onex-kz-bet.com Open in urlscan Pro
172.67.139.222  Public Scan

0 Outgoing links

These are links going to different origins than the main page.

Redirected requests

There were HTTP redirect chains for the following requests:

28 HTTP transactions Everything HTML Script AJAX CSS Image Expand all
0 data transactions

Method Protocol	Status	Resource Path	Size x-fer	Time Latency	Type MIME-Type	IP Location
GET H3	200	Primary Request / Show response onex-kz-bet.com/	25 KB 8 KB	168ms 145ms	Document text/html	172.67.139.222 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://onex-kz-bet.com/ Protocol H3 Security QUIC, , AES_128_GCM Server 172.67.139.222 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash ceb26a8f726466b1bdb9d30c032c493d0a8f1e7eede1ff85cb9d058aecc5d079 Request headers Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36 Response headers alt-svc h3=":443"; ma=86400 cache-control no-cache, no-store, must-revalidate cf-cache-status DYNAMIC cf-ray 8d906c7599e3a037-FRA content-encoding br content-type text/html; charset=UTF-8 date Sun, 27 Oct 2024 05:53:05 GMT nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} priority u=0,i report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=rfL448V8A52P%2FA80E13Z47Ht6UFEzkwRxKn6UbXk7UB%2BVW5P%2FARUJJXADmIOSYRu0FWS6NKyQw%2BTmDsx1X6rqs0oVy0Edce4ZMWCoq1C%2F%2B5J%2Fkk29F3hjWjUtzzXXxzCST4%3D"}],"group":"cf-nel","max_age":604800} server cloudflare server-timing cfL4;desc="?proto=QUIC&rtt=9519&sent=12&recv=10&lost=0&retrans=0&sent_bytes=4169&recv_bytes=4480&delivery_rate=899&cwnd=12000&unsent_bytes=0&cid=f2502731f14033a2&ts=150&x=1" cfExtPri cfHdrFlush;dur=0 vary accept-encoding
GET H3	200	main.ae2998b5.js Show response onex-kz-bet.com/spwa-134da71/static/js/	549 KB 167 KB	100ms 99ms	Script application/javascript	172.67.139.222 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://onex-kz-bet.com/spwa-134da71/static/js/main.ae2998b5.js Requested by Host: onex-kz-bet.com URL: https://onex-kz-bet.com/ Protocol H3 Security QUIC, , AES_128_GCM Server 172.67.139.222 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 5898bbc859c2fc02d6d9a27ef5e12935914bd34fa621459efcd1bf31f463da62 Request headers User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36 Referer https://onex-kz-bet.com/ Response headers server cloudflare cache-control max-age=14400 nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} content-encoding br cf-cache-status REVALIDATED etag W/"670616df-895f0" report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=83ZlIhpy7oVWOFzkxWt3nJWwjEGcpYvMkhRiCfQ5O%2FomJvywR9Rp%2FXv1onE1VEodi26FAgYr6fqnFnUlFhVAjsw%2BB%2BOnf5hUP7VfBWyzTv62vJ8VP49QC7f3oDKSQKgmGJA%3D"}],"group":"cf-nel","max_age":604800} cf-ray 8d906c768a72a037-FRA alt-svc h3=":443"; ma=86400 server-timing cfL4;desc="?proto=QUIC&rtt=7370&sent=34&recv=21&lost=0&retrans=0&sent_bytes=27578&recv_bytes=5705&delivery_rate=141245&cwnd=24000&unsent_bytes=0&cid=f2502731f14033a2&ts=254&x=1", cfExtPri, cfHdrFlush;dur=0 date Sun, 27 Oct 2024 05:53:05 GMT content-type application/javascript; charset=utf-8 last-modified Wed, 09 Oct 2024 05:38:39 GMT vary Accept-Encoding priority u=3,i=?0
GET H3	200	main.b518af5c.css onex-kz-bet.com/spwa-134da71/static/css/	71 KB 14 KB	87ms 87ms	Stylesheet text/css	172.67.139.222 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://onex-kz-bet.com/spwa-134da71/static/css/main.b518af5c.css Requested by Host: onex-kz-bet.com URL: https://onex-kz-bet.com/ Protocol H3 Security QUIC, , AES_128_GCM Server 172.67.139.222 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash b02af00afaf0f1f262ed8a1eb9ceacaa5707b92fb9548689c2d646edf39528ed Request headers User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36 Referer https://onex-kz-bet.com/ Response headers server cloudflare cache-control max-age=14400 nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} content-encoding gzip cf-cache-status REVALIDATED etag W/"670616df-11bed" report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=VDNrjRadNR2h5nruOFvJAmV1NmyOmSw6edPW5icgCYpEZjG4m8shw9CUn3wkFxC3VpgxYqZ%2BbUscEfRfFw9YrePJcbuvMLVuiIe4COh789mV8W5PmcZIdtMf3qSz0xw%2Flaw%3D"}],"group":"cf-nel","max_age":604800} cf-ray 8d906c768a73a037-FRA alt-svc h3=":443"; ma=86400 server-timing cfL4;desc="?proto=QUIC&rtt=8236&sent=21&recv=16&lost=0&retrans=0&sent_bytes=12668&recv_bytes=5490&delivery_rate=1336631&cwnd=12000&unsent_bytes=0&cid=f2502731f14033a2&ts=242&x=1", cfExtPri, cfHdrFlush;dur=0 date Sun, 27 Oct 2024 05:53:05 GMT content-type text/css last-modified Wed, 09 Oct 2024 05:38:39 GMT vary Accept-Encoding priority u=0,i=?0
GET H3	200	_r174x174_webp onex-kz-bet.com/assets-ucp/E8YY/iab6f2ba76c5891cda4ce936c75aa4b49/	9 KB 10 KB	97ms 96ms	Image image/webp	172.67.139.222 CLOUDFLARENET
General Check archive.org Show headers Download Go to Show image Full URL https://onex-kz-bet.com/assets-ucp/E8YY/iab6f2ba76c5891cda4ce936c75aa4b49/_r174x174_webp Protocol H3 Security QUIC, , AES_128_GCM Server 172.67.139.222 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash ce4b930e863f2311374d188e83cf1c72e31bc9c676844e34fa2416974295b252 Request headers User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36 Referer https://onex-kz-bet.com/?__hbus=3 Response headers cf-cache-status DYNAMIC etag "67197060-2476" report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=ShjaeZ9qB8YM6Ot8pQ05zjk%2FIpkIM5se%2Bi73MOnZdKilzbNsCQ9tIFq1HVlCaqWGw9ZXvpy3mWIebXAB2MCy96QiUZqpwIhQ%2FVykhb3YDwE4MgIMVO3HygwGB34LlR%2FBfHo%3D"}],"group":"cf-nel","max_age":604800} expires Sun, 03 Nov 2024 05:53:05 GMT alt-svc h3=":443"; ma=86400 server-timing cfL4;desc="?proto=QUIC&rtt=6487&sent=218&recv=87&lost=0&retrans=0&sent_bytes=237913&recv_bytes=16000&delivery_rate=288989&cwnd=103200&unsent_bytes=0&cid=f2502731f14033a2&ts=429&x=1", cfExtPri, cfHdrFlush;dur=0 date Sun, 27 Oct 2024 05:53:05 GMT content-type image/webp last-modified Wed, 23 Oct 2024 21:53:36 GMT priority u=3,i cache-control max-age=604800 nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} cf-ray 8d906c77bb32a037-FRA accept-ranges bytes content-length 9334 server cloudflare
GET H3	200	de_18.png onex-kz-bet.com/spwa-134da71/images/age/	1 KB 2 KB	89ms 87ms	Image image/png	172.67.139.222 CLOUDFLARENET
