www.credittreats.com Open in urlscan Pro
104.168.254.95  Public Scan

0 Outgoing links

These are links going to different origins than the main page.

Redirected requests

There were HTTP redirect chains for the following requests:

28 HTTP transactions Everything HTML Script AJAX CSS Image Expand all
3 data transactions

Method Protocol	Status	Resource Path	Size x-fer	Time Latency	Type MIME-Type	IP Location
GET H2	200	Primary Request / Show response www.credittreats.com/	39 KB 15 KB	586ms 288ms	Document text/html	104.168.254.95 HOSTWINDS
General Check archive.org Show headers Download Go to Full URL https://www.credittreats.com/ Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 104.168.254.95 , United States, ASN54290 (HOSTWINDS, US), Reverse DNS hwsrv-674212.hostwindsdns.com Software nginx / Resource Hash 0d0d0dc2924f8ef87d34e57e64df9f44c1d777897fc4cf4ddcd130ea2af051f5 Request headers Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36 Response headers cache-control no-store, no-cache, must-revalidate content-encoding gzip content-type text/html; charset=UTF-8 date Tue, 23 Jul 2024 11:41:48 GMT expires Thu, 19 Nov 1981 08:52:00 GMT pragma no-cache server nginx
GET H2	200	sentry_head.js Show response www.credittreats.com/assets/js/	104 KB 32 KB	148ms 147ms	Script application/javascript	104.168.254.95 HOSTWINDS
General Check archive.org Show headers Download Go to Full URL https://www.credittreats.com/assets/js/sentry_head.js?5c7563167dc64a79ef34 Requested by Host: www.credittreats.com URL: https://www.credittreats.com/ Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 104.168.254.95 , United States, ASN54290 (HOSTWINDS, US), Reverse DNS hwsrv-674212.hostwindsdns.com Software nginx / Resource Hash a60794cb460c842bfbe93e3b41ebea6f1de934dc1e5b760d176523e2cb11610d Request headers Referer https://www.credittreats.com/ User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36 Response headers date Tue, 23 Jul 2024 11:41:48 GMT content-encoding gzip last-modified Tue, 02 Jul 2024 14:19:41 GMT server nginx etag W/"66840c7d-1a0e0" content-type application/javascript cache-control max-age=43200, public expires Tue, 23 Jul 2024 23:41:48 GMT
GET H2	200	app.css www.credittreats.com/assets/css/	36 KB 6 KB	145ms 144ms	Stylesheet text/css	104.168.254.95 HOSTWINDS
General Check archive.org Show headers Download Go to Full URL https://www.credittreats.com/assets/css/app.css?5c7563167dc64a79ef34 Requested by Host: www.credittreats.com URL: https://www.credittreats.com/ Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 104.168.254.95 , United States, ASN54290 (HOSTWINDS, US), Reverse DNS hwsrv-674212.hostwindsdns.com Software nginx / Resource Hash 41f4035b1c900f32e03144599842f3db91f05896c207210d6dfdff4a013ff1f1 Request headers Referer https://www.credittreats.com/ User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36 Response headers date Tue, 23 Jul 2024 11:41:48 GMT content-encoding gzip last-modified Tue, 02 Jul 2024 14:19:41 GMT server nginx etag W/"66840c7d-9066" content-type text/css cache-control max-age=43200, public expires Tue, 23 Jul 2024 23:41:48 GMT
GET H2	200	header-bg-f8fe7ee3.jpeg www.credittreats.com/assets/img/resize/	64 KB 64 KB	290ms 289ms	Image image/jpeg	104.168.254.95 HOSTWINDS
General Check archive.org Show headers Download Go to Show image Full URL https://www.credittreats.com/assets/img/resize/header-bg-f8fe7ee3.jpeg Requested by Host: www.credittreats.com URL: https://www.credittreats.com/ Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 104.168.254.95 , United States, ASN54290 (HOSTWINDS, US), Reverse DNS hwsrv-674212.hostwindsdns.com Software nginx / Resource Hash 968321150c924b318c16605b30154ff9c29e0bc603582d06fa93e39446315ff7 Request headers Referer https://www.credittreats.com/ User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36 Response headers date Tue, 23 Jul 2024 11:41:48 GMT last-modified Tue, 02 Jul 2024 14:19:41 GMT server nginx etag "66840c7d-fffd" content-type image/jpeg cache-control max-age=2592000, public accept-ranges bytes content-length 65533 expires Thu, 22 Aug 2024 11:41:48 GMT
GET H2	200	polyfills.js Show response www.credittreats.com/assets/js/	109 KB 35 KB	290ms 290ms	Script application/javascript	104.168.254.95 HOSTWINDS
General Check archive.org Show headers Download Go to Full URL https://www.credittreats.com/assets/js/polyfills.js?5c7563167dc64a79ef34 Requested by Host: www.credittreats.com URL: https://www.credittreats.com/ Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 104.168.254.95 , United States, ASN54290 (HOSTWINDS, US), Reverse DNS hwsrv-674212.hostwindsdns.com Software nginx / Resource Hash d11f04f01eddec002fb8cfdea568fcac141d8a2e9d7f0d753cbfb6541afc6664 Request headers Referer https://www.credittreats.com/ User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36 Response headers date Tue, 23 Jul 2024 11:41:48 GMT content-encoding gzip last-modified Tue, 02 Jul 2024 14:19:41 GMT server nginx etag W/"66840c7d-1b528" content-type application/javascript cache-control max-age=43200, public expires Tue, 23 Jul 2024 23:41:48 GMT
GET H2	200	login.js Show response www.credittreats.com/assets/js/	277 KB 91 KB	148ms 148ms	Script application/javascript	104.168.254.95 HOSTWINDS
General Check archive.org Show headers Download Go to Full URL https://www.credittreats.com/assets/js/login.js?5c7563167dc64a79ef34 Requested by Host: www.credittreats.com URL: https://www.credittreats.com/ Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 104.168.254.95 , United States, ASN54290 (HOSTWINDS, US), Reverse DNS hwsrv-674212.hostwindsdns.com Software nginx / Resource Hash 00ce2935bb721a00760248abda13b8a7e0b791c23124bf50ac8c927e1249287d Request headers Referer https://www.credittreats.com/ User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36 Response headers date Tue, 23 Jul 2024 11:41:49 GMT content-encoding gzip last-modified Tue, 02 Jul 2024 14:19:41 GMT server nginx etag W/"66840c7d-45401" content-type application/javascript cache-control max-age=43200, public expires Tue, 23 Jul 2024 23:41:49 GMT
GET H2	200	app.js Show response www.credittreats.com/assets/js/	167 KB 62 KB	269ms 268ms	Script application/javascript	104.168.254.95 HOSTWINDS
General Check archive.org Show headers Download Go to Full URL https://www.credittreats.com/assets/js/app.js?5c7563167dc64a79ef34 Requested by Host: www.credittreats.com URL: https://www.credittreats.com/ Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 104.168.254.95 , United States, ASN54290 (HOSTWINDS, US), Reverse DNS hwsrv-674212.hostwindsdns.com Software nginx / Resource Hash ed7c779fe0010b3a53aaabd5bb3a971b537d1879400c8bb5e6573ab3f7d60488 Request headers Referer https://www.credittreats.com/ User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36 Response headers date Tue, 23 Jul 2024 11:41:49 GMT content-encoding gzip last-modified Tue, 02 Jul 2024 14:19:41 GMT server nginx etag W/"66840c7d-29d00" content-type application/javascript cache-control max-age=43200, public expires Tue, 23 Jul 2024 23:41:49 GMT
