Report - afflat3d3.com/trk/lnk/A9150389-CE63-40B8-9D2E-BA64F80623C2/?o=16524&c=918273&a=715741&k=541B056A8320ADE9B06666BB3B6BC1B7&l=17694

Report Overview

Submitted URL
afflat3d3.com/trk/lnk/A9150389-CE63-40B8-9D2E-BA64F80623C2/?o=16524&c=918273&a=715741&k=541B056A8320ADE9B06666BB3B6BC1B7&l=17694
IP
69.172.200.185
ASN
#19324 DOSARREST
Submitted
2024-05-08 23:57:12
Access
public
Website Title
www2.tiltwin.com/no/landing/165/574?A=5622
Final URL
www2.tiltwin.com/no/landing/165/574?A=5622#
Tags
urlquery detections
No alerts detected

Detections

urlquery
0
Network Intrusion Detection
0
Threat Detection Systems
4

Domain Summary

Domain / FQDN	Rank	Registered	First Seen	Last Seen	Sent	Received	IP
www.googletagmanager.com	75	2011-11-11	2013-05-22	2024-05-08	879 B	166 kB	142.250.74.168
www2.tiltwin.com	unknown	2018-04-05	2020-06-23	2024-03-25	15 kB	251 kB	18.184.180.82
tracker.tiltwin.com	unknown	2018-04-05	2020-04-21	2024-03-25	602 B	18 kB	18.184.180.82
use.fontawesome.com	942	2012-10-18	2017-01-30	2024-05-07	469 B	46 kB	104.21.27.152
afflat3d3.com	unknown	2020-03-13	2020-03-17	2024-04-11	926 B	1.0 kB	69.172.200.185
djnl.spinfastconnected.com	unknown	2023-05-08	2023-06-30	2024-04-18	565 B	1.2 kB	66.195.197.18
code.jquery.com	634	2005-12-10	2012-05-21	2024-05-08	410 B	31 kB	151.101.2.137
d2i5a4y6yksdm0.cloudfront.net	unknown	2008-04-25	2022-02-21	2024-03-25	6.0 kB	700 kB	143.204.42.96
stackpath.bootstrapcdn.com	2467	2012-05-25	2018-06-15	2024-05-08	956 B	194 kB	104.18.11.207
ffatric1.com	934635	2021-06-28	2021-07-12	2024-04-16	500 B	501 B	69.172.200.185
djnl.decisionnowlive.com	unknown	2021-01-13	2022-06-03	2024-04-17	519 B	1.1 kB	66.195.197.18
c.tilttrk.com	835351	2019-09-26	2020-09-05	2024-04-17	1.1 kB	2.3 kB	52.17.215.137

Related reports

Network Intrusion Detection Systems

Suricata /w Emerging Threats Pro

No alerts detected

Threat Detection Systems

Public InfoSec YARA rules

No alerts detected

OpenPhish

No alerts detected

PhishTank

No alerts detected

mnemonic secure dns

No alerts detected

Quad9 DNS

Scan Date	Severity	Indicator	Alert
2024-05-08	medium	afflat3d3.com	Sinkholed
2024-05-08	medium	afflat3d3.com	Sinkholed

ThreatFox

No alerts detected

JavaScript (23)

	URL	Size	First Seen	Last Seen
	stackpath.bootstrapcdn.com/bootstrap/4.1.1/js/bootstrap.min.js	51 kB	2023-03-07	2024-05-20
Pretty URL stackpath.bootstrapcdn.com/bootstrap/4.1.1/js/bootstrap.min.js IP 104.18.11.207 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:14:49 Last Seen2024-05-20 01:58:47 Times Seen2496 Hash eb5fac582a82f296aeb74900b01a2fa3 fffea98e12e63b66693d567315a2f32392b780b0 c5a17d46976d471cf060c5a0e25749a323d6ab20cf0910f40afed81047ba21ef Loading...

	www2.tiltwin.com/no/landing/165/574?A=5622	208 B	2023-03-08	2024-05-09
Pretty URL www2.tiltwin.com/no/landing/165/574?A=5622 IP 18.184.180.82 ASN #16509 AMAZON-02 Introduced by scriptElement Embedded in HTML true Observations First Seen2023-03-08 15:50:17 Last Seen2024-05-09 01:57:13 Times Seen59 Hash c044e113925e98500f25982b86a0fdff daed47c201f9afb037d41a92bdd05f7093cd6ecf 0f791d821b796b340b503586bbeac64a6f79c03b6b2002413990191074398d7b Loading...

	www2.tiltwin.com/no/landing/165/574?A=5622	150 B	2023-03-08	2024-05-09
Pretty URL www2.tiltwin.com/no/landing/165/574?A=5622 IP 18.184.180.82 ASN #16509 AMAZON-02 Introduced by scriptElement Embedded in HTML true Observations First Seen2023-03-08 15:50:17 Last Seen2024-05-09 01:57:13 Times Seen57 Hash a749cacc88b6bb0343d1af61daa58089 7b5cf2387b40786b7b6494ff2f7ba69d4868f522 e9e0355ed57c138ece248c4cfb5aacae1d35223d03db8202a214f975e226c25d Loading...

	www2.tiltwin.com/no/landing/165/574?A=5622	382 B	2023-03-08	2024-05-09
Pretty URL www2.tiltwin.com/no/landing/165/574?A=5622 IP 18.184.180.82 ASN #16509 AMAZON-02 Introduced by scriptElement Embedded in HTML true Observations First Seen2023-03-08 15:50:17 Last Seen2024-05-09 01:57:13 Times Seen57 Hash cf8c31d51ad384acb6aee14176efb273 973a259a2c1e5ef6062f82fa79f4e607b9fa2a9a ecee0ee5402e18f4a0d5a4d7facfc0bc6bd226de09a4e1b0e2cc82351faf3622 Loading...

	www2.tiltwin.com/no/landing/165/574?A=5622	6 B	2023-03-07	2024-05-19
Pretty URL www2.tiltwin.com/no/landing/165/574?A=5622 IP 18.184.180.82 ASN #16509 AMAZON-02 Introduced by scriptElement Embedded in HTML true Observations First Seen2023-03-07 01:14:38 Last Seen2024-05-19 21:04:28 Times Seen7508 Hash edaddb8132e9e0880252c5b6c47bf1c1 dc08b5b6ca432b46cca94f1f297491e1b08736ea b98809417c0240085bf70f2a1127f0b622c1514651737e7e4ffac4b39e4da17e Loading...

	d2i5a4y6yksdm0.cloudfront.net/js/lp/574/createjs-2015.11.26.min.js	316 kB	2023-03-08	2024-05-09
Pretty URL d2i5a4y6yksdm0.cloudfront.net/js/lp/574/createjs-2015.11.26.min.js IP 143.204.42.96 ASN #16509 AMAZON-02 Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-08 15:50:17 Last Seen2024-05-09 01:57:13 Times Seen66 Hash 5c1c90af5e2d8dde5c4ec534f16f9df7 c655b684a2d343b9777a5d6f3bc5160f784a4e87 5d06544ac07fb7d80c035ec696c5a4a0f3ee6ac9de82e837d45304b88a55e379 Loading...

	d2i5a4y6yksdm0.cloudfront.net/js/js.cookie.js	3.9 kB	2023-03-07	2024-05-19
Pretty URL d2i5a4y6yksdm0.cloudfront.net/js/js.cookie.js IP 143.204.42.96 ASN #16509 AMAZON-02 Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:02:57 Last Seen2024-05-19 00:40:07 Times Seen377 Hash 8ff1c89f24a8ca6f91f77389a0b70449 e15afaaeee3ff47128be726bab45e509b19127c5 6533050afa2e853568cd4b0b8048ed64e94963e38088b226575a7cca8054f4e2 Loading...

	www2.tiltwin.com/no/landing/165/574?A=5622	179 B	2023-03-08	2024-05-09
Pretty URL www2.tiltwin.com/no/landing/165/574?A=5622 IP 18.184.180.82 ASN #16509 AMAZON-02 Introduced by scriptElement Embedded in HTML true Observations First Seen2023-03-08 15:50:17 Last Seen2024-05-09 01:57:13 Times Seen59 Hash 902b8a48de900afbed78ba1eaf41c07b 0fa640ed14371367da61a23c1013b9721e9cb73c 5ee0181c71821017b03c0ae68e7cf4b3b50eb13dab44e7849550da09f9716b64 Loading...

	d2i5a4y6yksdm0.cloudfront.net/js/email.js	7.7 kB	2023-03-08	2024-05-09
Pretty URL d2i5a4y6yksdm0.cloudfront.net/js/email.js IP 143.204.42.96 ASN #16509 AMAZON-02 Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-08 15:50:17 Last Seen2024-05-09 01:57:13 Times Seen66 Hash 8ae8d4cb99fd8a2253f956a11bf41f14 474cb04ef08b2bbb5d4c28ec5995326671c61a98 13f194a984d4bf121ed5887e81e6c7b996c4dd1a15ba1bb3f0366a9109f62ad4 Loading...

	www2.tiltwin.com/no/landing/165/sandbox%20eval%20code	147 B	2023-04-11	2024-05-20
Pretty URL www2.tiltwin.com/no/landing/165/sandbox%20eval%20code IP 0.0.0.0 ASN #0 Introduced by Embedded in HTML false Observations First Seen2023-04-11 21:07:53 Last Seen2024-05-20 06:24:29 Times Seen350960 Hash 92b651082ce234f66bb544e678befda3 14c21c55ddce43b6f677caadf51d4ab98c6a3df8 25d57d1d97abeb84531d3d3e5754dd5cb19a2c115edfa7cfc7af8247084faded Loading...

	www2.tiltwin.com/no/landing/165/574?A=5622	362 B	2023-03-08	2024-05-09
Pretty URL www2.tiltwin.com/no/landing/165/574?A=5622 IP 18.184.180.82 ASN #16509 AMAZON-02 Introduced by scriptElement Embedded in HTML true Observations First Seen2023-03-08 15:50:17 Last Seen2024-05-09 01:57:13 Times Seen59 Hash 6fb5737acb01e40fc7222014a1234c29 2355d378b83c675d50093fe1453e6339e73ac475 4be3ebb2cd036c68b31f00084116d1cf06245366b17a8127c439ab953fa2ab1c Loading...

	code.jquery.com/jquery-3.4.1.min.js	88 kB	2023-03-07	2024-05-20
Pretty URL code.jquery.com/jquery-3.4.1.min.js IP 151.101.2.137 ASN #54113 FASTLY Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:02:34 Last Seen2024-05-20 06:10:17 Times Seen99149 Hash 220afd743d9e9643852e31a135a9f3ae 88523924351bac0b5d560fe0c5781e2556e7693d 0925e8ad7bd971391a8b1e98be8e87a6971919eb5b60c196485941c3c1df089a Loading...

	www2.tiltwin.com/no/landing/165/574?A=5622	179 B	2023-03-08	2024-05-09
Pretty URL www2.tiltwin.com/no/landing/165/574?A=5622 IP 18.184.180.82 ASN #16509 AMAZON-02 Introduced by scriptElement Embedded in HTML true Observations First Seen2023-03-08 15:50:17 Last Seen2024-05-09 01:57:13 Times Seen58 Hash d603834bfd0f1d1a26fa61c9e9807fa4 a4746d051624cb79a1dfac65e76c0c8c20722be2 553088761dd713eed2fcbc4b97135b5d986f26f9a43f6b088ba260852d96a7e8 Loading...

	www2.tiltwin.com/no/landing/165/574?A=5622	224 B	2023-06-30	2024-05-09
Pretty URL www2.tiltwin.com/no/landing/165/574?A=5622 IP 18.184.180.82 ASN #16509 AMAZON-02 Introduced by scriptElement Embedded in HTML true Observations First Seen2023-06-30 17:21:33 Last Seen2024-05-09 01:57:13 Times Seen50 Hash 68e959f2e03499d08c4b87bb3a2e32fd dcd4e00f91663c250abc87dd827674a1edfbf492 534d543ddc940d7031b833a67128b8654ca9ccb7bd0e161a11f396092a95dd35 Loading...

	www2.tiltwin.com/no/landing/165/574?A=5622	187 B	2023-03-08	2024-05-09
Pretty URL www2.tiltwin.com/no/landing/165/574?A=5622 IP 18.184.180.82 ASN #16509 AMAZON-02 Introduced by scriptElement Embedded in HTML true Observations First Seen2023-03-08 15:50:17 Last Seen2024-05-09 01:57:13 Times Seen57 Hash d458e19ae9d4d8a1d0598c8db97a29f6 e5a04f96be0c9416a66c62950fc49f1fd02fcc5a 69c643e7f0e799242b0772b395bf23b29dac2874093c40fb4d9e990a842e80c5 Loading...

	www2.tiltwin.com/no/landing/165/574?A=5622	1.3 kB	2023-03-08	2024-05-09
Pretty URL www2.tiltwin.com/no/landing/165/574?A=5622 IP 18.184.180.82 ASN #16509 AMAZON-02 Introduced by scriptElement Embedded in HTML true Observations First Seen2023-03-08 15:50:17 Last Seen2024-05-09 01:57:13 Times Seen57 Hash 8c3eb9a4233f31ff1b6636707748521c 487d44faf0b63700139349278bab90ece0dfdb0f 6f0cd6d1caab6fecabae22b237e8855ff4606826557ef1ae60962a86005c3703 Loading...

	www.googletagmanager.com/gtag/js?id=UA-144971979-1	208 kB	2024-05-09	2024-05-09
Pretty URL www.googletagmanager.com/gtag/js?id=UA-144971979-1 IP 142.250.74.168 ASN #15169 GOOGLE Introduced by scriptElement Embedded in HTML false Observations First Seen2024-05-09 01:57:13 Last Seen2024-05-09 01:57:13 Times Seen2 Hash 6b4ddd0793d239ece5c00d798d0fe25e 520db565583b60ddd931d137e39558bbed9be34a 8104fa6f933abdb8cd5af6d2cc3ad1596d540ca857df7018e7342d0e772313ca Loading...

