urlscan.io logo urlscan.io
SecurityTrails logo

uclck.me Open in urlscan Pro
104.21.13.205  Public Scan

Go To Rescan Add Verdict Report
URL: https://uclck.me/unJTx
Submission: On September 24 via manual from KR — Scanned from AU
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 16 IPs in 3 countries across 15 domains to perform 37 HTTP transactions. The main IP is 104.21.13.205, located in and belongs to CLOUDFLARENET, US. The main domain is uclck.me.
TLS certificate: Issued by Cloudflare Inc ECC CA-3 on November 30th 2021. Valid for: a year.
This is the only time uclck.me was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
1 3 104.21.13.205 13335 (CLOUDFLAR...)
6 104.21.0.194 13335 (CLOUDFLAR...)
2 172.217.194.95 15169 (GOOGLE)
7 142.251.12.154 15169 (GOOGLE)
1 54.192.150.29 16509 (AMAZON-02)
2 74.125.200.97 15169 (GOOGLE)
1 104.17.25.14 13335 (CLOUDFLAR...)
1 4 93.158.134.119 13238 (YANDEX)
3 142.251.10.94 15169 (GOOGLE)
1 104.16.85.20 13335 (CLOUDFLAR...)
2 172.217.194.156 15169 (GOOGLE)
1 142.251.10.157 15169 (GOOGLE)
1 172.217.194.155 15169 (GOOGLE)
1 74.125.130.113 15169 (GOOGLE)
3 74.125.130.132 15169 (GOOGLE)
1 74.125.130.147 15169 (GOOGLE)
37 16
3    104.21.13.205 (None, )

ASN13335 (CLOUDFLARENET, US)
uclck.me
6    104.21.0.194 (None, )

ASN13335 (CLOUDFLARENET, US)
youclick.link
2    172.217.194.95 (United States)

ASN15169 (GOOGLE, US)
PTR: si-in-f95.1e100.net
fonts.googleapis.com
7    142.251.12.154 (United States)

ASN15169 (GOOGLE, US)
PTR: se-in-f154.1e100.net
pagead2.googlesyndication.com
adservice.google.com.au
1    54.192.150.29 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-54-192-150-29.sin2.r.cloudfront.net
image.thum.io
2    74.125.200.97 (United States)

ASN15169 (GOOGLE, US)
PTR: sa-in-f97.1e100.net
www.googletagmanager.com
1    104.17.25.14 (None, )

ASN13335 (CLOUDFLARENET, US)
cdnjs.cloudflare.com
4    93.158.134.119 (Russian Federation)

ASN13238 (YANDEX, RU)
PTR: mc.yandex.ru
mc.yandex.ru
3    142.251.10.94 (United States)

ASN15169 (GOOGLE, US)
PTR: sd-in-f94.1e100.net
fonts.gstatic.com
1    104.16.85.20 (None, )

ASN13335 (CLOUDFLARENET, US)
cdn.jsdelivr.net
2    172.217.194.156 (United States)

ASN15169 (GOOGLE, US)
PTR: si-in-f156.1e100.net
googleads.g.doubleclick.net
1    142.251.10.157 (United States)

ASN15169 (GOOGLE, US)
PTR: sd-in-f157.1e100.net
partner.googleadservices.com
1    172.217.194.155 (United States)

ASN15169 (GOOGLE, US)
PTR: si-in-f155.1e100.net
adservice.google.com
1    74.125.130.113 (United States)

ASN15169 (GOOGLE, US)
PTR: sb-in-f113.1e100.net
www.google-analytics.com
3    74.125.130.132 (United States)

ASN15169 (GOOGLE, US)
PTR: sb-in-f132.1e100.net
tpc.googlesyndication.com
1    74.125.130.147 (United States)

ASN15169 (GOOGLE, US)
PTR: sb-in-f147.1e100.net
www.google.com
Apex Domain
Subdomains		 Transfer
9 googlesyndication.com
pagead2.googlesyndication.com — Cisco Umbrella Rank: 105
tpc.googlesyndication.com — Cisco Umbrella Rank: 142
218 KB
6 youclick.link
youclick.link
199 KB
4 yandex.ru
mc.yandex.ru — Cisco Umbrella Rank: 3603
73 KB
3 gstatic.com
fonts.gstatic.com
110 KB
3 uclck.me
uclck.me
8 KB
2 google.com
adservice.google.com — Cisco Umbrella Rank: 75
www.google.com — Cisco Umbrella Rank: 2
2 KB
2 doubleclick.net
googleads.g.doubleclick.net — Cisco Umbrella Rank: 41
5 KB
2 googletagmanager.com
www.googletagmanager.com — Cisco Umbrella Rank: 62
111 KB
2 googleapis.com
fonts.googleapis.com — Cisco Umbrella Rank: 40
2 KB
1 google-analytics.com
www.google-analytics.com — Cisco Umbrella Rank: 27
342 B
1 google.com.au
adservice.google.com.au — Cisco Umbrella Rank: 97372
792 B
1 googleadservices.com
partner.googleadservices.com — Cisco Umbrella Rank: 857
694 B
1 jsdelivr.net
cdn.jsdelivr.net — Cisco Umbrella Rank: 392
10 KB
1 cloudflare.com
cdnjs.cloudflare.com — Cisco Umbrella Rank: 209
2 KB
1 thum.io
image.thum.io — Cisco Umbrella Rank: 317059
377 KB
37 15
Domain Requested by
6 pagead2.googlesyndication.com uclck.me
pagead2.googlesyndication.com
tpc.googlesyndication.com
6 youclick.link uclck.me
4 mc.yandex.ru 1 redirects uclck.me
3 tpc.googlesyndication.com pagead2.googlesyndication.com
tpc.googlesyndication.com
3 fonts.gstatic.com fonts.googleapis.com
3 uclck.me 1 redirects uclck.me
2 googleads.g.doubleclick.net pagead2.googlesyndication.com
2 www.googletagmanager.com uclck.me
www.googletagmanager.com
2 fonts.googleapis.com uclck.me
youclick.link
1 www.google.com tpc.googlesyndication.com
1 www.google-analytics.com www.googletagmanager.com
1 adservice.google.com pagead2.googlesyndication.com
1 adservice.google.com.au pagead2.googlesyndication.com
1 partner.googleadservices.com pagead2.googlesyndication.com
1 cdn.jsdelivr.net uclck.me
1 cdnjs.cloudflare.com uclck.me
1 image.thum.io uclck.me
37 17

This site contains links to these domains. Also see Links.

Domain
youclick.link
Subject Issuer Validity Valid
sni.cloudflaressl.com
Cloudflare Inc ECC CA-3		 2021-11-30 -
2022-11-29		 a year crt.sh
*.youclick.link
E1		 2022-08-21 -
2022-11-19		 3 months crt.sh
upload.video.google.com
GTS CA 1C3		 2022-09-05 -
2022-11-28		 3 months crt.sh
*.g.doubleclick.net
GTS CA 1C3		 2022-09-05 -
2022-11-28		 3 months crt.sh
*.google-analytics.com
GTS CA 1C3		 2022-09-05 -
2022-11-28		 3 months crt.sh
mc.yandex.ru
GlobalSign ECC OV SSL CA 2018		 2022-05-21 -
2022-10-31		 5 months crt.sh
*.gstatic.com
GTS CA 1C3		 2022-09-05 -
2022-11-28		 3 months crt.sh
*.googleadservices.com
GTS CA 1C3		 2022-09-05 -
2022-11-28		 3 months crt.sh
*.google.com.au
GTS CA 1C3		 2022-09-05 -
2022-11-28		 3 months crt.sh
*.google.com
GTS CA 1C3		 2022-09-05 -
2022-11-28		 3 months crt.sh
tpc.googlesyndication.com
GTS CA 1C3		 2022-09-05 -
2022-11-28		 3 months crt.sh
www.google.com
GTS CA 1C3		 2022-09-05 -
2022-11-28		 3 months crt.sh

