urlscan.io logo urlscan.io
SecurityTrails logo

vzvnjw.placetowin.net Open in urlscan Pro
2a05:d018:244:5200::ab  Public Scan

Go To Rescan Add Verdict Report
Submitted URL: http://nordeainvestmentmanagement.com/
Effective URL: https://vzvnjw.placetowin.net/c/1f0a2cb367c37dee?s1=103756&s2=1198929&s3=225955.nordeainvestmentmanagement.com&click_id=pe88rA...
Submission: On February 01 via manual from DK
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 4 IPs in 4 countries across 5 domains to perform 55 HTTP transactions. The main IP is 2a05:d018:244:5200::ab, located in Dublin, Ireland and belongs to AMAZON-02, US. The main domain is vzvnjw.placetowin.net.
TLS certificate: Issued by R3 on January 12th 2021. Valid for: 3 months.
This is the only time vzvnjw.placetowin.net was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
1 1 2600:3c02:1::... 63949 (LINODE-AP...)
1 1 198.134.116.30 27257 (WEBAIR-IN...)
3 2a05:d018:244... 16509 (AMAZON-02)
46 23.14.92.49 20940 (AKAMAI-ASN1)
2 2a00:1450:400... 15169 (GOOGLE)
55 4
1    2600:3c02:1::2d4f:f40e (United States)

ASN63949 (LINODE-AP Linode, LLC, US)
nordeainvestmentmanagement.com
1    198.134.116.30 (Garden City, United States)

ASN27257 (WEBAIR-INTERNET, US)
click.expmediadirect.com
3    2a05:d018:244:5200::ab (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
vzvnjw.placetowin.net
46    23.14.92.49 (Netherlands)

ASN20940 (AKAMAI-ASN1, NL)
PTR: a23-14-92-49.deploy.static.akamaitechnologies.com
cdn-bimi.akamaized.net
2    2a00:1450:4001:803::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.gstatic.com
Domain Requested by
46 cdn-bimi.akamaized.net vzvnjw.placetowin.net
cdn-bimi.akamaized.net
3 vzvnjw.placetowin.net cdn-bimi.akamaized.net
vzvnjw.placetowin.net
2 www.gstatic.com vzvnjw.placetowin.net
1 click.expmediadirect.com 1 redirects
1 nordeainvestmentmanagement.com 1 redirects
55 5

This site contains no links.

Subject Issuer Validity Valid
*.placetowin.net
R3		 2021-01-12 -
2021-04-12		 3 months crt.sh
a248.e.akamai.net
DigiCert Secure Site ECC CA-1		 2020-07-15 -
2021-09-13		 a year crt.sh
*.gstatic.com
GTS CA 1O1		 2021-01-05 -
2021-03-30		 3 months crt.sh

This page contains 1 frames:

Primary Page: https://vzvnjw.placetowin.net/c/1f0a2cb367c37dee?s1=103756&s2=1198929&s3=225955.nordeainvestmentmanagement.com&click_id=pe88rAFZYu0_0&j1=1&j3=1
Frame ID: 58C7E7E78171122D2889FF06EC469415
Requests: 55 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page URL History Show full URLs

  1. http://nordeainvestmentmanagement.com/ HTTP 302
    http://click.expmediadirect.com/click?i=pe88rAFZYu0_0 HTTP 302
    https://vzvnjw.placetowin.net/c/1f0a2cb367c37dee?s1=103756&s2=1198929&s3=225955.nordeainvestmentmanagement... Page URL

Detected technologies

Overall confidence: 100%
Detected patterns
  • html /<link[^>]+?href="[^"]*bootstrap(?:\.min)?\.css/i
Overall confidence: 100%
Detected patterns
  • headers server /nginx(?:\/([\d.]+))?/i
Overall confidence: 100%
Detected patterns
  • script /jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?/i

Page Statistics

55
Requests

93 %
HTTPS

60 %
IPv6

5
Domains

5
Subdomains

4
IPs

4
Countries

1151 kB
Transfer

1682 kB
Size

3
Cookies

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

  1. http://nordeainvestmentmanagement.com/ HTTP 302
    http://click.expmediadirect.com/click?i=pe88rAFZYu0_0 HTTP 302
    https://vzvnjw.placetowin.net/c/1f0a2cb367c37dee?s1=103756&s2=1198929&s3=225955.nordeainvestmentmanagement.com&click_id=pe88rAFZYu0_0&j1=1&j3=1 Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

55 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
Primary Request 1f0a2cb367c37dee
vzvnjw.placetowin.net/c/
Redirect Chain
  • http://nordeainvestmentmanagement.com/
  • http://click.expmediadirect.com/click?i=pe88rAFZYu0_0
  • https://vzvnjw.placetowin.net/c/1f0a2cb367c37dee?s1=103756&s2=1198929&s3=225955.nordeainvestmentmanagement.com&click_id=pe88rAFZYu0_0&j1=1&j3=1
24 KB
5 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://vzvnjw.placetowin.net/c/1f0a2cb367c37dee?s1=103756&s2=1198929&s3=225955.nordeainvestmentmanagement.com&click_id=pe88rAFZYu0_0&j1=1&j3=1
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2a05:d018:244:5200::ab Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
nginx /
Resource Hash
5dec3fbe798782bd445011f4cec145cd4d3193aeeb43c892d747f90f88603dce

Request headers

:method
GET
:authority
vzvnjw.placetowin.net
:scheme
https
:path
/c/1f0a2cb367c37dee?s1=103756&s2=1198929&s3=225955.nordeainvestmentmanagement.com&click_id=pe88rAFZYu0_0&j1=1&j3=1
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
none
sec-fetch-mode
navigate
sec-fetch-user
?1
sec-fetch-dest
document
accept-encoding
gzip, deflate, br
accept-language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

server
nginx
date
Mon, 01 Feb 2021 09:40:14 GMT
content-type
text/html; charset=utf-8
set-cookie
unique_330097=unique_330097; Path=/; Expires=Fri, 02 Apr 2021 09:40:14 GMT; Secure; SameSite=None unique_id=5fb66637000e56ac; Path=/; Expires=Fri, 02 Apr 2021 09:40:14 GMT; Secure; SameSite=None impression=; Path=/; Expires=Mon, 01 Feb 2021 09:40:14 GMT; Secure; SameSite=None
content-encoding
gzip

Redirect headers

Connection
keep-alive
Cache-Control
no-store
Location
https://vzvnjw.placetowin.net/c/1f0a2cb367c37dee?s1=103756&s2=1198929&s3=225955.nordeainvestmentmanagement.com&click_id=pe88rAFZYu0_0&j1=1&j3=1
Content-Length
0
Pragma
no-cache
Age
0
css2.css
cdn-bimi.akamaized.net/landings/205500/1609773053/css/ 		434 B
881 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://cdn-bimi.akamaized.net/landings/205500/1609773053/css/css2.css?1609773053
Requested by
Host: vzvnjw.placetowin.net
URL: https://vzvnjw.placetowin.net/c/1f0a2cb367c37dee?s1=103756&s2=1198929&s3=225955.nordeainvestmentmanagement.com&click_id=pe88rAFZYu0_0&j1=1&j3=1
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
23.14.92.49 , Netherlands, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
a23-14-92-49.deploy.static.akamaitechnologies.com
Software
AmazonS3 /
Resource Hash
41d6a9ab33f466da59bff060796d0056a5968cec4351833180131f410371b1f5

Request headers

Referer
https://vzvnjw.placetowin.net/c/1f0a2cb367c37dee?s1=103756&s2=1198929&s3=225955.nordeainvestmentmanagement.com&click_id=pe88rAFZYu0_0&j1=1&j3=1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date
Mon, 01 Feb 2021 09:40:14 GMT
Last-Modified
Mon, 04 Jan 2021 15:10:58 GMT
Server
AmazonS3
x-amz-request-id
3EC5DA5BF6A564C6
ETag
"830095ac30e69fd6f8aa23eebaea9964"
Content-Type
text/css
Connection
keep-alive
Accept-Ranges
bytes
Alt-Svc
h3-Q050=":443"; ma=93600,quic=":443"; ma=93600; v="46,43"
Content-Length
434
x-amz-id-2
33RDiv3W/sW2O9p/hdva/DcDuf2KqONOsZ7qy8qiZaUdqAby0MAsTSjlCxwVLkxHJnEnE3kitxI=
bootstrap.min.css
cdn-bimi.akamaized.net/landings/205500/1609773053/css/ 		152 KB
23 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://cdn-bimi.akamaized.net/landings/205500/1609773053/css/bootstrap.min.css?1609773053
Requested by
Host: vzvnjw.placetowin.net
URL: https://vzvnjw.placetowin.net/c/1f0a2cb367c37dee?s1=103756&s2=1198929&s3=225955.nordeainvestmentmanagement.com&click_id=pe88rAFZYu0_0&j1=1&j3=1
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
23.14.92.49 , Netherlands, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
a23-14-92-49.deploy.static.akamaitechnologies.com
Software
AmazonS3 /
Resource Hash
12f5936c86259655df5e4d386deabc06f18db85c6bccff7968092554b1318e64

Request headers

Referer
https://vzvnjw.placetowin.net/c/1f0a2cb367c37dee?s1=103756&s2=1198929&s3=225955.nordeainvestmentmanagement.com&click_id=pe88rAFZYu0_0&j1=1&j3=1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date
Mon, 01 Feb 2021 09:40:14 GMT
Content-Encoding
gzip
Last-Modified
Mon, 04 Jan 2021 15:10:57 GMT
Server
AmazonS3
x-amz-request-id
2D5E371A37B565C1
ETag
"21aab684b99b4dec2c5c63550b26b09e"
Vary
Accept-Encoding
Content-Type
text/css
Connection
keep-alive
Accept-Ranges
bytes
Alt-Svc
h3-Q050=":443"; ma=93600,quic=":443"; ma=93600; v="46,43"
Content-Length
23239
x-amz-id-2
2V78eZLaVI/L1JWaRXuRnfo5+c8jRUG3KZUgbNZbmawzZR/zXr9xb0yp3e1GDIAvOanBSNHceBM=
all.css
cdn-bimi.akamaized.net/landings/205500/1609773053/css/ 		54 KB
12 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://cdn-bimi.akamaized.net/landings/205500/1609773053/css/all.css?1609773053
Requested by
Host: vzvnjw.placetowin.net
URL: https://vzvnjw.placetowin.net/c/1f0a2cb367c37dee?s1=103756&s2=1198929&s3=225955.nordeainvestmentmanagement.com&click_id=pe88rAFZYu0_0&j1=1&j3=1
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
23.14.92.49 , Netherlands, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
a23-14-92-49.deploy.static.akamaitechnologies.com
Software
AmazonS3 /
Resource Hash
4971db7ced90fa8fee67d19cfe779aed3862489613451a99b719ddd48914ede9

Request headers

Referer
https://vzvnjw.placetowin.net/c/1f0a2cb367c37dee?s1=103756&s2=1198929&s3=225955.nordeainvestmentmanagement.com&click_id=pe88rAFZYu0_0&j1=1&j3=1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date
Mon, 01 Feb 2021 09:40:14 GMT
Content-Encoding
gzip
Last-Modified
Mon, 04 Jan 2021 15:10:57 GMT
Server
AmazonS3
x-amz-request-id
CSAR2S3VAY6P6Q2P
ETag
"503b278886e5bcf09419d3029791eca2"
Vary
Accept-Encoding
Content-Type
text/css
Connection
keep-alive
Accept-Ranges
bytes
Alt-Svc
h3-Q050=":443"; ma=93600,quic=":443"; ma=93600; v="46,43"
Content-Length
12079
x-amz-id-2
ghNsBurEKpgseeirLWLPCrexdRg8kbU2KOtenJMA12uLrMGff+7+sHA1JX0zkO73R067Coj+Wxk=
wed9uzeob5.css
cdn-bimi.akamaized.net/landings/205500/1609773053/css/ 		5 KB
2 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://cdn-bimi.akamaized.net/landings/205500/1609773053/css/wed9uzeob5.css?1609773053
Requested by
Host: vzvnjw.placetowin.net
URL: https://vzvnjw.placetowin.net/c/1f0a2cb367c37dee?s1=103756&s2=1198929&s3=225955.nordeainvestmentmanagement.com&click_id=pe88rAFZYu0_0&j1=1&j3=1
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
23.14.92.49 , Netherlands, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
a23-14-92-49.deploy.static.akamaitechnologies.com
Software
AmazonS3 /
Resource Hash
0f8de8a6ab11d4ca7e6453a313ce89b9705fdaa3cbc78f2e9b641f5cc5a832a7

