urlscan.io logo urlscan.io
SecurityTrails logo

parimatch.kz Open in urlscan Pro
31.43.179.6  Public Scan

Go To Rescan Add Verdict Report
Submitted URL: http://parimatch.kz/
Effective URL: https://parimatch.kz/
Submission: On February 22 via api from US — Scanned from DE
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 3 IPs in 2 countries across 2 domains to perform 17 HTTP transactions. The main IP is 31.43.179.6, located in Kazakhstan and belongs to CLOUDFLARESPECTRUM Cloudflare, Inc., US. The main domain is parimatch.kz. The Cisco Umbrella rank of the primary domain is 712351.
TLS certificate: Issued by E1 on January 29th 2024. Valid for: 3 months.
This is the only time parimatch.kz was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
11 31.43.179.6 209242 (CLOUDFLAR...)
4 2606:4700::68... 13335 (CLOUDFLAR...)
17 3
Apex Domain
Subdomains		 Transfer
11 parimatch.kz
parimatch.kz — Cisco Umbrella Rank: 712351
185 KB
4 cloudflare.com
challenges.cloudflare.com — Cisco Umbrella Rank: 4216
26 KB
17 2
Domain Requested by
11 parimatch.kz parimatch.kz
4 challenges.cloudflare.com parimatch.kz
challenges.cloudflare.com
17 2

This site contains links to these domains. Also see Links.

Domain
www.cloudflare.com
Subject Issuer Validity Valid
parimatch.kz
E1		 2024-01-29 -
2024-04-28		 3 months crt.sh
challenges.cloudflare.com
Cloudflare Inc ECC CA-3		 2023-08-18 -
2024-08-17		 a year crt.sh

This page contains 3 frames:

Primary Page: https://parimatch.kz/
Frame ID: 67DB40B72EBCE1E2A5F192018E8DA773
Requests: 15 HTTP requests in this frame

Frame: https://challenges.cloudflare.com/cdn-cgi/challenge-platform/h/b/turnstile/if/ov2/av0/rcv0/0/vjwcn/0x4AAAAAAADnOjc0PNeA8qVm/light/normal
Frame ID: 5D6B33195A19C3B987C8932F37BDDC34
Requests: 1 HTTP requests in this frame

Frame: https://challenges.cloudflare.com/cdn-cgi/challenge-platform/h/b/turnstile/if/ov2/av0/rcv0/0/aqvtg/0x4AAAAAAADnOjc0PNeA8qVm/light/normal
Frame ID: C012746D6BE449772A98F79BB06FC610
Requests: 1 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page Title

Just a moment...

Page URL History Show full URLs

  1. http://parimatch.kz/ HTTP 307
    https://parimatch.kz/ Page URL
  2. https://parimatch.kz/ Page URL

Page Statistics

17
Requests

88 %
HTTPS

50 %
IPv6

2
Domains

2
Subdomains

3
IPs

2
Countries

210 kB
Transfer

511 kB
Size

1
Cookies

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

  1. http://parimatch.kz/ HTTP 307
    https://parimatch.kz/ Page URL
  2. https://parimatch.kz/ Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 0
  • http://parimatch.kz/ HTTP 307
  • https://parimatch.kz/

17 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
/
parimatch.kz/
Redirect Chain
  • http://parimatch.kz/
  • https://parimatch.kz/
18 KB
10 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://parimatch.kz/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
31.43.179.6 , Kazakhstan, ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US),
Reverse DNS
Software
cloudflare /
Resource Hash
d21766560b6546cf2cb3ab5822a31f04983c345accef2e1ea691279228439c89
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.57 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

