urlscan.io logo urlscan.io
SecurityTrails logo

offers.karamba.com Open in urlscan Pro
95.100.181.57  Public Scan

Go To Rescan Add Verdict Report
Submitted URL: http://lo.leexo.net/campaigns/kj031p4zv88d7/track-url/oh557b8hmde65/98efbc7326946fa0222535bb1e11be849d2d6753
Effective URL: https://offers.karamba.com/NO/Starburst_GM_500/?afi=22596&ar=1937&mmi=69914&gclid=5f914a2a980b23047ad73424
Submission: On October 22 via manual from NO
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 35 IPs in 9 countries across 30 domains to perform 88 HTTP transactions. The main IP is 95.100.181.57, located in Ascension Island and belongs to AKAMAI-ASN1, EU. The main domain is offers.karamba.com.
TLS certificate: Issued by Sectigo RSA Domain Validation Secure ... on November 17th 2019. Valid for: 2 years.
This is the only time offers.karamba.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
1 1 147.135.64.69 16276 (OVH)
1 1 35.201.98.21 15169 (GOOGLE)
2 95.100.181.57 20940 (AKAMAI-ASN1)
1 2a00:1450:400... 15169 (GOOGLE)
16 93.184.221.168 15133 (EDGECAST)
1 2001:4de0:ac1... 20446 (HIGHWINDS3)
1 2a00:1450:400... 15169 (GOOGLE)
17 52.239.140.42 8075 (MICROSOFT...)
1 2600:9000:207... 16509 (AMAZON-02)
1 2a02:26f0:6c0... 20940 (AKAMAI-ASN1)
1 2a00:1450:400... 15169 (GOOGLE)
2 2a00:1450:400... 15169 (GOOGLE)
1 95.129.38.40 20521 (ASN-BELLNET)
5 130.211.115.4 15169 (GOOGLE)
2 2a00:1450:400... 15169 (GOOGLE)
4 2a00:1450:400... 15169 (GOOGLE)
1 2a02:2638::3 44788 (ASN-CRITE...)
3 2a03:2880:f01... 32934 (FACEBOOK)
2 139.45.196.87 9002 (RETN-AS)
1 2606:4700:e0:... 13335 (CLOUDFLAR...)
3 23.77.209.152 20940 (AKAMAI-ASN1)
1 52.222.177.160 16509 (AMAZON-02)
1 2a00:1450:400... 15169 (GOOGLE)
1 178.250.2.151 44788 (ASN-CRITE...)
1 34.95.123.171 15169 (GOOGLE)
1 2606:4700:e0:... 13335 (CLOUDFLAR...)
1 2a00:1450:400... 15169 (GOOGLE)
1 2a02:2638:1::13 44788 (ASN-CRITE...)
4 2a03:2880:f11... 32934 (FACEBOOK)
1 2606:4700::68... 13335 (CLOUDFLAR...)
1 2a02:26f0:6c0... 20940 (AKAMAI-ASN1)
3 2.18.233.201 16625 (AKAMAI-AS)
1 3 37.252.172.249 29990 (ASN-APPNEX)
1 1 185.29.135.181 30419 (MEDIAMATH...)
1 1 2.16.186.75 20940 (AKAMAI-ASN1)
1 2.16.186.73 20940 (AKAMAI-ASN1)
1 1 2a02:26f0:6c0... 20940 (AKAMAI-ASN1)
1 2a02:26f0:6c0... 20940 (AKAMAI-ASN1)
1 2a02:26f0:6c0... 20940 (AKAMAI-ASN1)
88 35
1    147.135.64.69 (Reston, United States)

ASN16276 (OVH, FR)
PTR: ns101960.ip-147-135-64.us
lo.leexo.net
1    35.201.98.21 (Ascension Island)

ASN15169 (GOOGLE, US)
PTR: 21.98.201.35.bc.googleusercontent.com
trk.an8trk4.tech
2    95.100.181.57 (Ascension Island)

ASN20940 (AKAMAI-ASN1, EU)
PTR: a95-100-181-57.deploy.static.akamaitechnologies.com
offers.karamba.com
fnc.aspireglobal.com
1    2a00:1450:4001:801::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
fonts.googleapis.com
16    93.184.221.168 (London, United Kingdom)

ASN15133 (EDGECAST, US)
download.gamesrv1.com
1    2001:4de0:ac19::1:b:1a (Netherlands)

ASN20446 (HIGHWINDS3, US)
maxcdn.bootstrapcdn.com
1    2a00:1450:4001:81d::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
ajax.googleapis.com
17    52.239.140.42 (Amsterdam, Netherlands)

ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US)
asgdownload.blob.core.windows.net
1    2600:9000:2070:6800:a:deb0:3380:93a1 (United States)

ASN16509 (AMAZON-02, US)
js.ad-score.com
1    2a02:26f0:6c00:287::11a6 (Ascension Island)

ASN20940 (AKAMAI-ASN1, EU)
s.go-mpulse.net
1    2a00:1450:4001:824::2008 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.googletagmanager.com
2    2a00:1450:4001:81f::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
fonts.gstatic.com
1    95.129.38.40 (Israel)

ASN20521 (ASN-BELLNET, MT)
info.karamba.com
5    130.211.115.4 (Mountain View, United States)

ASN15169 (GOOGLE, US)
PTR: 4.115.211.130.bc.googleusercontent.com
data.ad-score.com
2    2a00:1450:4001:803::2004 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.google.com
4    2a00:1450:4001:824::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.google-analytics.com
1    2a02:2638::3 (France)

ASN44788 (ASN-CRITEO-EUROPE, FR)
static.criteo.net
3    2a03:2880:f01c:8012:face:b00c:0:3 (Ireland)

ASN32934 (FACEBOOK, US)
connect.facebook.net
2    139.45.196.87 (Ascension Island)

ASN9002 (RETN-AS, EU)
my.rtmark.net
1    2606:4700:e0::ac40:6e06 (United States)

ASN13335 (CLOUDFLARENET, US)
61676801.adoric-om.com
3    23.77.209.152 (Netherlands)

ASN20940 (AKAMAI-ASN1, EU)
PTR: a23-77-209-152.deploy.static.akamaitechnologies.com
zz.connextra.com
1    52.222.177.160 (Seattle, United States)

ASN16509 (AMAZON-02, US)
PTR: server-52-222-177-160.ham50.r.cloudfront.net
dnn506yrbagrg.cloudfront.net
1    2a00:1450:400c:c00::9d (Brussels, Belgium)

ASN15169 (GOOGLE, US)
stats.g.doubleclick.net
1    178.250.2.151 (France)

ASN44788 (ASN-CRITEO-EUROPE, FR)
sslwidget.criteo.com
1    34.95.123.171 (United States)

ASN15169 (GOOGLE, US)
PTR: 171.123.95.34.bc.googleusercontent.com
static.adoric.com
1    2606:4700:e0::ac40:6f06 (United States)

ASN13335 (CLOUDFLARENET, US)
app.adoric-om.com
1    2a00:1450:4001:802::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.google.de
1    2a02:2638:1::13 (France)

ASN44788 (ASN-CRITEO-EUROPE, FR)
gum.criteo.com
4    2a03:2880:f11c:8183:face:b00c:0:25de (Ireland)

ASN32934 (FACEBOOK, US)
www.facebook.com
1    2606:4700::6813:9308 (United States)

ASN13335 (CLOUDFLARENET, US)
script.crazyegg.com
1    2a02:26f0:6c00:192::11a6 (Ascension Island)

ASN20940 (AKAMAI-ASN1, EU)
c.go-mpulse.net
3    2.18.233.201 (Ascension Island)

ASN16625 (AKAMAI-AS, US)
PTR: a2-18-233-201.deploy.static.akamaitechnologies.com
pixel.mathtag.com
3    37.252.172.249 (Ascension Island)

ASN29990 (ASN-APPNEX, US)
PTR: 534.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net
secure.adnxs.com
1    185.29.135.181 (United Kingdom)

ASN30419 (MEDIAMATH-INC, US)
sync.mathtag.com
1    2.16.186.75 (Ascension Island)

ASN20940 (AKAMAI-ASN1, EU)
PTR: a2-16-186-75.deploy.static.akamaitechnologies.com
trial-eum-clientnsv4-s.akamaihd.net
1    2.16.186.73 (Ascension Island)

ASN20940 (AKAMAI-ASN1, EU)
PTR: a2-16-186-73.deploy.static.akamaitechnologies.com
xhkkwqyccc5ewx4rjiwa-p82old-697ae308b-clientnsv4-s.akamaihd.net
1    2a02:26f0:6c00::210:ba13 (Ascension Island)

ASN20940 (AKAMAI-ASN1, EU)
trial-eum-clienttons-s.akamaihd.net
1    2a02:26f0:6c00::210:ba19 (Ascension Island)

ASN20940 (AKAMAI-ASN1, EU)
fiaqj6absjkbikqce3ygyaaaabpzcsrm-p82old-da8434574-clienttons-s.akamaihd.net
1    2a02:26f0:6c00:297::11a6 (Ascension Island)

ASN20940 (AKAMAI-ASN1, EU)
6852bd10.akstat.io
Apex Domain
Subdomains		 Transfer
17 windows.net
asgdownload.blob.core.windows.net
2 MB
16 gamesrv1.com
download.gamesrv1.com
147 KB
6 ad-score.com
js.ad-score.com
data.ad-score.com
102 KB
4 akamaihd.net
trial-eum-clientnsv4-s.akamaihd.net
xhkkwqyccc5ewx4rjiwa-p82old-697ae308b-clientnsv4-s.akamaihd.net
trial-eum-clienttons-s.akamaihd.net
fiaqj6absjkbikqce3ygyaaaabpzcsrm-p82old-da8434574-clienttons-s.akamaihd.net
1 KB
4 mathtag.com
pixel.mathtag.com
sync.mathtag.com
3 KB
4 facebook.com
www.facebook.com
837 B
4 google-analytics.com
www.google-analytics.com
50 KB
3 adnxs.com
secure.adnxs.com
3 KB
3 connextra.com
zz.connextra.com
17 KB
3 facebook.net
connect.facebook.net
161 KB
2 criteo.com
sslwidget.criteo.com
gum.criteo.com
1 KB
2 adoric-om.com
61676801.adoric-om.com
app.adoric-om.com
34 KB
2 rtmark.net
my.rtmark.net
2 KB
2 google.com
www.google.com
380 B
2 gstatic.com
fonts.gstatic.com
18 KB
2 go-mpulse.net
s.go-mpulse.net
c.go-mpulse.net
51 KB
2 googleapis.com
fonts.googleapis.com
ajax.googleapis.com
30 KB
2 karamba.com
offers.karamba.com
info.karamba.com
12 KB
1 akstat.io
6852bd10.akstat.io
359 B
1 crazyegg.com
script.crazyegg.com
1 google.de
www.google.de
106 B
1 adoric.com
static.adoric.com
13 KB
1 doubleclick.net
stats.g.doubleclick.net
90 B
1 cloudfront.net
dnn506yrbagrg.cloudfront.net
821 B
1 criteo.net
static.criteo.net
12 KB
1 googletagmanager.com
www.googletagmanager.com
46 KB
1 aspireglobal.com
fnc.aspireglobal.com
4 KB
1 bootstrapcdn.com
maxcdn.bootstrapcdn.com
19 KB
1 an8trk4.tech
trk.an8trk4.tech
242 B
1 leexo.net
lo.leexo.net
548 B
88 30
Domain Requested by
17 asgdownload.blob.core.windows.net offers.karamba.com
download.gamesrv1.com
16 download.gamesrv1.com offers.karamba.com
download.gamesrv1.com
5 data.ad-score.com js.ad-score.com
4 www.facebook.com offers.karamba.com
4 www.google-analytics.com www.googletagmanager.com
www.google-analytics.com
offers.karamba.com
3 secure.adnxs.com 1 redirects offers.karamba.com
3 pixel.mathtag.com zz.connextra.com
3 zz.connextra.com www.googletagmanager.com
zz.connextra.com
offers.karamba.com
3 connect.facebook.net offers.karamba.com
connect.facebook.net
2 my.rtmark.net www.googletagmanager.com
2 www.google.com www.googletagmanager.com
offers.karamba.com
2 fonts.gstatic.com fonts.googleapis.com
1 6852bd10.akstat.io s.go-mpulse.net
1 fiaqj6absjkbikqce3ygyaaaabpzcsrm-p82old-da8434574-clienttons-s.akamaihd.net
1 trial-eum-clienttons-s.akamaihd.net 1 redirects
1 xhkkwqyccc5ewx4rjiwa-p82old-697ae308b-clientnsv4-s.akamaihd.net
1 trial-eum-clientnsv4-s.akamaihd.net 1 redirects
1 sync.mathtag.com 1 redirects
1 c.go-mpulse.net s.go-mpulse.net
1 script.crazyegg.com dnn506yrbagrg.cloudfront.net
1 gum.criteo.com static.criteo.net
1 www.google.de offers.karamba.com
1 app.adoric-om.com 61676801.adoric-om.com
1 static.adoric.com 61676801.adoric-om.com
1 sslwidget.criteo.com static.criteo.net
1 stats.g.doubleclick.net www.google-analytics.com
1 dnn506yrbagrg.cloudfront.net offers.karamba.com
1 61676801.adoric-om.com offers.karamba.com
1 static.criteo.net www.googletagmanager.com
1 info.karamba.com offers.karamba.com
1 www.googletagmanager.com offers.karamba.com
1 s.go-mpulse.net offers.karamba.com
1 js.ad-score.com offers.karamba.com
1 fnc.aspireglobal.com offers.karamba.com
1 ajax.googleapis.com offers.karamba.com
1 maxcdn.bootstrapcdn.com offers.karamba.com
1 fonts.googleapis.com offers.karamba.com
1 offers.karamba.com
1 trk.an8trk4.tech 1 redirects
1 lo.leexo.net 1 redirects
88 40

This site contains links to these domains. Also see Links.

Domain
no.karamba.com
download.gamesrv1.com
secure.gamblingcommission.gov.uk
Subject Issuer Validity Valid
*.karamba.com
Sectigo RSA Domain Validation Secure Server CA		 2019-11-17 -
2021-07-28		 2 years crt.sh
upload.video.google.com
GTS CA 1O1		 2020-09-22 -
2020-12-15		 3 months crt.sh
s3.wpc.edgecastcdn.net
DigiCert SHA2 Secure Server CA		 2020-09-30 -
2021-10-31		 a year crt.sh
*.bootstrapcdn.com
Sectigo RSA Domain Validation Secure Server CA		 2020-09-22 -
2021-10-12		 a year crt.sh
*.aspireglobal.com
Sectigo RSA Domain Validation Secure Server CA		 2019-11-18 -
2021-11-10		 2 years crt.sh
*.blob.core.windows.net
Microsoft IT TLS CA 2		 2020-07-21 -
2022-07-21		 2 years crt.sh
*.ad-score.com
Go Daddy Secure Certificate Authority - G2		 2020-09-02 -
2021-10-04		 a year crt.sh
akstat.io
DigiCert Secure Site ECC CA-1		 2020-05-06 -
2021-08-05		 a year crt.sh
*.google-analytics.com
GTS CA 1O1		 2020-09-22 -
2020-12-15		 3 months crt.sh
*.gstatic.com
GTS CA 1O1		 2020-09-22 -
2020-12-15		 3 months crt.sh
www.google.com
GTS CA 1O1		 2020-10-06 -
2020-12-29		 3 months crt.sh
*.criteo.net
DigiCert ECC Secure Server CA		 2020-09-04 -
2020-12-03		 3 months crt.sh
*.facebook.com
DigiCert SHA2 High Assurance Server CA		 2020-09-11 -
2020-12-10		 3 months crt.sh
*.rtmark.net
Let's Encrypt Authority X3		 2020-08-28 -
2020-11-26		 3 months crt.sh
sni.cloudflaressl.com
Cloudflare Inc ECC CA-3		 2020-10-02 -
2021-10-02		 a year crt.sh
*.connextra.com
DigiCert SHA2 Secure Server CA		 2020-06-03 -
2021-09-02		 a year crt.sh
*.cloudfront.net
DigiCert Global CA G2		 2020-05-26 -
2021-04-21		 a year crt.sh
*.g.doubleclick.net
GTS CA 1O1		 2020-09-22 -
2020-12-15		 3 months crt.sh
*.criteo.com
DigiCert ECC Secure Server CA		 2020-09-04 -
2020-12-03		 3 months crt.sh
*.adoric.com
Let's Encrypt Authority X3		 2020-10-12 -
2021-01-10		 3 months crt.sh
*.google.com
GTS CA 1O1		 2020-10-06 -
2020-12-29		 3 months crt.sh
www.google.de
GTS CA 1O1		 2020-09-22 -
2020-12-15		 3 months crt.sh
pixel.mathtag.com
DigiCert SHA2 Secure Server CA		 2020-04-15 -
2021-07-15		 a year crt.sh
*.adnxs.com
DigiCert ECC Secure Server CA		 2019-01-23 -
2021-03-08		 2 years crt.sh
a248.e.akamai.net
DigiCert Secure Site ECC CA-1		 2020-07-15 -
2021-09-13		 a year crt.sh

This page contains 8 frames:

Primary Page: https://offers.karamba.com/NO/Starburst_GM_500/?afi=22596&ar=1937&mmi=69914&gclid=5f914a2a980b23047ad73424
Frame ID: 50B274A943AF0BBEE062B9161F131E4E
Requests: 80 HTTP requests in this frame

Frame: https://s.go-mpulse.net/boomerang/GSM53-6YHXF-SE8EJ-RXEU2-55P9Q
Frame ID: A439FE18DE513F7121CFB22F50AA645F
Requests: 4 HTTP requests in this frame

Frame: https://info.karamba.com/visit.aspx?afi=22596&ar=1937&mmi=69914&gclid=5f914a2a980b23047ad73424&lpr=Karamba_Starburst_GM_500_NO&lng=NOR&gameverticalid=246
Frame ID: 3C170F9AD4261D0F8A572373EEF18588
Requests: 1 HTTP requests in this frame

Frame: data://truncated
Frame ID: 7CD86EFAF778DCCF090E8DC5B8E6DF40
Requests: 1 HTTP requests in this frame

Frame: https://gum.criteo.com/syncframe?topUrl=offers.karamba.com
Frame ID: 0771443C57E1CF42E16BBBC75B96C6B1
Requests: 1 HTTP requests in this frame

Frame: https://secure.adnxs.com/bounce?%2Fseg%3Fadd%3D22212759%26t%3D2
Frame ID: FD253D541E988B29A63ABBFCD530CE80
Requests: 1 HTTP requests in this frame

Frame: https://secure.adnxs.com/getuidnb?https%3A//zz.connextra.com/sync/data/uid/3bc1d7fd2e/%24UID
Frame ID: 0293B5A740223337B612CA4F95633A22
Requests: 1 HTTP requests in this frame

Frame: https://zz.connextra.com/sync/data/uid/6c883bd680/2b9e5f91-4a2b-4700-b383-c5f3cdef320f
Frame ID: 9E67E44C75428232669D737CD4FC9DCE
Requests: 1 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page URL History Show full URLs

  1. http://lo.leexo.net/campaigns/kj031p4zv88d7/track-url/oh557b8hmde65/98efbc7326946fa0222535bb1e11... HTTP 301
    https://trk.an8trk4.tech/t/MTkzN180Mzg/ HTTP 302
    https://offers.karamba.com/NO/Starburst_GM_500/?afi=22596&ar=1937&mmi=69914&gclid=5f914a2a980b23047ad73424 Page URL

Detected technologies

Overall confidence: 100%
Detected patterns
  • headers server /(?:Apache(?:$|\/([\d.]+)|[^/-])|(?:^|\b)HTTPD)/i

Page Statistics

88
Requests

98 %
HTTPS

56 %
IPv6

30
Domains

40
Subdomains

35
IPs

9
Countries

2362 kB
Transfer

3838 kB
Size

32
Cookies

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

  1. http://lo.leexo.net/campaigns/kj031p4zv88d7/track-url/oh557b8hmde65/98efbc7326946fa0222535bb1e11be849d2d6753 HTTP 301
    https://trk.an8trk4.tech/t/MTkzN180Mzg/ HTTP 302
    https://offers.karamba.com/NO/Starburst_GM_500/?afi=22596&ar=1937&mmi=69914&gclid=5f914a2a980b23047ad73424 Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 67
  • https://secure.adnxs.com/seg?add=22212759&t=2 HTTP 307
  • https://secure.adnxs.com/bounce?%2Fseg%3Fadd%3D22212759%26t%3D2
Request Chain 69
  • https://sync.mathtag.com/sync/img?redir=https%3A%2F%2Fzz.connextra.com%2Fsync%2Fdata%2Fuid%2F6c883bd680%2F%5BMM_UUID%5D HTTP 302
  • https://zz.connextra.com/sync/data/uid/6c883bd680/2b9e5f91-4a2b-4700-b383-c5f3cdef320f
Request Chain 74
  • https://trial-eum-clientnsv4-s.akamaihd.net/eum/getdns.txt?c=p82oldwec HTTP 302
  • https://xhkkwqyccc5ewx4rjiwa-p82old-697ae308b-clientnsv4-s.akamaihd.net/eum/results.txt
Request Chain 75
  • https://trial-eum-clienttons-s.akamaihd.net/eum/getdns.txt?c=p82oldwec HTTP 302
  • https://fiaqj6absjkbikqce3ygyaaaabpzcsrm-p82old-da8434574-clienttons-s.akamaihd.net/eum/results.txt

88 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
Primary Request /
offers.karamba.com/NO/Starburst_GM_500/
Redirect Chain
  • http://lo.leexo.net/campaigns/kj031p4zv88d7/track-url/oh557b8hmde65/98efbc7326946fa0222535bb1e11be849d2d6753
  • https://trk.an8trk4.tech/t/MTkzN180Mzg/
  • https://offers.karamba.com/NO/Starburst_GM_500/?afi=22596&ar=1937&mmi=69914&gclid=5f914a2a980b23047ad73424
29 KB
10 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://offers.karamba.com/NO/Starburst_GM_500/?afi=22596&ar=1937&mmi=69914&gclid=5f914a2a980b23047ad73424
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
95.100.181.57 , Ascension Island, ASN20940 (AKAMAI-ASN1, EU),
Reverse DNS
a95-100-181-57.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
0a120186c450b563e2236eedc302effc199e749a9d8a8752f9455a14f3cb270e
Security Headers
Name Value
Strict-Transport-Security max-age=16070400; includeSubDomains

Request headers

:method
GET
:authority
offers.karamba.com
:scheme
https
:path
/NO/Starburst_GM_500/?afi=22596&ar=1937&mmi=69914&gclid=5f914a2a980b23047ad73424
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
none
sec-fetch-mode
navigate
sec-fetch-user
?1
sec-fetch-dest
document
accept-encoding
gzip, deflate, br
accept-language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

status
200
server
Apache
content-encoding
gzip
content-type
text/html; charset=UTF-8
strict-transport-security
max-age=16070400; includeSubDomains
x-akamai-transformed
9 7420 0 pmb=mRUM,1
date
Thu, 22 Oct 2020 09:00:27 GMT
content-length
9040
vary
Accept-Encoding
set-cookie
afi=22596; expires=Sat, 21-Nov-2020 09:00:26 GMT; Max-Age=2592000; path=/; domain=karamba.com ar=1937; expires=Sat, 21-Nov-2020 09:00:26 GMT; Max-Age=2592000; path=/; domain=karamba.com mmi=69914; expires=Sat, 21-Nov-2020 09:00:26 GMT; Max-Age=2592000; path=/; domain=karamba.com gclid=5f914a2a980b23047ad73424; expires=Sat, 21-Nov-2020 09:00:26 GMT; Max-Age=2592000; path=/; domain=karamba.com lastvisit=2020-10-22; expires=Fri, 22-Oct-2021 09:00:26 GMT; Max-Age=31536000; path=/; domain=karamba.com visits=1; expires=Fri, 22-Oct-2021 09:00:26 GMT; Max-Age=31536000; path=/; domain=karamba.com AB=B; expires=Fri, 23-Oct-2020 09:00:26 GMT; Max-Age=86400; path=/; domain=karamba.com
server-timing
cdn-cache; desc=MISS edge; dur=32 origin; dur=267

Redirect headers

status
302
server
nginx
date
Thu, 22 Oct 2020 09:00:26 GMT
content-length
0
location
https://offers.karamba.com/NO/Starburst_GM_500/?afi=22596&ar=1937&mmi=69914&gclid=5f914a2a980b23047ad73424
x-rt
10
set-cookie
sess_5e7a253cbebbcd083211db2a=5e81c85c37267308247842a1; expires=Thu, 29 Oct 2020 09:00:26 GMT; path=/; HttpOnly
via
1.1 google
alt-svc
clear
css
fonts.googleapis.com/ 		13 KB
1 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://fonts.googleapis.com/css?family=Open+Sans:400,600|Open+Sans+Condensed:300,700,300italic
Requested by
Host: offers.karamba.com
URL: https://offers.karamba.com/NO/Starburst_GM_500/?afi=22596&ar=1937&mmi=69914&gclid=5f914a2a980b23047ad73424
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:801::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
2eb86fa88533bc76e9206a53da971745e924f86e4a2b24e866d8e492e4497503
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Referer
https://offers.karamba.com/NO/Starburst_GM_500/?afi=22596&ar=1937&mmi=69914&gclid=5f914a2a980b23047ad73424
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
content-encoding
gzip
x-content-type-options
nosniff
status
200
alt-svc
h3-Q050=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-27=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection
0
last-modified
Thu, 22 Oct 2020 09:00:27 GMT
server
ESF
date
Thu, 22 Oct 2020 09:00:27 GMT
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Thu, 22 Oct 2020 09:00:27 GMT
css_default.css
download.gamesrv1.com/Resources/LandingPages/CSS/ 		39 B
342 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://download.gamesrv1.com/Resources/LandingPages/CSS/css_default.css
Requested by
Host: offers.karamba.com
URL: https://offers.karamba.com/NO/Starburst_GM_500/?afi=22596&ar=1937&mmi=69914&gclid=5f914a2a980b23047ad73424
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
93.184.221.168 London, United Kingdom, ASN15133 (EDGECAST, US),
Reverse DNS
Software
ECAcc (ama/8B26) / ASP.NET
Resource Hash
10d62f60330047bd47c9925ac23519a8e2130cd33d27a60fd0227ffba0b3383a

Request headers

Referer
https://offers.karamba.com/NO/Starburst_GM_500/?afi=22596&ar=1937&mmi=69914&gclid=5f914a2a980b23047ad73424
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Thu, 22 Oct 2020 09:00:27 GMT
content-encoding
gzip
etag
"04d578ad672d11:0"
last-modified
Mon, 29 Feb 2016 09:49:54 GMT
server
ECAcc (ama/8B26)
age
12635
x-powered-by
ASP.NET
vary
Accept-Encoding
x-cache
HIT
content-type
text/css
status
200
cache-control
max-age=259200
accept-ranges
bytes
content-length
154
bootstrap.min.css
maxcdn.bootstrapcdn.com/bootstrap/3.3.4/css/ 		115 KB
19 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://maxcdn.bootstrapcdn.com/bootstrap/3.3.4/css/bootstrap.min.css
Requested by
Host: offers.karamba.com
URL: https://offers.karamba.com/NO/Starburst_GM_500/?afi=22596&ar=1937&mmi=69914&gclid=5f914a2a980b23047ad73424
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2001:4de0:ac19::1:b:1a , Netherlands, ASN20446 (HIGHWINDS3, US),
Reverse DNS
Software
/
Resource Hash
f04b517ba5d6a0510485689a3e42dac000f51640fd71b986804cba178eae42a5
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://offers.karamba.com/NO/Starburst_GM_500/?afi=22596&ar=1937&mmi=69914&gclid=5f914a2a980b23047ad73424
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Thu, 22 Oct 2020 09:00:27 GMT
content-encoding
gzip
x-content-type-options
nosniff
last-modified
Wed, 12 Dec 2018 18:34:07 GMT
status
200
etag
"1544639647"
vary
Accept-Encoding
x-cache
HIT
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
public, max-age=31536000
cross-origin-resource-policy
cross-origin
accept-ranges
bytes
timing-allow-origin
*
content-length
19240
template-responsive-slider.css
download.gamesrv1.com/Resources/LandingPages/CSS/ 		4 KB
1 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://download.gamesrv1.com/Resources/LandingPages/CSS/template-responsive-slider.css?v=4.856
Requested by
Host: offers.karamba.com
URL: https://offers.karamba.com/NO/Starburst_GM_500/?afi=22596&ar=1937&mmi=69914&gclid=5f914a2a980b23047ad73424
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
93.184.221.168 London, United Kingdom, ASN15133 (EDGECAST, US),
Reverse DNS
Software
ECAcc (ama/8B22) / ASP.NET
Resource Hash
cd8056863471d1c306a07e44d0f2cffde37fd982493907c1f67dc6b3bcb33626

Request headers

Referer
https://offers.karamba.com/NO/Starburst_GM_500/?afi=22596&ar=1937&mmi=69914&gclid=5f914a2a980b23047ad73424
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Thu, 22 Oct 2020 09:00:27 GMT
content-encoding
gzip
etag
"80eb24a2e7abd31:0"
last-modified
Thu, 22 Feb 2018 14:15:47 GMT
server
ECAcc (ama/8B22)
age
139075
x-powered-by
ASP.NET
vary
Accept-Encoding
x-cache
HIT
content-type
text/css
status
200
cache-control
max-age=259200
accept-ranges
bytes
content-length
1233
animate.min.css
download.gamesrv1.com/Resources/LandingPages/JS/animate.css-master/ 		17 KB
4 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://download.gamesrv1.com/Resources/LandingPages/JS/animate.css-master/animate.min.css
Requested by
Host: offers.karamba.com
URL: https://offers.karamba.com/NO/Starburst_GM_500/?afi=22596&ar=1937&mmi=69914&gclid=5f914a2a980b23047ad73424
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
93.184.221.168 London, United Kingdom, ASN15133 (EDGECAST, US),
Reverse DNS
Software
ECAcc (ama/8AF1) / ASP.NET
Resource Hash
0add8fcb5a583b1c16238fbe9d0de17c6272726b42be17fdcd9b4686ef5287d1

Request headers

Referer
https://offers.karamba.com/NO/Starburst_GM_500/?afi=22596&ar=1937&mmi=69914&gclid=5f914a2a980b23047ad73424
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Thu, 22 Oct 2020 09:00:27 GMT
content-encoding
gzip
etag
"0802880ac82d31:0"
last-modified
Mon, 01 Jan 2018 02:59:12 GMT
server
ECAcc (ama/8AF1)
age
113183
x-powered-by
ASP.NET
vary
Accept-Encoding
x-cache
HIT
content-type
text/css
status
200
cache-control
max-age=259200
accept-ranges
bytes
content-length
3542
jquery.min.js
ajax.googleapis.com/ajax/libs/jquery/2.1.1/ 		82 KB
29 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://ajax.googleapis.com/ajax/libs/jquery/2.1.1/jquery.min.js
Requested by
Host: offers.karamba.com
URL: https://offers.karamba.com/NO/Starburst_GM_500/?afi=22596&ar=1937&mmi=69914&gclid=5f914a2a980b23047ad73424
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:81d::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
874706b2b1311a0719b5267f7d1cf803057e367e94ae1ff7bf78c5450d30f5d4
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://offers.karamba.com/NO/Starburst_GM_500/?afi=22596&ar=1937&mmi=69914&gclid=5f914a2a980b23047ad73424
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Mon, 19 Oct 2020 15:55:46 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
234281
status
200
alt-svc
h3-Q050=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-27=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
29671
x-xss-protection
0
last-modified
Tue, 03 Mar 2020 19:15:00 GMT
server
sffe
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=31536000, stale-while-revalidate=2592000
accept-ranges
bytes
timing-allow-origin
*
expires
Tue, 19 Oct 2021 15:55:46 GMT
openlobby.js
fnc.aspireglobal.com/ 		13 KB
4 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://fnc.aspireglobal.com/openlobby.js
Requested by
Host: offers.karamba.com
URL: https://offers.karamba.com/NO/Starburst_GM_500/?afi=22596&ar=1937&mmi=69914&gclid=5f914a2a980b23047ad73424
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
95.100.181.57 , Ascension Island, ASN20940 (AKAMAI-ASN1, EU),
Reverse DNS
a95-100-181-57.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
7c5a5239885587b2864179ba1a31d88b060176d96942f06acd5809488773ee6b
Security Headers
Name Value
Content-Security-Policy frame-ancestors https:;
Strict-Transport-Security max-age=16070400; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Referer
https://offers.karamba.com/NO/Starburst_GM_500/?afi=22596&ar=1937&mmi=69914&gclid=5f914a2a980b23047ad73424
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

content-security-policy
frame-ancestors https:;
content-encoding
gzip
x-content-type-options
nosniff
status
200
server-timing
cdn-cache; desc=HIT, edge; dur=1
vary
Accept-Encoding
content-length
3567
x-xss-protection
1; mode=block
last-modified
Sun, 24 Feb 2019 08:10:00 GMT
server
Apache
x-frame-options
SAMEORIGIN
date
Thu, 22 Oct 2020 09:00:27 GMT
strict-transport-security
max-age=16070400; includeSubDomains
content-type
application/javascript
cache-control
public, max-age=18647
etag
"3490-5829f59b50600-gzip"
accept-ranges
bytes
expires
Thu, 22 Oct 2020 14:11:14 GMT
modernizr.js
download.gamesrv1.com/Resources/LandingPages/JS/ 		15 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://download.gamesrv1.com/Resources/LandingPages/JS/modernizr.js
Requested by
Host: offers.karamba.com
URL: https://offers.karamba.com/NO/Starburst_GM_500/?afi=22596&ar=1937&mmi=69914&gclid=5f914a2a980b23047ad73424
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
93.184.221.168 London, United Kingdom, ASN15133 (EDGECAST, US),
Reverse DNS
Software
ECAcc (ama/8A8A) / ASP.NET
Resource Hash
5c4e293758dbe44c89d7369a7be3666553c37b1378e5efeaa69222f801730162

Request headers

Referer
https://offers.karamba.com/NO/Starburst_GM_500/?afi=22596&ar=1937&mmi=69914&gclid=5f914a2a980b23047ad73424
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Thu, 22 Oct 2020 09:00:27 GMT
content-encoding
gzip
etag
"03f2cdbcb69cd1:0"
last-modified
Tue, 24 Jul 2012 18:40:54 GMT
server
ECAcc (ama/8A8A)
age
137723
x-powered-by
ASP.NET
vary
Accept-Encoding
x-cache
HIT
content-type
application/javascript
status
200
cache-control
max-age=259200
accept-ranges
bytes
content-length
6107
cute.slider.js
download.gamesrv1.com/Resources/LandingPages/JS/cute/ 		80 KB
24 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://download.gamesrv1.com/Resources/LandingPages/JS/cute/cute.slider.js
Requested by
Host: offers.karamba.com
URL: https://offers.karamba.com/NO/Starburst_GM_500/?afi=22596&ar=1937&mmi=69914&gclid=5f914a2a980b23047ad73424
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
93.184.221.168 London, United Kingdom, ASN15133 (EDGECAST, US),
Reverse DNS
Software
ECAcc (ama/8AC3) / ASP.NET
Resource Hash
f5c478b56cd91466052f9162437dcb908ea7e74bc930b007ad1dd564ad13c773

Request headers

Referer
https://offers.karamba.com/NO/Starburst_GM_500/?afi=22596&ar=1937&mmi=69914&gclid=5f914a2a980b23047ad73424
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Thu, 22 Oct 2020 09:00:27 GMT
content-encoding
gzip
etag
"80a477e7a85d11:0"
last-modified
Wed, 23 Mar 2016 13:50:05 GMT
server
ECAcc (ama/8AC3)
age
137723
x-powered-by
ASP.NET
vary
Accept-Encoding
x-cache
HIT
content-type
application/javascript
status
200
cache-control
max-age=259200
accept-ranges
bytes
content-length
24537
cute.transitions.all.js
download.gamesrv1.com/Resources/LandingPages/JS/cute/ 		8 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://download.gamesrv1.com/Resources/LandingPages/JS/cute/cute.transitions.all.js
Requested by
Host: offers.karamba.com
URL: https://offers.karamba.com/NO/Starburst_GM_500/?afi=22596&ar=1937&mmi=69914&gclid=5f914a2a980b23047ad73424
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
93.184.221.168 London, United Kingdom, ASN15133 (EDGECAST, US),
Reverse DNS
Software
ECAcc (ama/8AB5) / ASP.NET
Resource Hash
56bfb4807e3c5f05a9cdf796f4a2d084d2c9710195406eefa602fc98f25bf674

Request headers

Referer
https://offers.karamba.com/NO/Starburst_GM_500/?afi=22596&ar=1937&mmi=69914&gclid=5f914a2a980b23047ad73424
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Thu, 22 Oct 2020 09:00:27 GMT
content-encoding
gzip
etag
"009fc49695cd1:0"
last-modified
Tue, 18 Sep 2012 12:11:44 GMT
server
ECAcc (ama/8AB5)
age
139076
x-powered-by
ASP.NET
vary
Accept-Encoding
x-cache
HIT
content-type
application/javascript
status
200
cache-control
max-age=259200
accept-ranges
bytes
content-length
2520
main.css
download.gamesrv1.com/Resources/LandingPages/CSS/cute-theme/ 		1 KB
897 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://download.gamesrv1.com/Resources/LandingPages/CSS/cute-theme/main.css
Requested by
Host: offers.karamba.com
URL: https://offers.karamba.com/NO/Starburst_GM_500/?afi=22596&ar=1937&mmi=69914&gclid=5f914a2a980b23047ad73424
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
93.184.221.168 London, United Kingdom, ASN15133 (EDGECAST, US),
Reverse DNS
Software
ECAcc (ama/8AA2) / ASP.NET
Resource Hash
41bdd0a2ca8947227eb360ba1a6caf36c5350f72fc7702ba212f8299c2d4eea5

Request headers

Referer
https://offers.karamba.com/NO/Starburst_GM_500/?afi=22596&ar=1937&mmi=69914&gclid=5f914a2a980b23047ad73424
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Thu, 22 Oct 2020 09:00:27 GMT
content-encoding
gzip
etag
"0467eac55a6cd1:0"
last-modified
Tue, 09 Oct 2012 19:38:36 GMT
server
ECAcc (ama/8AA2)
age
197185
x-powered-by
ASP.NET
vary
Accept-Encoding
x-cache
HIT
content-type
text/css
status
200
cache-control
max-age=259200
accept-ranges
bytes
content-length
801
slider-style.css
download.gamesrv1.com/Resources/LandingPages/CSS/cute-theme/ 		9 KB
3 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://download.gamesrv1.com/Resources/LandingPages/CSS/cute-theme/slider-style.css
Requested by
Host: offers.karamba.com
URL: https://offers.karamba.com/NO/Starburst_GM_500/?afi=22596&ar=1937&mmi=69914&gclid=5f914a2a980b23047ad73424
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
93.184.221.168 London, United Kingdom, ASN15133 (EDGECAST, US),
Reverse DNS
Software
ECAcc (ama/8A8E) / ASP.NET
Resource Hash
5756c1ddd0ed31b14248a232703dc5a7f16b6545ccdb34efea7a0d23d8437945

Request headers

Referer
https://offers.karamba.com/NO/Starburst_GM_500/?afi=22596&ar=1937&mmi=69914&gclid=5f914a2a980b23047ad73424
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Thu, 22 Oct 2020 09:00:27 GMT
content-encoding
gzip
etag
"0dbc3237ccdce1:0"
last-modified
Sun, 20 Oct 2013 10:07:10 GMT
server
ECAcc (ama/8A8E)
age
138227
x-powered-by
ASP.NET
vary
Accept-Encoding
x-cache
HIT
content-type
text/css
status
200
cache-control
max-age=259200
accept-ranges
bytes
content-length
2706
respond.min.js
download.gamesrv1.com/Resources/LandingPages/JS/ 		4 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://download.gamesrv1.com/Resources/LandingPages/JS/respond.min.js
Requested by
Host: offers.karamba.com
URL: https://offers.karamba.com/NO/Starburst_GM_500/?afi=22596&ar=1937&mmi=69914&gclid=5f914a2a980b23047ad73424
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
93.184.221.168 London, United Kingdom, ASN15133 (EDGECAST, US),
Reverse DNS
Software
ECAcc (ama/8B04) / ASP.NET
Resource Hash
1574a5440e7861871b0b812a856bcb638039e6fd6fe0e362d5193694730965ff

