urlscan.io logo urlscan.io
SecurityTrails logo

promotools.cc Open in urlscan Pro
95.216.96.252  Public Scan

Go To Rescan Add Verdict Report
URL: https://promotools.cc/ads_advert.html
Submission: On November 13 via manual from JP
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 7 IPs in 3 countries across 7 domains to perform 18 HTTP transactions. The main IP is 95.216.96.252, located in Finland and belongs to HETZNER-AS, DE. The main domain is promotools.cc.
TLS certificate: Issued by Let's Encrypt Authority X3 on October 26th 2019. Valid for: 3 months.
This is the only time promotools.cc was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
5 95.216.96.252 24940 (HETZNER-AS)
1 95.213.171.109 49505 (SELECTEL)
1 188.186.156.88 31483 (ERTELECOM...)
4 138.201.226.230 24940 (HETZNER-AS)
1 4 2a02:6b8::1:119 13238 (YANDEX)
1 2 2001:6d0:4001... 52016 (TNSMSK-)
3 217.69.133.145 47764 (MAILRU-AS...)
18 7
5    95.216.96.252 (Finland)

ASN24940 (HETZNER-AS, DE)
PTR: static.252.96.216.95.clients.your-server.de
promotools.cc
1    95.213.171.109 (Russian Federation)

ASN49505 (SELECTEL, RU)
videobrain.org
1    188.186.156.88 (Russian Federation)

ASN31483 (ERTELECOM-DC-AS, RU)
PTR: 188x186x156x88.static.cc.ertelecom.ru
ead0f88a944243b6b7ed639e6d528916.domru.ru
4    138.201.226.230 (Germany)

ASN24940 (HETZNER-AS, DE)
PTR: static.230.226.201.138.clients.your-server.de
efatik.me
4    2a02:6b8::1:119 (Moscow, Russian Federation)

ASN13238 (YANDEX, RU)
mc.yandex.ru
2    2001:6d0:4001::226 (Russian Federation)

ASN52016 (TNSMSK-, RU)
www.tns-counter.ru
3    217.69.133.145 (Russian Federation)

ASN47764 (MAILRU-AS Mail.Ru, RU)
PTR: top-fwz1.mail.ru
top-fwz1.mail.ru
Domain Requested by
5 promotools.cc promotools.cc
4 mc.yandex.ru 1 redirects promotools.cc
4 efatik.me promotools.cc
3 top-fwz1.mail.ru promotools.cc
top-fwz1.mail.ru
2 www.tns-counter.ru 1 redirects promotools.cc
1 ead0f88a944243b6b7ed639e6d528916.domru.ru promotools.cc
1 videobrain.org promotools.cc
18 7

This site contains no links.

Subject Issuer Validity Valid
promotools.cc
Let's Encrypt Authority X3		 2019-10-26 -
2020-01-24		 3 months crt.sh
videobrain.org
Let's Encrypt Authority X3		 2019-10-21 -
2020-01-19		 3 months crt.sh
*.domru.ru
RU-CENTER High Assurance Services CA 2		 2019-03-01 -
2021-03-01		 2 years crt.sh
efatik.me
Let's Encrypt Authority X3		 2019-10-27 -
2020-01-25		 3 months crt.sh
mc.yandex.ru
Yandex CA		 2019-09-23 -
2020-09-22		 a year crt.sh
*.tns-counter.ru
GlobalSign Organization Validation CA - SHA256 - G2		 2018-10-29 -
2020-12-01		 2 years crt.sh
*.mail.ru
GlobalSign Organization Validation CA - SHA256 - G2		 2019-01-18 -
2021-01-18		 2 years crt.sh

This page contains 2 frames:

Primary Page: https://promotools.cc/ads_advert.html
Frame ID: EB2C7F24C515A1C1FB6B0D2D5A2EF8B2
Requests: 10 HTTP requests in this frame

Frame: https://promotools.cc/yametrika.html?ya_metrika_id=47585632&utm_campaign=f482a203-d8a6-52f8-b7c1-df8aa9dcbaf5&utm_content=promotools.cc
Frame ID: A7D5D12906F06FD87F7FC7593EA6FED7
Requests: 8 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page Statistics

18
Requests

100 %
HTTPS

29 %
IPv6

7
Domains

7
Subdomains

7
IPs

3
Countries

79 kB
Transfer

231 kB
Size

4
Cookies

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 8
  • https://www.tns-counter.ru/V13a****yandexvideo_network/ru/UTF-8/tmsec=yandexvideo_videonetwork258005/0.28215861408854814 HTTP 302
  • https://www.tns-counter.ru/V13b****yandexvideo_network/ru/UTF-8/tmsec=yandexvideo_videonetwork258005/0.28215861408854814
Request Chain 14
  • https://mc.yandex.ru/watch/47585632?wmode=7&page-ref=https%3A%2F%2Fpromotools.cc%2Fads_advert.html&page-url=https%3A%2F%2Fpromotools.cc%2Fyametrika.html%3Fya_metrika_id%3D47585632%26utm_campaign%3Df482a203-d8a6-52f8-b7c1-df8aa9dcbaf5%26utm_content%3Dpromotools.cc&charset=utf-8&ut=noindex&browser-info=ti%3A10%3Ans%3A1573650701756%3As%3A1600x1200x24%3Ask%3A1%3Ahdl%3A1%3Aifr%3A1%3Asti%3A1%3Afpr%3A216613626101%3Acn%3A1%3Aw%3A1x1%3Az%3A60%3Ai%3A20191113141142%3Aet%3A1573650702%3Aen%3Autf-8%3Ac%3A1%3Ala%3Aen-us%3Anp%3ATGludXggeDg2XzY0%3Apv%3A1%3Arn%3A161304593%3Ahid%3A168560219%3Ads%3A0%2C0%2C28%2C0%2C0%2C0%2C0%2C3%2C0%2C%2C%2C%2C33%3Agdpr%3A14%3Av%3A1736%3Ast%3A1573650702%3Au%3A1573650702956459446%3At%3AYandex.Metrika HTTP 302
  • https://mc.yandex.ru/watch/47585632/1?wmode=7&page-ref=https%3A%2F%2Fpromotools.cc%2Fads_advert.html&page-url=https%3A%2F%2Fpromotools.cc%2Fyametrika.html%3Fya_metrika_id%3D47585632%26utm_campaign%3Df482a203-d8a6-52f8-b7c1-df8aa9dcbaf5%26utm_content%3Dpromotools.cc&charset=utf-8&ut=noindex&browser-info=ti%3A10%3Ans%3A1573650701756%3As%3A1600x1200x24%3Ask%3A1%3Ahdl%3A1%3Aifr%3A1%3Asti%3A1%3Afpr%3A216613626101%3Acn%3A1%3Aw%3A1x1%3Az%3A60%3Ai%3A20191113141142%3Aet%3A1573650702%3Aen%3Autf-8%3Ac%3A1%3Ala%3Aen-us%3Anp%3ATGludXggeDg2XzY0%3Apv%3A1%3Arn%3A161304593%3Ahid%3A168560219%3Ads%3A0%2C0%2C28%2C0%2C0%2C0%2C0%2C3%2C0%2C%2C%2C%2C33%3Agdpr%3A14%3Av%3A1736%3Ast%3A1573650702%3Au%3A1573650702956459446%3At%3AYandex.Metrika

18 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
Primary Request ads_advert.html
promotools.cc/ 		664 B
506 B 		Document
General
Check archive.org
Download Go to
Full URL
https://promotools.cc/ads_advert.html
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
95.216.96.252 , Finland, ASN24940 (HETZNER-AS, DE),
Reverse DNS
static.252.96.216.95.clients.your-server.de
Software
/
Resource Hash
95994259291e7a203495c941769738c6ccd9f854ad776a258255ed9795625c6d

Request headers

:method
GET
:authority
promotools.cc
:scheme
https
:path
/ads_advert.html
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
sec-fetch-mode
navigate
sec-fetch-user
?1
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3
sec-fetch-site
none
accept-encoding
gzip, deflate, br
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Mode
navigate
Sec-Fetch-User
?1

Response headers

status
200
content-type
text/html; charset=utf-8
vary
Accept-Encoding
etag
W/"5da05a01-298"
expires
Wed, 13 Nov 2019 13:11:40 GMT
cache-control
no-cache
content-encoding
gzip
ads_capliman.css
promotools.cc/front/ 		500 B
342 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://promotools.cc/front/ads_capliman.css
Requested by
Host: promotools.cc
URL: https://promotools.cc/ads_advert.html
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
95.216.96.252 , Finland, ASN24940 (HETZNER-AS, DE),
Reverse DNS
static.252.96.216.95.clients.your-server.de
Software
/
Resource Hash
6bd2cdbd9a9be826b152dd2aea231b2e9a9cb2182ca9fadca847d7042e822930

Request headers

Sec-Fetch-Mode
no-cors
Referer
https://promotools.cc/ads_advert.html
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

status
200
content-encoding
gzip
etag
W/"5d67fdf5-1f4"
vary
Accept-Encoding
content-type
text/css
ads_capliman.js
promotools.cc/js/simple/ 		6 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://promotools.cc/js/simple/ads_capliman.js?v0.19
Requested by
Host: promotools.cc
URL: https://promotools.cc/ads_advert.html
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
95.216.96.252 , Finland, ASN24940 (HETZNER-AS, DE),
Reverse DNS
static.252.96.216.95.clients.your-server.de
Software
/
Resource Hash
292b09e983e097c72f00c780a1ecea46d27aa92d5a3367f6d4039f43cf2d3095

Request headers

Sec-Fetch-Mode
no-cors
Referer
https://promotools.cc/ads_advert.html
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

status
200
cache-control
no-cache
content-type
application/javascript; charset=utf-8
content-encoding
gzip
etag
W/"5d67fdf5-17d0"
vary
Accept-Encoding
expires
Wed, 13 Nov 2019 13:11:40 GMT
vc_light.js
promotools.cc/ 		71 KB
24 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://promotools.cc/vc_light.js?2019-08-28T18:00
Requested by
Host: promotools.cc
URL: https://promotools.cc/js/simple/ads_capliman.js?v0.19
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
95.216.96.252 , Finland, ASN24940 (HETZNER-AS, DE),
Reverse DNS
static.252.96.216.95.clients.your-server.de
Software
/
Resource Hash
9b6a14d23f8b7ce4959de7c92c2c6a87915905d4c7be977b24324094e4410c89

Request headers

Sec-Fetch-Mode
no-cors
Referer
https://promotools.cc/ads_advert.html
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

status
200
cache-control
no-cache
content-type
application/javascript; charset=utf-8
content-encoding
gzip
etag
W/"5dcbef99-11a95"
vary
Accept-Encoding
expires
Wed, 13 Nov 2019 13:11:40 GMT
yametrika.html
promotools.cc/ Frame A7D5 		3 KB
1 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://promotools.cc/yametrika.html?ya_metrika_id=47585632&utm_campaign=f482a203-d8a6-52f8-b7c1-df8aa9dcbaf5&utm_content=promotools.cc
Requested by
Host: promotools.cc
URL: https://promotools.cc/vc_light.js?2019-08-28T18:00
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
95.216.96.252 , Finland, ASN24940 (HETZNER-AS, DE),
Reverse DNS
static.252.96.216.95.clients.your-server.de
Software
/
Resource Hash
377251376d65c36f2f1463ace90453f2eefa5dab0876686382b2a543afa82a97

Request headers

:method
GET
:authority
promotools.cc
:scheme
https
:path
/yametrika.html?ya_metrika_id=47585632&utm_campaign=f482a203-d8a6-52f8-b7c1-df8aa9dcbaf5&utm_content=promotools.cc
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
sec-fetch-mode
nested-navigate
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3
sec-fetch-site
same-origin
referer
https://promotools.cc/ads_advert.html
accept-encoding
gzip, deflate, br
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Mode
nested-navigate
Referer
https://promotools.cc/ads_advert.html

Response headers

status
200
content-type
text/html; charset=utf-8
vary
Accept-Encoding
etag
W/"5d1da72b-b41"
expires
Wed, 13 Nov 2019 13:11:40 GMT
cache-control
no-cache
content-encoding
gzip
settings.php
videobrain.org/ 		528 B
569 B 		Script
General
Check archive.org
Download Go to
Full URL
https://videobrain.org/settings.php?callback=adsCallbackSgND&partnerId=f482a203-d8a6-52f8-b7c1-df8aa9dcbaf5&url=https%3A%2F%2Fpromotools.cc%2Fads_advert.html&referrer=&ua=Mozilla%2F5.0%20(Macintosh%3B%20Intel%20Mac%20OS%20X%2010_14_5)%20AppleWebKit%2F537.36%20(KHTML%2C%20like%20Gecko)%20Chrome%2F74.0.3729.169%20Safari%2F537.36&dt=2019-11-03T14%3A11%3A41&random=xWyrB8zH&width=1600&height=900
Requested by
Host: promotools.cc
URL: https://promotools.cc/vc_light.js?2019-08-28T18:00
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
95.213.171.109 , Russian Federation, ASN49505 (SELECTEL, RU),
Reverse DNS
Software
/
Resource Hash
9b2545384660e000f2573be780b41a0c89b85eacd0b24967610f6af9379c958d

Request headers

Sec-Fetch-Mode
no-cors
Referer
https://promotools.cc/ads_advert.html
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

status
200
expires
Wed, 13 Nov 2019 13:11:40 GMT
content-encoding
gzip
cache-control
no-cache
content-type
text/javascript;charset=UTF-8
wrds.gif
ead0f88a944243b6b7ed639e6d528916.domru.ru/ 		42 B
247 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ead0f88a944243b6b7ed639e6d528916.domru.ru/wrds.gif
Requested by
Host: promotools.cc
URL: https://promotools.cc/ads_advert.html
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
188.186.156.88 , Russian Federation, ASN31483 (ERTELECOM-DC-AS, RU),
Reverse DNS
188x186x156x88.static.cc.ertelecom.ru
Software
nginx/1.12.2 /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

Sec-Fetch-Mode
no-cors
Referer
https://promotools.cc/ads_advert.html
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date
Wed, 13 Nov 2019 13:09:57 GMT
last-modified
Tue, 09 Jul 2019 15:01:03 GMT
server
nginx/1.12.2
etag
"5d24ac2f-2a"
content-type
image/gif
status
200
accept-ranges
bytes
content-length
42
l.gif
efatik.me/ 		0
59 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://efatik.me/l.gif?partnerId=f482a203-d8a6-52f8-b7c1-df8aa9dcbaf5&requestId=59e7cba7-88c4-4793-85cc-da45caf0925c&endHost=promotools.cc&geoCountry=DE&geoCity=Other&device=windows&ad_network=unknown&rnd=LdDE&action_type=executetime&action_key=init&action_value=0.17526499927043915
Requested by
Host: promotools.cc
URL: https://promotools.cc/ads_advert.html
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
138.201.226.230 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
static.230.226.201.138.clients.your-server.de
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Sec-Fetch-Mode
no-cors
Referer
https://promotools.cc/ads_advert.html
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

status
204
cache-control
no-cache
expires
Wed, 13 Nov 2019 13:11:40 GMT
watch.js
mc.yandex.ru/metrika/ Frame A7D5 		134 KB
40 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://mc.yandex.ru/metrika/watch.js
Requested by
Host: promotools.cc
URL: https://promotools.cc/yametrika.html?ya_metrika_id=47585632&utm_campaign=f482a203-d8a6-52f8-b7c1-df8aa9dcbaf5&utm_content=promotools.cc
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
2a02:6b8::1:119 Moscow, Russian Federation, ASN13238 (YANDEX, RU),
Reverse DNS
Software
nginx/1.14.2 /
Resource Hash
740eaaf2950fccaca500a025effeec0f52d21702c7217dab14dadcbb9228e2f0
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

Sec-Fetch-Mode
no-cors
Referer
https://promotools.cc/yametrika.html?ya_metrika_id=47585632&utm_campaign=f482a203-d8a6-52f8-b7c1-df8aa9dcbaf5&utm_content=promotools.cc
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Date
Wed, 13 Nov 2019 13:11:41 GMT
Content-Encoding
br
Last-Modified
Thu, 07 Nov 2019 13:09:02 GMT
Server
nginx/1.14.2
ETag
"5dc4176e-9d11"
Strict-Transport-Security
max-age=31536000
Content-Type
application/javascript
Access-Control-Allow-Origin
*
Cache-Control
max-age=3600
Connection
keep-alive
Content-Length
40209
Expires
Wed, 13 Nov 2019 14:11:41 GMT
0.28215861408854814
www.tns-counter.ru/V13b****yandexvideo_network/ru/UTF-8/tmsec=yandexvideo_videonetwork258005/ Frame A7D5
Redirect Chain
  • https://www.tns-counter.ru/V13a****yandexvideo_network/ru/UTF-8/tmsec=yandexvideo_videonetwork258005/0.28215861408854814
  • https://www.tns-counter.ru/V13b****yandexvideo_network/ru/UTF-8/tmsec=yandexvideo_videonetwork258005/0.28215861408854814
43 B
458 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.tns-counter.ru/V13b****yandexvideo_network/ru/UTF-8/tmsec=yandexvideo_videonetwork258005/0.28215861408854814
Requested by
Host: promotools.cc
URL: https://promotools.cc/yametrika.html?ya_metrika_id=47585632&utm_campaign=f482a203-d8a6-52f8-b7c1-df8aa9dcbaf5&utm_content=promotools.cc
Protocol
HTTP/1.1
Security
TLS 1.2, RSA, AES_128_CBC
Server
2001:6d0:4001::226 , Russian Federation, ASN52016 (TNSMSK-, RU),
Reverse DNS
Software
ms-counter-2.3.0/1.14.0 /
Resource Hash
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

Referer
https://promotools.cc/yametrika.html?ya_metrika_id=47585632&utm_campaign=f482a203-d8a6-52f8-b7c1-df8aa9dcbaf5&utm_content=promotools.cc
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Pragma
no-cache
Date
Wed, 13 Nov 2019 13:11:42 GMT
Last-Modified
Mon, 28 Sep 1970 06:00:00 GMT
Server
ms-counter-2.3.0/1.14.0
Content-Type
image/gif
Cache-Control
no-store, no-cache, must-revalidate, post-check=0, pre-check=0, no-cache=Set-Cookie, max-age=0, proxy-revalidate
Connection
keep-alive
Timing-Allow-Origin
*
Content-Length
43
Expires
Thu, 01 Jan 1970 00:00:01 GMT

Redirect headers

Pragma
no-cache
Date
Wed, 13 Nov 2019 13:11:42 GMT
Server
ms-counter-2.3.0/1.14.0
Strict-Transport-Security
max-age=2678400
Content-Type
image/gif
Location
https://www.tns-counter.ru/V13b****yandexvideo_network/ru/UTF-8/tmsec=yandexvideo_videonetwork258005/0.28215861408854814
Cache-Control
no-store, no-cache, must-revalidate, post-check=0, pre-check=0, no-cache=Set-Cookie, max-age=0, proxy-revalidate
Connection
keep-alive
Timing-Allow-Origin
*
Content-Length
0
Expires
Thu, 01 Jan 1970 00:00:01 GMT
code.js
top-fwz1.mail.ru/js/ Frame A7D5 		16 KB
7 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://top-fwz1.mail.ru/js/code.js
Requested by
Host: promotools.cc
URL: https://promotools.cc/yametrika.html?ya_metrika_id=47585632&utm_campaign=f482a203-d8a6-52f8-b7c1-df8aa9dcbaf5&utm_content=promotools.cc
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, CHACHA20_POLY1305
Server
217.69.133.145 , Russian Federation, ASN47764 (MAILRU-AS Mail.Ru, RU),
Reverse DNS
top-fwz1.mail.ru
Software
nginx /
Resource Hash
31bb1ba9c97d97ce20d80a4f7513c9c78107313ef437cb462fdcac3fcce43e65
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Sec-Fetch-Mode
no-cors
Referer
https://promotools.cc/yametrika.html?ya_metrika_id=47585632&utm_campaign=f482a203-d8a6-52f8-b7c1-df8aa9dcbaf5&utm_content=promotools.cc
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Date
Wed, 13 Nov 2019 13:11:41 GMT
Content-Encoding
gzip
X-Content-Type-Options
nosniff
Transfer-Encoding
chunked
P3P
CP="NOI DSP COR NID CUR PSA OUR NOR"
Connection
keep-alive
AMP-Access-Control-Allow-Source-Origin
*
Last-Modified
Thu, 24 Oct 2019 07:46:23 GMT
Server
nginx
ETag
W/"5db156cf-3e05"
Access-Control-Allow-Methods
GET, POST, HEAD, PUT, OPTIONS
Content-Type
application/javascript
Access-Control-Allow-Origin
*
Access-Control-Expose-Headers
AMP-Access-Control-Allow-Source-Origin
Cache-control
max-age=43200, private
Access-Control-Allow-Credentials
true
Timing-Allow-Origin
*
Keep-Alive
timeout=60
l.gif
efatik.me/ 		0
58 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://efatik.me/l.gif?partnerId=f482a203-d8a6-52f8-b7c1-df8aa9dcbaf5&requestId=59e7cba7-88c4-4793-85cc-da45caf0925c&endHost=promotools.cc&geoCountry=DE&geoCity=Other&device=windows&ad_network=unknown&rnd=HPXp&size=1600x900&userUuid=c562b601-1819-4021-9f4f-108090d32420&action_type=error_settings&action_value=9
Requested by
Host: promotools.cc
URL: https://promotools.cc/ads_advert.html
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
138.201.226.230 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
static.230.226.201.138.clients.your-server.de
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Sec-Fetch-Mode
no-cors
Referer
https://promotools.cc/ads_advert.html
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

status
204
cache-control
no-cache
expires
Wed, 13 Nov 2019 13:11:40 GMT
l.gif
efatik.me/ 		0
58 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://efatik.me/l.gif?partnerId=f482a203-d8a6-52f8-b7c1-df8aa9dcbaf5&requestId=59e7cba7-88c4-4793-85cc-da45caf0925c&endHost=promotools.cc&geoCountry=DE&geoCity=Other&device=windows&ad_network=unknown&rnd=zJbs&size=1600x900&userUuid=c562b601-1819-4021-9f4f-108090d32420&action_type=error&action_key=5&action_value=%5BE%5D%20Settings%3A%209&referrer=https%3A%2F%2Fpromotools.cc%2Fads_advert.html&ua=Mozilla%2F5.0%20(Macintosh%3B%20Intel%20Mac%20OS%20X%2010_14_5)%20AppleWebKit%2F537.36%20(KHTML%2C%20like%20Gecko)%20Chrome%2F74.0.3729.169%20Safari%2F537.36
Requested by
Host: promotools.cc
URL: https://promotools.cc/ads_advert.html
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
138.201.226.230 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
static.230.226.201.138.clients.your-server.de
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Sec-Fetch-Mode
no-cors
Referer
https://promotools.cc/ads_advert.html
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

status
204
cache-control
no-cache
expires
Wed, 13 Nov 2019 13:11:40 GMT
l.gif
efatik.me/ 		0
58 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://efatik.me/l.gif?partnerId=f482a203-d8a6-52f8-b7c1-df8aa9dcbaf5&requestId=59e7cba7-88c4-4793-85cc-da45caf0925c&endHost=promotools.cc&geoCountry=DE&geoCity=Other&device=windows&ad_network=unknown&rnd=6O09&size=1600x900&userUuid=c562b601-1819-4021-9f4f-108090d32420&action_type=error_ad_no
Requested by
Host: promotools.cc
URL: https://promotools.cc/ads_advert.html
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
138.201.226.230 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
static.230.226.201.138.clients.your-server.de
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Sec-Fetch-Mode
no-cors
Referer
https://promotools.cc/ads_advert.html
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

status
204
cache-control
no-cache
expires
Wed, 13 Nov 2019 13:11:40 GMT
counter
top-fwz1.mail.ru/ Frame A7D5 		43 B
910 B 		Other
General
Check archive.org
Download Go to
Full URL
https://top-fwz1.mail.ru/counter?js=13;id=3017725;u=https%3A//promotools.cc/yametrika.html%3Fya_metrika_id%3D47585632%26utm_campaign%3Df482a203-d8a6-52f8-b7c1-df8aa9dcbaf5%26utm_content%3Dpromotools.cc;r=https%3A//promotools.cc/ads_advert.html;st=1573650701789;title=Yandex.Metrika;s=1600*1200;vp=1*1;touch=0;hds=1;flash=;sid=3de3e20893fd49bb;ver=60.1.0;tz=-60%2FEurope%2FBerlin;ni=10//4g/0/0/;_=0.18584467686855577
Requested by
Host: top-fwz1.mail.ru
URL: https://top-fwz1.mail.ru/js/code.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, CHACHA20_POLY1305
Server
217.69.133.145 , Russian Federation, ASN47764 (MAILRU-AS Mail.Ru, RU),
Reverse DNS
top-fwz1.mail.ru
Software
nginx /
Resource Hash
24e480e4659fbae818853a38f8a3036f529f539024dc3e772c0b594ce02ea9db
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Sec-Fetch-Mode
no-cors
Referer
https://promotools.cc/yametrika.html?ya_metrika_id=47585632&utm_campaign=f482a203-d8a6-52f8-b7c1-df8aa9dcbaf5&utm_content=promotools.cc
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

Date
Wed, 13 Nov 2019 13:11:41 GMT
X-Content-Type-Options
nosniff
P3P
CP="NOI DSP COR NID CUR PSA OUR NOR"
Connection
keep-alive
Content-Length
43
Pragma
no-cache
AMP-Access-Control-Allow-Source-Origin
https://promotools.cc
Server
nginx
Access-Control-Allow-Methods
GET, POST, HEAD, PUT, OPTIONS
Content-Type
image/gif
Access-Control-Allow-Origin
https://promotools.cc
Access-Control-Expose-Headers
AMP-Access-Control-Allow-Source-Origin
Cache-control
private, no-cache, no-store, max-age=0
Access-Control-Allow-Credentials
true
Timing-Allow-Origin
https://promotools.cc
Keep-Alive
timeout=60
1
mc.yandex.ru/watch/47585632/ Frame A7D5
Redirect Chain
  • https://mc.yandex.ru/watch/47585632?wmode=7&page-ref=https%3A%2F%2Fpromotools.cc%2Fads_advert.html&page-url=https%3A%2F%2Fpromotools.cc%2Fyametrika.html%3Fya_metrika_id%3D47585632%26utm_campaign%3D...
  • https://mc.yandex.ru/watch/47585632/1?wmode=7&page-ref=https%3A%2F%2Fpromotools.cc%2Fads_advert.html&page-url=https%3A%2F%2Fpromotools.cc%2Fyametrika.html%3Fya_metrika_id%3D47585632%26utm_campaign%...
152 B
701 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://mc.yandex.ru/watch/47585632/1?wmode=7&page-ref=https%3A%2F%2Fpromotools.cc%2Fads_advert.html&page-url=https%3A%2F%2Fpromotools.cc%2Fyametrika.html%3Fya_metrika_id%3D47585632%26utm_campaign%3Df482a203-d8a6-52f8-b7c1-df8aa9dcbaf5%26utm_content%3Dpromotools.cc&charset=utf-8&ut=noindex&browser-info=ti%3A10%3Ans%3A1573650701756%3As%3A1600x1200x24%3Ask%3A1%3Ahdl%3A1%3Aifr%3A1%3Asti%3A1%3Afpr%3A216613626101%3Acn%3A1%3Aw%3A1x1%3Az%3A60%3Ai%3A20191113141142%3Aet%3A1573650702%3Aen%3Autf-8%3Ac%3A1%3Ala%3Aen-us%3Anp%3ATGludXggeDg2XzY0%3Apv%3A1%3Arn%3A161304593%3Ahid%3A168560219%3Ads%3A0%2C0%2C28%2C0%2C0%2C0%2C0%2C3%2C0%2C%2C%2C%2C33%3Agdpr%3A14%3Av%3A1736%3Ast%3A1573650702%3Au%3A1573650702956459446%3At%3AYandex.Metrika
Requested by
Host: promotools.cc
URL: https://promotools.cc/yametrika.html?ya_metrika_id=47585632&utm_campaign=f482a203-d8a6-52f8-b7c1-df8aa9dcbaf5&utm_content=promotools.cc
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
2a02:6b8::1:119 Moscow, Russian Federation, ASN13238 (YANDEX, RU),
Reverse DNS
Software
nginx/1.14.2 /
Resource Hash
01b65d1d8f113fb5fb26fb2fb0b9a2df6737b4895658a023b307fb0c0b9d5eb7
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
https://promotools.cc/yametrika.html?ya_metrika_id=47585632&utm_campaign=f482a203-d8a6-52f8-b7c1-df8aa9dcbaf5&utm_content=promotools.cc
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Pragma
no-cache
Date
Wed, 13 Nov 2019 13:11:42 GMT
X-Content-Type-Options
nosniff
Last-Modified
Wed, 13-Nov-2019 13:11:42 GMT
Server
nginx/1.14.2
Strict-Transport-Security
max-age=31536000
Content-Type
application/json; charset=utf-8
Access-Control-Allow-Origin
https://promotools.cc
Cache-Control
private, no-cache, no-store, must-revalidate, max-age=0
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Length
152
X-XSS-Protection
1; mode=block
Expires
Wed, 13-Nov-2019 13:11:42 GMT

Redirect headers

Pragma
no-cache
Date
Wed, 13 Nov 2019 13:11:42 GMT
Last-Modified
Wed, 13-Nov-2019 13:11:42 GMT
Server
nginx/1.14.2
Access-Control-Allow-Origin
https://promotools.cc
Strict-Transport-Security
max-age=31536000
Location
/watch/47585632/1?wmode=7&page-ref=https%3A%2F%2Fpromotools.cc%2Fads_advert.html&page-url=https%3A%2F%2Fpromotools.cc%2Fyametrika.html%3Fya_metrika_id%3D47585632%26utm_campaign%3Df482a203-d8a6-52f8-b7c1-df8aa9dcbaf5%26utm_content%3Dpromotools.cc&charset=utf-8&ut=noindex&browser-info=ti%3A10%3Ans%3A1573650701756%3As%3A1600x1200x24%3Ask%3A1%3Ahdl%3A1%3Aifr%3A1%3Asti%3A1%3Afpr%3A216613626101%3Acn%3A1%3Aw%3A1x1%3Az%3A60%3Ai%3A20191113141142%3Aet%3A1573650702%3Aen%3Autf-8%3Ac%3A1%3Ala%3Aen-us%3Anp%3ATGludXggeDg2XzY0%3Apv%3A1%3Arn%3A161304593%3Ahid%3A168560219%3Ads%3A0%2C0%2C28%2C0%2C0%2C0%2C0%2C3%2C0%2C%2C%2C%2C33%3Agdpr%3A14%3Av%3A1736%3Ast%3A1573650702%3Au%3A1573650702956459446%3At%3AYandex.Metrika
Cache-Control
private, no-cache, no-store, must-revalidate, max-age=0
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Length
0
X-XSS-Protection
1; mode=block
Expires
Wed, 13-Nov-2019 13:11:42 GMT
advert.gif
mc.yandex.ru/metrika/ Frame A7D5 		43 B
445 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://mc.yandex.ru/metrika/advert.gif
Requested by
Host: promotools.cc
URL: https://promotools.cc/yametrika.html?ya_metrika_id=47585632&utm_campaign=f482a203-d8a6-52f8-b7c1-df8aa9dcbaf5&utm_content=promotools.cc
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
2a02:6b8::1:119 Moscow, Russian Federation, ASN13238 (YANDEX, RU),
Reverse DNS
Software
nginx/1.14.2 /
Resource Hash
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

Sec-Fetch-Mode
no-cors
Referer
https://promotools.cc/yametrika.html?ya_metrika_id=47585632&utm_campaign=f482a203-d8a6-52f8-b7c1-df8aa9dcbaf5&utm_content=promotools.cc
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Date
Wed, 13 Nov 2019 13:11:42 GMT
Content-Encoding
gzip
Last-Modified
Mon, 12 Oct 2015 13:09:09 GMT
Server
nginx/1.14.2
ETag
"561bb0f5-3d"
Strict-Transport-Security
max-age=31536000
Content-Type
image/gif
Access-Control-Allow-Origin
*
Cache-Control
max-age=3600
Connection
keep-alive
Content-Length
61
Expires
Wed, 13 Nov 2019 14:11:42 GMT
tracker
top-fwz1.mail.ru/ Frame A7D5 		43 B
818 B 		Other
General
Check archive.org
Download Go to
Full URL
https://top-fwz1.mail.ru/tracker?js=13;id=3017725;u=https%3A//promotools.cc/yametrika.html%3Fya_metrika_id%3D47585632%26utm_campaign%3Df482a203-d8a6-52f8-b7c1-df8aa9dcbaf5%26utm_content%3Dpromotools.cc;r=https%3A//promotools.cc/ads_advert.html;st=1573650701789;s=1600*1200;vp=1*1;touch=0;hds=1;flash=;sid=3de3e20893fd49bb;ver=60.1.0;tz=-60%2FEurope%2FBerlin;nt=0/0/1573650701756/////0/0/0/0/0//0/28/28/30/33/33/33/685/685/;ni=10//4g/0/0/;_=0.15921696662805362;e=RT/load;et=1573650702442
Requested by
Host: top-fwz1.mail.ru
URL: https://top-fwz1.mail.ru/js/code.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, CHACHA20_POLY1305
Server
217.69.133.145 , Russian Federation, ASN47764 (MAILRU-AS Mail.Ru, RU),
Reverse DNS
top-fwz1.mail.ru
Software
nginx /
Resource Hash
24e480e4659fbae818853a38f8a3036f529f539024dc3e772c0b594ce02ea9db
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Sec-Fetch-Mode
no-cors
Referer
https://promotools.cc/yametrika.html?ya_metrika_id=47585632&utm_campaign=f482a203-d8a6-52f8-b7c1-df8aa9dcbaf5&utm_content=promotools.cc
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

Date
Wed, 13 Nov 2019 13:11:42 GMT
X-Content-Type-Options
nosniff
P3P
CP="NOI DSP COR NID CUR PSA OUR NOR"
Connection
keep-alive
Content-Length
43
Pragma
no-cache
AMP-Access-Control-Allow-Source-Origin
https://promotools.cc
Server
nginx
Access-Control-Allow-Methods
GET, POST, HEAD, PUT, OPTIONS
Content-Type
image/gif
Access-Control-Allow-Origin
https://promotools.cc
Access-Control-Expose-Headers
AMP-Access-Control-Allow-Source-Origin
Cache-control
private, no-cache, no-store, max-age=0
Access-Control-Allow-Credentials
true
Timing-Allow-Origin
https://promotools.cc
Keep-Alive
timeout=60

Verdicts & Comments Add Verdict or Comment

7 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| onformdata object| onpointerrawupdate function| callbackAdsCapliman object| video_captain_callback function| noAds object| VideoCapitan function| adsCallbackSgND

4 Cookies

Domain/Path Name / Value
.promotools.cc/ Name: _ym_d
Value: 1573650702
.promotools.cc/ Name: _ym_isad
Value: 2
.promotools.cc/ Name: _ym_uid
Value: 1573650702956459446
promotools.cc/ Name: vc_ad_no
Value: 1