urlscan.io logo urlscan.io
SecurityTrails logo

www.cdmrevshare.com Open in urlscan Pro
2600:1901:0:84ef::  Public Scan

Go To Rescan Add Verdict Report
Submitted URL: http://t.pr00.net/s/c?47v.1bi5u.6.7yizr.3ghi
Effective URL: https://www.cdmrevshare.com/todays-capout-rates
Submission: On June 29 via manual from US — Scanned from DE
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 12 IPs in 4 countries across 9 domains to perform 44 HTTP transactions. The main IP is 2600:1901:0:84ef::, located in Kansas City, United States and belongs to GOOGLE, US. The main domain is www.cdmrevshare.com.
TLS certificate: Issued by ZeroSSL ECC Domain Secure Site CA on May 28th 2023. Valid for: 3 months.
This is the only time www.cdmrevshare.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

1    216.39.113.144 (United States)

ASN23342 (UNITEDLAYER, US)
PTR: t.pm0.net
t.pr00.net
2    2600:1901:0:84ef:: (Kansas City, United States)

ASN15169 (GOOGLE, US)
www.cdmrevshare.com
18    2606:4700::6812:1c09 (United States)

ASN13335 (CLOUDFLARENET, US)
userapp.zyrosite.com
assets.zyrosite.com
cdn.zyrosite.com
1    2606:4700::6812:1d09 (United States)

ASN13335 (CLOUDFLARENET, US)
cdn.zyrosite.com
2    2a00:1450:4001:82f::2008 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.googletagmanager.com
6    2600:9000:225e:6200:6:9280:1080:93a1 (United States)

ASN16509 (AMAZON-02, US)
s.adroll.com
2    2001:4860:4802:34::36 (United States)

ASN15169 (GOOGLE, US)
region1.google-analytics.com
5    2a03:2880:f045:10:face:b00c:0:3 (Amsterdam, Netherlands)

ASN32934 (FACEBOOK, US)
connect.facebook.net
1    108.138.7.118 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-108-138-7-118.fra56.r.cloudfront.net
static.hotjar.com
1    2a05:d018:cc3:fe05:8f02:8bba:c5d9:726b (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
d.adroll.com
1    52.222.236.122 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-52-222-236-122.fra56.r.cloudfront.net
script.hotjar.com
5    2a03:2880:f176:181:face:b00c:0:25de (Frankfurt am Main, Germany)

ASN32934 (FACEBOOK, US)
www.facebook.com
1    2a03:2880:f045:12:face:b00c:0:2 (Amsterdam, Netherlands)

ASN32934 (FACEBOOK, US)
socialplugin.facebook.net
Apex Domain
Subdomains		 Transfer
19 zyrosite.com
userapp.zyrosite.com — Cisco Umbrella Rank: 186558
cdn.zyrosite.com — Cisco Umbrella Rank: 183439
assets.zyrosite.com — Cisco Umbrella Rank: 148393
582 KB
7 adroll.com
s.adroll.com — Cisco Umbrella Rank: 2811
d.adroll.com — Cisco Umbrella Rank: 1489
108 KB
6 facebook.net
connect.facebook.net — Cisco Umbrella Rank: 173
socialplugin.facebook.net — Cisco Umbrella Rank: 12615
334 KB
5 facebook.com
www.facebook.com — Cisco Umbrella Rank: 100
1 KB
2 hotjar.com
static.hotjar.com — Cisco Umbrella Rank: 753
script.hotjar.com — Cisco Umbrella Rank: 1081
73 KB
2 google-analytics.com
region1.google-analytics.com — Cisco Umbrella Rank: 1623
311 B
2 googletagmanager.com
www.googletagmanager.com — Cisco Umbrella Rank: 79
147 KB
2 cdmrevshare.com
www.cdmrevshare.com
54 KB
1 pr00.net
t.pr00.net — Cisco Umbrella Rank: 749073
406 B
44 9
Domain Requested by
10 assets.zyrosite.com www.cdmrevshare.com
userapp.zyrosite.com
7 cdn.zyrosite.com www.cdmrevshare.com
cdn.zyrosite.com
6 s.adroll.com 1 redirects www.cdmrevshare.com
www.googletagmanager.com
s.adroll.com
5 www.facebook.com www.cdmrevshare.com
connect.facebook.net
5 connect.facebook.net www.cdmrevshare.com
userapp.zyrosite.com
connect.facebook.net
2 region1.google-analytics.com www.googletagmanager.com
2 www.googletagmanager.com www.cdmrevshare.com
2 userapp.zyrosite.com www.cdmrevshare.com
2 www.cdmrevshare.com userapp.zyrosite.com
1 socialplugin.facebook.net connect.facebook.net
1 script.hotjar.com static.hotjar.com
1 d.adroll.com s.adroll.com
1 static.hotjar.com www.cdmrevshare.com
1 t.pr00.net 1 redirects
44 14

This site contains links to these domains. Also see Links.

Domain
clientdirectmortgage.applytojob.com
youtube.com
www.linkedin.com
www.instagram.com
www.facebook.com
Subject Issuer Validity Valid
www.cdmrevshare.com
ZeroSSL ECC Domain Secure Site CA		 2023-05-28 -
2023-08-26		 3 months crt.sh
*.zyrosite.com
Sectigo RSA Domain Validation Secure Server CA		 2022-06-23 -
2023-07-23		 a year crt.sh
*.google-analytics.com
GTS CA 1C3		 2023-05-29 -
2023-08-21		 3 months crt.sh
s.adroll.com
Amazon RSA 2048 M01		 2023-06-03 -
2024-07-01		 a year crt.sh
*.facebook.com
DigiCert SHA2 High Assurance Server CA		 2023-04-08 -
2023-07-07		 3 months crt.sh
*.hotjar.com
Amazon ECDSA 256 M01		 2023-03-09 -
2024-04-06		 a year crt.sh
d.adroll.com
Amazon RSA 2048 M01		 2022-11-08 -
2023-12-07		 a year crt.sh
*.socialplugin.facebook.net
DigiCert SHA2 High Assurance Server CA		 2023-04-08 -
2023-07-07		 3 months crt.sh

This page contains 1 frames:

Primary Page: https://www.cdmrevshare.com/todays-capout-rates
Frame ID: 70C8BE355C40348ED1DE7A17FB39DF3D
Requests: 44 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page Title

CapOut Rates | Client Direct Mortgage - RevShare & CapOut

Page URL History Show full URLs

  1. http://t.pr00.net/s/c?47v.1bi5u.6.7yizr.3ghi HTTP 302
    https://www.cdmrevshare.com/todays-capout-rates Page URL

Detected technologies

Overall confidence: 100%
Detected patterns
  • (?:a|s)\.adroll\.com
Overall confidence: 100%
Detected patterns
  • //connect\.facebook\.([a-z]+)/[^/]*/[a-z]*\.js
Overall confidence: 100%
Detected patterns
Overall confidence: 100%
Detected patterns
  • googletagmanager\.com/gtm\.js
  • googletagmanager\.com/gtag/js
Overall confidence: 100%
Detected patterns
  • //static\.hotjar\.com/

Page Statistics

44
Requests

98 %
HTTPS

77 %
IPv6

9
Domains

14
Subdomains

12
IPs

4
Countries

1300 kB
Transfer

4195 kB
Size

10
Cookies

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

  1. http://t.pr00.net/s/c?47v.1bi5u.6.7yizr.3ghi HTTP 302
    https://www.cdmrevshare.com/todays-capout-rates Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 17
  • https://s.adroll.com/j/exp/DMXDDOQPAJCMPFAMSIAYTL/index.js HTTP 302
  • https://s.adroll.com/j/exp/index.js

44 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
Primary Request todays-capout-rates
www.cdmrevshare.com/
Redirect Chain
  • http://t.pr00.net/s/c?47v.1bi5u.6.7yizr.3ghi
  • https://www.cdmrevshare.com/todays-capout-rates
77 KB
13 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://www.cdmrevshare.com/todays-capout-rates
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2600:1901:0:84ef:: Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
openresty / Zyro.com
Resource Hash
8443df811cbb5695527771f5b90814a63f8e26845a0627f6a7b97ec4ca23fc6f
Security Headers
Name Value
Content-Security-Policy frame-ancestors zyro.com *.zyro.com *.zyro.space *.dp.zyro.space *.hostinger.com *.hostinger.io
Strict-Transport-Security max-age=63072000; includeSubDomains; preload;
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

age
400055
alt-svc
h3=":443"; ma=86400
cache-control
max-age=0, must-revalidate
cf-cache-status
HIT
cf-ray
7def8bf2ebaf0259-CDG
content-encoding
gzip
content-security-policy
frame-ancestors zyro.com *.zyro.com *.zyro.space *.dp.zyro.space *.hostinger.com *.hostinger.io
content-type
text/html
date
Thu, 29 Jun 2023 16:29:08 GMT
etag
W/"eb87a10d677f2b68889ae4be2bbfa253"
last-modified
Mon, 05 Jun 2023 17:24:15 GMT
link
<https://assets.zyrosite.com>; rel=preconnect; crossorigin, <https://userapp.zyrosite.com>; rel=preconnect; crossorigin, <https://fonts.googleapis.com>; rel=preconnect; crossorigin, <https://fonts.gstatic.com>; rel=preconnect; crossorigin, <https://cdn.zyrosite.com>; rel=preconnect; crossorigin
server
openresty
strict-transport-security
max-age=63072000; includeSubDomains; preload;
vary
Accept-Encoding
x-amz-server-side-encryption
AES256
x-content-type-options
nosniff
x-hostinger-datacenter
gcp-europe-west1
x-hostinger-node
gcp-eu-west1-edge5
x-powered-by
Zyro.com
x-xss-protection
1; mode=block

