Report - playmaster.co.ke/en/ucasino_ms/h-slots-20-super-hot-egt

Report Overview

Submitted URL
playmaster.co.ke/en/ucasino_ms/h-slots-20-super-hot-egt
IP
188.114.96.1
ASN
#13335 CLOUDFLARENET
Submitted
2022-12-08 09:18:46
Access
Website Title
Final URL
Tags
None
urlquery detections
No alerts detected

Detections

urlquery
0
Network Intrusion Detection
0
Threat Detection Systems
6

Domain Summary

Domain / FQDN	Rank	First Seen	Last Seen	Sent	Received	IP
embed.tawk.to	8650	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	6.7 kB	70 kB	104.22.24.131
static.hotjar.com	641	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	378 B	4.0 kB	143.204.55.37
www.google.no	25607	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	516 B	694 B	142.250.74.163
cdn.onesignal.com	3015	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	374 B	495 B	104.18.226.52
playmaster.co.ke	unknown	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	14 kB	575 kB	188.114.97.1
content-signature-2.cdn.mozilla.net	1152	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	413 B	5.8 kB	34.160.144.191
use.fontawesome.com	942	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	428 B	1.0 kB	172.64.133.15
www.google.com	7	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	517 B	694 B	142.250.74.164
vsb80.tawk.to	118595	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	1.1 kB	1.2 kB	172.67.38.66
propeller-tracking.com	187053	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	372 B	728 B	139.45.197.240
firefox.settings.services.mozilla.com	867	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	782 B	2.4 kB	35.241.9.150
contile.services.mozilla.com	1114	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	333 B	391 B	34.117.237.239
ocsp.digicert.com	86	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	2.0 kB	3.7 kB	93.184.220.29
www.google-analytics.com	40	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	799 B	638 B	142.250.74.46
maxcdn.bootstrapcdn.com	724	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	442 B	946 B	188.114.98.234
vars.hotjar.com	1014	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	506 B	1.7 kB	143.204.55.118
stats.g.doubleclick.net	96	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	607 B	711 B	108.177.14.157
va.tawk.to	8297	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	969 B	1.2 kB	104.22.24.131
tvbetframe23.com	unknown	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	368 B	329 B	185.131.66.202
r3.o.lencr.org	344	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	2.4 kB	6.2 kB	23.36.77.32
my.rtmark.net	9054	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	5.5 kB	9.1 kB	139.45.195.8
unphionetor.com	54035	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	1.3 kB	2.1 kB	139.45.197.236
fs.betunit.com	unknown	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	296 B	151 kB	104.21.84.22
img-getpocket.cdn.mozilla.net	1631	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	3.2 kB	59 kB	34.120.237.76
ocsp.globalsign.com	2075	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	368 B	1.9 kB	104.18.21.226
in.hotjar.com	1746	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	486 B	287 B	34.254.47.228
ocsp.pki.goog	175	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	2.4 kB	4.9 kB	142.250.74.131
push.services.mozilla.com	2140	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	606 B	127 B	35.163.49.154
script.hotjar.com	887	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	385 B	69 kB	143.204.55.40

Related reports

Network Intrusion Detection Systems

Suricata /w Emerging Threats Pro

No alerts detected

Threat Detection Systems

OpenPhish

No alerts detected

PhishTank

No alerts detected

Fortinet's Web Filter

No alerts detected

mnemonic secure dns

No alerts detected

Quad9 DNS

Scan Date	Severity	Indicator	Alert
2022-12-08	medium	unphionetor.com	Sinkholed
2022-12-08	medium	unphionetor.com	Sinkholed
2022-12-08	medium	unphionetor.com	Sinkholed

JavaScript (35)

	URL	Size	First Seen	Last Seen
	playmaster.co.ke/en/ucasino_ms/h-slots-20-super-hot-egt	504 B	2023-03-08	2023-03-29
Pretty URL playmaster.co.ke/en/ucasino_ms/h-slots-20-super-hot-egt IP 188.114.97.1 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-08 00:30:03 Last Seen2023-03-29 22:08:13 Times Seen3 Hash 2f27c164da4ea8e9dd3b623db563b3d3 f6d1bb8989092bbc6d241a1b3f3cd5a4d4521365 03302b851a2b21f26c2703050e75770443e35c0892e9c8c5bd0a90f18aed947f Loading...

	onesignal.com/api/v1/sync/1641a175-fbb2-4172-9cf5-f605a25d060c/web?callback=__jp0	4.5 kB	2023-03-08	2023-03-08
Pretty URL onesignal.com/api/v1/sync/1641a175-fbb2-4172-9cf5-f605a25d060c/web?callback=__jp0 IP 0.0.0.0 ASN #0 Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-08 21:57:20 Last Seen2023-03-08 21:57:20 Times Seen1 Hash fc4e888654cc45544abcdc81d501ff13 6745616d4395a0f88e9b1ea78718ce67f238a654 975923ab2d9c8ab5572e5719efb866e8ae10ada12ae047a8d9f88bd274a55ba5 Loading...

	static.hotjar.com/c/hotjar-1404705.js?sv=6	6.8 kB	2023-03-08	2023-03-08
Pretty URL static.hotjar.com/c/hotjar-1404705.js?sv=6 IP 143.204.55.37 ASN #16509 AMAZON-02 Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-08 21:57:20 Last Seen2023-03-08 21:57:20 Times Seen1 Hash 88ad054fd868217066fc984201ffc270 a5d94fc0383df4a762bd52c3b116fb347f8a63af 14dcbf911d0720459c55470abdd27c0dded4844a06559876e0e4414fca241009 Loading...

	embed.tawk.to/_s/v4/app/637ddf31c8f/languages/en.js	17 kB	2023-03-07	2024-02-05
Pretty URL embed.tawk.to/_s/v4/app/637ddf31c8f/languages/en.js IP 104.22.24.131 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:03:47 Last Seen2024-02-05 02:14:35 Times Seen39084 Hash 585ba00b2c167b90c210161454f843b5 89ee8372cc6d5eb307cf5840b70d8f3dab3c57f2 e924ffe8bcc65483510a22a7286bd6d4d204e72ffe5927eec50158f7a7be50c0 Loading...

	embed.tawk.to/_s/v4/app/637ddf31c8f/js/twk-chunk-48f46bef.js	16 kB	2023-03-08	2023-03-12
Pretty URL embed.tawk.to/_s/v4/app/637ddf31c8f/js/twk-chunk-48f46bef.js IP 104.22.24.131 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-08 14:21:39 Last Seen2023-03-12 19:39:42 Times Seen1 Hash 12f6c0f6e6cec2a03629fbce091e2072 f900879b5df1ad4add9e9312ade124a70a14607c 663028e7a6e8b469483d28f1b38a593e73623ae4e95eebdef03eecc014da0316 Loading...

	playmaster.co.ke/en/ucasino_ms/h-slots-20-super-hot-egt	163 B	2023-03-08	2023-03-29
Pretty URL playmaster.co.ke/en/ucasino_ms/h-slots-20-super-hot-egt IP 188.114.97.1 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-08 00:30:04 Last Seen2023-03-29 22:08:13 Times Seen3 Hash bea3853ff08d61616a663af88a3a02d2 885704a4d8f1d7e5a776418ba713b082a10b6023 8d98e4ea2628900a0c83d31b8b2065245ab221cfd077224f4e55bc5c1d5db3aa Loading...

	unknown	0 B	2023-03-07	2024-04-25
Pretty Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:01:59 Last Seen2024-04-25 01:26:15 Times Seen37052042 Hash d41d8cd98f00b204e9800998ecf8427e da39a3ee5e6b4b0d3255bfef95601890afd80709 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Loading...

	my.rtmark.net/p.js?f=sync&lr=1&partner=458124450432a37bd27e68ab57fa2c7806a129a6e516153febe0dca195779ca0	697 B	2023-03-08	2023-08-25
Pretty URL my.rtmark.net/p.js?f=sync&lr=1&partner=458124450432a37bd27e68ab57fa2c7806a129a6e516153febe0dca195779ca0 IP 139.45.195.8 ASN #9002 RETN Limited Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-08 00:30:04 Last Seen2023-08-25 07:01:10 Times Seen76 Hash 8ea8c8bd7b4a8c06dc3d0bcecbb0f310 e730e1b8d2c46b6d1d31916d8a668a375c8f5200 c14e09a0d72b50111f563843cc7e05cd6f04bf2531d5e3731e2e7c3d76a01dc1 Loading...

	vars.hotjar.com/box-5e66f98b4ee957db209dc6f63e3d59dd.html	2.3 kB	2023-03-08	2023-03-26
Pretty URL vars.hotjar.com/box-5e66f98b4ee957db209dc6f63e3d59dd.html IP 143.204.55.118 ASN #16509 AMAZON-02 Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-08 14:22:11 Last Seen2023-03-26 01:38:12 Times Seen2 Hash 2ab04d2242413cc15369fa816e1a02f8 8ff148dd539f0fff0892dcc2075839c315cb8642 fe51660a3d21efbefab64694f51d02f2bcee4e82c324895e93c78ba6179508a3 Loading...

	embed.tawk.to/_s/v4/app/637ddf31c8f/js/twk-main.js	121 B	2023-03-07	2024-04-24
Pretty URL embed.tawk.to/_s/v4/app/637ddf31c8f/js/twk-main.js IP 104.22.24.131 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:02:45 Last Seen2024-04-24 05:14:02 Times Seen45920 Hash da5bb1dc647470204df0e49f5afac2de f5cbf596ca5e4fe208e4c55af6e45b71f9febbe8 705186becc9e0a306a6b4867ae2768aa9dd3b8c12393d9f9c52029e9a6fcf31c Loading...

	embed.tawk.to/_s/v4/app/637ddf31c8f/js/twk-chunk-2d0b9454.js	546 B	2023-03-07	2023-12-03
Pretty URL embed.tawk.to/_s/v4/app/637ddf31c8f/js/twk-chunk-2d0b9454.js IP 104.22.24.131 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:02:45 Last Seen2023-12-03 21:40:45 Times Seen7208 Hash 09c3819d373bd4178a620d721429fada fc407211bc5ed4384dc85e981c5947f727254bd9 48126b4a0cc388ba014594d6d64a6c6c6bb1c0ea145bb1c3c2b1da1a514e4a5c Loading...

	playmaster.co.ke/polyfills.0688af4a18ec3a51fe8c.js	63 kB	2023-03-08	2023-08-25
Pretty URL playmaster.co.ke/polyfills.0688af4a18ec3a51fe8c.js IP 188.114.97.1 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-08 00:30:03 Last Seen2023-08-25 07:01:10 Times Seen159 Hash 15dadf51ebb4daf0ee19402e538412b8 92796c1570cab0f6fa8964aed4a90ab618aa5e47 79051b879b76040ea89ffa0e38c2e51f26699a0ac993be30873aa45af52d188f Loading...

	playmaster.co.ke/en/ucasino_ms/h-slots-20-super-hot-egt	158 B	2023-03-08	2024-04-24
Pretty URL playmaster.co.ke/en/ucasino_ms/h-slots-20-super-hot-egt IP 188.114.97.1 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-08 00:30:04 Last Seen2024-04-24 10:17:40 Times Seen9 Hash cdeee27d978e44d61995ab8ed57f7fd3 5591bc62da2323de9328fd4790aaeaf6ae921fcf 0e4767fb85dd32e699cf00fec8cdcae5f49a71153490cfe1c593b36538cfe49d Loading...

	www.google-analytics.com/analytics.js	50 kB	2023-03-08	2024-04-24
Pretty URL www.google-analytics.com/analytics.js IP 0.0.0.0 ASN #0 Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-08 05:22:31 Last Seen2024-04-24 18:41:20 Times Seen1526 Hash fda30e8a22c9bcd954fd8d0fadd0e77c ae47cd34cbde081a48d7f92fc80aaf06a1381193 b42e4a056cb5b80c5a315040826866445ec9332f0749e184509ab2d9d3b86719 Loading...

	tvbetframe23.com/assets/frame.js	8.6 kB	2023-03-08	2023-03-14
Pretty URL tvbetframe23.com/assets/frame.js IP 185.131.66.202 ASN #56630 Melbikomas UAB Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-08 14:33:10 Last Seen2023-03-14 05:26:46 Times Seen1 Hash 9e42b3c90ed9f125899ba54a79d0275f 6dc42bb43ebb4b154a22dc93be811d94f3281ce7 0bd6dafd3f85e527c26dfb42c041c0d79bac141a12f6c7ce4512a1914e4f10da Loading...

	my.rtmark.net/p.js?f=sync&lr=1&partner=7f41a83d748afa4f865bfe2300b041dc5fdc50c8d7ce5030d4d425f67296d3b7	697 B	2023-03-08	2023-08-25
Pretty URL my.rtmark.net/p.js?f=sync&lr=1&partner=7f41a83d748afa4f865bfe2300b041dc5fdc50c8d7ce5030d4d425f67296d3b7 IP 139.45.195.8 ASN #9002 RETN Limited Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-08 00:30:04 Last Seen2023-08-25 07:01:09 Times Seen69 Hash c809b47e49ab30ce4531de95bdb2e642 ace06c6d6e6157683b752cb20def9ff29b864208 b3c4ceaf9a6fc3019b3ffefae2b3d055a15cfa4a86dc7cb8e31f6f704716bbd8 Loading...

	embed.tawk.to/_s/v4/app/637ddf31c8f/js/twk-vendor.js	78 kB	2023-03-07	2024-01-03
Pretty URL embed.tawk.to/_s/v4/app/637ddf31c8f/js/twk-vendor.js IP 104.22.24.131 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:02:45 Last Seen2024-01-03 04:29:13 Times Seen8812 Hash 7dcb496e4882926f93f2e73fa87062c0 f84d8f772336f305bbbd882a1e5d48d9aa8bd16a 5958b8f2069b0a3292ed7a9db46b8109adac7e81591238557125893ee7e87bb7 Loading...

	embed.tawk.to/_s/v4/app/637ddf31c8f/js/twk-chunk-2c78ba82.js	7.1 kB	2023-03-07	2023-12-01
Pretty URL embed.tawk.to/_s/v4/app/637ddf31c8f/js/twk-chunk-2c78ba82.js IP 104.22.24.131 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:15:09 Last Seen2023-12-01 20:53:29 Times Seen7234 Hash fac25ff2d2c405e1ac7e156dca1f819c 9e7c83d4eefe4f64b4f1c43d15f21b248697a125 97ca66991150a4c1263837600fe4338f33d96b74979cd7740ab07d22b883b8e0 Loading...

	embed.tawk.to/_s/v4/app/637ddf31c8f/js/twk-chunk-32507910.js	74 kB	2023-03-08	2023-03-12
Pretty URL embed.tawk.to/_s/v4/app/637ddf31c8f/js/twk-chunk-32507910.js IP 104.22.24.131 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-08 14:21:39 Last Seen2023-03-12 19:40:33 Times Seen1 Hash af764270cff49e4f88710a5824f1af0a 5101715aafd662b8ef1bae9a588ba7e8650c2b5e 8ea95ad5c8b1c5de01a4a647ba43f1d82e0e94337b17995abaa29a6dc7d5bffc Loading...

	propeller-tracking.com/fv.js?t=95799	5.2 kB	2023-03-07	2024-04-24
Pretty URL propeller-tracking.com/fv.js?t=95799 IP 139.45.197.240 ASN #9002 RETN Limited Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:02:56 Last Seen2024-04-24 01:48:23 Times Seen2355 Hash 563d777535ce88943a94a6be86f378c8 8753745424d367275e3fe55a5661fe51b1e1fb72 0f467a48a494f7f63968707dc43785b728d0c17f93c12937c1e5b12798f3a98a Loading...

	embed.tawk.to/_s/v4/app/637ddf31c8f/js/twk-runtime.js	2.3 kB	2023-03-08	2024-01-03
Pretty URL embed.tawk.to/_s/v4/app/637ddf31c8f/js/twk-runtime.js IP 104.22.24.131 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-08 14:21:39 Last Seen2024-01-03 04:29:13 Times Seen3 Hash 9075c2f5460b2832318d3c7217cc68cb b8742c9ec6d976051538e69ae8a92e354b62638b 6d510d7d2266769c4b312b4db0fc12e180db9c5ef2d75926c5b8f23543788aba Loading...

	embed.tawk.to/5d1e2e8d22d70e36c2a42ca4/default	2.1 kB	2023-03-08	2023-03-12
Pretty URL embed.tawk.to/5d1e2e8d22d70e36c2a42ca4/default IP 104.22.24.131 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-08 14:33:10 Last Seen2023-03-12 15:55:12 Times Seen1 Hash 0ad45524f67c754bfea49e70df7e30bb 2bf94bbb3521b145c71c3e3734cfb4af9d876d43 8be2ec2ae60139b9bc62f511e066ae1748f22f364358c24bcb2c64ee65601b71 Loading...

	cdn.onesignal.com/sdks/OneSignalSDK.js	9.1 kB	2023-03-07	2023-04-02
Pretty URL cdn.onesignal.com/sdks/OneSignalSDK.js IP 104.18.226.52 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:02:42 Last Seen2023-04-02 21:25:26 Times Seen2 Hash ae63ef8ff03da61fffaa7f165729897a 96a95093b2be6ed11dc11b689c728c2ec0dbe19c d12c6745eca14e06d4dea70f4c2bd875769b349770d04300477ab18d0db005d4 Loading...

	my.rtmark.net/p.js?f=sync&lr=1&partner=0a33899fd0710311f885aa995a362f745b43cf9fa64a57afd98f276247391262	697 B	2023-03-08	2023-08-25
Pretty URL my.rtmark.net/p.js?f=sync&lr=1&partner=0a33899fd0710311f885aa995a362f745b43cf9fa64a57afd98f276247391262 IP 139.45.195.8 ASN #9002 RETN Limited Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-08 00:30:04 Last Seen2023-08-25 07:01:10 Times Seen78 Hash 9fc3ae679b63d633b774a21cdef5f000 f152c15b218ebfd5e71e75bb48396a5816b581ec 1cc768fc95debe6461d0ca57e225bfa3c764435db518aca1a401a9ef7d1f84f2 Loading...

	my.rtmark.net/p.js?f=sync&lr=1&partner=9f7d9fee71938e979ff3c186172fe99af6fed4d05cd2f164407368f8cad38667	697 B	2023-03-08	2023-08-25
Pretty URL my.rtmark.net/p.js?f=sync&lr=1&partner=9f7d9fee71938e979ff3c186172fe99af6fed4d05cd2f164407368f8cad38667 IP 0.0.0.0 ASN #0 Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-08 00:30:04 Last Seen2023-08-25 07:01:09 Times Seen70 Hash 068b8309e7fb06560e560c8dece8d934 2ae1a89362092080187b9965a400ac30633bed20 a5de384f92fcdf2f30a75f3539082d380d0d75d6b646f6c6d225caf507db3874 Loading...

	embed.tawk.to/_s/v4/app/637ddf31c8f/js/twk-chunk-common.js	196 kB	2023-03-08	2024-01-03
Pretty URL embed.tawk.to/_s/v4/app/637ddf31c8f/js/twk-chunk-common.js IP 104.22.24.131 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-08 14:21:39 Last Seen2024-01-03 04:29:13 Times Seen4 Hash bde99510bdf9ab7bbc9ce82519a19a36 c0d4758cbef7cb74c32021e2f6c6271ae995c919 654d5153e9271fb0cf77a967a37cb4e615a1f911a9957f747f395d824d0cca44 Loading...

	playmaster.co.ke/en/ucasino_ms/h-slots-20-super-hot-egt	179 B	2023-03-08	2023-03-29
Pretty URL playmaster.co.ke/en/ucasino_ms/h-slots-20-super-hot-egt IP 188.114.97.1 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-08 00:30:04 Last Seen2023-03-29 22:08:13 Times Seen3 Hash f4bb2cb9f54d7b107fcf4c5626a088e5 1e87b31e7b5719f0a03cc787afa375453cdffc9a 6539d7511a5de922a4880c1f2d086ff69e2613cfff6896e1609826c2d637c877 Loading...

	playmaster.co.ke/en/ucasino_ms/h-slots-20-super-hot-egt	424 B	2023-03-08	2023-03-29
Pretty URL playmaster.co.ke/en/ucasino_ms/h-slots-20-super-hot-egt IP 188.114.97.1 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-08 00:30:04 Last Seen2023-03-29 22:08:13 Times Seen3 Hash 027de650c2cc00c31ce424d63cc5091e 4d33fa1c1ed43100df4f6aa76e27e0517df6e1c3 34ff91fe3bd47526ff0790e3e1b9446b72f3a7291b83d7d2b869d9c2df9da4f2 Loading...

	embed.tawk.to/_s/v4/app/637ddf31c8f/js/twk-app.js	151 B	2023-03-07	2024-04-24
Pretty URL embed.tawk.to/_s/v4/app/637ddf31c8f/js/twk-app.js IP 104.22.24.131 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:02:46 Last Seen2024-04-24 05:13:57 Times Seen46602 Hash e736e189edb5d0d9d5b8e7f23dd9114a bcabee193f13756fa9154fc492fe420c47140343 13cf82e6f9d48221cd55f8b3c3d206f7bdb83f291034b478e484ccfef7d500dd Loading...

	embed.tawk.to/_s/v4/app/637ddf31c8f/js/twk-chunk-696bc286.js	17 kB	2023-03-08	2023-03-12
Pretty URL embed.tawk.to/_s/v4/app/637ddf31c8f/js/twk-chunk-696bc286.js IP 104.22.24.131 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-08 14:21:39 Last Seen2023-03-12 19:40:33 Times Seen1 Hash a4ee0f7f38343d301e91591fc360d3fa 0748ec2421e5495f8cd80c749a827065c4b43eb1 83bf5bc596982a4f75467e476f78e856ac970915731fb11c7115f5feaac5027b Loading...

	embed.tawk.to/_s/v4/app/637ddf31c8f/js/twk-chunk-f163fcd0.js	11 kB	2023-03-07	2023-12-01
Pretty URL embed.tawk.to/_s/v4/app/637ddf31c8f/js/twk-chunk-f163fcd0.js IP 104.22.24.131 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:02:46 Last Seen2023-12-01 20:53:29 Times Seen11867 Hash a92075fd9ac5ba130387a80453676099 4b5b13cf9479b8311d574356e53f8da74200c57a 544039b2ff06226afd008c3625818bbfe76a2598d7159145d06965afaf4f09de Loading...

	embed.tawk.to/_s/v4/app/637ddf31c8f/js/twk-chunk-4fe9d5dd.js	942 B	2023-03-07	2023-12-03
Pretty URL embed.tawk.to/_s/v4/app/637ddf31c8f/js/twk-chunk-4fe9d5dd.js IP 104.22.24.131 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:02:46 Last Seen2023-12-03 21:40:45 Times Seen7224 Hash 5f434bdd806571a4e1b385bee9316ff6 ca69e13015a6b7769e4174179dc8befd4c543c43 fc129f67c34d70578dc66a2ac6be2d44011eab5a05077797b8e56dbc2f2c9867 Loading...

	playmaster.co.ke/en/ucasino_ms/h-slots-20-super-hot-egt	1.4 kB	2023-03-08	2023-03-11
Pretty URL playmaster.co.ke/en/ucasino_ms/h-slots-20-super-hot-egt IP 188.114.97.1 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-08 14:33:10 Last Seen2023-03-11 23:04:42 Times Seen1 Hash e497b12bca282592be4b1118282c463e dd56dff292afe337b2b1f6577c12dc2f0c7c024e 9a71be58fc99b62aa48369c28b1a281a47cb5bef0ca35871b47aec5c27d2a4e9 Loading...

	cdn.onesignal.com/sdks/OneSignalPageSDKES6.js?v=151514	290 kB	2023-03-07	2023-05-22
Pretty URL cdn.onesignal.com/sdks/OneSignalPageSDKES6.js?v=151514 IP 0.0.0.0 ASN #0 Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:03:26 Last Seen2023-05-22 12:53:59 Times Seen6 Hash 2f96824aee4bf927e734cc519e3e726d 217f9bc83ea70521ed2b8d89b8e2a1fa05cf9146 843114448aaeeda7e8caa0cf76d61e0c63b8bffccd34517483363fdb15cdc80c Loading...

	playmaster.co.ke/runtime.ec2944dd8b20ec099bf3.js	1.4 kB	2023-03-07	2024-04-24
Pretty URL playmaster.co.ke/runtime.ec2944dd8b20ec099bf3.js IP 188.114.97.1 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:10:17 Last Seen2024-04-24 10:14:22 Times Seen375 Hash cd1ce3e306bf57f272364d1cc0249d6e b62956c2192bfe5516d6374e753773901ed50ec5 eb3d5f2600910179bef8b0709214b7c721ea66e92ebb35bc282264beb2631eaf Loading...