Request headers

Referer
https://offers.karamba.com/NO/Starburst_GM_500/?afi=22596&ar=1937&mmi=69914&gclid=5f914a2a980b23047ad73424
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Thu, 22 Oct 2020 09:00:27 GMT
content-encoding
gzip
etag
"09e9d51553cd1:0"
last-modified
Fri, 16 Mar 2012 09:15:24 GMT
server
ECAcc (ama/8B04)
age
140141
x-powered-by
ASP.NET
vary
Accept-Encoding
x-cache
HIT
content-type
application/javascript
status
200
cache-control
max-age=259200
accept-ranges
bytes
content-length
2526
Starburst_GM_500_logo_1490261844_logo_karamba.png
asgdownload.blob.core.windows.net/websites/Download/Resources/LandingPages/Kits/NA/ 		8 KB
8 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://asgdownload.blob.core.windows.net/websites/Download/Resources/LandingPages/Kits/NA/Starburst_GM_500_logo_1490261844_logo_karamba.png
Requested by
Host: offers.karamba.com
URL: https://offers.karamba.com/NO/Starburst_GM_500/?afi=22596&ar=1937&mmi=69914&gclid=5f914a2a980b23047ad73424
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
52.239.140.42 Amsterdam, Netherlands, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0 /
Resource Hash
96ab6a08c5780e46cc1004babdd6d89b90c0768196c8a2b55553cdb21f5e29c3

Request headers

Referer
https://offers.karamba.com/NO/Starburst_GM_500/?afi=22596&ar=1937&mmi=69914&gclid=5f914a2a980b23047ad73424
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

x-ms-blob-type
BlockBlob
Date
Thu, 22 Oct 2020 09:00:27 GMT
Content-MD5
ETWcbfgvbTQ/7YlPRptCow==
Content-Disposition
Content-Length
7755
x-ms-lease-state
available
x-ms-lease-status
unlocked
Last-Modified
Thu, 05 Dec 2019 07:10:15 GMT
Server
Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0
ETag
"0x8D779522D7FF3D2"
Content-Type
image/png
Access-Control-Allow-Origin
*
x-ms-request-id
522ffd60-301e-00b1-6451-a8a8b3000000
Access-Control-Expose-Headers
x-ms-request-id,Server,x-ms-version,Content-Type,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-lease-state,x-ms-blob-type,Content-Disposition,Accept-Ranges,Content-Length,Date,Transfer-Encoding
x-ms-version
2014-02-14
Accept-Ranges
bytes
Starburst_GM_500_logo-mobile_1490262727_logo-mobile_top_mobile_nor.jpg
asgdownload.blob.core.windows.net/websites/Download/Resources/LandingPages/Kits/NO/ 		14 KB
15 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://asgdownload.blob.core.windows.net/websites/Download/Resources/LandingPages/Kits/NO/Starburst_GM_500_logo-mobile_1490262727_logo-mobile_top_mobile_nor.jpg
Requested by
Host: offers.karamba.com
URL: https://offers.karamba.com/NO/Starburst_GM_500/?afi=22596&ar=1937&mmi=69914&gclid=5f914a2a980b23047ad73424
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
52.239.140.42 Amsterdam, Netherlands, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0 /
Resource Hash
ba8c6dc38a2d06f93e904ec9726e24fb7c97d21c4a51c2bb226794eb77aab581

Request headers

Referer
https://offers.karamba.com/NO/Starburst_GM_500/?afi=22596&ar=1937&mmi=69914&gclid=5f914a2a980b23047ad73424
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

x-ms-blob-type
BlockBlob
Date
Thu, 22 Oct 2020 09:00:26 GMT
Content-MD5
x6hUfrYs9yCbr9sfNkYZnw==
Content-Disposition
Content-Length
14462
x-ms-lease-state
available
x-ms-lease-status
unlocked
Last-Modified
Thu, 05 Dec 2019 07:11:19 GMT
Server
Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0
ETag
"0x8D7795253EE954C"
Content-Type
image/jpeg
Access-Control-Allow-Origin
*
x-ms-request-id
51fade07-301e-005f-5a51-a8a230000000
Access-Control-Expose-Headers
x-ms-request-id,Server,x-ms-version,Content-Type,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-lease-state,x-ms-blob-type,Content-Disposition,Accept-Ranges,Content-Length,Date,Transfer-Encoding
x-ms-version
2014-02-14
Accept-Ranges
bytes
ghost.png
asgdownload.blob.core.windows.net/websites/Download/Resources/LandingPages/Kits/ 		68 B
812 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://asgdownload.blob.core.windows.net/websites/Download/Resources/LandingPages/Kits/ghost.png
Requested by
Host: offers.karamba.com
URL: https://offers.karamba.com/NO/Starburst_GM_500/?afi=22596&ar=1937&mmi=69914&gclid=5f914a2a980b23047ad73424
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
52.239.140.42 Amsterdam, Netherlands, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0 /
Resource Hash
8a8a6d6325c5391079a56dc9a9185ef79618a784232a529db8b9809d3260e4cb

Request headers

Referer
https://offers.karamba.com/NO/Starburst_GM_500/?afi=22596&ar=1937&mmi=69914&gclid=5f914a2a980b23047ad73424
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

x-ms-blob-type
BlockBlob
Date
Thu, 22 Oct 2020 09:00:27 GMT
Content-MD5
pIFZoAWHyVjEpYwZLzwofA==
Content-Disposition
Content-Length
68
x-ms-lease-state
available
x-ms-lease-status
unlocked
Last-Modified
Thu, 05 Dec 2019 07:12:11 GMT
Server
Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0
ETag
"0x8D7795272B16158"
Content-Type
image/png
Access-Control-Allow-Origin
*
x-ms-request-id
bad46521-f01e-00ac-3d51-a87159000000
Access-Control-Expose-Headers
x-ms-request-id,Server,x-ms-version,Content-Type,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-lease-state,x-ms-blob-type,Content-Disposition,Accept-Ranges,Content-Length,Date,Transfer-Encoding
x-ms-version
2014-02-14
Accept-Ranges
bytes
Starburst_GM_500_offer_1490279771_offer_nor_nok.png
asgdownload.blob.core.windows.net/websites/Download/Resources/LandingPages/Kits/NO/ 		52 KB
53 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://asgdownload.blob.core.windows.net/websites/Download/Resources/LandingPages/Kits/NO/Starburst_GM_500_offer_1490279771_offer_nor_nok.png
Requested by
Host: offers.karamba.com
URL: https://offers.karamba.com/NO/Starburst_GM_500/?afi=22596&ar=1937&mmi=69914&gclid=5f914a2a980b23047ad73424
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
52.239.140.42 Amsterdam, Netherlands, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0 /
Resource Hash
2bff39f8391ae03b0990b5148b0598f4e2f447f3e37ba834ea782610ce706b5d

Request headers

Referer
https://offers.karamba.com/NO/Starburst_GM_500/?afi=22596&ar=1937&mmi=69914&gclid=5f914a2a980b23047ad73424
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

x-ms-blob-type
BlockBlob
Date
Thu, 22 Oct 2020 09:00:27 GMT
Content-MD5
6DC1B+mn8N7xRkQ4rs2XPQ==
Content-Disposition
Content-Length
53666
x-ms-lease-state
available
x-ms-lease-status
unlocked
Last-Modified
Thu, 05 Dec 2019 07:11:32 GMT
Server
Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0
ETag
"0x8D779525B73281C"
Content-Type
image/png
Access-Control-Allow-Origin
*
x-ms-request-id
bad46532-f01e-00ac-4951-a87159000000
Access-Control-Expose-Headers
x-ms-request-id,Server,x-ms-version,Content-Type,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-lease-state,x-ms-blob-type,Content-Disposition,Accept-Ranges,Content-Length,Date,Transfer-Encoding
x-ms-version
2014-02-14
Accept-Ranges
bytes
Starburst_GM_500_offer-mobile_1490279771_offer-mobile_nor_nok.png
asgdownload.blob.core.windows.net/websites/Download/Resources/LandingPages/Kits/NO/ 		45 KB
46 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://asgdownload.blob.core.windows.net/websites/Download/Resources/LandingPages/Kits/NO/Starburst_GM_500_offer-mobile_1490279771_offer-mobile_nor_nok.png
Requested by
Host: offers.karamba.com
URL: https://offers.karamba.com/NO/Starburst_GM_500/?afi=22596&ar=1937&mmi=69914&gclid=5f914a2a980b23047ad73424
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
52.239.140.42 Amsterdam, Netherlands, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0 /
Resource Hash
6880a1fcfc751b85b950440b5e29342a1e66daca50da275f96e40d0cf561a832

Request headers

Referer
https://offers.karamba.com/NO/Starburst_GM_500/?afi=22596&ar=1937&mmi=69914&gclid=5f914a2a980b23047ad73424
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

x-ms-blob-type
BlockBlob
Date
Thu, 22 Oct 2020 09:00:27 GMT
Content-MD5
9z1O7mmHB49rlGu//itD5A==
Content-Disposition
Content-Length
46066
x-ms-lease-state
available
x-ms-lease-status
unlocked
Last-Modified
Thu, 05 Dec 2019 07:12:19 GMT
Server
Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0
ETag
"0x8D779527798D60F"
Content-Type
image/png
Access-Control-Allow-Origin
*
x-ms-request-id
27c12fbc-301e-0054-2351-a8ba44000000
Access-Control-Expose-Headers
x-ms-request-id,Server,x-ms-version,Content-Type,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-lease-state,x-ms-blob-type,Content-Disposition,Accept-Ranges,Content-Length,Date,Transfer-Encoding
x-ms-version
2014-02-14
Accept-Ranges
bytes
Starburst_GM_500_slide1_1490261845_slide1_screen_1.jpg
asgdownload.blob.core.windows.net/websites/Download/Resources/LandingPages/Kits/NA/ 		133 KB
134 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://asgdownload.blob.core.windows.net/websites/Download/Resources/LandingPages/Kits/NA/Starburst_GM_500_slide1_1490261845_slide1_screen_1.jpg
Requested by
Host: offers.karamba.com
URL: https://offers.karamba.com/NO/Starburst_GM_500/?afi=22596&ar=1937&mmi=69914&gclid=5f914a2a980b23047ad73424
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
52.239.140.42 Amsterdam, Netherlands, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0 /
Resource Hash
5ad7a0b603156f728643f26123bb1c6ac68c8a5c43cab8db0fbf885c43a4e618

Request headers

Referer
https://offers.karamba.com/NO/Starburst_GM_500/?afi=22596&ar=1937&mmi=69914&gclid=5f914a2a980b23047ad73424
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

x-ms-blob-type
BlockBlob
Date
Thu, 22 Oct 2020 09:00:26 GMT
Content-MD5
+pMsF7mSeyCWFVDeD11jjA==
Content-Disposition
Content-Length
136447
x-ms-lease-state
available
x-ms-lease-status
unlocked
Last-Modified
Thu, 05 Dec 2019 07:10:45 GMT
Server
Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0
ETag
"0x8D779523F31350A"
Content-Type
image/jpeg
Access-Control-Allow-Origin
*
x-ms-request-id
51fade25-301e-005f-6e51-a8a230000000
Access-Control-Expose-Headers
x-ms-request-id,Server,x-ms-version,Content-Type,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-lease-state,x-ms-blob-type,Content-Disposition,Accept-Ranges,Content-Length,Date,Transfer-Encoding
x-ms-version
2014-02-14
Accept-Ranges
bytes
Starburst_GM_500_slide2_1490261846_slide2_screen_2.jpg
asgdownload.blob.core.windows.net/websites/Download/Resources/LandingPages/Kits/NA/ 		159 KB
160 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://asgdownload.blob.core.windows.net/websites/Download/Resources/LandingPages/Kits/NA/Starburst_GM_500_slide2_1490261846_slide2_screen_2.jpg
Requested by
Host: offers.karamba.com
URL: https://offers.karamba.com/NO/Starburst_GM_500/?afi=22596&ar=1937&mmi=69914&gclid=5f914a2a980b23047ad73424
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
52.239.140.42 Amsterdam, Netherlands, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0 /
Resource Hash
8a2237a03ca68a0de6c87d94660068de28249b3116e4a48f6191538cd1a490ac

Request headers

Referer
https://offers.karamba.com/NO/Starburst_GM_500/?afi=22596&ar=1937&mmi=69914&gclid=5f914a2a980b23047ad73424
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

x-ms-blob-type
BlockBlob
Date
Thu, 22 Oct 2020 09:00:27 GMT
Content-MD5
4JLNErESFKM9U4ptcWEk4A==
Content-Disposition
Content-Length
162770
x-ms-lease-state
available
x-ms-lease-status
unlocked
Last-Modified
Thu, 05 Dec 2019 07:10:53 GMT
Server
Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0
ETag
"0x8D779524451C6FF"
Content-Type
image/jpeg
Access-Control-Allow-Origin
*
x-ms-request-id
55caaa9e-601e-00a9-2e51-a88526000000
Access-Control-Expose-Headers
x-ms-request-id,Server,x-ms-version,Content-Type,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-lease-state,x-ms-blob-type,Content-Disposition,Accept-Ranges,Content-Length,Date,Transfer-Encoding
x-ms-version
2014-02-14
Accept-Ranges
bytes
Starburst_GM_500_slide3_1490261846_slide3_screen_3.jpg
asgdownload.blob.core.windows.net/websites/Download/Resources/LandingPages/Kits/NA/ 		147 KB
147 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://asgdownload.blob.core.windows.net/websites/Download/Resources/LandingPages/Kits/NA/Starburst_GM_500_slide3_1490261846_slide3_screen_3.jpg
Requested by
Host: offers.karamba.com
URL: https://offers.karamba.com/NO/Starburst_GM_500/?afi=22596&ar=1937&mmi=69914&gclid=5f914a2a980b23047ad73424
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
52.239.140.42 Amsterdam, Netherlands, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0 /
Resource Hash
6ee456ecfd061423420a751259244fb0b5d506e3b62bebeb0c6a454f3e23e4c5

Request headers

Referer
https://offers.karamba.com/NO/Starburst_GM_500/?afi=22596&ar=1937&mmi=69914&gclid=5f914a2a980b23047ad73424
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

x-ms-blob-type
BlockBlob
Date
Thu, 22 Oct 2020 09:00:26 GMT
Content-MD5
/0wm1kku0n0I63UGQHXrWA==
Content-Disposition
Content-Length
150027
x-ms-lease-state
available
x-ms-lease-status
unlocked
Last-Modified
Thu, 05 Dec 2019 07:10:39 GMT
Server
Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0
ETag
"0x8D779523C29F8DE"
Content-Type
image/jpeg
Access-Control-Allow-Origin
*
x-ms-request-id
64b9f2f2-101e-006a-2d51-a80c65000000
Access-Control-Expose-Headers
x-ms-request-id,Server,x-ms-version,Content-Type,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-lease-state,x-ms-blob-type,Content-Disposition,Accept-Ranges,Content-Length,Date,Transfer-Encoding
x-ms-version
2014-02-14
Accept-Ranges
bytes
Starburst_GM_500_button-text_1490262728_button-text_nor_nok.png
asgdownload.blob.core.windows.net/websites/Download/Resources/LandingPages/Kits/NO/ 		2 KB
3 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://asgdownload.blob.core.windows.net/websites/Download/Resources/LandingPages/Kits/NO/Starburst_GM_500_button-text_1490262728_button-text_nor_nok.png
Requested by
Host: offers.karamba.com
URL: https://offers.karamba.com/NO/Starburst_GM_500/?afi=22596&ar=1937&mmi=69914&gclid=5f914a2a980b23047ad73424
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
52.239.140.42 Amsterdam, Netherlands, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0 /
Resource Hash
795247098d72b9d53e62f701622b429972536a97e2c825362f5c7c84df0c612f

Request headers

Referer
https://offers.karamba.com/NO/Starburst_GM_500/?afi=22596&ar=1937&mmi=69914&gclid=5f914a2a980b23047ad73424
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

x-ms-blob-type
BlockBlob
Date
Thu, 22 Oct 2020 09:00:27 GMT
Content-MD5
JihtwKt7eWElnwMu+HBw9Q==
Content-Disposition
Content-Length
2456
x-ms-lease-state
available
x-ms-lease-status
unlocked
Last-Modified
Thu, 05 Dec 2019 07:11:49 GMT
Server
Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0
ETag
"0x8D7795265BBA0A1"
Content-Type
image/png
Access-Control-Allow-Origin
*
x-ms-request-id
522ffd7a-301e-00b1-7851-a8a8b3000000
Access-Control-Expose-Headers
x-ms-request-id,Server,x-ms-version,Content-Type,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-lease-state,x-ms-blob-type,Content-Disposition,Accept-Ranges,Content-Length,Date,Transfer-Encoding
x-ms-version
2014-02-14
Accept-Ranges
bytes
footer_no.png
download.gamesrv1.com/Resources/LandingPages/Footers/dark/ 		42 KB
42 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://download.gamesrv1.com/Resources/LandingPages/Footers/dark/footer_no.png?=22
Requested by
Host: offers.karamba.com
URL: https://offers.karamba.com/NO/Starburst_GM_500/?afi=22596&ar=1937&mmi=69914&gclid=5f914a2a980b23047ad73424
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
93.184.221.168 London, United Kingdom, ASN15133 (EDGECAST, US),
Reverse DNS
Software
ECAcc (ama/8B45) / ASP.NET
Resource Hash
32185896edb622d1b62ce926bef6a6fce404731a09218f51e3de0d8cc94e3032

Request headers

Referer
https://offers.karamba.com/NO/Starburst_GM_500/?afi=22596&ar=1937&mmi=69914&gclid=5f914a2a980b23047ad73424
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Thu, 22 Oct 2020 09:00:27 GMT
etag
"08a1e1de7d5d51:0"
last-modified
Tue, 28 Jan 2020 14:27:48 GMT
server
ECAcc (ama/8B45)
age
114031
x-powered-by
ASP.NET
x-cache
HIT
content-type
image/png
status
200
cache-control
max-age=259200
accept-ranges
bytes
content-length
43239
footer_mob_no.png
download.gamesrv1.com/Resources/LandingPages/Footers/mobiledark/ 		24 KB
24 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://download.gamesrv1.com/Resources/LandingPages/Footers/mobiledark/footer_mob_no.png
Requested by
Host: offers.karamba.com
URL: https://offers.karamba.com/NO/Starburst_GM_500/?afi=22596&ar=1937&mmi=69914&gclid=5f914a2a980b23047ad73424
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
93.184.221.168 London, United Kingdom, ASN15133 (EDGECAST, US),
Reverse DNS
Software
ECAcc (ama/8AE3) / ASP.NET
Resource Hash
dd30146c0cf244c51c7c3d39cc40fa68bbc332f1f2a5d1ecab073db8ccbeb596

Request headers

Referer
https://offers.karamba.com/NO/Starburst_GM_500/?afi=22596&ar=1937&mmi=69914&gclid=5f914a2a980b23047ad73424
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Thu, 22 Oct 2020 09:00:27 GMT
etag
"06278d6ddd5d51:0"
last-modified
Tue, 28 Jan 2020 13:21:24 GMT
server
ECAcc (ama/8AE3)
age
114030
x-powered-by
ASP.NET
x-cache
HIT
content-type
image/png
status
200
cache-control
max-age=259200
accept-ranges
bytes
content-length
24655
score.min.js
js.ad-score.com/ 		293 KB
100 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://js.ad-score.com/score.min.js?pid=1000211
Requested by
Host: offers.karamba.com
URL: https://offers.karamba.com/NO/Starburst_GM_500/?afi=22596&ar=1937&mmi=69914&gclid=5f914a2a980b23047ad73424
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:2070:6800:a:deb0:3380:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
/
Resource Hash
54548bd559697342474443e77f4e46942b46c809bbb305066df9b8b5f5e5deba

Request headers

Referer
https://offers.karamba.com/NO/Starburst_GM_500/?afi=22596&ar=1937&mmi=69914&gclid=5f914a2a980b23047ad73424
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date
Wed, 21 Oct 2020 12:56:24 GMT
Content-Encoding
gzip
Age
72243
Transfer-Encoding
chunked
X-Cache
Hit from cloudfront
Connection
keep-alive
Access-Control-Allow-Origin
*
Last-Modified
Wed, 21 Oct 2020 12:56:24 GMT
Access-Control-Allow-Methods
GET
Content-Type
application/javascript
Via
1.1 d653a3b9e8104c26c77d7700ae0a93cf.cloudfront.net (CloudFront)
Cache-Control
public, max-age=86400
Access-Control-Allow-Credentials
true
X-Amz-Cf-Pop
HAM50-C3
Access-Control-Allow-Headers
Cache-Control
X-Amz-Cf-Id
8xBo1Bceaj9jGB8t6WF--XsH2akRhdwYo3BwwmyR0Thmt0A03wSE1w==
Expires
Thu, 22 Oct 2020 12:56:24 GMT
imageMapResizer.min.js
download.gamesrv1.com/Resources/LandingPages/JS/image-map-resizer-master/js/ 		2 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://download.gamesrv1.com/Resources/LandingPages/JS/image-map-resizer-master/js/imageMapResizer.min.js
Requested by
Host: offers.karamba.com
URL: https://offers.karamba.com/NO/Starburst_GM_500/?afi=22596&ar=1937&mmi=69914&gclid=5f914a2a980b23047ad73424
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
93.184.221.168 London, United Kingdom, ASN15133 (EDGECAST, US),
Reverse DNS
Software
ECAcc (ama/8AFA) / ASP.NET
Resource Hash
d8adb66d4d9cf55f48a04ea3a0b64305912c46918025d732d9c62aa1f8beb240

Request headers

Referer
https://offers.karamba.com/NO/Starburst_GM_500/?afi=22596&ar=1937&mmi=69914&gclid=5f914a2a980b23047ad73424
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Thu, 22 Oct 2020 09:00:27 GMT
content-encoding
gzip
etag
"071fea3c4b7d21:0"
last-modified
Mon, 17 Apr 2017 21:50:34 GMT
server
ECAcc (ama/8AFA)
age
141255
x-powered-by
ASP.NET
vary
Accept-Encoding
x-cache
HIT
content-type
application/javascript
status
200
cache-control
max-age=259200
accept-ranges
bytes
content-length
1213
GSM53-6YHXF-SE8EJ-RXEU2-55P9Q
s.go-mpulse.net/boomerang/ Frame A439 		202 KB
51 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://s.go-mpulse.net/boomerang/GSM53-6YHXF-SE8EJ-RXEU2-55P9Q
Requested by
Host: offers.karamba.com
URL: https://offers.karamba.com/NO/Starburst_GM_500/?afi=22596&ar=1937&mmi=69914&gclid=5f914a2a980b23047ad73424
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_256_GCM
Server
2a02:26f0:6c00:287::11a6 , Ascension Island, ASN20940 (AKAMAI-ASN1, EU),
Reverse DNS
Software
/
Resource Hash
95a439c4e11ace2484e8d42c30ff56cf7db5ea7c6463df9ce2fdafa7f6ccbf54

Request headers

Referer
https://offers.karamba.com/NO/Starburst_GM_500/?afi=22596&ar=1937&mmi=69914&gclid=5f914a2a980b23047ad73424
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Thu, 22 Oct 2020 09:00:27 GMT
content-encoding
br
last-modified
Wed, 14 Oct 2020 23:00:39 GMT
vary
Accept-Encoding
content-type
application/javascript; charset=utf-8
status
200
cache-control
max-age=604800
timing-allow-origin
*
content-length
51580
gtm.js
www.googletagmanager.com/ 		142 KB
46 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagmanager.com/gtm.js?id=GTM-5SR6C87
Requested by
Host: offers.karamba.com
URL: https://offers.karamba.com/NO/Starburst_GM_500/?afi=22596&ar=1937&mmi=69914&gclid=5f914a2a980b23047ad73424
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:824::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
d013a7b38b89bdaad5f1770559aa82adda3533e4573ea5639c9f908275b7da7f
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

Referer
https://offers.karamba.com/NO/Starburst_GM_500/?afi=22596&ar=1937&mmi=69914&gclid=5f914a2a980b23047ad73424
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Thu, 22 Oct 2020 09:00:27 GMT
content-encoding
br
vary
Accept-Encoding
status
200
cross-origin-resource-policy
cross-origin
alt-svc
h3-Q050=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-27=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
47258
x-xss-protection
0
server
Google Tag Manager
strict-transport-security
max-age=31536000; includeSubDomains
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
access-control-allow-headers
Cache-Control
expires
Thu, 22 Oct 2020 09:00:27 GMT
Starburst_GM_500_bg_1490261844_bg_BG_LP.jpg
asgdownload.blob.core.windows.net/websites/Download/Resources/LandingPages/Kits/NA/ 		39 KB
39 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://asgdownload.blob.core.windows.net/websites/Download/Resources/LandingPages/Kits/NA/Starburst_GM_500_bg_1490261844_bg_BG_LP.jpg
Requested by
Host: offers.karamba.com
URL: https://offers.karamba.com/NO/Starburst_GM_500/?afi=22596&ar=1937&mmi=69914&gclid=5f914a2a980b23047ad73424
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
52.239.140.42 Amsterdam, Netherlands, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0 /
Resource Hash
7497d866fec19fce43d92b3af952496218f40889dfeeaada40bbb91b2b1f4ef7

Request headers

Referer
https://offers.karamba.com/NO/Starburst_GM_500/?afi=22596&ar=1937&mmi=69914&gclid=5f914a2a980b23047ad73424
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

x-ms-blob-type
BlockBlob
Date
Thu, 22 Oct 2020 09:00:27 GMT
Content-MD5
0MfrDeP80F2KBkgpQEq6zQ==
Content-Disposition
Content-Length
39510
x-ms-lease-state
available
x-ms-lease-status
unlocked
Last-Modified
Thu, 05 Dec 2019 07:10:35 GMT
Server
Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0
ETag
"0x8D77952399E4451"
Content-Type
image/jpeg
Access-Control-Allow-Origin
*
x-ms-request-id
27c12f9a-301e-0054-0951-a8ba44000000
Access-Control-Expose-Headers
x-ms-request-id,Server,x-ms-version,Content-Type,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-lease-state,x-ms-blob-type,Content-Disposition,Accept-Ranges,Content-Length,Date,Transfer-Encoding
x-ms-version
2014-02-14
Accept-Ranges
bytes
mem8YaGs126MiZpBA-UFVZ0bf8pkAg.woff2
fonts.gstatic.com/s/opensans/v18/ 		9 KB
9 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/opensans/v18/mem8YaGs126MiZpBA-UFVZ0bf8pkAg.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Open+Sans:400,600|Open+Sans+Condensed:300,700,300italic
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:81f::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
54c64f3c66372027154f01fc9f24b4e25fdfe405b70d1994c79abbc2576ff775
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Origin
https://offers.karamba.com
Referer
https://fonts.googleapis.com/css?family=Open+Sans:400,600|Open+Sans+Condensed:300,700,300italic
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Mon, 19 Oct 2020 11:20:33 GMT
x-content-type-options
nosniff
last-modified
Tue, 15 Sep 2020 18:09:28 GMT
server
sffe
age
250794
status
200
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
alt-svc
h3-Q050=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-27=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
9132
x-xss-protection
0
expires
Tue, 19 Oct 2021 11:20:33 GMT
mem5YaGs126MiZpBA-UNirkOUuhpKKSTjw.woff2
fonts.gstatic.com/s/opensans/v18/ 		9 KB
9 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/opensans/v18/mem5YaGs126MiZpBA-UNirkOUuhpKKSTjw.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Open+Sans:400,600|Open+Sans+Condensed:300,700,300italic
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:81f::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
b8e23a845bc6b7fd417d29182e0e38d353e64b5e12e06bb1de2b5ce063db1dcc
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Origin
https://offers.karamba.com
Referer
https://fonts.googleapis.com/css?family=Open+Sans:400,600|Open+Sans+Condensed:300,700,300italic
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Wed, 21 Oct 2020 11:20:35 GMT
x-content-type-options
nosniff
last-modified
Tue, 15 Sep 2020 18:09:49 GMT
server
sffe
age
77992
status
200
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
alt-svc
h3-Q050=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-27=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
9180
x-xss-protection
0
expires
Thu, 21 Oct 2021 11:20:35 GMT
cute.css3d.module.js
download.gamesrv1.com/Resources/LandingPages/JS/cute/ 		14 KB
14 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://download.gamesrv1.com/Resources/LandingPages/JS/cute/cute.css3d.module.js
Requested by
Host: offers.karamba.com
URL: https://offers.karamba.com/NO/Starburst_GM_500/?afi=22596&ar=1937&mmi=69914&gclid=5f914a2a980b23047ad73424
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
93.184.221.168 London, United Kingdom, ASN15133 (EDGECAST, US),
Reverse DNS
Software
ECAcc (ama/8AEE) / ASP.NET
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://offers.karamba.com/NO/Starburst_GM_500/?afi=22596&ar=1937&mmi=69914&gclid=5f914a2a980b23047ad73424
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Thu, 22 Oct 2020 09:00:27 GMT
content-encoding
gzip
etag
"0c14cfe932cf1:0"
last-modified
Wed, 26 Feb 2014 11:56:40 GMT
server
ECAcc (ama/8AEE)
age
140133
x-powered-by
ASP.NET
vary
Accept-Encoding
x-cache
HIT
content-type
application/javascript
status
200
cache-control
max-age=259200
accept-ranges
bytes
content-length
4356
Cookie set visit.aspx
info.karamba.com/ Frame 3C17 		271 B
2 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://info.karamba.com/visit.aspx?afi=22596&ar=1937&mmi=69914&gclid=5f914a2a980b23047ad73424&lpr=Karamba_Starburst_GM_500_NO&lng=NOR&gameverticalid=246
Requested by
Host: offers.karamba.com
URL: https://offers.karamba.com/NO/Starburst_GM_500/?afi=22596&ar=1937&mmi=69914&gclid=5f914a2a980b23047ad73424
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
95.129.38.40 , Israel, ASN20521 (ASN-BELLNET, MT),
Reverse DNS
Software
/ ASP.NET
Resource Hash
98a8e4de5b29c476f9f6d6585cfb0d750e16bc8653f6c2104ade25d30460b227
Security Headers
Name Value
Strict-Transport-Security max-age=16070400
X-Content-Type-Options nosniff
X-Xss-Protection 1;mode=block

Request headers

Host
info.karamba.com
Connection
keep-alive
Pragma
no-cache
Cache-Control
no-cache
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Sec-Fetch-Site
same-site
Sec-Fetch-Mode
navigate
Sec-Fetch-Dest
iframe
Referer
https://offers.karamba.com/NO/Starburst_GM_500/?afi=22596&ar=1937&mmi=69914&gclid=5f914a2a980b23047ad73424
Accept-Encoding
gzip, deflate, br
Accept-Language
en-US
Cookie
afi=22596; ar=1937; mmi=69914; gclid=5f914a2a980b23047ad73424; lastvisit=2020-10-22; visits=1; AB=B
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Referer
https://offers.karamba.com/NO/Starburst_GM_500/?afi=22596&ar=1937&mmi=69914&gclid=5f914a2a980b23047ad73424

Response headers

Cache-Control
private
Content-Type
text/html; charset=utf-8
Content-Encoding
gzip
Vary
Accept-Encoding
Set-Cookie
ASP.NET_SessionId=q3uw2ibzbsgzgncl04w4lhch; path=/; secure; HttpOnly; SameSite=Lax LanguageCode=NOR; domain=info.karamba.com; expires=Sun, 22-Oct-2023 09:00:27 GMT; path=/; secure CSI_27=EncryptedUniqueVisitorID=660BCB5D7285CCFF49A76D22B0D29782&AffiliateID=22596&MarketingMaterialID=69914&LastUpdate=2020-10-22&AlternateReference=1937&PlayerAlternateReference=&gclid=5f914a2a980b23047ad73424&LandingPageReference=Karamba_Starburst_GM_500_NO&GameVerticalID=246; domain=info.karamba.com; expires=Mon, 22-Oct-2040 09:00:27 GMT; path=/; secure GameVerticalID=246; domain=Karamba.com; expires=Fri, 22-Jan-2021 09:00:27 GMT; path=/; secure AffiliateID=22596; domain=Karamba.com; expires=Sun, 22-Nov-2020 09:00:27 GMT; path=/; secure MarketingMaterialID=69914; domain=Karamba.com; expires=Fri, 22-Jan-2021 09:00:27 GMT; path=/; secure PlayerAlternateReference=; domain=Karamba.com; expires=Fri, 22-Jan-2021 09:00:27 GMT; path=/; secure AlternateReference=1937; domain=Karamba.com; expires=Fri, 22-Jan-2021 09:00:27 GMT; path=/; secure gclid=5f914a2a980b23047ad73424; domain=Karamba.com; expires=Fri, 22-Jan-2021 09:00:27 GMT; path=/; secure UniqueVisitorID=660BCB5D7285CCFF49A76D22B0D29782; domain=Karamba.com; expires=Fri, 22-Jan-2021 09:00:27 GMT; path=/; secure CountryCode=NL; domain=info.karamba.com; expires=Sun, 22-Oct-2023 09:00:27 GMT; path=/; secure RegistrationMode=M; domain=info.karamba.com; expires=Sun, 22-Oct-2023 09:00:27 GMT; path=/; secure BO=; domain=info.karamba.com; expires=Sun, 22-Oct-2023 09:00:27 GMT; path=/; secure CSITemp=27; domain=info.karamba.com; path=/; secure
p3p
CP=\"IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT\"
X-Powered-By
ASP.NET
Date
Thu, 22 Oct 2020 09:00:26 GMT
Content-Length
335
Strict-Transport-Security
max-age=16070400
X-Content-Type-Options
nosniff
X-XSS-Protection
1;mode=block
controls.png
download.gamesrv1.com/Resources/LandingPages/CSS/cute-theme/ 		9 KB
9 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://download.gamesrv1.com/Resources/LandingPages/CSS/cute-theme/controls.png
Requested by
Host: download.gamesrv1.com
URL: https://download.gamesrv1.com/Resources/LandingPages/CSS/cute-theme/slider-style.css
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
93.184.221.168 London, United Kingdom, ASN15133 (EDGECAST, US),
Reverse DNS
Software
ECAcc (ama/8ADE) / ASP.NET
Resource Hash
7d839453ff8027e9e25575dad62ea25623a41f4a81a98e6fa46bbdb94d539509

Request headers

Referer
https://download.gamesrv1.com/Resources/LandingPages/CSS/cute-theme/slider-style.css
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Thu, 22 Oct 2020 09:00:27 GMT
etag
"03925cdaa0cd1:0"
last-modified
Tue, 02 Oct 2012 20:13:18 GMT
server
ECAcc (ama/8ADE)
age
198966
x-powered-by
ASP.NET
x-cache
HIT
content-type
image/png
status
200
cache-control
max-age=259200
accept-ranges
bytes
content-length
9358
large-loading.gif
download.gamesrv1.com/Resources/LandingPages/CSS/cute-theme/ 		8 KB
8 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://download.gamesrv1.com/Resources/LandingPages/CSS/cute-theme/large-loading.gif
Requested by
Host: download.gamesrv1.com
URL: https://download.gamesrv1.com/Resources/LandingPages/CSS/cute-theme/slider-style.css
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
93.184.221.168 London, United Kingdom, ASN15133 (EDGECAST, US),
Reverse DNS
Software
ECAcc (ama/8B2D) / ASP.NET
Resource Hash
3d9de7a1c28a9866d28af6fa14e60fe74bf23f4cbb2355c3c3b41fd5f7ae7ffe

Request headers

Referer
https://download.gamesrv1.com/Resources/LandingPages/CSS/cute-theme/slider-style.css
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Thu, 22 Oct 2020 09:00:27 GMT
etag
"007b9de37fcd1:0"
last-modified
Tue, 21 Aug 2012 21:26:24 GMT
server
ECAcc (ama/8B2D)
age
112709
x-powered-by
ASP.NET
x-cache
HIT
content-type
image/gif
status
200
cache-control
max-age=259200
accept-ranges
bytes
content-length
8345
cors
data.ad-score.com/data/ 		42 B
591 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://data.ad-score.com/data/cors?pm_st=iKOKfSYbpCRSWxuigGRDGlcJdXhajXIm-FE7fPshldVrkKD8b33LOF0jBNA==-E0zBP89vb1vqMg==&pm_ct=e52653165d6e7a719db1c61d&pm_pl=1603357227379&pm_td=11&pid=1000211&en=1.1&callback=__pm_glbl_AFq5oD97YC9yPnVSFUEqBlTp._gc1&tt=g&v=5e56916
Requested by
Host: js.ad-score.com
URL: https://js.ad-score.com/score.min.js?pid=1000211
Protocol
HTTP/1.1
Security
TLS 1.2, RSA, AES_128_GCM
Server
130.211.115.4 Mountain View, United States, ASN15169 (GOOGLE, US),
Reverse DNS
4.115.211.130.bc.googleusercontent.com
Software
/
Resource Hash
fd7d88de9229ea837533622175ee7e970ebd6f84f71591cd00525fe6be33e739

Request headers

Referer
https://offers.karamba.com/NO/Starburst_GM_500/?afi=22596&ar=1937&mmi=69914&gclid=5f914a2a980b23047ad73424
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Content-Type
text/plain

Response headers

Pragma
no-cache
Date
Thu, 22 Oct 2020 09:00:27 GMT
Age
0
Access-Control-Allow-Methods
POST
P3p
CP="CURa ADMa DEVa TAIi PSAi PSDi IVAi IVDi CONi HISa TELi OUR IND DSP CAO COR"
Access-Control-Allow-Origin
https://offers.karamba.com
Cache-Control
post-check=0, pre-check=0, false, proxy-revalidate, no-cache, no-cache=Set-Cookie, no-store, must-revalidate, max-age=0, s-maxage=0
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Type
text/plain; charset=utf-8
Content-Length
42
truncated
/ Frame 7CD8 		266 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
662294921ca6240beb0f2aecb7f7ac23dd085b782bbe52a369b20226d26afe33

Request headers

Referer
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Content-Type
image/svg+xml
truncated
/ 		68 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
5e89733d8a8e055100cda68bf7a712ab0e1b24fefee7e39792b47cb5ff7c3cb1

Request headers

Referer
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Content-Type
image/png
landing
www.google.com/pagead/ 		42 B
107 B 		Other
General
Check archive.org
Download Go to
Full URL
https://www.google.com/pagead/landing?gclid=5f914a2a980b23047ad73424&gtm=2wg9u15SR6C87
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-5SR6C87
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:803::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
Content-Security-Policy script-src 'none'; object-src 'none'
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://offers.karamba.com/NO/Starburst_GM_500/?afi=22596&ar=1937&mmi=69914&gclid=5f914a2a980b23047ad73424
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

pragma
no-cache
date
Thu, 22 Oct 2020 09:00:27 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
status
200
cache-control
no-cache, no-store, must-revalidate
content-security-policy
script-src 'none'; object-src 'none'
content-type
image/gif
alt-svc
h3-Q050=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
analytics.js
www.google-analytics.com/ 		45 KB
18 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.google-analytics.com/analytics.js
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-5SR6C87
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:824::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
60863e86aa7743d1ac841da7f473a05cd57fba81d661cef658e385437f80d5ef
Security Headers
Name Value
Strict-Transport-Security max-age=10886400; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://offers.karamba.com/NO/Starburst_GM_500/?afi=22596&ar=1937&mmi=69914&gclid=5f914a2a980b23047ad73424
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

strict-transport-security
max-age=10886400; includeSubDomains; preload
content-encoding
gzip
x-content-type-options
nosniff
last-modified
Wed, 09 Sep 2020 01:50:37 GMT
server
Golfe2
age
6279
date
Thu, 22 Oct 2020 07:15:48 GMT
vary
Accept-Encoding
content-type
text/javascript
status
200
cache-control
public, max-age=7200
cross-origin-resource-policy
cross-origin
alt-svc
h3-Q050=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-27=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
18650
expires
Thu, 22 Oct 2020 09:15:48 GMT
ld.js
static.criteo.net/js/ld/ 		36 KB
12 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://static.criteo.net/js/ld/ld.js
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-5SR6C87
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
nginx /
Resource Hash
0f6204713c11eeb6d7648e3401617e22f8e88f96cd517a538dc018ac2ab7bdf2

Request headers

Referer
https://offers.karamba.com/NO/Starburst_GM_500/?afi=22596&ar=1937&mmi=69914&gclid=5f914a2a980b23047ad73424
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Thu, 22 Oct 2020 09:00:27 GMT
content-encoding
gzip
last-modified
Mon, 14 Sep 2020 13:03:43 GMT
server
nginx
etag
W/"5f5f6a2f-90a2"
status
200
content-type
text/javascript
access-control-allow-origin
*
cache-control
max-age=86400, public
timing-allow-origin
*
expires
Fri, 23 Oct 2020 09:00:27 GMT
fbevents.js
connect.facebook.net/en_US/ 		88 KB
23 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://connect.facebook.net/en_US/fbevents.js
Requested by
Host: offers.karamba.com
URL: https://offers.karamba.com/NO/Starburst_GM_500/?afi=22596&ar=1937&mmi=69914&gclid=5f914a2a980b23047ad73424
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a03:2880:f01c:8012:face:b00c:0:3 , Ireland, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
/
Resource Hash
e37570ef85a3553930ba20dfab7280bfcead8a2238b536b5c03c629c35b3d4ca
Security Headers
Name Value
Content-Security-Policy default-src * data: blob: 'self';script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.virtualearth.net *.google.com 127.0.0.1:* *.spotilocal.com:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net *.spotilocal.com:* wss://*.facebook.com:* https://fb.scanandcleanlocal.com:* attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' chrome-extension://boadgeojelhgndaghljhdicfkmllpafd chrome-extension://dliochdbjfkdbacpmhlcpmleaejidimm;block-all-mixed-content;upgrade-insecure-requests;
Strict-Transport-Security max-age=31536000; preload; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 0

