Report - playmaster.co.ke/en/ucasino

Report Overview

Submitted URL
playmaster.co.ke/en/ucasino_ms
IP
188.114.96.1
ASN
#13335 CLOUDFLARENET
Submitted
2022-11-30 04:56:35
Access
Website Title
Final URL
Tags
None
urlquery detections
No alerts detected

Detections

urlquery
0
Network Intrusion Detection
0
Threat Detection Systems
6

Domain Summary

Domain / FQDN	Rank	First Seen	Last Seen	Sent	Received	IP
ocsp.digicert.com	86	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	5.5 kB	10 kB	93.184.220.29
firefox.settings.services.mozilla.com	867	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	782 B	2.4 kB	34.102.187.140
ocsp.sectigo.com	487	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	340 B	963 B	104.18.32.68
www.google.no	25607	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	516 B	4.7 kB	142.250.74.163
r3.o.lencr.org	344	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	1.7 kB	4.4 kB	23.36.77.32
propeller-tracking.com	187053	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	372 B	3.2 kB	139.45.197.240
d1b82hscw3e9o2.cloudfront.net	unknown	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	1.3 kB	114 kB	54.230.245.85
vars.hotjar.com	1014	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	506 B	1.7 kB	143.204.55.105
maxcdn.bootstrapcdn.com	724	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	442 B	943 B	104.18.11.207
fonts.googleapis.com	8877	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	391 B	746 B	142.250.74.106
unphionetor.com	54035	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	1.3 kB	2.1 kB	139.45.197.236
www.google-analytics.com	40	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	1.2 kB	21 kB	142.250.74.110
static.hotjar.com	641	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	378 B	624 B	143.204.55.84
use.fontawesome.com	942	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	428 B	1.0 kB	172.64.132.15
cdn.onesignal.com	3015	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	374 B	496 B	104.18.225.52
playmaster.co.ke	unknown	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	15 kB	1.3 MB	104.21.21.152
ocsp.pki.goog	175	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	2.1 kB	4.2 kB	142.250.74.131
mstatic-ire1.mrslotty.com	736548	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	1.7 kB	1.4 MB	172.67.75.17
script.hotjar.com	887	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	385 B	69 kB	143.204.55.96
img-getpocket.cdn.mozilla.net	1631	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	3.2 kB	66 kB	34.120.237.76
embed.tawk.to	8650	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	2.6 kB	260 kB	104.22.24.131
gis.slotegrator.com	unknown	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	1.4 kB	174 kB	104.26.0.133
www.google.com	7	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	517 B	694 B	142.250.74.132
vsb7.tawk.to	113922	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	1.1 kB	2.7 kB	104.22.24.131
push.services.mozilla.com	2140	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	606 B	127 B	54.189.139.67
my.rtmark.net	9054	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	5.4 kB	11 kB	139.45.195.8
stats.g.doubleclick.net	96	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	608 B	711 B	74.125.131.154
content-signature-2.cdn.mozilla.net	1152	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	413 B	5.8 kB	34.160.144.191
contile.services.mozilla.com	1114	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	333 B	229 B	34.117.237.239
cdn.jsdelivr.net	439	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	390 B	73 kB	151.101.193.229
tvbetframe23.com	unknown	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	368 B	329 B	185.131.66.202

Related reports

Network Intrusion Detection Systems

Suricata /w Emerging Threats Pro

No alerts detected

Threat Detection Systems

OpenPhish

No alerts detected

PhishTank

No alerts detected

Fortinet's Web Filter

No alerts detected

mnemonic secure dns

No alerts detected

Quad9 DNS

Scan Date	Severity	Indicator	Alert
2022-11-29	medium	unphionetor.com	Sinkholed
2022-11-29	medium	unphionetor.com	Sinkholed
2022-11-29	medium	unphionetor.com	Sinkholed

JavaScript (36)

	URL	Size	First Seen	Last Seen
	www.google-analytics.com/analytics.js	50 kB	2023-03-08	2024-05-01
Pretty URL www.google-analytics.com/analytics.js IP 142.250.74.110 ASN #15169 GOOGLE Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-08 05:22:31 Last Seen2024-05-01 18:36:16 Times Seen1617 Hash fda30e8a22c9bcd954fd8d0fadd0e77c ae47cd34cbde081a48d7f92fc80aaf06a1381193 b42e4a056cb5b80c5a315040826866445ec9332f0749e184509ab2d9d3b86719 Loading...

	embed.tawk.to/_s/v4/app/637ddf31c8f/js/twk-vendor.js	78 kB	2023-03-07	2024-01-03
Pretty URL embed.tawk.to/_s/v4/app/637ddf31c8f/js/twk-vendor.js IP 0.0.0.0 ASN #0 Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:02:45 Last Seen2024-01-03 04:29:13 Times Seen8812 Hash 7dcb496e4882926f93f2e73fa87062c0 f84d8f772336f305bbbd882a1e5d48d9aa8bd16a 5958b8f2069b0a3292ed7a9db46b8109adac7e81591238557125893ee7e87bb7 Loading...

	playmaster.co.ke/en/ucasino_ms	163 B	2023-03-08	2023-03-29
Pretty URL playmaster.co.ke/en/ucasino_ms IP 104.21.21.152 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-08 00:30:04 Last Seen2023-03-29 22:08:13 Times Seen3 Hash bea3853ff08d61616a663af88a3a02d2 885704a4d8f1d7e5a776418ba713b082a10b6023 8d98e4ea2628900a0c83d31b8b2065245ab221cfd077224f4e55bc5c1d5db3aa Loading...

	cdn.onesignal.com/sdks/OneSignalPageSDKES6.js?v=151514	290 kB	2023-03-07	2023-05-22
Pretty URL cdn.onesignal.com/sdks/OneSignalPageSDKES6.js?v=151514 IP 0.0.0.0 ASN #0 Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:03:26 Last Seen2023-05-22 12:53:59 Times Seen6 Hash 2f96824aee4bf927e734cc519e3e726d 217f9bc83ea70521ed2b8d89b8e2a1fa05cf9146 843114448aaeeda7e8caa0cf76d61e0c63b8bffccd34517483363fdb15cdc80c Loading...

	my.rtmark.net/p.js?f=sync&lr=1&partner=9f7d9fee71938e979ff3c186172fe99af6fed4d05cd2f164407368f8cad38667	697 B	2023-03-08	2023-08-25
Pretty URL my.rtmark.net/p.js?f=sync&lr=1&partner=9f7d9fee71938e979ff3c186172fe99af6fed4d05cd2f164407368f8cad38667 IP 139.45.195.8 ASN #9002 RETN Limited Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-08 00:30:04 Last Seen2023-08-25 07:01:09 Times Seen70 Hash 068b8309e7fb06560e560c8dece8d934 2ae1a89362092080187b9965a400ac30633bed20 a5de384f92fcdf2f30a75f3539082d380d0d75d6b646f6c6d225caf507db3874 Loading...

	propeller-tracking.com/fv.js?t=95799	5.2 kB	2023-03-07	2024-05-02
Pretty URL propeller-tracking.com/fv.js?t=95799 IP 139.45.197.240 ASN #9002 RETN Limited Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:02:56 Last Seen2024-05-02 00:04:50 Times Seen2368 Hash 563d777535ce88943a94a6be86f378c8 8753745424d367275e3fe55a5661fe51b1e1fb72 0f467a48a494f7f63968707dc43785b728d0c17f93c12937c1e5b12798f3a98a Loading...

	playmaster.co.ke/polyfills.0688af4a18ec3a51fe8c.js	63 kB	2023-03-08	2023-08-25
Pretty URL playmaster.co.ke/polyfills.0688af4a18ec3a51fe8c.js IP 104.21.21.152 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-08 00:30:03 Last Seen2023-08-25 07:01:10 Times Seen159 Hash 15dadf51ebb4daf0ee19402e538412b8 92796c1570cab0f6fa8964aed4a90ab618aa5e47 79051b879b76040ea89ffa0e38c2e51f26699a0ac993be30873aa45af52d188f Loading...

	embed.tawk.to/5d1e2e8d22d70e36c2a42ca4/default	2.1 kB	2023-03-08	2023-03-12
Pretty URL embed.tawk.to/5d1e2e8d22d70e36c2a42ca4/default IP 104.22.24.131 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-08 14:33:10 Last Seen2023-03-12 15:55:12 Times Seen1 Hash 0ad45524f67c754bfea49e70df7e30bb 2bf94bbb3521b145c71c3e3734cfb4af9d876d43 8be2ec2ae60139b9bc62f511e066ae1748f22f364358c24bcb2c64ee65601b71 Loading...

	static.hotjar.com/c/hotjar-1404705.js?sv=6	6.7 kB	2023-03-11	2023-03-11
Pretty URL static.hotjar.com/c/hotjar-1404705.js?sv=6 IP 143.204.55.84 ASN #16509 AMAZON-02 Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-11 22:49:53 Last Seen2023-03-11 22:49:53 Times Seen1 Hash 6a5f9d6beeaef2ab5e62cfe78b3ad855 987e53f6bfeef01bb42a5ce8a8b9bcbd7d56e523 a58b01eb4bc65d8ea4bc6ea7ea3a2ff8060ca5582ebae541ab1f477cd836fbc3 Loading...

	vars.hotjar.com/box-5e66f98b4ee957db209dc6f63e3d59dd.html	2.3 kB	2023-03-08	2023-03-26
Pretty URL vars.hotjar.com/box-5e66f98b4ee957db209dc6f63e3d59dd.html IP 143.204.55.105 ASN #16509 AMAZON-02 Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-08 14:22:11 Last Seen2023-03-26 01:38:12 Times Seen2 Hash 2ab04d2242413cc15369fa816e1a02f8 8ff148dd539f0fff0892dcc2075839c315cb8642 fe51660a3d21efbefab64694f51d02f2bcee4e82c324895e93c78ba6179508a3 Loading...

	embed.tawk.to/_s/v4/app/637ddf31c8f/js/twk-chunk-32507910.js	74 kB	2023-03-08	2023-03-12
Pretty URL embed.tawk.to/_s/v4/app/637ddf31c8f/js/twk-chunk-32507910.js IP 0.0.0.0 ASN #0 Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-08 14:21:39 Last Seen2023-03-12 19:40:33 Times Seen1 Hash af764270cff49e4f88710a5824f1af0a 5101715aafd662b8ef1bae9a588ba7e8650c2b5e 8ea95ad5c8b1c5de01a4a647ba43f1d82e0e94337b17995abaa29a6dc7d5bffc Loading...

	playmaster.co.ke/en/ucasino_ms	424 B	2023-03-08	2023-03-29
Pretty URL playmaster.co.ke/en/ucasino_ms IP 104.21.21.152 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-08 00:30:04 Last Seen2023-03-29 22:08:13 Times Seen3 Hash 027de650c2cc00c31ce424d63cc5091e 4d33fa1c1ed43100df4f6aa76e27e0517df6e1c3 34ff91fe3bd47526ff0790e3e1b9446b72f3a7291b83d7d2b869d9c2df9da4f2 Loading...

	cdn.onesignal.com/sdks/OneSignalSDK.js	9.1 kB	2023-03-07	2023-04-02
Pretty URL cdn.onesignal.com/sdks/OneSignalSDK.js IP 104.18.225.52 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:02:42 Last Seen2023-04-02 21:25:26 Times Seen2 Hash ae63ef8ff03da61fffaa7f165729897a 96a95093b2be6ed11dc11b689c728c2ec0dbe19c d12c6745eca14e06d4dea70f4c2bd875769b349770d04300477ab18d0db005d4 Loading...

	embed.tawk.to/_s/v4/app/637ddf31c8f/js/twk-chunk-48f46bef.js	16 kB	2023-03-08	2023-03-12
Pretty URL embed.tawk.to/_s/v4/app/637ddf31c8f/js/twk-chunk-48f46bef.js IP 0.0.0.0 ASN #0 Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-08 14:21:39 Last Seen2023-03-12 19:39:42 Times Seen1 Hash 12f6c0f6e6cec2a03629fbce091e2072 f900879b5df1ad4add9e9312ade124a70a14607c 663028e7a6e8b469483d28f1b38a593e73623ae4e95eebdef03eecc014da0316 Loading...

	embed.tawk.to/_s/v4/app/637ddf31c8f/js/twk-chunk-2d0b9454.js	546 B	2023-03-07	2023-12-03
Pretty URL embed.tawk.to/_s/v4/app/637ddf31c8f/js/twk-chunk-2d0b9454.js IP 0.0.0.0 ASN #0 Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:02:45 Last Seen2023-12-03 21:40:45 Times Seen7208 Hash 09c3819d373bd4178a620d721429fada fc407211bc5ed4384dc85e981c5947f727254bd9 48126b4a0cc388ba014594d6d64a6c6c6bb1c0ea145bb1c3c2b1da1a514e4a5c Loading...

	embed.tawk.to/_s/v4/app/637ddf31c8f/languages/en.js	17 kB	2023-03-07	2024-02-05
Pretty URL embed.tawk.to/_s/v4/app/637ddf31c8f/languages/en.js IP 0.0.0.0 ASN #0 Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:03:47 Last Seen2024-02-05 02:14:35 Times Seen39084 Hash 585ba00b2c167b90c210161454f843b5 89ee8372cc6d5eb307cf5840b70d8f3dab3c57f2 e924ffe8bcc65483510a22a7286bd6d4d204e72ffe5927eec50158f7a7be50c0 Loading...

	my.rtmark.net/p.js?f=sync&lr=1&partner=7f41a83d748afa4f865bfe2300b041dc5fdc50c8d7ce5030d4d425f67296d3b7	697 B	2023-03-08	2023-08-25
Pretty URL my.rtmark.net/p.js?f=sync&lr=1&partner=7f41a83d748afa4f865bfe2300b041dc5fdc50c8d7ce5030d4d425f67296d3b7 IP 139.45.195.8 ASN #9002 RETN Limited Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-08 00:30:04 Last Seen2023-08-25 07:01:09 Times Seen69 Hash c809b47e49ab30ce4531de95bdb2e642 ace06c6d6e6157683b752cb20def9ff29b864208 b3c4ceaf9a6fc3019b3ffefae2b3d055a15cfa4a86dc7cb8e31f6f704716bbd8 Loading...

	embed.tawk.to/_s/v4/app/637ddf31c8f/js/twk-runtime.js	2.3 kB	2023-03-08	2024-01-03
Pretty URL embed.tawk.to/_s/v4/app/637ddf31c8f/js/twk-runtime.js IP 104.22.24.131 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-08 14:21:39 Last Seen2024-01-03 04:29:13 Times Seen3 Hash 9075c2f5460b2832318d3c7217cc68cb b8742c9ec6d976051538e69ae8a92e354b62638b 6d510d7d2266769c4b312b4db0fc12e180db9c5ef2d75926c5b8f23543788aba Loading...

	embed.tawk.to/_s/v4/app/637ddf31c8f/js/twk-app.js	151 B	2023-03-07	2024-05-01
Pretty URL embed.tawk.to/_s/v4/app/637ddf31c8f/js/twk-app.js IP 104.22.24.131 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:02:46 Last Seen2024-05-01 21:57:32 Times Seen46666 Hash e736e189edb5d0d9d5b8e7f23dd9114a bcabee193f13756fa9154fc492fe420c47140343 13cf82e6f9d48221cd55f8b3c3d206f7bdb83f291034b478e484ccfef7d500dd Loading...

	unknown	0 B	2023-03-07	2024-05-02
Pretty Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:01:59 Last Seen2024-05-02 00:10:07 Times Seen37258629 Hash d41d8cd98f00b204e9800998ecf8427e da39a3ee5e6b4b0d3255bfef95601890afd80709 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Loading...

	playmaster.co.ke/en/ucasino_ms	158 B	2023-03-08	2024-04-24
Pretty URL playmaster.co.ke/en/ucasino_ms IP 104.21.21.152 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-08 00:30:04 Last Seen2024-04-24 10:17:40 Times Seen9 Hash cdeee27d978e44d61995ab8ed57f7fd3 5591bc62da2323de9328fd4790aaeaf6ae921fcf 0e4767fb85dd32e699cf00fec8cdcae5f49a71153490cfe1c593b36538cfe49d Loading...

	playmaster.co.ke/en/ucasino_ms	179 B	2023-03-08	2023-03-29
Pretty URL playmaster.co.ke/en/ucasino_ms IP 104.21.21.152 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-08 00:30:04 Last Seen2023-03-29 22:08:13 Times Seen3 Hash f4bb2cb9f54d7b107fcf4c5626a088e5 1e87b31e7b5719f0a03cc787afa375453cdffc9a 6539d7511a5de922a4880c1f2d086ff69e2613cfff6896e1609826c2d637c877 Loading...

	my.rtmark.net/p.js?f=sync&lr=1&partner=458124450432a37bd27e68ab57fa2c7806a129a6e516153febe0dca195779ca0	697 B	2023-03-08	2023-08-25
Pretty URL my.rtmark.net/p.js?f=sync&lr=1&partner=458124450432a37bd27e68ab57fa2c7806a129a6e516153febe0dca195779ca0 IP 139.45.195.8 ASN #9002 RETN Limited Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-08 00:30:04 Last Seen2023-08-25 07:01:10 Times Seen76 Hash 8ea8c8bd7b4a8c06dc3d0bcecbb0f310 e730e1b8d2c46b6d1d31916d8a668a375c8f5200 c14e09a0d72b50111f563843cc7e05cd6f04bf2531d5e3731e2e7c3d76a01dc1 Loading...

	embed.tawk.to/_s/v4/app/637ddf31c8f/js/twk-chunk-2c78ba82.js	7.1 kB	2023-03-07	2023-12-01
Pretty URL embed.tawk.to/_s/v4/app/637ddf31c8f/js/twk-chunk-2c78ba82.js IP 0.0.0.0 ASN #0 Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:15:09 Last Seen2023-12-01 20:53:29 Times Seen7234 Hash fac25ff2d2c405e1ac7e156dca1f819c 9e7c83d4eefe4f64b4f1c43d15f21b248697a125 97ca66991150a4c1263837600fe4338f33d96b74979cd7740ab07d22b883b8e0 Loading...

	playmaster.co.ke/en/ucasino_ms	504 B	2023-03-08	2023-03-29
Pretty URL playmaster.co.ke/en/ucasino_ms IP 104.21.21.152 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-08 00:30:03 Last Seen2023-03-29 22:08:13 Times Seen3 Hash 2f27c164da4ea8e9dd3b623db563b3d3 f6d1bb8989092bbc6d241a1b3f3cd5a4d4521365 03302b851a2b21f26c2703050e75770443e35c0892e9c8c5bd0a90f18aed947f Loading...

	playmaster.co.ke/runtime.ec2944dd8b20ec099bf3.js	1.4 kB	2023-03-07	2024-04-27
Pretty URL playmaster.co.ke/runtime.ec2944dd8b20ec099bf3.js IP 104.21.21.152 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:10:17 Last Seen2024-04-27 09:15:57 Times Seen379 Hash cd1ce3e306bf57f272364d1cc0249d6e b62956c2192bfe5516d6374e753773901ed50ec5 eb3d5f2600910179bef8b0709214b7c721ea66e92ebb35bc282264beb2631eaf Loading...

	embed.tawk.to/_s/v4/app/637ddf31c8f/js/twk-main.js	121 B	2023-03-07	2024-05-01
Pretty URL embed.tawk.to/_s/v4/app/637ddf31c8f/js/twk-main.js IP 104.22.24.131 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:02:45 Last Seen2024-05-01 21:57:32 Times Seen45987 Hash da5bb1dc647470204df0e49f5afac2de f5cbf596ca5e4fe208e4c55af6e45b71f9febbe8 705186becc9e0a306a6b4867ae2768aa9dd3b8c12393d9f9c52029e9a6fcf31c Loading...

	embed.tawk.to/_s/v4/app/637ddf31c8f/js/twk-chunk-common.js	196 kB	2023-03-08	2024-01-03
Pretty URL embed.tawk.to/_s/v4/app/637ddf31c8f/js/twk-chunk-common.js IP 104.22.24.131 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-08 14:21:39 Last Seen2024-01-03 04:29:13 Times Seen4 Hash bde99510bdf9ab7bbc9ce82519a19a36 c0d4758cbef7cb74c32021e2f6c6271ae995c919 654d5153e9271fb0cf77a967a37cb4e615a1f911a9957f747f395d824d0cca44 Loading...

	tvbetframe23.com/assets/frame.js	8.6 kB	2023-03-08	2023-03-14
Pretty URL tvbetframe23.com/assets/frame.js IP 185.131.66.202 ASN #56630 Melbikomas UAB Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-08 14:33:10 Last Seen2023-03-14 05:26:46 Times Seen1 Hash 9e42b3c90ed9f125899ba54a79d0275f 6dc42bb43ebb4b154a22dc93be811d94f3281ce7 0bd6dafd3f85e527c26dfb42c041c0d79bac141a12f6c7ce4512a1914e4f10da Loading...

	playmaster.co.ke/en/ucasino_ms	1.4 kB	2023-03-08	2023-03-11
Pretty URL playmaster.co.ke/en/ucasino_ms IP 104.21.21.152 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-08 14:33:10 Last Seen2023-03-11 23:04:42 Times Seen1 Hash e497b12bca282592be4b1118282c463e dd56dff292afe337b2b1f6577c12dc2f0c7c024e 9a71be58fc99b62aa48369c28b1a281a47cb5bef0ca35871b47aec5c27d2a4e9 Loading...

	onesignal.com/api/v1/sync/1641a175-fbb2-4172-9cf5-f605a25d060c/web?callback=__jp0	4.5 kB	2023-03-11	2023-03-11
Pretty URL onesignal.com/api/v1/sync/1641a175-fbb2-4172-9cf5-f605a25d060c/web?callback=__jp0 IP 0.0.0.0 ASN #0 Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-11 22:49:53 Last Seen2023-03-11 22:49:53 Times Seen1 Hash d17590ba05c93d970b1b33401caf4a80 36c077ae33c9275a95e43a7c3e3072a07952c3f1 c768501337e4c605ef728d218b908940cefac8969158408446efd097fde59a25 Loading...

	embed.tawk.to/_s/v4/app/637ddf31c8f/js/twk-chunk-f163fcd0.js	11 kB	2023-03-07	2023-12-01
Pretty URL embed.tawk.to/_s/v4/app/637ddf31c8f/js/twk-chunk-f163fcd0.js IP 0.0.0.0 ASN #0 Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:02:46 Last Seen2023-12-01 20:53:29 Times Seen11867 Hash a92075fd9ac5ba130387a80453676099 4b5b13cf9479b8311d574356e53f8da74200c57a 544039b2ff06226afd008c3625818bbfe76a2598d7159145d06965afaf4f09de Loading...

	my.rtmark.net/p.js?f=sync&lr=1&partner=0a33899fd0710311f885aa995a362f745b43cf9fa64a57afd98f276247391262	697 B	2023-03-08	2023-08-25
Pretty URL my.rtmark.net/p.js?f=sync&lr=1&partner=0a33899fd0710311f885aa995a362f745b43cf9fa64a57afd98f276247391262 IP 139.45.195.8 ASN #9002 RETN Limited Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-08 00:30:04 Last Seen2023-08-25 07:01:10 Times Seen78 Hash 9fc3ae679b63d633b774a21cdef5f000 f152c15b218ebfd5e71e75bb48396a5816b581ec 1cc768fc95debe6461d0ca57e225bfa3c764435db518aca1a401a9ef7d1f84f2 Loading...

	embed.tawk.to/_s/v4/app/637ddf31c8f/js/twk-chunk-vendors.js	211 kB	2023-03-08	2024-01-03
Pretty URL embed.tawk.to/_s/v4/app/637ddf31c8f/js/twk-chunk-vendors.js IP 104.22.24.131 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-08 13:02:52 Last Seen2024-01-03 04:29:13 Times Seen92 Hash 70dac54eca3bb2143032bc4db3237623 b072b86acccf5e05a52ebfbff58ec2961b200063 299a4f2bad31c68a87c725376227e4e71d3fa3be5ac21776509b6a526bfd603b Loading...

	embed.tawk.to/_s/v4/app/637ddf31c8f/js/twk-chunk-696bc286.js	17 kB	2023-03-08	2023-03-12
Pretty URL embed.tawk.to/_s/v4/app/637ddf31c8f/js/twk-chunk-696bc286.js IP 0.0.0.0 ASN #0 Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-08 14:21:39 Last Seen2023-03-12 19:40:33 Times Seen1 Hash a4ee0f7f38343d301e91591fc360d3fa 0748ec2421e5495f8cd80c749a827065c4b43eb1 83bf5bc596982a4f75467e476f78e856ac970915731fb11c7115f5feaac5027b Loading...

	embed.tawk.to/_s/v4/app/637ddf31c8f/js/twk-chunk-4fe9d5dd.js	942 B	2023-03-07	2023-12-03
Pretty URL embed.tawk.to/_s/v4/app/637ddf31c8f/js/twk-chunk-4fe9d5dd.js IP 0.0.0.0 ASN #0 Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:02:46 Last Seen2023-12-03 21:40:45 Times Seen7224 Hash 5f434bdd806571a4e1b385bee9316ff6 ca69e13015a6b7769e4174179dc8befd4c543c43 fc129f67c34d70578dc66a2ac6be2d44011eab5a05077797b8e56dbc2f2c9867 Loading...