Redirect headers

Connection
Keep-Alive
Content-Length
0
Date
Thu, 29 Jun 2023 16:29:08 GMT
Keep-Alive
timeout=5, max=100
Location
https://www.cdmrevshare.com/todays-capout-rates#todays-capout-rates
Server
Apache/2.4.33 (FreeBSD) OpenSSL/1.0.2k-freebsd mod_jk/1.2.41
index-1637633e.js
userapp.zyrosite.com/1685973276/assets/js/ 		907 KB
252 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://userapp.zyrosite.com/1685973276/assets/js/index-1637633e.js
Requested by
Host: www.cdmrevshare.com
URL: https://www.cdmrevshare.com/todays-capout-rates
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6812:1c09 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
31c9bad5d8d614f731b3a9e8fc47199ee1c157a97fa74ed0a49e493bffba154d
Security Headers
Name Value
Content-Security-Policy frame-ancestors zyro.com editor.zyro.com *.dp.zyro.space *.dp.hostinger.io builder.hostinger.com hostinger.com
Strict-Transport-Security max-age=63072000; includeSubDomains; preload;
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
https://www.cdmrevshare.com/
Origin
https://www.cdmrevshare.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date
Thu, 29 Jun 2023 16:29:09 GMT
strict-transport-security
max-age=63072000; includeSubDomains; preload;
x-content-type-options
nosniff
cf-cache-status
HIT
content-encoding
br
content-security-policy
frame-ancestors zyro.com editor.zyro.com *.dp.zyro.space *.dp.hostinger.io builder.hostinger.com hostinger.com
age
147240
x-amz-server-side-encryption
AES256
x-amz-version-id
.SHFrme1Y6YlfIQKJjQwO.QYMjqg3JN8
x-xss-protection
1; mode=block
last-modified
Mon, 05 Jun 2023 13:55:33 GMT
server
cloudflare
etag
W/"2b6f1f2d109cf78cf180d0d029c2f67e"
vary
Origin, Access-Control-Request-Headers, Access-Control-Request-Method, Accept-Encoding
access-control-allow-methods
GET
content-type
application/javascript
access-control-allow-origin
*
cache-control
max-age=0, must-revalidate
cf-ray
7def8bf399b49bd7-FRA
index-6d7ac3cd.css
userapp.zyrosite.com/1685973276/assets/css/ 		196 KB
24 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://userapp.zyrosite.com/1685973276/assets/css/index-6d7ac3cd.css
Requested by
Host: www.cdmrevshare.com
URL: https://www.cdmrevshare.com/todays-capout-rates
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6812:1c09 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
6d7ac3cda7a8d4a16621bbf644f100ff0232ee2367c3a353e9e538fcd4c980c6
Security Headers
Name Value
Content-Security-Policy frame-ancestors zyro.com editor.zyro.com *.dp.zyro.space *.dp.hostinger.io builder.hostinger.com hostinger.com
Strict-Transport-Security max-age=63072000; includeSubDomains; preload;
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.cdmrevshare.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date
Thu, 29 Jun 2023 16:29:09 GMT
strict-transport-security
max-age=63072000; includeSubDomains; preload;
x-content-type-options
nosniff
cf-cache-status
HIT
content-encoding
br
content-security-policy
frame-ancestors zyro.com editor.zyro.com *.dp.zyro.space *.dp.hostinger.io builder.hostinger.com hostinger.com
age
2076178
x-amz-server-side-encryption
AES256
x-amz-version-id
3.YrGlAbNENPltmqoUYn5eURC1rPUB_T
x-xss-protection
1; mode=block
last-modified
Mon, 05 Jun 2023 13:55:33 GMT
server
cloudflare
etag
W/"c4d3f67f0306e3543147d53d576479e1"
vary
Accept-Encoding
content-type
text/css
cache-control
max-age=0, must-revalidate
cf-ray
7def8bf38a012bf8-FRA
font-faces
cdn.zyrosite.com/u1/google-fonts/ 		16 KB
1 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://cdn.zyrosite.com/u1/google-fonts/font-faces?family=Epilogue:wght@400;700;800&family=Work+Sans:wght@400;500;700&family=Roboto:wght@400;500;700&family=Poppins:wght@400&display=swap
Requested by
Host: www.cdmrevshare.com
URL: https://www.cdmrevshare.com/todays-capout-rates
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6812:1d09 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
69245b24d87d56bd47ecd4f7b4dea925c3e514f730a499125e028a63889f33ae
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN, SAMEORIGIN
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.cdmrevshare.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date
Thu, 29 Jun 2023 16:29:09 GMT
strict-transport-security
max-age=31536000
x-content-type-options
nosniff
cf-cache-status
HIT
content-encoding
br
cross-origin-resource-policy
cross-origin
x-xss-protection
0
x-request-id
Yg21KlQyMRhqR9Kq
last-modified
Wed, 28 Jun 2023 19:12:03 GMT
server
cloudflare
cross-origin-opener-policy
same-origin-allow-popups
etag
W/"401b-Ph/OG5J4deH2bi3iX+XG4iZytac"
vary
Origin, Accept-Encoding
x-frame-options
SAMEORIGIN, SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
public, max-age=86400
access-control-allow-credentials
true
x-ratelimit-reset
1687979584
x-ratelimit-limit
20
cf-ray
7def8bf3ae3d9171-FRA
timing-allow-origin
*
x-ratelimit-remaining
19
expires
Fri, 30 Jun 2023 16:29:09 GMT
cd-logo-white-dJol4JRrElsG9wG9.png
assets.zyrosite.com/cdn-cgi/image/format=auto,w=168,fit=crop,q=95/YX42bz1zqeSDwGJL/ 		7 KB
7 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://assets.zyrosite.com/cdn-cgi/image/format=auto,w=168,fit=crop,q=95/YX42bz1zqeSDwGJL/cd-logo-white-dJol4JRrElsG9wG9.png
Requested by
Host: www.cdmrevshare.com
URL: https://www.cdmrevshare.com/todays-capout-rates
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6812:1c09 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
8331e5ac29ab1d711870f85351305817ec50ea26450673b28f9f6b2c2052dbab
Security Headers
Name Value
Content-Security-Policy default-src 'none'; navigate-to 'none'; form-action 'none'
Strict-Transport-Security max-age=63072000; includeSubDomains; preload;
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.cdmrevshare.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date
Thu, 29 Jun 2023 16:29:09 GMT
strict-transport-security
max-age=63072000; includeSubDomains; preload;
x-content-type-options
nosniff
cf-cache-status
HIT
content-security-policy
default-src 'none'; navigate-to 'none'; form-action 'none'
content-length
6964
cf-resized
internal=ok/h q=0 n=48+0 c=6+59 v=2023.5.0 l=6964
last-modified
Fri, 17 Mar 2023 17:48:20 GMT
cf-bgj
imgq:95,h2pri
server
cloudflare
etag
"cfz3x3NUY6-sU1m2bFUDHHMuTOcpkjpOya-kUITO7ODQ:ea488606e2dc6c29569c97649d6c51ea"
vary
Accept, Accept-Encoding
warning
cf-images 299 "crop fit mode needs both width and height"
content-type
image/avif
access-control-allow-origin
*
cache-control
public
accept-ranges
bytes
cf-ray
7def8bf4ab282bf8-FRA
conventional-rates---june-5th-mxBx8xwDN4HgBxnd.png
assets.zyrosite.com/cdn-cgi/image/format=auto,w=503,h=503,fit=crop/YX42bz1zqeSDwGJL/ 		38 KB
38 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://assets.zyrosite.com/cdn-cgi/image/format=auto,w=503,h=503,fit=crop/YX42bz1zqeSDwGJL/conventional-rates---june-5th-mxBx8xwDN4HgBxnd.png
Requested by
Host: www.cdmrevshare.com
URL: https://www.cdmrevshare.com/todays-capout-rates
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6812:1c09 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e1e5331d1590d63e22acc40aa09682f582c1728a7ce10aeb1c93077b049ee93b
Security Headers
Name Value
Content-Security-Policy default-src 'none'; navigate-to 'none'; form-action 'none'
Strict-Transport-Security max-age=63072000; includeSubDomains; preload;
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.cdmrevshare.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date
Thu, 29 Jun 2023 16:29:09 GMT
strict-transport-security
max-age=63072000; includeSubDomains; preload;
x-content-type-options
nosniff
cf-cache-status
HIT
content-security-policy
default-src 'none'; navigate-to 'none'; form-action 'none'
content-length
38745
cf-resized
internal=ram/h q=0 n=0+0 c=0+0 v=2023.6.4 l=38745
last-modified
Mon, 05 Jun 2023 17:22:14 GMT
cf-bgj
imgq:85,h2pri
server
cloudflare
etag
"cfrXorNREKmqjn97WMQHqE4lheqlZAHgBO2FXBu1U4DQ:91ca64e83775d53c9d546ab94f0da6c0"
vary
Accept, Accept-Encoding
content-type
image/avif
access-control-allow-origin
*
cache-control
public
accept-ranges
bytes
cf-ray
7def8bf59c642bf8-FRA
conventional-rates---june-5th-mxBx8xwDN4HgBxnd.png
assets.zyrosite.com/cdn-cgi/image/format=auto,w=606,h=684,fit=crop/YX42bz1zqeSDwGJL/ 		35 KB
35 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://assets.zyrosite.com/cdn-cgi/image/format=auto,w=606,h=684,fit=crop/YX42bz1zqeSDwGJL/conventional-rates---june-5th-mxBx8xwDN4HgBxnd.png
Requested by
Host: www.cdmrevshare.com
URL: https://www.cdmrevshare.com/todays-capout-rates
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6812:1c09 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
36db34a74006a0ed551ee1088f4dedb4e327b54143c5713bbc59c2be3f66cc4c
Security Headers
Name Value
Content-Security-Policy default-src 'none'; navigate-to 'none'; form-action 'none'
Strict-Transport-Security max-age=63072000; includeSubDomains; preload;
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.cdmrevshare.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date
Thu, 29 Jun 2023 16:29:09 GMT
strict-transport-security
max-age=63072000; includeSubDomains; preload;
x-content-type-options
nosniff
cf-cache-status
HIT
content-security-policy
default-src 'none'; navigate-to 'none'; form-action 'none'
content-length
35341
cf-resized
internal=ram/h q=0 n=0+265 c=0+0 v=2023.6.4 l=35341
last-modified
Mon, 05 Jun 2023 17:22:14 GMT
cf-bgj
imgq:85,h2pri
server
cloudflare
etag
"cfrXorNREKmqjn97WMQHqE4lhelk1I424C4ngYtHnIDQ:91ca64e83775d53c9d546ab94f0da6c0"
vary
Accept, Accept-Encoding
content-type
image/avif
access-control-allow-origin
*
cache-control
public
accept-ranges
bytes
cf-ray
7def8bf60d192bf8-FRA
js
www.googletagmanager.com/gtag/ 		274 KB
92 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagmanager.com/gtag/js?id=G-PSE2ZVCVSZ
Requested by
Host: www.cdmrevshare.com
URL: https://www.cdmrevshare.com/todays-capout-rates
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82f::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
0fcf55f486517fce08122200a8df94cabde0c6097085915ee2e52627ea3e6f29
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.cdmrevshare.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date
Thu, 29 Jun 2023 16:29:09 GMT
content-encoding
br
strict-transport-security
max-age=31536000; includeSubDomains
server
Google Tag Manager
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
access-control-allow-headers
Cache-Control
content-length
93504
x-xss-protection
0
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires
Thu, 29 Jun 2023 16:29:09 GMT
roundtrip.js
s.adroll.com/j/DMXDDOQPAJCMPFAMSIAYTL/ 		87 KB
26 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://s.adroll.com/j/DMXDDOQPAJCMPFAMSIAYTL/roundtrip.js
Requested by
Host: www.cdmrevshare.com
URL: https://www.cdmrevshare.com/todays-capout-rates
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:225e:6200:6:9280:1080:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
2fae6d54de3e530d0e66df7c38dfd34c6b679e134f089b1457aa0e6e9e2a4738

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.cdmrevshare.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

