ekstrapoint.com Open in urlscan Pro
13.226.159.10 Public Scan

Go To Rescan
Add Verdict Report

Submitted URL:
https://mx2.serviceclientorange.dyg.fr/
Effective URL:
https://ekstrapoint.com//?showSignup=true&trkid=3901100d-8fc2-4c66-a08a-aed083da5af7&aid=5D9&mid=PPC&cb=161565635027&cb=...
Submission: On March 13 via automatic, source certstream-suspicious (March 13th 2021, 5:26:09 pm UTC)

Summary HTTP 141 Redirects Links 18 Behaviour Indicators

Summary

This website contacted 30 IPs in 5 countries across 25 domains to perform 141 HTTP transactions. The main IP is 13.226.159.10, located in United States and belongs to AMAZON-02, US. The main domain is ekstrapoint.com.
TLS certificate: Issued by Amazon on September 20th 2020. Valid for: a year.

This is the only time ekstrapoint.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
2 4	91.195.241.137 91.195.241.137	47846 (SEDO-AS) (SEDO-AS)
1	205.234.175.175 205.234.175.175	23352 (SERVERCEN...) (SERVERCENTRAL)
1 1	173.239.53.32 173.239.53.32	27257 (WEBAIR-IN...) (WEBAIR-INTERNET)
2	167.233.8.197 167.233.8.197	24940 (HETZNER-AS) (HETZNER-AS)
1 1	54.84.27.165 54.84.27.165	14618 (AMAZON-AES) (AMAZON-AES)
1 2	91.134.212.144 91.134.212.144	16276 (OVH) (OVH)
1 1	34.250.61.179 34.250.61.179	16509 (AMAZON-02) (AMAZON-02)
2	13.226.159.10 13.226.159.10	16509 (AMAZON-02) (AMAZON-02)
47	13.226.159.105 13.226.159.105	16509 (AMAZON-02) (AMAZON-02)
2	2a00:1450:400... 2a00:1450:4001:828::2008	15169 (GOOGLE) (GOOGLE)
32	2a04:4e42:3::393 2a04:4e42:3::393	54113 (FASTLY) (FASTLY)
1	2a00:1450:400... 2a00:1450:4001:829::2001	15169 (GOOGLE) (GOOGLE)
2 2	2a03:2880:f02... 2a03:2880:f02d:e:face:b00c:0:2	32934 (FACEBOOK) (FACEBOOK)
6	2a03:2880:f02... 2a03:2880:f02d:12:face:b00c:0:3	32934 (FACEBOOK) (FACEBOOK)
1	13.226.159.23 13.226.159.23	16509 (AMAZON-02) (AMAZON-02)
2	2a00:1450:400... 2a00:1450:4001:80e::200e	15169 (GOOGLE) (GOOGLE)
2	62.113.194.12 62.113.194.12	47447 (TTM) (TTM)
1	2606:4700::68... 2606:4700::6812:e234	13335 (CLOUDFLAR...) (CLOUDFLARENET)
10	52.206.164.102 52.206.164.102	14618 (AMAZON-AES) (AMAZON-AES)
3	2a00:1450:400... 2a00:1450:4001:828::200e	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:400c:c09::9a	15169 (GOOGLE) (GOOGLE)
3	2a03:2880:f12... 2a03:2880:f12d:83:face:b00c:0:25de	32934 (FACEBOOK) (FACEBOOK)
2	2a00:1450:400... 2a00:1450:4001:80e::200d	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:810::2004	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:810::2003	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:809::2003	15169 (GOOGLE) (GOOGLE)
1	185.59.220.199 185.59.220.199	60068 (CDN77 (^_^)/) (CDN77 (^_^)/)
2	3.82.166.181 3.82.166.181	14618 (AMAZON-AES) (AMAZON-AES)
7	13.226.159.126 13.226.159.126	16509 (AMAZON-02) (AMAZON-02)
1	13.226.159.115 13.226.159.115	16509 (AMAZON-02) (AMAZON-02)
1	2a00:1450:400... 2a00:1450:4001:82a::200a	15169 (GOOGLE) (GOOGLE)
3	2a00:1450:400... 2a00:1450:4001:811::2003	15169 (GOOGLE) (GOOGLE)
1	52.216.238.211 52.216.238.211	16509 (AMAZON-02) (AMAZON-02)
141	30

4 91.195.241.137 (Germany) 2 redirects

ASN47846 (SEDO-AS, DE)

mx2.serviceclientorange.dyg.fr	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 205.234.175.175 (United States)

ASN23352 (SERVERCENTRAL, US)
PTR: vip1.G-anycast1.cachefly.net

img.sedoparking.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 173.239.53.32 (United States) 1 redirects

ASN27257 (WEBAIR-INTERNET, US)

xml.sedodna.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 167.233.8.197 (Hallbergmoos, Germany)

ASN24940 (HETZNER-AS, DE)
PTR: static.197.8.233.167.clients.your-server.de

track.vcdc.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 54.84.27.165 (Ashburn, United States) 1 redirects

ASN14618 (AMAZON-AES, US)
PTR: ec2-54-84-27-165.compute-1.amazonaws.com

alfik-fik.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 91.134.212.144 (Spain) 1 redirects

ASN16276 (OVH, FR)
PTR: ip144.ip-91-134-212.eu

lt.theplayadvisor.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 34.250.61.179 (Dublin, Ireland) 1 redirects

ASN16509 (AMAZON-02, US)
PTR: ec2-34-250-61-179.eu-west-1.compute.amazonaws.com

theplayadvisor.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 13.226.159.10 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-13-226-159-10.dus51.r.cloudfront.net

ekstrapoint.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

47 13.226.159.105 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-13-226-159-105.dus51.r.cloudfront.net

cdn.ekstrapoint.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:828::2008 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.googletagmanager.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

32 2a04:4e42:3::393 (United States)

ASN54113 (FASTLY, US)

res.cloudinary.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:829::2001 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

lh3.googleusercontent.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a03:2880:f02d:e:face:b00c:0:2 (United States) 2 redirects

ASN32934 (FACEBOOK, US)

graph.facebook.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 2a03:2880:f02d:12:face:b00c:0:3 (United States)

ASN32934 (FACEBOOK, US)

platform-lookaside.fbsbx.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
connect.facebook.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 13.226.159.23 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-13-226-159-23.dus51.r.cloudfront.net

cdn.ekstrapoint.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:80e::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

apis.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 62.113.194.12 (Berlin, Germany)

ASN47447 (TTM, DE)
PTR: edge-481.b-cdn.net

l.getsitecontrol.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700::6812:e234 (United States)

ASN13335 (CLOUDFLARENET, US)

cdn.onesignal.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

10 52.206.164.102 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-52-206-164-102.compute-1.amazonaws.com

wchat.freshchat.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a00:1450:4001:828::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google-analytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:400c:c09::9a (Brussels, Belgium)

ASN15169 (GOOGLE, US)

stats.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a03:2880:f12d:83:face:b00c:0:25de (United States)

ASN32934 (FACEBOOK, US)

www.facebook.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:80e::200d (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

accounts.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:810::2004 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:810::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google.de	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:809::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

ssl.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 185.59.220.199 (Frankfurt am Main, Germany)

ASN60068 (CDN77 (^_^)/, GB)
PTR: unn-185-59-220-199.datapacket.com

s2.getsitecontrol.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 3.82.166.181 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-3-82-166-181.compute-1.amazonaws.com

dash.getsitecontrol.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

7 13.226.159.126 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-13-226-159-126.dus51.r.cloudfront.net

assetscdn-wchat.freshchat.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 13.226.159.115 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-13-226-159-115.dus51.r.cloudfront.net

rts-static-prod.freshworksapi.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:82a::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a00:1450:4001:811::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 52.216.238.211 (Ashburn, United States)