HTTP Transactions (104)

URL IP Response Size

playmaster.co.ke/en/ucasino_ms/h-slots-20-super-hot-egt

188.114.97.1

301 Moved Permanently

0 B

URL HTTP/1.1
playmaster.co.ke/en/ucasino_ms/h-slots-20-super-hot-egt
IP
188.114.97.1:0
ASN
#13335 CLOUDFLARENET

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

HTTP Headers

GET /en/ucasino_ms/h-slots-20-super-hot-egt HTTP/1.1
Host: playmaster.co.ke
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Upgrade-Insecure-Requests: 1

HTTP/1.1 301 Moved Permanently
Date: Thu, 08 Dec 2022 09:18:35 GMT
Transfer-Encoding: chunked
Connection: keep-alive
Cache-Control: max-age=3600
Expires: Thu, 08 Dec 2022 10:18:35 GMT
Location: https://playmaster.co.ke/en/ucasino_ms/h-slots-20-super-hot-egt
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=DVVsDaUtmbJbRJz5C9XXuiKb1geBiNY8jcFelOb0ylaq2BFKmcnHFVHVVAraJacfL9Bz0rc1xfSWhulOw8hX8EM6oaU1NaQQkKadySrq4tG3k5YcnxmLLuz%2FtHNDaCG92d3%2F"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 77646a1d4f1d0afa-OSL
alt-svc: h2=":443"; ma=60

r3.o.lencr.org/

23.36.77.32

200 OK

503 B

URL HTTP/1.1
r3.o.lencr.org/
IP
23.36.77.32:0
ASN
#20940 Akamai International B.V.

File type
data
Size
503 B (503 bytes)
Hash
f2acd891dc6eb1f09f57a2b086791781
1e2088306501a61edcca1ade62c4d54f23b3b083
51148fed95cc00d60dc3640350f135b1b2763ff0e3cfbffc40f0948317894be9

HTTP Headers

POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "51148FED95CC00D60DC3640350F135B1B2763FF0E3CFBFFC40F0948317894BE9"
Last-Modified: Wed, 07 Dec 2022 17:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=17210
Expires: Thu, 08 Dec 2022 14:05:25 GMT
Date: Thu, 08 Dec 2022 09:18:35 GMT
Connection: keep-alive

r3.o.lencr.org/

23.36.77.32

200 OK

503 B

URL HTTP/1.1
r3.o.lencr.org/
IP
23.36.77.32:0
ASN
#20940 Akamai International B.V.

File type
data
Size
503 B (503 bytes)
Hash
388f6fea5bafa378266622b72311a6ee
447f102dc12172ce1ba44c5e94e1d7bb49d43372
a597afb4d4f7f3c82f0f2857322226fc69dc92e099bfd0605f7a0cd562be9d21

HTTP Headers

POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "A597AFB4D4F7F3C82F0F2857322226FC69DC92E099BFD0605F7A0CD562BE9D21"
Last-Modified: Wed, 07 Dec 2022 17:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=6062
Expires: Thu, 08 Dec 2022 10:59:37 GMT
Date: Thu, 08 Dec 2022 09:18:35 GMT
Connection: keep-alive

firefox.settings.services.mozilla.com/v1/

35.241.9.150

200 OK

939 B

URL HTTP/2
firefox.settings.services.mozilla.com/v1/
IP
35.241.9.150:0
ASN
#15169 GOOGLE

File type
JSON data\012- , ASCII text, with very long lines (939), with no line terminators
Size
939 B (939 bytes)
Hash
14cd9a0afb6ba9a763651d5112760d1e
75d7b104ab9ab11fbb73c3f348b43b0119b5adfa
4e32a117106be587ffcd63239c16a8117eb7840830d4c9decf6527761967532e

HTTP Headers

GET /v1/ HTTP/1.1
Host: firefox.settings.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
access-control-allow-origin: *
access-control-expose-headers: Content-Length, Alert, Retry-After, Backoff, Content-Type
content-security-policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
content-length: 939
via: 1.1 google
date: Thu, 08 Dec 2022 09:08:09 GMT
content-type: application/json
age: 626
cache-control: max-age=3600,public
alt-svc: clear
X-Firefox-Spdy: h2

r3.o.lencr.org/

23.36.77.32

200 OK

503 B

URL HTTP/1.1
r3.o.lencr.org/
IP
23.36.77.32:0
ASN
#20940 Akamai International B.V.

File type
data
Size
503 B (503 bytes)
Hash
00e7703bd74975689fc9050356aaca6b
9788fe6a36d6f278e8da329ebc5dd87bcd212317
593bc437ff8a8233516c62613d50220fcb25b9f967ed5fb384c253f0db135103

HTTP Headers

POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "593BC437FF8A8233516C62613D50220FCB25B9F967ED5FB384C253F0DB135103"
Last-Modified: Wed, 07 Dec 2022 17:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=3655
Expires: Thu, 08 Dec 2022 10:19:30 GMT
Date: Thu, 08 Dec 2022 09:18:35 GMT
Connection: keep-alive

content-signature-2.cdn.mozilla.net/chains/remote-settings.content-signature.mozilla.org-2023-01-19-10-06-33.chain

34.160.144.191

200 OK

5.3 kB

URL HTTP/2
content-signature-2.cdn.mozilla.net/chains/remote-settings.content-signature.mozilla.org-2023-01-19-10-06-33.chain
IP
34.160.144.191:0
ASN
#15169 GOOGLE

File type
PEM certificate\012- , ASCII text
Size
5.3 kB (5348 bytes)
Hash
53341dea33f4f3d9b4966f80589f429a
20f7b07c686c986d2ed1e3e9ad1bb2aef8edaf0d
651683e52cdbc96b289f8f123155f0b96d9f67432689e89156fa56f5a346c6a0

HTTP Headers

GET /chains/remote-settings.content-signature.mozilla.org-2023-01-19-10-06-33.chain HTTP/1.1
Host: content-signature-2.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
x-amz-id-2: z16uTmVmcuFNDiXN9BkCBY1j7nW6D7HvgHAJRuJdwClt/sWNLrjoHoM4PDEXEldVdv1AGEbaY5w=
x-amz-request-id: 4RH1MW63VP2RJKMQ
content-disposition: attachment
accept-ranges: bytes
server: AmazonS3
content-length: 5348
via: 1.1 google
date: Thu, 08 Dec 2022 08:49:43 GMT
age: 1732
last-modified: Wed, 30 Nov 2022 10:06:34 GMT
etag: "53341dea33f4f3d9b4966f80589f429a"
content-type: binary/octet-stream
cache-control: public,max-age=3600
alt-svc: clear
X-Firefox-Spdy: h2

contile.services.mozilla.com/v1/tiles

34.117.237.239

200 OK

12 B

URL HTTP/2
contile.services.mozilla.com/v1/tiles
IP
34.117.237.239:0
ASN
#15169 GOOGLE

File type
JSON data\012- , ASCII text, with no line terminators
Size
12 B (12 bytes)
Hash
23e88fb7b99543fb33315b29b1fad9d6
a48926c4ec03c7c8a4e8dffcd31e5a6cdda417ce
7d8f1de8b7de7bc21dfb546a1d0c51bf31f16eee5fad49dbceae1e76da38e5c3

HTTP Headers

GET /v1/tiles HTTP/1.1
Host: contile.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
server: nginx
date: Thu, 08 Dec 2022 09:18:35 GMT
content-type: application/json
content-length: 12
vary: Origin, Access-Control-Request-Method, Access-Control-Request-Headers
access-control-expose-headers: content-type
access-control-allow-credentials: true
strict-transport-security: max-age=31536000
via: 1.1 google
alt-svc: clear
X-Firefox-Spdy: h2

ocsp.digicert.com/

93.184.220.29

200 OK

279 B

URL HTTP/1.1
ocsp.digicert.com/
IP
93.184.220.29:0
ASN
#15133 EDGECAST

File type
data
Size
279 B (279 bytes)
Hash
5c64b745f2bdaa043f333d4d7cf7ea60
bd0eb94b92fdcd917f2496abfb56bd047a85a6d0
147fd442f3c5089af6ab6e86bd178db0ab41d2cc9628fae92df3b8f82837db35

HTTP Headers

POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Cache-Control: 'max-age=158059'
Content-Type: application/ocsp-response
Date: Thu, 08 Dec 2022 09:18:35 GMT
Server: ECS (amb/6BBD)
Content-Length: 279

ocsp.digicert.com/

93.184.220.29

200 OK

279 B

URL HTTP/1.1
ocsp.digicert.com/
IP
93.184.220.29:0
ASN
#15133 EDGECAST

File type
data
Size
279 B (279 bytes)
Hash
11a302ea55f351609774e40b083661c4
5c074e0b4452e7552afab1a482b8bf78dc815734
87285f2e9f489d221a8ba05d334deafe15206990565ea6c3f87d8104e9ad6190

HTTP Headers

POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 1218
Cache-Control: max-age=169024
Content-Type: application/ocsp-response
Date: Thu, 08 Dec 2022 09:18:35 GMT
Etag: "63919869-117"
Expires: Sat, 10 Dec 2022 08:15:39 GMT
Last-Modified: Thu, 08 Dec 2022 07:55:21 GMT
Server: ECS (ska/F6FD)
X-Cache: HIT
Content-Length: 279

ocsp.digicert.com/

93.184.220.29

200 OK

279 B

URL HTTP/1.1
ocsp.digicert.com/
IP
93.184.220.29:0
ASN
#15133 EDGECAST

File type
data
Size
279 B (279 bytes)
Hash
40ed5ec0836e5a03f0c1347b5db96966
40a1f62afbf3c26ea40be6d287122f3ffd19870e
2fd03cac65cc434ddade13acacc1c68a2a4bbc557e3a03777ea20fdd6c91a441

HTTP Headers

POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 2480
Cache-Control: max-age=167056
Content-Type: application/ocsp-response
Date: Thu, 08 Dec 2022 09:18:35 GMT
Etag: "63918bcb-117"
Expires: Sat, 10 Dec 2022 07:42:51 GMT
Last-Modified: Thu, 08 Dec 2022 07:01:31 GMT
Server: ECS (ska/F6FD)
X-Cache: HIT
Content-Length: 279

ocsp.pki.goog/gts1c3

142.250.74.131

200 OK

472 B

URL HTTP/1.1
ocsp.pki.goog/gts1c3
IP
142.250.74.131:0
ASN
#15169 GOOGLE

File type
data
Size
472 B (472 bytes)
Hash
4f48748dc87020a0f1368e6d3bb9a24c
4eeade3f02cc6b02390af43bd5e7d67da4a707e0
7cb746c8d9392ac22b2a06ce10ef0266bebf5a7a09febdafeea27a29fa0bd1a5

HTTP Headers

POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Thu, 08 Dec 2022 09:18:35 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

playmaster.co.ke/runtime.ec2944dd8b20ec099bf3.js

188.114.97.1

200 OK

983 B

URL HTTP/2
playmaster.co.ke/runtime.ec2944dd8b20ec099bf3.js
IP
188.114.97.1:0
ASN
#13335 CLOUDFLARENET

File type
ASCII text, with very long lines (1440), with no line terminators
Size
983 B (983 bytes)
Hash
acfda0215bcd2bfaaf493e297917b723
9ada1aa9f52b64601a5a83888c662728978fce67
4f78a4a539a7eb23079e0f8e15fb9b7e0266bc71855e71e8ac1664bedca130e8

HTTP Headers

GET /runtime.ec2944dd8b20ec099bf3.js HTTP/1.1
Host: playmaster.co.ke
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://playmaster.co.ke/en/ucasino_ms/h-slots-20-super-hot-egt
Cookie: web.sid=s%3Aky_Qw-Fv_ooafgWQoo7SmBz2WKo8N-M6.OHcx%2Fbh5v8Qo21bSjMwzGk5x69cCnI7Nbh7XKtWCp%2Fg
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
date: Thu, 08 Dec 2022 09:18:35 GMT
content-type: application/javascript
last-modified: Tue, 29 Nov 2022 12:44:08 GMT
etag: W/"6385fe98-5a0"
expires: Sat, 07 Jan 2023 09:15:36 GMT
cache-control: max-age=2592000
x-frame-options: SAMEORIGIN
cf-cache-status: HIT
age: 179
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=SmQS1Y3o7VMHuLtgm1eQJKOZWThsvC5IoGCfSV7cmJuvbx4AYG42OsVekvQaycV7wBgf8FPSnfpbB8pxhWtLmW9kn%2BQooaeiG2G0bpBk6p3VWB7UB0%2FFKPgXdqlNAxLOq%2Fu1"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 77646a2139e91c12-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2

firefox.settings.services.mozilla.com/v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US

35.241.9.150

200 OK

329 B

URL HTTP/2
firefox.settings.services.mozilla.com/v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US
IP
35.241.9.150:0
ASN
#15169 GOOGLE

File type
JSON data\012- , ASCII text, with very long lines (329), with no line terminators
Size
329 B (329 bytes)
Hash
0333b0655111aa68de771adfcc4db243
63f295a144ac87a7c8e23417626724eeca68a7eb
60636eb1dc67c9ed000fe0b49f03777ad6f549cb1d2b9ff010cf198465ae6300

HTTP Headers

GET /v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US HTTP/1.1
Host: firefox.settings.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/json
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/json
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
access-control-allow-origin: *
access-control-expose-headers: Content-Length, Pragma, Last-Modified, ETag, Alert, Expires, Retry-After, Cache-Control, Backoff, Content-Type
content-security-policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
content-length: 329
via: 1.1 google
date: Thu, 08 Dec 2022 09:07:55 GMT
age: 640
last-modified: Fri, 25 Mar 2022 17:45:46 GMT
etag: "1648230346554"
content-type: application/json
cache-control: max-age=3600,public
alt-svc: clear
X-Firefox-Spdy: h2

ocsp.digicert.com/

93.184.220.29

200 OK

279 B

URL HTTP/1.1
ocsp.digicert.com/
IP
93.184.220.29:0
ASN
#15133 EDGECAST

File type
data
Size
279 B (279 bytes)
Hash
40ed5ec0836e5a03f0c1347b5db96966
40a1f62afbf3c26ea40be6d287122f3ffd19870e
2fd03cac65cc434ddade13acacc1c68a2a4bbc557e3a03777ea20fdd6c91a441

HTTP Headers

POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 2442
Cache-Control: max-age=167018
Content-Type: application/ocsp-response
Date: Thu, 08 Dec 2022 09:18:35 GMT
Etag: "63918bcb-117"
Expires: Sat, 10 Dec 2022 07:42:13 GMT
Last-Modified: Thu, 08 Dec 2022 07:01:31 GMT
Server: ECS (ska/F704)
X-Cache: HIT
Content-Length: 279

playmaster.co.ke/styles.38a40fa341bae485618c.css

188.114.97.1

200 OK

76 kB

URL HTTP/2
playmaster.co.ke/styles.38a40fa341bae485618c.css
IP
188.114.97.1:0
ASN
#13335 CLOUDFLARENET

File type
ASCII text, with very long lines (65536), with no line terminators
Size
76 kB (76521 bytes)
Hash
5f5755b9f2b8fe7c6a6e3b6b55760883
b8ccd689e2a80a656fe1d0d87c0220e08f88ac73
e4358b3c1fa5e0962453d5338c2dcf0c1d3aa9d450bd229698747c280842de10

HTTP Headers

GET /styles.38a40fa341bae485618c.css HTTP/1.1
Host: playmaster.co.ke
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://playmaster.co.ke/en/ucasino_ms/h-slots-20-super-hot-egt
Cookie: web.sid=s%3Aky_Qw-Fv_ooafgWQoo7SmBz2WKo8N-M6.OHcx%2Fbh5v8Qo21bSjMwzGk5x69cCnI7Nbh7XKtWCp%2Fg
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
date: Thu, 08 Dec 2022 09:18:35 GMT
content-type: text/css
last-modified: Tue, 29 Nov 2022 12:44:08 GMT
vary: Accept-Encoding
etag: W/"6385fe98-91730"
expires: Thu, 05 Jan 2023 10:07:24 GMT
cache-control: max-age=2592000
x-frame-options: SAMEORIGIN
cf-cache-status: HIT
age: 169871
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=AF5HqtS1HJ8NWib1vn8Tq7l5h4mHcD7Sl%2B3MDzkmdnThW3uhxBW2r9RdH9C7%2FgTpVYJD2axVFQb4bHcO4bHx8720o5BPNDWkwbMGKne2m6puTG9qqLqJupE1dNNp1%2FkwF0O6"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 77646a2129e01c12-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2

ocsp.digicert.com/

93.184.220.29

200 OK

471 B

URL HTTP/1.1
ocsp.digicert.com/
IP
93.184.220.29:0
ASN
#15133 EDGECAST

File type
data
Size
471 B (471 bytes)
Hash
053aff7451e55d4269dd9610ab070f3f
b3376256d11d159b0c7280ba1515b78d7d9e12ca
24114ca560fe70d03185bd66985603fd5a03dc310aa9a8ea7a7b3723ed46ce3e

HTTP Headers

POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 2774
Cache-Control: max-age=88469
Content-Type: application/ocsp-response
Date: Thu, 08 Dec 2022 09:18:35 GMT
Etag: "639057aa-1d7"
Expires: Fri, 09 Dec 2022 09:53:04 GMT
Last-Modified: Wed, 07 Dec 2022 09:06:50 GMT
Server: ECS (ska/F6FD)
X-Cache: HIT
Content-Length: 471

ocsp.digicert.com/

93.184.220.29

200 OK

279 B

URL HTTP/1.1
ocsp.digicert.com/
IP
93.184.220.29:0
ASN
#15133 EDGECAST

File type
data
Size
279 B (279 bytes)
Hash
61e3d9d6a1d8215a72262cabeeba48a7
9bae804c95bc7930bfd4223c01eaecd249f56f59
194e20346762205c87deb74d2f1b2ff6143fbdf3ce3542dc4049f7071a03ac89

HTTP Headers

POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 1923
Cache-Control: max-age=98419
Content-Type: application/ocsp-response
Date: Thu, 08 Dec 2022 09:18:35 GMT
Etag: "639081db-117"
Expires: Fri, 09 Dec 2022 12:38:54 GMT
Last-Modified: Wed, 07 Dec 2022 12:06:51 GMT
Server: ECS (ska/F6FD)
X-Cache: HIT
Content-Length: 279

ocsp.pki.goog/gts1c3

142.250.74.131

200 OK

472 B

URL HTTP/1.1
ocsp.pki.goog/gts1c3
IP
142.250.74.131:0
ASN
#15169 GOOGLE

File type
data
Size
472 B (472 bytes)
Hash
4f48748dc87020a0f1368e6d3bb9a24c
4eeade3f02cc6b02390af43bd5e7d67da4a707e0
7cb746c8d9392ac22b2a06ce10ef0266bebf5a7a09febdafeea27a29fa0bd1a5