	www.googletagmanager.com/gtag/js?id=G-N43BLYJLJR&l=dataLayer&cx=c	254 kB	2024-05-09	2024-05-09
Pretty URL www.googletagmanager.com/gtag/js?id=G-N43BLYJLJR&l=dataLayer&cx=c IP 142.250.74.168 ASN #15169 GOOGLE Introduced by scriptElement Embedded in HTML false Observations First Seen2024-05-09 01:57:13 Last Seen2024-05-09 01:57:13 Times Seen2 Hash 50d26cce6d31a035901ebf4fcfc774c2 a98209c3f549bc206cc1364649959a3eaee9304b f02d266b07ee7bbde8d20f72b4f236b02d4dcdacd182361c5c175f695327b8fb Loading...

	unknown	7 B	2023-03-10	2024-05-18
Pretty Introduced by eventHandler Embedded in HTML false Observations First Seen2023-03-10 12:50:22 Last Seen2024-05-18 21:43:19 Times Seen634 Hash 907ff32016c8e95da3b470712b3407e2 58d5164eb8654c00bccd982ddf22734ff34a2fcb 1849cce6ad67618fe20029f2313768bfeb4da7d3857019e70e03575176953577 Loading...

	www2.tiltwin.com/no/landing/165/574?A=5622	704 B	2023-03-08	2024-05-09
Pretty URL www2.tiltwin.com/no/landing/165/574?A=5622 IP 18.184.180.82 ASN #16509 AMAZON-02 Introduced by scriptElement Embedded in HTML true Observations First Seen2023-03-08 15:50:17 Last Seen2024-05-09 01:57:13 Times Seen59 Hash 7f613633ee584b173960cff433e24218 cdc22a74d8cda99aaad234b3c7c7301f7a69cdf5 9e8133ea108b5bb4bbda3d91396da07c8836c4b872b9222b2c145961d6c6e94a Loading...

	www2.tiltwin.com/no/landing/165/574?A=5622	263 B	2023-03-08	2024-05-09
Pretty URL www2.tiltwin.com/no/landing/165/574?A=5622 IP 18.184.180.82 ASN #16509 AMAZON-02 Introduced by scriptElement Embedded in HTML true Observations First Seen2023-03-08 15:50:17 Last Seen2024-05-09 01:57:13 Times Seen59 Hash b9695899bc6fd54aef916849ad934af5 bdd27ea149e2164f293b69568dbfe37fe8b05c9b bdee14ebe62295b7bbd0546e3e9ba0052d4b8fc18af509307f426fe2efbc82eb Loading...

	www.google-analytics.com/analytics.js	4.7 kB	2023-04-11	2024-05-20
Pretty URL www.google-analytics.com/analytics.js IP 0.0.0.0 ASN #0 Introduced by scriptElement Embedded in HTML false Observations First Seen2023-04-11 21:07:53 Last Seen2024-05-20 06:24:29 Times Seen350445 Hash f24128d0c9cba7be2916c693427a3483 1b6397d496ea896ebc2018b01b995cee4f166029 58173de4697da1a218f04c3a783a733bab4e769ceabc37cd42da9dc3e036a7e8 Loading...

	www2.tiltwin.com/no/landing/165/574?A=5622	299 B	2023-03-08	2024-05-09
Pretty URL www2.tiltwin.com/no/landing/165/574?A=5622 IP 18.184.180.82 ASN #16509 AMAZON-02 Introduced by scriptElement Embedded in HTML true Observations First Seen2023-03-08 15:50:17 Last Seen2024-05-09 01:57:13 Times Seen59 Hash bcc75be67af9dc8ed24f3eb6e7b154f8 1e81c88eaffddf9fba20577fb1fff81eca63fd1b e9c4f874db19d9751e80daa71742ee5312501b544d398cd8a467a955367e19e2 Loading...

HTTP Transactions (39)

URL IP Response Size

afflat3d3.com/trk/lnk/A9150389-CE63-40B8-9D2E-BA64F80623C2/?o=16524&c=918273&a=715741&k=541B056A8320ADE9B06666BB3B6BC1B7&l=17694

69.172.200.185

302 Found

176 B

URL User Request GET HTTP/1.1
afflat3d3.com/trk/lnk/A9150389-CE63-40B8-9D2E-BA64F80623C2/?o=16524&c=918273&a=715741&k=541B056A8320ADE9B06666BB3B6BC1B7&l=17694
IP
69.172.200.185:443
ASN
#19324 DOSARREST

Certificate
IssuerLet's Encrypt
Subjectffatric1.com
FingerprintD6:16:F4:F4:A9:33:49:30:02:7D:1C:FA:6F:BE:40:8E:AC:A3:42:95
ValidityTue, 16 Apr 2024 01:16:55 GMT - Mon, 15 Jul 2024 01:16:54 GMT

File type
HTML document, ASCII text, with no line terminators
Size
176 B (176 bytes)
Hash
be531bf6ff525e43cee0a597b153b273
cb2f75ff5eb4b0b8e58d44cb63493a30a6d94057
47f5311758f6ed4e934d827c65aa72120eb0a3dc515675a6b16c6513e0b5a99d

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /trk/lnk/A9150389-CE63-40B8-9D2E-BA64F80623C2/?o=16524&c=918273&a=715741&k=541B056A8320ADE9B06666BB3B6BC1B7&l=17694 HTTP/1.1
Host: afflat3d3.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Upgrade-Insecure-Requests: 1
Connection: keep-alive
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 302 Found
Server: nginx/1.20.2
Date: Wed, 08 May 2024 23:56:45 GMT
Content-Type: text/html; charset=utf-8
Content-Length: 176
Connection: keep-alive
Keep-Alive: timeout=20
Location: https://FFATRIC1.COM/def.cfm?i=715741&o=16524&c=NO&d=D
Vary: Origin, Accept
Access-Control-Allow-Credentials: true
Set-Cookie: I=0; Path=/; Expires=Sat, 06 May 2034 23:56:45 GMT; HttpOnly; Secure; SameSite=None
X-Powered-By: Express, ASP.NET
X-DIS-Request-ID: f0d41149f0ac69ee3ff8a11668a07457

ffatric1.com/def.cfm?i=715741&o=16524&c=NO&d=D

69.172.200.185

302 Found

0 B

URL User Request GET HTTP/1.1
ffatric1.com/def.cfm?i=715741&o=16524&c=NO&d=D
IP
69.172.200.185:443
ASN
#19324 DOSARREST

Certificate
IssuerLet's Encrypt
Subjectffatric1.com
FingerprintD6:16:F4:F4:A9:33:49:30:02:7D:1C:FA:6F:BE:40:8E:AC:A3:42:95
ValidityTue, 16 Apr 2024 01:16:55 GMT - Mon, 15 Jul 2024 01:16:54 GMT

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

HTTP Headers

GET /def.cfm?i=715741&o=16524&c=NO&d=D HTTP/1.1
Host: ffatric1.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 302 Found
Server: nginx/1.20.2
Date: Wed, 08 May 2024 23:56:45 GMT
Content-Type: text/html;charset=UTF-8
Content-Length: 0
Connection: keep-alive
Keep-Alive: timeout=20
Cache-Control: no-cache
Pragma: no-cache
Location: https://djnl.decisionnowlive.com/?kw=715741&s1=16524&s2=147150&s3=NO&s4=D
X-Powered-By: ASP.NET
P3P: policyref="/P3P/p3p.xml",CP="ALL DSP COR CURa ADMi DEVi HISi OTPi OUR IND PHY ONL UNI FIN COM NAV INT STA"
X-DIS-Request-ID: 807e2d1a157d08869e80d3afd1e99a95

djnl.decisionnowlive.com/?kw=715741&s1=16524&s2=147150&s3=NO&s4=D

66.195.197.18

302 Found

290 B

URL User Request GET HTTP/2
djnl.decisionnowlive.com/?kw=715741&s1=16524&s2=147150&s3=NO&s4=D
IP
66.195.197.18:443
ASN
#11402 CCCAS-1

Certificate
IssuerLet's Encrypt
Subjectdecisionnowlive.com
FingerprintED:CE:5A:F0:BE:50:DE:06:40:C5:01:C8:FD:8E:C0:3A:5E:E3:47:B5
ValidityTue, 02 Apr 2024 14:36:16 GMT - Mon, 01 Jul 2024 14:36:15 GMT

File type
HTML document, ASCII text
Size
290 B (290 bytes)
Hash
c31d23243ea81e18a6c49f50c00209c8
8a860a037e6ec48f43553e5bdb5f1efae1b99e8c
af46de846b167fbc75bf01beee6c07eb42dbb28b89b1d8f3b7427b0083e1fe24

HTTP Headers

GET /?kw=715741&s1=16524&s2=147150&s3=NO&s4=D HTTP/1.1
Host: djnl.decisionnowlive.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 302 Found
date: Wed, 08 May 2024 23:56:46 GMT
content-type: text/html; charset=UTF-8
content-length: 290
cache-control: no-cache, private
location: https://djnl.spinfastconnected.com/o/L1VFHTSC/a08eb892-0d96-11ef-a717-03140d652926/a0b74fb4-0d96-11ef-ae5e-d71a837def91
x-redir: true
set-cookie: yredir_session=eyJpdiI6IlA4bUI4a081d1F3UmhVeXRHNWRJUUE9PSIsInZhbHVlIjoiR3UrVCt3VzAxQ21uNi9VRm5XMEhrZkJtVzVLVnYxbkg0V2dMU3RZRmo3N0phcWZiS041NjY2ZGpyMU04S1FBVHBSbFRjd0hUV2lqV3ViQjE1WE5vQ1pvRnpqcUtxR2RtaUNTOUlMN0ZxWnZLNkVYQTRoTFB0K3g1Y29McVdHQ0QiLCJtYWMiOiIxY2U0OTJmOTMxMjA3OTU1YzU2ZjA4YzhkZDU3NGUxMThhMTFiZGE5OGIxNTg0NTVmMDYyNjczMTA2MTA5ZjMwIiwidGFnIjoiIn0%3D; expires=Thu, 09-May-2024 01:56:46 GMT; path=/; httponly; samesite=lax
server: swoole-http-server
content-encoding: br
strict-transport-security: max-age=15768000
X-Firefox-Spdy: h2

djnl.spinfastconnected.com/o/L1VFHTSC/a08eb892-0d96-11ef-a717-03140d652926/a0b74fb4-0d96-11ef-ae5e-d71a837def91

66.195.197.18

302 Found

305 B

URL User Request GET HTTP/2
djnl.spinfastconnected.com/o/L1VFHTSC/a08eb892-0d96-11ef-a717-03140d652926/a0b74fb4-0d96-11ef-ae5e-d71a837def91
IP
66.195.197.18:443
ASN
#11402 CCCAS-1

Certificate
IssuerLet's Encrypt
Subjectspinfastconnected.com
Fingerprint8B:EB:6D:CD:CD:5D:8E:5C:B8:27:25:33:3D:CD:26:67:9D:8D:A7:F7
ValidityFri, 03 May 2024 11:04:00 GMT - Thu, 01 Aug 2024 11:03:59 GMT

File type
HTML document, ASCII text, with very long lines (309)
Size
305 B (305 bytes)
Hash
6e79f19d3845899b800299ce973a1376
19d98e30f56991d61881d1bee1b78461e9372b95
3451ed09e1d7b26d44a7e590c28b88917cf87da9a4a5d2031f14666d09b066cd

HTTP Headers

GET /o/L1VFHTSC/a08eb892-0d96-11ef-a717-03140d652926/a0b74fb4-0d96-11ef-ae5e-d71a837def91 HTTP/1.1
Host: djnl.spinfastconnected.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 302 Found
date: Wed, 08 May 2024 23:56:47 GMT
content-type: text/html; charset=UTF-8
content-length: 305
cache-control: no-cache, private
location: https://c.tilttrk.com/?a=5622&c=863&E=TtqGvAvetqA%3d&s2=93374__a8af4640dcf&s4=a15943a0-0d96-11ef-85d5-6b3163c600f6&
x-redir: true
set-cookie: yredir_session=eyJpdiI6InRiQmIzNHJVTjNodkZzSW1vR3pRNlE9PSIsInZhbHVlIjoiTEVKckt4MnZhU0JOMjd4UThrYk04VExPZmllTzJTMXozSHRscHlpSE00TGV6T0pVaEFQajM5bzVZYlpaekhRdWZRU3pYZ01kVmg4Q0RFc3VqbFVqeUxrRFhBdmh5dGtRM1NmQ3I5eWloenNZeldHenA5WXEydkRqdFN2T2ZvOXEiLCJtYWMiOiIxMGJjOWVmMGQzZTk1YjAwNjEwMjdkMDZjODUxYmYwMDA4MTUzMTkyNmYzMTY2MTUwYmI4YmJkM2IyOTA3MjBlIiwidGFnIjoiIn0%3D; expires=Thu, 09-May-2024 01:56:47 GMT; path=/; httponly; samesite=lax
server: swoole-http-server
content-encoding: br
strict-transport-security: max-age=15768000
X-Firefox-Spdy: h2

c.tilttrk.com/?a=5622&c=863&E=TtqGvAvetqA%3d&s2=93374__a8af4640dcf&s4=a15943a0-0d96-11ef-85d5-6b3163c600f6&

52.17.215.137

302 Found

189 B

URL User Request GET HTTP/1.1
c.tilttrk.com/?a=5622&c=863&E=TtqGvAvetqA%3d&s2=93374__a8af4640dcf&s4=a15943a0-0d96-11ef-85d5-6b3163c600f6&
IP
52.17.215.137:443
ASN
#16509 AMAZON-02

Certificate
IssuerGlobalSign nv-sa
Subject*.tilttrk.com
Fingerprint2D:85:B1:1F:5D:14:58:E3:86:47:9D:E3:66:22:2C:20:25:BC:B5:A3
ValidityTue, 05 Dec 2023 07:58:29 GMT - Sun, 05 Jan 2025 07:58:28 GMT