Request headers

Referer
https://vzvnjw.placetowin.net/c/1f0a2cb367c37dee?s1=103756&s2=1198929&s3=225955.nordeainvestmentmanagement.com&click_id=pe88rAFZYu0_0&j1=1&j3=1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date
Mon, 01 Feb 2021 09:40:14 GMT
Content-Encoding
gzip
Last-Modified
Mon, 04 Jan 2021 15:10:58 GMT
Server
AmazonS3
x-amz-request-id
47883D905646A3FB
ETag
"6830d34ae148ea4c80c14cc0c86c9c4c"
Vary
Accept-Encoding
Content-Type
text/css
Connection
keep-alive
Accept-Ranges
bytes
Alt-Svc
h3-Q050=":443"; ma=93600,quic=":443"; ma=93600; v="46,43"
Content-Length
1466
x-amz-id-2
BzLMx8SuI6jZ7TITX1BF9xmkZ0asuaHEvip1nmxSrxPsI4QzlADH+vgYwzcgDMuFLyZOUR7BdmU=
f04v9d8952.css
cdn-bimi.akamaized.net/landings/205500/1609773053/css/ 		2 KB
1 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://cdn-bimi.akamaized.net/landings/205500/1609773053/css/f04v9d8952.css?1609773053
Requested by
Host: vzvnjw.placetowin.net
URL: https://vzvnjw.placetowin.net/c/1f0a2cb367c37dee?s1=103756&s2=1198929&s3=225955.nordeainvestmentmanagement.com&click_id=pe88rAFZYu0_0&j1=1&j3=1
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
23.14.92.49 , Netherlands, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
a23-14-92-49.deploy.static.akamaitechnologies.com
Software
AmazonS3 /
Resource Hash
dab10d0bb935cb48ed755bde726e46e2120cd000381a773e98b91be764f3f7df

Request headers

Referer
https://vzvnjw.placetowin.net/c/1f0a2cb367c37dee?s1=103756&s2=1198929&s3=225955.nordeainvestmentmanagement.com&click_id=pe88rAFZYu0_0&j1=1&j3=1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date
Mon, 01 Feb 2021 09:40:14 GMT
Content-Encoding
gzip
Last-Modified
Mon, 04 Jan 2021 15:10:58 GMT
Server
AmazonS3
x-amz-request-id
A409F60680C55CF8
ETag
"2abe332304f7aff2a6a412fb6a190240"
Vary
Accept-Encoding
Content-Type
text/css
Connection
keep-alive
Accept-Ranges
bytes
Alt-Svc
h3-Q050=":443"; ma=93600,quic=":443"; ma=93600; v="46,43"
Content-Length
700
x-amz-id-2
+OtbBDGcH90a3naQzPtk3v6OMcXRCGTxeDtFtN9SxIaeQAhH6yqiJXF3A2zzbz9z8s27wNA9vgk=
chat.css
cdn-bimi.akamaized.net/landings/205500/1609773053/css/ 		8 KB
2 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://cdn-bimi.akamaized.net/landings/205500/1609773053/css/chat.css?1609773053
Requested by
Host: vzvnjw.placetowin.net
URL: https://vzvnjw.placetowin.net/c/1f0a2cb367c37dee?s1=103756&s2=1198929&s3=225955.nordeainvestmentmanagement.com&click_id=pe88rAFZYu0_0&j1=1&j3=1
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
23.14.92.49 , Netherlands, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
a23-14-92-49.deploy.static.akamaitechnologies.com
Software
AmazonS3 /
Resource Hash
1b26a15abf546b7db798f0ec9a988afb67cd86a13b6e3c48f1450cae408b62b2

Request headers

Referer
https://vzvnjw.placetowin.net/c/1f0a2cb367c37dee?s1=103756&s2=1198929&s3=225955.nordeainvestmentmanagement.com&click_id=pe88rAFZYu0_0&j1=1&j3=1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date
Mon, 01 Feb 2021 09:40:14 GMT
Content-Encoding
gzip
Last-Modified
Mon, 04 Jan 2021 15:10:58 GMT
Server
AmazonS3
x-amz-request-id
1082BDF5E773F3AF
ETag
"fd446d98bbf3e1814d09564f148d126a"
Vary
Accept-Encoding
Content-Type
text/css
Connection
keep-alive
Accept-Ranges
bytes
Alt-Svc
h3-Q050=":443"; ma=93600,quic=":443"; ma=93600; v="46,43"
Content-Length
1946
x-amz-id-2
8rR7TwLUi/d6YvytUWIF154ehi1p88NlLwl9voTNP1BX9z6051umq5ax+I4EXEj/nUi98T1N6Fc=
zj618f6ab5.css
cdn-bimi.akamaized.net/landings/205500/1609773053/css/ 		3 KB
1 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://cdn-bimi.akamaized.net/landings/205500/1609773053/css/zj618f6ab5.css?1609773053
Requested by
Host: vzvnjw.placetowin.net
URL: https://vzvnjw.placetowin.net/c/1f0a2cb367c37dee?s1=103756&s2=1198929&s3=225955.nordeainvestmentmanagement.com&click_id=pe88rAFZYu0_0&j1=1&j3=1
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
23.14.92.49 , Netherlands, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
a23-14-92-49.deploy.static.akamaitechnologies.com
Software
AmazonS3 /
Resource Hash
122b51b75c239d302c81275c3286b2e1c89490d74cf91514fee4765b93a79bcd

Request headers

Referer
https://vzvnjw.placetowin.net/c/1f0a2cb367c37dee?s1=103756&s2=1198929&s3=225955.nordeainvestmentmanagement.com&click_id=pe88rAFZYu0_0&j1=1&j3=1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date
Mon, 01 Feb 2021 09:40:14 GMT
Content-Encoding
gzip
Last-Modified
Mon, 04 Jan 2021 15:10:58 GMT
Server
AmazonS3
x-amz-request-id
2F8EEC20CB7B7C87
ETag
"71444c2f408d7a76494d97e0ce2f6721"
Vary
Accept-Encoding
Content-Type
text/css
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
766
x-amz-id-2
f17DOifVVOA/iGYZDmk1xNKM/QaNlz9zk2uO1P5C/el9LsaV6G4HDHIKDRnRVYxvYfYw3j/NPe8=
3w4650yn2l.css
cdn-bimi.akamaized.net/landings/205500/1609773053/css/ 		1 KB
788 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://cdn-bimi.akamaized.net/landings/205500/1609773053/css/3w4650yn2l.css?1609773053
Requested by
Host: vzvnjw.placetowin.net
URL: https://vzvnjw.placetowin.net/c/1f0a2cb367c37dee?s1=103756&s2=1198929&s3=225955.nordeainvestmentmanagement.com&click_id=pe88rAFZYu0_0&j1=1&j3=1
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
23.14.92.49 , Netherlands, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
a23-14-92-49.deploy.static.akamaitechnologies.com
Software
AmazonS3 /
Resource Hash
ee0febbabb76a8bd117697143098287cf4554865902ce18d4aa8cadbf984721f

Request headers

Referer
https://vzvnjw.placetowin.net/c/1f0a2cb367c37dee?s1=103756&s2=1198929&s3=225955.nordeainvestmentmanagement.com&click_id=pe88rAFZYu0_0&j1=1&j3=1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date
Mon, 01 Feb 2021 09:40:14 GMT
Content-Encoding
gzip
Last-Modified
Mon, 04 Jan 2021 15:10:57 GMT
Server
AmazonS3
x-amz-request-id
4M7Q4GDZ7KAW7X9T
ETag
"3471b1c397b0e3c7e0260710d5a8f381"
Vary
Accept-Encoding
Content-Type
text/css
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
362
x-amz-id-2
FsR0FaP4lT/be5CimOYSTg9JjR4jWdvL5khfpiZIv2vhiQbfuZ77Dz5IjgyIMcOr+ruba4cwO70=
jquery.min.js
cdn-bimi.akamaized.net/landings/205500/1609773053/js/ 		85 KB
30 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn-bimi.akamaized.net/landings/205500/1609773053/js/jquery.min.js?1609773053
Requested by
Host: vzvnjw.placetowin.net
URL: https://vzvnjw.placetowin.net/c/1f0a2cb367c37dee?s1=103756&s2=1198929&s3=225955.nordeainvestmentmanagement.com&click_id=pe88rAFZYu0_0&j1=1&j3=1
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
23.14.92.49 , Netherlands, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
a23-14-92-49.deploy.static.akamaitechnologies.com
Software
AmazonS3 /
Resource Hash
160a426ff2894252cd7cebbdd6d6b7da8fcd319c65b70468f10b6690c45d02ef

Request headers

Referer
https://vzvnjw.placetowin.net/c/1f0a2cb367c37dee?s1=103756&s2=1198929&s3=225955.nordeainvestmentmanagement.com&click_id=pe88rAFZYu0_0&j1=1&j3=1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date
Mon, 01 Feb 2021 09:40:14 GMT
Content-Encoding
gzip
Last-Modified
Mon, 04 Jan 2021 15:10:58 GMT
Server
AmazonS3
x-amz-request-id
6FF247DA8BD5FDEA
ETag
"a09e13ee94d51c524b7e2a728c7d4039"
Vary
Accept-Encoding
Content-Type
text/javascript
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
30351
x-amz-id-2
B6O2xPzP6wTXO/YOxcHgOM0Hqt+dSM8WSrai+1r/NRD8ZWZmGuqS+zrNt6QRGmTsBByyIp+KDEc=
bootstrap.bundle.min.js
cdn-bimi.akamaized.net/landings/205500/1609773053/js/ 		77 KB
22 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn-bimi.akamaized.net/landings/205500/1609773053/js/bootstrap.bundle.min.js?1609773053
Requested by
Host: vzvnjw.placetowin.net
URL: https://vzvnjw.placetowin.net/c/1f0a2cb367c37dee?s1=103756&s2=1198929&s3=225955.nordeainvestmentmanagement.com&click_id=pe88rAFZYu0_0&j1=1&j3=1
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
23.14.92.49 , Netherlands, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
a23-14-92-49.deploy.static.akamaitechnologies.com
Software
AmazonS3 /
Resource Hash
7f3145c87d3570154f633975e8a4f8d30aa38603edaba145501e9c90ddbe186c

Request headers

Referer
https://vzvnjw.placetowin.net/c/1f0a2cb367c37dee?s1=103756&s2=1198929&s3=225955.nordeainvestmentmanagement.com&click_id=pe88rAFZYu0_0&j1=1&j3=1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date
Mon, 01 Feb 2021 09:40:14 GMT
Content-Encoding
gzip
Last-Modified
Mon, 04 Jan 2021 15:10:58 GMT
Server
AmazonS3
x-amz-request-id
23651C63626B7EED
ETag
"a454220fc07088bf1fdd19313b6bfd50"
Vary
Accept-Encoding
Content-Type
text/javascript
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
22291
x-amz-id-2
pI5m6F6dnK2SK23e7yfwh9QoalDemTIUVSVxaVmq067sUPgnCurM/R2Ff+iKHKQjVByYOj7yJls=
ik525f57w4.js
cdn-bimi.akamaized.net/landings/205500/1609773053/js/ 		19 KB
5 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn-bimi.akamaized.net/landings/205500/1609773053/js/ik525f57w4.js?1609773053
Requested by
Host: vzvnjw.placetowin.net
URL: https://vzvnjw.placetowin.net/c/1f0a2cb367c37dee?s1=103756&s2=1198929&s3=225955.nordeainvestmentmanagement.com&click_id=pe88rAFZYu0_0&j1=1&j3=1
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
23.14.92.49 , Netherlands, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
a23-14-92-49.deploy.static.akamaitechnologies.com
Software
AmazonS3 /
Resource Hash
a358deaf74c9fb58029eaeb4e349ad675e5bb0d43d663c1c7045706565a418dd

