help-m2c.eccang.com Open in urlscan Pro
120.77.243.218 Public Scan

Go To Rescan
Add Verdict Report

Submitted URL:
https://soo.gd/H0dAG
Effective URL:
http://help-m2c.eccang.com/pseovck27kr/nptoris/privacy-policy/index_swshoes.php/fbqcy/rvfy/?missing=wsbp1nkm0xr1e25
Submission: On April 20 via manual (April 20th 2020, 11:45:03 pm UTC) from US

Summary HTTP 21 Redirects Behaviour Indicators

Summary

This website contacted 11 IPs in 5 countries across 13 domains to perform 21 HTTP transactions. The main IP is 120.77.243.218, located in Hangzhou, China and belongs to CNNIC-ALIBABA-CN-NET-AP Hangzhou Alibaba Advertising Co.,Ltd., CN. The main domain is help-m2c.eccang.com.

This is the only time help-m2c.eccang.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
1	69.61.26.123 69.61.26.123	22653 (GLOBALCOM...) (GLOBALCOMPASS)
4	2a00:1450:400... 2a00:1450:4001:81b::2002	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:818::2008	15169 (GOOGLE) (GOOGLE)
3	172.217.21.194 172.217.21.194	15169 (GOOGLE) (GOOGLE)
2	2a00:1450:400... 2a00:1450:4001:819::200e	15169 (GOOGLE) (GOOGLE)
2	2a00:1450:400... 2a00:1450:4001:80b::2001	15169 (GOOGLE) (GOOGLE)
1 1	2001:1528:225... 2001:1528:225::a:34	15685 (CASABLANC...) (CASABLANCA-AS Internet & Collocation Provider)
1	195.216.243.155 195.216.243.155	57724 (DDOS-GUARD) (DDOS-GUARD)
1	120.77.243.218 120.77.243.218	37963 (CNNIC-ALI...) (CNNIC-ALIBABA-CN-NET-AP Hangzhou Alibaba Advertising Co.)
1 4	2a02:6b8::1:119 2a02:6b8::1:119	13238 (YANDEX) (YANDEX)
1 2	88.212.201.210 88.212.201.210	39134 (UNITEDNET) (UNITEDNET)
21	11

1 69.61.26.123 (Atlanta, United States)

ASN22653 (GLOBALCOMPASS, US)

soo.gd	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2a00:1450:4001:81b::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.googletagservices.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
adservice.google.de	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
adservice.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
pagead2.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:818::2008 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.googletagmanager.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 172.217.21.194 (United States)

ASN15169 (GOOGLE, US)
PTR: fra16s12-in-f194.1e100.net

securepubads.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:819::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google-analytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:80b::2001 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

tpc.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2001:1528:225::a:34 (Czech Republic) 1 redirects

ASN15685 (CASABLANCA-AS Internet & Collocation Provider, CZ)

zadarmo.cz	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 195.216.243.155 (Moscow, Russian Federation)

ASN57724 (DDOS-GUARD, RU)
PTR: s5.unet.com

u.to	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 120.77.243.218 (Hangzhou, China)

ASN37963 (CNNIC-ALIBABA-CN-NET-AP Hangzhou Alibaba Advertising Co.,Ltd., CN)

help-m2c.eccang.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2a02:6b8::1:119 (Moscow, Russian Federation) 1 redirects

ASN13238 (YANDEX, RU)

mc.yandex.ru	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 88.212.201.210 (Russian Federation) 1 redirects

ASN39134 (UNITEDNET, RU)
PTR: host210.rax.ru

counter.yadro.ru	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
4	yandex.ru 1 redirects mc.yandex.ru	95 KB
3	googlesyndication.com tpc.googlesyndication.com pagead2.googlesyndication.com	11 KB
3	doubleclick.net securepubads.g.doubleclick.net	86 KB
2	yadro.ru 1 redirects counter.yadro.ru	936 B
2	google-analytics.com www.google-analytics.com	18 KB
1	eccang.com help-m2c.eccang.com	3 KB
1	u.to u.to	1 KB
1	zadarmo.cz 1 redirects zadarmo.cz	223 B
1	google.com adservice.google.com	839 B
1	google.de adservice.google.de	839 B
1	googletagmanager.com www.googletagmanager.com	30 KB
1	googletagservices.com www.googletagservices.com	15 KB
1	soo.gd soo.gd	2 KB
21	13

	Domain	Requested by
4	mc.yandex.ru	1 redirects u.to
3	securepubads.g.doubleclick.net	www.googletagservices.com securepubads.g.doubleclick.net
2	counter.yadro.ru	1 redirects
2	tpc.googlesyndication.com	securepubads.g.doubleclick.net tpc.googlesyndication.com
2	www.google-analytics.com	www.googletagmanager.com soo.gd
1	help-m2c.eccang.com	u.to soo.gd
1	pagead2.googlesyndication.com	securepubads.g.doubleclick.net
1	u.to	soo.gd
1	zadarmo.cz	1 redirects
1	adservice.google.com	www.googletagservices.com
1	adservice.google.de	www.googletagservices.com
1	www.googletagmanager.com	soo.gd
1	www.googletagservices.com	soo.gd
1	soo.gd
21	14

This site contains no links.

Subject Issuer	Validity	Valid
www.soo.gd Let's Encrypt Authority X3	`2020-04-12` - `2020-07-11`	3 months	crt.sh
*.g.doubleclick.net GTS CA 1O1	`2020-04-07` - `2020-06-30`	3 months	crt.sh
*.google-analytics.com GTS CA 1O1	`2020-04-01` - `2020-06-24`	3 months	crt.sh
*.google.de GTS CA 1O1	`2020-04-07` - `2020-06-30`	3 months	crt.sh
*.google.com GTS CA 1O1	`2020-04-07` - `2020-06-30`	3 months	crt.sh
tpc.googlesyndication.com GTS CA 1O1	`2020-04-01` - `2020-06-24`	3 months	crt.sh
u.to Sectigo RSA Domain Validation Secure Server CA	`2019-08-23` - `2021-08-22`	2 years	crt.sh
mc.yandex.ru Yandex CA	`2019-09-23` - `2020-09-22`	a year	crt.sh
counter.yadro.ru GoGetSSL ECC DV CA	`2020-02-02` - `2022-05-02`	2 years	crt.sh

This page contains 2 frames:

Frame: http://help-m2c.eccang.com/pseovck27kr/nptoris/privacy-policy/index_swshoes.php/brvqd/kcf/?8s8ka8mz8k0
Frame ID: C79C4257BEBDCF1C56B7C6260783B913
Requests: 20 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/sodar2/209/runner.html
Frame ID: 171C6FDEB63D6AAE2E7BC62B5AE856DF
Requests: 1 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page URL History Show full URLs

https://soo.gd/H0dAG Page URL
http://zadarmo.cz/bkm_redirect.php?bkm_id=684&url=https://u.to/3k4jGA HTTP 302
https://u.to/3k4jGA Page URL
http://help-m2c.eccang.com/pseovck27kr/nptoris/privacy-policy/index_swshoes.php/fbqcy/rvfy/?missing=wsb... Page URL

Page Statistics

21
Requests

86 %
HTTPS

55 %
IPv6

13
Domains

14
Subdomains

11
IPs

5
Countries

261 kB
Transfer

787 kB
Size

0
Cookies

0 Outgoing links

These are links going to different origins than the main page.

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

https://soo.gd/H0dAG Page URL
http://zadarmo.cz/bkm_redirect.php?bkm_id=684&url=https://u.to/3k4jGA HTTP 302
https://u.to/3k4jGA Page URL
http://help-m2c.eccang.com/pseovck27kr/nptoris/privacy-policy/index_swshoes.php/fbqcy/rvfy/?missing=wsbp1nkm0xr1e25 Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 11

http://zadarmo.cz/bkm_redirect.php?bkm_id=684&url=https://u.to/3k4jGA HTTP 302
https://u.to/3k4jGA

Request Chain 16

https://counter.yadro.ru/hit;utostat?r;s1600*1200*24;uhttps%3A//u.to/3k4jGA%23khxvayhhvhhdedw;1587426270158 HTTP 302
https://counter.yadro.ru/hit;utostat?q;r;s1600*1200*24;uhttps%3A//u.to/3k4jGA%23khxvayhhvhhdedw;1587426270158

Request Chain 17

https://mc.yandex.ru/watch/51604940?wmode=7&page-url=https%3A%2F%2Fu.to%2F3k4jGA%23khxvayhhvhhdedw&charset=utf-8&browser-info=ti%3A10%3Ans%3A1587426269578%3As%3A1600x1200x24%3Ask%3A1%3Ahdl%3A1%3Afpr%3A216613626101%3Acn%3A1%3Aw%3A1600x1200%3Az%3A120%3Ai%3A20200421014431%3Aet%3A1587426271%3Aen%3Autf-8%3Ac%3A1%3Ala%3Aen-us%3Apv%3A1%3Arn%3A925946401%3Ahid%3A80889135%3Ads%3A1%2C335%2C154%2C2%2C65%2C0%2C0%2C%2C%2C582%2C%2C%2C%3Agdpr%3A14%3Av%3A1853%3Awv%3A2%3Ast%3A1587426271%3Au%3A1587426271786827711%3At%3ARedirecting HTTP 302
https://mc.yandex.ru/watch/51604940/1?wmode=7&page-url=https%3A%2F%2Fu.to%2F3k4jGA%23khxvayhhvhhdedw&charset=utf-8&browser-info=ti%3A10%3Ans%3A1587426269578%3As%3A1600x1200x24%3Ask%3A1%3Ahdl%3A1%3Afpr%3A216613626101%3Acn%3A1%3Aw%3A1600x1200%3Az%3A120%3Ai%3A20200421014431%3Aet%3A1587426271%3Aen%3Autf-8%3Ac%3A1%3Ala%3Aen-us%3Apv%3A1%3Arn%3A925946401%3Ahid%3A80889135%3Ads%3A1%2C335%2C154%2C2%2C65%2C0%2C0%2C%2C%2C582%2C%2C%2C%3Agdpr%3A14%3Av%3A1853%3Awv%3A2%3Ast%3A1587426271%3Au%3A1587426271786827711%3At%3ARedirecting

21 HTTP transactions
0 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H/1.1 200
OK H0dAG Show response
soo.gd/ 3 KB
2 KB 3032ms
2294ms Document
text/html 69.61.26.123
GLOBALCOMPASS

General

Check archive.org

Show headers Download Go to

Full URL

https://soo.gd/H0dAG

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

69.61.26.123 Atlanta, United States, ASN22653 (GLOBALCOMPASS, US),

Reverse DNS

Software

Hotcores.com /

Resource Hash

01421cdcebb57d5b1c92ff4f19af0920e7bb6bb2189af114030158a9a8d526bf

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubdomains;

Request headers

Host: soo.gd
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Sec-Fetch-Site: none
Sec-Fetch-Mode: navigate
Sec-Fetch-User: ?1
Sec-Fetch-Dest: document
Accept-Encoding: gzip, deflate, br
Accept-Language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Server: Hotcores.com
Date: Mon, 20 Apr 2020 23:44:18 GMT
Content-Type: text/html; Charset=UTF-8;charset=UTF-8
Transfer-Encoding: chunked
Connection: keep-alive
Vary: Accept-Encoding
Cache-Control: no-cache, must-revalidate, max-age=0
Pragma: no-cache
X-Robots-Tag: noindex, nofollow
I-AM: Gamma
Strict-Transport-Security: max-age=31536000; includeSubdomains;
Content-Encoding: gzip

GET
H2 200 gpt.js Show response
www.googletagservices.com/tag/js/ 42 KB
15 KB 373ms
130ms Script
text/javascript 2a00:1450:4001:81b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/tag/js/gpt.js

Requested by

Host: soo.gd
URL: https://soo.gd/H0dAG

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:81b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

8b7cc77426aba678145792bd3792bdd055c2bf8ed95b976f5fe15638bf9f07b3

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://soo.gd/H0dAG
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Mon, 20 Apr 2020 23:44:28 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: sffe
etag: "492 / 912 of 1000 / last-modified: 1587414966"
vary: Accept-Encoding
content-type: text/javascript
status: 200
cache-control: private, max-age=900, stale-while-revalidate=3600
timing-allow-origin: *
alt-svc: quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43",h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q049="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,h3-T050="googleads.g.doubleclick.net:443"; ma=2592000,h3-T050=":443"; ma=2592000
content-length: 14195
x-xss-protection: 0
expires: Mon, 20 Apr 2020 23:44:28 GMT

GET
H2 200 js Show response
www.googletagmanager.com/gtag/ 79 KB
30 KB 326ms
117ms Script
application/javascript 2a00:1450:4001:818::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=UA-31510493-2

Requested by

Host: soo.gd
URL: https://soo.gd/H0dAG

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:818::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

cd404282f2feebbe097b83180489d71ff81e92b0b735135d2b138acdff00a2f2

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

Referer: https://soo.gd/H0dAG
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Mon, 20 Apr 2020 23:44:28 GMT
content-encoding: br
vary: Accept-Encoding
status: 200
alt-svc: quic=":443"; ma=2592000; v="46,43",h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,h3-T050=":443"; ma=2592000
content-length: 30046
x-xss-protection: 0
last-modified: Mon, 20 Apr 2020 21:00:00 GMT
server: Google Tag Manager
strict-transport-security: max-age=31536000; includeSubDomains
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
expires: Mon, 20 Apr 2020 23:44:28 GMT

GET
H2 200 integrator.js Show response
adservice.google.de/adsid/ 109 B
839 B 396ms
138ms Script
application/javascript 2a00:1450:4001:81b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.de/adsid/integrator.js?domain=soo.gd

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/tag/js/gpt.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:81b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

0482a98d09daebc18a0d2e1ed8f748da5b0179e61223ed541101df1f4699f073

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://soo.gd/H0dAG
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

timing-allow-origin: *
date: Mon, 20 Apr 2020 23:44:28 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
status: 200
cache-control: private, no-cache, no-store
content-disposition: attachment; filename="f.txt"
content-type: application/javascript; charset=UTF-8
alt-svc: quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43",h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q049="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,h3-T050="googleads.g.doubleclick.net:443"; ma=2592000,h3-T050=":443"; ma=2592000
content-length: 104
x-xss-protection: 0

GET
H2 200 integrator.js Show response
adservice.google.com/adsid/ 109 B
839 B 390ms
135ms Script
application/javascript 2a00:1450:4001:81b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.com/adsid/integrator.js?domain=soo.gd

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/tag/js/gpt.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:81b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

0482a98d09daebc18a0d2e1ed8f748da5b0179e61223ed541101df1f4699f073

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://soo.gd/H0dAG
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

timing-allow-origin: *
date: Mon, 20 Apr 2020 23:44:28 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
status: 200
cache-control: private, no-cache, no-store
content-disposition: attachment; filename="f.txt"
content-type: application/javascript; charset=UTF-8
alt-svc: quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43",h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q049="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,h3-T050="googleads.g.doubleclick.net:443"; ma=2592000,h3-T050=":443"; ma=2592000
content-length: 104
x-xss-protection: 0

GET
H2 200 pubads_impl_2020041602.js Show response
securepubads.g.doubleclick.net/gpt/ 167 KB
62 KB 494ms
170ms Script
text/javascript 172.217.21.194
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gpt/pubads_impl_2020041602.js

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/tag/js/gpt.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.217.21.194 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s12-in-f194.1e100.net

Software

sffe /

Resource Hash

82bbd04adfca6dbbc54fbcff55f4db8bc1f66d7ccfe36820480be504d94d905d

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://soo.gd/H0dAG
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Mon, 20 Apr 2020 23:44:28 GMT
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Thu, 16 Apr 2020 16:34:23 GMT
server: sffe
vary: Accept-Encoding
content-type: text/javascript
status: 200
cache-control: private, immutable, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
alt-svc: quic=":443"; ma=2592000; v="46,43",h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,h3-T050=":443"; ma=2592000
content-length: 62526
x-xss-protection: 0
expires: Mon, 20 Apr 2020 23:44:28 GMT

GET
H2 200 analytics.js Show response
www.google-analytics.com/ 44 KB
18 KB 418ms
139ms Script
text/javascript 2a00:1450:4001:819::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/analytics.js

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=UA-31510493-2

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:819::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

eaf1b128b927ac2868755cb7366d35554255c8af362235afe270f9614f8c806d

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://soo.gd/H0dAG
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

strict-transport-security: max-age=10886400; includeSubDomains; preload
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Thu, 06 Feb 2020 00:21:02 GMT
server: Golfe2
age: 354
date: Mon, 20 Apr 2020 23:38:34 GMT
vary: Accept-Encoding
content-type: text/javascript
status: 200
cache-control: public, max-age=7200
alt-svc: quic=":443"; ma=2592000; v="46,43",h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,h3-T050=":443"; ma=2592000
content-length: 18174
expires: Tue, 21 Apr 2020 01:38:34 GMT

GET
H2 200 collect
www.google-analytics.com/r/ 35 B
199 B 149ms
148ms Image
image/gif 2a00:1450:4001:819::200e
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google-analytics.com/r/collect?v=1&_v=j81&a=22238771&t=pageview&_s=1&dl=https%3A%2F%2Fsoo.gd%2FH0dAG&ul=en-us&de=UTF-8&dt=H0dAG&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=IEBAAUAB~&jid=957016942&gjid=1706772667&cid=424902002.1587426269&tid=UA-31510493-2&_gid=23581285.1587426269&_r=1&gtm=2ou480&z=762789916

Requested by

Host: soo.gd
URL: https://soo.gd/H0dAG

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:819::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://soo.gd/H0dAG
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 20 Apr 2020 23:44:29 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
status: 200
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate
alt-svc: quic=":443"; ma=2592000; v="46,43",h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,h3-T050=":443"; ma=2592000
content-length: 35
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 ads Show response
securepubads.g.doubleclick.net/gampad/ 395 B
712 B 199ms
199ms XHR
text/plain 172.217.21.194
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gampad/ads?gdfp_req=1&pvsid=3363446430867300&correlator=331713173079939&output=ldjh&impl=fif&adsid=NT&eid=21065112%2C21065401&vrg=2020041602&guci=1.2.0.0.2.2.0.0&sc=1&sfv=1-0-37&ecs=20200420&iu_parts=5837603%2CSGD_360&enc_prev_ius=%2F0%2F1&prev_iu_szs=300x360&cookie_enabled=1&bc=31&abxe=1&lmt=1587426269&dt=1587426269351&dlt=1587426268115&idt=1225&frm=20&biw=1600&bih=1200&oid=3&adxs=-12245933&adys=-12245933&adks=1216140633&ucis=1&ifi=1&u_tz=120&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&flash=0&url=https%3A%2F%2Fsoo.gd%2FH0dAG&dssz=10&icsg=680&std=0&vis=1&dmc=8&scr_x=0&scr_y=0&psz=330x423&msz=0x0&ga_vid=424902002.1587426269&ga_sid=1587426269&ga_hid=22238771&fws=128&ohw=0

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2020041602.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.217.21.194 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s12-in-f194.1e100.net

Software

cafe /

Resource Hash

dd04c331e82207e16ed24e8ee399d51b7305146b2cc60c000757d28562d53e26

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://soo.gd/H0dAG
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Mon, 20 Apr 2020 23:44:29 GMT
content-encoding: br
x-content-type-options: nosniff
google-mediationgroup-id: -2
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
status: 200
alt-svc: quic=":443"; ma=2592000; v="46,43",h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,h3-T050=":443"; ma=2592000
content-length: 209
x-xss-protection: 0
google-lineitem-id: -2
pragma: no-cache
server: cafe
google-mediationtag-id: -2
google-creative-id: -2
content-type: text/plain; charset=UTF-8
access-control-allow-origin: https://soo.gd
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 pubads_impl_rendering_2020041602.js Show response
securepubads.g.doubleclick.net/gpt/ 64 KB
23 KB 181ms
180ms Script
text/javascript 172.217.21.194
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gpt/pubads_impl_rendering_2020041602.js

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2020041602.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.217.21.194 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s12-in-f194.1e100.net

Software

sffe /

Resource Hash

df255e2f7f9fd8c86ec6b227d9b3d2f8b3501188802e75a5009cbf9ba6f4eab7

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://soo.gd/H0dAG
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Mon, 20 Apr 2020 23:44:29 GMT
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Thu, 16 Apr 2020 16:34:23 GMT
server: sffe
vary: Accept-Encoding
content-type: text/javascript
status: 200
cache-control: private, immutable, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
alt-svc: quic=":443"; ma=2592000; v="46,43",h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,h3-T050=":443"; ma=2592000
content-length: 23935
x-xss-protection: 0
expires: Mon, 20 Apr 2020 23:44:29 GMT

GET
H2 200 container.html
tpc.googlesyndication.com/safeframe/1-0-37/html/ 0
0 347ms
113ms Other
text/html 2a00:1450:4001:80b::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://tpc.googlesyndication.com/safeframe/1-0-37/html/container.html
Requested by: Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2020041602.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a00:1450:4001:80b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash

Request headers

Referer: https://soo.gd/H0dAG
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

GET
H/1.1

200
OK

Cookie set 3k4jGA
u.to/
Redirect Chain

http://zadarmo.cz/bkm_redirect.php?bkm_id=684&url=https://u.to/3k4jGA
https://u.to/3k4jGA

1 KB
1 KB

490ms
154ms

Document
text/html

195.216.243.155
DDOS-GUARD

General

Check archive.org

Show headers Download Go to

Full URL: https://u.to/3k4jGA
Requested by: Host: soo.gd
URL: https://soo.gd/H0dAG
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 195.216.243.155 Moscow, Russian Federation, ASN57724 (DDOS-GUARD, RU),
Reverse DNS: s5.unet.com
Software: nginx/1.8.0 /
Resource Hash

Request headers

Host: u.to
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Sec-Fetch-Site: cross-site
Sec-Fetch-Mode: navigate
Sec-Fetch-Dest: document
Accept-Encoding: gzip, deflate, br
Accept-Language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Referer: https://soo.gd/H0dAG

Response headers

Server: nginx/1.8.0
Date: Mon, 20 Apr 2020 23:44:30 GMT
Content-Type: text/html; charset=UTF-8
Transfer-Encoding: chunked
Connection: keep-alive
Keep-Alive: timeout=15
Set-Cookie: lng=en; path=/; expires=Tue, 20-Apr-2021 23:44:30 GMT; domain=.u.to;
Cache-Control: no-cache no-store
Pragma: no-cache
Vary: host
Content-Encoding: gzip

Redirect headers

Date: Mon, 20 Apr 2020 23:44:29 GMT
Server: Apache/2.4.25 (Debian)
Location: https://u.to/3k4jGA
Content-Length: 0
Keep-Alive: timeout=15, max=100
Connection: Keep-Alive
Content-Type: text/html

GET
H2 200 sodar
pagead2.googlesyndication.com/getconfig/ 7 KB
6 KB 336ms
120ms XHR
application/json 2a00:1450:4001:81b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gpt&tv=2020041602&st=env

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_rendering_2020041602.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:81b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://soo.gd/H0dAG
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

timing-allow-origin: *
date: Mon, 20 Apr 2020 23:44:29 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
status: 200
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin: *
cache-control: private
content-disposition: attachment; filename="f.txt"
content-type: application/json; charset=UTF-8
alt-svc: quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43",h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q049="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,h3-T050="googleads.g.doubleclick.net:443"; ma=2592000,h3-T050=":443"; ma=2592000
content-length: 5144
x-xss-protection: 0

GET
H2 200 sodar2.js
tpc.googlesyndication.com/sodar/ 14 KB
5 KB 149ms
149ms Script
text/javascript 2a00:1450:4001:80b::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2.js

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_rendering_2020041602.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://soo.gd/H0dAG
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Mon, 20 Apr 2020 23:44:30 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: sffe
etag: "1582746470043195"
vary: Accept-Encoding
content-type: text/javascript
status: 200
cache-control: private, max-age=3000
accept-ranges: bytes
alt-svc: quic=":443"; ma=2592000; v="46,43",h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,h3-T050=":443"; ma=2592000
content-length: 5456
x-xss-protection: 0
expires: Mon, 20 Apr 2020 23:44:30 GMT

GET runner.html
tpc.googlesyndication.com/sodar/sodar2/209/ Frame 171C 0
0

GET
H/1.1 200
OK Primary Request / Show response
help-m2c.eccang.com/pseovck27kr/nptoris/privacy-policy/index_swshoes.php/fbqcy/rvfy/ 3 KB
3 KB 2150ms
1115ms Document
text/html 120.77.243.218
CNNIC-ALIBABA-CN-...

General

Check archive.org

Show headers Download Go to

Full URL: http://help-m2c.eccang.com/pseovck27kr/nptoris/privacy-policy/index_swshoes.php/fbqcy/rvfy/?missing=wsbp1nkm0xr1e25
Requested by: Host: u.to
URL: https://u.to/3k4jGA
Protocol: HTTP/1.1
Server: 120.77.243.218 Hangzhou, China, ASN37963 (CNNIC-ALIBABA-CN-NET-AP Hangzhou Alibaba Advertising Co.,Ltd., CN),
Reverse DNS
Software: nginx /
Resource Hash: 83d47c39aa063416757618360ada2edeffde04f210dd96c44b68aec6e86043be

Request headers

Host: help-m2c.eccang.com
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Accept-Encoding: gzip, deflate
Accept-Language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Server: nginx
Date: Mon, 20 Apr 2020 23:44:32 GMT
Content-Type: text/html; charset=UTF-8
Transfer-Encoding: chunked
Connection: keep-alive

GET
H/1.1 200
OK tag.js
mc.yandex.ru/metrika/ 363 KB
92 KB 590ms
291ms Script
application/javascript 2a02:6b8::1:119
YANDEX

General

Check archive.org

Show headers Download Go to

Full URL

https://mc.yandex.ru/metrika/tag.js

Requested by

Host: u.to
URL: https://u.to/3k4jGA

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

2a02:6b8::1:119 Moscow, Russian Federation, ASN13238 (YANDEX, RU),

Reverse DNS

Software

nginx/1.14.2 /

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

Referer: https://u.to/3k4jGA
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Date: Mon, 20 Apr 2020 23:44:30 GMT
Content-Encoding: br
Last-Modified: Thu, 16 Apr 2020 11:16:08 GMT
Server: nginx/1.14.2
ETag: "5e983e78-16faf"
Strict-Transport-Security: max-age=31536000
Content-Type: application/javascript
Access-Control-Allow-Origin: *
Cache-Control: max-age=3600
Connection: keep-alive
Content-Length: 94127
Expires: Tue, 21 Apr 2020 00:44:30 GMT

GET
H/1.1

200
OK

hit;utostat
counter.yadro.ru/
Redirect Chain

https://counter.yadro.ru/hit;utostat?r;s1600*1200*24;uhttps%3A//u.to/3k4jGA%23khxvayhhvhhdedw;1587426270158
https://counter.yadro.ru/hit;utostat?q;r;s1600*1200*24;uhttps%3A//u.to/3k4jGA%23khxvayhhvhhdedw;1587426270158

43 B
421 B

154ms
153ms

Image
image/gif

88.212.201.210
UNITEDNET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://counter.yadro.ru/hit;utostat?q;r;s1600*1200*24;uhttps%3A//u.to/3k4jGA%23khxvayhhvhhdedw;1587426270158
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 88.212.201.210 , Russian Federation, ASN39134 (UNITEDNET, RU),
Reverse DNS: host210.rax.ru
Software: nginx/1.17.9 /
Resource Hash

Request headers

Referer: https://u.to/3k4jGA
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Pragma: no-cache
Date: Mon, 20 Apr 2020 23:44:30 GMT
Server: nginx/1.17.9
P3P: policyref="/w3c/p3p.xml", CP="UNI"
Cache-control: no-cache
Connection: keep-alive
Content-Type: image/gif
Content-Length: 43
Expires: Sun, 21 Apr 2019 21:00:00 GMT

Redirect headers

Pragma: no-cache
Date: Mon, 20 Apr 2020 23:44:30 GMT
Server: nginx/1.17.9
P3P: policyref="/w3c/p3p.xml", CP="UNI"
Location: https://counter.yadro.ru/hit;utostat?q;r;s1600*1200*24;uhttps%3A//u.to/3k4jGA%23khxvayhhvhhdedw;1587426270158
Cache-control: no-cache
Connection: keep-alive
Content-Type: text/html
Content-Length: 32
Expires: Sun, 21 Apr 2019 21:00:00 GMT

GET
H/1.1

200
OK

1
mc.yandex.ru/watch/51604940/
Redirect Chain

https://mc.yandex.ru/watch/51604940?wmode=7&page-url=https%3A%2F%2Fu.to%2F3k4jGA%23khxvayhhvhhdedw&charset=utf-8&browser-info=ti%3A10%3Ans%3A1587426269578%3As%3A1600x1200x24%3Ask%3A1%3Ahdl%3A1%3Afp...
https://mc.yandex.ru/watch/51604940/1?wmode=7&page-url=https%3A%2F%2Fu.to%2F3k4jGA%23khxvayhhvhhdedw&charset=utf-8&browser-info=ti%3A10%3Ans%3A1587426269578%3As%3A1600x1200x24%3Ask%3A1%3Ahdl%3A1%3A...

171 B
711 B

136ms
95ms

XHR
application/json

2a02:6b8::1:119
YANDEX

General

Check archive.org

Show headers Download Go to

Full URL

https://mc.yandex.ru/watch/51604940/1?wmode=7&page-url=https%3A%2F%2Fu.to%2F3k4jGA%23khxvayhhvhhdedw&charset=utf-8&browser-info=ti%3A10%3Ans%3A1587426269578%3As%3A1600x1200x24%3Ask%3A1%3Ahdl%3A1%3Afpr%3A216613626101%3Acn%3A1%3Aw%3A1600x1200%3Az%3A120%3Ai%3A20200421014431%3Aet%3A1587426271%3Aen%3Autf-8%3Ac%3A1%3Ala%3Aen-us%3Apv%3A1%3Arn%3A925946401%3Ahid%3A80889135%3Ads%3A1%2C335%2C154%2C2%2C65%2C0%2C0%2C%2C%2C582%2C%2C%2C%3Agdpr%3A14%3Av%3A1853%3Awv%3A2%3Ast%3A1587426271%3Au%3A1587426271786827711%3At%3ARedirecting

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

2a02:6b8::1:119 Moscow, Russian Federation, ASN13238 (YANDEX, RU),

Reverse DNS

Software

nginx/1.14.2 /

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://u.to/3k4jGA
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Pragma: no-cache
Date: Mon, 20 Apr 2020 23:44:31 GMT
X-Content-Type-Options: nosniff
Last-Modified: Mon, 20-Apr-2020 23:44:31 GMT
Server: nginx/1.14.2
Strict-Transport-Security: max-age=31536000
Content-Type: application/json; charset=utf-8
Access-Control-Allow-Origin: https://u.to
Cache-Control: private, no-cache, no-store, must-revalidate, max-age=0
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Length: 171
X-XSS-Protection: 1; mode=block
Expires: Mon, 20-Apr-2020 23:44:31 GMT

Redirect headers

Pragma: no-cache
Date: Mon, 20 Apr 2020 23:44:31 GMT
Last-Modified: Mon, 20-Apr-2020 23:44:31 GMT
Server: nginx/1.14.2
Access-Control-Allow-Origin: https://u.to
Strict-Transport-Security: max-age=31536000
Location: /watch/51604940/1?wmode=7&page-url=https%3A%2F%2Fu.to%2F3k4jGA%23khxvayhhvhhdedw&charset=utf-8&browser-info=ti%3A10%3Ans%3A1587426269578%3As%3A1600x1200x24%3Ask%3A1%3Ahdl%3A1%3Afpr%3A216613626101%3Acn%3A1%3Aw%3A1600x1200%3Az%3A120%3Ai%3A20200421014431%3Aet%3A1587426271%3Aen%3Autf-8%3Ac%3A1%3Ala%3Aen-us%3Apv%3A1%3Arn%3A925946401%3Ahid%3A80889135%3Ads%3A1%2C335%2C154%2C2%2C65%2C0%2C0%2C%2C%2C582%2C%2C%2C%3Agdpr%3A14%3Av%3A1853%3Awv%3A2%3Ast%3A1587426271%3Au%3A1587426271786827711%3At%3ARedirecting
Cache-Control: private, no-cache, no-store, must-revalidate, max-age=0
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Length: 0
X-XSS-Protection: 1; mode=block
Expires: Mon, 20-Apr-2020 23:44:31 GMT

GET
H/1.1 200
OK advert.gif
mc.yandex.ru/metrika/ 43 B
425 B 295ms
147ms Image
image/gif 2a02:6b8::1:119
YANDEX

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://mc.yandex.ru/metrika/advert.gif

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

2a02:6b8::1:119 Moscow, Russian Federation, ASN13238 (YANDEX, RU),

Reverse DNS

Software

nginx/1.14.2 /

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

Referer: https://u.to/3k4jGA
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Date: Mon, 20 Apr 2020 23:44:31 GMT
Last-Modified: Fri, 17 Jan 2020 08:05:01 GMT
Server: nginx/1.14.2
ETag: "5e216aad-2b"
Strict-Transport-Security: max-age=31536000
Content-Type: image/gif
Access-Control-Allow-Origin: *
Cache-Control: max-age=3600
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 43
Expires: Tue, 21 Apr 2020 00:44:31 GMT

GET /
help-m2c.eccang.com/pseovck27kr/nptoris/privacy-policy/index_swshoes.php/brvqd/kcf/ 0
0

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2/209/runner.html

Domain: help-m2c.eccang.com
URL: http://help-m2c.eccang.com/pseovck27kr/nptoris/privacy-policy/index_swshoes.php/brvqd/kcf/?8s8ka8mz8k0

Verdicts & Comments Add Verdict or Comment

0 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

0 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header	Value
Strict-Transport-Security	max-age=31536000; includeSubdomains;

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

adservice.google.com
adservice.google.de
counter.yadro.ru
help-m2c.eccang.com
mc.yandex.ru
pagead2.googlesyndication.com
securepubads.g.doubleclick.net
soo.gd
tpc.googlesyndication.com
u.to
www.google-analytics.com
www.googletagmanager.com
www.googletagservices.com
zadarmo.cz
help-m2c.eccang.com
tpc.googlesyndication.com
120.77.243.218
172.217.21.194
195.216.243.155
2001:1528:225::a:34
2a00:1450:4001:80b::2001
2a00:1450:4001:818::2008
2a00:1450:4001:819::200e
2a00:1450:4001:81b::2002
2a02:6b8::1:119
69.61.26.123
88.212.201.210
01421cdcebb57d5b1c92ff4f19af0920e7bb6bb2189af114030158a9a8d526bf
0482a98d09daebc18a0d2e1ed8f748da5b0179e61223ed541101df1f4699f073
82bbd04adfca6dbbc54fbcff55f4db8bc1f66d7ccfe36820480be504d94d905d
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
83d47c39aa063416757618360ada2edeffde04f210dd96c44b68aec6e86043be
8b7cc77426aba678145792bd3792bdd055c2bf8ed95b976f5fe15638bf9f07b3
cd404282f2feebbe097b83180489d71ff81e92b0b735135d2b138acdff00a2f2
dd04c331e82207e16ed24e8ee399d51b7305146b2cc60c000757d28562d53e26
df255e2f7f9fd8c86ec6b227d9b3d2f8b3501188802e75a5009cbf9ba6f4eab7
eaf1b128b927ac2868755cb7366d35554255c8af362235afe270f9614f8c806d

help-m2c.eccang.com Open in urlscan Pro 120.77.243.218 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page URL History Show full URLs

Page Statistics

21 Requests

86 %HTTPS

55 %IPv6

13 Domains

14 Subdomains

11 IPs

5 Countries

261 kBTransfer

787 kBSize

0 Cookies

0 Outgoing links

Page URL History

Redirected requests

21 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 0 data transactions

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Failed requests

Verdicts & Comments Add Verdict or Comment

0 JavaScript Global Variables

0 Cookies

Security Headers

Indicators

help-m2c.eccang.com Open in urlscan Pro
120.77.243.218 Public Scan

Screenshot
Live screenshot

Full Image

21
Requests

86 %
HTTPS

55 %
IPv6

13
Domains

14
Subdomains

11
IPs

5
Countries

261 kB
Transfer

787 kB
Size

0
Cookies

21 HTTP transactions
0 data transactions