urlscan.io logo urlscan.io
SecurityTrails logo

www2.tiltwin.com Open in urlscan Pro
18.184.180.82  Public Scan

Go To Rescan Add Verdict Report
Submitted URL: https://hunjuh04.blob.core.windows.net/hunjuh04/M6.html#qs=r-ahdedacbdchfgjkdafkgehedacejjghehaefjdcaefjdcaefjdcabaggacihaccadfheadffca...
Effective URL: https://www2.tiltwin.com/de/landing/149/007?A=6320
Submission: On April 17 via manual from US — Scanned from DE
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 21 IPs in 4 countries across 18 domains to perform 40 HTTP transactions. The main IP is 18.184.180.82, located in and belongs to . The main domain is www2.tiltwin.com.
TLS certificate: Issued by R3 on April 14th 2023. Valid for: 3 months.
This is the only time www2.tiltwin.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

1    20.60.135.196 (Tappahannock, United States)

ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US)
hunjuh04.blob.core.windows.net
1    194.146.36.172 (Turkey)

ASN209737 (AS209737, TR)
PTR: 4-snc7-bf1.fimgbb.com
publisher-news.net
1    95.168.187.232 (London, United Kingdom)

ASN205544 (LEASEWEB-UK-LON-11, GB)
shapelyparadise.com
1    38.102.245.195 (Redondo Beach, United States)

ASN174 (COGENT-174, US)
offer-connect.com
1    2a00:1450:4001:812::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
ajax.googleapis.com
1    2a00:1450:4001:80b::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
fonts.googleapis.com
2    2606:4700::6812:acf (United States)

ASN13335 (CLOUDFLARENET, US)
maxcdn.bootstrapcdn.com
2    65.9.95.77 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-65-9-95-77.prg50.r.cloudfront.net
api.pushnami.com
1    2a00:1450:4001:813::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
fonts.gstatic.com
2    54.158.100.145 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-54-158-100-145.compute-1.amazonaws.com
trc.pushnami.com
2    50.17.162.243 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-50-17-162-243.compute-1.amazonaws.com
psp.pushnami.com
4    2606:4700:3031::ac43:92ee (None, )

ASN- ()
lynku.jukminung.com
1    2606:4700:3030::6815:4a8d (None, )

ASN- ()
cdn.addlnk.com
1    94.237.99.118 (None, )

ASN- ()
1d6c9396fa1.777offers.net
1    52.50.240.21 (None, )

ASN- ()
c.tilttrk.com
2    18.184.180.82 (None, )

ASN- ()
tracker.tiltwin.com
www2.tiltwin.com
1    2a00:1450:4001:82a::2008 (None, )

ASN- ()
www.googletagmanager.com
2    2606:4700:e2::ac40:850f (None, )

ASN- ()
use.fontawesome.com
2    2606:4700::6812:bcf (None, )

ASN- ()
stackpath.bootstrapcdn.com
11    2600:9000:2127:b200:10:365b:fa00:21 (None, )

ASN- ()
d2i5a4y6yksdm0.cloudfront.net
1    2001:4de0:ac18::1:a:1b (None, )

ASN- ()
code.jquery.com
2    2a00:1450:4001:831::200e (None, )

ASN- ()
www.google-analytics.com
Domain Requested by
11 d2i5a4y6yksdm0.cloudfront.net www2.tiltwin.com
4 lynku.jukminung.com 1 redirects offer-connect.com
lynku.jukminung.com
2 www.google-analytics.com www.googletagmanager.com
www.google-analytics.com
2 stackpath.bootstrapcdn.com www2.tiltwin.com
2 use.fontawesome.com www2.tiltwin.com
use.fontawesome.com
2 psp.pushnami.com api.pushnami.com
2 trc.pushnami.com api.pushnami.com
2 api.pushnami.com offer-connect.com
api.pushnami.com
2 maxcdn.bootstrapcdn.com offer-connect.com
maxcdn.bootstrapcdn.com
1 code.jquery.com www2.tiltwin.com
1 www.googletagmanager.com www2.tiltwin.com
1 www2.tiltwin.com
1 tracker.tiltwin.com 1 redirects
1 c.tilttrk.com 1 redirects
1 1d6c9396fa1.777offers.net lynku.jukminung.com
1 cdn.addlnk.com lynku.jukminung.com
1 fonts.gstatic.com fonts.googleapis.com
1 fonts.googleapis.com offer-connect.com
1 ajax.googleapis.com offer-connect.com
1 offer-connect.com shapelyparadise.com
1 shapelyparadise.com hunjuh04.blob.core.windows.net
1 publisher-news.net 1 redirects
1 hunjuh04.blob.core.windows.net
40 23

This site contains no links.

Subject Issuer Validity Valid
*.blob.core.windows.net
Microsoft RSA TLS CA 02		 2023-03-22 -
2024-03-22		 a year crt.sh
shapelyparadise.com
Sectigo RSA Domain Validation Secure Server CA		 2022-07-25 -
2023-08-23		 a year crt.sh
offer-connect.com
Sectigo RSA Domain Validation Secure Server CA		 2022-06-28 -
2023-07-23		 a year crt.sh
upload.video.google.com
GTS CA 1C3		 2023-03-28 -
2023-06-20		 3 months crt.sh
sni.cloudflaressl.com
Cloudflare Inc ECC CA-3		 2022-12-30 -
2023-12-30		 a year crt.sh
*.pushnami.com
Amazon RSA 2048 M01		 2023-03-04 -
2024-04-02		 a year crt.sh
*.gstatic.com
GTS CA 1C3		 2023-03-28 -
2023-06-20		 3 months crt.sh
addlnk.com
GTS CA 1P5		 2023-04-15 -
2023-07-14		 3 months crt.sh
*.777offers.net
R3		 2023-02-24 -
2023-05-25		 3 months crt.sh
www2.tiltwin.com
R3		 2023-04-14 -
2023-07-13		 3 months crt.sh
*.google-analytics.com
GTS CA 1C3		 2023-03-28 -
2023-06-20		 3 months crt.sh
*.cloudfront.net
Amazon RSA 2048 M01		 2022-12-08 -
2023-12-07		 a year crt.sh
*.jquery.com
Sectigo RSA Domain Validation Secure Server CA		 2022-08-03 -
2023-07-14		 a year crt.sh

This page contains 3 frames:

Primary Page: https://www2.tiltwin.com/de/landing/149/007?A=6320
Frame ID: DDBC14E4F78DA43478A0BEFAFAE0A59D
Requests: 34 HTTP requests in this frame

Frame: https://api.pushnami.com/scripts/v1/hub
Frame ID: 6A78B0E3FB3FDE86CF7F457563CCC439
Requests: 1 HTTP requests in this frame

Frame: https://lynku.jukminung.com/cdn-cgi/challenge-platform/h/b/scripts/jsd/74cb9f3f/invisible.js
Frame ID: 043B4D9F02985815CCF3930997810646
Requests: 3 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page Title

offer-connect

Page URL History Show full URLs

  1. https://hunjuh04.blob.core.windows.net/hunjuh04/M6.html Page URL
  2. http://publisher-news.net//qs=r-ahdedacbdchfgjkdafkgehedacejjghehaefjdcaefjdcaefjdcabaggacihaccadfhead... HTTP 302
    https://shapelyparadise.com/176394c596140ea4000/34821_13885636_11_2441_55/2suZAJrIFrsaHvLuqKojumqMakTWqp... Page URL
  3. https://offer-connect.com/?&__pt__=all&__cm__=Welcome%3A%20Access%20Our%20Best%20Offers%20Available%21... Page URL
  4. https://lynku.jukminung.com/rc/9e8aef8068?affclick=1338540388&pshnm_src=690321&pubid=690321 Page URL
  5. https://1d6c9396fa1.777offers.net//?p=4379&media_type=mainstream&sub_id=pub4ff1e0cff613469ea7171848d0b27321&pu... Page URL
  6. https://c.tilttrk.com/?a=6320&c=1049&E=BHBWNfeL4Gk%3d&s2=4379&s4=5ylyl2ldtehxzi99uipkw84wg,1686215... HTTP 302
    https://tracker.tiltwin.com/rotate/393?P=3-cgut79qmuf7c0m3pji30&A=6320&B=4379&aff_sub4=5ylyl2ldtehxzi99u... HTTP 302
    https://www2.tiltwin.com/de/landing/149/007?A=6320 Page URL

Detected technologies

Overall confidence: 100%
Detected patterns
  • <link[^>]* href=[^>]*?bootstrap(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)[^>]*?(?:\.min)?\.css
Overall confidence: 100%
Detected patterns
  • <link[^>]* href=[^>]+(?:([\d.]+)/)?(?:css/)?font-awesome(?:\.min)?\.css
  • <link[^>]* href=[^>]*?(?:F|f)o(?:n|r)t-?(?:A|a)wesome(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)
  • (?:F|f)o(?:n|r)t-?(?:A|a)wesome(?:.*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)
Overall confidence: 100%
Detected patterns
  • <link[^>]* href=[^>]+fonts\.(?:googleapis|google)\.com
Overall confidence: 100%
Detected patterns
  • api\.pushnami\.com
Overall confidence: 100%
Detected patterns
  • /([\d.]+)/jquery(?:\.min)?\.js
  • jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?