File type
HTML document, ASCII text
Size
189 B (189 bytes)
Hash
5b073e88a96ca28427d6b34f28ad61ef
538537cb90835a822e1ce35f89e5a32c1ca0dfb8
6c59b90d67ba41445b8e686e323769c01cd1ee5c39bb388fc347197ce923f21e

HTTP Headers

GET /?a=5622&c=863&E=TtqGvAvetqA%3d&s2=93374__a8af4640dcf&s4=a15943a0-0d96-11ef-85d5-6b3163c600f6& HTTP/1.1
Host: c.tilttrk.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 302 Found
Accept-Ch: Sec-Ch-Ua-Full-Version-List, Sec-Ch-Ua-Platform, Sec-Ch-Ua-Platform-Version, Sec-Ch-Ua-Model, Sec-Ch-Ua-Arch, Sec-Ch-Ua-Bitness, Sec-Ch-Ua-Wow64
Content-Length: 189
Content-Type: text/html; charset=utf-8
Date: Wed, 08 May 2024 23:56:47 GMT
Location: https://c.tilttrk.com/?a=5622&c=863&E=TtqGvAvetqA%3d&s2=93374__a8af4640dcf&s4=a15943a0-0d96-11ef-85d5-6b3163c600f6&&ckm-x=cou12fvh0b5se4qqtp20
X-Ray: cou12fvh0b5se4qqtp20
Connection: close

c.tilttrk.com/?a=5622&c=863&E=TtqGvAvetqA%3d&s2=93374__a8af4640dcf&s4=a15943a0-0d96-11ef-85d5-6b3163c600f6&&ckm-x=cou12fvh0b5se4qqtp20

52.17.215.137

302 Found

197 B

URL User Request GET HTTP/1.1
c.tilttrk.com/?a=5622&c=863&E=TtqGvAvetqA%3d&s2=93374__a8af4640dcf&s4=a15943a0-0d96-11ef-85d5-6b3163c600f6&&ckm-x=cou12fvh0b5se4qqtp20
IP
52.17.215.137:443
ASN
#16509 AMAZON-02

Certificate
IssuerGlobalSign nv-sa
Subject*.tilttrk.com
Fingerprint2D:85:B1:1F:5D:14:58:E3:86:47:9D:E3:66:22:2C:20:25:BC:B5:A3
ValidityTue, 05 Dec 2023 07:58:29 GMT - Sun, 05 Jan 2025 07:58:28 GMT

File type
HTML document, ASCII text
Size
197 B (197 bytes)
Hash
dff8f4d0aab050a09164c3ee9be5d3bb
21c1e83cd1bebaa150b28393a5c1af20395ec09e
f03c546f501d68c1e2869ddefd6a6d890c4a8adb757ae951f9e41c7a6469f689

HTTP Headers

GET /?a=5622&c=863&E=TtqGvAvetqA%3d&s2=93374__a8af4640dcf&s4=a15943a0-0d96-11ef-85d5-6b3163c600f6&&ckm-x=cou12fvh0b5se4qqtp20 HTTP/1.1
Host: c.tilttrk.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 302 Found
Content-Length: 197
Content-Type: text/html; charset=utf-8
Date: Wed, 08 May 2024 23:56:47 GMT
Location: https://tracker.tiltwin.com/rotate/194?P=3-cou12fsqsb1se4uouro0&A=5622&B=93374__a8af4640dcf&aff_sub4=a15943a0-0d96-11ef-85d5-6b3163c600f6&email=&aff_sub2=
Set-Cookie: trk=cJx3ovsyH7ZcKF30yAK2+Fp5vex0NIGAUeW+5TuRKbn4DCkPUYnHY7+bIPrdCoy6bUwQ/O6wUe8=; Domain=.tilttrk.com; Expires=Fri, 08 May 2026 23:56:47 GMT; HttpOnly; Secure; SameSite=None
sid=cJx3ovsyH7ZcKF30yAK2+GtLnPDlaaXcUeW+5TuRKbn4DCkPUYnHY7+bIPrdCoy6ylFHuzBNRJA=; Domain=.tilttrk.com; HttpOnly; Secure; SameSite=None
x12=QBtGYwbAu6jxnmQgEfY5WA2UNV0HoxWVNfJ2oAN+/ERFgeBlwg7Ytqn+Zp1Xk4mjoRNgOr2+lDmZgGp1HxjbKHeQeG0gEHBOtRkGrJ+tox1hA2BwoJ7qgVi+SwLNFfzdI3duQjOue5Csk8SunfzxkPm9P0BikUurTOB0hSrg4zVRBx/2bFI6pa/T2X5hE628EdOo3TVBYbLdPH+ZJBrKx2iRrrjXUCdHCJ0PcfyGU9BDKvsDNzYOmHD8xuuwihBbFqU/0fv7EKJYvksCzRX83aYr8N8hOwIMEtjBwARP5N9z3EkvTtcIQFcT3oBMOOPbTZwrXX4xQGz/xuwdHiyZn71KCzEvHFBZtijL1+ca8NHE2P0tY6R0iTWbrMYMgvUaKWnt4cjK8AFWNku93zXb9jWWDrLVz5vA/WGpbw5ecwWrmmZVMxgGUrQ0nktselVe6gDtFAiGDhCXaWeJVim3NFfAv7OL3IZDMweZjqifdIlie2uTzQhIKQWDBv8AnF0fqcaTcqLHcS+pdN4ppHEcSp5Xv8ZIME+rwmew5R++W736LhQIQ1YYOb1D4MpBqVm9wxeY3OH2TRWIKGikhLyJAYqsWhYy4UfZe9n2HYan/ZYrS2cv7x4p+DaYbtdSr5CT+s3RHRXoqCxS9xPagBFWzy+zb4/IiNdVpI3bteYxrjWJwZXnZXXAaA==; Domain=.tilttrk.com; Expires=Fri, 07 Jun 2024 23:56:47 GMT; HttpOnly; Secure; SameSite=None
X-Ckt: cou12fsqsb1se4uouro0
X-Ray: cou12fsqsb1se4uourm0
Connection: close

afflat3d3.com/

69.172.200.185

20 B

URL
afflat3d3.com/
IP
69.172.200.185:0
ASN
#19324 DOSARREST

Certificate
IssuerLet's Encrypt
Subjectffatric1.com
FingerprintD6:16:F4:F4:A9:33:49:30:02:7D:1C:FA:6F:BE:40:8E:AC:A3:42:95
ValidityTue, 16 Apr 2024 01:16:55 GMT - Mon, 15 Jul 2024 01:16:54 GMT

File type
ASCII text, with no line terminators
Size
20 B (20 bytes)
Hash
1ebd965d6834885c8f12d112d9b64003
a710918d332f5a753159d412fb18815a57f39483
e2751ba8e6be3714bd23adee4d37f2493cc5c4c859fb731dc963a83c7b397848

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET / HTTP/1.1
Host: afflat3d3.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx/1.20.2
Date: Wed, 08 May 2024 23:56:48 GMT
Content-Type: text/html
Content-Length: 20
Connection: keep-alive
Keep-Alive: timeout=20
Last-Modified: Sat, 15 May 2021 14:42:25 GMT
Accept-Ranges: bytes
ETag: "80de3d859849d71:0"
X-Powered-By: ASP.NET
X-DIS-Request-ID: 49ad9a4a640f8e1942bd91fbc3aaca29

code.jquery.com/jquery-3.4.1.min.js

151.101.2.137

200 OK

31 kB

URL GET HTTP/2
code.jquery.com/jquery-3.4.1.min.js
IP
151.101.2.137:443
ASN
#54113 FASTLY

Requested by
https://www2.tiltwin.com/no/landing/165/574?A=5622
Certificate
IssuerSectigo Limited
Subject*.jquery.com
FingerprintD2:19:0A:AD:CE:BB:9C:61:17:5D:29:4B:A2:54:E8:C6:91:B8:F9:8D
ValidityTue, 11 Jul 2023 00:00:00 GMT - Sun, 14 Jul 2024 23:59:59 GMT

File type
JavaScript source, ASCII text, with very long lines (65451)
Size
31 kB (30638 bytes)
Hash
220afd743d9e9643852e31a135a9f3ae
88523924351bac0b5d560fe0c5781e2556e7693d
0925e8ad7bd971391a8b1e98be8e87a6971919eb5b60c196485941c3c1df089a

HTTP Headers

GET /jquery-3.4.1.min.js HTTP/1.1
Host: code.jquery.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www2.tiltwin.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
server: nginx
content-type: application/javascript; charset=utf-8
last-modified: Fri, 18 Oct 1991 12:00:00 GMT
etag: W/"28feccc0-15851"
cache-control: public, max-age=31536000, stale-while-revalidate=604800
access-control-allow-origin: *
content-encoding: gzip
via: 1.1 varnish, 1.1 varnish
accept-ranges: bytes
date: Wed, 08 May 2024 23:56:49 GMT
age: 7131108
x-served-by: cache-lga21965-LGA, cache-hel1410033-HEL
x-cache: HIT, HIT
x-cache-hits: 23, 57261
x-timer: S1715212609.000776,VS0,VE0
vary: Accept-Encoding
content-length: 30638
X-Firefox-Spdy: h2

www.googletagmanager.com/gtag/js?id=UA-144971979-1

142.250.74.168

200 OK

75 kB

URL GET HTTP/2
www.googletagmanager.com/gtag/js?id=UA-144971979-1
IP
142.250.74.168:443
ASN
#15169 GOOGLE

Requested by
https://www2.tiltwin.com/no/landing/165/574?A=5622
Certificate
IssuerGoogle Trust Services LLC
Subject*.google-analytics.com
Fingerprint93:6B:D2:9D:92:BE:2D:D8:02:67:82:83:5E:EF:A3:F9:13:F3:26:AE
ValidityTue, 16 Apr 2024 03:18:45 GMT - Tue, 09 Jul 2024 03:18:44 GMT

File type
JavaScript source, ASCII text, with very long lines (4179)
Size
75 kB (74587 bytes)
Hash
6b4ddd0793d239ece5c00d798d0fe25e
520db565583b60ddd931d137e39558bbed9be34a
8104fa6f933abdb8cd5af6d2cc3ad1596d540ca857df7018e7342d0e772313ca

HTTP Headers

GET /gtag/js?id=UA-144971979-1 HTTP/1.1
Host: www.googletagmanager.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www2.tiltwin.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
content-encoding: br
vary: Accept-Encoding
date: Wed, 08 May 2024 23:56:49 GMT
expires: Wed, 08 May 2024 23:56:49 GMT
cache-control: private, max-age=900
last-modified: Wed, 08 May 2024 21:00:00 GMT
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
server: Google Tag Manager
content-length: 74587
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2

d2i5a4y6yksdm0.cloudfront.net/images/footer-icons/only-18.png

143.204.42.96

200 OK

1.6 kB

URL GET HTTP/2
d2i5a4y6yksdm0.cloudfront.net/images/footer-icons/only-18.png
IP
143.204.42.96:443
ASN
#16509 AMAZON-02

Requested by
https://www2.tiltwin.com/no/landing/165/574?A=5622
Certificate
IssuerAmazon
Subject*.cloudfront.net
FingerprintFA:21:45:DC:4D:94:03:A3:09:77:51:78:4A:21:F2:C5:6D:94:BE:52
ValidityTue, 10 Oct 2023 00:00:00 GMT - Thu, 19 Sep 2024 23:59:59 GMT

File type
PNG image data, 30 x 35, 8-bit/color RGBA, non-interlaced
Size
1.6 kB (1589 bytes)
Hash
cf04116a79119c523e050702bad75e29
ae2c9c695fbf60205ea06e8a73e7ed54fa534733
a410afd1a0e4ffb9dc6000d922ee4a72d5e48bffd935031cf3b6396adc39387d

HTTP Headers

GET /images/footer-icons/only-18.png HTTP/1.1
Host: d2i5a4y6yksdm0.cloudfront.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www2.tiltwin.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
content-type: image/png
content-length: 1589
server: nginx/1.14.0 (Ubuntu)
date: Wed, 08 May 2024 01:07:46 GMT
last-modified: Tue, 27 Mar 2018 12:02:16 GMT
etag: "5aba32c8-635"
x-cache-status: MISS
accept-ranges: bytes
x-cache: Hit from cloudfront
via: 1.1 1d8cf7c8865ed1078c19a98771ad34ca.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-C1
x-amz-cf-id: WQj0JcgESBkblolc75xU0kuFlQMXkCXbpQ_DONUBYjHT5TCpyNbLbw==
age: 82143
X-Firefox-Spdy: h2

d2i5a4y6yksdm0.cloudfront.net/images/footer-icons/begamble.png

143.204.42.96

200 OK

10 kB

URL GET HTTP/2
d2i5a4y6yksdm0.cloudfront.net/images/footer-icons/begamble.png
IP
143.204.42.96:443
ASN
#16509 AMAZON-02

Requested by
https://www2.tiltwin.com/no/landing/165/574?A=5622
Certificate
IssuerAmazon
Subject*.cloudfront.net
FingerprintFA:21:45:DC:4D:94:03:A3:09:77:51:78:4A:21:F2:C5:6D:94:BE:52
ValidityTue, 10 Oct 2023 00:00:00 GMT - Thu, 19 Sep 2024 23:59:59 GMT

File type
PNG image data, 473 x 62, 8-bit/color RGBA, non-interlaced
Size
10 kB (10295 bytes)
Hash
4fd78d077e73978bca5af09bd9d76365
f157bdf0be60a2fbb09f52252e353711d83fde4b
bdaa2b7f6eec96c7620ee7d1821fe7b328a7d7dcbade888a0986d3aeb7755ab6

HTTP Headers

GET /images/footer-icons/begamble.png HTTP/1.1
Host: d2i5a4y6yksdm0.cloudfront.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www2.tiltwin.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
content-type: image/png
content-length: 10295
server: nginx/1.14.0 (Ubuntu)
last-modified: Mon, 04 Jan 2021 17:51:23 GMT
x-cache-status: MISS
accept-ranges: bytes
date: Wed, 08 May 2024 02:33:54 GMT
etag: "5ff3559b-2837"
vary: Accept-Encoding
x-cache: Hit from cloudfront
via: 1.1 1d8cf7c8865ed1078c19a98771ad34ca.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-C1
x-amz-cf-id: PhFs8V02xKuVlcTyG6b9fyLRGaMykuhR54kcu3dbyuNX6HKQ0HYxbQ==
age: 76975
X-Firefox-Spdy: h2

d2i5a4y6yksdm0.cloudfront.net/images/arrow-up.png

143.204.42.96

200 OK

1.8 kB

URL GET HTTP/2
d2i5a4y6yksdm0.cloudfront.net/images/arrow-up.png
IP
143.204.42.96:443
ASN
#16509 AMAZON-02

Requested by
https://www2.tiltwin.com/no/landing/165/574?A=5622
Certificate
IssuerAmazon
Subject*.cloudfront.net
FingerprintFA:21:45:DC:4D:94:03:A3:09:77:51:78:4A:21:F2:C5:6D:94:BE:52
ValidityTue, 10 Oct 2023 00:00:00 GMT - Thu, 19 Sep 2024 23:59:59 GMT

File type
PNG image data, 30 x 15, 8-bit/color RGBA, non-interlaced
Size
1.8 kB (1756 bytes)
Hash
7be70e54560a27609532935253b1e0b5
d78ebcbed3d2e898f2d113842109b9f36218eaad
ecae0dc020262a5fcbf7d216c27cb4ab482807311e25312e5d812183472bf398

HTTP Headers

GET /images/arrow-up.png HTTP/1.1
Host: d2i5a4y6yksdm0.cloudfront.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www2.tiltwin.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
content-type: image/png
content-length: 1756
server: nginx/1.14.0 (Ubuntu)
last-modified: Thu, 12 Jul 2018 16:49:11 GMT
x-cache-status: MISS
accept-ranges: bytes
date: Wed, 08 May 2024 10:41:20 GMT
etag: "5b478687-6dc"
vary: Accept-Encoding
x-cache: Hit from cloudfront
via: 1.1 1d8cf7c8865ed1078c19a98771ad34ca.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-C1
x-amz-cf-id: XVveFY-qBtoSngmx1Q_xEYWEysHJpJvJYgOdR8jniFR8neYAVpK2lA==
age: 47729
X-Firefox-Spdy: h2

d2i5a4y6yksdm0.cloudfront.net/js/js.cookie.js

143.204.42.96

200 OK

3.2 kB

URL GET HTTP/2
d2i5a4y6yksdm0.cloudfront.net/js/js.cookie.js
IP
143.204.42.96:443
ASN
#16509 AMAZON-02

Requested by
https://www2.tiltwin.com/no/landing/165/574?A=5622
Certificate
IssuerAmazon
Subject*.cloudfront.net
FingerprintFA:21:45:DC:4D:94:03:A3:09:77:51:78:4A:21:F2:C5:6D:94:BE:52
ValidityTue, 10 Oct 2023 00:00:00 GMT - Thu, 19 Sep 2024 23:59:59 GMT

File type
gzip compressed data, from Unix
Size
3.2 kB (3245 bytes)
Hash
30c02a9aa939672ee67778722e41cf22
1051a68c3ad1688845b053dea2546e53856600c1
d949c774e28d1d277077d5ee4b49655a29e3a1e207b7780aefad94a195f834f1

HTTP Headers

GET /js/js.cookie.js HTTP/1.1
Host: d2i5a4y6yksdm0.cloudfront.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www2.tiltwin.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
content-type: application/javascript; charset=utf-8
server: nginx/1.14.0 (Ubuntu)
last-modified: Sun, 13 May 2018 17:24:12 GMT
x-cache-status: MISS
content-encoding: gzip
date: Wed, 08 May 2024 16:19:26 GMT
etag: W/"5af874bc-f2e"
vary: Accept-Encoding
x-cache: Hit from cloudfront
via: 1.1 1d8cf7c8865ed1078c19a98771ad34ca.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-C1
x-amz-cf-id: TUviIJAr-HiA0DVyX44-LAoDYRMoRntP1K0-y8lu3dqDwSn9NykAww==
age: 27442
X-Firefox-Spdy: h2

d2i5a4y6yksdm0.cloudfront.net/images/lp/574/bg-desk.jpg

143.204.42.96

200 OK

314 kB

URL GET HTTP/2
d2i5a4y6yksdm0.cloudfront.net/images/lp/574/bg-desk.jpg
IP
143.204.42.96:443
ASN
#16509 AMAZON-02

Requested by
https://www2.tiltwin.com/no/landing/165/574?A=5622
Certificate
IssuerAmazon
Subject*.cloudfront.net
FingerprintFA:21:45:DC:4D:94:03:A3:09:77:51:78:4A:21:F2:C5:6D:94:BE:52
ValidityTue, 10 Oct 2023 00:00:00 GMT - Thu, 19 Sep 2024 23:59:59 GMT

File type
JPEG image data, Exif standard: [TIFF image data, little-endian, direntries=0], baseline, precision 8, 1920x1110, components 3
Size
314 kB (313736 bytes)
Hash
529071eccd64ba89295ec3a429e9cbc7
95aecfa453faff357642a6f4dbbaba0b59b23ca9
28e773a2b073bffa1ed1fbe947b653655ff36b5cec094aa3d69a73b18eea940a

HTTP Headers

GET /images/lp/574/bg-desk.jpg HTTP/1.1
Host: d2i5a4y6yksdm0.cloudfront.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://d2i5a4y6yksdm0.cloudfront.net/css/lp/574/style.css
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
content-type: image/jpeg
content-length: 313736
server: nginx/1.14.0 (Ubuntu)
date: Wed, 08 May 2024 04:38:07 GMT
last-modified: Wed, 05 Aug 2020 12:10:43 GMT
etag: "5f2aa1c3-4c988"
x-cache-status: MISS
accept-ranges: bytes
x-cache: Hit from cloudfront
via: 1.1 1d8cf7c8865ed1078c19a98771ad34ca.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-C1
x-amz-cf-id: edtBTgpj5mFkubLFM-JZDctXfoUUd1dx-O5b3S9AO4Ks4mMDinfZlg==
age: 69522
X-Firefox-Spdy: h2

d2i5a4y6yksdm0.cloudfront.net/images/lp/574/hint-bg.jpg

143.204.42.96

200 OK

15 kB

URL GET HTTP/2
d2i5a4y6yksdm0.cloudfront.net/images/lp/574/hint-bg.jpg
IP
143.204.42.96:443
ASN
#16509 AMAZON-02

Requested by
https://www2.tiltwin.com/no/landing/165/574?A=5622
Certificate
IssuerAmazon
Subject*.cloudfront.net
FingerprintFA:21:45:DC:4D:94:03:A3:09:77:51:78:4A:21:F2:C5:6D:94:BE:52
ValidityTue, 10 Oct 2023 00:00:00 GMT - Thu, 19 Sep 2024 23:59:59 GMT

File type
JPEG image data, Exif standard: [TIFF image data, little-endian, direntries=0], baseline, precision 8, 729x104, components 3
Size
15 kB (14725 bytes)
Hash
0a888847143630d0d32d6a1c07bbd420
7680e65b7e67d78a092dbef31e532e9a2f4612f3
5fa3072f292f8edafb050ded6c7e139c3ebac45fdce1633e8a83dda02a638370

HTTP Headers

GET /images/lp/574/hint-bg.jpg HTTP/1.1
Host: d2i5a4y6yksdm0.cloudfront.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://d2i5a4y6yksdm0.cloudfront.net/css/lp/574/style.css
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
content-type: image/jpeg
content-length: 14725
server: nginx/1.14.0 (Ubuntu)
last-modified: Wed, 05 Aug 2020 12:12:54 GMT
x-cache-status: MISS
accept-ranges: bytes
date: Wed, 08 May 2024 09:40:25 GMT
etag: "5f2aa246-3985"
vary: Accept-Encoding
x-cache: Hit from cloudfront
via: 1.1 1d8cf7c8865ed1078c19a98771ad34ca.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-C1
x-amz-cf-id: I1Vzl1f6tTOWQjkJy-h7DWTVMnmLEQwQ-i4HCzDIMrXLSSW4lv5DGw==
age: 51384
X-Firefox-Spdy: h2

d2i5a4y6yksdm0.cloudfront.net/images/footer-icons/gambling-therapy.png

143.204.42.96

200 OK

4.9 kB

URL GET HTTP/2
d2i5a4y6yksdm0.cloudfront.net/images/footer-icons/gambling-therapy.png
IP
143.204.42.96:443
ASN
#16509 AMAZON-02

Requested by
https://www2.tiltwin.com/no/landing/165/574?A=5622
Certificate
IssuerAmazon
Subject*.cloudfront.net
FingerprintFA:21:45:DC:4D:94:03:A3:09:77:51:78:4A:21:F2:C5:6D:94:BE:52
ValidityTue, 10 Oct 2023 00:00:00 GMT - Thu, 19 Sep 2024 23:59:59 GMT

File type
PNG image data, 110 x 45, 8-bit/color RGBA, non-interlaced
Size
4.9 kB (4900 bytes)
Hash
a07cbc8e2901b2c1dcadc9da971b8e22
5e08e02995d5716e8a9910f939d785e200c1a10c
8769471d2891f9151996faf46dab47fc14bf45f5a0e1cb253ba542d4cee57fcd

HTTP Headers

GET /images/footer-icons/gambling-therapy.png HTTP/1.1
Host: d2i5a4y6yksdm0.cloudfront.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www2.tiltwin.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
content-type: image/png
content-length: 4900
server: nginx/1.14.0 (Ubuntu)
date: Wed, 08 May 2024 10:18:15 GMT
last-modified: Sun, 28 Apr 2019 00:57:47 GMT
etag: "5cc4fa8b-1324"
x-cache-status: MISS
accept-ranges: bytes
x-cache: Hit from cloudfront
via: 1.1 1d8cf7c8865ed1078c19a98771ad34ca.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-C1
x-amz-cf-id: bbd25IjpnAopfplBPVY_MUP__ocxKr4jbji3IfnePmJatovJk5HK0g==
age: 49114
X-Firefox-Spdy: h2

d2i5a4y6yksdm0.cloudfront.net/images/lp/574/book.jpg

143.204.42.96

200 OK

9.4 kB

URL GET HTTP/2
d2i5a4y6yksdm0.cloudfront.net/images/lp/574/book.jpg
IP
143.204.42.96:443
ASN
#16509 AMAZON-02

Requested by
https://www2.tiltwin.com/no/landing/165/574?A=5622
Certificate
IssuerAmazon
Subject*.cloudfront.net
FingerprintFA:21:45:DC:4D:94:03:A3:09:77:51:78:4A:21:F2:C5:6D:94:BE:52
ValidityTue, 10 Oct 2023 00:00:00 GMT - Thu, 19 Sep 2024 23:59:59 GMT

File type
JPEG image data, Exif standard: [TIFF image data, little-endian, direntries=0], baseline, precision 8, 93x93, components 3
Size
9.4 kB (9415 bytes)
Hash
87071c18d0bdb052205b5817bca6320d
0a897b1f97015db6ff2c5ada197f5756da20aa7c
ccf7a96e395a62a1a5801bbd26903faa6bb6607d1c7150181388276ee05f6b19

HTTP Headers

GET /images/lp/574/book.jpg HTTP/1.1
Host: d2i5a4y6yksdm0.cloudfront.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://d2i5a4y6yksdm0.cloudfront.net/css/lp/574/style.css
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
content-type: image/jpeg
content-length: 9415
server: nginx/1.14.0 (Ubuntu)
last-modified: Wed, 05 Aug 2020 12:12:47 GMT
x-cache-status: MISS
accept-ranges: bytes
date: Wed, 08 May 2024 07:56:12 GMT
etag: "5f2aa23f-24c7"
vary: Accept-Encoding
x-cache: Hit from cloudfront
via: 1.1 1d8cf7c8865ed1078c19a98771ad34ca.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-C1
x-amz-cf-id: jrFMO4xi6IGD1DUjQaN0gbU0iP-smPVfoNCCfSpjJ9DTSddUhdVqwA==
age: 57637
X-Firefox-Spdy: h2

d2i5a4y6yksdm0.cloudfront.net/favicon.ico

143.204.42.96

200 OK

0 B

URL GET HTTP/2
d2i5a4y6yksdm0.cloudfront.net/favicon.ico
IP
143.204.42.96:443
ASN
#16509 AMAZON-02

Requested by
https://www2.tiltwin.com/no/landing/165/574?A=5622
Certificate
IssuerAmazon
Subject*.cloudfront.net
FingerprintFA:21:45:DC:4D:94:03:A3:09:77:51:78:4A:21:F2:C5:6D:94:BE:52
ValidityTue, 10 Oct 2023 00:00:00 GMT - Thu, 19 Sep 2024 23:59:59 GMT

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

HTTP Headers

GET /favicon.ico HTTP/1.1
Host: d2i5a4y6yksdm0.cloudfront.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www2.tiltwin.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
content-type: image/x-icon
content-length: 0
server: nginx/1.14.0 (Ubuntu)
last-modified: Sun, 11 Mar 2018 21:25:00 GMT
x-cache-status: HIT
accept-ranges: bytes
date: Wed, 08 May 2024 08:14:23 GMT
etag: "5aa59eac-0"
vary: Accept-Encoding
x-cache: Hit from cloudfront
via: 1.1 1d8cf7c8865ed1078c19a98771ad34ca.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-C1
x-amz-cf-id: 4xJt82ZLIRZuE64o78YzJzIncGHetjUUvVptyKVMpiDgeOYccUx9Ow==
age: 56546
X-Firefox-Spdy: h2

www.googletagmanager.com/gtag/js?id=G-N43BLYJLJR&l=dataLayer&cx=c

142.250.74.168

200 OK

90 kB

URL GET HTTP/3
www.googletagmanager.com/gtag/js?id=G-N43BLYJLJR&l=dataLayer&cx=c
IP
142.250.74.168:443
ASN
#15169 GOOGLE