General Check archive.org Show headers Download Go to Show image Full URL https://onex-kz-bet.com/spwa-134da71/images/age/de_18.png Protocol H3 Security QUIC, , AES_128_GCM Server 172.67.139.222 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 69e87e992a7e47982e01e57e1f7d4b1367c09ea302d04b8433a434fb5a06b7c0 Request headers User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36 Referer https://onex-kz-bet.com/?__hbus=3 Response headers cf-cache-status MISS etag "670616a4-499" report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=tfi0fyUWXEHHDqm5NxTD3NxuE3MED6LXadteTTtW7F8c84CMPfcWgUuEn9TCgB4Gr8LrVuU0ppSKKqusWPs7FRiDF4z29dMJpOatRy1vn7o71P9z0P44oHPnVbR7VOIchpo%3D"}],"group":"cf-nel","max_age":604800} alt-svc h3=":443"; ma=86400 server-timing cfL4;desc="?proto=QUIC&rtt=6487&sent=213&recv=87&lost=0&retrans=0&sent_bytes=233101&recv_bytes=16000&delivery_rate=288989&cwnd=103200&unsent_bytes=0&cid=f2502731f14033a2&ts=427&x=1", cfExtPri, cfHdrFlush;dur=0 date Sun, 27 Oct 2024 05:53:05 GMT content-type image/png last-modified Wed, 09 Oct 2024 05:37:40 GMT vary Accept-Encoding priority u=3,i cache-control max-age=14400 nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} cf-ray 8d906c77bb34a037-FRA accept-ranges bytes content-length 1177 server cloudflare
GET H3	200	_r0x408_webp onex-kz-bet.com/assets-ucp/E8YY/se5798e5987b3f7caa88d2f5b760b596b/	23 KB 24 KB	57ms 55ms	Image image/webp	172.67.139.222 CLOUDFLARENET
General Check archive.org Show headers Download Go to Show image Full URL https://onex-kz-bet.com/assets-ucp/E8YY/se5798e5987b3f7caa88d2f5b760b596b/_r0x408_webp Protocol H3 Security QUIC, , AES_128_GCM Server 172.67.139.222 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 6584828c6d59f40b5c6c25bb98c72d2b161f079a04e57cb6259cfafdb07e6935 Request headers User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36 Referer https://onex-kz-bet.com/?__hbus=3 Response headers cf-cache-status DYNAMIC etag "67197060-5c16" report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=6bT1XJzN9gdWs1Lf%2FXbd8FDLGGtdLwoHfP7HoTNgU2ekWySAyz%2FJM0Ps1Ek2jWCP95WZv%2BIHK2VP4IzrtpiUmrbUS4y%2B3p7YC3pyPorVVDvLNwEomGQXvFeUkKLbE%2FG44MI%3D"}],"group":"cf-nel","max_age":604800} expires Sun, 03 Nov 2024 05:53:05 GMT alt-svc h3=":443"; ma=86400 server-timing cfL4;desc="?proto=QUIC&rtt=6521&sent=186&recv=84&lost=0&retrans=0&sent_bytes=202152&recv_bytes=15867&delivery_rate=9801928&cwnd=103200&unsent_bytes=0&cid=f2502731f14033a2&ts=400&x=1", cfExtPri, cfHdrFlush;dur=0 date Sun, 27 Oct 2024 05:53:05 GMT content-type image/webp last-modified Wed, 23 Oct 2024 21:53:36 GMT priority u=3,i cache-control max-age=604800 nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} cf-ray 8d906c77bb36a037-FRA accept-ranges bytes content-length 23574 server cloudflare
GET H3	200	_r0x408_webp onex-kz-bet.com/assets-ucp/E8YY/s895f8a4f8c32f69e0a21b7b4e5c5c1b4/	22 KB 23 KB	108ms 106ms	Image image/webp	172.67.139.222 CLOUDFLARENET
General Check archive.org Show headers Download Go to Show image Full URL https://onex-kz-bet.com/assets-ucp/E8YY/s895f8a4f8c32f69e0a21b7b4e5c5c1b4/_r0x408_webp Protocol H3 Security QUIC, , AES_128_GCM Server 172.67.139.222 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 39e533174c7c49ec85fb5889ae88d2c30a3c6b76e1756d39dffebde91d36f8c6 Request headers User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36 Referer https://onex-kz-bet.com/?__hbus=3 Response headers cf-cache-status DYNAMIC etag "671971db-57e4" report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=jt3SXHjBh4NyWlSF%2BkWIw9EDaKizDv0zXY2dSVUJXUqrCdULxILkRnrYYz9v%2Ff7mtmxjVbmvTU7odoHRfPHulEVNqfuA2JP1S8IVB1ChmQPbTfH%2B8UOp4Q28xHUCGDoHaFs%3D"}],"group":"cf-nel","max_age":604800} expires Sun, 03 Nov 2024 05:53:05 GMT alt-svc h3=":443"; ma=86400 server-timing cfL4;desc="?proto=QUIC&rtt=7064&sent=254&recv=91&lost=0&retrans=0&sent_bytes=277259&recv_bytes=16177&delivery_rate=3045047&cwnd=103200&unsent_bytes=0&cid=f2502731f14033a2&ts=444&x=1", cfExtPri, cfHdrFlush;dur=0 date Sun, 27 Oct 2024 05:53:05 GMT content-type image/webp last-modified Wed, 23 Oct 2024 21:59:55 GMT priority u=3,i cache-control max-age=604800 nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} cf-ray 8d906c77bb37a037-FRA accept-ranges bytes content-length 22500 server cloudflare
GET H3	200	_r0x408_webp onex-kz-bet.com/assets-ucp/E8YY/sd4a992eae4c6ef1f4021232eac8e1858/	25 KB 26 KB	112ms 110ms	Image image/webp	172.67.139.222 CLOUDFLARENET
General Check archive.org Show headers Download Go to Show image Full URL https://onex-kz-bet.com/assets-ucp/E8YY/sd4a992eae4c6ef1f4021232eac8e1858/_r0x408_webp Protocol H3 Security QUIC, , AES_128_GCM Server 172.67.139.222 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash a1bb8f6243270e0251a00fba601fd8ae4f1a06520f3ee41edb7b7f53e5110c55 Request headers User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36 Referer https://onex-kz-bet.com/?__hbus=3 Response headers cf-cache-status DYNAMIC etag "67197060-643a" report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=%2Fgom%2FhxGt%2FvIClXYyo80x%2FG8NB85oEAH7%2FxcRMvP8lmBE6%2Bfw7ljzFdm7CtrUIKxLTHlDWH35o%2BkhKrq7tbDKgxEMuHq%2BUw3u2UUS1h8IyEEtMy7sziLZO9ExalAQKbQ0Ug%3D"}],"group":"cf-nel","max_age":604800} expires Sun, 03 Nov 2024 05:53:05 GMT alt-svc h3=":443"; ma=86400 server-timing cfL4;desc="?proto=QUIC&rtt=7064&sent=265&recv=91&lost=0&retrans=0&sent_bytes=289948&recv_bytes=16177&delivery_rate=3045047&cwnd=103200&unsent_bytes=0&cid=f2502731f14033a2&ts=445&x=1", cfExtPri, cfHdrFlush;dur=0 date Sun, 27 Oct 2024 05:53:05 GMT content-type image/webp last-modified Wed, 23 Oct 2024 21:53:36 GMT priority u=3,i cache-control max-age=604800 nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} cf-ray 8d906c77bb39a037-FRA accept-ranges bytes content-length 25658 server cloudflare
GET H3	200	_r0x408_webp onex-kz-bet.com/assets-ucp/E8YY/s359a158190fc95bc8bc14360f1791ad9/	25 KB 26 KB	113ms 111ms	Image image/webp	172.67.139.222 CLOUDFLARENET
General Check archive.org Show headers Download Go to Show image Full URL https://onex-kz-bet.com/assets-ucp/E8YY/s359a158190fc95bc8bc14360f1791ad9/_r0x408_webp Protocol H3 Security QUIC, , AES_128_GCM Server 172.67.139.222 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 2c2b49558c88b434145f8c725f47cfd027928278093f454d0731d16985d72590 Request headers User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36 Referer https://onex-kz-bet.com/?__hbus=3 Response headers cf-cache-status DYNAMIC etag "67197060-63f0" report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=P%2FdMI3sPya3Fi%2BBFDE7dPxl9PMYmd3PcdDSzi5hzwBoJ6sxf%2FVKlIHuz0aMOa3UGmvTCEtAaSbzS7pxg1QhKNlII0GojJAfuk1Bgd3zet3e1xbaAgIOPgzS5GrW9noT%2Bckg%3D"}],"group":"cf-nel","max_age":604800} expires Sun, 03 Nov 2024 05:53:05 GMT alt-svc h3=":443"; ma=86400 server-timing cfL4;desc="?proto=QUIC&rtt=7064&sent=298&recv=91&lost=0&retrans=0&sent_bytes=327853&recv_bytes=16177&delivery_rate=3045047&cwnd=103200&unsent_bytes=0&cid=f2502731f14033a2&ts=447&x=1", cfExtPri, cfHdrFlush;dur=0 date Sun, 27 Oct 2024 05:53:05 GMT content-type image/webp last-modified Wed, 23 Oct 2024 21:53:36 GMT priority u=3,i cache-control max-age=604800 nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} cf-ray 8d906c77bb3ca037-FRA accept-ranges bytes content-length 25584 server cloudflare
GET H3	200	link-fp.webp onex-kz-bet.com/spwa-134da71/images/icon/	200 B 859 B	92ms 90ms	Image image/webp	172.67.139.222 CLOUDFLARENET
