offers.karamba.com Open in urlscan Pro
52.149.109.211 Public Scan

Go To Rescan
Add Verdict Report

Submitted URL:
http://sky.arietut.com/mkt?v=lui12aOTGjZrazxHrtAblomKxJrXkEOrdqDXv1wcX0v/izY7jnxA81hsofCdGNBjM4uqCP6WQt5mQ5ESNJY4GBrv+6...
Effective URL:
https://offers.karamba.com/DE/WOF/?afi=24724&ar=Streamail&mmi=69810&par=0cb59Rbgioqnerw8HLqi5oreTrMJ3b3&gclid={gclid}&popun...
Submission: On November 09 via api (November 9th 2019, 7:33:59 pm UTC) from BE

Summary HTTP 63 Redirects Links 3 Behaviour Indicators

Summary

This website contacted 19 IPs in 9 countries across 19 domains to perform 63 HTTP transactions. The main IP is 52.149.109.211, located in Amsterdam, Netherlands and belongs to MICROSOFT-CORP-MSN-AS-BLOCK - Microsoft Corporation, US. The main domain is offers.karamba.com.
TLS certificate: Issued by COMODO RSA Domain Validation Secure S... on November 7th 2017. Valid for: 3 years.

This is the only time offers.karamba.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
1 1	217.116.16.235 217.116.16.235	16371 (ACENS_AS ...) (ACENS_AS (Spain) Hosting)
1 2	217.116.16.234 217.116.16.234	16371 (ACENS_AS ...) (ACENS_AS (Spain) Hosting)
2	52.211.107.45 52.211.107.45	16509 (AMAZON-02) (AMAZON-02 - Amazon.com)
1 31	52.149.109.211 52.149.109.211	8075 (MICROSOFT...) (MICROSOFT-CORP-MSN-AS-BLOCK - Microsoft Corporation)
1	2a00:1450:400... 2a00:1450:4001:815::200a	15169 (GOOGLE) (GOOGLE - Google LLC)
1	93.184.221.168 93.184.221.168	15133 (EDGECAST) (EDGECAST - MCI Communications Services)
1	35.190.71.1 35.190.71.1	15169 (GOOGLE) (GOOGLE - Google LLC)
1	2a00:1450:400... 2a00:1450:4001:806::2008	15169 (GOOGLE) (GOOGLE - Google LLC)
7	130.211.115.4 130.211.115.4	15169 (GOOGLE) (GOOGLE - Google LLC)
1 1	52.156.199.171 52.156.199.171	8075 (MICROSOFT...) (MICROSOFT-CORP-MSN-AS-BLOCK - Microsoft Corporation)
1	95.129.34.40 95.129.34.40	20521 (ASN-BELLNET) (ASN-BELLNET)
4	2a00:1450:400... 2a00:1450:4001:808::200e	15169 (GOOGLE) (GOOGLE - Google LLC)
1	178.250.2.130 178.250.2.130	44788 (ASN-CRITE...) (ASN-CRITEO-EUROPE)
3	2a03:2880:f01... 2a03:2880:f01c:8012:face:b00c:0:3	32934 (FACEBOOK) (FACEBOOK - Facebook)
2	188.42.160.59 188.42.160.59	35415 (WEBZILLA) (WEBZILLA)
1	13.225.78.19 13.225.78.19	16509 (AMAZON-02) (AMAZON-02 - Amazon.com)
1 1	2a00:1450:400... 2a00:1450:400c:c00::9d	15169 (GOOGLE) (GOOGLE - Google LLC)
1 1	2a00:1450:400... 2a00:1450:4001:800::2004	15169 (GOOGLE) (GOOGLE - Google LLC)
1	2a00:1450:400... 2a00:1450:4001:825::2003	15169 (GOOGLE) (GOOGLE - Google LLC)
1	178.250.2.151 178.250.2.151	44788 (ASN-CRITE...) (ASN-CRITEO-EUROPE)
1 4	2a03:2880:f11... 2a03:2880:f11c:8183:face:b00c:0:25de	32934 (FACEBOOK) (FACEBOOK - Facebook)
1	2a03:2880:f01... 2a03:2880:f01c:8004:face:b00c:0:8c	32934 (FACEBOOK) (FACEBOOK - Facebook)
63	19

1 217.116.16.235 (Spain) 1 redirects

ASN16371 (ACENS_AS (Spain) Hosting, housing and VPN services, ES)
PTR: 217-116-16-235.redes.acens.net

sky.arietut.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 217.116.16.234 (Spain) 1 redirects

ASN16371 (ACENS_AS (Spain) Hosting, housing and VPN services, ES)
PTR: 217-116-16-234.redes.acens.net

lot.neatpowr.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 52.211.107.45 (Dublin, Ireland)

ASN16509 (AMAZON-02 - Amazon.com, Inc., US)
PTR: ec2-52-211-107-45.eu-west-1.compute.amazonaws.com

traffic.focuusing.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

31 52.149.109.211 (Amsterdam, Netherlands) 1 redirects

ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK - Microsoft Corporation, US)

offers.karamba.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
www.karamba.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:815::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE - Google LLC, US)

ajax.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 93.184.221.168 (London, United Kingdom)

ASN15133 (EDGECAST - MCI Communications Services, Inc. d/b/a Verizon Business, US)

download.gamesrv1.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 35.190.71.1 (Mountain View, United States)

ASN15169 (GOOGLE - Google LLC, US)
PTR: 1.71.190.35.bc.googleusercontent.com

js.ad-score.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:806::2008 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE - Google LLC, US)

www.googletagmanager.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

7 130.211.115.4 (Mountain View, United States)

ASN15169 (GOOGLE - Google LLC, US)
PTR: 4.115.211.130.bc.googleusercontent.com

data.ad-score.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 52.156.199.171 (Dublin, Ireland) 1 redirects

ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK - Microsoft Corporation, US)

karamba.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 95.129.34.40 (Israel)

ASN20521 (ASN-BELLNET, MT)

info.karamba.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2a00:1450:4001:808::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE - Google LLC, US)

www.google-analytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 178.250.2.130 (France)

ASN44788 (ASN-CRITEO-EUROPE, FR)

static.criteo.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a03:2880:f01c:8012:face:b00c:0:3 (Ireland)

ASN32934 (FACEBOOK - Facebook, Inc., US)

connect.facebook.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 188.42.160.59 (Amsterdam, Netherlands)

ASN35415 (WEBZILLA, NL)

my.rtmark.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 13.225.78.19 (Seattle, United States)

ASN16509 (AMAZON-02 - Amazon.com, Inc., US)
PTR: server-13-225-78-19.fra2.r.cloudfront.net

61676801.adoric-om.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:400c:c00::9d (Brussels, Belgium) 1 redirects

ASN15169 (GOOGLE - Google LLC, US)

stats.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:800::2004 (Frankfurt am Main, Germany) 1 redirects

ASN15169 (GOOGLE - Google LLC, US)

www.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:825::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE - Google LLC, US)

www.google.de	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 178.250.2.151 (France)

ASN44788 (ASN-CRITEO-EUROPE, FR)

sslwidget.criteo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2a03:2880:f11c:8183:face:b00c:0:25de (Ireland) 1 redirects

ASN32934 (FACEBOOK - Facebook, Inc., US)

www.facebook.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a03:2880:f01c:8004:face:b00c:0:8c (Ireland)

ASN32934 (FACEBOOK - Facebook, Inc., US)

cx.atdmt.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
33	karamba.com 2 redirects offers.karamba.com karamba.com www.karamba.com info.karamba.com	579 KB
8	ad-score.com js.ad-score.com data.ad-score.com	96 KB
4	facebook.com 1 redirects www.facebook.com	805 B
4	google-analytics.com www.google-analytics.com	39 KB
3	facebook.net connect.facebook.net	176 KB
2	rtmark.net my.rtmark.net	2 KB
2	focuusing.com traffic.focuusing.com	2 KB
2	neatpowr.com 1 redirects lot.neatpowr.com	795 B
1	atdmt.com cx.atdmt.com	406 B
1	criteo.com sslwidget.criteo.com	1 KB
1	google.de www.google.de	109 B
1	google.com 1 redirects www.google.com	188 B
1	doubleclick.net 1 redirects stats.g.doubleclick.net	161 B
1	adoric-om.com 61676801.adoric-om.com	31 KB
1	criteo.net static.criteo.net	10 KB
1	googletagmanager.com www.googletagmanager.com	26 KB
1	gamesrv1.com download.gamesrv1.com	32 KB
1	googleapis.com ajax.googleapis.com	32 KB
1	arietut.com 1 redirects sky.arietut.com	580 B
63	19

	Domain	Requested by
30	offers.karamba.com	traffic.focuusing.com offers.karamba.com
7	data.ad-score.com	js.ad-score.com offers.karamba.com
4	www.facebook.com	1 redirects offers.karamba.com
4	www.google-analytics.com	www.googletagmanager.com www.google-analytics.com offers.karamba.com
3	connect.facebook.net	lot.neatpowr.com connect.facebook.net
2	my.rtmark.net	www.googletagmanager.com offers.karamba.com
2	traffic.focuusing.com	traffic.focuusing.com
2	lot.neatpowr.com	1 redirects
1	cx.atdmt.com	offers.karamba.com
1	sslwidget.criteo.com	static.criteo.net
1	www.google.de	offers.karamba.com
1	www.google.com	1 redirects
1	stats.g.doubleclick.net	1 redirects
1	61676801.adoric-om.com	lot.neatpowr.com
1	static.criteo.net	www.googletagmanager.com
1	info.karamba.com	offers.karamba.com
1	www.karamba.com	1 redirects
1	karamba.com	1 redirects
1	www.googletagmanager.com	offers.karamba.com
1	js.ad-score.com	offers.karamba.com
1	download.gamesrv1.com	offers.karamba.com
1	ajax.googleapis.com	offers.karamba.com
1	sky.arietut.com	1 redirects
63	23

This site contains links to these domains. Also see Links.

Domain
info.karamba.com
secure.gamblingcommission.gov.uk
de.karamba.com

Subject Issuer	Validity	Valid
*.karamba.com COMODO RSA Domain Validation Secure Server CA	`2017-11-07` - `2020-11-06`	3 years	crt.sh
*.googleapis.com GTS CA 1O1	`2019-10-16` - `2020-01-08`	3 months	crt.sh
s3.wpc.edgecastcdn.net DigiCert SHA2 Secure Server CA	`2018-12-03` - `2020-07-28`	2 years	crt.sh
*.ad-score.com Go Daddy Secure Certificate Authority - G2	`2019-09-02` - `2020-11-01`	a year	crt.sh
*.google-analytics.com GTS CA 1O1	`2019-10-16` - `2020-01-08`	3 months	crt.sh
*.criteo.net DigiCert ECC Secure Server CA	`2019-03-26` - `2020-03-30`	a year	crt.sh
*.facebook.com DigiCert SHA2 High Assurance Server CA	`2019-09-22` - `2019-12-20`	3 months	crt.sh
my.rtmark.net Let's Encrypt Authority X3	`2019-09-24` - `2019-12-23`	3 months	crt.sh
adoric.com Amazon	`2019-04-17` - `2020-05-17`	a year	crt.sh
www.google.de GTS CA 1O1	`2019-10-16` - `2020-01-08`	3 months	crt.sh
*.criteo.com DigiCert ECC Secure Server CA	`2019-03-28` - `2020-04-01`	a year	crt.sh
*.atlassolutions.com DigiCert SHA2 High Assurance Server CA	`2019-10-28` - `2020-01-26`	3 months	crt.sh

This page contains 3 frames:

Primary Page: https://offers.karamba.com/DE/WOF/?afi=24724&ar=Streamail&mmi=69810&par=0cb59Rbgioqnerw8HLqi5oreTrMJ3b3&gclid={gclid}&popunder={popunder}
Frame ID: 7B5D988274BD41D0C15F7437C6B6C62C
Requests: 37 HTTP requests in this frame

Frame: https://offers.karamba.com/DE/WOF/web/
Frame ID: BB90FB6EB496AD7181259D9A2333A6AE
Requests: 27 HTTP requests in this frame

Frame: https://info.karamba.com/visit.aspx?afi=24724&ar=Streamail&mmi=69810&par=0cb59Rbgioqnerw8HLqi5oreTrMJ3b3&gclid=%7Bgclid%7D&popunder=%7Bpopunder%7D&lng=eng&LPR=FairyTale_HTML5
Frame ID: BEDAD4C0379C1C3282AC215A8C5AAD74
Requests: 1 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page URL History Show full URLs

http://traffic.focuusing.com/router?code=WTYW1YO&traffic_source=297881&afi=24724&ar=Streamail Page URL
http://traffic.focuusing.com/process?afi=24724&ar=Streamail&campaign=671539&destination=1424391&tid=0cb59... Page URL
https://offers.karamba.com/DE/WOF/?afi=24724&ar=Streamail&mmi=69810&par=0cb59Rbgioqnerw8HLqi5oreTrMJ3b3... Page URL

Detected technologies

Windows Server (Operating Systems) Expand

Overall confidence: 100%
Detected patterns

headers server /^(?:Microsoft-)?IIS(?:\/([\d.]+))?/i

IIS (Web Servers) Expand

Overall confidence: 100%
Detected patterns

headers server /^(?:Microsoft-)?IIS(?:\/([\d.]+))?/i

Criteo (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

script /\/\/static.criteo.net\/js\/ld\/ld.js/i

Facebook (Widgets) Expand

Overall confidence: 100%
Detected patterns

script /\/\/connect\.facebook\.net\/[^\/]*\/[a-z]*\.js/i

Google Analytics (Analytics) Expand

Overall confidence: 100%
Detected patterns

script /google-analytics\.com\/(?:ga|urchin|analytics)\.js/i

Google Tag Manager (Tag Managers) Expand

Overall confidence: 100%
Detected patterns

html /googletagmanager\.com\/ns\.html[^>]+><\/iframe>/i
html //i

jQuery (JavaScript Libraries) Expand

Overall confidence: 100%
Detected patterns

script /\/([\d.]+)\/jquery(?:\.min)?\.js/i
script /jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?/i

Page Statistics

63
Requests

94 %
HTTPS

41 %
IPv6

19
Domains

23
Subdomains

19
IPs

9
Countries

1023 kB
Transfer

2364 kB
Size

37
Cookies

3 Outgoing links

These are links going to different origins than the main page.

URL: https://info.karamba.com/BonusPolicy.aspx?lng=GER&popup=1
Title: hier

Search URL Search Domain Scan URL

URL: https://secure.gamblingcommission.gov.uk/gccustomweb/PublicRegister/PRSearch.aspx?ExternalAccountId=39483
Title: Hier

Search URL Search Domain Scan URL

URL: http://de.karamba.com/spielsuchtpravention
Title: Glücksspiel kann süchtig machen, bitte spielen Sie verantwortungsbewußt

Search URL Search Domain Scan URL

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

http://traffic.focuusing.com/router?code=WTYW1YO&traffic_source=297881&afi=24724&ar=Streamail Page URL
http://traffic.focuusing.com/process?afi=24724&ar=Streamail&campaign=671539&destination=1424391&tid=0cb59Rbgioqnerw8HLqi5oreTrMJ3b3&traffic_source=297881&crfn=t10cb59Rbgioqnerw8HLqi5oreTrMJ3b3 Page URL
https://offers.karamba.com/DE/WOF/?afi=24724&ar=Streamail&mmi=69810&par=0cb59Rbgioqnerw8HLqi5oreTrMJ3b3&gclid={gclid}&popunder={popunder} Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 0

http://sky.arietut.com/mkt?v=lui12aOTGjZrazxHrtAblomKxJrXkEOrdqDXv1wcX0v/izY7jnxA81hsofCdGNBjM4uqCP6WQt5mQ5ESNJY4GBrv+6zT/RHsVG2ptLuILndvIa3b6FuoVg1/yRol85L/mxWVbNECbXW/HECk4OyGkTxQ8xNzbbr+SRXmcV3eNtqJJ2qXrCVX5fu/LL9nTYkJkT1MqM9d2+S5E2qoHxiMToS7hHQLv1wilUYy7pJXy9KXCsWD/n2FQ5MWj3A8HG8vVF0+WSMHgPJCYtkqwbjkItL+sinO3YNU8VFkkqxQif/3039vI0U3fOuIchea8neyQw0M6fAl/owQW1h7HBVAtWVAp8b70y/r8/HiRkn5xKyM5Ia2aPfHpqouNMhTUFtEgq8FagPAr8bmKC8eL4yLe8REE1caUVKoP5rsGEm48TnC4IwPzUF/4C6fM+FAT9Di4q+rdDDoHc+3qhpgibSBEyMwpU8I0Cg5yuZxoCy2o8+G9EuH/gSRDlYiaQAos9c1M8Judim41SI8+DNWhhPrYM3rgi4ETTv2VnqK8k/tAnVwSrko11ks0JqQBtTGzZO/Fo5gwZia/lh5h1SxixsmP8bD4PoS5Rb2V33Ha6HuELwsgBw0=dg63d5gfd56&hid=7 HTTP 302
http://lot.neatpowr.com/aff_c?offer_id=5295&aff_id=1284&file_id=9300&url_id=16800&idpers=5295&idcal=559526&aff_sub=2019-11-07&aff_sub2=e4a13f79-1d6a-48c8-aeed-5628c05ff8cb&aff_sub3=MT_E151_S21@Hotmail@Finlandia@sky.arietut.com@29005-20191107@HOTMAIL.COM&dominiop=sky.arietut.com&perm=2019-11-07&sub_id6=2019-11-07&ips=MT_E151_S21&sub_id8=e4a13f79-1d6a-48c8-aeed-5628c05ff8cb&dom=hotmail.com&sub_id7=HOTMAIL.COM&idh=29005 HTTP 302
http://lot.neatpowr.com/rd?urlrd=http%3a%2f%2ftraffic.focuusing.com%2frouter%3fcode%3dWTYW1YO%26traffic_source%3d297881%26afi%3d24724%26ar%3dStreamail

Request Chain 11

https://karamba.com/visit.aspx?afi=24724&ar=Streamail&mmi=69810&par=0cb59Rbgioqnerw8HLqi5oreTrMJ3b3&gclid=%7Bgclid%7D&popunder=%7Bpopunder%7D&lng=eng&LPR=FairyTale_HTML5 HTTP 301
https://www.karamba.com/visit.aspx?afi=24724&ar=Streamail&mmi=69810&par=0cb59Rbgioqnerw8HLqi5oreTrMJ3b3&gclid=%7Bgclid%7D&popunder=%7Bpopunder%7D&lng=eng&LPR=FairyTale_HTML5 HTTP 301
https://info.karamba.com/visit.aspx?afi=24724&ar=Streamail&mmi=69810&par=0cb59Rbgioqnerw8HLqi5oreTrMJ3b3&gclid=%7Bgclid%7D&popunder=%7Bpopunder%7D&lng=eng&LPR=FairyTale_HTML5

Request Chain 26

https://stats.g.doubleclick.net/r/collect?t=dc&aip=1&_r=3&v=1&_v=j79&tid=UA-85966793-1&cid=850967668.1573328023&jid=1128525899&gjid=1204193561&_gid=1691157007.1573328023&_u=YGBAgAADQAAAg~&z=1375371690 HTTP 302
https://www.google.com/ads/ga-audiences?v=1&aip=1&t=sr&_r=4&tid=UA-85966793-1&cid=850967668.1573328023&jid=1128525899&_v=j79&z=1375371690 HTTP 302
https://www.google.de/ads/ga-audiences?v=1&aip=1&t=sr&_r=4&tid=UA-85966793-1&cid=850967668.1573328023&jid=1128525899&_v=j79&z=1375371690&slf_rd=1&random=1797412972