HTTP Headers

POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Thu, 08 Dec 2022 09:18:35 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

push.services.mozilla.com/

35.163.49.154

101 Switching Protocols

0 B

URL HTTP/1.1
push.services.mozilla.com/
IP
35.163.49.154:0
ASN
#16509 AMAZON-02

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

HTTP Headers

GET / HTTP/1.1
Host: push.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Sec-WebSocket-Version: 13
Origin: wss://push.services.mozilla.com/
Sec-WebSocket-Protocol: push-notification
Sec-WebSocket-Extensions: permessage-deflate
Sec-WebSocket-Key: JyLcT7a9OMkgM/DTu+ap8A==
Connection: keep-alive, Upgrade
Sec-Fetch-Dest: websocket
Sec-Fetch-Mode: websocket
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
Upgrade: websocket

HTTP/1.1 101 Switching Protocols
Connection: Upgrade
Upgrade: websocket
Sec-WebSocket-Accept: InC9/CaXNx2O1k3z/1g/2a0xS1M=

playmaster.co.ke/files/i18n/en.json

188.114.97.1

200 OK

3 B

URL HTTP/2
playmaster.co.ke/files/i18n/en.json
IP
188.114.97.1:0
ASN
#13335 CLOUDFLARENET

File type
JSON data\012- , ASCII text
Size
3 B (3 bytes)
Hash
8a80554c91d9fca8acb82f023de02f11
5f36b2ea290645ee34d943220a14b54ee5ea5be5
ca3d163bab055381827226140568f3bef7eaac187cebd76878e0b63e9e442356

HTTP Headers

GET /files/i18n/en.json HTTP/1.1
Host: playmaster.co.ke
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/json, text/plain, */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://playmaster.co.ke/en/ucasino_ms/h-slots-20-super-hot-egt
Cookie: web.sid=s%3Aky_Qw-Fv_ooafgWQoo7SmBz2WKo8N-M6.OHcx%2Fbh5v8Qo21bSjMwzGk5x69cCnI7Nbh7XKtWCp%2Fg
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
date: Thu, 08 Dec 2022 09:18:36 GMT
content-type: application/json
content-length: 3
last-modified: Tue, 29 Nov 2022 12:38:32 GMT
etag: "6385fd48-3"
expires: Sat, 07 Jan 2023 09:18:36 GMT
cache-control: max-age=2592000
x-frame-options: SAMEORIGIN
accept-ranges: bytes
cf-cache-status: DYNAMIC
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=VlwfIRmtWdAvbxjxqICHcapmZzoaUL83PJi5z%2BOf4YrFmof%2F0%2BE1Jp5MZVjhY8N3taUvOM9vwtWgBiCB2UDqFz2qwmScUxxBi30P%2FCyvTw5cy8AyClat22F%2F2qPBiDM%2Bama5"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 77646a26c94a1c12-OSL
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2

playmaster.co.ke/files/icons/flags/language/gb.png

188.114.97.1

200 OK

934 B

URL HTTP/2
playmaster.co.ke/files/icons/flags/language/gb.png
IP
188.114.97.1:0
ASN
#13335 CLOUDFLARENET

File type
PNG image data, 250 x 125, 8-bit colormap, non-interlaced\012- data
Size
934 B (934 bytes)
Hash
0896c9f55bf2afef36fa3b4ebfacf822
094a7531110863360ed32cf28f4e653470960330
9d37b4b31744e8374acbd28d862261ee946b5fb1e5bb641b04a454605d9afefe

HTTP Headers

GET /files/icons/flags/language/gb.png HTTP/1.1
Host: playmaster.co.ke
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://playmaster.co.ke/styles.38a40fa341bae485618c.css
Cookie: web.sid=s%3Aky_Qw-Fv_ooafgWQoo7SmBz2WKo8N-M6.OHcx%2Fbh5v8Qo21bSjMwzGk5x69cCnI7Nbh7XKtWCp%2Fg
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
date: Thu, 08 Dec 2022 09:18:36 GMT
content-type: image/png
content-length: 934
last-modified: Tue, 29 Nov 2022 12:38:32 GMT
etag: "6385fd48-3a6"
expires: Thu, 05 Jan 2023 10:07:25 GMT
cache-control: max-age=2592000
x-frame-options: SAMEORIGIN
cf-cache-status: HIT
age: 169871
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=5BJ9XOaJZx21HUqj0AsJbTxL2Dt0Zx%2Fo%2FXJuawY8kgTPDR4wZvSs5Y9Eu0HoCEJp4eK8tGJHiC%2FswhX6bYwgeTJcwLcwO5pwoKKrOvsMboxETw5HyOr1vvTAtEjMtI5r0xp6"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 77646a2769f61c12-OSL
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2

playmaster.co.ke/files/icons/flags/language/tz.png

188.114.97.1

200 OK

761 B

URL HTTP/2
playmaster.co.ke/files/icons/flags/language/tz.png
IP
188.114.97.1:0
ASN
#13335 CLOUDFLARENET

File type
PNG image data, 250 x 167, 8-bit colormap, non-interlaced\012- data
Size
761 B (761 bytes)
Hash
838f395c5f4c8a907768216be0b39397
3c92dda2799859851bfe37f775d7d0242c21b7e4
2e2b9a0c712bb55b78ba19b714513c1d39566cf47b22cf16eb345c581db5265e

HTTP Headers

GET /files/icons/flags/language/tz.png HTTP/1.1
Host: playmaster.co.ke
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://playmaster.co.ke/styles.38a40fa341bae485618c.css
Cookie: web.sid=s%3Aky_Qw-Fv_ooafgWQoo7SmBz2WKo8N-M6.OHcx%2Fbh5v8Qo21bSjMwzGk5x69cCnI7Nbh7XKtWCp%2Fg
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
date: Thu, 08 Dec 2022 09:18:36 GMT
content-type: image/png
content-length: 761
last-modified: Tue, 29 Nov 2022 12:38:32 GMT
etag: "6385fd48-2f9"
expires: Thu, 05 Jan 2023 10:07:25 GMT
cache-control: max-age=2592000
x-frame-options: SAMEORIGIN
cf-cache-status: HIT
age: 169871
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Tgxw4JZCobPQRQTMSBSP3SrAD3lzTdDsixO7oGuyehP9%2FIcjF%2Fva0eG%2Bh9v3YogUl6r%2BejhvJ%2F1Mu44ldRskr3R6bdGaLvsMVliT0rQ7aO7itF1e%2BS9dKdeL%2BP3qcx7R0mTx"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 77646a2769fa1c12-OSL
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2

playmaster.co.ke/files/icons/flags/language/cn.png

188.114.97.1

200 OK

1.7 kB

URL HTTP/2
playmaster.co.ke/files/icons/flags/language/cn.png
IP
188.114.97.1:0
ASN
#13335 CLOUDFLARENET

File type
PNG image data, 250 x 167, 8-bit colormap, non-interlaced\012- data
Size
1.7 kB (1691 bytes)
Hash
d3a9dc56faac29c81e3a2a5dd9c9c0f5
62339adbff53d9d2cbab1356a1b70305ef25fd73
2649a33ec676d992709ad7978e0df319e398563c4de17f0c3d08ff206b00dee7

HTTP Headers

GET /files/icons/flags/language/cn.png HTTP/1.1
Host: playmaster.co.ke
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://playmaster.co.ke/styles.38a40fa341bae485618c.css
Cookie: web.sid=s%3Aky_Qw-Fv_ooafgWQoo7SmBz2WKo8N-M6.OHcx%2Fbh5v8Qo21bSjMwzGk5x69cCnI7Nbh7XKtWCp%2Fg
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
date: Thu, 08 Dec 2022 09:18:36 GMT
content-type: image/png
content-length: 1691
last-modified: Tue, 29 Nov 2022 12:38:32 GMT
etag: "6385fd48-69b"
expires: Thu, 05 Jan 2023 10:07:25 GMT
cache-control: max-age=2592000
x-frame-options: SAMEORIGIN
cf-cache-status: HIT
age: 169871
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=6vUNafsJs8GGG7SFWEwUhPUsnQQ9ARF%2BFnbm7Jik2Q0%2Bmdu8yZLbFYarfwSnExp55rFxfjakhpO8iPPiztKZ7v3D3VzNn6v3pY85VUYKAc0dA3qPgu29hafqECVHXtebp1Dk"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 77646a2769f91c12-OSL
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2

playmaster.co.ke/files/fonts/google/ieVl2ZhZI2eCN5jzbjEETS9weq8-19K7DQ.woff2

188.114.97.1

200 OK

15 kB

URL HTTP/2
playmaster.co.ke/files/fonts/google/ieVl2ZhZI2eCN5jzbjEETS9weq8-19K7DQ.woff2
IP
188.114.97.1:0
ASN
#13335 CLOUDFLARENET

File type
Web Open Font Format (Version 2), TrueType, length 15332, version 1.0\012- data
Size
15 kB (15332 bytes)
Hash
587de8ec039052f50e69c9654439b991
dd26304e3095c1ec9f8860e3c5f094d2826f6074
0f961c62a5d3faf422bafd5ce3c490a54b95c68a1bb5aaca37b66a8257fe02ea

HTTP Headers

GET /files/fonts/google/ieVl2ZhZI2eCN5jzbjEETS9weq8-19K7DQ.woff2 HTTP/1.1
Host: playmaster.co.ke
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Connection: keep-alive
Referer: https://playmaster.co.ke/styles.38a40fa341bae485618c.css
Cookie: web.sid=s%3Aky_Qw-Fv_ooafgWQoo7SmBz2WKo8N-M6.OHcx%2Fbh5v8Qo21bSjMwzGk5x69cCnI7Nbh7XKtWCp%2Fg
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
date: Thu, 08 Dec 2022 09:18:36 GMT
content-type: font/woff2
content-length: 15332
last-modified: Tue, 29 Nov 2022 12:38:32 GMT
etag: "6385fd48-3be4"
expires: Thu, 05 Jan 2023 10:07:25 GMT
cache-control: max-age=2592000
x-frame-options: SAMEORIGIN
cf-cache-status: HIT
age: 169871
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=%2FNZBK%2Bnzbqwk6GJm5YVteJW5itiM4aRNFv1jIMV1GNOt4ic1xzfCGyYvVKNaikV%2FmPN86p3F5g8huQZOjmVA4RF1zBcrUF95urgew%2BIPteOXos6RYCw049C1iEUfLkQ9jZWH"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 77646a278a361c12-OSL
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2

playmaster.co.ke/api/v2/multi

188.114.97.1

200 OK

591 B

URL HTTP/2
playmaster.co.ke/api/v2/multi
IP
188.114.97.1:0
ASN
#13335 CLOUDFLARENET

File type
JSON data\012- , ASCII text, with no line terminators
Size
591 B (591 bytes)
Hash
aae2b38992d3fa19e5cdd1de91c2c204
b17d920d4c894d18edc83312069da8cf4fc433cf
531b394c2b182648607a8a6218cfa66b300f28b38aaa3fe2156e424684e0e07f

HTTP Headers

POST /api/v2/multi HTTP/1.1
Host: playmaster.co.ke
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/json, text/plain, */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
authorization: 
Content-Type: application/json
Content-Length: 107
Origin: https://playmaster.co.ke
Connection: keep-alive
Referer: https://playmaster.co.ke/en/ucasino_ms/h-slots-20-super-hot-egt
Cookie: web.sid=s%3Aky_Qw-Fv_ooafgWQoo7SmBz2WKo8N-M6.OHcx%2Fbh5v8Qo21bSjMwzGk5x69cCnI7Nbh7XKtWCp%2Fg
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
date: Thu, 08 Dec 2022 09:18:36 GMT
content-type: application/json; charset=utf-8
x-xss-protection: 1
strict-transport-security: max-age=3600
access-control-allow-origin: http://localhost:9999
vary: Origin
access-control-allow-credentials: true
x-frame-options: SAMEORIGIN
cf-cache-status: DYNAMIC
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=pSjco1u1rPF2177AfxfhfDPu%2FmSrLHIWF%2B3ffQMVzZtu8fkhtcqLrQ6rOUOYHuOhQgI8Il1n%2FGa5%2ByNHwTxYDIxtOvIfps8O1oHXwtF3zOtwQZkivOsdjuywhM8hczR6FPli"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 77646a2759e41c12-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2

r3.o.lencr.org/

23.36.77.32

200 OK

503 B

URL HTTP/1.1
r3.o.lencr.org/
IP
23.36.77.32:0
ASN
#20940 Akamai International B.V.

File type
data
Size
503 B (503 bytes)
Hash
acea7cb44141792f5d84b0c9ab8c57e4
69f1e46739200324bd891063d17c7a7083f313b7
4c0d144b20ab8cf7fec972a66e08ed2b993121e9c4b6c88bbf0f3e7388f2b058

HTTP Headers

POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "4C0D144B20AB8CF7FEC972A66E08ED2B993121E9C4B6C88BBF0F3E7388F2B058"
Last-Modified: Wed, 07 Dec 2022 17:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=6430
Expires: Thu, 08 Dec 2022 11:05:46 GMT
Date: Thu, 08 Dec 2022 09:18:36 GMT
Connection: keep-alive

playmaster.co.ke/api/v2/multi

188.114.97.1

200 OK

949 B

URL HTTP/2
playmaster.co.ke/api/v2/multi
IP
188.114.97.1:0
ASN
#13335 CLOUDFLARENET

File type
JSON data\012- , Unicode text, UTF-8 text, with very long lines (958), with no line terminators
Size
949 B (949 bytes)
Hash
bdddf0a5f3f258dc0dcbd26d9653636f
260b1351459e26cf63a3e25b22d2f583f3e0edf3
527379144b7c6416fd839e8526aa99850c8b1562feec6aa0f5538e00968d6ffa

HTTP Headers

POST /api/v2/multi HTTP/1.1
Host: playmaster.co.ke
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/json, text/plain, */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
authorization: 
Content-Type: application/json
Content-Length: 108
Origin: https://playmaster.co.ke
Connection: keep-alive
Referer: https://playmaster.co.ke/en/ucasino_ms/h-slots-20-super-hot-egt
Cookie: web.sid=s%3Aky_Qw-Fv_ooafgWQoo7SmBz2WKo8N-M6.OHcx%2Fbh5v8Qo21bSjMwzGk5x69cCnI7Nbh7XKtWCp%2Fg
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
date: Thu, 08 Dec 2022 09:18:36 GMT
content-type: application/json; charset=utf-8
x-xss-protection: 1
strict-transport-security: max-age=3600
access-control-allow-origin: http://localhost:9999
vary: Origin
access-control-allow-credentials: true
x-frame-options: SAMEORIGIN
cf-cache-status: DYNAMIC
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=QKFW5XGTZXiPm50f9jtcMfU7wh%2FqAJs2zHzpf2fanjqCRtpBQaO1lTiOC1GNJ%2FVEpchW%2FcD1qZUaU13PbbeU4DO%2BBpr1xygw5NaA%2BMgAPf8QBK7KDC38U1f3iS%2Fv%2B31qiQ9R"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 77646a26d95d1c12-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2

playmaster.co.ke/api/v2/multi

188.114.97.1

200 OK

2.0 kB

URL HTTP/2
playmaster.co.ke/api/v2/multi
IP
188.114.97.1:0
ASN
#13335 CLOUDFLARENET

File type
data
Size
2.0 kB (1989 bytes)
Hash
5f23f0eefb7df28201ac0cd8760f74a3
a986bd01fc76f2930ceae772a7d9a712069a2872
7dd215df3d346d91816f682bc9fb230996c67cfe5bf4df58005d38be9f12e12e

HTTP Headers

POST /api/v2/multi HTTP/1.1
Host: playmaster.co.ke
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/json, text/plain, */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
authorization: 
Content-Type: application/json
Content-Length: 40
Origin: https://playmaster.co.ke
Connection: keep-alive
Referer: https://playmaster.co.ke/en/ucasino_ms/h-slots-20-super-hot-egt
Cookie: web.sid=s%3Aky_Qw-Fv_ooafgWQoo7SmBz2WKo8N-M6.OHcx%2Fbh5v8Qo21bSjMwzGk5x69cCnI7Nbh7XKtWCp%2Fg
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
date: Thu, 08 Dec 2022 09:18:36 GMT
content-type: application/json; charset=utf-8
x-xss-protection: 1
strict-transport-security: max-age=3600
access-control-allow-origin: http://localhost:9999
vary: Origin
access-control-allow-credentials: true
x-frame-options: SAMEORIGIN
cf-cache-status: DYNAMIC
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=YYs9UHz3B4y5LGleAlzOOpqXLfv4Q7kKNNk1m2ohCOtrBRzkDgbepzJoRNVlmSLeLatdIZoC1NLT%2BVsiA0zCCzIZd%2BUvYp8VyCf89aK9Ckz1zYV24XKf%2FtMpmWOexFp%2FWhry"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 77646a26d9671c12-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2

embed.tawk.to/5d1e2e8d22d70e36c2a42ca4/default

104.22.24.131

200 OK

1.1 kB

URL HTTP/2
embed.tawk.to/5d1e2e8d22d70e36c2a42ca4/default
IP
104.22.24.131:0
ASN
#13335 CLOUDFLARENET

File type
ASCII text
Size
1.1 kB (1120 bytes)
Hash
57143c83509d446be92d6b89a3edb9b2
d03a86e1a722482b16beb790af4cff2f29924743
2e3cf7784452b00093e7f7da4b6d64defb4323fd6e8ddeb060dff5c3b2c29ff2

HTTP Headers

GET /5d1e2e8d22d70e36c2a42ca4/default HTTP/1.1
Host: embed.tawk.to
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://playmaster.co.ke
Connection: keep-alive
Referer: https://playmaster.co.ke/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
date: Thu, 08 Dec 2022 09:18:36 GMT
content-type: application/x-javascript
access-control-allow-origin: *
cache-control: public, max-age=7200, s-maxage=3600
etag: W/"stable-v4-637ddf31c8f"
vary: Accept-Encoding
strict-transport-security: max-age=0; includeSubDomains; preload
cf-cache-status: HIT
age: 179
x-content-type-options: nosniff
server: cloudflare
cf-ray: 77646a27bae3b4e8-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2

my.rtmark.net/p.js?f=sync&lr=1&partner=7f41a83d748afa4f865bfe2300b041dc5fdc50c8d7ce5030d4d425f67296d3b7

139.45.195.8

200 OK

697 B

URL HTTP/2
my.rtmark.net/p.js?f=sync&lr=1&partner=7f41a83d748afa4f865bfe2300b041dc5fdc50c8d7ce5030d4d425f67296d3b7
IP
139.45.195.8:0
ASN
#9002 RETN Limited

File type
ASCII text
Size
697 B (697 bytes)
Hash
c809b47e49ab30ce4531de95bdb2e642
ace06c6d6e6157683b752cb20def9ff29b864208
b3c4ceaf9a6fc3019b3ffefae2b3d055a15cfa4a86dc7cb8e31f6f704716bbd8

HTTP Headers

GET /p.js?f=sync&lr=1&partner=7f41a83d748afa4f865bfe2300b041dc5fdc50c8d7ce5030d4d425f67296d3b7 HTTP/1.1
Host: my.rtmark.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://playmaster.co.ke/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
server: nginx
date: Thu, 08 Dec 2022 09:18:36 GMT
content-type: text/javascript
content-length: 697
access-control-allow-origin: *
access-control-allow-methods: POST, GET, OPTIONS, PUT, DELETE
access-control-allow-headers: Accept, Content-Type, Content-Length, Accept-Encoding, Authorization,X-CSRF-Token
access-control-expose-headers: Authorization
access-control-allow-credentials: true
strict-transport-security: max-age=1
x-content-type-options: nosniff
timing-allow-origin: *, *
X-Firefox-Spdy: h2

my.rtmark.net/p.js?f=sync&lr=1&partner=0a33899fd0710311f885aa995a362f745b43cf9fa64a57afd98f276247391262

139.45.195.8

200 OK

697 B

URL HTTP/2
my.rtmark.net/p.js?f=sync&lr=1&partner=0a33899fd0710311f885aa995a362f745b43cf9fa64a57afd98f276247391262
IP
139.45.195.8:0
ASN
#9002 RETN Limited

File type
ASCII text
Size
697 B (697 bytes)
Hash
9fc3ae679b63d633b774a21cdef5f000
f152c15b218ebfd5e71e75bb48396a5816b581ec
1cc768fc95debe6461d0ca57e225bfa3c764435db518aca1a401a9ef7d1f84f2

HTTP Headers

GET /p.js?f=sync&lr=1&partner=0a33899fd0710311f885aa995a362f745b43cf9fa64a57afd98f276247391262 HTTP/1.1
Host: my.rtmark.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://playmaster.co.ke/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
server: nginx
date: Thu, 08 Dec 2022 09:18:36 GMT
content-type: text/javascript
content-length: 697
access-control-allow-origin: *
access-control-allow-methods: POST, GET, OPTIONS, PUT, DELETE
access-control-allow-headers: Accept, Content-Type, Content-Length, Accept-Encoding, Authorization,X-CSRF-Token
access-control-expose-headers: Authorization
access-control-allow-credentials: true
strict-transport-security: max-age=1
x-content-type-options: nosniff
timing-allow-origin: *, *
X-Firefox-Spdy: h2

playmaster.co.ke/main.b74c09a1eadac255c700.js

188.114.97.1

200 OK

697 B

URL HTTP/2
playmaster.co.ke/main.b74c09a1eadac255c700.js
IP
188.114.97.1:0
ASN
#13335 CLOUDFLARENET