General Check archive.org Show headers Download Go to Show image Full URL https://onex-kz-bet.com/spwa-134da71/images/icon/link-fp.webp Protocol H3 Security QUIC, , AES_128_GCM Server 172.67.139.222 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 8c66b3cb207515328ac21bdbbda1b90a74d7cac66267352048bfd7e4e1efe627 Request headers User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36 Referer https://onex-kz-bet.com/?__hbus=3 Response headers cf-cache-status MISS etag "670616a5-c8" report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=ioL3EkjFHr5JxJzenPEkjWsD3ybkYOQDobZeDxzO0PMbg0gfRgYfI5wk1CdeR14eil7oZXIRLy%2FUOZyqchfDj1SY4U95rZ%2F5bDYoTYikoHnVFVyNOVRfPkdF6Ucq4xZzflw%3D"}],"group":"cf-nel","max_age":604800} alt-svc h3=":443"; ma=86400 server-timing cfL4;desc="?proto=QUIC&rtt=6487&sent=230&recv=87&lost=0&retrans=0&sent_bytes=250218&recv_bytes=16000&delivery_rate=288989&cwnd=103200&unsent_bytes=0&cid=f2502731f14033a2&ts=431&x=1", cfExtPri, cfHdrFlush;dur=0 date Sun, 27 Oct 2024 05:53:05 GMT content-type image/webp last-modified Wed, 09 Oct 2024 05:37:41 GMT vary Accept-Encoding priority u=3,i cache-control max-age=14400 nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} cf-ray 8d906c77bb3da037-FRA accept-ranges bytes content-length 200 server cloudflare
GET H3	200	cloud.webp onex-kz-bet.com/spwa-134da71/images/icon/	244 B 909 B	93ms 92ms	Image image/webp	172.67.139.222 CLOUDFLARENET
General Check archive.org Show headers Download Go to Show image Full URL https://onex-kz-bet.com/spwa-134da71/images/icon/cloud.webp Protocol H3 Security QUIC, , AES_128_GCM Server 172.67.139.222 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 6cd9fdd3b8fdb2df17d4d09fb17006c8eb39a3df753d04d541472a4c8e708284 Request headers User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36 Referer https://onex-kz-bet.com/?__hbus=3 Response headers cf-cache-status MISS etag "670616a5-f4" report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=gc0kkQ8RHb0EyvQFJf6o8lZKcWkPq4EGPxfq%2BeB9Hqf3j1Zsykg8MQRpnb%2FL2rrhjwSc5Lq1LU%2Bz%2FuEOcTw1gWHah8LTwaWURaK0ngx6y21jxXsVvq%2BbwMdbwkRza%2BdELQo%3D"}],"group":"cf-nel","max_age":604800} alt-svc h3=":443"; ma=86400 server-timing cfL4;desc="?proto=QUIC&rtt=6487&sent=215&recv=87&lost=0&retrans=0&sent_bytes=234971&recv_bytes=16000&delivery_rate=288989&cwnd=103200&unsent_bytes=0&cid=f2502731f14033a2&ts=428&x=1", cfExtPri, cfHdrFlush;dur=0 date Sun, 27 Oct 2024 05:53:05 GMT content-type image/webp last-modified Wed, 09 Oct 2024 05:37:41 GMT vary Accept-Encoding priority u=3,i cache-control max-age=14400 nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} cf-ray 8d906c77bb3ea037-FRA accept-ranges bytes content-length 244 server cloudflare
GET H3	200	_r64x64_webp onex-kz-bet.com/assets-ucp/E8YY/c67196bef020cc259b8f5ef056c6fa135f23b881787ec9/	1 KB 2 KB	85ms 84ms	Image image/webp	172.67.139.222 CLOUDFLARENET
General Check archive.org Show headers Download Go to Show image Full URL https://onex-kz-bet.com/assets-ucp/E8YY/c67196bef020cc259b8f5ef056c6fa135f23b881787ec9/_r64x64_webp Protocol H3 Security QUIC, , AES_128_GCM Server 172.67.139.222 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 67899f0a32e01c13ceca9243a2429db5409307487cc2f1853891796ffa278fda Request headers User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36 Referer https://onex-kz-bet.com/?__hbus=3 Response headers cf-cache-status DYNAMIC etag "671971dc-598" report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=qVrpIB8mhH%2BfNnLGwogAEJFjm%2FMN7omX%2FbCTdbC7%2BP%2BRPmrSHNaln9xhuVTR3cUZxyq8DFc%2FxwI0l9GOAqwU5fFz64dd3S7iB5FoS5u%2BxscB0FB0agT723HzvxzMo8GqGu8%3D"}],"group":"cf-nel","max_age":604800} expires Sun, 03 Nov 2024 05:53:05 GMT alt-svc h3=":443"; ma=86400 server-timing cfL4;desc="?proto=QUIC&rtt=6487&sent=207&recv=87&lost=0&retrans=0&sent_bytes=226919&recv_bytes=16000&delivery_rate=288989&cwnd=103200&unsent_bytes=0&cid=f2502731f14033a2&ts=425&x=1", cfExtPri, cfHdrFlush;dur=0 date Sun, 27 Oct 2024 05:53:05 GMT content-type image/webp last-modified Wed, 23 Oct 2024 21:59:56 GMT priority u=3,i cache-control max-age=604800 nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} cf-ray 8d906c77bb3fa037-FRA accept-ranges bytes content-length 1432 server cloudflare
GET H3	200	_r64x64_webp onex-kz-bet.com/assets-ucp/E8YY/c67196ca4e2fd133d64b9d4704e0345d39e1650d888fdd/	1 KB 2 KB	83ms 82ms	Image image/webp	172.67.139.222 CLOUDFLARENET
General Check archive.org Show headers Download Go to Show image Full URL https://onex-kz-bet.com/assets-ucp/E8YY/c67196ca4e2fd133d64b9d4704e0345d39e1650d888fdd/_r64x64_webp Protocol H3 Security QUIC, , AES_128_GCM Server 172.67.139.222 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 547f3eb22908dbf71a6e6bd967c93c9e2fc2423fbdd59b17582af634982d1ce9 Request headers User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36 Referer https://onex-kz-bet.com/?__hbus=3 Response headers cf-cache-status DYNAMIC etag "671973a8-556" report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=g%2F7dnbIEwrRkxyx4jAq9cdZxNu9gkfy1XB9eOnqOEeBGfBw3tQTDSqmEI3FLq7M1roaJl6sKTxqkRO6cKGGYq4k5bWOTHDucViV2OKB25t95jQDC881x%2F8N9ruLrUnjqaho%3D"}],"group":"cf-nel","max_age":604800} expires Sun, 03 Nov 2024 05:53:05 GMT alt-svc h3=":443"; ma=86400 server-timing cfL4;desc="?proto=QUIC&rtt=6487&sent=209&recv=87&lost=0&retrans=0&sent_bytes=229071&recv_bytes=16000&delivery_rate=288989&cwnd=103200&unsent_bytes=0&cid=f2502731f14033a2&ts=426&x=1", cfExtPri, cfHdrFlush;dur=0 date Sun, 27 Oct 2024 05:53:05 GMT content-type image/webp last-modified Wed, 23 Oct 2024 22:07:36 GMT priority u=3,i cache-control max-age=604800 nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} cf-ray 8d906c77bb40a037-FRA accept-ranges bytes content-length 1366 server cloudflare
GET H3	200	_r64x64_webp onex-kz-bet.com/assets-ucp/E8YY/c67196cca039b4f20190c3623075855425c61c0ea508d8/	1 KB 2 KB	94ms 93ms	Image image/webp	172.67.139.222 CLOUDFLARENET
General Check archive.org Show headers Download Go to Show image Full URL https://onex-kz-bet.com/assets-ucp/E8YY/c67196cca039b4f20190c3623075855425c61c0ea508d8/_r64x64_webp Protocol H3 Security QUIC, , AES_128_GCM Server 172.67.139.222 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash f8a33d1c9bf7773ffb8b8f6a1f156de7cb9e701516b98ee0a0108add505d4fef Request headers User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36 Referer https://onex-kz-bet.com/?__hbus=3 Response headers cf-cache-status DYNAMIC etag "67197224-50e" report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=6vUvscn%2BehoMyR8VsXRINHdDV0J7rp4k4OCstsQoIkiwlXWz4MW%2BRsYTKn6CbUQcTIZKWKv85SS9TY%2F6HygfEeGiuHH6bB9KlLl4EP3ljP1z2pA2pa95o%2BILigH6p%2B4JfZs%3D"}],"group":"cf-nel","max_age":604800} expires Sun, 03 Nov 2024 05:53:05 GMT alt-svc h3=":443"; ma=86400 server-timing cfL4;desc="?proto=QUIC&rtt=6487&sent=216&recv=87&lost=0&retrans=0&sent_bytes=235903&recv_bytes=16000&delivery_rate=288989&cwnd=103200&unsent_bytes=0&cid=f2502731f14033a2&ts=429&x=1", cfExtPri, cfHdrFlush;dur=0 date Sun, 27 Oct 2024 05:53:05 GMT content-type image/webp last-modified Wed, 23 Oct 2024 22:01:08 GMT priority u=3,i cache-control max-age=604800 nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} cf-ray 8d906c77bb42a037-FRA accept-ranges bytes content-length 1294 server cloudflare
