urlscan.io logo urlscan.io
SecurityTrails logo

mycredit.ua Open in urlscan Pro
172.67.12.235  Public Scan

Go To Rescan Add Verdict Report
URL: https://mycredit.ua/ua/documents/
Submission: On December 24 via api from UA — Scanned from PL
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 16 IPs in 5 countries across 13 domains to perform 57 HTTP transactions. The main IP is 172.67.12.235, located in United States and belongs to CLOUDFLARENET, US. The main domain is mycredit.ua.
TLS certificate: Issued by Sectigo RSA Extended Validation Secur... on November 22nd 2024. Valid for: a year.
This is the only time mycredit.ua was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
1 16 172.67.12.235 13335 (CLOUDFLAR...)
11 104.22.62.217 13335 (CLOUDFLAR...)
4 45.133.44.4 39572 (ADVANCEDH...)
4 142.250.185.104 15169 (GOOGLE)
1 52.18.222.204 16509 (AMAZON-02)
1 142.250.185.100 15169 (GOOGLE)
2 142.250.185.142 15169 (GOOGLE)
1 18.66.102.11 16509 (AMAZON-02)
3 157.240.0.6 32934 (FACEBOOK)
1 216.239.34.36 15169 (GOOGLE)
1 104.21.76.27 13335 (CLOUDFLAR...)
4 157.240.0.35 32934 (FACEBOOK)
1 142.250.185.244 15169 (GOOGLE)
1 52.222.236.122 16509 (AMAZON-02)
4 77.88.202.34 3326 (Datagroup...)
57 16
16    172.67.12.235 (United States)

ASN13335 (CLOUDFLARENET, US)
mycredit.ua
11    104.22.62.217 (None, )

ASN13335 (CLOUDFLARENET, US)
media.mycredit.ua
4    45.133.44.4 (Philadelphia, United States)

ASN39572 (ADVANCEDHOSTERS-AS DataWeb Global Group B.V., NL)
cdn.gravitec.net
4    142.250.185.104 (United States)

ASN15169 (GOOGLE, US)
PTR: fra16s49-in-f8.1e100.net
www.googletagmanager.com
1    52.18.222.204 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-52-18-222-204.eu-west-1.compute.amazonaws.com
esputnik.com
1    142.250.185.100 (United States)

ASN15169 (GOOGLE, US)
PTR: fra16s49-in-f4.1e100.net
www.google.com
2    142.250.185.142 (United States)

ASN15169 (GOOGLE, US)
PTR: fra16s50-in-f14.1e100.net
www.google-analytics.com
1    18.66.102.11 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-18-66-102-11.fra56.r.cloudfront.net
static.hotjar.com
3    157.240.0.6 (Frankfurt am Main, Germany)

ASN32934 (FACEBOOK, US)
PTR: xx-fbcdn-shv-02-fra3.fbcdn.net
connect.facebook.net
1    216.239.34.36 (United States)

ASN15169 (GOOGLE, US)
region1.analytics.google.com
1    104.21.76.27 (None, )

ASN13335 (CLOUDFLARENET, US)
id.gravitec.net
4    157.240.0.35 (Frankfurt am Main, Germany)

ASN32934 (FACEBOOK, US)
PTR: edge-star-mini-shv-02-fra3.facebook.com
www.facebook.com
1    142.250.185.244 (United States)

ASN15169 (GOOGLE, US)
PTR: fra16s53-in-f20.1e100.net
nimble-yen-237809.appspot.com
1    52.222.236.122 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-52-222-236-122.fra56.r.cloudfront.net
script.hotjar.com
4    77.88.202.34 (Ukraine)

ASN3326 (Datagroup PRIVATE JOINT STOCK COMPANY "DATAGROUP", UA)
PTR: 77.88.202.34.ipv4.datagroup.ua
sc01.sfcserv.eu
Apex Domain
Subdomains		 Transfer
27 mycredit.ua
mycredit.ua
media.mycredit.ua
758 KB
5 gravitec.net
cdn.gravitec.net — Cisco Umbrella Rank: 36081
id.gravitec.net — Cisco Umbrella Rank: 328183
48 KB
4 sfcserv.eu
sc01.sfcserv.eu
136 KB
4 facebook.com
www.facebook.com — Cisco Umbrella Rank: 120
422 B
4 googletagmanager.com
www.googletagmanager.com — Cisco Umbrella Rank: 39
353 KB
3 facebook.net
connect.facebook.net — Cisco Umbrella Rank: 192
84 KB
2 hotjar.com
static.hotjar.com — Cisco Umbrella Rank: 888
script.hotjar.com — Cisco Umbrella Rank: 1185
61 KB
2 google-analytics.com
www.google-analytics.com — Cisco Umbrella Rank: 36
21 KB
2 google.com
www.google.com — Cisco Umbrella Rank: 3
region1.analytics.google.com — Cisco Umbrella Rank: 4108
1 appspot.com
nimble-yen-237809.appspot.com
221 B
1 esputnik.com
esputnik.com — Cisco Umbrella Rank: 61564
statics.esputnik.com Failed
12 KB
0 hotjar.io Failed
content.hotjar.io Failed
0 google.pl Failed
www.google.pl Failed
57 13
Domain Requested by
16 mycredit.ua 1 redirects mycredit.ua
11 media.mycredit.ua mycredit.ua
4 sc01.sfcserv.eu mycredit.ua
sc01.sfcserv.eu
4 www.facebook.com mycredit.ua
4 www.googletagmanager.com mycredit.ua
www.googletagmanager.com
4 cdn.gravitec.net mycredit.ua
cdn.gravitec.net
3 connect.facebook.net mycredit.ua
connect.facebook.net
2 www.google-analytics.com www.googletagmanager.com
mycredit.ua
1 script.hotjar.com static.hotjar.com
1 nimble-yen-237809.appspot.com mycredit.ua
1 id.gravitec.net cdn.gravitec.net
1 region1.analytics.google.com www.googletagmanager.com
1 static.hotjar.com www.googletagmanager.com
1 www.google.com www.googletagmanager.com
1 esputnik.com mycredit.ua
0 content.hotjar.io Failed script.hotjar.com
0 www.google.pl Failed mycredit.ua
0 statics.esputnik.com Failed mycredit.ua
57 18

This site contains links to these domains. Also see Links.

Domain
mycredit.page.link
apps.apple.com
m.me
t.me
onelink.to
www.instagram.com
www.facebook.com
invite.viber.com
Subject Issuer Validity Valid
mycredit.ua
Sectigo RSA Extended Validation Secure Server CA		 2024-11-22 -
2025-11-23		 a year crt.sh
*.gravitec.net
GlobalSign GCC R6 AlphaSSL CA 2023		 2024-04-22 -
2025-05-24		 a year crt.sh
*.google-analytics.com
WR2		 2024-12-02 -
2025-02-24		 3 months crt.sh
*.esputnik.com
Sectigo RSA Domain Validation Secure Server CA		 2024-11-04 -
2025-11-28		 a year crt.sh
*.google.com
WR2		 2024-12-02 -
2025-02-24		 3 months crt.sh
*.hotjar.com
Amazon RSA 2048 M03		 2024-05-22 -
2025-06-20		 a year crt.sh
*.facebook.com
DigiCert SHA2 High Assurance Server CA		 2024-10-02 -
2024-12-31		 3 months crt.sh
gravitec.net
WE1		 2024-11-20 -
2025-02-18		 3 months crt.sh
*.appspot.com
WR2		 2024-12-02 -
2025-02-24		 3 months crt.sh
*.sfcserv.eu
GlobalSign GCC R6 AlphaSSL CA 2023		 2024-07-15 -
2025-08-16		 a year crt.sh

This page contains 3 frames:

Primary Page: https://mycredit.ua/ua/documents/
Frame ID: 5F1B0D8F9AFAB12DC0309724DFB3C6C2
Requests: 55 HTTP requests in this frame

Frame: https://www.googletagmanager.com/static/service_worker/4cc0/sw_iframe.html?origin=https%3A%2F%2Fmycredit.ua
Frame ID: C80FC0C2D4C49198A9B85BF622FDC3D1
Requests: 1 HTTP requests in this frame

Frame: https://id.gravitec.net/
Frame ID: 7581BAA059103F6E83622F01F21631D9
Requests: 1 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page Title

| MyCredit

Page URL History Show full URLs

  1. https://mycredit.ua/ua/documents HTTP 301
    https://mycredit.ua/ua/documents/ Page URL

Detected technologies

Overall confidence: 100%
Detected patterns
  • socket\.io.*\.js
Overall confidence: 100%
Detected patterns
  • //connect\.facebook\.([a-z]+)/[^/]*/[a-z]*\.js
Overall confidence: 100%
Detected patterns
  • google-analytics\.com/(?:ga|urchin|analytics)\.js
Overall confidence: 100%
Detected patterns
  • googletagmanager\.com/ns\.html[^>]+></iframe>
  • <!-- (?:End )?Google Tag Manager -->
  • googletagmanager\.com/gtm\.js
  • googletagmanager\.com/gtag/js
Overall confidence: 100%
Detected patterns
  • //static\.hotjar\.com/

Page Statistics

57
Requests

95 %
HTTPS

0 %
IPv6

13
Domains

18
Subdomains

16
IPs

5
Countries

1474 kB
Transfer

3405 kB
Size

14
Cookies

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

  1. https://mycredit.ua/ua/documents HTTP 301
    https://mycredit.ua/ua/documents/ Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

57 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
Primary Request /
mycredit.ua/ua/documents/
Redirect Chain
  • https://mycredit.ua/ua/documents
  • https://mycredit.ua/ua/documents/
59 KB
17 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://mycredit.ua/ua/documents/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.67.12.235 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
60dcc80ba7e55f2981a5228646c7b7de236b306a39b332d7209316fe2de87954
Security Headers
Name Value
Content-Security-Policy default-src data: 'self' https://mycredit.ua https://media.mycredit.ua https://www.google-analytics.com https://*.google.com https://*.google.com.ua https://*.googletagmanager.com https://*.googleusercontent.com https://sc01.sfcserv.eu https://*.googleadservices.com *.hotjar.com https://analytics.tiktok.com px.adhigh.net https://mycreditua.push.world https://fonts.gstatic.com *.youtube.com https://*.gravitec.net https://*.gravitec.media https://push.esputnik.com https://esputnik.com https://*.facebook.com https://*.facebook.net *.firebaseapp.com *.firebaseio.com *.appspot.com *.iesnare.com wss://mpsnare.iesnare.com https://mpsnare.iesnare.com *.gov.ua https://rabota.ua https://*.rabota.ua https://*.ex.co https://*.playbuzz.com https://*.cloudfunctions.net https://*.api.fpjs.io https://api.fpjs.io ;script-src 'unsafe-inline' 'unsafe-eval' 'self' https://mycredit.ua *.mycredit.ua http://*.mycredit.ua *.google-analytics.com https://*.googletagmanager.com https://*.googleoptimize.com https://*.googleadservices.com https://*.google.com https://*.google.com.ua https://*.googleapis.com https://*.gravitec.net https://*.gravitec.media https://push.esputnik.com https://esputnik.com https://sc01.sfcserv.eu https://*.facebook.com https://*.facebook.net https://gdeua.hit.gemius.pl https://*.hotjar.com https://analytics.tiktok.com px.adhigh.net https://mycreditua.push.world *.cloudflare.com https://static.addtoany.com *.irebaseapp.com *.firebaseio.com *.appspot.com *.youtube.com *.iesnare.com https://rabota.ua https://*.rabota.ua https://*.ex.co https://*.playbuzz.com https://fpjscdn.net ;style-src 'unsafe-inline' * ;frame-ancestors 'self' ;
Strict-Transport-Security max-age=63072000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36

Response headers

cache-control
private, must-revalidate
cf-cache-status
DYNAMIC
cf-ray
8f6fa9c71b8bef8b-WAW
content-encoding
br
content-security-policy
default-src data: 'self' https://mycredit.ua https://media.mycredit.ua https://www.google-analytics.com https://*.google.com https://*.google.com.ua https://*.googletagmanager.com https://*.googleusercontent.com https://sc01.sfcserv.eu https://*.googleadservices.com *.hotjar.com https://analytics.tiktok.com px.adhigh.net https://mycreditua.push.world https://fonts.gstatic.com *.youtube.com https://*.gravitec.net https://*.gravitec.media https://push.esputnik.com https://esputnik.com https://*.facebook.com https://*.facebook.net *.firebaseapp.com *.firebaseio.com *.appspot.com *.iesnare.com wss://mpsnare.iesnare.com https://mpsnare.iesnare.com *.gov.ua https://rabota.ua https://*.rabota.ua https://*.ex.co https://*.playbuzz.com https://*.cloudfunctions.net https://*.api.fpjs.io https://api.fpjs.io ;script-src 'unsafe-inline' 'unsafe-eval' 'self' https://mycredit.ua *.mycredit.ua http://*.mycredit.ua *.google-analytics.com https://*.googletagmanager.com https://*.googleoptimize.com https://*.googleadservices.com https://*.google.com https://*.google.com.ua https://*.googleapis.com https://*.gravitec.net https://*.gravitec.media https://push.esputnik.com https://esputnik.com https://sc01.sfcserv.eu https://*.facebook.com https://*.facebook.net https://gdeua.hit.gemius.pl https://*.hotjar.com https://analytics.tiktok.com px.adhigh.net https://mycreditua.push.world *.cloudflare.com https://static.addtoany.com *.irebaseapp.com *.firebaseio.com *.appspot.com *.youtube.com *.iesnare.com https://rabota.ua https://*.rabota.ua https://*.ex.co https://*.playbuzz.com https://fpjscdn.net ;style-src 'unsafe-inline' * ;frame-ancestors 'self' ;
content-type
text/html; charset=UTF-8
date
Tue, 24 Dec 2024 09:46:16 GMT
expires
-1
feature-policy
vibrate 'self'; microphone 'self'
pragma
no-cache
referrer-policy
strict-origin-when-cross-origin
server
cloudflare
strict-transport-security
max-age=63072000; includeSubDomains; preload
vary
Accept-Encoding,User-Agent
x-content-type-options
nosniff
x-frame-options
SAMEORIGIN

Redirect headers

cf-cache-status
DYNAMIC
cf-ray
8f6fa9c6aa8fef8b-WAW
content-type
text/html; charset=iso-8859-1
date
Tue, 24 Dec 2024 09:46:15 GMT
location
https://mycredit.ua/ua/documents/
server
cloudflare
strict-transport-security
max-age=63072000; includeSubDomains; preload
BebasNeueProExpandedExtraBoldIt.woff2
mycredit.ua/fonts/ 		27 KB
27 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://mycredit.ua/fonts/BebasNeueProExpandedExtraBoldIt.woff2
Requested by
Host: mycredit.ua
URL: https://mycredit.ua/ua/documents/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.67.12.235 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
122a970022ff60e85c5828a105791bddcfed256cb61b152cf543161ae8978666
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubDomains; preload

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Origin
https://mycredit.ua
Referer
https://mycredit.ua/ua/documents/

Response headers

strict-transport-security
max-age=63072000; includeSubDomains; preload
cache-control
max-age=31536000
content-encoding
gzip
cf-cache-status
HIT
etag
"6ba4-611b9e84ea29b-gzip"
age
66967
cf-ray
8f6fa9cdccf2ef8b-WAW
accept-ranges
bytes
content-length
27525
date
Tue, 24 Dec 2024 09:46:16 GMT
last-modified
Mon, 19 Feb 2024 10:53:44 GMT
vary
Accept-Encoding,User-Agent
server
cloudflare
lar-404-page.min.css
mycredit.ua/css/ 		123 KB
22 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://mycredit.ua/css/lar-404-page.min.css?hash=8663865116
Requested by
Host: mycredit.ua
URL: https://mycredit.ua/ua/documents/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.67.12.235 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
9a80ebc536e7e3c1c3e8f1e2f7f483f3a5dc20db6e399f650ace518c926dda2c
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubDomains; preload

