credit.activitis.com Open in urlscan Pro
194.247.13.135 Public Scan

Go To Rescan
Add Verdict Report

URL:
https://credit.activitis.com/
Submission: On August 23 via automatic, source certstream-suspicious (August 23rd 2021, 4:15:55 pm UTC)

Summary HTTP 60 Redirects Links 4 Behaviour Indicators

Summary

This website contacted 10 IPs in 2 countries across 8 domains to perform 60 HTTP transactions. The main IP is 194.247.13.135, located in Ukraine and belongs to UKRAINE-AS, UA. The main domain is credit.activitis.com.
TLS certificate: Issued by R3 on August 23rd 2021. Valid for: 3 months.

This is the only time credit.activitis.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
15	194.247.13.135 194.247.13.135	200000 (UKRAINE-AS) (UKRAINE-AS)
1	2a00:1450:400... 2a00:1450:4001:82a::2008	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:82a::200a	15169 (GOOGLE) (GOOGLE)
2	2a03:2880:f01... 2a03:2880:f01c:8012:face:b00c:0:3	32934 (FACEBOOK) (FACEBOOK)
13	2a00:1450:400... 2a00:1450:4001:812::2004	15169 (GOOGLE) (GOOGLE)
6	2a00:1450:400... 2a00:1450:4001:809::2003	15169 (GOOGLE) (GOOGLE)
19	2a00:1450:400... 2a00:1450:4001:811::2003	15169 (GOOGLE) (GOOGLE)
2	2a03:2880:f11... 2a03:2880:f11c:8183:face:b00c:0:25de	32934 (FACEBOOK) (FACEBOOK)
1	2a00:1450:400... 2a00:1450:4001:813::200e	15169 (GOOGLE) (GOOGLE)
60	10

15 194.247.13.135 (Ukraine)

ASN200000 (UKRAINE-AS, UA)
PTR: d157.default-host.net

credit.activitis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:82a::2008 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.googletagmanager.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:82a::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a03:2880:f01c:8012:face:b00c:0:3 (Frankfurt am Main, Germany)

ASN32934 (FACEBOOK, US)

connect.facebook.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

13 2a00:1450:4001:812::2004 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 2a00:1450:4001:809::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

19 2a00:1450:4001:811::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a03:2880:f11c:8183:face:b00c:0:25de (Frankfurt am Main, Germany)

ASN32934 (FACEBOOK, US)

www.facebook.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:813::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google-analytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
25	gstatic.com fonts.gstatic.com www.gstatic.com	1 MB
15	activitis.com credit.activitis.com	4 MB
13	google.com www.google.com	87 KB
2	facebook.com www.facebook.com	342 B
2	facebook.net connect.facebook.net	98 KB
1	google-analytics.com www.google-analytics.com	24 B
1	googleapis.com fonts.googleapis.com	553 B
1	googletagmanager.com www.googletagmanager.com	50 KB
60	8

	Domain	Requested by
19	www.gstatic.com	www.google.com www.gstatic.com
15	credit.activitis.com	credit.activitis.com
13	www.google.com	credit.activitis.com www.gstatic.com www.google.com
6	fonts.gstatic.com	fonts.googleapis.com www.google.com
2	www.facebook.com	credit.activitis.com
2	connect.facebook.net	credit.activitis.com connect.facebook.net
1	www.google-analytics.com	www.googletagmanager.com
1	fonts.googleapis.com	credit.activitis.com
1	www.googletagmanager.com	credit.activitis.com
60	9

This site contains links to these domains. Also see Links.

Domain
activitis.com
t.me
www.facebook.com
g.page

Subject Issuer	Validity	Valid
credit.activitis.com R3	`2021-08-23` - `2021-11-21`	3 months	crt.sh
*.google-analytics.com GTS CA 1C3	`2021-07-26` - `2021-10-18`	3 months	crt.sh
upload.video.google.com GTS CA 1O1	`2021-07-26` - `2021-10-18`	3 months	crt.sh
*.facebook.com DigiCert SHA2 High Assurance Server CA	`2021-07-20` - `2021-10-18`	3 months	crt.sh
*.google.com GTS CA 1C3	`2021-07-26` - `2021-10-18`	3 months	crt.sh
*.gstatic.com GTS CA 1C3	`2021-07-26` - `2021-10-18`	3 months	crt.sh

This page contains 9 frames:

Primary Page: https://credit.activitis.com/
Frame ID: 3DE49E33516BCCA750A7EF8CC2B45165
Requests: 28 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/anchor?ar=1&k=6Ldp8WgaAAAAAI26xu5GxQZaCwn3Ow8iO8krRb7h&co=aHR0cHM6Ly9jcmVkaXQuYWN0aXZpdGlzLmNvbTo0NDM.&hl=uk&v=Eyd0Dt8h04h7r-D86uAD1JP-&size=normal&cb=7vhsavxvh8x7
Frame ID: C52461B5C05084A94EEFF39F5D084CF5
Requests: 9 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/anchor?ar=1&k=6Ldp8WgaAAAAAI26xu5GxQZaCwn3Ow8iO8krRb7h&co=aHR0cHM6Ly9jcmVkaXQuYWN0aXZpdGlzLmNvbTo0NDM.&hl=uk&v=Eyd0Dt8h04h7r-D86uAD1JP-&size=normal&cb=bf025qb1ym0u
Frame ID: EBE0753F61BEC288A5620FF67E0BE78C
Requests: 4 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/anchor?ar=1&k=6Ldp8WgaAAAAAI26xu5GxQZaCwn3Ow8iO8krRb7h&co=aHR0cHM6Ly9jcmVkaXQuYWN0aXZpdGlzLmNvbTo0NDM.&hl=uk&v=Eyd0Dt8h04h7r-D86uAD1JP-&size=normal&cb=7ic0k7czho07
Frame ID: FD7244BD7F4DBEAB48D01810B359DED3
Requests: 9 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/anchor?ar=1&k=6Ldp8WgaAAAAAI26xu5GxQZaCwn3Ow8iO8krRb7h&co=aHR0cHM6Ly9jcmVkaXQuYWN0aXZpdGlzLmNvbTo0NDM.&hl=uk&v=Eyd0Dt8h04h7r-D86uAD1JP-&size=normal&cb=d8lo1wgghbz2
Frame ID: B8BBA7BE9691C7186865F986A5984FA6
Requests: 4 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/bframe?hl=uk&v=Eyd0Dt8h04h7r-D86uAD1JP-&k=6Ldp8WgaAAAAAI26xu5GxQZaCwn3Ow8iO8krRb7h&cb=14lbcfjqq0tq
Frame ID: 533BB82B6D4B2F292A4AB3ED2D8CEA80
Requests: 3 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/bframe?hl=uk&v=Eyd0Dt8h04h7r-D86uAD1JP-&k=6Ldp8WgaAAAAAI26xu5GxQZaCwn3Ow8iO8krRb7h&cb=md9jah1stn75
Frame ID: 09EF0D1A139E202A985634FB335A1208
Requests: 3 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/bframe?hl=uk&v=Eyd0Dt8h04h7r-D86uAD1JP-&k=6Ldp8WgaAAAAAI26xu5GxQZaCwn3Ow8iO8krRb7h&cb=jqev2cb2fwmg
Frame ID: EF7D53AAE67A3D03EECE0052724B2EBB
Requests: 3 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/bframe?hl=uk&v=Eyd0Dt8h04h7r-D86uAD1JP-&k=6Ldp8WgaAAAAAI26xu5GxQZaCwn3Ow8iO8krRb7h&cb=rsaygeod5aav
Frame ID: A7F2026584177A3C8589125A541B42D7
Requests: 3 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

Activitis

Detected technologies

Nginx (Web Servers) Expand

Overall confidence: 100%
Detected patterns

headers server /nginx(?:\/([\d.]+))?/i

Page Statistics

60
Requests

100 %
HTTPS

89 %
IPv6

8
Domains

9
Subdomains

10
IPs

2
Countries

6189 kB
Transfer

9617 kB
Size

1
Cookies

4 Outgoing links

These are links going to different origins than the main page.

URL: https://activitis.com/
Title:

Search URL Search Domain Scan URL

URL: https://t.me/ActivitisGroup
Title:

Search URL Search Domain Scan URL

URL: https://www.facebook.com/Activitis.Group
Title:

Search URL Search Domain Scan URL

URL: https://g.page/IQBusinessCenter?share
Title: 01014, м. Київ , вул. Болсуновська, будинок 13-15

Search URL Search Domain Scan URL

Redirected requests

There were HTTP redirect chains for the following requests:

60 HTTP transactions
6 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H2 200 Primary Request / Show response
credit.activitis.com/ 196 KB
64 KB 387ms
204ms Document
text/html 194.247.13.135
UKRAINE-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://credit.activitis.com/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 194.247.13.135 , Ukraine, ASN200000 (UKRAINE-AS, UA),
Reverse DNS: d157.default-host.net
Software: nginx /
Resource Hash: bcffedfdc3defc81f06f17a7970854c9e00b6606158953b57225cd0671dd4c01

Request headers

:method: GET
:authority: credit.activitis.com
:scheme: https
:path: /
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: none
sec-fetch-mode: navigate
sec-fetch-user: ?1
sec-fetch-dest: document
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

server: nginx
date: Mon, 23 Aug 2021 16:15:33 GMT
content-type: text/html; charset=UTF-8
set-cookie: _csrf-landing=1e80d6200dcd8d43b24b210e52116b91a5a61e04dbb60a518b09c0335ef11085a%3A2%3A%7Bi%3A0%3Bs%3A13%3A%22_csrf-landing%22%3Bi%3A1%3Bs%3A32%3A%22-DLlt9AgFV48oYW7mTGDGWz3AW-ETReQ%22%3B%7D; path=/; HttpOnly
x-ray: wn377:0.080/wa377:D=87250
content-encoding: gzip

GET
H2 200 Montserrat-Regular.woff2
credit.activitis.com/fonts/ 87 KB
87 KB 73ms
71ms Font
font/woff2 194.247.13.135
UKRAINE-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://credit.activitis.com/fonts/Montserrat-Regular.woff2
Requested by: Host: credit.activitis.com
URL: https://credit.activitis.com/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 194.247.13.135 , Ukraine, ASN200000 (UKRAINE-AS, UA),
Reverse DNS: d157.default-host.net
Software: nginx /
Resource Hash: e617708035d1a5f61ca23a9efcaa30f7b65649b560a3dd7477282230a8840879

Request headers

sec-fetch-mode: cors
origin: https://credit.activitis.com
accept-encoding: gzip, deflate, br
accept-language: en-US
sec-fetch-dest: font
cookie: _csrf-landing=1e80d6200dcd8d43b24b210e52116b91a5a61e04dbb60a518b09c0335ef11085a%3A2%3A%7Bi%3A0%3Bs%3A13%3A%22_csrf-landing%22%3Bi%3A1%3Bs%3A32%3A%22-DLlt9AgFV48oYW7mTGDGWz3AW-ETReQ%22%3B%7D
:path: /fonts/Montserrat-Regular.woff2
pragma: no-cache
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
accept: */*
cache-control: no-cache
:authority: credit.activitis.com
referer: https://credit.activitis.com/
:scheme: https
sec-fetch-site: same-origin
:method: GET
Origin: https://credit.activitis.com
Referer: https://credit.activitis.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

x-ray: wn377:0.000/
last-modified: Fri, 26 Feb 2021 15:46:33 GMT
server: nginx
etag: "603917d9-15ae4"
content-type: font/woff2
date: Mon, 23 Aug 2021 16:15:34 GMT
accept-ranges: bytes
content-length: 88804

GET
H2 200 Montserrat-Bold.woff2
credit.activitis.com/fonts/ 87 KB
87 KB 139ms
137ms Font
font/woff2 194.247.13.135
UKRAINE-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://credit.activitis.com/fonts/Montserrat-Bold.woff2
Requested by: Host: credit.activitis.com
URL: https://credit.activitis.com/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 194.247.13.135 , Ukraine, ASN200000 (UKRAINE-AS, UA),
Reverse DNS: d157.default-host.net
Software: nginx /
Resource Hash: 5e2ac34e292b6f15c645dc4e756f01a452cf63dc0817301ad34b1c9bc6a0afa3

Request headers

sec-fetch-mode: cors
origin: https://credit.activitis.com
accept-encoding: gzip, deflate, br
accept-language: en-US
sec-fetch-dest: font
cookie: _csrf-landing=1e80d6200dcd8d43b24b210e52116b91a5a61e04dbb60a518b09c0335ef11085a%3A2%3A%7Bi%3A0%3Bs%3A13%3A%22_csrf-landing%22%3Bi%3A1%3Bs%3A32%3A%22-DLlt9AgFV48oYW7mTGDGWz3AW-ETReQ%22%3B%7D
:path: /fonts/Montserrat-Bold.woff2
pragma: no-cache
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
accept: */*
cache-control: no-cache
:authority: credit.activitis.com
referer: https://credit.activitis.com/
:scheme: https
sec-fetch-site: same-origin
:method: GET
Origin: https://credit.activitis.com
Referer: https://credit.activitis.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

x-ray: wn377:0.000/
last-modified: Fri, 26 Feb 2021 15:46:33 GMT
server: nginx
etag: "603917d9-15a84"
content-type: font/woff2
date: Mon, 23 Aug 2021 16:15:34 GMT
accept-ranges: bytes
content-length: 88708

GET
H2 200 js Show response
www.googletagmanager.com/gtag/ 128 KB
50 KB 40ms
38ms Script
application/javascript 2a00:1450:4001:82a::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=G-6D4N4K05YH

Requested by

Host: credit.activitis.com
URL: https://credit.activitis.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82a::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

c3f6292fae5c8de92a2c9d6e79d0f9dd788eb2d73188c47c8fbe9f2df67f416e

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

Referer: https://credit.activitis.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Mon, 23 Aug 2021 16:15:34 GMT
content-encoding: br
server: Google Tag Manager
access-control-allow-headers: Cache-Control
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
strict-transport-security: max-age=31536000; includeSubDomains
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 51550
x-xss-protection: 0
expires: Mon, 23 Aug 2021 16:15:34 GMT

GET
H2 200 css
fonts.googleapis.com/ 1 KB
553 B 17ms
15ms Stylesheet
text/css 2a00:1450:4001:82a::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Prata&display=swap&subset=cyrillic

Requested by

Host: credit.activitis.com
URL: https://credit.activitis.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82a::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

96bcdaf1067fb3dca3bae4e71587ee8b1c7f47bdca89915cdd50c6a360a71dfe

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Referer: https://credit.activitis.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 0
last-modified: Mon, 23 Aug 2021 16:15:34 GMT
server: ESF
date: Mon, 23 Aug 2021 16:15:34 GMT
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Mon, 23 Aug 2021 16:15:34 GMT

GET
H2 200 main.css
credit.activitis.com/css/ 56 KB
9 KB 120ms
118ms Stylesheet
text/css 194.247.13.135
UKRAINE-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://credit.activitis.com/css/main.css
Requested by: Host: credit.activitis.com
URL: https://credit.activitis.com/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 194.247.13.135 , Ukraine, ASN200000 (UKRAINE-AS, UA),
Reverse DNS: d157.default-host.net
Software: nginx /
Resource Hash: 4801258be31870cb6a232a59f1a003a6729098fec0cbe8365c81e8b858c5deb0

Request headers

:path: /css/main.css
pragma: no-cache
cookie: _csrf-landing=1e80d6200dcd8d43b24b210e52116b91a5a61e04dbb60a518b09c0335ef11085a%3A2%3A%7Bi%3A0%3Bs%3A13%3A%22_csrf-landing%22%3Bi%3A1%3Bs%3A32%3A%22-DLlt9AgFV48oYW7mTGDGWz3AW-ETReQ%22%3B%7D
accept-encoding: gzip, deflate, br
accept-language: en-US
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
sec-fetch-mode: no-cors
accept: text/css,*/*;q=0.1
cache-control: no-cache
sec-fetch-dest: style
:authority: credit.activitis.com
referer: https://credit.activitis.com/
:scheme: https
sec-fetch-site: same-origin
:method: GET
Referer: https://credit.activitis.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

x-ray: wn377:0.000/
content-encoding: gzip
etag: W/"603fac11-e19c"
last-modified: Wed, 03 Mar 2021 15:32:33 GMT
server: nginx
date: Mon, 23 Aug 2021 16:15:34 GMT
content-type: text/css

GET
DATA 200
OK truncated
/ 54 B
0 Image
image/webp

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 10d7df3af837244603c9fb9b8052934d2dd02eec3e9c1962db8a0fdbd972749e

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

Content-Type: image/webp

GET
DATA 200
OK truncated
/ 375 B
0 Image
image/avif

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 0033ef0a631e7055700c66b2ee4d41cce7e43f3aba72f98ef424c5facb58d0c9

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

Content-Type: image/avif

GET
H2 200 fbevents.js Show response
connect.facebook.net/en_US/ 98 KB
26 KB 10ms
9ms Script
application/x-javascript 2a03:2880:f01c:8012:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/en_US/fbevents.js

Requested by

Host: credit.activitis.com
URL: https://credit.activitis.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f01c:8012:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

525f091870c1282bb4823f9e64192983f1652a3bbc84c97ca5e6c4f063ca6e82

Security Headers

Name	Value
Content-Security-Policy	default-src facebook.net .facebook.net fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com data: blob: 'self';script-src .fbcdn.net .facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net .facebook.net fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com;connect-src .fbcdn.net .facebook.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c;
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

Referer: https://credit.activitis.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

content-security-policy: default-src facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com data: blob: 'self';script-src *.fbcdn.net *.facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c;
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=3600,h3-27=":443"; ma=3600
content-length: 25940
x-xss-protection: 0
pragma: public
x-fb-debug: 6n57lNhNJggUanIp1WeXyZ3RJk95pQbzcp9pjZK34t/wQSS/w+iSznq1Z4ESwKfYfdEF8Xl5HizHz4/aagOM9g==
x-fb-trip-id: 686109401
x-frame-options: DENY
date: Mon, 23 Aug 2021 16:15:34 GMT
strict-transport-security: max-age=31536000; preload; includeSubDomains
content-type: application/x-javascript; charset=utf-8
vary: Accept-Encoding
cache-control: public, max-age=1200
x-fb-rlafr: 0
expires: Sat, 01 Jan 2000 00:00:00 GMT

GET
H2 200 logo.svg
credit.activitis.com/img/ 7 KB
3 KB 105ms
101ms Image
image/svg+xml 194.247.13.135
UKRAINE-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://credit.activitis.com/img/logo.svg
Requested by: Host: credit.activitis.com
URL: https://credit.activitis.com/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 194.247.13.135 , Ukraine, ASN200000 (UKRAINE-AS, UA),
Reverse DNS: d157.default-host.net
Software: nginx /
Resource Hash: b1317aa293542844d93a04b593ae9c1dc031a649003d76856fff79b879df5d7a

Request headers

:path: /img/logo.svg
pragma: no-cache
cookie: _csrf-landing=1e80d6200dcd8d43b24b210e52116b91a5a61e04dbb60a518b09c0335ef11085a%3A2%3A%7Bi%3A0%3Bs%3A13%3A%22_csrf-landing%22%3Bi%3A1%3Bs%3A32%3A%22-DLlt9AgFV48oYW7mTGDGWz3AW-ETReQ%22%3B%7D
accept-encoding: gzip, deflate, br
accept-language: en-US
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
sec-fetch-mode: no-cors
accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control: no-cache
sec-fetch-dest: image
:authority: credit.activitis.com
referer: https://credit.activitis.com/
:scheme: https
sec-fetch-site: same-origin
:method: GET
Referer: https://credit.activitis.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

x-ray: wn377:0.000/
content-encoding: gzip
etag: W/"603917d9-1b0c"
last-modified: Fri, 26 Feb 2021 15:46:33 GMT
server: nginx
date: Mon, 23 Aug 2021 16:15:34 GMT
content-type: image/svg+xml

GET
H2 200 main.min.js Show response
credit.activitis.com/js/ 11 KB
4 KB 103ms
100ms Script
application/javascript 194.247.13.135
UKRAINE-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://credit.activitis.com/js/main.min.js
Requested by: Host: credit.activitis.com
URL: https://credit.activitis.com/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 194.247.13.135 , Ukraine, ASN200000 (UKRAINE-AS, UA),
Reverse DNS: d157.default-host.net
Software: nginx /
Resource Hash: d442dadbb3184306cfc4335d0d7dc01fbe72a7be6424bc2efc03b9133afe95f8

Request headers

:path: /js/main.min.js
pragma: no-cache
cookie: _csrf-landing=1e80d6200dcd8d43b24b210e52116b91a5a61e04dbb60a518b09c0335ef11085a%3A2%3A%7Bi%3A0%3Bs%3A13%3A%22_csrf-landing%22%3Bi%3A1%3Bs%3A32%3A%22-DLlt9AgFV48oYW7mTGDGWz3AW-ETReQ%22%3B%7D
accept-encoding: gzip, deflate, br
accept-language: en-US
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
sec-fetch-mode: no-cors
accept: */*
cache-control: no-cache
sec-fetch-dest: script
:authority: credit.activitis.com
referer: https://credit.activitis.com/
:scheme: https
sec-fetch-site: same-origin
:method: GET
Referer: https://credit.activitis.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

x-ray: wn377:0.000/
content-encoding: gzip
etag: W/"603917d9-2c66"
last-modified: Fri, 26 Feb 2021 15:46:33 GMT
server: nginx
date: Mon, 23 Aug 2021 16:15:34 GMT
content-type: application/javascript

GET
H2 200 vendor.min.js Show response
credit.activitis.com/js/ 252 KB
77 KB 103ms
100ms Script
application/javascript 194.247.13.135
UKRAINE-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://credit.activitis.com/js/vendor.min.js
Requested by: Host: credit.activitis.com
URL: https://credit.activitis.com/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 194.247.13.135 , Ukraine, ASN200000 (UKRAINE-AS, UA),
Reverse DNS: d157.default-host.net
Software: nginx /
Resource Hash: 5946857d39b203968e12e77824832b9b8a26be8e5037a809783bcaff4c267efd

Request headers

:path: /js/vendor.min.js
pragma: no-cache
cookie: _csrf-landing=1e80d6200dcd8d43b24b210e52116b91a5a61e04dbb60a518b09c0335ef11085a%3A2%3A%7Bi%3A0%3Bs%3A13%3A%22_csrf-landing%22%3Bi%3A1%3Bs%3A32%3A%22-DLlt9AgFV48oYW7mTGDGWz3AW-ETReQ%22%3B%7D
accept-encoding: gzip, deflate, br
accept-language: en-US
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
sec-fetch-mode: no-cors
accept: */*
cache-control: no-cache
sec-fetch-dest: script
:authority: credit.activitis.com
referer: https://credit.activitis.com/
:scheme: https
sec-fetch-site: same-origin
:method: GET
Referer: https://credit.activitis.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

x-ray: wn377:0.000/
content-encoding: gzip
etag: W/"603917d9-3eed9"
last-modified: Fri, 26 Feb 2021 15:46:33 GMT
server: nginx
date: Mon, 23 Aug 2021 16:15:34 GMT
content-type: application/javascript

