urlscan.io logo urlscan.io
SecurityTrails logo

u.to Open in urlscan Pro
195.216.243.155  Public Scan

Go To Rescan Add Verdict Report
Submitted URL: https://u.to/KIPLFw
Effective URL: https://u.to/eTbLFw
Submission Tags: falconsandbox
Submission: On May 21 via api from US
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 9 IPs in 3 countries across 9 domains to perform 31 HTTP transactions. The main IP is 195.216.243.155, located in Moscow, Russian Federation and belongs to DDOS-GUARD, RU. The main domain is u.to.
TLS certificate: Issued by GoGetSSL RSA DV CA on October 9th 2020. Valid for: a year.
This is the only time u.to was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
7 195.216.243.155 57724 (DDOS-GUARD)
1 2a00:1450:400... 15169 (GOOGLE)
2 2a02:6b8::90 13238 (YANDEX)
3 6 88.212.201.198 39134 (UNITEDNET)
1 138.201.195.51 24940 (HETZNER-AS)
2 2a00:1450:400... 15169 (GOOGLE)
4 2a02:6b8:20::215 13238 (YANDEX)
9 19 2a02:6b8::1:119 13238 (YANDEX)
1 2a02:6b8:a::a 13238 (YANDEX)
1 1 64.140.168.34 18450 (WEBNX)
31 9
7    195.216.243.155 (Moscow, Russian Federation)

ASN57724 (DDOS-GUARD, RU)
PTR: s5.unet.com
u.to
1    2a00:1450:4001:800::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
fonts.googleapis.com
2    2a02:6b8::90 (Moscow, Russian Federation)

ASN13238 (YANDEX, RU)
an.yandex.ru
6    88.212.201.198 (Russian Federation)

ASN39134 (UNITEDNET, RU)
PTR: host198.rax.ru
counter.yadro.ru
1    138.201.195.51 (Germany)

ASN24940 (HETZNER-AS, DE)
PTR: static.51.195.201.138.clients.your-server.de
report.smartcount.net
2    2a00:1450:4001:80f::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
fonts.gstatic.com
4    2a02:6b8:20::215 (Moscow, Russian Federation)

ASN13238 (YANDEX, RU)
yastatic.net
19    2a02:6b8::1:119 (Moscow, Russian Federation)

ASN13238 (YANDEX, RU)
mc.yandex.ru
mc.yandex.com
1    2a02:6b8:a::a (Moscow, Russian Federation)

ASN13238 (YANDEX, RU)
yandex.ru
1    64.140.168.34 (Ogden, United States)

ASN18450 (WEBNX, US)
PTR: 64-140-168-34.static.webnx.com
vkmonline.com
Apex Domain
Subdomains		 Transfer
13 yandex.com
mc.yandex.com
4 KB
9 yandex.ru
an.yandex.ru
mc.yandex.ru
yandex.ru
126 KB
7 u.to
u.to
17 KB
6 yadro.ru
counter.yadro.ru
3 KB
4 yastatic.net
yastatic.net
138 KB
2 gstatic.com
fonts.gstatic.com
46 KB
1 vkmonline.com
vkmonline.com
428 B
1 smartcount.net
report.smartcount.net
518 B
1 googleapis.com
fonts.googleapis.com
484 B
31 9
Domain Requested by
13 mc.yandex.com 6 redirects u.to
mc.yandex.ru
7 u.to u.to
6 mc.yandex.ru 3 redirects an.yandex.ru
u.to
6 counter.yadro.ru 3 redirects u.to
4 yastatic.net an.yandex.ru
2 fonts.gstatic.com fonts.googleapis.com
2 an.yandex.ru u.to
an.yandex.ru
1 vkmonline.com 1 redirects
1 yandex.ru yastatic.net
1 report.smartcount.net u.to
1 fonts.googleapis.com u.to
31 11
Subject Issuer Validity Valid
u.to
GoGetSSL RSA DV CA		 2020-10-09 -
2021-10-09		 a year crt.sh
upload.video.google.com
GTS CA 1O1		 2021-05-03 -
2021-07-26		 3 months crt.sh
bs.yandex.ru
Yandex CA		 2020-12-17 -
2021-06-17		 6 months crt.sh
counter.yadro.ru
R3		 2021-03-22 -
2021-06-20		 3 months crt.sh
report.smartcount.net
R3		 2021-04-28 -
2021-07-27		 3 months crt.sh
*.google.com
GTS CA 1O1		 2021-05-03 -
2021-07-26		 3 months crt.sh
*.yastatic.net
Yandex CA		 2021-03-03 -
2021-09-01		 6 months crt.sh
mc.yandex.ru
Yandex CA		 2021-02-27 -
2021-08-09		 5 months crt.sh
yandex.ru
Yandex CA		 2021-03-18 -
2021-09-16		 6 months crt.sh

This page contains 1 frames:

Primary Page: https://u.to/eTbLFw
Frame ID: 28EC1893056B2D23D5369975225859BD
Requests: 31 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page URL History Show full URLs

  1. https://u.to/KIPLFw Page URL
  2. http://vkmonline.com/away?url=https://u.to/eTbLFw HTTP 302
    https://u.to/eTbLFw Page URL

Detected technologies

Overall confidence: 100%
Detected patterns
  • headers server /nginx(?:\/([\d.]+))?/i

