ekstrapoint.com Open in urlscan Pro
65.9.96.29 Public Scan

Go To Rescan
Add Verdict Report

Submitted URL:
http://wwwcapitaalone.com/
Effective URL:
https://ekstrapoint.com//?showSignup=true&trkid=a815a507-4787-4857-9835-d1acba8c138a&aid=5D9&mid=PPC&cb=161576871463&cb=...
Submission: On March 15 via api (March 15th 2021, 12:39:09 am UTC) from US

Summary HTTP 139 Redirects Links 18 Behaviour Indicators

Summary

This website contacted 29 IPs in 6 countries across 23 domains to perform 139 HTTP transactions. The main IP is 65.9.96.29, located in United States and belongs to AMAZON-02, US. The main domain is ekstrapoint.com.
TLS certificate: Issued by Amazon on September 20th 2020. Valid for: a year.

This is the only time ekstrapoint.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
1 1	23.82.12.29 23.82.12.29	30633 (LEASEWEB-...) (LEASEWEB-USA-WDC)
1 2	209.15.13.136 209.15.13.136	13768 (COGECO-PEER1) (COGECO-PEER1)
2	54.84.27.165 54.84.27.165	14618 (AMAZON-AES) (AMAZON-AES)
1 2	91.134.212.144 91.134.212.144	16276 (OVH) (OVH)
1 1	34.250.61.179 34.250.61.179	16509 (AMAZON-02) (AMAZON-02)
2	65.9.96.29 65.9.96.29	16509 (AMAZON-02) (AMAZON-02)
47	143.204.209.116 143.204.209.116	16509 (AMAZON-02) (AMAZON-02)
2	2a00:1450:400... 2a00:1450:4001:828::2008	15169 (GOOGLE) (GOOGLE)
32	2a04:4e42:1b:... 2a04:4e42:1b::393	54113 (FASTLY) (FASTLY)
1	2a00:1450:400... 2a00:1450:4001:829::2001	15169 (GOOGLE) (GOOGLE)
2 2	2a03:2880:f02... 2a03:2880:f02d:e:face:b00c:0:2	32934 (FACEBOOK) (FACEBOOK)
6	2a03:2880:f02... 2a03:2880:f02d:12:face:b00c:0:3	32934 (FACEBOOK) (FACEBOOK)
1	13.32.168.116 13.32.168.116	16509 (AMAZON-02) (AMAZON-02)
1	2a00:1450:400... 2a00:1450:4001:80e::200e	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:82b::200e	15169 (GOOGLE) (GOOGLE)
3	185.59.220.194 185.59.220.194	60068 (CDN77 (^_^)/) (CDN77 (^_^)/)
1	2606:4700::68... 2606:4700::6812:e134	13335 (CLOUDFLAR...) (CLOUDFLARENET)
10	52.202.129.87 52.202.129.87	14618 (AMAZON-AES) (AMAZON-AES)
3	2a00:1450:400... 2a00:1450:4001:828::200e	15169 (GOOGLE) (GOOGLE)
3	2a03:2880:f12... 2a03:2880:f12d:83:face:b00c:0:25de	32934 (FACEBOOK) (FACEBOOK)
2	2a00:1450:400... 2a00:1450:4001:80e::200d	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:400c:c0c::9b	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:810::2004	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:810::2003	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:813::2003	15169 (GOOGLE) (GOOGLE)
2	54.92.176.252 54.92.176.252	14618 (AMAZON-AES) (AMAZON-AES)
7	65.9.96.88 65.9.96.88	16509 (AMAZON-02) (AMAZON-02)
1	65.9.96.79 65.9.96.79	16509 (AMAZON-02) (AMAZON-02)
1	2a00:1450:400... 2a00:1450:4001:82a::200a	15169 (GOOGLE) (GOOGLE)
3	2a00:1450:400... 2a00:1450:4001:811::2003	15169 (GOOGLE) (GOOGLE)
1	52.216.12.92 52.216.12.92	16509 (AMAZON-02) (AMAZON-02)
139	29

1 23.82.12.29 (Alexandria, United States) 1 redirects

ASN30633 (LEASEWEB-USA-WDC, US)

wwwcapitaalone.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 209.15.13.136 (Toronto, Canada) 1 redirects

ASN13768 (COGECO-PEER1, CA)

btpnav.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 54.84.27.165 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-54-84-27-165.compute-1.amazonaws.com

alfik-fik.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 91.134.212.144 (Spain) 1 redirects

ASN16276 (OVH, FR)
PTR: ip144.ip-91-134-212.eu

lt.theplayadvisor.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 34.250.61.179 (Dublin, Ireland) 1 redirects

ASN16509 (AMAZON-02, US)
PTR: ec2-34-250-61-179.eu-west-1.compute.amazonaws.com

theplayadvisor.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 65.9.96.29 (United States)

ASN16509 (AMAZON-02, US)

ekstrapoint.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

47 143.204.209.116 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-143-204-209-116.fra53.r.cloudfront.net

cdn.ekstrapoint.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:828::2008 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.googletagmanager.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

32 2a04:4e42:1b::393 (United States)

ASN54113 (FASTLY, US)

res.cloudinary.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:829::2001 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

lh3.googleusercontent.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a03:2880:f02d:e:face:b00c:0:2 (United States) 2 redirects

ASN32934 (FACEBOOK, US)

graph.facebook.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 2a03:2880:f02d:12:face:b00c:0:3 (United States)

ASN32934 (FACEBOOK, US)

platform-lookaside.fbsbx.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
connect.facebook.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 13.32.168.116 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-13-32-168-116.lhr62.r.cloudfront.net

cdn.ekstrapoint.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:80e::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

apis.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:82b::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

apis.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 185.59.220.194 (Frankfurt am Main, Germany)

ASN60068 (CDN77 (^_^)/, GB)
PTR: unn-185-59-220-194.datapacket.com

l.getsitecontrol.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
s2.getsitecontrol.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700::6812:e134 (United States)

ASN13335 (CLOUDFLARENET, US)

cdn.onesignal.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

10 52.202.129.87 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-52-202-129-87.compute-1.amazonaws.com

wchat.freshchat.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a00:1450:4001:828::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google-analytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a03:2880:f12d:83:face:b00c:0:25de (United States)

ASN32934 (FACEBOOK, US)

www.facebook.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:80e::200d (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

accounts.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:400c:c0c::9b (Brussels, Belgium)

ASN15169 (GOOGLE, US)

stats.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:810::2004 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:810::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google.de	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:813::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

ssl.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 54.92.176.252 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-54-92-176-252.compute-1.amazonaws.com

dash.getsitecontrol.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

7 65.9.96.88 (United States)

ASN16509 (AMAZON-02, US)

assetscdn-wchat.freshchat.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 65.9.96.79 (United States)

ASN16509 (AMAZON-02, US)

rts-static-prod.freshworksapi.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:82a::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a00:1450:4001:811::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 52.216.12.92 (Ashburn, United States)

ASN16509 (AMAZON-02, US)
PTR: s3-1-w.amazonaws.com

fc-use1-00-pics-bkt-00.s3.amazonaws.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
49	ekstrapoint.com ekstrapoint.com cdn.ekstrapoint.com	1 MB
32	cloudinary.com res.cloudinary.com	122 KB
17	freshchat.com wchat.freshchat.com assetscdn-wchat.freshchat.com	655 KB
5	getsitecontrol.com l.getsitecontrol.com s2.getsitecontrol.com dash.getsitecontrol.com	62 KB
5	google.com apis.google.com accounts.google.com www.google.com	56 KB
5	facebook.com 2 redirects graph.facebook.com www.facebook.com	1 KB
4	gstatic.com ssl.gstatic.com fonts.gstatic.com	106 KB
4	facebook.net connect.facebook.net	155 KB
3	google-analytics.com www.google-analytics.com	19 KB
3	theplayadvisor.com 2 redirects lt.theplayadvisor.com theplayadvisor.com	2 KB
2	fbsbx.com platform-lookaside.fbsbx.com	13 KB
2	googletagmanager.com www.googletagmanager.com	104 KB
2	alfik-fik.com alfik-fik.com	3 KB
2	btpnav.com 1 redirects btpnav.com	3 KB
1	amazonaws.com fc-use1-00-pics-bkt-00.s3.amazonaws.com	3 KB
1	googleapis.com fonts.googleapis.com	521 B
1	freshworksapi.com rts-static-prod.freshworksapi.com	57 KB
1	google.de www.google.de	107 B
1	doubleclick.net stats.g.doubleclick.net	87 B
1	onesignal.com cdn.onesignal.com	3 KB
1	ekstrapoint.net cdn.ekstrapoint.net	2 KB
1	googleusercontent.com lh3.googleusercontent.com	2 KB
1	wwwcapitaalone.com 1 redirects wwwcapitaalone.com	636 B
139	23

	Domain	Requested by
47	cdn.ekstrapoint.com	ekstrapoint.com cdn.ekstrapoint.com
32	res.cloudinary.com	ekstrapoint.com
10	wchat.freshchat.com	www.googletagmanager.com wchat.freshchat.com assetscdn-wchat.freshchat.com
7	assetscdn-wchat.freshchat.com	wchat.freshchat.com assetscdn-wchat.freshchat.com
4	connect.facebook.net	cdn.ekstrapoint.com connect.facebook.net btpnav.com
3	fonts.gstatic.com	fonts.googleapis.com
3	www.facebook.com	ekstrapoint.com
3	www.google-analytics.com	www.googletagmanager.com cdn.ekstrapoint.com
2	dash.getsitecontrol.com	cdn.ekstrapoint.com s2.getsitecontrol.com
2	accounts.google.com	apis.google.com ssl.gstatic.com
2	l.getsitecontrol.com	www.googletagmanager.com cdn.ekstrapoint.com
2	apis.google.com	cdn.ekstrapoint.com apis.google.com
2	platform-lookaside.fbsbx.com	ekstrapoint.com
2	graph.facebook.com	2 redirects
2	www.googletagmanager.com	ekstrapoint.com btpnav.com
2	ekstrapoint.com	lt.theplayadvisor.com cdn.ekstrapoint.com
2	lt.theplayadvisor.com	1 redirects alfik-fik.com
2	alfik-fik.com	alfik-fik.com
2	btpnav.com	1 redirects
1	fc-use1-00-pics-bkt-00.s3.amazonaws.com
1	fonts.googleapis.com	ekstrapoint.com
1	rts-static-prod.freshworksapi.com	assetscdn-wchat.freshchat.com
1	s2.getsitecontrol.com	l.getsitecontrol.com
1	ssl.gstatic.com	accounts.google.com
1	www.google.de	ekstrapoint.com
1	www.google.com	ekstrapoint.com
1	stats.g.doubleclick.net	cdn.ekstrapoint.com
1	cdn.onesignal.com	www.googletagmanager.com
1	cdn.ekstrapoint.net	ekstrapoint.com
1	lh3.googleusercontent.com	ekstrapoint.com
1	theplayadvisor.com	1 redirects
1	wwwcapitaalone.com	1 redirects
139	32

This site contains links to these domains. Also see Links.

Domain
shop.ekstrapoint.com
www.facebook.com
www.twitch.tv
www.youtube.com
www.begambleaware.org
www.mga.org.mt
certify.gpwa.org
www.egrnordicsawards.com

Subject Issuer	Validity	Valid
angry-hound.landingtrack.com R3	`2021-02-22` - `2021-05-23`	3 months	crt.sh
ekstrapoint.com Amazon	`2020-09-20` - `2021-10-22`	a year	crt.sh
cdn.ekstrapoint.com Amazon	`2020-06-12` - `2021-07-12`	a year	crt.sh
*.google-analytics.com GTS CA 1O1	`2021-02-23` - `2021-05-18`	3 months	crt.sh
*.cloudinary.com Go Daddy Secure Certificate Authority - G2	`2020-05-27` - `2022-06-22`	2 years	crt.sh
*.googleusercontent.com GTS CA 1O1	`2021-02-23` - `2021-05-18`	3 months	crt.sh
*.facebook.com DigiCert SHA2 High Assurance Server CA	`2021-02-10` - `2021-05-10`	3 months	crt.sh
ekstrapoint.net Amazon	`2020-07-12` - `2021-08-12`	a year	crt.sh
*.apis.google.com GTS CA 1O1	`2021-02-23` - `2021-05-18`	3 months	crt.sh
*.google.com GTS CA 1O1	`2021-02-23` - `2021-05-18`	3 months	crt.sh
*.getsitecontrol.com Go Daddy Secure Certificate Authority - G2	`2020-03-05` - `2022-05-04`	2 years	crt.sh
sni.cloudflaressl.com Cloudflare Inc ECC CA-3	`2020-08-04` - `2021-08-04`	a year	crt.sh
wchat.freshchat.com Amazon	`2020-06-25` - `2021-07-25`	a year	crt.sh
accounts.google.com GTS CA 1O1	`2021-02-23` - `2021-05-18`	3 months	crt.sh
*.g.doubleclick.net GTS CA 1O1	`2021-02-23` - `2021-05-18`	3 months	crt.sh
www.google.com GTS CA 1O1	`2021-02-23` - `2021-05-18`	3 months	crt.sh
www.google.de GTS CA 1O1	`2021-02-23` - `2021-05-18`	3 months	crt.sh
*.gstatic.com GTS CA 1O1	`2021-02-23` - `2021-05-18`	3 months	crt.sh
freshchat.com Amazon	`2020-07-10` - `2021-08-10`	a year	crt.sh
freshworksapi.com Amazon	`2021-01-19` - `2022-02-16`	a year	crt.sh
upload.video.google.com GTS CA 1O1	`2021-02-23` - `2021-05-18`	3 months	crt.sh
*.s3.amazonaws.com DigiCert Baltimore CA-2 G2	`2021-01-11` - `2022-02-11`	a year	crt.sh

This page contains 3 frames:

Primary Page: https://ekstrapoint.com//?showSignup=true&trkid=a815a507-4787-4857-9835-d1acba8c138a&aid=5D9&mid=PPC&cb=161576871463&cb=1615768714645
Frame ID: 87C606375B296FA3C82D451BB8C26639
Requests: 121 HTTP requests in this frame

Frame: https://accounts.google.com/o/oauth2/iframe
Frame ID: C82DD8C100014D989BC9B79A66F5FC43
Requests: 3 HTTP requests in this frame

Frame: https://wchat.freshchat.com/widget/?token=f66f1fd5-3779-444d-9b9f-06c2dbc68e71&referrer=aHR0cHM6Ly9la3N0cmFwb2ludC5jb20=
Frame ID: 3971A6779EA9B3D2976D08461517E9D5
Requests: 16 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page URL History Show full URLs

http://wwwcapitaalone.com/ HTTP 302
http://btpnav.com/click?data=SHhlVi1HQlI4WkYzbGRpQm5PWDUwcWpMZ3Btd00yR1c1Qk9NMVB5SnBVdWVwb29ud... Page URL
http://btpnav.com/Redirect/ HTTP 302
http://alfik-fik.com/zcvisitor/c562a599-8526-11eb-a236-12197d98db03/fa8076ca-64e7-4648-95fb-59f8b... Page URL
http://alfik-fik.com/zcredirect?visitid=c562a599-8526-11eb-a236-12197d98db03&type=js&browserWidth... Page URL
https://lt.theplayadvisor.com/l.php?p=c:0fspqbsl&d=60350da6ce6ab006de42aa31&s=oscar-foe-n86g28xmz&b=0&bid=... Page URL
https://lt.theplayadvisor.com/l.php?p=c:0fspqbsl&d=60350da6ce6ab006de42aa31&s=oscar-foe-n86g28xmz&b=0&bid=... HTTP 302
https://theplayadvisor.com/trk/click?aid=5D9&cid=8483&s1=EP&s2=zeropark&s3=DE&mid=14&extclid=604eac8a40... HTTP 302
https://ekstrapoint.com//?showSignup=true&trkid=a815a507-4787-4857-9835-d1acba8c138a&aid=5D9&mid=PPC... Page URL

Detected technologies

Windows Server (Operating Systems) Expand

Overall confidence: 100%
Detected patterns

headers server /^(?:Microsoft-)?IIS(?:\/([\d.]+))?/i

IIS (Web Servers) Expand

Overall confidence: 100%
Detected patterns

headers server /^(?:Microsoft-)?IIS(?:\/([\d.]+))?/i

Facebook (Widgets) Expand

Overall confidence: 100%
Detected patterns

script /\/\/connect\.facebook\.net\/[^/]*\/[a-z]*\.js/i

Google Analytics (Analytics) Expand

Overall confidence: 100%
Detected patterns

script /google-analytics\.com\/(?:ga|urchin|analytics)\.js/i

Page Statistics

139
Requests

97 %
HTTPS

55 %
IPv6

23
Domains

32
Subdomains

29
IPs

6
Countries

2761 kB
Transfer

9106 kB
Size

9
Cookies

18 Outgoing links

These are links going to different origins than the main page.

URL: https://shop.ekstrapoint.com/
Title: Shop

Search URL Search Domain Scan URL

URL: https://shop.ekstrapoint.com/product/5e-bonus-package-to-winners-magic/
Title: 30.000 5€ Bonus package for Winners Magic

Search URL Search Domain Scan URL

URL: https://shop.ekstrapoint.com/product/5e-bonus-package-for-lucky-thrillz/
Title: 32.000 5€ Bonus package for Lucky Thrillz

Search URL Search Domain Scan URL

URL: https://shop.ekstrapoint.com/product/small-bonus-package-jackiejackpot/
Title: 35.000 5€ Bonus Package for JackieJackpot

Search URL Search Domain Scan URL

URL: https://shop.ekstrapoint.com/product/5e-bonus-package-for-unikrn/
Title: 45.000 5€ Bonus package for Unikrn

Search URL Search Domain Scan URL

URL: https://shop.ekstrapoint.com/product/10e-bonus-package-for-winners-magic/
Title: 49.000 10€ Bonus package for Winners Magic

Search URL Search Domain Scan URL

URL: https://shop.ekstrapoint.com/product/10e-bonus-package-for-lucky-thrillz/
Title: 55.000 10€ Bonus package for Lucky Thrillz

Search URL Search Domain Scan URL

URL: https://shop.ekstrapoint.com/product/medium-bonus-package-jackiejackpot/
Title: 59.000 10€ Bonus Package for JackieJackpot

Search URL Search Domain Scan URL

URL: https://shop.ekstrapoint.com/product/anti-stress-scores-of-pains-octopus-head/
Title: 75.000 Anti Stress Head Massager

Search URL Search Domain Scan URL

URL: https://shop.ekstrapoint.com/product/adhesive-laptop-back-storage-bag/
Title: 91.000 Adhesive Laptop Back Storage Bag

Search URL Search Domain Scan URL

URL: https://shop.ekstrapoint.com/product/car-ice-remove-tool/
Title: 91.000 Car Ice Remove Tool

Search URL Search Domain Scan URL

URL: https://www.facebook.com/ekstrapointcom/

Search URL Search Domain Scan URL

URL: https://www.twitch.tv/casinopoint

Search URL Search Domain Scan URL

URL: https://www.youtube.com/channel/UC9JYKCAKTpLu0d4iWPb2sFw

Search URL Search Domain Scan URL

URL: https://www.begambleaware.org/

Search URL Search Domain Scan URL

URL: https://www.mga.org.mt/

Search URL Search Domain Scan URL

URL: https://certify.gpwa.org/verify/ekstrapoint.com/

Search URL Search Domain Scan URL

URL: https://www.egrnordicsawards.com/page/1697425/2021-shortlist-

Search URL Search Domain Scan URL

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

http://wwwcapitaalone.com/ HTTP 302
http://btpnav.com/click?data=SHhlVi1HQlI4WkYzbGRpQm5PWDUwcWpMZ3Btd00yR1c1Qk9NMVB5SnBVdWVwb29udUxsbkNGRi16NDBtZkJCQ2F2MklETG5uSmNiNEtISXdnTS1KN0RsUTNrcGczR0tTanpuQnljRngzQ2FnbmlxWmNOaDVfS2NxSGUxZDZwdF8ySUJDQWJTTTBucGVyNnFKblMwQ2hfN2hJaTItdmhqOWZWLWMxaHQ1a2I4MQ2&id=44e61955-700f-4cd9-b3b8-459688c0860f Page URL
http://btpnav.com/Redirect/ HTTP 302
http://alfik-fik.com/zcvisitor/c562a599-8526-11eb-a236-12197d98db03/fa8076ca-64e7-4648-95fb-59f8b6b1f6e1?campaignid=fef56ac0-75e1-11eb-9ab4-126456bfc3df Page URL
http://alfik-fik.com/zcredirect?visitid=c562a599-8526-11eb-a236-12197d98db03&type=js&browserWidth=1600&browserHeight=1200&iframeDetected=false Page URL
https://lt.theplayadvisor.com/l.php?p=c:0fspqbsl&d=60350da6ce6ab006de42aa31&s=oscar-foe-n86g28xmz&b=0&bid=0.003600&pid=zrc562a599852611eba23612197d98db0384b45dbcfbf74623a26053ba116330aa05436020fe4cb8732e&cmp=fef56ac0-75e1-11eb-9ab4-126456bfc3df&keyword=wwwcapitaalone%2Cwwwcapitaalone%2Cwwwcapitaalone.com&d1=DE Page URL
https://lt.theplayadvisor.com/l.php?p=c:0fspqbsl&d=60350da6ce6ab006de42aa31&s=oscar-foe-n86g28xmz&b=0&bid=0.003600&pid=zrc562a599852611eba23612197d98db0384b45dbcfbf74623a26053ba116330aa05436020fe4cb8732e&cmp=fef56ac0-75e1-11eb-9ab4-126456bfc3df&keyword=wwwcapitaalone%2Cwwwcapitaalone%2Cwwwcapitaalone.com&d1=DE&bv=1 HTTP 302
https://theplayadvisor.com/trk/click?aid=5D9&cid=8483&s1=EP&s2=zeropark&s3=DE&mid=14&extclid=604eac8a402a79400e742a56&pubid=oscar-foe-n86g28xmz HTTP 302
https://ekstrapoint.com//?showSignup=true&trkid=a815a507-4787-4857-9835-d1acba8c138a&aid=5D9&mid=PPC&cb=161576871463&cb=1615768714645 Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 0

http://wwwcapitaalone.com/ HTTP 302
http://btpnav.com/click?data=SHhlVi1HQlI4WkYzbGRpQm5PWDUwcWpMZ3Btd00yR1c1Qk9NMVB5SnBVdWVwb29udUxsbkNGRi16NDBtZkJCQ2F2MklETG5uSmNiNEtISXdnTS1KN0RsUTNrcGczR0tTanpuQnljRngzQ2FnbmlxWmNOaDVfS2NxSGUxZDZwdF8ySUJDQWJTTTBucGVyNnFKblMwQ2hfN2hJaTItdmhqOWZWLWMxaHQ1a2I4MQ2&id=44e61955-700f-4cd9-b3b8-459688c0860f

Request Chain 1

http://btpnav.com/Redirect/ HTTP 302
http://alfik-fik.com/zcvisitor/c562a599-8526-11eb-a236-12197d98db03/fa8076ca-64e7-4648-95fb-59f8b6b1f6e1?campaignid=fef56ac0-75e1-11eb-9ab4-126456bfc3df

Request Chain 20

https://graph.facebook.com/v3.2/3392564580822477/picture?type=large HTTP 302
https://platform-lookaside.fbsbx.com/platform/profilepic/?asid=3392564580822477&height=200&width=200&ext=1618360715&hash=AeRzGzboQh95FkmgP_w

Request Chain 41

https://graph.facebook.com/v3.2/3392564580822477/picture?type=large HTTP 302
https://platform-lookaside.fbsbx.com/platform/profilepic/?asid=3392564580822477&height=200&width=200&ext=1618360716&hash=AeQ70E3LKMf-va_qw-M

139 HTTP transactions
1 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H/1.1

200
OK

Cookie set click Show response
btpnav.com/
Redirect Chain

http://wwwcapitaalone.com/
http://btpnav.com/click?data=SHhlVi1HQlI4WkYzbGRpQm5PWDUwcWpMZ3Btd00yR1c1Qk9NMVB5SnBVdWVwb29udUxsbkNGRi16NDBtZkJCQ2F2MklETG5uSmNiNEtISXdnTS1KN0RsUTNrcGczR0tTanpuQnljRngzQ2FnbmlxWmNOaDVfS2NxSGUxZDZw...

5 KB
2 KB

212ms
192ms

Document
text/html

209.15.13.136
COGECO-PEER1

General

Check archive.org

Show headers Download Go to

Full URL: http://btpnav.com/click?data=SHhlVi1HQlI4WkYzbGRpQm5PWDUwcWpMZ3Btd00yR1c1Qk9NMVB5SnBVdWVwb29udUxsbkNGRi16NDBtZkJCQ2F2MklETG5uSmNiNEtISXdnTS1KN0RsUTNrcGczR0tTanpuQnljRngzQ2FnbmlxWmNOaDVfS2NxSGUxZDZwdF8ySUJDQWJTTTBucGVyNnFKblMwQ2hfN2hJaTItdmhqOWZWLWMxaHQ1a2I4MQ2&id=44e61955-700f-4cd9-b3b8-459688c0860f
Protocol: HTTP/1.1
Server: 209.15.13.136 Toronto, Canada, ASN13768 (COGECO-PEER1, CA),
Reverse DNS
Software: Microsoft-IIS/8.5 /
Resource Hash: 2dce788731088cb0b94b62e6a552b5c6a055866568fbc6af827e52a229403646

Request headers

Host: btpnav.com
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Accept-Encoding: gzip, deflate
Accept-Language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Cache-Control: private
Content-Type: text/html; charset=utf-8
Content-Encoding: gzip
Vary: Accept-Encoding
Server: Microsoft-IIS/8.5
X-AspNetMvc-Version: 5.2
X-AspNet-Version: 4.0.30319
Set-Cookie: nIqUBQdFcWKHxJW=nIqUBQdFcWKHxJW; path=/
X-Server: web01
Access-Control-Allow-Origin: *
Access-Control-Allow-Headers: Content-Type
Date: Mon, 15 Mar 2021 00:38:33 GMT
Content-Length: 2137

Redirect headers

cache-control: max-age=0, private, must-revalidate
connection: close
content-length: 11
date: Mon, 15 Mar 2021 00:38:33 GMT
location: http://btpnav.com/click?data=SHhlVi1HQlI4WkYzbGRpQm5PWDUwcWpMZ3Btd00yR1c1Qk9NMVB5SnBVdWVwb29udUxsbkNGRi16NDBtZkJCQ2F2MklETG5uSmNiNEtISXdnTS1KN0RsUTNrcGczR0tTanpuQnljRngzQ2FnbmlxWmNOaDVfS2NxSGUxZDZwdF8ySUJDQWJTTTBucGVyNnFKblMwQ2hfN2hJaTItdmhqOWZWLWMxaHQ1a2I4MQ2&id=44e61955-700f-4cd9-b3b8-459688c0860f
server: nginx
set-cookie: sid=c5544eae-8526-11eb-950f-ae17d6f1e5a8; path=/; domain=.wwwcapitaalone.com; expires=Sat, 02 Apr 2089 03:52:40 GMT; max-age=2147483647; HttpOnly

GET
H/1.1

200
OK

fa8076ca-64e7-4648-95fb-59f8b6b1f6e1 Show response
alfik-fik.com/zcvisitor/c562a599-8526-11eb-a236-12197d98db03/
Redirect Chain

http://btpnav.com/Redirect/
http://alfik-fik.com/zcvisitor/c562a599-8526-11eb-a236-12197d98db03/fa8076ca-64e7-4648-95fb-59f8b6b1f6e1?campaignid=fef56ac0-75e1-11eb-9ab4-126456bfc3df

996 B
2 KB

211ms
198ms

Document
text/html

54.84.27.165
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL

http://alfik-fik.com/zcvisitor/c562a599-8526-11eb-a236-12197d98db03/fa8076ca-64e7-4648-95fb-59f8b6b1f6e1?campaignid=fef56ac0-75e1-11eb-9ab4-126456bfc3df

Protocol

HTTP/1.1

Server

54.84.27.165 Ashburn, United States, ASN14618 (AMAZON-AES, US),

Reverse DNS

ec2-54-84-27-165.compute-1.amazonaws.com

Software

ZeroPark-Traffic /

Resource Hash

febdf68e94828554c220e7ae2699b26e211cce3be974a5673471cc2fa2fc6487

Security Headers

Name	Value
Content-Security-Policy	default-src 'self'; script-src 'self' 'unsafe-inline'
X-Content-Security-Policy	default-src 'self'; script-src 'self' 'unsafe-inline'

Request headers

Host: alfik-fik.com
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Referer: http://btpnav.com/
Accept-Encoding: gzip, deflate
Accept-Language: en-US
Upgrade-Insecure-Requests: 1
Origin: http://btpnav.com
Content-Type: application/x-www-form-urlencoded
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: http://btpnav.com/

Response headers

Date: Mon, 15 Mar 2021 00:38:34 GMT
Content-Type: text/html;charset=UTF-8
Transfer-Encoding: chunked
Connection: keep-alive
Cache-Control: no-store, no-cache, pre-check=0, post-check=0
content-security-policy: default-src 'self'; script-src 'self' 'unsafe-inline'
x-content-security-policy: default-src 'self'; script-src 'self' 'unsafe-inline'
X-WebKit-CSP: default-src 'self'; script-src 'self' 'unsafe-inline'
Access-Control-Allow-Origin: *
Access-Control-Allow-Methods: GET,POST,OPTIONS
Access-Control-Allow-Headers: X-Requested-With,Content-Type,x-exadsrtb-version,x-openrtb-version,x-zerortb-version,X-Flag
Server: ZeroPark-Traffic

Redirect headers

Cache-Control: private
Content-Type: text/html; charset=utf-8
Location: http://alfik-fik.com/zcvisitor/c562a599-8526-11eb-a236-12197d98db03/fa8076ca-64e7-4648-95fb-59f8b6b1f6e1?campaignid=fef56ac0-75e1-11eb-9ab4-126456bfc3df
Server: Microsoft-IIS/8.5
X-AspNetMvc-Version: 5.2
X-AspNet-Version: 4.0.30319
X-Server: web01
Access-Control-Allow-Origin: *
Access-Control-Allow-Headers: Content-Type
Date: Mon, 15 Mar 2021 00:38:33 GMT
Content-Length: 269

GET
H/1.1 200
OK zcredirect
alfik-fik.com/ 804 B
1 KB 103ms
103ms Document
text/html 54.84.27.165
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL

http://alfik-fik.com/zcredirect?visitid=c562a599-8526-11eb-a236-12197d98db03&type=js&browserWidth=1600&browserHeight=1200&iframeDetected=false

Requested by

Host: alfik-fik.com
URL: http://alfik-fik.com/zcvisitor/c562a599-8526-11eb-a236-12197d98db03/fa8076ca-64e7-4648-95fb-59f8b6b1f6e1?campaignid=fef56ac0-75e1-11eb-9ab4-126456bfc3df

Protocol

HTTP/1.1

Server

54.84.27.165 Ashburn, United States, ASN14618 (AMAZON-AES, US),

Reverse DNS

ec2-54-84-27-165.compute-1.amazonaws.com

Software

ZeroPark-Traffic /

Resource Hash

Security Headers

Name	Value
Content-Security-Policy	default-src 'self'; script-src 'self' 'unsafe-inline'
X-Content-Security-Policy	default-src 'self'; script-src 'self' 'unsafe-inline'

Request headers

Host: alfik-fik.com
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Referer: http://alfik-fik.com/zcvisitor/c562a599-8526-11eb-a236-12197d98db03/fa8076ca-64e7-4648-95fb-59f8b6b1f6e1?campaignid=fef56ac0-75e1-11eb-9ab4-126456bfc3df
Accept-Encoding: gzip, deflate
Accept-Language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: http://alfik-fik.com/zcvisitor/c562a599-8526-11eb-a236-12197d98db03/fa8076ca-64e7-4648-95fb-59f8b6b1f6e1?campaignid=fef56ac0-75e1-11eb-9ab4-126456bfc3df

Response headers

Date: Mon, 15 Mar 2021 00:38:34 GMT
Content-Type: text/html;charset=UTF-8
Transfer-Encoding: chunked
Connection: keep-alive
Cache-Control: no-store, no-cache, pre-check=0, post-check=0
content-security-policy: default-src 'self'; script-src 'self' 'unsafe-inline'
x-content-security-policy: default-src 'self'; script-src 'self' 'unsafe-inline'
X-WebKit-CSP: default-src 'self'; script-src 'self' 'unsafe-inline'
Access-Control-Allow-Origin: *
Access-Control-Allow-Methods: GET,POST,OPTIONS
Access-Control-Allow-Headers: X-Requested-With,Content-Type,x-exadsrtb-version,x-openrtb-version,x-zerortb-version,X-Flag
redirected: JS
Server: ZeroPark-Traffic

GET
H/1.1 200
OK Cookie set l.php
lt.theplayadvisor.com/ 1 KB
1001 B 60ms
15ms Document
text/html 91.134.212.144
OVH

General

Check archive.org

Show headers Download Go to

Full URL: https://lt.theplayadvisor.com/l.php?p=c:0fspqbsl&d=60350da6ce6ab006de42aa31&s=oscar-foe-n86g28xmz&b=0&bid=0.003600&pid=zrc562a599852611eba23612197d98db0384b45dbcfbf74623a26053ba116330aa05436020fe4cb8732e&cmp=fef56ac0-75e1-11eb-9ab4-126456bfc3df&keyword=wwwcapitaalone%2Cwwwcapitaalone%2Cwwwcapitaalone.com&d1=DE
Requested by: Host: alfik-fik.com
URL: http://alfik-fik.com/zcredirect?visitid=c562a599-8526-11eb-a236-12197d98db03&type=js&browserWidth=1600&browserHeight=1200&iframeDetected=false
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, CHACHA20_POLY1305
Server: 91.134.212.144 , Spain, ASN16276 (OVH, FR),
Reverse DNS: ip144.ip-91-134-212.eu
Software: nginx /
Resource Hash

