urlscan.io logo urlscan.io
SecurityTrails logo

www.pctclk.com Open in urlscan Pro
31.204.152.192  Public Scan

Go To Rescan Add Verdict Report
Submitted URL: https://vstera.tech/rounder/rounderws2.php
Effective URL: https://www.pctclk.com/slottyvegas/nl/sindex.php?site=pct31-185071
Submission: On January 02 via manual from RO
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 6 IPs in 4 countries across 7 domains to perform 25 HTTP transactions. The main IP is 31.204.152.192, located in Netherlands and belongs to I3DNET, NL. The main domain is www.pctclk.com.
TLS certificate: Issued by cPanel, Inc. Certification Authority on November 6th 2019. Valid for: 3 months.
This is the only time www.pctclk.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
1 1 2606:4700:30:... 13335 (CLOUDFLAR...)
1 1 2606:4700:20:... 13335 (CLOUDFLAR...)
1 2 34.205.243.28 14618 (AMAZON-AES)
19 31.204.152.192 49544 (I3DNET)
2 2a00:1450:400... 15169 (GOOGLE)
1 1 146.177.40.248 15395 (RACKSPACE...)
1 2606:4700:20:... 13335 (CLOUDFLAR...)
1 2a00:1450:400... 15169 (GOOGLE)
1 2a00:1450:400... 15169 (GOOGLE)
25 6
1    2606:4700:30::681f:5ed6 (United States)

ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US)
vstera.tech
1    2606:4700:20::681a:2bc (United States)

ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US)
popcash.net
2    34.205.243.28 (Ashburn, United States)

ASN14618 (AMAZON-AES - Amazon.com, Inc., US)
PTR: ec2-34-205-243-28.compute-1.amazonaws.com
ps.popcash.net
19    31.204.152.192 (Netherlands)

ASN49544 (I3DNET, NL)
PTR: hosted-by.welltodocentury.com
www.pctclk.com
2    2a00:1450:4001:809::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE - Google LLC, US)
fonts.googleapis.com
1    146.177.40.248 (United Kingdom)

ASN15395 (RACKSPACE-LON, GB)
ads.slottyvegas.com
1    2606:4700:20::681a:37c (United States)

ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US)
slottyvegas.com
1    2a00:1450:4001:808::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE - Google LLC, US)
www.youtube.com
1    2a00:1450:4001:800::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE - Google LLC, US)
s.ytimg.com
Domain Requested by
19 www.pctclk.com ps.popcash.net
www.pctclk.com
2 fonts.googleapis.com www.pctclk.com
2 ps.popcash.net 1 redirects
1 s.ytimg.com www.youtube.com
1 www.youtube.com www.pctclk.com
1 slottyvegas.com www.pctclk.com
1 ads.slottyvegas.com 1 redirects
1 popcash.net 1 redirects
1 vstera.tech 1 redirects
25 9

This site contains no links.

Subject Issuer Validity Valid
pctclk.com
cPanel, Inc. Certification Authority		 2019-11-06 -
2020-02-04		 3 months crt.sh
*.storage.googleapis.com
GTS CA 1O1		 2019-12-03 -
2020-02-25		 3 months crt.sh
sni.cloudflaressl.com
CloudFlare Inc ECC CA-2		 2019-11-15 -
2020-10-09		 a year crt.sh
*.google.com
GTS CA 1O1		 2019-12-03 -
2020-02-25		 3 months crt.sh

This page contains 2 frames:

Primary Page: https://www.pctclk.com/slottyvegas/nl/sindex.php?site=pct31-185071
Frame ID: F3E756D51AF337CFFF0886BD52E96DC1
Requests: 24 HTTP requests in this frame

Frame: https://slottyvegas.com/en/game-demo/book-of-dead?utm_source=1&btag=656930_A254784A394B4D7287086C02468C38F8&sref=PCT&PCT=NL-pct31-185071
Frame ID: CFD3B7AEB3ADCE214920250C81B1AA5C
Requests: 1 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page URL History Show full URLs

  1. https://vstera.tech/rounder/rounderws2.php HTTP 302
    http://popcash.net/world/go/46973/185071 HTTP 301
    http://ps.popcash.net/go/46973/185071 Page URL
  2. http://ps.popcash.net/ad/ad?p=46973&w=185071&t=cb34aad5a2fd074f&r=&vw=1600&vh=1200 HTTP 303
    https://www.pctclk.com/slottyvegas/nl/sindex.php?site=pct31-185071 Page URL

Detected technologies

Overall confidence: 100%
Detected patterns
  • url /\.php(?:$|\?)/i
Overall confidence: 100%
Detected patterns
  • html /<link[^>]+?href="[^"]*bootstrap(?:\.min)?\.css/i
  • script /(?:\/([\d.]+))?(?:\/js)?\/bootstrap(?:\.min)?\.js/i
Overall confidence: 100%
Detected patterns
  • headers server /nginx(?:\/([\d.]+))?/i
Overall confidence: 100%
Detected patterns
  • html /<link[^>]* href=[^>]+(?:([\d.]+)\/)?(?:css\/)?font-awesome(?:\.min)?\.css/i
Overall confidence: 100%
Detected patterns
  • html /<link[^>]* href=[^>]+fonts\.(?:googleapis|google)\.com/i
Overall confidence: 100%
Detected patterns
  • script /jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?/i

