promotools.cc
Open in
urlscan Pro
95.216.96.252
Public Scan
Submission: On November 13 via manual from JP
Summary
TLS certificate: Issued by Let's Encrypt Authority X3 on October 26th 2019. Valid for: 3 months.
This is the only time promotools.cc was scanned on urlscan.io!
urlscan.io Verdict: No classification
Domain & IP information
IP Address | AS Autonomous System | ||
---|---|---|---|
5 | 95.216.96.252 95.216.96.252 | 24940 (HETZNER-AS) (HETZNER-AS) | |
1 | 95.213.171.109 95.213.171.109 | 49505 (SELECTEL) (SELECTEL) | |
1 | 188.186.156.88 188.186.156.88 | 31483 (ERTELECOM...) (ERTELECOM-DC-AS) | |
4 | 138.201.226.230 138.201.226.230 | 24940 (HETZNER-AS) (HETZNER-AS) | |
1 4 | 2a02:6b8::1:119 2a02:6b8::1:119 | 13238 (YANDEX) (YANDEX) | |
1 2 | 2001:6d0:4001... 2001:6d0:4001::226 | 52016 (TNSMSK-) (TNSMSK-) | |
3 | 217.69.133.145 217.69.133.145 | 47764 (MAILRU-AS...) (MAILRU-AS Mail.Ru) | |
18 | 7 |
ASN24940 (HETZNER-AS, DE)
PTR: static.252.96.216.95.clients.your-server.de
promotools.cc |
ASN31483 (ERTELECOM-DC-AS, RU)
PTR: 188x186x156x88.static.cc.ertelecom.ru
ead0f88a944243b6b7ed639e6d528916.domru.ru |
ASN24940 (HETZNER-AS, DE)
PTR: static.230.226.201.138.clients.your-server.de
efatik.me |
ASN47764 (MAILRU-AS Mail.Ru, RU)
PTR: top-fwz1.mail.ru
top-fwz1.mail.ru |
Apex Domain Subdomains |
Transfer | |
---|---|---|
5 |
promotools.cc
promotools.cc |
28 KB |
4 |
yandex.ru
1 redirects
mc.yandex.ru |
42 KB |
4 |
efatik.me
efatik.me |
233 B |
3 |
mail.ru
top-fwz1.mail.ru |
8 KB |
2 |
tns-counter.ru
1 redirects
www.tns-counter.ru |
1 KB |
1 |
domru.ru
ead0f88a944243b6b7ed639e6d528916.domru.ru |
247 B |
1 |
videobrain.org
videobrain.org |
569 B |
18 | 7 |
Domain | Requested by | |
---|---|---|
5 | promotools.cc |
promotools.cc
|
4 | mc.yandex.ru |
1 redirects
promotools.cc
|
4 | efatik.me |
promotools.cc
|
3 | top-fwz1.mail.ru |
promotools.cc
top-fwz1.mail.ru |
2 | www.tns-counter.ru |
1 redirects
promotools.cc
|
1 | ead0f88a944243b6b7ed639e6d528916.domru.ru |
promotools.cc
|
1 | videobrain.org |
promotools.cc
|
18 | 7 |
This site contains no links.
Subject Issuer | Validity | Valid | |
---|---|---|---|
promotools.cc Let's Encrypt Authority X3 |
2019-10-26 - 2020-01-24 |
3 months | crt.sh |
videobrain.org Let's Encrypt Authority X3 |
2019-10-21 - 2020-01-19 |
3 months | crt.sh |
*.domru.ru RU-CENTER High Assurance Services CA 2 |
2019-03-01 - 2021-03-01 |
2 years | crt.sh |
efatik.me Let's Encrypt Authority X3 |
2019-10-27 - 2020-01-25 |
3 months | crt.sh |
mc.yandex.ru Yandex CA |
2019-09-23 - 2020-09-22 |
a year | crt.sh |
*.tns-counter.ru GlobalSign Organization Validation CA - SHA256 - G2 |
2018-10-29 - 2020-12-01 |
2 years | crt.sh |
*.mail.ru GlobalSign Organization Validation CA - SHA256 - G2 |
2019-01-18 - 2021-01-18 |
2 years | crt.sh |
This page contains 2 frames:
Primary Page:
https://promotools.cc/ads_advert.html
Frame ID: EB2C7F24C515A1C1FB6B0D2D5A2EF8B2
Requests: 10 HTTP requests in this frame
Frame:
https://promotools.cc/yametrika.html?ya_metrika_id=47585632&utm_campaign=f482a203-d8a6-52f8-b7c1-df8aa9dcbaf5&utm_content=promotools.cc
Frame ID: A7D5D12906F06FD87F7FC7593EA6FED7
Requests: 8 HTTP requests in this frame
0 Outgoing links
These are links going to different origins than the main page.
Redirected requests
There were HTTP redirect chains for the following requests:
Request Chain 8- https://www.tns-counter.ru/V13a****yandexvideo_network/ru/UTF-8/tmsec=yandexvideo_videonetwork258005/0.28215861408854814 HTTP 302
- https://www.tns-counter.ru/V13b****yandexvideo_network/ru/UTF-8/tmsec=yandexvideo_videonetwork258005/0.28215861408854814
- https://mc.yandex.ru/watch/47585632?wmode=7&page-ref=https%3A%2F%2Fpromotools.cc%2Fads_advert.html&page-url=https%3A%2F%2Fpromotools.cc%2Fyametrika.html%3Fya_metrika_id%3D47585632%26utm_campaign%3Df482a203-d8a6-52f8-b7c1-df8aa9dcbaf5%26utm_content%3Dpromotools.cc&charset=utf-8&ut=noindex&browser-info=ti%3A10%3Ans%3A1573650701756%3As%3A1600x1200x24%3Ask%3A1%3Ahdl%3A1%3Aifr%3A1%3Asti%3A1%3Afpr%3A216613626101%3Acn%3A1%3Aw%3A1x1%3Az%3A60%3Ai%3A20191113141142%3Aet%3A1573650702%3Aen%3Autf-8%3Ac%3A1%3Ala%3Aen-us%3Anp%3ATGludXggeDg2XzY0%3Apv%3A1%3Arn%3A161304593%3Ahid%3A168560219%3Ads%3A0%2C0%2C28%2C0%2C0%2C0%2C0%2C3%2C0%2C%2C%2C%2C33%3Agdpr%3A14%3Av%3A1736%3Ast%3A1573650702%3Au%3A1573650702956459446%3At%3AYandex.Metrika HTTP 302
- https://mc.yandex.ru/watch/47585632/1?wmode=7&page-ref=https%3A%2F%2Fpromotools.cc%2Fads_advert.html&page-url=https%3A%2F%2Fpromotools.cc%2Fyametrika.html%3Fya_metrika_id%3D47585632%26utm_campaign%3Df482a203-d8a6-52f8-b7c1-df8aa9dcbaf5%26utm_content%3Dpromotools.cc&charset=utf-8&ut=noindex&browser-info=ti%3A10%3Ans%3A1573650701756%3As%3A1600x1200x24%3Ask%3A1%3Ahdl%3A1%3Aifr%3A1%3Asti%3A1%3Afpr%3A216613626101%3Acn%3A1%3Aw%3A1x1%3Az%3A60%3Ai%3A20191113141142%3Aet%3A1573650702%3Aen%3Autf-8%3Ac%3A1%3Ala%3Aen-us%3Anp%3ATGludXggeDg2XzY0%3Apv%3A1%3Arn%3A161304593%3Ahid%3A168560219%3Ads%3A0%2C0%2C28%2C0%2C0%2C0%2C0%2C3%2C0%2C%2C%2C%2C33%3Agdpr%3A14%3Av%3A1736%3Ast%3A1573650702%3Au%3A1573650702956459446%3At%3AYandex.Metrika
18 HTTP transactions
Method Protocol |
Resource Path |
Size x-fer |
Type MIME-Type |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
GET H2 |
Primary Request
ads_advert.html
promotools.cc/ |
664 B 506 B |
Document
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
ads_capliman.css
promotools.cc/front/ |
500 B 342 B |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
ads_capliman.js
promotools.cc/js/simple/ |
6 KB 2 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
vc_light.js
promotools.cc/ |
71 KB 24 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
yametrika.html
promotools.cc/ Frame A7D5 |
3 KB 1 KB |
Document
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
settings.php
videobrain.org/ |
528 B 569 B |
Script
text/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
wrds.gif
ead0f88a944243b6b7ed639e6d528916.domru.ru/ |
42 B 247 B |
Image
image/gif |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
l.gif
efatik.me/ |
0 59 B |
Image
text/plain |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
watch.js
mc.yandex.ru/metrika/ Frame A7D5 |
134 KB 40 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
0.28215861408854814
www.tns-counter.ru/V13b****yandexvideo_network/ru/UTF-8/tmsec=yandexvideo_videonetwork258005/ Frame A7D5 Redirect Chain
|
43 B 458 B |
Image
image/gif |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
Redirect headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
code.js
top-fwz1.mail.ru/js/ Frame A7D5 |
16 KB 7 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
l.gif
efatik.me/ |
0 58 B |
Image
text/plain |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
l.gif
efatik.me/ |
0 58 B |
Image
text/plain |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
l.gif
efatik.me/ |
0 58 B |
Image
text/plain |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
POST H/1.1 |
counter
top-fwz1.mail.ru/ Frame A7D5 |
43 B 910 B |
Other
image/gif |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
1
mc.yandex.ru/watch/47585632/ Frame A7D5 Redirect Chain
|
152 B 701 B |
XHR
application/json |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
Redirect headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
advert.gif
mc.yandex.ru/metrika/ Frame A7D5 |
43 B 445 B |
Image
image/gif |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
POST H/1.1 |
tracker
top-fwz1.mail.ru/ Frame A7D5 |
43 B 818 B |
Other
image/gif |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
Verdicts & Comments Add Verdict or Comment
7 JavaScript Global Variables
These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.
object| onformdata object| onpointerrawupdate function| callbackAdsCapliman object| video_captain_callback function| noAds object| VideoCapitan function| adsCallbackSgND4 Cookies
Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.
Domain/Path | Expires | Name / Value |
---|---|---|
.promotools.cc/ | Name: _ym_d Value: 1573650702 |
|
.promotools.cc/ | Name: _ym_isad Value: 2 |
|
.promotools.cc/ | Name: _ym_uid Value: 1573650702956459446 |
|
promotools.cc/ | Name: vc_ad_no Value: 1 |
Indicators
This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.
ead0f88a944243b6b7ed639e6d528916.domru.ru
efatik.me
mc.yandex.ru
promotools.cc
top-fwz1.mail.ru
videobrain.org
www.tns-counter.ru
138.201.226.230
188.186.156.88
2001:6d0:4001::226
217.69.133.145
2a02:6b8::1:119
95.213.171.109
95.216.96.252
01b65d1d8f113fb5fb26fb2fb0b9a2df6737b4895658a023b307fb0c0b9d5eb7
24e480e4659fbae818853a38f8a3036f529f539024dc3e772c0b594ce02ea9db
292b09e983e097c72f00c780a1ecea46d27aa92d5a3367f6d4039f43cf2d3095
31bb1ba9c97d97ce20d80a4f7513c9c78107313ef437cb462fdcac3fcce43e65
377251376d65c36f2f1463ace90453f2eefa5dab0876686382b2a543afa82a97
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87
6bd2cdbd9a9be826b152dd2aea231b2e9a9cb2182ca9fadca847d7042e822930
740eaaf2950fccaca500a025effeec0f52d21702c7217dab14dadcbb9228e2f0
95994259291e7a203495c941769738c6ccd9f854ad776a258255ed9795625c6d
9b2545384660e000f2573be780b41a0c89b85eacd0b24967610f6af9379c958d
9b6a14d23f8b7ce4959de7c92c2c6a87915905d4c7be977b24324094e4410c89
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629