urlscan.io logo urlscan.io
SecurityTrails logo

plazmacourse.ru Open in urlscan Pro
85.119.149.92  Public Scan

Go To Rescan Add Verdict Report
Submitted URL: http://hdnews.ru/
Effective URL: https://plazmacourse.ru/koval_web1?gcpc=9a1df&utm_source=adx&utm_medium=offer.577.cpa&utm_campaign=web.56606&sub1=sub1.&...
Submission: On January 19 via manual from RU — Scanned from DE
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 14 IPs in 4 countries across 15 domains to perform 37 HTTP transactions. The main IP is 85.119.149.92, located in Russian Federation and belongs to SELECTEL, RU. The main domain is plazmacourse.ru.
TLS certificate: Issued by R3 on December 8th 2021. Valid for: 3 months.
This is the only time plazmacourse.ru was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

1    194.113.235.61 (Russian Federation)

ASN212461 (NEMTCOV, RU)
PTR: hdnews.ru
hdnews.ru
1    213.227.156.1 (Netherlands)

ASN60781 (LEASEWEB-NL-AMS-01 Netherlands, NL)
track.trackurl.ru
11    85.119.149.92 (Russian Federation)

ASN49505 (SELECTEL, RU)
plazmacourse.ru
2    2a00:1450:4001:829::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
fonts.googleapis.com
1    135.181.143.178 (Helsinki, Finland)

ASN24940 (HETZNER-AS, DE)
PTR: fs04.hel1.he.getcourse.net
fs.getcourse.ru
1    95.217.140.73 (Helsinki, Finland)

ASN24940 (HETZNER-AS, DE)
PTR: off-1.getcourse.net
bfs01.getcourse.ru
6    2a00:1450:4001:830::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
fonts.gstatic.com
2    2a00:1450:4001:82a::2008 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.googletagmanager.com
3    2a00:1450:4001:80e::200e (None, )

ASN- ()
www.google-analytics.com
7    2a02:6b8::1:119 (None, )

ASN- ()
mc.yandex.ru
mc.yandex.com
2    2a03:2880:f02d:12:face:b00c:0:3 (Frankfurt am Main, Germany)

ASN32934 (FACEBOOK, US)
connect.facebook.net
1    185.137.235.113 (None, )

ASN- ()
fs-thb01.getcourse.ru
1    2a03:2880:f11c:8083:face:b00c:0:25de (None, )

ASN- ()
www.facebook.com
1    2a00:1450:400c:c04::9d (None, )

ASN- ()
stats.g.doubleclick.net
1    2a00:1450:4001:829::2004 (None, )

ASN- ()
www.google.com
1    2a00:1450:4001:828::2003 (None, )

ASN- ()
www.google.de
Apex Domain
Subdomains		 Transfer
11 plazmacourse.ru
plazmacourse.ru
146 KB
6 gstatic.com
fonts.gstatic.com
118 KB
5 yandex.com
mc.yandex.com
2 KB
3 google-analytics.com
www.google-analytics.com
20 KB
3 getcourse.ru
fs.getcourse.ru — Cisco Umbrella Rank: 451838
bfs01.getcourse.ru — Cisco Umbrella Rank: 318232
fs-thb01.getcourse.ru
190 KB
2 facebook.net
connect.facebook.net — Cisco Umbrella Rank: 146
113 KB
2 yandex.ru
mc.yandex.ru
67 KB
2 googletagmanager.com
www.googletagmanager.com — Cisco Umbrella Rank: 78
113 KB
2 googleapis.com
fonts.googleapis.com — Cisco Umbrella Rank: 47
2 KB
1 google.de
www.google.de
501 B
1 google.com
www.google.com
501 B
1 doubleclick.net
stats.g.doubleclick.net
442 B
1 facebook.com
www.facebook.com
295 B
1 trackurl.ru
track.trackurl.ru
535 B
1 hdnews.ru
hdnews.ru
670 B
37 15
Domain Requested by
11 plazmacourse.ru plazmacourse.ru
6 fonts.gstatic.com fonts.googleapis.com
5 mc.yandex.com 2 redirects
3 www.google-analytics.com www.googletagmanager.com
2 connect.facebook.net hdnews.ru
connect.facebook.net
2 mc.yandex.ru 1 redirects hdnews.ru
2 www.googletagmanager.com plazmacourse.ru
www.googletagmanager.com
2 fonts.googleapis.com plazmacourse.ru
1 www.google.de
1 www.google.com
1 stats.g.doubleclick.net www.google-analytics.com
1 www.facebook.com
1 fs-thb01.getcourse.ru
1 bfs01.getcourse.ru plazmacourse.ru
1 fs.getcourse.ru 1 redirects
1 track.trackurl.ru 1 redirects
1 hdnews.ru
37 17

This site contains no links.

Subject Issuer Validity Valid
plazmacourse.ru
R3		 2021-12-08 -
2022-03-08		 3 months crt.sh
upload.video.google.com
GTS CA 1C3		 2021-12-08 -
2022-03-02		 3 months crt.sh
*.gstatic.com
GTS CA 1C3		 2021-12-27 -
2022-03-21		 3 months crt.sh
*.google-analytics.com
GTS CA 1C3		 2021-12-08 -
2022-03-02		 3 months crt.sh
mc.yandex.ru
Yandex CA		 2021-12-22 -
2022-06-03		 5 months crt.sh
*.facebook.com
DigiCert SHA2 High Assurance Server CA		 2021-10-29 -
2022-01-27		 3 months crt.sh
*.getcourse.ru
GlobalSign GCC R3 DV TLS CA 2020		 2021-09-18 -
2022-10-20		 a year crt.sh
*.g.doubleclick.net
GTS CA 1C3		 2021-12-27 -
2022-03-21		 3 months crt.sh
www.google.com
GTS CA 1C3		 2021-12-08 -
2022-03-02		 3 months crt.sh
www.google.de
GTS CA 1C3		 2021-12-08 -
2022-03-02		 3 months crt.sh

This page contains 1 frames:

Primary Page: https://plazmacourse.ru/koval_web1?gcpc=9a1df&utm_source=adx&utm_medium=offer.577.cpa&utm_campaign=web.56606&sub1=sub1.&sub2=sub2.&clickid=61e87d4deacd760001199524
Frame ID: 9A926BBEB8A3EB28945A50FE5EDEE1DF
Requests: 37 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page Title

Запись вебинара

Page URL History Show full URLs

  1. http://hdnews.ru/ Page URL
  2. http://track.trackurl.ru/click?pid=56606&offer_id=577 HTTP 302
    https://plazmacourse.ru/koval_web1?gcpc=9a1df&utm_source=adx&utm_medium=offer.577.cpa&utm_campaign=w... Page URL

Detected technologies

Overall confidence: 100%
Detected patterns
  • //connect\.facebook\.([a-z]+)/[^/]*/[a-z]*\.js
Overall confidence: 100%
Detected patterns
  • <link[^>]* href=[^>]+(?:([\d.]+)/)?(?:css/)?font-awesome(?:\.min)?\.css
  • <link[^>]* href=[^>]*?(?:F|f)o(?:n|r)t-?(?:A|a)wesome(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)
  • (?:F|f)o(?:n|r)t-?(?:A|a)wesome(?:.*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)
Overall confidence: 100%
Detected patterns
  • google-analytics\.com/(?:ga|urchin|analytics)\.js
Overall confidence: 100%
Detected patterns
  • <link[^>]* href=[^>]+fonts\.(?:googleapis|google)\.com
Overall confidence: 100%
Detected patterns
  • googletagmanager\.com/gtm\.js
  • googletagmanager\.com/gtag/js
Overall confidence: 100%
Detected patterns
  • mc\.yandex\.ru/metrika/(?:tag|watch)\.js
Overall confidence: 100%
Detected patterns
  • jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?

