1		 2023-05-03 -
2024-05-15		 a year crt.sh
*.g.doubleclick.net
GTS CA 1C3		 2023-10-16 -
2024-01-08		 3 months crt.sh
rtmark.net
R3		 2023-10-07 -
2024-01-05		 3 months crt.sh

This page contains 2 frames:

Primary Page: https://1stream.buzz/fr/
Frame ID: 15FA5C0BD4F4ABF0F3BA71BEF31EA8A7
Requests: 8 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/html/r20231106/r20190131/zrt_lookup.html
Frame ID: 1B5E99004120DDFE7213DA0470539B2C
Requests: 1 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page Title

403 Forbidden s

Detected technologies

Overall confidence: 100%
Detected patterns
  • googlesyndication\.com/

Page Statistics

9
Requests

100 %
HTTPS

67 %
IPv6

6
Domains

6
Subdomains

6
IPs

3
Countries

616 kB
Transfer

812 kB
Size

5
Cookies

Redirected requests

There were HTTP redirect chains for the following requests:

9 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
Primary Request /
1stream.buzz/fr/ 		65 KB
22 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://1stream.buzz/fr/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a06:98c1:3121::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
c17b3fafc2a974e2dc3d4265134104eea14fa33d27f436f8936521de4c03c052

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36
accept-language
nl-NL,nl;q=0.9

Response headers

alt-svc
h3=":443"; ma=86400
cf-cache-status
DYNAMIC
cf-ray
8234eaf42d11670c-AMS
content-encoding
br
content-type
text/html; charset=UTF-8
date
Thu, 09 Nov 2023 09:09:36 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=ZmXLufD%2F4OQkus%2FrU2Ovp%2Bs6PLAoDYHjyZ4htDw3dY37UQnMXdO%2FV%2BOIKRY0w3anLV4AlT267Mj161%2Bnc0gACfzEN7XFGFnVse4bOrLb2PSd6xtFaNiNwu3koCxbH7Mb6y2jQSW29kbjDD0%3D"}],"group":"cf-nel","max_age":604800}
server
cloudflare
/
1stream.buzz/fr/ 		0
258 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://1stream.buzz/fr/
Requested by
Host: 1stream.buzz
URL: https://1stream.buzz/fr/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a06:98c1:3121::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://1stream.buzz/fr/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

date
Thu, 09 Nov 2023 09:09:36 GMT
content-encoding
br
cf-cache-status
DYNAMIC
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=WMO2pgUgWpNh8zOZLByQaPRwStNap8rWx3trKMXT4cebX%2BpF%2B8b%2B1GtkT5Fd6mSRsUq3rKC%2BaYVUwG80WGI3LdoDVPsbLvaK1JaCWJEiso22ZyvGLHknlgn73%2FD5D2Aewu6PAmi69LfYn38%3D"}],"group":"cf-nel","max_age":604800}
content-type
text/html; charset=UTF-8
cf-ray
8234eaf59ea0670c-AMS
alt-svc
h3=":443"; ma=86400
/
dukingdraon.com/5/6555840/ 		3 KB
2 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://dukingdraon.com/5/6555840/?oo=1&aab=1
Requested by
Host: 1stream.buzz
URL: https://1stream.buzz/fr/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
139.45.197.242 , United Kingdom, ASN9002 (RETN-AS, GB),
Reverse DNS
Software
nginx /
Resource Hash
fe9837bff43356e4060ffa5805a2aacb4522f37cf10dbf3a42591d81fc7bc03d

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://1stream.buzz/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

date
Thu, 09 Nov 2023 09:09:36 GMT
content-encoding
gzip
x-trace-id
a1a7434213d7a6f62533873c39ccb780
pragma
no-cache, no-cache
server
nginx
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version, Sec-CH-UA-Wow64
access-control-max-age
86400
access-control-allow-methods
GET, POST, OPTIONS
content-type
application/json
access-control-allow-origin
https://1stream.buzz
cache-control
no-transform, no-store, no-cache, must-revalidate, max-age=0, no-store, no-cache, must-revalidate, max-age=0
access-control-allow-credentials
true
timing-allow-origin
*
link
<https://my.rtmark.net>; rel="preconnect dns-prefetch",<https://propeller-tracking.com>; rel="preconnect dns-prefetch",<https://sr7pv7n5x.com>; rel="preconnect dns-prefetch"
access-control-allow-headers
Accept, Content-Type, Content-Length, Accept-Encoding, baggage, sentry-trace
expires
Tue, 11 Jan 1994 10:00:00 GMT, Mon, 26 Jul 1997 05:00:00 GMT
tag.min.js
dukingdraon.com/ 		79 KB
26 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://dukingdraon.com/tag.min.js
Requested by
Host: 1stream.buzz
URL: https://1stream.buzz/fr/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
139.45.197.242 , United Kingdom, ASN9002 (RETN-AS, GB),
Reverse DNS
Software
nginx /
Resource Hash
515abc8669312dd2e623a0a8f1d6fce5593e131ddc96d330a38810dc3e04075c
Security Headers
Name Value
Strict-Transport-Security max-age=1
X-Content-Type-Options nosniff