Request headers

Host: lt.theplayadvisor.com
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Sec-Fetch-Site: cross-site
Sec-Fetch-Mode: navigate
Sec-Fetch-Dest: document
Referer: http://alfik-fik.com/
Accept-Encoding: gzip, deflate, br
Accept-Language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: http://alfik-fik.com/

Response headers

Server: nginx
Date: Mon, 15 Mar 2021 00:38:34 GMT
Content-Type: text/html; charset=UTF-8
Transfer-Encoding: chunked
Connection: keep-alive
Set-Cookie: bt-60350da6ce6ab006de42aa31=604eac8a402a79400e742a56; expires=Thu, 18-Mar-2021 00:38:34 GMT; Max-Age=259200; path=/; domain=lt.theplayadvisor.com; HttpOnly
Content-Encoding: gzip

GET
H2

200

Primary Request / Show response
ekstrapoint.com//
Redirect Chain

https://lt.theplayadvisor.com/l.php?p=c:0fspqbsl&d=60350da6ce6ab006de42aa31&s=oscar-foe-n86g28xmz&b=0&bid=0.003600&pid=zrc562a599852611eba23612197d98db0384b45dbcfbf74623a26053ba116330aa05436020fe4c...
https://theplayadvisor.com/trk/click?aid=5D9&cid=8483&s1=EP&s2=zeropark&s3=DE&mid=14&extclid=604eac8a402a79400e742a56&pubid=oscar-foe-n86g28xmz
https://ekstrapoint.com//?showSignup=true&trkid=a815a507-4787-4857-9835-d1acba8c138a&aid=5D9&mid=PPC&cb=161576871463&cb=1615768714645

869 KB
102 KB

1103ms
1038ms

Document
text/html

65.9.96.29
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://ekstrapoint.com//?showSignup=true&trkid=a815a507-4787-4857-9835-d1acba8c138a&aid=5D9&mid=PPC&cb=161576871463&cb=1615768714645
Requested by: Host: lt.theplayadvisor.com
URL: https://lt.theplayadvisor.com/l.php?p=c:0fspqbsl&d=60350da6ce6ab006de42aa31&s=oscar-foe-n86g28xmz&b=0&bid=0.003600&pid=zrc562a599852611eba23612197d98db0384b45dbcfbf74623a26053ba116330aa05436020fe4cb8732e&cmp=fef56ac0-75e1-11eb-9ab4-126456bfc3df&keyword=wwwcapitaalone%2Cwwwcapitaalone%2Cwwwcapitaalone.com&d1=DE
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 65.9.96.29 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: / Express
Resource Hash: 5cfbbd8263037bfdd36b61026a33611ed9b187b22ae5ca9615f9b593a44176d6

Request headers

:method: GET
:authority: ekstrapoint.com
:scheme: https
:path: //?showSignup=true&trkid=a815a507-4787-4857-9835-d1acba8c138a&aid=5D9&mid=PPC&cb=161576871463&cb=1615768714645
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: document
referer: https://lt.theplayadvisor.com/
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://lt.theplayadvisor.com/l.php?p=c:0fspqbsl&d=60350da6ce6ab006de42aa31&s=oscar-foe-n86g28xmz&b=0&bid=0.003600&pid=zrc562a599852611eba23612197d98db0384b45dbcfbf74623a26053ba116330aa05436020fe4cb8732e&cmp=fef56ac0-75e1-11eb-9ab4-126456bfc3df&keyword=wwwcapitaalone%2Cwwwcapitaalone%2Cwwwcapitaalone.com&d1=DE

Response headers

content-type: text/html; charset=utf-8
content-length: 103381
date: Mon, 15 Mar 2021 00:38:35 GMT
x-amzn-requestid: d0aa3c4a-2dfd-4695-963c-893ddb18ffbb
access-control-allow-origin: *
content-encoding: gzip
x-amzn-remapped-connection: close
x-amz-apigw-id: cM_lwHh-joEFt2A=
etag: W/"d9233-7ej+RTOm8fOgAhuQznd46dpxuF4"
x-powered-by: Express
x-amzn-trace-id: Root=1-604eac8b-34df4a54653bd5a711fbeaab;Sampled=0
x-amzn-remapped-date: Mon, 15 Mar 2021 00:38:35 GMT
via: 1.1 110641d379117242a91443ac729d6def.cloudfront.net (CloudFront), 1.1 c76f57c516237f120f723cde4dab446f.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA53-C1 PRG50-C1
vary: Accept-Encoding
x-cache: Miss from cloudfront
x-amz-cf-id: MFfJ5919STzmtsfIEJd15EGIUZxHSSn6PzKy72AM4flhs3KBQAejtw==

Redirect headers

date: Mon, 15 Mar 2021 00:38:34 GMT
content-length: 0
location: https://ekstrapoint.com//?showSignup=true&trkid=a815a507-4787-4857-9835-d1acba8c138a&aid=5D9&mid=PPC&cb=161576871463&cb=1615768714645

GET
H2 200 lato-v16-latin-regular.woff2
cdn.ekstrapoint.com/fonts/ 23 KB
24 KB 67ms
27ms Font
application/octet-stream 143.204.209.116
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.ekstrapoint.com/fonts/lato-v16-latin-regular.woff2
Requested by: Host: ekstrapoint.com
URL: https://ekstrapoint.com//?showSignup=true&trkid=a815a507-4787-4857-9835-d1acba8c138a&aid=5D9&mid=PPC&cb=161576871463&cb=1615768714645
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 143.204.209.116 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-143-204-209-116.fra53.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: c3c0d3f472358aac78455515c4800771426770c22698e2486d39fdb5505634e1

Request headers

Origin: https://ekstrapoint.com
Referer: https://ekstrapoint.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sun, 14 Mar 2021 02:56:02 GMT
via: 1.1 ab39b007ab81966ada6e7fb1536bf377.cloudfront.net (CloudFront)
x-amz-request-id: 3PKHXPND37PXAZG6
x-cache: Hit from cloudfront
content-length: 23484
x-amz-id-2: HyGTH4nJImIEGGgIDkPSafilrhvPCNo7MuGJgoU3S6kv33kD698enu0XMGTShHn1R5DrsHa+xqs=
last-modified: Thu, 03 Sep 2020 13:49:00 GMT
server: AmazonS3
etag: "b4d2c4c39853ee244272c04999b230ba"
access-control-max-age: 1209600
access-control-allow-methods: GET, OPTIONS
content-type: application/octet-stream
access-control-allow-origin: *
cache-control: public, max-age=29030400
x-amz-cf-pop: FRA53-C1
accept-ranges: bytes
access-control-allow-headers: origin, content-type, accept, authorization, x-requested-with, origin-url, set-cookie, x-forwarded-url
x-amz-cf-id: 0xsm-5CB9Y-jZ1t4JKuH5PvtbkkZtTVUP4SvoJ0A7--5iYHxuZcraQ==

GET
H2 200 lato-v16-latin-700.woff2
cdn.ekstrapoint.com/fonts/ 22 KB
23 KB 77ms
38ms Font
application/octet-stream 143.204.209.116
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.ekstrapoint.com/fonts/lato-v16-latin-700.woff2
Requested by: Host: ekstrapoint.com
URL: https://ekstrapoint.com//?showSignup=true&trkid=a815a507-4787-4857-9835-d1acba8c138a&aid=5D9&mid=PPC&cb=161576871463&cb=1615768714645
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 143.204.209.116 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-143-204-209-116.fra53.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 8d3ca80fa271e94b0c36cf3053b0f806b7a42bb3395b424c99dc0bd218f0ac20

Request headers

Origin: https://ekstrapoint.com
Referer: https://ekstrapoint.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sun, 14 Mar 2021 03:56:23 GMT
via: 1.1 ab39b007ab81966ada6e7fb1536bf377.cloudfront.net (CloudFront)
x-amz-request-id: 20AD1A6391F9228C
x-cache: Hit from cloudfront
content-length: 22992
x-amz-id-2: w7wxmfBTwlthHBAiSV3uFQk3HB53U1U9Fa+nqgfl8XDAiOosPHoRiHfaa0M7nJQUqZt/ta+stMc=
last-modified: Thu, 03 Sep 2020 13:49:07 GMT
server: AmazonS3
etag: "1efbd38aa76ddae2580fedf378276333"
access-control-max-age: 1209600
access-control-allow-methods: GET, OPTIONS
content-type: application/octet-stream
access-control-allow-origin: *
cache-control: public, max-age=29030400
x-amz-cf-pop: FRA53-C1
accept-ranges: bytes
access-control-allow-headers: origin, content-type, accept, authorization, x-requested-with, origin-url, set-cookie, x-forwarded-url
x-amz-cf-id: ilQxJrUCcc49aMPT1yDhXXJitLEhRGneO3WscBRoiaMuGmjLqjOiiA==

GET
H2 200 lato-v16-latin-italic.woff2
cdn.ekstrapoint.com/fonts/ 24 KB
25 KB 72ms
33ms Font
application/octet-stream 143.204.209.116
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.ekstrapoint.com/fonts/lato-v16-latin-italic.woff2
Requested by: Host: ekstrapoint.com
URL: https://ekstrapoint.com//?showSignup=true&trkid=a815a507-4787-4857-9835-d1acba8c138a&aid=5D9&mid=PPC&cb=161576871463&cb=1615768714645
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 143.204.209.116 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-143-204-209-116.fra53.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: ccb5febf8ac335a1b768a7a2087fa4362cb3a0a9392e2e451df9d9825e88e5db

Request headers

Origin: https://ekstrapoint.com
Referer: https://ekstrapoint.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sun, 14 Mar 2021 04:30:20 GMT
via: 1.1 ab39b007ab81966ada6e7fb1536bf377.cloudfront.net (CloudFront)
x-amz-request-id: 79BFF8A97F45F55B
x-cache: Hit from cloudfront
content-length: 24440
x-amz-id-2: x43rKunkTfsS5VQjnBnkV2CYwXjMb87E9aQT9zUUqkXtSw4bI5bu/ccHsDCuU6gv+oVHMtBXrnA=
last-modified: Thu, 03 Sep 2020 13:49:03 GMT
server: AmazonS3
etag: "117e995c97eab30fb92843616018d1f1"
access-control-max-age: 1209600
access-control-allow-methods: GET, OPTIONS
content-type: application/octet-stream
access-control-allow-origin: *
cache-control: public, max-age=29030400
x-amz-cf-pop: FRA53-C1
accept-ranges: bytes
access-control-allow-headers: origin, content-type, accept, authorization, x-requested-with, origin-url, set-cookie, x-forwarded-url
x-amz-cf-id: Y2BJcvEMSmWqQdoutJn1XwTBwFcK2HcnTthldvrOVF6ztx_-WaunoQ==

GET
H2 200 lato-v16-latin-900.woff2
cdn.ekstrapoint.com/fonts/ 22 KB
23 KB 86ms
48ms Font
application/octet-stream 143.204.209.116
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.ekstrapoint.com/fonts/lato-v16-latin-900.woff2
Requested by: Host: ekstrapoint.com
URL: https://ekstrapoint.com//?showSignup=true&trkid=a815a507-4787-4857-9835-d1acba8c138a&aid=5D9&mid=PPC&cb=161576871463&cb=1615768714645
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 143.204.209.116 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-143-204-209-116.fra53.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 7d4243c8e973ec0cfc707904891ae4e3efc03dbc8923acb9755f9a35c92269a6

Request headers

Origin: https://ekstrapoint.com
Referer: https://ekstrapoint.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sun, 14 Mar 2021 02:32:13 GMT
via: 1.1 ab39b007ab81966ada6e7fb1536bf377.cloudfront.net (CloudFront)
x-amz-request-id: 9F85846E25B59BBA
x-cache: Hit from cloudfront
content-length: 22572
x-amz-id-2: Bx/gXMrIN5hU9BSXwOL1RRIAV+/UCq5qhN+CKwJivsJWv8U4uAtCQgbn/j4nuSYWog1CUKfta5w=
last-modified: Thu, 03 Sep 2020 13:49:06 GMT
server: AmazonS3
etag: "947e87c53b5765bfc8982613ccd789e9"
access-control-max-age: 1209600
access-control-allow-methods: GET, OPTIONS
content-type: application/octet-stream
access-control-allow-origin: *
cache-control: public, max-age=29030400
x-amz-cf-pop: FRA53-C1
accept-ranges: bytes
access-control-allow-headers: origin, content-type, accept, authorization, x-requested-with, origin-url, set-cookie, x-forwarded-url
x-amz-cf-id: jZ6doNjTiaS9FCJTCfmVVpiWYlUKiRumSxRl55x5tdxP0t1n_64Xzw==

GET
H2 200 styles.58ddc825aa031a817587.css
cdn.ekstrapoint.com/app/ 41 KB
8 KB 67ms
30ms Stylesheet
text/css 143.204.209.116
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.ekstrapoint.com/app/styles.58ddc825aa031a817587.css
Requested by: Host: ekstrapoint.com
URL: https://ekstrapoint.com//?showSignup=true&trkid=a815a507-4787-4857-9835-d1acba8c138a&aid=5D9&mid=PPC&cb=161576871463&cb=1615768714645
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 143.204.209.116 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-143-204-209-116.fra53.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: b04e46a651751c457802d459062be6e892dfce90305a4dbf7474e8f2cf7156cf

Request headers

Referer: https://ekstrapoint.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sun, 14 Mar 2021 02:36:10 GMT
content-encoding: gzip
last-modified: Thu, 11 Mar 2021 14:39:06 GMT
server: AmazonS3
x-amz-request-id: QFCDKP5ZJ0FRJCPC
etag: W/"df019984c2a611c308aa1c9e26a6255a"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: text/css
via: 1.1 511c8b6c7e903efca023a504d527516b.cloudfront.net (CloudFront)
cache-control: public, max-age=29030400
x-amz-cf-pop: FRA53-C1
x-amz-cf-id: 0_PWJ1WDUIkRgdCGm5t2Tep63bowleMalBf5EMwUUhy4sf1_SsA1gQ==
x-amz-id-2: adsAMKPqzxwQHxqBN0xn1T9yllAo++Py0NGgKnsaqRu2vQGFFU7Bvn089+b4Ep1/ZDL2ZUc5b28=

GET
H2 200 js
www.googletagmanager.com/gtag/ 0
56 KB 26ms
26ms Other
application/javascript 2a00:1450:4001:828::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=GTM-PMLRK38

Requested by

Host: ekstrapoint.com
URL: https://ekstrapoint.com//?showSignup=true&trkid=a815a507-4787-4857-9835-d1acba8c138a&aid=5D9&mid=PPC&cb=161576871463&cb=1615768714645

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:828::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

Referer: https://ekstrapoint.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 15 Mar 2021 00:38:35 GMT
content-encoding: br
vary: Accept-Encoding
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 57549
x-xss-protection: 0
last-modified: Mon, 15 Mar 2021 00:00:00 GMT
server: Google Tag Manager
strict-transport-security: max-age=31536000; includeSubDomains
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
expires: Mon, 15 Mar 2021 00:38:35 GMT

GET
H2 200 earth_btn_int.svg
cdn.ekstrapoint.com/app/assets/icons/flags/ 4 KB
2 KB 49ms
25ms Image
image/svg+xml 143.204.209.116
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cdn.ekstrapoint.com/app/assets/icons/flags/earth_btn_int.svg
Requested by: Host: ekstrapoint.com
URL: https://ekstrapoint.com//?showSignup=true&trkid=a815a507-4787-4857-9835-d1acba8c138a&aid=5D9&mid=PPC&cb=161576871463&cb=1615768714645
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 143.204.209.116 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-143-204-209-116.fra53.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: df65ff2649149fd789294edac4cdcf77e306a90bb7353439c0363c68bfec659c

Request headers

Referer: https://ekstrapoint.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sun, 14 Mar 2021 04:32:13 GMT
content-encoding: gzip
last-modified: Mon, 01 Mar 2021 14:35:50 GMT
server: AmazonS3
x-amz-request-id: 6DF6BD5018B530BE
etag: W/"3e353c1ee5d0ac919f0a6bb85868709c"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: image/svg+xml
via: 1.1 511c8b6c7e903efca023a504d527516b.cloudfront.net (CloudFront)
cache-control: public, max-age=29030400
x-amz-cf-pop: FRA53-C1
x-amz-cf-id: peGNWOc1yEXRxtHjI9X45sM5XPeOAEUdBoL81Jm13qiEFrZFoyctKQ==
x-amz-id-2: DCn2U9KVykZvnLyV11xptgYWMFrQ34Z3B/e7+CiB2psNPL5+Eid8CWjdWqtFWzE+ZUftE7JZUtk=

GET
H2 200 flag_usa.svg
cdn.ekstrapoint.com/app/assets/icons/flags/ 7 KB
2 KB 24ms
20ms Image
image/svg+xml 143.204.209.116
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cdn.ekstrapoint.com/app/assets/icons/flags/flag_usa.svg
Requested by: Host: ekstrapoint.com
URL: https://ekstrapoint.com//?showSignup=true&trkid=a815a507-4787-4857-9835-d1acba8c138a&aid=5D9&mid=PPC&cb=161576871463&cb=1615768714645
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 143.204.209.116 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-143-204-209-116.fra53.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: c12080dd6c9bd2bca9f01d694df5e45973e77859c61c3bd59ca81a257db678bb

Request headers

Referer: https://ekstrapoint.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sun, 14 Mar 2021 03:05:09 GMT
content-encoding: gzip
last-modified: Mon, 01 Mar 2021 14:35:50 GMT
server: AmazonS3
x-amz-request-id: C12334121E6A884F
etag: W/"7f69e38321471fd24f51fe8a58347f1f"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: image/svg+xml
via: 1.1 511c8b6c7e903efca023a504d527516b.cloudfront.net (CloudFront)
cache-control: public, max-age=29030400
x-amz-cf-pop: FRA53-C1
x-amz-cf-id: _JcI0_e40h8rqIpaf_9ou5n4lo1nbzxIdSIOtIEIzZb_Kqe4sgKNWQ==
x-amz-id-2: TI7UKc/Ej8WmdKYE1bem95jwpCl32tNRdx7miYIChBOkiUeM9En66umH5qpqvHEg2hn0DqKdVWk=

GET
H2 200 denmark.svg
cdn.ekstrapoint.com/app/assets/icons/flags/ 1 KB
1 KB 34ms
31ms Image
image/svg+xml 143.204.209.116
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cdn.ekstrapoint.com/app/assets/icons/flags/denmark.svg
Requested by: Host: ekstrapoint.com
URL: https://ekstrapoint.com//?showSignup=true&trkid=a815a507-4787-4857-9835-d1acba8c138a&aid=5D9&mid=PPC&cb=161576871463&cb=1615768714645
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 143.204.209.116 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-143-204-209-116.fra53.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: fe5f0c4c9bf2d207ca70042810fb84710ff279f08a6fc72a31b2992d8cb56362

Request headers

Referer: https://ekstrapoint.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sun, 14 Mar 2021 04:00:50 GMT
content-encoding: gzip
last-modified: Wed, 24 Feb 2021 12:42:50 GMT
server: AmazonS3
x-amz-request-id: EFE58BB5D4548EDF
etag: W/"be60e04c3690a1add6daf24cf29db4c1"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: image/svg+xml
via: 1.1 511c8b6c7e903efca023a504d527516b.cloudfront.net (CloudFront)
cache-control: public, max-age=29030400
x-amz-cf-pop: FRA53-C1
x-amz-cf-id: q_mhhyWa4z1UqLWMG5sQbnKyKjvU2kTc3YrjfgBS-18vnaEM3wtLkA==
x-amz-id-2: 4bwmxg6sXLm8TLVWEHKcOFXAcg/FQji4R0406h004zwNFDc6FxME3kgQ1rDDNKX1HC4A9bLnvVY=

GET
H2 200 german.svg
cdn.ekstrapoint.com/app/assets/icons/flags/ 944 B
1 KB 32ms
28ms Image
image/svg+xml 143.204.209.116
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cdn.ekstrapoint.com/app/assets/icons/flags/german.svg
Requested by: Host: ekstrapoint.com
URL: https://ekstrapoint.com//?showSignup=true&trkid=a815a507-4787-4857-9835-d1acba8c138a&aid=5D9&mid=PPC&cb=161576871463&cb=1615768714645
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 143.204.209.116 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-143-204-209-116.fra53.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 986552903856b995425777caa1ce31fdb11fb3f6a28027e79013abb5173500a5

Request headers

Referer: https://ekstrapoint.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sun, 14 Mar 2021 02:32:20 GMT
via: 1.1 511c8b6c7e903efca023a504d527516b.cloudfront.net (CloudFront)
last-modified: Wed, 24 Feb 2021 12:42:50 GMT
server: AmazonS3
x-amz-request-id: 47BFEEAEEEA6D9FE
etag: "5c9661f66b30896a0667a78ea18f2847"
x-cache: Hit from cloudfront
content-type: image/svg+xml
cache-control: public, max-age=29030400
x-amz-cf-pop: FRA53-C1
accept-ranges: bytes
content-length: 944
x-amz-id-2: 7BRJS6sErSk8BVolHqc9LP6KNHXZQm3INneYsG7pWFRRFoivmDPTCPYbBzxEE5MgNsBk1OVaMic=
x-amz-cf-id: Xxp79B5LsYiKiACR8Sj8vO5eXq56BRQlv6kB9FGSJBMyI4dct2kAFw==

GET
H2 200 norway.svg
cdn.ekstrapoint.com/app/assets/icons/flags/ 1 KB
1 KB 24ms
20ms Image
image/svg+xml 143.204.209.116
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cdn.ekstrapoint.com/app/assets/icons/flags/norway.svg
Requested by: Host: ekstrapoint.com
URL: https://ekstrapoint.com//?showSignup=true&trkid=a815a507-4787-4857-9835-d1acba8c138a&aid=5D9&mid=PPC&cb=161576871463&cb=1615768714645
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 143.204.209.116 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-143-204-209-116.fra53.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: f5bb30e2b983d5c294b17417b62ccdbd525106b90df5a7e633e91bc4e80a909d

Request headers

Referer: https://ekstrapoint.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sun, 14 Mar 2021 01:39:47 GMT
content-encoding: gzip
last-modified: Mon, 01 Mar 2021 14:35:50 GMT
server: AmazonS3
x-amz-request-id: 07AB199057ED51B5
etag: W/"ed7007a8bcaebe0ad93e2a01bdd06b34"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: image/svg+xml
via: 1.1 511c8b6c7e903efca023a504d527516b.cloudfront.net (CloudFront)
cache-control: public, max-age=29030400
x-amz-cf-pop: FRA53-C1
x-amz-cf-id: x42_A8HrWOdSViAZvNUsdxDOuU5QbLWQs5GcYU2FMS7QtdER6O-LcA==
x-amz-id-2: WZz6eQ89o3xNqity/XaziT+cmgpLf2PX+k04Z78cj0NkNG2M97pxBkCTriLPZhP388YElyeNyS0=

GET
H2 200 finland.svg
cdn.ekstrapoint.com/app/assets/icons/flags/ 1 KB
1 KB 26ms
23ms Image
image/svg+xml 143.204.209.116
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cdn.ekstrapoint.com/app/assets/icons/flags/finland.svg
Requested by: Host: ekstrapoint.com
URL: https://ekstrapoint.com//?showSignup=true&trkid=a815a507-4787-4857-9835-d1acba8c138a&aid=5D9&mid=PPC&cb=161576871463&cb=1615768714645
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 143.204.209.116 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-143-204-209-116.fra53.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 64ab34dae9b08035f9efcecde836424cd641238a3478dc29bd137428175555bd

Request headers

Referer: https://ekstrapoint.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sun, 14 Mar 2021 03:49:22 GMT
content-encoding: gzip
last-modified: Thu, 11 Mar 2021 14:39:06 GMT
server: AmazonS3
x-amz-request-id: S3FHRR0183QN2P1E
etag: W/"cd86ae8f1d5814a032f33898f624d56e"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: image/svg+xml
via: 1.1 511c8b6c7e903efca023a504d527516b.cloudfront.net (CloudFront)
cache-control: public, max-age=29030400
x-amz-cf-pop: FRA53-C1
x-amz-cf-id: b1MgYkjDe2_mFs4goxwdNJ7EUwPlw_u_Xp7G_sGMQ4TGkP_ygNTSuA==
x-amz-id-2: uUTPbMN6hTRZy8cE5wKv3/lvMNBrH5yZRrH199ViQCQ5hQ1GeUBxdP2enbY9VJmL/WVAVStl+30=

GET
H2 200 sweden.svg
cdn.ekstrapoint.com/app/assets/icons/flags/ 1 KB
1 KB 31ms
27ms Image
image/svg+xml 143.204.209.116
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cdn.ekstrapoint.com/app/assets/icons/flags/sweden.svg
Requested by: Host: ekstrapoint.com
URL: https://ekstrapoint.com//?showSignup=true&trkid=a815a507-4787-4857-9835-d1acba8c138a&aid=5D9&mid=PPC&cb=161576871463&cb=1615768714645
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 143.204.209.116 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-143-204-209-116.fra53.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 7e4eebbb2512c8214176b060899d400d653dee8ed7e18d32de127786f686dc4f

Request headers

Referer: https://ekstrapoint.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sun, 14 Mar 2021 02:32:20 GMT
content-encoding: gzip
last-modified: Wed, 24 Feb 2021 12:42:50 GMT
server: AmazonS3
x-amz-request-id: 03D2F410B1E71837
etag: W/"0e68a7c8709c45ee2cb0e430887e569a"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: image/svg+xml
via: 1.1 511c8b6c7e903efca023a504d527516b.cloudfront.net (CloudFront)
cache-control: public, max-age=29030400
x-amz-cf-pop: FRA53-C1
x-amz-cf-id: AYD8dx7O6CUPawvDXEW1Br7la1AOONc2Pb4CTH8yKpVYCKCX5mhaEw==
x-amz-id-2: tCrW9w+CBYl5CP7rRZjjg2j0/efks6heJSARRoCYR3rLpOrh8hYtECnzKkdUz2kBBtGfP6SBN1o=

GET
H2 200 New-Hero-Image-logo_cloudinary.png
res.cloudinary.com/vitamediagroup/image/upload/c_scale,e_blur:100,q_1,w_50/v1611672002/prod/HERO/ 842 B
993 B 26ms
8ms Image
image/png 2a04:4e42:1b::393
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://res.cloudinary.com/vitamediagroup/image/upload/c_scale,e_blur:100,q_1,w_50/v1611672002/prod/HERO/New-Hero-Image-logo_cloudinary.png

Requested by

Host: ekstrapoint.com
URL: https://ekstrapoint.com//?showSignup=true&trkid=a815a507-4787-4857-9835-d1acba8c138a&aid=5D9&mid=PPC&cb=161576871463&cb=1615768714645

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a04:4e42:1b::393 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Cloudinary /

Resource Hash

dfee1c29a16bcfa949dc09c64910ce2a6b1fe7d447e35a22229cc37ceaece433

Security Headers

Name	Value
Strict-Transport-Security	max-age=604800
X-Content-Type-Options	nosniff

Request headers

Referer: https://ekstrapoint.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 15 Mar 2021 00:38:35 GMT
x-content-type-options: nosniff
last-modified: Wed, 24 Feb 2021 12:44:32 GMT
server: Cloudinary
etag: "691bfb50f36602acb6f1ebcc1385d66b"
strict-transport-security: max-age=604800
content-type: image/png
access-control-allow-origin: *
access-control-expose-headers: Content-Length,ETag,Server-Timing,X-Content-Type-Options
cache-control: public, no-transform, immutable, max-age=2592000
server-timing: fastly;dur=2;cpu=1;start=2021-03-15T00:38:35.809Z;desc=hit,rtt;dur=4
accept-ranges: bytes
timing-allow-origin: *
content-length: 842
x-request-id: 90df1265e0b1553a75c281af2607a103

GET
H2 200 EP-Header-Slot_cloudinary.png
res.cloudinary.com/vitamediagroup/image/upload/c_scale,e_blur:100,q_1,w_50/v1611746951/prod/HERO_MAIN/ 5 KB
5 KB 23ms
7ms Image
image/png 2a04:4e42:1b::393
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://res.cloudinary.com/vitamediagroup/image/upload/c_scale,e_blur:100,q_1,w_50/v1611746951/prod/HERO_MAIN/EP-Header-Slot_cloudinary.png

Requested by

Host: ekstrapoint.com
URL: https://ekstrapoint.com//?showSignup=true&trkid=a815a507-4787-4857-9835-d1acba8c138a&aid=5D9&mid=PPC&cb=161576871463&cb=1615768714645

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a04:4e42:1b::393 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Cloudinary /

Resource Hash

a78bb5217b9830c0798bf9a3f076a4cd4b6a920fa51d151e2ddf51fbfc41d49b

Security Headers

Name	Value
Strict-Transport-Security	max-age=604800
X-Content-Type-Options	nosniff

Request headers

Referer: https://ekstrapoint.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 15 Mar 2021 00:38:35 GMT
x-content-type-options: nosniff
last-modified: Wed, 24 Feb 2021 12:44:32 GMT
server: Cloudinary
etag: "6bfc0bfe7bdf4d0ed4b89e747026d313"
strict-transport-security: max-age=604800
content-type: image/png
access-control-allow-origin: *
access-control-expose-headers: Content-Length,ETag,Server-Timing,X-Content-Type-Options
cache-control: public, no-transform, immutable, max-age=2592000
server-timing: fastly;dur=1;start=2021-03-15T00:38:35.809Z;desc=hit,rtt;dur=4
accept-ranges: bytes
timing-allow-origin: *
content-length: 5402

GET
H2 200 photo.jpg
lh3.googleusercontent.com/-LiOy9lyKi0c/AAAAAAAAAAI/AAAAAAAAAAA/AMZuuck92unw4ZPY1wZ8yuyMZKgDZOm4Jg/s96-c/ 1 KB
2 KB 177ms
174ms Image
image/png 2a00:1450:4001:829::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://lh3.googleusercontent.com/-LiOy9lyKi0c/AAAAAAAAAAI/AAAAAAAAAAA/AMZuuck92unw4ZPY1wZ8yuyMZKgDZOm4Jg/s96-c/photo.jpg

Requested by

Host: ekstrapoint.com
URL: https://ekstrapoint.com//?showSignup=true&trkid=a815a507-4787-4857-9835-d1acba8c138a&aid=5D9&mid=PPC&cb=161576871463&cb=1615768714645

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:829::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

fife /

Resource Hash

ce2bf0fa3e4ad5f1e72ddde6ec9fbf2eddcf3d8908bc1ffa429fc94632653556

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://ekstrapoint.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 15 Mar 2021 00:38:35 GMT
x-content-type-options: nosniff
server: fife
vary: Origin
content-type: image/png
access-control-allow-origin: *
access-control-expose-headers: Content-Length
cache-control: public, max-age=86400, no-transform
content-disposition: inline;filename=""
timing-allow-origin: *
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1386
x-xss-protection: 0
expires: Tue, 16 Mar 2021 00:38:35 GMT

GET
H2

200

/
platform-lookaside.fbsbx.com/platform/profilepic/
Redirect Chain

https://graph.facebook.com/v3.2/3392564580822477/picture?type=large
https://platform-lookaside.fbsbx.com/platform/profilepic/?asid=3392564580822477&height=200&width=200&ext=1618360715&hash=AeRzGzboQh95FkmgP_w

7 KB
7 KB

30ms
29ms

Image
image/jpeg

2a03:2880:f02d:12:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://platform-lookaside.fbsbx.com/platform/profilepic/?asid=3392564580822477&height=200&width=200&ext=1618360715&hash=AeRzGzboQh95FkmgP_w
Requested by: Host: ekstrapoint.com
URL: https://ekstrapoint.com//?showSignup=true&trkid=a815a507-4787-4857-9835-d1acba8c138a&aid=5D9&mid=PPC&cb=161576871463&cb=1615768714645
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a03:2880:f02d:12:face:b00c:0:3 , United States, ASN32934 (FACEBOOK, US),
Reverse DNS
Software: /
Resource Hash: 627389fb2e1e11271205231b207e6ecb5496e1f9bd05c2a5688cb36135cb5516

Request headers

Referer: https://ekstrapoint.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-haystack-needlechecksum: 1722104496
date: Mon, 15 Mar 2021 00:38:35 GMT
x-fb-trip-id: 917726464
last-modified: Mon, 29 Jul 2019 20:58:48 GMT
x-needle-checksum: 3948537420
content-type: image/jpeg
access-control-allow-origin: *
cache-control: private, no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
content-disposition: attachment
x-fb-config-version-olb-prod: 1038
content-length: 6738

Redirect headers

strict-transport-security: max-age=15552000; preload
access-control-allow-origin: *
x-fb-rev: 1003448430
alt-svc: h3-29=":443"; ma=3600,h3-27=":443"; ma=3600
content-length: 0
x-fb-rlafr: 0
pragma: no-cache
x-fb-debug: nnUU0+KlNRgbVE1lDcQYRgWnLDENsueqGzG9j+Dsx1JhZcYZHm1E8mLBBqMLklpslweSm1NRbJ381CAY9/CchA==
x-fb-trace-id: G0EyQxVN+CG
date: Mon, 15 Mar 2021 00:38:35 GMT
content-type: image/jpeg
location: https://platform-lookaside.fbsbx.com/platform/profilepic/?asid=3392564580822477&height=200&width=200&ext=1618360715&hash=AeRzGzboQh95FkmgP_w
x-fb-request-id: AdjuLSMqsFemt-wo29M6ot3
cache-control: private, no-cache, no-store, must-revalidate
facebook-api-version: v3.2
expires: Sat, 01 Jan 2000 00:00:00 GMT

GET
H2 200 Winners_EPshop.png
res.cloudinary.com/vitamediagroup/image/fetch/c_scale,e_blur:100,q_1,w_50/https://cdn.ekstrapoint.com/wp-content/uploads/sites/14/2019/02/09184728/ 3 KB
3 KB 23ms
8ms Image
image/png 2a04:4e42:1b::393
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://res.cloudinary.com/vitamediagroup/image/fetch/c_scale,e_blur:100,q_1,w_50/https://cdn.ekstrapoint.com/wp-content/uploads/sites/14/2019/02/09184728/Winners_EPshop.png

Requested by

Host: ekstrapoint.com
URL: https://ekstrapoint.com//?showSignup=true&trkid=a815a507-4787-4857-9835-d1acba8c138a&aid=5D9&mid=PPC&cb=161576871463&cb=1615768714645

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a04:4e42:1b::393 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Cloudinary /

Resource Hash

ed872e9933093b3779565e20ea4099bcc2af34668b68e99605a1733919492f7f

Security Headers

Name	Value
Strict-Transport-Security	max-age=604800
X-Content-Type-Options	nosniff

Request headers

Referer: https://ekstrapoint.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 15 Mar 2021 00:38:35 GMT
x-content-type-options: nosniff
last-modified: Fri, 05 Feb 2021 10:59:33 GMT
server: Cloudinary
etag: "d0466775a0b3965cd4c01e360de36192"
strict-transport-security: max-age=604800
content-type: image/png
access-control-allow-origin: *
access-control-expose-headers: Content-Length,ETag,Server-Timing,X-Content-Type-Options
cache-control: public, no-transform, immutable, max-age=604800
server-timing: fastly;dur=1;start=2021-03-15T00:38:35.809Z;desc=hit,rtt;dur=4
accept-ranges: bytes
timing-allow-origin: *
content-length: 3509

GET
H2 200 luckythrills-bonus-card.png
res.cloudinary.com/vitamediagroup/image/fetch/c_scale,e_blur:100,q_1,w_50/https://cdn.ekstrapoint.com/wp-content/uploads/sites/14/2020/11/10112339/ 4 KB
4 KB 22ms
6ms Image
image/png 2a04:4e42:1b::393
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://res.cloudinary.com/vitamediagroup/image/fetch/c_scale,e_blur:100,q_1,w_50/https://cdn.ekstrapoint.com/wp-content/uploads/sites/14/2020/11/10112339/luckythrills-bonus-card.png

Requested by

Host: ekstrapoint.com
URL: https://ekstrapoint.com//?showSignup=true&trkid=a815a507-4787-4857-9835-d1acba8c138a&aid=5D9&mid=PPC&cb=161576871463&cb=1615768714645

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a04:4e42:1b::393 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Cloudinary /

Resource Hash

ab5898c442e5e66d60cb1bc2cf151cc182c49efa174cee860023c568de241668

Security Headers

Name	Value
Strict-Transport-Security	max-age=604800
X-Content-Type-Options	nosniff

Request headers

Referer: https://ekstrapoint.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 15 Mar 2021 00:38:35 GMT
x-content-type-options: nosniff
last-modified: Fri, 05 Feb 2021 10:59:33 GMT
server: Cloudinary
etag: "c37d916ef7e65d0874dafd58587d12e2"
strict-transport-security: max-age=604800
content-type: image/png
access-control-allow-origin: *
access-control-expose-headers: Content-Length,ETag,Server-Timing,X-Content-Type-Options
cache-control: public, no-transform, immutable, max-age=604800
server-timing: fastly;dur=1;start=2021-03-15T00:38:35.809Z;desc=hit,rtt;dur=4
accept-ranges: bytes
timing-allow-origin: *
content-length: 3605

GET
H2 200 Jackie_EPshop.jpg
res.cloudinary.com/vitamediagroup/image/fetch/c_scale,e_blur:100,q_1,w_50/https://cdn.ekstrapoint.com/wp-content/uploads/2018/11/15121927/ 379 B
475 B 22ms
7ms Image
image/jpeg 2a04:4e42:1b::393
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://res.cloudinary.com/vitamediagroup/image/fetch/c_scale,e_blur:100,q_1,w_50/https://cdn.ekstrapoint.com/wp-content/uploads/2018/11/15121927/Jackie_EPshop.jpg

Requested by

Host: ekstrapoint.com
URL: https://ekstrapoint.com//?showSignup=true&trkid=a815a507-4787-4857-9835-d1acba8c138a&aid=5D9&mid=PPC&cb=161576871463&cb=1615768714645

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a04:4e42:1b::393 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Cloudinary /

Resource Hash

643e3de2904f810ec8ab495596aca42e0d72ccceb1e0b2f95b96bde6f83ab8c6

Security Headers

Name	Value
Strict-Transport-Security	max-age=604800
X-Content-Type-Options	nosniff

Request headers

Referer: https://ekstrapoint.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 15 Mar 2021 00:38:35 GMT
x-content-type-options: nosniff
last-modified: Fri, 05 Feb 2021 10:34:43 GMT
server: Cloudinary
etag: "22b451b0430d0f5a921d1872efe7a8f9"
strict-transport-security: max-age=604800
content-type: image/jpeg
access-control-allow-origin: *
access-control-expose-headers: Content-Length,ETag,Server-Timing,X-Content-Type-Options
cache-control: public, no-transform, immutable, max-age=604800
server-timing: fastly;dur=1;start=2021-03-15T00:38:35.809Z;desc=hit,rtt;dur=4
accept-ranges: bytes
timing-allow-origin: *
content-length: 379

GET
H2 200 Unikrn-s.png
res.cloudinary.com/vitamediagroup/image/fetch/c_scale,e_blur:100,q_1,w_50/https://cdn.ekstrapoint.com/wp-content/uploads/sites/14/2020/11/23174741/ 1 KB
1 KB 22ms
7ms Image
image/png 2a04:4e42:1b::393
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://res.cloudinary.com/vitamediagroup/image/fetch/c_scale,e_blur:100,q_1,w_50/https://cdn.ekstrapoint.com/wp-content/uploads/sites/14/2020/11/23174741/Unikrn-s.png

Requested by

Host: ekstrapoint.com
URL: https://ekstrapoint.com//?showSignup=true&trkid=a815a507-4787-4857-9835-d1acba8c138a&aid=5D9&mid=PPC&cb=161576871463&cb=1615768714645

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a04:4e42:1b::393 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Cloudinary /

Resource Hash

f977fdeec4040238d754b9bc7e1f39ec9b02f7beb56d4b1e2594c165b2a84614

Security Headers

Name	Value
Strict-Transport-Security	max-age=604800
X-Content-Type-Options	nosniff

Request headers

Referer: https://ekstrapoint.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 15 Mar 2021 00:38:35 GMT
x-content-type-options: nosniff
last-modified: Fri, 05 Feb 2021 10:59:33 GMT
server: Cloudinary
etag: "b76d7d4f82bf866ad97a2928534e8609"
strict-transport-security: max-age=604800
content-type: image/png
access-control-allow-origin: *
access-control-expose-headers: Content-Length,ETag,Server-Timing,X-Content-Type-Options
cache-control: public, no-transform, immutable, max-age=604800
server-timing: fastly;dur=1;start=2021-03-15T00:38:35.809Z;desc=hit,rtt;dur=4
accept-ranges: bytes
timing-allow-origin: *
content-length: 1309

GET
H2 200 Winners_EPshop.jpg
res.cloudinary.com/vitamediagroup/image/fetch/c_scale,e_blur:100,q_1,w_50/https://cdn.ekstrapoint.com/wp-content/uploads/2019/02/25171941/ 340 B
457 B 10ms
6ms Image
image/jpeg 2a04:4e42:1b::393
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://res.cloudinary.com/vitamediagroup/image/fetch/c_scale,e_blur:100,q_1,w_50/https://cdn.ekstrapoint.com/wp-content/uploads/2019/02/25171941/Winners_EPshop.jpg

Requested by

Host: ekstrapoint.com
URL: https://ekstrapoint.com//?showSignup=true&trkid=a815a507-4787-4857-9835-d1acba8c138a&aid=5D9&mid=PPC&cb=161576871463&cb=1615768714645

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a04:4e42:1b::393 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Cloudinary /

Resource Hash

693918d4f9f30483456c0b202582237307b44959680b8df23da65e423b9b511f

Security Headers

Name	Value
Strict-Transport-Security	max-age=604800
X-Content-Type-Options	nosniff

Request headers

Referer: https://ekstrapoint.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 15 Mar 2021 00:38:35 GMT
x-content-type-options: nosniff
last-modified: Fri, 05 Feb 2021 10:34:43 GMT
server: Cloudinary
etag: "96c98686b9b2841433619e3b0fdb9eff"
strict-transport-security: max-age=604800
content-type: image/jpeg
access-control-allow-origin: *
access-control-expose-headers: Content-Length,ETag,Server-Timing,X-Content-Type-Options
cache-control: public, no-transform, immutable, max-age=604800
server-timing: fastly;dur=1;cpu=0;start=2021-03-15T00:38:35.822Z;desc=hit,rtt;dur=5
accept-ranges: bytes
timing-allow-origin: *
content-length: 340

GET
H2 200 HTB1ncy0pqmWBuNjy1Xaq6xCbXXax-e1600066297730.jpg
res.cloudinary.com/vitamediagroup/image/fetch/c_scale,e_blur:100,q_1,w_50/https://cdn.ekstrapoint.com/wp-content/uploads/sites/14/2020/04/22110041/ 327 B
391 B 11ms
7ms Image
image/jpeg 2a04:4e42:1b::393
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://res.cloudinary.com/vitamediagroup/image/fetch/c_scale,e_blur:100,q_1,w_50/https://cdn.ekstrapoint.com/wp-content/uploads/sites/14/2020/04/22110041/HTB1ncy0pqmWBuNjy1Xaq6xCbXXax-e1600066297730.jpg

Requested by

Host: ekstrapoint.com
URL: https://ekstrapoint.com//?showSignup=true&trkid=a815a507-4787-4857-9835-d1acba8c138a&aid=5D9&mid=PPC&cb=161576871463&cb=1615768714645

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a04:4e42:1b::393 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Cloudinary /

Resource Hash

9174ba77e75471a95b8b87626296fb6bdf8fcef578d50741ca935af31cc29336

Security Headers

Name	Value
Strict-Transport-Security	max-age=604800
X-Content-Type-Options	nosniff

Request headers

Referer: https://ekstrapoint.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 15 Mar 2021 00:38:35 GMT
x-content-type-options: nosniff
last-modified: Fri, 05 Feb 2021 10:34:43 GMT
server: Cloudinary
etag: "0942145ac319c4cf12a1c5554e1868fe"
strict-transport-security: max-age=604800
content-type: image/jpeg
access-control-allow-origin: *
access-control-expose-headers: Content-Length,ETag,Server-Timing,X-Content-Type-Options
cache-control: public, no-transform, immutable, max-age=604800
server-timing: fastly;dur=1;cpu=0;start=2021-03-15T00:38:35.823Z;desc=hit,rtt;dur=5
accept-ranges: bytes
timing-allow-origin: *
content-length: 327

GET
H2 200 Hf1abdfe69fa54db28ba44f79b81abb5c7.jpg
res.cloudinary.com/vitamediagroup/image/fetch/c_scale,e_blur:100,q_1,w_50/https://cdn.ekstrapoint.com/wp-content/uploads/sites/14/2020/11/05153202/ 415 B
511 B 13ms
10ms Image
image/jpeg 2a04:4e42:1b::393
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://res.cloudinary.com/vitamediagroup/image/fetch/c_scale,e_blur:100,q_1,w_50/https://cdn.ekstrapoint.com/wp-content/uploads/sites/14/2020/11/05153202/Hf1abdfe69fa54db28ba44f79b81abb5c7.jpg

Requested by

Host: ekstrapoint.com
URL: https://ekstrapoint.com//?showSignup=true&trkid=a815a507-4787-4857-9835-d1acba8c138a&aid=5D9&mid=PPC&cb=161576871463&cb=1615768714645

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a04:4e42:1b::393 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Cloudinary /

Resource Hash

240be83e2b11f478bc45a5bd92c15e770366a1c64bd403eb9e73932a129eee6d

Security Headers

Name	Value
Strict-Transport-Security	max-age=604800
X-Content-Type-Options	nosniff

Request headers

Referer: https://ekstrapoint.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 15 Mar 2021 00:38:35 GMT
x-content-type-options: nosniff
last-modified: Fri, 05 Feb 2021 10:59:33 GMT
server: Cloudinary
etag: "571a7cb7460417ca4338734cfceed098"
strict-transport-security: max-age=604800
content-type: image/jpeg
access-control-allow-origin: *
access-control-expose-headers: Content-Length,ETag,Server-Timing,X-Content-Type-Options
cache-control: public, no-transform, immutable, max-age=604800
server-timing: fastly;dur=1;cpu=0;start=2021-03-15T00:38:35.823Z;desc=hit,rtt;dur=5
accept-ranges: bytes
timing-allow-origin: *
content-length: 415

GET
H2 200 H71dbd4b5716d4ee8820c2971450404645.jpg
res.cloudinary.com/vitamediagroup/image/fetch/c_scale,e_blur:100,q_1,w_50/https://cdn.ekstrapoint.com/wp-content/uploads/sites/14/2020/11/05155205/ 401 B
518 B 10ms
7ms Image
image/jpeg 2a04:4e42:1b::393
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://res.cloudinary.com/vitamediagroup/image/fetch/c_scale,e_blur:100,q_1,w_50/https://cdn.ekstrapoint.com/wp-content/uploads/sites/14/2020/11/05155205/H71dbd4b5716d4ee8820c2971450404645.jpg

Requested by

Host: ekstrapoint.com
URL: https://ekstrapoint.com//?showSignup=true&trkid=a815a507-4787-4857-9835-d1acba8c138a&aid=5D9&mid=PPC&cb=161576871463&cb=1615768714645

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a04:4e42:1b::393 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Cloudinary /

Resource Hash

44263ae63122b11cd77124d313d9828042321b3e2c5512b776710e2d21af5698

Security Headers

Name	Value
Strict-Transport-Security	max-age=604800
X-Content-Type-Options	nosniff

Request headers

Referer: https://ekstrapoint.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 15 Mar 2021 00:38:35 GMT
x-content-type-options: nosniff
last-modified: Fri, 05 Feb 2021 10:59:33 GMT
server: Cloudinary
etag: "7464b4b961536a0f3a6fac3ce70a27f6"
strict-transport-security: max-age=604800
content-type: image/jpeg
access-control-allow-origin: *
access-control-expose-headers: Content-Length,ETag,Server-Timing,X-Content-Type-Options
cache-control: public, no-transform, immutable, max-age=604800
server-timing: fastly;dur=1;cpu=0;start=2021-03-15T00:38:35.823Z;desc=hit,rtt;dur=5
accept-ranges: bytes
timing-allow-origin: *
content-length: 401

GET
H2 200 Ekstrapoint-logo-social-proof-testimonials.png
res.cloudinary.com/vitamediagroup/image/fetch/c_scale,e_blur:100,q_1,w_50/https://cdn.ekstrapoint.com/images/ 966 B
1 KB 12ms
8ms Image
image/png 2a04:4e42:1b::393
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://res.cloudinary.com/vitamediagroup/image/fetch/c_scale,e_blur:100,q_1,w_50/https://cdn.ekstrapoint.com/images/Ekstrapoint-logo-social-proof-testimonials.png

Requested by

Host: ekstrapoint.com
URL: https://ekstrapoint.com//?showSignup=true&trkid=a815a507-4787-4857-9835-d1acba8c138a&aid=5D9&mid=PPC&cb=161576871463&cb=1615768714645

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a04:4e42:1b::393 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Cloudinary /

Resource Hash

6b7a66f47a339e18e3c9d1a38055124f26fca5ea383a8df0269cec3ae388574d

Security Headers

Name	Value
Strict-Transport-Security	max-age=604800
X-Content-Type-Options	nosniff

Request headers

Referer: https://ekstrapoint.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 15 Mar 2021 00:38:35 GMT
x-content-type-options: nosniff
last-modified: Fri, 12 Feb 2021 10:36:50 GMT
server: Cloudinary
etag: "6a4730cc3e4909cde1fd7238c49f37cf"
strict-transport-security: max-age=604800
content-type: image/png
access-control-allow-origin: *
access-control-expose-headers: Content-Length,ETag,Server-Timing,X-Content-Type-Options
cache-control: public, no-transform, immutable, max-age=604800
server-timing: fastly;dur=1;cpu=0;start=2021-03-15T00:38:35.823Z;desc=hit,rtt;dur=5
accept-ranges: bytes
timing-allow-origin: *
content-length: 966

GET
H2 200 Be-gamble-aware-transparent-logo.png
res.cloudinary.com/vitamediagroup/image/fetch/c_scale,e_blur:100,q_1,w_50/https://cdn.ekstrapoint.com/images/ 332 B
420 B 12ms
9ms Image
image/png 2a04:4e42:1b::393
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://res.cloudinary.com/vitamediagroup/image/fetch/c_scale,e_blur:100,q_1,w_50/https://cdn.ekstrapoint.com/images/Be-gamble-aware-transparent-logo.png

Requested by

Host: ekstrapoint.com
URL: https://ekstrapoint.com//?showSignup=true&trkid=a815a507-4787-4857-9835-d1acba8c138a&aid=5D9&mid=PPC&cb=161576871463&cb=1615768714645

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a04:4e42:1b::393 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Cloudinary /

Resource Hash

3243e28e652cd2b0a27f2ecd788cf42f42b0cc9996888ad5e688bb4ccf1c82a6

Security Headers

Name	Value
Strict-Transport-Security	max-age=604800
X-Content-Type-Options	nosniff

Request headers

Referer: https://ekstrapoint.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 15 Mar 2021 00:38:35 GMT
x-content-type-options: nosniff
last-modified: Fri, 05 Feb 2021 08:17:59 GMT
server: Cloudinary
etag: "b69d379d5ff8ace201fdb65b752b6c91"
strict-transport-security: max-age=604800
content-type: image/png
access-control-allow-origin: *
access-control-expose-headers: Content-Length,ETag,Server-Timing,X-Content-Type-Options
cache-control: public, no-transform, immutable, max-age=604800
server-timing: fastly;dur=1;cpu=0;start=2021-03-15T00:38:35.823Z;desc=hit,rtt;dur=5
accept-ranges: bytes
timing-allow-origin: *
content-length: 332

GET
H2 200 MGA-Malta-Gaming-Authority-transparent-logo.png
res.cloudinary.com/vitamediagroup/image/fetch/c_scale,e_blur:100,q_1,w_50/https://cdn.ekstrapoint.com/images/ 561 B
625 B 13ms
9ms Image
image/png 2a04:4e42:1b::393
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://res.cloudinary.com/vitamediagroup/image/fetch/c_scale,e_blur:100,q_1,w_50/https://cdn.ekstrapoint.com/images/MGA-Malta-Gaming-Authority-transparent-logo.png

Requested by

Host: ekstrapoint.com
URL: https://ekstrapoint.com//?showSignup=true&trkid=a815a507-4787-4857-9835-d1acba8c138a&aid=5D9&mid=PPC&cb=161576871463&cb=1615768714645

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a04:4e42:1b::393 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Cloudinary /

Resource Hash

71846519346eccc4fcee1dbcde6d9b481d432b16e4f9d681f8a89c4db27b6aec

Security Headers

Name	Value
Strict-Transport-Security	max-age=604800
X-Content-Type-Options	nosniff

Request headers

Referer: https://ekstrapoint.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 15 Mar 2021 00:38:35 GMT
x-content-type-options: nosniff
last-modified: Fri, 05 Feb 2021 08:18:00 GMT
server: Cloudinary
etag: "c2199d916edca14b3e93ec69cfd71386"
strict-transport-security: max-age=604800
content-type: image/png
access-control-allow-origin: *
access-control-expose-headers: Content-Length,ETag,Server-Timing,X-Content-Type-Options
cache-control: public, no-transform, immutable, max-age=604800
server-timing: fastly;dur=1;cpu=0;start=2021-03-15T00:38:35.823Z;desc=hit,rtt;dur=5
accept-ranges: bytes
timing-allow-origin: *
content-length: 561

GET
H2 200 18-plus-gambling-transparent-logo.png
res.cloudinary.com/vitamediagroup/image/fetch/c_scale,e_blur:100,q_1,w_50/https://cdn.ekstrapoint.com/images/ 2 KB
2 KB 11ms
7ms Image
image/png 2a04:4e42:1b::393
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://res.cloudinary.com/vitamediagroup/image/fetch/c_scale,e_blur:100,q_1,w_50/https://cdn.ekstrapoint.com/images/18-plus-gambling-transparent-logo.png

Requested by

Host: ekstrapoint.com
URL: https://ekstrapoint.com//?showSignup=true&trkid=a815a507-4787-4857-9835-d1acba8c138a&aid=5D9&mid=PPC&cb=161576871463&cb=1615768714645

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a04:4e42:1b::393 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Cloudinary /

Resource Hash

6bb3c199077848ea3a889081495cb6e0ffe54aa0d73600112fe62ced64136034

Security Headers

Name	Value
Strict-Transport-Security	max-age=604800
X-Content-Type-Options	nosniff

Request headers

Referer: https://ekstrapoint.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 15 Mar 2021 00:38:35 GMT
x-content-type-options: nosniff
last-modified: Fri, 05 Feb 2021 08:18:00 GMT
server: Cloudinary
etag: "fbddde91c52d12e519bf8fba6d885062"
strict-transport-security: max-age=604800
content-type: image/png
access-control-allow-origin: *
access-control-expose-headers: Content-Length,ETag,Server-Timing,X-Content-Type-Options
cache-control: public, no-transform, immutable, max-age=604800
server-timing: fastly;dur=1;cpu=0;start=2021-03-15T00:38:35.823Z;desc=hit,rtt;dur=5
accept-ranges: bytes
timing-allow-origin: *
content-length: 2345

GET
H2 200 GPWA.gif
res.cloudinary.com/vitamediagroup/image/fetch/c_scale,e_blur:100,q_1,w_50/https://cdn.ekstrapoint.com/images/ 2 KB
2 KB 11ms
8ms Image
image/gif 2a04:4e42:1b::393
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://res.cloudinary.com/vitamediagroup/image/fetch/c_scale,e_blur:100,q_1,w_50/https://cdn.ekstrapoint.com/images/GPWA.gif

Requested by

Host: ekstrapoint.com
URL: https://ekstrapoint.com//?showSignup=true&trkid=a815a507-4787-4857-9835-d1acba8c138a&aid=5D9&mid=PPC&cb=161576871463&cb=1615768714645

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a04:4e42:1b::393 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Cloudinary /

Resource Hash

a21a79c6e85a254c1e573e9d3d1ab57990e8382d8cea1a81868eeda265c45bc0

Security Headers

Name	Value
Strict-Transport-Security	max-age=604800
X-Content-Type-Options	nosniff

Request headers

Referer: https://ekstrapoint.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 15 Mar 2021 00:38:35 GMT
x-content-type-options: nosniff
last-modified: Fri, 05 Feb 2021 08:18:01 GMT
server: Cloudinary
etag: "9bf6922d7a5fc639055a96f86f645249"
strict-transport-security: max-age=604800
content-type: image/gif
access-control-allow-origin: *
access-control-expose-headers: Content-Length,ETag,Server-Timing,X-Content-Type-Options
cache-control: public, no-transform, immutable, max-age=604800
server-timing: fastly;dur=1;cpu=0;start=2021-03-15T00:38:35.823Z;desc=hit,rtt;dur=5
accept-ranges: bytes
timing-allow-origin: *
content-length: 1766

GET
H2 200 EGR-nordics-virtual-awards-2021-shortlisted.png
res.cloudinary.com/vitamediagroup/image/upload/c_scale,e_blur:100,q_1,w_50/v1614262996/prod/BANNER/ 3 KB
3 KB 12ms
8ms Image
image/png 2a04:4e42:1b::393
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://res.cloudinary.com/vitamediagroup/image/upload/c_scale,e_blur:100,q_1,w_50/v1614262996/prod/BANNER/EGR-nordics-virtual-awards-2021-shortlisted.png

Requested by

Host: ekstrapoint.com
URL: https://ekstrapoint.com//?showSignup=true&trkid=a815a507-4787-4857-9835-d1acba8c138a&aid=5D9&mid=PPC&cb=161576871463&cb=1615768714645

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a04:4e42:1b::393 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Cloudinary /

Resource Hash

89ce694adf9dcc7909c3880648e4f2794dce56ad2a307ea942f6b8b7d721668b

Security Headers

Name	Value
Strict-Transport-Security	max-age=604800
X-Content-Type-Options	nosniff

Request headers

Referer: https://ekstrapoint.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 15 Mar 2021 00:38:35 GMT
x-content-type-options: nosniff
last-modified: Thu, 25 Feb 2021 14:24:01 GMT
server: Cloudinary
etag: "063978f92e6a5224e3e216f7ff156974"
strict-transport-security: max-age=604800
content-type: image/png
access-control-allow-origin: *
access-control-expose-headers: Content-Length,ETag,Server-Timing,X-Content-Type-Options
cache-control: public, no-transform, immutable, max-age=2592000
server-timing: fastly;dur=1;cpu=0;start=2021-03-15T00:38:35.823Z;desc=hit,rtt;dur=5
accept-ranges: bytes
timing-allow-origin: *
content-length: 2672

GET
H2 200 runtime-es2015.e218aa2bf6347f7d15a2.js Show response
cdn.ekstrapoint.com/app/ 2 KB
2 KB 54ms
39ms Script
application/javascript 143.204.209.116
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.ekstrapoint.com/app/runtime-es2015.e218aa2bf6347f7d15a2.js
Requested by: Host: ekstrapoint.com
URL: https://ekstrapoint.com//?showSignup=true&trkid=a815a507-4787-4857-9835-d1acba8c138a&aid=5D9&mid=PPC&cb=161576871463&cb=1615768714645
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 143.204.209.116 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-143-204-209-116.fra53.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 7a69aa02a10b30878fba9a0c15b10c6b82fcabf5c99f7036e81e59c50bdac814

Request headers

Origin: https://ekstrapoint.com
Referer: https://ekstrapoint.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sun, 14 Mar 2021 03:36:10 GMT
content-encoding: gzip
x-amz-request-id: E357AA864C30C9B6
via: 1.1 ab39b007ab81966ada6e7fb1536bf377.cloudfront.net (CloudFront)
x-cache: Hit from cloudfront
x-amz-id-2: fwKIxj5DK5lwh8TWjFjkaDuPtD9NXRKxyT02fdoeza8+9yg2SjmvlxIkpN0cUslwDK1mymLNJkI=
last-modified: Mon, 01 Mar 2021 14:35:51 GMT
server: AmazonS3
etag: W/"7239e0a46f13b17a67d8b70b13bddc15"
access-control-max-age: 1209600
access-control-allow-methods: GET, OPTIONS
content-type: application/javascript
access-control-allow-origin: *
cache-control: public, max-age=29030400
x-amz-cf-pop: FRA53-C1
access-control-allow-headers: origin, content-type, accept, authorization, x-requested-with, origin-url, set-cookie, x-forwarded-url
x-amz-cf-id: IhUnEqzrL_IfsCZ6qurMoVNjgbqCHyveDltBgiLj9NWtuiB73P6z1A==

GET
H2 200 polyfills-es2015.3bdb7cad8cfe7f02e116.js Show response
cdn.ekstrapoint.com/app/ 37 KB
13 KB 52ms
37ms Script
application/javascript 143.204.209.116
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.ekstrapoint.com/app/polyfills-es2015.3bdb7cad8cfe7f02e116.js
Requested by: Host: ekstrapoint.com
URL: https://ekstrapoint.com//?showSignup=true&trkid=a815a507-4787-4857-9835-d1acba8c138a&aid=5D9&mid=PPC&cb=161576871463&cb=1615768714645
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 143.204.209.116 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-143-204-209-116.fra53.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: f900fe94333f6fd6bbc8c888d245baf461d274b39082c57f93efae48b3e40576

Request headers

Origin: https://ekstrapoint.com
Referer: https://ekstrapoint.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sun, 14 Mar 2021 01:34:00 GMT
content-encoding: gzip
x-amz-request-id: C3324E554519AE86
via: 1.1 ab39b007ab81966ada6e7fb1536bf377.cloudfront.net (CloudFront)
x-cache: Hit from cloudfront
x-amz-id-2: mVCMMqBpN+2fTv1WXdgGbmEa6uqnONNsGw9dLEqHGeGv7oK0p7p/ob6DwGHfE+Eg65Xa9SjaCWQ=
last-modified: Wed, 24 Feb 2021 12:42:51 GMT
server: AmazonS3
etag: W/"83827d2bc1ff77c2c88f207de5ba5483"
access-control-max-age: 1209600
access-control-allow-methods: GET, OPTIONS
content-type: application/javascript
access-control-allow-origin: *
cache-control: public, max-age=29030400
x-amz-cf-pop: FRA53-C1
access-control-allow-headers: origin, content-type, accept, authorization, x-requested-with, origin-url, set-cookie, x-forwarded-url
x-amz-cf-id: nc83slUd2p6vPTVJpTMV6gFXiVnNdpD5PW1M3nrMiltjBqVayc9_fw==

GET
H2 200 main-es2015.15d543be45ef62097a32.js Show response
cdn.ekstrapoint.com/app/ 2 MB
358 KB 61ms
45ms Script
application/javascript 143.204.209.116
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.ekstrapoint.com/app/main-es2015.15d543be45ef62097a32.js
Requested by: Host: ekstrapoint.com
URL: https://ekstrapoint.com//?showSignup=true&trkid=a815a507-4787-4857-9835-d1acba8c138a&aid=5D9&mid=PPC&cb=161576871463&cb=1615768714645
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 143.204.209.116 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-143-204-209-116.fra53.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 23f48f55c6d5d14f32c9e0eb180550916664087593e5f7eb05c4aa7f64d3c177

Request headers

Origin: https://ekstrapoint.com
Referer: https://ekstrapoint.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sun, 14 Mar 2021 14:41:15 GMT
content-encoding: gzip
x-amz-request-id: 7602AAB799C239B7
via: 1.1 ab39b007ab81966ada6e7fb1536bf377.cloudfront.net (CloudFront)
x-cache: Hit from cloudfront
x-amz-id-2: qWMVLAoqZo4jsrNyptpM6DegKngS5p2XhzJ845+qv6l/8U04PlL59ubq20fCQ0t5lJgyBEX0DMg=
last-modified: Thu, 11 Mar 2021 14:39:06 GMT
server: AmazonS3
etag: W/"dd8a2f98161c51a471d42d636ac50276"
access-control-max-age: 1209600
access-control-allow-methods: GET, OPTIONS
content-type: application/javascript
access-control-allow-origin: *
cache-control: public, max-age=29030400
x-amz-cf-pop: FRA53-C1
access-control-allow-headers: origin, content-type, accept, authorization, x-requested-with, origin-url, set-cookie, x-forwarded-url
x-amz-cf-id: AOXPt0Rv8tkI94rG_stNQrI0ZrMn8I9izdER9nsbwj9Me3InabvVIQ==

GET
H2 200 ep-coin.png
cdn.ekstrapoint.net/app/assets/images/ 1 KB
2 KB 92ms
43ms Image
image/png 13.32.168.116
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cdn.ekstrapoint.net/app/assets/images/ep-coin.png
Requested by: Host: ekstrapoint.com
URL: https://ekstrapoint.com//?showSignup=true&trkid=a815a507-4787-4857-9835-d1acba8c138a&aid=5D9&mid=PPC&cb=161576871463&cb=1615768714645
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.32.168.116 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-32-168-116.lhr62.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 73b6cac3c7553587f0982738d9717171b3cb2d4764f61c609b083fd29a85d844

Request headers

Referer: https://ekstrapoint.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sun, 14 Mar 2021 02:28:08 GMT
via: 1.1 1b8fbe8b282c39df77f9bf1f187cc284.cloudfront.net (CloudFront)
last-modified: Fri, 05 Mar 2021 14:48:06 GMT
server: AmazonS3
x-amz-request-id: EPEVEKAM7QFX4R2M
etag: "e62faec0aefde8cd32b4461317bbca87"
x-cache: Hit from cloudfront
content-type: image/png
cache-control: public, max-age=29030400
x-amz-cf-pop: LHR62-C5
accept-ranges: bytes
content-length: 1245
x-amz-id-2: dS38ZJg3hY1tNrtCZvBoCt5eEvfkSgdUWnu5DH/hB/wqkBid40UJ68axNcakQfsHcD24yzq1mUY=
x-amz-cf-id: j83y-pZ-7EIKixKid9VUy4eUWIsQa7_c23GhC1B45d_qES41Cw9Iew==

GET
H3-Q050 200 gtm.js Show response
www.googletagmanager.com/ 138 KB
48 KB 42ms
29ms Script
application/javascript 2a00:1450:4001:828::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtm.js?id=GTM-W2W7HTS

Requested by

Host: btpnav.com
URL: http://btpnav.com/click?data=SHhlVi1HQlI4WkYzbGRpQm5PWDUwcWpMZ3Btd00yR1c1Qk9NMVB5SnBVdWVwb29udUxsbkNGRi16NDBtZkJCQ2F2MklETG5uSmNiNEtISXdnTS1KN0RsUTNrcGczR0tTanpuQnljRngzQ2FnbmlxWmNOaDVfS2NxSGUxZDZwdF8ySUJDQWJTTTBucGVyNnFKblMwQ2hfN2hJaTItdmhqOWZWLWMxaHQ1a2I4MQ2&id=44e61955-700f-4cd9-b3b8-459688c0860f

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:828::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

67518aafc445adfc06f94def61aab57191f246eb45fe74b3d3c0e699f8796250

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

Referer: https://ekstrapoint.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 15 Mar 2021 00:38:36 GMT
content-encoding: br
vary: Accept-Encoding
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 48718
x-xss-protection: 0
last-modified: Mon, 15 Mar 2021 00:00:00 GMT
server: Google Tag Manager
strict-transport-security: max-age=31536000; includeSubDomains
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
expires: Mon, 15 Mar 2021 00:38:36 GMT

GET
H2 200 leaderboard Show response
ekstrapoint.com/api/v2/ 62 KB
7 KB 849ms
848ms XHR
application/json 65.9.96.29
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://ekstrapoint.com/api/v2/leaderboard?limit=8&references=en_fruity_SM_weekly,en_juicy-jackpot_SM_weekly,en_trillionaire_SM_weekly,en_slot-mountain_SM_weekly,en_pirates_SM_weekly,en_monsters_SM_daily,en_sin-city-2_SM_weekly
Requested by: Host: cdn.ekstrapoint.com
URL: https://cdn.ekstrapoint.com/app/polyfills-es2015.3bdb7cad8cfe7f02e116.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 65.9.96.29 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: /
Resource Hash: 96a3d1b1a5905f5ba5a0671e234e4e8f70be50e2fb1610848a0357604ca03daf

Request headers

Accept: application/json, text/plain, */*
Referer: https://ekstrapoint.com/?showSignup=true&trkid=a815a507-4787-4857-9835-d1acba8c138a&aid=5D9&mid=PPC&cb=161576871463&cb=1615768714645
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
x-forwarded-url: https://ekstrapoint.com/?showSignup=true&trkid=a815a507-4787-4857-9835-d1acba8c138a&aid=5D9&mid=PPC&cb=161576871463&cb=1615768714645

Response headers

date: Mon, 15 Mar 2021 00:38:36 GMT
content-encoding: gzip
x-amz-cf-pop: PRG50-C1
vary: Accept-Encoding
access-control-allow-methods: GET, POST, PUT, DELETE, OPTIONS, HEAD
content-type: application/json
access-control-allow-origin: *
access-control-max-age: 1209600
cache-control: no-cache
access-control-allow-credentials: true
x-cache: Miss from cloudfront
access-control-allow-headers: origin, content-type, accept, authorization, x-requested-with, origin-url, set-cookie, x-forwarded-url,eposucar
x-amz-cf-id: KnK6EQnpzZIoKGduT3M8xRs1D6FIPU9DfIELpHJqf9K8VxgKjlMtNQ==
via: 1.1 c76f57c516237f120f723cde4dab446f.cloudfront.net (CloudFront)

GET
H2

200

/
platform-lookaside.fbsbx.com/platform/profilepic/
Redirect Chain

https://graph.facebook.com/v3.2/3392564580822477/picture?type=large
https://platform-lookaside.fbsbx.com/platform/profilepic/?asid=3392564580822477&height=200&width=200&ext=1618360716&hash=AeQ70E3LKMf-va_qw-M

7 KB
7 KB

40ms
40ms

Image
image/jpeg

2a03:2880:f02d:12:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://platform-lookaside.fbsbx.com/platform/profilepic/?asid=3392564580822477&height=200&width=200&ext=1618360716&hash=AeQ70E3LKMf-va_qw-M
Requested by: Host: ekstrapoint.com
URL: https://ekstrapoint.com/?showSignup=true&trkid=a815a507-4787-4857-9835-d1acba8c138a&aid=5D9&mid=PPC&cb=161576871463&cb=1615768714645
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a03:2880:f02d:12:face:b00c:0:3 , United States, ASN32934 (FACEBOOK, US),
Reverse DNS
Software: /
Resource Hash: 627389fb2e1e11271205231b207e6ecb5496e1f9bd05c2a5688cb36135cb5516

Request headers

Referer: https://ekstrapoint.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-haystack-needlechecksum: 1722104496
date: Mon, 15 Mar 2021 00:38:36 GMT
x-fb-trip-id: 917726464
last-modified: Mon, 29 Jul 2019 20:58:48 GMT
x-needle-checksum: 3948537420
content-type: image/jpeg
access-control-allow-origin: *
cache-control: private, no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
content-disposition: attachment
x-fb-config-version-olb-prod: 1038
content-length: 6738

Redirect headers

strict-transport-security: max-age=15552000; preload
access-control-allow-origin: *
x-fb-rev: 1003448392
alt-svc: h3-29=":443"; ma=3600,h3-27=":443"; ma=3600
content-length: 0
x-fb-rlafr: 0
pragma: no-cache
x-fb-debug: u0wr2hMIiq7mxmkpU4SK9sy10U8fMry8h3h4i5n7KOyeHwLzBsm3kyAZHuE8L1n4wpxrFxGX9etVYqvrfWdDjQ==
x-fb-trace-id: EW1Df6oY3PD
date: Mon, 15 Mar 2021 00:38:36 GMT
content-type: image/jpeg
location: https://platform-lookaside.fbsbx.com/platform/profilepic/?asid=3392564580822477&height=200&width=200&ext=1618360716&hash=AeQ70E3LKMf-va_qw-M
x-fb-request-id: AllAyyDqLmtQa1CFRo7ZLlR
cache-control: private, no-cache, no-store, must-revalidate
facebook-api-version: v3.2
expires: Sat, 01 Jan 2000 00:00:00 GMT

GET
H2 200 platform.js Show response
apis.google.com/js/ 54 KB
21 KB 27ms
26ms Script
application/javascript 2a00:1450:4001:80e::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://apis.google.com/js/platform.js

Requested by

Host: cdn.ekstrapoint.com
URL: https://cdn.ekstrapoint.com/app/main-es2015.15d543be45ef62097a32.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80e::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

29c2221091bda7b82623054ba28bc28ed592752da15d7db1158f640f94bbb423

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-12k7QkkFzsK3CVPQX98RaA' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri /_/cspreport
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Referer: https://ekstrapoint.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 15 Mar 2021 00:38:36 GMT
content-encoding: gzip
x-content-type-options: nosniff
p3p: CP="This is not a P3P policy! See g.co/p3phelp for more info."
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 0
x-ua-compatible: IE=edge, chrome=1
server: ESF
x-frame-options: SAMEORIGIN
etag: "623116f45e9f09f5d58245285ae27df0"
strict-transport-security: max-age=31536000
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=1800, stale-while-revalidate=1800
content-security-policy: script-src 'report-sample' 'nonce-12k7QkkFzsK3CVPQX98RaA' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri /_/cspreport
timing-allow-origin: *
expires: Mon, 15 Mar 2021 00:38:36 GMT

GET
H2 200 sdk.js Show response
connect.facebook.net/en_US/ 3 KB
2 KB 6ms
6ms Script
application/x-javascript 2a03:2880:f02d:12:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/en_US/sdk.js

Requested by

Host: cdn.ekstrapoint.com
URL: https://cdn.ekstrapoint.com/app/main-es2015.15d543be45ef62097a32.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f02d:12:face:b00c:0:3 , United States, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

25b65902e5a14bdd7c6c1fec894ad2d48deb4373a1555904bf1af53911803150

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	DENY

Request headers

Referer: https://ekstrapoint.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 15 Mar 2021 00:38:36 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-md5: bcu8JluakU1VGg8Ord2HZw==
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=3600,h3-27=":443"; ma=3600
content-length: 1783
x-fb-rlafr: 0
x-fb-debug: ZMVXzD0wV15yHNYTvFj5gjT5JgTZai1SXxCyI7n6B9vrHRP6COiQEwKKfByhz6sL/cWfQxexuRCo0q71ytauYA==
x-fb-trip-id: 917726464
x-fb-content-md5: 63dcd0dc3404571e062295b2e4d45455
x-frame-options: DENY
etag: "b86fb1862906d211a3f0b553b7012e2f"
vary: Accept-Encoding
content-type: application/x-javascript; charset=utf-8
access-control-allow-origin: *
access-control-expose-headers: X-FB-Content-MD5
cache-control: public,max-age=1200,stale-while-revalidate=3600
timing-allow-origin: *
expires: Mon, 15 Mar 2021 00:43:50 GMT

GET
H2 200 6-es2015.87ee9873b8c8a172c845.js Show response
cdn.ekstrapoint.com/app/ 35 KB
6 KB 22ms
22ms Script
application/javascript 143.204.209.116
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.ekstrapoint.com/app/6-es2015.87ee9873b8c8a172c845.js
Requested by: Host: cdn.ekstrapoint.com
URL: https://cdn.ekstrapoint.com/app/runtime-es2015.e218aa2bf6347f7d15a2.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 143.204.209.116 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-143-204-209-116.fra53.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 3d9349412ecbf65d2f9eabab0681c78478f523c2a53304d7bba80dcce50dc211

Request headers

Referer: https://ekstrapoint.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sun, 14 Mar 2021 04:20:39 GMT
content-encoding: gzip
vary: Accept-Encoding
x-amz-request-id: 9S4X9GFW0Y0QCQDW
via: 1.1 511c8b6c7e903efca023a504d527516b.cloudfront.net (CloudFront)
x-cache: Hit from cloudfront
x-amz-id-2: IxuaZgPQbAULkXxFsIEgbPIdCYApw+i+QZksujzPaERzjZBDjzhpCL4DPrzCFkOJe7/S8Xf3fOM=
last-modified: Mon, 01 Mar 2021 14:35:50 GMT
server: AmazonS3
etag: W/"f4a683eb62ad9eae97d96db3fc14e41d"
access-control-max-age: 1209600
access-control-allow-methods: GET, OPTIONS
content-type: application/javascript
access-control-allow-origin: *
cache-control: public, max-age=29030400
x-amz-cf-pop: FRA53-C1
access-control-allow-headers: origin, content-type, accept, authorization, x-requested-with, origin-url, set-cookie, x-forwarded-url
x-amz-cf-id: RZPR_wzU1sidMjWLFUhzoydRIOF6jH13G-FQW417VVQdwUKRqWzqnw==

GET
DATA 200
OK truncated
/ 42 B
0 Image
image/webp

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: c90cff659645a312a28804965f3dbc34061338f7234ff5d6ddb2c57e9eadec15

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type: image/webp

GET
H2 200 ep-coin-yellow-black.8c0d368c3046ca28e98e.svg
cdn.ekstrapoint.com/app/ 834 B
1 KB 24ms
23ms Image
image/svg+xml 143.204.209.116
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cdn.ekstrapoint.com/app/ep-coin-yellow-black.8c0d368c3046ca28e98e.svg
Requested by: Host: ekstrapoint.com
URL: https://ekstrapoint.com/?showSignup=true&trkid=a815a507-4787-4857-9835-d1acba8c138a&aid=5D9&mid=PPC&cb=161576871463&cb=1615768714645
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 143.204.209.116 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-143-204-209-116.fra53.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 69115920f993c637eb5fbefea1c282f586e9aaf6031d8c0f75a2721683773d06

Request headers

Referer: https://ekstrapoint.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sun, 14 Mar 2021 03:22:47 GMT
via: 1.1 511c8b6c7e903efca023a504d527516b.cloudfront.net (CloudFront)
last-modified: Mon, 01 Mar 2021 14:35:51 GMT
server: AmazonS3
x-amz-request-id: DE30B2EEB86FE400
etag: "8c0d368c3046ca28e98e8940e330bdf2"
x-cache: Hit from cloudfront
content-type: image/svg+xml
cache-control: public, max-age=29030400
x-amz-cf-pop: FRA53-C1
accept-ranges: bytes
content-length: 834
x-amz-id-2: lfBFfcnpZBEm6nAU8B/Jf4HPTy80skvZKci9VrQnF7SSU2oDB+OpMMg3PeS3PIVPrTJlm5V2X38=
x-amz-cf-id: cAvk6w2Xk2e4jAaPZjlxg76zRXSj0mX99NMn8oq9NGWzp28C72B4-A==

GET
H2 200 signup_top-banner.png
cdn.ekstrapoint.com/app/assets/ 19 KB
20 KB 28ms
28ms Image
image/png 143.204.209.116
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cdn.ekstrapoint.com/app/assets/signup_top-banner.png
Requested by: Host: ekstrapoint.com
URL: https://ekstrapoint.com/?showSignup=true&trkid=a815a507-4787-4857-9835-d1acba8c138a&aid=5D9&mid=PPC&cb=161576871463&cb=1615768714645
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 143.204.209.116 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-143-204-209-116.fra53.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 1db13da87f8ca70aec2cff9a4da2de38a7945d1b0961628cd301a2331136ff30

Request headers

Referer: https://ekstrapoint.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sun, 14 Mar 2021 03:12:38 GMT
via: 1.1 511c8b6c7e903efca023a504d527516b.cloudfront.net (CloudFront)
last-modified: Thu, 11 Mar 2021 14:39:06 GMT
server: AmazonS3
x-amz-request-id: AE09BM24JYF29M71
etag: "644ebd4a27a788a3df82cb57870532b2"
x-cache: Hit from cloudfront
content-type: image/png
cache-control: public, max-age=29030400
x-amz-cf-pop: FRA53-C1
accept-ranges: bytes
content-length: 19528
x-amz-id-2: +j5dL8SZUv/ndZs3cYD6x8mGTcC0OFOku7nYjVR6rc/wGCX9ullqDI9Sl4boCq/Krsfh2yVrMlY=
x-amz-cf-id: CewAqiFvuKFnk3AF312nlQEECIj2qWQwgdOEYIC3Ac1EV7XrCmk6Sw==

GET
H2 200 EP-Header-Slot_cloudinary.png
res.cloudinary.com/vitamediagroup/image/upload/c_scale,f_auto,h_500,q_auto/v1611746951/prod/HERO_MAIN/ 52 KB
53 KB 7ms
6ms Image
image/webp 2a04:4e42:1b::393
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://res.cloudinary.com/vitamediagroup/image/upload/c_scale,f_auto,h_500,q_auto/v1611746951/prod/HERO_MAIN/EP-Header-Slot_cloudinary.png

Requested by

Host: ekstrapoint.com
URL: https://ekstrapoint.com/?showSignup=true&trkid=a815a507-4787-4857-9835-d1acba8c138a&aid=5D9&mid=PPC&cb=161576871463&cb=1615768714645

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a04:4e42:1b::393 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Cloudinary /

Resource Hash

b8bf8cf6aad10dbb83c0b38f7dc9bb3192db6d42b1ff9dcd90e54b2d5070d370

Security Headers

Name	Value
Strict-Transport-Security	max-age=604800
X-Content-Type-Options	nosniff

Request headers

Referer: https://ekstrapoint.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 15 Mar 2021 00:38:36 GMT
x-content-type-options: nosniff
content-disposition: inline; filename="EP-Header-Slot_cloudinary.webp"
server-timing: fastly;dur=1;cpu=0;start=2021-03-15T00:38:36.202Z;desc=hit,rtt;dur=5
vary: Save-Data
content-length: 53640
last-modified: Wed, 27 Jan 2021 11:29:18 GMT
server: Cloudinary
etag: "a8d05e8e5d9b8ce64c019b5d6e05a504"
strict-transport-security: max-age=604800
content-type: image/webp
access-control-allow-origin: *
access-control-expose-headers: Content-Length,Content-Disposition,ETag,Server-Timing,Vary,X-Content-Type-Options
cache-control: private, no-transform, immutable, max-age=2592000
accept-ranges: bytes
timing-allow-origin: *

GET
H2 200 New-Hero-Image-logo_cloudinary.png
res.cloudinary.com/vitamediagroup/image/upload/c_scale,f_auto,q_auto,w_1320/v1611672002/prod/HERO/ 5 KB
5 KB 10ms
9ms Image
image/webp 2a04:4e42:1b::393
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://res.cloudinary.com/vitamediagroup/image/upload/c_scale,f_auto,q_auto,w_1320/v1611672002/prod/HERO/New-Hero-Image-logo_cloudinary.png

Requested by

Host: ekstrapoint.com
URL: https://ekstrapoint.com/?showSignup=true&trkid=a815a507-4787-4857-9835-d1acba8c138a&aid=5D9&mid=PPC&cb=161576871463&cb=1615768714645

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a04:4e42:1b::393 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Cloudinary /

Resource Hash

6b6036436f13f9f4e95a736abb562c8dad23cb3198af0c6aded51abd91f3029c

Security Headers

Name	Value
Strict-Transport-Security	max-age=604800
X-Content-Type-Options	nosniff

Request headers

Referer: https://ekstrapoint.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 15 Mar 2021 00:38:36 GMT
x-content-type-options: nosniff
content-disposition: inline; filename="New-Hero-Image-logo_cloudinary.webp"
server-timing: fastly;dur=1;cpu=0;start=2021-03-15T00:38:36.203Z;desc=hit,rtt;dur=5
vary: Save-Data
content-length: 4664
last-modified: Tue, 26 Jan 2021 14:40:07 GMT
server: Cloudinary
etag: "76c544be95a0db7efdd35dedce65b86f"
strict-transport-security: max-age=604800
content-type: image/webp
access-control-allow-origin: *
access-control-expose-headers: Content-Length,Content-Disposition,ETag,Server-Timing,Vary,X-Content-Type-Options
cache-control: private, no-transform, immutable, max-age=2592000
accept-ranges: bytes
timing-allow-origin: *

GET
H2 200 avatar--white.svg
cdn.ekstrapoint.com/app/assets/icons/ 21 KB
15 KB 21ms
21ms Image
image/svg+xml 143.204.209.116
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cdn.ekstrapoint.com/app/assets/icons/avatar--white.svg
Requested by: Host: ekstrapoint.com
URL: https://ekstrapoint.com/?showSignup=true&trkid=a815a507-4787-4857-9835-d1acba8c138a&aid=5D9&mid=PPC&cb=161576871463&cb=1615768714645
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 143.204.209.116 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-143-204-209-116.fra53.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: a24d68ae9a623f0c54cec8a758c12e4c708845d7a30e7c7ac6df33accc0b509a

Request headers

Referer: https://ekstrapoint.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sun, 14 Mar 2021 03:31:44 GMT
content-encoding: gzip
last-modified: Thu, 11 Mar 2021 14:39:06 GMT
server: AmazonS3
x-amz-request-id: NPXN4F1EYFE8K220
etag: W/"b63d69dd3b45728a4ffd887c9a411d8e"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: image/svg+xml
via: 1.1 511c8b6c7e903efca023a504d527516b.cloudfront.net (CloudFront)
cache-control: public, max-age=29030400
x-amz-cf-pop: FRA53-C1
x-amz-cf-id: BgQ3NJnwhdpnmXKxNlwWmtFhYKHAX3KI9MNZptIWFERqqw6X7C4EmQ==
x-amz-id-2: C2kDlEQmSmTtwCol/ZwB+f+HZUUot4+NzGswHbI9vuGBB6ALrGD37kVMJuQEt061g2qsQfZ7CFA=

GET
H2 200 sdk.js Show response
connect.facebook.net/en_US/ 197 KB
60 KB 18ms
6ms Script
application/x-javascript 2a03:2880:f02d:12:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/en_US/sdk.js?hash=1885192267004003520858103d02eb6f&ua=modern_es6

Requested by

Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/sdk.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f02d:12:face:b00c:0:3 , United States, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

42e192af69d4a435ef8a2ecef3237a9cc84d94fa31181d2afe0c2ff5eb933ab0

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY

Request headers

Origin: https://ekstrapoint.com
Referer: https://ekstrapoint.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; preload; includeSubDomains
content-encoding: gzip
x-content-type-options: nosniff
content-md5: DRDsN1/Mv9Veu0TEO2ilFg==
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=3600,h3-27=":443"; ma=3600
content-length: 60548
x-fb-rlafr: 0
x-fb-debug: yAawK7uCiCblGTyzUjrI598s3iwMzczc0t85BmnDNPE7rnQm2N8D9ykVHTdDBV59DN/1iaPaHPIdefZ//bmU9A==
x-fb-trip-id: 917726464
x-fb-content-md5: 3851479001437da2c49116bdc872f053
x-frame-options: DENY
date: Mon, 15 Mar 2021 00:38:36 GMT
vary: Accept-Encoding
content-type: application/x-javascript; charset=utf-8
access-control-allow-origin: *
access-control-expose-headers: X-FB-Content-MD5
cache-control: public,max-age=31536000,stale-while-revalidate=3600,immutable
etag: "e78ac978aed3734c441c7d88c562b14c"
timing-allow-origin: *
expires: Mon, 14 Mar 2022 22:52:22 GMT

GET
H3-Q050 200 cb=gapi.loaded_0 Show response
apis.google.com/_/scs/apps-static/_/js/k=oz.gapi.en_US._62Wsnwv-UM.O/m=auth2/rt=j/sv=1/d=1/ed=1/am=wQ/rs=AGLTcCP3ho00qv2vB9ExGbDMGLpNMMv4Vw/ 103 KB
34 KB 36ms
21ms Script
text/javascript 2a00:1450:4001:82b::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://apis.google.com/_/scs/apps-static/_/js/k=oz.gapi.en_US._62Wsnwv-UM.O/m=auth2/rt=j/sv=1/d=1/ed=1/am=wQ/rs=AGLTcCP3ho00qv2vB9ExGbDMGLpNMMv4Vw/cb=gapi.loaded_0

Requested by

Host: apis.google.com
URL: https://apis.google.com/js/platform.js

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

57c06d6d9ee0cdce4645808f201e49ee1e5ac692ce485098dc017fe932ea0bc1

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://ekstrapoint.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 08 Mar 2021 04:40:26 GMT
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Wed, 03 Feb 2021 23:33:57 GMT
server: sffe
age: 590290
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, immutable, max-age=31536000
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 34839
x-xss-protection: 0
expires: Tue, 08 Mar 2022 04:40:26 GMT

GET
H2 200 94m358m7.js Show response
l.getsitecontrol.com/ 504 B
1 KB 86ms
23ms Script
text/javascript 185.59.220.194
CDN77 (^_^)/

General

Check archive.org

Show headers Download Go to

Full URL: https://l.getsitecontrol.com/94m358m7.js
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-W2W7HTS
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 185.59.220.194 Frankfurt am Main, Germany, ASN60068 (CDN77 (^_^)/, GB),
Reverse DNS: unn-185-59-220-194.datapacket.com
Software: BunnyCDN-DE1-713 /
Resource Hash: 544d87f178536371f5053ac2f88dbb57296eca73a2bc6a06920a7571e3a3eecf

Request headers

Referer: https://ekstrapoint.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 15 Mar 2021 00:38:36 GMT
content-encoding: br
cdn-edgestorageid: 723, 718, 718
x-amz-request-id: 1W6W0G3T2HAVEPER
access-control-expose-headers: Server, x-goog-meta-frames, Content-Length, Content-Type, Range, X-Requested-With, If-Modified-Since, If-None-Match
cdn-cachedat: 2021-03-03 14:03:52
cdn-pullzone: 89704
access-control-allow-headers: Server, x-goog-meta-frames, Content-Length, Content-Type, Range, X-Requested-With, If-Modified-Since, If-None-Match
x-amz-id-2: 6H2UXTXfojB4gjOpqX0yQ1vzw2nxp5eI79tZojNb3fyWbODAqrSaq74nHPWDQ3B85v91PpluPeI=
access-control-allow-origin: *
last-modified: Mon, 22 Feb 2021 10:22:41 GMT
server: BunnyCDN-DE1-713
cdn-requestpullcode: 200
vary: Accept-Encoding
content-type: text/javascript; charset=utf-8
cdn-cache: HIT
cdn-uid: e3a1246b-2fdd-4153-9207-6ca707c9379d
cache-control: public, max-age=2592000
cdn-requestid: 6df8421dfcd28371b0f2d8b96a535538
cdn-requestcountrycode: DE
cdn-requestpullsuccess: True

GET
H2 200 OneSignalSDK.js Show response
cdn.onesignal.com/sdks/ 9 KB
3 KB 26ms
11ms Script
application/javascript 2606:4700::6812:e134
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.onesignal.com/sdks/OneSignalSDK.js
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-W2W7HTS
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 2606:4700::6812:e134 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: f877a798b0af17fb62564cc4a3b2c8f1fb76398c7e3156eae984fafe175bf4c3

Request headers

Referer: https://ekstrapoint.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 15 Mar 2021 00:38:36 GMT
content-encoding: gzip
cf-cache-status: HIT
server: cloudflare
age: 681
etag: W/"29e3b92597e716694def18b1f85abbfb"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: application/javascript
cache-control: public, max-age=259200
cf-ray: 6301ae0cab864ea3-FRA
cf-request-id: 08d4eb1be800004ea3e1a25000000001
expires: Thu, 18 Mar 2021 00:38:36 GMT

GET
H2 200 fbevents.js Show response
connect.facebook.net/en_US/ 91 KB
23 KB 6ms
6ms Script
application/x-javascript 2a03:2880:f02d:12:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/en_US/fbevents.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f02d:12:face:b00c:0:3 , United States, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

9e7ea2b4ba8e2bcc4a964d6192e4671dc5f6863a1c7e35b52b229a3c1e67a68d

Security Headers

Name	Value
Content-Security-Policy	default-src facebook.net .facebook.net fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com data: blob: 'self';script-src .fbcdn.net .facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net .facebook.net fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com;connect-src .fbcdn.net .facebook.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c;
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

Referer: https://ekstrapoint.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

content-security-policy: default-src facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com data: blob: 'self';script-src *.fbcdn.net *.facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c;
content-encoding: gzip
x-content-type-options: nosniff
x-xss-protection: 0
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=3600,h3-27=":443"; ma=3600
content-length: 23762
x-fb-rlafr: 0
pragma: public
x-fb-debug: Y1p+c4P2aPXn/F6jyOL4reVWGG0+Bi15ygnlOoLLFJmpTooXlm697+ucAGq2djXb4uNhKg//0BsF3elrHiRlxw==
x-fb-trip-id: 917726464
x-frame-options: DENY
date: Mon, 15 Mar 2021 00:38:36 GMT
strict-transport-security: max-age=31536000; preload; includeSubDomains
content-type: application/x-javascript; charset=utf-8
vary: Accept-Encoding
cache-control: public, max-age=1200
expires: Sat, 01 Jan 2000 00:00:00 GMT

GET
H2 200 widget.js Show response
wchat.freshchat.com/js/ 44 KB
14 KB 403ms
197ms Script
application/javascript 52.202.129.87
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL

https://wchat.freshchat.com/js/widget.js

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-W2W7HTS

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

52.202.129.87 Ashburn, United States, ASN14618 (AMAZON-AES, US),

Reverse DNS

ec2-52-202-129-87.compute-1.amazonaws.com

Software

nginx /

Resource Hash

01f35ecfed1871c910bed05c644d93d9fc45854ca36e7988d3324db7300ea4de

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	1; mode=block

Request headers

Referer: https://ekstrapoint.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 15 Mar 2021 00:38:36 GMT
served-by: 4082
last-modified: Thu, 11 Mar 2021 10:18:43 GMT
server: nginx
strict-transport-security: max-age=31536000; includeSubDomains
content-type: application/javascript
cache-control: no-cache, no-cache, no-store, must-revalidate, pre-check=0, post-check=0
x-server: 4082
content-encoding: gzip
x-xss-protection: 1; mode=block
expires: Thu, 01 Jan 1970 00:00:01 GMT

GET
H2 200 analytics.js Show response
www.google-analytics.com/ 46 KB
19 KB 6ms
6ms Script
text/javascript 2a00:1450:4001:828::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/analytics.js

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-W2W7HTS

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:828::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

0f3be44690ae9914ae3e47b7752e1bdea316f09938e9094f99e0de19ccd8987a

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://ekstrapoint.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

strict-transport-security: max-age=10886400; includeSubDomains; preload
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Fri, 05 Feb 2021 21:33:27 GMT
server: Golfe2
age: 4211
date: Sun, 14 Mar 2021 23:28:25 GMT
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=7200
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 18980
expires: Mon, 15 Mar 2021 01:28:25 GMT

GET
H2 200 /
www.facebook.com/tr/ 44 B
259 B 6ms
6ms Image
image/gif 2a03:2880:f12d:83:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.facebook.com/tr/?id=1805945856125033&ev=fb_page_view&dl=https%3A%2F%2Fekstrapoint.com%2F%3FshowSignup%3Dtrue%26trkid%3Da815a507-4787-4857-9835-d1acba8c138a%26aid%3D5D9%26mid%3DPPC%26cb%3D161576871463%26cb%3D1615768714645&rl=https%3A%2F%2Flt.theplayadvisor.com%2F&if=false&ts=1615768716276&sw=1600&sh=1200&at=

Requested by

Host: ekstrapoint.com
URL: https://ekstrapoint.com/?showSignup=true&trkid=a815a507-4787-4857-9835-d1acba8c138a&aid=5D9&mid=PPC&cb=161576871463&cb=1615768714645

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f12d:83:face:b00c:0:25de , United States, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

proxygen-bolt /

Resource Hash

10d8d42d73a02ddb877101e72fbfa15a0ec820224d97cedee4cf92d571be5caa

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Referer: https://ekstrapoint.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 15 Mar 2021 00:38:36 GMT
last-modified: Fri, 21 Dec 2012 00:00:01 GMT
server: proxygen-bolt
strict-transport-security: max-age=31536000; includeSubDomains
content-type: image/gif
cache-control: no-cache, must-revalidate, max-age=0
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=3600,h3-27=":443"; ma=3600
content-length: 44
expires: Mon, 15 Mar 2021 00:38:36 GMT

GET
H2 200 918228268916911 Show response
connect.facebook.net/signals/config/ 240 KB
70 KB 66ms
65ms Script
application/x-javascript 2a03:2880:f02d:12:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/signals/config/918228268916911?v=2.9.33&r=stable

Requested by

Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/fbevents.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f02d:12:face:b00c:0:3 , United States, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

fbc21b81561a7b82642b6b1a4894de23b6855551fe13c21ba5d28f8dcd18bb95

Security Headers

Name	Value
Content-Security-Policy	default-src facebook.net .facebook.net fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com data: blob: 'self';script-src .fbcdn.net .facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net .facebook.net fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com;connect-src .fbcdn.net .facebook.net attachment.fbsbx.com blob: 'self' chrome-extension://boadgeojelhgndaghljhdicfkmllpafd chrome-extension://dliochdbjfkdbacpmhlcpmleaejidimm;block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c;
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

Referer: https://ekstrapoint.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

content-security-policy: default-src facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com data: blob: 'self';script-src *.fbcdn.net *.facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net attachment.fbsbx.com blob: 'self' chrome-extension://boadgeojelhgndaghljhdicfkmllpafd chrome-extension://dliochdbjfkdbacpmhlcpmleaejidimm;block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c;
content-encoding: gzip
x-content-type-options: nosniff
x-xss-protection: 0
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=3600,h3-27=":443"; ma=3600
x-fb-rlafr: 0
pragma: public
x-fb-debug: fAhr0bp+ZHQDyIsSqzuZMLkHPNnniSY+mOQH1CGDZOk4CdsUe+bjcYxPRHoztk3dQreGy54IlI7+t9sTLpVcxQ==
x-fb-trip-id: 917726464
x-frame-options: DENY
cross-origin-embedder-policy-report-only: require-corp;report-to="coep_report"
date: Mon, 15 Mar 2021 00:38:36 GMT
strict-transport-security: max-age=31536000; preload; includeSubDomains
report-to: {"group":"coop_report","max_age":2592000,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/"}],"include_subdomains":true}, {"group":"coep_report","max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/"}]}
content-type: application/x-javascript; charset=utf-8
vary: Accept-Encoding
cache-control: public, max-age=1200
priority: u=3,i
cross-origin-opener-policy-report-only: same-origin-allow-popups;report-to="coop_report"
expires: Sat, 01 Jan 2000 00:00:00 GMT

POST
H3-Q050 200 collect Show response
www.google-analytics.com/j/ 2 B
65 B 13ms
13ms XHR
text/plain 2a00:1450:4001:828::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/j/collect?v=1&_v=j88&a=540584324&t=pageview&_s=1&dl=https%3A%2F%2Fekstrapoint.com%2F%3FshowSignup%3Dtrue%26trkid%3Da815a507-4787-4857-9835-d1acba8c138a%26aid%3D5D9%26mid%3DPPC%26cb%3D161576871463%26cb%3D1615768714645&dr=https%3A%2F%2Flt.theplayadvisor.com%2F&dp=%2F%2F%3FshowSignup%3Dtrue%26trkid%3Da815a507-4787-4857-9835-d1acba8c138a%26aid%3D5D9%26mid%3DPPC%26cb%3D161576871463%26cb%3D1615768714645&ul=en-us&de=UTF-8&dt=Free%20Online%20Casino%20Games%20%26%20Slots%20%7C%20Real%20Prizes%20%7C%20EkstraPoint&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=YEBAAEABAAAAAC~&jid=978328508&gjid=817596757&cid=777917197.1615768716&tid=UA-120989112-2&_gid=1280467859.1615768716&_r=1&gtm=2wg330W2W7HTS&cd2=0&z=1553264683

Requested by

Host: cdn.ekstrapoint.com
URL: https://cdn.ekstrapoint.com/app/polyfills-es2015.3bdb7cad8cfe7f02e116.js

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:828::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

de3246094525b21a870fc7d2a67490d0132535c6fa5993755c549f1a9d1bd8af

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://ekstrapoint.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Mon, 15 Mar 2021 00:38:36 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://ekstrapoint.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 2
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 iframe Show response
accounts.google.com/o/oauth2/ Frame C82D 513 B
841 B 92ms
71ms Document
text/html 2a00:1450:4001:80e::200d
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://accounts.google.com/o/oauth2/iframe

Requested by

Host: apis.google.com
URL: https://apis.google.com/_/scs/apps-static/_/js/k=oz.gapi.en_US._62Wsnwv-UM.O/m=auth2/rt=j/sv=1/d=1/ed=1/am=wQ/rs=AGLTcCP3ho00qv2vB9ExGbDMGLpNMMv4Vw/cb=gapi.loaded_0

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80e::200d Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

178e117ef8ba0658ce40ee0435f56fe004b007f1deb4a75440a516456c54f157

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-QDo08YvJ7xr05ufdk6fn9A' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri /o/cspreport
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: accounts.google.com
:scheme: https
:path: /o/oauth2/iframe
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://ekstrapoint.com/
accept-encoding: gzip, deflate, br
accept-language: en-US
cookie: NID=211=SwXDciC8LcHPRqNwqQ7otguIWEEnNJQSgwqyqK_iztHwmU2CVY-oZZMsjOjChNUH4PkQkUQjsyF3ApHA5TEGpl8FLgpvZ9Mi5TKdMoXwSiOuZkr17Au7D4SRrz0zo-7C5VWrh-UscEIhpdJ-0BgpvM5VSjvAoAHit_3koqbHTUE
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://ekstrapoint.com/

Response headers

content-type: text/html; charset=utf-8
cache-control: no-cache, no-store, max-age=0, must-revalidate
pragma: no-cache
expires: Mon, 01 Jan 1990 00:00:00 GMT
date: Mon, 15 Mar 2021 00:38:36 GMT
content-language: en-US
content-security-policy: script-src 'report-sample' 'nonce-QDo08YvJ7xr05ufdk6fn9A' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri /o/cspreport
content-encoding: gzip
server: ESF
x-xss-protection: 0
x-content-type-options: nosniff
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

POST
H2 200 collect Show response
stats.g.doubleclick.net/j/ 4 B
87 B 16ms
16ms XHR
text/plain 2a00:1450:400c:c0c::9b
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://stats.g.doubleclick.net/j/collect?t=dc&aip=1&_r=3&v=1&_v=j88&tid=UA-120989112-2&cid=777917197.1615768716&jid=978328508&gjid=817596757&_gid=1280467859.1615768716&_u=YEBAAEAAAAAAAC~&z=922716536

Requested by

Host: cdn.ekstrapoint.com
URL: https://cdn.ekstrapoint.com/app/polyfills-es2015.3bdb7cad8cfe7f02e116.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400c:c0c::9b Brussels, Belgium, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

84e01419bd81f32ac6df0f75f49c604fda9172000a3ae432b3c47b2a6a712d80

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://ekstrapoint.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
strict-transport-security: max-age=10886400; includeSubDomains; preload
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
date: Mon, 15 Mar 2021 00:38:36 GMT
content-type: text/plain
access-control-allow-origin: https://ekstrapoint.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 4
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 ga-audiences
www.google.com/ads/ 42 B
107 B 18ms
17ms Image
image/gif 2a00:1450:4001:810::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.com/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j88&tid=UA-120989112-2&cid=777917197.1615768716&jid=978328508&_u=YEBAAEAAAAAAAC~&z=158300702

Requested by

Host: ekstrapoint.com
URL: https://ekstrapoint.com/?showSignup=true&trkid=a815a507-4787-4857-9835-d1acba8c138a&aid=5D9&mid=PPC&cb=161576871463&cb=1615768714645

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:810::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://ekstrapoint.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 15 Mar 2021 00:38:36 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 ga-audiences
www.google.de/ads/ 42 B
107 B 17ms
16ms Image
image/gif 2a00:1450:4001:810::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.de/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j88&tid=UA-120989112-2&cid=777917197.1615768716&jid=978328508&_u=YEBAAEAAAAAAAC~&z=158300702

Requested by

Host: ekstrapoint.com
URL: https://ekstrapoint.com/?showSignup=true&trkid=a815a507-4787-4857-9835-d1acba8c138a&aid=5D9&mid=PPC&cb=161576871463&cb=1615768714645

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:810::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://ekstrapoint.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 15 Mar 2021 00:38:36 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 94m358m7.json Show response
l.getsitecontrol.com/ 235 KB
9 KB 245ms
197ms XHR
application/json 185.59.220.194
CDN77 (^_^)/

General

Check archive.org

Show headers Download Go to

Full URL: https://l.getsitecontrol.com/94m358m7.json
Requested by: Host: cdn.ekstrapoint.com
URL: https://cdn.ekstrapoint.com/app/polyfills-es2015.3bdb7cad8cfe7f02e116.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 185.59.220.194 Frankfurt am Main, Germany, ASN60068 (CDN77 (^_^)/, GB),
Reverse DNS: unn-185-59-220-194.datapacket.com
Software: BunnyCDN-DE1-713 /
Resource Hash: d61eea2bd44d66606af081dfd3b6b5a2ec7d8a2feefdefa22588c5b15ec66ec6

Request headers

Referer: https://ekstrapoint.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 15 Mar 2021 00:38:36 GMT
content-encoding: br
cdn-edgestorageid: 632, 617
x-amz-request-id: 328AE79123AC50F1
access-control-expose-headers: Server, x-goog-meta-frames, Content-Length, Content-Type, Range, X-Requested-With, If-Modified-Since, If-None-Match
cdn-cachedat: 2021-02-22 11:24:48
cdn-pullzone: 89704
access-control-allow-headers: Server, x-goog-meta-frames, Content-Length, Content-Type, Range, X-Requested-With, If-Modified-Since, If-None-Match
x-amz-id-2: RCYz9h4+bKjlErOvZvIVtmnpVzV93tWrch/TSUMJ8X7J5w5LXzK6C9sazTVYVb0yh50FkDHOm7Q=
access-control-allow-origin: *
last-modified: Mon, 22 Feb 2021 10:22:41 GMT
server: BunnyCDN-DE1-713
cdn-requestpullcode: 200
vary: Accept-Encoding
content-type: application/json; charset=utf-8
cdn-cache: REVALIDATED
cdn-uid: e3a1246b-2fdd-4153-9207-6ca707c9379d
cache-control: public, max-age=5
cdn-requestid: 46d749b0fa952264585dc2805faa2460
cdn-requestcountrycode: DE
cdn-requestpullsuccess: True

GET
H2 200 /
www.facebook.com/tr/ 44 B
101 B 6ms
6ms Image
image/gif 2a03:2880:f12d:83:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.facebook.com/tr/?id=918228268916911&ev=PageView&dl=https%3A%2F%2Fekstrapoint.com%2F%3FshowSignup%3Dtrue%26trkid%3Da815a507-4787-4857-9835-d1acba8c138a%26aid%3D5D9%26mid%3DPPC%26cb%3D161576871463%26cb%3D1615768714645&rl=https%3A%2F%2Flt.theplayadvisor.com%2F&if=false&ts=1615768716373&sw=1600&sh=1200&v=2.9.33&r=stable&ec=0&o=30&fbp=fb.1.1615768716372.1398535636&it=1615768716284&coo=false&rqm=GET

Requested by

Host: ekstrapoint.com
URL: https://ekstrapoint.com/?showSignup=true&trkid=a815a507-4787-4857-9835-d1acba8c138a&aid=5D9&mid=PPC&cb=161576871463&cb=1615768714645

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f12d:83:face:b00c:0:25de , United States, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

proxygen-bolt /

Resource Hash

10d8d42d73a02ddb877101e72fbfa15a0ec820224d97cedee4cf92d571be5caa

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Referer: https://ekstrapoint.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 15 Mar 2021 00:38:36 GMT
last-modified: Fri, 21 Dec 2012 00:00:01 GMT
server: proxygen-bolt
strict-transport-security: max-age=31536000; includeSubDomains
content-type: image/gif
cache-control: no-cache, must-revalidate, max-age=0
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=3600,h3-27=":443"; ma=3600
content-length: 44
expires: Mon, 15 Mar 2021 00:38:36 GMT

GET
H2 200 4071097310-idpiframe.js Show response
ssl.gstatic.com/accounts/o/ Frame C82D 112 KB
38 KB 8ms
7ms Script
text/javascript 2a00:1450:4001:813::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://ssl.gstatic.com/accounts/o/4071097310-idpiframe.js

Requested by

Host: accounts.google.com
URL: https://accounts.google.com/o/oauth2/iframe

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:813::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

a1943a600956d093b6bdbd157ffea2a0a738342a1a7a454a31364c3aa41325fa

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://accounts.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 08 Mar 2021 20:17:48 GMT
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Fri, 05 Mar 2021 01:25:42 GMT
server: sffe
age: 534048
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=31536000
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 39191
x-xss-protection: 0
expires: Tue, 08 Mar 2022 20:17:48 GMT

GET
H3-Q050 200 iframerpc Show response
accounts.google.com/o/oauth2/ Frame C82D 14 B
330 B 69ms
54ms XHR
application/json 2a00:1450:4001:80e::200d
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://accounts.google.com/o/oauth2/iframerpc?action=checkOrigin&origin=https%3A%2F%2Fekstrapoint.com&client_id=87028484655-eo8c0tb0uoo98tnsea24cn3aa5lmivg8.apps.googleusercontent.com

Requested by

Host: ssl.gstatic.com
URL: https://ssl.gstatic.com/accounts/o/4071097310-idpiframe.js

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80e::200d Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

8daf09a6fc31937457dd77e9c25ce4b21349d605b561a8c5d557841bf964c9a0

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://accounts.google.com/o/oauth2/iframe
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
X-Requested-With: XmlHttpRequest

Response headers

date: Mon, 15 Mar 2021 00:38:36 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: ESF
content-type: application/json; charset=utf-8
cache-control: public, max-age=3600
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 0
expires: Mon, 15 Mar 2021 01:38:36 GMT

GET
H2 200 runtime.d93f1c9.js Show response
s2.getsitecontrol.com/widgets/es6/ 160 KB
51 KB 41ms
28ms Script
text/javascript 185.59.220.194
CDN77 (^_^)/

General

Check archive.org

Show headers Download Go to

Full URL: https://s2.getsitecontrol.com/widgets/es6/runtime.d93f1c9.js
Requested by: Host: l.getsitecontrol.com
URL: https://l.getsitecontrol.com/94m358m7.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 185.59.220.194 Frankfurt am Main, Germany, ASN60068 (CDN77 (^_^)/, GB),
Reverse DNS: unn-185-59-220-194.datapacket.com
Software: BunnyCDN-DE1-713 /
Resource Hash: f1d2be5463322a0c3e57edc11de621e9d8c5a5b2ac52a5aad6170d6494f4d7c9

Request headers

Referer: https://ekstrapoint.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 15 Mar 2021 00:38:36 GMT
content-encoding: br
cdn-edgestorageid: 601
x-amz-request-id: 6E27D1338A5737D9
access-control-expose-headers: Server, x-goog-meta-frames, Content-Length, Content-Type, Range, X-Requested-With, If-Modified-Since, If-None-Match
cdn-cachedat: 2021-02-04 12:18:34
cdn-pullzone: 83560
access-control-allow-headers: Server, x-goog-meta-frames, Content-Length, Content-Type, Range, X-Requested-With, If-Modified-Since, If-None-Match
x-amz-id-2: gQLuPE9o1+WlYE3TLVoJFAA08Q8K3n6OqabJE+bAcrJfWc1S+AgaPgikNdRplDhj8TUS2L+7YFQ=
access-control-allow-origin: *
last-modified: Thu, 04 Feb 2021 11:12:09 GMT
server: BunnyCDN-DE1-713
cdn-requestpullcode: 200
vary: Accept-Encoding
content-type: text/javascript; charset=utf-8
cdn-cache: HIT
cdn-uid: e3a1246b-2fdd-4153-9207-6ca707c9379d
cache-control: public, max-age=22809600
cdn-requestid: 51b77ea01156c87aca6029c369ea2e2c
cdn-requestcountrycode: DE
cdn-requestpullsuccess: True

GET
H2 200 events Show response
dash.getsitecontrol.com/api/v1/ 535 B
783 B 309ms
104ms Fetch
text/plain 54.92.176.252
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://dash.getsitecontrol.com/api/v1/events?sid=4d4b7877-e22e-4b5f-b106-0b3c566468f1
Requested by: Host: cdn.ekstrapoint.com
URL: https://cdn.ekstrapoint.com/app/polyfills-es2015.3bdb7cad8cfe7f02e116.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 54.92.176.252 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-54-92-176-252.compute-1.amazonaws.com
Software: Getsitecontrol /
Resource Hash: dbb97faf0bb1704716aebd2695f5941b7fd68a422c920f88fa291a4deb1e8f13

Request headers

Referer: https://ekstrapoint.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 15 Mar 2021 00:38:36 GMT
server: Getsitecontrol
access-control-allow-methods: GET,POST
content-type: text/plain; charset=utf-8
access-control-allow-origin: *
cache-control: private, no-cache
access-control-allow-credentials: false
access-control-allow-headers: Content-Type,X-Requested-With
content-length: 535

GET
H2 200 / Show response
wchat.freshchat.com/widget/ Frame 3971 5 KB
2 KB 102ms
102ms Document
text/html 52.202.129.87
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL

https://wchat.freshchat.com/widget/?token=f66f1fd5-3779-444d-9b9f-06c2dbc68e71&referrer=aHR0cHM6Ly9la3N0cmFwb2ludC5jb20=

Requested by

Host: wchat.freshchat.com
URL: https://wchat.freshchat.com/js/widget.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

52.202.129.87 Ashburn, United States, ASN14618 (AMAZON-AES, US),

Reverse DNS

ec2-52-202-129-87.compute-1.amazonaws.com

Software

nginx /

Resource Hash

145a7504826d9c288942da8f19cea483d440cd1c92ead7c1f77d6d88998fe2cf

Security Headers

Name	Value
Content-Security-Policy	style-src 'unsafe-inline' ; font-src 'self' data:; img-src 'self' * data:; connect-src 'self' ; script-src 'self' 'unsafe-eval' 'unsafe-inline' https://.freshchat.com https://.freshworksapi.com; child-src 'self' blob:; media-src 'self' https://.freshchat.com; manifest-src 'self' https://.freshchat.com; default-src 'none';
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	1; mode=block 1

Request headers

:method: GET
:authority: wchat.freshchat.com
:scheme: https
:path: /widget/?token=f66f1fd5-3779-444d-9b9f-06c2dbc68e71&referrer=aHR0cHM6Ly9la3N0cmFwb2ludC5jb20=
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://ekstrapoint.com/
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://ekstrapoint.com/

Response headers

date: Mon, 15 Mar 2021 00:38:36 GMT
content-type: text/html
server: nginx
last-modified: Thu, 11 Mar 2021 10:18:43 GMT
expires: Thu, 01 Jan 1970 00:00:01 GMT
cache-control: no-cache no-cache, no-store, must-revalidate, pre-check=0, post-check=0
x-xss-protection: 1; mode=block 1
strict-transport-security: max-age=31536000; includeSubDomains
served-by: 5612
x-server: 5612
content-security-policy: style-src 'unsafe-inline' *; font-src 'self' * data:; img-src 'self' * data:; connect-src 'self' *; script-src 'self' 'unsafe-eval' 'unsafe-inline' https://*.freshchat.com https://*.freshworksapi.com; child-src 'self' * blob:; media-src 'self' https://*.freshchat.com; manifest-src 'self' https://*.freshchat.com; default-src 'none';
content-encoding: gzip

GET
H2 200 widget.css
wchat.freshchat.com/css/ 7 KB
2 KB 103ms
102ms Stylesheet
text/css 52.202.129.87
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL

https://wchat.freshchat.com/css/widget.css?t=1615768716683

Requested by

Host: wchat.freshchat.com
URL: https://wchat.freshchat.com/js/widget.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

52.202.129.87 Ashburn, United States, ASN14618 (AMAZON-AES, US),

Reverse DNS

ec2-52-202-129-87.compute-1.amazonaws.com

Software

nginx /

Resource Hash

68de86e9cd4e23918bc0b670265741e54b1c4b969b3cfbd37ceca62dc0ef1fc2

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	1; mode=block

Request headers

Referer: https://ekstrapoint.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 15 Mar 2021 00:38:36 GMT
served-by: 4894
last-modified: Thu, 11 Mar 2021 10:18:43 GMT
server: nginx
strict-transport-security: max-age=31536000; includeSubDomains
content-type: text/css
cache-control: max-age=31536000, no-cache, no-store, must-revalidate, pre-check=0, post-check=0, public
x-server: 4894
content-encoding: gzip
x-xss-protection: 1; mode=block
expires: Tue, 15 Mar 2022 00:38:36 GMT

GET
H2 200 vendor-cb48eae2d25974cb9e453b74e43d0225.css
assetscdn-wchat.freshchat.com/static/assets/ Frame 3971 5 KB
2 KB 91ms
28ms Stylesheet
text/css 65.9.96.88
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://assetscdn-wchat.freshchat.com/static/assets/vendor-cb48eae2d25974cb9e453b74e43d0225.css
Requested by: Host: wchat.freshchat.com
URL: https://wchat.freshchat.com/widget/?token=f66f1fd5-3779-444d-9b9f-06c2dbc68e71&referrer=aHR0cHM6Ly9la3N0cmFwb2ludC5jb20=
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 65.9.96.88 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 479cfe30323366acc7d37e0e35c7a69198d952e7b998f87ec2b1ee5cf6dbf044

Request headers

Referer: https://wchat.freshchat.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-amz-server-side-encryption: AES256
date: Mon, 15 Mar 2021 00:37:17 GMT
content-encoding: gzip
last-modified: Tue, 02 Mar 2021 08:05:51 GMT
server: AmazonS3
age: 312
etag: W/"cb48eae2d25974cb9e453b74e43d0225"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: text/css
via: 1.1 b031f43146c9801101822eabdc464390.cloudfront.net (CloudFront)
cache-control: max-age=31536000, no-transform, public
x-amz-cf-pop: PRG50-C1
x-amz-cf-id: ze2C11dvp9HVY57odRlhBoWIaDmYZqvd7bDjN8VfneSA0RhaJPByHw==
expires: Fri, 11 Mar 2022 10:18:43 GMT

GET
H2 200 fc_web_widget-92421146592626d588a0e09124c320dc.css
assetscdn-wchat.freshchat.com/static/assets/ Frame 3971 207 KB
26 KB 91ms
28ms Stylesheet
text/css 65.9.96.88
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://assetscdn-wchat.freshchat.com/static/assets/fc_web_widget-92421146592626d588a0e09124c320dc.css
Requested by: Host: wchat.freshchat.com
URL: https://wchat.freshchat.com/widget/?token=f66f1fd5-3779-444d-9b9f-06c2dbc68e71&referrer=aHR0cHM6Ly9la3N0cmFwb2ludC5jb20=
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 65.9.96.88 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: d82e8ad03c958be0e840283b314fbd372ab169febe830a83074a6efde03f5916

Request headers

Referer: https://wchat.freshchat.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-amz-server-side-encryption: AES256
date: Mon, 15 Mar 2021 00:34:49 GMT
content-encoding: gzip
last-modified: Tue, 02 Mar 2021 08:05:46 GMT
server: AmazonS3
age: 416
etag: W/"92421146592626d588a0e09124c320dc"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: text/css
via: 1.1 b031f43146c9801101822eabdc464390.cloudfront.net (CloudFront)
cache-control: max-age=31536000, no-transform, public
x-amz-cf-pop: PRG50-C1
x-amz-cf-id: ULpuVuyYjLHhY-rd8vfn2sngMCVG51zUzHJFtXI0AbmwafMgoowM4g==
expires: Fri, 11 Mar 2022 10:18:43 GMT

GET
H2 200 vendor-fa663bf6ab59c356d5e98aabbea77fbd.js Show response
assetscdn-wchat.freshchat.com/static/assets/ Frame 3971 1 MB
380 KB 91ms
28ms Script
text/javascript 65.9.96.88
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://assetscdn-wchat.freshchat.com/static/assets/vendor-fa663bf6ab59c356d5e98aabbea77fbd.js
Requested by: Host: wchat.freshchat.com
URL: https://wchat.freshchat.com/widget/?token=f66f1fd5-3779-444d-9b9f-06c2dbc68e71&referrer=aHR0cHM6Ly9la3N0cmFwb2ludC5jb20=
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 65.9.96.88 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 85186583038d99e2e0aa74878062da51b070299b1aa2a08238ae8e600c127e14

Request headers

Referer: https://wchat.freshchat.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-amz-server-side-encryption: AES256
date: Mon, 15 Mar 2021 00:36:22 GMT
content-encoding: gzip
last-modified: Tue, 02 Mar 2021 08:05:51 GMT
server: AmazonS3
age: 158
etag: W/"fa663bf6ab59c356d5e98aabbea77fbd"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: text/javascript
via: 1.1 b031f43146c9801101822eabdc464390.cloudfront.net (CloudFront)
cache-control: max-age=31536000, no-transform, public
x-amz-cf-pop: PRG50-C1
x-amz-cf-id: IwB3R-9vO3s-t_y4GsK2I6CYYciYfPP1b-fC10jucdKU7mkiSNYjmA==
expires: Fri, 11 Mar 2022 10:18:43 GMT

GET
H2 200 fc_web_widget-aa45a75718774d454341f95dc8c642e5.js Show response
assetscdn-wchat.freshchat.com/static/assets/ Frame 3971 1 MB
198 KB 96ms
33ms Script
text/javascript 65.9.96.88
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://assetscdn-wchat.freshchat.com/static/assets/fc_web_widget-aa45a75718774d454341f95dc8c642e5.js
Requested by: Host: wchat.freshchat.com
URL: https://wchat.freshchat.com/widget/?token=f66f1fd5-3779-444d-9b9f-06c2dbc68e71&referrer=aHR0cHM6Ly9la3N0cmFwb2ludC5jb20=
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 65.9.96.88 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 1bb3d6ffc6c6de20bb88b2d0d6908b1d6417f3163d95f8a96a2c753f773d5695

Request headers

Referer: https://wchat.freshchat.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-amz-server-side-encryption: AES256
date: Mon, 15 Mar 2021 00:37:52 GMT
content-encoding: gzip
last-modified: Thu, 11 Mar 2021 10:18:45 GMT
server: AmazonS3
age: 89
etag: W/"5a08a7d40c3431bd63fcf8e9253bf1e2"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: text/javascript
via: 1.1 b031f43146c9801101822eabdc464390.cloudfront.net (CloudFront)
cache-control: max-age=31536000, no-transform, public
x-amz-cf-pop: PRG50-C1
x-amz-cf-id: 3ajxyNh2jdjUk_EL9jnpgoWJRp63oW81wIHiUz4cmPMITCoBEMBFDw==
expires: Fri, 11 Mar 2022 10:18:43 GMT

GET
H2 200 /
www.facebook.com/tr/ 44 B
101 B 6ms
6ms Image
image/gif 2a03:2880:f12d:83:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.facebook.com/tr/?id=918228268916911&ev=Microdata&dl=https%3A%2F%2Fekstrapoint.com%2F%3FshowSignup%3Dtrue%26trkid%3Da815a507-4787-4857-9835-d1acba8c138a%26aid%3D5D9%26mid%3DPPC%26cb%3D161576871463%26cb%3D1615768714645&rl=https%3A%2F%2Flt.theplayadvisor.com%2F&if=false&ts=1615768716877&cd[DataLayer]=%5B%5D&cd[Meta]=%7B%22title%22%3A%22Free%20Online%20Casino%20Games%20%26%20Slots%20%7C%20Real%20Prizes%20%7C%20EkstraPoint%22%2C%22meta%3Adescription%22%3A%22Play%20free%20casino%20games%20online%20on%20EkstraPoint.%20Get%20free%20spins%20and%20win%20competitions%20to%20get%20real%20prizes%20and%20casino%20bonuses.%20No%20deposit%20needed%20to%20win%20real%20money.%22%7D&cd[OpenGraph]=%7B%7D&cd[Schema.org]=%5B%5D&cd[JSON-LD]=%5B%7B%22%40context%22%3A%22https%3A%2F%2Fschema.org%22%2C%22%40type%22%3A%22WebPage%22%2C%22url%22%3A%22https%3A%2F%2Fekstrapoint.com%2F%22%2C%22name%22%3A%22Free%20Online%20Casino%20Games%20%26%20Slots%20%7C%20Real%20Prizes%20%7C%20EkstraPoint%22%2C%22description%22%3A%22Play%20free%20casino%20games%20online%20on%20EkstraPoint.%20Get%20free%20spins%20and%20win%20competitions%20to%20get%20real%20prizes%20and%20casino%20bonuses.%20No%20deposit%20needed%20to%20win%20real%20money.%22%2C%22inLanguage%22%3A%7B%22%40type%22%3A%22Language%22%2C%22name%22%3A%22English%22%2C%22alternateName%22%3A%22en%22%7D%2C%22primaryImageOfPage%22%3A%7B%22%40type%22%3A%22ImageObject%22%2C%22url%22%3A%22url%3A%20114%22%7D%7D%5D&sw=1600&sh=1200&v=2.9.33&r=stable&ec=1&o=30&fbp=fb.1.1615768716372.1398535636&it=1615768716284&coo=false&es=automatic&tm=3&rqm=GET

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f12d:83:face:b00c:0:25de , United States, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

proxygen-bolt /

Resource Hash

10d8d42d73a02ddb877101e72fbfa15a0ec820224d97cedee4cf92d571be5caa

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Referer: https://ekstrapoint.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 15 Mar 2021 00:38:36 GMT
last-modified: Fri, 21 Dec 2012 00:00:01 GMT
server: proxygen-bolt
strict-transport-security: max-age=31536000; includeSubDomains
content-type: image/gif
cache-control: no-cache, must-revalidate, max-age=0
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=3600,h3-27=":443"; ma=3600
content-length: 44
expires: Mon, 15 Mar 2021 00:38:36 GMT

GET
H2 200 competition-monsters.png
res.cloudinary.com/vitamediagroup/image/fetch/c_scale,e_blur:100,q_1,w_50/https://cdn.ekstrapoint.com/images/ 5 KB
5 KB 9ms
6ms Image
image/png 2a04:4e42:1b::393
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://res.cloudinary.com/vitamediagroup/image/fetch/c_scale,e_blur:100,q_1,w_50/https://cdn.ekstrapoint.com/images/competition-monsters.png

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a04:4e42:1b::393 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Cloudinary /

Resource Hash

0d9dc12607ecb4f0f7d251415d2aded00faf432b1c676aa63bf2767324334022

Security Headers

Name	Value
Strict-Transport-Security	max-age=604800
X-Content-Type-Options	nosniff

Request headers

Referer: https://ekstrapoint.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 15 Mar 2021 00:38:36 GMT
x-content-type-options: nosniff
last-modified: Fri, 12 Feb 2021 10:36:50 GMT
server: Cloudinary
etag: "3a0cb87bce5334e4c2ff889f7f2a0977"
strict-transport-security: max-age=604800
content-type: image/png
access-control-allow-origin: *
access-control-expose-headers: Content-Length,ETag,Server-Timing,X-Content-Type-Options
cache-control: public, no-transform, immutable, max-age=604800
server-timing: fastly;dur=1;cpu=0;start=2021-03-15T00:38:36.997Z;desc=hit,rtt;dur=5
accept-ranges: bytes
timing-allow-origin: *
content-length: 5034

GET
H2 200 competition-monsters-background.png
res.cloudinary.com/vitamediagroup/image/fetch/c_scale,e_blur:100,q_1,w_50/https://cdn.ekstrapoint.com/images/ 2 KB
2 KB 10ms
7ms Image
image/png 2a04:4e42:1b::393
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://res.cloudinary.com/vitamediagroup/image/fetch/c_scale,e_blur:100,q_1,w_50/https://cdn.ekstrapoint.com/images/competition-monsters-background.png

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a04:4e42:1b::393 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Cloudinary /

Resource Hash

7da52074b04629b92cdcefae01ad4ca52646caa829aa5e9bc2d7377d89e85264

Security Headers

Name	Value
Strict-Transport-Security	max-age=604800
X-Content-Type-Options	nosniff

Request headers

Referer: https://ekstrapoint.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 15 Mar 2021 00:38:36 GMT
x-content-type-options: nosniff
last-modified: Fri, 12 Feb 2021 10:36:50 GMT
server: Cloudinary
etag: "ad761ae1c89779969c97aefc9652a2b4"
strict-transport-security: max-age=604800
content-type: image/png
access-control-allow-origin: *
access-control-expose-headers: Content-Length,ETag,Server-Timing,X-Content-Type-Options
cache-control: public, no-transform, immutable, max-age=604800
server-timing: fastly;dur=1;cpu=0;start=2021-03-15T00:38:36.998Z;desc=hit,rtt;dur=5
accept-ranges: bytes
timing-allow-origin: *
content-length: 1631

GET
H2 200 slot-mountain-competition-logo.png
res.cloudinary.com/vitamediagroup/image/fetch/c_scale,e_blur:100,q_1,w_50/https://cdn.ekstrapoint.com/images/ 6 KB
6 KB 9ms
7ms Image
image/png 2a04:4e42:1b::393
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://res.cloudinary.com/vitamediagroup/image/fetch/c_scale,e_blur:100,q_1,w_50/https://cdn.ekstrapoint.com/images/slot-mountain-competition-logo.png

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a04:4e42:1b::393 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Cloudinary /

Resource Hash

0c62c6951a4240f3772f2ce6df7b43b588d7aae72bef2f3ca57576c3bdc0b203

Security Headers

Name	Value
Strict-Transport-Security	max-age=604800
X-Content-Type-Options	nosniff

Request headers

Referer: https://ekstrapoint.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 15 Mar 2021 00:38:36 GMT
x-content-type-options: nosniff
last-modified: Fri, 12 Feb 2021 10:36:50 GMT
server: Cloudinary
etag: "8018a820ba206af11c47d5e57b4903f7"
strict-transport-security: max-age=604800
content-type: image/png
access-control-allow-origin: *
access-control-expose-headers: Content-Length,ETag,Server-Timing,X-Content-Type-Options
cache-control: public, no-transform, immutable, max-age=604800
server-timing: fastly;dur=1;cpu=0;start=2021-03-15T00:38:36.998Z;desc=hit,rtt;dur=5
accept-ranges: bytes
timing-allow-origin: *
content-length: 5821

GET
H2 200 competition-slot-mountain-background.png
res.cloudinary.com/vitamediagroup/image/fetch/c_scale,e_blur:100,q_1,w_50/https://cdn.ekstrapoint.com/images/ 1 KB
1 KB 12ms
9ms Image
image/png 2a04:4e42:1b::393
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://res.cloudinary.com/vitamediagroup/image/fetch/c_scale,e_blur:100,q_1,w_50/https://cdn.ekstrapoint.com/images/competition-slot-mountain-background.png

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a04:4e42:1b::393 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Cloudinary /

Resource Hash

fb0461bcda1a76644dafbdcd95b9df0f1cb210fd6aa865ae0ddcfe270e2eabbc

Security Headers

Name	Value
Strict-Transport-Security	max-age=604800
X-Content-Type-Options	nosniff

Request headers

Referer: https://ekstrapoint.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 15 Mar 2021 00:38:36 GMT
x-content-type-options: nosniff
last-modified: Tue, 09 Feb 2021 11:27:00 GMT
server: Cloudinary
etag: "2e57068007809290be93ce2a158b40b7"
strict-transport-security: max-age=604800
content-type: image/png
access-control-allow-origin: *
access-control-expose-headers: Content-Length,ETag,Server-Timing,X-Content-Type-Options
cache-control: public, no-transform, immutable, max-age=604800
server-timing: fastly;dur=1;cpu=0;start=2021-03-15T00:38:36.998Z;desc=hit,rtt;dur=5
accept-ranges: bytes
timing-allow-origin: *
content-length: 1380

GET
H2 200 competition-classical-fruits.png
res.cloudinary.com/vitamediagroup/image/fetch/c_scale,e_blur:100,q_1,w_50/https://cdn.ekstrapoint.com/images/ 4 KB
4 KB 11ms
9ms Image
image/png 2a04:4e42:1b::393
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://res.cloudinary.com/vitamediagroup/image/fetch/c_scale,e_blur:100,q_1,w_50/https://cdn.ekstrapoint.com/images/competition-classical-fruits.png

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a04:4e42:1b::393 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Cloudinary /

Resource Hash

2f0a9e652dc3df98b72a88e1ab87521142b7d08d87fc104d16d903ac0899fc2f

Security Headers

Name	Value
Strict-Transport-Security	max-age=604800
X-Content-Type-Options	nosniff

Request headers

Referer: https://ekstrapoint.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 15 Mar 2021 00:38:36 GMT
x-content-type-options: nosniff
last-modified: Fri, 12 Feb 2021 10:36:51 GMT
server: Cloudinary
etag: "f888b79320041af1822b7cb0ff2a530b"
strict-transport-security: max-age=604800
content-type: image/png
access-control-allow-origin: *
access-control-expose-headers: Content-Length,ETag,Server-Timing,X-Content-Type-Options
cache-control: public, no-transform, immutable, max-age=604800
server-timing: fastly;dur=1;cpu=0;start=2021-03-15T00:38:36.998Z;desc=hit,rtt;dur=5
accept-ranges: bytes
timing-allow-origin: *
content-length: 3925

GET
H2 200 competition-classical-fruits-background.png
res.cloudinary.com/vitamediagroup/image/fetch/c_scale,e_blur:100,q_1,w_50/https://cdn.ekstrapoint.com/images/ 2 KB
2 KB 11ms
8ms Image
image/png 2a04:4e42:1b::393
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://res.cloudinary.com/vitamediagroup/image/fetch/c_scale,e_blur:100,q_1,w_50/https://cdn.ekstrapoint.com/images/competition-classical-fruits-background.png

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a04:4e42:1b::393 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Cloudinary /

Resource Hash

b1c2038fb05386815a7dc6a6a989ef603a45f669baf0450e9e78b9c62f8bde0f

Security Headers

Name	Value
Strict-Transport-Security	max-age=604800
X-Content-Type-Options	nosniff

Request headers

Referer: https://ekstrapoint.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 15 Mar 2021 00:38:36 GMT
x-content-type-options: nosniff
last-modified: Tue, 09 Feb 2021 11:27:00 GMT
server: Cloudinary
etag: "ea46eff30b0774f642cf13c337e384da"
strict-transport-security: max-age=604800
content-type: image/png
access-control-allow-origin: *
access-control-expose-headers: Content-Length,ETag,Server-Timing,X-Content-Type-Options
cache-control: public, no-transform, immutable, max-age=604800
server-timing: fastly;dur=1;cpu=0;start=2021-03-15T00:38:36.998Z;desc=hit,rtt;dur=5
accept-ranges: bytes
timing-allow-origin: *
content-length: 1814

GET
H2 200 competition-pirates-logo.png
res.cloudinary.com/vitamediagroup/image/fetch/c_scale,e_blur:100,q_1,w_50/https://cdn.ekstrapoint.com/images/ 6 KB
6 KB 10ms
8ms Image
image/png 2a04:4e42:1b::393
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://res.cloudinary.com/vitamediagroup/image/fetch/c_scale,e_blur:100,q_1,w_50/https://cdn.ekstrapoint.com/images/competition-pirates-logo.png

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a04:4e42:1b::393 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Cloudinary /

Resource Hash

1821a3825d0ed02c11a94ae06c5bde3b996cfc9e7e6aab4c461f3ff32cccc10a

Security Headers

Name	Value
Strict-Transport-Security	max-age=604800
X-Content-Type-Options	nosniff

Request headers

Referer: https://ekstrapoint.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 15 Mar 2021 00:38:36 GMT
x-content-type-options: nosniff
last-modified: Fri, 12 Feb 2021 10:36:50 GMT
server: Cloudinary
etag: "2813910cd895b37004760d1e2f26ae78"
strict-transport-security: max-age=604800
content-type: image/png
access-control-allow-origin: *
access-control-expose-headers: Content-Length,ETag,Server-Timing,X-Content-Type-Options
cache-control: public, no-transform, immutable, max-age=604800
server-timing: fastly;dur=1;cpu=0;start=2021-03-15T00:38:36.998Z;desc=hit,rtt;dur=5
accept-ranges: bytes
timing-allow-origin: *
content-length: 5774

GET
H2 200 pirates-background-new.jpg
res.cloudinary.com/vitamediagroup/image/fetch/c_scale,e_blur:100,q_1,w_50/https://cdn.ekstrapoint.com/images/ 309 B
396 B 9ms
7ms Image
image/jpeg 2a04:4e42:1b::393
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://res.cloudinary.com/vitamediagroup/image/fetch/c_scale,e_blur:100,q_1,w_50/https://cdn.ekstrapoint.com/images/pirates-background-new.jpg

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a04:4e42:1b::393 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Cloudinary /

Resource Hash

d1bf819527278a19fd3622dddbc0416e5be1fbd9a6101f180ae4aa7fdf0ad8c4

Security Headers

Name	Value
Strict-Transport-Security	max-age=604800
X-Content-Type-Options	nosniff

Request headers

Referer: https://ekstrapoint.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 15 Mar 2021 00:38:36 GMT
x-content-type-options: nosniff
last-modified: Tue, 09 Feb 2021 11:27:00 GMT
server: Cloudinary
etag: "0cf3a87cf742a3b78445b0c1136641f0"
strict-transport-security: max-age=604800
content-type: image/jpeg
access-control-allow-origin: *
access-control-expose-headers: Content-Length,ETag,Server-Timing,X-Content-Type-Options
cache-control: public, no-transform, immutable, max-age=604800
server-timing: fastly;dur=1;cpu=0;start=2021-03-15T00:38:36.998Z;desc=hit,rtt;dur=5
accept-ranges: bytes
timing-allow-origin: *
content-length: 309

GET
H2 200 competition-trilliionaire-logo.png
res.cloudinary.com/vitamediagroup/image/fetch/c_scale,e_blur:100,q_1,w_50/https://cdn.ekstrapoint.com/images/ 4 KB
4 KB 9ms
7ms Image
image/png 2a04:4e42:1b::393
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://res.cloudinary.com/vitamediagroup/image/fetch/c_scale,e_blur:100,q_1,w_50/https://cdn.ekstrapoint.com/images/competition-trilliionaire-logo.png

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a04:4e42:1b::393 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Cloudinary /

Resource Hash

3cbc02656511523cc34e07588e646109596fd8d9eeb9f8ce453039a575d96da1

Security Headers

Name	Value
Strict-Transport-Security	max-age=604800
X-Content-Type-Options	nosniff

Request headers

Referer: https://ekstrapoint.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 15 Mar 2021 00:38:36 GMT
x-content-type-options: nosniff
last-modified: Fri, 12 Feb 2021 10:36:50 GMT
server: Cloudinary
etag: "4cf314003466c902b4a5ca34a3fc57de"
strict-transport-security: max-age=604800
content-type: image/png
access-control-allow-origin: *
access-control-expose-headers: Content-Length,ETag,Server-Timing,X-Content-Type-Options
cache-control: public, no-transform, immutable, max-age=604800
server-timing: fastly;dur=1;cpu=0;start=2021-03-15T00:38:36.998Z;desc=hit,rtt;dur=5
accept-ranges: bytes
timing-allow-origin: *
content-length: 4110

GET
H2 200 competition-trilliionaire-background.jpg
res.cloudinary.com/vitamediagroup/image/fetch/c_scale,e_blur:100,q_1,w_50/https://cdn.ekstrapoint.com/images/ 299 B
363 B 13ms
12ms Image
image/jpeg 2a04:4e42:1b::393
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://res.cloudinary.com/vitamediagroup/image/fetch/c_scale,e_blur:100,q_1,w_50/https://cdn.ekstrapoint.com/images/competition-trilliionaire-background.jpg

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a04:4e42:1b::393 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Cloudinary /

Resource Hash

fd0a9070b5149900f37b9af2da99d6f7d7f8f34531be875b1a0892e445b241e9

Security Headers

Name	Value
Strict-Transport-Security	max-age=604800
X-Content-Type-Options	nosniff

Request headers

Referer: https://ekstrapoint.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 15 Mar 2021 00:38:36 GMT
x-content-type-options: nosniff
last-modified: Fri, 12 Feb 2021 10:36:50 GMT
server: Cloudinary
etag: "2a35a52b0d80b1cffc389bf30e73c6d0"
strict-transport-security: max-age=604800
content-type: image/jpeg
access-control-allow-origin: *
access-control-expose-headers: Content-Length,ETag,Server-Timing,X-Content-Type-Options
cache-control: public, no-transform, immutable, max-age=604800
server-timing: fastly;dur=1;cpu=0;start=2021-03-15T00:38:36.998Z;desc=hit,rtt;dur=5
accept-ranges: bytes
timing-allow-origin: *
content-length: 299

GET
H2 200 Sin-City-2-slot-game-logo.png
res.cloudinary.com/vitamediagroup/image/fetch/c_scale,e_blur:100,q_1,w_50/https://cdn.ekstrapoint.com/images/ 1 KB
1 KB 14ms
12ms Image
image/png 2a04:4e42:1b::393
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://res.cloudinary.com/vitamediagroup/image/fetch/c_scale,e_blur:100,q_1,w_50/https://cdn.ekstrapoint.com/images/Sin-City-2-slot-game-logo.png

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a04:4e42:1b::393 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Cloudinary /

Resource Hash

5072078837f02a35ace2a7e183f4cbaf04b876e345f3b32302e5ea1759e04274

Security Headers

Name	Value
Strict-Transport-Security	max-age=604800
X-Content-Type-Options	nosniff

Request headers

Referer: https://ekstrapoint.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 15 Mar 2021 00:38:36 GMT
x-content-type-options: nosniff
last-modified: Fri, 12 Feb 2021 10:36:50 GMT
server: Cloudinary
etag: "c9273e910efe469bdd9902a1017ab19a"
strict-transport-security: max-age=604800
content-type: image/png
access-control-allow-origin: *
access-control-expose-headers: Content-Length,ETag,Server-Timing,X-Content-Type-Options
cache-control: public, no-transform, immutable, max-age=604800
server-timing: fastly;dur=1;cpu=0;start=2021-03-15T00:38:36.998Z;desc=hit,rtt;dur=5
accept-ranges: bytes
timing-allow-origin: *
content-length: 1341

GET
H2 200 Sin-City-2-slot-game-background.jpg
res.cloudinary.com/vitamediagroup/image/fetch/c_scale,e_blur:100,q_1,w_50/https://cdn.ekstrapoint.com/images/ 311 B
385 B 11ms
10ms Image
image/jpeg 2a04:4e42:1b::393
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://res.cloudinary.com/vitamediagroup/image/fetch/c_scale,e_blur:100,q_1,w_50/https://cdn.ekstrapoint.com/images/Sin-City-2-slot-game-background.jpg

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a04:4e42:1b::393 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Cloudinary /

Resource Hash

40a0aae3b73d9c39c79c9512852ff0a2d241b0010450658d71ade37447a33ba0

Security Headers

Name	Value
Strict-Transport-Security	max-age=604800
X-Content-Type-Options	nosniff

Request headers

Referer: https://ekstrapoint.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 15 Mar 2021 00:38:36 GMT
x-content-type-options: nosniff
last-modified: Fri, 12 Feb 2021 10:36:50 GMT
server: Cloudinary
etag: "10d915ea3d350fec4fba8bb2185dd758"
strict-transport-security: max-age=604800
content-type: image/jpeg
access-control-allow-origin: *
access-control-expose-headers: Content-Length,ETag,Server-Timing,X-Content-Type-Options
cache-control: public, no-transform, immutable, max-age=604800
server-timing: fastly;dur=1;cpu=0;start=2021-03-15T00:38:36.998Z;desc=hit,rtt;dur=5
accept-ranges: bytes
timing-allow-origin: *
content-length: 311

GET
H2 200 competition-juicy-jackpot-logo.png
res.cloudinary.com/vitamediagroup/image/fetch/c_scale,e_blur:100,q_1,w_50/https://cdn.ekstrapoint.com/images/ 4 KB
4 KB 9ms
8ms Image
image/png 2a04:4e42:1b::393
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://res.cloudinary.com/vitamediagroup/image/fetch/c_scale,e_blur:100,q_1,w_50/https://cdn.ekstrapoint.com/images/competition-juicy-jackpot-logo.png

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a04:4e42:1b::393 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Cloudinary /

Resource Hash

37caf5b1044303c723e59ed43ce421c011b6590f7aec57b26d91878e742e7d3c

Security Headers

Name	Value
Strict-Transport-Security	max-age=604800
X-Content-Type-Options	nosniff

Request headers

Referer: https://ekstrapoint.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 15 Mar 2021 00:38:36 GMT
x-content-type-options: nosniff
last-modified: Fri, 12 Feb 2021 10:36:50 GMT
server: Cloudinary
etag: "9379a85b1ef0e7098297bd172d0b0fdd"
strict-transport-security: max-age=604800
content-type: image/png
access-control-allow-origin: *
access-control-expose-headers: Content-Length,ETag,Server-Timing,X-Content-Type-Options
cache-control: public, no-transform, immutable, max-age=604800
server-timing: fastly;dur=1;cpu=0;start=2021-03-15T00:38:36.998Z;desc=hit,rtt;dur=5
accept-ranges: bytes
timing-allow-origin: *
content-length: 4361
x-request-id: f2c77dfbadad30e23f62360fdda48dc6

GET
H2 200 competition-juicy-jackpot-background.png
res.cloudinary.com/vitamediagroup/image/fetch/c_scale,e_blur:100,q_1,w_50/https://cdn.ekstrapoint.com/images/ 1 KB
1 KB 12ms
11ms Image
image/png 2a04:4e42:1b::393
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://res.cloudinary.com/vitamediagroup/image/fetch/c_scale,e_blur:100,q_1,w_50/https://cdn.ekstrapoint.com/images/competition-juicy-jackpot-background.png

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a04:4e42:1b::393 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Cloudinary /

Resource Hash

97f1e3085b0458898a9eaae364b01045424e418e7c002e521032abb710c5a8a1

Security Headers

Name	Value
Strict-Transport-Security	max-age=604800
X-Content-Type-Options	nosniff

Request headers

Referer: https://ekstrapoint.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 15 Mar 2021 00:38:36 GMT
x-content-type-options: nosniff
last-modified: Tue, 09 Feb 2021 11:27:00 GMT
server: Cloudinary
etag: "ce7f2a64580f5e034b0f610f3a2529f0"
strict-transport-security: max-age=604800
content-type: image/png
access-control-allow-origin: *
access-control-expose-headers: Content-Length,ETag,Server-Timing,X-Content-Type-Options
cache-control: public, no-transform, immutable, max-age=604800
server-timing: fastly;dur=1;cpu=0;start=2021-03-15T00:38:36.998Z;desc=hit,rtt;dur=5
accept-ranges: bytes
timing-allow-origin: *
content-length: 1164

GET
H2 200 ep-coin.svg
cdn.ekstrapoint.com/app/assets/icons/ 2 KB
1 KB 21ms
20ms Image
image/svg+xml 143.204.209.116
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cdn.ekstrapoint.com/app/assets/icons/ep-coin.svg
Requested by: Host: cdn.ekstrapoint.com
URL: https://cdn.ekstrapoint.com/app/styles.58ddc825aa031a817587.css
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 143.204.209.116 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-143-204-209-116.fra53.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: cbea91d7b8ad45465449c722d68fb90623680c7e7bdfd5ee3f0cafba512fb75d

Request headers

Referer: https://cdn.ekstrapoint.com/app/styles.58ddc825aa031a817587.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sun, 14 Mar 2021 01:53:55 GMT
content-encoding: gzip
last-modified: Mon, 01 Mar 2021 14:35:50 GMT
server: AmazonS3
x-amz-request-id: BC2F33440CD458BB
etag: W/"ec97cf81fc9967a4f2a0ff7272ff91b8"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: image/svg+xml
via: 1.1 511c8b6c7e903efca023a504d527516b.cloudfront.net (CloudFront)
cache-control: public, max-age=29030400
x-amz-cf-pop: FRA53-C1
x-amz-cf-id: nH74GjR7rZ78uPjglLpq0IAsDy6pdow_UrdSdtUwRr67INrusYXbQA==
x-amz-id-2: 3ureUMrGIIQZtqFaF46Sk6qWUIJeUmqyxoX7IFQEjYtNZvs0kQl48Gdh4oNSNZZIM8P6AbtEQ3k=

GET
H2 200 chevron-right--white.svg
cdn.ekstrapoint.com/app/assets/icons/ 191 B
640 B 20ms
20ms Image
image/svg+xml 143.204.209.116
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cdn.ekstrapoint.com/app/assets/icons/chevron-right--white.svg
Requested by: Host: cdn.ekstrapoint.com
URL: https://cdn.ekstrapoint.com/app/styles.58ddc825aa031a817587.css
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 143.204.209.116 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-143-204-209-116.fra53.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: a2ba38145172e2804b6d987f1251da6d0d47a703bacc1732bf3fc08cedc059a0

Request headers

Referer: https://cdn.ekstrapoint.com/app/styles.58ddc825aa031a817587.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sun, 14 Mar 2021 03:36:13 GMT
via: 1.1 511c8b6c7e903efca023a504d527516b.cloudfront.net (CloudFront)
last-modified: Wed, 24 Feb 2021 12:42:50 GMT
server: AmazonS3
x-amz-request-id: 71A2DA556614B88D
etag: "60e820ef1cd5a9e3d507f23b7b14ff1b"
x-cache: Hit from cloudfront
content-type: image/svg+xml
cache-control: public, max-age=29030400
x-amz-cf-pop: FRA53-C1
accept-ranges: bytes
content-length: 191
x-amz-id-2: DyhBKhm7XMxeNhG0tk0JJnTnt0RWviXIQnSVjpLqOSH9XkMM55hRGAZneMzz0/gwaX1lSAIKTcQ=
x-amz-cf-id: nW9u3-y-k69_sqkbWb5HuR1RTV8YFvLqsWD2P6YNs4wDlLBppXjtkA==

GET
H2 200 chevron-right.svg
cdn.ekstrapoint.com/app/assets/icons/ 193 B
644 B 23ms
22ms Image
image/svg+xml 143.204.209.116
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cdn.ekstrapoint.com/app/assets/icons/chevron-right.svg
Requested by: Host: cdn.ekstrapoint.com
URL: https://cdn.ekstrapoint.com/app/styles.58ddc825aa031a817587.css
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 143.204.209.116 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-143-204-209-116.fra53.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: b7b5cb91888a40b8bfda27189bbf2f5daf5180782b77e3759698a4ed3e2bcbc4

Request headers

Referer: https://cdn.ekstrapoint.com/app/styles.58ddc825aa031a817587.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sun, 14 Mar 2021 03:33:17 GMT
via: 1.1 511c8b6c7e903efca023a504d527516b.cloudfront.net (CloudFront)
last-modified: Thu, 11 Mar 2021 14:39:06 GMT
server: AmazonS3
x-amz-request-id: 6QX9HGF8NVY676ND
etag: "af747d82a405b4395c1defb6c06c7a9a"
x-cache: Hit from cloudfront
content-type: image/svg+xml
cache-control: public, max-age=29030400
x-amz-cf-pop: FRA53-C1
accept-ranges: bytes
content-length: 193
x-amz-id-2: AYcmH6D7Re7M8wOaE9b03BJHzLHv4Ok3G7aHDQzH66moCBTCl+1PrIUI1AdP7PkPo0rgfwQ0vkc=
x-amz-cf-id: I6A7yPJA5P6T2ZXr-t_waYGC3Ekfxt_sDyZwEaxEXqRLq_MckhnVUw==

GET
H2 200 cashprize.svg
cdn.ekstrapoint.com/app/assets/icons/ 18 KB
14 KB 22ms
22ms Image
image/svg+xml 143.204.209.116
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cdn.ekstrapoint.com/app/assets/icons/cashprize.svg
Requested by: Host: cdn.ekstrapoint.com
URL: https://cdn.ekstrapoint.com/app/styles.58ddc825aa031a817587.css
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 143.204.209.116 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-143-204-209-116.fra53.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: b0c67b9866873ee64361e795e43f10be2d05f304501beadb143f21dd58416980

Request headers

Referer: https://cdn.ekstrapoint.com/app/styles.58ddc825aa031a817587.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sun, 14 Mar 2021 01:41:42 GMT
content-encoding: gzip
last-modified: Thu, 11 Mar 2021 14:39:06 GMT
server: AmazonS3
x-amz-request-id: KM10QQ4QZEXZ9WJ9
etag: W/"c2312b42d1477643918e0a412427890a"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: image/svg+xml
via: 1.1 511c8b6c7e903efca023a504d527516b.cloudfront.net (CloudFront)
cache-control: public, max-age=29030400
x-amz-cf-pop: FRA53-C1
x-amz-cf-id: -LrZGnQcZWhV01TqD0U6IRqonaH0xxLNU8yyT_dR8-gduWmYFsMyEw==
x-amz-id-2: GO8FK5Kz38h9NQ6WtdG1Kzd65cjmXob4/f8OntUCMSpa9cOlzhj8h503jMc9iv3gd758I/aSIuQ=

GET
H2 200 competition-monsters-XL.webp
cdn.ekstrapoint.com/images/ 47 KB
47 KB 28ms
26ms Image
image/png 143.204.209.116
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cdn.ekstrapoint.com/images/competition-monsters-XL.webp
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 143.204.209.116 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-143-204-209-116.fra53.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: c367fe7a8de86275bcdbdd5112c770b661d2a13c0713ecf324c78af5d4f465de

Request headers

Referer: https://ekstrapoint.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sun, 14 Mar 2021 02:43:18 GMT
via: 1.1 511c8b6c7e903efca023a504d527516b.cloudfront.net (CloudFront)
last-modified: Thu, 21 Nov 2019 11:31:45 GMT
server: AmazonS3
x-amz-request-id: 28D11FA6E4CAAFDE
etag: "248b17b61479664fcc088c53568bdf04"
x-cache: Hit from cloudfront
content-type: image/png
cache-control: public, max-age=29030400
x-amz-cf-pop: FRA53-C1
accept-ranges: bytes
content-length: 47668
x-amz-id-2: +9QY8AB+w+xx9bsIYs8oWCxlnnPqJsAmLAPSnyz0YYMu8sSJAo8i+KZRX0bo1nncwNSf/R2TRmo=
x-amz-cf-id: sVEJAKnaKFq40ZCtLsYBBRH6A7FfsGD-B_-eX1Jy-UCxy64IaPJTvQ==

GET
H2 200 competition-monsters-background-M.webp
cdn.ekstrapoint.com/images/ 15 KB
16 KB 43ms
41ms Image
image/png 143.204.209.116
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cdn.ekstrapoint.com/images/competition-monsters-background-M.webp
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 143.204.209.116 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-143-204-209-116.fra53.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: d4ef937593d12334a2ade82ec2583b0bb2e0d6358aa9e325271aa734a00d27d6

Request headers

Referer: https://ekstrapoint.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sun, 14 Mar 2021 05:22:56 GMT
via: 1.1 511c8b6c7e903efca023a504d527516b.cloudfront.net (CloudFront)
last-modified: Thu, 21 Nov 2019 11:26:05 GMT
server: AmazonS3
x-amz-request-id: DZEM6N9V3Y4P8H3T
etag: "2636af438cdfec0c4cfd59c359095e73"
x-cache: Hit from cloudfront
content-type: image/png
cache-control: public, max-age=29030400
x-amz-cf-pop: FRA53-C1
accept-ranges: bytes
content-length: 15518
x-amz-id-2: Iu2L9Lzfovmub7Ea4ttp6TDEX8RnPu+vf2/daEd/9mG67gjEBQIG1ydjOU2UgdaXqjSEcPEfrkc=
x-amz-cf-id: KwRefEtZ232wlfO-sreZaIYP7bwBiBpKmo0xdI1DZT1dD43JrhM7oQ==

GET
H2 200 slot-mountain-competition-logo-XL.webp
cdn.ekstrapoint.com/images/ 66 KB
66 KB 30ms
28ms Image
image/png 143.204.209.116
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cdn.ekstrapoint.com/images/slot-mountain-competition-logo-XL.webp
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 143.204.209.116 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-143-204-209-116.fra53.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 0616cfcdca3f23d98b29284c81d428350b1c5744882eb8b0a6c68ed05863579e

Request headers

Referer: https://ekstrapoint.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sun, 14 Mar 2021 03:17:58 GMT
via: 1.1 511c8b6c7e903efca023a504d527516b.cloudfront.net (CloudFront)
last-modified: Thu, 21 Nov 2019 10:37:13 GMT
server: AmazonS3
x-amz-request-id: B64FEDAE0DF1F863
etag: "340420dac69e6cf20d86ad144d5147c2"
x-cache: Hit from cloudfront
content-type: image/png
cache-control: public, max-age=29030400
x-amz-cf-pop: FRA53-C1
accept-ranges: bytes
content-length: 67200
x-amz-id-2: XfjavttOZnvo3CLn3AWj/z+KXw589mdsbIuXPuXXAA/tYx5YwbERxM8Li5GfPWRENGqxBcqxuas=
x-amz-cf-id: 6rZei8MHtHHrWQV0KWmLPgdc1dRV6aVtmeu0Uy3t5goMnBy_va0jzA==

GET
H2 200 competition-slot-mountain-background-M.webp
cdn.ekstrapoint.com/images/ 8 KB
8 KB 23ms
20ms Image
image/png 143.204.209.116
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cdn.ekstrapoint.com/images/competition-slot-mountain-background-M.webp
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 143.204.209.116 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-143-204-209-116.fra53.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 38d3198d418b799dbf8ebb545dd5a1083fca53ebf6cb16998fc9d69d9709f363

Request headers

Referer: https://ekstrapoint.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sun, 14 Mar 2021 03:31:50 GMT
via: 1.1 511c8b6c7e903efca023a504d527516b.cloudfront.net (CloudFront)
last-modified: Thu, 21 Nov 2019 10:36:07 GMT
server: AmazonS3
x-amz-request-id: 46PECK0K4HZQJMR5
etag: "80ebb76fec5f174397936c7052be0d9d"
x-cache: Hit from cloudfront
content-type: image/png
cache-control: public, max-age=29030400
x-amz-cf-pop: FRA53-C1
accept-ranges: bytes
content-length: 7960
x-amz-id-2: /OU1YddgdBkURUcBlxFeDTQwpQuO008ARmPZVf8IVASlYmJ3n4KTGoZVMY0biRr80lTtkST+ukU=
x-amz-cf-id: NFudaisK26AKPjAFpkSbduAUf8H_3ePo7qnfgyYnMjBsJa8Iv6xpFw==

GET
H2 200 competition-classical-fruits-XL.webp
cdn.ekstrapoint.com/images/ 34 KB
34 KB 39ms
36ms Image
image/png 143.204.209.116
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cdn.ekstrapoint.com/images/competition-classical-fruits-XL.webp
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 143.204.209.116 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-143-204-209-116.fra53.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: da10b49edc32c2e9ae8638bd9b8b05c0ff7ecbc9574518dfc4bedb542b45c4bd

Request headers

Referer: https://ekstrapoint.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sun, 14 Mar 2021 02:30:25 GMT
via: 1.1 511c8b6c7e903efca023a504d527516b.cloudfront.net (CloudFront)
last-modified: Thu, 21 Nov 2019 11:26:41 GMT
server: AmazonS3
x-amz-request-id: 47EC661978C796A6
etag: "59d51b9419a8617b5e48ce0a3c8fbe43"
x-cache: Hit from cloudfront
content-type: image/png
cache-control: public, max-age=29030400
x-amz-cf-pop: FRA53-C1
accept-ranges: bytes
content-length: 34366
x-amz-id-2: OmvCPtZO5hPKFULzBWRXCIU1ZES2Jn6G3CYRCDh8lOszQ6UjVjtiUpZqeifeai8mhMEC/y4jOss=
x-amz-cf-id: czfcgkCxM5Nj62l3m1mcAQQp-yNBMJV8XnhwLnNIuSZgA04o9TvUoQ==

GET
H2 200 competition-classical-fruits-background-M.webp
cdn.ekstrapoint.com/images/ 36 KB
36 KB 42ms
39ms Image
image/png 143.204.209.116
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cdn.ekstrapoint.com/images/competition-classical-fruits-background-M.webp
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 143.204.209.116 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-143-204-209-116.fra53.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 66af31214cf473cdc16a780d4bc165778b0a7a4d7acf00b4fdc09864d055ec01

Request headers

Referer: https://ekstrapoint.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sun, 14 Mar 2021 04:08:16 GMT
via: 1.1 511c8b6c7e903efca023a504d527516b.cloudfront.net (CloudFront)
last-modified: Thu, 21 Nov 2019 11:25:50 GMT
server: AmazonS3
x-amz-request-id: 39JQ1CHGSFAX3GCR
etag: "91cdfe97605502b87d1c2a671e429102"
x-cache: Hit from cloudfront
content-type: image/png
cache-control: public, max-age=29030400
x-amz-cf-pop: FRA53-C1
accept-ranges: bytes
content-length: 36820
x-amz-id-2: wnECvmzmnJL2EdSk6nlC5K4vAnvT1M2LpRupqVR+vCbTYJPz6VrrS18axupPRomVGhG+dTy1gYU=
x-amz-cf-id: d_ED17wCS4GjoQXUjNHu8YT_2b_TxDRjgQyvga7wthFf8pyHuH8rYg==

GET
H2 200 competition-pirates-logo-XL.webp
cdn.ekstrapoint.com/images/ 52 KB
52 KB 35ms
33ms Image
image/png 143.204.209.116
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cdn.ekstrapoint.com/images/competition-pirates-logo-XL.webp
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 143.204.209.116 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-143-204-209-116.fra53.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 37e510ca2145ae70ea6651af6208218e035328ea589ceaf7c0075419cde10e4c

Request headers

Referer: https://ekstrapoint.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sun, 14 Mar 2021 21:47:22 GMT
via: 1.1 511c8b6c7e903efca023a504d527516b.cloudfront.net (CloudFront)
last-modified: Thu, 21 Nov 2019 10:37:21 GMT
server: AmazonS3
x-amz-request-id: 935CF1771C6A5F0B
etag: "47d1731bf89e07e1a06bd31207b215de"
x-cache: Hit from cloudfront
content-type: image/png
cache-control: public, max-age=29030400
x-amz-cf-pop: FRA53-C1
accept-ranges: bytes
content-length: 53218
x-amz-id-2: YHdupHQpFUk6mQb2l5baHGSxlDQTxwQtZPhow9rutgtWZOVWGnSNJgNOUBo8iMzC65Vxo7Oh7UE=
x-amz-cf-id: EKco2wGGo_sU1TVl49dWALLmbwM-jwy-ar9erH4Tj2rk44Qvnx_MQg==

GET
H2 200 pirates-background-new-M.webp
cdn.ekstrapoint.com/images/ 11 KB
11 KB 45ms
43ms Image
image/jpeg 143.204.209.116
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cdn.ekstrapoint.com/images/pirates-background-new-M.webp
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 143.204.209.116 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-143-204-209-116.fra53.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 052f8fe3e6315a9af625e2a25cfe66790267bcc0aaebe2bf00feb803ff21cd88

Request headers

Referer: https://ekstrapoint.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sun, 14 Mar 2021 03:13:58 GMT
via: 1.1 511c8b6c7e903efca023a504d527516b.cloudfront.net (CloudFront)
last-modified: Fri, 15 Nov 2019 10:10:48 GMT
server: AmazonS3
x-amz-request-id: 8Q8PKT7H3QDWJBEB
etag: "87e24a54f58047df5486bf146544cf10"
x-cache: Hit from cloudfront
content-type: image/jpeg
cache-control: public, max-age=29030400
x-amz-cf-pop: FRA53-C1
accept-ranges: bytes
content-length: 11058
x-amz-id-2: yWWsioj/9OksnJOyFyiDlPEtGngjO7uAW39jRE6/QzyqoCDx4OoyE+i5f+2zC/215YS34S+U/IE=
x-amz-cf-id: dC75UmOYm2ZlSuo6V7Nm4jdghcVp81NYvxwmABDdQ8vjl1UEthZGIQ==

GET
H2 200 competition-trilliionaire-logo-XL.webp
cdn.ekstrapoint.com/images/ 40 KB
41 KB 40ms
38ms Image
image/png 143.204.209.116
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cdn.ekstrapoint.com/images/competition-trilliionaire-logo-XL.webp
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 143.204.209.116 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-143-204-209-116.fra53.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 12d3cc182be7d27479890b1f2c10dba077eba1cdb937a678ad43264a98ca131b

Request headers

Referer: https://ekstrapoint.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sun, 14 Mar 2021 02:48:21 GMT
via: 1.1 511c8b6c7e903efca023a504d527516b.cloudfront.net (CloudFront)
last-modified: Thu, 21 Nov 2019 10:34:05 GMT
server: AmazonS3
x-amz-request-id: BA6BFA2F0018A400
etag: "2c5e0bf2f7fb0415f3e1c6e55c2242d6"
x-cache: Hit from cloudfront
content-type: image/png
cache-control: public, max-age=29030400
x-amz-cf-pop: FRA53-C1
accept-ranges: bytes
content-length: 41000
x-amz-id-2: VOmSBXxvDxtfovdHGkltOXKoql2oZg+YskgOGLfojCtqLz9T405PizxUxJSZHXi8MkpbmNHmdus=
x-amz-cf-id: WdBxwUYye4uU_VQRAb3F-9R9m2Lx3GR_OCNbuXKD5_DcFr4du4qUXA==

GET
H2 200 competition-trilliionaire-background-M.webp
cdn.ekstrapoint.com/images/ 25 KB
25 KB 43ms
41ms Image
image/jpeg 143.204.209.116
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cdn.ekstrapoint.com/images/competition-trilliionaire-background-M.webp
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 143.204.209.116 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-143-204-209-116.fra53.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 1c0b56f5469e286ec492a093b1fb8717daaf119cd09d7de997176d73dd9feb6c

Request headers

Referer: https://ekstrapoint.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sun, 14 Mar 2021 02:56:31 GMT
via: 1.1 511c8b6c7e903efca023a504d527516b.cloudfront.net (CloudFront)
last-modified: Thu, 21 Nov 2019 10:42:05 GMT
server: AmazonS3
x-amz-request-id: 08AH53WYHZFCP4XP
etag: "a3ece614190ed871df3a8ac0db1b35d6"
x-cache: Hit from cloudfront
content-type: image/jpeg
cache-control: public, max-age=29030400
x-amz-cf-pop: FRA53-C1
accept-ranges: bytes
content-length: 25342
x-amz-id-2: hHKuIlCef/FwqZF9YhpvKH4CXB8+K7kToCdzzNz0dWMP+FTZQqd2/Sy843tjnEyfdipdcqIIkm4=
x-amz-cf-id: c7CXxjK4owORVTIpBZVJ7MnPnmQofZZ5TnoO0DDzm5t1LwQFkwASCg==

GET
H2 200 Sin-City-2-slot-game-logo-M.webp
cdn.ekstrapoint.com/images/ 18 KB
19 KB 44ms
42ms Image
image/png 143.204.209.116
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cdn.ekstrapoint.com/images/Sin-City-2-slot-game-logo-M.webp
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 143.204.209.116 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-143-204-209-116.fra53.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: fe08b463c12ffd065db969e130e5a9538a8082197dd5b284760482778955b633

Request headers

Referer: https://ekstrapoint.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sun, 14 Mar 2021 02:16:48 GMT
via: 1.1 511c8b6c7e903efca023a504d527516b.cloudfront.net (CloudFront)
last-modified: Mon, 22 Jun 2020 09:09:36 GMT
server: AmazonS3
x-amz-request-id: EMZEKKDAVQAHFT91
etag: "762eb6723a891990d52acab7159890b3"
x-cache: Hit from cloudfront
content-type: image/png
cache-control: public, max-age=29030400
x-amz-cf-pop: FRA53-C1
accept-ranges: bytes
content-length: 18642
x-amz-id-2: ryD/dmZiaI99WnRjj3eY9mwbGQqZSV1YYb6EllPlMXuyqrvdlbwheudjdJQcsxVoIIKwROwGGAg=
x-amz-cf-id: cjHhVqNLCKjM86UxP4D3JkZn936xm0i0QWneSztIk4KTjgEjkWziPw==

GET
H2 200 Sin-City-2-slot-game-background-M.webp
cdn.ekstrapoint.com/images/ 15 KB
16 KB 44ms
43ms Image
image/jpeg 143.204.209.116
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cdn.ekstrapoint.com/images/Sin-City-2-slot-game-background-M.webp
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 143.204.209.116 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-143-204-209-116.fra53.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 920ce3d3f92496179595c522f5edf3958be7574238b0a1b5bba0948695e6c80d

Request headers

Referer: https://ekstrapoint.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sun, 14 Mar 2021 04:06:54 GMT
via: 1.1 511c8b6c7e903efca023a504d527516b.cloudfront.net (CloudFront)
last-modified: Mon, 22 Jun 2020 09:10:11 GMT
server: AmazonS3
x-amz-request-id: 2606C38CD34FFBDE
etag: "45a90d180a92bf6d5fc6b264d363f4ae"
x-cache: Hit from cloudfront
content-type: image/jpeg
cache-control: public, max-age=29030400
x-amz-cf-pop: FRA53-C1
accept-ranges: bytes
content-length: 15762
x-amz-id-2: BnaV7SwiPsUlmm51+ekCHjjPu94Q0bZFe6EVFTzKGFv4iYYO7naTqXy83Ty6Q9EDI6Wnwz5CnDw=
x-amz-cf-id: czpoIv6LWwP6FuRXm8HYHgOPHuA4GVa_1qawKt6Hti_hI_EoVVVZwQ==

GET
H2 200 rts.js Show response
rts-static-prod.freshworksapi.com/us/ Frame 3971 309 KB
57 KB 100ms
44ms Script
text/javascript 65.9.96.79
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://rts-static-prod.freshworksapi.com/us/rts.js
Requested by: Host: assetscdn-wchat.freshchat.com
URL: https://assetscdn-wchat.freshchat.com/static/assets/fc_web_widget-aa45a75718774d454341f95dc8c642e5.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 65.9.96.79 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: e3e98381f78e920e1be4788a3c8c7653856dca81896098500175dc6826ed1d12

Request headers

Referer: https://wchat.freshchat.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-amz-version-id: El1gXp4Dyd2lbzKBtq1hFnpUsHZdeoAo
content-encoding: gzip
etag: W/"45bfbab5b9483d6f3a054f70c456a308"
last-modified: Tue, 16 Feb 2021 07:43:55 GMT
server: AmazonS3
x-amz-cf-pop: PRG50-C1
x-amz-server-side-encryption: AES256
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: text/javascript
via: 1.1 97101640da3dcba7a2d4a3d67a31b115.cloudfront.net (CloudFront)
cache-control: no-cache
date: Mon, 15 Mar 2021 00:38:37 GMT
x-amz-cf-id: kKv59e75vvOd698EhCCwzlg97l9LdYZFv6o4JNfJxpnimvv1g6gtOw==

GET
H2 200 config Show response
wchat.freshchat.com/app/services/app/webchat/f66f1fd5-3779-444d-9b9f-06c2dbc68e71/ Frame 3971 2 KB
2 KB 110ms
110ms XHR
application/json 52.202.129.87
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL

https://wchat.freshchat.com/app/services/app/webchat/f66f1fd5-3779-444d-9b9f-06c2dbc68e71/config?domain=aHR0cHM6Ly9la3N0cmFwb2ludC5jb20

Requested by

Host: assetscdn-wchat.freshchat.com
URL: https://assetscdn-wchat.freshchat.com/static/assets/vendor-fa663bf6ab59c356d5e98aabbea77fbd.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

52.202.129.87 Ashburn, United States, ASN14618 (AMAZON-AES, US),

Reverse DNS

ec2-52-202-129-87.compute-1.amazonaws.com

Software

nginx /

Resource Hash

689e3c21fc06a7bb176f46e67a8b481798d93e0f20a24665df1701ffd0d50b50

Security Headers

Name	Value
Content-Security-Policy	style-src 'unsafe-inline' ; font-src 'self' data:; img-src 'self' * data:; connect-src 'self' ; script-src 'self' 'unsafe-eval' 'unsafe-inline' https://.freshchat.com https://.freshworksapi.com; child-src 'self' blob:; media-src 'self' https://.freshchat.com; manifest-src 'self' https://.freshchat.com; default-src 'none';
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	1; mode=block, 1

Request headers

Accept: application/json
Referer: https://wchat.freshchat.com/widget/?token=f66f1fd5-3779-444d-9b9f-06c2dbc68e71&referrer=aHR0cHM6Ly9la3N0cmFwb2ludC5jb20=
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-server: 4082
date: Mon, 15 Mar 2021 00:38:37 GMT
served-by: 4082
server: nginx
strict-transport-security: max-age=31536000; includeSubDomains
content-type: application/json;charset=UTF-8
cache-control: no-cache, no-cache, no-store, must-revalidate, pre-check=0, post-check=0
access-control-allow-credentials: true
content-security-policy: style-src 'unsafe-inline' *; font-src 'self' * data:; img-src 'self' * data:; connect-src 'self' *; script-src 'self' 'unsafe-eval' 'unsafe-inline' https://*.freshchat.com https://*.freshworksapi.com; child-src 'self' * blob:; media-src 'self' https://*.freshchat.com; manifest-src 'self' https://*.freshchat.com; default-src 'none';
content-encoding: gzip
x-xss-protection: 1; mode=block, 1
x-request-id: e4f9f821-0bd6-4bdf-97b7-51873aa740a2
expires: Thu, 01 Jan 1970 00:00:01 GMT

GET
H2 200 en-us-e6409ca6a5d0f7c9ec3b066ac97c13c8.js Show response
assetscdn-wchat.freshchat.com/static/assets/translations/ Frame 3971 12 KB
4 KB 82ms
29ms XHR
text/javascript 65.9.96.88
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://assetscdn-wchat.freshchat.com/static/assets/translations/en-us-e6409ca6a5d0f7c9ec3b066ac97c13c8.js
Requested by: Host: assetscdn-wchat.freshchat.com
URL: https://assetscdn-wchat.freshchat.com/static/assets/vendor-fa663bf6ab59c356d5e98aabbea77fbd.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 65.9.96.88 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 65813852cb6a8411f7761b991baf9345271f90d1ba70f52b99f7509a5eb80c1e

Request headers

Accept: application/json, text/plain, */*
Referer: https://wchat.freshchat.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 15 Mar 2021 00:33:38 GMT
content-encoding: gzip
age: 507
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
access-control-max-age: 60
access-control-allow-origin: https://wchat.freshchat.com
last-modified: Tue, 02 Mar 2021 08:05:50 GMT
server: AmazonS3
etag: W/"e6409ca6a5d0f7c9ec3b066ac97c13c8"
vary: Origin
access-control-allow-methods: GET, HEAD
content-type: text/javascript
via: 1.1 6fc3cae9692b6db972e4990be9921fae.cloudfront.net (CloudFront)
cache-control: max-age=31536000, no-transform, public
access-control-allow-credentials: true
x-amz-cf-pop: PRG50-C1
x-amz-cf-id: xLh9XxKfl-5vxrIfabciAUCCLU6gKkE5M7FK7_TVrSFSXLfZqLlWrg==
expires: Fri, 11 Mar 2022 10:18:43 GMT

GET
H2 200 css
fonts.googleapis.com/ 2 KB
521 B 15ms
15ms Stylesheet
text/css 2a00:1450:4001:82a::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Lato:400,700,900&display=swap

Requested by

Host: ekstrapoint.com
URL: https://ekstrapoint.com/?showSignup=true&trkid=a815a507-4787-4857-9835-d1acba8c138a&aid=5D9&mid=PPC&cb=161576871463&cb=1615768714645

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82a::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

bb0bf2d733b2a149bef6b82de488a4c375abaccc3c9ab18e6b75fca98c509c42

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Referer: https://ekstrapoint.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 0
last-modified: Mon, 15 Mar 2021 00:29:51 GMT
server: ESF
date: Mon, 15 Mar 2021 00:38:37 GMT
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Mon, 15 Mar 2021 00:38:37 GMT

GET
H2 200 competition-slot-mountain-background-M.webp
cdn.ekstrapoint.com/images/ 8 KB
8 KB 21ms
21ms Image
image/png 143.204.209.116
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cdn.ekstrapoint.com/images/competition-slot-mountain-background-M.webp
Requested by: Host: cdn.ekstrapoint.com
URL: https://cdn.ekstrapoint.com/app/main-es2015.15d543be45ef62097a32.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 143.204.209.116 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-143-204-209-116.fra53.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 38d3198d418b799dbf8ebb545dd5a1083fca53ebf6cb16998fc9d69d9709f363

Request headers

Referer: https://ekstrapoint.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sun, 14 Mar 2021 03:31:50 GMT
via: 1.1 511c8b6c7e903efca023a504d527516b.cloudfront.net (CloudFront)
last-modified: Thu, 21 Nov 2019 10:36:07 GMT
server: AmazonS3
x-amz-request-id: 46PECK0K4HZQJMR5
etag: "80ebb76fec5f174397936c7052be0d9d"
x-cache: Hit from cloudfront
content-type: image/png
cache-control: public, max-age=29030400
x-amz-cf-pop: FRA53-C1
accept-ranges: bytes
content-length: 7960
x-amz-id-2: /OU1YddgdBkURUcBlxFeDTQwpQuO008ARmPZVf8IVASlYmJ3n4KTGoZVMY0biRr80lTtkST+ukU=
x-amz-cf-id: p7_oZdFLwLFFRlUlWwy0dTRnol8LJAKa_PYyUDzzRpMqZB9GyZRmnA==

GET
H2 200 competition-monsters-XL.webp
cdn.ekstrapoint.com/images/ 47 KB
47 KB 43ms
43ms Image
image/png 143.204.209.116
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cdn.ekstrapoint.com/images/competition-monsters-XL.webp
Requested by: Host: cdn.ekstrapoint.com
URL: https://cdn.ekstrapoint.com/app/main-es2015.15d543be45ef62097a32.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 143.204.209.116 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-143-204-209-116.fra53.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: c367fe7a8de86275bcdbdd5112c770b661d2a13c0713ecf324c78af5d4f465de

Request headers

Referer: https://ekstrapoint.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sun, 14 Mar 2021 02:43:18 GMT
via: 1.1 511c8b6c7e903efca023a504d527516b.cloudfront.net (CloudFront)
last-modified: Thu, 21 Nov 2019 11:31:45 GMT
server: AmazonS3
x-amz-request-id: 28D11FA6E4CAAFDE
etag: "248b17b61479664fcc088c53568bdf04"
x-cache: Hit from cloudfront
content-type: image/png
cache-control: public, max-age=29030400
x-amz-cf-pop: FRA53-C1
accept-ranges: bytes
content-length: 47668
x-amz-id-2: +9QY8AB+w+xx9bsIYs8oWCxlnnPqJsAmLAPSnyz0YYMu8sSJAo8i+KZRX0bo1nncwNSf/R2TRmo=
x-amz-cf-id: YeEFMCshlmg5gRdU3vh0Jtwt_b0dpM-R5z4NzLVAdZP5f53jo4m74A==

GET
H2 200 competition-pirates-logo-XL.webp
cdn.ekstrapoint.com/images/ 52 KB
52 KB 22ms
21ms Image
image/png 143.204.209.116
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cdn.ekstrapoint.com/images/competition-pirates-logo-XL.webp
Requested by: Host: cdn.ekstrapoint.com
URL: https://cdn.ekstrapoint.com/app/main-es2015.15d543be45ef62097a32.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 143.204.209.116 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-143-204-209-116.fra53.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 37e510ca2145ae70ea6651af6208218e035328ea589ceaf7c0075419cde10e4c

Request headers

Referer: https://ekstrapoint.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sun, 14 Mar 2021 21:47:22 GMT
via: 1.1 511c8b6c7e903efca023a504d527516b.cloudfront.net (CloudFront)
last-modified: Thu, 21 Nov 2019 10:37:21 GMT
server: AmazonS3
x-amz-request-id: 935CF1771C6A5F0B
etag: "47d1731bf89e07e1a06bd31207b215de"
x-cache: Hit from cloudfront
content-type: image/png
cache-control: public, max-age=29030400
x-amz-cf-pop: FRA53-C1
accept-ranges: bytes
content-length: 53218
x-amz-id-2: YHdupHQpFUk6mQb2l5baHGSxlDQTxwQtZPhow9rutgtWZOVWGnSNJgNOUBo8iMzC65Vxo7Oh7UE=
x-amz-cf-id: 4oNdfZR7PGzFPnwcFwprtmOiQ8rOHjbeNMyDlZyU44IrDrGccUNVcQ==

GET
H2 200 competition-classical-fruits-XL.webp
cdn.ekstrapoint.com/images/ 34 KB
34 KB 50ms
49ms Image
image/png 143.204.209.116
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cdn.ekstrapoint.com/images/competition-classical-fruits-XL.webp
Requested by: Host: cdn.ekstrapoint.com
URL: https://cdn.ekstrapoint.com/app/main-es2015.15d543be45ef62097a32.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 143.204.209.116 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-143-204-209-116.fra53.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: da10b49edc32c2e9ae8638bd9b8b05c0ff7ecbc9574518dfc4bedb542b45c4bd

Request headers

Referer: https://ekstrapoint.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sun, 14 Mar 2021 02:30:25 GMT
via: 1.1 511c8b6c7e903efca023a504d527516b.cloudfront.net (CloudFront)
last-modified: Thu, 21 Nov 2019 11:26:41 GMT
server: AmazonS3
x-amz-request-id: 47EC661978C796A6
etag: "59d51b9419a8617b5e48ce0a3c8fbe43"
x-cache: Hit from cloudfront
content-type: image/png
cache-control: public, max-age=29030400
x-amz-cf-pop: FRA53-C1
accept-ranges: bytes
content-length: 34366
x-amz-id-2: OmvCPtZO5hPKFULzBWRXCIU1ZES2Jn6G3CYRCDh8lOszQ6UjVjtiUpZqeifeai8mhMEC/y4jOss=
x-amz-cf-id: j3MECJdtTwRpmufCCNZ3-56g_jOQABPIDVEIWeounPjNFj2fBtsHPQ==

GET
H2 200 competition-trilliionaire-logo-XL.webp
cdn.ekstrapoint.com/images/ 40 KB
41 KB 34ms
33ms Image
image/png 143.204.209.116
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cdn.ekstrapoint.com/images/competition-trilliionaire-logo-XL.webp
Requested by: Host: cdn.ekstrapoint.com
URL: https://cdn.ekstrapoint.com/app/main-es2015.15d543be45ef62097a32.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 143.204.209.116 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-143-204-209-116.fra53.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 12d3cc182be7d27479890b1f2c10dba077eba1cdb937a678ad43264a98ca131b

Request headers

Referer: https://ekstrapoint.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sun, 14 Mar 2021 02:48:21 GMT
via: 1.1 511c8b6c7e903efca023a504d527516b.cloudfront.net (CloudFront)
last-modified: Thu, 21 Nov 2019 10:34:05 GMT
server: AmazonS3
x-amz-request-id: BA6BFA2F0018A400
etag: "2c5e0bf2f7fb0415f3e1c6e55c2242d6"
x-cache: Hit from cloudfront
content-type: image/png
cache-control: public, max-age=29030400
x-amz-cf-pop: FRA53-C1
accept-ranges: bytes
content-length: 41000
x-amz-id-2: VOmSBXxvDxtfovdHGkltOXKoql2oZg+YskgOGLfojCtqLz9T405PizxUxJSZHXi8MkpbmNHmdus=
x-amz-cf-id: 1_TaWnP4nPLgFf49rkpP1kdnGeLGOBKpAvy7pOcZpIWCcnLDisCY9w==

GET
H2 200 competition-classical-fruits-background-M.webp
cdn.ekstrapoint.com/images/ 36 KB
36 KB 25ms
24ms Image
image/png 143.204.209.116
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cdn.ekstrapoint.com/images/competition-classical-fruits-background-M.webp
Requested by: Host: cdn.ekstrapoint.com
URL: https://cdn.ekstrapoint.com/app/main-es2015.15d543be45ef62097a32.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 143.204.209.116 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-143-204-209-116.fra53.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 66af31214cf473cdc16a780d4bc165778b0a7a4d7acf00b4fdc09864d055ec01

Request headers

Referer: https://ekstrapoint.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sun, 14 Mar 2021 04:08:16 GMT
via: 1.1 511c8b6c7e903efca023a504d527516b.cloudfront.net (CloudFront)
last-modified: Thu, 21 Nov 2019 11:25:50 GMT
server: AmazonS3
x-amz-request-id: 39JQ1CHGSFAX3GCR
etag: "91cdfe97605502b87d1c2a671e429102"
x-cache: Hit from cloudfront
content-type: image/png
cache-control: public, max-age=29030400
x-amz-cf-pop: FRA53-C1
accept-ranges: bytes
content-length: 36820
x-amz-id-2: wnECvmzmnJL2EdSk6nlC5K4vAnvT1M2LpRupqVR+vCbTYJPz6VrrS18axupPRomVGhG+dTy1gYU=
x-amz-cf-id: WaTYtw3ISQ-UDK1yCJky-sKNMVhJW1b40DrYxjVRwPjaV5o-rlvb0w==

GET
H2 200 competition-monsters-background-M.webp
cdn.ekstrapoint.com/images/ 15 KB
16 KB 41ms
39ms Image
image/png 143.204.209.116
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cdn.ekstrapoint.com/images/competition-monsters-background-M.webp
Requested by: Host: cdn.ekstrapoint.com
URL: https://cdn.ekstrapoint.com/app/main-es2015.15d543be45ef62097a32.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 143.204.209.116 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-143-204-209-116.fra53.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: d4ef937593d12334a2ade82ec2583b0bb2e0d6358aa9e325271aa734a00d27d6

Request headers

Referer: https://ekstrapoint.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sun, 14 Mar 2021 05:22:56 GMT
via: 1.1 511c8b6c7e903efca023a504d527516b.cloudfront.net (CloudFront)
last-modified: Thu, 21 Nov 2019 11:26:05 GMT
server: AmazonS3
x-amz-request-id: DZEM6N9V3Y4P8H3T
etag: "2636af438cdfec0c4cfd59c359095e73"
x-cache: Hit from cloudfront
content-type: image/png
cache-control: public, max-age=29030400
x-amz-cf-pop: FRA53-C1
accept-ranges: bytes
content-length: 15518
x-amz-id-2: Iu2L9Lzfovmub7Ea4ttp6TDEX8RnPu+vf2/daEd/9mG67gjEBQIG1ydjOU2UgdaXqjSEcPEfrkc=
x-amz-cf-id: 0sbqUo2njKz4HmIyhaWUDI3x2AQkaBG7O4_syOi_WL_kvcIPy8pHYQ==

GET
H2 200 competition-trilliionaire-background-M.webp
cdn.ekstrapoint.com/images/ 25 KB
25 KB 25ms
24ms Image
image/jpeg 143.204.209.116
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cdn.ekstrapoint.com/images/competition-trilliionaire-background-M.webp
Requested by: Host: cdn.ekstrapoint.com
URL: https://cdn.ekstrapoint.com/app/main-es2015.15d543be45ef62097a32.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 143.204.209.116 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-143-204-209-116.fra53.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 1c0b56f5469e286ec492a093b1fb8717daaf119cd09d7de997176d73dd9feb6c

Request headers

Referer: https://ekstrapoint.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sun, 14 Mar 2021 02:56:31 GMT
via: 1.1 511c8b6c7e903efca023a504d527516b.cloudfront.net (CloudFront)
last-modified: Thu, 21 Nov 2019 10:42:05 GMT
server: AmazonS3
x-amz-request-id: 08AH53WYHZFCP4XP
etag: "a3ece614190ed871df3a8ac0db1b35d6"
x-cache: Hit from cloudfront
content-type: image/jpeg
cache-control: public, max-age=29030400
x-amz-cf-pop: FRA53-C1
accept-ranges: bytes
content-length: 25342
x-amz-id-2: hHKuIlCef/FwqZF9YhpvKH4CXB8+K7kToCdzzNz0dWMP+FTZQqd2/Sy843tjnEyfdipdcqIIkm4=
x-amz-cf-id: yIAX7zSqtbHYnHlz5VN5e_9Vm4qmsZ_2DDtkcxnBUlv1ViH0gRuqPA==

GET
H2 200 Sin-City-2-slot-game-logo-M.webp
cdn.ekstrapoint.com/images/ 18 KB
19 KB 34ms
33ms Image
image/png 143.204.209.116
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cdn.ekstrapoint.com/images/Sin-City-2-slot-game-logo-M.webp
Requested by: Host: cdn.ekstrapoint.com
URL: https://cdn.ekstrapoint.com/app/main-es2015.15d543be45ef62097a32.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 143.204.209.116 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-143-204-209-116.fra53.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: fe08b463c12ffd065db969e130e5a9538a8082197dd5b284760482778955b633

Request headers

Referer: https://ekstrapoint.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sun, 14 Mar 2021 02:16:48 GMT
via: 1.1 511c8b6c7e903efca023a504d527516b.cloudfront.net (CloudFront)
last-modified: Mon, 22 Jun 2020 09:09:36 GMT
server: AmazonS3
x-amz-request-id: EMZEKKDAVQAHFT91
etag: "762eb6723a891990d52acab7159890b3"
x-cache: Hit from cloudfront
content-type: image/png
cache-control: public, max-age=29030400
x-amz-cf-pop: FRA53-C1
accept-ranges: bytes
content-length: 18642
x-amz-id-2: ryD/dmZiaI99WnRjj3eY9mwbGQqZSV1YYb6EllPlMXuyqrvdlbwheudjdJQcsxVoIIKwROwGGAg=
x-amz-cf-id: Ylv8L9i15rnBOjoIhegjtjHWhKxHkd431MzTWl02dAHjJmTZOZYPlw==

GET
H2 200 Sin-City-2-slot-game-background-M.webp
cdn.ekstrapoint.com/images/ 15 KB
16 KB 49ms
48ms Image
image/jpeg 143.204.209.116
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cdn.ekstrapoint.com/images/Sin-City-2-slot-game-background-M.webp
Requested by: Host: cdn.ekstrapoint.com
URL: https://cdn.ekstrapoint.com/app/main-es2015.15d543be45ef62097a32.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 143.204.209.116 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-143-204-209-116.fra53.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 920ce3d3f92496179595c522f5edf3958be7574238b0a1b5bba0948695e6c80d

Request headers

Referer: https://ekstrapoint.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sun, 14 Mar 2021 04:06:54 GMT
via: 1.1 511c8b6c7e903efca023a504d527516b.cloudfront.net (CloudFront)
last-modified: Mon, 22 Jun 2020 09:10:11 GMT
server: AmazonS3
x-amz-request-id: 2606C38CD34FFBDE
etag: "45a90d180a92bf6d5fc6b264d363f4ae"
x-cache: Hit from cloudfront
content-type: image/jpeg
cache-control: public, max-age=29030400
x-amz-cf-pop: FRA53-C1
accept-ranges: bytes
content-length: 15762
x-amz-id-2: BnaV7SwiPsUlmm51+ekCHjjPu94Q0bZFe6EVFTzKGFv4iYYO7naTqXy83Ty6Q9EDI6Wnwz5CnDw=
x-amz-cf-id: T0EV8PZ9s9JyLuj9L_mHGu8b1P7eS7QlPpFTAp0giMgejp1x3ZRxoQ==

GET
H2 200 pirates-background-new-M.webp
cdn.ekstrapoint.com/images/ 11 KB
11 KB 49ms
49ms Image
image/jpeg 143.204.209.116
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cdn.ekstrapoint.com/images/pirates-background-new-M.webp
Requested by: Host: cdn.ekstrapoint.com
URL: https://cdn.ekstrapoint.com/app/main-es2015.15d543be45ef62097a32.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 143.204.209.116 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-143-204-209-116.fra53.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 052f8fe3e6315a9af625e2a25cfe66790267bcc0aaebe2bf00feb803ff21cd88

Request headers

Referer: https://ekstrapoint.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sun, 14 Mar 2021 03:13:58 GMT
via: 1.1 511c8b6c7e903efca023a504d527516b.cloudfront.net (CloudFront)
last-modified: Fri, 15 Nov 2019 10:10:48 GMT
server: AmazonS3
x-amz-request-id: 8Q8PKT7H3QDWJBEB
etag: "87e24a54f58047df5486bf146544cf10"
x-cache: Hit from cloudfront
content-type: image/jpeg
cache-control: public, max-age=29030400
x-amz-cf-pop: FRA53-C1
accept-ranges: bytes
content-length: 11058
x-amz-id-2: yWWsioj/9OksnJOyFyiDlPEtGngjO7uAW39jRE6/QzyqoCDx4OoyE+i5f+2zC/215YS34S+U/IE=
x-amz-cf-id: c6VoCcjLjyF-LkI7D5mcowLMrjXLA8gvJqHlI5mIID2MnMVf-f6Fpg==

GET
H2 200 slot-mountain-competition-logo-XL.webp
cdn.ekstrapoint.com/images/ 66 KB
66 KB 25ms
25ms Image
image/png 143.204.209.116
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cdn.ekstrapoint.com/images/slot-mountain-competition-logo-XL.webp
Requested by: Host: cdn.ekstrapoint.com
URL: https://cdn.ekstrapoint.com/app/main-es2015.15d543be45ef62097a32.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 143.204.209.116 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-143-204-209-116.fra53.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 0616cfcdca3f23d98b29284c81d428350b1c5744882eb8b0a6c68ed05863579e

Request headers

Referer: https://ekstrapoint.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sun, 14 Mar 2021 03:17:58 GMT
via: 1.1 511c8b6c7e903efca023a504d527516b.cloudfront.net (CloudFront)
last-modified: Thu, 21 Nov 2019 10:37:13 GMT
server: AmazonS3
x-amz-request-id: B64FEDAE0DF1F863
etag: "340420dac69e6cf20d86ad144d5147c2"
x-cache: Hit from cloudfront
content-type: image/png
cache-control: public, max-age=29030400
x-amz-cf-pop: FRA53-C1
accept-ranges: bytes
content-length: 67200
x-amz-id-2: XfjavttOZnvo3CLn3AWj/z+KXw589mdsbIuXPuXXAA/tYx5YwbERxM8Li5GfPWRENGqxBcqxuas=
x-amz-cf-id: uPrx1BrPUlYGDKLI1L4-PfjwDebsfJJBiCobcsOlskAX45HQ3I-74w==

GET
H2 200 S6u9w4BMUTPHh50XSwiPGQ.woff2
fonts.gstatic.com/s/lato/v17/ 22 KB
22 KB 7ms
6ms Font
font/woff2 2a00:1450:4001:811::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/lato/v17/S6u9w4BMUTPHh50XSwiPGQ.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Lato:400,700,900&display=swap

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:811::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

7d4243c8e973ec0cfc707904891ae4e3efc03dbc8923acb9755f9a35c92269a6

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Origin: https://ekstrapoint.com
Referer: https://fonts.googleapis.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 09 Mar 2021 06:52:12 GMT
x-content-type-options: nosniff
last-modified: Tue, 15 Sep 2020 18:10:30 GMT
server: sffe
age: 495985
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 22572
x-xss-protection: 0
expires: Wed, 09 Mar 2022 06:52:12 GMT

GET
H2 200 S6uyw4BMUTPHjx4wXg.woff2
fonts.gstatic.com/s/lato/v17/ 23 KB
23 KB 6ms
5ms Font
font/woff2 2a00:1450:4001:811::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/lato/v17/S6uyw4BMUTPHjx4wXg.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Lato:400,700,900&display=swap

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:811::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

c3c0d3f472358aac78455515c4800771426770c22698e2486d39fdb5505634e1

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Origin: https://ekstrapoint.com
Referer: https://fonts.googleapis.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 11 Mar 2021 04:06:34 GMT
x-content-type-options: nosniff
last-modified: Tue, 15 Sep 2020 18:10:46 GMT
server: sffe
age: 333123
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 23484
x-xss-protection: 0
expires: Fri, 11 Mar 2022 04:06:34 GMT

GET
H2 200 S6u9w4BMUTPHh6UVSwiPGQ.woff2
fonts.gstatic.com/s/lato/v17/ 22 KB
23 KB 7ms
6ms Font
font/woff2 2a00:1450:4001:811::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/lato/v17/S6u9w4BMUTPHh6UVSwiPGQ.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Lato:400,700,900&display=swap

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:811::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

8d3ca80fa271e94b0c36cf3053b0f806b7a42bb3395b424c99dc0bd218f0ac20

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Origin: https://ekstrapoint.com
Referer: https://fonts.googleapis.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 10 Mar 2021 22:16:00 GMT
x-content-type-options: nosniff
last-modified: Tue, 15 Sep 2020 18:12:12 GMT
server: sffe
age: 354157
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 22992
x-xss-protection: 0
expires: Thu, 10 Mar 2022 22:16:00 GMT

GET
H3-Q050 200 collect
www.google-analytics.com/ 35 B
63 B 6ms
6ms Image
image/gif 2a00:1450:4001:828::200e
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google-analytics.com/collect?v=1&_v=j88&a=540584324&t=event&ni=1&_s=2&dl=https%3A%2F%2Fekstrapoint.com%2F%3FshowSignup%3Dtrue%26trkid%3Da815a507-4787-4857-9835-d1acba8c138a%26aid%3D5D9%26mid%3DPPC%26cb%3D161576871463%26cb%3D1615768714645&dr=https%3A%2F%2Flt.theplayadvisor.com%2F&dp=%2F%2F%3FshowSignup%3Dtrue%26trkid%3Da815a507-4787-4857-9835-d1acba8c138a%26aid%3D5D9%26mid%3DPPC%26cb%3D161576871463%26cb%3D1615768714645&ul=en-us&de=UTF-8&dt=Free%20Online%20Casino%20Games%20%26%20Slots%20%7C%20Real%20Prizes%20%7C%20EkstraPoint&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&ec=getsitecontrol&ea=show&el=Cookie%20Consent%20Bar%20ENG%20%2348039&_u=aHBAAEABAAAAAC~&jid=&gjid=&cid=777917197.1615768716&tid=UA-120989112-2&_gid=1280467859.1615768716&gtm=2wg330W2W7HTS&cd2=0&z=567899242

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:828::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://ekstrapoint.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 14 Mar 2021 16:59:39 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
age: 27538
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 35
expires: Mon, 01 Jan 1990 00:00:00 GMT

POST
H2 202 events
dash.getsitecontrol.com/api/v1/ 0
212 B 312ms
108ms Other
text/plain 54.92.176.252
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://dash.getsitecontrol.com/api/v1/events?ts=1615768717065&sid=4d4b7877-e22e-4b5f-b106-0b3c566468f1&t=1615768716.218412a49ed83f9baf93b021d5496b24.2bd8225d1283d66206597845065f855f&s=a1c77cdeb8b6a8d985959a4b76e05274
Requested by: Host: s2.getsitecontrol.com
URL: https://s2.getsitecontrol.com/widgets/es6/runtime.d93f1c9.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 54.92.176.252 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-54-92-176-252.compute-1.amazonaws.com
Software: Getsitecontrol /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://ekstrapoint.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

date: Mon, 15 Mar 2021 00:38:37 GMT
server: Getsitecontrol
access-control-allow-methods: GET,POST
access-control-allow-origin: *
cache-control: private, no-cache
access-control-allow-credentials: false
access-control-allow-headers: Content-Type,X-Requested-With
content-length: 0

GET
H2 200 fs-icons_db9017235f84eecfa2cafef72d487865-1181e40b8546834a9805fdf81df2f865.woff2
assetscdn-wchat.freshchat.com/static/assets/fonts/ Frame 3971 5 KB
5 KB 27ms
27ms Font
binary/octet-stream 65.9.96.88
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://assetscdn-wchat.freshchat.com/static/assets/fonts/fs-icons_db9017235f84eecfa2cafef72d487865-1181e40b8546834a9805fdf81df2f865.woff2
Requested by: Host: assetscdn-wchat.freshchat.com
URL: https://assetscdn-wchat.freshchat.com/static/assets/fc_web_widget-92421146592626d588a0e09124c320dc.css
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 65.9.96.88 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 6666b1bc7149695c78ecca2bea7d59d1b83694253bde589d4e4ae73507f35760

Request headers

Origin: https://wchat.freshchat.com
Referer: https://assetscdn-wchat.freshchat.com/static/assets/fc_web_widget-92421146592626d588a0e09124c320dc.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 15 Mar 2021 00:33:51 GMT
via: 1.1 6fc3cae9692b6db972e4990be9921fae.cloudfront.net (CloudFront)
age: 442
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
access-control-max-age: 60
content-length: 4928
last-modified: Tue, 23 Feb 2021 10:15:18 GMT
server: AmazonS3
etag: "1181e40b8546834a9805fdf81df2f865"
vary: Origin
access-control-allow-methods: GET, HEAD
content-type: binary/octet-stream
access-control-allow-origin: https://wchat.freshchat.com
cache-control: max-age=31536000, no-transform, public
access-control-allow-credentials: true
x-amz-cf-pop: PRG50-C1
accept-ranges: bytes
x-amz-cf-id: l3f0UhSrLQ2RQyo28IYETE82KbbtSy_74oOMYCJzv0Ak8fRiqRRAfw==
expires: Fri, 11 Mar 2022 10:18:43 GMT

GET
H2 200 co-browsing.js Show response
wchat.freshchat.com/js/ 35 KB
10 KB 103ms
103ms Script
application/javascript 52.202.129.87
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL

https://wchat.freshchat.com/js/co-browsing.js

Requested by

Host: wchat.freshchat.com
URL: https://wchat.freshchat.com/js/widget.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

52.202.129.87 Ashburn, United States, ASN14618 (AMAZON-AES, US),

Reverse DNS

ec2-52-202-129-87.compute-1.amazonaws.com

Software

nginx /

Resource Hash

2d2ab2204c032e454972a6754b8b116627903444e8886a0f6252720a023c7900

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	1; mode=block

Request headers

Referer: https://ekstrapoint.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 15 Mar 2021 00:38:37 GMT
served-by: 6504
last-modified: Thu, 11 Mar 2021 10:18:43 GMT
server: nginx
strict-transport-security: max-age=31536000; includeSubDomains
content-type: application/javascript
cache-control: no-cache, no-cache, no-store, must-revalidate, pre-check=0, post-check=0
x-server: 6504
content-encoding: gzip
x-xss-protection: 1; mode=block
expires: Thu, 01 Jan 1970 00:00:01 GMT

GET
H2 200 user Show response
wchat.freshchat.com/app/services/app/webchat/f66f1fd5-3779-444d-9b9f-06c2dbc68e71/ Frame 3971 63 B
737 B 109ms
105ms XHR
application/json 52.202.129.87
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL

https://wchat.freshchat.com/app/services/app/webchat/f66f1fd5-3779-444d-9b9f-06c2dbc68e71/user

Requested by

Host: assetscdn-wchat.freshchat.com
URL: https://assetscdn-wchat.freshchat.com/static/assets/vendor-fa663bf6ab59c356d5e98aabbea77fbd.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

52.202.129.87 Ashburn, United States, ASN14618 (AMAZON-AES, US),

Reverse DNS

ec2-52-202-129-87.compute-1.amazonaws.com

Software

nginx /

Resource Hash

02a00e3ef645e0351f654665d42b03388e6a73e0ab4f853c8904faecf322b229

Security Headers

Name	Value
Content-Security-Policy	style-src 'unsafe-inline' ; font-src 'self' data:; img-src 'self' * data:; connect-src 'self' ; script-src 'self' 'unsafe-eval' 'unsafe-inline' https://.freshchat.com https://.freshworksapi.com; child-src 'self' blob:; media-src 'self' https://.freshchat.com; manifest-src 'self' https://.freshchat.com; default-src 'none';
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	1; mode=block, 1

Request headers

Accept: application/json
Referer: https://wchat.freshchat.com/widget/?token=f66f1fd5-3779-444d-9b9f-06c2dbc68e71&referrer=aHR0cHM6Ly9la3N0cmFwb2ludC5jb20=
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-server: 5612
date: Mon, 15 Mar 2021 00:38:37 GMT
served-by: 5612
server: nginx
strict-transport-security: max-age=31536000; includeSubDomains
content-type: application/json;charset=UTF-8
cache-control: no-cache, no-cache, no-store, must-revalidate, pre-check=0, post-check=0
access-control-allow-credentials: true
content-security-policy: style-src 'unsafe-inline' *; font-src 'self' * data:; img-src 'self' * data:; connect-src 'self' *; script-src 'self' 'unsafe-eval' 'unsafe-inline' https://*.freshchat.com https://*.freshworksapi.com; child-src 'self' * blob:; media-src 'self' https://*.freshchat.com; manifest-src 'self' https://*.freshchat.com; default-src 'none';
content-encoding: gzip
x-xss-protection: 1; mode=block, 1
x-request-id: 79202f66-1ace-44ec-8d27-017d75df220b
expires: Thu, 01 Jan 1970 00:00:01 GMT

GET
H2 206 notif.mp3
assetscdn-wchat.freshchat.com/static/assets/audio/ Frame 3971 4 KB
5 KB 27ms
26ms Media
audio/mpeg 65.9.96.88
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://assetscdn-wchat.freshchat.com/static/assets/audio/notif.mp3
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 65.9.96.88 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: eb2e3f703cf8ee0156a1d625e053c0968b0dfcff62ea4254ddd8ba9fece3ad32

Request headers

Referer: https://wchat.freshchat.com/
Accept-Encoding: identity;q=1, *;q=0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Range: bytes=0-

Response headers

date: Mon, 15 Mar 2021 00:35:31 GMT
via: 1.1 b031f43146c9801101822eabdc464390.cloudfront.net (CloudFront)
age: 455
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
Content-Range: bytes 0-4301/4302
Content-Length: 4302
last-modified: Tue, 23 Feb 2021 10:15:18 GMT
server: AmazonS3
etag: "a529450a7cfb4a60dea41ef294fa90dd"
content-type: audio/mpeg
cache-control: max-age=31536000, no-transform, public
x-amz-cf-pop: PRG50-C1
accept-ranges: bytes
x-amz-cf-id: PsLwGhBt9P7Oq7ESDrLBPBLBZW7TYLre0e08SWensWzPntN2c5v_sQ==
expires: Fri, 11 Mar 2022 10:18:43 GMT

GET
H2 200 cb.css
wchat.freshchat.com/css/ 1 KB
980 B 102ms
102ms Stylesheet
text/css 52.202.129.87
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL

https://wchat.freshchat.com/css/cb.css?t=1615768717626

Requested by

Host: wchat.freshchat.com
URL: https://wchat.freshchat.com/js/co-browsing.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

52.202.129.87 Ashburn, United States, ASN14618 (AMAZON-AES, US),

Reverse DNS

ec2-52-202-129-87.compute-1.amazonaws.com

Software

nginx /

Resource Hash

496f4ec180b45c31ce6fef39717ddf39efb84ce4253b3bebb43841521b8b654a

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	1; mode=block

Request headers

Referer: https://ekstrapoint.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 15 Mar 2021 00:38:37 GMT
served-by: 4894
last-modified: Thu, 11 Mar 2021 10:18:43 GMT
server: nginx
strict-transport-security: max-age=31536000; includeSubDomains
content-type: text/css
cache-control: max-age=31536000, no-cache, no-store, must-revalidate, pre-check=0, post-check=0, public
x-server: 4894
content-encoding: gzip
x-xss-protection: 1; mode=block
expires: Tue, 15 Mar 2022 00:38:37 GMT

GET
H2 200 widget_info_v2 Show response
wchat.freshchat.com/app/services/app/webchat/f66f1fd5-3779-444d-9b9f-06c2dbc68e71/ Frame 3971 7 KB
2 KB 121ms
120ms XHR
application/json 52.202.129.87
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL

https://wchat.freshchat.com/app/services/app/webchat/f66f1fd5-3779-444d-9b9f-06c2dbc68e71/widget_info_v2?locales=en-US,en-US&platform=web

Requested by

Host: assetscdn-wchat.freshchat.com
URL: https://assetscdn-wchat.freshchat.com/static/assets/vendor-fa663bf6ab59c356d5e98aabbea77fbd.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

52.202.129.87 Ashburn, United States, ASN14618 (AMAZON-AES, US),

Reverse DNS

ec2-52-202-129-87.compute-1.amazonaws.com

Software

nginx /

Resource Hash

ac48a8d71cf946f605c205f773495d376263f47a61fe4c8fccf69f3166b8275f

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	1; mode=block

Request headers

Accept: application/json
Referer: https://wchat.freshchat.com/widget/?token=f66f1fd5-3779-444d-9b9f-06c2dbc68e71&referrer=aHR0cHM6Ly9la3N0cmFwb2ludC5jb20=
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-server: 5612
date: Mon, 15 Mar 2021 00:38:37 GMT
served-by: 5612
server: nginx
strict-transport-security: max-age=31536000; includeSubDomains
content-type: application/json;charset=UTF-8
cache-control: no-cache, no-cache, no-store, must-revalidate, pre-check=0, post-check=0
access-control-allow-credentials: true
x-status: EXPIRED
content-encoding: gzip
x-xss-protection: 1; mode=block
x-request-id: 4ea0eba2-bd09-449d-add0-70bf2af0e206
expires: Thu, 01 Jan 1970 00:00:01 GMT

GET
H2 200 category Show response
wchat.freshchat.com/app/services/app/webchat/f66f1fd5-3779-444d-9b9f-06c2dbc68e71/faq/ Frame 3971 209 B
832 B 112ms
112ms XHR
application/json 52.202.129.87
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL

https://wchat.freshchat.com/app/services/app/webchat/f66f1fd5-3779-444d-9b9f-06c2dbc68e71/faq/category?platform=web&locales=en-US%2Cen-US&since=&lastLocaleId=

Requested by

Host: assetscdn-wchat.freshchat.com
URL: https://assetscdn-wchat.freshchat.com/static/assets/vendor-fa663bf6ab59c356d5e98aabbea77fbd.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

52.202.129.87 Ashburn, United States, ASN14618 (AMAZON-AES, US),

Reverse DNS

ec2-52-202-129-87.compute-1.amazonaws.com

Software

nginx /

Resource Hash

02e3544a9bc30d538c1df9d02fb82f1306798ebb68470fcc67e2bbe4e9cbac77

Security Headers

Name	Value
Content-Security-Policy	style-src 'unsafe-inline' ; font-src 'self' data:; img-src 'self' * data:; connect-src 'self' ; script-src 'self' 'unsafe-eval' 'unsafe-inline' https://.freshchat.com https://.freshworksapi.com; child-src 'self' blob:; media-src 'self' https://.freshchat.com; manifest-src 'self' https://.freshchat.com; default-src 'none';
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	1; mode=block, 1

Request headers

Accept: application/json
Referer: https://wchat.freshchat.com/widget/?token=f66f1fd5-3779-444d-9b9f-06c2dbc68e71&referrer=aHR0cHM6Ly9la3N0cmFwb2ludC5jb20=
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-server: 4894
date: Mon, 15 Mar 2021 00:38:37 GMT
served-by: 4894
server: nginx
strict-transport-security: max-age=31536000; includeSubDomains
content-type: application/json;charset=UTF-8
cache-control: no-cache, no-cache, no-store, must-revalidate, pre-check=0, post-check=0
access-control-allow-credentials: true
content-security-policy: style-src 'unsafe-inline' *; font-src 'self' * data:; img-src 'self' * data:; connect-src 'self' *; script-src 'self' 'unsafe-eval' 'unsafe-inline' https://*.freshchat.com https://*.freshworksapi.com; child-src 'self' * blob:; media-src 'self' https://*.freshchat.com; manifest-src 'self' https://*.freshchat.com; default-src 'none';
content-encoding: gzip
x-xss-protection: 1; mode=block, 1
x-request-id: b8770170-baf4-4074-807f-cbae42f53e6a
expires: Thu, 01 Jan 1970 00:00:01 GMT

PUT
H2 200 activity Show response
wchat.freshchat.com/app/services/app/webchat/f66f1fd5-3779-444d-9b9f-06c2dbc68e71/user/4fa20270-ac00-48b5-ac5e-646ea1021617/ Frame 3971 17 B
666 B 106ms
106ms XHR
application/json 52.202.129.87
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL

https://wchat.freshchat.com/app/services/app/webchat/f66f1fd5-3779-444d-9b9f-06c2dbc68e71/user/4fa20270-ac00-48b5-ac5e-646ea1021617/activity

Requested by

Host: assetscdn-wchat.freshchat.com
URL: https://assetscdn-wchat.freshchat.com/static/assets/vendor-fa663bf6ab59c356d5e98aabbea77fbd.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

52.202.129.87 Ashburn, United States, ASN14618 (AMAZON-AES, US),

Reverse DNS

ec2-52-202-129-87.compute-1.amazonaws.com

Software

nginx /

Resource Hash

f1ea07a1e51a389c8de07120ae5c2e432e9dd8f4fbd6f92489f185b0523a3fd4

Security Headers

Name	Value
Content-Security-Policy	style-src 'unsafe-inline' ; font-src 'self' data:; img-src 'self' * data:; connect-src 'self' ; script-src 'self' 'unsafe-eval' 'unsafe-inline' https://.freshchat.com https://.freshworksapi.com; child-src 'self' blob:; media-src 'self' https://.freshchat.com; manifest-src 'self' https://.freshchat.com; default-src 'none';
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	1; mode=block, 1

Request headers

Referer: https://wchat.freshchat.com/home/15533
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 15 Mar 2021 00:38:37 GMT
served-by: 2601
server: nginx
strict-transport-security: max-age=31536000; includeSubDomains
content-type: application/json;charset=UTF-8
cache-control: no-cache, no-cache, no-store, must-revalidate, pre-check=0, post-check=0
access-control-allow-credentials: true
content-security-policy: style-src 'unsafe-inline' *; font-src 'self' * data:; img-src 'self' * data:; connect-src 'self' *; script-src 'self' 'unsafe-eval' 'unsafe-inline' https://*.freshchat.com https://*.freshworksapi.com; child-src 'self' * blob:; media-src 'self' https://*.freshchat.com; manifest-src 'self' https://*.freshchat.com; default-src 'none';
x-server: 2601
content-length: 17
x-xss-protection: 1; mode=block, 1
x-request-id: 0b9c9315-0440-4788-81a5-be321c4d7c81
expires: Thu, 01 Jan 1970 00:00:01 GMT

GET
H/1.1 200
OK img_1608548677039.png
fc-use1-00-pics-bkt-00.s3.amazonaws.com/df78d362957be05f638225ed4f0f93bdcd2504ad786dd840ffde14668f4af2c6/f_marketingpicFull/u_aa227e7731067a41842c87c1fa635cbd8f7ffac5aaa2187add0be6348a8155d0/ Frame 3971 3 KB
3 KB 423ms
125ms Image
image/png 52.216.12.92
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://fc-use1-00-pics-bkt-00.s3.amazonaws.com/df78d362957be05f638225ed4f0f93bdcd2504ad786dd840ffde14668f4af2c6/f_marketingpicFull/u_aa227e7731067a41842c87c1fa635cbd8f7ffac5aaa2187add0be6348a8155d0/img_1608548677039.png
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.216.12.92 Ashburn, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: s3-1-w.amazonaws.com
Software: AmazonS3 /
Resource Hash: 996858dbe66b99cf2c1b787cc441dae72a1d434e482d355bdb041496598e4c11

Request headers

Referer: https://wchat.freshchat.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-amz-server-side-encryption: AES256
Date: Mon, 15 Mar 2021 00:38:39 GMT
Last-Modified: Mon, 21 Dec 2020 11:04:38 GMT
Server: AmazonS3
x-amz-request-id: 6BJ0MCRCS03210BQ
ETag: "f965ac02a75a9dc6ed0fd28ea307f1a9"
x-amz-version-id: ZNeTap_fx3Oj1Q2pTVyLQ8d4L2Pk8uhk
x-amz-storage-class: REDUCED_REDUNDANCY
Accept-Ranges: bytes
Content-Type: image/png
Content-Length: 2803
x-amz-id-2: nVCqcClkgXpYUh+nsadqLMZ9R6M0/XySomh+tmtk4G+LAa4ET7rVCZY/xy1d7Dmr7rqWLpzQdh4=

GET
BLOB 200
OK 8206c490-22fb-4ad2-a303-c4b6a0d6248a
https://wchat.freshchat.com/ Frame 3971 150 B
0 Other
text/plain

General

Check archive.org

Show headers Download Go to

Full URL: blob:https://wchat.freshchat.com/8206c490-22fb-4ad2-a303-c4b6a0d6248a
Protocol: BLOB
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: f9ad5dbf44764c275ac6c76067b0a3a388cb1a8a20e4e5d2e71d942f032e0c5b

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Length: 150

Verdicts & Comments Add Verdict or Comment

194 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

9 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
.google.com/	1970-01-19 21:12:59	Name: NID Value: 211=SwXDciC8LcHPRqNwqQ7otguIWEEnNJQSgwqyqK_iztHwmU2CVY-oZZMsjOjChNUH4PkQkUQjsyF3ApHA5TEGpl8FLgpvZ9Mi5TKdMoXwSiOuZkr17Au7D4SRrz0zo-7C5VWrh-UscEIhpdJ-0BgpvM5VSjvAoAHit_3koqbHTUE
.ekstrapoint.com/	1970-01-20 01:35:04	Name: _fw_crm_v Value: 97804161-6d88-4d6b-9c55-ae5f27c63871
.ekstrapoint.com/	1970-01-19 18:59:04	Name: _fbp Value: fb.1.1615768716372.1398535636
.ekstrapoint.com/	1970-01-19 16:49:28	Name: _gat_UA-120989112-2 Value: 1
.ekstrapoint.com/	1970-01-19 16:50:55	Name: _gid Value: GA1.2.1280467859.1615768716
.ekstrapoint.com/	1970-01-20 10:20:40	Name: _ga Value: GA1.2.777917197.1615768716
.ekstrapoint.com/	1970-01-19 18:59:04	Name: _gcl_au Value: 1.1.335296643.1615768716
.ekstrapoint.com/	1978-01-11 21:30:57	Name: G_ENABLED_IDPS Value: google
ekstrapoint.com/	1970-01-19 16:50:55	Name: trkdata Value: {"mid":"PPC","referer":"https://lt.theplayadvisor.com/","affiliateTrackingId":"a815a507-4787-4857-9835-d1acba8c138a"}

16 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
console-api	log	URL: https://cdn.ekstrapoint.com/app/main-es2015.15d543be45ef62097a32.js(Line 1) Message: ### Params pushed to gsc: {"userName":null,"firstName":null,"welcomeName":null,"pointsEp":null,"locale":null,"linkToken":null,"siteLanguage":"en","country":"INT","region":null,"language":"en","geoIso":null}
console-api	error	URL: https://cdn.ekstrapoint.com/app/main-es2015.15d543be45ef62097a32.js(Line 1) Message: Error getting data from localStorage TypeError: Cannot read property 'getItem' of null
console-api	log	URL: https://cdn.ekstrapoint.com/app/main-es2015.15d543be45ef62097a32.js(Line 1) Message: manage no-scroll class false
console-api	log	URL: https://cdn.ekstrapoint.com/app/main-es2015.15d543be45ef62097a32.js(Line 1) Message: manage no-scroll class true
console-api	error	URL: https://cdn.ekstrapoint.com/app/main-es2015.15d543be45ef62097a32.js(Line 1) Message: Error getting data from localStorage TypeError: Cannot read property 'getItem' of null
console-api	error	URL: https://cdn.ekstrapoint.com/app/main-es2015.15d543be45ef62097a32.js(Line 1) Message: Error getting data from localStorage TypeError: Cannot read property 'getItem' of null
console-api	error	URL: https://cdn.ekstrapoint.com/app/main-es2015.15d543be45ef62097a32.js(Line 1) Message: Error getting data from localStorage TypeError: Cannot read property 'getItem' of null
console-api	error	URL: https://cdn.ekstrapoint.com/app/main-es2015.15d543be45ef62097a32.js(Line 1) Message: Error getting data from localStorage TypeError: Cannot read property 'getItem' of null
console-api	log	URL: https://cdn.onesignal.com/sdks/OneSignalSDK.js(Line 1) Message: OneSignal: Using fallback ES5 Stub for backwards compatibility.
console-api	error	URL: https://cdn.ekstrapoint.com/app/main-es2015.15d543be45ef62097a32.js(Line 1) Message: Error getting data from localStorage TypeError: Cannot read property 'getItem' of null
console-api	error	URL: https://cdn.ekstrapoint.com/app/main-es2015.15d543be45ef62097a32.js(Line 1) Message: Error getting data from localStorage TypeError: Cannot read property 'getItem' of null
console-api	error	URL: https://cdn.ekstrapoint.com/app/main-es2015.15d543be45ef62097a32.js(Line 1) Message: Error getting data from localStorage TypeError: Cannot read property 'getItem' of null
console-api	error	URL: https://cdn.ekstrapoint.com/app/main-es2015.15d543be45ef62097a32.js(Line 1) Message: Error getting data from localStorage TypeError: Cannot read property 'getItem' of null
console-api	error	URL: https://cdn.ekstrapoint.com/app/main-es2015.15d543be45ef62097a32.js(Line 1) Message: Error getting data from localStorage TypeError: Cannot read property 'getItem' of null
console-api	error	URL: https://cdn.ekstrapoint.com/app/main-es2015.15d543be45ef62097a32.js(Line 1) Message: Error getting data from localStorage TypeError: Cannot read property 'getItem' of null
console-api	error	URL: https://cdn.ekstrapoint.com/app/main-es2015.15d543be45ef62097a32.js(Line 1) Message: Error getting data from localStorage TypeError: Cannot read property 'getItem' of null

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

accounts.google.com
alfik-fik.com
apis.google.com
assetscdn-wchat.freshchat.com
btpnav.com
cdn.ekstrapoint.com
cdn.ekstrapoint.net
cdn.onesignal.com
connect.facebook.net
dash.getsitecontrol.com
ekstrapoint.com
fc-use1-00-pics-bkt-00.s3.amazonaws.com
fonts.googleapis.com
fonts.gstatic.com
graph.facebook.com
l.getsitecontrol.com
lh3.googleusercontent.com
lt.theplayadvisor.com
platform-lookaside.fbsbx.com
res.cloudinary.com
rts-static-prod.freshworksapi.com
s2.getsitecontrol.com
ssl.gstatic.com
stats.g.doubleclick.net
theplayadvisor.com
wchat.freshchat.com
www.facebook.com
www.google-analytics.com
www.google.com
www.google.de
www.googletagmanager.com
wwwcapitaalone.com
13.32.168.116
143.204.209.116
185.59.220.194
209.15.13.136
23.82.12.29
2606:4700::6812:e134
2a00:1450:4001:80e::200d
2a00:1450:4001:80e::200e
2a00:1450:4001:810::2003
2a00:1450:4001:810::2004
2a00:1450:4001:811::2003
2a00:1450:4001:813::2003
2a00:1450:4001:828::2008
2a00:1450:4001:828::200e
2a00:1450:4001:829::2001
2a00:1450:4001:82a::200a
2a00:1450:4001:82b::200e
2a00:1450:400c:c0c::9b
2a03:2880:f02d:12:face:b00c:0:3
2a03:2880:f02d:e:face:b00c:0:2
2a03:2880:f12d:83:face:b00c:0:25de
2a04:4e42:1b::393
34.250.61.179
52.202.129.87
52.216.12.92
54.84.27.165
54.92.176.252
65.9.96.29
65.9.96.79
65.9.96.88
91.134.212.144
01f35ecfed1871c910bed05c644d93d9fc45854ca36e7988d3324db7300ea4de
02a00e3ef645e0351f654665d42b03388e6a73e0ab4f853c8904faecf322b229
02e3544a9bc30d538c1df9d02fb82f1306798ebb68470fcc67e2bbe4e9cbac77
052f8fe3e6315a9af625e2a25cfe66790267bcc0aaebe2bf00feb803ff21cd88
0616cfcdca3f23d98b29284c81d428350b1c5744882eb8b0a6c68ed05863579e
0c62c6951a4240f3772f2ce6df7b43b588d7aae72bef2f3ca57576c3bdc0b203
0d9dc12607ecb4f0f7d251415d2aded00faf432b1c676aa63bf2767324334022
0f3be44690ae9914ae3e47b7752e1bdea316f09938e9094f99e0de19ccd8987a
10d8d42d73a02ddb877101e72fbfa15a0ec820224d97cedee4cf92d571be5caa
12d3cc182be7d27479890b1f2c10dba077eba1cdb937a678ad43264a98ca131b
145a7504826d9c288942da8f19cea483d440cd1c92ead7c1f77d6d88998fe2cf
178e117ef8ba0658ce40ee0435f56fe004b007f1deb4a75440a516456c54f157
1821a3825d0ed02c11a94ae06c5bde3b996cfc9e7e6aab4c461f3ff32cccc10a
1bb3d6ffc6c6de20bb88b2d0d6908b1d6417f3163d95f8a96a2c753f773d5695
1c0b56f5469e286ec492a093b1fb8717daaf119cd09d7de997176d73dd9feb6c
1db13da87f8ca70aec2cff9a4da2de38a7945d1b0961628cd301a2331136ff30
23f48f55c6d5d14f32c9e0eb180550916664087593e5f7eb05c4aa7f64d3c177
240be83e2b11f478bc45a5bd92c15e770366a1c64bd403eb9e73932a129eee6d
25b65902e5a14bdd7c6c1fec894ad2d48deb4373a1555904bf1af53911803150
29c2221091bda7b82623054ba28bc28ed592752da15d7db1158f640f94bbb423
2d2ab2204c032e454972a6754b8b116627903444e8886a0f6252720a023c7900
2dce788731088cb0b94b62e6a552b5c6a055866568fbc6af827e52a229403646
2f0a9e652dc3df98b72a88e1ab87521142b7d08d87fc104d16d903ac0899fc2f
3243e28e652cd2b0a27f2ecd788cf42f42b0cc9996888ad5e688bb4ccf1c82a6
37caf5b1044303c723e59ed43ce421c011b6590f7aec57b26d91878e742e7d3c
37e510ca2145ae70ea6651af6208218e035328ea589ceaf7c0075419cde10e4c
38d3198d418b799dbf8ebb545dd5a1083fca53ebf6cb16998fc9d69d9709f363
3cbc02656511523cc34e07588e646109596fd8d9eeb9f8ce453039a575d96da1
3d9349412ecbf65d2f9eabab0681c78478f523c2a53304d7bba80dcce50dc211
40a0aae3b73d9c39c79c9512852ff0a2d241b0010450658d71ade37447a33ba0
42e192af69d4a435ef8a2ecef3237a9cc84d94fa31181d2afe0c2ff5eb933ab0
44263ae63122b11cd77124d313d9828042321b3e2c5512b776710e2d21af5698
479cfe30323366acc7d37e0e35c7a69198d952e7b998f87ec2b1ee5cf6dbf044
496f4ec180b45c31ce6fef39717ddf39efb84ce4253b3bebb43841521b8b654a
5072078837f02a35ace2a7e183f4cbaf04b876e345f3b32302e5ea1759e04274
544d87f178536371f5053ac2f88dbb57296eca73a2bc6a06920a7571e3a3eecf
57c06d6d9ee0cdce4645808f201e49ee1e5ac692ce485098dc017fe932ea0bc1
5cfbbd8263037bfdd36b61026a33611ed9b187b22ae5ca9615f9b593a44176d6
627389fb2e1e11271205231b207e6ecb5496e1f9bd05c2a5688cb36135cb5516
643e3de2904f810ec8ab495596aca42e0d72ccceb1e0b2f95b96bde6f83ab8c6
64ab34dae9b08035f9efcecde836424cd641238a3478dc29bd137428175555bd
65813852cb6a8411f7761b991baf9345271f90d1ba70f52b99f7509a5eb80c1e
6666b1bc7149695c78ecca2bea7d59d1b83694253bde589d4e4ae73507f35760
66af31214cf473cdc16a780d4bc165778b0a7a4d7acf00b4fdc09864d055ec01
67518aafc445adfc06f94def61aab57191f246eb45fe74b3d3c0e699f8796250
689e3c21fc06a7bb176f46e67a8b481798d93e0f20a24665df1701ffd0d50b50
68de86e9cd4e23918bc0b670265741e54b1c4b969b3cfbd37ceca62dc0ef1fc2
69115920f993c637eb5fbefea1c282f586e9aaf6031d8c0f75a2721683773d06
693918d4f9f30483456c0b202582237307b44959680b8df23da65e423b9b511f
6b6036436f13f9f4e95a736abb562c8dad23cb3198af0c6aded51abd91f3029c
6b7a66f47a339e18e3c9d1a38055124f26fca5ea383a8df0269cec3ae388574d
6bb3c199077848ea3a889081495cb6e0ffe54aa0d73600112fe62ced64136034
71846519346eccc4fcee1dbcde6d9b481d432b16e4f9d681f8a89c4db27b6aec
73b6cac3c7553587f0982738d9717171b3cb2d4764f61c609b083fd29a85d844
7a69aa02a10b30878fba9a0c15b10c6b82fcabf5c99f7036e81e59c50bdac814
7d4243c8e973ec0cfc707904891ae4e3efc03dbc8923acb9755f9a35c92269a6
7da52074b04629b92cdcefae01ad4ca52646caa829aa5e9bc2d7377d89e85264
7e4eebbb2512c8214176b060899d400d653dee8ed7e18d32de127786f686dc4f
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
84e01419bd81f32ac6df0f75f49c604fda9172000a3ae432b3c47b2a6a712d80
85186583038d99e2e0aa74878062da51b070299b1aa2a08238ae8e600c127e14
89ce694adf9dcc7909c3880648e4f2794dce56ad2a307ea942f6b8b7d721668b
8d3ca80fa271e94b0c36cf3053b0f806b7a42bb3395b424c99dc0bd218f0ac20
8daf09a6fc31937457dd77e9c25ce4b21349d605b561a8c5d557841bf964c9a0
9174ba77e75471a95b8b87626296fb6bdf8fcef578d50741ca935af31cc29336
920ce3d3f92496179595c522f5edf3958be7574238b0a1b5bba0948695e6c80d
96a3d1b1a5905f5ba5a0671e234e4e8f70be50e2fb1610848a0357604ca03daf
97f1e3085b0458898a9eaae364b01045424e418e7c002e521032abb710c5a8a1
986552903856b995425777caa1ce31fdb11fb3f6a28027e79013abb5173500a5
996858dbe66b99cf2c1b787cc441dae72a1d434e482d355bdb041496598e4c11
9e7ea2b4ba8e2bcc4a964d6192e4671dc5f6863a1c7e35b52b229a3c1e67a68d
a1943a600956d093b6bdbd157ffea2a0a738342a1a7a454a31364c3aa41325fa
a21a79c6e85a254c1e573e9d3d1ab57990e8382d8cea1a81868eeda265c45bc0
a24d68ae9a623f0c54cec8a758c12e4c708845d7a30e7c7ac6df33accc0b509a
a2ba38145172e2804b6d987f1251da6d0d47a703bacc1732bf3fc08cedc059a0
a78bb5217b9830c0798bf9a3f076a4cd4b6a920fa51d151e2ddf51fbfc41d49b
ab5898c442e5e66d60cb1bc2cf151cc182c49efa174cee860023c568de241668
ac48a8d71cf946f605c205f773495d376263f47a61fe4c8fccf69f3166b8275f
b04e46a651751c457802d459062be6e892dfce90305a4dbf7474e8f2cf7156cf
b0c67b9866873ee64361e795e43f10be2d05f304501beadb143f21dd58416980
b1c2038fb05386815a7dc6a6a989ef603a45f669baf0450e9e78b9c62f8bde0f
b7b5cb91888a40b8bfda27189bbf2f5daf5180782b77e3759698a4ed3e2bcbc4
b8bf8cf6aad10dbb83c0b38f7dc9bb3192db6d42b1ff9dcd90e54b2d5070d370
bb0bf2d733b2a149bef6b82de488a4c375abaccc3c9ab18e6b75fca98c509c42
c12080dd6c9bd2bca9f01d694df5e45973e77859c61c3bd59ca81a257db678bb
c367fe7a8de86275bcdbdd5112c770b661d2a13c0713ecf324c78af5d4f465de
c3c0d3f472358aac78455515c4800771426770c22698e2486d39fdb5505634e1
c90cff659645a312a28804965f3dbc34061338f7234ff5d6ddb2c57e9eadec15
cbea91d7b8ad45465449c722d68fb90623680c7e7bdfd5ee3f0cafba512fb75d
ccb5febf8ac335a1b768a7a2087fa4362cb3a0a9392e2e451df9d9825e88e5db
ce2bf0fa3e4ad5f1e72ddde6ec9fbf2eddcf3d8908bc1ffa429fc94632653556
d1bf819527278a19fd3622dddbc0416e5be1fbd9a6101f180ae4aa7fdf0ad8c4
d4ef937593d12334a2ade82ec2583b0bb2e0d6358aa9e325271aa734a00d27d6
d61eea2bd44d66606af081dfd3b6b5a2ec7d8a2feefdefa22588c5b15ec66ec6
d82e8ad03c958be0e840283b314fbd372ab169febe830a83074a6efde03f5916
da10b49edc32c2e9ae8638bd9b8b05c0ff7ecbc9574518dfc4bedb542b45c4bd
dbb97faf0bb1704716aebd2695f5941b7fd68a422c920f88fa291a4deb1e8f13
de3246094525b21a870fc7d2a67490d0132535c6fa5993755c549f1a9d1bd8af
df65ff2649149fd789294edac4cdcf77e306a90bb7353439c0363c68bfec659c
dfee1c29a16bcfa949dc09c64910ce2a6b1fe7d447e35a22229cc37ceaece433
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e3e98381f78e920e1be4788a3c8c7653856dca81896098500175dc6826ed1d12
eb2e3f703cf8ee0156a1d625e053c0968b0dfcff62ea4254ddd8ba9fece3ad32
ed872e9933093b3779565e20ea4099bcc2af34668b68e99605a1733919492f7f
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
f1d2be5463322a0c3e57edc11de621e9d8c5a5b2ac52a5aad6170d6494f4d7c9
f1ea07a1e51a389c8de07120ae5c2e432e9dd8f4fbd6f92489f185b0523a3fd4
f5bb30e2b983d5c294b17417b62ccdbd525106b90df5a7e633e91bc4e80a909d
f877a798b0af17fb62564cc4a3b2c8f1fb76398c7e3156eae984fafe175bf4c3
f900fe94333f6fd6bbc8c888d245baf461d274b39082c57f93efae48b3e40576
f977fdeec4040238d754b9bc7e1f39ec9b02f7beb56d4b1e2594c165b2a84614
f9ad5dbf44764c275ac6c76067b0a3a388cb1a8a20e4e5d2e71d942f032e0c5b
fb0461bcda1a76644dafbdcd95b9df0f1cb210fd6aa865ae0ddcfe270e2eabbc
fbc21b81561a7b82642b6b1a4894de23b6855551fe13c21ba5d28f8dcd18bb95
fd0a9070b5149900f37b9af2da99d6f7d7f8f34531be875b1a0892e445b241e9
fe08b463c12ffd065db969e130e5a9538a8082197dd5b284760482778955b633
fe5f0c4c9bf2d207ca70042810fb84710ff279f08a6fc72a31b2992d8cb56362
febdf68e94828554c220e7ae2699b26e211cce3be974a5673471cc2fa2fc6487

ekstrapoint.com Open in urlscan Pro 65.9.96.29 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page URL History Show full URLs

Detected technologies

Page Statistics

139 Requests

97 %HTTPS

55 %IPv6

23 Domains

32 Subdomains

29 IPs

6 Countries

2761 kBTransfer

9106 kBSize

9 Cookies

18 Outgoing links

Page URL History

Redirected requests

139 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 1 data transactions

Request headers

Response headers

Redirect headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

ekstrapoint.com Open in urlscan Pro
65.9.96.29 Public Scan

Screenshot
Live screenshot

Full Image

139
Requests

97 %
HTTPS

55 %
IPv6

23
Domains

32
Subdomains

29
IPs

6
Countries

2761 kB
Transfer

9106 kB
Size

9
Cookies

139 HTTP transactions
1 data transactions