This page contains 5 frames:

Primary Page: https://uclck.me/unJTx
Frame ID: AFB2CFECF86BABD4953B1F894377578D
Requests: 30 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/html/r20220921/r20190131/zrt_lookup.html
Frame ID: E10B70E32D0CCC2EF86AF0914626AF19
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-2304251511741078&output=html&adk=1812271804&adf=3025194257&lmt=1663987397&plat=9%3A32776%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C30%3A1081344%2C32%3A32&format=0x0&url=https%3A%2F%2Fuclck.me%2FunJTx&ea=0&pra=5&wgl=1&easpi=0&asntp=0&asntpv=0&asntpl=0&asntpm=0&asntpc=0&asna=5&asnd=5&asnp=5&asns=5&asmat=1&asptt=-1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1663987396135&bpp=3&bdt=3178&idt=1539&shv=r20220921&mjsv=m202209120102&ptt=9&saldr=aa&abxe=1&nras=1&correlator=5768601718578&frm=20&pv=2&ga_vid=141835102.1663987398&ga_sid=1663987398&ga_hid=1739226492&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C31068920&oid=2&pvsid=1331828860527782&tmod=1169871571&uas=0&nvt=1&eae=2&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=32768&bc=31&ifi=1&uci=a!1&fsb=1&dtd=1555
Frame ID: D1A66D1649B4659B53A3EBAC23C257DA
Requests: 1 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Frame ID: D06B1326D1825F07134F58C2FCFBAACA
Requests: 3 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/aframe
Frame ID: DD24E05FF9803DA946FD8D437315785B
Requests: 2 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page Title

MarsBahis OFFICIAL | Marsbahis Giriş İçin Tıklayın! - YouClick.link

Detected technologies

Overall confidence: 100%
Detected patterns
  • googlesyndication\.com/
Overall confidence: 100%
Detected patterns
Overall confidence: 100%
Detected patterns
  • <link[^>]* href=[^>]+fonts\.(?:googleapis|google)\.com
Overall confidence: 100%
Detected patterns
  • googletagmanager\.com/gtag/js
Overall confidence: 100%
Detected patterns
  • mc\.yandex\.ru/metrika/(?:tag|watch)\.js
Overall confidence: 100%
Detected patterns
  • //cdn\.jsdelivr\.net/

Page Statistics

37
Requests

95 %
HTTPS

0 %
IPv6

15
Domains

17
Subdomains

16
IPs

3
Countries

1117 kB
Transfer

2664 kB
Size

15
Cookies

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 4
  • https://uclck.me/unJTx/i HTTP 302
  • https://image.thum.io/get/width/600/crop/900/https://marsbahis-yenigiris.com/
Request Chain 26
  • https://mc.yandex.ru/watch/87651738?wmode=7&page-url=https%3A%2F%2Fuclck.me%2FunJTx&charset=utf-8&browser-info=pv%3A1%3Agdpr%3A14%3Avf%3Aat6op7b9z7b01ildsv2t4%3Afp%3A4300%3Afu%3A0%3Aen%3Autf-8%3Ala%3Aen-US%3Av%3A904%3Acn%3A1%3Adp%3A0%3Als%3A1446906954521%3Ahid%3A1022670668%3Az%3A0%3Ai%3A20220924024318%3Aet%3A1663987399%3Ac%3A1%3Arn%3A738180417%3Arqn%3A1%3Au%3A16639873991030333140%3Aw%3A1600x1200%3As%3A1600x1200x24%3Ask%3A1%3Awv%3A2%3Ads%3A45%2C196%2C1666%2C1%2C%2C0%2C%2C3473%2C1%2C%2C%2C%2C5385%3Acpf%3A1%3Ans%3A1663987391046%3Arqnl%3A1%3Ast%3A1663987399%3At%3AMarsBahis%20OFFICIAL%20%7C%20Marsbahis%20Giri%C5%9F%20%C4%B0%C3%A7in%20T%C4%B1klay%C4%B1n!%20-%20YouClick.link&t=gdpr(14)clc(0-0-0)aw(1)rqnt(1)rqnl(1)ti(2) HTTP 302
  • https://mc.yandex.ru/watch/87651738/1?wmode=7&page-url=https%3A%2F%2Fuclck.me%2FunJTx&charset=utf-8&browser-info=pv%3A1%3Agdpr%3A14%3Avf%3Aat6op7b9z7b01ildsv2t4%3Afp%3A4300%3Afu%3A0%3Aen%3Autf-8%3Ala%3Aen-US%3Av%3A904%3Acn%3A1%3Adp%3A0%3Als%3A1446906954521%3Ahid%3A1022670668%3Az%3A0%3Ai%3A20220924024318%3Aet%3A1663987399%3Ac%3A1%3Arn%3A738180417%3Arqn%3A1%3Au%3A16639873991030333140%3Aw%3A1600x1200%3As%3A1600x1200x24%3Ask%3A1%3Awv%3A2%3Ads%3A45%2C196%2C1666%2C1%2C%2C0%2C%2C3473%2C1%2C%2C%2C%2C5385%3Acpf%3A1%3Ans%3A1663987391046%3Arqnl%3A1%3Ast%3A1663987399%3At%3AMarsBahis%20OFFICIAL%20%7C%20Marsbahis%20Giri%C5%9F%20%C4%B0%C3%A7in%20T%C4%B1klay%C4%B1n%21%20-%20YouClick.link&t=gdpr%2814%29clc%280-0-0%29aw%281%29rqnt%281%29rqnl%281%29ti%282%29

37 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
Primary Request unJTx
uclck.me/ 		17 KB
7 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://uclck.me/unJTx
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.21.13.205 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare / PHP/8.0.17
Resource Hash
14a00c6fcf4b4acfb975bcf5c63394e6e3d4bb919ff42244fa5890f1ffc5c771

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
en-AU,en;q=0.9

Response headers

alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
cache-control
no-store, no-cache, must-revalidate
cf-cache-status
DYNAMIC
cf-ray
74f82bcbdb7417cf-MEL
content-encoding
br
content-type
text/html; charset=UTF-8
date
Sat, 24 Sep 2022 02:43:12 GMT
expires
Thu, 19 Nov 1981 08:52:00 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
pragma
no-cache
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Ad8yFQYXx7x3bfxMPN6HHLUYusVagrrw7N5ynut9OwnduDeA0LZoyfozrlXVxXw7XzuxlKBwqnjwNS3omWCSJBt7oqUZpYmQjObacq7a8lzsQfAvNBBtH3IqKQ%3D%3D"}],"group":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
x-powered-by
PHP/8.0.17
style.css
youclick.link/static/frontend/css/ 		611 KB
78 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://youclick.link/static/frontend/css/style.css
Requested by
Host: uclck.me
URL: https://uclck.me/unJTx
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.21.0.194 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
da25e1368c19e154a0fa54b2ab3275c94056039453e76cea56c234b68a342129
Security Headers
Name Value
Strict-Transport-Security max-age=31536000;

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://uclck.me/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sat, 24 Sep 2022 02:43:14 GMT
content-encoding
br
cf-cache-status
MISS
last-modified
Sun, 16 Jan 2022 20:57:02 GMT
server
cloudflare
etag
W/"98a4b-5d5b947186380"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=AYHS5434ozolNR9lk5BvTKczLrmX7%2BInnqKin7VV5r0GJQg5i7PG7ARCBFL%2Bvs4v7mxULBw7%2BMhqvZwDISy1uMPKBl%2F1OdTwn2nHHhdkeKyNzK%2BwuJ3loWiTnnlO2Rb4"}],"group":"cf-nel","max_age":604800}
content-type
text/css
cache-control
max-age=14400
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
strict-transport-security
max-age=31536000;
cf-ray
74f82bd81dac5ac0-MEL
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
css2
fonts.googleapis.com/ 		7 KB
1 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://fonts.googleapis.com/css2?family=Inter:wght@300;400;600&display=swap
Requested by
Host: uclck.me
URL: https://uclck.me/unJTx
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.217.194.95 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
si-in-f95.1e100.net
Software
ESF /
Resource Hash
07a6046ca92afd53f59064740b2d812f2016336ad674740de2a06b3d90383390
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://uclck.me/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection
0
last-modified
Sat, 24 Sep 2022 02:43:13 GMT
server
ESF
cross-origin-opener-policy
same-origin-allow-popups
date
Sat, 24 Sep 2022 02:43:13 GMT
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Sat, 24 Sep 2022 02:43:13 GMT
adsbygoogle.js
pagead2.googlesyndication.com/pagead/js/ 		166 KB
57 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js?client=ca-pub-2304251511741078
Requested by
Host: uclck.me
URL: https://uclck.me/unJTx
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.251.12.154 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
se-in-f154.1e100.net
Software
cafe /
Resource Hash
f5ae8aaa46c2cc3585cb0d1bfb2b22da45a7027d98ff9800083ffddc259f6b4c
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://uclck.me/
Origin
https://uclck.me
accept-language
en-AU,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sat, 24 Sep 2022 02:43:15 GMT
content-encoding
gzip
x-content-type-options
nosniff
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
57785
x-xss-protection
0
server
cafe
etag
13181168103349066316
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=3600
timing-allow-origin
*
expires
Sat, 24 Sep 2022 02:43:15 GMT
logo-svg-white.svg
youclick.link/ 		42 KB
20 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://youclick.link/logo-svg-white.svg
Requested by
Host: uclck.me
URL: https://uclck.me/unJTx
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.21.0.194 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
b01eb054bb9ad28b44e1e4aeea81c9668e58b2e4d177e83c6574200b5472280f
Security Headers
Name Value
Strict-Transport-Security max-age=31536000;

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://uclck.me/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sat, 24 Sep 2022 02:43:16 GMT
content-encoding
br
cf-cache-status
MISS
last-modified
Thu, 20 Jan 2022 22:42:53 GMT
server
cloudflare
etag
W/"a8ee-5d60b3909f47d"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=ckdFcMQg6S0RMCprx0S0SXOgYOa5xXQ%2FH4rSSWn8sjPipH0ERS2o6RIelYy6gy4xZb7NO6NrMf9qWHQJdOL3qeCs7zg5GRngyuGhenAAwtX6mnOuFIWekw9IVPnRIkCE"}],"group":"cf-nel","max_age":604800}
content-type
image/svg+xml
cache-control
max-age=14400
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
strict-transport-security
max-age=31536000;
cf-ray
74f82be4fba65ac0-MEL
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
/
image.thum.io/get/width/600/crop/900/https://marsbahis-yenigiris.com/
Redirect Chain
  • https://uclck.me/unJTx/i
  • https://image.thum.io/get/width/600/crop/900/https://marsbahis-yenigiris.com/
376 KB
377 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://image.thum.io/get/width/600/crop/900/https://marsbahis-yenigiris.com/
Requested by
Host: uclck.me
URL: https://uclck.me/unJTx
Protocol
H2
Server
54.192.150.29 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-54-192-150-29.sin2.r.cloudfront.net
Software
/
Resource Hash
76ccae4dde78bdcf17567799692d02b85c8574f496a268cba4edf30bd856aa5f

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://uclck.me/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sat, 24 Sep 2022 02:43:16 GMT
via
1.1 b0fefe61f56a8633f9022434d425989c.cloudfront.net (CloudFront)
x-amz-cf-pop
SIN2-C1
x-cache
Miss from cloudfront
content-type
image/png
access-control-allow-origin
*
cache-control
max-age=86400
content-disposition
inline; filename= "marsbahis-yenigiris.com.png"
thum_status_code
200
x-amz-cf-id
-_Z1lXuB2Xf21hStBWGMsixMHWxaBGP64XmJDOfWos2i_pe7WcwIsQ==
expires
Sun, 25 Sep 2022 02:43:16 GMT

Redirect headers

pragma
no-cache
date
Sat, 24 Sep 2022 02:43:15 GMT
cf-cache-status
DYNAMIC
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
x-powered-by
PHP/8.0.17
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=U5l%2FpS9R8qRPuiNVOdVEn%2Bj9PiRgDtb0bh2mesyhqr9345lyM70EerxVBqnwyJoRn7cMnkJhkcCVpi4TFKihDzuzHCPYNC51EOrnR0KWlJBi%2FY9ysArnHQuLLA%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
text/html; charset=UTF-8
location
https://image.thum.io/get/width/600/crop/900/https://marsbahis-yenigiris.com/
cache-control
max-age=31556926
cf-ray
74f82be4ff8117cf-MEL
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
expires
Thu, 19 Nov 1981 08:52:00 GMT
chrome.svg
uclck.me/static/images/ 		2 KB
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://uclck.me/static/images/chrome.svg
Requested by
Host: uclck.me
URL: https://uclck.me/unJTx
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.21.13.205 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
9ad1cfcdc0e18cecb5436e8e0be486db7a589f5801443f620903dc196401017b

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://uclck.me/unJTx
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sat, 24 Sep 2022 02:43:16 GMT
content-encoding
br
cf-cache-status
MISS
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
etag
W/"9b5-5d8df4a684537"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=LgZNmw8cBtU8GwRcwj2k7VkjdG4WF4ZaLddt51XRLaX%2BUztDxScBnOm8vDa9txo0n8A8jM%2FfXKi2oNLGWc5NNjOgfEwDW65RwA2oNxECBvE34lSB%2BLmPABHKNA%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/svg+xml
last-modified
Fri, 25 Feb 2022 22:33:41 GMT
cf-ray
74f82be52fc517cf-MEL
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
bundle.pack.js
youclick.link/static/ 		324 KB
95 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://youclick.link/static/bundle.pack.js
Requested by
Host: uclck.me
URL: https://uclck.me/unJTx
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.21.0.194 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
fc981871b8271bea9270a3af4f77bb50d37101e555dd6801fe7ecf9e26a9b12b
Security Headers
Name Value
Strict-Transport-Security max-age=31536000;

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://uclck.me/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sat, 24 Sep 2022 02:43:15 GMT
content-encoding
br
cf-cache-status
MISS
last-modified
Thu, 28 Oct 2021 16:50:18 GMT
server
cloudflare
etag
W/"51029-5cf6c81674680"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=0lLNdCZV2i5rik3XtR%2BzP32eWJaI%2FTbRMNAHfraNGwvl1uoNahsfVd4Pz6EMchOVxRXgoJ2%2Fug3PiEABhdvWLEIRq6iCvKENoTqrHAe1sld1s7se6fnRbiCLH8PfJfuL"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript
cache-control
max-age=14400
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
strict-transport-security
max-age=31536000;
cf-ray
74f82bd988065ac0-MEL
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
js
www.googletagmanager.com/gtag/ 		96 KB
38 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagmanager.com/gtag/js?id=GTM-P23ZKGH
Requested by
Host: uclck.me
URL: https://uclck.me/unJTx
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
74.125.200.97 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sa-in-f97.1e100.net
Software
Google Tag Manager /
Resource Hash
20d57d7c597cbad1f416f6d5fa79599aa15f16a70c4efa44e3a29dc385d310d2
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://uclck.me/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sat, 24 Sep 2022 02:43:16 GMT
content-encoding
br
vary
Accept-Encoding
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
38303
x-xss-protection
0
last-modified
Sat, 24 Sep 2022 00:00:00 GMT
server
Google Tag Manager
strict-transport-security
max-age=31536000; includeSubDomains
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
access-control-allow-headers
Cache-Control
expires
Sat, 24 Sep 2022 02:43:16 GMT
blockadblock.min.js
cdnjs.cloudflare.com/ajax/libs/blockadblock/3.2.1/ 		5 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdnjs.cloudflare.com/ajax/libs/blockadblock/3.2.1/blockadblock.min.js
Requested by
Host: uclck.me
URL: https://uclck.me/unJTx
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.17.25.14 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
df35392ebe2722ddcafc180639031db9a8ed65c3d5f5e94833fdb74435d1a77a
Security Headers
Name Value
Strict-Transport-Security max-age=15780000
X-Content-Type-Options nosniff

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://uclck.me/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sat, 24 Sep 2022 02:43:15 GMT
content-encoding
br
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
age
17136170
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
1309
timing-allow-origin
*
last-modified
Mon, 04 May 2020 16:06:35 GMT
server
cloudflare
cf-cdnjs-via
cfworker/kv
etag
"5eb03d8b-1289"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security
max-age=15780000
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=pJo7awLCK%2Bp1FauN2B%2BTXCGGf6P1it6xfy7Jwwbf1tqTE69KHZfdwcR8JKV1iU6r5jNmm7oknWDaj3NQu69FX8ioy5%2F3uX%2BvTDOb7oVFQ7%2BljqbtsGDSkVW7ZeVYK8lGHZ4NdgxA"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
vary
Accept-Encoding
cache-control
public, max-age=30672000
accept-ranges
bytes
cf-ray
74f82be4fe7c3773-MEL
expires
Thu, 14 Sep 2023 02:43:15 GMT
detect.app.js
youclick.link/static/ 		541 B
621 B 		Script
General
Check archive.org
Download Go to
Full URL
https://youclick.link/static/detect.app.js
Requested by
Host: uclck.me
URL: https://uclck.me/unJTx
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.21.0.194 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
aa7655ed1941f9841258e3cdd098c4e204a46c4e92f3fac7527495a3b5ad7e74
Security Headers
Name Value
Strict-Transport-Security max-age=31536000;

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://uclck.me/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sat, 24 Sep 2022 02:43:16 GMT
content-encoding
br
cf-cache-status
MISS
last-modified
Fri, 29 Oct 2021 16:42:12 GMT
server
cloudflare
etag
W/"21d-5cf808246e100"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=92airGVB5T1NEuiVDy727fCzOF%2Bj40gJ%2BuprylotWcYWdXs7YsHnn%2BJMSPcezDxHtRgVAdEBGUuvJob7Q84CDJ6vE6kPD%2Bw4ZXTOYuPNJ%2FpPAEanbbYF9EwwcuIcT6DR"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript
cache-control
max-age=14400
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
strict-transport-security
max-age=31536000;
cf-ray
74f82be4fba05ac0-MEL
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
app.js
youclick.link/static/frontend/js/ 		9 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://youclick.link/static/frontend/js/app.js
Requested by
Host: uclck.me
URL: https://uclck.me/unJTx
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.21.0.194 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
7f4f8fd3201d7854fc3bcfa85dba732a7fe599db6c6507b45b686e9c028c1b0c
Security Headers
Name Value
Strict-Transport-Security max-age=31536000;

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://uclck.me/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sat, 24 Sep 2022 02:43:16 GMT
content-encoding
br
cf-cache-status
MISS
last-modified
Wed, 09 Feb 2022 12:34:30 GMT
server
cloudflare
etag
W/"2310-5d7950e166180"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=D0swWuMEMfstm7GX9QFnO95KREODBICPoIw%2BsDItQ3lOoPbsV%2BrH03zQg6ZtAfTc1J3hZtMzQ%2BlZBgh2io1Bdmfx%2B85o7S%2FLrWTH7NHWNlwxGIJDmBcxP5n6Im3Lmvqv"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript
cache-control
max-age=14400
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
strict-transport-security
max-age=31536000;
cf-ray
74f82be4fba35ac0-MEL
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
server.min.js
youclick.link/static/ 		6 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://youclick.link/static/server.min.js
Requested by
Host: uclck.me
URL: https://uclck.me/unJTx
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.21.0.194 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
8c0936d69e969e9263354ec4805a7c1a336535dc356919683bd81dd06734dc05
Security Headers
Name Value
Strict-Transport-Security max-age=31536000;

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://uclck.me/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sat, 24 Sep 2022 02:43:16 GMT
content-encoding
br
cf-cache-status
MISS
last-modified
Tue, 17 May 2022 10:26:18 GMT
server
cloudflare
etag
W/"17f5-5df3292372680"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=NhMKFBsodC2evftex%2FncCqPQbzeEy0rOY7hkdckO1ZaZoLT6QuOSI4TbNdsWq%2Bp6WltrT3c1Xl7Ps3TCN3%2B52ehsu6s69AiPRW3JKVbHkiCJ1LvpfyltZA7Kdkmp0Gtd"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript
cache-control
max-age=14400
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
strict-transport-security
max-age=31536000;
cf-ray
74f82be4fba55ac0-MEL
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
css
fonts.googleapis.com/ 		9 KB
819 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://fonts.googleapis.com/css?family=Nunito+Sans:400,400i,600,700,800&display=swap
Requested by
Host: youclick.link
URL: https://youclick.link/static/frontend/css/style.css
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.217.194.95 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
si-in-f95.1e100.net
Software
ESF /
Resource Hash
0893f3413251d1c152cc83ead398f13c2afefd44af721faf2ed4bafc6b273db6
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://youclick.link/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection
0
last-modified
Sat, 24 Sep 2022 02:35:38 GMT
server
ESF
cross-origin-opener-policy
same-origin-allow-popups
date
Sat, 24 Sep 2022 02:43:15 GMT
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Sat, 24 Sep 2022 02:43:15 GMT
tag.js
mc.yandex.ru/metrika/ 		206 KB
71 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://mc.yandex.ru/metrika/tag.js
Requested by
Host: uclck.me
URL: https://uclck.me/unJTx
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
93.158.134.119 , Russian Federation, ASN13238 (YANDEX, RU),
Reverse DNS
mc.yandex.ru
Software
/
Resource Hash
32052cc706d52301bbfc3cb10546acae464da944a38de9687606e8b5d91eeee9
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://uclck.me/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sat, 24 Sep 2022 02:43:17 GMT
content-encoding
br
last-modified
Fri, 23 Sep 2022 11:23:31 GMT
etag
"632d6d03-11a95"
strict-transport-security
max-age=31536000
content-type
application/javascript
access-control-allow-origin
*
cache-control
max-age=3600
content-length
72341
expires
Sat, 24 Sep 2022 03:43:17 GMT
UcC73FwrK3iLTeHuS_fvQtMwCp50KnMa0ZL7SUc.woff2
fonts.gstatic.com/s/inter/v12/ 		17 KB
17 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/inter/v12/UcC73FwrK3iLTeHuS_fvQtMwCp50KnMa0ZL7SUc.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css2?family=Inter:wght@300;400;600&display=swap
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.251.10.94 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sd-in-f94.1e100.net
Software
sffe /
Resource Hash
262a1054100218e2efaa4b2e214e4fb8e920c5a30a53300b80145511df3de895
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
https://uclck.me
accept-language
en-AU,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sat, 17 Sep 2022 16:27:12 GMT
x-content-type-options
nosniff
age
555363
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
17076
x-xss-protection
0
last-modified
Mon, 11 Jul 2022 21:07:51 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Sun, 17 Sep 2023 16:27:12 GMT
UcC73FwrK3iLTeHuS_fvQtMwCp50KnMa1ZL7.woff2
fonts.gstatic.com/s/inter/v12/ 		37 KB
38 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/inter/v12/UcC73FwrK3iLTeHuS_fvQtMwCp50KnMa1ZL7.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css2?family=Inter:wght@300;400;600&display=swap
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.251.10.94 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sd-in-f94.1e100.net
Software
sffe /
Resource Hash
450f3ba4e47ee174bd9692b396f264b907d37d2528f53911760f3d0edb785f7e
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
https://uclck.me
accept-language
en-AU,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sun, 18 Sep 2022 02:57:43 GMT
x-content-type-options
nosniff
age
517532
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
37924
x-xss-protection
0
last-modified
Mon, 11 Jul 2022 20:54:46 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Mon, 18 Sep 2023 02:57:43 GMT
UcC73FwrK3iLTeHuS_fvQtMwCp50KnMa25L7SUc.woff2
fonts.gstatic.com/s/inter/v12/ 		56 KB
56 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/inter/v12/UcC73FwrK3iLTeHuS_fvQtMwCp50KnMa25L7SUc.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css2?family=Inter:wght@300;400;600&display=swap
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.251.10.94 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sd-in-f94.1e100.net
Software
sffe /
Resource Hash
45606f837ab8530c01f3602592ed7a118450be4ef3f629ca644d0543099e5c6b
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
https://uclck.me
accept-language
en-AU,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sat, 17 Sep 2022 17:38:29 GMT
x-content-type-options
nosniff
age
551086
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
56968
x-xss-protection
0
last-modified
Mon, 11 Jul 2022 21:29:14 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Sun, 17 Sep 2023 17:38:29 GMT
pwaupdate
cdn.jsdelivr.net/npm/@pwabuilder/ 		31 KB
10 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.jsdelivr.net/npm/@pwabuilder/pwaupdate
Requested by
Host: uclck.me
URL: https://uclck.me/unJTx
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.16.85.20 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
7d60f6be3a54a3cf6b48e76e50f9b029391f4e21f5cf26523c40b7a4cf555602
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://uclck.me/
Origin
https://uclck.me
accept-language
en-AU,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sat, 24 Sep 2022 02:43:15 GMT
content-encoding
br
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
age
1920
x-jsd-version
0.2.1
x-cache
HIT, HIT
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-served-by
cache-fra19130-FRA, cache-iad-kiad7000134-IAD
timing-allow-origin
*
x-jsd-version-type
version
server
cloudflare
etag
W/"7dfd-u/4iYNW6Cnv7t5hHw6fc+lr2ZaM"
strict-transport-security
max-age=31536000; includeSubDomains; preload
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=pDas0k5t6N9wQwLkVc%2FOsYFJbVa8oKR2MW7K4XrfGXgMHNBt4ayqwlCbdherVQt1vh1sZ7%2FDOUx2htRwpMiCUwXn2b64tpcymc3WsRaEo6DHsnllSC4oJVK2m9h5ksMBkwg%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
vary
Accept-Encoding
cache-control
public, max-age=604800, s-maxage=43200
cf-ray
74f82be64939df91-MEL
access-control-expose-headers
*
show_ads_impl_fy2021.js
pagead2.googlesyndication.com/pagead/managed/js/adsense/m202209120102/ 		348 KB
123 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202209120102/show_ads_impl_fy2021.js
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js?client=ca-pub-2304251511741078
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.251.12.154 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
se-in-f154.1e100.net
Software
cafe /
Resource Hash
0ee68636d99ccf0650a96b5c70a64ba9365f23b331e496775ce82a0bf6687125
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://uclck.me/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sat, 24 Sep 2022 02:43:17 GMT
content-encoding
gzip
x-content-type-options
nosniff
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
125794
x-xss-protection
0
server
cafe
etag
16586402277355294788
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
cache-control
private, max-age=1209600
timing-allow-origin
*
expires
Sat, 24 Sep 2022 02:43:17 GMT
zrt_lookup.html
googleads.g.doubleclick.net/pagead/html/r20220921/r20190131/ Frame E10B 		10 KB
5 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/pagead/html/r20220921/r20190131/zrt_lookup.html
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js?client=ca-pub-2304251511741078
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.217.194.156 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
si-in-f156.1e100.net
Software
cafe /
Resource Hash
f7408c25067cd0a9d9fe835cb4c05e394a50751d3fcde0c461db19a309abb02a
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://uclck.me/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
en-AU,en;q=0.9

Response headers

age
2966
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control
public, max-age=1209600
content-encoding
gzip
content-length
4420
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Sat, 24 Sep 2022 01:53:50 GMT
etag
9671129459699598864
expires
Sat, 08 Oct 2022 01:53:50 GMT
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server
cafe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
js
www.googletagmanager.com/gtag/ 		207 KB
73 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagmanager.com/gtag/js?id=G-R2YST6Q76N&l=dataLayer&cx=c
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=GTM-P23ZKGH
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
74.125.200.97 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sa-in-f97.1e100.net
Software
Google Tag Manager /
Resource Hash
520c94b28b76b7a3707f05f1afe4b13b91a6db04224eadca01bb91fc6a215839
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://uclck.me/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sat, 24 Sep 2022 02:43:17 GMT
content-encoding
br
server
Google Tag Manager
access-control-allow-headers
Cache-Control
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
strict-transport-security
max-age=31536000; includeSubDomains
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
74538
x-xss-protection
0
expires
Sat, 24 Sep 2022 02:43:17 GMT
cookie.js
partner.googleadservices.com/gampad/ 		383 B
694 B 		Script
General
Check archive.org
Download Go to
Full URL
https://partner.googleadservices.com/gampad/cookie.js?domain=uclck.me&callback=_gfp_s_&client=ca-pub-2304251511741078&gpid_exp=1
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202209120102/show_ads_impl_fy2021.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.251.10.157 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sd-in-f157.1e100.net
Software
cafe /
Resource Hash
b0b79db3dee0d9c918e8fa79bbef6b6797df7c523045a7cc512d8cea3706e33e
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://uclck.me/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sat, 24 Sep 2022 02:43:18 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
content-type
text/javascript; charset=UTF-8
cache-control
private
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
249
x-xss-protection
0
integrator.js
adservice.google.com.au/adsid/ 		107 B
792 B 		Script
General
Check archive.org
Download Go to
Full URL
https://adservice.google.com.au/adsid/integrator.js?domain=uclck.me
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202209120102/show_ads_impl_fy2021.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.251.12.154 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
se-in-f154.1e100.net
Software
cafe /
Resource Hash
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://uclck.me/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

timing-allow-origin
*
date
Sat, 24 Sep 2022 02:43:18 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
p3p
CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control
private, no-cache, no-store
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
content-type
application/javascript; charset=UTF-8
alt-svc
h3="googleads.g.doubleclick.net:443"; ma=2592000,h3=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length
100
x-xss-protection
0
integrator.js
adservice.google.com/adsid/ 		107 B
549 B 		Script
General
Check archive.org
Download Go to
Full URL
https://adservice.google.com/adsid/integrator.js?domain=uclck.me
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202209120102/show_ads_impl_fy2021.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.217.194.155 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
si-in-f155.1e100.net
Software
cafe /
Resource Hash
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://uclck.me/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

timing-allow-origin
*
date
Sat, 24 Sep 2022 02:43:18 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
p3p
CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control
private, no-cache, no-store
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
content-type
application/javascript; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
100
x-xss-protection
0
ads
googleads.g.doubleclick.net/pagead/ Frame D1A6 		603 B
221 B 		Document
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-2304251511741078&output=html&adk=1812271804&adf=3025194257&lmt=1663987397&plat=9%3A32776%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C30%3A1081344%2C32%3A32&format=0x0&url=https%3A%2F%2Fuclck.me%2FunJTx&ea=0&pra=5&wgl=1&easpi=0&asntp=0&asntpv=0&asntpl=0&asntpm=0&asntpc=0&asna=5&asnd=5&asnp=5&asns=5&asmat=1&asptt=-1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1663987396135&bpp=3&bdt=3178&idt=1539&shv=r20220921&mjsv=m202209120102&ptt=9&saldr=aa&abxe=1&nras=1&correlator=5768601718578&frm=20&pv=2&ga_vid=141835102.1663987398&ga_sid=1663987398&ga_hid=1739226492&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C31068920&oid=2&pvsid=1331828860527782&tmod=1169871571&uas=0&nvt=1&eae=2&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=32768&bc=31&ifi=1&uci=a!1&fsb=1&dtd=1555
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202209120102/show_ads_impl_fy2021.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.217.194.156 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
si-in-f156.1e100.net
Software
cafe /
Resource Hash
00daef3b4a945d15f73efa05e0ce2ca51f2f8252e1da8fae5c2efb0f6dddacce
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://uclck.me/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
en-AU,en;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-encoding
br
content-length
46
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Sat, 24 Sep 2022 02:43:18 GMT
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server
cafe
timing-allow-origin
*
x-content-type-options
nosniff
x-xss-protection
0
collect
www.google-analytics.com/g/ 		0
342 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://www.google-analytics.com/g/collect?v=2&tid=G-R2YST6Q76N&gtm=2oe9l0&_p=1739226492&cid=141835102.1663987398&ul=en-us&sr=1600x1200&_z=ccd.v9B&_s=1&sid=1663987397&sct=1&seg=0&dl=https%3A%2F%2Fuclck.me%2FunJTx&dt=MarsBahis%20OFFICIAL%20%7C%20Marsbahis%20Giri%C5%9F%20%C4%B0%C3%A7in%20T%C4%B1klay%C4%B1n!%20-%20YouClick.link&en=page_view&_fv=1&_ss=1
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-R2YST6Q76N&l=dataLayer&cx=c
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
74.125.130.113 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sb-in-f113.1e100.net
Software
Golfe2 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://uclck.me/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 24 Sep 2022 02:43:18 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://uclck.me
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
1
mc.yandex.ru/watch/87651738/
Redirect Chain
  • https://mc.yandex.ru/watch/87651738?wmode=7&page-url=https%3A%2F%2Fuclck.me%2FunJTx&charset=utf-8&browser-info=pv%3A1%3Agdpr%3A14%3Avf%3Aat6op7b9z7b01ildsv2t4%3Afp%3A4300%3Afu%3A0%3Aen%3Autf-8%3Ala...
  • https://mc.yandex.ru/watch/87651738/1?wmode=7&page-url=https%3A%2F%2Fuclck.me%2FunJTx&charset=utf-8&browser-info=pv%3A1%3Agdpr%3A14%3Avf%3Aat6op7b9z7b01ildsv2t4%3Afp%3A4300%3Afu%3A0%3Aen%3Autf-8%3A...
427 B
581 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://mc.yandex.ru/watch/87651738/1?wmode=7&page-url=https%3A%2F%2Fuclck.me%2FunJTx&charset=utf-8&browser-info=pv%3A1%3Agdpr%3A14%3Avf%3Aat6op7b9z7b01ildsv2t4%3Afp%3A4300%3Afu%3A0%3Aen%3Autf-8%3Ala%3Aen-US%3Av%3A904%3Acn%3A1%3Adp%3A0%3Als%3A1446906954521%3Ahid%3A1022670668%3Az%3A0%3Ai%3A20220924024318%3Aet%3A1663987399%3Ac%3A1%3Arn%3A738180417%3Arqn%3A1%3Au%3A16639873991030333140%3Aw%3A1600x1200%3As%3A1600x1200x24%3Ask%3A1%3Awv%3A2%3Ads%3A45%2C196%2C1666%2C1%2C%2C0%2C%2C3473%2C1%2C%2C%2C%2C5385%3Acpf%3A1%3Ans%3A1663987391046%3Arqnl%3A1%3Ast%3A1663987399%3At%3AMarsBahis%20OFFICIAL%20%7C%20Marsbahis%20Giri%C5%9F%20%C4%B0%C3%A7in%20T%C4%B1klay%C4%B1n%21%20-%20YouClick.link&t=gdpr%2814%29clc%280-0-0%29aw%281%29rqnt%281%29rqnl%281%29ti%282%29
Protocol
H2
Server
93.158.134.119 , Russian Federation, ASN13238 (YANDEX, RU),
Reverse DNS
mc.yandex.ru
Software
/
Resource Hash
c371b8c235526644fcffbf252f24a0240a82562e54ec75b02f50d7e765e0341e
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://uclck.me/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 24 Sep 2022 02:43:19 GMT
x-content-type-options
nosniff
last-modified
Sat, 24-Sep-2022 02:43:19 GMT
strict-transport-security
max-age=31536000
content-type
application/json; charset=utf-8
access-control-allow-origin
https://uclck.me
cache-control
private, no-cache, no-store, must-revalidate, max-age=0
access-control-allow-credentials
true
content-length
427
x-xss-protection
1; mode=block
expires
Sat, 24-Sep-2022 02:43:19 GMT

Redirect headers

pragma
no-cache
date
Sat, 24 Sep 2022 02:43:18 GMT
last-modified
Sat, 24-Sep-2022 02:43:18 GMT
location
/watch/87651738/1?wmode=7&page-url=https%3A%2F%2Fuclck.me%2FunJTx&charset=utf-8&browser-info=pv%3A1%3Agdpr%3A14%3Avf%3Aat6op7b9z7b01ildsv2t4%3Afp%3A4300%3Afu%3A0%3Aen%3Autf-8%3Ala%3Aen-US%3Av%3A904%3Acn%3A1%3Adp%3A0%3Als%3A1446906954521%3Ahid%3A1022670668%3Az%3A0%3Ai%3A20220924024318%3Aet%3A1663987399%3Ac%3A1%3Arn%3A738180417%3Arqn%3A1%3Au%3A16639873991030333140%3Aw%3A1600x1200%3As%3A1600x1200x24%3Ask%3A1%3Awv%3A2%3Ads%3A45%2C196%2C1666%2C1%2C%2C0%2C%2C3473%2C1%2C%2C%2C%2C5385%3Acpf%3A1%3Ans%3A1663987391046%3Arqnl%3A1%3Ast%3A1663987399%3At%3AMarsBahis%20OFFICIAL%20%7C%20Marsbahis%20Giri%C5%9F%20%C4%B0%C3%A7in%20T%C4%B1klay%C4%B1n%21%20-%20YouClick.link&t=gdpr%2814%29clc%280-0-0%29aw%281%29rqnt%281%29rqnl%281%29ti%282%29
strict-transport-security
max-age=31536000
access-control-allow-origin
https://uclck.me
cache-control
private, no-cache, no-store, must-revalidate, max-age=0
access-control-allow-credentials
true
x-xss-protection
1; mode=block
expires
Sat, 24-Sep-2022 02:43:18 GMT
sodar
pagead2.googlesyndication.com/getconfig/ 		14 KB
11 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gda&tv=r20220921&st=env
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202209120102/show_ads_impl_fy2021.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.251.12.154 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
se-in-f154.1e100.net
Software
cafe /
Resource Hash
af2047db4ca08fdfbd953f2853cca690f298f8e59e1c1cf72e6efbcca757aff2
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://uclck.me/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

timing-allow-origin
*
date
Sat, 24 Sep 2022 02:43:19 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin
*
cache-control
private
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
content-type
application/json; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
11146
x-xss-protection
0
advert.gif
mc.yandex.ru/metrika/ 		43 B
136 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://mc.yandex.ru/metrika/advert.gif
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
93.158.134.119 , Russian Federation, ASN13238 (YANDEX, RU),
Reverse DNS
mc.yandex.ru
Software
/
Resource Hash
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://uclck.me/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sat, 24 Sep 2022 02:43:18 GMT
last-modified
Fri, 23 Sep 2022 11:23:31 GMT
etag
"632d6d03-2b"
strict-transport-security
max-age=31536000
content-type
image/gif
access-control-allow-origin
*
cache-control
max-age=3600
accept-ranges
bytes
content-length
43
expires
Sat, 24 Sep 2022 03:43:18 GMT
sodar2.js
tpc.googlesyndication.com/sodar/ 		17 KB
7 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/sodar2.js
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202209120102/show_ads_impl_fy2021.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
74.125.130.132 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sb-in-f132.1e100.net
Software
sffe /
Resource Hash
61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://uclck.me/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sat, 24 Sep 2022 02:43:20 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
6386
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
etag
"1637097310169751"
vary
Accept-Encoding
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
expires
Sat, 24 Sep 2022 02:43:20 GMT
runner.html
tpc.googlesyndication.com/sodar/sodar2/225/ Frame D06B 		13 KB
5 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
74.125.130.132 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sb-in-f132.1e100.net
Software
sffe /
Resource Hash
55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://uclck.me/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
en-AU,en;q=0.9

Response headers

accept-ranges
bytes
age
130774
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control
public, max-age=31536000
content-encoding
gzip
content-length
5046
content-type
text/html
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy
cross-origin
date
Thu, 22 Sep 2022 14:23:46 GMT
expires
Fri, 22 Sep 2023 14:23:46 GMT
last-modified
Mon, 21 Jun 2021 20:47:05 GMT
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server
sffe
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
aframe
www.google.com/recaptcha/api2/ Frame DD24 		783 B
1 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://www.google.com/recaptcha/api2/aframe
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
74.125.130.147 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sb-in-f147.1e100.net
Software
GSE /
Resource Hash
81fbaa6715c8211d04f74a97c99b50ebba273cc3e1b0568ee3a7332e756836b1
Security Headers
Name Value
Content-Security-Policy script-src 'report-sample' 'nonce-LtUyyvT9krQrFIA7ta6NyA' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
https://uclck.me/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
en-AU,en;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control
private, max-age=300
content-encoding
gzip
content-length
512
content-security-policy
script-src 'report-sample' 'nonce-LtUyyvT9krQrFIA7ta6NyA' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-type
text/html; charset=utf-8
cross-origin-embedder-policy
require-corp
cross-origin-resource-policy
cross-origin
date
Sat, 24 Sep 2022 02:43:20 GMT
expires
Sat, 24 Sep 2022 02:43:20 GMT
report-to
{"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
server
GSE
x-content-type-options
nosniff
x-xss-protection
1; mode=block
lNPcL4AZZQ8z9NJpy71wtXJu_aTy2V1-RO76Pd5QcdQ.js
pagead2.googlesyndication.com/bg/ Frame D06B 		36 KB
16 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/bg/lNPcL4AZZQ8z9NJpy71wtXJu_aTy2V1-RO76Pd5QcdQ.js
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.251.12.154 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
se-in-f154.1e100.net
Software
sffe /
Resource Hash
94d3dc2f8019650f33f4d269cbbd70b5726efda4f2d95d7e44eefa3dde5071d4
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://tpc.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 21 Sep 2022 21:55:59 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
190041
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
15861
x-xss-protection
0
last-modified
Mon, 19 Sep 2022 14:48:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="botguard-scs"
vary
Accept-Encoding
report-to
{"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Thu, 21 Sep 2023 21:55:59 GMT
sodar
pagead2.googlesyndication.com/pagead/ Frame DD24 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&li=gda_r20220921&jk=1331828860527782&rc=
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.251.12.154 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
se-in-f154.1e100.net
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.google.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers
generate_204
tpc.googlesyndication.com/ Frame D06B 		0
10 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tpc.googlesyndication.com/generate_204?Xsjz_w
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
74.125.130.132 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sb-in-f132.1e100.net
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sat, 24 Sep 2022 02:43:20 GMT
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
sodar
pagead2.googlesyndication.com/pagead/ 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&t=2&li=gda_r20220921&jk=1331828860527782&bg=!JCelJ2PNAAYIxsuQKMY7ACkAdvg8WhAWtFIx3T7T_WIu5hjhVptqvsnro4oucUYP14aZcW8_xWzqIQIAAABFUgAAAAJoAQeZAqh7d0B_3NfEHllElMg8f5TDfK7hhvSslFliweOPCWiDHqeEIk3ratlu6L-MgzsycxJL5dEZtvyKeYrz2eaIXjaFH4m-ckKwp0edNRAd7gfT-xELZW5ycn84dz1hccF9QcNZl-mwGcYp3ECVPXwg-3BT-qOC9fC7erhTGhmjk64RALyS_jHmKKD5YWEangwAM268CgWPqIon-en4NmIZMkgOKFrgyLWPVqreL2M0Pktr_1vpM_2Oa0tuWVWWuY4efcQuBl8ATmzhuW5FHc3y7w0X8ZCdyDg6rnpV31QUPLugilVqXue2YOGwKOUeJ7M5CVOsNE-74i9lKWLxx8KzNyoZSYJ64AagbrcppnQc0ZRQJs6oMCIJkwMySwiFOXmSluqtqydeg_UPvLTFXrwTS6ltx9GxTOSE59Ya3Sg05V5rHYlSCG8fNWc9Pysr6MXb7fv0zagWWvvvsA1bQGXFu3tYo0Bmnid4RrL8qXXl7EzDmjrAMP3VERAuB-UCzuZ5PvdlPLd3i88zddzGaSR_GhUyqVn5q9--3WtLWScYMyy3GDbGu_3hE37IqE2L9wWT_Z32ZYSnXhOYFKyAntvhErxTe9UBXlTEokRsCF8QW4N-Ki8C0rc7WM5pmYwobbvnMuExmXV-yKJnlWDyyzCpXWf90nv6ZrFomh_lUCcp5QQrFPDj-91Shm_lplftn1WCGZ5GB38EWweQma6cUA-KDwErM3KDuviE4KxrHnjKCpyXyg-NIqCmmXDEJmmxNVoaO5gRDjaZiUrSTFgPyeLIia-QD9-3BcGJRb5KL-8ImDjvwsHhW8Iu6SFPl9q50oYeE-zZsuMIqKSCTqJgyjsvDzSrEtWCfpB8KYBxzQXaA0it3gWKYKCCMZCqfUFOi4_EHEGA6yx1SxvO8w
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.251.12.154 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
se-in-f154.1e100.net
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://uclck.me/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Verdicts & Comments Add Verdict or Comment

76 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| 0 object| 1 object| 2 object| onbeforeinput object| oncontextlost object| oncontextrestored function| structuredClone object| launchQueue object| onbeforematch function| getScreenDetails function| queryLocalFonts object| navigation number| count number| countdown function| ym function| $ function| jQuery object| bootstrap function| SVGInjector object| feather function| gtag object| dataLayer function| BlockAdBlock object| blockAdBlock object| detect object| google_js_reporting_queue number| google_srt object| google_logging_queue number| tmod object| google_ad_modifications object| ggeac object| google_persistent_state_async boolean| google_measure_js_timing object| google_tag_data object| google_reactive_ads_global_state object| adsbygoogle boolean| _gfp_a_ object| google_sa_queue function| google_process_slots function| google_spfd number| google_unique_id object| google_sv_map number| google_rum_task_id_counter string| google_user_agent_client_hint function| engageBlock undefined| Coupon object| SvgInjector undefined| Tooltip undefined| Dropdown undefined| PasswordText undefined| Pricing undefined| ScrollTo undefined| Select function| livesearch function| applytax function| refreshlinks function| triggerShortModal object| litHtmlVersions function| JSCompiler_renameProperty object| litElementVersions object| google_tag_manager function| google_sa_impl object| googleToken object| googleIMState boolean| _gfp_p_ function| processGoogleToken number| google_global_correlator object| google_prev_clients object| gaGlobal object| ampInaboxIframes object| ampInaboxPendingMessages function| onYouTubeIframeAPIReady object| Ya object| yaCounter87651738 object| GoogleGcLKhOms object| google_image_requests

15 Cookies

Domain/Path Name / Value
uclck.me/ Name: PHPSESSID
Value: b88ce67df5ccba379c330b00ad670bc5
uclck.me/ Name: short_5200
Value: 1
.uclck.me/ Name: _ga_R2YST6Q76N
Value: GS1.1.1663987397.1.0.1663987397.0.0.0
.uclck.me/ Name: _ga
Value: GA1.1.141835102.1663987398
.doubleclick.net/ Name: test_cookie
Value: CheckForPermission
.uclck.me/ Name: __gads
Value: ID=30ea262d0d802495-2258ee5eb2d600fb:T=1663987398:RT=1663987398:S=ALNI_MbLoUhdAFhTmfWHKAvX94ox1wI1uA
.uclck.me/ Name: __gpi
Value: UID=000009dbf7806e50:T=1663987398:RT=1663987398:S=ALNI_MZ_NraKH_L60gF-xB0WgtAbfu-DFQ
.uclck.me/ Name: _ym_uid
Value: 16639873991030333140
.uclck.me/ Name: _ym_d
Value: 1663987399
.yandex.ru/ Name: yandexuid
Value: 4105809331663987398
.yandex.ru/ Name: yuidss
Value: 4105809331663987398
mc.yandex.ru/ Name: yabs-sid
Value: 50952031663987398
.yandex.ru/ Name: i
Value: wR7Wctni8P55macpefhpSkmCRBZPFA8U7OA8OA/gvnn5kZS1q6h3dRavWTu9vUR1O0dElDlZNI3NDJKHprJwGRcCMys=
.yandex.ru/ Name: ymex
Value: 1979347398.yrts.1663987398#1979347398.yrtsi.1663987398
.uclck.me/ Name: _ym_isad
Value: 2

1 Console Messages

Source Level URL
Text
network error URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-2304251511741078&output=html&adk=1812271804&adf=3025194257&lmt=1663987397&plat=9%3A32776%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C30%3A1081344%2C32%3A32&format=0x0&url=https%3A%2F%2Fuclck.me%2FunJTx&ea=0&pra=5&wgl=1&easpi=0&asntp=0&asntpv=0&asntpl=0&asntpm=0&asntpc=0&asna=5&asnd=5&asnp=5&asns=5&asmat=1&asptt=-1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1663987396135&bpp=3&bdt=3178&idt=1539&shv=r20220921&mjsv=m202209120102&ptt=9&saldr=aa&abxe=1&nras=1&correlator=5768601718578&frm=20&pv=2&ga_vid=141835102.1663987398&ga_sid=1663987398&ga_hid=1739226492&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C31068920&oid=2&pvsid=1331828860527782&tmod=1169871571&uas=0&nvt=1&eae=2&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=32768&bc=31&ifi=1&uci=a!1&fsb=1&dtd=1555
Message:
Failed to load resource: the server responded with a status of 403 ()

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

adservice.google.com
adservice.google.com.au
cdn.jsdelivr.net
cdnjs.cloudflare.com
fonts.googleapis.com
fonts.gstatic.com
googleads.g.doubleclick.net
image.thum.io
mc.yandex.ru
pagead2.googlesyndication.com
partner.googleadservices.com
tpc.googlesyndication.com
uclck.me
www.google-analytics.com
www.google.com
www.googletagmanager.com
youclick.link
104.16.85.20
104.17.25.14
104.21.0.194
104.21.13.205
142.251.10.157
142.251.10.94
142.251.12.154
172.217.194.155
172.217.194.156
172.217.194.95
54.192.150.29
74.125.130.113
74.125.130.132
74.125.130.147
74.125.200.97
93.158.134.119
00daef3b4a945d15f73efa05e0ce2ca51f2f8252e1da8fae5c2efb0f6dddacce
07a6046ca92afd53f59064740b2d812f2016336ad674740de2a06b3d90383390
0893f3413251d1c152cc83ead398f13c2afefd44af721faf2ed4bafc6b273db6
0ee68636d99ccf0650a96b5c70a64ba9365f23b331e496775ce82a0bf6687125
14a00c6fcf4b4acfb975bcf5c63394e6e3d4bb919ff42244fa5890f1ffc5c771
20d57d7c597cbad1f416f6d5fa79599aa15f16a70c4efa44e3a29dc385d310d2
262a1054100218e2efaa4b2e214e4fb8e920c5a30a53300b80145511df3de895
32052cc706d52301bbfc3cb10546acae464da944a38de9687606e8b5d91eeee9
450f3ba4e47ee174bd9692b396f264b907d37d2528f53911760f3d0edb785f7e
45606f837ab8530c01f3602592ed7a118450be4ef3f629ca644d0543099e5c6b
520c94b28b76b7a3707f05f1afe4b13b91a6db04224eadca01bb91fc6a215839
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87
55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a
61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb
76ccae4dde78bdcf17567799692d02b85c8574f496a268cba4edf30bd856aa5f
7d60f6be3a54a3cf6b48e76e50f9b029391f4e21f5cf26523c40b7a4cf555602
7f4f8fd3201d7854fc3bcfa85dba732a7fe599db6c6507b45b686e9c028c1b0c
81fbaa6715c8211d04f74a97c99b50ebba273cc3e1b0568ee3a7332e756836b1
8c0936d69e969e9263354ec4805a7c1a336535dc356919683bd81dd06734dc05
94d3dc2f8019650f33f4d269cbbd70b5726efda4f2d95d7e44eefa3dde5071d4
9ad1cfcdc0e18cecb5436e8e0be486db7a589f5801443f620903dc196401017b
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
aa7655ed1941f9841258e3cdd098c4e204a46c4e92f3fac7527495a3b5ad7e74
af2047db4ca08fdfbd953f2853cca690f298f8e59e1c1cf72e6efbcca757aff2
b01eb054bb9ad28b44e1e4aeea81c9668e58b2e4d177e83c6574200b5472280f
b0b79db3dee0d9c918e8fa79bbef6b6797df7c523045a7cc512d8cea3706e33e
c371b8c235526644fcffbf252f24a0240a82562e54ec75b02f50d7e765e0341e
da25e1368c19e154a0fa54b2ab3275c94056039453e76cea56c234b68a342129
df35392ebe2722ddcafc180639031db9a8ed65c3d5f5e94833fdb74435d1a77a
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
f5ae8aaa46c2cc3585cb0d1bfb2b22da45a7027d98ff9800083ffddc259f6b4c
f7408c25067cd0a9d9fe835cb4c05e394a50751d3fcde0c461db19a309abb02a
fc981871b8271bea9270a3af4f77bb50d37101e555dd6801fe7ecf9e26a9b12b