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://1stream.buzz/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

date
Thu, 09 Nov 2023 09:09:36 GMT
content-encoding
br
x-content-type-options
nosniff
strict-transport-security
max-age=1
content-length
25508
x-trace-id
6615aa69e531014b56c1941a005deba0
pragma
no-cache
last-modified
Tue, 07 Nov 2023 13:37:35 GMT
server
nginx
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version, Sec-CH-UA-Wow64
access-control-max-age
86400
access-control-allow-methods
GET, POST, OPTIONS
content-type
text/javascript; charset=utf-8
access-control-allow-origin
*
cache-control
no-transform, no-store, no-cache, must-revalidate, max-age=0
access-control-allow-credentials
true
accept-ranges
bytes
timing-allow-origin
*, *
access-control-allow-headers
Accept, Content-Type, Content-Length, Accept-Encoding, baggage, sentry-trace
expires
Tue, 11 Jan 1994 10:00:00 GMT
54c43b3256908af8f552c3bae869e6af.gif
i.pinimg.com/originals/54/c4/3b/ 		506 KB
507 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://i.pinimg.com/originals/54/c4/3b/54c43b3256908af8f552c3bae869e6af.gif
Requested by
Host: 1stream.buzz
URL: https://1stream.buzz/fr/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:26f0:480:d::210:f147 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
/
Resource Hash
eec1b83c92b839c7c2c05e86bab31aaaf6db0e920f8629712b9725a0c62f0955

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://1stream.buzz/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

x-cdn
akamai
akamai-grn
0.07f01002.1699520976.639a2dc
etag
"588ae1b366f7d88763df6b7c0144a257"
vary
Origin
content-type
image/gif
cache-control
immutable, max-age=31536000
accept-ranges
bytes
alt-svc
h3=":443"; ma=600
content-length
518340
adsbygoogle.js
pagead2.googlesyndication.com/pagead/js/ 		148 KB
51 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js
Requested by
Host: 1stream.buzz
URL: https://1stream.buzz/fr/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
e0174569ebf383f7cc0261797b791caaf11f3eb321bd716896ef0b6a7cad4d3c
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://1stream.buzz/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

date
Thu, 09 Nov 2023 09:09:36 GMT
content-encoding
br
x-content-type-options
nosniff
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
52099
x-xss-protection
0
server
cafe
etag
7324825344763304277
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=3600
timing-allow-origin
*
expires
Thu, 09 Nov 2023 09:09:36 GMT
gid.js
my.rtmark.net/ 		65 B
543 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://my.rtmark.net/gid.js?userId=e1ecdcba43b94062922c202445fb3c5d
Requested by
Host: dukingdraon.com
URL: https://dukingdraon.com/tag.min.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
139.45.195.8 , United Kingdom, ASN9002 (RETN-AS, GB),
Reverse DNS
Software
nginx /
Resource Hash
ca825caada6f49897ef0b9ab211c7f98d10159536639ac4c4ec64575d06594e2
Security Headers
Name Value
Strict-Transport-Security max-age=1
X-Content-Type-Options nosniff

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://1stream.buzz/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

date
Thu, 09 Nov 2023 09:09:36 GMT
strict-transport-security
max-age=1
x-content-type-options
nosniff
server
nginx
access-control-allow-methods
POST, GET, OPTIONS, PUT, DELETE
content-type
application/json; charset=utf-8
access-control-allow-origin
https://1stream.buzz
access-control-expose-headers
Authorization
access-control-allow-credentials
true
timing-allow-origin
*, *
access-control-allow-headers
Accept, Content-Type, Content-Length, Accept-Encoding, Authorization,X-CSRF-Token
content-length
65
zrt_lookup.html
googleads.g.doubleclick.net/pagead/html/r20231106/r20190131/ Frame 1B5E 		10 KB
5 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/pagead/html/r20231106/r20190131/zrt_lookup.html
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:809::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
626c65063bcb00fcc4574cffc418820fc209794a0519ec1e65931896c79a6ee1
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://1stream.buzz/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36
accept-language
nl-NL,nl;q=0.9