Requested by
https://www2.tiltwin.com/no/landing/165/574?A=5622
Certificate
IssuerGoogle Trust Services LLC
Subject*.google-analytics.com
Fingerprint93:6B:D2:9D:92:BE:2D:D8:02:67:82:83:5E:EF:A3:F9:13:F3:26:AE
ValidityTue, 16 Apr 2024 03:18:45 GMT - Tue, 09 Jul 2024 03:18:44 GMT

File type
JavaScript source, ASCII text, with very long lines (5955)
Size
90 kB (89737 bytes)
Hash
50d26cce6d31a035901ebf4fcfc774c2
a98209c3f549bc206cc1364649959a3eaee9304b
f02d266b07ee7bbde8d20f72b4f236b02d4dcdacd182361c5c175f695327b8fb

HTTP Headers

GET /gtag/js?id=G-N43BLYJLJR&l=dataLayer&cx=c HTTP/1.1
Host: www.googletagmanager.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www2.tiltwin.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/3 200 OK
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
content-encoding: br
vary: Accept-Encoding
date: Wed, 08 May 2024 23:56:49 GMT
expires: Wed, 08 May 2024 23:56:49 GMT
cache-control: private, max-age=900
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
server: Google Tag Manager
content-length: 89737
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000

www2.tiltwin.com/images/lp/574/btn.png

18.184.180.82

200 OK

526 B

URL GET HTTP/2
www2.tiltwin.com/images/lp/574/btn.png
IP
18.184.180.82:443
ASN
#16509 AMAZON-02

Requested by
https://www2.tiltwin.com/no/landing/165/574?A=5622
Certificate
IssuerLet's Encrypt
Subjectwww2.tiltwin.com
Fingerprint28:6A:DB:F5:7E:17:44:BC:BE:96:A9:46:46:4A:42:5D:EB:F4:DD:C0
ValidityTue, 09 Apr 2024 21:42:56 GMT - Mon, 08 Jul 2024 21:42:55 GMT

File type
PNG image data, 464 x 106, 8-bit colormap, non-interlaced
Size
526 B (526 bytes)
Hash
64adf8fec30ad9649caa783d6591ce0e
b62a1d90790ffacb19e0317628dde53d284ec8b9
a518a179514e2c1d458a0a652b0fb9203396f149d4ad2e424e083eaba12e4b0d

HTTP Headers

GET /images/lp/574/btn.png HTTP/1.1
Host: www2.tiltwin.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www2.tiltwin.com/no/landing/165/574?A=5622
Cookie: tracking_data=%7B%22P%22%3A%223-cou12fsqsb1se4uouro0%22%2C%22A%22%3A%225622%22%2C%22B%22%3A%2293374__a8af4640dcf%22%2C%22aff_sub4%22%3A%22a15943a0-0d96-11ef-85d5-6b3163c600f6%22%2C%22email%22%3Anull%2C%22aff_sub2%22%3Anull%2C%22market%22%3A%22no%22%2C%22path%22%3A%22landing%5C%2F165%5C%2F574%22%2C%22country%22%3A%22NO%22%2C%22page%22%3A%22165%22%2C%22template%22%3A%22574%22%2C%22clickin_ip%22%3A%2291.90.42.154%22%2C%22token%22%3A%22lvyhaulm%22%7D; tw_session=eyJpdiI6IjdmZWNvRnZaV3c2azBCOUJqZTRPQXc9PSIsInZhbHVlIjoiYWR5ckErNVpYdE9MSmdPWXZ4NkRUcnJcLzZzeStMSDdWTTVmbTB2QlB1Vm9ZSFp6TlpTdjFlOVUwZnh3UXJ0U2wiLCJtYWMiOiI2MDI4OWY5MTZiNThiYjZkYThmMmM5ZDE2N2ZhYTZmZmM4MTczOTdlMTc2NzEyNGI3YzZiZDc5Y2Q2YjJlM2JjIn0%3D; _ga_N43BLYJLJR=GS1.1.1715212609.1.0.1715212609.0.0.0; _ga=GA1.1.1502968724.1715212610
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
server: nginx/1.14.0 (Ubuntu)
date: Wed, 08 May 2024 23:56:49 GMT
content-type: image/png
content-length: 526
last-modified: Wed, 05 Aug 2020 12:20:24 GMT
etag: "5f2aa408-20e"
x-cache-status: MISS
accept-ranges: bytes
X-Firefox-Spdy: h2

www2.tiltwin.com/images/lp/574/osn.png

18.184.180.82

200 OK

166 kB

URL GET HTTP/2
www2.tiltwin.com/images/lp/574/osn.png
IP
18.184.180.82:443
ASN
#16509 AMAZON-02

Requested by
https://www2.tiltwin.com/no/landing/165/574?A=5622
Certificate
IssuerLet's Encrypt
Subjectwww2.tiltwin.com
Fingerprint28:6A:DB:F5:7E:17:44:BC:BE:96:A9:46:46:4A:42:5D:EB:F4:DD:C0
ValidityTue, 09 Apr 2024 21:42:56 GMT - Mon, 08 Jul 2024 21:42:55 GMT

File type
PNG image data, 786 x 608, 8-bit colormap, non-interlaced
Size
166 kB (165485 bytes)
Hash
fbafd6c1abbfabd273bf06686d59119a
31ef49086d289c7207e9611b12795e19414cb2d6
45b39e728f642365cf8c94599ecf3002b20c607c07160c7e8e404da8c2041968

HTTP Headers

GET /images/lp/574/osn.png HTTP/1.1
Host: www2.tiltwin.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www2.tiltwin.com/no/landing/165/574?A=5622
Cookie: tracking_data=%7B%22P%22%3A%223-cou12fsqsb1se4uouro0%22%2C%22A%22%3A%225622%22%2C%22B%22%3A%2293374__a8af4640dcf%22%2C%22aff_sub4%22%3A%22a15943a0-0d96-11ef-85d5-6b3163c600f6%22%2C%22email%22%3Anull%2C%22aff_sub2%22%3Anull%2C%22market%22%3A%22no%22%2C%22path%22%3A%22landing%5C%2F165%5C%2F574%22%2C%22country%22%3A%22NO%22%2C%22page%22%3A%22165%22%2C%22template%22%3A%22574%22%2C%22clickin_ip%22%3A%2291.90.42.154%22%2C%22token%22%3A%22lvyhaulm%22%7D; tw_session=eyJpdiI6IjdmZWNvRnZaV3c2azBCOUJqZTRPQXc9PSIsInZhbHVlIjoiYWR5ckErNVpYdE9MSmdPWXZ4NkRUcnJcLzZzeStMSDdWTTVmbTB2QlB1Vm9ZSFp6TlpTdjFlOVUwZnh3UXJ0U2wiLCJtYWMiOiI2MDI4OWY5MTZiNThiYjZkYThmMmM5ZDE2N2ZhYTZmZmM4MTczOTdlMTc2NzEyNGI3YzZiZDc5Y2Q2YjJlM2JjIn0%3D; _ga_N43BLYJLJR=GS1.1.1715212609.1.0.1715212609.0.0.0; _ga=GA1.1.1502968724.1715212610
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
server: nginx/1.14.0 (Ubuntu)
date: Wed, 08 May 2024 23:56:49 GMT
content-type: image/png
content-length: 165485
last-modified: Wed, 05 Aug 2020 12:21:28 GMT
etag: "5f2aa448-2866d"
x-cache-status: MISS
accept-ranges: bytes
X-Firefox-Spdy: h2

www2.tiltwin.com/images/lp/574/slot1.png

18.184.180.82

200 OK

11 kB

URL GET HTTP/2
www2.tiltwin.com/images/lp/574/slot1.png
IP
18.184.180.82:443
ASN
#16509 AMAZON-02

Requested by
https://www2.tiltwin.com/no/landing/165/574?A=5622
Certificate
IssuerLet's Encrypt
Subjectwww2.tiltwin.com
Fingerprint28:6A:DB:F5:7E:17:44:BC:BE:96:A9:46:46:4A:42:5D:EB:F4:DD:C0
ValidityTue, 09 Apr 2024 21:42:56 GMT - Mon, 08 Jul 2024 21:42:55 GMT

File type
PNG image data, 113 x 124, 8-bit colormap, non-interlaced
Size
11 kB (10650 bytes)
Hash
8f59f7505f06de597a0f749f018cadf2
d2313ce4b83ef4e2578b0c7d54dc25ff310519e7
34f19d90a2743c0f603ed8aa6ea761bf60de19a187754a3e67f1f8f77d894451

HTTP Headers

GET /images/lp/574/slot1.png HTTP/1.1
Host: www2.tiltwin.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www2.tiltwin.com/no/landing/165/574?A=5622
Cookie: tracking_data=%7B%22P%22%3A%223-cou12fsqsb1se4uouro0%22%2C%22A%22%3A%225622%22%2C%22B%22%3A%2293374__a8af4640dcf%22%2C%22aff_sub4%22%3A%22a15943a0-0d96-11ef-85d5-6b3163c600f6%22%2C%22email%22%3Anull%2C%22aff_sub2%22%3Anull%2C%22market%22%3A%22no%22%2C%22path%22%3A%22landing%5C%2F165%5C%2F574%22%2C%22country%22%3A%22NO%22%2C%22page%22%3A%22165%22%2C%22template%22%3A%22574%22%2C%22clickin_ip%22%3A%2291.90.42.154%22%2C%22token%22%3A%22lvyhaulm%22%7D; tw_session=eyJpdiI6IjdmZWNvRnZaV3c2azBCOUJqZTRPQXc9PSIsInZhbHVlIjoiYWR5ckErNVpYdE9MSmdPWXZ4NkRUcnJcLzZzeStMSDdWTTVmbTB2QlB1Vm9ZSFp6TlpTdjFlOVUwZnh3UXJ0U2wiLCJtYWMiOiI2MDI4OWY5MTZiNThiYjZkYThmMmM5ZDE2N2ZhYTZmZmM4MTczOTdlMTc2NzEyNGI3YzZiZDc5Y2Q2YjJlM2JjIn0%3D; _ga_N43BLYJLJR=GS1.1.1715212609.1.0.1715212609.0.0.0; _ga=GA1.1.1502968724.1715212610
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
server: nginx/1.14.0 (Ubuntu)
date: Wed, 08 May 2024 23:56:49 GMT
content-type: image/png
content-length: 10650
last-modified: Wed, 05 Aug 2020 12:21:33 GMT
etag: "5f2aa44d-299a"
x-cache-status: MISS
accept-ranges: bytes
X-Firefox-Spdy: h2

www2.tiltwin.com/images/lp/574/slot3.png

18.184.180.82

200 OK

4.7 kB

URL GET HTTP/2
www2.tiltwin.com/images/lp/574/slot3.png
IP
18.184.180.82:443
ASN
#16509 AMAZON-02

Requested by
https://www2.tiltwin.com/no/landing/165/574?A=5622
Certificate
IssuerLet's Encrypt
Subjectwww2.tiltwin.com
Fingerprint28:6A:DB:F5:7E:17:44:BC:BE:96:A9:46:46:4A:42:5D:EB:F4:DD:C0
ValidityTue, 09 Apr 2024 21:42:56 GMT - Mon, 08 Jul 2024 21:42:55 GMT

File type
PNG image data, 113 x 124, 8-bit colormap, non-interlaced
Size
4.7 kB (4704 bytes)
Hash
15984c4890d9295e9d5c344d63cef553
41e4907655f2a67d20a6752bb9a4d63a2dda2e35
e208a6e29f59e3d67c0e58fb7ac2597fa4f85a928501d6d9a085061c87bdb569

HTTP Headers

GET /images/lp/574/slot3.png HTTP/1.1
Host: www2.tiltwin.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www2.tiltwin.com/no/landing/165/574?A=5622
Cookie: tracking_data=%7B%22P%22%3A%223-cou12fsqsb1se4uouro0%22%2C%22A%22%3A%225622%22%2C%22B%22%3A%2293374__a8af4640dcf%22%2C%22aff_sub4%22%3A%22a15943a0-0d96-11ef-85d5-6b3163c600f6%22%2C%22email%22%3Anull%2C%22aff_sub2%22%3Anull%2C%22market%22%3A%22no%22%2C%22path%22%3A%22landing%5C%2F165%5C%2F574%22%2C%22country%22%3A%22NO%22%2C%22page%22%3A%22165%22%2C%22template%22%3A%22574%22%2C%22clickin_ip%22%3A%2291.90.42.154%22%2C%22token%22%3A%22lvyhaulm%22%7D; tw_session=eyJpdiI6IjdmZWNvRnZaV3c2azBCOUJqZTRPQXc9PSIsInZhbHVlIjoiYWR5ckErNVpYdE9MSmdPWXZ4NkRUcnJcLzZzeStMSDdWTTVmbTB2QlB1Vm9ZSFp6TlpTdjFlOVUwZnh3UXJ0U2wiLCJtYWMiOiI2MDI4OWY5MTZiNThiYjZkYThmMmM5ZDE2N2ZhYTZmZmM4MTczOTdlMTc2NzEyNGI3YzZiZDc5Y2Q2YjJlM2JjIn0%3D; _ga_N43BLYJLJR=GS1.1.1715212609.1.0.1715212609.0.0.0; _ga=GA1.1.1502968724.1715212610
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
server: nginx/1.14.0 (Ubuntu)
date: Wed, 08 May 2024 23:56:49 GMT
content-type: image/png
content-length: 4704
last-modified: Wed, 05 Aug 2020 12:21:39 GMT
etag: "5f2aa453-1260"
x-cache-status: MISS
accept-ranges: bytes
X-Firefox-Spdy: h2

www2.tiltwin.com/images/lp/574/slot4.png

18.184.180.82

200 OK

6.3 kB

URL GET HTTP/2
www2.tiltwin.com/images/lp/574/slot4.png
IP
18.184.180.82:443
ASN
#16509 AMAZON-02

Requested by
https://www2.tiltwin.com/no/landing/165/574?A=5622
Certificate
IssuerLet's Encrypt
Subjectwww2.tiltwin.com
Fingerprint28:6A:DB:F5:7E:17:44:BC:BE:96:A9:46:46:4A:42:5D:EB:F4:DD:C0
ValidityTue, 09 Apr 2024 21:42:56 GMT - Mon, 08 Jul 2024 21:42:55 GMT

File type
PNG image data, 113 x 124, 8-bit colormap, non-interlaced
Size
6.3 kB (6341 bytes)
Hash
f6872ffe46353aa6c6e6bbc7dc3d3a94
2ab2aa93c1c3e462d3ae796d0f0f760bb6990a5b
d623f5acfe7ef19bd9b6705ec8737e98975ae0512aa851bdfdbcc76be8ebfc64

HTTP Headers

GET /images/lp/574/slot4.png HTTP/1.1
Host: www2.tiltwin.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www2.tiltwin.com/no/landing/165/574?A=5622
Cookie: tracking_data=%7B%22P%22%3A%223-cou12fsqsb1se4uouro0%22%2C%22A%22%3A%225622%22%2C%22B%22%3A%2293374__a8af4640dcf%22%2C%22aff_sub4%22%3A%22a15943a0-0d96-11ef-85d5-6b3163c600f6%22%2C%22email%22%3Anull%2C%22aff_sub2%22%3Anull%2C%22market%22%3A%22no%22%2C%22path%22%3A%22landing%5C%2F165%5C%2F574%22%2C%22country%22%3A%22NO%22%2C%22page%22%3A%22165%22%2C%22template%22%3A%22574%22%2C%22clickin_ip%22%3A%2291.90.42.154%22%2C%22token%22%3A%22lvyhaulm%22%7D; tw_session=eyJpdiI6IjdmZWNvRnZaV3c2azBCOUJqZTRPQXc9PSIsInZhbHVlIjoiYWR5ckErNVpYdE9MSmdPWXZ4NkRUcnJcLzZzeStMSDdWTTVmbTB2QlB1Vm9ZSFp6TlpTdjFlOVUwZnh3UXJ0U2wiLCJtYWMiOiI2MDI4OWY5MTZiNThiYjZkYThmMmM5ZDE2N2ZhYTZmZmM4MTczOTdlMTc2NzEyNGI3YzZiZDc5Y2Q2YjJlM2JjIn0%3D; _ga_N43BLYJLJR=GS1.1.1715212609.1.0.1715212609.0.0.0; _ga=GA1.1.1502968724.1715212610
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
server: nginx/1.14.0 (Ubuntu)
date: Wed, 08 May 2024 23:56:49 GMT
content-type: image/png
content-length: 6341
last-modified: Wed, 05 Aug 2020 12:21:45 GMT
etag: "5f2aa459-18c5"
x-cache-status: MISS
accept-ranges: bytes
X-Firefox-Spdy: h2

www2.tiltwin.com/images/lp/574/slot6.png

18.184.180.82

200 OK

10 kB

URL GET HTTP/2
www2.tiltwin.com/images/lp/574/slot6.png
IP
18.184.180.82:443
ASN
#16509 AMAZON-02

Requested by
https://www2.tiltwin.com/no/landing/165/574?A=5622
Certificate
IssuerLet's Encrypt
Subjectwww2.tiltwin.com
Fingerprint28:6A:DB:F5:7E:17:44:BC:BE:96:A9:46:46:4A:42:5D:EB:F4:DD:C0
ValidityTue, 09 Apr 2024 21:42:56 GMT - Mon, 08 Jul 2024 21:42:55 GMT

File type
PNG image data, 113 x 124, 8-bit colormap, non-interlaced
Size
10 kB (10273 bytes)
Hash
c760356fc69201be743d5b1d207dc2f7
61722969159fad8602e5351713cf71dccb786a33
421dbdcc6d7d1f18600bd10de4809dd745c936c9f22e33c0f8708aee1e3d7816

HTTP Headers

GET /images/lp/574/slot6.png HTTP/1.1
Host: www2.tiltwin.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www2.tiltwin.com/no/landing/165/574?A=5622
Cookie: tracking_data=%7B%22P%22%3A%223-cou12fsqsb1se4uouro0%22%2C%22A%22%3A%225622%22%2C%22B%22%3A%2293374__a8af4640dcf%22%2C%22aff_sub4%22%3A%22a15943a0-0d96-11ef-85d5-6b3163c600f6%22%2C%22email%22%3Anull%2C%22aff_sub2%22%3Anull%2C%22market%22%3A%22no%22%2C%22path%22%3A%22landing%5C%2F165%5C%2F574%22%2C%22country%22%3A%22NO%22%2C%22page%22%3A%22165%22%2C%22template%22%3A%22574%22%2C%22clickin_ip%22%3A%2291.90.42.154%22%2C%22token%22%3A%22lvyhaulm%22%7D; tw_session=eyJpdiI6IjdmZWNvRnZaV3c2azBCOUJqZTRPQXc9PSIsInZhbHVlIjoiYWR5ckErNVpYdE9MSmdPWXZ4NkRUcnJcLzZzeStMSDdWTTVmbTB2QlB1Vm9ZSFp6TlpTdjFlOVUwZnh3UXJ0U2wiLCJtYWMiOiI2MDI4OWY5MTZiNThiYjZkYThmMmM5ZDE2N2ZhYTZmZmM4MTczOTdlMTc2NzEyNGI3YzZiZDc5Y2Q2YjJlM2JjIn0%3D; _ga_N43BLYJLJR=GS1.1.1715212609.1.0.1715212609.0.0.0; _ga=GA1.1.1502968724.1715212610
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
server: nginx/1.14.0 (Ubuntu)
date: Wed, 08 May 2024 23:56:50 GMT
content-type: image/png
content-length: 10273
last-modified: Wed, 05 Aug 2020 12:21:51 GMT
etag: "5f2aa45f-2821"
x-cache-status: MISS
accept-ranges: bytes
X-Firefox-Spdy: h2

www2.tiltwin.com/images/lp/574/slot7.png

18.184.180.82

200 OK

6.2 kB

URL GET HTTP/2
www2.tiltwin.com/images/lp/574/slot7.png
IP
18.184.180.82:443
ASN
#16509 AMAZON-02

Requested by
https://www2.tiltwin.com/no/landing/165/574?A=5622
Certificate
IssuerLet's Encrypt
Subjectwww2.tiltwin.com
Fingerprint28:6A:DB:F5:7E:17:44:BC:BE:96:A9:46:46:4A:42:5D:EB:F4:DD:C0
ValidityTue, 09 Apr 2024 21:42:56 GMT - Mon, 08 Jul 2024 21:42:55 GMT

File type
PNG image data, 113 x 124, 8-bit colormap, non-interlaced
Size
6.2 kB (6171 bytes)
Hash
b88f9e690d35a9139c9ff3797f44c4f6
774423e288b95f597d44806d77cf2755f698e8ae
a6f7ecb186219e6730a1eb242570cb1816e954817d4c830930c19bf297e88198

HTTP Headers

GET /images/lp/574/slot7.png HTTP/1.1
Host: www2.tiltwin.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www2.tiltwin.com/no/landing/165/574?A=5622
Cookie: tracking_data=%7B%22P%22%3A%223-cou12fsqsb1se4uouro0%22%2C%22A%22%3A%225622%22%2C%22B%22%3A%2293374__a8af4640dcf%22%2C%22aff_sub4%22%3A%22a15943a0-0d96-11ef-85d5-6b3163c600f6%22%2C%22email%22%3Anull%2C%22aff_sub2%22%3Anull%2C%22market%22%3A%22no%22%2C%22path%22%3A%22landing%5C%2F165%5C%2F574%22%2C%22country%22%3A%22NO%22%2C%22page%22%3A%22165%22%2C%22template%22%3A%22574%22%2C%22clickin_ip%22%3A%2291.90.42.154%22%2C%22token%22%3A%22lvyhaulm%22%7D; tw_session=eyJpdiI6IjdmZWNvRnZaV3c2azBCOUJqZTRPQXc9PSIsInZhbHVlIjoiYWR5ckErNVpYdE9MSmdPWXZ4NkRUcnJcLzZzeStMSDdWTTVmbTB2QlB1Vm9ZSFp6TlpTdjFlOVUwZnh3UXJ0U2wiLCJtYWMiOiI2MDI4OWY5MTZiNThiYjZkYThmMmM5ZDE2N2ZhYTZmZmM4MTczOTdlMTc2NzEyNGI3YzZiZDc5Y2Q2YjJlM2JjIn0%3D; _ga_N43BLYJLJR=GS1.1.1715212609.1.0.1715212609.0.0.0; _ga=GA1.1.1502968724.1715212610
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
server: nginx/1.14.0 (Ubuntu)
date: Wed, 08 May 2024 23:56:50 GMT
content-type: image/png
content-length: 6171
last-modified: Wed, 05 Aug 2020 12:21:59 GMT
etag: "5f2aa467-181b"
x-cache-status: MISS
accept-ranges: bytes
X-Firefox-Spdy: h2

www2.tiltwin.com/images/lp/574/slot9.png

18.184.180.82

200 OK

7.2 kB

URL GET HTTP/2
www2.tiltwin.com/images/lp/574/slot9.png
IP
18.184.180.82:443
ASN
#16509 AMAZON-02

Requested by
https://www2.tiltwin.com/no/landing/165/574?A=5622
Certificate
IssuerLet's Encrypt
Subjectwww2.tiltwin.com
Fingerprint28:6A:DB:F5:7E:17:44:BC:BE:96:A9:46:46:4A:42:5D:EB:F4:DD:C0
ValidityTue, 09 Apr 2024 21:42:56 GMT - Mon, 08 Jul 2024 21:42:55 GMT

File type
PNG image data, 113 x 124, 8-bit colormap, non-interlaced
Size
7.2 kB (7165 bytes)
Hash
b4d7ea28ce81068a3c6664e96bb057d5
ebdf73b8e7778a0712896db9d4fae05d12b9b11e
2d19c254dba701820142a0b208ee92df45620acaeef7f396f7ffd96b797a0683

HTTP Headers

GET /images/lp/574/slot9.png HTTP/1.1
Host: www2.tiltwin.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www2.tiltwin.com/no/landing/165/574?A=5622
Cookie: tracking_data=%7B%22P%22%3A%223-cou12fsqsb1se4uouro0%22%2C%22A%22%3A%225622%22%2C%22B%22%3A%2293374__a8af4640dcf%22%2C%22aff_sub4%22%3A%22a15943a0-0d96-11ef-85d5-6b3163c600f6%22%2C%22email%22%3Anull%2C%22aff_sub2%22%3Anull%2C%22market%22%3A%22no%22%2C%22path%22%3A%22landing%5C%2F165%5C%2F574%22%2C%22country%22%3A%22NO%22%2C%22page%22%3A%22165%22%2C%22template%22%3A%22574%22%2C%22clickin_ip%22%3A%2291.90.42.154%22%2C%22token%22%3A%22lvyhaulm%22%7D; tw_session=eyJpdiI6IjdmZWNvRnZaV3c2azBCOUJqZTRPQXc9PSIsInZhbHVlIjoiYWR5ckErNVpYdE9MSmdPWXZ4NkRUcnJcLzZzeStMSDdWTTVmbTB2QlB1Vm9ZSFp6TlpTdjFlOVUwZnh3UXJ0U2wiLCJtYWMiOiI2MDI4OWY5MTZiNThiYjZkYThmMmM5ZDE2N2ZhYTZmZmM4MTczOTdlMTc2NzEyNGI3YzZiZDc5Y2Q2YjJlM2JjIn0%3D; _ga_N43BLYJLJR=GS1.1.1715212609.1.0.1715212609.0.0.0; _ga=GA1.1.1502968724.1715212610
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
server: nginx/1.14.0 (Ubuntu)
date: Wed, 08 May 2024 23:56:50 GMT
content-type: image/png
content-length: 7165
last-modified: Wed, 05 Aug 2020 12:22:04 GMT
etag: "5f2aa46c-1bfd"
x-cache-status: MISS
accept-ranges: bytes
X-Firefox-Spdy: h2

www2.tiltwin.com/images/lp/574/win_sym.png

18.184.180.82

200 OK

12 kB

URL GET HTTP/2
www2.tiltwin.com/images/lp/574/win_sym.png
IP
18.184.180.82:443
ASN
#16509 AMAZON-02

Requested by
https://www2.tiltwin.com/no/landing/165/574?A=5622
Certificate
IssuerLet's Encrypt
Subjectwww2.tiltwin.com
Fingerprint28:6A:DB:F5:7E:17:44:BC:BE:96:A9:46:46:4A:42:5D:EB:F4:DD:C0
ValidityTue, 09 Apr 2024 21:42:56 GMT - Mon, 08 Jul 2024 21:42:55 GMT

File type
PNG image data, 120 x 120, 8-bit colormap, non-interlaced
Size
12 kB (11878 bytes)
Hash
525d8bd6e69df2cac302047536b7037a
ef3510e45c5760c6db37a0b43b8ac07dda5da757
6f3b59cfa1a54fd4790e62f20830d525c4fd0b8ea6e8dd9d214e176b3b1d02ce

HTTP Headers

GET /images/lp/574/win_sym.png HTTP/1.1
Host: www2.tiltwin.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www2.tiltwin.com/no/landing/165/574?A=5622
Cookie: tracking_data=%7B%22P%22%3A%223-cou12fsqsb1se4uouro0%22%2C%22A%22%3A%225622%22%2C%22B%22%3A%2293374__a8af4640dcf%22%2C%22aff_sub4%22%3A%22a15943a0-0d96-11ef-85d5-6b3163c600f6%22%2C%22email%22%3Anull%2C%22aff_sub2%22%3Anull%2C%22market%22%3A%22no%22%2C%22path%22%3A%22landing%5C%2F165%5C%2F574%22%2C%22country%22%3A%22NO%22%2C%22page%22%3A%22165%22%2C%22template%22%3A%22574%22%2C%22clickin_ip%22%3A%2291.90.42.154%22%2C%22token%22%3A%22lvyhaulm%22%7D; tw_session=eyJpdiI6IjdmZWNvRnZaV3c2azBCOUJqZTRPQXc9PSIsInZhbHVlIjoiYWR5ckErNVpYdE9MSmdPWXZ4NkRUcnJcLzZzeStMSDdWTTVmbTB2QlB1Vm9ZSFp6TlpTdjFlOVUwZnh3UXJ0U2wiLCJtYWMiOiI2MDI4OWY5MTZiNThiYjZkYThmMmM5ZDE2N2ZhYTZmZmM4MTczOTdlMTc2NzEyNGI3YzZiZDc5Y2Q2YjJlM2JjIn0%3D; _ga_N43BLYJLJR=GS1.1.1715212609.1.0.1715212609.0.0.0; _ga=GA1.1.1502968724.1715212610
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
server: nginx/1.14.0 (Ubuntu)
date: Wed, 08 May 2024 23:56:50 GMT
content-type: image/png
content-length: 11878
last-modified: Wed, 05 Aug 2020 12:22:09 GMT
etag: "5f2aa471-2e66"
x-cache-status: MISS
accept-ranges: bytes
X-Firefox-Spdy: h2

www2.tiltwin.com/images/lp/574/winline.png

18.184.180.82

200 OK

6.2 kB

URL GET HTTP/2
www2.tiltwin.com/images/lp/574/winline.png
IP
18.184.180.82:443
ASN
#16509 AMAZON-02

Requested by
https://www2.tiltwin.com/no/landing/165/574?A=5622
Certificate
IssuerLet's Encrypt
Subjectwww2.tiltwin.com
Fingerprint28:6A:DB:F5:7E:17:44:BC:BE:96:A9:46:46:4A:42:5D:EB:F4:DD:C0
ValidityTue, 09 Apr 2024 21:42:56 GMT - Mon, 08 Jul 2024 21:42:55 GMT

File type
PNG image data, 622 x 178, 8-bit colormap, non-interlaced
Size
6.2 kB (6182 bytes)
Hash
b34e98c0e313ed03e192a7af5aef6dc0
83e248a726903fb3740991333564ab320e914486
291dc37728ccc14689e9cd0d509710aebb63d2bb284b7608e7c538f721909fc9

HTTP Headers

GET /images/lp/574/winline.png HTTP/1.1
Host: www2.tiltwin.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www2.tiltwin.com/no/landing/165/574?A=5622
Cookie: tracking_data=%7B%22P%22%3A%223-cou12fsqsb1se4uouro0%22%2C%22A%22%3A%225622%22%2C%22B%22%3A%2293374__a8af4640dcf%22%2C%22aff_sub4%22%3A%22a15943a0-0d96-11ef-85d5-6b3163c600f6%22%2C%22email%22%3Anull%2C%22aff_sub2%22%3Anull%2C%22market%22%3A%22no%22%2C%22path%22%3A%22landing%5C%2F165%5C%2F574%22%2C%22country%22%3A%22NO%22%2C%22page%22%3A%22165%22%2C%22template%22%3A%22574%22%2C%22clickin_ip%22%3A%2291.90.42.154%22%2C%22token%22%3A%22lvyhaulm%22%7D; tw_session=eyJpdiI6IjdmZWNvRnZaV3c2azBCOUJqZTRPQXc9PSIsInZhbHVlIjoiYWR5ckErNVpYdE9MSmdPWXZ4NkRUcnJcLzZzeStMSDdWTTVmbTB2QlB1Vm9ZSFp6TlpTdjFlOVUwZnh3UXJ0U2wiLCJtYWMiOiI2MDI4OWY5MTZiNThiYjZkYThmMmM5ZDE2N2ZhYTZmZmM4MTczOTdlMTc2NzEyNGI3YzZiZDc5Y2Q2YjJlM2JjIn0%3D; _ga_N43BLYJLJR=GS1.1.1715212609.1.0.1715212609.0.0.0; _ga=GA1.1.1502968724.1715212610
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
server: nginx/1.14.0 (Ubuntu)
date: Wed, 08 May 2024 23:56:50 GMT
content-type: image/png
content-length: 6182
last-modified: Wed, 05 Aug 2020 12:22:15 GMT
etag: "5f2aa477-1826"
x-cache-status: MISS
accept-ranges: bytes
X-Firefox-Spdy: h2

stackpath.bootstrapcdn.com/bootstrap/4.1.1/js/bootstrap.min.js

104.18.11.207

200 OK

51 kB

URL GET HTTP/2
stackpath.bootstrapcdn.com/bootstrap/4.1.1/js/bootstrap.min.js
IP
104.18.11.207:443
ASN
#13335 CLOUDFLARENET

Requested by
https://www2.tiltwin.com/no/landing/165/574?A=5622
Certificate
IssuerGoogle Trust Services LLC
Subjectbootstrapcdn.com
Fingerprint57:B4:25:B9:9C:88:A1:A3:3D:F7:31:74:02:E4:D1:E0:0A:F5:11:63
ValidityWed, 27 Mar 2024 00:22:09 GMT - Tue, 25 Jun 2024 00:22:08 GMT

File type
JavaScript source, ASCII text, with very long lines (50450)
Size
51 kB (50731 bytes)
Hash
eb5fac582a82f296aeb74900b01a2fa3
fffea98e12e63b66693d567315a2f32392b780b0
c5a17d46976d471cf060c5a0e25749a323d6ab20cf0910f40afed81047ba21ef

HTTP Headers

GET /bootstrap/4.1.1/js/bootstrap.min.js HTTP/1.1
Host: stackpath.bootstrapcdn.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://www2.tiltwin.com
DNT: 1
Connection: keep-alive
Referer: https://www2.tiltwin.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
date: Wed, 08 May 2024 23:56:48 GMT
content-type: application/javascript; charset=utf-8
vary: Accept-Encoding
cdn-pullzone: 252412
cdn-uid: b1941f61-b576-4f40-80de-5677acb38f74
cdn-requestcountrycode: DE
access-control-allow-origin: *
cache-control: public, max-age=31919000
etag: W/"eb5fac582a82f296aeb74900b01a2fa3"
last-modified: Mon, 25 Jan 2021 22:04:05 GMT
cdn-cachedat: 10/31/2023 18:58:44
cdn-proxyver: 1.04
cdn-requestpullcode: 200
cdn-requestpullsuccess: True
cdn-edgestorageid: 1047
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
x-content-type-options: nosniff
cdn-status: 200
cdn-requestid: 60c67a738403c1e386a05cc065e58f3d
cdn-cache: HIT
cf-cache-status: HIT
age: 717823
strict-transport-security: max-age=31536000; includeSubDomains; preload
server: cloudflare
cf-ray: 880d6375eadd56c7-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
X-Firefox-Spdy: h2

tracker.tiltwin.com/rotate/194?P=3-cou12fsqsb1se4uouro0&A=5622&B=93374__a8af4640dcf&aff_sub4=a15943a0-0d96-11ef-85d5-6b3163c600f6&email=&aff_sub2=

18.184.180.82

302 Found

17 kB

URL User Request GET HTTP/2
tracker.tiltwin.com/rotate/194?P=3-cou12fsqsb1se4uouro0&A=5622&B=93374__a8af4640dcf&aff_sub4=a15943a0-0d96-11ef-85d5-6b3163c600f6&email=&aff_sub2=
IP
18.184.180.82:443
ASN
#16509 AMAZON-02

Certificate
IssuerLet's Encrypt
Subjecttracker.tiltwin.com
FingerprintAA:F3:4F:0B:89:AF:3C:96:B7:D7:2D:C6:D9:95:BC:EA:4F:C7:69:81
ValidityThu, 11 Apr 2024 18:22:47 GMT - Wed, 10 Jul 2024 18:22:46 GMT

File type

Size
17 kB (17221 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

HTTP Headers

GET /rotate/194?P=3-cou12fsqsb1se4uouro0&A=5622&B=93374__a8af4640dcf&aff_sub4=a15943a0-0d96-11ef-85d5-6b3163c600f6&email=&aff_sub2= HTTP/1.1
Host: tracker.tiltwin.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 302 Found
server: nginx/1.14.0 (Ubuntu)
date: Wed, 08 May 2024 23:56:48 GMT
content-type: text/html; charset=UTF-8
location: https://www2.tiltwin.com/no/landing/165/574?A=5622
set-cookie: tracking_data=%7B%22P%22%3A%223-cou12fsqsb1se4uouro0%22%2C%22A%22%3A%225622%22%2C%22B%22%3A%2293374__a8af4640dcf%22%2C%22aff_sub4%22%3A%22a15943a0-0d96-11ef-85d5-6b3163c600f6%22%2C%22email%22%3Anull%2C%22aff_sub2%22%3Anull%2C%22market%22%3A%22no%22%2C%22path%22%3A%22landing%5C%2F165%5C%2F574%22%2C%22country%22%3A%22NO%22%2C%22page%22%3A%22165%22%2C%22template%22%3A%22574%22%2C%22clickin_ip%22%3A%2291.90.42.154%22%2C%22token%22%3A%22lvyhaulm%22%7D; expires=Thu, 09-May-2024 23:56:48 GMT; Max-Age=86400; path=/; domain=tiltwin.com
impression_data=deleted; expires=Thu, 01-Jan-1970 00:00:01 GMT; Max-Age=0; path=/; domain=tiltwin.com
tw_session=eyJpdiI6IjdmZWNvRnZaV3c2azBCOUJqZTRPQXc9PSIsInZhbHVlIjoiYWR5ckErNVpYdE9MSmdPWXZ4NkRUcnJcLzZzeStMSDdWTTVmbTB2QlB1Vm9ZSFp6TlpTdjFlOVUwZnh3UXJ0U2wiLCJtYWMiOiI2MDI4OWY5MTZiNThiYjZkYThmMmM5ZDE2N2ZhYTZmZmM4MTczOTdlMTc2NzEyNGI3YzZiZDc5Y2Q2YjJlM2JjIn0%3D; expires=Fri, 17-May-2024 07:56:48 GMT; Max-Age=720000; path=/; domain=tiltwin.com
cache-control: private, must-revalidate
pragma: no-cache
expires: -1
X-Firefox-Spdy: h2

www2.tiltwin.com/no/landing/165/574?A=5622

18.184.180.82

200 OK

17 kB

URL User Request GET HTTP/2
www2.tiltwin.com/no/landing/165/574?A=5622
IP
18.184.180.82:443
ASN
#16509 AMAZON-02

Certificate
IssuerLet's Encrypt
Subjectwww2.tiltwin.com
Fingerprint28:6A:DB:F5:7E:17:44:BC:BE:96:A9:46:46:4A:42:5D:EB:F4:DD:C0
ValidityTue, 09 Apr 2024 21:42:56 GMT - Mon, 08 Jul 2024 21:42:55 GMT

File type

Size
17 kB (17221 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

HTTP Headers

GET /no/landing/165/574?A=5622 HTTP/1.1
Host: www2.tiltwin.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Cookie: tracking_data=%7B%22P%22%3A%223-cou12fsqsb1se4uouro0%22%2C%22A%22%3A%225622%22%2C%22B%22%3A%2293374__a8af4640dcf%22%2C%22aff_sub4%22%3A%22a15943a0-0d96-11ef-85d5-6b3163c600f6%22%2C%22email%22%3Anull%2C%22aff_sub2%22%3Anull%2C%22market%22%3A%22no%22%2C%22path%22%3A%22landing%5C%2F165%5C%2F574%22%2C%22country%22%3A%22NO%22%2C%22page%22%3A%22165%22%2C%22template%22%3A%22574%22%2C%22clickin_ip%22%3A%2291.90.42.154%22%2C%22token%22%3A%22lvyhaulm%22%7D; tw_session=eyJpdiI6IjdmZWNvRnZaV3c2azBCOUJqZTRPQXc9PSIsInZhbHVlIjoiYWR5ckErNVpYdE9MSmdPWXZ4NkRUcnJcLzZzeStMSDdWTTVmbTB2QlB1Vm9ZSFp6TlpTdjFlOVUwZnh3UXJ0U2wiLCJtYWMiOiI2MDI4OWY5MTZiNThiYjZkYThmMmM5ZDE2N2ZhYTZmZmM4MTczOTdlMTc2NzEyNGI3YzZiZDc5Y2Q2YjJlM2JjIn0%3D
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
server: nginx/1.14.0 (Ubuntu)
date: Wed, 08 May 2024 23:56:48 GMT
content-type: text/html; charset=UTF-8
cache-control: private, must-revalidate
pragma: no-cache
expires: -1
x-cache-status: HIT
content-encoding: gzip
X-Firefox-Spdy: h2

d2i5a4y6yksdm0.cloudfront.net/images/arrow-down.png

143.204.42.96

200 OK

1.8 kB

URL GET HTTP/2
d2i5a4y6yksdm0.cloudfront.net/images/arrow-down.png
IP
143.204.42.96:443
ASN
#16509 AMAZON-02

Requested by
https://www2.tiltwin.com/no/landing/165/574?A=5622
Certificate
IssuerAmazon
Subject*.cloudfront.net
FingerprintFA:21:45:DC:4D:94:03:A3:09:77:51:78:4A:21:F2:C5:6D:94:BE:52
ValidityTue, 10 Oct 2023 00:00:00 GMT - Thu, 19 Sep 2024 23:59:59 GMT

File type
PNG image data, 30 x 15, 8-bit/color RGBA, non-interlaced
Size
1.8 kB (1757 bytes)
Hash
f2ec75bcfd4ef971fdf9f94bfae939d4
1da4a74612c91011c70b6dec60415b0913356115
2eb6cad7d97dcb417abf1b893dd46385405504196983a251909f40c9965d71d0

HTTP Headers

GET /images/arrow-down.png HTTP/1.1
Host: d2i5a4y6yksdm0.cloudfront.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www2.tiltwin.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
content-type: image/png
content-length: 1757
server: nginx/1.14.0 (Ubuntu)
last-modified: Thu, 12 Jul 2018 16:49:11 GMT
x-cache-status: MISS
accept-ranges: bytes
date: Wed, 08 May 2024 15:13:47 GMT
etag: "5b478687-6dd"
vary: Accept-Encoding
x-cache: Hit from cloudfront
via: 1.1 1d8cf7c8865ed1078c19a98771ad34ca.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-C1
x-amz-cf-id: mGUj59HCjLMoCbYJ6clYqJ7eBPMO3GnKpE5cy0HXJtuyUQtoY0n5qg==
age: 31382
X-Firefox-Spdy: h2

use.fontawesome.com/releases/v5.1.0/css/all.css

104.21.27.152

200 OK

46 kB

URL GET HTTP/2
use.fontawesome.com/releases/v5.1.0/css/all.css
IP
104.21.27.152:443
ASN
#13335 CLOUDFLARENET

Requested by
https://www2.tiltwin.com/no/landing/165/574?A=5622
Certificate
IssuerCloudflare, Inc.
Subjectuse.fontawesome.com
FingerprintCB:BE:6B:C4:5F:DF:18:7A:C3:AD:BF:6C:40:36:18:9F:E2:99:7F:78
ValidityThu, 12 Oct 2023 00:00:00 GMT - Thu, 10 Oct 2024 23:59:59 GMT

File type
ASCII text, with very long lines (45507)
Size
46 kB (45687 bytes)
Hash
826c57385f3d35cfed5478ba7b1f5c03
20d2d431065fc6b38c1187eda564639527e2428e
ce91e2144ea27f82292ef2c87c5d9e1d0b9994df63836130293865aca18fc550

HTTP Headers

GET /releases/v5.1.0/css/all.css HTTP/1.1
Host: use.fontawesome.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://www2.tiltwin.com
DNT: 1
Connection: keep-alive
Referer: https://www2.tiltwin.com/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
date: Wed, 08 May 2024 23:56:48 GMT
content-type: text/css
access-control-allow-origin: *
cache-control: max-age=31556926
etag: W/"826c57385f3d35cfed5478ba7b1f5c03"
last-modified: Fri, 22 Sep 2023 01:44:25 GMT
vary: Origin, Accept-Encoding
cf-cache-status: HIT
age: 714069
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=3x6wuMZsG1WrzHTETD9uxvf%2Bln2xycps67jY0VGrK2cKx6m%2FNK0TyksuzSwVvRaQyM33MOD0wjCxFeZluhx4r9%2B8sCYEiFzv47iT6w6mv8g1uu5lpouDZ9JbVIO9xb5X%2FXPCdaTG"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 880d6376090cb4f3-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
X-Firefox-Spdy: h2

www2.tiltwin.com/no/landing/fonts/IntroBold.ttf

18.184.180.82

404 Not Found

1.6 kB

URL GET HTTP/2
www2.tiltwin.com/no/landing/fonts/IntroBold.ttf
IP
18.184.180.82:443
ASN
#16509 AMAZON-02

Requested by
https://www2.tiltwin.com/no/landing/165/574?A=5622
Certificate
IssuerLet's Encrypt
Subjectwww2.tiltwin.com
Fingerprint28:6A:DB:F5:7E:17:44:BC:BE:96:A9:46:46:4A:42:5D:EB:F4:DD:C0
ValidityTue, 09 Apr 2024 21:42:56 GMT - Mon, 08 Jul 2024 21:42:55 GMT

File type
HTML document, ASCII text, with very long lines (1647), with no line terminators
Size
1.6 kB (1563 bytes)
Hash
317bf5cc7f1d16294f9d7b663e3fa77c
0ae15d263bc1b9c83a2e6b71cdb9055b13ee9e50
c9a7e4a2163503448c1580e80012368dafea92f40b9fd9a4fda92f229328eace

HTTP Headers

GET /no/landing/fonts/IntroBold.ttf HTTP/1.1
Host: www2.tiltwin.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www2.tiltwin.com/no/landing/165/574?A=5622
Cookie: tracking_data=%7B%22P%22%3A%223-cou12fsqsb1se4uouro0%22%2C%22A%22%3A%225622%22%2C%22B%22%3A%2293374__a8af4640dcf%22%2C%22aff_sub4%22%3A%22a15943a0-0d96-11ef-85d5-6b3163c600f6%22%2C%22email%22%3Anull%2C%22aff_sub2%22%3Anull%2C%22market%22%3A%22no%22%2C%22path%22%3A%22landing%5C%2F165%5C%2F574%22%2C%22country%22%3A%22NO%22%2C%22page%22%3A%22165%22%2C%22template%22%3A%22574%22%2C%22clickin_ip%22%3A%2291.90.42.154%22%2C%22token%22%3A%22lvyhaulm%22%7D; tw_session=eyJpdiI6IjdmZWNvRnZaV3c2azBCOUJqZTRPQXc9PSIsInZhbHVlIjoiYWR5ckErNVpYdE9MSmdPWXZ4NkRUcnJcLzZzeStMSDdWTTVmbTB2QlB1Vm9ZSFp6TlpTdjFlOVUwZnh3UXJ0U2wiLCJtYWMiOiI2MDI4OWY5MTZiNThiYjZkYThmMmM5ZDE2N2ZhYTZmZmM4MTczOTdlMTc2NzEyNGI3YzZiZDc5Y2Q2YjJlM2JjIn0%3D
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 404 Not Found
server: nginx/1.14.0 (Ubuntu)
date: Wed, 08 May 2024 23:56:49 GMT
content-type: text/html; charset=UTF-8
cache-control: no-cache, private
pragma: no-cache
expires: -1
content-encoding: gzip
X-Firefox-Spdy: h2

d2i5a4y6yksdm0.cloudfront.net/js/email.js

143.204.42.96

200 OK

7.7 kB

URL GET HTTP/2
d2i5a4y6yksdm0.cloudfront.net/js/email.js
IP
143.204.42.96:443
ASN
#16509 AMAZON-02

Requested by
https://www2.tiltwin.com/no/landing/165/574?A=5622
Certificate
IssuerAmazon
Subject*.cloudfront.net
FingerprintFA:21:45:DC:4D:94:03:A3:09:77:51:78:4A:21:F2:C5:6D:94:BE:52
ValidityTue, 10 Oct 2023 00:00:00 GMT - Thu, 19 Sep 2024 23:59:59 GMT

File type
JavaScript source, ASCII text, with very long lines (7991), with no line terminators
Size
7.7 kB (7660 bytes)
Hash
ae8f3c295b371cdda83939d5f711bf88
ed423bca99d641b2b10cf8e95eb33771b2650c8d
1668c81c020c42102c2743e4c8cf0a4507cc77dc60743df8e793977ad03774d9

HTTP Headers

GET /js/email.js HTTP/1.1
Host: d2i5a4y6yksdm0.cloudfront.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www2.tiltwin.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
content-type: application/javascript; charset=utf-8
server: nginx/1.14.0 (Ubuntu)
last-modified: Wed, 01 Apr 2020 16:25:34 GMT
x-cache-status: MISS
content-encoding: gzip
date: Wed, 08 May 2024 19:46:07 GMT
etag: W/"5e84c07e-1dec"
vary: Accept-Encoding
x-cache: Hit from cloudfront
via: 1.1 1d8cf7c8865ed1078c19a98771ad34ca.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-C1
x-amz-cf-id: oLMi5Y2fwbc3PTiNSjgfMN-9_jVtOR8esXD38uAUUlrWYtsuLJDsGg==
age: 15041
X-Firefox-Spdy: h2

d2i5a4y6yksdm0.cloudfront.net/js/lp/574/createjs-2015.11.26.min.js

143.204.42.96

200 OK

316 kB

URL GET HTTP/2
d2i5a4y6yksdm0.cloudfront.net/js/lp/574/createjs-2015.11.26.min.js
IP
143.204.42.96:443
ASN
#16509 AMAZON-02

Requested by
https://www2.tiltwin.com/no/landing/165/574?A=5622
Certificate
IssuerAmazon
Subject*.cloudfront.net
FingerprintFA:21:45:DC:4D:94:03:A3:09:77:51:78:4A:21:F2:C5:6D:94:BE:52
ValidityTue, 10 Oct 2023 00:00:00 GMT - Thu, 19 Sep 2024 23:59:59 GMT

File type

Size
316 kB (315601 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

HTTP Headers

GET /js/lp/574/createjs-2015.11.26.min.js HTTP/1.1
Host: d2i5a4y6yksdm0.cloudfront.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www2.tiltwin.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
content-type: application/javascript; charset=utf-8
server: nginx/1.14.0 (Ubuntu)
last-modified: Tue, 06 Apr 2021 22:27:11 GMT
x-cache-status: MISS
content-encoding: br
date: Wed, 08 May 2024 03:59:01 GMT
etag: W/"606ce03f-4d0d1"
vary: Accept-Encoding
x-cache: Hit from cloudfront
via: 1.1 1d8cf7c8865ed1078c19a98771ad34ca.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-C1
x-amz-cf-id: BiIe2Nck2Ela2soRvgp7nFQUWV7SoxxwhIiwEyjXcSRZo4UoBHz15Q==
age: 71867
X-Firefox-Spdy: h2

stackpath.bootstrapcdn.com/bootstrap/4.1.1/css/bootstrap.min.css

104.18.11.207

200 OK

141 kB

URL GET HTTP/2
stackpath.bootstrapcdn.com/bootstrap/4.1.1/css/bootstrap.min.css
IP
104.18.11.207:443
ASN
#13335 CLOUDFLARENET

Requested by
https://www2.tiltwin.com/no/landing/165/574?A=5622
Certificate
IssuerGoogle Trust Services LLC
Subjectbootstrapcdn.com
Fingerprint57:B4:25:B9:9C:88:A1:A3:3D:F7:31:74:02:E4:D1:E0:0A:F5:11:63
ValidityWed, 27 Mar 2024 00:22:09 GMT - Tue, 25 Jun 2024 00:22:08 GMT

File type
ASCII text, with very long lines (65324)
Size
141 kB (140930 bytes)
Hash
a7022c6fa83d91db67738d6e3cd3252d
1ae238d0c533b209ea5becf4317e13237ed3d42e
31df1e69ea3aece8a8bae5c08bcb7f5e977cb76f886897b301355359b66a48ec

HTTP Headers

GET /bootstrap/4.1.1/css/bootstrap.min.css HTTP/1.1
Host: stackpath.bootstrapcdn.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://www2.tiltwin.com
DNT: 1
Connection: keep-alive
Referer: https://www2.tiltwin.com/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
date: Wed, 08 May 2024 23:56:48 GMT
content-type: text/css; charset=utf-8
vary: Accept-Encoding
cdn-pullzone: 252412
cdn-uid: b1941f61-b576-4f40-80de-5677acb38f74
cdn-requestcountrycode: US
access-control-allow-origin: *
cache-control: public, max-age=31919000
etag: W/"a7022c6fa83d91db67738d6e3cd3252d"
last-modified: Mon, 25 Jan 2021 22:04:05 GMT
cdn-proxyver: 1.04
cdn-requestpullsuccess: True
cdn-requestpullcode: 200
cdn-cachedat: 10/31/2023 19:01:20
cdn-edgestorageid: 1069
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
x-content-type-options: nosniff
cdn-status: 200
cdn-requestid: 311bc22d9579f2a512af6a21c2b319e8
cdn-cache: HIT
cf-cache-status: HIT
age: 714070
strict-transport-security: max-age=31536000; includeSubDomains; preload
server: cloudflare
cf-ray: 880d6375aac056c7-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
X-Firefox-Spdy: h2

d2i5a4y6yksdm0.cloudfront.net/css/lp/574/style.css

143.204.42.96

200 OK

9.2 kB

URL GET HTTP/2
d2i5a4y6yksdm0.cloudfront.net/css/lp/574/style.css
IP
143.204.42.96:443
ASN
#16509 AMAZON-02

Requested by
https://www2.tiltwin.com/no/landing/165/574?A=5622
Certificate
IssuerAmazon
Subject*.cloudfront.net
FingerprintFA:21:45:DC:4D:94:03:A3:09:77:51:78:4A:21:F2:C5:6D:94:BE:52
ValidityTue, 10 Oct 2023 00:00:00 GMT - Thu, 19 Sep 2024 23:59:59 GMT

File type
ASCII text, with very long lines (9628), with no line terminators
Size
9.2 kB (9154 bytes)
Hash
39ede8222a0bb941d9535da5e893a37a
74bf9f1242a24985e6e7410d84d6d38dbb38a1d2
a8e82a9f09eff4ddf84e65a929fed49ef5f3a067b39bcddfbf0b8794f0922e7d

HTTP Headers

GET /css/lp/574/style.css HTTP/1.1
Host: d2i5a4y6yksdm0.cloudfront.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www2.tiltwin.com/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
content-type: text/css
server: nginx/1.14.0 (Ubuntu)
last-modified: Tue, 06 Apr 2021 18:36:43 GMT
x-cache-status: MISS
content-encoding: br
date: Wed, 08 May 2024 07:56:10 GMT
etag: W/"606caa3b-23c2"
vary: Accept-Encoding
x-cache: Hit from cloudfront
via: 1.1 1d8cf7c8865ed1078c19a98771ad34ca.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-C1
x-amz-cf-id: _yoOEWqjeJ8QTYOqCGYPqwPP4IsYWKj9NDrPi7FH6-tHS5ov3_6ImQ==
age: 57638
X-Firefox-Spdy: h2

Report Overview

Submitted URL

IP

ASN

Submitted

Access

Website Title

Final URL

Tags

urlquery detections

Detections

urlquery

Network Intrusion Detection

Threat Detection Systems

Domain Summary

Related reports

Network Intrusion Detection Systems

Suricata /w Emerging Threats Pro

Threat Detection Systems

Public InfoSec YARA rules

OpenPhish

PhishTank

mnemonic secure dns

Quad9 DNS

ThreatFox

JavaScript (23)

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML