urlscan.io logo urlscan.io
SecurityTrails logo

citilink-promo.ru Open in urlscan Pro
5.61.49.61  Public Scan

Go To Rescan Add Verdict Report
Submitted URL: https://www.citilink-promo.ru/
Effective URL: https://citilink-promo.ru/
Submission: On July 04 via automatic, source certstream-suspicious — Scanned from NL
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 7 IPs in 4 countries across 7 domains to perform 23 HTTP transactions. The main IP is 5.61.49.61, located in Meppel, Netherlands and belongs to SCALAXY-AS, LV. The main domain is citilink-promo.ru.
TLS certificate: Issued by R11 on July 2nd 2024. Valid for: 3 months.
This is the only time citilink-promo.ru was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
1 7 5.61.49.61 58061 (SCALAXY-AS)
1 185.177.92.153 39572 (ADVANCEDH...)
3 37.1.206.13 58061 (SCALAXY-AS)
1 2a04:4e42:400... 54113 (FASTLY)
7 2a00:1450:400... 15169 (GOOGLE)
4 9 2a02:6b8::1:119 13238 (YANDEX)
23 7
7    5.61.49.61 (Meppel, Netherlands)

ASN58061 (SCALAXY-AS, LV)
PTR: free.ispiria.net
www.citilink-promo.ru
citilink-promo.ru
1    185.177.92.153 (Amsterdam, Netherlands)

ASN39572 (ADVANCEDHOSTERS-AS, NL)
PTR: ip-185-177-92-153.ah-server.com
askmebefore.biz
3    37.1.206.13 (Netherlands)

ASN58061 (SCALAXY-AS, LV)
l-cdn.ru
1    2a04:4e42:400::649 (United States)

ASN54113 (FASTLY, US)
code.jquery.com
7    2a00:1450:4001:82f::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
fonts.gstatic.com
9    2a02:6b8::1:119 (Moscow, Russian Federation)

ASN13238 (YANDEX, RU)
mc.yandex.ru
mc.yandex.com
Apex Domain
Subdomains		 Transfer
7 gstatic.com
fonts.gstatic.com
186 KB
7 citilink-promo.ru
www.citilink-promo.ru
citilink-promo.ru
82 KB
6 yandex.com
mc.yandex.com — Cisco Umbrella Rank: 8749
4 KB
3 yandex.ru
mc.yandex.ru — Cisco Umbrella Rank: 3382
57 KB
3 l-cdn.ru
l-cdn.ru
181 KB
1 jquery.com
code.jquery.com — Cisco Umbrella Rank: 816
30 KB
1 askmebefore.biz
askmebefore.biz
19 KB
23 7
Domain Requested by
7 fonts.gstatic.com citilink-promo.ru
6 mc.yandex.com 3 redirects citilink-promo.ru
mc.yandex.ru
6 citilink-promo.ru citilink-promo.ru
3 mc.yandex.ru 1 redirects citilink-promo.ru
3 l-cdn.ru citilink-promo.ru
1 code.jquery.com citilink-promo.ru
1 askmebefore.biz citilink-promo.ru
1 www.citilink-promo.ru 1 redirects
23 8

This site contains links to these domains. Also see Links.

Domain
vk.com
www.facebook.com
instagram.com
www.youtube.com
www.odnoklassniki.ru
Subject Issuer Validity Valid
citilink-promo.ru
R11		 2024-07-02 -
2024-09-30		 3 months crt.sh
tailstories.biz
R10		 2024-07-01 -
2024-09-29		 3 months crt.sh
l-cdn.ru
R11		 2024-06-19 -
2024-09-17		 3 months crt.sh
*.jquery.com
Sectigo ECC Domain Validation Secure Server CA		 2024-06-25 -
2025-06-25		 a year crt.sh
*.gstatic.com
WR2		 2024-06-13 -
2024-09-05		 3 months crt.sh
mc.yandex.ru
GlobalSign ECC OV SSL CA 2018		 2024-05-23 -
2024-11-02		 5 months crt.sh

This page contains 2 frames:

Primary Page: https://citilink-promo.ru/
Frame ID: 08AE10822823128DE1B4E2402B40E429
Requests: 23 HTTP requests in this frame

Frame: https://mc.yandex.com/metrika/metrika_match.html
Frame ID: E7CC7F64497D4D6E9F62E9C5166068D1
Requests: 1 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page Title

Ситилинк — дискаунтер компьютерной техники

Page URL History Show full URLs

  1. https://www.citilink-promo.ru/ HTTP 301
    http://citilink-promo.ru/ HTTP 307
    https://citilink-promo.ru/ Page URL

Detected technologies

Overall confidence: 100%
Detected patterns
  • mc\.yandex\.ru/metrika/(?:tag|watch)\.js
Overall confidence: 100%
Detected patterns
  • jquery[.-]([\d.]*\d)[^/]*\.js
  • jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?

Page Statistics

23
Requests

91 %
HTTPS

50 %
IPv6

7
Domains

8
Subdomains

7
IPs

4
Countries

556 kB
Transfer

826 kB
Size

24
Cookies

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

  1. https://www.citilink-promo.ru/ HTTP 301
    http://citilink-promo.ru/ HTTP 307
    https://citilink-promo.ru/ Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 18
  • https://mc.yandex.com/sync_cookie_image_check HTTP 302
  • https://mc.yandex.ru/sync_cookie_image_start?redirect_domain=mc.yandex.com&token=10419.TR6L70Q9PYSXywtFcxcQgRN_bJh8oQ9WX1Z6Dta6UMjPzCZ2E3_uJdD8ekw0lJYn.hRw2ByprBZPBuNqfX5iMy7yC1WY%2C HTTP 302
  • https://mc.yandex.com/sync_cookie_image_decide?token=10419.dzyVXmIaKFWKCcihktyufVga90OrBLD8NHmDh438j-tFuDJ2rLxmNb19A2IbvQfEWARH-AuJvOvt6shBQdwdwL7i4HtYle1GxqDiNOTWrqQTQxKsCHrDK-yb2k4EzDUAk7BwAsmzShFdWHP21ASN6atSiwnyO5qUKJsVZLqlwP3kuOwYmZV21somQ-jDhGXCetTcs2D4QaIS03aZ6jIBugr3raSBKPNRuag4RhZXy4E%2C.8GitXDBN7_QlDkeoYxvL7ZdzDnQ%2C HTTP 302
  • https://mc.yandex.ru/sync_cookie_image_finish?redirect_domain=mc.yandex.com&token=10419.RFVF4z5JZ0ow34ZrQcekqnxfYTqujS3kDKXQVZfweXzDhuQ2T8KE7boDCBEw4ZsVeU--43k0bt2k78GeOFiNRlJ5Fki0aOUGqzKozfRQgTvhFziyr0oNUZhh-PRxSoJnvOgWlt8Gph6OIOLUROntGhK733fpr3JAGH3Hk2NO2ZY7KFwN-IYm9tZLcKvuxmgM080r6oq-Ad2TZz65lJyXYw%2C%2C.BNpey86fMLFNQ7nRTJUrYJNoYnA%2C
Request Chain 21
  • https://mc.yandex.com/watch/54927487?wmode=7&page-url=https%3A%2F%2Fcitilink-promo.ru%2F&charset=utf-8&uah=chu%0A%22Google%20Chrome%22%3Bv%3D%22126%22%2C%22Not%3AA-Brand%22%3Bv%3D%228%22%2C%22Chromium%22%3Bv%3D%22126%22%0Acha%0Ax86%0Achb%0A64%0Achf%0A126.0.6478.126%0Achl%0A%22Not%2FA)Brand%22%3Bv%3D%228.0.0.0%22%2C%22Chromium%22%3Bv%3D%22126.0.6478.126%22%2C%22Google%20Chrome%22%3Bv%3D%22126.0.6478.126%22%0Achm%0A%3F0%0Achp%0AWin32%0Achv%0A10.0.0&browser-info=pv%3A1%3Avf%3A5hho8n2ksdla87onumn1dltjmj%3Afu%3A0%3Aen%3Autf-8%3Ala%3Anl-NL%3Av%3A1382%3Acn%3A1%3Adp%3A0%3Als%3A242723795149%3Ahid%3A444325389%3Az%3A120%3Ai%3A20240704022807%3Aet%3A1720052887%3Ac%3A1%3Arn%3A534543769%3Arqn%3A1%3Au%3A1720052887326982569%3Aw%3A1600x1200%3As%3A1600x1200x24%3Ask%3A1%3Afp%3A358%3Ads%3A0%2C0%2C50%2C1%2C139%2C0%2C%2C112%2C0%2C%2C%2C%2C376%3Aco%3A0%3Acpf%3A1%3Ans%3A1720052886577%3Aadb%3A2%3Arqnl%3A1%3Ast%3A1720052888%3At%3A%D0%A1%D0%B8%D1%82%D0%B8%D0%BB%D0%B8%D0%BD%D0%BA%20%E2%80%94%20%D0%B4%D0%B8%D1%81%D0%BA%D0%B0%D1%83%D0%BD%D1%82%D0%B5%D1%80%20%D0%BA%D0%BE%D0%BC%D0%BF%D1%8C%D1%8E%D1%82%D0%B5%D1%80%D0%BD%D0%BE%D0%B9%20%D1%82%D0%B5%D1%85%D0%BD%D0%B8%D0%BA%D0%B8&t=gdpr(14)clc(0-0-0)rqnt(1)aw(1)rcm(1)cdl(na)eco(3178752)ti(1) HTTP 302
  • https://mc.yandex.com/watch/54927487/1?wmode=7&page-url=https%3A%2F%2Fcitilink-promo.ru%2F&charset=utf-8&uah=chu%0A%22Google%20Chrome%22%3Bv%3D%22126%22%2C%22Not%3AA-Brand%22%3Bv%3D%228%22%2C%22Chromium%22%3Bv%3D%22126%22%0Acha%0Ax86%0Achb%0A64%0Achf%0A126.0.6478.126%0Achl%0A%22Not%2FA%29Brand%22%3Bv%3D%228.0.0.0%22%2C%22Chromium%22%3Bv%3D%22126.0.6478.126%22%2C%22Google%20Chrome%22%3Bv%3D%22126.0.6478.126%22%0Achm%0A%3F0%0Achp%0AWin32%0Achv%0A10.0.0&browser-info=pv%3A1%3Avf%3A5hho8n2ksdla87onumn1dltjmj%3Afu%3A0%3Aen%3Autf-8%3Ala%3Anl-NL%3Av%3A1382%3Acn%3A1%3Adp%3A0%3Als%3A242723795149%3Ahid%3A444325389%3Az%3A120%3Ai%3A20240704022807%3Aet%3A1720052887%3Ac%3A1%3Arn%3A534543769%3Arqn%3A1%3Au%3A1720052887326982569%3Aw%3A1600x1200%3As%3A1600x1200x24%3Ask%3A1%3Afp%3A358%3Ads%3A0%2C0%2C50%2C1%2C139%2C0%2C%2C112%2C0%2C%2C%2C%2C376%3Aco%3A0%3Acpf%3A1%3Ans%3A1720052886577%3Aadb%3A2%3Arqnl%3A1%3Ast%3A1720052888%3At%3A%D0%A1%D0%B8%D1%82%D0%B8%D0%BB%D0%B8%D0%BD%D0%BA%20%E2%80%94%20%D0%B4%D0%B8%D1%81%D0%BA%D0%B0%D1%83%D0%BD%D1%82%D0%B5%D1%80%20%D0%BA%D0%BE%D0%BC%D0%BF%D1%8C%D1%8E%D1%82%D0%B5%D1%80%D0%BD%D0%BE%D0%B9%20%D1%82%D0%B5%D1%85%D0%BD%D0%B8%D0%BA%D0%B8&t=gdpr%2814%29clc%280-0-0%29rqnt%281%29aw%281%29rcm%281%29cdl%28na%29eco%283178752%29ti%281%29

23 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
Primary Request /
citilink-promo.ru/
Redirect Chain
  • https://www.citilink-promo.ru/
  • http://citilink-promo.ru/
  • https://citilink-promo.ru/
43 KB
17 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://citilink-promo.ru/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, CHACHA20_POLY1305
Server
5.61.49.61 Meppel, Netherlands, ASN58061 (SCALAXY-AS, LV),
Reverse DNS
free.ispiria.net
Software
nginx /
Resource Hash
c59ab4fb54a0842bc82ad3627773afc1e5e6407416fc7c2baf3bad52642942b5
Security Headers
Name Value
Strict-Transport-Security max-age=31536000;

Request headers

Accept-Language
nl-NL,nl;q=0.9;q=0.9
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
sec-ch-ua-mobile
?0
sec-ch-ua-platform
"Win32"

Response headers

content-encoding
gzip
content-type
text/html; charset=UTF-8
date
Thu, 04 Jul 2024 00:28:06 GMT
server
nginx
strict-transport-security
max-age=31536000;
vary
Accept-Encoding

Redirect headers

Location
https://citilink-promo.ru/
Non-Authoritative-Reason
HttpsUpgrades
all.css
citilink-promo.ru/ 		104 KB
16 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://citilink-promo.ru/all.css
Requested by
Host: citilink-promo.ru
URL: https://citilink-promo.ru/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, CHACHA20_POLY1305
Server
5.61.49.61 Meppel, Netherlands, ASN58061 (SCALAXY-AS, LV),
Reverse DNS
free.ispiria.net
Software
nginx /
Resource Hash
b6de89beff98f1a23f7c92bd262e259fc11dc3317290f0c476a26a1dbf3f768f
Security Headers
Name Value
Strict-Transport-Security max-age=31536000;

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://citilink-promo.ru/
Accept-Language
nl-NL,nl;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Thu, 04 Jul 2024 00:28:06 GMT
content-encoding
gzip
strict-transport-security
max-age=31536000;
server
nginx
content-length
16029
vary
Accept-Encoding
content-type
text/css;charset=UTF-8
custom.css
citilink-promo.ru/ 		2 KB
751 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://citilink-promo.ru/custom.css
Requested by
Host: citilink-promo.ru
URL: https://citilink-promo.ru/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, CHACHA20_POLY1305
Server
5.61.49.61 Meppel, Netherlands, ASN58061 (SCALAXY-AS, LV),
Reverse DNS
free.ispiria.net
Software
nginx /
Resource Hash
88448ecda4f64d424c3ef2a5a0fb68e0fd22ee0740e94cfac014c567c19b0877
Security Headers
Name Value
Strict-Transport-Security max-age=31536000;

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://citilink-promo.ru/
Accept-Language
nl-NL,nl;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Thu, 04 Jul 2024 00:28:06 GMT
content-encoding
gzip
strict-transport-security
max-age=31536000;
server
nginx
vary
Accept-Encoding
content-type
text/css; charset: UTF-8;charset=UTF-8
cache-control
public
content-length
552
expires
Fri, 05 Jul 2024 00:28:06 GMT
/
askmebefore.biz/ 		19 KB
19 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://askmebefore.biz/?re=gyztsmlfgm5ha3ddf4ytambzga
Requested by
Host: citilink-promo.ru
URL: https://citilink-promo.ru/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.177.92.153 Amsterdam, Netherlands, ASN39572 (ADVANCEDHOSTERS-AS, NL),
Reverse DNS
ip-185-177-92-153.ah-server.com
Software
nginx /
Resource Hash
fceee08b5818340850ae21fd736651cfe60bf488863995f6b1a9e37ed6b44ce8
Security Headers
Name Value
Content-Security-Policy img-src https: data:; upgrade-insecure-requests
Strict-Transport-Security max-age=31536000

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://citilink-promo.ru/
Accept-Language
nl-NL,nl;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

access-control-allow-origin
*
date
Thu, 04 Jul 2024 00:28:06 GMT
strict-transport-security
max-age=31536000
content-security-policy
img-src https: data:; upgrade-insecure-requests
server
nginx
content-type
application/javascript; charset=UTF-8
/
l-cdn.ru/mls7/slide-1/ 		84 KB
84 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://l-cdn.ru/mls7/slide-1/?domain=citilink-promo.ru&format=webp&id=25&second_color=fff
Requested by
Host: citilink-promo.ru
URL: https://citilink-promo.ru/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, CHACHA20_POLY1305
Server
37.1.206.13 , Netherlands, ASN58061 (SCALAXY-AS, LV),
Reverse DNS
Software
nginx /
Resource Hash
108de94987e7778a767209a7b2bbec1efcc406544feb23f49d3f85d97499219f
Security Headers
Name Value
Strict-Transport-Security max-age=31536000;

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://citilink-promo.ru/
Accept-Language
nl-NL,nl;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Thu, 04 Jul 2024 00:28:07 GMT
strict-transport-security
max-age=31536000;
server
nginx
content-type
image/webp
/
l-cdn.ru/mls7/slide-2/ 		35 KB
35 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://l-cdn.ru/mls7/slide-2/?domain=citilink-promo.ru&format=webp&id=25&second_color=fff
Requested by
Host: citilink-promo.ru
URL: https://citilink-promo.ru/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, CHACHA20_POLY1305
Server
37.1.206.13 , Netherlands, ASN58061 (SCALAXY-AS, LV),
Reverse DNS
Software
nginx /
Resource Hash
6080d024412794cd0464ba8bca046adaf3650f292b3060d12063b0a3a02999fa
Security Headers
Name Value
Strict-Transport-Security max-age=31536000;

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://citilink-promo.ru/
Accept-Language
nl-NL,nl;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Thu, 04 Jul 2024 00:28:07 GMT
strict-transport-security
max-age=31536000;
server
nginx
content-type
image/webp
/
l-cdn.ru/mls7/slide-3/ 		62 KB
62 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://l-cdn.ru/mls7/slide-3/?domain=citilink-promo.ru&format=webp&id=25&second_color=fff
Requested by
Host: citilink-promo.ru
URL: https://citilink-promo.ru/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, CHACHA20_POLY1305
Server
37.1.206.13 , Netherlands, ASN58061 (SCALAXY-AS, LV),
Reverse DNS
Software
nginx /
Resource Hash
695b4445ba845063f646014f3bfe2796c857f7182f719469ec02eaef96ca6b8a
Security Headers
Name Value
Strict-Transport-Security max-age=31536000;

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://citilink-promo.ru/
Accept-Language
nl-NL,nl;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Thu, 04 Jul 2024 00:28:07 GMT
strict-transport-security
max-age=31536000;
server
nginx
content-type
image/webp
jquery-3.4.1.min.js
code.jquery.com/ 		86 KB
30 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://code.jquery.com/jquery-3.4.1.min.js
Requested by
Host: citilink-promo.ru
URL: https://citilink-promo.ru/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a04:4e42:400::649 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx /
Resource Hash
0925e8ad7bd971391a8b1e98be8e87a6971919eb5b60c196485941c3c1df089a

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://citilink-promo.ru/
Accept-Language
nl-NL,nl;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Thu, 04 Jul 2024 00:28:06 GMT
content-encoding
gzip
via
1.1 varnish, 1.1 varnish
age
146623
x-cache
HIT, HIT
content-length
30638
x-served-by
cache-lga21965-LGA, cache-ams2100097-AMS
last-modified
Fri, 18 Oct 1991 12:00:00 GMT
server
nginx
x-timer
S1720052887.920806,VS0,VE0
etag
W/"28feccc0-15851"
vary
Accept-Encoding
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
cache-control
public, max-age=31536000, stale-while-revalidate=604800
accept-ranges
bytes
x-cache-hits
19, 16036
scripts.js
citilink-promo.ru/templates/m70/js/ 		16 KB
16 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://citilink-promo.ru/templates/m70/js/scripts.js
Requested by
Host: citilink-promo.ru
URL: https://citilink-promo.ru/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, CHACHA20_POLY1305
Server
5.61.49.61 Meppel, Netherlands, ASN58061 (SCALAXY-AS, LV),
Reverse DNS
free.ispiria.net
Software
nginx /
Resource Hash
4980d83d54014a294301e2369fd2914f2403e206936221b8f6ef52656bc2d6ec
Security Headers
Name Value
Strict-Transport-Security max-age=31536000;

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://citilink-promo.ru/
Accept-Language
nl-NL,nl;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Thu, 04 Jul 2024 00:28:06 GMT
strict-transport-security
max-age=31536000;
last-modified
Mon, 26 Aug 2019 05:35:04 GMT
server
nginx
etag
"5d636f88-4087"
content-type
application/javascript
accept-ranges
bytes
content-length
16519
social_sprites.svg
citilink-promo.ru/templates/m70/images/ 		31 KB
31 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://citilink-promo.ru/templates/m70/images/social_sprites.svg
Requested by
Host: citilink-promo.ru
URL: https://citilink-promo.ru/all.css
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, CHACHA20_POLY1305
Server
5.61.49.61 Meppel, Netherlands, ASN58061 (SCALAXY-AS, LV),
Reverse DNS
free.ispiria.net
Software
nginx /
Resource Hash
657fe99bd98126e4b5f8ed234219fcb8c1a238d35b596ed965f0d0e22cc260b7
Security Headers
Name Value
Strict-Transport-Security max-age=31536000;

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://citilink-promo.ru/all.css
Accept-Language
nl-NL,nl;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Thu, 04 Jul 2024 00:28:06 GMT
strict-transport-security
max-age=31536000;
last-modified
Fri, 28 Jun 2019 06:22:28 GMT
server
nginx
etag
"5d15b224-7abb"
content-type
image/svg+xml
accept-ranges
bytes
content-length
31419
jizaRExUiTo99u79D0aExdGM.woff2
fonts.gstatic.com/s/ptsans/v9/ 		28 KB
28 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/ptsans/v9/jizaRExUiTo99u79D0aExdGM.woff2
Requested by
Host: citilink-promo.ru
URL: https://citilink-promo.ru/all.css
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82f::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
7a13279174940c2913595e88196ba9de5edcb06ee62a8b6b8a3fb43b49a597e9
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://citilink-promo.ru/
Origin
https://citilink-promo.ru
Accept-Language
nl-NL,nl;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Tue, 02 Jul 2024 15:01:02 GMT
x-content-type-options
nosniff
age
120424
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
28496
x-xss-protection
0
last-modified
Wed, 11 Oct 2017 18:28:10 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Wed, 02 Jul 2025 15:01:02 GMT
jizfRExUiTo99u79B_mh0O6tLQ.woff2
fonts.gstatic.com/s/ptsans/v9/ 		46 KB
46 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/ptsans/v9/jizfRExUiTo99u79B_mh0O6tLQ.woff2
Requested by
Host: citilink-promo.ru
URL: https://citilink-promo.ru/all.css
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82f::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
080d87ea98497809417441c5267bcc92f38883b7023d125e7766b1f4ca8658df
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://citilink-promo.ru/
Origin
https://citilink-promo.ru
Accept-Language
nl-NL,nl;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Thu, 27 Jun 2024 21:09:43 GMT
x-content-type-options
nosniff
age
530303
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
46620
x-xss-protection
0
last-modified
Wed, 11 Oct 2017 18:24:52 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Fri, 27 Jun 2025 21:09:43 GMT
mem5YaGs126MiZpBA-UN_r8OUuhp.woff2
fonts.gstatic.com/s/opensans/v15/ 		14 KB
14 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/opensans/v15/mem5YaGs126MiZpBA-UN_r8OUuhp.woff2
Requested by
Host: citilink-promo.ru
URL: https://citilink-promo.ru/all.css
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82f::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
5278c0f6063ca9ad85653b18a2ddf1aa57e3ab40b7973a69b09acf859db8264d
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://citilink-promo.ru/
Origin
https://citilink-promo.ru
Accept-Language
nl-NL,nl;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Tue, 02 Jul 2024 14:50:08 GMT
x-content-type-options
nosniff
age
121078
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
14564
x-xss-protection
0
last-modified
Wed, 11 Oct 2017 21:49:34 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Wed, 02 Jul 2025 14:50:08 GMT
mem5YaGs126MiZpBA-UN7rgOUuhp.woff2
fonts.gstatic.com/s/opensans/v15/ 		14 KB
14 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/opensans/v15/mem5YaGs126MiZpBA-UN7rgOUuhp.woff2
Requested by
Host: citilink-promo.ru
URL: https://citilink-promo.ru/all.css
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82f::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
482994b911cc3e869aa8ace6d9932d67b68de83ea2885207ce165ff04c38d7bc
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://citilink-promo.ru/
Origin
https://citilink-promo.ru
Accept-Language
nl-NL,nl;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Thu, 27 Jun 2024 19:56:01 GMT
x-content-type-options
nosniff
age
534725
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
14720
x-xss-protection
0
last-modified
Wed, 11 Oct 2017 21:49:43 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Fri, 27 Jun 2025 19:56:01 GMT
jizaRExUiTo99u79D0KExQ.woff2
fonts.gstatic.com/s/ptsans/v9/ 		44 KB
44 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/ptsans/v9/jizaRExUiTo99u79D0KExQ.woff2
Requested by
Host: citilink-promo.ru
URL: https://citilink-promo.ru/all.css
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82f::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
143c5c0124d14b936536af0c656e10aebbc2bb832563f00137f7e9c717195df1
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://citilink-promo.ru/
Origin
https://citilink-promo.ru
Accept-Language
nl-NL,nl;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Thu, 27 Jun 2024 21:13:02 GMT
x-content-type-options
nosniff
age
530104
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
45052
x-xss-protection
0
last-modified
Wed, 11 Oct 2017 18:24:45 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Fri, 27 Jun 2025 21:13:02 GMT
jizfRExUiTo99u79B_mh0OqtLQ0Z.woff2
fonts.gstatic.com/s/ptsans/v9/ 		29 KB
30 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/ptsans/v9/jizfRExUiTo99u79B_mh0OqtLQ0Z.woff2
Requested by
Host: citilink-promo.ru
URL: https://citilink-promo.ru/all.css
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82f::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
aaae2ea46474b0f58190b58cc3a1951b17441495abcbeb90ef0200508f295b3f
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://citilink-promo.ru/
Origin
https://citilink-promo.ru
Accept-Language
nl-NL,nl;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Tue, 02 Jul 2024 14:52:45 GMT
x-content-type-options
nosniff
age
120921
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
29920
x-xss-protection
0
last-modified
Wed, 11 Oct 2017 18:28:48 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Wed, 02 Jul 2025 14:52:45 GMT
mem5YaGs126MiZpBA-UN7rgOVuhpOqc.woff2
fonts.gstatic.com/s/opensans/v15/ 		9 KB
9 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/opensans/v15/mem5YaGs126MiZpBA-UN7rgOVuhpOqc.woff2
Requested by
Host: citilink-promo.ru
URL: https://citilink-promo.ru/all.css
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82f::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
29b209303bcb15d1c9e55c86e19607579b755a5b2cb9388e8d4614f5185769a7
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://citilink-promo.ru/
Origin
https://citilink-promo.ru
Accept-Language
nl-NL,nl;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Thu, 27 Jun 2024 18:06:03 GMT
x-content-type-options
nosniff
age
541323
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
9528
x-xss-protection
0
last-modified
Wed, 11 Oct 2017 21:49:48 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Fri, 27 Jun 2025 18:06:03 GMT
watch.js
mc.yandex.ru/metrika/ 		155 KB
56 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://mc.yandex.ru/metrika/watch.js
Requested by
Host: citilink-promo.ru
URL: https://citilink-promo.ru/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:6b8::1:119 Moscow, Russian Federation, ASN13238 (YANDEX, RU),
Reverse DNS
Software
/
Resource Hash
47d6d0295bad9f588dd2426f6b6285e83118e5bc151a61eab0eb0656661de576
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://citilink-promo.ru/
Accept-Language
nl-NL,nl;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Thu, 04 Jul 2024 00:28:07 GMT
content-encoding
br
strict-transport-security
max-age=31536000
last-modified
Wed, 03 Jul 2024 07:33:50 GMT
accept-ch
Sec-CH-UA-Bitness, Sec-CH-UA-Arch, Sec-CH-UA-Full-Version, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Platform, Sec-CH-UA, UA-Bitness, UA-Arch, UA-Full-Version, UA-Mobile, UA-Model, UA-Platform-Version, UA-Platform, UA
etag
"6684fede-db24"
content-type
application/javascript
access-control-allow-origin
*
cache-control
max-age=3600
timing-allow-origin
*
content-length
56100
expires
Thu, 04 Jul 2024 01:28:07 GMT
truncated
/ 		4 KB
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
8545f789d157443e285020e59d3ede5a7725a9ab6d03ebaa996ef57914d1685c

Request headers

Accept-Language
nl-NL,nl;q=0.9;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

Content-Type
image/png
sync_cookie_image_finish
mc.yandex.ru/
Redirect Chain
  • https://mc.yandex.com/sync_cookie_image_check
  • https://mc.yandex.ru/sync_cookie_image_start?redirect_domain=mc.yandex.com&token=10419.TR6L70Q9PYSXywtFcxcQgRN_bJh8oQ9WX1Z6Dta6UMjPzCZ2E3_uJdD8ekw0lJYn.hRw2ByprBZPBuNqfX5iMy7yC1WY%2C
  • https://mc.yandex.com/sync_cookie_image_decide?token=10419.dzyVXmIaKFWKCcihktyufVga90OrBLD8NHmDh438j-tFuDJ2rLxmNb19A2IbvQfEWARH-AuJvOvt6shBQdwdwL7i4HtYle1GxqDiNOTWrqQTQxKsCHrDK-yb2k4EzDUAk7BwAsmzSh...
  • https://mc.yandex.ru/sync_cookie_image_finish?redirect_domain=mc.yandex.com&token=10419.RFVF4z5JZ0ow34ZrQcekqnxfYTqujS3kDKXQVZfweXzDhuQ2T8KE7boDCBEw4ZsVeU--43k0bt2k78GeOFiNRlJ5Fki0aOUGqzKozfRQgTvhF...
43 B
611 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://mc.yandex.ru/sync_cookie_image_finish?redirect_domain=mc.yandex.com&token=10419.RFVF4z5JZ0ow34ZrQcekqnxfYTqujS3kDKXQVZfweXzDhuQ2T8KE7boDCBEw4ZsVeU--43k0bt2k78GeOFiNRlJ5Fki0aOUGqzKozfRQgTvhFziyr0oNUZhh-PRxSoJnvOgWlt8Gph6OIOLUROntGhK733fpr3JAGH3Hk2NO2ZY7KFwN-IYm9tZLcKvuxmgM080r6oq-Ad2TZz65lJyXYw%2C%2C.BNpey86fMLFNQ7nRTJUrYJNoYnA%2C
Requested by
Host: citilink-promo.ru
URL: https://citilink-promo.ru/
Protocol
H2
Server
2a02:6b8::1:119 Moscow, Russian Federation, ASN13238 (YANDEX, RU),
Reverse DNS
Software
/
Resource Hash
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Xss-Protection 1; mode=block

Request headers

Accept-Language
nl-NL,nl;q=0.9;q=0.9
Referer
https://citilink-promo.ru/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date
Thu, 04 Jul 2024 00:28:07 GMT
strict-transport-security
max-age=31536000
content-length
43
x-xss-protection
1; mode=block
content-type
image/gif

Redirect headers

location
https://mc.yandex.ru/sync_cookie_image_finish?redirect_domain=mc.yandex.com&token=10419.RFVF4z5JZ0ow34ZrQcekqnxfYTqujS3kDKXQVZfweXzDhuQ2T8KE7boDCBEw4ZsVeU--43k0bt2k78GeOFiNRlJ5Fki0aOUGqzKozfRQgTvhFziyr0oNUZhh-PRxSoJnvOgWlt8Gph6OIOLUROntGhK733fpr3JAGH3Hk2NO2ZY7KFwN-IYm9tZLcKvuxmgM080r6oq-Ad2TZz65lJyXYw%2C%2C.BNpey86fMLFNQ7nRTJUrYJNoYnA%2C
date
Thu, 04 Jul 2024 00:28:07 GMT
strict-transport-security
max-age=31536000
x-xss-protection
1; mode=block
advert.gif
mc.yandex.com/metrika/ 		43 B
572 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://mc.yandex.com/metrika/advert.gif
Requested by
Host: citilink-promo.ru
URL: https://citilink-promo.ru/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:6b8::1:119 Moscow, Russian Federation, ASN13238 (YANDEX, RU),
Reverse DNS
Software
/
Resource Hash
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://citilink-promo.ru/
Accept-Language
nl-NL,nl;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Thu, 04 Jul 2024 00:28:07 GMT
strict-transport-security
max-age=31536000
last-modified
Wed, 03 Jul 2024 07:33:50 GMT
accept-ch
Sec-CH-UA-Bitness, Sec-CH-UA-Arch, Sec-CH-UA-Full-Version, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Platform, Sec-CH-UA, UA-Bitness, UA-Arch, UA-Full-Version, UA-Mobile, UA-Model, UA-Platform-Version, UA-Platform, UA
etag
"6684fede-2b"
content-type
image/gif
access-control-allow-origin
*
cache-control
max-age=3600
accept-ranges
bytes
timing-allow-origin
*
content-length
43
expires
Thu, 04 Jul 2024 01:28:07 GMT
metrika_match.html
mc.yandex.com/metrika/ Frame E7CC 		0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://mc.yandex.com/metrika/metrika_match.html
Requested by
Host: mc.yandex.ru
URL: https://mc.yandex.ru/metrika/watch.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:6b8::1:119 Moscow, Russian Federation, ASN13238 (YANDEX, RU),
Reverse DNS
Software
/
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

Accept-Language
nl-NL,nl;q=0.9;q=0.9
Referer
https://citilink-promo.ru/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
sec-ch-ua-mobile
?0
sec-ch-ua-platform
"Win32"

Response headers

accept-ch
Sec-CH-UA-Bitness, Sec-CH-UA-Arch, Sec-CH-UA-Full-Version, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Platform, Sec-CH-UA, UA-Bitness, UA-Arch, UA-Full-Version, UA-Mobile, UA-Model, UA-Platform-Version, UA-Platform, UA
access-control-allow-origin
*
cache-control
max-age=3600
content-encoding
br
content-length
1048
content-type
text/html
date
Thu, 04 Jul 2024 00:28:07 GMT
etag
"6684fede-418"
expires
Thu, 04 Jul 2024 01:28:07 GMT
last-modified
Wed, 03 Jul 2024 07:33:50 GMT
strict-transport-security
max-age=31536000
timing-allow-origin
*
1
mc.yandex.com/watch/54927487/
Redirect Chain
  • https://mc.yandex.com/watch/54927487?wmode=7&page-url=https%3A%2F%2Fcitilink-promo.ru%2F&charset=utf-8&uah=chu%0A%22Google%20Chrome%22%3Bv%3D%22126%22%2C%22Not%3AA-Brand%22%3Bv%3D%228%22%2C%22Chrom...
  • https://mc.yandex.com/watch/54927487/1?wmode=7&page-url=https%3A%2F%2Fcitilink-promo.ru%2F&charset=utf-8&uah=chu%0A%22Google%20Chrome%22%3Bv%3D%22126%22%2C%22Not%3AA-Brand%22%3Bv%3D%228%22%2C%22Chr...
466 B
585 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://mc.yandex.com/watch/54927487/1?wmode=7&page-url=https%3A%2F%2Fcitilink-promo.ru%2F&charset=utf-8&uah=chu%0A%22Google%20Chrome%22%3Bv%3D%22126%22%2C%22Not%3AA-Brand%22%3Bv%3D%228%22%2C%22Chromium%22%3Bv%3D%22126%22%0Acha%0Ax86%0Achb%0A64%0Achf%0A126.0.6478.126%0Achl%0A%22Not%2FA%29Brand%22%3Bv%3D%228.0.0.0%22%2C%22Chromium%22%3Bv%3D%22126.0.6478.126%22%2C%22Google%20Chrome%22%3Bv%3D%22126.0.6478.126%22%0Achm%0A%3F0%0Achp%0AWin32%0Achv%0A10.0.0&browser-info=pv%3A1%3Avf%3A5hho8n2ksdla87onumn1dltjmj%3Afu%3A0%3Aen%3Autf-8%3Ala%3Anl-NL%3Av%3A1382%3Acn%3A1%3Adp%3A0%3Als%3A242723795149%3Ahid%3A444325389%3Az%3A120%3Ai%3A20240704022807%3Aet%3A1720052887%3Ac%3A1%3Arn%3A534543769%3Arqn%3A1%3Au%3A1720052887326982569%3Aw%3A1600x1200%3As%3A1600x1200x24%3Ask%3A1%3Afp%3A358%3Ads%3A0%2C0%2C50%2C1%2C139%2C0%2C%2C112%2C0%2C%2C%2C%2C376%3Aco%3A0%3Acpf%3A1%3Ans%3A1720052886577%3Aadb%3A2%3Arqnl%3A1%3Ast%3A1720052888%3At%3A%D0%A1%D0%B8%D1%82%D0%B8%D0%BB%D0%B8%D0%BD%D0%BA%20%E2%80%94%20%D0%B4%D0%B8%D1%81%D0%BA%D0%B0%D1%83%D0%BD%D1%82%D0%B5%D1%80%20%D0%BA%D0%BE%D0%BC%D0%BF%D1%8C%D1%8E%D1%82%D0%B5%D1%80%D0%BD%D0%BE%D0%B9%20%D1%82%D0%B5%D1%85%D0%BD%D0%B8%D0%BA%D0%B8&t=gdpr%2814%29clc%280-0-0%29rqnt%281%29aw%281%29rcm%281%29cdl%28na%29eco%283178752%29ti%281%29
Protocol
H2
Server
2a02:6b8::1:119 Moscow, Russian Federation, ASN13238 (YANDEX, RU),
Reverse DNS
Software
/
Resource Hash
8f9ddc6277af02c47c4a07d177bdab5e4ca57031fc1f43e820508129f00e6656
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Accept-Language
nl-NL,nl;q=0.9;q=0.9
Referer
https://citilink-promo.ru/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 04 Jul 2024 00:28:07 GMT
strict-transport-security
max-age=31536000
x-content-type-options
nosniff
last-modified
Thu, 04-Jul-2024 00:28:07 GMT
accept-ch
Sec-CH-UA-Bitness, Sec-CH-UA-Arch, Sec-CH-UA-Full-Version, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Platform, Sec-CH-UA, UA-Bitness, UA-Arch, UA-Full-Version, UA-Mobile, UA-Model, UA-Platform-Version, UA-Platform, UA
content-type
application/json; charset=utf-8
access-control-allow-origin
https://citilink-promo.ru
cache-control
private, no-cache, no-store, must-revalidate, max-age=0
access-control-allow-credentials
true
content-length
466
x-xss-protection
1; mode=block
expires
Thu, 04-Jul-2024 00:28:07 GMT

Redirect headers

pragma
no-cache
date
Thu, 04 Jul 2024 00:28:07 GMT
strict-transport-security
max-age=31536000
last-modified
Thu, 04-Jul-2024 00:28:07 GMT
accept-ch
Sec-CH-UA-Bitness, Sec-CH-UA-Arch, Sec-CH-UA-Full-Version, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Platform, Sec-CH-UA, UA-Bitness, UA-Arch, UA-Full-Version, UA-Mobile, UA-Model, UA-Platform-Version, UA-Platform, UA
location
/watch/54927487/1?wmode=7&page-url=https%3A%2F%2Fcitilink-promo.ru%2F&charset=utf-8&uah=chu%0A%22Google%20Chrome%22%3Bv%3D%22126%22%2C%22Not%3AA-Brand%22%3Bv%3D%228%22%2C%22Chromium%22%3Bv%3D%22126%22%0Acha%0Ax86%0Achb%0A64%0Achf%0A126.0.6478.126%0Achl%0A%22Not%2FA%29Brand%22%3Bv%3D%228.0.0.0%22%2C%22Chromium%22%3Bv%3D%22126.0.6478.126%22%2C%22Google%20Chrome%22%3Bv%3D%22126.0.6478.126%22%0Achm%0A%3F0%0Achp%0AWin32%0Achv%0A10.0.0&browser-info=pv%3A1%3Avf%3A5hho8n2ksdla87onumn1dltjmj%3Afu%3A0%3Aen%3Autf-8%3Ala%3Anl-NL%3Av%3A1382%3Acn%3A1%3Adp%3A0%3Als%3A242723795149%3Ahid%3A444325389%3Az%3A120%3Ai%3A20240704022807%3Aet%3A1720052887%3Ac%3A1%3Arn%3A534543769%3Arqn%3A1%3Au%3A1720052887326982569%3Aw%3A1600x1200%3As%3A1600x1200x24%3Ask%3A1%3Afp%3A358%3Ads%3A0%2C0%2C50%2C1%2C139%2C0%2C%2C112%2C0%2C%2C%2C%2C376%3Aco%3A0%3Acpf%3A1%3Ans%3A1720052886577%3Aadb%3A2%3Arqnl%3A1%3Ast%3A1720052888%3At%3A%D0%A1%D0%B8%D1%82%D0%B8%D0%BB%D0%B8%D0%BD%D0%BA%20%E2%80%94%20%D0%B4%D0%B8%D1%81%D0%BA%D0%B0%D1%83%D0%BD%D1%82%D0%B5%D1%80%20%D0%BA%D0%BE%D0%BC%D0%BF%D1%8C%D1%8E%D1%82%D0%B5%D1%80%D0%BD%D0%BE%D0%B9%20%D1%82%D0%B5%D1%85%D0%BD%D0%B8%D0%BA%D0%B8&t=gdpr%2814%29clc%280-0-0%29rqnt%281%29aw%281%29rcm%281%29cdl%28na%29eco%283178752%29ti%281%29
access-control-allow-origin
https://citilink-promo.ru
cache-control
private, no-cache, no-store, must-revalidate, max-age=0
access-control-allow-credentials
true
x-xss-protection
1; mode=block
expires
Thu, 04-Jul-2024 00:28:07 GMT
favicon-32x32.png
citilink-promo.ru/templates/m70/images/favicon/ 		2 KB
2 KB 		Other
General
Check archive.org
Download Go to
Full URL
https://citilink-promo.ru/templates/m70/images/favicon/favicon-32x32.png
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, CHACHA20_POLY1305
Server
5.61.49.61 Meppel, Netherlands, ASN58061 (SCALAXY-AS, LV),
Reverse DNS
free.ispiria.net
Software
nginx /
Resource Hash
18b263f626a9febb22123719fccfd25749dce9debcfaee3597b366f010ed2cc5
Security Headers
Name Value
Strict-Transport-Security max-age=31536000;

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://citilink-promo.ru/
Accept-Language
nl-NL,nl;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Thu, 04 Jul 2024 00:28:07 GMT
strict-transport-security
max-age=31536000;
last-modified
Mon, 12 Aug 2019 09:18:24 GMT
server
nginx
etag
"5d512ee0-626"
content-type
image/png
accept-ranges
bytes
content-length
1574

Verdicts & Comments Add Verdict or Comment

10 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

undefined| event object| fence object| sharedStorage function| $ function| jQuery object| Util function| Collapse object| Sk object| Ya object| yaCounter54927487

24 Cookies

Domain/Path Name / Value
citilink-promo.ru/ Name: ipwhoisdata
Value: a%3A3%3A%7Bs%3A4%3A%22city%22%3Bs%3A39%3A%22%D0%9A%D0%B0%D0%BF%D0%B5%D0%BB%D0%BB%D0%B5-%D0%B0%D0%BD-%D0%B4%D0%B5%D0%BD-%D0%AD%D0%B9%D1%81%D1%81%D0%B5%D0%BB%22%3Bs%3A6%3A%22region%22%3Ba%3A4%3A%7Bs%3A2%3A%22id%22%3Bi%3A2743698%3Bs%3A7%3A%22name_ru%22%3Bs%3A29%3A%22%D0%AE%D0%B6%D0%BD%D0%B0%D1%8F+%D0%93%D0%BE%D0%BB%D0%BB%D0%B0%D0%BD%D0%B4%D0%B8%D1%8F%22%3Bs%3A7%3A%22name_en%22%3Bs%3A22%3A%22Provincie+Zuid-Holland%22%3Bs%3A3%3A%22iso%22%3Bs%3A5%3A%22NL-ZH%22%3B%7Ds%3A7%3A%22country%22%3Ba%3A6%3A%7Bs%3A2%3A%22id%22%3Bi%3A161%3Bs%3A3%3A%22iso%22%3Bs%3A2%3A%22NL%22%3Bs%3A3%3A%22lat%22%3Bd%3A52.25%3Bs%3A3%3A%22lon%22%3Bd%3A5.75%3Bs%3A7%3A%22name_ru%22%3Bs%3A20%3A%22%D0%9D%D0%B8%D0%B4%D0%B5%D1%80%D0%BB%D0%B0%D0%BD%D0%B4%D1%8B%22%3Bs%3A7%3A%22name_en%22%3Bs%3A11%3A%22Netherlands%22%3B%7D%7D
.askmebefore.biz/ Name: uuid
Value: e0777ec8-8081-41aa-9555-620bbcf3dd86
.yandex.ru/ Name: yashr
Value: 2310113011720052887
mc.yandex.ru/ Name: bh
Value: EkAiR29vZ2xlIENocm9tZSI7dj0iMTI2IiwgIk5vdDpBLUJyYW5kIjt2PSI4IiwgIkNocm9taXVtIjt2PSIxMjYiKgI/MDoHIldpbjMyIg==
.citilink-promo.ru/ Name: _ym_uid
Value: 1720052887326982569
.citilink-promo.ru/ Name: _ym_d
Value: 1720052887
.mc.yandex.com/ Name: sync_cookie_csrf
Value: 171906973fake
mc.yandex.com/ Name: bh
Value: EkAiR29vZ2xlIENocm9tZSI7dj0iMTI2IiwgIk5vdDpBLUJyYW5kIjt2PSI4IiwgIkNocm9taXVtIjt2PSIxMjYiKgI/MDoHIldpbjMyIg==
.citilink-promo.ru/ Name: _ym_isad
Value: 2
.mc.yandex.ru/ Name: sync_cookie_csrf
Value: 4129686911fake
.mc.yandex.com/ Name: sync_cookie_ok
Value: synced
.yandex.ru/ Name: yandexuid
Value: 4111333821720052887
.yandex.ru/ Name: yuidss
Value: 4111333821720052887
.yandex.ru/ Name: i
Value: Ey8kUTn4FmTeQYGBkc27TNWE2KccRk5N2GYyczr8kolXhSsROSVW+I0kz9hJT7+WRG9x2hzYT2vqk+RsYVIcc0O0uEc=
.yandex.ru/ Name: yp
Value: 1720139287.yu.2045726391720052887
.yandex.ru/ Name: ymex
Value: 1722644887.oyu.2045726391720052887
.yandex.com/ Name: i
Value: tuq5BidUDokDMeyGyC16RA3GMIGkfgyGPBSTaGcyifBHDDxoK/enOs7jRLorL3ycCIwBYgA7dnsrw6D2T1hvequ4V+Y=
.yandex.com/ Name: yashr
Value: 5319699851720052887
mc.yandex.com/ Name: yabs-sid
Value: 2424794531720052887
.yandex.com/ Name: yandexuid
Value: 4111333821720052887
.yandex.com/ Name: yuidss
Value: 4111333821720052887
.yandex.com/ Name: ymex
Value: 1751588887.yrts.1720052887
.yandex.com/ Name: receive-cookie-deprecation
Value: 1
.yandex.com/ Name: bh
Value: Ej4iR29vZ2xlIENocm9tZSI7dj0iMTI2IiwiTm90OkEtQnJhbmQiO3Y9IjgiLCJDaHJvbWl1bSI7dj0iMTI2IhoFIng4NiIiECIxMjYuMC42NDc4LjEyNiIqAj8wOgciV2luMzIiQggiMTAuMC4wIkoEIjY0IlJbIk5vdC9BKUJyYW5kIjt2PSI4LjAuMC4wIiwiQ2hyb21pdW0iO3Y9IjEyNi4wLjY0NzguMTI2IiwiR29vZ2xlIENocm9tZSI7dj0iMTI2LjAuNjQ3OC4xMjYiIg==

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header Value
Strict-Transport-Security max-age=31536000;

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

askmebefore.biz
citilink-promo.ru
code.jquery.com
fonts.gstatic.com
l-cdn.ru
mc.yandex.com
mc.yandex.ru
www.citilink-promo.ru
185.177.92.153
2a00:1450:4001:82f::2003
2a02:6b8::1:119
2a04:4e42:400::649
37.1.206.13
5.61.49.61
080d87ea98497809417441c5267bcc92f38883b7023d125e7766b1f4ca8658df
0925e8ad7bd971391a8b1e98be8e87a6971919eb5b60c196485941c3c1df089a
108de94987e7778a767209a7b2bbec1efcc406544feb23f49d3f85d97499219f
143c5c0124d14b936536af0c656e10aebbc2bb832563f00137f7e9c717195df1
18b263f626a9febb22123719fccfd25749dce9debcfaee3597b366f010ed2cc5
29b209303bcb15d1c9e55c86e19607579b755a5b2cb9388e8d4614f5185769a7
47d6d0295bad9f588dd2426f6b6285e83118e5bc151a61eab0eb0656661de576
482994b911cc3e869aa8ace6d9932d67b68de83ea2885207ce165ff04c38d7bc
4980d83d54014a294301e2369fd2914f2403e206936221b8f6ef52656bc2d6ec
5278c0f6063ca9ad85653b18a2ddf1aa57e3ab40b7973a69b09acf859db8264d
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87
6080d024412794cd0464ba8bca046adaf3650f292b3060d12063b0a3a02999fa
657fe99bd98126e4b5f8ed234219fcb8c1a238d35b596ed965f0d0e22cc260b7
695b4445ba845063f646014f3bfe2796c857f7182f719469ec02eaef96ca6b8a
7a13279174940c2913595e88196ba9de5edcb06ee62a8b6b8a3fb43b49a597e9
8545f789d157443e285020e59d3ede5a7725a9ab6d03ebaa996ef57914d1685c
88448ecda4f64d424c3ef2a5a0fb68e0fd22ee0740e94cfac014c567c19b0877
8f9ddc6277af02c47c4a07d177bdab5e4ca57031fc1f43e820508129f00e6656
aaae2ea46474b0f58190b58cc3a1951b17441495abcbeb90ef0200508f295b3f
b6de89beff98f1a23f7c92bd262e259fc11dc3317290f0c476a26a1dbf3f768f
c59ab4fb54a0842bc82ad3627773afc1e5e6407416fc7c2baf3bad52642942b5
fceee08b5818340850ae21fd736651cfe60bf488863995f6b1a9e37ed6b44ce8