accept-ch
Sec-CH-UA-Bitness, Sec-CH-UA-Arch, Sec-CH-UA-Full-Version, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Platform, Sec-CH-UA, UA-Bitness, UA-Arch, UA-Full-Version, UA-Mobile, UA-Model, UA-Platform-Version, UA-Platform, UA
cache-control
private, max-age=0, no-store, no-cache, must-revalidate, post-check=0, pre-check=0
cf-mitigated
challenge
cf-ray
859819c47cec1d88-FRA
content-encoding
gzip
content-type
text/html; charset=UTF-8
cross-origin-embedder-policy
require-corp
cross-origin-opener-policy
same-origin
cross-origin-resource-policy
same-origin
date
Thu, 22 Feb 2024 15:00:47 GMT
expires
Thu, 01 Jan 1970 00:00:01 GMT
origin-agent-cluster
?1
permissions-policy
accelerometer=(),autoplay=(),browsing-topics=(),camera=(),clipboard-read=(),clipboard-write=(),geolocation=(),gyroscope=(),hid=(),interest-cohort=(),magnetometer=(),microphone=(),payment=(),publickey-credentials-get=(),screen-wake-lock=(),serial=(),sync-xhr=(),usb=()
referrer-policy
same-origin
server
cloudflare
strict-transport-security
max-age=63072000; includeSubDomains; preload
vary
Accept-Encoding
x-content-type-options
nosniff
x-frame-options
SAMEORIGIN

Redirect headers

Cross-Origin-Resource-Policy
Cross-Origin
Location
https://parimatch.kz/
Non-Authoritative-Reason
HSTS
jtuwM4SKcntVf8ySiVkOU4DlZrs.js
parimatch.kz/cdn-cgi/apps/head/ 		0
0 		Script
General
Check archive.org
Download Go to
Full URL
https://parimatch.kz/cdn-cgi/apps/head/jtuwM4SKcntVf8ySiVkOU4DlZrs.js
Requested by
Host: parimatch.kz
URL: https://parimatch.kz/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
31.43.179.6 , Kazakhstan, ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US),
Reverse DNS
Software
cloudflare /
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://parimatch.kz/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.57 Safari/537.36

Response headers

date
Thu, 22 Feb 2024 15:00:47 GMT
strict-transport-security
max-age=63072000; includeSubDomains; preload
x-content-type-options
nosniff
content-encoding
gzip
cross-origin-embedder-policy
require-corp
cross-origin-resource-policy
same-origin
referrer-policy
same-origin
accept-ch
Sec-CH-UA-Bitness, Sec-CH-UA-Arch, Sec-CH-UA-Full-Version, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Platform, Sec-CH-UA, UA-Bitness, UA-Arch, UA-Full-Version, UA-Mobile, UA-Model, UA-Platform-Version, UA-Platform, UA
cross-origin-opener-policy
same-origin
cf-mitigated
challenge
server
cloudflare
x-frame-options
SAMEORIGIN
vary
Accept-Encoding
content-type
text/html; charset=UTF-8
origin-agent-cluster
?1
cache-control
private, max-age=0, no-store, no-cache, must-revalidate, post-check=0, pre-check=0
permissions-policy
accelerometer=(),autoplay=(),browsing-topics=(),camera=(),clipboard-read=(),clipboard-write=(),geolocation=(),gyroscope=(),hid=(),interest-cohort=(),magnetometer=(),microphone=(),payment=(),publickey-credentials-get=(),screen-wake-lock=(),serial=(),sync-xhr=(),usb=()
cf-ray
859819c4ad0d1d88-FRA
expires
Thu, 01 Jan 1970 00:00:01 GMT
v1
parimatch.kz/cdn-cgi/challenge-platform/h/b/orchestrate/chl_page/ 		170 KB
56 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://parimatch.kz/cdn-cgi/challenge-platform/h/b/orchestrate/chl_page/v1?ray=859819c47cec1d88
Requested by
Host: parimatch.kz
URL: https://parimatch.kz/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
31.43.179.6 , Kazakhstan, ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US),
Reverse DNS
Software
cloudflare /
Resource Hash
a17a13a3a0bd2b8e1048172d3960d09f0185a63a4e13fb61364d004e14e89871
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://parimatch.kz/?__cf_chl_rt_tk=rrlCWIfzQpbf_mfpxdJVpiVDSqsSZJh2L_1NUlB4gRk-1708614047-0.0-3581
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.57 Safari/537.36