Request headers

Referer
https://offers.karamba.com/NO/Starburst_GM_500/?afi=22596&ar=1937&mmi=69914&gclid=5f914a2a980b23047ad73424
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

strict-transport-security
max-age=31536000; preload; includeSubDomains
content-encoding
gzip
x-content-type-options
nosniff
status
200
alt-svc
h3-29=":443"; ma=3600,h3-27=":443"; ma=3600
content-length
23070
x-xss-protection
0
pragma
public
x-fb-debug
p5bbr5fN3/Nlia35UnAHowoHKE9LzNp0z083xbmmCrQx0+ac9sPKDVhunXeZlx+Ii+O3vj986rLHcDOjUIIZYg==
x-fb-trip-id
664085054
x-frame-options
DENY
date
Thu, 22 Oct 2020 09:00:27 GMT
vary
Accept-Encoding
content-type
application/x-javascript; charset=utf-8
cache-control
public, max-age=1200
content-security-policy
default-src * data: blob: 'self';script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.virtualearth.net *.google.com 127.0.0.1:* *.spotilocal.com:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net *.spotilocal.com:* wss://*.facebook.com:* https://fb.scanandcleanlocal.com:* attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' chrome-extension://boadgeojelhgndaghljhdicfkmllpafd chrome-extension://dliochdbjfkdbacpmhlcpmleaejidimm;block-all-mixed-content;upgrade-insecure-requests;
expires
Sat, 01 Jan 2000 00:00:00 GMT
p.js
my.rtmark.net/ 		697 B
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://my.rtmark.net/p.js?f=sync&lr=1&partner=58b5af2832492d653535743c972fdbcbc5f76b0521ea0ed7cd26145bec21e330
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-5SR6C87
Protocol
HTTP/1.1
Security
TLS 1.2, RSA, AES_128_CBC
Server
139.45.196.87 , Ascension Island, ASN9002 (RETN-AS, EU),
Reverse DNS
Software
nginx /
Resource Hash
41e0b29f30f7a6b6012cbc6f0258926d6a7eddc489e4853d9df26adf783f3f8f
Security Headers
Name Value
Strict-Transport-Security max-age=1
X-Content-Type-Options nosniff

Request headers

Referer
https://offers.karamba.com/NO/Starburst_GM_500/?afi=22596&ar=1937&mmi=69914&gclid=5f914a2a980b23047ad73424
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date
Thu, 22 Oct 2020 09:00:27 GMT
X-Content-Type-Options
nosniff
Server
nginx
Strict-Transport-Security
max-age=1
Access-Control-Allow-Methods
POST, GET, OPTIONS, PUT, DELETE
Content-Type
text/javascript
Access-Control-Allow-Origin
*
Access-Control-Expose-Headers
Authorization
Access-Control-Allow-Credentials
true
Connection
keep-alive
Timing-Allow-Origin
*, *
Access-Control-Allow-Headers
Accept, Content-Type, Content-Length, Accept-Encoding, Authorization,X-CSRF-Token
Content-Length
697
adoric.js
61676801.adoric-om.com/ 		126 KB
33 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://61676801.adoric-om.com/adoric.js
Requested by
Host: offers.karamba.com
URL: https://offers.karamba.com/NO/Starburst_GM_500/?afi=22596&ar=1937&mmi=69914&gclid=5f914a2a980b23047ad73424
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:e0::ac40:6e06 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e1bf4de43b73e966d7ab1d7dc2e4363653654e70e4a8190fd7bdde0c9af3fdf3
Security Headers
Name Value
Strict-Transport-Security max-age=15552000; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Referer
https://offers.karamba.com/NO/Starburst_GM_500/?afi=22596&ar=1937&mmi=69914&gclid=5f914a2a980b23047ad73424
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Thu, 22 Oct 2020 09:00:27 GMT
via
1.1 google
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"report_to":"cf-nel","max_age":604800}
age
702
x-dns-prefetch-control
off
status
200
access-control-allow-methods
GET, POST, PUT, DELETE, OPTIONS
content-encoding
br
vary
Accept-Encoding
x-xss-protection
1; mode=block
cf-ray
5e6207304acb2bb9-FRA
content-range
bytes 50-10000/*
server
cloudflare
x-frame-options
SAMEORIGIN
etag
W/"1f799-aV1jqXyqHn7g4PGwCkzQDGyRAsA"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security
max-age=15552000; includeSubDomains
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?lkg-colo=71&lkg-time=1603357228"}],"group":"cf-nel","max_age":604800}
x-download-options
noopen
access-control-allow-origin
movetogcp2020.com
cache-control
public, max-age=14400
access-control-allow-credentials
*
cf-request-id
05f122d22c00002bb9fc248000000001
content-type
text/javascript; charset=utf-8
access-control-allow-headers
Origin, X-Requested-With, Content-Type, Accept, Authorization, Access-Control-Allow-Credentials
homepage
zz.connextra.com/dcs/tagController/tag/ff81de8095f1/ 		45 KB
16 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://zz.connextra.com/dcs/tagController/tag/ff81de8095f1/homepage
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-5SR6C87
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
23.77.209.152 , Netherlands, ASN20940 (AKAMAI-ASN1, EU),
Reverse DNS
a23-77-209-152.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
e6db587193b5823fd5963f0ec176e56120a9e28f217bca287dd100b4f247377f

Request headers

Referer
https://offers.karamba.com/NO/Starburst_GM_500/?afi=22596&ar=1937&mmi=69914&gclid=5f914a2a980b23047ad73424
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Thu, 22 Oct 2020 09:00:27 GMT
content-encoding
gzip
vary
Accept-Encoding
content-type
text/javascript;charset=utf-8
status
200
cache-control
must-revalidate, max-age=247
content-length
16225
expires
Thu, 22 Oct 2020 09:04:34 GMT
83e679e8-2100-444f-a51b-dcd578e66858
https://offers.karamba.com/ 		720 B
0 		Other
General
Check archive.org
Download Go to
Full URL
blob:https://offers.karamba.com/83e679e8-2100-444f-a51b-dcd578e66858
Requested by
Host: offers.karamba.com
URL: https://offers.karamba.com/NO/Starburst_GM_500/?afi=22596&ar=1937&mmi=69914&gclid=5f914a2a980b23047ad73424
Protocol
BLOB
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
d2ec07a6e77bc3abc56f801e141e9889c018ca8e96dfbe4042f49378699ee85f

Request headers

Referer
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Content-Length
720
Content-Type
application/javascript
cors
data.ad-score.com/data/ 		1 B
274 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://data.ad-score.com/data/cors?pm_st=iKOKfSYbpCRSWxuigGRDGlcJdXhajXIm-FE7fPshldVrkKD8b33LOF0jBNA==-E0zBP89vb1vqMg==&pm_ct=e52653165d6e7a719db1c61d&pm_pl=1603357227379&pm_td=191&pid=1000211&en=1.1&callback=__pm_glbl_AFq5oD97YC9yPnVSFUEqBlTp._gc2&tt=g&v=5e56916
Requested by
Host: js.ad-score.com
URL: https://js.ad-score.com/score.min.js?pid=1000211
Protocol
HTTP/1.1
Security
TLS 1.2, RSA, AES_128_GCM
Server
130.211.115.4 Mountain View, United States, ASN15169 (GOOGLE, US),
Reverse DNS
4.115.211.130.bc.googleusercontent.com
Software
/
Resource Hash
5feceb66ffc86f38d952786c6d696c79c2dbc239dd4e91b46729d73a27fb57e9

Request headers

Referer
https://offers.karamba.com/NO/Starburst_GM_500/?afi=22596&ar=1937&mmi=69914&gclid=5f914a2a980b23047ad73424
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Content-Type
text/plain

Response headers

Access-Control-Allow-Origin
https://offers.karamba.com
Date
Thu, 22 Oct 2020 09:00:28 GMT
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Length
1
Access-Control-Allow-Methods
POST
Content-Type
text/plain; charset=utf-8
truncated
/ 		35 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Request headers

Referer
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Content-Type
image/gif
2220.js
dnn506yrbagrg.cloudfront.net/pages/scripts/0026/ 		309 B
821 B 		Script
General
Check archive.org
Download Go to
Full URL
https://dnn506yrbagrg.cloudfront.net/pages/scripts/0026/2220.js?445377
Requested by
Host: offers.karamba.com
URL: https://offers.karamba.com/NO/Starburst_GM_500/?afi=22596&ar=1937&mmi=69914&gclid=5f914a2a980b23047ad73424
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
52.222.177.160 Seattle, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-52-222-177-160.ham50.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
51250867b18d1a5e5576c9759d58098cc2cfe9230e7bd5951c31326685334e31

Request headers

Referer
https://offers.karamba.com/NO/Starburst_GM_500/?afi=22596&ar=1937&mmi=69914&gclid=5f914a2a980b23047ad73424
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date
Fri, 18 Sep 2020 04:15:38 GMT
Via
1.1 864531626be4a5703a7662d9c31523b8.cloudfront.net (CloudFront)
Connection
keep-alive
Last-Modified
Tue, 03 Mar 2020 19:16:52 GMT
Server
AmazonS3
Age
2954690
ETag
"0e9cc1044e2323febdee0cc8cd0b1d1c"
X-Cache
Hit from cloudfront
Content-Type
application/x-javascript
Cache-Control
max-age=31536000
X-Amz-Cf-Pop
HAM50-C1
Accept-Ranges
bytes
Content-Length
309
X-Amz-Cf-Id
xVtTbQS9nxpUOFcGTp9y1asDBH0cBEEqRZy7Hvuit6Iu2QeVD2QLmQ==
cute.css3d.module.js
download.gamesrv1.com/Resources/LandingPages/JS/cute/ 		14 KB
4 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://download.gamesrv1.com/Resources/LandingPages/JS/cute/cute.css3d.module.js
Requested by
Host: download.gamesrv1.com
URL: https://download.gamesrv1.com/Resources/LandingPages/JS/modernizr.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
93.184.221.168 London, United Kingdom, ASN15133 (EDGECAST, US),
Reverse DNS
Software
ECAcc (ama/8AEE) / ASP.NET
Resource Hash
545ce2ff528fd01008a5e0924f29a09c7a39c4e05b01822c2b9097ed0dee92fe

Request headers

Referer
https://offers.karamba.com/NO/Starburst_GM_500/?afi=22596&ar=1937&mmi=69914&gclid=5f914a2a980b23047ad73424
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Thu, 22 Oct 2020 09:00:27 GMT
content-encoding
gzip
etag
"0c14cfe932cf1:0"
last-modified
Wed, 26 Feb 2014 11:56:40 GMT
server
ECAcc (ama/8AEE)
age
140133
x-powered-by
ASP.NET
vary
Accept-Encoding
x-cache
HIT
content-type
application/javascript
status
200
cache-control
max-age=259200
accept-ranges
bytes
content-length
4356
collect
stats.g.doubleclick.net/j/ 		4 B
90 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://stats.g.doubleclick.net/j/collect?t=dc&aip=1&_r=3&v=1&_v=j86&tid=UA-85966793-1&cid=1184800504.1603357228&jid=596180489&gjid=958511645&_gid=1057675603.1603357228&_u=YGBAgAADQAAAgE~&z=486397452
Requested by
Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:400c:c00::9d Brussels, Belgium, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
84e01419bd81f32ac6df0f75f49c604fda9172000a3ae432b3c47b2a6a712d80
Security Headers
Name Value
Strict-Transport-Security max-age=10886400; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://offers.karamba.com/NO/Starburst_GM_500/?afi=22596&ar=1937&mmi=69914&gclid=5f914a2a980b23047ad73424
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
strict-transport-security
max-age=10886400; includeSubDomains; preload
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
date
Thu, 22 Oct 2020 09:00:27 GMT
status
200
content-type
text/plain
access-control-allow-origin
https://offers.karamba.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3-Q050=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-27=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
4
expires
Fri, 01 Jan 1990 00:00:00 GMT
js
www.google-analytics.com/gtm/ 		79 KB
31 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.google-analytics.com/gtm/js?id=GTM-TCR9TJ7&t=gtm3&cid=1184800504.1603357228&gclid=5f914a2a980b23047ad73424
Requested by
Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js
Protocol
H3-Q050
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:824::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
3f0a71564b7c2a1919686d25a9d109009eee5e06d67c46e9ca501fa670ca270d
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

Referer
https://offers.karamba.com/NO/Starburst_GM_500/?afi=22596&ar=1937&mmi=69914&gclid=5f914a2a980b23047ad73424
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Thu, 22 Oct 2020 09:00:27 GMT
content-encoding
br
vary
Accept-Encoding
status
200
cross-origin-resource-policy
cross-origin
alt-svc
h3-Q050=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-27=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
31877
x-xss-protection
0
server
Google Tag Manager
strict-transport-security
max-age=31536000; includeSubDomains
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
access-control-allow-headers
Cache-Control
expires
Thu, 22 Oct 2020 09:00:27 GMT
collect
www.google-analytics.com/ 		35 B
424 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google-analytics.com/collect?v=1&_v=j86&a=339460059&t=pageview&_s=1&dl=https%3A%2F%2Foffers.karamba.com%2FNO%2FStarburst_GM_500%2F%3Fafi%3D22596%26ar%3D1937%26mmi%3D69914%26gclid%3D5f914a2a980b23047ad73424&ul=en-us&de=UTF-8&dt=Karamba%20-%20Starburst_GM_500&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=YGBAgAADQAAAg~&jid=596180489&gjid=958511645&cid=1184800504.1603357228&tid=UA-85966793-1&_gid=1057675603.1603357228&gtm=2wg9u15SR6C87&cd1=22596&cd2=1937&cd4=5f914a2a980b23047ad73424&cd5=69914&z=719191561
Requested by
Host: offers.karamba.com
URL: https://offers.karamba.com/NO/Starburst_GM_500/?afi=22596&ar=1937&mmi=69914&gclid=5f914a2a980b23047ad73424
Protocol
H3-Q050
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:824::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://offers.karamba.com/NO/Starburst_GM_500/?afi=22596&ar=1937&mmi=69914&gclid=5f914a2a980b23047ad73424
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 21 Oct 2020 10:03:10 GMT
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
age
82637
status
200
content-type
image/gif
access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3-Q050=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-27=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
35
expires
Mon, 01 Jan 1990 00:00:00 GMT
241981442639943
connect.facebook.net/signals/config/ 		235 KB
69 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://connect.facebook.net/signals/config/241981442639943?v=2.9.27&r=stable
Requested by
Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/fbevents.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a03:2880:f01c:8012:face:b00c:0:3 , Ireland, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
/
Resource Hash
79817ef76558eadcb6f5385e031f27e22b58dbccce8db225d526767887b0b9ef
Security Headers
Name Value
Content-Security-Policy default-src facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com data: blob: 'self';script-src *.fbcdn.net *.facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c;
Strict-Transport-Security max-age=31536000; preload; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 0

Request headers

Referer
https://offers.karamba.com/NO/Starburst_GM_500/?afi=22596&ar=1937&mmi=69914&gclid=5f914a2a980b23047ad73424
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

strict-transport-security
max-age=31536000; preload; includeSubDomains
content-encoding
gzip
x-content-type-options
nosniff
status
200
alt-svc
h3-29=":443"; ma=3600,h3-27=":443"; ma=3600
content-length
70147
x-xss-protection
0
pragma
public
x-fb-debug
6yqOyFxb7wUg6ReVuoQZpe94bxDwQiTU4MrizZvkp66fJ1P+58bqmrFhASYaAS0ppdt2K9Y+LJaQhwzcF2OwiA==
x-fb-trip-id
664085054
x-frame-options
DENY
date
Thu, 22 Oct 2020 09:00:27 GMT
vary
Accept-Encoding
content-type
application/x-javascript; charset=utf-8
cache-control
public, max-age=1200
content-security-policy
default-src facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com data: blob: 'self';script-src *.fbcdn.net *.facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c;
expires
Sat, 01 Jan 2000 00:00:00 GMT
event
sslwidget.criteo.com/ 		1 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://sslwidget.criteo.com/event?a=27655&v=5.6.2&p0=e%3Dce%26m%3D%255B%255D&p1=e%3Dexd%26site_type%3Dd&p2=e%3Dvh&p3=e%3Ddis&adce=1&tld=karamba.com&dtycbr=59391
Requested by
Host: static.criteo.net
URL: https://static.criteo.net/js/ld/ld.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
178.250.2.151 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
Microsoft-IIS/10.0 / ASP.NET
Resource Hash
8289d6128fdf7efb2907ca86935b29d65532572e22c20a46682d0db6f89a946c

Request headers

Referer
https://offers.karamba.com/NO/Starburst_GM_500/?afi=22596&ar=1937&mmi=69914&gclid=5f914a2a980b23047ad73424
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 22 Oct 2020 09:00:26 GMT
content-encoding
gzip
server
Microsoft-IIS/10.0
timing-allow-origin
*
x-powered-by
ASP.NET
vary
Accept-Encoding
p3p
NON DSP COR CURa PSA PSD OUR BUS NAV STA
status
200
cache-control
no-cache
server-processing-duration-in-ticks
15086
content-type
application/x-javascript
content-length
864
expires
0
adoric.v4.min.css
static.adoric.com/ 		162 KB
13 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://static.adoric.com/adoric.v4.min.css
Requested by
Host: 61676801.adoric-om.com
URL: https://61676801.adoric-om.com/adoric.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.95.123.171 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
171.123.95.34.bc.googleusercontent.com
Software
UploadServer /
Resource Hash
f99cdcccb416b99f0826760b0f50e722bbba82d5290f97b6ffb4605249d9580f

Request headers

Referer
https://offers.karamba.com/NO/Starburst_GM_500/?afi=22596&ar=1937&mmi=69914&gclid=5f914a2a980b23047ad73424
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Thu, 22 Oct 2020 08:47:35 GMT
content-encoding
gzip
age
772
x-guploader-uploadid
ABg5-UyWnDAreDzvKrRvpDQDl3vzo-VNHluXMGrq_GhOLoQ9H_QTogisKJRuNeGkEbyJuXbsbD7dEWZixGujUrbxo2E
x-goog-storage-class
STANDARD
status
200
x-goog-custom-time
1970-01-01T00:00:00Z
x-goog-metageneration
1
x-goog-stored-content-encoding
gzip
alt-svc
clear
content-length
12292
x-goog-meta-
last-modified
Wed, 02 Sep 2020 08:23:20 GMT
server
UploadServer
etag
"21b813c54ce1cad3bc51afe640a4a76c"
vary
Accept-Encoding
x-goog-hash
crc32c=s8QsYA==, md5=IbgTxUzhytO8Ua/mQKSnbA==
x-goog-generation
1599035000575391
access-control-allow-origin
*
access-control-expose-headers
Content-Type
cache-control
public, max-age=3600
x-goog-stored-content-length
12292
accept-ranges
bytes
content-type
text/css
expires
Thu, 22 Oct 2020 09:47:35 GMT
/
app.adoric-om.com/v1/campaigns/ 		647 B
1 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://app.adoric-om.com/v1/campaigns/?u=ffae07bbfffe00e0a553f89120598c67&l=en&cc=0&b=notIdentified&os=mac&h=https%3A%2F%2Foffers.karamba.com%2FNO%2FStarburst_GM_500%2F%3Fafi%3D22596%26ar%3D1937%26mmi%3D69914%26gclid%3D5f914a2a980b23047ad73424&d=desktop&lsps=0&pd=A&nv=true&tz=-120&cIds=%5B%5D
Requested by
Host: 61676801.adoric-om.com
URL: https://61676801.adoric-om.com/adoric.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:e0::ac40:6f06 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
c708158318ef6e1b55f3bf646c3d0e350b36f5e5d983e4c6ffe30598b2c15724
Security Headers
Name Value
Strict-Transport-Security max-age=15552000; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Referer
https://offers.karamba.com/NO/Starburst_GM_500/?afi=22596&ar=1937&mmi=69914&gclid=5f914a2a980b23047ad73424
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Thu, 22 Oct 2020 09:00:27 GMT
via
1.1 google
x-content-type-options
nosniff
cf-cache-status
DYNAMIC
nel
{"report_to":"cf-nel","max_age":604800}
x-dns-prefetch-control
off
status
200
access-control-allow-methods
GET, POST, PUT, DELETE, OPTIONS
content-encoding
br
vary
Accept-Encoding
x-xss-protection
1; mode=block
cf-ray
5e6207313ba3d6e5-FRA
server
cloudflare
x-frame-options
SAMEORIGIN
etag
W/"287-mvf3pVjsOvntxAF2APBvMflQUyo"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security
max-age=15552000; includeSubDomains
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?lkg-colo=71&lkg-time=1603357228"}],"group":"cf-nel","max_age":604800}
x-download-options
noopen
access-control-allow-origin
*
access-control-allow-credentials
*
cf-request-id
05f122d2c10000d6e551346000000001
content-type
application/json; charset=utf-8
access-control-allow-headers
Origin, X-Requested-With, Content-Type, Accept, Authorization, Access-Control-Allow-Credentials
ga-audiences
www.google.com/ads/ 		42 B
273 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.com/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j86&tid=UA-85966793-1&cid=1184800504.1603357228&jid=596180489&_u=YGBAgAADQAAAgE~&z=115656006
Requested by
Host: offers.karamba.com
URL: https://offers.karamba.com/NO/Starburst_GM_500/?afi=22596&ar=1937&mmi=69914&gclid=5f914a2a980b23047ad73424
Protocol
H3-Q050
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:803::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://offers.karamba.com/NO/Starburst_GM_500/?afi=22596&ar=1937&mmi=69914&gclid=5f914a2a980b23047ad73424
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 22 Oct 2020 09:00:27 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
status
200
cache-control
no-cache, no-store, must-revalidate
content-type
image/gif
alt-svc
h3-Q050=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
ga-audiences
www.google.de/ads/ 		42 B
106 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.de/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j86&tid=UA-85966793-1&cid=1184800504.1603357228&jid=596180489&_u=YGBAgAADQAAAgE~&z=115656006
Requested by
Host: offers.karamba.com
URL: https://offers.karamba.com/NO/Starburst_GM_500/?afi=22596&ar=1937&mmi=69914&gclid=5f914a2a980b23047ad73424
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:802::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://offers.karamba.com/NO/Starburst_GM_500/?afi=22596&ar=1937&mmi=69914&gclid=5f914a2a980b23047ad73424
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 22 Oct 2020 09:00:27 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
status
200
cache-control
no-cache, no-store, must-revalidate
content-type
image/gif
alt-svc
h3-Q050=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-27=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
syncframe
gum.criteo.com/ Frame 0771 		0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://gum.criteo.com/syncframe?topUrl=offers.karamba.com
Requested by
Host: static.criteo.net
URL: https://static.criteo.net/js/ld/ld.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638:1::13 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
/
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

:method
GET
:authority
gum.criteo.com
:scheme
https
:path
/syncframe?topUrl=offers.karamba.com
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://offers.karamba.com/NO/Starburst_GM_500/?afi=22596&ar=1937&mmi=69914&gclid=5f914a2a980b23047ad73424
accept-encoding
gzip, deflate, br
accept-language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Referer
https://offers.karamba.com/NO/Starburst_GM_500/?afi=22596&ar=1937&mmi=69914&gclid=5f914a2a980b23047ad73424

Response headers

status
200
cache-control
private, max-age=0
content-type
text/html; charset=utf-8
strict-transport-security
max-age=31536000
server-processing-duration-in-ticks
521
date
Thu, 22 Oct 2020 09:00:26 GMT
content-length
0
983591508385850
connect.facebook.net/signals/config/ 		235 KB
69 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://connect.facebook.net/signals/config/983591508385850?v=2.9.27&r=stable
Requested by
Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/fbevents.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a03:2880:f01c:8012:face:b00c:0:3 , Ireland, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
/
Resource Hash
617934108f7a63296d4f675a2f46b50e37d2840af7729930f7e8bdb0bc494176
Security Headers
Name Value
Content-Security-Policy default-src facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com data: blob: 'self';script-src *.fbcdn.net *.facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c;
Strict-Transport-Security max-age=31536000; preload; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 0

Request headers

Referer
https://offers.karamba.com/NO/Starburst_GM_500/?afi=22596&ar=1937&mmi=69914&gclid=5f914a2a980b23047ad73424
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

strict-transport-security
max-age=31536000; preload; includeSubDomains
content-encoding
gzip
x-content-type-options
nosniff
status
200
alt-svc
h3-29=":443"; ma=3600,h3-27=":443"; ma=3600
content-length
70206
x-xss-protection
0
pragma
public
x-fb-debug
TzHnNtSi6xG7p47KsQtcsUn3hBXDd18viogN61b1bGbWuoousi7ykVied5XZLfMU+GqBEqZGJ5Te/alPGqcgbg==
x-fb-trip-id
664085054
x-frame-options
DENY
date
Thu, 22 Oct 2020 09:00:27 GMT
vary
Accept-Encoding
content-type
application/x-javascript; charset=utf-8
cache-control
public, max-age=1200
content-security-policy
default-src facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com data: blob: 'self';script-src *.fbcdn.net *.facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c;
expires
Sat, 01 Jan 2000 00:00:00 GMT
/
www.facebook.com/tr/ 		44 B
213 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.facebook.com/tr/?id=241981442639943&ev=PageView&dl=https%3A%2F%2Foffers.karamba.com%2FNO%2FStarburst_GM_500%2F%3Fafi%3D22596%26ar%3D1937%26mmi%3D69914%26gclid%3D5f914a2a980b23047ad73424&rl=&if=false&ts=1603357227735&sw=1600&sh=1200&v=2.9.27&r=stable&ec=0&o=30&fbp=fb.1.1603357227733.978667265&it=1603357227669&coo=false&rqm=GET
Requested by
Host: offers.karamba.com
URL: https://offers.karamba.com/NO/Starburst_GM_500/?afi=22596&ar=1937&mmi=69914&gclid=5f914a2a980b23047ad73424
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a03:2880:f11c:8183:face:b00c:0:25de , Ireland, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
proxygen-bolt /
Resource Hash
10d8d42d73a02ddb877101e72fbfa15a0ec820224d97cedee4cf92d571be5caa
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

Referer
https://offers.karamba.com/NO/Starburst_GM_500/?afi=22596&ar=1937&mmi=69914&gclid=5f914a2a980b23047ad73424
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Thu, 22 Oct 2020 09:00:27 GMT
last-modified
Fri, 21 Dec 2012 00:00:01 GMT
server
proxygen-bolt
strict-transport-security
max-age=31536000; includeSubDomains
content-type
image/gif
status
200
cache-control
no-cache, must-revalidate, max-age=0
alt-svc
h3-29=":443"; ma=3600,h3-27=":443"; ma=3600
content-length
44
expires
Thu, 22 Oct 2020 09:00:27 GMT
2220.js
script.crazyegg.com/pages/scripts/0026/ 		0
0 		Script
General
Check archive.org
Download Go to
Full URL
https://script.crazyegg.com/pages/scripts/0026/2220.js
Requested by
Host: dnn506yrbagrg.cloudfront.net
URL: https://dnn506yrbagrg.cloudfront.net/pages/scripts/0026/2220.js?445377
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6813:9308 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash

Request headers

Referer
https://offers.karamba.com/NO/Starburst_GM_500/?afi=22596&ar=1937&mmi=69914&gclid=5f914a2a980b23047ad73424
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Thu, 22 Oct 2020 09:00:27 GMT
cf-cache-status
HIT
last-modified
Wed, 21 Oct 2020 18:40:59 GMT
server
cloudflare
age
51568
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
application/javascript
status
410
cache-control
public, max-age=86400, s-maxage=86400
cf-ray
5e6207317c03dfff-FRA
content-length
0
cf-request-id
05f122d2ed0000dfff58b99000000001
/
www.facebook.com/tr/ 		44 B
378 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.facebook.com/tr/?id=983591508385850&ev=PageView&dl=https%3A%2F%2Foffers.karamba.com%2FNO%2FStarburst_GM_500%2F%3Fafi%3D22596%26ar%3D1937%26mmi%3D69914%26gclid%3D5f914a2a980b23047ad73424&rl=&if=false&ts=1603357227770&sw=1600&sh=1200&v=2.9.27&r=stable&ec=0&o=30&fbp=fb.1.1603357227733.978667265&it=1603357227669&coo=false&rqm=GET
Requested by
Host: offers.karamba.com
URL: https://offers.karamba.com/NO/Starburst_GM_500/?afi=22596&ar=1937&mmi=69914&gclid=5f914a2a980b23047ad73424
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a03:2880:f11c:8183:face:b00c:0:25de , Ireland, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
proxygen-bolt /
Resource Hash
10d8d42d73a02ddb877101e72fbfa15a0ec820224d97cedee4cf92d571be5caa
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

Referer
https://offers.karamba.com/NO/Starburst_GM_500/?afi=22596&ar=1937&mmi=69914&gclid=5f914a2a980b23047ad73424
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Thu, 22 Oct 2020 09:00:27 GMT
last-modified
Fri, 21 Dec 2012 00:00:01 GMT
server
proxygen-bolt
strict-transport-security
max-age=31536000; includeSubDomains
content-type
image/gif
status
200
cache-control
no-cache, must-revalidate, max-age=0
alt-svc
h3-29=":443"; ma=3600,h3-27=":443"; ma=3600
content-length
44
expires
Thu, 22 Oct 2020 09:00:27 GMT
config.json
c.go-mpulse.net/api/ Frame A439 		956 B
861 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://c.go-mpulse.net/api/config.json?key=GSM53-6YHXF-SE8EJ-RXEU2-55P9Q&d=offers.karamba.com&t=5344524&v=1.632.0&if=&sl=0&si=k63xnans9tm-qilicr&plugins=AK,ConfigOverride,Continuity,PageParams,IFrameDelay,AutoXHR,SPA,Angular,Backbone,Ember,History,RT,CrossDomain,BW,PaintTiming,NavigationTiming,ResourceTiming,Memory,CACHE_RELOAD,Errors,TPAnalytics,UserTiming,Akamai,LOGN&acao=&ak.ai=574670
Requested by
Host: s.go-mpulse.net
URL: https://s.go-mpulse.net/boomerang/GSM53-6YHXF-SE8EJ-RXEU2-55P9Q
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_256_GCM
Server
2a02:26f0:6c00:192::11a6 , Ascension Island, ASN20940 (AKAMAI-ASN1, EU),
Reverse DNS
Software
/
Resource Hash
6898c67fbe9e005c708b9eed324fd1611bc84055d1a0fc65fd07564ea48e3bc2

Request headers

Referer
https://offers.karamba.com/NO/Starburst_GM_500/?afi=22596&ar=1937&mmi=69914&gclid=5f914a2a980b23047ad73424
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date
Thu, 22 Oct 2020 09:00:28 GMT
Content-Encoding
gzip
Vary
Accept-Encoding
Content-Type
application/json
Access-Control-Allow-Origin
*
Cache-Control
private, max-age=300, stale-while-revalidate=60, stale-if-error=120
Connection
keep-alive
Timing-Allow-Origin
*
Content-Length
541
ff81de8095f1
zz.connextra.com/Karamba/dcs/tagController/tagData/ 		0
393 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://zz.connextra.com/Karamba/dcs/tagController/tagData/ff81de8095f1
Requested by
Host: zz.connextra.com
URL: https://zz.connextra.com/dcs/tagController/tag/ff81de8095f1/homepage
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
23.77.209.152 , Netherlands, ASN20940 (AKAMAI-ASN1, EU),
Reverse DNS
a23-77-209-152.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://offers.karamba.com/NO/Starburst_GM_500/?afi=22596&ar=1937&mmi=69914&gclid=5f914a2a980b23047ad73424
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

date
Thu, 22 Oct 2020 09:00:27 GMT
status
200
vary
Origin
p3p
CP=NOI DSP COR CURa ADMa DEVa PSAa PSDa OUR SAMa BUS IND UNI PUR COM NAV
access-control-allow-origin
https://offers.karamba.com
access-control-allow-credentials
true
content-type
text/plain
content-length
0
js
pixel.mathtag.com/event/ 		597 B
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pixel.mathtag.com/event/js?mt_id=1481760&mt_adid=238326&mt_exem=&mt_excl=&v1=&v2=&v3=&s1=&s2=&s3=
Requested by
Host: zz.connextra.com
URL: https://zz.connextra.com/dcs/tagController/tag/ff81de8095f1/homepage
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2.18.233.201 , Ascension Island, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a2-18-233-201.deploy.static.akamaitechnologies.com
Software
MT3 3226 118e342 master cdg-pixel-x4 /
Resource Hash
acfa1f03ac087fc08ca7389b23f01c47b31c6d00d412a21d9342af3c070fff57

Request headers

Referer
https://offers.karamba.com/NO/Starburst_GM_500/?afi=22596&ar=1937&mmi=69914&gclid=5f914a2a980b23047ad73424
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date
Thu, 22 Oct 2020 09:00:27 GMT
Server
MT3 3226 118e342 master cdg-pixel-x4
P3P
CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
Cache-Control
no-cache
Connection
keep-alive
Content-Type
text/javascript
Content-Length
597
Expires
Thu, 22 Oct 2020 09:04:45 GMT
bounce
secure.adnxs.com/ Frame FD25
Redirect Chain
  • https://secure.adnxs.com/seg?add=22212759&t=2
  • https://secure.adnxs.com/bounce?%2Fseg%3Fadd%3D22212759%26t%3D2
43 B
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://secure.adnxs.com/bounce?%2Fseg%3Fadd%3D22212759%26t%3D2
Requested by
Host: offers.karamba.com
URL: https://offers.karamba.com/NO/Starburst_GM_500/?afi=22596&ar=1937&mmi=69914&gclid=5f914a2a980b23047ad73424
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
37.252.172.249 , Ascension Island, ASN29990 (ASN-APPNEX, US),
Reverse DNS
534.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net
Software
nginx/1.17.9 /
Resource Hash
4b5b6b15c6255109e06720cce42a06d3aead8b7874423d9c52cb0303212c25ef
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Referer
https://offers.karamba.com/NO/Starburst_GM_500/?afi=22596&ar=1937&mmi=69914&gclid=5f914a2a980b23047ad73424
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Pragma
no-cache
Date
Thu, 22 Oct 2020 09:00:27 GMT
X-Proxy-Origin
185.212.171.67; 185.212.171.67; 534.bm-nginx-loadbalancer.mgmt.fra1; *.adnxs.com; 37.252.172.49:80
AN-X-Request-Uuid
4519a0c5-2948-45f8-af68-7d6499b76b66
Server
nginx/1.17.9
P3P
policyref="http://cdn.adnxs.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Access-Control-Allow-Origin
*
Cache-Control
no-store, no-cache, private
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Type
image/gif
Content-Length
43
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT

Redirect headers

Pragma
no-cache
Date
Thu, 22 Oct 2020 09:00:27 GMT
X-Proxy-Origin
185.212.171.67; 185.212.171.67; 534.bm-nginx-loadbalancer.mgmt.fra1; *.adnxs.com; 37.252.172.149:80
AN-X-Request-Uuid
a106659a-b0fc-4287-a361-458923672f0d
Server
nginx/1.17.9
Access-Control-Allow-Origin
*
P3P
policyref="http://cdn.adnxs.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Location
https://secure.adnxs.com/bounce?%2Fseg%3Fadd%3D22212759%26t%3D2
Cache-Control
no-store, no-cache, private
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Type
text/html; charset=utf-8
Content-Length
0
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT
getuidnb
secure.adnxs.com/ Frame 0293 		43 B
692 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://secure.adnxs.com/getuidnb?https%3A//zz.connextra.com/sync/data/uid/3bc1d7fd2e/%24UID
Requested by
Host: offers.karamba.com
URL: https://offers.karamba.com/NO/Starburst_GM_500/?afi=22596&ar=1937&mmi=69914&gclid=5f914a2a980b23047ad73424
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
37.252.172.249 , Ascension Island, ASN29990 (ASN-APPNEX, US),
Reverse DNS
534.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net
Software
nginx/1.17.9 /
Resource Hash
4b5b6b15c6255109e06720cce42a06d3aead8b7874423d9c52cb0303212c25ef
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Referer
https://offers.karamba.com/NO/Starburst_GM_500/?afi=22596&ar=1937&mmi=69914&gclid=5f914a2a980b23047ad73424
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Pragma
no-cache
Date
Thu, 22 Oct 2020 09:00:27 GMT
X-Proxy-Origin
185.212.171.67; 185.212.171.67; 534.bm-nginx-loadbalancer.mgmt.fra1; *.adnxs.com; 37.252.172.39:80
AN-X-Request-Uuid
f7dc1819-6d01-44d1-9f4a-20ee0695ad18
Server
nginx/1.17.9
P3P
policyref="http://cdn.adnxs.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Access-Control-Allow-Origin
*
Cache-Control
no-store, no-cache, private
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Type
image/gif
Content-Length
43
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT
2b9e5f91-4a2b-4700-b383-c5f3cdef320f
zz.connextra.com/sync/data/uid/6c883bd680/ Frame 9E67
Redirect Chain
  • https://sync.mathtag.com/sync/img?redir=https%3A%2F%2Fzz.connextra.com%2Fsync%2Fdata%2Fuid%2F6c883bd680%2F%5BMM_UUID%5D
  • https://zz.connextra.com/sync/data/uid/6c883bd680/2b9e5f91-4a2b-4700-b383-c5f3cdef320f
43 B
457 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://zz.connextra.com/sync/data/uid/6c883bd680/2b9e5f91-4a2b-4700-b383-c5f3cdef320f
Requested by
Host: offers.karamba.com
URL: https://offers.karamba.com/NO/Starburst_GM_500/?afi=22596&ar=1937&mmi=69914&gclid=5f914a2a980b23047ad73424
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
23.77.209.152 , Netherlands, ASN20940 (AKAMAI-ASN1, EU),
Reverse DNS
a23-77-209-152.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Referer
https://offers.karamba.com/NO/Starburst_GM_500/?afi=22596&ar=1937&mmi=69914&gclid=5f914a2a980b23047ad73424
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 22 Oct 2020 09:00:27 GMT
p3p
CP=NOI DSP COR CURa ADMa DEVa PSAa PSDa OUR SAMa BUS IND UNI PUR COM NAV
status
200
cache-control
max-age=0, no-cache, no-store
content-type
image/gif
content-length
43
expires
Thu, 22 Oct 2020 09:00:27 GMT

Redirect headers

Date
Thu, 22 Oct 2020 09:00:29 GMT
Server
MT3 3226 118e342 master cdg-pixel-x11
P3P
CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
location
https://zz.connextra.com/sync/data/uid/6c883bd680/2b9e5f91-4a2b-4700-b383-c5f3cdef320f
Cache-Control
no-cache
Connection
keep-alive
Content-Type
image/gif
Keep-Alive
timeout=360
Content-Length
0
Expires
Thu, 22 Oct 2020 09:00:28 GMT
collect
www.google-analytics.com/ 		35 B
58 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google-analytics.com/collect?v=1&_v=j86&a=339460059&t=adtiming&_s=2&dl=https%3A%2F%2Foffers.karamba.com%2FNO%2FStarburst_GM_500%2F%3Fafi%3D22596%26ar%3D1937%26mmi%3D69914%26gclid%3D5f914a2a980b23047ad73424&ul=en-us&de=UTF-8&dt=Karamba%20-%20Starburst_GM_500&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&plt=1813&pdt=1&dns=10&rrt=762&srt=326&tcp=50&dit=1408&clt=1408&_gst=1540&_gbt=1656&_cst=1261&_cbt=1352&_u=aHDAgEADQAAAgE~&jid=&gjid=&cid=1184800504.1603357228&tid=UA-85966793-1&_gid=1057675603.1603357228&gtm=2wg9u15SR6C87&cd1=22596&cd2=1937&cd4=5f914a2a980b23047ad73424&cd5=69914&z=2042340737
Protocol
H3-Q050
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:824::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://offers.karamba.com/NO/Starburst_GM_500/?afi=22596&ar=1937&mmi=69914&gclid=5f914a2a980b23047ad73424
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 21 Oct 2020 10:03:10 GMT
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
age
82637
status
200
content-type
image/gif
access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3-Q050=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-27=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
35
expires
Mon, 01 Jan 1990 00:00:00 GMT
cors
data.ad-score.com/data/ 		1 B
274 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://data.ad-score.com/data/cors?pm_st=iKOKfSYbpCRSWxuigGRDGlcJdXhajXIm-FE7fPshldVrkKD8b33LOF0jBNA==-E0zBP89vb1vqMg==&pm_ct=e52653165d6e7a719db1c61d&pm_pl=1603357227379&pm_td=527&pid=1000211&en=1.1&callback=__pm_glbl_AFq5oD97YC9yPnVSFUEqBlTp._gc3&tt=g&v=5e56916
Requested by
Host: js.ad-score.com
URL: https://js.ad-score.com/score.min.js?pid=1000211
Protocol
HTTP/1.1
Security
TLS 1.2, RSA, AES_128_GCM
Server
130.211.115.4 Mountain View, United States, ASN15169 (GOOGLE, US),
Reverse DNS
4.115.211.130.bc.googleusercontent.com
Software
/
Resource Hash
5feceb66ffc86f38d952786c6d696c79c2dbc239dd4e91b46729d73a27fb57e9

Request headers

Referer
https://offers.karamba.com/NO/Starburst_GM_500/?afi=22596&ar=1937&mmi=69914&gclid=5f914a2a980b23047ad73424
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Content-Type
text/plain

Response headers

Access-Control-Allow-Origin
https://offers.karamba.com
Date
Thu, 22 Oct 2020 09:00:28 GMT
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Length
1
Access-Control-Allow-Methods
POST
Content-Type
text/plain; charset=utf-8
img
pixel.mathtag.com/misc/ 		43 B
625 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pixel.mathtag.com/misc/img?mm_bnc&bcdv=0
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2.18.233.201 , Ascension Island, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a2-18-233-201.deploy.static.akamaitechnologies.com
Software
MT3 3226 118e342 master cdg-pixel-x9 /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Referer
https://offers.karamba.com/NO/Starburst_GM_500/?afi=22596&ar=1937&mmi=69914&gclid=5f914a2a980b23047ad73424
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date
Thu, 22 Oct 2020 09:00:27 GMT
Server
MT3 3226 118e342 master cdg-pixel-x9
P3P
CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
Cache-Control
no-cache
Connection
keep-alive
Content-Type
image/gif
Content-Length
43
Expires
Thu, 22 Oct 2020 09:04:45 GMT
img.gif
my.rtmark.net/ 		43 B
707 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://my.rtmark.net/img.gif?f=sync&partner=58b5af2832492d653535743c972fdbcbc5f76b0521ea0ed7cd26145bec21e330&ttl=&rurl=https%3A%2F%2Foffers.karamba.com%2FNO%2FStarburst_GM_500%2F%3Fafi%3D22596%26ar%3D1937%26mmi%3D69914%26gclid%3D5f914a2a980b23047ad73424
Protocol
HTTP/1.1
Security
TLS 1.2, RSA, AES_128_CBC
Server
139.45.196.87 , Ascension Island, ASN9002 (RETN-AS, EU),
Reverse DNS
Software
nginx /
Resource Hash
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49
Security Headers
Name Value
Strict-Transport-Security max-age=1
X-Content-Type-Options nosniff

Request headers

Referer
https://offers.karamba.com/NO/Starburst_GM_500/?afi=22596&ar=1937&mmi=69914&gclid=5f914a2a980b23047ad73424
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date
Thu, 22 Oct 2020 09:00:28 GMT
X-Content-Type-Options
nosniff
Server
nginx
Strict-Transport-Security
max-age=1
Access-Control-Allow-Methods
POST, GET, OPTIONS, PUT, DELETE
Content-Type
image/gif
Access-Control-Allow-Origin
*
Access-Control-Expose-Headers
Authorization
Access-Control-Allow-Credentials
true
Connection
keep-alive
Timing-Allow-Origin
*, *
Access-Control-Allow-Headers
Accept, Content-Type, Content-Length, Accept-Encoding, Authorization,X-CSRF-Token
Content-Length
43
results.txt
xhkkwqyccc5ewx4rjiwa-p82old-697ae308b-clientnsv4-s.akamaihd.net/eum/ Frame A439
Redirect Chain
  • https://trial-eum-clientnsv4-s.akamaihd.net/eum/getdns.txt?c=p82oldwec
  • https://xhkkwqyccc5ewx4rjiwa-p82old-697ae308b-clientnsv4-s.akamaihd.net/eum/results.txt
8 B
312 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://xhkkwqyccc5ewx4rjiwa-p82old-697ae308b-clientnsv4-s.akamaihd.net/eum/results.txt
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
2.16.186.73 , Ascension Island, ASN20940 (AKAMAI-ASN1, EU),
Reverse DNS
a2-16-186-73.deploy.static.akamaitechnologies.com
Software
AkamaiNetStorage /
Resource Hash
662efaf46c617ddbcb8ff4a2a8f64cffd3d93630f1003f8e66511f369b87730f

Request headers

Referer
https://offers.karamba.com/NO/Starburst_GM_500/?afi=22596&ar=1937&mmi=69914&gclid=5f914a2a980b23047ad73424
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date
Thu, 22 Oct 2020 09:00:28 GMT
Last-Modified
Wed, 08 May 2013 07:51:12 GMT
Server
AkamaiNetStorage
ETag
"402e7a087747cb56c718bde84651f96a:1367999472"
Content-Type
text/plain
Access-Control-Allow-Origin
*
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
8

Redirect headers

Location
https://xhkkwqyccc5ewx4rjiwa-p82old-697ae308b-clientnsv4-s.akamaihd.net/eum/results.txt
Date
Thu, 22 Oct 2020 09:00:28 GMT
Server
AkamaiGHost
Connection
keep-alive
Access-Control-Allow-Origin
*
Content-Length
0
results.txt
fiaqj6absjkbikqce3ygyaaaabpzcsrm-p82old-da8434574-clienttons-s.akamaihd.net/eum/ Frame A439
Redirect Chain
  • https://trial-eum-clienttons-s.akamaihd.net/eum/getdns.txt?c=p82oldwec
  • https://fiaqj6absjkbikqce3ygyaaaabpzcsrm-p82old-da8434574-clienttons-s.akamaihd.net/eum/results.txt
8 B
312 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://fiaqj6absjkbikqce3ygyaaaabpzcsrm-p82old-da8434574-clienttons-s.akamaihd.net/eum/results.txt
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
2a02:26f0:6c00::210:ba19 , Ascension Island, ASN20940 (AKAMAI-ASN1, EU),
Reverse DNS
Software
AkamaiNetStorage /
Resource Hash
662efaf46c617ddbcb8ff4a2a8f64cffd3d93630f1003f8e66511f369b87730f

Request headers

Referer
https://offers.karamba.com/NO/Starburst_GM_500/?afi=22596&ar=1937&mmi=69914&gclid=5f914a2a980b23047ad73424
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date
Thu, 22 Oct 2020 09:00:28 GMT
Last-Modified
Wed, 08 May 2013 07:51:12 GMT
Server
AkamaiNetStorage
ETag
"402e7a087747cb56c718bde84651f96a:1367999472"
Content-Type
text/plain
Access-Control-Allow-Origin
*
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
8

Redirect headers

Location
https://fiaqj6absjkbikqce3ygyaaaabpzcsrm-p82old-da8434574-clienttons-s.akamaihd.net/eum/results.txt
Date
Thu, 22 Oct 2020 09:00:28 GMT
Server
AkamaiGHost
Connection
keep-alive
Access-Control-Allow-Origin
*
Content-Length
0
Starburst_GM_500_slide1_1490261845_slide1_screen_1.jpg
asgdownload.blob.core.windows.net/websites/Download/Resources/LandingPages/Kits/NA/ 		133 KB
134 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://asgdownload.blob.core.windows.net/websites/Download/Resources/LandingPages/Kits/NA/Starburst_GM_500_slide1_1490261845_slide1_screen_1.jpg
Requested by
Host: download.gamesrv1.com
URL: https://download.gamesrv1.com/Resources/LandingPages/JS/cute/cute.css3d.module.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
52.239.140.42 Amsterdam, Netherlands, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0 /
Resource Hash
5ad7a0b603156f728643f26123bb1c6ac68c8a5c43cab8db0fbf885c43a4e618

Request headers

Referer
https://offers.karamba.com/NO/Starburst_GM_500/?afi=22596&ar=1937&mmi=69914&gclid=5f914a2a980b23047ad73424
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

x-ms-blob-type
BlockBlob
Date
Thu, 22 Oct 2020 09:00:27 GMT
Content-MD5
+pMsF7mSeyCWFVDeD11jjA==
Content-Disposition
Content-Length
136447
x-ms-lease-state
available
x-ms-lease-status
unlocked
Last-Modified
Thu, 05 Dec 2019 07:10:45 GMT
Server
Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0
ETag
"0x8D779523F31350A"
Content-Type
image/jpeg
Access-Control-Allow-Origin
*
x-ms-request-id
51fae030-301e-005f-7051-a8a230000000
Access-Control-Expose-Headers
x-ms-request-id,Server,x-ms-version,Content-Type,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-lease-state,x-ms-blob-type,Content-Disposition,Accept-Ranges,Content-Length,Date,Transfer-Encoding
x-ms-version
2014-02-14
Accept-Ranges
bytes
Starburst_GM_500_slide2_1490261846_slide2_screen_2.jpg
asgdownload.blob.core.windows.net/websites/Download/Resources/LandingPages/Kits/NA/ 		159 KB
160 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://asgdownload.blob.core.windows.net/websites/Download/Resources/LandingPages/Kits/NA/Starburst_GM_500_slide2_1490261846_slide2_screen_2.jpg
Requested by
Host: download.gamesrv1.com
URL: https://download.gamesrv1.com/Resources/LandingPages/JS/cute/cute.css3d.module.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
52.239.140.42 Amsterdam, Netherlands, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0 /
Resource Hash
8a2237a03ca68a0de6c87d94660068de28249b3116e4a48f6191538cd1a490ac

Request headers

Referer
https://offers.karamba.com/NO/Starburst_GM_500/?afi=22596&ar=1937&mmi=69914&gclid=5f914a2a980b23047ad73424
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

x-ms-blob-type
BlockBlob
Date
Thu, 22 Oct 2020 09:00:28 GMT
Content-MD5
4JLNErESFKM9U4ptcWEk4A==
Content-Disposition
Content-Length
162770
x-ms-lease-state
available
x-ms-lease-status
unlocked
Last-Modified
Thu, 05 Dec 2019 07:10:53 GMT
Server
Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0
ETag
"0x8D779524451C6FF"
Content-Type
image/jpeg
Access-Control-Allow-Origin
*
x-ms-request-id
bad467b5-f01e-00ac-2651-a87159000000
Access-Control-Expose-Headers
x-ms-request-id,Server,x-ms-version,Content-Type,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-lease-state,x-ms-blob-type,Content-Disposition,Accept-Ranges,Content-Length,Date,Transfer-Encoding
x-ms-version
2014-02-14
Accept-Ranges
bytes
/
6852bd10.akstat.io/ 		0
359 B 		Other
General
Check archive.org
Download Go to
Full URL
https://6852bd10.akstat.io/
Requested by
Host: s.go-mpulse.net
URL: https://s.go-mpulse.net/boomerang/GSM53-6YHXF-SE8EJ-RXEU2-55P9Q
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_256_GCM
Server
2a02:26f0:6c00:297::11a6 , Ascension Island, ASN20940 (AKAMAI-ASN1, EU),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Referer
https://offers.karamba.com/NO/Starburst_GM_500/?afi=22596&ar=1937&mmi=69914&gclid=5f914a2a980b23047ad73424
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Content-Type
application/x-www-form-urlencoded

Response headers

Pragma
no-cache
Date
Thu, 22 Oct 2020 09:00:28 GMT
Content-Type
image/gif
Access-Control-Allow-Origin
https://offers.karamba.com
Cache-Control
max-age=0, no-cache, no-store
Access-Control-Allow-Credentials
true
Connection
keep-alive
Timing-Allow-Origin
*
X-XSS-Protection
0
Expires
Thu, 22 Oct 2020 09:00:28 GMT
cors
data.ad-score.com/data/ 		1 B
274 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://data.ad-score.com/data/cors?pm_st=iKOKfSYbpCRSWxuigGRDGlcJdXhajXIm-FE7fPshldVrkKD8b33LOF0jBNA==-E0zBP89vb1vqMg==&pm_ct=e52653165d6e7a719db1c61d&pm_pl=1603357227379&pm_td=1221&pid=1000211&en=1.1&callback=__pm_glbl_AFq5oD97YC9yPnVSFUEqBlTp._gc4&tt=g&v=5e56916
Requested by
Host: js.ad-score.com
URL: https://js.ad-score.com/score.min.js?pid=1000211
Protocol
HTTP/1.1
Security
TLS 1.2, RSA, AES_128_GCM
Server
130.211.115.4 Mountain View, United States, ASN15169 (GOOGLE, US),
Reverse DNS
4.115.211.130.bc.googleusercontent.com
Software
/
Resource Hash
5feceb66ffc86f38d952786c6d696c79c2dbc239dd4e91b46729d73a27fb57e9

Request headers

Referer
https://offers.karamba.com/NO/Starburst_GM_500/?afi=22596&ar=1937&mmi=69914&gclid=5f914a2a980b23047ad73424
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Content-Type
text/plain

Response headers

Access-Control-Allow-Origin
https://offers.karamba.com
Date
Thu, 22 Oct 2020 09:00:28 GMT
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Length
1
Access-Control-Allow-Methods
POST
Content-Type
text/plain; charset=utf-8
/
www.facebook.com/tr/ 		44 B
146 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.facebook.com/tr/?id=241981442639943&ev=Microdata&dl=https%3A%2F%2Foffers.karamba.com%2FNO%2FStarburst_GM_500%2F%3Fafi%3D22596%26ar%3D1937%26mmi%3D69914%26gclid%3D5f914a2a980b23047ad73424&rl=&if=false&ts=1603357229246&cd[DataLayer]=%5B%5D&cd[Meta]=%7B%22title%22%3A%22Karamba%20-%20Starburst_GM_500%22%2C%22meta%3Adescription%22%3A%22%22%7D&cd[OpenGraph]=%7B%7D&cd[Schema.org]=%5B%5D&cd[JSON-LD]=%5B%5D&sw=1600&sh=1200&v=2.9.27&r=stable&ec=1&o=30&fbp=fb.1.1603357227733.978667265&it=1603357227669&coo=false&es=automatic&tm=3&rqm=GET
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a03:2880:f11c:8183:face:b00c:0:25de , Ireland, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
proxygen-bolt /
Resource Hash
10d8d42d73a02ddb877101e72fbfa15a0ec820224d97cedee4cf92d571be5caa
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

Referer
https://offers.karamba.com/NO/Starburst_GM_500/?afi=22596&ar=1937&mmi=69914&gclid=5f914a2a980b23047ad73424
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Thu, 22 Oct 2020 09:00:29 GMT
last-modified
Fri, 21 Dec 2012 00:00:01 GMT
server
proxygen-bolt
strict-transport-security
max-age=31536000; includeSubDomains
content-type
image/gif
status
200
cache-control
no-cache, must-revalidate, max-age=0
alt-svc
h3-29=":443"; ma=3600,h3-27=":443"; ma=3600
content-length
44
expires
Thu, 22 Oct 2020 09:00:29 GMT
/
www.facebook.com/tr/ 		44 B
100 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.facebook.com/tr/?id=983591508385850&ev=Microdata&dl=https%3A%2F%2Foffers.karamba.com%2FNO%2FStarburst_GM_500%2F%3Fafi%3D22596%26ar%3D1937%26mmi%3D69914%26gclid%3D5f914a2a980b23047ad73424&rl=&if=false&ts=1603357229309&cd[DataLayer]=%5B%5D&cd[Meta]=%7B%22title%22%3A%22Karamba%20-%20Starburst_GM_500%22%2C%22meta%3Adescription%22%3A%22%22%7D&cd[OpenGraph]=%7B%7D&cd[Schema.org]=%5B%5D&cd[JSON-LD]=%5B%5D&sw=1600&sh=1200&v=2.9.27&r=stable&ec=1&o=30&fbp=fb.1.1603357227733.978667265&it=1603357227669&coo=false&es=automatic&tm=3&rqm=GET
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a03:2880:f11c:8183:face:b00c:0:25de , Ireland, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
proxygen-bolt /
Resource Hash
10d8d42d73a02ddb877101e72fbfa15a0ec820224d97cedee4cf92d571be5caa
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

Referer
https://offers.karamba.com/NO/Starburst_GM_500/?afi=22596&ar=1937&mmi=69914&gclid=5f914a2a980b23047ad73424
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Thu, 22 Oct 2020 09:00:29 GMT
last-modified
Fri, 21 Dec 2012 00:00:01 GMT
server
proxygen-bolt
strict-transport-security
max-age=31536000; includeSubDomains
content-type
image/gif
status
200
cache-control
no-cache, must-revalidate, max-age=0
alt-svc
h3-29=":443"; ma=3600,h3-27=":443"; ma=3600
content-length
44
expires
Thu, 22 Oct 2020 09:00:29 GMT
cors
data.ad-score.com/data/ 		1 B
274 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://data.ad-score.com/data/cors?pm_st=iKOKfSYbpCRSWxuigGRDGlcJdXhajXIm-FE7fPshldVrkKD8b33LOF0jBNA==-E0zBP89vb1vqMg==&pm_ct=e52653165d6e7a719db1c61d&pm_pl=1603357227379&pm_td=2220&pid=1000211&en=1.1&callback=__pm_glbl_AFq5oD97YC9yPnVSFUEqBlTp._gc5&tt=g&v=5e56916
Requested by
Host: js.ad-score.com
URL: https://js.ad-score.com/score.min.js?pid=1000211
Protocol
HTTP/1.1
Security
TLS 1.2, RSA, AES_128_GCM
Server
130.211.115.4 Mountain View, United States, ASN15169 (GOOGLE, US),
Reverse DNS
4.115.211.130.bc.googleusercontent.com
Software
/
Resource Hash
5feceb66ffc86f38d952786c6d696c79c2dbc239dd4e91b46729d73a27fb57e9

Request headers

Referer
https://offers.karamba.com/NO/Starburst_GM_500/?afi=22596&ar=1937&mmi=69914&gclid=5f914a2a980b23047ad73424
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Content-Type
text/plain

Response headers

Access-Control-Allow-Origin
https://offers.karamba.com
Date
Thu, 22 Oct 2020 09:00:29 GMT
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Length
1
Access-Control-Allow-Methods
POST
Content-Type
text/plain; charset=utf-8
Starburst_GM_500_slide3_1490261846_slide3_screen_3.jpg
asgdownload.blob.core.windows.net/websites/Download/Resources/LandingPages/Kits/NA/ 		147 KB
147 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://asgdownload.blob.core.windows.net/websites/Download/Resources/LandingPages/Kits/NA/Starburst_GM_500_slide3_1490261846_slide3_screen_3.jpg
Requested by
Host: download.gamesrv1.com
URL: https://download.gamesrv1.com/Resources/LandingPages/JS/cute/cute.slider.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
52.239.140.42 Amsterdam, Netherlands, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0 /
Resource Hash
6ee456ecfd061423420a751259244fb0b5d506e3b62bebeb0c6a454f3e23e4c5

Request headers

Referer
https://offers.karamba.com/NO/Starburst_GM_500/?afi=22596&ar=1937&mmi=69914&gclid=5f914a2a980b23047ad73424
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

x-ms-blob-type
BlockBlob
Date
Thu, 22 Oct 2020 09:00:31 GMT
Content-MD5
/0wm1kku0n0I63UGQHXrWA==
Content-Disposition
Content-Length
150027
x-ms-lease-state
available
x-ms-lease-status
unlocked
Last-Modified
Thu, 05 Dec 2019 07:10:39 GMT
Server
Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0
ETag
"0x8D779523C29F8DE"
Content-Type
image/jpeg
Access-Control-Allow-Origin
*
x-ms-request-id
bad470b5-f01e-00ac-5951-a87159000000
Access-Control-Expose-Headers
x-ms-request-id,Server,x-ms-version,Content-Type,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-lease-state,x-ms-blob-type,Content-Disposition,Accept-Ranges,Content-Length,Date,Transfer-Encoding
x-ms-version
2014-02-14
Accept-Ranges
bytes
Starburst_GM_500_slide2_1490261846_slide2_screen_2.jpg
asgdownload.blob.core.windows.net/websites/Download/Resources/LandingPages/Kits/NA/ 		159 KB
160 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://asgdownload.blob.core.windows.net/websites/Download/Resources/LandingPages/Kits/NA/Starburst_GM_500_slide2_1490261846_slide2_screen_2.jpg
Requested by
Host: download.gamesrv1.com
URL: https://download.gamesrv1.com/Resources/LandingPages/JS/cute/cute.css3d.module.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
52.239.140.42 Amsterdam, Netherlands, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0 /
Resource Hash
8a2237a03ca68a0de6c87d94660068de28249b3116e4a48f6191538cd1a490ac

Request headers

Referer
https://offers.karamba.com/NO/Starburst_GM_500/?afi=22596&ar=1937&mmi=69914&gclid=5f914a2a980b23047ad73424
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

x-ms-blob-type
BlockBlob
Date
Thu, 22 Oct 2020 09:00:32 GMT
Content-MD5
4JLNErESFKM9U4ptcWEk4A==
Content-Disposition
Content-Length
162770
x-ms-lease-state
available
x-ms-lease-status
unlocked
Last-Modified
Thu, 05 Dec 2019 07:10:53 GMT
Server
Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0
ETag
"0x8D779524451C6FF"
Content-Type
image/jpeg
Access-Control-Allow-Origin
*
x-ms-request-id
bad471cc-f01e-00ac-3951-a87159000000
Access-Control-Expose-Headers
x-ms-request-id,Server,x-ms-version,Content-Type,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-lease-state,x-ms-blob-type,Content-Disposition,Accept-Ranges,Content-Length,Date,Transfer-Encoding
x-ms-version
2014-02-14
Accept-Ranges
bytes
Starburst_GM_500_slide3_1490261846_slide3_screen_3.jpg
asgdownload.blob.core.windows.net/websites/Download/Resources/LandingPages/Kits/NA/ 		147 KB
147 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://asgdownload.blob.core.windows.net/websites/Download/Resources/LandingPages/Kits/NA/Starburst_GM_500_slide3_1490261846_slide3_screen_3.jpg
Requested by
Host: download.gamesrv1.com
URL: https://download.gamesrv1.com/Resources/LandingPages/JS/cute/cute.css3d.module.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
52.239.140.42 Amsterdam, Netherlands, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0 /
Resource Hash
6ee456ecfd061423420a751259244fb0b5d506e3b62bebeb0c6a454f3e23e4c5

Request headers

Referer
https://offers.karamba.com/NO/Starburst_GM_500/?afi=22596&ar=1937&mmi=69914&gclid=5f914a2a980b23047ad73424
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

x-ms-blob-type
BlockBlob
Date
Thu, 22 Oct 2020 09:00:32 GMT
Content-MD5
/0wm1kku0n0I63UGQHXrWA==
Content-Disposition
Content-Length
150027
x-ms-lease-state
available
x-ms-lease-status
unlocked
Last-Modified
Thu, 05 Dec 2019 07:10:39 GMT
Server
Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0
ETag
"0x8D779523C29F8DE"
Content-Type
image/jpeg
Access-Control-Allow-Origin
*
x-ms-request-id
51fae80a-301e-005f-6e51-a8a230000000
Access-Control-Expose-Headers
x-ms-request-id,Server,x-ms-version,Content-Type,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-lease-state,x-ms-blob-type,Content-Disposition,Accept-Ranges,Content-Length,Date,Transfer-Encoding
x-ms-version
2014-02-14
Accept-Ranges
bytes
img
pixel.mathtag.com/misc/ 		43 B
634 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pixel.mathtag.com/misc/img?mm_bnc&bcdv=1
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2.18.233.201 , Ascension Island, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a2-18-233-201.deploy.static.akamaitechnologies.com
Software
MT3 3226 118e342 master cdg-pixel-x7 /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Referer
https://offers.karamba.com/NO/Starburst_GM_500/?afi=22596&ar=1937&mmi=69914&gclid=5f914a2a980b23047ad73424
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date
Thu, 22 Oct 2020 09:00:37 GMT
Server
MT3 3226 118e342 master cdg-pixel-x7
P3P
CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
Cache-Control
no-cache
Connection
keep-alive
Content-Type
image/gif
Content-Length
43
Expires
Thu, 22 Oct 2020 09:04:55 GMT
Starburst_GM_500_slide3_1490261846_slide3_screen_3.jpg
asgdownload.blob.core.windows.net/websites/Download/Resources/LandingPages/Kits/NA/ 		147 KB
147 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://asgdownload.blob.core.windows.net/websites/Download/Resources/LandingPages/Kits/NA/Starburst_GM_500_slide3_1490261846_slide3_screen_3.jpg
Requested by
Host: download.gamesrv1.com
URL: https://download.gamesrv1.com/Resources/LandingPages/JS/cute/cute.css3d.module.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
52.239.140.42 Amsterdam, Netherlands, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0 /
Resource Hash
6ee456ecfd061423420a751259244fb0b5d506e3b62bebeb0c6a454f3e23e4c5

Request headers

Referer
https://offers.karamba.com/NO/Starburst_GM_500/?afi=22596&ar=1937&mmi=69914&gclid=5f914a2a980b23047ad73424
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

x-ms-blob-type
BlockBlob
Date
Thu, 22 Oct 2020 09:00:39 GMT
Content-MD5
/0wm1kku0n0I63UGQHXrWA==
Content-Disposition
Content-Length
150027
x-ms-lease-state
available
x-ms-lease-status
unlocked
Last-Modified
Thu, 05 Dec 2019 07:10:39 GMT
Server
Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0
ETag
"0x8D779523C29F8DE"
Content-Type
image/jpeg
Access-Control-Allow-Origin
*
x-ms-request-id
51faf457-301e-005f-6151-a8a230000000
Access-Control-Expose-Headers
x-ms-request-id,Server,x-ms-version,Content-Type,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-lease-state,x-ms-blob-type,Content-Disposition,Accept-Ranges,Content-Length,Date,Transfer-Encoding
x-ms-version
2014-02-14
Accept-Ranges
bytes
Starburst_GM_500_slide1_1490261845_slide1_screen_1.jpg
asgdownload.blob.core.windows.net/websites/Download/Resources/LandingPages/Kits/NA/ 		133 KB
134 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://asgdownload.blob.core.windows.net/websites/Download/Resources/LandingPages/Kits/NA/Starburst_GM_500_slide1_1490261845_slide1_screen_1.jpg
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
52.239.140.42 Amsterdam, Netherlands, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0 /
Resource Hash
5ad7a0b603156f728643f26123bb1c6ac68c8a5c43cab8db0fbf885c43a4e618

Request headers

Referer
https://offers.karamba.com/NO/Starburst_GM_500/?afi=22596&ar=1937&mmi=69914&gclid=5f914a2a980b23047ad73424
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

x-ms-blob-type
BlockBlob
Date
Thu, 22 Oct 2020 09:00:39 GMT
Content-MD5
+pMsF7mSeyCWFVDeD11jjA==
Content-Disposition
Content-Length
136447
x-ms-lease-state
available
x-ms-lease-status
unlocked
Last-Modified
Thu, 05 Dec 2019 07:10:45 GMT
Server
Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0
ETag
"0x8D779523F31350A"
Content-Type
image/jpeg
Access-Control-Allow-Origin
*
x-ms-request-id
bad48005-f01e-00ac-7151-a87159000000
Access-Control-Expose-Headers
x-ms-request-id,Server,x-ms-version,Content-Type,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-lease-state,x-ms-blob-type,Content-Disposition,Accept-Ranges,Content-Length,Date,Transfer-Encoding
x-ms-version
2014-02-14
Accept-Ranges
bytes

Verdicts & Comments Add Verdict or Comment

99 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| 0 object| 1 object| 2 object| 3 object| 4 object| 5 object| 6 object| 7 object| 8 object| 9 object| 10 function| showDirectoryPicker function| showOpenFilePicker function| showSaveFilePicker object| trustedTypes function| $ function| jQuery boolean| lobby_fixed function| initiate function| init function| open_lobby function| get_brand_data function| parseURL function| get_lng function| get_lng_2digits function| set_global_vars function| getURLParam function| getPARAM function| getAFI function| getCookieNew function| onWhtmlPopupOpen function| fireGAevent function| addWelcomeBanner function| $ILobby function| open_lobby_local function| showUKRegulationText function| LoadGamePlatform string| BOOMR_API_key object| BOOMR number| BOOMR_lstart object| dataLayer object| html5 object| Modernizr function| yepnope object| TWEEN number| lastTime object| vendors number| x object| Aroma object| CloneObject object| ConcatObject function| setOpacity function| UAParser object| Cute object| resizeListeners function| addResizeListener function| removeResizeListener object| Averta object| Transitions2D object| Transitions3D object| respond object| myslider object| google_tag_manager object| __pm_glbl object| __pm_glbl_AFq5oD97YC9yPnVSFUEqBlTp object| __pm_ads_list string| AdScoreObject function| adScore function| imageMapResize object| BOOMR_mq object| google_tag_data string| GoogleAnalyticsObject function| ga object| criteo_q function| fbq function| _fbq object| adoric object| gaplugins object| gaGlobal object| gaData function| _extends function| _slicedToArray function| _typeof function| _createClass function| _toConsumableArray function| _classCallCheck object| __adoric__ boolean| IS_ADORIC_LOADED object| cxt_conf object| cxt_mod_shared_scope function| cxtdcs function| cxtdcs_pt object| Sprite3D object| google_optimize string| images_dir number| BOOMR_onload function| metric number| BOOMR_configt string| prop

32 Cookies

Domain/Path Name / Value
.criteo.com/ Name: uid
Value: 9c97978a-e49d-4bfc-9092-1aa36392158b
.info.karamba.com/ Name: CSITemp
Value: 27
.info.karamba.com/ Name: RegistrationMode
Value: M
.info.karamba.com/ Name: CSI_27
Value: EncryptedUniqueVisitorID=660BCB5D7285CCFF49A76D22B0D29782&AffiliateID=22596&MarketingMaterialID=69914&LastUpdate=2020-10-22&AlternateReference=1937&PlayerAlternateReference=&gclid=5f914a2a980b23047ad73424&LandingPageReference=Karamba_Starburst_GM_500_NO&GameVerticalID=246
info.karamba.com/ Name: ASP.NET_SessionId
Value: q3uw2ibzbsgzgncl04w4lhch
.info.karamba.com/ Name: LanguageCode
Value: NOR
.karamba.com/ Name: AlternateReference
Value: 1937
.karamba.com/ Name: _ga
Value: GA1.2.1184800504.1603357228
.karamba.com/ Name: PlayerAlternateReference
Value:
.karamba.com/ Name: UniqueVisitorID
Value: 660BCB5D7285CCFF49A76D22B0D29782
.karamba.com/ Name: AffiliateID
Value: 22596
.karamba.com/ Name: GameVerticalID
Value: 246
.karamba.com/ Name: _fbp
Value: fb.1.1603357227733.978667265
.info.karamba.com/ Name: CountryCode
Value: NL
.karamba.com/ Name: _gid
Value: GA1.2.1057675603.1603357228
.offers.karamba.com/ Name: _gid
Value: GA1.3.1057675603.1603357228
.karamba.com/ Name: _gcl_aw
Value: GCL.1603357228.5f914a2a980b23047ad73424
.offers.karamba.com/ Name: _ga
Value: GA1.3.1184800504.1603357228
.offers.karamba.com/ Name: _gac_UA-85966793-1
Value: 1.1603357228.5f914a2a980b23047ad73424
.karamba.com/ Name: _gcl_au
Value: 1.1.1815545609.1603357228
.karamba.com/ Name: AB
Value: B
.karamba.com/ Name: gclid
Value: 5f914a2a980b23047ad73424
.karamba.com/ Name: visits
Value: 1
.karamba.com/ Name: _gac_UA-85966793-1
Value: 1.1603357228.5f914a2a980b23047ad73424
.offers.karamba.com/ Name: _dc_gtm_UA-85966793-1
Value: 1
.karamba.com/ Name: RT
Value: "z=1&dm=karamba.com&si=k63xnans9tm&ss=kgklhucs&sl=0&tt=0"
.info.karamba.com/ Name: BO
Value:
.karamba.com/ Name: lastvisit
Value: 2020-10-22
.karamba.com/ Name: afi
Value: 22596
.karamba.com/ Name: MarketingMaterialID
Value: 69914
.karamba.com/ Name: mmi
Value: 69914
.karamba.com/ Name: ar
Value: 1937

2 Console Messages

Source Level URL
Text
console-api log URL: https://js.ad-score.com/score.min.js?pid=1000211(Line 179)
Message:
[object Text]
console-api debug URL: https://js.ad-score.com/score.min.js?pid=1000211(Line 162)
Message:

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header Value
Strict-Transport-Security max-age=16070400; includeSubDomains

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

61676801.adoric-om.com
6852bd10.akstat.io
ajax.googleapis.com
app.adoric-om.com
asgdownload.blob.core.windows.net
c.go-mpulse.net
connect.facebook.net
data.ad-score.com
dnn506yrbagrg.cloudfront.net
download.gamesrv1.com
fiaqj6absjkbikqce3ygyaaaabpzcsrm-p82old-da8434574-clienttons-s.akamaihd.net
fnc.aspireglobal.com
fonts.googleapis.com
fonts.gstatic.com
gum.criteo.com
info.karamba.com
js.ad-score.com
lo.leexo.net
maxcdn.bootstrapcdn.com
my.rtmark.net
offers.karamba.com
pixel.mathtag.com
s.go-mpulse.net
script.crazyegg.com
secure.adnxs.com
sslwidget.criteo.com
static.adoric.com
static.criteo.net
stats.g.doubleclick.net
sync.mathtag.com
trial-eum-clientnsv4-s.akamaihd.net
trial-eum-clienttons-s.akamaihd.net
trk.an8trk4.tech
www.facebook.com
www.google-analytics.com
www.google.com
www.google.de
www.googletagmanager.com
xhkkwqyccc5ewx4rjiwa-p82old-697ae308b-clientnsv4-s.akamaihd.net
zz.connextra.com
130.211.115.4
139.45.196.87
147.135.64.69
178.250.2.151
185.29.135.181
2.16.186.73
2.16.186.75
2.18.233.201
2001:4de0:ac19::1:b:1a
23.77.209.152
2600:9000:2070:6800:a:deb0:3380:93a1
2606:4700::6813:9308
2606:4700:e0::ac40:6e06
2606:4700:e0::ac40:6f06
2a00:1450:4001:801::200a
2a00:1450:4001:802::2003
2a00:1450:4001:803::2004
2a00:1450:4001:81d::200a
2a00:1450:4001:81f::2003
2a00:1450:4001:824::2008
2a00:1450:4001:824::200e
2a00:1450:400c:c00::9d
2a02:2638:1::13
2a02:2638::3
2a02:26f0:6c00:192::11a6
2a02:26f0:6c00:287::11a6
2a02:26f0:6c00:297::11a6
2a02:26f0:6c00::210:ba13
2a02:26f0:6c00::210:ba19
2a03:2880:f01c:8012:face:b00c:0:3
2a03:2880:f11c:8183:face:b00c:0:25de
34.95.123.171
35.201.98.21
37.252.172.249
52.222.177.160
52.239.140.42
93.184.221.168
95.100.181.57
95.129.38.40
0a120186c450b563e2236eedc302effc199e749a9d8a8752f9455a14f3cb270e
0add8fcb5a583b1c16238fbe9d0de17c6272726b42be17fdcd9b4686ef5287d1
0f6204713c11eeb6d7648e3401617e22f8e88f96cd517a538dc018ac2ab7bdf2
10d62f60330047bd47c9925ac23519a8e2130cd33d27a60fd0227ffba0b3383a
10d8d42d73a02ddb877101e72fbfa15a0ec820224d97cedee4cf92d571be5caa
1574a5440e7861871b0b812a856bcb638039e6fd6fe0e362d5193694730965ff
2bff39f8391ae03b0990b5148b0598f4e2f447f3e37ba834ea782610ce706b5d
2eb86fa88533bc76e9206a53da971745e924f86e4a2b24e866d8e492e4497503
32185896edb622d1b62ce926bef6a6fce404731a09218f51e3de0d8cc94e3032
3d9de7a1c28a9866d28af6fa14e60fe74bf23f4cbb2355c3c3b41fd5f7ae7ffe
3f0a71564b7c2a1919686d25a9d109009eee5e06d67c46e9ca501fa670ca270d
41bdd0a2ca8947227eb360ba1a6caf36c5350f72fc7702ba212f8299c2d4eea5
41e0b29f30f7a6b6012cbc6f0258926d6a7eddc489e4853d9df26adf783f3f8f
4b5b6b15c6255109e06720cce42a06d3aead8b7874423d9c52cb0303212c25ef
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49
51250867b18d1a5e5576c9759d58098cc2cfe9230e7bd5951c31326685334e31
54548bd559697342474443e77f4e46942b46c809bbb305066df9b8b5f5e5deba
545ce2ff528fd01008a5e0924f29a09c7a39c4e05b01822c2b9097ed0dee92fe
54c64f3c66372027154f01fc9f24b4e25fdfe405b70d1994c79abbc2576ff775
56bfb4807e3c5f05a9cdf796f4a2d084d2c9710195406eefa602fc98f25bf674
5756c1ddd0ed31b14248a232703dc5a7f16b6545ccdb34efea7a0d23d8437945
5ad7a0b603156f728643f26123bb1c6ac68c8a5c43cab8db0fbf885c43a4e618
5c4e293758dbe44c89d7369a7be3666553c37b1378e5efeaa69222f801730162
5e89733d8a8e055100cda68bf7a712ab0e1b24fefee7e39792b47cb5ff7c3cb1
5feceb66ffc86f38d952786c6d696c79c2dbc239dd4e91b46729d73a27fb57e9
60863e86aa7743d1ac841da7f473a05cd57fba81d661cef658e385437f80d5ef
617934108f7a63296d4f675a2f46b50e37d2840af7729930f7e8bdb0bc494176
662294921ca6240beb0f2aecb7f7ac23dd085b782bbe52a369b20226d26afe33
662efaf46c617ddbcb8ff4a2a8f64cffd3d93630f1003f8e66511f369b87730f
6880a1fcfc751b85b950440b5e29342a1e66daca50da275f96e40d0cf561a832
6898c67fbe9e005c708b9eed324fd1611bc84055d1a0fc65fd07564ea48e3bc2
6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992
6ee456ecfd061423420a751259244fb0b5d506e3b62bebeb0c6a454f3e23e4c5
7497d866fec19fce43d92b3af952496218f40889dfeeaada40bbb91b2b1f4ef7
795247098d72b9d53e62f701622b429972536a97e2c825362f5c7c84df0c612f
79817ef76558eadcb6f5385e031f27e22b58dbccce8db225d526767887b0b9ef
7c5a5239885587b2864179ba1a31d88b060176d96942f06acd5809488773ee6b
7d839453ff8027e9e25575dad62ea25623a41f4a81a98e6fa46bbdb94d539509
8289d6128fdf7efb2907ca86935b29d65532572e22c20a46682d0db6f89a946c
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
84e01419bd81f32ac6df0f75f49c604fda9172000a3ae432b3c47b2a6a712d80
874706b2b1311a0719b5267f7d1cf803057e367e94ae1ff7bf78c5450d30f5d4
8a2237a03ca68a0de6c87d94660068de28249b3116e4a48f6191538cd1a490ac
8a8a6d6325c5391079a56dc9a9185ef79618a784232a529db8b9809d3260e4cb
95a439c4e11ace2484e8d42c30ff56cf7db5ea7c6463df9ce2fdafa7f6ccbf54
96ab6a08c5780e46cc1004babdd6d89b90c0768196c8a2b55553cdb21f5e29c3
98a8e4de5b29c476f9f6d6585cfb0d750e16bc8653f6c2104ade25d30460b227
acfa1f03ac087fc08ca7389b23f01c47b31c6d00d412a21d9342af3c070fff57
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b
b8e23a845bc6b7fd417d29182e0e38d353e64b5e12e06bb1de2b5ce063db1dcc
ba8c6dc38a2d06f93e904ec9726e24fb7c97d21c4a51c2bb226794eb77aab581
c708158318ef6e1b55f3bf646c3d0e350b36f5e5d983e4c6ffe30598b2c15724
cd8056863471d1c306a07e44d0f2cffde37fd982493907c1f67dc6b3bcb33626
d013a7b38b89bdaad5f1770559aa82adda3533e4573ea5639c9f908275b7da7f
d2ec07a6e77bc3abc56f801e141e9889c018ca8e96dfbe4042f49378699ee85f
d8adb66d4d9cf55f48a04ea3a0b64305912c46918025d732d9c62aa1f8beb240
dd30146c0cf244c51c7c3d39cc40fa68bbc332f1f2a5d1ecab073db8ccbeb596
e1bf4de43b73e966d7ab1d7dc2e4363653654e70e4a8190fd7bdde0c9af3fdf3
e37570ef85a3553930ba20dfab7280bfcead8a2238b536b5c03c629c35b3d4ca
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e6db587193b5823fd5963f0ec176e56120a9e28f217bca287dd100b4f247377f
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
f04b517ba5d6a0510485689a3e42dac000f51640fd71b986804cba178eae42a5
f5c478b56cd91466052f9162437dcb908ea7e74bc930b007ad1dd564ad13c773
f99cdcccb416b99f0826760b0f50e722bbba82d5290f97b6ffb4605249d9580f
fd7d88de9229ea837533622175ee7e970ebd6f84f71591cd00525fe6be33e739