Page Statistics

25
Requests

96 %
HTTPS

67 %
IPv6

7
Domains

9
Subdomains

6
IPs

4
Countries

934 kB
Transfer

1318 kB
Size

10
Cookies

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

  1. https://vstera.tech/rounder/rounderws2.php HTTP 302
    http://popcash.net/world/go/46973/185071 HTTP 301
    http://ps.popcash.net/go/46973/185071 Page URL
  2. http://ps.popcash.net/ad/ad?p=46973&w=185071&t=cb34aad5a2fd074f&r=&vw=1600&vh=1200 HTTP 303
    https://www.pctclk.com/slottyvegas/nl/sindex.php?site=pct31-185071 Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 0
  • https://vstera.tech/rounder/rounderws2.php HTTP 302
  • http://popcash.net/world/go/46973/185071 HTTP 301
  • http://ps.popcash.net/go/46973/185071
Request Chain 18
  • https://ads.slottyvegas.com/redirect.aspx?pid=76090&bid=3299&sref=PCT&PCT=NL-pct31-185071 HTTP 301
  • https://slottyvegas.com/en/game-demo/book-of-dead?utm_source=1&btag=656930_A254784A394B4D7287086C02468C38F8&sref=PCT&PCT=NL-pct31-185071

25 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
185071
ps.popcash.net/go/46973/
Redirect Chain
  • https://vstera.tech/rounder/rounderws2.php
  • http://popcash.net/world/go/46973/185071
  • http://ps.popcash.net/go/46973/185071
425 B
477 B 		Document
General
Check archive.org
Download Go to
Full URL
http://ps.popcash.net/go/46973/185071
Protocol
HTTP/1.1
Server
34.205.243.28 Ashburn, United States, ASN14618 (AMAZON-AES - Amazon.com, Inc., US),
Reverse DNS
ec2-34-205-243-28.compute-1.amazonaws.com
Software
nginx /
Resource Hash
cf45df98271e7a9f5b1a4645c8e472a2c8c9de549d58ce2f3d59c140fe8795e9

Request headers

Host
ps.popcash.net
Connection
keep-alive
Pragma
no-cache
Cache-Control
no-cache
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3
Accept-Encoding
gzip, deflate
Cookie
__cfduid=dec21d08ee84a327903ab3e69bba9adf31577967354
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-User
?1
referer
https://wstream.video/videofryugmhws/rzulw36hqevq

Response headers

Date
Thu, 02 Jan 2020 12:15:55 GMT
Content-Type
text/html
Transfer-Encoding
chunked
Connection
keep-alive
Server
nginx
Vary
Accept-Encoding
Content-Encoding
gzip

Redirect headers

Date
Thu, 02 Jan 2020 12:15:54 GMT
Content-Type
text/html
Content-Length
162
Connection
keep-alive
Set-Cookie
__cfduid=dec21d08ee84a327903ab3e69bba9adf31577967354; expires=Sat, 01-Feb-20 12:15:54 GMT; path=/; domain=.popcash.net; HttpOnly; SameSite=Lax
Location
http://ps.popcash.net/go/46973/185071
CF-Cache-Status
DYNAMIC
Server
cloudflare
CF-RAY
54eca93e5cef96a4-FRA
Primary Request sindex.php
www.pctclk.com/slottyvegas/nl/
Redirect Chain
  • http://ps.popcash.net/ad/ad?p=46973&w=185071&t=cb34aad5a2fd074f&r=&vw=1600&vh=1200
  • https://www.pctclk.com/slottyvegas/nl/sindex.php?site=pct31-185071
5 KB
3 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://www.pctclk.com/slottyvegas/nl/sindex.php?site=pct31-185071
Requested by
Host: ps.popcash.net
URL: http://ps.popcash.net/go/46973/185071
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
31.204.152.192 , Netherlands, ASN49544 (I3DNET, NL),
Reverse DNS
hosted-by.welltodocentury.com
Software
nginx / PHP/5.6.30
Resource Hash
83bd2ddf106288a4635966e85fbd7f9eb819c4dce635ef38c439bf178989eaa5
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Host
www.pctclk.com
Connection
keep-alive
Pragma
no-cache
Cache-Control
no-cache
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3
Sec-Fetch-Site
cross-site
Sec-Fetch-Mode
navigate
Referer
http://ps.popcash.net/go/46973/185071
Accept-Encoding
gzip, deflate, br
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
referer
https://wstream.video/videofryugmhws/rzulw36hqevq
Referer
http://ps.popcash.net/go/46973/185071

Response headers

Server
nginx
Date
Thu, 02 Jan 2020 12:15:55 GMT
Content-Type
text/html; charset=UTF-8
Transfer-Encoding
chunked
Connection
keep-alive
Vary
Accept-Encoding
X-Powered-By
PHP/5.6.30
X-XSS-Protection
1; mode=block
X-Content-Type-Options
nosniff
X-Nginx-Cache-Status
MISS
X-Server-Powered-By
Engintron
Content-Encoding
gzip