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://mycredit.ua/ua/documents/

Response headers

strict-transport-security
max-age=63072000; includeSubDomains; preload
cache-control
max-age=31536000
content-encoding
gzip
cf-cache-status
HIT
etag
"1ed24-62905c1d9944b-gzip"
cf-ray
8f6fa9cdccefef8b-WAW
accept-ranges
bytes
content-length
22498
date
Tue, 24 Dec 2024 09:46:16 GMT
content-type
text/css
last-modified
Wed, 11 Dec 2024 22:02:44 GMT
vary
Accept-Encoding,User-Agent
server
cloudflare
logo-sm.svg
media.mycredit.ua/images/header/ 		1 KB
658 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://media.mycredit.ua/images/header/logo-sm.svg
Requested by
Host: mycredit.ua
URL: https://mycredit.ua/ua/documents/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.22.62.217 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
fc87d0d96e7dbf4adcfe6086776abd18a284e42ecacfa784588e7ccaf6c08106
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubDomains; preload

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://mycredit.ua/

Response headers

strict-transport-security
max-age=63072000; includeSubDomains; preload
cache-control
max-age=31536000
content-encoding
gzip
cf-cache-status
HIT
etag
"4c0-5b21ae2c125a0-gzip"
age
893
cf-ray
8f6fa9ceae1eee4c-WAW
accept-ranges
bytes
content-length
554
date
Tue, 24 Dec 2024 09:46:16 GMT
content-type
image/svg+xml
last-modified
Tue, 20 Oct 2020 14:17:06 GMT
vary
Accept-Encoding,User-Agent
server
cloudflare
app-raiting.webp
media.mycredit.ua/images/modals/ 		524 B
653 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://media.mycredit.ua/images/modals/app-raiting.webp
Requested by
Host: mycredit.ua
URL: https://mycredit.ua/ua/documents/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.22.62.217 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
8f6cea24a9725ba7bd57f43034e5af53c5f72654fe096a2540be8d7b29b9b903
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubDomains; preload

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://mycredit.ua/

Response headers

strict-transport-security
max-age=63072000; includeSubDomains; preload
cache-control
max-age=31536000
content-encoding
gzip
cf-cache-status
HIT
etag
"20c-5c38c987f810f-gzip"
age
893
cf-ray
8f6fa9ceae1fee4c-WAW
accept-ranges
bytes
content-length
547
date
Tue, 24 Dec 2024 09:46:16 GMT
content-type
image/webp
last-modified
Sun, 30 May 2021 14:05:04 GMT
vary
Accept-Encoding,User-Agent
server
cloudflare
logo-medium-UA.svg
media.mycredit.ua/images/header/ 		13 KB
5 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://media.mycredit.ua/images/header/logo-medium-UA.svg
Requested by
Host: mycredit.ua
URL: https://mycredit.ua/ua/documents/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.22.62.217 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
ffe0c8f94aaacb8e5b9e1e7fad85ca6ad989e75d54d767a87ad46c3a09053d32
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubDomains; preload

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://mycredit.ua/

Response headers

strict-transport-security
max-age=63072000; includeSubDomains; preload
cache-control
max-age=31536000
content-encoding
gzip
cf-cache-status
HIT
etag
"350a-5c6ad93e87811-gzip"
age
6630
cf-ray
8f6fa9ceae17ee4c-WAW
accept-ranges
bytes
content-length
5219
date
Tue, 24 Dec 2024 09:46:16 GMT
content-type
image/svg+xml
last-modified
Fri, 09 Jul 2021 09:41:36 GMT
vary
Accept-Encoding,User-Agent
server
cloudflare
mycredit-logo__small.svg
media.mycredit.ua/images/header/ 		1 KB
646 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://media.mycredit.ua/images/header/mycredit-logo__small.svg
Requested by
Host: mycredit.ua
URL: https://mycredit.ua/ua/documents/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.22.62.217 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
3e5f0b0b7571f5d09b7e158506267943af016efa67438813a67a9401c798791e
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubDomains; preload

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://mycredit.ua/

Response headers

strict-transport-security
max-age=63072000; includeSubDomains; preload
cache-control
max-age=31536000
content-encoding
gzip
cf-cache-status
HIT
etag
"49d-5c671894070d5-gzip"
age
893
cf-ray
8f6fa9ceae1bee4c-WAW
accept-ranges
bytes
content-length
536
date
Tue, 24 Dec 2024 09:46:16 GMT
content-type
image/svg+xml
last-modified
Tue, 06 Jul 2021 10:03:39 GMT
vary
Accept-Encoding,User-Agent
server
cloudflare
/
mycredit.ua/ua/captcha/feedback/ 		11 KB
13 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://mycredit.ua/ua/captcha/feedback/?1735033576
Requested by
Host: mycredit.ua
URL: https://mycredit.ua/ua/documents/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.67.12.235 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
af0ce1f092afa264631af4c3e593225646f85f4409bc3be5a902ebed5bdb1a84
Security Headers
Name Value
Content-Security-Policy default-src data: 'self' https://mycredit.ua https://media.mycredit.ua https://www.google-analytics.com https://*.google.com https://*.google.com.ua https://*.googletagmanager.com https://*.googleusercontent.com https://sc01.sfcserv.eu https://*.googleadservices.com *.hotjar.com https://analytics.tiktok.com px.adhigh.net https://mycreditua.push.world https://fonts.gstatic.com *.youtube.com https://*.gravitec.net https://*.gravitec.media https://push.esputnik.com https://esputnik.com https://*.facebook.com https://*.facebook.net *.firebaseapp.com *.firebaseio.com *.appspot.com *.iesnare.com wss://mpsnare.iesnare.com https://mpsnare.iesnare.com *.gov.ua https://rabota.ua https://*.rabota.ua https://*.ex.co https://*.playbuzz.com https://*.cloudfunctions.net https://*.api.fpjs.io https://api.fpjs.io ;script-src 'unsafe-inline' 'unsafe-eval' 'self' https://mycredit.ua *.mycredit.ua http://*.mycredit.ua *.google-analytics.com https://*.googletagmanager.com https://*.googleoptimize.com https://*.googleadservices.com https://*.google.com https://*.google.com.ua https://*.googleapis.com https://*.gravitec.net https://*.gravitec.media https://push.esputnik.com https://esputnik.com https://sc01.sfcserv.eu https://*.facebook.com https://*.facebook.net https://gdeua.hit.gemius.pl https://*.hotjar.com https://analytics.tiktok.com px.adhigh.net https://mycreditua.push.world *.cloudflare.com https://static.addtoany.com *.irebaseapp.com *.firebaseio.com *.appspot.com *.youtube.com *.iesnare.com https://rabota.ua https://*.rabota.ua https://*.ex.co https://*.playbuzz.com https://fpjscdn.net ;style-src 'unsafe-inline' * ;frame-ancestors 'self' ;
Strict-Transport-Security max-age=63072000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://mycredit.ua/ua/documents/

Response headers

content-encoding
gzip
cf-cache-status
DYNAMIC
x-content-type-options
nosniff
expires
Mon, 07 Oct 2018 05:00:00 GMT
date
Tue, 24 Dec 2024 09:46:18 GMT
content-type
image/jpeg
feature-policy
vibrate 'self'; microphone 'self'
vary
Accept-Encoding,User-Agent
x-frame-options
SAMEORIGIN
strict-transport-security
max-age=63072000; includeSubDomains; preload
content-security-policy
default-src data: 'self' https://mycredit.ua https://media.mycredit.ua https://www.google-analytics.com https://*.google.com https://*.google.com.ua https://*.googletagmanager.com https://*.googleusercontent.com https://sc01.sfcserv.eu https://*.googleadservices.com *.hotjar.com https://analytics.tiktok.com px.adhigh.net https://mycreditua.push.world https://fonts.gstatic.com *.youtube.com https://*.gravitec.net https://*.gravitec.media https://push.esputnik.com https://esputnik.com https://*.facebook.com https://*.facebook.net *.firebaseapp.com *.firebaseio.com *.appspot.com *.iesnare.com wss://mpsnare.iesnare.com https://mpsnare.iesnare.com *.gov.ua https://rabota.ua https://*.rabota.ua https://*.ex.co https://*.playbuzz.com https://*.cloudfunctions.net https://*.api.fpjs.io https://api.fpjs.io ;script-src 'unsafe-inline' 'unsafe-eval' 'self' https://mycredit.ua *.mycredit.ua http://*.mycredit.ua *.google-analytics.com https://*.googletagmanager.com https://*.googleoptimize.com https://*.googleadservices.com https://*.google.com https://*.google.com.ua https://*.googleapis.com https://*.gravitec.net https://*.gravitec.media https://push.esputnik.com https://esputnik.com https://sc01.sfcserv.eu https://*.facebook.com https://*.facebook.net https://gdeua.hit.gemius.pl https://*.hotjar.com https://analytics.tiktok.com px.adhigh.net https://mycreditua.push.world *.cloudflare.com https://static.addtoany.com *.irebaseapp.com *.firebaseio.com *.appspot.com *.youtube.com *.iesnare.com https://rabota.ua https://*.rabota.ua https://*.ex.co https://*.playbuzz.com https://fpjscdn.net ;style-src 'unsafe-inline' * ;frame-ancestors 'self' ;
cache-control
no-store, no-cache, must-revalidate, post-check=0, pre-check=0
pragma
no-cache
referrer-policy
strict-origin-when-cross-origin
cf-ray
8f6fa9ce4e6def8b-WAW
content-length
11191
server
cloudflare
email-decode.min.js
mycredit.ua/cdn-cgi/scripts/5c5dd728/cloudflare-static/ 		1 KB
837 B 		Script
General
Check archive.org
Download Go to
Full URL
https://mycredit.ua/cdn-cgi/scripts/5c5dd728/cloudflare-static/email-decode.min.js
Requested by
Host: mycredit.ua
URL: https://mycredit.ua/ua/documents/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.67.12.235 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
2595496fe48df6fcf9b1bc57c29a744c121eb4dd11566466bc13d2e52e6bbcc8
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options DENY

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://mycredit.ua/ua/documents/

Response headers

cache-control
max-age=172800, public
content-encoding
gzip
etag
W/"675fc4cd-4d7"
x-content-type-options
nosniff
cf-ray
8f6fa9cdccf4ef8b-WAW
expires
Thu, 26 Dec 2024 09:46:16 GMT
date
Tue, 24 Dec 2024 09:46:16 GMT
content-type
application/javascript
last-modified
Mon, 16 Dec 2024 06:12:29 GMT
vary
Accept-Encoding
server
cloudflare
x-frame-options
DENY
client.js
cdn.gravitec.net/storage/2e68aafd7488d5d209f8a8bb6f34b3cc/ 		120 KB
35 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.gravitec.net/storage/2e68aafd7488d5d209f8a8bb6f34b3cc/client.js
Requested by
Host: mycredit.ua
URL: https://mycredit.ua/ua/documents/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
45.133.44.4 Philadelphia, United States, ASN39572 (ADVANCEDHOSTERS-AS DataWeb Global Group B.V., NL),
Reverse DNS
Software
nginx /
Resource Hash
a3e60336a4f84009b6b1b30569b70ba27ec864a26a243aaad52c9a32b16dba20

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://mycredit.ua/

Response headers

cache-control
max-age=10
content-encoding
gzip
etag
W/"6724d179-1e081"
expires
Thu, 14 Nov 2024 11:24:10 GMT
x-proxy-cache
HIT
access-control-allow-origin
*
date
Tue, 24 Dec 2024 09:46:16 GMT
content-type
application/javascript; charset=utf-8
last-modified
Fri, 01 Nov 2024 13:02:49 GMT
server
nginx
x-cdn-host-id
ah0543
vary
Accept-Encoding
gtm.js
www.googletagmanager.com/ 		434 KB
128 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagmanager.com/gtm.js?id=GTM-KQJ2RPJ
Requested by
Host: mycredit.ua
URL: https://mycredit.ua/ua/documents/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.185.104 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s49-in-f8.1e100.net
Software
Google Tag Manager /
Resource Hash
3f167b7fe6465208e7c0ff9bd46b078ea96f561d2d9fc1cc4f884ff583e628b3
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://mycredit.ua/

Response headers

content-encoding
br
report-to
{"group":"coop_reporting","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/scaffolding/ascgcycc:1080:0"}],}
expires
Tue, 24 Dec 2024 09:46:16 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date
Tue, 24 Dec 2024 09:46:16 GMT
content-type
application/javascript; charset=UTF-8
vary
Accept-Encoding
last-modified
Tue, 24 Dec 2024 09:00:00 GMT
access-control-allow-headers
Cache-Control
strict-transport-security
max-age=31536000; includeSubDomains
cache-control
private, max-age=900
cross-origin-resource-policy
cross-origin
access-control-allow-credentials
true
content-security-policy-report-only
script-src 'none'; form-action 'none'; frame-src 'none'; report-uri https://csp.withgoogle.com/csp/scaffolding/ascgcycc:1080:0
access-control-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to=coop_reporting
content-length
130005
x-xss-protection
0
server
Google Tag Manager
lar_404.min.js
mycredit.ua/js/ 		289 KB
89 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://mycredit.ua/js/lar_404.min.js
Requested by
Host: mycredit.ua
URL: https://mycredit.ua/ua/documents/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.67.12.235 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
048b78752039286efb12fc8ba05f0c6494921d4a31c5c915a8532b1e0cb3487b
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubDomains; preload

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://mycredit.ua/ua/documents/

Response headers

strict-transport-security
max-age=63072000; includeSubDomains; preload
cache-control
max-age=31536000
content-encoding
gzip
cf-cache-status
HIT
etag
"4849e-62905c1d9f5e6-gzip"
cf-ray
8f6fa9cddd3bef8b-WAW
date
Tue, 24 Dec 2024 09:46:16 GMT
content-type
application/javascript
last-modified
Wed, 11 Dec 2024 22:02:44 GMT
vary
Accept-Encoding,User-Agent
server
cloudflare
scripts
esputnik.com/scripts/v1/public/ 		40 KB
12 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://esputnik.com/scripts/v1/public/scripts?apiKey=eyJhbGciOiJSUzI1NiJ9.eyJzdWIiOiI0NTI0ZWZhYTJkYzI2MGRmYTM4YTE1NDBlMWFlYmU1M2QxYjUyMDE3MzM0OWZhOWUxN2E5NTI3YWQ2OGE1ODQzMzNhMGIxNzQwZWIzYTQzNjJhMTQ3N2ZmZGYwMWQwNDY1ZGI1YjAwNDUxMzU2YWFhZjY3MzE1ZDMxOTA5YWQ0YWE4Y2RhYTM2M2Y2OTc0MTRmYzNjZTUzNGI4ODA0NDExMDY4ZGU3OTY5OTEzNjU1Y2ZhMGFlNCJ9.ouy19RMWnW5qvyVT2qkJuQ_cx2Wi5-pQJTiD4mDD55th2ZvIOTiXtWZ52x8f7N73fF-6IKbH6NosqziG8Z6pCQ&domain=72F7606C-9F3E-49DF-A3BE-EAD423DBF927
Requested by
Host: mycredit.ua
URL: https://mycredit.ua/ua/documents/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.18.222.204 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-18-222-204.eu-west-1.compute.amazonaws.com
Software
nginx /
Resource Hash
39a11184bf14e51a6ae209ec5e2bb2c9a31a62406f785adeeabeb327f15330da
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://mycredit.ua/