GET H3	200	_r64x64_webp onex-kz-bet.com/assets-ucp/E8YY/c67196be3ba3def0786856ac0384de7a86e29e9fcadebd/	1 KB 2 KB	97ms 95ms	Image image/webp	172.67.139.222 CLOUDFLARENET
General Check archive.org Show headers Download Go to Show image Full URL https://onex-kz-bet.com/assets-ucp/E8YY/c67196be3ba3def0786856ac0384de7a86e29e9fcadebd/_r64x64_webp Protocol H3 Security QUIC, , AES_128_GCM Server 172.67.139.222 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 8b2ad173ab2b999e2e73f7f4ba91fdeb91c62da77deeb07c287f44c3a24eca5e Request headers User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36 Referer https://onex-kz-bet.com/?__hbus=3 Response headers cf-cache-status DYNAMIC etag "671971f5-546" report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=1wN0jFDqs1xBl454BeTGygPpcKJgQEfQAbHf5L775g%2BJ%2BjBNbqkWqpIdtnyTVP83Ql4ihK0R511KS2hAL1nZdLxzUw12Zna7Bg2pDBk5j6UjL8cKYmMP3UxmpcMt0srBKdY%3D"}],"group":"cf-nel","max_age":604800} expires Sun, 03 Nov 2024 05:53:05 GMT alt-svc h3=":443"; ma=86400 server-timing cfL4;desc="?proto=QUIC&rtt=6487&sent=227&recv=87&lost=0&retrans=0&sent_bytes=248132&recv_bytes=16000&delivery_rate=288989&cwnd=103200&unsent_bytes=0&cid=f2502731f14033a2&ts=430&x=1", cfExtPri, cfHdrFlush;dur=0 date Sun, 27 Oct 2024 05:53:05 GMT content-type image/webp last-modified Wed, 23 Oct 2024 22:00:21 GMT priority u=3,i cache-control max-age=604800 nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} cf-ray 8d906c77bb44a037-FRA accept-ranges bytes content-length 1350 server cloudflare
GET H3	200	_r64x64_webp onex-kz-bet.com/assets-ucp/E8YY/c67196bbf3e4be2383b9ae0a78c00c93bbd5f0853dc92d/	1 KB 2 KB	89ms 87ms	Image image/webp	172.67.139.222 CLOUDFLARENET
General Check archive.org Show headers Download Go to Show image Full URL https://onex-kz-bet.com/assets-ucp/E8YY/c67196bbf3e4be2383b9ae0a78c00c93bbd5f0853dc92d/_r64x64_webp Protocol H3 Security QUIC, , AES_128_GCM Server 172.67.139.222 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 755cf46d7314302c1c4a91475952c45b5a2946e570fbb2ae04ddf4ade913848d Request headers User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36 Referer https://onex-kz-bet.com/?__hbus=3 Response headers cf-cache-status DYNAMIC etag "67197060-4d0" report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=GEc%2F1oludAnAUPcDEMNfizTpBp22%2FwLNDEX7VZy17XECtpkLdzRpSxey51Di7Ja1ZFS914D0pjbtxaAe30d1jV75%2Fopym2d5j9nha39k7Qq%2BKgIPqHc%2B%2Binr%2B7IOyADY6WY%3D"}],"group":"cf-nel","max_age":604800} expires Sun, 03 Nov 2024 05:53:05 GMT alt-svc h3=":443"; ma=86400 server-timing cfL4;desc="?proto=QUIC&rtt=6487&sent=211&recv=87&lost=0&retrans=0&sent_bytes=231150&recv_bytes=16000&delivery_rate=288989&cwnd=103200&unsent_bytes=0&cid=f2502731f14033a2&ts=427&x=1", cfExtPri, cfHdrFlush;dur=0 date Sun, 27 Oct 2024 05:53:05 GMT content-type image/webp last-modified Wed, 23 Oct 2024 21:53:36 GMT priority u=3,i cache-control max-age=604800 nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} cf-ray 8d906c77bb46a037-FRA accept-ranges bytes content-length 1232 server cloudflare
POST H3	200	event Show response onex-kz-bet.com/api/	38 B 668 B	106ms 104ms	Fetch application/json	172.67.139.222 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://onex-kz-bet.com/api/event?event=view Requested by Host: onex-kz-bet.com URL: https://onex-kz-bet.com/spwa-134da71/static/js/main.ae2998b5.js Protocol H3 Security QUIC, , AES_128_GCM Server 172.67.139.222 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 4ab3d080324134c728ec1e0ecb391ac421c97ff972594fc94b5628ea8fc60e4b Request headers Referer https://onex-kz-bet.com/?__hbus=3 User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36 Accept application/json Content-Type application/json Response headers nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} content-encoding gzip cf-cache-status DYNAMIC report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=IxlxaFG8QT68RLdH6514UzGfP4B920gIB2aiXs55PO8F3GDZ4%2BhazSF7lblrHO%2B9jFPl2wkrMgMDtk2xcp7EzEFDaE0DVuvskQsrEm4mk6loBLBbL7bGEJcjDEHYSDzQBVw%3D"}],"group":"cf-nel","max_age":604800} cf-ray 8d906c77bb47a037-FRA alt-svc h3=":443"; ma=86400 server-timing cfL4;desc="?proto=QUIC&rtt=6771&sent=231&recv=89&lost=0&retrans=0&sent_bytes=251100&recv_bytes=16088&delivery_rate=1131330&cwnd=103200&unsent_bytes=0&cid=f2502731f14033a2&ts=438&x=1", cfExtPri, cfHdrFlush;dur=0 content-length 56 date Sun, 27 Oct 2024 05:53:05 GMT content-type application/json; charset=UTF-8 vary accept-encoding server cloudflare priority u=1,i
GET H3	200	4UaRrENHsxJlGDuGo1OIlJfC6mGS6vhAK1YobMu2vgCI.woff2 fonts.gstatic.com/s/googlesans/v29/	24 KB 24 KB	119ms 73ms	Font font/woff2	142.250.74.195 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://fonts.gstatic.com/s/googlesans/v29/4UaRrENHsxJlGDuGo1OIlJfC6mGS6vhAK1YobMu2vgCI.woff2 Requested by Host: onex-kz-bet.com URL: https://onex-kz-bet.com/spwa-134da71/static/css/main.b518af5c.css Protocol H3 Security QUIC, , AES_128_GCM Server 142.250.74.195 Plainview, United States, ASN15169 (GOOGLE, US), Reverse DNS fra24s02-in-f3.1e100.net Software sffe / Resource Hash d4a4a801c412a8324a19f21511a7880815b373628e66016bc1785a5a85e0afb0 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36 Origin https://onex-kz-bet.com Referer https://onex-kz-bet.com/ Response headers age 428046 report-to {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]} x-content-type-options nosniff expires Wed, 22 Oct 2025 06:58:59 GMT alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 date Tue, 22 Oct 2024 06:58:59 GMT last-modified Tue, 23 Feb 2021 01:47:47 GMT content-type font/woff2 cache-control public, max-age=31536000 timing-allow-origin * cross-origin-opener-policy same-origin; report-to="apps-themes" cross-origin-resource-policy cross-origin content-security-policy-report-only require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes accept-ranges bytes access-control-allow-origin * content-length 24652 x-xss-protection 0 server sffe
