www.crossroadsmoney.com Open in urlscan Pro
104.168.164.52  Public Scan

0 Outgoing links

These are links going to different origins than the main page.

Redirected requests

There were HTTP redirect chains for the following requests:

28 HTTP transactions Everything HTML Script AJAX CSS Image Expand all
2 data transactions

Method Protocol	Status	Resource Path	Size x-fer	Time Latency	Type MIME-Type	IP Location
GET H2	200	Primary Request / Show response www.crossroadsmoney.com/	36 KB 11 KB	625ms 306ms	Document text/html	104.168.164.52 HOSTWINDS
General Check archive.org Show headers Download Go to Full URL https://www.crossroadsmoney.com/ Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 104.168.164.52 , United States, ASN54290 (HOSTWINDS, US), Reverse DNS hwsrv-674209.hostwindsdns.com Software nginx / Resource Hash e8ff28fb013701ce00e632b4550ab28e316ab1c46aedbbb22a8fb085770eae57 Request headers Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36 Response headers cache-control no-store, no-cache, must-revalidate content-encoding gzip content-type text/html; charset=UTF-8 date Tue, 23 Jul 2024 11:18:42 GMT expires Thu, 19 Nov 1981 08:52:00 GMT pragma no-cache server nginx
GET H2	200	sentry_head.js Show response www.crossroadsmoney.com/assets/js/	104 KB 32 KB	161ms 160ms	Script application/javascript	104.168.164.52 HOSTWINDS
General Check archive.org Show headers Download Go to Full URL https://www.crossroadsmoney.com/assets/js/sentry_head.js?05f89692f9e4278ba8ff Requested by Host: www.crossroadsmoney.com URL: https://www.crossroadsmoney.com/ Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 104.168.164.52 , United States, ASN54290 (HOSTWINDS, US), Reverse DNS hwsrv-674209.hostwindsdns.com Software nginx / Resource Hash a20099092b645fd5153459dac86885f41fcc761815bb54a8a03a1d928aa4bb61 Request headers Referer https://www.crossroadsmoney.com/ User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36 Response headers date Tue, 23 Jul 2024 11:18:42 GMT content-encoding gzip last-modified Tue, 02 Jul 2024 14:00:28 GMT server nginx etag W/"668407fc-1a067" content-type application/javascript cache-control max-age=43200, public expires Tue, 23 Jul 2024 23:18:42 GMT
GET H2	200	index.css www.crossroadsmoney.com/assets/css/	35 KB 7 KB	155ms 155ms	Stylesheet text/css	104.168.164.52 HOSTWINDS
General Check archive.org Show headers Download Go to Full URL https://www.crossroadsmoney.com/assets/css/index.css?05f89692f9e4278ba8ff Requested by Host: www.crossroadsmoney.com URL: https://www.crossroadsmoney.com/ Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 104.168.164.52 , United States, ASN54290 (HOSTWINDS, US), Reverse DNS hwsrv-674209.hostwindsdns.com Software nginx / Resource Hash 6166d1458738f01af04845527b88a8a88b246874cc086acfa6ba2973ec91d1d1 Request headers Referer https://www.crossroadsmoney.com/ User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36 Response headers date Tue, 23 Jul 2024 11:18:42 GMT content-encoding gzip last-modified Tue, 02 Jul 2024 14:00:28 GMT server nginx etag W/"668407fc-8a9b" content-type text/css cache-control max-age=43200, public expires Tue, 23 Jul 2024 23:18:42 GMT
GET H2	200	photo-6-c382c125.png www.crossroadsmoney.com/assets/img/resize/	242 KB 243 KB	310ms 310ms	Image image/png	104.168.164.52 HOSTWINDS
General Check archive.org Show headers Download Go to Show image Full URL https://www.crossroadsmoney.com/assets/img/resize/photo-6-c382c125.png Requested by Host: www.crossroadsmoney.com URL: https://www.crossroadsmoney.com/ Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 104.168.164.52 , United States, ASN54290 (HOSTWINDS, US), Reverse DNS hwsrv-674209.hostwindsdns.com Software nginx / Resource Hash da15698e6be7aef752e1241839c8ebc92a772a91504c8b996a97c277c28d82b8 Request headers Referer https://www.crossroadsmoney.com/ User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36 Response headers date Tue, 23 Jul 2024 11:18:42 GMT last-modified Tue, 02 Jul 2024 14:00:28 GMT server nginx etag "668407fc-3c9e1" content-type image/png cache-control max-age=2592000, public accept-ranges bytes content-length 248289 expires Thu, 22 Aug 2024 11:18:42 GMT
GET H2	200	polyfills.js Show response www.crossroadsmoney.com/assets/js/	109 KB 35 KB	311ms 311ms	Script application/javascript	104.168.164.52 HOSTWINDS
General Check archive.org Show headers Download Go to Full URL https://www.crossroadsmoney.com/assets/js/polyfills.js?05f89692f9e4278ba8ff Requested by Host: www.crossroadsmoney.com URL: https://www.crossroadsmoney.com/ Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 104.168.164.52 , United States, ASN54290 (HOSTWINDS, US), Reverse DNS hwsrv-674209.hostwindsdns.com Software nginx / Resource Hash 30023db91cc6ae50e73f39cf1a16142ff7857fd5c21ac2348392cea6e417c992 Request headers Referer https://www.crossroadsmoney.com/ User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36 Response headers date Tue, 23 Jul 2024 11:18:42 GMT content-encoding gzip last-modified Tue, 02 Jul 2024 14:00:28 GMT server nginx etag W/"668407fc-1b523" content-type application/javascript cache-control max-age=43200, public expires Tue, 23 Jul 2024 23:18:42 GMT
GET H2	200	index.js Show response www.crossroadsmoney.com/assets/js/	179 KB 66 KB	292ms 291ms	Script application/javascript	104.168.164.52 HOSTWINDS
General Check archive.org Show headers Download Go to Full URL https://www.crossroadsmoney.com/assets/js/index.js?05f89692f9e4278ba8ff Requested by Host: www.crossroadsmoney.com URL: https://www.crossroadsmoney.com/ Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 104.168.164.52 , United States, ASN54290 (HOSTWINDS, US), Reverse DNS hwsrv-674209.hostwindsdns.com Software nginx / Resource Hash d6e0291fa47e6bc1aa70a32c904bedbdb06b2b1f11667735161e3aeffe953ec3 Request headers Referer https://www.crossroadsmoney.com/ User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36 Response headers date Tue, 23 Jul 2024 11:18:42 GMT content-encoding gzip last-modified Tue, 02 Jul 2024 14:00:28 GMT server nginx etag W/"668407fc-2cba9" content-type application/javascript cache-control max-age=43200, public expires Tue, 23 Jul 2024 23:18:42 GMT
GET H2	200	login.js Show response www.crossroadsmoney.com/assets/js/	277 KB 91 KB	439ms 438ms	Script application/javascript	104.168.164.52 HOSTWINDS
General Check archive.org Show headers Download Go to Full URL https://www.crossroadsmoney.com/assets/js/login.js?05f89692f9e4278ba8ff Requested by Host: www.crossroadsmoney.com URL: https://www.crossroadsmoney.com/ Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 104.168.164.52 , United States, ASN54290 (HOSTWINDS, US), Reverse DNS hwsrv-674209.hostwindsdns.com Software nginx / Resource Hash 7a4cae6cbf3669419cd0a22d16162777b0b13dc404942ef94626573358d4a1a8 Request headers Referer https://www.crossroadsmoney.com/ User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36 Response headers date Tue, 23 Jul 2024 11:18:42 GMT content-encoding gzip last-modified Tue, 02 Jul 2024 14:00:28 GMT server nginx etag W/"668407fc-4534d" content-type application/javascript cache-control max-age=43200, public expires Tue, 23 Jul 2024 23:18:42 GMT