HTTP Transactions (111)

URL IP Response Size

playmaster.co.ke/en/ucasino_ms

104.21.21.152

301 Moved Permanently

0 B

URL HTTP/1.1
playmaster.co.ke/en/ucasino_ms
IP
104.21.21.152:0
ASN
#13335 CLOUDFLARENET

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

HTTP Headers

GET /en/ucasino_ms HTTP/1.1
Host: playmaster.co.ke
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Upgrade-Insecure-Requests: 1

HTTP/1.1 301 Moved Permanently
Date: Wed, 30 Nov 2022 04:56:23 GMT
Transfer-Encoding: chunked
Connection: keep-alive
Cache-Control: max-age=3600
Expires: Wed, 30 Nov 2022 05:56:23 GMT
Location: https://playmaster.co.ke/en/ucasino_ms
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=psrBzJMLWRIp2gsDPwx0r8qh0HEn1xAn6Vp0O18WEfKxqCnaZ4GyYtm86GwXNkEoKs6WPnROZJypqBo8U9piYSge7py4bDAdKkCftsKrvF9r57bPeUg8GpeK95P%2FLru9lTIc"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 7720ff094bf50afa-OSL
alt-svc: h2=":443"; ma=60

r3.o.lencr.org/

23.36.77.32

200 OK

503 B

URL HTTP/1.1
r3.o.lencr.org/
IP
23.36.77.32:0
ASN
#20940 Akamai International B.V.

File type
data
Size
503 B (503 bytes)
Hash
a5daf4dc99951793ae2315d4795e8146
4427507ca4d3a5632cc8f598afbc85e2195d00bd
94fb64c1c826ed7099283c0bedb3cea7ac7e1d9526794cb9fad6e761f5989d32

HTTP Headers

POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "94FB64C1C826ED7099283C0BEDB3CEA7AC7E1D9526794CB9FAD6E761F5989D32"
Last-Modified: Mon, 28 Nov 2022 21:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=2686
Expires: Wed, 30 Nov 2022 05:41:09 GMT
Date: Wed, 30 Nov 2022 04:56:23 GMT
Connection: keep-alive

ocsp.digicert.com/

93.184.220.29

200 OK

471 B

URL HTTP/1.1
ocsp.digicert.com/
IP
93.184.220.29:0
ASN
#15133 EDGECAST

File type
data
Size
471 B (471 bytes)
Hash
4ed065cb23b5fca1a179dd73b3c5b7b2
4422eb24688f5e056fc1b18b127c7f63b1dbf5e0
b723d770d0dec7441d8505dc5a4e7d34f55c9f564ec52f20d9b70c7c3a0d9d35

HTTP Headers

POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 2070
Cache-Control: max-age=108558
Content-Type: application/ocsp-response
Date: Wed, 30 Nov 2022 04:56:23 GMT
Etag: "6385df6f-1d7"
Expires: Thu, 01 Dec 2022 11:05:41 GMT
Last-Modified: Tue, 29 Nov 2022 10:31:11 GMT
Server: ECS (ska/F715)
X-Cache: HIT
Content-Length: 471

r3.o.lencr.org/

23.36.77.32

200 OK

503 B

URL HTTP/1.1
r3.o.lencr.org/
IP
23.36.77.32:0
ASN
#20940 Akamai International B.V.

File type
data
Size
503 B (503 bytes)
Hash
9fce5679881bf302a8978a0b462f01a9
b699fe030ea13ac73813e655c42ed9b531925e2b
a3ec545a8f9364ac9062eddb41279e1465687a1b60f9c1dec6b3a3df8b033eb3

HTTP Headers

POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "A3EC545A8F9364AC9062EDDB41279E1465687A1B60F9C1DEC6B3A3DF8B033EB3"
Last-Modified: Mon, 28 Nov 2022 21:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=7528
Expires: Wed, 30 Nov 2022 07:01:51 GMT
Date: Wed, 30 Nov 2022 04:56:23 GMT
Connection: keep-alive

firefox.settings.services.mozilla.com/v1/

34.102.187.140

200 OK

939 B

URL HTTP/2
firefox.settings.services.mozilla.com/v1/
IP
34.102.187.140:0
ASN
#15169 GOOGLE

File type
JSON data\012- , ASCII text, with very long lines (939), with no line terminators
Size
939 B (939 bytes)
Hash
14cd9a0afb6ba9a763651d5112760d1e
75d7b104ab9ab11fbb73c3f348b43b0119b5adfa
4e32a117106be587ffcd63239c16a8117eb7840830d4c9decf6527761967532e

HTTP Headers

GET /v1/ HTTP/1.1
Host: firefox.settings.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
access-control-allow-origin: *
access-control-expose-headers: Retry-After, Alert, Backoff, Content-Length, Content-Type
content-security-policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
content-length: 939
via: 1.1 google
date: Wed, 30 Nov 2022 04:19:39 GMT
cache-control: public,max-age=3600
content-type: application/json
age: 2204
alt-svc: clear
X-Firefox-Spdy: h2

content-signature-2.cdn.mozilla.net/chains/remote-settings.content-signature.mozilla.org-2022-12-30-09-21-26.chain

34.160.144.191

200 OK

5.3 kB

URL HTTP/2
content-signature-2.cdn.mozilla.net/chains/remote-settings.content-signature.mozilla.org-2022-12-30-09-21-26.chain
IP
34.160.144.191:0
ASN
#15169 GOOGLE

File type
PEM certificate\012- , ASCII text
Size
5.3 kB (5348 bytes)
Hash
9ebddc2b260d081ebbefee47c037cb28
492bad62a7ca6a74738921ef5ae6f0be5edebf39
74bbb7cba16f7d084a08a0907d47d7496e5c148f904707ec6950f8f6a61027e5

HTTP Headers

GET /chains/remote-settings.content-signature.mozilla.org-2022-12-30-09-21-26.chain HTTP/1.1
Host: content-signature-2.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
x-amz-id-2: 6eheBDc+d6u4dxWITVO72/bYKEjHI+HeaMF9/lTbflatAYXmOH4P/ognjEZp0GtAS0vq1/x1UiY=
x-amz-request-id: XVEZ49YAXFDFTS7W
content-disposition: attachment
accept-ranges: bytes
server: AmazonS3
content-length: 5348
via: 1.1 google
date: Wed, 30 Nov 2022 04:45:05 GMT
age: 678
last-modified: Thu, 10 Nov 2022 09:21:27 GMT
etag: "9ebddc2b260d081ebbefee47c037cb28"
content-type: binary/octet-stream
cache-control: public,max-age=3600
alt-svc: clear
X-Firefox-Spdy: h2

ocsp.digicert.com/

93.184.220.29

200 OK

278 B

URL HTTP/1.1
ocsp.digicert.com/
IP
93.184.220.29:0
ASN
#15133 EDGECAST

File type
data
Size
278 B (278 bytes)
Hash
5b28f7efa1e17f994e0bdffc9643fca0
ffe0a1dc4f562d0872218ead419969ca7df78795
b85096fc0dcfd6adbb0c6735f82853f2f895801f4763d10ff5b48afb47d77f04

HTTP Headers

POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Accept-Ranges: bytes
Cache-Control: max-age=138536
Content-Type: application/ocsp-response
Date: Wed, 30 Nov 2022 04:56:23 GMT
Etag: "63865c9f-116"
Expires: Thu, 01 Dec 2022 19:25:19 GMT
Last-Modified: Tue, 29 Nov 2022 19:25:19 GMT
Server: nginx
Content-Length: 278

contile.services.mozilla.com/v1/tiles

34.117.237.239

200 OK

12 B

URL HTTP/2
contile.services.mozilla.com/v1/tiles
IP
34.117.237.239:0
ASN
#15169 GOOGLE

File type
JSON data\012- , ASCII text, with no line terminators
Size
12 B (12 bytes)
Hash
23e88fb7b99543fb33315b29b1fad9d6
a48926c4ec03c7c8a4e8dffcd31e5a6cdda417ce
7d8f1de8b7de7bc21dfb546a1d0c51bf31f16eee5fad49dbceae1e76da38e5c3

HTTP Headers

GET /v1/tiles HTTP/1.1
Host: contile.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
server: nginx
date: Wed, 30 Nov 2022 04:56:23 GMT
content-type: application/json
content-length: 12
strict-transport-security: max-age=31536000
via: 1.1 google
alt-svc: clear
X-Firefox-Spdy: h2

ocsp.digicert.com/

93.184.220.29

200 OK

279 B

URL HTTP/1.1
ocsp.digicert.com/
IP
93.184.220.29:0
ASN
#15133 EDGECAST

File type
data
Size
279 B (279 bytes)
Hash
1e258d2d97dc1a2c884f27040ee7ce5e
fd1009422b0736848e10d0d72ed079c711fc7944
106002bf0a4504a5148fd13443cf5b29a83887da7ee321595f48c661d309416b

HTTP Headers

POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 2114
Cache-Control: max-age=99230
Content-Type: application/ocsp-response
Date: Wed, 30 Nov 2022 04:56:23 GMT
Etag: "6385bad3-117"
Expires: Thu, 01 Dec 2022 08:30:13 GMT
Last-Modified: Tue, 29 Nov 2022 07:54:59 GMT
Server: ECS (ska/F715)
X-Cache: HIT
Content-Length: 279

ocsp.digicert.com/

93.184.220.29

200 OK

279 B

URL HTTP/1.1
ocsp.digicert.com/
IP
93.184.220.29:0
ASN
#15133 EDGECAST

File type
data
Size
279 B (279 bytes)
Hash
96ba40be4ad9ed57887bc3d9d39b9ee2
bd3b5d8943ab7741bfa5c18c8766013b80519424
19e5f58133b52dbd7ab629ad02f9a38ed2b69909b797ff3722f09fb811085362

HTTP Headers

POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 2062
Cache-Control: max-age=95956
Content-Type: application/ocsp-response
Date: Wed, 30 Nov 2022 04:56:23 GMT
Etag: "6385ae3d-117"
Expires: Thu, 01 Dec 2022 07:35:39 GMT
Last-Modified: Tue, 29 Nov 2022 07:01:17 GMT
Server: ECS (ska/F715)
X-Cache: HIT
Content-Length: 279

ocsp.digicert.com/

93.184.220.29

200 OK

279 B

URL HTTP/1.1
ocsp.digicert.com/
IP
93.184.220.29:0
ASN
#15133 EDGECAST

File type
data
Size
279 B (279 bytes)
Hash
02ca4292c31c0c0caa2ed7401af8d5bd
16ced3b6956cea150f608c9848bfa2f31e0a3e18
e90eff9a37ae4b3dff3bf24081ff3f110c45619703129b1b3f3f8bd3e0df9da0

HTTP Headers

POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 2103
Cache-Control: max-age=114334
Content-Type: application/ocsp-response
Date: Wed, 30 Nov 2022 04:56:23 GMT
Etag: "6385f5de-117"
Expires: Thu, 01 Dec 2022 12:41:57 GMT
Last-Modified: Tue, 29 Nov 2022 12:06:54 GMT
Server: ECS (ska/F715)
X-Cache: HIT
Content-Length: 279

ocsp.pki.goog/gts1c3

142.250.74.131

200 OK

472 B

URL HTTP/1.1
ocsp.pki.goog/gts1c3
IP
142.250.74.131:0
ASN
#15169 GOOGLE

File type
data
Size
472 B (472 bytes)
Hash
146dac10a93604a686550631e14eefb9
b4af601ce6d515d9ec124938ce626060e0d43099
bac5bc94c1a95af45522dadbf1639aff31e691fa2314314c6cce1ab1e70bba87

HTTP Headers

POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Wed, 30 Nov 2022 04:56:23 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

ocsp.digicert.com/

93.184.220.29

200 OK

279 B

URL HTTP/1.1
ocsp.digicert.com/
IP
93.184.220.29:0
ASN
#15133 EDGECAST

File type
data
Size
279 B (279 bytes)
Hash
96ba40be4ad9ed57887bc3d9d39b9ee2
bd3b5d8943ab7741bfa5c18c8766013b80519424
19e5f58133b52dbd7ab629ad02f9a38ed2b69909b797ff3722f09fb811085362

HTTP Headers

POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 2062
Cache-Control: max-age=95956
Content-Type: application/ocsp-response
Date: Wed, 30 Nov 2022 04:56:23 GMT
Etag: "6385ae3d-117"
Expires: Thu, 01 Dec 2022 07:35:39 GMT
Last-Modified: Tue, 29 Nov 2022 07:01:17 GMT
Server: ECS (ska/F715)
X-Cache: HIT
Content-Length: 279

ocsp.digicert.com/

93.184.220.29

200 OK

279 B

URL HTTP/1.1
ocsp.digicert.com/
IP
93.184.220.29:0
ASN
#15133 EDGECAST

File type
data
Size
279 B (279 bytes)
Hash
1e258d2d97dc1a2c884f27040ee7ce5e
fd1009422b0736848e10d0d72ed079c711fc7944
106002bf0a4504a5148fd13443cf5b29a83887da7ee321595f48c661d309416b

HTTP Headers

POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 2005
Cache-Control: max-age=99121
Content-Type: application/ocsp-response
Date: Wed, 30 Nov 2022 04:56:23 GMT
Etag: "6385bad3-117"
Expires: Thu, 01 Dec 2022 08:28:24 GMT
Last-Modified: Tue, 29 Nov 2022 07:54:59 GMT
Server: ECS (ska/F710)
X-Cache: HIT
Content-Length: 279

r3.o.lencr.org/

23.36.77.32

200 OK

503 B

URL HTTP/1.1
r3.o.lencr.org/
IP
23.36.77.32:0
ASN
#20940 Akamai International B.V.

File type
data
Size
503 B (503 bytes)
Hash
4d376350c6bd8b930d083a4a70273ce7
a036d0157095aa71166d8023f63f3f0f008e09ce
73761bf1ba188a8e761a23143ca9a4f276a7b153df9f3c80c6960674a78d896f

HTTP Headers

POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "73761BF1BA188A8E761A23143CA9A4F276A7B153DF9F3C80C6960674A78D896F"
Last-Modified: Mon, 28 Nov 2022 22:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=21533
Expires: Wed, 30 Nov 2022 10:55:16 GMT
Date: Wed, 30 Nov 2022 04:56:23 GMT
Connection: keep-alive

firefox.settings.services.mozilla.com/v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US

34.102.187.140

200 OK

329 B

URL HTTP/2
firefox.settings.services.mozilla.com/v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US
IP
34.102.187.140:0
ASN
#15169 GOOGLE

File type
JSON data\012- , ASCII text, with very long lines (329), with no line terminators
Size
329 B (329 bytes)
Hash
0333b0655111aa68de771adfcc4db243
63f295a144ac87a7c8e23417626724eeca68a7eb
60636eb1dc67c9ed000fe0b49f03777ad6f549cb1d2b9ff010cf198465ae6300

HTTP Headers

GET /v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US HTTP/1.1
Host: firefox.settings.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/json
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/json
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
access-control-allow-origin: *
access-control-expose-headers: Last-Modified, Retry-After, Cache-Control, Content-Type, Pragma, Backoff, ETag, Expires, Content-Length, Alert
content-security-policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
content-length: 329
via: 1.1 google
date: Wed, 30 Nov 2022 04:08:56 GMT
cache-control: public,max-age=3600
age: 2848
last-modified: Fri, 25 Mar 2022 17:45:46 GMT
etag: "1648230346554"
content-type: application/json
alt-svc: clear
X-Firefox-Spdy: h2

ocsp.digicert.com/

93.184.220.29

200 OK

471 B

URL HTTP/1.1
ocsp.digicert.com/
IP
93.184.220.29:0
ASN
#15133 EDGECAST

File type
data
Size
471 B (471 bytes)
Hash
3c8c689bd654417640d85f3da51af313
85123b6d46230a23d03768bf304b386e5d301305
516138ca79703b45e904d32d7dde1c1e9fd35995b9f1bb1331c547542745676d

HTTP Headers

POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 2068
Cache-Control: max-age=103492
Content-Type: application/ocsp-response
Date: Wed, 30 Nov 2022 04:56:24 GMT
Etag: "6385cba8-1d7"
Expires: Thu, 01 Dec 2022 09:41:16 GMT
Last-Modified: Tue, 29 Nov 2022 09:06:48 GMT
Server: ECS (ska/F715)
X-Cache: HIT
Content-Length: 471

push.services.mozilla.com/

54.189.139.67

101 Switching Protocols

0 B

URL HTTP/1.1
push.services.mozilla.com/
IP
54.189.139.67:0
ASN
#16509 AMAZON-02

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

HTTP Headers

GET / HTTP/1.1
Host: push.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Sec-WebSocket-Version: 13
Origin: wss://push.services.mozilla.com/
Sec-WebSocket-Protocol: push-notification
Sec-WebSocket-Extensions: permessage-deflate
Sec-WebSocket-Key: I88aFwXqcBpNDlmGMDLDnw==
Connection: keep-alive, Upgrade
Sec-Fetch-Dest: websocket
Sec-Fetch-Mode: websocket
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
Upgrade: websocket

HTTP/1.1 101 Switching Protocols
Connection: Upgrade
Upgrade: websocket
Sec-WebSocket-Accept: vQhfCVJfXrUSCMY2F49DlHcsOGc=

playmaster.co.ke/files/i18n/en.json

104.21.21.152

200 OK

3 B

URL HTTP/2
playmaster.co.ke/files/i18n/en.json
IP
104.21.21.152:0
ASN
#13335 CLOUDFLARENET

File type
JSON data\012- , ASCII text
Size
3 B (3 bytes)
Hash
8a80554c91d9fca8acb82f023de02f11
5f36b2ea290645ee34d943220a14b54ee5ea5be5
ca3d163bab055381827226140568f3bef7eaac187cebd76878e0b63e9e442356

HTTP Headers

GET /files/i18n/en.json HTTP/1.1
Host: playmaster.co.ke
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/json, text/plain, */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://playmaster.co.ke/en/ucasino_ms
Cookie: web.sid=s%3ApwLvEJc1ti1r5HRszbPTwssvBZxQ4OoH.NDYA6eEVYeg34ZaUW7AU5Z%2Fim5vZBQAuYcPHGCD1TKM
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
date: Wed, 30 Nov 2022 04:56:24 GMT
content-type: application/json
content-length: 3
last-modified: Tue, 29 Nov 2022 12:38:32 GMT
etag: "6385fd48-3"
expires: Fri, 30 Dec 2022 04:56:24 GMT
cache-control: max-age=2592000
x-frame-options: SAMEORIGIN
accept-ranges: bytes
cf-cache-status: DYNAMIC
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Emqefg5tcrDT%2BBpjlWHijMdEgF4aN8%2B3oluD5F6BGXwYNNIJnnn6tjc6Nf%2BPw7H%2B6QiqU6b8XPGlSGQ5b9omljvqutLWmMdWfaB0C9gU41aIk4zljy6J0Cq1NQANh1mOfHjC"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 7720ff11ccc9b512-OSL
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2

playmaster.co.ke/files/icons/flags/language/cn.png

104.21.21.152

200 OK

1.7 kB

URL HTTP/2
playmaster.co.ke/files/icons/flags/language/cn.png
IP
104.21.21.152:0
ASN
#13335 CLOUDFLARENET

File type
PNG image data, 250 x 167, 8-bit colormap, non-interlaced\012- data
Size
1.7 kB (1691 bytes)
Hash
d3a9dc56faac29c81e3a2a5dd9c9c0f5
62339adbff53d9d2cbab1356a1b70305ef25fd73
2649a33ec676d992709ad7978e0df319e398563c4de17f0c3d08ff206b00dee7

HTTP Headers

GET /files/icons/flags/language/cn.png HTTP/1.1
Host: playmaster.co.ke
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://playmaster.co.ke/styles.38a40fa341bae485618c.css
Cookie: web.sid=s%3ApwLvEJc1ti1r5HRszbPTwssvBZxQ4OoH.NDYA6eEVYeg34ZaUW7AU5Z%2Fim5vZBQAuYcPHGCD1TKM
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
date: Wed, 30 Nov 2022 04:56:24 GMT
content-type: image/png
content-length: 1691
last-modified: Tue, 29 Nov 2022 12:38:32 GMT
etag: "6385fd48-69b"
expires: Thu, 29 Dec 2022 19:07:56 GMT
cache-control: max-age=2592000
x-frame-options: SAMEORIGIN
cf-cache-status: HIT
age: 35308
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=HMY7tRMkDIopRcWWfBSmu%2FJjH9BrfmpMDKeUMjerVGknFS1k33X6CWHn%2BFu71hyRDBT6ZWyq6QoN6M%2BIzcLuDx73wsFWEqMJ5m6eJwRwyH7a4XGELmJuzCIiNevf84uEgf4v"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 7720ff128d12b512-OSL
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2

playmaster.co.ke/files/icons/flags/language/gb.png

104.21.21.152

200 OK

934 B

URL HTTP/2
playmaster.co.ke/files/icons/flags/language/gb.png
IP
104.21.21.152:0
ASN
#13335 CLOUDFLARENET

File type
PNG image data, 250 x 125, 8-bit colormap, non-interlaced\012- data
Size
934 B (934 bytes)
Hash
0896c9f55bf2afef36fa3b4ebfacf822
094a7531110863360ed32cf28f4e653470960330
9d37b4b31744e8374acbd28d862261ee946b5fb1e5bb641b04a454605d9afefe

HTTP Headers

GET /files/icons/flags/language/gb.png HTTP/1.1
Host: playmaster.co.ke
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://playmaster.co.ke/styles.38a40fa341bae485618c.css
Cookie: web.sid=s%3ApwLvEJc1ti1r5HRszbPTwssvBZxQ4OoH.NDYA6eEVYeg34ZaUW7AU5Z%2Fim5vZBQAuYcPHGCD1TKM
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
date: Wed, 30 Nov 2022 04:56:24 GMT
content-type: image/png
content-length: 934
last-modified: Tue, 29 Nov 2022 12:38:32 GMT
etag: "6385fd48-3a6"
expires: Thu, 29 Dec 2022 19:07:56 GMT
cache-control: max-age=2592000
x-frame-options: SAMEORIGIN
cf-cache-status: HIT
age: 35308
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=qOiFABhQWh7bOI0TmN6HQM2kuWl55FVVK5bCSNabbo4LzYz5M9bCr9TbYDHwS%2FvBBN65Fq5UaZ6KMooKQbp72irYvpbxZyig%2Fjy7scf%2BnjtQNeFPQrmvdIn8ghafHhvFMBrT"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 7720ff128d11b512-OSL
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2

playmaster.co.ke/files/icons/flags/language/tz.png

104.21.21.152

200 OK

761 B

URL HTTP/2
playmaster.co.ke/files/icons/flags/language/tz.png
IP
104.21.21.152:0
ASN
#13335 CLOUDFLARENET

File type
PNG image data, 250 x 167, 8-bit colormap, non-interlaced\012- data
Size
761 B (761 bytes)
Hash
838f395c5f4c8a907768216be0b39397
3c92dda2799859851bfe37f775d7d0242c21b7e4
2e2b9a0c712bb55b78ba19b714513c1d39566cf47b22cf16eb345c581db5265e

HTTP Headers

GET /files/icons/flags/language/tz.png HTTP/1.1
Host: playmaster.co.ke
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://playmaster.co.ke/styles.38a40fa341bae485618c.css
Cookie: web.sid=s%3ApwLvEJc1ti1r5HRszbPTwssvBZxQ4OoH.NDYA6eEVYeg34ZaUW7AU5Z%2Fim5vZBQAuYcPHGCD1TKM
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
date: Wed, 30 Nov 2022 04:56:24 GMT
content-type: image/png
content-length: 761
last-modified: Tue, 29 Nov 2022 12:38:32 GMT
etag: "6385fd48-2f9"
expires: Thu, 29 Dec 2022 19:07:56 GMT
cache-control: max-age=2592000
x-frame-options: SAMEORIGIN
cf-cache-status: HIT
age: 35308
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=jZOu6d8A1vj0mXNKNEQkRG5dfZVEj%2FfUIOzuBaFS6LYopEjsBIT8wBLTmouM2V4AS7fH2HHFX4y44wNL2QPXbifSyTQgXjRepJfOpBs%2BT3BsPCrnkFLiuSJBddwg4r3ZTG8J"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 7720ff128d13b512-OSL
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2

ocsp.digicert.com/

93.184.220.29

200 OK

279 B

URL HTTP/1.1
ocsp.digicert.com/
IP
93.184.220.29:0
ASN
#15133 EDGECAST

File type
data
Size
279 B (279 bytes)
Hash
63554b60bb305a45c430613fd013bbc3
8767dfe76ea8295d596eadc765eabc8a5475ee11
d22618294684c21f2bfdc38a141702c6f08e32a0fbcf0862427c3d9dd849e1f9

HTTP Headers

POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 1830
Cache-Control: max-age=125939
Content-Type: application/ocsp-response
Date: Wed, 30 Nov 2022 04:56:24 GMT
Etag: "63862445-117"
Expires: Thu, 01 Dec 2022 15:55:23 GMT
Last-Modified: Tue, 29 Nov 2022 15:24:53 GMT
Server: ECS (ska/F715)
X-Cache: HIT
Content-Length: 279

playmaster.co.ke/files/fonts/google/ieVl2ZhZI2eCN5jzbjEETS9weq8-19K7DQ.woff2

104.21.21.152

200 OK

15 kB

URL HTTP/2
playmaster.co.ke/files/fonts/google/ieVl2ZhZI2eCN5jzbjEETS9weq8-19K7DQ.woff2
IP
104.21.21.152:0
ASN
#13335 CLOUDFLARENET

File type
Web Open Font Format (Version 2), TrueType, length 15332, version 1.0\012- data
Size
15 kB (15332 bytes)
Hash
587de8ec039052f50e69c9654439b991
dd26304e3095c1ec9f8860e3c5f094d2826f6074
0f961c62a5d3faf422bafd5ce3c490a54b95c68a1bb5aaca37b66a8257fe02ea

HTTP Headers

GET /files/fonts/google/ieVl2ZhZI2eCN5jzbjEETS9weq8-19K7DQ.woff2 HTTP/1.1
Host: playmaster.co.ke
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Connection: keep-alive
Referer: https://playmaster.co.ke/styles.38a40fa341bae485618c.css
Cookie: web.sid=s%3ApwLvEJc1ti1r5HRszbPTwssvBZxQ4OoH.NDYA6eEVYeg34ZaUW7AU5Z%2Fim5vZBQAuYcPHGCD1TKM
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
date: Wed, 30 Nov 2022 04:56:24 GMT
content-type: font/woff2
content-length: 15332
last-modified: Tue, 29 Nov 2022 12:38:32 GMT
etag: "6385fd48-3be4"
expires: Fri, 30 Dec 2022 04:54:11 GMT
cache-control: max-age=2592000
x-frame-options: SAMEORIGIN
cf-cache-status: HIT
age: 133
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=9GpftaisOKkvwOaqQ7%2BU0EyL1JxxRUDz0U7oMZYk1o%2B%2Bl0xnMo0FRu9qysjXWk57IqMk%2FAYi8%2BZ4QIcSi7%2F8rsEcNvGsJhyfMz3%2BLipJ%2FrajLzILCcHf4LJcYyEzqW0%2FuJlR"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 7720ff12ad1db512-OSL
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2

playmaster.co.ke/api/v2/multi

104.21.21.152

200 OK

1.4 kB

URL HTTP/2
playmaster.co.ke/api/v2/multi
IP
104.21.21.152:0
ASN
#13335 CLOUDFLARENET

File type
JSON data\012- , ASCII text, with very long lines (1814), with no line terminators
Size
1.4 kB (1410 bytes)
Hash
3fa2a023f38e423734211a8b2d8c9a83
827bfd59b11c392c8893c0b7c356071ef12fa768
79ac4b242f52596e87bbc71fe77f94d5594bbb276669d1cb08d9070c5d2fba5b

HTTP Headers

POST /api/v2/multi HTTP/1.1
Host: playmaster.co.ke
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/json, text/plain, */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
authorization: 
Content-Type: application/json
Content-Length: 40
Origin: https://playmaster.co.ke
Connection: keep-alive
Referer: https://playmaster.co.ke/en/ucasino_ms
Cookie: web.sid=s%3ApwLvEJc1ti1r5HRszbPTwssvBZxQ4OoH.NDYA6eEVYeg34ZaUW7AU5Z%2Fim5vZBQAuYcPHGCD1TKM
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
date: Wed, 30 Nov 2022 04:56:24 GMT
content-type: application/json; charset=utf-8
x-xss-protection: 1
strict-transport-security: max-age=3600
access-control-allow-origin: http://localhost:9999
vary: Origin
access-control-allow-credentials: true
x-frame-options: SAMEORIGIN
cf-cache-status: DYNAMIC
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=GL18KeC2LHhbVo8oJ469b3DHAYEWU1%2FANK%2BUaC3uLfJhZOtBGEsWB%2FjjOfhF7fGG%2BUwaGZ63KC7javPqyI4hNh0lREqouTO459x8GVw36FGeU6SlHklLb3%2Fwott8OriPatip"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 7720ff11cccdb512-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2

ocsp.digicert.com/

93.184.220.29

200 OK

279 B

URL HTTP/1.1
ocsp.digicert.com/
IP
93.184.220.29:0
ASN
#15133 EDGECAST

File type
data
Size
279 B (279 bytes)
Hash
63554b60bb305a45c430613fd013bbc3
8767dfe76ea8295d596eadc765eabc8a5475ee11
d22618294684c21f2bfdc38a141702c6f08e32a0fbcf0862427c3d9dd849e1f9

HTTP Headers

POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 1830
Cache-Control: max-age=125939
Content-Type: application/ocsp-response
Date: Wed, 30 Nov 2022 04:56:24 GMT
Etag: "63862445-117"
Expires: Thu, 01 Dec 2022 15:55:23 GMT
Last-Modified: Tue, 29 Nov 2022 15:24:53 GMT
Server: ECS (ska/F715)
X-Cache: HIT
Content-Length: 279

my.rtmark.net/p.js?f=sync&lr=1&partner=7f41a83d748afa4f865bfe2300b041dc5fdc50c8d7ce5030d4d425f67296d3b7

139.45.195.8

200 OK

697 B

URL HTTP/2
my.rtmark.net/p.js?f=sync&lr=1&partner=7f41a83d748afa4f865bfe2300b041dc5fdc50c8d7ce5030d4d425f67296d3b7
IP
139.45.195.8:0
ASN
#9002 RETN Limited

File type
ASCII text
Size
697 B (697 bytes)
Hash
c809b47e49ab30ce4531de95bdb2e642
ace06c6d6e6157683b752cb20def9ff29b864208
b3c4ceaf9a6fc3019b3ffefae2b3d055a15cfa4a86dc7cb8e31f6f704716bbd8

HTTP Headers

GET /p.js?f=sync&lr=1&partner=7f41a83d748afa4f865bfe2300b041dc5fdc50c8d7ce5030d4d425f67296d3b7 HTTP/1.1
Host: my.rtmark.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://playmaster.co.ke/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
server: nginx
date: Wed, 30 Nov 2022 04:56:24 GMT
content-type: text/javascript
content-length: 697
access-control-allow-origin: *
access-control-allow-methods: POST, GET, OPTIONS, PUT, DELETE
access-control-allow-headers: Accept, Content-Type, Content-Length, Accept-Encoding, Authorization,X-CSRF-Token
access-control-expose-headers: Authorization
access-control-allow-credentials: true
strict-transport-security: max-age=1
x-content-type-options: nosniff
timing-allow-origin: *, *
X-Firefox-Spdy: h2

my.rtmark.net/p.js?f=sync&lr=1&partner=9f7d9fee71938e979ff3c186172fe99af6fed4d05cd2f164407368f8cad38667

139.45.195.8

200 OK

2.3 kB

URL HTTP/2
my.rtmark.net/p.js?f=sync&lr=1&partner=9f7d9fee71938e979ff3c186172fe99af6fed4d05cd2f164407368f8cad38667
IP
139.45.195.8:0
ASN
#9002 RETN Limited

File type
data
Size
2.3 kB (2331 bytes)
Hash
233c3b89662f620f65149c8d3768428a
ce76da6b287ac7785c698f14b499681fd4828943
072c2f76198c6a80cdfd18ae1f1e14a0d88aa4a3915758e63d3e5c07cda6022c

HTTP Headers

GET /p.js?f=sync&lr=1&partner=9f7d9fee71938e979ff3c186172fe99af6fed4d05cd2f164407368f8cad38667 HTTP/1.1
Host: my.rtmark.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://playmaster.co.ke/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
server: nginx
date: Wed, 30 Nov 2022 04:56:24 GMT
content-type: text/javascript
content-length: 697
access-control-allow-origin: *
access-control-allow-methods: POST, GET, OPTIONS, PUT, DELETE
access-control-allow-headers: Accept, Content-Type, Content-Length, Accept-Encoding, Authorization,X-CSRF-Token
access-control-expose-headers: Authorization
access-control-allow-credentials: true
strict-transport-security: max-age=1
x-content-type-options: nosniff
timing-allow-origin: *, *
X-Firefox-Spdy: h2

my.rtmark.net/img.gif?f=sync&lr=1&partner=458124450432a37bd27e68ab57fa2c7806a129a6e516153febe0dca195779ca0

139.45.195.8

200 OK

43 B

URL HTTP/2
my.rtmark.net/img.gif?f=sync&lr=1&partner=458124450432a37bd27e68ab57fa2c7806a129a6e516153febe0dca195779ca0
IP
139.45.195.8:0
ASN
#9002 RETN Limited

File type
GIF image data, version 89a, 1 x 1\012- data
Size
43 B (43 bytes)
Hash
b4491705564909da7f9eaf749dbbfbb1
279315d507855c6a4351e1e2c2f39dd9cd2fccd8
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

HTTP Headers

GET /img.gif?f=sync&lr=1&partner=458124450432a37bd27e68ab57fa2c7806a129a6e516153febe0dca195779ca0 HTTP/1.1
Host: my.rtmark.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://playmaster.co.ke/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers

HTTP/2 200 OK
server: nginx
date: Wed, 30 Nov 2022 04:56:24 GMT
content-type: image/gif
content-length: 43
access-control-allow-origin: *
access-control-allow-methods: POST, GET, OPTIONS, PUT, DELETE
access-control-allow-headers: Accept, Content-Type, Content-Length, Accept-Encoding, Authorization,X-CSRF-Token
access-control-expose-headers: Authorization
access-control-allow-credentials: true
set-cookie: ID=56b97ba3f8d745a084647e50dc119768; expires=Thu, 30 Nov 2023 04:56:24 GMT; secure; SameSite=None
strict-transport-security: max-age=1
x-content-type-options: nosniff
timing-allow-origin: *, *
X-Firefox-Spdy: h2

my.rtmark.net/img.gif?f=sync&lr=1&partner=0a33899fd0710311f885aa995a362f745b43cf9fa64a57afd98f276247391262

139.45.195.8

200 OK

43 B

URL HTTP/2
my.rtmark.net/img.gif?f=sync&lr=1&partner=0a33899fd0710311f885aa995a362f745b43cf9fa64a57afd98f276247391262
IP
139.45.195.8:0
ASN
#9002 RETN Limited

File type
GIF image data, version 89a, 1 x 1\012- data
Size
43 B (43 bytes)
Hash
b4491705564909da7f9eaf749dbbfbb1
279315d507855c6a4351e1e2c2f39dd9cd2fccd8
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

HTTP Headers

GET /img.gif?f=sync&lr=1&partner=0a33899fd0710311f885aa995a362f745b43cf9fa64a57afd98f276247391262 HTTP/1.1
Host: my.rtmark.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://playmaster.co.ke/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers

HTTP/2 200 OK
server: nginx
date: Wed, 30 Nov 2022 04:56:24 GMT
content-type: image/gif
content-length: 43
access-control-allow-origin: *
access-control-allow-methods: POST, GET, OPTIONS, PUT, DELETE
access-control-allow-headers: Accept, Content-Type, Content-Length, Accept-Encoding, Authorization,X-CSRF-Token
access-control-expose-headers: Authorization
access-control-allow-credentials: true
set-cookie: ID=ccd97cbfb17049dea9b5989b1986f827; expires=Thu, 30 Nov 2023 04:56:24 GMT; secure; SameSite=None
strict-transport-security: max-age=1
x-content-type-options: nosniff
timing-allow-origin: *, *
X-Firefox-Spdy: h2

my.rtmark.net/p.js?f=sync&lr=1&partner=458124450432a37bd27e68ab57fa2c7806a129a6e516153febe0dca195779ca0

139.45.195.8

200 OK

697 B

URL HTTP/2
my.rtmark.net/p.js?f=sync&lr=1&partner=458124450432a37bd27e68ab57fa2c7806a129a6e516153febe0dca195779ca0
IP
139.45.195.8:0
ASN
#9002 RETN Limited

File type
ASCII text
Size
697 B (697 bytes)
Hash
8ea8c8bd7b4a8c06dc3d0bcecbb0f310
e730e1b8d2c46b6d1d31916d8a668a375c8f5200
c14e09a0d72b50111f563843cc7e05cd6f04bf2531d5e3731e2e7c3d76a01dc1

HTTP Headers

GET /p.js?f=sync&lr=1&partner=458124450432a37bd27e68ab57fa2c7806a129a6e516153febe0dca195779ca0 HTTP/1.1
Host: my.rtmark.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://playmaster.co.ke/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
server: nginx
date: Wed, 30 Nov 2022 04:56:24 GMT
content-type: text/javascript
content-length: 697
access-control-allow-origin: *
access-control-allow-methods: POST, GET, OPTIONS, PUT, DELETE
access-control-allow-headers: Accept, Content-Type, Content-Length, Accept-Encoding, Authorization,X-CSRF-Token
access-control-expose-headers: Authorization
access-control-allow-credentials: true
strict-transport-security: max-age=1
x-content-type-options: nosniff
timing-allow-origin: *, *
X-Firefox-Spdy: h2

my.rtmark.net/img.gif?f=sync&lr=1&partner=7f41a83d748afa4f865bfe2300b041dc5fdc50c8d7ce5030d4d425f67296d3b7

139.45.195.8

200 OK

43 B

URL HTTP/2
my.rtmark.net/img.gif?f=sync&lr=1&partner=7f41a83d748afa4f865bfe2300b041dc5fdc50c8d7ce5030d4d425f67296d3b7
IP
139.45.195.8:0
ASN
#9002 RETN Limited

File type
GIF image data, version 89a, 1 x 1\012- data
Size
43 B (43 bytes)
Hash
b4491705564909da7f9eaf749dbbfbb1
279315d507855c6a4351e1e2c2f39dd9cd2fccd8
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

HTTP Headers

GET /img.gif?f=sync&lr=1&partner=7f41a83d748afa4f865bfe2300b041dc5fdc50c8d7ce5030d4d425f67296d3b7 HTTP/1.1
Host: my.rtmark.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://playmaster.co.ke/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
server: nginx
date: Wed, 30 Nov 2022 04:56:24 GMT
content-type: image/gif
content-length: 43
access-control-allow-origin: *
access-control-allow-methods: POST, GET, OPTIONS, PUT, DELETE
access-control-allow-headers: Accept, Content-Type, Content-Length, Accept-Encoding, Authorization,X-CSRF-Token
access-control-expose-headers: Authorization
access-control-allow-credentials: true
set-cookie: ID=89cb0b0a131e4ee5a7134a83c3291196; expires=Thu, 30 Nov 2023 04:56:24 GMT; secure; SameSite=None
strict-transport-security: max-age=1
x-content-type-options: nosniff
timing-allow-origin: *, *
X-Firefox-Spdy: h2

my.rtmark.net/p.js?f=sync&lr=1&partner=0a33899fd0710311f885aa995a362f745b43cf9fa64a57afd98f276247391262

139.45.195.8

200 OK

697 B

URL HTTP/2
my.rtmark.net/p.js?f=sync&lr=1&partner=0a33899fd0710311f885aa995a362f745b43cf9fa64a57afd98f276247391262
IP
139.45.195.8:0
ASN
#9002 RETN Limited

File type
ASCII text
Size
697 B (697 bytes)
Hash
9fc3ae679b63d633b774a21cdef5f000
f152c15b218ebfd5e71e75bb48396a5816b581ec
1cc768fc95debe6461d0ca57e225bfa3c764435db518aca1a401a9ef7d1f84f2

HTTP Headers

GET /p.js?f=sync&lr=1&partner=0a33899fd0710311f885aa995a362f745b43cf9fa64a57afd98f276247391262 HTTP/1.1
Host: my.rtmark.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://playmaster.co.ke/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
server: nginx
date: Wed, 30 Nov 2022 04:56:24 GMT
content-type: text/javascript
content-length: 697
access-control-allow-origin: *
access-control-allow-methods: POST, GET, OPTIONS, PUT, DELETE
access-control-allow-headers: Accept, Content-Type, Content-Length, Accept-Encoding, Authorization,X-CSRF-Token
access-control-expose-headers: Authorization
access-control-allow-credentials: true
strict-transport-security: max-age=1
x-content-type-options: nosniff
timing-allow-origin: *, *
X-Firefox-Spdy: h2

my.rtmark.net/img.gif?f=sync&lr=1&partner=9f7d9fee71938e979ff3c186172fe99af6fed4d05cd2f164407368f8cad38667

139.45.195.8

200 OK

43 B

URL HTTP/2
my.rtmark.net/img.gif?f=sync&lr=1&partner=9f7d9fee71938e979ff3c186172fe99af6fed4d05cd2f164407368f8cad38667
IP
139.45.195.8:0
ASN
#9002 RETN Limited

File type
GIF image data, version 89a, 1 x 1\012- data
Size
43 B (43 bytes)
Hash
b4491705564909da7f9eaf749dbbfbb1
279315d507855c6a4351e1e2c2f39dd9cd2fccd8
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

HTTP Headers

GET /img.gif?f=sync&lr=1&partner=9f7d9fee71938e979ff3c186172fe99af6fed4d05cd2f164407368f8cad38667 HTTP/1.1
Host: my.rtmark.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://playmaster.co.ke/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
server: nginx
date: Wed, 30 Nov 2022 04:56:24 GMT
content-type: image/gif
content-length: 43
access-control-allow-origin: *
access-control-allow-methods: POST, GET, OPTIONS, PUT, DELETE
access-control-allow-headers: Accept, Content-Type, Content-Length, Accept-Encoding, Authorization,X-CSRF-Token
access-control-expose-headers: Authorization
access-control-allow-credentials: true
set-cookie: ID=3a877697843742d897c91d271157d070; expires=Thu, 30 Nov 2023 04:56:24 GMT; secure; SameSite=None
strict-transport-security: max-age=1
x-content-type-options: nosniff
timing-allow-origin: *, *
X-Firefox-Spdy: h2

playmaster.co.ke/api/v2/multi

104.21.21.152

200 OK

824 B

URL HTTP/2
playmaster.co.ke/api/v2/multi
IP
104.21.21.152:0
ASN
#13335 CLOUDFLARENET

File type
JSON data\012- , ASCII text, with no line terminators
Size
824 B (824 bytes)
Hash
b0a3d8bd03bc44807a6c2e1414c72338
63c5d6f1d95075cd2304cc02b8bfa3cdc4ce8153
598f529466c0625f09468126e46506747a133f94512b84f90e5d036ea3762446

