www.promotegam.buzz Open in urlscan Pro
2606:4700:3032::6815:5760  Public Scan

1 Outgoing links

These are links going to different origins than the main page.

Search URL Search Domain Scan URL

---

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

1. http://66group.ae/wp-content/plugins/contact-form-7/includes/js/jquery.form.min.js?ver=3.51.0-2014.06.20 Page URL
2. https://www.promotegam.buzz/ Page URL
3. https://www.promotegam.buzz/ Page URL

---

Redirected requests

There were HTTP redirect chains for the following requests:

19 HTTP transactions Everything HTML Script AJAX CSS Image Expand all
2 data transactions

Method Protocol	Status	Resource Path	Size x-fer	Time Latency	Type MIME-Type	IP Location
GET H/1.1	404 Not Found	jquery.form.min.js Show response 66group.ae/wp-content/plugins/contact-form-7/includes/js/	85 B 359 B	437ms 164ms	Document text/html	205.134.254.70 INMOTION
General Check archive.org Show headers Download Go to Full URL http://66group.ae/wp-content/plugins/contact-form-7/includes/js/jquery.form.min.js?ver=3.51.0-2014.06.20 Protocol HTTP/1.1 Server 205.134.254.70 , United States, ASN22611 (INMOTION, US), Reverse DNS Software Apache / Resource Hash 9a829327666de98f248056a1d1cb3faa0f57a8c2ae7fd8695114efd88717de98 Request headers Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36 accept-language de-DE,de;q=0.9 Response headers Accept-Ranges bytes Connection Upgrade, Keep-Alive Content-Length 85 Content-Type text/html Date Wed, 22 Nov 2023 09:05:38 GMT Keep-Alive timeout=3, max=100 Last-Modified Tue, 07 Nov 2023 15:43:14 GMT Server Apache Upgrade h2,h2c
GET H2	403	/ Show response www.promotegam.buzz/	6 KB 5 KB	63ms 14ms	Document text/html	2606:4700:3032::6815:5760 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://www.promotegam.buzz/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700:3032::6815:5760 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 2c98bcfd2783c1c274ad78ff612ec90c50c8748c76a282e5243036cf8a4bab94 Security Headers Name Value X-Frame-Options SAMEORIGIN Request headers Referer http://66group.ae/ Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36 accept-language de-DE,de;q=0.9 Response headers alt-svc h3=":443"; ma=86400 cache-control private, max-age=0, no-store, no-cache, must-revalidate, post-check=0, pre-check=0 cf-mitigated challenge cf-ray 82a0030bd9cf5c80-FRA content-encoding br content-type text/html; charset=UTF-8 cross-origin-embedder-policy require-corp cross-origin-opener-policy same-origin cross-origin-resource-policy same-origin date Wed, 22 Nov 2023 09:05:39 GMT expires Thu, 01 Jan 1970 00:00:01 GMT nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} origin-agent-cluster ?1 permissions-policy accelerometer=(),autoplay=(),browsing-topics=(),camera=(),clipboard-read=(),clipboard-write=(),geolocation=(),gyroscope=(),hid=(),interest-cohort=(),magnetometer=(),microphone=(),payment=(),publickey-credentials-get=(),screen-wake-lock=(),serial=(),sync-xhr=(),usb=() referrer-policy same-origin report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Eyd4yarkKqXHe4nYd6uE4TwnDn%2B%2BPleOFlJbbXh%2BO1qed6QVC7U3L4pGODRvLbpqKVYgJHICrwCb%2FAqXGBlsA1SOVT37UfHffmr7fgAHYeLkE8hUITxlEE7VlnzJGIw0qCI8RUw4U1AD6M1%2BzrXhbY8f"}],"group":"cf-nel","max_age":604800} server cloudflare vary Accept-Encoding x-frame-options SAMEORIGIN
GET H2	200	challenges.css www.promotegam.buzz/cdn-cgi/styles/	6 KB 3 KB	9ms 8ms	Stylesheet text/css	2606:4700:3032::6815:5760 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://www.promotegam.buzz/cdn-cgi/styles/challenges.css Requested by Host: www.promotegam.buzz URL: https://www.promotegam.buzz/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700:3032::6815:5760 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 2b0bd09c1cc7119d27e45353a59bf6c2721563e1689853ff704057a7439508d2 Security Headers Name Value X-Content-Type-Options nosniff X-Frame-Options DENY Request headers accept-language de-DE,de;q=0.9 Referer https://www.promotegam.buzz/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36 Response headers date Wed, 22 Nov 2023 09:05:39 GMT content-encoding gzip x-content-type-options nosniff last-modified Thu, 16 Nov 2023 21:55:48 GMT server cloudflare etag W/"65568fe4-19c8" x-frame-options DENY vary Accept-Encoding content-type text/css cache-control max-age=7200, public cf-ray 82a0030c0a015c80-FRA expires Wed, 22 Nov 2023 11:05:39 GMT
GET H2	200	v1 Show response www.promotegam.buzz/cdn-cgi/challenge-platform/h/g/orchestrate/chl_page/	169 KB 57 KB	18ms 17ms	Script application/javascript	2606:4700:3032::6815:5760 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://www.promotegam.buzz/cdn-cgi/challenge-platform/h/g/orchestrate/chl_page/v1?ray=82a0030bd9cf5c80 Requested by Host: www.promotegam.buzz URL: https://www.promotegam.buzz/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700:3032::6815:5760 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 1fcbe5b11eb007a703d6d9ae604787fec677caf97d9c5b5ec6d39ab07c398bc3 Request headers accept-language de-DE,de;q=0.9 Referer https://www.promotegam.buzz/?__cf_chl_rt_tk=Z3GVlptKX6KhssKeLH3d4KrzlVDEquDhn0Z0J449fco-1700643939-0-gaNycGzNDNA User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36 Response headers date Wed, 22 Nov 2023 09:05:39 GMT content-encoding br nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} server cloudflare report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=lQaFNC%2BQKeuUAuZvNU7e7YNI6MJhT4xRMxu8pgXMhpObpcnWuJ935US2Eq2EpWOKCTqxFC41X98iuFLoMqCRacVOXTPFiP7%2BQRjZEm7TvGEgex7qCj5NwCHMnaT3UHckslHH8Ehf195IJXtoH1xx1IEb"}],"group":"cf-nel","max_age":604800} content-type application/javascript; charset=UTF-8 cache-control private, max-age=0, no-store, no-cache, must-revalidate, post-check=0, pre-check=0 cf-ray 82a0030c3a2c5c80-FRA alt-svc h3=":443"; ma=86400
GET H2	200	api.js Show response challenges.cloudflare.com/turnstile/v0/g/9914b343/	33 KB 11 KB	78ms 39ms	Script application/javascript	2606:4700::6811:2b8 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://challenges.cloudflare.com/turnstile/v0/g/9914b343/api.js?onload=FAIg1&render=explicit Requested by Host: www.promotegam.buzz URL: https://www.promotegam.buzz/cdn-cgi/challenge-platform/h/g/orchestrate/chl_page/v1?ray=82a0030bd9cf5c80 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700::6811:2b8 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 51cd12da61a7401c73472b2ac77067adfa30e9fc0545b4b7c240e9154e011fc7 Request headers Referer Origin https://www.promotegam.buzz accept-language de-DE,de;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36 Response headers date Wed, 22 Nov 2023 09:05:39 GMT content-encoding br server cloudflare vary Accept-Encoding content-type application/javascript; charset=UTF-8 access-control-allow-origin * cache-control max-age=31536000 cf-ray 82a0030ccb3e6969-FRA alt-svc h3=":443"; ma=86400
GET		favicon.ico www.promotegam.buzz/	0 0
GET DATA	200 OK	truncated /	586 B 0		Image image/png
General Check archive.org Show headers Download Go to Show image Full URL data:truncated Protocol DATA Server -, , ASN (), Reverse DNS Software / Resource Hash fc95732d9ff3b17fcb3e64fd12c0d451c38e64e1a4b420c556a7feb756a0a3fa Request headers accept-language de-DE,de;q=0.9 Referer User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36 Response headers Content-Type image/png
GET BLOB	200 OK	920aa4bf-cfaa-4000-82a7-01a52525ff76 https://www.promotegam.buzz/	13 B 0		Other text/javascript
General Check archive.org Show headers Download Go to Full URL blob:https://www.promotegam.buzz/920aa4bf-cfaa-4000-82a7-01a52525ff76 Requested by Host: www.promotegam.buzz URL: https://www.promotegam.buzz/ Protocol BLOB Server -, , ASN (), Reverse DNS Software / Resource Hash 8860e7fef89219a219cb11d18bd8e4a322f32072613f86e935e7fe162ab69c04 Request headers accept-language de-DE,de;q=0.9 Referer https://www.promotegam.buzz/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36 Response headers Content-Length 13 Content-Type text/javascript
POST H3	200	6d4cc5865f5757f Show response www.promotegam.buzz/cdn-cgi/challenge-platform/h/g/flow/ov1/1826531266:1700641637:gxSZVl2sloh35v0zrIrjkd-RYstlRRmhqvhzWKjMVo4/82a0030bd9cf5c80/	12 KB 10 KB	38ms 37ms	XHR text/plain	2606:4700:3032::6815:5760 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://www.promotegam.buzz/cdn-cgi/challenge-platform/h/g/flow/ov1/1826531266:1700641637:gxSZVl2sloh35v0zrIrjkd-RYstlRRmhqvhzWKjMVo4/82a0030bd9cf5c80/6d4cc5865f5757f Requested by Host: www.promotegam.buzz URL: https://www.promotegam.buzz/cdn-cgi/challenge-platform/h/g/orchestrate/chl_page/v1?ray=82a0030bd9cf5c80 Protocol H3 Security QUIC, , AES_128_GCM Server 2606:4700:3032::6815:5760 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 9c5c70e27ffba3907f23ff85cacee98fc0f749bda2ed76ca6c8809b36a6e1a66 Request headers Referer https://www.promotegam.buzz/ accept-language de-DE,de;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36 CF-Challenge 6d4cc5865f5757f Content-type application/x-www-form-urlencoded Response headers date Wed, 22 Nov 2023 09:05:39 GMT content-encoding br nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} server cloudflare report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=P9%2BTYm%2FT0MVau7Pe5Z8qM3BWFGffT%2BqZA5BQNV5ayTluU%2F72SmBRCGXGVLC56TOw09kD3zf4g133iO7%2B%2BNSIKBUy7Zk6%2FkXJRFRthu3VWwkjeLVlrrLq45eCFtn%2BnOu7bEuEcyVerK%2BrCSUM2WannPHf"}],"group":"cf-nel","max_age":604800} content-type text/plain; charset=UTF-8 cf-ray 82a0030d3a3ff850-CDG alt-svc h3=":443"; ma=86400 cf-chl-gen S7mBdX4PBKGUq0XzboC4IwZ0TyGm6Rl5/xCqmNxzsM9WLJmQDEP2LnMYJAzi9ZLm$R1Q9j3Pb0aSdbp7EamKYGA==
GET H3	200	normal challenges.cloudflare.com/cdn-cgi/challenge-platform/h/g/turnstile/if/ov2/av0/rcv0/0/ishke/0x4AAAAAAADnPIDROrmt1Wwj/light/ Frame 74ED	0 0	31ms 19ms	Document text/html	2606:4700::6811:2b8 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://challenges.cloudflare.com/cdn-cgi/challenge-platform/h/g/turnstile/if/ov2/av0/rcv0/0/ishke/0x4AAAAAAADnPIDROrmt1Wwj/light/normal Requested by Host: challenges.cloudflare.com URL: https://challenges.cloudflare.com/turnstile/v0/g/9914b343/api.js?onload=FAIg1&render=explicit Protocol H3 Security QUIC, , AES_128_GCM Server 2606:4700::6811:2b8 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash Security Headers Name Value Content-Security-Policy frame-src https://challenges.cloudflare.com/ blob:; base-uri 'self' Request headers Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36 accept-language de-DE,de;q=0.9 Response headers alt-svc h3=":443"; ma=86400 cache-control private, max-age=0, no-store, no-cache, must-revalidate, post-check=0, pre-check=0 cf-ray 82a0030dac1c3a70-FRA content-encoding br content-security-policy frame-src https://challenges.cloudflare.com/ blob:; base-uri 'self' content-type text/html; charset=UTF-8 cross-origin-embedder-policy require-corp cross-origin-opener-policy same-origin cross-origin-resource-policy cross-origin date Wed, 22 Nov 2023 09:05:39 GMT document-policy js-profiling origin-agent-cluster ?1 permissions-policy accelerometer=(),autoplay=(),browsing-topics=(),camera=(),clipboard-read=(),clipboard-write=(),geolocation=(),gyroscope=(),hid=(),interest-cohort=(),magnetometer=(),microphone=(),payment=(),publickey-credentials-get=(),screen-wake-lock=(),serial=(),sync-xhr=(),usb=() referrer-policy same-origin server cloudflare
POST H3	200	6d4cc5865f5757f Show response www.promotegam.buzz/cdn-cgi/challenge-platform/h/g/flow/ov1/1826531266:1700641637:gxSZVl2sloh35v0zrIrjkd-RYstlRRmhqvhzWKjMVo4/82a0030bd9cf5c80/	2 KB 2 KB	34ms 34ms	XHR text/html	2606:4700:3032::6815:5760 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://www.promotegam.buzz/cdn-cgi/challenge-platform/h/g/flow/ov1/1826531266:1700641637:gxSZVl2sloh35v0zrIrjkd-RYstlRRmhqvhzWKjMVo4/82a0030bd9cf5c80/6d4cc5865f5757f Requested by Host: www.promotegam.buzz URL: https://www.promotegam.buzz/cdn-cgi/challenge-platform/h/g/orchestrate/chl_page/v1?ray=82a0030bd9cf5c80 Protocol H3 Security QUIC, , AES_128_GCM Server 2606:4700:3032::6815:5760 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 91255100986a9387eaaf98c400c14f02963183a713e2d6210775d1c599934903 Request headers Referer https://www.promotegam.buzz/ accept-language de-DE,de;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36 CF-Challenge 6d4cc5865f5757f Content-type application/x-www-form-urlencoded Response headers cf-chl-out 0ej64/t4wmZTybnP+W4UFqrTjE8vY/98eeCpoxXBdzN3AvJP9J628QzrXExOeDAPHbjrf7fUKZRDhEOlmtfbsRoT7ewqiBCPyZ0oMS0fkLA=$mUq6zAqdfhmAh+s9WIp/xg== cf-chl-out-s ENbLsADIhTpA9gJWQRrDjmGp4Uev1/9WVIm4AOk7rQprOnii94Jf9MYARAdl3AY37g5JFxBRmrxDr9gmtHJjW8icjvWV8BvRIOMRH24f5csAis3aG48KnCeMpSwRPF4PPh71pE8Pj66PRn14MFc6qg==$EGIw36Bifw7ZSaBIYbRf2w== date Wed, 22 Nov 2023 09:05:39 GMT content-encoding br nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} server cloudflare report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=%2FmO5sZAO0XWFOTm%2BZa9u9j%2FuEp5C20Lrp%2BpaiUxtO%2B8Wzzes0HdRbpRApQfrRjnN5aIjZw3hw%2B1NurbEsAp9NHtu8P9JX3FOhxozqe8%2FWxwAQMifoiN%2Bd2C7DP8R%2FWJ%2BJtt9xL1ekvanIf51pDQeMmjT"}],"group":"cf-nel","max_age":604800} content-type text/html; charset=UTF-8 cf-ray 82a0030f1c72f850-CDG alt-svc h3=":443"; ma=86400
GET H3	403	Primary Request / Show response www.promotegam.buzz/	6 KB 4 KB	23ms 23ms	Document text/html	2606:4700:3032::6815:5760 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://www.promotegam.buzz/ Requested by Host: www.promotegam.buzz URL: https://www.promotegam.buzz/cdn-cgi/challenge-platform/h/g/orchestrate/chl_page/v1?ray=82a0030bd9cf5c80 Protocol H3 Security QUIC, , AES_128_GCM Server 2606:4700:3032::6815:5760 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 90777f98bda4fa482231e6cc5ae27263fddebc2a5a349c27b8b49365f384e1ee Security Headers Name Value X-Frame-Options SAMEORIGIN Request headers Referer https://www.promotegam.buzz/ Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36 accept-language de-DE,de;q=0.9 Response headers alt-svc h3=":443"; ma=86400 cache-control private, max-age=0, no-store, no-cache, must-revalidate, post-check=0, pre-check=0 cf-mitigated challenge cf-ray 82a0031f4fb6f850-CDG content-encoding br content-type text/html; charset=UTF-8 cross-origin-embedder-policy require-corp cross-origin-opener-policy same-origin cross-origin-resource-policy same-origin date Wed, 22 Nov 2023 09:05:42 GMT expires Thu, 01 Jan 1970 00:00:01 GMT nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} origin-agent-cluster ?1 permissions-policy accelerometer=(),autoplay=(),browsing-topics=(),camera=(),clipboard-read=(),clipboard-write=(),geolocation=(),gyroscope=(),hid=(),interest-cohort=(),magnetometer=(),microphone=(),payment=(),publickey-credentials-get=(),screen-wake-lock=(),serial=(),sync-xhr=(),usb=() referrer-policy same-origin report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=LN4gVtOzgdL87FHij8QTNs7emtBX24uGVjPTT35Qns4I7EPO0AEgOOS%2B%2BnEATqf%2BT9PkoIok4CF4zW3Ts122468Cq6m7H4w6q%2FJ7O7ySkrVaLZ6ZTewhL33cPo40rCLkuZK2hrp3ccmq9%2B6wH9wv%2Fs4x"}],"group":"cf-nel","max_age":604800} server cloudflare vary Accept-Encoding x-frame-options SAMEORIGIN
GET H3	200	challenges.css www.promotegam.buzz/cdn-cgi/styles/	6 KB 3 KB	18ms 18ms	Stylesheet text/css	2606:4700:3032::6815:5760 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://www.promotegam.buzz/cdn-cgi/styles/challenges.css Requested by Host: www.promotegam.buzz URL: https://www.promotegam.buzz/ Protocol H3 Security QUIC, , AES_128_GCM Server 2606:4700:3032::6815:5760 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 2b0bd09c1cc7119d27e45353a59bf6c2721563e1689853ff704057a7439508d2 Security Headers Name Value X-Content-Type-Options nosniff X-Frame-Options DENY Request headers accept-language de-DE,de;q=0.9 Referer https://www.promotegam.buzz/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36 Response headers date Wed, 22 Nov 2023 09:05:42 GMT content-encoding gzip x-content-type-options nosniff last-modified Thu, 16 Nov 2023 21:55:48 GMT server cloudflare etag W/"65568fe4-19c8" x-frame-options DENY vary Accept-Encoding content-type text/css cache-control max-age=7200, public cf-ray 82a0031f7fd5f850-CDG expires Wed, 22 Nov 2023 11:05:42 GMT
GET H3	200	v1 Show response www.promotegam.buzz/cdn-cgi/challenge-platform/h/g/orchestrate/chl_page/	169 KB 58 KB	26ms 26ms	Script application/javascript	2606:4700:3032::6815:5760 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://www.promotegam.buzz/cdn-cgi/challenge-platform/h/g/orchestrate/chl_page/v1?ray=82a0031f4fb6f850 Requested by Host: www.promotegam.buzz URL: https://www.promotegam.buzz/ Protocol H3 Security QUIC, , AES_128_GCM Server 2606:4700:3032::6815:5760 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 164d87bc039ccfd89b542370efa1c84b469e47ffe5f77263333e53aa4b92063a Request headers accept-language de-DE,de;q=0.9 Referer https://www.promotegam.buzz/?__cf_chl_rt_tk=4AKanJOJmrkGEM1mL9EOswkEgzQRh.kZwBiOw5wTrng-1700643942-0-gaNycGzNCaU User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36 Response headers date Wed, 22 Nov 2023 09:05:42 GMT content-encoding br nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} server cloudflare report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=4KwZYo%2BOyesGWfpn5oB1R%2FohLZK7XZkzd6uDnlMmPQcnDYBqChJOcdydl%2B%2FZVHvIIUl7zkcA2cYCtub4bM%2Fsmn%2FE19KgRZ8uiwpyfXEdq5QgENSGbCBfUEf5Uy%2BvckQqldzJ6u6xMijg%2Br12%2FzVz4779"}],"group":"cf-nel","max_age":604800} content-type application/javascript; charset=UTF-8 cache-control private, max-age=0, no-store, no-cache, must-revalidate, post-check=0, pre-check=0 cf-ray 82a0031f9fedf850-CDG alt-svc h3=":443"; ma=86400
GET H2	200	api.js Show response challenges.cloudflare.com/turnstile/v0/g/9914b343/	33 KB 11 KB	35ms 34ms	Script application/javascript	2606:4700::6811:2b8 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://challenges.cloudflare.com/turnstile/v0/g/9914b343/api.js?onload=FAIg1&render=explicit Requested by Host: www.promotegam.buzz URL: https://www.promotegam.buzz/cdn-cgi/challenge-platform/h/g/orchestrate/chl_page/v1?ray=82a0031f4fb6f850 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700::6811:2b8 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 51cd12da61a7401c73472b2ac77067adfa30e9fc0545b4b7c240e9154e011fc7 Request headers Referer Origin https://www.promotegam.buzz accept-language de-DE,de;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36 Response headers date Wed, 22 Nov 2023 09:05:42 GMT content-encoding br server cloudflare vary Accept-Encoding content-type application/javascript; charset=UTF-8 access-control-allow-origin * cache-control max-age=31536000 cf-ray 82a003200e5c6969-FRA alt-svc h3=":443"; ma=86400
GET		favicon.ico www.promotegam.buzz/	0 0
GET DATA	200 OK	truncated /	586 B 0		Image image/png
General Check archive.org Show headers Download Go to Show image Full URL data:truncated Protocol DATA Server -, , ASN (), Reverse DNS Software / Resource Hash fc95732d9ff3b17fcb3e64fd12c0d451c38e64e1a4b420c556a7feb756a0a3fa Request headers accept-language de-DE,de;q=0.9 Referer User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36 Response headers Content-Type image/png
GET BLOB	200 OK	b6ccc2eb-247f-4ac9-8a7c-4b52d74f33d7 https://www.promotegam.buzz/	13 B 0		Other text/javascript
General Check archive.org Show headers Download Go to Full URL blob:https://www.promotegam.buzz/b6ccc2eb-247f-4ac9-8a7c-4b52d74f33d7 Requested by Host: www.promotegam.buzz URL: https://www.promotegam.buzz/ Protocol BLOB Server -, , ASN (), Reverse DNS Software / Resource Hash 8860e7fef89219a219cb11d18bd8e4a322f32072613f86e935e7fe162ab69c04 Request headers accept-language de-DE,de;q=0.9 Referer https://www.promotegam.buzz/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36 Response headers Content-Length 13 Content-Type text/javascript
POST H3	200	a9296546bc521f0 Show response www.promotegam.buzz/cdn-cgi/challenge-platform/h/g/flow/ov1/1360484287:1700641532:3iNAMFew_BcUtCCh3xzYuYTIxEqRJ4vjuuI9b8ukOMc/82a0031f4fb6f850/	12 KB 10 KB	35ms 35ms	XHR text/plain	2606:4700:3032::6815:5760 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://www.promotegam.buzz/cdn-cgi/challenge-platform/h/g/flow/ov1/1360484287:1700641532:3iNAMFew_BcUtCCh3xzYuYTIxEqRJ4vjuuI9b8ukOMc/82a0031f4fb6f850/a9296546bc521f0 Requested by Host: www.promotegam.buzz URL: https://www.promotegam.buzz/cdn-cgi/challenge-platform/h/g/orchestrate/chl_page/v1?ray=82a0031f4fb6f850 Protocol H3 Security QUIC, , AES_128_GCM Server 2606:4700:3032::6815:5760 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 46ed89cc25dccf3f52bea13b3fab9f11d1321da4d880962666d8e5b29d27dd26 Request headers Referer https://www.promotegam.buzz/ accept-language de-DE,de;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36 CF-Challenge a9296546bc521f0 Content-type application/x-www-form-urlencoded Response headers date Wed, 22 Nov 2023 09:05:42 GMT content-encoding br nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} server cloudflare report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=1cvp0U8o8UYljyCooLo4lBpKkRNS4lgfnANZiKl23lKVjYwHNwqSmJ5iPpEKWtLAjf%2FoszCH6VySQcwRNXXvWjMyox2H9sSS78V720DuCP4kCNSr%2Bzqo4Yaq1zfX64fIsBME1YrpHzz3Sh%2B38zuYKEj0"}],"group":"cf-nel","max_age":604800} content-type text/plain; charset=UTF-8 cf-ray 82a00320b926f850-CDG alt-svc h3=":443"; ma=86400 cf-chl-gen rvfarjAxcXIAjya5ftgQZqF8wUMnL0e0FMHS74ioyCg4s8i86c8cPQwkaHVEDGvb$SKHTVm5+5kHLkC4huAfgaQ==
GET H3	200	normal challenges.cloudflare.com/cdn-cgi/challenge-platform/h/g/turnstile/if/ov2/av0/rcv0/0/o6vfq/0x4AAAAAAADnPIDROrmt1Wwj/light/ Frame 11D3	0 0	17ms 17ms	Document text/html	2606:4700::6811:2b8 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://challenges.cloudflare.com/cdn-cgi/challenge-platform/h/g/turnstile/if/ov2/av0/rcv0/0/o6vfq/0x4AAAAAAADnPIDROrmt1Wwj/light/normal Requested by Host: challenges.cloudflare.com URL: https://challenges.cloudflare.com/turnstile/v0/g/9914b343/api.js?onload=FAIg1&render=explicit Protocol H3 Security QUIC, , AES_128_GCM Server 2606:4700::6811:2b8 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash Security Headers Name Value Content-Security-Policy frame-src https://challenges.cloudflare.com/ blob:; base-uri 'self' Request headers Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36 accept-language de-DE,de;q=0.9 Response headers alt-svc h3=":443"; ma=86400 cache-control private, max-age=0, no-store, no-cache, must-revalidate, post-check=0, pre-check=0 cf-ray 82a0032109383a70-FRA content-encoding br content-security-policy frame-src https://challenges.cloudflare.com/ blob:; base-uri 'self' content-type text/html; charset=UTF-8 cross-origin-embedder-policy require-corp cross-origin-opener-policy same-origin cross-origin-resource-policy cross-origin date Wed, 22 Nov 2023 09:05:42 GMT document-policy js-profiling origin-agent-cluster ?1 permissions-policy accelerometer=(),autoplay=(),browsing-topics=(),camera=(),clipboard-read=(),clipboard-write=(),geolocation=(),gyroscope=(),hid=(),interest-cohort=(),magnetometer=(),microphone=(),payment=(),publickey-credentials-get=(),screen-wake-lock=(),serial=(),sync-xhr=(),usb=() referrer-policy same-origin server cloudflare
POST H3	200	a9296546bc521f0 Show response www.promotegam.buzz/cdn-cgi/challenge-platform/h/g/flow/ov1/1360484287:1700641532:3iNAMFew_BcUtCCh3xzYuYTIxEqRJ4vjuuI9b8ukOMc/82a0031f4fb6f850/	2 KB 2 KB	32ms 31ms	XHR text/html	2606:4700:3032::6815:5760 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://www.promotegam.buzz/cdn-cgi/challenge-platform/h/g/flow/ov1/1360484287:1700641532:3iNAMFew_BcUtCCh3xzYuYTIxEqRJ4vjuuI9b8ukOMc/82a0031f4fb6f850/a9296546bc521f0 Requested by Host: www.promotegam.buzz URL: https://www.promotegam.buzz/cdn-cgi/challenge-platform/h/g/orchestrate/chl_page/v1?ray=82a0031f4fb6f850 Protocol H3 Security QUIC, , AES_128_GCM Server 2606:4700:3032::6815:5760 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash c4054683a98880589f0cc67f594be00cdc76cf00ef3cf5d3b0eb81887b2a6a78 Request headers Referer https://www.promotegam.buzz/ accept-language de-DE,de;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36 CF-Challenge a9296546bc521f0 Content-type application/x-www-form-urlencoded Response headers cf-chl-out GEnlhrsQ/zMNaDCDf2y4ouQeoXw7SO88LXIUkNCrb500Zu+LA9MED0Ak92PY1rUnRMGGkDYzFa8FAO7pUdv3TbH43RjflGnt6psbF90buhk=$c5hcPNJxRfghxer3I0l8Sg== cf-chl-out-s WQQZG07cwoNCww2lfUxvHBYGZ5MzmKgjCi0Ox+QpPywsy+30ahkzdPhZhLtFqJP29XzwQj6cKNFw8UILUcl9PIhkfatsZqbgy/VDlAzM/e5sswnjNdCzRVtIdOyfkI44SQfBBwJdATZ+ebItsQCqTYwEiq/rkJec/PN2WSUIZeSnC/2cH1VkL0HlvZIvDnidF4y/oe5PRdHUxXkolYJ9K31jS/VZ2sspvkMR4ZRvILYZ2aud5GcAwc9+deUOM/9p$mGfW1tFYl12Tqz9/jJ2geQ== date Wed, 22 Nov 2023 09:05:42 GMT content-encoding br nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} server cloudflare report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=416ocnt%2Fgh2BRtTwmS28oCowhyd2ZfZpjQb0Y8J7VJSxU%2FjunlEXtZpzG0b7beflihxD3e2sdTeo4xPhscAvQFwyVDIh6%2FVLtKqCY0Dz%2FOxM6sQa2YrHOBKmw3vH00wjKvtbY6HtHr%2BV7r7ye%2BHtzbOR"}],"group":"cf-nel","max_age":604800} content-type text/html; charset=UTF-8 cf-ray 82a003225b1cf850-CDG alt-svc h3=":443"; ma=86400

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain

www.promotegam.buzz

URL

https://www.promotegam.buzz/favicon.ico

Domain

www.promotegam.buzz

URL

https://www.promotegam.buzz/favicon.ico

15 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| documentPictureInPicture object| _cf_chl_opt function| IyIbT4 function| mgSMVQzBWl function| FAIg1 boolean| WrwZ6 function| scUG3 function| SgWID6 function| LGYdpr9 function| FdoAsB7 object| nCiPQs6 object| BoUQfS8 object| turnstile boolean| CnXTHZ3 string| LPfb7

1 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

			Domain/Path	Expires	Name / Value
			www.promotegam.buzz/	1970-01-20 16:24:07	Name: cf_chl_rc_m Value: 1

7 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
network	error	URL: http://66group.ae/wp-content/plugins/contact-form-7/includes/js/jquery.form.min.js?ver=3.51.0-2014.06.20 Message: Failed to load resource: the server responded with a status of 404 (Not Found)
security	warning	Message: Error with Permissions-Policy header: Origin trial controlled feature not enabled: 'browsing-topics'.
security	warning	Message: Error with Permissions-Policy header: Origin trial controlled feature not enabled: 'interest-cohort'.
network	error	URL: https://www.promotegam.buzz/ Message: Failed to load resource: the server responded with a status of 403 ()
security	warning	Message: Error with Permissions-Policy header: Origin trial controlled feature not enabled: 'browsing-topics'.
security	warning	Message: Error with Permissions-Policy header: Origin trial controlled feature not enabled: 'interest-cohort'.
network	error	URL: https://www.promotegam.buzz/ Message: Failed to load resource: the server responded with a status of 403 ()

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

66group.ae
challenges.cloudflare.com
www.promotegam.buzz
www.promotegam.buzz
205.134.254.70
2606:4700:3032::6815:5760
2606:4700::6811:2b8
164d87bc039ccfd89b542370efa1c84b469e47ffe5f77263333e53aa4b92063a
1fcbe5b11eb007a703d6d9ae604787fec677caf97d9c5b5ec6d39ab07c398bc3
2b0bd09c1cc7119d27e45353a59bf6c2721563e1689853ff704057a7439508d2
2c98bcfd2783c1c274ad78ff612ec90c50c8748c76a282e5243036cf8a4bab94
46ed89cc25dccf3f52bea13b3fab9f11d1321da4d880962666d8e5b29d27dd26
51cd12da61a7401c73472b2ac77067adfa30e9fc0545b4b7c240e9154e011fc7
8860e7fef89219a219cb11d18bd8e4a322f32072613f86e935e7fe162ab69c04
90777f98bda4fa482231e6cc5ae27263fddebc2a5a349c27b8b49365f384e1ee
91255100986a9387eaaf98c400c14f02963183a713e2d6210775d1c599934903
9a829327666de98f248056a1d1cb3faa0f57a8c2ae7fd8695114efd88717de98
9c5c70e27ffba3907f23ff85cacee98fc0f749bda2ed76ca6c8809b36a6e1a66
c4054683a98880589f0cc67f594be00cdc76cf00ef3cf5d3b0eb81887b2a6a78
fc95732d9ff3b17fcb3e64fd12c0d451c38e64e1a4b420c556a7feb756a0a3fa