Page Statistics

40
Requests

95 %
HTTPS

55 %
IPv6

18
Domains

23
Subdomains

21
IPs

4
Countries

1030 kB
Transfer

1609 kB
Size

1
Cookies

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

  1. https://hunjuh04.blob.core.windows.net/hunjuh04/M6.html Page URL
  2. http://publisher-news.net//qs=r-ahdedacbdchfgjkdafkgehedacejjghehaefjdcaefjdcaefjdcabaggacihaccadfheadffcadddfcbacb HTTP 302
    https://shapelyparadise.com/176394c596140ea4000/34821_13885636_11_2441_55/2suZAJrIFrsaHvLuqKojumqMakTWqpJGtYhQKwqiyqToBEJwTwGOpqERjvYSZzqEpqAozZ/55 Page URL
  3. https://offer-connect.com/?&__pt__=all&__cm__=Welcome%3A%20Access%20Our%20Best%20Offers%20Available%21&pshnm_src=690321&__destUrl__=https://lynku.jukminung.com/rc/9e8aef8068?affclick=1338540388&pubid=690321 Page URL
  4. https://lynku.jukminung.com/rc/9e8aef8068?affclick=1338540388&pshnm_src=690321&pubid=690321 Page URL
  5. https://1d6c9396fa1.777offers.net//?p=4379&media_type=mainstream&sub_id=pub4ff1e0cff613469ea7171848d0b27321&pubid=690321&pi=690321 Page URL
  6. https://c.tilttrk.com/?a=6320&c=1049&E=BHBWNfeL4Gk%3d&s2=4379&s4=5ylyl2ldtehxzi99uipkw84wg,16862158,5,4379 HTTP 302
    https://tracker.tiltwin.com/rotate/393?P=3-cgut79qmuf7c0m3pji30&A=6320&B=4379&aff_sub4=5ylyl2ldtehxzi99uipkw84wg%2C16862158%2C5%2C4379&email=&aff_sub2= HTTP 302
    https://www2.tiltwin.com/de/landing/149/007?A=6320 Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 1
  • http://publisher-news.net//qs=r-ahdedacbdchfgjkdafkgehedacejjghehaefjdcaefjdcaefjdcabaggacihaccadfheadffcadddfcbacb HTTP 302
  • https://shapelyparadise.com/176394c596140ea4000/34821_13885636_11_2441_55/2suZAJrIFrsaHvLuqKojumqMakTWqpJGtYhQKwqiyqToBEJwTwGOpqERjvYSZzqEpqAozZ/55
Request Chain 16
  • https://lynku.jukminung.com/cdn-cgi/challenge-platform/scripts/invisible.js HTTP 302
  • https://lynku.jukminung.com/cdn-cgi/challenge-platform/h/b/scripts/jsd/74cb9f3f/invisible.js

40 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
M6.html
hunjuh04.blob.core.windows.net/hunjuh04/ 		105 B
508 B 		Document
General
Check archive.org
Download Go to
Full URL
https://hunjuh04.blob.core.windows.net/hunjuh04/M6.html
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
20.60.135.196 Tappahannock, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0 /
Resource Hash

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.49 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

Content-Length
105
Content-MD5
ECyYAkxBiVBvv3I+ePTddw==
Content-Type
text/html
Date
Mon, 17 Apr 2023 23:17:48 GMT
ETag
0x8DB3EEB3E7CD338
Last-Modified
Mon, 17 Apr 2023 02:27:08 GMT
Server
Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0
x-ms-blob-type
BlockBlob
x-ms-lease-status
unlocked
x-ms-request-id
bbbf9a97-101e-0029-1982-71cef2000000
x-ms-version
2009-09-19
55
shapelyparadise.com/176394c596140ea4000/34821_13885636_11_2441_55/2suZAJrIFrsaHvLuqKojumqMakTWqpJGtYhQKwqiyqToBEJwTwGOpqERjvYSZzqEpqAozZ/
Redirect Chain
  • http://publisher-news.net//qs=r-ahdedacbdchfgjkdafkgehedacejjghehaefjdcaefjdcaefjdcabaggacihaccadfheadffcadddfcbacb
  • https://shapelyparadise.com/176394c596140ea4000/34821_13885636_11_2441_55/2suZAJrIFrsaHvLuqKojumqMakTWqpJGtYhQKwqiyqToBEJwTwGOpqERjvYSZzqEpqAozZ/55
269 B
582 B 		Document
General
Check archive.org
Download Go to
Full URL
https://shapelyparadise.com/176394c596140ea4000/34821_13885636_11_2441_55/2suZAJrIFrsaHvLuqKojumqMakTWqpJGtYhQKwqiyqToBEJwTwGOpqERjvYSZzqEpqAozZ/55
Requested by
Host: hunjuh04.blob.core.windows.net
URL: https://hunjuh04.blob.core.windows.net/hunjuh04/M6.html
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
95.168.187.232 London, United Kingdom, ASN205544 (LEASEWEB-UK-LON-11, GB),
Reverse DNS
Software
Apache /
Resource Hash

Request headers

Referer
https://hunjuh04.blob.core.windows.net/hunjuh04/M6.html#qs=r-ahdedacbdchfgjkdafkgehedacejjghehaefjdcaefjdcaefjdcabaggacihaccadfheadffcadddfcbacb
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.49 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

Connection
close
Content-Length
269
Content-Type
text/html; charset=UTF-8
Date
Mon, 17 Apr 2023 23:17:51 GMT
Server
Apache

Redirect headers

Connection
keep-alive
Content-Type
text/html
Date
Mon, 17 Apr 2023 23:17:50 GMT
Server
nginx
Transfer-Encoding
chunked
X-Powered-By
PHP/5.4.16
location
https://shapelyparadise.com/176394c596140ea4000/34821_13885636_11_2441_55/2suZAJrIFrsaHvLuqKojumqMakTWqpJGtYhQKwqiyqToBEJwTwGOpqERjvYSZzqEpqAozZ/55
/
offer-connect.com/ 		10 KB
10 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://offer-connect.com/?&__pt__=all&__cm__=Welcome%3A%20Access%20Our%20Best%20Offers%20Available%21&pshnm_src=690321&__destUrl__=https://lynku.jukminung.com/rc/9e8aef8068?affclick=1338540388&pubid=690321
Requested by
Host: shapelyparadise.com
URL: https://shapelyparadise.com/176394c596140ea4000/34821_13885636_11_2441_55/2suZAJrIFrsaHvLuqKojumqMakTWqpJGtYhQKwqiyqToBEJwTwGOpqERjvYSZzqEpqAozZ/55
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
38.102.245.195 Redondo Beach, United States, ASN174 (COGENT-174, US),
Reverse DNS
Software
nginx/1.10.2 /
Resource Hash
42fa66b97e0ca198bfa261e2398544d9b3dbe31a60ebb010f1afd102d851df5d

Request headers

Referer
https://shapelyparadise.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.49 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

Accept-Ranges
bytes
Content-Length
10008
Content-Type
text/html
Date
Tue, 18 Apr 2023 07:49:17 GMT
ETag
"63efd888-2718"
Last-Modified
Fri, 17 Feb 2023 19:42:00 GMT
Server
nginx/1.10.2
jquery.min.js
ajax.googleapis.com/ajax/libs/jquery/3.1.1/ 		85 KB
30 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://ajax.googleapis.com/ajax/libs/jquery/3.1.1/jquery.min.js
Requested by
Host: offer-connect.com
URL: https://offer-connect.com/?&__pt__=all&__cm__=Welcome%3A%20Access%20Our%20Best%20Offers%20Available%21&pshnm_src=690321&__destUrl__=https://lynku.jukminung.com/rc/9e8aef8068?affclick=1338540388&pubid=690321
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:812::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
85556761a8800d14ced8fcd41a6b8b26bf012d44a318866c0d81a62092efd9bf
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://offer-connect.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.49 Safari/537.36