GET H2	200	css fonts.googleapis.com/	5 KB 1 KB	63ms 26ms	Stylesheet text/css	2a00:1450:4001:812::200a GOOGLE
General Check archive.org Show headers Download Go to Full URL https://fonts.googleapis.com/css?family=Aleo:700,700i%7CDM+Sans:400,500,700&display=swap Requested by Host: www.crossroadsmoney.com URL: https://www.crossroadsmoney.com/assets/css/index.css?05f89692f9e4278ba8ff Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:812::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software ESF / Resource Hash 91eebd05b769a1d88ea483e8de038fc5ef21b4179349548e7ce81b27a945fcc6 Security Headers Name Value Strict-Transport-Security max-age=31536000 X-Content-Type-Options nosniff X-Frame-Options SAMEORIGIN X-Xss-Protection 0 Request headers Referer https://www.crossroadsmoney.com/ User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36 Response headers strict-transport-security max-age=31536000 date Tue, 23 Jul 2024 11:18:42 GMT content-encoding gzip x-content-type-options nosniff cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 x-xss-protection 0 last-modified Tue, 23 Jul 2024 11:18:42 GMT server ESF cross-origin-opener-policy same-origin-allow-popups x-frame-options SAMEORIGIN content-type text/css; charset=utf-8 access-control-allow-origin * cache-control private, max-age=86400, stale-while-revalidate=604800 timing-allow-origin * link <https://fonts.gstatic.com>; rel=preconnect; crossorigin expires Tue, 23 Jul 2024 11:18:42 GMT
GET H2	200	fbevents.js Show response connect.facebook.net/en_US/	224 KB 60 KB	25ms 8ms	Script application/x-javascript	2a03:2880:f084:d:face:b00c:0:3 FACEBOOK
General Check archive.org Show headers Download Go to Full URL https://connect.facebook.net/en_US/fbevents.js Requested by Host: www.crossroadsmoney.com URL: https://www.crossroadsmoney.com/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a03:2880:f084:d:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US), Reverse DNS Software / Resource Hash eaa003d85cb77f94fcae98396e583ce01d0c375b57235402c884ef8a792b951e Security Headers Name Value Content-Security-Policy default-src 'self' data: blob: facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;script-src *.fbcdn.net *.facebook.net 'unsafe-inline' blob: data: 'self' 'unsafe-eval';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';img-src 'self' data: blob: facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;require-trusted-types-for 'script'; Strict-Transport-Security max-age=31536000; preload; includeSubDomains X-Content-Type-Options nosniff X-Frame-Options DENY X-Xss-Protection 0 Request headers Referer https://www.crossroadsmoney.com/ User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36 Response headers content-security-policy default-src 'self' data: blob: facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;script-src *.fbcdn.net *.facebook.net 'unsafe-inline' blob: data: 'self' 'unsafe-eval';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';img-src 'self' data: blob: facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;require-trusted-types-for 'script'; content-encoding gzip x-content-type-options nosniff strict-transport-security max-age=31536000; preload; includeSubDomains date Tue, 23 Jul 2024 11:18:42 GMT document-policy force-load-at-top cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=86400 content-length 58677 x-xss-protection 0 reporting-endpoints coop_report="https://www.facebook.com/browser_reporting/coop/?minimize=0", coep_report="https://www.facebook.com/browser_reporting/coep/?minimize=0", permissions_policy="https://www.facebook.com/ajax/browser_error_reports/" x-fb-connection-quality EXCELLENT; q=0.9, rtt=6, rtx=0, c=12, mss=1297, tbw=2768, tp=-1, tpl=-1, uplat=0, ullat=-1 pragma public x-fb-debug sO9YNPGuLZwSqWSLRfOMN5qUgXAr4asvZ6KL6Quby9rIz4LQ8nEN+03lv8wukZ3KzBP44UFBHB/pyGEHKZotng== cross-origin-embedder-policy-report-only require-corp;report-to="coep_report" cross-origin-opener-policy same-origin-allow-popups;report-to="coop_report" vary Accept-Encoding report-to {"max_age":2592000,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coop\/?minimize=0"}],"group":"coop_report","include_subdomains":true}, {"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coep\/?minimize=0"}],"group":"coep_report"}, {"max_age":21600,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/"}],"group":"permissions_policy"} content-type application/x-javascript; charset=utf-8 x-frame-options DENY cache-control public, max-age=1200 permissions-policy accelerometer=(), attribution-reporting=(), autoplay=(), battery=(self), bluetooth=(), camera=(), ch-device-memory=(), ch-downlink=(), ch-dpr=(), ch-ect=(), ch-rtt=(), ch-save-data=(), ch-ua-arch=(), ch-ua-bitness=(), ch-viewport-height=(), ch-viewport-width=(), ch-width=(), clipboard-read=(), clipboard-write=(), compute-pressure=(), display-capture=(), encrypted-media=(), fullscreen=(self), gamepad=(), geolocation=(), gyroscope=(), hid=(), idle-detection=(), interest-cohort=(), keyboard-map=(), local-fonts=(), magnetometer=(), microphone=(), midi=(), otp-credentials=(), payment=(), picture-in-picture=(), private-state-token-issuance=(), publickey-credentials-get=(), screen-wake-lock=(), serial=(), shared-storage=(), shared-storage-select-url=(), private-state-token-redemption=(), usb=(), usb-unrestricted=(), unload=(self), window-management=(), xr-spatial-tracking=();report-to="permissions_policy" timing-allow-origin * expires Sat, 01 Jan 2000 00:00:00 GMT
GET DATA	200 OK	truncated /	2 KB 0		Image image/svg+xml
General Check archive.org Show headers Download Go to Show image Full URL data:truncated Protocol DATA Server -, , ASN (), Reverse DNS Software / Resource Hash 13f83cf0dae135891ee6f039e82f8116dc5f158c7c94ac519debc23d8e8c5128 Request headers Referer User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36 Response headers Content-Type image/svg+xml;charset=utf-8
GET DATA	200 OK	truncated /	2 KB 0		Image image/svg+xml
General Check archive.org Show headers Download Go to Show image Full URL data:truncated Protocol DATA Server -, , ASN (), Reverse DNS Software / Resource Hash dd5e8c29b1c74413deda7d0ed8c05c53cb54dd241be713dcff0cc329a2e4471c Request headers Referer User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36 Response headers Content-Type image/svg+xml;charset=utf-8
