urlscan.io logo urlscan.io
SecurityTrails logo

clickmetertracking.com Open in urlscan Pro
23.21.166.230  Public Scan

Go To Rescan Add Verdict Report
Submitted URL: http://u.to/pIdzGQ
Effective URL: http://clickmetertracking.com/y9wx
Submission: On March 27 via manual from US
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 11 IPs in 3 countries across 10 domains to perform 23 HTTP transactions. The main IP is 23.21.166.230, located in Ashburn, United States and belongs to AMAZON-AES, US. The main domain is clickmetertracking.com.
This is the only time clickmetertracking.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
1 2 195.216.243.155 57724 (DDOS-GUARD)
1 2a00:1450:400... 15169 (GOOGLE)
2 2a02:6b8::90 13238 (YANDEX)
2 4 88.212.201.210 39134 (UNITEDNET)
1 138.201.195.51 24940 (HETZNER-AS)
4 2a00:1450:400... 15169 (GOOGLE)
3 2a02:6b8:20::215 13238 (YANDEX)
6 12 2a02:6b8::1:119 13238 (YANDEX)
1 23.21.166.230 14618 (AMAZON-AES)
1 2a00:1450:400... 15169 (GOOGLE)
1 52.216.130.171 16509 (AMAZON-02)
23 11
2    195.216.243.155 (Moscow, Russian Federation)

ASN57724 (DDOS-GUARD, RU)
PTR: s5.unet.com
u.to
1    2a00:1450:4001:827::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
fonts.googleapis.com
2    2a02:6b8::90 (Moscow, Russian Federation)

ASN13238 (YANDEX, RU)
an.yandex.ru
4    88.212.201.210 (Russian Federation)

ASN39134 (UNITEDNET, RU)
PTR: host210.rax.ru
counter.yadro.ru
1    138.201.195.51 (Germany)

ASN24940 (HETZNER-AS, DE)
PTR: static.51.195.201.138.clients.your-server.de
report.smartcount.net
4    2a00:1450:4001:808::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
fonts.gstatic.com
3    2a02:6b8:20::215 (Moscow, Russian Federation)

ASN13238 (YANDEX, RU)
yastatic.net
12    2a02:6b8::1:119 (Moscow, Russian Federation)

ASN13238 (YANDEX, RU)
mc.yandex.ru
mc.yandex.com
1    23.21.166.230 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-23-21-166-230.compute-1.amazonaws.com
clickmetertracking.com
1    2a00:1450:4001:828::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
fonts.googleapis.com
1    52.216.130.171 (Ashburn, United States)

ASN16509 (AMAZON-02, US)
PTR: s3-1-w.amazonaws.com
clickmeter-com.s3.amazonaws.com
Domain Requested by
8 mc.yandex.com 4 redirects u.to
mc.yandex.ru
4 mc.yandex.ru 2 redirects an.yandex.ru
4 fonts.gstatic.com fonts.googleapis.com
4 counter.yadro.ru 2 redirects u.to
3 yastatic.net an.yandex.ru
2 an.yandex.ru u.to
an.yandex.ru
2 fonts.googleapis.com u.to
clickmetertracking.com
2 u.to 1 redirects
1 clickmeter-com.s3.amazonaws.com clickmetertracking.com
1 clickmetertracking.com u.to
1 report.smartcount.net u.to
23 11

This site contains links to these domains. Also see Links.

Domain
www.clickmeter.com
Subject Issuer Validity Valid
u.to
GoGetSSL RSA DV CA		 2020-10-09 -
2021-10-09		 a year crt.sh
upload.video.google.com
GTS CA 1O1		 2021-03-11 -
2021-06-03		 3 months crt.sh
bs.yandex.ru
Yandex CA		 2020-12-17 -
2021-06-17		 6 months crt.sh
counter.yadro.ru
R3		 2021-03-22 -
2021-06-20		 3 months crt.sh
report.smartcount.net
R3		 2021-02-27 -
2021-05-28		 3 months crt.sh
*.gstatic.com
GTS CA 1O1		 2021-03-11 -
2021-06-03		 3 months crt.sh
*.yastatic.net
Yandex CA		 2021-03-03 -
2021-09-01		 6 months crt.sh
mc.yandex.ru
Yandex CA		 2021-02-27 -
2021-08-09		 5 months crt.sh

This page contains 1 frames:

Primary Page: http://clickmetertracking.com/y9wx
Frame ID: B713DC111FAD8C36C5E90DF400E3B14F
Requests: 23 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page URL History Show full URLs

  1. http://u.to/pIdzGQ HTTP 301
    https://u.to/pIdzGQ Page URL
  2. http://clickmetertracking.com/y9wx Page URL

Detected technologies

Overall confidence: 100%
Detected patterns
  • headers server /nginx(?:\/([\d.]+))?/i

Page Statistics

23
Requests

78 %
HTTPS

55 %
IPv6

10
Domains

11
Subdomains

11
IPs

3
Countries

303 kB
Transfer

972 kB
Size

0
Cookies

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

  1. http://u.to/pIdzGQ HTTP 301
    https://u.to/pIdzGQ Page URL
  2. http://clickmetertracking.com/y9wx Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 0
  • http://u.to/pIdzGQ HTTP 301
  • https://u.to/pIdzGQ
Request Chain 3
  • https://counter.yadro.ru/hit;uto_adv_links?r;s1600*1200*24;uhttps%3A//u.to/pIdzGQ;1616829164434 HTTP 302
  • https://counter.yadro.ru/hit;uto_adv_links?q;r;s1600*1200*24;uhttps%3A//u.to/pIdzGQ;1616829164434
Request Chain 4
  • https://counter.yadro.ru/hit;uto_adv_links_desktop?r;s1600*1200*24;uhttps%3A//u.to/pIdzGQ;1616829164434 HTTP 302
  • https://counter.yadro.ru/hit;uto_adv_links_desktop?q;r;s1600*1200*24;uhttps%3A//u.to/pIdzGQ;1616829164434
Request Chain 13
  • https://mc.yandex.com/sync_cookie_image_check HTTP 302
  • https://mc.yandex.ru/sync_cookie_image_start?redirect_domain=mc.yandex.com&token=9225.F011DcLzpcC4VB_mk8rlaBATRHVB5S3lI8XvTHWg36LhDQYvv9KX5Hrh8eB468bV.nJo4hIiAgl2VNLRU8PKnDlLfxKo%2C HTTP 302
  • https://mc.yandex.com/sync_cookie_image_decide?token=9225.GCNRjtdIegR_ZXZHcWVBohpiGi_-_CcBv9KuNDHqbXv62pBbnbWC-tPwWOmZKqxiLrE32oUZjBZyT_zzGVlSTA%2C%2C.TZKAXv9wRniZ10bV7FfsqW35osY%2C
Request Chain 14
  • https://mc.yandex.com/watch/508703?wmode=7&page-url=https%3A%2F%2Fu.to%2FpIdzGQ&nohit=1&charset=utf-8&cnt-class=1&browser-info=pv%3A1%3Agdpr%3A14%3Avf%3A2z9ezuq74htnozj%3Afu%3A0%3Aen%3Autf-8%3Ala%3Aen-US%3Av%3A474%3Acn%3A1%3Adp%3A0%3Als%3A1027167115309%3Ahid%3A510449662%3Az%3A60%3Ai%3A20210327081245%3Aet%3A1616829166%3Ac%3A1%3Arn%3A344365765%3Au%3A1616829166657922012%3Aw%3A1600x1200%3As%3A1600x1200x24%3Ask%3A1%3Ahdl%3A1%3Ans%3A1616829163803%3Arqnl%3A1%3Ati%3A2%3Ast%3A1616829166%3At%3ARedirection HTTP 302
  • https://mc.yandex.com/watch/508703/1?wmode=7&page-url=https%3A%2F%2Fu.to%2FpIdzGQ&nohit=1&charset=utf-8&cnt-class=1&browser-info=pv%3A1%3Agdpr%3A14%3Avf%3A2z9ezuq74htnozj%3Afu%3A0%3Aen%3Autf-8%3Ala%3Aen-US%3Av%3A474%3Acn%3A1%3Adp%3A0%3Als%3A1027167115309%3Ahid%3A510449662%3Az%3A60%3Ai%3A20210327081245%3Aet%3A1616829166%3Ac%3A1%3Arn%3A344365765%3Au%3A1616829166657922012%3Aw%3A1600x1200%3As%3A1600x1200x24%3Ask%3A1%3Ahdl%3A1%3Ans%3A1616829163803%3Arqnl%3A1%3Ati%3A2%3Ast%3A1616829166%3At%3ARedirection
Request Chain 16
  • https://mc.yandex.com/sync_cookie_image_check HTTP 302
  • https://mc.yandex.ru/sync_cookie_image_start?redirect_domain=mc.yandex.com&token=9225.KKdqQLGtmbCjJhIyUrnQew3fbFeCeCLMRpsB4OEmWeEP0OxU-1ja6z395hIKaUUR.VlSCEzBfKWsF1_kgs7uE9tU9JRQ%2C HTTP 302
  • https://mc.yandex.com/sync_cookie_image_decide?token=9225.R-8bl5wwGimEqA2DPUbohhP2zUx2HV0vGW1ckI2o1yq-uNqf72Hm3vhqy8BPWMf_tPGK2owPnF-xuqPDfeK3EA%2C%2C._z7W0DndO2t7LnRiX-eYsTuhqbY%2C HTTP 302
  • https://mc.yandex.ru/sync_cookie_image_finish?redirect_domain=mc.yandex.com&token=9225.ahA8HaMcnwz7DNG-950k8FYY8dW7bEGe0bjjIyZqqAGFalISuQylc3g-bcAajrh_w8QDO-XbLQNjk7vims-GPw%2C%2C.8FiukBOByrr3qkWoJ2LQCCLrpOA%2C

23 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
Cookie set pIdzGQ
u.to/
Redirect Chain
  • http://u.to/pIdzGQ
  • https://u.to/pIdzGQ
8 KB
3 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://u.to/pIdzGQ
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
195.216.243.155 Moscow, Russian Federation, ASN57724 (DDOS-GUARD, RU),
Reverse DNS
s5.unet.com
Software
nginx/1.8.0 /
Resource Hash
8f385c5a4cd08b78e6f158b17e2934c14e0489bcd268bc0e172e3cb1ff0d9ba4

Request headers

Host
u.to
Connection
keep-alive
Pragma
no-cache
Cache-Control
no-cache
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Sec-Fetch-Site
none
Sec-Fetch-Mode
navigate
Sec-Fetch-User
?1
Sec-Fetch-Dest
document
Accept-Encoding
gzip, deflate, br
Accept-Language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Server
nginx/1.8.0
Date
Sat, 27 Mar 2021 07:12:44 GMT
Content-Type
text/html; charset=UTF-8
Transfer-Encoding
chunked
Connection
keep-alive
Keep-Alive
timeout=15
Set-Cookie
lng=de; path=/; expires=Sun, 27-Mar-2022 07:12:44 GMT; domain=.u.to;
Cache-Control
no-cache no-store
Pragma
no-cache
Vary
host
Content-Encoding
gzip

Redirect headers

Server
nginx/1.8.0
Date
Sat, 27 Mar 2021 07:12:43 GMT
Content-Type
text/html
Content-Length
184
Connection
keep-alive
Keep-Alive
timeout=15
Location
https://u.to/pIdzGQ
css
fonts.googleapis.com/ 		2 KB
507 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://fonts.googleapis.com/css?family=Lato:400,700,900
Requested by
Host: u.to
URL: https://u.to/pIdzGQ
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:827::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
2bf12dd09417bd879194b11b5d2a4e81f78e12f3e0869f16e038003b4636a525
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Referer
https://u.to/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection
0
last-modified
Sat, 27 Mar 2021 05:44:08 GMT
server
ESF
date
Sat, 27 Mar 2021 07:12:44 GMT
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Sat, 27 Mar 2021 07:12:44 GMT
context.js
an.yandex.ru/system/ 		127 KB
36 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://an.yandex.ru/system/context.js
Requested by
Host: u.to
URL: https://u.to/pIdzGQ
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
2a02:6b8::90 Moscow, Russian Federation, ASN13238 (YANDEX, RU),
Reverse DNS
Software
/
Resource Hash
3755e61ac2c744dac9b710c492aa6289ff48b2555194aaff20ca6902fd56294b
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

Referer
https://u.to/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

timing-allow-origin
*
strict-transport-security
max-age=31536000
content-encoding
br
etag
4016443931
x-yandex-req-id
1616829164558288-1057679736422297027400101-production-app-host-sas-pcode-8
content-type
text/javascript
access-control-allow-origin
*
cache-control
private, max-age=3600
x-robots-tag
noindex, noarchive, nofollow
expires
Sat, 27 Mar 2021 08:12:44 GMT
hit;uto_adv_links
counter.yadro.ru/
Redirect Chain
  • https://counter.yadro.ru/hit;uto_adv_links?r;s1600*1200*24;uhttps%3A//u.to/pIdzGQ;1616829164434
  • https://counter.yadro.ru/hit;uto_adv_links?q;r;s1600*1200*24;uhttps%3A//u.to/pIdzGQ;1616829164434
43 B
496 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://counter.yadro.ru/hit;uto_adv_links?q;r;s1600*1200*24;uhttps%3A//u.to/pIdzGQ;1616829164434
Requested by
Host: u.to
URL: https://u.to/pIdzGQ
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
88.212.201.210 , Russian Federation, ASN39134 (UNITEDNET, RU),
Reverse DNS
host210.rax.ru
Software
nginx/1.17.9 /
Resource Hash
2dfe28cbdb83f01c940de6a88ab86200154fd772d568035ac568664e52068363
Security Headers
Name Value
Strict-Transport-Security max-age=86400

Request headers

Referer
https://u.to/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma
no-cache
Date
Sat, 27 Mar 2021 07:12:44 GMT
Server
nginx/1.17.9
Strict-Transport-Security
max-age=86400
P3P
policyref="/w3c/p3p.xml", CP="UNI"
Cache-control
no-cache
Connection
keep-alive
Content-Type
image/gif
Content-Length
43
Expires
Thu, 26 Mar 2020 21:00:00 GMT

Redirect headers

Pragma
no-cache
Date
Sat, 27 Mar 2021 07:12:44 GMT
Server
nginx/1.17.9
Strict-Transport-Security
max-age=86400
P3P
policyref="/w3c/p3p.xml", CP="UNI"
Location
https://counter.yadro.ru/hit;uto_adv_links?q;r;s1600*1200*24;uhttps%3A//u.to/pIdzGQ;1616829164434
Cache-control
no-cache
Connection
keep-alive
Content-Type
text/html
Content-Length
32
Expires
Thu, 26 Mar 2020 21:00:00 GMT
hit;uto_adv_links_desktop
counter.yadro.ru/
Redirect Chain
  • https://counter.yadro.ru/hit;uto_adv_links_desktop?r;s1600*1200*24;uhttps%3A//u.to/pIdzGQ;1616829164434
  • https://counter.yadro.ru/hit;uto_adv_links_desktop?q;r;s1600*1200*24;uhttps%3A//u.to/pIdzGQ;1616829164434
43 B
496 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://counter.yadro.ru/hit;uto_adv_links_desktop?q;r;s1600*1200*24;uhttps%3A//u.to/pIdzGQ;1616829164434
Requested by
Host: u.to
URL: https://u.to/pIdzGQ
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
88.212.201.210 , Russian Federation, ASN39134 (UNITEDNET, RU),
Reverse DNS
host210.rax.ru
Software
nginx/1.17.9 /
Resource Hash
2dfe28cbdb83f01c940de6a88ab86200154fd772d568035ac568664e52068363
Security Headers
Name Value
Strict-Transport-Security max-age=86400

Request headers

Referer
https://u.to/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma
no-cache
Date
Sat, 27 Mar 2021 07:12:44 GMT
Server
nginx/1.17.9
Strict-Transport-Security
max-age=86400
P3P
policyref="/w3c/p3p.xml", CP="UNI"
Cache-control
no-cache
Connection
keep-alive
Content-Type
image/gif
Content-Length
43
Expires
Thu, 26 Mar 2020 21:00:00 GMT

Redirect headers

Pragma
no-cache
Date
Sat, 27 Mar 2021 07:12:44 GMT
Server
nginx/1.17.9
Strict-Transport-Security
max-age=86400
P3P
policyref="/w3c/p3p.xml", CP="UNI"
Location
https://counter.yadro.ru/hit;uto_adv_links_desktop?q;r;s1600*1200*24;uhttps%3A//u.to/pIdzGQ;1616829164434
Cache-control
no-cache
Connection
keep-alive
Content-Type
text/html
Content-Length
32
Expires
Thu, 26 Mar 2020 21:00:00 GMT
rep.php
report.smartcount.net/ 		43 B
518 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://report.smartcount.net/rep.php?cid=2106925683&referrer=&in_frame=0&info={%22plugins%22:[],%22platform%22:%22Linux%20x86_64%22,%22hardwareConcurrency%22:16,%22screenWidth%22:1600,%22screenHeight%22:1200,%22innerWidth%22:1600,%22innerHeight%22:1200,%22userAgent%22:%22Mozilla/5.0%20(Windows%20NT%2010.0;%20Win64;%20x64)%20AppleWebKit/537.36%20(KHTML,%20like%20Gecko)%20Chrome/89.0.4389.72%20Safari/537.36%22,%22orientation%22:0}
Requested by
Host: u.to
URL: https://u.to/pIdzGQ
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
138.201.195.51 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
static.51.195.201.138.clients.your-server.de
Software
nginx /
Resource Hash
aa03dc59bdca72631d2301e4297cfa030bd31b907dc138e7b973d12311c90a22

Request headers

Referer
https://u.to/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Sat, 27 Mar 2021 07:12:44 GMT
Server
nginx
Connection
keep-alive
Transfer-Encoding
chunked
Content-Type
image/gif
S6u9w4BMUTPHh6UVSwiPGQ.woff2
fonts.gstatic.com/s/lato/v17/ 		22 KB
23 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/lato/v17/S6u9w4BMUTPHh6UVSwiPGQ.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Lato:400,700,900
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:808::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
8d3ca80fa271e94b0c36cf3053b0f806b7a42bb3395b424c99dc0bd218f0ac20
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Origin
https://u.to
Referer
https://fonts.googleapis.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 25 Mar 2021 03:49:54 GMT
x-content-type-options
nosniff
last-modified
Tue, 15 Sep 2020 18:12:12 GMT
server
sffe
age
184970
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
22992
x-xss-protection
0
expires
Fri, 25 Mar 2022 03:49:54 GMT
S6uyw4BMUTPHjx4wXg.woff2
fonts.gstatic.com/s/lato/v17/ 		23 KB
23 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/lato/v17/S6uyw4BMUTPHjx4wXg.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Lato:400,700,900
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:808::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
c3c0d3f472358aac78455515c4800771426770c22698e2486d39fdb5505634e1
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Origin
https://u.to
Referer
https://fonts.googleapis.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 25 Mar 2021 15:17:59 GMT
x-content-type-options
nosniff
last-modified
Tue, 15 Sep 2020 18:10:46 GMT
server
sffe
age
143685
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
23484
x-xss-protection
0
expires
Fri, 25 Mar 2022 15:17:59 GMT
508703
an.yandex.ru/meta/ 		29 B
345 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://an.yandex.ru/meta/508703?grab=dFJlZGlyZWN0aW9uCjFSZWRpcmVjdGlvbi4uLiAK&target-ref=https%3A%2F%2Fu.to%2FpIdzGQ&charset=utf-8&pcode-test-ids=343001%2C0%2C48%3B342421%2C0%2C1%3B348178%2C0%2C90%3B338026%2C0%2C88%3B330396%2C0%2C38%3B348051%2C0%2C3&pcode-flags=%7B%22ADAPTIVE_TOWER_VIDEO%22%3A%22exp%22%2C%22DEFAULT_SSR_FORMATS%22%3A%5B%22zen%22%2C%22zen2%22%2C%22zen2-gallery%22%5D%2C%22USE_SMART_SSR%22%3A%221%22%2C%22DEFAULT_BLACKLIST_PAGES%22%3A%5B%22419507%22%2C%22419506%22%2C%22106253%22%2C%22188382%22%2C%22189903%22%2C%22348677%22%2C%22286573%22%5D%2C%22SMART_BANNER_VARIABLE_FORMATS%22%3A%22exp%22%2C%22SMART_SSR_FORMATS%22%3A%22smart-banner_theme_normal%22%2C%22REFRESH_COMBO%22%3A%22disable%22%2C%22PACKSHOT_POSTER%22%3A%22exp%22%2C%22VIDEO_EARS_FLAGS%22%3A%22exp%22%2C%22PCODEVER%22%3A%2214249%22%7D&server-side-rendering-enabled-formats=zen%0Azen2%0Azen2-gallery&raw-smart-content=1&smart-format-names=smart-banner-adaptive_v1%0Asmart-banner_theme_normal&pcode-icookie=8375402831616829164&imp-id=1&enable-flat-highlight=1&test-tag=515121197613058&ad-session-id=5878941616829164694&target-id=6628874&tga-with-creatives=1&pcode-version=14249&pcodever=14249&flash-ver=0&layout-config=%7B%22win_width%22%3A1600%2C%22win_height%22%3A1200%2C%22pixel_ratio%22%3A1%2C%22bandwidth%22%3A9.3%2C%22w%22%3A1000%2C%22h%22%3A0%2C%22width%22%3A0%2C%22height%22%3A0%2C%22visible%22%3A1%2C%22left%22%3A300%2C%22top%22%3A328%2C%22ad_no%22%3A0%2C%22req_no%22%3A0%7D&callback=Ya%5B9905939581565%5D
Requested by
Host: an.yandex.ru
URL: https://an.yandex.ru/system/context.js
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
2a02:6b8::90 Moscow, Russian Federation, ASN13238 (YANDEX, RU),
Reverse DNS
Software
/
Resource Hash
873350a6aa1cbe11dbb63ac608c03e1387965c451f1f1250e623e77e51c750a2
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Xss-Protection 1; mode=block

Request headers

Referer
https://u.to/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
application/x-www-form-urlencoded

Response headers

pragma
no-cache
date
Sat, 27 Mar 2021 07:12:44 GMT
content-encoding
gzip
last-modified
Sat, 27 Mar 2021 07:12:44 GMT
p3p
CP="NOI DEVa TAIa OUR BUS UNI STA"
strict-transport-security
max-age=31536000
content-type
text/html; charset=windows-1251
access-control-allow-origin
https://u.to
cache-control
private, no-cache, no-store, must-revalidate, max-age=0
access-control-allow-credentials
true
timing-allow-origin
*
x-xss-protection
1; mode=block
expires
Sat, 27 Mar 2021 07:12:44 GMT
953552d5609eb9fa8a96.js
yastatic.net/partner-code-bundles/14249/ 		12 KB
5 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://yastatic.net/partner-code-bundles/14249/953552d5609eb9fa8a96.js
Requested by
Host: an.yandex.ru
URL: https://an.yandex.ru/system/context.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:6b8:20::215 Moscow, Russian Federation, ASN13238 (YANDEX, RU),
Reverse DNS
Software
nginx/1.17.9 /
Resource Hash
9f9687207d06f5154839de3a6ce104d1df14c6e97182038dab2ffe30d465321c
Security Headers
Name Value
Strict-Transport-Security max-age=43200000; includeSubDomains;

Request headers

Origin
https://u.to
Referer
https://u.to/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sat, 27 Mar 2021 07:12:44 GMT
content-encoding
br
vary
Accept-Encoding
nel
{"report_to": "network-errors", "max_age": 600, "success_fraction": 0.001, "failure_fraction": 0.01}
content-length
4197
last-modified
Thu, 25 Mar 2021 16:27:04 GMT
server
nginx/1.17.9
etag
"4c5480adedc1652db0edb5cb04baf4cd"
x-robots-tag
noindex, noarchive, nofollow
strict-transport-security
max-age=43200000; includeSubDomains;
report-to
{ "group": "network-errors", "max_age": 600, "endpoints": [ { "url": "https://dr.yandex.net/nel"}]}
content-type
text/javascript
access-control-allow-origin
*
cache-control
public, max-age=946708560
accept-ranges
bytes
timing-allow-origin
*
expires
Mon, 27 Mar 2051 13:44:36 GMT
02131bf3946c65ac00dc.js
yastatic.net/partner-code-bundles/14249/ 		362 KB
78 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://yastatic.net/partner-code-bundles/14249/02131bf3946c65ac00dc.js
Requested by
Host: an.yandex.ru
URL: https://an.yandex.ru/system/context.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:6b8:20::215 Moscow, Russian Federation, ASN13238 (YANDEX, RU),
Reverse DNS
Software
nginx/1.17.9 /
Resource Hash
9306dc9dde8c89b7453c96d9197aae987c7fa1c0c657ad19282a85b86c18e9f0
Security Headers
Name Value
Strict-Transport-Security max-age=43200000; includeSubDomains;

Request headers

Origin
https://u.to
Referer
https://u.to/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sat, 27 Mar 2021 07:12:44 GMT
content-encoding
br
vary
Accept-Encoding
nel
{"report_to": "network-errors", "max_age": 600, "success_fraction": 0.001, "failure_fraction": 0.01}
content-length
79648
last-modified
Thu, 25 Mar 2021 16:27:04 GMT
server
nginx/1.17.9
etag
"992d2d9c488e6033970aadf7be0cccb0"
x-robots-tag
noindex, noarchive, nofollow
strict-transport-security
max-age=43200000; includeSubDomains;
report-to
{ "group": "network-errors", "max_age": 600, "endpoints": [ { "url": "https://dr.yandex.net/nel"}]}
content-type
text/javascript
access-control-allow-origin
*
cache-control
public, max-age=946708560
accept-ranges
bytes
timing-allow-origin
*
expires
Mon, 27 Mar 2051 13:44:36 GMT
c1a66275a089566f881a.js
yastatic.net/partner-code-bundles/14249/ 		241 KB
42 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://yastatic.net/partner-code-bundles/14249/c1a66275a089566f881a.js
Requested by
Host: an.yandex.ru
URL: https://an.yandex.ru/system/context.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:6b8:20::215 Moscow, Russian Federation, ASN13238 (YANDEX, RU),
Reverse DNS
Software
nginx/1.17.9 /
Resource Hash
9847b89d92645504ce689a308519c3670010433177023a44ba1185beee68eb98
Security Headers
Name Value
Strict-Transport-Security max-age=43200000; includeSubDomains;

Request headers

Origin
https://u.to
Referer
https://u.to/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sat, 27 Mar 2021 07:12:44 GMT
content-encoding
br
vary
Accept-Encoding
nel
{"report_to": "network-errors", "max_age": 600, "success_fraction": 0.001, "failure_fraction": 0.01}
content-length
42747
last-modified
Thu, 25 Mar 2021 16:27:05 GMT
server
nginx/1.17.9
etag
"7bbed1d11d86513c6425cdc3bdd24ddd"
x-robots-tag
noindex, noarchive, nofollow
strict-transport-security
max-age=43200000; includeSubDomains;
report-to
{ "group": "network-errors", "max_age": 600, "endpoints": [ { "url": "https://dr.yandex.net/nel"}]}
content-type
text/javascript
access-control-allow-origin
*
cache-control
public, max-age=946708560
accept-ranges
bytes
timing-allow-origin
*
expires
Mon, 27 Mar 2051 13:44:41 GMT
watch.js
mc.yandex.ru/metrika/ 		123 KB
44 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://mc.yandex.ru/metrika/watch.js
Requested by
Host: an.yandex.ru
URL: https://an.yandex.ru/system/context.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:6b8::1:119 Moscow, Russian Federation, ASN13238 (YANDEX, RU),
Reverse DNS
Software
/
Resource Hash
ff12958280077b86e5352edd8df6a96630580a06c24b83e0e2f517f64b9d7b2f
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

Origin
https://u.to
Referer
https://u.to/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sat, 27 Mar 2021 07:12:45 GMT
content-encoding
br
last-modified
Thu, 25 Mar 2021 11:26:56 GMT
etag
"605b2bf8-ace5"
strict-transport-security
max-age=31536000
content-type
application/javascript
access-control-allow-origin
*
cache-control
max-age=3600
content-length
44261
expires
Sat, 27 Mar 2021 08:12:45 GMT
sync_cookie_image_decide
mc.yandex.com/
Redirect Chain
  • https://mc.yandex.com/sync_cookie_image_check
  • https://mc.yandex.ru/sync_cookie_image_start?redirect_domain=mc.yandex.com&token=9225.F011DcLzpcC4VB_mk8rlaBATRHVB5S3lI8XvTHWg36LhDQYvv9KX5Hrh8eB468bV.nJo4hIiAgl2VNLRU8PKnDlLfxKo%2C
  • https://mc.yandex.com/sync_cookie_image_decide?token=9225.GCNRjtdIegR_ZXZHcWVBohpiGi_-_CcBv9KuNDHqbXv62pBbnbWC-tPwWOmZKqxiLrE32oUZjBZyT_zzGVlSTA%2C%2C.TZKAXv9wRniZ10bV7FfsqW35osY%2C
75 B
75 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://mc.yandex.com/sync_cookie_image_decide?token=9225.GCNRjtdIegR_ZXZHcWVBohpiGi_-_CcBv9KuNDHqbXv62pBbnbWC-tPwWOmZKqxiLrE32oUZjBZyT_zzGVlSTA%2C%2C.TZKAXv9wRniZ10bV7FfsqW35osY%2C
Requested by
Host: u.to
URL: https://u.to/pIdzGQ
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:6b8::1:119 Moscow, Russian Federation, ASN13238 (YANDEX, RU),
Reverse DNS
Software
/
Resource Hash
8398a026313c016324f186d1c9b24a46813109d4bc5477d910a683079cbf1434
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Xss-Protection 1; mode=block

Request headers

Referer
https://u.to/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sat, 27 Mar 2021 07:12:45 GMT
strict-transport-security
max-age=31536000
content-length
75
x-xss-protection
1; mode=block
content-type
text/html; charset=utf-8

Redirect headers

location
https://mc.yandex.com/sync_cookie_image_decide?token=9225.GCNRjtdIegR_ZXZHcWVBohpiGi_-_CcBv9KuNDHqbXv62pBbnbWC-tPwWOmZKqxiLrE32oUZjBZyT_zzGVlSTA%2C%2C.TZKAXv9wRniZ10bV7FfsqW35osY%2C
date
Sat, 27 Mar 2021 07:12:45 GMT
strict-transport-security
max-age=31536000
content-length
0
x-xss-protection
1; mode=block
1
mc.yandex.com/watch/508703/
Redirect Chain
  • https://mc.yandex.com/watch/508703?wmode=7&page-url=https%3A%2F%2Fu.to%2FpIdzGQ&nohit=1&charset=utf-8&cnt-class=1&browser-info=pv%3A1%3Agdpr%3A14%3Avf%3A2z9ezuq74htnozj%3Afu%3A0%3Aen%3Autf-8%3Ala%3...
  • https://mc.yandex.com/watch/508703/1?wmode=7&page-url=https%3A%2F%2Fu.to%2FpIdzGQ&nohit=1&charset=utf-8&cnt-class=1&browser-info=pv%3A1%3Agdpr%3A14%3Avf%3A2z9ezuq74htnozj%3Afu%3A0%3Aen%3Autf-8%3Ala...
184 B
266 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://mc.yandex.com/watch/508703/1?wmode=7&page-url=https%3A%2F%2Fu.to%2FpIdzGQ&nohit=1&charset=utf-8&cnt-class=1&browser-info=pv%3A1%3Agdpr%3A14%3Avf%3A2z9ezuq74htnozj%3Afu%3A0%3Aen%3Autf-8%3Ala%3Aen-US%3Av%3A474%3Acn%3A1%3Adp%3A0%3Als%3A1027167115309%3Ahid%3A510449662%3Az%3A60%3Ai%3A20210327081245%3Aet%3A1616829166%3Ac%3A1%3Arn%3A344365765%3Au%3A1616829166657922012%3Aw%3A1600x1200%3As%3A1600x1200x24%3Ask%3A1%3Ahdl%3A1%3Ans%3A1616829163803%3Arqnl%3A1%3Ati%3A2%3Ast%3A1616829166%3At%3ARedirection
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:6b8::1:119 Moscow, Russian Federation, ASN13238 (YANDEX, RU),
Reverse DNS
Software
/
Resource Hash
c494c1341c2ca027d5681c72738bc27567fe2bac9ce2901e9864bc29efe6b7a2
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
https://u.to/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 27 Mar 2021 07:12:45 GMT
x-content-type-options
nosniff
last-modified
Sat, 27-Mar-2021 07:12:45 GMT
strict-transport-security
max-age=31536000
content-type
application/json; charset=utf-8
access-control-allow-origin
https://u.to
cache-control
private, no-cache, no-store, must-revalidate, max-age=0
access-control-allow-credentials
true
content-length
184
x-xss-protection
1; mode=block
expires
Sat, 27-Mar-2021 07:12:45 GMT

Redirect headers

pragma
no-cache
date
Sat, 27 Mar 2021 07:12:45 GMT
last-modified
Sat, 27-Mar-2021 07:12:45 GMT
location
/watch/508703/1?wmode=7&page-url=https%3A%2F%2Fu.to%2FpIdzGQ&nohit=1&charset=utf-8&cnt-class=1&browser-info=pv%3A1%3Agdpr%3A14%3Avf%3A2z9ezuq74htnozj%3Afu%3A0%3Aen%3Autf-8%3Ala%3Aen-US%3Av%3A474%3Acn%3A1%3Adp%3A0%3Als%3A1027167115309%3Ahid%3A510449662%3Az%3A60%3Ai%3A20210327081245%3Aet%3A1616829166%3Ac%3A1%3Arn%3A344365765%3Au%3A1616829166657922012%3Aw%3A1600x1200%3As%3A1600x1200x24%3Ask%3A1%3Ahdl%3A1%3Ans%3A1616829163803%3Arqnl%3A1%3Ati%3A2%3Ast%3A1616829166%3At%3ARedirection
strict-transport-security
max-age=31536000
access-control-allow-origin
https://u.to
cache-control
private, no-cache, no-store, must-revalidate, max-age=0
access-control-allow-credentials
true
content-length
0
x-xss-protection
1; mode=block
expires
Sat, 27-Mar-2021 07:12:45 GMT
1
mc.yandex.com/watch/508703/ 		43 B
85 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://mc.yandex.com/watch/508703/1?page-url=https%3A%2F%2Fu.to%2FpIdzGQ&charset=utf-8&cnt-class=1&browser-info=pa%3A1%3Aar%3A1%3Agdpr%3A14%3Avf%3A2z9ezuq74htnozj%3Afp%3A661%3Afu%3A0%3Aen%3Autf-8%3Ala%3Aen-US%3Av%3A474%3Acn%3A1%3Adp%3A1%3Als%3A1027167115309%3Ahid%3A510449662%3Az%3A60%3Ai%3A20210327081245%3Aet%3A1616829166%3Ac%3A1%3Arn%3A514217787%3Au%3A1616829166657922012%3Aw%3A1600x1200%3As%3A1600x1200x24%3Ask%3A1%3Ahdl%3A1%3Aeu%3A1%3Ans%3A1616829163803%3Ads%3A0%2C238%2C199%2C0%2C171%2C0%2C%2C22%2C0%2C1970%2C1970%2C1%2C633%3Adsn%3A0%2C238%2C199%2C0%2C171%2C0%2C%2C24%2C0%2C1970%2C1970%2C1%2C633%3Arqnl%3A1%3Ati%3A2%3Ast%3A1616829166
Requested by
Host: mc.yandex.ru
URL: https://mc.yandex.ru/metrika/watch.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:6b8::1:119 Moscow, Russian Federation, ASN13238 (YANDEX, RU),
Reverse DNS
Software
/
Resource Hash
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Xss-Protection 1; mode=block

Request headers

Referer
https://u.to/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
application/x-www-form-urlencoded

Response headers

pragma
no-cache
date
Sat, 27 Mar 2021 07:12:45 GMT
last-modified
Sat, 27-Mar-2021 07:12:45 GMT
strict-transport-security
max-age=31536000
content-type
image/gif
access-control-allow-origin
https://u.to
cache-control
private, no-cache, no-store, must-revalidate, max-age=0
access-control-allow-credentials
true
content-length
43
x-xss-protection
1; mode=block
expires
Sat, 27-Mar-2021 07:12:45 GMT
sync_cookie_image_finish
mc.yandex.ru/
Redirect Chain
  • https://mc.yandex.com/sync_cookie_image_check
  • https://mc.yandex.ru/sync_cookie_image_start?redirect_domain=mc.yandex.com&token=9225.KKdqQLGtmbCjJhIyUrnQew3fbFeCeCLMRpsB4OEmWeEP0OxU-1ja6z395hIKaUUR.VlSCEzBfKWsF1_kgs7uE9tU9JRQ%2C
  • https://mc.yandex.com/sync_cookie_image_decide?token=9225.R-8bl5wwGimEqA2DPUbohhP2zUx2HV0vGW1ckI2o1yq-uNqf72Hm3vhqy8BPWMf_tPGK2owPnF-xuqPDfeK3EA%2C%2C._z7W0DndO2t7LnRiX-eYsTuhqbY%2C
  • https://mc.yandex.ru/sync_cookie_image_finish?redirect_domain=mc.yandex.com&token=9225.ahA8HaMcnwz7DNG-950k8FYY8dW7bEGe0bjjIyZqqAGFalISuQylc3g-bcAajrh_w8QDO-XbLQNjk7vims-GPw%2C%2C.8FiukBOByrr3qkWoJ...
43 B
300 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://mc.yandex.ru/sync_cookie_image_finish?redirect_domain=mc.yandex.com&token=9225.ahA8HaMcnwz7DNG-950k8FYY8dW7bEGe0bjjIyZqqAGFalISuQylc3g-bcAajrh_w8QDO-XbLQNjk7vims-GPw%2C%2C.8FiukBOByrr3qkWoJ2LQCCLrpOA%2C
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:6b8::1:119 Moscow, Russian Federation, ASN13238 (YANDEX, RU),
Reverse DNS
Software
/
Resource Hash
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Xss-Protection 1; mode=block

Request headers

Referer
https://u.to/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sat, 27 Mar 2021 07:12:46 GMT
strict-transport-security
max-age=31536000
content-length
43
x-xss-protection
1; mode=block
content-type
image/gif

Redirect headers

location
https://mc.yandex.ru/sync_cookie_image_finish?redirect_domain=mc.yandex.com&token=9225.ahA8HaMcnwz7DNG-950k8FYY8dW7bEGe0bjjIyZqqAGFalISuQylc3g-bcAajrh_w8QDO-XbLQNjk7vims-GPw%2C%2C.8FiukBOByrr3qkWoJ2LQCCLrpOA%2C
date
Sat, 27 Mar 2021 07:12:46 GMT
strict-transport-security
max-age=31536000
content-length
0
x-xss-protection
1; mode=block
508703
mc.yandex.com/watch/ 		43 B
121 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://mc.yandex.com/watch/508703?page-url=https%3A%2F%2Fu.to%2FpIdzGQ&charset=utf-8&cnt-class=1&browser-info=pv%3A1%3Aar%3A1%3Agdpr%3A14%3Avf%3A2z9ezuq74htnozj%3Afu%3A0%3Aen%3Autf-8%3Ala%3Aen-US%3Av%3A474%3Acn%3A1%3Adp%3A1%3Als%3A1027167115309%3Ahid%3A510449662%3Az%3A60%3Ai%3A20210327081245%3Aet%3A1616829166%3Ac%3A1%3Arn%3A646196656%3Au%3A1616829166657922012%3Aw%3A1600x1200%3As%3A1600x1200x24%3Ask%3A1%3Ahdl%3A1%3Aeu%3A1%3Ans%3A1616829163803%3Arqnl%3A1%3Ati%3A2%3Ast%3A1616829166%3At%3ARedirection
Requested by
Host: mc.yandex.ru
URL: https://mc.yandex.ru/metrika/watch.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:6b8::1:119 Moscow, Russian Federation, ASN13238 (YANDEX, RU),
Reverse DNS
Software
/
Resource Hash
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Xss-Protection 1; mode=block

Request headers

Referer
https://u.to/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 27 Mar 2021 07:12:46 GMT
last-modified
Sat, 27-Mar-2021 07:12:46 GMT
strict-transport-security
max-age=31536000
content-type
image/gif
access-control-allow-origin
https://u.to
cache-control
private, no-cache, no-store, must-revalidate, max-age=0
access-control-allow-credentials
true
content-length
43
x-xss-protection
1; mode=block
expires
Sat, 27-Mar-2021 07:12:46 GMT
Primary Request y9wx
clickmetertracking.com/ 		6 KB
6 KB 		Document
General
Check archive.org
Download Go to
Full URL
http://clickmetertracking.com/y9wx
Requested by
Host: u.to
URL: https://u.to/pIdzGQ
Protocol
HTTP/1.1
Server
23.21.166.230 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-23-21-166-230.compute-1.amazonaws.com
Software
/
Resource Hash
d96bf690c3100a4f46cabbabed7661473f400e8d67c51195986933b48bc675d3

Request headers

Host
clickmetertracking.com
Connection
keep-alive
Pragma
no-cache
Cache-Control
no-cache
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Accept-Encoding
gzip, deflate
Accept-Language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type
text/html; charset=utf-8
Date
Sat, 27 Mar 2021 07:12:54 GMT
Engine
clickmeter.redirect, version 2.0
X-Rate-Limit-Limit
20s
X-Rate-Limit-Remaining
299
X-Rate-Limit-Reset
2021-03-27T07:13:14.6602450Z
Content-Length
5938
Connection
keep-alive
css
fonts.googleapis.com/ 		6 KB
1 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
http://fonts.googleapis.com/css?family=Source+Sans+Pro:400,600,700
Requested by
Host: clickmetertracking.com
URL: http://clickmetertracking.com/y9wx
Protocol
HTTP/1.1
Server
2a00:1450:4001:828::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
1c23f28ae5a0688e6bac1ffa59efa32930b363632561f643f6262a9dd6d6f2f8
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Sat, 27 Mar 2021 07:12:54 GMT
Content-Encoding
gzip
X-Content-Type-Options
nosniff
Last-Modified
Sat, 27 Mar 2021 07:12:54 GMT
Server
ESF
X-Frame-Options
SAMEORIGIN
Content-Type
text/css; charset=utf-8
Access-Control-Allow-Origin
*
Cache-Control
private, max-age=86400, stale-while-revalidate=604800
Transfer-Encoding
chunked
Cross-Origin-Resource-Policy
cross-origin
Timing-Allow-Origin
*
Link
<http://fonts.gstatic.com>; rel=preconnect; crossorigin
X-XSS-Protection
0
Expires
Sat, 27 Mar 2021 07:12:54 GMT
404.png
clickmeter-com.s3.amazonaws.com/Web/ 		7 KB
7 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
http://clickmeter-com.s3.amazonaws.com/Web/404.png
Requested by
Host: clickmetertracking.com
URL: http://clickmetertracking.com/y9wx
Protocol
HTTP/1.1
Server
52.216.130.171 Ashburn, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
s3-1-w.amazonaws.com
Software
AmazonS3 /
Resource Hash
dd35d66e644c21521832234d977cd6f7c0f643a6e493f00424e9d1bce6297f7a

Request headers

Referer
http://clickmetertracking.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Sat, 27 Mar 2021 07:12:55 GMT
Last-Modified
Fri, 19 Sep 2014 09:52:49 GMT
Server
AmazonS3
x-amz-request-id
W49J92QHR6BWXTEN
ETag
"45fa6690ad9b9966750397f9a8b03b24"
Content-Type
image/png
Accept-Ranges
bytes
Content-Length
6860
x-amz-id-2
k5NXUdWRb6mpfwM2kqLjGvnSitEvkkLTYCsH7+k5COZsCfARAXXe7VpU5n/UOv8QjSbGJdlxCfs=
6xKydSBYKcSV-LCoeQqfX1RYOo3i54rwlxdu.woff2
fonts.gstatic.com/s/sourcesanspro/v14/ 		16 KB
16 KB 		Font
General
Check archive.org
Download Go to
Full URL
http://fonts.gstatic.com/s/sourcesanspro/v14/6xKydSBYKcSV-LCoeQqfX1RYOo3i54rwlxdu.woff2
Requested by
Host: fonts.googleapis.com
URL: http://fonts.googleapis.com/css?family=Source+Sans+Pro:400,600,700
Protocol
HTTP/1.1
Server
2a00:1450:4001:808::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
efb3cdc5e4582fd67dffab6fc6e5062074ce3f8c51747346af944e97749dc309
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Origin
http://clickmetertracking.com
Referer
http://fonts.googleapis.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Sat, 27 Mar 2021 06:25:00 GMT
X-Content-Type-Options
nosniff
Last-Modified
Tue, 15 Sep 2020 18:10:32 GMT
Server
sffe
Age
2874
Content-Type
font/woff2
Access-Control-Allow-Origin
*
Cache-Control
public, max-age=31536000
Accept-Ranges
bytes
Timing-Allow-Origin
*
Content-Length
15948
X-XSS-Protection
0
Expires
Sun, 27 Mar 2022 06:25:00 GMT
6xK3dSBYKcSV-LCoeQqfX1RYOo3qOK7l.woff2
fonts.gstatic.com/s/sourcesanspro/v14/ 		16 KB
16 KB 		Font
General
Check archive.org
Download Go to
Full URL
http://fonts.gstatic.com/s/sourcesanspro/v14/6xK3dSBYKcSV-LCoeQqfX1RYOo3qOK7l.woff2
Requested by
Host: fonts.googleapis.com
URL: http://fonts.googleapis.com/css?family=Source+Sans+Pro:400,600,700
Protocol
HTTP/1.1
Server
2a00:1450:4001:808::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
a9950fa5ca9cf47072770900d259bcf6778aa1119652d2e706d5eb92df254199
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Origin
http://clickmetertracking.com
Referer
http://fonts.googleapis.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Thu, 25 Mar 2021 03:52:03 GMT
X-Content-Type-Options
nosniff
Last-Modified
Tue, 15 Sep 2020 18:10:09 GMT
Server
sffe
Age
184851
Content-Type
font/woff2
Access-Control-Allow-Origin
*
Cache-Control
public, max-age=31536000
Accept-Ranges
bytes
Timing-Allow-Origin
*
Content-Length
16112
X-XSS-Protection
0
Expires
Fri, 25 Mar 2022 03:52:03 GMT

Verdicts & Comments Add Verdict or Comment

9 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| ontransitionrun object| ontransitionstart object| ontransitioncancel object| trustedTypes boolean| crossOriginIsolated string| refer string| url string| domain string| body

0 Cookies

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

an.yandex.ru
clickmeter-com.s3.amazonaws.com
clickmetertracking.com
counter.yadro.ru
fonts.googleapis.com
fonts.gstatic.com
mc.yandex.com
mc.yandex.ru
report.smartcount.net
u.to
yastatic.net
138.201.195.51
195.216.243.155
23.21.166.230
2a00:1450:4001:808::2003
2a00:1450:4001:827::200a
2a00:1450:4001:828::200a
2a02:6b8:20::215
2a02:6b8::1:119
2a02:6b8::90
52.216.130.171
88.212.201.210
1c23f28ae5a0688e6bac1ffa59efa32930b363632561f643f6262a9dd6d6f2f8
2bf12dd09417bd879194b11b5d2a4e81f78e12f3e0869f16e038003b4636a525
2dfe28cbdb83f01c940de6a88ab86200154fd772d568035ac568664e52068363
3755e61ac2c744dac9b710c492aa6289ff48b2555194aaff20ca6902fd56294b
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87
8398a026313c016324f186d1c9b24a46813109d4bc5477d910a683079cbf1434
873350a6aa1cbe11dbb63ac608c03e1387965c451f1f1250e623e77e51c750a2
8d3ca80fa271e94b0c36cf3053b0f806b7a42bb3395b424c99dc0bd218f0ac20
8f385c5a4cd08b78e6f158b17e2934c14e0489bcd268bc0e172e3cb1ff0d9ba4
9306dc9dde8c89b7453c96d9197aae987c7fa1c0c657ad19282a85b86c18e9f0
9847b89d92645504ce689a308519c3670010433177023a44ba1185beee68eb98
9f9687207d06f5154839de3a6ce104d1df14c6e97182038dab2ffe30d465321c
a9950fa5ca9cf47072770900d259bcf6778aa1119652d2e706d5eb92df254199
aa03dc59bdca72631d2301e4297cfa030bd31b907dc138e7b973d12311c90a22
c3c0d3f472358aac78455515c4800771426770c22698e2486d39fdb5505634e1
c494c1341c2ca027d5681c72738bc27567fe2bac9ce2901e9864bc29efe6b7a2
d96bf690c3100a4f46cabbabed7661473f400e8d67c51195986933b48bc675d3
dd35d66e644c21521832234d977cd6f7c0f643a6e493f00424e9d1bce6297f7a
efb3cdc5e4582fd67dffab6fc6e5062074ce3f8c51747346af944e97749dc309
ff12958280077b86e5352edd8df6a96630580a06c24b83e0e2f517f64b9d7b2f