urlscan.io logo urlscan.io
SecurityTrails logo

www.markocpm.com Open in urlscan Pro
45.93.125.49  Public Scan

Go To Rescan Add Verdict Report
URL: http://www.markocpm.com/
Submission: On February 17 via manual from LT
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 12 IPs in 4 countries across 11 domains to perform 68 HTTP transactions. The main IP is 45.93.125.49, located in Germany and belongs to AS-HOSTINGER, CY. The main domain is www.markocpm.com.
This is the only time www.markocpm.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
1 45.93.125.49 47583 (AS-HOSTINGER)
3 12 2606:4700:303... 13335 (CLOUDFLAR...)
19 147.135.220.104 16276 (OVH)
3 178.211.40.147 197328 (INETLTD)
9 77.245.57.72 36057 (WEBAIR-IN...)
6 35.227.196.138 15169 (GOOGLE)
3 23.79.135.60 16625 (AKAMAI-AS)
3 2.17.189.76 16625 (AKAMAI-AS)
3 104.108.35.126 16625 (AKAMAI-AS)
6 5.101.110.225 14061 (DIGITALOC...)
3 2a00:1450:400... 15169 (GOOGLE)
68 12
1    45.93.125.49 (Germany)

ASN47583 (AS-HOSTINGER, CY)
www.markocpm.com
12    2606:4700:3031::ac43:89c2 (United States)

ASN13335 (CLOUDFLARENET, US)
cpm-ad.com
19    147.135.220.104 (France)

ASN16276 (OVH, FR)
PTR: ns3074226.ip-147-135-220.eu
g.cash-ads.com
3    178.211.40.147 (Turkey)

ASN197328 (INETLTD, TR)
mfk-network.com
9    77.245.57.72 (United States)

ASN36057 (WEBAIR-INTERNET-MTL, US)
cpm.ezmob.com
6    35.227.196.138 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 138.196.227.35.bc.googleusercontent.com
www.performanceonclick.com
3    23.79.135.60 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a23-79-135-60.deploy.static.akamaitechnologies.com
gloimg.gbtcdn.com
3    2.17.189.76 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a2-17-189-76.deploy.static.akamaitechnologies.com
imgaz.staticbg.com
3    104.108.35.126 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a104-108-35-126.deploy.static.akamaitechnologies.com
ae01.alicdn.com
6    5.101.110.225 (United States)

ASN14061 (DIGITALOCEAN-ASN, US)
beluga-cdn.ams3.digitaloceanspaces.com
3    2a00:1450:4001:827::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.google-analytics.com
Domain Requested by
19 g.cash-ads.com cpm-ad.com
g.cash-ads.com
12 cpm-ad.com 3 redirects www.markocpm.com
cpm-ad.com
9 cpm.ezmob.com cpm-ad.com
6 beluga-cdn.ams3.digitaloceanspaces.com cpm-ad.com
cpm.ezmob.com
6 www.performanceonclick.com cpm.ezmob.com
www.performanceonclick.com
3 www.google-analytics.com cpm-ad.com
3 ae01.alicdn.com mfk-network.com
3 imgaz.staticbg.com mfk-network.com
3 gloimg.gbtcdn.com mfk-network.com
3 mfk-network.com cpm-ad.com
1 www.markocpm.com
0 xml.ezmob.com Failed g.cash-ads.com
68 12

This site contains no links.

Subject Issuer Validity Valid
sni.cloudflaressl.com
Cloudflare Inc ECC CA-3		 2020-08-17 -
2021-08-17		 a year crt.sh
g.cash-ads.com
R3		 2021-01-24 -
2021-04-24		 3 months crt.sh
mfk-network.com
R3		 2021-01-15 -
2021-04-15		 3 months crt.sh
*.ezmob.com
AlphaSSL CA - SHA256 - G2		 2019-02-25 -
2021-02-25		 2 years crt.sh
performanceonclick.com
Sectigo RSA Domain Validation Secure Server CA		 2020-06-01 -
2021-03-07		 9 months crt.sh
*.gbtcdn.com
GeoTrust RSA CA 2018		 2020-06-23 -
2021-07-28		 a year crt.sh
*.staticbg.com
DigiCert Secure Site ECC CA-1		 2020-02-21 -
2021-05-22		 a year crt.sh
img.alicdn.com
DigiCert Secure Site ECC CA-1		 2020-06-09 -
2021-06-21		 a year crt.sh
*.ams3.digitaloceanspaces.com
DigiCert TLS RSA SHA256 2020 CA1		 2020-11-17 -
2021-12-07		 a year crt.sh
*.google-analytics.com
GTS CA 1O1		 2021-01-26 -
2021-04-20		 3 months crt.sh

This page contains 16 frames:

Primary Page: http://www.markocpm.com/
Frame ID: 8CD4DA5799B111EED82210FCB87D353F
Requests: 1 HTTP requests in this frame

Frame: https://cpm-ad.com/serve/show.php?a=5280&b=160x600
Frame ID: D33CD8A4E8E0A62DBF9812ACFBF775BC
Requests: 11 HTTP requests in this frame

Frame: https://cpm-ad.com/serve/show.php?a=5280&b=300x250
Frame ID: 55F36C361F4619B105B3736C83D075F8
Requests: 11 HTTP requests in this frame

Frame: https://cpm-ad.com/serve/show.php?a=5280&b=728x90
Frame ID: FD0900D5A994CDEFB59A024B617ED3E0
Requests: 11 HTTP requests in this frame

Frame: https://mfk-network.com/ads/l4.php
Frame ID: 6AFE5F19CD611ADE7ACF6F05486DB19A
Requests: 4 HTTP requests in this frame

Frame: https://mfk-network.com/ads/l4.php
Frame ID: 0EA91CB3007E5369627D80AFA45BF98C
Requests: 4 HTTP requests in this frame

Frame: https://mfk-network.com/ads/l4.php
Frame ID: 4E48201F9880DC0DE61B5ECA32512915
Requests: 4 HTTP requests in this frame

Frame: https://www.performanceonclick.com/ad/display.php?stamat=m%7C%2CkdjEm4jMqB1dAN0dEdHP3xP.b2a%2CTuo6O6WqAf9d0BILpW7O1y8847YhsNeEiUY0IJ7N5uDZxyZOSYOBeUYJDRcJquwvQjTHL0piSNWAazQhS5FDD2BGv-J1N2JY2HsLLLgwt4g%2C&cbrandom=0.7174944567885277&cbtitle=&cbiframe=1&cbWidth=300&cbHeight=250&cbdescription=&cbkeywords=&cbref=http%3A%2F%2Fwww.markocpm.com%2F
Frame ID: D3BA37AD42EB094C92F8A3F3FE645E5A
Requests: 1 HTTP requests in this frame

Frame: https://www.performanceonclick.com/ad/display.php?stamat=m%7C%2CkY2LWYjPqB1dAN0dEdHP3xP.331%2CTuo6O6WqAf9d0BILpW7O15NWBfeLSNLuUqq52W98zffZNzngAL2SK-xMoHZ41fcj1W0nQJNn0sCMNiX3vQXphtYSwIqmY8sFEe96cQI4Y64%2C&cbrandom=0.5013980499575577&cbtitle=&cbiframe=1&cbWidth=160&cbHeight=600&cbdescription=&cbkeywords=&cbref=http%3A%2F%2Fwww.markocpm.com%2F
Frame ID: 6E7582F4FFC07D9938BF6580A3799C12
Requests: 1 HTTP requests in this frame

Frame: https://www.performanceonclick.com/ad/display.php?stamat=m%7C%2CwI2E2d2EqB1dAN0dEdHP3xP.7c3%2CTuo6O6WqAf9d0BILpW7O1wb2u9cWfM07eyzZaYYC3qZmbwwjR4wCDxZkYcG2RUoMPi2TzdRP0TNfL3g0P4mk1lkc0HAyotminQBYPitZ-r0%2C&cbrandom=0.1796209392285355&cbtitle=&cbiframe=1&cbWidth=728&cbHeight=90&cbdescription=&cbkeywords=&cbref=http%3A%2F%2Fwww.markocpm.com%2F
Frame ID: 93A526A8810DAAA5C4938E529BD4AFF3
Requests: 1 HTTP requests in this frame

Frame: https://g.cash-ads.com/?nc=vU48kmEPce8V8hkzz3hkbHI1XJmCroLFEYf%2FzA9X0aU%3D
Frame ID: 5924600E00A93F475C72A55F49F9BDDB
Requests: 6 HTTP requests in this frame

Frame: https://g.cash-ads.com/?nc=vU48kmEPce8V8hkzz3hkbHI1XJmCroLFEYf%2FzA9X0aU%3D
Frame ID: F9E18501DE88906BB370C91FFD71F928
Requests: 5 HTTP requests in this frame

Frame: https://g.cash-ads.com/?nc=vU48kmEPce8V8hkzz3hkbHI1XJmCroLFEYf%2FzA9X0aU%3D
Frame ID: 3FF8DB1184651E21F0E6FD71D488CFE0
Requests: 5 HTTP requests in this frame

Frame: https://xml.ezmob.com/redirect?feed=253063&auth=a9eBhf&url=https://g.cash-ads.com&subid=
Frame ID: 2E78F2D86559236504B04A85C4728464
Requests: 1 HTTP requests in this frame

Frame: https://xml.ezmob.com/redirect?feed=253063&auth=a9eBhf&url=https://g.cash-ads.com&subid=
Frame ID: 596B4FD540E0B929322C7052AB5CE58F
Requests: 1 HTTP requests in this frame

Frame: https://xml.ezmob.com/redirect?feed=253063&auth=a9eBhf&url=https://g.cash-ads.com&subid=
Frame ID: 37328FAC7DB8077118329502E57B1E69
Requests: 1 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Detected technologies

Overall confidence: 100%
Detected patterns
  • headers server /^LiteSpeed$/i

Page Statistics

68
Requests

94 %
HTTPS

18 %
IPv6

11
Domains

12
Subdomains

12
IPs

4
Countries

1913 kB
Transfer

1997 kB
Size

2
Cookies

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 0
  • http://cpm-ad.com/serve/show.php?a=5280&b=160x600 HTTP 301
  • https://cpm-ad.com/serve/show.php?a=5280&b=160x600
Request Chain 1
  • http://cpm-ad.com/serve/show.php?a=5280&b=300x250 HTTP 301
  • https://cpm-ad.com/serve/show.php?a=5280&b=300x250
Request Chain 2
  • http://cpm-ad.com/serve/show.php?a=5280&b=728x90 HTTP 301
  • https://cpm-ad.com/serve/show.php?a=5280&b=728x90

68 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
Primary Request Cookie set /
www.markocpm.com/ 		515 B
701 B 		Document
General
Check archive.org
Download Go to
Full URL
http://www.markocpm.com/
Protocol
HTTP/1.1
Server
45.93.125.49 , Germany, ASN47583 (AS-HOSTINGER, CY),
Reverse DNS
Software
LiteSpeed / PHP/7.3.23
Resource Hash
d38c972319042d32ce9e4ad9903c47c07ed14595312d2953c52a4de41cf7c3e0

Request headers

Host
www.markocpm.com
Connection
keep-alive
Pragma
no-cache
Cache-Control
no-cache
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Accept-Encoding
gzip, deflate
Accept-Language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Connection
Keep-Alive
X-Powered-By
PHP/7.3.23
Set-Cookie
PHPSESSID=a9278b1c9f27488b0b06d66661f34872; expires=Wed, 24-Feb-2021 10:01:11 GMT; Max-Age=604800; path=/; HttpOnly
Expires
Thu, 19 Nov 1981 08:52:00 GMT
Cache-Control
no-store, no-cache, must-revalidate
Pragma
no-cache
Content-Type
text/html; charset=UTF-8
Transfer-Encoding
chunked
Content-Encoding
gzip
Vary
Accept-Encoding
Date
Wed, 17 Feb 2021 10:01:11 GMT
Server
LiteSpeed
show.php
cpm-ad.com/serve/ Frame D33C
Redirect Chain
  • http://cpm-ad.com/serve/show.php?a=5280&b=160x600
  • https://cpm-ad.com/serve/show.php?a=5280&b=160x600
3 KB
1 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://cpm-ad.com/serve/show.php?a=5280&b=160x600
Requested by
Host: www.markocpm.com
URL: http://www.markocpm.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3031::ac43:89c2 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare / PHP/5.6.40
Resource Hash
7d00b0ef54bbf7d26b0429d7ceb8e49e475741cc1e482fbee352dcc2d8836997

Request headers

:method
GET
:authority
cpm-ad.com
:scheme
https
:path
/serve/show.php?a=5280&b=160x600
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
http://www.markocpm.com/
accept-encoding
gzip, deflate, br
accept-language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Referer
http://www.markocpm.com/

