Report - www.leopage.bond/pI-nPb~dYSg

Report Overview

Visited public
2023-12-03 14:27:45
Tags
URL
www.leopage.bond/pI-nPb~dYSg_b37d6c65/C/
Finishing URL
www2.tiltwin.com/no/landing/155/574?A=5622#
IP / ASN
142.93.255.59
#14061 DIGITALOCEAN-ASN
Title
www2.tiltwin.com/no/landing/155/574?A=5622

Detections

urlquery

Network Intrusion Detection

Threat Detection Systems

Domain Summary

Domain / FQDN	Rank	Registered	First Seen	Last Seen	Sent	Received	IP
stackpath.bootstrapcdn.com	2467	2012-05-25	2018-06-15 22:36:43	2023-12-03 05:10:22	978 B	76 kB	104.18.11.207
6w1.sharedlinkconnect.com	unknown	2022-03-07	2022-06-02 23:09:27	2023-11-30 18:18:58	543 B	1.1 kB	179.61.143.121
ocsp2.globalsign.com	1544	1999-04-19	2012-05-23 20:10:04	2023-12-03 05:13:40	357 B	1.9 kB	104.18.20.226
www.googletagmanager.com	75	2011-11-11	2013-05-22 04:07:37	2023-12-03 06:51:04	903 B	152 kB	216.58.207.200
d2i5a4y6yksdm0.cloudfront.net	unknown	2008-04-25	2022-02-21 08:50:07	2023-12-01 20:28:52	6.1 kB	445 kB	143.204.42.96
use.fontawesome.com	942	2012-10-18	2017-01-30 05:43:25	2023-12-03 05:10:51	479 B	25 kB	172.64.140.13
www2.tiltwin.com	unknown	2018-04-05	2020-06-23 17:35:30	2023-12-02 13:15:40	16 kB	251 kB	18.184.180.82
ocsp.starfieldtech.com	6616	2003-03-06	2012-06-22 20:08:50	2023-12-03 05:10:20	1.4 kB	11 kB	192.124.249.41
www.acgt31trk.com	unknown	unknown	No data	No data	632 B	832 B	34.36.47.115
code.jquery.com	634	2005-12-10	2012-05-21 19:28:02	2023-12-03 05:09:22	422 B	31 kB	151.101.2.137
www.dynabizss.com	unknown	2023-04-19	2023-04-20 09:47:37	2023-11-19 20:24:32	530 B	930 B	34.102.195.19
6w1.readyspinsconnected.com	unknown	2023-05-08	2023-08-31 16:09:32	2023-11-19 20:24:34	578 B	1.2 kB	179.61.143.67
tracker.tiltwin.com	unknown	2018-04-05	2020-04-21 08:18:54	2023-11-20 03:41:45	614 B	18 kB	18.184.180.82
www.leopage.bond	unknown	unknown	No data	No data	422 B	675 B	142.93.255.59
c.tilttrk.com	835351	2019-09-26	2020-09-05 15:22:36	2023-12-02 06:07:37	573 B	1.6 kB	52.215.110.17

Related reports

Network Intrusion Detection Systems

Suricata /w Emerging Threats Pro

Timestamp	Severity	Source IP	Destination IP	Alert
2023-12-03 14:27:31	high	142.93.255.59	Client IP	ET POLICY Self Signed SSL Certificate (SomeOrganizationalUnit)
2023-12-03 14:27:32	high	142.93.255.59	Client IP	ET POLICY Self Signed SSL Certificate (SomeOrganizationalUnit)
2023-12-03 14:27:32	high	142.93.255.59	Client IP	ET POLICY Self Signed SSL Certificate (SomeOrganizationalUnit)

Threat Detection Systems

Public InfoSec YARA rules

No alerts detected

OpenPhish

No alerts detected

PhishTank

No alerts detected

mnemonic secure dns

No alerts detected

Quad9 DNS

No alerts detected

ThreatFox

No alerts detected

JavaScript (23)

	URL	From	Size	First Seen	Last Seen
	www2.tiltwin.com/no/landing/155/574?A=5622	ScriptElement	208 B	2023-03-08	2025-02-27
Pretty URL www2.tiltwin.com/no/landing/155/574?A=5622 IP 18.184.180.82 ASN #16509 AMAZON-02 Introduced by scriptElement Embedded in HTML true Observations First Seen2023-03-08 15:50 Last Seen2025-02-27 17:22 Times Seen70 Hash c044e113925e98500f25982b86a0fdff daed47c201f9afb037d41a92bdd05f7093cd6ecf 0f791d821b796b340b503586bbeac64a6f79c03b6b2002413990191074398d7b Loading...

	www2.tiltwin.com/no/landing/155/574?A=5622	ScriptElement	150 B	2023-03-08	2025-02-27
Pretty URL www2.tiltwin.com/no/landing/155/574?A=5622 IP 18.184.180.82 ASN #16509 AMAZON-02 Introduced by scriptElement Embedded in HTML true Observations First Seen2023-03-08 15:50 Last Seen2025-02-27 17:22 Times Seen70 Hash a749cacc88b6bb0343d1af61daa58089 7b5cf2387b40786b7b6494ff2f7ba69d4868f522 e9e0355ed57c138ece248c4cfb5aacae1d35223d03db8202a214f975e226c25d Loading...

	www2.tiltwin.com/no/landing/155/574?A=5622	ScriptElement	382 B	2023-03-08	2025-02-27
Pretty URL www2.tiltwin.com/no/landing/155/574?A=5622 IP 18.184.180.82 ASN #16509 AMAZON-02 Introduced by scriptElement Embedded in HTML true Observations First Seen2023-03-08 15:50 Last Seen2025-02-27 17:22 Times Seen70 Hash cf8c31d51ad384acb6aee14176efb273 973a259a2c1e5ef6062f82fa79f4e607b9fa2a9a ecee0ee5402e18f4a0d5a4d7facfc0bc6bd226de09a4e1b0e2cc82351faf3622 Loading...

	www.googletagmanager.com/gtag/js?id=G-N43BLYJLJR&l=dataLayer&cx=c	ScriptElement	229 kB	2023-12-03	2023-12-03
Pretty URL www.googletagmanager.com/gtag/js?id=G-N43BLYJLJR&l=dataLayer&cx=c IP 216.58.207.200 ASN #15169 GOOGLE Introduced by scriptElement Embedded in HTML false Observations First Seen2023-12-03 15:27 Last Seen2023-12-03 15:27 Times Seen1 Hash 339abb5660476b7a63322f11efee45fe 7d6f4b22f810d9988802a1f4c81db827dc577aa3 1e4ce96918cdd6a57728fc53fa718ba2ae4cbae3a2b6c312e3f96d4bd06e3d09 Loading...

	www2.tiltwin.com/no/landing/155/574?A=5622	ScriptElement	6 B	2023-03-07	2025-05-07
Pretty URL www2.tiltwin.com/no/landing/155/574?A=5622 IP 18.184.180.82 ASN #16509 AMAZON-02 Introduced by scriptElement Embedded in HTML true Observations First Seen2023-03-07 01:14 Last Seen2025-05-07 23:01 Times Seen8326 Hash edaddb8132e9e0880252c5b6c47bf1c1 dc08b5b6ca432b46cca94f1f297491e1b08736ea b98809417c0240085bf70f2a1127f0b622c1514651737e7e4ffac4b39e4da17e Loading...

	www2.tiltwin.com/no/landing/155/574?A=5622	ScriptElement	179 B	2023-03-08	2025-02-27
Pretty URL www2.tiltwin.com/no/landing/155/574?A=5622 IP 18.184.180.82 ASN #16509 AMAZON-02 Introduced by scriptElement Embedded in HTML true Observations First Seen2023-03-08 15:50 Last Seen2025-02-27 17:22 Times Seen70 Hash 902b8a48de900afbed78ba1eaf41c07b 0fa640ed14371367da61a23c1013b9721e9cb73c 5ee0181c71821017b03c0ae68e7cf4b3b50eb13dab44e7849550da09f9716b64 Loading...

	www2.tiltwin.com/no/landing/155/574?A=5622	ScriptElement	362 B	2023-03-08	2025-02-27
Pretty URL www2.tiltwin.com/no/landing/155/574?A=5622 IP 18.184.180.82 ASN #16509 AMAZON-02 Introduced by scriptElement Embedded in HTML true Observations First Seen2023-03-08 15:50 Last Seen2025-02-27 17:22 Times Seen70 Hash 6fb5737acb01e40fc7222014a1234c29 2355d378b83c675d50093fe1453e6339e73ac475 4be3ebb2cd036c68b31f00084116d1cf06245366b17a8127c439ab953fa2ab1c Loading...

	www.googletagmanager.com/gtag/js?id=UA-144971979-1	ScriptElement	191 kB	2023-12-03	2023-12-03
Pretty URL www.googletagmanager.com/gtag/js?id=UA-144971979-1 IP 216.58.207.200 ASN #15169 GOOGLE Introduced by scriptElement Embedded in HTML false Observations First Seen2023-12-03 15:27 Last Seen2023-12-03 15:27 Times Seen1 Hash ceea6703b66b66839e03d661a0726a29 ac96351f91820d685743324c849dccf7f59711e3 e86e64b31ad30caf5fadf584dbbdf6785ffc4997a83749344d301d8f6759da6b Loading...

	stackpath.bootstrapcdn.com/bootstrap/4.1.1/js/bootstrap.min.js	ScriptElement	51 kB	2023-03-07	2025-05-08
Pretty URL stackpath.bootstrapcdn.com/bootstrap/4.1.1/js/bootstrap.min.js IP 104.18.11.207 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:14 Last Seen2025-05-08 23:40 Times Seen992 Hash eb5fac582a82f296aeb74900b01a2fa3 fffea98e12e63b66693d567315a2f32392b780b0 c5a17d46976d471cf060c5a0e25749a323d6ab20cf0910f40afed81047ba21ef Loading...

	www2.tiltwin.com/no/landing/155/574?A=5622	ScriptElement	179 B	2023-03-08	2025-02-27
Pretty URL www2.tiltwin.com/no/landing/155/574?A=5622 IP 18.184.180.82 ASN #16509 AMAZON-02 Introduced by scriptElement Embedded in HTML true Observations First Seen2023-03-08 15:50 Last Seen2025-02-27 17:22 Times Seen70 Hash d603834bfd0f1d1a26fa61c9e9807fa4 a4746d051624cb79a1dfac65e76c0c8c20722be2 553088761dd713eed2fcbc4b97135b5d986f26f9a43f6b088ba260852d96a7e8 Loading...

	www2.tiltwin.com/no/landing/155/574?A=5622	ScriptElement	224 B	2023-06-30	2025-02-27
Pretty URL www2.tiltwin.com/no/landing/155/574?A=5622 IP 18.184.180.82 ASN #16509 AMAZON-02 Introduced by scriptElement Embedded in HTML true Observations First Seen2023-06-30 17:21 Last Seen2025-02-27 17:22 Times Seen70 Hash 68e959f2e03499d08c4b87bb3a2e32fd dcd4e00f91663c250abc87dd827674a1edfbf492 534d543ddc940d7031b833a67128b8654ca9ccb7bd0e161a11f396092a95dd35 Loading...

	www2.tiltwin.com/no/landing/155/574?A=5622	ScriptElement	187 B	2023-03-08	2025-02-27
Pretty URL www2.tiltwin.com/no/landing/155/574?A=5622 IP 18.184.180.82 ASN #16509 AMAZON-02 Introduced by scriptElement Embedded in HTML true Observations First Seen2023-03-08 15:50 Last Seen2025-02-27 17:22 Times Seen70 Hash d458e19ae9d4d8a1d0598c8db97a29f6 e5a04f96be0c9416a66c62950fc49f1fd02fcc5a 69c643e7f0e799242b0772b395bf23b29dac2874093c40fb4d9e990a842e80c5 Loading...

	d2i5a4y6yksdm0.cloudfront.net/js/email.js	ScriptElement	7.7 kB	2023-03-08	2025-02-27
Pretty URL d2i5a4y6yksdm0.cloudfront.net/js/email.js IP 143.204.42.96 ASN #16509 AMAZON-02 Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-08 15:50 Last Seen2025-02-27 17:22 Times Seen70 Hash 8ae8d4cb99fd8a2253f956a11bf41f14 474cb04ef08b2bbb5d4c28ec5995326671c61a98 13f194a984d4bf121ed5887e81e6c7b996c4dd1a15ba1bb3f0366a9109f62ad4 Loading...

	www.google-analytics.com/analytics.js	ScriptElement	4.7 kB	2023-04-11	2025-05-09
Pretty URL www.google-analytics.com/analytics.js IP 0.0.0.0 ASN #0 Introduced by scriptElement Embedded in HTML false Observations First Seen2023-04-11 21:07 Last Seen2025-05-09 08:48 Times Seen340603 Hash f24128d0c9cba7be2916c693427a3483 1b6397d496ea896ebc2018b01b995cee4f166029 58173de4697da1a218f04c3a783a733bab4e769ceabc37cd42da9dc3e036a7e8 Loading...

	www2.tiltwin.com/no/landing/155/574?A=5622	ScriptElement	1.3 kB	2023-03-08	2025-02-27
Pretty URL www2.tiltwin.com/no/landing/155/574?A=5622 IP 18.184.180.82 ASN #16509 AMAZON-02 Introduced by scriptElement Embedded in HTML true Observations First Seen2023-03-08 15:50 Last Seen2025-02-27 17:22 Times Seen70 Hash 8c3eb9a4233f31ff1b6636707748521c 487d44faf0b63700139349278bab90ece0dfdb0f 6f0cd6d1caab6fecabae22b237e8855ff4606826557ef1ae60962a86005c3703 Loading...

	www2.tiltwin.com/no/landing/155/574?A=5622	ScriptElement	704 B	2023-03-08	2025-02-27
Pretty URL www2.tiltwin.com/no/landing/155/574?A=5622 IP 18.184.180.82 ASN #16509 AMAZON-02 Introduced by scriptElement Embedded in HTML true Observations First Seen2023-03-08 15:50 Last Seen2025-02-27 17:22 Times Seen70 Hash 7f613633ee584b173960cff433e24218 cdc22a74d8cda99aaad234b3c7c7301f7a69cdf5 9e8133ea108b5bb4bbda3d91396da07c8836c4b872b9222b2c145961d6c6e94a Loading...

	d2i5a4y6yksdm0.cloudfront.net/js/lp/574/createjs-2015.11.26.min.js	ScriptElement	316 kB	2023-03-08	2025-02-27
Pretty URL d2i5a4y6yksdm0.cloudfront.net/js/lp/574/createjs-2015.11.26.min.js IP 143.204.42.96 ASN #16509 AMAZON-02 Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-08 15:50 Last Seen2025-02-27 17:22 Times Seen70 Hash 5c1c90af5e2d8dde5c4ec534f16f9df7 c655b684a2d343b9777a5d6f3bc5160f784a4e87 5d06544ac07fb7d80c035ec696c5a4a0f3ee6ac9de82e837d45304b88a55e379 Loading...

	www2.tiltwin.com/no/landing/155/574?A=5622	ScriptElement	263 B	2023-03-08	2025-02-27
Pretty URL www2.tiltwin.com/no/landing/155/574?A=5622 IP 18.184.180.82 ASN #16509 AMAZON-02 Introduced by scriptElement Embedded in HTML true Observations First Seen2023-03-08 15:50 Last Seen2025-02-27 17:22 Times Seen70 Hash b9695899bc6fd54aef916849ad934af5 bdd27ea149e2164f293b69568dbfe37fe8b05c9b bdee14ebe62295b7bbd0546e3e9ba0052d4b8fc18af509307f426fe2efbc82eb Loading...

	www2.tiltwin.com/no/landing/155/574?A=5622	ScriptElement	299 B	2023-03-08	2025-02-27
Pretty URL www2.tiltwin.com/no/landing/155/574?A=5622 IP 18.184.180.82 ASN #16509 AMAZON-02 Introduced by scriptElement Embedded in HTML true Observations First Seen2023-03-08 15:50 Last Seen2025-02-27 17:22 Times Seen70 Hash bcc75be67af9dc8ed24f3eb6e7b154f8 1e81c88eaffddf9fba20577fb1fff81eca63fd1b e9c4f874db19d9751e80daa71742ee5312501b544d398cd8a467a955367e19e2 Loading...

	unknown	EventHandler	7 B	2023-03-10	2025-05-07
Pretty Introduced by eventHandler Embedded in HTML false Observations First Seen2023-03-10 12:50 Last Seen2025-05-07 08:15 Times Seen839 Hash 907ff32016c8e95da3b470712b3407e2 58d5164eb8654c00bccd982ddf22734ff34a2fcb 1849cce6ad67618fe20029f2313768bfeb4da7d3857019e70e03575176953577 Loading...

	code.jquery.com/jquery-3.4.1.min.js	ScriptElement	88 kB	2023-03-07	2025-05-09
Pretty URL code.jquery.com/jquery-3.4.1.min.js IP 151.101.2.137 ASN #54113 FASTLY Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:02 Last Seen2025-05-09 09:02 Times Seen68099 Hash 220afd743d9e9643852e31a135a9f3ae 88523924351bac0b5d560fe0c5781e2556e7693d 0925e8ad7bd971391a8b1e98be8e87a6971919eb5b60c196485941c3c1df089a Loading...

	www2.tiltwin.com/no/landing/155/sandbox%20eval%20code		147 B	2023-04-11	2025-05-09
Pretty URL www2.tiltwin.com/no/landing/155/sandbox%20eval%20code IP 0.0.0.0 ASN #0 Introduced by Embedded in HTML false Observations First Seen2023-04-11 21:07 Last Seen2025-05-09 08:48 Times Seen341404 Hash 92b651082ce234f66bb544e678befda3 14c21c55ddce43b6f677caadf51d4ab98c6a3df8 25d57d1d97abeb84531d3d3e5754dd5cb19a2c115edfa7cfc7af8247084faded Loading...

	d2i5a4y6yksdm0.cloudfront.net/js/js.cookie.js	ScriptElement	3.9 kB	2023-03-07	2025-05-01
Pretty URL d2i5a4y6yksdm0.cloudfront.net/js/js.cookie.js IP 143.204.42.96 ASN #16509 AMAZON-02 Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:02 Last Seen2025-05-01 16:53 Times Seen311 Hash 8ff1c89f24a8ca6f91f77389a0b70449 e15afaaeee3ff47128be726bab45e509b19127c5 6533050afa2e853568cd4b0b8048ed64e94963e38088b226575a7cca8054f4e2 Loading...

HTTP Transactions (43)

	URL	IP	Response	Size
	www.leopage.bond/pI-nPb~dYSg_b37d6c65/C/	142.93.255.59	302 Found	264 B
URL User Request GET HTTP/1.1 www.leopage.bond/pI-nPb~dYSg_b37d6c65/C/ IP 142.93.255.59:80 ASN #14061 DIGITALOCEAN-ASN File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text Size 264 B (264 bytes) Hash 6bde070324e6cd641e671936df23aa3b 34752aa157c4311aa57234d4cd90a1d048aa27f7 4aafcf6f1bc814f7b68e41e3a9702aaac617ee484feb9a3574042a22cd00657a HTTP Headers `GET /pI-nPb~dYSg_b37d6c65/C/ HTTP/1.1 Host: www.leopage.bond User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,/;q=0.8 Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate DNT: 1 Connection: keep-alive Upgrade-Insecure-Requests: 1 Pragma: no-cache Cache-Control: no-cache` `HTTP/1.1 302 Found Date: Sun, 03 Dec 2023 14:27:26 GMT Server: Apache/2.4.6 (CentOS) OpenSSL/1.0.2k-fips PHP/5.4.16 User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64; rv:34.0) Gecko/20100101 Firefox/34.0 Location: https://www.dynabizss.com/2BLX7MXD7/3KRKTD9/?sub1=GI&sub2=ROBO&sub3=HTML Content-Length: 264 Keep-Alive: timeout=5, max=100 Connection: Keep-Alive Content-Type: text/html; charset=iso-8859-1`

	ocsp.starfieldtech.com/	192.124.249.41		2.1 kB
URL ocsp.starfieldtech.com/ IP 192.124.249.41:0 ASN #30148 SUCURI-SEC File type data Size 2.1 kB (2149 bytes) Hash a48b5f2f136c475707bced4468b3388b 631022476ce892313dfb9c2f49dc7caf0ee0be35 e50d4788008d40a2e323145049cfee21c85eda85e4d138053045df8a6270b13e HTTP Headers `POST / HTTP/1.1 Host: ocsp.starfieldtech.com User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate Content-Type: application/ocsp-request Content-Length: 76 Connection: keep-alive Pragma: no-cache Cache-Control: no-cache` `HTTP/1.1 200 OK Server: Sucuri/Cloudproxy Date: Sun, 03 Dec 2023 14:27:26 GMT Content-Type: application/ocsp-response Content-Length: 2149 Connection: keep-alive X-Sucuri-ID: 19041 Content-Transfer-Encoding: Binary Cache-Control: public, no-transform, must-revalidate Last-Modified: Sun, 03 Dec 2023 10:05:00 GMT Expires: Mon, 04 Dec 2023 10:05:00 GMT ETag: "631022476ce892313dfb9c2f49dc7caf0ee0be35" P3P: CP="IDC DSP COR LAW CUR ADM DEV TAI PSA PSD IVA IVD HIS OUR SAM PUB LEG UNI COM NAV STA"`

	www.dynabizss.com/2BLX7MXD7/3KRKTD9/?sub1=GI&sub2=ROBO&sub3=HTML	34.102.195.19	302 Found	241 B
URL User Request GET HTTP/2 www.dynabizss.com/2BLX7MXD7/3KRKTD9/?sub1=GI&sub2=ROBO&sub3=HTML IP 34.102.195.19:443 ASN #15169 GOOGLE Certificate IssuerStarfield Technologies, Inc. Subject4682track.com Fingerprint8A:13:F1:6C:D1:D1:E7:7B:1F:93:BD:D8:CA:7F:FB:29:7B:54:54:F2 ValidityWed, 04 Oct 2023 18:34:03 GMT - Sun, 29 Sep 2024 12:21:24 GMT File type HTML document, ASCII text Size 241 B (241 bytes) Hash b10e5a2b09fcb76ce336b9da925cb7ae 26573d91f12d3091cd349d25f4942fa3024ce559 388d57f102c9aa9914763d9c3547eea22bccd8a766c8edbbb2f5a556e4db805a HTTP Headers GET /2BLX7MXD7/3KRKTD9/?sub1=GI&sub2=ROBO&sub3=HTML HTTP/1.1 Host: www.dynabizss.com User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,/;q=0.8 Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br DNT: 1 Connection: keep-alive Upgrade-Insecure-Requests: 1 Sec-Fetch-Dest: document Sec-Fetch-Mode: navigate Sec-Fetch-Site: cross-site Pragma: no-cache Cache-Control: no-cache HTTP/2 302 Found server: nginx date: Sun, 03 Dec 2023 14:27:27 GMT content-type: text/html; charset=utf-8 content-length: 241 accept-ch: Sec-Ch-Ua-Platform-Version,Sec-Ch-Ua-Model location: https://www.acgt31trk.com/2BLX7MXD7/D42TT/?__rpt=0&__po=1468&__ptid=83605d533f334b878dc53320f65a5997&__rpa=1&__rc=1&sub1=GI&sub2=ROBO&sub3=HTML&sub4=&sub5=&source_id=&__pcd=9 set-cookie: uniqueClick_3KRKTD9=a4eb303b-b6b5-46e6-8384-b68bef2c49df:1701613647; Path=/; Expires=Mon, 04 Dec 2023 14:27:27 GMT; Secure; SameSite=None vary: Origin x-eflow-request-id: 144e2563-0517-4025-9024-e520c0beca39 via: 1.1 google alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 X-Firefox-Spdy: h2

	ocsp.starfieldtech.com/	192.124.249.41		2.1 kB
URL ocsp.starfieldtech.com/ IP 192.124.249.41:0 ASN #30148 SUCURI-SEC File type data Size 2.1 kB (2149 bytes) Hash 2e153043d5efeca5d1252173a87b24dc 774774ad25c2b9f45ac1c3741bb46d85a83a5b9c 523a065f3f80be8e19cd8980c824753382d014cda658d6bac46abda1d0884253 HTTP Headers `POST / HTTP/1.1 Host: ocsp.starfieldtech.com User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate Content-Type: application/ocsp-request Content-Length: 76 Connection: keep-alive Pragma: no-cache Cache-Control: no-cache` `HTTP/1.1 200 OK Server: Sucuri/Cloudproxy Date: Sun, 03 Dec 2023 14:27:27 GMT Content-Type: application/ocsp-response Content-Length: 2149 Connection: keep-alive X-Sucuri-ID: 19041 Content-Transfer-Encoding: Binary Cache-Control: public, no-transform, must-revalidate Last-Modified: Sun, 03 Dec 2023 11:26:44 GMT Expires: Mon, 04 Dec 2023 11:26:44 GMT ETag: "774774ad25c2b9f45ac1c3741bb46d85a83a5b9c" P3P: CP="IDC DSP COR LAW CUR ADM DEV TAI PSA PSD IVA IVD HIS OUR SAM PUB LEG UNI COM NAV STA"`

	ocsp.starfieldtech.com/	192.124.249.36		2.1 kB
URL ocsp.starfieldtech.com/ IP 192.124.249.36:0 ASN #30148 SUCURI-SEC File type data Size 2.1 kB (2149 bytes) Hash a48b5f2f136c475707bced4468b3388b 631022476ce892313dfb9c2f49dc7caf0ee0be35 e50d4788008d40a2e323145049cfee21c85eda85e4d138053045df8a6270b13e HTTP Headers `POST / HTTP/1.1 Host: ocsp.starfieldtech.com User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate Content-Type: application/ocsp-request Content-Length: 76 Connection: keep-alive Pragma: no-cache Cache-Control: no-cache` `HTTP/1.1 200 OK Server: Sucuri/Cloudproxy Date: Sun, 03 Dec 2023 14:27:27 GMT Content-Type: application/ocsp-response Content-Length: 2149 Connection: keep-alive X-Sucuri-ID: 19036 Content-Transfer-Encoding: Binary Cache-Control: public, no-transform, must-revalidate Last-Modified: Sun, 03 Dec 2023 10:05:00 GMT Expires: Mon, 04 Dec 2023 10:05:00 GMT ETag: "631022476ce892313dfb9c2f49dc7caf0ee0be35" P3P: CP="IDC DSP COR LAW CUR ADM DEV TAI PSA PSD IVA IVD HIS OUR SAM PUB LEG UNI COM NAV STA"`

	www.acgt31trk.com/2BLX7MXD7/D42TT/?__rpt=0&__po=1468&__ptid=83605d533f334b878dc53320f65a5997&__rpa=1&__rc=1&sub1=GI&sub2=ROBO&sub3=HTML&sub4=&sub5=&source_id=&__pcd=9	34.36.47.115	302 Found	116 B
URL User Request GET HTTP/2 www.acgt31trk.com/2BLX7MXD7/D42TT/?__rpt=0&__po=1468&__ptid=83605d533f334b878dc53320f65a5997&__rpa=1&__rc=1&sub1=GI&sub2=ROBO&sub3=HTML&sub4=&sub5=&source_id=&__pcd=9 IP 34.36.47.115:443 ASN #0 Certificate IssuerStarfield Technologies, Inc. Subjectacgt1trk.com Fingerprint02:5F:68:B9:03:AD:3A:B1:BA:8B:E4:34:F5:C5:04:F9:F7:41:02:54 ValiditySun, 24 Sep 2023 13:27:01 GMT - Fri, 25 Oct 2024 13:27:01 GMT File type HTML document, ASCII text Size 116 B (116 bytes) Hash 0d8b95b4aaad0b10d8bc9bc06ff80035 445f4486a8a4d83407bd34b037c4bf48dff1240c 49870a12d0243621676c906bce54d902465c550ec9fc29bf6dd09351768d9da6 HTTP Headers GET /2BLX7MXD7/D42TT/?__rpt=0&__po=1468&__ptid=83605d533f334b878dc53320f65a5997&__rpa=1&__rc=1&sub1=GI&sub2=ROBO&sub3=HTML&sub4=&sub5=&source_id=&__pcd=9 HTTP/1.1 Host: www.acgt31trk.com User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,/;q=0.8 Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br DNT: 1 Connection: keep-alive Upgrade-Insecure-Requests: 1 Sec-Fetch-Dest: document Sec-Fetch-Mode: navigate Sec-Fetch-Site: cross-site Pragma: no-cache Cache-Control: no-cache HTTP/2 302 Found server: nginx date: Sun, 03 Dec 2023 14:27:27 GMT content-type: text/html; charset=utf-8 content-length: 116 accept-ch: Sec-Ch-Ua-Platform-Version,Sec-Ch-Ua-Model location: https://6w1.sharedlinkconnect.com/?s1=650010&s2=5b39e3f2096d4604aa603ef5ba9cd235&s3=8 set-cookie: uniqueClick_D42TT=1e1318f8-2643-41a5-9ad5-6944181bcf79:1701613647; Path=/; Expires=Mon, 04 Dec 2023 14:27:27 GMT; Secure; SameSite=None transaction_id=5b39e3f2096d4604aa603ef5ba9cd235; Path=/; Expires=Sat, 02 Mar 2024 14:27:27 GMT; Secure; SameSite=None vary: Origin x-eflow-request-id: 7c43c13c-c99e-438f-9aaa-498b2e1fd8ce via: 1.1 google alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 X-Firefox-Spdy: h2

	ocsp.starfieldtech.com/	192.124.249.36		2.1 kB
URL ocsp.starfieldtech.com/ IP 192.124.249.36:0 ASN #30148 SUCURI-SEC File type data Size 2.1 kB (2149 bytes) Hash 2e153043d5efeca5d1252173a87b24dc 774774ad25c2b9f45ac1c3741bb46d85a83a5b9c 523a065f3f80be8e19cd8980c824753382d014cda658d6bac46abda1d0884253 HTTP Headers `POST / HTTP/1.1 Host: ocsp.starfieldtech.com User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate Content-Type: application/ocsp-request Content-Length: 76 Connection: keep-alive Pragma: no-cache Cache-Control: no-cache` `HTTP/1.1 200 OK Server: Sucuri/Cloudproxy Date: Sun, 03 Dec 2023 14:27:27 GMT Content-Type: application/ocsp-response Content-Length: 2149 Connection: keep-alive X-Sucuri-ID: 19036 Content-Transfer-Encoding: Binary Cache-Control: public, no-transform, must-revalidate Last-Modified: Sun, 03 Dec 2023 11:26:44 GMT Expires: Mon, 04 Dec 2023 11:26:44 GMT ETag: "774774ad25c2b9f45ac1c3741bb46d85a83a5b9c" P3P: CP="IDC DSP COR LAW CUR ADM DEV TAI PSA PSD IVA IVD HIS OUR SAM PUB LEG UNI COM NAV STA"`

	6w1.sharedlinkconnect.com/?s1=650010&s2=5b39e3f2096d4604aa603ef5ba9cd235&s3=8	179.61.143.121	302 Found	290 B
URL User Request GET HTTP/2 6w1.sharedlinkconnect.com/?s1=650010&s2=5b39e3f2096d4604aa603ef5ba9cd235&s3=8 IP 179.61.143.121:443 ASN #61317 Ipxo Uk Limited Certificate IssuerLet's Encrypt Subjectsharedlinkconnect.com Fingerprint57:B3:26:AD:E4:4A:64:C3:A9:DE:E1:D3:D9:E7:FF:5E:13:0B:DA:1F ValiditySun, 05 Nov 2023 22:52:59 GMT - Sat, 03 Feb 2024 22:52:58 GMT File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text Size 290 B (290 bytes) Hash 1d4b77c431da64e6740304969b27dba0 74f4112ad004a47da7b13d35798738400cd0a50d 4951e03695d7641e6c26e406c49038507299fd0bc7c1b6f395cae1676791cd4f HTTP Headers GET /?s1=650010&s2=5b39e3f2096d4604aa603ef5ba9cd235&s3=8 HTTP/1.1 Host: 6w1.sharedlinkconnect.com User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,/;q=0.8 Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br DNT: 1 Connection: keep-alive Upgrade-Insecure-Requests: 1 Sec-Fetch-Dest: document Sec-Fetch-Mode: navigate Sec-Fetch-Site: cross-site Pragma: no-cache Cache-Control: no-cache HTTP/2 302 Found date: Sun, 03 Dec 2023 14:27:28 GMT content-type: text/html; charset=UTF-8 content-length: 290 cache-control: no-cache, private location: https://6w1.readyspinsconnected.com/o/L1VFHTSC/162d05f2-91e8-11ee-90fb-2363dbc47d40/1636274a-91e8-11ee-a7c6-51367b9a3a67 x-redir: true set-cookie: yredir_session=eyJpdiI6InlUZTE4azhqamdIc0JlUlZya0VnREE9PSIsInZhbHVlIjoibWh4NHdMVFJrS2l1QnNUQkp3NG1IbU03QXI3eStuZDhXUDlkZG1kVzAzVzBrTHl2TEFGWHJIbFRSZGRmM0I3NjNQUjJXRWl2cUgrdFd5K3BtRmd3OW5qR1p3blI4UklRQlVXcy8zL2dwcXowaXNudWlkR243REdBWVdXY1FHM0oiLCJtYWMiOiJlOTc5YWQ2MjM2YWE5NjNkZmExYTQ4NTk1MmJlZTVmYjY0MGNhZjJiMGE3YTdiY2RlYWYyZDkxNDdmYTI1MWQxIiwidGFnIjoiIn0%3D; expires=Sun, 03-Dec-2023 16:27:28 GMT; path=/; httponly; samesite=lax server: swoole-http-server content-encoding: br strict-transport-security: max-age=15768000 X-Firefox-Spdy: h2

	6w1.readyspinsconnected.com/o/L1VFHTSC/162d05f2-91e8-11ee-90fb-2363dbc47d40/1636274a-91e8-11ee-a7c6-51367b9a3a67	179.61.143.67	302 Found	303 B
URL User Request GET HTTP/2 6w1.readyspinsconnected.com/o/L1VFHTSC/162d05f2-91e8-11ee-90fb-2363dbc47d40/1636274a-91e8-11ee-a7c6-51367b9a3a67 IP 179.61.143.67:443 ASN #61317 Ipxo Uk Limited Certificate IssuerLet's Encrypt Subjectreadyspinsconnected.com FingerprintEE:1E:8F:55:03:CE:BF:17:AF:D6:3D:AD:3F:13:B6:61:79:05:4D:B1 ValiditySun, 05 Nov 2023 13:32:31 GMT - Sat, 03 Feb 2024 13:32:30 GMT File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text, with very long lines (309) Size 303 B (303 bytes) Hash d87deea16cd4158e6bc3d360f9c84be6 b23e271dd6d1f897eec2dc08be16c0b19969d3a3 868bce684a0e2c72ad957bfa39135752dfc39b05d2f57a1959d3b3f44c9167dd HTTP Headers GET /o/L1VFHTSC/162d05f2-91e8-11ee-90fb-2363dbc47d40/1636274a-91e8-11ee-a7c6-51367b9a3a67 HTTP/1.1 Host: 6w1.readyspinsconnected.com User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,/;q=0.8 Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br DNT: 1 Connection: keep-alive Upgrade-Insecure-Requests: 1 Sec-Fetch-Dest: document Sec-Fetch-Mode: navigate Sec-Fetch-Site: cross-site Pragma: no-cache Cache-Control: no-cache HTTP/2 302 Found date: Sun, 03 Dec 2023 14:27:29 GMT content-type: text/html; charset=UTF-8 content-length: 303 cache-control: no-cache, private location: https://c.tilttrk.com/?a=5622&c=863&E=TtqGvAvetqA%3d&s2=85287__15704ff106c&s4=16fdd538-91e8-11ee-9de0-b924da04a038& x-redir: true set-cookie: yredir_session=eyJpdiI6Im5HOFVpTjhFcmR0NXliVEN5L21KZ1E9PSIsInZhbHVlIjoic2Q1V3NtbG52VEZ1VGVMNDUwUnBIWnlVR1l0Y2ZNcUFlUUdLcnRTRWlwYUpGZ3RBQmtEMFVIQVpIRjlscXRvQjE1Wms2R2tLQ2w4Vks4UTJVaDdzYlcyZkhPMkFRQ09MenB5WVhNYU0xb0MyNjlESGFDemQ5Z284MmsyUVpVR0ciLCJtYWMiOiJmOGEyOWY5NjVkYmRhNzA4NGQ3NTBhMWM1ZmE3MDMwNmQwYTMwOTIyZmFjN2Y1NzBmYmM5OTUwMTVhNjc3NmYxIiwidGFnIjoiIn0%3D; expires=Sun, 03-Dec-2023 16:27:29 GMT; path=/; httponly; samesite=lax server: swoole-http-server content-encoding: br strict-transport-security: max-age=15768000 X-Firefox-Spdy: h2

	ocsp2.globalsign.com/gsalphasha2g2	104.18.20.226		1.4 kB
URL ocsp2.globalsign.com/gsalphasha2g2 IP 104.18.20.226:0 ASN #13335 CLOUDFLARENET File type data Size 1.4 kB (1423 bytes) Hash 73a5fe58675ad09cbca0a04a867f2ee8 55c295a8d62bcd15b6ce84fd7f3e2351c817cd34 d625e1c6ab56c823718d62da9b07cae8d7396b3b70965142db9c95c0e68980e6 HTTP Headers `POST /gsalphasha2g2 HTTP/1.1 Host: ocsp2.globalsign.com User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate Content-Type: application/ocsp-request Content-Length: 79 Connection: keep-alive Pragma: no-cache Cache-Control: no-cache` `HTTP/1.1 200 OK Date: Sun, 03 Dec 2023 14:27:30 GMT Content-Type: application/ocsp-response Content-Length: 1423 Connection: keep-alive Expires: Thu, 07 Dec 2023 12:06:01 GMT ETag: "55c295a8d62bcd15b6ce84fd7f3e2351c817cd34" Last-Modified: Sun, 03 Dec 2023 12:06:02 GMT Cache-Control: public, no-transform, must-revalidate, s-maxage=3600 CF-Cache-Status: EXPIRED Accept-Ranges: bytes Vary: Accept-Encoding Server: cloudflare CF-RAY: 82fc7da25be856c6-OSL`

	c.tilttrk.com/?a=5622&c=863&E=TtqGvAvetqA%3d&s2=85287__15704ff106c&s4=16fdd538-91e8-11ee-9de0-b924da04a038&	52.215.110.17	302 Found	197 B
URL User Request GET HTTP/1.1 c.tilttrk.com/?a=5622&c=863&E=TtqGvAvetqA%3d&s2=85287__15704ff106c&s4=16fdd538-91e8-11ee-9de0-b924da04a038& IP 52.215.110.17:443 ASN #16509 AMAZON-02 Certificate IssuerGlobalSign nv-sa Subject.tilttrk.com FingerprintE1:AB:2C:35:A2:31:90:2C:B4:D9:58:E3:3C:64:CB:33:DC:F1:38:9F ValidityWed, 02 Nov 2022 18:12:42 GMT - Mon, 04 Dec 2023 18:12:41 GMT File type HTML document, ASCII text Size 197 B (197 bytes) Hash fbf8bb7f8d9de048da80124bc9665589 709d950fe4d6c65426b1efff1909a2920fdb2de9 bca0c6c6e75ea85a83f80295f4f4a0e1482b4ee911d563669302def9eba0b96d HTTP Headers GET /?a=5622&c=863&E=TtqGvAvetqA%3d&s2=85287__15704ff106c&s4=16fdd538-91e8-11ee-9de0-b924da04a038& HTTP/1.1 Host: c.tilttrk.com User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,/*;q=0.8 Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br DNT: 1 Connection: keep-alive Upgrade-Insecure-Requests: 1 Sec-Fetch-Dest: document Sec-Fetch-Mode: navigate Sec-Fetch-Site: cross-site Pragma: no-cache Cache-Control: no-cache HTTP/1.1 302 Found Content-Length: 197 Content-Type: text/html; charset=utf-8 Date: Sun, 03 Dec 2023 14:27:30 GMT Location: https://tracker.tiltwin.com/rotate/194?P=3-clm90kjjjqlse8naof1g&A=5622&B=85287__15704ff106c&aff_sub4=16fdd538-91e8-11ee-9de0-b924da04a038&email=&aff_sub2= Set-Cookie: trk=Rodf2x3C8qJ7+2fGz/DStccZuIPBku5OxmIbvm5dm1qzmgk5MPJnKqV1edlePDjLbUwQ/O6wUe8=; Domain=.tilttrk.com; Expires=Tue, 02 Dec 2025 14:27:30 GMT; HttpOnly; Secure; SameSite=None sid=Rodf2x3C8qJ7+2fGz/DStZRtV6EO2jwlxmIbvm5dm1qzmgk5MPJnKqV1edlePDjLylFHuzBNRJA=; Domain=.tilttrk.com; HttpOnly; Secure; SameSite=None x12=ADuauj0XkpuEVUr1rAzFqLuQKzkxRshGybhPGOG+xh1FgeBlwg7Ytqn+Zp1Xk4mjoRNgOr2+lDmZgGp1HxjbKHeQeG0gEHBOtRkGrJ+tox3Nm/Sq5jReEOppJ9UuIrkTS1QC7ECb+V1seIgbdZqt6gbauFO/YuNaLNG6ui6CCIGpDwENdJN6qUCvNVH7fhouSDuVZb4Bco37fJtjl4gDl/xcbQRVgTMmZ7qx2NvVQcLOgWzWYWC7HOqdq56Kpy8bVd56skz7eUJUA+jqYqpLRCUlz/29TDuVPcvpQzH7k55wF00qJFS0d+4IAU6XGlfVuJAxor4jcrS+tw0t4UqCSkSXZWMzAcgv5aPR4mw/V31dxlkgv+I5BjFyWdBZTpgmq8jbA3ddikiPXvPTwxARqo6tT7Xffu8WFlcuC71b3SgZZ82thHw4uyAEMhN/sMi/imoPzrPJcc+FTPv0nm3qlApi7Tgo9lKMi2o211V43NILTulULQhH4iEFRIfNMdZLgvzu/wlv35LVRidgfa1Wm7/pvsMx6khm5iVOFC+BKOdUAqRO2fvA8wcfqVA2MAdE6EXPEdrGerXlvrnoPSzuNKRjX3ByLqMxPHCjjDbPyDroRc8R2sZ6tZj/G24Bwny7LOxiyv5v4GsVJpb4wtmTEQ==; Domain=.tilttrk.com; Expires=Tue, 02 Jan 2024 14:27:30 GMT; HttpOnly; Secure; SameSite=None X-Ckt: clm90kjjjqlse8naof1g X-Ray: clm90kjjjqlse8naoevg Connection: close

	code.jquery.com/jquery-3.4.1.min.js	151.101.2.137	200 OK	31 kB
URL GET HTTP/2 code.jquery.com/jquery-3.4.1.min.js IP 151.101.2.137:443 ASN #54113 FASTLY Requested by https://www2.tiltwin.com/no/landing/155/574?A=5622 Certificate IssuerSectigo Limited Subject.jquery.com FingerprintD2:19:0A:AD:CE:BB:9C:61:17:5D:29:4B:A2:54:E8:C6:91:B8:F9:8D ValidityTue, 11 Jul 2023 00:00:00 GMT - Sun, 14 Jul 2024 23:59:59 GMT File type ASCII text, with very long lines (65451) Size 31 kB (30638 bytes) Hash 220afd743d9e9643852e31a135a9f3ae 88523924351bac0b5d560fe0c5781e2556e7693d 0925e8ad7bd971391a8b1e98be8e87a6971919eb5b60c196485941c3c1df089a HTTP Headers `GET /jquery-3.4.1.min.js HTTP/1.1 Host: code.jquery.com User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: /* Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br DNT: 1 Connection: keep-alive Referer: https://www2.tiltwin.com/ Sec-Fetch-Dest: script Sec-Fetch-Mode: no-cors Sec-Fetch-Site: cross-site Pragma: no-cache Cache-Control: no-cache` HTTP/2 200 OK server: nginx content-type: application/javascript; charset=utf-8 last-modified: Fri, 18 Oct 1991 12:00:00 GMT etag: W/"28feccc0-15851" cache-control: public, max-age=31536000, stale-while-revalidate=604800 access-control-allow-origin: * content-encoding: gzip via: 1.1 varnish, 1.1 varnish accept-ranges: bytes date: Sun, 03 Dec 2023 14:27:31 GMT age: 6811451 x-served-by: cache-lga21965-LGA, cache-bma1657-BMA x-cache: HIT, HIT x-cache-hits: 9, 655559 x-timer: S1701613652.868638,VS0,VE0 vary: Accept-Encoding content-length: 30638 X-Firefox-Spdy: h2

	www.googletagmanager.com/gtag/js?id=UA-144971979-1	216.58.207.200	200 OK	69 kB
URL GET HTTP/2 www.googletagmanager.com/gtag/js?id=UA-144971979-1 IP 216.58.207.200:443 ASN #15169 GOOGLE Requested by https://www2.tiltwin.com/no/landing/155/574?A=5622 Certificate IssuerGoogle Trust Services LLC Subject.google-analytics.com Fingerprint37:42:10:B7:89:70:45:51:80:81:66:CE:95:21:72:5D:46:0B:E2:34 ValidityMon, 23 Oct 2023 11:18:19 GMT - Mon, 15 Jan 2024 11:18:18 GMT File type ASCII text, with very long lines (4179) Size 69 kB (69006 bytes) Hash ceea6703b66b66839e03d661a0726a29 ac96351f91820d685743324c849dccf7f59711e3 e86e64b31ad30caf5fadf584dbbdf6785ffc4997a83749344d301d8f6759da6b HTTP Headers `GET /gtag/js?id=UA-144971979-1 HTTP/1.1 Host: www.googletagmanager.com User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: /* Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br DNT: 1 Connection: keep-alive Referer: https://www2.tiltwin.com/ Sec-Fetch-Dest: script Sec-Fetch-Mode: no-cors Sec-Fetch-Site: cross-site Pragma: no-cache Cache-Control: no-cache` HTTP/2 200 OK content-type: application/javascript; charset=UTF-8 access-control-allow-origin: * access-control-allow-credentials: true access-control-allow-headers: Cache-Control content-encoding: br vary: Accept-Encoding date: Sun, 03 Dec 2023 14:27:31 GMT expires: Sun, 03 Dec 2023 14:27:31 GMT cache-control: private, max-age=900 last-modified: Sun, 03 Dec 2023 12:00:00 GMT strict-transport-security: max-age=31536000; includeSubDomains cross-origin-resource-policy: cross-origin server: Google Tag Manager content-length: 69006 x-xss-protection: 0 alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 X-Firefox-Spdy: h2

	www.googletagmanager.com/gtag/js?id=G-N43BLYJLJR&l=dataLayer&cx=c	216.58.207.200	200 OK	81 kB
URL GET HTTP/3 www.googletagmanager.com/gtag/js?id=G-N43BLYJLJR&l=dataLayer&cx=c IP 216.58.207.200:443 ASN #15169 GOOGLE Requested by https://www2.tiltwin.com/no/landing/155/574?A=5622 Certificate IssuerGoogle Trust Services LLC Subject.google-analytics.com Fingerprint37:42:10:B7:89:70:45:51:80:81:66:CE:95:21:72:5D:46:0B:E2:34 ValidityMon, 23 Oct 2023 11:18:19 GMT - Mon, 15 Jan 2024 11:18:18 GMT File type ASCII text, with very long lines (5955) Size 81 kB (81234 bytes) Hash 339abb5660476b7a63322f11efee45fe 7d6f4b22f810d9988802a1f4c81db827dc577aa3 1e4ce96918cdd6a57728fc53fa718ba2ae4cbae3a2b6c312e3f96d4bd06e3d09 HTTP Headers `GET /gtag/js?id=G-N43BLYJLJR&l=dataLayer&cx=c HTTP/1.1 Host: www.googletagmanager.com User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: /* Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br DNT: 1 Connection: keep-alive Referer: https://www2.tiltwin.com/ Sec-Fetch-Dest: script Sec-Fetch-Mode: no-cors Sec-Fetch-Site: cross-site Pragma: no-cache Cache-Control: no-cache TE: trailers` HTTP/3 200 OK content-type: application/javascript; charset=UTF-8 access-control-allow-origin: * access-control-allow-credentials: true access-control-allow-headers: Cache-Control content-encoding: br vary: Accept-Encoding date: Sun, 03 Dec 2023 14:27:32 GMT expires: Sun, 03 Dec 2023 14:27:32 GMT cache-control: private, max-age=900 strict-transport-security: max-age=31536000; includeSubDomains cross-origin-resource-policy: cross-origin server: Google Tag Manager content-length: 81234 x-xss-protection: 0 alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000

	d2i5a4y6yksdm0.cloudfront.net/images/footer-icons/only-18.png	143.204.42.96	200 OK	1.6 kB
URL GET HTTP/2 d2i5a4y6yksdm0.cloudfront.net/images/footer-icons/only-18.png IP 143.204.42.96:443 ASN #16509 AMAZON-02 Requested by https://www2.tiltwin.com/no/landing/155/574?A=5622 Certificate IssuerAmazon Subject.cloudfront.net FingerprintFA:21:45:DC:4D:94:03:A3:09:77:51:78:4A:21:F2:C5:6D:94:BE:52 ValidityTue, 10 Oct 2023 00:00:00 GMT - Thu, 19 Sep 2024 23:59:59 GMT File type PNG image data, 30 x 35, 8-bit/color RGBA, non-interlaced\012- data Size 1.6 kB (1589 bytes) Hash cf04116a79119c523e050702bad75e29 ae2c9c695fbf60205ea06e8a73e7ed54fa534733 a410afd1a0e4ffb9dc6000d922ee4a72d5e48bffd935031cf3b6396adc39387d HTTP Headers `GET /images/footer-icons/only-18.png HTTP/1.1 Host: d2i5a4y6yksdm0.cloudfront.net User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: image/avif,image/webp,/* Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br DNT: 1 Connection: keep-alive Referer: https://www2.tiltwin.com/ Sec-Fetch-Dest: image Sec-Fetch-Mode: no-cors Sec-Fetch-Site: cross-site Pragma: no-cache Cache-Control: no-cache TE: trailers` `HTTP/2 200 OK content-type: image/png content-length: 1589 server: nginx/1.14.0 (Ubuntu) last-modified: Tue, 27 Mar 2018 12:02:16 GMT x-cache-status: HIT accept-ranges: bytes date: Sun, 03 Dec 2023 11:50:38 GMT etag: "5aba32c8-635" vary: Accept-Encoding x-cache: Hit from cloudfront via: 1.1 f66e3db0f0449307dba3fbf72bbf3bac.cloudfront.net (CloudFront) x-amz-cf-pop: OSL50-C1 x-amz-cf-id: GmjlE4ttbqTf8WTrb55ojkiDZ-DWDdEbbc4SFy90L5GYQRjpG5XEAQ== age: 18478 X-Firefox-Spdy: h2`

	stackpath.bootstrapcdn.com/bootstrap/4.1.1/css/bootstrap.min.css	104.18.11.207	200 OK	24 kB
URL GET HTTP/2 stackpath.bootstrapcdn.com/bootstrap/4.1.1/css/bootstrap.min.css IP 104.18.11.207:443 ASN #13335 CLOUDFLARENET Requested by https://www2.tiltwin.com/no/landing/155/574?A=5622 Certificate IssuerGoogle Trust Services LLC Subjectbootstrapcdn.com Fingerprint34:BC:91:5F:B9:EC:32:2C:D9:73:C7:88:C3:6C:FB:77:E7:70:8D:04 ValidityThu, 30 Nov 2023 00:15:17 GMT - Wed, 28 Feb 2024 00:15:16 GMT File type ASCII text, with very long lines (65324) Size 24 kB (23921 bytes) Hash a7022c6fa83d91db67738d6e3cd3252d 1ae238d0c533b209ea5becf4317e13237ed3d42e 31df1e69ea3aece8a8bae5c08bcb7f5e977cb76f886897b301355359b66a48ec HTTP Headers `GET /bootstrap/4.1.1/css/bootstrap.min.css HTTP/1.1 Host: stackpath.bootstrapcdn.com User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: text/css,/;q=0.1 Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Origin: https://www2.tiltwin.com DNT: 1 Connection: keep-alive Referer: https://www2.tiltwin.com/ Sec-Fetch-Dest: style Sec-Fetch-Mode: cors Sec-Fetch-Site: cross-site Pragma: no-cache Cache-Control: no-cache` HTTP/2 200 OK date: Sun, 03 Dec 2023 14:27:31 GMT content-type: text/css; charset=utf-8 vary: Accept-Encoding cdn-pullzone: 252412 cdn-uid: b1941f61-b576-4f40-80de-5677acb38f74 cdn-requestcountrycode: DE access-control-allow-origin: * cache-control: public, max-age=31919000 etag: W/"a7022c6fa83d91db67738d6e3cd3252d" last-modified: Mon, 25 Jan 2021 22:04:05 GMT cdn-cachedat: 10/31/2023 18:51:17 cdn-proxyver: 1.04 cdn-requestpullcode: 200 cdn-requestpullsuccess: True cdn-edgestorageid: 865 timing-allow-origin: * cross-origin-resource-policy: cross-origin x-content-type-options: nosniff cdn-status: 200 cdn-requestid: aca5977d32a7c477ad5c0c00b1e71129 cdn-cache: HIT cf-cache-status: HIT age: 721932 strict-transport-security: max-age=31536000; includeSubDomains; preload server: cloudflare cf-ray: 82fc7dabc99856cb-OSL content-encoding: br alt-svc: h3=":443"; ma=86400 X-Firefox-Spdy: h2

	d2i5a4y6yksdm0.cloudfront.net/images/footer-icons/gambling-therapy.png	143.204.42.96	200 OK	4.9 kB
URL GET HTTP/2 d2i5a4y6yksdm0.cloudfront.net/images/footer-icons/gambling-therapy.png IP 143.204.42.96:443 ASN #16509 AMAZON-02 Requested by https://www2.tiltwin.com/no/landing/155/574?A=5622 Certificate IssuerAmazon Subject.cloudfront.net FingerprintFA:21:45:DC:4D:94:03:A3:09:77:51:78:4A:21:F2:C5:6D:94:BE:52 ValidityTue, 10 Oct 2023 00:00:00 GMT - Thu, 19 Sep 2024 23:59:59 GMT File type PNG image data, 110 x 45, 8-bit/color RGBA, non-interlaced\012- data Size 4.9 kB (4900 bytes) Hash a07cbc8e2901b2c1dcadc9da971b8e22 5e08e02995d5716e8a9910f939d785e200c1a10c 8769471d2891f9151996faf46dab47fc14bf45f5a0e1cb253ba542d4cee57fcd HTTP Headers `GET /images/footer-icons/gambling-therapy.png HTTP/1.1 Host: d2i5a4y6yksdm0.cloudfront.net User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: image/avif,image/webp,/* Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br DNT: 1 Connection: keep-alive Referer: https://www2.tiltwin.com/ Sec-Fetch-Dest: image Sec-Fetch-Mode: no-cors Sec-Fetch-Site: cross-site Pragma: no-cache Cache-Control: no-cache TE: trailers` `HTTP/2 200 OK content-type: image/png content-length: 4900 server: nginx/1.14.0 (Ubuntu) last-modified: Sun, 28 Apr 2019 00:57:47 GMT x-cache-status: MISS accept-ranges: bytes date: Sun, 03 Dec 2023 11:50:38 GMT etag: "5cc4fa8b-1324" vary: Accept-Encoding x-cache: Hit from cloudfront via: 1.1 f66e3db0f0449307dba3fbf72bbf3bac.cloudfront.net (CloudFront) x-amz-cf-pop: OSL50-C1 x-amz-cf-id: ooyZtlxlZkMqffrBlKWHu2iR0xFpg2AWiiYeGcXY5OgKYnWgotwI1g== age: 18478 X-Firefox-Spdy: h2`

	d2i5a4y6yksdm0.cloudfront.net/images/lp/574/book.jpg	143.204.42.96	200 OK	9.4 kB
URL GET HTTP/2 d2i5a4y6yksdm0.cloudfront.net/images/lp/574/book.jpg IP 143.204.42.96:443 ASN #16509 AMAZON-02 Requested by https://www2.tiltwin.com/no/landing/155/574?A=5622 Certificate IssuerAmazon Subject.cloudfront.net FingerprintFA:21:45:DC:4D:94:03:A3:09:77:51:78:4A:21:F2:C5:6D:94:BE:52 ValidityTue, 10 Oct 2023 00:00:00 GMT - Thu, 19 Sep 2024 23:59:59 GMT File type JPEG image data, Exif standard: [TIFF image data, little-endian, direntries=0], baseline, precision 8, 93x93, components 3\012- data Size 9.4 kB (9415 bytes) Hash 87071c18d0bdb052205b5817bca6320d 0a897b1f97015db6ff2c5ada197f5756da20aa7c ccf7a96e395a62a1a5801bbd26903faa6bb6607d1c7150181388276ee05f6b19 HTTP Headers `GET /images/lp/574/book.jpg HTTP/1.1 Host: d2i5a4y6yksdm0.cloudfront.net User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: image/avif,image/webp,/* Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br DNT: 1 Connection: keep-alive Referer: https://d2i5a4y6yksdm0.cloudfront.net/css/lp/574/style.css Sec-Fetch-Dest: image Sec-Fetch-Mode: no-cors Sec-Fetch-Site: same-origin Pragma: no-cache Cache-Control: no-cache TE: trailers` `HTTP/2 200 OK content-type: image/jpeg content-length: 9415 server: nginx/1.14.0 (Ubuntu) last-modified: Wed, 05 Aug 2020 12:12:47 GMT x-cache-status: MISS accept-ranges: bytes date: Sun, 03 Dec 2023 11:50:39 GMT etag: "5f2aa23f-24c7" vary: Accept-Encoding x-cache: Hit from cloudfront via: 1.1 f66e3db0f0449307dba3fbf72bbf3bac.cloudfront.net (CloudFront) x-amz-cf-pop: OSL50-C1 x-amz-cf-id: CsMllZycS9ei5czFizcPXqfrdqQ_xN9SYb2D61roEKQ-eQL5vOyIrA== age: 10302 X-Firefox-Spdy: h2`

	use.fontawesome.com/releases/v5.1.0/css/all.css	172.64.140.13	200 OK	25 kB
URL GET HTTP/2 use.fontawesome.com/releases/v5.1.0/css/all.css IP 172.64.140.13:443 ASN #13335 CLOUDFLARENET Requested by https://www2.tiltwin.com/no/landing/155/574?A=5622 Certificate IssuerCloudflare, Inc. Subjectuse.fontawesome.com FingerprintCB:BE:6B:C4:5F:DF:18:7A:C3:AD:BF:6C:40:36:18:9F:E2:99:7F:78 ValidityThu, 12 Oct 2023 00:00:00 GMT - Thu, 10 Oct 2024 23:59:59 GMT File type ASCII text, with very long lines (45507) Size 25 kB (24643 bytes) Hash 826c57385f3d35cfed5478ba7b1f5c03 20d2d431065fc6b38c1187eda564639527e2428e ce91e2144ea27f82292ef2c87c5d9e1d0b9994df63836130293865aca18fc550 HTTP Headers `GET /releases/v5.1.0/css/all.css HTTP/1.1 Host: use.fontawesome.com User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: text/css,/;q=0.1 Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Origin: https://www2.tiltwin.com DNT: 1 Connection: keep-alive Referer: https://www2.tiltwin.com/ Sec-Fetch-Dest: style Sec-Fetch-Mode: cors Sec-Fetch-Site: cross-site Pragma: no-cache Cache-Control: no-cache` HTTP/2 200 OK date: Sun, 03 Dec 2023 14:27:32 GMT content-type: text/css access-control-allow-origin: * cache-control: max-age=31556926 etag: W/"826c57385f3d35cfed5478ba7b1f5c03" last-modified: Fri, 22 Sep 2023 01:44:25 GMT vary: Origin, Accept-Encoding cf-cache-status: HIT age: 1933648 report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=xrpii%2BOP9RGlmHvMe2J6tsAvh3cs7gJfIjYu6NA7YuRPNthAKfx4UYT0JwgVSMOW8xJYkp9RMluFyfrCb0aRyFs8%2Fm%2FCzYtqLxhaSQd81c2rEsTFt4HDgqkvs5Cn5HoLdzpNFLe9"}],"group":"cf-nel","max_age":604800} nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800} server: cloudflare cf-ray: 82fc7dad4e0e8862-LHR content-encoding: br alt-svc: h3=":443"; ma=86400 X-Firefox-Spdy: h2

	d2i5a4y6yksdm0.cloudfront.net/images/lp/574/bg-desk.jpg	143.204.42.96	200 OK	314 kB
URL GET HTTP/2 d2i5a4y6yksdm0.cloudfront.net/images/lp/574/bg-desk.jpg IP 143.204.42.96:443 ASN #16509 AMAZON-02 Requested by https://www2.tiltwin.com/no/landing/155/574?A=5622 Certificate IssuerAmazon Subject.cloudfront.net FingerprintFA:21:45:DC:4D:94:03:A3:09:77:51:78:4A:21:F2:C5:6D:94:BE:52 ValidityTue, 10 Oct 2023 00:00:00 GMT - Thu, 19 Sep 2024 23:59:59 GMT File type JPEG image data, Exif standard: [TIFF image data, little-endian, direntries=0], baseline, precision 8, 1920x1110, components 3\012- data Size 314 kB (313736 bytes) Hash 529071eccd64ba89295ec3a429e9cbc7 95aecfa453faff357642a6f4dbbaba0b59b23ca9 28e773a2b073bffa1ed1fbe947b653655ff36b5cec094aa3d69a73b18eea940a HTTP Headers `GET /images/lp/574/bg-desk.jpg HTTP/1.1 Host: d2i5a4y6yksdm0.cloudfront.net User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: image/avif,image/webp,/* Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br DNT: 1 Connection: keep-alive Referer: https://d2i5a4y6yksdm0.cloudfront.net/css/lp/574/style.css Sec-Fetch-Dest: image Sec-Fetch-Mode: no-cors Sec-Fetch-Site: same-origin Pragma: no-cache Cache-Control: no-cache TE: trailers` `HTTP/2 200 OK content-type: image/jpeg content-length: 313736 server: nginx/1.14.0 (Ubuntu) last-modified: Wed, 05 Aug 2020 12:10:43 GMT x-cache-status: MISS accept-ranges: bytes date: Sat, 02 Dec 2023 19:23:31 GMT etag: "5f2aa1c3-4c988" vary: Accept-Encoding x-cache: Hit from cloudfront via: 1.1 f66e3db0f0449307dba3fbf72bbf3bac.cloudfront.net (CloudFront) x-amz-cf-pop: OSL50-C1 x-amz-cf-id: 9THKGw5m04Jn1FuSlUkiLOfjlfpl1j6UMwKKq9JH8EPQOR3m1uzhbA== age: 68641 X-Firefox-Spdy: h2`

	d2i5a4y6yksdm0.cloudfront.net/images/footer-icons/begamble.png	143.204.42.96	200 OK	10 kB
URL GET HTTP/2 d2i5a4y6yksdm0.cloudfront.net/images/footer-icons/begamble.png IP 143.204.42.96:443 ASN #16509 AMAZON-02 Requested by https://www2.tiltwin.com/no/landing/155/574?A=5622 Certificate IssuerAmazon Subject.cloudfront.net FingerprintFA:21:45:DC:4D:94:03:A3:09:77:51:78:4A:21:F2:C5:6D:94:BE:52 ValidityTue, 10 Oct 2023 00:00:00 GMT - Thu, 19 Sep 2024 23:59:59 GMT File type PNG image data, 473 x 62, 8-bit/color RGBA, non-interlaced\012- data Size 10 kB (10295 bytes) Hash 4fd78d077e73978bca5af09bd9d76365 f157bdf0be60a2fbb09f52252e353711d83fde4b bdaa2b7f6eec96c7620ee7d1821fe7b328a7d7dcbade888a0986d3aeb7755ab6 HTTP Headers `GET /images/footer-icons/begamble.png HTTP/1.1 Host: d2i5a4y6yksdm0.cloudfront.net User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: image/avif,image/webp,/* Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br DNT: 1 Connection: keep-alive Referer: https://www2.tiltwin.com/ Sec-Fetch-Dest: image Sec-Fetch-Mode: no-cors Sec-Fetch-Site: cross-site Pragma: no-cache Cache-Control: no-cache TE: trailers` `HTTP/2 200 OK content-type: image/png content-length: 10295 server: nginx/1.14.0 (Ubuntu) last-modified: Mon, 04 Jan 2021 17:51:23 GMT x-cache-status: MISS accept-ranges: bytes date: Sun, 03 Dec 2023 14:27:32 GMT etag: "5ff3559b-2837" vary: Accept-Encoding x-cache: Hit from cloudfront via: 1.1 f66e3db0f0449307dba3fbf72bbf3bac.cloudfront.net (CloudFront) x-amz-cf-pop: OSL50-C1 x-amz-cf-id: cWyGceDP9MVnXBJD384e4QdA810dwKL9lY9mU3BSFopM74YdEIas2Q== age: 1461 X-Firefox-Spdy: h2`

	d2i5a4y6yksdm0.cloudfront.net/js/lp/574/createjs-2015.11.26.min.js	143.204.42.96	200 OK	60 kB
URL GET HTTP/2 d2i5a4y6yksdm0.cloudfront.net/js/lp/574/createjs-2015.11.26.min.js IP 143.204.42.96:443 ASN #16509 AMAZON-02 Requested by https://www2.tiltwin.com/no/landing/155/574?A=5622 Certificate IssuerAmazon Subject.cloudfront.net FingerprintFA:21:45:DC:4D:94:03:A3:09:77:51:78:4A:21:F2:C5:6D:94:BE:52 ValidityTue, 10 Oct 2023 00:00:00 GMT - Thu, 19 Sep 2024 23:59:59 GMT File type ASCII text, with very long lines (693) Size 60 kB (59934 bytes) Hash 5c1c90af5e2d8dde5c4ec534f16f9df7 c655b684a2d343b9777a5d6f3bc5160f784a4e87 5d06544ac07fb7d80c035ec696c5a4a0f3ee6ac9de82e837d45304b88a55e379 HTTP Headers `GET /js/lp/574/createjs-2015.11.26.min.js HTTP/1.1 Host: d2i5a4y6yksdm0.cloudfront.net User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: /* Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br DNT: 1 Connection: keep-alive Referer: https://www2.tiltwin.com/ Sec-Fetch-Dest: script Sec-Fetch-Mode: no-cors Sec-Fetch-Site: cross-site Pragma: no-cache Cache-Control: no-cache` `HTTP/2 200 OK content-type: application/javascript; charset=utf-8 server: nginx/1.14.0 (Ubuntu) last-modified: Tue, 06 Apr 2021 22:27:11 GMT x-cache-status: MISS content-encoding: br date: Sun, 03 Dec 2023 05:22:23 GMT etag: W/"606ce03f-4d0d1" vary: Accept-Encoding x-cache: Hit from cloudfront via: 1.1 f66e3db0f0449307dba3fbf72bbf3bac.cloudfront.net (CloudFront) x-amz-cf-pop: OSL50-C1 x-amz-cf-id: 7VlTS0i-ZD94z2dP2EE70hhfObzKoAEeVfPqr96Bpc0W2AaCZZhzjg== age: 32708 X-Firefox-Spdy: h2`

	d2i5a4y6yksdm0.cloudfront.net/favicon.ico	143.204.42.96	200 OK	0 B
URL GET HTTP/2 d2i5a4y6yksdm0.cloudfront.net/favicon.ico IP 143.204.42.96:443 ASN #16509 AMAZON-02 Requested by https://www2.tiltwin.com/no/landing/155/574?A=5622 Certificate IssuerAmazon Subject.cloudfront.net FingerprintFA:21:45:DC:4D:94:03:A3:09:77:51:78:4A:21:F2:C5:6D:94:BE:52 ValidityTue, 10 Oct 2023 00:00:00 GMT - Thu, 19 Sep 2024 23:59:59 GMT File type Size 0 B (0 bytes) Hash d41d8cd98f00b204e9800998ecf8427e da39a3ee5e6b4b0d3255bfef95601890afd80709 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 HTTP Headers `GET /favicon.ico HTTP/1.1 Host: d2i5a4y6yksdm0.cloudfront.net User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: image/avif,image/webp,/* Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br DNT: 1 Connection: keep-alive Referer: https://www2.tiltwin.com/ Sec-Fetch-Dest: image Sec-Fetch-Mode: no-cors Sec-Fetch-Site: cross-site Pragma: no-cache Cache-Control: no-cache TE: trailers` `HTTP/2 200 OK content-type: image/x-icon content-length: 0 server: nginx/1.14.0 (Ubuntu) last-modified: Sun, 11 Mar 2018 21:25:00 GMT x-cache-status: MISS accept-ranges: bytes date: Sun, 03 Dec 2023 03:17:36 GMT etag: "5aa59eac-0" vary: Accept-Encoding x-cache: Hit from cloudfront via: 1.1 f66e3db0f0449307dba3fbf72bbf3bac.cloudfront.net (CloudFront) x-amz-cf-pop: OSL50-C1 x-amz-cf-id: aDbhlIJLlG0wMvZ9MleVxhSCgfOZ2f-u1a5d3nKIJsgCm1Js4iGeNg== age: 40196 X-Firefox-Spdy: h2`

	www2.tiltwin.com/images/lp/574/btn.png	18.184.180.82	200 OK	526 B
URL GET HTTP/2 www2.tiltwin.com/images/lp/574/btn.png IP 18.184.180.82:443 ASN #16509 AMAZON-02 Requested by https://www2.tiltwin.com/no/landing/155/574?A=5622 Certificate IssuerLet's Encrypt Subjectwww2.tiltwin.com FingerprintB2:78:68:F7:B5:EC:53:5E:46:3C:B0:B9:0B:48:84:B5:A1:3C:54:71 ValidityThu, 12 Oct 2023 04:46:04 GMT - Wed, 10 Jan 2024 04:46:03 GMT File type PNG image data, 464 x 106, 8-bit colormap, non-interlaced\012- data Size 526 B (526 bytes) Hash 64adf8fec30ad9649caa783d6591ce0e b62a1d90790ffacb19e0317628dde53d284ec8b9 a518a179514e2c1d458a0a652b0fb9203396f149d4ad2e424e083eaba12e4b0d HTTP Headers GET /images/lp/574/btn.png HTTP/1.1 Host: www2.tiltwin.com User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: image/avif,image/webp,/ Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br DNT: 1 Connection: keep-alive Referer: https://www2.tiltwin.com/no/landing/155/574?A=5622 Cookie: tracking_data=%7B%22P%22%3A%223-clm90kjjjqlse8naof1g%22%2C%22A%22%3A%225622%22%2C%22B%22%3A%2285287__15704ff106c%22%2C%22aff_sub4%22%3A%2216fdd538-91e8-11ee-9de0-b924da04a038%22%2C%22email%22%3Anull%2C%22aff_sub2%22%3Anull%2C%22market%22%3A%22no%22%2C%22path%22%3A%22landing%5C%2F155%5C%2F574%22%2C%22country%22%3A%22NO%22%2C%22page%22%3A%22155%22%2C%22template%22%3A%22574%22%2C%22clickin_ip%22%3A%2291.90.42.154%22%2C%22token%22%3A%22lppku02j%22%2C%22M%22%3A1144%7D; tw_session=eyJpdiI6IjVqaHRsa3lVXC9tdEp6SHpnSWdUcG13PT0iLCJ2YWx1ZSI6IitkV1p6Y1N6Rit6SFwvb0ZocXpYMGwxQStQZ2RHQzdaZDd2aEhveVRxd2FORzZoejNZZHhldmdDcDBwdXhEM3AwIiwibWFjIjoiMDcwYzI4MGMyM2NmNGJlY2Y4ZDFlNDU0ZWQ1ZDhlZmQ5MTIxMGU2OWQ5ZjFjNjgyMmI5OWUyODgwMjFiNDJiNCJ9; _ga_N43BLYJLJR=GS1.1.1701613657.1.0.1701613657.0.0.0; _ga=GA1.1.767745950.1701613658 Sec-Fetch-Dest: image Sec-Fetch-Mode: no-cors Sec-Fetch-Site: same-origin Pragma: no-cache Cache-Control: no-cache TE: trailers `HTTP/2 200 OK server: nginx/1.14.0 (Ubuntu) date: Sun, 03 Dec 2023 14:27:32 GMT content-type: image/png content-length: 526 last-modified: Wed, 05 Aug 2020 12:20:24 GMT etag: "5f2aa408-20e" x-cache-status: MISS accept-ranges: bytes X-Firefox-Spdy: h2`

	www2.tiltwin.com/images/lp/574/osn.png	18.184.180.82	200 OK	166 kB
URL GET HTTP/2 www2.tiltwin.com/images/lp/574/osn.png IP 18.184.180.82:443 ASN #16509 AMAZON-02 Requested by https://www2.tiltwin.com/no/landing/155/574?A=5622 Certificate IssuerLet's Encrypt Subjectwww2.tiltwin.com FingerprintB2:78:68:F7:B5:EC:53:5E:46:3C:B0:B9:0B:48:84:B5:A1:3C:54:71 ValidityThu, 12 Oct 2023 04:46:04 GMT - Wed, 10 Jan 2024 04:46:03 GMT File type PNG image data, 786 x 608, 8-bit colormap, non-interlaced\012- data Size 166 kB (165485 bytes) Hash fbafd6c1abbfabd273bf06686d59119a 31ef49086d289c7207e9611b12795e19414cb2d6 45b39e728f642365cf8c94599ecf3002b20c607c07160c7e8e404da8c2041968 HTTP Headers GET /images/lp/574/osn.png HTTP/1.1 Host: www2.tiltwin.com User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: image/avif,image/webp,/ Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br DNT: 1 Connection: keep-alive Referer: https://www2.tiltwin.com/no/landing/155/574?A=5622 Cookie: tracking_data=%7B%22P%22%3A%223-clm90kjjjqlse8naof1g%22%2C%22A%22%3A%225622%22%2C%22B%22%3A%2285287__15704ff106c%22%2C%22aff_sub4%22%3A%2216fdd538-91e8-11ee-9de0-b924da04a038%22%2C%22email%22%3Anull%2C%22aff_sub2%22%3Anull%2C%22market%22%3A%22no%22%2C%22path%22%3A%22landing%5C%2F155%5C%2F574%22%2C%22country%22%3A%22NO%22%2C%22page%22%3A%22155%22%2C%22template%22%3A%22574%22%2C%22clickin_ip%22%3A%2291.90.42.154%22%2C%22token%22%3A%22lppku02j%22%2C%22M%22%3A1144%7D; tw_session=eyJpdiI6IjVqaHRsa3lVXC9tdEp6SHpnSWdUcG13PT0iLCJ2YWx1ZSI6IitkV1p6Y1N6Rit6SFwvb0ZocXpYMGwxQStQZ2RHQzdaZDd2aEhveVRxd2FORzZoejNZZHhldmdDcDBwdXhEM3AwIiwibWFjIjoiMDcwYzI4MGMyM2NmNGJlY2Y4ZDFlNDU0ZWQ1ZDhlZmQ5MTIxMGU2OWQ5ZjFjNjgyMmI5OWUyODgwMjFiNDJiNCJ9; _ga_N43BLYJLJR=GS1.1.1701613657.1.0.1701613657.0.0.0; _ga=GA1.1.767745950.1701613658 Sec-Fetch-Dest: image Sec-Fetch-Mode: no-cors Sec-Fetch-Site: same-origin Pragma: no-cache Cache-Control: no-cache TE: trailers `HTTP/2 200 OK server: nginx/1.14.0 (Ubuntu) date: Sun, 03 Dec 2023 14:27:32 GMT content-type: image/png content-length: 165485 last-modified: Wed, 05 Aug 2020 12:21:28 GMT etag: "5f2aa448-2866d" x-cache-status: MISS accept-ranges: bytes X-Firefox-Spdy: h2`

	www2.tiltwin.com/images/lp/574/slot1.png	18.184.180.82	200 OK	11 kB
URL GET HTTP/2 www2.tiltwin.com/images/lp/574/slot1.png IP 18.184.180.82:443 ASN #16509 AMAZON-02 Requested by https://www2.tiltwin.com/no/landing/155/574?A=5622 Certificate IssuerLet's Encrypt Subjectwww2.tiltwin.com FingerprintB2:78:68:F7:B5:EC:53:5E:46:3C:B0:B9:0B:48:84:B5:A1:3C:54:71 ValidityThu, 12 Oct 2023 04:46:04 GMT - Wed, 10 Jan 2024 04:46:03 GMT File type PNG image data, 113 x 124, 8-bit colormap, non-interlaced\012- data Size 11 kB (10650 bytes) Hash 8f59f7505f06de597a0f749f018cadf2 d2313ce4b83ef4e2578b0c7d54dc25ff310519e7 34f19d90a2743c0f603ed8aa6ea761bf60de19a187754a3e67f1f8f77d894451 HTTP Headers GET /images/lp/574/slot1.png HTTP/1.1 Host: www2.tiltwin.com User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: image/avif,image/webp,/ Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br DNT: 1 Connection: keep-alive Referer: https://www2.tiltwin.com/no/landing/155/574?A=5622 Cookie: tracking_data=%7B%22P%22%3A%223-clm90kjjjqlse8naof1g%22%2C%22A%22%3A%225622%22%2C%22B%22%3A%2285287__15704ff106c%22%2C%22aff_sub4%22%3A%2216fdd538-91e8-11ee-9de0-b924da04a038%22%2C%22email%22%3Anull%2C%22aff_sub2%22%3Anull%2C%22market%22%3A%22no%22%2C%22path%22%3A%22landing%5C%2F155%5C%2F574%22%2C%22country%22%3A%22NO%22%2C%22page%22%3A%22155%22%2C%22template%22%3A%22574%22%2C%22clickin_ip%22%3A%2291.90.42.154%22%2C%22token%22%3A%22lppku02j%22%2C%22M%22%3A1144%7D; tw_session=eyJpdiI6IjVqaHRsa3lVXC9tdEp6SHpnSWdUcG13PT0iLCJ2YWx1ZSI6IitkV1p6Y1N6Rit6SFwvb0ZocXpYMGwxQStQZ2RHQzdaZDd2aEhveVRxd2FORzZoejNZZHhldmdDcDBwdXhEM3AwIiwibWFjIjoiMDcwYzI4MGMyM2NmNGJlY2Y4ZDFlNDU0ZWQ1ZDhlZmQ5MTIxMGU2OWQ5ZjFjNjgyMmI5OWUyODgwMjFiNDJiNCJ9; _ga_N43BLYJLJR=GS1.1.1701613657.1.0.1701613657.0.0.0; _ga=GA1.1.767745950.1701613658 Sec-Fetch-Dest: image Sec-Fetch-Mode: no-cors Sec-Fetch-Site: same-origin Pragma: no-cache Cache-Control: no-cache TE: trailers `HTTP/2 200 OK server: nginx/1.14.0 (Ubuntu) date: Sun, 03 Dec 2023 14:27:32 GMT content-type: image/png content-length: 10650 last-modified: Wed, 05 Aug 2020 12:21:33 GMT etag: "5f2aa44d-299a" x-cache-status: MISS accept-ranges: bytes X-Firefox-Spdy: h2`

	www2.tiltwin.com/images/lp/574/slot3.png	18.184.180.82	200 OK	4.7 kB
URL GET HTTP/2 www2.tiltwin.com/images/lp/574/slot3.png IP 18.184.180.82:443 ASN #16509 AMAZON-02 Requested by https://www2.tiltwin.com/no/landing/155/574?A=5622 Certificate IssuerLet's Encrypt Subjectwww2.tiltwin.com FingerprintB2:78:68:F7:B5:EC:53:5E:46:3C:B0:B9:0B:48:84:B5:A1:3C:54:71 ValidityThu, 12 Oct 2023 04:46:04 GMT - Wed, 10 Jan 2024 04:46:03 GMT File type PNG image data, 113 x 124, 8-bit colormap, non-interlaced\012- data Size 4.7 kB (4704 bytes) Hash 15984c4890d9295e9d5c344d63cef553 41e4907655f2a67d20a6752bb9a4d63a2dda2e35 e208a6e29f59e3d67c0e58fb7ac2597fa4f85a928501d6d9a085061c87bdb569 HTTP Headers GET /images/lp/574/slot3.png HTTP/1.1 Host: www2.tiltwin.com User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: image/avif,image/webp,/ Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br DNT: 1 Connection: keep-alive Referer: https://www2.tiltwin.com/no/landing/155/574?A=5622 Cookie: tracking_data=%7B%22P%22%3A%223-clm90kjjjqlse8naof1g%22%2C%22A%22%3A%225622%22%2C%22B%22%3A%2285287__15704ff106c%22%2C%22aff_sub4%22%3A%2216fdd538-91e8-11ee-9de0-b924da04a038%22%2C%22email%22%3Anull%2C%22aff_sub2%22%3Anull%2C%22market%22%3A%22no%22%2C%22path%22%3A%22landing%5C%2F155%5C%2F574%22%2C%22country%22%3A%22NO%22%2C%22page%22%3A%22155%22%2C%22template%22%3A%22574%22%2C%22clickin_ip%22%3A%2291.90.42.154%22%2C%22token%22%3A%22lppku02j%22%2C%22M%22%3A1144%7D; tw_session=eyJpdiI6IjVqaHRsa3lVXC9tdEp6SHpnSWdUcG13PT0iLCJ2YWx1ZSI6IitkV1p6Y1N6Rit6SFwvb0ZocXpYMGwxQStQZ2RHQzdaZDd2aEhveVRxd2FORzZoejNZZHhldmdDcDBwdXhEM3AwIiwibWFjIjoiMDcwYzI4MGMyM2NmNGJlY2Y4ZDFlNDU0ZWQ1ZDhlZmQ5MTIxMGU2OWQ5ZjFjNjgyMmI5OWUyODgwMjFiNDJiNCJ9; _ga_N43BLYJLJR=GS1.1.1701613657.1.0.1701613657.0.0.0; _ga=GA1.1.767745950.1701613658 Sec-Fetch-Dest: image Sec-Fetch-Mode: no-cors Sec-Fetch-Site: same-origin Pragma: no-cache Cache-Control: no-cache TE: trailers `HTTP/2 200 OK server: nginx/1.14.0 (Ubuntu) date: Sun, 03 Dec 2023 14:27:33 GMT content-type: image/png content-length: 4704 last-modified: Wed, 05 Aug 2020 12:21:39 GMT etag: "5f2aa453-1260" x-cache-status: MISS accept-ranges: bytes X-Firefox-Spdy: h2`

	www2.tiltwin.com/images/lp/574/slot4.png	18.184.180.82	200 OK	6.3 kB
URL GET HTTP/2 www2.tiltwin.com/images/lp/574/slot4.png IP 18.184.180.82:443 ASN #16509 AMAZON-02 Requested by https://www2.tiltwin.com/no/landing/155/574?A=5622 Certificate IssuerLet's Encrypt Subjectwww2.tiltwin.com FingerprintB2:78:68:F7:B5:EC:53:5E:46:3C:B0:B9:0B:48:84:B5:A1:3C:54:71 ValidityThu, 12 Oct 2023 04:46:04 GMT - Wed, 10 Jan 2024 04:46:03 GMT File type PNG image data, 113 x 124, 8-bit colormap, non-interlaced\012- data Size 6.3 kB (6341 bytes) Hash f6872ffe46353aa6c6e6bbc7dc3d3a94 2ab2aa93c1c3e462d3ae796d0f0f760bb6990a5b d623f5acfe7ef19bd9b6705ec8737e98975ae0512aa851bdfdbcc76be8ebfc64 HTTP Headers GET /images/lp/574/slot4.png HTTP/1.1 Host: www2.tiltwin.com User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: image/avif,image/webp,/ Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br DNT: 1 Connection: keep-alive Referer: https://www2.tiltwin.com/no/landing/155/574?A=5622 Cookie: tracking_data=%7B%22P%22%3A%223-clm90kjjjqlse8naof1g%22%2C%22A%22%3A%225622%22%2C%22B%22%3A%2285287__15704ff106c%22%2C%22aff_sub4%22%3A%2216fdd538-91e8-11ee-9de0-b924da04a038%22%2C%22email%22%3Anull%2C%22aff_sub2%22%3Anull%2C%22market%22%3A%22no%22%2C%22path%22%3A%22landing%5C%2F155%5C%2F574%22%2C%22country%22%3A%22NO%22%2C%22page%22%3A%22155%22%2C%22template%22%3A%22574%22%2C%22clickin_ip%22%3A%2291.90.42.154%22%2C%22token%22%3A%22lppku02j%22%2C%22M%22%3A1144%7D; tw_session=eyJpdiI6IjVqaHRsa3lVXC9tdEp6SHpnSWdUcG13PT0iLCJ2YWx1ZSI6IitkV1p6Y1N6Rit6SFwvb0ZocXpYMGwxQStQZ2RHQzdaZDd2aEhveVRxd2FORzZoejNZZHhldmdDcDBwdXhEM3AwIiwibWFjIjoiMDcwYzI4MGMyM2NmNGJlY2Y4ZDFlNDU0ZWQ1ZDhlZmQ5MTIxMGU2OWQ5ZjFjNjgyMmI5OWUyODgwMjFiNDJiNCJ9; _ga_N43BLYJLJR=GS1.1.1701613657.1.0.1701613657.0.0.0; _ga=GA1.1.767745950.1701613658 Sec-Fetch-Dest: image Sec-Fetch-Mode: no-cors Sec-Fetch-Site: same-origin Pragma: no-cache Cache-Control: no-cache TE: trailers `HTTP/2 200 OK server: nginx/1.14.0 (Ubuntu) date: Sun, 03 Dec 2023 14:27:33 GMT content-type: image/png content-length: 6341 last-modified: Wed, 05 Aug 2020 12:21:45 GMT etag: "5f2aa459-18c5" x-cache-status: MISS accept-ranges: bytes X-Firefox-Spdy: h2`

	www2.tiltwin.com/images/lp/574/slot6.png	18.184.180.82	200 OK	10 kB
URL GET HTTP/2 www2.tiltwin.com/images/lp/574/slot6.png IP 18.184.180.82:443 ASN #16509 AMAZON-02 Requested by https://www2.tiltwin.com/no/landing/155/574?A=5622 Certificate IssuerLet's Encrypt Subjectwww2.tiltwin.com FingerprintB2:78:68:F7:B5:EC:53:5E:46:3C:B0:B9:0B:48:84:B5:A1:3C:54:71 ValidityThu, 12 Oct 2023 04:46:04 GMT - Wed, 10 Jan 2024 04:46:03 GMT File type PNG image data, 113 x 124, 8-bit colormap, non-interlaced\012- data Size 10 kB (10273 bytes) Hash c760356fc69201be743d5b1d207dc2f7 61722969159fad8602e5351713cf71dccb786a33 421dbdcc6d7d1f18600bd10de4809dd745c936c9f22e33c0f8708aee1e3d7816 HTTP Headers GET /images/lp/574/slot6.png HTTP/1.1 Host: www2.tiltwin.com User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: image/avif,image/webp,/ Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br DNT: 1 Connection: keep-alive Referer: https://www2.tiltwin.com/no/landing/155/574?A=5622 Cookie: tracking_data=%7B%22P%22%3A%223-clm90kjjjqlse8naof1g%22%2C%22A%22%3A%225622%22%2C%22B%22%3A%2285287__15704ff106c%22%2C%22aff_sub4%22%3A%2216fdd538-91e8-11ee-9de0-b924da04a038%22%2C%22email%22%3Anull%2C%22aff_sub2%22%3Anull%2C%22market%22%3A%22no%22%2C%22path%22%3A%22landing%5C%2F155%5C%2F574%22%2C%22country%22%3A%22NO%22%2C%22page%22%3A%22155%22%2C%22template%22%3A%22574%22%2C%22clickin_ip%22%3A%2291.90.42.154%22%2C%22token%22%3A%22lppku02j%22%2C%22M%22%3A1144%7D; tw_session=eyJpdiI6IjVqaHRsa3lVXC9tdEp6SHpnSWdUcG13PT0iLCJ2YWx1ZSI6IitkV1p6Y1N6Rit6SFwvb0ZocXpYMGwxQStQZ2RHQzdaZDd2aEhveVRxd2FORzZoejNZZHhldmdDcDBwdXhEM3AwIiwibWFjIjoiMDcwYzI4MGMyM2NmNGJlY2Y4ZDFlNDU0ZWQ1ZDhlZmQ5MTIxMGU2OWQ5ZjFjNjgyMmI5OWUyODgwMjFiNDJiNCJ9; _ga_N43BLYJLJR=GS1.1.1701613657.1.0.1701613657.0.0.0; _ga=GA1.1.767745950.1701613658 Sec-Fetch-Dest: image Sec-Fetch-Mode: no-cors Sec-Fetch-Site: same-origin Pragma: no-cache Cache-Control: no-cache TE: trailers `HTTP/2 200 OK server: nginx/1.14.0 (Ubuntu) date: Sun, 03 Dec 2023 14:27:33 GMT content-type: image/png content-length: 10273 last-modified: Wed, 05 Aug 2020 12:21:51 GMT etag: "5f2aa45f-2821" x-cache-status: MISS accept-ranges: bytes X-Firefox-Spdy: h2`

	www2.tiltwin.com/images/lp/574/slot7.png	18.184.180.82	200 OK	6.2 kB
URL GET HTTP/2 www2.tiltwin.com/images/lp/574/slot7.png IP 18.184.180.82:443 ASN #16509 AMAZON-02 Requested by https://www2.tiltwin.com/no/landing/155/574?A=5622 Certificate IssuerLet's Encrypt Subjectwww2.tiltwin.com FingerprintB2:78:68:F7:B5:EC:53:5E:46:3C:B0:B9:0B:48:84:B5:A1:3C:54:71 ValidityThu, 12 Oct 2023 04:46:04 GMT - Wed, 10 Jan 2024 04:46:03 GMT File type PNG image data, 113 x 124, 8-bit colormap, non-interlaced\012- data Size 6.2 kB (6171 bytes) Hash b88f9e690d35a9139c9ff3797f44c4f6 774423e288b95f597d44806d77cf2755f698e8ae a6f7ecb186219e6730a1eb242570cb1816e954817d4c830930c19bf297e88198 HTTP Headers GET /images/lp/574/slot7.png HTTP/1.1 Host: www2.tiltwin.com User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: image/avif,image/webp,/ Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br DNT: 1 Connection: keep-alive Referer: https://www2.tiltwin.com/no/landing/155/574?A=5622 Cookie: tracking_data=%7B%22P%22%3A%223-clm90kjjjqlse8naof1g%22%2C%22A%22%3A%225622%22%2C%22B%22%3A%2285287__15704ff106c%22%2C%22aff_sub4%22%3A%2216fdd538-91e8-11ee-9de0-b924da04a038%22%2C%22email%22%3Anull%2C%22aff_sub2%22%3Anull%2C%22market%22%3A%22no%22%2C%22path%22%3A%22landing%5C%2F155%5C%2F574%22%2C%22country%22%3A%22NO%22%2C%22page%22%3A%22155%22%2C%22template%22%3A%22574%22%2C%22clickin_ip%22%3A%2291.90.42.154%22%2C%22token%22%3A%22lppku02j%22%2C%22M%22%3A1144%7D; tw_session=eyJpdiI6IjVqaHRsa3lVXC9tdEp6SHpnSWdUcG13PT0iLCJ2YWx1ZSI6IitkV1p6Y1N6Rit6SFwvb0ZocXpYMGwxQStQZ2RHQzdaZDd2aEhveVRxd2FORzZoejNZZHhldmdDcDBwdXhEM3AwIiwibWFjIjoiMDcwYzI4MGMyM2NmNGJlY2Y4ZDFlNDU0ZWQ1ZDhlZmQ5MTIxMGU2OWQ5ZjFjNjgyMmI5OWUyODgwMjFiNDJiNCJ9; _ga_N43BLYJLJR=GS1.1.1701613657.1.0.1701613657.0.0.0; _ga=GA1.1.767745950.1701613658 Sec-Fetch-Dest: image Sec-Fetch-Mode: no-cors Sec-Fetch-Site: same-origin Pragma: no-cache Cache-Control: no-cache TE: trailers `HTTP/2 200 OK server: nginx/1.14.0 (Ubuntu) date: Sun, 03 Dec 2023 14:27:33 GMT content-type: image/png content-length: 6171 last-modified: Wed, 05 Aug 2020 12:21:59 GMT etag: "5f2aa467-181b" x-cache-status: MISS accept-ranges: bytes X-Firefox-Spdy: h2`

	www2.tiltwin.com/images/lp/574/slot9.png	18.184.180.82	200 OK	7.2 kB
URL GET HTTP/2 www2.tiltwin.com/images/lp/574/slot9.png IP 18.184.180.82:443 ASN #16509 AMAZON-02 Requested by https://www2.tiltwin.com/no/landing/155/574?A=5622 Certificate IssuerLet's Encrypt Subjectwww2.tiltwin.com FingerprintB2:78:68:F7:B5:EC:53:5E:46:3C:B0:B9:0B:48:84:B5:A1:3C:54:71 ValidityThu, 12 Oct 2023 04:46:04 GMT - Wed, 10 Jan 2024 04:46:03 GMT File type PNG image data, 113 x 124, 8-bit colormap, non-interlaced\012- data Size 7.2 kB (7165 bytes) Hash b4d7ea28ce81068a3c6664e96bb057d5 ebdf73b8e7778a0712896db9d4fae05d12b9b11e 2d19c254dba701820142a0b208ee92df45620acaeef7f396f7ffd96b797a0683 HTTP Headers GET /images/lp/574/slot9.png HTTP/1.1 Host: www2.tiltwin.com User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: image/avif,image/webp,/ Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br DNT: 1 Connection: keep-alive Referer: https://www2.tiltwin.com/no/landing/155/574?A=5622 Cookie: tracking_data=%7B%22P%22%3A%223-clm90kjjjqlse8naof1g%22%2C%22A%22%3A%225622%22%2C%22B%22%3A%2285287__15704ff106c%22%2C%22aff_sub4%22%3A%2216fdd538-91e8-11ee-9de0-b924da04a038%22%2C%22email%22%3Anull%2C%22aff_sub2%22%3Anull%2C%22market%22%3A%22no%22%2C%22path%22%3A%22landing%5C%2F155%5C%2F574%22%2C%22country%22%3A%22NO%22%2C%22page%22%3A%22155%22%2C%22template%22%3A%22574%22%2C%22clickin_ip%22%3A%2291.90.42.154%22%2C%22token%22%3A%22lppku02j%22%2C%22M%22%3A1144%7D; tw_session=eyJpdiI6IjVqaHRsa3lVXC9tdEp6SHpnSWdUcG13PT0iLCJ2YWx1ZSI6IitkV1p6Y1N6Rit6SFwvb0ZocXpYMGwxQStQZ2RHQzdaZDd2aEhveVRxd2FORzZoejNZZHhldmdDcDBwdXhEM3AwIiwibWFjIjoiMDcwYzI4MGMyM2NmNGJlY2Y4ZDFlNDU0ZWQ1ZDhlZmQ5MTIxMGU2OWQ5ZjFjNjgyMmI5OWUyODgwMjFiNDJiNCJ9; _ga_N43BLYJLJR=GS1.1.1701613657.1.0.1701613657.0.0.0; _ga=GA1.1.767745950.1701613658 Sec-Fetch-Dest: image Sec-Fetch-Mode: no-cors Sec-Fetch-Site: same-origin Pragma: no-cache Cache-Control: no-cache TE: trailers `HTTP/2 200 OK server: nginx/1.14.0 (Ubuntu) date: Sun, 03 Dec 2023 14:27:33 GMT content-type: image/png content-length: 7165 last-modified: Wed, 05 Aug 2020 12:22:04 GMT etag: "5f2aa46c-1bfd" x-cache-status: MISS accept-ranges: bytes X-Firefox-Spdy: h2`

	www2.tiltwin.com/images/lp/574/win_sym.png	18.184.180.82	200 OK	12 kB
URL GET HTTP/2 www2.tiltwin.com/images/lp/574/win_sym.png IP 18.184.180.82:443 ASN #16509 AMAZON-02 Requested by https://www2.tiltwin.com/no/landing/155/574?A=5622 Certificate IssuerLet's Encrypt Subjectwww2.tiltwin.com FingerprintB2:78:68:F7:B5:EC:53:5E:46:3C:B0:B9:0B:48:84:B5:A1:3C:54:71 ValidityThu, 12 Oct 2023 04:46:04 GMT - Wed, 10 Jan 2024 04:46:03 GMT File type PNG image data, 120 x 120, 8-bit colormap, non-interlaced\012- data Size 12 kB (11878 bytes) Hash 525d8bd6e69df2cac302047536b7037a ef3510e45c5760c6db37a0b43b8ac07dda5da757 6f3b59cfa1a54fd4790e62f20830d525c4fd0b8ea6e8dd9d214e176b3b1d02ce HTTP Headers GET /images/lp/574/win_sym.png HTTP/1.1 Host: www2.tiltwin.com User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: image/avif,image/webp,/ Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br DNT: 1 Connection: keep-alive Referer: https://www2.tiltwin.com/no/landing/155/574?A=5622 Cookie: tracking_data=%7B%22P%22%3A%223-clm90kjjjqlse8naof1g%22%2C%22A%22%3A%225622%22%2C%22B%22%3A%2285287__15704ff106c%22%2C%22aff_sub4%22%3A%2216fdd538-91e8-11ee-9de0-b924da04a038%22%2C%22email%22%3Anull%2C%22aff_sub2%22%3Anull%2C%22market%22%3A%22no%22%2C%22path%22%3A%22landing%5C%2F155%5C%2F574%22%2C%22country%22%3A%22NO%22%2C%22page%22%3A%22155%22%2C%22template%22%3A%22574%22%2C%22clickin_ip%22%3A%2291.90.42.154%22%2C%22token%22%3A%22lppku02j%22%2C%22M%22%3A1144%7D; tw_session=eyJpdiI6IjVqaHRsa3lVXC9tdEp6SHpnSWdUcG13PT0iLCJ2YWx1ZSI6IitkV1p6Y1N6Rit6SFwvb0ZocXpYMGwxQStQZ2RHQzdaZDd2aEhveVRxd2FORzZoejNZZHhldmdDcDBwdXhEM3AwIiwibWFjIjoiMDcwYzI4MGMyM2NmNGJlY2Y4ZDFlNDU0ZWQ1ZDhlZmQ5MTIxMGU2OWQ5ZjFjNjgyMmI5OWUyODgwMjFiNDJiNCJ9; _ga_N43BLYJLJR=GS1.1.1701613657.1.0.1701613657.0.0.0; _ga=GA1.1.767745950.1701613658 Sec-Fetch-Dest: image Sec-Fetch-Mode: no-cors Sec-Fetch-Site: same-origin Pragma: no-cache Cache-Control: no-cache TE: trailers `HTTP/2 200 OK server: nginx/1.14.0 (Ubuntu) date: Sun, 03 Dec 2023 14:27:33 GMT content-type: image/png content-length: 11878 last-modified: Wed, 05 Aug 2020 12:22:09 GMT etag: "5f2aa471-2e66" x-cache-status: MISS accept-ranges: bytes X-Firefox-Spdy: h2`

	www2.tiltwin.com/images/lp/574/winline.png	18.184.180.82	200 OK	6.2 kB
URL GET HTTP/2 www2.tiltwin.com/images/lp/574/winline.png IP 18.184.180.82:443 ASN #16509 AMAZON-02 Requested by https://www2.tiltwin.com/no/landing/155/574?A=5622 Certificate IssuerLet's Encrypt Subjectwww2.tiltwin.com FingerprintB2:78:68:F7:B5:EC:53:5E:46:3C:B0:B9:0B:48:84:B5:A1:3C:54:71 ValidityThu, 12 Oct 2023 04:46:04 GMT - Wed, 10 Jan 2024 04:46:03 GMT File type PNG image data, 622 x 178, 8-bit colormap, non-interlaced\012- data Size 6.2 kB (6182 bytes) Hash b34e98c0e313ed03e192a7af5aef6dc0 83e248a726903fb3740991333564ab320e914486 291dc37728ccc14689e9cd0d509710aebb63d2bb284b7608e7c538f721909fc9 HTTP Headers GET /images/lp/574/winline.png HTTP/1.1 Host: www2.tiltwin.com User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: image/avif,image/webp,/ Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br DNT: 1 Connection: keep-alive Referer: https://www2.tiltwin.com/no/landing/155/574?A=5622 Cookie: tracking_data=%7B%22P%22%3A%223-clm90kjjjqlse8naof1g%22%2C%22A%22%3A%225622%22%2C%22B%22%3A%2285287__15704ff106c%22%2C%22aff_sub4%22%3A%2216fdd538-91e8-11ee-9de0-b924da04a038%22%2C%22email%22%3Anull%2C%22aff_sub2%22%3Anull%2C%22market%22%3A%22no%22%2C%22path%22%3A%22landing%5C%2F155%5C%2F574%22%2C%22country%22%3A%22NO%22%2C%22page%22%3A%22155%22%2C%22template%22%3A%22574%22%2C%22clickin_ip%22%3A%2291.90.42.154%22%2C%22token%22%3A%22lppku02j%22%2C%22M%22%3A1144%7D; tw_session=eyJpdiI6IjVqaHRsa3lVXC9tdEp6SHpnSWdUcG13PT0iLCJ2YWx1ZSI6IitkV1p6Y1N6Rit6SFwvb0ZocXpYMGwxQStQZ2RHQzdaZDd2aEhveVRxd2FORzZoejNZZHhldmdDcDBwdXhEM3AwIiwibWFjIjoiMDcwYzI4MGMyM2NmNGJlY2Y4ZDFlNDU0ZWQ1ZDhlZmQ5MTIxMGU2OWQ5ZjFjNjgyMmI5OWUyODgwMjFiNDJiNCJ9; _ga_N43BLYJLJR=GS1.1.1701613657.1.0.1701613657.0.0.0; _ga=GA1.1.767745950.1701613658 Sec-Fetch-Dest: image Sec-Fetch-Mode: no-cors Sec-Fetch-Site: same-origin Pragma: no-cache Cache-Control: no-cache TE: trailers `HTTP/2 200 OK server: nginx/1.14.0 (Ubuntu) date: Sun, 03 Dec 2023 14:27:33 GMT content-type: image/png content-length: 6182 last-modified: Wed, 05 Aug 2020 12:22:15 GMT etag: "5f2aa477-1826" x-cache-status: MISS accept-ranges: bytes X-Firefox-Spdy: h2`

	stackpath.bootstrapcdn.com/bootstrap/4.1.1/js/bootstrap.min.js	104.18.11.207	200 OK	51 kB
URL GET HTTP/2 stackpath.bootstrapcdn.com/bootstrap/4.1.1/js/bootstrap.min.js IP 104.18.11.207:443 ASN #13335 CLOUDFLARENET Requested by https://www2.tiltwin.com/no/landing/155/574?A=5622 Certificate IssuerGoogle Trust Services LLC Subjectbootstrapcdn.com Fingerprint34:BC:91:5F:B9:EC:32:2C:D9:73:C7:88:C3:6C:FB:77:E7:70:8D:04 ValidityThu, 30 Nov 2023 00:15:17 GMT - Wed, 28 Feb 2024 00:15:16 GMT File type ASCII text, with very long lines (50450) Size 51 kB (50731 bytes) Hash eb5fac582a82f296aeb74900b01a2fa3 fffea98e12e63b66693d567315a2f32392b780b0 c5a17d46976d471cf060c5a0e25749a323d6ab20cf0910f40afed81047ba21ef HTTP Headers `GET /bootstrap/4.1.1/js/bootstrap.min.js HTTP/1.1 Host: stackpath.bootstrapcdn.com User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Origin: https://www2.tiltwin.com DNT: 1 Connection: keep-alive Referer: https://www2.tiltwin.com/ Sec-Fetch-Dest: script Sec-Fetch-Mode: cors Sec-Fetch-Site: cross-site Pragma: no-cache Cache-Control: no-cache` HTTP/2 200 OK date: Sun, 03 Dec 2023 14:27:31 GMT content-type: application/javascript; charset=utf-8 vary: Accept-Encoding cdn-pullzone: 252412 cdn-uid: b1941f61-b576-4f40-80de-5677acb38f74 cdn-requestcountrycode: DE access-control-allow-origin: * cache-control: public, max-age=31919000 last-modified: Mon, 25 Jan 2021 22:04:05 GMT cdn-cachedat: 08/04/2021 06:22:15 cdn-edgestorageid: 601 cdn-requestpullcode: 200 cdn-requestpullsuccess: True timing-allow-origin: * cross-origin-resource-policy: cross-origin x-content-type-options: nosniff cdn-proxyver: 1.0 cdn-status: 200 cdn-requestid: a489d7110626749fc3a6c1f7738b7b99 cdn-cache: HIT cf-cache-status: HIT age: 903680 strict-transport-security: max-age=31536000; includeSubDomains; preload server: cloudflare cf-ray: 82fc7dabd9a256cb-OSL content-encoding: br alt-svc: h3=":443"; ma=86400 X-Firefox-Spdy: h2

	d2i5a4y6yksdm0.cloudfront.net/js/js.cookie.js	143.204.42.96	200 OK	3.9 kB
URL GET HTTP/2 d2i5a4y6yksdm0.cloudfront.net/js/js.cookie.js IP 143.204.42.96:443 ASN #16509 AMAZON-02 Requested by https://www2.tiltwin.com/no/landing/155/574?A=5622 Certificate IssuerAmazon Subject.cloudfront.net FingerprintFA:21:45:DC:4D:94:03:A3:09:77:51:78:4A:21:F2:C5:6D:94:BE:52 ValidityTue, 10 Oct 2023 00:00:00 GMT - Thu, 19 Sep 2024 23:59:59 GMT File type ASCII text, with very long lines (4517), with no line terminators Size 3.9 kB (3886 bytes) Hash 8257992535df9d6dba2c239f4d195270 71011339f68756f390098e8222088f6648641daa 0a22d4fcc3ff917caa73e8b3c6af6adf09ae80210cdb35b681f0aa7bcdad541f HTTP Headers `GET /js/js.cookie.js HTTP/1.1 Host: d2i5a4y6yksdm0.cloudfront.net User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: /* Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br DNT: 1 Connection: keep-alive Referer: https://www2.tiltwin.com/ Sec-Fetch-Dest: script Sec-Fetch-Mode: no-cors Sec-Fetch-Site: cross-site Pragma: no-cache Cache-Control: no-cache` `HTTP/2 200 OK content-type: application/javascript; charset=utf-8 server: nginx/1.14.0 (Ubuntu) last-modified: Sun, 13 May 2018 17:24:12 GMT x-cache-status: HIT content-encoding: br date: Sun, 03 Dec 2023 11:35:55 GMT etag: W/"5af874bc-f2e" vary: Accept-Encoding x-cache: Hit from cloudfront via: 1.1 f66e3db0f0449307dba3fbf72bbf3bac.cloudfront.net (CloudFront) x-amz-cf-pop: OSL50-C1 x-amz-cf-id: YhwyzqUOeuE5g67yef-fXSdW7wRwpvVZ7vdyet7x02NRfYA1YVbriw== age: 12971 X-Firefox-Spdy: h2`

	tracker.tiltwin.com/rotate/194?P=3-clm90kjjjqlse8naof1g&A=5622&B=85287__15704ff106c&aff_sub4=16fdd538-91e8-11ee-9de0-b924da04a038&email=&aff_sub2=	18.184.180.82	302 Found	17 kB
URL User Request GET HTTP/2 tracker.tiltwin.com/rotate/194?P=3-clm90kjjjqlse8naof1g&A=5622&B=85287__15704ff106c&aff_sub4=16fdd538-91e8-11ee-9de0-b924da04a038&email=&aff_sub2= IP 18.184.180.82:443 ASN #16509 AMAZON-02 Certificate IssuerLet's Encrypt Subjecttracker.tiltwin.com Fingerprint6B:62:6D:A7:E8:09:3B:2D:BC:A1:1E:3E:FB:2A:EF:C0:5E:E0:6F:9D ValidityFri, 13 Oct 2023 09:08:39 GMT - Thu, 11 Jan 2024 09:08:38 GMT File type Size 17 kB (17227 bytes) Hash d41d8cd98f00b204e9800998ecf8427e da39a3ee5e6b4b0d3255bfef95601890afd80709 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 HTTP Headers GET /rotate/194?P=3-clm90kjjjqlse8naof1g&A=5622&B=85287__15704ff106c&aff_sub4=16fdd538-91e8-11ee-9de0-b924da04a038&email=&aff_sub2= HTTP/1.1 Host: tracker.tiltwin.com User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,/;q=0.8 Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br DNT: 1 Connection: keep-alive Upgrade-Insecure-Requests: 1 Sec-Fetch-Dest: document Sec-Fetch-Mode: navigate Sec-Fetch-Site: cross-site Pragma: no-cache Cache-Control: no-cache HTTP/2 302 Found server: nginx/1.14.0 (Ubuntu) date: Sun, 03 Dec 2023 14:27:30 GMT content-type: text/html; charset=UTF-8 location: https://www2.tiltwin.com/no/landing/155/574?A=5622 set-cookie: tracking_data=%7B%22P%22%3A%223-clm90kjjjqlse8naof1g%22%2C%22A%22%3A%225622%22%2C%22B%22%3A%2285287__15704ff106c%22%2C%22aff_sub4%22%3A%2216fdd538-91e8-11ee-9de0-b924da04a038%22%2C%22email%22%3Anull%2C%22aff_sub2%22%3Anull%2C%22market%22%3A%22no%22%2C%22path%22%3A%22landing%5C%2F155%5C%2F574%22%2C%22country%22%3A%22NO%22%2C%22page%22%3A%22155%22%2C%22template%22%3A%22574%22%2C%22clickin_ip%22%3A%2291.90.42.154%22%2C%22token%22%3A%22lppku02j%22%2C%22M%22%3A1144%7D; expires=Mon, 04-Dec-2023 14:27:30 GMT; Max-Age=86400; path=/; domain=tiltwin.com impression_data=deleted; expires=Thu, 01-Jan-1970 00:00:01 GMT; Max-Age=0; path=/; domain=tiltwin.com tw_session=eyJpdiI6IjVqaHRsa3lVXC9tdEp6SHpnSWdUcG13PT0iLCJ2YWx1ZSI6IitkV1p6Y1N6Rit6SFwvb0ZocXpYMGwxQStQZ2RHQzdaZDd2aEhveVRxd2FORzZoejNZZHhldmdDcDBwdXhEM3AwIiwibWFjIjoiMDcwYzI4MGMyM2NmNGJlY2Y4ZDFlNDU0ZWQ1ZDhlZmQ5MTIxMGU2OWQ5ZjFjNjgyMmI5OWUyODgwMjFiNDJiNCJ9; expires=Mon, 11-Dec-2023 22:27:30 GMT; Max-Age=720000; path=/; domain=tiltwin.com cache-control: private, must-revalidate pragma: no-cache expires: -1 X-Firefox-Spdy: h2

	d2i5a4y6yksdm0.cloudfront.net/css/lp/574/style.css	143.204.42.96	200 OK	9.2 kB
URL GET HTTP/2 d2i5a4y6yksdm0.cloudfront.net/css/lp/574/style.css IP 143.204.42.96:443 ASN #16509 AMAZON-02 Requested by https://www2.tiltwin.com/no/landing/155/574?A=5622 Certificate IssuerAmazon Subject.cloudfront.net FingerprintFA:21:45:DC:4D:94:03:A3:09:77:51:78:4A:21:F2:C5:6D:94:BE:52 ValidityTue, 10 Oct 2023 00:00:00 GMT - Thu, 19 Sep 2024 23:59:59 GMT File type ASCII text, with very long lines (9628), with no line terminators Size 9.2 kB (9154 bytes) Hash 39ede8222a0bb941d9535da5e893a37a 74bf9f1242a24985e6e7410d84d6d38dbb38a1d2 a8e82a9f09eff4ddf84e65a929fed49ef5f3a067b39bcddfbf0b8794f0922e7d HTTP Headers `GET /css/lp/574/style.css HTTP/1.1 Host: d2i5a4y6yksdm0.cloudfront.net User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: text/css,/*;q=0.1 Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br DNT: 1 Connection: keep-alive Referer: https://www2.tiltwin.com/ Sec-Fetch-Dest: style Sec-Fetch-Mode: no-cors Sec-Fetch-Site: cross-site Pragma: no-cache Cache-Control: no-cache` `HTTP/2 200 OK content-type: text/css server: nginx/1.14.0 (Ubuntu) date: Sat, 02 Dec 2023 20:59:38 GMT last-modified: Tue, 06 Apr 2021 18:36:43 GMT etag: W/"606caa3b-23c2" x-cache-status: MISS content-encoding: gzip vary: Accept-Encoding x-cache: Hit from cloudfront via: 1.1 f66e3db0f0449307dba3fbf72bbf3bac.cloudfront.net (CloudFront) x-amz-cf-pop: OSL50-C1 x-amz-cf-id: vtNyQk5MEp20-2boYzbVTSOluUL37SluY7M146nCF8P5Wnr5seBAsg== age: 62873 X-Firefox-Spdy: h2`

	d2i5a4y6yksdm0.cloudfront.net/images/lp/574/hint-bg.jpg	143.204.42.96	200 OK	15 kB
URL GET HTTP/2 d2i5a4y6yksdm0.cloudfront.net/images/lp/574/hint-bg.jpg IP 143.204.42.96:443 ASN #16509 AMAZON-02 Requested by https://www2.tiltwin.com/no/landing/155/574?A=5622 Certificate IssuerAmazon Subject.cloudfront.net FingerprintFA:21:45:DC:4D:94:03:A3:09:77:51:78:4A:21:F2:C5:6D:94:BE:52 ValidityTue, 10 Oct 2023 00:00:00 GMT - Thu, 19 Sep 2024 23:59:59 GMT File type JPEG image data, Exif standard: [TIFF image data, little-endian, direntries=0], baseline, precision 8, 729x104, components 3\012- data Size 15 kB (14725 bytes) Hash 0a888847143630d0d32d6a1c07bbd420 7680e65b7e67d78a092dbef31e532e9a2f4612f3 5fa3072f292f8edafb050ded6c7e139c3ebac45fdce1633e8a83dda02a638370 HTTP Headers `GET /images/lp/574/hint-bg.jpg HTTP/1.1 Host: d2i5a4y6yksdm0.cloudfront.net User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: image/avif,image/webp,/* Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br DNT: 1 Connection: keep-alive Referer: https://d2i5a4y6yksdm0.cloudfront.net/css/lp/574/style.css Sec-Fetch-Dest: image Sec-Fetch-Mode: no-cors Sec-Fetch-Site: same-origin Pragma: no-cache Cache-Control: no-cache` `HTTP/2 200 OK content-type: image/jpeg content-length: 14725 server: nginx/1.14.0 (Ubuntu) date: Sat, 02 Dec 2023 16:46:28 GMT last-modified: Wed, 05 Aug 2020 12:12:54 GMT etag: "5f2aa246-3985" x-cache-status: MISS accept-ranges: bytes x-cache: Hit from cloudfront via: 1.1 f66e3db0f0449307dba3fbf72bbf3bac.cloudfront.net (CloudFront) x-amz-cf-pop: OSL50-C1 x-amz-cf-id: 2BjEJB2h6yq9vOM03uj1VoRt8MIcQRSZYUFbwNwnNo4At7eALegG8w== age: 78064 X-Firefox-Spdy: h2`

	www2.tiltwin.com/no/landing/155/574?A=5622	18.184.180.82	200 OK	17 kB
URL User Request GET HTTP/2 www2.tiltwin.com/no/landing/155/574?A=5622 IP 18.184.180.82:443 ASN #16509 AMAZON-02 Certificate IssuerLet's Encrypt Subjectwww2.tiltwin.com FingerprintB2:78:68:F7:B5:EC:53:5E:46:3C:B0:B9:0B:48:84:B5:A1:3C:54:71 ValidityThu, 12 Oct 2023 04:46:04 GMT - Wed, 10 Jan 2024 04:46:03 GMT File type Size 17 kB (17227 bytes) Hash d41d8cd98f00b204e9800998ecf8427e da39a3ee5e6b4b0d3255bfef95601890afd80709 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 HTTP Headers GET /no/landing/155/574?A=5622 HTTP/1.1 Host: www2.tiltwin.com User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,/;q=0.8 Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br DNT: 1 Connection: keep-alive Cookie: tracking_data=%7B%22P%22%3A%223-clm90kjjjqlse8naof1g%22%2C%22A%22%3A%225622%22%2C%22B%22%3A%2285287__15704ff106c%22%2C%22aff_sub4%22%3A%2216fdd538-91e8-11ee-9de0-b924da04a038%22%2C%22email%22%3Anull%2C%22aff_sub2%22%3Anull%2C%22market%22%3A%22no%22%2C%22path%22%3A%22landing%5C%2F155%5C%2F574%22%2C%22country%22%3A%22NO%22%2C%22page%22%3A%22155%22%2C%22template%22%3A%22574%22%2C%22clickin_ip%22%3A%2291.90.42.154%22%2C%22token%22%3A%22lppku02j%22%2C%22M%22%3A1144%7D; tw_session=eyJpdiI6IjVqaHRsa3lVXC9tdEp6SHpnSWdUcG13PT0iLCJ2YWx1ZSI6IitkV1p6Y1N6Rit6SFwvb0ZocXpYMGwxQStQZ2RHQzdaZDd2aEhveVRxd2FORzZoejNZZHhldmdDcDBwdXhEM3AwIiwibWFjIjoiMDcwYzI4MGMyM2NmNGJlY2Y4ZDFlNDU0ZWQ1ZDhlZmQ5MTIxMGU2OWQ5ZjFjNjgyMmI5OWUyODgwMjFiNDJiNCJ9 Upgrade-Insecure-Requests: 1 Sec-Fetch-Dest: document Sec-Fetch-Mode: navigate Sec-Fetch-Site: cross-site Pragma: no-cache Cache-Control: no-cache `HTTP/2 200 OK server: nginx/1.14.0 (Ubuntu) date: Sun, 03 Dec 2023 14:27:31 GMT content-type: text/html; charset=UTF-8 cache-control: private, must-revalidate pragma: no-cache expires: -1 x-cache-status: MISS content-encoding: gzip X-Firefox-Spdy: h2`

	d2i5a4y6yksdm0.cloudfront.net/js/email.js	143.204.42.96	200 OK	7.7 kB
URL GET HTTP/2 d2i5a4y6yksdm0.cloudfront.net/js/email.js IP 143.204.42.96:443 ASN #16509 AMAZON-02 Requested by https://www2.tiltwin.com/no/landing/155/574?A=5622 Certificate IssuerAmazon Subject.cloudfront.net FingerprintFA:21:45:DC:4D:94:03:A3:09:77:51:78:4A:21:F2:C5:6D:94:BE:52 ValidityTue, 10 Oct 2023 00:00:00 GMT - Thu, 19 Sep 2024 23:59:59 GMT File type ASCII text, with very long lines (7991), with no line terminators Size 7.7 kB (7660 bytes) Hash ae8f3c295b371cdda83939d5f711bf88 ed423bca99d641b2b10cf8e95eb33771b2650c8d 1668c81c020c42102c2743e4c8cf0a4507cc77dc60743df8e793977ad03774d9 HTTP Headers `GET /js/email.js HTTP/1.1 Host: d2i5a4y6yksdm0.cloudfront.net User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: /* Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br DNT: 1 Connection: keep-alive Referer: https://www2.tiltwin.com/ Sec-Fetch-Dest: script Sec-Fetch-Mode: no-cors Sec-Fetch-Site: cross-site Pragma: no-cache Cache-Control: no-cache` `HTTP/2 200 OK content-type: application/javascript; charset=utf-8 server: nginx/1.14.0 (Ubuntu) last-modified: Wed, 01 Apr 2020 16:25:34 GMT x-cache-status: MISS content-encoding: gzip date: Sun, 03 Dec 2023 12:07:19 GMT etag: W/"5e84c07e-1dec" vary: Accept-Encoding x-cache: Hit from cloudfront via: 1.1 f66e3db0f0449307dba3fbf72bbf3bac.cloudfront.net (CloudFront) x-amz-cf-pop: OSL50-C1 x-amz-cf-id: ZOlP10SPEGtcGKhd2YKykPW4_FJqFnGPJzlm32GtFinD4c5GAdCOZA== age: 25366 X-Firefox-Spdy: h2`

	www2.tiltwin.com/no/landing/fonts/IntroBold.ttf	18.184.180.82	404 Not Found	1.6 kB
URL GET HTTP/2 www2.tiltwin.com/no/landing/fonts/IntroBold.ttf IP 18.184.180.82:443 ASN #16509 AMAZON-02 Requested by https://www2.tiltwin.com/no/landing/155/574?A=5622 Certificate IssuerLet's Encrypt Subjectwww2.tiltwin.com FingerprintB2:78:68:F7:B5:EC:53:5E:46:3C:B0:B9:0B:48:84:B5:A1:3C:54:71 ValidityThu, 12 Oct 2023 04:46:04 GMT - Wed, 10 Jan 2024 04:46:03 GMT File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document text\012- exported SGML document, ASCII text, with very long lines (1647), with no line terminators Size 1.6 kB (1563 bytes) Hash 317bf5cc7f1d16294f9d7b663e3fa77c 0ae15d263bc1b9c83a2e6b71cdb9055b13ee9e50 c9a7e4a2163503448c1580e80012368dafea92f40b9fd9a4fda92f229328eace HTTP Headers GET /no/landing/fonts/IntroBold.ttf HTTP/1.1 Host: www2.tiltwin.com User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,/;q=0.8 Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br DNT: 1 Connection: keep-alive Referer: https://www2.tiltwin.com/no/landing/155/574?A=5622 Cookie: tracking_data=%7B%22P%22%3A%223-clm90kjjjqlse8naof1g%22%2C%22A%22%3A%225622%22%2C%22B%22%3A%2285287__15704ff106c%22%2C%22aff_sub4%22%3A%2216fdd538-91e8-11ee-9de0-b924da04a038%22%2C%22email%22%3Anull%2C%22aff_sub2%22%3Anull%2C%22market%22%3A%22no%22%2C%22path%22%3A%22landing%5C%2F155%5C%2F574%22%2C%22country%22%3A%22NO%22%2C%22page%22%3A%22155%22%2C%22template%22%3A%22574%22%2C%22clickin_ip%22%3A%2291.90.42.154%22%2C%22token%22%3A%22lppku02j%22%2C%22M%22%3A1144%7D; tw_session=eyJpdiI6IjVqaHRsa3lVXC9tdEp6SHpnSWdUcG13PT0iLCJ2YWx1ZSI6IitkV1p6Y1N6Rit6SFwvb0ZocXpYMGwxQStQZ2RHQzdaZDd2aEhveVRxd2FORzZoejNZZHhldmdDcDBwdXhEM3AwIiwibWFjIjoiMDcwYzI4MGMyM2NmNGJlY2Y4ZDFlNDU0ZWQ1ZDhlZmQ5MTIxMGU2OWQ5ZjFjNjgyMmI5OWUyODgwMjFiNDJiNCJ9 Sec-Fetch-Dest: font Sec-Fetch-Mode: cors Sec-Fetch-Site: same-origin Pragma: no-cache Cache-Control: no-cache `HTTP/2 404 Not Found server: nginx/1.14.0 (Ubuntu) date: Sun, 03 Dec 2023 14:27:32 GMT content-type: text/html; charset=UTF-8 cache-control: no-cache, private pragma: no-cache expires: -1 content-encoding: gzip X-Firefox-Spdy: h2`

	d2i5a4y6yksdm0.cloudfront.net/images/arrow-up.png	143.204.42.96	200 OK	1.8 kB
URL GET HTTP/2 d2i5a4y6yksdm0.cloudfront.net/images/arrow-up.png IP 143.204.42.96:443 ASN #16509 AMAZON-02 Requested by https://www2.tiltwin.com/no/landing/155/574?A=5622 Certificate IssuerAmazon Subject.cloudfront.net FingerprintFA:21:45:DC:4D:94:03:A3:09:77:51:78:4A:21:F2:C5:6D:94:BE:52 ValidityTue, 10 Oct 2023 00:00:00 GMT - Thu, 19 Sep 2024 23:59:59 GMT File type PNG image data, 30 x 15, 8-bit/color RGBA, non-interlaced\012- data Size 1.8 kB (1756 bytes) Hash 7be70e54560a27609532935253b1e0b5 d78ebcbed3d2e898f2d113842109b9f36218eaad ecae0dc020262a5fcbf7d216c27cb4ab482807311e25312e5d812183472bf398 HTTP Headers `GET /images/arrow-up.png HTTP/1.1 Host: d2i5a4y6yksdm0.cloudfront.net User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: image/avif,image/webp,/* Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br DNT: 1 Connection: keep-alive Referer: https://www2.tiltwin.com/ Sec-Fetch-Dest: image Sec-Fetch-Mode: no-cors Sec-Fetch-Site: cross-site Pragma: no-cache Cache-Control: no-cache` `HTTP/2 200 OK content-type: image/png content-length: 1756 server: nginx/1.14.0 (Ubuntu) last-modified: Thu, 12 Jul 2018 16:49:11 GMT x-cache-status: MISS accept-ranges: bytes date: Sun, 03 Dec 2023 12:30:05 GMT etag: "5b478687-6dc" vary: Accept-Encoding x-cache: Hit from cloudfront via: 1.1 f66e3db0f0449307dba3fbf72bbf3bac.cloudfront.net (CloudFront) x-amz-cf-pop: OSL50-C1 x-amz-cf-id: 5JlD1e1FfWUeGYPAKcdEgIlJPRhc5DDFcuZF1xjQuQpi5aZ71MVt9Q== age: 8682 X-Firefox-Spdy: h2`

	d2i5a4y6yksdm0.cloudfront.net/images/arrow-down.png	143.204.42.96	200 OK	1.8 kB
URL GET HTTP/2 d2i5a4y6yksdm0.cloudfront.net/images/arrow-down.png IP 143.204.42.96:443 ASN #16509 AMAZON-02 Requested by https://www2.tiltwin.com/no/landing/155/574?A=5622 Certificate IssuerAmazon Subject.cloudfront.net FingerprintFA:21:45:DC:4D:94:03:A3:09:77:51:78:4A:21:F2:C5:6D:94:BE:52 ValidityTue, 10 Oct 2023 00:00:00 GMT - Thu, 19 Sep 2024 23:59:59 GMT File type PNG image data, 30 x 15, 8-bit/color RGBA, non-interlaced\012- data Size 1.8 kB (1757 bytes) Hash f2ec75bcfd4ef971fdf9f94bfae939d4 1da4a74612c91011c70b6dec60415b0913356115 2eb6cad7d97dcb417abf1b893dd46385405504196983a251909f40c9965d71d0 HTTP Headers `GET /images/arrow-down.png HTTP/1.1 Host: d2i5a4y6yksdm0.cloudfront.net User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: image/avif,image/webp,/* Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br DNT: 1 Connection: keep-alive Referer: https://www2.tiltwin.com/ Sec-Fetch-Dest: image Sec-Fetch-Mode: no-cors Sec-Fetch-Site: cross-site Pragma: no-cache Cache-Control: no-cache` `HTTP/2 200 OK content-type: image/png content-length: 1757 server: nginx/1.14.0 (Ubuntu) last-modified: Thu, 12 Jul 2018 16:49:11 GMT x-cache-status: MISS accept-ranges: bytes date: Sun, 03 Dec 2023 14:27:32 GMT etag: "5b478687-6dd" vary: Accept-Encoding x-cache: Hit from cloudfront via: 1.1 f66e3db0f0449307dba3fbf72bbf3bac.cloudfront.net (CloudFront) x-amz-cf-pop: OSL50-C1 x-amz-cf-id: 2ewoS8V0Y31FavQdPgdUNL-8licOL-x-iDZ_0-iGn303ov1fxURNtQ== age: 1461 X-Firefox-Spdy: h2`

Report Overview

Domain Summary

Related reports

Network Intrusion Detection Systems

Suricata /w Emerging Threats Pro

Threat Detection Systems

Public InfoSec YARA rules

OpenPhish

PhishTank

mnemonic secure dns

Quad9 DNS

ThreatFox

JavaScript (23)

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by