urlscan.io logo urlscan.io
SecurityTrails logo

app.buffl.co Open in urlscan Pro
3.167.112.58  Public Scan

Go To Rescan Add Verdict Report
Submitted URL: http://app.buffl.co/community/course/6369223110388183d9eb2376/join
Effective URL: https://app.buffl.co/community/course/6369223110388183d9eb2376/join
Submission: On October 26 via api from RU — Scanned from CA
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 10 IPs in 3 countries across 7 domains to perform 27 HTTP transactions. The main IP is 3.167.112.58, located in United States and belongs to AMAZON-02, US. The main domain is app.buffl.co.
TLS certificate: Issued by Amazon RSA 2048 M03 on October 23rd 2024. Valid for: a year.
This is the only time app.buffl.co was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
4 3.167.112.58 16509 (AMAZON-02)
5 104.21.234.235 13335 (CLOUDFLAR...)
4 18.164.96.84 16509 (AMAZON-02)
1 142.251.16.84 15169 (GOOGLE)
7 23.88.65.76 24940 (HETZNER-AS)
1 88.99.224.234 24940 (HETZNER-AS)
2 157.240.229.1 32934 (FACEBOOK)
1 151.101.0.176 54113 (FASTLY)
1 104.94.123.98 16625 (AKAMAI-AS)
1 151.101.128.176 54113 (FASTLY)
27 10
4    3.167.112.58 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-3-167-112-58.iad55.r.cloudfront.net
app.buffl.co
5    104.21.234.235 (None, )

ASN13335 (CLOUDFLARENET, US)
rsms.me
4    18.164.96.84 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-18-164-96-84.jfk50.r.cloudfront.net
eu.posthog.com
1    142.251.16.84 (Farmingdale, United States)

ASN15169 (GOOGLE, US)
PTR: bl-in-f84.1e100.net
accounts.google.com
7    23.88.65.76 (Gunzenhausen, Germany)

ASN24940 (HETZNER-AS, DE)
PTR: static.76.65.88.23.clients.your-server.de
api.buffl.co
1    88.99.224.234 (Ahnsbeck, Germany)

ASN24940 (HETZNER-AS, DE)
PTR: static.234.224.99.88.clients.your-server.de
status.buffl.co
2    157.240.229.1 (Ashburn, United States)

ASN32934 (FACEBOOK, US)
PTR: xx-fbcdn-shv-02-iad3.fbcdn.net
connect.facebook.net
1    151.101.0.176 (San Francisco, United States)

ASN54113 (FASTLY, US)
js.stripe.com
1    104.94.123.98 (Ashburn, United States)

ASN16625 (AKAMAI-AS, US)
PTR: a104-94-123-98.deploy.static.akamaitechnologies.com
appleid.cdn-apple.com
1    151.101.128.176 (San Francisco, United States)

ASN54113 (FASTLY, US)
js.stripe.com
Apex Domain
Subdomains		 Transfer
12 buffl.co
app.buffl.co
api.buffl.co
status.buffl.co
4 MB
5 rsms.me
rsms.me — Cisco Umbrella Rank: 9083
437 KB
4 posthog.com
eu.posthog.com — Cisco Umbrella Rank: 47737
30 KB
2 stripe.com
js.stripe.com — Cisco Umbrella Rank: 1102
164 KB
2 facebook.net
connect.facebook.net — Cisco Umbrella Rank: 180
84 KB
1 cdn-apple.com
appleid.cdn-apple.com — Cisco Umbrella Rank: 3904
17 KB
1 google.com
accounts.google.com — Cisco Umbrella Rank: 18
86 KB
27 7
Domain Requested by
7 api.buffl.co app.buffl.co
5 rsms.me app.buffl.co
rsms.me
4 eu.posthog.com app.buffl.co
4 app.buffl.co app.buffl.co
2 js.stripe.com app.buffl.co
js.stripe.com
2 connect.facebook.net app.buffl.co
connect.facebook.net
1 appleid.cdn-apple.com app.buffl.co
1 status.buffl.co app.buffl.co
1 accounts.google.com app.buffl.co
27 9

This site contains no links.

Subject Issuer Validity Valid
buffl.co
Amazon RSA 2048 M03		 2024-10-23 -
2025-11-22		 a year crt.sh
rsms.me
WE1		 2024-10-19 -
2025-01-17		 3 months crt.sh
eu.posthog.com
Amazon RSA 2048 M02		 2024-07-10 -
2025-08-08		 a year crt.sh
accounts.google.com
WR2		 2024-10-07 -
2024-12-30		 3 months crt.sh
api.buffl.co
R11		 2024-09-02 -
2024-12-01		 3 months crt.sh
status.buffl.co
R10		 2024-09-09 -
2024-12-08		 3 months crt.sh
*.facebook.com
DigiCert SHA2 High Assurance Server CA		 2024-08-05 -
2024-11-03		 3 months crt.sh
a.stripecdn.com
DigiCert SHA2 Extended Validation Server CA		 2024-08-29 -
2024-12-05		 3 months crt.sh
appleid.cdn-apple.com
Apple Public EV Server RSA CA 2 - G1		 2024-06-06 -
2024-12-03		 6 months crt.sh

This page contains 2 frames:

Primary Page: https://app.buffl.co/community/course/6369223110388183d9eb2376/join
Frame ID: 88E659F73163BAD67CD32E1386F377DD
Requests: 26 HTTP requests in this frame

Frame: https://js.stripe.com/v3/controller-with-preconnect-1a6a00ea4cc8720448dc91f1c79dd208.html
Frame ID: 8F9E04F7D60359092DAE6BE7543FD78F
Requests: 1 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page Title

Buffl.co - the Swiping Flashcard App

Page URL History Show full URLs

  1. http://app.buffl.co/community/course/6369223110388183d9eb2376/join HTTP 307
    https://app.buffl.co/community/course/6369223110388183d9eb2376/join Page URL

Detected technologies

Overall confidence: 100%
Detected patterns
  • appleid\.auth\.js
Overall confidence: 100%
Detected patterns
  • accounts\.google\.com/gsi/client
Overall confidence: 100%
Detected patterns
  • <[^>]+data-react
Overall confidence: 100%
Detected patterns
  • socket\.io.*\.js
Overall confidence: 100%
Detected patterns
  • js\.stripe\.com
Overall confidence: 100%
Detected patterns
  • //connect\.facebook\.([a-z]+)/[^/]*/[a-z]*\.js

Page Statistics

27
Requests

100 %
HTTPS

0 %
IPv6

7
Domains

9
Subdomains

10
IPs

3
Countries

5392 kB
Transfer

6336 kB
Size

1
Cookies

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

  1. http://app.buffl.co/community/course/6369223110388183d9eb2376/join HTTP 307
    https://app.buffl.co/community/course/6369223110388183d9eb2376/join Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

27 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
Primary Request join
app.buffl.co/community/course/6369223110388183d9eb2376/
Redirect Chain
  • http://app.buffl.co/community/course/6369223110388183d9eb2376/join
  • https://app.buffl.co/community/course/6369223110388183d9eb2376/join
2 KB
2 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://app.buffl.co/community/course/6369223110388183d9eb2376/join
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
3.167.112.58 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-3-167-112-58.iad55.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
60ffaca2d675aa1c8e4093fac026feb899a486432d1896573fc7d741c19b3fd2

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36

Response headers

accept-ranges
bytes
age
71300
content-length
1806
content-type
text/html
date
Sat, 26 Oct 2024 07:06:28 GMT
etag
"85275eb4c56ec234139bd9e741b1d7ab"
last-modified
Thu, 18 Jul 2024 23:15:22 GMT
server
AmazonS3
via
1.1 68a9f2dcbbd436308ba855514c015cf2.cloudfront.net (CloudFront)
x-amz-cf-id
YEsXlKfJr-6xbHQe6hrUDAseYsfUam2xbCAeqWraMGc3Lv37CUbbRg==
x-amz-cf-pop
IAD55-P8
x-amz-meta-codebuild-buildarn
arn:aws:codebuild:eu-central-1:421533069175:build/Buffl-Frontend-CI:15e7d75d-86ef-48e5-bd9c-b772bc266108
x-amz-meta-codebuild-content-md5
1ba4da698809b9dc6ee72e96a47daa8f
x-amz-meta-codebuild-content-sha256
100006ce98d1c55e3836477ff66c5769a6c95714c35e1719b08d67e8dd6e65b1
x-amz-server-side-encryption
AES256
x-cache
Error from cloudfront

Redirect headers

Cross-Origin-Resource-Policy
Cross-Origin
Location
https://app.buffl.co/community/course/6369223110388183d9eb2376/join
Non-Authoritative-Reason
HSTS
index-fOJ1niGW.js
app.buffl.co/assets/ 		4 MB
4 MB 		Script
General
Check archive.org
Download Go to
Full URL
https://app.buffl.co/assets/index-fOJ1niGW.js
Requested by
Host: app.buffl.co
URL: https://app.buffl.co/community/course/6369223110388183d9eb2376/join
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
3.167.112.58 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-3-167-112-58.iad55.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
b68e181425d0085b5e62818b239721cf6657edd325b447425b3e9a0ee4248cab

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Origin
https://app.buffl.co
Referer
https://app.buffl.co/community/course/6369223110388183d9eb2376/join

Response headers

x-amz-meta-codebuild-content-md5
1ba4da698809b9dc6ee72e96a47daa8f
etag
"cabb4b967bda4cd9283a036f3aacb006"
age
3887
access-control-allow-methods
POST, GET, PUT
x-cache
Hit from cloudfront
x-amz-cf-id
um27IrU8xE0mhALuIMvuovkERH1v0YOZVOvoiViffHnN4nEkOFFiqA==
date
Sat, 26 Oct 2024 23:30:48 GMT
x-amz-meta-codebuild-buildarn
arn:aws:codebuild:eu-central-1:421533069175:build/Buffl-Frontend-CI:15e7d75d-86ef-48e5-bd9c-b772bc266108
content-type
application/x-javascript
last-modified
Thu, 18 Jul 2024 23:15:24 GMT
via
1.1 68a9f2dcbbd436308ba855514c015cf2.cloudfront.net (CloudFront)
accept-ranges
bytes
access-control-allow-origin
*
content-length
4309570
x-amz-cf-pop
IAD55-P8
server
AmazonS3
x-amz-meta-codebuild-content-sha256
100006ce98d1c55e3836477ff66c5769a6c95714c35e1719b08d67e8dd6e65b1
x-amz-server-side-encryption
AES256
index-iPseloOT.css
app.buffl.co/assets/ 		337 KB
338 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://app.buffl.co/assets/index-iPseloOT.css
Requested by
Host: app.buffl.co
URL: https://app.buffl.co/community/course/6369223110388183d9eb2376/join
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
3.167.112.58 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-3-167-112-58.iad55.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
bb70ce98b5f618518127cdbdfa84094a5243a5ea3f387c8c8caefc8c555cea6b

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Origin
https://app.buffl.co
Referer
https://app.buffl.co/community/course/6369223110388183d9eb2376/join

Response headers

etag
"cb7d7d92a784bcd1d6888eee8846dd25"
x-amz-meta-codebuild-content-md5
1ba4da698809b9dc6ee72e96a47daa8f
age
70814
access-control-allow-methods
POST, GET, PUT
x-cache
Hit from cloudfront
x-amz-cf-id
Hpzoa6rJufekR5sVs7_UyVnntiZuXj63mx2L1N6tW-wKt72QIGcNrQ==
date
Sat, 26 Oct 2024 03:50:34 GMT
x-amz-meta-codebuild-buildarn
arn:aws:codebuild:eu-central-1:421533069175:build/Buffl-Frontend-CI:15e7d75d-86ef-48e5-bd9c-b772bc266108
content-type
text/css
last-modified
Thu, 18 Jul 2024 23:15:24 GMT
via
1.1 68a9f2dcbbd436308ba855514c015cf2.cloudfront.net (CloudFront)
accept-ranges
bytes
access-control-allow-origin
*
content-length
344875
x-amz-cf-pop
IAD55-P8
server
AmazonS3
x-amz-meta-codebuild-content-sha256
100006ce98d1c55e3836477ff66c5769a6c95714c35e1719b08d67e8dd6e65b1
x-amz-server-side-encryption
AES256
inter.css
rsms.me/inter/ 		7 KB
2 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://rsms.me/inter/inter.css
Requested by
Host: app.buffl.co
URL: https://app.buffl.co/assets/index-iPseloOT.css
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.21.234.235 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
8fedfb7def1421aa9d58d1732be7164e33eec27b9c87193e010b9ddaa67b6a18

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://app.buffl.co/

Response headers

x-fastly-request-id
faae45e2398309029a3bccb5251b7f544649f220
content-encoding
gzip
cf-cache-status
HIT
etag
W/"6601abff-1b8d"
age
440
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=uLEXIp%2FvvfR7MFdBahlttp5uW%2FgwTakgua0yGOc3dl7jewvkKXo0WBm2rhEDpZ68OeMxwwwiqKBuw3Qt8dAOf3Tixueuy%2Fc56q9s%2FSUEricmMLAZZye8iNj6"}],"group":"cf-nel","max_age":604800}
x-github-request-id
91E9:259BF9:63E3EEB:6D6A657:670E61A5
expires
Tue, 15 Oct 2024 12:45:53 GMT
x-proxy-cache
MISS
alt-svc
h3=":443"; ma=86400
x-cache
HIT
server-timing
cfL4;desc="?proto=QUIC&rtt=26212&sent=12&recv=7&lost=0&retrans=0&sent_bytes=4119&recv_bytes=4266&delivery_rate=114322&cwnd=12000&unsent_bytes=0&cid=38898a2506b9d54d&ts=47&x=1", cfExtPri, cfHdrFlush;dur=0
date
Sat, 26 Oct 2024 23:30:48 GMT
content-type
text/css; charset=utf-8
x-served-by
cache-yyz4529-YYZ
x-cache-hits
1
last-modified
Mon, 25 Mar 2024 16:53:19 GMT
vary
Accept-Encoding
priority
u=0,i=?0
cache-control
max-age=14400
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-timer
S1729111682.722431,VS0,VE1
via
1.1 varnish
cf-ray
8d8e3c7d6bf336c1-YYZ
accept-ranges
bytes
access-control-allow-origin
*
content-length
712
x-origin-cache
HIT
server
cloudflare
/
eu.posthog.com/e/ 		13 B
556 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://eu.posthog.com/e/?ip=1&_=1729985449564&ver=1.94.2
Requested by
Host: app.buffl.co
URL: https://app.buffl.co/assets/index-fOJ1niGW.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.164.96.84 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-164-96-84.jfk50.r.cloudfront.net
Software
envoy /
Resource Hash
7d4afed20a912db310862a5294bcf8fb6269c76a292908ddc1fbd496456eff56
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Content-Type
application/x-www-form-urlencoded
Referer
https://app.buffl.co/

Response headers

content-encoding
gzip
access-control-allow-methods
GET, POST, OPTIONS
x-content-type-options
nosniff
x-cache
Miss from cloudfront
x-amz-cf-id
dYNV1Gs43zNa7VAPeZxGI1uUVwePtFkAm9uaOa_vzkMZmJ6K-wXI4A==
date
Sat, 26 Oct 2024 23:30:49 GMT
content-type
application/json
vary
Accept-Encoding
access-control-allow-headers
X-Requested-With,Content-Type
cross-origin-opener-policy
same-origin
x-envoy-upstream-service-time
9
access-control-allow-credentials
true
referrer-policy
same-origin
via
1.1 ab734ad5d81cc9d470b6176a05dd968e.cloudfront.net (CloudFront)
access-control-allow-origin
https://app.buffl.co
x-amz-cf-pop
JFK50-P5
server
envoy
/
eu.posthog.com/decide/ 		812 B
970 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://eu.posthog.com/decide/?v=3&ip=1&_=1729985449565&ver=1.94.2
Requested by
Host: app.buffl.co
URL: https://app.buffl.co/assets/index-fOJ1niGW.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.164.96.84 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-164-96-84.jfk50.r.cloudfront.net
Software
envoy /
Resource Hash
21822af330ef698e77053c731957c1301092927794f944b0460cc245d2c9caba
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Content-Type
application/x-www-form-urlencoded
Referer
https://app.buffl.co/

Response headers

content-encoding
gzip
access-control-allow-methods
GET, POST, OPTIONS
x-content-type-options
nosniff
x-cache
Miss from cloudfront
x-amz-cf-id
zVdqAouJf2rNNNiRkFkrFJsOxq4a5OtuXVBuy1kJ4wuWmaEvBAfxyA==
date
Sat, 26 Oct 2024 23:30:49 GMT
content-type
application/json
vary
Accept-Encoding
access-control-allow-headers
X-Requested-With,Content-Type
cross-origin-opener-policy
same-origin
x-envoy-upstream-service-time
5
access-control-allow-credentials
true
referrer-policy
same-origin
via
1.1 ab734ad5d81cc9d470b6176a05dd968e.cloudfront.net (CloudFront)
access-control-allow-origin
https://app.buffl.co
x-amz-cf-pop
JFK50-P5
server
envoy
client
accounts.google.com/gsi/ 		227 KB
86 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://accounts.google.com/gsi/client
Requested by
Host: app.buffl.co
URL: https://app.buffl.co/assets/index-fOJ1niGW.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.251.16.84 Farmingdale, United States, ASN15169 (GOOGLE, US),
Reverse DNS
bl-in-f84.1e100.net
Software
ESF /
Resource Hash
23ca2fe6e8d3b45234af72c698cbc556815299cd4be3d2fd4dbf20e69ec2222f
Security Headers
Name Value
Content-Security-Policy require-trusted-types-for 'script';report-uri https://csp.withgoogle.com/csp/identity-sign-in-google-http, script-src 'report-sample' 'nonce-dmcUGOktaVx4zEq5gGV0UQ' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/identity-sign-in-google-http
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://app.buffl.co/

Response headers

content-security-policy
require-trusted-types-for 'script';report-uri https://csp.withgoogle.com/csp/identity-sign-in-google-http, script-src 'report-sample' 'nonce-dmcUGOktaVx4zEq5gGV0UQ' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/identity-sign-in-google-http
cache-control
private, max-age=1800
content-encoding
gzip
cross-origin-resource-policy
cross-origin
report-to
{"group":"coop_dd7de8473bddc59c6b748810a67a39b1","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/dd7de8473bddc59c6b748810a67a39b1"}]}
x-content-type-options
nosniff
expires
Sat, 26 Oct 2024 23:30:49 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cross-origin-opener-policy-report-only
same-origin; report-to="coop_dd7de8473bddc59c6b748810a67a39b1"
date
Sat, 26 Oct 2024 23:30:49 GMT
x-xss-protection
0
content-type
application/javascript; charset=utf-8
vary
Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site
server
ESF
x-frame-options
SAMEORIGIN
/
api.buffl.co/socket.io/ 		97 B
421 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://api.buffl.co/socket.io/?EIO=4&transport=polling&t=PBBAmvY
Requested by
Host: app.buffl.co
URL: https://app.buffl.co/assets/index-fOJ1niGW.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
23.88.65.76 Gunzenhausen, Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
static.76.65.88.23.clients.your-server.de
Software
nginx/1.18.0 /
Resource Hash
1c9f15fac5f228c77685cef84e1e243fe908d20b697696a2de8da07e0c394d01
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubdomains; preload
X-Content-Type-Options nosniff
X-Frame-Options DENY

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Accept
*/*
Referer
https://app.buffl.co/

Response headers

Strict-Transport-Security
max-age=63072000; includeSubdomains; preload
Connection
keep-alive
X-Content-Type-Options
nosniff
Access-Control-Allow-Origin
*
Content-Length
97
Date
Sat, 26 Oct 2024 23:30:49 GMT
Content-Type
text/plain; charset=UTF-8
Server
nginx/1.18.0
X-Frame-Options
DENY
status
status.buffl.co/items/ 		98 B
946 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://status.buffl.co/items/status
Requested by
Host: app.buffl.co
URL: https://app.buffl.co/assets/index-fOJ1niGW.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, CHACHA20_POLY1305
Server
88.99.224.234 Ahnsbeck, Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
static.234.224.99.88.clients.your-server.de
Software
nginx/1.14.0 (Ubuntu) / Directus
Resource Hash
2789cba4627efb80d26128b4539c13c5e9cef2e2137f50e034dc3f15bdbf09c0
Security Headers
Name Value
Content-Security-Policy script-src 'self' 'unsafe-eval';worker-src 'self' blob:;child-src 'self' blob:;img-src 'self' data: blob: https://cdn.directus.io;media-src 'self' https://cdn.directus.io;connect-src 'self' https://*;default-src 'self';base-uri 'self';font-src 'self' https: data:;form-action 'self';frame-ancestors 'self';object-src 'none';script-src-attr 'none';style-src 'self' https: 'unsafe-inline'

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Accept
application/json, text/plain, */*
Referer
https://app.buffl.co/

Response headers

Content-Security-Policy
script-src 'self' 'unsafe-eval';worker-src 'self' blob:;child-src 'self' blob:;img-src 'self' data: blob: https://cdn.directus.io;media-src 'self' https://cdn.directus.io;connect-src 'self' https://*;default-src 'self';base-uri 'self';font-src 'self' https: data:;form-action 'self';frame-ancestors 'self';object-src 'none';script-src-attr 'none';style-src 'self' https: 'unsafe-inline'
Access-Control-Expose-Headers
Content-Range
Cache-Control
no-cache
ETag
W/"62-rb89GJ4o3dOaI/YLBzsxf0sJwnM"
Connection
keep-alive
Access-Control-Allow-Credentials
true
Access-Control-Allow-Origin
https://app.buffl.co
Content-Length
98
Date
Sat, 26 Oct 2024 23:30:49 GMT
Content-Type
application/json; charset=utf-8
X-Powered-By
Directus
Server
nginx/1.14.0 (Ubuntu)
Vary
Origin, Cache-Control
/
api.buffl.co/socket.io/ 		97 B
421 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://api.buffl.co/socket.io/?EIO=4&transport=polling&t=PBBAmvm
Requested by
Host: app.buffl.co
URL: https://app.buffl.co/assets/index-fOJ1niGW.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
23.88.65.76 Gunzenhausen, Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
static.76.65.88.23.clients.your-server.de
Software
nginx/1.18.0 /
Resource Hash
5f9d2a5ce727b74f8f7f8b84400a001d0044083e4bd373cb9f8a7c82ced76509
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubdomains; preload
X-Content-Type-Options nosniff
X-Frame-Options DENY