ASN16509 (AMAZON-02, US)
PTR: s3-1-w.amazonaws.com

fc-use1-00-pics-bkt-00.s3.amazonaws.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
49	ekstrapoint.com ekstrapoint.com cdn.ekstrapoint.com	1 MB
32	cloudinary.com res.cloudinary.com	122 KB
17	freshchat.com wchat.freshchat.com assetscdn-wchat.freshchat.com	655 KB
5	getsitecontrol.com l.getsitecontrol.com s2.getsitecontrol.com dash.getsitecontrol.com	62 KB
5	google.com apis.google.com accounts.google.com www.google.com	57 KB
5	facebook.com 2 redirects graph.facebook.com www.facebook.com	1 KB
4	gstatic.com ssl.gstatic.com fonts.gstatic.com	106 KB
4	facebook.net connect.facebook.net	155 KB
4	dyg.fr 2 redirects mx2.serviceclientorange.dyg.fr	2 KB
3	google-analytics.com www.google-analytics.com	19 KB
3	theplayadvisor.com 2 redirects lt.theplayadvisor.com theplayadvisor.com	2 KB
2	fbsbx.com platform-lookaside.fbsbx.com	13 KB
2	googletagmanager.com www.googletagmanager.com	104 KB
2	vcdc.com track.vcdc.com	2 KB
1	amazonaws.com fc-use1-00-pics-bkt-00.s3.amazonaws.com	3 KB
1	googleapis.com fonts.googleapis.com	521 B
1	freshworksapi.com rts-static-prod.freshworksapi.com	56 KB
1	google.de www.google.de	107 B
1	doubleclick.net stats.g.doubleclick.net	89 B
1	onesignal.com cdn.onesignal.com	3 KB
1	ekstrapoint.net cdn.ekstrapoint.net	2 KB
1	googleusercontent.com lh3.googleusercontent.com	2 KB
1	alfik-fik.com 1 redirects alfik-fik.com	912 B
1	sedodna.com 1 redirects xml.sedodna.com	733 B
1	sedoparking.com img.sedoparking.com	4 KB
141	25

	Domain	Requested by
47	cdn.ekstrapoint.com	ekstrapoint.com cdn.ekstrapoint.com
32	res.cloudinary.com	ekstrapoint.com
10	wchat.freshchat.com	www.googletagmanager.com wchat.freshchat.com assetscdn-wchat.freshchat.com
7	assetscdn-wchat.freshchat.com	wchat.freshchat.com assetscdn-wchat.freshchat.com
4	connect.facebook.net	cdn.ekstrapoint.com connect.facebook.net mx2.serviceclientorange.dyg.fr
4	mx2.serviceclientorange.dyg.fr	2 redirects mx2.serviceclientorange.dyg.fr
3	fonts.gstatic.com	fonts.googleapis.com
3	www.facebook.com	ekstrapoint.com
3	www.google-analytics.com	www.googletagmanager.com cdn.ekstrapoint.com
2	dash.getsitecontrol.com	cdn.ekstrapoint.com s2.getsitecontrol.com
2	accounts.google.com	apis.google.com ssl.gstatic.com
2	l.getsitecontrol.com	www.googletagmanager.com cdn.ekstrapoint.com
2	apis.google.com	cdn.ekstrapoint.com apis.google.com
2	platform-lookaside.fbsbx.com	ekstrapoint.com
2	graph.facebook.com	2 redirects
2	www.googletagmanager.com	ekstrapoint.com mx2.serviceclientorange.dyg.fr
2	ekstrapoint.com	lt.theplayadvisor.com cdn.ekstrapoint.com
2	lt.theplayadvisor.com	1 redirects track.vcdc.com
2	track.vcdc.com	mx2.serviceclientorange.dyg.fr track.vcdc.com
1	fc-use1-00-pics-bkt-00.s3.amazonaws.com
1	fonts.googleapis.com	ekstrapoint.com
1	rts-static-prod.freshworksapi.com	assetscdn-wchat.freshchat.com
1	s2.getsitecontrol.com	l.getsitecontrol.com
1	ssl.gstatic.com	accounts.google.com
1	www.google.de	ekstrapoint.com
1	www.google.com	ekstrapoint.com
1	stats.g.doubleclick.net	cdn.ekstrapoint.com
1	cdn.onesignal.com	www.googletagmanager.com
1	cdn.ekstrapoint.net	ekstrapoint.com
1	lh3.googleusercontent.com	ekstrapoint.com
1	theplayadvisor.com	1 redirects
1	alfik-fik.com	1 redirects
1	xml.sedodna.com	1 redirects
1	img.sedoparking.com	mx2.serviceclientorange.dyg.fr
141	34

This site contains links to these domains. Also see Links.

Domain
shop.ekstrapoint.com
www.facebook.com
www.twitch.tv
www.youtube.com
www.begambleaware.org
www.mga.org.mt
certify.gpwa.org
www.egrnordicsawards.com

Subject Issuer	Validity	Valid
mx2.serviceclientorange.dyg.fr Encryption Everywhere DV TLS CA - G1	`2021-03-13` - `2022-03-13`	a year	crt.sh
*.cachefly.net GlobalSign RSA OV SSL CA 2018	`2020-10-09` - `2021-10-29`	a year	crt.sh
track.vcdc.com GlobeSSL DV CA	`2020-10-28` - `2021-10-28`	a year	crt.sh
angry-hound.landingtrack.com R3	`2021-02-22` - `2021-05-23`	3 months	crt.sh
ekstrapoint.com Amazon	`2020-09-20` - `2021-10-22`	a year	crt.sh
cdn.ekstrapoint.com Amazon	`2020-06-12` - `2021-07-12`	a year	crt.sh
*.google-analytics.com GTS CA 1O1	`2021-02-23` - `2021-05-18`	3 months	crt.sh
*.cloudinary.com Go Daddy Secure Certificate Authority - G2	`2020-05-27` - `2022-06-22`	2 years	crt.sh
*.googleusercontent.com GTS CA 1O1	`2021-02-23` - `2021-05-18`	3 months	crt.sh
*.facebook.com DigiCert SHA2 High Assurance Server CA	`2021-02-10` - `2021-05-10`	3 months	crt.sh
ekstrapoint.net Amazon	`2020-07-12` - `2021-08-12`	a year	crt.sh
*.apis.google.com GTS CA 1O1	`2021-02-23` - `2021-05-18`	3 months	crt.sh
*.getsitecontrol.com Go Daddy Secure Certificate Authority - G2	`2020-03-05` - `2022-05-04`	2 years	crt.sh
sni.cloudflaressl.com Cloudflare Inc ECC CA-3	`2020-08-04` - `2021-08-04`	a year	crt.sh
wchat.freshchat.com Amazon	`2020-06-25` - `2021-07-25`	a year	crt.sh
*.google.com GTS CA 1O1	`2021-02-23` - `2021-05-18`	3 months	crt.sh
*.g.doubleclick.net GTS CA 1O1	`2021-02-23` - `2021-05-18`	3 months	crt.sh
accounts.google.com GTS CA 1O1	`2021-02-23` - `2021-05-18`	3 months	crt.sh
www.google.com GTS CA 1O1	`2021-02-23` - `2021-05-18`	3 months	crt.sh
www.google.de GTS CA 1O1	`2021-02-23` - `2021-05-18`	3 months	crt.sh
*.gstatic.com GTS CA 1O1	`2021-02-23` - `2021-05-18`	3 months	crt.sh
freshchat.com Amazon	`2020-07-10` - `2021-08-10`	a year	crt.sh
freshworksapi.com Amazon	`2021-01-19` - `2022-02-16`	a year	crt.sh
upload.video.google.com GTS CA 1O1	`2021-02-23` - `2021-05-18`	3 months	crt.sh
*.s3.amazonaws.com DigiCert Baltimore CA-2 G2	`2021-01-11` - `2022-02-11`	a year	crt.sh

This page contains 3 frames:

Primary Page: https://ekstrapoint.com//?showSignup=true&trkid=3901100d-8fc2-4c66-a08a-aed083da5af7&aid=5D9&mid=PPC&cb=161565635027&cb=1615656350284
Frame ID: 70B8603698987413B5235A38CE47BBE9
Requests: 123 HTTP requests in this frame

Frame: https://accounts.google.com/o/oauth2/iframe
Frame ID: B211DACC4EA29917CBF7ECC3F9588F48
Requests: 3 HTTP requests in this frame