Redirect headers

Date
Thu, 02 Jan 2020 12:15:55 GMT
Content-Type
text/html; charset=utf-8
Content-Length
93
Connection
keep-alive
Server
nginx
Location
https://www.pctclk.com/slottyvegas/nl/sindex.php?site=pct31-185071
css
fonts.googleapis.com/ 		12 KB
803 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://fonts.googleapis.com/css?family=Open+Sans:300,400,600,700,800
Requested by
Host: www.pctclk.com
URL: https://www.pctclk.com/slottyvegas/nl/sindex.php?site=pct31-185071
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:809::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE - Google LLC, US),
Reverse DNS
Software
ESF /
Resource Hash
69027204f18bef3a3126cad6b61a5a480f8c3f1b7cf29b5739df72a18039b1b7
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Referer
https://wstream.video/videofryugmhws/rzulw36hqevq
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
content-encoding
br
last-modified
Thu, 02 Jan 2020 12:15:56 GMT
server
ESF
access-control-allow-origin
*
date
Thu, 02 Jan 2020 12:15:56 GMT
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
status
200
alt-svc
quic=":443"; ma=2592000; v="46,43",h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
x-xss-protection
0
expires
Thu, 02 Jan 2020 12:15:56 GMT
css
fonts.googleapis.com/ 		5 KB
927 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://fonts.googleapis.com/css?family=Libre+Franklin:400,500,600,700,800,900
Requested by
Host: www.pctclk.com
URL: https://www.pctclk.com/slottyvegas/nl/sindex.php?site=pct31-185071
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:809::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE - Google LLC, US),
Reverse DNS
Software
ESF /
Resource Hash
dbf4946c9ab176f2945971158309537992c52016524b6b2abaa6f32733874fa0
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Referer
https://wstream.video/videofryugmhws/rzulw36hqevq
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
content-encoding
br
last-modified
Thu, 02 Jan 2020 12:15:56 GMT
server
ESF
access-control-allow-origin
*
date
Thu, 02 Jan 2020 12:15:56 GMT
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
status
200
alt-svc
quic=":443"; ma=2592000; v="46,43",h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
x-xss-protection
0
expires
Thu, 02 Jan 2020 12:15:56 GMT
bootstrap.min.css
www.pctclk.com/slottyvegas/nl/css/ 		132 KB
21 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://www.pctclk.com/slottyvegas/nl/css/bootstrap.min.css
Requested by
Host: www.pctclk.com
URL: https://www.pctclk.com/slottyvegas/nl/sindex.php?site=pct31-185071
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
31.204.152.192 , Netherlands, ASN49544 (I3DNET, NL),
Reverse DNS
hosted-by.welltodocentury.com
Software
nginx /
Resource Hash
e28f6d75f707a9059bbe36af9d028e306ba80198da2e59a47972d31035164c13

Request headers

Referer
https://wstream.video/videofryugmhws/rzulw36hqevq
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Pragma
public
Date
Thu, 02 Jan 2020 12:15:55 GMT
Content-Encoding
gzip
Last-Modified
Tue, 03 Dec 2019 17:02:27 GMT
Server
nginx
Vary
Accept-Encoding
Content-Type
text/css
Cache-Control
max-age=2592000
Transfer-Encoding
chunked
Connection
keep-alive
Expires
Sat, 01 Feb 2020 12:15:55 GMT
style.css
www.pctclk.com/slottyvegas/nl/css/ 		41 KB
4 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://www.pctclk.com/slottyvegas/nl/css/style.css
Requested by
Host: www.pctclk.com
URL: https://www.pctclk.com/slottyvegas/nl/sindex.php?site=pct31-185071
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
31.204.152.192 , Netherlands, ASN49544 (I3DNET, NL),
Reverse DNS
hosted-by.welltodocentury.com
Software
nginx /
Resource Hash
1f39eb1d05c5a68372c937168b1555470a41ed593d4bf752cffda07408c45d7e

Request headers

Referer
https://wstream.video/videofryugmhws/rzulw36hqevq
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Pragma
public
Date
Thu, 02 Jan 2020 12:15:55 GMT
Content-Encoding
gzip
Last-Modified
Tue, 03 Dec 2019 17:02:28 GMT
Server
nginx
Vary
Accept-Encoding
Content-Type
text/css
Cache-Control
max-age=2592000
Transfer-Encoding
chunked
Connection
keep-alive
Expires
Sat, 01 Feb 2020 12:15:55 GMT
font-awesome.min.css
www.pctclk.com/slottyvegas/nl/css/ 		26 KB
6 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://www.pctclk.com/slottyvegas/nl/css/font-awesome.min.css
Requested by
Host: www.pctclk.com
URL: https://www.pctclk.com/slottyvegas/nl/sindex.php?site=pct31-185071
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
31.204.152.192 , Netherlands, ASN49544 (I3DNET, NL),
Reverse DNS
hosted-by.welltodocentury.com
Software
nginx /
Resource Hash
936ffccdc35bc55221e669d0e76034af76ba8c080c1b1149144dbbd3b5311829

Request headers

Referer
https://wstream.video/videofryugmhws/rzulw36hqevq
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Pragma
public
Date
Thu, 02 Jan 2020 12:15:55 GMT
Content-Encoding
gzip
Last-Modified
Tue, 03 Dec 2019 17:02:27 GMT
Server
nginx
Vary
Accept-Encoding
Content-Type
text/css
Cache-Control
max-age=2592000
Transfer-Encoding
chunked
Connection
keep-alive
Expires
Sat, 01 Feb 2020 12:15:55 GMT
YTPlayer.css
www.pctclk.com/slottyvegas/nl/css/ 		12 KB
6 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://www.pctclk.com/slottyvegas/nl/css/YTPlayer.css
Requested by
Host: www.pctclk.com
URL: https://www.pctclk.com/slottyvegas/nl/sindex.php?site=pct31-185071
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
31.204.152.192 , Netherlands, ASN49544 (I3DNET, NL),
Reverse DNS
hosted-by.welltodocentury.com
Software
nginx /
Resource Hash
5cc3d0f3ba550ae841bd6adcfa820892640d3df2541a24ea6a76202658c0a3c4