Response headers

date
Thu, 22 Feb 2024 15:00:47 GMT
strict-transport-security
max-age=63072000; includeSubDomains; preload
x-content-type-options
nosniff
content-encoding
gzip
server
cloudflare
content-type
application/javascript; charset=UTF-8
cache-control
private, max-age=0, no-store, no-cache, must-revalidate, post-check=0, pre-check=0
cf-ray
859819c4cd251d88-FRA
api.js
challenges.cloudflare.com/turnstile/v0/b/0f752fefe334/ 		38 KB
13 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://challenges.cloudflare.com/turnstile/v0/b/0f752fefe334/api.js?onload=SdFnRC2&render=explicit
Requested by
Host: parimatch.kz
URL: https://parimatch.kz/cdn-cgi/challenge-platform/h/b/orchestrate/chl_page/v1?ray=859819c47cec1d88
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6811:3b8 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
28f72bc26cb8c6bf06b1b8c706a51b2fb326d11b23d02e7b6f455ab8e20ea3b1

Request headers

Referer
Origin
https://parimatch.kz
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.57 Safari/537.36

Response headers

date
Thu, 22 Feb 2024 15:00:47 GMT
content-encoding
br
server
cloudflare
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
max-age=31536000
cf-ray
859819c52d7f1ca1-FRA
alt-svc
h3=":443"; ma=86400
favicon.ico
parimatch.kz/ 		16 KB
16 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://parimatch.kz/favicon.ico
Requested by
Host: parimatch.kz
URL: https://parimatch.kz/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
31.43.179.6 , Kazakhstan, ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US),
Reverse DNS
Software
cloudflare /
Resource Hash
e354900a27e37a03f4d8cc5d8d9a871fcf1cd65fb5e474e420ba92e78085d6e2
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://parimatch.kz/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.57 Safari/537.36

Response headers

date
Thu, 22 Feb 2024 15:00:47 GMT
strict-transport-security
max-age=63072000; includeSubDomains; preload
x-content-type-options
nosniff
content-encoding
gzip
cross-origin-embedder-policy
require-corp
cross-origin-resource-policy
same-origin
referrer-policy
same-origin
accept-ch
Sec-CH-UA-Bitness, Sec-CH-UA-Arch, Sec-CH-UA-Full-Version, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Platform, Sec-CH-UA, UA-Bitness, UA-Arch, UA-Full-Version, UA-Mobile, UA-Model, UA-Platform-Version, UA-Platform, UA
cross-origin-opener-policy
same-origin
cf-mitigated
challenge
server
cloudflare
x-frame-options
SAMEORIGIN
vary
Accept-Encoding
content-type
text/html; charset=UTF-8
origin-agent-cluster
?1
cache-control
private, max-age=0, no-store, no-cache, must-revalidate, post-check=0, pre-check=0
permissions-policy
accelerometer=(),autoplay=(),browsing-topics=(),camera=(),clipboard-read=(),clipboard-write=(),geolocation=(),gyroscope=(),hid=(),interest-cohort=(),magnetometer=(),microphone=(),payment=(),publickey-credentials-get=(),screen-wake-lock=(),serial=(),sync-xhr=(),usb=()
cf-ray
859819c4fd741d88-FRA
expires
Thu, 01 Jan 1970 00:00:01 GMT
7def62de-c3e9-4d68-b7d8-ecff694e48d9
https://parimatch.kz/ 		13 B
0 		Other
General
Check archive.org
Download Go to
Full URL
blob:https://parimatch.kz/7def62de-c3e9-4d68-b7d8-ecff694e48d9
Requested by
Host: parimatch.kz
URL: https://parimatch.kz/
Protocol
BLOB
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
8860e7fef89219a219cb11d18bd8e4a322f32072613f86e935e7fe162ab69c04

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://parimatch.kz/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.57 Safari/537.36

Response headers

Content-Length
13
Content-Type
text/javascript
dc4213fd3223d5b
parimatch.kz/cdn-cgi/challenge-platform/h/b/flow/ov1/686476917:1708610932:XMuYujNII5KPga4mhxy_hrlWSsNAmw9bBzVxQxatyAs/859819c47cec1d88/ 		12 KB
10 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://parimatch.kz/cdn-cgi/challenge-platform/h/b/flow/ov1/686476917:1708610932:XMuYujNII5KPga4mhxy_hrlWSsNAmw9bBzVxQxatyAs/859819c47cec1d88/dc4213fd3223d5b
Requested by
Host: parimatch.kz
URL: https://parimatch.kz/cdn-cgi/challenge-platform/h/b/orchestrate/chl_page/v1?ray=859819c47cec1d88
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
31.43.179.6 , Kazakhstan, ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US),
Reverse DNS
Software
cloudflare /
Resource Hash
ad9ce089c8fb3bdc6a26067b4c74de6cf4eee5f65b990d2733931f0b1518439e
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://parimatch.kz/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.57 Safari/537.36
CF-Challenge
dc4213fd3223d5b
Content-type
application/x-www-form-urlencoded