Frame: https://wchat.freshchat.com/widget/?token=f66f1fd5-3779-444d-9b9f-06c2dbc68e71&referrer=aHR0cHM6Ly9la3N0cmFwb2ludC5jb20=
Frame ID: B21D99A4982EB57ED00190D324A7341B
Requests: 16 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page URL History Show full URLs

https://mx2.serviceclientorange.dyg.fr/ Page URL
https://mx2.serviceclientorange.dyg.fr/search/redirect.php?f=https%3A%2F%2Fxml.sedodna.com%2Fclick%3Fi%3DAKT3lY2Wp2... HTTP 302
https://mx2.serviceclientorange.dyg.fr/search/tcerider.php?f=https%3A%2F%2Fxml.sedodna.com%2Fclick%3Fi%3DAKT3lY2Wp2... HTTP 302
https://xml.sedodna.com/click?i=AKT3lY2Wp2M_0 HTTP 302
https://track.vcdc.com/proceed.php?domain=dyg.fr&hash=d6f99c3228f16c06b95c5a127d32dca9&u=eyJkb21haW... Page URL
https://track.vcdc.com/beam.php?tcid=&target=aHR0cDovL2FsZmlrLWZpay5jb20vemN2aXNpdG9yLzI3MDQ0MmY0LT... Page URL
http://alfik-fik.com/zcvisitor/270442f4-8421-11eb-adaa-0a322b7cde69/6019173b-675e-4852-98f4-d4f47... HTTP 302
https://lt.theplayadvisor.com/l.php?p=c:0fspqbsl&d=60350da6ce6ab006de42aa31&s=alpha-lea-qmIXgX84&b=0&bid=0... Page URL
https://lt.theplayadvisor.com/l.php?p=c:0fspqbsl&d=60350da6ce6ab006de42aa31&s=alpha-lea-qmIXgX84&b=0&bid=0... HTTP 302
https://theplayadvisor.com/trk/click?aid=5D9&cid=8483&s1=EP&s2=zeropark&s3=NL&mid=14&extclid=604cf59ec1... HTTP 302
https://ekstrapoint.com//?showSignup=true&trkid=3901100d-8fc2-4c66-a08a-aed083da5af7&aid=5D9&mid=PPC... Page URL

Detected technologies

Nginx (Web Servers) Expand

Overall confidence: 100%
Detected patterns

headers server /nginx(?:\/([\d.]+))?/i

Facebook (Widgets) Expand

Overall confidence: 100%
Detected patterns

script /\/\/connect\.facebook\.net\/[^/]*\/[a-z]*\.js/i

Google Analytics (Analytics) Expand

Overall confidence: 100%
Detected patterns

script /google-analytics\.com\/(?:ga|urchin|analytics)\.js/i

Page Statistics

141
Requests

99 %
HTTPS

48 %
IPv6

25
Domains

34
Subdomains

30
IPs

5
Countries

2741 kB
Transfer

9081 kB
Size

9
Cookies

18 Outgoing links

These are links going to different origins than the main page.

URL: https://shop.ekstrapoint.com/
Title: Shop

Search URL Search Domain Scan URL

URL: https://shop.ekstrapoint.com/product/5e-bonus-package-to-winners-magic/
Title: 30.000 5€ Bonus package for Winners Magic

Search URL Search Domain Scan URL

URL: https://shop.ekstrapoint.com/product/5e-bonus-package-for-lucky-thrillz/
Title: 32.000 5€ Bonus package for Lucky Thrillz

Search URL Search Domain Scan URL

URL: https://shop.ekstrapoint.com/product/small-bonus-package-jackiejackpot/
Title: 35.000 5€ Bonus Package for JackieJackpot

Search URL Search Domain Scan URL

URL: https://shop.ekstrapoint.com/product/5e-bonus-package-for-unikrn/
Title: 45.000 5€ Bonus package for Unikrn

Search URL Search Domain Scan URL

URL: https://shop.ekstrapoint.com/product/10e-bonus-package-for-winners-magic/
Title: 49.000 10€ Bonus package for Winners Magic

Search URL Search Domain Scan URL

URL: https://shop.ekstrapoint.com/product/10e-bonus-package-for-lucky-thrillz/
Title: 55.000 10€ Bonus package for Lucky Thrillz

Search URL Search Domain Scan URL

URL: https://shop.ekstrapoint.com/product/medium-bonus-package-jackiejackpot/
Title: 59.000 10€ Bonus Package for JackieJackpot

Search URL Search Domain Scan URL

URL: https://shop.ekstrapoint.com/product/anti-stress-scores-of-pains-octopus-head/
Title: 75.000 Anti Stress Head Massager

Search URL Search Domain Scan URL

URL: https://shop.ekstrapoint.com/product/adhesive-laptop-back-storage-bag/
Title: 91.000 Adhesive Laptop Back Storage Bag

Search URL Search Domain Scan URL

URL: https://shop.ekstrapoint.com/product/car-ice-remove-tool/
Title: 91.000 Car Ice Remove Tool

Search URL Search Domain Scan URL

URL: https://www.facebook.com/ekstrapointcom/

Search URL Search Domain Scan URL

URL: https://www.twitch.tv/casinopoint

Search URL Search Domain Scan URL

URL: https://www.youtube.com/channel/UC9JYKCAKTpLu0d4iWPb2sFw

Search URL Search Domain Scan URL

URL: https://www.begambleaware.org/

Search URL Search Domain Scan URL

URL: https://www.mga.org.mt/

Search URL Search Domain Scan URL

URL: https://certify.gpwa.org/verify/ekstrapoint.com/

Search URL Search Domain Scan URL

URL: https://www.egrnordicsawards.com/page/1697425/2021-shortlist-

Search URL Search Domain Scan URL

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

https://mx2.serviceclientorange.dyg.fr/ Page URL
https://mx2.serviceclientorange.dyg.fr/search/redirect.php?f=https%3A%2F%2Fxml.sedodna.com%2Fclick%3Fi%3DAKT3lY2Wp2M_0&v=YTFiYTU1NDE3MGQ2MjI5MmU5OGY5YTNlYjg1ZGRkYjYJMQlteDIuc2VydmljZWNsaWVudG9yYW5nZS5keWcuZnI2MDRjZjU5YzdhMzQ3OS4zMDQ2MzU3OQlteDIuc2VydmljZWNsaWVudG9yYW5nZS5keWcuZnI2MDRjZjU5YzdhMzc4MS4yMjgxNTU1MgkxNjE1NjU2MzQ5CWFkXzYzXzA=&l=OAkwYjk1N2JjYTViMjgxNDJjMjU3YTJjYzgwYmRlYjllZAkwCTEzCTAJYzljMDEyOWE5YzljMjlhZWMzZWFhZWFkYzJiOTk2YzEJMjMzNDEzODIyCWR5ZwkwCTYzCTAJMAkxNjE1NjU2MzQ5CTAuMDAxOTM4CU4JMAkxCTAJMTI2OQkyNjAzNzA2NAkyMTMuMjMyLjg3LjE3OQkx HTTP 302
https://mx2.serviceclientorange.dyg.fr/search/tcerider.php?f=https%3A%2F%2Fxml.sedodna.com%2Fclick%3Fi%3DAKT3lY2Wp2M_0&v=YTFiYTU1NDE3MGQ2MjI5MmU5OGY5YTNlYjg1ZGRkYjYJMQlteDIuc2VydmljZWNsaWVudG9yYW5nZS5keWcuZnI2MDRjZjU5YzdhMzQ3OS4zMDQ2MzU3OQlteDIuc2VydmljZWNsaWVudG9yYW5nZS5keWcuZnI2MDRjZjU5YzdhMzc4MS4yMjgxNTU1MgkxNjE1NjU2MzQ5CWFkXzYzXzA=&l=OAkwYjk1N2JjYTViMjgxNDJjMjU3YTJjYzgwYmRlYjllZAkwCTEzCTAJYzljMDEyOWE5YzljMjlhZWMzZWFhZWFkYzJiOTk2YzEJMjMzNDEzODIyCWR5ZwkwCTYzCTAJMAkxNjE1NjU2MzQ5CTAuMDAxOTM4CU4JMAkxCTAJMTI2OQkyNjAzNzA2NAkyMTMuMjMyLjg3LjE3OQkx HTTP 302
https://xml.sedodna.com/click?i=AKT3lY2Wp2M_0 HTTP 302
https://track.vcdc.com/proceed.php?domain=dyg.fr&hash=d6f99c3228f16c06b95c5a127d32dca9&u=eyJkb21haW4iOiJkeWcuZnIiLCJkb21haW5faWQiOiIxNDQ1OTAxOCIsImZvbGRlcl9pZCI6bnVsbCwibWlkIjoiMTY0IiwiZmlsdGVyX2lkIjpudWxsLCJhZHZlcnRpc2VyX2lkIjoiOCIsInRhcmdldCI6Imh0dHA6XC9cL2FsZmlrLWZpay5jb21cL3pjdmlzaXRvclwvMjcwNDQyZjQtODQyMS0xMWViLWFkYWEtMGEzMjJiN2NkZTY5XC82MDE5MTczYi02NzVlLTQ4NTItOThmNC1kNGY0N2VkYmI5NzI/Y2FtcGFpZ25pZD1mZWY1NmFjMC03NWUxLTExZWItOWFiNC0xMjY0NTZiZmMzZGYiLCJpcF9hZGRyZXNzIjoiMjEzLjIzMi44Ny4xNzkiLCJ0eXBlIjoiamF2YV9yZWRpcmVjdCIsImJpZCI6IjAuMDA0MjAifQ== Page URL
https://track.vcdc.com/beam.php?tcid=&target=aHR0cDovL2FsZmlrLWZpay5jb20vemN2aXNpdG9yLzI3MDQ0MmY0LTg0MjEtMTFlYi1hZGFhLTBhMzIyYjdjZGU2OS82MDE5MTczYi02NzVlLTQ4NTItOThmNC1kNGY0N2VkYmI5NzI/Y2FtcGFpZ25pZD1mZWY1NmFjMC03NWUxLTExZWItOWFiNC0xMjY0NTZiZmMzZGY=&hash=f7465531478262ded8758c266eb94824&m=MTY0 Page URL
http://alfik-fik.com/zcvisitor/270442f4-8421-11eb-adaa-0a322b7cde69/6019173b-675e-4852-98f4-d4f47edbb972?campaignid=fef56ac0-75e1-11eb-9ab4-126456bfc3df HTTP 302
https://lt.theplayadvisor.com/l.php?p=c:0fspqbsl&d=60350da6ce6ab006de42aa31&s=alpha-lea-qmIXgX84&b=0&bid=0.006000&pid=zr270442f4842111ebadaa0a322b7cde6960ecab1ff6044678aa5973067f15c826054329d0678ede7cf7&cmp=fef56ac0-75e1-11eb-9ab4-126456bfc3df&keyword=dyg%2Cdyg%2Cdyg.fr&d1=NL Page URL
https://lt.theplayadvisor.com/l.php?p=c:0fspqbsl&d=60350da6ce6ab006de42aa31&s=alpha-lea-qmIXgX84&b=0&bid=0.006000&pid=zr270442f4842111ebadaa0a322b7cde6960ecab1ff6044678aa5973067f15c826054329d0678ede7cf7&cmp=fef56ac0-75e1-11eb-9ab4-126456bfc3df&keyword=dyg%2Cdyg%2Cdyg.fr&d1=NL&bv=1 HTTP 302
https://theplayadvisor.com/trk/click?aid=5D9&cid=8483&s1=EP&s2=zeropark&s3=NL&mid=14&extclid=604cf59ec1d60a398f23e822&pubid=alpha-lea-qmIXgX84 HTTP 302
https://ekstrapoint.com//?showSignup=true&trkid=3901100d-8fc2-4c66-a08a-aed083da5af7&aid=5D9&mid=PPC&cb=161565635027&cb=1615656350284 Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 3