Page Statistics

31
Requests

100 %
HTTPS

60 %
IPv6

9
Domains

11
Subdomains

9
IPs

3
Countries

329 kB
Transfer

1129 kB
Size

4
Cookies

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

  1. https://u.to/KIPLFw Page URL
  2. http://vkmonline.com/away?url=https://u.to/eTbLFw HTTP 302
    https://u.to/eTbLFw Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 3
  • https://counter.yadro.ru/hit;uto_adv_links?r;s1600*1200*24;uhttps%3A//u.to/KIPLFw;1621580277561 HTTP 302
  • https://counter.yadro.ru/hit;uto_adv_links?q;r;s1600*1200*24;uhttps%3A//u.to/KIPLFw;1621580277561
Request Chain 4
  • https://counter.yadro.ru/hit;uto_adv_links_desktop?r;s1600*1200*24;uhttps%3A//u.to/KIPLFw;1621580277561 HTTP 302
  • https://counter.yadro.ru/hit;uto_adv_links_desktop?q;r;s1600*1200*24;uhttps%3A//u.to/KIPLFw;1621580277561
Request Chain 15
  • https://mc.yandex.com/sync_cookie_image_check HTTP 302
  • https://mc.yandex.ru/sync_cookie_image_start?redirect_domain=mc.yandex.com&token=9280.be8ui06l7z5MiEE-GTqP0-FLorfERn8vXGGswN72RIA89EpbKFv0KVaLMNn322n-.y7JbCPFBzAElwlRnl-QT98JXAZo%2C HTTP 302
  • https://mc.yandex.com/sync_cookie_image_decide?token=9280.rVDc67VcXggYT1ekTjfVIjrqrHTg2qgwCA1_FQE1u_j0PobVtErimVfHYDwc8VDnfMIRoIXuB-66KgS0UTD6RQ%2C%2C.o138ciKpUWbgm8Vhs6T-0_FbfwM%2C
Request Chain 16
  • https://mc.yandex.com/watch/508703?wmode=7&page-url=https%3A%2F%2Fu.to%2FKIPLFw&nohit=1&charset=utf-8&cnt-class=1&browser-info=pv%3A1%3Agdpr%3A14%3Avf%3Abx1nzewshzamry4%3Afu%3A0%3Aen%3Autf-8%3Ala%3Aen-US%3Av%3A504%3Acn%3A1%3Adp%3A0%3Als%3A812319495547%3Ahid%3A261250104%3Az%3A120%3Ai%3A20210521085758%3Aet%3A1621580278%3Ac%3A1%3Arn%3A193078729%3Au%3A1621580278478295601%3Aw%3A1600x1200%3As%3A1600x1200x24%3Ask%3A1%3Ahdl%3A1%3Ans%3A1621580277124%3Arqnl%3A1%3Ati%3A2%3Ast%3A1621580279%3At%3ARedirection HTTP 302
  • https://mc.yandex.com/watch/508703/1?wmode=7&page-url=https%3A%2F%2Fu.to%2FKIPLFw&nohit=1&charset=utf-8&cnt-class=1&browser-info=pv%3A1%3Agdpr%3A14%3Avf%3Abx1nzewshzamry4%3Afu%3A0%3Aen%3Autf-8%3Ala%3Aen-US%3Av%3A504%3Acn%3A1%3Adp%3A0%3Als%3A812319495547%3Ahid%3A261250104%3Az%3A120%3Ai%3A20210521085758%3Aet%3A1621580278%3Ac%3A1%3Arn%3A193078729%3Au%3A1621580278478295601%3Aw%3A1600x1200%3As%3A1600x1200x24%3Ask%3A1%3Ahdl%3A1%3Ans%3A1621580277124%3Arqnl%3A1%3Ati%3A2%3Ast%3A1621580279%3At%3ARedirection
Request Chain 18
  • https://mc.yandex.com/sync_cookie_image_check HTTP 302
  • https://mc.yandex.ru/sync_cookie_image_start?redirect_domain=mc.yandex.com&token=9280.ZtveAuYgMK3dYnpVTdb8OwpyIFLh4PL_qd6zMAc9mzXCXmGnviVBJ8e3EWfs-oHH.23zlf0-X1wKIWmK3c54qkKKIXP4%2C HTTP 302
  • https://mc.yandex.com/sync_cookie_image_decide?token=9280.YTC56sJi3CeTF8KraKgemHUB1hOI8efRvmgFzkcf1FDOuFc1aok6lhTbcc1rRgCNu6FoMvnNrScIZFCfM83c6w%2C%2C.NkkBk7rIQf4jfqR7KSUZznOEYNY%2C HTTP 302
  • https://mc.yandex.ru/sync_cookie_image_finish?redirect_domain=mc.yandex.com&token=9280.OHyVSjVE4hqpW48w-wVO5civNH7BbtkSx6oD4Tt3dvG2LGPzSCyU2JWwLcmzfeeqyJiRP5MZORUjNsw-EpstnA%2C%2C.t277AdK0j228wqjRiPCYVu2fd4c%2C
Request Chain 20
  • https://counter.yadro.ru/hit;uto_404?r;s1600*1200*24;uhttps%3A//u.to/eTbLFw%23wupvxzrpxcpgq;1621580288038 HTTP 302
  • https://counter.yadro.ru/hit;uto_404?q;r;s1600*1200*24;uhttps%3A//u.to/eTbLFw%23wupvxzrpxcpgq;1621580288038
Request Chain 27
  • https://mc.yandex.com/sync_cookie_image_check HTTP 302
  • https://mc.yandex.ru/sync_cookie_image_start?redirect_domain=mc.yandex.com&token=9280.FtiYcZn8ySRD82hg4wK3ciO24Ri2I0AMpZ06rAz5Q2N-jHCcM4m3aSnCND_jiTbg.RoqPKEXGmdhLbxYRlQGy_K20MM4%2C HTTP 302
  • https://mc.yandex.com/sync_cookie_image_decide?token=9280.AdvJtLUaCTMQHISdzVGUgZT-ye_XcBUhlpNy9ecx2QfAJih-PtTiP11w7V6v6DuL-TIEjui33XK0IjlXQaXMZg%2C%2C.WplQ2BHiCdGhRtEIiFvACJIYPeM%2C
Request Chain 29
  • https://mc.yandex.com/watch/27365672?wmode=7&page-url=https%3A%2F%2Fu.to%2FeTbLFw%23wupvxzrpxcpgq&charset=utf-8&browser-info=pv%3A1%3Agdpr%3A14%3Avf%3Abx1nzewshzamry4%3Afp%3A534%3Afu%3A0%3Aen%3Autf-8%3Ala%3Aen-US%3Av%3A504%3Acn%3A1%3Adp%3A0%3Als%3A808809537473%3Ahid%3A716399154%3Az%3A120%3Ai%3A20210521085808%3Aet%3A1621580288%3Ac%3A1%3Arn%3A177910528%3Au%3A1621580288617388042%3Aw%3A1600x1200%3As%3A1600x1200x24%3Ask%3A1%3Ahdl%3A1%3Ans%3A1621580287562%3Ads%3A0%2C0%2C95%2C2%2C359%2C0%2C%2C70%2C0%2C%2C%2C%2C534%3Adsn%3A0%2C0%2C96%2C1%2C360%2C0%2C%2C76%2C0%2C%2C%2C%2C535%3Arqnl%3A1%3Aadb%3A2%3Ati%3A2%3Ast%3A1621580288%3At%3AHTTP%20404%20%D0%9D%D0%B5%20%D0%BD%D0%B0%D0%B9%D0%B4%D0%B5%D0%BD%D0%BE HTTP 302
  • https://mc.yandex.com/watch/27365672/1?wmode=7&page-url=https%3A%2F%2Fu.to%2FeTbLFw%23wupvxzrpxcpgq&charset=utf-8&browser-info=pv%3A1%3Agdpr%3A14%3Avf%3Abx1nzewshzamry4%3Afp%3A534%3Afu%3A0%3Aen%3Autf-8%3Ala%3Aen-US%3Av%3A504%3Acn%3A1%3Adp%3A0%3Als%3A808809537473%3Ahid%3A716399154%3Az%3A120%3Ai%3A20210521085808%3Aet%3A1621580288%3Ac%3A1%3Arn%3A177910528%3Au%3A1621580288617388042%3Aw%3A1600x1200%3As%3A1600x1200x24%3Ask%3A1%3Ahdl%3A1%3Ans%3A1621580287562%3Ads%3A0%2C0%2C95%2C2%2C359%2C0%2C%2C70%2C0%2C%2C%2C%2C534%3Adsn%3A0%2C0%2C96%2C1%2C360%2C0%2C%2C76%2C0%2C%2C%2C%2C535%3Arqnl%3A1%3Aadb%3A2%3Ati%3A2%3Ast%3A1621580288%3At%3AHTTP%20404%20%D0%9D%D0%B5%20%D0%BD%D0%B0%D0%B9%D0%B4%D0%B5%D0%BD%D0%BE

31 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
Cookie set KIPLFw
u.to/ 		8 KB
3 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://u.to/KIPLFw
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
195.216.243.155 Moscow, Russian Federation, ASN57724 (DDOS-GUARD, RU),
Reverse DNS
s5.unet.com
Software
nginx/1.8.0 /
Resource Hash
e44aa9a88192f74a7a9bfce08eee3769566ff8395c3036198f449e00e49b5f7a

Request headers

Host
u.to
Connection
keep-alive
Pragma
no-cache
Cache-Control
no-cache
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Sec-Fetch-Site
none
Sec-Fetch-Mode
navigate
Sec-Fetch-User
?1
Sec-Fetch-Dest
document
Accept-Encoding
gzip, deflate, br
Accept-Language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Server
nginx/1.8.0
Date
Fri, 21 May 2021 06:57:57 GMT
Content-Type
text/html; charset=UTF-8
Transfer-Encoding
chunked
Connection
keep-alive
Keep-Alive
timeout=15
Set-Cookie
lng=en; path=/; expires=Sat, 21-May-2022 06:57:57 GMT; domain=.u.to;
Cache-Control
no-cache no-store
Pragma
no-cache
Vary
host
Content-Encoding
gzip
css
fonts.googleapis.com/ 		2 KB
484 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://fonts.googleapis.com/css?family=Lato:400,700,900
Requested by
Host: u.to
URL: https://u.to/KIPLFw
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:800::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
2bf12dd09417bd879194b11b5d2a4e81f78e12f3e0869f16e038003b4636a525
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Referer
https://u.to/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection
0
last-modified
Fri, 21 May 2021 05:28:00 GMT
server
ESF
date
Fri, 21 May 2021 06:57:57 GMT
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Fri, 21 May 2021 06:57:57 GMT
context.js
an.yandex.ru/system/ 		136 KB
38 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://an.yandex.ru/system/context.js
Requested by
Host: u.to
URL: https://u.to/KIPLFw
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
2a02:6b8::90 Moscow, Russian Federation, ASN13238 (YANDEX, RU),
Reverse DNS
Software
/
Resource Hash
da43bc1f2722465aed5275f1e39e065153ca5c7f96122c94c9d1188127b527c7
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

Referer
https://u.to/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

timing-allow-origin
*
strict-transport-security
max-age=31536000
content-encoding
br
etag
1785170463
x-yandex-req-id
1621580277708667-1554213869765519034600177-production-app-host-sas-pcode-100
content-type
text/javascript
access-control-allow-origin
*
cache-control
private, max-age=3600
x-robots-tag
noindex, noarchive, nofollow
expires
Fri, 21 May 2021 07:57:57 GMT
hit;uto_adv_links
counter.yadro.ru/
Redirect Chain
  • https://counter.yadro.ru/hit;uto_adv_links?r;s1600*1200*24;uhttps%3A//u.to/KIPLFw;1621580277561
  • https://counter.yadro.ru/hit;uto_adv_links?q;r;s1600*1200*24;uhttps%3A//u.to/KIPLFw;1621580277561
43 B
496 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://counter.yadro.ru/hit;uto_adv_links?q;r;s1600*1200*24;uhttps%3A//u.to/KIPLFw;1621580277561
Requested by
Host: u.to
URL: https://u.to/KIPLFw
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
88.212.201.198 , Russian Federation, ASN39134 (UNITEDNET, RU),
Reverse DNS
host198.rax.ru
Software
nginx/1.17.9 /
Resource Hash
2dfe28cbdb83f01c940de6a88ab86200154fd772d568035ac568664e52068363
Security Headers
Name Value
Strict-Transport-Security max-age=86400