HTTP Headers

POST /api/v2/multi HTTP/1.1
Host: playmaster.co.ke
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/json, text/plain, */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
authorization: 
Content-Type: application/json
Content-Length: 107
Origin: https://playmaster.co.ke
Connection: keep-alive
Referer: https://playmaster.co.ke/en/ucasino_ms
Cookie: web.sid=s%3ApwLvEJc1ti1r5HRszbPTwssvBZxQ4OoH.NDYA6eEVYeg34ZaUW7AU5Z%2Fim5vZBQAuYcPHGCD1TKM
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
date: Wed, 30 Nov 2022 04:56:24 GMT
content-type: application/json; charset=utf-8
x-xss-protection: 1
strict-transport-security: max-age=3600
access-control-allow-origin: http://localhost:9999
vary: Origin
access-control-allow-credentials: true
x-frame-options: SAMEORIGIN
cf-cache-status: DYNAMIC
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=o9gRKfyhyfEeD60U8gGUsceOb8e77yuFrQcEBdnhYQ6cp5zDPvN%2B1kndTuz9rsPlzXgMMNqBipWQjwCYN%2B3Cox1nfvRkd%2BqQlLrwThMhzEZ2wkdNROVORZn0LfgCWTdsA8RU"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 7720ff126d09b512-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2

playmaster.co.ke/api/united-casino/get-providers

104.21.21.152

200 OK

21 kB

URL HTTP/2
playmaster.co.ke/api/united-casino/get-providers
IP
104.21.21.152:0
ASN
#13335 CLOUDFLARENET

File type
JSON data\012- , ASCII text, with very long lines (4585), with no line terminators
Size
21 kB (20693 bytes)
Hash
3102a3ecc87ceb88411fcc4734f251a3
45950a9966980bb7b6818a52aa91118843096b44
2ee490bd963ebc0f2cb24ecf2cbdc68c8078007cdb89de8278eb035fc5d1118b

HTTP Headers

POST /api/united-casino/get-providers HTTP/1.1
Host: playmaster.co.ke
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/json, text/plain, */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
authorization: 
Content-Type: application/json
Content-Length: 83
Origin: https://playmaster.co.ke
Connection: keep-alive
Referer: https://playmaster.co.ke/en/ucasino_ms
Cookie: web.sid=s%3ApwLvEJc1ti1r5HRszbPTwssvBZxQ4OoH.NDYA6eEVYeg34ZaUW7AU5Z%2Fim5vZBQAuYcPHGCD1TKM
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
date: Wed, 30 Nov 2022 04:56:24 GMT
content-type: application/json; charset=utf-8
x-xss-protection: 1
strict-transport-security: max-age=3600
access-control-allow-origin: http://localhost:9999
vary: Origin
access-control-allow-credentials: true
x-frame-options: SAMEORIGIN
cf-cache-status: DYNAMIC
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=dNo0bxyXjseWXXw%2FxdbD50RG3iR05YgWUZhFmIym7xnQQW6XQXVKJjj5yzjUA79c8tUrI9Mv07dV%2FROz3qIdfm6EeXzYsRbgco%2B5D8wlQvU3%2FCma2bcFVvd1ERwk3d7L2Vbb"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 7720ff129d19b512-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2

playmaster.co.ke/files/webexIconsDesktop/assets/image/royal-win/userroyalwin.png

104.21.21.152

200 OK

1.1 kB

URL HTTP/2
playmaster.co.ke/files/webexIconsDesktop/assets/image/royal-win/userroyalwin.png
IP
104.21.21.152:0
ASN
#13335 CLOUDFLARENET

File type
PNG image data, 30 x 30, 8-bit/color RGBA, non-interlaced\012- data
Size
1.1 kB (1096 bytes)
Hash
2393c01db2d367b20af71c96dcdb0959
954806468c1ac2dccdfc612d36b139420b81415d
eea8194f4170027e6fbbce7ef6f4a32bc5df662218bf05bd37da12a0acd54183

HTTP Headers

GET /files/webexIconsDesktop/assets/image/royal-win/userroyalwin.png HTTP/1.1
Host: playmaster.co.ke
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://playmaster.co.ke/en/ucasino_ms
Cookie: web.sid=s%3ApwLvEJc1ti1r5HRszbPTwssvBZxQ4OoH.NDYA6eEVYeg34ZaUW7AU5Z%2Fim5vZBQAuYcPHGCD1TKM
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
date: Wed, 30 Nov 2022 04:56:24 GMT
content-type: image/png
content-length: 1096
last-modified: Tue, 29 Nov 2022 12:38:33 GMT
etag: "6385fd49-448"
expires: Thu, 29 Dec 2022 19:07:57 GMT
cache-control: max-age=2592000
x-frame-options: SAMEORIGIN
cf-cache-status: HIT
age: 35306
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=0RYB7KcXQ30XO5xoamnJR7g3eFQqMnuh7mjFVhIrY4JHsIsom9wSChMIKbDw5S5IvUHmNT%2FjtYN28AZrQsl6I1C2ceEmK%2BMy84Jem4hC1G8GmSMCNJbc%2B8OIA9JJiJsUWiRE"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 7720ff142da4b512-OSL
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2

ocsp.sectigo.com/

104.18.32.68

200 OK

471 B

URL HTTP/1.1
ocsp.sectigo.com/
IP
104.18.32.68:0
ASN
#13335 CLOUDFLARENET

File type
data
Size
471 B (471 bytes)
Hash
0379df9b5cab177bf437ac41f2268be4
56db4d2ed92e1cbd13a3950ca0cc72969fbcc354
155885d99d8a1e961d92f649f6838d9bd7039c019930d76ad170a3c5b39e27bc

HTTP Headers

POST / HTTP/1.1
Host: ocsp.sectigo.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Date: Wed, 30 Nov 2022 04:56:25 GMT
Content-Type: application/ocsp-response
Content-Length: 471
Connection: keep-alive
Last-Modified: Sun, 27 Nov 2022 08:20:01 GMT
Expires: Sun, 04 Dec 2022 08:20:00 GMT
Etag: "56db4d2ed92e1cbd13a3950ca0cc72969fbcc354"
Cache-Control: max-age=357215,s-maxage=1800,public,no-transform,must-revalidate
X-CCACDN-Proxy-ID: mcdpinlb1
X-Frame-Options: SAMEORIGIN
CF-Cache-Status: DYNAMIC
Server: cloudflare
CF-RAY: 7720ff131ec2b4e8-OSL

playmaster.co.ke/files/webexIconsDesktop/assets/image/royal-win/popupbackgroundroyalwin.png

104.21.21.152

200 OK

411 kB

URL HTTP/2
playmaster.co.ke/files/webexIconsDesktop/assets/image/royal-win/popupbackgroundroyalwin.png
IP
104.21.21.152:0
ASN
#13335 CLOUDFLARENET

File type
PNG image data, 1083 x 629, 8-bit/color RGBA, non-interlaced\012- data
Size
411 kB (411181 bytes)
Hash
60f5e8780f21b2ccd7640cf68d09e5bf
6c81b2316588c6df88ba0b26a024d947b00af6b9
8698951599b843e5147f60f9ecf6c2f75540d892480c5dce37fa9e4e5ddaf43c

HTTP Headers

GET /files/webexIconsDesktop/assets/image/royal-win/popupbackgroundroyalwin.png HTTP/1.1
Host: playmaster.co.ke
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://playmaster.co.ke/styles.38a40fa341bae485618c.css
Cookie: web.sid=s%3ApwLvEJc1ti1r5HRszbPTwssvBZxQ4OoH.NDYA6eEVYeg34ZaUW7AU5Z%2Fim5vZBQAuYcPHGCD1TKM
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
date: Wed, 30 Nov 2022 04:56:25 GMT
content-type: image/png
content-length: 411181
last-modified: Thu, 17 Nov 2022 13:54:30 GMT
etag: "63763d16-6462d"
expires: Mon, 26 Dec 2022 06:22:50 GMT
cache-control: max-age=2592000
x-frame-options: SAMEORIGIN
cf-cache-status: HIT
age: 340415
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=FXj7k%2FUHYFYB0wq9mReovngEp5hgxGO%2BYy%2FlSUPbKaCVIN44btsjqU8sW5SDQKwJIERMhiY%2FPb9WikGfe0ebvK80zBKlZXHcvflwCZQynFCbRNJy4OM4QymDNrTQ9M0CFUpn"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 7720ff146dbeb512-OSL
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2

embed.tawk.to/5d1e2e8d22d70e36c2a42ca4/default

104.22.24.131

200 OK

151 kB

URL HTTP/2
embed.tawk.to/5d1e2e8d22d70e36c2a42ca4/default
IP
104.22.24.131:0
ASN
#13335 CLOUDFLARENET

File type
ASCII text
Size
151 kB (151264 bytes)
Hash
2a3eb4a97eed9e7f4e0721200bb843e9
6045d87ef1cd71a8f7feadb598aea793e2fa66a8
366d9f867ec42c317a62e03fdc39375c6bbb47144a0e8525236ea28094217df6

HTTP Headers

GET /5d1e2e8d22d70e36c2a42ca4/default HTTP/1.1
Host: embed.tawk.to
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://playmaster.co.ke
Connection: keep-alive
Referer: https://playmaster.co.ke/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
date: Wed, 30 Nov 2022 04:56:24 GMT
content-type: application/x-javascript
access-control-allow-origin: *
cache-control: public, max-age=7200, s-maxage=3600
etag: W/"stable-v4-637ddf31c8f"
vary: Accept-Encoding
strict-transport-security: max-age=0; includeSubDomains; preload
cf-cache-status: HIT
age: 133
x-content-type-options: nosniff
server: cloudflare
cf-ray: 7720ff12ce600b69-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2

playmaster.co.ke/api/v2/multi

104.21.21.152

200 OK

757 B

URL HTTP/2
playmaster.co.ke/api/v2/multi
IP
104.21.21.152:0
ASN
#13335 CLOUDFLARENET

File type
JSON data\012- , ASCII text, with very long lines (395), with no line terminators
Size
757 B (757 bytes)
Hash
9a6b65b031d0b9a473e18f5bf4f91d53
9078df584b841e5930885924e2799e6eeda36bf3
eca5008938701f263f1e481d63ef911c8e64068d8793c25c25257059bac91a50

HTTP Headers

POST /api/v2/multi HTTP/1.1
Host: playmaster.co.ke
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/json, text/plain, */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
authorization: 
Content-Type: application/json
Content-Length: 71
Origin: https://playmaster.co.ke
Connection: keep-alive
Referer: https://playmaster.co.ke/en/ucasino_ms
Cookie: web.sid=s%3ApwLvEJc1ti1r5HRszbPTwssvBZxQ4OoH.NDYA6eEVYeg34ZaUW7AU5Z%2Fim5vZBQAuYcPHGCD1TKM
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
date: Wed, 30 Nov 2022 04:56:24 GMT
content-type: application/json; charset=utf-8
x-xss-protection: 1
strict-transport-security: max-age=3600
access-control-allow-origin: http://localhost:9999
vary: Origin
access-control-allow-credentials: true
x-frame-options: SAMEORIGIN
cf-cache-status: DYNAMIC
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=%2Fh7zsjeVidPIoThuSKF68prhTfhJXKFYjGsXo68n9HUB%2FjJm5eklpAjbiLQJxTJRESqBmCL1GhTPYElvGkVuvH8rwLJWjbX%2B8KQLdSLZv770G1yXQPVLjBJ70b0AOqW5XVQY"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 7720ff11ecddb512-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2

unphionetor.com/vctx?t=95799

139.45.197.236

204 No Content

0 B

URL HTTP/2
unphionetor.com/vctx?t=95799
IP
139.45.197.236:0
ASN
#9002 RETN Limited

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Detections

Analyzer	Verdict	Alert
quad9	Sinkholed

HTTP Headers

GET /vctx?t=95799 HTTP/1.1
Host: unphionetor.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://playmaster.co.ke
Connection: keep-alive
Referer: https://playmaster.co.ke/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 204 No Content
server: nginx
date: Wed, 30 Nov 2022 04:56:25 GMT
access-control-allow-origin: https://playmaster.co.ke
access-control-allow-methods: POST, GET, OPTIONS, PUT, DELETE
access-control-allow-headers: Accept, Content-Type, Content-Length, Accept-Encoding, Authorization,X-CSRF-Token
access-control-expose-headers: Authorization
access-control-allow-credentials: true
pragma: no-cache
cache-control: no-transform, no-store, no-cache, must-revalidate, max-age=0
expires: Tue, 11 Jan 1994 10:00:00 GMT
x-trace-id: 2cbe21b6a992cf5ddfb16f321263d63c
strict-transport-security: max-age=1
x-content-type-options: nosniff
timing-allow-origin: *, *
X-Firefox-Spdy: h2

ocsp.digicert.com/

93.184.220.29

200 OK

279 B

URL HTTP/1.1
ocsp.digicert.com/
IP
93.184.220.29:0
ASN
#15133 EDGECAST

File type
data
Size
279 B (279 bytes)
Hash
5ae03dd5ffb20b4262d67e0651ef95c6
66c99bc6f0ff7f848670e9949dbf97318e7199a8
3567f9b0fd2440ac9bfee2c99eb3f7f9f0d499dcfbd4043df10b11e42f82fa1b

HTTP Headers

POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 3002
Cache-Control: max-age=109126
Content-Type: application/ocsp-response
Date: Wed, 30 Nov 2022 04:56:25 GMT
Etag: "6385de05-117"
Expires: Thu, 01 Dec 2022 11:15:11 GMT
Last-Modified: Tue, 29 Nov 2022 10:25:09 GMT
Server: ECS (amb/6BC6)
X-Cache: HIT
Content-Length: 279

ocsp.digicert.com/

93.184.220.29

200 OK

279 B

URL HTTP/1.1
ocsp.digicert.com/
IP
93.184.220.29:0
ASN
#15133 EDGECAST

File type
data
Size
279 B (279 bytes)
Hash
5ae03dd5ffb20b4262d67e0651ef95c6
66c99bc6f0ff7f848670e9949dbf97318e7199a8
3567f9b0fd2440ac9bfee2c99eb3f7f9f0d499dcfbd4043df10b11e42f82fa1b

HTTP Headers

POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 4953
Cache-Control: max-age=111077
Content-Type: application/ocsp-response
Date: Wed, 30 Nov 2022 04:56:25 GMT
Etag: "6385de05-117"
Expires: Thu, 01 Dec 2022 11:47:42 GMT
Last-Modified: Tue, 29 Nov 2022 10:25:09 GMT
Server: ECS (amb/6B9C)
X-Cache: HIT
Content-Length: 279

playmaster.co.ke/polyfills.0688af4a18ec3a51fe8c.js

104.21.21.152

200 OK

22 kB

URL HTTP/2
playmaster.co.ke/polyfills.0688af4a18ec3a51fe8c.js
IP
104.21.21.152:0
ASN
#13335 CLOUDFLARENET

File type
ASCII text, with very long lines (63231), with no line terminators
Size
22 kB (22094 bytes)
Hash
b34d6f3c6891e92ea12a429496f77443
844f048eea39a9bd56b097d205594cbd8e156a2f
1312bd966af6b1c5290261eda24cfff5af6a8d20e37771535e6fd90ee0eed26c

HTTP Headers

GET /polyfills.0688af4a18ec3a51fe8c.js HTTP/1.1
Host: playmaster.co.ke
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://playmaster.co.ke/en/ucasino_ms
Cookie: web.sid=s%3ApwLvEJc1ti1r5HRszbPTwssvBZxQ4OoH.NDYA6eEVYeg34ZaUW7AU5Z%2Fim5vZBQAuYcPHGCD1TKM
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
date: Wed, 30 Nov 2022 04:56:23 GMT
content-type: application/javascript
last-modified: Tue, 29 Nov 2022 12:44:08 GMT
etag: W/"6385fe98-f6ff"
expires: Thu, 29 Dec 2022 19:07:59 GMT
cache-control: max-age=2592000
x-frame-options: SAMEORIGIN
cf-cache-status: HIT
age: 35304
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=szy86SL6GuLwtD2GmZSH7TqHf74FCQjJNI9BR9kGPult1wwKxw7jdloLFY1fD5S0A4AvC6PLPmcq3%2Fvr5EGOg6hgaJ5mqSijpb4l0i6n%2Fnk57IayIs%2BEmD%2FthDINeChm1rA0"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 7720ff0c6aa6b512-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2

ocsp.digicert.com/

93.184.220.29

200 OK

279 B

URL HTTP/1.1
ocsp.digicert.com/
IP
93.184.220.29:0
ASN
#15133 EDGECAST

File type
data
Size
279 B (279 bytes)
Hash
5ae03dd5ffb20b4262d67e0651ef95c6
66c99bc6f0ff7f848670e9949dbf97318e7199a8
3567f9b0fd2440ac9bfee2c99eb3f7f9f0d499dcfbd4043df10b11e42f82fa1b

HTTP Headers

POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 4953
Cache-Control: max-age=111077
Content-Type: application/ocsp-response
Date: Wed, 30 Nov 2022 04:56:25 GMT
Etag: "6385de05-117"
Expires: Thu, 01 Dec 2022 11:47:42 GMT
Last-Modified: Tue, 29 Nov 2022 10:25:09 GMT
Server: ECS (ska/F710)
X-Cache: HIT
Content-Length: 279

ocsp.digicert.com/

93.184.220.29

200 OK

279 B

URL HTTP/1.1
ocsp.digicert.com/
IP
93.184.220.29:0
ASN
#15133 EDGECAST

File type
data
Size
279 B (279 bytes)
Hash
3f1fa4fbcced728fe7a0b1c6a5df52d6
d3f290e5550c1bdca7c11c1081c85536cb272e67
a645d791e9140152c0a304ed37aca01ae24064415580cc70b384d6639e1a9782

HTTP Headers

POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 1309
Cache-Control: 'max-age=158059'
Content-Type: application/ocsp-response
Date: Wed, 30 Nov 2022 04:56:25 GMT
Etag: "63866b9f-37"
Last-Modified: Wed, 30 Nov 2022 04:34:36 GMT
Server: ECS (ska/F70B)
X-Cache: HIT
Content-Length: 279

ocsp.digicert.com/

93.184.220.29

200 OK

279 B

URL HTTP/1.1
ocsp.digicert.com/
IP
93.184.220.29:0
ASN
#15133 EDGECAST

File type
data
Size
279 B (279 bytes)
Hash
3f1fa4fbcced728fe7a0b1c6a5df52d6
d3f290e5550c1bdca7c11c1081c85536cb272e67
a645d791e9140152c0a304ed37aca01ae24064415580cc70b384d6639e1a9782

HTTP Headers

POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 6012
Cache-Control: max-age=131934
Content-Type: application/ocsp-response
Date: Wed, 30 Nov 2022 04:56:25 GMT
Etag: "63862b5b-117"
Expires: Thu, 01 Dec 2022 17:35:19 GMT
Last-Modified: Tue, 29 Nov 2022 15:55:07 GMT
Server: ECS (amb/6B9C)
X-Cache: HIT
Content-Length: 279

mstatic-ire1.mrslotty.com/CACHE/images/c0c1aa09275d27bf07ca6a2caba014cd.png

172.67.75.17

200 OK

404 kB

URL HTTP/2
mstatic-ire1.mrslotty.com/CACHE/images/c0c1aa09275d27bf07ca6a2caba014cd.png
IP
172.67.75.17:0
ASN
#13335 CLOUDFLARENET

File type
PNG image data, 500 x 500, 8-bit/color RGB, non-interlaced\012- data
Size
404 kB (403671 bytes)
Hash
cea79fc319e378f0b7b3d21f48fc1ef8
b430f549e7c05711c0aa20312fb9dd525f021d7a
e364a9b803ed32bc34bd35e33d86345c1c534d3b63d0662ac458d9d05e2dfaae

HTTP Headers

GET /CACHE/images/c0c1aa09275d27bf07ca6a2caba014cd.png HTTP/1.1
Host: mstatic-ire1.mrslotty.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://playmaster.co.ke/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
date: Wed, 30 Nov 2022 04:56:25 GMT
content-type: image/png
content-length: 403671
cf-bgj: imgq:100,h2pri
cf-polished: origSize=465253
etag: "620f3a9b-71965"
last-modified: Fri, 18 Feb 2022 06:20:11 GMT
cache-control: max-age=5356800
cf-cache-status: HIT
age: 358902
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=sNftIBo%2Bat%2By4cVYkP1V7kIWBFWO5bLRl4orp4bJOfx%2Bl90h52x3Q9BfoZkV7JCTBMvxOBsF7ca8MxlWvXSkXOMNez%2BNoulPcbGu9vN3QJ%2FpiC8HS%2F7Tu7NjgsKrYmWbvkedVhpYZ31KxtE%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 7720ff162f78b505-OSL
X-Firefox-Spdy: h2

propeller-tracking.com/fv.js?t=95799

139.45.197.240

200 OK

2.4 kB

URL HTTP/2
propeller-tracking.com/fv.js?t=95799
IP
139.45.197.240:0
ASN
#9002 RETN Limited

File type
data
Size
2.4 kB (2432 bytes)
Hash
5a19b721f5e64e01461cc50d17a79bf0
1648b74296187b75a0625d778629e656c4939287
76b26766e055f2af187b923b43a4323bb70524cd63a320a1028c14b1e28c4ee5

HTTP Headers

GET /fv.js?t=95799 HTTP/1.1
Host: propeller-tracking.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://playmaster.co.ke/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
server: nginx
date: Wed, 30 Nov 2022 04:56:25 GMT
content-type: text/javascript; charset=utf8
access-control-allow-origin: 
access-control-allow-methods: POST, GET, OPTIONS, PUT, DELETE
access-control-allow-headers: Accept, Content-Type, Content-Length, Accept-Encoding, Authorization,X-CSRF-Token
access-control-expose-headers: Authorization
access-control-allow-credentials: true
pragma: no-cache
cache-control: no-transform, no-store, no-cache, must-revalidate, max-age=0
expires: Tue, 11 Jan 1994 10:00:00 GMT
x-trace-id: 9d6d4b2b60597034ebc52a0f9fed7062
strict-transport-security: max-age=1
x-content-type-options: nosniff
timing-allow-origin: *, *
content-encoding: gzip
X-Firefox-Spdy: h2

playmaster.co.ke/api/v2/multi

104.21.21.152

200 OK

434 kB

URL HTTP/2
playmaster.co.ke/api/v2/multi
IP
104.21.21.152:0
ASN
#13335 CLOUDFLARENET

File type
JSON data\012- , ASCII text, with very long lines (5119), with no line terminators
Size
434 kB (434197 bytes)
Hash
4c32119dd088c63c00922c45576cd475
238f1514db817bac4332aa95b70c2cc0835e2593
27ce271dbbdbf37143ab1a619a8e9072756b746cee14d46d1d7d202ae12c8578