Response headers

date
Thu, 22 Feb 2024 15:00:47 GMT
strict-transport-security
max-age=63072000; includeSubDomains; preload
x-content-type-options
nosniff
content-encoding
gzip
server
cloudflare
content-type
text/plain; charset=UTF-8
cf-ray
859819c5ae1a1d88-FRA
cf-chl-gen
bn+N4PRPKXhRywW7dG6IdEzO/EIP1vQg3oiBaSSLXzt+Kc8FZtZJttRvtDdCBULJ$O3LyOLcEw1AW55v9DTkfOA==
normal
challenges.cloudflare.com/cdn-cgi/challenge-platform/h/b/turnstile/if/ov2/av0/rcv0/0/vjwcn/0x4AAAAAAADnOjc0PNeA8qVm/light/ Frame 5D6B 		0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://challenges.cloudflare.com/cdn-cgi/challenge-platform/h/b/turnstile/if/ov2/av0/rcv0/0/vjwcn/0x4AAAAAAADnOjc0PNeA8qVm/light/normal
Requested by
Host: challenges.cloudflare.com
URL: https://challenges.cloudflare.com/turnstile/v0/b/0f752fefe334/api.js?onload=SdFnRC2&render=explicit
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700::6811:3b8 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
Security Headers
Name Value
Content-Security-Policy frame-src https://challenges.cloudflare.com/ blob:; base-uri 'self'

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.57 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

accept-ch
Sec-CH-UA-Bitness, Sec-CH-UA-Arch, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Platform, Sec-CH-UA, UA-Bitness, UA-Arch, UA-Full-Version, UA-Mobile, UA-Model, UA-Platform-Version, UA-Platform, UA
alt-svc
h3=":443"; ma=86400
cache-control
private, max-age=0, no-store, no-cache, must-revalidate, post-check=0, pre-check=0
cf-ray
859819c6094f5d78-FRA
content-encoding
br
content-security-policy
frame-src https://challenges.cloudflare.com/ blob:; base-uri 'self'
content-type
text/html; charset=UTF-8
cross-origin-embedder-policy
require-corp
cross-origin-opener-policy
same-origin
cross-origin-resource-policy
cross-origin
date
Thu, 22 Feb 2024 15:00:47 GMT
document-policy
js-profiling
origin-agent-cluster
?1
permissions-policy
accelerometer=(),autoplay=(),browsing-topics=(),camera=(),clipboard-read=(),clipboard-write=(),geolocation=(),gyroscope=(),hid=(),interest-cohort=(),magnetometer=(),microphone=(),payment=(),publickey-credentials-get=(),screen-wake-lock=(),serial=(),sync-xhr=(),usb=()
referrer-policy
same-origin
server
cloudflare
dc4213fd3223d5b
parimatch.kz/cdn-cgi/challenge-platform/h/b/flow/ov1/686476917:1708610932:XMuYujNII5KPga4mhxy_hrlWSsNAmw9bBzVxQxatyAs/859819c47cec1d88/ 		2 KB
2 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://parimatch.kz/cdn-cgi/challenge-platform/h/b/flow/ov1/686476917:1708610932:XMuYujNII5KPga4mhxy_hrlWSsNAmw9bBzVxQxatyAs/859819c47cec1d88/dc4213fd3223d5b
Requested by
Host: parimatch.kz
URL: https://parimatch.kz/cdn-cgi/challenge-platform/h/b/orchestrate/chl_page/v1?ray=859819c47cec1d88
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
31.43.179.6 , Kazakhstan, ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US),
Reverse DNS
Software
cloudflare /
Resource Hash
c53d8984ad405811f7bdda7cc8642be75ae2bf119ffdd740aaca75dc6bd1905d
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://parimatch.kz/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.57 Safari/537.36
CF-Challenge
dc4213fd3223d5b
Content-type
application/x-www-form-urlencoded