Request Chain 32

https://www.facebook.com/tr/?id=983591508385850&ev=PageView&dl=https%3A%2F%2Foffers.karamba.com%2FDE%2FWOF%2F%3Fafi%3D24724%26ar%3DStreamail%26mmi%3D69810%26par%3D0cb59Rbgioqnerw8HLqi5oreTrMJ3b3%26gclid%3D%7Bgclid%7D%26popunder%3D%7Bpopunder%7D&rl=http%3A%2F%2Ftraffic.focuusing.com%2Fprocess%3Fafi%3D24724%26ar%3DStreamail%26campaign%3D671539%26destination%3D1424391%26tid%3D0cb59Rbgioqnerw8HLqi5oreTrMJ3b3%26traffic_source%3D297881%26crfn%3Dt10cb59Rbgioqnerw8HLqi5oreTrMJ3b3&if=false&ts=1573328022645&sw=1600&sh=1200&v=2.9.11&r=stable&ec=0&o=30&fbp=fb.1.1573328022624.1884413696&it=1573328022595&coo=false&rqm=GET HTTP 302
https://cx.atdmt.com/?c=18249025625158391759&f=AYw1fWcYt0Ownukuqw539c-Co4BW4l0nBWEUdHZywe4AngiMSEMJtxaZ8Rpl_1icv96UR9Ou1ffnMIawO4UNoZJL&id=983591508385850&l=3&v=0

63 HTTP transactions
2 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H/1.1

200
OK

rd
lot.neatpowr.com/
Redirect Chain

http://sky.arietut.com/mkt?v=lui12aOTGjZrazxHrtAblomKxJrXkEOrdqDXv1wcX0v/izY7jnxA81hsofCdGNBjM4uqCP6WQt5mQ5ESNJY4GBrv+6zT/RHsVG2ptLuILndvIa3b6FuoVg1/yRol85L/mxWVbNECbXW/HECk4OyGkTxQ8xNzbbr+SRXmcV3e...
http://lot.neatpowr.com/aff_c?offer_id=5295&aff_id=1284&file_id=9300&url_id=16800&idpers=5295&idcal=559526&aff_sub=2019-11-07&aff_sub2=e4a13f79-1d6a-48c8-aeed-5628c05ff8cb&aff_sub3=MT_E151_S21@Hotm...
http://lot.neatpowr.com/rd?urlrd=http%3a%2f%2ftraffic.focuusing.com%2frouter%3fcode%3dWTYW1YO%26traffic_source%3d297881%26afi%3d24724%26ar%3dStreamail

0
313 B

72ms
39ms

Document
text/html

217.116.16.234
ACENS_AS (Spain) ...

General

Check archive.org

Show headers Download Go to

Full URL: http://lot.neatpowr.com/rd?urlrd=http%3a%2f%2ftraffic.focuusing.com%2frouter%3fcode%3dWTYW1YO%26traffic_source%3d297881%26afi%3d24724%26ar%3dStreamail
Protocol: HTTP/1.1
Server: 217.116.16.234 , Spain, ASN16371 (ACENS_AS (Spain) Hosting, housing and VPN services, ES),
Reverse DNS: 217-116-16-234.redes.acens.net
Software: Microsoft-IIS/8.5 / ASP.NET
Resource Hash

Request headers

Host: lot.neatpowr.com
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/78.0.3904.70 Safari/537.36
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3
Accept-Encoding: gzip, deflate
Cookie: p-data=trid=DFF75371C067FC6412BF42C2FBED57FF&ds=09/11/2019
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/78.0.3904.70 Safari/537.36

Response headers

Cache-Control: private
Content-Type: text/html
Server: Microsoft-IIS/8.5
Refresh: 0;URL=http://traffic.focuusing.com/router?code=WTYW1YO&traffic_source=297881&afi=24724&ar=Streamail
X-AspNet-Version: 4.0.30319
X-Powered-By: ASP.NET
Date: Sat, 09 Nov 2019 19:33:41 GMT
Content-Length: 0

Redirect headers

Cache-Control: private
Content-Type: text/html; charset=utf-8
Location: /rd?urlrd=http%3a%2f%2ftraffic.focuusing.com%2frouter%3fcode%3dWTYW1YO%26traffic_source%3d297881%26afi%3d24724%26ar%3dStreamail
Server: Microsoft-IIS/8.5
X-AspNet-Version: 4.0.30319
Set-Cookie: p-data=trid=DFF75371C067FC6412BF42C2FBED57FF&ds=09/11/2019; expires=Mon, 09-Dec-2019 19:33:41 GMT; path=/
X-Powered-By: ASP.NET
Date: Sat, 09 Nov 2019 19:33:41 GMT
Content-Length: 5739

GET
H/1.1 200
OK Cookie set router Show response
traffic.focuusing.com/ 260 B
1 KB 103ms
43ms Document
text/html 52.211.107.45
Amazon.com

General

Check archive.org

Show headers Download Go to

Full URL: http://traffic.focuusing.com/router?code=WTYW1YO&traffic_source=297881&afi=24724&ar=Streamail
Protocol: HTTP/1.1
Server: 52.211.107.45 Dublin, Ireland, ASN16509 (AMAZON-02 - Amazon.com, Inc., US),
Reverse DNS: ec2-52-211-107-45.eu-west-1.compute.amazonaws.com
Software: Mono-HTTPAPI/1.0 /
Resource Hash: e1f4a164109388d83c80a86549c11abc25ad12fb275da0db08c626dc663144c1

Request headers

Host: traffic.focuusing.com
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/78.0.3904.70 Safari/537.36
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3
Referer: http://lot.neatpowr.com/rd?urlrd=http%3a%2f%2ftraffic.focuusing.com%2frouter%3fcode%3dWTYW1YO%26traffic_source%3d297881%26afi%3d24724%26ar%3dStreamail
Accept-Encoding: gzip, deflate
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/78.0.3904.70 Safari/537.36
Referer: http://lot.neatpowr.com/rd?urlrd=http%3a%2f%2ftraffic.focuusing.com%2frouter%3fcode%3dWTYW1YO%26traffic_source%3d297881%26afi%3d24724%26ar%3dStreamail

Response headers

Cache-Control: no-cache, must-revalidate
Cache-control: no-cache="set-cookie"
Content-Type: text/html; charset=utf-8
Date: Sat, 09 Nov 2019 19:33:42 GMT
Expires: Thu, 11 Nov 1999 11:11:11 GMT
ORIG_REF: http://lot.neatpowr.com/rd?urlrd=http:%2f%2ftraffic.focuusing.com%2frouter%3fcode%3dWTYW1YO%26traffic_source%3d297881%26afi%3d24724%26ar%3dStreamail
Server: Mono-HTTPAPI/1.0
Set-Cookie: CRID=0cb59Rbgioqnerw8HLqi5oreTrMJ3b3;Expires=Wed, 08-Jan-2020 19:33:42; FCRID=Q3VzdG9tZXI=:100709_QWR2ZXJ0aXNlcg==:66232_Q2FtcGFpZ24=:671539;Expires=Wed, 08-Jan-2020 19:33:42; AWSELB=77D91F6D08571353F1686779C47F77A540CBED705DDC8E1AA4BA1142237FEABFA0A40C81A16DB057C4411230F2BB8ADFD0D68DF11CD85A9B3BBEFF2E2D3E1FCB776D71AABC;PATH=/;MAX-AGE=360
Content-Length: 260
Connection: keep-alive

GET
H/1.1 200
OK Cookie set process
traffic.focuusing.com/ 205 B
644 B 32ms
31ms Document
text/html 52.211.107.45
Amazon.com

General

Check archive.org

Show headers Download Go to

Full URL: http://traffic.focuusing.com/process?afi=24724&ar=Streamail&campaign=671539&destination=1424391&tid=0cb59Rbgioqnerw8HLqi5oreTrMJ3b3&traffic_source=297881&crfn=t10cb59Rbgioqnerw8HLqi5oreTrMJ3b3
Requested by: Host: traffic.focuusing.com
URL: http://traffic.focuusing.com/router?code=WTYW1YO&traffic_source=297881&afi=24724&ar=Streamail
Protocol: HTTP/1.1
Server: 52.211.107.45 Dublin, Ireland, ASN16509 (AMAZON-02 - Amazon.com, Inc., US),
Reverse DNS: ec2-52-211-107-45.eu-west-1.compute.amazonaws.com
Software: Mono-HTTPAPI/1.0 /
Resource Hash

Request headers

Host: traffic.focuusing.com
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/78.0.3904.70 Safari/537.36
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3
Referer: http://traffic.focuusing.com/router?code=WTYW1YO&traffic_source=297881&afi=24724&ar=Streamail
Accept-Encoding: gzip, deflate
Cookie: CRID=0cb59Rbgioqnerw8HLqi5oreTrMJ3b3; FCRID=Q3VzdG9tZXI=:100709_QWR2ZXJ0aXNlcg==:66232_Q2FtcGFpZ24=:671539; AWSELB=77D91F6D08571353F1686779C47F77A540CBED705DDC8E1AA4BA1142237FEABFA0A40C81A16DB057C4411230F2BB8ADFD0D68DF11CD85A9B3BBEFF2E2D3E1FCB776D71AABC
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/78.0.3904.70 Safari/537.36
Referer: http://traffic.focuusing.com/router?code=WTYW1YO&traffic_source=297881&afi=24724&ar=Streamail

Response headers

Cache-Control: no-cache, must-revalidate
Content-Type: text/html; charset=utf-8
Date: Sat, 09 Nov 2019 19:33:42 GMT
Expires: Thu, 11 Nov 1999 11:11:11 GMT
ORIG_REF: http://traffic.focuusing.com/router?code=WTYW1YO&traffic_source=297881&afi=24724&ar=Streamail
Server: Mono-HTTPAPI/1.0
Set-Cookie: CRID=0cb59Rbgioqnerw8HLqi5oreTrMJ3b3;Expires=Wed, 08-Jan-2020 19:33:42;
Content-Length: 205
Connection: keep-alive

GET
H/1.1 200
OK Primary Request Cookie set / Show response
offers.karamba.com/DE/WOF/ 6 KB
3 KB 134ms
21ms Document
text/html 52.149.109.211
Microsoft Corpora...

General

Check archive.org

Show headers Download Go to

Full URL

https://offers.karamba.com/DE/WOF/?afi=24724&ar=Streamail&mmi=69810&par=0cb59Rbgioqnerw8HLqi5oreTrMJ3b3&gclid={gclid}&popunder={popunder}

Requested by

Host: traffic.focuusing.com
URL: http://traffic.focuusing.com/process?afi=24724&ar=Streamail&campaign=671539&destination=1424391&tid=0cb59Rbgioqnerw8HLqi5oreTrMJ3b3&traffic_source=297881&crfn=t10cb59Rbgioqnerw8HLqi5oreTrMJ3b3

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

52.149.109.211 Amsterdam, Netherlands, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK - Microsoft Corporation, US),

Reverse DNS

Software

Apache /

Resource Hash

26c463f221350832ee1d416fede04dd1c8b3e31c112e3b859b2ad216e1415bbf

Security Headers

Name	Value
Strict-Transport-Security	max-age=16070400; includeSubDomains

Request headers

Host: offers.karamba.com
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/78.0.3904.70 Safari/537.36
Sec-Fetch-Mode: navigate
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3
Sec-Fetch-Site: cross-site
Referer: http://traffic.focuusing.com/process?afi=24724&ar=Streamail&campaign=671539&destination=1424391&tid=0cb59Rbgioqnerw8HLqi5oreTrMJ3b3&traffic_source=297881&crfn=t10cb59Rbgioqnerw8HLqi5oreTrMJ3b3
Accept-Encoding: gzip, deflate, br
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/78.0.3904.70 Safari/537.36
Sec-Fetch-Mode: navigate
Referer: http://traffic.focuusing.com/process?afi=24724&ar=Streamail&campaign=671539&destination=1424391&tid=0cb59Rbgioqnerw8HLqi5oreTrMJ3b3&traffic_source=297881&crfn=t10cb59Rbgioqnerw8HLqi5oreTrMJ3b3

Response headers

Date: Sat, 09 Nov 2019 19:33:42 GMT
Server: Apache
Set-Cookie: afi=24724; expires=Mon, 09-Dec-2019 19:33:42 GMT; Max-Age=2592000; path=/ ar=Streamail; expires=Mon, 09-Dec-2019 19:33:42 GMT; Max-Age=2592000; path=/ mmi=69810; expires=Mon, 09-Dec-2019 19:33:42 GMT; Max-Age=2592000; path=/ par=0cb59Rbgioqnerw8HLqi5oreTrMJ3b3; expires=Mon, 09-Dec-2019 19:33:42 GMT; Max-Age=2592000; path=/ gclid=%7Bgclid%7D; expires=Mon, 09-Dec-2019 19:33:42 GMT; Max-Age=2592000; path=/ popunder=%7Bpopunder%7D; expires=Mon, 09-Dec-2019 19:33:42 GMT; Max-Age=2592000; path=/
Vary: Accept-Encoding
Content-Encoding: gzip
Content-Length: 2676
Keep-Alive: timeout=5, max=100
Connection: Keep-Alive
Content-Type: text/html; charset=UTF-8
Strict-Transport-Security: max-age=16070400; includeSubDomains

GET
H/1.1 404
Not Found landing.css
offers.karamba.com/DE/WOF/ 0
0 18ms
17ms Stylesheet
text/html 52.149.109.211
Microsoft Corpora...

General

Check archive.org

Show headers Download Go to

Full URL

https://offers.karamba.com/DE/WOF/landing.css

Requested by

Host: offers.karamba.com
URL: https://offers.karamba.com/DE/WOF/?afi=24724&ar=Streamail&mmi=69810&par=0cb59Rbgioqnerw8HLqi5oreTrMJ3b3&gclid={gclid}&popunder={popunder}

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

52.149.109.211 Amsterdam, Netherlands, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK - Microsoft Corporation, US),

Reverse DNS

Software

Apache /

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=16070400; includeSubDomains

Request headers

Sec-Fetch-Mode: no-cors
Referer: https://offers.karamba.com/DE/WOF/?afi=24724&ar=Streamail&mmi=69810&par=0cb59Rbgioqnerw8HLqi5oreTrMJ3b3&gclid={gclid}&popunder={popunder}
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/78.0.3904.70 Safari/537.36

Response headers

Date: Sat, 09 Nov 2019 19:33:42 GMT
Server: Apache
Connection: Keep-Alive
Keep-Alive: timeout=5, max=99
Content-Length: 1130
Strict-Transport-Security: max-age=16070400; includeSubDomains
Content-Type: text/html; charset=UTF-8

GET
H2 200 jquery.min.js Show response
ajax.googleapis.com/ajax/libs/jquery/1.9.1/ 90 KB
32 KB 9ms
6ms Script
text/javascript 2a00:1450:4001:815::200a
Google LLC

General

Check archive.org

Show headers Download Go to

Full URL

https://ajax.googleapis.com/ajax/libs/jquery/1.9.1/jquery.min.js

Requested by

Host: offers.karamba.com
URL: https://offers.karamba.com/DE/WOF/?afi=24724&ar=Streamail&mmi=69810&par=0cb59Rbgioqnerw8HLqi5oreTrMJ3b3&gclid={gclid}&popunder={popunder}

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:815::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE - Google LLC, US),

Reverse DNS

Software

sffe /

Resource Hash

c12f6098e641aaca96c60215800f18f5671039aecf812217fab3c0d152f6adb4

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Sec-Fetch-Mode: no-cors
Referer: https://offers.karamba.com/DE/WOF/?afi=24724&ar=Streamail&mmi=69810&par=0cb59Rbgioqnerw8HLqi5oreTrMJ3b3&gclid={gclid}&popunder={popunder}
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/78.0.3904.70 Safari/537.36

Response headers

date: Fri, 01 Nov 2019 14:26:35 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 709627
status: 200
alt-svc: quic=":443"; ma=2592000; v="46,43",h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length: 33018
x-xss-protection: 0
last-modified: Tue, 20 Dec 2016 18:17:03 GMT
server: sffe
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=31536000, stale-while-revalidate=2592000
accept-ranges: bytes
timing-allow-origin: *
expires: Sat, 31 Oct 2020 14:26:35 GMT

GET
H/1.1 200
OK style.css
offers.karamba.com/DE/WOF/ 766 B
775 B 34ms
16ms Stylesheet
text/css 52.149.109.211
Microsoft Corpora...

General

Check archive.org

Show headers Download Go to

Full URL

https://offers.karamba.com/DE/WOF/style.css

Requested by

Host: offers.karamba.com
URL: https://offers.karamba.com/DE/WOF/?afi=24724&ar=Streamail&mmi=69810&par=0cb59Rbgioqnerw8HLqi5oreTrMJ3b3&gclid={gclid}&popunder={popunder}

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

52.149.109.211 Amsterdam, Netherlands, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK - Microsoft Corporation, US),

Reverse DNS

Software

Apache /

Resource Hash

4d20b9777d27466f6c68fb3391ffc32a9aebf53fe76ddb7edd0f01ea4e95c8ed

Security Headers

Name	Value
Strict-Transport-Security	max-age=16070400; includeSubDomains

Request headers

Sec-Fetch-Mode: no-cors
Referer: https://offers.karamba.com/DE/WOF/?afi=24724&ar=Streamail&mmi=69810&par=0cb59Rbgioqnerw8HLqi5oreTrMJ3b3&gclid={gclid}&popunder={popunder}
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/78.0.3904.70 Safari/537.36

Response headers

Date: Sat, 09 Nov 2019 19:33:42 GMT
Content-Encoding: gzip
Last-Modified: Thu, 27 Jul 2017 14:46:02 GMT
Server: Apache
ETag: "2fe-5554d9f98fe80-gzip"
Vary: Accept-Encoding
Connection: Keep-Alive
Content-Type: text/css
Cache-Control: max-age=2628000, public
Strict-Transport-Security: max-age=16070400; includeSubDomains
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=98
Content-Length: 352

GET
H2 200 footer_de.png
download.gamesrv1.com/Resources/LandingPages/Footers/dark/ 32 KB
32 KB 81ms
6ms Image
image/png 93.184.221.168
MCI Communication...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://download.gamesrv1.com/Resources/LandingPages/Footers/dark/footer_de.png?=22
Requested by: Host: offers.karamba.com
URL: https://offers.karamba.com/DE/WOF/?afi=24724&ar=Streamail&mmi=69810&par=0cb59Rbgioqnerw8HLqi5oreTrMJ3b3&gclid={gclid}&popunder={popunder}
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 93.184.221.168 London, United Kingdom, ASN15133 (EDGECAST - MCI Communications Services, Inc. d/b/a Verizon Business, US),
Reverse DNS
Software: ECAcc (frc/8F37) / ASP.NET
Resource Hash: 8ab3ae2e593e994f776fdca1ce479700dbae6d4f0b924d6f184b2e9f47fea46e

Request headers

Sec-Fetch-Mode: no-cors
Referer: https://offers.karamba.com/DE/WOF/?afi=24724&ar=Streamail&mmi=69810&par=0cb59Rbgioqnerw8HLqi5oreTrMJ3b3&gclid={gclid}&popunder={popunder}
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/78.0.3904.70 Safari/537.36

Response headers

date: Sat, 09 Nov 2019 19:33:42 GMT
etag: "80ef4d32dd11d41:0"
last-modified: Mon, 02 Jul 2018 08:18:03 GMT
server: ECAcc (frc/8F37)
x-powered-by: ASP.NET
x-cache: HIT
content-type: image/png
status: 200
cache-control: max-age=259200
accept-ranges: bytes
content-length: 32704

GET
H2 200 score.min.js Show response
js.ad-score.com/ 274 KB
94 KB 28ms
8ms Script
application/javascript 35.190.71.1
Google LLC

General

Check archive.org

Show headers Download Go to

Full URL: https://js.ad-score.com/score.min.js?pid=1000211
Requested by: Host: offers.karamba.com
URL: https://offers.karamba.com/DE/WOF/?afi=24724&ar=Streamail&mmi=69810&par=0cb59Rbgioqnerw8HLqi5oreTrMJ3b3&gclid={gclid}&popunder={popunder}
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 35.190.71.1 Mountain View, United States, ASN15169 (GOOGLE - Google LLC, US),
Reverse DNS: 1.71.190.35.bc.googleusercontent.com
Software: /
Resource Hash: 195829cbeb40c3a422f7dc77d3b5dc78264af766cb7ceec05147582342d10fe1

Request headers

Sec-Fetch-Mode: no-cors
Referer: https://offers.karamba.com/DE/WOF/?afi=24724&ar=Streamail&mmi=69810&par=0cb59Rbgioqnerw8HLqi5oreTrMJ3b3&gclid={gclid}&popunder={popunder}
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/78.0.3904.70 Safari/537.36

Response headers

date: Sat, 09 Nov 2019 07:38:03 GMT
content-encoding: gzip
last-modified: Sat, 09 Nov 2019 07:38:03 GMT
age: 42939
status: 200
access-control-allow-methods: GET
content-type: application/javascript
access-control-allow-origin: *
cache-control: public, max-age=86400
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
alt-svc: clear
content-length: 95803
via: 1.1 google
expires: Sun, 10 Nov 2019 07:38:03 GMT

GET
H2 200 gtm.js Show response
www.googletagmanager.com/ 85 KB
26 KB 15ms
14ms Script
application/javascript 2a00:1450:4001:806::2008
Google LLC

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtm.js?id=GTM-5SR6C87

Requested by

Host: offers.karamba.com
URL: https://offers.karamba.com/DE/WOF/?afi=24724&ar=Streamail&mmi=69810&par=0cb59Rbgioqnerw8HLqi5oreTrMJ3b3&gclid={gclid}&popunder={popunder}

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:806::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE - Google LLC, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

6181bd34356de81084d8a88658da6b14412e826df08b8e77a546ca6aefbdc974

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Sec-Fetch-Mode: no-cors
Referer: https://offers.karamba.com/DE/WOF/?afi=24724&ar=Streamail&mmi=69810&par=0cb59Rbgioqnerw8HLqi5oreTrMJ3b3&gclid={gclid}&popunder={popunder}
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/78.0.3904.70 Safari/537.36

Response headers

date: Sat, 09 Nov 2019 19:33:42 GMT
content-encoding: br
last-modified: Sat, 09 Nov 2019 18:00:00 GMT
server: Google Tag Manager
access-control-allow-headers: Cache-Control
status: 200
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: http://www.googletagmanager.com
cache-control: private, max-age=900
access-control-allow-credentials: true
alt-svc: quic=":443"; ma=2592000; v="46,43",h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length: 26643
x-xss-protection: 0
expires: Sat, 09 Nov 2019 19:33:42 GMT

GET
H/1.1 200
OK / Show response
offers.karamba.com/DE/WOF/web/ Frame BB90 5 KB
2 KB 17ms
16ms Document
text/html 52.149.109.211
Microsoft Corpora...

General

Check archive.org

Show headers Download Go to

Full URL

https://offers.karamba.com/DE/WOF/web/

Requested by

Host: offers.karamba.com
URL: https://offers.karamba.com/DE/WOF/?afi=24724&ar=Streamail&mmi=69810&par=0cb59Rbgioqnerw8HLqi5oreTrMJ3b3&gclid={gclid}&popunder={popunder}

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

52.149.109.211 Amsterdam, Netherlands, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK - Microsoft Corporation, US),

Reverse DNS

Software

Apache /

Resource Hash

b80d2b5d47d2675ffb6000e9f66266536e3050e481a61d2a2548b2da0bd32b75

Security Headers

Name	Value
Strict-Transport-Security	max-age=16070400; includeSubDomains

Request headers

Host: offers.karamba.com
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/78.0.3904.70 Safari/537.36
Sec-Fetch-Mode: nested-navigate
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3
Sec-Fetch-Site: same-origin
Referer: https://offers.karamba.com/DE/WOF/?afi=24724&ar=Streamail&mmi=69810&par=0cb59Rbgioqnerw8HLqi5oreTrMJ3b3&gclid={gclid}&popunder={popunder}
Accept-Encoding: gzip, deflate, br
Cookie: afi=24724; ar=Streamail; mmi=69810; par=0cb59Rbgioqnerw8HLqi5oreTrMJ3b3; gclid=%7Bgclid%7D; popunder=%7Bpopunder%7D
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/78.0.3904.70 Safari/537.36
Sec-Fetch-Mode: nested-navigate
Referer: https://offers.karamba.com/DE/WOF/?afi=24724&ar=Streamail&mmi=69810&par=0cb59Rbgioqnerw8HLqi5oreTrMJ3b3&gclid={gclid}&popunder={popunder}

Response headers

Date: Sat, 09 Nov 2019 19:33:42 GMT
Server: Apache
Vary: Accept-Encoding
Content-Encoding: gzip
Content-Length: 1680
Keep-Alive: timeout=5, max=97
Connection: Keep-Alive
Content-Type: text/html; charset=UTF-8
Strict-Transport-Security: max-age=16070400; includeSubDomains

POST
H/1.1 200
OK cors Show response
data.ad-score.com/data/ 42 B
591 B 441ms
110ms XHR
text/plain 130.211.115.4
Google LLC

General

Check archive.org

Show headers Download Go to

Full URL: https://data.ad-score.com/data/cors?pm_st=dtxoZtvfnpansEmeEfLUcwqSLthmBeBp-EU7fOsp5aVbrKDwb2nLOGk3FPA==-E0/GP89vblLqNQ==&pm_ct=1590afb93d08ebd4e4f9e2c9&pm_pl=1573328022449&pm_td=8&pid=1000211&en=1&callback=__pm_glbl_SjOMyiBJcpIZkfnzyz1SWBBE._gc1&tt=g&v=60078d9
Requested by: Host: js.ad-score.com
URL: https://js.ad-score.com/score.min.js?pid=1000211
Protocol: HTTP/1.1
Security: TLS 1.2, RSA, AES_128_GCM
Server: 130.211.115.4 Mountain View, United States, ASN15169 (GOOGLE - Google LLC, US),
Reverse DNS: 4.115.211.130.bc.googleusercontent.com
Software: /
Resource Hash: ef4dcf580edd2544b65910415915345927d3173fd1261b6595c7c8bb043394d8

Request headers

Sec-Fetch-Mode: cors
Referer: https://offers.karamba.com/DE/WOF/?afi=24724&ar=Streamail&mmi=69810&par=0cb59Rbgioqnerw8HLqi5oreTrMJ3b3&gclid={gclid}&popunder={popunder}
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/78.0.3904.70 Safari/537.36
Content-Type: text/plain

Response headers

Pragma: no-cache
Date: Sat, 09 Nov 2019 19:33:42 GMT
Age: 0
Access-Control-Allow-Methods: POST
P3p: CP="CURa ADMa DEVa TAIi PSAi PSDi IVAi IVDi CONi HISa TELi OUR IND DSP CAO COR"
Access-Control-Allow-Origin: https://offers.karamba.com
Cache-Control: post-check=0, pre-check=0, false, proxy-revalidate, no-cache, no-cache=Set-Cookie, no-store, must-revalidate, max-age=0, s-maxage=0
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Type: text/plain; charset=utf-8
Content-Length: 42

GET
H/1.1

200
OK

Cookie set visit.aspx Show response
info.karamba.com/ Frame BEDA
Redirect Chain

https://karamba.com/visit.aspx?afi=24724&ar=Streamail&mmi=69810&par=0cb59Rbgioqnerw8HLqi5oreTrMJ3b3&gclid=%7Bgclid%7D&popunder=%7Bpopunder%7D&lng=eng&LPR=FairyTale_HTML5
https://www.karamba.com/visit.aspx?afi=24724&ar=Streamail&mmi=69810&par=0cb59Rbgioqnerw8HLqi5oreTrMJ3b3&gclid=%7Bgclid%7D&popunder=%7Bpopunder%7D&lng=eng&LPR=FairyTale_HTML5
https://info.karamba.com/visit.aspx?afi=24724&ar=Streamail&mmi=69810&par=0cb59Rbgioqnerw8HLqi5oreTrMJ3b3&gclid=%7Bgclid%7D&popunder=%7Bpopunder%7D&lng=eng&LPR=FairyTale_HTML5

218 B
2 KB

514ms
163ms

Document
text/html

95.129.34.40
ASN-BELLNET

General

Check archive.org

Show headers Download Go to

Full URL

https://info.karamba.com/visit.aspx?afi=24724&ar=Streamail&mmi=69810&par=0cb59Rbgioqnerw8HLqi5oreTrMJ3b3&gclid=%7Bgclid%7D&popunder=%7Bpopunder%7D&lng=eng&LPR=FairyTale_HTML5

Requested by

Host: offers.karamba.com
URL: https://offers.karamba.com/DE/WOF/?afi=24724&ar=Streamail&mmi=69810&par=0cb59Rbgioqnerw8HLqi5oreTrMJ3b3&gclid={gclid}&popunder={popunder}

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

95.129.34.40 , Israel, ASN20521 (ASN-BELLNET, MT),

Reverse DNS

Software

/ ASP.NET

Resource Hash

6f5d4cac8781d9a91ffeb369838d3323ae1bfa89cc0eeff859961becdc93b34f

Security Headers

Name	Value
Strict-Transport-Security	max-age=16070400
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Host: info.karamba.com
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/78.0.3904.70 Safari/537.36
Sec-Fetch-Mode: nested-navigate
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3
Sec-Fetch-Site: same-site
Referer: https://offers.karamba.com/DE/WOF/?afi=24724&ar=Streamail&mmi=69810&par=0cb59Rbgioqnerw8HLqi5oreTrMJ3b3&gclid={gclid}&popunder={popunder}
Accept-Encoding: gzip, deflate, br
Cookie: _gcl_au=1.1.1369254404.1573328023; cto_lwid=24317280-a396-4d74-855b-df526325171e; _fbp=fb.1.1573328022624.1884413696; afi=24724; ar=Streamail; mmi=69810; par=0cb59Rbgioqnerw8HLqi5oreTrMJ3b3; gclid=%7Bgclid%7D; lpr=FairyTale_HTML5; lastvisit=2019-11-09; visits=1; AB=A; l=en; lng=ENG
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/78.0.3904.70 Safari/537.36
Sec-Fetch-Mode: nested-navigate
Referer: https://offers.karamba.com/DE/WOF/?afi=24724&ar=Streamail&mmi=69810&par=0cb59Rbgioqnerw8HLqi5oreTrMJ3b3&gclid={gclid}&popunder={popunder}

Response headers

Cache-Control: private
Content-Type: text/html; charset=utf-8
Content-Encoding: gzip
Vary: Accept-Encoding
Set-Cookie: ASP.NET_SessionId=nmkyptg4amc1mzdqwp1aimi0; path=/; secure; HttpOnly LanguageCode=ENG; domain=info.karamba.com; expires=Wed, 09-Nov-2022 19:33:43 GMT; path=/; secure CSI_27=EncryptedUniqueVisitorID=0B4513D0EBF44A318CFF76C884FF91E4&AffiliateID=24724&MarketingMaterialID=69810&LastUpdate=2019-11-09&AlternateReference=Streamail&PlayerAlternateReference=0cb59Rbgioqnerw8HLqi5oreTrMJ3b3&gclid={gclid}&LandingPageReference=FairyTale_HTML5&GameVerticalID=246; domain=info.karamba.com; expires=Wed, 09-Nov-2039 19:33:43 GMT; path=/; secure GameVerticalID=246; domain=Karamba.com; expires=Sun, 09-Feb-2020 19:33:43 GMT; path=/; secure AffiliateID=24724; domain=Karamba.com; expires=Sun, 09-Feb-2020 19:33:43 GMT; path=/; secure MarketingMaterialID=69810; domain=Karamba.com; expires=Sun, 09-Feb-2020 19:33:43 GMT; path=/; secure PlayerAlternateReference=0cb59Rbgioqnerw8HLqi5oreTrMJ3b3; domain=Karamba.com; expires=Sun, 09-Feb-2020 19:33:43 GMT; path=/; secure AlternateReference=Streamail; domain=Karamba.com; expires=Sun, 09-Feb-2020 19:33:43 GMT; path=/; secure gclid={gclid}; domain=Karamba.com; expires=Sun, 09-Feb-2020 19:33:43 GMT; path=/; secure UniqueVisitorID=0B4513D0EBF44A318CFF76C884FF91E4; domain=Karamba.com; expires=Sun, 09-Feb-2020 19:33:43 GMT; path=/; secure CountryCode=DE; domain=info.karamba.com; expires=Wed, 09-Nov-2022 19:33:43 GMT; path=/; secure RegistrationMode=M; domain=info.karamba.com; expires=Wed, 09-Nov-2022 19:33:43 GMT; path=/; secure BO=; domain=info.karamba.com; expires=Wed, 09-Nov-2022 19:33:43 GMT; path=/; secure CSITemp=27; domain=info.karamba.com; path=/; secure
p3p: CP=\"IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT\"
X-Powered-By: ASP.NET
Date: Sat, 09 Nov 2019 19:33:43 GMT
Content-Length: 299
X-Content-Type-Options: nosniff
X-XSS-Protection: 1; mode=block
Strict-Transport-Security: max-age=16070400

Redirect headers

Date: Sat, 09 Nov 2019 19:33:42 GMT
Server: Apache
X-Frame-Options: SAMEORIGIN
Set-Cookie: afi=24724; expires=Mon, 09-Dec-2019 19:33:42 GMT; Max-Age=2592000; path=/; domain=karamba.com; secure; HttpOnly ar=Streamail; expires=Mon, 09-Dec-2019 19:33:42 GMT; Max-Age=2592000; path=/; domain=karamba.com; secure; HttpOnly mmi=69810; expires=Mon, 09-Dec-2019 19:33:42 GMT; Max-Age=2592000; path=/; domain=karamba.com; secure; HttpOnly par=0cb59Rbgioqnerw8HLqi5oreTrMJ3b3; expires=Mon, 09-Dec-2019 19:33:42 GMT; Max-Age=2592000; path=/; domain=karamba.com; secure; HttpOnly gclid=%7Bgclid%7D; expires=Mon, 09-Dec-2019 19:33:42 GMT; Max-Age=2592000; path=/; domain=karamba.com; secure; HttpOnly lng=eng; expires=Mon, 09-Dec-2019 19:33:42 GMT; Max-Age=2592000; path=/; domain=karamba.com; secure; HttpOnly lpr=FairyTale_HTML5; expires=Mon, 09-Dec-2019 19:33:42 GMT; Max-Age=2592000; path=/; domain=karamba.com; secure; HttpOnly lastvisit=2019-11-09; expires=Sun, 08-Nov-2020 19:33:42 GMT; Max-Age=31536000; path=/; domain=karamba.com; secure; HttpOnly visits=1; expires=Sun, 08-Nov-2020 19:33:42 GMT; Max-Age=31536000; path=/; domain=karamba.com; secure l=en; expires=Mon, 09-Dec-2019 19:33:42 GMT; Max-Age=2592000; path=/; domain=karamba.com; secure; HttpOnly lng=ENG; expires=Mon, 09-Dec-2019 19:33:42 GMT; Max-Age=2592000; path=/; domain=karamba.com; secure; HttpOnly GameVerticalID=deleted; expires=Thu, 01-Jan-1970 00:00:01 GMT; Max-Age=0; path=/; domain=karamba.com; secure
Expires: Wed, 11 Jan 1984 05:00:00 GMT
Cache-Control: no-cache, must-revalidate, max-age=0
Link: <https://www.karamba.com/wp-json/>; rel="https://api.w.org/"
Location: https://info.karamba.com/visit.aspx?afi=24724&ar=Streamail&mmi=69810&par=0cb59Rbgioqnerw8HLqi5oreTrMJ3b3&gclid=%7Bgclid%7D&popunder=%7Bpopunder%7D&lng=eng&LPR=FairyTale_HTML5
X-XSS-Protection: 1; mode=block
X-Content-Type-Options: nosniff
Content-Security-Policy: frame-ancestors https:;
Strict-Transport-Security: max-age=16070400; includeSubDomains
Keep-Alive: timeout=5, max=100
Connection: Keep-Alive
Transfer-Encoding: chunked
Content-Type: text/html; charset=UTF-8

GET
H/1.1 405
Method Not Allowed cors
data.ad-score.com/data/ 0
498 B 552ms
125ms Image
text/plain 130.211.115.4
Google LLC

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://data.ad-score.com/data/cors?pid=1000211&tt=g&tid=24724&l1=Streamail&l2=karamba.com&l3=uk&utid=0cb59Rbgioqnerw8HLqi5oreTrMJ3b3&uip=144.76.109.30&cb=5dc7149651afd&sstr=VW5jYXVnaHQgUmVmZXJlbmNlRXJyb3I6IEluaXRIVE1MUmVnaXN0cmF0aW9uQW5kTG9naW4gaXMgbm90IGRlZmluZWQgaHR0cHM6Ly9vZmZlcnMua2FyYW1iYS5jb20vREUvV09GLz9hZmk9MjQ3MjQmYXI9U3RyZWFtYWlsJm1taT02OTgxMCZwYXI9MGNiNTlSYmdpb3FuZXJ3OEhMcWk1b3JlVHJNSjNiMyZnY2xpZD17Z2NsaWR9JnBvcHVuZGVyPXtwb3B1bmRlcn0gMjkgMTM=&v=60078d9&s=er&url=aHR0cHM6Ly9vZmZlcnMua2FyYW1iYS5jb20vREUvV09GLz9hZmk9MjQ3MjQmYXI9U3RyZWFtYWlsJm1taT02OTgxMCZwYXI9MGNiNTlSYmdpb3FuZXJ3OEhMcWk1b3JlVHJNSjNiMyZnY2xpZD17Z2NsaWR9JnBvcHVuZGVyPXtwb3B1bmRlcn0=&pm_st=dtxoZtvfnpansEmeEfLUcwqSLthmBeBp-EU7fOsp5aVbrKDwb2nLOGk3FPA==-E0/GP89vblLqNQ==&pm_ct=1590afb93d08ebd4e4f9e2c9&pm_pl=1573328022449
Requested by: Host: offers.karamba.com
URL: https://offers.karamba.com/DE/WOF/?afi=24724&ar=Streamail&mmi=69810&par=0cb59Rbgioqnerw8HLqi5oreTrMJ3b3&gclid={gclid}&popunder={popunder}
Protocol: HTTP/1.1
Security: TLS 1.2, RSA, AES_128_GCM
Server: 130.211.115.4 Mountain View, United States, ASN15169 (GOOGLE - Google LLC, US),
Reverse DNS: 4.115.211.130.bc.googleusercontent.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Sec-Fetch-Mode: no-cors
Referer: https://offers.karamba.com/DE/WOF/?afi=24724&ar=Streamail&mmi=69810&par=0cb59Rbgioqnerw8HLqi5oreTrMJ3b3&gclid={gclid}&popunder={popunder}
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/78.0.3904.70 Safari/537.36

Response headers

Pragma: no-cache
Date: Sat, 09 Nov 2019 19:33:42 GMT
Age: 0
Access-Control-Allow-Methods: POST
P3p: CP="CURa ADMa DEVa TAIi PSAi PSDi IVAi IVDi CONi HISa TELi OUR IND DSP CAO COR"
Access-Control-Allow-Origin: *
Cache-Control: post-check=0, pre-check=0, false, proxy-revalidate, no-cache, no-cache=Set-Cookie, no-store, must-revalidate, max-age=0, s-maxage=0
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Length: 0

GET
BLOB 200
OK ccb49561-6dee-4a15-8390-8eb3238cd8c9
https://offers.karamba.com/ 720 B
0 Other
application/javascript

General

Check archive.org

Show headers Download Go to

Full URL: blob:https://offers.karamba.com/ccb49561-6dee-4a15-8390-8eb3238cd8c9
Requested by: Host: js.ad-score.com
URL: https://js.ad-score.com/score.min.js?pid=1000211
Protocol: BLOB
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: d2ec07a6e77bc3abc56f801e141e9889c018ca8e96dfbe4042f49378699ee85f

Request headers

Sec-Fetch-Mode: same-origin
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/78.0.3904.70 Safari/537.36

Response headers

Content-Length: 720
Content-Type: application/javascript

GET
DATA 200
OK truncated
/ 68 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 5e89733d8a8e055100cda68bf7a712ab0e1b24fefee7e39792b47cb5ff7c3cb1

Request headers

User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/78.0.3904.70 Safari/537.36

Response headers

Content-Type: image/png

POST
H/1.1 200
OK cors Show response
data.ad-score.com/data/ 1 B
274 B 350ms
114ms XHR
text/plain 130.211.115.4
Google LLC

General

Check archive.org

Show headers Download Go to

Full URL: https://data.ad-score.com/data/cors?pm_st=dtxoZtvfnpansEmeEfLUcwqSLthmBeBp-EU7fOsp5aVbrKDwb2nLOGk3FPA==-E0/GP89vblLqNQ==&pm_ct=1590afb93d08ebd4e4f9e2c9&pm_pl=1573328022449&pm_td=107&pid=1000211&en=1&callback=__pm_glbl_SjOMyiBJcpIZkfnzyz1SWBBE._gc2&tt=g&v=60078d9
Requested by: Host: js.ad-score.com
URL: https://js.ad-score.com/score.min.js?pid=1000211
Protocol: HTTP/1.1
Security: TLS 1.2, RSA, AES_128_GCM
Server: 130.211.115.4 Mountain View, United States, ASN15169 (GOOGLE - Google LLC, US),
Reverse DNS: 4.115.211.130.bc.googleusercontent.com
Software: /
Resource Hash: 5feceb66ffc86f38d952786c6d696c79c2dbc239dd4e91b46729d73a27fb57e9

Request headers

Sec-Fetch-Mode: cors
Referer: https://offers.karamba.com/DE/WOF/?afi=24724&ar=Streamail&mmi=69810&par=0cb59Rbgioqnerw8HLqi5oreTrMJ3b3&gclid={gclid}&popunder={popunder}
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/78.0.3904.70 Safari/537.36
Content-Type: text/plain

Response headers

Access-Control-Allow-Origin: https://offers.karamba.com
Date: Sat, 09 Nov 2019 19:33:42 GMT
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Length: 1
Access-Control-Allow-Methods: POST
Content-Type: text/plain; charset=utf-8

GET
DATA 200
OK truncated
/ 35 B
0 Image
image/gif

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Request headers

User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/78.0.3904.70 Safari/537.36

Response headers

Content-Type: image/gif

GET
H2 200 analytics.js Show response
www.google-analytics.com/ 43 KB
17 KB 6ms
5ms Script
text/javascript 2a00:1450:4001:808::200e
Google LLC

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/analytics.js

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-5SR6C87

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:808::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE - Google LLC, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

dbb67c620eaabf6679a314db18d3ae43037aef71ab27422e6feec08ee987cc0a

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Sec-Fetch-Mode: no-cors
Referer: https://offers.karamba.com/DE/WOF/?afi=24724&ar=Streamail&mmi=69810&par=0cb59Rbgioqnerw8HLqi5oreTrMJ3b3&gclid={gclid}&popunder={popunder}
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/78.0.3904.70 Safari/537.36

Response headers

strict-transport-security: max-age=10886400; includeSubDomains; preload
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Mon, 19 Aug 2019 17:22:41 GMT
server: Golfe2
age: 3605
date: Sat, 09 Nov 2019 18:33:37 GMT
vary: Accept-Encoding
content-type: text/javascript
status: 200
cache-control: public, max-age=7200
alt-svc: quic=":443"; ma=2592000; v="46,43",h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length: 17803
expires: Sat, 09 Nov 2019 20:33:37 GMT

GET
H2 200 ld.js Show response
static.criteo.net/js/ld/ 30 KB
10 KB 41ms
15ms Script
text/javascript 178.250.2.130
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL: https://static.criteo.net/js/ld/ld.js
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-5SR6C87
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 178.250.2.130 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software: nginx /
Resource Hash: 08f46166ba8f17f10bcf12e4cb5307eee649495f36b4561aa86ae2fde668f99f

Request headers

Sec-Fetch-Mode: no-cors
Referer: https://offers.karamba.com/DE/WOF/?afi=24724&ar=Streamail&mmi=69810&par=0cb59Rbgioqnerw8HLqi5oreTrMJ3b3&gclid={gclid}&popunder={popunder}
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/78.0.3904.70 Safari/537.36

Response headers

date: Sat, 09 Nov 2019 19:33:42 GMT
content-encoding: gzip
last-modified: Fri, 11 Oct 2019 10:45:26 GMT
server: nginx
etag: W/"5da05d46-7682"
status: 200
content-type: text/javascript
access-control-allow-origin: *
cache-control: max-age=86400, public
timing-allow-origin: *
expires: Sun, 10 Nov 2019 19:33:42 GMT

GET
H2 200 fbevents.js Show response
connect.facebook.net/en_US/ 122 KB
27 KB 6ms
6ms Script
application/x-javascript 2a03:2880:f01c:8012:face:b00c:0:3
Facebook

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/en_US/fbevents.js

Requested by

Host: lot.neatpowr.com
URL: http://lot.neatpowr.com/rd?urlrd=http%3a%2f%2ftraffic.focuusing.com%2frouter%3fcode%3dWTYW1YO%26traffic_source%3d297881%26afi%3d24724%26ar%3dStreamail

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f01c:8012:face:b00c:0:3 , Ireland, ASN32934 (FACEBOOK - Facebook, Inc., US),

Reverse DNS

Software

Resource Hash

981be39924f4c8320f4daa8b8cdd7468455e46a30bd0cfef24ba5c74c2a6b12d

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

Sec-Fetch-Mode: no-cors
Referer: https://offers.karamba.com/DE/WOF/?afi=24724&ar=Streamail&mmi=69810&par=0cb59Rbgioqnerw8HLqi5oreTrMJ3b3&gclid={gclid}&popunder={popunder}
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/78.0.3904.70 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; preload; includeSubDomains
content-encoding: gzip
x-content-type-options: nosniff
status: 200
alt-svc: h3-23=":443"; ma=3600
content-length: 27377
x-xss-protection: 0
pragma: public
x-fb-debug: OtsqlETEYn3cEOY5DXmLuzXB3VuKHY5QNMBT8Pnc41aVTlOtSaPwTcWqdsAz4Lsgjh5rBhiFx6DOScqza4xBRw==
x-fb-trip-id: 365799557
x-frame-options: DENY
date: Sat, 09 Nov 2019 19:33:42 GMT
vary: Accept-Encoding
content-type: application/x-javascript; charset=utf-8
cache-control: public, max-age=1200
expires: Sat, 01 Jan 2000 00:00:00 GMT

GET
H/1.1 200
OK p.js Show response
my.rtmark.net/ 709 B
1 KB 808ms
23ms Script
text/javascript 188.42.160.59
WEBZILLA

General

Check archive.org

Show headers Download Go to

Full URL

https://my.rtmark.net/p.js?f=sync&lr=1&partner=58b5af2832492d653535743c972fdbcbc5f76b0521ea0ed7cd26145bec21e330

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-5SR6C87

Protocol

HTTP/1.1

Security

TLS 1.2, RSA, AES_128_CBC

Server

188.42.160.59 Amsterdam, Netherlands, ASN35415 (WEBZILLA, NL),

Reverse DNS

Software

nginx /

Resource Hash

8c01768d4be8ac6d88038cc5d46423be5d199c87c4d1f07cecd03beded7f894d

Security Headers

Name	Value
Strict-Transport-Security	max-age=1
X-Content-Type-Options	nosniff

Request headers

Sec-Fetch-Mode: no-cors
Referer: https://offers.karamba.com/DE/WOF/?afi=24724&ar=Streamail&mmi=69810&par=0cb59Rbgioqnerw8HLqi5oreTrMJ3b3&gclid={gclid}&popunder={popunder}
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/78.0.3904.70 Safari/537.36

Response headers

Date: Sat, 09 Nov 2019 19:33:43 GMT
X-Content-Type-Options: nosniff
Server: nginx
Strict-Transport-Security: max-age=1
Access-Control-Allow-Methods: POST, GET, OPTIONS, PUT, DELETE
Content-Type: text/javascript
Access-Control-Allow-Origin: *
Access-Control-Expose-Headers: Authorization
Access-Control-Allow-Credentials: true
Connection: keep-alive
Timing-Allow-Origin: *, *
Access-Control-Allow-Headers: Accept, Content-Type, Content-Length, Accept-Encoding, Authorization,X-CSRF-Token
Content-Length: 709

GET
H2 200 adoric.js Show response
61676801.adoric-om.com/ 109 KB
31 KB 56ms
27ms Script
text/javascript 13.225.78.19
Amazon.com

General

Check archive.org

Show headers Download Go to

Full URL

https://61676801.adoric-om.com/adoric.js

Requested by

Host: lot.neatpowr.com
URL: http://lot.neatpowr.com/rd?urlrd=http%3a%2f%2ftraffic.focuusing.com%2frouter%3fcode%3dWTYW1YO%26traffic_source%3d297881%26afi%3d24724%26ar%3dStreamail

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

13.225.78.19 Seattle, United States, ASN16509 (AMAZON-02 - Amazon.com, Inc., US),

Reverse DNS

server-13-225-78-19.fra2.r.cloudfront.net

Software

nginx /

Resource Hash

460bd0925e633c0103f69cc7c68cc8bfce39415cec3750cdc787aaad13d03b40

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Sec-Fetch-Mode: no-cors
Referer: https://offers.karamba.com/DE/WOF/?afi=24724&ar=Streamail&mmi=69810&par=0cb59Rbgioqnerw8HLqi5oreTrMJ3b3&gclid={gclid}&popunder={popunder}
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/78.0.3904.70 Safari/537.36

Response headers

strict-transport-security: max-age=15552000; includeSubDomains
content-encoding: gzip
x-content-type-options: nosniff
x-amz-cf-pop: FRA2-C2
x-dns-prefetch-control: off
x-cache: Hit from cloudfront
status: 200
x-xss-protection: 1; mode=block
access-control-allow-origin: *
server: nginx
x-frame-options: SAMEORIGIN
date: Fri, 08 Nov 2019 23:33:36 GMT
x-download-options: noopen
vary: Accept-Encoding
access-control-allow-methods: GET, POST, PUT, DELETE, OPTIONS
content-type: text/javascript; charset=utf-8
via: 1.1 96c1c36adc76f99239fd3220e5be7e6a.cloudfront.net (CloudFront)
cache-control: max-age=900
access-control-allow-credentials: *
etag: W/"1b31d-ulWnsfKlp00zc+TH/zQAmYzJ3LI"
access-control-allow-headers: Origin, X-Requested-With, Content-Type, Accept, Authorization, Access-Control-Allow-Credentials
x-amz-cf-id: PEE5VOpGrSbey-rN2CiiyXcZFt8lTf0Xwl7wXmBH34mJ7nwYYaPlNw==

GET
H/1.1 200
OK createjs-2015.11.26.min.js Show response
offers.karamba.com/DE/WOF/web/libs/ Frame BB90 186 KB
49 KB 23ms
23ms Script
application/javascript 52.149.109.211
Microsoft Corpora...

General

Check archive.org

Show headers Download Go to

Full URL

https://offers.karamba.com/DE/WOF/web/libs/createjs-2015.11.26.min.js

Requested by

Host: offers.karamba.com
URL: https://offers.karamba.com/DE/WOF/web/

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

52.149.109.211 Amsterdam, Netherlands, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK - Microsoft Corporation, US),

Reverse DNS

Software

Apache /

Resource Hash

575c82f23dbb9285df2f62c7c8121c65d89e8137713110a149067d695975215e

Security Headers

Name	Value
Strict-Transport-Security	max-age=16070400; includeSubDomains

Request headers

Sec-Fetch-Mode: no-cors
Referer: https://offers.karamba.com/DE/WOF/web/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/78.0.3904.70 Safari/537.36

Response headers

Date: Sat, 09 Nov 2019 19:33:42 GMT
Content-Encoding: gzip
Last-Modified: Wed, 07 Dec 2016 21:20:26 GMT
Server: Apache
ETag: "2e8a6-5431816e5fa80-gzip"
Vary: Accept-Encoding
Connection: Keep-Alive
Content-Type: application/javascript
Cache-Control: max-age=2628000, public
Strict-Transport-Security: max-age=16070400; includeSubDomains
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=96
Content-Length: 49352

GET
H/1.1 200
OK LP_ger_eur_Canvas.js Show response
offers.karamba.com/DE/WOF/web/ Frame BB90 252 KB
54 KB 36ms
35ms Script
application/javascript 52.149.109.211
Microsoft Corpora...

General

Check archive.org

Show headers Download Go to

Full URL

https://offers.karamba.com/DE/WOF/web/LP_ger_eur_Canvas.js?1488295314228

Requested by

Host: offers.karamba.com
URL: https://offers.karamba.com/DE/WOF/web/

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

52.149.109.211 Amsterdam, Netherlands, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK - Microsoft Corporation, US),

Reverse DNS

Software

Apache /

Resource Hash

2a4fdc15a8b5d73c8d1f87a888e262e3af567d72549196ca3ada51384c9394d5

Security Headers

Name	Value
Strict-Transport-Security	max-age=16070400; includeSubDomains

Request headers

Sec-Fetch-Mode: no-cors
Referer: https://offers.karamba.com/DE/WOF/web/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/78.0.3904.70 Safari/537.36

Response headers

Date: Sat, 09 Nov 2019 19:33:42 GMT
Content-Encoding: gzip
Last-Modified: Tue, 28 Feb 2017 15:21:53 GMT
Server: Apache
ETag: "3f048-54998c173c640-gzip"
Vary: Accept-Encoding
Connection: Keep-Alive
Content-Type: application/javascript
Cache-Control: max-age=2628000, public
Strict-Transport-Security: max-age=16070400; includeSubDomains
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=100
Content-Length: 54482

GET
H2 200 js Show response
www.google-analytics.com/gtm/ 58 KB
22 KB 15ms
15ms Script
application/javascript 2a00:1450:4001:808::200e
Google LLC

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/gtm/js?id=GTM-TCR9TJ7&t=gtm2&cid=850967668.1573328023&gclid=%7Bgclid%7D

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:808::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE - Google LLC, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

ae0d66c1d696b11a6a2cea26f793f0d358f1d656e723b4326e59dcd8799a4c8d

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Sec-Fetch-Mode: no-cors
Referer: https://offers.karamba.com/DE/WOF/?afi=24724&ar=Streamail&mmi=69810&par=0cb59Rbgioqnerw8HLqi5oreTrMJ3b3&gclid={gclid}&popunder={popunder}
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/78.0.3904.70 Safari/537.36

Response headers

date: Sat, 09 Nov 2019 19:33:42 GMT
content-encoding: br
last-modified: Sat, 09 Nov 2019 18:00:00 GMT
server: Google Tag Manager
access-control-allow-headers: Cache-Control
status: 200
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: http://www.googletagmanager.com
cache-control: private, max-age=900
access-control-allow-credentials: true
alt-svc: quic=":443"; ma=2592000; v="46,43",h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length: 21953
x-xss-protection: 0
expires: Sat, 09 Nov 2019 19:33:42 GMT

GET
H2 200 collect
www.google-analytics.com/ 35 B
108 B 6ms
5ms Image
image/gif 2a00:1450:4001:808::200e
Google LLC

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google-analytics.com/collect?v=1&_v=j79&a=135533501&t=pageview&_s=1&dl=https%3A%2F%2Foffers.karamba.com%2FDE%2FWOF%2F%3Fafi%3D24724%26ar%3DStreamail%26mmi%3D69810%26par%3D0cb59Rbgioqnerw8HLqi5oreTrMJ3b3%26gclid%3D%7Bgclid%7D%26popunder%3D%7Bpopunder%7D&dr=http%3A%2F%2Ftraffic.focuusing.com%2Fprocess%3Fafi%3D24724%26ar%3DStreamail%26campaign%3D671539%26destination%3D1424391%26tid%3D0cb59Rbgioqnerw8HLqi5oreTrMJ3b3%26traffic_source%3D297881%26crfn%3Dt10cb59Rbgioqnerw8HLqi5oreTrMJ3b3&ul=en-us&de=UTF-8&dt=Karamba.com&sd=24-bit&sr=1600x1200&vp=1585x1200&je=0&_u=YGBAgAADQAAAg~&jid=1128525899&gjid=1204193561&cid=850967668.1573328023&tid=UA-85966793-1&_gid=1691157007.1573328023&gtm=2wgav35SR6C87&cd1=24724&cd2=Streamail&cd3=0cb59Rbgioqnerw8HLqi5oreTrMJ3b3&cd4=%7Bgclid%7D&cd5=69810&cd8=%7Bpopunder%7D&z=1524233337

Requested by

Host: offers.karamba.com
URL: https://offers.karamba.com/DE/WOF/?afi=24724&ar=Streamail&mmi=69810&par=0cb59Rbgioqnerw8HLqi5oreTrMJ3b3&gclid={gclid}&popunder={popunder}

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:808::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE - Google LLC, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Sec-Fetch-Mode: no-cors
Referer: https://offers.karamba.com/DE/WOF/?afi=24724&ar=Streamail&mmi=69810&par=0cb59Rbgioqnerw8HLqi5oreTrMJ3b3&gclid={gclid}&popunder={popunder}
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/78.0.3904.70 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 01 Nov 2019 15:09:48 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
age: 707034
status: 200
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate
alt-svc: quic=":443"; ma=2592000; v="46,43",h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length: 35
expires: Mon, 01 Jan 1990 00:00:00 GMT

GET
H2

200

ga-audiences
www.google.de/ads/
Redirect Chain

https://stats.g.doubleclick.net/r/collect?t=dc&aip=1&_r=3&v=1&_v=j79&tid=UA-85966793-1&cid=850967668.1573328023&jid=1128525899&gjid=1204193561&_gid=1691157007.1573328023&_u=YGBAgAADQAAAg~&z=1375371690
https://www.google.com/ads/ga-audiences?v=1&aip=1&t=sr&_r=4&tid=UA-85966793-1&cid=850967668.1573328023&jid=1128525899&_v=j79&z=1375371690
https://www.google.de/ads/ga-audiences?v=1&aip=1&t=sr&_r=4&tid=UA-85966793-1&cid=850967668.1573328023&jid=1128525899&_v=j79&z=1375371690&slf_rd=1&random=1797412972

42 B
109 B

28ms
28ms

Image
image/gif

2a00:1450:4001:825::2003
Google LLC

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.de/ads/ga-audiences?v=1&aip=1&t=sr&_r=4&tid=UA-85966793-1&cid=850967668.1573328023&jid=1128525899&_v=j79&z=1375371690&slf_rd=1&random=1797412972

Requested by

Host: offers.karamba.com
URL: https://offers.karamba.com/DE/WOF/?afi=24724&ar=Streamail&mmi=69810&par=0cb59Rbgioqnerw8HLqi5oreTrMJ3b3&gclid={gclid}&popunder={popunder}

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:825::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE - Google LLC, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://offers.karamba.com/DE/WOF/?afi=24724&ar=Streamail&mmi=69810&par=0cb59Rbgioqnerw8HLqi5oreTrMJ3b3&gclid={gclid}&popunder={popunder}
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/78.0.3904.70 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 09 Nov 2019 19:33:42 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
status: 200
cache-control: no-cache, no-store, must-revalidate
content-type: image/gif
alt-svc: quic=":443"; ma=2592000; v="46,43",h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma: no-cache
date: Sat, 09 Nov 2019 19:33:42 GMT
x-content-type-options: nosniff
server: cafe
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
status: 302
content-type: text/html; charset=UTF-8
location: https://www.google.de/ads/ga-audiences?v=1&aip=1&t=sr&_r=4&tid=UA-85966793-1&cid=850967668.1573328023&jid=1128525899&_v=j79&z=1375371690&slf_rd=1&random=1797412972
cache-control: no-cache, no-store, must-revalidate
timing-allow-origin: *
alt-svc: quic=":443"; ma=2592000; v="46,43",h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 241981442639943 Show response
connect.facebook.net/signals/config/ 306 KB
75 KB 10ms
9ms Script
application/x-javascript 2a03:2880:f01c:8012:face:b00c:0:3
Facebook

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/signals/config/241981442639943?v=2.9.11&r=stable

Requested by

Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/fbevents.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f01c:8012:face:b00c:0:3 , Ireland, ASN32934 (FACEBOOK - Facebook, Inc., US),

Reverse DNS

Software

Resource Hash

f036e6363c2d4733ca5f53e4629df49c2d2c7e41e963af93872b6b5e89b97ab1

Security Headers

Name	Value
Content-Security-Policy	default-src * data: blob:;script-src .facebook.com .fbcdn.net .facebook.net .google-analytics.com .virtualearth.net .google.com 127.0.0.1:* .spotilocal.com: 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' ;connect-src .facebook.com facebook.com .fbcdn.net .facebook.net .spotilocal.com: wss://.facebook.com: https://fb.scanandcleanlocal.com:* attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self';
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

Sec-Fetch-Mode: no-cors
Referer: https://offers.karamba.com/DE/WOF/?afi=24724&ar=Streamail&mmi=69810&par=0cb59Rbgioqnerw8HLqi5oreTrMJ3b3&gclid={gclid}&popunder={popunder}
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/78.0.3904.70 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; preload; includeSubDomains
content-encoding: gzip
x-content-type-options: nosniff
status: 200
alt-svc: h3-23=":443"; ma=3600
content-length: 75927
x-xss-protection: 0
pragma: public
x-fb-debug: 2bQlwWc9gZAHfPxmlxYX3jo0UB1SnHnuGnwlxqCjKzzWs3iaDXsojLLLEqgHTKz1Yfj6w7DqMGZLjP3vNfSsVQ==
x-fb-trip-id: 365799557
x-frame-options: DENY
date: Sat, 09 Nov 2019 19:33:42 GMT
vary: Accept-Encoding
content-type: application/x-javascript; charset=utf-8
cache-control: public, max-age=1200
content-security-policy: default-src * data: blob:;script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.virtualearth.net *.google.com 127.0.0.1:* *.spotilocal.com:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net *.spotilocal.com:* wss://*.facebook.com:* https://fb.scanandcleanlocal.com:* attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self';
expires: Sat, 01 Jan 2000 00:00:00 GMT

GET
H2 200 event Show response
sslwidget.criteo.com/ 1 KB
1 KB 49ms
18ms Script
application/x-javascript 178.250.2.151
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL: https://sslwidget.criteo.com/event?a=27655&v=5.4.0&p0=e%3Dce%26m%3D%255B%255D&p1=e%3Dexd%26site_type%3Dd%26ref%3Dhttp%253A%252F%252Ftraffic.focuusing.com&p2=e%3Dvh&p3=e%3Ddis&adce=1&lwid=24317280-a396-4d74-855b-df526325171e&tld=karamba.com&dtycbr=56310
Requested by: Host: static.criteo.net
URL: https://static.criteo.net/js/ld/ld.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 178.250.2.151 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software: Microsoft-IIS/10.0 / ASP.NET
Resource Hash: 8289d6128fdf7efb2907ca86935b29d65532572e22c20a46682d0db6f89a946c

Request headers

Sec-Fetch-Mode: no-cors
Referer: https://offers.karamba.com/DE/WOF/?afi=24724&ar=Streamail&mmi=69810&par=0cb59Rbgioqnerw8HLqi5oreTrMJ3b3&gclid={gclid}&popunder={popunder}
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/78.0.3904.70 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 09 Nov 2019 19:33:42 GMT
content-encoding: gzip
server: Microsoft-IIS/10.0
timing-allow-origin: *
x-powered-by: ASP.NET
vary: Accept-Encoding
p3p: NON DSP COR CURa PSA PSD OUR BUS NAV STA
status: 200
cache-control: no-cache
content-type: application/x-javascript
content-length: 864
expires: 0

GET
H2 200 983591508385850 Show response
connect.facebook.net/signals/config/ 306 KB
74 KB 8ms
8ms Script
application/x-javascript 2a03:2880:f01c:8012:face:b00c:0:3
Facebook

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/signals/config/983591508385850?v=2.9.11&r=stable

Requested by

Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/fbevents.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f01c:8012:face:b00c:0:3 , Ireland, ASN32934 (FACEBOOK - Facebook, Inc., US),

Reverse DNS

Software

Resource Hash

fb71cfd6210f075b6355aeba90544b8e839c0c6e27b6df34bad1478813698af4

Security Headers

Name	Value
Content-Security-Policy	default-src * data: blob:;script-src .facebook.com .fbcdn.net .facebook.net .google-analytics.com .virtualearth.net .google.com 127.0.0.1:* .spotilocal.com: 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' ;connect-src .facebook.com facebook.com .fbcdn.net .facebook.net .spotilocal.com: wss://.facebook.com: https://fb.scanandcleanlocal.com:* attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' chrome-extension://boadgeojelhgndaghljhdicfkmllpafd chrome-extension://dliochdbjfkdbacpmhlcpmleaejidimm;
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

Sec-Fetch-Mode: no-cors
Referer: https://offers.karamba.com/DE/WOF/?afi=24724&ar=Streamail&mmi=69810&par=0cb59Rbgioqnerw8HLqi5oreTrMJ3b3&gclid={gclid}&popunder={popunder}
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/78.0.3904.70 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; preload; includeSubDomains
content-encoding: gzip
x-content-type-options: nosniff
status: 200
alt-svc: h3-23=":443"; ma=3600
content-length: 75872
x-xss-protection: 0
pragma: public
x-fb-debug: yArYB56Tih0OfTG2GqdBZp203nDh7cNBdiOOtlyV9gv+IkP26BZ/yfO2eK+IeuJpPswWvCJ71WNHGGV+xIkqdQ==
x-fb-trip-id: 365799557
x-frame-options: DENY
date: Sat, 09 Nov 2019 19:33:42 GMT
vary: Accept-Encoding
content-type: application/x-javascript; charset=utf-8
cache-control: public, max-age=1200
content-security-policy: default-src * data: blob:;script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.virtualearth.net *.google.com 127.0.0.1:* *.spotilocal.com:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net *.spotilocal.com:* wss://*.facebook.com:* https://fb.scanandcleanlocal.com:* attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' chrome-extension://boadgeojelhgndaghljhdicfkmllpafd chrome-extension://dliochdbjfkdbacpmhlcpmleaejidimm;
expires: Sat, 01 Jan 2000 00:00:00 GMT

GET
H2 200 /
www.facebook.com/tr/ 44 B
258 B 6ms
6ms Image
image/gif 2a03:2880:f11c:8183:face:b00c:0:25de
Facebook

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.facebook.com/tr/?id=241981442639943&ev=PageView&dl=https%3A%2F%2Foffers.karamba.com%2FDE%2FWOF%2F%3Fafi%3D24724%26ar%3DStreamail%26mmi%3D69810%26par%3D0cb59Rbgioqnerw8HLqi5oreTrMJ3b3%26gclid%3D%7Bgclid%7D%26popunder%3D%7Bpopunder%7D&rl=http%3A%2F%2Ftraffic.focuusing.com%2Fprocess%3Fafi%3D24724%26ar%3DStreamail%26campaign%3D671539%26destination%3D1424391%26tid%3D0cb59Rbgioqnerw8HLqi5oreTrMJ3b3%26traffic_source%3D297881%26crfn%3Dt10cb59Rbgioqnerw8HLqi5oreTrMJ3b3&if=false&ts=1573328022625&sw=1600&sh=1200&v=2.9.11&r=stable&ec=0&o=30&fbp=fb.1.1573328022624.1884413696&it=1573328022595&coo=false&rqm=GET

Requested by

Host: offers.karamba.com
URL: https://offers.karamba.com/DE/WOF/?afi=24724&ar=Streamail&mmi=69810&par=0cb59Rbgioqnerw8HLqi5oreTrMJ3b3&gclid={gclid}&popunder={popunder}

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f11c:8183:face:b00c:0:25de , Ireland, ASN32934 (FACEBOOK - Facebook, Inc., US),

Reverse DNS

Software

proxygen-bolt /

Resource Hash

10d8d42d73a02ddb877101e72fbfa15a0ec820224d97cedee4cf92d571be5caa

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Sec-Fetch-Mode: no-cors
Referer: https://offers.karamba.com/DE/WOF/?afi=24724&ar=Streamail&mmi=69810&par=0cb59Rbgioqnerw8HLqi5oreTrMJ3b3&gclid={gclid}&popunder={popunder}
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/78.0.3904.70 Safari/537.36

Response headers

date: Sat, 09 Nov 2019 19:33:42 GMT
last-modified: Fri, 21 Dec 2012 00:00:01 GMT
server: proxygen-bolt
strict-transport-security: max-age=31536000; includeSubDomains
content-type: image/gif
status: 200
cache-control: no-cache, must-revalidate, max-age=0
alt-svc: h3-23=":443"; ma=3600
content-length: 44
expires: Sat, 09 Nov 2019 19:33:42 GMT

GET
H/1.1 405
Method Not Allowed cors
data.ad-score.com/data/ 0
498 B 799ms
536ms Image
text/plain 130.211.115.4
Google LLC

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://data.ad-score.com/data/cors?pid=1000211&tt=g&tid=24724&l1=Streamail&l2=karamba.com&l3=uk&utid=0cb59Rbgioqnerw8HLqi5oreTrMJ3b3&uip=144.76.109.30&cb=5dc7149651afd&sstr=U2NyaXB0IGVycm9yLiAgMCAw&v=60078d9&s=er&url=aHR0cHM6Ly9vZmZlcnMua2FyYW1iYS5jb20vREUvV09GLz9hZmk9MjQ3MjQmYXI9U3RyZWFtYWlsJm1taT02OTgxMCZwYXI9MGNiNTlSYmdpb3FuZXJ3OEhMcWk1b3JlVHJNSjNiMyZnY2xpZD17Z2NsaWR9JnBvcHVuZGVyPXtwb3B1bmRlcn0=&pm_st=dtxoZtvfnpansEmeEfLUcwqSLthmBeBp-EU7fOsp5aVbrKDwb2nLOGk3FPA==-E0/GP89vblLqNQ==&pm_ct=1590afb93d08ebd4e4f9e2c9&pm_pl=1573328022449
Requested by: Host: offers.karamba.com
URL: https://offers.karamba.com/DE/WOF/?afi=24724&ar=Streamail&mmi=69810&par=0cb59Rbgioqnerw8HLqi5oreTrMJ3b3&gclid={gclid}&popunder={popunder}
Protocol: HTTP/1.1
Security: TLS 1.2, RSA, AES_128_GCM
Server: 130.211.115.4 Mountain View, United States, ASN15169 (GOOGLE - Google LLC, US),
Reverse DNS: 4.115.211.130.bc.googleusercontent.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Sec-Fetch-Mode: no-cors
Referer: https://offers.karamba.com/DE/WOF/?afi=24724&ar=Streamail&mmi=69810&par=0cb59Rbgioqnerw8HLqi5oreTrMJ3b3&gclid={gclid}&popunder={popunder}
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/78.0.3904.70 Safari/537.36

Response headers

Pragma: no-cache
Date: Sat, 09 Nov 2019 19:33:43 GMT
Age: 0
Access-Control-Allow-Methods: POST
P3p: CP="CURa ADMa DEVa TAIi PSAi PSDi IVAi IVDi CONi HISa TELi OUR IND DSP CAO COR"
Access-Control-Allow-Origin: *
Cache-Control: post-check=0, pre-check=0, false, proxy-revalidate, no-cache, no-cache=Set-Cookie, no-store, must-revalidate, max-age=0, s-maxage=0
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Length: 0

GET
H2

200

/
cx.atdmt.com/
Redirect Chain

https://www.facebook.com/tr/?id=983591508385850&ev=PageView&dl=https%3A%2F%2Foffers.karamba.com%2FDE%2FWOF%2F%3Fafi%3D24724%26ar%3DStreamail%26mmi%3D69810%26par%3D0cb59Rbgioqnerw8HLqi5oreTrMJ3b3%26...
https://cx.atdmt.com/?c=18249025625158391759&f=AYw1fWcYt0Ownukuqw539c-Co4BW4l0nBWEUdHZywe4AngiMSEMJtxaZ8Rpl_1icv96UR9Ou1ffnMIawO4UNoZJL&id=983591508385850&l=3&v=0

42 B
406 B

53ms
40ms

Image
image/gif

2a03:2880:f01c:8004:face:b00c:0:8c
Facebook

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cx.atdmt.com/?c=18249025625158391759&f=AYw1fWcYt0Ownukuqw539c-Co4BW4l0nBWEUdHZywe4AngiMSEMJtxaZ8Rpl_1icv96UR9Ou1ffnMIawO4UNoZJL&id=983591508385850&l=3&v=0
Requested by: Host: offers.karamba.com
URL: https://offers.karamba.com/DE/WOF/?afi=24724&ar=Streamail&mmi=69810&par=0cb59Rbgioqnerw8HLqi5oreTrMJ3b3&gclid={gclid}&popunder={popunder}
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a03:2880:f01c:8004:face:b00c:0:8c , Ireland, ASN32934 (FACEBOOK - Facebook, Inc., US),
Reverse DNS
Software: /
Resource Hash: 6d8ba81d1b60a18707722a1f2b62dad48a6acced95a1933f49a68b5016620b93

Request headers

Referer: https://offers.karamba.com/DE/WOF/?afi=24724&ar=Streamail&mmi=69810&par=0cb59Rbgioqnerw8HLqi5oreTrMJ3b3&gclid={gclid}&popunder={popunder}
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/78.0.3904.70 Safari/537.36

Response headers

status: 200
date: Sat, 09 Nov 2019 19:33:42 GMT
content-type: image/gif
content-length: 42
p3p: CP="NOI DSP COR CUR ADM DEV TAIo PSAo PSDo OUR BUS UNI PUR COM NAV INT DEM STA PRE OTC"

Redirect headers

pragma: no-cache
date: Sat, 09 Nov 2019 19:33:42 GMT
server: proxygen-bolt
status: 302
content-type: text/plain
location: https://cx.atdmt.com/?c=18249025625158391759&f=AYw1fWcYt0Ownukuqw539c-Co4BW4l0nBWEUdHZywe4AngiMSEMJtxaZ8Rpl_1icv96UR9Ou1ffnMIawO4UNoZJL&id=983591508385850&l=3&v=0
cache-control: no-cache, no-store, must-revalidate
alt-svc: h3-23=":443"; ma=3600
content-length: 0
expires: 0

GET
H/1.1 200
OK Group.png
offers.karamba.com/DE/WOF/web/images/ Frame BB90 3 KB
3 KB 17ms
16ms Image
image/png 52.149.109.211
Microsoft Corpora...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://offers.karamba.com/DE/WOF/web/images/Group.png?1488295314104

Requested by

Host: offers.karamba.com
URL: https://offers.karamba.com/DE/WOF/?afi=24724&ar=Streamail&mmi=69810&par=0cb59Rbgioqnerw8HLqi5oreTrMJ3b3&gclid={gclid}&popunder={popunder}

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

52.149.109.211 Amsterdam, Netherlands, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK - Microsoft Corporation, US),

Reverse DNS

Software

Apache /

Resource Hash

1f4cd40e8e6857e73e5d15ef53dc412e64f55e4bb4936940d886addbfa5b36e2

Security Headers

Name	Value
Strict-Transport-Security	max-age=16070400; includeSubDomains

Request headers

Sec-Fetch-Mode: no-cors
Referer: https://offers.karamba.com/DE/WOF/web/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/78.0.3904.70 Safari/537.36

Response headers

Date: Sat, 09 Nov 2019 19:33:42 GMT
Last-Modified: Tue, 28 Feb 2017 15:21:51 GMT
Server: Apache
ETag: "a5b-54998c15541c0"
Strict-Transport-Security: max-age=16070400; includeSubDomains
Content-Type: image/png
Cache-Control: max-age=2628000, public
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=99
Content-Length: 2651

GET
H/1.1 200
OK Group_3.png
offers.karamba.com/DE/WOF/web/images/ Frame BB90 1 KB
2 KB 16ms
16ms Image
image/png 52.149.109.211
Microsoft Corpora...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://offers.karamba.com/DE/WOF/web/images/Group_3.png?1488295314104

Requested by

Host: offers.karamba.com
URL: https://offers.karamba.com/DE/WOF/?afi=24724&ar=Streamail&mmi=69810&par=0cb59Rbgioqnerw8HLqi5oreTrMJ3b3&gclid={gclid}&popunder={popunder}

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

52.149.109.211 Amsterdam, Netherlands, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK - Microsoft Corporation, US),

Reverse DNS

Software

Apache /

Resource Hash

beae8937f5cacc87cf9f7483da9fe0daa92f313eadfd8f8aeff3f13479a1e8cb

Security Headers

Name	Value
Strict-Transport-Security	max-age=16070400; includeSubDomains

Request headers

Sec-Fetch-Mode: no-cors
Referer: https://offers.karamba.com/DE/WOF/web/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/78.0.3904.70 Safari/537.36

Response headers

Date: Sat, 09 Nov 2019 19:33:42 GMT
Last-Modified: Tue, 28 Feb 2017 15:21:51 GMT
Server: Apache
ETag: "55b-54998c15541c0"
Strict-Transport-Security: max-age=16070400; includeSubDomains
Content-Type: image/png
Cache-Control: max-age=2628000, public
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=98
Content-Length: 1371

GET
H/1.1 200
OK Mesh.png
offers.karamba.com/DE/WOF/web/images/ Frame BB90 3 KB
3 KB 17ms
16ms Image
image/png 52.149.109.211
Microsoft Corpora...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://offers.karamba.com/DE/WOF/web/images/Mesh.png?1488295314104

Requested by

Host: offers.karamba.com
URL: https://offers.karamba.com/DE/WOF/?afi=24724&ar=Streamail&mmi=69810&par=0cb59Rbgioqnerw8HLqi5oreTrMJ3b3&gclid={gclid}&popunder={popunder}

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

52.149.109.211 Amsterdam, Netherlands, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK - Microsoft Corporation, US),

Reverse DNS

Software

Apache /

Resource Hash

2912da39aaeffb55fdc3bcc6c213c4f35c57ee68c1491deee529e6993d44ce62

Security Headers

Name	Value
Strict-Transport-Security	max-age=16070400; includeSubDomains

Request headers

Sec-Fetch-Mode: no-cors
Referer: https://offers.karamba.com/DE/WOF/web/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/78.0.3904.70 Safari/537.36

Response headers

Date: Sat, 09 Nov 2019 19:33:42 GMT
Last-Modified: Tue, 28 Feb 2017 13:23:24 GMT
Server: Apache
ETag: "a6e-5499719b90b00"
Strict-Transport-Security: max-age=16070400; includeSubDomains
Content-Type: image/png
Cache-Control: max-age=2628000, public
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=97
Content-Length: 2670

GET
H/1.1 200
OK arrow.png
offers.karamba.com/DE/WOF/web/images/ Frame BB90 11 KB
11 KB 16ms
16ms Image
image/png 52.149.109.211
Microsoft Corpora...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://offers.karamba.com/DE/WOF/web/images/arrow.png?1488295314104

Requested by

Host: offers.karamba.com
URL: https://offers.karamba.com/DE/WOF/?afi=24724&ar=Streamail&mmi=69810&par=0cb59Rbgioqnerw8HLqi5oreTrMJ3b3&gclid={gclid}&popunder={popunder}

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

52.149.109.211 Amsterdam, Netherlands, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK - Microsoft Corporation, US),

Reverse DNS

Software

Apache /

Resource Hash

83d4520d92fbff2973e1d43107813155435382eb3c2d2aeaecd9b1cb3d1a79ae

Security Headers

Name	Value
Strict-Transport-Security	max-age=16070400; includeSubDomains

Request headers

Sec-Fetch-Mode: no-cors
Referer: https://offers.karamba.com/DE/WOF/web/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/78.0.3904.70 Safari/537.36

Response headers

Date: Sat, 09 Nov 2019 19:33:42 GMT
Last-Modified: Tue, 28 Feb 2017 13:23:24 GMT
Server: Apache
ETag: "2a52-5499719b90b00"
Strict-Transport-Security: max-age=16070400; includeSubDomains
Content-Type: image/png
Cache-Control: max-age=2628000, public
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=96
Content-Length: 10834

GET
H/1.1 200
OK bg.jpg
offers.karamba.com/DE/WOF/web/images/ Frame BB90 34 KB
35 KB 17ms
17ms Image
image/jpeg 52.149.109.211
Microsoft Corpora...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://offers.karamba.com/DE/WOF/web/images/bg.jpg?1488295314104

Requested by

Host: offers.karamba.com
URL: https://offers.karamba.com/DE/WOF/?afi=24724&ar=Streamail&mmi=69810&par=0cb59Rbgioqnerw8HLqi5oreTrMJ3b3&gclid={gclid}&popunder={popunder}

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

52.149.109.211 Amsterdam, Netherlands, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK - Microsoft Corporation, US),

Reverse DNS

Software

Apache /

Resource Hash

70cdae46331bc76af1eb46059f843fac9caaeff425f7601aa4129b366ef5b1f1

Security Headers

Name	Value
Strict-Transport-Security	max-age=16070400; includeSubDomains

Request headers

Sec-Fetch-Mode: no-cors
Referer: https://offers.karamba.com/DE/WOF/web/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/78.0.3904.70 Safari/537.36

Response headers

Date: Sat, 09 Nov 2019 19:33:42 GMT
Last-Modified: Tue, 28 Feb 2017 13:24:00 GMT
Server: Apache
ETag: "899a-549971bde5c00"
Strict-Transport-Security: max-age=16070400; includeSubDomains
Content-Type: image/jpeg
Cache-Control: max-age=2628000, public
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=95
Content-Length: 35226

GET
H/1.1 200
OK Blend.png
offers.karamba.com/DE/WOF/web/images/ Frame BB90 781 B
1 KB 16ms
16ms Image
image/png 52.149.109.211
Microsoft Corpora...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://offers.karamba.com/DE/WOF/web/images/Blend.png?1488295314104

Requested by

Host: offers.karamba.com
URL: https://offers.karamba.com/DE/WOF/?afi=24724&ar=Streamail&mmi=69810&par=0cb59Rbgioqnerw8HLqi5oreTrMJ3b3&gclid={gclid}&popunder={popunder}

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

52.149.109.211 Amsterdam, Netherlands, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK - Microsoft Corporation, US),

Reverse DNS

Software

Apache /

Resource Hash

2cd6b8c8d7dfa19cd5d7ac5a5829e4fc76cbb0427f3525a4ca1974c9b98bd0f6

Security Headers

Name	Value
Strict-Transport-Security	max-age=16070400; includeSubDomains

Request headers

Sec-Fetch-Mode: no-cors
Referer: https://offers.karamba.com/DE/WOF/web/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/78.0.3904.70 Safari/537.36

Response headers

Date: Sat, 09 Nov 2019 19:33:42 GMT
Last-Modified: Tue, 28 Feb 2017 13:23:24 GMT
Server: Apache
ETag: "30d-5499719b90b00"
Strict-Transport-Security: max-age=16070400; includeSubDomains
Content-Type: image/png
Cache-Control: max-age=2628000, public
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=94
Content-Length: 781

GET
H/1.1 200
OK Blend_1.png
offers.karamba.com/DE/WOF/web/images/ Frame BB90 870 B
1 KB 16ms
16ms Image
image/png 52.149.109.211
Microsoft Corpora...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://offers.karamba.com/DE/WOF/web/images/Blend_1.png?1488295314104

Requested by

Host: offers.karamba.com
URL: https://offers.karamba.com/DE/WOF/?afi=24724&ar=Streamail&mmi=69810&par=0cb59Rbgioqnerw8HLqi5oreTrMJ3b3&gclid={gclid}&popunder={popunder}

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

52.149.109.211 Amsterdam, Netherlands, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK - Microsoft Corporation, US),

Reverse DNS

Software

Apache /

Resource Hash

0c2e6e9d78410408e355e337b7831781a21a9bacefa09aa2946dee6b6a3c04a5

Security Headers

Name	Value
Strict-Transport-Security	max-age=16070400; includeSubDomains

Request headers

Sec-Fetch-Mode: no-cors
Referer: https://offers.karamba.com/DE/WOF/web/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/78.0.3904.70 Safari/537.36

Response headers

Date: Sat, 09 Nov 2019 19:33:42 GMT
Last-Modified: Tue, 28 Feb 2017 15:21:51 GMT
Server: Apache
ETag: "366-54998c15541c0"
Strict-Transport-Security: max-age=16070400; includeSubDomains
Content-Type: image/png
Cache-Control: max-age=2628000, public
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=93
Content-Length: 870

GET
H/1.1 200
OK Blend_2.png
offers.karamba.com/DE/WOF/web/images/ Frame BB90 1 KB
1 KB 16ms
16ms Image
image/png 52.149.109.211
Microsoft Corpora...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://offers.karamba.com/DE/WOF/web/images/Blend_2.png?1488295314104

Requested by

Host: offers.karamba.com
URL: https://offers.karamba.com/DE/WOF/?afi=24724&ar=Streamail&mmi=69810&par=0cb59Rbgioqnerw8HLqi5oreTrMJ3b3&gclid={gclid}&popunder={popunder}

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

52.149.109.211 Amsterdam, Netherlands, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK - Microsoft Corporation, US),

Reverse DNS

Software

Apache /

Resource Hash

d9376b45b02f136eb8c38fb2f9b7e2bf073e53109df4cd68869f520e5b625d15

Security Headers

Name	Value
Strict-Transport-Security	max-age=16070400; includeSubDomains

Request headers

Sec-Fetch-Mode: no-cors
Referer: https://offers.karamba.com/DE/WOF/web/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/78.0.3904.70 Safari/537.36

Response headers

Date: Sat, 09 Nov 2019 19:33:42 GMT
Last-Modified: Tue, 28 Feb 2017 15:21:51 GMT
Server: Apache
ETag: "476-54998c15541c0"
Strict-Transport-Security: max-age=16070400; includeSubDomains
Content-Type: image/png
Cache-Control: max-age=2628000, public
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=92
Content-Length: 1142

GET
H/1.1 200
OK body.png
offers.karamba.com/DE/WOF/web/images/ Frame BB90 19 KB
19 KB 16ms
16ms Image
image/png 52.149.109.211
Microsoft Corpora...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://offers.karamba.com/DE/WOF/web/images/body.png?1488295314104

Requested by

Host: offers.karamba.com
URL: https://offers.karamba.com/DE/WOF/?afi=24724&ar=Streamail&mmi=69810&par=0cb59Rbgioqnerw8HLqi5oreTrMJ3b3&gclid={gclid}&popunder={popunder}

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

52.149.109.211 Amsterdam, Netherlands, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK - Microsoft Corporation, US),

Reverse DNS

Software

Apache /

Resource Hash

8c6ecfac87498ae173fed04a427f2cfcdf489f79f0371cb11a8928f41e7e60b1

Security Headers

Name	Value
Strict-Transport-Security	max-age=16070400; includeSubDomains

Request headers

Sec-Fetch-Mode: no-cors
Referer: https://offers.karamba.com/DE/WOF/web/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/78.0.3904.70 Safari/537.36

Response headers

Date: Sat, 09 Nov 2019 19:33:42 GMT
Last-Modified: Tue, 28 Feb 2017 15:21:51 GMT
Server: Apache
ETag: "4aa1-54998c15541c0"
Strict-Transport-Security: max-age=16070400; includeSubDomains
Content-Type: image/png
Cache-Control: max-age=2628000, public
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=91
Content-Length: 19105

GET
H/1.1 200
OK head.png
offers.karamba.com/DE/WOF/web/images/ Frame BB90 6 KB
6 KB 17ms
17ms Image
image/png 52.149.109.211
Microsoft Corpora...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://offers.karamba.com/DE/WOF/web/images/head.png?1488295314104

Requested by

Host: offers.karamba.com
URL: https://offers.karamba.com/DE/WOF/?afi=24724&ar=Streamail&mmi=69810&par=0cb59Rbgioqnerw8HLqi5oreTrMJ3b3&gclid={gclid}&popunder={popunder}

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

52.149.109.211 Amsterdam, Netherlands, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK - Microsoft Corporation, US),

Reverse DNS

Software

Apache /

Resource Hash

827671714d312603b6c89153794750567ad24432c68d59fe7d67111b0cf9dd16

Security Headers

Name	Value
Strict-Transport-Security	max-age=16070400; includeSubDomains

Request headers

Sec-Fetch-Mode: no-cors
Referer: https://offers.karamba.com/DE/WOF/web/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/78.0.3904.70 Safari/537.36

Response headers

Date: Sat, 09 Nov 2019 19:33:42 GMT
Last-Modified: Tue, 28 Feb 2017 13:23:24 GMT
Server: Apache
ETag: "1632-5499719b90b00"
Strict-Transport-Security: max-age=16070400; includeSubDomains
Content-Type: image/png
Cache-Control: max-age=2628000, public
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=90
Content-Length: 5682

GET
H/1.1 200
OK logo.png
offers.karamba.com/DE/WOF/web/images/ Frame BB90 16 KB
17 KB 17ms
17ms Image
image/png 52.149.109.211
Microsoft Corpora...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://offers.karamba.com/DE/WOF/web/images/logo.png?1488295314104

Requested by

Host: offers.karamba.com
URL: https://offers.karamba.com/DE/WOF/?afi=24724&ar=Streamail&mmi=69810&par=0cb59Rbgioqnerw8HLqi5oreTrMJ3b3&gclid={gclid}&popunder={popunder}

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

52.149.109.211 Amsterdam, Netherlands, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK - Microsoft Corporation, US),

Reverse DNS

Software

Apache /

Resource Hash

431ca5bda780e2362b808cfd90990311e003a20ba7a7e11ff74f3e1a60d557df

Security Headers

Name	Value
Strict-Transport-Security	max-age=16070400; includeSubDomains

Request headers

Sec-Fetch-Mode: no-cors
Referer: https://offers.karamba.com/DE/WOF/web/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/78.0.3904.70 Safari/537.36

Response headers

Date: Sat, 09 Nov 2019 19:33:42 GMT
Last-Modified: Tue, 28 Feb 2017 13:23:24 GMT
Server: Apache
ETag: "4141-5499719b90b00"
Strict-Transport-Security: max-age=16070400; includeSubDomains
Content-Type: image/png
Cache-Control: max-age=2628000, public
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=89
Content-Length: 16705

GET
H/1.1 200
OK objects_on_floor.png
offers.karamba.com/DE/WOF/web/images/ Frame BB90 29 KB
29 KB 17ms
16ms Image
image/png 52.149.109.211
Microsoft Corpora...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://offers.karamba.com/DE/WOF/web/images/objects_on_floor.png?1488295314104

Requested by

Host: offers.karamba.com
URL: https://offers.karamba.com/DE/WOF/?afi=24724&ar=Streamail&mmi=69810&par=0cb59Rbgioqnerw8HLqi5oreTrMJ3b3&gclid={gclid}&popunder={popunder}

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

52.149.109.211 Amsterdam, Netherlands, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK - Microsoft Corporation, US),

Reverse DNS

Software

Apache /

Resource Hash

7ad0b26db1e53f1e04c23228880b22e293a3e0ea890a82993cdc34fe498abec9

Security Headers

Name	Value
Strict-Transport-Security	max-age=16070400; includeSubDomains

Request headers

Sec-Fetch-Mode: no-cors
Referer: https://offers.karamba.com/DE/WOF/web/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/78.0.3904.70 Safari/537.36

Response headers

Date: Sat, 09 Nov 2019 19:33:42 GMT
Last-Modified: Tue, 28 Feb 2017 13:23:58 GMT
Server: Apache
ETag: "7207-549971bbfd780"
Strict-Transport-Security: max-age=16070400; includeSubDomains
Content-Type: image/png
Cache-Control: max-age=2628000, public
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=88
Content-Length: 29191

GET
H/1.1 200
OK sign.png
offers.karamba.com/DE/WOF/web/images/ Frame BB90 44 KB
44 KB 17ms
16ms Image
image/png 52.149.109.211
Microsoft Corpora...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://offers.karamba.com/DE/WOF/web/images/sign.png?1488295314104

Requested by

Host: offers.karamba.com
URL: https://offers.karamba.com/DE/WOF/?afi=24724&ar=Streamail&mmi=69810&par=0cb59Rbgioqnerw8HLqi5oreTrMJ3b3&gclid={gclid}&popunder={popunder}

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

52.149.109.211 Amsterdam, Netherlands, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK - Microsoft Corporation, US),

Reverse DNS

Software

Apache /

Resource Hash

5a86af2f2d8cb36e23100e2df06d17800f2cd54b8ef8267fe8a53c14273485e0

Security Headers

Name	Value
Strict-Transport-Security	max-age=16070400; includeSubDomains

Request headers

Sec-Fetch-Mode: no-cors
Referer: https://offers.karamba.com/DE/WOF/web/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/78.0.3904.70 Safari/537.36

Response headers

Date: Sat, 09 Nov 2019 19:33:42 GMT
Last-Modified: Tue, 28 Feb 2017 13:23:58 GMT
Server: Apache
ETag: "b045-549971bbfd780"
Strict-Transport-Security: max-age=16070400; includeSubDomains
Content-Type: image/png
Cache-Control: max-age=2628000, public
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=87
Content-Length: 45125

GET
H/1.1 200
OK stand.png
offers.karamba.com/DE/WOF/web/images/ Frame BB90 8 KB
9 KB 17ms
17ms Image
image/png 52.149.109.211
Microsoft Corpora...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://offers.karamba.com/DE/WOF/web/images/stand.png?1488295314104

Requested by

Host: offers.karamba.com
URL: https://offers.karamba.com/DE/WOF/?afi=24724&ar=Streamail&mmi=69810&par=0cb59Rbgioqnerw8HLqi5oreTrMJ3b3&gclid={gclid}&popunder={popunder}

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

52.149.109.211 Amsterdam, Netherlands, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK - Microsoft Corporation, US),

Reverse DNS

Software

Apache /

Resource Hash

7aac0e539d139745b11bafecc29f1bb9ed777f6bf023eaf8270f422d1263e810

Security Headers

Name	Value
Strict-Transport-Security	max-age=16070400; includeSubDomains

Request headers

Sec-Fetch-Mode: no-cors
Referer: https://offers.karamba.com/DE/WOF/web/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/78.0.3904.70 Safari/537.36

Response headers

Date: Sat, 09 Nov 2019 19:33:42 GMT
Last-Modified: Tue, 28 Feb 2017 13:23:24 GMT
Server: Apache
ETag: "21d3-5499719b90b00"
Strict-Transport-Security: max-age=16070400; includeSubDomains
Content-Type: image/png
Cache-Control: max-age=2628000, public
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=86
Content-Length: 8659

GET
H/1.1 200
OK tie.png
offers.karamba.com/DE/WOF/web/images/ Frame BB90 2 KB
2 KB 16ms
16ms Image
image/png 52.149.109.211
Microsoft Corpora...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://offers.karamba.com/DE/WOF/web/images/tie.png?1488295314104

Requested by

Host: offers.karamba.com
URL: https://offers.karamba.com/DE/WOF/?afi=24724&ar=Streamail&mmi=69810&par=0cb59Rbgioqnerw8HLqi5oreTrMJ3b3&gclid={gclid}&popunder={popunder}

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

52.149.109.211 Amsterdam, Netherlands, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK - Microsoft Corporation, US),

Reverse DNS

Software

Apache /

Resource Hash

b5a7714673ec96931f22857727d23fe1050127b07adcab6372436f8f71bf0b4d

Security Headers

Name	Value
Strict-Transport-Security	max-age=16070400; includeSubDomains

Request headers

Sec-Fetch-Mode: no-cors
Referer: https://offers.karamba.com/DE/WOF/web/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/78.0.3904.70 Safari/537.36

Response headers

Date: Sat, 09 Nov 2019 19:33:42 GMT
Last-Modified: Tue, 28 Feb 2017 13:23:24 GMT
Server: Apache
ETag: "820-5499719b90b00"
Strict-Transport-Security: max-age=16070400; includeSubDomains
Content-Type: image/png
Cache-Control: max-age=2628000, public
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=85
Content-Length: 2080

GET
H/1.1 200
OK Tuki_eye.png
offers.karamba.com/DE/WOF/web/images/ Frame BB90 4 KB
4 KB 16ms
16ms Image
image/png 52.149.109.211
Microsoft Corpora...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://offers.karamba.com/DE/WOF/web/images/Tuki_eye.png?1488295314104

Requested by

Host: offers.karamba.com
URL: https://offers.karamba.com/DE/WOF/?afi=24724&ar=Streamail&mmi=69810&par=0cb59Rbgioqnerw8HLqi5oreTrMJ3b3&gclid={gclid}&popunder={popunder}

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

52.149.109.211 Amsterdam, Netherlands, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK - Microsoft Corporation, US),

Reverse DNS

Software

Apache /

Resource Hash

6db48a7e3e722ab20e21da68fd38f37b1330986e86a82b39768cd205ebd4147e

Security Headers

Name	Value
Strict-Transport-Security	max-age=16070400; includeSubDomains

Request headers

Sec-Fetch-Mode: no-cors
Referer: https://offers.karamba.com/DE/WOF/web/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/78.0.3904.70 Safari/537.36

Response headers

Date: Sat, 09 Nov 2019 19:33:42 GMT
Last-Modified: Tue, 28 Feb 2017 13:23:24 GMT
Server: Apache
ETag: "ff7-5499719b90b00"
Strict-Transport-Security: max-age=16070400; includeSubDomains
Content-Type: image/png
Cache-Control: max-age=2628000, public
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=84
Content-Length: 4087

GET
H/1.1 200
OK wheel01b.png
offers.karamba.com/DE/WOF/web/images/ Frame BB90 94 KB
94 KB 17ms
16ms Image
image/png 52.149.109.211
Microsoft Corpora...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://offers.karamba.com/DE/WOF/web/images/wheel01b.png?1488295314104

Requested by

Host: offers.karamba.com
URL: https://offers.karamba.com/DE/WOF/?afi=24724&ar=Streamail&mmi=69810&par=0cb59Rbgioqnerw8HLqi5oreTrMJ3b3&gclid={gclid}&popunder={popunder}

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

52.149.109.211 Amsterdam, Netherlands, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK - Microsoft Corporation, US),

Reverse DNS

Software

Apache /

Resource Hash

0da162ced65fd0810f239b6304c34b8669aeb694b2cf658393420669477e4e37

Security Headers

Name	Value
Strict-Transport-Security	max-age=16070400; includeSubDomains

Request headers

Sec-Fetch-Mode: no-cors
Referer: https://offers.karamba.com/DE/WOF/web/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/78.0.3904.70 Safari/537.36

Response headers

Date: Sat, 09 Nov 2019 19:33:42 GMT
Last-Modified: Tue, 28 Feb 2017 13:23:58 GMT
Server: Apache
ETag: "176ef-549971bbfd780"
Strict-Transport-Security: max-age=16070400; includeSubDomains
Content-Type: image/png
Cache-Control: max-age=2628000, public
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=83
Content-Length: 95983

GET
H/1.1 200
OK wheel01c.png
offers.karamba.com/DE/WOF/web/images/ Frame BB90 114 KB
115 KB 17ms
17ms Image
image/png 52.149.109.211
Microsoft Corpora...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://offers.karamba.com/DE/WOF/web/images/wheel01c.png?1488295314104

Requested by

Host: offers.karamba.com
URL: https://offers.karamba.com/DE/WOF/?afi=24724&ar=Streamail&mmi=69810&par=0cb59Rbgioqnerw8HLqi5oreTrMJ3b3&gclid={gclid}&popunder={popunder}

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

52.149.109.211 Amsterdam, Netherlands, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK - Microsoft Corporation, US),

Reverse DNS

Software

Apache /

Resource Hash

bd61fdf2e24ec2702cc728d390cc3bed0e4193c1d7458136d2027b669da42787

Security Headers

Name	Value
Strict-Transport-Security	max-age=16070400; includeSubDomains

Request headers

Sec-Fetch-Mode: no-cors
Referer: https://offers.karamba.com/DE/WOF/web/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/78.0.3904.70 Safari/537.36

Response headers

Date: Sat, 09 Nov 2019 19:33:43 GMT
Last-Modified: Tue, 28 Feb 2017 13:23:58 GMT
Server: Apache
ETag: "1c924-549971bbfd780"
Strict-Transport-Security: max-age=16070400; includeSubDomains
Content-Type: image/png
Cache-Control: max-age=2628000, public
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=82
Content-Length: 117028

GET
H/1.1 200
OK wheel02.png
offers.karamba.com/DE/WOF/web/images/ Frame BB90 30 KB
31 KB 17ms
16ms Image
image/png 52.149.109.211
Microsoft Corpora...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://offers.karamba.com/DE/WOF/web/images/wheel02.png?1488295314104

Requested by

Host: offers.karamba.com
URL: https://offers.karamba.com/DE/WOF/?afi=24724&ar=Streamail&mmi=69810&par=0cb59Rbgioqnerw8HLqi5oreTrMJ3b3&gclid={gclid}&popunder={popunder}

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

52.149.109.211 Amsterdam, Netherlands, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK - Microsoft Corporation, US),

Reverse DNS

Software

Apache /

Resource Hash

179fe18ce17d7ecb77748cd260890b0f137391efd0f072dd2bed21c7c961f2b7

Security Headers

Name	Value
Strict-Transport-Security	max-age=16070400; includeSubDomains

Request headers

Sec-Fetch-Mode: no-cors
Referer: https://offers.karamba.com/DE/WOF/web/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/78.0.3904.70 Safari/537.36

Response headers

Date: Sat, 09 Nov 2019 19:33:43 GMT
Last-Modified: Tue, 28 Feb 2017 13:23:58 GMT
Server: Apache
ETag: "797f-549971bbfd780"
Strict-Transport-Security: max-age=16070400; includeSubDomains
Content-Type: image/png
Cache-Control: max-age=2628000, public
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=81
Content-Length: 31103

GET
H/1.1 200
OK wingA01.png
offers.karamba.com/DE/WOF/web/images/ Frame BB90 11 KB
12 KB 16ms
16ms Image
image/png 52.149.109.211
Microsoft Corpora...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://offers.karamba.com/DE/WOF/web/images/wingA01.png?1488295314104

Requested by

Host: offers.karamba.com
URL: https://offers.karamba.com/DE/WOF/?afi=24724&ar=Streamail&mmi=69810&par=0cb59Rbgioqnerw8HLqi5oreTrMJ3b3&gclid={gclid}&popunder={popunder}

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

52.149.109.211 Amsterdam, Netherlands, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK - Microsoft Corporation, US),

Reverse DNS

Software

Apache /

Resource Hash

fd2a62befd428b1822fbab18d8eae1fafe71d4aa611a3b4f0c35ea5020e62b31

Security Headers

Name	Value
Strict-Transport-Security	max-age=16070400; includeSubDomains

Request headers

Sec-Fetch-Mode: no-cors
Referer: https://offers.karamba.com/DE/WOF/web/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/78.0.3904.70 Safari/537.36

Response headers

Date: Sat, 09 Nov 2019 19:33:43 GMT
Last-Modified: Tue, 28 Feb 2017 13:23:24 GMT
Server: Apache
ETag: "2c9f-5499719b90b00"
Strict-Transport-Security: max-age=16070400; includeSubDomains
Content-Type: image/png
Cache-Control: max-age=2628000, public
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=80
Content-Length: 11423

GET
H/1.1 200
OK wingA02.png
offers.karamba.com/DE/WOF/web/images/ Frame BB90 2 KB
2 KB 16ms
16ms Image
image/png 52.149.109.211
Microsoft Corpora...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://offers.karamba.com/DE/WOF/web/images/wingA02.png?1488295314104

Requested by

Host: offers.karamba.com
URL: https://offers.karamba.com/DE/WOF/?afi=24724&ar=Streamail&mmi=69810&par=0cb59Rbgioqnerw8HLqi5oreTrMJ3b3&gclid={gclid}&popunder={popunder}

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

52.149.109.211 Amsterdam, Netherlands, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK - Microsoft Corporation, US),

Reverse DNS

Software

Apache /

Resource Hash

cc6fcf009f8c185df538fefdf84355a5787b6c97e085b368fdff2754973aa354

Security Headers

Name	Value
Strict-Transport-Security	max-age=16070400; includeSubDomains

Request headers

Sec-Fetch-Mode: no-cors
Referer: https://offers.karamba.com/DE/WOF/web/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/78.0.3904.70 Safari/537.36

Response headers

Date: Sat, 09 Nov 2019 19:33:43 GMT
Last-Modified: Tue, 28 Feb 2017 13:23:24 GMT
Server: Apache
ETag: "83e-5499719b90b00"
Strict-Transport-Security: max-age=16070400; includeSubDomains
Content-Type: image/png
Cache-Control: max-age=2628000, public
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=79
Content-Length: 2110

GET
H/1.1 200
OK wingA03.png
offers.karamba.com/DE/WOF/web/images/ Frame BB90 4 KB
4 KB 16ms
16ms Image
image/png 52.149.109.211
Microsoft Corpora...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://offers.karamba.com/DE/WOF/web/images/wingA03.png?1488295314104

Requested by

Host: offers.karamba.com
URL: https://offers.karamba.com/DE/WOF/?afi=24724&ar=Streamail&mmi=69810&par=0cb59Rbgioqnerw8HLqi5oreTrMJ3b3&gclid={gclid}&popunder={popunder}

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

52.149.109.211 Amsterdam, Netherlands, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK - Microsoft Corporation, US),

Reverse DNS

Software

Apache /

Resource Hash

2368fa2c4d0a03eeaf54ec1222d45e8cf4ff333c58ba6857edbb7bbc490f2add

Security Headers

Name	Value
Strict-Transport-Security	max-age=16070400; includeSubDomains

Request headers

Sec-Fetch-Mode: no-cors
Referer: https://offers.karamba.com/DE/WOF/web/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/78.0.3904.70 Safari/537.36

Response headers

Date: Sat, 09 Nov 2019 19:33:43 GMT
Last-Modified: Tue, 28 Feb 2017 13:23:24 GMT
Server: Apache
ETag: "103d-5499719b90b00"
Strict-Transport-Security: max-age=16070400; includeSubDomains
Content-Type: image/png
Cache-Control: max-age=2628000, public
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=78
Content-Length: 4157

GET
H/1.1 200
OK wingB01.png
offers.karamba.com/DE/WOF/web/images/ Frame BB90 9 KB
10 KB 16ms
16ms Image
image/png 52.149.109.211
Microsoft Corpora...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://offers.karamba.com/DE/WOF/web/images/wingB01.png?1488295314104

Requested by

Host: offers.karamba.com
URL: https://offers.karamba.com/DE/WOF/?afi=24724&ar=Streamail&mmi=69810&par=0cb59Rbgioqnerw8HLqi5oreTrMJ3b3&gclid={gclid}&popunder={popunder}

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

52.149.109.211 Amsterdam, Netherlands, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK - Microsoft Corporation, US),

Reverse DNS

Software

Apache /

Resource Hash

783b03f409581785b3d374d7d5c5c25ac322216ca6a4f0ca1192faac676c1f38

Security Headers

Name	Value
Strict-Transport-Security	max-age=16070400; includeSubDomains

Request headers

Sec-Fetch-Mode: no-cors
Referer: https://offers.karamba.com/DE/WOF/web/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/78.0.3904.70 Safari/537.36

Response headers

Date: Sat, 09 Nov 2019 19:33:43 GMT
Last-Modified: Tue, 28 Feb 2017 13:24:00 GMT
Server: Apache
ETag: "25fb-549971bde5c00"
Strict-Transport-Security: max-age=16070400; includeSubDomains
Content-Type: image/png
Cache-Control: max-age=2628000, public
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=77
Content-Length: 9723

GET
H/1.1 200
OK wingB02.png
offers.karamba.com/DE/WOF/web/images/ Frame BB90 8 KB
8 KB 17ms
17ms Image
image/png 52.149.109.211
Microsoft Corpora...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://offers.karamba.com/DE/WOF/web/images/wingB02.png?1488295314104

Requested by

Host: offers.karamba.com
URL: https://offers.karamba.com/DE/WOF/?afi=24724&ar=Streamail&mmi=69810&par=0cb59Rbgioqnerw8HLqi5oreTrMJ3b3&gclid={gclid}&popunder={popunder}

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

52.149.109.211 Amsterdam, Netherlands, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK - Microsoft Corporation, US),

Reverse DNS

Software

Apache /

Resource Hash

164aba6646e781222a05a15092f7ce4565a54dbe48ca1558b503912e08335ba3

Security Headers

Name	Value
Strict-Transport-Security	max-age=16070400; includeSubDomains

Request headers

Sec-Fetch-Mode: no-cors
Referer: https://offers.karamba.com/DE/WOF/web/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/78.0.3904.70 Safari/537.36

Response headers

Date: Sat, 09 Nov 2019 19:33:43 GMT
Last-Modified: Tue, 28 Feb 2017 13:23:24 GMT
Server: Apache
ETag: "1f41-5499719b90b00"
Strict-Transport-Security: max-age=16070400; includeSubDomains
Content-Type: image/png
Cache-Control: max-age=2628000, public
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=76
Content-Length: 8001

GET
H/1.1 200
OK img.gif
my.rtmark.net/ 43 B
684 B 23ms
23ms Image
image/gif 188.42.160.59
WEBZILLA

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://my.rtmark.net/img.gif?f=sync&partner=58b5af2832492d653535743c972fdbcbc5f76b0521ea0ed7cd26145bec21e330&ttl=&rurl=http://traffic.focuusing.com/process?afi=24724&ar=Streamail&campaign=671539&destination=1424391&tid=0cb59Rbgioqnerw8HLqi5oreTrMJ3b3&traffic_source=297881&crfn=t10cb59Rbgioqnerw8HLqi5oreTrMJ3b3

Requested by

Host: offers.karamba.com
URL: https://offers.karamba.com/DE/WOF/?afi=24724&ar=Streamail&mmi=69810&par=0cb59Rbgioqnerw8HLqi5oreTrMJ3b3&gclid={gclid}&popunder={popunder}

Protocol

HTTP/1.1

Security

TLS 1.2, RSA, AES_128_CBC

Server

188.42.160.59 Amsterdam, Netherlands, ASN35415 (WEBZILLA, NL),

Reverse DNS

Software

nginx /

Resource Hash

4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Security Headers

Name	Value
Strict-Transport-Security	max-age=1
X-Content-Type-Options	nosniff

Request headers

Sec-Fetch-Mode: no-cors
Referer: https://offers.karamba.com/DE/WOF/?afi=24724&ar=Streamail&mmi=69810&par=0cb59Rbgioqnerw8HLqi5oreTrMJ3b3&gclid={gclid}&popunder={popunder}
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/78.0.3904.70 Safari/537.36

Response headers

Date: Sat, 09 Nov 2019 19:33:43 GMT
X-Content-Type-Options: nosniff
Server: nginx
Strict-Transport-Security: max-age=1
Access-Control-Allow-Methods: POST, GET, OPTIONS, PUT, DELETE
Content-Type: image/gif
Access-Control-Allow-Origin: *
Access-Control-Expose-Headers: Authorization
Access-Control-Allow-Credentials: true
Connection: keep-alive
Timing-Allow-Origin: *, *
Access-Control-Allow-Headers: Accept, Content-Type, Content-Length, Accept-Encoding, Authorization,X-CSRF-Token
Content-Length: 43

GET
H2 200 collect
www.google-analytics.com/ 35 B
108 B 6ms
5ms Image
image/gif 2a00:1450:4001:808::200e
Google LLC

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google-analytics.com/collect?v=1&_v=j79&a=135533501&t=adtiming&_s=2&dl=https%3A%2F%2Foffers.karamba.com%2FDE%2FWOF%2F%3Fafi%3D24724%26ar%3DStreamail%26mmi%3D69810%26par%3D0cb59Rbgioqnerw8HLqi5oreTrMJ3b3%26gclid%3D%7Bgclid%7D%26popunder%3D%7Bpopunder%7D&dr=http%3A%2F%2Ftraffic.focuusing.com%2Fprocess%3Fafi%3D24724%26ar%3DStreamail%26campaign%3D671539%26destination%3D1424391%26tid%3D0cb59Rbgioqnerw8HLqi5oreTrMJ3b3%26traffic_source%3D297881%26crfn%3Dt10cb59Rbgioqnerw8HLqi5oreTrMJ3b3&ul=en-us&de=UTF-8&dt=Karamba.com&sd=24-bit&sr=1600x1200&vp=1585x1200&je=0&plt=1432&pdt=3&dns=48&rrt=3&srt=22&tcp=63&dit=253&clt=253&_gst=363&_gbt=373&_cst=207&_cbt=356&_u=aGDAgAADQAAAg~&jid=&gjid=&cid=850967668.1573328023&tid=UA-85966793-1&_gid=1691157007.1573328023&gtm=2wgav35SR6C87&cd1=24724&cd2=Streamail&cd3=0cb59Rbgioqnerw8HLqi5oreTrMJ3b3&cd4=%7Bgclid%7D&cd5=69810&cd8=%7Bpopunder%7D&z=1679673745

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:808::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE - Google LLC, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Sec-Fetch-Mode: no-cors
Referer: https://offers.karamba.com/DE/WOF/?afi=24724&ar=Streamail&mmi=69810&par=0cb59Rbgioqnerw8HLqi5oreTrMJ3b3&gclid={gclid}&popunder={popunder}
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/78.0.3904.70 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 01 Nov 2019 15:09:48 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
age: 707035
status: 200
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate
alt-svc: quic=":443"; ma=2592000; v="46,43",h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length: 35
expires: Mon, 01 Jan 1990 00:00:00 GMT

POST
H/1.1 200
OK cors Show response
data.ad-score.com/data/ 1 B
274 B 110ms
110ms XHR
text/plain 130.211.115.4
Google LLC

General

Check archive.org

Show headers Download Go to

Full URL: https://data.ad-score.com/data/cors?pm_st=dtxoZtvfnpansEmeEfLUcwqSLthmBeBp-EU7fOsp5aVbrKDwb2nLOGk3FPA==-E0/GP89vblLqNQ==&pm_ct=1590afb93d08ebd4e4f9e2c9&pm_pl=1573328022449&pm_td=1304&pid=1000211&en=1&callback=__pm_glbl_SjOMyiBJcpIZkfnzyz1SWBBE._gc3&tt=g&v=60078d9
Requested by: Host: js.ad-score.com
URL: https://js.ad-score.com/score.min.js?pid=1000211
Protocol: HTTP/1.1
Security: TLS 1.2, RSA, AES_128_GCM
Server: 130.211.115.4 Mountain View, United States, ASN15169 (GOOGLE - Google LLC, US),
Reverse DNS: 4.115.211.130.bc.googleusercontent.com
Software: /
Resource Hash: 5feceb66ffc86f38d952786c6d696c79c2dbc239dd4e91b46729d73a27fb57e9

Request headers

Sec-Fetch-Mode: cors
Referer: https://offers.karamba.com/DE/WOF/?afi=24724&ar=Streamail&mmi=69810&par=0cb59Rbgioqnerw8HLqi5oreTrMJ3b3&gclid={gclid}&popunder={popunder}
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/78.0.3904.70 Safari/537.36
Content-Type: text/plain

Response headers

Access-Control-Allow-Origin: https://offers.karamba.com
Date: Sat, 09 Nov 2019 19:33:43 GMT
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Length: 1
Access-Control-Allow-Methods: POST
Content-Type: text/plain; charset=utf-8

GET
H2 200 /
www.facebook.com/tr/ 44 B
146 B 6ms
6ms Image
image/gif 2a03:2880:f11c:8183:face:b00c:0:25de
Facebook

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.facebook.com/tr/?id=241981442639943&ev=Microdata&dl=https%3A%2F%2Foffers.karamba.com%2FDE%2FWOF%2F%3Fafi%3D24724%26ar%3DStreamail%26mmi%3D69810%26par%3D0cb59Rbgioqnerw8HLqi5oreTrMJ3b3%26gclid%3D%7Bgclid%7D%26popunder%3D%7Bpopunder%7D&rl=http%3A%2F%2Ftraffic.focuusing.com%2Fprocess%3Fafi%3D24724%26ar%3DStreamail%26campaign%3D671539%26destination%3D1424391%26tid%3D0cb59Rbgioqnerw8HLqi5oreTrMJ3b3%26traffic_source%3D297881%26crfn%3Dt10cb59Rbgioqnerw8HLqi5oreTrMJ3b3&if=false&ts=1573328024128&cd[DataLayer]=%5B%5D&cd[Meta]=%7B%22title%22%3A%22Karamba.com%22%7D&cd[OpenGraph]=%7B%7D&cd[Schema.org]=%5B%5D&cd[JSON-LD]=%5B%5D&sw=1600&sh=1200&v=2.9.11&r=stable&ec=1&o=30&fbp=fb.1.1573328022624.1884413696&it=1573328022595&coo=false&es=automatic&tm=3&rqm=GET

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f11c:8183:face:b00c:0:25de , Ireland, ASN32934 (FACEBOOK - Facebook, Inc., US),

Reverse DNS

Software

proxygen-bolt /

Resource Hash

10d8d42d73a02ddb877101e72fbfa15a0ec820224d97cedee4cf92d571be5caa

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Sec-Fetch-Mode: no-cors
Referer: https://offers.karamba.com/DE/WOF/?afi=24724&ar=Streamail&mmi=69810&par=0cb59Rbgioqnerw8HLqi5oreTrMJ3b3&gclid={gclid}&popunder={popunder}
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/78.0.3904.70 Safari/537.36

Response headers

date: Sat, 09 Nov 2019 19:33:44 GMT
last-modified: Fri, 21 Dec 2012 00:00:01 GMT
server: proxygen-bolt
strict-transport-security: max-age=31536000; includeSubDomains
content-type: image/gif
status: 200
cache-control: no-cache, must-revalidate, max-age=0
alt-svc: h3-23=":443"; ma=3600
content-length: 44
expires: Sat, 09 Nov 2019 19:33:44 GMT

GET
H2 200 /
www.facebook.com/tr/ 44 B
100 B 7ms
7ms Image
image/gif 2a03:2880:f11c:8183:face:b00c:0:25de
Facebook

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.facebook.com/tr/?id=983591508385850&ev=Microdata&dl=https%3A%2F%2Foffers.karamba.com%2FDE%2FWOF%2F%3Fafi%3D24724%26ar%3DStreamail%26mmi%3D69810%26par%3D0cb59Rbgioqnerw8HLqi5oreTrMJ3b3%26gclid%3D%7Bgclid%7D%26popunder%3D%7Bpopunder%7D&rl=http%3A%2F%2Ftraffic.focuusing.com%2Fprocess%3Fafi%3D24724%26ar%3DStreamail%26campaign%3D671539%26destination%3D1424391%26tid%3D0cb59Rbgioqnerw8HLqi5oreTrMJ3b3%26traffic_source%3D297881%26crfn%3Dt10cb59Rbgioqnerw8HLqi5oreTrMJ3b3&if=false&ts=1573328024171&cd[DataLayer]=%5B%5D&cd[Meta]=%7B%22title%22%3A%22Karamba.com%22%7D&cd[OpenGraph]=%7B%7D&cd[Schema.org]=%5B%5D&cd[JSON-LD]=%5B%5D&sw=1600&sh=1200&v=2.9.11&r=stable&ec=1&o=30&fbp=fb.1.1573328022624.1884413696&it=1573328022595&coo=false&es=automatic&tm=3&rqm=GET

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f11c:8183:face:b00c:0:25de , Ireland, ASN32934 (FACEBOOK - Facebook, Inc., US),

Reverse DNS

Software

proxygen-bolt /

Resource Hash

10d8d42d73a02ddb877101e72fbfa15a0ec820224d97cedee4cf92d571be5caa

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Sec-Fetch-Mode: no-cors
Referer: https://offers.karamba.com/DE/WOF/?afi=24724&ar=Streamail&mmi=69810&par=0cb59Rbgioqnerw8HLqi5oreTrMJ3b3&gclid={gclid}&popunder={popunder}
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/78.0.3904.70 Safari/537.36

Response headers

date: Sat, 09 Nov 2019 19:33:44 GMT
last-modified: Fri, 21 Dec 2012 00:00:01 GMT
server: proxygen-bolt
strict-transport-security: max-age=31536000; includeSubDomains
content-type: image/gif
status: 200
cache-control: no-cache, must-revalidate, max-age=0
alt-svc: h3-23=":443"; ma=3600
content-length: 44
expires: Sat, 09 Nov 2019 19:33:44 GMT

POST
H/1.1 200
OK cors Show response
data.ad-score.com/data/ 1 B
274 B 110ms
110ms XHR
text/plain 130.211.115.4
Google LLC

General

Check archive.org

Show headers Download Go to

Full URL: https://data.ad-score.com/data/cors?pm_st=dtxoZtvfnpansEmeEfLUcwqSLthmBeBp-EU7fOsp5aVbrKDwb2nLOGk3FPA==-E0/GP89vblLqNQ==&pm_ct=1590afb93d08ebd4e4f9e2c9&pm_pl=1573328022449&pm_td=2089&pid=1000211&en=1&callback=__pm_glbl_SjOMyiBJcpIZkfnzyz1SWBBE._gc4&tt=g&v=60078d9
Requested by: Host: js.ad-score.com
URL: https://js.ad-score.com/score.min.js?pid=1000211
Protocol: HTTP/1.1
Security: TLS 1.2, RSA, AES_128_GCM
Server: 130.211.115.4 Mountain View, United States, ASN15169 (GOOGLE - Google LLC, US),
Reverse DNS: 4.115.211.130.bc.googleusercontent.com
Software: /
Resource Hash: 5feceb66ffc86f38d952786c6d696c79c2dbc239dd4e91b46729d73a27fb57e9

Request headers

Sec-Fetch-Mode: cors
Referer: https://offers.karamba.com/DE/WOF/?afi=24724&ar=Streamail&mmi=69810&par=0cb59Rbgioqnerw8HLqi5oreTrMJ3b3&gclid={gclid}&popunder={popunder}
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/78.0.3904.70 Safari/537.36
Content-Type: text/plain

Response headers

Access-Control-Allow-Origin: https://offers.karamba.com
Date: Sat, 09 Nov 2019 19:33:44 GMT
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Length: 1
Access-Control-Allow-Methods: POST
Content-Type: text/plain; charset=utf-8

POST
H/1.1 200
OK cors Show response
data.ad-score.com/data/ 1 B
274 B 111ms
110ms XHR
text/plain 130.211.115.4
Google LLC

General

Check archive.org

Show headers Download Go to

Full URL: https://data.ad-score.com/data/cors?pm_st=dtxoZtvfnpansEmeEfLUcwqSLthmBeBp-EU7fOsp5aVbrKDwb2nLOGk3FPA==-E0/GP89vblLqNQ==&pm_ct=1590afb93d08ebd4e4f9e2c9&pm_pl=1573328022449&pm_td=2400&pid=1000211&en=1&callback=__pm_glbl_SjOMyiBJcpIZkfnzyz1SWBBE._gc5&tt=g&v=60078d9
Requested by: Host: js.ad-score.com
URL: https://js.ad-score.com/score.min.js?pid=1000211
Protocol: HTTP/1.1
Security: TLS 1.2, RSA, AES_128_GCM
Server: 130.211.115.4 Mountain View, United States, ASN15169 (GOOGLE - Google LLC, US),
Reverse DNS: 4.115.211.130.bc.googleusercontent.com
Software: /
Resource Hash: 5feceb66ffc86f38d952786c6d696c79c2dbc239dd4e91b46729d73a27fb57e9

Request headers

Sec-Fetch-Mode: cors
Referer: https://offers.karamba.com/DE/WOF/?afi=24724&ar=Streamail&mmi=69810&par=0cb59Rbgioqnerw8HLqi5oreTrMJ3b3&gclid={gclid}&popunder={popunder}
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/78.0.3904.70 Safari/537.36
Content-Type: text/plain

Response headers

Access-Control-Allow-Origin: https://offers.karamba.com
Date: Sat, 09 Nov 2019 19:33:44 GMT
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Length: 1
Access-Control-Allow-Methods: POST
Content-Type: text/plain; charset=utf-8

Verdicts & Comments Add Verdict or Comment

32 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

37 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
.info.karamba.com/	1969-12-31 23:59:59	Name: CSITemp Value: 27
.info.karamba.com/	1970-01-20 07:20:22	Name: RegistrationMode Value: M
.info.karamba.com/	1970-01-26 12:21:20	Name: CSI_27 Value: EncryptedUniqueVisitorID=0B4513D0EBF44A318CFF76C884FF91E4&AffiliateID=24724&MarketingMaterialID=69810&LastUpdate=2019-11-09&AlternateReference=Streamail&PlayerAlternateReference=0cb59Rbgioqnerw8HLqi5oreTrMJ3b3&gclid={gclid}&LandingPageReference=FairyTale_HTML5&GameVerticalID=246
.karamba.com/	1970-01-19 07:14:36	Name: gclid Value: {gclid}
.karamba.com/	1970-01-19 07:14:36	Name: PlayerAlternateReference Value: 0cb59Rbgioqnerw8HLqi5oreTrMJ3b3
.karamba.com/	1970-01-19 07:14:36	Name: UniqueVisitorID Value: 0B4513D0EBF44A318CFF76C884FF91E4
.karamba.com/	1970-01-19 07:14:36	Name: AffiliateID Value: 24724
.karamba.com/	1970-01-19 07:14:36	Name: GameVerticalID Value: 246
.karamba.com/	1970-01-19 05:45:20	Name: lng Value: ENG
.karamba.com/	1970-01-19 05:03:34	Name: AB Value: A
.info.karamba.com/	1970-01-20 07:20:22	Name: LanguageCode Value: ENG
.karamba.com/	1970-01-19 07:14:36	Name: AlternateReference Value: Streamail
.karamba.com/	1970-01-19 13:47:44	Name: visits Value: 1
.karamba.com/	1970-01-19 05:45:20	Name: par Value: 0cb59Rbgioqnerw8HLqi5oreTrMJ3b3
.karamba.com/	1970-01-19 05:45:20	Name: ar Value: Streamail
.karamba.com/	1970-01-19 14:31:32	Name: cto_lwid Value: 24317280-a396-4d74-855b-df526325171e
.karamba.com/	1970-01-19 07:11:44	Name: _fbp Value: fb.1.1573328022624.1884413696
.karamba.com/	1970-01-19 13:47:44	Name: lastvisit Value: 2019-11-09
.offers.karamba.com/	1970-01-19 05:02:08	Name: _dc_gtm_UA-85966793-1 Value: 1
offers.karamba.com/	1970-01-19 05:45:20	Name: ar Value: Streamail
.info.karamba.com/	1970-01-20 07:20:22	Name: CountryCode Value: DE
.offers.karamba.com/	1970-01-19 05:03:34	Name: _gid Value: GA1.3.1691157007.1573328023
.info.karamba.com/	1970-01-20 07:20:22	Name: BO Value:
.karamba.com/	1970-01-19 05:45:20	Name: l Value: en
.karamba.com/	1970-01-19 05:45:20	Name: mmi Value: 69810
.offers.karamba.com/	1970-01-19 22:33:20	Name: _ga Value: GA1.3.850967668.1573328023
offers.karamba.com/	1970-01-19 05:45:20	Name: afi Value: 24724
.karamba.com/	1970-01-19 07:11:44	Name: _gcl_au Value: 1.1.1369254404.1573328023
.offers.karamba.com/	1970-01-19 07:11:44	Name: _gac_UA-85966793-1 Value: 1.1573328023.%7Bgclid%7D
.karamba.com/	1970-01-19 05:45:20	Name: lpr Value: FairyTale_HTML5
offers.karamba.com/	1970-01-19 05:45:20	Name: popunder Value: %7Bpopunder%7D
offers.karamba.com/	1970-01-19 05:45:20	Name: gclid Value: %7Bgclid%7D
info.karamba.com/	1969-12-31 23:59:59	Name: ASP.NET_SessionId Value: nmkyptg4amc1mzdqwp1aimi0
offers.karamba.com/	1970-01-19 05:45:20	Name: par Value: 0cb59Rbgioqnerw8HLqi5oreTrMJ3b3
.karamba.com/	1970-01-19 07:14:36	Name: MarketingMaterialID Value: 69810
.karamba.com/	1970-01-19 05:45:20	Name: afi Value: 24724
offers.karamba.com/	1970-01-19 05:45:20	Name: mmi Value: 69810

3 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
console-api	log	URL: https://js.ad-score.com/score.min.js?pid=1000211(Line 179) Message: [object Text]
console-api	debug	URL: https://js.ad-score.com/score.min.js?pid=1000211(Line 154) Message:
console-api	error	URL: https://61676801.adoric-om.com/adoric.js(Line 1) Message: _Adoric_error: TypeError: Cannot read property 'setItem' of null

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

61676801.adoric-om.com
ajax.googleapis.com
connect.facebook.net
cx.atdmt.com
data.ad-score.com
download.gamesrv1.com
info.karamba.com
js.ad-score.com
karamba.com
lot.neatpowr.com
my.rtmark.net
offers.karamba.com
sky.arietut.com
sslwidget.criteo.com
static.criteo.net
stats.g.doubleclick.net
traffic.focuusing.com
www.facebook.com
www.google-analytics.com
www.google.com
www.google.de
www.googletagmanager.com
www.karamba.com
13.225.78.19
130.211.115.4
178.250.2.130
178.250.2.151
188.42.160.59
217.116.16.234
217.116.16.235
2a00:1450:4001:800::2004
2a00:1450:4001:806::2008
2a00:1450:4001:808::200e
2a00:1450:4001:815::200a
2a00:1450:4001:825::2003
2a00:1450:400c:c00::9d
2a03:2880:f01c:8004:face:b00c:0:8c
2a03:2880:f01c:8012:face:b00c:0:3
2a03:2880:f11c:8183:face:b00c:0:25de
35.190.71.1
52.149.109.211
52.156.199.171
52.211.107.45
93.184.221.168
95.129.34.40
08f46166ba8f17f10bcf12e4cb5307eee649495f36b4561aa86ae2fde668f99f
0c2e6e9d78410408e355e337b7831781a21a9bacefa09aa2946dee6b6a3c04a5
0da162ced65fd0810f239b6304c34b8669aeb694b2cf658393420669477e4e37
10d8d42d73a02ddb877101e72fbfa15a0ec820224d97cedee4cf92d571be5caa
164aba6646e781222a05a15092f7ce4565a54dbe48ca1558b503912e08335ba3
179fe18ce17d7ecb77748cd260890b0f137391efd0f072dd2bed21c7c961f2b7
195829cbeb40c3a422f7dc77d3b5dc78264af766cb7ceec05147582342d10fe1
1f4cd40e8e6857e73e5d15ef53dc412e64f55e4bb4936940d886addbfa5b36e2
2368fa2c4d0a03eeaf54ec1222d45e8cf4ff333c58ba6857edbb7bbc490f2add
26c463f221350832ee1d416fede04dd1c8b3e31c112e3b859b2ad216e1415bbf
2912da39aaeffb55fdc3bcc6c213c4f35c57ee68c1491deee529e6993d44ce62
2a4fdc15a8b5d73c8d1f87a888e262e3af567d72549196ca3ada51384c9394d5
2cd6b8c8d7dfa19cd5d7ac5a5829e4fc76cbb0427f3525a4ca1974c9b98bd0f6
431ca5bda780e2362b808cfd90990311e003a20ba7a7e11ff74f3e1a60d557df
460bd0925e633c0103f69cc7c68cc8bfce39415cec3750cdc787aaad13d03b40
4d20b9777d27466f6c68fb3391ffc32a9aebf53fe76ddb7edd0f01ea4e95c8ed
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49
575c82f23dbb9285df2f62c7c8121c65d89e8137713110a149067d695975215e
5a86af2f2d8cb36e23100e2df06d17800f2cd54b8ef8267fe8a53c14273485e0
5e89733d8a8e055100cda68bf7a712ab0e1b24fefee7e39792b47cb5ff7c3cb1
5feceb66ffc86f38d952786c6d696c79c2dbc239dd4e91b46729d73a27fb57e9
6181bd34356de81084d8a88658da6b14412e826df08b8e77a546ca6aefbdc974
6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992
6d8ba81d1b60a18707722a1f2b62dad48a6acced95a1933f49a68b5016620b93
6db48a7e3e722ab20e21da68fd38f37b1330986e86a82b39768cd205ebd4147e
6f5d4cac8781d9a91ffeb369838d3323ae1bfa89cc0eeff859961becdc93b34f
70cdae46331bc76af1eb46059f843fac9caaeff425f7601aa4129b366ef5b1f1
783b03f409581785b3d374d7d5c5c25ac322216ca6a4f0ca1192faac676c1f38
7aac0e539d139745b11bafecc29f1bb9ed777f6bf023eaf8270f422d1263e810
7ad0b26db1e53f1e04c23228880b22e293a3e0ea890a82993cdc34fe498abec9
827671714d312603b6c89153794750567ad24432c68d59fe7d67111b0cf9dd16
8289d6128fdf7efb2907ca86935b29d65532572e22c20a46682d0db6f89a946c
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
83d4520d92fbff2973e1d43107813155435382eb3c2d2aeaecd9b1cb3d1a79ae
8ab3ae2e593e994f776fdca1ce479700dbae6d4f0b924d6f184b2e9f47fea46e
8c01768d4be8ac6d88038cc5d46423be5d199c87c4d1f07cecd03beded7f894d
8c6ecfac87498ae173fed04a427f2cfcdf489f79f0371cb11a8928f41e7e60b1
981be39924f4c8320f4daa8b8cdd7468455e46a30bd0cfef24ba5c74c2a6b12d
ae0d66c1d696b11a6a2cea26f793f0d358f1d656e723b4326e59dcd8799a4c8d
b5a7714673ec96931f22857727d23fe1050127b07adcab6372436f8f71bf0b4d
b80d2b5d47d2675ffb6000e9f66266536e3050e481a61d2a2548b2da0bd32b75
bd61fdf2e24ec2702cc728d390cc3bed0e4193c1d7458136d2027b669da42787
beae8937f5cacc87cf9f7483da9fe0daa92f313eadfd8f8aeff3f13479a1e8cb
c12f6098e641aaca96c60215800f18f5671039aecf812217fab3c0d152f6adb4
cc6fcf009f8c185df538fefdf84355a5787b6c97e085b368fdff2754973aa354
d2ec07a6e77bc3abc56f801e141e9889c018ca8e96dfbe4042f49378699ee85f
d9376b45b02f136eb8c38fb2f9b7e2bf073e53109df4cd68869f520e5b625d15
dbb67c620eaabf6679a314db18d3ae43037aef71ab27422e6feec08ee987cc0a
e1f4a164109388d83c80a86549c11abc25ad12fb275da0db08c626dc663144c1
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
ef4dcf580edd2544b65910415915345927d3173fd1261b6595c7c8bb043394d8
f036e6363c2d4733ca5f53e4629df49c2d2c7e41e963af93872b6b5e89b97ab1
fb71cfd6210f075b6355aeba90544b8e839c0c6e27b6df34bad1478813698af4
fd2a62befd428b1822fbab18d8eae1fafe71d4aa611a3b4f0c35ea5020e62b31

offers.karamba.com Open in urlscan Pro 52.149.109.211 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page URL History Show full URLs

Detected technologies

Page Statistics

63 Requests

94 %HTTPS

41 %IPv6

19 Domains

23 Subdomains

19 IPs

9 Countries

1023 kBTransfer

2364 kBSize

37 Cookies

3 Outgoing links

Page URL History

Redirected requests

63 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 2 data transactions

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

offers.karamba.com Open in urlscan Pro
52.149.109.211 Public Scan

Screenshot
Live screenshot

Full Image

63
Requests

94 %
HTTPS

41 %
IPv6

19
Domains

23
Subdomains

19
IPs

9
Countries

1023 kB
Transfer

2364 kB
Size

37
Cookies

63 HTTP transactions
2 data transactions