GET H2	200	rP2Yp2ywxg089UriI5-g4vlH9VoD8Cmcqbu0-K4.woff2 fonts.gstatic.com/s/dmsans/v15/	36 KB 36 KB	71ms 29ms	Font font/woff2	2a00:1450:4001:81c::2003 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://fonts.gstatic.com/s/dmsans/v15/rP2Yp2ywxg089UriI5-g4vlH9VoD8Cmcqbu0-K4.woff2 Requested by Host: fonts.googleapis.com URL: https://fonts.googleapis.com/css?family=Aleo:700,700i%7CDM+Sans:400,500,700&display=swap Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:81c::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software sffe / Resource Hash 258f9f1b553bb57419619f41d3b1445226c7bc63d2a3409efef4a68426709e94 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Referer https://fonts.googleapis.com/ Origin https://www.crossroadsmoney.com User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36 Response headers date Tue, 16 Jul 2024 11:48:59 GMT x-content-type-options nosniff age 602984 content-security-policy-report-only require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 36848 x-xss-protection 0 last-modified Thu, 21 Mar 2024 23:58:47 GMT server sffe cross-origin-opener-policy same-origin; report-to="apps-themes" report-to {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]} content-type font/woff2 access-control-allow-origin * cache-control public, max-age=31536000 accept-ranges bytes timing-allow-origin * expires Wed, 16 Jul 2025 11:48:59 GMT
GET H2	200	c4m61nF8G8_s6gHhIOX0IYBo_KKQHVP6Fo8.woff2 fonts.gstatic.com/s/aleo/v14/	15 KB 15 KB	56ms 14ms	Font font/woff2	2a00:1450:4001:81c::2003 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://fonts.gstatic.com/s/aleo/v14/c4m61nF8G8_s6gHhIOX0IYBo_KKQHVP6Fo8.woff2 Requested by Host: fonts.googleapis.com URL: https://fonts.googleapis.com/css?family=Aleo:700,700i%7CDM+Sans:400,500,700&display=swap Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:81c::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software sffe / Resource Hash b075ea7ef7c9859c98dedeb8649b2c370f1b4ec2e88408620b0b5db4d9a0836c Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Referer https://fonts.googleapis.com/ Origin https://www.crossroadsmoney.com User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36 Response headers date Tue, 23 Jul 2024 02:58:15 GMT x-content-type-options nosniff age 30028 content-security-policy-report-only require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 15208 x-xss-protection 0 last-modified Thu, 24 Aug 2023 20:48:07 GMT server sffe cross-origin-opener-policy same-origin; report-to="apps-themes" report-to {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]} content-type font/woff2 access-control-allow-origin * cache-control public, max-age=31536000 accept-ranges bytes timing-allow-origin * expires Wed, 23 Jul 2025 02:58:15 GMT
GET H2	200	364299881815721 Show response connect.facebook.net/signals/config/	68 KB 15 KB	377ms 376ms	Script application/x-javascript	2a03:2880:f084:d:face:b00c:0:3 FACEBOOK
General Check archive.org Show headers Download Go to Full URL https://connect.facebook.net/signals/config/364299881815721?v=2.9.162&r=stable&domain=www.crossroadsmoney.com&hme=e67e7d148043b3a377ad0eb1c82669792a67ba5e3bb5734b69e611ae38f939ca&ex_m=68%2C115%2C102%2C106%2C59%2C3%2C95%2C67%2C15%2C92%2C85%2C49%2C52%2C163%2C166%2C178%2C174%2C175%2C177%2C28%2C96%2C51%2C74%2C176%2C158%2C161%2C171%2C172%2C179%2C124%2C39%2C33%2C136%2C14%2C48%2C184%2C183%2C126%2C17%2C38%2C1%2C41%2C63%2C64%2C65%2C69%2C89%2C16%2C13%2C91%2C88%2C87%2C103%2C50%2C105%2C37%2C104%2C29%2C25%2C159%2C162%2C133%2C27%2C10%2C11%2C12%2C5%2C6%2C24%2C21%2C22%2C55%2C60%2C62%2C72%2C97%2C26%2C73%2C8%2C7%2C77%2C46%2C20%2C99%2C98%2C100%2C93%2C9%2C19%2C18%2C82%2C54%2C80%2C32%2C71%2C0%2C90%2C31%2C79%2C84%2C45%2C44%2C83%2C36%2C4%2C86%2C78%2C42%2C34%2C81%2C2%2C35%2C61%2C40%2C101%2C43%2C76%2C66%2C107%2C58%2C57%2C30%2C94%2C56%2C53%2C47%2C75%2C70%2C23%2C108 Requested by Host: connect.facebook.net URL: https://connect.facebook.net/en_US/fbevents.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a03:2880:f084:d:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US), Reverse DNS Software / Resource Hash 4961208d46a1730518c328ab3e74f4514876a018f198efc5fdfef23b08e3a80d Security Headers Name Value Content-Security-Policy default-src 'self' data: blob: facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;script-src *.fbcdn.net *.facebook.net 'unsafe-inline' blob: data: 'self' 'unsafe-eval';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';img-src 'self' data: blob: facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;require-trusted-types-for 'script'; Strict-Transport-Security max-age=31536000; preload; includeSubDomains X-Content-Type-Options nosniff X-Frame-Options DENY X-Xss-Protection 0 Request headers Referer https://www.crossroadsmoney.com/ User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36 Response headers content-security-policy default-src 'self' data: blob: facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;script-src *.fbcdn.net *.facebook.net 'unsafe-inline' blob: data: 'self' 'unsafe-eval';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';img-src 'self' data: blob: facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;require-trusted-types-for 'script'; content-encoding gzip x-content-type-options nosniff strict-transport-security max-age=31536000; preload; includeSubDomains date Tue, 23 Jul 2024 11:18:43 GMT document-policy force-load-at-top cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=86400 x-xss-protection 0 reporting-endpoints coop_report="https://www.facebook.com/browser_reporting/coop/?minimize=0", coep_report="https://www.facebook.com/browser_reporting/coep/?minimize=0", permissions_policy="https://www.facebook.com/ajax/browser_error_reports/" x-fb-connection-quality EXCELLENT; q=0.9, rtt=11, rtx=0, c=65, mss=1297, tbw=64182, tp=-1, tpl=-1, uplat=368, ullat=0 pragma public x-fb-debug PzMCLWJm/AsymJIvHrU5n8IkXvqtA/e8kTkecPRQ+eCgWkeomb2jdx12/hgKnKU6B+qCWjXKX3/0ferVb4+Tqw== cross-origin-embedder-policy-report-only require-corp;report-to="coep_report" cross-origin-opener-policy same-origin-allow-popups;report-to="coop_report" vary Accept-Encoding report-to {"max_age":2592000,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coop\/?minimize=0"}],"group":"coop_report","include_subdomains":true}, {"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coep\/?minimize=0"}],"group":"coep_report"}, {"max_age":21600,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/"}],"group":"permissions_policy"} content-type application/x-javascript; charset=utf-8 x-frame-options DENY origin-agent-cluster ?0 cache-control public, max-age=1200 permissions-policy accelerometer=(), attribution-reporting=(), autoplay=(), battery=(self), bluetooth=(), camera=(), ch-device-memory=(), ch-downlink=(), ch-dpr=(), ch-ect=(), ch-rtt=(), ch-save-data=(), ch-ua-arch=(), ch-ua-bitness=(), ch-viewport-height=(), ch-viewport-width=(), ch-width=(), clipboard-read=(), clipboard-write=(), compute-pressure=(), display-capture=(), encrypted-media=(), fullscreen=(self), gamepad=(), geolocation=(), gyroscope=(), hid=(), idle-detection=(), interest-cohort=(), keyboard-map=(), local-fonts=(), magnetometer=(), microphone=(), midi=(), otp-credentials=(), payment=(), picture-in-picture=(), private-state-token-issuance=(), publickey-credentials-get=(), screen-wake-lock=(), serial=(), shared-storage=(), shared-storage-select-url=(), private-state-token-redemption=(), usb=(), usb-unrestricted=(), unload=(self), window-management=(), xr-spatial-tracking=();report-to="permissions_policy" timing-allow-origin * expires Sat, 01 Jan 2000 00:00:00 GMT
OPTIONS H2	200	/ moneyfor.com/api/cookies/enabled/	0 0	202ms 153ms	Preflight text/html	35.244.207.205 GOOGLE-CLOUD-PLAT...
General Check archive.org Show headers Download Go to Full URL https://moneyfor.com/api/cookies/enabled/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 35.244.207.205 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US), Reverse DNS 205.207.244.35.bc.googleusercontent.com Software nginx/1.15.5 / PHP/8.1.12 Resource Hash Request headers Accept */* Access-Control-Request-Headers baggage,content-type,sentry-trace Access-Control-Request-Method POST Origin https://www.crossroadsmoney.com Sec-Fetch-Mode cors User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36 Response headers access-control-allow-credentials true access-control-allow-headers Content-Type, Cookie, Set-Cookie, Origin, X-Requested-With, X-Form-Theme, X-Form-Build-Number, X-Aid, X-Domain, sentry-trace, baggage, X-Use-Leadprint, X-LeadLogin-Etag access-control-allow-methods GET,POST,PUT,PATCH access-control-allow-origin https://www.crossroadsmoney.com access-control-expose-headers ETag alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 cache-control no-cache, private content-encoding gzip content-type text/html; charset=UTF-8 date Tue, 23 Jul 2024 11:18:43 GMT server nginx/1.15.5 via 1.1 google x-app-build-number 2817 x-powered-by PHP/8.1.12
OPTIONS H2	200	/ moneyfor.com/api/lead-login/etag/	0 0	203ms 155ms	Preflight text/html	35.244.207.205 GOOGLE-CLOUD-PLAT...
General Check archive.org Show headers Download Go to Full URL https://moneyfor.com/api/lead-login/etag/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 35.244.207.205 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US), Reverse DNS 205.207.244.35.bc.googleusercontent.com Software nginx/1.15.5 / PHP/8.1.12 Resource Hash Request headers Accept */* Access-Control-Request-Headers baggage,sentry-trace Access-Control-Request-Method GET Origin https://www.crossroadsmoney.com Sec-Fetch-Mode cors User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36 Response headers access-control-allow-credentials true access-control-allow-headers Content-Type, Cookie, Set-Cookie, Origin, X-Requested-With, X-Form-Theme, X-Form-Build-Number, X-Aid, X-Domain, sentry-trace, baggage, X-Use-Leadprint, X-LeadLogin-Etag access-control-allow-methods GET,POST,PUT,PATCH access-control-allow-origin https://www.crossroadsmoney.com access-control-expose-headers ETag alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 cache-control no-cache, private content-encoding gzip content-type text/html; charset=UTF-8 date Tue, 23 Jul 2024 11:18:43 GMT server nginx/1.15.5 via 1.1 google x-app-build-number 2817 x-powered-by PHP/8.1.12
POST H3	200	/ Show response moneyfor.com/api/cookies/enabled/	52 B 84 B	174ms 157ms	Fetch application/json	35.244.207.205 GOOGLE-CLOUD-PLAT...
General Check archive.org Show headers Download Go to Full URL https://moneyfor.com/api/cookies/enabled/ Requested by Host: www.crossroadsmoney.com URL: https://www.crossroadsmoney.com/assets/js/sentry_head.js?05f89692f9e4278ba8ff Protocol H3 Security QUIC, , AES_128_GCM Server 35.244.207.205 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US), Reverse DNS 205.207.244.35.bc.googleusercontent.com Software nginx/1.15.5 / PHP/8.1.12 Resource Hash b54a446269c97008d0d32bb22601c410573ead944c5dbad55b84b135128c688c Request headers Referer https://www.crossroadsmoney.com/ baggage sentry-trace_id=5f8322c275264b43a2256f45ec8c3868,sentry-sample_rate=1,sentry-transaction=%2F,sentry-public_key=bacddb9aa8984cbaa2863720333937c4,sentry-environment=production,sentry-sampled=true User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36 sentry-trace 5f8322c275264b43a2256f45ec8c3868-b9c1e6bf643a6100-1 Content-Type application/json Response headers date Tue, 23 Jul 2024 11:18:43 GMT content-encoding gzip via 1.1 google server nginx/1.15.5 x-powered-by PHP/8.1.12 access-control-allow-methods GET,POST,PUT,PATCH content-type application/json access-control-allow-origin https://www.crossroadsmoney.com x-app-build-number 2817 access-control-expose-headers ETag cache-control no-cache, private access-control-allow-credentials true access-control-allow-headers Content-Type, Cookie, Set-Cookie, Origin, X-Requested-With, X-Form-Theme, X-Form-Build-Number, X-Aid, X-Domain, sentry-trace, baggage, X-Use-Leadprint, X-LeadLogin-Etag alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
GET H3	200	/ moneyfor.com/api/lead-login/etag/	0 0	192ms 177ms	Fetch text/html	35.244.207.205 GOOGLE-CLOUD-PLAT...
General Check archive.org Show headers Download Go to Full URL https://moneyfor.com/api/lead-login/etag/ Requested by Host: www.crossroadsmoney.com URL: https://www.crossroadsmoney.com/assets/js/sentry_head.js?05f89692f9e4278ba8ff Protocol H3 Security QUIC, , AES_128_GCM Server 35.244.207.205 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US), Reverse DNS 205.207.244.35.bc.googleusercontent.com Software nginx/1.15.5 / PHP/8.1.12 Resource Hash Request headers Referer https://www.crossroadsmoney.com/ baggage sentry-trace_id=5f8322c275264b43a2256f45ec8c3868,sentry-sample_rate=1,sentry-transaction=%2F,sentry-public_key=bacddb9aa8984cbaa2863720333937c4,sentry-environment=production,sentry-sampled=true User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36 sentry-trace 5f8322c275264b43a2256f45ec8c3868-a7c32e31182191be-1 Response headers date Tue, 23 Jul 2024 11:18:43 GMT content-encoding identity via 1.1 google x-powered-by PHP/8.1.12 alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 0 server nginx/1.15.5 etag "def50200df111354540f00d907df595498b7a6fdd4cf7b6f15df1a89e82bda4c0f6b512e0324a8e2a5538119e7933a303c448350f7064b2cbcd361e5552017105ce82f12f0c71ac0ec695587813365509c587034915165f6cc81353ca1" access-control-allow-methods GET,POST,PUT,PATCH content-type text/html; charset=UTF-8 access-control-allow-origin https://www.crossroadsmoney.com x-app-build-number 2817 access-control-expose-headers ETag cache-control max-age=0, public access-control-allow-credentials true access-control-allow-headers Content-Type, Cookie, Set-Cookie, Origin, X-Requested-With, X-Form-Theme, X-Form-Build-Number, X-Aid, X-Domain, sentry-trace, baggage, X-Use-Leadprint, X-LeadLogin-Etag
GET H2	200	hash.js Show response hashsrv.com/js/	33 KB 12 KB	353ms 111ms	Script application/javascript	18.189.126.174 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://hashsrv.com/js/hash.js Requested by Host: www.crossroadsmoney.com URL: https://www.crossroadsmoney.com/assets/js/index.js?05f89692f9e4278ba8ff Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 18.189.126.174 Columbus, United States, ASN16509 (AMAZON-02, US), Reverse DNS ec2-18-189-126-174.us-east-2.compute.amazonaws.com Software nginx / Resource Hash a05253ab9886908e654bb384a08558c05c19c7e9af8f476e40125c93578836c0 Request headers Referer https://www.crossroadsmoney.com/ User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36 Response headers content-type application/javascript date Tue, 23 Jul 2024 11:18:43 GMT cache-control max-age=43200, public content-encoding gzip server nginx expires Tue, 23 Jul 2024 23:18:43 GMT
GET H2	200	ajax.php Show response www.crossroadsmoney.com/api/	225 B 860 B	579ms 579ms	Script application/javascript	104.168.164.52 HOSTWINDS
General Check archive.org Show headers Download Go to Full URL https://www.crossroadsmoney.com/api/ajax.php?action=trackvisit Requested by Host: www.crossroadsmoney.com URL: https://www.crossroadsmoney.com/assets/js/index.js?05f89692f9e4278ba8ff Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 104.168.164.52 , United States, ASN54290 (HOSTWINDS, US), Reverse DNS hwsrv-674209.hostwindsdns.com Software nginx / Resource Hash 5b7962f1881ba78cd8ebea7e0e2aabbf9fc98bc7b627a11398ada66503c204e4 Request headers Referer https://www.crossroadsmoney.com/ User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36 Response headers content-type application/javascript pragma no-cache date Tue, 23 Jul 2024 11:18:43 GMT cache-control no-store, no-cache, must-revalidate content-encoding gzip server nginx expires Thu, 19 Nov 1981 08:52:00 GMT
GET H2	200	photo-5-c39d63f0.png www.crossroadsmoney.com/assets/img/resize/	164 KB 164 KB	154ms 154ms	Image image/png	104.168.164.52 HOSTWINDS
General Check archive.org Show headers Download Go to Show image Full URL https://www.crossroadsmoney.com/assets/img/resize/photo-5-c39d63f0.png Requested by Host: www.crossroadsmoney.com URL: https://www.crossroadsmoney.com/ Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 104.168.164.52 , United States, ASN54290 (HOSTWINDS, US), Reverse DNS hwsrv-674209.hostwindsdns.com Software nginx / Resource Hash fd539586bf6a8d61d53e53b63ecfad172ef70cf77d2ba3cee94abf12450c99e8 Request headers Referer https://www.crossroadsmoney.com/ User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36 Response headers date Tue, 23 Jul 2024 11:18:43 GMT last-modified Tue, 02 Jul 2024 14:00:28 GMT server nginx etag "668407fc-28f38" content-type image/png cache-control max-age=2592000, public accept-ranges bytes content-length 167736 expires Thu, 22 Aug 2024 11:18:43 GMT
GET H2	200	photo-2-3a610d7b.png www.crossroadsmoney.com/assets/img/resize/	119 KB 119 KB	162ms 162ms	Image image/png	104.168.164.52 HOSTWINDS
General Check archive.org Show headers Download Go to Show image Full URL https://www.crossroadsmoney.com/assets/img/resize/photo-2-3a610d7b.png Requested by Host: www.crossroadsmoney.com URL: https://www.crossroadsmoney.com/ Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 104.168.164.52 , United States, ASN54290 (HOSTWINDS, US), Reverse DNS hwsrv-674209.hostwindsdns.com Software nginx / Resource Hash 916e183606cf78fb99bcc7911d8a8ebb5d228b439ea22f06c29e96565e0eeea7 Request headers Referer https://www.crossroadsmoney.com/ User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36 Response headers date Tue, 23 Jul 2024 11:18:43 GMT last-modified Tue, 02 Jul 2024 14:00:28 GMT server nginx etag "668407fc-1db3d" content-type image/png cache-control max-age=2592000, public accept-ranges bytes content-length 121661 expires Thu, 22 Aug 2024 11:18:43 GMT
GET H2	200	/ www.facebook.com/tr/	0 273 B	28ms 10ms	Image text/plain	2a03:2880:f176:181:face:b00c:0:25de FACEBOOK
General Check archive.org Show headers Download Go to Show image Full URL https://www.facebook.com/tr/?id=364299881815721&ev=PageView&dl=https%3A%2F%2Fwww.crossroadsmoney.com&rl=&if=false&ts=1721733523454&sw=1600&sh=1200&v=2.9.162&r=stable&ec=0&o=4124&fbp=fb.1.1721733523451.917667193379445815&pm=1&hrl=cb13b4&ler=empty&cdl=API_unavailable&it=1721733523054&coo=false&cs_cc=1&cas=25134778772833933%2C7892832407496798%2C7660213357343113%2C8053958281299366%2C7390431151071110%2C5041173195932936&rqm=GET Requested by Host: www.crossroadsmoney.com URL: https://www.crossroadsmoney.com/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a03:2880:f176:181:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US), Reverse DNS Software proxygen-bolt / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Security Headers Name Value Strict-Transport-Security max-age=31536000; includeSubDomains Request headers Referer https://www.crossroadsmoney.com/ User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36 Response headers x-fb-connection-quality EXCELLENT; q=0.9, rtt=6, rtx=0, c=10, mss=1297, tbw=2773, tp=-1, tpl=-1, uplat=0, ullat=0 strict-transport-security max-age=31536000; includeSubDomains date Tue, 23 Jul 2024 11:18:43 GMT server proxygen-bolt content-type text/plain access-control-allow-origin access-control-allow-credentials true cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=86400 content-length 0
GET H2	200	/ www.facebook.com/privacy_sandbox/pixel/register/trigger/	67 B 3 KB	172ms 154ms	Image image/png	2a03:2880:f176:181:face:b00c:0:25de FACEBOOK
General Check archive.org Show headers Download Go to Show image Full URL https://www.facebook.com/privacy_sandbox/pixel/register/trigger/?id=364299881815721&ev=PageView&dl=https%3A%2F%2Fwww.crossroadsmoney.com&rl=&if=false&ts=1721733523454&sw=1600&sh=1200&v=2.9.162&r=stable&ec=0&o=4124&fbp=fb.1.1721733523451.917667193379445815&pm=1&hrl=cb13b4&ler=empty&cdl=API_unavailable&it=1721733523054&coo=false&cs_cc=1&cas=25134778772833933%2C7892832407496798%2C7660213357343113%2C8053958281299366%2C7390431151071110%2C5041173195932936&rqm=FGET Requested by Host: www.crossroadsmoney.com URL: https://www.crossroadsmoney.com/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a03:2880:f176:181:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US), Reverse DNS Software / Resource Hash aa7b6c81e85551eeb5c4809f1e683efa0b780c33d12ddfc2067a1b136803e45a Security Headers Name Value Content-Security-Policy default-src data: blob: 'self' https://*.fbsbx.com 'unsafe-inline' *.facebook.com *.fbcdn.net 'unsafe-eval';script-src *.facebook.com *.fbcdn.net 'unsafe-inline' blob: data: 'self' 'unsafe-eval';style-src *.fbcdn.net data: *.facebook.com 'unsafe-inline';connect-src *.facebook.com facebook.com *.fbcdn.net wss://*.facebook.com:* wss://*.fbcdn.net attachment.fbsbx.com blob: *.cdninstagram.com 'self' http://localhost:3103 wss://gateway.facebook.com wss://edge-chat.facebook.com wss://snaptu-d.facebook.com wss://kaios-d.facebook.com/ *.fbsbx.com;font-src data: *.facebook.com *.fbcdn.net *.fbsbx.com;img-src *.fbcdn.net *.facebook.com data: https://*.fbsbx.com facebook.com *.cdninstagram.com fbsbx.com fbcdn.net blob: android-webview-video-poster: *.oculuscdn.com;media-src *.cdninstagram.com blob: *.fbcdn.net *.fbsbx.com www.facebook.com *.facebook.com data:;frame-src *.facebook.com *.fbsbx.com fbsbx.com data: *.fbcdn.net;worker-src blob: *.facebook.com data:;block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0; Strict-Transport-Security max-age=15552000; preload X-Content-Type-Options nosniff X-Frame-Options DENY X-Xss-Protection 0 Request headers Referer https://www.crossroadsmoney.com/ User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36 Response headers content-security-policy default-src data: blob: 'self' https://*.fbsbx.com 'unsafe-inline' *.facebook.com *.fbcdn.net 'unsafe-eval';script-src *.facebook.com *.fbcdn.net 'unsafe-inline' blob: data: 'self' 'unsafe-eval';style-src *.fbcdn.net data: *.facebook.com 'unsafe-inline';connect-src *.facebook.com facebook.com *.fbcdn.net wss://*.facebook.com:* wss://*.fbcdn.net attachment.fbsbx.com blob: *.cdninstagram.com 'self' http://localhost:3103 wss://gateway.facebook.com wss://edge-chat.facebook.com wss://snaptu-d.facebook.com wss://kaios-d.facebook.com/ *.fbsbx.com;font-src data: *.facebook.com *.fbcdn.net *.fbsbx.com;img-src *.fbcdn.net *.facebook.com data: https://*.fbsbx.com facebook.com *.cdninstagram.com fbsbx.com fbcdn.net blob: android-webview-video-poster: *.oculuscdn.com;media-src *.cdninstagram.com blob: *.fbcdn.net *.fbsbx.com www.facebook.com *.facebook.com data:;frame-src *.facebook.com *.fbsbx.com fbsbx.com data: *.fbcdn.net;worker-src blob: *.facebook.com data:;block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0; content-encoding zstd x-content-type-options nosniff strict-transport-security max-age=15552000; preload date Tue, 23 Jul 2024 11:18:43 GMT document-policy force-load-at-top cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=86400 x-xss-protection 0 reporting-endpoints coop_report="https://www.facebook.com/browser_reporting/coop/?minimize=0", coep_report="https://www.facebook.com/browser_reporting/coep/?minimize=0", default="https://www.facebook.com/ajax/browser_error_reports/?device_level=unknown&brsid=7394789175162255816", permissions_policy="https://www.facebook.com/ajax/browser_error_reports/" x-fb-connection-quality EXCELLENT; q=0.9, rtt=6, rtx=0, c=10, mss=1297, tbw=3090, tp=-1, tpl=-1, uplat=145, ullat=0 pragma no-cache x-fb-debug kEOlW1k4bJ1/xl7vCHXMTcmXALNSpjhanrjk/NRC3v1Gltt78iHyNrLyDgSi5yYMrfKsnPJjEnSp73F2LdrVUA== cross-origin-embedder-policy-report-only require-corp;report-to="coep_report" cross-origin-opener-policy same-origin-allow-popups;report-to="coop_report" vary Accept-Encoding report-to {"max_age":2592000,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coop\/?minimize=0"}],"group":"coop_report","include_subdomains":true}, {"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coep\/?minimize=0"}],"group":"coep_report"}, {"max_age":259200,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/?device_level=unknown&brsid=7394789175162255816"}]}, {"max_age":21600,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/"}],"group":"permissions_policy"} content-type image/png x-frame-options DENY origin-agent-cluster ?0 cache-control private, no-store, no-cache, must-revalidate permissions-policy accelerometer=(), attribution-reporting=(self), autoplay=(), battery=(self), bluetooth=(), camera=(self), ch-device-memory=(), ch-downlink=(), ch-dpr=(), ch-ect=(), ch-rtt=(), ch-save-data=(), ch-ua-arch=(), ch-ua-bitness=(), ch-viewport-height=(), ch-viewport-width=(), ch-width=(), clipboard-read=(self), clipboard-write=(self), compute-pressure=(), display-capture=(self), encrypted-media=(self), fullscreen=(self), gamepad=*, geolocation=(self), gyroscope=(), hid=(), idle-detection=(), interest-cohort=(), keyboard-map=(), local-fonts=(), magnetometer=(), microphone=(self), midi=(), otp-credentials=(), payment=(), picture-in-picture=(self), private-state-token-issuance=(), publickey-credentials-get=(self), screen-wake-lock=(), serial=(), shared-storage=(), shared-storage-select-url=(), private-state-token-redemption=(), usb=(), usb-unrestricted=(), unload=(self), window-management=(), xr-spatial-tracking=(self);report-to="permissions_policy" expires Sat, 01 Jan 2000 00:00:00 GMT
POST H3	200	/ Show response moneyfor.com/api/cookies/enabled/	51 B 82 B	157ms 156ms	Fetch application/json	35.244.207.205 GOOGLE-CLOUD-PLAT...
General Check archive.org Show headers Download Go to Full URL https://moneyfor.com/api/cookies/enabled/ Requested by Host: www.crossroadsmoney.com URL: https://www.crossroadsmoney.com/assets/js/sentry_head.js?05f89692f9e4278ba8ff Protocol H3 Security QUIC, , AES_128_GCM Server 35.244.207.205 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US), Reverse DNS 205.207.244.35.bc.googleusercontent.com Software nginx/1.15.5 / PHP/8.1.12 Resource Hash c008338887f74ccafc95673c2ce35c2d4042fcc45ea04f40dd155275cde16989 Request headers Referer https://www.crossroadsmoney.com/ baggage sentry-trace_id=5f8322c275264b43a2256f45ec8c3868,sentry-sample_rate=1,sentry-transaction=%2F,sentry-public_key=bacddb9aa8984cbaa2863720333937c4,sentry-environment=production,sentry-sampled=true User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36 sentry-trace 5f8322c275264b43a2256f45ec8c3868-a0f15c957a30a801-1 Content-Type application/json Response headers date Tue, 23 Jul 2024 11:18:43 GMT content-encoding gzip via 1.1 google server nginx/1.15.5 x-powered-by PHP/8.1.12 access-control-allow-methods GET,POST,PUT,PATCH content-type application/json access-control-allow-origin https://www.crossroadsmoney.com x-app-build-number 2817 access-control-expose-headers ETag cache-control no-cache, private access-control-allow-credentials true access-control-allow-headers Content-Type, Cookie, Set-Cookie, Origin, X-Requested-With, X-Form-Theme, X-Form-Build-Number, X-Aid, X-Domain, sentry-trace, baggage, X-Use-Leadprint, X-LeadLogin-Etag alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
OPTIONS H2	200	/ moneyfor.com/api/lead-login/can/	0 0	154ms 154ms	Preflight text/html	35.244.207.205 GOOGLE-CLOUD-PLAT...
General Check archive.org Show headers Download Go to Full URL https://moneyfor.com/api/lead-login/can/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 35.244.207.205 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US), Reverse DNS 205.207.244.35.bc.googleusercontent.com Software nginx/1.15.5 / PHP/8.1.12 Resource Hash Request headers Accept */* Access-Control-Request-Headers baggage,content-type,sentry-trace,x-leadlogin-etag Access-Control-Request-Method POST Origin https://www.crossroadsmoney.com Sec-Fetch-Mode cors User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36 Response headers access-control-allow-credentials true access-control-allow-headers Content-Type, Cookie, Set-Cookie, Origin, X-Requested-With, X-Form-Theme, X-Form-Build-Number, X-Aid, X-Domain, sentry-trace, baggage, X-Use-Leadprint, X-LeadLogin-Etag access-control-allow-methods GET,POST,PUT,PATCH access-control-allow-origin https://www.crossroadsmoney.com access-control-expose-headers ETag alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 cache-control no-cache, private content-encoding gzip content-type text/html; charset=UTF-8 date Tue, 23 Jul 2024 11:18:43 GMT server nginx/1.15.5 via 1.1 google x-app-build-number 2817 x-powered-by PHP/8.1.12
POST H3	200	/ Show response moneyfor.com/api/lead-login/can/	58 B 84 B	238ms 237ms	XHR application/json	35.244.207.205 GOOGLE-CLOUD-PLAT...
General Check archive.org Show headers Download Go to Full URL https://moneyfor.com/api/lead-login/can/ Requested by Host: www.crossroadsmoney.com URL: https://www.crossroadsmoney.com/assets/js/sentry_head.js?05f89692f9e4278ba8ff Protocol H3 Security QUIC, , AES_128_GCM Server 35.244.207.205 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US), Reverse DNS 205.207.244.35.bc.googleusercontent.com Software nginx/1.15.5 / PHP/8.1.12 Resource Hash 792c2dec1aee27c269d9ffee9e1135cd3fbda118788073737d22d5fb36702f0a Request headers Accept application/json, text/javascript, */*; q=0.01 Referer https://www.crossroadsmoney.com/ baggage sentry-trace_id=5f8322c275264b43a2256f45ec8c3868,sentry-sample_rate=1,sentry-transaction=%2F,sentry-public_key=bacddb9aa8984cbaa2863720333937c4,sentry-environment=production,sentry-sampled=true User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36 sentry-trace 5f8322c275264b43a2256f45ec8c3868-9103b93d95d5b6d4-1 X-LeadLogin-Etag "def50200df111354540f00d907df595498b7a6fdd4cf7b6f15df1a89e82bda4c0f6b512e0324a8e2a5538119e7933a303c448350f7064b2cbcd361e5552017105ce82f12f0c71ac0ec695587813365509c587034915165f6cc81353ca1" Content-Type application/json Response headers date Tue, 23 Jul 2024 11:18:43 GMT content-encoding gzip via 1.1 google server nginx/1.15.5 x-powered-by PHP/8.1.12 access-control-allow-methods GET,POST,PUT,PATCH content-type application/json access-control-allow-origin https://www.crossroadsmoney.com x-app-build-number 2817 access-control-expose-headers ETag cache-control no-cache, private access-control-allow-credentials true access-control-allow-headers Content-Type, Cookie, Set-Cookie, Origin, X-Requested-With, X-Form-Theme, X-Form-Build-Number, X-Aid, X-Domain, sentry-trace, baggage, X-Use-Leadprint, X-LeadLogin-Etag alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
POST H2	201	offerPageLoaded formalytics.dev/api/form-event/	0 0	205ms 147ms	Ping application/json	34.107.200.92 GOOGLE-CLOUD-PLAT...
General Check archive.org Show headers Download Go to Full URL https://formalytics.dev/api/form-event/offerPageLoaded?session_id=65e66bc3e8d2726bfe5130a617eb3cf5&triggered_at=2024-07-23T13%3A18%3A43.211000%2B2%3A00&form_theme=wallet-lines&domain=www.crossroadsmoney.com Requested by Host: www.crossroadsmoney.com URL: https://www.crossroadsmoney.com/assets/js/index.js?05f89692f9e4278ba8ff Protocol H2 Security TLS 1.3, , AES_128_GCM Server 34.107.200.92 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US), Reverse DNS 92.200.107.34.bc.googleusercontent.com Software / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Request headers Referer https://www.crossroadsmoney.com/ User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36 Content-Type text/plain Response headers
GET H2	200	favicon-32x32.png www.crossroadsmoney.com/assets/img/	972 B 1 KB	152ms 152ms	Other image/png	104.168.164.52 HOSTWINDS
General Check archive.org Show headers Download Go to Full URL https://www.crossroadsmoney.com/assets/img/favicon-32x32.png Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 104.168.164.52 , United States, ASN54290 (HOSTWINDS, US), Reverse DNS hwsrv-674209.hostwindsdns.com Software nginx / Resource Hash 706d03a0ab8221affad962467ea7650a118f13817dc24833950f2047f46a4bd0 Request headers Referer https://www.crossroadsmoney.com/ User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36 Response headers date Tue, 23 Jul 2024 11:18:43 GMT last-modified Tue, 02 Jul 2024 14:00:28 GMT server nginx etag "668407fc-3cc" content-type image/png cache-control max-age=2592000, public accept-ranges bytes content-length 972 expires Thu, 22 Aug 2024 11:18:43 GMT
POST H/1.1	200 OK	/ Show response sentry.formalytics.dev/api/2/envelope/	41 B 433 B	483ms 225ms	Fetch application/json	3.128.154.225 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://sentry.formalytics.dev/api/2/envelope/?sentry_key=c0d94f4bc2f14f22b869b68e026bb949&sentry_version=7&sentry_client=sentry.javascript.browser%2F7.77.0 Requested by Host: www.crossroadsmoney.com URL: https://www.crossroadsmoney.com/assets/js/sentry_head.js?05f89692f9e4278ba8ff Protocol HTTP/1.1 Security TLS 1.3, , AES_128_GCM Server 3.128.154.225 Columbus, United States, ASN16509 (AMAZON-02, US), Reverse DNS ec2-3-128-154-225.us-east-2.compute.amazonaws.com Software nginx / Resource Hash 6bbf7ec7735f9453658c38fdb4fb4f81ec28e66ce9e54bf24fba95ec0c08a46e Request headers Referer https://www.crossroadsmoney.com/ User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36 Content-Type text/plain;charset=UTF-8 Response headers Date Tue, 23 Jul 2024 11:18:45 GMT Server nginx vary origin, access-control-request-method, access-control-request-headers Content-Type application/json Access-Control-Allow-Origin * access-control-expose-headers x-sentry-error,x-sentry-rate-limits,retry-after cross-origin-resource-policy cross-origin Connection keep-alive Content-Length 41

24 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| __SENTRY__ function| captureException function| addBreadcrumb function| fbq function| _fbq function| clearImmediate function| setImmediate object| regeneratorRuntime object| formalyticsTracker function| _appMoneyForLogout string| _userTrackOfferVisitStatusb15c1201887c76c573df51bae4dd8d40b1698 object| _lg_notifications_ function| collectNotificationsFacade function| IMask function| __AF_executeScript boolean| __AF_HASH_SCRIPT_EXECUTED function| _evercookie_flash_var function| Evercookie function| evercookie object| __AF_BrowserInfo object| __AF_noCtrlVfieldsList object| __AF_ClientInfo string| __sessionData object| _sessionInfo

7 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

			Domain/Path	Expires	Name / Value
			www.crossroadsmoney.com/	1969-12-31 23:59:59	Name: PHPSESSID Value: bmo81mm8hjj2ko9uj7kn31pmd2
			.crossroadsmoney.com/	1970-01-21 00:25:09	Name: _fbp Value: fb.1.1721733523451.917667193379445815
			.moneyfor.com/	1970-01-21 07:51:33	Name: mcan Value: 1
			.moneyfor.com/	1970-01-21 07:51:33	Name: mfoid Value: def50200037cf5143ac0721af82c4f0a1f4fd89340f25afa4e1982f9bc4839db152f76bb9c1700f4e921dde74e6d2c467685954cbc8f9833c34b7c8bd93a9951da00053320b822cd47fee912dc50f3d4e98eea00922597ff8825c0a330
			www.crossroadsmoney.com/	1969-12-31 23:59:59	Name: lg_form_login Value: {%22visitors%22:[]%2C%22offerVisitors%22:[]%2C%22etags%22:[%22%5C%22def50200df111354540f00d907df595498b7a6fdd4cf7b6f15df1a89e82bda4c0f6b512e0324a8e2a5538119e7933a303c448350f7064b2cbcd361e5552017105ce82f12f0c71ac0ec695587813365509c587034915165f6cc81353ca1%5C%22%22]}
			.crossroadsmoney.com/	1970-01-20 22:16:59	Name: _lg_form__leadx Value: %7B%22source%22%3A%22%22%2C%22click_id%22%3A%22%22%2C%22aid%22%3A%227979%22%2C%22sessionId%22%3A%2265e66bc3e8d2726bfe5130a617eb3cf5%22%2C%22hash%22%3A%22229aa056fc87732624f6986ce08fee92ebabf29b9ea928ee81f6d6ac4213a885%22%2C%22PHPSESSID%22%3A%22bmo81mm8hjj2ko9uj7kn31pmd2%22%7D
			.www.crossroadsmoney.com/	1970-01-21 07:51:33	Name: first Value: lg

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

connect.facebook.net
fonts.googleapis.com
fonts.gstatic.com
formalytics.dev
hashsrv.com
moneyfor.com
sentry.formalytics.dev
www.crossroadsmoney.com
www.facebook.com
104.168.164.52
18.189.126.174
2a00:1450:4001:812::200a
2a00:1450:4001:81c::2003
2a03:2880:f084:d:face:b00c:0:3
2a03:2880:f176:181:face:b00c:0:25de
3.128.154.225
34.107.200.92
35.244.207.205
13f83cf0dae135891ee6f039e82f8116dc5f158c7c94ac519debc23d8e8c5128
258f9f1b553bb57419619f41d3b1445226c7bc63d2a3409efef4a68426709e94
30023db91cc6ae50e73f39cf1a16142ff7857fd5c21ac2348392cea6e417c992
4961208d46a1730518c328ab3e74f4514876a018f198efc5fdfef23b08e3a80d
5b7962f1881ba78cd8ebea7e0e2aabbf9fc98bc7b627a11398ada66503c204e4
6166d1458738f01af04845527b88a8a88b246874cc086acfa6ba2973ec91d1d1
6bbf7ec7735f9453658c38fdb4fb4f81ec28e66ce9e54bf24fba95ec0c08a46e
706d03a0ab8221affad962467ea7650a118f13817dc24833950f2047f46a4bd0
792c2dec1aee27c269d9ffee9e1135cd3fbda118788073737d22d5fb36702f0a
7a4cae6cbf3669419cd0a22d16162777b0b13dc404942ef94626573358d4a1a8
916e183606cf78fb99bcc7911d8a8ebb5d228b439ea22f06c29e96565e0eeea7
91eebd05b769a1d88ea483e8de038fc5ef21b4179349548e7ce81b27a945fcc6
a05253ab9886908e654bb384a08558c05c19c7e9af8f476e40125c93578836c0
a20099092b645fd5153459dac86885f41fcc761815bb54a8a03a1d928aa4bb61
aa7b6c81e85551eeb5c4809f1e683efa0b780c33d12ddfc2067a1b136803e45a
b075ea7ef7c9859c98dedeb8649b2c370f1b4ec2e88408620b0b5db4d9a0836c
b54a446269c97008d0d32bb22601c410573ead944c5dbad55b84b135128c688c
c008338887f74ccafc95673c2ce35c2d4042fcc45ea04f40dd155275cde16989
d6e0291fa47e6bc1aa70a32c904bedbdb06b2b1f11667735161e3aeffe953ec3
da15698e6be7aef752e1241839c8ebc92a772a91504c8b996a97c277c28d82b8
dd5e8c29b1c74413deda7d0ed8c05c53cb54dd241be713dcff0cc329a2e4471c
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e8ff28fb013701ce00e632b4550ab28e316ab1c46aedbbb22a8fb085770eae57
eaa003d85cb77f94fcae98396e583ce01d0c375b57235402c884ef8a792b951e
fd539586bf6a8d61d53e53b63ecfad172ef70cf77d2ba3cee94abf12450c99e8