GET H3	200	KFOmCnqEu92Fr1Mu5mxKOzY.woff2 fonts.gstatic.com/s/roboto/v18/	10 KB 10 KB	133ms 87ms	Font font/woff2	142.250.74.195 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://fonts.gstatic.com/s/roboto/v18/KFOmCnqEu92Fr1Mu5mxKOzY.woff2 Requested by Host: onex-kz-bet.com URL: https://onex-kz-bet.com/spwa-134da71/static/css/main.b518af5c.css Protocol H3 Security QUIC, , AES_128_GCM Server 142.250.74.195 Plainview, United States, ASN15169 (GOOGLE, US), Reverse DNS fra24s02-in-f3.1e100.net Software sffe / Resource Hash 53f2931d978bf9b24d43b5d556ecf315a6b3f089699c5ba3a954c4dde8663361 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36 Origin https://onex-kz-bet.com Referer https://onex-kz-bet.com/ Response headers age 392581 report-to {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]} x-content-type-options nosniff expires Wed, 22 Oct 2025 16:50:04 GMT alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 date Tue, 22 Oct 2024 16:50:04 GMT last-modified Mon, 16 Oct 2017 17:32:49 GMT content-type font/woff2 cache-control public, max-age=31536000 timing-allow-origin * cross-origin-opener-policy same-origin; report-to="apps-themes" cross-origin-resource-policy cross-origin content-security-policy-report-only require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes accept-ranges bytes access-control-allow-origin * content-length 9832 x-xss-protection 0 server sffe
GET H3	200	Gw6kwdfw6UnXLJCcmafZyFRXb3BL9rvi0QZG3Q.woff2 fonts.gstatic.com/s/googlematerialicons/v137/	227 KB 227 KB	105ms 59ms	Font font/woff2	142.250.74.195 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://fonts.gstatic.com/s/googlematerialicons/v137/Gw6kwdfw6UnXLJCcmafZyFRXb3BL9rvi0QZG3Q.woff2 Requested by Host: onex-kz-bet.com URL: https://onex-kz-bet.com/spwa-134da71/static/css/main.b518af5c.css Protocol H3 Security QUIC, , AES_128_GCM Server 142.250.74.195 Plainview, United States, ASN15169 (GOOGLE, US), Reverse DNS fra24s02-in-f3.1e100.net Software sffe / Resource Hash 9a0782a9b3c97cbe256803fd198d86427e2b1b40b85c93bc3a8e34a1be6d37bf Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36 Origin https://onex-kz-bet.com Referer https://onex-kz-bet.com/ Response headers age 393884 report-to {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]} x-content-type-options nosniff expires Wed, 22 Oct 2025 16:28:21 GMT alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 date Tue, 22 Oct 2024 16:28:21 GMT last-modified Mon, 08 May 2023 17:53:09 GMT content-type font/woff2 cache-control public, max-age=31536000 timing-allow-origin * cross-origin-opener-policy same-origin; report-to="apps-themes" cross-origin-resource-policy cross-origin content-security-policy-report-only require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes accept-ranges bytes access-control-allow-origin * content-length 232676 x-xss-protection 0 server sffe
GET H3	200	KFOmCnqEu92Fr1Mu4mxK.woff2 fonts.gstatic.com/s/roboto/v18/	15 KB 15 KB	91ms 46ms	Font font/woff2	142.250.74.195 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://fonts.gstatic.com/s/roboto/v18/KFOmCnqEu92Fr1Mu4mxK.woff2 Requested by Host: onex-kz-bet.com URL: https://onex-kz-bet.com/spwa-134da71/static/css/main.b518af5c.css Protocol H3 Security QUIC, , AES_128_GCM Server 142.250.74.195 Plainview, United States, ASN15169 (GOOGLE, US), Reverse DNS fra24s02-in-f3.1e100.net Software sffe / Resource Hash 3e253b66056519aa065b00a453bac37ac5ed8f3e6fe7b542e93a9dcdcc11d0bc Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36 Origin https://onex-kz-bet.com Referer https://onex-kz-bet.com/ Response headers age 394399 report-to {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]} x-content-type-options nosniff expires Wed, 22 Oct 2025 16:19:46 GMT alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 date Tue, 22 Oct 2024 16:19:46 GMT last-modified Mon, 16 Oct 2017 17:32:55 GMT content-type font/woff2 cache-control public, max-age=31536000 timing-allow-origin * cross-origin-opener-policy same-origin; report-to="apps-themes" cross-origin-resource-policy cross-origin content-security-policy-report-only require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes accept-ranges bytes access-control-allow-origin * content-length 15344 x-xss-protection 0 server sffe
GET H3	200	4UaRrENHsxJlGDuGo1OIlJfC6mGS6vhAK1YobMu2ugCIlsw.woff2 fonts.gstatic.com/s/googlesans/v29/	13 KB 13 KB	100ms 54ms	Font font/woff2	142.250.74.195 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://fonts.gstatic.com/s/googlesans/v29/4UaRrENHsxJlGDuGo1OIlJfC6mGS6vhAK1YobMu2ugCIlsw.woff2 Requested by Host: onex-kz-bet.com URL: https://onex-kz-bet.com/spwa-134da71/static/css/main.b518af5c.css Protocol H3 Security QUIC, , AES_128_GCM Server 142.250.74.195 Plainview, United States, ASN15169 (GOOGLE, US), Reverse DNS fra24s02-in-f3.1e100.net Software sffe / Resource Hash 8a3375aaf95a089f54231c9b8c1f69f76344bc7c3f16468eff74351ca19a3208 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36 Origin https://onex-kz-bet.com Referer https://onex-kz-bet.com/ Response headers age 453452 report-to {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]} x-content-type-options nosniff expires Tue, 21 Oct 2025 23:55:33 GMT alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 date Mon, 21 Oct 2024 23:55:33 GMT last-modified Tue, 23 Feb 2021 01:45:34 GMT content-type font/woff2 cache-control public, max-age=31536000 timing-allow-origin * cross-origin-opener-policy same-origin; report-to="apps-themes" cross-origin-resource-policy cross-origin content-security-policy-report-only require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes accept-ranges bytes access-control-allow-origin * content-length 13376 x-xss-protection 0 server sffe
GET H3	200	_r48x48_png onex-kz-bet.com/assets-ucp/E8YY/iab6f2ba76c5891cda4ce936c75aa4b49/	7 KB 7 KB	93ms 92ms	Other image/png	172.67.139.222 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://onex-kz-bet.com/assets-ucp/E8YY/iab6f2ba76c5891cda4ce936c75aa4b49/_r48x48_png Protocol H3 Security QUIC, , AES_128_GCM Server 172.67.139.222 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 1c418e243275553eb2cd2cc9ef681f5986a2b282862e46b8f1e23e46f49d73b5 Request headers User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36 Referer https://onex-kz-bet.com/?__hbus=3 Response headers cf-cache-status DYNAMIC etag "671971dc-1b61" report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=vvRyM2Wvo2zb3%2BI8%2FZ5dOJTZBnDng6gCET0WpiHuETDHSCH269lXkx%2F5nPo6DqkdFUjhlWCy1khrgqLl7ZTNR6xFHVmfknIabDD8%2BoEZ%2F4H62YfTFC6wbe%2Bd8MNQI8qYACU%3D"}],"group":"cf-nel","max_age":604800} expires Sun, 03 Nov 2024 05:53:05 GMT alt-svc h3=":443"; ma=86400 server-timing cfL4;desc="?proto=QUIC&rtt=7064&sent=247&recv=91&lost=0&retrans=0&sent_bytes=269411&recv_bytes=16177&delivery_rate=3045047&cwnd=103200&unsent_bytes=0&cid=f2502731f14033a2&ts=442&x=1", cfExtPri, cfHdrFlush;dur=0 date Sun, 27 Oct 2024 05:53:05 GMT content-type image/png last-modified Wed, 23 Oct 2024 21:59:56 GMT priority u=1,i cache-control max-age=604800 nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} cf-ray 8d906c77cb5ea037-FRA accept-ranges bytes content-length 7009 server cloudflare