File type
data
Size
697 B (697 bytes)
Hash
068b8309e7fb06560e560c8dece8d934
2ae1a89362092080187b9965a400ac30633bed20
a5de384f92fcdf2f30a75f3539082d380d0d75d6b646f6c6d225caf507db3874

HTTP Headers

GET /main.b74c09a1eadac255c700.js HTTP/1.1
Host: playmaster.co.ke
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://playmaster.co.ke/en/ucasino_ms/h-slots-20-super-hot-egt
Cookie: web.sid=s%3Aky_Qw-Fv_ooafgWQoo7SmBz2WKo8N-M6.OHcx%2Fbh5v8Qo21bSjMwzGk5x69cCnI7Nbh7XKtWCp%2Fg
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
date: Thu, 08 Dec 2022 09:18:35 GMT
content-type: application/javascript
last-modified: Tue, 29 Nov 2022 12:44:08 GMT
etag: W/"6385fe98-584ee9"
expires: Thu, 05 Jan 2023 10:07:24 GMT
cache-control: max-age=2592000
x-frame-options: SAMEORIGIN
cf-cache-status: HIT
age: 169871
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=O4W4fM7HGzNj4b%2FIgs0mS9ph1NClg1EuZ31MIZztaST5KbrUEFgSef2pShospxOOGMbTn4HhJAE5i%2Fp0g1%2FgdQ%2Bk3wmQxlSI6LrhN2%2B5SVWpNOc4uuphNB3i3OAkupmNEZEg"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 77646a2139ee1c12-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2

my.rtmark.net/p.js?f=sync&lr=1&partner=458124450432a37bd27e68ab57fa2c7806a129a6e516153febe0dca195779ca0

139.45.195.8

200 OK

697 B

URL HTTP/2
my.rtmark.net/p.js?f=sync&lr=1&partner=458124450432a37bd27e68ab57fa2c7806a129a6e516153febe0dca195779ca0
IP
139.45.195.8:0
ASN
#9002 RETN Limited

File type
ASCII text
Size
697 B (697 bytes)
Hash
8ea8c8bd7b4a8c06dc3d0bcecbb0f310
e730e1b8d2c46b6d1d31916d8a668a375c8f5200
c14e09a0d72b50111f563843cc7e05cd6f04bf2531d5e3731e2e7c3d76a01dc1

HTTP Headers

GET /p.js?f=sync&lr=1&partner=458124450432a37bd27e68ab57fa2c7806a129a6e516153febe0dca195779ca0 HTTP/1.1
Host: my.rtmark.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://playmaster.co.ke/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
server: nginx
date: Thu, 08 Dec 2022 09:18:36 GMT
content-type: text/javascript
content-length: 697
access-control-allow-origin: *
access-control-allow-methods: POST, GET, OPTIONS, PUT, DELETE
access-control-allow-headers: Accept, Content-Type, Content-Length, Accept-Encoding, Authorization,X-CSRF-Token
access-control-expose-headers: Authorization
access-control-allow-credentials: true
strict-transport-security: max-age=1
x-content-type-options: nosniff
timing-allow-origin: *, *
X-Firefox-Spdy: h2

my.rtmark.net/img.gif?f=sync&lr=1&partner=458124450432a37bd27e68ab57fa2c7806a129a6e516153febe0dca195779ca0

139.45.195.8

200 OK

43 B

URL HTTP/2
my.rtmark.net/img.gif?f=sync&lr=1&partner=458124450432a37bd27e68ab57fa2c7806a129a6e516153febe0dca195779ca0
IP
139.45.195.8:0
ASN
#9002 RETN Limited

File type
GIF image data, version 89a, 1 x 1\012- data
Size
43 B (43 bytes)
Hash
b4491705564909da7f9eaf749dbbfbb1
279315d507855c6a4351e1e2c2f39dd9cd2fccd8
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

HTTP Headers

GET /img.gif?f=sync&lr=1&partner=458124450432a37bd27e68ab57fa2c7806a129a6e516153febe0dca195779ca0 HTTP/1.1
Host: my.rtmark.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://playmaster.co.ke/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers

HTTP/2 200 OK
server: nginx
date: Thu, 08 Dec 2022 09:18:36 GMT
content-type: image/gif
content-length: 43
access-control-allow-origin: *
access-control-allow-methods: POST, GET, OPTIONS, PUT, DELETE
access-control-allow-headers: Accept, Content-Type, Content-Length, Accept-Encoding, Authorization,X-CSRF-Token
access-control-expose-headers: Authorization
access-control-allow-credentials: true
set-cookie: ID=e06aeacaa8664f57b70c6feee49f71b5; expires=Fri, 08 Dec 2023 09:18:36 GMT; secure; SameSite=None
strict-transport-security: max-age=1
x-content-type-options: nosniff
timing-allow-origin: *, *
X-Firefox-Spdy: h2

my.rtmark.net/img.gif?f=sync&lr=1&partner=9f7d9fee71938e979ff3c186172fe99af6fed4d05cd2f164407368f8cad38667

139.45.195.8

200 OK

43 B

URL HTTP/2
my.rtmark.net/img.gif?f=sync&lr=1&partner=9f7d9fee71938e979ff3c186172fe99af6fed4d05cd2f164407368f8cad38667
IP
139.45.195.8:0
ASN
#9002 RETN Limited

File type
GIF image data, version 89a, 1 x 1\012- data
Size
43 B (43 bytes)
Hash
b4491705564909da7f9eaf749dbbfbb1
279315d507855c6a4351e1e2c2f39dd9cd2fccd8
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

HTTP Headers

GET /img.gif?f=sync&lr=1&partner=9f7d9fee71938e979ff3c186172fe99af6fed4d05cd2f164407368f8cad38667 HTTP/1.1
Host: my.rtmark.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://playmaster.co.ke/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
server: nginx
date: Thu, 08 Dec 2022 09:18:36 GMT
content-type: image/gif
content-length: 43
access-control-allow-origin: *
access-control-allow-methods: POST, GET, OPTIONS, PUT, DELETE
access-control-allow-headers: Accept, Content-Type, Content-Length, Accept-Encoding, Authorization,X-CSRF-Token
access-control-expose-headers: Authorization
access-control-allow-credentials: true
set-cookie: ID=bb694dd998954404a00bd5edcd73fdba; expires=Fri, 08 Dec 2023 09:18:36 GMT; secure; SameSite=None
strict-transport-security: max-age=1
x-content-type-options: nosniff
timing-allow-origin: *, *
X-Firefox-Spdy: h2

my.rtmark.net/img.gif?f=sync&lr=1&partner=0a33899fd0710311f885aa995a362f745b43cf9fa64a57afd98f276247391262

139.45.195.8

200 OK

43 B

URL HTTP/2
my.rtmark.net/img.gif?f=sync&lr=1&partner=0a33899fd0710311f885aa995a362f745b43cf9fa64a57afd98f276247391262
IP
139.45.195.8:0
ASN
#9002 RETN Limited

File type
GIF image data, version 89a, 1 x 1\012- data
Size
43 B (43 bytes)
Hash
b4491705564909da7f9eaf749dbbfbb1
279315d507855c6a4351e1e2c2f39dd9cd2fccd8
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

HTTP Headers

GET /img.gif?f=sync&lr=1&partner=0a33899fd0710311f885aa995a362f745b43cf9fa64a57afd98f276247391262 HTTP/1.1
Host: my.rtmark.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://playmaster.co.ke/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers

HTTP/2 200 OK
server: nginx
date: Thu, 08 Dec 2022 09:18:36 GMT
content-type: image/gif
content-length: 43
access-control-allow-origin: *
access-control-allow-methods: POST, GET, OPTIONS, PUT, DELETE
access-control-allow-headers: Accept, Content-Type, Content-Length, Accept-Encoding, Authorization,X-CSRF-Token
access-control-expose-headers: Authorization
access-control-allow-credentials: true
set-cookie: ID=9e3fcf0fd2b1439fb3b61259ea35d1c8; expires=Fri, 08 Dec 2023 09:18:36 GMT; secure; SameSite=None
strict-transport-security: max-age=1
x-content-type-options: nosniff
timing-allow-origin: *, *
X-Firefox-Spdy: h2

my.rtmark.net/img.gif?f=sync&lr=1&partner=7f41a83d748afa4f865bfe2300b041dc5fdc50c8d7ce5030d4d425f67296d3b7

139.45.195.8

200 OK

43 B

URL HTTP/2
my.rtmark.net/img.gif?f=sync&lr=1&partner=7f41a83d748afa4f865bfe2300b041dc5fdc50c8d7ce5030d4d425f67296d3b7
IP
139.45.195.8:0
ASN
#9002 RETN Limited

File type
GIF image data, version 89a, 1 x 1\012- data
Size
43 B (43 bytes)
Hash
b4491705564909da7f9eaf749dbbfbb1
279315d507855c6a4351e1e2c2f39dd9cd2fccd8
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

HTTP Headers

GET /img.gif?f=sync&lr=1&partner=7f41a83d748afa4f865bfe2300b041dc5fdc50c8d7ce5030d4d425f67296d3b7 HTTP/1.1
Host: my.rtmark.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://playmaster.co.ke/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
server: nginx
date: Thu, 08 Dec 2022 09:18:36 GMT
content-type: image/gif
content-length: 43
access-control-allow-origin: *
access-control-allow-methods: POST, GET, OPTIONS, PUT, DELETE
access-control-allow-headers: Accept, Content-Type, Content-Length, Accept-Encoding, Authorization,X-CSRF-Token
access-control-expose-headers: Authorization
access-control-allow-credentials: true
set-cookie: ID=afd1bffb37954c09a74f5fddc51b8ee2; expires=Fri, 08 Dec 2023 09:18:36 GMT; secure; SameSite=None
strict-transport-security: max-age=1
x-content-type-options: nosniff
timing-allow-origin: *, *
X-Firefox-Spdy: h2

r3.o.lencr.org/

23.36.77.32

200 OK

503 B

URL HTTP/1.1
r3.o.lencr.org/
IP
23.36.77.32:0
ASN
#20940 Akamai International B.V.

File type
data
Size
503 B (503 bytes)
Hash
814fe52c4aeed574082cd7e710264365
f5b51f3a7a6f8dd635975ec4a4065155b96b5e8b
110ab90d6cd1b47566ff3524136449ef590f42dcd838fb5d3802b67c846a84f9

HTTP Headers

POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "110AB90D6CD1B47566FF3524136449EF590F42DCD838FB5D3802B67C846A84F9"
Last-Modified: Wed, 07 Dec 2022 17:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=5832
Expires: Thu, 08 Dec 2022 10:55:49 GMT
Date: Thu, 08 Dec 2022 09:18:37 GMT
Connection: keep-alive

playmaster.co.ke/files/webexIconsDesktop/assets/image/royal-win/logo.png

188.114.97.1

200 OK

20 kB

URL HTTP/2
playmaster.co.ke/files/webexIconsDesktop/assets/image/royal-win/logo.png
IP
188.114.97.1:0
ASN
#13335 CLOUDFLARENET

File type
PNG image data, 142 x 168, 8-bit/color RGBA, non-interlaced\012- data
Size
20 kB (19721 bytes)
Hash
bd7bcf8a27de6eb0ca4b88bfacc70ac0
84db6daeb3b1d08779e2c2e55ac80b25bb08d3dc
9e54e943fec4b06137b9587197b444f9ff888bc7dca221730156cdffce34e560

HTTP Headers

GET /files/webexIconsDesktop/assets/image/royal-win/logo.png HTTP/1.1
Host: playmaster.co.ke
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://playmaster.co.ke/en/auth/signin
Cookie: web.sid=s%3Aky_Qw-Fv_ooafgWQoo7SmBz2WKo8N-M6.OHcx%2Fbh5v8Qo21bSjMwzGk5x69cCnI7Nbh7XKtWCp%2Fg
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
date: Thu, 08 Dec 2022 09:18:37 GMT
content-type: image/png
content-length: 19721
last-modified: Tue, 29 Nov 2022 12:38:33 GMT
etag: "6385fd49-4d09"
expires: Sat, 07 Jan 2023 09:15:37 GMT
cache-control: max-age=2592000
x-frame-options: SAMEORIGIN
cf-cache-status: HIT
age: 180
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Ek3zB%2FIccB59Zm%2FS27uD9jKVZZgNpDRYi%2BHlYYOsZJC2GM%2FC%2BAMc0YufnOtcIurD9utRYmr%2BsmBWTc1tuWzzhueQPqSApNodpcvRgA16%2FtbwsuQbJOvFJB6uqfrIybnHBoBe"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 77646a297c011c12-OSL
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2

playmaster.co.ke/files/webexIconsDesktop/assets/image/royal-win/popupbackgroundroyalwin.png

188.114.97.1

200 OK

411 kB

URL HTTP/2
playmaster.co.ke/files/webexIconsDesktop/assets/image/royal-win/popupbackgroundroyalwin.png
IP
188.114.97.1:0
ASN
#13335 CLOUDFLARENET

File type
PNG image data, 1083 x 629, 8-bit/color RGBA, non-interlaced\012- data
Size
411 kB (411181 bytes)
Hash
60f5e8780f21b2ccd7640cf68d09e5bf
6c81b2316588c6df88ba0b26a024d947b00af6b9
8698951599b843e5147f60f9ecf6c2f75540d892480c5dce37fa9e4e5ddaf43c

HTTP Headers

GET /files/webexIconsDesktop/assets/image/royal-win/popupbackgroundroyalwin.png HTTP/1.1
Host: playmaster.co.ke
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://playmaster.co.ke/styles.38a40fa341bae485618c.css
Cookie: web.sid=s%3Aky_Qw-Fv_ooafgWQoo7SmBz2WKo8N-M6.OHcx%2Fbh5v8Qo21bSjMwzGk5x69cCnI7Nbh7XKtWCp%2Fg
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
date: Thu, 08 Dec 2022 09:18:37 GMT
content-type: image/png
content-length: 411181
last-modified: Tue, 29 Nov 2022 12:38:33 GMT
etag: "6385fd49-6462d"
expires: Thu, 05 Jan 2023 10:07:25 GMT
cache-control: max-age=2592000
x-frame-options: SAMEORIGIN
cf-cache-status: HIT
age: 169872
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=meYNobW%2BhRg%2BxdPpVNa1yvvF%2BvI5%2FHIQrniPoHqTS2rp4Kqxl%2B%2BuPp2%2BRqc2efVoTf0mPyjQpw4pyxUYXkkckudANkUPPmh5IIK0GrFojqUMHatiOtswyLU79hXHd0auLmu0"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 77646a298c0f1c12-OSL
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2

playmaster.co.ke/api/v2/multi

188.114.97.1

200 OK

1.4 kB

URL HTTP/2
playmaster.co.ke/api/v2/multi
IP
188.114.97.1:0
ASN
#13335 CLOUDFLARENET

File type
JSON data\012- , ASCII text, with very long lines (644), with no line terminators
Size
1.4 kB (1420 bytes)
Hash
17e2e2f21c31e7bd1c6207382e2816ff
8f22fde8418ae483ba199ee91a84ef3a634c1812
d3b62a43cf28b5e54cb07472bce4e4aed8ed0be0b1c07d086c4051d3252b7a97

HTTP Headers

POST /api/v2/multi HTTP/1.1
Host: playmaster.co.ke
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/json, text/plain, */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
authorization: 
Content-Type: application/json
Content-Length: 84
Origin: https://playmaster.co.ke
Connection: keep-alive
Referer: https://playmaster.co.ke/en/ucasino_ms/h-slots-20-super-hot-egt
Cookie: web.sid=s%3Aky_Qw-Fv_ooafgWQoo7SmBz2WKo8N-M6.OHcx%2Fbh5v8Qo21bSjMwzGk5x69cCnI7Nbh7XKtWCp%2Fg
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
date: Thu, 08 Dec 2022 09:18:36 GMT
content-type: application/json; charset=utf-8
x-xss-protection: 1
strict-transport-security: max-age=3600
access-control-allow-origin: http://localhost:9999
vary: Origin
access-control-allow-credentials: true
x-frame-options: SAMEORIGIN
cf-cache-status: DYNAMIC
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=4pXRvgK0f9Le9aYwyx5Ox1cn1GjUnGvet6Z1DTPH12hv5q9UMvQM7vU4nwO2lfCb%2FWBRLle6ooTneNnchoOpwTJInwcBKFUS38AFS4AtbMz7Lbxj1Mq%2BXa7p4wEp6LUCuzYR"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 77646a278a2b1c12-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2

playmaster.co.ke/files/webexIconsDesktop/assets/image/royal-win/closebtnroyalwin.png

188.114.97.1

200 OK

736 B

URL HTTP/2
playmaster.co.ke/files/webexIconsDesktop/assets/image/royal-win/closebtnroyalwin.png
IP
188.114.97.1:0
ASN
#13335 CLOUDFLARENET

File type
PNG image data, 84 x 81, 8-bit/color RGBA, non-interlaced\012- data
Size
736 B (736 bytes)
Hash
c6a07c630b2b0f04912f2976556bd4ae
7cf0820924432f7087cae52aa1f17fe2c3855153
95297c1b17a44e794cc4c04614574f2b0c29ee25ac73e4cc48eb857ab5e30117

HTTP Headers

GET /files/webexIconsDesktop/assets/image/royal-win/closebtnroyalwin.png HTTP/1.1
Host: playmaster.co.ke
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://playmaster.co.ke/en/auth/signin
Cookie: web.sid=s%3Aky_Qw-Fv_ooafgWQoo7SmBz2WKo8N-M6.OHcx%2Fbh5v8Qo21bSjMwzGk5x69cCnI7Nbh7XKtWCp%2Fg
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
date: Thu, 08 Dec 2022 09:18:37 GMT
content-type: image/png
content-length: 736
last-modified: Tue, 29 Nov 2022 12:38:33 GMT
etag: "6385fd49-2e0"
expires: Sat, 07 Jan 2023 09:15:37 GMT
cache-control: max-age=2592000
x-frame-options: SAMEORIGIN
cf-cache-status: HIT
age: 180
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=TrUWJgmlDXflFxJOXcIVov02bhgAojlzVTCGUPgEsqBEeSuOIb7szbXkbFlgOeY0iC88%2BSaeC5kPm3CyKNW8yM2vbOSvFUx6GFpgMTXJATbX7MUGaznviQLwLFl0xAYa3CKj"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 77646a298c071c12-OSL
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2

unphionetor.com/vctx?t=95799

139.45.197.236

204 No Content

0 B

URL HTTP/2
unphionetor.com/vctx?t=95799
IP
139.45.197.236:0
ASN
#9002 RETN Limited

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Detections

Analyzer	Verdict	Alert
quad9	Sinkholed

HTTP Headers

GET /vctx?t=95799 HTTP/1.1
Host: unphionetor.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://playmaster.co.ke
Connection: keep-alive
Referer: https://playmaster.co.ke/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 204 No Content
server: nginx
date: Thu, 08 Dec 2022 09:18:37 GMT
access-control-allow-origin: https://playmaster.co.ke
access-control-allow-methods: POST, GET, OPTIONS, PUT, DELETE
access-control-allow-headers: Accept, Content-Type, Content-Length, Accept-Encoding, Authorization,X-CSRF-Token
access-control-expose-headers: Authorization
access-control-allow-credentials: true
pragma: no-cache
cache-control: no-transform, no-store, no-cache, must-revalidate, max-age=0
expires: Tue, 11 Jan 1994 10:00:00 GMT
x-trace-id: 57db8c972350b2e828aa858d9c7b572c
strict-transport-security: max-age=1
x-content-type-options: nosniff
timing-allow-origin: *, *
X-Firefox-Spdy: h2

playmaster.co.ke/api/v2/multi

188.114.97.1

200 OK

726 B

URL HTTP/2
playmaster.co.ke/api/v2/multi
IP
188.114.97.1:0
ASN
#13335 CLOUDFLARENET

File type
JSON data\012- , ASCII text, with very long lines (395), with no line terminators
Size
726 B (726 bytes)
Hash
dc992d4124033ca8f44d11da462c00c3
4f27af64eb94c37177242a2e6984d70ce5bf5bfa
927be30aa2276410cc0d9aed8dae77347d426452d529a72f469db13aec5c5f2c

HTTP Headers

POST /api/v2/multi HTTP/1.1
Host: playmaster.co.ke
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/json, text/plain, */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
authorization: 
Content-Type: application/json
Content-Length: 71
Origin: https://playmaster.co.ke
Connection: keep-alive
Referer: https://playmaster.co.ke/en/ucasino_ms/h-slots-20-super-hot-egt
Cookie: web.sid=s%3Aky_Qw-Fv_ooafgWQoo7SmBz2WKo8N-M6.OHcx%2Fbh5v8Qo21bSjMwzGk5x69cCnI7Nbh7XKtWCp%2Fg
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
date: Thu, 08 Dec 2022 09:18:36 GMT
content-type: application/json; charset=utf-8
x-xss-protection: 1
strict-transport-security: max-age=3600
access-control-allow-origin: http://localhost:9999
vary: Origin
access-control-allow-credentials: true
x-frame-options: SAMEORIGIN
cf-cache-status: DYNAMIC
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Xgdlqv7MPqVIHeySKK6ZR0owRXfM89fGgALlQXQIDiFdCC7wfcgVptYmgYrt%2BMceDonEHiCc7h6xqSB595BDRAKq73aVrxifUKQUZjjbg3mSFb46zc6vdmLu5x1v7CMonVD0"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 77646a26e9681c12-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2

fs.betunit.com/1665481453050royalwin-prize_ZM%20(1).png

104.21.84.22

200 OK

151 kB

URL HTTP/1.1
fs.betunit.com/1665481453050royalwin-prize_ZM%20(1).png
IP
104.21.84.22:0
ASN
#13335 CLOUDFLARENET

File type
PNG image data, 411 x 275, 8-bit/color RGBA, non-interlaced\012- data
Size
151 kB (150615 bytes)
Hash
e2ff47958cd9b7fa96aad30b4c89c0fb
01f363900df72367d8565f32fdb0f25e99bba221
3076cb8bcae346179d595167d0eb017b11ad4fb48f1421f0dcd4028fd18e436f

HTTP Headers

GET /1665481453050royalwin-prize_ZM%20(1).png HTTP/1.1
Host: fs.betunit.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive

HTTP/1.1 200 OK
Date: Thu, 08 Dec 2022 09:18:37 GMT
Content-Type: image/png
Content-Length: 150615
Connection: keep-alive
Last-Modified: Tue, 11 Oct 2022 09:44:13 GMT
ETag: "63453aed-24c57"
Cache-Control: max-age=14400
CF-Cache-Status: HIT
Age: 180
Accept-Ranges: bytes
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=FSytNXo0E1Lo17J0l6CYi0ERIvG10rKU%2FHhyHN7wLYbgHG1725L%2F2y7HE32VGxRF3UyC9PsiM4bDiSNTuYOT8M6zFprSMRNfwtIOlQL4brHde0uqtuit%2B0lGTV0%2FV0tOMA%3D%3D"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 77646a2ab8f2b521-OSL
alt-svc: h2=":443"; ma=60

playmaster.co.ke/api/v2/multi

188.114.97.1

200 OK

21 kB

URL HTTP/2
playmaster.co.ke/api/v2/multi
IP
188.114.97.1:0
ASN
#13335 CLOUDFLARENET

File type
JSON data\012- , ASCII text, with very long lines (5067), with no line terminators
Size
21 kB (21113 bytes)
Hash
da602a67d8a3e7169fbf885833f9b142
725b433f13ccd43fc56d39590e7e42c9f10e9287
92c063d7c91b2a2f5e3a0b3da00b3c86321053d6c9eb6cdfe94703fe2884fdd3

HTTP Headers

POST /api/v2/multi HTTP/1.1
Host: playmaster.co.ke
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/json, text/plain, */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
authorization: 
Content-Type: application/json
Content-Length: 87
Origin: https://playmaster.co.ke
Connection: keep-alive
Referer: https://playmaster.co.ke/en/auth/signin
Cookie: web.sid=s%3Aky_Qw-Fv_ooafgWQoo7SmBz2WKo8N-M6.OHcx%2Fbh5v8Qo21bSjMwzGk5x69cCnI7Nbh7XKtWCp%2Fg
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
date: Thu, 08 Dec 2022 09:18:37 GMT
content-type: application/json; charset=utf-8
x-xss-protection: 1
strict-transport-security: max-age=3600
access-control-allow-origin: http://localhost:9999
vary: Origin
access-control-allow-credentials: true
x-frame-options: SAMEORIGIN
cf-cache-status: DYNAMIC
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=p0bF48Q4TqCD0F1MtVRpFr0rCKyrSwmAfzTk2TLQoaCwYxzK%2FKcC3hE%2F3dIW7ePMmh6jVuUwBlA2EI6oIxuylsPQCjQyMRb8NboZNQNGN2NKa097ZTPld1bMBEcahjMFCsAg"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 77646a297c001c12-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2

static.hotjar.com/c/hotjar-1404705.js?sv=6

143.204.55.37

200 OK

3.4 kB

URL HTTP/2
static.hotjar.com/c/hotjar-1404705.js?sv=6
IP
143.204.55.37:0
ASN
#16509 AMAZON-02

File type
ASCII text, with very long lines (5960)
Size
3.4 kB (3354 bytes)
Hash
07ce4fa55607e85694dc8f830b268d9c
ff56cca853d0bc3ea1b3057318e8c03cf22e684a
9007ae3051b38174860a8aae29520fe4077048474754e9daee59f6638a6b507a

HTTP Headers

GET /c/hotjar-1404705.js?sv=6 HTTP/1.1
Host: static.hotjar.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://playmaster.co.ke/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
content-encoding: br
cross-origin-resource-policy: cross-origin
strict-transport-security: max-age=2592000; includeSubDomains
x-cache-hit: 1
x-content-type-options: nosniff
date: Thu, 08 Dec 2022 09:18:37 GMT
cache-control: max-age=60
etag: W/88ad054fd868217066fc984201ffc270
vary: Accept-Encoding
x-cache: RefreshHit from cloudfront
via: 1.1 f46f7100ad6fc83a021f62212f945830.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-C1
x-amz-cf-id: _y-w2a7B13rB4VasWOctxnUwPf4Adkgn03f4cLus1GOmelbEll0MHg==
X-Firefox-Spdy: h2

www.google-analytics.com/j/collect?v=1&_v=j98&a=2048811433&t=pageview&_s=1&dl=https%3A%2F%2Fplaymaster.co.ke%2Fen%2Fauth%2Fsignin&ul=en-us&de=UTF-8&dt=Playmaster%20Login%20%7C%20Register&sd=24-bit&sr=1280x1024&vp=1280x939&je=0&_u=IEBAAEABAAAAACAAI~&jid=1741654101&gjid=671474772&cid=576073206.1670491117&tid=UA-90610526-6&_gid=1592797196.1670491117&_r=1&_slc=1&z=1886670188

142.250.74.46

200 OK

4 B

URL HTTP/2
www.google-analytics.com/j/collect?v=1&_v=j98&a=2048811433&t=pageview&_s=1&dl=https%3A%2F%2Fplaymaster.co.ke%2Fen%2Fauth%2Fsignin&ul=en-us&de=UTF-8&dt=Playmaster%20Login%20%7C%20Register&sd=24-bit&sr=1280x1024&vp=1280x939&je=0&_u=IEBAAEABAAAAACAAI~&jid=1741654101&gjid=671474772&cid=576073206.1670491117&tid=UA-90610526-6&_gid=1592797196.1670491117&_r=1&_slc=1&z=1886670188
IP
142.250.74.46:0
ASN
#15169 GOOGLE

File type
ASCII text, with no line terminators
Size
4 B (4 bytes)
Hash
9e92e190700c1af4539b40c2171320a9
209bcdb79e6067b51091ce8586d4b977f25b67d8
aec60bc104db041b1512185839f18f52986df7e569e5445f740dd60f763fbca8

HTTP Headers

POST /j/collect?v=1&_v=j98&a=2048811433&t=pageview&_s=1&dl=https%3A%2F%2Fplaymaster.co.ke%2Fen%2Fauth%2Fsignin&ul=en-us&de=UTF-8&dt=Playmaster%20Login%20%7C%20Register&sd=24-bit&sr=1280x1024&vp=1280x939&je=0&_u=IEBAAEABAAAAACAAI~&jid=1741654101&gjid=671474772&cid=576073206.1670491117&tid=UA-90610526-6&_gid=1592797196.1670491117&_r=1&_slc=1&z=1886670188 HTTP/1.1
Host: www.google-analytics.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: text/plain
Content-Length: 0
Origin: https://playmaster.co.ke
Connection: keep-alive
Referer: https://playmaster.co.ke/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers

HTTP/2 200 OK
access-control-allow-origin: https://playmaster.co.ke
date: Thu, 08 Dec 2022 09:18:37 GMT
pragma: no-cache
expires: Fri, 01 Jan 1990 00:00:00 GMT
cache-control: no-cache, no-store, must-revalidate
last-modified: Sun, 17 May 1998 03:00:00 GMT
access-control-allow-credentials: true
x-content-type-options: nosniff
content-type: text/plain
cross-origin-resource-policy: cross-origin
server: Golfe2
content-length: 4
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2

vars.hotjar.com/box-5e66f98b4ee957db209dc6f63e3d59dd.html

143.204.55.118

200 OK

1.0 kB

URL HTTP/2
vars.hotjar.com/box-5e66f98b4ee957db209dc6f63e3d59dd.html
IP
143.204.55.118:0
ASN
#16509 AMAZON-02

File type
HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text, with very long lines (2368), with no line terminators
Size
1.0 kB (1035 bytes)
Hash
e0652b84b7b3b650769c759fc520c3f8
0b55d6e28613350c7f41b88f19e726e6751ad03b
94b4c240f83065223dcacdd3f8b69cb229d0616edc3e2041eef3e270d859fc3d

HTTP Headers

GET /box-5e66f98b4ee957db209dc6f63e3d59dd.html HTTP/1.1
Host: vars.hotjar.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://playmaster.co.ke/
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
content-type: text/html
content-length: 1035
date: Wed, 23 Nov 2022 13:10:06 GMT
accept-ranges: bytes
cache-control: max-age=31536000
content-encoding: br
cross-origin-embedder-policy: require-corp
cross-origin-resource-policy: cross-origin
etag: "e0652b84b7b3b650769c759fc520c3f8"
last-modified: Wed, 23 Nov 2022 13:09:18 GMT
strict-transport-security: max-age=2592000; includeSubDomains
x-robots-tag: none
vary: Accept-Encoding
x-cache: Hit from cloudfront
via: 1.1 6480520a5e02f3163410e3134bd77baa.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-C1
x-amz-cf-id: SfTia3TEfqAQrwmHvcINkxPJbuM4BnQMm0A9E_uASByivwzJPXVb2A==
age: 1282111
X-Firefox-Spdy: h2

ocsp.pki.goog/gts1c3

142.250.74.131

200 OK

472 B

URL HTTP/1.1
ocsp.pki.goog/gts1c3
IP
142.250.74.131:0
ASN
#15169 GOOGLE

File type
data
Size
472 B (472 bytes)
Hash
6d7737802f93eeb14503d61c77c137bc
fa6861c298d00f879b9f16af4f05470cecfc80af
6b1b9763bcfaeb92a63ad6020651b3745e8279c634eb3505fc9fa875e772af42

HTTP Headers

POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Thu, 08 Dec 2022 09:18:37 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

stats.g.doubleclick.net/j/collect?t=dc&aip=1&_r=3&v=1&_v=j98&tid=UA-90610526-6&cid=576073206.1670491117&jid=1741654101&gjid=671474772&_gid=1592797196.1670491117&_u=IEBAAEAAAAAAACAAI~&z=1677733139

108.177.14.157

200 OK

4 B

URL HTTP/2
stats.g.doubleclick.net/j/collect?t=dc&aip=1&_r=3&v=1&_v=j98&tid=UA-90610526-6&cid=576073206.1670491117&jid=1741654101&gjid=671474772&_gid=1592797196.1670491117&_u=IEBAAEAAAAAAACAAI~&z=1677733139
IP
108.177.14.157:0
ASN
#15169 GOOGLE

File type
ASCII text, with no line terminators
Size
4 B (4 bytes)
Hash
48c0473b7821185d937e685216e2168b
3743e47f8a429a5e87b86cb582d78940733d9d2e
570c4d4674fd20602189c548c145ba1f8ac34bc2e4599a71471969028aa1e25a

HTTP Headers

POST /j/collect?t=dc&aip=1&_r=3&v=1&_v=j98&tid=UA-90610526-6&cid=576073206.1670491117&jid=1741654101&gjid=671474772&_gid=1592797196.1670491117&_u=IEBAAEAAAAAAACAAI~&z=1677733139 HTTP/1.1
Host: stats.g.doubleclick.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: text/plain
Content-Length: 0
Origin: https://playmaster.co.ke
Connection: keep-alive
Referer: https://playmaster.co.ke/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
access-control-allow-origin: https://playmaster.co.ke
strict-transport-security: max-age=10886400; includeSubDomains; preload
date: Thu, 08 Dec 2022 09:18:37 GMT
pragma: no-cache
expires: Fri, 01 Jan 1990 00:00:00 GMT
cache-control: no-cache, no-store, must-revalidate
last-modified: Sun, 17 May 1998 03:00:00 GMT
access-control-allow-credentials: true
x-content-type-options: nosniff
content-type: text/plain
cross-origin-resource-policy: cross-origin
server: Golfe2
content-length: 4
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2

r3.o.lencr.org/

23.36.77.32

200 OK

503 B

URL HTTP/1.1
r3.o.lencr.org/
IP
23.36.77.32:0
ASN
#20940 Akamai International B.V.

File type
data
Size
503 B (503 bytes)
Hash
48c90992f0837a58e0a36118a27dae6a
3d238fed35e6d247bddbba92864e6b92e6aed9b6
cacc53ed285e96dcd5ba7609823922a253bc0623999b8716f430632d2c0e7dac

HTTP Headers

POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "CACC53ED285E96DCD5BA7609823922A253BC0623999B8716F430632D2C0E7DAC"
Last-Modified: Wed, 07 Dec 2022 17:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=4352
Expires: Thu, 08 Dec 2022 10:31:09 GMT
Date: Thu, 08 Dec 2022 09:18:37 GMT
Connection: keep-alive

r3.o.lencr.org/

23.36.77.32

200 OK

503 B

URL HTTP/1.1
r3.o.lencr.org/
IP
23.36.77.32:0
ASN
#20940 Akamai International B.V.

File type
data
Size
503 B (503 bytes)
Hash
48c90992f0837a58e0a36118a27dae6a
3d238fed35e6d247bddbba92864e6b92e6aed9b6
cacc53ed285e96dcd5ba7609823922a253bc0623999b8716f430632d2c0e7dac

HTTP Headers

POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "CACC53ED285E96DCD5BA7609823922A253BC0623999B8716F430632D2C0E7DAC"
Last-Modified: Wed, 07 Dec 2022 17:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=4352
Expires: Thu, 08 Dec 2022 10:31:09 GMT
Date: Thu, 08 Dec 2022 09:18:37 GMT
Connection: keep-alive

my.rtmark.net/img.gif?f=sync&partner=7f41a83d748afa4f865bfe2300b041dc5fdc50c8d7ce5030d4d425f67296d3b7&ttl=&rurl=https%3A%2F%2Fplaymaster.co.ke%2Fen%2Fauth%2Fsignin

139.45.195.8

200 OK

43 B

URL HTTP/2
my.rtmark.net/img.gif?f=sync&partner=7f41a83d748afa4f865bfe2300b041dc5fdc50c8d7ce5030d4d425f67296d3b7&ttl=&rurl=https%3A%2F%2Fplaymaster.co.ke%2Fen%2Fauth%2Fsignin
IP
139.45.195.8:0
ASN
#9002 RETN Limited

File type
GIF image data, version 89a, 1 x 1\012- data
Size
43 B (43 bytes)
Hash
b4491705564909da7f9eaf749dbbfbb1
279315d507855c6a4351e1e2c2f39dd9cd2fccd8
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

HTTP Headers

GET /img.gif?f=sync&partner=7f41a83d748afa4f865bfe2300b041dc5fdc50c8d7ce5030d4d425f67296d3b7&ttl=&rurl=https%3A%2F%2Fplaymaster.co.ke%2Fen%2Fauth%2Fsignin HTTP/1.1
Host: my.rtmark.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://playmaster.co.ke/
Cookie: ID=afd1bffb37954c09a74f5fddc51b8ee2
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers

HTTP/2 200 OK
server: nginx
date: Thu, 08 Dec 2022 09:18:37 GMT
content-type: image/gif
content-length: 43
access-control-allow-origin: *
access-control-allow-methods: POST, GET, OPTIONS, PUT, DELETE
access-control-allow-headers: Accept, Content-Type, Content-Length, Accept-Encoding, Authorization,X-CSRF-Token
access-control-expose-headers: Authorization
access-control-allow-credentials: true
set-cookie: ID=afd1bffb37954c09a74f5fddc51b8ee2; expires=Fri, 08 Dec 2023 09:18:37 GMT; secure; SameSite=None
strict-transport-security: max-age=1
x-content-type-options: nosniff
timing-allow-origin: *, *
X-Firefox-Spdy: h2

my.rtmark.net/img.gif?f=sync&partner=9f7d9fee71938e979ff3c186172fe99af6fed4d05cd2f164407368f8cad38667&ttl=&rurl=https%3A%2F%2Fplaymaster.co.ke%2Fen%2Fauth%2Fsignin

139.45.195.8

200 OK

43 B

URL HTTP/2
my.rtmark.net/img.gif?f=sync&partner=9f7d9fee71938e979ff3c186172fe99af6fed4d05cd2f164407368f8cad38667&ttl=&rurl=https%3A%2F%2Fplaymaster.co.ke%2Fen%2Fauth%2Fsignin
IP
139.45.195.8:0
ASN
#9002 RETN Limited

File type
GIF image data, version 89a, 1 x 1\012- data
Size
43 B (43 bytes)
Hash
b4491705564909da7f9eaf749dbbfbb1
279315d507855c6a4351e1e2c2f39dd9cd2fccd8
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

HTTP Headers

GET /img.gif?f=sync&partner=9f7d9fee71938e979ff3c186172fe99af6fed4d05cd2f164407368f8cad38667&ttl=&rurl=https%3A%2F%2Fplaymaster.co.ke%2Fen%2Fauth%2Fsignin HTTP/1.1
Host: my.rtmark.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://playmaster.co.ke/
Cookie: ID=afd1bffb37954c09a74f5fddc51b8ee2
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers

HTTP/2 200 OK
server: nginx
date: Thu, 08 Dec 2022 09:18:37 GMT
content-type: image/gif
content-length: 43
access-control-allow-origin: *
access-control-allow-methods: POST, GET, OPTIONS, PUT, DELETE
access-control-allow-headers: Accept, Content-Type, Content-Length, Accept-Encoding, Authorization,X-CSRF-Token
access-control-expose-headers: Authorization
access-control-allow-credentials: true
set-cookie: ID=afd1bffb37954c09a74f5fddc51b8ee2; expires=Fri, 08 Dec 2023 09:18:37 GMT; secure; SameSite=None
strict-transport-security: max-age=1
x-content-type-options: nosniff
timing-allow-origin: *, *
X-Firefox-Spdy: h2

my.rtmark.net/img.gif?f=sync&partner=458124450432a37bd27e68ab57fa2c7806a129a6e516153febe0dca195779ca0&ttl=&rurl=https%3A%2F%2Fplaymaster.co.ke%2Fen%2Fauth%2Fsignin

139.45.195.8

200 OK

43 B

URL HTTP/2
my.rtmark.net/img.gif?f=sync&partner=458124450432a37bd27e68ab57fa2c7806a129a6e516153febe0dca195779ca0&ttl=&rurl=https%3A%2F%2Fplaymaster.co.ke%2Fen%2Fauth%2Fsignin
IP
139.45.195.8:0
ASN
#9002 RETN Limited

File type
GIF image data, version 89a, 1 x 1\012- data
Size
43 B (43 bytes)
Hash
b4491705564909da7f9eaf749dbbfbb1
279315d507855c6a4351e1e2c2f39dd9cd2fccd8
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

HTTP Headers

GET /img.gif?f=sync&partner=458124450432a37bd27e68ab57fa2c7806a129a6e516153febe0dca195779ca0&ttl=&rurl=https%3A%2F%2Fplaymaster.co.ke%2Fen%2Fauth%2Fsignin HTTP/1.1
Host: my.rtmark.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://playmaster.co.ke/
Cookie: ID=afd1bffb37954c09a74f5fddc51b8ee2
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers

HTTP/2 200 OK
server: nginx
date: Thu, 08 Dec 2022 09:18:37 GMT
content-type: image/gif
content-length: 43
access-control-allow-origin: *
access-control-allow-methods: POST, GET, OPTIONS, PUT, DELETE
access-control-allow-headers: Accept, Content-Type, Content-Length, Accept-Encoding, Authorization,X-CSRF-Token
access-control-expose-headers: Authorization
access-control-allow-credentials: true
set-cookie: ID=afd1bffb37954c09a74f5fddc51b8ee2; expires=Fri, 08 Dec 2023 09:18:37 GMT; secure; SameSite=None
strict-transport-security: max-age=1
x-content-type-options: nosniff
timing-allow-origin: *, *
X-Firefox-Spdy: h2

my.rtmark.net/img.gif?f=sync&partner=0a33899fd0710311f885aa995a362f745b43cf9fa64a57afd98f276247391262&ttl=&rurl=https%3A%2F%2Fplaymaster.co.ke%2Fen%2Fauth%2Fsignin

139.45.195.8

200 OK

43 B

URL HTTP/2
my.rtmark.net/img.gif?f=sync&partner=0a33899fd0710311f885aa995a362f745b43cf9fa64a57afd98f276247391262&ttl=&rurl=https%3A%2F%2Fplaymaster.co.ke%2Fen%2Fauth%2Fsignin
IP
139.45.195.8:0
ASN
#9002 RETN Limited

File type
GIF image data, version 89a, 1 x 1\012- data
Size
43 B (43 bytes)
Hash
b4491705564909da7f9eaf749dbbfbb1
279315d507855c6a4351e1e2c2f39dd9cd2fccd8
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

HTTP Headers

GET /img.gif?f=sync&partner=0a33899fd0710311f885aa995a362f745b43cf9fa64a57afd98f276247391262&ttl=&rurl=https%3A%2F%2Fplaymaster.co.ke%2Fen%2Fauth%2Fsignin HTTP/1.1
Host: my.rtmark.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://playmaster.co.ke/
Cookie: ID=afd1bffb37954c09a74f5fddc51b8ee2
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers

HTTP/2 200 OK
server: nginx
date: Thu, 08 Dec 2022 09:18:37 GMT
content-type: image/gif
content-length: 43
access-control-allow-origin: *
access-control-allow-methods: POST, GET, OPTIONS, PUT, DELETE
access-control-allow-headers: Accept, Content-Type, Content-Length, Accept-Encoding, Authorization,X-CSRF-Token
access-control-expose-headers: Authorization
access-control-allow-credentials: true
set-cookie: ID=afd1bffb37954c09a74f5fddc51b8ee2; expires=Fri, 08 Dec 2023 09:18:37 GMT; secure; SameSite=None
strict-transport-security: max-age=1
x-content-type-options: nosniff
timing-allow-origin: *, *
X-Firefox-Spdy: h2

img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F0d27bcd3-7b4f-4d99-8f0d-b7b98bfaa8d7.jpeg

34.120.237.76

200 OK

5.6 kB

URL HTTP/2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F0d27bcd3-7b4f-4d99-8f0d-b7b98bfaa8d7.jpeg
IP
34.120.237.76:0
ASN
#15169 GOOGLE

File type
JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Size
5.6 kB (5620 bytes)
Hash
ce35df4fe4f77c950e40dc44b311bab4
aadf97d040e3577599581e892ee20f88d191bf91
f9c4cfc384213f77c0bbb252f3d6fbc22be60e1ecc158eece857d5050c8ced3c

HTTP Headers

GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F0d27bcd3-7b4f-4d99-8f0d-b7b98bfaa8d7.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
server: nginx
content-length: 5620
x-amzn-requestid: fadda084-c7fc-4ec0-bad0-27e97b8349d6
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: cy4gHGIMIAMFy_g=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-6391079a-5dc824963fe82ab927205128;Sampled=0
x-amzn-remapped-date: Wed, 07 Dec 2022 21:37:30 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C2
x-cache: Miss from cloudfront
x-amz-cf-id: ITQgs0jVosYx5zvT7j4YLqGZ1HEmsNgartV3g8uaNuJHs4VqVs50OQ==
via: 1.1 c7c3cdef911c9ee3c1a83a78f425dc5a.cloudfront.net (CloudFront), 1.1 98aedae6661e3904540676966998ed88.cloudfront.net (CloudFront), 1.1 google
date: Wed, 07 Dec 2022 21:47:24 GMT
age: 41473
etag: "aadf97d040e3577599581e892ee20f88d191bf91"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2

34.120.237.76

200 OK

6.1 kB

URL HTTP/2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F1e6c8e9d-aef1-4772-8747-82ef7e4ceeb1.jpeg
IP
34.120.237.76:0
ASN
#15169 GOOGLE

File type
JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Size
6.1 kB (6110 bytes)
Hash
fb1ea0161d261518c99909aff49e6f58
c3b915cb579b651db25442fea0bbedd0d292c0fc
d877a21abfd883a368da0136c4e56d7f590fa9e9ea09dec3675823211fe56385

HTTP Headers

GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F1e6c8e9d-aef1-4772-8747-82ef7e4ceeb1.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
server: nginx
content-length: 6110
x-amzn-requestid: 2ebf542a-dacc-472a-81c0-0c69cb1ec143
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: ctEQAH2doAMFljA=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-638eb3ff-7173ff7941b57fa163e3cc6b;Sampled=0
x-amzn-remapped-date: Tue, 06 Dec 2022 03:16:15 GMT
x-amz-cf-pop: SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: Bo1JGLLmbH9LRrcXA4i8qVD1ilMqHxNWq1u52RhGMAdAhywK42lMPA==
via: 1.1 4f87745990545c1ac0195c157e1668f8.cloudfront.net (CloudFront), 1.1 559326ad73233233a9e52cb9e8601ede.cloudfront.net (CloudFront), 1.1 google
date: Thu, 08 Dec 2022 01:57:38 GMT
age: 26459
etag: "c3b915cb579b651db25442fea0bbedd0d292c0fc"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2

34.120.237.76

200 OK

14 kB

URL HTTP/2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F234796b8-a59e-4174-a03a-b127b03b60eb.jpeg
IP
34.120.237.76:0
ASN
#15169 GOOGLE

File type
JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Size
14 kB (13556 bytes)
Hash
57a992ab666f21c6da0057fefb622ff2
c36381d6744ae44360b2a37ca7586028e980714b
afe4050d9b07dcab509c95eb8d75ca410db74bd59f39561e5d190550cb61503e

HTTP Headers

GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F234796b8-a59e-4174-a03a-b127b03b60eb.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
server: nginx
content-length: 13556
x-amzn-requestid: 3e79e2da-80ea-404c-8d87-939c7682dbe8
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: cy4h8EuUIAMFkIQ=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-639107a5-68318f164708882a43fb0f12;Sampled=0
x-amzn-remapped-date: Wed, 07 Dec 2022 21:37:41 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C2
x-cache: Miss from cloudfront
x-amz-cf-id: 7RZTh3iQHGp_XffXQQw13UUWqPNZQFJ_e4pIvNPgAaA1aGy_cXMueA==
via: 1.1 0c96ded7ff282d2dbcf47c918b6bb500.cloudfront.net (CloudFront), 1.1 943c6a4d4ee43b18ee91634536f53eae.cloudfront.net (CloudFront), 1.1 google
date: Wed, 07 Dec 2022 22:18:20 GMT
age: 39617
etag: "c36381d6744ae44360b2a37ca7586028e980714b"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2

34.120.237.76

200 OK

10 kB

URL HTTP/2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F8a21d707-1bf7-4b7f-a23b-7e8f38dd40c5.jpeg
IP
34.120.237.76:0
ASN
#15169 GOOGLE

File type
JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Size
10 kB (10164 bytes)
Hash
3d44d17585c9a536c8da0e75ed90d175
9dc35d0f6b251004bc1ddc83aea9ee71c95aedd1
6d14a5b5c43b39244434560a83a2bfea6604a4d072943b6147293b7adfd1b7b7

HTTP Headers

GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F8a21d707-1bf7-4b7f-a23b-7e8f38dd40c5.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
server: nginx
content-length: 10164
x-amzn-requestid: a0cb7259-0a07-44f5-91cd-e96b8d9c9cac
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: cnAPOGSnoAMFUUQ=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-638c472e-799b6ee425e29fb70ff7e4ea;Sampled=0
x-amzn-remapped-date: Sun, 04 Dec 2022 07:07:26 GMT
x-amz-cf-pop: SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: 5Q2LRCrEYVZz_KldQARUQ26O1mv0G7rMAPQXGkBzUnERF-WjtZPMJA==
via: 1.1 cd48ffda04934d18865e47e99ea080bc.cloudfront.net (CloudFront), 1.1 d6b180eb367f7de26d67a9f3901b96a6.cloudfront.net (CloudFront), 1.1 google
date: Wed, 07 Dec 2022 10:23:11 GMT
age: 82526
etag: "9dc35d0f6b251004bc1ddc83aea9ee71c95aedd1"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2

34.120.237.76

200 OK

8.7 kB

URL HTTP/2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F9519925e-95b7-4e66-b317-84c1708c7f84.jpeg
IP
34.120.237.76:0
ASN
#15169 GOOGLE

File type
JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Size
8.7 kB (8659 bytes)
Hash
b87d6543345f73653ed4a49b37d7c959
c4f26846b8b72293368ff16915d49297cf12bbb9
aee6aa42e4b5b83b81f74801ff8f0039fc6d38036f42ee81875813c856cf5eef

HTTP Headers

GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F9519925e-95b7-4e66-b317-84c1708c7f84.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
server: nginx
content-length: 8659
x-amzn-requestid: 6f420d07-65d5-4bb2-9f1f-e56025de497b
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: czFSYFArIAMF46w=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63911c0f-0a295e5c48228d5806b4f107;Sampled=0
x-amzn-remapped-date: Wed, 07 Dec 2022 23:04:47 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C2
x-cache: Miss from cloudfront
x-amz-cf-id: TSh1BNzzIPhWCfYEiqvQJckSPAyhHobe-HK6msEVeEJ1ruX-_rMSSA==
via: 1.1 2dc111aa3ead15d061e41a423155a53a.cloudfront.net (CloudFront), 1.1 591683988172c7980c4ebb318cbf18a8.cloudfront.net (CloudFront), 1.1 google
date: Wed, 07 Dec 2022 23:33:19 GMT
age: 35118
etag: "c4f26846b8b72293368ff16915d49297cf12bbb9"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2

34.120.237.76

200 OK

8.2 kB

URL HTTP/2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F15e59c3f-fa3a-4698-96c2-2e89662ffa9f.webp
IP
34.120.237.76:0
ASN
#15169 GOOGLE

File type
JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Size
8.2 kB (8179 bytes)
Hash
311cb4353566dfb426dbc692fde93223
979910df445a5c4d3513c8c25e289800335f646d
5ecd5c12620c0b8b6bbf456cb6c016168479a735f4eb67a9a1047677b9d798fb

HTTP Headers

GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F15e59c3f-fa3a-4698-96c2-2e89662ffa9f.webp HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
server: nginx
content-length: 8179
x-amzn-requestid: 39aa4016-4f48-4d2a-b94b-05432980d66a
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: czCruHckIAMFkHg=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-639117e4-1953985a5c8d2da8239ec8e8;Sampled=0
x-amzn-remapped-date: Wed, 07 Dec 2022 22:47:00 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: qKaRX4QpQU2U8J-jk1lWjhAooObsgxfHuNXv5Bbc69IEMCXAyIESeQ==
via: 1.1 1cc6ed0d2d3dd9529ce544f9dfe61a52.cloudfront.net (CloudFront), 1.1 1a53057db389e96b4ef1bfbc925dde1c.cloudfront.net (CloudFront), 1.1 google
date: Wed, 07 Dec 2022 22:50:01 GMT
age: 37716
etag: "979910df445a5c4d3513c8c25e289800335f646d"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2

ocsp.pki.goog/gts1c3

142.250.74.131

200 OK

472 B

URL HTTP/1.1
ocsp.pki.goog/gts1c3
IP
142.250.74.131:0
ASN
#15169 GOOGLE

File type
data
Size
472 B (472 bytes)
Hash
6d7737802f93eeb14503d61c77c137bc
fa6861c298d00f879b9f16af4f05470cecfc80af
6b1b9763bcfaeb92a63ad6020651b3745e8279c634eb3505fc9fa875e772af42

HTTP Headers

POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Thu, 08 Dec 2022 09:18:37 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

script.hotjar.com/modules.bc0a4c72d88d266f15af.js

143.204.55.40

200 OK

69 kB

URL HTTP/2
script.hotjar.com/modules.bc0a4c72d88d266f15af.js
IP
143.204.55.40:0
ASN
#16509 AMAZON-02

File type
Unicode text, UTF-8 text, with very long lines (48638)
Size
69 kB (68590 bytes)
Hash
2375e31c5dc0ca09d740bee5c1486c2b
d68ad5ffd79e99af40377945f2f41db8b6f00ad0
2197593e6c85391abbb9c0cba866862dc84bad91aedbe5d90d374e413504f5cb

HTTP Headers

GET /modules.bc0a4c72d88d266f15af.js HTTP/1.1
Host: script.hotjar.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://playmaster.co.ke/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
content-type: application/javascript
content-length: 68590
date: Wed, 07 Dec 2022 14:35:06 GMT
accept-ranges: bytes
access-control-allow-origin: *
cache-control: max-age=31536000
content-encoding: br
cross-origin-resource-policy: cross-origin
etag: "2375e31c5dc0ca09d740bee5c1486c2b"
last-modified: Wed, 07 Dec 2022 14:34:24 GMT
strict-transport-security: max-age=2592000; includeSubDomains
x-content-type-options: nosniff
x-robots-tag: none
vary: Accept-Encoding
x-cache: Hit from cloudfront
via: 1.1 e49f22f18c16784c0f42291e768d1daa.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-C1
x-amz-cf-id: jeB4QXOGTl5O6d6PhIiIqy8KGEDiI8p1K4liMGQXydnCx3GrzzJB_w==
age: 67411
X-Firefox-Spdy: h2

ocsp.pki.goog/gts1c3

142.250.74.131

200 OK

471 B

URL HTTP/1.1
ocsp.pki.goog/gts1c3
IP
142.250.74.131:0
ASN
#15169 GOOGLE

File type
data
Size
471 B (471 bytes)
Hash
8129d4d0ebab3efc528f57883dfb30ba
be557eee6cd854421ec872673041867c73369fa2
ed95fb60948c81a74657e5964798a07145fe91fee47cb270006f62294a5670b1

HTTP Headers

POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Thu, 08 Dec 2022 09:18:37 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

ocsp.pki.goog/gts1c3

142.250.74.131

200 OK

472 B

URL HTTP/1.1
ocsp.pki.goog/gts1c3
IP
142.250.74.131:0
ASN
#15169 GOOGLE

File type
data
Size
472 B (472 bytes)
Hash
8274b291596906eb3779dccb82ec41cb
b2ec554df1fa55e18a4316b76ac617dc626b7598
69129be0a1c2e3d1dfc602aea4ef004ea01b3bfa6c5863bd225843472f1bb7c8

HTTP Headers

POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Thu, 08 Dec 2022 09:18:37 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

www.google.no/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j98&tid=UA-90610526-6&cid=576073206.1670491117&jid=1741654101&_u=IEBAAEAAAAAAACAAI~&z=1757912125

142.250.74.163

200 OK

42 B

URL HTTP/2
www.google.no/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j98&tid=UA-90610526-6&cid=576073206.1670491117&jid=1741654101&_u=IEBAAEAAAAAAACAAI~&z=1757912125
IP
142.250.74.163:0
ASN
#15169 GOOGLE

File type
GIF image data, version 89a, 1 x 1\012- data
Size
42 B (42 bytes)
Hash
d89746888da2d9510b64a9f031eaecd5
d5fceb6532643d0d84ffe09c40c481ecdf59e15a
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

HTTP Headers

GET /ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j98&tid=UA-90610526-6&cid=576073206.1670491117&jid=1741654101&_u=IEBAAEAAAAAAACAAI~&z=1757912125 HTTP/1.1
Host: www.google.no
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://playmaster.co.ke/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
date: Thu, 08 Dec 2022 09:18:37 GMT
pragma: no-cache
expires: Fri, 01 Jan 1990 00:00:00 GMT
cache-control: no-cache, no-store, must-revalidate
content-type: image/gif
x-content-type-options: nosniff
server: cafe
content-length: 42
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2

www.google.com/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j98&tid=UA-90610526-6&cid=576073206.1670491117&jid=1741654101&_u=IEBAAEAAAAAAACAAI~&z=1757912125

142.250.74.164

200 OK

42 B

URL HTTP/2
www.google.com/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j98&tid=UA-90610526-6&cid=576073206.1670491117&jid=1741654101&_u=IEBAAEAAAAAAACAAI~&z=1757912125
IP
142.250.74.164:0
ASN
#15169 GOOGLE

File type
GIF image data, version 89a, 1 x 1\012- data
Size
42 B (42 bytes)
Hash
d89746888da2d9510b64a9f031eaecd5
d5fceb6532643d0d84ffe09c40c481ecdf59e15a
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

HTTP Headers

GET /ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j98&tid=UA-90610526-6&cid=576073206.1670491117&jid=1741654101&_u=IEBAAEAAAAAAACAAI~&z=1757912125 HTTP/1.1
Host: www.google.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://playmaster.co.ke/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
date: Thu, 08 Dec 2022 09:18:37 GMT
pragma: no-cache
expires: Fri, 01 Jan 1990 00:00:00 GMT
cache-control: no-cache, no-store, must-revalidate
content-type: image/gif
x-content-type-options: nosniff
server: cafe
content-length: 42
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2

ocsp.pki.goog/gts1c3

142.250.74.131

200 OK

471 B

URL HTTP/1.1
ocsp.pki.goog/gts1c3
IP
142.250.74.131:0
ASN
#15169 GOOGLE

File type
data
Size
471 B (471 bytes)
Hash
8129d4d0ebab3efc528f57883dfb30ba
be557eee6cd854421ec872673041867c73369fa2
ed95fb60948c81a74657e5964798a07145fe91fee47cb270006f62294a5670b1

HTTP Headers

POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Thu, 08 Dec 2022 09:18:37 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

unphionetor.com/vbl?t=95799&bid=undefined&aid=undefined

139.45.197.236

204 No Content

0 B

URL HTTP/2
unphionetor.com/vbl?t=95799&bid=undefined&aid=undefined
IP
139.45.197.236:0
ASN
#9002 RETN Limited

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Detections

Analyzer	Verdict	Alert
quad9	Sinkholed

HTTP Headers

POST /vbl?t=95799&bid=undefined&aid=undefined HTTP/1.1
Host: unphionetor.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://playmaster.co.ke
Connection: keep-alive
Referer: https://playmaster.co.ke/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Content-Length: 0
TE: trailers

HTTP/2 204 No Content
server: nginx
date: Thu, 08 Dec 2022 09:18:37 GMT
access-control-allow-origin: https://playmaster.co.ke
access-control-allow-methods: POST, GET, OPTIONS, PUT, DELETE
access-control-allow-headers: Accept, Content-Type, Content-Length, Accept-Encoding, Authorization,X-CSRF-Token
access-control-expose-headers: Authorization
access-control-allow-credentials: true
pragma: no-cache
cache-control: no-transform, no-store, no-cache, must-revalidate, max-age=0
expires: Tue, 11 Jan 1994 10:00:00 GMT
x-trace-id: f97f47ed516c0d6ef4a64ab193bdaecb
strict-transport-security: max-age=1
x-content-type-options: nosniff
timing-allow-origin: *, *
X-Firefox-Spdy: h2

embed.tawk.to/_s/v4/app/637ddf31c8f/js/twk-app.js

104.22.24.131

200 OK

589 B

URL HTTP/2
embed.tawk.to/_s/v4/app/637ddf31c8f/js/twk-app.js
IP
104.22.24.131:0
ASN
#13335 CLOUDFLARENET

File type
ASCII text, with no line terminators
Size
589 B (589 bytes)
Hash
c05a2b096b273d22b7b45495534cf014
e552fc3160e7398e67f0235a8ad558ed2feb343c
2f4548f23fd45e98d4b5d4957724ab018584120e6f5196750d56898ea60dc3f5

HTTP Headers

GET /_s/v4/app/637ddf31c8f/js/twk-app.js HTTP/1.1
Host: embed.tawk.to
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://playmaster.co.ke
Connection: keep-alive
Referer: https://playmaster.co.ke/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers

HTTP/2 200 OK
date: Thu, 08 Dec 2022 09:18:37 GMT
content-type: application/javascript
age: 169871
last-modified: Wed, 23 Nov 2022 08:52:37 GMT
etag: W/"e736e189edb5d0d9d5b8e7f23dd9114a"
access-control-allow-origin: *
cache-control: public, max-age=2592000, immutable
x-cache-status: HIT
strict-transport-security: max-age=0; includeSubDomains; preload
cf-cache-status: HIT
vary: Accept-Encoding
x-content-type-options: nosniff
server: cloudflare
cf-ray: 77646a2e2a8cb4e8-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2

embed.tawk.to/_s/v4/app/637ddf31c8f/js/twk-chunk-2d0b9454.js

104.22.24.131

200 OK

59 kB

URL HTTP/2
embed.tawk.to/_s/v4/app/637ddf31c8f/js/twk-chunk-2d0b9454.js
IP
104.22.24.131:0
ASN
#13335 CLOUDFLARENET

File type
ASCII text, with very long lines (546), with no line terminators
Size
59 kB (59146 bytes)
Hash
d75ee792105147fc8431d4869274d3be
dc73970e49baf8e021bfb2a749a70b7b6ab667dc
48db05ac64333f0ff85dabf3710a81f05acee0f6568df5af3c41aefe5e1ceec1

HTTP Headers

GET /_s/v4/app/637ddf31c8f/js/twk-chunk-2d0b9454.js HTTP/1.1
Host: embed.tawk.to
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://playmaster.co.ke/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers

HTTP/2 200 OK
date: Thu, 08 Dec 2022 09:18:38 GMT
content-type: application/javascript
last-modified: Wed, 23 Nov 2022 08:52:37 GMT
etag: W/"09c3819d373bd4178a620d721429fada"
age: 1297251
access-control-allow-origin: *
cache-control: public, max-age=2592000, immutable
x-cache-status: HIT
strict-transport-security: max-age=0; includeSubDomains; preload
cf-cache-status: HIT
vary: Accept-Encoding
x-content-type-options: nosniff
server: cloudflare
cf-ray: 77646a351aabb4e8-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2

ocsp.globalsign.com/ca/gsatlasr3dvtlsca2022q1

104.18.21.226

200 OK

1.5 kB

URL HTTP/1.1
ocsp.globalsign.com/ca/gsatlasr3dvtlsca2022q1
IP
104.18.21.226:0
ASN
#13335 CLOUDFLARENET

File type
data
Size
1.5 kB (1462 bytes)
Hash
1d8d2169d8e6311b0274f329464321ff
ca4b88218bb90f32b0f79b3794217bba17eb60d6
e010be6ef0737984c769977f2e1d06afbee7b9ba54a800095e8dc41200b5c0b7

HTTP Headers

POST /ca/gsatlasr3dvtlsca2022q1 HTTP/1.1
Host: ocsp.globalsign.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Date: Thu, 08 Dec 2022 09:18:39 GMT
Content-Type: application/ocsp-response
Transfer-Encoding: chunked
Connection: keep-alive
Etag: "07ACC5A9F91FAE863F131D71B3A5A617715402FA"
Expires: Thu, 08 Dec 2022 20:00:00 GMT
Last-Modified: Thu, 08 Dec 2022 08:00:00 UTC
Cache-Control: s-maxage=3600, public, no-transform, must-revalidate
CF-Cache-Status: HIT
Age: 899
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 77646a362d6ab50f-OSL

unphionetor.com/vbri?t=95799&bid=undefined&aid=undefined&tp=4216

139.45.197.236

204 No Content

0 B

URL HTTP/2
unphionetor.com/vbri?t=95799&bid=undefined&aid=undefined&tp=4216
IP
139.45.197.236:0
ASN
#9002 RETN Limited