Response headers

age
7597
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
public, max-age=1209600
content-encoding
br
content-length
4502
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Thu, 09 Nov 2023 07:02:59 GMT
etag
251720774729838433
expires
Thu, 23 Nov 2023 07:02:59 GMT
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server
cafe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
/
dukingdraon.com/ 		2 KB
2 KB 		Fetch
General
Check archive.org
Download Go to
Full URL
https://dukingdraon.com/?rb=ehhHV-rUXOI4ouKT0Hrwl7hOgBOun5T9iahHF9-UbRJigbg4Vgytic5ReCYsoWIPZslYkjXd0jPkGg07A7LYOvXRDsEj1_VORQ7R6Mu8BLbelZPYd-TcXRiChin_5YcWfzHXhbMADNYEyd-8hBa_BmknpkrJ9zbJyqlnsGXbDkqintQ_ZgclCr20qWzSwOpbiyhR2_eothDDj9rYcNndzJwraERb2JsThAlA36fZfCzHKuDv_SUsv0-fX375blm6NxZXfrateS_zMaR84DvkUX3eCoU%3D&request_ab2=0&zoneid=6555840&js_build=iclick-v1.624.0&fs=0&cf=0&sw=1600&sh=1200&sah=1200&wx=0&wy=0&ww=1600&wh=1200&cw=1600&wih=1200&wiw=1600&wfc=1&pl=https%3A%2F%2F1stream.buzz%2Ffr%2F&drf=&np=1&pt=0&nb=1&ng=1&ix=0&nw=1&tb=false&wgl=Intel%20Iris%20OpenGL%20Engine&js_build=iclick-v1.624.0&bs=25581fe3-7cd7-40e6-adbc-e5e21ef151f1&userId=e1ecdcba43b94062922c202445fb3c5d&m=link
Requested by
Host: dukingdraon.com
URL: https://dukingdraon.com/tag.min.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
139.45.197.242 , United Kingdom, ASN9002 (RETN-AS, GB),
Reverse DNS
Software
nginx /
Resource Hash
9a5847ceade43726ce45072e43e025fa7728c6038a8450abd3eb7af4d5776eda
Security Headers
Name Value
Strict-Transport-Security max-age=1
X-Content-Type-Options nosniff

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://1stream.buzz/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

date
Thu, 09 Nov 2023 09:09:36 GMT
strict-transport-security
max-age=1
x-content-type-options
nosniff
content-encoding
gzip
x-trace-id
256a49aacce26d915801447b8e7795a1
pragma
no-cache
server
nginx
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version, Sec-CH-UA-Wow64
access-control-max-age
86400
access-control-allow-methods
GET, POST, OPTIONS
content-type
application/json
access-control-allow-origin
https://1stream.buzz
cache-control
no-transform, no-store, no-cache, must-revalidate, max-age=0
access-control-allow-credentials
true
timing-allow-origin
*, *
access-control-allow-headers
Accept, Content-Type, Content-Length, Accept-Encoding, baggage, sentry-trace
expires
Tue, 11 Jan 1994 10:00:00 GMT

Verdicts & Comments Add Verdict or Comment

34 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| 0 object| 1 object| documentPictureInPicture string| k object| _vsmosg0k6y object| 37tp2f9kw4j object| zfgformats function| setImmediate function| clearImmediate function| _zrovmaug function| _zukeyb object| _0x4e59 function| _0x505a function| _0xa00dd1 object| _0x1484 function| _0xb322 object| zfgstorage function| onClickTrigger function| kkp4a5x5tv boolean| zfgloadedpopup boolean| zfgonclickfirst object| syncCallbacks object| google_js_reporting_queue number| google_srt object| google_persistent_state_async object| google_logging_queue number| tmod object| google_ad_modifications object| ggeac boolean| google_measure_js_timing object| google_tag_data object| google_reactive_ads_global_state object| adsbygoogle string| google_user_agent_client_hint

5 Cookies

Domain/Path Name / Value
dukingdraon.com/ Name: OAID
Value: e1ecdcba43b94062922c202445fb3c5d
dukingdraon.com/ Name: oaidts
Value: 1699520976
my.rtmark.net/ Name: ID
Value: e1ecdcba43b94062922c202445fb3c5d
1stream.buzz/ Name: prefetchAd_6555840
Value: true
dukingdraon.com/ Name: syncedCookie
Value: true

2 Console Messages

Source Level URL
Text
network error URL: https://1stream.buzz/fr/
Message:
Failed to load resource: the server responded with a status of 404 ()
network error URL: https://1stream.buzz/fr/
Message:
Failed to load resource: the server responded with a status of 404 ()