Response headers

date
Fri, 14 Apr 2023 21:40:18 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
265054
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/hosted-libraries-pushers
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
30244
x-xss-protection
0
last-modified
Tue, 03 Mar 2020 19:15:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="hosted-libraries-pushers"
vary
Accept-Encoding
report-to
{"group":"hosted-libraries-pushers","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/hosted-libraries-pushers"}]}
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=31536000, stale-while-revalidate=2592000
accept-ranges
bytes
timing-allow-origin
*
expires
Sat, 13 Apr 2024 21:40:18 GMT
css
fonts.googleapis.com/ 		6 KB
920 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://fonts.googleapis.com/css?family=Work+Sans:400,300,500,700,600,800
Requested by
Host: offer-connect.com
URL: https://offer-connect.com/?&__pt__=all&__cm__=Welcome%3A%20Access%20Our%20Best%20Offers%20Available%21&pshnm_src=690321&__destUrl__=https://lynku.jukminung.com/rc/9e8aef8068?affclick=1338540388&pubid=690321
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:80b::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
5ed60a5a2004815565bbe2cf950f55f1359e6b710881acaea418e1e04ac72a0c
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://offer-connect.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.49 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
date
Mon, 17 Apr 2023 23:17:52 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection
0
last-modified
Mon, 17 Apr 2023 23:17:52 GMT
server
ESF
cross-origin-opener-policy
same-origin-allow-popups
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Mon, 17 Apr 2023 23:17:52 GMT
font-awesome.min.css
maxcdn.bootstrapcdn.com/font-awesome/4.7.0/css/ 		30 KB
7 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://maxcdn.bootstrapcdn.com/font-awesome/4.7.0/css/font-awesome.min.css
Requested by
Host: offer-connect.com
URL: https://offer-connect.com/?&__pt__=all&__cm__=Welcome%3A%20Access%20Our%20Best%20Offers%20Available%21&pshnm_src=690321&__destUrl__=https://lynku.jukminung.com/rc/9e8aef8068?affclick=1338540388&pubid=690321
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6812:acf , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
799aeb25cc0373fdee0e1b1db7ad6c2f6a0e058dfadaa3379689f583213190bd
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://offer-connect.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.49 Safari/537.36

Response headers

date
Mon, 17 Apr 2023 23:17:52 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
x-content-type-options
nosniff
cf-cache-status
HIT
content-encoding
br
cdn-edgestorageid
871
age
9991882
cdn-cachedat
07/07/2022 17:49:34
cdn-pullzone
252412
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
last-modified
Mon, 25 Jan 2021 22:04:55 GMT
cdn-proxyver
1.02
cdn-requestpullcode
200
server
cloudflare
etag
W/"269550530cc127b6aa5a35925a7de6ce"
vary
Accept-Encoding
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cdn-cache
HIT
cdn-uid
b1941f61-b576-4f40-80de-5677acb38f74
cache-control
public, max-age=31919000
cdn-requestid
53050069f7634df6ba0426ea6471d136
timing-allow-origin
*
cdn-requestcountrycode
US
cdn-status
200
cf-ray
7b98624c1a132c01-FRA
cdn-requestpullsuccess
True
63ed63298591f2001320edcc
api.pushnami.com/scripts/v1/pushnami-adv/ 		88 KB
18 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://api.pushnami.com/scripts/v1/pushnami-adv/63ed63298591f2001320edcc
Requested by
Host: offer-connect.com
URL: https://offer-connect.com/?&__pt__=all&__cm__=Welcome%3A%20Access%20Our%20Best%20Offers%20Available%21&pshnm_src=690321&__destUrl__=https://lynku.jukminung.com/rc/9e8aef8068?affclick=1338540388&pubid=690321
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
65.9.95.77 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-65-9-95-77.prg50.r.cloudfront.net
Software
/
Resource Hash
ee607772e922f816ff318576900b4a7ca92449cd3f15881481a11fe30d934cdc

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://offer-connect.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.49 Safari/537.36

Response headers

date
Mon, 17 Apr 2023 23:08:43 GMT
content-encoding
gzip
via
1.1 a198ea04052d45eb515f27260bc6c05c.cloudfront.net (CloudFront)
x-amz-cf-pop
PRG50-C1
age
549
vary
accept-encoding
x-cache
Hit from cloudfront
content-type
application/javascript; charset=utf-8
cache-control
no-cache
x-amz-cf-id
m12ptyqGXRvu1VUSz14zdvDH_yKEjqINuI6sTgWbJ9TcQXEyXviUAA==
fontawesome-webfont.woff2
maxcdn.bootstrapcdn.com/font-awesome/4.7.0/fonts/ 		75 KB
76 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://maxcdn.bootstrapcdn.com/font-awesome/4.7.0/fonts/fontawesome-webfont.woff2?v=4.7.0
Requested by
Host: maxcdn.bootstrapcdn.com
URL: https://maxcdn.bootstrapcdn.com/font-awesome/4.7.0/css/font-awesome.min.css
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700::6812:acf , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
2adefcbc041e7d18fcf2d417879dc5a09997aa64d675b7a3c4b6ce33da13f3fe
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://maxcdn.bootstrapcdn.com/font-awesome/4.7.0/css/font-awesome.min.css
Origin
https://offer-connect.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.49 Safari/537.36

Response headers

date
Mon, 17 Apr 2023 23:17:52 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
x-content-type-options
nosniff
cf-cache-status
HIT
cdn-edgestorageid
752
age
3650320
cdn-cachedat
08/17/2022 18:20:14
cdn-pullzone
252412
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
77160
last-modified
Mon, 25 Jan 2021 22:04:55 GMT
cdn-proxyver
1.02
cdn-requestpullcode
200
server
cloudflare
etag
"af7ae505a9eed503f8b8e6982036873e"
vary
Accept-Encoding
content-type
font/woff2
access-control-allow-origin
*
cdn-cache
HIT
cdn-uid
b1941f61-b576-4f40-80de-5677acb38f74
cache-control
public, max-age=31919000
cdn-requestid
746933e61529be8366407880fd47077a
accept-ranges
bytes
timing-allow-origin
*
cdn-requestcountrycode
DE
cdn-status
200
cf-ray
7b98624c7e0892c3-FRA
cdn-requestpullsuccess
True
QGYsz_wNahGAdqQ43Rh_fKDp.woff2
fonts.gstatic.com/s/worksans/v18/ 		47 KB
47 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/worksans/v18/QGYsz_wNahGAdqQ43Rh_fKDp.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Work+Sans:400,300,500,700,600,800
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:813::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
97e82d8eac8d106b28abf1b716982c40c06fffe49cc2f34cd1c299266745ef73
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
https://offer-connect.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.49 Safari/537.36

Response headers

date
Tue, 11 Apr 2023 10:31:25 GMT
x-content-type-options
nosniff
age
564387
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
47728
x-xss-protection
0
last-modified
Tue, 23 Aug 2022 17:55:22 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Wed, 10 Apr 2024 10:31:25 GMT
track
trc.pushnami.com/api/push/ 		2 B
168 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://trc.pushnami.com/api/push/track
Requested by
Host: api.pushnami.com
URL: https://api.pushnami.com/scripts/v1/pushnami-adv/63ed63298591f2001320edcc
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.158.100.145 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-54-158-100-145.compute-1.amazonaws.com
Software
/
Resource Hash
565339bc4d33d72817b583024112eb7f5cdf3e5eef0252d6ec1b9c9a94e12bb3

Request headers

accept
application/json, text/plain, */*
Referer
https://offer-connect.com/
accept-language
de-DE,de;q=0.9
key
63ed63298591f2001320edcc
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.49 Safari/537.36
content-type
application/x-www-form-urlencoded

Response headers

access-control-allow-origin
*
date
Mon, 17 Apr 2023 23:17:53 GMT
access-control-expose-headers
WWW-Authenticate,Server-Authorization
cache-control
no-cache
content-length
2
content-type
text/html; charset=utf-8
track
trc.pushnami.com/api/push/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://trc.pushnami.com/api/push/track
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.158.100.145 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-54-158-100-145.compute-1.amazonaws.com
Software
/
Resource Hash

Request headers

Accept
*/*
Access-Control-Request-Headers
key
Access-Control-Request-Method
POST
Origin
https://offer-connect.com
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.49 Safari/537.36

Response headers

access-control-allow-headers
Accept,Authorization,Content-Type,If-None-Match,key
access-control-allow-methods
POST
access-control-allow-origin
*
access-control-expose-headers
WWW-Authenticate,Server-Authorization
access-control-max-age
86400
cache-control
no-cache
date
Mon, 17 Apr 2023 23:17:53 GMT
hub
api.pushnami.com/scripts/v1/ Frame 6A78 		2 KB
1 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://api.pushnami.com/scripts/v1/hub
Requested by
Host: api.pushnami.com
URL: https://api.pushnami.com/scripts/v1/pushnami-adv/63ed63298591f2001320edcc
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
65.9.95.77 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-65-9-95-77.prg50.r.cloudfront.net
Software
/
Resource Hash
2843128d287da3614565182de89a84deb0e43fd049be6a4ed4d3a682bdd186c4
Security Headers
Name Value
Content-Security-Policy default-src 'unsafe-inline' *
X-Content-Security-Policy default-src 'unsafe-inline' *