Request headers

Referer
https://vzvnjw.placetowin.net/c/1f0a2cb367c37dee?s1=103756&s2=1198929&s3=225955.nordeainvestmentmanagement.com&click_id=pe88rAFZYu0_0&j1=1&j3=1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date
Mon, 01 Feb 2021 09:40:14 GMT
Content-Encoding
gzip
Last-Modified
Mon, 04 Jan 2021 15:10:58 GMT
Server
AmazonS3
x-amz-request-id
7615411BA5EAE48F
ETag
"c826e7ddb9e2d659c9ee5bbe8b005aa0"
Vary
Accept-Encoding
Content-Type
text/javascript
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
5175
x-amz-id-2
gPiyUqSS3f0rWKtkjskL+2Iyk0gRlLRpvr/0H3P/7b6YGWplAUkfwPluUjQ7b14a4Sjy/Bmt3MU=
messages.js
cdn-bimi.akamaized.net/landings/205500/1609773053/js/ 		180 KB
30 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn-bimi.akamaized.net/landings/205500/1609773053/js/messages.js?1609773053
Requested by
Host: vzvnjw.placetowin.net
URL: https://vzvnjw.placetowin.net/c/1f0a2cb367c37dee?s1=103756&s2=1198929&s3=225955.nordeainvestmentmanagement.com&click_id=pe88rAFZYu0_0&j1=1&j3=1
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
23.14.92.49 , Netherlands, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
a23-14-92-49.deploy.static.akamaitechnologies.com
Software
AmazonS3 /
Resource Hash
27ea91d3a307ce355f3ca87710f7cf171b57f2023dd225b27c317f6f64341533

Request headers

Referer
https://vzvnjw.placetowin.net/c/1f0a2cb367c37dee?s1=103756&s2=1198929&s3=225955.nordeainvestmentmanagement.com&click_id=pe88rAFZYu0_0&j1=1&j3=1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date
Mon, 01 Feb 2021 09:40:14 GMT
Content-Encoding
gzip
Last-Modified
Mon, 04 Jan 2021 15:10:58 GMT
Server
AmazonS3
x-amz-request-id
AC3778B4583FFB36
ETag
"e0382dccadd293fd17a442d20f49971e"
Vary
Accept-Encoding
Content-Type
text/javascript
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
30701
x-amz-id-2
6nZ5AeumcnCoUglQ4jEythVkYB8vEM28fA19Wd4tkmS4JmpBYi78Ih5PuaY++cayQrXf9vR+v78=
j5_tmp.js
cdn-bimi.akamaized.net/landings/205500/1609773053/js/ 		831 B
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn-bimi.akamaized.net/landings/205500/1609773053/js/j5_tmp.js?1609773053
Requested by
Host: vzvnjw.placetowin.net
URL: https://vzvnjw.placetowin.net/c/1f0a2cb367c37dee?s1=103756&s2=1198929&s3=225955.nordeainvestmentmanagement.com&click_id=pe88rAFZYu0_0&j1=1&j3=1
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
23.14.92.49 , Netherlands, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
a23-14-92-49.deploy.static.akamaitechnologies.com
Software
AmazonS3 /
Resource Hash
1a001b0131b9c53ce9a0e20807ff44e9ac4e3aac55eebb1c8a243f8896e5de73

Request headers

Referer
https://vzvnjw.placetowin.net/c/1f0a2cb367c37dee?s1=103756&s2=1198929&s3=225955.nordeainvestmentmanagement.com&click_id=pe88rAFZYu0_0&j1=1&j3=1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date
Mon, 01 Feb 2021 09:40:14 GMT
Last-Modified
Mon, 04 Jan 2021 15:10:58 GMT
Server
AmazonS3
x-amz-request-id
E1C6FBC1B024C024
ETag
"a7a2ef7f4bfb455eae58e9653061f1b2"
Content-Type
text/javascript
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
831
x-amz-id-2
HhmHTahCMeAWUOsVsGmjE3zOOF0aJLLu2iBCd7mNJ5Bd6BC7N3WRY8IgXFG6iZh7oQnnebS3FAE=
trls.js
cdn-bimi.akamaized.net/landings/205500/1609773053/js/ 		22 KB
11 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn-bimi.akamaized.net/landings/205500/1609773053/js/trls.js?1609773053
Requested by
Host: vzvnjw.placetowin.net
URL: https://vzvnjw.placetowin.net/c/1f0a2cb367c37dee?s1=103756&s2=1198929&s3=225955.nordeainvestmentmanagement.com&click_id=pe88rAFZYu0_0&j1=1&j3=1
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
23.14.92.49 , Netherlands, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
a23-14-92-49.deploy.static.akamaitechnologies.com
Software
AmazonS3 /
Resource Hash
e9d29e3e3409773fd316970bf1f93745f5cb64dc22a7e85dd6ca32bcc06dedb7

Request headers

Referer
https://vzvnjw.placetowin.net/c/1f0a2cb367c37dee?s1=103756&s2=1198929&s3=225955.nordeainvestmentmanagement.com&click_id=pe88rAFZYu0_0&j1=1&j3=1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date
Mon, 01 Feb 2021 09:40:14 GMT
Content-Encoding
gzip
Last-Modified
Mon, 04 Jan 2021 15:10:58 GMT
Server
AmazonS3
x-amz-request-id
169BE74D6597AEB2
ETag
"7e53efa5a6bba11bcb09893708f5f94d"
Vary
Accept-Encoding
Content-Type
text/javascript
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
10540
x-amz-id-2
UI/gQlUZREd0kTNgyb77y1sOinyeZO4KLIxlyPssQRronUjYwSSzBRyn+7BpK9IkBWZ1zgNhvzU=
ok.png
cdn-bimi.akamaized.net/landings/205500/1609773053/images/ 		375 KB
376 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cdn-bimi.akamaized.net/landings/205500/1609773053/images/ok.png
Requested by
Host: vzvnjw.placetowin.net
URL: https://vzvnjw.placetowin.net/c/1f0a2cb367c37dee?s1=103756&s2=1198929&s3=225955.nordeainvestmentmanagement.com&click_id=pe88rAFZYu0_0&j1=1&j3=1
Protocol
H3-Q050
Security
QUIC, , AES_128_GCM
Server
23.14.92.49 , Netherlands, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
a23-14-92-49.deploy.static.akamaitechnologies.com
Software
AmazonS3 /
Resource Hash
df3b1c05372b8e759dc3e3c1c432b654524ec192746a20f1c45d522c8a7e303e

Request headers

Referer
https://vzvnjw.placetowin.net/c/1f0a2cb367c37dee?s1=103756&s2=1198929&s3=225955.nordeainvestmentmanagement.com&click_id=pe88rAFZYu0_0&j1=1&j3=1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Mon, 01 Feb 2021 09:40:14 GMT
last-modified
Mon, 04 Jan 2021 15:10:56 GMT
server
AmazonS3
x-amz-request-id
1C417BC7B42AE2E2
etag
"cb8e3584d0b825508c587ff6133cb68e"
content-type
image/png
accept-ranges
bytes
alt-svc
h3-Q050=":443"; ma=93600,quic=":443"; ma=93600; v="46,43"
content-length
384430
x-amz-id-2
smhgDxNIzOaCpuVoJVLE1ku7s3Zxwdtr6tyLDeBIU2HPiWuuWEccmbwBmEjrEQCSSrkWV3S94L4=
quic-version
Q050
xodkb5yc0i.png
cdn-bimi.akamaized.net/landings/205500/1609773053/images/ 		109 KB
109 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cdn-bimi.akamaized.net/landings/205500/1609773053/images/xodkb5yc0i.png
Requested by
Host: vzvnjw.placetowin.net
URL: https://vzvnjw.placetowin.net/c/1f0a2cb367c37dee?s1=103756&s2=1198929&s3=225955.nordeainvestmentmanagement.com&click_id=pe88rAFZYu0_0&j1=1&j3=1
Protocol
H3-Q050
Security
QUIC, , AES_128_GCM
Server
23.14.92.49 , Netherlands, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
a23-14-92-49.deploy.static.akamaitechnologies.com
Software
AmazonS3 /
Resource Hash
2623e3426b57264141ecc8ba6e70f661c73a4d9e57821ba35241dfcf81de40fa

Request headers

Referer
https://vzvnjw.placetowin.net/c/1f0a2cb367c37dee?s1=103756&s2=1198929&s3=225955.nordeainvestmentmanagement.com&click_id=pe88rAFZYu0_0&j1=1&j3=1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Mon, 01 Feb 2021 09:40:14 GMT
last-modified
Mon, 04 Jan 2021 15:10:57 GMT
server
AmazonS3
x-amz-request-id
DBA60E1B0450B65F
etag
"bfdd07ace5a695c2cdb31785120bfdfe"
content-type
image/png
accept-ranges
bytes
alt-svc
h3-Q050=":443"; ma=93600,quic=":443"; ma=93600; v="46,43"
content-length
111632
x-amz-id-2
f4cNlUCCm5uomqVBIClk1wrLFtRpQuLOodcI8bfrwBluNSeAImt+KdKITdPoCfrxlssBL+PWyc4=
quic-version
Q050
ro6k5cxvw4.png
cdn-bimi.akamaized.net/landings/205500/1609773053/images/ 		11 KB
11 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cdn-bimi.akamaized.net/landings/205500/1609773053/images/ro6k5cxvw4.png
Requested by
Host: vzvnjw.placetowin.net
URL: https://vzvnjw.placetowin.net/c/1f0a2cb367c37dee?s1=103756&s2=1198929&s3=225955.nordeainvestmentmanagement.com&click_id=pe88rAFZYu0_0&j1=1&j3=1
Protocol
H3-Q050
Security
QUIC, , AES_128_GCM
Server
23.14.92.49 , Netherlands, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
a23-14-92-49.deploy.static.akamaitechnologies.com
Software
AmazonS3 /
Resource Hash
2e5559d271dcf79baf9d20af3c4fb33c072a6947b5927ce807b364ab90b79455

Request headers

Referer
https://vzvnjw.placetowin.net/c/1f0a2cb367c37dee?s1=103756&s2=1198929&s3=225955.nordeainvestmentmanagement.com&click_id=pe88rAFZYu0_0&j1=1&j3=1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Mon, 01 Feb 2021 09:40:14 GMT
last-modified
Mon, 04 Jan 2021 15:10:56 GMT
server
AmazonS3
x-amz-request-id
E491C9170040BAB4
etag
"42646054d74c52311ddac5b117bffa1f"
content-type
image/png
accept-ranges
bytes
alt-svc
h3-Q050=":443"; ma=93600,quic=":443"; ma=93600; v="46,43"
content-length
11048
x-amz-id-2
9uz0ZH7+FPdYB0m3C1vnV6zq6kQwxWfHgFsvecG+vEdGnW/ucse0ueWGUxlRtdzVuQ984ZaVMFE=
quic-version
Q050
3twz2fc8eb.png
cdn-bimi.akamaized.net/landings/205500/1609773053/images/ 		615 B
745 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cdn-bimi.akamaized.net/landings/205500/1609773053/images/3twz2fc8eb.png
Requested by
Host: vzvnjw.placetowin.net
URL: https://vzvnjw.placetowin.net/c/1f0a2cb367c37dee?s1=103756&s2=1198929&s3=225955.nordeainvestmentmanagement.com&click_id=pe88rAFZYu0_0&j1=1&j3=1
Protocol
H3-Q050
Security
QUIC, , AES_128_GCM
Server
23.14.92.49 , Netherlands, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
a23-14-92-49.deploy.static.akamaitechnologies.com
Software
AmazonS3 /
Resource Hash
bf7323d6955dacfc17037128471a98c15686a29a0d5d608cd4d6f9959d12345a

Request headers

Referer
https://vzvnjw.placetowin.net/c/1f0a2cb367c37dee?s1=103756&s2=1198929&s3=225955.nordeainvestmentmanagement.com&click_id=pe88rAFZYu0_0&j1=1&j3=1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Mon, 01 Feb 2021 09:40:14 GMT
last-modified
Mon, 04 Jan 2021 15:10:56 GMT
server
AmazonS3
x-amz-request-id
56FA27D3F543BD39
etag
"486830ae8c419d37c8a275e62ad18f4d"
content-type
image/png
accept-ranges
bytes
alt-svc
h3-Q050=":443"; ma=93600,quic=":443"; ma=93600; v="46,43"
content-length
615
x-amz-id-2
gMWFt7gY2xITYFmABM73FuawHtL3SnPAFQ0RDeb+oymWWZSsDTvI1wSiR7yvODipXlOr16YUcnU=
quic-version
Q050
w68de5eecb.png
cdn-bimi.akamaized.net/landings/205500/1609773053/images/ 		33 KB
33 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cdn-bimi.akamaized.net/landings/205500/1609773053/images/w68de5eecb.png
Requested by
Host: vzvnjw.placetowin.net
URL: https://vzvnjw.placetowin.net/c/1f0a2cb367c37dee?s1=103756&s2=1198929&s3=225955.nordeainvestmentmanagement.com&click_id=pe88rAFZYu0_0&j1=1&j3=1
Protocol
H3-Q050
Security
QUIC, , AES_128_GCM
Server
23.14.92.49 , Netherlands, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
a23-14-92-49.deploy.static.akamaitechnologies.com
Software
AmazonS3 /
Resource Hash
36e7344e6afb945bd68273e12895449fc94e9f50e7ccb601ef44802cebc0b144

Request headers

Referer
https://vzvnjw.placetowin.net/c/1f0a2cb367c37dee?s1=103756&s2=1198929&s3=225955.nordeainvestmentmanagement.com&click_id=pe88rAFZYu0_0&j1=1&j3=1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Mon, 01 Feb 2021 09:40:14 GMT
last-modified
Mon, 04 Jan 2021 15:10:57 GMT
server
AmazonS3
x-amz-request-id
B0ADB70FEB638751
etag
"a9de28a6d8f2ea709e6a60049efeef85"
content-type
image/png
accept-ranges
bytes
alt-svc
h3-Q050=":443"; ma=93600,quic=":443"; ma=93600; v="46,43"
content-length
33743
x-amz-id-2
cNWxiUgYVAk/IY4GjPgeTIp2IgmoQ12YLcWxvtwK5h7JAQnYDSkgE/xkgw2bMFb7RqMLOLwQsdo=
quic-version
Q050
k5081qtnr2.png
cdn-bimi.akamaized.net/landings/205500/1609773053/images/ 		22 KB
22 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cdn-bimi.akamaized.net/landings/205500/1609773053/images/k5081qtnr2.png
Requested by
Host: vzvnjw.placetowin.net
URL: https://vzvnjw.placetowin.net/c/1f0a2cb367c37dee?s1=103756&s2=1198929&s3=225955.nordeainvestmentmanagement.com&click_id=pe88rAFZYu0_0&j1=1&j3=1
Protocol
H3-Q050
Security
QUIC, , AES_128_GCM
Server
23.14.92.49 , Netherlands, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
a23-14-92-49.deploy.static.akamaitechnologies.com
Software
AmazonS3 /
Resource Hash
fad9142525e23abff15a703bd082856a1b04ddbd348ab830228ad051d7672095

Request headers

Referer
https://vzvnjw.placetowin.net/c/1f0a2cb367c37dee?s1=103756&s2=1198929&s3=225955.nordeainvestmentmanagement.com&click_id=pe88rAFZYu0_0&j1=1&j3=1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Mon, 01 Feb 2021 09:40:14 GMT
last-modified
Mon, 04 Jan 2021 15:10:56 GMT
server
AmazonS3
x-amz-request-id
276E7725E262EDF3
etag
"3bf4ac2afd7544836eaf7fb4d7892460"
content-type
image/png
accept-ranges
bytes
alt-svc
h3-Q050=":443"; ma=93600,quic=":443"; ma=93600; v="46,43"
content-length
22058
x-amz-id-2
hSocMfua9uvPdY9Na438x9w+ZRfqeX0Imk72BT7XiDsO7y67eHi8WMmS/pYRLOz94r0fLxB3HcE=
quic-version
Q050
tcuifv56o2.png
cdn-bimi.akamaized.net/landings/205500/1609773053/images/ 		35 KB
36 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cdn-bimi.akamaized.net/landings/205500/1609773053/images/tcuifv56o2.png
Requested by
Host: vzvnjw.placetowin.net
URL: https://vzvnjw.placetowin.net/c/1f0a2cb367c37dee?s1=103756&s2=1198929&s3=225955.nordeainvestmentmanagement.com&click_id=pe88rAFZYu0_0&j1=1&j3=1
Protocol
H3-Q050
Security
QUIC, , AES_128_GCM
Server
23.14.92.49 , Netherlands, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
a23-14-92-49.deploy.static.akamaitechnologies.com
Software
AmazonS3 /
Resource Hash
1c22d3ca6f07703e8583699d2c1ca3f054d58ffc802c9936eeaae8538575564e

Request headers

Referer
https://vzvnjw.placetowin.net/c/1f0a2cb367c37dee?s1=103756&s2=1198929&s3=225955.nordeainvestmentmanagement.com&click_id=pe88rAFZYu0_0&j1=1&j3=1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Mon, 01 Feb 2021 09:40:14 GMT
last-modified
Mon, 04 Jan 2021 15:10:56 GMT
server
AmazonS3
x-amz-request-id
0F50110466799832
etag
"ed917c274514e9c16c0220c28de3ece2"
content-type
image/png
accept-ranges
bytes
alt-svc
h3-Q050=":443"; ma=93600,quic=":443"; ma=93600; v="46,43"
content-length
36203
x-amz-id-2
U/wfcQRVVaZprtJWpPY2nsKbJnJUofS+Mume50XgUCJoksbCu+u5GctWRV7yndRzwnCQwKeXfmE=
quic-version
Q050
oc08i5d7u1.png
cdn-bimi.akamaized.net/landings/205500/1609773053/images/ 		121 KB
121 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cdn-bimi.akamaized.net/landings/205500/1609773053/images/oc08i5d7u1.png
Requested by
Host: vzvnjw.placetowin.net
URL: https://vzvnjw.placetowin.net/c/1f0a2cb367c37dee?s1=103756&s2=1198929&s3=225955.nordeainvestmentmanagement.com&click_id=pe88rAFZYu0_0&j1=1&j3=1
Protocol
H3-Q050
Security
QUIC, , AES_128_GCM
Server
23.14.92.49 , Netherlands, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
a23-14-92-49.deploy.static.akamaitechnologies.com
Software
AmazonS3 /
Resource Hash
e1fe3d4fb86a5838a8c124515e7231d7a728b32c5fa848d1ae810b08b8f6c966

Request headers

Referer
https://vzvnjw.placetowin.net/c/1f0a2cb367c37dee?s1=103756&s2=1198929&s3=225955.nordeainvestmentmanagement.com&click_id=pe88rAFZYu0_0&j1=1&j3=1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Mon, 01 Feb 2021 09:40:14 GMT
last-modified
Mon, 04 Jan 2021 15:10:56 GMT
server
AmazonS3
x-amz-request-id
E27181EFDE00A716
etag
"30058824bbab47942439aee2cb686f41"
content-type
image/png
accept-ranges
bytes
alt-svc
h3-Q050=":443"; ma=93600,quic=":443"; ma=93600; v="46,43"
content-length
123685
x-amz-id-2
XF4+isKINNzkDXnL9g5fcFyARx0JXVkMyKi028wIAFSUVzMpzWTIKJGAgqIIXC4lgGy4bx+gPTg=
quic-version
Q050
vbr10.png
cdn-bimi.akamaized.net/landings/205500/1609773053/images/ 		3 KB
3 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cdn-bimi.akamaized.net/landings/205500/1609773053/images/vbr10.png
Requested by
Host: vzvnjw.placetowin.net
URL: https://vzvnjw.placetowin.net/c/1f0a2cb367c37dee?s1=103756&s2=1198929&s3=225955.nordeainvestmentmanagement.com&click_id=pe88rAFZYu0_0&j1=1&j3=1
Protocol
H3-Q050
Security
QUIC, , AES_128_GCM
Server
23.14.92.49 , Netherlands, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
a23-14-92-49.deploy.static.akamaitechnologies.com
Software
AmazonS3 /
Resource Hash
5bf5da2847ebfe7871ff5361fb81919ce366a19e3d72e2d871fb72e95414f3ed

Request headers

Referer
https://vzvnjw.placetowin.net/c/1f0a2cb367c37dee?s1=103756&s2=1198929&s3=225955.nordeainvestmentmanagement.com&click_id=pe88rAFZYu0_0&j1=1&j3=1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Mon, 01 Feb 2021 09:40:14 GMT
last-modified
Mon, 04 Jan 2021 15:10:57 GMT
server
AmazonS3
x-amz-request-id
EC29A36AA1B8F828
etag
"2c44241d99a45eafa30e639b04edc430"
content-type
image/png
accept-ranges
bytes
alt-svc
h3-Q050=":443"; ma=93600,quic=":443"; ma=93600; v="46,43"
content-length
3247
x-amz-id-2
8UcBQ8ahmjP0HnsdXJ8KZmeTA4lj7TVZvGb4TNYhGwyenw5s4UY6FGduDsxZ9Uxl295vB7W9xZI=
quic-version
Q050
vbr11.png
cdn-bimi.akamaized.net/landings/205500/1609773053/images/ 		4 KB
4 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cdn-bimi.akamaized.net/landings/205500/1609773053/images/vbr11.png
Requested by
Host: vzvnjw.placetowin.net
URL: https://vzvnjw.placetowin.net/c/1f0a2cb367c37dee?s1=103756&s2=1198929&s3=225955.nordeainvestmentmanagement.com&click_id=pe88rAFZYu0_0&j1=1&j3=1
Protocol
H3-Q050
Security
QUIC, , AES_128_GCM
Server
23.14.92.49 , Netherlands, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
a23-14-92-49.deploy.static.akamaitechnologies.com
Software
AmazonS3 /
Resource Hash
b8cfea6cfd55b98d75ae29391e7044a1480714d57913a40171d7cfcd3b07c5cb

Request headers

Referer
https://vzvnjw.placetowin.net/c/1f0a2cb367c37dee?s1=103756&s2=1198929&s3=225955.nordeainvestmentmanagement.com&click_id=pe88rAFZYu0_0&j1=1&j3=1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Mon, 01 Feb 2021 09:40:14 GMT
last-modified
Mon, 04 Jan 2021 15:10:57 GMT
server
AmazonS3
x-amz-request-id
45DACDF67A822A1F
etag
"c277e35dcda7974e3246cb713624f42f"
content-type
image/png
accept-ranges
bytes
alt-svc
h3-Q050=":443"; ma=93600,quic=":443"; ma=93600; v="46,43"
content-length
3607
x-amz-id-2
IW6nnJNZGOx6+9cgzy9FZUYjtPdrn/SwMoh5uEA4a4nCu5wQGzdoXj5sTXSzZ7nysqQoHmyA1TE=
quic-version
Q050
vbr12.png
cdn-bimi.akamaized.net/landings/205500/1609773053/images/ 		3 KB
3 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cdn-bimi.akamaized.net/landings/205500/1609773053/images/vbr12.png
Requested by
Host: vzvnjw.placetowin.net
URL: https://vzvnjw.placetowin.net/c/1f0a2cb367c37dee?s1=103756&s2=1198929&s3=225955.nordeainvestmentmanagement.com&click_id=pe88rAFZYu0_0&j1=1&j3=1
Protocol
H3-Q050
Security
QUIC, , AES_128_GCM
Server
23.14.92.49 , Netherlands, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
a23-14-92-49.deploy.static.akamaitechnologies.com
Software
AmazonS3 /
Resource Hash
de7e8419d508e41cf3cc24d90a64d626f61aaffb6d25330f4f2f3713db6d5707

Request headers

Referer
https://vzvnjw.placetowin.net/c/1f0a2cb367c37dee?s1=103756&s2=1198929&s3=225955.nordeainvestmentmanagement.com&click_id=pe88rAFZYu0_0&j1=1&j3=1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Mon, 01 Feb 2021 09:40:14 GMT
last-modified
Mon, 04 Jan 2021 15:10:57 GMT
server
AmazonS3
x-amz-request-id
68676CEF4D4E8171
etag
"62057008db37712df22db15107c3e6a0"
content-type
image/png
accept-ranges
bytes
alt-svc
h3-Q050=":443"; ma=93600,quic=":443"; ma=93600; v="46,43"
content-length
2906
x-amz-id-2
6QVMhLxjclNzatJMU62w2FD86n0LzTs0HRTVphPqsfbzoszv4kkUDhDWbJ7cwcuH+6Utira7JtY=
quic-version
Q050
scroll.png
cdn-bimi.akamaized.net/landings/205500/1609773053/images/ 		6 KB
6 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cdn-bimi.akamaized.net/landings/205500/1609773053/images/scroll.png
Requested by
Host: vzvnjw.placetowin.net
URL: https://vzvnjw.placetowin.net/c/1f0a2cb367c37dee?s1=103756&s2=1198929&s3=225955.nordeainvestmentmanagement.com&click_id=pe88rAFZYu0_0&j1=1&j3=1
Protocol
H3-Q050
Security
QUIC, , AES_128_GCM
Server
23.14.92.49 , Netherlands, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
a23-14-92-49.deploy.static.akamaitechnologies.com
Software
AmazonS3 /
Resource Hash
f149d68673115169f2b0a2858cdf47125421199f5a9a08626d52e949d7f7a368

Request headers

Referer
https://vzvnjw.placetowin.net/c/1f0a2cb367c37dee?s1=103756&s2=1198929&s3=225955.nordeainvestmentmanagement.com&click_id=pe88rAFZYu0_0&j1=1&j3=1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Mon, 01 Feb 2021 09:40:14 GMT
last-modified
Mon, 04 Jan 2021 15:10:56 GMT
server
AmazonS3
x-amz-request-id
E25BAE52185AC171
etag
"e513cf2d7b3b5c6d2128197792e9ddfd"
content-type
image/png
accept-ranges
bytes
alt-svc
h3-Q050=":443"; ma=93600,quic=":443"; ma=93600; v="46,43"
content-length
5856
x-amz-id-2
sjTRs0hoHQv8I1ZSvbZG4hGWFDmsMLwThzbMF0KvoDa8p2nsDuybUIZWmpt6USN016fzIxFG8W8=
quic-version
Q050
vbr1.png
cdn-bimi.akamaized.net/landings/205500/1609773053/images/ 		10 KB
10 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cdn-bimi.akamaized.net/landings/205500/1609773053/images/vbr1.png
Requested by
Host: vzvnjw.placetowin.net
URL: https://vzvnjw.placetowin.net/c/1f0a2cb367c37dee?s1=103756&s2=1198929&s3=225955.nordeainvestmentmanagement.com&click_id=pe88rAFZYu0_0&j1=1&j3=1
Protocol
H3-Q050
Security
QUIC, , AES_128_GCM
Server
23.14.92.49 , Netherlands, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
a23-14-92-49.deploy.static.akamaitechnologies.com
Software
AmazonS3 /
Resource Hash
a1f4628382a73aaa30bffd2155e07a7ad3c6af29a628b8ad6863ccf97e8e89f9

Request headers

Referer
https://vzvnjw.placetowin.net/c/1f0a2cb367c37dee?s1=103756&s2=1198929&s3=225955.nordeainvestmentmanagement.com&click_id=pe88rAFZYu0_0&j1=1&j3=1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Mon, 01 Feb 2021 09:40:14 GMT
last-modified
Mon, 04 Jan 2021 15:10:56 GMT
server
AmazonS3
x-amz-request-id
699655152DC18B27
etag
"b130732af504d36ba044f28a6725ca0c"
content-type
image/png
accept-ranges
bytes
alt-svc
h3-Q050=":443"; ma=93600,quic=":443"; ma=93600; v="46,43"
content-length
10325
x-amz-id-2
aFn0T6VlY92ghxEL1AHsJ/j8GG5Lm24KIt2poHT5O1Fevtdh+rn3RZoDea/0pF8QWyc8i7PchY0=
quic-version
Q050
vbr2.png
cdn-bimi.akamaized.net/landings/205500/1609773053/images/ 		10 KB
11 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cdn-bimi.akamaized.net/landings/205500/1609773053/images/vbr2.png
Requested by
Host: vzvnjw.placetowin.net
URL: https://vzvnjw.placetowin.net/c/1f0a2cb367c37dee?s1=103756&s2=1198929&s3=225955.nordeainvestmentmanagement.com&click_id=pe88rAFZYu0_0&j1=1&j3=1
Protocol
H3-Q050
Security
QUIC, , AES_128_GCM
Server
23.14.92.49 , Netherlands, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
a23-14-92-49.deploy.static.akamaitechnologies.com
Software
AmazonS3 /
Resource Hash
38998ecf20cd0395033f51b529827017e4f9ad6bef3379328a4f53210eb84f14

Request headers

Referer
https://vzvnjw.placetowin.net/c/1f0a2cb367c37dee?s1=103756&s2=1198929&s3=225955.nordeainvestmentmanagement.com&click_id=pe88rAFZYu0_0&j1=1&j3=1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Mon, 01 Feb 2021 09:40:14 GMT
last-modified
Mon, 04 Jan 2021 15:10:56 GMT
server
AmazonS3
x-amz-request-id
12F87B8E84EB156F
etag
"b0d3fe3b463a929cf39367a3c0d3d6dc"
content-type
image/png
accept-ranges
bytes
alt-svc
h3-Q050=":443"; ma=93600,quic=":443"; ma=93600; v="46,43"
content-length
10632
x-amz-id-2
mD3BpnUnRddnJd2aKfeo3ue5gBuR+muxVUqYQErcgFojJIjPID5G6PwrvThvGevk0Syk5WV5pSk=
quic-version
Q050
vbr3.png
cdn-bimi.akamaized.net/landings/205500/1609773053/images/ 		10 KB
10 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cdn-bimi.akamaized.net/landings/205500/1609773053/images/vbr3.png
Requested by
Host: vzvnjw.placetowin.net
URL: https://vzvnjw.placetowin.net/c/1f0a2cb367c37dee?s1=103756&s2=1198929&s3=225955.nordeainvestmentmanagement.com&click_id=pe88rAFZYu0_0&j1=1&j3=1
Protocol
H3-Q050
Security
QUIC, , AES_128_GCM
Server
23.14.92.49 , Netherlands, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
a23-14-92-49.deploy.static.akamaitechnologies.com
Software
AmazonS3 /
Resource Hash
e574c17da956654f75acfef6ba2e091923c407d01b06e32530d35183754c9c9a

Request headers

Referer
https://vzvnjw.placetowin.net/c/1f0a2cb367c37dee?s1=103756&s2=1198929&s3=225955.nordeainvestmentmanagement.com&click_id=pe88rAFZYu0_0&j1=1&j3=1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Mon, 01 Feb 2021 09:40:14 GMT
last-modified
Mon, 04 Jan 2021 15:10:56 GMT
server
AmazonS3
x-amz-request-id
78F9A07F194BF732
etag
"38fa3ddc1b2536ca8e7b4787bd2015d9"
content-type
image/png
accept-ranges
bytes
alt-svc
h3-Q050=":443"; ma=93600,quic=":443"; ma=93600; v="46,43"
content-length
9803
x-amz-id-2
pGm4SO1QRm4wm7zfD2BhbJQtr2wwlqoH2F2lrdFyg072L8OqY9kqYfSxtyD2Obbmvu2dcAVRk9E=
quic-version
Q050
vbr4.png
cdn-bimi.akamaized.net/landings/205500/1609773053/images/ 		11 KB
11 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cdn-bimi.akamaized.net/landings/205500/1609773053/images/vbr4.png
Requested by
Host: vzvnjw.placetowin.net
URL: https://vzvnjw.placetowin.net/c/1f0a2cb367c37dee?s1=103756&s2=1198929&s3=225955.nordeainvestmentmanagement.com&click_id=pe88rAFZYu0_0&j1=1&j3=1
Protocol
H3-Q050
Security
QUIC, , AES_128_GCM
Server
23.14.92.49 , Netherlands, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
a23-14-92-49.deploy.static.akamaitechnologies.com
Software
AmazonS3 /
Resource Hash
a6dbf654779db5d36ec3a9f119613f25149dcc8867530980c1e058e56afff212

Request headers

Referer
https://vzvnjw.placetowin.net/c/1f0a2cb367c37dee?s1=103756&s2=1198929&s3=225955.nordeainvestmentmanagement.com&click_id=pe88rAFZYu0_0&j1=1&j3=1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Mon, 01 Feb 2021 09:40:14 GMT
last-modified
Mon, 04 Jan 2021 15:10:57 GMT
server
AmazonS3
x-amz-request-id
E489AF99F1718766
etag
"8b062aa28af406624f7897a949e6e294"
content-type
image/png
accept-ranges
bytes
alt-svc
h3-Q050=":443"; ma=93600,quic=":443"; ma=93600; v="46,43"
content-length
10810
x-amz-id-2
s1D/DTSGrq8MWiqr0JNvKT4/MHLHy3FScszZN1Ek16cbU8JMYcBY8CExzCqtiGj6deGamK4adHQ=
quic-version
Q050
vbr5.png
cdn-bimi.akamaized.net/landings/205500/1609773053/images/ 		7 KB
7 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cdn-bimi.akamaized.net/landings/205500/1609773053/images/vbr5.png
Requested by
Host: vzvnjw.placetowin.net
URL: https://vzvnjw.placetowin.net/c/1f0a2cb367c37dee?s1=103756&s2=1198929&s3=225955.nordeainvestmentmanagement.com&click_id=pe88rAFZYu0_0&j1=1&j3=1
Protocol
H3-Q050
Security
QUIC, , AES_128_GCM
Server
23.14.92.49 , Netherlands, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
a23-14-92-49.deploy.static.akamaitechnologies.com
Software
AmazonS3 /
Resource Hash
2cf4425b532db6c469ae06c6cf80b4e3ffd527bb5e0678e52079710142899c65

Request headers

Referer
https://vzvnjw.placetowin.net/c/1f0a2cb367c37dee?s1=103756&s2=1198929&s3=225955.nordeainvestmentmanagement.com&click_id=pe88rAFZYu0_0&j1=1&j3=1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Mon, 01 Feb 2021 09:40:14 GMT
last-modified
Mon, 04 Jan 2021 15:10:57 GMT
server
AmazonS3
x-amz-request-id
126A91B4AB5E7E43
etag
"08128deb38fdcba35c08f8832e6821de"
content-type
image/png
accept-ranges
bytes
alt-svc
h3-Q050=":443"; ma=93600,quic=":443"; ma=93600; v="46,43"
content-length
6854
x-amz-id-2
1dm1yVi6QEx0iwNftslBNShVqcXp0YrtQm18IBIESURX4TehFCqR6Q0X8PaH+5Fj78TQvsRZh7U=
quic-version
Q050
vbr6.png
cdn-bimi.akamaized.net/landings/205500/1609773053/images/ 		8 KB
8 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cdn-bimi.akamaized.net/landings/205500/1609773053/images/vbr6.png
Requested by
Host: vzvnjw.placetowin.net
URL: https://vzvnjw.placetowin.net/c/1f0a2cb367c37dee?s1=103756&s2=1198929&s3=225955.nordeainvestmentmanagement.com&click_id=pe88rAFZYu0_0&j1=1&j3=1
Protocol
H3-Q050
Security
QUIC, , AES_128_GCM
Server
23.14.92.49 , Netherlands, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
a23-14-92-49.deploy.static.akamaitechnologies.com
Software
AmazonS3 /
Resource Hash
e7bb7bd09dc4637d3d1994087160147681f648fd28bb55681ee202ee8debf91d

Request headers

Referer
https://vzvnjw.placetowin.net/c/1f0a2cb367c37dee?s1=103756&s2=1198929&s3=225955.nordeainvestmentmanagement.com&click_id=pe88rAFZYu0_0&j1=1&j3=1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Mon, 01 Feb 2021 09:40:14 GMT
last-modified
Mon, 04 Jan 2021 15:10:57 GMT
server
AmazonS3
x-amz-request-id
8B9382445D09822D
etag
"e855daacc0ef47d69ba673ac4d354cb3"
content-type
image/png
accept-ranges
bytes
alt-svc
h3-Q050=":443"; ma=93600,quic=":443"; ma=93600; v="46,43"
content-length
8198
x-amz-id-2
cNNJeEdjv75PxmnANFShZ0yyHULdKarXo/MdQfOoRHaLb2cgpUWjRIms7vJHH/k2TVQ/PtBCOC4=
quic-version
Q050
vbr7.png
cdn-bimi.akamaized.net/landings/205500/1609773053/images/ 		9 KB
9 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cdn-bimi.akamaized.net/landings/205500/1609773053/images/vbr7.png
Requested by
Host: vzvnjw.placetowin.net
URL: https://vzvnjw.placetowin.net/c/1f0a2cb367c37dee?s1=103756&s2=1198929&s3=225955.nordeainvestmentmanagement.com&click_id=pe88rAFZYu0_0&j1=1&j3=1
Protocol
H3-Q050
Security
QUIC, , AES_128_GCM
Server
23.14.92.49 , Netherlands, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
a23-14-92-49.deploy.static.akamaitechnologies.com
Software
AmazonS3 /
Resource Hash
cf2d16ecdf0baf7bf6d53d35f96f3c3a35f40b60107148ea07899cebe74b4f61

Request headers

Referer
https://vzvnjw.placetowin.net/c/1f0a2cb367c37dee?s1=103756&s2=1198929&s3=225955.nordeainvestmentmanagement.com&click_id=pe88rAFZYu0_0&j1=1&j3=1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Mon, 01 Feb 2021 09:40:14 GMT
last-modified
Mon, 04 Jan 2021 15:10:57 GMT
server
AmazonS3
x-amz-request-id
F66E1B3B0CC7900F
etag
"0c17ba6dae5bd989d82d1ccddc6fa676"
content-type
image/png
accept-ranges
bytes
alt-svc
h3-Q050=":443"; ma=93600,quic=":443"; ma=93600; v="46,43"
content-length
8995
x-amz-id-2
npzdC/OYw7ijx+WPWVusvE6bXQjW2gOIP3JV+ZPgrnPTsdTalldJ6ruerBDfEMoJ3V1AkwJ2DSs=
quic-version
Q050
vbr8.png
cdn-bimi.akamaized.net/landings/205500/1609773053/images/ 		9 KB
10 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cdn-bimi.akamaized.net/landings/205500/1609773053/images/vbr8.png
Requested by
Host: vzvnjw.placetowin.net
URL: https://vzvnjw.placetowin.net/c/1f0a2cb367c37dee?s1=103756&s2=1198929&s3=225955.nordeainvestmentmanagement.com&click_id=pe88rAFZYu0_0&j1=1&j3=1
Protocol
H3-Q050
Security
QUIC, , AES_128_GCM
Server
23.14.92.49 , Netherlands, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
a23-14-92-49.deploy.static.akamaitechnologies.com
Software
AmazonS3 /
Resource Hash
b5963df8a19244b5a894a0c5d3ed41249e678b8370d7b9ce3d325d3b8eca3f46

Request headers

Referer
https://vzvnjw.placetowin.net/c/1f0a2cb367c37dee?s1=103756&s2=1198929&s3=225955.nordeainvestmentmanagement.com&click_id=pe88rAFZYu0_0&j1=1&j3=1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Mon, 01 Feb 2021 09:40:14 GMT
last-modified
Mon, 04 Jan 2021 15:10:57 GMT
server
AmazonS3
x-amz-request-id
A8F4FC4B48CE9150
etag
"b84b39247a870698f549af91f8587e04"
content-type
image/png
accept-ranges
bytes
alt-svc
h3-Q050=":443"; ma=93600,quic=":443"; ma=93600; v="46,43"
content-length
9703
x-amz-id-2
IZ/3h3YSKHPK8ePmAjdPMdXcoBNpMiA1K/UvsMsH7dWHDa7EPPFlIPM3a9MrEkjj3+0R3BZsnGM=
quic-version
Q050
vbr9.png
cdn-bimi.akamaized.net/landings/205500/1609773053/images/ 		10 KB
11 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cdn-bimi.akamaized.net/landings/205500/1609773053/images/vbr9.png
Requested by
Host: vzvnjw.placetowin.net
URL: https://vzvnjw.placetowin.net/c/1f0a2cb367c37dee?s1=103756&s2=1198929&s3=225955.nordeainvestmentmanagement.com&click_id=pe88rAFZYu0_0&j1=1&j3=1
Protocol
H3-Q050
Security
QUIC, , AES_128_GCM
Server
23.14.92.49 , Netherlands, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
a23-14-92-49.deploy.static.akamaitechnologies.com
Software
AmazonS3 /
Resource Hash
c82685c3521800dcacb9d86fcc80e60e750b6429f4c96c35e06572a9504eb39b

Request headers

Referer
https://vzvnjw.placetowin.net/c/1f0a2cb367c37dee?s1=103756&s2=1198929&s3=225955.nordeainvestmentmanagement.com&click_id=pe88rAFZYu0_0&j1=1&j3=1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Mon, 01 Feb 2021 09:40:14 GMT
last-modified
Mon, 04 Jan 2021 15:10:57 GMT
server
AmazonS3
x-amz-request-id
BD7F887727843EA9
etag
"f329720061de90177bcf2ed497717925"
content-type
image/png
accept-ranges
bytes
alt-svc
h3-Q050=":443"; ma=93600,quic=":443"; ma=93600; v="46,43"
content-length
10714
x-amz-id-2
WsK4+KkQK+LyO20bQpP3g71YDQ4aI5H2cvWIZfBUH0F44NunZnb1qOgJHoOxYvmQFZF+U4ACszM=
quic-version
Q050
vbr13.png
cdn-bimi.akamaized.net/landings/205500/1609773053/images/ 		8 KB
8 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cdn-bimi.akamaized.net/landings/205500/1609773053/images/vbr13.png
Requested by
Host: vzvnjw.placetowin.net
URL: https://vzvnjw.placetowin.net/c/1f0a2cb367c37dee?s1=103756&s2=1198929&s3=225955.nordeainvestmentmanagement.com&click_id=pe88rAFZYu0_0&j1=1&j3=1
Protocol
H3-Q050
Security
QUIC, , AES_128_GCM
Server
23.14.92.49 , Netherlands, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
a23-14-92-49.deploy.static.akamaitechnologies.com
Software
AmazonS3 /
Resource Hash
cb47809183575d9fe3a2c325b7ec60c8021441fdcf5400f4c6fb3cc02e399477

Request headers

Referer
https://vzvnjw.placetowin.net/c/1f0a2cb367c37dee?s1=103756&s2=1198929&s3=225955.nordeainvestmentmanagement.com&click_id=pe88rAFZYu0_0&j1=1&j3=1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Mon, 01 Feb 2021 09:40:14 GMT
last-modified
Mon, 04 Jan 2021 15:10:57 GMT
server
AmazonS3
x-amz-request-id
5072750FF7B04ACE
etag
"f40364fbfd15d3e4c6ea54bea5bd42b1"
content-type
image/png
accept-ranges
bytes
alt-svc
h3-Q050=":443"; ma=93600,quic=":443"; ma=93600; v="46,43"
content-length
8033
x-amz-id-2
lK8Fr2a/7gxN1va9Lzu4T5QCY9uZFEkejrynsUzlVkP6ZgFD5C4IX47t/irw27CuZDU0AaLmGug=
quic-version
Q050
vbr16.jpg
cdn-bimi.akamaized.net/landings/205500/1609773053/images/ 		15 KB
15 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cdn-bimi.akamaized.net/landings/205500/1609773053/images/vbr16.jpg
Requested by
Host: vzvnjw.placetowin.net
URL: https://vzvnjw.placetowin.net/c/1f0a2cb367c37dee?s1=103756&s2=1198929&s3=225955.nordeainvestmentmanagement.com&click_id=pe88rAFZYu0_0&j1=1&j3=1
Protocol
H3-Q050
Security
QUIC, , AES_128_GCM
Server
23.14.92.49 , Netherlands, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
a23-14-92-49.deploy.static.akamaitechnologies.com
Software
AmazonS3 /
Resource Hash
1c28e3ddeeb7b8a3ad3e52ef121b1efbc5836fc089af6d657c07bf1918438934

Request headers

Referer
https://vzvnjw.placetowin.net/c/1f0a2cb367c37dee?s1=103756&s2=1198929&s3=225955.nordeainvestmentmanagement.com&click_id=pe88rAFZYu0_0&j1=1&j3=1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Mon, 01 Feb 2021 09:40:14 GMT
last-modified
Mon, 04 Jan 2021 15:10:57 GMT
server
AmazonS3
x-amz-request-id
A91A5F8EF81EAAA7
etag
"08b8eeef39d1fc20a7af5d0cae11fbb1"
content-type
image/jpeg
accept-ranges
bytes
alt-svc
h3-Q050=":443"; ma=93600,quic=":443"; ma=93600; v="46,43"
content-length
14986
x-amz-id-2
SCWZyGJlIkm1qj2GozAHRgYo2aHOc/KYE6+rXFPd2DOfz/iStHOxYdw9YR8VfKB0+PNH5PYwqwU=
quic-version
Q050
m1.jpg
cdn-bimi.akamaized.net/landings/205500/1609773053/images/ 		8 KB
8 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cdn-bimi.akamaized.net/landings/205500/1609773053/images/m1.jpg
Requested by
Host: vzvnjw.placetowin.net
URL: https://vzvnjw.placetowin.net/c/1f0a2cb367c37dee?s1=103756&s2=1198929&s3=225955.nordeainvestmentmanagement.com&click_id=pe88rAFZYu0_0&j1=1&j3=1
Protocol
H3-Q050
Security
QUIC, , AES_128_GCM
Server
23.14.92.49 , Netherlands, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
a23-14-92-49.deploy.static.akamaitechnologies.com
Software
AmazonS3 /
Resource Hash
b7b5de11cdbf4e1fa40df324a41ba81691081e51e92789754d31518f5c9035e8

Request headers

Referer
https://vzvnjw.placetowin.net/c/1f0a2cb367c37dee?s1=103756&s2=1198929&s3=225955.nordeainvestmentmanagement.com&click_id=pe88rAFZYu0_0&j1=1&j3=1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Mon, 01 Feb 2021 09:40:14 GMT
last-modified
Mon, 04 Jan 2021 15:10:56 GMT
server
AmazonS3
x-amz-request-id
9DACF102A4097217
etag
"c4c4d5b7ec16caf645a10a72bad94e6b"
content-type
image/jpeg
accept-ranges
bytes
alt-svc
h3-Q050=":443"; ma=93600,quic=":443"; ma=93600; v="46,43"
content-length
7854
x-amz-id-2
rQ10b9fqHqp2LoVwQOANIpN+SR0/URG3flQzLbGp3URClETTbFyX1E610FlaxvOTKKmErjulW4o=
quic-version
Q050
m2.jpg
cdn-bimi.akamaized.net/landings/205500/1609773053/images/ 		10 KB
10 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cdn-bimi.akamaized.net/landings/205500/1609773053/images/m2.jpg
Requested by
Host: vzvnjw.placetowin.net
URL: https://vzvnjw.placetowin.net/c/1f0a2cb367c37dee?s1=103756&s2=1198929&s3=225955.nordeainvestmentmanagement.com&click_id=pe88rAFZYu0_0&j1=1&j3=1
Protocol
H3-Q050
Security
QUIC, , AES_128_GCM
Server
23.14.92.49 , Netherlands, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
a23-14-92-49.deploy.static.akamaitechnologies.com
Software
AmazonS3 /
Resource Hash
a546f4150d49c5a4224ef960cbee4ea62f6f8cfc26417955af67841cafa66043

Request headers

Referer
https://vzvnjw.placetowin.net/c/1f0a2cb367c37dee?s1=103756&s2=1198929&s3=225955.nordeainvestmentmanagement.com&click_id=pe88rAFZYu0_0&j1=1&j3=1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Mon, 01 Feb 2021 09:40:14 GMT
last-modified
Mon, 04 Jan 2021 15:10:56 GMT
server
AmazonS3
x-amz-request-id
17C4439DF55978CE
etag
"c780ee693f7c1e334602a03fa41684e1"
content-type
image/jpeg
accept-ranges
bytes
alt-svc
h3-Q050=":443"; ma=93600,quic=":443"; ma=93600; v="46,43"
content-length
10060
x-amz-id-2
Gw9oDBcd1P0l1B2jCM2J2yUvDh0UPFWFLYXTaU4dXyzqth+zzR0fMYFkoIbkfhoY+hus0PCzH3w=
quic-version
Q050
m3.jpg
cdn-bimi.akamaized.net/landings/205500/1609773053/images/ 		8 KB
8 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cdn-bimi.akamaized.net/landings/205500/1609773053/images/m3.jpg
Requested by
Host: vzvnjw.placetowin.net
URL: https://vzvnjw.placetowin.net/c/1f0a2cb367c37dee?s1=103756&s2=1198929&s3=225955.nordeainvestmentmanagement.com&click_id=pe88rAFZYu0_0&j1=1&j3=1
Protocol
H3-Q050
Security
QUIC, , AES_128_GCM
Server
23.14.92.49 , Netherlands, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
a23-14-92-49.deploy.static.akamaitechnologies.com
Software
AmazonS3 /
Resource Hash
9f6f68ded188391b8dc2f420d2ff8270550f68bf13432793cd27b41104930cbd

Request headers

Referer
https://vzvnjw.placetowin.net/c/1f0a2cb367c37dee?s1=103756&s2=1198929&s3=225955.nordeainvestmentmanagement.com&click_id=pe88rAFZYu0_0&j1=1&j3=1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Mon, 01 Feb 2021 09:40:14 GMT
last-modified
Mon, 04 Jan 2021 15:10:56 GMT
server
AmazonS3
x-amz-request-id
198ABAED310346B8
etag
"e2b1cd1f44833be3961cf1c81680adfd"
content-type
image/jpeg
accept-ranges
bytes
alt-svc
h3-Q050=":443"; ma=93600,quic=":443"; ma=93600; v="46,43"
content-length
8271
x-amz-id-2
P7btVgelB8ZSalyiurso/lJaxdXYFUPnz6bFOjvWIfoH62zFiFm+goMTpqUraRNq6zYJD+gx8Kc=
quic-version
Q050
w4.jpg
cdn-bimi.akamaized.net/landings/205500/1609773053/images/ 		7 KB
7 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cdn-bimi.akamaized.net/landings/205500/1609773053/images/w4.jpg
Requested by
Host: vzvnjw.placetowin.net
URL: https://vzvnjw.placetowin.net/c/1f0a2cb367c37dee?s1=103756&s2=1198929&s3=225955.nordeainvestmentmanagement.com&click_id=pe88rAFZYu0_0&j1=1&j3=1
Protocol
H3-Q050
Security
QUIC, , AES_128_GCM
Server
23.14.92.49 , Netherlands, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
a23-14-92-49.deploy.static.akamaitechnologies.com
Software
AmazonS3 /
Resource Hash
c2b5be895ac7e1f463543732aa0ff459917c36de73c1fc58219bbf8d64c88809

Request headers

Referer
https://vzvnjw.placetowin.net/c/1f0a2cb367c37dee?s1=103756&s2=1198929&s3=225955.nordeainvestmentmanagement.com&click_id=pe88rAFZYu0_0&j1=1&j3=1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Mon, 01 Feb 2021 09:40:14 GMT
last-modified
Mon, 04 Jan 2021 15:10:57 GMT
server
AmazonS3
x-amz-request-id
C5195FB8AE57CAEF
etag
"6f84038603b848b9fdb2a326012ea37d"
content-type
image/jpeg
accept-ranges
bytes
alt-svc
h3-Q050=":443"; ma=93600,quic=":443"; ma=93600; v="46,43"
content-length
7205
x-amz-id-2
yqLdZuaHs3xTEfUyFW7K5bdGZWnGqpZrqfmh27A03PceOR6gy3T0hm156ipwMVMDSTfb8Av+uUU=
quic-version
Q050
w6.jpg
cdn-bimi.akamaized.net/landings/205500/1609773053/images/ 		8 KB
8 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cdn-bimi.akamaized.net/landings/205500/1609773053/images/w6.jpg
Requested by
Host: vzvnjw.placetowin.net
URL: https://vzvnjw.placetowin.net/c/1f0a2cb367c37dee?s1=103756&s2=1198929&s3=225955.nordeainvestmentmanagement.com&click_id=pe88rAFZYu0_0&j1=1&j3=1
Protocol
H3-Q050
Security
QUIC, , AES_128_GCM
Server
23.14.92.49 , Netherlands, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
a23-14-92-49.deploy.static.akamaitechnologies.com
Software
AmazonS3 /
Resource Hash
00f56c587c7ab5de49ce2f7e9a8952d6f65e80dbd73749db6834d142cb7fe0ca

Request headers

Referer
https://vzvnjw.placetowin.net/c/1f0a2cb367c37dee?s1=103756&s2=1198929&s3=225955.nordeainvestmentmanagement.com&click_id=pe88rAFZYu0_0&j1=1&j3=1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Mon, 01 Feb 2021 09:40:14 GMT
last-modified
Mon, 04 Jan 2021 15:10:57 GMT
server
AmazonS3
x-amz-request-id
8190514BC07639F7
etag
"390a5f20675c29427a8757f24ec121ef"
content-type
image/jpeg
accept-ranges
bytes
alt-svc
h3-Q050=":443"; ma=93600,quic=":443"; ma=93600; v="46,43"
content-length
8158
x-amz-id-2
Un3Lga53MZ2vZWIJdxyauGcBbKcIAsyRDgN1xTtCwJ+OyQgU3mKuEL+ZfMh5DLCsgvmf33MCUdg=
quic-version
Q050
w7.jpg
cdn-bimi.akamaized.net/landings/205500/1609773053/images/ 		10 KB
11 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cdn-bimi.akamaized.net/landings/205500/1609773053/images/w7.jpg
Requested by
Host: vzvnjw.placetowin.net
URL: https://vzvnjw.placetowin.net/c/1f0a2cb367c37dee?s1=103756&s2=1198929&s3=225955.nordeainvestmentmanagement.com&click_id=pe88rAFZYu0_0&j1=1&j3=1
Protocol
H3-Q050
Security
QUIC, , AES_128_GCM
Server
23.14.92.49 , Netherlands, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
a23-14-92-49.deploy.static.akamaitechnologies.com
Software
AmazonS3 /
Resource Hash
48b73fd52dbb420cd019216ae6666a48e5a73ec49f57761b1f1da40229d0c50d

Request headers

Referer
https://vzvnjw.placetowin.net/c/1f0a2cb367c37dee?s1=103756&s2=1198929&s3=225955.nordeainvestmentmanagement.com&click_id=pe88rAFZYu0_0&j1=1&j3=1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Mon, 01 Feb 2021 09:40:14 GMT
last-modified
Mon, 04 Jan 2021 15:10:57 GMT
server
AmazonS3
x-amz-request-id
DEBDA4BB2C8CBF61
etag
"a3e0c2478f5fb310de80a19449248188"
content-type
image/jpeg
accept-ranges
bytes
alt-svc
h3-Q050=":443"; ma=93600,quic=":443"; ma=93600; v="46,43"
content-length
10716
x-amz-id-2
iz699zk+an1074Rc/n230nJPpf3Dbu3/271tQ6/S5gf9Fd6Ck+nG8Rr5dMcyuve3JyerFqiDmag=
quic-version
Q050
header-background.png
cdn-bimi.akamaized.net/landings/205500/1609773053/images/ 		53 KB
53 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cdn-bimi.akamaized.net/landings/205500/1609773053/images/header-background.png
Requested by
Host: cdn-bimi.akamaized.net
URL: https://cdn-bimi.akamaized.net/landings/205500/1609773053/css/f04v9d8952.css?1609773053
Protocol
H3-Q050
Security
QUIC, , AES_128_GCM
Server
23.14.92.49 , Netherlands, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
a23-14-92-49.deploy.static.akamaitechnologies.com
Software
AmazonS3 /
Resource Hash
f4b96ac229d605c688e3a4d6d2f4659c5414380cb71c26bfdda8d0d9f147358a

Request headers

Referer
https://cdn-bimi.akamaized.net/landings/205500/1609773053/css/f04v9d8952.css?1609773053
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Mon, 01 Feb 2021 09:40:14 GMT
last-modified
Mon, 04 Jan 2021 15:10:56 GMT
server
AmazonS3
x-amz-request-id
7M4HFS9Q1Q2T1V3M
etag
"af8dd4a07b82d6756e38a3e92f6b9160"
content-type
image/png
accept-ranges
bytes
alt-svc
h3-Q050=":443"; ma=93600,quic=":443"; ma=93600; v="46,43"
content-length
54391
x-amz-id-2
B2jos8BHs04tgNF+z6Ex6Zaf2X4mQLDNQQxAzG1vNgkHlNjjYHu4LEGNzKsqNHOC5s6fmXYVJ6Q=
quic-version
Q050
fa-regular-400.woff
cdn-bimi.akamaized.net/landings/205500/1609773053/images/ 		0
0
subscriber.js
vzvnjw.placetowin.net/js/pushjs/1.0.0/ 		12 KB
4 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://vzvnjw.placetowin.net/js/pushjs/1.0.0/subscriber.js
Requested by
Host: cdn-bimi.akamaized.net
URL: https://cdn-bimi.akamaized.net/landings/205500/1609773053/js/j5_tmp.js?1609773053
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2a05:d018:244:5200::ab Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
nginx /
Resource Hash
6245829277dddbd160f189c31c8bc1bd755b0e6da2eefb3b037a89d07b3816ec

Request headers

Referer
https://vzvnjw.placetowin.net/c/1f0a2cb367c37dee?s1=103756&s2=1198929&s3=225955.nordeainvestmentmanagement.com&click_id=pe88rAFZYu0_0&j1=1&j3=1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Mon, 01 Feb 2021 09:40:14 GMT
content-encoding
gzip
expires
Mon, 08 Feb 2021 09:40:14 GMT
server
nginx
cache-control
max-age=604800
content-type
application/javascript
vbr14.jpg
cdn-bimi.akamaized.net/landings/205500/1609773053/images/ 		33 KB
33 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cdn-bimi.akamaized.net/landings/205500/1609773053/images/vbr14.jpg
Requested by
Host: cdn-bimi.akamaized.net
URL: https://cdn-bimi.akamaized.net/landings/205500/1609773053/css/chat.css?1609773053
Protocol
H3-Q050
Security
QUIC, , AES_128_GCM
Server
23.14.92.49 , Netherlands, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
a23-14-92-49.deploy.static.akamaitechnologies.com
Software
AmazonS3 /
Resource Hash
460fbd8de9a67a1f16f3cddae613a71490cfffc5b0857a9b095096393d379538

Request headers

Referer
https://cdn-bimi.akamaized.net/landings/205500/1609773053/css/chat.css?1609773053
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Mon, 01 Feb 2021 09:40:14 GMT
last-modified
Mon, 04 Jan 2021 15:10:57 GMT
server
AmazonS3
x-amz-request-id
BA119D4D0D581A59
etag
"730625f3d4940a639e6d284467270c2a"
content-type
image/jpeg
accept-ranges
bytes
alt-svc
h3-Q050=":443"; ma=93600,quic=":443"; ma=93600; v="46,43"
content-length
33667
x-amz-id-2
eLptNbo6C13u//IlVZYGWHhpOY91EjV//6th6QNAYufoZU3B0GQu9V0KTJBY7LPX2poqTE6+67k=
quic-version
Q050
KFOmCnqEu92Fr1Me5Q.ttf
cdn-bimi.akamaized.net/landings/205500/1609773053/images/ 		0
0
KFOlCnqEu92Fr1MmWUlvAw.ttf
cdn-bimi.akamaized.net/landings/205500/1609773053/images/ 		0
0
fa-regular-400.ttf
cdn-bimi.akamaized.net/landings/205500/1609773053/images/ 		0
0
firebase-app.js
www.gstatic.com/firebasejs/5.0.2/ 		25 KB
9 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.gstatic.com/firebasejs/5.0.2/firebase-app.js
Requested by
Host: vzvnjw.placetowin.net
URL: https://vzvnjw.placetowin.net/js/pushjs/1.0.0/subscriber.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:803::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
15c9bd66992ef54979c981763cae280f28b6845520020ed38b5ab5f3f70f7931
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://vzvnjw.placetowin.net/c/1f0a2cb367c37dee?s1=103756&s2=1198929&s3=225955.nordeainvestmentmanagement.com&click_id=pe88rAFZYu0_0&j1=1&j3=1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Wed, 27 Jan 2021 15:39:48 GMT
content-encoding
gzip
x-content-type-options
nosniff
last-modified
Thu, 10 May 2018 20:35:51 GMT
server
sffe
age
410426
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=31536000
cross-origin-resource-policy
cross-origin
accept-ranges
bytes
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
8604
x-xss-protection
0
expires
Thu, 27 Jan 2022 15:39:48 GMT
firebase-messaging.js
www.gstatic.com/firebasejs/5.0.2/ 		35 KB
10 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.gstatic.com/firebasejs/5.0.2/firebase-messaging.js
Requested by
Host: vzvnjw.placetowin.net
URL: https://vzvnjw.placetowin.net/js/pushjs/1.0.0/subscriber.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:803::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
4569845f7c550a55311814032e88541bd3b4a055ec3894e9cf58c4fff1be91d9
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://vzvnjw.placetowin.net/c/1f0a2cb367c37dee?s1=103756&s2=1198929&s3=225955.nordeainvestmentmanagement.com&click_id=pe88rAFZYu0_0&j1=1&j3=1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Tue, 26 Jan 2021 05:54:27 GMT
content-encoding
gzip
x-content-type-options
nosniff
last-modified
Thu, 10 May 2018 20:35:52 GMT
server
sffe
age
531947
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=31536000
cross-origin-resource-policy
cross-origin
accept-ranges
bytes
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
10017
x-xss-protection
0
expires
Wed, 26 Jan 2022 05:54:27 GMT
utils.js
vzvnjw.placetowin.net/js/pushjs/1.0.0/ 		7 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://vzvnjw.placetowin.net/js/pushjs/1.0.0/utils.js
Requested by
Host: vzvnjw.placetowin.net
URL: https://vzvnjw.placetowin.net/js/pushjs/1.0.0/subscriber.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2a05:d018:244:5200::ab Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
nginx /
Resource Hash
41a5e34d6777a471d63211252ce51555815b728949dc81cec01414f4ffdb98eb

Request headers

Referer
https://vzvnjw.placetowin.net/c/1f0a2cb367c37dee?s1=103756&s2=1198929&s3=225955.nordeainvestmentmanagement.com&click_id=pe88rAFZYu0_0&j1=1&j3=1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Mon, 01 Feb 2021 09:40:14 GMT
content-encoding
gzip
expires
Mon, 08 Feb 2021 09:40:14 GMT
server
nginx
cache-control
max-age=604800
content-type
application/javascript
w4.jpg
cdn-bimi.akamaized.net/landings/205500/1609773053/images/ 		7 KB
7 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cdn-bimi.akamaized.net/landings/205500/1609773053/images/w4.jpg
Requested by
Host: cdn-bimi.akamaized.net
URL: https://cdn-bimi.akamaized.net/landings/205500/1609773053/js/jquery.min.js?1609773053
Protocol
H3-Q050
Security
QUIC, , AES_128_GCM
Server
23.14.92.49 , Netherlands, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
a23-14-92-49.deploy.static.akamaitechnologies.com
Software
AmazonS3 /
Resource Hash
c2b5be895ac7e1f463543732aa0ff459917c36de73c1fc58219bbf8d64c88809

Request headers

Referer
https://vzvnjw.placetowin.net/c/1f0a2cb367c37dee?s1=103756&s2=1198929&s3=225955.nordeainvestmentmanagement.com&click_id=pe88rAFZYu0_0&j1=1&j3=1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Mon, 01 Feb 2021 09:40:22 GMT
last-modified
Mon, 04 Jan 2021 15:10:57 GMT
server
AmazonS3
x-amz-request-id
C5195FB8AE57CAEF
etag
"6f84038603b848b9fdb2a326012ea37d"
content-type
image/jpeg
accept-ranges
bytes
alt-svc
h3-Q050=":443"; ma=93600,quic=":443"; ma=93600; v="46,43"
content-length
7205
x-amz-id-2
yqLdZuaHs3xTEfUyFW7K5bdGZWnGqpZrqfmh27A03PceOR6gy3T0hm156ipwMVMDSTfb8Av+uUU=
quic-version
Q050

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain
cdn-bimi.akamaized.net
URL
https://cdn-bimi.akamaized.net/landings/205500/1609773053/images/fa-regular-400.woff
Domain
cdn-bimi.akamaized.net
URL
https://cdn-bimi.akamaized.net/landings/205500/1609773053/images/KFOmCnqEu92Fr1Me5Q.ttf
Domain
cdn-bimi.akamaized.net
URL
https://cdn-bimi.akamaized.net/landings/205500/1609773053/images/KFOlCnqEu92Fr1MmWUlvAw.ttf
Domain
cdn-bimi.akamaized.net
URL
https://cdn-bimi.akamaized.net/landings/205500/1609773053/images/fa-regular-400.ttf

Verdicts & Comments Add Verdict or Comment

122 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| ontransitionrun object| ontransitionstart object| ontransitioncancel object| cookieStore function| showDirectoryPicker function| showOpenFilePicker function| showSaveFilePicker object| trustedTypes boolean| crossOriginIsolated function| $ function| jQuery object| bootstrap object| _0x37fc function| _0x139b function| setCookie function| getCookie function| checkCookie function| stepfinal function| goToUrlFinish function| getBrowser function| getPlatform object| canvasConfetti object| ctx number| W_Confetti number| H_Confetti function| getUrlParameter function| setSecondary number| mp_Confetti undefined| deactivationTimerHandler undefined| reactivationTimerHandler number| animationHandler object| particles number| angleConfetti number| tiltAngle boolean| confettiActive boolean| confettiIniciated boolean| animationComplete object| particleColors function| confettiParticle function| SetGlobalsConfetti function| InitializeConfetti function| Draw function| RandomFromTo function| UpdateConfetti function| CheckForRepositionConfetti function| stepParticleConfetti function| repositionParticleConfetti function| StartConfetti function| ClearTimers function| DeactivateConfetti function| StopConfetti function| RestartConfetti function| SetupConfetti object| boxRoot number| count number| intentos boolean| puedo object| tid object| tsource object| tcode string| url_f function| requestAnimFrame object| _push number| page_id string| portal string| theme string| template string| brand_country object| dayNames object| monthNames string| img_regalo string| minutos_y string| segundos object| modalOptions object| d number| curr_date number| curr_month number| curr_year object| monthArr string| today function| getWeekDay object| date boolean| box_ini number| chromeVersion boolean| exit string| s1 string| s2 object| _pcq boolean| showDebug string| partyId string| uiServerUrl string| apiServerUrl string| swScope string| customWorkerJS object| pushConfig object| messaging object| indexedDBConfig object| indexedDBFCMConfig object| pushLoopDomains object| messageBody function| logger function| loadScriptAsync object| scriptLoaded function| defaultIfEmpty function| notBlank object| core object| __core-js_shared__ object| firebase function| resolveCid function| parseURL function| getSubdomain function| replaceUrl function| generateUUID function| getUrlParams function| getBrowserInfo function| getLanguage function| getResolution function| getDeviceType function| getSystemInfo function| sendConversion function| isWrongBrowser function| closePopup

3 Cookies

Domain/Path Name / Value
vzvnjw.placetowin.net/ Name: prlwge_count_undefined
Value: 1
vzvnjw.placetowin.net/ Name: unique_id
Value: 5fb66637000e56ac
vzvnjw.placetowin.net/ Name: unique_330097
Value: unique_330097

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

cdn-bimi.akamaized.net
click.expmediadirect.com
nordeainvestmentmanagement.com
vzvnjw.placetowin.net
www.gstatic.com
cdn-bimi.akamaized.net
198.134.116.30
23.14.92.49
2600:3c02:1::2d4f:f40e
2a00:1450:4001:803::2003
2a05:d018:244:5200::ab
00f56c587c7ab5de49ce2f7e9a8952d6f65e80dbd73749db6834d142cb7fe0ca
0f8de8a6ab11d4ca7e6453a313ce89b9705fdaa3cbc78f2e9b641f5cc5a832a7
122b51b75c239d302c81275c3286b2e1c89490d74cf91514fee4765b93a79bcd
12f5936c86259655df5e4d386deabc06f18db85c6bccff7968092554b1318e64
15c9bd66992ef54979c981763cae280f28b6845520020ed38b5ab5f3f70f7931
160a426ff2894252cd7cebbdd6d6b7da8fcd319c65b70468f10b6690c45d02ef
1a001b0131b9c53ce9a0e20807ff44e9ac4e3aac55eebb1c8a243f8896e5de73
1b26a15abf546b7db798f0ec9a988afb67cd86a13b6e3c48f1450cae408b62b2
1c22d3ca6f07703e8583699d2c1ca3f054d58ffc802c9936eeaae8538575564e
1c28e3ddeeb7b8a3ad3e52ef121b1efbc5836fc089af6d657c07bf1918438934
2623e3426b57264141ecc8ba6e70f661c73a4d9e57821ba35241dfcf81de40fa
27ea91d3a307ce355f3ca87710f7cf171b57f2023dd225b27c317f6f64341533
2cf4425b532db6c469ae06c6cf80b4e3ffd527bb5e0678e52079710142899c65
2e5559d271dcf79baf9d20af3c4fb33c072a6947b5927ce807b364ab90b79455
36e7344e6afb945bd68273e12895449fc94e9f50e7ccb601ef44802cebc0b144
38998ecf20cd0395033f51b529827017e4f9ad6bef3379328a4f53210eb84f14
41a5e34d6777a471d63211252ce51555815b728949dc81cec01414f4ffdb98eb
41d6a9ab33f466da59bff060796d0056a5968cec4351833180131f410371b1f5
4569845f7c550a55311814032e88541bd3b4a055ec3894e9cf58c4fff1be91d9
460fbd8de9a67a1f16f3cddae613a71490cfffc5b0857a9b095096393d379538
48b73fd52dbb420cd019216ae6666a48e5a73ec49f57761b1f1da40229d0c50d
4971db7ced90fa8fee67d19cfe779aed3862489613451a99b719ddd48914ede9
5bf5da2847ebfe7871ff5361fb81919ce366a19e3d72e2d871fb72e95414f3ed
5dec3fbe798782bd445011f4cec145cd4d3193aeeb43c892d747f90f88603dce
6245829277dddbd160f189c31c8bc1bd755b0e6da2eefb3b037a89d07b3816ec
7f3145c87d3570154f633975e8a4f8d30aa38603edaba145501e9c90ddbe186c
9f6f68ded188391b8dc2f420d2ff8270550f68bf13432793cd27b41104930cbd
a1f4628382a73aaa30bffd2155e07a7ad3c6af29a628b8ad6863ccf97e8e89f9
a358deaf74c9fb58029eaeb4e349ad675e5bb0d43d663c1c7045706565a418dd
a546f4150d49c5a4224ef960cbee4ea62f6f8cfc26417955af67841cafa66043
a6dbf654779db5d36ec3a9f119613f25149dcc8867530980c1e058e56afff212
b5963df8a19244b5a894a0c5d3ed41249e678b8370d7b9ce3d325d3b8eca3f46
b7b5de11cdbf4e1fa40df324a41ba81691081e51e92789754d31518f5c9035e8
b8cfea6cfd55b98d75ae29391e7044a1480714d57913a40171d7cfcd3b07c5cb
bf7323d6955dacfc17037128471a98c15686a29a0d5d608cd4d6f9959d12345a
c2b5be895ac7e1f463543732aa0ff459917c36de73c1fc58219bbf8d64c88809
c82685c3521800dcacb9d86fcc80e60e750b6429f4c96c35e06572a9504eb39b
cb47809183575d9fe3a2c325b7ec60c8021441fdcf5400f4c6fb3cc02e399477
cf2d16ecdf0baf7bf6d53d35f96f3c3a35f40b60107148ea07899cebe74b4f61
dab10d0bb935cb48ed755bde726e46e2120cd000381a773e98b91be764f3f7df
de7e8419d508e41cf3cc24d90a64d626f61aaffb6d25330f4f2f3713db6d5707
df3b1c05372b8e759dc3e3c1c432b654524ec192746a20f1c45d522c8a7e303e
e1fe3d4fb86a5838a8c124515e7231d7a728b32c5fa848d1ae810b08b8f6c966
e574c17da956654f75acfef6ba2e091923c407d01b06e32530d35183754c9c9a
e7bb7bd09dc4637d3d1994087160147681f648fd28bb55681ee202ee8debf91d
e9d29e3e3409773fd316970bf1f93745f5cb64dc22a7e85dd6ca32bcc06dedb7
ee0febbabb76a8bd117697143098287cf4554865902ce18d4aa8cadbf984721f
f149d68673115169f2b0a2858cdf47125421199f5a9a08626d52e949d7f7a368
f4b96ac229d605c688e3a4d6d2f4659c5414380cb71c26bfdda8d0d9f147358a
fad9142525e23abff15a703bd082856a1b04ddbd348ab830228ad051d7672095