HTTP Headers

POST /api/v2/multi HTTP/1.1
Host: playmaster.co.ke
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/json, text/plain, */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
authorization: 
Content-Type: application/json
Content-Length: 87
Origin: https://playmaster.co.ke
Connection: keep-alive
Referer: https://playmaster.co.ke/en/ucasino_ms
Cookie: web.sid=s%3ApwLvEJc1ti1r5HRszbPTwssvBZxQ4OoH.NDYA6eEVYeg34ZaUW7AU5Z%2Fim5vZBQAuYcPHGCD1TKM
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
date: Wed, 30 Nov 2022 04:56:25 GMT
content-type: application/json; charset=utf-8
x-xss-protection: 1
strict-transport-security: max-age=3600
access-control-allow-origin: http://localhost:9999
vary: Origin
access-control-allow-credentials: true
x-frame-options: SAMEORIGIN
cf-cache-status: DYNAMIC
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=hchxIcXgHj0MpbP9oiPEMcLa1OUQ1gc3Z4ORkLNgWUHNatdAI0Lek37Y7JBAvrdd7gtvBXqr5UawcaaSYEssRfMYEI3V%2BXivRtQwXREpaWZrKbgIeBxiCeBK7O6MEv2ZQpLd"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 7720ff140d96b512-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2

ocsp.digicert.com/

93.184.220.29

200 OK

279 B

URL HTTP/1.1
ocsp.digicert.com/
IP
93.184.220.29:0
ASN
#15133 EDGECAST

File type
data
Size
279 B (279 bytes)
Hash
3f1fa4fbcced728fe7a0b1c6a5df52d6
d3f290e5550c1bdca7c11c1081c85536cb272e67
a645d791e9140152c0a304ed37aca01ae24064415580cc70b384d6639e1a9782

HTTP Headers

POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Accept-Ranges: bytes
Cache-Control: max-age=125922
Content-Type: application/ocsp-response
Date: Wed, 30 Nov 2022 04:56:25 GMT
Etag: "63862b5b-117"
Expires: Thu, 01 Dec 2022 15:55:07 GMT
Last-Modified: Tue, 29 Nov 2022 15:55:07 GMT
Server: nginx
Content-Length: 279

mstatic-ire1.mrslotty.com/CACHE/images/7528d007c63460f9e447530afb33fb48.png

172.67.75.17

200 OK

476 kB

URL HTTP/2
mstatic-ire1.mrslotty.com/CACHE/images/7528d007c63460f9e447530afb33fb48.png
IP
172.67.75.17:0
ASN
#13335 CLOUDFLARENET

File type
PNG image data, 500 x 500, 8-bit/color RGB, non-interlaced\012- data
Size
476 kB (475661 bytes)
Hash
da9d53bd0c5b1047d28ea76465a3ef8e
37c8e2f933e7702e9d27d47b44acad3f0d6250ec
fe2655d3baddfa6b756745cabea7a65ad8c81b17c319b1703e5883e9533cadcd

HTTP Headers

GET /CACHE/images/7528d007c63460f9e447530afb33fb48.png HTTP/1.1
Host: mstatic-ire1.mrslotty.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://playmaster.co.ke/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
date: Wed, 30 Nov 2022 04:56:25 GMT
content-type: image/png
content-length: 475661
cf-bgj: imgq:100,h2pri
cf-polished: origSize=540499
etag: "60225a9e-83f53"
last-modified: Tue, 09 Feb 2021 09:49:18 GMT
cache-control: max-age=5356800
cf-cache-status: HIT
age: 521386
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=j7Bv7xhb%2Bbrdseiy8%2FuzHdkm1hrWxbSwmgc19qCNiLmLAnJhe%2FgdmOTXOMTI0dgmBs6PFKyi7v1RidrNWyou940HEv6hhg8HBhOfHdPhdBuqOuCcOxgfbthqGxjv3AREeWKdREFDmRwIC7s%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 7720ff163f7cb505-OSL
X-Firefox-Spdy: h2

playmaster.co.ke/files/webexIconsDesktop/assets/image/header/logoKenia.svg

104.21.21.152

200 OK

326 kB

URL HTTP/2
playmaster.co.ke/files/webexIconsDesktop/assets/image/header/logoKenia.svg
IP
104.21.21.152:0
ASN
#13335 CLOUDFLARENET

File type
SVG Scalable Vector Graphics image\012- HTML document, ASCII text, with very long lines (45339), with no line terminators
Size
326 kB (326472 bytes)
Hash
0e15751b578ae81a850a45cdd8e3c9ed
337f26242db61901b09e508395222ae99c4a9cc4
e83f51c725a022cdbfdf5e8aff40d3ed81ef38f56dac59d5bcdd018c372c079b

HTTP Headers

GET /files/webexIconsDesktop/assets/image/header/logoKenia.svg HTTP/1.1
Host: playmaster.co.ke
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://playmaster.co.ke/en/ucasino_ms
Cookie: web.sid=s%3ApwLvEJc1ti1r5HRszbPTwssvBZxQ4OoH.NDYA6eEVYeg34ZaUW7AU5Z%2Fim5vZBQAuYcPHGCD1TKM
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
date: Wed, 30 Nov 2022 04:56:24 GMT
content-type: image/svg+xml
last-modified: Tue, 29 Nov 2022 12:38:33 GMT
etag: W/"6385fd49-b11b"
expires: Thu, 29 Dec 2022 19:07:56 GMT
cache-control: max-age=2592000
x-frame-options: SAMEORIGIN
cf-cache-status: HIT
age: 35308
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=KVg1ITbKukSNMyio6seYih%2BghwxeX6JjTbHXHfLty4Gld9BTL8YLYZKtPK04xsoorDe8SzbMK2pNqtR%2BJtG125QvDxRcYAiyW03UF9UtoJHuAy44WCpV41OddqpWVBv%2BODnF"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 7720ff120ce3b512-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2

mstatic-ire1.mrslotty.com/game_sites_media/gloryofrome.jpg

172.67.75.17

200 OK

221 kB

URL HTTP/2
mstatic-ire1.mrslotty.com/game_sites_media/gloryofrome.jpg
IP
172.67.75.17:0
ASN
#13335 CLOUDFLARENET

File type
JPEG image data, Exif standard: [TIFF image data, big-endian, direntries=1, orientation=upper-left], progressive, precision 8, 500x500, components 3\012- data
Size
221 kB (220592 bytes)
Hash
7a6a70182d56a616b76c1c6e848f3be9
7071809c787dedc039fc6a0545170d67a7b2c3ea
97ba6da7b6ddf534398084fd0ea3b839e4656d0b5d9bcb8456432ff8f61cfc9a

HTTP Headers

GET /game_sites_media/gloryofrome.jpg HTTP/1.1
Host: mstatic-ire1.mrslotty.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://playmaster.co.ke/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
date: Wed, 30 Nov 2022 04:56:25 GMT
content-type: image/jpeg
content-length: 220592
cf-bgj: imgq:100,h2pri
cf-polished: origSize=793948
etag: "633940f8-c1d5c"
last-modified: Sun, 02 Oct 2022 07:42:48 GMT
cache-control: max-age=5356800
cf-cache-status: HIT
age: 127183
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=%2Fblx7pNCRMr3oJh2sE1G3bK6E5jn8aTWPLdDVWUx1bLKf8%2FTX1rvU9xQ55mlO9vhHD9HgswGgcI3p2k1d6VWmueKaVnokB9LskWdKyDZ4EX%2FIGQO86nToo9RXupwp7Pi%2BK1iL9euysu5iJM%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 7720ff169f99b505-OSL
X-Firefox-Spdy: h2

mstatic-ire1.mrslotty.com/CACHE/images/ce4fb08304b2d61008ddd804d109f6b3.png

172.67.75.17

200 OK

284 kB

URL HTTP/2
mstatic-ire1.mrslotty.com/CACHE/images/ce4fb08304b2d61008ddd804d109f6b3.png
IP
172.67.75.17:0
ASN
#13335 CLOUDFLARENET

File type
PNG image data, 500 x 500, 8-bit/color RGB, non-interlaced\012- data
Size
284 kB (284443 bytes)
Hash
d2f81646f6cfa6c54375c83078b2dad4
67174f2cb2c56f020158db9f9e50b07dda62e718
249c2b6095b7a42cf1ce6ba53baf8271117a1ab0fdbcfaefd5f224038f93d9b0

HTTP Headers

GET /CACHE/images/ce4fb08304b2d61008ddd804d109f6b3.png HTTP/1.1
Host: mstatic-ire1.mrslotty.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://playmaster.co.ke/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
date: Wed, 30 Nov 2022 04:56:25 GMT
content-type: image/png
content-length: 284443
cf-bgj: imgq:100,h2pri
cf-polished: origSize=320474
etag: "616d8058-4e3da"
last-modified: Mon, 18 Oct 2021 14:10:32 GMT
cache-control: max-age=5356800
cf-cache-status: HIT
age: 151893
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=PkqINuXZvWghlrdMOwsCptEv7SFvXvqncTZSw0TrrQASvMivpV1pziP8RSeEQxFyh9x0Rn8R4%2BU7C46uHlbj2emIg1vd27lDIBxerFYD5fDEdoJVIWRFrH0cDIOS6ICFYLpAoqDvcTEnpIo%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 7720ff169f9ab505-OSL
X-Firefox-Spdy: h2

my.rtmark.net/img.gif?f=sync&partner=7f41a83d748afa4f865bfe2300b041dc5fdc50c8d7ce5030d4d425f67296d3b7&ttl=&rurl=https%3A%2F%2Fplaymaster.co.ke%2Fen%2Fucasino_ms

139.45.195.8

200 OK

43 B

URL HTTP/2
my.rtmark.net/img.gif?f=sync&partner=7f41a83d748afa4f865bfe2300b041dc5fdc50c8d7ce5030d4d425f67296d3b7&ttl=&rurl=https%3A%2F%2Fplaymaster.co.ke%2Fen%2Fucasino_ms
IP
139.45.195.8:0
ASN
#9002 RETN Limited

File type
GIF image data, version 89a, 1 x 1\012- data
Size
43 B (43 bytes)
Hash
b4491705564909da7f9eaf749dbbfbb1
279315d507855c6a4351e1e2c2f39dd9cd2fccd8
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

HTTP Headers

GET /img.gif?f=sync&partner=7f41a83d748afa4f865bfe2300b041dc5fdc50c8d7ce5030d4d425f67296d3b7&ttl=&rurl=https%3A%2F%2Fplaymaster.co.ke%2Fen%2Fucasino_ms HTTP/1.1
Host: my.rtmark.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://playmaster.co.ke/
Cookie: ID=3a877697843742d897c91d271157d070
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers

HTTP/2 200 OK
server: nginx
date: Wed, 30 Nov 2022 04:56:25 GMT
content-type: image/gif
content-length: 43
access-control-allow-origin: *
access-control-allow-methods: POST, GET, OPTIONS, PUT, DELETE
access-control-allow-headers: Accept, Content-Type, Content-Length, Accept-Encoding, Authorization,X-CSRF-Token
access-control-expose-headers: Authorization
access-control-allow-credentials: true
set-cookie: ID=3a877697843742d897c91d271157d070; expires=Thu, 30 Nov 2023 04:56:25 GMT; secure; SameSite=None
strict-transport-security: max-age=1
x-content-type-options: nosniff
timing-allow-origin: *, *
X-Firefox-Spdy: h2

gis.slotegrator.com/api/index.php/image/get?hash=ae40c00585a4c901a3286f8202d11ae1fdc65857.png

104.26.0.133

200 OK

22 kB

URL HTTP/2
gis.slotegrator.com/api/index.php/image/get?hash=ae40c00585a4c901a3286f8202d11ae1fdc65857.png
IP
104.26.0.133:0
ASN
#13335 CLOUDFLARENET

File type
PNG image data, 287 x 193, 8-bit colormap, non-interlaced\012- data
Size
22 kB (21581 bytes)
Hash
9fe425d4849f7fadc947d8143ae5a15f
df7e8b99e0f9f953bdac94ca7080d0dcd6d93364
d556b5d88dab35bd1a0174ebd24778a0c1847e51348ab3a7eb488d2e4136b758

HTTP Headers

GET /api/index.php/image/get?hash=ae40c00585a4c901a3286f8202d11ae1fdc65857.png HTTP/1.1
Host: gis.slotegrator.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://playmaster.co.ke/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
date: Wed, 30 Nov 2022 04:56:25 GMT
content-type: image/png
cache-control: max-age=2678400
cf-cache-status: HIT
age: 2838
last-modified: Wed, 30 Nov 2022 04:09:07 GMT
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=%2FpjUiHnJqE%2FKLAbZ20nM24m8XcTyp0pSnSAXrbqRszpAnoIskfNdGNSLrFEAtwMwKJE5dbe89Bh3w8dGBTuUNuIvCdvAe8E0vtieOC4Qfm%2B%2F32YDfOpEKh7suzv2Q%2BZ98wwEWTk%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 7720ff1629e5b4ff-OSL
X-Firefox-Spdy: h2

my.rtmark.net/img.gif?f=sync&partner=9f7d9fee71938e979ff3c186172fe99af6fed4d05cd2f164407368f8cad38667&ttl=&rurl=https%3A%2F%2Fplaymaster.co.ke%2Fen%2Fucasino_ms

139.45.195.8

200 OK

43 B

URL HTTP/2
my.rtmark.net/img.gif?f=sync&partner=9f7d9fee71938e979ff3c186172fe99af6fed4d05cd2f164407368f8cad38667&ttl=&rurl=https%3A%2F%2Fplaymaster.co.ke%2Fen%2Fucasino_ms
IP
139.45.195.8:0
ASN
#9002 RETN Limited

File type
GIF image data, version 89a, 1 x 1\012- data
Size
43 B (43 bytes)
Hash
b4491705564909da7f9eaf749dbbfbb1
279315d507855c6a4351e1e2c2f39dd9cd2fccd8
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

HTTP Headers

GET /img.gif?f=sync&partner=9f7d9fee71938e979ff3c186172fe99af6fed4d05cd2f164407368f8cad38667&ttl=&rurl=https%3A%2F%2Fplaymaster.co.ke%2Fen%2Fucasino_ms HTTP/1.1
Host: my.rtmark.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://playmaster.co.ke/
Cookie: ID=3a877697843742d897c91d271157d070
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers

HTTP/2 200 OK
server: nginx
date: Wed, 30 Nov 2022 04:56:25 GMT
content-type: image/gif
content-length: 43
access-control-allow-origin: *
access-control-allow-methods: POST, GET, OPTIONS, PUT, DELETE
access-control-allow-headers: Accept, Content-Type, Content-Length, Accept-Encoding, Authorization,X-CSRF-Token
access-control-expose-headers: Authorization
access-control-allow-credentials: true
set-cookie: ID=3a877697843742d897c91d271157d070; expires=Thu, 30 Nov 2023 04:56:25 GMT; secure; SameSite=None
strict-transport-security: max-age=1
x-content-type-options: nosniff
timing-allow-origin: *, *
X-Firefox-Spdy: h2

my.rtmark.net/img.gif?f=sync&partner=0a33899fd0710311f885aa995a362f745b43cf9fa64a57afd98f276247391262&ttl=&rurl=https%3A%2F%2Fplaymaster.co.ke%2Fen%2Fucasino_ms

139.45.195.8

200 OK

43 B

URL HTTP/2
my.rtmark.net/img.gif?f=sync&partner=0a33899fd0710311f885aa995a362f745b43cf9fa64a57afd98f276247391262&ttl=&rurl=https%3A%2F%2Fplaymaster.co.ke%2Fen%2Fucasino_ms
IP
139.45.195.8:0
ASN
#9002 RETN Limited

File type
GIF image data, version 89a, 1 x 1\012- data
Size
43 B (43 bytes)
Hash
b4491705564909da7f9eaf749dbbfbb1
279315d507855c6a4351e1e2c2f39dd9cd2fccd8
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

HTTP Headers

GET /img.gif?f=sync&partner=0a33899fd0710311f885aa995a362f745b43cf9fa64a57afd98f276247391262&ttl=&rurl=https%3A%2F%2Fplaymaster.co.ke%2Fen%2Fucasino_ms HTTP/1.1
Host: my.rtmark.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://playmaster.co.ke/
Cookie: ID=3a877697843742d897c91d271157d070
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers

HTTP/2 200 OK
server: nginx
date: Wed, 30 Nov 2022 04:56:25 GMT
content-type: image/gif
content-length: 43
access-control-allow-origin: *
access-control-allow-methods: POST, GET, OPTIONS, PUT, DELETE
access-control-allow-headers: Accept, Content-Type, Content-Length, Accept-Encoding, Authorization,X-CSRF-Token
access-control-expose-headers: Authorization
access-control-allow-credentials: true
set-cookie: ID=3a877697843742d897c91d271157d070; expires=Thu, 30 Nov 2023 04:56:25 GMT; secure; SameSite=None
strict-transport-security: max-age=1
x-content-type-options: nosniff
timing-allow-origin: *, *
X-Firefox-Spdy: h2

d1b82hscw3e9o2.cloudfront.net/media/images/slots/small/hs/jpg/hs-outlaws-inc.jpg

54.230.245.85

200 OK

44 kB

URL HTTP/1.1
d1b82hscw3e9o2.cloudfront.net/media/images/slots/small/hs/jpg/hs-outlaws-inc.jpg
IP
54.230.245.85:0
ASN
#16509 AMAZON-02

File type
JPEG image data, Exif standard: [TIFF image data, little-endian, direntries=0], baseline, precision 8, 300x200, components 3\012- data
Size
44 kB (44338 bytes)
Hash
85bc76fea90d55a072eca33dd839614e
ccc4ee2d90c6fecb2d19b5fd8c15c73789701e97
08d3b368950a8ff9a2b6b8d907d28d9eace27475778c9f5743b5896cd6ba63ca

HTTP Headers

GET /media/images/slots/small/hs/jpg/hs-outlaws-inc.jpg HTTP/1.1
Host: d1b82hscw3e9o2.cloudfront.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://playmaster.co.ke/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/1.1 200 OK
Content-Type: image/jpeg
Transfer-Encoding: chunked
Connection: keep-alive
Server: nginx
Date: Tue, 29 Nov 2022 14:25:11 GMT
Last-Modified: Thu, 16 Jun 2022 08:51:33 GMT
Content-Encoding: gzip
ETag: W/"ae80-5e18cbea5dcc3"
Vary: Accept-Encoding
X-Cache: Hit from cloudfront
Via: 1.1 a343e36742f64defd0a2caf1f96ff772.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-P1
X-Amz-Cf-Id: veQOppbY1NyOmBwfI1x5hNyPjKYApcnhQvuZXSAZb8g2lnGy24lmgw==
Age: 52274

ocsp.pki.goog/gts1c3

142.250.74.131

200 OK

472 B

URL HTTP/1.1
ocsp.pki.goog/gts1c3
IP
142.250.74.131:0
ASN
#15169 GOOGLE

File type
data
Size
472 B (472 bytes)
Hash
33f732b4dfbd5fb3ed7345eba2896fe6
2652f214cf7127302cc65b1d4e42f48a80907d5d
904ce722469d356f8ec20c14bd51ca3ce459012ea0869f7d14821a963310a494

HTTP Headers

POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Wed, 30 Nov 2022 04:56:25 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

gis.slotegrator.com/api/index.php/image/get?hash=2ac8815463ca8d3847aedf106560e9447142bb41.png

104.26.0.133

200 OK

74 kB

URL HTTP/2
gis.slotegrator.com/api/index.php/image/get?hash=2ac8815463ca8d3847aedf106560e9447142bb41.png
IP
104.26.0.133:0
ASN
#13335 CLOUDFLARENET

File type
PNG image data, 287 x 193, 8-bit colormap, non-interlaced\012- data
Size
74 kB (73555 bytes)
Hash
e6dcf9e8f4d3e0f71ab162e5ec377306
7d95c1e6efd4c757a1683e2597c815a8bd304668
610523b9c0cbe1641224a53f33dd3b2fcf5266644cf3ba58883c645c661fbe14

HTTP Headers

GET /api/index.php/image/get?hash=2ac8815463ca8d3847aedf106560e9447142bb41.png HTTP/1.1
Host: gis.slotegrator.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://playmaster.co.ke/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
date: Wed, 30 Nov 2022 04:56:25 GMT
content-type: image/png
cache-control: max-age=2678400
cf-cache-status: MISS
last-modified: Wed, 30 Nov 2022 04:56:25 GMT
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=YCPJ3xR7He8Towlz3v7Bq4HlvmQNpltuh29PgeS5AYeG%2BbIaDDpZ%2BgI0Ms%2BY6XHR3%2FU%2Fuk3F9aHhQjaxGedQHkYZSTpN08bz46QTWzuEVeNmCfITxkpYoTX6hnXawTV6%2Bj%2F%2BAoU%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 7720ff1609d2b4ff-OSL
X-Firefox-Spdy: h2

d1b82hscw3e9o2.cloudfront.net/media/images/slots/small/hs/jpg/hs-hand-of-anubis.jpg

54.230.245.85

200 OK

30 kB

URL HTTP/1.1
d1b82hscw3e9o2.cloudfront.net/media/images/slots/small/hs/jpg/hs-hand-of-anubis.jpg
IP
54.230.245.85:0
ASN
#16509 AMAZON-02

File type
JPEG image data, Exif standard: [TIFF image data, little-endian, direntries=0], baseline, precision 8, 300x200, components 3\012- data
Size
30 kB (30073 bytes)
Hash
61a531a9195b5f6898cc295cb9972ebd
defc66fb54beef866ff35aa878c8958db295ba77
8aa7ea96ba1312cc4002bea35c387d7c8fb7f684fc53ddf82f3716872fa4e7f6

HTTP Headers

GET /media/images/slots/small/hs/jpg/hs-hand-of-anubis.jpg HTTP/1.1
Host: d1b82hscw3e9o2.cloudfront.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://playmaster.co.ke/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/1.1 200 OK
Content-Type: image/jpeg
Transfer-Encoding: chunked
Connection: keep-alive
Server: nginx
Last-Modified: Thu, 21 Apr 2022 06:24:44 GMT
Content-Encoding: gzip
Date: Tue, 29 Nov 2022 16:50:12 GMT
ETag: W/"76dc-5dd242a779708"
Vary: Accept-Encoding
X-Cache: Hit from cloudfront
Via: 1.1 4c07121ca6e32bcda85cc9091b92050e.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-P1
X-Amz-Cf-Id: 2Q6Mka1wNPlScCO08LEX070z60hwxR68ahTA-pXWyeIkDlr6cXiIKw==
Age: 43573

d1b82hscw3e9o2.cloudfront.net/media/images/slots/small/no/jpg/no-xways-hoarder-xsplit.jpg

54.230.245.85

200 OK

38 kB

URL HTTP/1.1
d1b82hscw3e9o2.cloudfront.net/media/images/slots/small/no/jpg/no-xways-hoarder-xsplit.jpg
IP
54.230.245.85:0
ASN
#16509 AMAZON-02

File type
JPEG image data, Exif standard: [TIFF image data, little-endian, direntries=0], baseline, precision 8, 300x200, components 3\012- data
Size
38 kB (38072 bytes)
Hash
dbc0a4b26ce02bc65fd68441edb0ad9a
f64e26aaf4a1f78fa7d86409827a6f88859c4f48
bca76b5b9435b7eb5702f9cef8c56ddde7aee3938b59cb6f76aa6990758d5724

HTTP Headers

GET /media/images/slots/small/no/jpg/no-xways-hoarder-xsplit.jpg HTTP/1.1
Host: d1b82hscw3e9o2.cloudfront.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://playmaster.co.ke/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/1.1 200 OK
Content-Type: image/jpeg
Transfer-Encoding: chunked
Connection: keep-alive
Server: nginx
Date: Tue, 29 Nov 2022 08:04:06 GMT
Last-Modified: Fri, 02 Jul 2021 07:43:42 GMT
ETag: W/"961c-5c61f1d5fbd7c"
Content-Encoding: gzip
Vary: Accept-Encoding
X-Cache: Hit from cloudfront
Via: 1.1 8ac66e1d6983a0f44cf391b1ec3b1cce.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-P1
X-Amz-Cf-Id: tHM0Zo5QIfftsMB1E6coVi0Z2rmBS8FpbOck5eFZdaW5BtRLeusubQ==
Age: 75139

www.google-analytics.com/analytics.js

142.250.74.110

200 OK

20 kB

URL HTTP/2
www.google-analytics.com/analytics.js
IP
142.250.74.110:0
ASN
#15169 GOOGLE

File type
ASCII text, with very long lines (1325)
Size
20 kB (20039 bytes)
Hash
47e6f374ca946fddd5b59871b325736c
baa9282efc8785e84d247c3bff518eaa45f101c4
16580b5c87c58e5702e411f1888fdef511094e4cd6d62bb47d16291ffb25985e

HTTP Headers

GET /analytics.js HTTP/1.1
Host: www.google-analytics.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://playmaster.co.ke/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
strict-transport-security: max-age=10886400; includeSubDomains; preload
x-content-type-options: nosniff
vary: Accept-Encoding
content-encoding: gzip
cross-origin-resource-policy: cross-origin
server: Golfe2
content-length: 20039
date: Wed, 30 Nov 2022 04:41:08 GMT
expires: Wed, 30 Nov 2022 06:41:08 GMT
cache-control: public, max-age=7200
age: 917
last-modified: Tue, 27 Sep 2022 22:01:05 GMT
content-type: text/javascript
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2

gis.slotegrator.com/api/index.php/image/get?hash=84b705dfbd5a8cf21e3ac794e96cc7549a8e8e1a.png

104.26.0.133

200 OK

77 kB

URL HTTP/2
gis.slotegrator.com/api/index.php/image/get?hash=84b705dfbd5a8cf21e3ac794e96cc7549a8e8e1a.png
IP
104.26.0.133:0
ASN
#13335 CLOUDFLARENET

File type
PNG image data, 287 x 193, 8-bit colormap, non-interlaced\012- data
Size
77 kB (76705 bytes)
Hash
f7decac7938f701de4c9e2a9f95581cd
3e1e416839fa49a0c39e2b8a073412ac7de34e1c
99bdfeeea93d3a86119530d4dd254c0c69f109655e9b886f5077387cfad4c246

HTTP Headers

GET /api/index.php/image/get?hash=84b705dfbd5a8cf21e3ac794e96cc7549a8e8e1a.png HTTP/1.1
Host: gis.slotegrator.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://playmaster.co.ke/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
date: Wed, 30 Nov 2022 04:56:25 GMT
content-type: image/png
cache-control: max-age=2678400
cf-cache-status: MISS
last-modified: Wed, 30 Nov 2022 04:56:25 GMT
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=sSliksv2JkYxAg7a%2FzYVqtE10QGmOtwuhW0KPXpSwUSd3RYr1AXcQ0ioMh6SVwEo4t%2FVTlvMWD2o7qxYwrXZjVHL%2FKr2g1cTlHfng1KypKv6IRRaN8X%2Fc5IigY3WGVriXAgMdHs%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 7720ff1619dab4ff-OSL
X-Firefox-Spdy: h2

ocsp.pki.goog/gts1c3

142.250.74.131

200 OK

472 B

URL HTTP/1.1
ocsp.pki.goog/gts1c3
IP
142.250.74.131:0
ASN
#15169 GOOGLE

File type
data
Size
472 B (472 bytes)
Hash
33f732b4dfbd5fb3ed7345eba2896fe6
2652f214cf7127302cc65b1d4e42f48a80907d5d
904ce722469d356f8ec20c14bd51ca3ce459012ea0869f7d14821a963310a494

HTTP Headers

POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Wed, 30 Nov 2022 04:56:25 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

www.google-analytics.com/j/collect?v=1&_v=j98&a=1197003489&t=pageview&_s=1&dl=https%3A%2F%2Fplaymaster.co.ke%2Fen%2Fucasino_ms&ul=en-us&de=UTF-8&dt=PlayMaster%20Kenya%20%7C%20Online%20Casino%20%7C%20Slots%20%7C%20Live%20Casino&sd=24-bit&sr=1280x1024&vp=1280x939&je=0&_u=IEBAAEABAAAAACAAI~&jid=1993636381&gjid=1554785982&cid=644440792.1669784185&tid=UA-90610526-6&_gid=1128866103.1669784185&_r=1&_slc=1&z=1320211410

142.250.74.110

200 OK

4 B

URL HTTP/2
www.google-analytics.com/j/collect?v=1&_v=j98&a=1197003489&t=pageview&_s=1&dl=https%3A%2F%2Fplaymaster.co.ke%2Fen%2Fucasino_ms&ul=en-us&de=UTF-8&dt=PlayMaster%20Kenya%20%7C%20Online%20Casino%20%7C%20Slots%20%7C%20Live%20Casino&sd=24-bit&sr=1280x1024&vp=1280x939&je=0&_u=IEBAAEABAAAAACAAI~&jid=1993636381&gjid=1554785982&cid=644440792.1669784185&tid=UA-90610526-6&_gid=1128866103.1669784185&_r=1&_slc=1&z=1320211410
IP
142.250.74.110:0
ASN
#15169 GOOGLE

File type
ASCII text, with no line terminators
Size
4 B (4 bytes)
Hash
9e92e190700c1af4539b40c2171320a9
209bcdb79e6067b51091ce8586d4b977f25b67d8
aec60bc104db041b1512185839f18f52986df7e569e5445f740dd60f763fbca8

HTTP Headers

POST /j/collect?v=1&_v=j98&a=1197003489&t=pageview&_s=1&dl=https%3A%2F%2Fplaymaster.co.ke%2Fen%2Fucasino_ms&ul=en-us&de=UTF-8&dt=PlayMaster%20Kenya%20%7C%20Online%20Casino%20%7C%20Slots%20%7C%20Live%20Casino&sd=24-bit&sr=1280x1024&vp=1280x939&je=0&_u=IEBAAEABAAAAACAAI~&jid=1993636381&gjid=1554785982&cid=644440792.1669784185&tid=UA-90610526-6&_gid=1128866103.1669784185&_r=1&_slc=1&z=1320211410 HTTP/1.1
Host: www.google-analytics.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: text/plain
Content-Length: 0
Origin: https://playmaster.co.ke
Connection: keep-alive
Referer: https://playmaster.co.ke/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers

HTTP/2 200 OK
access-control-allow-origin: https://playmaster.co.ke
date: Wed, 30 Nov 2022 04:56:25 GMT
pragma: no-cache
expires: Fri, 01 Jan 1990 00:00:00 GMT
cache-control: no-cache, no-store, must-revalidate
last-modified: Sun, 17 May 1998 03:00:00 GMT
access-control-allow-credentials: true
x-content-type-options: nosniff
content-type: text/plain
cross-origin-resource-policy: cross-origin
server: Golfe2
content-length: 4
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2

script.hotjar.com/modules.fb61877307ee2cbdddd8.js

143.204.55.96

200 OK

69 kB

URL HTTP/2
script.hotjar.com/modules.fb61877307ee2cbdddd8.js
IP
143.204.55.96:0
ASN
#16509 AMAZON-02

File type
Unicode text, UTF-8 text, with very long lines (48714)
Size
69 kB (68686 bytes)
Hash
83b19b8f1226afd21aa19be455afda7e
fae192c39c07152703f176652331b0012c642d64
29d4b3c00c20eefcbe98d8e99a16a64314bfb599eaf90153754c5a3c6375f87a

HTTP Headers

GET /modules.fb61877307ee2cbdddd8.js HTTP/1.1
Host: script.hotjar.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://playmaster.co.ke/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
content-type: application/javascript
content-length: 68686
date: Tue, 29 Nov 2022 13:13:06 GMT
accept-ranges: bytes
access-control-allow-origin: *
cache-control: max-age=31536000
content-encoding: br
cross-origin-resource-policy: cross-origin
etag: "83b19b8f1226afd21aa19be455afda7e"
last-modified: Tue, 29 Nov 2022 13:12:54 GMT
strict-transport-security: max-age=2592000; includeSubDomains
x-content-type-options: nosniff
x-robots-tag: none
vary: Accept-Encoding
x-cache: Hit from cloudfront
via: 1.1 475d4ecb64796af058573c6f1048e898.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-C1
x-amz-cf-id: iDqSBSUT0ptyazpspcULvgDBLkXYGMGNYmqqqLYGWuzGLJKOoHH8og==
age: 56599
X-Firefox-Spdy: h2

vars.hotjar.com/box-5e66f98b4ee957db209dc6f63e3d59dd.html

143.204.55.105

200 OK

1.0 kB

URL HTTP/2
vars.hotjar.com/box-5e66f98b4ee957db209dc6f63e3d59dd.html
IP
143.204.55.105:0
ASN
#16509 AMAZON-02

File type
HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text, with very long lines (2368), with no line terminators
Size
1.0 kB (1035 bytes)
Hash
e0652b84b7b3b650769c759fc520c3f8
0b55d6e28613350c7f41b88f19e726e6751ad03b
94b4c240f83065223dcacdd3f8b69cb229d0616edc3e2041eef3e270d859fc3d

HTTP Headers

GET /box-5e66f98b4ee957db209dc6f63e3d59dd.html HTTP/1.1
Host: vars.hotjar.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://playmaster.co.ke/
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
content-type: text/html
content-length: 1035
date: Wed, 23 Nov 2022 13:10:06 GMT
accept-ranges: bytes
cache-control: max-age=31536000
content-encoding: br
cross-origin-embedder-policy: require-corp
cross-origin-resource-policy: cross-origin
etag: "e0652b84b7b3b650769c759fc520c3f8"
last-modified: Wed, 23 Nov 2022 13:09:18 GMT
strict-transport-security: max-age=2592000; includeSubDomains
x-robots-tag: none
vary: Accept-Encoding
x-cache: Hit from cloudfront
via: 1.1 095562e8748e634f880ee3c4ada2b6d0.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-C1
x-amz-cf-id: vS52fGUlwMvHiznJs7ZdXzHyFJDDo5fqNot7tVaeM7YvE5AhmI0Jvw==
age: 575179
X-Firefox-Spdy: h2

unphionetor.com/vbl?t=95799&bid=undefined&aid=undefined

139.45.197.236

204 No Content

0 B

URL HTTP/2
unphionetor.com/vbl?t=95799&bid=undefined&aid=undefined
IP
139.45.197.236:0
ASN
#9002 RETN Limited

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Detections

Analyzer	Verdict	Alert
quad9	Sinkholed

HTTP Headers

POST /vbl?t=95799&bid=undefined&aid=undefined HTTP/1.1
Host: unphionetor.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://playmaster.co.ke
Connection: keep-alive
Referer: https://playmaster.co.ke/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Content-Length: 0
TE: trailers

HTTP/2 204 No Content
server: nginx
date: Wed, 30 Nov 2022 04:56:25 GMT
access-control-allow-origin: https://playmaster.co.ke
access-control-allow-methods: POST, GET, OPTIONS, PUT, DELETE
access-control-allow-headers: Accept, Content-Type, Content-Length, Accept-Encoding, Authorization,X-CSRF-Token
access-control-expose-headers: Authorization
access-control-allow-credentials: true
pragma: no-cache
cache-control: no-transform, no-store, no-cache, must-revalidate, max-age=0
expires: Tue, 11 Jan 1994 10:00:00 GMT
x-trace-id: 7afe0f0a0ec31004f75ce2d70ad95fe9
strict-transport-security: max-age=1
x-content-type-options: nosniff
timing-allow-origin: *, *
X-Firefox-Spdy: h2

r3.o.lencr.org/

23.36.77.32

200 OK

503 B

URL HTTP/1.1
r3.o.lencr.org/
IP
23.36.77.32:0
ASN
#20940 Akamai International B.V.

File type
data
Size
503 B (503 bytes)
Hash
ac3edd07bb0a4ebdaae6ec26e91d2079
b6efe3811dfa37cdcde1e9d411c171732ac7e12a
c5dbd471d178ae4505b28e30aee1e8eed77fffd81b9f7815ad2bda1a0d09a02c

HTTP Headers

POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "C5DBD471D178AE4505B28E30AEE1E8EED77FFFD81B9F7815AD2BDA1A0D09A02C"
Last-Modified: Mon, 28 Nov 2022 21:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=8396
Expires: Wed, 30 Nov 2022 07:16:21 GMT
Date: Wed, 30 Nov 2022 04:56:25 GMT
Connection: keep-alive

ocsp.pki.goog/gts1c3

142.250.74.131

200 OK

472 B

URL HTTP/1.1
ocsp.pki.goog/gts1c3
IP
142.250.74.131:0
ASN
#15169 GOOGLE

File type
data
Size
472 B (472 bytes)
Hash
5d950b70d3b1532276ed817249b72618
dca7faf727b8afdd481c8f8bcc3e9129fdadadc3
afe3fbe5f269179e18a66ca806664b7f96b903150b364129e2f2b30087198e34

HTTP Headers

POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Wed, 30 Nov 2022 04:56:25 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

embed.tawk.to/_s/v4/app/637ddf31c8f/js/twk-main.js

104.22.24.131

200 OK

597 B

URL HTTP/2
embed.tawk.to/_s/v4/app/637ddf31c8f/js/twk-main.js
IP
104.22.24.131:0
ASN
#13335 CLOUDFLARENET

File type
ASCII text, with no line terminators
Size
597 B (597 bytes)
Hash
4a30abca030c67c9be260093ecd42bc9
607f6f0545d40c38cdc98fdcf3b735350b7ba8ff
16249e48360cfac6f0c488055016469f4c8fb4e0371547278e96e9b8b286aefe

HTTP Headers

GET /_s/v4/app/637ddf31c8f/js/twk-main.js HTTP/1.1
Host: embed.tawk.to
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://playmaster.co.ke
Connection: keep-alive
Referer: https://playmaster.co.ke/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers

HTTP/2 200 OK
date: Wed, 30 Nov 2022 04:56:25 GMT
content-type: application/javascript
age: 132
last-modified: Wed, 23 Nov 2022 08:52:37 GMT
etag: W/"da5bb1dc647470204df0e49f5afac2de"
access-control-allow-origin: *
cache-control: public, max-age=2592000, immutable
x-cache-status: HIT
strict-transport-security: max-age=0; includeSubDomains; preload
cf-cache-status: HIT
vary: Accept-Encoding
x-content-type-options: nosniff
server: cloudflare
cf-ray: 7720ff19683d0b69-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2

r3.o.lencr.org/

23.36.77.32

200 OK

503 B

URL HTTP/1.1
r3.o.lencr.org/
IP
23.36.77.32:0
ASN
#20940 Akamai International B.V.

File type
data
Size
503 B (503 bytes)
Hash
ac3edd07bb0a4ebdaae6ec26e91d2079
b6efe3811dfa37cdcde1e9d411c171732ac7e12a
c5dbd471d178ae4505b28e30aee1e8eed77fffd81b9f7815ad2bda1a0d09a02c

HTTP Headers

POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "C5DBD471D178AE4505B28E30AEE1E8EED77FFFD81B9F7815AD2BDA1A0D09A02C"
Last-Modified: Mon, 28 Nov 2022 21:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=8396
Expires: Wed, 30 Nov 2022 07:16:21 GMT
Date: Wed, 30 Nov 2022 04:56:25 GMT
Connection: keep-alive

img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Ff7f230eb-6b67-4a80-b973-d8ea78fe73ae.png

34.120.237.76

200 OK

13 kB

URL HTTP/2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Ff7f230eb-6b67-4a80-b973-d8ea78fe73ae.png
IP
34.120.237.76:0
ASN
#15169 GOOGLE

File type
JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Size
13 kB (12853 bytes)
Hash
e08af5b1d18986e112913c6e69cc8ce6
151b60134a66305bd72dbb3810f67a57720b2af1
555a62d98f4002ad187a6b480d534a1dbe3c64d1f4d17cffad2ab985c10ca462

HTTP Headers

GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Ff7f230eb-6b67-4a80-b973-d8ea78fe73ae.png HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
server: nginx
content-length: 12853
x-amzn-requestid: 25e4402d-98d0-4c38-a927-397c37724bea
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: cYhdpHAuIAMFweQ=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63867c57-506672a36959d9ea09ef5155;Sampled=0
x-amzn-remapped-date: Tue, 29 Nov 2022 21:40:39 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: gHL2sFE-o1u5kEIUiabbP6u5CXr3ihI4mKiAVkfReyuJuTF5k5ktSg==
via: 1.1 1cc6ed0d2d3dd9529ce544f9dfe61a52.cloudfront.net (CloudFront), 1.1 1b74ccf4cb51eacf97a0e6d60ae46a3e.cloudfront.net (CloudFront), 1.1 google
date: Tue, 29 Nov 2022 21:44:48 GMT
age: 25897
etag: "151b60134a66305bd72dbb3810f67a57720b2af1"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2

34.120.237.76

200 OK

4.7 kB

URL HTTP/2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fe74cbd5b-36b7-497f-97d1-4e7073a47375.jpeg
IP
34.120.237.76:0
ASN
#15169 GOOGLE

File type
JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Size
4.7 kB (4706 bytes)
Hash
9b96b63164d7dc37268951510afb359f
5991d60e238558f9fe4e1759fe18dde628cb7be4
cd7a88b3173bae9ad466d41b9ae9a2ed9e18157660697f1f1b070043194c3db4

HTTP Headers

GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fe74cbd5b-36b7-497f-97d1-4e7073a47375.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
server: nginx
content-length: 4706
x-amzn-requestid: ce0b287a-7242-402b-8261-c519a1310309
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: cYhHxETjoAMFcTw=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63867bcb-7a69d6d14ad0fd707ede2882;Sampled=0
x-amzn-remapped-date: Tue, 29 Nov 2022 21:38:19 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: YOLFLV-a93jrA__gtWEzu2Vz8fpQJgvYGDk5fVsjhKVULRHdnKmfHw==
via: 1.1 4d7fa73f804f1c93f20cfc24c4b1266e.cloudfront.net (CloudFront), 1.1 6a9b42e38e76b7d4a4044ebe0e0eca08.cloudfront.net (CloudFront), 1.1 google
date: Tue, 29 Nov 2022 21:44:35 GMT
age: 25910
etag: "5991d60e238558f9fe4e1759fe18dde628cb7be4"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2

34.120.237.76

200 OK

11 kB

URL HTTP/2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fd170538c-f8cf-4acb-ba33-2ead00b9db73.jpeg
IP
34.120.237.76:0
ASN
#15169 GOOGLE

File type
JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Size
11 kB (10958 bytes)
Hash
777ce44582c70bf01a31da4cab366f36
57e1d34f146d5ccd9943aa97bcc3158f7103bb07
fbdc8f65ae74dc13b7aafec464f08fdc9902af519946200ec52432ac3ca55982

HTTP Headers

GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fd170538c-f8cf-4acb-ba33-2ead00b9db73.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
server: nginx
content-length: 10958
x-amzn-requestid: abfea5b0-58f5-49e1-b78e-7cf456d03cb3
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: cYgFHF9oIAMF5lg=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63867a20-5ab719292d440d083b07a478;Sampled=0
x-amzn-remapped-date: Tue, 29 Nov 2022 21:31:12 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: e4GuUolL0WIMXvnF7BZ80j-dMMSILN2gd-1mqFwNns-zCUBsJa8iHQ==
via: 1.1 8f22423015641505b8c857a37450d6c0.cloudfront.net (CloudFront), 1.1 a3bd0eb50c22e4d5fbda56a30b96002c.cloudfront.net (CloudFront), 1.1 google
date: Tue, 29 Nov 2022 21:43:04 GMT
age: 26001
etag: "57e1d34f146d5ccd9943aa97bcc3158f7103bb07"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2

34.120.237.76

200 OK

13 kB

URL HTTP/2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F265a94d3-cdf4-4682-bcea-7cb1b79bc860.png
IP
34.120.237.76:0
ASN
#15169 GOOGLE

File type
JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Size
13 kB (13195 bytes)
Hash
9fb14804c284e300f976848e30396e9c
6004b4b7afd22dded903f026d245bc90a6706767
1cf96b0b6c83f182d018fa4ffb9924038bf282755091e7bacff2a624220260d5

HTTP Headers

GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F265a94d3-cdf4-4682-bcea-7cb1b79bc860.png HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
server: nginx
content-length: 13195
x-amzn-requestid: 1303b72c-fe18-46a3-b3c1-06f3b8550d90
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: cYhGvHW6oAMFxgw=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63867bc4-1b3dbbb005a238117076d1f3;Sampled=0
x-amzn-remapped-date: Tue, 29 Nov 2022 21:38:12 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: pw2Wm8mI8MxRAOVsdvvWLEuxPN5ffcgWBZ_KecuuS5stoTHF4hxECg==
via: 1.1 5ab5dc09da67e3ea794ec8a82992cc88.cloudfront.net (CloudFront), 1.1 aef00f14752da9aa504d392fd46eff94.cloudfront.net (CloudFront), 1.1 google
date: Tue, 29 Nov 2022 21:44:49 GMT
age: 25896
etag: "6004b4b7afd22dded903f026d245bc90a6706767"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2

stats.g.doubleclick.net/j/collect?t=dc&aip=1&_r=3&v=1&_v=j98&tid=UA-90610526-6&cid=644440792.1669784185&jid=1993636381&gjid=1554785982&_gid=1128866103.1669784185&_u=IEBAAEAAAAAAACAAI~&z=1413766276

74.125.131.154

200 OK

4 B

URL HTTP/2
stats.g.doubleclick.net/j/collect?t=dc&aip=1&_r=3&v=1&_v=j98&tid=UA-90610526-6&cid=644440792.1669784185&jid=1993636381&gjid=1554785982&_gid=1128866103.1669784185&_u=IEBAAEAAAAAAACAAI~&z=1413766276
IP
74.125.131.154:0
ASN
#15169 GOOGLE

File type
ASCII text, with no line terminators
Size
4 B (4 bytes)
Hash
48c0473b7821185d937e685216e2168b
3743e47f8a429a5e87b86cb582d78940733d9d2e
570c4d4674fd20602189c548c145ba1f8ac34bc2e4599a71471969028aa1e25a