Request headers

Referer
https://u.to/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma
no-cache
Date
Fri, 21 May 2021 06:57:57 GMT
Server
nginx/1.17.9
Strict-Transport-Security
max-age=86400
P3P
policyref="/w3c/p3p.xml", CP="UNI"
Cache-control
no-cache
Connection
keep-alive
Content-Type
image/gif
Content-Length
43
Expires
Wed, 20 May 2020 21:00:00 GMT

Redirect headers

Pragma
no-cache
Date
Fri, 21 May 2021 06:57:57 GMT
Server
nginx/1.17.9
Strict-Transport-Security
max-age=86400
P3P
policyref="/w3c/p3p.xml", CP="UNI"
Location
https://counter.yadro.ru/hit;uto_adv_links?q;r;s1600*1200*24;uhttps%3A//u.to/KIPLFw;1621580277561
Cache-control
no-cache
Connection
keep-alive
Content-Type
text/html
Content-Length
32
Expires
Wed, 20 May 2020 21:00:00 GMT
hit;uto_adv_links_desktop
counter.yadro.ru/
Redirect Chain
  • https://counter.yadro.ru/hit;uto_adv_links_desktop?r;s1600*1200*24;uhttps%3A//u.to/KIPLFw;1621580277561
  • https://counter.yadro.ru/hit;uto_adv_links_desktop?q;r;s1600*1200*24;uhttps%3A//u.to/KIPLFw;1621580277561
43 B
496 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://counter.yadro.ru/hit;uto_adv_links_desktop?q;r;s1600*1200*24;uhttps%3A//u.to/KIPLFw;1621580277561
Requested by
Host: u.to
URL: https://u.to/KIPLFw
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
88.212.201.198 , Russian Federation, ASN39134 (UNITEDNET, RU),
Reverse DNS
host198.rax.ru
Software
nginx/1.17.9 /
Resource Hash
2dfe28cbdb83f01c940de6a88ab86200154fd772d568035ac568664e52068363
Security Headers
Name Value
Strict-Transport-Security max-age=86400

Request headers

Referer
https://u.to/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma
no-cache
Date
Fri, 21 May 2021 06:57:57 GMT
Server
nginx/1.17.9
Strict-Transport-Security
max-age=86400
P3P
policyref="/w3c/p3p.xml", CP="UNI"
Cache-control
no-cache
Connection
keep-alive
Content-Type
image/gif
Content-Length
43
Expires
Wed, 20 May 2020 21:00:00 GMT

Redirect headers

Pragma
no-cache
Date
Fri, 21 May 2021 06:57:57 GMT
Server
nginx/1.17.9
Strict-Transport-Security
max-age=86400
P3P
policyref="/w3c/p3p.xml", CP="UNI"
Location
https://counter.yadro.ru/hit;uto_adv_links_desktop?q;r;s1600*1200*24;uhttps%3A//u.to/KIPLFw;1621580277561
Cache-control
no-cache
Connection
keep-alive
Content-Type
text/html
Content-Length
32
Expires
Wed, 20 May 2020 21:00:00 GMT
rep.php
report.smartcount.net/ 		43 B
518 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://report.smartcount.net/rep.php?cid=2106925683&referrer=&in_frame=0&info={%22plugins%22:[],%22platform%22:%22Linux%20x86_64%22,%22hardwareConcurrency%22:16,%22screenWidth%22:1600,%22screenHeight%22:1200,%22innerWidth%22:1600,%22innerHeight%22:1200,%22userAgent%22:%22Mozilla/5.0%20(Windows%20NT%2010.0;%20Win64;%20x64)%20AppleWebKit/537.36%20(KHTML,%20like%20Gecko)%20Chrome/89.0.4389.72%20Safari/537.36%22,%22orientation%22:0}
Requested by
Host: u.to
URL: https://u.to/KIPLFw
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
138.201.195.51 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
static.51.195.201.138.clients.your-server.de
Software
nginx /
Resource Hash
aa03dc59bdca72631d2301e4297cfa030bd31b907dc138e7b973d12311c90a22

Request headers

Referer
https://u.to/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Fri, 21 May 2021 06:57:57 GMT
Server
nginx
Connection
keep-alive
Transfer-Encoding
chunked
Content-Type
image/gif
S6u9w4BMUTPHh6UVSwiPGQ.woff2
fonts.gstatic.com/s/lato/v17/ 		22 KB
23 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/lato/v17/S6u9w4BMUTPHh6UVSwiPGQ.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Lato:400,700,900
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:80f::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
8d3ca80fa271e94b0c36cf3053b0f806b7a42bb3395b424c99dc0bd218f0ac20
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Origin
https://u.to
Referer
https://fonts.googleapis.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 20 May 2021 00:07:58 GMT
x-content-type-options
nosniff
last-modified
Tue, 15 Sep 2020 18:12:12 GMT
server
sffe
age
110999
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
22992
x-xss-protection
0
expires
Fri, 20 May 2022 00:07:58 GMT
S6uyw4BMUTPHjx4wXg.woff2
fonts.gstatic.com/s/lato/v17/ 		23 KB
23 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/lato/v17/S6uyw4BMUTPHjx4wXg.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Lato:400,700,900
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:80f::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
c3c0d3f472358aac78455515c4800771426770c22698e2486d39fdb5505634e1
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Origin
https://u.to
Referer
https://fonts.googleapis.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 20 May 2021 02:03:02 GMT
x-content-type-options
nosniff
last-modified
Tue, 15 Sep 2020 18:10:46 GMT
server
sffe
age
104095
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
23484
x-xss-protection
0
expires
Fri, 20 May 2022 02:03:02 GMT
508703
an.yandex.ru/meta/ 		29 B
574 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://an.yandex.ru/meta/508703?grab=dFJlZGlyZWN0aW9uCjFSZWRpcmVjdGlvbi4uLiAK&target-ref=https%3A%2F%2Fu.to%2FKIPLFw&charset=utf-8&pcode-test-ids=363741%2C0%2C19%3B363745%2C0%2C72%3B356981%2C0%2C99%3B330396%2C0%2C45%3B351578%2C0%2C17%3B356679%2C0%2C6%3B362627%2C0%2C77&pcode-flags=%7B%22USE_WIDGET_FROM_PCODE%22%3Atrue%2C%22COMBO_HEADER%22%3A%22withoutHeader%22%2C%22SINGLE_CONTEXT_BLACKLIST%22%3A%5B%5D%2C%22USE_SUPERBUNDLE%22%3Atrue%2C%22USE_SMART_SSR%22%3A%221%22%2C%22SINGLE_CONTEXT%22%3Atrue%2C%22DEFAULT_SSR_FORMATS%22%3A%5B%22zen%22%2C%22zen2%22%2C%22zen2-gallery%22%2C%22billboard%22%2C%22horizontal%22%2C%22horizontal0318%22%2C%22constructor%22%2C%22modernAdaptive%22%5D%2C%22SSR_PERCENT_LOGGING%22%3A0.1%2C%22ADAPTIVE_TOWER_VIDEO%22%3A%22exp%22%2C%22DEFAULT_BLACKLIST_PAGES%22%3A%5B%22419507%22%2C%22419506%22%2C%22106253%22%2C%22188382%22%2C%22189903%22%5D%2C%22COMBO_PACKSHOT_EXP%22%3A%22exp%22%2C%22LEADERBOARD_VIDEO%22%3A%22ctl%22%2C%22VIDEO_EARS_FLAGS%22%3A%22exp%22%2C%22SSR_UNIFORMAT%22%3A%221%22%2C%22PCODEVER%22%3A%2214665%22%7D&server-side-rendering-enabled-formats=zen%0Azen2%0Azen2-gallery%0Abillboard%0Ahorizontal%0Ahorizontal0318%0Aconstructor%0AmodernAdaptive&raw-smart-content=1&smart-format-names=smart-banner-adaptive_v1%0Asmart-banner-mosaic_v1&pcode-icookie=985669881621580277&imp-id=1&enable-flat-highlight=1&test-tag=180869662769154&ad-session-id=8315171621580277834&target-id=36711602&tga-with-creatives=1&pcode-version=14665&pcodever=14665&flash-ver=0&layout-config=%7B%22win_width%22%3A1600%2C%22win_height%22%3A1200%2C%22pixel_ratio%22%3A1%2C%22bandwidth%22%3A9.9%2C%22w%22%3A1000%2C%22h%22%3A0%2C%22width%22%3A0%2C%22height%22%3A0%2C%22visible%22%3A1%2C%22left%22%3A300%2C%22top%22%3A344%2C%22ad_no%22%3A0%2C%22req_no%22%3A0%7D&uniformat=true&callback=Ya%5B1069314749407%5D
Requested by
Host: an.yandex.ru
URL: https://an.yandex.ru/system/context.js
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
2a02:6b8::90 Moscow, Russian Federation, ASN13238 (YANDEX, RU),
Reverse DNS
Software
/
Resource Hash
873350a6aa1cbe11dbb63ac608c03e1387965c451f1f1250e623e77e51c750a2
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Xss-Protection 1; mode=block

Request headers

Referer
https://u.to/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
application/x-www-form-urlencoded

Response headers

pragma
no-cache
date
Fri, 21 May 2021 06:57:57 GMT
content-encoding
gzip
last-modified
Fri, 21 May 2021 06:57:57 GMT
p3p
CP="NOI DEVa TAIa OUR BUS UNI STA"
x-yandex-req-id
1621580277887068-1374748730758591883800159-production-app-host-man-pcode-16
strict-transport-security
max-age=31536000
content-type
text/html; charset=windows-1251
access-control-allow-origin
https://u.to
cache-control
private, no-cache, no-store, must-revalidate, max-age=0
access-control-allow-credentials
true
timing-allow-origin
*
x-xss-protection
1; mode=block
expires
Fri, 21 May 2021 06:57:57 GMT
ccaaae6bb2ec68a8c2bf.js
yastatic.net/partner-code-bundles/14665/ 		12 KB
5 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://yastatic.net/partner-code-bundles/14665/ccaaae6bb2ec68a8c2bf.js
Requested by
Host: an.yandex.ru
URL: https://an.yandex.ru/system/context.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:6b8:20::215 Moscow, Russian Federation, ASN13238 (YANDEX, RU),
Reverse DNS
Software
nginx/1.17.9 /
Resource Hash
a14530658b9fa7a7017759331a324a7f071f9c38758624aebe93bd4893e035a0
Security Headers
Name Value
Strict-Transport-Security max-age=43200000; includeSubDomains;

Request headers

Origin
https://u.to
Referer
https://u.to/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 21 May 2021 06:57:57 GMT
content-encoding
br
vary
Accept-Encoding
nel
{"report_to": "network-errors", "max_age": 7200, "success_fraction": 0.001, "failure_fraction": 0.01}
content-length
4215
last-modified
Mon, 17 May 2021 14:19:48 GMT
server
nginx/1.17.9
etag
"38fda2c416faef5648b2b3d0e2b7d261"
x-robots-tag
noindex, noarchive, nofollow
strict-transport-security
max-age=43200000; includeSubDomains;
report-to
{ "group": "network-errors", "max_age": 7200, "endpoints": [ { "url": "https://dr.yandex.net/nel"}]}
content-type
text/javascript
access-control-allow-origin
*
cache-control
public, max-age=946708560
accept-ranges
bytes
timing-allow-origin
*
expires
Sun, 21 May 2051 13:33:07 GMT
fa7d153cd59067557683.js
yastatic.net/partner-code-bundles/14665/ 		404 KB
87 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://yastatic.net/partner-code-bundles/14665/fa7d153cd59067557683.js
Requested by
Host: an.yandex.ru
URL: https://an.yandex.ru/system/context.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:6b8:20::215 Moscow, Russian Federation, ASN13238 (YANDEX, RU),
Reverse DNS
Software
nginx/1.17.9 /
Resource Hash
20f5b60667c01b3c60075aafa6b8c76ee58fe6a86a3d8d2d48579de787cf6f80
Security Headers
Name Value
Strict-Transport-Security max-age=43200000; includeSubDomains;

Request headers

Origin
https://u.to
Referer
https://u.to/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 21 May 2021 06:57:57 GMT
content-encoding
br
vary
Accept-Encoding
nel
{"report_to": "network-errors", "max_age": 7200, "success_fraction": 0.001, "failure_fraction": 0.01}
content-length
88173
last-modified
Mon, 17 May 2021 14:19:48 GMT
server
nginx/1.17.9
etag
"9a95802fbcf9bb95efb2e9d2ee9fe294"
x-robots-tag
noindex, noarchive, nofollow
strict-transport-security
max-age=43200000; includeSubDomains;
report-to
{ "group": "network-errors", "max_age": 7200, "endpoints": [ { "url": "https://dr.yandex.net/nel"}]}
content-type
text/javascript
access-control-allow-origin
*
cache-control
public, max-age=946708560
accept-ranges
bytes
timing-allow-origin
*
expires
Sun, 21 May 2051 13:33:06 GMT
0e1dda8267a573500061.js
yastatic.net/partner-code-bundles/14665/ 		252 KB
43 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://yastatic.net/partner-code-bundles/14665/0e1dda8267a573500061.js
Requested by
Host: an.yandex.ru
URL: https://an.yandex.ru/system/context.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:6b8:20::215 Moscow, Russian Federation, ASN13238 (YANDEX, RU),
Reverse DNS
Software
nginx/1.17.9 /
Resource Hash
f36c27bca7237aa55291a25b34c4025bb71e153449d0221b697efb0ab62d7a74
Security Headers
Name Value
Strict-Transport-Security max-age=43200000; includeSubDomains;

Request headers

Origin
https://u.to
Referer
https://u.to/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 21 May 2021 06:57:57 GMT
content-encoding
br
vary
Accept-Encoding
nel
{"report_to": "network-errors", "max_age": 7200, "success_fraction": 0.001, "failure_fraction": 0.01}
content-length
43545
last-modified
Mon, 17 May 2021 14:19:47 GMT
server
nginx/1.17.9
etag
"45f7011d882143c2b09c4a2ecdb0f650"
x-robots-tag
noindex, noarchive, nofollow
strict-transport-security
max-age=43200000; includeSubDomains;
report-to
{ "group": "network-errors", "max_age": 7200, "endpoints": [ { "url": "https://dr.yandex.net/nel"}]}
content-type
text/javascript
access-control-allow-origin
*
cache-control
public, max-age=946708560
accept-ranges
bytes
timing-allow-origin
*
expires
Sun, 21 May 2051 13:33:27 GMT
92edb453bcbc999a80c2.js
yastatic.net/partner-code-bundles/14665/ 		7 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://yastatic.net/partner-code-bundles/14665/92edb453bcbc999a80c2.js
Requested by
Host: an.yandex.ru
URL: https://an.yandex.ru/system/context.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:6b8:20::215 Moscow, Russian Federation, ASN13238 (YANDEX, RU),
Reverse DNS
Software
nginx/1.17.9 /
Resource Hash
f764c9d1d6ac56ba63661be16e332d39da6b6f280e349173d295cca310aa8ffd
Security Headers
Name Value
Strict-Transport-Security max-age=43200000; includeSubDomains;

Request headers

Origin
https://u.to
Referer
https://u.to/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 21 May 2021 06:57:57 GMT
content-encoding
br
vary
Accept-Encoding
nel
{"report_to": "network-errors", "max_age": 7200, "success_fraction": 0.001, "failure_fraction": 0.01}
content-length
2841
last-modified
Mon, 17 May 2021 14:19:48 GMT
server
nginx/1.17.9
etag
"d488b5d3572f4dac7db8b688ada6783d"
x-robots-tag
noindex, noarchive, nofollow
strict-transport-security
max-age=43200000; includeSubDomains;
report-to
{ "group": "network-errors", "max_age": 7200, "endpoints": [ { "url": "https://dr.yandex.net/nel"}]}
content-type
text/javascript
access-control-allow-origin
*
cache-control
public, max-age=946708560
accept-ranges
bytes
timing-allow-origin
*
expires
Sun, 21 May 2051 13:31:55 GMT
watch.js
mc.yandex.ru/metrika/ 		123 KB
43 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://mc.yandex.ru/metrika/watch.js
Requested by
Host: an.yandex.ru
URL: https://an.yandex.ru/system/context.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:6b8::1:119 Moscow, Russian Federation, ASN13238 (YANDEX, RU),
Reverse DNS
Software
/
Resource Hash
0dc25fa3b32fcdcb0c8d6960ce7a9ec11627d8769d78a0fcc5c8d06a8a4a757d
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

Origin
https://u.to
Referer
https://u.to/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 21 May 2021 06:57:58 GMT
content-encoding
br
last-modified
Thu, 20 May 2021 19:10:33 GMT
etag
"609e8948-abe7"
strict-transport-security
max-age=31536000
content-type
application/javascript
access-control-allow-origin
*
cache-control
max-age=3600
content-length
44007
expires
Fri, 21 May 2021 07:57:58 GMT
click
yandex.ru/clck/ 		43 B
314 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://yandex.ru/clck/click
Requested by
Host: yastatic.net
URL: https://yastatic.net/partner-code-bundles/14665/92edb453bcbc999a80c2.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:6b8:a::a Moscow, Russian Federation, ASN13238 (YANDEX, RU),
Reverse DNS
Software
/
Resource Hash
7e928161cd626935d39ff08188caa3f3a918811ca87194082dedf28b697ce6fd
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://u.to/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

cache-control
no-cache
x-content-type-options
nosniff
nel
{"report_to": "network-errors", "max_age": 86400, "success_fraction": 0.001, "failure_fraction": 0.1}
content-length
43
report-to
{ "group": "network-errors", "max_age": 86400, "endpoints": [ { "url": "https://dr.yandex.net/nel"}]}
content-type
image/gif
sync_cookie_image_decide
mc.yandex.com/
Redirect Chain
  • https://mc.yandex.com/sync_cookie_image_check
  • https://mc.yandex.ru/sync_cookie_image_start?redirect_domain=mc.yandex.com&token=9280.be8ui06l7z5MiEE-GTqP0-FLorfERn8vXGGswN72RIA89EpbKFv0KVaLMNn322n-.y7JbCPFBzAElwlRnl-QT98JXAZo%2C
  • https://mc.yandex.com/sync_cookie_image_decide?token=9280.rVDc67VcXggYT1ekTjfVIjrqrHTg2qgwCA1_FQE1u_j0PobVtErimVfHYDwc8VDnfMIRoIXuB-66KgS0UTD6RQ%2C%2C.o138ciKpUWbgm8Vhs6T-0_FbfwM%2C
75 B
75 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://mc.yandex.com/sync_cookie_image_decide?token=9280.rVDc67VcXggYT1ekTjfVIjrqrHTg2qgwCA1_FQE1u_j0PobVtErimVfHYDwc8VDnfMIRoIXuB-66KgS0UTD6RQ%2C%2C.o138ciKpUWbgm8Vhs6T-0_FbfwM%2C
Requested by
Host: u.to
URL: https://u.to/KIPLFw
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:6b8::1:119 Moscow, Russian Federation, ASN13238 (YANDEX, RU),
Reverse DNS
Software
/
Resource Hash
8398a026313c016324f186d1c9b24a46813109d4bc5477d910a683079cbf1434
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Xss-Protection 1; mode=block

Request headers

Referer
https://u.to/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 21 May 2021 06:57:58 GMT
strict-transport-security
max-age=31536000
content-length
75
x-xss-protection
1; mode=block
content-type
text/html; charset=utf-8

Redirect headers

location
https://mc.yandex.com/sync_cookie_image_decide?token=9280.rVDc67VcXggYT1ekTjfVIjrqrHTg2qgwCA1_FQE1u_j0PobVtErimVfHYDwc8VDnfMIRoIXuB-66KgS0UTD6RQ%2C%2C.o138ciKpUWbgm8Vhs6T-0_FbfwM%2C
date
Fri, 21 May 2021 06:57:58 GMT
strict-transport-security
max-age=31536000
x-xss-protection
1; mode=block
1
mc.yandex.com/watch/508703/
Redirect Chain
  • https://mc.yandex.com/watch/508703?wmode=7&page-url=https%3A%2F%2Fu.to%2FKIPLFw&nohit=1&charset=utf-8&cnt-class=1&browser-info=pv%3A1%3Agdpr%3A14%3Avf%3Abx1nzewshzamry4%3Afu%3A0%3Aen%3Autf-8%3Ala%3...
  • https://mc.yandex.com/watch/508703/1?wmode=7&page-url=https%3A%2F%2Fu.to%2FKIPLFw&nohit=1&charset=utf-8&cnt-class=1&browser-info=pv%3A1%3Agdpr%3A14%3Avf%3Abx1nzewshzamry4%3Afu%3A0%3Aen%3Autf-8%3Ala...
184 B
219 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://mc.yandex.com/watch/508703/1?wmode=7&page-url=https%3A%2F%2Fu.to%2FKIPLFw&nohit=1&charset=utf-8&cnt-class=1&browser-info=pv%3A1%3Agdpr%3A14%3Avf%3Abx1nzewshzamry4%3Afu%3A0%3Aen%3Autf-8%3Ala%3Aen-US%3Av%3A504%3Acn%3A1%3Adp%3A0%3Als%3A812319495547%3Ahid%3A261250104%3Az%3A120%3Ai%3A20210521085758%3Aet%3A1621580278%3Ac%3A1%3Arn%3A193078729%3Au%3A1621580278478295601%3Aw%3A1600x1200%3As%3A1600x1200x24%3Ask%3A1%3Ahdl%3A1%3Ans%3A1621580277124%3Arqnl%3A1%3Ati%3A2%3Ast%3A1621580279%3At%3ARedirection
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:6b8::1:119 Moscow, Russian Federation, ASN13238 (YANDEX, RU),
Reverse DNS
Software
/
Resource Hash
c494c1341c2ca027d5681c72738bc27567fe2bac9ce2901e9864bc29efe6b7a2
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
https://u.to/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 21 May 2021 06:57:58 GMT
x-content-type-options
nosniff
last-modified
Fri, 21-May-2021 06:57:58 GMT
strict-transport-security
max-age=31536000
content-type
application/json; charset=utf-8
access-control-allow-origin
https://u.to
cache-control
private, no-cache, no-store, must-revalidate, max-age=0
access-control-allow-credentials
true
content-length
184
x-xss-protection
1; mode=block
expires
Fri, 21-May-2021 06:57:58 GMT

Redirect headers

pragma
no-cache
date
Fri, 21 May 2021 06:57:58 GMT
last-modified
Fri, 21-May-2021 06:57:58 GMT
location
/watch/508703/1?wmode=7&page-url=https%3A%2F%2Fu.to%2FKIPLFw&nohit=1&charset=utf-8&cnt-class=1&browser-info=pv%3A1%3Agdpr%3A14%3Avf%3Abx1nzewshzamry4%3Afu%3A0%3Aen%3Autf-8%3Ala%3Aen-US%3Av%3A504%3Acn%3A1%3Adp%3A0%3Als%3A812319495547%3Ahid%3A261250104%3Az%3A120%3Ai%3A20210521085758%3Aet%3A1621580278%3Ac%3A1%3Arn%3A193078729%3Au%3A1621580278478295601%3Aw%3A1600x1200%3As%3A1600x1200x24%3Ask%3A1%3Ahdl%3A1%3Ans%3A1621580277124%3Arqnl%3A1%3Ati%3A2%3Ast%3A1621580279%3At%3ARedirection
strict-transport-security
max-age=31536000
access-control-allow-origin
https://u.to
cache-control
private, no-cache, no-store, must-revalidate, max-age=0
access-control-allow-credentials
true
x-xss-protection
1; mode=block
expires
Fri, 21-May-2021 06:57:58 GMT
1
mc.yandex.com/watch/508703/ 		43 B
85 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://mc.yandex.com/watch/508703/1?page-url=https%3A%2F%2Fu.to%2FKIPLFw&charset=utf-8&cnt-class=1&browser-info=pa%3A1%3Aar%3A1%3Agdpr%3A14%3Avf%3Abx1nzewshzamry4%3Afp%3A479%3Afu%3A0%3Aen%3Autf-8%3Ala%3Aen-US%3Av%3A504%3Acn%3A1%3Adp%3A1%3Als%3A812319495547%3Ahid%3A261250104%3Az%3A120%3Ai%3A20210521085758%3Aet%3A1621580279%3Ac%3A1%3Arn%3A850230422%3Au%3A1621580278478295601%3Aw%3A1600x1200%3As%3A1600x1200x24%3Ask%3A1%3Ahdl%3A1%3Aeu%3A1%3Ans%3A1621580277124%3Ads%3A1%2C255%2C146%2C0%2C0%2C0%2C%2C36%2C0%2C1480%2C1480%2C1%2C442%3Adsn%3A1%2C255%2C146%2C1%2C0%2C0%2C%2C38%2C0%2C1480%2C1480%2C1%2C442%3Arqnl%3A1%3Ati%3A2%3Ast%3A1621580279
Requested by
Host: mc.yandex.ru
URL: https://mc.yandex.ru/metrika/watch.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:6b8::1:119 Moscow, Russian Federation, ASN13238 (YANDEX, RU),
Reverse DNS
Software
/
Resource Hash
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Xss-Protection 1; mode=block

Request headers

Referer
https://u.to/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
application/x-www-form-urlencoded

Response headers

pragma
no-cache
date
Fri, 21 May 2021 06:57:58 GMT
last-modified
Fri, 21-May-2021 06:57:58 GMT
strict-transport-security
max-age=31536000
content-type
image/gif
access-control-allow-origin
https://u.to
cache-control
private, no-cache, no-store, must-revalidate, max-age=0
access-control-allow-credentials
true
content-length
43
x-xss-protection
1; mode=block
expires
Fri, 21-May-2021 06:57:58 GMT
sync_cookie_image_finish
mc.yandex.ru/
Redirect Chain
  • https://mc.yandex.com/sync_cookie_image_check
  • https://mc.yandex.ru/sync_cookie_image_start?redirect_domain=mc.yandex.com&token=9280.ZtveAuYgMK3dYnpVTdb8OwpyIFLh4PL_qd6zMAc9mzXCXmGnviVBJ8e3EWfs-oHH.23zlf0-X1wKIWmK3c54qkKKIXP4%2C
  • https://mc.yandex.com/sync_cookie_image_decide?token=9280.YTC56sJi3CeTF8KraKgemHUB1hOI8efRvmgFzkcf1FDOuFc1aok6lhTbcc1rRgCNu6FoMvnNrScIZFCfM83c6w%2C%2C.NkkBk7rIQf4jfqR7KSUZznOEYNY%2C
  • https://mc.yandex.ru/sync_cookie_image_finish?redirect_domain=mc.yandex.com&token=9280.OHyVSjVE4hqpW48w-wVO5civNH7BbtkSx6oD4Tt3dvG2LGPzSCyU2JWwLcmzfeeqyJiRP5MZORUjNsw-EpstnA%2C%2C.t277AdK0j228wqjRi...
43 B
245 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://mc.yandex.ru/sync_cookie_image_finish?redirect_domain=mc.yandex.com&token=9280.OHyVSjVE4hqpW48w-wVO5civNH7BbtkSx6oD4Tt3dvG2LGPzSCyU2JWwLcmzfeeqyJiRP5MZORUjNsw-EpstnA%2C%2C.t277AdK0j228wqjRiPCYVu2fd4c%2C
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:6b8::1:119 Moscow, Russian Federation, ASN13238 (YANDEX, RU),
Reverse DNS
Software
/
Resource Hash
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Xss-Protection 1; mode=block

Request headers

Referer
https://u.to/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 21 May 2021 06:57:58 GMT
strict-transport-security
max-age=31536000
content-length
43
x-xss-protection
1; mode=block
content-type
image/gif

Redirect headers

location
https://mc.yandex.ru/sync_cookie_image_finish?redirect_domain=mc.yandex.com&token=9280.OHyVSjVE4hqpW48w-wVO5civNH7BbtkSx6oD4Tt3dvG2LGPzSCyU2JWwLcmzfeeqyJiRP5MZORUjNsw-EpstnA%2C%2C.t277AdK0j228wqjRiPCYVu2fd4c%2C
date
Fri, 21 May 2021 06:57:58 GMT
strict-transport-security
max-age=31536000
x-xss-protection
1; mode=block
508703
mc.yandex.com/watch/ 		43 B
284 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://mc.yandex.com/watch/508703?page-url=https%3A%2F%2Fu.to%2FKIPLFw&charset=utf-8&cnt-class=1&browser-info=pv%3A1%3Aar%3A1%3Agdpr%3A14%3Avf%3Abx1nzewshzamry4%3Afu%3A0%3Aen%3Autf-8%3Ala%3Aen-US%3Av%3A504%3Acn%3A1%3Adp%3A1%3Als%3A812319495547%3Ahid%3A261250104%3Az%3A120%3Ai%3A20210521085758%3Aet%3A1621580279%3Ac%3A1%3Arn%3A1036765109%3Au%3A1621580278478295601%3Aw%3A1600x1200%3As%3A1600x1200x24%3Ask%3A1%3Ahdl%3A1%3Aeu%3A1%3Ans%3A1621580277124%3Arqnl%3A1%3Ati%3A2%3Ast%3A1621580279%3At%3ARedirection
Requested by
Host: mc.yandex.ru
URL: https://mc.yandex.ru/metrika/watch.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:6b8::1:119 Moscow, Russian Federation, ASN13238 (YANDEX, RU),
Reverse DNS
Software
/
Resource Hash
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Xss-Protection 1; mode=block

Request headers

Referer
https://u.to/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 21 May 2021 06:57:58 GMT
last-modified
Fri, 21-May-2021 06:57:58 GMT
strict-transport-security
max-age=31536000
content-type
image/gif
access-control-allow-origin
https://u.to
cache-control
private, no-cache, no-store, must-revalidate, max-age=0
access-control-allow-credentials
true
content-length
43
x-xss-protection
1; mode=block
expires
Fri, 21-May-2021 06:57:58 GMT
Primary Request Cookie set eTbLFw
u.to/
Redirect Chain
  • http://vkmonline.com/away?url=https://u.to/eTbLFw
  • https://u.to/eTbLFw
7 KB
3 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://u.to/eTbLFw
Requested by
Host: u.to
URL: https://u.to/KIPLFw
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
195.216.243.155 Moscow, Russian Federation, ASN57724 (DDOS-GUARD, RU),
Reverse DNS
s5.unet.com
Software
nginx/1.8.0 /
Resource Hash
6b630bf407891744cc4604c9fda50323c07c7ee24e92d299b8ad2c0254fa53e1

Request headers

Host
u.to
Connection
keep-alive
Pragma
no-cache
Cache-Control
no-cache
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Sec-Fetch-Site
cross-site
Sec-Fetch-Mode
navigate
Sec-Fetch-Dest
document
Accept-Encoding
gzip, deflate, br
Accept-Language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer
https://u.to/KIPLFw

Response headers

Server
nginx/1.8.0
Date
Fri, 21 May 2021 06:58:07 GMT
Content-Type
text/html; charset=UTF-8
Transfer-Encoding
chunked
Connection
keep-alive
Keep-Alive
timeout=15
Set-Cookie
lng=en; path=/; expires=Sat, 21-May-2022 06:58:07 GMT; domain=.u.to;
ETag
W/"5ce7c62b-1a75"
Content-Encoding
gzip

Redirect headers

Cache-Control
private
Content-Type
text/html; charset=utf-8
Location
https://u.to/eTbLFw
Server
Microsoft-IIS/8.5
X-AspNetMvc-Version
5.2
X-AspNet-Version
4.0.30319
Set-Cookie
language=1; expires=Sat, 21-May-2022 06:58:06 GMT; path=/ localeCode=en-US; expires=Sat, 21-May-2022 06:58:06 GMT; path=/
X-Powered-By
ASP.NET
Date
Fri, 21 May 2021 06:58:06 GMT
Content-Length
136
hit;uto_404
counter.yadro.ru/
Redirect Chain
  • https://counter.yadro.ru/hit;uto_404?r;s1600*1200*24;uhttps%3A//u.to/eTbLFw%23wupvxzrpxcpgq;1621580288038
  • https://counter.yadro.ru/hit;uto_404?q;r;s1600*1200*24;uhttps%3A//u.to/eTbLFw%23wupvxzrpxcpgq;1621580288038
43 B
496 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://counter.yadro.ru/hit;uto_404?q;r;s1600*1200*24;uhttps%3A//u.to/eTbLFw%23wupvxzrpxcpgq;1621580288038
Requested by
Host: u.to
URL: https://u.to/eTbLFw
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
88.212.201.198 , Russian Federation, ASN39134 (UNITEDNET, RU),
Reverse DNS
host198.rax.ru
Software
nginx/1.17.9 /
Resource Hash
2dfe28cbdb83f01c940de6a88ab86200154fd772d568035ac568664e52068363
Security Headers
Name Value
Strict-Transport-Security max-age=86400

Request headers

Referer
https://u.to/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma
no-cache
Date
Fri, 21 May 2021 06:58:08 GMT
Server
nginx/1.17.9
Strict-Transport-Security
max-age=86400
P3P
policyref="/w3c/p3p.xml", CP="UNI"
Cache-control
no-cache
Connection
keep-alive
Content-Type
image/gif
Content-Length
43
Expires
Wed, 20 May 2020 21:00:00 GMT

Redirect headers

Pragma
no-cache
Date
Fri, 21 May 2021 06:58:08 GMT
Server
nginx/1.17.9
Strict-Transport-Security
max-age=86400
P3P
policyref="/w3c/p3p.xml", CP="UNI"
Location
https://counter.yadro.ru/hit;uto_404?q;r;s1600*1200*24;uhttps%3A//u.to/eTbLFw%23wupvxzrpxcpgq;1621580288038
Cache-control
no-cache
Connection
keep-alive
Content-Type
text/html
Content-Length
32
Expires
Wed, 20 May 2020 21:00:00 GMT
watch.js
mc.yandex.ru/metrika/ 		123 KB
43 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://mc.yandex.ru/metrika/watch.js
Requested by
Host: u.to
URL: https://u.to/eTbLFw
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:6b8::1:119 Moscow, Russian Federation, ASN13238 (YANDEX, RU),
Reverse DNS
Software
/
Resource Hash
0dc25fa3b32fcdcb0c8d6960ce7a9ec11627d8769d78a0fcc5c8d06a8a4a757d
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

Referer
https://u.to/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 21 May 2021 06:58:08 GMT
content-encoding
br
last-modified
Thu, 20 May 2021 19:10:33 GMT
etag
"609e8948-abe7"
strict-transport-security
max-age=31536000
content-type
application/javascript
access-control-allow-origin
*
cache-control
max-age=3600
content-length
44007
expires
Fri, 21 May 2021 07:58:08 GMT
404-header-line.gif
u.to/.s/img/err/ 		1 KB
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://u.to/.s/img/err/404-header-line.gif
Requested by
Host: u.to
URL: https://u.to/eTbLFw
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
195.216.243.155 Moscow, Russian Federation, ASN57724 (DDOS-GUARD, RU),
Reverse DNS
s5.unet.com
Software
nginx/1.8.0 /
Resource Hash
ac9c14376fac0cd59069aeef8d7667e6a85dad3ba0379dc2a6026a20db18df1a

Request headers

Pragma
no-cache
Sec-Fetch-Site
same-origin
Accept-Encoding
gzip, deflate, br
Host
u.to
Accept-Language
en-US
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Sec-Fetch-Mode
no-cors
Accept
image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
Cache-Control
no-cache
Sec-Fetch-Dest
image
Referer
https://u.to/eTbLFw
Cookie
lng=en
Connection
keep-alive
Referer
https://u.to/eTbLFw
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Fri, 21 May 2021 06:58:08 GMT
Last-Modified
Thu, 04 Dec 2014 10:09:00 GMT
Server
nginx/1.8.0
ETag
"548032bc-489"
Content-Type
image/gif
Connection
keep-alive
Accept-Ranges
bytes
Keep-Alive
timeout=15
Content-Length
1161
404-arrow.png
u.to/.s/img/err/ 		1 KB
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://u.to/.s/img/err/404-arrow.png
Requested by
Host: u.to
URL: https://u.to/eTbLFw
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
195.216.243.155 Moscow, Russian Federation, ASN57724 (DDOS-GUARD, RU),
Reverse DNS
s5.unet.com
Software
nginx/1.8.0 /
Resource Hash
ba146ce6fb6e788b50e02b45b72835450b513ec744b2f8de1dd85589b42f8f05

Request headers

Pragma
no-cache
Sec-Fetch-Site
same-origin
Accept-Encoding
gzip, deflate, br
Host
u.to
Accept-Language
en-US
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Sec-Fetch-Mode
no-cors
Accept
image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
Cache-Control
no-cache
Sec-Fetch-Dest
image
Referer
https://u.to/eTbLFw
Cookie
lng=en
Connection
keep-alive
Referer
https://u.to/eTbLFw
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Fri, 21 May 2021 06:58:08 GMT
Last-Modified
Thu, 04 Dec 2014 10:09:00 GMT
Server
nginx/1.8.0
ETag
"548032bc-491"
Content-Type
image/png
Connection
keep-alive
Accept-Ranges
bytes
Keep-Alive
timeout=15
Content-Length
1169
404-logo.png
u.to/.s/img/err/ 		2 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://u.to/.s/img/err/404-logo.png
Requested by
Host: u.to
URL: https://u.to/eTbLFw
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
195.216.243.155 Moscow, Russian Federation, ASN57724 (DDOS-GUARD, RU),
Reverse DNS
s5.unet.com
Software
nginx/1.8.0 /
Resource Hash
0945354cad56584eb978afc9800bc9bd8d24df25fbfe063573a0511af5138e8b

Request headers

Pragma
no-cache
Sec-Fetch-Site
same-origin
Accept-Encoding
gzip, deflate, br
Host
u.to
Accept-Language
en-US
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Sec-Fetch-Mode
no-cors
Accept
image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
Cache-Control
no-cache
Sec-Fetch-Dest
image
Referer
https://u.to/eTbLFw
Cookie
lng=en
Connection
keep-alive
Referer
https://u.to/eTbLFw
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Fri, 21 May 2021 06:58:08 GMT
Last-Modified
Thu, 04 Dec 2014 10:08:00 GMT
Server
nginx/1.8.0
ETag
"54803280-868"
Content-Type
image/png
Connection
keep-alive
Accept-Ranges
bytes
Keep-Alive
timeout=15
Content-Length
2152
404.png
u.to/.s/img/err/ 		4 KB
5 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://u.to/.s/img/err/404.png
Requested by
Host: u.to
URL: https://u.to/eTbLFw
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
195.216.243.155 Moscow, Russian Federation, ASN57724 (DDOS-GUARD, RU),
Reverse DNS
s5.unet.com
Software
nginx/1.8.0 /
Resource Hash
389267599e2b30cda3f0091bcdaa856c39e38543038a52955eba5b048e915742

Request headers

Pragma
no-cache
Sec-Fetch-Site
same-origin
Accept-Encoding
gzip, deflate, br
Host
u.to
Accept-Language
en-US
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Sec-Fetch-Mode
no-cors
Accept
image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
Cache-Control
no-cache
Sec-Fetch-Dest
image
Referer
https://u.to/eTbLFw
Cookie
lng=en
Connection
keep-alive
Referer
https://u.to/eTbLFw
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Fri, 21 May 2021 06:58:08 GMT
Last-Modified
Thu, 04 Dec 2014 10:10:00 GMT
Server
nginx/1.8.0
ETag
"548032f8-1163"
Content-Type
image/png
Connection
keep-alive
Accept-Ranges
bytes
Keep-Alive
timeout=15
Content-Length
4451
button.png
u.to/.s/img/err/ 		1 KB
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://u.to/.s/img/err/button.png
Requested by
Host: u.to
URL: https://u.to/eTbLFw
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
195.216.243.155 Moscow, Russian Federation, ASN57724 (DDOS-GUARD, RU),
Reverse DNS
s5.unet.com
Software
nginx/1.8.0 /
Resource Hash
db06224375a1362de84da041db7bd476c60267d1e7d24a8569f967ce0c07ef05

Request headers

Pragma
no-cache
Sec-Fetch-Site
same-origin
Accept-Encoding
gzip, deflate, br
Host
u.to
Accept-Language
en-US
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Sec-Fetch-Mode
no-cors
Accept
image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
Cache-Control
no-cache
Sec-Fetch-Dest
image
Referer
https://u.to/eTbLFw
Cookie
lng=en
Connection
keep-alive
Referer
https://u.to/eTbLFw
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Fri, 21 May 2021 06:58:08 GMT
Last-Modified
Thu, 04 Dec 2014 10:10:00 GMT
Server
nginx/1.8.0
ETag
"548032f8-40c"
Content-Type
image/png
Connection
keep-alive
Accept-Ranges
bytes
Keep-Alive
timeout=15
Content-Length
1036
sync_cookie_image_decide
mc.yandex.com/
Redirect Chain
  • https://mc.yandex.com/sync_cookie_image_check
  • https://mc.yandex.ru/sync_cookie_image_start?redirect_domain=mc.yandex.com&token=9280.FtiYcZn8ySRD82hg4wK3ciO24Ri2I0AMpZ06rAz5Q2N-jHCcM4m3aSnCND_jiTbg.RoqPKEXGmdhLbxYRlQGy_K20MM4%2C
  • https://mc.yandex.com/sync_cookie_image_decide?token=9280.AdvJtLUaCTMQHISdzVGUgZT-ye_XcBUhlpNy9ecx2QfAJih-PtTiP11w7V6v6DuL-TIEjui33XK0IjlXQaXMZg%2C%2C.WplQ2BHiCdGhRtEIiFvACJIYPeM%2C
75 B
75 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://mc.yandex.com/sync_cookie_image_decide?token=9280.AdvJtLUaCTMQHISdzVGUgZT-ye_XcBUhlpNy9ecx2QfAJih-PtTiP11w7V6v6DuL-TIEjui33XK0IjlXQaXMZg%2C%2C.WplQ2BHiCdGhRtEIiFvACJIYPeM%2C
Requested by
Host: u.to
URL: https://u.to/eTbLFw
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:6b8::1:119 Moscow, Russian Federation, ASN13238 (YANDEX, RU),
Reverse DNS
Software
/
Resource Hash
8398a026313c016324f186d1c9b24a46813109d4bc5477d910a683079cbf1434
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Xss-Protection 1; mode=block

Request headers

Referer
https://u.to/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 21 May 2021 06:58:08 GMT
strict-transport-security
max-age=31536000
content-length
75
x-xss-protection
1; mode=block
content-type
text/html; charset=utf-8

Redirect headers

location
https://mc.yandex.com/sync_cookie_image_decide?token=9280.AdvJtLUaCTMQHISdzVGUgZT-ye_XcBUhlpNy9ecx2QfAJih-PtTiP11w7V6v6DuL-TIEjui33XK0IjlXQaXMZg%2C%2C.WplQ2BHiCdGhRtEIiFvACJIYPeM%2C
date
Fri, 21 May 2021 06:58:08 GMT
strict-transport-security
max-age=31536000
x-xss-protection
1; mode=block
advert.gif
mc.yandex.com/metrika/ 		43 B
100 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://mc.yandex.com/metrika/advert.gif
Requested by
Host: u.to
URL: https://u.to/eTbLFw
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:6b8::1:119 Moscow, Russian Federation, ASN13238 (YANDEX, RU),
Reverse DNS
Software
/
Resource Hash
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

Referer
https://u.to/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 21 May 2021 06:58:08 GMT
last-modified
Thu, 20 May 2021 19:10:33 GMT
etag
"609e8948-2b"
strict-transport-security
max-age=31536000
content-type
image/gif
access-control-allow-origin
*
cache-control
max-age=3600
accept-ranges
bytes
content-length
43
expires
Fri, 21 May 2021 07:58:08 GMT
1
mc.yandex.com/watch/27365672/
Redirect Chain
  • https://mc.yandex.com/watch/27365672?wmode=7&page-url=https%3A%2F%2Fu.to%2FeTbLFw%23wupvxzrpxcpgq&charset=utf-8&browser-info=pv%3A1%3Agdpr%3A14%3Avf%3Abx1nzewshzamry4%3Afp%3A534%3Afu%3A0%3Aen%3Autf...
  • https://mc.yandex.com/watch/27365672/1?wmode=7&page-url=https%3A%2F%2Fu.to%2FeTbLFw%23wupvxzrpxcpgq&charset=utf-8&browser-info=pv%3A1%3Agdpr%3A14%3Avf%3Abx1nzewshzamry4%3Afp%3A534%3Afu%3A0%3Aen%3Au...
184 B
266 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://mc.yandex.com/watch/27365672/1?wmode=7&page-url=https%3A%2F%2Fu.to%2FeTbLFw%23wupvxzrpxcpgq&charset=utf-8&browser-info=pv%3A1%3Agdpr%3A14%3Avf%3Abx1nzewshzamry4%3Afp%3A534%3Afu%3A0%3Aen%3Autf-8%3Ala%3Aen-US%3Av%3A504%3Acn%3A1%3Adp%3A0%3Als%3A808809537473%3Ahid%3A716399154%3Az%3A120%3Ai%3A20210521085808%3Aet%3A1621580288%3Ac%3A1%3Arn%3A177910528%3Au%3A1621580288617388042%3Aw%3A1600x1200%3As%3A1600x1200x24%3Ask%3A1%3Ahdl%3A1%3Ans%3A1621580287562%3Ads%3A0%2C0%2C95%2C2%2C359%2C0%2C%2C70%2C0%2C%2C%2C%2C534%3Adsn%3A0%2C0%2C96%2C1%2C360%2C0%2C%2C76%2C0%2C%2C%2C%2C535%3Arqnl%3A1%3Aadb%3A2%3Ati%3A2%3Ast%3A1621580288%3At%3AHTTP%20404%20%D0%9D%D0%B5%20%D0%BD%D0%B0%D0%B9%D0%B4%D0%B5%D0%BD%D0%BE
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:6b8::1:119 Moscow, Russian Federation, ASN13238 (YANDEX, RU),
Reverse DNS
Software
/
Resource Hash
e1e57997a74dc7c0d8b28d2bde0fc69caef75cfdab1b3c46f71cf373e08edbb2
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
https://u.to/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 21 May 2021 06:58:08 GMT
x-content-type-options
nosniff
last-modified
Fri, 21-May-2021 06:58:08 GMT
strict-transport-security
max-age=31536000
content-type
application/json; charset=utf-8
access-control-allow-origin
https://u.to
cache-control
private, no-cache, no-store, must-revalidate, max-age=0
access-control-allow-credentials
true
content-length
184
x-xss-protection
1; mode=block
expires
Fri, 21-May-2021 06:58:08 GMT

Redirect headers

pragma
no-cache
date
Fri, 21 May 2021 06:58:08 GMT
last-modified
Fri, 21-May-2021 06:58:08 GMT
location
/watch/27365672/1?wmode=7&page-url=https%3A%2F%2Fu.to%2FeTbLFw%23wupvxzrpxcpgq&charset=utf-8&browser-info=pv%3A1%3Agdpr%3A14%3Avf%3Abx1nzewshzamry4%3Afp%3A534%3Afu%3A0%3Aen%3Autf-8%3Ala%3Aen-US%3Av%3A504%3Acn%3A1%3Adp%3A0%3Als%3A808809537473%3Ahid%3A716399154%3Az%3A120%3Ai%3A20210521085808%3Aet%3A1621580288%3Ac%3A1%3Arn%3A177910528%3Au%3A1621580288617388042%3Aw%3A1600x1200%3As%3A1600x1200x24%3Ask%3A1%3Ahdl%3A1%3Ans%3A1621580287562%3Ads%3A0%2C0%2C95%2C2%2C359%2C0%2C%2C70%2C0%2C%2C%2C%2C534%3Adsn%3A0%2C0%2C96%2C1%2C360%2C0%2C%2C76%2C0%2C%2C%2C%2C535%3Arqnl%3A1%3Aadb%3A2%3Ati%3A2%3Ast%3A1621580288%3At%3AHTTP%20404%20%D0%9D%D0%B5%20%D0%BD%D0%B0%D0%B9%D0%B4%D0%B5%D0%BD%D0%BE
strict-transport-security
max-age=31536000
access-control-allow-origin
https://u.to
cache-control
private, no-cache, no-store, must-revalidate, max-age=0
access-control-allow-credentials
true
x-xss-protection
1; mode=block
expires
Fri, 21-May-2021 06:58:08 GMT

Verdicts & Comments Add Verdict or Comment

13 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| onbeforexrselect object| ontransitionrun object| ontransitionstart object| ontransitioncancel object| cookieStore function| showDirectoryPicker function| showOpenFilePicker function| showSaveFilePicker boolean| originAgentCluster object| trustedTypes boolean| crossOriginIsolated object| Ya object| yaCounter27365672

4 Cookies

Domain/Path Name / Value
.u.to/ Name: _ym_isad
Value: 2
.u.to/ Name: _ym_d
Value: 1621580288
.u.to/ Name: _ym_uid
Value: 1621580288617388042
.u.to/ Name: lng
Value: en

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

an.yandex.ru
counter.yadro.ru
fonts.googleapis.com
fonts.gstatic.com
mc.yandex.com
mc.yandex.ru
report.smartcount.net
u.to
vkmonline.com
yandex.ru
yastatic.net
138.201.195.51
195.216.243.155
2a00:1450:4001:800::200a
2a00:1450:4001:80f::2003
2a02:6b8:20::215
2a02:6b8::1:119
2a02:6b8::90
2a02:6b8:a::a
64.140.168.34
88.212.201.198
0945354cad56584eb978afc9800bc9bd8d24df25fbfe063573a0511af5138e8b
0dc25fa3b32fcdcb0c8d6960ce7a9ec11627d8769d78a0fcc5c8d06a8a4a757d
20f5b60667c01b3c60075aafa6b8c76ee58fe6a86a3d8d2d48579de787cf6f80
2bf12dd09417bd879194b11b5d2a4e81f78e12f3e0869f16e038003b4636a525
2dfe28cbdb83f01c940de6a88ab86200154fd772d568035ac568664e52068363
389267599e2b30cda3f0091bcdaa856c39e38543038a52955eba5b048e915742
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87
6b630bf407891744cc4604c9fda50323c07c7ee24e92d299b8ad2c0254fa53e1
7e928161cd626935d39ff08188caa3f3a918811ca87194082dedf28b697ce6fd
8398a026313c016324f186d1c9b24a46813109d4bc5477d910a683079cbf1434
873350a6aa1cbe11dbb63ac608c03e1387965c451f1f1250e623e77e51c750a2
8d3ca80fa271e94b0c36cf3053b0f806b7a42bb3395b424c99dc0bd218f0ac20
a14530658b9fa7a7017759331a324a7f071f9c38758624aebe93bd4893e035a0
aa03dc59bdca72631d2301e4297cfa030bd31b907dc138e7b973d12311c90a22
ac9c14376fac0cd59069aeef8d7667e6a85dad3ba0379dc2a6026a20db18df1a
ba146ce6fb6e788b50e02b45b72835450b513ec744b2f8de1dd85589b42f8f05
c3c0d3f472358aac78455515c4800771426770c22698e2486d39fdb5505634e1
c494c1341c2ca027d5681c72738bc27567fe2bac9ce2901e9864bc29efe6b7a2
da43bc1f2722465aed5275f1e39e065153ca5c7f96122c94c9d1188127b527c7
db06224375a1362de84da041db7bd476c60267d1e7d24a8569f967ce0c07ef05
e1e57997a74dc7c0d8b28d2bde0fc69caef75cfdab1b3c46f71cf373e08edbb2
e44aa9a88192f74a7a9bfce08eee3769566ff8395c3036198f449e00e49b5f7a
f36c27bca7237aa55291a25b34c4025bb71e153449d0221b697efb0ab62d7a74
f764c9d1d6ac56ba63661be16e332d39da6b6f280e349173d295cca310aa8ffd