Request headers

Referer
https://wstream.video/videofryugmhws/rzulw36hqevq
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Pragma
public
Date
Thu, 02 Jan 2020 12:15:55 GMT
Content-Encoding
gzip
Last-Modified
Tue, 03 Dec 2019 17:02:28 GMT
Server
nginx
Vary
Accept-Encoding
Content-Type
text/css
Cache-Control
max-age=2592000
Transfer-Encoding
chunked
Connection
keep-alive
Expires
Sat, 01 Feb 2020 12:15:55 GMT
stop.png
www.pctclk.com/slottyvegas/nl/images/ 		16 KB
16 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.pctclk.com/slottyvegas/nl/images/stop.png
Requested by
Host: www.pctclk.com
URL: https://www.pctclk.com/slottyvegas/nl/sindex.php?site=pct31-185071
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
31.204.152.192 , Netherlands, ASN49544 (I3DNET, NL),
Reverse DNS
hosted-by.welltodocentury.com
Software
nginx /
Resource Hash
0186583aa0e4f70f4e5477fcd47f62b172267372c841ed8ad665203c299ac8fd

Request headers

Referer
https://wstream.video/videofryugmhws/rzulw36hqevq
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Pragma
public
Date
Thu, 02 Jan 2020 12:15:55 GMT
Last-Modified
Tue, 03 Dec 2019 17:03:04 GMT
Server
nginx
Content-Type
image/png
Cache-Control
max-age=5184000
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
16341
Expires
Mon, 02 Mar 2020 12:15:55 GMT
sexy_lady.png
www.pctclk.com/slottyvegas/nl/images/ 		182 KB
182 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.pctclk.com/slottyvegas/nl/images/sexy_lady.png
Requested by
Host: www.pctclk.com
URL: https://www.pctclk.com/slottyvegas/nl/sindex.php?site=pct31-185071
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
31.204.152.192 , Netherlands, ASN49544 (I3DNET, NL),
Reverse DNS
hosted-by.welltodocentury.com
Software
nginx /
Resource Hash
0ba70b924beae0edbf08a1cd6298a55833352edafd607c3ddf9dd315962533b2

Request headers

Referer
https://wstream.video/videofryugmhws/rzulw36hqevq
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Pragma
public
Date
Thu, 02 Jan 2020 12:15:55 GMT
Last-Modified
Tue, 03 Dec 2019 17:03:02 GMT
Server
nginx
Content-Type
image/png
Cache-Control
max-age=5184000
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
186069
Expires
Mon, 02 Mar 2020 12:15:55 GMT
book_dead.png
www.pctclk.com/slottyvegas/nl/images/ 		74 KB
75 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.pctclk.com/slottyvegas/nl/images/book_dead.png
Requested by
Host: www.pctclk.com
URL: https://www.pctclk.com/slottyvegas/nl/sindex.php?site=pct31-185071
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
31.204.152.192 , Netherlands, ASN49544 (I3DNET, NL),
Reverse DNS
hosted-by.welltodocentury.com
Software
nginx /
Resource Hash
ce6dd08e6c455af1604dea9d4c8049a1322de7a96577969fa2a2076e752ee8db

Request headers

Referer
https://wstream.video/videofryugmhws/rzulw36hqevq
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Pragma
public
Date
Thu, 02 Jan 2020 12:15:55 GMT
Last-Modified
Tue, 03 Dec 2019 17:02:55 GMT
Server
nginx
Content-Type
image/png
Cache-Control
max-age=5184000
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
76178
Expires
Mon, 02 Mar 2020 12:15:55 GMT
dog_house.png
www.pctclk.com/slottyvegas/nl/images/ 		79 KB
79 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.pctclk.com/slottyvegas/nl/images/dog_house.png
Requested by
Host: www.pctclk.com
URL: https://www.pctclk.com/slottyvegas/nl/sindex.php?site=pct31-185071
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
31.204.152.192 , Netherlands, ASN49544 (I3DNET, NL),
Reverse DNS
hosted-by.welltodocentury.com
Software
nginx /
Resource Hash
6ae1d9c9c1d9b4d1d968a7c82c525b9fb750ad26cf12de21dd85e37b871ece33

Request headers

Referer
https://wstream.video/videofryugmhws/rzulw36hqevq
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Pragma
public
Date
Thu, 02 Jan 2020 12:15:55 GMT
Last-Modified
Tue, 03 Dec 2019 17:02:56 GMT
Server
nginx
Content-Type
image/png
Cache-Control
max-age=5184000
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
80752
Expires
Mon, 02 Mar 2020 12:15:55 GMT
rise_merlin.png
www.pctclk.com/slottyvegas/nl/images/ 		77 KB
78 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.pctclk.com/slottyvegas/nl/images/rise_merlin.png
Requested by
Host: www.pctclk.com
URL: https://www.pctclk.com/slottyvegas/nl/sindex.php?site=pct31-185071
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
31.204.152.192 , Netherlands, ASN49544 (I3DNET, NL),
Reverse DNS
hosted-by.welltodocentury.com
Software
nginx /
Resource Hash
ec760c031e95b0cd7a1f834a459d6aa9fff71f1b1ff3f3331e01a14d2a32fe13

Request headers

Referer
https://wstream.video/videofryugmhws/rzulw36hqevq
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Pragma
public
Date
Thu, 02 Jan 2020 12:15:55 GMT
Last-Modified
Tue, 03 Dec 2019 17:03:01 GMT
Server
nginx
Content-Type
image/png
Cache-Control
max-age=5184000
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
79161
Expires
Mon, 02 Mar 2020 12:15:55 GMT
fire_joker.png
www.pctclk.com/slottyvegas/nl/images/ 		65 KB
66 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.pctclk.com/slottyvegas/nl/images/fire_joker.png
Requested by
Host: www.pctclk.com
URL: https://www.pctclk.com/slottyvegas/nl/sindex.php?site=pct31-185071
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
31.204.152.192 , Netherlands, ASN49544 (I3DNET, NL),
Reverse DNS
hosted-by.welltodocentury.com
Software
nginx /
Resource Hash
9ede57f47a2e3415e42dc14ef8a2a4109f473003c53d5daa26b27800c40656be

Request headers

Referer
https://wstream.video/videofryugmhws/rzulw36hqevq
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Pragma
public
Date
Thu, 02 Jan 2020 12:15:55 GMT
Last-Modified
Tue, 03 Dec 2019 17:02:57 GMT
Server
nginx
Content-Type
image/png
Cache-Control
max-age=5184000
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
66801
Expires
Mon, 02 Mar 2020 12:15:55 GMT
pirate_gold.png
www.pctclk.com/slottyvegas/nl/images/ 		80 KB
81 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.pctclk.com/slottyvegas/nl/images/pirate_gold.png
Requested by
Host: www.pctclk.com
URL: https://www.pctclk.com/slottyvegas/nl/sindex.php?site=pct31-185071
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
31.204.152.192 , Netherlands, ASN49544 (I3DNET, NL),
Reverse DNS
hosted-by.welltodocentury.com
Software
nginx /
Resource Hash
a4c31e1150497ff26313acfd865f535d9133584c1dab6e82ca1b394ae44c015b

Request headers

Referer
https://wstream.video/videofryugmhws/rzulw36hqevq
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Pragma
public
Date
Thu, 02 Jan 2020 12:15:56 GMT
Last-Modified
Tue, 03 Dec 2019 17:02:59 GMT
Server
nginx
Content-Type
image/png
Cache-Control
max-age=5184000
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
82297
Expires
Mon, 02 Mar 2020 12:15:56 GMT
play_green.gif
www.pctclk.com/slottyvegas/nl/images/ 		23 KB
23 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.pctclk.com/slottyvegas/nl/images/play_green.gif
Requested by
Host: www.pctclk.com
URL: https://www.pctclk.com/slottyvegas/nl/sindex.php?site=pct31-185071
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
31.204.152.192 , Netherlands, ASN49544 (I3DNET, NL),
Reverse DNS
hosted-by.welltodocentury.com
Software
nginx /
Resource Hash
c3617eba09a29cd6b2c75132e6d2a6c2010ed5dc49a780d6b5e8814bf06d84d7

Request headers

Referer
https://wstream.video/videofryugmhws/rzulw36hqevq
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Pragma
public
Date
Thu, 02 Jan 2020 12:15:55 GMT
Last-Modified
Tue, 03 Dec 2019 17:03:00 GMT
Server
nginx
Content-Type
image/gif
Cache-Control
max-age=5184000
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
23672
Expires
Mon, 02 Mar 2020 12:15:55 GMT
jquery.min.js
www.pctclk.com/slottyvegas/nl/js/ 		94 KB
33 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.pctclk.com/slottyvegas/nl/js/jquery.min.js
Requested by
Host: www.pctclk.com
URL: https://www.pctclk.com/slottyvegas/nl/sindex.php?site=pct31-185071
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
31.204.152.192 , Netherlands, ASN49544 (I3DNET, NL),
Reverse DNS
hosted-by.welltodocentury.com
Software
nginx /
Resource Hash
4e7e1c16e351e7bfc80cddef9f98e99113ddb0d1e201be00d53955fe62f0e523

Request headers

Referer
https://wstream.video/videofryugmhws/rzulw36hqevq
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Pragma
public
Date
Thu, 02 Jan 2020 12:15:55 GMT
Content-Encoding
gzip
Last-Modified
Tue, 03 Dec 2019 17:03:10 GMT
Server
nginx
Vary
Accept-Encoding
Content-Type
application/javascript
Cache-Control
max-age=2592000
Transfer-Encoding
chunked
Connection
keep-alive
Expires
Sat, 01 Feb 2020 12:15:55 GMT
bootstrap.min.js
www.pctclk.com/slottyvegas/nl/js/ 		36 KB
10 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.pctclk.com/slottyvegas/nl/js/bootstrap.min.js
Requested by
Host: www.pctclk.com
URL: https://www.pctclk.com/slottyvegas/nl/sindex.php?site=pct31-185071
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
31.204.152.192 , Netherlands, ASN49544 (I3DNET, NL),
Reverse DNS
hosted-by.welltodocentury.com
Software
nginx /
Resource Hash
5a4a5359110a773bd154da94c48ffd6a6233a29dfd5a9314555f5ae6c3e47459