Response headers

date
Wed, 17 Feb 2021 10:01:11 GMT
content-type
text/html; charset=UTF-8
set-cookie
__cfduid=d82c26b0c0f2ff7868744d274e14164e51613556071; expires=Fri, 19-Mar-21 10:01:11 GMT; path=/; domain=.cpm-ad.com; HttpOnly; SameSite=Lax; Secure __cf_bm=3f4aa7382e8ce2692490ab7e539258b3f8f223ed-1613556071-1800-AUSl17GdOGT5EZwi+X3h94/8K571Yf8MmtnENVEAq3lf51YuOTZQb3ss8Ec8AT8qZSG204XkNy7nCFI0LGESC3g=; path=/; expires=Wed, 17-Feb-21 10:31:11 GMT; domain=.cpm-ad.com; HttpOnly; Secure; SameSite=None
vary
Accept-Encoding
x-powered-by
PHP/5.6.40
cf-cache-status
DYNAMIC
cf-request-id
085108d41e00004eb596a74000000001
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
report-to
{"max_age":604800,"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=4B0xA%2Fu3CZCAIo89iCi6Pu2Yl6zYFyWQOI4sdZqlu4Mt5nQd8GJ1t9gYqFVs8Rof%2F2QsdF9%2BhK6cyrYU0PuZEgpmTeQ%2FxjbM7voZ8tWX1A7M1%2FL8j3m7"}],"group":"cf-nel"}
nel
{"report_to":"cf-nel","max_age":604800}
server
cloudflare
cf-ray
622eaa6698564eb5-FRA
content-encoding
br

Redirect headers

Date
Wed, 17 Feb 2021 10:01:11 GMT
Transfer-Encoding
chunked
Connection
keep-alive
Cache-Control
max-age=3600
Expires
Wed, 17 Feb 2021 11:01:11 GMT
Location
https://cpm-ad.com/serve/show.php?a=5280&b=160x600
cf-request-id
085108d3930000d72904b99000000001
Set-Cookie
__cf_bm=4ef08c5745472df720b6b44976a7add7829bd20d-1613556071-1800-AfaAJanPXmVuZV45FsjQLlUOb+rmJZ8f+L7RPMeH2MzL5fQM5vfPSax1OHEht0NB+3rXoMKorugWENwt5UPB8VU=; path=/; expires=Wed, 17-Feb-21 10:31:11 GMT; domain=.cpm-ad.com; HttpOnly; SameSite=None
Report-To
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=6qkvyNT6mQtPOl2X4tnuKqm86C0n3x9DCpvpdwMANdpgjPtT1KBNFS76Vyi4dHRA%2BSzmrs%2Bo5u4plT20HM4cofGT81I92O7UU5PqzhQxCjrY2nJiMsih"}],"group":"cf-nel","max_age":604800}
NEL
{"report_to":"cf-nel","max_age":604800}
Vary
Accept-Encoding
Server
cloudflare
CF-RAY
622eaa65bf0ad729-FRA
show.php
cpm-ad.com/serve/ Frame 55F3
Redirect Chain
  • http://cpm-ad.com/serve/show.php?a=5280&b=300x250
  • https://cpm-ad.com/serve/show.php?a=5280&b=300x250
3 KB
2 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://cpm-ad.com/serve/show.php?a=5280&b=300x250
Requested by
Host: www.markocpm.com
URL: http://www.markocpm.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3031::ac43:89c2 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare / PHP/5.6.40
Resource Hash
024dcaaad8ab182855ef0ca9025531889d3e24ebc5ed8884856a15719b1b75dd

Request headers

:method
GET
:authority
cpm-ad.com
:scheme
https
:path
/serve/show.php?a=5280&b=300x250
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
http://www.markocpm.com/
accept-encoding
gzip, deflate, br
accept-language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Referer
http://www.markocpm.com/

Response headers

date
Wed, 17 Feb 2021 10:01:11 GMT
content-type
text/html; charset=UTF-8
set-cookie
__cfduid=d82c26b0c0f2ff7868744d274e14164e51613556071; expires=Fri, 19-Mar-21 10:01:11 GMT; path=/; domain=.cpm-ad.com; HttpOnly; SameSite=Lax; Secure __cf_bm=e1316f1f5791b78b83f13f9a481c9237b16d7de1-1613556071-1800-Ae+HeY9NcGu4wIarCiPXeHcdjmUmIaYwfi4YOKNoQ5l520k3PPScqcZD1j7f2dYn8I0M06WTXM6p+pclyEgBdb0=; path=/; expires=Wed, 17-Feb-21 10:31:11 GMT; domain=.cpm-ad.com; HttpOnly; Secure; SameSite=None
vary
Accept-Encoding
x-powered-by
PHP/5.6.40
cf-cache-status
DYNAMIC
cf-request-id
085108d3b300004eb5a7846000000001
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
report-to
{"max_age":604800,"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=cm0lAgS5isZF24xd7ONffEFzqn8asDFrWsPNT%2FjoieFbBdhEjynmZsgjYPtj8QP8RulvF1IckDwaJdNAfD73UyV1ex4iJJqShG5egOIbIIi%2FThz7gPX7"}],"group":"cf-nel"}
nel
{"report_to":"cf-nel","max_age":604800}
server
cloudflare
cf-ray
622eaa65ef5e4eb5-FRA
content-encoding
br

Redirect headers

Date
Wed, 17 Feb 2021 10:01:11 GMT
Transfer-Encoding
chunked
Connection
keep-alive
Cache-Control
max-age=3600
Expires
Wed, 17 Feb 2021 11:01:11 GMT
Location
https://cpm-ad.com/serve/show.php?a=5280&b=300x250
cf-request-id
085108d39300004e3e2ab08000000001
Set-Cookie
__cf_bm=cdbc12376a20974620676371bf8197c2341e6eb5-1613556071-1800-AdKEs6TLtmwQIBgSg34KCdLT9790T0gfl991Kmr1Kkp7pTfsyvNoulZC7Dfm9Hkrz75o+XBPfxg5f+zUcX1aTs0=; path=/; expires=Wed, 17-Feb-21 10:31:11 GMT; domain=.cpm-ad.com; HttpOnly; SameSite=None
Report-To
{"max_age":604800,"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=HSaqTm2Ub%2FEquVBtmRhOIifWedKfKen%2FNzJSJxZrt3ouO%2Fraab1JLhw6oN8NZwTmyEGsFE9ZbH2av9XAQYpi%2FJX5sEvhnAYz4trC4Tu2n80vjC88Fqvp"}],"group":"cf-nel"}
NEL
{"report_to":"cf-nel","max_age":604800}
Vary
Accept-Encoding
Server
cloudflare
CF-RAY
622eaa65bfb74e3e-FRA
show.php
cpm-ad.com/serve/ Frame FD09
Redirect Chain
  • http://cpm-ad.com/serve/show.php?a=5280&b=728x90
  • https://cpm-ad.com/serve/show.php?a=5280&b=728x90
3 KB
1 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://cpm-ad.com/serve/show.php?a=5280&b=728x90
Requested by
Host: www.markocpm.com
URL: http://www.markocpm.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3031::ac43:89c2 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare / PHP/5.6.40
Resource Hash
be664eea90bd3d32be50087c02cf64034f256dbc95d928fbd98f57bbca726280

Request headers

:method
GET
:authority
cpm-ad.com
:scheme
https
:path
/serve/show.php?a=5280&b=728x90
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
http://www.markocpm.com/
accept-encoding
gzip, deflate, br
accept-language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Referer
http://www.markocpm.com/

Response headers

date
Wed, 17 Feb 2021 10:01:11 GMT
content-type
text/html; charset=UTF-8
set-cookie
__cfduid=d82c26b0c0f2ff7868744d274e14164e51613556071; expires=Fri, 19-Mar-21 10:01:11 GMT; path=/; domain=.cpm-ad.com; HttpOnly; SameSite=Lax; Secure __cf_bm=5074b74ea0188dbe27d77484ae206e117e94fc76-1613556071-1800-AbW84qJiB5bn1cqKFGrRPBFkZvnv4JSVFC1Wg0hycfDwiWfuXm9RehUkt19RMSy4CnPKi+rjsVdhuDOKfN0RUBk=; path=/; expires=Wed, 17-Feb-21 10:31:11 GMT; domain=.cpm-ad.com; HttpOnly; Secure; SameSite=None
vary
Accept-Encoding
x-powered-by
PHP/5.6.40
cf-cache-status
DYNAMIC
cf-request-id
085108d41e00004eb556307000000001
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
report-to
{"max_age":604800,"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=90iB70lHFAQ2XUfJU9Ca0%2BOnsl8SLmXtoKfQHhoRZyw6PEGkKGu10U2juzWikL4KM6nza%2Boq7aM0J7ARQU7aiivjEO%2BVVX6SvT4d8BSnvxA1nsb%2Biz4r"}],"group":"cf-nel"}
nel
{"report_to":"cf-nel","max_age":604800}
server
cloudflare
cf-ray
622eaa6698574eb5-FRA
content-encoding
br

Redirect headers

Date
Wed, 17 Feb 2021 10:01:11 GMT
Transfer-Encoding
chunked
Connection
keep-alive
Cache-Control
max-age=3600
Expires
Wed, 17 Feb 2021 11:01:11 GMT
Location
https://cpm-ad.com/serve/show.php?a=5280&b=728x90
cf-request-id
085108d3960000325cd993d000000001
Set-Cookie
__cf_bm=8c9729f85b3e9583a540d4fa8bf4e7d8eb932ff7-1613556071-1800-Aa0G938+B29Bbm8z/6RRRYrSTCWwViQuS07Z1MwEhEWUMQ+nmpAujhslw6HQmyb7qVyV3G0qdnHx5SMQdk/yfmY=; path=/; expires=Wed, 17-Feb-21 10:31:11 GMT; domain=.cpm-ad.com; HttpOnly; SameSite=None
Report-To
{"group":"cf-nel","max_age":604800,"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=xOGwcnrFQyDjnrCfxK5V8%2FnYB2YEwGZ%2FJULzFadddepF%2FEmVuIc6tersuQMp1LXCpUgYTWuGQmfHNVz70INn5Pi9JUjFAnMHPipiGfpr1hpnBZVXI%2Fec"}]}
NEL
{"max_age":604800,"report_to":"cf-nel"}
Vary
Accept-Encoding
Server
cloudflare
CF-RAY
622eaa65bfcc325c-FRA
300x250.png
cpm-ad.com/store/ Frame 55F3 		36 KB
36 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cpm-ad.com/store/300x250.png
Requested by
Host: cpm-ad.com
URL: https://cpm-ad.com/serve/show.php?a=5280&b=300x250
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3031::ac43:89c2 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
bf4da1a870c853656ba97415dec0994f4f19d2eb6651cba90acf6c3c0adbf298

Request headers

Referer
https://cpm-ad.com/serve/show.php?a=5280&b=300x250
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Wed, 17 Feb 2021 10:01:11 GMT
cf-cache-status
HIT
nel
{"report_to":"cf-nel","max_age":604800}
age
6954
content-length
36704
cf-request-id
085108d4d900004eb5812ef000000001
last-modified
Thu, 04 Feb 2021 00:15:30 GMT
server
cloudflare
etag
"601b3ca2-8f60"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"max_age":604800,"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=Onj%2FLPCEFp2fzVn2%2B8hWIJV8aVM9OVFHQJsIhOEUUL7TSNY2JDnlBogNT94LE8J90kYgJUAaEq3JMTN1XviI0oJWXsZEwP7yWks%2BtGiVY04%2FN8GQp%2FLm"}],"group":"cf-nel"}
content-type
image/png
cache-control
max-age=14400
accept-ranges
bytes
cf-ray
622eaa67c9dd4eb5-FRA
/
g.cash-ads.com/banner/ Frame 55F3 		218 B
375 B 		Script
General
Check archive.org
Download Go to
Full URL
https://g.cash-ads.com/banner/?code=uQbNWNfhVACn9VGoEjv03tVCfHSbzWOV4TVGekvszr4%3D
Requested by
Host: cpm-ad.com
URL: https://cpm-ad.com/serve/show.php?a=5280&b=300x250
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
147.135.220.104 , France, ASN16276 (OVH, FR),
Reverse DNS
ns3074226.ip-147-135-220.eu
Software
nginx /
Resource Hash
7409472555206c4d0068343a417426686fcf23973ea3f53c5a4f1d94cb9b5bd6
Security Headers
Name Value
Strict-Transport-Security max-age=15768000; includeSubDomains
X-Frame-Options deny
X-Xss-Protection 1; mode=block

Request headers

Referer
https://cpm-ad.com/serve/show.php?a=5280&b=300x250
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Wed, 17 Feb 2021 10:01:11 GMT
server
nginx
x-frame-options
deny
x-xss-protection
1; mode=block
strict-transport-security
max-age=15768000; includeSubDomains
content-type
text/html; charset=UTF-8
valid.php
cpm-ad.com/serve/ Frame 55F3 		35 B
419 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cpm-ad.com/serve/valid.php?a=5280&b=300x250&referr=&t=1613556307&c=smartukas&e=2&f=1&h=fecbacbffba
Requested by
Host: cpm-ad.com
URL: https://cpm-ad.com/serve/show.php?a=5280&b=300x250
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3031::ac43:89c2 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare / PHP/5.6.40
Resource Hash
6a842ea462daca2a0b5a0f5f25bcfc8e0059ac811ca6c6a1bc54e4d9119621c3

Request headers

Referer
https://cpm-ad.com/serve/show.php?a=5280&b=300x250
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Wed, 17 Feb 2021 10:01:11 GMT
cf-cache-status
DYNAMIC
nel
{"report_to":"cf-nel","max_age":604800}
server
cloudflare
x-powered-by
PHP/5.6.40
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
report-to
{"max_age":604800,"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=S04heK5r6moKbcBSpyjdAOmypkPE4pLsEM%2FcUQhTqAAvRMSVFkZ%2FYBaIlRajZQR9Z26xmUzk6Q9%2FkcTGcMv8dPi5OnG20oba0hpo8iPV%2F%2BGcLU1JpJXF"}],"group":"cf-nel"}
content-type
image/gif
cf-ray
622eaa67c9e04eb5-FRA
cf-request-id
085108d4d900004eb54e8c5000000001
l4.php
mfk-network.com/ads/ Frame 6AFE 		2 KB
2 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://mfk-network.com/ads/l4.php
Requested by
Host: cpm-ad.com
URL: https://cpm-ad.com/serve/show.php?a=5280&b=300x250
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
178.211.40.147 , Turkey, ASN197328 (INETLTD, TR),
Reverse DNS
Software
nginx / PHP/7.3.27 PleskLin
Resource Hash
d27d57dd4748d26c4e2e6c06a8cf9f9d1b58f11db141524835ac638c56bc95cf

Request headers

Host
mfk-network.com
Connection
keep-alive
Pragma
no-cache
Cache-Control
no-cache
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Sec-Fetch-Site
cross-site
Sec-Fetch-Mode
navigate
Sec-Fetch-Dest
iframe
Referer
https://cpm-ad.com/serve/show.php?a=5280&b=300x250
Accept-Encoding
gzip, deflate, br
Accept-Language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Referer
https://cpm-ad.com/serve/show.php?a=5280&b=300x250

Response headers

Server
nginx
Date
Wed, 17 Feb 2021 10:01:12 GMT
Content-Type
text/html; charset=UTF-8
Transfer-Encoding
chunked
Connection
keep-alive
X-Powered-By
PHP/7.3.27 PleskLin
tag
cpm.ezmob.com/ Frame 55F3 		170 B
491 B 		Script
General
Check archive.org
Download Go to
Full URL
https://cpm.ezmob.com/tag?zone_id=92400&size=300x250&subid=&j=pu%3Dwww.markocpm.com%26if%3D1%26rn%3D7270742
Requested by
Host: cpm-ad.com
URL: https://cpm-ad.com/serve/show.php?a=5280&b=300x250
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
77.245.57.72 , United States, ASN36057 (WEBAIR-INTERNET-MTL, US),
Reverse DNS
Software
nginx /
Resource Hash
7b5e7bd997612dd555cc3276194fd0f0be307ed3a2ca9fc2e35031d245e91256

Request headers

Referer
https://cpm-ad.com/serve/show.php?a=5280&b=300x250
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Pragma
no-cache
Date
Wed, 17 Feb 2021 10:01:11 GMT
Server
nginx
Age
0
P3P
policyref="/w3c/p3p.xml", CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
Cache-Control
no-store
Connection
close
Content-Type
application/javascript; charset=utf-8
Content-Length
170
160x600.png
cpm-ad.com/store/ Frame D33C 		34 KB
35 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cpm-ad.com/store/160x600.png
Requested by
Host: cpm-ad.com
URL: https://cpm-ad.com/serve/show.php?a=5280&b=160x600
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3031::ac43:89c2 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
18c34455c3049d6048e2f70b1ef9aee246dcec5d6fc956a3f451ce21a7c5803c

Request headers

Referer
https://cpm-ad.com/serve/show.php?a=5280&b=160x600
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Wed, 17 Feb 2021 10:01:11 GMT
cf-cache-status
HIT
nel
{"report_to":"cf-nel","max_age":604800}
age
6923
content-length
34961
cf-request-id
085108d54300004eb5ac050000000001
last-modified
Thu, 04 Feb 2021 00:15:29 GMT
server
cloudflare
etag
"601b3ca1-8891"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"max_age":604800,"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=8JcwvrhuSPny7IQPk4sQzJ00tOL3xd5kvK8GgUSCDr6FNPfas8CZUzR1x3TIgKwk8pbsiiLumi96SZBH8hcZS7%2BpVpTDMwY7SmA9U%2FWudWSWlY%2B3JPPB"}],"group":"cf-nel"}
content-type
image/png
cache-control
max-age=14400
accept-ranges
bytes
cf-ray
622eaa686a9c4eb5-FRA
/
g.cash-ads.com/banner/ Frame D33C 		218 B
376 B 		Script
General
Check archive.org
Download Go to
Full URL
https://g.cash-ads.com/banner/?code=uQbNWNfhVACn9VGoEjv03tVCfHSbzWOV4TVGekvszr4%3D
Requested by
Host: cpm-ad.com
URL: https://cpm-ad.com/serve/show.php?a=5280&b=160x600
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
147.135.220.104 , France, ASN16276 (OVH, FR),
Reverse DNS
ns3074226.ip-147-135-220.eu
Software
nginx /
Resource Hash
7409472555206c4d0068343a417426686fcf23973ea3f53c5a4f1d94cb9b5bd6
Security Headers
Name Value
Strict-Transport-Security max-age=15768000; includeSubDomains
X-Frame-Options deny
X-Xss-Protection 1; mode=block

Request headers

Referer
https://cpm-ad.com/serve/show.php?a=5280&b=160x600
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Wed, 17 Feb 2021 10:01:11 GMT
server
nginx
x-frame-options
deny
x-xss-protection
1; mode=block
strict-transport-security
max-age=15768000; includeSubDomains
content-type
text/html; charset=UTF-8
valid.php
cpm-ad.com/serve/ Frame D33C 		35 B
343 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cpm-ad.com/serve/valid.php?a=5280&b=160x600&referr=&t=1613556307&c=smartukas&e=2&f=1&h=fecbacbffba
Requested by
Host: cpm-ad.com
URL: https://cpm-ad.com/serve/show.php?a=5280&b=160x600
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3031::ac43:89c2 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare / PHP/5.6.40
Resource Hash
6a842ea462daca2a0b5a0f5f25bcfc8e0059ac811ca6c6a1bc54e4d9119621c3

Request headers

Referer
https://cpm-ad.com/serve/show.php?a=5280&b=160x600
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Wed, 17 Feb 2021 10:01:11 GMT
cf-cache-status
DYNAMIC
nel
{"report_to":"cf-nel","max_age":604800}
server
cloudflare
x-powered-by
PHP/5.6.40
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
report-to
{"max_age":604800,"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=EWIssjORd7oPvajFJ6kgzkCKr6vKcCnadlx5uiRTE%2FumrYZa7rqz7rzV9oFKwy3qjesQX7j5v8GxYws3vGPJ%2B9bdnz%2B4h8%2FuCuJ45FYFWtCKlzz4V6Td"}],"group":"cf-nel"}
content-type
image/gif
cf-ray
622eaa686a9d4eb5-FRA
cf-request-id
085108d54300004eb58d057000000001
l4.php
mfk-network.com/ads/ Frame 0EA9 		2 KB
2 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://mfk-network.com/ads/l4.php
Requested by
Host: cpm-ad.com
URL: https://cpm-ad.com/serve/show.php?a=5280&b=160x600
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
178.211.40.147 , Turkey, ASN197328 (INETLTD, TR),
Reverse DNS
Software
nginx / PHP/7.3.27 PleskLin
Resource Hash
d27d57dd4748d26c4e2e6c06a8cf9f9d1b58f11db141524835ac638c56bc95cf

Request headers

Host
mfk-network.com
Connection
keep-alive
Pragma
no-cache
Cache-Control
no-cache
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Sec-Fetch-Site
cross-site
Sec-Fetch-Mode
navigate
Sec-Fetch-Dest
iframe
Referer
https://cpm-ad.com/serve/show.php?a=5280&b=160x600
Accept-Encoding
gzip, deflate, br
Accept-Language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Referer
https://cpm-ad.com/serve/show.php?a=5280&b=160x600

Response headers

Server
nginx
Date
Wed, 17 Feb 2021 10:01:12 GMT
Content-Type
text/html; charset=UTF-8
Transfer-Encoding
chunked
Connection
keep-alive
X-Powered-By
PHP/7.3.27 PleskLin
tag
cpm.ezmob.com/ Frame D33C 		170 B
491 B 		Script
General
Check archive.org
Download Go to
Full URL
https://cpm.ezmob.com/tag?zone_id=92400&size=300x250&subid=&j=pu%3Dwww.markocpm.com%26if%3D1%26rn%3D25336908
Requested by
Host: cpm-ad.com
URL: https://cpm-ad.com/serve/show.php?a=5280&b=160x600
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
77.245.57.72 , United States, ASN36057 (WEBAIR-INTERNET-MTL, US),
Reverse DNS
Software
nginx /
Resource Hash
7b5e7bd997612dd555cc3276194fd0f0be307ed3a2ca9fc2e35031d245e91256

Request headers

Referer
https://cpm-ad.com/serve/show.php?a=5280&b=160x600
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Pragma
no-cache
Date
Wed, 17 Feb 2021 10:01:11 GMT
Server
nginx
Age
0
P3P
policyref="/w3c/p3p.xml", CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
Cache-Control
no-store
Connection
close
Content-Type
application/javascript; charset=utf-8
Content-Length
170
728x90.png
cpm-ad.com/store/ Frame FD09 		25 KB
26 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cpm-ad.com/store/728x90.png
Requested by
Host: cpm-ad.com
URL: https://cpm-ad.com/serve/show.php?a=5280&b=728x90
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3031::ac43:89c2 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
17c234114df8b98c37ed3ec8d908738d330d695192d0a1eaba0a120d7c672ab0

Request headers

Referer
https://cpm-ad.com/serve/show.php?a=5280&b=728x90
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Wed, 17 Feb 2021 10:01:11 GMT
cf-cache-status
HIT
nel
{"report_to":"cf-nel","max_age":604800}
age
6993
content-length
25719
cf-request-id
085108d54a00004eb54f9bb000000001
last-modified
Thu, 04 Feb 2021 00:15:30 GMT
server
cloudflare
etag
"601b3ca2-6477"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"max_age":604800,"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=B9sXVY7dMJTWnTXA5RK8S8pQAauD4ERkgXfJ%2Bt2BmA4sDGlF8MY%2FNDRcpa%2F7oVXnznevn9%2FkNXIHIvkEY%2Fu2Jm8QL9vtjcEac3Rp%2FZyV96uNN2qdd8qh"}],"group":"cf-nel"}
content-type
image/png
cache-control
max-age=14400
accept-ranges
bytes
cf-ray
622eaa687aad4eb5-FRA
/
g.cash-ads.com/banner/ Frame FD09 		218 B
375 B 		Script
General
Check archive.org
Download Go to
Full URL
https://g.cash-ads.com/banner/?code=uQbNWNfhVACn9VGoEjv03tVCfHSbzWOV4TVGekvszr4%3D
Requested by
Host: cpm-ad.com
URL: https://cpm-ad.com/serve/show.php?a=5280&b=728x90
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
147.135.220.104 , France, ASN16276 (OVH, FR),
Reverse DNS
ns3074226.ip-147-135-220.eu
Software
nginx /
Resource Hash
7409472555206c4d0068343a417426686fcf23973ea3f53c5a4f1d94cb9b5bd6
Security Headers
Name Value
Strict-Transport-Security max-age=15768000; includeSubDomains
X-Frame-Options deny
X-Xss-Protection 1; mode=block

Request headers

Referer
https://cpm-ad.com/serve/show.php?a=5280&b=728x90
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Wed, 17 Feb 2021 10:01:11 GMT
server
nginx
x-frame-options
deny
x-xss-protection
1; mode=block
strict-transport-security
max-age=15768000; includeSubDomains
content-type
text/html; charset=UTF-8
valid.php
cpm-ad.com/serve/ Frame FD09 		35 B
329 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cpm-ad.com/serve/valid.php?a=5280&b=728x90&referr=&t=1613556307&c=smartukas&e=2&f=1&h=fecbacbffba
Requested by
Host: cpm-ad.com
URL: https://cpm-ad.com/serve/show.php?a=5280&b=728x90
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3031::ac43:89c2 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare / PHP/5.6.40
Resource Hash
6a842ea462daca2a0b5a0f5f25bcfc8e0059ac811ca6c6a1bc54e4d9119621c3

Request headers

Referer
https://cpm-ad.com/serve/show.php?a=5280&b=728x90
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Wed, 17 Feb 2021 10:01:12 GMT
cf-cache-status
DYNAMIC
nel
{"report_to":"cf-nel","max_age":604800}
server
cloudflare
x-powered-by
PHP/5.6.40
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
report-to
{"max_age":604800,"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=ZxhKXeHtGAUPH5QqAagDrMNp8GqzPrAdnR1Eu7712rW8l4d1q7LwIHKRb51M2%2FApqIb6ApZ0PVPaFm8WO9bmRDi1vPGOxOyKf8EZEnWA%2FSKD0B8CZPDy"}],"group":"cf-nel"}
content-type
image/gif
cf-ray
622eaa687aae4eb5-FRA
cf-request-id
085108d54a00004eb556316000000001
l4.php
mfk-network.com/ads/ Frame 4E48 		2 KB
2 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://mfk-network.com/ads/l4.php
Requested by
Host: cpm-ad.com
URL: https://cpm-ad.com/serve/show.php?a=5280&b=728x90
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
178.211.40.147 , Turkey, ASN197328 (INETLTD, TR),
Reverse DNS
Software
nginx / PHP/7.3.27 PleskLin
Resource Hash
d27d57dd4748d26c4e2e6c06a8cf9f9d1b58f11db141524835ac638c56bc95cf