X-Amz-Version-Id
0ZfCLQSCbLhGWoOhQ4tixYcXmjyflmTg
Content-Encoding
gzip
Via
1.1 ba67e20db38657ee5cb05d05b3da9d70.cloudfront.net (CloudFront)
Date
Thu, 29 Jun 2023 16:23:43 GMT
Age
327
X-Amz-Cf-Pop
FRA60-P4
X-Amz-Server-Side-Encryption
AES256
Transfer-Encoding
chunked
X-Cache
Hit from cloudfront
Connection
keep-alive
Last-Modified
Wed, 28 Jun 2023 12:27:39 GMT
Server
AmazonS3
Etag
W/"604cbebe32b21f17d997be6b4b99c53c"
Vary
Accept-Encoding
Access-Control-Allow-Methods
GET
Content-Type
text/javascript; charset=utf-8
Access-Control-Allow-Origin
*
Cache-Control
max-age=3600, must-revalidate
Access-Control-Allow-Credentials
false
Access-Control-Max-Age
600
Access-Control-Allow-Headers
*
X-Amz-Cf-Id
SOdvhzz7ITQdEF_5Pk8nXablzQiR2RAz8fq1nqh-VI9mRz00eQncuA==
font-file
cdn.zyrosite.com/u1/google-fonts/ 		18 KB
18 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://cdn.zyrosite.com/u1/google-fonts/font-file?family=Work+Sans:wght@400&subset=latin&display=swap
Requested by
Host: cdn.zyrosite.com
URL: https://cdn.zyrosite.com/u1/google-fonts/font-faces?family=Epilogue:wght@400;700;800&family=Work+Sans:wght@400;500;700&family=Roboto:wght@400;500;700&family=Poppins:wght@400&display=swap
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6812:1c09 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
d0f47da7c2dc804d036755b6021a068191bed9ec98a761822f130ecaf001d984
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Referer
https://cdn.zyrosite.com/u1/google-fonts/font-faces?family=Epilogue:wght@400;700;800&family=Work+Sans:wght@400;500;700&family=Roboto:wght@400;500;700&family=Poppins:wght@400&display=swap
Origin
https://www.cdmrevshare.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date
Thu, 29 Jun 2023 16:29:09 GMT
x-content-type-options
nosniff
cf-cache-status
HIT
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename=QGY_z_wNahGAdqQ43RhVcIgYT2Xz5u32K0nXBi8Jpo3ZKyHaQQ.woff2
content-length
17936
x-xss-protection
0
x-request-id
dJoGgklVELC7PprY
last-modified
Tue, 23 Aug 2022 17:55:27 GMT
server
cloudflare
cross-origin-opener-policy
same-origin; report-to="apps-themes"
etag
W/"4610-Ycg1+ChOhNlOzcnT2+hc0sosLHU"
vary
Origin, Accept-Encoding
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
access-control-allow-credentials
true
x-frame-options
SAMEORIGIN
accept-ranges
bytes
cf-ray
7def8bf64d909bd7-FRA
timing-allow-origin
*
expires
Fri, 28 Jun 2024 16:29:09 GMT
font-file
cdn.zyrosite.com/u1/google-fonts/ 		13 KB
13 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://cdn.zyrosite.com/u1/google-fonts/font-file?family=Epilogue:wght@800&subset=latin&display=swap
Requested by
Host: cdn.zyrosite.com
URL: https://cdn.zyrosite.com/u1/google-fonts/font-faces?family=Epilogue:wght@400;700;800&family=Work+Sans:wght@400;500;700&family=Roboto:wght@400;500;700&family=Poppins:wght@400&display=swap
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6812:1c09 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
eba45daee01b6afc7a899b1739d05d87c5482383864fd6c2168f3ea1f755b59c
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Referer
https://cdn.zyrosite.com/u1/google-fonts/font-faces?family=Epilogue:wght@400;700;800&family=Work+Sans:wght@400;500;700&family=Roboto:wght@400;500;700&family=Poppins:wght@400&display=swap
Origin
https://www.cdmrevshare.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date
Thu, 29 Jun 2023 16:29:09 GMT
x-content-type-options
nosniff
cf-cache-status
HIT
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename=O4ZMFGj5hxF0EhjimngomvnCCtqb30OXsDTSC5_UqATfVXtU.woff2
content-length
13352
x-xss-protection
0
x-request-id
A0x4GPl0y3uBvXwB
last-modified
Mon, 20 Mar 2023 20:28:41 GMT
server
cloudflare
cross-origin-opener-policy
same-origin; report-to="apps-themes"
etag
W/"3428-PNFgOYwlBZj4PRU94waWfH6GQgM"
vary
Origin, Accept-Encoding
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
access-control-allow-credentials
true
x-frame-options
SAMEORIGIN
accept-ranges
bytes
cf-ray
7def8bf64d949bd7-FRA
timing-allow-origin
*
expires
Fri, 28 Jun 2024 16:29:09 GMT
font-file
cdn.zyrosite.com/u1/google-fonts/ 		13 KB
14 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://cdn.zyrosite.com/u1/google-fonts/font-file?family=Epilogue:wght@700&subset=latin&display=swap
Requested by
Host: cdn.zyrosite.com
URL: https://cdn.zyrosite.com/u1/google-fonts/font-faces?family=Epilogue:wght@400;700;800&family=Work+Sans:wght@400;500;700&family=Roboto:wght@400;500;700&family=Poppins:wght@400&display=swap
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6812:1c09 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
705202ba55b1d27f3eb0ac73f160ad84bc14dff2efd4f5ca39a961486f0e3255
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Referer
https://cdn.zyrosite.com/u1/google-fonts/font-faces?family=Epilogue:wght@400;700;800&family=Work+Sans:wght@400;500;700&family=Roboto:wght@400;500;700&family=Poppins:wght@400&display=swap
Origin
https://www.cdmrevshare.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date
Thu, 29 Jun 2023 16:29:09 GMT
x-content-type-options
nosniff
cf-cache-status
HIT
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename=O4ZMFGj5hxF0EhjimngomvnCCtqb30OX1zTSC5_UqATfVXtU.woff2
content-length
13392
x-xss-protection
0
x-request-id
A3QEGD2g0OfB8wBo
last-modified
Mon, 20 Mar 2023 20:28:41 GMT
server
cloudflare
cross-origin-opener-policy
same-origin; report-to="apps-themes"
etag
W/"3450-qkxwDVxeODWUJ7hcR2rbjOQ3RTg"
vary
Origin, Accept-Encoding
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
access-control-allow-credentials
true
x-frame-options
SAMEORIGIN
accept-ranges
bytes
cf-ray
7def8bf64d959bd7-FRA
timing-allow-origin
*
expires
Fri, 28 Jun 2024 16:29:09 GMT
font-file
cdn.zyrosite.com/u1/google-fonts/ 		18 KB
19 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://cdn.zyrosite.com/u1/google-fonts/font-file?family=Work+Sans:wght@500&subset=latin&display=swap
Requested by
Host: cdn.zyrosite.com
URL: https://cdn.zyrosite.com/u1/google-fonts/font-faces?family=Epilogue:wght@400;700;800&family=Work+Sans:wght@400;500;700&family=Roboto:wght@400;500;700&family=Poppins:wght@400&display=swap
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6812:1c09 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
18b23d1ea565b229c1e605895d1463cee346dc4593483f0c5704052c217b4e1c
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Referer
https://cdn.zyrosite.com/u1/google-fonts/font-faces?family=Epilogue:wght@400;700;800&family=Work+Sans:wght@400;500;700&family=Roboto:wght@400;500;700&family=Poppins:wght@400&display=swap
Origin
https://www.cdmrevshare.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date
Thu, 29 Jun 2023 16:29:09 GMT
x-content-type-options
nosniff
cf-cache-status
HIT
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename=QGY_z_wNahGAdqQ43RhVcIgYT2Xz5u32K3vXBi8Jpo3ZKyHaQQ.woff2
content-length
18880
x-xss-protection
0
x-request-id
Y4LEWg9GEXTWqvN4
last-modified
Tue, 23 Aug 2022 17:55:25 GMT
server
cloudflare
cross-origin-opener-policy
same-origin; report-to="apps-themes"
etag
W/"49c0-K8e7tUTx6ZUgg9uSc20ta+WmQB4"
vary
Origin, Accept-Encoding
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
access-control-allow-credentials
true
x-frame-options
SAMEORIGIN
accept-ranges
bytes
cf-ray
7def8bf64d979bd7-FRA
timing-allow-origin
*
expires
Fri, 28 Jun 2024 16:29:09 GMT
font-file
cdn.zyrosite.com/u1/google-fonts/ 		8 KB
8 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://cdn.zyrosite.com/u1/google-fonts/font-file?family=Poppins:wght@400&subset=latin&display=swap
Requested by
Host: cdn.zyrosite.com
URL: https://cdn.zyrosite.com/u1/google-fonts/font-faces?family=Epilogue:wght@400;700;800&family=Work+Sans:wght@400;500;700&family=Roboto:wght@400;500;700&family=Poppins:wght@400&display=swap
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6812:1c09 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
7d93459d86585bfcdbb7e0376056226adb25821ee54b96236fe2123e9560929f
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Referer
https://cdn.zyrosite.com/u1/google-fonts/font-faces?family=Epilogue:wght@400;700;800&family=Work+Sans:wght@400;500;700&family=Roboto:wght@400;500;700&family=Poppins:wght@400&display=swap
Origin
https://www.cdmrevshare.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date
Thu, 29 Jun 2023 16:29:09 GMT
x-content-type-options
nosniff
cf-cache-status
HIT
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename=pxiEyp8kv8JHgFVrJJfecnFHGPc.woff2
content-length
7884
x-xss-protection
0
x-request-id
dJoG2wZjVESQQqR3
last-modified
Wed, 27 Apr 2022 16:07:00 GMT
server
cloudflare
cross-origin-opener-policy
same-origin; report-to="apps-themes"
etag
W/"1ecc-rG1xtNX90rPavJoG/2wAHkJR2gs"
vary
Origin, Accept-Encoding
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
access-control-allow-credentials
true
x-frame-options
SAMEORIGIN
accept-ranges
bytes
cf-ray
7def8bf64d9c9bd7-FRA
timing-allow-origin
*
expires
Fri, 28 Jun 2024 16:29:09 GMT
let-s-check-how-we-compare-1-YbNbKPQZJEH5O76Q.png
assets.zyrosite.com/cdn-cgi/image/format=auto,w=503,h=503,fit=crop/YX42bz1zqeSDwGJL/ 		6 KB
6 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://assets.zyrosite.com/cdn-cgi/image/format=auto,w=503,h=503,fit=crop/YX42bz1zqeSDwGJL/let-s-check-how-we-compare-1-YbNbKPQZJEH5O76Q.png
Requested by
Host: www.cdmrevshare.com
URL: https://www.cdmrevshare.com/todays-capout-rates
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6812:1c09 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
4cd24ae30266e237b2a50d4d60dcac3a59ca63db19de8a03a3bcf9ae70535bc5
Security Headers
Name Value
Content-Security-Policy default-src 'none'; navigate-to 'none'; form-action 'none'
Strict-Transport-Security max-age=63072000; includeSubDomains; preload;
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.cdmrevshare.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date
Thu, 29 Jun 2023 16:29:09 GMT
strict-transport-security
max-age=63072000; includeSubDomains; preload;
x-content-type-options
nosniff
cf-cache-status
HIT
content-security-policy
default-src 'none'; navigate-to 'none'; form-action 'none'
content-length
6080
cf-resized
internal=ok/h q=0 n=47+86 c=9+350 v=2023.6.4 l=6080
last-modified
Wed, 19 Apr 2023 19:07:56 GMT
cf-bgj
imgq:85,h2pri
server
cloudflare
etag
"cfyrYfkPb97uO1k4YsTaq9AGTnqlZAHgBO2FXBu1U4DQ:a082cbb242fed447eb2e152385a03c38"
vary
Accept, Accept-Encoding
content-type
image/avif
access-control-allow-origin
*
cache-control
public
accept-ranges
bytes
cf-ray
7def8bf6bdea2bf8-FRA
fha-rates---june-5th-YKboNoGrLVsb6xG8.png
assets.zyrosite.com/cdn-cgi/image/format=auto,w=503,h=503,fit=crop/YX42bz1zqeSDwGJL/ 		27 KB
27 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://assets.zyrosite.com/cdn-cgi/image/format=auto,w=503,h=503,fit=crop/YX42bz1zqeSDwGJL/fha-rates---june-5th-YKboNoGrLVsb6xG8.png
Requested by
Host: www.cdmrevshare.com
URL: https://www.cdmrevshare.com/todays-capout-rates
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6812:1c09 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
4badf84018f0a60b05fb45c4074f234eab7763a087a98f1c57a7f363152768db
Security Headers
Name Value
Content-Security-Policy default-src 'none'; navigate-to 'none'; form-action 'none'
Strict-Transport-Security max-age=63072000; includeSubDomains; preload;
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.cdmrevshare.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date
Thu, 29 Jun 2023 16:29:09 GMT
strict-transport-security
max-age=63072000; includeSubDomains; preload;
x-content-type-options
nosniff
cf-cache-status
HIT
content-security-policy
default-src 'none'; navigate-to 'none'; form-action 'none'
content-length
27817
cf-resized
internal=ram/h q=0 n=0+0 c=0+0 v=2023.6.4 l=27817
last-modified
Mon, 05 Jun 2023 17:23:04 GMT
cf-bgj
imgq:85,h2pri
server
cloudflare
etag
"cfUmpbOrBQxznW-KWbzmrmeobEqlZAHgBO2FXBu1U4DQ:a651a4e8da1432c961c2ea12af47e2cc"
vary
Accept, Accept-Encoding
content-type
image/avif
access-control-allow-origin
*
cache-control
public
accept-ranges
bytes
cf-ray
7def8bf6bdec2bf8-FRA
data.json
www.cdmrevshare.com/ 		248 KB
41 KB 		Fetch
General
Check archive.org
Download Go to
Full URL
https://www.cdmrevshare.com/data.json
Requested by
Host: userapp.zyrosite.com
URL: https://userapp.zyrosite.com/1685973276/assets/js/index-1637633e.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2600:1901:0:84ef:: Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
openresty / Zyro.com
Resource Hash
15203b7c1f5041ef6c5c1053c23e6efdafac8c69e0a603213217012a6e742bb1
Security Headers
Name Value
Content-Security-Policy frame-ancestors zyro.com *.zyro.com *.zyro.space *.dp.zyro.space *.hostinger.com *.hostinger.io
Strict-Transport-Security max-age=63072000; includeSubDomains; preload;
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.cdmrevshare.com/todays-capout-rates
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date
Thu, 29 Jun 2023 16:29:09 GMT
content-encoding
gzip
x-content-type-options
nosniff
cf-cache-status
HIT
content-security-policy
frame-ancestors zyro.com *.zyro.com *.zyro.space *.dp.zyro.space *.hostinger.com *.hostinger.io
age
62
x-amz-server-side-encryption
AES256
strict-transport-security
max-age=63072000; includeSubDomains; preload;
x-powered-by
Zyro.com
x-hostinger-datacenter
gcp-europe-west1
alt-svc
h3=":443"; ma=86400
x-xss-protection
1; mode=block
last-modified
Mon, 05 Jun 2023 17:24:10 GMT
server
openresty
etag
W/"b85dd720c65bd60627b526d08517d3cd"
vary
Accept-Encoding
content-type
application/json
cache-control
max-age=0, must-revalidate
x-hostinger-node
gcp-eu-west1-edge5
cf-ray
7def8bf6fe6a0255-CDG
link
<https://assets.zyrosite.com>; rel=preconnect; crossorigin, <https://userapp.zyrosite.com>; rel=preconnect; crossorigin, <https://fonts.googleapis.com>; rel=preconnect; crossorigin, <https://fonts.gstatic.com>; rel=preconnect; crossorigin, <https://cdn.zyrosite.com>; rel=preconnect; crossorigin
va-rates---june-5th-m7VEkEQRx9ueGkX2.png
assets.zyrosite.com/cdn-cgi/image/format=auto,w=503,h=503,fit=crop/YX42bz1zqeSDwGJL/ 		27 KB
27 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://assets.zyrosite.com/cdn-cgi/image/format=auto,w=503,h=503,fit=crop/YX42bz1zqeSDwGJL/va-rates---june-5th-m7VEkEQRx9ueGkX2.png
Requested by
Host: www.cdmrevshare.com
URL: https://www.cdmrevshare.com/todays-capout-rates
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6812:1c09 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
f7c412caade06fc7bc0920f39ef54c9d68370c8d3e462cf3e7aa24b435326e78
Security Headers
Name Value
Content-Security-Policy default-src 'none'; navigate-to 'none'; form-action 'none'
Strict-Transport-Security max-age=63072000; includeSubDomains; preload;
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.cdmrevshare.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date
Thu, 29 Jun 2023 16:29:09 GMT
strict-transport-security
max-age=63072000; includeSubDomains; preload;
x-content-type-options
nosniff
cf-cache-status
HIT
content-security-policy
default-src 'none'; navigate-to 'none'; form-action 'none'
content-length
27216
cf-resized
internal=ram/h q=0 n=0+0 c=0+0 v=2023.6.4 l=27216
last-modified
Mon, 05 Jun 2023 17:23:45 GMT
cf-bgj
imgq:85,h2pri
server
cloudflare
etag
"cfbdYzzzqWNnRZtiQRJn-WH5ZdqlZAHgBO2FXBu1U4DQ:1002c388d33d4849e5f7306d79be39b5"
vary
Accept, Accept-Encoding
content-type
image/avif
access-control-allow-origin
*
cache-control
public
accept-ranges
bytes
cf-ray
7def8bf6ee2a2bf8-FRA
index.js
s.adroll.com/j/exp/
Redirect Chain
  • https://s.adroll.com/j/exp/DMXDDOQPAJCMPFAMSIAYTL/index.js
  • https://s.adroll.com/j/exp/index.js
28 B
785 B 		Script
General
Check archive.org
Download Go to
Full URL
https://s.adroll.com/j/exp/index.js
Requested by
Host: www.cdmrevshare.com
URL: https://www.cdmrevshare.com/todays-capout-rates
Protocol
HTTP/1.1
Server
2600:9000:225e:6200:6:9280:1080:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
f59e5f34a941183aacaed25322ac0856628493c2cfd936ded3fddc0a49510e52