Page Statistics

37
Requests

89 %
HTTPS

63 %
IPv6

15
Domains

17
Subdomains

14
IPs

4
Countries

772 kB
Transfer

1873 kB
Size

6
Cookies

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

  1. http://hdnews.ru/ Page URL
  2. http://track.trackurl.ru/click?pid=56606&offer_id=577 HTTP 302
    https://plazmacourse.ru/koval_web1?gcpc=9a1df&utm_source=adx&utm_medium=offer.577.cpa&utm_campaign=web.56606&sub1=sub1.&sub2=sub2.&clickid=61e87d4deacd760001199524 Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 9
  • https://fs.getcourse.ru/fileservice/file/download/a/111323/sc/69/h/e0951b2bddd9397d9f87948633d00642.js HTTP 302
  • https://bfs01.getcourse.ru/public/files/111323/69/e0951b2bddd9397d9f87948633d00642.js?e=1642633199&s=UZ-IcDHGY2a-VcxHPF02BA
Request Chain 33
  • https://mc.yandex.com/sync_cookie_image_check HTTP 302
  • https://mc.yandex.ru/sync_cookie_image_start?redirect_domain=mc.yandex.com&token=9523.i8ndPUdpiUW-tUI3gPkiu8LeINoNfpcKHEFjjIlQ13_9mtSLhWJniFEm_Zm_IlC0.e5P2XpCJ9GLagyL5UC_AYot11UA%2C HTTP 302
  • https://mc.yandex.com/sync_cookie_image_decide?token=9523.va4yFZODvEdTEEzpvSUVODTOKDHAp-gJstuuiwcVqU1YYgRfUczoio6kEZSwsX1IwhlKH6IVi4iO0IPz8XkCGw%2C%2C.FpqIxX19aVjmI3jcE7j62D0mOgw%2C
Request Chain 35
  • https://mc.yandex.com/watch/39316070?wmode=7&page-url=https%3A%2F%2Fplazmacourse.ru%2Fkoval_web1%3Fgcpc%3D9a1df%26utm_source%3Dadx%26utm_medium%3Doffer.577.cpa%26utm_campaign%3Dweb.56606%26sub1%3Dsub1.%26sub2%3Dsub2.%26clickid%3D61e87d4deacd760001199524&page-ref=http%3A%2F%2Fhdnews.ru%2F&charset=utf-8&browser-info=pv%3A1%3Agdpr%3A14%3Avf%3A3u9fu6axod7fmovyqrj%3Afp%3A2536%3Afu%3A0%3Aen%3Autf-8%3Ala%3Aen-US%3Av%3A730%3Acn%3A1%3Adp%3A0%3Als%3A1423619118384%3Ahid%3A833122274%3Az%3A0%3Ai%3A20220119210624%3Aet%3A1642626385%3Ac%3A1%3Arn%3A18677904%3Arqn%3A1%3Au%3A1642626385668805807%3Aw%3A1600x1200%3As%3A1600x1200x24%3Ask%3A1%3Acpf%3A1%3Ans%3A1642626381499%3Ads%3A142%2C103%2C208%2C1%2C977%2C0%2C%2C1237%2C7%2C2921%2C2921%2C0%2C2669%3Awv%3A2%3Aco%3A0%3Aadb%3A2%3Arqnl%3A1%3Ast%3A1642626385%3At%3A%D0%97%D0%B0%D0%BF%D0%B8%D1%81%D1%8C%20%D0%B2%D0%B5%D0%B1%D0%B8%D0%BD%D0%B0%D1%80%D0%B0&t=gdpr(14)aw(1)ti(2) HTTP 302
  • https://mc.yandex.com/watch/39316070/1?wmode=7&page-url=https%3A%2F%2Fplazmacourse.ru%2Fkoval_web1%3Fgcpc%3D9a1df%26utm_source%3Dadx%26utm_medium%3Doffer.577.cpa%26utm_campaign%3Dweb.56606%26sub1%3Dsub1.%26sub2%3Dsub2.%26clickid%3D61e87d4deacd760001199524&page-ref=http%3A%2F%2Fhdnews.ru%2F&charset=utf-8&browser-info=pv%3A1%3Agdpr%3A14%3Avf%3A3u9fu6axod7fmovyqrj%3Afp%3A2536%3Afu%3A0%3Aen%3Autf-8%3Ala%3Aen-US%3Av%3A730%3Acn%3A1%3Adp%3A0%3Als%3A1423619118384%3Ahid%3A833122274%3Az%3A0%3Ai%3A20220119210624%3Aet%3A1642626385%3Ac%3A1%3Arn%3A18677904%3Arqn%3A1%3Au%3A1642626385668805807%3Aw%3A1600x1200%3As%3A1600x1200x24%3Ask%3A1%3Acpf%3A1%3Ans%3A1642626381499%3Ads%3A142%2C103%2C208%2C1%2C977%2C0%2C%2C1237%2C7%2C2921%2C2921%2C0%2C2669%3Awv%3A2%3Aco%3A0%3Aadb%3A2%3Arqnl%3A1%3Ast%3A1642626385%3At%3A%D0%97%D0%B0%D0%BF%D0%B8%D1%81%D1%8C%20%D0%B2%D0%B5%D0%B1%D0%B8%D0%BD%D0%B0%D1%80%D0%B0&t=gdpr%2814%29aw%281%29ti%282%29

37 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
/
hdnews.ru/ 		370 B
670 B 		Document
General
Check archive.org
Download Go to
Full URL
http://hdnews.ru/
Protocol
HTTP/1.1
Server
194.113.235.61 , Russian Federation, ASN212461 (NEMTCOV, RU),
Reverse DNS
hdnews.ru
Software
Apache/2.4.37 (centos) /
Resource Hash
66509ccdad4d3e88f571da5330ddc4f1b3426c226e955ed1acfad354884a1eec

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Accept-Language
de-DE,de;q=0.9

Response headers

Date
Wed, 19 Jan 2022 21:06:20 GMT
Server
Apache/2.4.37 (centos)
Last-Modified
Wed, 19 Jan 2022 12:01:22 GMT
ETag
"172-5d5ee24ed0880"
Accept-Ranges
bytes
Content-Length
370
Keep-Alive
timeout=5, max=100
Connection
Keep-Alive
Content-Type
text/html; charset=UTF-8
Primary Request koval_web1
plazmacourse.ru/
Redirect Chain
  • http://track.trackurl.ru/click?pid=56606&offer_id=577
  • https://plazmacourse.ru/koval_web1?gcpc=9a1df&utm_source=adx&utm_medium=offer.577.cpa&utm_campaign=web.56606&sub1=sub1.&sub2=sub2.&clickid=61e87d4deacd760001199524
38 KB
10 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://plazmacourse.ru/koval_web1?gcpc=9a1df&utm_source=adx&utm_medium=offer.577.cpa&utm_campaign=web.56606&sub1=sub1.&sub2=sub2.&clickid=61e87d4deacd760001199524
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
85.119.149.92 , Russian Federation, ASN49505 (SELECTEL, RU),
Reverse DNS
Software
nginx/1.16.1 /
Resource Hash
6b50b286c8483ab5396bab3bcbdd9184daee5cc803f1323d97a07b10d4aebd62
Security Headers
Name Value
X-Frame-Options DENY
X-Xss-Protection 1

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
http://hdnews.ru/

Response headers

server
nginx/1.16.1
date
Wed, 19 Jan 2022 21:06:22 GMT
content-type
text/html; charset=UTF-8
x-frame-options
DENY
expires
Thu, 19 Nov 1981 08:52:00 GMT
cache-control
no-store, no-cache, must-revalidate
pragma
no-cache
server-version
22
x-xss-protection
1
content-encoding
gzip

Redirect headers

Server
nginx
Date
Wed, 19 Jan 2022 21:06:21 GMT
Content-Length
0
Connection
keep-alive
Location
https://plazmacourse.ru/koval_web1?gcpc=9a1df&utm_source=adx&utm_medium=offer.577.cpa&utm_campaign=web.56606&sub1=sub1.&sub2=sub2.&clickid=61e87d4deacd760001199524
Access-Control-Allow-Origin
*
superlite-block-367ce03d0a62da6d6e7d92f9e70fddeb.css
plazmacourse.ru/nassets/css/ 		132 KB
27 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://plazmacourse.ru/nassets/css/superlite-block-367ce03d0a62da6d6e7d92f9e70fddeb.css?v=1642617616
Requested by
Host: plazmacourse.ru
URL: https://plazmacourse.ru/koval_web1?gcpc=9a1df&utm_source=adx&utm_medium=offer.577.cpa&utm_campaign=web.56606&sub1=sub1.&sub2=sub2.&clickid=61e87d4deacd760001199524
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
85.119.149.92 , Russian Federation, ASN49505 (SELECTEL, RU),
Reverse DNS
Software
nginx/1.16.1 /
Resource Hash
bd1c4b621993d30748d912855514774b2251de10b41fe7a4ce1078500ca200c1