Response headers

cf-chl-out
kzqadnxUq+jWd4QTDPEsMatz73dAn2+SW0YGP0c8vG8/ciW1O1LcmyiMFdYNUUTrRMmD6T5XqliUhV+m+8TlHBP86ak2H1WkSutNCsdtClA=$B5ZCsOLfx5rguQ1JGXPDtQ==
cf-chl-out-s
seBSkn4yBDbov2vtCiRoZ9gGXrXJgRPksWUATaLl9IWdAz501UnfedsZ4dzh8la4VLhlaU7MLnysncYrt4Pj4UQ2qeEYoxn0Oa2xcUMXMt6/vaS+D06e+FvAKJblfaNBfAWYmpJKsmRKf/SOetADtggslZmxK9ZNYZL+bhUk2VWVU0MUCKW+8J1/v/HoRhPXHqK/x2obcI5zFqFjLptp6eQ4A8BKN9joNWxWH4pjIsFEzB9XOs15Uo8m6ZUmwg1g$qc7cZ1wnabPaU2rPrRSyqA==
date
Thu, 22 Feb 2024 15:00:48 GMT
strict-transport-security
max-age=63072000; includeSubDomains; preload
x-content-type-options
nosniff
content-encoding
gzip
server
cloudflare
content-type
text/html; charset=UTF-8
cf-ray
859819cbac431d88-FRA
Primary Request /
parimatch.kz/ 		16 KB
8 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://parimatch.kz/
Requested by
Host: parimatch.kz
URL: https://parimatch.kz/cdn-cgi/challenge-platform/h/b/orchestrate/chl_page/v1?ray=859819c47cec1d88
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
31.43.179.6 , Kazakhstan, ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US),
Reverse DNS
Software
cloudflare /
Resource Hash
f1abedb069cc6127f6ca9183d78fc40bdcfb776e1ea82e19e294a19fbe45a444
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN

Request headers

Referer
https://parimatch.kz/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.57 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

accept-ch
Sec-CH-UA-Bitness, Sec-CH-UA-Arch, Sec-CH-UA-Full-Version, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Platform, Sec-CH-UA, UA-Bitness, UA-Arch, UA-Full-Version, UA-Mobile, UA-Model, UA-Platform-Version, UA-Platform, UA
cache-control
private, max-age=0, no-store, no-cache, must-revalidate, post-check=0, pre-check=0
cf-mitigated
challenge
cf-ray
859819d859b01d88-FRA
content-encoding
gzip
content-type
text/html; charset=UTF-8
cross-origin-embedder-policy
require-corp
cross-origin-opener-policy
same-origin
cross-origin-resource-policy
same-origin
date
Thu, 22 Feb 2024 15:00:50 GMT
expires
Thu, 01 Jan 1970 00:00:01 GMT
origin-agent-cluster
?1
permissions-policy
accelerometer=(),autoplay=(),browsing-topics=(),camera=(),clipboard-read=(),clipboard-write=(),geolocation=(),gyroscope=(),hid=(),interest-cohort=(),magnetometer=(),microphone=(),payment=(),publickey-credentials-get=(),screen-wake-lock=(),serial=(),sync-xhr=(),usb=()
referrer-policy
same-origin
server
cloudflare
strict-transport-security
max-age=63072000; includeSubDomains; preload
vary
Accept-Encoding
x-content-type-options
nosniff
x-frame-options
SAMEORIGIN
jtuwM4SKcntVf8ySiVkOU4DlZrs.js
parimatch.kz/cdn-cgi/apps/head/ 		0
0 		Script
General
Check archive.org
Download Go to
Full URL
https://parimatch.kz/cdn-cgi/apps/head/jtuwM4SKcntVf8ySiVkOU4DlZrs.js
Requested by
Host: parimatch.kz
URL: https://parimatch.kz/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
31.43.179.6 , Kazakhstan, ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US),
Reverse DNS
Software
cloudflare /
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://parimatch.kz/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.57 Safari/537.36