Request headers

Referer
https://offer-connect.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.49 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

access-control-allow-headers
X-Requested-With
access-control-allow-methods
GET,PUT,POST,DELETE
access-control-allow-origin
*
age
2307
cache-control
no-cache
content-encoding
gzip
content-security-policy
default-src 'unsafe-inline' *
content-type
text/html; charset=utf-8
date
Mon, 17 Apr 2023 22:39:25 GMT
vary
accept-encoding
via
1.1 a198ea04052d45eb515f27260bc6c05c.cloudfront.net (CloudFront)
x-amz-cf-id
wkmqzuTU4fBjrlnG3t_HTyiyLYmNrpRUTRZuN0vB3hAgQ6iRhcH7Lw==
x-amz-cf-pop
PRG50-C1
x-cache
Hit from cloudfront
x-content-security-policy
default-src 'unsafe-inline' *
x-webkit-csp
default-src 'unsafe-inline' *
psp
psp.pushnami.com/api/ 		2 B
224 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://psp.pushnami.com/api/psp
Requested by
Host: api.pushnami.com
URL: https://api.pushnami.com/scripts/v1/pushnami-adv/63ed63298591f2001320edcc
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
50.17.162.243 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-50-17-162-243.compute-1.amazonaws.com
Software
/
Resource Hash
565339bc4d33d72817b583024112eb7f5cdf3e5eef0252d6ec1b9c9a94e12bb3

Request headers

accept
application/json, text/plain, */*
Referer
https://offer-connect.com/
accept-language
de-DE,de;q=0.9
key
63ed63298591f2001320edcc
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.49 Safari/537.36
content-type
application/x-www-form-urlencoded

Response headers

access-control-allow-origin
https://offer-connect.com
date
Mon, 17 Apr 2023 23:17:53 GMT
cache-control
no-cache
access-control-allow-credentials
true
content-encoding
gzip
vary
accept-encoding
content-type
text/html; charset=utf-8
psp
psp.pushnami.com/api/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://psp.pushnami.com/api/psp
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
50.17.162.243 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-50-17-162-243.compute-1.amazonaws.com
Software
/
Resource Hash

Request headers

Accept
*/*
Access-Control-Request-Headers
key
Access-Control-Request-Method
POST
Origin
https://offer-connect.com
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.49 Safari/537.36

Response headers

access-control-allow-credentials
true
access-control-allow-headers
key
access-control-allow-methods
POST
access-control-allow-origin
https://offer-connect.com
access-control-expose-headers
content-type, content-length, etag
access-control-max-age
600
cache-control
no-cache
content-encoding
gzip
content-type
application/json; charset=utf-8
date
Mon, 17 Apr 2023 23:17:53 GMT
vary
accept-encoding
9e8aef8068
lynku.jukminung.com/rc/ 		2 KB
2 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://lynku.jukminung.com/rc/9e8aef8068?affclick=1338540388&pshnm_src=690321&pubid=690321
Requested by
Host: offer-connect.com
URL: https://offer-connect.com/?&__pt__=all&__cm__=Welcome%3A%20Access%20Our%20Best%20Offers%20Available%21&pshnm_src=690321&__destUrl__=https://lynku.jukminung.com/rc/9e8aef8068?affclick=1338540388&pubid=690321
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3031::ac43:92ee -, , ASN (),
Reverse DNS
Software
cloudflare /
Resource Hash
a181cbb2d56698df228a7387f45081daf84b2c53b5f927e8e7c9c40df652fdc2

Request headers

Referer
https://offer-connect.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.49 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
cf-cache-status
DYNAMIC
cf-ray
7b9862705c01bbc1-FRA
content-encoding
br
content-language
en-us
content-type
text/html; charset=utf-8
date
Mon, 17 Apr 2023 23:17:58 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=DviSfu3JYG60JYbU7lnUydg%2F4g%2FJ%2FNdxsA9rv2G%2FOwk17ZwzsZfU8YEEoW%2FGIa7bBou%2BInKun0dfM4T9EzdZDFqMs%2FZOz%2FlMPx%2BuqBdiE3LKV3NPy%2BWCKf6eI6tj5ZWiRysVggauxmn7BifwR5zz%2F9Jl"}],"group":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding, Accept-Language, Cookie
redirect.css
cdn.addlnk.com/ 		1 KB
1 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://cdn.addlnk.com/redirect.css
Requested by
Host: lynku.jukminung.com
URL: https://lynku.jukminung.com/rc/9e8aef8068?affclick=1338540388&pshnm_src=690321&pubid=690321
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3030::6815:4a8d -, , ASN (),
Reverse DNS
Software
cloudflare /
Resource Hash
7817748dc7354950bf4943388276db534474269c0cd0ed6a629841ca3d7b81a1

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.49 Safari/537.36

Response headers

date
Mon, 17 Apr 2023 23:17:58 GMT
content-encoding
br
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-amz-request-id
KPYPMKR87WVDDR5G
age
6242
cf-polished
origSize=1680
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-amz-id-2
sdyeyOjO4qADE8twISrwU7928cky8WpEvqOoYxcGfmLM5QiMKH15++pL4Vm7UxnFSSwxMSTIZIo=
cf-bgj
minify
last-modified
Wed, 13 Mar 2019 00:03:12 GMT
server
cloudflare
etag
W/"3ae56d32551602b41f9046c14d1cfde2"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=h08uT3Lo10hY7Q0832%2BuqHHRayxsy2eXMvYX4A6xuQYZs1c3FeCXx9n1PS2R%2BbLLRTnmd1yYEsCu3xg4Lgvwa4rPub7SLufdYS%2F3JEDld4dwnsWqZAECyk%2B70IDYjvJFs1jrZlo1CWQBierxFw%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
text/css
cf-ray
7b9862716f5e9966-FRA
invisible.js
lynku.jukminung.com/cdn-cgi/challenge-platform/h/b/scripts/jsd/74cb9f3f/ Frame 043B
Redirect Chain
  • https://lynku.jukminung.com/cdn-cgi/challenge-platform/scripts/invisible.js
  • https://lynku.jukminung.com/cdn-cgi/challenge-platform/h/b/scripts/jsd/74cb9f3f/invisible.js
26 KB
12 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://lynku.jukminung.com/cdn-cgi/challenge-platform/h/b/scripts/jsd/74cb9f3f/invisible.js
Protocol
H3
Server
2606:4700:3031::ac43:92ee -, , ASN (),
Reverse DNS
Software
cloudflare /
Resource Hash
62fb3e32a23ea65a121a66c2e7a3dfed69167774a0303670dbe7b91727be484f
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.49 Safari/537.36

Response headers

date
Mon, 17 Apr 2023 23:17:58 GMT
content-encoding
br
x-content-type-options
nosniff
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
accept-encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=wPunbZdB0dlLBgPYMB6c1c7o1H07wHgq2TdY1oIep43Wl3orItvgK2ECAAeEKufXKSGjQmJwuASEqR0OLNXlHoJ7X7UDTu819OMNKkKxo3yu6jTX5CvH4BcpFaNSYsM1OGZ8vvbiLy9M4V69hspuIL%2BG"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript; charset=UTF-8
cache-control
max-age=14400, public
cf-ray
7b986271ad99bba9-FRA
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400

Redirect headers

date
Mon, 17 Apr 2023 23:17:58 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
accept-encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=9yjBXsQd1jXSHhJt9jKY4HD2uKOn6ZghC%2BiCDJ7qrjVajHZ%2BGoha6OX6c8TtUeWEuL7eJFs3AwQpv6MPka5S%2BEajOkKe6NjhONLh8tTWBK%2F02Z8RbR%2BvgiA7IR1TfG%2Fok8lWV6OM3LD6tLv9MmOOyZ5C"}],"group":"cf-nel","max_age":604800}
location
/cdn-cgi/challenge-platform/h/b/scripts/jsd/74cb9f3f/invisible.js
access-control-allow-origin
*
cache-control
max-age=300, public
cf-ray
7b9862719d29bbc1-FRA
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
pica.js
lynku.jukminung.com/cdn-cgi/challenge-platform/h/b/scripts/ Frame 043B 		6 KB
3 KB 		Other
General
Check archive.org
Download Go to
Full URL
https://lynku.jukminung.com/cdn-cgi/challenge-platform/h/b/scripts/pica.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3031::ac43:92ee -, , ASN (),
Reverse DNS
Software
cloudflare /
Resource Hash
36ddf1ec6ce8467d472b6bf213778ae05efc4d249a0e9ea2e186fe6e0ef08ac5
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.49 Safari/537.36

Response headers

date
Mon, 17 Apr 2023 23:17:58 GMT
content-encoding
br
x-content-type-options
nosniff
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
accept-encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=nU5hudF%2BpDJzZBJCpU8VXwIAHyeRWPwEVCKntni%2BLNj1GougmLrmvzSGkCYEHmi3aMsRTntso9Q2hLvJUID6C9bxQQCTatT47QfBwmWu2UJbMsLhtPb1f83TmDI3ya0E9NX2SI%2ByWfLeP7qGruqng4q3"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript; charset=UTF-8
cache-control
max-age=14400, public
cf-ray
7b986271ddd2bba9-FRA
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
/
1d6c9396fa1.777offers.net// 		927 B
1 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://1d6c9396fa1.777offers.net//?p=4379&media_type=mainstream&sub_id=pub4ff1e0cff613469ea7171848d0b27321&pubid=690321&pi=690321
Requested by
Host: lynku.jukminung.com
URL: https://lynku.jukminung.com/rc/9e8aef8068?affclick=1338540388&pshnm_src=690321&pubid=690321
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
94.237.99.118 -, , ASN (),
Reverse DNS
Software
/
Resource Hash
15d61e656bc0524c32cf45dc343ce0f08a02dc70713b2f48d6ea816bbb191a0f

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.49 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

cache-control
no-store, no-cache, must-revalidate post-check=0, pre-check=0
content-encoding
gzip
content-type
text/html; charset=UTF-8
date
Mon, 17 Apr 2023 23:17:58 GMT
expires
Mon, 17 Apr 2023 23:17:58 GMT
last-modified
Mon, 17 Apr 2023 23:17:58 GMT
pragma
no-cache
vary
Accept-Encoding
x-robots-tag
noindex, nofollow
7b9862705c01bbc1
lynku.jukminung.com/cdn-cgi/challenge-platform/h/b/cv/result/ Frame 043B 		0
0
Primary Request 007
www2.tiltwin.com/de/landing/149/
Redirect Chain
  • https://c.tilttrk.com/?a=6320&c=1049&E=BHBWNfeL4Gk%3d&s2=4379&s4=5ylyl2ldtehxzi99uipkw84wg,16862158,5,4379
  • https://tracker.tiltwin.com/rotate/393?P=3-cgut79qmuf7c0m3pji30&A=6320&B=4379&aff_sub4=5ylyl2ldtehxzi99uipkw84wg%2C16862158%2C5%2C4379&email=&aff_sub2=
  • https://www2.tiltwin.com/de/landing/149/007?A=6320
24 KB
7 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://www2.tiltwin.com/de/landing/149/007?A=6320
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
18.184.180.82 -, , ASN (),
Reverse DNS
Software
nginx/1.14.0 (Ubuntu) /
Resource Hash
257b718e7ca4b091ce3584e3348fa988a1f77592ba978dd505510bf9bcdf4fee

Request headers

Referer
https://1d6c9396fa1.777offers.net//?p=4379&media_type=mainstream&sub_id=pub4ff1e0cff613469ea7171848d0b27321&pubid=690321&pi=690321
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.49 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

cache-control
private, must-revalidate
content-encoding
gzip
content-type
text/html; charset=UTF-8
date
Mon, 17 Apr 2023 23:17:59 GMT
expires
-1
pragma
no-cache
server
nginx/1.14.0 (Ubuntu)
x-cache-status
HIT

Redirect headers

cache-control
private, must-revalidate
content-type
text/html; charset=UTF-8
date
Mon, 17 Apr 2023 23:17:59 GMT
expires
-1
location
https://www2.tiltwin.com/de/landing/149/007?A=6320
pragma
no-cache
server
nginx/1.14.0 (Ubuntu)
js
www.googletagmanager.com/gtag/ 		112 KB
44 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagmanager.com/gtag/js?id=UA-144971979-1
Requested by
Host: www2.tiltwin.com
URL: https://www2.tiltwin.com/de/landing/149/007?A=6320
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82a::2008 -, , ASN (),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
6ef8b870b2a576439548ea8be35c89cf7f0df2008baa2606aaca98c3eb7aa340
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www2.tiltwin.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.49 Safari/537.36

Response headers

date
Mon, 17 Apr 2023 23:17:59 GMT
content-encoding
br
strict-transport-security
max-age=31536000; includeSubDomains
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
44686
x-xss-protection
0
last-modified
Mon, 17 Apr 2023 21:17:22 GMT
server
Google Tag Manager
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
access-control-allow-headers
Cache-Control
expires
Mon, 17 Apr 2023 23:17:59 GMT
all.css
use.fontawesome.com/releases/v5.1.0/css/ 		45 KB
10 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://use.fontawesome.com/releases/v5.1.0/css/all.css
Requested by
Host: www2.tiltwin.com
URL: https://www2.tiltwin.com/de/landing/149/007?A=6320
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:e2::ac40:850f -, , ASN (),
Reverse DNS
Software
cloudflare /
Resource Hash
ce91e2144ea27f82292ef2c87c5d9e1d0b9994df63836130293865aca18fc550

Request headers

Referer
https://www2.tiltwin.com/
Origin
https://www2.tiltwin.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.49 Safari/537.36

Response headers

date
Mon, 17 Apr 2023 23:17:59 GMT
content-encoding
br
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-amz-request-id
3G0PEXMM6A6ZM8CD
age
1697568
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-amz-id-2
5bC9hRrAesAM6t7Zyp2GB/XItznDvMET2XppqrVa6D0AqhfbsiXFui6RB6JxHfZeEcFj4NkTX64=
last-modified
Wed, 30 Jun 2021 15:30:31 GMT
server
cloudflare
etag
W/"826c57385f3d35cfed5478ba7b1f5c03"
access-control-max-age
3000
vary
Origin, Access-Control-Request-Headers, Access-Control-Request-Method, Accept-Encoding
access-control-allow-methods
GET
access-control-allow-origin
*
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=CGtQWiVQLrHLPh%2FYLcEU37lJUmP4GwK66DICi0wcNJKDwOxNPNDsFr14AlxkitmPPgS4Rg1K6l1dYmE9ttPSJIyxNIk1T2H6LmMYDWwMBm5vys8TZA7m5tYI%2Fmt61HvvWt%2FrlpbuYGID52HMsvTnS%2FvI"}],"group":"cf-nel","max_age":604800}
content-type
text/css
cache-control
max-age=31556926
cf-ray
7b986275dd038fee-FRA
bootstrap.min.css
stackpath.bootstrapcdn.com/bootstrap/4.1.1/css/ 		138 KB
22 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://stackpath.bootstrapcdn.com/bootstrap/4.1.1/css/bootstrap.min.css
Requested by
Host: www2.tiltwin.com
URL: https://www2.tiltwin.com/de/landing/149/007?A=6320
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6812:bcf -, , ASN (),
Reverse DNS
Software
cloudflare /
Resource Hash
31df1e69ea3aece8a8bae5c08bcb7f5e977cb76f886897b301355359b66a48ec
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://www2.tiltwin.com/
Origin
https://www2.tiltwin.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.49 Safari/537.36

Response headers

date
Mon, 17 Apr 2023 23:17:59 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
x-content-type-options
nosniff
cf-cache-status
HIT
content-encoding
br
cdn-edgestorageid
601
age
8714173
cdn-cachedat
12/13/2021 21:32:42
cdn-pullzone
252412
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
last-modified
Mon, 25 Jan 2021 22:04:05 GMT
cdn-proxyver
1.02
cdn-requestpullcode
200
server
cloudflare
vary
Accept-Encoding
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cdn-cache
HIT
cdn-uid
b1941f61-b576-4f40-80de-5677acb38f74
cache-control
public, max-age=31919000
cdn-requestid
87e78bbdff997af2cad162175fac816a
timing-allow-origin
*
cdn-requestcountrycode
DE
cdn-status
200
cf-ray
7b986275d9cfbb91-FRA
cdn-requestpullsuccess
True
logo.png
d2i5a4y6yksdm0.cloudfront.net/images/ 		5 KB
5 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://d2i5a4y6yksdm0.cloudfront.net/images/logo.png
Requested by
Host: www2.tiltwin.com
URL: https://www2.tiltwin.com/de/landing/149/007?A=6320
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:2127:b200:10:365b:fa00:21 -, , ASN (),
Reverse DNS
Software
nginx/1.14.0 (Ubuntu) /
Resource Hash
e7d81fe60417eafac1121ec2e80a2ef65234de45a2ab0841225fffce88766636

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www2.tiltwin.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.49 Safari/537.36

Response headers

date
Mon, 17 Apr 2023 19:30:22 GMT
via
1.1 0803e66d64c794aaadfd4a88601bc68e.cloudfront.net (CloudFront)
last-modified
Wed, 11 Apr 2018 12:31:41 GMT
server
nginx/1.14.0 (Ubuntu)
x-amz-cf-pop
PRG50-C1
age
13657
etag
"5ace002d-133b"
x-cache-status
HIT
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
image/png
accept-ranges
bytes
content-length
4923
x-amz-cf-id
SWGQxsfYvel4mMYBZGSvOAuZXFXSBg_a9nPYtweM0Jjzj1T_ndb7hw==
background-mobile.png
d2i5a4y6yksdm0.cloudfront.net/images/lp/007/ 		376 KB
377 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://d2i5a4y6yksdm0.cloudfront.net/images/lp/007/background-mobile.png
Requested by
Host: www2.tiltwin.com
URL: https://www2.tiltwin.com/de/landing/149/007?A=6320
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:2127:b200:10:365b:fa00:21 -, , ASN (),
Reverse DNS
Software
nginx/1.14.0 (Ubuntu) /
Resource Hash
d20ac3901a294205eb9c9881671d803bd6437d178a17b10a0ecb0930e0e42839

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www2.tiltwin.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.49 Safari/537.36

Response headers

date
Mon, 17 Apr 2023 01:35:01 GMT
via
1.1 0803e66d64c794aaadfd4a88601bc68e.cloudfront.net (CloudFront)
last-modified
Mon, 18 Jun 2018 22:02:12 GMT
server
nginx/1.14.0 (Ubuntu)
x-amz-cf-pop
PRG50-C1
age
78178
etag
"5b282be4-5e169"
x-cache-status
MISS
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
image/png
accept-ranges
bytes
content-length
385385
x-amz-cf-id
HfJN_chEEyBReIbhon1YanTXkUZn5wdOKRfQEmlqXK82Eo7ceSUh4Q==
arrow-up.png
d2i5a4y6yksdm0.cloudfront.net/images/ 		2 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://d2i5a4y6yksdm0.cloudfront.net/images/arrow-up.png
Requested by
Host: www2.tiltwin.com
URL: https://www2.tiltwin.com/de/landing/149/007?A=6320
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:2127:b200:10:365b:fa00:21 -, , ASN (),
Reverse DNS
Software
nginx/1.14.0 (Ubuntu) /
Resource Hash
ecae0dc020262a5fcbf7d216c27cb4ab482807311e25312e5d812183472bf398

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www2.tiltwin.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.49 Safari/537.36

Response headers

date
Mon, 17 Apr 2023 19:13:39 GMT
via
1.1 0803e66d64c794aaadfd4a88601bc68e.cloudfront.net (CloudFront)
last-modified
Thu, 12 Jul 2018 16:49:11 GMT
server
nginx/1.14.0 (Ubuntu)
x-amz-cf-pop
PRG50-C1
age
14685
etag
"5b478687-6dc"
x-cache-status
MISS
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
image/png
accept-ranges
bytes
content-length
1756
x-amz-cf-id
MnOTIl6IGJYrKFuiJbD8xI9RE0dFrk3NgCrX0C61YM99mbNhHPEpvA==
arrow-down.png
d2i5a4y6yksdm0.cloudfront.net/images/ 		2 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://d2i5a4y6yksdm0.cloudfront.net/images/arrow-down.png
Requested by
Host: www2.tiltwin.com
URL: https://www2.tiltwin.com/de/landing/149/007?A=6320
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:2127:b200:10:365b:fa00:21 -, , ASN (),
Reverse DNS
Software
nginx/1.14.0 (Ubuntu) /
Resource Hash
2eb6cad7d97dcb417abf1b893dd46385405504196983a251909f40c9965d71d0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www2.tiltwin.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.49 Safari/537.36

Response headers

date
Mon, 17 Apr 2023 07:14:42 GMT
via
1.1 0803e66d64c794aaadfd4a88601bc68e.cloudfront.net (CloudFront)
last-modified
Thu, 12 Jul 2018 16:49:11 GMT
server
nginx/1.14.0 (Ubuntu)
x-amz-cf-pop
PRG50-C1
age
57797
etag
"5b478687-6dd"
x-cache-status
MISS
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
image/png
accept-ranges
bytes
content-length
1757
x-amz-cf-id
S1zu8FWgX_UykIE1pGQmUG2qiyUeyfHzqwaDvkvEoPJbgUoECAzXnA==
only-18.png
d2i5a4y6yksdm0.cloudfront.net/images/footer-icons/ 		2 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://d2i5a4y6yksdm0.cloudfront.net/images/footer-icons/only-18.png
Requested by
Host: www2.tiltwin.com
URL: https://www2.tiltwin.com/de/landing/149/007?A=6320
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:2127:b200:10:365b:fa00:21 -, , ASN (),
Reverse DNS
Software
nginx/1.14.0 (Ubuntu) /
Resource Hash
a410afd1a0e4ffb9dc6000d922ee4a72d5e48bffd935031cf3b6396adc39387d

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www2.tiltwin.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.49 Safari/537.36

Response headers

date
Mon, 17 Apr 2023 19:13:42 GMT
via
1.1 0803e66d64c794aaadfd4a88601bc68e.cloudfront.net (CloudFront)
last-modified
Tue, 27 Mar 2018 12:02:16 GMT
server
nginx/1.14.0 (Ubuntu)
x-amz-cf-pop
PRG50-C1
age
14657
etag
"5aba32c8-635"
x-cache-status
MISS
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
image/png
accept-ranges
bytes
content-length
1589
x-amz-cf-id
092ww4d7KgL3vtpbGoyR8udVpCKGe_8jw0xxjSbrwDdehUj80mBnHg==
begamble.png
d2i5a4y6yksdm0.cloudfront.net/images/footer-icons/ 		10 KB
10 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://d2i5a4y6yksdm0.cloudfront.net/images/footer-icons/begamble.png
Requested by
Host: www2.tiltwin.com
URL: https://www2.tiltwin.com/de/landing/149/007?A=6320
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:2127:b200:10:365b:fa00:21 -, , ASN (),
Reverse DNS
Software
nginx/1.14.0 (Ubuntu) /
Resource Hash
bdaa2b7f6eec96c7620ee7d1821fe7b328a7d7dcbade888a0986d3aeb7755ab6

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www2.tiltwin.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.49 Safari/537.36

Response headers

date
Mon, 17 Apr 2023 01:33:11 GMT
via
1.1 0803e66d64c794aaadfd4a88601bc68e.cloudfront.net (CloudFront)
last-modified
Mon, 04 Jan 2021 17:51:23 GMT
server
nginx/1.14.0 (Ubuntu)
x-amz-cf-pop
PRG50-C1
age
78288
etag
"5ff3559b-2837"
x-cache-status
MISS
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
image/png
accept-ranges
bytes
content-length
10295
x-amz-cf-id
PHRJI-91tQKqMqye9_nTZf71HjSsITiXLlHbXf5tomxjojHIRxmVzQ==
gambling-therapy.png
d2i5a4y6yksdm0.cloudfront.net/images/footer-icons/ 		5 KB
5 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://d2i5a4y6yksdm0.cloudfront.net/images/footer-icons/gambling-therapy.png
Requested by
Host: www2.tiltwin.com
URL: https://www2.tiltwin.com/de/landing/149/007?A=6320
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:2127:b200:10:365b:fa00:21 -, , ASN (),
Reverse DNS
Software
nginx/1.14.0 (Ubuntu) /
Resource Hash
8769471d2891f9151996faf46dab47fc14bf45f5a0e1cb253ba542d4cee57fcd

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www2.tiltwin.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.49 Safari/537.36

Response headers

date
Mon, 17 Apr 2023 19:13:43 GMT
via
1.1 0803e66d64c794aaadfd4a88601bc68e.cloudfront.net (CloudFront)
last-modified
Sun, 28 Apr 2019 00:57:47 GMT
server
nginx/1.14.0 (Ubuntu)
x-amz-cf-pop
PRG50-C1
age
14688
etag
"5cc4fa8b-1324"
x-cache-status
MISS
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
image/png
accept-ranges
bytes
content-length
4900
x-amz-cf-id
opxIas3i-Yg4ovti2TCMeNxzErkDXIU6DKL2QQqLZy1cedbQCIXhNg==
jquery-3.4.1.min.js
code.jquery.com/ 		86 KB
30 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://code.jquery.com/jquery-3.4.1.min.js
Requested by
Host: www2.tiltwin.com
URL: https://www2.tiltwin.com/de/landing/149/007?A=6320
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2001:4de0:ac18::1:a:1b -, , ASN (),
Reverse DNS
Software
nginx /
Resource Hash
0925e8ad7bd971391a8b1e98be8e87a6971919eb5b60c196485941c3c1df089a

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www2.tiltwin.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.49 Safari/537.36

Response headers

date
Mon, 17 Apr 2023 23:17:59 GMT
content-encoding
gzip
last-modified
Fri, 12 Aug 2022 13:47:02 GMT
server
nginx
etag
W/"62f659d6-15851"
vary
Accept-Encoding
x-hw
1681773479.dop053.fr8.t,1681773479.cds167.fr8.hn,1681773479.cds236.fr8.c
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
cache-control
max-age=315360000, public
accept-ranges
bytes
content-length
30638
bootstrap.min.js
stackpath.bootstrapcdn.com/bootstrap/4.1.1/js/ 		50 KB
15 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://stackpath.bootstrapcdn.com/bootstrap/4.1.1/js/bootstrap.min.js
Requested by
Host: www2.tiltwin.com
URL: https://www2.tiltwin.com/de/landing/149/007?A=6320
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6812:bcf -, , ASN (),
Reverse DNS
Software
cloudflare /
Resource Hash
c5a17d46976d471cf060c5a0e25749a323d6ab20cf0910f40afed81047ba21ef
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://www2.tiltwin.com/
Origin
https://www2.tiltwin.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.49 Safari/537.36

Response headers

date
Mon, 17 Apr 2023 23:17:59 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
x-content-type-options
nosniff
cf-cache-status
HIT
content-encoding
br
cdn-edgestorageid
601
age
19219763
cdn-cachedat
08/04/2021 06:22:15
cdn-pullzone
252412
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
last-modified
Mon, 25 Jan 2021 22:04:05 GMT
cdn-proxyver
1.0
cdn-requestpullcode
200
server
cloudflare
vary
Accept-Encoding
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
cdn-cache
HIT
cdn-uid
b1941f61-b576-4f40-80de-5677acb38f74
cache-control
public, max-age=31919000
cdn-requestid
a489d7110626749fc3a6c1f7738b7b99
timing-allow-origin
*
cdn-requestcountrycode
DE
cdn-status
200
cf-ray
7b986275d9d0bb91-FRA
cdn-requestpullsuccess
True
js.cookie.js
d2i5a4y6yksdm0.cloudfront.net/js/ 		4 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://d2i5a4y6yksdm0.cloudfront.net/js/js.cookie.js
Requested by
Host: www2.tiltwin.com
URL: https://www2.tiltwin.com/de/landing/149/007?A=6320
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:2127:b200:10:365b:fa00:21 -, , ASN (),
Reverse DNS
Software
nginx/1.14.0 (Ubuntu) /
Resource Hash
6533050afa2e853568cd4b0b8048ed64e94963e38088b226575a7cca8054f4e2

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www2.tiltwin.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.49 Safari/537.36

Response headers

date
Mon, 17 Apr 2023 01:36:13 GMT
content-encoding
gzip
via
1.1 0803e66d64c794aaadfd4a88601bc68e.cloudfront.net (CloudFront)
last-modified
Sun, 13 May 2018 17:24:12 GMT
server
nginx/1.14.0 (Ubuntu)
x-amz-cf-pop
PRG50-C1
age
78106
etag
W/"5af874bc-f2e"
x-cache-status
MISS
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
application/javascript; charset=utf-8
x-amz-cf-id
S2y5Il9IG6JiNRgDPjmmB-e4NQ5l_w_sJFx5d-y_PRK2rZf-_NIhOQ==
jquery-2.2.4.min.js
d2i5a4y6yksdm0.cloudfront.net/js/ 		84 KB
30 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://d2i5a4y6yksdm0.cloudfront.net/js/jquery-2.2.4.min.js
Requested by
Host: www2.tiltwin.com
URL: https://www2.tiltwin.com/de/landing/149/007?A=6320
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:2127:b200:10:365b:fa00:21 -, , ASN (),
Reverse DNS
Software
nginx/1.14.0 (Ubuntu) /
Resource Hash
05b85d96f41fff14d8f608dad03ab71e2c1017c2da0914d7c59291bad7a54f8e

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www2.tiltwin.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.49 Safari/537.36

Response headers

date
Mon, 17 Apr 2023 19:21:53 GMT
content-encoding
gzip
via
1.1 0803e66d64c794aaadfd4a88601bc68e.cloudfront.net (CloudFront)
last-modified
Fri, 20 May 2016 17:24:41 GMT
server
nginx/1.14.0 (Ubuntu)
x-amz-cf-pop
PRG50-C1
age
14166
etag
W/"573f4859-14e4a"
x-cache-status
MISS
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
application/javascript; charset=utf-8
x-amz-cf-id
nGWxxw2_RUhxaLyIqVPptNpF2E9_A2vzGOJi_tH6Jk0dNA1azv2Bww==
email.js
d2i5a4y6yksdm0.cloudfront.net/js/ 		7 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://d2i5a4y6yksdm0.cloudfront.net/js/email.js
Requested by
Host: www2.tiltwin.com
URL: https://www2.tiltwin.com/de/landing/149/007?A=6320
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:2127:b200:10:365b:fa00:21 -, , ASN (),
Reverse DNS
Software
nginx/1.14.0 (Ubuntu) /
Resource Hash
13f194a984d4bf121ed5887e81e6c7b996c4dd1a15ba1bb3f0366a9109f62ad4

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www2.tiltwin.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.49 Safari/537.36

Response headers

date
Mon, 17 Apr 2023 19:30:19 GMT
content-encoding
gzip
via
1.1 0803e66d64c794aaadfd4a88601bc68e.cloudfront.net (CloudFront)
last-modified
Wed, 01 Apr 2020 16:25:34 GMT
server
nginx/1.14.0 (Ubuntu)
x-amz-cf-pop
PRG50-C1
age
13660
etag
W/"5e84c07e-1dec"
x-cache-status
MISS
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
application/javascript; charset=utf-8
x-amz-cf-id
iSIWLLSrLbYU3N7yCEhPMMmbVCwLXCbn-vylLTNG3a_B_JIaRnkdGQ==
background.jpg
d2i5a4y6yksdm0.cloudfront.net/images/lp/007/ 		173 KB
173 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://d2i5a4y6yksdm0.cloudfront.net/images/lp/007/background.jpg
Requested by
Host: www2.tiltwin.com
URL: https://www2.tiltwin.com/de/landing/149/007?A=6320
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:2127:b200:10:365b:fa00:21 -, , ASN (),
Reverse DNS
Software
nginx/1.14.0 (Ubuntu) /
Resource Hash
6353ca36b9079c02f011a4e15cb8bc844997b40adc076b3ff948660032120179

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www2.tiltwin.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.49 Safari/537.36

Response headers

date
Mon, 17 Apr 2023 07:19:10 GMT
via
1.1 0803e66d64c794aaadfd4a88601bc68e.cloudfront.net (CloudFront)
last-modified
Sun, 28 Apr 2019 00:57:47 GMT
server
nginx/1.14.0 (Ubuntu)
x-amz-cf-pop
PRG50-C1
age
57529
etag
"5cc4fa8b-2b286"
x-cache-status
MISS
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
image/jpeg
accept-ranges
bytes
content-length
176774
x-amz-cf-id
Q7fgPpcEJg_vMJIeR9_IqpppdnO4EM6GqchclZRPBw3vRCtsvk6gfg==
fa-solid-900.woff2
use.fontawesome.com/releases/v5.1.0/webfonts/ 		58 KB
59 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://use.fontawesome.com/releases/v5.1.0/webfonts/fa-solid-900.woff2
Requested by
Host: use.fontawesome.com
URL: https://use.fontawesome.com/releases/v5.1.0/css/all.css
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:e2::ac40:850f -, , ASN (),
Reverse DNS
Software
cloudflare /
Resource Hash
a83079124373d924ad1402fbc08d2e24d0043234d4c26565f1c368745f55f5d9

Request headers

Referer
https://use.fontawesome.com/releases/v5.1.0/css/all.css
Origin
https://www2.tiltwin.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.49 Safari/537.36

Response headers

date
Mon, 17 Apr 2023 23:17:59 GMT
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-amz-request-id
Z5FSRFP52CW0AZS5
age
1764275
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
59572
x-amz-id-2
6u5NY0BgZvraJBhrY3ixJDByi0KzQcJKiYpM3MZYxm1/ahB5jFVZ9YfjaldEXrYQ2n3Faw+ibAg=
last-modified
Wed, 30 Jun 2021 15:30:49 GMT
server
cloudflare
etag
"18d2347ab2a9f40ca2247cdb03303d84"
access-control-max-age
3000
access-control-allow-methods
GET
content-type
font/woff2
access-control-allow-origin
*
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=271sKFozUn3ZqCmH5vMFD%2FSKE09%2FdcUH83elRZL3SgPwmeEmHvmMQ%2BZnko2XvixUAJTMpmvQR9to7blNE%2BjW%2FYkK4Pqd5%2BQ17MuHjjwJQlqPHl7e%2BdpW6ZlQ8%2BDBr4ROLo1o0k5qMFODZ87WOzcYD79u"}],"group":"cf-nel","max_age":604800}
vary
Origin, Access-Control-Request-Headers, Access-Control-Request-Method, Accept-Encoding
cache-control
max-age=31556926
accept-ranges
bytes
cf-ray
7b9862761d1c8fee-FRA
analytics.js
www.google-analytics.com/ 		49 KB
20 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.google-analytics.com/analytics.js
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=UA-144971979-1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:831::200e -, , ASN (),
Reverse DNS
Software
Golfe2 /
Resource Hash
5971b095cff574a66d35ada016d4c077c86e2dea62e9c0f14cf7c94b258619de
Security Headers
Name Value
Strict-Transport-Security max-age=10886400; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www2.tiltwin.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.49 Safari/537.36

Response headers

strict-transport-security
max-age=10886400; includeSubDomains; preload
content-encoding
gzip
x-content-type-options
nosniff
date
Mon, 17 Apr 2023 22:11:32 GMT
last-modified
Tue, 10 Jan 2023 21:29:14 GMT
server
Golfe2
age
3987
vary
Accept-Encoding
content-type
text/javascript
cache-control
public, max-age=7200
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
20085
expires
Tue, 18 Apr 2023 00:11:32 GMT
collect
www.google-analytics.com/j/ 		1 B
207 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://www.google-analytics.com/j/collect?v=1&_v=j99&a=1507952226&t=pageview&_s=1&dl=https%3A%2F%2Fwww2.tiltwin.com%2Fde%2Flanding%2F149%2F007%3FA%3D6320&dr=https%3A%2F%2F1d6c9396fa1.777offers.net%2F&ul=en-us&de=UTF-8&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=YEBAAUABAAAAACAAI~&jid=2068786652&gjid=2125794743&cid=788000000.1681773479&tid=UA-144971979-1&_gid=1178224520.1681773479&_r=1&gtm=457e34c0&jsscut=1&z=12344566
Requested by
Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:831::200e -, , ASN (),
Reverse DNS
Software
Golfe2 /
Resource Hash
6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://www2.tiltwin.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.49 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Mon, 17 Apr 2023 23:17:59 GMT
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://www2.tiltwin.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
1
expires
Fri, 01 Jan 1990 00:00:00 GMT

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain
lynku.jukminung.com
URL
https://lynku.jukminung.com/cdn-cgi/challenge-platform/h/b/cv/result/7b9862705c01bbc1

Verdicts & Comments Add Verdict or Comment

15 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| 0 boolean| credentialless function| $ function| jQuery function| showSecondStep boolean| isRollbar object| pushWrap function| showFbChkOptIn object| mailnamiPromptModule undefined| o object| mailnami object| Pushnami function| CrossStorageClient object| pushnamiStorage function| uuid

1 Cookies

Domain/Path Name / Value
shapelyparadise.com/ Name: uid15295
Value: 1338540388-20230417191751-9ba8361bece0543c4539c6ea9271fdad-

1 Console Messages

Source Level URL
Text
other error URL: https://offer-connect.com/?&__pt__=all&__cm__=Welcome%3A%20Access%20Our%20Best%20Offers%20Available%21&pshnm_src=690321&__destUrl__=https://lynku.jukminung.com/rc/9e8aef8068?affclick=1338540388&pubid=690321
Message:
Chrome currently does not support the Push API in incognito mode (https://crbug.com/401439). There is deliberately no way to feature-detect this, since incognito mode needs to be undetectable by websites.

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

1d6c9396fa1.777offers.net
ajax.googleapis.com
api.pushnami.com
c.tilttrk.com
cdn.addlnk.com
code.jquery.com
d2i5a4y6yksdm0.cloudfront.net
fonts.googleapis.com
fonts.gstatic.com
hunjuh04.blob.core.windows.net
lynku.jukminung.com
maxcdn.bootstrapcdn.com
offer-connect.com
psp.pushnami.com
publisher-news.net
shapelyparadise.com
stackpath.bootstrapcdn.com
tracker.tiltwin.com
trc.pushnami.com
use.fontawesome.com
www.google-analytics.com
www.googletagmanager.com
www2.tiltwin.com
lynku.jukminung.com
18.184.180.82
194.146.36.172
20.60.135.196
2001:4de0:ac18::1:a:1b
2600:9000:2127:b200:10:365b:fa00:21
2606:4700:3030::6815:4a8d
2606:4700:3031::ac43:92ee
2606:4700::6812:acf
2606:4700::6812:bcf
2606:4700:e2::ac40:850f
2a00:1450:4001:80b::200a
2a00:1450:4001:812::200a
2a00:1450:4001:813::2003
2a00:1450:4001:82a::2008
2a00:1450:4001:831::200e
38.102.245.195
50.17.162.243
52.50.240.21
54.158.100.145
65.9.95.77
94.237.99.118
95.168.187.232
05b85d96f41fff14d8f608dad03ab71e2c1017c2da0914d7c59291bad7a54f8e
0925e8ad7bd971391a8b1e98be8e87a6971919eb5b60c196485941c3c1df089a
13f194a984d4bf121ed5887e81e6c7b996c4dd1a15ba1bb3f0366a9109f62ad4
15d61e656bc0524c32cf45dc343ce0f08a02dc70713b2f48d6ea816bbb191a0f
257b718e7ca4b091ce3584e3348fa988a1f77592ba978dd505510bf9bcdf4fee
2843128d287da3614565182de89a84deb0e43fd049be6a4ed4d3a682bdd186c4
2adefcbc041e7d18fcf2d417879dc5a09997aa64d675b7a3c4b6ce33da13f3fe
2eb6cad7d97dcb417abf1b893dd46385405504196983a251909f40c9965d71d0
31df1e69ea3aece8a8bae5c08bcb7f5e977cb76f886897b301355359b66a48ec
36ddf1ec6ce8467d472b6bf213778ae05efc4d249a0e9ea2e186fe6e0ef08ac5
42fa66b97e0ca198bfa261e2398544d9b3dbe31a60ebb010f1afd102d851df5d
565339bc4d33d72817b583024112eb7f5cdf3e5eef0252d6ec1b9c9a94e12bb3
5971b095cff574a66d35ada016d4c077c86e2dea62e9c0f14cf7c94b258619de
5ed60a5a2004815565bbe2cf950f55f1359e6b710881acaea418e1e04ac72a0c
62fb3e32a23ea65a121a66c2e7a3dfed69167774a0303670dbe7b91727be484f
6353ca36b9079c02f011a4e15cb8bc844997b40adc076b3ff948660032120179
6533050afa2e853568cd4b0b8048ed64e94963e38088b226575a7cca8054f4e2
6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b
6ef8b870b2a576439548ea8be35c89cf7f0df2008baa2606aaca98c3eb7aa340
7817748dc7354950bf4943388276db534474269c0cd0ed6a629841ca3d7b81a1
799aeb25cc0373fdee0e1b1db7ad6c2f6a0e058dfadaa3379689f583213190bd
85556761a8800d14ced8fcd41a6b8b26bf012d44a318866c0d81a62092efd9bf
8769471d2891f9151996faf46dab47fc14bf45f5a0e1cb253ba542d4cee57fcd
97e82d8eac8d106b28abf1b716982c40c06fffe49cc2f34cd1c299266745ef73
a181cbb2d56698df228a7387f45081daf84b2c53b5f927e8e7c9c40df652fdc2
a410afd1a0e4ffb9dc6000d922ee4a72d5e48bffd935031cf3b6396adc39387d
a83079124373d924ad1402fbc08d2e24d0043234d4c26565f1c368745f55f5d9
bdaa2b7f6eec96c7620ee7d1821fe7b328a7d7dcbade888a0986d3aeb7755ab6
c5a17d46976d471cf060c5a0e25749a323d6ab20cf0910f40afed81047ba21ef
ce91e2144ea27f82292ef2c87c5d9e1d0b9994df63836130293865aca18fc550
d20ac3901a294205eb9c9881671d803bd6437d178a17b10a0ecb0930e0e42839
e7d81fe60417eafac1121ec2e80a2ef65234de45a2ab0841225fffce88766636
ecae0dc020262a5fcbf7d216c27cb4ab482807311e25312e5d812183472bf398
ee607772e922f816ff318576900b4a7ca92449cd3f15881481a11fe30d934cdc