HTTP Headers

POST /j/collect?t=dc&aip=1&_r=3&v=1&_v=j98&tid=UA-90610526-6&cid=644440792.1669784185&jid=1993636381&gjid=1554785982&_gid=1128866103.1669784185&_u=IEBAAEAAAAAAACAAI~&z=1413766276 HTTP/1.1
Host: stats.g.doubleclick.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: text/plain
Content-Length: 0
Origin: https://playmaster.co.ke
Connection: keep-alive
Referer: https://playmaster.co.ke/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
access-control-allow-origin: https://playmaster.co.ke
strict-transport-security: max-age=10886400; includeSubDomains; preload
date: Wed, 30 Nov 2022 04:56:25 GMT
pragma: no-cache
expires: Fri, 01 Jan 1990 00:00:00 GMT
cache-control: no-cache, no-store, must-revalidate
last-modified: Sun, 17 May 1998 03:00:00 GMT
access-control-allow-credentials: true
x-content-type-options: nosniff
content-type: text/plain
cross-origin-resource-policy: cross-origin
server: Golfe2
content-length: 4
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2

34.120.237.76

200 OK

9.7 kB

URL HTTP/2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F966ff24e-ea85-4a2e-aead-22f1a723c59f.jpeg
IP
34.120.237.76:0
ASN
#15169 GOOGLE

File type
JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Size
9.7 kB (9674 bytes)
Hash
5508d05a290b663fd89ead9b58f2efd8
53650399f9a986ba54addd668b4557109d12003b
65704a961410fdd318c491fedf002c8e9b184cd34b76fe1b67026d42ce21be3f

HTTP Headers

GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F966ff24e-ea85-4a2e-aead-22f1a723c59f.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
server: nginx
content-length: 9674
x-amzn-requestid: 7e7d0183-9667-462a-8d44-d125998c1ae3
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: cYgEoHVAoAMFvAQ=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63867a1d-280ba97e3fe1bf7244cbde35;Sampled=0
x-amzn-remapped-date: Tue, 29 Nov 2022 21:31:09 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C2
x-cache: Miss from cloudfront
x-amz-cf-id: qftF-GQkcjKTs30KMGCTDymw2SVSXeAYKGNWUnaMfvIb8HjtfHUx8A==
via: 1.1 26ca01ec7377e425b59b6a08cb1ec342.cloudfront.net (CloudFront), 1.1 57a21088b36c69a83578b5a5579df58e.cloudfront.net (CloudFront), 1.1 google
date: Tue, 29 Nov 2022 21:44:46 GMT
etag: "53650399f9a986ba54addd668b4557109d12003b"
content-type: image/jpeg
age: 25899
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2

34.120.237.76

200 OK

8.3 kB

URL HTTP/2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fa44c8657-c62c-4dd0-8688-d6b89a767fb4.png
IP
34.120.237.76:0
ASN
#15169 GOOGLE

File type
JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Size
8.3 kB (8337 bytes)
Hash
2cb669522a324cd5d9ba1b1743138d38
71e4307194ea9fb15d29c8a5e35f9bfd3cb0c6e0
a997731964710b80affb001f7f2e2f05a93550b06c1626279516d78b11332803

HTTP Headers

GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fa44c8657-c62c-4dd0-8688-d6b89a767fb4.png HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
server: nginx
content-length: 8337
x-amzn-requestid: 88e6ec5a-6b04-4787-91e4-02f316d0d6e2
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: cYhgYHViIAMFZrA=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63867c68-10f0d81a09c0ae930f6be726;Sampled=0
x-amzn-remapped-date: Tue, 29 Nov 2022 21:40:56 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: 8XATm-S2y3wzXWzJxgof2GIbXx_7WzuEMKrhI5By_tGaB8EiYeGkLg==
via: 1.1 eece508272520f70691e4eebdc5a6dea.cloudfront.net (CloudFront), 1.1 82ea95080f526df99896343fb7269b06.cloudfront.net (CloudFront), 1.1 google
date: Tue, 29 Nov 2022 21:59:07 GMT
age: 25038
etag: "71e4307194ea9fb15d29c8a5e35f9bfd3cb0c6e0"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2

ocsp.pki.goog/gts1c3

142.250.74.131

200 OK

472 B

URL HTTP/1.1
ocsp.pki.goog/gts1c3
IP
142.250.74.131:0
ASN
#15169 GOOGLE

File type
data
Size
472 B (472 bytes)
Hash
5d950b70d3b1532276ed817249b72618
dca7faf727b8afdd481c8f8bcc3e9129fdadadc3
afe3fbe5f269179e18a66ca806664b7f96b903150b364129e2f2b30087198e34

HTTP Headers

POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Wed, 30 Nov 2022 04:56:26 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

embed.tawk.to/_s/v4/app/637ddf31c8f/js/twk-chunk-common.js

104.22.24.131

200 OK

41 kB

URL HTTP/2
embed.tawk.to/_s/v4/app/637ddf31c8f/js/twk-chunk-common.js
IP
104.22.24.131:0
ASN
#13335 CLOUDFLARENET

File type
ASCII text, with very long lines (65466)
Size
41 kB (41246 bytes)
Hash
716d867c22833599c26e48fb16dad147
32a924e36bbc9e6e3ef49aef205d8646c8d87b00
88f3d7d639c8f3bb2d25fba102cf8103937644ad2ec95e9fcc578420fe22fe6f

HTTP Headers

GET /_s/v4/app/637ddf31c8f/js/twk-chunk-common.js HTTP/1.1
Host: embed.tawk.to
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://playmaster.co.ke
Connection: keep-alive
Referer: https://playmaster.co.ke/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers

HTTP/2 200 OK
date: Wed, 30 Nov 2022 04:56:25 GMT
content-type: application/javascript
age: 132
last-modified: Wed, 23 Nov 2022 08:52:37 GMT
etag: W/"bde99510bdf9ab7bbc9ce82519a19a36"
access-control-allow-origin: *
cache-control: public, max-age=2592000, immutable
x-cache-status: HIT
strict-transport-security: max-age=0; includeSubDomains; preload
cf-cache-status: HIT
vary: Accept-Encoding
x-content-type-options: nosniff
server: cloudflare
cf-ray: 7720ff1978430b69-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2

embed.tawk.to/_s/v4/app/637ddf31c8f/js/twk-chunk-vendors.js

104.22.24.131

200 OK

63 kB

URL HTTP/2
embed.tawk.to/_s/v4/app/637ddf31c8f/js/twk-chunk-vendors.js
IP
104.22.24.131:0
ASN
#13335 CLOUDFLARENET

File type
Unicode text, UTF-8 text, with very long lines (65464)
Size
63 kB (63002 bytes)
Hash
bf435d0eaddeb054741decd247bd7993
386f52d0e87e30284739fb14fb36a5d0b9d9ffdd
66e1deee868ee647628713dee1c1ccd45cf4e2ac6b25c5f7ffb80acaec7861a6

HTTP Headers

GET /_s/v4/app/637ddf31c8f/js/twk-chunk-vendors.js HTTP/1.1
Host: embed.tawk.to
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://playmaster.co.ke
Connection: keep-alive
Referer: https://playmaster.co.ke/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers

HTTP/2 200 OK
date: Wed, 30 Nov 2022 04:56:25 GMT
content-type: application/javascript
age: 132
last-modified: Wed, 23 Nov 2022 08:52:37 GMT
etag: W/"70dac54eca3bb2143032bc4db3237623"
access-control-allow-origin: *
cache-control: public, max-age=2592000, immutable
x-cache-status: HIT
strict-transport-security: max-age=0; includeSubDomains; preload
cf-cache-status: HIT
vary: Accept-Encoding
x-content-type-options: nosniff
server: cloudflare
cf-ray: 7720ff1978420b69-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2

www.google.com/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j98&tid=UA-90610526-6&cid=644440792.1669784185&jid=1993636381&_u=IEBAAEAAAAAAACAAI~&z=1450807315

142.250.74.132

200 OK

42 B

URL HTTP/2
www.google.com/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j98&tid=UA-90610526-6&cid=644440792.1669784185&jid=1993636381&_u=IEBAAEAAAAAAACAAI~&z=1450807315
IP
142.250.74.132:0
ASN
#15169 GOOGLE

File type
GIF image data, version 89a, 1 x 1\012- data
Size
42 B (42 bytes)
Hash
d89746888da2d9510b64a9f031eaecd5
d5fceb6532643d0d84ffe09c40c481ecdf59e15a
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

HTTP Headers

GET /ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j98&tid=UA-90610526-6&cid=644440792.1669784185&jid=1993636381&_u=IEBAAEAAAAAAACAAI~&z=1450807315 HTTP/1.1
Host: www.google.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://playmaster.co.ke/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
date: Wed, 30 Nov 2022 04:56:26 GMT
pragma: no-cache
expires: Fri, 01 Jan 1990 00:00:00 GMT
cache-control: no-cache, no-store, must-revalidate
content-type: image/gif
x-content-type-options: nosniff
server: cafe
content-length: 42
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2

www.google.no/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j98&tid=UA-90610526-6&cid=644440792.1669784185&jid=1993636381&_u=IEBAAEAAAAAAACAAI~&z=1450807315

142.250.74.163

200 OK

4.1 kB

URL HTTP/2
www.google.no/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j98&tid=UA-90610526-6&cid=644440792.1669784185&jid=1993636381&_u=IEBAAEAAAAAAACAAI~&z=1450807315
IP
142.250.74.163:0
ASN
#15169 GOOGLE

File type
data
Size
4.1 kB (4089 bytes)
Hash
7bf8e6412e2156c13c9d6229ef7ed143
5c7402b9daa5773a87493d5f9e816586bdaf8bf3
080e98a5bfc612589a5ec9752a8b51c65e31be155274705f98f930d139e23667

HTTP Headers

GET /ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j98&tid=UA-90610526-6&cid=644440792.1669784185&jid=1993636381&_u=IEBAAEAAAAAAACAAI~&z=1450807315 HTTP/1.1
Host: www.google.no
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://playmaster.co.ke/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
date: Wed, 30 Nov 2022 04:56:26 GMT
pragma: no-cache
expires: Fri, 01 Jan 1990 00:00:00 GMT
cache-control: no-cache, no-store, must-revalidate
content-type: image/gif
x-content-type-options: nosniff
server: cafe
content-length: 42
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2

ocsp.pki.goog/gts1c3

142.250.74.131

200 OK

472 B

URL HTTP/1.1
ocsp.pki.goog/gts1c3
IP
142.250.74.131:0
ASN
#15169 GOOGLE

File type
data
Size
472 B (472 bytes)
Hash
cd528f6c2c45e38c52095a73a9cd8c68
dca2df874a830edac932136d474453c18d933024
4c7e75aaccb4b74e227ada3b56829f52cb7f14ad05454f7bd6eccf3e94185218

HTTP Headers

POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Wed, 30 Nov 2022 04:56:26 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

embed.tawk.to/_s/v4/app/637ddf31c8f/js/twk-app.js

104.22.24.131

200 OK

589 B

URL HTTP/2
embed.tawk.to/_s/v4/app/637ddf31c8f/js/twk-app.js
IP
104.22.24.131:0
ASN
#13335 CLOUDFLARENET

File type
ASCII text, with no line terminators
Size
589 B (589 bytes)
Hash
ecf15fcc79a18ffaa97b595f67b7bf0a
a5838b69eb3f90f6aa471650498a52259bdf8012
eb4f18e5817e26cc4447ef9951142e7b4b82b2cd2ca945993c371d4060bfad78

HTTP Headers

GET /_s/v4/app/637ddf31c8f/js/twk-app.js HTTP/1.1
Host: embed.tawk.to
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://playmaster.co.ke
Connection: keep-alive
Referer: https://playmaster.co.ke/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers

HTTP/2 200 OK
date: Wed, 30 Nov 2022 04:56:25 GMT
content-type: application/javascript
age: 381017
last-modified: Wed, 23 Nov 2022 08:52:37 GMT
etag: W/"e736e189edb5d0d9d5b8e7f23dd9114a"
access-control-allow-origin: *
cache-control: public, max-age=2592000, immutable
x-cache-status: HIT
strict-transport-security: max-age=0; includeSubDomains; preload
cf-cache-status: HIT
vary: Accept-Encoding
x-content-type-options: nosniff
server: cloudflare
cf-ray: 7720ff1978450b69-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2

cdn.jsdelivr.net/emojione/2.2.7/lib/js/emojione.min.js

151.101.193.229

200 OK

72 kB

URL HTTP/2
cdn.jsdelivr.net/emojione/2.2.7/lib/js/emojione.min.js
IP
151.101.193.229:0
ASN
#54113 FASTLY

File type
data
Size
72 kB (72340 bytes)
Hash
fc8755b618d628102a2f05ed74ee9eb5
1e8c9eb467fd043a1e9cce70194de1a24b4a00f6
3bfa04e4f407951d5909e266ac7b8b1fbf03fe1170180521bb45e5d3cefa6dcc

HTTP Headers

GET /emojione/2.2.7/lib/js/emojione.min.js HTTP/1.1
Host: cdn.jsdelivr.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://playmaster.co.ke/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
access-control-allow-origin: *
access-control-expose-headers: *
timing-allow-origin: *
cache-control: public, max-age=31536000, s-maxage=31536000, immutable
cross-origin-resource-policy: cross-origin
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-type: application/javascript; charset=utf-8
etag: W/"49dda-cp9vjKV4fYl0Ow7X6yf9dkBr+YU"
content-encoding: gzip
accept-ranges: bytes
date: Wed, 30 Nov 2022 04:56:26 GMT
age: 21930544
x-served-by: cache-fra19156-FRA, cache-bma1672-BMA
x-cache: HIT, HIT
vary: Accept-Encoding
alt-svc: h3=":443";ma=86400,h3-29=":443";ma=86400,h3-27=":443";ma=86400
content-length: 53889
X-Firefox-Spdy: h2

unphionetor.com/vbri?t=95799&bid=undefined&aid=undefined&tp=4166

139.45.197.236

204 No Content

0 B

URL HTTP/2
unphionetor.com/vbri?t=95799&bid=undefined&aid=undefined&tp=4166
IP
139.45.197.236:0
ASN
#9002 RETN Limited

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Detections

Analyzer	Verdict	Alert
quad9	Sinkholed

HTTP Headers

POST /vbri?t=95799&bid=undefined&aid=undefined&tp=4166 HTTP/1.1
Host: unphionetor.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://playmaster.co.ke
Connection: keep-alive
Referer: https://playmaster.co.ke/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Content-Length: 0
TE: trailers

HTTP/2 204 No Content
server: nginx
date: Wed, 30 Nov 2022 04:56:27 GMT
access-control-allow-origin: https://playmaster.co.ke
access-control-allow-methods: POST, GET, OPTIONS, PUT, DELETE
access-control-allow-headers: Accept, Content-Type, Content-Length, Accept-Encoding, Authorization,X-CSRF-Token
access-control-expose-headers: Authorization
access-control-allow-credentials: true
pragma: no-cache
cache-control: no-transform, no-store, no-cache, must-revalidate, max-age=0
expires: Tue, 11 Jan 1994 10:00:00 GMT
x-trace-id: 2019ce95904041a4a47c97a729f0ba2d
strict-transport-security: max-age=1
x-content-type-options: nosniff
timing-allow-origin: *, *
X-Firefox-Spdy: h2

vsb7.tawk.to/s/?k=6386e27a91d77096fa54a85d&cver=0&pop=false&asver=85693&tkn=eyJhbGciOiJFUzI1NiIsInR5cCI6IkpXVCIsImtpZCI6InZpc2l0b3ItYXBwbGljYXRpb24tc2VydmVyLTIwMjEwMjIifQ.eyJwaWQiOiI1ZDFlMmU4ZDIyZDcwZTM2YzJhNDJjYTQiLCJ2aWQiOiI1ZDFlMmU4ZDIyZDcwZTM2YzJhNDJjYTQtbU9aakFSVldzQnFfQWJ4SHloX1RxIiwic2lkIjoiNjM4NmUyN2E5MWQ3NzA5NmZhNTRhODVkIiwiaWF0IjoxNjY5Nzg0MTg2LCJleHAiOjE2Njk3ODU5ODYsImp0aSI6IjlkN2I2NEd0NHdZUXBHZ2F4NFUtdiJ9.XbSvU4_evtyEsa3fRDL7Pca6UAmLpxhDcklJ6rmFv6QtLRT8cOSP46OBSXCh6_21DqjOQYxP2AN8QqJ7qWC96g&EIO=3&transport=websocket&__t=OJ6vAjU

104.22.24.131

101 Switching Protocols

2.3 kB

URL HTTP/1.1
vsb7.tawk.to/s/?k=6386e27a91d77096fa54a85d&cver=0&pop=false&asver=85693&tkn=eyJhbGciOiJFUzI1NiIsInR5cCI6IkpXVCIsImtpZCI6InZpc2l0b3ItYXBwbGljYXRpb24tc2VydmVyLTIwMjEwMjIifQ.eyJwaWQiOiI1ZDFlMmU4ZDIyZDcwZTM2YzJhNDJjYTQiLCJ2aWQiOiI1ZDFlMmU4ZDIyZDcwZTM2YzJhNDJjYTQtbU9aakFSVldzQnFfQWJ4SHloX1RxIiwic2lkIjoiNjM4NmUyN2E5MWQ3NzA5NmZhNTRhODVkIiwiaWF0IjoxNjY5Nzg0MTg2LCJleHAiOjE2Njk3ODU5ODYsImp0aSI6IjlkN2I2NEd0NHdZUXBHZ2F4NFUtdiJ9.XbSvU4_evtyEsa3fRDL7Pca6UAmLpxhDcklJ6rmFv6QtLRT8cOSP46OBSXCh6_21DqjOQYxP2AN8QqJ7qWC96g&EIO=3&transport=websocket&__t=OJ6vAjU
IP
104.22.24.131:0
ASN
#13335 CLOUDFLARENET

File type
data
Size
2.3 kB (2252 bytes)
Hash
a5b05f036d8991ef25fb88905f31a084
7db2cdc735972fb4f3bf8c144693992c75a0496b
3f3808b4700efc7d262601009e935e88979b536e1da5948cb32a5bfbea8419c3

HTTP Headers

GET /s/?k=6386e27a91d77096fa54a85d&cver=0&pop=false&asver=85693&tkn=eyJhbGciOiJFUzI1NiIsInR5cCI6IkpXVCIsImtpZCI6InZpc2l0b3ItYXBwbGljYXRpb24tc2VydmVyLTIwMjEwMjIifQ.eyJwaWQiOiI1ZDFlMmU4ZDIyZDcwZTM2YzJhNDJjYTQiLCJ2aWQiOiI1ZDFlMmU4ZDIyZDcwZTM2YzJhNDJjYTQtbU9aakFSVldzQnFfQWJ4SHloX1RxIiwic2lkIjoiNjM4NmUyN2E5MWQ3NzA5NmZhNTRhODVkIiwiaWF0IjoxNjY5Nzg0MTg2LCJleHAiOjE2Njk3ODU5ODYsImp0aSI6IjlkN2I2NEd0NHdZUXBHZ2F4NFUtdiJ9.XbSvU4_evtyEsa3fRDL7Pca6UAmLpxhDcklJ6rmFv6QtLRT8cOSP46OBSXCh6_21DqjOQYxP2AN8QqJ7qWC96g&EIO=3&transport=websocket&__t=OJ6vAjU HTTP/1.1
Host: vsb7.tawk.to
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Sec-WebSocket-Version: 13
Origin: https://playmaster.co.ke
Sec-WebSocket-Extensions: permessage-deflate
Sec-WebSocket-Key: mBCa3HyvCC5H/SjddXrUQQ==
Connection: keep-alive, Upgrade
Sec-Fetch-Dest: websocket
Sec-Fetch-Mode: websocket
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
Upgrade: websocket

HTTP/1.1 101 Switching Protocols
Date: Wed, 30 Nov 2022 04:56:27 GMT
Connection: upgrade
upgrade: websocket
sec-websocket-accept: po4M8p55M82LWmJiVmcL3rPfG/U=
sec-websocket-extensions: permessage-deflate
strict-transport-security: max-age=0; includeSubDomains; preload
CF-Cache-Status: DYNAMIC
X-Content-Type-Options: nosniff
Server: cloudflare
CF-RAY: 7720ff1fba43b50b-OSL
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400

playmaster.co.ke/en/ucasino_ms

104.21.21.152

200 OK

0 B

URL HTTP/2
playmaster.co.ke/en/ucasino_ms
IP
104.21.21.152:0
ASN
#13335 CLOUDFLARENET

File type

Size
0 B (0 bytes)
Hash

HTTP Headers

GET /en/ucasino_ms HTTP/1.1
Host: playmaster.co.ke
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: none
Sec-Fetch-User: ?1

HTTP/2 200 OK
date: Wed, 30 Nov 2022 04:56:23 GMT
content-type: text/html; charset=utf-8
vary: Accept-Encoding, Origin
x-xss-protection: 1
strict-transport-security: max-age=3600
access-control-allow-origin: http://localhost:9999
access-control-allow-credentials: true
set-cookie: web.sid=s%3ApwLvEJc1ti1r5HRszbPTwssvBZxQ4OoH.NDYA6eEVYeg34ZaUW7AU5Z%2Fim5vZBQAuYcPHGCD1TKM; Path=/; HttpOnly
x-frame-options: SAMEORIGIN
cf-cache-status: DYNAMIC
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=WlIL0DzevKnHYpY9VvqVzkdoMfNvBNp7zANV8bA4KxQM5tUnnymJuDcQKa5UaY2Bp8fbsLVi13wT8NAGtWwduwnUmyx7puTEaygSL0yfcsfBQoTGOVnyjkSkNlVAeewxI%2FvK"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 7720ff0b4a4eb512-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2

tvbetframe23.com/assets/frame.js

185.131.66.202

200 OK

0 B

URL HTTP/2
tvbetframe23.com/assets/frame.js
IP
185.131.66.202:0
ASN
#56630 Melbikomas UAB

File type

Size
0 B (0 bytes)
Hash

HTTP Headers

GET /assets/frame.js HTTP/1.1
Host: tvbetframe23.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://playmaster.co.ke/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
server: nginx
date: Wed, 30 Nov 2022 04:56:23 GMT
content-type: application/javascript; charset=utf-8
last-modified: Tue, 08 Nov 2022 06:21:07 GMT
vary: Accept-Encoding
etag: W/"6369f553-219e"
content-encoding: br
strict-transport-security: max-age=63072000; includeSubDomains; preload
X-Firefox-Spdy: h2

playmaster.co.ke/files/webexIconsDesktop/image/header/fire-01.svg

104.21.21.152

200 OK

0 B

URL HTTP/2
playmaster.co.ke/files/webexIconsDesktop/image/header/fire-01.svg
IP
104.21.21.152:0
ASN
#13335 CLOUDFLARENET

File type

Size
0 B (0 bytes)
Hash

HTTP Headers

GET /files/webexIconsDesktop/image/header/fire-01.svg HTTP/1.1
Host: playmaster.co.ke
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://playmaster.co.ke/styles.38a40fa341bae485618c.css
Cookie: web.sid=s%3ApwLvEJc1ti1r5HRszbPTwssvBZxQ4OoH.NDYA6eEVYeg34ZaUW7AU5Z%2Fim5vZBQAuYcPHGCD1TKM
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
date: Wed, 30 Nov 2022 04:56:24 GMT
content-type: image/svg+xml
last-modified: Tue, 29 Nov 2022 12:38:33 GMT
etag: W/"6385fd49-547"
expires: Fri, 30 Dec 2022 04:54:11 GMT
cache-control: max-age=2592000
x-frame-options: SAMEORIGIN
cf-cache-status: HIT
age: 133
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=NCKeAGH3Q8NDQ3qdFRFv8G3zfUqRgeHpUEuvtDJGS8KKJ5Ra16dgdqydy630jIDaSoPZ4d0OiriEcHYusJXRcipHYsIWzPQmwH5nO3WwDFSjkjR%2B4NMhVT3upxzHPpYO7JW6"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 7720ff129d18b512-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2

static.hotjar.com/c/hotjar-1404705.js?sv=6

143.204.55.84

200 OK

0 B

URL HTTP/2
static.hotjar.com/c/hotjar-1404705.js?sv=6
IP
143.204.55.84:0
ASN
#16509 AMAZON-02

File type

Size
0 B (0 bytes)
Hash

HTTP Headers

GET /c/hotjar-1404705.js?sv=6 HTTP/1.1
Host: static.hotjar.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://playmaster.co.ke/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
content-type: application/javascript; charset=UTF-8
date: Wed, 30 Nov 2022 04:56:25 GMT
access-control-allow-origin: *
cache-control: max-age=60
content-encoding: br
cross-origin-resource-policy: cross-origin
etag: W/6a5f9d6beeaef2ab5e62cfe78b3ad855
strict-transport-security: max-age=2592000; includeSubDomains
x-cache-hit: 1
x-content-type-options: nosniff
vary: Accept-Encoding
x-cache: Miss from cloudfront
via: 1.1 6cb1d4b545e7beb4ead790454f4807c6.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-C1
x-amz-cf-id: uHuPeGefo6eNeVzKvSoKtXp-wBEOnFcS2OxcVUBDe4INMmBi4cW_JA==
X-Firefox-Spdy: h2

playmaster.co.ke/files/webexIconsDesktop/image/header/label.svg

104.21.21.152

200 OK

0 B

URL HTTP/2
playmaster.co.ke/files/webexIconsDesktop/image/header/label.svg
IP
104.21.21.152:0
ASN
#13335 CLOUDFLARENET

File type

Size
0 B (0 bytes)
Hash

HTTP Headers

GET /files/webexIconsDesktop/image/header/label.svg HTTP/1.1
Host: playmaster.co.ke
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://playmaster.co.ke/styles.38a40fa341bae485618c.css
Cookie: web.sid=s%3ApwLvEJc1ti1r5HRszbPTwssvBZxQ4OoH.NDYA6eEVYeg34ZaUW7AU5Z%2Fim5vZBQAuYcPHGCD1TKM
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
date: Wed, 30 Nov 2022 04:56:24 GMT
content-type: image/svg+xml
last-modified: Tue, 29 Nov 2022 12:38:33 GMT
etag: W/"6385fd49-122"
expires: Fri, 30 Dec 2022 04:54:11 GMT
cache-control: max-age=2592000
x-frame-options: SAMEORIGIN
cf-cache-status: HIT
age: 133
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=ZcZbmPe8hSjwxZV4lJMPp8PMvHOGYYkrGPEGScoXE5GT8dp%2BlEUTXEQjKsmN4fHmI%2BxCuXKwr%2BDTkOHZbfu5FGVWUMFnTjd5tjjypxreUEkROuJrVmX%2FEXCGaeirC8D4EeHO"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 7720ff129d17b512-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2

playmaster.co.ke/api/united-casino/get-games

104.21.21.152

200 OK

0 B

URL HTTP/2
playmaster.co.ke/api/united-casino/get-games
IP
104.21.21.152:0
ASN
#13335 CLOUDFLARENET

File type

Size
0 B (0 bytes)
Hash

HTTP Headers

POST /api/united-casino/get-games HTTP/1.1
Host: playmaster.co.ke
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/json, text/plain, */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
authorization: 
Content-Type: application/json
Content-Length: 108
Origin: https://playmaster.co.ke
Connection: keep-alive
Referer: https://playmaster.co.ke/en/ucasino_ms
Cookie: web.sid=s%3ApwLvEJc1ti1r5HRszbPTwssvBZxQ4OoH.NDYA6eEVYeg34ZaUW7AU5Z%2Fim5vZBQAuYcPHGCD1TKM
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
date: Wed, 30 Nov 2022 04:56:25 GMT
content-type: application/json; charset=utf-8
x-xss-protection: 1
strict-transport-security: max-age=3600
access-control-allow-origin: http://localhost:9999
vary: Origin
access-control-allow-credentials: true
x-frame-options: SAMEORIGIN
cf-cache-status: DYNAMIC
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=z1zPwk9tEwZcFNMl6hYqrApaDBJkhVmonFUWKR%2BMv9mYnx0qE2VkzG%2B%2Br5I8ufy9Yy3U8XJ0L37GRe2C8350t0xzav6T5UhUaLchM%2BgkszVMximBnah9q4Mb2BPP%2F1P2L7Qe"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 7720ff143daeb512-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2

use.fontawesome.com/releases/v5.1.0/css/all.css

172.64.132.15

200 OK

0 B

URL HTTP/2
use.fontawesome.com/releases/v5.1.0/css/all.css
IP
172.64.132.15:0
ASN
#13335 CLOUDFLARENET

File type

Size
0 B (0 bytes)
Hash

HTTP Headers

GET /releases/v5.1.0/css/all.css HTTP/1.1
Host: use.fontawesome.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://playmaster.co.ke
Connection: keep-alive
Referer: https://playmaster.co.ke/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
date: Wed, 30 Nov 2022 04:56:23 GMT
content-type: text/css
x-amz-id-2: vtvevf/PBpsHbkVLzBuiGQCO06OKBfk7yxWMr6m5TAoQT80zHpvonoUFhISXelLQ6Hw0Px5QDmY=
x-amz-request-id: NCXKHGNT0HV3W2ZK
access-control-allow-origin: *
access-control-allow-methods: GET
access-control-max-age: 3000
vary: Origin, Access-Control-Request-Headers, Access-Control-Request-Method, Accept-Encoding
last-modified: Wed, 30 Jun 2021 15:30:31 GMT
etag: W/"826c57385f3d35cfed5478ba7b1f5c03"
cache-control: max-age=31556926
cf-cache-status: HIT
age: 1282927
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=qY1NOdrTwDtuVnvxFBHY8vU%2BBsBvqXKQQZYJyFFo160xeQ4bLtSbU9hZJQxhc9Vh48zdWosIMPCDVk1vjoY6Lo5sIBDivZ2Ip6CcG7o6gxnF4ouPQMzE4hCeVuczKm6%2FLXXSNorQ"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 7720ff0d0cca72e5-LHR
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2

playmaster.co.ke/api/v2/multi

104.21.21.152

200 OK

0 B

URL HTTP/2
playmaster.co.ke/api/v2/multi
IP
104.21.21.152:0
ASN
#13335 CLOUDFLARENET

File type

Size
0 B (0 bytes)
Hash

HTTP Headers

POST /api/v2/multi HTTP/1.1
Host: playmaster.co.ke
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/json, text/plain, */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
authorization: 
Content-Type: application/json
Content-Length: 40
Origin: https://playmaster.co.ke
Connection: keep-alive
Referer: https://playmaster.co.ke/en/ucasino_ms
Cookie: web.sid=s%3ApwLvEJc1ti1r5HRszbPTwssvBZxQ4OoH.NDYA6eEVYeg34ZaUW7AU5Z%2Fim5vZBQAuYcPHGCD1TKM
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
date: Wed, 30 Nov 2022 04:56:24 GMT
content-type: application/json; charset=utf-8
x-xss-protection: 1
strict-transport-security: max-age=3600
access-control-allow-origin: http://localhost:9999
vary: Origin
access-control-allow-credentials: true
x-frame-options: SAMEORIGIN
cf-cache-status: DYNAMIC
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=h8DmhK2HAwuOKFFE49B0yLHsAKLe%2Bru8T03cWHepmQVpuDoqFSjajhsen9iph2fkpLOhYq96IlPR6PaoOO1d4mlGgQ5kSirYQsGNez6%2BRTs44Kw1F4eOas2uIRfJlWY0WAuK"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 7720ff11ecd9b512-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2

playmaster.co.ke/styles.38a40fa341bae485618c.css

104.21.21.152

200 OK

0 B

URL HTTP/2
playmaster.co.ke/styles.38a40fa341bae485618c.css
IP
104.21.21.152:0
ASN
#13335 CLOUDFLARENET

File type

Size
0 B (0 bytes)
Hash

HTTP Headers

GET /styles.38a40fa341bae485618c.css HTTP/1.1
Host: playmaster.co.ke
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://playmaster.co.ke/en/ucasino_ms
Cookie: web.sid=s%3ApwLvEJc1ti1r5HRszbPTwssvBZxQ4OoH.NDYA6eEVYeg34ZaUW7AU5Z%2Fim5vZBQAuYcPHGCD1TKM
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
date: Wed, 30 Nov 2022 04:56:23 GMT
content-type: text/css
last-modified: Tue, 29 Nov 2022 12:44:08 GMT
vary: Accept-Encoding
etag: W/"6385fe98-91730"
expires: Thu, 29 Dec 2022 19:07:58 GMT
cache-control: max-age=2592000
x-frame-options: SAMEORIGIN
cf-cache-status: HIT
age: 35305
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=f%2FiRp%2FDCh4InffBn54RSguBXwH%2FTeaE13VSa6tu1DQlLKCm8dxXX8dhDm2qXTG3idXAaaIBK%2B7c%2FB23ZllVZoHEz%2FPi1CvI10hpA3K0tcx6tbojwY3qhrkHk7pduxzzpOi1f"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 7720ff0c5aa0b512-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2

playmaster.co.ke/main.b74c09a1eadac255c700.js

104.21.21.152

200 OK

0 B

URL HTTP/2
playmaster.co.ke/main.b74c09a1eadac255c700.js
IP
104.21.21.152:0
ASN
#13335 CLOUDFLARENET

File type

Size
0 B (0 bytes)
Hash

HTTP Headers

GET /main.b74c09a1eadac255c700.js HTTP/1.1
Host: playmaster.co.ke
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://playmaster.co.ke/en/ucasino_ms
Cookie: web.sid=s%3ApwLvEJc1ti1r5HRszbPTwssvBZxQ4OoH.NDYA6eEVYeg34ZaUW7AU5Z%2Fim5vZBQAuYcPHGCD1TKM
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
date: Wed, 30 Nov 2022 04:56:23 GMT
content-type: application/javascript
last-modified: Tue, 29 Nov 2022 12:44:08 GMT
etag: W/"6385fe98-584ee9"
expires: Thu, 29 Dec 2022 19:07:59 GMT
cache-control: max-age=2592000
x-frame-options: SAMEORIGIN
cf-cache-status: HIT
age: 35304
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=hsVKO65BQj4zqGBfvquS1uX7Z088NdlBM%2BXGd12wxTUIxw89zMDuu%2BrqD4UsFVhhjmL0Ofr%2B0bv%2BqQTRgDShW0Kfz%2BdLIFeGy2kcPtfCzUdmS2GFRuf2ZmS0K03WIXfEikdi"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 7720ff0c6aa7b512-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2

cdn.onesignal.com/sdks/OneSignalSDK.js

104.18.225.52

200 OK

0 B

URL HTTP/2
cdn.onesignal.com/sdks/OneSignalSDK.js
IP
104.18.225.52:0
ASN
#13335 CLOUDFLARENET

File type

Size
0 B (0 bytes)
Hash

HTTP Headers

GET /sdks/OneSignalSDK.js HTTP/1.1
Host: cdn.onesignal.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://playmaster.co.ke/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
date: Wed, 30 Nov 2022 04:56:23 GMT
content-type: application/javascript
etag: W/"ae63ef8ff03da61fffaa7f165729897a"
via: 1.1 google
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
cf-cache-status: HIT
age: 3581
expires: Sat, 03 Dec 2022 04:56:23 GMT
cache-control: public, max-age=259200
vary: Accept-Encoding
strict-transport-security: max-age=15552000; includeSubDomains
server: cloudflare
cf-ray: 7720ff0cdde91c0e-OSL
content-encoding: br
X-Firefox-Spdy: h2

maxcdn.bootstrapcdn.com/bootstrap/4.0.0/css/bootstrap.min.css

104.18.11.207

200 OK

0 B

URL HTTP/2
maxcdn.bootstrapcdn.com/bootstrap/4.0.0/css/bootstrap.min.css
IP
104.18.11.207:0
ASN
#13335 CLOUDFLARENET

File type

Size
0 B (0 bytes)
Hash

HTTP Headers

GET /bootstrap/4.0.0/css/bootstrap.min.css HTTP/1.1
Host: maxcdn.bootstrapcdn.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://playmaster.co.ke
Connection: keep-alive
Referer: https://playmaster.co.ke/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
date: Wed, 30 Nov 2022 04:56:23 GMT
content-type: text/css; charset=utf-8
vary: Accept-Encoding
cdn-pullzone: 252412
cdn-uid: b1941f61-b576-4f40-80de-5677acb38f74
cdn-requestcountrycode: DE
access-control-allow-origin: *
cache-control: public, max-age=31919000
etag: W/"450fc463b8b1a349df717056fbb3e078"
last-modified: Mon, 25 Jan 2021 22:04:04 GMT
cdn-cachedat: 11/18/2022 06:18:38
cdn-proxyver: 1.03
cdn-requestpullcode: 200
cdn-requestpullsuccess: True
cdn-edgestorageid: 752
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
x-content-type-options: nosniff
cdn-status: 200
cdn-requestid: 342d174db7490a5e3e48bbd39455cf5e
cdn-cache: HIT
cf-cache-status: HIT
age: 133
strict-transport-security: max-age=31536000; includeSubDomains; preload
server: cloudflare
cf-ray: 7720ff0cdd15b521-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2

fonts.googleapis.com/css?family=Noto+Sans

142.250.74.106

200 OK

0 B

URL HTTP/2
fonts.googleapis.com/css?family=Noto+Sans
IP
142.250.74.106:0
ASN
#15169 GOOGLE

File type

Size
0 B (0 bytes)
Hash

HTTP Headers

GET /css?family=Noto+Sans HTTP/1.1
Host: fonts.googleapis.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://playmaster.co.ke/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
content-type: text/css; charset=utf-8
access-control-allow-origin: *
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
strict-transport-security: max-age=31536000
expires: Wed, 30 Nov 2022 04:56:23 GMT
date: Wed, 30 Nov 2022 04:56:23 GMT
cache-control: private, max-age=86400
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin-allow-popups
content-encoding: gzip
server: ESF
x-xss-protection: 0
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2

playmaster.co.ke/runtime.ec2944dd8b20ec099bf3.js

104.21.21.152

200 OK

0 B

URL HTTP/2
playmaster.co.ke/runtime.ec2944dd8b20ec099bf3.js
IP
104.21.21.152:0
ASN
#13335 CLOUDFLARENET

File type

Size
0 B (0 bytes)
Hash

HTTP Headers

GET /runtime.ec2944dd8b20ec099bf3.js HTTP/1.1
Host: playmaster.co.ke
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://playmaster.co.ke/en/ucasino_ms
Cookie: web.sid=s%3ApwLvEJc1ti1r5HRszbPTwssvBZxQ4OoH.NDYA6eEVYeg34ZaUW7AU5Z%2Fim5vZBQAuYcPHGCD1TKM
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
date: Wed, 30 Nov 2022 04:56:23 GMT
content-type: application/javascript
last-modified: Tue, 29 Nov 2022 12:44:08 GMT
etag: W/"6385fe98-5a0"
expires: Fri, 30 Dec 2022 04:54:10 GMT
cache-control: max-age=2592000
x-frame-options: SAMEORIGIN
cf-cache-status: HIT
age: 133
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=tNhyFZU4IKRDuJKonFtm52lyxZIwgMoU5Q%2FKTeCnYU1fmAmPZpmcc1YgpHW5hBIPnb%2F3JYcrZ50dqsSuRj8HqQQ6dHgBuixocEGxMOm787CcxB6cAc9WNXppJM8JPU7gxVJC"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 7720ff0c5aa3b512-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2

embed.tawk.to/_s/v4/app/637ddf31c8f/js/twk-runtime.js

104.22.24.131

200 OK

0 B

URL HTTP/2
embed.tawk.to/_s/v4/app/637ddf31c8f/js/twk-runtime.js
IP
104.22.24.131:0
ASN
#13335 CLOUDFLARENET

File type

Size
0 B (0 bytes)
Hash

HTTP Headers

GET /_s/v4/app/637ddf31c8f/js/twk-runtime.js HTTP/1.1
Host: embed.tawk.to
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://playmaster.co.ke
Connection: keep-alive
Referer: https://playmaster.co.ke/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers

HTTP/2 200 OK
date: Wed, 30 Nov 2022 04:56:25 GMT
content-type: application/javascript
age: 132
last-modified: Wed, 23 Nov 2022 08:52:37 GMT
etag: W/"9075c2f5460b2832318d3c7217cc68cb"
access-control-allow-origin: *
cache-control: public, max-age=2592000, immutable
x-cache-status: HIT
strict-transport-security: max-age=0; includeSubDomains; preload
cf-cache-status: HIT
vary: Accept-Encoding
x-content-type-options: nosniff
server: cloudflare
cf-ray: 7720ff1978440b69-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2

playmaster.co.ke/api/v2/multi

104.21.21.152

200 OK

0 B

URL HTTP/2
playmaster.co.ke/api/v2/multi
IP
104.21.21.152:0
ASN
#13335 CLOUDFLARENET

File type

Size
0 B (0 bytes)
Hash

HTTP Headers

POST /api/v2/multi HTTP/1.1
Host: playmaster.co.ke
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/json, text/plain, */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
authorization: 
Content-Type: application/json
Content-Length: 109
Origin: https://playmaster.co.ke
Connection: keep-alive
Referer: https://playmaster.co.ke/en/ucasino_ms
Cookie: web.sid=s%3ApwLvEJc1ti1r5HRszbPTwssvBZxQ4OoH.NDYA6eEVYeg34ZaUW7AU5Z%2Fim5vZBQAuYcPHGCD1TKM
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
date: Wed, 30 Nov 2022 04:56:25 GMT
content-type: application/json; charset=utf-8
x-xss-protection: 1
strict-transport-security: max-age=3600
access-control-allow-origin: http://localhost:9999
vary: Origin
access-control-allow-credentials: true
x-frame-options: SAMEORIGIN
cf-cache-status: DYNAMIC
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=4mUtRT%2B8871wnz%2FDgzjEXX1Guey3rOfvaU6acbySCLa5np2rHtHDLakYJUSXlPU67mLwpqga2Gy3IEXp14GDa6%2Fntwub%2BJg2PqTRZ5w%2B%2BRhlksCR%2FeK33H1%2FHO774jLwFSD%2F"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 7720ff140d95b512-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2

playmaster.co.ke/api/v2/multi

104.21.21.152

200 OK

0 B

URL HTTP/2
playmaster.co.ke/api/v2/multi
IP
104.21.21.152:0
ASN
#13335 CLOUDFLARENET

File type

Size
0 B (0 bytes)
Hash

HTTP Headers

POST /api/v2/multi HTTP/1.1
Host: playmaster.co.ke
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/json, text/plain, */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
authorization: 
Content-Type: application/json
Content-Length: 83
Origin: https://playmaster.co.ke
Connection: keep-alive
Referer: https://playmaster.co.ke/en/ucasino_ms
Cookie: web.sid=s%3ApwLvEJc1ti1r5HRszbPTwssvBZxQ4OoH.NDYA6eEVYeg34ZaUW7AU5Z%2Fim5vZBQAuYcPHGCD1TKM
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
date: Wed, 30 Nov 2022 04:56:24 GMT
content-type: application/json; charset=utf-8
x-xss-protection: 1
strict-transport-security: max-age=3600
access-control-allow-origin: http://localhost:9999
vary: Origin
access-control-allow-credentials: true
x-frame-options: SAMEORIGIN
cf-cache-status: DYNAMIC
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=V2F%2B87ggOuhtorg5m5C4aloBkWeyzn4KK362IC%2B418cwxAbq9wzy7%2BI9Lu7qLdWH2bQu5B8QVgsxuVW8bc1RQXVJIR6z2TjCPlL7joPLZb%2F4P9MeRn%2F9gCTbDFz7BwsrfWf0"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 7720ff11dcd3b512-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2

playmaster.co.ke/files/faviconsKenia/favicon.ico

104.21.21.152

200 OK

0 B

URL HTTP/2
playmaster.co.ke/files/faviconsKenia/favicon.ico
IP
104.21.21.152:0
ASN
#13335 CLOUDFLARENET

File type

Size
0 B (0 bytes)
Hash

HTTP Headers

GET /files/faviconsKenia/favicon.ico HTTP/1.1
Host: playmaster.co.ke
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://playmaster.co.ke/en/ucasino_ms
Cookie: web.sid=s%3ApwLvEJc1ti1r5HRszbPTwssvBZxQ4OoH.NDYA6eEVYeg34ZaUW7AU5Z%2Fim5vZBQAuYcPHGCD1TKM
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
date: Wed, 30 Nov 2022 04:56:25 GMT
content-type: image/x-icon
last-modified: Tue, 29 Nov 2022 12:38:32 GMT
etag: W/"6385fd48-278"
expires: Thu, 29 Dec 2022 19:08:06 GMT
cache-control: max-age=2592000
x-frame-options: SAMEORIGIN
cf-cache-status: HIT
age: 35299
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=q6PLlst4CgDexo%2Bly1yHBiXB5tXegIxSp%2BF6iWs1pjpipMhj0f5dchapV8f8%2B1fIToK7%2FA1H7TGm91hT%2F9N4oTJIli2FiuX5cnAS3kpsiTfn0g%2FnuYcx1ccQZCTv1KpeHJe5"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 7720ff17ef2ab512-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2

Report Overview

Submitted URL

IP

ASN

Submitted

Access

Website Title

Final URL

Tags

urlquery detections

Detections

urlquery

Network Intrusion Detection

Threat Detection Systems

Domain Summary

Related reports

Network Intrusion Detection Systems

Suricata /w Emerging Threats Pro

Threat Detection Systems

OpenPhish

PhishTank

Fortinet's Web Filter

mnemonic secure dns

Quad9 DNS

JavaScript (36)

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations