urlscan.io logo urlscan.io
SecurityTrails logo

www2.tiltwin.com Open in urlscan Pro
18.184.180.82  Public Scan

Go To Rescan Add Verdict Report
Submitted URL: https://new-casino.live/
Effective URL: https://www2.tiltwin.com/de/landing/092/007?A=5768
Submission: On September 25 via api from BE — Scanned from DE
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 7 IPs in 5 countries across 11 domains to perform 20 HTTP transactions. The main IP is 18.184.180.82, located in Frankfurt am Main, Germany and belongs to AMAZON-02, US. The main domain is www2.tiltwin.com.
TLS certificate: Issued by R3 on August 19th 2021. Valid for: 3 months.
This is the only time www2.tiltwin.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
1 1 2a03:6f00:6:1... 9123 (TIMEWEB-AS)
1 1 194.226.49.186 43581 (ZTVCORP-AS)
1 1 213.227.135.213 60781 (LEASEWEB-...)
1 1 54.155.11.25 16509 (AMAZON-02)
1 2 18.184.180.82 16509 (AMAZON-02)
1 2a00:1450:400... 15169 (GOOGLE)
2 2606:4700:303... 13335 (CLOUDFLAR...)
2 2606:4700::68... 13335 (CLOUDFLAR...)
11 2600:9000:215... 16509 (AMAZON-02)
1 2001:4de0:ac1... 20446 (HIGHWINDS3)
2 2a00:1450:400... 15169 (GOOGLE)
20 7
1    2a03:6f00:6:1::bce1:28a1 (Russian Federation)

ASN9123 (TIMEWEB-AS, RU)
new-casino.live
1    194.226.49.186 (Tolyatti, Russian Federation)

ASN43581 (ZTVCORP-AS, RU)
PTR: vps15956.ztv.su
real-males.site
1    213.227.135.213 (Netherlands)

ASN60781 (LEASEWEB-NL-AMS-01 Netherlands, NL)
track.whiskysour.xyz
1    54.155.11.25 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-54-155-11-25.eu-west-1.compute.amazonaws.com
c.tilttrk.com
2    18.184.180.82 (Frankfurt am Main, Germany)

ASN16509 (AMAZON-02, US)
PTR: ec2-18-184-180-82.eu-central-1.compute.amazonaws.com
tracker.tiltwin.com
www2.tiltwin.com
1    2a00:1450:4001:830::2008 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.googletagmanager.com
2    2606:4700:3031::ac43:d645 (United States)

ASN13335 (CLOUDFLARENET, US)
use.fontawesome.com
2    2606:4700::6812:acf (United States)

ASN13335 (CLOUDFLARENET, US)
stackpath.bootstrapcdn.com
11    2600:9000:2156:d800:10:365b:fa00:21 (United States)

ASN16509 (AMAZON-02, US)
d2i5a4y6yksdm0.cloudfront.net
1    2001:4de0:ac18::1:a:1b (Netherlands)

ASN20446 (HIGHWINDS3, US)
code.jquery.com
2    2a00:1450:4001:831::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.google-analytics.com
Domain Requested by
11 d2i5a4y6yksdm0.cloudfront.net www2.tiltwin.com
2 www.google-analytics.com www.googletagmanager.com
www.google-analytics.com
2 stackpath.bootstrapcdn.com www2.tiltwin.com
2 use.fontawesome.com www2.tiltwin.com
use.fontawesome.com
1 code.jquery.com www2.tiltwin.com
1 www.googletagmanager.com www2.tiltwin.com
1 www2.tiltwin.com
1 tracker.tiltwin.com 1 redirects
1 c.tilttrk.com 1 redirects
1 track.whiskysour.xyz 1 redirects
1 real-males.site 1 redirects
1 new-casino.live 1 redirects
20 12

This site contains links to these domains. Also see Links.

Domain
www.begambleaware.org
www.gamblingtherapy.org
Subject Issuer Validity Valid
www2.tiltwin.com
R3		 2021-08-19 -
2021-11-17		 3 months crt.sh
*.google-analytics.com
GTS CA 1C3		 2021-08-30 -
2021-11-22		 3 months crt.sh
sni.cloudflaressl.com
Cloudflare Inc ECC CA-3		 2021-07-07 -
2022-07-06		 a year crt.sh
*.cloudfront.net
Amazon		 2021-03-19 -
2022-03-17		 a year crt.sh
*.jquery.com
Sectigo RSA Domain Validation Secure Server CA		 2021-07-14 -
2022-08-14		 a year crt.sh

This page contains 1 frames:

Primary Page: https://www2.tiltwin.com/de/landing/092/007?A=5768
Frame ID: E03AC67FAABC77C9F4F1427A1E68E178
Requests: 20 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page URL History Show full URLs

  1. https://new-casino.live/ HTTP 301
    https://real-males.site/click.php?key=y9796wzi7avvfesmqo4l HTTP 302
    https://track.whiskysour.xyz/click?pid=18260&offer_id=6555 HTTP 302
    https://c.tilttrk.com/?a=5768&c=4&E=SLDmOELmScE%3d&s1&s2=18260&s4=614ee868bb092800011f7626 HTTP 302
    https://tracker.tiltwin.com/rotate/25?P=3-c57egq6nb54s0q0piin0&A=5768&B=18260&aff_sub4=614ee868bb0928000... HTTP 302
    https://www2.tiltwin.com/de/landing/092/007?A=5768 Page URL

Detected technologies

Overall confidence: 100%
Detected patterns
  • <link[^>]* href=[^>]*?bootstrap(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)[^>]*?(?:\.min)?\.css
  • bootstrap(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)[^>]*?(?:\.min)?\.js
Overall confidence: 100%
Detected patterns
  • <link[^>]* href=[^>]*?(?:F|f)o(?:n|r)t-?(?:A|a)wesome(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)
  • (?:F|f)o(?:n|r)t-?(?:A|a)wesome(?:.*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)
Overall confidence: 100%
Detected patterns
  • google-analytics\.com/(?:ga|urchin|analytics)\.js
Overall confidence: 100%
Detected patterns
  • googletagmanager\.com/gtag/js
Overall confidence: 100%
Detected patterns
  • jquery[.-]([\d.]*\d)[^/]*\.js
  • jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?

Page Statistics

20
Requests

100 %
HTTPS

64 %
IPv6

11
Domains

12
Subdomains

7
IPs

5
Countries

813 kB
Transfer

1214 kB
Size

12
Cookies

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

  1. https://new-casino.live/ HTTP 301
    https://real-males.site/click.php?key=y9796wzi7avvfesmqo4l HTTP 302
    https://track.whiskysour.xyz/click?pid=18260&offer_id=6555 HTTP 302
    https://c.tilttrk.com/?a=5768&c=4&E=SLDmOELmScE%3d&s1&s2=18260&s4=614ee868bb092800011f7626 HTTP 302
    https://tracker.tiltwin.com/rotate/25?P=3-c57egq6nb54s0q0piin0&A=5768&B=18260&aff_sub4=614ee868bb092800011f7626&email=&aff_sub2=&s1 HTTP 302
    https://www2.tiltwin.com/de/landing/092/007?A=5768 Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

20 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
Primary Request 007
www2.tiltwin.com/de/landing/092/
Redirect Chain
  • https://new-casino.live/
  • https://real-males.site/click.php?key=y9796wzi7avvfesmqo4l
  • https://track.whiskysour.xyz/click?pid=18260&offer_id=6555
  • https://c.tilttrk.com/?a=5768&c=4&E=SLDmOELmScE%3d&s1&s2=18260&s4=614ee868bb092800011f7626
  • https://tracker.tiltwin.com/rotate/25?P=3-c57egq6nb54s0q0piin0&A=5768&B=18260&aff_sub4=614ee868bb092800011f7626&email=&aff_sub2=&s1
  • https://www2.tiltwin.com/de/landing/092/007?A=5768
24 KB
7 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://www2.tiltwin.com/de/landing/092/007?A=5768
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
18.184.180.82 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-18-184-180-82.eu-central-1.compute.amazonaws.com
Software
nginx/1.14.0 (Ubuntu) /
Resource Hash
4a9181218d37b520a5e665e3330222b95a8f0ad48d9119c4a9bd10a4cf6a29e0

Request headers

:method
GET
:authority
www2.tiltwin.com
:scheme
https
:path
/de/landing/092/007?A=5768
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
accept-language
de-DE,de;q=0.9
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
none
sec-fetch-mode
navigate
sec-fetch-user
?1
sec-fetch-dest
document
accept-encoding
gzip, deflate, br
cookie
tracking_data=%7B%22P%22%3A%223-c57egq6nb54s0q0piin0%22%2C%22A%22%3A%225768%22%2C%22B%22%3A%2218260%22%2C%22aff_sub4%22%3A%22614ee868bb092800011f7626%22%2C%22email%22%3Anull%2C%22aff_sub2%22%3Anull%2C%22s1%22%3Anull%2C%22market%22%3A%22de%22%2C%22path%22%3A%22landing%5C%2F092%5C%2F007%22%2C%22country%22%3A%22DE%22%2C%22page%22%3A%22092%22%2C%22template%22%3A%22007%22%2C%22clickin_ip%22%3A%22136.243.198.87%22%2C%22token%22%3A%22ktzktjpj%22%2C%22M%22%3A748%7D; tw_session=eyJpdiI6ImIwWVFWTTZJYTdqYkdmYzdCbEU5M2c9PSIsInZhbHVlIjoiaW1PaDV4RUZPeFZVUzU0TlVEd3N1NlBtRk5IM0Q5UkVpVElOUU1ENjNpRStuK3ozV0tSZ2NGdEhlXC9vTVBGNUMiLCJtYWMiOiI1OWZmMDk2MGM5ZmQ4YjNlNDU0NTA2NzdlZTI2NjBjNzhhMmQ0ZmIzYzY5ZWViMmZjODFiNDc4M2U4MTE4Nzc4In0%3D
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Accept-Language
de-DE,de;q=0.9

Response headers

server
nginx/1.14.0 (Ubuntu)
date
Sat, 25 Sep 2021 09:14:16 GMT
content-type
text/html; charset=UTF-8
cache-control
private, must-revalidate
pragma
no-cache
expires
-1
x-cache-status
MISS
content-encoding
gzip

Redirect headers

server
nginx/1.14.0 (Ubuntu)
date
Sat, 25 Sep 2021 09:14:16 GMT
content-type
text/html; charset=UTF-8
location
https://www2.tiltwin.com/de/landing/092/007?A=5768
set-cookie
tracking_data=%7B%22P%22%3A%223-c57egq6nb54s0q0piin0%22%2C%22A%22%3A%225768%22%2C%22B%22%3A%2218260%22%2C%22aff_sub4%22%3A%22614ee868bb092800011f7626%22%2C%22email%22%3Anull%2C%22aff_sub2%22%3Anull%2C%22s1%22%3Anull%2C%22market%22%3A%22de%22%2C%22path%22%3A%22landing%5C%2F092%5C%2F007%22%2C%22country%22%3A%22DE%22%2C%22page%22%3A%22092%22%2C%22template%22%3A%22007%22%2C%22clickin_ip%22%3A%22136.243.198.87%22%2C%22token%22%3A%22ktzktjpj%22%2C%22M%22%3A748%7D; expires=Sun, 26-Sep-2021 09:14:16 GMT; Max-Age=86400; path=/; domain=tiltwin.com impression_data=deleted; expires=Thu, 01-Jan-1970 00:00:01 GMT; Max-Age=0; path=/; domain=tiltwin.com tw_session=eyJpdiI6ImIwWVFWTTZJYTdqYkdmYzdCbEU5M2c9PSIsInZhbHVlIjoiaW1PaDV4RUZPeFZVUzU0TlVEd3N1NlBtRk5IM0Q5UkVpVElOUU1ENjNpRStuK3ozV0tSZ2NGdEhlXC9vTVBGNUMiLCJtYWMiOiI1OWZmMDk2MGM5ZmQ4YjNlNDU0NTA2NzdlZTI2NjBjNzhhMmQ0ZmIzYzY5ZWViMmZjODFiNDc4M2U4MTE4Nzc4In0%3D; expires=Sun, 03-Oct-2021 17:14:16 GMT; Max-Age=720000; path=/; domain=tiltwin.com
cache-control
private, must-revalidate
pragma
no-cache
expires
-1
js
www.googletagmanager.com/gtag/ 		97 KB
39 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagmanager.com/gtag/js?id=UA-144971979-1
Requested by
Host: www2.tiltwin.com
URL: https://www2.tiltwin.com/de/landing/092/007?A=5768
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:830::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
102ae6e604c9b6fdecf8925bee9ec6b385fec502c219e4d6c550ed2ff78f9b54
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www2.tiltwin.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Sat, 25 Sep 2021 09:14:16 GMT
content-encoding
br
server
Google Tag Manager
access-control-allow-headers
Cache-Control
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
strict-transport-security
max-age=31536000; includeSubDomains
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
39276
x-xss-protection
0
expires
Sat, 25 Sep 2021 09:14:16 GMT
all.css
use.fontawesome.com/releases/v5.1.0/css/ 		45 KB
11 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://use.fontawesome.com/releases/v5.1.0/css/all.css
Requested by
Host: www2.tiltwin.com
URL: https://www2.tiltwin.com/de/landing/092/007?A=5768
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3031::ac43:d645 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
ce91e2144ea27f82292ef2c87c5d9e1d0b9994df63836130293865aca18fc550

Request headers

Referer
https://www2.tiltwin.com/
Origin
https://www2.tiltwin.com
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Sat, 25 Sep 2021 09:14:16 GMT
content-encoding
br
vary
Origin, Access-Control-Request-Headers, Access-Control-Request-Method, Accept-Encoding
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
6959116
access-control-allow-methods
GET
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
x-amz-request-id
7DYWZC9MFRTB855W
x-amz-id-2
OFxov40xKz71ea8xthIOJa6yU1qIszGw4dL7hGxYZ4aIxHjHf71zsB5Hc5hxjSl0shD404Da73k=
last-modified
Wed, 30 Jun 2021 15:30:31 GMT
server
cloudflare
etag
W/"826c57385f3d35cfed5478ba7b1f5c03"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
access-control-max-age
3000
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=eoNZDA4EWBBtHtYMIqwp9GpB1UoetRpARHNYcvFxfeSuOwZztaCKzj%2BItAAZQSqvb3S3fxLik0jomoGjv2aq4XP7GH1XOReYJt3%2BI%2FDbW6nf9qCTdQ3dRZwFf0yvYoxgLoKw0usSKbe%2BfCVk3nKni6aK"}],"group":"cf-nel","max_age":604800}
content-type
text/css
access-control-allow-origin
*
cache-control
max-age=31556926
cf-ray
6943242fedaa6983-FRA
bootstrap.min.css
stackpath.bootstrapcdn.com/bootstrap/4.1.1/css/ 		138 KB
22 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://stackpath.bootstrapcdn.com/bootstrap/4.1.1/css/bootstrap.min.css
Requested by
Host: www2.tiltwin.com
URL: https://www2.tiltwin.com/de/landing/092/007?A=5768
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6812:acf , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
31df1e69ea3aece8a8bae5c08bcb7f5e977cb76f886897b301355359b66a48ec
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://www2.tiltwin.com/
Origin
https://www2.tiltwin.com
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Sat, 25 Sep 2021 09:14:16 GMT
content-encoding
br
x-content-type-options
nosniff
cf-cache-status
HIT
cdn-edgestorageid
752, 617, 617
age
916555
cdn-cachedat
2021-07-24 04:27:41
cdn-pullzone
252412
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
timing-allow-origin
*
access-control-allow-origin
*
last-modified
Mon, 25 Jan 2021 22:04:05 GMT
server
cloudflare
cdn-requestpullcode
200
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security
max-age=31536000; includeSubDomains; preload
content-type
text/css; charset=utf-8
cdn-cache
HIT
vary
Accept-Encoding
cache-control
public, max-age=31919000
cdn-uid
b1941f61-b576-4f40-80de-5677acb38f74
cdn-requestid
ecc762a8a33456a2e5d604ebd0fa52ac
cf-ray
6943242f8ca01f41-FRA
cdn-requestcountrycode
DE
cdn-status
200
cdn-requestpullsuccess
True
logo.png
d2i5a4y6yksdm0.cloudfront.net/images/ 		5 KB
5 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://d2i5a4y6yksdm0.cloudfront.net/images/logo.png
Requested by
Host: www2.tiltwin.com
URL: https://www2.tiltwin.com/de/landing/092/007?A=5768
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:2156:d800:10:365b:fa00:21 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
nginx/1.14.0 (Ubuntu) /
Resource Hash
e7d81fe60417eafac1121ec2e80a2ef65234de45a2ab0841225fffce88766636

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www2.tiltwin.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Sat, 25 Sep 2021 09:14:16 GMT
via
1.1 b44e2902bb3501d47514e51618f1bda5.cloudfront.net (CloudFront)
last-modified
Wed, 11 Apr 2018 12:31:41 GMT
server
nginx/1.14.0 (Ubuntu)
x-edge-origin-shield-skipped
0
etag
"5ace002d-133b"
x-cache-status
HIT
x-cache
Hit from cloudfront
content-type
image/png
x-amz-cf-pop
FRA50-C1
accept-ranges
bytes
content-length
4923
x-amz-cf-id
c9EuMijJLFdDp_3JU30dSDlLuko2sH6UBuEErrn9X0v08j_yWiPSjA==
background-mobile.png
d2i5a4y6yksdm0.cloudfront.net/images/lp/007/ 		376 KB
377 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://d2i5a4y6yksdm0.cloudfront.net/images/lp/007/background-mobile.png
Requested by
Host: www2.tiltwin.com
URL: https://www2.tiltwin.com/de/landing/092/007?A=5768
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:2156:d800:10:365b:fa00:21 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
nginx/1.14.0 (Ubuntu) /
Resource Hash
d20ac3901a294205eb9c9881671d803bd6437d178a17b10a0ecb0930e0e42839

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www2.tiltwin.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Fri, 24 Sep 2021 15:49:06 GMT
via
1.1 b44e2902bb3501d47514e51618f1bda5.cloudfront.net (CloudFront)
last-modified
Mon, 18 Jun 2018 22:02:12 GMT
server
nginx/1.14.0 (Ubuntu)
age
62710
etag
"5b282be4-5e169"
x-cache-status
MISS
x-edge-origin-shield-skipped
0
content-type
image/png
x-cache
Hit from cloudfront
x-amz-cf-pop
FRA50-C1
accept-ranges
bytes
content-length
385385
x-amz-cf-id
fMUfIXu0gC7O3pjYuCykGPy6l5NJJizT1hDh30XFKvWvWSj1G4aDSQ==
arrow-up.png
d2i5a4y6yksdm0.cloudfront.net/images/ 		2 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://d2i5a4y6yksdm0.cloudfront.net/images/arrow-up.png
Requested by
Host: www2.tiltwin.com
URL: https://www2.tiltwin.com/de/landing/092/007?A=5768
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:2156:d800:10:365b:fa00:21 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
nginx/1.14.0 (Ubuntu) /
Resource Hash
ecae0dc020262a5fcbf7d216c27cb4ab482807311e25312e5d812183472bf398

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www2.tiltwin.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Sat, 25 Sep 2021 08:56:23 GMT
via
1.1 b44e2902bb3501d47514e51618f1bda5.cloudfront.net (CloudFront)
last-modified
Thu, 12 Jul 2018 16:49:11 GMT
server
nginx/1.14.0 (Ubuntu)
age
3038
etag
"5b478687-6dc"
x-cache-status
MISS
x-edge-origin-shield-skipped
0
content-type
image/png
x-cache
Hit from cloudfront
x-amz-cf-pop
FRA50-C1
accept-ranges
bytes
content-length
1756
x-amz-cf-id
-F3oL2j5w9ygXSD_8Td--QjPSUTL4MylCu0JIFhNJwPkoBEkm86xUw==
arrow-down.png
d2i5a4y6yksdm0.cloudfront.net/images/ 		2 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://d2i5a4y6yksdm0.cloudfront.net/images/arrow-down.png
Requested by
Host: www2.tiltwin.com
URL: https://www2.tiltwin.com/de/landing/092/007?A=5768
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:2156:d800:10:365b:fa00:21 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
nginx/1.14.0 (Ubuntu) /
Resource Hash
2eb6cad7d97dcb417abf1b893dd46385405504196983a251909f40c9965d71d0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www2.tiltwin.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Sat, 25 Sep 2021 05:55:15 GMT
via
1.1 b44e2902bb3501d47514e51618f1bda5.cloudfront.net (CloudFront)
last-modified
Thu, 12 Jul 2018 16:49:11 GMT
server
nginx/1.14.0 (Ubuntu)
age
11941
etag
"5b478687-6dd"
x-cache-status
HIT
x-edge-origin-shield-skipped
0
content-type
image/png
x-cache
Hit from cloudfront
x-amz-cf-pop
FRA50-C1
accept-ranges
bytes
content-length
1757
x-amz-cf-id
0JQ8XGv4BsGoMWHX7uxqt8dfFOusKytQA6d-u5OhAKlI9zSN0tZkcA==
only-18.png
d2i5a4y6yksdm0.cloudfront.net/images/footer-icons/ 		2 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://d2i5a4y6yksdm0.cloudfront.net/images/footer-icons/only-18.png
Requested by
Host: www2.tiltwin.com
URL: https://www2.tiltwin.com/de/landing/092/007?A=5768
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:2156:d800:10:365b:fa00:21 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
nginx/1.14.0 (Ubuntu) /
Resource Hash
a410afd1a0e4ffb9dc6000d922ee4a72d5e48bffd935031cf3b6396adc39387d

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www2.tiltwin.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Sat, 25 Sep 2021 02:18:37 GMT
via
1.1 b44e2902bb3501d47514e51618f1bda5.cloudfront.net (CloudFront)
last-modified
Tue, 27 Mar 2018 12:02:16 GMT
server
nginx/1.14.0 (Ubuntu)
age
24939
etag
"5aba32c8-635"
x-cache-status
MISS
x-edge-origin-shield-skipped
0
content-type
image/png
x-cache
Hit from cloudfront
x-amz-cf-pop
FRA50-C1
accept-ranges
bytes
content-length
1589
x-amz-cf-id
iEPtf1WiHKnJwxoWbMGzYpXaQmeSIoLsIV2dI3w41UcG9P4QbKlptg==
begamble.png
d2i5a4y6yksdm0.cloudfront.net/images/footer-icons/ 		10 KB
10 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://d2i5a4y6yksdm0.cloudfront.net/images/footer-icons/begamble.png
Requested by
Host: www2.tiltwin.com
URL: https://www2.tiltwin.com/de/landing/092/007?A=5768
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:2156:d800:10:365b:fa00:21 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
nginx/1.14.0 (Ubuntu) /
Resource Hash
bdaa2b7f6eec96c7620ee7d1821fe7b328a7d7dcbade888a0986d3aeb7755ab6

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www2.tiltwin.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Sat, 25 Sep 2021 03:36:18 GMT
via
1.1 b44e2902bb3501d47514e51618f1bda5.cloudfront.net (CloudFront)
last-modified
Mon, 04 Jan 2021 17:51:23 GMT
server
nginx/1.14.0 (Ubuntu)
age
20278
etag
"5ff3559b-2837"
x-cache-status
HIT
x-edge-origin-shield-skipped
0
content-type
image/png
x-cache
Hit from cloudfront
x-amz-cf-pop
FRA50-C1
accept-ranges
bytes
content-length
10295
x-amz-cf-id
puD_VuJ826fAqG7f7cbLhujtxziPzx7cSHgXNa8owic5ft5pnEJ-5g==
gambling-therapy.png
d2i5a4y6yksdm0.cloudfront.net/images/footer-icons/ 		5 KB
5 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://d2i5a4y6yksdm0.cloudfront.net/images/footer-icons/gambling-therapy.png
Requested by
Host: www2.tiltwin.com
URL: https://www2.tiltwin.com/de/landing/092/007?A=5768
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:2156:d800:10:365b:fa00:21 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
nginx/1.14.0 (Ubuntu) /
Resource Hash
8769471d2891f9151996faf46dab47fc14bf45f5a0e1cb253ba542d4cee57fcd

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www2.tiltwin.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Sat, 25 Sep 2021 02:18:37 GMT
via
1.1 b44e2902bb3501d47514e51618f1bda5.cloudfront.net (CloudFront)
last-modified
Sun, 28 Apr 2019 00:57:47 GMT
server
nginx/1.14.0 (Ubuntu)
age
24939
etag
"5cc4fa8b-1324"
x-cache-status
MISS
x-edge-origin-shield-skipped
0
content-type
image/png
x-cache
Hit from cloudfront
x-amz-cf-pop
FRA50-C1
accept-ranges
bytes
content-length
4900
x-amz-cf-id
E8jHmGeATQ9T4gU9sdvlWEPKYnIeYe1_3V9rXMMXXsXQi26dUniJag==
jquery-3.4.1.min.js
code.jquery.com/ 		86 KB
30 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://code.jquery.com/jquery-3.4.1.min.js
Requested by
Host: www2.tiltwin.com
URL: https://www2.tiltwin.com/de/landing/092/007?A=5768
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2001:4de0:ac18::1:a:1b , Netherlands, ASN20446 (HIGHWINDS3, US),
Reverse DNS
Software
nginx /
Resource Hash
0925e8ad7bd971391a8b1e98be8e87a6971919eb5b60c196485941c3c1df089a

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www2.tiltwin.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Sat, 25 Sep 2021 09:14:16 GMT
content-encoding
gzip
last-modified
Wed, 01 May 2019 21:14:27 GMT
server
nginx
etag
W/"5cca0c33-15851"
vary
Accept-Encoding
x-hw
1632561256.dop218.fr8.t,1632561256.cds215.fr8.hn,1632561256.cds236.fr8.c
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
cache-control
max-age=315360000, public
accept-ranges
bytes
content-length
30638
bootstrap.min.js
stackpath.bootstrapcdn.com/bootstrap/4.1.1/js/ 		50 KB
14 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://stackpath.bootstrapcdn.com/bootstrap/4.1.1/js/bootstrap.min.js
Requested by
Host: www2.tiltwin.com
URL: https://www2.tiltwin.com/de/landing/092/007?A=5768
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6812:acf , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
c5a17d46976d471cf060c5a0e25749a323d6ab20cf0910f40afed81047ba21ef
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://www2.tiltwin.com/
Origin
https://www2.tiltwin.com
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Sat, 25 Sep 2021 09:14:16 GMT
content-encoding
br
x-content-type-options
nosniff
cf-cache-status
HIT
cdn-edgestorageid
601, 617, 617
age
13430767
cdn-cachedat
2021-04-23 00:18:18
cdn-pullzone
252412
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
timing-allow-origin
*
access-control-allow-origin
*
last-modified
Mon, 25 Jan 2021 22:04:05 GMT
server
cloudflare
cdn-requestpullcode
200
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security
max-age=31536000; includeSubDomains; preload
content-type
application/javascript; charset=utf-8
cdn-cache
HIT
vary
Accept-Encoding
cache-control
public, max-age=31919000
cdn-uid
b1941f61-b576-4f40-80de-5677acb38f74
cdn-requestid
4208a8b26deab91da2bb07f4036ceb19
cf-ray
6943242f8ca31f41-FRA
cdn-requestcountrycode
DE
cdn-requestpullsuccess
True
js.cookie.js
d2i5a4y6yksdm0.cloudfront.net/js/ 		4 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://d2i5a4y6yksdm0.cloudfront.net/js/js.cookie.js
Requested by
Host: www2.tiltwin.com
URL: https://www2.tiltwin.com/de/landing/092/007?A=5768
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:2156:d800:10:365b:fa00:21 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
nginx/1.14.0 (Ubuntu) /
Resource Hash
6533050afa2e853568cd4b0b8048ed64e94963e38088b226575a7cca8054f4e2

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www2.tiltwin.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Sat, 25 Sep 2021 05:29:08 GMT
content-encoding
gzip
last-modified
Sun, 13 May 2018 17:24:12 GMT
server
nginx/1.14.0 (Ubuntu)
age
13508
etag
W/"5af874bc-f2e"
x-cache-status
MISS
vary
Accept-Encoding
x-edge-origin-shield-skipped
0
content-type
application/javascript; charset=utf-8
via
1.1 b44e2902bb3501d47514e51618f1bda5.cloudfront.net (CloudFront)
x-cache
Hit from cloudfront
x-amz-cf-pop
FRA50-C1
x-amz-cf-id
aLgqNolS1sug9zs4FeQE51PZawDXXRszwjn4fNjOHbHj2XB7SXZlJg==
jquery-2.2.4.min.js
d2i5a4y6yksdm0.cloudfront.net/js/ 		84 KB
30 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://d2i5a4y6yksdm0.cloudfront.net/js/jquery-2.2.4.min.js
Requested by
Host: www2.tiltwin.com
URL: https://www2.tiltwin.com/de/landing/092/007?A=5768
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:2156:d800:10:365b:fa00:21 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
nginx/1.14.0 (Ubuntu) /
Resource Hash
05b85d96f41fff14d8f608dad03ab71e2c1017c2da0914d7c59291bad7a54f8e

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www2.tiltwin.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Sat, 25 Sep 2021 09:14:16 GMT
content-encoding
gzip
last-modified
Fri, 20 May 2016 17:24:41 GMT
server
nginx/1.14.0 (Ubuntu)
x-edge-origin-shield-skipped
0
etag
W/"573f4859-14e4a"
x-cache-status
HIT
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
application/javascript; charset=utf-8
via
1.1 b44e2902bb3501d47514e51618f1bda5.cloudfront.net (CloudFront)
x-amz-cf-pop
FRA50-C1
x-amz-cf-id
X6W9CrL0ZZHyrtpNMDFbAUeeqrg4v_eVEGxbE7iBKItae0sZl4V63w==
email.js
d2i5a4y6yksdm0.cloudfront.net/js/ 		7 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://d2i5a4y6yksdm0.cloudfront.net/js/email.js
Requested by
Host: www2.tiltwin.com
URL: https://www2.tiltwin.com/de/landing/092/007?A=5768
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:2156:d800:10:365b:fa00:21 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
nginx/1.14.0 (Ubuntu) /
Resource Hash
13f194a984d4bf121ed5887e81e6c7b996c4dd1a15ba1bb3f0366a9109f62ad4

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www2.tiltwin.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Sat, 25 Sep 2021 04:19:55 GMT
content-encoding
gzip
last-modified
Wed, 01 Apr 2020 16:25:34 GMT
server
nginx/1.14.0 (Ubuntu)
age
17661
etag
W/"5e84c07e-1dec"
x-cache-status
MISS
vary
Accept-Encoding
x-edge-origin-shield-skipped
0
content-type
application/javascript; charset=utf-8
via
1.1 b44e2902bb3501d47514e51618f1bda5.cloudfront.net (CloudFront)
x-cache
Hit from cloudfront
x-amz-cf-pop
FRA50-C1
x-amz-cf-id
dZCCGn0tJVZRfa3MlPaTWCXjcUAc-jYyZTV_m1sb-hu_AjguRwPYtg==
analytics.js
www.google-analytics.com/ 		48 KB
20 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.google-analytics.com/analytics.js
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=UA-144971979-1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:831::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
fd222137f245c06ddb4c4d44db41f12138dad6cf8ef5d4d4a5e500f38f0c8c62
Security Headers
Name Value
Strict-Transport-Security max-age=10886400; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www2.tiltwin.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

strict-transport-security
max-age=10886400; includeSubDomains; preload
content-encoding
gzip
x-content-type-options
nosniff
last-modified
Wed, 11 Aug 2021 00:32:57 GMT
server
Golfe2
age
1336
date
Sat, 25 Sep 2021 08:52:00 GMT
vary
Accept-Encoding
content-type
text/javascript
cache-control
public, max-age=7200
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
19747
expires
Sat, 25 Sep 2021 10:52:00 GMT
background.jpg
d2i5a4y6yksdm0.cloudfront.net/images/lp/007/ 		173 KB
173 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://d2i5a4y6yksdm0.cloudfront.net/images/lp/007/background.jpg
Requested by
Host: www2.tiltwin.com
URL: https://www2.tiltwin.com/de/landing/092/007?A=5768
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:2156:d800:10:365b:fa00:21 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
nginx/1.14.0 (Ubuntu) /
Resource Hash
6353ca36b9079c02f011a4e15cb8bc844997b40adc076b3ff948660032120179

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www2.tiltwin.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Sat, 25 Sep 2021 09:14:17 GMT
via
1.1 b44e2902bb3501d47514e51618f1bda5.cloudfront.net (CloudFront)
last-modified
Sun, 28 Apr 2019 00:57:47 GMT
server
nginx/1.14.0 (Ubuntu)
x-edge-origin-shield-skipped
0
etag
"5cc4fa8b-2b286"
x-cache-status
MISS
x-cache
Miss from cloudfront
content-type
image/jpeg
x-amz-cf-pop
FRA50-C1
accept-ranges
bytes
content-length
176774
x-amz-cf-id
ZlulMEpzq0UuLZtCqTmKQ7z3qZ0IZ0k4J3HI85Xt7NNFJE6afY7u5g==
fa-solid-900.woff2
use.fontawesome.com/releases/v5.1.0/webfonts/ 		58 KB
59 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://use.fontawesome.com/releases/v5.1.0/webfonts/fa-solid-900.woff2
Requested by
Host: use.fontawesome.com
URL: https://use.fontawesome.com/releases/v5.1.0/css/all.css
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3031::ac43:d645 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
a83079124373d924ad1402fbc08d2e24d0043234d4c26565f1c368745f55f5d9

Request headers

Referer
https://use.fontawesome.com/releases/v5.1.0/css/all.css
Origin
https://www2.tiltwin.com
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Sat, 25 Sep 2021 09:14:17 GMT
access-control-allow-methods
GET
vary
Origin, Access-Control-Request-Headers, Access-Control-Request-Method, Accept-Encoding
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
6959105
cf-ray
694324306ebf6983-FRA
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
content-length
59572
x-amz-id-2
QPvRtfwQJk86G21jn9yXl6y8B9HSCKm1MR6lL9fDf+mlell/d+mjlXPxEyPUCbv5jYWzOIdajGg=
last-modified
Wed, 30 Jun 2021 15:30:49 GMT
server
cloudflare
etag
"18d2347ab2a9f40ca2247cdb03303d84"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
access-control-max-age
3000
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=1LZjIrRrGfMr9nLcZ4Er6%2BW5tmzs2bYWCB5MV5KjgVJjF2Bq%2BGuBH1bIufezlZYqNb%2BNW0uMJO6PfDgRbF%2BKriYzCo4qfvaU%2BeSmEc4%2FTwMiLTgKGruXxATpRyOcT0UpgzIeedxmx5CfF65YE9zlVY8f"}],"group":"cf-nel","max_age":604800}
x-amz-request-id
HNHYPJ1JZMXS58ST
access-control-allow-origin
*
cache-control
max-age=31556926
accept-ranges
bytes
content-type
font/woff2
collect
www.google-analytics.com/j/ 		1 B
207 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://www.google-analytics.com/j/collect?v=1&_v=j93&a=376244513&t=pageview&_s=1&dl=https%3A%2F%2Fwww2.tiltwin.com%2Fde%2Flanding%2F092%2F007%3FA%3D5768&ul=en-us&de=UTF-8&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=YEBAAUABAAAAAC~&jid=901569100&gjid=1041168187&cid=126593296.1632561257&tid=UA-144971979-1&_gid=24589983.1632561257&_r=1&gtm=2ou9m0&z=693784612
Requested by
Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:831::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://www2.tiltwin.com/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Sat, 25 Sep 2021 09:14:17 GMT
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://www2.tiltwin.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
1
expires
Fri, 01 Jan 1990 00:00:00 GMT

Verdicts & Comments Add Verdict or Comment

36 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| onbeforexrselect boolean| originAgentCluster function| gtag object| dataLayer object| google_tag_manager object| google_tag_data string| GoogleAnalyticsObject function| ga function| $ function| jQuery object| bootstrap function| Cookies object| tracking_data function| loading_start function| loading_end function| resizeFunction string| csrf_route string| signup_route string| signin_route undefined| impression_data undefined| impression function| reset function| getFormData function| validate function| logout function| getLoggedInUser function| unlock function| error function| validateEmail function| randomData function| makeid function| getAffiliateId function| link_click object| gaplugins object| gaGlobal object| gaData

12 Cookies

Domain/Path Name / Value
real-males.site/ Name: uclick
Value: qd9r
real-males.site/ Name: uclickhash
Value: qd9r-qd9r-dz-7v-gm-g5-9r-38a097
track.whiskysour.xyz/ Name: afclick
Value: 614ee868bb092800011f7626
track.whiskysour.xyz/ Name: afoffers
Value: {"6555":1632561256}
.tilttrk.com/ Name: trk
Value: 3bs9vX7Vsvdh4+c2QPXxGk/S/Mc/tHMR+nPCcIaNw+TEr4px4WfBW474vGspZAiubUwQ/O6wUe8=
.tilttrk.com/ Name: sid
Value: 3bs9vX7Vsvdh4+c2QPXxGoAfF0AcTsJT+nPCcIaNw+SyMO1xvmZp5o74vGspZAiuylFHuzBNRJA=
.tilttrk.com/ Name: x2
Value: O/nUssdatzurRl46oY8C3Cu8SKlPTLhHwQjtZopLL4pFgeBlwg7Ytqn+Zp1Xk4mjRVSdCCDD/XOgNFOLUTprle5OEgbtmDgsl2mqJuH4UbGE39dqNzmfz+GF8yiqkaIsp+3TJ/6ttmTPT9GfelA7ZQQIENnGrW2llBdEilrsriuzKNsBqZgYokwrn30zcki0InepGlJkKyReRkGM9Ay1MBoL1u8y9ForoynShyqFPyQ2NRRdDmsMqSrSbT/3EvinfyHn5IQ1YGUYCejUJdACQGS05x0F8pKo9hx3xTc0atxTfgds9kX5NmylHutVaOTwpNGcYvxLD5qsYLlYePple5fdPrsGT/SQQDSsCpxlcChO9HwxNRgcepoELE9UUZsrj6C7azQLPLXugGqlJryZ378+yD8OiW8q3Gy+vybf05HPdCP9jMnwgHUAR8CKsJkIzf92fN7RA0jDJeO1w+VrnqHvQz2gRINrJG7CSrYHJeTXhSPDPlpg5U67EbLEXoMkMPXA1Gt4n3nD1q5ETZ5nQ+WxtAH/rJpAsYByVjht+yTdkPC7Wd5i1U67EbLEXoMkAcYZS3qyL/A=
.tiltwin.com/ Name: tracking_data
Value: %7B%22P%22%3A%223-c57egq6nb54s0q0piin0%22%2C%22A%22%3A%225768%22%2C%22B%22%3A%2218260%22%2C%22aff_sub4%22%3A%22614ee868bb092800011f7626%22%2C%22email%22%3Anull%2C%22aff_sub2%22%3Anull%2C%22s1%22%3Anull%2C%22market%22%3A%22de%22%2C%22path%22%3A%22landing%5C%2F092%5C%2F007%22%2C%22country%22%3A%22DE%22%2C%22page%22%3A%22092%22%2C%22template%22%3A%22007%22%2C%22clickin_ip%22%3A%22136.243.198.87%22%2C%22token%22%3A%22ktzktjpj%22%2C%22M%22%3A748%7D
.tiltwin.com/ Name: tw_session
Value: eyJpdiI6ImIwWVFWTTZJYTdqYkdmYzdCbEU5M2c9PSIsInZhbHVlIjoiaW1PaDV4RUZPeFZVUzU0TlVEd3N1NlBtRk5IM0Q5UkVpVElOUU1ENjNpRStuK3ozV0tSZ2NGdEhlXC9vTVBGNUMiLCJtYWMiOiI1OWZmMDk2MGM5ZmQ4YjNlNDU0NTA2NzdlZTI2NjBjNzhhMmQ0ZmIzYzY5ZWViMmZjODFiNDc4M2U4MTE4Nzc4In0%3D
.tiltwin.com/ Name: _ga
Value: GA1.2.126593296.1632561257
.tiltwin.com/ Name: _gid
Value: GA1.2.24589983.1632561257
.tiltwin.com/ Name: _gat_gtag_UA_144971979_1
Value: 1

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

c.tilttrk.com
code.jquery.com
d2i5a4y6yksdm0.cloudfront.net
new-casino.live
real-males.site
stackpath.bootstrapcdn.com
track.whiskysour.xyz
tracker.tiltwin.com
use.fontawesome.com
www.google-analytics.com
www.googletagmanager.com
www2.tiltwin.com
18.184.180.82
194.226.49.186
2001:4de0:ac18::1:a:1b
213.227.135.213
2600:9000:2156:d800:10:365b:fa00:21
2606:4700:3031::ac43:d645
2606:4700::6812:acf
2a00:1450:4001:830::2008
2a00:1450:4001:831::200e
2a03:6f00:6:1::bce1:28a1
54.155.11.25
05b85d96f41fff14d8f608dad03ab71e2c1017c2da0914d7c59291bad7a54f8e
0925e8ad7bd971391a8b1e98be8e87a6971919eb5b60c196485941c3c1df089a
102ae6e604c9b6fdecf8925bee9ec6b385fec502c219e4d6c550ed2ff78f9b54
13f194a984d4bf121ed5887e81e6c7b996c4dd1a15ba1bb3f0366a9109f62ad4
2eb6cad7d97dcb417abf1b893dd46385405504196983a251909f40c9965d71d0
31df1e69ea3aece8a8bae5c08bcb7f5e977cb76f886897b301355359b66a48ec
4a9181218d37b520a5e665e3330222b95a8f0ad48d9119c4a9bd10a4cf6a29e0
6353ca36b9079c02f011a4e15cb8bc844997b40adc076b3ff948660032120179
6533050afa2e853568cd4b0b8048ed64e94963e38088b226575a7cca8054f4e2
6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b
8769471d2891f9151996faf46dab47fc14bf45f5a0e1cb253ba542d4cee57fcd
a410afd1a0e4ffb9dc6000d922ee4a72d5e48bffd935031cf3b6396adc39387d
a83079124373d924ad1402fbc08d2e24d0043234d4c26565f1c368745f55f5d9
bdaa2b7f6eec96c7620ee7d1821fe7b328a7d7dcbade888a0986d3aeb7755ab6
c5a17d46976d471cf060c5a0e25749a323d6ab20cf0910f40afed81047ba21ef
ce91e2144ea27f82292ef2c87c5d9e1d0b9994df63836130293865aca18fc550
d20ac3901a294205eb9c9881671d803bd6437d178a17b10a0ecb0930e0e42839
e7d81fe60417eafac1121ec2e80a2ef65234de45a2ab0841225fffce88766636
ecae0dc020262a5fcbf7d216c27cb4ab482807311e25312e5d812183472bf398
fd222137f245c06ddb4c4d44db41f12138dad6cf8ef5d4d4a5e500f38f0c8c62