urlscan.io logo urlscan.io
SecurityTrails logo

1stream.buzz Open in urlscan Pro
188.114.96.3  Public Scan

Go To Rescan Add Verdict Report
Submitted URL: http://1stream.buzz/
Effective URL: https://1stream.buzz/
Submission: On December 03 via manual from PL — Scanned from NL
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 6 IPs in 4 countries across 6 domains to perform 8 HTTP transactions. The main IP is 188.114.96.3, located in Amsterdam, Netherlands and belongs to CLOUDFLARENET, US. The main domain is 1stream.buzz.
TLS certificate: Issued by GTS CA 1P5 on November 29th 2023. Valid for: 3 months.
This is the only time 1stream.buzz was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
1 3 188.114.96.3 13335 (CLOUDFLAR...)
2 139.45.197.242 9002 (RETN-AS)
1 146.75.116.84 54113 (FASTLY)
1 142.250.185.226 15169 (GOOGLE)
1 139.45.195.8 9002 (RETN-AS)
1 142.250.181.226 15169 (GOOGLE)
8 6
3    188.114.96.3 (Amsterdam, Netherlands)

ASN13335 (CLOUDFLARENET, US)
1stream.buzz
2    139.45.197.242 (United Kingdom)

ASN9002 (RETN-AS, GB)
dukingdraon.com
1    146.75.116.84 (Frankfurt am Main, Germany)

ASN54113 (FASTLY, US)
i.pinimg.com
1    142.250.185.226 (United States)

ASN15169 (GOOGLE, US)
PTR: fra16s53-in-f2.1e100.net
pagead2.googlesyndication.com
1    139.45.195.8 (United Kingdom)

ASN9002 (RETN-AS, GB)
my.rtmark.net
1    142.250.181.226 (United States)

ASN15169 (GOOGLE, US)
PTR: fra16s56-in-f2.1e100.net
googleads.g.doubleclick.net
Apex Domain
Subdomains		 Transfer
3 1stream.buzz
1stream.buzz
23 KB
2 dukingdraon.com
dukingdraon.com — Cisco Umbrella Rank: 198704
28 KB
1 doubleclick.net
googleads.g.doubleclick.net — Cisco Umbrella Rank: 33
4 KB
1 rtmark.net
my.rtmark.net — Cisco Umbrella Rank: 12331
542 B
1 googlesyndication.com
pagead2.googlesyndication.com — Cisco Umbrella Rank: 102
52 KB
1 pinimg.com
i.pinimg.com — Cisco Umbrella Rank: 1912
507 KB
8 6
Domain Requested by
3 1stream.buzz 1 redirects 1stream.buzz
2 dukingdraon.com 1stream.buzz
1 googleads.g.doubleclick.net pagead2.googlesyndication.com
1 my.rtmark.net dukingdraon.com
1 pagead2.googlesyndication.com 1stream.buzz
1 i.pinimg.com 1stream.buzz
8 6

This site contains no links.

Subject Issuer Validity Valid
1stream.buzz
GTS CA 1P5		 2023-11-29 -
2024-02-27		 3 months crt.sh
dukingdraon.com
R3		 2023-11-16 -
2024-02-14		 3 months crt.sh
*.pinterest.com
DigiCert Global G2 TLS RSA SHA256 2020 CA1		 2023-07-31 -
2024-08-07		 a year crt.sh
*.g.doubleclick.net
GTS CA 1C3		 2023-10-23 -
2024-01-15		 3 months crt.sh
rtmark.net
R3		 2023-10-07 -
2024-01-05		 3 months crt.sh

This page contains 2 frames:

Primary Page: https://1stream.buzz/
Frame ID: 75D44BAC6BD1ECCE2CFBA43BC568CE1D
Requests: 7 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/html/r20231129/r20190131/zrt_lookup_fy2021.html
Frame ID: C18B74F87B22165275D69CBFCFE3178E
Requests: 1 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page Title

403 Forbidden s

Page URL History Show full URLs

  1. http://1stream.buzz/ HTTP 301
    https://1stream.buzz/ Page URL

Detected technologies

Overall confidence: 100%
Detected patterns
  • googlesyndication\.com/

Page Statistics

8
Requests

100 %
HTTPS

0 %
IPv6

6
Domains

6
Subdomains

6
IPs

4
Countries

614 kB
Transfer

811 kB
Size

3
Cookies

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

  1. http://1stream.buzz/ HTTP 301
    https://1stream.buzz/ Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

8 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
Primary Request /
1stream.buzz/
Redirect Chain
  • http://1stream.buzz/
  • https://1stream.buzz/
65 KB
22 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://1stream.buzz/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
188.114.96.3 Amsterdam, Netherlands, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
c17b3fafc2a974e2dc3d4265134104eea14fa33d27f436f8936521de4c03c052

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36
accept-language
nl-NL,nl;q=0.9

Response headers

alt-svc
h3=":443"; ma=86400
cf-cache-status
DYNAMIC
cf-ray
82ff24c519581e3e-FRA
content-encoding
br
content-type
text/html; charset=UTF-8
date
Sun, 03 Dec 2023 22:11:07 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=p3KYM9lhrBrky1gPelYyl7NXCJCXHnZpyD5jVmTbbl9OF4emPYVSFlG9YWNf7lVqdK%2BMXIUFDxvAYex%2BbVWjp25Z6PAQyJR1LpMb%2Be8H2M9lX25AFOZ9ivMJ9gfFAHg%3D"}],"group":"cf-nel","max_age":604800}
server
cloudflare
x-proxy-cache
HIT

Redirect headers

CF-RAY
82ff24c2cb1d910c-FRA
Cache-Control
max-age=3600
Connection
keep-alive
Date
Sun, 03 Dec 2023 22:11:07 GMT
Expires
Sun, 03 Dec 2023 23:11:07 GMT
Location
https://1stream.buzz/
NEL
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Report-To
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=jLUH5Bohb8SfHBJmv%2BI%2BsUZujvAh%2ByoTy0YjfvIuupxpTLXn5EBN8NdFZ39%2BcniYjq6QLsXdUsjl2cWSSrJqgq2WacHYtEImicay5MrVQPfVCgVuVJmGz72yGpBZhsI%3D"}],"group":"cf-nel","max_age":604800}
Server
cloudflare
Transfer-Encoding
chunked
Vary
Accept-Encoding
alt-svc
h3=":443"; ma=86400
/
1stream.buzz/ 		0
243 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://1stream.buzz/
Requested by
Host: 1stream.buzz
URL: https://1stream.buzz/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
188.114.96.3 Amsterdam, Netherlands, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://1stream.buzz/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date
Sun, 03 Dec 2023 22:11:07 GMT
content-encoding
br
cf-cache-status
DYNAMIC
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=l5Pg63Qb9gMMpQUUV7tndQQSBs2drHUEofVxOtWaGalWJbRd6x2II86PUpYZ2nFhErEmQSOEm0ClBasm1JijLUYGBmLz%2FDxG10mISIwtyFM6kdH4ME40Z1ixM%2FtX3MI%3D"}],"group":"cf-nel","max_age":604800}
content-type
text/html; charset=UTF-8
cf-ray
82ff24c5c9ec1e3e-FRA
alt-svc
h3=":443"; ma=86400
x-proxy-cache
HIT
/
dukingdraon.com/5/6555840/ 		3 KB
2 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://dukingdraon.com/5/6555840/?oo=1&aab=1
Requested by
Host: 1stream.buzz
URL: https://1stream.buzz/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
139.45.197.242 , United Kingdom, ASN9002 (RETN-AS, GB),
Reverse DNS
Software
nginx /
Resource Hash
35cc7b8e662bbd51ad70952c8d0094f3d6b7f0f053e3723da2ffbcfa36693606

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://1stream.buzz/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date
Sun, 03 Dec 2023 22:11:07 GMT
content-encoding
gzip
x-trace-id
3e55cbdb49ed9f762c3f28c19671483c
pragma
no-cache, no-cache
server
nginx
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version, Sec-CH-UA-Wow64
access-control-max-age
86400
access-control-allow-methods
GET, POST, OPTIONS
content-type
application/json
access-control-allow-origin
https://1stream.buzz
cache-control
no-transform, no-store, no-cache, must-revalidate, max-age=0, no-store, no-cache, must-revalidate, max-age=0
access-control-allow-credentials
true
timing-allow-origin
*
link
<https://my.rtmark.net>; rel="preconnect dns-prefetch",<https://propeller-tracking.com>; rel="preconnect dns-prefetch",<https://sr7pv7n5x.com>; rel="preconnect dns-prefetch"
access-control-allow-headers
Accept, Content-Type, Content-Length, Accept-Encoding, baggage, sentry-trace
expires
Tue, 11 Jan 1994 10:00:00 GMT, Mon, 26 Jul 1997 05:00:00 GMT
tag.min.js
dukingdraon.com/ 		79 KB
26 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://dukingdraon.com/tag.min.js
Requested by
Host: 1stream.buzz
URL: https://1stream.buzz/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
139.45.197.242 , United Kingdom, ASN9002 (RETN-AS, GB),
Reverse DNS
Software
nginx /
Resource Hash
e6aa84f006f03b6a1cf7f3a082a3d7470943d3f29253cc4b0d1ee0f3e2cc76ee
Security Headers
Name Value
Strict-Transport-Security max-age=1
X-Content-Type-Options nosniff

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://1stream.buzz/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date
Sun, 03 Dec 2023 22:11:07 GMT
content-encoding
br
x-content-type-options
nosniff
strict-transport-security
max-age=1
content-length
25611
x-trace-id
65e4e2c43fa3bda02eb844dab44d0e0e
pragma
no-cache
last-modified
Sat, 02 Dec 2023 17:34:56 GMT
server
nginx
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version, Sec-CH-UA-Wow64
access-control-max-age
86400
access-control-allow-methods
GET, POST, OPTIONS
content-type
text/javascript; charset=utf-8
access-control-allow-origin
*
cache-control
no-transform, no-store, no-cache, must-revalidate, max-age=0
access-control-allow-credentials
true
accept-ranges
bytes
timing-allow-origin
*, *
access-control-allow-headers
Accept, Content-Type, Content-Length, Accept-Encoding, baggage, sentry-trace
expires
Tue, 11 Jan 1994 10:00:00 GMT
54c43b3256908af8f552c3bae869e6af.gif
i.pinimg.com/originals/54/c4/3b/ 		506 KB
507 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://i.pinimg.com/originals/54/c4/3b/54c43b3256908af8f552c3bae869e6af.gif
Requested by
Host: 1stream.buzz
URL: https://1stream.buzz/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
146.75.116.84 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash
eec1b83c92b839c7c2c05e86bab31aaaf6db0e920f8629712b9725a0c62f0955

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://1stream.buzz/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date
Sun, 03 Dec 2023 22:11:08 GMT
x-cdn
fastly
etag
"588ae1b366f7d88763df6b7c0144a257"
vary
Origin
content-type
image/gif
cache-control
max-age=31536000, immutable
accept-ranges
bytes
alt-svc
h3=":443";ma=600
content-length
518340
adsbygoogle.js
pagead2.googlesyndication.com/pagead/js/ 		149 KB
52 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js
Requested by
Host: 1stream.buzz
URL: https://1stream.buzz/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.185.226 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s53-in-f2.1e100.net
Software
cafe /
Resource Hash
e455e2270d621d8498966721911315e9574e378941798d188dea22addd418a2a
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://1stream.buzz/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date
Sun, 03 Dec 2023 22:11:08 GMT
content-encoding
br
x-content-type-options
nosniff
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
52671
x-xss-protection
0
server
cafe
etag
14585048799558468877
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=3600
timing-allow-origin
*
expires
Sun, 03 Dec 2023 22:11:08 GMT
gid.js
my.rtmark.net/ 		65 B
542 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://my.rtmark.net/gid.js?userId=715d6c05c56a4068a03301eb746dde4f
Requested by
Host: dukingdraon.com
URL: https://dukingdraon.com/tag.min.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
139.45.195.8 , United Kingdom, ASN9002 (RETN-AS, GB),
Reverse DNS
Software
nginx /
Resource Hash
68909c047438a12eabe224a9daa03806b3f7ed1b8514cd415f6eeaea6f553c39
Security Headers
Name Value
Strict-Transport-Security max-age=1
X-Content-Type-Options nosniff

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://1stream.buzz/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date
Sun, 03 Dec 2023 22:11:07 GMT
strict-transport-security
max-age=1
x-content-type-options
nosniff
server
nginx
access-control-allow-methods
POST, GET, OPTIONS, PUT, DELETE
content-type
application/json; charset=utf-8
access-control-allow-origin
https://1stream.buzz
access-control-expose-headers
Authorization
access-control-allow-credentials
true
timing-allow-origin
*, *
access-control-allow-headers
Accept, Content-Type, Content-Length, Accept-Encoding, Authorization,X-CSRF-Token
content-length
65
zrt_lookup_fy2021.html
googleads.g.doubleclick.net/pagead/html/r20231129/r20190131/ Frame C18B 		9 KB
4 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/pagead/html/r20231129/r20190131/zrt_lookup_fy2021.html
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.181.226 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s56-in-f2.1e100.net
Software
cafe /
Resource Hash
9f6e245ec73203f99ecb888db309a2bdaf91f8696c1cebaa94e477a953fab30a
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://1stream.buzz/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36
accept-language
nl-NL,nl;q=0.9

Response headers

age
3623
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
public, max-age=1209600
content-encoding
br
content-length
4121
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Sun, 03 Dec 2023 21:10:45 GMT
etag
12051592065903069241
expires
Sun, 17 Dec 2023 21:10:45 GMT
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server
cafe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0

Verdicts & Comments Add Verdict or Comment

34 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| 0 object| 1 object| documentPictureInPicture string| k object| _oz76brhiyq object| m7kbknjslr9 object| zfgformats function| setImmediate function| clearImmediate function| _zrovmaug function| _zukeyb object| _0x4e59 function| _0x505a function| _0xa00dd1 object| _0x1484 function| _0xb322 object| zfgstorage function| onClickTrigger function| kkp4a5x5tv boolean| zfgloadedpopup boolean| zfgonclickfirst object| syncCallbacks object| google_js_reporting_queue number| google_srt object| google_persistent_state_async object| google_logging_queue number| tmod object| google_ad_modifications object| ggeac boolean| google_measure_js_timing object| google_tag_data object| google_reactive_ads_global_state object| adsbygoogle string| google_user_agent_client_hint

3 Cookies

Domain/Path Name / Value
dukingdraon.com/ Name: OAID
Value: 715d6c05c56a4068a03301eb746dde4f
dukingdraon.com/ Name: oaidts
Value: 1701641467
my.rtmark.net/ Name: ID
Value: 715d6c05c56a4068a03301eb746dde4f