Request headers

Referer
https://wstream.video/videofryugmhws/rzulw36hqevq
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Pragma
public
Date
Thu, 02 Jan 2020 12:15:55 GMT
Content-Encoding
gzip
Last-Modified
Tue, 03 Dec 2019 17:03:09 GMT
Server
nginx
Vary
Accept-Encoding
Content-Type
application/javascript
Cache-Control
max-age=2592000
Transfer-Encoding
chunked
Connection
keep-alive
Expires
Sat, 01 Feb 2020 12:15:55 GMT
jquery.mb.YTPlayer.js
www.pctclk.com/slottyvegas/nl/js/ 		118 KB
22 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.pctclk.com/slottyvegas/nl/js/jquery.mb.YTPlayer.js
Requested by
Host: www.pctclk.com
URL: https://www.pctclk.com/slottyvegas/nl/sindex.php?site=pct31-185071
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
31.204.152.192 , Netherlands, ASN49544 (I3DNET, NL),
Reverse DNS
hosted-by.welltodocentury.com
Software
nginx /
Resource Hash
4768fa1e1f0da6cb8dce7aba354e9177e9276f005a52212ae5490ab5da28b5d7

Request headers

Referer
https://wstream.video/videofryugmhws/rzulw36hqevq
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Pragma
public
Date
Thu, 02 Jan 2020 12:15:55 GMT
Content-Encoding
gzip
Last-Modified
Tue, 03 Dec 2019 17:03:09 GMT
Server
nginx
Vary
Accept-Encoding
Content-Type
application/javascript
Cache-Control
max-age=2592000
Transfer-Encoding
chunked
Connection
keep-alive
Expires
Sat, 01 Feb 2020 12:15:55 GMT
book-of-dead
slottyvegas.com/en/game-demo/ Frame CFD3
Redirect Chain
  • https://ads.slottyvegas.com/redirect.aspx?pid=76090&bid=3299&sref=PCT&PCT=NL-pct31-185071
  • https://slottyvegas.com/en/game-demo/book-of-dead?utm_source=1&btag=656930_A254784A394B4D7287086C02468C38F8&sref=PCT&PCT=NL-pct31-185071
0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://slottyvegas.com/en/game-demo/book-of-dead?utm_source=1&btag=656930_A254784A394B4D7287086C02468C38F8&sref=PCT&PCT=NL-pct31-185071
Requested by
Host: www.pctclk.com
URL: https://www.pctclk.com/slottyvegas/nl/sindex.php?site=pct31-185071
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::681a:37c , United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),
Reverse DNS
Software
cloudflare /
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=0; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

:method
GET
:authority
slottyvegas.com
:scheme
https
:path
/en/game-demo/book-of-dead?utm_source=1&btag=656930_A254784A394B4D7287086C02468C38F8&sref=PCT&PCT=NL-pct31-185071
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3
sec-fetch-site
cross-site
sec-fetch-mode
nested-navigate
referer
https://www.pctclk.com/slottyvegas/nl/sindex.php?site=pct31-185071
accept-encoding
gzip, deflate, br
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
referer
https://wstream.video/videofryugmhws/rzulw36hqevq
Referer
https://www.pctclk.com/slottyvegas/nl/sindex.php?site=pct31-185071

Response headers

status
200
date
Thu, 02 Jan 2020 12:15:58 GMT
content-type
text/html; charset=UTF-8
set-cookie
__cfduid=dcdc2c530b7f79b91ece92af38d5ba0b91577967358; expires=Sat, 01-Feb-20 12:15:58 GMT; path=/; domain=.slottyvegas.com; HttpOnly; SameSite=Lax gfrcoid=74b402c25ca33cbb3b560e304528e580; path=/ netreferTag=656930_A254784A394B4D7287086C02468C38F8; expires=Sat, 01-Feb-2020 12:15:58 GMT; Max-Age=2592000; path=/; httponly referrer=https%3A%2F%2Fwww.pctclk.com%2Fslottyvegas%2Fnl%2Fsindex.php%3Fsite%3Dpct31-185071; expires=Sat, 01-Feb-2020 12:15:58 GMT; Max-Age=2592000; path=/; httponly
vary
Accept-Encoding
x-page-speed
1.13.35.2-0
cache-control
max-age=0, no-cache
cf-cache-status
DYNAMIC
strict-transport-security
max-age=0; includeSubDomains; preload
x-content-type-options
nosniff
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
alt-svc
h3-24=":443"; ma=86400, h3-23=":443"; ma=86400
server
cloudflare
cf-ray
54eca953d9bbd6c5-FRA
content-encoding
br