GET H3	200	manifest.json onex-kz-bet.com/	5 KB 1 KB	73ms 72ms	Manifest application/json	172.67.139.222 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://onex-kz-bet.com/manifest.json Requested by Host: onex-kz-bet.com URL: https://onex-kz-bet.com/spwa-134da71/static/js/main.ae2998b5.js Protocol H3 Security QUIC, , AES_128_GCM Server 172.67.139.222 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 29fe70b028668660005a9f711b07ac0a1d4414c9e8a5278fec6b0270fe9ebe30 Request headers User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36 Referer https://onex-kz-bet.com/?__hbus=3 Response headers cache-control private, max-age=3600 nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} content-encoding gzip cf-cache-status DYNAMIC report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=xkVKYQ0PfCYxN7OcHL9mjSQa%2BLC4GEv7NTphVZXaWIh%2B1n7%2FR1KkKcNPClDrM6RsxYCDJ6n5BYMjkmJAEUD1ywa4uYMwOlzUGEUfaSOYlLblyIfpcx2tDB896eVm0gkb0u0%3D"}],"group":"cf-nel","max_age":604800} cf-ray 8d906c786bbba037-FRA alt-svc h3=":443"; ma=86400 server-timing cfL4;desc="?proto=QUIC&rtt=7612&sent=323&recv=103&lost=0&retrans=0&sent_bytes=354728&recv_bytes=17501&delivery_rate=12326242&cwnd=114000&unsent_bytes=0&cid=f2502731f14033a2&ts=530&x=1", cfExtPri, cfHdrFlush;dur=0 content-length 878 date Sun, 27 Oct 2024 05:53:05 GMT content-type application/json; charset=UTF-8 vary accept-encoding server cloudflare priority u=2,i=?0
GET H3	200	fbevents.js Show response connect.facebook.net/en_US/	229 KB 58 KB	25ms 8ms	Script application/x-javascript	157.240.0.6 FACEBOOK
General Check archive.org Show headers Download Go to Full URL https://connect.facebook.net/en_US/fbevents.js Requested by Host: onex-kz-bet.com URL: https://onex-kz-bet.com/ Protocol H3 Security QUIC, , AES_128_GCM Server 157.240.0.6 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US), Reverse DNS xx-fbcdn-shv-02-fra3.fbcdn.net Software / Resource Hash eab9cbb1928a9de3ed2b7164ea7215b1ee0c9d7584d04aac97fe5b6798140c48 Security Headers Name Value Content-Security-Policy default-src 'self' data: blob: facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;script-src 'nonce-NsYbzAd7' *.fbcdn.net *.facebook.net blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';img-src 'self' data: blob: facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;require-trusted-types-for 'script'; Strict-Transport-Security max-age=31536000; preload; includeSubDomains X-Content-Type-Options nosniff X-Frame-Options DENY X-Xss-Protection 0 Request headers User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36 Referer https://onex-kz-bet.com/ Response headers content-encoding gzip report-to {"max_age":2592000,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coop\/?minimize=0"}],"group":"coop_report","include_subdomains":true}, {"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coep\/?minimize=0"}],"group":"coep_report"}, {"max_age":21600,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/"}],"group":"permissions_policy"} x-content-type-options nosniff expires Sat, 01 Jan 2000 00:00:00 GMT alt-svc h3=":443"; ma=86400 date Sun, 27 Oct 2024 05:53:05 GMT content-type application/x-javascript; charset=utf-8 vary Accept-Encoding cross-origin-embedder-policy-report-only require-corp;report-to="coep_report" priority u=3,i x-frame-options DENY strict-transport-security max-age=31536000; preload; includeSubDomains reporting-endpoints coop_report="https://www.facebook.com/browser_reporting/coop/?minimize=0", coep_report="https://www.facebook.com/browser_reporting/coep/?minimize=0", permissions_policy="https://www.facebook.com/ajax/browser_error_reports/" content-security-policy default-src 'self' data: blob: facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;script-src 'nonce-NsYbzAd7' *.fbcdn.net *.facebook.net blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';img-src 'self' data: blob: facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;require-trusted-types-for 'script'; cache-control public, max-age=1200 timing-allow-origin * cross-origin-opener-policy same-origin-allow-popups x-fb-connection-quality EXCELLENT; q=0.9, rtt=6, rtx=0, c=23, mss=1232, tbw=4440, tp=9, tpl=0, uplat=0, ullat=-1 pragma public x-fb-debug xTmqtMazHlNMluVi1+fWyB2Bse7rNnsfCjk2NRUg2nrNT+JodIJGRMmBG9yJAaufJJSsty+70SeYMh4TP2e2PQ== cross-origin-resource-policy cross-origin permissions-policy accelerometer=(), attribution-reporting=(), autoplay=(), bluetooth=(), camera=(), ch-device-memory=(), ch-downlink=(), ch-dpr=(), ch-ect=(), ch-rtt=(), ch-save-data=(), ch-ua-arch=(), ch-ua-bitness=(), ch-viewport-height=(), ch-viewport-width=(), ch-width=(), clipboard-read=(), clipboard-write=(), compute-pressure=(), display-capture=(), encrypted-media=(), fullscreen=(self), gamepad=(), geolocation=(), gyroscope=(), hid=(), idle-detection=(), interest-cohort=(), keyboard-map=(), local-fonts=(), magnetometer=(), microphone=(), midi=(), otp-credentials=(), payment=(), picture-in-picture=(), private-state-token-issuance=(), publickey-credentials-get=(), screen-wake-lock=(), serial=(), shared-storage=(), shared-storage-select-url=(), private-state-token-redemption=(), usb=(), unload=(self), window-management=(), xr-spatial-tracking=();report-to="permissions_policy" document-policy force-load-at-top content-length 59722 x-xss-protection 0 origin-agent-cluster ?1
GET H3	200	1060332434981491 Show response connect.facebook.net/signals/config/	67 KB 0	145ms 145ms	Script application/x-javascript
General Check archive.org Show headers Download Go to Full URL https://connect.facebook.net/signals/config/1060332434981491?v=2.9.174&r=stable&domain=onex-kz-bet.com&hme=ead923021ccd3483ef3b9b04703d0a78b943fbdc01e8d7cec21c5059f1f4a5e9&ex_m=70%2C121%2C107%2C111%2C61%2C4%2C100%2C69%2C16%2C97%2C89%2C51%2C54%2C172%2C175%2C187%2C183%2C184%2C186%2C29%2C101%2C53%2C77%2C185%2C167%2C170%2C180%2C181%2C188%2C131%2C41%2C189%2C190%2C34%2C143%2C15%2C50%2C194%2C193%2C133%2C18%2C40%2C1%2C43%2C65%2C66%2C67%2C71%2C93%2C17%2C14%2C96%2C92%2C91%2C108%2C52%2C110%2C39%2C109%2C30%2C94%2C26%2C168%2C171%2C140%2C86%2C56%2C84%2C33%2C73%2C0%2C95%2C32%2C28%2C82%2C83%2C88%2C47%2C46%2C87%2C37%2C11%2C12%2C13%2C6%2C7%2C25%2C22%2C23%2C57%2C62%2C64%2C75%2C102%2C27%2C76%2C9%2C8%2C80%2C48%2C21%2C104%2C103%2C105%2C98%2C10%2C20%2C3%2C38%2C74%2C19%2C5%2C90%2C81%2C44%2C35%2C85%2C2%2C36%2C63%2C42%2C106%2C45%2C79%2C68%2C112%2C60%2C59%2C31%2C99%2C58%2C55%2C49%2C78%2C72%2C24%2C113 Requested by Host: connect.facebook.net URL: https://connect.facebook.net/en_US/fbevents.js Protocol H3 Server -, , ASN (), Reverse DNS Software / Resource Hash 6becf73cfcb6bbe212d27aee48764824b80dda042223e671590dacecf3af59c0 Security Headers Name Value Content-Security-Policy default-src 'self' data: blob: facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;script-src 'nonce-1y5bwVME' *.fbcdn.net *.facebook.net blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';img-src 'self' data: blob: facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;require-trusted-types-for 