GET H2	200	main.js Show response www.credittreats.com/assets/js/	1 KB 1 KB	274ms 274ms	Script application/javascript	104.168.254.95 HOSTWINDS
General Check archive.org Show headers Download Go to Full URL https://www.credittreats.com/assets/js/main.js?5c7563167dc64a79ef34 Requested by Host: www.credittreats.com URL: https://www.credittreats.com/ Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 104.168.254.95 , United States, ASN54290 (HOSTWINDS, US), Reverse DNS hwsrv-674212.hostwindsdns.com Software nginx / Resource Hash dce830a9ee11f5f0ad30d579dd5916e6ba9c2debb552ebb8e7d31e37c992a0c8 Request headers Referer https://www.credittreats.com/ User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36 Response headers date Tue, 23 Jul 2024 11:41:49 GMT last-modified Tue, 02 Jul 2024 14:19:41 GMT server nginx etag "66840c7d-42a" content-type application/javascript cache-control max-age=43200, public accept-ranges bytes content-length 1066 expires Tue, 23 Jul 2024 23:41:49 GMT
GET H2	200	css fonts.googleapis.com/	3 KB 910 B	38ms 16ms	Stylesheet text/css	2a00:1450:4001:80b::200a GOOGLE
General Check archive.org Show headers Download Go to Full URL https://fonts.googleapis.com/css?family=Maven+Pro:400,700,900 Requested by Host: www.credittreats.com URL: https://www.credittreats.com/assets/css/app.css?5c7563167dc64a79ef34 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:80b::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software ESF / Resource Hash 52bfd30f53ba7d1387fae6d1b778e9b30d14aebd6a0d5aaa978a854c879e5cc6 Security Headers Name Value Strict-Transport-Security max-age=31536000 X-Content-Type-Options nosniff X-Frame-Options SAMEORIGIN X-Xss-Protection 0 Request headers Referer https://www.credittreats.com/ User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36 Response headers strict-transport-security max-age=31536000 date Tue, 23 Jul 2024 11:41:49 GMT content-encoding gzip x-content-type-options nosniff cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 x-xss-protection 0 last-modified Tue, 23 Jul 2024 11:41:49 GMT server ESF cross-origin-opener-policy same-origin-allow-popups x-frame-options SAMEORIGIN content-type text/css; charset=utf-8 access-control-allow-origin * cache-control private, max-age=86400, stale-while-revalidate=604800 timing-allow-origin * link <https://fonts.gstatic.com>; rel=preconnect; crossorigin expires Tue, 23 Jul 2024 11:41:49 GMT
GET H2	200	fbevents.js Show response connect.facebook.net/en_US/	224 KB 60 KB	28ms 8ms	Script application/x-javascript	2a03:2880:f084:d:face:b00c:0:3 FACEBOOK
General Check archive.org Show headers Download Go to Full URL https://connect.facebook.net/en_US/fbevents.js Requested by Host: www.credittreats.com URL: https://www.credittreats.com/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a03:2880:f084:d:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US), Reverse DNS Software / Resource Hash eaa003d85cb77f94fcae98396e583ce01d0c375b57235402c884ef8a792b951e Security Headers Name Value Content-Security-Policy default-src 'self' data: blob: *;script-src *.facebook.com *.fbcdn.net *.facebook.net 127.0.0.1:* 'unsafe-inline' blob: data: 'self' 'unsafe-eval' https://*.google-analytics.com *.google.com;style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' https://*.google-analytics.com;img-src 'self' data: blob: * https://*.google-analytics.com;block-all-mixed-content;upgrade-insecure-requests;require-trusted-types-for 'script'; Strict-Transport-Security max-age=31536000; preload; includeSubDomains X-Content-Type-Options nosniff X-Frame-Options DENY X-Xss-Protection 0 Request headers Referer https://www.credittreats.com/ User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36 Response headers content-security-policy default-src 'self' data: blob: *;script-src *.facebook.com *.fbcdn.net *.facebook.net 127.0.0.1:* 'unsafe-inline' blob: data: 'self' 'unsafe-eval' https://*.google-analytics.com *.google.com;style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' https://*.google-analytics.com;img-src 'self' data: blob: * https://*.google-analytics.com;block-all-mixed-content;upgrade-insecure-requests;require-trusted-types-for 'script'; content-encoding gzip x-content-type-options nosniff strict-transport-security max-age=31536000; preload; includeSubDomains date Tue, 23 Jul 2024 11:41:49 GMT document-policy force-load-at-top cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=86400 content-length 58677 x-xss-protection 0 reporting-endpoints coop_report="https://www.facebook.com/browser_reporting/coop/?minimize=0", coep_report="https://www.facebook.com/browser_reporting/coep/?minimize=0", permissions_policy="https://www.facebook.com/ajax/browser_error_reports/" x-fb-connection-quality EXCELLENT; q=0.9, rtt=5, rtx=0, c=12, mss=1328, tbw=2767, tp=-1, tpl=-1, uplat=0, ullat=-1 pragma public x-fb-debug bKRYDdDoGpTckqqSPTA4r1uDZ1sh13kWbu9Z3T0QXUBlcbnAKAS5LE89E8wqNQpR2fRPo+KAL2lz2z7gKB4yFg== cross-origin-embedder-policy-report-only require-corp;report-to="coep_report" cross-origin-opener-policy same-origin-allow-popups;report-to="coop_report" vary Accept-Encoding report-to {"max_age":2592000,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coop\/?minimize=0"}],"group":"coop_report","include_subdomains":true}, {"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coep\/?minimize=0"}],"group":"coep_report"}, {"max_age":21600,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/"}],"group":"permissions_policy"} content-type application/x-javascript; charset=utf-8 x-frame-options DENY cache-control public, max-age=1200 permissions-policy accelerometer=(), attribution-reporting=(), autoplay=(), battery=(self), bluetooth=(), camera=(), ch-device-memory=(), ch-downlink=(), ch-dpr=(), ch-ect=(), ch-rtt=(), ch-save-data=(), ch-ua-arch=(), ch-ua-bitness=(), ch-viewport-height=(), ch-viewport-width=(), ch-width=(), clipboard-read=(), clipboard-write=(), compute-pressure=(), display-capture=(), encrypted-media=(), fullscreen=(self), gamepad=(), geolocation=(), gyroscope=(), hid=(), idle-detection=(), interest-cohort=(), keyboard-map=(), local-fonts=(), magnetometer=(), microphone=(), midi=(), otp-credentials=(), payment=(), picture-in-picture=(), private-state-token-issuance=(), publickey-credentials-get=(), screen-wake-lock=(), serial=(), shared-storage=(), shared-storage-select-url=(), private-state-token-redemption=(), usb=(), usb-unrestricted=(), unload=(self), window-management=(), xr-spatial-tracking=();report-to="permissions_policy" timing-allow-origin * expires Sat, 01 Jan 2000 00:00:00 GMT
GET DATA	200 OK	truncated /	3 KB 0		Image image/svg+xml
General Check archive.org Show headers Download Go to Show image Full URL data:truncated Protocol DATA Server -, , ASN (), Reverse DNS Software / Resource Hash 7cd31d7afceaa23d20965da7a34a72bb8f655bb843f48ac3fa0d677b7d32ccb2 Request headers Referer User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36 Response headers Content-Type image/svg+xml;charset=utf-8
GET DATA	200 OK	truncated /	3 KB 0		Image image/svg+xml
General Check archive.org Show headers Download Go to Show image Full URL data:truncated Protocol DATA Server -, , ASN (), Reverse DNS Software / Resource Hash ea5c54c241f4be98531eece77f56d39f8b9be0cfaff3a627d0ab34cb941b784f Request headers Referer User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36 Response headers Content-Type image/svg+xml;charset=utf-8
GET DATA	200 OK	truncated /	3 KB 0		Image image/svg+xml
General Check archive.org Show headers Download Go to Show image Full URL data:truncated Protocol DATA Server -, , ASN (), Reverse DNS Software / Resource Hash 6944fac85eb7c67849876eda6c896c1b066f8c63bf0e650864b0e4e3d04c7c9f Request headers Referer User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36 Response headers Content-Type image/svg+xml;charset=utf-8
GET H2	200	7Au9p_AqnyWWAxW2Wk3GzWQI.woff2 fonts.gstatic.com/s/mavenpro/v36/	20 KB 20 KB	30ms 7ms	Font font/woff2	2a00:1450:4001:806::2003 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://fonts.gstatic.com/s/mavenpro/v36/7Au9p_AqnyWWAxW2Wk3GzWQI.woff2 Requested by Host: fonts.googleapis.com URL: https://fonts.googleapis.com/css?family=Maven+Pro:400,700,900 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:806::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software sffe / Resource Hash 8adeed9f90d6d8d483a208f54d5733a0336ee6888436fe8e2e5fb1c41433eaec Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Referer https://fonts.googleapis.com/ Origin https://www.credittreats.com User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36 Response headers date Tue, 16 Jul 2024 14:44:18 GMT x-content-type-options nosniff age 593851 content-security-policy-report-only require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 20064 x-xss-protection 0 last-modified Thu, 11 Apr 2024 18:32:51 GMT server sffe cross-origin-opener-policy same-origin; report-to="apps-themes" report-to {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]} content-type font/woff2 access-control-allow-origin * cache-control public, max-age=31536000 accept-ranges bytes timing-allow-origin * expires Wed, 16 Jul 2025 14:44:18 GMT
GET H2	200	5954731134601563 Show response connect.facebook.net/signals/config/	73 KB 16 KB	401ms 400ms	Script application/x-javascript	2a03:2880:f084:d:face:b00c:0:3 FACEBOOK
General Check archive.org Show headers Download Go to Full URL https://connect.facebook.net/signals/config/5954731134601563?v=2.9.162&r=stable&domain=www.credittreats.com&hme=e67e7d148043b3a377ad0eb1c82669792a67ba5e3bb5734b69e611ae38f939ca&ex_m=68%2C115%2C102%2C106%2C59%2C3%2C95%2C67%2C15%2C92%2C85%2C49%2C52%2C163%2C166%2C178%2C174%2C175%2C177%2C28%2C96%2C51%2C74%2C176%2C158%2C161%2C171%2C172%2C179%2C124%2C39%2C33%2C136%2C14%2C48%2C184%2C183%2C126%2C17%2C38%2C1%2C41%2C63%2C64%2C65%2C69%2C89%2C16%2C13%2C91%2C88%2C87%2C103%2C50%2C105%2C37%2C104%2C29%2C25%2C159%2C162%2C133%2C27%2C10%2C11%2C12%2C5%2C6%2C24%2C21%2C22%2C55%2C60%2C62%2C72%2C97%2C26%2C73%2C8%2C7%2C77%2C46%2C20%2C99%2C98%2C100%2C93%2C9%2C19%2C18%2C82%2C54%2C80%2C32%2C71%2C0%2C90%2C31%2C79%2C84%2C45%2C44%2C83%2C36%2C4%2C86%2C78%2C42%2C34%2C81%2C2%2C35%2C61%2C40%2C101%2C43%2C76%2C66%2C107%2C58%2C57%2C30%2C94%2C56%2C53%2C47%2C75%2C70%2C23%2C108 Requested by Host: connect.facebook.net URL: https://connect.facebook.net/en_US/fbevents.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a03:2880:f084:d:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US), Reverse DNS Software / Resource Hash bf43263ec9723c030b2d3f79e9c73340be9263aecaa346c40d6987702d97b981 Security Headers Name Value Content-Security-Policy default-src 'self' data: blob: facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;script-src *.fbcdn.net *.facebook.net 'unsafe-inline' blob: data: 'self' 'unsafe-eval';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';img-src 'self' data: blob: facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;require-trusted-types-for 'script'; Strict-Transport-Security max-age=31536000; preload; includeSubDomains X-Content-Type-Options nosniff X-Frame-Options DENY X-Xss-Protection 0 Request headers Referer https://www.credittreats.com/ User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36 Response headers content-security-policy default-src 'self' data: blob: facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;script-src *.fbcdn.net *.facebook.net 'unsafe-inline' blob: data: 'self' 'unsafe-eval';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';img-src 'self' data: blob: facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;require-trusted-types-for 'script'; content-encoding gzip x-content-type-options nosniff strict-transport-security max-age=31536000; preload; includeSubDomains date Tue, 23 Jul 2024 11:41:49 GMT document-policy force-load-at-top cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=86400 x-xss-protection 0 reporting-endpoints coop_report="https://www.facebook.com/browser_reporting/coop/?minimize=0", coep_report="https://www.facebook.com/browser_reporting/coep/?minimize=0", permissions_policy="https://www.facebook.com/ajax/browser_error_reports/" x-fb-connection-quality EXCELLENT; q=0.9, rtt=5, rtx=0, c=64, mss=1328, tbw=64155, tp=-1, tpl=-1, uplat=394, ullat=1 pragma public x-fb-debug WQHqp51AxjpkWe/6M5yPNJUlwQz0WRFALetEBB2QPFBlfdz9VzieqJtIuTYllnwMcBNVL5om6Rzb6rT/rphBug== cross-origin-embedder-policy-report-only require-corp;report-to="coep_report" cross-origin-opener-policy same-origin-allow-popups;report-to="coop_report" vary Accept-Encoding report-to {"max_age":2592000,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coop\/?minimize=0"}],"group":"coop_report","include_subdomains":true}, {"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coep\/?minimize=0"}],"group":"coep_report"}, {"max_age":21600,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/"}],"group":"permissions_policy"} content-type application/x-javascript; charset=utf-8 x-frame-options DENY origin-agent-cluster ?0 cache-control public, max-age=1200 permissions-policy accelerometer=(), attribution-reporting=(), autoplay=(), battery=(self), bluetooth=(), camera=(), ch-device-memory=(), ch-downlink=(), ch-dpr=(), ch-ect=(), ch-rtt=(), ch-save-data=(), ch-ua-arch=(), ch-ua-bitness=(), ch-viewport-height=(), ch-viewport-width=(), ch-width=(), clipboard-read=(), clipboard-write=(), compute-pressure=(), display-capture=(), encrypted-media=(), fullscreen=(self), gamepad=(), geolocation=(), gyroscope=(), hid=(), idle-detection=(), interest-cohort=(), keyboard-map=(), local-fonts=(), magnetometer=(), microphone=(), midi=(), otp-credentials=(), payment=(), picture-in-picture=(), private-state-token-issuance=(), publickey-credentials-get=(), screen-wake-lock=(), serial=(), shared-storage=(), shared-storage-select-url=(), private-state-token-redemption=(), usb=(), usb-unrestricted=(), unload=(self), window-management=(), xr-spatial-tracking=();report-to="permissions_policy" timing-allow-origin * expires Sat, 01 Jan 2000 00:00:00 GMT
OPTIONS H2	200	/ moneyfor.com/api/cookies/enabled/	0 0	375ms 162ms	Preflight text/html	35.244.207.205 GOOGLE-CLOUD-PLAT...
General Check archive.org Show headers Download Go to Full URL https://moneyfor.com/api/cookies/enabled/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 35.244.207.205 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US), Reverse DNS 205.207.244.35.bc.googleusercontent.com Software nginx/1.15.5 / PHP/8.1.12 Resource Hash Request headers Accept */* Access-Control-Request-Headers baggage,content-type,sentry-trace Access-Control-Request-Method POST Origin https://www.credittreats.com Sec-Fetch-Mode cors User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36 Response headers access-control-allow-credentials true access-control-allow-headers Content-Type, Cookie, Set-Cookie, Origin, X-Requested-With, X-Form-Theme, X-Form-Build-Number, X-Aid, X-Domain, sentry-trace, baggage, X-Use-Leadprint, X-LeadLogin-Etag access-control-allow-methods GET,POST,PUT,PATCH access-control-allow-origin https://www.credittreats.com access-control-expose-headers ETag alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 cache-control no-cache, private content-encoding gzip content-type text/html; charset=UTF-8 date Tue, 23 Jul 2024 11:41:49 GMT server nginx/1.15.5 via 1.1 google x-app-build-number 2817 x-powered-by PHP/8.1.12
OPTIONS H2	200	/ moneyfor.com/api/lead-login/etag/	0 0	375ms 164ms	Preflight text/html	35.244.207.205 GOOGLE-CLOUD-PLAT...
General Check archive.org Show headers Download Go to Full URL https://moneyfor.com/api/lead-login/etag/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 35.244.207.205 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US), Reverse DNS 205.207.244.35.bc.googleusercontent.com Software nginx/1.15.5 / PHP/8.1.12 Resource Hash Request headers Accept */* Access-Control-Request-Headers baggage,sentry-trace Access-Control-Request-Method GET Origin https://www.credittreats.com Sec-Fetch-Mode cors User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36 Response headers access-control-allow-credentials true access-control-allow-headers Content-Type, Cookie, Set-Cookie, Origin, X-Requested-With, X-Form-Theme, X-Form-Build-Number, X-Aid, X-Domain, sentry-trace, baggage, X-Use-Leadprint, X-LeadLogin-Etag access-control-allow-methods GET,POST,PUT,PATCH access-control-allow-origin https://www.credittreats.com access-control-expose-headers ETag alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 cache-control no-cache, private content-encoding gzip content-type text/html; charset=UTF-8 date Tue, 23 Jul 2024 11:41:49 GMT server nginx/1.15.5 via 1.1 google x-app-build-number 2817 x-powered-by PHP/8.1.12
POST H3	200	/ Show response moneyfor.com/api/cookies/enabled/	52 B 84 B	179ms 168ms	Fetch application/json	35.244.207.205 GOOGLE-CLOUD-PLAT...
General Check archive.org Show headers Download Go to Full URL https://moneyfor.com/api/cookies/enabled/ Requested by Host: www.credittreats.com URL: https://www.credittreats.com/assets/js/sentry_head.js?5c7563167dc64a79ef34 Protocol H3 Security QUIC, , AES_128_GCM Server 35.244.207.205 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US), Reverse DNS 205.207.244.35.bc.googleusercontent.com Software nginx/1.15.5 / PHP/8.1.12 Resource Hash b54a446269c97008d0d32bb22601c410573ead944c5dbad55b84b135128c688c Request headers Referer https://www.credittreats.com/ baggage sentry-trace_id=233237982b7c4c358c072197b96d470d,sentry-sample_rate=1,sentry-transaction=%2F,sentry-public_key=bacddb9aa8984cbaa2863720333937c4,sentry-environment=production,sentry-sampled=true User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36 sentry-trace 233237982b7c4c358c072197b96d470d-bdb06eea16e33fc8-1 Content-Type application/json Response headers date Tue, 23 Jul 2024 11:41:49 GMT content-encoding gzip via 1.1 google server nginx/1.15.5 x-powered-by PHP/8.1.12 access-control-allow-methods GET,POST,PUT,PATCH content-type application/json access-control-allow-origin https://www.credittreats.com x-app-build-number 2817 access-control-expose-headers ETag cache-control no-cache, private access-control-allow-credentials true access-control-allow-headers Content-Type, Cookie, Set-Cookie, Origin, X-Requested-With, X-Form-Theme, X-Form-Build-Number, X-Aid, X-Domain, sentry-trace, baggage, X-Use-Leadprint, X-LeadLogin-Etag alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
GET H3	200	/ moneyfor.com/api/lead-login/etag/	0 0	198ms 189ms	Fetch text/html	35.244.207.205 GOOGLE-CLOUD-PLAT...
General Check archive.org Show headers Download Go to Full URL https://moneyfor.com/api/lead-login/etag/ Requested by Host: www.credittreats.com URL: https://www.credittreats.com/assets/js/sentry_head.js?5c7563167dc64a79ef34 Protocol H3 Security QUIC, , AES_128_GCM Server 35.244.207.205 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US), Reverse DNS 205.207.244.35.bc.googleusercontent.com Software nginx/1.15.5 / PHP/8.1.12 Resource Hash Request headers Referer https://www.credittreats.com/ baggage sentry-trace_id=233237982b7c4c358c072197b96d470d,sentry-sample_rate=1,sentry-transaction=%2F,sentry-public_key=bacddb9aa8984cbaa2863720333937c4,sentry-environment=production,sentry-sampled=true User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36 sentry-trace 233237982b7c4c358c072197b96d470d-ace5b6663d58f4d2-1 Response headers date Tue, 23 Jul 2024 11:41:49 GMT content-encoding identity via 1.1 google x-powered-by PHP/8.1.12 alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 0 server nginx/1.15.5 etag "def5020058c5bed886b850fa50814dbfd71a8a5c045e26891a2522c5d4be78df0921140ad10028977e9ce0c46cc4f4e2142567d9f220a06806fb75e04d3e50da94c847b0e9e29434a4ccad212db417fbd6cdecf64d922837dfcb0c9fb9" access-control-allow-methods GET,POST,PUT,PATCH content-type text/html; charset=UTF-8 access-control-allow-origin https://www.credittreats.com x-app-build-number 2817 access-control-expose-headers ETag cache-control max-age=0, public access-control-allow-credentials true access-control-allow-headers Content-Type, Cookie, Set-Cookie, Origin, X-Requested-With, X-Form-Theme, X-Form-Build-Number, X-Aid, X-Domain, sentry-trace, baggage, X-Use-Leadprint, X-LeadLogin-Etag
GET H2	200	hash.js Show response hashsrv.com/js/	33 KB 12 KB	334ms 108ms	Script application/javascript	18.189.126.174 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://hashsrv.com/js/hash.js Requested by Host: www.credittreats.com URL: https://www.credittreats.com/assets/js/app.js?5c7563167dc64a79ef34 Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 18.189.126.174 Columbus, United States, ASN16509 (AMAZON-02, US), Reverse DNS ec2-18-189-126-174.us-east-2.compute.amazonaws.com Software nginx / Resource Hash a05253ab9886908e654bb384a08558c05c19c7e9af8f476e40125c93578836c0 Request headers Referer https://www.credittreats.com/ User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36 Response headers content-type application/javascript date Tue, 23 Jul 2024 11:41:49 GMT cache-control max-age=43200, public content-encoding gzip server nginx expires Tue, 23 Jul 2024 23:41:49 GMT
GET H2	200	ajax.php Show response www.credittreats.com/api/	226 B 856 B	537ms 537ms	Script application/javascript	104.168.254.95 HOSTWINDS
General Check archive.org Show headers Download Go to Full URL https://www.credittreats.com/api/ajax.php?action=trackvisit Requested by Host: www.credittreats.com URL: https://www.credittreats.com/assets/js/app.js?5c7563167dc64a79ef34 Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 104.168.254.95 , United States, ASN54290 (HOSTWINDS, US), Reverse DNS hwsrv-674212.hostwindsdns.com Software nginx / Resource Hash d29f4605552f9e4f939b8b702f4a3578d9957011b63e64295ef3cc13963a02d7 Request headers Referer https://www.credittreats.com/ User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36 Response headers content-type application/javascript pragma no-cache date Tue, 23 Jul 2024 11:41:49 GMT cache-control no-store, no-cache, must-revalidate content-encoding gzip server nginx expires Thu, 19 Nov 1981 08:52:00 GMT
GET H2	200	01-76983892.png www.credittreats.com/assets/img/resize/	51 KB 52 KB	143ms 142ms	Image image/png	104.168.254.95 HOSTWINDS
General Check archive.org Show headers Download Go to Show image Full URL https://www.credittreats.com/assets/img/resize/01-76983892.png Requested by Host: www.credittreats.com URL: https://www.credittreats.com/ Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 104.168.254.95 , United States, ASN54290 (HOSTWINDS, US), Reverse DNS hwsrv-674212.hostwindsdns.com Software nginx / Resource Hash 2e0ed16fa829dfaafa1256392b88e3f771208aefa6835b203918a6a0ee0745c3 Request headers Referer https://www.credittreats.com/ User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36 Response headers date Tue, 23 Jul 2024 11:41:49 GMT last-modified Tue, 02 Jul 2024 14:19:41 GMT server nginx etag "66840c7d-cde9" content-type image/png cache-control max-age=2592000, public accept-ranges bytes content-length 52713 expires Thu, 22 Aug 2024 11:41:49 GMT
GET H2	200	02-48d07382.png www.credittreats.com/assets/img/resize/	85 KB 85 KB	143ms 143ms	Image image/png	104.168.254.95 HOSTWINDS
General Check archive.org Show headers Download Go to Show image Full URL https://www.credittreats.com/assets/img/resize/02-48d07382.png Requested by Host: www.credittreats.com URL: https://www.credittreats.com/ Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 104.168.254.95 , United States, ASN54290 (HOSTWINDS, US), Reverse DNS hwsrv-674212.hostwindsdns.com Software nginx / Resource Hash bc8af6795ae28250b4bdf06d20a156ac5643d70e964c1c3a8156794cf1f4fee7 Request headers Referer https://www.credittreats.com/ User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36 Response headers date Tue, 23 Jul 2024 11:41:49 GMT last-modified Tue, 02 Jul 2024 14:19:41 GMT server nginx etag "66840c7d-15453" content-type image/png cache-control max-age=2592000, public accept-ranges bytes content-length 87123 expires Thu, 22 Aug 2024 11:41:49 GMT
GET H2	200	/ www.facebook.com/tr/	0 273 B	30ms 7ms	Image text/plain	2a03:2880:f177:185:face:b00c:0:25de FACEBOOK
General Check archive.org Show headers Download Go to Show image Full URL https://www.facebook.com/tr/?id=5954731134601563&ev=PageView&dl=https%3A%2F%2Fwww.credittreats.com&rl=&if=false&ts=1721734909666&sw=1600&sh=1200&v=2.9.162&r=stable&ec=0&o=4124&fbp=fb.1.1721734909664.150342056842128634&pm=1&hrl=ed81ae&ler=empty&cdl=API_unavailable&it=1721734909230&coo=false&cs_cc=1&cas=6930875887016669%2C7069182096544162%2C7940733882604263%2C7810198409047217%2C7848232241875226%2C7082935855150041%2C25101348666178766%2C7563875583670528%2C7549924771753185&rqm=GET Requested by Host: www.credittreats.com URL: https://www.credittreats.com/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a03:2880:f177:185:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US), Reverse DNS Software proxygen-bolt / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Security Headers Name Value Strict-Transport-Security max-age=31536000; includeSubDomains Request headers Referer https://www.credittreats.com/ User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36 Response headers x-fb-connection-quality EXCELLENT; q=0.9, rtt=5, rtx=0, c=10, mss=1328, tbw=2817, tp=-1, tpl=-1, uplat=0, ullat=0 strict-transport-security max-age=31536000; includeSubDomains date Tue, 23 Jul 2024 11:41:49 GMT server proxygen-bolt content-type text/plain access-control-allow-origin access-control-allow-credentials true cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=86400 content-length 0
GET H2	200	/ www.facebook.com/privacy_sandbox/pixel/register/trigger/	67 B 3 KB	206ms 183ms	Image image/png	2a03:2880:f177:185:face:b00c:0:25de FACEBOOK
General Check archive.org Show headers Download Go to Show image Full URL https://www.facebook.com/privacy_sandbox/pixel/register/trigger/?id=5954731134601563&ev=PageView&dl=https%3A%2F%2Fwww.credittreats.com&rl=&if=false&ts=1721734909666&sw=1600&sh=1200&v=2.9.162&r=stable&ec=0&o=4124&fbp=fb.1.1721734909664.150342056842128634&pm=1&hrl=ed81ae&ler=empty&cdl=API_unavailable&it=1721734909230&coo=false&cs_cc=1&cas=6930875887016669%2C7069182096544162%2C7940733882604263%2C7810198409047217%2C7848232241875226%2C7082935855150041%2C25101348666178766%2C7563875583670528%2C7549924771753185&rqm=FGET Requested by Host: www.credittreats.com URL: https://www.credittreats.com/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a03:2880:f177:185:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US), Reverse DNS Software / Resource Hash aa7b6c81e85551eeb5c4809f1e683efa0b780c33d12ddfc2067a1b136803e45a Security Headers Name Value Content-Security-Policy default-src data: blob: 'self' https://*.fbsbx.com 'unsafe-inline' *.facebook.com *.fbcdn.net 'unsafe-eval';script-src *.facebook.com *.fbcdn.net 'unsafe-inline' blob: data: 'self' 'unsafe-eval';style-src *.fbcdn.net data: *.facebook.com 'unsafe-inline';connect-src *.facebook.com facebook.com *.fbcdn.net wss://*.facebook.com:* wss://*.fbcdn.net attachment.fbsbx.com blob: *.cdninstagram.com 'self' http://localhost:3103 wss://gateway.facebook.com wss://edge-chat.facebook.com wss://snaptu-d.facebook.com wss://kaios-d.facebook.com/ *.fbsbx.com;font-src data: *.facebook.com *.fbcdn.net *.fbsbx.com;img-src *.fbcdn.net *.facebook.com data: https://*.fbsbx.com facebook.com *.cdninstagram.com fbsbx.com fbcdn.net blob: android-webview-video-poster: *.oculuscdn.com;media-src *.cdninstagram.com blob: *.fbcdn.net *.fbsbx.com www.facebook.com *.facebook.com data:;frame-src *.facebook.com *.fbsbx.com fbsbx.com data: *.fbcdn.net;worker-src blob: *.facebook.com data:;block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0; Strict-Transport-Security max-age=15552000; preload X-Content-Type-Options nosniff X-Frame-Options DENY X-Xss-Protection 0 Request headers Referer https://www.credittreats.com/ User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36 Response headers content-security-policy default-src data: blob: 'self' https://*.fbsbx.com 'unsafe-inline' *.facebook.com *.fbcdn.net 'unsafe-eval';script-src *.facebook.com *.fbcdn.net 'unsafe-inline' blob: data: 'self' 'unsafe-eval';style-src *.fbcdn.net data: *.facebook.com 'unsafe-inline';connect-src *.facebook.com facebook.com *.fbcdn.net wss://*.facebook.com:* wss://*.fbcdn.net attachment.fbsbx.com blob: *.cdninstagram.com 'self' http://localhost:3103 wss://gateway.facebook.com wss://edge-chat.facebook.com wss://snaptu-d.facebook.com wss://kaios-d.facebook.com/ *.fbsbx.com;font-src data: *.facebook.com *.fbcdn.net *.fbsbx.com;img-src *.fbcdn.net *.facebook.com data: https://*.fbsbx.com facebook.com *.cdninstagram.com fbsbx.com fbcdn.net blob: android-webview-video-poster: *.oculuscdn.com;media-src *.cdninstagram.com blob: *.fbcdn.net *.fbsbx.com www.facebook.com *.facebook.com data:;frame-src *.facebook.com *.fbsbx.com fbsbx.com data: *.fbcdn.net;worker-src blob: *.facebook.com data:;block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0; content-encoding zstd x-content-type-options nosniff strict-transport-security max-age=15552000; preload date Tue, 23 Jul 2024 11:41:49 GMT document-policy force-load-at-top cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=86400 x-xss-protection 0 reporting-endpoints coop_report="https://www.facebook.com/browser_reporting/coop/?minimize=0", coep_report="https://www.facebook.com/browser_reporting/coep/?minimize=0", default="https://www.facebook.com/ajax/browser_error_reports/?device_level=unknown&brsid=7394795128185974517", permissions_policy="https://www.facebook.com/ajax/browser_error_reports/" x-fb-connection-quality EXCELLENT; q=0.9, rtt=5, rtx=0, c=14, mss=1328, tbw=3134, tp=-1, tpl=-1, uplat=175, ullat=0 pragma no-cache x-fb-debug XbwJZNEhwmQ6mDGOSLkSLh/kZ5ovRf1iIhHCTYU8/h4wrFPlRvUf2kuVRZtcACRWe9KzOP9OaYZkdhFqQ647dg== cross-origin-embedder-policy-report-only require-corp;report-to="coep_report" cross-origin-opener-policy same-origin-allow-popups;report-to="coop_report" vary Accept-Encoding report-to {"max_age":2592000,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coop\/?minimize=0"}],"group":"coop_report","include_subdomains":true}, {"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coep\/?minimize=0"}],"group":"coep_report"}, {"max_age":259200,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/?device_level=unknown&brsid=7394795128185974517"}]}, {"max_age":21600,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/"}],"group":"permissions_policy"} content-type image/png x-frame-options DENY origin-agent-cluster ?0 cache-control private, no-store, no-cache, must-revalidate permissions-policy accelerometer=(), attribution-reporting=(self), autoplay=(), battery=(self), bluetooth=(), camera=(self), ch-device-memory=(), ch-downlink=(), ch-dpr=(), ch-ect=(), ch-rtt=(), ch-save-data=(), ch-ua-arch=(), ch-ua-bitness=(), ch-viewport-height=(), ch-viewport-width=(), ch-width=(), clipboard-read=(self), clipboard-write=(self), compute-pressure=(), display-capture=(self), encrypted-media=(self), fullscreen=(self), gamepad=*, geolocation=(self), gyroscope=(), hid=(), idle-detection=(), interest-cohort=(), keyboard-map=(), local-fonts=(), magnetometer=(), microphone=(self), midi=(), otp-credentials=(), payment=(), picture-in-picture=(self), private-state-token-issuance=(), publickey-credentials-get=(self), screen-wake-lock=(), serial=(), shared-storage=(), shared-storage-select-url=(), private-state-token-redemption=(), usb=(), usb-unrestricted=(), unload=(self), window-management=(), xr-spatial-tracking=(self);report-to="permissions_policy" expires Sat, 01 Jan 2000 00:00:00 GMT
POST H2	201	offerPageLoaded formalytics.dev/api/form-event/	0 0	309ms 151ms	Ping application/json	34.107.200.92 GOOGLE-CLOUD-PLAT...
General Check archive.org Show headers Download Go to Full URL https://formalytics.dev/api/form-event/offerPageLoaded?session_id=f71d62003ff2afc4e7f0f3505fa3b577&triggered_at=2024-07-23T13%3A41%3A49.385000%2B2%3A00&form_theme=wallet-lines&domain=www.credittreats.com Requested by Host: www.credittreats.com URL: https://www.credittreats.com/assets/js/app.js?5c7563167dc64a79ef34 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 34.107.200.92 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US), Reverse DNS 92.200.107.34.bc.googleusercontent.com Software / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Request headers Referer https://www.credittreats.com/ User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36 Content-Type text/plain Response headers
POST H3	200	/ Show response moneyfor.com/api/lead-login/can/	58 B 84 B	236ms 235ms	XHR application/json	35.244.207.205 GOOGLE-CLOUD-PLAT...
General Check archive.org Show headers Download Go to Full URL https://moneyfor.com/api/lead-login/can/ Requested by Host: www.credittreats.com URL: https://www.credittreats.com/assets/js/sentry_head.js?5c7563167dc64a79ef34 Protocol H3 Security QUIC, , AES_128_GCM Server 35.244.207.205 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US), Reverse DNS 205.207.244.35.bc.googleusercontent.com Software nginx/1.15.5 / PHP/8.1.12 Resource Hash 792c2dec1aee27c269d9ffee9e1135cd3fbda118788073737d22d5fb36702f0a Request headers Accept application/json, text/javascript, */*; q=0.01 Referer https://www.credittreats.com/ baggage sentry-trace_id=233237982b7c4c358c072197b96d470d,sentry-sample_rate=1,sentry-transaction=%2F,sentry-public_key=bacddb9aa8984cbaa2863720333937c4,sentry-environment=production,sentry-sampled=true User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36 sentry-trace 233237982b7c4c358c072197b96d470d-86646dd177db8e90-1 X-LeadLogin-Etag "def5020058c5bed886b850fa50814dbfd71a8a5c045e26891a2522c5d4be78df0921140ad10028977e9ce0c46cc4f4e2142567d9f220a06806fb75e04d3e50da94c847b0e9e29434a4ccad212db417fbd6cdecf64d922837dfcb0c9fb9" Content-Type application/json Response headers date Tue, 23 Jul 2024 11:41:50 GMT content-encoding gzip via 1.1 google server nginx/1.15.5 x-powered-by PHP/8.1.12 access-control-allow-methods GET,POST,PUT,PATCH content-type application/json access-control-allow-origin https://www.credittreats.com x-app-build-number 2817 access-control-expose-headers ETag cache-control no-cache, private access-control-allow-credentials true access-control-allow-headers Content-Type, Cookie, Set-Cookie, Origin, X-Requested-With, X-Form-Theme, X-Form-Build-Number, X-Aid, X-Domain, sentry-trace, baggage, X-Use-Leadprint, X-LeadLogin-Etag alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
GET H2	200	favicon.ico www.credittreats.com/assets/img/	4 KB 4 KB	144ms 143ms	Other image/x-icon	104.168.254.95 HOSTWINDS
General Check archive.org Show headers Download Go to Full URL https://www.credittreats.com/assets/img/favicon.ico Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 104.168.254.95 , United States, ASN54290 (HOSTWINDS, US), Reverse DNS hwsrv-674212.hostwindsdns.com Software nginx / Resource Hash 41246af7d8c0ec9325cfac319cbdad2a73578495deb9c2aff27031e96a7635e1 Request headers Referer https://www.credittreats.com/ User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36 Response headers date Tue, 23 Jul 2024 11:41:50 GMT last-modified Tue, 02 Jul 2024 14:19:41 GMT server nginx etag "66840c7d-10be" content-type image/x-icon cache-control max-age=2592000, public accept-ranges bytes content-length 4286 expires Thu, 22 Aug 2024 11:41:50 GMT
OPTIONS H2	200	/ moneyfor.com/api/lead-login/can/	0 0	158ms 157ms	Preflight text/html	35.244.207.205 GOOGLE-CLOUD-PLAT...
General Check archive.org Show headers Download Go to Full URL https://moneyfor.com/api/lead-login/can/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 35.244.207.205 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US), Reverse DNS 205.207.244.35.bc.googleusercontent.com Software nginx/1.15.5 / PHP/8.1.12 Resource Hash Request headers Accept */* Access-Control-Request-Headers baggage,content-type,sentry-trace,x-leadlogin-etag Access-Control-Request-Method POST Origin https://www.credittreats.com Sec-Fetch-Mode cors User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36 Response headers access-control-allow-credentials true access-control-allow-headers Content-Type, Cookie, Set-Cookie, Origin, X-Requested-With, X-Form-Theme, X-Form-Build-Number, X-Aid, X-Domain, sentry-trace, baggage, X-Use-Leadprint, X-LeadLogin-Etag access-control-allow-methods GET,POST,PUT,PATCH access-control-allow-origin https://www.credittreats.com access-control-expose-headers ETag alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 cache-control no-cache, private content-encoding gzip content-type text/html; charset=UTF-8 date Tue, 23 Jul 2024 11:41:50 GMT server nginx/1.15.5 via 1.1 google x-app-build-number 2817 x-powered-by PHP/8.1.12
POST H3	200	/ Show response moneyfor.com/api/cookies/enabled/	235 B 207 B	164ms 163ms	Fetch application/json	35.244.207.205 GOOGLE-CLOUD-PLAT...
General Check archive.org Show headers Download Go to Full URL https://moneyfor.com/api/cookies/enabled/ Requested by Host: www.credittreats.com URL: https://www.credittreats.com/assets/js/sentry_head.js?5c7563167dc64a79ef34 Protocol H3 Security QUIC, , AES_128_GCM Server 35.244.207.205 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US), Reverse DNS 205.207.244.35.bc.googleusercontent.com Software nginx/1.15.5 / PHP/8.1.12 Resource Hash b2cb36c73a16a0cc8970683754d1395c961b7b5ace88204f8613b5718547106e Request headers Referer https://www.credittreats.com/ baggage sentry-trace_id=233237982b7c4c358c072197b96d470d,sentry-sample_rate=1,sentry-transaction=%2F,sentry-public_key=bacddb9aa8984cbaa2863720333937c4,sentry-environment=production,sentry-sampled=true User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36 sentry-trace 233237982b7c4c358c072197b96d470d-abad14f9c6db9a18-1 Content-Type application/json Response headers date Tue, 23 Jul 2024 11:41:50 GMT content-encoding gzip via 1.1 google server nginx/1.15.5 x-powered-by PHP/8.1.12 access-control-allow-methods GET,POST,PUT,PATCH content-type application/json access-control-allow-origin https://www.credittreats.com x-app-build-number 2817 access-control-expose-headers ETag cache-control no-cache, private access-control-allow-credentials true access-control-allow-headers Content-Type, Cookie, Set-Cookie, Origin, X-Requested-With, X-Form-Theme, X-Form-Build-Number, X-Aid, X-Domain, sentry-trace, baggage, X-Use-Leadprint, X-LeadLogin-Etag alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
POST H/1.1	200 OK	/ Show response sentry.formalytics.dev/api/2/envelope/	41 B 433 B	514ms 208ms	Fetch application/json	3.128.154.225 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://sentry.formalytics.dev/api/2/envelope/?sentry_key=c0d94f4bc2f14f22b869b68e026bb949&sentry_version=7&sentry_client=sentry.javascript.browser%2F7.77.0 Requested by Host: www.credittreats.com URL: https://www.credittreats.com/assets/js/sentry_head.js?5c7563167dc64a79ef34 Protocol HTTP/1.1 Security TLS 1.3, , AES_128_GCM Server 3.128.154.225 Columbus, United States, ASN16509 (AMAZON-02, US), Reverse DNS ec2-3-128-154-225.us-east-2.compute.amazonaws.com Software nginx / Resource Hash 81d28fe4d8ec7ca3dbb81c5d6957e72afaa2c38501ed906cd49a79e03c816859 Request headers Referer https://www.credittreats.com/ User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36 Content-Type text/plain;charset=UTF-8 Response headers Date Tue, 23 Jul 2024 11:41:51 GMT Server nginx vary origin, access-control-request-method, access-control-request-headers Content-Type application/json Access-Control-Allow-Origin * access-control-expose-headers x-sentry-error,x-sentry-rate-limits,retry-after cross-origin-resource-policy cross-origin Connection keep-alive Content-Length 41

25 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| __SENTRY__ function| captureException function| addBreadcrumb function| fbq function| _fbq function| clearImmediate function| setImmediate function| IMask object| regeneratorRuntime object| formalyticsTracker function| _appMoneyForLogout object| __formConfig string| _userTrackOfferVisitStatusb15c1201887c76c573df51bae4dd8d40b1698 object| _lg_notifications_ function| collectNotificationsFacade function| __AF_executeScript boolean| __AF_HASH_SCRIPT_EXECUTED function| _evercookie_flash_var function| Evercookie function| evercookie object| __AF_BrowserInfo object| __AF_noCtrlVfieldsList object| __AF_ClientInfo string| __sessionData object| _sessionInfo

7 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

			Domain/Path	Expires	Name / Value
			www.credittreats.com/	1969-12-31 23:59:59	Name: PHPSESSID Value: 4k91jeducducjhncj92j5jigi4
			.credittreats.com/	1970-01-21 00:25:10	Name: _fbp Value: fb.1.1721734909664.150342056842128634
			.credittreats.com/	1970-01-20 22:17:01	Name: _lg_form__leadx Value: %7B%22source%22%3A%22%22%2C%22click_id%22%3A%22%22%2C%22aid%22%3A%2210168%22%2C%22sessionId%22%3A%22f71d62003ff2afc4e7f0f3505fa3b577%22%2C%22hash%22%3A%2212d58f4167f4eaab0b176a212de0e6c87643717158fe1b37ad4e57597bd630a0%22%2C%22PHPSESSID%22%3A%224k91jeducducjhncj92j5jigi4%22%7D
			.moneyfor.com/	1970-01-21 07:51:34	Name: mcan Value: 1
			.moneyfor.com/	1970-01-21 07:51:34	Name: mfoid Value: def5020058ea0e019f01b3a5faf31eac9c854a1b9ff38fd038581b3d49b6105c2f02d63b80a7bd065cc0dddda1c1eae4c73b2beccd5c5632bbfa3941a4aac2995f54e3b3874d35c89aff854458ef02873c90f9195da2a34af389b8266d
			www.credittreats.com/	1969-12-31 23:59:59	Name: lg_form_login Value: {%22visitors%22:[]%2C%22offerVisitors%22:[%22def5020058ea0e019f01b3a5faf31eac9c854a1b9ff38fd038581b3d49b6105c2f02d63b80a7bd065cc0dddda1c1eae4c73b2beccd5c5632bbfa3941a4aac2995f54e3b3874d35c89aff854458ef02873c90f9195da2a34af389b8266d%22]%2C%22etags%22:[%22%5C%22def5020058c5bed886b850fa50814dbfd71a8a5c045e26891a2522c5d4be78df0921140ad10028977e9ce0c46cc4f4e2142567d9f220a06806fb75e04d3e50da94c847b0e9e29434a4ccad212db417fbd6cdecf64d922837dfcb0c9fb9%5C%22%22]}
			.www.credittreats.com/	1970-01-21 07:51:34	Name: first Value: lg

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

connect.facebook.net
fonts.googleapis.com
fonts.gstatic.com
formalytics.dev
hashsrv.com
moneyfor.com
sentry.formalytics.dev
www.credittreats.com
www.facebook.com
104.168.254.95
18.189.126.174
2a00:1450:4001:806::2003
2a00:1450:4001:80b::200a
2a03:2880:f084:d:face:b00c:0:3
2a03:2880:f177:185:face:b00c:0:25de
3.128.154.225
34.107.200.92
35.244.207.205
00ce2935bb721a00760248abda13b8a7e0b791c23124bf50ac8c927e1249287d
0d0d0dc2924f8ef87d34e57e64df9f44c1d777897fc4cf4ddcd130ea2af051f5
2e0ed16fa829dfaafa1256392b88e3f771208aefa6835b203918a6a0ee0745c3
41246af7d8c0ec9325cfac319cbdad2a73578495deb9c2aff27031e96a7635e1
41f4035b1c900f32e03144599842f3db91f05896c207210d6dfdff4a013ff1f1
52bfd30f53ba7d1387fae6d1b778e9b30d14aebd6a0d5aaa978a854c879e5cc6
6944fac85eb7c67849876eda6c896c1b066f8c63bf0e650864b0e4e3d04c7c9f
792c2dec1aee27c269d9ffee9e1135cd3fbda118788073737d22d5fb36702f0a
7cd31d7afceaa23d20965da7a34a72bb8f655bb843f48ac3fa0d677b7d32ccb2
81d28fe4d8ec7ca3dbb81c5d6957e72afaa2c38501ed906cd49a79e03c816859
8adeed9f90d6d8d483a208f54d5733a0336ee6888436fe8e2e5fb1c41433eaec
968321150c924b318c16605b30154ff9c29e0bc603582d06fa93e39446315ff7
a05253ab9886908e654bb384a08558c05c19c7e9af8f476e40125c93578836c0
a60794cb460c842bfbe93e3b41ebea6f1de934dc1e5b760d176523e2cb11610d
aa7b6c81e85551eeb5c4809f1e683efa0b780c33d12ddfc2067a1b136803e45a
b2cb36c73a16a0cc8970683754d1395c961b7b5ace88204f8613b5718547106e
b54a446269c97008d0d32bb22601c410573ead944c5dbad55b84b135128c688c
bc8af6795ae28250b4bdf06d20a156ac5643d70e964c1c3a8156794cf1f4fee7
bf43263ec9723c030b2d3f79e9c73340be9263aecaa346c40d6987702d97b981
d11f04f01eddec002fb8cfdea568fcac141d8a2e9d7f0d753cbfb6541afc6664
d29f4605552f9e4f939b8b702f4a3578d9957011b63e64295ef3cc13963a02d7
dce830a9ee11f5f0ad30d579dd5916e6ba9c2debb552ebb8e7d31e37c992a0c8
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
ea5c54c241f4be98531eece77f56d39f8b9be0cfaff3a627d0ab34cb941b784f
eaa003d85cb77f94fcae98396e583ce01d0c375b57235402c884ef8a792b951e
ed7c779fe0010b3a53aaabd5bb3a971b537d1879400c8bb5e6573ab3f7d60488