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.cdmrevshare.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

X-Amz-Version-Id
KLTaAvzmAP.1_rS.URSLlTS3u46mZQHP
Date
Wed, 28 Jun 2023 22:02:20 GMT
Via
1.1 ba67e20db38657ee5cb05d05b3da9d70.cloudfront.net (CloudFront)
Age
66410
X-Amz-Cf-Pop
FRA60-P4
X-Amz-Server-Side-Encryption
AES256
X-Cache
Hit from cloudfront
Connection
keep-alive
Content-Length
28
Last-Modified
Tue, 21 Mar 2023 16:39:30 GMT
Server
AmazonS3
Etag
"5816cced8568d223aa09d889f300692b"
Vary
Accept-Encoding
Access-Control-Allow-Methods
GET
Content-Type
application/javascript
Access-Control-Allow-Origin
*
Access-Control-Max-Age
600
Access-Control-Allow-Credentials
false
Accept-Ranges
bytes
Access-Control-Allow-Headers
*
X-Amz-Cf-Id
p62Hb6ATP9iRKcjiRV_eQ3NeroBv7IMGzU4TF8SKtwhzA7SkEp5tBw==

Redirect headers

Date
Thu, 29 Jun 2023 03:20:39 GMT
Via
1.1 ba67e20db38657ee5cb05d05b3da9d70.cloudfront.net (CloudFront)
Age
47310
X-Amz-Cf-Pop
FRA60-P4
X-Cache
Hit from cloudfront
Connection
keep-alive
Content-Length
0
Server
AmazonS3
Access-Control-Max-Age
600
Access-Control-Allow-Methods
GET
Content-Type
application/xml
Location
https://s.adroll.com/j/exp/index.js
Access-Control-Allow-Origin
*
Access-Control-Allow-Credentials
false
Access-Control-Allow-Headers
*
X-Amz-Cf-Id
5uhfGdD-Rw6d99KYEeCNfyuxzAB63VeaRFuuMGdlhxX7b3gleJyN3w==
collect
region1.google-analytics.com/g/ 		0
257 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://region1.google-analytics.com/g/collect?v=2&tid=G-PSE2ZVCVSZ&gtm=45je36s0&_p=686823147&cid=1830778656.1688056150&ul=en-us&sr=1600x1200&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&ngs=1&_s=1&sid=1688056149&sct=1&seg=0&dl=https%3A%2F%2Fwww.cdmrevshare.com%2Ftodays-capout-rates&dt=CapOut%20Rates%20%7C%20Client%20Direct%20Mortgage%20-%20RevShare%20%26%20CapOut&en=page_view&_fv=1&_nsi=1&_ss=1&_ee=1
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-PSE2ZVCVSZ
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2001:4860:4802:34::36 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.cdmrevshare.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 29 Jun 2023 16:29:09 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://www.cdmrevshare.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
fbevents.js
connect.facebook.net/en_US/ 		171 KB
47 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://connect.facebook.net/en_US/fbevents.js
Requested by
Host: www.cdmrevshare.com
URL: https://www.cdmrevshare.com/todays-capout-rates
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a03:2880:f045:10:face:b00c:0:3 Amsterdam, Netherlands, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
/
Resource Hash
e33937c8718b4891cefe03686c4bac285d9265052427e705bce7e677659ed765
Security Headers
Name Value
Content-Security-Policy default-src facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com data: blob: 'self';script-src *.fbcdn.net *.facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;
Strict-Transport-Security max-age=31536000; preload; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.cdmrevshare.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

content-security-policy
default-src facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com data: blob: 'self';script-src *.fbcdn.net *.facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;
content-encoding
gzip
x-content-type-options
nosniff
strict-transport-security
max-age=31536000; preload; includeSubDomains
date
Thu, 29 Jun 2023 16:29:09 GMT
document-policy
force-load-at-top
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
content-length
46863
x-xss-protection
0
pragma
public
x-fb-debug
686rykfyzxGkGCuS6Z75JHHLnAl5ERcE6PRsnAJQh78AXNSivm3Ci3ZcgzidbsM66hZoSBWeyxWv1ISHSiLZmw==
cross-origin-opener-policy
same-origin-allow-popups
vary
Accept-Encoding
x-frame-options
DENY
content-type
application/x-javascript; charset=utf-8
origin-agent-cluster
?0
cache-control
public, max-age=1200
permissions-policy
accelerometer=(), ambient-light-sensor=(), bluetooth=(), camera=(), gyroscope=(), hid=(), idle-detection=(), magnetometer=(), microphone=(), midi=(), payment=(), screen-wake-lock=(), serial=(), usb=()
expires
Sat, 01 Jan 2000 00:00:00 GMT
gtm.js
www.googletagmanager.com/ 		150 KB
55 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagmanager.com/gtm.js?id=GTM-TQLNRDT
Requested by
Host: www.cdmrevshare.com
URL: https://www.cdmrevshare.com/todays-capout-rates
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82f::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
9b1f3599cce3c42b44126e61a31b1f11f88b7dd39e941b57cb69f7a1c2719f31
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.cdmrevshare.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date
Thu, 29 Jun 2023 16:29:09 GMT
content-encoding
br
strict-transport-security
max-age=31536000; includeSubDomains
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
56529
x-xss-protection
0
last-modified
Thu, 29 Jun 2023 15:00:00 GMT
server
Google Tag Manager
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
access-control-allow-headers
Cache-Control
expires
Thu, 29 Jun 2023 16:29:09 GMT
hotjar-3452082.js
static.hotjar.com/c/ 		9 KB
4 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://static.hotjar.com/c/hotjar-3452082.js?sv=6
Requested by
Host: www.cdmrevshare.com
URL: https://www.cdmrevshare.com/todays-capout-rates
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
108.138.7.118 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-108-138-7-118.fra56.r.cloudfront.net
Software
/
Resource Hash
3299a9c0fc997a010a2ab6e76b335c955df3e01af388bad45366c135146d09a1
Security Headers
Name Value
Strict-Transport-Security max-age=2592000; includeSubDomains
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.cdmrevshare.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

strict-transport-security
max-age=2592000; includeSubDomains
content-encoding
br
x-content-type-options
nosniff
date
Thu, 29 Jun 2023 16:28:35 GMT
via
1.1 8d07edb8bf98788bf512d51f8cc554f6.cloudfront.net (CloudFront)
x-amz-cf-pop
FRA56-P6
age
34
x-cache
Hit from cloudfront
cross-origin-resource-policy
cross-origin
etag
W/ccd66f942b25aa5fb990fe9155898ed0
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
x-cache-hit
1
cache-control
max-age=60
x-amz-cf-id
-L1-Jx1bUV7OnCsNJB6tPqFzseGD9gkP-Ma0MqSZ51xqvujlt8egiw==
xfbml.customerchat.js
connect.facebook.net/en_US/sdk/ 		321 KB
91 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://connect.facebook.net/en_US/sdk/xfbml.customerchat.js
Requested by
Host: www.cdmrevshare.com
URL: https://www.cdmrevshare.com/todays-capout-rates
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a03:2880:f045:10:face:b00c:0:3 Amsterdam, Netherlands, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
/
Resource Hash
b043e74d832a2254d9cc51302a9966ba095f9539ebe2b0160cde6478bf495f12
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options DENY

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.cdmrevshare.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

strict-transport-security
max-age=31536000; preload; includeSubDomains
content-encoding
gzip
x-content-type-options
nosniff
date
Thu, 29 Jun 2023 16:29:09 GMT
content-md5
LDSIOMgDsCkas1HRKWyu4Q==
document-policy
force-load-at-top
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
content-length
92607
x-fb-debug
YSTlnX0w8+CTTvV9y/2x8UQYgKDojbVwxVuDrgjCMiAy1xBzm0gG3x5loT/GzH7h5QYJNVgNkPZhfXGKWuEwzw==
x-fb-content-md5
90cda2d240c671c21fb1003b37da0466
cross-origin-opener-policy
same-origin-allow-popups
etag
"0d993f7685a1eb66225f75f8e3d786d3"
vary
Accept-Encoding
x-frame-options
DENY
content-type
application/x-javascript; charset=utf-8
access-control-allow-origin
*
access-control-expose-headers
X-FB-Content-MD5
cache-control
public,max-age=1200,stale-while-revalidate=3600
permissions-policy
accelerometer=(), ambient-light-sensor=(), bluetooth=(), gyroscope=(), hid=(), idle-detection=(), magnetometer=(), microphone=(), midi=(), payment=(), screen-wake-lock=(), serial=(), usb=()
timing-allow-origin
*
expires
Thu, 29 Jun 2023 16:34:03 GMT
sdk.js
connect.facebook.net/en_US/ 		3 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://connect.facebook.net/en_US/sdk.js
Requested by
Host: userapp.zyrosite.com
URL: https://userapp.zyrosite.com/1685973276/assets/js/index-1637633e.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a03:2880:f045:10:face:b00c:0:3 Amsterdam, Netherlands, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
/
Resource Hash
5043e76634aad9148b39aa8c8e1ef48449ea97804f221b0b7397f8888929a8b7
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options DENY