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://plazmacourse.ru/koval_web1?gcpc=9a1df&utm_source=adx&utm_medium=offer.577.cpa&utm_campaign=web.56606&sub1=sub1.&sub2=sub2.&clickid=61e87d4deacd760001199524
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Wed, 19 Jan 2022 21:06:22 GMT
content-encoding
gzip
last-modified
Wed, 19 Jan 2022 18:40:16 GMT
server
nginx/1.16.1
etag
W/"61e85b10-210a8"
content-type
text/css
cache-control
max-age=315360000
expires
Thu, 31 Dec 2037 23:55:55 GMT
css
fonts.googleapis.com/ 		14 KB
1 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://fonts.googleapis.com/css?family=Open+Sans:300,400,500,600,700&subset=latin,cyrillic&display=swap
Requested by
Host: plazmacourse.ru
URL: https://plazmacourse.ru/koval_web1?gcpc=9a1df&utm_source=adx&utm_medium=offer.577.cpa&utm_campaign=web.56606&sub1=sub1.&sub2=sub2.&clickid=61e87d4deacd760001199524
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:829::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
0cbc55f744bd09a55dfec3f291a94ae0fbde1dd7e1bfcd308cf5770699fa1f53
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://plazmacourse.ru/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection
0
last-modified
Wed, 19 Jan 2022 19:29:28 GMT
server
ESF
cross-origin-opener-policy
same-origin-allow-popups
date
Wed, 19 Jan 2022 21:06:23 GMT
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Wed, 19 Jan 2022 21:06:23 GMT
css
fonts.googleapis.com/ 		8 KB
805 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://fonts.googleapis.com/css?family=Roboto:300,400,500,600,700&subset=latin,cyrillic&display=swap
Requested by
Host: plazmacourse.ru
URL: https://plazmacourse.ru/koval_web1?gcpc=9a1df&utm_source=adx&utm_medium=offer.577.cpa&utm_campaign=web.56606&sub1=sub1.&sub2=sub2.&clickid=61e87d4deacd760001199524
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:829::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
3fa49132cfd4ae80349a262b643fc4f9afa40c41a56032d7e05c3500f4ec9313
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://plazmacourse.ru/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection
0
last-modified
Wed, 19 Jan 2022 20:16:50 GMT
server
ESF
cross-origin-opener-policy
same-origin-allow-popups
date
Wed, 19 Jan 2022 21:06:23 GMT
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Wed, 19 Jan 2022 21:06:23 GMT
font-awesome.min.css
plazmacourse.ru/nassets/e14f572a/css/ 		30 KB
8 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://plazmacourse.ru/nassets/e14f572a/css/font-awesome.min.css?v=1642617620
Requested by
Host: plazmacourse.ru
URL: https://plazmacourse.ru/koval_web1?gcpc=9a1df&utm_source=adx&utm_medium=offer.577.cpa&utm_campaign=web.56606&sub1=sub1.&sub2=sub2.&clickid=61e87d4deacd760001199524
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
85.119.149.92 , Russian Federation, ASN49505 (SELECTEL, RU),
Reverse DNS
Software
nginx/1.16.1 /
Resource Hash
c4047043368afb4baf1aed25d358a5c2a333842a3b436b58491ab36aeee65b9d

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://plazmacourse.ru/koval_web1?gcpc=9a1df&utm_source=adx&utm_medium=offer.577.cpa&utm_campaign=web.56606&sub1=sub1.&sub2=sub2.&clickid=61e87d4deacd760001199524
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Wed, 19 Jan 2022 21:06:22 GMT
content-encoding
gzip
last-modified
Wed, 19 Jan 2022 18:40:21 GMT
server
nginx/1.16.1
etag
W/"61e85b15-7917"
content-type
text/css
cache-control
max-age=315360000
expires
Thu, 31 Dec 2037 23:55:55 GMT
font-viber.min.css
plazmacourse.ru/nassets/e14f572a/css/ 		421 B
390 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://plazmacourse.ru/nassets/e14f572a/css/font-viber.min.css?v=1642617620
Requested by
Host: plazmacourse.ru
URL: https://plazmacourse.ru/koval_web1?gcpc=9a1df&utm_source=adx&utm_medium=offer.577.cpa&utm_campaign=web.56606&sub1=sub1.&sub2=sub2.&clickid=61e87d4deacd760001199524
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
85.119.149.92 , Russian Federation, ASN49505 (SELECTEL, RU),
Reverse DNS
Software
nginx/1.16.1 /
Resource Hash
cd74580e6e2ac5a3d402dda83bda1e74b88277132f02c96a76ef9cd0ac0b42d7

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://plazmacourse.ru/koval_web1?gcpc=9a1df&utm_source=adx&utm_medium=offer.577.cpa&utm_campaign=web.56606&sub1=sub1.&sub2=sub2.&clickid=61e87d4deacd760001199524
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Wed, 19 Jan 2022 21:06:22 GMT
content-encoding
gzip
last-modified
Wed, 19 Jan 2022 18:40:20 GMT
server
nginx/1.16.1
etag
W/"61e85b14-1a5"
content-type
text/css
cache-control
max-age=315360000
expires
Thu, 31 Dec 2037 23:55:55 GMT
jquery.min.js
plazmacourse.ru/nassets/90f00776/ 		82 KB
34 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://plazmacourse.ru/nassets/90f00776/jquery.min.js?v=1642617620
Requested by
Host: plazmacourse.ru
URL: https://plazmacourse.ru/koval_web1?gcpc=9a1df&utm_source=adx&utm_medium=offer.577.cpa&utm_campaign=web.56606&sub1=sub1.&sub2=sub2.&clickid=61e87d4deacd760001199524
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
85.119.149.92 , Russian Federation, ASN49505 (SELECTEL, RU),
Reverse DNS
Software
nginx/1.16.1 /
Resource Hash
22642f202577f0ba2f22cbe56b6cf291a09374487567cd3563e0d2a29f75c0c5

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://plazmacourse.ru/koval_web1?gcpc=9a1df&utm_source=adx&utm_medium=offer.577.cpa&utm_campaign=web.56606&sub1=sub1.&sub2=sub2.&clickid=61e87d4deacd760001199524
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Wed, 19 Jan 2022 21:06:22 GMT
content-encoding
gzip
last-modified
Wed, 19 Jan 2022 18:40:20 GMT
server
nginx/1.16.1
etag
W/"61e85b14-1499c"
content-type
application/javascript; charset=utf-8
cache-control
max-age=315360000
expires
Thu, 31 Dec 2037 23:55:55 GMT
JsTrans.min.js
plazmacourse.ru/nassets/da4912f/js/ 		3 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://plazmacourse.ru/nassets/da4912f/js/JsTrans.min.js?v=1642617620
Requested by
Host: plazmacourse.ru
URL: https://plazmacourse.ru/koval_web1?gcpc=9a1df&utm_source=adx&utm_medium=offer.577.cpa&utm_campaign=web.56606&sub1=sub1.&sub2=sub2.&clickid=61e87d4deacd760001199524
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
85.119.149.92 , Russian Federation, ASN49505 (SELECTEL, RU),
Reverse DNS
Software
nginx/1.16.1 /
Resource Hash
192b0bceab0ccae1b20e4587838d5af627464ff0a29c62d7632f0aac937bb39c

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://plazmacourse.ru/koval_web1?gcpc=9a1df&utm_source=adx&utm_medium=offer.577.cpa&utm_campaign=web.56606&sub1=sub1.&sub2=sub2.&clickid=61e87d4deacd760001199524
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Wed, 19 Jan 2022 21:06:22 GMT
content-encoding
gzip
last-modified
Wed, 19 Jan 2022 18:40:20 GMT
server
nginx/1.16.1
etag
W/"61e85b14-b7e"
content-type
application/javascript; charset=utf-8
cache-control
max-age=315360000
expires
Thu, 31 Dec 2037 23:55:55 GMT
dictionary-gen-bd11eac5f54f06bcd3b822775f916e0088899779.js
plazmacourse.ru/nassets/42c00af2/ 		222 KB
43 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://plazmacourse.ru/nassets/42c00af2/dictionary-gen-bd11eac5f54f06bcd3b822775f916e0088899779.js?v=1642620924
Requested by
Host: plazmacourse.ru
URL: https://plazmacourse.ru/koval_web1?gcpc=9a1df&utm_source=adx&utm_medium=offer.577.cpa&utm_campaign=web.56606&sub1=sub1.&sub2=sub2.&clickid=61e87d4deacd760001199524
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
85.119.149.92 , Russian Federation, ASN49505 (SELECTEL, RU),
Reverse DNS
Software
nginx/1.16.1 /
Resource Hash
ba1bb552b723497b190b5b2a6bd45ef7c0d5848fee6d1e75cb4e312a63eff443

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://plazmacourse.ru/koval_web1?gcpc=9a1df&utm_source=adx&utm_medium=offer.577.cpa&utm_campaign=web.56606&sub1=sub1.&sub2=sub2.&clickid=61e87d4deacd760001199524
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Wed, 19 Jan 2022 21:06:22 GMT
content-encoding
gzip
last-modified
Wed, 19 Jan 2022 19:35:24 GMT
server
nginx/1.16.1
etag
W/"61e867fc-3769e"
content-type
application/javascript; charset=utf-8
cache-control
max-age=315360000
expires
Thu, 31 Dec 2037 23:55:55 GMT
e0951b2bddd9397d9f87948633d00642.js
bfs01.getcourse.ru/public/files/111323/69/
Redirect Chain
  • https://fs.getcourse.ru/fileservice/file/download/a/111323/sc/69/h/e0951b2bddd9397d9f87948633d00642.js
  • https://bfs01.getcourse.ru/public/files/111323/69/e0951b2bddd9397d9f87948633d00642.js?e=1642633199&s=UZ-IcDHGY2a-VcxHPF02BA
29 KB
12 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://bfs01.getcourse.ru/public/files/111323/69/e0951b2bddd9397d9f87948633d00642.js?e=1642633199&s=UZ-IcDHGY2a-VcxHPF02BA
Requested by
Host: plazmacourse.ru
URL: https://plazmacourse.ru/koval_web1?gcpc=9a1df&utm_source=adx&utm_medium=offer.577.cpa&utm_campaign=web.56606&sub1=sub1.&sub2=sub2.&clickid=61e87d4deacd760001199524
Protocol
H2
Server
95.217.140.73 Helsinki, Finland, ASN24940 (HETZNER-AS, DE),
Reverse DNS
off-1.getcourse.net
Software
nginx/1.18.0 /
Resource Hash
4bf52e1f92ce9ea93f33025943d00dbfe5e73ff1c8ddc1507aee8ac82d34dc0f

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://plazmacourse.ru/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Wed, 19 Jan 2022 21:06:23 GMT
content-encoding
gzip
last-modified
Fri, 28 Feb 2020 09:11:41 GMT
server
nginx/1.18.0
etag
W/"5e58d94d-72e4"
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
cache-control
max-age=315360000
expires
Thu, 31 Dec 2037 23:55:55 GMT

Redirect headers

location
https://bfs01.getcourse.ru/public/files/111323/69/e0951b2bddd9397d9f87948633d00642.js?e=1642633199&s=UZ-IcDHGY2a-VcxHPF02BA
date
Wed, 19 Jan 2022 21:06:23 GMT
cache-control
max-age=300
server
nginx/1.18.0
content-type
text/html; charset=UTF-8
expires
Wed, 19 Jan 2022 21:11:23 GMT
superlite-block-8a1f1162085299b32bdf588399d1cc59.js
plazmacourse.ru/nassets/js/ 		43 KB
17 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://plazmacourse.ru/nassets/js/superlite-block-8a1f1162085299b32bdf588399d1cc59.js?v=1642617616
Requested by
Host: plazmacourse.ru
URL: https://plazmacourse.ru/koval_web1?gcpc=9a1df&utm_source=adx&utm_medium=offer.577.cpa&utm_campaign=web.56606&sub1=sub1.&sub2=sub2.&clickid=61e87d4deacd760001199524
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
85.119.149.92 , Russian Federation, ASN49505 (SELECTEL, RU),
Reverse DNS
Software
nginx/1.16.1 /
Resource Hash
2008a81a7c2847e25a7e31fb6cb64e78ee4824cf64885997100a7d3d4c586fc3

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://plazmacourse.ru/koval_web1?gcpc=9a1df&utm_source=adx&utm_medium=offer.577.cpa&utm_campaign=web.56606&sub1=sub1.&sub2=sub2.&clickid=61e87d4deacd760001199524
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Wed, 19 Jan 2022 21:06:22 GMT
content-encoding
gzip
last-modified
Wed, 19 Jan 2022 18:03:44 GMT
server
nginx/1.16.1
etag
W/"61e85280-abfb"
content-type
application/javascript; charset=utf-8
cache-control
max-age=315360000
expires
Thu, 31 Dec 2037 23:55:55 GMT
replace.js
plazmacourse.ru/nassets/ed4d3d86/js/ 		8 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://plazmacourse.ru/nassets/ed4d3d86/js/replace.js?v=1642617620
Requested by
Host: plazmacourse.ru
URL: https://plazmacourse.ru/koval_web1?gcpc=9a1df&utm_source=adx&utm_medium=offer.577.cpa&utm_campaign=web.56606&sub1=sub1.&sub2=sub2.&clickid=61e87d4deacd760001199524
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
85.119.149.92 , Russian Federation, ASN49505 (SELECTEL, RU),
Reverse DNS
Software
nginx/1.16.1 /
Resource Hash
02451a52543ae3b6f34edf787da7df9b94d6aae5e96c2eb634fb0ba30236fcab

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://plazmacourse.ru/koval_web1?gcpc=9a1df&utm_source=adx&utm_medium=offer.577.cpa&utm_campaign=web.56606&sub1=sub1.&sub2=sub2.&clickid=61e87d4deacd760001199524
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Wed, 19 Jan 2022 21:06:22 GMT
content-encoding
gzip
last-modified
Wed, 19 Jan 2022 18:40:20 GMT
server
nginx/1.16.1
etag
W/"61e85b14-1f00"
content-type
application/javascript; charset=utf-8
cache-control
max-age=315360000
expires
Thu, 31 Dec 2037 23:55:55 GMT
gccounter.js
plazmacourse.ru/public/js/ 		2 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://plazmacourse.ru/public/js/gccounter.js?1
Requested by
Host: plazmacourse.ru
URL: https://plazmacourse.ru/koval_web1?gcpc=9a1df&utm_source=adx&utm_medium=offer.577.cpa&utm_campaign=web.56606&sub1=sub1.&sub2=sub2.&clickid=61e87d4deacd760001199524
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
85.119.149.92 , Russian Federation, ASN49505 (SELECTEL, RU),
Reverse DNS
Software
nginx/1.16.1 /
Resource Hash
9ea5753e69a1e875c64e19e059ccf1351d15d41b8bb2fb699cafafbbd1621e72

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://plazmacourse.ru/koval_web1?gcpc=9a1df&utm_source=adx&utm_medium=offer.577.cpa&utm_campaign=web.56606&sub1=sub1.&sub2=sub2.&clickid=61e87d4deacd760001199524
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Wed, 19 Jan 2022 21:06:22 GMT
content-encoding
gzip
last-modified
Tue, 11 Dec 2018 09:51:38 GMT
server
nginx/1.16.1
etag
W/"5c0f88aa-814"
content-type
application/javascript; charset=utf-8
cache-control
max-age=315360000
expires
Thu, 31 Dec 2037 23:55:55 GMT
memvYaGs126MiZpBA-UvWbX2vVnXBbObj2OVTS-muw.woff2
fonts.gstatic.com/s/opensans/v27/ 		44 KB
44 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/opensans/v27/memvYaGs126MiZpBA-UvWbX2vVnXBbObj2OVTS-muw.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Open+Sans:300,400,500,600,700&subset=latin,cyrillic&display=swap
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:830::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
88915cdc03fc5b9a20aec966fe93ee38aa3fd76bfef296e41d305271b3541c96
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
https://plazmacourse.ru
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Fri, 14 Jan 2022 13:52:02 GMT
x-content-type-options
nosniff
age
458061
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
44656
x-xss-protection
0
last-modified
Thu, 28 Oct 2021 00:30:43 GMT
server
sffe
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="apps-themes"
expires
Sat, 14 Jan 2023 13:52:02 GMT
memvYaGs126MiZpBA-UvWbX2vVnXBbObj2OVTSumu1aB.woff2
fonts.gstatic.com/s/opensans/v27/ 		24 KB
24 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/opensans/v27/memvYaGs126MiZpBA-UvWbX2vVnXBbObj2OVTSumu1aB.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Open+Sans:300,400,500,600,700&subset=latin,cyrillic&display=swap
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:830::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
fcbd587432f5e88fc926d1cde0d375084b7f3e711f9ff34571dec52f70fb27cf
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
https://plazmacourse.ru
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Fri, 14 Jan 2022 13:30:03 GMT
x-content-type-options
nosniff
age
459380
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
24756
x-xss-protection
0
last-modified
Thu, 28 Oct 2021 00:30:39 GMT
server
sffe
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="apps-themes"
expires
Sat, 14 Jan 2023 13:30:03 GMT
KFOlCnqEu92Fr1MmWUlfABc4EsA.woff2
fonts.gstatic.com/s/roboto/v29/ 		9 KB
9 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/roboto/v29/KFOlCnqEu92Fr1MmWUlfABc4EsA.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Roboto:300,400,500,600,700&subset=latin,cyrillic&display=swap
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:830::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
053508cc4ed1acf7db8ed96deca42ffebfa1669c5cecd62f4415b926d07b5aaa
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
https://plazmacourse.ru
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Wed, 19 Jan 2022 18:07:18 GMT
x-content-type-options
nosniff
age
10746
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
9544
x-xss-protection
0
last-modified
Wed, 22 Sep 2021 16:13:33 GMT
server
sffe
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="apps-themes"
expires
Thu, 19 Jan 2023 18:07:18 GMT
KFOlCnqEu92Fr1MmWUlfBBc4.woff2
fonts.gstatic.com/s/roboto/v29/ 		15 KB
16 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/roboto/v29/KFOlCnqEu92Fr1MmWUlfBBc4.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Roboto:300,400,500,600,700&subset=latin,cyrillic&display=swap
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:830::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
0eaeadb58e6995ba85eccb6198aaef77eeb1d4b66699e4e1f3fc10eb6adfcdb9
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
https://plazmacourse.ru
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Wed, 19 Jan 2022 17:56:19 GMT
x-content-type-options
nosniff
age
11405
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
15828
x-xss-protection
0
last-modified
Wed, 22 Sep 2021 16:13:28 GMT
server
sffe
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="apps-themes"
expires
Thu, 19 Jan 2023 17:56:19 GMT
KFOlCnqEu92Fr1MmSU5fABc4EsA.woff2
fonts.gstatic.com/s/roboto/v29/ 		9 KB
9 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/roboto/v29/KFOlCnqEu92Fr1MmSU5fABc4EsA.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Roboto:300,400,500,600,700&subset=latin,cyrillic&display=swap
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:830::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
fb83389ea7513242a9a237454ce7989eb6d84c4ec2fe15c81bad6f89c87fe89e
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
https://plazmacourse.ru
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Tue, 18 Jan 2022 14:12:11 GMT
x-content-type-options
nosniff
age
111253
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
9500
x-xss-protection
0
last-modified
Wed, 22 Sep 2021 16:13:19 GMT
server
sffe
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="apps-themes"
expires
Wed, 18 Jan 2023 14:12:11 GMT
KFOlCnqEu92Fr1MmSU5fBBc4.woff2
fonts.gstatic.com/s/roboto/v29/ 		15 KB
15 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/roboto/v29/KFOlCnqEu92Fr1MmSU5fBBc4.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Roboto:300,400,500,600,700&subset=latin,cyrillic&display=swap
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:830::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
33530b007071281a97e79baab13ddf7cc4b9de942ebd3e212224857335f7cb97
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
https://plazmacourse.ru
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Wed, 19 Jan 2022 17:58:32 GMT
x-content-type-options
nosniff
age
11272
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
15732
x-xss-protection
0
last-modified
Wed, 22 Sep 2021 16:13:20 GMT
server
sffe
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="apps-themes"
expires
Thu, 19 Jan 2023 17:58:32 GMT
gtm.js
www.googletagmanager.com/ 		151 KB
51 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagmanager.com/gtm.js?id=GTM-KBM8R9
Requested by
Host: plazmacourse.ru
URL: https://plazmacourse.ru/koval_web1?gcpc=9a1df&utm_source=adx&utm_medium=offer.577.cpa&utm_campaign=web.56606&sub1=sub1.&sub2=sub2.&clickid=61e87d4deacd760001199524
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82a::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
f7ec5750c4e44f9be3225061ffc95f6079562c2aacb1b03b3f811c5a22435e4b
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://plazmacourse.ru/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Wed, 19 Jan 2022 21:06:24 GMT
content-encoding
br
server
Google Tag Manager
access-control-allow-headers
Cache-Control
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
strict-transport-security
max-age=31536000; includeSubDomains
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
52169
x-xss-protection
0
expires
Wed, 19 Jan 2022 21:06:24 GMT
counter
plazmacourse.ru/stat/ 		524 B
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://plazmacourse.ru/stat/counter?ref=http%3A%2F%2Fhdnews.ru%2F&loc=https%3A%2F%2Fplazmacourse.ru%2Fkoval_web1%3Fgcpc%3D9a1df%26utm_source%3Dadx%26utm_medium%3Doffer.577.cpa%26utm_campaign%3Dweb.56606%26sub1%3Dsub1.%26sub2%3Dsub2.%26clickid%3D61e87d4deacd760001199524&objectId=1349420&uniqId=185016967061e87d4edcb7d6.52391670.1642626382.9041&token=ZzRHQjZXN1gEAjB2YWR4GV9dFjpVDnoaIlAqJWEeWx4kTQ01UiBeLw==&tzof=2022-1-19%2021:6
Requested by
Host: plazmacourse.ru
URL: https://plazmacourse.ru/public/js/gccounter.js?1
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
85.119.149.92 , Russian Federation, ASN49505 (SELECTEL, RU),
Reverse DNS
Software
nginx/1.16.1 /
Resource Hash
be1f1ce99bfa658610b96a8045b9cc88a9b150b4fc3e2ff832afb27821e439a7

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://plazmacourse.ru/koval_web1?gcpc=9a1df&utm_source=adx&utm_medium=offer.577.cpa&utm_campaign=web.56606&sub1=sub1.&sub2=sub2.&clickid=61e87d4deacd760001199524
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

server-version
31
pragma
no-cache
date
Wed, 19 Jan 2022 21:06:24 GMT
content-encoding
gzip
server
nginx/1.16.1
content-type
application/javascript; charset=utf-8
cache-control
no-store, no-cache, must-revalidate
expires
Thu, 19 Nov 1981 08:52:00 GMT
js
www.googletagmanager.com/gtag/ 		165 KB
61 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagmanager.com/gtag/js?id=G-YLM8830Z4C&l=dataLayer&cx=c
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-KBM8R9
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82a::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
41e149bb168d7bff180a210f10c930bb2384fc70dee9d6bd78906b4f734ae73a
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://plazmacourse.ru/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Wed, 19 Jan 2022 21:06:24 GMT
content-encoding
br
server
Google Tag Manager
access-control-allow-headers
Cache-Control
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
strict-transport-security
max-age=31536000; includeSubDomains
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
62551
x-xss-protection
0
expires
Wed, 19 Jan 2022 21:06:24 GMT
analytics.js
www.google-analytics.com/ 		49 KB
20 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.google-analytics.com/analytics.js
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-KBM8R9
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:80e::200e -, , ASN (),
Reverse DNS
Software
Golfe2 /
Resource Hash
a1925038db769477ab74b4df34350c35688a795bb718727b0f4292a4a78a6210
Security Headers
Name Value
Strict-Transport-Security max-age=10886400; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://plazmacourse.ru/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

strict-transport-security
max-age=10886400; includeSubDomains; preload
content-encoding
gzip
x-content-type-options
nosniff
last-modified
Tue, 02 Nov 2021 17:39:06 GMT
server
Golfe2
age
5490
date
Wed, 19 Jan 2022 19:34:54 GMT
vary
Accept-Encoding
content-type
text/javascript
cache-control
public, max-age=7200
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
20006
expires
Wed, 19 Jan 2022 21:34:54 GMT
tag.js
mc.yandex.ru/metrika/ 		196 KB
67 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://mc.yandex.ru/metrika/tag.js
Requested by
Host: hdnews.ru
URL: http://hdnews.ru/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:6b8::1:119 -, , ASN (),
Reverse DNS
Software
/
Resource Hash
858b074d3341e69dfee2ca648f95ce997a857ca26bf95344c295f1bd037f33ba
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://plazmacourse.ru/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Wed, 19 Jan 2022 21:06:24 GMT
content-encoding
br
last-modified
Wed, 19 Jan 2022 13:48:47 GMT
etag
"61e7ec8f-10ac3"
strict-transport-security
max-age=31536000
content-type
application/javascript
access-control-allow-origin
*
cache-control
max-age=3600
content-length
68291
expires
Wed, 19 Jan 2022 22:06:24 GMT
fbevents.js
connect.facebook.net/en_US/ 		99 KB
26 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://connect.facebook.net/en_US/fbevents.js
Requested by
Host: hdnews.ru
URL: http://hdnews.ru/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a03:2880:f02d:12:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
/
Resource Hash
16c13044cedc5c7482ad7db51913c164ffabc787ec5b6b0246acfec84cd6d01b
Security Headers
Name Value
Content-Security-Policy default-src facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com data: blob: 'self';script-src *.fbcdn.net *.facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;
Strict-Transport-Security max-age=31536000; preload; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://plazmacourse.ru/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

content-security-policy
default-src facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com data: blob: 'self';script-src *.fbcdn.net *.facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;
content-encoding
gzip
x-content-type-options
nosniff
document-policy
force-load-at-top
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=3600,h3-29=":443"; ma=3600
content-length
26187
x-xss-protection
0
pragma
public
x-fb-debug
rsQEjAco16DAQgPH2JJGQH03VfPOtI46/DgnQYNzG2Hqt3/q2wXkqUHmYFWx3oh6HAYwLgNN9ECEx9T51sCcZw==
x-fb-trip-id
917726464
x-frame-options
DENY
date
Wed, 19 Jan 2022 21:06:24 GMT
strict-transport-security
max-age=31536000; preload; includeSubDomains
content-type
application/x-javascript; charset=utf-8
vary
Accept-Encoding
cache-control
public, max-age=1200
x-fb-rlafr
0
priority
u=3,i
expires
Sat, 01 Jan 2000 00:00:00 GMT
173
fs-thb01.getcourse.ru/fileservice/file/thumbnail/h/c0f36d61431d1340c7d619bd1c42ec4b.png/s/s1200x/a/58612/sc/ 		178 KB
178 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://fs-thb01.getcourse.ru/fileservice/file/thumbnail/h/c0f36d61431d1340c7d619bd1c42ec4b.png/s/s1200x/a/58612/sc/173
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.137.235.113 -, , ASN (),
Reverse DNS
Software
nginx/1.18.0 /
Resource Hash
1fe226af3dac8776e1c7f9de6b671a963734c2e89c2b409daf3ce56863344a19

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://plazmacourse.ru/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Wed, 19 Jan 2022 21:06:23 GMT
last-modified
Mon, 28 Jun 2021 21:49:06 GMT
server
nginx/1.18.0
etag
"60da43d2-2c65f"
content-type
image/png
cache-control
max-age=300
accept-ranges
bytes
content-length
181855
expires
Wed, 19 Jan 2022 21:11:23 GMT
469095024313495
connect.facebook.net/signals/config/ 		305 KB
87 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://connect.facebook.net/signals/config/469095024313495?v=2.9.49&r=stable
Requested by
Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/fbevents.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a03:2880:f02d:12:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
/
Resource Hash
9d42d7df665f19dcf95b49c4352bbd35f4c3c6d155c4f2593268ae9f842a93c0
Security Headers
Name Value
Content-Security-Policy default-src * data: blob: 'self';script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.google.com 127.0.0.1:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self';block-all-mixed-content;upgrade-insecure-requests;
Strict-Transport-Security max-age=31536000; preload; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://plazmacourse.ru/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

content-security-policy
default-src * data: blob: 'self';script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.google.com 127.0.0.1:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self';block-all-mixed-content;upgrade-insecure-requests;
content-encoding
gzip
x-content-type-options
nosniff
document-policy
force-load-at-top
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=3600,h3-29=":443"; ma=3600
x-xss-protection
0
pragma
public
x-fb-debug
qjxXtZZ3mP/W3C2m58+0CGiI1Tbt1qZlLAv2jSSpf7HJs13M0y9JU2EDRZIy+Y8rllJWNVOU2DvxagXSStPXRg==
cross-origin-embedder-policy-report-only
require-corp;report-to="coep_report"
cross-origin-opener-policy
same-origin-allow-popups
x-frame-options
DENY
date
Wed, 19 Jan 2022 21:06:24 GMT
strict-transport-security
max-age=31536000; preload; includeSubDomains
report-to
{"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/?minimize=0"}],"group":"coep_report"}
content-type
application/x-javascript; charset=utf-8
vary
Accept-Encoding
cache-control
public, max-age=1200
x-fb-rlafr
0
priority
u=3,i
expires
Sat, 01 Jan 2000 00:00:00 GMT
/
www.facebook.com/tr/ 		44 B
295 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.facebook.com/tr/?id=469095024313495&ev=PageView&dl=https%3A%2F%2Fplazmacourse.ru%2Fkoval_web1%3Fgcpc%3D9a1df%26utm_source%3Dadx%26utm_medium%3Doffer.577.cpa%26utm_campaign%3Dweb.56606%26sub1%3Dsub1.%26sub2%3Dsub2.%26clickid%3D61e87d4deacd760001199524&rl=http%3A%2F%2Fhdnews.ru%2F&if=false&ts=1642626384565&sw=1600&sh=1200&v=2.9.49&r=stable&ec=0&o=30&fbp=fb.1.1642626384564.1559815979&it=1642626384476&coo=false&rqm=GET
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a03:2880:f11c:8083:face:b00c:0:25de -, , ASN (),
Reverse DNS
Software
proxygen-bolt /
Resource Hash
10d8d42d73a02ddb877101e72fbfa15a0ec820224d97cedee4cf92d571be5caa
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://plazmacourse.ru/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Wed, 19 Jan 2022 21:06:24 GMT
last-modified
Fri, 21 Dec 2012 00:00:01 GMT
server
proxygen-bolt
strict-transport-security
max-age=31536000; includeSubDomains
content-type
image/gif
cache-control
no-cache, must-revalidate, max-age=0
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=3600, h3-29=":443"; ma=3600
content-length
44
expires
Wed, 19 Jan 2022 21:06:24 GMT
collect
stats.g.doubleclick.net/j/ 		4 B
442 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://stats.g.doubleclick.net/j/collect?t=dc&aip=1&_r=3&v=1&_v=j96&tid=UA-82641609-1&cid=975244038.1642626385&jid=823976351&gjid=1121905698&_gid=411453015.1642626385&_u=YGBAiAABBAAAAE~&z=933868680
Requested by
Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:400c:c04::9d -, , ASN (),
Reverse DNS
Software
Golfe2 /
Resource Hash
84e01419bd81f32ac6df0f75f49c604fda9172000a3ae432b3c47b2a6a712d80
Security Headers
Name Value
Strict-Transport-Security max-age=10886400; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://plazmacourse.ru/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
strict-transport-security
max-age=10886400; includeSubDomains; preload
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
date
Wed, 19 Jan 2022 21:06:24 GMT
content-type
text/plain
access-control-allow-origin
https://plazmacourse.ru
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
4
expires
Fri, 01 Jan 1990 00:00:00 GMT
collect
www.google-analytics.com/ 		35 B
55 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google-analytics.com/collect?v=1&_v=j96&a=1660761728&t=pageview&_s=1&dl=https%3A%2F%2Fplazmacourse.ru%2Fkoval_web1%3Fgcpc%3D9a1df%26utm_source%3Dadx%26utm_medium%3Doffer.577.cpa%26utm_campaign%3Dweb.56606%26sub1%3Dsub1.%26sub2%3Dsub2.%26clickid%3D61e87d4deacd760001199524&dr=http%3A%2F%2Fhdnews.ru%2F&ul=en-us&de=UTF-8&dt=%D0%97%D0%B0%D0%BF%D0%B8%D1%81%D1%8C%20%D0%B2%D0%B5%D0%B1%D0%B8%D0%BD%D0%B0%D1%80%D0%B0&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=YGBAiAABB~&jid=823976351&gjid=1121905698&cid=975244038.1642626385&tid=UA-82641609-1&_gid=411453015.1642626385&gtm=2wg1c0KBM8R9&z=1076493946
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80e::200e -, , ASN (),
Reverse DNS
Software
Golfe2 /
Resource Hash
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://plazmacourse.ru/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 19 Jan 2022 02:43:29 GMT
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
age
66175
content-type
image/gif
access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
35
expires
Mon, 01 Jan 1990 00:00:00 GMT
collect
www.google-analytics.com/g/ 		0
17 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://www.google-analytics.com/g/collect?v=2&tid=G-YLM8830Z4C&gtm=2oe1c0&_p=1660761728&sr=1600x1200&ul=en-us&cid=975244038.1642626385&_s=1&dl=https%3A%2F%2Fplazmacourse.ru%2Fkoval_web1%3Fgcpc%3D9a1df%26utm_source%3Dadx%26utm_medium%3Doffer.577.cpa%26utm_campaign%3Dweb.56606%26sub1%3Dsub1.%26sub2%3Dsub2.%26clickid%3D61e87d4deacd760001199524&dr=http%3A%2F%2Fhdnews.ru%2F&dt=%D0%97%D0%B0%D0%BF%D0%B8%D1%81%D1%8C%20%D0%B2%D0%B5%D0%B1%D0%B8%D0%BD%D0%B0%D1%80%D0%B0&sid=1642626384&sct=1&seg=0&en=page_view&_fv=1&_ss=1
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-YLM8830Z4C&l=dataLayer&cx=c
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80e::200e -, , ASN (),
Reverse DNS
Software
Golfe2 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://plazmacourse.ru/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

pragma
no-cache
date
Wed, 19 Jan 2022 21:06:24 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://plazmacourse.ru
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
ga-audiences
www.google.com/ads/ 		42 B
501 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.com/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j96&tid=UA-82641609-1&cid=975244038.1642626385&jid=823976351&_u=YGBAiAABBAAAAE~&z=795918772
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:829::2004 -, , ASN (),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://plazmacourse.ru/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 19 Jan 2022 21:06:24 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
ga-audiences
www.google.de/ads/ 		42 B
501 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.de/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j96&tid=UA-82641609-1&cid=975244038.1642626385&jid=823976351&_u=YGBAiAABBAAAAE~&z=795918772
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:828::2003 -, , ASN (),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://plazmacourse.ru/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 19 Jan 2022 21:06:24 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
sync_cookie_image_decide
mc.yandex.com/
Redirect Chain
  • https://mc.yandex.com/sync_cookie_image_check
  • https://mc.yandex.ru/sync_cookie_image_start?redirect_domain=mc.yandex.com&token=9523.i8ndPUdpiUW-tUI3gPkiu8LeINoNfpcKHEFjjIlQ13_9mtSLhWJniFEm_Zm_IlC0.e5P2XpCJ9GLagyL5UC_AYot11UA%2C
  • https://mc.yandex.com/sync_cookie_image_decide?token=9523.va4yFZODvEdTEEzpvSUVODTOKDHAp-gJstuuiwcVqU1YYgRfUczoio6kEZSwsX1IwhlKH6IVi4iO0IPz8XkCGw%2C%2C.FpqIxX19aVjmI3jcE7j62D0mOgw%2C
75 B
75 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://mc.yandex.com/sync_cookie_image_decide?token=9523.va4yFZODvEdTEEzpvSUVODTOKDHAp-gJstuuiwcVqU1YYgRfUczoio6kEZSwsX1IwhlKH6IVi4iO0IPz8XkCGw%2C%2C.FpqIxX19aVjmI3jcE7j62D0mOgw%2C
Protocol
H2
Server
2a02:6b8::1:119 -, , ASN (),
Reverse DNS
Software
/
Resource Hash
8398a026313c016324f186d1c9b24a46813109d4bc5477d910a683079cbf1434
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Xss-Protection 1; mode=block

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://plazmacourse.ru/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Wed, 19 Jan 2022 21:06:24 GMT
strict-transport-security
max-age=31536000
content-length
75
x-xss-protection
1; mode=block
content-type
text/html; charset=utf-8

Redirect headers

location
https://mc.yandex.com/sync_cookie_image_decide?token=9523.va4yFZODvEdTEEzpvSUVODTOKDHAp-gJstuuiwcVqU1YYgRfUczoio6kEZSwsX1IwhlKH6IVi4iO0IPz8XkCGw%2C%2C.FpqIxX19aVjmI3jcE7j62D0mOgw%2C
date
Wed, 19 Jan 2022 21:06:24 GMT
strict-transport-security
max-age=31536000
x-xss-protection
1; mode=block
advert.gif
mc.yandex.com/metrika/ 		43 B
112 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://mc.yandex.com/metrika/advert.gif
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:6b8::1:119 -, , ASN (),
Reverse DNS
Software
/
Resource Hash
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://plazmacourse.ru/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Wed, 19 Jan 2022 21:06:24 GMT
last-modified
Wed, 19 Jan 2022 13:48:47 GMT
etag
"61e7ec8f-2b"
strict-transport-security
max-age=31536000
content-type
image/gif
access-control-allow-origin
*
cache-control
max-age=3600
accept-ranges
bytes
content-length
43
expires
Wed, 19 Jan 2022 22:06:24 GMT
1
mc.yandex.com/watch/39316070/
Redirect Chain
  • https://mc.yandex.com/watch/39316070?wmode=7&page-url=https%3A%2F%2Fplazmacourse.ru%2Fkoval_web1%3Fgcpc%3D9a1df%26utm_source%3Dadx%26utm_medium%3Doffer.577.cpa%26utm_campaign%3Dweb.56606%26sub1%3Ds...
  • https://mc.yandex.com/watch/39316070/1?wmode=7&page-url=https%3A%2F%2Fplazmacourse.ru%2Fkoval_web1%3Fgcpc%3D9a1df%26utm_source%3Dadx%26utm_medium%3Doffer.577.cpa%26utm_campaign%3Dweb.56606%26sub1%3...
350 B
432 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://mc.yandex.com/watch/39316070/1?wmode=7&page-url=https%3A%2F%2Fplazmacourse.ru%2Fkoval_web1%3Fgcpc%3D9a1df%26utm_source%3Dadx%26utm_medium%3Doffer.577.cpa%26utm_campaign%3Dweb.56606%26sub1%3Dsub1.%26sub2%3Dsub2.%26clickid%3D61e87d4deacd760001199524&page-ref=http%3A%2F%2Fhdnews.ru%2F&charset=utf-8&browser-info=pv%3A1%3Agdpr%3A14%3Avf%3A3u9fu6axod7fmovyqrj%3Afp%3A2536%3Afu%3A0%3Aen%3Autf-8%3Ala%3Aen-US%3Av%3A730%3Acn%3A1%3Adp%3A0%3Als%3A1423619118384%3Ahid%3A833122274%3Az%3A0%3Ai%3A20220119210624%3Aet%3A1642626385%3Ac%3A1%3Arn%3A18677904%3Arqn%3A1%3Au%3A1642626385668805807%3Aw%3A1600x1200%3As%3A1600x1200x24%3Ask%3A1%3Acpf%3A1%3Ans%3A1642626381499%3Ads%3A142%2C103%2C208%2C1%2C977%2C0%2C%2C1237%2C7%2C2921%2C2921%2C0%2C2669%3Awv%3A2%3Aco%3A0%3Aadb%3A2%3Arqnl%3A1%3Ast%3A1642626385%3At%3A%D0%97%D0%B0%D0%BF%D0%B8%D1%81%D1%8C%20%D0%B2%D0%B5%D0%B1%D0%B8%D0%BD%D0%B0%D1%80%D0%B0&t=gdpr%2814%29aw%281%29ti%282%29
Protocol
H2
Server
2a02:6b8::1:119 -, , ASN (),
Reverse DNS
Software
/
Resource Hash
3e7a6905a6ed0c471cff953f0e372e84fa1d64950ce30971ff148eefdf4e4d9c
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://plazmacourse.ru/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 19 Jan 2022 21:06:24 GMT
x-content-type-options
nosniff
last-modified
Wed, 19-Jan-2022 21:06:24 GMT
strict-transport-security
max-age=31536000
content-type
application/json; charset=utf-8
access-control-allow-origin
https://plazmacourse.ru
cache-control
private, no-cache, no-store, must-revalidate, max-age=0
access-control-allow-credentials
true
content-length
350
x-xss-protection
1; mode=block
expires
Wed, 19-Jan-2022 21:06:24 GMT

Redirect headers

pragma
no-cache
date
Wed, 19 Jan 2022 21:06:24 GMT
last-modified
Wed, 19-Jan-2022 21:06:24 GMT
location
/watch/39316070/1?wmode=7&page-url=https%3A%2F%2Fplazmacourse.ru%2Fkoval_web1%3Fgcpc%3D9a1df%26utm_source%3Dadx%26utm_medium%3Doffer.577.cpa%26utm_campaign%3Dweb.56606%26sub1%3Dsub1.%26sub2%3Dsub2.%26clickid%3D61e87d4deacd760001199524&page-ref=http%3A%2F%2Fhdnews.ru%2F&charset=utf-8&browser-info=pv%3A1%3Agdpr%3A14%3Avf%3A3u9fu6axod7fmovyqrj%3Afp%3A2536%3Afu%3A0%3Aen%3Autf-8%3Ala%3Aen-US%3Av%3A730%3Acn%3A1%3Adp%3A0%3Als%3A1423619118384%3Ahid%3A833122274%3Az%3A0%3Ai%3A20220119210624%3Aet%3A1642626385%3Ac%3A1%3Arn%3A18677904%3Arqn%3A1%3Au%3A1642626385668805807%3Aw%3A1600x1200%3As%3A1600x1200x24%3Ask%3A1%3Acpf%3A1%3Ans%3A1642626381499%3Ads%3A142%2C103%2C208%2C1%2C977%2C0%2C%2C1237%2C7%2C2921%2C2921%2C0%2C2669%3Awv%3A2%3Aco%3A0%3Aadb%3A2%3Arqnl%3A1%3Ast%3A1642626385%3At%3A%D0%97%D0%B0%D0%BF%D0%B8%D1%81%D1%8C%20%D0%B2%D0%B5%D0%B1%D0%B8%D0%BD%D0%B0%D1%80%D0%B0&t=gdpr%2814%29aw%281%29ti%282%29
strict-transport-security
max-age=31536000
access-control-allow-origin
https://plazmacourse.ru
cache-control
private, no-cache, no-store, must-revalidate, max-age=0
access-control-allow-credentials
true
x-xss-protection
1; mode=block
expires
Wed, 19-Jan-2022 21:06:24 GMT

Verdicts & Comments Add Verdict or Comment

131 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

number| accountUserId string| requestIp boolean| isSublogined number| accountId number| gcSessionId string| controllerId string| actionId object| nowTime number| dateOffset object| userInfo string| websocketHost number| websocketHttpPort number| websocketHttpsPort object| currencyLabels string| accountSafeUserName string| accountUserThumbnail string| language string| csrfToken number| requestTime string| requestSimpleSign string| gcUniqId number| mailingVisibility boolean| isSupportChatEnabled boolean| disableCaptchaForConfirmPhone boolean| globalCheckboxEnabled string| globalCheckboxText number| persodataConfirm number| params_52 number| gcsObjectId boolean| isSessionLocalStorageEnabled boolean| isWhatsappIconEnabled boolean| file_upload_blocking object| storage_usage_percent object| used_storage_size object| max_storage_size string| fileserviceThumbnailHost string| fileserviceMainHost string| fileserviceUploadHost boolean| fileserviceTusFeatureEnabled string| webinarWebsocketHost object| webinarWebsocketHosts string| webSocketHost boolean| fdsrevEnabled12 function| $ function| jQuery object| Yii function| Fingerprint2 function| ajaxCall function| bodyScrollTo function| initUploadify function| panelPutTaskAside function| panelFinishTask function| panelLoad function| setElLoading function| extend function| mixin function| getThumbnailUrl function| getBorderedThumbnailUrl function| getDownloadUrl function| isImage function| isVideo function| updateThumbnailVersion function| getVideoThumbnailUrl function| gcGetFileObj function| getProp function| objectToQueryString function| buildParams function| addParamToLocation function| removeParamFromLocation function| escapeDoubleQuotes function| setVisibilityRelation function| getParamFromLocation function| getParamFromHash function| gcParseUrl function| gcAddResourceElement function| gcAddScriptElement function| gcAddLinkElement function| replaceAll function| addGlobalCheckbox function| initListSearch function| initDropdownSearch function| number_format function| onTelegramAuth function| ltShowModalBlock function| ltShowModalForm function| onYouTubePlayerAPIReady function| vidRescale object| lazySizesConfig object| lazySizes function| runOneTimeOnElement function| eachAndRunOneTimeOnElement function| gcIsHiddenTab boolean| gcIsActiveTab function| gcGetCookie function| gcSetCookie function| serializeObj boolean| phoneChecked function| checkFormPhone function| tt object| ytPlayerLoadHandlers string| vimeoReplaceApi string| vimeoSubstring number| xhrSuccessState function| printCdnPlayerDiv function| startCdnPlayer function| isJson function| getIframeSrcByVideoId function| getVideoIdFromSrc function| upgradeCdn function| feedbackCdn function| closeFeedback function| buildQuestion function| show function| remove function| runAlternateCdn function| getParameterByName object| dataLayer function| getTimeZoneData string| tz string| urlAdd string| statUrl function| gcFixIncident number| gcCounter function| SessionStore object| google_tag_manager object| google_tag_data string| GoogleAnalyticsObject function| ga function| ym function| fbq function| _fbq

6 Cookies

Domain/Path Name / Value
plazmacourse.ru/ Name: dd_bdfhyr
Value: 7a9206a3a591690157fb684f8f18722a
.plazmacourse.ru/ Name: PHPSESSID5
Value: 5099ecdd2a728594cdf25e3a36d8cacf
plazmacourse.ru/ Name: gc_counter_58612
Value: %7B%22id%22%3A2479240239%2C%22last_activity%22%3A%222022-01-20+00%3A06%3A24%22%2C%22user_id%22%3Anull%2C%22utm_id%22%3A33629416%2C%22partner_code_id%22%3A318473%2C%22ad_offer_id%22%3Anull%2C%22fuid%22%3Anull%2C%22fpid%22%3Anull%2C%22city_id%22%3Anull%7D
plazmacourse.ru/ Name: gc_visitor_58612
Value: %7B%22id%22%3A2739864425%7D
plazmacourse.ru/ Name: gc_visit_58612
Value: %7B%22id%22%3A4315876477%2C%22sid%22%3A2479240239%7D
.plazmacourse.ru/ Name: _gcl_au
Value: 1.1.64728389.1642626384

1 Console Messages

Source Level URL
Text
network error URL: https://mc.yandex.com/sync_cookie_image_decide?token=9523.va4yFZODvEdTEEzpvSUVODTOKDHAp-gJstuuiwcVqU1YYgRfUczoio6kEZSwsX1IwhlKH6IVi4iO0IPz8XkCGw%2C%2C.FpqIxX19aVjmI3jcE7j62D0mOgw%2C
Message:
Failed to load resource: the server responded with a status of 400 ()

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

bfs01.getcourse.ru
connect.facebook.net
fonts.googleapis.com
fonts.gstatic.com
fs-thb01.getcourse.ru
fs.getcourse.ru
hdnews.ru
mc.yandex.com
mc.yandex.ru
plazmacourse.ru
stats.g.doubleclick.net
track.trackurl.ru
www.facebook.com
www.google-analytics.com
www.google.com
www.google.de
www.googletagmanager.com
135.181.143.178
185.137.235.113
194.113.235.61
213.227.156.1
2a00:1450:4001:80e::200e
2a00:1450:4001:828::2003
2a00:1450:4001:829::2004
2a00:1450:4001:829::200a
2a00:1450:4001:82a::2008
2a00:1450:4001:830::2003
2a00:1450:400c:c04::9d
2a02:6b8::1:119
2a03:2880:f02d:12:face:b00c:0:3
2a03:2880:f11c:8083:face:b00c:0:25de
85.119.149.92
95.217.140.73
02451a52543ae3b6f34edf787da7df9b94d6aae5e96c2eb634fb0ba30236fcab
053508cc4ed1acf7db8ed96deca42ffebfa1669c5cecd62f4415b926d07b5aaa
0cbc55f744bd09a55dfec3f291a94ae0fbde1dd7e1bfcd308cf5770699fa1f53
0eaeadb58e6995ba85eccb6198aaef77eeb1d4b66699e4e1f3fc10eb6adfcdb9
10d8d42d73a02ddb877101e72fbfa15a0ec820224d97cedee4cf92d571be5caa
16c13044cedc5c7482ad7db51913c164ffabc787ec5b6b0246acfec84cd6d01b
192b0bceab0ccae1b20e4587838d5af627464ff0a29c62d7632f0aac937bb39c
1fe226af3dac8776e1c7f9de6b671a963734c2e89c2b409daf3ce56863344a19
2008a81a7c2847e25a7e31fb6cb64e78ee4824cf64885997100a7d3d4c586fc3
22642f202577f0ba2f22cbe56b6cf291a09374487567cd3563e0d2a29f75c0c5
33530b007071281a97e79baab13ddf7cc4b9de942ebd3e212224857335f7cb97
3e7a6905a6ed0c471cff953f0e372e84fa1d64950ce30971ff148eefdf4e4d9c
3fa49132cfd4ae80349a262b643fc4f9afa40c41a56032d7e05c3500f4ec9313
41e149bb168d7bff180a210f10c930bb2384fc70dee9d6bd78906b4f734ae73a
4bf52e1f92ce9ea93f33025943d00dbfe5e73ff1c8ddc1507aee8ac82d34dc0f
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87
66509ccdad4d3e88f571da5330ddc4f1b3426c226e955ed1acfad354884a1eec
6b50b286c8483ab5396bab3bcbdd9184daee5cc803f1323d97a07b10d4aebd62
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
8398a026313c016324f186d1c9b24a46813109d4bc5477d910a683079cbf1434
84e01419bd81f32ac6df0f75f49c604fda9172000a3ae432b3c47b2a6a712d80
858b074d3341e69dfee2ca648f95ce997a857ca26bf95344c295f1bd037f33ba
88915cdc03fc5b9a20aec966fe93ee38aa3fd76bfef296e41d305271b3541c96
9d42d7df665f19dcf95b49c4352bbd35f4c3c6d155c4f2593268ae9f842a93c0
9ea5753e69a1e875c64e19e059ccf1351d15d41b8bb2fb699cafafbbd1621e72
a1925038db769477ab74b4df34350c35688a795bb718727b0f4292a4a78a6210
ba1bb552b723497b190b5b2a6bd45ef7c0d5848fee6d1e75cb4e312a63eff443
bd1c4b621993d30748d912855514774b2251de10b41fe7a4ce1078500ca200c1
be1f1ce99bfa658610b96a8045b9cc88a9b150b4fc3e2ff832afb27821e439a7
c4047043368afb4baf1aed25d358a5c2a333842a3b436b58491ab36aeee65b9d
cd74580e6e2ac5a3d402dda83bda1e74b88277132f02c96a76ef9cd0ac0b42d7
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
f7ec5750c4e44f9be3225061ffc95f6079562c2aacb1b03b3f811c5a22435e4b
fb83389ea7513242a9a237454ce7989eb6d84c4ec2fe15c81bad6f89c87fe89e
fcbd587432f5e88fc926d1cde0d375084b7f3e711f9ff34571dec52f70fb27cf