Response headers

date
Thu, 22 Feb 2024 15:00:50 GMT
strict-transport-security
max-age=63072000; includeSubDomains; preload
x-content-type-options
nosniff
content-encoding
gzip
cross-origin-embedder-policy
require-corp
cross-origin-resource-policy
same-origin
referrer-policy
same-origin
accept-ch
Sec-CH-UA-Bitness, Sec-CH-UA-Arch, Sec-CH-UA-Full-Version, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Platform, Sec-CH-UA, UA-Bitness, UA-Arch, UA-Full-Version, UA-Mobile, UA-Model, UA-Platform-Version, UA-Platform, UA
cross-origin-opener-policy
same-origin
cf-mitigated
challenge
server
cloudflare
x-frame-options
SAMEORIGIN
vary
Accept-Encoding
content-type
text/html; charset=UTF-8
origin-agent-cluster
?1
cache-control
private, max-age=0, no-store, no-cache, must-revalidate, post-check=0, pre-check=0
permissions-policy
accelerometer=(),autoplay=(),browsing-topics=(),camera=(),clipboard-read=(),clipboard-write=(),geolocation=(),gyroscope=(),hid=(),interest-cohort=(),magnetometer=(),microphone=(),payment=(),publickey-credentials-get=(),screen-wake-lock=(),serial=(),sync-xhr=(),usb=()
cf-ray
859819d879e81d88-FRA
expires
Thu, 01 Jan 1970 00:00:01 GMT
v1
parimatch.kz/cdn-cgi/challenge-platform/h/b/orchestrate/chl_page/ 		170 KB
57 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://parimatch.kz/cdn-cgi/challenge-platform/h/b/orchestrate/chl_page/v1?ray=859819d859b01d88
Requested by
Host: parimatch.kz
URL: https://parimatch.kz/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
31.43.179.6 , Kazakhstan, ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US),
Reverse DNS
Software
cloudflare /
Resource Hash
ebed893897bb22bd6218e84e1b20e609857f8eae8997e4680fc0dfbf5be585d5
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://parimatch.kz/?__cf_chl_rt_tk=3XE9qhKt0NsbAhPWpQcrJPxGyFxYB17Dze_diKA7nqw-1708614050-0.0-2962
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.57 Safari/537.36

Response headers

date
Thu, 22 Feb 2024 15:00:50 GMT
strict-transport-security
max-age=63072000; includeSubDomains; preload
x-content-type-options
nosniff
content-encoding
gzip
server
cloudflare
content-type
application/javascript; charset=UTF-8
cache-control
private, max-age=0, no-store, no-cache, must-revalidate, post-check=0, pre-check=0
cf-ray
859819d89a131d88-FRA
api.js
challenges.cloudflare.com/turnstile/v0/b/0f752fefe334/ 		38 KB
13 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://challenges.cloudflare.com/turnstile/v0/b/0f752fefe334/api.js?onload=SdFnRC2&render=explicit
Requested by
Host: parimatch.kz
URL: https://parimatch.kz/cdn-cgi/challenge-platform/h/b/orchestrate/chl_page/v1?ray=859819d859b01d88
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6811:3b8 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
28f72bc26cb8c6bf06b1b8c706a51b2fb326d11b23d02e7b6f455ab8e20ea3b1

Request headers

Referer
Origin
https://parimatch.kz
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.57 Safari/537.36

Response headers

date
Thu, 22 Feb 2024 15:00:50 GMT
content-encoding
br
server
cloudflare
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
max-age=31536000
cf-ray
859819d8de6d1ca1-FRA
alt-svc
h3=":443"; ma=86400
favicon.ico
parimatch.kz/ 		16 KB
16 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://parimatch.kz/favicon.ico
Requested by
Host: parimatch.kz
URL: https://parimatch.kz/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
31.43.179.6 , Kazakhstan, ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US),
Reverse DNS
Software
cloudflare /
Resource Hash
ed59dba0acdb4d43bee1e3fdf91a799cbe00434661226e13d6e2c0e826444aec
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://parimatch.kz/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.57 Safari/537.36

Response headers

date
Thu, 22 Feb 2024 15:00:50 GMT
strict-transport-security
max-age=63072000; includeSubDomains; preload
x-content-type-options
nosniff
content-encoding
gzip
cross-origin-embedder-policy
require-corp
cross-origin-resource-policy
same-origin
referrer-policy
same-origin
accept-ch
Sec-CH-UA-Bitness, Sec-CH-UA-Arch, Sec-CH-UA-Full-Version, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Platform, Sec-CH-UA, UA-Bitness, UA-Arch, UA-Full-Version, UA-Mobile, UA-Model, UA-Platform-Version, UA-Platform, UA
cross-origin-opener-policy
same-origin
cf-mitigated
challenge
server
cloudflare
x-frame-options
SAMEORIGIN
vary
Accept-Encoding
content-type
text/html; charset=UTF-8
origin-agent-cluster
?1
cache-control
private, max-age=0, no-store, no-cache, must-revalidate, post-check=0, pre-check=0
permissions-policy
accelerometer=(),autoplay=(),browsing-topics=(),camera=(),clipboard-read=(),clipboard-write=(),geolocation=(),gyroscope=(),hid=(),interest-cohort=(),magnetometer=(),microphone=(),payment=(),publickey-credentials-get=(),screen-wake-lock=(),serial=(),sync-xhr=(),usb=()
cf-ray
859819d8da5d1d88-FRA
expires
Thu, 01 Jan 1970 00:00:01 GMT
2121ab58-8d6f-483c-aa18-44c5c3c94a64
https://parimatch.kz/ 		13 B
0 		Other
General
Check archive.org
Download Go to
Full URL
blob:https://parimatch.kz/2121ab58-8d6f-483c-aa18-44c5c3c94a64
Requested by
Host: parimatch.kz
URL: https://parimatch.kz/
Protocol
BLOB
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
8860e7fef89219a219cb11d18bd8e4a322f32072613f86e935e7fe162ab69c04

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://parimatch.kz/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.57 Safari/537.36

Response headers

Content-Length
13
Content-Type
text/javascript
f4071afe2958df0
parimatch.kz/cdn-cgi/challenge-platform/h/b/flow/ov1/336647084:1708610977:S-PiUsKRxnFRGvWSd7VLgZ6-wu17Tpoyj3zx3mbTmqg/859819d859b01d88/ 		12 KB
10 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://parimatch.kz/cdn-cgi/challenge-platform/h/b/flow/ov1/336647084:1708610977:S-PiUsKRxnFRGvWSd7VLgZ6-wu17Tpoyj3zx3mbTmqg/859819d859b01d88/f4071afe2958df0
Requested by
Host: parimatch.kz
URL: https://parimatch.kz/cdn-cgi/challenge-platform/h/b/orchestrate/chl_page/v1?ray=859819d859b01d88
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
31.43.179.6 , Kazakhstan, ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US),
Reverse DNS
Software
cloudflare /
Resource Hash
d8075ad544383dbfddaccd548ec6e8ac4c6ecfc9d25f96cff1f8495d3c0fe2c5
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://parimatch.kz/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.57 Safari/537.36
CF-Challenge
f4071afe2958df0
Content-type
application/x-www-form-urlencoded

Response headers

date
Thu, 22 Feb 2024 15:00:50 GMT
strict-transport-security
max-age=63072000; includeSubDomains; preload
x-content-type-options
nosniff
content-encoding
gzip
server
cloudflare
content-type
text/plain; charset=UTF-8
cf-ray
859819d97af01d88-FRA
cf-chl-gen
d8z+Pd8vd1iOxPZU+ieC7SrDXvzpkVk6K9tqHiH1dCGeYC/j+FlxmwA8Ar40AyDV$7rSDT1/rWmvVAZ74YXKWPQ==
normal
challenges.cloudflare.com/cdn-cgi/challenge-platform/h/b/turnstile/if/ov2/av0/rcv0/0/aqvtg/0x4AAAAAAADnOjc0PNeA8qVm/light/ Frame C012 		0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://challenges.cloudflare.com/cdn-cgi/challenge-platform/h/b/turnstile/if/ov2/av0/rcv0/0/aqvtg/0x4AAAAAAADnOjc0PNeA8qVm/light/normal
Requested by
Host: challenges.cloudflare.com
URL: https://challenges.cloudflare.com/turnstile/v0/b/0f752fefe334/api.js?onload=SdFnRC2&render=explicit
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700::6811:3b8 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
Security Headers
Name Value
Content-Security-Policy frame-src https://challenges.cloudflare.com/ blob:; base-uri 'self'