Redirect headers

Cache-Control
private,no-cache, no-store
Pragma
no-cache
Content-Type
text/html
Location
https://slottyvegas.com/en/game-demo/book-of-dead?utm_source=1&btag=656930_A254784A394B4D7287086C02468C38F8&sref=PCT&PCT=NL-pct31-185071
Server
Microsoft-IIS/10.0
P3P
CP="This is not a P3P policy! It is used to bypass IEs problematic handling of cookies"
X-AspNet-Version
4.0.30319
Set-Cookie
NetRefer_CookieUniTrack_C=%5b%7b%22PID%22%3a77084%2c%22BID%22%3a3299%2c%22DateTimeStamp%22%3a%22%5c%2fDate(1577967357635)%5c%2f%22%2c%22CookieTag%22%3a%223299770844249632901C2020121215%22%7d%5d; expires=Fri, 31-Dec-9999 23:59:59 GMT; path=/ NetReferSPS=%5b%7b%22StoreName%22%3a%22CurrentReferenceID%22%2c%22StoreValue%22%3a%2231927904%7c1%22%7d%5d; expires=Sat, 02-Jan-3019 12:15:57 GMT; path=/
Request-Context
appId=cid-v1:42ca6b97-b564-4b23-b218-51b9f4f71628
X-Powered-By
ASP.NET
Date
Thu, 02 Jan 2020 12:15:57 GMT
Connection
close
Content-Length
0
dark_blue.jpg
www.pctclk.com/slottyvegas/nl/images/ 		12 KB
13 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.pctclk.com/slottyvegas/nl/images/dark_blue.jpg
Requested by
Host: www.pctclk.com
URL: https://www.pctclk.com/slottyvegas/nl/sindex.php?site=pct31-185071
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
31.204.152.192 , Netherlands, ASN49544 (I3DNET, NL),
Reverse DNS
hosted-by.welltodocentury.com
Software
nginx /
Resource Hash
dc268c1f51bb033a6ac04640f83b74cf68fbedd0a87d13b11981f14241d267ee

Request headers

Referer
https://wstream.video/videofryugmhws/rzulw36hqevq
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Pragma
public
Date
Thu, 02 Jan 2020 12:15:55 GMT
Last-Modified
Tue, 03 Dec 2019 17:02:56 GMT
Server
nginx
Content-Type
image/jpeg
Cache-Control
max-age=5184000
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
12634
Expires
Mon, 02 Mar 2020 12:15:55 GMT
slottyvegas-bg-one.jpg
www.pctclk.com/slottyvegas/nl/images/ 		193 KB
193 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.pctclk.com/slottyvegas/nl/images/slottyvegas-bg-one.jpg
Requested by
Host: www.pctclk.com
URL: https://www.pctclk.com/slottyvegas/nl/sindex.php?site=pct31-185071
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
31.204.152.192 , Netherlands, ASN49544 (I3DNET, NL),
Reverse DNS
hosted-by.welltodocentury.com
Software
nginx /
Resource Hash
f9ca0cd1045157d4c47fce50a2f681ca1be34afa80e9d2531a36a7f68313b8af

Request headers

Referer
https://wstream.video/videofryugmhws/rzulw36hqevq
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Pragma
public
Date
Thu, 02 Jan 2020 12:15:55 GMT
Last-Modified
Tue, 03 Dec 2019 17:03:02 GMT
Server
nginx
Content-Type
image/jpeg
Cache-Control
max-age=5184000
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
197653
Expires
Mon, 02 Mar 2020 12:15:55 GMT
Asap-Bold.woff2
www.pctclk.com/slottyvegas/nl/fonts/ 		11 KB
11 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://www.pctclk.com/slottyvegas/nl/fonts/Asap-Bold.woff2
Requested by
Host: www.pctclk.com
URL: https://www.pctclk.com/slottyvegas/nl/sindex.php?site=pct31-185071
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
31.204.152.192 , Netherlands, ASN49544 (I3DNET, NL),
Reverse DNS
hosted-by.welltodocentury.com
Software
nginx /
Resource Hash
3cd653f8b45e4c5e6ff9673ff18413c22f26afb6d666eece7d48712f5d7979ae

Request headers

User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Referer
https://wstream.video/videofryugmhws/rzulw36hqevq
Origin
https://www.pctclk.com

Response headers

Pragma
public
Date
Thu, 02 Jan 2020 12:15:55 GMT
Content-Encoding
gzip
Last-Modified
Tue, 03 Dec 2019 17:02:37 GMT
Server
nginx
Vary
Accept-Encoding
Content-Type
text/plain
Cache-Control
max-age=5184000
Transfer-Encoding
chunked
Connection
keep-alive
Expires
Mon, 02 Mar 2020 12:15:55 GMT
iframe_api
www.youtube.com/ 		859 B
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.youtube.com/iframe_api?v=3.2.8&_=1577967357158
Requested by
Host: www.pctclk.com
URL: https://www.pctclk.com/slottyvegas/nl/js/jquery.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:808::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE - Google LLC, US),
Reverse DNS
Software
YouTube Frontend Proxy /
Resource Hash
0fb7e51ac6107ded0b2738ca833b79a219c99526a9ee875646b8fee21d23f4df
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://wstream.video/videofryugmhws/rzulw36hqevq
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date
Thu, 02 Jan 2020 12:15:57 GMT
x-content-type-options
nosniff
server
YouTube Frontend Proxy
content-type
application/javascript
status
200
cache-control
no-cache
alt-svc
quic=":443"; ma=2592000; v="46,43",h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length
859
x-xss-protection
0
expires
Tue, 27 Apr 1971 19:44:06 GMT
www-widgetapi.js
s.ytimg.com/yts/jsbin/www-widgetapi-vfldHtazm/ 		23 KB
9 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://s.ytimg.com/yts/jsbin/www-widgetapi-vfldHtazm/www-widgetapi.js
Requested by
Host: www.youtube.com
URL: https://www.youtube.com/iframe_api?v=3.2.8&_=1577967357158
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:800::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE - Google LLC, US),
Reverse DNS
Software
sffe /
Resource Hash
eca3a42522daf7751c7c4719c17a3df3bb6d2b72b13fed4cf35e882144091f78
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://wstream.video/videofryugmhws/rzulw36hqevq
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date
Thu, 02 Jan 2020 06:26:43 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
20954
status
200
alt-svc
quic=":443"; ma=2592000; v="46,43",h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length
8777
x-xss-protection
0
last-modified
Fri, 20 Dec 2019 02:08:43 GMT
server
sffe
vary
Accept-Encoding, Origin
content-type
text/javascript
cache-control
public, max-age=691200
accept-ranges
bytes
timing-allow-origin
https://www.youtube.com
expires
Fri, 10 Jan 2020 06:26:43 GMT