Request headers

Referer
https://www.cdmrevshare.com/
Origin
https://www.cdmrevshare.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

strict-transport-security
max-age=31536000; preload; includeSubDomains
content-encoding
gzip
x-content-type-options
nosniff
date
Thu, 29 Jun 2023 16:29:09 GMT
content-md5
orEZPOXTkCPebmUCRAAFUg==
document-policy
force-load-at-top
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
content-length
1686
x-fb-debug
JWI9Byg8eplwU1U0QCiopGH4RhHiijbZRdZorXuZ6/FKVdLxqZDMumpt6xDINSR3aYWHeo8Twebc+zN6+/LFMA==
x-fb-content-md5
9df2e0b22d800fbd212c2f348ae73d00
cross-origin-opener-policy
same-origin-allow-popups
etag
"62045fc189326e0682a09073ee230601"
vary
Accept-Encoding
x-frame-options
DENY
content-type
application/x-javascript; charset=utf-8
access-control-allow-origin
*
access-control-expose-headers
X-FB-Content-MD5
cache-control
public,max-age=1200,stale-while-revalidate=3600
permissions-policy
accelerometer=(), ambient-light-sensor=(), bluetooth=(), camera=(), gyroscope=(), hid=(), idle-detection=(), magnetometer=(), microphone=(), midi=(), payment=(), screen-wake-lock=(), serial=(), usb=()
timing-allow-origin
*
expires
Thu, 29 Jun 2023 16:44:23 GMT
let-s-check-how-we-compare-1-YbNbKPQZJEH5O76Q.png
assets.zyrosite.com/cdn-cgi/image/format=auto,w=720,h=780,fit=crop/YX42bz1zqeSDwGJL/ 		9 KB
9 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://assets.zyrosite.com/cdn-cgi/image/format=auto,w=720,h=780,fit=crop/YX42bz1zqeSDwGJL/let-s-check-how-we-compare-1-YbNbKPQZJEH5O76Q.png
Requested by
Host: userapp.zyrosite.com
URL: https://userapp.zyrosite.com/1685973276/assets/js/index-1637633e.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6812:1c09 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
89636456d73732c99644d58474a257680effe007c9fd30fce59bfa2633057037
Security Headers
Name Value
Content-Security-Policy default-src 'none'; navigate-to 'none'; form-action 'none'
Strict-Transport-Security max-age=63072000; includeSubDomains; preload;
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.cdmrevshare.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date
Thu, 29 Jun 2023 16:29:10 GMT
strict-transport-security
max-age=63072000; includeSubDomains; preload;
x-content-type-options
nosniff
cf-cache-status
HIT
content-security-policy
default-src 'none'; navigate-to 'none'; form-action 'none'
content-length
8918
cf-resized
internal=ram/h q=0 n=0+79 c=6+551 v=2023.6.4 l=8918
last-modified
Wed, 19 Apr 2023 19:07:56 GMT
cf-bgj
imgq:85,h2pri
server
cloudflare
etag
"cfyrYfkPb97uO1k4YsTaq9AGTnecBcBZ-OPCDFf9RuDQ:a082cbb242fed447eb2e152385a03c38"
vary
Accept, Accept-Encoding
content-type
image/avif
access-control-allow-origin
*
cache-control
public
accept-ranges
bytes
cf-ray
7def8bf929262bf8-FRA
fha-rates---june-5th-YKboNoGrLVsb6xG8.png
assets.zyrosite.com/cdn-cgi/image/format=auto,w=606,h=684,fit=crop/YX42bz1zqeSDwGJL/ 		34 KB
35 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://assets.zyrosite.com/cdn-cgi/image/format=auto,w=606,h=684,fit=crop/YX42bz1zqeSDwGJL/fha-rates---june-5th-YKboNoGrLVsb6xG8.png
Requested by
Host: userapp.zyrosite.com
URL: https://userapp.zyrosite.com/1685973276/assets/js/index-1637633e.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6812:1c09 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
9110211250b4c6c3005655c41a010010cf8b55ba415f71d6bedc5471aba58458
Security Headers
Name Value
Content-Security-Policy default-src 'none'; navigate-to 'none'; form-action 'none'
Strict-Transport-Security max-age=63072000; includeSubDomains; preload;
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.cdmrevshare.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date
Thu, 29 Jun 2023 16:29:10 GMT
strict-transport-security
max-age=63072000; includeSubDomains; preload;
x-content-type-options
nosniff
cf-cache-status
HIT
content-security-policy
default-src 'none'; navigate-to 'none'; form-action 'none'
content-length
35122
cf-resized
internal=ram/h q=0 n=0+273 c=0+0 v=2023.6.4 l=35122
last-modified
Mon, 05 Jun 2023 17:23:04 GMT
cf-bgj
imgq:85,h2pri
server
cloudflare
etag
"cfUmpbOrBQxznW-KWbzmrmeobElk1I424C4ngYtHnIDQ:a651a4e8da1432c961c2ea12af47e2cc"
vary
Accept, Accept-Encoding
content-type
image/avif
access-control-allow-origin
*
cache-control
public
accept-ranges
bytes
cf-ray
7def8bf979802bf8-FRA
va-rates---june-5th-m7VEkEQRx9ueGkX2.png
assets.zyrosite.com/cdn-cgi/image/format=auto,w=606,h=684,fit=crop/YX42bz1zqeSDwGJL/ 		35 KB
35 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://assets.zyrosite.com/cdn-cgi/image/format=auto,w=606,h=684,fit=crop/YX42bz1zqeSDwGJL/va-rates---june-5th-m7VEkEQRx9ueGkX2.png
Requested by
Host: userapp.zyrosite.com
URL: https://userapp.zyrosite.com/1685973276/assets/js/index-1637633e.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6812:1c09 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
2f688cf5c42b7e6dcc659be8e435dacc165703324bebb7077aca054c0725606f
Security Headers
Name Value
Content-Security-Policy default-src 'none'; navigate-to 'none'; form-action 'none'
Strict-Transport-Security max-age=63072000; includeSubDomains; preload;
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.cdmrevshare.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date
Thu, 29 Jun 2023 16:29:10 GMT
strict-transport-security
max-age=63072000; includeSubDomains; preload;
x-content-type-options
nosniff
cf-cache-status
HIT
content-security-policy
default-src 'none'; navigate-to 'none'; form-action 'none'
content-length
35656
cf-resized
internal=ram/h q=0 n=0+159 c=0+0 v=2023.6.4 l=35656
last-modified
Mon, 05 Jun 2023 17:23:45 GMT
cf-bgj
imgq:85,h2pri
server
cloudflare
etag
"cfbdYzzzqWNnRZtiQRJn-WH5Zdlk1I424C4ngYtHnIDQ:1002c388d33d4849e5f7306d79be39b5"
vary
Accept, Accept-Encoding
content-type
image/avif
access-control-allow-origin
*
cache-control
public
accept-ranges
bytes
cf-ray
7def8bf989932bf8-FRA
cd-logo-white-dJol4JRrElsG9wG9.png
assets.zyrosite.com/cdn-cgi/image/format=auto,w=64,fit=crop,q=95/YX42bz1zqeSDwGJL/ 		2 KB
3 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://assets.zyrosite.com/cdn-cgi/image/format=auto,w=64,fit=crop,q=95/YX42bz1zqeSDwGJL/cd-logo-white-dJol4JRrElsG9wG9.png
Requested by
Host: www.cdmrevshare.com
URL: https://www.cdmrevshare.com/todays-capout-rates
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6812:1c09 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
39a10e063d276c660bfa1370eb56856cef202c04fe989bc06baba9dc18d6258d
Security Headers
Name Value
Content-Security-Policy default-src 'none'; navigate-to 'none'; form-action 'none'
Strict-Transport-Security max-age=63072000; includeSubDomains; preload;
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.cdmrevshare.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date
Thu, 29 Jun 2023 16:29:10 GMT
strict-transport-security
max-age=63072000; includeSubDomains; preload;
x-content-type-options
nosniff
cf-cache-status
HIT
content-security-policy
default-src 'none'; navigate-to 'none'; form-action 'none'
content-length
2409
cf-resized
internal=ram/h q=0 n=0+0 c=6+21 v=2023.5.0 l=2409
last-modified
Fri, 17 Mar 2023 17:48:20 GMT
cf-bgj
imgq:95,h2pri
server
cloudflare
etag
"cfz3x3NUY6-sU1m2bFUDHHMuTOIj2SYNFBJBjqmq8iDQ:ea488606e2dc6c29569c97649d6c51ea"
vary
Accept, Accept-Encoding
warning
cf-images 299 "crop fit mode needs both width and height"
content-type
image/avif
access-control-allow-origin
*
cache-control
public
accept-ranges
bytes
cf-ray
7def8bfabb402bf8-FRA
DMXDDOQPAJCMPFAMSIAYTL
d.adroll.com/consent/check/ 		456 B
549 B 		Script
General
Check archive.org
Download Go to
Full URL
https://d.adroll.com/consent/check/DMXDDOQPAJCMPFAMSIAYTL?pv=121496692.57786044&arrfrr=https%3A%2F%2Fwww.cdmrevshare.com%2Ftodays-capout-rates%23todays-capout-rates&_s=623bb4895ea27bbc2950d27c173e4af4&_b=2
Requested by
Host: s.adroll.com
URL: https://s.adroll.com/j/DMXDDOQPAJCMPFAMSIAYTL/roundtrip.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2a05:d018:cc3:fe05:8f02:8bba:c5d9:726b Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
nginx/1.22.1 /
Resource Hash
0041b0b1eb98d1f59322349edc3727d6ca5203e6d0e93a46c6ec4b67f6ed90e5

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.cdmrevshare.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date
Thu, 29 Jun 2023 16:29:10 GMT
server
nginx/1.22.1
content-length
456
content-type
application/javascript
1156115751483121
connect.facebook.net/signals/config/ 		376 KB
107 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://connect.facebook.net/signals/config/1156115751483121?v=2.9.110&r=stable
Requested by
Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/fbevents.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a03:2880:f045:10:face:b00c:0:3 Amsterdam, Netherlands, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
/
Resource Hash
d7ab551ca4286a608a65ee3d6cd9f5952b3436f697eb5772fd69f02a81d69545
Security Headers
Name Value
Content-Security-Policy default-src facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com data: blob: 'self';script-src *.fbcdn.net *.facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;
Strict-Transport-Security max-age=31536000; preload; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.cdmrevshare.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

content-security-policy
default-src facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com data: blob: 'self';script-src *.fbcdn.net *.facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;
content-encoding
gzip
x-content-type-options
nosniff
strict-transport-security
max-age=31536000; preload; includeSubDomains
date
Thu, 29 Jun 2023 16:29:10 GMT
document-policy
force-load-at-top
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
x-xss-protection
0
pragma
public
x-fb-debug
IOwJeLtq4Mw8q6f/tE3//66ThnhJLHk65xpN3I0ULy7xoPKAvsi9/hxo8Ee1wg9f9A/p6xmpuMnYNri9i5rMhQ==
cross-origin-opener-policy
same-origin-allow-popups
vary
Accept-Encoding
x-frame-options
DENY
content-type
application/x-javascript; charset=utf-8
origin-agent-cluster
?0
cache-control
public, max-age=1200
permissions-policy
accelerometer=(), ambient-light-sensor=(), bluetooth=(), camera=(), gyroscope=(), hid=(), idle-detection=(), magnetometer=(), microphone=(), midi=(), payment=(), screen-wake-lock=(), serial=(), usb=()
expires
Sat, 01 Jan 2000 00:00:00 GMT
modules.710fa773759992ae5199.js
script.hotjar.com/ 		270 KB
69 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://script.hotjar.com/modules.710fa773759992ae5199.js
Requested by
Host: static.hotjar.com
URL: https://static.hotjar.com/c/hotjar-3452082.js?sv=6
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
52.222.236.122 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-52-222-236-122.fra56.r.cloudfront.net
Software
/
Resource Hash
8e4eb2fbe2428b73be6461073a48b2059abde0936219b8c1b2cc4b7dfbd85d83
Security Headers
Name Value
Strict-Transport-Security max-age=2592000; includeSubDomains
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.cdmrevshare.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date
Fri, 23 Jun 2023 13:19:07 GMT
content-encoding
br
x-content-type-options
nosniff
strict-transport-security
max-age=2592000; includeSubDomains
via
1.1 ab23076896ec73a1a830c9cdc49fcac4.cloudfront.net (CloudFront)
x-amz-cf-pop
FRA56-P4
age
529803
x-cache
Hit from cloudfront
cross-origin-resource-policy
cross-origin
content-length
70212
last-modified
Fri, 23 Jun 2023 13:18:24 GMT
etag
"c0d8da1fc28983e2914d2514d6175f9a"
vary
Accept-Encoding
content-type
application/javascript
access-control-allow-origin
*
cache-control
max-age=31536000
accept-ranges
bytes
x-robots-tag
none
x-amz-cf-id
tXMLf3crI-p_WK74lr_EevEn5uN6KEVOAj804zoD1XPyYE_wQe0zrA==
sdk.js
connect.facebook.net/en_US/ 		301 KB
86 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://connect.facebook.net/en_US/sdk.js?hash=7492f71e485940beada3079e04ea89c6
Requested by
Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/sdk.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a03:2880:f045:10:face:b00c:0:3 Amsterdam, Netherlands, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
/
Resource Hash
d179fd3a6712e5b27b3f80524ac6c07584ff774a43bb2024a675c4fae2b91ca1
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options DENY