Request headers

Host
mfk-network.com
Connection
keep-alive
Pragma
no-cache
Cache-Control
no-cache
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Sec-Fetch-Site
cross-site
Sec-Fetch-Mode
navigate
Sec-Fetch-Dest
iframe
Referer
https://cpm-ad.com/serve/show.php?a=5280&b=728x90
Accept-Encoding
gzip, deflate, br
Accept-Language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Referer
https://cpm-ad.com/serve/show.php?a=5280&b=728x90

Response headers

Server
nginx
Date
Wed, 17 Feb 2021 10:01:12 GMT
Content-Type
text/html; charset=UTF-8
Transfer-Encoding
chunked
Connection
keep-alive
X-Powered-By
PHP/7.3.27 PleskLin
tag
cpm.ezmob.com/ Frame FD09 		170 B
491 B 		Script
General
Check archive.org
Download Go to
Full URL
https://cpm.ezmob.com/tag?zone_id=92400&size=300x250&subid=&j=pu%3Dwww.markocpm.com%26if%3D1%26rn%3D81867088
Requested by
Host: cpm-ad.com
URL: https://cpm-ad.com/serve/show.php?a=5280&b=728x90
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
77.245.57.72 , United States, ASN36057 (WEBAIR-INTERNET-MTL, US),
Reverse DNS
Software
nginx /
Resource Hash
7b5e7bd997612dd555cc3276194fd0f0be307ed3a2ca9fc2e35031d245e91256

Request headers

Referer
https://cpm-ad.com/serve/show.php?a=5280&b=728x90
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Pragma
no-cache
Date
Wed, 17 Feb 2021 10:01:11 GMT
Server
nginx
Age
0
P3P
policyref="/w3c/p3p.xml", CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
Cache-Control
no-store
Connection
close
Content-Type
application/javascript; charset=utf-8
Content-Length
170
display.php
www.performanceonclick.com/a/ Frame 55F3 		6 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.performanceonclick.com/a/display.php?r=3511723&sub1=92400
Requested by
Host: cpm.ezmob.com
URL: https://cpm.ezmob.com/tag?zone_id=92400&size=300x250&subid=&j=pu%3Dwww.markocpm.com%26if%3D1%26rn%3D7270742
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
35.227.196.138 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
138.196.227.35.bc.googleusercontent.com
Software
openresty /
Resource Hash
025b225c1c8410c345211ea9a0d9ed0621c4a6d1b627d311288202f4febd96a6

Request headers

Referer
https://cpm-ad.com/serve/show.php?a=5280&b=300x250
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

access-control-allow-origin
*
date
Wed, 17 Feb 2021 10:01:12 GMT
content-encoding
gzip
server
openresty
alt-svc
clear
via
1.1 google
content-type
application/javascript; charset=utf-8
display.php
www.performanceonclick.com/a/ Frame D33C 		6 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.performanceonclick.com/a/display.php?r=3511723&sub1=92400
Requested by
Host: cpm.ezmob.com
URL: https://cpm.ezmob.com/tag?zone_id=92400&size=300x250&subid=&j=pu%3Dwww.markocpm.com%26if%3D1%26rn%3D25336908
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
35.227.196.138 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
138.196.227.35.bc.googleusercontent.com
Software
openresty /
Resource Hash
3975af415c72b5dd5e9936a39cd946b25185695176ce216b2565b72d75be1922

Request headers

Referer
https://cpm-ad.com/serve/show.php?a=5280&b=160x600
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

access-control-allow-origin
*
date
Wed, 17 Feb 2021 10:01:12 GMT
content-encoding
gzip
server
openresty
alt-svc
clear
via
1.1 google
content-type
application/javascript; charset=utf-8
display.php
www.performanceonclick.com/a/ Frame FD09 		6 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.performanceonclick.com/a/display.php?r=3511723&sub1=92400
Requested by
Host: cpm.ezmob.com
URL: https://cpm.ezmob.com/tag?zone_id=92400&size=300x250&subid=&j=pu%3Dwww.markocpm.com%26if%3D1%26rn%3D81867088
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
35.227.196.138 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
138.196.227.35.bc.googleusercontent.com
Software
openresty /
Resource Hash
6d5ca831cd5e2f0dbbdc18556ee2645cadc9fd8f29361b0a96c2dd7f027c5173

Request headers

Referer
https://cpm-ad.com/serve/show.php?a=5280&b=728x90
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

access-control-allow-origin
*
date
Wed, 17 Feb 2021 10:01:12 GMT
content-encoding
gzip
server
openresty
alt-svc
clear
via
1.1 google
content-type
application/javascript; charset=utf-8
20190619160645_47000.jpg
gloimg.gbtcdn.com/soa/gb/pdm-product-pic/Electronic/2019/06/19/source-img/ Frame 6AFE 		30 KB
30 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://gloimg.gbtcdn.com/soa/gb/pdm-product-pic/Electronic/2019/06/19/source-img/20190619160645_47000.jpg
Requested by
Host: mfk-network.com
URL: https://mfk-network.com/ads/l4.php
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
23.79.135.60 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-79-135-60.deploy.static.akamaitechnologies.com
Software
Akamai Image Manager /
Resource Hash
c88568465d2298ce76148e2e5f3ae4863e2f924b6ebab3f6130608f0901be6cb

Request headers

Referer
https://mfk-network.com/ads/l4.php
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Wed, 17 Feb 2021 10:01:12 GMT
last-modified
Wed, 22 Apr 2020 04:41:16 GMT
server
Akamai Image Manager
content-type
image/webp
cache-control
private, no-transform, max-age=43200
timing-allow-origin
*
content-length
30378
expires
Wed, 17 Feb 2021 22:01:12 GMT
0d905b0f-38dd-42e1-a3d3-a0acc648a797.jpg
imgaz.staticbg.com/images/oaupload/banggood/images/7B/22/ Frame 6AFE 		134 KB
134 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://imgaz.staticbg.com/images/oaupload/banggood/images/7B/22/0d905b0f-38dd-42e1-a3d3-a0acc648a797.jpg
Requested by
Host: mfk-network.com
URL: https://mfk-network.com/ads/l4.php
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2.17.189.76 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a2-17-189-76.deploy.static.akamaitechnologies.com
Software
openresty /
Resource Hash
21f5285f79abb355603d350bf3928977f415210f524a957886d92784e9bf104f

Request headers

Referer
https://mfk-network.com/ads/l4.php
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Wed, 17 Feb 2021 10:01:12 GMT
last-modified
Sat, 21 Dec 2019 07:42:22 GMT
server
openresty
x-amz-request-id
140636fb-fb5b-4017-b1d3-0f156a1ffcaa
x-clv-request-id
140636fb-fb5b-4017-b1d3-0f156a1ffcaa
etag
"44211e50249f9cc9a43565003f85737a"
access-control-allow-methods
GET
content-type
image/jpeg
access-control-allow-origin
*
cache-control
max-age=5885833
x-clv-s3-version
2.5
accept-ranges
bytes
content-length
136953
expires
Mon, 26 Apr 2021 12:58:25 GMT
EN_300_250.png
ae01.alicdn.com/kf/HTB1fopbov9TBuNjy1zb760pepXaT/ Frame 6AFE 		19 KB
19 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ae01.alicdn.com/kf/HTB1fopbov9TBuNjy1zb760pepXaT/EN_300_250.png
Requested by
Host: mfk-network.com
URL: https://mfk-network.com/ads/l4.php
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_256_GCM
Server
104.108.35.126 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a104-108-35-126.deploy.static.akamaitechnologies.com
Software
Akamai Image Manager /
Resource Hash
0f553893c3f87e27252e704ee7e2365fae1d73937a67d70aa6bf75d12a5088e7

Request headers

Referer
https://mfk-network.com/ads/l4.php
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Wed, 17 Feb 2021 10:01:12 GMT
x-check-cacheable
YES
x-serial
789
content-type
image/webp
access-control-allow-origin
*
expires
Wed, 17 Feb 2021 22:01:12 GMT
cache-control
private, no-transform, max-age=43200
last-modified
Thu, 17 Dec 2020 10:35:02 GMT
content-length
19576
timing-allow-origin
*
network_info
PL_WARSAW_9009
from-req-dns-type
NA
server
Akamai Image Manager
served-from
72.247.179.87
display.php
www.performanceonclick.com/ad/ Frame D3BA 		0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://www.performanceonclick.com/ad/display.php?stamat=m%7C%2CkdjEm4jMqB1dAN0dEdHP3xP.b2a%2CTuo6O6WqAf9d0BILpW7O1y8847YhsNeEiUY0IJ7N5uDZxyZOSYOBeUYJDRcJquwvQjTHL0piSNWAazQhS5FDD2BGv-J1N2JY2HsLLLgwt4g%2C&cbrandom=0.7174944567885277&cbtitle=&cbiframe=1&cbWidth=300&cbHeight=250&cbdescription=&cbkeywords=&cbref=http%3A%2F%2Fwww.markocpm.com%2F
Requested by
Host: www.performanceonclick.com
URL: https://www.performanceonclick.com/a/display.php?r=3511723&sub1=92400
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
35.227.196.138 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
138.196.227.35.bc.googleusercontent.com
Software
openresty /
Resource Hash

Request headers

:method
GET
:authority
www.performanceonclick.com
:scheme
https
:path
/ad/display.php?stamat=m%7C%2CkdjEm4jMqB1dAN0dEdHP3xP.b2a%2CTuo6O6WqAf9d0BILpW7O1y8847YhsNeEiUY0IJ7N5uDZxyZOSYOBeUYJDRcJquwvQjTHL0piSNWAazQhS5FDD2BGv-J1N2JY2HsLLLgwt4g%2C&cbrandom=0.7174944567885277&cbtitle=&cbiframe=1&cbWidth=300&cbHeight=250&cbdescription=&cbkeywords=&cbref=http%3A%2F%2Fwww.markocpm.com%2F
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://cpm-ad.com/serve/show.php?a=5280&b=300x250
accept-encoding
gzip, deflate, br
accept-language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Referer
https://cpm-ad.com/serve/show.php?a=5280&b=300x250

Response headers

server
openresty
date
Wed, 17 Feb 2021 10:01:12 GMT
access-control-allow-origin
*
via
1.1 google
alt-svc
clear
tag
cpm.ezmob.com/ Frame 55F3 		227 B
548 B 		Script
General
Check archive.org
Download Go to
Full URL
https://cpm.ezmob.com/tag?zone_id=107011&size=300x250&subid=&j=pu%3Dwww.markocpm.com%26if%3D1%26rn%3D40034268
Requested by
Host: cpm-ad.com
URL: https://cpm-ad.com/serve/show.php?a=5280&b=300x250
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
77.245.57.72 , United States, ASN36057 (WEBAIR-INTERNET-MTL, US),
Reverse DNS
Software
nginx /
Resource Hash
77002ccb8d9892a1281799c1de65d0f380feaf1b7ee9739e8d748cebbb8a4db8

Request headers

Referer
https://cpm-ad.com/serve/show.php?a=5280&b=300x250
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Pragma
no-cache
Date
Wed, 17 Feb 2021 10:01:12 GMT
Server
nginx
Age
0
P3P
policyref="/w3c/p3p.xml", CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
Cache-Control
no-store
Connection
close
Content-Type
application/javascript; charset=utf-8
Content-Length
227
display.php
www.performanceonclick.com/ad/ Frame 6E75 		0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://www.performanceonclick.com/ad/display.php?stamat=m%7C%2CkY2LWYjPqB1dAN0dEdHP3xP.331%2CTuo6O6WqAf9d0BILpW7O15NWBfeLSNLuUqq52W98zffZNzngAL2SK-xMoHZ41fcj1W0nQJNn0sCMNiX3vQXphtYSwIqmY8sFEe96cQI4Y64%2C&cbrandom=0.5013980499575577&cbtitle=&cbiframe=1&cbWidth=160&cbHeight=600&cbdescription=&cbkeywords=&cbref=http%3A%2F%2Fwww.markocpm.com%2F
Requested by
Host: www.performanceonclick.com
URL: https://www.performanceonclick.com/a/display.php?r=3511723&sub1=92400
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
35.227.196.138 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
138.196.227.35.bc.googleusercontent.com
Software
openresty /
Resource Hash

Request headers

:method
GET
:authority
www.performanceonclick.com
:scheme
https
:path
/ad/display.php?stamat=m%7C%2CkY2LWYjPqB1dAN0dEdHP3xP.331%2CTuo6O6WqAf9d0BILpW7O15NWBfeLSNLuUqq52W98zffZNzngAL2SK-xMoHZ41fcj1W0nQJNn0sCMNiX3vQXphtYSwIqmY8sFEe96cQI4Y64%2C&cbrandom=0.5013980499575577&cbtitle=&cbiframe=1&cbWidth=160&cbHeight=600&cbdescription=&cbkeywords=&cbref=http%3A%2F%2Fwww.markocpm.com%2F
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://cpm-ad.com/serve/show.php?a=5280&b=160x600
accept-encoding
gzip, deflate, br
accept-language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Referer
https://cpm-ad.com/serve/show.php?a=5280&b=160x600

Response headers

server
openresty
date
Wed, 17 Feb 2021 10:01:12 GMT
access-control-allow-origin
*
via
1.1 google
alt-svc
clear
tag
cpm.ezmob.com/ Frame D33C 		227 B
548 B 		Script
General
Check archive.org
Download Go to
Full URL
https://cpm.ezmob.com/tag?zone_id=107011&size=300x250&subid=&j=pu%3Dwww.markocpm.com%26if%3D1%26rn%3D63305239
Requested by
Host: cpm-ad.com
URL: https://cpm-ad.com/serve/show.php?a=5280&b=160x600
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
77.245.57.72 , United States, ASN36057 (WEBAIR-INTERNET-MTL, US),
Reverse DNS
Software
nginx /
Resource Hash
77002ccb8d9892a1281799c1de65d0f380feaf1b7ee9739e8d748cebbb8a4db8

Request headers

Referer
https://cpm-ad.com/serve/show.php?a=5280&b=160x600
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Pragma
no-cache
Date
Wed, 17 Feb 2021 10:01:12 GMT
Server
nginx
Age
0
P3P
policyref="/w3c/p3p.xml", CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
Cache-Control
no-store
Connection
close
Content-Type
application/javascript; charset=utf-8
Content-Length
227
display.php
www.performanceonclick.com/ad/ Frame 93A5 		0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://www.performanceonclick.com/ad/display.php?stamat=m%7C%2CwI2E2d2EqB1dAN0dEdHP3xP.7c3%2CTuo6O6WqAf9d0BILpW7O1wb2u9cWfM07eyzZaYYC3qZmbwwjR4wCDxZkYcG2RUoMPi2TzdRP0TNfL3g0P4mk1lkc0HAyotminQBYPitZ-r0%2C&cbrandom=0.1796209392285355&cbtitle=&cbiframe=1&cbWidth=728&cbHeight=90&cbdescription=&cbkeywords=&cbref=http%3A%2F%2Fwww.markocpm.com%2F
Requested by
Host: www.performanceonclick.com
URL: https://www.performanceonclick.com/a/display.php?r=3511723&sub1=92400
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
35.227.196.138 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
138.196.227.35.bc.googleusercontent.com
Software
openresty /
Resource Hash

Request headers

:method
GET
:authority
www.performanceonclick.com
:scheme
https
:path
/ad/display.php?stamat=m%7C%2CwI2E2d2EqB1dAN0dEdHP3xP.7c3%2CTuo6O6WqAf9d0BILpW7O1wb2u9cWfM07eyzZaYYC3qZmbwwjR4wCDxZkYcG2RUoMPi2TzdRP0TNfL3g0P4mk1lkc0HAyotminQBYPitZ-r0%2C&cbrandom=0.1796209392285355&cbtitle=&cbiframe=1&cbWidth=728&cbHeight=90&cbdescription=&cbkeywords=&cbref=http%3A%2F%2Fwww.markocpm.com%2F
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://cpm-ad.com/serve/show.php?a=5280&b=728x90
accept-encoding
gzip, deflate, br
accept-language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Referer
https://cpm-ad.com/serve/show.php?a=5280&b=728x90

Response headers

server
openresty
date
Wed, 17 Feb 2021 10:01:12 GMT
access-control-allow-origin
*
via
1.1 google
alt-svc
clear
tag
cpm.ezmob.com/ Frame FD09 		227 B
548 B 		Script
General
Check archive.org
Download Go to
Full URL
https://cpm.ezmob.com/tag?zone_id=107011&size=300x250&subid=&j=pu%3Dwww.markocpm.com%26if%3D1%26rn%3D63948135
Requested by
Host: cpm-ad.com
URL: https://cpm-ad.com/serve/show.php?a=5280&b=728x90
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
77.245.57.72 , United States, ASN36057 (WEBAIR-INTERNET-MTL, US),
Reverse DNS
Software
nginx /
Resource Hash
77002ccb8d9892a1281799c1de65d0f380feaf1b7ee9739e8d748cebbb8a4db8

Request headers

Referer
https://cpm-ad.com/serve/show.php?a=5280&b=728x90
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Pragma
no-cache
Date
Wed, 17 Feb 2021 10:01:12 GMT
Server
nginx
Age
0
P3P
policyref="/w3c/p3p.xml", CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
Cache-Control
no-store
Connection
close
Content-Type
application/javascript; charset=utf-8
Content-Length
227
20190619160645_47000.jpg
gloimg.gbtcdn.com/soa/gb/pdm-product-pic/Electronic/2019/06/19/source-img/ Frame 0EA9 		30 KB
30 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://gloimg.gbtcdn.com/soa/gb/pdm-product-pic/Electronic/2019/06/19/source-img/20190619160645_47000.jpg
Requested by
Host: mfk-network.com
URL: https://mfk-network.com/ads/l4.php
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
23.79.135.60 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-79-135-60.deploy.static.akamaitechnologies.com
Software
Akamai Image Manager /
Resource Hash
c88568465d2298ce76148e2e5f3ae4863e2f924b6ebab3f6130608f0901be6cb

Request headers

Referer
https://mfk-network.com/ads/l4.php
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Wed, 17 Feb 2021 10:01:12 GMT
last-modified
Wed, 22 Apr 2020 04:41:16 GMT
server
Akamai Image Manager
content-type
image/webp
cache-control
private, no-transform, max-age=43200
timing-allow-origin
*
content-length
30378
expires
Wed, 17 Feb 2021 22:01:12 GMT
0d905b0f-38dd-42e1-a3d3-a0acc648a797.jpg
imgaz.staticbg.com/images/oaupload/banggood/images/7B/22/ Frame 0EA9 		134 KB
134 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://imgaz.staticbg.com/images/oaupload/banggood/images/7B/22/0d905b0f-38dd-42e1-a3d3-a0acc648a797.jpg
Requested by
Host: mfk-network.com
URL: https://mfk-network.com/ads/l4.php
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2.17.189.76 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a2-17-189-76.deploy.static.akamaitechnologies.com
Software
openresty /
Resource Hash
21f5285f79abb355603d350bf3928977f415210f524a957886d92784e9bf104f

Request headers

Referer
https://mfk-network.com/ads/l4.php
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Wed, 17 Feb 2021 10:01:12 GMT
last-modified
Sat, 21 Dec 2019 07:42:22 GMT
server
openresty
x-amz-request-id
140636fb-fb5b-4017-b1d3-0f156a1ffcaa
x-clv-request-id
140636fb-fb5b-4017-b1d3-0f156a1ffcaa
etag
"44211e50249f9cc9a43565003f85737a"
access-control-allow-methods
GET
content-type
image/jpeg
access-control-allow-origin
*
cache-control
max-age=5885833
x-clv-s3-version
2.5
accept-ranges
bytes
content-length
136953
expires
Mon, 26 Apr 2021 12:58:25 GMT
EN_300_250.png
ae01.alicdn.com/kf/HTB1fopbov9TBuNjy1zb760pepXaT/ Frame 0EA9 		19 KB
19 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ae01.alicdn.com/kf/HTB1fopbov9TBuNjy1zb760pepXaT/EN_300_250.png
Requested by
Host: mfk-network.com
URL: https://mfk-network.com/ads/l4.php
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_256_GCM
Server
104.108.35.126 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a104-108-35-126.deploy.static.akamaitechnologies.com
Software
Akamai Image Manager /
Resource Hash
0f553893c3f87e27252e704ee7e2365fae1d73937a67d70aa6bf75d12a5088e7

Request headers

Referer
https://mfk-network.com/ads/l4.php
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Wed, 17 Feb 2021 10:01:12 GMT
x-check-cacheable
YES
x-serial
789
content-type
image/webp
access-control-allow-origin
*
expires
Wed, 17 Feb 2021 22:01:12 GMT
cache-control
private, no-transform, max-age=43200
last-modified
Thu, 17 Dec 2020 10:35:02 GMT
content-length
19576
timing-allow-origin
*
network_info
PL_WARSAW_9009
from-req-dns-type
NA
server
Akamai Image Manager
served-from
72.247.179.87
20190619160645_47000.jpg
gloimg.gbtcdn.com/soa/gb/pdm-product-pic/Electronic/2019/06/19/source-img/ Frame 4E48 		30 KB
30 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://gloimg.gbtcdn.com/soa/gb/pdm-product-pic/Electronic/2019/06/19/source-img/20190619160645_47000.jpg
Requested by
Host: mfk-network.com
URL: https://mfk-network.com/ads/l4.php
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
23.79.135.60 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-79-135-60.deploy.static.akamaitechnologies.com
Software
Akamai Image Manager /
Resource Hash
c88568465d2298ce76148e2e5f3ae4863e2f924b6ebab3f6130608f0901be6cb

Request headers

Referer
https://mfk-network.com/ads/l4.php
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Wed, 17 Feb 2021 10:01:12 GMT
last-modified
Wed, 22 Apr 2020 04:41:16 GMT
server
Akamai Image Manager
content-type
image/webp
cache-control
private, no-transform, max-age=43200
timing-allow-origin
*
content-length
30378
expires
Wed, 17 Feb 2021 22:01:12 GMT
0d905b0f-38dd-42e1-a3d3-a0acc648a797.jpg
imgaz.staticbg.com/images/oaupload/banggood/images/7B/22/ Frame 4E48 		134 KB
134 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://imgaz.staticbg.com/images/oaupload/banggood/images/7B/22/0d905b0f-38dd-42e1-a3d3-a0acc648a797.jpg
Requested by
Host: mfk-network.com
URL: https://mfk-network.com/ads/l4.php
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2.17.189.76 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a2-17-189-76.deploy.static.akamaitechnologies.com
Software
openresty /
Resource Hash
21f5285f79abb355603d350bf3928977f415210f524a957886d92784e9bf104f

Request headers

Referer
https://mfk-network.com/ads/l4.php
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Wed, 17 Feb 2021 10:01:12 GMT
last-modified
Sat, 21 Dec 2019 07:42:22 GMT
server
openresty
x-amz-request-id
140636fb-fb5b-4017-b1d3-0f156a1ffcaa
x-clv-request-id
140636fb-fb5b-4017-b1d3-0f156a1ffcaa
etag
"44211e50249f9cc9a43565003f85737a"
access-control-allow-methods
GET
content-type
image/jpeg
access-control-allow-origin
*
cache-control
max-age=5885833
x-clv-s3-version
2.5
accept-ranges
bytes
content-length
136953
expires
Mon, 26 Apr 2021 12:58:25 GMT
EN_300_250.png
ae01.alicdn.com/kf/HTB1fopbov9TBuNjy1zb760pepXaT/ Frame 4E48 		19 KB
19 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ae01.alicdn.com/kf/HTB1fopbov9TBuNjy1zb760pepXaT/EN_300_250.png
Requested by
Host: mfk-network.com
URL: https://mfk-network.com/ads/l4.php
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_256_GCM
Server
104.108.35.126 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a104-108-35-126.deploy.static.akamaitechnologies.com
Software
Akamai Image Manager /
Resource Hash
0f553893c3f87e27252e704ee7e2365fae1d73937a67d70aa6bf75d12a5088e7

Request headers

Referer
https://mfk-network.com/ads/l4.php
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Wed, 17 Feb 2021 10:01:12 GMT
x-check-cacheable
YES
x-serial
789
content-type
image/webp
access-control-allow-origin
*
expires
Wed, 17 Feb 2021 22:01:12 GMT
cache-control
private, no-transform, max-age=43200
last-modified
Thu, 17 Dec 2020 10:35:02 GMT
content-length
19576
timing-allow-origin
*
network_info
PL_WARSAW_9009
from-req-dns-type
NA
server
Akamai Image Manager
served-from
72.247.179.87
300x250-low-google.gif
beluga-cdn.ams3.digitaloceanspaces.com/EZmobBanners/ Frame 55F3 		148 KB
148 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://beluga-cdn.ams3.digitaloceanspaces.com/EZmobBanners/300x250-low-google.gif
Requested by
Host: cpm-ad.com
URL: https://cpm-ad.com/serve/show.php?a=5280&b=300x250
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
5.101.110.225 , United States, ASN14061 (DIGITALOCEAN-ASN, US),
Reverse DNS
Software
/
Resource Hash
df46f8ed158243072f47dac6013063067f2da1133d9c3fac3e66b157c8866e73
Security Headers
Name Value
Strict-Transport-Security max-age=15552000; includeSubDomains; preload

Request headers

Referer
https://cpm-ad.com/serve/show.php?a=5280&b=300x250
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date
Wed, 17 Feb 2021 10:01:12 GMT
Last-Modified
Tue, 21 Jul 2020 07:20:07 GMT
x-amz-request-id
tx0000000000000d7b4c56d-00602ce968-695c3ae-ams3b
ETag
"67ee2a072908098e72a709b65b5ddef6"
Vary
Origin, Access-Control-Request-Headers, Access-Control-Request-Method
Content-Type
image/gif
x-rgw-object-type
Normal
Strict-Transport-Security
max-age=15552000; includeSubDomains; preload
Accept-Ranges
bytes
Content-Length
151177
tag
cpm.ezmob.com/ Frame 55F3 		227 B
548 B 		Script
General
Check archive.org
Download Go to
Full URL
https://cpm.ezmob.com/tag?zone_id=111227&size=300x250&subid=&j=pu%3Dwww.markocpm.com%26if%3D1%26rn%3D5686485
Requested by
Host: cpm-ad.com
URL: https://cpm-ad.com/serve/show.php?a=5280&b=300x250
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
77.245.57.72 , United States, ASN36057 (WEBAIR-INTERNET-MTL, US),
Reverse DNS
Software
nginx /
Resource Hash
6290be4469214fdb80f64684e62e554ebeb8c4c16a526405d7741ff1b4c4bf3e

Request headers

Referer
https://cpm-ad.com/serve/show.php?a=5280&b=300x250
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Pragma
no-cache
Date
Wed, 17 Feb 2021 10:01:12 GMT
Server
nginx
Age
0
P3P
policyref="/w3c/p3p.xml", CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
Cache-Control
no-store
Connection
close
Content-Type
application/javascript; charset=utf-8
Content-Length
227
300x250-low-google.gif
beluga-cdn.ams3.digitaloceanspaces.com/EZmobBanners/ Frame D33C 		148 KB
148 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://beluga-cdn.ams3.digitaloceanspaces.com/EZmobBanners/300x250-low-google.gif
Requested by
Host: cpm.ezmob.com
URL: https://cpm.ezmob.com/tag?zone_id=107011&size=300x250&subid=&j=pu%3Dwww.markocpm.com%26if%3D1%26rn%3D63305239
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
5.101.110.225 , United States, ASN14061 (DIGITALOCEAN-ASN, US),
Reverse DNS
Software
/
Resource Hash
df46f8ed158243072f47dac6013063067f2da1133d9c3fac3e66b157c8866e73
Security Headers
Name Value
Strict-Transport-Security max-age=15552000; includeSubDomains; preload

Request headers

Referer
https://cpm-ad.com/serve/show.php?a=5280&b=160x600
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date
Wed, 17 Feb 2021 10:01:12 GMT
Last-Modified
Tue, 21 Jul 2020 07:20:07 GMT
x-amz-request-id
tx000000000000063600ccd-00602ce968-90880e1-ams3b
ETag
"67ee2a072908098e72a709b65b5ddef6"
Vary
Origin, Access-Control-Request-Headers, Access-Control-Request-Method
Content-Type
image/gif
x-rgw-object-type
Normal
Strict-Transport-Security
max-age=15552000; includeSubDomains; preload
Accept-Ranges
bytes
Content-Length
151177
tag
cpm.ezmob.com/ Frame D33C 		227 B
548 B 		Script
General
Check archive.org
Download Go to
Full URL
https://cpm.ezmob.com/tag?zone_id=111227&size=300x250&subid=&j=pu%3Dwww.markocpm.com%26if%3D1%26rn%3D56370362
Requested by
Host: cpm-ad.com
URL: https://cpm-ad.com/serve/show.php?a=5280&b=160x600
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
77.245.57.72 , United States, ASN36057 (WEBAIR-INTERNET-MTL, US),
Reverse DNS
Software
nginx /
Resource Hash
6290be4469214fdb80f64684e62e554ebeb8c4c16a526405d7741ff1b4c4bf3e

Request headers

Referer
https://cpm-ad.com/serve/show.php?a=5280&b=160x600
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Pragma
no-cache
Date
Wed, 17 Feb 2021 10:01:12 GMT
Server
nginx
Age
0
P3P
policyref="/w3c/p3p.xml", CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
Cache-Control
no-store
Connection
close
Content-Type
application/javascript; charset=utf-8
Content-Length
227
300x250-low-google.gif
beluga-cdn.ams3.digitaloceanspaces.com/EZmobBanners/ Frame FD09 		148 KB
148 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://beluga-cdn.ams3.digitaloceanspaces.com/EZmobBanners/300x250-low-google.gif
Requested by
Host: cpm.ezmob.com
URL: https://cpm.ezmob.com/tag?zone_id=107011&size=300x250&subid=&j=pu%3Dwww.markocpm.com%26if%3D1%26rn%3D63948135
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
5.101.110.225 , United States, ASN14061 (DIGITALOCEAN-ASN, US),
Reverse DNS
Software
/
Resource Hash
df46f8ed158243072f47dac6013063067f2da1133d9c3fac3e66b157c8866e73
Security Headers
Name Value
Strict-Transport-Security max-age=15552000; includeSubDomains; preload

Request headers

Referer
https://cpm-ad.com/serve/show.php?a=5280&b=728x90
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date
Wed, 17 Feb 2021 10:01:12 GMT
Last-Modified
Tue, 21 Jul 2020 07:20:07 GMT
x-amz-request-id
tx000000000000063600cda-00602ce968-90880e1-ams3b
ETag
"67ee2a072908098e72a709b65b5ddef6"
Vary
Origin, Access-Control-Request-Headers, Access-Control-Request-Method
Content-Type
image/gif
x-rgw-object-type
Normal
Strict-Transport-Security
max-age=15552000; includeSubDomains; preload
Accept-Ranges
bytes
Content-Length
151177
tag
cpm.ezmob.com/ Frame FD09 		227 B
548 B 		Script
General
Check archive.org
Download Go to
Full URL
https://cpm.ezmob.com/tag?zone_id=111227&size=300x250&subid=&j=pu%3Dwww.markocpm.com%26if%3D1%26rn%3D1981957
Requested by
Host: cpm-ad.com
URL: https://cpm-ad.com/serve/show.php?a=5280&b=728x90
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
77.245.57.72 , United States, ASN36057 (WEBAIR-INTERNET-MTL, US),
Reverse DNS
Software
nginx /
Resource Hash
6290be4469214fdb80f64684e62e554ebeb8c4c16a526405d7741ff1b4c4bf3e

Request headers

Referer
https://cpm-ad.com/serve/show.php?a=5280&b=728x90
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Pragma
no-cache
Date
Wed, 17 Feb 2021 10:01:12 GMT
Server
nginx
Age
0
P3P
policyref="/w3c/p3p.xml", CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
Cache-Control
no-store
Connection
close
Content-Type
application/javascript; charset=utf-8
Content-Length
227
300x250-low-google.gif
beluga-cdn.ams3.digitaloceanspaces.com/EZmobBanners/ Frame D33C 		148 KB
148 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://beluga-cdn.ams3.digitaloceanspaces.com/EZmobBanners/300x250-low-google.gif
Requested by
Host: cpm.ezmob.com
URL: https://cpm.ezmob.com/tag?zone_id=111227&size=300x250&subid=&j=pu%3Dwww.markocpm.com%26if%3D1%26rn%3D56370362
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
5.101.110.225 , United States, ASN14061 (DIGITALOCEAN-ASN, US),
Reverse DNS
Software
/
Resource Hash
df46f8ed158243072f47dac6013063067f2da1133d9c3fac3e66b157c8866e73
Security Headers
Name Value
Strict-Transport-Security max-age=15552000; includeSubDomains; preload

Request headers

Referer
https://cpm-ad.com/serve/show.php?a=5280&b=160x600
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date
Wed, 17 Feb 2021 10:01:12 GMT
Last-Modified
Tue, 21 Jul 2020 07:20:07 GMT
x-amz-request-id
tx000000000000063600d31-00602ce968-90880e1-ams3b
ETag
"67ee2a072908098e72a709b65b5ddef6"
Vary
Origin, Access-Control-Request-Headers, Access-Control-Request-Method
Content-Type
image/gif
x-rgw-object-type
Normal
Strict-Transport-Security
max-age=15552000; includeSubDomains; preload
Accept-Ranges
bytes
Content-Length
151177
/
g.cash-ads.com/ Frame 5924 		496 B
636 B 		Document
General
Check archive.org
Download Go to
Full URL
https://g.cash-ads.com/?nc=mH8WKnsxnt42xI2AWjf6sLcu4Fpd0Up%2BgtRR2ffrFPE%3D
Requested by
Host: g.cash-ads.com
URL: https://g.cash-ads.com/banner/?code=uQbNWNfhVACn9VGoEjv03tVCfHSbzWOV4TVGekvszr4%3D
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
147.135.220.104 , France, ASN16276 (OVH, FR),
Reverse DNS
ns3074226.ip-147-135-220.eu
Software
nginx /
Resource Hash
0dfed2d3cf91157999ef1684985a9c6908f28ed0745f643f8b01a51084035e9b
Security Headers
Name Value
Strict-Transport-Security max-age=15768000; includeSubDomains
X-Xss-Protection 1; mode=block

Request headers

:method
GET
:authority
g.cash-ads.com
:scheme
https
:path
/?nc=mH8WKnsxnt42xI2AWjf6sLcu4Fpd0Up%2BgtRR2ffrFPE%3D
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://cpm-ad.com/serve/show.php?a=5280&b=160x600
accept-encoding
gzip, deflate, br
accept-language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Referer
https://cpm-ad.com/serve/show.php?a=5280&b=160x600

Response headers

server
nginx
date
Wed, 17 Feb 2021 10:01:12 GMT
content-type
text/html; charset=UTF-8
strict-transport-security
max-age=15768000; includeSubDomains
x-xss-protection
1; mode=block
analytics.js
www.google-analytics.com/ Frame D33C 		46 KB
19 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.google-analytics.com/analytics.js
Requested by
Host: cpm-ad.com
URL: https://cpm-ad.com/serve/show.php?a=5280&b=160x600
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:827::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
0f3be44690ae9914ae3e47b7752e1bdea316f09938e9094f99e0de19ccd8987a
Security Headers
Name Value
Strict-Transport-Security max-age=10886400; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://cpm-ad.com/serve/show.php?a=5280&b=160x600
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

strict-transport-security
max-age=10886400; includeSubDomains; preload
content-encoding
gzip
x-content-type-options
nosniff
last-modified
Fri, 05 Feb 2021 21:33:27 GMT
server
Golfe2
age
4436
date
Wed, 17 Feb 2021 08:47:16 GMT
vary
Accept-Encoding
content-type
text/javascript
cache-control
public, max-age=7200
cross-origin-resource-policy
cross-origin
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
18980
expires
Wed, 17 Feb 2021 10:47:16 GMT
300x250-low-google.gif
beluga-cdn.ams3.digitaloceanspaces.com/EZmobBanners/ Frame 55F3 		148 KB
148 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://beluga-cdn.ams3.digitaloceanspaces.com/EZmobBanners/300x250-low-google.gif
Requested by
Host: cpm.ezmob.com
URL: https://cpm.ezmob.com/tag?zone_id=111227&size=300x250&subid=&j=pu%3Dwww.markocpm.com%26if%3D1%26rn%3D5686485
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
5.101.110.225 , United States, ASN14061 (DIGITALOCEAN-ASN, US),
Reverse DNS
Software
/
Resource Hash
df46f8ed158243072f47dac6013063067f2da1133d9c3fac3e66b157c8866e73
Security Headers
Name Value
Strict-Transport-Security max-age=15552000; includeSubDomains; preload

Request headers

Referer
https://cpm-ad.com/serve/show.php?a=5280&b=300x250
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date
Wed, 17 Feb 2021 10:01:12 GMT
Last-Modified
Tue, 21 Jul 2020 07:20:07 GMT
x-amz-request-id
tx0000000000000d7b4c5e0-00602ce968-695c3ae-ams3b
ETag
"67ee2a072908098e72a709b65b5ddef6"
Vary
Origin, Access-Control-Request-Headers, Access-Control-Request-Method
Content-Type
image/gif
x-rgw-object-type
Normal
Strict-Transport-Security
max-age=15552000; includeSubDomains; preload
Accept-Ranges
bytes
Content-Length
151177
/
g.cash-ads.com/ Frame F9E1 		496 B
636 B 		Document
General
Check archive.org
Download Go to
Full URL
https://g.cash-ads.com/?nc=mH8WKnsxnt42xI2AWjf6sLcu4Fpd0Up%2BgtRR2ffrFPE%3D
Requested by
Host: g.cash-ads.com
URL: https://g.cash-ads.com/banner/?code=uQbNWNfhVACn9VGoEjv03tVCfHSbzWOV4TVGekvszr4%3D
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
147.135.220.104 , France, ASN16276 (OVH, FR),
Reverse DNS
ns3074226.ip-147-135-220.eu
Software
nginx /
Resource Hash
0dfed2d3cf91157999ef1684985a9c6908f28ed0745f643f8b01a51084035e9b
Security Headers
Name Value
Strict-Transport-Security max-age=15768000; includeSubDomains
X-Xss-Protection 1; mode=block

Request headers

:method
GET
:authority
g.cash-ads.com
:scheme
https
:path
/?nc=mH8WKnsxnt42xI2AWjf6sLcu4Fpd0Up%2BgtRR2ffrFPE%3D
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://cpm-ad.com/serve/show.php?a=5280&b=300x250
accept-encoding
gzip, deflate, br
accept-language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Referer
https://cpm-ad.com/serve/show.php?a=5280&b=300x250

Response headers

server
nginx
date
Wed, 17 Feb 2021 10:01:12 GMT
content-type
text/html; charset=UTF-8
strict-transport-security
max-age=15768000; includeSubDomains
x-xss-protection
1; mode=block
analytics.js
www.google-analytics.com/ Frame 55F3 		46 KB
19 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.google-analytics.com/analytics.js
Requested by
Host: cpm-ad.com
URL: https://cpm-ad.com/serve/show.php?a=5280&b=300x250
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:827::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
0f3be44690ae9914ae3e47b7752e1bdea316f09938e9094f99e0de19ccd8987a
Security Headers
Name Value
Strict-Transport-Security max-age=10886400; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://cpm-ad.com/serve/show.php?a=5280&b=300x250
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

strict-transport-security
max-age=10886400; includeSubDomains; preload
content-encoding
gzip
x-content-type-options
nosniff
last-modified
Fri, 05 Feb 2021 21:33:27 GMT
server
Golfe2
age
4436
date
Wed, 17 Feb 2021 08:47:16 GMT
vary
Accept-Encoding
content-type
text/javascript
cache-control
public, max-age=7200
cross-origin-resource-policy
cross-origin
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
18980
expires
Wed, 17 Feb 2021 10:47:16 GMT
300x250-low-google.gif
beluga-cdn.ams3.digitaloceanspaces.com/EZmobBanners/ Frame FD09 		148 KB
148 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://beluga-cdn.ams3.digitaloceanspaces.com/EZmobBanners/300x250-low-google.gif
Requested by
Host: cpm.ezmob.com
URL: https://cpm.ezmob.com/tag?zone_id=111227&size=300x250&subid=&j=pu%3Dwww.markocpm.com%26if%3D1%26rn%3D1981957
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
5.101.110.225 , United States, ASN14061 (DIGITALOCEAN-ASN, US),
Reverse DNS
Software
/
Resource Hash
df46f8ed158243072f47dac6013063067f2da1133d9c3fac3e66b157c8866e73
Security Headers
Name Value
Strict-Transport-Security max-age=15552000; includeSubDomains; preload

Request headers

Referer
https://cpm-ad.com/serve/show.php?a=5280&b=728x90
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date
Wed, 17 Feb 2021 10:01:12 GMT
Last-Modified
Tue, 21 Jul 2020 07:20:07 GMT
x-amz-request-id
tx000000000000063600d3a-00602ce968-90880e1-ams3b
ETag
"67ee2a072908098e72a709b65b5ddef6"
Vary
Origin, Access-Control-Request-Headers, Access-Control-Request-Method
Content-Type
image/gif
x-rgw-object-type
Normal
Strict-Transport-Security
max-age=15552000; includeSubDomains; preload
Accept-Ranges
bytes
Content-Length
151177
/
g.cash-ads.com/ Frame 3FF8 		496 B
636 B 		Document
General
Check archive.org
Download Go to
Full URL
https://g.cash-ads.com/?nc=mH8WKnsxnt42xI2AWjf6sLcu4Fpd0Up%2BgtRR2ffrFPE%3D
Requested by
Host: g.cash-ads.com
URL: https://g.cash-ads.com/banner/?code=uQbNWNfhVACn9VGoEjv03tVCfHSbzWOV4TVGekvszr4%3D
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
147.135.220.104 , France, ASN16276 (OVH, FR),
Reverse DNS
ns3074226.ip-147-135-220.eu
Software
nginx /
Resource Hash
0dfed2d3cf91157999ef1684985a9c6908f28ed0745f643f8b01a51084035e9b
Security Headers
Name Value
Strict-Transport-Security max-age=15768000; includeSubDomains
X-Xss-Protection 1; mode=block

Request headers

:method
GET
:authority
g.cash-ads.com
:scheme
https
:path
/?nc=mH8WKnsxnt42xI2AWjf6sLcu4Fpd0Up%2BgtRR2ffrFPE%3D
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://cpm-ad.com/serve/show.php?a=5280&b=728x90
accept-encoding
gzip, deflate, br
accept-language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Referer
https://cpm-ad.com/serve/show.php?a=5280&b=728x90

Response headers

server
nginx
date
Wed, 17 Feb 2021 10:01:12 GMT
content-type
text/html; charset=UTF-8
strict-transport-security
max-age=15768000; includeSubDomains
x-xss-protection
1; mode=block
analytics.js
www.google-analytics.com/ Frame FD09 		46 KB
19 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.google-analytics.com/analytics.js
Requested by
Host: cpm-ad.com
URL: https://cpm-ad.com/serve/show.php?a=5280&b=728x90
Protocol
H3-Q050
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:827::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
0f3be44690ae9914ae3e47b7752e1bdea316f09938e9094f99e0de19ccd8987a
Security Headers
Name Value
Strict-Transport-Security max-age=10886400; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://cpm-ad.com/serve/show.php?a=5280&b=728x90
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

strict-transport-security
max-age=10886400; includeSubDomains; preload
content-encoding
gzip
x-content-type-options
nosniff
last-modified
Fri, 05 Feb 2021 21:33:27 GMT
server
Golfe2
age
4436
date
Wed, 17 Feb 2021 08:47:16 GMT
vary
Accept-Encoding
content-type
text/javascript
cache-control
public, max-age=7200
cross-origin-resource-policy
cross-origin
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
18980
expires
Wed, 17 Feb 2021 10:47:16 GMT
lds.gif
g.cash-ads.com/img/ Frame 5924 		5 KB
5 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://g.cash-ads.com/img/lds.gif
Requested by
Host: g.cash-ads.com
URL: https://g.cash-ads.com/?nc=mH8WKnsxnt42xI2AWjf6sLcu4Fpd0Up%2BgtRR2ffrFPE%3D
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
147.135.220.104 , France, ASN16276 (OVH, FR),
Reverse DNS
ns3074226.ip-147-135-220.eu
Software
nginx /
Resource Hash
5d8b123d692b5e61bc24ee0ec2134ed95bd2f5e9baa788180bee718fc00da8c4

Request headers

Referer
https://g.cash-ads.com/?nc=mH8WKnsxnt42xI2AWjf6sLcu4Fpd0Up%2BgtRR2ffrFPE%3D
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Wed, 17 Feb 2021 10:01:12 GMT
last-modified
Thu, 21 Jan 2021 21:02:57 GMT
server
nginx
etag
"6009ec01-14bf"
content-type
image/gif
cache-control
max-age=2592000, public
accept-ranges
bytes
content-length
5311
expires
Fri, 19 Mar 2021 10:01:12 GMT
lds.gif
g.cash-ads.com/img/ Frame F9E1 		5 KB
5 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://g.cash-ads.com/img/lds.gif
Requested by
Host: g.cash-ads.com
URL: https://g.cash-ads.com/?nc=mH8WKnsxnt42xI2AWjf6sLcu4Fpd0Up%2BgtRR2ffrFPE%3D
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
147.135.220.104 , France, ASN16276 (OVH, FR),
Reverse DNS
ns3074226.ip-147-135-220.eu
Software
nginx /
Resource Hash
5d8b123d692b5e61bc24ee0ec2134ed95bd2f5e9baa788180bee718fc00da8c4

Request headers

Referer
https://g.cash-ads.com/?nc=mH8WKnsxnt42xI2AWjf6sLcu4Fpd0Up%2BgtRR2ffrFPE%3D
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Wed, 17 Feb 2021 10:01:12 GMT
last-modified
Thu, 21 Jan 2021 21:02:57 GMT
server
nginx
etag
"6009ec01-14bf"
content-type
image/gif
cache-control
max-age=2592000, public
accept-ranges
bytes
content-length
5311
expires
Fri, 19 Mar 2021 10:01:12 GMT
lds.gif
g.cash-ads.com/img/ Frame 3FF8 		5 KB
5 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://g.cash-ads.com/img/lds.gif
Requested by
Host: g.cash-ads.com
URL: https://g.cash-ads.com/?nc=mH8WKnsxnt42xI2AWjf6sLcu4Fpd0Up%2BgtRR2ffrFPE%3D
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
147.135.220.104 , France, ASN16276 (OVH, FR),
Reverse DNS
ns3074226.ip-147-135-220.eu
Software
nginx /
Resource Hash
5d8b123d692b5e61bc24ee0ec2134ed95bd2f5e9baa788180bee718fc00da8c4

Request headers

Referer
https://g.cash-ads.com/?nc=mH8WKnsxnt42xI2AWjf6sLcu4Fpd0Up%2BgtRR2ffrFPE%3D
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Wed, 17 Feb 2021 10:01:12 GMT
last-modified
Thu, 21 Jan 2021 21:02:57 GMT
server
nginx
etag
"6009ec01-14bf"
content-type
image/gif
cache-control
max-age=2592000, public
accept-ranges
bytes
content-length
5311
expires
Fri, 19 Mar 2021 10:01:12 GMT
/
g.cash-ads.com/ Frame 5924 		2 KB
2 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://g.cash-ads.com/?nc=vU48kmEPce8V8hkzz3hkbHI1XJmCroLFEYf%2FzA9X0aU%3D
Requested by
Host: cpm-ad.com
URL: https://cpm-ad.com/serve/show.php?a=5280&b=160x600
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
147.135.220.104 , France, ASN16276 (OVH, FR),
Reverse DNS
ns3074226.ip-147-135-220.eu
Software
nginx /
Resource Hash
b2424a1f43d60f2a9404610f0502d005ad16e834bd0134bd5641cc15f055be4a
Security Headers
Name Value
Strict-Transport-Security max-age=15768000; includeSubDomains
X-Xss-Protection 1; mode=block

Request headers

:method
GET
:authority
g.cash-ads.com
:scheme
https
:path
/?nc=vU48kmEPce8V8hkzz3hkbHI1XJmCroLFEYf%2FzA9X0aU%3D
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
same-origin
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://g.cash-ads.com/?nc=mH8WKnsxnt42xI2AWjf6sLcu4Fpd0Up%2BgtRR2ffrFPE%3D
accept-encoding
gzip, deflate, br
accept-language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Referer
https://g.cash-ads.com/?nc=mH8WKnsxnt42xI2AWjf6sLcu4Fpd0Up%2BgtRR2ffrFPE%3D

Response headers

server
nginx
date
Wed, 17 Feb 2021 10:01:12 GMT
content-type
text/html; charset=UTF-8
strict-transport-security
max-age=15768000; includeSubDomains
x-xss-protection
1; mode=block
/
g.cash-ads.com/ Frame F9E1 		1 KB
1 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://g.cash-ads.com/?nc=vU48kmEPce8V8hkzz3hkbHI1XJmCroLFEYf%2FzA9X0aU%3D
Requested by
Host: cpm-ad.com
URL: https://cpm-ad.com/serve/show.php?a=5280&b=300x250
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
147.135.220.104 , France, ASN16276 (OVH, FR),
Reverse DNS
ns3074226.ip-147-135-220.eu
Software
nginx /
Resource Hash
69c6cc6f8f5e1038b16fabbe135c84a1a642a344255063ed9271ed56e8503caf
Security Headers
Name Value
Strict-Transport-Security max-age=15768000; includeSubDomains
X-Xss-Protection 1; mode=block

Request headers

:method
GET
:authority
g.cash-ads.com
:scheme
https
:path
/?nc=vU48kmEPce8V8hkzz3hkbHI1XJmCroLFEYf%2FzA9X0aU%3D
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
same-origin
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://g.cash-ads.com/?nc=mH8WKnsxnt42xI2AWjf6sLcu4Fpd0Up%2BgtRR2ffrFPE%3D
accept-encoding
gzip, deflate, br
accept-language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Referer
https://g.cash-ads.com/?nc=mH8WKnsxnt42xI2AWjf6sLcu4Fpd0Up%2BgtRR2ffrFPE%3D

Response headers

server
nginx
date
Wed, 17 Feb 2021 10:01:12 GMT
content-type
text/html; charset=UTF-8
strict-transport-security
max-age=15768000; includeSubDomains
x-xss-protection
1; mode=block
/
g.cash-ads.com/ Frame 3FF8 		1 KB
1 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://g.cash-ads.com/?nc=vU48kmEPce8V8hkzz3hkbHI1XJmCroLFEYf%2FzA9X0aU%3D
Requested by
Host: cpm-ad.com
URL: https://cpm-ad.com/serve/show.php?a=5280&b=728x90
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
147.135.220.104 , France, ASN16276 (OVH, FR),
Reverse DNS
ns3074226.ip-147-135-220.eu
Software
nginx /
Resource Hash
69c6cc6f8f5e1038b16fabbe135c84a1a642a344255063ed9271ed56e8503caf
Security Headers
Name Value
Strict-Transport-Security max-age=15768000; includeSubDomains
X-Xss-Protection 1; mode=block

Request headers

:method
GET
:authority
g.cash-ads.com
:scheme
https
:path
/?nc=vU48kmEPce8V8hkzz3hkbHI1XJmCroLFEYf%2FzA9X0aU%3D
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
same-origin
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://g.cash-ads.com/?nc=mH8WKnsxnt42xI2AWjf6sLcu4Fpd0Up%2BgtRR2ffrFPE%3D
accept-encoding
gzip, deflate, br
accept-language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Referer
https://g.cash-ads.com/?nc=mH8WKnsxnt42xI2AWjf6sLcu4Fpd0Up%2BgtRR2ffrFPE%3D

Response headers

server
nginx
date
Wed, 17 Feb 2021 10:01:12 GMT
content-type
text/html; charset=UTF-8
strict-transport-security
max-age=15768000; includeSubDomains
x-xss-protection
1; mode=block
92e98bdb7e6032e9b428c31336cc98ac.gif
g.cash-ads.com/assets/ Frame 5924 		17 KB
17 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://g.cash-ads.com/assets/92e98bdb7e6032e9b428c31336cc98ac.gif
Requested by
Host: g.cash-ads.com
URL: https://g.cash-ads.com/?nc=vU48kmEPce8V8hkzz3hkbHI1XJmCroLFEYf%2FzA9X0aU%3D
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
147.135.220.104 , France, ASN16276 (OVH, FR),
Reverse DNS
ns3074226.ip-147-135-220.eu
Software
nginx /
Resource Hash
61ad5aca3dedc2e152488d0f423f1394a484e36b21f0e9d743f4a038638a5952

Request headers

Referer
https://g.cash-ads.com/?nc=vU48kmEPce8V8hkzz3hkbHI1XJmCroLFEYf%2FzA9X0aU%3D
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Wed, 17 Feb 2021 10:01:12 GMT
last-modified
Sat, 10 Oct 2020 02:11:20 GMT
server
nginx
etag
"5f811848-43c8"
content-type
image/gif
cache-control
max-age=2592000, public
accept-ranges
bytes
content-length
17352
expires
Fri, 19 Mar 2021 10:01:12 GMT
bovl1.gif
g.cash-ads.com/img/ Frame 5924 		1 KB
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://g.cash-ads.com/img/bovl1.gif
Requested by
Host: g.cash-ads.com
URL: https://g.cash-ads.com/?nc=vU48kmEPce8V8hkzz3hkbHI1XJmCroLFEYf%2FzA9X0aU%3D
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
147.135.220.104 , France, ASN16276 (OVH, FR),
Reverse DNS
ns3074226.ip-147-135-220.eu
Software
nginx /
Resource Hash
6a311efa0bbd120ad039d952829eda4134bf7820e69c1fa7c881d0c04397dbd3

Request headers

Referer
https://g.cash-ads.com/?nc=vU48kmEPce8V8hkzz3hkbHI1XJmCroLFEYf%2FzA9X0aU%3D
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Wed, 17 Feb 2021 10:01:12 GMT
last-modified
Fri, 11 Sep 2020 22:15:28 GMT
server
nginx
etag
"5f5bf700-41f"
content-type
image/gif
cache-control
max-age=2592000, public
accept-ranges
bytes
content-length
1055
expires
Fri, 19 Mar 2021 10:01:12 GMT
jquery.min.js
g.cash-ads.com/int/ Frame 5924 		84 KB
84 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://g.cash-ads.com/int/jquery.min.js
Requested by
Host: g.cash-ads.com
URL: https://g.cash-ads.com/?nc=vU48kmEPce8V8hkzz3hkbHI1XJmCroLFEYf%2FzA9X0aU%3D
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
147.135.220.104 , France, ASN16276 (OVH, FR),
Reverse DNS
ns3074226.ip-147-135-220.eu
Software
nginx /
Resource Hash
7bf1676189cf3eafe5008e1f905c101bf78776253edf18030d43505cac297947

Request headers

Referer
https://g.cash-ads.com/?nc=vU48kmEPce8V8hkzz3hkbHI1XJmCroLFEYf%2FzA9X0aU%3D
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Wed, 17 Feb 2021 10:01:12 GMT
last-modified
Tue, 03 Nov 2020 05:45:55 GMT
server
nginx
etag
"5fa0ee93-14e08"
content-type
application/javascript
cache-control
max-age=2592000, public
accept-ranges
bytes
content-length
85512
expires
Fri, 19 Mar 2021 10:01:12 GMT
redirect
xml.ezmob.com/ Frame 2E78 		0
0
bovl1.gif
g.cash-ads.com/img/ Frame F9E1 		1 KB
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://g.cash-ads.com/img/bovl1.gif
Requested by
Host: g.cash-ads.com
URL: https://g.cash-ads.com/?nc=vU48kmEPce8V8hkzz3hkbHI1XJmCroLFEYf%2FzA9X0aU%3D
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
147.135.220.104 , France, ASN16276 (OVH, FR),
Reverse DNS
ns3074226.ip-147-135-220.eu
Software
nginx /
Resource Hash
6a311efa0bbd120ad039d952829eda4134bf7820e69c1fa7c881d0c04397dbd3

Request headers

Referer
https://g.cash-ads.com/?nc=vU48kmEPce8V8hkzz3hkbHI1XJmCroLFEYf%2FzA9X0aU%3D
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Wed, 17 Feb 2021 10:01:13 GMT
last-modified
Fri, 11 Sep 2020 22:15:28 GMT
server
nginx
etag
"5f5bf700-41f"
content-type
image/gif
cache-control
max-age=2592000, public
accept-ranges
bytes
content-length
1055
expires
Fri, 19 Mar 2021 10:01:13 GMT
jquery.min.js
g.cash-ads.com/int/ Frame F9E1 		84 KB
84 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://g.cash-ads.com/int/jquery.min.js
Requested by
Host: g.cash-ads.com
URL: https://g.cash-ads.com/?nc=vU48kmEPce8V8hkzz3hkbHI1XJmCroLFEYf%2FzA9X0aU%3D
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
147.135.220.104 , France, ASN16276 (OVH, FR),
Reverse DNS
ns3074226.ip-147-135-220.eu
Software
nginx /
Resource Hash
7bf1676189cf3eafe5008e1f905c101bf78776253edf18030d43505cac297947

Request headers

Referer
https://g.cash-ads.com/?nc=vU48kmEPce8V8hkzz3hkbHI1XJmCroLFEYf%2FzA9X0aU%3D
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Wed, 17 Feb 2021 10:01:13 GMT
last-modified
Tue, 03 Nov 2020 05:45:55 GMT
server
nginx
etag
"5fa0ee93-14e08"
content-type
application/javascript
cache-control
max-age=2592000, public
accept-ranges
bytes
content-length
85512
expires
Fri, 19 Mar 2021 10:01:13 GMT
redirect
xml.ezmob.com/ Frame 596B 		0
0
bovl1.gif
g.cash-ads.com/img/ Frame 3FF8 		1 KB
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://g.cash-ads.com/img/bovl1.gif
Requested by
Host: g.cash-ads.com
URL: https://g.cash-ads.com/?nc=vU48kmEPce8V8hkzz3hkbHI1XJmCroLFEYf%2FzA9X0aU%3D
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
147.135.220.104 , France, ASN16276 (OVH, FR),
Reverse DNS
ns3074226.ip-147-135-220.eu
Software
nginx /
Resource Hash
6a311efa0bbd120ad039d952829eda4134bf7820e69c1fa7c881d0c04397dbd3

Request headers

Referer
https://g.cash-ads.com/?nc=vU48kmEPce8V8hkzz3hkbHI1XJmCroLFEYf%2FzA9X0aU%3D
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Wed, 17 Feb 2021 10:01:13 GMT
last-modified
Fri, 11 Sep 2020 22:15:28 GMT
server
nginx
etag
"5f5bf700-41f"
content-type
image/gif
cache-control
max-age=2592000, public
accept-ranges
bytes
content-length
1055
expires
Fri, 19 Mar 2021 10:01:13 GMT
jquery.min.js
g.cash-ads.com/int/ Frame 3FF8 		84 KB
84 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://g.cash-ads.com/int/jquery.min.js
Requested by
Host: g.cash-ads.com
URL: https://g.cash-ads.com/?nc=vU48kmEPce8V8hkzz3hkbHI1XJmCroLFEYf%2FzA9X0aU%3D
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
147.135.220.104 , France, ASN16276 (OVH, FR),
Reverse DNS
ns3074226.ip-147-135-220.eu
Software
nginx /
Resource Hash
7bf1676189cf3eafe5008e1f905c101bf78776253edf18030d43505cac297947

Request headers

Referer
https://g.cash-ads.com/?nc=vU48kmEPce8V8hkzz3hkbHI1XJmCroLFEYf%2FzA9X0aU%3D
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Wed, 17 Feb 2021 10:01:13 GMT
last-modified
Tue, 03 Nov 2020 05:45:55 GMT
server
nginx
etag
"5fa0ee93-14e08"
content-type
application/javascript
cache-control
max-age=2592000, public
accept-ranges
bytes
content-length
85512
expires
Fri, 19 Mar 2021 10:01:13 GMT
redirect
xml.ezmob.com/ Frame 3732 		0
0

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain
xml.ezmob.com
URL
https://xml.ezmob.com/redirect?feed=253063&auth=a9eBhf&url=https://g.cash-ads.com&subid=
Domain
xml.ezmob.com
URL
https://xml.ezmob.com/redirect?feed=253063&auth=a9eBhf&url=https://g.cash-ads.com&subid=
Domain
xml.ezmob.com
URL
https://xml.ezmob.com/redirect?feed=253063&auth=a9eBhf&url=https://g.cash-ads.com&subid=

Verdicts & Comments Add Verdict or Comment

8 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| 0 object| 1 object| 2 object| ontransitionrun object| ontransitionstart object| ontransitioncancel object| trustedTypes boolean| crossOriginIsolated

2 Cookies

Domain/Path Name / Value
.cpm-ad.com/ Name: __cf_bm
Value: 5074b74ea0188dbe27d77484ae206e117e94fc76-1613556071-1800-AbW84qJiB5bn1cqKFGrRPBFkZvnv4JSVFC1Wg0hycfDwiWfuXm9RehUkt19RMSy4CnPKi+rjsVdhuDOKfN0RUBk=
www.markocpm.com/ Name: PHPSESSID
Value: a9278b1c9f27488b0b06d66661f34872

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

ae01.alicdn.com
beluga-cdn.ams3.digitaloceanspaces.com
cpm-ad.com
cpm.ezmob.com
g.cash-ads.com
gloimg.gbtcdn.com
imgaz.staticbg.com
mfk-network.com
www.google-analytics.com
www.markocpm.com
www.performanceonclick.com
xml.ezmob.com
xml.ezmob.com
104.108.35.126
147.135.220.104
178.211.40.147
2.17.189.76
23.79.135.60
2606:4700:3031::ac43:89c2
2a00:1450:4001:827::200e
35.227.196.138
45.93.125.49
5.101.110.225
77.245.57.72
024dcaaad8ab182855ef0ca9025531889d3e24ebc5ed8884856a15719b1b75dd
025b225c1c8410c345211ea9a0d9ed0621c4a6d1b627d311288202f4febd96a6
0dfed2d3cf91157999ef1684985a9c6908f28ed0745f643f8b01a51084035e9b
0f3be44690ae9914ae3e47b7752e1bdea316f09938e9094f99e0de19ccd8987a
0f553893c3f87e27252e704ee7e2365fae1d73937a67d70aa6bf75d12a5088e7
17c234114df8b98c37ed3ec8d908738d330d695192d0a1eaba0a120d7c672ab0
18c34455c3049d6048e2f70b1ef9aee246dcec5d6fc956a3f451ce21a7c5803c
21f5285f79abb355603d350bf3928977f415210f524a957886d92784e9bf104f
3975af415c72b5dd5e9936a39cd946b25185695176ce216b2565b72d75be1922
5d8b123d692b5e61bc24ee0ec2134ed95bd2f5e9baa788180bee718fc00da8c4
61ad5aca3dedc2e152488d0f423f1394a484e36b21f0e9d743f4a038638a5952
6290be4469214fdb80f64684e62e554ebeb8c4c16a526405d7741ff1b4c4bf3e
69c6cc6f8f5e1038b16fabbe135c84a1a642a344255063ed9271ed56e8503caf
6a311efa0bbd120ad039d952829eda4134bf7820e69c1fa7c881d0c04397dbd3
6a842ea462daca2a0b5a0f5f25bcfc8e0059ac811ca6c6a1bc54e4d9119621c3
6d5ca831cd5e2f0dbbdc18556ee2645cadc9fd8f29361b0a96c2dd7f027c5173
7409472555206c4d0068343a417426686fcf23973ea3f53c5a4f1d94cb9b5bd6
77002ccb8d9892a1281799c1de65d0f380feaf1b7ee9739e8d748cebbb8a4db8
7b5e7bd997612dd555cc3276194fd0f0be307ed3a2ca9fc2e35031d245e91256
7bf1676189cf3eafe5008e1f905c101bf78776253edf18030d43505cac297947
7d00b0ef54bbf7d26b0429d7ceb8e49e475741cc1e482fbee352dcc2d8836997
b2424a1f43d60f2a9404610f0502d005ad16e834bd0134bd5641cc15f055be4a
be664eea90bd3d32be50087c02cf64034f256dbc95d928fbd98f57bbca726280
bf4da1a870c853656ba97415dec0994f4f19d2eb6651cba90acf6c3c0adbf298
c88568465d2298ce76148e2e5f3ae4863e2f924b6ebab3f6130608f0901be6cb
d27d57dd4748d26c4e2e6c06a8cf9f9d1b58f11db141524835ac638c56bc95cf
d38c972319042d32ce9e4ad9903c47c07ed14595312d2953c52a4de41cf7c3e0
df46f8ed158243072f47dac6013063067f2da1133d9c3fac3e66b157c8866e73