'script'; Strict-Transport-Security max-age=31536000; preload; includeSubDomains X-Content-Type-Options nosniff X-Frame-Options DENY X-Xss-Protection 0 Request headers User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36 Referer https://onex-kz-bet.com/ Response headers content-encoding gzip report-to {"max_age":2592000,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coop\/?minimize=0"}],"group":"coop_report","include_subdomains":true}, {"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coep\/?minimize=0"}],"group":"coep_report"}, {"max_age":21600,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/"}],"group":"permissions_policy"} x-content-type-options nosniff expires Sat, 01 Jan 2000 00:00:00 GMT alt-svc h3=":443"; ma=86400 date Sun, 27 Oct 2024 05:53:06 GMT content-type application/x-javascript; charset=utf-8 vary Accept-Encoding cross-origin-embedder-policy-report-only require-corp;report-to="coep_report" priority u=3,i x-fb-debug zVnOOPfdmQiaSBQVKX2SjCgC6FBMCkpzsokqcpd/GHmnrnnQtSnFaiDj/08btBur8TkhLDH7wt73vTcH90bUGg== x-frame-options DENY strict-transport-security max-age=31536000; preload; includeSubDomains reporting-endpoints coop_report="https://www.facebook.com/browser_reporting/coop/?minimize=0", coep_report="https://www.facebook.com/browser_reporting/coep/?minimize=0", permissions_policy="https://www.facebook.com/ajax/browser_error_reports/" content-security-policy default-src 'self' data: blob: facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;script-src 'nonce-1y5bwVME' *.fbcdn.net *.facebook.net blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';img-src 'self' data: blob: facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;require-trusted-types-for 'script'; cache-control public, max-age=1200 timing-allow-origin * cross-origin-opener-policy same-origin-allow-popups x-fb-connection-quality EXCELLENT; q=0.9, rtt=6, rtx=0, c=75, mss=1232, tbw=67894, tp=64, tpl=0, uplat=135, ullat=0 pragma public cross-origin-resource-policy cross-origin permissions-policy accelerometer=(), attribution-reporting=(), autoplay=(), bluetooth=(), camera=(), ch-device-memory=(), ch-downlink=(), ch-dpr=(), ch-ect=(), ch-rtt=(), ch-save-data=(), ch-ua-arch=(), ch-ua-bitness=(), ch-viewport-height=(), ch-viewport-width=(), ch-width=(), clipboard-read=(), clipboard-write=(), compute-pressure=(), display-capture=(), encrypted-media=(), fullscreen=(self), gamepad=(), geolocation=(), gyroscope=(), hid=(), idle-detection=(), interest-cohort=(), keyboard-map=(), local-fonts=(), magnetometer=(), microphone=(), midi=(), otp-credentials=(), payment=(), picture-in-picture=(), private-state-token-issuance=(), publickey-credentials-get=(), screen-wake-lock=(), serial=(), shared-storage=(), shared-storage-select-url=(), private-state-token-redemption=(), usb=(), unload=(self), window-management=(), xr-spatial-tracking=();report-to="permissions_policy" document-policy force-load-at-top x-xss-protection 0 origin-agent-cluster ?1
GET H2	200	/ www.facebook.com/tr/	0 0	32ms 32ms	Image text/plain
General Check archive.org Show headers Download Go to Show image Full URL https://www.facebook.com/tr/?id=1060332434981491&ev=PageView&dl=https%3A%2F%2Fonex-kz-bet.com%2F%3F__hbus%3D3&rl=&if=false&ts=1730008386058&sw=1600&sh=1200&ud[external_id]=fc13e0744f28bc25e595f2d76b4ca2a41ec023496b8fd9976c826f18ee4a176e&v=2.9.174&r=stable&ec=0&o=4126&fbp=fb.1.1730008386057.281245177379896142&ler=empty&cdl=API_unavailable&it=1730008385901&coo=false&rqm=GET Protocol H2 Server -, , ASN (), Reverse DNS Software proxygen-bolt / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Security Headers Name Value Strict-Transport-Security max-age=31536000; includeSubDomains Request headers User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36 Referer https://onex-kz-bet.com/ Response headers strict-transport-security max-age=31536000; includeSubDomains x-fb-connection-quality EXCELLENT; q=0.9, rtt=5, rtx=0, c=10, mss=1368, tbw=2933, tp=-1, tpl=-1, uplat=0, ullat=0 cross-origin-resource-policy cross-origin access-control-allow-credentials true alt-svc h3=":443"; ma=86400 access-control-allow-origin content-length 0 date Sun, 27 Oct 2024 05:53:06 GMT content-type text/plain server proxygen-bolt
GET H2	200	/ www.facebook.com/privacy_sandbox/pixel/register/trigger/	67 B 0	176ms 176ms	Image image/png
General Check archive.org Show headers Download Go to Show image Full URL https://www.facebook.com/privacy_sandbox/pixel/register/trigger/?id=1060332434981491&ev=PageView&dl=https%3A%2F%2Fonex-kz-bet.com%2F%3F__hbus%3D3&rl=&if=false&ts=1730008386058&sw=1600&sh=1200&ud[external_id]=fc13e0744f28bc25e595f2d76b4ca2a41ec023496b8fd9976c826f18ee4a176e&v=2.9.174&r=stable&ec=0&o=4126&fbp=fb.1.1730008386057.281245177379896142&ler=empty&cdl=API_unavailable&it=1730008385901&coo=false&rqm=FGET Protocol H2 Server -, , ASN (), Reverse DNS Software / Resource Hash aa7b6c81e85551eeb5c4809f1e683efa0b780c33d12ddfc2067a1b136803e45a Security Headers Name Value Content-Security-Policy default-src data: blob: 'self' https://*.fbsbx.com 'unsafe-inline' *.facebook.com *.fbcdn.net 'unsafe-eval';script-src *.facebook.com *.fbcdn.net *.facebook.net 127.0.0.1:* 'unsafe-inline' blob: data: 'self' connect.facebook.net 'unsafe-eval' https://*.google-analytics.com *.google.com;style-src *.fbcdn.net data: *.facebook.com 'unsafe-inline' https://fonts.googleapis.com;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' http://localhost:3103 wss://gateway.facebook.com wss://edge-chat.facebook.com wss://snaptu-d.facebook.com wss://kaios-d.facebook.com/ v.whatsapp.net *.fbsbx.com *.fb.com https://*.google-analytics.com;font-src data: *.facebook.com *.fbcdn.net *.fbsbx.com https://fonts.gstatic.com;img-src *.fbcdn.net *.facebook.com data: https://*.fbsbx.com facebook.com *.cdninstagram.com fbsbx.com fbcdn.net connect.facebook.net *.carriersignal.info blob: android-webview-video-poster: *.whatsapp.net *.fb.com *.oculuscdn.com *.tenor.co *.tenor.com *.giphy.com https://paywithmybank.com/ https://*.paywithmybank.com/ https://www.googleadservices.com https://googleads.g.doubleclick.net https://*.google-analytics.com;media-src *.cdninstagram.com blob: *.fbcdn.net *.fbsbx.com www.facebook.com *.facebook.com data: *.tenor.co *.tenor.com https://*.giphy.com;frame-src *.facebook.com *.fbsbx.com fbsbx.com data: www.instagram.com *.fbcdn.net https://paywithmybank.com/ https://*.paywithmybank.com/ https://www.googleadservices.com https://googleads.g.doubleclick.net https://www.google.com https://td.doubleclick.net *.google.com *.doubleclick.net;worker-src blob: *.facebook.com data:;block-all-mixed-content;upgrade-insecure-requests; Strict-Transport-Security max-age=15552000; preload X-Content-Type-Options nosniff X-Frame-Options DENY X-Xss-Protection 0 Request headers User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36 Referer https://onex-kz-bet.com/ Response headers content-encoding zstd report-to {"max_age":2592000,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coop\/?minimize=0"}],"group":"coop_report","include_subdomains":true}, {"max_age":259200,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/?device_level=unknown&brsid=7430329440741466894"}]}, {"max_age":21600,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/"}],"group":"permissions_policy"} x-content-type-options nosniff expires Sat, 01 Jan 2000 00:00:00 GMT alt-svc h3=":443"; ma=86400 date Sun, 27 Oct 2024 05:53:06 GMT content-type image/png vary Accept-Encoding x-fb-debug m0hsw8mUateKD34BU+JfX8TWJrNStb1v6FzONzagJVHoUT8+AhcGs+79qyQzSn5V4I5EnxjMNVRPJ+3GZSNqcw== x-frame-options DENY strict-transport-security max-age=15552000; preload reporting-endpoints coop_report="https://www.facebook.com/browser_reporting/coop/?minimize=0", default="https://www.facebook.com/ajax/browser_error_reports/?device_level=unknown&brsid=7430329440741466894", permissions_policy="https://www.facebook.com/ajax/browser_error_reports/" content-security-policy default-src data: blob: 'self' https://*.fbsbx.com 'unsafe-inline' *.facebook.com *.fbcdn.net 'unsafe-eval';script-src *.facebook.com *.fbcdn.net *.facebook.net 127.0.0.1:* 'unsafe-inline' blob: data: 'self' connect.facebook.net 'unsafe-eval' https://*.google-analytics.com *.google.com;style-src *.fbcdn.net data: *.facebook.com 'unsafe-inline' https://fonts.googleapis.com;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' http://localhost:3103 wss://gateway.facebook.com wss://edge-chat.facebook.com wss://snaptu-d.facebook.com wss://kaios-d.facebook.com/ v.whatsapp.net *.fbsbx.com *.fb.com https://*.google-analytics.com;font-src data: *.facebook.com *.fbcdn.net *.fbsbx.com https://fonts.gstatic.com;img-src *.fbcdn.net *.facebook.com data: https://*.fbsbx.com facebook.com *.cdninstagram.com fbsbx.com fbcdn.net connect.facebook.net *.carriersignal.info blob: android-webview-video-poster: *.whatsapp.net *.fb.com *.oculuscdn.com *.tenor.co *.tenor.com *.giphy.com https://paywithmybank.com/ https://*.paywithmybank.com/ https://www.googleadservices.com https://googleads.g.doubleclick.net https://*.google-analytics.com;media-src *.cdninstagram.com blob: *.fbcdn.net *.fbsbx.com www.facebook.com *.facebook.com data: *.tenor.co *.tenor.com https://*.giphy.com;frame-src *.facebook.com *.fbsbx.com fbsbx.com data: www.instagram.com *.fbcdn.net https://paywithmybank.com/ https://*.paywithmybank.com/ https://www.googleadservices.com https://googleads.g.doubleclick.net https://www.google.com https://td.doubleclick.net *.google.com *.doubleclick.net;worker-src blob: *.facebook.com data:;block-all-mixed-content;upgrade-insecure-requests; cache-control private, no-store, no-cache, must-revalidate x-fb-connection-quality EXCELLENT; q=0.9, rtt=11, rtx=0, c=10, mss=1368, tbw=3250, tp=-1, tpl=-1, uplat=143, ullat=0 cross-origin-opener-policy same-origin-allow-popups pragma no-cache cross-origin-resource-policy cross-origin permissions-policy accelerometer=(), attribution-reporting=(self), autoplay=(), bluetooth=(), browsing-topics=(self), camera=(self), ch-device-memory=(), ch-downlink=(), ch-dpr=(), ch-ect=(), ch-rtt=(), ch-save-data=(), ch-ua-arch=(), ch-ua-bitness=(), ch-viewport-height=(), ch-viewport-width=(), ch-width=(), clipboard-read=(self), clipboard-write=(self), compute-pressure=(), display-capture=(self), encrypted-media=(self), fullscreen=(self), gamepad=*, geolocation=(self), gyroscope=(), hid=(), idle-detection=(), interest-cohort=(self), keyboard-map=(), local-fonts=(), magnetometer=(), microphone=(self), midi=(), otp-credentials=(), payment=(), picture-in-picture=(self), private-state-token-issuance=(), publickey-credentials-get=(self), screen-wake-lock=(), serial=(), shared-storage=(), shared-storage-select-url=(), private-state-token-redemption=(), usb=(), unload=(self), window-management=(), xr-spatial-tracking=(self);report-to="permissions_policy" document-policy force-load-at-top x-xss-protection 0 origin-agent-cluster ?0

7 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| appDataConfigs function| fbq function| _fbq object| aiswfs object| webpackChunkSkakAppPWA string| __reactRouterVersion object| registration

6 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

			Domain/Path	Expires	Name / Value
			onex-kz-bet.com/	1970-01-21 09:19:04	Name: piuidqgltsz Value: bbf48f00-9427-11ef-a939-39fff9aa5153
			onex-kz-bet.com/	1970-01-21 09:19:04	Name: pcpndijp72 Value: pwa
			onex-kz-bet.com/	1970-01-21 09:19:04	Name: pwaidte4cjv Value: E8YY
			onex-kz-bet.com/	1970-01-21 09:19:04	Name: splitiddt5rao Value: -1
			onex-kz-bet.com/	1970-01-21 09:19:04	Name: sdataf8kwoq Value: qtUl66zrv8QL7PdO8XK8LGFdaHW9a6X8
			.onex-kz-bet.com/	1970-01-21 02:43:04	Name: _fbp Value: fb.1.1730008386057.281245177379896142

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

connect.facebook.net
fonts.gstatic.com
onex-kz-bet.com
142.250.74.195
157.240.0.6
172.67.139.222
1c418e243275553eb2cd2cc9ef681f5986a2b282862e46b8f1e23e46f49d73b5
29fe70b028668660005a9f711b07ac0a1d4414c9e8a5278fec6b0270fe9ebe30
2c2b49558c88b434145f8c725f47cfd027928278093f454d0731d16985d72590
39e533174c7c49ec85fb5889ae88d2c30a3c6b76e1756d39dffebde91d36f8c6
3e253b66056519aa065b00a453bac37ac5ed8f3e6fe7b542e93a9dcdcc11d0bc
4ab3d080324134c728ec1e0ecb391ac421c97ff972594fc94b5628ea8fc60e4b
53f2931d978bf9b24d43b5d556ecf315a6b3f089699c5ba3a954c4dde8663361
547f3eb22908dbf71a6e6bd967c93c9e2fc2423fbdd59b17582af634982d1ce9
5898bbc859c2fc02d6d9a27ef5e12935914bd34fa621459efcd1bf31f463da62
6584828c6d59f40b5c6c25bb98c72d2b161f079a04e57cb6259cfafdb07e6935
67899f0a32e01c13ceca9243a2429db5409307487cc2f1853891796ffa278fda
69e87e992a7e47982e01e57e1f7d4b1367c09ea302d04b8433a434fb5a06b7c0
6becf73cfcb6bbe212d27aee48764824b80dda042223e671590dacecf3af59c0
6cd9fdd3b8fdb2df17d4d09fb17006c8eb39a3df753d04d541472a4c8e708284
755cf46d7314302c1c4a91475952c45b5a2946e570fbb2ae04ddf4ade913848d
8a3375aaf95a089f54231c9b8c1f69f76344bc7c3f16468eff74351ca19a3208
8b2ad173ab2b999e2e73f7f4ba91fdeb91c62da77deeb07c287f44c3a24eca5e
8c66b3cb207515328ac21bdbbda1b90a74d7cac66267352048bfd7e4e1efe627
9a0782a9b3c97cbe256803fd198d86427e2b1b40b85c93bc3a8e34a1be6d37bf
a1bb8f6243270e0251a00fba601fd8ae4f1a06520f3ee41edb7b7f53e5110c55
aa7b6c81e85551eeb5c4809f1e683efa0b780c33d12ddfc2067a1b136803e45a
b02af00afaf0f1f262ed8a1eb9ceacaa5707b92fb9548689c2d646edf39528ed
ce4b930e863f2311374d188e83cf1c72e31bc9c676844e34fa2416974295b252
ceb26a8f726466b1bdb9d30c032c493d0a8f1e7eede1ff85cb9d058aecc5d079
d4a4a801c412a8324a19f21511a7880815b373628e66016bc1785a5a85e0afb0
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
eab9cbb1928a9de3ed2b7164ea7215b1ee0c9d7584d04aac97fe5b6798140c48
f8a33d1c9bf7773ffb8b8f6a1f156de7cb9e701516b98ee0a0108add505d4fef