Request headers

Referer
https://www.cdmrevshare.com/
Origin
https://www.cdmrevshare.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

strict-transport-security
max-age=31536000; preload; includeSubDomains
content-encoding
gzip
x-content-type-options
nosniff
date
Thu, 29 Jun 2023 16:29:10 GMT
content-md5
ZMeIi+ktDtO7traNHtzOyQ==
document-policy
force-load-at-top
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
content-length
87283
x-fb-debug
pbCgecfyrhU84bMUa/h+sBvHDKlnaeuwx8B2AVCEPLewL0x1W2RdA5CuMDzYxKLGA1MoZVa+gyBZe3bId/ygAg==
x-fb-content-md5
7ed283167ab64f08bc603a5793c0e250
cross-origin-opener-policy
same-origin-allow-popups
etag
"022ccb6e62803df6b1e5ac00b6a281f8"
vary
Accept-Encoding
x-frame-options
DENY
content-type
application/x-javascript; charset=utf-8
access-control-allow-origin
*
access-control-expose-headers
X-FB-Content-MD5
cache-control
public,max-age=31536000,stale-while-revalidate=3600,immutable
permissions-policy
accelerometer=(), ambient-light-sensor=(), bluetooth=(), camera=(), gyroscope=(), hid=(), idle-detection=(), magnetometer=(), midi=(), payment=(), screen-wake-lock=(), serial=(), usb=()
timing-allow-origin
*
expires
Fri, 28 Jun 2024 15:40:59 GMT
roundtrip.js
s.adroll.com/j/ 		67 KB
22 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://s.adroll.com/j/roundtrip.js
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-TQLNRDT
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:225e:6200:6:9280:1080:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
4a8177ea57b73e6d04544d59b5a48e8ffe03d8904f5c2a2754b9c34219abe82b

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.cdmrevshare.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

X-Amz-Version-Id
ynjGLHCZyIhadPv8Qz1n_wki97bxL8oO
Content-Encoding
gzip
Via
1.1 ba67e20db38657ee5cb05d05b3da9d70.cloudfront.net (CloudFront)
Date
Thu, 29 Jun 2023 15:38:59 GMT
Age
3014
X-Amz-Cf-Pop
FRA60-P4
X-Amz-Server-Side-Encryption
AES256
Transfer-Encoding
chunked
X-Cache
Hit from cloudfront
Connection
keep-alive
Last-Modified
Thu, 22 Jun 2023 17:43:19 GMT
Server
AmazonS3
Etag
W/"527ca8c7c9b842ca9719a241fc1f2629"
Vary
Accept-Encoding
Access-Control-Allow-Methods
GET
Content-Type
text/javascript
Access-Control-Allow-Origin
*
Cache-Control
max-age=3600, must-revalidate
Access-Control-Allow-Credentials
false
Access-Control-Max-Age
600
Access-Control-Allow-Headers
*
X-Amz-Cf-Id
QgRBYQ-596VeRTSFC3U4jMiZYPtSrJKG_LrTaQzrBucwLOAEzwykMg==
consent_tcfv2.js
s.adroll.com/j/ 		418 KB
56 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://s.adroll.com/j/consent_tcfv2.js
Requested by
Host: s.adroll.com
URL: https://s.adroll.com/j/DMXDDOQPAJCMPFAMSIAYTL/roundtrip.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:225e:6200:6:9280:1080:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
30914e620ba424e4691b6f57c37f29e90c723e2360f0c6aec0757e456a923eb1

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.cdmrevshare.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

X-Amz-Version-Id
9mxGGJNi8ryLrVUTXj0j28oaWNsGk.Ww
Content-Encoding
gzip
Via
1.1 ba67e20db38657ee5cb05d05b3da9d70.cloudfront.net (CloudFront)
Date
Thu, 29 Jun 2023 16:26:43 GMT
Age
194
X-Amz-Cf-Pop
FRA60-P4
X-Amz-Server-Side-Encryption
AES256
Transfer-Encoding
chunked
X-Cache
Hit from cloudfront
Connection
keep-alive
Last-Modified
Mon, 19 Jun 2023 14:34:51 GMT
Server
AmazonS3
Etag
W/"8888d355e5a597edba8cd7932dc2044b"
Vary
Accept-Encoding
Access-Control-Allow-Methods
GET
Content-Type
text/javascript
Access-Control-Allow-Origin
*
Cache-Control
max-age=300, must-revalidate
Access-Control-Allow-Credentials
false
Access-Control-Max-Age
600
Access-Control-Allow-Headers
*
X-Amz-Cf-Id
9k-jsxH9xw5A4ISEZlblxTC3ED-OWFV3xF0jZ-_EpDOM16mf8UTU3g==
/
www.facebook.com/tr/ 		0
185 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.facebook.com/tr/?id=1156115751483121&ev=PageView&dl=https%3A%2F%2Fwww.cdmrevshare.com%2Ftodays-capout-rates%23todays-capout-rates&rl=&if=false&ts=1688056150583&sw=1600&sh=1200&v=2.9.110&r=stable&ec=0&o=30&fbp=fb.1.1688056150581.1079498992&cs_est=true&it=1688056150324&coo=false&rqm=GET
Requested by
Host: www.cdmrevshare.com
URL: https://www.cdmrevshare.com/todays-capout-rates
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a03:2880:f176:181:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
proxygen-bolt /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.cdmrevshare.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

strict-transport-security
max-age=31536000; includeSubDomains
date
Thu, 29 Jun 2023 16:29:10 GMT
server
proxygen-bolt
content-type
text/plain
access-control-allow-origin
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
content-length
0
nextroll-32x32.png
s.adroll.com/i/favicon/ 		2 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s.adroll.com/i/favicon/nextroll-32x32.png
Requested by
Host: www.cdmrevshare.com
URL: https://www.cdmrevshare.com/todays-capout-rates
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:225e:6200:6:9280:1080:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
bcaf0e3f087296133e0a996ee3d289a8d1a690147c93e0ab62019b505e6f9355

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.cdmrevshare.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

X-Amz-Version-Id
eTpwxbAIDHDUN.4tfrROIgU_pzKN9Xh0
Date
Wed, 28 Jun 2023 23:46:10 GMT
Via
1.1 ba67e20db38657ee5cb05d05b3da9d70.cloudfront.net (CloudFront)
Age
60181
X-Amz-Cf-Pop
FRA60-P4
X-Amz-Server-Side-Encryption
AES256
X-Cache
Hit from cloudfront
Connection
keep-alive
Content-Length
1615
Last-Modified
Mon, 28 Jun 2021 18:19:21 GMT
Server
AmazonS3
Etag
"403a0a7dcf2d617e7ea852bfb9d11945"
Vary
Accept-Encoding
Access-Control-Allow-Methods
GET
Content-Type
image/png
Access-Control-Allow-Origin
*
Access-Control-Max-Age
600
Access-Control-Allow-Credentials
false
Accept-Ranges
bytes
Access-Control-Allow-Headers
*
X-Amz-Cf-Id
ByJINDhQiiATgZg2FH7jUhndYsZ1j4v05G-pUBgIwidA6p_wLEu-Lw==
/
socialplugin.facebook.net/new_domain_gating/ 		40 B
1 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://socialplugin.facebook.net/new_domain_gating/?endpoint=customerchat&page_id=101500525257900&suppress_http_code=1
Requested by
Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/sdk/xfbml.customerchat.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a03:2880:f045:12:face:b00c:0:2 Amsterdam, Netherlands, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
/
Resource Hash
cdaab024c0121953419a4a1094ffe2ee9a902df55ee79d792e411bac835b9134
Security Headers
Name Value
Content-Security-Policy default-src * data: blob: 'self';script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.google.com 127.0.0.1:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self';block-all-mixed-content;upgrade-insecure-requests;
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 0

Request headers

Referer
https://www.cdmrevshare.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36
Content-type
application/x-www-form-urlencoded

Response headers

content-security-policy
default-src * data: blob: 'self';script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.google.com 127.0.0.1:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self';block-all-mixed-content;upgrade-insecure-requests;
content-encoding
br
x-content-type-options
nosniff
date
Thu, 29 Jun 2023 16:29:10 GMT
document-policy
force-load-at-top
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
x-xss-protection
0
pragma
no-cache
x-fb-debug
vmzDPeIN4bHhlg6Z2THWwimULWddf7wEsU6eBMOKUgseclFR8uFRkwdusrBFSBVaEZ8s5kudNluizMwXsuty4A==
cross-origin-opener-policy
same-origin-allow-popups
vary
Accept-Encoding
x-frame-options
DENY
content-type
application/json; charset=utf-8
access-control-allow-origin
https://www.cdmrevshare.com
origin-agent-cluster
?0
cache-control
private, no-cache, no-store, must-revalidate
permissions-policy
accelerometer=(), ambient-light-sensor=(), bluetooth=(), camera=(), gyroscope=(), hid=(), idle-detection=(), magnetometer=(), microphone=(), midi=(), payment=(), screen-wake-lock=(), serial=(), usb=()
expires
Sat, 01 Jan 2000 00:00:00 GMT
/
www.facebook.com/plugins/customer_chat/SDK/ 		0
116 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://www.facebook.com/plugins/customer_chat/SDK/?app_id=&attribution=install_email&channel=https%3A%2F%2Fstaticxx.facebook.com%2Fx%2Fconnect%2Fxd_arbiter%2F%3Fversion%3D46%23cb%3Df151824961a33e4%26domain%3Dwww.cdmrevshare.com%26is_canvas%3Dfalse%26origin%3Dhttps%253A%252F%252Fwww.cdmrevshare.com%252Ff86beb43e8541%26relation%3Dparent.parent&current_url=https%3A%2F%2Fwww.cdmrevshare.com%2Ftodays-capout-rates%23todays-capout-rates&event_name=chat_plugin_sdk_facade_create&is_loaded_by_facade=true&loading_time=0&locale=en_US&log_id=f712fc1f-87a7-485b-9435-32eb4c098c9d&page_id=101500525257900&request_time=1688056150766&sdk=joey&should_use_new_domain=false&suppress_http_code=1
Requested by
Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/sdk/xfbml.customerchat.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a03:2880:f176:181:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Content-Security-Policy default-src data: blob: 'self' https://*.fbsbx.com 'unsafe-inline' *.facebook.com *.fbcdn.net 'unsafe-eval';script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.google.com 127.0.0.1:* 'unsafe-inline' blob: data: 'self' connect.facebook.net 'unsafe-eval';style-src fonts.googleapis.com *.fbcdn.net data: *.facebook.com 'unsafe-inline';connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' http://localhost:3103 wss://gateway.facebook.com wss://edge-chat.facebook.com wss://snaptu-d.facebook.com wss://kaios-d.facebook.com/ v.whatsapp.net *.fbsbx.com *.fb.com;font-src data: *.gstatic.com *.facebook.com *.fbcdn.net *.fbsbx.com;img-src *.fbcdn.net *.facebook.com data: https://*.fbsbx.com *.tenor.co media.tenor.com facebook.com *.cdninstagram.com fbsbx.com fbcdn.net *.giphy.com connect.facebook.net *.carriersignal.info blob: android-webview-video-poster: googleads.g.doubleclick.net www.googleadservices.com *.whatsapp.net *.fb.com *.oculuscdn.com;media-src *.cdninstagram.com blob: *.fbcdn.net *.fbsbx.com www.facebook.com *.facebook.com https://*.giphy.com data:;frame-src *.doubleclick.net *.google.com *.facebook.com www.googleadservices.com *.fbsbx.com fbsbx.com data: www.instagram.com *.fbcdn.net https://paywithmybank.com https://sandbox.paywithmybank.com;worker-src blob: *.facebook.com data:;block-all-mixed-content;upgrade-insecure-requests;
Strict-Transport-Security max-age=15552000; preload
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 0

Request headers

Referer
https://www.cdmrevshare.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36
Content-type
application/x-www-form-urlencoded