GET
H3-29 200 api.js Show response
www.google.com/recaptcha/ 918 B
608 B 18ms
16ms Script
text/javascript 2a00:1450:4001:812::2004
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/recaptcha/api.js?hl=uk&render=explicit&onload=recaptchaOnloadCallback

Requested by

Host: credit.activitis.com
URL: https://credit.activitis.com/

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:812::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

GSE /

Resource Hash

e249aa20adae8c5b18a6aac41898fda312204f4ab452cef69d2fe1081e3c7641

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'self'
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Referer: https://credit.activitis.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Mon, 23 Aug 2021 16:15:34 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: GSE
x-frame-options: SAMEORIGIN
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=300
cross-origin-resource-policy: cross-origin
content-security-policy: frame-ancestors 'self'
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 583
x-xss-protection: 1; mode=block
expires: Mon, 23 Aug 2021 16:15:34 GMT

GET
H2 200 jquery.js Show response
credit.activitis.com/assets/3eba1c88/ 281 KB
84 KB 102ms
100ms Script
application/javascript 194.247.13.135
UKRAINE-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://credit.activitis.com/assets/3eba1c88/jquery.js
Requested by: Host: credit.activitis.com
URL: https://credit.activitis.com/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 194.247.13.135 , Ukraine, ASN200000 (UKRAINE-AS, UA),
Reverse DNS: d157.default-host.net
Software: nginx /
Resource Hash: 416a3b2c3bf16d64f6b5b6d0f7b079df2267614dd6847fc2f3271b4409233c37

Request headers

:path: /assets/3eba1c88/jquery.js
pragma: no-cache
cookie: _csrf-landing=1e80d6200dcd8d43b24b210e52116b91a5a61e04dbb60a518b09c0335ef11085a%3A2%3A%7Bi%3A0%3Bs%3A13%3A%22_csrf-landing%22%3Bi%3A1%3Bs%3A32%3A%22-DLlt9AgFV48oYW7mTGDGWz3AW-ETReQ%22%3B%7D
accept-encoding: gzip, deflate, br
accept-language: en-US
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
sec-fetch-mode: no-cors
accept: */*
cache-control: no-cache
sec-fetch-dest: script
:authority: credit.activitis.com
referer: https://credit.activitis.com/
:scheme: https
sec-fetch-site: same-origin
:method: GET
Referer: https://credit.activitis.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

x-ray: wn377:0.000/
content-encoding: gzip
etag: W/"5eb09c46-4638e"
last-modified: Mon, 04 May 2020 22:50:46 GMT
server: nginx
date: Mon, 23 Aug 2021 16:15:34 GMT
content-type: application/javascript

GET
H2 200 yii.js Show response
credit.activitis.com/assets/f70d95f4/ 20 KB
6 KB 102ms
100ms Script
application/javascript 194.247.13.135
UKRAINE-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://credit.activitis.com/assets/f70d95f4/yii.js
Requested by: Host: credit.activitis.com
URL: https://credit.activitis.com/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 194.247.13.135 , Ukraine, ASN200000 (UKRAINE-AS, UA),
Reverse DNS: d157.default-host.net
Software: nginx /
Resource Hash: 67bed69f23af460ec3341aefcdf793955c250fbf879589de4b93d17b8ec4ae54

Request headers

:path: /assets/f70d95f4/yii.js
pragma: no-cache
cookie: _csrf-landing=1e80d6200dcd8d43b24b210e52116b91a5a61e04dbb60a518b09c0335ef11085a%3A2%3A%7Bi%3A0%3Bs%3A13%3A%22_csrf-landing%22%3Bi%3A1%3Bs%3A32%3A%22-DLlt9AgFV48oYW7mTGDGWz3AW-ETReQ%22%3B%7D
accept-encoding: gzip, deflate, br
accept-language: en-US
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
sec-fetch-mode: no-cors
accept: */*
cache-control: no-cache
sec-fetch-dest: script
:authority: credit.activitis.com
referer: https://credit.activitis.com/
:scheme: https
sec-fetch-site: same-origin
:method: GET
Referer: https://credit.activitis.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

x-ray: wn377:0.000/
content-encoding: gzip
etag: W/"5fe365eb-51c6"
last-modified: Wed, 23 Dec 2020 15:44:43 GMT
server: nginx
date: Mon, 23 Aug 2021 16:15:34 GMT
content-type: application/javascript

GET
H2 200 yii.validation.js Show response
credit.activitis.com/assets/f70d95f4/ 16 KB
3 KB 102ms
101ms Script
application/javascript 194.247.13.135
UKRAINE-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://credit.activitis.com/assets/f70d95f4/yii.validation.js
Requested by: Host: credit.activitis.com
URL: https://credit.activitis.com/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 194.247.13.135 , Ukraine, ASN200000 (UKRAINE-AS, UA),
Reverse DNS: d157.default-host.net
Software: nginx /
Resource Hash: 9dfc50020dc8d966ecad3b9d80b71c8bdbc55860d3ea77bb89633c8525924a5d

Request headers

:path: /assets/f70d95f4/yii.validation.js
pragma: no-cache
cookie: _csrf-landing=1e80d6200dcd8d43b24b210e52116b91a5a61e04dbb60a518b09c0335ef11085a%3A2%3A%7Bi%3A0%3Bs%3A13%3A%22_csrf-landing%22%3Bi%3A1%3Bs%3A32%3A%22-DLlt9AgFV48oYW7mTGDGWz3AW-ETReQ%22%3B%7D
accept-encoding: gzip, deflate, br
accept-language: en-US
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
sec-fetch-mode: no-cors
accept: */*
cache-control: no-cache
sec-fetch-dest: script
:authority: credit.activitis.com
referer: https://credit.activitis.com/
:scheme: https
sec-fetch-site: same-origin
:method: GET
Referer: https://credit.activitis.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

x-ray: wn377:0.000/
content-encoding: gzip
etag: W/"5fe365eb-4015"
last-modified: Wed, 23 Dec 2020 15:44:43 GMT
server: nginx
date: Mon, 23 Aug 2021 16:15:34 GMT
content-type: application/javascript

GET
H2 200 yii.activeForm.js Show response
credit.activitis.com/assets/f70d95f4/ 36 KB
7 KB 102ms
101ms Script
application/javascript 194.247.13.135
UKRAINE-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://credit.activitis.com/assets/f70d95f4/yii.activeForm.js
Requested by: Host: credit.activitis.com
URL: https://credit.activitis.com/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 194.247.13.135 , Ukraine, ASN200000 (UKRAINE-AS, UA),
Reverse DNS: d157.default-host.net
Software: nginx /
Resource Hash: d738dda3c85c719416ccc701c1683675980e8e0949c6324c49f648f31c4aa29e

Request headers

:path: /assets/f70d95f4/yii.activeForm.js
pragma: no-cache
cookie: _csrf-landing=1e80d6200dcd8d43b24b210e52116b91a5a61e04dbb60a518b09c0335ef11085a%3A2%3A%7Bi%3A0%3Bs%3A13%3A%22_csrf-landing%22%3Bi%3A1%3Bs%3A32%3A%22-DLlt9AgFV48oYW7mTGDGWz3AW-ETReQ%22%3B%7D
accept-encoding: gzip, deflate, br
accept-language: en-US
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
sec-fetch-mode: no-cors
accept: */*
cache-control: no-cache
sec-fetch-dest: script
:authority: credit.activitis.com
referer: https://credit.activitis.com/
:scheme: https
sec-fetch-site: same-origin
:method: GET
Referer: https://credit.activitis.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

x-ray: wn377:0.000/
content-encoding: gzip
etag: W/"5fe365eb-8f03"
last-modified: Wed, 23 Dec 2020 15:44:43 GMT
server: nginx
date: Mon, 23 Aug 2021 16:15:34 GMT
content-type: application/javascript

GET
H3-29 200 356047375571916 Show response
connect.facebook.net/signals/config/ 253 KB
72 KB 67ms
66ms Script
application/x-javascript 2a03:2880:f01c:8012:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/signals/config/356047375571916?v=2.9.44&r=stable

Requested by

Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/fbevents.js

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a03:2880:f01c:8012:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

ae83c04d687b3e0046ba63eded811e09cef2ea493c59aca9ed26ea77bf19469f

Security Headers

Name	Value
Content-Security-Policy	default-src facebook.net .facebook.net fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com data: blob: 'self';script-src .fbcdn.net .facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net .facebook.net fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com;connect-src .fbcdn.net .facebook.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c;
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

Referer: https://credit.activitis.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

content-security-policy: default-src facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com data: blob: 'self';script-src *.fbcdn.net *.facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c;
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=3600,h3-27=":443"; ma=3600
x-xss-protection: 0
pragma: public
x-fb-debug: UpEOyjI7aaf47CQgYnRlE+gAjcbYA51b0wWPRQULrzpMWM2c4wC/11f8dMlBgdR9msTAXcYx77qMcg7UraJBRg==
cross-origin-embedder-policy-report-only: require-corp;report-to="coep_report"
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: DENY
date: Mon, 23 Aug 2021 16:15:34 GMT
strict-transport-security: max-age=31536000; preload; includeSubDomains
report-to: {"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/"}],"group":"coep_report"}
content-type: application/x-javascript; charset=utf-8
vary: Accept-Encoding
cache-control: public, max-age=1200
x-fb-rlafr: 0
priority: u=3,i
expires: Sat, 01 Jan 2000 00:00:00 GMT

GET
H2 200 credit-hero_bg.png
credit.activitis.com/img/lorem/ 2 MB
2 MB 113ms
112ms Image
image/png 194.247.13.135
UKRAINE-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://credit.activitis.com/img/lorem/credit-hero_bg.png
Requested by: Host: credit.activitis.com
URL: https://credit.activitis.com/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 194.247.13.135 , Ukraine, ASN200000 (UKRAINE-AS, UA),
Reverse DNS: d157.default-host.net
Software: nginx /
Resource Hash: 258592f9d547734eac8c062ca06c0fe5319b12e0b09d0277f06420a87f2f7d78

Request headers

:path: /img/lorem/credit-hero_bg.png
pragma: no-cache
cookie: _csrf-landing=1e80d6200dcd8d43b24b210e52116b91a5a61e04dbb60a518b09c0335ef11085a%3A2%3A%7Bi%3A0%3Bs%3A13%3A%22_csrf-landing%22%3Bi%3A1%3Bs%3A32%3A%22-DLlt9AgFV48oYW7mTGDGWz3AW-ETReQ%22%3B%7D
accept-encoding: gzip, deflate, br
accept-language: en-US
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
sec-fetch-mode: no-cors
accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control: no-cache
sec-fetch-dest: image
:authority: credit.activitis.com
referer: https://credit.activitis.com/
:scheme: https
sec-fetch-site: same-origin
:method: GET
Referer: https://credit.activitis.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

x-ray: wn377:0.000/
last-modified: Fri, 26 Feb 2021 15:46:33 GMT
server: nginx
etag: "603917d9-1aef2b"
content-type: image/png
date: Mon, 23 Aug 2021 16:15:34 GMT
accept-ranges: bytes
content-length: 1765163

GET
H2 200 6xKhdSpbNNCT-sWPCm4.woff2
fonts.gstatic.com/s/prata/v13/ 18 KB
18 KB 23ms
3ms Font
font/woff2 2a00:1450:4001:809::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/prata/v13/6xKhdSpbNNCT-sWPCm4.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Prata&display=swap&subset=cyrillic

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:809::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

f73a04d3ce820c80eda57b1de0265f0c5c14aecbbe7d67475c987f080e90d555

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Origin: https://credit.activitis.com
Referer: https://fonts.googleapis.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Mon, 16 Aug 2021 21:53:50 GMT
x-content-type-options: nosniff
age: 584504
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 18476
x-xss-protection: 0
last-modified: Tue, 01 Sep 2020 05:23:23 GMT
server: sffe
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Tue, 16 Aug 2022 21:53:50 GMT

GET
H2 200 6xKhdSpbNNCT-sWLCm7JLQ.woff2
fonts.gstatic.com/s/prata/v13/ 13 KB
13 KB 25ms
7ms Font
font/woff2 2a00:1450:4001:809::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/prata/v13/6xKhdSpbNNCT-sWLCm7JLQ.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Prata&display=swap&subset=cyrillic

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:809::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

d7818e98030f646fa14b86439e103da7fa63b0a0eeb0c9164aa0e75ac61bb5f1

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Origin: https://credit.activitis.com
Referer: https://fonts.googleapis.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Tue, 17 Aug 2021 11:35:44 GMT
x-content-type-options: nosniff
age: 535190
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 12820
x-xss-protection: 0
last-modified: Tue, 01 Sep 2020 05:08:35 GMT
server: sffe
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Wed, 17 Aug 2022 11:35:44 GMT

GET
H2 200 recaptcha__uk.js Show response
www.gstatic.com/recaptcha/releases/Eyd0Dt8h04h7r-D86uAD1JP-/ 374 KB
136 KB 9ms
8ms Script
text/javascript 2a00:1450:4001:811::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/recaptcha/releases/Eyd0Dt8h04h7r-D86uAD1JP-/recaptcha__uk.js

Requested by

Host: www.google.com
URL: https://www.google.com/recaptcha/api.js?hl=uk&render=explicit&onload=recaptchaOnloadCallback

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:811::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

17de9841d2a478d390086b35428f6d981b9189f8c27053433654dffa2db80048

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Origin: https://credit.activitis.com
Referer: https://credit.activitis.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Mon, 16 Aug 2021 18:03:35 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 598319
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/recaptcha
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 139262
x-xss-protection: 0
last-modified: Mon, 16 Aug 2021 04:14:16 GMT
server: sffe
vary: Accept-Encoding
content-type: text/javascript
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Tue, 16 Aug 2022 18:03:35 GMT

GET
H2 200 /
www.facebook.com/tr/ 44 B
251 B 6ms
6ms Image
image/gif 2a03:2880:f11c:8183:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.facebook.com/tr/?id=356047375571916&ev=PageView&dl=https%3A%2F%2Fcredit.activitis.com%2F&rl=&if=false&ts=1629735334742&sw=1600&sh=1200&v=2.9.44&r=stable&ec=0&o=30&fbp=fb.1.1629735334740.845661322&it=1629735334134&coo=false&rqm=GET

Requested by

Host: credit.activitis.com
URL: https://credit.activitis.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f11c:8183:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

proxygen-bolt /

Resource Hash

10d8d42d73a02ddb877101e72fbfa15a0ec820224d97cedee4cf92d571be5caa

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Referer: https://credit.activitis.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Mon, 23 Aug 2021 16:15:34 GMT
last-modified: Fri, 21 Dec 2012 00:00:01 GMT
server: proxygen-bolt
strict-transport-security: max-age=31536000; includeSubDomains
content-type: image/gif
cache-control: no-cache, must-revalidate, max-age=0
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=3600,h3-27=":443"; ma=3600
content-length: 44
expires: Mon, 23 Aug 2021 16:15:34 GMT

GET
H2 200 calculator_bg.png
credit.activitis.com/img/lorem/ 50 KB
50 KB 116ms
113ms Image
image/png 194.247.13.135
UKRAINE-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://credit.activitis.com/img/lorem/calculator_bg.png
Requested by: Host: credit.activitis.com
URL: https://credit.activitis.com/css/main.css
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 194.247.13.135 , Ukraine, ASN200000 (UKRAINE-AS, UA),
Reverse DNS: d157.default-host.net
Software: nginx /
Resource Hash: 1ed1dd047e2e8667af5f79d90fb2a1e4989c6b7b18bef49a44258564c0e6013c

Request headers

:path: /img/lorem/calculator_bg.png
pragma: no-cache
cookie: _csrf-landing=1e80d6200dcd8d43b24b210e52116b91a5a61e04dbb60a518b09c0335ef11085a%3A2%3A%7Bi%3A0%3Bs%3A13%3A%22_csrf-landing%22%3Bi%3A1%3Bs%3A32%3A%22-DLlt9AgFV48oYW7mTGDGWz3AW-ETReQ%22%3B%7D; _fbp=fb.1.1629735334740.845661322
accept-encoding: gzip, deflate, br
accept-language: en-US
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
sec-fetch-mode: no-cors
accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control: no-cache
sec-fetch-dest: image
:authority: credit.activitis.com
referer: https://credit.activitis.com/css/main.css
:scheme: https
sec-fetch-site: same-origin
:method: GET
Referer: https://credit.activitis.com/css/main.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

x-ray: wn377:0.000/
last-modified: Fri, 26 Feb 2021 15:46:33 GMT
server: nginx
etag: "603917d9-c619"
content-type: image/png
date: Mon, 23 Aug 2021 16:15:34 GMT
accept-ranges: bytes
content-length: 50713

GET
H2 200 creditline-hero_bg.png
credit.activitis.com/img/lorem/ 2 MB
2 MB 118ms
112ms Image
image/png 194.247.13.135
UKRAINE-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://credit.activitis.com/img/lorem/creditline-hero_bg.png
Requested by: Host: credit.activitis.com
URL: https://credit.activitis.com/css/main.css
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 194.247.13.135 , Ukraine, ASN200000 (UKRAINE-AS, UA),
Reverse DNS: d157.default-host.net
Software: nginx /
Resource Hash: f2ad2d8065c46c99ba8dd8a73141441060ce4e9762d380964bca25da164d9dd2

Request headers

:path: /img/lorem/creditline-hero_bg.png
pragma: no-cache
cookie: _csrf-landing=1e80d6200dcd8d43b24b210e52116b91a5a61e04dbb60a518b09c0335ef11085a%3A2%3A%7Bi%3A0%3Bs%3A13%3A%22_csrf-landing%22%3Bi%3A1%3Bs%3A32%3A%22-DLlt9AgFV48oYW7mTGDGWz3AW-ETReQ%22%3B%7D; _fbp=fb.1.1629735334740.845661322
accept-encoding: gzip, deflate, br
accept-language: en-US
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
sec-fetch-mode: no-cors
accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control: no-cache
sec-fetch-dest: image
:authority: credit.activitis.com
referer: https://credit.activitis.com/css/main.css
:scheme: https
sec-fetch-site: same-origin
:method: GET
Referer: https://credit.activitis.com/css/main.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

x-ray: wn377:0.000/
last-modified: Fri, 26 Feb 2021 15:46:33 GMT
server: nginx
etag: "603917d9-21d554"
content-type: image/png
date: Mon, 23 Aug 2021 16:15:34 GMT
accept-ranges: bytes
content-length: 2217300

GET
H2 200 calculator_bg2.png
credit.activitis.com/img/lorem/ 68 KB
68 KB 237ms
236ms Image
image/png 194.247.13.135
UKRAINE-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://credit.activitis.com/img/lorem/calculator_bg2.png
Requested by: Host: credit.activitis.com
URL: https://credit.activitis.com/css/main.css
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 194.247.13.135 , Ukraine, ASN200000 (UKRAINE-AS, UA),
Reverse DNS: d157.default-host.net
Software: nginx /
Resource Hash: cb691aac50253fb6f0e1a2da830d411c2935e8fcc2379b3387af625a52834c57

Request headers

:path: /img/lorem/calculator_bg2.png
pragma: no-cache
cookie: _csrf-landing=1e80d6200dcd8d43b24b210e52116b91a5a61e04dbb60a518b09c0335ef11085a%3A2%3A%7Bi%3A0%3Bs%3A13%3A%22_csrf-landing%22%3Bi%3A1%3Bs%3A32%3A%22-DLlt9AgFV48oYW7mTGDGWz3AW-ETReQ%22%3B%7D; _fbp=fb.1.1629735334740.845661322
accept-encoding: gzip, deflate, br
accept-language: en-US
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
sec-fetch-mode: no-cors
accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control: no-cache
sec-fetch-dest: image
:authority: credit.activitis.com
referer: https://credit.activitis.com/css/main.css
:scheme: https
sec-fetch-site: same-origin
:method: GET
Referer: https://credit.activitis.com/css/main.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

x-ray: wn377:0.000/
last-modified: Fri, 26 Feb 2021 15:46:33 GMT
server: nginx
etag: "603917d9-10eae"
content-type: image/png
date: Mon, 23 Aug 2021 16:15:34 GMT
accept-ranges: bytes
content-length: 69294

POST
H3-29 204 collect
www.google-analytics.com/g/ 0
24 B 15ms
14ms Ping
text/plain 2a00:1450:4001:813::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://www.google-analytics.com/g/collect?v=2&tid=G-6D4N4K05YH&gtm=2oe8i0&_p=393624429&sr=1600x1200&ul=en-us&cid=328633357.1629735335&_s=1&dl=https%3A%2F%2Fcredit.activitis.com%2F&dt=Activitis&sid=1629735334&sct=1&seg=0&en=page_view&_fv=1&_nsi=1&_ss=1
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-6D4N4K05YH
Protocol: H3-29
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:813::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://credit.activitis.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

pragma: no-cache
date: Mon, 23 Aug 2021 16:15:34 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://credit.activitis.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3-29 200 anchor Show response
www.google.com/recaptcha/api2/ Frame C524 40 KB
20 KB 33ms
32ms Document
text/html 2a00:1450:4001:812::2004
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/recaptcha/api2/anchor?ar=1&k=6Ldp8WgaAAAAAI26xu5GxQZaCwn3Ow8iO8krRb7h&co=aHR0cHM6Ly9jcmVkaXQuYWN0aXZpdGlzLmNvbTo0NDM.&hl=uk&v=Eyd0Dt8h04h7r-D86uAD1JP-&size=normal&cb=7vhsavxvh8x7

Requested by

Host: www.gstatic.com
URL: https://www.gstatic.com/recaptcha/releases/Eyd0Dt8h04h7r-D86uAD1JP-/recaptcha__uk.js

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:812::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

GSE /

Resource Hash

c433cee8bb01dfea6f8fc967434def77bb5e408f05d773a3d688db00d0420e49

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-ssTokvZXMhh3n8cXRvuVcQ' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

:method: GET
:authority: www.google.com
:scheme: https
:path: /recaptcha/api2/anchor?ar=1&k=6Ldp8WgaAAAAAI26xu5GxQZaCwn3Ow8iO8krRb7h&co=aHR0cHM6Ly9jcmVkaXQuYWN0aXZpdGlzLmNvbTo0NDM.&hl=uk&v=Eyd0Dt8h04h7r-D86uAD1JP-&size=normal&cb=7vhsavxvh8x7
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://credit.activitis.com/
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
Referer: https://credit.activitis.com/

Response headers

content-type: text/html; charset=utf-8
cache-control: no-cache, no-store, max-age=0, must-revalidate
pragma: no-cache
expires: Mon, 01 Jan 1990 00:00:00 GMT
date: Mon, 23 Aug 2021 16:15:35 GMT
content-security-policy: script-src 'report-sample' 'nonce-ssTokvZXMhh3n8cXRvuVcQ' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-encoding: gzip
x-content-type-options: nosniff
x-xss-protection: 1; mode=block
content-length: 20828
server: GSE
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H3-29 200 anchor Show response
www.google.com/recaptcha/api2/ Frame EBE0 40 KB
20 KB 31ms
29ms Document
text/html 2a00:1450:4001:812::2004
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

Requested by

Host: www.gstatic.com
URL: https://www.gstatic.com/recaptcha/releases/Eyd0Dt8h04h7r-D86uAD1JP-/recaptcha__uk.js

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:812::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

GSE /

Resource Hash

e35d305766e023789affcdcc02da8302190da3d00a51be0e724f2c10405f7769

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-rIiWC/kq0eCesb4PHQYSng' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

:method: GET
:authority: www.google.com
:scheme: https
:path: /recaptcha/api2/anchor?ar=1&k=6Ldp8WgaAAAAAI26xu5GxQZaCwn3Ow8iO8krRb7h&co=aHR0cHM6Ly9jcmVkaXQuYWN0aXZpdGlzLmNvbTo0NDM.&hl=uk&v=Eyd0Dt8h04h7r-D86uAD1JP-&size=normal&cb=bf025qb1ym0u
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://credit.activitis.com/
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
Referer: https://credit.activitis.com/

Response headers

content-type: text/html; charset=utf-8
cache-control: no-cache, no-store, max-age=0, must-revalidate
pragma: no-cache
expires: Mon, 01 Jan 1990 00:00:00 GMT
date: Mon, 23 Aug 2021 16:15:35 GMT
content-security-policy: script-src 'report-sample' 'nonce-rIiWC/kq0eCesb4PHQYSng' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-encoding: gzip
x-content-type-options: nosniff
x-xss-protection: 1; mode=block
content-length: 20739
server: GSE
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H3-29 200 anchor Show response
www.google.com/recaptcha/api2/ Frame FD72 40 KB
20 KB 33ms
33ms Document
text/html 2a00:1450:4001:812::2004
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

Requested by

Host: www.gstatic.com
URL: https://www.gstatic.com/recaptcha/releases/Eyd0Dt8h04h7r-D86uAD1JP-/recaptcha__uk.js

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:812::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

GSE /

Resource Hash

9ea4dd8b8b42e37eb51731b661f9a40840fb87e23afbc95a28cd2ac1967c8653

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-XOv8IQc731mpGXNTN0NuVg' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

:method: GET
:authority: www.google.com
:scheme: https
:path: /recaptcha/api2/anchor?ar=1&k=6Ldp8WgaAAAAAI26xu5GxQZaCwn3Ow8iO8krRb7h&co=aHR0cHM6Ly9jcmVkaXQuYWN0aXZpdGlzLmNvbTo0NDM.&hl=uk&v=Eyd0Dt8h04h7r-D86uAD1JP-&size=normal&cb=7ic0k7czho07
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://credit.activitis.com/
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
Referer: https://credit.activitis.com/

Response headers

content-type: text/html; charset=utf-8
cache-control: no-cache, no-store, max-age=0, must-revalidate
pragma: no-cache
expires: Mon, 01 Jan 1990 00:00:00 GMT
date: Mon, 23 Aug 2021 16:15:35 GMT
content-security-policy: script-src 'report-sample' 'nonce-XOv8IQc731mpGXNTN0NuVg' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-encoding: gzip
x-content-type-options: nosniff
x-xss-protection: 1; mode=block
content-length: 20872
server: GSE
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H3-29 200 anchor Show response
www.google.com/recaptcha/api2/ Frame B8BB 40 KB
20 KB 43ms
43ms Document
text/html 2a00:1450:4001:812::2004
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

Requested by

Host: www.gstatic.com
URL: https://www.gstatic.com/recaptcha/releases/Eyd0Dt8h04h7r-D86uAD1JP-/recaptcha__uk.js

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:812::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

GSE /

Resource Hash

a5da52edd6c02b9d34b3fec6625e265d82196001657753149cb4a6dc31bb7cf8

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-zUFePjYFf81TO7WtRMmSQQ' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

:method: GET
:authority: www.google.com
:scheme: https
:path: /recaptcha/api2/anchor?ar=1&k=6Ldp8WgaAAAAAI26xu5GxQZaCwn3Ow8iO8krRb7h&co=aHR0cHM6Ly9jcmVkaXQuYWN0aXZpdGlzLmNvbTo0NDM.&hl=uk&v=Eyd0Dt8h04h7r-D86uAD1JP-&size=normal&cb=d8lo1wgghbz2
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://credit.activitis.com/
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
Referer: https://credit.activitis.com/

Response headers

content-type: text/html; charset=utf-8
cache-control: no-cache, no-store, max-age=0, must-revalidate
pragma: no-cache
expires: Mon, 01 Jan 1990 00:00:00 GMT
date: Mon, 23 Aug 2021 16:15:35 GMT
content-security-policy: script-src 'report-sample' 'nonce-zUFePjYFf81TO7WtRMmSQQ' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-encoding: gzip
x-content-type-options: nosniff
x-xss-protection: 1; mode=block
content-length: 20793
server: GSE
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H3-29 200 styles__ltr.css
www.gstatic.com/recaptcha/releases/Eyd0Dt8h04h7r-D86uAD1JP-/ Frame C524 52 KB
25 KB 13ms
6ms Stylesheet
text/css 2a00:1450:4001:811::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/recaptcha/releases/Eyd0Dt8h04h7r-D86uAD1JP-/styles__ltr.css

Requested by

Host: www.google.com
URL: https://www.google.com/recaptcha/api2/anchor?ar=1&k=6Ldp8WgaAAAAAI26xu5GxQZaCwn3Ow8iO8krRb7h&co=aHR0cHM6Ly9jcmVkaXQuYWN0aXZpdGlzLmNvbTo0NDM.&hl=uk&v=Eyd0Dt8h04h7r-D86uAD1JP-&size=normal&cb=7vhsavxvh8x7

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:811::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

5fe20047c1cc1be61a786d56c5c02b96453b9c60656d6c8429a1add79017e47f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Mon, 23 Aug 2021 15:55:43 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 1192
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/recaptcha
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 25732
x-xss-protection: 0
last-modified: Mon, 16 Aug 2021 04:14:16 GMT
server: sffe
vary: Accept-Encoding
content-type: text/css
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Tue, 23 Aug 2022 15:55:43 GMT

GET
H3-29 200 recaptcha__uk.js Show response
www.gstatic.com/recaptcha/releases/Eyd0Dt8h04h7r-D86uAD1JP-/ Frame C524 374 KB
136 KB 16ms
9ms Script
text/javascript 2a00:1450:4001:811::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/recaptcha/releases/Eyd0Dt8h04h7r-D86uAD1JP-/recaptcha__uk.js

Requested by

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:811::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

17de9841d2a478d390086b35428f6d981b9189f8c27053433654dffa2db80048

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Mon, 16 Aug 2021 18:03:35 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 598320
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/recaptcha
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 139262
x-xss-protection: 0
last-modified: Mon, 16 Aug 2021 04:14:16 GMT
server: sffe
vary: Accept-Encoding
content-type: text/javascript
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Tue, 16 Aug 2022 18:03:35 GMT

GET
H3-29 200 styles__ltr.css
www.gstatic.com/recaptcha/releases/Eyd0Dt8h04h7r-D86uAD1JP-/ Frame EBE0 52 KB
25 KB 13ms
12ms Stylesheet
text/css 2a00:1450:4001:811::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/recaptcha/releases/Eyd0Dt8h04h7r-D86uAD1JP-/styles__ltr.css

Requested by

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:811::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

5fe20047c1cc1be61a786d56c5c02b96453b9c60656d6c8429a1add79017e47f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Mon, 23 Aug 2021 15:55:43 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 1192
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/recaptcha
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 25732
x-xss-protection: 0
last-modified: Mon, 16 Aug 2021 04:14:16 GMT
server: sffe
vary: Accept-Encoding
content-type: text/css
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Tue, 23 Aug 2022 15:55:43 GMT

GET
H3-29 200 recaptcha__uk.js Show response
www.gstatic.com/recaptcha/releases/Eyd0Dt8h04h7r-D86uAD1JP-/ Frame EBE0 374 KB
136 KB 13ms
13ms Script
text/javascript 2a00:1450:4001:811::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/recaptcha/releases/Eyd0Dt8h04h7r-D86uAD1JP-/recaptcha__uk.js

Requested by

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:811::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

17de9841d2a478d390086b35428f6d981b9189f8c27053433654dffa2db80048

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Mon, 16 Aug 2021 18:03:35 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 598320
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/recaptcha
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 139262
x-xss-protection: 0
last-modified: Mon, 16 Aug 2021 04:14:16 GMT
server: sffe
vary: Accept-Encoding
content-type: text/javascript
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Tue, 16 Aug 2022 18:03:35 GMT

GET
H3-29 200 styles__ltr.css
www.gstatic.com/recaptcha/releases/Eyd0Dt8h04h7r-D86uAD1JP-/ Frame FD72 52 KB
25 KB 13ms
13ms Stylesheet
text/css 2a00:1450:4001:811::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/recaptcha/releases/Eyd0Dt8h04h7r-D86uAD1JP-/styles__ltr.css

Requested by

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:811::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

5fe20047c1cc1be61a786d56c5c02b96453b9c60656d6c8429a1add79017e47f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Mon, 23 Aug 2021 15:55:43 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 1192
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/recaptcha
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 25732
x-xss-protection: 0
last-modified: Mon, 16 Aug 2021 04:14:16 GMT
server: sffe
vary: Accept-Encoding
content-type: text/css
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Tue, 23 Aug 2022 15:55:43 GMT

GET
H3-29 200 recaptcha__uk.js Show response
www.gstatic.com/recaptcha/releases/Eyd0Dt8h04h7r-D86uAD1JP-/ Frame FD72 374 KB
136 KB 53ms
50ms Script
text/javascript 2a00:1450:4001:811::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/recaptcha/releases/Eyd0Dt8h04h7r-D86uAD1JP-/recaptcha__uk.js

Requested by

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:811::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

17de9841d2a478d390086b35428f6d981b9189f8c27053433654dffa2db80048

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Mon, 16 Aug 2021 18:03:35 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 598320
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/recaptcha
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 139262
x-xss-protection: 0
last-modified: Mon, 16 Aug 2021 04:14:16 GMT
server: sffe
vary: Accept-Encoding
content-type: text/javascript
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Tue, 16 Aug 2022 18:03:35 GMT

GET
H3-29 200 styles__ltr.css
www.gstatic.com/recaptcha/releases/Eyd0Dt8h04h7r-D86uAD1JP-/ Frame B8BB 52 KB
25 KB 22ms
13ms Stylesheet
text/css 2a00:1450:4001:811::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/recaptcha/releases/Eyd0Dt8h04h7r-D86uAD1JP-/styles__ltr.css

Requested by

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:811::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

5fe20047c1cc1be61a786d56c5c02b96453b9c60656d6c8429a1add79017e47f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Mon, 23 Aug 2021 15:55:43 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 1192
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/recaptcha
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 25732
x-xss-protection: 0
last-modified: Mon, 16 Aug 2021 04:14:16 GMT
server: sffe
vary: Accept-Encoding
content-type: text/css
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Tue, 23 Aug 2022 15:55:43 GMT

GET
H3-29 200 recaptcha__uk.js Show response
www.gstatic.com/recaptcha/releases/Eyd0Dt8h04h7r-D86uAD1JP-/ Frame B8BB 374 KB
136 KB 21ms
13ms Script
text/javascript 2a00:1450:4001:811::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/recaptcha/releases/Eyd0Dt8h04h7r-D86uAD1JP-/recaptcha__uk.js

Requested by

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:811::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

17de9841d2a478d390086b35428f6d981b9189f8c27053433654dffa2db80048

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Mon, 16 Aug 2021 18:03:35 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 598320
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/recaptcha
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 139262
x-xss-protection: 0
last-modified: Mon, 16 Aug 2021 04:14:16 GMT
server: sffe
vary: Accept-Encoding
content-type: text/javascript
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Tue, 16 Aug 2022 18:03:35 GMT

GET
DATA 200
OK truncated
/ Frame C524 14 KB
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 0964d141519db34adc6aa127a33dbc6761cda1e56b584ea402082d99c44afb9e

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

Content-Type: image/png

GET
DATA 200
OK truncated
/ Frame C524 2 KB
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 43ef4025567f7a15859b5252b6ccc1efe2ff8c7331b1aefbea7ce88eb5084d27

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

Content-Type: image/png

GET
H3-29 200 logo_48.png
www.gstatic.com/recaptcha/api2/ Frame C524 2 KB
2 KB 32ms
19ms Image
image/png 2a00:1450:4001:811::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.gstatic.com/recaptcha/api2/logo_48.png

Requested by

Host: www.gstatic.com
URL: https://www.gstatic.com/recaptcha/releases/Eyd0Dt8h04h7r-D86uAD1JP-/styles__ltr.css

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:811::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

1b9efb22c938500971aac2b2130a475fa23684dd69e43103894968df83145b8a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.gstatic.com/recaptcha/releases/Eyd0Dt8h04h7r-D86uAD1JP-/styles__ltr.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Tue, 17 Aug 2021 00:00:30 GMT
x-content-type-options: nosniff
last-modified: Tue, 03 Mar 2020 20:15:00 GMT
server: sffe
age: 576905
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/recaptcha
content-type: image/png
cache-control: public, max-age=604800
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 2228
x-xss-protection: 0
expires: Tue, 24 Aug 2021 00:00:30 GMT

GET
H3-29 200 KFOmCnqEu92Fr1Mu5mxKOzY.woff2
fonts.gstatic.com/s/roboto/v18/ Frame C524 10 KB
10 KB 14ms
6ms Font
font/woff2 2a00:1450:4001:809::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v18/KFOmCnqEu92Fr1Mu5mxKOzY.woff2

Requested by

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:809::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

53f2931d978bf9b24d43b5d556ecf315a6b3f089699c5ba3a954c4dde8663361

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Origin: https://www.google.com
Referer: https://www.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Mon, 16 Aug 2021 18:37:46 GMT
x-content-type-options: nosniff
age: 596269
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 9832
x-xss-protection: 0
last-modified: Mon, 16 Oct 2017 17:32:49 GMT
server: sffe
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Tue, 16 Aug 2022 18:37:46 GMT

GET
H3-29 200 KFOmCnqEu92Fr1Mu4mxK.woff2
fonts.gstatic.com/s/roboto/v18/ Frame C524 15 KB
15 KB 15ms
7ms Font
font/woff2 2a00:1450:4001:809::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v18/KFOmCnqEu92Fr1Mu4mxK.woff2

Requested by

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:809::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

3e253b66056519aa065b00a453bac37ac5ed8f3e6fe7b542e93a9dcdcc11d0bc

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Origin: https://www.google.com
Referer: https://www.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Mon, 16 Aug 2021 21:27:21 GMT
x-content-type-options: nosniff
age: 586094
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 15344
x-xss-protection: 0
last-modified: Mon, 16 Oct 2017 17:32:55 GMT
server: sffe
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Tue, 16 Aug 2022 21:27:21 GMT

GET
H3-29 200 webworker.js
www.google.com/recaptcha/api2/ Frame C524 102 B
135 B 20ms
15ms Other
text/javascript 2a00:1450:4001:812::2004
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/recaptcha/api2/webworker.js?hl=uk&v=Eyd0Dt8h04h7r-D86uAD1JP-

Requested by

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:812::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

GSE /

Resource Hash

e33525c3955c60deaac32669a98adf3b1dda39563f98d016a2cd11f914a5a826

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'self'
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.google.com/recaptcha/api2/anchor?ar=1&k=6Ldp8WgaAAAAAI26xu5GxQZaCwn3Ow8iO8krRb7h&co=aHR0cHM6Ly9jcmVkaXQuYWN0aXZpdGlzLmNvbTo0NDM.&hl=uk&v=Eyd0Dt8h04h7r-D86uAD1JP-&size=normal&cb=7vhsavxvh8x7
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Mon, 23 Aug 2021 16:15:35 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: GSE
x-frame-options: SAMEORIGIN
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=300
content-security-policy: frame-ancestors 'self'
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 112
x-xss-protection: 1; mode=block
expires: Mon, 23 Aug 2021 16:15:35 GMT

GET
DATA 200
OK truncated
/ Frame FD72 14 KB
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 0964d141519db34adc6aa127a33dbc6761cda1e56b584ea402082d99c44afb9e

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

Content-Type: image/png

GET
DATA 200
OK truncated
/ Frame FD72 2 KB
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 43ef4025567f7a15859b5252b6ccc1efe2ff8c7331b1aefbea7ce88eb5084d27

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

Content-Type: image/png

GET
H3-29 200 logo_48.png
www.gstatic.com/recaptcha/api2/ Frame FD72 2 KB
2 KB 9ms
8ms Image
image/png 2a00:1450:4001:811::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.gstatic.com/recaptcha/api2/logo_48.png

Requested by

Host: www.gstatic.com
URL: https://www.gstatic.com/recaptcha/releases/Eyd0Dt8h04h7r-D86uAD1JP-/styles__ltr.css

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:811::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

1b9efb22c938500971aac2b2130a475fa23684dd69e43103894968df83145b8a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.gstatic.com/recaptcha/releases/Eyd0Dt8h04h7r-D86uAD1JP-/styles__ltr.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Tue, 17 Aug 2021 00:00:30 GMT
x-content-type-options: nosniff
last-modified: Tue, 03 Mar 2020 20:15:00 GMT
server: sffe
age: 576905
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/recaptcha
content-type: image/png
cache-control: public, max-age=604800
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 2228
x-xss-protection: 0
expires: Tue, 24 Aug 2021 00:00:30 GMT

GET
H3-29 200 KFOmCnqEu92Fr1Mu5mxKOzY.woff2
fonts.gstatic.com/s/roboto/v18/ Frame FD72 10 KB
10 KB 8ms
7ms Font
font/woff2 2a00:1450:4001:809::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v18/KFOmCnqEu92Fr1Mu5mxKOzY.woff2

Requested by

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:809::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

53f2931d978bf9b24d43b5d556ecf315a6b3f089699c5ba3a954c4dde8663361

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Origin: https://www.google.com
Referer: https://www.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Mon, 16 Aug 2021 18:37:46 GMT
x-content-type-options: nosniff
age: 596269
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 9832
x-xss-protection: 0
last-modified: Mon, 16 Oct 2017 17:32:49 GMT
server: sffe
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Tue, 16 Aug 2022 18:37:46 GMT

GET
H3-29 200 KFOmCnqEu92Fr1Mu4mxK.woff2
fonts.gstatic.com/s/roboto/v18/ Frame FD72 15 KB
15 KB 8ms
8ms Font
font/woff2 2a00:1450:4001:809::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v18/KFOmCnqEu92Fr1Mu4mxK.woff2

Requested by

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:809::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

3e253b66056519aa065b00a453bac37ac5ed8f3e6fe7b542e93a9dcdcc11d0bc

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Origin: https://www.google.com
Referer: https://www.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Mon, 16 Aug 2021 21:27:21 GMT
x-content-type-options: nosniff
age: 586094
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 15344
x-xss-protection: 0
last-modified: Mon, 16 Oct 2017 17:32:55 GMT
server: sffe
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Tue, 16 Aug 2022 21:27:21 GMT

GET
H3-29 200 webworker.js
www.google.com/recaptcha/api2/ Frame EBE0 102 B
135 B 18ms
16ms Other
text/javascript 2a00:1450:4001:812::2004
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/recaptcha/api2/webworker.js?hl=uk&v=Eyd0Dt8h04h7r-D86uAD1JP-

Requested by

Host: credit.activitis.com
URL: https://credit.activitis.com/

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:812::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

GSE /

Resource Hash

e33525c3955c60deaac32669a98adf3b1dda39563f98d016a2cd11f914a5a826

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'self'
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.google.com/recaptcha/api2/anchor?ar=1&k=6Ldp8WgaAAAAAI26xu5GxQZaCwn3Ow8iO8krRb7h&co=aHR0cHM6Ly9jcmVkaXQuYWN0aXZpdGlzLmNvbTo0NDM.&hl=uk&v=Eyd0Dt8h04h7r-D86uAD1JP-&size=normal&cb=bf025qb1ym0u
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Mon, 23 Aug 2021 16:15:35 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: GSE
x-frame-options: SAMEORIGIN
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=300
content-security-policy: frame-ancestors 'self'
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 112
x-xss-protection: 1; mode=block
expires: Mon, 23 Aug 2021 16:15:35 GMT

GET
H3-29 200 webworker.js
www.google.com/recaptcha/api2/ Frame FD72 102 B
137 B 23ms
22ms Other
text/javascript 2a00:1450:4001:812::2004
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/recaptcha/api2/webworker.js?hl=uk&v=Eyd0Dt8h04h7r-D86uAD1JP-

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:812::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

GSE /

Resource Hash

e33525c3955c60deaac32669a98adf3b1dda39563f98d016a2cd11f914a5a826

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'self'
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.google.com/recaptcha/api2/anchor?ar=1&k=6Ldp8WgaAAAAAI26xu5GxQZaCwn3Ow8iO8krRb7h&co=aHR0cHM6Ly9jcmVkaXQuYWN0aXZpdGlzLmNvbTo0NDM.&hl=uk&v=Eyd0Dt8h04h7r-D86uAD1JP-&size=normal&cb=7ic0k7czho07
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Mon, 23 Aug 2021 16:15:36 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: GSE
cross-origin-embedder-policy-report-only: require-corp; report-to="recaptcha"
x-frame-options: SAMEORIGIN
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=300
content-security-policy: frame-ancestors 'self'
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 112
x-xss-protection: 1; mode=block
expires: Mon, 23 Aug 2021 16:15:36 GMT

GET
H3-29 200 webworker.js
www.google.com/recaptcha/api2/ Frame B8BB 102 B
135 B 28ms
27ms Other
text/javascript 2a00:1450:4001:812::2004
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/recaptcha/api2/webworker.js?hl=uk&v=Eyd0Dt8h04h7r-D86uAD1JP-

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:812::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

GSE /

Resource Hash

e33525c3955c60deaac32669a98adf3b1dda39563f98d016a2cd11f914a5a826

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'self'
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.google.com/recaptcha/api2/anchor?ar=1&k=6Ldp8WgaAAAAAI26xu5GxQZaCwn3Ow8iO8krRb7h&co=aHR0cHM6Ly9jcmVkaXQuYWN0aXZpdGlzLmNvbTo0NDM.&hl=uk&v=Eyd0Dt8h04h7r-D86uAD1JP-&size=normal&cb=d8lo1wgghbz2
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Mon, 23 Aug 2021 16:15:36 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: GSE
x-frame-options: SAMEORIGIN
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=300
content-security-policy: frame-ancestors 'self'
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 112
x-xss-protection: 1; mode=block
expires: Mon, 23 Aug 2021 16:15:36 GMT

GET
H3-29 200 /
www.facebook.com/tr/ 44 B
91 B 301ms
8ms Image
image/gif 2a03:2880:f11c:8183:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.facebook.com/tr/?id=356047375571916&ev=Microdata&dl=https%3A%2F%2Fcredit.activitis.com%2F&rl=&if=false&ts=1629735336549&cd[DataLayer]=%5B%5D&cd[Meta]=%7B%22title%22%3A%22Activitis%22%7D&cd[OpenGraph]=%7B%7D&cd[Schema.org]=%5B%5D&cd[JSON-LD]=%5B%5D&sw=1600&sh=1200&v=2.9.44&r=stable&ec=1&o=30&fbp=fb.1.1629735336548.1438367230&it=1629735334134&coo=false&es=automatic&tm=3&rqm=GET

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a03:2880:f11c:8183:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

proxygen-bolt /

Resource Hash

10d8d42d73a02ddb877101e72fbfa15a0ec820224d97cedee4cf92d571be5caa

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Referer: https://credit.activitis.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Mon, 23 Aug 2021 16:15:36 GMT
last-modified: Fri, 21 Dec 2012 00:00:01 GMT
server: proxygen-bolt
strict-transport-security: max-age=31536000; includeSubDomains
content-type: image/gif
cache-control: no-cache, must-revalidate, max-age=0
cross-origin-resource-policy: cross-origin
content-length: 44
alt-svc: h3-29=":443"; ma=3600,h3-27=":443"; ma=3600
priority: u=3,i
expires: Mon, 23 Aug 2021 16:15:36 GMT

GET
H3-29 200 bframe Show response
www.google.com/recaptcha/api2/ Frame 533B 7 KB
1 KB 94ms
93ms Document
text/html 2a00:1450:4001:812::2004
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/recaptcha/api2/bframe?hl=uk&v=Eyd0Dt8h04h7r-D86uAD1JP-&k=6Ldp8WgaAAAAAI26xu5GxQZaCwn3Ow8iO8krRb7h&cb=14lbcfjqq0tq

Requested by

Host: www.gstatic.com
URL: https://www.gstatic.com/recaptcha/releases/Eyd0Dt8h04h7r-D86uAD1JP-/recaptcha__uk.js

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:812::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

GSE /

Resource Hash

10c1b796f314f477db78d1cad3e8b3fb8673ecb5d441014a1e49c15befa7f3c5

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-3L+PbCcT0TY7k2w/t6C33w' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

:method: GET
:authority: www.google.com
:scheme: https
:path: /recaptcha/api2/bframe?hl=uk&v=Eyd0Dt8h04h7r-D86uAD1JP-&k=6Ldp8WgaAAAAAI26xu5GxQZaCwn3Ow8iO8krRb7h&cb=14lbcfjqq0tq
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://credit.activitis.com/
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
Referer: https://credit.activitis.com/

Response headers

content-type: text/html; charset=utf-8
cache-control: no-cache, no-store, max-age=0, must-revalidate
pragma: no-cache
expires: Mon, 01 Jan 1990 00:00:00 GMT
date: Mon, 23 Aug 2021 16:15:36 GMT
content-security-policy: script-src 'report-sample' 'nonce-3L+PbCcT0TY7k2w/t6C33w' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-encoding: gzip
x-content-type-options: nosniff
x-xss-protection: 1; mode=block
content-length: 1109
server: GSE
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H3-29 200 bframe Show response
www.google.com/recaptcha/api2/ Frame 09EF 7 KB
1 KB 27ms
26ms Document
text/html 2a00:1450:4001:812::2004
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/recaptcha/api2/bframe?hl=uk&v=Eyd0Dt8h04h7r-D86uAD1JP-&k=6Ldp8WgaAAAAAI26xu5GxQZaCwn3Ow8iO8krRb7h&cb=md9jah1stn75

Requested by

Host: www.gstatic.com
URL: https://www.gstatic.com/recaptcha/releases/Eyd0Dt8h04h7r-D86uAD1JP-/recaptcha__uk.js

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:812::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

GSE /

Resource Hash

8d1a683a44778b3dbd21fc6c471c1aea882db46bff739c9c205e4c1d6bcf67cb

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-BR5SElqzejqkFsagEYggdQ' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

:method: GET
:authority: www.google.com
:scheme: https
:path: /recaptcha/api2/bframe?hl=uk&v=Eyd0Dt8h04h7r-D86uAD1JP-&k=6Ldp8WgaAAAAAI26xu5GxQZaCwn3Ow8iO8krRb7h&cb=md9jah1stn75
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://credit.activitis.com/
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
Referer: https://credit.activitis.com/

Response headers

content-type: text/html; charset=utf-8
cache-control: no-cache, no-store, max-age=0, must-revalidate
pragma: no-cache
expires: Mon, 01 Jan 1990 00:00:00 GMT
date: Mon, 23 Aug 2021 16:15:36 GMT
content-security-policy: script-src 'report-sample' 'nonce-BR5SElqzejqkFsagEYggdQ' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-encoding: gzip
x-content-type-options: nosniff
x-xss-protection: 1; mode=block
content-length: 1113
server: GSE
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H3-29 200 bframe Show response
www.google.com/recaptcha/api2/ Frame EF7D 7 KB
1 KB 25ms
24ms Document
text/html 2a00:1450:4001:812::2004
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/recaptcha/api2/bframe?hl=uk&v=Eyd0Dt8h04h7r-D86uAD1JP-&k=6Ldp8WgaAAAAAI26xu5GxQZaCwn3Ow8iO8krRb7h&cb=jqev2cb2fwmg

Requested by

Host: www.gstatic.com
URL: https://www.gstatic.com/recaptcha/releases/Eyd0Dt8h04h7r-D86uAD1JP-/recaptcha__uk.js

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:812::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

GSE /

Resource Hash

95685309a3eb3643ac06d342a976ab1eae1457e36ba602e74d5544093ab18533

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-zdBEnrMrE/f/ppsga8j5iA' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

:method: GET
:authority: www.google.com
:scheme: https
:path: /recaptcha/api2/bframe?hl=uk&v=Eyd0Dt8h04h7r-D86uAD1JP-&k=6Ldp8WgaAAAAAI26xu5GxQZaCwn3Ow8iO8krRb7h&cb=jqev2cb2fwmg
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://credit.activitis.com/
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
Referer: https://credit.activitis.com/

Response headers

content-type: text/html; charset=utf-8
cache-control: no-cache, no-store, max-age=0, must-revalidate
pragma: no-cache
expires: Mon, 01 Jan 1990 00:00:00 GMT
date: Mon, 23 Aug 2021 16:15:36 GMT
content-security-policy: script-src 'report-sample' 'nonce-zdBEnrMrE/f/ppsga8j5iA' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-encoding: gzip
x-content-type-options: nosniff
x-xss-protection: 1; mode=block
content-length: 1110
server: GSE
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H3-29 200 bframe Show response
www.google.com/recaptcha/api2/ Frame A7F2 7 KB
1 KB 32ms
29ms Document
text/html 2a00:1450:4001:812::2004
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/recaptcha/api2/bframe?hl=uk&v=Eyd0Dt8h04h7r-D86uAD1JP-&k=6Ldp8WgaAAAAAI26xu5GxQZaCwn3Ow8iO8krRb7h&cb=rsaygeod5aav

Requested by

Host: www.gstatic.com
URL: https://www.gstatic.com/recaptcha/releases/Eyd0Dt8h04h7r-D86uAD1JP-/recaptcha__uk.js

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:812::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

GSE /

Resource Hash

cca27fdbbacf77ded2d01fffde43607f2b32292d069fa2926ea16c0bba279828

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-TilMkI17Aw+J0iYgnz2W+g' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

:method: GET
:authority: www.google.com
:scheme: https
:path: /recaptcha/api2/bframe?hl=uk&v=Eyd0Dt8h04h7r-D86uAD1JP-&k=6Ldp8WgaAAAAAI26xu5GxQZaCwn3Ow8iO8krRb7h&cb=rsaygeod5aav
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://credit.activitis.com/
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
Referer: https://credit.activitis.com/

Response headers

content-type: text/html; charset=utf-8
cache-control: no-cache, no-store, max-age=0, must-revalidate
pragma: no-cache
expires: Mon, 01 Jan 1990 00:00:00 GMT
date: Mon, 23 Aug 2021 16:15:36 GMT
content-security-policy: script-src 'report-sample' 'nonce-TilMkI17Aw+J0iYgnz2W+g' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-encoding: gzip
x-content-type-options: nosniff
x-xss-protection: 1; mode=block
content-length: 1110
server: GSE
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H3-29 200 styles__ltr.css
www.gstatic.com/recaptcha/releases/Eyd0Dt8h04h7r-D86uAD1JP-/ Frame 09EF 52 KB
25 KB 27ms
18ms Stylesheet
text/css 2a00:1450:4001:811::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/recaptcha/releases/Eyd0Dt8h04h7r-D86uAD1JP-/styles__ltr.css

Requested by

Host: www.google.com
URL: https://www.google.com/recaptcha/api2/bframe?hl=uk&v=Eyd0Dt8h04h7r-D86uAD1JP-&k=6Ldp8WgaAAAAAI26xu5GxQZaCwn3Ow8iO8krRb7h&cb=md9jah1stn75

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:811::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

5fe20047c1cc1be61a786d56c5c02b96453b9c60656d6c8429a1add79017e47f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Mon, 23 Aug 2021 15:55:43 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 1194
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/recaptcha
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 25732
x-xss-protection: 0
last-modified: Mon, 16 Aug 2021 04:14:16 GMT
server: sffe
vary: Accept-Encoding
content-type: text/css
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Tue, 23 Aug 2022 15:55:43 GMT

GET
H3-29 200 recaptcha__uk.js Show response
www.gstatic.com/recaptcha/releases/Eyd0Dt8h04h7r-D86uAD1JP-/ Frame 09EF 374 KB
136 KB 21ms
19ms Script
text/javascript 2a00:1450:4001:811::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/recaptcha/releases/Eyd0Dt8h04h7r-D86uAD1JP-/recaptcha__uk.js

Requested by

Host: www.google.com
URL: https://www.google.com/recaptcha/api2/bframe?hl=uk&v=Eyd0Dt8h04h7r-D86uAD1JP-&k=6Ldp8WgaAAAAAI26xu5GxQZaCwn3Ow8iO8krRb7h&cb=md9jah1stn75

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:811::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

17de9841d2a478d390086b35428f6d981b9189f8c27053433654dffa2db80048

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Mon, 16 Aug 2021 18:03:35 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 598322
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/recaptcha
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 139262
x-xss-protection: 0
last-modified: Mon, 16 Aug 2021 04:14:16 GMT
server: sffe
vary: Accept-Encoding
content-type: text/javascript
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Tue, 16 Aug 2022 18:03:35 GMT

GET
H3-29 200 styles__ltr.css
www.gstatic.com/recaptcha/releases/Eyd0Dt8h04h7r-D86uAD1JP-/ Frame EF7D 52 KB
25 KB 28ms
18ms Stylesheet
text/css 2a00:1450:4001:811::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/recaptcha/releases/Eyd0Dt8h04h7r-D86uAD1JP-/styles__ltr.css

Requested by

Host: www.google.com
URL: https://www.google.com/recaptcha/api2/bframe?hl=uk&v=Eyd0Dt8h04h7r-D86uAD1JP-&k=6Ldp8WgaAAAAAI26xu5GxQZaCwn3Ow8iO8krRb7h&cb=jqev2cb2fwmg

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:811::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

5fe20047c1cc1be61a786d56c5c02b96453b9c60656d6c8429a1add79017e47f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Mon, 23 Aug 2021 15:55:43 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 1194
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/recaptcha
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 25732
x-xss-protection: 0
last-modified: Mon, 16 Aug 2021 04:14:16 GMT
server: sffe
vary: Accept-Encoding
content-type: text/css
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Tue, 23 Aug 2022 15:55:43 GMT

GET
H3-29 200 recaptcha__uk.js Show response
www.gstatic.com/recaptcha/releases/Eyd0Dt8h04h7r-D86uAD1JP-/ Frame EF7D 374 KB
136 KB 23ms
21ms Script
text/javascript 2a00:1450:4001:811::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/recaptcha/releases/Eyd0Dt8h04h7r-D86uAD1JP-/recaptcha__uk.js

Requested by

Host: www.google.com
URL: https://www.google.com/recaptcha/api2/bframe?hl=uk&v=Eyd0Dt8h04h7r-D86uAD1JP-&k=6Ldp8WgaAAAAAI26xu5GxQZaCwn3Ow8iO8krRb7h&cb=jqev2cb2fwmg

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:811::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

17de9841d2a478d390086b35428f6d981b9189f8c27053433654dffa2db80048

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Mon, 16 Aug 2021 18:03:35 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 598322
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/recaptcha
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 139262
x-xss-protection: 0
last-modified: Mon, 16 Aug 2021 04:14:16 GMT
server: sffe
vary: Accept-Encoding
content-type: text/javascript
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Tue, 16 Aug 2022 18:03:35 GMT

GET
H3-29 200 styles__ltr.css
www.gstatic.com/recaptcha/releases/Eyd0Dt8h04h7r-D86uAD1JP-/ Frame A7F2 52 KB
25 KB 31ms
21ms Stylesheet
text/css 2a00:1450:4001:811::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/recaptcha/releases/Eyd0Dt8h04h7r-D86uAD1JP-/styles__ltr.css

Requested by

Host: www.google.com
URL: https://www.google.com/recaptcha/api2/bframe?hl=uk&v=Eyd0Dt8h04h7r-D86uAD1JP-&k=6Ldp8WgaAAAAAI26xu5GxQZaCwn3Ow8iO8krRb7h&cb=rsaygeod5aav

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:811::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

5fe20047c1cc1be61a786d56c5c02b96453b9c60656d6c8429a1add79017e47f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Mon, 23 Aug 2021 15:55:43 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 1194
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/recaptcha
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 25732
x-xss-protection: 0
last-modified: Mon, 16 Aug 2021 04:14:16 GMT
server: sffe
vary: Accept-Encoding
content-type: text/css
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Tue, 23 Aug 2022 15:55:43 GMT

GET
H3-29 200 recaptcha__uk.js Show response
www.gstatic.com/recaptcha/releases/Eyd0Dt8h04h7r-D86uAD1JP-/ Frame A7F2 374 KB
136 KB 30ms
28ms Script
text/javascript 2a00:1450:4001:811::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/recaptcha/releases/Eyd0Dt8h04h7r-D86uAD1JP-/recaptcha__uk.js

Requested by

Host: www.google.com
URL: https://www.google.com/recaptcha/api2/bframe?hl=uk&v=Eyd0Dt8h04h7r-D86uAD1JP-&k=6Ldp8WgaAAAAAI26xu5GxQZaCwn3Ow8iO8krRb7h&cb=rsaygeod5aav

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:811::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

17de9841d2a478d390086b35428f6d981b9189f8c27053433654dffa2db80048

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Mon, 16 Aug 2021 18:03:35 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 598322
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/recaptcha
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 139262
x-xss-protection: 0
last-modified: Mon, 16 Aug 2021 04:14:16 GMT
server: sffe
vary: Accept-Encoding
content-type: text/javascript
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Tue, 16 Aug 2022 18:03:35 GMT

GET
H3-29 200 styles__ltr.css
www.gstatic.com/recaptcha/releases/Eyd0Dt8h04h7r-D86uAD1JP-/ Frame 533B 52 KB
25 KB 25ms
23ms Stylesheet
text/css 2a00:1450:4001:811::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/recaptcha/releases/Eyd0Dt8h04h7r-D86uAD1JP-/styles__ltr.css

Requested by

Host: www.google.com
URL: https://www.google.com/recaptcha/api2/bframe?hl=uk&v=Eyd0Dt8h04h7r-D86uAD1JP-&k=6Ldp8WgaAAAAAI26xu5GxQZaCwn3Ow8iO8krRb7h&cb=14lbcfjqq0tq

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:811::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

5fe20047c1cc1be61a786d56c5c02b96453b9c60656d6c8429a1add79017e47f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Mon, 23 Aug 2021 15:55:43 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 1194
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/recaptcha
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 25732
x-xss-protection: 0
last-modified: Mon, 16 Aug 2021 04:14:16 GMT
server: sffe
vary: Accept-Encoding
content-type: text/css
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Tue, 23 Aug 2022 15:55:43 GMT

GET
H3-29 200 recaptcha__uk.js Show response
www.gstatic.com/recaptcha/releases/Eyd0Dt8h04h7r-D86uAD1JP-/ Frame 533B 374 KB
136 KB 38ms
36ms Script
text/javascript 2a00:1450:4001:811::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/recaptcha/releases/Eyd0Dt8h04h7r-D86uAD1JP-/recaptcha__uk.js

Requested by

Host: www.google.com
URL: https://www.google.com/recaptcha/api2/bframe?hl=uk&v=Eyd0Dt8h04h7r-D86uAD1JP-&k=6Ldp8WgaAAAAAI26xu5GxQZaCwn3Ow8iO8krRb7h&cb=14lbcfjqq0tq

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:811::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

17de9841d2a478d390086b35428f6d981b9189f8c27053433654dffa2db80048

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Mon, 16 Aug 2021 18:03:35 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 598322
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/recaptcha
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 139262
x-xss-protection: 0
last-modified: Mon, 16 Aug 2021 04:14:16 GMT
server: sffe
vary: Accept-Encoding
content-type: text/javascript
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Tue, 16 Aug 2022 18:03:35 GMT

Verdicts & Comments Add Verdict or Comment

40 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

1 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

			Domain/Path	Expires	Name / Value
			.activitis.com/	1970-01-19 22:51:51	Name: _fbp Value: fb.1.1629735336548.1438367230

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

connect.facebook.net
credit.activitis.com
fonts.googleapis.com
fonts.gstatic.com
www.facebook.com
www.google-analytics.com
www.google.com
www.googletagmanager.com
www.gstatic.com
194.247.13.135
2a00:1450:4001:809::2003
2a00:1450:4001:811::2003
2a00:1450:4001:812::2004
2a00:1450:4001:813::200e
2a00:1450:4001:82a::2008
2a00:1450:4001:82a::200a
2a03:2880:f01c:8012:face:b00c:0:3
2a03:2880:f11c:8183:face:b00c:0:25de
0033ef0a631e7055700c66b2ee4d41cce7e43f3aba72f98ef424c5facb58d0c9
0964d141519db34adc6aa127a33dbc6761cda1e56b584ea402082d99c44afb9e
10c1b796f314f477db78d1cad3e8b3fb8673ecb5d441014a1e49c15befa7f3c5
10d7df3af837244603c9fb9b8052934d2dd02eec3e9c1962db8a0fdbd972749e
10d8d42d73a02ddb877101e72fbfa15a0ec820224d97cedee4cf92d571be5caa
17de9841d2a478d390086b35428f6d981b9189f8c27053433654dffa2db80048
1b9efb22c938500971aac2b2130a475fa23684dd69e43103894968df83145b8a
1ed1dd047e2e8667af5f79d90fb2a1e4989c6b7b18bef49a44258564c0e6013c
258592f9d547734eac8c062ca06c0fe5319b12e0b09d0277f06420a87f2f7d78
3e253b66056519aa065b00a453bac37ac5ed8f3e6fe7b542e93a9dcdcc11d0bc
416a3b2c3bf16d64f6b5b6d0f7b079df2267614dd6847fc2f3271b4409233c37
43ef4025567f7a15859b5252b6ccc1efe2ff8c7331b1aefbea7ce88eb5084d27
4801258be31870cb6a232a59f1a003a6729098fec0cbe8365c81e8b858c5deb0
525f091870c1282bb4823f9e64192983f1652a3bbc84c97ca5e6c4f063ca6e82
53f2931d978bf9b24d43b5d556ecf315a6b3f089699c5ba3a954c4dde8663361
5946857d39b203968e12e77824832b9b8a26be8e5037a809783bcaff4c267efd
5e2ac34e292b6f15c645dc4e756f01a452cf63dc0817301ad34b1c9bc6a0afa3
5fe20047c1cc1be61a786d56c5c02b96453b9c60656d6c8429a1add79017e47f
67bed69f23af460ec3341aefcdf793955c250fbf879589de4b93d17b8ec4ae54
8d1a683a44778b3dbd21fc6c471c1aea882db46bff739c9c205e4c1d6bcf67cb
95685309a3eb3643ac06d342a976ab1eae1457e36ba602e74d5544093ab18533
96bcdaf1067fb3dca3bae4e71587ee8b1c7f47bdca89915cdd50c6a360a71dfe
9dfc50020dc8d966ecad3b9d80b71c8bdbc55860d3ea77bb89633c8525924a5d
9ea4dd8b8b42e37eb51731b661f9a40840fb87e23afbc95a28cd2ac1967c8653
a5da52edd6c02b9d34b3fec6625e265d82196001657753149cb4a6dc31bb7cf8
ae83c04d687b3e0046ba63eded811e09cef2ea493c59aca9ed26ea77bf19469f
b1317aa293542844d93a04b593ae9c1dc031a649003d76856fff79b879df5d7a
bcffedfdc3defc81f06f17a7970854c9e00b6606158953b57225cd0671dd4c01
c3f6292fae5c8de92a2c9d6e79d0f9dd788eb2d73188c47c8fbe9f2df67f416e
c433cee8bb01dfea6f8fc967434def77bb5e408f05d773a3d688db00d0420e49
cb691aac50253fb6f0e1a2da830d411c2935e8fcc2379b3387af625a52834c57
cca27fdbbacf77ded2d01fffde43607f2b32292d069fa2926ea16c0bba279828
d442dadbb3184306cfc4335d0d7dc01fbe72a7be6424bc2efc03b9133afe95f8
d738dda3c85c719416ccc701c1683675980e8e0949c6324c49f648f31c4aa29e
d7818e98030f646fa14b86439e103da7fa63b0a0eeb0c9164aa0e75ac61bb5f1
e249aa20adae8c5b18a6aac41898fda312204f4ab452cef69d2fe1081e3c7641
e33525c3955c60deaac32669a98adf3b1dda39563f98d016a2cd11f914a5a826
e35d305766e023789affcdcc02da8302190da3d00a51be0e724f2c10405f7769
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e617708035d1a5f61ca23a9efcaa30f7b65649b560a3dd7477282230a8840879
f2ad2d8065c46c99ba8dd8a73141441060ce4e9762d380964bca25da164d9dd2
f73a04d3ce820c80eda57b1de0265f0c5c14aecbbe7d67475c987f080e90d555

credit.activitis.com Open in urlscan Pro 194.247.13.135 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Detected technologies

Page Statistics

60 Requests

100 %HTTPS

89 %IPv6

8 Domains

9 Subdomains

10 IPs

2 Countries

6189 kBTransfer

9617 kBSize

1 Cookies

4 Outgoing links

Redirected requests

60 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 6 data transactions

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

credit.activitis.com Open in urlscan Pro
194.247.13.135 Public Scan

Screenshot
Live screenshot

Full Image

60
Requests

100 %
HTTPS

89 %
IPv6

8
Domains

9
Subdomains

10
IPs

2
Countries

6189 kB
Transfer

9617 kB
Size

1
Cookies

60 HTTP transactions
6 data transactions