Response headers

strict-transport-security
max-age=31536000; includeSubDomains
cache-control
max-age=300
content-encoding
gzip
expires
Tue, 24 Dec 2024 09:51:16 GMT
date
Tue, 24 Dec 2024 09:46:16 GMT
content-type
application/javascript; charset=utf-8
vary
Accept-Encoding
server
nginx
ArrowBendDownLeft.svg
media.mycredit.ua/images/home-page/app/ 		391 B
479 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://media.mycredit.ua/images/home-page/app/ArrowBendDownLeft.svg
Requested by
Host: mycredit.ua
URL: https://mycredit.ua/css/lar-404-page.min.css?hash=8663865116
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.22.62.217 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
96d8f08194328eab741558318e9292bef236c91087f7af8531db6852a6ddf86b
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubDomains; preload

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://mycredit.ua/

Response headers

strict-transport-security
max-age=63072000; includeSubDomains; preload
cache-control
max-age=31536000
content-encoding
gzip
cf-cache-status
HIT
etag
"187-5cfde9a444c60-gzip"
age
5371
cf-ray
8f6fa9ceae1aee4c-WAW
accept-ranges
bytes
content-length
230
date
Tue, 24 Dec 2024 09:46:16 GMT
content-type
image/svg+xml
last-modified
Wed, 03 Nov 2021 08:57:41 GMT
vary
Accept-Encoding,User-Agent
server
cloudflare
OpenSans-Regular.ttf
mycredit.ua/fonts/ 		95 KB
58 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://mycredit.ua/fonts/OpenSans-Regular.ttf
Requested by
Host: mycredit.ua
URL: https://mycredit.ua/css/lar-404-page.min.css?hash=8663865116
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.67.12.235 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
037236ed4bf58a85f67074c165d308260fd6be01c86d7df4e79ea16eb273f8c5
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubDomains; preload

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Origin
https://mycredit.ua
Referer
https://mycredit.ua/css/lar-404-page.min.css?hash=8663865116

Response headers

strict-transport-security
max-age=63072000; includeSubDomains; preload
cache-control
max-age=31536000
content-encoding
gzip
cf-cache-status
HIT
etag
"17aa4-611b9e8517543-gzip"
age
66953
cf-ray
8f6fa9ce9effef8b-WAW
date
Tue, 24 Dec 2024 09:46:16 GMT
content-type
application/x-font-ttf
last-modified
Mon, 19 Feb 2024 10:53:44 GMT
vary
Accept-Encoding,User-Agent
server
cloudflare
icomoon-header.ttf
mycredit.ua/fonts/header-fonts/ 		17 KB
9 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://mycredit.ua/fonts/header-fonts/icomoon-header.ttf?w9bbm5
Requested by
Host: mycredit.ua
URL: https://mycredit.ua/css/lar-404-page.min.css?hash=8663865116
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.67.12.235 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
1279bc327cba5fdd8d7a702eb615f18fc8d01ed8bad3095b72200a835b88b134
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubDomains; preload

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Origin
https://mycredit.ua
Referer
https://mycredit.ua/css/lar-404-page.min.css?hash=8663865116

Response headers

strict-transport-security
max-age=63072000; includeSubDomains; preload
cache-control
max-age=31536000
content-encoding
gzip
cf-cache-status
HIT
etag
"4568-611b9e8641e9b-gzip"
age
66953
cf-ray
8f6fa9ce9f02ef8b-WAW
accept-ranges
bytes
content-length
9407
date
Tue, 24 Dec 2024 09:46:16 GMT
content-type
application/x-font-ttf
last-modified
Mon, 19 Feb 2024 10:53:45 GMT
vary
Accept-Encoding,User-Agent
server
cloudflare
OpenSans-SemiBold.ttf
mycredit.ua/fonts/ 		98 KB
60 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://mycredit.ua/fonts/OpenSans-SemiBold.ttf
Requested by
Host: mycredit.ua
URL: https://mycredit.ua/css/lar-404-page.min.css?hash=8663865116
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.67.12.235 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
5e8d9e1a89083cd1b0849993fe2f3acc9aa33b7f439f7e8616872f6897f30684
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubDomains; preload

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Origin
https://mycredit.ua
Referer
https://mycredit.ua/css/lar-404-page.min.css?hash=8663865116

Response headers

strict-transport-security
max-age=63072000; includeSubDomains; preload
cache-control
max-age=31536000
content-encoding
gzip
cf-cache-status
HIT
etag
"189d4-611b9e8517543-gzip"
age
66953
cf-ray
8f6fa9ce9f04ef8b-WAW
date
Tue, 24 Dec 2024 09:46:16 GMT
content-type
application/x-font-ttf
last-modified
Mon, 19 Feb 2024 10:53:44 GMT
vary
Accept-Encoding,User-Agent
server
cloudflare
icomoon-chat.ttf
mycredit.ua/fonts/chat-fonts/ 		2 KB
1 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://mycredit.ua/fonts/chat-fonts/icomoon-chat.ttf?w9bbm5
Requested by
Host: mycredit.ua
URL: https://mycredit.ua/css/lar-404-page.min.css?hash=8663865116
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.67.12.235 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
74caefe8957c981be90784150d551d98561ced97d238681420f8bb5d02987a63
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubDomains; preload

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Origin
https://mycredit.ua
Referer
https://mycredit.ua/css/lar-404-page.min.css?hash=8663865116

Response headers

strict-transport-security
max-age=63072000; includeSubDomains; preload
cache-control
max-age=31536000
content-encoding
gzip
cf-cache-status
HIT
etag
"8b4-611b9e851ee5b-gzip"
age
66953
cf-ray
8f6fa9ce9f06ef8b-WAW
accept-ranges
bytes
content-length
1429
date
Tue, 24 Dec 2024 09:46:16 GMT
content-type
application/x-font-ttf
last-modified
Mon, 19 Feb 2024 10:53:44 GMT
vary
Accept-Encoding,User-Agent
server
cloudflare
OpenSans-Bold.ttf
mycredit.ua/fonts/ 		102 KB
61 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://mycredit.ua/fonts/OpenSans-Bold.ttf
Requested by
Host: mycredit.ua
URL: https://mycredit.ua/css/lar-404-page.min.css?hash=8663865116
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.67.12.235 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
f7916a37377e38527d4306303cfe89b653b49b0a6b0b05c6b7593f7ab0248da8
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubDomains; preload

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Origin
https://mycredit.ua
Referer
https://mycredit.ua/css/lar-404-page.min.css?hash=8663865116

Response headers

strict-transport-security
max-age=63072000; includeSubDomains; preload
cache-control
max-age=31536000
content-encoding
gzip
cf-cache-status
HIT
etag
"196b8-611b9e85161bb-gzip"
age
66953
cf-ray
8f6fa9ce9f08ef8b-WAW
date
Tue, 24 Dec 2024 09:46:16 GMT
content-type
application/x-font-ttf
last-modified
Mon, 19 Feb 2024 10:53:44 GMT
vary
Accept-Encoding,User-Agent
server
cloudflare
icomoon-main.ttf
mycredit.ua/fonts/main-page/ 		9 KB
5 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://mycredit.ua/fonts/main-page/icomoon-main.ttf?6y1x6q
Requested by
Host: mycredit.ua
URL: https://mycredit.ua/css/lar-404-page.min.css?hash=8663865116
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.67.12.235 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
33cdac21d8cb99a0c43860796691d24b6d099229c8f9799c8d9a866d53108d3c
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubDomains; preload

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Origin
https://mycredit.ua
Referer
https://mycredit.ua/css/lar-404-page.min.css?hash=8663865116

Response headers

strict-transport-security
max-age=63072000; includeSubDomains; preload
cache-control
max-age=31536000
content-encoding
gzip
cf-cache-status
HIT
etag
"2504-611b9e8651c83-gzip"
age
66953
cf-ray
8f6fa9ce9f0bef8b-WAW
accept-ranges
bytes
content-length
4758
date
Tue, 24 Dec 2024 09:46:16 GMT
content-type
application/x-font-ttf
last-modified
Mon, 19 Feb 2024 10:53:45 GMT
vary
Accept-Encoding,User-Agent
server
cloudflare
OpenSans-BoldItalic.ttf
mycredit.ua/fonts/ 		90 KB
55 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://mycredit.ua/fonts/OpenSans-BoldItalic.ttf
Requested by
Host: mycredit.ua
URL: https://mycredit.ua/css/lar-404-page.min.css?hash=8663865116
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.67.12.235 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
b08b454c8e47e7ba3cbb59c0e6a8344174363c034d581fe12cb3c6fc3942b6d3
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubDomains; preload

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Origin
https://mycredit.ua
Referer
https://mycredit.ua/css/lar-404-page.min.css?hash=8663865116

Response headers

strict-transport-security
max-age=63072000; includeSubDomains; preload
cache-control
max-age=31536000
content-encoding
gzip
cf-cache-status
HIT
etag
"169d4-611b9e85165a3-gzip"
age
66950
cf-ray
8f6fa9ce9f0def8b-WAW
date
Tue, 24 Dec 2024 09:46:16 GMT
content-type
application/x-font-ttf
last-modified
Mon, 19 Feb 2024 10:53:44 GMT
vary
Accept-Encoding,User-Agent
server
cloudflare
gradient-circle_web.webp
media.mycredit.ua/images/home-page/app/ 		20 KB
20 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://media.mycredit.ua/images/home-page/app/gradient-circle_web.webp
Requested by
Host: mycredit.ua
URL: https://mycredit.ua/ua/documents/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.22.62.217 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
021aeac5f3f8236ef52eb5c455a1153ffc51ccece82664c456200385007ad713
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubDomains; preload

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://mycredit.ua/

Response headers

strict-transport-security
max-age=63072000; includeSubDomains; preload
cache-control
max-age=31536000
content-encoding
gzip
cf-cache-status
HIT
etag
"4ecc-5e27d4611e218-gzip"
age
2986
cf-ray
8f6fa9ceae20ee4c-WAW
accept-ranges
bytes
content-length
20051
date
Tue, 24 Dec 2024 09:46:16 GMT
content-type
image/webp
last-modified
Tue, 28 Jun 2022 07:49:17 GMT
vary
Accept-Encoding,User-Agent
server
cloudflare
iPhone-X-web-ukr.png
media.mycredit.ua/images/home-page/app/ 		303 KB
303 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://media.mycredit.ua/images/home-page/app/iPhone-X-web-ukr.png
Requested by
Host: mycredit.ua
URL: https://mycredit.ua/ua/documents/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.22.62.217 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e5d990fa9153b724273b61ea3cdac68869756334ca5090c9ef20ee80b11d5bc4
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubDomains; preload

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://mycredit.ua/

Response headers

strict-transport-security
max-age=63072000; includeSubDomains; preload
cache-control
max-age=31536000
cf-bgj
imgq:85,h2pri
etag
"5d3c1-5dec24a924d0c"
age
403
cf-cache-status
HIT
cf-ray
8f6fa9ceceb5ee4c-WAW
accept-ranges
bytes
cf-polished
origSize=381889
content-length
309825
date
Tue, 24 Dec 2024 09:46:16 GMT
content-type
image/png
last-modified
Wed, 11 May 2022 20:28:59 GMT
vary
Accept-Encoding
server
cloudflare
apple_logo.svg
media.mycredit.ua/images/home-page/app/ 		1 KB
781 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://media.mycredit.ua/images/home-page/app/apple_logo.svg
Requested by
Host: mycredit.ua
URL: https://mycredit.ua/ua/documents/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.22.62.217 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
a06e4f0e735fa51dc79fbe01facc386d0fcb92712608d650b1959cb6243bdd19
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubDomains; preload

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://mycredit.ua/

Response headers

strict-transport-security
max-age=63072000; includeSubDomains; preload
cache-control
max-age=31536000
content-encoding
gzip
cf-cache-status
HIT
etag
"4d0-5cfd0533d7028-gzip"
age
713
cf-ray
8f6fa9cecebcee4c-WAW
accept-ranges
bytes
content-length
671
date
Tue, 24 Dec 2024 09:46:16 GMT
content-type
image/svg+xml
last-modified
Tue, 02 Nov 2021 15:55:40 GMT
vary
Accept-Encoding,User-Agent
server
cloudflare
playmarket_logo.webp
media.mycredit.ua/images/home-page/app/ 		952 B
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://media.mycredit.ua/images/home-page/app/playmarket_logo.webp
Requested by
Host: mycredit.ua
URL: https://mycredit.ua/ua/documents/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.22.62.217 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e26db5c7bb556a9e32176cb7de0f57a40bbffe35cc9a38aff5da2c6bef66c1c7
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubDomains; preload

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://mycredit.ua/

Response headers

strict-transport-security
max-age=63072000; includeSubDomains; preload
cache-control
max-age=31536000
content-encoding
gzip
cf-cache-status
HIT
etag
"3b8-5e388b70c185e-gzip"
age
6764
cf-ray
8f6fa9ceef20ee4c-WAW
accept-ranges
bytes
content-length
975
date
Tue, 24 Dec 2024 09:46:16 GMT
content-type
image/webp
last-modified
Mon, 11 Jul 2022 14:53:29 GMT
vary
Accept-Encoding,User-Agent
server
cloudflare
qr-code.svg
media.mycredit.ua/images/home-page/app/ 		23 KB
3 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://media.mycredit.ua/images/home-page/app/qr-code.svg
Requested by
Host: mycredit.ua
URL: https://mycredit.ua/ua/documents/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.22.62.217 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e8f2bd22ac8b6f6857f452d458029e2d1db25bd08e40fa36daa06d573f65a3e3
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubDomains; preload

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://mycredit.ua/

Response headers

strict-transport-security
max-age=63072000; includeSubDomains; preload
cache-control
max-age=31536000
content-encoding
gzip
cf-cache-status
HIT
etag
"5b1c-5cfdea2c4a8d0-gzip"
age
3349
cf-ray
8f6fa9ceef22ee4c-WAW
accept-ranges
bytes
content-length
3472
date
Tue, 24 Dec 2024 09:46:16 GMT
content-type
image/svg+xml
last-modified
Wed, 03 Nov 2021 09:00:04 GMT
vary
Accept-Encoding,User-Agent
server
cloudflare
playmarket_logo.png
media.mycredit.ua/images/home-page/app/ 		1 KB
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://media.mycredit.ua/images/home-page/app/playmarket_logo.png
Requested by
Host: mycredit.ua
URL: https://mycredit.ua/ua/documents/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.22.62.217 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
00e13579cf175a1ff87cf1c62c8e30c9a678fc72e56921c36742eb30f530cbc8
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubDomains; preload

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://mycredit.ua/

Response headers

strict-transport-security
max-age=63072000; includeSubDomains; preload
cache-control
max-age=31536000
cf-bgj
imgq:85,h2pri
etag
"502-5cfd0981be3c0"
age
712
cf-cache-status
HIT
cf-ray
8f6fa9ceef24ee4c-WAW
accept-ranges
bytes
cf-polished
origSize=1282
content-length
1161
date
Tue, 24 Dec 2024 09:46:16 GMT
content-type
image/png
last-modified
Tue, 02 Nov 2021 16:14:55 GMT
vary
Accept-Encoding
server
cloudflare
lar_dmsolutions.min.js
mycredit.ua/js/ 		5 KB
2 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://mycredit.ua/js/lar_dmsolutions.min.js
Requested by
Host: mycredit.ua
URL: https://mycredit.ua/js/lar_404.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.67.12.235 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
adcf5f93ef3f23894aa31c94cf0498698774dadfe2b26589df69cb9c7a372c8c
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubDomains; preload

Request headers

Referer
https://mycredit.ua/ua/documents/
X-Requested-With
XMLHttpRequest
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Accept
text/javascript, application/javascript, application/ecmascript, application/x-ecmascript, */*; q=0.01

Response headers

strict-transport-security
max-age=63072000; includeSubDomains; preload
cache-control
max-age=31536000
content-encoding
gzip
cf-cache-status
HIT
etag
"1425-6226b1f639138-gzip"
age
768
cf-ray
8f6fa9cebf59ef8b-WAW
accept-ranges
bytes
content-length
1789
date
Tue, 24 Dec 2024 09:46:16 GMT
content-type
application/javascript
last-modified
Wed, 18 Sep 2024 21:02:23 GMT
vary
Accept-Encoding,User-Agent
server
cloudflare
configs
cdn.gravitec.net/sdk/web/ 		3 KB
1 KB 		Fetch
General
Check archive.org
Download Go to
Full URL
https://cdn.gravitec.net/sdk/web/configs?appKey=2e68aafd7488d5d209f8a8bb6f34b3cc
Requested by
Host: cdn.gravitec.net
URL: https://cdn.gravitec.net/storage/2e68aafd7488d5d209f8a8bb6f34b3cc/client.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
45.133.44.4 Philadelphia, United States, ASN39572 (ADVANCEDHOSTERS-AS DataWeb Global Group B.V., NL),
Reverse DNS
Software
nginx /
Resource Hash
79bbba2135531d3f2a80fcf824c9d9b911dd0eb17f0518e492f6277573e3a3d9
Security Headers
Name Value
Strict-Transport-Security max-age=15724800; includeSubDomains

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://mycredit.ua/

Response headers

strict-transport-security
max-age=15724800; includeSubDomains
x-correlation-id
94424d879ca3abfd20a9352f0790acb3
content-encoding
gzip
x-proxy-cache
MISS
access-control-allow-origin
*
date
Tue, 24 Dec 2024 09:46:17 GMT
content-type
application/json
vary
Accept-Encoding
server
nginx
x-cdn-host-id
ah0543
collect
www.google.com/ccm/ 		0
0 		Ping
General
Check archive.org
Download Go to
Full URL
https://www.google.com/ccm/collect?en=page_view&dl=https%3A%2F%2Fmycredit.ua%2Fua%2Fdocuments%2F&scrsrc=www.googletagmanager.com&frm=0&rnd=794434388.1735033577&dt=%7C%20MyCredit&auid=61338313.1735033577&navt=n&npa=1&gtm=45He4cc1v76998698za200&gcd=13l3l3l2l1l1&dma_cps=syphamo&dma=1&tag_exp=101925629~102067555~102067808~102081485~102198178&tft=1735033577036&tfd=1666&apve=1
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-KQJ2RPJ
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.185.100 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s49-in-f4.1e100.net
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://mycredit.ua/

Response headers
js
www.googletagmanager.com/gtag/ 		435 KB
135 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagmanager.com/gtag/js?id=G-D0W8ESE7N7&l=dataLayer&cx=c&gtm=45He4cc1v76998698za200
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-KQJ2RPJ
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.185.104 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s49-in-f8.1e100.net
Software
Google Tag Manager /
Resource Hash
037af24975de29b4e2ca5400b700872aef1a1751832ff0603a0b96f3dbde5581
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://mycredit.ua/

Response headers

content-encoding
br
report-to
{"group":"coop_reporting","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/scaffolding/ascgcycc:838:0"}],}
expires
Tue, 24 Dec 2024 09:46:17 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date
Tue, 24 Dec 2024 09:46:17 GMT
content-type
application/javascript; charset=UTF-8
vary
Accept-Encoding
access-control-allow-headers
Cache-Control
strict-transport-security
max-age=31536000; includeSubDomains
cache-control
private, max-age=900
cross-origin-resource-policy
cross-origin
access-control-allow-credentials
true
content-security-policy-report-only
script-src 'none'; form-action 'none'; frame-src 'none'; report-uri https://csp.withgoogle.com/csp/scaffolding/ascgcycc:838:0
access-control-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to=coop_reporting
content-length
138144
x-xss-protection
0
server
Google Tag Manager
analytics.js
www.google-analytics.com/ 		52 KB
21 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.google-analytics.com/analytics.js
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-KQJ2RPJ
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.185.142 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s50-in-f14.1e100.net
Software
Golfe2 /
Resource Hash
de36e50194320a7d3ef1ace9bd34a875a8bd458b253c061979dd628e9bf49afd
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://mycredit.ua/

Response headers

content-encoding
gzip
age
156
report-to
{"group":"coop_reporting","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/scaffolding/ascnsrsgac:225:0"}],}
x-content-type-options
nosniff
expires
Tue, 24 Dec 2024 11:43:41 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date
Tue, 24 Dec 2024 09:43:41 GMT
last-modified
Tue, 12 Dec 2023 18:09:08 GMT
content-type
text/javascript
vary
Accept-Encoding
strict-transport-security
max-age=31536000; includeSubDomains; preload
cache-control
public, max-age=7200
cross-origin-resource-policy
cross-origin
content-security-policy-report-only
script-src 'none'; form-action 'none'; frame-src 'none'; report-uri https://csp.withgoogle.com/csp/scaffolding/ascnsrsgac:225:0
cross-origin-opener-policy-report-only
same-origin; report-to=coop_reporting
content-length
20994
server
Golfe2
hotjar-3376424.js
static.hotjar.com/c/ 		13 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://static.hotjar.com/c/hotjar-3376424.js?sv=7
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-KQJ2RPJ
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.66.102.11 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-66-102-11.fra56.r.cloudfront.net
Software
/
Resource Hash
e69acb778efbd4b707a10a882e89e457788c933afcb16a4c2351615e5497121e
Security Headers
Name Value
Strict-Transport-Security max-age=2592000; includeSubDomains
X-Content-Type-Options nosniff

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://mycredit.ua/

Response headers

content-encoding
br
etag
W/6a6978074d598c7ebe1a8c36c326067a
age
4
x-content-type-options
nosniff
x-cache-hit
1
x-cache
Hit from cloudfront
x-amz-cf-id
pmERv3Pj336SI4QzyNiTskjlreQpFIWwb04j0Q2WEW3ShYNdJrvrfA==
date
Tue, 24 Dec 2024 09:46:13 GMT
content-type
application/javascript; charset=UTF-8
vary
Accept-Encoding
strict-transport-security
max-age=2592000; includeSubDomains
cache-control
max-age=60
cross-origin-resource-policy
cross-origin
via
1.1 c2e56cd54e2593df95ccca8a6d98c958.cloudfront.net (CloudFront)
access-control-allow-origin
*
x-amz-cf-pop
FRA56-P2
js
www.googletagmanager.com/gtag/ 		250 KB
90 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagmanager.com/gtag/js?id=AW-684414114
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-KQJ2RPJ
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.185.104 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s49-in-f8.1e100.net
Software
Google Tag Manager /
Resource Hash
eba1a8c4d7ef173171095056b371cb1c9f8dc6acf7bd604a69799902f9eb4c88
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://mycredit.ua/

Response headers

content-encoding
br
report-to
{"group":"coop_reporting","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/scaffolding/ascgcycc:838:0"}],}
expires
Tue, 24 Dec 2024 09:46:17 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date
Tue, 24 Dec 2024 09:46:17 GMT
content-type
application/javascript; charset=UTF-8
vary
Accept-Encoding
last-modified
Tue, 24 Dec 2024 09:00:00 GMT
access-control-allow-headers
Cache-Control
strict-transport-security
max-age=31536000; includeSubDomains
cache-control
private, max-age=900
cross-origin-resource-policy
cross-origin
access-control-allow-credentials
true
content-security-policy-report-only
script-src 'none'; form-action 'none'; frame-src 'none'; report-uri https://csp.withgoogle.com/csp/scaffolding/ascgcycc:838:0
access-control-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to=coop_reporting
content-length
91626
x-xss-protection
0
server
Google Tag Manager
fbevents.js
connect.facebook.net/en_US/ 		239 KB
61 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://connect.facebook.net/en_US/fbevents.js
Requested by
Host: mycredit.ua
URL: https://mycredit.ua/ua/documents/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
157.240.0.6 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
xx-fbcdn-shv-02-fra3.fbcdn.net
Software
/
Resource Hash
24751cbae618f6fbeb532498fd1ceeda5350f30085086cd5426961a2695e3d9f
Security Headers
Name Value
Content-Security-Policy default-src 'self' data: blob: facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;script-src 'nonce-8SjCg6dI' *.fbcdn.net *.facebook.net blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';img-src 'self' data: blob: facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;require-trusted-types-for 'script';
Strict-Transport-Security max-age=31536000; preload; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://mycredit.ua/

Response headers

content-encoding
gzip
report-to
{"max_age":2592000,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coop\/?minimize=0"}],"group":"coop_report","include_subdomains":true}, {"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coep\/?minimize=0"}],"group":"coep_report"}, {"max_age":21600,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/"}],"group":"permissions_policy"}
x-content-type-options
nosniff
expires
Sat, 01 Jan 2000 00:00:00 GMT
alt-svc
h3=":443"; ma=86400
date
Tue, 24 Dec 2024 09:46:17 GMT
content-type
application/x-javascript; charset=utf-8
vary
Accept-Encoding
cross-origin-embedder-policy-report-only
require-corp;report-to="coep_report"
priority
u=3,i
x-frame-options
DENY
strict-transport-security
max-age=31536000; preload; includeSubDomains
reporting-endpoints
coop_report="https://www.facebook.com/browser_reporting/coop/?minimize=0", coep_report="https://www.facebook.com/browser_reporting/coep/?minimize=0", permissions_policy="https://www.facebook.com/ajax/browser_error_reports/"
content-security-policy
default-src 'self' data: blob: facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;script-src 'nonce-8SjCg6dI' *.fbcdn.net *.facebook.net blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';img-src 'self' data: blob: facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;require-trusted-types-for 'script';
cache-control
public, max-age=1200
timing-allow-origin
*
cross-origin-opener-policy
same-origin-allow-popups
x-fb-connection-quality
EXCELLENT; q=0.9, rtt=37, rtx=0, c=23, mss=1232, tbw=4495, tp=9, tpl=0, uplat=1, ullat=-1
pragma
public
x-fb-debug
iaEPL0WshupkVdfx5uSL8jbtsecD7x1iQpMfLqgbY1lDbQpNBUM/CuLEHcKsAw6m+hqfeGs6Pu3MfNybsBlX+w==
cross-origin-resource-policy
cross-origin
permissions-policy
accelerometer=(), attribution-reporting=(), autoplay=(), bluetooth=(), camera=(), ch-device-memory=(), ch-downlink=(), ch-dpr=(), ch-ect=(), ch-rtt=(), ch-save-data=(), ch-ua-arch=(), ch-ua-bitness=(), ch-viewport-height=(), ch-viewport-width=(), ch-width=(), clipboard-read=(), clipboard-write=(), compute-pressure=(), display-capture=(), encrypted-media=(), fullscreen=(self), gamepad=(), geolocation=(), gyroscope=(), hid=(), idle-detection=(), interest-cohort=(), keyboard-map=(), local-fonts=(), magnetometer=(), microphone=(), midi=(), otp-credentials=(), payment=(), picture-in-picture=(), private-state-token-issuance=(), publickey-credentials-get=(), screen-wake-lock=(), serial=(), shared-storage=(), shared-storage-select-url=(), private-state-token-redemption=(), usb=(), unload=(self), window-management=(), xr-spatial-tracking=();report-to="permissions_policy"
document-policy
force-load-at-top
content-length
62282
x-xss-protection
0
origin-agent-cluster
?1
270CBFFB1BA24B2F895468F2039DF1F0.js
statics.esputnik.com/scripts/ 		0
0
sw_iframe.html
www.googletagmanager.com/static/service_worker/4cc0/ Frame C80F 		0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://www.googletagmanager.com/static/service_worker/4cc0/sw_iframe.html?origin=https%3A%2F%2Fmycredit.ua
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-KQJ2RPJ
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.185.104 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s49-in-f8.1e100.net
Software
sffe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36

Response headers

accept-ranges
bytes
age
405360
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
public, max-age=31536000
content-encoding
br
content-length
1476
content-type
text/html
cross-origin-opener-policy
same-origin; report-to="analytics-container-tag-serving"
cross-origin-resource-policy
cross-origin
date
Thu, 19 Dec 2024 17:10:17 GMT
expires
Fri, 19 Dec 2025 17:10:17 GMT
last-modified
Thu, 12 Dec 2024 10:18:00 GMT
report-to
{"group":"analytics-container-tag-serving","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/analytics-container-tag-serving"}]}
server
sffe
service-worker-allowed
/static/service_worker
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
collect
region1.analytics.google.com/g/ 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://region1.analytics.google.com/g/collect?v=2&tid=G-D0W8ESE7N7&gtm=45je4cc1v885394938z876998698za200zb76998698&_p=1735033576596&_gaz=1&gcd=13l3lPl2l1l1&npa=1&dma_cps=syphamo&dma=1&tag_exp=101925629~102067555~102067808~102081485~102198178&cid=809785020.1735033577&ul=pl-pl&sr=1600x1200&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&are=1&frm=0&pscdl=noapi&_s=1&sid=1735033577&sct=1&seg=0&dl=https%3A%2F%2Fmycredit.ua%2Fua%2Fdocuments%2F&dt=%7C%20MyCredit&en=page_view&_fv=1&_nsi=1&_ss=2&tfd=1784
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-D0W8ESE7N7&l=dataLayer&cx=c&gtm=45He4cc1v76998698za200
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
216.239.34.36 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://mycredit.ua/

Response headers

cache-control
no-cache, no-store, must-revalidate
pragma
no-cache
cross-origin-resource-policy
cross-origin
access-control-allow-credentials
true
content-security-policy-report-only
script-src 'none'; form-action 'none'; frame-src 'none'; report-uri https://csp.withgoogle.com/csp/scaffolding/ascnsrsggc:136:0
report-to
{"group":"coop_reporting","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/scaffolding/ascnsrsggc:136:0"}],}
expires
Fri, 01 Jan 1990 00:00:00 GMT
access-control-allow-origin
https://mycredit.ua
cross-origin-opener-policy-report-only
same-origin; report-to=coop_reporting
content-length
0
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date
Tue, 24 Dec 2024 09:46:17 GMT
content-type
text/plain
server
Golfe2
ga-audiences
www.google.pl/ads/ 		0
0
870464000420483
connect.facebook.net/signals/config/ 		88 KB
18 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://connect.facebook.net/signals/config/870464000420483?v=2.9.179&r=stable&domain=mycredit.ua&hme=b8122d5d96cd6f542162ba4f497489972d1ebe228d24c39d34f560e30ae932ce&ex_m=70%2C122%2C107%2C111%2C61%2C4%2C100%2C69%2C16%2C97%2C89%2C51%2C54%2C173%2C176%2C188%2C184%2C185%2C187%2C29%2C101%2C53%2C77%2C186%2C168%2C171%2C181%2C182%2C189%2C132%2C41%2C191%2C192%2C34%2C144%2C15%2C50%2C197%2C196%2C134%2C18%2C40%2C1%2C43%2C65%2C66%2C67%2C71%2C93%2C17%2C14%2C96%2C92%2C91%2C108%2C52%2C110%2C39%2C109%2C30%2C94%2C26%2C169%2C172%2C141%2C86%2C56%2C84%2C33%2C73%2C0%2C95%2C32%2C28%2C82%2C83%2C88%2C47%2C46%2C87%2C37%2C11%2C12%2C13%2C6%2C7%2C25%2C22%2C23%2C57%2C62%2C64%2C75%2C102%2C27%2C76%2C9%2C8%2C80%2C48%2C21%2C104%2C103%2C105%2C98%2C10%2C20%2C3%2C38%2C74%2C19%2C5%2C90%2C81%2C44%2C35%2C85%2C2%2C36%2C63%2C42%2C106%2C45%2C79%2C68%2C112%2C60%2C59%2C31%2C99%2C58%2C55%2C49%2C78%2C72%2C24%2C113
Requested by
Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/fbevents.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
157.240.0.6 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
xx-fbcdn-shv-02-fra3.fbcdn.net
Software
/
Resource Hash
d49765435a3373aba191ada5a7426e0d68350f97827efafc438e71fe4dd3a7f4
Security Headers
Name Value
Content-Security-Policy default-src 'self' data: blob: facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;script-src 'nonce-8KSjpzNm' *.fbcdn.net *.facebook.net blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';img-src 'self' data: blob: facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;require-trusted-types-for 'script';
Strict-Transport-Security max-age=31536000; preload; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://mycredit.ua/

Response headers

content-encoding
gzip
report-to
{"max_age":2592000,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coop\/?minimize=0"}],"group":"coop_report","include_subdomains":true}, {"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coep\/?minimize=0"}],"group":"coep_report"}, {"max_age":21600,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/"}],"group":"permissions_policy"}
x-content-type-options
nosniff
expires
Sat, 01 Jan 2000 00:00:00 GMT
alt-svc
h3=":443"; ma=86400
date
Tue, 24 Dec 2024 09:46:17 GMT
content-type
application/x-javascript; charset=utf-8
vary
Accept-Encoding
cross-origin-embedder-policy-report-only
require-corp;report-to="coep_report"
priority
u=3,i
x-frame-options
DENY
strict-transport-security
max-age=31536000; preload; includeSubDomains
reporting-endpoints
coop_report="https://www.facebook.com/browser_reporting/coop/?minimize=0", coep_report="https://www.facebook.com/browser_reporting/coep/?minimize=0", permissions_policy="https://www.facebook.com/ajax/browser_error_reports/"
content-security-policy
default-src 'self' data: blob: facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;script-src 'nonce-8KSjpzNm' *.fbcdn.net *.facebook.net blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';img-src 'self' data: blob: facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;require-trusted-types-for 'script';
cache-control
public, max-age=1200
timing-allow-origin
*
cross-origin-opener-policy
same-origin-allow-popups
x-fb-connection-quality
EXCELLENT; q=0.9, rtt=38, rtx=0, c=77, mss=1232, tbw=70511, tp=65, tpl=0, uplat=3, ullat=-1
pragma
public
x-fb-debug
Lmr8pHSVUb3E2cElHvD5LPT3b0rqJimN//QSjWjC0+0ia6XgmLo4AITrCIXyzeQZt/jkcLFF3xNdMPzYp2COCw==
cross-origin-resource-policy
cross-origin
permissions-policy
accelerometer=(), attribution-reporting=(), autoplay=(), bluetooth=(), camera=(), ch-device-memory=(), ch-downlink=(), ch-dpr=(), ch-ect=(), ch-rtt=(), ch-save-data=(), ch-ua-arch=(), ch-ua-bitness=(), ch-viewport-height=(), ch-viewport-width=(), ch-width=(), clipboard-read=(), clipboard-write=(), compute-pressure=(), display-capture=(), encrypted-media=(), fullscreen=(self), gamepad=(), geolocation=(), gyroscope=(), hid=(), idle-detection=(), interest-cohort=(), keyboard-map=(), local-fonts=(), magnetometer=(), microphone=(), midi=(), otp-credentials=(), payment=(), picture-in-picture=(), private-state-token-issuance=(), publickey-credentials-get=(), screen-wake-lock=(), serial=(), shared-storage=(), shared-storage-select-url=(), private-state-token-redemption=(), usb=(), unload=(self), window-management=(), xr-spatial-tracking=();report-to="permissions_policy"
document-policy
force-load-at-top
content-length
18123
x-xss-protection
0
origin-agent-cluster
?1
/
id.gravitec.net/ Frame 7581 		0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://id.gravitec.net/
Requested by
Host: cdn.gravitec.net
URL: https://cdn.gravitec.net/storage/2e68aafd7488d5d209f8a8bb6f34b3cc/client.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.21.76.27 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash

Request headers

Referer
https://mycredit.ua/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36

Response headers

access-control-allow-origin
*
alt-svc
h3=":443"; ma=86400
cache-control
max-age=315360000 public
cf-cache-status
DYNAMIC
cf-ray
8f6fa9d1bc78b61b-WAW
content-encoding
zstd
content-type
text/html; charset=utf-8
date
Tue, 24 Dec 2024 09:46:17 GMT
expires
Thu, 31 Dec 2037 23:55:55 GMT
last-modified
Mon, 13 Apr 2020 15:31:02 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
pragma
public
priority
u=0,i
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=cc%2BCCain3N%2B9KxIM3nbuAXU1W7Q%2BH6Oh8KnmFHuvV1whJ3rCYZGB1NRXIyZQlOSEkJP6plWy7CdX3pR0YGf7XFlFT%2BxJgNxbBXncXylrsoYA47oInXAdBty1TQwzIqVWkGY%3D"}],"group":"cf-nel","max_age":604800}
server
cloudflare
server-timing
cfL4;desc="?proto=QUIC&rtt=26313&min_rtt=26227&rtt_var=10007&sent=10&recv=7&lost=0&retrans=0&sent_bytes=4120&recv_bytes=4358&delivery_rate=117938&cwnd=12000&unsent_bytes=0&cid=fbefaa1c044d6b4a&ts=66&x=1" cfExtPri cfHdrFlush;dur=0
vary
accept-encoding
3102380450032783
connect.facebook.net/signals/config/ 		36 KB
5 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://connect.facebook.net/signals/config/3102380450032783?v=2.9.179&r=stable&domain=mycredit.ua&hme=b8122d5d96cd6f542162ba4f497489972d1ebe228d24c39d34f560e30ae932ce&ex_m=70%2C122%2C107%2C111%2C61%2C4%2C100%2C69%2C16%2C97%2C89%2C51%2C54%2C173%2C176%2C188%2C184%2C185%2C187%2C29%2C101%2C53%2C77%2C186%2C168%2C171%2C181%2C182%2C189%2C132%2C41%2C191%2C192%2C34%2C144%2C15%2C50%2C197%2C196%2C134%2C18%2C40%2C1%2C43%2C65%2C66%2C67%2C71%2C93%2C17%2C14%2C96%2C92%2C91%2C108%2C52%2C110%2C39%2C109%2C30%2C94%2C26%2C169%2C172%2C141%2C86%2C56%2C84%2C33%2C73%2C0%2C95%2C32%2C28%2C82%2C83%2C88%2C47%2C46%2C87%2C37%2C11%2C12%2C13%2C6%2C7%2C25%2C22%2C23%2C57%2C62%2C64%2C75%2C102%2C27%2C76%2C9%2C8%2C80%2C48%2C21%2C104%2C103%2C105%2C98%2C10%2C20%2C3%2C38%2C74%2C19%2C5%2C90%2C81%2C44%2C35%2C85%2C2%2C36%2C63%2C42%2C106%2C45%2C79%2C68%2C112%2C60%2C59%2C31%2C99%2C58%2C55%2C49%2C78%2C72%2C24%2C113%2C135%2C164%2C198%2C200%2C123%2C158%2C146%2C152%2C130%2C236%2C117%2C199%2C127%2C128%2C147%2C174%2C160%2C119%2C237%2C166%2C120%2C239%2C167%2C137%2C124%2C155%2C149%2C195%2C114%2C129
Requested by
Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/fbevents.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
157.240.0.6 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
xx-fbcdn-shv-02-fra3.fbcdn.net
Software
/
Resource Hash
009e0d58d24b06bb4bb2baff42c700390d26f38ff76a48ddd8d696c6e7f79005
Security Headers
Name Value
Content-Security-Policy default-src 'self' data: blob: facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;script-src 'nonce-DVF1l153' *.fbcdn.net *.facebook.net blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';img-src 'self' data: blob: facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;require-trusted-types-for 'script';
Strict-Transport-Security max-age=31536000; preload; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://mycredit.ua/

Response headers

content-encoding
gzip
report-to
{"max_age":2592000,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coop\/?minimize=0"}],"group":"coop_report","include_subdomains":true}, {"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coep\/?minimize=0"}],"group":"coep_report"}, {"max_age":21600,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/"}],"group":"permissions_policy"}
x-content-type-options
nosniff
expires
Sat, 01 Jan 2000 00:00:00 GMT
alt-svc
h3=":443"; ma=86400
date
Tue, 24 Dec 2024 09:46:17 GMT
content-type
application/x-javascript; charset=utf-8
vary
Accept-Encoding
cross-origin-embedder-policy-report-only
require-corp;report-to="coep_report"
priority
u=3,i
x-frame-options
DENY
strict-transport-security
max-age=31536000; preload; includeSubDomains
reporting-endpoints
coop_report="https://www.facebook.com/browser_reporting/coop/?minimize=0", coep_report="https://www.facebook.com/browser_reporting/coep/?minimize=0", permissions_policy="https://www.facebook.com/ajax/browser_error_reports/"
content-security-policy
default-src 'self' data: blob: facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;script-src 'nonce-DVF1l153' *.fbcdn.net *.facebook.net blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';img-src 'self' data: blob: facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;require-trusted-types-for 'script';
cache-control
public, max-age=1200
timing-allow-origin
*
cross-origin-opener-policy
same-origin-allow-popups
x-fb-connection-quality
GOOD; q=0.7, rtt=90, rtx=0, c=92, mss=1232, tbw=89787, tp=84, tpl=0, uplat=3, ullat=-1
pragma
public
x-fb-debug
O3Fa2T/VFPExUsJapW3+kKVSwmHiNOsUX3jJKSwu3Gwfzi8wE2LGghZ/DxlXFMwkZ0y1ekj/wdIEhS4Pw32xYQ==
cross-origin-resource-policy
cross-origin
permissions-policy
accelerometer=(), attribution-reporting=(), autoplay=(), bluetooth=(), camera=(), ch-device-memory=(), ch-downlink=(), ch-dpr=(), ch-ect=(), ch-rtt=(), ch-save-data=(), ch-ua-arch=(), ch-ua-bitness=(), ch-viewport-height=(), ch-viewport-width=(), ch-width=(), clipboard-read=(), clipboard-write=(), compute-pressure=(), display-capture=(), encrypted-media=(), fullscreen=(self), gamepad=(), geolocation=(), gyroscope=(), hid=(), idle-detection=(), interest-cohort=(), keyboard-map=(), local-fonts=(), magnetometer=(), microphone=(), midi=(), otp-credentials=(), payment=(), picture-in-picture=(), private-state-token-issuance=(), publickey-credentials-get=(), screen-wake-lock=(), serial=(), shared-storage=(), shared-storage-select-url=(), private-state-token-redemption=(), usb=(), unload=(self), window-management=(), xr-spatial-tracking=();report-to="permissions_policy"
document-policy
force-load-at-top
content-length
5289
x-xss-protection
0
origin-agent-cluster
?1
/
www.facebook.com/tr/ 		0
16 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.facebook.com/tr/?id=870464000420483&ev=PageView&dl=https%3A%2F%2Fmycredit.ua&rl=&if=false&ts=1735033577272&sw=1600&sh=1200&v=2.9.179&r=stable&ec=0&o=12316&fbp=fb.1.1735033577270.186400827643382127&cs_est=true&pm=1&hrl=93d19a&ler=empty&cdl=API_unavailable&it=1735033577186&coo=false&cs_cc=1&rqm=GET
Requested by
Host: mycredit.ua
URL: https://mycredit.ua/ua/documents/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
157.240.0.35 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
edge-star-mini-shv-02-fra3.facebook.com
Software
proxygen-bolt /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://mycredit.ua/

Response headers

strict-transport-security
max-age=31536000; includeSubDomains
x-fb-connection-quality
EXCELLENT; q=0.9, rtt=43, rtx=0, c=23, mss=1232, tbw=4956, tp=14, tpl=0, uplat=0, ullat=0
cross-origin-resource-policy
cross-origin
access-control-allow-credentials
true
access-control-allow-origin
alt-svc
h3=":443"; ma=86400
content-length
0
date
Tue, 24 Dec 2024 09:46:17 GMT
content-type
text/plain
server
proxygen-bolt
priority
u=3,i
/
www.facebook.com/privacy_sandbox/pixel/register/trigger/ 		67 B
192 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.facebook.com/privacy_sandbox/pixel/register/trigger/?id=870464000420483&ev=PageView&dl=https%3A%2F%2Fmycredit.ua&rl=&if=false&ts=1735033577272&sw=1600&sh=1200&v=2.9.179&r=stable&ec=0&o=12316&fbp=fb.1.1735033577270.186400827643382127&cs_est=true&pm=1&hrl=93d19a&ler=empty&cdl=API_unavailable&it=1735033577186&coo=false&cs_cc=1&rqm=FGET
Requested by
Host: mycredit.ua
URL: https://mycredit.ua/ua/documents/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
157.240.0.35 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
edge-star-mini-shv-02-fra3.facebook.com
Software
/
Resource Hash
aa7b6c81e85551eeb5c4809f1e683efa0b780c33d12ddfc2067a1b136803e45a
Security Headers
Name Value
Content-Security-Policy default-src data: blob: 'self' https://*.fbsbx.com *.facebook.com *.fbcdn.net;script-src *.facebook.com *.fbcdn.net 'unsafe-inline' blob: data: 'self' 'wasm-unsafe-eval';style-src *.fbcdn.net data: *.facebook.com 'unsafe-inline';connect-src *.facebook.com facebook.com *.fbcdn.net wss://*.facebook.com:* wss://*.fbcdn.net attachment.fbsbx.com blob: *.cdninstagram.com 'self' http://localhost:3103 wss://gateway.facebook.com wss://edge-chat.facebook.com wss://snaptu-d.facebook.com wss://kaios-d.facebook.com/ *.fbsbx.com;font-src data: *.facebook.com *.fbcdn.net *.fbsbx.com;img-src *.fbcdn.net *.facebook.com data: https://*.fbsbx.com facebook.com *.cdninstagram.com fbsbx.com fbcdn.net blob: android-webview-video-poster: *.oculuscdn.com https://paywithmybank.com/ https://*.paywithmybank.com/;media-src *.cdninstagram.com blob: *.fbcdn.net *.fbsbx.com www.facebook.com *.facebook.com data:;frame-src *.facebook.com *.fbsbx.com fbsbx.com data: *.fbcdn.net https://paywithmybank.com/ https://*.paywithmybank.com/;worker-src blob: *.facebook.com data:;block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;
Strict-Transport-Security max-age=15552000; preload
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://mycredit.ua/

Response headers

content-encoding
zstd
report-to
{"max_age":2592000,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coop\/?minimize=0"}],"group":"coop_report","include_subdomains":true}, {"max_age":259200,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/?device_level=unknown&brsid=7451912471391550004"}]}, {"max_age":21600,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/"}],"group":"permissions_policy"}
x-content-type-options
nosniff
expires
Sat, 01 Jan 2000 00:00:00 GMT
alt-svc
h3=":443"; ma=86400
date
Tue, 24 Dec 2024 09:46:17 GMT
content-type
image/png
vary
Accept-Encoding
x-fb-debug
lY7h+qpaNaDbu4e8JLLeY7d6MWjGSa+Q7iCfAqKomR5CA0VEQsavJgTp56aLQc8l2GZjO0MKZP4P1PrfBf4gEA==
priority
u=3,i
x-frame-options
DENY
strict-transport-security
max-age=15552000; preload
reporting-endpoints
coop_report="https://www.facebook.com/browser_reporting/coop/?minimize=0", default="https://www.facebook.com/ajax/browser_error_reports/?device_level=unknown&brsid=7451912471391550004", permissions_policy="https://www.facebook.com/ajax/browser_error_reports/"
content-security-policy
default-src data: blob: 'self' https://*.fbsbx.com *.facebook.com *.fbcdn.net;script-src *.facebook.com *.fbcdn.net 'unsafe-inline' blob: data: 'self' 'wasm-unsafe-eval';style-src *.fbcdn.net data: *.facebook.com 'unsafe-inline';connect-src *.facebook.com facebook.com *.fbcdn.net wss://*.facebook.com:* wss://*.fbcdn.net attachment.fbsbx.com blob: *.cdninstagram.com 'self' http://localhost:3103 wss://gateway.facebook.com wss://edge-chat.facebook.com wss://snaptu-d.facebook.com wss://kaios-d.facebook.com/ *.fbsbx.com;font-src data: *.facebook.com *.fbcdn.net *.fbsbx.com;img-src *.fbcdn.net *.facebook.com data: https://*.fbsbx.com facebook.com *.cdninstagram.com fbsbx.com fbcdn.net blob: android-webview-video-poster: *.oculuscdn.com https://paywithmybank.com/ https://*.paywithmybank.com/;media-src *.cdninstagram.com blob: *.fbcdn.net *.fbsbx.com www.facebook.com *.facebook.com data:;frame-src *.facebook.com *.fbsbx.com fbsbx.com data: *.fbcdn.net https://paywithmybank.com/ https://*.paywithmybank.com/;worker-src blob: *.facebook.com data:;block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;
cache-control
private, no-store, no-cache, must-revalidate
x-fb-connection-quality
EXCELLENT; q=0.9, rtt=42, rtx=0, c=24, mss=1232, tbw=8044, tp=21, tpl=0, uplat=152, ullat=0
cross-origin-opener-policy
same-origin-allow-popups
pragma
no-cache
cross-origin-resource-policy
cross-origin
permissions-policy
accelerometer=(), attribution-reporting=(self), autoplay=(), bluetooth=(), browsing-topics=(self), camera=(self), ch-device-memory=(), ch-downlink=(), ch-dpr=(), ch-ect=(), ch-rtt=(), ch-save-data=(), ch-ua-arch=(), ch-ua-bitness=(), ch-viewport-height=(), ch-viewport-width=(), ch-width=(), clipboard-read=(self), clipboard-write=(self), compute-pressure=(), display-capture=(self), encrypted-media=(self), fullscreen=(self), gamepad=*, geolocation=(self), gyroscope=(), hid=(), idle-detection=(), interest-cohort=(self), keyboard-map=(), local-fonts=(), magnetometer=(), microphone=(self), midi=(), otp-credentials=(), payment=(), picture-in-picture=(self), private-state-token-issuance=(), publickey-credentials-get=(self), screen-wake-lock=(), serial=(), shared-storage=(), shared-storage-select-url=(), private-state-token-redemption=(), usb=(), unload=(self), window-management=(), xr-spatial-tracking=(self);report-to="permissions_policy"
document-policy
force-load-at-top
x-xss-protection
0
origin-agent-cluster
?1
collect
nimble-yen-237809.appspot.com/ 		43 B
221 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://nimble-yen-237809.appspot.com/collect?v=1&_v=j101&a=852034304&t=pageview&_s=1&dl=https%3A%2F%2Fmycredit.ua%2Fua%2Fdocuments%2F&ul=pl-pl&de=UTF-8&dt=%7C%20MyCredit&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=YADAAEABAAAAACAUK~&jid=2117957976&gjid=1394576703&cid=809785020.1735033577&tid=UA-78518171-5&_gid=1611428032.1735033577&_r=1&_slc=1&gtm=45He4cc1n81KQJ2RPJv76998698za200&cd7=1735033577038&gcd=13l3l3l2l1l1&dma_cps=syphamo&dma=1&tag_exp=101925629~102067555~102067808~102081485~102198178&cd1=809785020.1735033577&npa=1&z=705346459&clientId=809785020.1735033577&hitId=1735033577038&userId=undefined
Requested by
Host: mycredit.ua
URL: https://mycredit.ua/ua/documents/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.185.244 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s53-in-f20.1e100.net
Software
Google Frontend /
Resource Hash
aa03dc59bdca72631d2301e4297cfa030bd31b907dc138e7b973d12311c90a22

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://mycredit.ua/

Response headers

cache-control
no-cache
access-control-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
43
date
Tue, 24 Dec 2024 09:46:17 GMT
content-type
image/gif
x-cloud-trace-context
672858a68ff12e07c19badafc6a8366c
server
Google Frontend
collect
www.google-analytics.com/ 		35 B
407 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google-analytics.com/collect?v=1&_v=j101&a=852034304&t=pageview&_s=1&dl=https%3A%2F%2Fmycredit.ua%2Fua%2Fdocuments%2F&ul=pl-pl&de=UTF-8&dt=%7C%20MyCredit&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=YADAAEABAAAAACAUK~&jid=2117957976&gjid=1394576703&cid=809785020.1735033577&tid=UA-78518171-5&_gid=1611428032.1735033577&_r=1&_slc=1&gtm=45He4cc1n81KQJ2RPJv76998698za200&cd7=1735033577038&gcd=13l3l3l2l1l1&dma_cps=syphamo&dma=1&tag_exp=101925629~102067555~102067808~102081485~102198178&cd1=809785020.1735033577&npa=1&z=705346459&clientId=809785020.1735033577&hitId=1735033577038&userId=undefined
Requested by
Host: mycredit.ua
URL: https://mycredit.ua/ua/documents/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.185.142 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s50-in-f14.1e100.net
Software
Golfe2 /
Resource Hash
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://mycredit.ua/

Response headers

age
85966
report-to
{"group":"coop_reporting","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/scaffolding/ascnsrsgac:163:0"}],}
x-content-type-options
nosniff
expires
Mon, 01 Jan 1990 00:00:00 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date
Mon, 23 Dec 2024 09:53:31 GMT
last-modified
Sun, 17 May 1998 03:00:00 GMT
content-type
image/gif
cache-control
no-cache, no-store, must-revalidate
pragma
no-cache
cross-origin-resource-policy
cross-origin
content-security-policy-report-only
script-src 'none'; form-action 'none'; frame-src 'none'; report-uri https://csp.withgoogle.com/csp/scaffolding/ascnsrsgac:163:0
access-control-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to=coop_reporting
content-length
35
server
Golfe2
modules.60031afbf51fb3e88a5b.js
script.hotjar.com/ 		223 KB
56 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://script.hotjar.com/modules.60031afbf51fb3e88a5b.js
Requested by
Host: static.hotjar.com
URL: https://static.hotjar.com/c/hotjar-3376424.js?sv=7
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
52.222.236.122 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-52-222-236-122.fra56.r.cloudfront.net
Software
/
Resource Hash
e38338484d969872e570a554c807dab4a79233b82d64a7cb7028fb459123d44a
Security Headers
Name Value
Strict-Transport-Security max-age=2592000; includeSubDomains
X-Content-Type-Options nosniff

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://mycredit.ua/

Response headers

x-robots-tag
none
content-encoding
br
etag
"b4a1a7933e55e780894c3f39b1aca0b4"
age
510910
x-content-type-options
nosniff
x-cache
Hit from cloudfront
x-amz-cf-id
noqYC0rRQpVjhhIJsqc2Bs2sXkeURDHpQyBPpOEXJi-sC6WI5NEweQ==
date
Wed, 18 Dec 2024 11:51:07 GMT
content-type
application/javascript; charset=utf-8
last-modified
Wed, 18 Dec 2024 11:50:24 GMT
vary
Accept-Encoding
strict-transport-security
max-age=2592000; includeSubDomains
cache-control
max-age=31536000
cross-origin-resource-policy
cross-origin
via
1.1 c9499008aa7e1acd11e9fbc171281d82.cloudfront.net (CloudFront)
accept-ranges
bytes
access-control-allow-origin
*
content-length
56408
x-amz-cf-pop
FRA56-P4
/
www.facebook.com/tr/ 		0
19 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.facebook.com/tr/?id=3102380450032783&ev=PageView&dl=https%3A%2F%2Fmycredit.ua&rl=&if=false&ts=1735033577367&sw=1600&sh=1200&v=2.9.179&r=stable&ec=0&o=12316&fbp=fb.1.1735033577270.186400827643382127&cs_est=true&pm=1&hrl=afee51&ler=empty&cdl=API_unavailable&it=1735033577186&coo=false&cs_cc=1&cas=4622391897867656&rqm=GET
Requested by
Host: mycredit.ua
URL: https://mycredit.ua/ua/documents/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
157.240.0.35 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
edge-star-mini-shv-02-fra3.facebook.com
Software
proxygen-bolt /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://mycredit.ua/

Response headers

strict-transport-security
max-age=31536000; includeSubDomains
x-fb-connection-quality
EXCELLENT; q=0.9, rtt=43, rtx=0, c=23, mss=1232, tbw=4636, tp=12, tpl=0, uplat=1, ullat=0
cross-origin-resource-policy
cross-origin
access-control-allow-credentials
true
access-control-allow-origin
alt-svc
h3=":443"; ma=86400
content-length
0
date
Tue, 24 Dec 2024 09:46:17 GMT
content-type
text/plain
server
proxygen-bolt
priority
u=3,i
/
www.facebook.com/privacy_sandbox/pixel/register/trigger/ 		67 B
195 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.facebook.com/privacy_sandbox/pixel/register/trigger/?id=3102380450032783&ev=PageView&dl=https%3A%2F%2Fmycredit.ua&rl=&if=false&ts=1735033577367&sw=1600&sh=1200&v=2.9.179&r=stable&ec=0&o=12316&fbp=fb.1.1735033577270.186400827643382127&cs_est=true&pm=1&hrl=afee51&ler=empty&cdl=API_unavailable&it=1735033577186&coo=false&cs_cc=1&cas=4622391897867656&rqm=FGET
Requested by
Host: mycredit.ua
URL: https://mycredit.ua/ua/documents/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
157.240.0.35 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
edge-star-mini-shv-02-fra3.facebook.com
Software
/
Resource Hash
aa7b6c81e85551eeb5c4809f1e683efa0b780c33d12ddfc2067a1b136803e45a
Security Headers
Name Value
Content-Security-Policy default-src data: blob: 'self' https://*.fbsbx.com *.facebook.com *.fbcdn.net;script-src *.facebook.com *.fbcdn.net 'unsafe-inline' blob: data: 'self' 'wasm-unsafe-eval';style-src *.fbcdn.net data: *.facebook.com 'unsafe-inline';connect-src *.facebook.com facebook.com *.fbcdn.net wss://*.facebook.com:* wss://*.fbcdn.net attachment.fbsbx.com blob: *.cdninstagram.com 'self' http://localhost:3103 wss://gateway.facebook.com wss://edge-chat.facebook.com wss://snaptu-d.facebook.com wss://kaios-d.facebook.com/ *.fbsbx.com;font-src data: *.facebook.com *.fbcdn.net *.fbsbx.com;img-src *.fbcdn.net *.facebook.com data: https://*.fbsbx.com facebook.com *.cdninstagram.com fbsbx.com fbcdn.net blob: android-webview-video-poster: *.oculuscdn.com https://paywithmybank.com/ https://*.paywithmybank.com/;media-src *.cdninstagram.com blob: *.fbcdn.net *.fbsbx.com www.facebook.com *.facebook.com data:;frame-src *.facebook.com *.fbsbx.com fbsbx.com data: *.fbcdn.net https://paywithmybank.com/ https://*.paywithmybank.com/;worker-src blob: *.facebook.com data:;block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;
Strict-Transport-Security max-age=15552000; preload
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://mycredit.ua/

Response headers

content-encoding
zstd
report-to
{"max_age":2592000,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coop\/?minimize=0"}],"group":"coop_report","include_subdomains":true}, {"max_age":259200,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/?device_level=unknown&brsid=7451912472138349627"}]}, {"max_age":21600,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/"}],"group":"permissions_policy"}
x-content-type-options
nosniff
expires
Sat, 01 Jan 2000 00:00:00 GMT
alt-svc
h3=":443"; ma=86400
date
Tue, 24 Dec 2024 09:46:17 GMT
content-type
image/png
vary
Accept-Encoding
x-fb-debug
Zsqr/J6tdYVCeq/CPIKkYit2GvcymJ2vAL7Pvksl72j4T7WgcbEr0+zzYqsGykpkt4yn109gsKFVS7TNlMlDTQ==
priority
u=3,i
x-frame-options
DENY
strict-transport-security
max-age=15552000; preload
reporting-endpoints
coop_report="https://www.facebook.com/browser_reporting/coop/?minimize=0", default="https://www.facebook.com/ajax/browser_error_reports/?device_level=unknown&brsid=7451912472138349627", permissions_policy="https://www.facebook.com/ajax/browser_error_reports/"
content-security-policy
default-src data: blob: 'self' https://*.fbsbx.com *.facebook.com *.fbcdn.net;script-src *.facebook.com *.fbcdn.net 'unsafe-inline' blob: data: 'self' 'wasm-unsafe-eval';style-src *.fbcdn.net data: *.facebook.com 'unsafe-inline';connect-src *.facebook.com facebook.com *.fbcdn.net wss://*.facebook.com:* wss://*.fbcdn.net attachment.fbsbx.com blob: *.cdninstagram.com 'self' http://localhost:3103 wss://gateway.facebook.com wss://edge-chat.facebook.com wss://snaptu-d.facebook.com wss://kaios-d.facebook.com/ *.fbsbx.com;font-src data: *.facebook.com *.fbcdn.net *.fbsbx.com;img-src *.fbcdn.net *.facebook.com data: https://*.fbsbx.com facebook.com *.cdninstagram.com fbsbx.com fbcdn.net blob: android-webview-video-poster: *.oculuscdn.com https://paywithmybank.com/ https://*.paywithmybank.com/;media-src *.cdninstagram.com blob: *.fbcdn.net *.fbsbx.com www.facebook.com *.facebook.com data:;frame-src *.facebook.com *.fbsbx.com fbsbx.com data: *.fbcdn.net https://paywithmybank.com/ https://*.paywithmybank.com/;worker-src blob: *.facebook.com data:;block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;
cache-control
private, no-store, no-cache, must-revalidate
x-fb-connection-quality
EXCELLENT; q=0.9, rtt=42, rtx=0, c=24, mss=1232, tbw=5196, tp=17, tpl=0, uplat=151, ullat=0
cross-origin-opener-policy
same-origin-allow-popups
pragma
no-cache
cross-origin-resource-policy
cross-origin
permissions-policy
accelerometer=(), attribution-reporting=(self), autoplay=(), bluetooth=(), browsing-topics=(self), camera=(self), ch-device-memory=(), ch-downlink=(), ch-dpr=(), ch-ect=(), ch-rtt=(), ch-save-data=(), ch-ua-arch=(), ch-ua-bitness=(), ch-viewport-height=(), ch-viewport-width=(), ch-width=(), clipboard-read=(self), clipboard-write=(self), compute-pressure=(), display-capture=(self), encrypted-media=(self), fullscreen=(self), gamepad=*, geolocation=(self), gyroscope=(), hid=(), idle-detection=(), interest-cohort=(self), keyboard-map=(), local-fonts=(), magnetometer=(), microphone=(self), midi=(), otp-credentials=(), payment=(), picture-in-picture=(self), private-state-token-issuance=(), publickey-credentials-get=(self), screen-wake-lock=(), serial=(), shared-storage=(), shared-storage-select-url=(), private-state-token-redemption=(), usb=(), unload=(self), window-management=(), xr-spatial-tracking=(self);report-to="permissions_policy"
document-policy
force-load-at-top
cross-origin-opener-policy-report-only
restrict-properties;report-to="coop_report"
x-xss-protection
0
origin-agent-cluster
?1
0.bundle.js
cdn.gravitec.net/modules/ 		9 KB
4 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.gravitec.net/modules/0.bundle.js
Requested by
Host: cdn.gravitec.net
URL: https://cdn.gravitec.net/storage/2e68aafd7488d5d209f8a8bb6f34b3cc/client.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
45.133.44.4 Philadelphia, United States, ASN39572 (ADVANCEDHOSTERS-AS DataWeb Global Group B.V., NL),
Reverse DNS
Software
nginx /
Resource Hash
f218602aceeb2690e3323c74dcf734d2ee9440c9f8d094ced1c003aa898931db

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://mycredit.ua/

Response headers

cache-control
max-age=86400, public
content-encoding
gzip
etag
W/"66b46236-254f"
pragma
public
expires
Fri, 15 Nov 2024 11:23:53 GMT
x-proxy-cache
HIT
access-control-allow-origin
*
date
Tue, 24 Dec 2024 09:46:17 GMT
content-type
application/javascript; charset=utf-8
last-modified
Thu, 08 Aug 2024 06:14:14 GMT
server
nginx
x-cdn-host-id
ah0543
vary
Accept-Encoding
1.bundle.js
cdn.gravitec.net/modules/ 		32 KB
8 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.gravitec.net/modules/1.bundle.js
Requested by
Host: cdn.gravitec.net
URL: https://cdn.gravitec.net/storage/2e68aafd7488d5d209f8a8bb6f34b3cc/client.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
45.133.44.4 Philadelphia, United States, ASN39572 (ADVANCEDHOSTERS-AS DataWeb Global Group B.V., NL),
Reverse DNS
Software
nginx /
Resource Hash
23b89bb3578573b474d7a69e2df32e8f0ee7839a44392edb040e4117a07ce6fa

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://mycredit.ua/

Response headers

cache-control
max-age=86400, public
content-encoding
gzip
etag
W/"66b46236-8092"
pragma
public
expires
Fri, 15 Nov 2024 11:23:53 GMT
x-proxy-cache
HIT
access-control-allow-origin
*
date
Tue, 24 Dec 2024 09:46:17 GMT
content-type
application/javascript; charset=utf-8
last-modified
Thu, 08 Aug 2024 06:14:14 GMT
server
nginx
x-cdn-host-id
ah0543
vary
Accept-Encoding
/
content.hotjar.io/ 		0
0
favicon.ico
mycredit.ua/images/ 		1 KB
391 B 		Other
General
Check archive.org
Download Go to
Full URL
https://mycredit.ua/images/favicon.ico
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.67.12.235 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
7a50e48318ca1820ec7154cea5bcb1809bf456404b6bab86ca7ef6a281e57a77
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubDomains; preload

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://mycredit.ua/ua/documents/

Response headers

strict-transport-security
max-age=63072000; includeSubDomains; preload
cache-control
max-age=31536000
content-encoding
gzip
cf-cache-status
HIT
etag
"47e-61890e3ca9e46-gzip"
age
66979
cf-ray
8f6fa9d9eb25ef8b-WAW
accept-ranges
bytes
content-length
246
date
Tue, 24 Dec 2024 09:46:18 GMT
content-type
image/x-icon
last-modified
Thu, 16 May 2024 11:53:56 GMT
vary
Accept-Encoding,User-Agent
server
cloudflare
file
sc01.sfcserv.eu/widget/ 		12 KB
13 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://sc01.sfcserv.eu/widget/file?filename=widget.js&id=1afd8780-c312-45fd-8da6-566eb989d816
Requested by
Host: mycredit.ua
URL: https://mycredit.ua/ua/documents/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
77.88.202.34 , Ukraine, ASN3326 (Datagroup PRIVATE JOINT STOCK COMPANY "DATAGROUP", UA),
Reverse DNS
77.88.202.34.ipv4.datagroup.ua
Software
nginx/1.14.1 /
Resource Hash
7452e1748583de4ae152b537033d0308f6f35e501f1618d04c6f7f697b2f3cd7

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://mycredit.ua/

Response headers

cache-control
no-cache
access-control-allow-methods
GET,POST,OPTIONS,PUT,DELETE,PATCH
access-control-allow-origin
*
content-length
12796
date
Tue, 24 Dec 2024 09:46:18 GMT
content-type
application/javascript; charset=utf-8
content-disposition
inline; filename=widget.js
server
nginx/1.14.1
access-control-allow-headers
Authorization,Accept,Origin,DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Content-Range,Range,websocket,polling
ion.sound.min.js
sc01.sfcserv.eu/widget/static/js/ 		13 KB
13 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://sc01.sfcserv.eu/widget/static/js/ion.sound.min.js
Requested by
Host: sc01.sfcserv.eu
URL: https://sc01.sfcserv.eu/widget/file?filename=widget.js&id=1afd8780-c312-45fd-8da6-566eb989d816
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
77.88.202.34 , Ukraine, ASN3326 (Datagroup PRIVATE JOINT STOCK COMPANY "DATAGROUP", UA),
Reverse DNS
77.88.202.34.ipv4.datagroup.ua
Software
nginx/1.14.1 /
Resource Hash
2e06165ec5e9880465e3a3fa1e195ba655f06465031e87271aae263bf6bd24ba

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://mycredit.ua/

Response headers

etag
"61e5fa6d-3220"
accept-ranges
bytes
access-control-allow-origin
*
content-length
12832
date
Tue, 24 Dec 2024 09:46:18 GMT
content-type
application/javascript
last-modified
Mon, 17 Jan 2022 23:23:25 GMT
server
nginx/1.14.1
socket.io.min.js
sc01.sfcserv.eu/widget/static/js/ 		49 KB
49 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://sc01.sfcserv.eu/widget/static/js/socket.io.min.js
Requested by
Host: sc01.sfcserv.eu
URL: https://sc01.sfcserv.eu/widget/file?filename=widget.js&id=1afd8780-c312-45fd-8da6-566eb989d816
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
77.88.202.34 , Ukraine, ASN3326 (Datagroup PRIVATE JOINT STOCK COMPANY "DATAGROUP", UA),
Reverse DNS
77.88.202.34.ipv4.datagroup.ua
Software
nginx/1.14.1 /
Resource Hash
c40d7808544e516c41a89205efd1bd6501ec65dd3cde02a26d7bd5513ac7409f

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://mycredit.ua/

Response headers

etag
"66d88ca1-c348"
accept-ranges
bytes
access-control-allow-origin
*
content-length
49992
date
Tue, 24 Dec 2024 09:46:18 GMT
content-type
application/javascript
last-modified
Wed, 04 Sep 2024 16:36:49 GMT
server
nginx/1.14.1
file
sc01.sfcserv.eu/widget/ 		61 KB
61 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://sc01.sfcserv.eu/widget/file?filename=widget.css&id=1afd8780-c312-45fd-8da6-566eb989d816
Requested by
Host: sc01.sfcserv.eu
URL: https://sc01.sfcserv.eu/widget/file?filename=widget.js&id=1afd8780-c312-45fd-8da6-566eb989d816
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
77.88.202.34 , Ukraine, ASN3326 (Datagroup PRIVATE JOINT STOCK COMPANY "DATAGROUP", UA),
Reverse DNS
77.88.202.34.ipv4.datagroup.ua
Software
nginx/1.14.1 /
Resource Hash
c6bccad558d6a31d7521dec5b8647555141977e8c567e2fb18a416e785b50620

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://mycredit.ua/

Response headers

cache-control
no-cache
access-control-allow-methods
GET,POST,OPTIONS,PUT,DELETE,PATCH
access-control-allow-origin
*
content-length
62132
date
Tue, 24 Dec 2024 09:46:18 GMT
content-type
text/css; charset=utf-8
content-disposition
inline; filename=widget.css
server
nginx/1.14.1
access-control-allow-headers
Authorization,Accept,Origin,DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Content-Range,Range,websocket,polling

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain
statics.esputnik.com
URL
https://statics.esputnik.com/scripts/270CBFFB1BA24B2F895468F2039DF1F0.js
Domain
www.google.pl
URL
https://www.google.pl/ads/ga-audiences?v=1&t=sr&slf_rd=1&_r=4&tid=G-D0W8ESE7N7&cid=809785020.1735033577&gtm=45je4cc1v885394938z876998698za200zb76998698&aip=1&dma=1&dma_cps=syphamo&gcd=13l3lPl2l1l1&npa=1&frm=0&tag_exp=101925629~102067555~102067808~102081485~102198178&tag_exp=101925629~102067555~102067808~102081485~102198178&z=2071257335
Domain
content.hotjar.io
URL
https://content.hotjar.io/?site_id=3376424&gzip=1

Verdicts & Comments Add Verdict or Comment

188 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| 0 object| 1 object| 2 object| dataLayer string| esSdk function| es object| downloadScripts function| setTimeoutOwn number| gravitecInterval object| Gravitec function| initGravitec function| runSunflower function| handleCloseIcon function| _extends function| _typeof function| lazyLoadImages function| fixedHeaderIos function| removeElementStyleAttr function| setElementPosition function| headerLang function| stickyHeader function| fixedHeaderModalOpen function| menuShowHide function| dropdown function| formControlCustomCheck function| accordionFooter function| HeightAnimate function| popupBonusShow function| androidPopup function| downloadJS function| downloadElement object| flagReg object| pageInputType object| pageInputKeys string| globalMoney string| globalDay object| arrPrefix object| arrFixPrefix object| userLocation object| modalsTimers function| checkPwdInputCount function| credCalculation function| getCurrencyLang function| getDayLang function| getDayOfWeek function| getDeviceInfo function| getMonthLang function| getPercent function| getRandomInt function| getSessionData function| getDeviceData function| includeScript function| login function| modalsPause function| modalsResume function| onChangeLanguage function| onClickFormSlider function| onClickLogin function| onKeyUpPhone function| onkeyUpPromoCode function| onLoadSlider function| playCred function| recordPhone function| reloadCred function| receiveEvent function| sendCodeLogin function| sendPageInputType function| setIntervalOwn function| showModalAuth function| submitSlider function| Timer function| validatePhone function| getCookie function| setCookie function| deleteCookie function| ajaxError function| showCustomModal function| mobileSmartShow function| loginSmsSendClick function| saveGravitecInfo function| sendAjaxJQuery function| sendAjax object| deployJava function| Detector function| murmurhash3_32_gc object| swfobject function| Calculator function| runRangeLoan function| BaseSlider function| AmountSlider function| TermSlider function| updateCalculators function| promocode function| updateCalculatorOptions object| calculators function| validate function| processingPhone function| phoneMask function| userAgents function| isSafariBrowser function| iphoneDetected function| androidDetected function| bannerInstallHandler function| modalAutoShow function| onClickSubmitSlider function| serviceModal function| checkLatinService function| novaChatHandler function| setLang function| changeLangHandler object| eventBus function| $ function| jQuery function| LazyLoad function| modal object| device function| ClientJS function| UAParser function| Fingerprint2 object| reg object| reg1 function| initAutocomplete function| geolocate function| fillInAddressDetail function| removeError function| getPlace function| fillAddressList function| removeElementById function| getUserLocation object| gravitecWebpackJsonp object| z object| aa function| M function| N function| ra function| O function| ta object| __es_sdk string| f object| google_tag_manager object| google_tag_data string| GoogleAnalyticsObject function| ga function| hj object| _hjSettings function| fbq function| _fbq function| eS string| link object| android string| link2 object| ios function| onYouTubeIframeAPIReady object| gaGlobal function| gtag object| GravitecConfig object| WLPush object| gaplugins object| gaData object| hjSiteSettings object| hjLazyModules function| hjBootstrap object| hjBootstrapCalled object| litHtmlVersions function| loadMenu function| closeMenu function| fadeIn function| fadeOut function| init_w function| connectToSocket function| set_normal_title function| Scroll function| sendMessage function| addMessage function| addButtons function| getTitle function| createElement object| isMobile function| loadFile function| ready function| float2int function| sleep function| addHistory object| w object| chat object| user_history object| ion function| io

14 Cookies

Domain/Path Name / Value
.mycredit.ua/ Name: MyCredit_id
Value: 676a82e8138347.59209385
mycredit.ua/ Name: XSRF-TOKEN
Value: eyJpdiI6Imp5VVlpUmhYWVM0NXJhWiszZVBod1E9PSIsInZhbHVlIjoiN0lMSi9zQytVNFM1eXRFaHo2WGpiYWhNallNcGNRN1pFbXZtVTFrQVVrNUZGYXh0clhnWFVMbUQydUttcTBhTkxGbkM0WEx3d2xPUWtEQ0hERCtVYktPK0FaTlBrR2FEV0J2K01qODY2cW9vWFV1ZUhPaEttZGZYR3psWUl0TFMiLCJtYWMiOiI2M2U1NDMzNDdhMzAyMDliOTE3MWZkMjQ1ZWZkMzE3Nzk2YzkxNTkwNzhlZTU3NjA4ZDNjODliZDNiZmQwOTIxIiwidGFnIjoiIn0%3D
mycredit.ua/ Name: mycredit_session
Value: eyJpdiI6InVZY25lSkhFdTc3L2NwcFE0c295NkE9PSIsInZhbHVlIjoiUXBDVVZYTThoRnl3eXBvWHVPUWd1aVN6d3dycDhCYVVhUXNPUkRPMUcvSzBzQVl0c3dnUWRqZEVTSUhKWGs4ZWc5M08xbklUV3lCakNGdlRmSVlpMmdmeVE2emJ5MTJFdjQrVVdTOEN4VkJTM0lxL0JnWjJaaVpKN1E5QTU2TksiLCJtYWMiOiI3MTMwY2E0YzZmMzdjM2ZhZTVhN2EzY2QxZDg4NWEyY2FiNzEwNWVmNWIzNTkwZTcxZmQ5YTFlOGJjZDJlNTUzIiwidGFnIjoiIn0%3D
.mycredit.ua/ Name: _gcl_au
Value: 1.1.61338313.1735033577
.mycredit.ua/ Name: _ga_D0W8ESE7N7
Value: GS1.1.1735033577.1.0.1735033577.60.0.0
.mycredit.ua/ Name: _fbp
Value: fb.1.1735033577270.186400827643382127
.mycredit.ua/ Name: _ga
Value: GA1.2.809785020.1735033577
.mycredit.ua/ Name: _gid
Value: GA1.2.1611428032.1735033577
.mycredit.ua/ Name: _gat_UA-78518171-5
Value: 1
.mycredit.ua/ Name: _hjSessionUser_3376424
Value: eyJpZCI6ImIzNGQ0MmFmLWEwNDUtNTM4MC05NGE4LTIwZGRkNmUzNGIxMiIsImNyZWF0ZWQiOjE3MzUwMzM1Nzc2MjUsImV4aXN0aW5nIjp0cnVlfQ==
.mycredit.ua/ Name: _hjSession_3376424
Value: eyJpZCI6IjFhZmQ2MTc3LTgxZmMtNGVlNi1hYWJhLTJhNzE1ZjQyMmFmNSIsImMiOjE3MzUwMzM1Nzc2MjUsInMiOjEsInIiOjEsInNiIjowLCJzciI6MCwic2UiOjAsImZzIjoxLCJzcCI6MH0=
mycredit.ua/ Name: user_id
Value: ynl5m0i6jdi0phnebq
mycredit.ua/ Name: token
Value: 1afd8780-c312-45fd-8da6-566eb989d816
mycredit.ua/ Name: is_open
Value: false

6 Console Messages

Source Level URL
Text
security warning
Message:
Error with Feature-Policy header: Unrecognized feature: 'vibrate'.
security error
Message:
Refused to load the script 'https://statics.esputnik.com/scripts/270CBFFB1BA24B2F895468F2039DF1F0.js' because it violates the following Content Security Policy directive: "script-src 'unsafe-inline' 'unsafe-eval' 'self' https://mycredit.ua *.mycredit.ua http://*.mycredit.ua *.google-analytics.com https://*.googletagmanager.com https://*.googleoptimize.com https://*.googleadservices.com https://*.google.com https://*.google.com.ua https://*.googleapis.com https://*.gravitec.net https://*.gravitec.media https://push.esputnik.com https://esputnik.com https://sc01.sfcserv.eu https://*.facebook.com https://*.facebook.net https://gdeua.hit.gemius.pl https://*.hotjar.com https://analytics.tiktok.com px.adhigh.net https://mycreditua.push.world *.cloudflare.com https://static.addtoany.com *.irebaseapp.com *.firebaseio.com *.appspot.com *.youtube.com *.iesnare.com https://rabota.ua https://*.rabota.ua https://*.ex.co https://*.playbuzz.com https://fpjscdn.net". Note that 'script-src-elem' was not explicitly set, so 'script-src' is used as a fallback.
security error URL: https://www.googletagmanager.com/gtag/js?id=G-D0W8ESE7N7&l=dataLayer&cx=c&gtm=45He4cc1v76998698za200(Line 252)
Message:
Refused to connect to 'https://stats.g.doubleclick.net/g/collect?v=2&tid=G-D0W8ESE7N7&cid=809785020.1735033577&gtm=45je4cc1v885394938z876998698za200zb76998698&aip=1&dma=1&dma_cps=syphamo&gcd=13l3lPl2l1l1&npa=1&frm=0&tag_exp=101925629~102067555~102067808~102081485~102198178' because it violates the following Content Security Policy directive: "default-src data: 'self' https://mycredit.ua https://media.mycredit.ua https://www.google-analytics.com https://*.google.com https://*.google.com.ua https://*.googletagmanager.com https://*.googleusercontent.com https://sc01.sfcserv.eu https://*.googleadservices.com *.hotjar.com https://analytics.tiktok.com px.adhigh.net https://mycreditua.push.world https://fonts.gstatic.com *.youtube.com https://*.gravitec.net https://*.gravitec.media https://push.esputnik.com https://esputnik.com https://*.facebook.com https://*.facebook.net *.firebaseapp.com *.firebaseio.com *.appspot.com *.iesnare.com wss://mpsnare.iesnare.com https://mpsnare.iesnare.com *.gov.ua https://rabota.ua https://*.rabota.ua https://*.ex.co https://*.playbuzz.com https://*.cloudfunctions.net https://*.api.fpjs.io https://api.fpjs.io". Note that 'connect-src' was not explicitly set, so 'default-src' is used as a fallback.
security error URL: https://mycredit.ua/ua/documents/
Message:
Refused to load the image 'https://www.google.pl/ads/ga-audiences?v=1&t=sr&slf_rd=1&_r=4&tid=G-D0W8ESE7N7&cid=809785020.1735033577&gtm=45je4cc1v885394938z876998698za200zb76998698&aip=1&dma=1&dma_cps=syphamo&gcd=13l3lPl2l1l1&npa=1&frm=0&tag_exp=101925629~102067555~102067808~102081485~102198178&tag_exp=101925629~102067555~102067808~102081485~102198178&z=2071257335' because it violates the following Content Security Policy directive: "default-src data: 'self' https://mycredit.ua https://media.mycredit.ua https://www.google-analytics.com https://*.google.com https://*.google.com.ua https://*.googletagmanager.com https://*.googleusercontent.com https://sc01.sfcserv.eu https://*.googleadservices.com *.hotjar.com https://analytics.tiktok.com px.adhigh.net https://mycreditua.push.world https://fonts.gstatic.com *.youtube.com https://*.gravitec.net https://*.gravitec.media https://push.esputnik.com https://esputnik.com https://*.facebook.com https://*.facebook.net *.firebaseapp.com *.firebaseio.com *.appspot.com *.iesnare.com wss://mpsnare.iesnare.com https://mpsnare.iesnare.com *.gov.ua https://rabota.ua https://*.rabota.ua https://*.ex.co https://*.playbuzz.com https://*.cloudfunctions.net https://*.api.fpjs.io https://api.fpjs.io". Note that 'img-src' was not explicitly set, so 'default-src' is used as a fallback.
security error URL: https://script.hotjar.com/modules.60031afbf51fb3e88a5b.js(Line 1)
Message:
Refused to connect to 'wss://ws.hotjar.com/api/v2/client/ws?v=7&site_id=3376424' because it violates the following Content Security Policy directive: "default-src data: 'self' https://mycredit.ua https://media.mycredit.ua https://www.google-analytics.com https://*.google.com https://*.google.com.ua https://*.googletagmanager.com https://*.googleusercontent.com https://sc01.sfcserv.eu https://*.googleadservices.com *.hotjar.com https://analytics.tiktok.com px.adhigh.net https://mycreditua.push.world https://fonts.gstatic.com *.youtube.com https://*.gravitec.net https://*.gravitec.media https://push.esputnik.com https://esputnik.com https://*.facebook.com https://*.facebook.net *.firebaseapp.com *.firebaseio.com *.appspot.com *.iesnare.com wss://mpsnare.iesnare.com https://mpsnare.iesnare.com *.gov.ua https://rabota.ua https://*.rabota.ua https://*.ex.co https://*.playbuzz.com https://*.cloudfunctions.net https://*.api.fpjs.io https://api.fpjs.io". Note that 'connect-src' was not explicitly set, so 'default-src' is used as a fallback.
security error URL: https://script.hotjar.com/modules.60031afbf51fb3e88a5b.js(Line 1)
Message:
Refused to connect to 'https://content.hotjar.io/?site_id=3376424&gzip=1' because it violates the following Content Security Policy directive: "default-src data: 'self' https://mycredit.ua https://media.mycredit.ua https://www.google-analytics.com https://*.google.com https://*.google.com.ua https://*.googletagmanager.com https://*.googleusercontent.com https://sc01.sfcserv.eu https://*.googleadservices.com *.hotjar.com https://analytics.tiktok.com px.adhigh.net https://mycreditua.push.world https://fonts.gstatic.com *.youtube.com https://*.gravitec.net https://*.gravitec.media https://push.esputnik.com https://esputnik.com https://*.facebook.com https://*.facebook.net *.firebaseapp.com *.firebaseio.com *.appspot.com *.iesnare.com wss://mpsnare.iesnare.com https://mpsnare.iesnare.com *.gov.ua https://rabota.ua https://*.rabota.ua https://*.ex.co https://*.playbuzz.com https://*.cloudfunctions.net https://*.api.fpjs.io https://api.fpjs.io". Note that 'connect-src' was not explicitly set, so 'default-src' is used as a fallback.

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header Value
Content-Security-Policy default-src data: 'self' https://mycredit.ua https://media.mycredit.ua https://www.google-analytics.com https://*.google.com https://*.google.com.ua https://*.googletagmanager.com https://*.googleusercontent.com https://sc01.sfcserv.eu https://*.googleadservices.com *.hotjar.com https://analytics.tiktok.com px.adhigh.net https://mycreditua.push.world https://fonts.gstatic.com *.youtube.com https://*.gravitec.net https://*.gravitec.media https://push.esputnik.com https://esputnik.com https://*.facebook.com https://*.facebook.net *.firebaseapp.com *.firebaseio.com *.appspot.com *.iesnare.com wss://mpsnare.iesnare.com https://mpsnare.iesnare.com *.gov.ua https://rabota.ua https://*.rabota.ua https://*.ex.co https://*.playbuzz.com https://*.cloudfunctions.net https://*.api.fpjs.io https://api.fpjs.io ;script-src 'unsafe-inline' 'unsafe-eval' 'self' https://mycredit.ua *.mycredit.ua http://*.mycredit.ua *.google-analytics.com https://*.googletagmanager.com https://*.googleoptimize.com https://*.googleadservices.com https://*.google.com https://*.google.com.ua https://*.googleapis.com https://*.gravitec.net https://*.gravitec.media https://push.esputnik.com https://esputnik.com https://sc01.sfcserv.eu https://*.facebook.com https://*.facebook.net https://gdeua.hit.gemius.pl https://*.hotjar.com https://analytics.tiktok.com px.adhigh.net https://mycreditua.push.world *.cloudflare.com https://static.addtoany.com *.irebaseapp.com *.firebaseio.com *.appspot.com *.youtube.com *.iesnare.com https://rabota.ua https://*.rabota.ua https://*.ex.co https://*.playbuzz.com https://fpjscdn.net ;style-src 'unsafe-inline' * ;frame-ancestors 'self' ;
Strict-Transport-Security max-age=63072000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

cdn.gravitec.net
connect.facebook.net
content.hotjar.io
esputnik.com
id.gravitec.net
media.mycredit.ua
mycredit.ua
nimble-yen-237809.appspot.com
region1.analytics.google.com
sc01.sfcserv.eu
script.hotjar.com
static.hotjar.com
statics.esputnik.com
www.facebook.com
www.google-analytics.com
www.google.com
www.google.pl
www.googletagmanager.com
content.hotjar.io
statics.esputnik.com
www.google.pl
104.21.76.27
104.22.62.217
142.250.185.100
142.250.185.104
142.250.185.142
142.250.185.244
157.240.0.35
157.240.0.6
172.67.12.235
18.66.102.11
216.239.34.36
45.133.44.4
52.18.222.204
52.222.236.122
77.88.202.34
009e0d58d24b06bb4bb2baff42c700390d26f38ff76a48ddd8d696c6e7f79005
00e13579cf175a1ff87cf1c62c8e30c9a678fc72e56921c36742eb30f530cbc8
021aeac5f3f8236ef52eb5c455a1153ffc51ccece82664c456200385007ad713
037236ed4bf58a85f67074c165d308260fd6be01c86d7df4e79ea16eb273f8c5
037af24975de29b4e2ca5400b700872aef1a1751832ff0603a0b96f3dbde5581
048b78752039286efb12fc8ba05f0c6494921d4a31c5c915a8532b1e0cb3487b
122a970022ff60e85c5828a105791bddcfed256cb61b152cf543161ae8978666
1279bc327cba5fdd8d7a702eb615f18fc8d01ed8bad3095b72200a835b88b134
23b89bb3578573b474d7a69e2df32e8f0ee7839a44392edb040e4117a07ce6fa
24751cbae618f6fbeb532498fd1ceeda5350f30085086cd5426961a2695e3d9f
2595496fe48df6fcf9b1bc57c29a744c121eb4dd11566466bc13d2e52e6bbcc8
2e06165ec5e9880465e3a3fa1e195ba655f06465031e87271aae263bf6bd24ba
33cdac21d8cb99a0c43860796691d24b6d099229c8f9799c8d9a866d53108d3c
39a11184bf14e51a6ae209ec5e2bb2c9a31a62406f785adeeabeb327f15330da
3e5f0b0b7571f5d09b7e158506267943af016efa67438813a67a9401c798791e
3f167b7fe6465208e7c0ff9bd46b078ea96f561d2d9fc1cc4f884ff583e628b3
5e8d9e1a89083cd1b0849993fe2f3acc9aa33b7f439f7e8616872f6897f30684
60dcc80ba7e55f2981a5228646c7b7de236b306a39b332d7209316fe2de87954
7452e1748583de4ae152b537033d0308f6f35e501f1618d04c6f7f697b2f3cd7
74caefe8957c981be90784150d551d98561ced97d238681420f8bb5d02987a63
79bbba2135531d3f2a80fcf824c9d9b911dd0eb17f0518e492f6277573e3a3d9
7a50e48318ca1820ec7154cea5bcb1809bf456404b6bab86ca7ef6a281e57a77
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
8f6cea24a9725ba7bd57f43034e5af53c5f72654fe096a2540be8d7b29b9b903
96d8f08194328eab741558318e9292bef236c91087f7af8531db6852a6ddf86b
9a80ebc536e7e3c1c3e8f1e2f7f483f3a5dc20db6e399f650ace518c926dda2c
a06e4f0e735fa51dc79fbe01facc386d0fcb92712608d650b1959cb6243bdd19
a3e60336a4f84009b6b1b30569b70ba27ec864a26a243aaad52c9a32b16dba20
aa03dc59bdca72631d2301e4297cfa030bd31b907dc138e7b973d12311c90a22
aa7b6c81e85551eeb5c4809f1e683efa0b780c33d12ddfc2067a1b136803e45a
adcf5f93ef3f23894aa31c94cf0498698774dadfe2b26589df69cb9c7a372c8c
af0ce1f092afa264631af4c3e593225646f85f4409bc3be5a902ebed5bdb1a84
b08b454c8e47e7ba3cbb59c0e6a8344174363c034d581fe12cb3c6fc3942b6d3
c40d7808544e516c41a89205efd1bd6501ec65dd3cde02a26d7bd5513ac7409f
c6bccad558d6a31d7521dec5b8647555141977e8c567e2fb18a416e785b50620
d49765435a3373aba191ada5a7426e0d68350f97827efafc438e71fe4dd3a7f4
de36e50194320a7d3ef1ace9bd34a875a8bd458b253c061979dd628e9bf49afd
e26db5c7bb556a9e32176cb7de0f57a40bbffe35cc9a38aff5da2c6bef66c1c7
e38338484d969872e570a554c807dab4a79233b82d64a7cb7028fb459123d44a
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e5d990fa9153b724273b61ea3cdac68869756334ca5090c9ef20ee80b11d5bc4
e69acb778efbd4b707a10a882e89e457788c933afcb16a4c2351615e5497121e
e8f2bd22ac8b6f6857f452d458029e2d1db25bd08e40fa36daa06d573f65a3e3
eba1a8c4d7ef173171095056b371cb1c9f8dc6acf7bd604a69799902f9eb4c88
f218602aceeb2690e3323c74dcf734d2ee9440c9f8d094ced1c003aa898931db
f7916a37377e38527d4306303cfe89b653b49b0a6b0b05c6b7593f7ab0248da8
fc87d0d96e7dbf4adcfe6086776abd18a284e42ecacfa784588e7ccaf6c08106
ffe0c8f94aaacb8e5b9e1e7fad85ca6ad989e75d54d767a87ad46c3a09053d32