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Accept
*/*
Referer
https://app.buffl.co/

Response headers

Strict-Transport-Security
max-age=63072000; includeSubdomains; preload
Connection
keep-alive
X-Content-Type-Options
nosniff
Access-Control-Allow-Origin
*
Content-Length
97
Date
Sat, 26 Oct 2024 23:30:50 GMT
Content-Type
text/plain; charset=UTF-8
Server
nginx/1.18.0
X-Frame-Options
DENY
/
api.buffl.co/socket.io/ 		97 B
421 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://api.buffl.co/socket.io/?EIO=4&transport=polling&t=PBBAmvp
Requested by
Host: app.buffl.co
URL: https://app.buffl.co/assets/index-fOJ1niGW.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
23.88.65.76 Gunzenhausen, Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
static.76.65.88.23.clients.your-server.de
Software
nginx/1.18.0 /
Resource Hash
20b7d5f07074be0caad1a07199f43300dbf0c945d096aa2f02a2183436e5b3c4
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubdomains; preload
X-Content-Type-Options nosniff
X-Frame-Options DENY

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Accept
*/*
Referer
https://app.buffl.co/

Response headers

Strict-Transport-Security
max-age=63072000; includeSubdomains; preload
Connection
keep-alive
X-Content-Type-Options
nosniff
Access-Control-Allow-Origin
*
Content-Length
97
Date
Sat, 26 Oct 2024 23:30:49 GMT
Content-Type
text/plain; charset=UTF-8
Server
nginx/1.18.0
X-Frame-Options
DENY
sdk.js
connect.facebook.net/en_US/ 		3 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://connect.facebook.net/en_US/sdk.js
Requested by
Host: app.buffl.co
URL: https://app.buffl.co/assets/index-fOJ1niGW.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
157.240.229.1 Ashburn, United States, ASN32934 (FACEBOOK, US),
Reverse DNS
xx-fbcdn-shv-02-iad3.fbcdn.net
Software
/
Resource Hash
147f905fb6949e795c750b893b6524524f22315ec0ffa9a974eccc47ad8e4f9b
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options DENY

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://app.buffl.co/

Response headers

content-md5
lBjfqTFdYKP68P2pA3zKdg==
access-control-expose-headers
X-FB-Content-MD5
content-encoding
gzip
etag
"d46441c1bc9f42f1b91f5f451cc96bc9"
report-to
{"max_age":2592000,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coop\/?minimize=0"}],"group":"coop_report","include_subdomains":true}, {"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coep\/?minimize=0"}],"group":"coep_report"}, {"max_age":21600,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/"}],"group":"permissions_policy"}
x-content-type-options
nosniff
expires
Sat, 26 Oct 2024 23:33:40 GMT
alt-svc
h3=":443"; ma=86400
date
Sat, 26 Oct 2024 23:30:49 GMT
content-type
application/x-javascript; charset=utf-8
vary
Accept-Encoding
cross-origin-embedder-policy-report-only
require-corp;report-to="coep_report"
priority
u=3,i
x-frame-options
DENY
strict-transport-security
max-age=31536000; preload; includeSubDomains
reporting-endpoints
coop_report="https://www.facebook.com/browser_reporting/coop/?minimize=0", coep_report="https://www.facebook.com/browser_reporting/coep/?minimize=0", permissions_policy="https://www.facebook.com/ajax/browser_error_reports/"
x-fb-content-md5
91c10ded394fe529627ff85d480793a3
cache-control
public,max-age=1200,stale-while-revalidate=3600
timing-allow-origin
*
cross-origin-opener-policy
same-origin-allow-popups
x-fb-connection-quality
EXCELLENT; q=0.9, rtt=41, rtx=0, c=23, mss=1232, tbw=4442, tp=9, tpl=0, uplat=0, ullat=-1
x-fb-debug
JmvZnUdDZUBL8Dje4BUSKMYg5SjZZA/Fr/2w3yPP7GkuUAYerDtqPGm4WqvjsB0o2e5Qln9huC+9s2if/cY6RQ==
cross-origin-resource-policy
cross-origin
permissions-policy
accelerometer=(), attribution-reporting=(), autoplay=(), bluetooth=(), camera=(), ch-device-memory=(), ch-downlink=(), ch-dpr=(), ch-ect=(), ch-rtt=(), ch-save-data=(), ch-ua-arch=(), ch-ua-bitness=(), ch-viewport-height=(), ch-viewport-width=(), ch-width=(), clipboard-read=(), clipboard-write=(), compute-pressure=(), display-capture=(), encrypted-media=(), fullscreen=(self), gamepad=(), geolocation=(), gyroscope=(), hid=(), idle-detection=(), interest-cohort=(), keyboard-map=(), local-fonts=(), magnetometer=(), microphone=(), midi=(), otp-credentials=(), payment=(), picture-in-picture=(), private-state-token-issuance=(), publickey-credentials-get=(), screen-wake-lock=(), serial=(), shared-storage=(), shared-storage-select-url=(), private-state-token-redemption=(), usb=(), unload=(self), window-management=(), xr-spatial-tracking=();report-to="permissions_policy"
document-policy
force-load-at-top
access-control-allow-origin
*
content-length
1688
origin-agent-cluster
?1
v3
js.stripe.com/ 		674 KB
164 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://js.stripe.com/v3
Requested by
Host: app.buffl.co
URL: https://app.buffl.co/assets/index-fOJ1niGW.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.0.176 San Francisco, United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
Fastly /
Resource Hash
a01d64cba546d0228de556a783b75f0ea24c163b2ea1eed16c6b2a240171596d
Security Headers
Name Value
Strict-Transport-Security max-age=31556926; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://app.buffl.co/

Response headers

x-request-id
8358f609-4c45-49bf-a649-9afb2ec941a9
content-encoding
br
etag
"e09447163fe544079942a63abe237a24"
age
24
x-content-type-options
nosniff
alt-svc
h3=":443";ma=86400,h3-29=":443";ma=86400,h3-27=":443";ma=86400
x-cache
HIT
date
Sat, 26 Oct 2024 23:30:49 GMT
last-modified
Fri, 25 Oct 2024 20:38:54 GMT
content-type
text/javascript; charset=utf-8
x-served-by
cache-yyz4547-YYZ
x-cache-hits
3
vary
Accept-Encoding
strict-transport-security
max-age=31556926; includeSubDomains; preload
cache-control
max-age=60
timing-allow-origin
*
via
1.1 varnish
accept-ranges
bytes
access-control-allow-origin
*
content-length
167023
server
Fastly
Inter-Bold.woff2
rsms.me/inter/font-files/ 		108 KB
109 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://rsms.me/inter/font-files/Inter-Bold.woff2?v=4.0
Requested by
Host: rsms.me
URL: https://rsms.me/inter/inter.css
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.21.234.235 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
220976705fbec109f43c5cfdceca639e99ace7e51f3eb67292b105d3575eb39b

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Origin
https://app.buffl.co
Referer
https://rsms.me/inter/inter.css

Response headers

x-fastly-request-id
d50b19f2e5b9fa47d05445b8dcecd134595d445d
cf-cache-status
MISS
etag
"6601abff-1b1c0"
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=2fuVurY8n4G0vyPW8Lce6w8FQweFB1hiTkE9TNXhz79MPRKw4s%2BELsmQkRC%2BiAx6kYFY5pijDMjDFduQr2PAdXe1P1LqGZeoQpoDEMAvk7bHGwj92%2FWEfnG2"}],"group":"cf-nel","max_age":604800}
x-github-request-id
4F14:2C7B00:57C2B41:624A7F8:66FBB6A5
expires
Tue, 01 Oct 2024 08:54:43 GMT
x-proxy-cache
HIT
alt-svc
h3=":443"; ma=86400
x-cache
HIT
server-timing
cfL4;desc="?proto=QUIC&rtt=24151&sent=18&recv=9&lost=0&retrans=0&sent_bytes=13527&recv_bytes=5041&delivery_rate=58489&cwnd=12000&unsent_bytes=0&cid=bb6becb1a4a4b817&ts=41&x=1", cfExtPri, cfHdrFlush;dur=25
date
Sat, 26 Oct 2024 23:30:49 GMT
content-type
font/woff2
x-served-by
cache-yyz4532-YYZ
x-cache-hits
2
last-modified
Mon, 25 Mar 2024 16:53:19 GMT
vary
Accept-Encoding
priority
u=0,i=?0
cache-control
max-age=2678400
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-timer
S1729985450.664321,VS0,VE0
via
1.1 varnish
cf-ray
8d8e3c845a1b36a2-YYZ
accept-ranges
bytes
access-control-allow-origin
*
content-length
111040
x-origin-cache
HIT
server
cloudflare
Inter-SemiBold.woff2
rsms.me/inter/font-files/ 		109 KB
110 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://rsms.me/inter/font-files/Inter-SemiBold.woff2?v=4.0
Requested by
Host: rsms.me
URL: https://rsms.me/inter/inter.css
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.21.234.235 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
8e52a861dc26ff4608c50bd7ff89b65d0d6216a2afe7b47ce5d84544811ca400

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Origin
https://app.buffl.co
Referer
https://rsms.me/inter/inter.css

Response headers

x-fastly-request-id
f06d816c9bee7e8000780c5c47365dbdb5c6aa6f
cf-cache-status
MISS
etag
"6601abff-1b3e4"
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=EK71EKt4hK0PF8mhshvLNB06XhtEd3Q141Jh9lOxvHXsiMlhogEhdLUuZVbG%2FT1%2B8OOz4Q7EcPPqelTOWPVnrl0GZHqSqQLrxvRgOtMkg8nKNlbOJLIN92SC"}],"group":"cf-nel","max_age":604800}
x-github-request-id
F78A:36FD11:6207277:6E95732:66FCEAA6
expires
Wed, 02 Oct 2024 06:49:34 GMT
x-proxy-cache
MISS
alt-svc
h3=":443"; ma=86400
x-cache
HIT
server-timing
cfL4;desc="?proto=QUIC&rtt=24151&sent=8&recv=9&lost=0&retrans=0&sent_bytes=2114&recv_bytes=5041&delivery_rate=58489&cwnd=12000&unsent_bytes=0&cid=bb6becb1a4a4b817&ts=40&x=1", cfExtPri, cfHdrFlush;dur=0
date
Sat, 26 Oct 2024 23:30:49 GMT
content-type
font/woff2
last-modified
Mon, 25 Mar 2024 16:53:19 GMT
x-served-by
cache-yyz4527-YYZ
x-cache-hits
4
vary
Accept-Encoding
priority
u=0,i=?0
cache-control
max-age=2678400
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-timer
S1729985450.664127,VS0,VE1
via
1.1 varnish
cf-ray
8d8e3c845a1d36a2-YYZ
accept-ranges
bytes
access-control-allow-origin
*
content-length
111588
server
cloudflare
Inter-Medium.woff2
rsms.me/inter/font-files/ 		109 KB
110 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://rsms.me/inter/font-files/Inter-Medium.woff2?v=4.0
Requested by
Host: rsms.me
URL: https://rsms.me/inter/inter.css
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.21.234.235 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
8458f8afa67b5691c1fcbe51607a2dafb53a9839e48131c608a186b65415d96d

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Origin
https://app.buffl.co
Referer
https://rsms.me/inter/inter.css

Response headers

x-fastly-request-id
1eeea70639aa28c09c99ac2e64f9c23f80d57d41
cf-cache-status
MISS
etag
"6601abff-1b314"
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=iy%2FgYBPLirlNkgggu4W5TeIfI9z4TUTGNna7nfeTrjjuG1b1dF6jOoTiprckmeI9s50QV87BiBqoCyQRevG%2Fms9LHXCs%2BdcFpeVvFVORVgaomIPHgmcho0ff"}],"group":"cf-nel","max_age":604800}
x-github-request-id
51D9:B4E6B:4F97123:59FCEAE:66FBA47F
expires
Tue, 01 Oct 2024 07:38:01 GMT
x-proxy-cache
MISS
alt-svc
h3=":443"; ma=86400
x-cache
HIT
server-timing
cfL4;desc="?proto=QUIC&rtt=24151&sent=18&recv=9&lost=0&retrans=0&sent_bytes=13527&recv_bytes=5041&delivery_rate=58489&cwnd=12000&unsent_bytes=0&cid=bb6becb1a4a4b817&ts=43&x=1", cfExtPri, cfHdrFlush;dur=23
date
Sat, 26 Oct 2024 23:30:49 GMT
content-type
font/woff2
x-served-by
cache-yyz4548-YYZ
x-cache-hits
5
last-modified
Mon, 25 Mar 2024 16:53:19 GMT
vary
Accept-Encoding
priority
u=0,i=?0
cache-control
max-age=2678400
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-timer
S1729985450.666993,VS0,VE0
via
1.1 varnish
cf-ray
8d8e3c845a1e36a2-YYZ
accept-ranges
bytes
access-control-allow-origin
*
content-length
111380
x-origin-cache
HIT
server
cloudflare
Inter-Regular.woff2
rsms.me/inter/font-files/ 		106 KB
107 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://rsms.me/inter/font-files/Inter-Regular.woff2?v=4.0
Requested by
Host: rsms.me
URL: https://rsms.me/inter/inter.css
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.21.234.235 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
b6f9db9e45be20f3c1312c97fbee7ec36b7d8280f8caa4d53c9ba0408cc9997a

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Origin
https://app.buffl.co
Referer
https://rsms.me/inter/inter.css

Response headers

x-fastly-request-id
470ab1c29394668be9682edd55ea93d7a61d100a
cf-cache-status
MISS
etag
"6601abff-1a7c8"
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=h5ZGcdZV%2FIRKw6IPPAx84Rk3%2BkemwFNYkbzsau%2BO6gUe7zJAet0kz2XEKBqfYMqYEKu8y5Bv4JWFyHWyFWA0jgOtNewWS9P3SaX2J1msd2BhDs0guJoo2oz5"}],"group":"cf-nel","max_age":604800}
x-github-request-id
A7E1:C8E9A:1E249B0:2151E16:671784C2
expires
Tue, 22 Oct 2024 11:06:02 GMT
x-proxy-cache
MISS
alt-svc
h3=":443"; ma=86400
x-cache
HIT
server-timing
cfL4;desc="?proto=QUIC&rtt=24151&sent=18&recv=9&lost=0&retrans=0&sent_bytes=13527&recv_bytes=5041&delivery_rate=58489&cwnd=12000&unsent_bytes=0&cid=bb6becb1a4a4b817&ts=44&x=1", cfExtPri, cfHdrFlush;dur=22
date
Sat, 26 Oct 2024 23:30:49 GMT
content-type
font/woff2
last-modified
Mon, 25 Mar 2024 16:53:19 GMT
x-served-by
cache-yyz4539-YYZ
x-cache-hits
4
vary
Accept-Encoding
priority
u=0,i=?0
cache-control
max-age=2678400
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-timer
S1729985450.667883,VS0,VE0
via
1.1 varnish
cf-ray
8d8e3c845a2036a2-YYZ
accept-ranges
bytes
access-control-allow-origin
*
content-length
108488
server
cloudflare
appleid.auth.js
appleid.cdn-apple.com/appleauth/static/jsapi/appleid/1/en_US/ 		42 KB
17 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://appleid.cdn-apple.com/appleauth/static/jsapi/appleid/1/en_US/appleid.auth.js
Requested by
Host: app.buffl.co
URL: https://app.buffl.co/assets/index-fOJ1niGW.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
104.94.123.98 Ashburn, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a104-94-123-98.deploy.static.akamaitechnologies.com
Software
Apple /
Resource Hash
8356948d6f3bef342ff37a4deca7f6b64b58ca0b90ca128c1929c1bb76cc7a54
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://app.buffl.co/

Response headers

Strict-Transport-Security
max-age=31536000; includeSubDomains; preload
Content-Encoding
gzip
ETag
W/"43171-1720635706046"
Connection
keep-alive
Accept-Ranges
bytes
Access-Control-Allow-Origin
*
Content-Length
17356
Date
Sat, 26 Oct 2024 23:30:50 GMT
Content-Type
application/javascript;charset=UTF-8
Last-Modified
Wed, 10 Jul 2024 18:21:46 GMT
Server
Apple
Vary
accept-encoding
sdk.js
connect.facebook.net/en_US/ 		288 KB
82 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://connect.facebook.net/en_US/sdk.js?hash=bd4e7f347799086d85107868ed72c022
Requested by
Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/sdk.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
157.240.229.1 Ashburn, United States, ASN32934 (FACEBOOK, US),
Reverse DNS
xx-fbcdn-shv-02-iad3.fbcdn.net
Software
/
Resource Hash
0b84fcd95ca797151f3108888dd0fef0b8e90f0842bffe00e7a01db1f4db4cb4
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options DENY

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Origin
https://app.buffl.co
Referer
https://app.buffl.co/

Response headers

content-md5
B+lukQKrMKhFsZXhwf9ugA==
access-control-expose-headers
X-FB-Content-MD5
content-encoding
gzip
etag
"86a60633d78bd946ca81011e2eea7027"
report-to
{"max_age":2592000,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coop\/?minimize=0"}],"group":"coop_report","include_subdomains":true}, {"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coep\/?minimize=0"}],"group":"coep_report"}, {"max_age":21600,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/"}],"group":"permissions_policy"}
x-content-type-options
nosniff
expires
Sun, 26 Oct 2025 22:17:01 GMT
alt-svc
h3=":443"; ma=86400
date
Sat, 26 Oct 2024 23:30:49 GMT
content-type
application/x-javascript; charset=utf-8
vary
Accept-Encoding
cross-origin-embedder-policy-report-only
require-corp;report-to="coep_report"
priority
u=3,i
x-frame-options
DENY
strict-transport-security
max-age=31536000; preload; includeSubDomains
reporting-endpoints
coop_report="https://www.facebook.com/browser_reporting/coop/?minimize=0", coep_report="https://www.facebook.com/browser_reporting/coep/?minimize=0", permissions_policy="https://www.facebook.com/ajax/browser_error_reports/"
x-fb-content-md5
c3ca7a2f22752107c2eb473d093cf646
cache-control
public,max-age=31536000,stale-while-revalidate=3600,immutable
timing-allow-origin
*
cross-origin-opener-policy
same-origin-allow-popups
x-fb-connection-quality
UNKNOWN; q=-1, rtt=-1, rtx=0, c=20, mss=1232, tbw=1826, tp=5, tpl=0, uplat=2, ullat=-1
x-fb-debug
Et7Bu6eQ0Fj70LrUc8kyqSa0j6rHC5ySQ1EVEKXSt7nLPUhmKdqgCPtcPX0YMGKeVGsWAEW7ShJPt8ayo5CamA==
cross-origin-resource-policy
cross-origin
permissions-policy
accelerometer=(), attribution-reporting=(), autoplay=(), bluetooth=(), camera=(), ch-device-memory=(), ch-downlink=(), ch-dpr=(), ch-ect=(), ch-rtt=(), ch-save-data=(), ch-ua-arch=(), ch-ua-bitness=(), ch-viewport-height=(), ch-viewport-width=(), ch-width=(), clipboard-read=(), clipboard-write=(), compute-pressure=(), display-capture=(), encrypted-media=(), fullscreen=(self), gamepad=(), geolocation=(), gyroscope=(), hid=(), idle-detection=(), interest-cohort=(), keyboard-map=(), local-fonts=(), magnetometer=(), microphone=(), midi=(), otp-credentials=(), payment=(), picture-in-picture=(), private-state-token-issuance=(), publickey-credentials-get=(), screen-wake-lock=(), serial=(), shared-storage=(), shared-storage-select-url=(), private-state-token-redemption=(), usb=(), unload=(self), window-management=(), xr-spatial-tracking=();report-to="permissions_policy"
document-policy
force-load-at-top
access-control-allow-origin
*
content-length
84055
origin-agent-cluster
?1
controller-with-preconnect-1a6a00ea4cc8720448dc91f1c79dd208.html
js.stripe.com/v3/ Frame 8F9E 		0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://js.stripe.com/v3/controller-with-preconnect-1a6a00ea4cc8720448dc91f1c79dd208.html
Requested by
Host: js.stripe.com
URL: https://js.stripe.com/v3
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.128.176 San Francisco, United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
Fastly /
Resource Hash
Security Headers
Name Value
Content-Security-Policy base-uri 'none'; connect-src 'self' https://api.stripe.com https://merchant-ui-api.stripe.com https://stripe.com/cookie-settings/enforcement-mode https://errors.stripe.com https://r.stripe.com; default-src 'self'; font-src 'none'; form-action 'none'; frame-src 'self'; img-src 'self' https://q.stripe.com; media-src 'none'; object-src 'none'; script-src 'self'; style-src 'self' 'sha256-0hAheEzaMe6uXIKV4EehS9pu1am1lj/KnnzrOYqckXk='; worker-src 'none'; report-uri https://q.stripe.com/csp-report
Strict-Transport-Security max-age=31556926; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://app.buffl.co/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36

Response headers

accept-ranges
bytes
access-control-allow-origin
*
age
35
alt-svc
h3=":443";ma=86400,h3-29=":443";ma=86400,h3-27=":443";ma=86400
cache-control
max-age=60, stale-while-revalidate=900
content-encoding
br
content-length
401
content-security-policy
base-uri 'none'; connect-src 'self' https://api.stripe.com https://merchant-ui-api.stripe.com https://stripe.com/cookie-settings/enforcement-mode https://errors.stripe.com https://r.stripe.com; default-src 'self'; font-src 'none'; form-action 'none'; frame-src 'self'; img-src 'self' https://q.stripe.com; media-src 'none'; object-src 'none'; script-src 'self'; style-src 'self' 'sha256-0hAheEzaMe6uXIKV4EehS9pu1am1lj/KnnzrOYqckXk='; worker-src 'none'; report-uri https://q.stripe.com/csp-report
content-type
text/html; charset=utf-8
date
Sat, 26 Oct 2024 23:30:49 GMT
etag
"1a6a00ea4cc8720448dc91f1c79dd208"
last-modified
Fri, 25 Oct 2024 20:04:14 GMT
origin-agent-cluster
?1
server
Fastly
strict-transport-security
max-age=31556926; includeSubDomains; preload
timing-allow-origin
*
vary
Accept-Encoding
via
1.1 varnish
x-cache
HIT
x-cache-hits
6
x-content-type-options
nosniff
x-request-id
ea1ddd22-3488-44cb-ac90-58808566101c
x-served-by
cache-yyz4573-YYZ
recorder-v2.js
eu.posthog.com/static/ 		100 KB
28 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://eu.posthog.com/static/recorder-v2.js?v=1.94.2
Requested by
Host: app.buffl.co
URL: https://app.buffl.co/assets/index-fOJ1niGW.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.164.96.84 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-164-96-84.jfk50.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
284069a450abb36025f0c86ca4721035bfb81e4f3f409eb4596b3cad0dc96849

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://app.buffl.co/

Response headers

vary
accept-encoding, Origin
content-encoding
br
etag
W/"8f4673b869d86dd4c8cbc7cf2db7cdc2"
x-amz-version-id
TMSMNT2bvbuffBMgpkAIfluKRS6720p9
age
3
via
1.1 ab734ad5d81cc9d470b6176a05dd968e.cloudfront.net (CloudFront)
x-cache
Hit from cloudfront
x-amz-cf-id
4jlBds89qVE5XNEP-tLGLxD00MN7cXlSBaqmTQYsdpbPVFcQyWCF-w==
date
Sat, 26 Oct 2024 23:30:49 GMT
content-type
text/javascript
last-modified
Sat, 26 Oct 2024 10:39:59 GMT
server
AmazonS3
x-amz-cf-pop
JFK50-P5
x-amz-server-side-encryption
AES256
/
api.buffl.co/socket.io/ 		2 B
309 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://api.buffl.co/socket.io/?EIO=4&transport=polling&t=PBBAn0U&sid=qzQRxcohIcd4xoufASWw
Requested by
Host: app.buffl.co
URL: https://app.buffl.co/assets/index-fOJ1niGW.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
23.88.65.76 Gunzenhausen, Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
static.76.65.88.23.clients.your-server.de
Software
nginx/1.18.0 /
Resource Hash
2689367b205c16ce32ed4200942b8b8b1e262dfc70d9bc9fbc77c49699a4f1df
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubdomains; preload
X-Content-Type-Options nosniff
X-Frame-Options DENY

Request headers

Referer
https://app.buffl.co/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Accept
*/*
Content-type
text/plain;charset=UTF-8

Response headers

Strict-Transport-Security
max-age=63072000; includeSubdomains; preload
Connection
keep-alive
X-Content-Type-Options
nosniff
Access-Control-Allow-Origin
*
Content-Length
2
Date
Sat, 26 Oct 2024 23:30:50 GMT
Content-Type
text/html
Server
nginx/1.18.0
X-Frame-Options
DENY
/
api.buffl.co/socket.io/ 		41 B
365 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://api.buffl.co/socket.io/?EIO=4&transport=polling&t=PBBAn0V&sid=qzQRxcohIcd4xoufASWw
Requested by
Host: app.buffl.co
URL: https://app.buffl.co/assets/index-fOJ1niGW.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
23.88.65.76 Gunzenhausen, Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
static.76.65.88.23.clients.your-server.de
Software
nginx/1.18.0 /
Resource Hash
e1dafc1b72356c653fbb9ecff4573488e30aae6461379bb0fb59ea46857d7568
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubdomains; preload
X-Content-Type-Options nosniff
X-Frame-Options DENY

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Accept
*/*
Referer
https://app.buffl.co/

Response headers

Strict-Transport-Security
max-age=63072000; includeSubdomains; preload
Connection
keep-alive
X-Content-Type-Options
nosniff
Access-Control-Allow-Origin
*
Content-Length
41
Date
Sat, 26 Oct 2024 23:30:50 GMT
Content-Type
text/plain; charset=UTF-8
Server
nginx/1.18.0
X-Frame-Options
DENY
/
api.buffl.co/socket.io/ 		1 B
324 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://api.buffl.co/socket.io/?EIO=4&transport=polling&t=PBBAn4V&sid=qzQRxcohIcd4xoufASWw
Requested by
Host: app.buffl.co
URL: https://app.buffl.co/assets/index-fOJ1niGW.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
23.88.65.76 Gunzenhausen, Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
static.76.65.88.23.clients.your-server.de
Software
nginx/1.18.0 /
Resource Hash
e7f6c011776e8db7cd330b54174fd76f7d0216b612387a5ffcfb81e6f0919683
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubdomains; preload
X-Content-Type-Options nosniff
X-Frame-Options DENY

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Accept
*/*
Referer
https://app.buffl.co/

Response headers

Strict-Transport-Security
max-age=63072000; includeSubdomains; preload
Connection
keep-alive
X-Content-Type-Options
nosniff
Access-Control-Allow-Origin
*
Content-Length
1
Date
Sat, 26 Oct 2024 23:30:50 GMT
Content-Type
text/plain; charset=UTF-8
Server
nginx/1.18.0
X-Frame-Options
DENY
/
api.buffl.co/socket.io/ 		2 B
309 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://api.buffl.co/socket.io/?EIO=4&transport=polling&t=PBBAn4W&sid=qzQRxcohIcd4xoufASWw
Requested by
Host: app.buffl.co
URL: https://app.buffl.co/assets/index-fOJ1niGW.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
23.88.65.76 Gunzenhausen, Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
static.76.65.88.23.clients.your-server.de
Software
nginx/1.18.0 /
Resource Hash
2689367b205c16ce32ed4200942b8b8b1e262dfc70d9bc9fbc77c49699a4f1df
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubdomains; preload
X-Content-Type-Options nosniff
X-Frame-Options DENY

Request headers

Referer
https://app.buffl.co/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Accept
*/*
Content-type
text/plain;charset=UTF-8

Response headers

Strict-Transport-Security
max-age=63072000; includeSubdomains; preload
Connection
keep-alive
X-Content-Type-Options
nosniff
Access-Control-Allow-Origin
*
Content-Length
2
Date
Sat, 26 Oct 2024 23:30:50 GMT
Content-Type
text/html
Server
nginx/1.18.0
X-Frame-Options
DENY
favicon.ico
app.buffl.co/ 		15 KB
15 KB 		Other
General
Check archive.org
Download Go to
Full URL
https://app.buffl.co/favicon.ico
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
3.167.112.58 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-3-167-112-58.iad55.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
9e7c6f8b70fa2bef956db73a68a214980e563844b54caa63517baf928f75ed67

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://app.buffl.co/auth/login

Response headers

etag
"1d166ddcefeced217ef6f5c3f595bcde"
x-amz-meta-codebuild-content-md5
1ba4da698809b9dc6ee72e96a47daa8f
age
49907
x-cache
Hit from cloudfront
x-amz-cf-id
kxSD1me3NSSH3X6E73j_7ragy_O7R-8Xe1plonolP2XQFVjPjtR0TQ==
date
Sat, 26 Oct 2024 09:39:04 GMT
x-amz-meta-codebuild-buildarn
arn:aws:codebuild:eu-central-1:421533069175:build/Buffl-Frontend-CI:15e7d75d-86ef-48e5-bd9c-b772bc266108
content-type
image/x-icon
last-modified
Thu, 18 Jul 2024 23:15:24 GMT
via
1.1 68a9f2dcbbd436308ba855514c015cf2.cloudfront.net (CloudFront)
accept-ranges
bytes
content-length
15086
x-amz-cf-pop
IAD55-P8
server
AmazonS3
x-amz-meta-codebuild-content-sha256
100006ce98d1c55e3836477ff66c5769a6c95714c35e1719b08d67e8dd6e65b1
x-amz-server-side-encryption
AES256
/
eu.posthog.com/s/ 		15 B
399 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://eu.posthog.com/s/?compression=gzip-js&ip=1&_=1729985452654&ver=1.94.2
Requested by
Host: app.buffl.co
URL: https://app.buffl.co/assets/index-fOJ1niGW.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.164.96.84 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-164-96-84.jfk50.r.cloudfront.net
Software
envoy /
Resource Hash
0c40bafcfdc8adc6db63a6a5bfdb3dd5201798e6163fc674dc2fcbdb2a4134f1

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Content-Type
text/plain
Referer
https://app.buffl.co/

Response headers

x-envoy-upstream-service-time
335
access-control-allow-credentials
true
via
1.1 ab734ad5d81cc9d470b6176a05dd968e.cloudfront.net (CloudFront)
access-control-allow-origin
https://app.buffl.co
x-cache
Miss from cloudfront
content-length
15
x-amz-cf-id
I03zbybssHWaF912O0Nx42UmDPRdmYuZTnyORGuUGMyKJj2UjjayaQ==
date
Sat, 26 Oct 2024 23:30:53 GMT
content-type
application/json
vary
origin, access-control-request-method, access-control-request-headers
server
envoy
x-amz-cf-pop
JFK50-P5

Verdicts & Comments Add Verdict or Comment

22 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| 0 string| __react_router_build__ object| Base64 number| 2f1acc6c3a606b082e5eef5e54414ffb object| scCGSHMRCache number| __styled-components-init__ function| momentDurationFormatSetup function| fbAsyncInit object| FB object| webpackChunkStripeJSouter function| noop function| Stripe object| default_gsi object| _F_toggles object| google object| closure_lm_858769 object| __buffer object| __PosthogExtensions__ object| rrweb object| rrwebConsoleRecord function| getRecordNetworkPlugin object| AppleID

1 Cookies

Domain/Path Name / Value
.buffl.co/ Name: ph_phc_wZGe7nG0m7nYrIk3AI4HlApTHJqo1CBcHKQvCRJLmia_posthog
Value: %7B%22distinct_id%22%3A%220192cb2b-0e57-7abe-94b7-725cfd4264af%22%2C%22%24sesid%22%3A%5B1729985449859%2C%220192cb2b-0e5a-70e8-8bdd-c47410822a3b%22%2C1729985449562%5D%7D

2 Console Messages

Source Level URL
Text
recommendation verbose URL: https://app.buffl.co/auth/login
Message:
[DOM] Input elements should have autocomplete attributes (suggested: "current-password"): (More info: https://goo.gl/9p2vKq) %o
network warning URL: https://app.buffl.co/assets/index-fOJ1niGW.js(Line 237)
Message:
WebSocket connection to 'wss://api.buffl.co/socket.io/?EIO=4&transport=websocket&sid=qzQRxcohIcd4xoufASWw' failed: WebSocket is closed before the connection is established.

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

accounts.google.com
api.buffl.co
app.buffl.co
appleid.cdn-apple.com
connect.facebook.net
eu.posthog.com
js.stripe.com
rsms.me
status.buffl.co
104.21.234.235
104.94.123.98
142.251.16.84
151.101.0.176
151.101.128.176
157.240.229.1
18.164.96.84
23.88.65.76
3.167.112.58
88.99.224.234
0b84fcd95ca797151f3108888dd0fef0b8e90f0842bffe00e7a01db1f4db4cb4
0c40bafcfdc8adc6db63a6a5bfdb3dd5201798e6163fc674dc2fcbdb2a4134f1
147f905fb6949e795c750b893b6524524f22315ec0ffa9a974eccc47ad8e4f9b
1c9f15fac5f228c77685cef84e1e243fe908d20b697696a2de8da07e0c394d01
20b7d5f07074be0caad1a07199f43300dbf0c945d096aa2f02a2183436e5b3c4
21822af330ef698e77053c731957c1301092927794f944b0460cc245d2c9caba
220976705fbec109f43c5cfdceca639e99ace7e51f3eb67292b105d3575eb39b
23ca2fe6e8d3b45234af72c698cbc556815299cd4be3d2fd4dbf20e69ec2222f
2689367b205c16ce32ed4200942b8b8b1e262dfc70d9bc9fbc77c49699a4f1df
2789cba4627efb80d26128b4539c13c5e9cef2e2137f50e034dc3f15bdbf09c0
284069a450abb36025f0c86ca4721035bfb81e4f3f409eb4596b3cad0dc96849
5f9d2a5ce727b74f8f7f8b84400a001d0044083e4bd373cb9f8a7c82ced76509
60ffaca2d675aa1c8e4093fac026feb899a486432d1896573fc7d741c19b3fd2
7d4afed20a912db310862a5294bcf8fb6269c76a292908ddc1fbd496456eff56
8356948d6f3bef342ff37a4deca7f6b64b58ca0b90ca128c1929c1bb76cc7a54
8458f8afa67b5691c1fcbe51607a2dafb53a9839e48131c608a186b65415d96d
8e52a861dc26ff4608c50bd7ff89b65d0d6216a2afe7b47ce5d84544811ca400
8fedfb7def1421aa9d58d1732be7164e33eec27b9c87193e010b9ddaa67b6a18
9e7c6f8b70fa2bef956db73a68a214980e563844b54caa63517baf928f75ed67
a01d64cba546d0228de556a783b75f0ea24c163b2ea1eed16c6b2a240171596d
b68e181425d0085b5e62818b239721cf6657edd325b447425b3e9a0ee4248cab
b6f9db9e45be20f3c1312c97fbee7ec36b7d8280f8caa4d53c9ba0408cc9997a
bb70ce98b5f618518127cdbdfa84094a5243a5ea3f387c8c8caefc8c555cea6b
e1dafc1b72356c653fbb9ecff4573488e30aae6461379bb0fb59ea46857d7568
e7f6c011776e8db7cd330b54174fd76f7d0216b612387a5ffcfb81e6f0919683