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.57 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

accept-ch
Sec-CH-UA-Bitness, Sec-CH-UA-Arch, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Platform, Sec-CH-UA, UA-Bitness, UA-Arch, UA-Full-Version, UA-Mobile, UA-Model, UA-Platform-Version, UA-Platform, UA
alt-svc
h3=":443"; ma=86400
cache-control
private, max-age=0, no-store, no-cache, must-revalidate, post-check=0, pre-check=0
cf-ray
859819d9c8265d78-FRA
content-encoding
br
content-security-policy
frame-src https://challenges.cloudflare.com/ blob:; base-uri 'self'
content-type
text/html; charset=UTF-8
cross-origin-embedder-policy
require-corp
cross-origin-opener-policy
same-origin
cross-origin-resource-policy
cross-origin
date
Thu, 22 Feb 2024 15:00:50 GMT
document-policy
js-profiling
origin-agent-cluster
?1
permissions-policy
accelerometer=(),autoplay=(),browsing-topics=(),camera=(),clipboard-read=(),clipboard-write=(),geolocation=(),gyroscope=(),hid=(),interest-cohort=(),magnetometer=(),microphone=(),payment=(),publickey-credentials-get=(),screen-wake-lock=(),serial=(),sync-xhr=(),usb=()
referrer-policy
same-origin
server
cloudflare

Verdicts & Comments Add Verdict or Comment

17 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| 0 object| _cf_chl_opt function| uvcml8 function| UXXwR4 function| SdFnRC2 boolean| XrxQJF5 function| uVaWI1 function| qUAUsf3 function| QMbjU8 function| Bjox4 function| pDWA4 object| eJmpWs3 object| ULMIxU3 object| qTEj2 object| turnstile boolean| IjUmIS0 string| yHSC8

1 Cookies

Domain/Path Name / Value
parimatch.kz/ Name: cf_chl_rc_ni
Value: 1

12 Console Messages

Source Level URL
Text
security warning
Message:
Error with Permissions-Policy header: Origin trial controlled feature not enabled: 'browsing-topics'.
security warning
Message:
Error with Permissions-Policy header: Origin trial controlled feature not enabled: 'interest-cohort'.
network error URL: https://parimatch.kz/
Message:
Failed to load resource: the server responded with a status of 403 ()
network error URL: https://parimatch.kz/cdn-cgi/apps/head/jtuwM4SKcntVf8ySiVkOU4DlZrs.js
Message:
Failed to load resource: the server responded with a status of 403 ()
security error URL: https://parimatch.kz/
Message:
Refused to execute script from 'https://parimatch.kz/cdn-cgi/apps/head/jtuwM4SKcntVf8ySiVkOU4DlZrs.js' because its MIME type ('text/html') is not executable, and strict MIME type checking is enabled.
network error URL: https://parimatch.kz/favicon.ico
Message:
Failed to load resource: the server responded with a status of 403 ()
security warning
Message:
Error with Permissions-Policy header: Origin trial controlled feature not enabled: 'browsing-topics'.
security warning
Message:
Error with Permissions-Policy header: Origin trial controlled feature not enabled: 'interest-cohort'.
network error URL: https://parimatch.kz/
Message:
Failed to load resource: the server responded with a status of 403 ()
network error URL: https://parimatch.kz/cdn-cgi/apps/head/jtuwM4SKcntVf8ySiVkOU4DlZrs.js
Message:
Failed to load resource: the server responded with a status of 403 ()
security error URL: https://parimatch.kz/
Message:
Refused to execute script from 'https://parimatch.kz/cdn-cgi/apps/head/jtuwM4SKcntVf8ySiVkOU4DlZrs.js' because its MIME type ('text/html') is not executable, and strict MIME type checking is enabled.
network error URL: https://parimatch.kz/favicon.ico
Message:
Failed to load resource: the server responded with a status of 403 ()

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header Value
Strict-Transport-Security max-age=63072000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN