In full pages, there are all sorts of obligatory “head” and “body” types that are not in the loaded pieces. Maybe you can determine full pages by tags? It is unlikely that the user will open the counter in a window that usually has a maximum frame.

The first thing that came to mind was http_referer - in case of a request to habrastorage.org, it will be put in habrahabr.ru

Yes, in this case, you can filter the html received by the user - and look for links to iframe, a href ... only with javascript a hat. You can look at the time of requests, it is unlikely that the user will be able to click faster than the browser loads

> Corporate sniffer
I wish you to fail safely with this senseless undertaking.

if the sniffer is corporate, then, I think, it’s easier to write something from:
- for the client side
1. addon to the browser
2. mouse hook (bad option)
3. your browser for corporate use
- for the server side, if you have something proxy type
1. change the html by adding or on-click handlers to it
2. change the html by modifying the urls in it
and a combination of various options, including those proposed above,
well, I sketched my thoughts like this, for reflection options, although your task is not completely clear.

You can combine checking the Referer and Accept headers. Now I looked at my headers, when loading statics or AJAX requests, the Accept-header, which is different from the usual loading of the page, leaves. Also, the If-Modified-Since, Cache-control, etc. headers sometimes appear. But here you still need to consider how other browsers behave. I checked on Google Chrome latest version.
Other than that, I'm not even sure if there are any other options.
If the statistics are large and there are few false positives, you can make it easier and close your eyes to these positives.

The solution is this:
We extract the information in the opposite direction: the received content text/html -> stream ID -> the first request to the server after opening the stream ID (or the last redirect).