Verdicts & Comments Add Verdict or Comment

32 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| onformdata object| onpointerrawupdate string| popmsg string| targetUrl function| exitScreen object| links undefined| thisLink function| $ function| jQuery object| jQuery1113003977731101045312 object| ytp function| onYouTubeIframeAPIReady function| getYTPVideoID function| iOSversion string| nAgt function| isTouchSupported function| getOS undefined| nameOffset number| verOffset number| ix undefined| start undefined| end function| uncamel function| setUnit function| setFilter object| YT object| YTConfig function| onYTReady object| yt function| ytDomDomGetNextId object| ytEventsEventsListeners object| ytEventsEventsCounter

10 Cookies

Domain/Path Name / Value
.slottyvegas.com/ Name: _hjid
Value: 125fdc62-8aab-426f-aa6d-bdbd1efa6792
.slottyvegas.com/ Name: __cfduid
Value: d8a26d3b60ae4d26d7f7e0b814f4ef5d01577967359
.slottyvegas.com/ Name: _fbp
Value: fb.1.1577967359431.1992608170
.slottyvegas.com/ Name: _gcl_au
Value: 1.1.1608799051.1577967359
.slottyvegas.com/ Name: _gid
Value: GA1.2.1888467303.1577967359
slottyvegas.com/ Name: referrer
Value: https%3A%2F%2Fwww.pctclk.com%2Fslottyvegas%2Fnl%2Fsindex.php%3Fsite%3Dpct31-185071
.slottyvegas.com/ Name: _ga
Value: GA1.2.1259604257.1577967359
.slottyvegas.com/ Name: _gat_UA-121547313-1
Value: 1
slottyvegas.com/ Name: netreferTag
Value: 656930_A254784A394B4D7287086C02468C38F8
slottyvegas.com/ Name: gfrcoid
Value: 74b402c25ca33cbb3b560e304528e580

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

ads.slottyvegas.com
fonts.googleapis.com
popcash.net
ps.popcash.net
s.ytimg.com
slottyvegas.com
vstera.tech
www.pctclk.com
www.youtube.com
146.177.40.248
2606:4700:20::681a:2bc
2606:4700:20::681a:37c
2606:4700:30::681f:5ed6
2a00:1450:4001:800::200e
2a00:1450:4001:808::200e
2a00:1450:4001:809::200a
31.204.152.192
34.205.243.28
0186583aa0e4f70f4e5477fcd47f62b172267372c841ed8ad665203c299ac8fd
0ba70b924beae0edbf08a1cd6298a55833352edafd607c3ddf9dd315962533b2
0fb7e51ac6107ded0b2738ca833b79a219c99526a9ee875646b8fee21d23f4df
1f39eb1d05c5a68372c937168b1555470a41ed593d4bf752cffda07408c45d7e
3cd653f8b45e4c5e6ff9673ff18413c22f26afb6d666eece7d48712f5d7979ae
4768fa1e1f0da6cb8dce7aba354e9177e9276f005a52212ae5490ab5da28b5d7
4e7e1c16e351e7bfc80cddef9f98e99113ddb0d1e201be00d53955fe62f0e523
5a4a5359110a773bd154da94c48ffd6a6233a29dfd5a9314555f5ae6c3e47459
5cc3d0f3ba550ae841bd6adcfa820892640d3df2541a24ea6a76202658c0a3c4
69027204f18bef3a3126cad6b61a5a480f8c3f1b7cf29b5739df72a18039b1b7
6ae1d9c9c1d9b4d1d968a7c82c525b9fb750ad26cf12de21dd85e37b871ece33
83bd2ddf106288a4635966e85fbd7f9eb819c4dce635ef38c439bf178989eaa5
936ffccdc35bc55221e669d0e76034af76ba8c080c1b1149144dbbd3b5311829
9ede57f47a2e3415e42dc14ef8a2a4109f473003c53d5daa26b27800c40656be
a4c31e1150497ff26313acfd865f535d9133584c1dab6e82ca1b394ae44c015b
c3617eba09a29cd6b2c75132e6d2a6c2010ed5dc49a780d6b5e8814bf06d84d7
ce6dd08e6c455af1604dea9d4c8049a1322de7a96577969fa2a2076e752ee8db
cf45df98271e7a9f5b1a4645c8e472a2c8c9de549d58ce2f3d59c140fe8795e9
dbf4946c9ab176f2945971158309537992c52016524b6b2abaa6f32733874fa0
dc268c1f51bb033a6ac04640f83b74cf68fbedd0a87d13b11981f14241d267ee
e28f6d75f707a9059bbe36af9d028e306ba80198da2e59a47972d31035164c13
ec760c031e95b0cd7a1f834a459d6aa9fff71f1b1ff3f3331e01a14d2a32fe13
eca3a42522daf7751c7c4719c17a3df3bb6d2b72b13fed4cf35e882144091f78
f9ca0cd1045157d4c47fce50a2f681ca1be34afa80e9d2531a36a7f68313b8af