Response headers

content-security-policy
default-src data: blob: 'self' https://*.fbsbx.com 'unsafe-inline' *.facebook.com *.fbcdn.net 'unsafe-eval';script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.google.com 127.0.0.1:* 'unsafe-inline' blob: data: 'self' connect.facebook.net 'unsafe-eval';style-src fonts.googleapis.com *.fbcdn.net data: *.facebook.com 'unsafe-inline';connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' http://localhost:3103 wss://gateway.facebook.com wss://edge-chat.facebook.com wss://snaptu-d.facebook.com wss://kaios-d.facebook.com/ v.whatsapp.net *.fbsbx.com *.fb.com;font-src data: *.gstatic.com *.facebook.com *.fbcdn.net *.fbsbx.com;img-src *.fbcdn.net *.facebook.com data: https://*.fbsbx.com *.tenor.co media.tenor.com facebook.com *.cdninstagram.com fbsbx.com fbcdn.net *.giphy.com connect.facebook.net *.carriersignal.info blob: android-webview-video-poster: googleads.g.doubleclick.net www.googleadservices.com *.whatsapp.net *.fb.com *.oculuscdn.com;media-src *.cdninstagram.com blob: *.fbcdn.net *.fbsbx.com www.facebook.com *.facebook.com https://*.giphy.com data:;frame-src *.doubleclick.net *.google.com *.facebook.com www.googleadservices.com *.fbsbx.com fbsbx.com data: www.instagram.com *.fbcdn.net https://paywithmybank.com https://sandbox.paywithmybank.com;worker-src blob: *.facebook.com data:;block-all-mixed-content;upgrade-insecure-requests;
strict-transport-security
max-age=15552000; preload
x-content-type-options
nosniff
date
Thu, 29 Jun 2023 16:29:10 GMT
document-policy
force-load-at-top
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
content-length
0
x-xss-protection
0
pragma
no-cache
x-fb-debug
2JHSH5Xu+bCTFq+C12xjnxIB/hx4IM51QbZo3QT1SGDI0dEH3r5EGIW1dJL3Y+a7q1nZuFiVjNCp/6mav4PJag==
cross-origin-opener-policy
same-origin-allow-popups
x-frame-options
DENY
report-to
{"max_age":259200,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/?device_level=unknown"}]}
content-type
text/html; charset="utf-8"
access-control-allow-origin
https://www.cdmrevshare.com
origin-agent-cluster
?0
cache-control
private, no-cache, no-store, must-revalidate
permissions-policy
accelerometer=(), ambient-light-sensor=(), bluetooth=(), camera=(self), gyroscope=(), hid=(), idle-detection=(), magnetometer=(), microphone=(self), midi=(), payment=(), screen-wake-lock=(), serial=(), usb=()
priority
u=1,i
expires
Sat, 01 Jan 2000 00:00:00 GMT
/
www.facebook.com/plugins/customer_chat/facade/ 		878 B
623 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://www.facebook.com/plugins/customer_chat/facade/?app_id=&attribution=install_email&channel=https%3A%2F%2Fstaticxx.facebook.com%2Fx%2Fconnect%2Fxd_arbiter%2F%3Fversion%3D46%23cb%3Df151824961a33e4%26domain%3Dwww.cdmrevshare.com%26is_canvas%3Dfalse%26origin%3Dhttps%253A%252F%252Fwww.cdmrevshare.com%252Ff86beb43e8541%26relation%3Dparent.parent&current_url=https%3A%2F%2Fwww.cdmrevshare.com%2Ftodays-capout-rates%23todays-capout-rates&is_loaded_by_facade=true&locale=en_US&log_id=f712fc1f-87a7-485b-9435-32eb4c098c9d&page_id=101500525257900&request_time=1688056150766&sdk=joey&should_use_new_domain=false&suppress_http_code=1
Requested by
Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/sdk/xfbml.customerchat.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a03:2880:f176:181:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
/
Resource Hash
4f2a469f8d1c55f1ec57505a998b1172bef78998c884a718748bef56e8e2d885
Security Headers
Name Value
Content-Security-Policy default-src data: blob: 'self' https://*.fbsbx.com 'unsafe-inline' *.facebook.com *.fbcdn.net 'unsafe-eval';script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.google.com 127.0.0.1:* 'unsafe-inline' blob: data: 'self' connect.facebook.net 'unsafe-eval';style-src fonts.googleapis.com *.fbcdn.net data: *.facebook.com 'unsafe-inline';connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' http://localhost:3103 wss://gateway.facebook.com wss://edge-chat.facebook.com wss://snaptu-d.facebook.com wss://kaios-d.facebook.com/ v.whatsapp.net *.fbsbx.com *.fb.com;font-src data: *.gstatic.com *.facebook.com *.fbcdn.net *.fbsbx.com;img-src *.fbcdn.net *.facebook.com data: https://*.fbsbx.com *.tenor.co media.tenor.com facebook.com *.cdninstagram.com fbsbx.com fbcdn.net *.giphy.com connect.facebook.net *.carriersignal.info blob: android-webview-video-poster: googleads.g.doubleclick.net www.googleadservices.com *.whatsapp.net *.fb.com *.oculuscdn.com;media-src *.cdninstagram.com blob: *.fbcdn.net *.fbsbx.com www.facebook.com *.facebook.com https://*.giphy.com data:;frame-src *.doubleclick.net *.google.com *.facebook.com www.googleadservices.com *.fbsbx.com fbsbx.com data: www.instagram.com *.fbcdn.net https://paywithmybank.com https://sandbox.paywithmybank.com;worker-src blob: *.facebook.com data:;block-all-mixed-content;upgrade-insecure-requests;
Strict-Transport-Security max-age=15552000; preload
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 0

Request headers

Referer
https://www.cdmrevshare.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36
Content-type
application/x-www-form-urlencoded

Response headers

content-security-policy
default-src data: blob: 'self' https://*.fbsbx.com 'unsafe-inline' *.facebook.com *.fbcdn.net 'unsafe-eval';script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.google.com 127.0.0.1:* 'unsafe-inline' blob: data: 'self' connect.facebook.net 'unsafe-eval';style-src fonts.googleapis.com *.fbcdn.net data: *.facebook.com 'unsafe-inline';connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' http://localhost:3103 wss://gateway.facebook.com wss://edge-chat.facebook.com wss://snaptu-d.facebook.com wss://kaios-d.facebook.com/ v.whatsapp.net *.fbsbx.com *.fb.com;font-src data: *.gstatic.com *.facebook.com *.fbcdn.net *.fbsbx.com;img-src *.fbcdn.net *.facebook.com data: https://*.fbsbx.com *.tenor.co media.tenor.com facebook.com *.cdninstagram.com fbsbx.com fbcdn.net *.giphy.com connect.facebook.net *.carriersignal.info blob: android-webview-video-poster: googleads.g.doubleclick.net www.googleadservices.com *.whatsapp.net *.fb.com *.oculuscdn.com;media-src *.cdninstagram.com blob: *.fbcdn.net *.fbsbx.com www.facebook.com *.facebook.com https://*.giphy.com data:;frame-src *.doubleclick.net *.google.com *.facebook.com www.googleadservices.com *.fbsbx.com fbsbx.com data: www.instagram.com *.fbcdn.net https://paywithmybank.com https://sandbox.paywithmybank.com;worker-src blob: *.facebook.com data:;block-all-mixed-content;upgrade-insecure-requests;
content-encoding
br
x-content-type-options
nosniff
strict-transport-security
max-age=15552000; preload
date
Thu, 29 Jun 2023 16:29:10 GMT
document-policy
force-load-at-top
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
x-xss-protection
0
pragma
no-cache
x-fb-debug
4vPeBKVV4oWOmgqrdTsRj06lluejLUcgeKX7pVLkTASppXQbTrHstx6aPfNUnXKHw1kwOwkk9cXMJtdzzonhkw==
cross-origin-opener-policy
same-origin-allow-popups
vary
Accept-Encoding
report-to
{"max_age":259200,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/?device_level=unknown"}]}
content-type
application/json; charset=utf-8
x-frame-options
DENY
access-control-allow-origin
https://www.cdmrevshare.com
origin-agent-cluster
?0
cache-control
private, no-cache, no-store, must-revalidate
permissions-policy
accelerometer=(), ambient-light-sensor=(), bluetooth=(), camera=(self), gyroscope=(), hid=(), idle-detection=(), magnetometer=(), microphone=(self), midi=(), payment=(), screen-wake-lock=(), serial=(), usb=()
priority
u=1,i
expires
Sat, 01 Jan 2000 00:00:00 GMT
/
www.facebook.com/plugins/customer_chat/SDK/ 		0
110 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://www.facebook.com/plugins/customer_chat/SDK/?app_id=&attribution=install_email&channel=https%3A%2F%2Fstaticxx.facebook.com%2Fx%2Fconnect%2Fxd_arbiter%2F%3Fversion%3D46%23cb%3Df151824961a33e4%26domain%3Dwww.cdmrevshare.com%26is_canvas%3Dfalse%26origin%3Dhttps%253A%252F%252Fwww.cdmrevshare.com%252Ff86beb43e8541%26relation%3Dparent.parent&current_url=https%3A%2F%2Fwww.cdmrevshare.com%2Ftodays-capout-rates%23todays-capout-rates&event_name=chat_plugin_sdk_facade_load&is_loaded_by_facade=true&loading_time=128&locale=en_US&log_id=f712fc1f-87a7-485b-9435-32eb4c098c9d&page_id=101500525257900&request_time=1688056150894&sdk=joey&should_use_new_domain=false&suppress_http_code=1
Requested by
Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/sdk/xfbml.customerchat.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a03:2880:f176:181:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Content-Security-Policy default-src data: blob: 'self' https://*.fbsbx.com 'unsafe-inline' *.facebook.com *.fbcdn.net 'unsafe-eval';script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.google.com 127.0.0.1:* 'unsafe-inline' blob: data: 'self' connect.facebook.net 'unsafe-eval';style-src fonts.googleapis.com *.fbcdn.net data: *.facebook.com 'unsafe-inline';connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' http://localhost:3103 wss://gateway.facebook.com wss://edge-chat.facebook.com wss://snaptu-d.facebook.com wss://kaios-d.facebook.com/ v.whatsapp.net *.fbsbx.com *.fb.com;font-src data: *.gstatic.com *.facebook.com *.fbcdn.net *.fbsbx.com;img-src *.fbcdn.net *.facebook.com data: https://*.fbsbx.com *.tenor.co media.tenor.com facebook.com *.cdninstagram.com fbsbx.com fbcdn.net *.giphy.com connect.facebook.net *.carriersignal.info blob: android-webview-video-poster: googleads.g.doubleclick.net www.googleadservices.com *.whatsapp.net *.fb.com *.oculuscdn.com;media-src *.cdninstagram.com blob: *.fbcdn.net *.fbsbx.com www.facebook.com *.facebook.com https://*.giphy.com data:;frame-src *.doubleclick.net *.google.com *.facebook.com www.googleadservices.com *.fbsbx.com fbsbx.com data: www.instagram.com *.fbcdn.net https://paywithmybank.com https://sandbox.paywithmybank.com;worker-src blob: *.facebook.com data:;block-all-mixed-content;upgrade-insecure-requests;
Strict-Transport-Security max-age=15552000; preload
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 0

Request headers

Referer
https://www.cdmrevshare.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36
Content-type
application/x-www-form-urlencoded

Response headers

content-security-policy
default-src data: blob: 'self' https://*.fbsbx.com 'unsafe-inline' *.facebook.com *.fbcdn.net 'unsafe-eval';script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.google.com 127.0.0.1:* 'unsafe-inline' blob: data: 'self' connect.facebook.net 'unsafe-eval';style-src fonts.googleapis.com *.fbcdn.net data: *.facebook.com 'unsafe-inline';connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' http://localhost:3103 wss://gateway.facebook.com wss://edge-chat.facebook.com wss://snaptu-d.facebook.com wss://kaios-d.facebook.com/ v.whatsapp.net *.fbsbx.com *.fb.com;font-src data: *.gstatic.com *.facebook.com *.fbcdn.net *.fbsbx.com;img-src *.fbcdn.net *.facebook.com data: https://*.fbsbx.com *.tenor.co media.tenor.com facebook.com *.cdninstagram.com fbsbx.com fbcdn.net *.giphy.com connect.facebook.net *.carriersignal.info blob: android-webview-video-poster: googleads.g.doubleclick.net www.googleadservices.com *.whatsapp.net *.fb.com *.oculuscdn.com;media-src *.cdninstagram.com blob: *.fbcdn.net *.fbsbx.com www.facebook.com *.facebook.com https://*.giphy.com data:;frame-src *.doubleclick.net *.google.com *.facebook.com www.googleadservices.com *.fbsbx.com fbsbx.com data: www.instagram.com *.fbcdn.net https://paywithmybank.com https://sandbox.paywithmybank.com;worker-src blob: *.facebook.com data:;block-all-mixed-content;upgrade-insecure-requests;
strict-transport-security
max-age=15552000; preload
x-content-type-options
nosniff
date
Thu, 29 Jun 2023 16:29:10 GMT
document-policy
force-load-at-top
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
content-length
0
x-xss-protection
0
pragma
no-cache
x-fb-debug
/ekDtfzZyxulhJzIcNz7BB0tAFhTlrIJc1WPiaygn+Nwq5ZJyb95ZZTidNrU+hcGvHhIdVcHTLQvXwbYQ283LQ==
cross-origin-opener-policy
same-origin-allow-popups
x-frame-options
DENY
report-to
{"max_age":259200,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/?device_level=unknown"}]}
content-type
text/html; charset="utf-8"
access-control-allow-origin
https://www.cdmrevshare.com
origin-agent-cluster
?0
cache-control
private, no-cache, no-store, must-revalidate
permissions-policy
accelerometer=(), ambient-light-sensor=(), bluetooth=(), camera=(self), gyroscope=(), hid=(), idle-detection=(), magnetometer=(), microphone=(self), midi=(), payment=(), screen-wake-lock=(), serial=(), usb=()
priority
u=1,i
expires
Sat, 01 Jan 2000 00:00:00 GMT
font-file
cdn.zyrosite.com/u1/google-fonts/ 		11 KB
11 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://cdn.zyrosite.com/u1/google-fonts/font-file?family=Roboto:wght@700&subset=latin&display=swap
Requested by
Host: cdn.zyrosite.com
URL: https://cdn.zyrosite.com/u1/google-fonts/font-faces?family=Epilogue:wght@400;700;800&family=Work+Sans:wght@400;500;700&family=Roboto:wght@400;500;700&family=Poppins:wght@400&display=swap
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6812:1c09 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
0f53e8b0a717ca4ce313eec62b90d41db62c2f4946259a65c93bf8e84c5b0c44
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Referer
https://cdn.zyrosite.com/u1/google-fonts/font-faces?family=Epilogue:wght@400;700;800&family=Work+Sans:wght@400;500;700&family=Roboto:wght@400;500;700&family=Poppins:wght@400&display=swap
Origin
https://www.cdmrevshare.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date
Thu, 29 Jun 2023 16:29:11 GMT
x-content-type-options
nosniff
cf-cache-status
HIT
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename=KFOlCnqEu92Fr1MmWUlfBBc4AMP6lQ.woff2
content-length
11040
x-xss-protection
0
x-request-id
YX4ZV4pqpQSyGXzg
last-modified
Wed, 11 May 2022 19:24:42 GMT
server
cloudflare
cross-origin-opener-policy
same-origin; report-to="apps-themes"
etag
W/"2b20-YJHZgcKk7pdcf2tWGG7mmAQLuAQ"
vary
Origin, Accept-Encoding
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
access-control-allow-credentials
true
x-frame-options
SAMEORIGIN
accept-ranges
bytes
cf-ray
7def8bff6bc49bd7-FRA
timing-allow-origin
*
expires
Fri, 28 Jun 2024 16:29:11 GMT
/
www.facebook.com/tr/ 		0
54 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.facebook.com/tr/?id=1156115751483121&ev=Microdata&dl=https%3A%2F%2Fwww.cdmrevshare.com%2Ftodays-capout-rates%23todays-capout-rates&rl=&if=false&ts=1688056151087&cd[DataLayer]=%5B%5D&cd[Meta]=%7B%22title%22%3A%22CapOut%20Rates%20%7C%20Client%20Direct%20Mortgage%20-%20RevShare%20%26%20CapOut%22%7D&cd[OpenGraph]=%7B%22og%3Atitle%22%3A%22CapOut%20Rates%20%7C%20Client%20Direct%20Mortgage%20-%20RevShare%20%26%20CapOut%22%2C%22og%3Atype%22%3A%22website%22%2C%22og%3Aurl%22%3A%22https%3A%2F%2Fwww.cdmrevshare.com%2Ftodays-capout-rates%23todays-capout-rates%22%2C%22og%3Aimage%22%3A%22https%3A%2F%2Fassets.zyrosite.com%2Fcdn-cgi%2Fimage%2Fformat%3Dauto%2Cw%3D1200%2Ch%3D630%2Cfit%3Dcrop%2Cf%3Djpeg%2FYX42bz1zqeSDwGJL%2Fthe-best-revshare-only-company-commission-cap-lender-in-the-industry-2-Y4LljgWrjBI7PE96.png%3Fno-cache%3D1688056149736%22%7D&cd[Schema.org]=%5B%5D&cd[JSON-LD]=%5B%5D&sw=1600&sh=1200&v=2.9.110&r=stable&ec=1&o=30&fbp=fb.1.1688056150581.1079498992&it=1688056150324&coo=false&es=automatic&tm=3&rqm=GET
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a03:2880:f176:181:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
proxygen-bolt /
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.cdmrevshare.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

strict-transport-security
max-age=31536000; includeSubDomains
date
Thu, 29 Jun 2023 16:29:11 GMT
server
proxygen-bolt
content-type
text/plain
access-control-allow-origin
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
content-length
0
collect
region1.google-analytics.com/g/ 		0
54 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://region1.google-analytics.com/g/collect?v=2&tid=G-PSE2ZVCVSZ&gtm=45je36s0&_p=686823147&cid=1830778656.1688056150&ul=en-us&sr=1600x1200&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&ngs=1&_s=2&sid=1688056149&sct=1&seg=1&dl=https%3A%2F%2Fwww.cdmrevshare.com%2Ftodays-capout-rates&dt=CapOut%20Rates%20%7C%20Client%20Direct%20Mortgage%20-%20RevShare%20%26%20CapOut&dp=%2Ftodays-capout-rates&en=page_view&_ee=1&_et=4
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-PSE2ZVCVSZ
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2001:4860:4802:34::36 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.cdmrevshare.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 29 Jun 2023 16:29:14 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://www.cdmrevshare.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Verdicts & Comments Add Verdict or Comment

51 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| 0 boolean| credentialless object| onbeforetoggle object| onscrollend boolean| _isAppHydrating function| gtag object| dataLayer string| adroll_adv_id string| adroll_pix_id string| adroll_version boolean| __adroll_loaded object| adroll object| __vueuse_ssr_handlers__ boolean| __VUE__ function| __adroll__ string| adroll_sid object| __adroll function| __cmp function| __tcfapi boolean| adroll_sendrolling_cross_device object| adroll_form_fields function| adroll_tpc_callback object| google_tag_manager object| google_tag_data function| onYouTubeIframeAPIReady object| gaGlobal function| fbq function| _fbq function| hj object| _hjSettings function| fbAsyncInit object| __adroll_consent_data object| adroll_exp_list object| hjSiteSettings function| hjBootstrap object| hjBootstrapCalled object| hjLazyModules object| FB object| __buffer object| __adroll_consent boolean| __adroll_consent_is_gdpr string| __adroll_consent_user_country string| __adroll_consent_adv_country boolean| adroll_optout object| adroll_loaded object| $jscomp string| BANNER_VERSION string| TCF_VERSION string| IABWRITE_NO_COOKIE object| __adroll_consent_banner boolean| __adroll_consent_prev_lastchild

10 Cookies

Domain/Path Name / Value
t.pr00.net/s Name: wtIDS
Value: 47v.1bi5u.6.7yizr.3ghi
t.pr00.net/s Name: wtIDV
Value: 47v.1bi5u.6.7yizr.3ghi
.cdmrevshare.com/ Name: _ga
Value: GA1.1.1830778656.1688056150
.cdmrevshare.com/ Name: _ga_PSE2ZVCVSZ
Value: GS1.1.1688056149.1.1.1688056149.0.0.0
.cdmrevshare.com/ Name: _hjSessionUser_3452082
Value: eyJpZCI6ImEyNDVhZTI3LTQ2MGEtNTE3Ny04ZDQyLTJkN2MwYWE4MTgwMiIsImNyZWF0ZWQiOjE2ODgwNTYxNTA1NDAsImV4aXN0aW5nIjpmYWxzZX0=
.cdmrevshare.com/ Name: _hjFirstSeen
Value: 1
.cdmrevshare.com/ Name: _hjIncludedInSessionSample_3452082
Value: 0
.cdmrevshare.com/ Name: _hjSession_3452082
Value: eyJpZCI6IjgwYWRlYzJmLWY2M2MtNDg4Ny1hZDljLWU2ZDZlMWE0ODA3MCIsImNyZWF0ZWQiOjE2ODgwNTYxNTA1NjAsImluU2FtcGxlIjpmYWxzZX0=
.cdmrevshare.com/ Name: _hjAbsoluteSessionInProgress
Value: 0
.cdmrevshare.com/ Name: _fbp
Value: fb.1.1688056150581.1079498992

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header Value
Content-Security-Policy frame-ancestors zyro.com *.zyro.com *.zyro.space *.dp.zyro.space *.hostinger.com *.hostinger.io
Strict-Transport-Security max-age=63072000; includeSubDomains; preload;
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

assets.zyrosite.com
cdn.zyrosite.com
connect.facebook.net
d.adroll.com
region1.google-analytics.com
s.adroll.com
script.hotjar.com
socialplugin.facebook.net
static.hotjar.com
t.pr00.net
userapp.zyrosite.com
www.cdmrevshare.com
www.facebook.com
www.googletagmanager.com
108.138.7.118
2001:4860:4802:34::36
216.39.113.144
2600:1901:0:84ef::
2600:9000:225e:6200:6:9280:1080:93a1
2606:4700::6812:1c09
2606:4700::6812:1d09
2a00:1450:4001:82f::2008
2a03:2880:f045:10:face:b00c:0:3
2a03:2880:f045:12:face:b00c:0:2
2a03:2880:f176:181:face:b00c:0:25de
2a05:d018:cc3:fe05:8f02:8bba:c5d9:726b
52.222.236.122
0041b0b1eb98d1f59322349edc3727d6ca5203e6d0e93a46c6ec4b67f6ed90e5
0f53e8b0a717ca4ce313eec62b90d41db62c2f4946259a65c93bf8e84c5b0c44
0fcf55f486517fce08122200a8df94cabde0c6097085915ee2e52627ea3e6f29
15203b7c1f5041ef6c5c1053c23e6efdafac8c69e0a603213217012a6e742bb1
18b23d1ea565b229c1e605895d1463cee346dc4593483f0c5704052c217b4e1c
2f688cf5c42b7e6dcc659be8e435dacc165703324bebb7077aca054c0725606f
2fae6d54de3e530d0e66df7c38dfd34c6b679e134f089b1457aa0e6e9e2a4738
30914e620ba424e4691b6f57c37f29e90c723e2360f0c6aec0757e456a923eb1
31c9bad5d8d614f731b3a9e8fc47199ee1c157a97fa74ed0a49e493bffba154d
3299a9c0fc997a010a2ab6e76b335c955df3e01af388bad45366c135146d09a1
36db34a74006a0ed551ee1088f4dedb4e327b54143c5713bbc59c2be3f66cc4c
39a10e063d276c660bfa1370eb56856cef202c04fe989bc06baba9dc18d6258d
4a8177ea57b73e6d04544d59b5a48e8ffe03d8904f5c2a2754b9c34219abe82b
4badf84018f0a60b05fb45c4074f234eab7763a087a98f1c57a7f363152768db
4cd24ae30266e237b2a50d4d60dcac3a59ca63db19de8a03a3bcf9ae70535bc5
4f2a469f8d1c55f1ec57505a998b1172bef78998c884a718748bef56e8e2d885
5043e76634aad9148b39aa8c8e1ef48449ea97804f221b0b7397f8888929a8b7
69245b24d87d56bd47ecd4f7b4dea925c3e514f730a499125e028a63889f33ae
6d7ac3cda7a8d4a16621bbf644f100ff0232ee2367c3a353e9e538fcd4c980c6
705202ba55b1d27f3eb0ac73f160ad84bc14dff2efd4f5ca39a961486f0e3255
7d93459d86585bfcdbb7e0376056226adb25821ee54b96236fe2123e9560929f
8331e5ac29ab1d711870f85351305817ec50ea26450673b28f9f6b2c2052dbab
8443df811cbb5695527771f5b90814a63f8e26845a0627f6a7b97ec4ca23fc6f
89636456d73732c99644d58474a257680effe007c9fd30fce59bfa2633057037
8e4eb2fbe2428b73be6461073a48b2059abde0936219b8c1b2cc4b7dfbd85d83
9110211250b4c6c3005655c41a010010cf8b55ba415f71d6bedc5471aba58458
9b1f3599cce3c42b44126e61a31b1f11f88b7dd39e941b57cb69f7a1c2719f31
b043e74d832a2254d9cc51302a9966ba095f9539ebe2b0160cde6478bf495f12
bcaf0e3f087296133e0a996ee3d289a8d1a690147c93e0ab62019b505e6f9355
cdaab024c0121953419a4a1094ffe2ee9a902df55ee79d792e411bac835b9134
d0f47da7c2dc804d036755b6021a068191bed9ec98a761822f130ecaf001d984
d179fd3a6712e5b27b3f80524ac6c07584ff774a43bb2024a675c4fae2b91ca1
d7ab551ca4286a608a65ee3d6cd9f5952b3436f697eb5772fd69f02a81d69545
e1e5331d1590d63e22acc40aa09682f582c1728a7ce10aeb1c93077b049ee93b
e33937c8718b4891cefe03686c4bac285d9265052427e705bce7e677659ed765
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
eba45daee01b6afc7a899b1739d05d87c5482383864fd6c2168f3ea1f755b59c
f59e5f34a941183aacaed25322ac0856628493c2cfd936ded3fddc0a49510e52
f7c412caade06fc7bc0920f39ef54c9d68370c8d3e462cf3e7aa24b435326e78