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Detections

Analyzer	Verdict	Alert
quad9	Sinkholed

HTTP Headers

POST /vbri?t=95799&bid=undefined&aid=undefined&tp=4216 HTTP/1.1
Host: unphionetor.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://playmaster.co.ke
Connection: keep-alive
Referer: https://playmaster.co.ke/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Content-Length: 0
TE: trailers

HTTP/2 204 No Content
server: nginx
date: Thu, 08 Dec 2022 09:18:39 GMT
access-control-allow-origin: https://playmaster.co.ke
access-control-allow-methods: POST, GET, OPTIONS, PUT, DELETE
access-control-allow-headers: Accept, Content-Type, Content-Length, Accept-Encoding, Authorization,X-CSRF-Token
access-control-expose-headers: Authorization
access-control-allow-credentials: true
pragma: no-cache
cache-control: no-transform, no-store, no-cache, must-revalidate, max-age=0
expires: Tue, 11 Jan 1994 10:00:00 GMT
x-trace-id: 6e2c7811b0644b261560592d893aeaaf
strict-transport-security: max-age=1
x-content-type-options: nosniff
timing-allow-origin: *, *
X-Firefox-Spdy: h2

vsb80.tawk.to/s/?k=6391abee91d77096facf7bc3&cver=0&pop=false&asver=85924&tkn=eyJhbGciOiJFUzI1NiIsInR5cCI6IkpXVCIsImtpZCI6InZpc2l0b3ItYXBwbGljYXRpb24tc2VydmVyLTIwMjEwMjIifQ.eyJwaWQiOiI1ZDFlMmU4ZDIyZDcwZTM2YzJhNDJjYTQiLCJ2aWQiOiI1ZDFlMmU4ZDIyZDcwZTM2YzJhNDJjYTQtZjVqQWdfZ1Brdk9YS2p6TVBFeEFnIiwic2lkIjoiNjM5MWFiZWU5MWQ3NzA5NmZhY2Y3YmMzIiwiaWF0IjoxNjcwNDkxMTE4LCJleHAiOjE2NzA0OTI5MTgsImp0aSI6Ijh5Z05XY1dxMDZJQnhneGl6ME8xQyJ9.N5RmLvq5Ru4UC5zTWpvSpVAPl6acTdecuwcjNNLGYe3mMr8HhCoIEIEwlVftYgbDZoWvjg2dssO5YyS-pccyEA&EIO=3&transport=websocket&__t=OJn1vhK

172.67.38.66

101 Switching Protocols

768 B

URL HTTP/1.1
vsb80.tawk.to/s/?k=6391abee91d77096facf7bc3&cver=0&pop=false&asver=85924&tkn=eyJhbGciOiJFUzI1NiIsInR5cCI6IkpXVCIsImtpZCI6InZpc2l0b3ItYXBwbGljYXRpb24tc2VydmVyLTIwMjEwMjIifQ.eyJwaWQiOiI1ZDFlMmU4ZDIyZDcwZTM2YzJhNDJjYTQiLCJ2aWQiOiI1ZDFlMmU4ZDIyZDcwZTM2YzJhNDJjYTQtZjVqQWdfZ1Brdk9YS2p6TVBFeEFnIiwic2lkIjoiNjM5MWFiZWU5MWQ3NzA5NmZhY2Y3YmMzIiwiaWF0IjoxNjcwNDkxMTE4LCJleHAiOjE2NzA0OTI5MTgsImp0aSI6Ijh5Z05XY1dxMDZJQnhneGl6ME8xQyJ9.N5RmLvq5Ru4UC5zTWpvSpVAPl6acTdecuwcjNNLGYe3mMr8HhCoIEIEwlVftYgbDZoWvjg2dssO5YyS-pccyEA&EIO=3&transport=websocket&__t=OJn1vhK
IP
172.67.38.66:0
ASN
#13335 CLOUDFLARENET

File type
data
Size
768 B (768 bytes)
Hash
86d0cc3c5b7a61743dc2e8be5ab0fecc
a36b2ad6a8d78ba57004561bbc2bef77a333d80f
0edc98754ffd66a7b89e1c2620cb7a2dfabf1bd2e63bc88f4b5e4ed43ba6858f

HTTP Headers

GET /s/?k=6391abee91d77096facf7bc3&cver=0&pop=false&asver=85924&tkn=eyJhbGciOiJFUzI1NiIsInR5cCI6IkpXVCIsImtpZCI6InZpc2l0b3ItYXBwbGljYXRpb24tc2VydmVyLTIwMjEwMjIifQ.eyJwaWQiOiI1ZDFlMmU4ZDIyZDcwZTM2YzJhNDJjYTQiLCJ2aWQiOiI1ZDFlMmU4ZDIyZDcwZTM2YzJhNDJjYTQtZjVqQWdfZ1Brdk9YS2p6TVBFeEFnIiwic2lkIjoiNjM5MWFiZWU5MWQ3NzA5NmZhY2Y3YmMzIiwiaWF0IjoxNjcwNDkxMTE4LCJleHAiOjE2NzA0OTI5MTgsImp0aSI6Ijh5Z05XY1dxMDZJQnhneGl6ME8xQyJ9.N5RmLvq5Ru4UC5zTWpvSpVAPl6acTdecuwcjNNLGYe3mMr8HhCoIEIEwlVftYgbDZoWvjg2dssO5YyS-pccyEA&EIO=3&transport=websocket&__t=OJn1vhK HTTP/1.1
Host: vsb80.tawk.to
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Sec-WebSocket-Version: 13
Origin: https://playmaster.co.ke
Sec-WebSocket-Extensions: permessage-deflate
Sec-WebSocket-Key: 521yWn6w9VTAzg4Ew+pHRA==
Connection: keep-alive, Upgrade
Sec-Fetch-Dest: websocket
Sec-Fetch-Mode: websocket
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
Upgrade: websocket

HTTP/1.1 101 Switching Protocols
Date: Thu, 08 Dec 2022 09:18:39 GMT
Connection: upgrade
upgrade: websocket
sec-websocket-accept: oVuO5NNTNxv5pO+IEwH0b5iIbDA=
sec-websocket-extensions: permessage-deflate
strict-transport-security: max-age=0; includeSubDomains; preload
CF-Cache-Status: DYNAMIC
X-Content-Type-Options: nosniff
Server: cloudflare
CF-RAY: 77646a357849b50b-OSL
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400

playmaster.co.ke/polyfills.0688af4a18ec3a51fe8c.js

188.114.97.1

200 OK

0 B

URL HTTP/2
playmaster.co.ke/polyfills.0688af4a18ec3a51fe8c.js
IP
188.114.97.1:0
ASN
#13335 CLOUDFLARENET

File type

Size
0 B (0 bytes)
Hash

HTTP Headers

GET /polyfills.0688af4a18ec3a51fe8c.js HTTP/1.1
Host: playmaster.co.ke
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://playmaster.co.ke/en/ucasino_ms/h-slots-20-super-hot-egt
Cookie: web.sid=s%3Aky_Qw-Fv_ooafgWQoo7SmBz2WKo8N-M6.OHcx%2Fbh5v8Qo21bSjMwzGk5x69cCnI7Nbh7XKtWCp%2Fg
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
date: Thu, 08 Dec 2022 09:18:35 GMT
content-type: application/javascript
last-modified: Tue, 29 Nov 2022 12:44:08 GMT
etag: W/"6385fe98-f6ff"
expires: Sat, 07 Jan 2023 09:15:36 GMT
cache-control: max-age=2592000
x-frame-options: SAMEORIGIN
cf-cache-status: HIT
age: 179
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=wk3p9Pw9r0pZRBYN4y25oWTWwX30rHF4XOpOoSiUmeLZcsCjmKnZ1WDoCRalp6qYVBk03aPKIQWnd6BPZBxR5fotaVeR%2F0zShD6%2FsMN%2ByW4o1PtDMkvvjKfx%2BVxQIVUDoh0p"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 77646a2139ec1c12-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2

propeller-tracking.com/fv.js?t=95799

139.45.197.240

200 OK

0 B

URL HTTP/2
propeller-tracking.com/fv.js?t=95799
IP
139.45.197.240:0
ASN
#9002 RETN Limited

File type

Size
0 B (0 bytes)
Hash

HTTP Headers

GET /fv.js?t=95799 HTTP/1.1
Host: propeller-tracking.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://playmaster.co.ke/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
server: nginx
date: Thu, 08 Dec 2022 09:18:36 GMT
content-type: text/javascript; charset=utf8
access-control-allow-origin: 
access-control-allow-methods: POST, GET, OPTIONS, PUT, DELETE
access-control-allow-headers: Accept, Content-Type, Content-Length, Accept-Encoding, Authorization,X-CSRF-Token
access-control-expose-headers: Authorization
access-control-allow-credentials: true
pragma: no-cache
cache-control: no-transform, no-store, no-cache, must-revalidate, max-age=0
expires: Tue, 11 Jan 1994 10:00:00 GMT
x-trace-id: f81a8133222ce17350d4857811d8135a
strict-transport-security: max-age=1
x-content-type-options: nosniff
timing-allow-origin: *, *
content-encoding: gzip
X-Firefox-Spdy: h2

va.tawk.to/v1/session/start

104.22.24.131

200 OK

0 B

URL HTTP/2
va.tawk.to/v1/session/start
IP
104.22.24.131:0
ASN
#13335 CLOUDFLARENET

File type

Size
0 B (0 bytes)
Hash

HTTP Headers

OPTIONS /v1/session/start HTTP/1.1
Host: va.tawk.to
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Access-Control-Request-Method: POST
Access-Control-Request-Headers: content-type
Referer: https://playmaster.co.ke/
Origin: https://playmaster.co.ke
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers

HTTP/2 200 OK
date: Thu, 08 Dec 2022 09:18:38 GMT
x-served-by: visitor-application-preemptive-lsrc
access-control-allow-origin: https://playmaster.co.ke
access-control-allow-credentials: true
access-control-allow-methods: POST,OPTIONS
access-control-allow-headers: content-type,x-tawk-token
strict-transport-security: max-age=0; includeSubDomains; preload
cf-cache-status: DYNAMIC
x-content-type-options: nosniff
server: cloudflare
cf-ray: 77646a2f2baab4e8-OSL
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2

use.fontawesome.com/releases/v5.1.0/css/all.css

172.64.133.15

200 OK

0 B

URL HTTP/2
use.fontawesome.com/releases/v5.1.0/css/all.css
IP
172.64.133.15:0
ASN
#13335 CLOUDFLARENET

File type

Size
0 B (0 bytes)
Hash

HTTP Headers

GET /releases/v5.1.0/css/all.css HTTP/1.1
Host: use.fontawesome.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://playmaster.co.ke
Connection: keep-alive
Referer: https://playmaster.co.ke/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
date: Thu, 08 Dec 2022 09:18:35 GMT
content-type: text/css
x-amz-id-2: vtvevf/PBpsHbkVLzBuiGQCO06OKBfk7yxWMr6m5TAoQT80zHpvonoUFhISXelLQ6Hw0Px5QDmY=
x-amz-request-id: NCXKHGNT0HV3W2ZK
access-control-allow-origin: *
access-control-allow-methods: GET
access-control-max-age: 3000
vary: Origin, Access-Control-Request-Headers, Access-Control-Request-Method, Accept-Encoding
last-modified: Wed, 30 Jun 2021 15:30:31 GMT
etag: W/"826c57385f3d35cfed5478ba7b1f5c03"
cache-control: max-age=31556926
cf-cache-status: HIT
age: 1989859
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=TSe2D2wXWzUfMXisJr6v5X8%2FJvLGAyXOfgAx3IY%2B6QZ9HMYkQQIopkfojiTV0%2BcqoVltWj7Y19YeNu%2BM%2BBRKbLy3d4Q0j84huJAD%2FlL5nBeawE8iWKViWnoqdq2qucxiJyh1Nfpu"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 77646a225d6f8e27-LHR
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2

embed.tawk.to/_s/v4/app/637ddf31c8f/js/twk-vendor.js

104.22.24.131

200 OK

0 B

URL HTTP/2
embed.tawk.to/_s/v4/app/637ddf31c8f/js/twk-vendor.js
IP
104.22.24.131:0
ASN
#13335 CLOUDFLARENET

File type

Size
0 B (0 bytes)
Hash

HTTP Headers

GET /_s/v4/app/637ddf31c8f/js/twk-vendor.js HTTP/1.1
Host: embed.tawk.to
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://playmaster.co.ke
Connection: keep-alive
Referer: https://playmaster.co.ke/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers

HTTP/2 200 OK
date: Thu, 08 Dec 2022 09:18:37 GMT
content-type: application/javascript
last-modified: Wed, 23 Nov 2022 08:52:37 GMT
etag: W/"7dcb496e4882926f93f2e73fa87062c0"
access-control-allow-origin: *
cache-control: public, max-age=2592000, immutable
x-cache-status: HIT
strict-transport-security: max-age=0; includeSubDomains; preload
cf-cache-status: HIT
age: 180
vary: Accept-Encoding
x-content-type-options: nosniff
server: cloudflare
cf-ray: 77646a2e2a75b4e8-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2

cdn.onesignal.com/sdks/OneSignalSDK.js

104.18.226.52

200 OK

0 B

URL HTTP/2
cdn.onesignal.com/sdks/OneSignalSDK.js
IP
104.18.226.52:0
ASN
#13335 CLOUDFLARENET

File type

Size
0 B (0 bytes)
Hash

HTTP Headers

GET /sdks/OneSignalSDK.js HTTP/1.1
Host: cdn.onesignal.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://playmaster.co.ke/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
date: Thu, 08 Dec 2022 09:18:35 GMT
content-type: application/javascript
etag: W/"ae63ef8ff03da61fffaa7f165729897a"
via: 1.1 google
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
cf-cache-status: HIT
age: 570
expires: Sun, 11 Dec 2022 09:18:35 GMT
cache-control: public, max-age=259200
vary: Accept-Encoding
strict-transport-security: max-age=15552000; includeSubDomains
server: cloudflare
cf-ray: 77646a21fbc3fac0-OSL
content-encoding: br
X-Firefox-Spdy: h2

playmaster.co.ke/api/v2/multi

188.114.97.1

200 OK

0 B

URL HTTP/2
playmaster.co.ke/api/v2/multi
IP
188.114.97.1:0
ASN
#13335 CLOUDFLARENET

File type

Size
0 B (0 bytes)
Hash

HTTP Headers

POST /api/v2/multi HTTP/1.1
Host: playmaster.co.ke
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/json, text/plain, */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
authorization: 
Content-Type: application/json
Content-Length: 40
Origin: https://playmaster.co.ke
Connection: keep-alive
Referer: https://playmaster.co.ke/en/ucasino_ms/h-slots-20-super-hot-egt
Cookie: web.sid=s%3Aky_Qw-Fv_ooafgWQoo7SmBz2WKo8N-M6.OHcx%2Fbh5v8Qo21bSjMwzGk5x69cCnI7Nbh7XKtWCp%2Fg
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
date: Thu, 08 Dec 2022 09:18:36 GMT
content-type: application/json; charset=utf-8
x-xss-protection: 1
strict-transport-security: max-age=3600
access-control-allow-origin: http://localhost:9999
vary: Origin
access-control-allow-credentials: true
x-frame-options: SAMEORIGIN
cf-cache-status: DYNAMIC
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=UjBTx3FGcuAodBYzXPjqJalX4yo6pMeakHaWacHPgH5LNVc5s7cDCIm5BCwLtl1w81Zb6I5WBHSb%2B2LTxYXWOnMdBCPmqq8EEQAoBHqVJU7uZ9lBLJ0oAY0Gydwt%2F0k0Tx%2Ba"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 77646a26d9531c12-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2

playmaster.co.ke/files/webexIconsDesktop/image/header/label.svg

188.114.97.1

200 OK

0 B

URL HTTP/2
playmaster.co.ke/files/webexIconsDesktop/image/header/label.svg
IP
188.114.97.1:0
ASN
#13335 CLOUDFLARENET

File type

Size
0 B (0 bytes)
Hash

HTTP Headers

GET /files/webexIconsDesktop/image/header/label.svg HTTP/1.1
Host: playmaster.co.ke
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://playmaster.co.ke/styles.38a40fa341bae485618c.css
Cookie: web.sid=s%3Aky_Qw-Fv_ooafgWQoo7SmBz2WKo8N-M6.OHcx%2Fbh5v8Qo21bSjMwzGk5x69cCnI7Nbh7XKtWCp%2Fg
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
date: Thu, 08 Dec 2022 09:18:36 GMT
content-type: image/svg+xml
last-modified: Tue, 29 Nov 2022 12:38:33 GMT
etag: W/"6385fd49-122"
expires: Sat, 07 Jan 2023 09:15:36 GMT
cache-control: max-age=2592000
x-frame-options: SAMEORIGIN
cf-cache-status: HIT
age: 179
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=laNF5WXOy5dPA9GIiEYyVgiFmY4XV3%2Boh3sT1FFddCA8JPdVe3CF2ma0x7%2BvVVLpW4K5o21LBJKbdS7%2BNHDXU8pvYUJOYs%2B8gIaBhXzcJdkNR4pW63BIevaqGZhznLuorgdK"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 77646a2769fe1c12-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2

embed.tawk.to/_s/v4/app/637ddf31c8f/js/twk-chunk-696bc286.js

104.22.24.131

200 OK

0 B

URL HTTP/2
embed.tawk.to/_s/v4/app/637ddf31c8f/js/twk-chunk-696bc286.js
IP
104.22.24.131:0
ASN
#13335 CLOUDFLARENET

File type

Size
0 B (0 bytes)
Hash

HTTP Headers

GET /_s/v4/app/637ddf31c8f/js/twk-chunk-696bc286.js HTTP/1.1
Host: embed.tawk.to
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://playmaster.co.ke/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers

HTTP/2 200 OK
date: Thu, 08 Dec 2022 09:18:38 GMT
content-type: application/javascript
last-modified: Wed, 23 Nov 2022 08:52:37 GMT
etag: W/"a4ee0f7f38343d301e91591fc360d3fa"
access-control-allow-origin: *
cache-control: public, max-age=2592000, immutable
x-cache-status: HIT
strict-transport-security: max-age=0; includeSubDomains; preload
cf-cache-status: HIT
age: 1297251
vary: Accept-Encoding
x-content-type-options: nosniff
server: cloudflare
cf-ray: 77646a350a8cb4e8-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2

embed.tawk.to/_s/v4/app/637ddf31c8f/js/twk-chunk-4fe9d5dd.js

104.22.24.131

200 OK

0 B

URL HTTP/2
embed.tawk.to/_s/v4/app/637ddf31c8f/js/twk-chunk-4fe9d5dd.js
IP
104.22.24.131:0
ASN
#13335 CLOUDFLARENET

File type

Size
0 B (0 bytes)
Hash

HTTP Headers

GET /_s/v4/app/637ddf31c8f/js/twk-chunk-4fe9d5dd.js HTTP/1.1
Host: embed.tawk.to
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://playmaster.co.ke/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers

HTTP/2 200 OK
date: Thu, 08 Dec 2022 09:18:38 GMT
content-type: application/javascript
last-modified: Wed, 23 Nov 2022 08:52:37 GMT
etag: W/"5f434bdd806571a4e1b385bee9316ff6"
age: 1297251
access-control-allow-origin: *
cache-control: public, max-age=2592000, immutable
x-cache-status: HIT
strict-transport-security: max-age=0; includeSubDomains; preload
cf-cache-status: HIT
vary: Accept-Encoding
x-content-type-options: nosniff
server: cloudflare
cf-ray: 77646a350aa7b4e8-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2

embed.tawk.to/_s/v4/app/637ddf31c8f/css/message-preview.css

104.22.24.131

200 OK

0 B

URL HTTP/2
embed.tawk.to/_s/v4/app/637ddf31c8f/css/message-preview.css
IP
104.22.24.131:0
ASN
#13335 CLOUDFLARENET

File type

Size
0 B (0 bytes)
Hash

HTTP Headers

GET /_s/v4/app/637ddf31c8f/css/message-preview.css HTTP/1.1
Host: embed.tawk.to
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers

HTTP/2 200 OK
date: Thu, 08 Dec 2022 09:18:38 GMT
content-type: text/css
cache-control: public, max-age=2592000, immutable
cf-bgj: minify
cf-polished: origSize=38268
access-control-allow-origin: *
age: 1297250
etag: W/"949ecc85ac578750ec9a03e5680f7b0e"
last-modified: Wed, 23 Nov 2022 08:52:37 GMT
strict-transport-security: max-age=0; includeSubDomains; preload
x-cache-status: HIT
cf-cache-status: HIT
vary: Accept-Encoding
x-content-type-options: nosniff
server: cloudflare
cf-ray: 77646a358b4eb4e8-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2

embed.tawk.to/_s/v4/app/637ddf31c8f/js/twk-runtime.js

104.22.24.131

200 OK

0 B

URL HTTP/2
embed.tawk.to/_s/v4/app/637ddf31c8f/js/twk-runtime.js
IP
104.22.24.131:0
ASN
#13335 CLOUDFLARENET

File type

Size
0 B (0 bytes)
Hash

HTTP Headers

GET /_s/v4/app/637ddf31c8f/js/twk-runtime.js HTTP/1.1
Host: embed.tawk.to
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://playmaster.co.ke
Connection: keep-alive
Referer: https://playmaster.co.ke/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers

HTTP/2 200 OK
date: Thu, 08 Dec 2022 09:18:37 GMT
content-type: application/javascript
age: 169871
last-modified: Wed, 23 Nov 2022 08:52:37 GMT
etag: W/"9075c2f5460b2832318d3c7217cc68cb"
access-control-allow-origin: *
cache-control: public, max-age=2592000, immutable
x-cache-status: HIT
strict-transport-security: max-age=0; includeSubDomains; preload
cf-cache-status: HIT
vary: Accept-Encoding
x-content-type-options: nosniff
server: cloudflare
cf-ray: 77646a2e2a87b4e8-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2

embed.tawk.to/_s/v4/app/637ddf31c8f/js/twk-chunk-common.js

104.22.24.131

200 OK

0 B

URL HTTP/2
embed.tawk.to/_s/v4/app/637ddf31c8f/js/twk-chunk-common.js
IP
104.22.24.131:0
ASN
#13335 CLOUDFLARENET

File type

Size
0 B (0 bytes)
Hash

HTTP Headers

GET /_s/v4/app/637ddf31c8f/js/twk-chunk-common.js HTTP/1.1
Host: embed.tawk.to
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://playmaster.co.ke
Connection: keep-alive
Referer: https://playmaster.co.ke/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers

HTTP/2 200 OK
date: Thu, 08 Dec 2022 09:18:37 GMT
content-type: application/javascript
last-modified: Wed, 23 Nov 2022 08:52:37 GMT
etag: W/"bde99510bdf9ab7bbc9ce82519a19a36"
access-control-allow-origin: *
cache-control: public, max-age=2592000, immutable
x-cache-status: HIT
strict-transport-security: max-age=0; includeSubDomains; preload
cf-cache-status: HIT
age: 180
vary: Accept-Encoding
x-content-type-options: nosniff
server: cloudflare
cf-ray: 77646a2e2a80b4e8-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2

va.tawk.to/v1/widget-settings?propertyId=5d1e2e8d22d70e36c2a42ca4&widgetId=default&sv=undefined

104.22.24.131

200 OK

0 B

URL HTTP/2
va.tawk.to/v1/widget-settings?propertyId=5d1e2e8d22d70e36c2a42ca4&widgetId=default&sv=undefined
IP
104.22.24.131:0
ASN
#13335 CLOUDFLARENET

File type

Size
0 B (0 bytes)
Hash

HTTP Headers

GET /v1/widget-settings?propertyId=5d1e2e8d22d70e36c2a42ca4&widgetId=default&sv=undefined HTTP/1.1
Host: va.tawk.to
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://playmaster.co.ke/
Origin: https://playmaster.co.ke
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers

HTTP/2 200 OK
date: Thu, 08 Dec 2022 09:18:37 GMT
content-type: application/json
x-served-by: visitor-application-preemptive-2nq4
access-control-allow-origin: *
access-control-allow-methods: GET,OPTIONS
access-control-allow-headers: content-type,x-tawk-token
cache-control: public, max-age=7200, s-maxage=1800
etag: W/"2-66-1"
vary: Accept-Encoding
strict-transport-security: max-age=0; includeSubDomains; preload
cf-cache-status: HIT
age: 179
x-content-type-options: nosniff
server: cloudflare
cf-ray: 77646a2f2ba9b4e8-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2

embed.tawk.to/_s/v4/app/637ddf31c8f/js/twk-chunk-48f46bef.js

104.22.24.131

200 OK

0 B

URL HTTP/2
embed.tawk.to/_s/v4/app/637ddf31c8f/js/twk-chunk-48f46bef.js
IP
104.22.24.131:0
ASN
#13335 CLOUDFLARENET

File type

Size
0 B (0 bytes)
Hash

HTTP Headers

GET /_s/v4/app/637ddf31c8f/js/twk-chunk-48f46bef.js HTTP/1.1
Host: embed.tawk.to
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://playmaster.co.ke/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers

HTTP/2 200 OK
date: Thu, 08 Dec 2022 09:18:38 GMT
content-type: application/javascript
last-modified: Wed, 23 Nov 2022 08:52:37 GMT
etag: W/"12f6c0f6e6cec2a03629fbce091e2072"
age: 1297251
access-control-allow-origin: *
cache-control: public, max-age=2592000, immutable
x-cache-status: HIT
strict-transport-security: max-age=0; includeSubDomains; preload
cf-cache-status: HIT
vary: Accept-Encoding
x-content-type-options: nosniff
server: cloudflare
cf-ray: 77646a350aa5b4e8-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2

playmaster.co.ke/api/v2/multi

188.114.97.1

200 OK

0 B

URL HTTP/2
playmaster.co.ke/api/v2/multi
IP
188.114.97.1:0
ASN
#13335 CLOUDFLARENET

File type

Size
0 B (0 bytes)
Hash

HTTP Headers

POST /api/v2/multi HTTP/1.1
Host: playmaster.co.ke
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/json, text/plain, */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
authorization: 
Content-Type: application/json
Content-Length: 109
Origin: https://playmaster.co.ke
Connection: keep-alive
Referer: https://playmaster.co.ke/en/auth/signin
Cookie: web.sid=s%3Aky_Qw-Fv_ooafgWQoo7SmBz2WKo8N-M6.OHcx%2Fbh5v8Qo21bSjMwzGk5x69cCnI7Nbh7XKtWCp%2Fg
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
date: Thu, 08 Dec 2022 09:18:37 GMT
content-type: application/json; charset=utf-8
x-xss-protection: 1
strict-transport-security: max-age=3600
access-control-allow-origin: http://localhost:9999
vary: Origin
access-control-allow-credentials: true
x-frame-options: SAMEORIGIN
cf-cache-status: DYNAMIC
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=wVrCi%2Fb8O08MZ%2FaSr1QvepyvUw7sY6eWgqbgWjCOoMe%2FNKt8dXe%2BUgjmGQosh3c3pIw7Z6KWJ4RxXyQpQVUIob0Oiv3bB7wNGPeSYCFkI%2F25gT2cHDC0LW4GGSebja4%2FqkgL"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 77646a297bfd1c12-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2

embed.tawk.to/_s/v4/app/637ddf31c8f/js/twk-chunk-f163fcd0.js

104.22.24.131

200 OK

0 B

URL HTTP/2
embed.tawk.to/_s/v4/app/637ddf31c8f/js/twk-chunk-f163fcd0.js
IP
104.22.24.131:0
ASN
#13335 CLOUDFLARENET

File type

Size
0 B (0 bytes)
Hash

HTTP Headers

GET /_s/v4/app/637ddf31c8f/js/twk-chunk-f163fcd0.js HTTP/1.1
Host: embed.tawk.to
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://playmaster.co.ke/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers

HTTP/2 200 OK
date: Thu, 08 Dec 2022 09:18:38 GMT
content-type: application/javascript
last-modified: Wed, 23 Nov 2022 08:52:37 GMT
etag: W/"a92075fd9ac5ba130387a80453676099"
age: 1297251
access-control-allow-origin: *
cache-control: public, max-age=2592000, immutable
x-cache-status: HIT
strict-transport-security: max-age=0; includeSubDomains; preload
cf-cache-status: HIT
vary: Accept-Encoding
x-content-type-options: nosniff
server: cloudflare
cf-ray: 77646a351aadb4e8-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2

in.hotjar.com/api/v2/client/sites/1404705/visit-data?sv=6

34.254.47.228

200 OK

0 B

URL HTTP/2
in.hotjar.com/api/v2/client/sites/1404705/visit-data?sv=6
IP
34.254.47.228:0
ASN
#16509 AMAZON-02

File type

Size
0 B (0 bytes)
Hash

HTTP Headers

POST /api/v2/client/sites/1404705/visit-data?sv=6 HTTP/1.1
Host: in.hotjar.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: text/plain; charset=UTF-8
Content-Length: 136
Origin: https://playmaster.co.ke
Connection: keep-alive
Referer: https://playmaster.co.ke/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
date: Thu, 08 Dec 2022 09:18:38 GMT
content-type: application/json
vary: Accept-Encoding
cache-control: no-cache, no-store
access-control-allow-origin: *
access-control-allow-credentials: true
access-control-max-age: 86400
content-encoding: br
X-Firefox-Spdy: h2

playmaster.co.ke/en/ucasino_ms/h-slots-20-super-hot-egt

188.114.97.1

200 OK

0 B

URL HTTP/2
playmaster.co.ke/en/ucasino_ms/h-slots-20-super-hot-egt
IP
188.114.97.1:0
ASN
#13335 CLOUDFLARENET

File type

Size
0 B (0 bytes)
Hash

HTTP Headers

GET /en/ucasino_ms/h-slots-20-super-hot-egt HTTP/1.1
Host: playmaster.co.ke
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: none
Sec-Fetch-User: ?1

HTTP/2 200 OK
date: Thu, 08 Dec 2022 09:18:35 GMT
content-type: text/html; charset=utf-8
vary: Accept-Encoding, Origin
x-xss-protection: 1
strict-transport-security: max-age=3600
access-control-allow-origin: http://localhost:9999
access-control-allow-credentials: true
set-cookie: web.sid=s%3Aky_Qw-Fv_ooafgWQoo7SmBz2WKo8N-M6.OHcx%2Fbh5v8Qo21bSjMwzGk5x69cCnI7Nbh7XKtWCp%2Fg; Path=/; HttpOnly
x-frame-options: SAMEORIGIN
cf-cache-status: DYNAMIC
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Bn7aVuFKuT13ccUlAzGo4QpC3pYDPxBLHr8omc2pnNi0u771jOBGfYNibArrUKOw%2B9KajQFqsJ8tC8DPJ56hpnWPvVUluPf5AhRQA6y1XWhhzk%2F2V3tsuVWI6tXhE9Yltd8M"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 77646a1fd8b41c12-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2

tvbetframe23.com/assets/frame.js

185.131.66.202

200 OK

0 B

URL HTTP/2
tvbetframe23.com/assets/frame.js
IP
185.131.66.202:0
ASN
#56630 Melbikomas UAB

File type

Size
0 B (0 bytes)
Hash

HTTP Headers

GET /assets/frame.js HTTP/1.1
Host: tvbetframe23.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://playmaster.co.ke/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
server: nginx
date: Thu, 08 Dec 2022 09:18:35 GMT
content-type: application/javascript; charset=utf-8
last-modified: Tue, 08 Nov 2022 06:21:07 GMT
vary: Accept-Encoding
etag: W/"6369f553-219e"
content-encoding: br
strict-transport-security: max-age=63072000; includeSubDomains; preload
X-Firefox-Spdy: h2

maxcdn.bootstrapcdn.com/bootstrap/4.0.0/css/bootstrap.min.css

188.114.98.234

200 OK

0 B

URL HTTP/2
maxcdn.bootstrapcdn.com/bootstrap/4.0.0/css/bootstrap.min.css
IP
188.114.98.234:0
ASN
#0

File type

Size
0 B (0 bytes)
Hash

HTTP Headers

GET /bootstrap/4.0.0/css/bootstrap.min.css HTTP/1.1
Host: maxcdn.bootstrapcdn.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://playmaster.co.ke
Connection: keep-alive
Referer: https://playmaster.co.ke/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
date: Thu, 08 Dec 2022 09:18:35 GMT
content-type: text/css; charset=utf-8
vary: Accept-Encoding
cdn-pullzone: 252412
cdn-uid: b1941f61-b576-4f40-80de-5677acb38f74
cdn-requestcountrycode: DE
access-control-allow-origin: *
cache-control: public, max-age=31919000
etag: W/"450fc463b8b1a349df717056fbb3e078"
last-modified: Mon, 25 Jan 2021 22:04:04 GMT
cdn-cachedat: 11/18/2022 06:18:38
cdn-proxyver: 1.03
cdn-requestpullcode: 200
cdn-requestpullsuccess: True
cdn-edgestorageid: 752
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
x-content-type-options: nosniff
cdn-status: 200
cdn-requestid: 8984c737bc468d30a24fc07c8315353e
cdn-cache: HIT
cf-cache-status: HIT
age: 169871
strict-transport-security: max-age=31536000; includeSubDomains; preload
server: cloudflare
cf-ray: 77646a221877b4f9-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2

playmaster.co.ke/files/webexIconsDesktop/image/header/fire-01.svg

188.114.97.1

200 OK

0 B

URL HTTP/2
playmaster.co.ke/files/webexIconsDesktop/image/header/fire-01.svg
IP
188.114.97.1:0
ASN
#13335 CLOUDFLARENET

File type

Size
0 B (0 bytes)
Hash

HTTP Headers

GET /files/webexIconsDesktop/image/header/fire-01.svg HTTP/1.1
Host: playmaster.co.ke
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://playmaster.co.ke/styles.38a40fa341bae485618c.css
Cookie: web.sid=s%3Aky_Qw-Fv_ooafgWQoo7SmBz2WKo8N-M6.OHcx%2Fbh5v8Qo21bSjMwzGk5x69cCnI7Nbh7XKtWCp%2Fg
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
date: Thu, 08 Dec 2022 09:18:36 GMT
content-type: image/svg+xml
last-modified: Tue, 29 Nov 2022 12:38:33 GMT
etag: W/"6385fd49-547"
expires: Sat, 07 Jan 2023 09:15:36 GMT
cache-control: max-age=2592000
x-frame-options: SAMEORIGIN
cf-cache-status: HIT
age: 179
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=w0D8sGsfhqgTYjcpSZ4lUf2OPxH3WOuYLdHkIqeiCa0IcGrUSLhWFpq2BfDyUNjs%2FV706ed8GbHKNulBlx9nk4SbaXHJivx4BmfHxE0cgvyOJxoVGNK5JYkPnngt%2B9216wZT"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 77646a277a061c12-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2

playmaster.co.ke/files/faviconsKenia/favicon.ico

188.114.97.1

200 OK

0 B

URL HTTP/2
playmaster.co.ke/files/faviconsKenia/favicon.ico
IP
188.114.97.1:0
ASN
#13335 CLOUDFLARENET

File type

Size
0 B (0 bytes)
Hash

HTTP Headers

GET /files/faviconsKenia/favicon.ico HTTP/1.1
Host: playmaster.co.ke
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://playmaster.co.ke/en/ucasino_ms/h-slots-20-super-hot-egt
Cookie: web.sid=s%3Aky_Qw-Fv_ooafgWQoo7SmBz2WKo8N-M6.OHcx%2Fbh5v8Qo21bSjMwzGk5x69cCnI7Nbh7XKtWCp%2Fg
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
date: Thu, 08 Dec 2022 09:18:37 GMT
content-type: image/x-icon
last-modified: Tue, 29 Nov 2022 12:38:32 GMT
etag: W/"6385fd48-278"
expires: Thu, 05 Jan 2023 10:07:26 GMT
cache-control: max-age=2592000
x-frame-options: SAMEORIGIN
cf-cache-status: HIT
age: 169871
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=fhENdioRYdNxnaLAAQAV%2FeqRt%2BhYoma6y1nRtH7%2FPi8FA5%2BWHXlVQf6F1jfpqUstMGRJUNwQJT7Lv6d%2BYPcKFqTduNERHBSpblDvyHIWObntZMNAALeFhUIZPGwJfhoFE2PV"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 77646a2a9cea1c12-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2

embed.tawk.to/_s/v4/app/637ddf31c8f/js/twk-main.js

104.22.24.131

200 OK

0 B

URL HTTP/2
embed.tawk.to/_s/v4/app/637ddf31c8f/js/twk-main.js
IP
104.22.24.131:0
ASN
#13335 CLOUDFLARENET

File type

Size
0 B (0 bytes)
Hash

HTTP Headers

GET /_s/v4/app/637ddf31c8f/js/twk-main.js HTTP/1.1
Host: embed.tawk.to
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://playmaster.co.ke
Connection: keep-alive
Referer: https://playmaster.co.ke/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers

HTTP/2 200 OK
date: Thu, 08 Dec 2022 09:18:37 GMT
content-type: application/javascript
age: 169871
last-modified: Wed, 23 Nov 2022 08:52:37 GMT
etag: W/"da5bb1dc647470204df0e49f5afac2de"
access-control-allow-origin: *
cache-control: public, max-age=2592000, immutable
x-cache-status: HIT
strict-transport-security: max-age=0; includeSubDomains; preload
cf-cache-status: HIT
vary: Accept-Encoding
x-content-type-options: nosniff
server: cloudflare
cf-ray: 77646a2e1a67b4e8-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2

embed.tawk.to/_s/v4/app/637ddf31c8f/js/twk-chunk-2c78ba82.js

104.22.24.131

200 OK

0 B

URL HTTP/2
embed.tawk.to/_s/v4/app/637ddf31c8f/js/twk-chunk-2c78ba82.js
IP
104.22.24.131:0
ASN
#13335 CLOUDFLARENET

File type

Size
0 B (0 bytes)
Hash

HTTP Headers

GET /_s/v4/app/637ddf31c8f/js/twk-chunk-2c78ba82.js HTTP/1.1
Host: embed.tawk.to
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://playmaster.co.ke/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers

HTTP/2 200 OK
date: Thu, 08 Dec 2022 09:18:38 GMT
content-type: application/javascript
last-modified: Wed, 23 Nov 2022 08:52:37 GMT
etag: W/"fac25ff2d2c405e1ac7e156dca1f819c"
age: 1297251
access-control-allow-origin: *
cache-control: public, max-age=2592000, immutable
x-cache-status: HIT
strict-transport-security: max-age=0; includeSubDomains; preload
cf-cache-status: HIT
vary: Accept-Encoding
x-content-type-options: nosniff
server: cloudflare
cf-ray: 77646a350a85b4e8-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2

embed.tawk.to/_s/v4/app/637ddf31c8f/js/twk-chunk-vendors.js

104.22.24.131

200 OK

0 B

URL HTTP/2
embed.tawk.to/_s/v4/app/637ddf31c8f/js/twk-chunk-vendors.js
IP
104.22.24.131:0
ASN
#13335 CLOUDFLARENET

File type

Size
0 B (0 bytes)
Hash

HTTP Headers

GET /_s/v4/app/637ddf31c8f/js/twk-chunk-vendors.js HTTP/1.1
Host: embed.tawk.to
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://playmaster.co.ke
Connection: keep-alive
Referer: https://playmaster.co.ke/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers

HTTP/2 200 OK
date: Thu, 08 Dec 2022 09:18:37 GMT
content-type: application/javascript
last-modified: Wed, 23 Nov 2022 08:52:37 GMT
etag: W/"70dac54eca3bb2143032bc4db3237623"
access-control-allow-origin: *
cache-control: public, max-age=2592000, immutable
x-cache-status: HIT
strict-transport-security: max-age=0; includeSubDomains; preload
cf-cache-status: HIT
age: 180
vary: Accept-Encoding
x-content-type-options: nosniff
server: cloudflare
cf-ray: 77646a2e2a7ab4e8-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2

embed.tawk.to/_s/v4/app/637ddf31c8f/languages/en.js

104.22.24.131

200 OK

0 B

URL HTTP/2
embed.tawk.to/_s/v4/app/637ddf31c8f/languages/en.js
IP
104.22.24.131:0
ASN
#13335 CLOUDFLARENET

File type

Size
0 B (0 bytes)
Hash

HTTP Headers

GET /_s/v4/app/637ddf31c8f/languages/en.js HTTP/1.1
Host: embed.tawk.to
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://playmaster.co.ke/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers

HTTP/2 200 OK
date: Thu, 08 Dec 2022 09:18:37 GMT
content-type: application/javascript
last-modified: Wed, 23 Nov 2022 08:52:37 GMT
etag: W/"585ba00b2c167b90c210161454f843b5"
age: 1297250
access-control-allow-origin: *
cache-control: public, max-age=2592000, immutable
x-cache-status: HIT
strict-transport-security: max-age=0; includeSubDomains; preload
cf-cache-status: HIT
vary: Accept-Encoding
x-content-type-options: nosniff
server: cloudflare
cf-ray: 77646a2f5bd9b4e8-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2

embed.tawk.to/_s/v4/app/637ddf31c8f/js/twk-chunk-32507910.js

104.22.24.131

200 OK

0 B

URL HTTP/2
embed.tawk.to/_s/v4/app/637ddf31c8f/js/twk-chunk-32507910.js
IP
104.22.24.131:0
ASN
#13335 CLOUDFLARENET

File type

Size
0 B (0 bytes)
Hash

HTTP Headers

GET /_s/v4/app/637ddf31c8f/js/twk-chunk-32507910.js HTTP/1.1
Host: embed.tawk.to
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://playmaster.co.ke/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers

HTTP/2 200 OK
date: Thu, 08 Dec 2022 09:18:38 GMT
content-type: application/javascript
last-modified: Wed, 23 Nov 2022 08:52:37 GMT
etag: W/"af764270cff49e4f88710a5824f1af0a"
age: 1297250
access-control-allow-origin: *
cache-control: public, max-age=2592000, immutable
x-cache-status: HIT
strict-transport-security: max-age=0; includeSubDomains; preload
cf-cache-status: HIT
vary: Accept-Encoding
x-content-type-options: nosniff
server: cloudflare
cf-ray: 77646a351ab3b4e8-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2

Report Overview

Submitted URL

IP

ASN

Submitted

Access

Website Title

Final URL

Tags

urlquery detections

Detections

urlquery

Network Intrusion Detection

Threat Detection Systems

Domain Summary

Related reports

Network Intrusion Detection Systems

Suricata /w Emerging Threats Pro

Threat Detection Systems

OpenPhish

PhishTank

Fortinet's Web Filter

mnemonic secure dns

Quad9 DNS

JavaScript (35)

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP