urlscan.io logo urlscan.io
SecurityTrails logo

promotools.ru Open in urlscan Pro
159.69.142.249  Public Scan

Go To Rescan Add Verdict Report
URL: http://promotools.ru/
Submission: On May 13 via manual from JP
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 5 IPs in 2 countries across 6 domains to perform 11 HTTP transactions. The main IP is 159.69.142.249, located in Germany and belongs to HETZNER-AS, DE. The main domain is promotools.ru.
This is the only time promotools.ru was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
1 159.69.142.249 24940 (HETZNER-AS)
2 87.240.190.67 47541 (VKONTAKTE...)
2 2a03:2880:f01... 32934 (FACEBOOK)
3 7 2a02:6b8::1:119 13238 (YANDEX)
2 2a03:2880:f11... 32934 (FACEBOOK)
11 5
1    159.69.142.249 (Germany)

ASN24940 (HETZNER-AS, DE)
PTR: mail.dnski.ru
promotools.ru
2    87.240.190.67 (Russian Federation)

ASN47541 (VKONTAKTE-SPB-AS http://vk.com, RU)
PTR: srv67-190-240-87.vk.com
vk.com
2    2a03:2880:f01c:8012:face:b00c:0:3 (Frankfurt am Main, Germany)

ASN32934 (FACEBOOK, US)
connect.facebook.net
7    2a02:6b8::1:119 (Moscow, Russian Federation)

ASN13238 (YANDEX, RU)
mc.yandex.ru
mc.yandex.com
2    2a03:2880:f11c:8183:face:b00c:0:25de (Frankfurt am Main, Germany)

ASN32934 (FACEBOOK, US)
www.facebook.com
Apex Domain
Subdomains		 Transfer
5 yandex.com
mc.yandex.com
2 KB
2 facebook.com
www.facebook.com
349 B
2 yandex.ru
mc.yandex.ru
43 KB
2 facebook.net
connect.facebook.net
96 KB
2 vk.com
vk.com
23 KB
1 promotools.ru
promotools.ru
9 KB
11 6
Domain Requested by
5 mc.yandex.com 2 redirects promotools.ru
2 www.facebook.com promotools.ru
2 mc.yandex.ru 1 redirects promotools.ru
2 connect.facebook.net promotools.ru
connect.facebook.net
2 vk.com promotools.ru
1 promotools.ru
11 6

This site contains no links.

Subject Issuer Validity Valid
*.vk.com
GlobalSign Organization Validation CA - SHA256 - G2		 2020-06-09 -
2022-06-10		 2 years crt.sh
*.facebook.com
DigiCert SHA2 High Assurance Server CA		 2021-04-06 -
2021-07-03		 3 months crt.sh
mc.yandex.ru
Yandex CA		 2021-02-27 -
2021-08-09		 5 months crt.sh

This page contains 1 frames:

Primary Page: http://promotools.ru/
Frame ID: 77B5FB0ED031F3B917734526DB6E2730
Requests: 11 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Detected technologies

Overall confidence: 100%
Detected patterns
  • headers server /nginx(?:\/([\d.]+))?/i
Overall confidence: 100%
Detected patterns
  • script /\/\/connect\.facebook\.net\/[^/]*\/[a-z]*\.js/i
Overall confidence: 100%
Detected patterns
  • script /mc\.yandex\.ru\/metrika\/watch\.js/i

Page Statistics

11
Requests

91 %
HTTPS

60 %
IPv6

6
Domains

6
Subdomains

5
IPs

2
Countries

172 kB
Transfer

578 kB
Size

4
Cookies

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 6
  • https://mc.yandex.com/sync_cookie_image_check HTTP 302
  • https://mc.yandex.ru/sync_cookie_image_start?redirect_domain=mc.yandex.com&token=9272.UYX9b-egvcvq7Ao3RJHsXshsE1rypu3asQRfCvlQA1tBuYUK--FSAOl3FW3Cm8JV.YP6cXB2nMo04XIpMSiyNv3Z_G1Q%2C HTTP 302
  • https://mc.yandex.com/sync_cookie_image_decide?token=9272.4aXqazhL5wMHOfxuB6Mg5jePosv5v9mDYE9QXJqx_4WCFS0X8DWeSVclnYk_U2-9CFRZVu1hfOXA9Lq2SXeSVQ%2C%2C.qmIayesf0T-F4HsNtPnegMqbLG4%2C
Request Chain 8
  • https://mc.yandex.com/watch/32344615?wmode=7&page-url=http%3A%2F%2Fpromotools.ru%2F&charset=utf-8&browser-info=pv%3A1%3Agdpr%3A14%3Avf%3Abx1nzewshzamry4%3Afp%3A124%3Afu%3A0%3Aen%3Awindows-1251%3Ala%3Aen-US%3Av%3A513%3Acn%3A1%3Adp%3A0%3Als%3A623521543238%3Ahid%3A154743790%3Az%3A120%3Ai%3A20210513094804%3Aet%3A1620892084%3Ac%3A1%3Arn%3A305214599%3Au%3A1620892084850320979%3Aw%3A1600x1200%3As%3A1600x1200x24%3Ask%3A1%3Ahdl%3A1%3Ans%3A1620892084244%3Ads%3A0%2C31%2C18%2C1%2C1%2C0%2C%2C7%2C0%2C%2C%2C%2C60%3Adsn%3A1%2C30%2C19%2C1%2C0%2C0%2C%2C8%2C0%2C%2C%2C%2C60%3Arqnl%3A1%3Aadb%3A2%3Ati%3A2%3Ast%3A1620892085%3At%3A%D0%A1%D0%BF%D0%B8%D1%81%D0%BE%D0%BA%20%D1%81%D0%B5%D1%80%D0%B2%D0%B8%D1%81%D0%BE%D0%B2 HTTP 302
  • https://mc.yandex.com/watch/32344615/1?wmode=7&page-url=http%3A%2F%2Fpromotools.ru%2F&charset=utf-8&browser-info=pv%3A1%3Agdpr%3A14%3Avf%3Abx1nzewshzamry4%3Afp%3A124%3Afu%3A0%3Aen%3Awindows-1251%3Ala%3Aen-US%3Av%3A513%3Acn%3A1%3Adp%3A0%3Als%3A623521543238%3Ahid%3A154743790%3Az%3A120%3Ai%3A20210513094804%3Aet%3A1620892084%3Ac%3A1%3Arn%3A305214599%3Au%3A1620892084850320979%3Aw%3A1600x1200%3As%3A1600x1200x24%3Ask%3A1%3Ahdl%3A1%3Ans%3A1620892084244%3Ads%3A0%2C31%2C18%2C1%2C1%2C0%2C%2C7%2C0%2C%2C%2C%2C60%3Adsn%3A1%2C30%2C19%2C1%2C0%2C0%2C%2C8%2C0%2C%2C%2C%2C60%3Arqnl%3A1%3Aadb%3A2%3Ati%3A2%3Ast%3A1620892085%3At%3A%D0%A1%D0%BF%D0%B8%D1%81%D0%BE%D0%BA%20%D1%81%D0%B5%D1%80%D0%B2%D0%B8%D1%81%D0%BE%D0%B2

11 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
Primary Request /
promotools.ru/ 		9 KB
9 KB 		Document
General
Check archive.org
Download Go to
Full URL
http://promotools.ru/
Protocol
HTTP/1.1
Server
159.69.142.249 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
mail.dnski.ru
Software
nginx/1.16.1 / PHP/5.3.29
Resource Hash
3e5cfa00430647fabcfbbe9d87e70236933ebe4fe641b754f1785e149be5868f

Request headers

Host
promotools.ru
Connection
keep-alive
Pragma
no-cache
Cache-Control
no-cache
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Accept-Encoding
gzip, deflate
Accept-Language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Server
nginx/1.16.1
Date
Thu, 13 May 2021 07:48:04 GMT
Content-Type
text/html; charset=cp-1251
Transfer-Encoding
chunked
Connection
keep-alive
X-Powered-By
PHP/5.3.29
openapi.js
vk.com/js/api/ 		100 KB
22 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://vk.com/js/api/openapi.js?159
Requested by
Host: promotools.ru
URL: http://promotools.ru/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
87.240.190.67 , Russian Federation, ASN47541 (VKONTAKTE-SPB-AS http://vk.com, RU),
Reverse DNS
srv67-190-240-87.vk.com
Software
kittenx /
Resource Hash
2f9424ce1a17a9784560c93a639819525f184fa1e00f3d6aff62b0bb0c4eaa2b

Request headers

Referer
http://promotools.ru/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 13 May 2021 07:48:04 GMT
content-encoding
br
x-frontend
front220006
last-modified
Wed, 21 Apr 2021 15:16:58 GMT
server
kittenx
etag
"608041ea-5800"
content-type
application/x-javascript
access-control-expose-headers
X-Frontend
cache-control
max-age=345600
content-length
22528
expires
Mon, 17 May 2021 07:48:04 GMT
fbevents.js
connect.facebook.net/en_US/ 		92 KB
24 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://connect.facebook.net/en_US/fbevents.js
Requested by
Host: promotools.ru
URL: http://promotools.ru/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a03:2880:f01c:8012:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
/
Resource Hash
a517525b8a7d39bcaf1cf5f9695c5be8fce7a6b920a3924c1a4f70e8ea748c05
Security Headers
Name Value
Content-Security-Policy default-src facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com data: blob: 'self';script-src *.fbcdn.net *.facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c;
Strict-Transport-Security max-age=31536000; preload; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 0

Request headers

Referer
http://promotools.ru/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

content-security-policy
default-src facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com data: blob: 'self';script-src *.fbcdn.net *.facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c;
content-encoding
gzip
x-content-type-options
nosniff
x-xss-protection
0
cross-origin-resource-policy
cross-origin
alt-svc
h3-29=":443"; ma=3600,h3-27=":443"; ma=3600
content-length
23959
x-fb-rlafr
0
pragma
public
x-fb-debug
W/Hg757XoXxfy9BkgbGaDbmtQ4ZJcPuJtPVI5lDnPzOsvDErckRNxF7ANJ3olRzx9X4y8MgZDBynMXp9hCmoYg==
x-fb-trip-id
686109401
x-frame-options
DENY
cross-origin-opener-policy
same-origin-allow-popups
cross-origin-embedder-policy-report-only
require-corp;report-to="coep_report"
date
Thu, 13 May 2021 07:48:04 GMT
strict-transport-security
max-age=31536000; preload; includeSubDomains
report-to
{"group":"coep_report","max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/"}]}
content-type
application/x-javascript; charset=utf-8
vary
Accept-Encoding
cache-control
public, max-age=1200
priority
u=3,i
expires
Sat, 01 Jan 2000 00:00:00 GMT
watch.js
mc.yandex.ru/metrika/ 		123 KB
43 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://mc.yandex.ru/metrika/watch.js
Requested by
Host: promotools.ru
URL: http://promotools.ru/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:6b8::1:119 Moscow, Russian Federation, ASN13238 (YANDEX, RU),
Reverse DNS
Software
/
Resource Hash
d56c51963c053331792dd0e403fd7a0920fa11df45238ba1dd6886eabcc2028a
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

Referer
http://promotools.ru/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 13 May 2021 07:48:04 GMT
content-encoding
br
last-modified
Thu, 13 May 2021 07:23:32 GMT
etag
"609bcfd8-ac59"
strict-transport-security
max-age=31536000
content-type
application/javascript
access-control-allow-origin
*
cache-control
max-age=3600
content-length
44121
expires
Thu, 13 May 2021 08:48:04 GMT
285672882063925
connect.facebook.net/signals/config/ 		254 KB
72 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://connect.facebook.net/signals/config/285672882063925?v=2.9.39&r=stable
Requested by
Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/fbevents.js
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a03:2880:f01c:8012:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
/
Resource Hash
72bf540012664cf647453105e3fc6c5b39a4183659edee1c4bf0b5ebc49f0107
Security Headers
Name Value
Content-Security-Policy default-src facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com data: blob: 'self';script-src *.fbcdn.net *.facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c;
Strict-Transport-Security max-age=31536000; preload; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 0

Request headers

Referer
http://promotools.ru/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

content-security-policy
default-src facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com data: blob: 'self';script-src *.fbcdn.net *.facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c;
content-encoding
gzip
x-content-type-options
nosniff
x-xss-protection
0
cross-origin-resource-policy
cross-origin
alt-svc
h3-29=":443"; ma=3600,h3-27=":443"; ma=3600
x-fb-rlafr
0
pragma
public
x-fb-debug
90Xl8O61Ka3qkhBFAgzzon6hAgExcTc+Xh9Y1j42hhxJIkplnbOIP42h8xR7F9cecsUWChxs7az96PY8DQpgFA==
cross-origin-embedder-policy-report-only
require-corp;report-to="coep_report"
cross-origin-opener-policy
same-origin-allow-popups
x-frame-options
DENY
date
Thu, 13 May 2021 07:48:04 GMT
strict-transport-security
max-age=31536000; preload; includeSubDomains
report-to
{"group":"coep_report","max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/"}]}
content-type
application/x-javascript; charset=utf-8
vary
Accept-Encoding
cache-control
public, max-age=1200
priority
u=3,i
expires
Sat, 01 Jan 2000 00:00:00 GMT
/
www.facebook.com/tr/ 		44 B
261 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.facebook.com/tr/?id=285672882063925&ev=PageView&dl=http%3A%2F%2Fpromotools.ru%2F&rl=&if=false&ts=1620892084448&sw=1600&sh=1200&v=2.9.39&r=stable&ec=0&o=30&fbp=fb.1.1620892084447.1949138496&it=1620892084365&coo=false&exp=l1&rqm=GET
Requested by
Host: promotools.ru
URL: http://promotools.ru/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a03:2880:f11c:8183:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
proxygen-bolt /
Resource Hash
10d8d42d73a02ddb877101e72fbfa15a0ec820224d97cedee4cf92d571be5caa
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

Referer
http://promotools.ru/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 13 May 2021 07:48:04 GMT
last-modified
Fri, 21 Dec 2012 00:00:01 GMT
server
proxygen-bolt
strict-transport-security
max-age=31536000; includeSubDomains
content-type
image/gif
cache-control
no-cache, must-revalidate, max-age=0
cross-origin-resource-policy
cross-origin
alt-svc
h3-29=":443"; ma=3600,h3-27=":443"; ma=3600
content-length
44
expires
Thu, 13 May 2021 07:48:04 GMT
rtrg
vk.com/ 		49 B
445 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://vk.com/rtrg?p=VK-RTRG-303947-gOPLF&metatag_url=http%3A%2F%2Fpromotools.ru%2F&metatag_title=%D0%A1%D0%BF%D0%B8%D1%81%D0%BE%D0%BA%20%D1%81%D0%B5%D1%80%D0%B2%D0%B8%D1%81%D0%BE%D0%B2
Requested by
Host: promotools.ru
URL: http://promotools.ru/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
87.240.190.67 , Russian Federation, ASN47541 (VKONTAKTE-SPB-AS http://vk.com, RU),
Reverse DNS
srv67-190-240-87.vk.com
Software
kittenx / KPHP/7.4.107101
Resource Hash
2f561b02a49376e3679acd5975e3790abdff09ecbadfa1e1858c7ba26e3ffcef
Security Headers
Name Value
Strict-Transport-Security max-age=15768000

Request headers

Referer
http://promotools.ru/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 13 May 2021 07:48:04 GMT
content-encoding
gzip
x-frontend
front220006
server
kittenx
x-powered-by
KPHP/7.4.107101
strict-transport-security
max-age=15768000
content-type
image/gif
access-control-expose-headers
X-Frontend
cache-control
no-store
content-length
65
sync_cookie_image_decide
mc.yandex.com/
Redirect Chain
  • https://mc.yandex.com/sync_cookie_image_check
  • https://mc.yandex.ru/sync_cookie_image_start?redirect_domain=mc.yandex.com&token=9272.UYX9b-egvcvq7Ao3RJHsXshsE1rypu3asQRfCvlQA1tBuYUK--FSAOl3FW3Cm8JV.YP6cXB2nMo04XIpMSiyNv3Z_G1Q%2C
  • https://mc.yandex.com/sync_cookie_image_decide?token=9272.4aXqazhL5wMHOfxuB6Mg5jePosv5v9mDYE9QXJqx_4WCFS0X8DWeSVclnYk_U2-9CFRZVu1hfOXA9Lq2SXeSVQ%2C%2C.qmIayesf0T-F4HsNtPnegMqbLG4%2C
75 B
75 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://mc.yandex.com/sync_cookie_image_decide?token=9272.4aXqazhL5wMHOfxuB6Mg5jePosv5v9mDYE9QXJqx_4WCFS0X8DWeSVclnYk_U2-9CFRZVu1hfOXA9Lq2SXeSVQ%2C%2C.qmIayesf0T-F4HsNtPnegMqbLG4%2C
Requested by
Host: promotools.ru
URL: http://promotools.ru/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:6b8::1:119 Moscow, Russian Federation, ASN13238 (YANDEX, RU),
Reverse DNS
Software
/
Resource Hash
8398a026313c016324f186d1c9b24a46813109d4bc5477d910a683079cbf1434
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Xss-Protection 1; mode=block

Request headers

Referer
http://promotools.ru/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 13 May 2021 07:48:04 GMT
strict-transport-security
max-age=31536000
content-length
75
x-xss-protection
1; mode=block
content-type
text/html; charset=utf-8

Redirect headers

location
https://mc.yandex.com/sync_cookie_image_decide?token=9272.4aXqazhL5wMHOfxuB6Mg5jePosv5v9mDYE9QXJqx_4WCFS0X8DWeSVclnYk_U2-9CFRZVu1hfOXA9Lq2SXeSVQ%2C%2C.qmIayesf0T-F4HsNtPnegMqbLG4%2C
date
Thu, 13 May 2021 07:48:04 GMT
strict-transport-security
max-age=31536000
x-xss-protection
1; mode=block
advert.gif
mc.yandex.com/metrika/ 		43 B
75 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://mc.yandex.com/metrika/advert.gif
Requested by
Host: promotools.ru
URL: http://promotools.ru/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:6b8::1:119 Moscow, Russian Federation, ASN13238 (YANDEX, RU),
Reverse DNS
Software
/
Resource Hash
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

Referer
http://promotools.ru/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 13 May 2021 07:48:04 GMT
last-modified
Thu, 13 May 2021 07:23:32 GMT
etag
"609bcfd8-2b"
strict-transport-security
max-age=31536000
content-type
image/gif
access-control-allow-origin
*
cache-control
max-age=3600
accept-ranges
bytes
content-length
43
expires
Thu, 13 May 2021 08:48:04 GMT
1
mc.yandex.com/watch/32344615/
Redirect Chain
  • https://mc.yandex.com/watch/32344615?wmode=7&page-url=http%3A%2F%2Fpromotools.ru%2F&charset=utf-8&browser-info=pv%3A1%3Agdpr%3A14%3Avf%3Abx1nzewshzamry4%3Afp%3A124%3Afu%3A0%3Aen%3Awindows-1251%3Ala...
  • https://mc.yandex.com/watch/32344615/1?wmode=7&page-url=http%3A%2F%2Fpromotools.ru%2F&charset=utf-8&browser-info=pv%3A1%3Agdpr%3A14%3Avf%3Abx1nzewshzamry4%3Afp%3A124%3Afu%3A0%3Aen%3Awindows-1251%3A...
184 B
219 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://mc.yandex.com/watch/32344615/1?wmode=7&page-url=http%3A%2F%2Fpromotools.ru%2F&charset=utf-8&browser-info=pv%3A1%3Agdpr%3A14%3Avf%3Abx1nzewshzamry4%3Afp%3A124%3Afu%3A0%3Aen%3Awindows-1251%3Ala%3Aen-US%3Av%3A513%3Acn%3A1%3Adp%3A0%3Als%3A623521543238%3Ahid%3A154743790%3Az%3A120%3Ai%3A20210513094804%3Aet%3A1620892084%3Ac%3A1%3Arn%3A305214599%3Au%3A1620892084850320979%3Aw%3A1600x1200%3As%3A1600x1200x24%3Ask%3A1%3Ahdl%3A1%3Ans%3A1620892084244%3Ads%3A0%2C31%2C18%2C1%2C1%2C0%2C%2C7%2C0%2C%2C%2C%2C60%3Adsn%3A1%2C30%2C19%2C1%2C0%2C0%2C%2C8%2C0%2C%2C%2C%2C60%3Arqnl%3A1%3Aadb%3A2%3Ati%3A2%3Ast%3A1620892085%3At%3A%D0%A1%D0%BF%D0%B8%D1%81%D0%BE%D0%BA%20%D1%81%D0%B5%D1%80%D0%B2%D0%B8%D1%81%D0%BE%D0%B2
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:6b8::1:119 Moscow, Russian Federation, ASN13238 (YANDEX, RU),
Reverse DNS
Software
/
Resource Hash
84d8382c18f94078a1def59036956ad3c5c77cd1e9f32e4e9e1b2ec91765addb
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
http://promotools.ru/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 13 May 2021 07:48:04 GMT
x-content-type-options
nosniff
last-modified
Thu, 13-May-2021 07:48:04 GMT
strict-transport-security
max-age=31536000
content-type
application/json; charset=utf-8
access-control-allow-origin
http://promotools.ru
cache-control
private, no-cache, no-store, must-revalidate, max-age=0
access-control-allow-credentials
true
content-length
184
x-xss-protection
1; mode=block
expires
Thu, 13-May-2021 07:48:04 GMT

Redirect headers

pragma
no-cache
date
Thu, 13 May 2021 07:48:04 GMT
last-modified
Thu, 13-May-2021 07:48:04 GMT
location
/watch/32344615/1?wmode=7&page-url=http%3A%2F%2Fpromotools.ru%2F&charset=utf-8&browser-info=pv%3A1%3Agdpr%3A14%3Avf%3Abx1nzewshzamry4%3Afp%3A124%3Afu%3A0%3Aen%3Awindows-1251%3Ala%3Aen-US%3Av%3A513%3Acn%3A1%3Adp%3A0%3Als%3A623521543238%3Ahid%3A154743790%3Az%3A120%3Ai%3A20210513094804%3Aet%3A1620892084%3Ac%3A1%3Arn%3A305214599%3Au%3A1620892084850320979%3Aw%3A1600x1200%3As%3A1600x1200x24%3Ask%3A1%3Ahdl%3A1%3Ans%3A1620892084244%3Ads%3A0%2C31%2C18%2C1%2C1%2C0%2C%2C7%2C0%2C%2C%2C%2C60%3Adsn%3A1%2C30%2C19%2C1%2C0%2C0%2C%2C8%2C0%2C%2C%2C%2C60%3Arqnl%3A1%3Aadb%3A2%3Ati%3A2%3Ast%3A1620892085%3At%3A%D0%A1%D0%BF%D0%B8%D1%81%D0%BE%D0%BA%20%D1%81%D0%B5%D1%80%D0%B2%D0%B8%D1%81%D0%BE%D0%B2
strict-transport-security
max-age=31536000
access-control-allow-origin
http://promotools.ru
cache-control
private, no-cache, no-store, must-revalidate, max-age=0
access-control-allow-credentials
true
x-xss-protection
1; mode=block
expires
Thu, 13-May-2021 07:48:04 GMT
/
www.facebook.com/tr/ 		44 B
88 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.facebook.com/tr/?id=285672882063925&ev=Microdata&dl=http%3A%2F%2Fpromotools.ru%2F&rl=&if=false&ts=1620892085951&cd[DataLayer]=%5B%5D&cd[Meta]=%7B%22title%22%3A%22%D0%A1%D0%BF%D0%B8%D1%81%D0%BE%D0%BA%20%D1%81%D0%B5%D1%80%D0%B2%D0%B8%D1%81%D0%BE%D0%B2%22%7D&cd[OpenGraph]=%7B%7D&cd[Schema.org]=%5B%5D&cd[JSON-LD]=%5B%5D&sw=1600&sh=1200&v=2.9.39&r=stable&ec=1&o=30&fbp=fb.1.1620892084447.1949138496&it=1620892084365&coo=false&es=automatic&tm=3&exp=l1&rqm=GET
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a03:2880:f11c:8183:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
proxygen-bolt /
Resource Hash
10d8d42d73a02ddb877101e72fbfa15a0ec820224d97cedee4cf92d571be5caa
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

Referer
http://promotools.ru/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 13 May 2021 07:48:05 GMT
last-modified
Fri, 21 Dec 2012 00:00:01 GMT
server
proxygen-bolt
strict-transport-security
max-age=31536000; includeSubDomains
content-type
image/gif
cache-control
no-cache, must-revalidate, max-age=0
cross-origin-resource-policy
cross-origin
content-length
44
alt-svc
h3-29=":443"; ma=3600,h3-27=":443"; ma=3600
priority
u=3,i
expires
Thu, 13 May 2021 07:48:05 GMT

Verdicts & Comments Add Verdict or Comment

14 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| onbeforexrselect object| ontransitionrun object| ontransitionstart object| ontransitioncancel boolean| originAgentCluster object| trustedTypes boolean| crossOriginIsolated function| fbq function| _fbq function| obj2qs object| fastXDM object| VK object| Ya object| yaCounter32344615

4 Cookies

Domain/Path Name / Value
.promotools.ru/ Name: _ym_isad
Value: 2
.promotools.ru/ Name: _ym_d
Value: 1620892084
.promotools.ru/ Name: _ym_uid
Value: 1620892084850320979
.promotools.ru/ Name: _fbp
Value: fb.1.1620892084447.1949138496