https://mx2.serviceclientorange.dyg.fr/search/redirect.php?f=https%3A%2F%2Fxml.sedodna.com%2Fclick%3Fi%3DAKT3lY2Wp2M_0&v=YTFiYTU1NDE3MGQ2MjI5MmU5OGY5YTNlYjg1ZGRkYjYJMQlteDIuc2VydmljZWNsaWVudG9yYW5nZS5keWcuZnI2MDRjZjU5YzdhMzQ3OS4zMDQ2MzU3OQlteDIuc2VydmljZWNsaWVudG9yYW5nZS5keWcuZnI2MDRjZjU5YzdhMzc4MS4yMjgxNTU1MgkxNjE1NjU2MzQ5CWFkXzYzXzA=&l=OAkwYjk1N2JjYTViMjgxNDJjMjU3YTJjYzgwYmRlYjllZAkwCTEzCTAJYzljMDEyOWE5YzljMjlhZWMzZWFhZWFkYzJiOTk2YzEJMjMzNDEzODIyCWR5ZwkwCTYzCTAJMAkxNjE1NjU2MzQ5CTAuMDAxOTM4CU4JMAkxCTAJMTI2OQkyNjAzNzA2NAkyMTMuMjMyLjg3LjE3OQkx HTTP 302
https://mx2.serviceclientorange.dyg.fr/search/tcerider.php?f=https%3A%2F%2Fxml.sedodna.com%2Fclick%3Fi%3DAKT3lY2Wp2M_0&v=YTFiYTU1NDE3MGQ2MjI5MmU5OGY5YTNlYjg1ZGRkYjYJMQlteDIuc2VydmljZWNsaWVudG9yYW5nZS5keWcuZnI2MDRjZjU5YzdhMzQ3OS4zMDQ2MzU3OQlteDIuc2VydmljZWNsaWVudG9yYW5nZS5keWcuZnI2MDRjZjU5YzdhMzc4MS4yMjgxNTU1MgkxNjE1NjU2MzQ5CWFkXzYzXzA=&l=OAkwYjk1N2JjYTViMjgxNDJjMjU3YTJjYzgwYmRlYjllZAkwCTEzCTAJYzljMDEyOWE5YzljMjlhZWMzZWFhZWFkYzJiOTk2YzEJMjMzNDEzODIyCWR5ZwkwCTYzCTAJMAkxNjE1NjU2MzQ5CTAuMDAxOTM4CU4JMAkxCTAJMTI2OQkyNjAzNzA2NAkyMTMuMjMyLjg3LjE3OQkx HTTP 302
https://xml.sedodna.com/click?i=AKT3lY2Wp2M_0 HTTP 302
https://track.vcdc.com/proceed.php?domain=dyg.fr&hash=d6f99c3228f16c06b95c5a127d32dca9&u=eyJkb21haW4iOiJkeWcuZnIiLCJkb21haW5faWQiOiIxNDQ1OTAxOCIsImZvbGRlcl9pZCI6bnVsbCwibWlkIjoiMTY0IiwiZmlsdGVyX2lkIjpudWxsLCJhZHZlcnRpc2VyX2lkIjoiOCIsInRhcmdldCI6Imh0dHA6XC9cL2FsZmlrLWZpay5jb21cL3pjdmlzaXRvclwvMjcwNDQyZjQtODQyMS0xMWViLWFkYWEtMGEzMjJiN2NkZTY5XC82MDE5MTczYi02NzVlLTQ4NTItOThmNC1kNGY0N2VkYmI5NzI/Y2FtcGFpZ25pZD1mZWY1NmFjMC03NWUxLTExZWItOWFiNC0xMjY0NTZiZmMzZGYiLCJpcF9hZGRyZXNzIjoiMjEzLjIzMi44Ny4xNzkiLCJ0eXBlIjoiamF2YV9yZWRpcmVjdCIsImJpZCI6IjAuMDA0MjAifQ==

Request Chain 5

http://alfik-fik.com/zcvisitor/270442f4-8421-11eb-adaa-0a322b7cde69/6019173b-675e-4852-98f4-d4f47edbb972?campaignid=fef56ac0-75e1-11eb-9ab4-126456bfc3df HTTP 302
https://lt.theplayadvisor.com/l.php?p=c:0fspqbsl&d=60350da6ce6ab006de42aa31&s=alpha-lea-qmIXgX84&b=0&bid=0.006000&pid=zr270442f4842111ebadaa0a322b7cde6960ecab1ff6044678aa5973067f15c826054329d0678ede7cf7&cmp=fef56ac0-75e1-11eb-9ab4-126456bfc3df&keyword=dyg%2Cdyg%2Cdyg.fr&d1=NL

Request Chain 16

https://graph.facebook.com/v3.2/3392564580822477/picture?type=large HTTP 302
https://platform-lookaside.fbsbx.com/platform/profilepic/?asid=3392564580822477&height=200&width=200&ext=1618248351&hash=AeS5gN-Zf8EssGpkHHM

Request Chain 37

https://graph.facebook.com/v3.2/3392564580822477/picture?type=large HTTP 302
https://platform-lookaside.fbsbx.com/platform/profilepic/?asid=3392564580822477&height=200&width=200&ext=1618248351&hash=AeS5gN-Zf8EssGpkoVM

141 HTTP transactions
1 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H2 200 / Show response
mx2.serviceclientorange.dyg.fr/ 2 KB
2 KB 781ms
699ms Document
text/html 91.195.241.137
SEDO-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://mx2.serviceclientorange.dyg.fr/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 91.195.241.137 , Germany, ASN47846 (SEDO-AS, DE),
Reverse DNS
Software: NginX /
Resource Hash: 6a6fca7cbb0a5f7b2951d04d27853fb791f4d663d8e4a4d0b68562f137a5dccc

Request headers

:method: GET
:authority: mx2.serviceclientorange.dyg.fr
:scheme: https
:path: /
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: none
sec-fetch-mode: navigate
sec-fetch-user: ?1
sec-fetch-dest: document
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

cache-control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0
content-encoding: gzip
content-type: text/html; charset=UTF-8
date: Sat, 13 Mar 2021 17:25:49 GMT
expires: Mon, 26 Jul 1997 05:00:00 GMT
last-modified: Sat, 13 Mar 2021 17:25:48 GMT
pragma: no-cache
server: NginX
vary: Accept-Encoding
x-adblock-key: MFwwDQYJKoZIhvcNAQEBBQADSwAwSAJBANnylWw2vLY4hUn9w06zQKbhKBfvjFUCsdFlb6TdQhxb9RXWXuI4t31c+o8fYOv/s8q1LGPga3DE1L/tHU4LENMCAwEAAQ==_Hl1qsLzIZwTlnMo8GOWzP+LOzBahpEuDmHJeb5mym+wj427434OxYnsZZEqtB+L0Ne25SYWEndNmkbU9IEyXzw==
x-cache-miss-from: parking-67bb9bf49c-q9gzx
content-length: 1185

GET
H2 200 js_preloader.gif
img.sedoparking.com/images/ 4 KB
4 KB 55ms
18ms Image
image/gif 205.234.175.175
SERVERCENTRAL

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://img.sedoparking.com/images/js_preloader.gif
Requested by: Host: mx2.serviceclientorange.dyg.fr
URL: https://mx2.serviceclientorange.dyg.fr/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 205.234.175.175 , United States, ASN23352 (SERVERCENTRAL, US),
Reverse DNS: vip1.G-anycast1.cachefly.net
Software: CFS 0215 /
Resource Hash

Request headers

Referer: https://mx2.serviceclientorange.dyg.fr/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sat, 13 Mar 2021 17:25:49 GMT
x-cf3: H
cf4ttl: 31536000.000
x-cfhash: "90c93102a88c2ab94bff1575b7a6e86e"
x-cf1: 11696:fB.ams1:cf:cacheN.ams1-01:H
content-length: 4254
x-cf-tsc: 1610937628
x-cf2: H
last-modified: Fri, 15 Mar 2019 12:24:07 GMT
server: CFS 0215
x-cff: B
content-type: image/gif
access-control-allow-origin: *
cache-control: max-age=604800
cf4age: 3876557
accept-ranges: bytes
x-cf-rand: 35.632
expires: Sat, 20 Mar 2021 17:25:49 GMT

GET
H2 200 tsc.php
mx2.serviceclientorange.dyg.fr/search/ 0
37 B 38ms
37ms XHR
text/html 91.195.241.137
SEDO-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://mx2.serviceclientorange.dyg.fr/search/tsc.php?200=MjMzNDEzODIy&21=MjEzLjIzMi44Ny4xNzk=&681=MTYxNTY1NjM0OWRmYzMzYmYwYzQ2YzViNzQ3NmJiYzVmNDI5M2M1MTFj&crc=b1172d25f80c36cea70698b19b3f89c6b6ae74bc&cv=1
Requested by: Host: mx2.serviceclientorange.dyg.fr
URL: https://mx2.serviceclientorange.dyg.fr/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 91.195.241.137 , Germany, ASN47846 (SEDO-AS, DE),
Reverse DNS
Software: NginX /
Resource Hash

Request headers

Referer: https://mx2.serviceclientorange.dyg.fr/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sat, 13 Mar 2021 17:25:49 GMT
x-cache-miss-from: parking-67bb9bf49c-4zldv
server: NginX
content-length: 0
content-type: text/html; charset=UTF-8

GET
H2

200

proceed.php
track.vcdc.com/
Redirect Chain

https://mx2.serviceclientorange.dyg.fr/search/redirect.php?f=https%3A%2F%2Fxml.sedodna.com%2Fclick%3Fi%3DAKT3lY2Wp2M_0&v=YTFiYTU1NDE3MGQ2MjI5MmU5OGY5YTNlYjg1ZGRkYjYJMQlteDIuc2VydmljZWNsaWVudG9y...
https://mx2.serviceclientorange.dyg.fr/search/tcerider.php?f=https%3A%2F%2Fxml.sedodna.com%2Fclick%3Fi%3DAKT3lY2Wp2M_0&v=YTFiYTU1NDE3MGQ2MjI5MmU5OGY5YTNlYjg1ZGRkYjYJMQlteDIuc2VydmljZWNsaWVudG9y...
https://xml.sedodna.com/click?i=AKT3lY2Wp2M_0
https://track.vcdc.com/proceed.php?domain=dyg.fr&hash=d6f99c3228f16c06b95c5a127d32dca9&u=eyJkb21haW4iOiJkeWcuZnIiLCJkb21haW5faWQiOiIxNDQ1OTAxOCIsImZvbGRlcl9pZCI6bnVsbCwibWlkIjoiMTY0IiwiZmlsdGVyX2lk...

659 B
852 B

105ms
45ms

Document
text/html

167.233.8.197
HETZNER-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://track.vcdc.com/proceed.php?domain=dyg.fr&hash=d6f99c3228f16c06b95c5a127d32dca9&u=eyJkb21haW4iOiJkeWcuZnIiLCJkb21haW5faWQiOiIxNDQ1OTAxOCIsImZvbGRlcl9pZCI6bnVsbCwibWlkIjoiMTY0IiwiZmlsdGVyX2lkIjpudWxsLCJhZHZlcnRpc2VyX2lkIjoiOCIsInRhcmdldCI6Imh0dHA6XC9cL2FsZmlrLWZpay5jb21cL3pjdmlzaXRvclwvMjcwNDQyZjQtODQyMS0xMWViLWFkYWEtMGEzMjJiN2NkZTY5XC82MDE5MTczYi02NzVlLTQ4NTItOThmNC1kNGY0N2VkYmI5NzI/Y2FtcGFpZ25pZD1mZWY1NmFjMC03NWUxLTExZWItOWFiNC0xMjY0NTZiZmMzZGYiLCJpcF9hZGRyZXNzIjoiMjEzLjIzMi44Ny4xNzkiLCJ0eXBlIjoiamF2YV9yZWRpcmVjdCIsImJpZCI6IjAuMDA0MjAifQ==

Requested by

Host: mx2.serviceclientorange.dyg.fr
URL: https://mx2.serviceclientorange.dyg.fr/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

167.233.8.197 Hallbergmoos, Germany, ASN24940 (HETZNER-AS, DE),

Reverse DNS

static.197.8.233.167.clients.your-server.de

Software

nginx /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

:method: GET
:authority: track.vcdc.com
:scheme: https
:path: /proceed.php?domain=dyg.fr&hash=d6f99c3228f16c06b95c5a127d32dca9&u=eyJkb21haW4iOiJkeWcuZnIiLCJkb21haW5faWQiOiIxNDQ1OTAxOCIsImZvbGRlcl9pZCI6bnVsbCwibWlkIjoiMTY0IiwiZmlsdGVyX2lkIjpudWxsLCJhZHZlcnRpc2VyX2lkIjoiOCIsInRhcmdldCI6Imh0dHA6XC9cL2FsZmlrLWZpay5jb21cL3pjdmlzaXRvclwvMjcwNDQyZjQtODQyMS0xMWViLWFkYWEtMGEzMjJiN2NkZTY5XC82MDE5MTczYi02NzVlLTQ4NTItOThmNC1kNGY0N2VkYmI5NzI/Y2FtcGFpZ25pZD1mZWY1NmFjMC03NWUxLTExZWItOWFiNC0xMjY0NTZiZmMzZGYiLCJpcF9hZGRyZXNzIjoiMjEzLjIzMi44Ny4xNzkiLCJ0eXBlIjoiamF2YV9yZWRpcmVjdCIsImJpZCI6IjAuMDA0MjAifQ==
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: document
referer: https://mx2.serviceclientorange.dyg.fr/
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://mx2.serviceclientorange.dyg.fr/

Response headers

server: nginx
date: Sat, 13 Mar 2021 17:25:49 GMT
content-type: text/html; charset=utf8
content-length: 659
cache-control: no-cache, must-revalidate
content-encoding: none
x-content-type-options: nosniff
x-xss-protection: 1; mode=block

Redirect headers

Server: nginx
Date: Sat, 13 Mar 2021 17:25:49 GMT
Content-Length: 0
Connection: keep-alive
Cache-Control: no-store
Age: 0
Location: https://track.vcdc.com/proceed.php?domain=dyg.fr&hash=d6f99c3228f16c06b95c5a127d32dca9&u=eyJkb21haW4iOiJkeWcuZnIiLCJkb21haW5faWQiOiIxNDQ1OTAxOCIsImZvbGRlcl9pZCI6bnVsbCwibWlkIjoiMTY0IiwiZmlsdGVyX2lkIjpudWxsLCJhZHZlcnRpc2VyX2lkIjoiOCIsInRhcmdldCI6Imh0dHA6XC9cL2FsZmlrLWZpay5jb21cL3pjdmlzaXRvclwvMjcwNDQyZjQtODQyMS0xMWViLWFkYWEtMGEzMjJiN2NkZTY5XC82MDE5MTczYi02NzVlLTQ4NTItOThmNC1kNGY0N2VkYmI5NzI/Y2FtcGFpZ25pZD1mZWY1NmFjMC03NWUxLTExZWItOWFiNC0xMjY0NTZiZmMzZGYiLCJpcF9hZGRyZXNzIjoiMjEzLjIzMi44Ny4xNzkiLCJ0eXBlIjoiamF2YV9yZWRpcmVjdCIsImJpZCI6IjAuMDA0MjAifQ==
Pragma: no-cache

GET
H2 200 beam.php Show response
track.vcdc.com/ 991 B
1 KB 37ms
37ms Document
text/html 167.233.8.197
HETZNER-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://track.vcdc.com/beam.php?tcid=&target=aHR0cDovL2FsZmlrLWZpay5jb20vemN2aXNpdG9yLzI3MDQ0MmY0LTg0MjEtMTFlYi1hZGFhLTBhMzIyYjdjZGU2OS82MDE5MTczYi02NzVlLTQ4NTItOThmNC1kNGY0N2VkYmI5NzI/Y2FtcGFpZ25pZD1mZWY1NmFjMC03NWUxLTExZWItOWFiNC0xMjY0NTZiZmMzZGY=&hash=f7465531478262ded8758c266eb94824&m=MTY0

Requested by

Host: track.vcdc.com
URL: https://track.vcdc.com/proceed.php?domain=dyg.fr&hash=d6f99c3228f16c06b95c5a127d32dca9&u=eyJkb21haW4iOiJkeWcuZnIiLCJkb21haW5faWQiOiIxNDQ1OTAxOCIsImZvbGRlcl9pZCI6bnVsbCwibWlkIjoiMTY0IiwiZmlsdGVyX2lkIjpudWxsLCJhZHZlcnRpc2VyX2lkIjoiOCIsInRhcmdldCI6Imh0dHA6XC9cL2FsZmlrLWZpay5jb21cL3pjdmlzaXRvclwvMjcwNDQyZjQtODQyMS0xMWViLWFkYWEtMGEzMjJiN2NkZTY5XC82MDE5MTczYi02NzVlLTQ4NTItOThmNC1kNGY0N2VkYmI5NzI/Y2FtcGFpZ25pZD1mZWY1NmFjMC03NWUxLTExZWItOWFiNC0xMjY0NTZiZmMzZGYiLCJpcF9hZGRyZXNzIjoiMjEzLjIzMi44Ny4xNzkiLCJ0eXBlIjoiamF2YV9yZWRpcmVjdCIsImJpZCI6IjAuMDA0MjAifQ==

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

167.233.8.197 Hallbergmoos, Germany, ASN24940 (HETZNER-AS, DE),

Reverse DNS

static.197.8.233.167.clients.your-server.de

Software

nginx /

Resource Hash

6fe887b91ffde823629a6ada825675c6d71b1035a4b5523356f2132277df0268

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

:method: GET
:authority: track.vcdc.com
:scheme: https
:path: /beam.php?tcid=&target=aHR0cDovL2FsZmlrLWZpay5jb20vemN2aXNpdG9yLzI3MDQ0MmY0LTg0MjEtMTFlYi1hZGFhLTBhMzIyYjdjZGU2OS82MDE5MTczYi02NzVlLTQ4NTItOThmNC1kNGY0N2VkYmI5NzI/Y2FtcGFpZ25pZD1mZWY1NmFjMC03NWUxLTExZWItOWFiNC0xMjY0NTZiZmMzZGY=&hash=f7465531478262ded8758c266eb94824&m=MTY0
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: same-origin
sec-fetch-mode: navigate
sec-fetch-dest: document
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

server: nginx
date: Sat, 13 Mar 2021 17:25:49 GMT
content-type: text/html; charset=UTF-8
content-length: 991
cache-control: no-cache, must-revalidate
content-encoding: none
x-content-type-options: nosniff
x-xss-protection: 1; mode=block

GET
H/1.1

200
OK

Cookie set l.php Show response
lt.theplayadvisor.com/
Redirect Chain

http://alfik-fik.com/zcvisitor/270442f4-8421-11eb-adaa-0a322b7cde69/6019173b-675e-4852-98f4-d4f47edbb972?campaignid=fef56ac0-75e1-11eb-9ab4-126456bfc3df
https://lt.theplayadvisor.com/l.php?p=c:0fspqbsl&d=60350da6ce6ab006de42aa31&s=alpha-lea-qmIXgX84&b=0&bid=0.006000&pid=zr270442f4842111ebadaa0a322b7cde6960ecab1ff6044678aa5973067f15c826054329d0678ed...

1 KB
993 B

78ms
23ms

Document
text/html

91.134.212.144
OVH

General

Check archive.org

Show headers Download Go to

Full URL: https://lt.theplayadvisor.com/l.php?p=c:0fspqbsl&d=60350da6ce6ab006de42aa31&s=alpha-lea-qmIXgX84&b=0&bid=0.006000&pid=zr270442f4842111ebadaa0a322b7cde6960ecab1ff6044678aa5973067f15c826054329d0678ede7cf7&cmp=fef56ac0-75e1-11eb-9ab4-126456bfc3df&keyword=dyg%2Cdyg%2Cdyg.fr&d1=NL
Requested by: Host: track.vcdc.com
URL: https://track.vcdc.com/beam.php?tcid=&target=aHR0cDovL2FsZmlrLWZpay5jb20vemN2aXNpdG9yLzI3MDQ0MmY0LTg0MjEtMTFlYi1hZGFhLTBhMzIyYjdjZGU2OS82MDE5MTczYi02NzVlLTQ4NTItOThmNC1kNGY0N2VkYmI5NzI/Y2FtcGFpZ25pZD1mZWY1NmFjMC03NWUxLTExZWItOWFiNC0xMjY0NTZiZmMzZGY=&hash=f7465531478262ded8758c266eb94824&m=MTY0
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, CHACHA20_POLY1305
Server: 91.134.212.144 , Spain, ASN16276 (OVH, FR),
Reverse DNS: ip144.ip-91-134-212.eu
Software: nginx /
Resource Hash: a027852074b3d2d6fc74891a36c030397eb3282cce46a7120dd9c219e2ae00f3

Request headers

Host: lt.theplayadvisor.com
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Sec-Fetch-Site: cross-site
Sec-Fetch-Mode: navigate
Sec-Fetch-Dest: document
Accept-Encoding: gzip, deflate, br
Accept-Language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://track.vcdc.com/beam.php?tcid=&target=aHR0cDovL2FsZmlrLWZpay5jb20vemN2aXNpdG9yLzI3MDQ0MmY0LTg0MjEtMTFlYi1hZGFhLTBhMzIyYjdjZGU2OS82MDE5MTczYi02NzVlLTQ4NTItOThmNC1kNGY0N2VkYmI5NzI/Y2FtcGFpZ25pZD1mZWY1NmFjMC03NWUxLTExZWItOWFiNC0xMjY0NTZiZmMzZGY=&hash=f7465531478262ded8758c266eb94824&m=MTY0

Response headers

Server: nginx
Date: Sat, 13 Mar 2021 17:25:50 GMT
Content-Type: text/html; charset=UTF-8
Transfer-Encoding: chunked
Connection: keep-alive
Set-Cookie: bt-60350da6ce6ab006de42aa31=604cf59ec1d60a398f23e822; expires=Tue, 16-Mar-2021 17:25:50 GMT; Max-Age=259200; path=/; domain=lt.theplayadvisor.com; HttpOnly
Content-Encoding: gzip

Redirect headers

Date: Sat, 13 Mar 2021 17:25:50 GMT
Content-Length: 0
Connection: keep-alive
Cache-Control: no-store, no-cache, pre-check=0, post-check=0
content-security-policy: default-src 'self'; script-src 'self' 'unsafe-inline'
x-content-security-policy: default-src 'self'; script-src 'self' 'unsafe-inline'
X-WebKit-CSP: default-src 'self'; script-src 'self' 'unsafe-inline'
Access-Control-Allow-Origin: *
Access-Control-Allow-Methods: GET,POST,OPTIONS
Access-Control-Allow-Headers: X-Requested-With,Content-Type,x-exadsrtb-version,x-openrtb-version,x-zerortb-version,X-Flag
Location: https://lt.theplayadvisor.com/l.php?p=c:0fspqbsl&d=60350da6ce6ab006de42aa31&s=alpha-lea-qmIXgX84&b=0&bid=0.006000&pid=zr270442f4842111ebadaa0a322b7cde6960ecab1ff6044678aa5973067f15c826054329d0678ede7cf7&cmp=fef56ac0-75e1-11eb-9ab4-126456bfc3df&keyword=dyg%2Cdyg%2Cdyg.fr&d1=NL
Server: ZeroPark-Traffic

GET
H2

200

Primary Request / Show response
ekstrapoint.com//
Redirect Chain

https://lt.theplayadvisor.com/l.php?p=c:0fspqbsl&d=60350da6ce6ab006de42aa31&s=alpha-lea-qmIXgX84&b=0&bid=0.006000&pid=zr270442f4842111ebadaa0a322b7cde6960ecab1ff6044678aa5973067f15c826054329d0678ed...
https://theplayadvisor.com/trk/click?aid=5D9&cid=8483&s1=EP&s2=zeropark&s3=NL&mid=14&extclid=604cf59ec1d60a398f23e822&pubid=alpha-lea-qmIXgX84
https://ekstrapoint.com//?showSignup=true&trkid=3901100d-8fc2-4c66-a08a-aed083da5af7&aid=5D9&mid=PPC&cb=161565635027&cb=1615656350284

864 KB
101 KB

755ms
704ms

Document
text/html

13.226.159.10
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://ekstrapoint.com//?showSignup=true&trkid=3901100d-8fc2-4c66-a08a-aed083da5af7&aid=5D9&mid=PPC&cb=161565635027&cb=1615656350284
Requested by: Host: lt.theplayadvisor.com
URL: https://lt.theplayadvisor.com/l.php?p=c:0fspqbsl&d=60350da6ce6ab006de42aa31&s=alpha-lea-qmIXgX84&b=0&bid=0.006000&pid=zr270442f4842111ebadaa0a322b7cde6960ecab1ff6044678aa5973067f15c826054329d0678ede7cf7&cmp=fef56ac0-75e1-11eb-9ab4-126456bfc3df&keyword=dyg%2Cdyg%2Cdyg.fr&d1=NL
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.226.159.10 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-226-159-10.dus51.r.cloudfront.net
Software: / Express
Resource Hash: 1f2b2b4e8de2bcd3c51e9c9883ba15413305fbce15ffbff2e24fe71fd35c3492

Request headers

:method: GET
:authority: ekstrapoint.com
:scheme: https
:path: //?showSignup=true&trkid=3901100d-8fc2-4c66-a08a-aed083da5af7&aid=5D9&mid=PPC&cb=161565635027&cb=1615656350284
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: document
referer: https://lt.theplayadvisor.com/
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://lt.theplayadvisor.com/l.php?p=c:0fspqbsl&d=60350da6ce6ab006de42aa31&s=alpha-lea-qmIXgX84&b=0&bid=0.006000&pid=zr270442f4842111ebadaa0a322b7cde6960ecab1ff6044678aa5973067f15c826054329d0678ede7cf7&cmp=fef56ac0-75e1-11eb-9ab4-126456bfc3df&keyword=dyg%2Cdyg%2Cdyg.fr&d1=NL

Response headers

content-type: text/html; charset=utf-8
content-length: 103122
date: Sat, 13 Mar 2021 17:25:51 GMT
x-amzn-requestid: 4366f89b-7162-4d32-acd8-f19e9f08bb05
access-control-allow-origin: *
content-encoding: gzip
x-amzn-remapped-connection: close
x-amz-apigw-id: cItQxGuOjoEFrmw=
etag: W/"d8009-zBScl5hZBO91RdCHGWuawurWOFA"
x-powered-by: Express
x-amzn-trace-id: Root=1-604cf59e-4a0099cc3a496821598441cf;Sampled=0
x-amzn-remapped-date: Sat, 13 Mar 2021 17:25:50 GMT
via: 1.1 dca6db3c8f31f3cd48bb06d78a8be625.cloudfront.net (CloudFront), 1.1 5cd60f530cdafe284762767565aa2747.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA56-C2 DUS51-C1
vary: Accept-Encoding
x-cache: Miss from cloudfront
x-amz-cf-id: Q74m67A5ecxknZhiqG7b77mXGYgMjMS7dkwgU9_0bBvkCXkoiQ3HyA==

Redirect headers

date: Sat, 13 Mar 2021 17:25:50 GMT
content-length: 0
location: https://ekstrapoint.com//?showSignup=true&trkid=3901100d-8fc2-4c66-a08a-aed083da5af7&aid=5D9&mid=PPC&cb=161565635027&cb=1615656350284

GET
H2 200 lato-v16-latin-regular.woff2
cdn.ekstrapoint.com/fonts/ 23 KB
24 KB 90ms
40ms Font
application/octet-stream 13.226.159.105
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.ekstrapoint.com/fonts/lato-v16-latin-regular.woff2
Requested by: Host: ekstrapoint.com
URL: https://ekstrapoint.com//?showSignup=true&trkid=3901100d-8fc2-4c66-a08a-aed083da5af7&aid=5D9&mid=PPC&cb=161565635027&cb=1615656350284
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.226.159.105 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-226-159-105.dus51.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: c3c0d3f472358aac78455515c4800771426770c22698e2486d39fdb5505634e1

Request headers

Origin: https://ekstrapoint.com
Referer: https://ekstrapoint.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sat, 13 Mar 2021 03:16:33 GMT
via: 1.1 0c17d43ed0068cac968c920774378b84.cloudfront.net (CloudFront)
x-amz-request-id: 5E82D51A5EF63461
x-cache: Hit from cloudfront
content-length: 23484
x-amz-id-2: L+N33O39l9TMARnBawQjgMhBArduDGKKuV5sIeyNu+pPVkXhs0dFRxRlMeYDodU8SUcpg2rfRCE=
last-modified: Thu, 03 Sep 2020 13:49:00 GMT
server: AmazonS3
etag: "b4d2c4c39853ee244272c04999b230ba"
access-control-max-age: 1209600
access-control-allow-methods: GET, OPTIONS
content-type: application/octet-stream
access-control-allow-origin: *
cache-control: public, max-age=29030400
x-amz-cf-pop: DUS51-C1
accept-ranges: bytes
access-control-allow-headers: origin, content-type, accept, authorization, x-requested-with, origin-url, set-cookie, x-forwarded-url
x-amz-cf-id: PoE7fsm-D-_Rcl9BmeKffkAeaXu0RdFZezLbLppCs1ofRMdZIkRNxg==

GET
H2 200 lato-v16-latin-700.woff2
cdn.ekstrapoint.com/fonts/ 22 KB
23 KB 139ms
89ms Font
application/octet-stream 13.226.159.105
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.ekstrapoint.com/fonts/lato-v16-latin-700.woff2
Requested by: Host: ekstrapoint.com
URL: https://ekstrapoint.com//?showSignup=true&trkid=3901100d-8fc2-4c66-a08a-aed083da5af7&aid=5D9&mid=PPC&cb=161565635027&cb=1615656350284
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.226.159.105 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-226-159-105.dus51.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 8d3ca80fa271e94b0c36cf3053b0f806b7a42bb3395b424c99dc0bd218f0ac20

Request headers

Origin: https://ekstrapoint.com
Referer: https://ekstrapoint.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sat, 13 Mar 2021 03:56:03 GMT
via: 1.1 0c17d43ed0068cac968c920774378b84.cloudfront.net (CloudFront)
x-amz-request-id: 20AD1A6391F9228C
x-cache: Hit from cloudfront
content-length: 22992
x-amz-id-2: w7wxmfBTwlthHBAiSV3uFQk3HB53U1U9Fa+nqgfl8XDAiOosPHoRiHfaa0M7nJQUqZt/ta+stMc=
last-modified: Thu, 03 Sep 2020 13:49:07 GMT
server: AmazonS3
etag: "1efbd38aa76ddae2580fedf378276333"
access-control-max-age: 1209600
access-control-allow-methods: GET, OPTIONS
content-type: application/octet-stream
access-control-allow-origin: *
cache-control: public, max-age=29030400
x-amz-cf-pop: DUS51-C1
accept-ranges: bytes
access-control-allow-headers: origin, content-type, accept, authorization, x-requested-with, origin-url, set-cookie, x-forwarded-url
x-amz-cf-id: darWVZWvJF7Ocv4qdHm10FqFkINzfmjZ-x9V7khNxbmLkfARMv1fBw==

GET
H2 200 lato-v16-latin-italic.woff2
cdn.ekstrapoint.com/fonts/ 24 KB
25 KB 104ms
54ms Font
application/octet-stream 13.226.159.105
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.ekstrapoint.com/fonts/lato-v16-latin-italic.woff2
Requested by: Host: ekstrapoint.com
URL: https://ekstrapoint.com//?showSignup=true&trkid=3901100d-8fc2-4c66-a08a-aed083da5af7&aid=5D9&mid=PPC&cb=161565635027&cb=1615656350284
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.226.159.105 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-226-159-105.dus51.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: ccb5febf8ac335a1b768a7a2087fa4362cb3a0a9392e2e451df9d9825e88e5db

Request headers

Origin: https://ekstrapoint.com
Referer: https://ekstrapoint.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sat, 13 Mar 2021 04:30:14 GMT
via: 1.1 0c17d43ed0068cac968c920774378b84.cloudfront.net (CloudFront)
x-amz-request-id: 79BFF8A97F45F55B
x-cache: Hit from cloudfront
content-length: 24440
x-amz-id-2: x43rKunkTfsS5VQjnBnkV2CYwXjMb87E9aQT9zUUqkXtSw4bI5bu/ccHsDCuU6gv+oVHMtBXrnA=
last-modified: Thu, 03 Sep 2020 13:49:03 GMT
server: AmazonS3
etag: "117e995c97eab30fb92843616018d1f1"
access-control-max-age: 1209600
access-control-allow-methods: GET, OPTIONS
content-type: application/octet-stream
access-control-allow-origin: *
cache-control: public, max-age=29030400
x-amz-cf-pop: DUS51-C1
accept-ranges: bytes
access-control-allow-headers: origin, content-type, accept, authorization, x-requested-with, origin-url, set-cookie, x-forwarded-url
x-amz-cf-id: aD8LCE3MEU5PnpB68J1x2HE_T7mRrDo6_EAg9g-qNGslBUS3W9QbDA==

GET
H2 200 lato-v16-latin-900.woff2
cdn.ekstrapoint.com/fonts/ 22 KB
23 KB 150ms
100ms Font
application/octet-stream 13.226.159.105
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.ekstrapoint.com/fonts/lato-v16-latin-900.woff2
Requested by: Host: ekstrapoint.com
URL: https://ekstrapoint.com//?showSignup=true&trkid=3901100d-8fc2-4c66-a08a-aed083da5af7&aid=5D9&mid=PPC&cb=161565635027&cb=1615656350284
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.226.159.105 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-226-159-105.dus51.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 7d4243c8e973ec0cfc707904891ae4e3efc03dbc8923acb9755f9a35c92269a6

Request headers

Origin: https://ekstrapoint.com
Referer: https://ekstrapoint.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sat, 13 Mar 2021 02:32:12 GMT
via: 1.1 0c17d43ed0068cac968c920774378b84.cloudfront.net (CloudFront)
x-amz-request-id: 9F85846E25B59BBA
x-cache: Hit from cloudfront
content-length: 22572
x-amz-id-2: Bx/gXMrIN5hU9BSXwOL1RRIAV+/UCq5qhN+CKwJivsJWv8U4uAtCQgbn/j4nuSYWog1CUKfta5w=
last-modified: Thu, 03 Sep 2020 13:49:06 GMT
server: AmazonS3
etag: "947e87c53b5765bfc8982613ccd789e9"
access-control-max-age: 1209600
access-control-allow-methods: GET, OPTIONS
content-type: application/octet-stream
access-control-allow-origin: *
cache-control: public, max-age=29030400
x-amz-cf-pop: DUS51-C1
accept-ranges: bytes
access-control-allow-headers: origin, content-type, accept, authorization, x-requested-with, origin-url, set-cookie, x-forwarded-url
x-amz-cf-id: sIv83tLVjl5HZZCSeXzTHekx2oKCqugFBcD2igSqYbR3Z-BDYaG6YQ==

GET
H2 200 styles.58ddc825aa031a817587.css
cdn.ekstrapoint.com/app/ 41 KB
8 KB 104ms
41ms Stylesheet
text/css 13.226.159.105
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.ekstrapoint.com/app/styles.58ddc825aa031a817587.css
Requested by: Host: ekstrapoint.com
URL: https://ekstrapoint.com//?showSignup=true&trkid=3901100d-8fc2-4c66-a08a-aed083da5af7&aid=5D9&mid=PPC&cb=161565635027&cb=1615656350284
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.226.159.105 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-226-159-105.dus51.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: b04e46a651751c457802d459062be6e892dfce90305a4dbf7474e8f2cf7156cf

Request headers

Referer: https://ekstrapoint.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sat, 13 Mar 2021 02:56:10 GMT
content-encoding: gzip
last-modified: Mon, 01 Mar 2021 14:35:51 GMT
server: AmazonS3
x-amz-request-id: A6FF230A8210B839
etag: W/"df019984c2a611c308aa1c9e26a6255a"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: text/css
via: 1.1 4ecd74dda94d7576e134fcdf16df8129.cloudfront.net (CloudFront)
cache-control: public, max-age=29030400
x-amz-cf-pop: DUS51-C1
x-amz-cf-id: -7N0WHnhTOhFFnpBv-YbBGDSR0QgRO4zuHJvL59IJZnnNwwPWyYcxw==
x-amz-id-2: Hl1U9mxIgRt2+gcOKR0AVLRi4jGQAtFbSHjl9lLX5MVkuKB+okuHuw6i/BNliSw8kEC8t4/3bMk=

GET
H2 200 js
www.googletagmanager.com/gtag/ 0
56 KB 21ms
20ms Other
application/javascript 2a00:1450:4001:828::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=GTM-PMLRK38

Requested by

Host: ekstrapoint.com
URL: https://ekstrapoint.com//?showSignup=true&trkid=3901100d-8fc2-4c66-a08a-aed083da5af7&aid=5D9&mid=PPC&cb=161565635027&cb=1615656350284

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:828::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

Referer: https://ekstrapoint.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sat, 13 Mar 2021 17:25:51 GMT
content-encoding: br
vary: Accept-Encoding
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 57558
x-xss-protection: 0
last-modified: Sat, 13 Mar 2021 15:00:00 GMT
server: Google Tag Manager
strict-transport-security: max-age=31536000; includeSubDomains
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
expires: Sat, 13 Mar 2021 17:25:51 GMT

GET
H2 200 earth_btn_int.svg
cdn.ekstrapoint.com/app/assets/icons/flags/ 4 KB
2 KB 83ms
38ms Image
image/svg+xml 13.226.159.105
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cdn.ekstrapoint.com/app/assets/icons/flags/earth_btn_int.svg
Requested by: Host: ekstrapoint.com
URL: https://ekstrapoint.com//?showSignup=true&trkid=3901100d-8fc2-4c66-a08a-aed083da5af7&aid=5D9&mid=PPC&cb=161565635027&cb=1615656350284
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.226.159.105 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-226-159-105.dus51.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: df65ff2649149fd789294edac4cdcf77e306a90bb7353439c0363c68bfec659c

Request headers

Referer: https://ekstrapoint.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sat, 13 Mar 2021 04:31:49 GMT
content-encoding: gzip
last-modified: Mon, 01 Mar 2021 14:35:50 GMT
server: AmazonS3
x-amz-request-id: 6DF6BD5018B530BE
etag: W/"3e353c1ee5d0ac919f0a6bb85868709c"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: image/svg+xml
via: 1.1 4ecd74dda94d7576e134fcdf16df8129.cloudfront.net (CloudFront)
cache-control: public, max-age=29030400
x-amz-cf-pop: DUS51-C1
x-amz-cf-id: xfeQOBQE0Ej50gQ0X-7h7Kg9dx6i07vNRXhHSKHtVlRGoAMPG48zxg==
x-amz-id-2: DCn2U9KVykZvnLyV11xptgYWMFrQ34Z3B/e7+CiB2psNPL5+Eid8CWjdWqtFWzE+ZUftE7JZUtk=

GET
H2 200 New-Hero-Image-logo_cloudinary.png
res.cloudinary.com/vitamediagroup/image/upload/c_scale,e_blur:100,q_1,w_50/v1611672002/prod/HERO/ 842 B
1 KB 21ms
7ms Image
image/png 2a04:4e42:3::393
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://res.cloudinary.com/vitamediagroup/image/upload/c_scale,e_blur:100,q_1,w_50/v1611672002/prod/HERO/New-Hero-Image-logo_cloudinary.png

Requested by

Host: ekstrapoint.com
URL: https://ekstrapoint.com//?showSignup=true&trkid=3901100d-8fc2-4c66-a08a-aed083da5af7&aid=5D9&mid=PPC&cb=161565635027&cb=1615656350284

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a04:4e42:3::393 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Cloudinary /

Resource Hash

dfee1c29a16bcfa949dc09c64910ce2a6b1fe7d447e35a22229cc37ceaece433

Security Headers

Name	Value
Strict-Transport-Security	max-age=604800
X-Content-Type-Options	nosniff

Request headers

Referer: https://ekstrapoint.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sat, 13 Mar 2021 17:25:51 GMT
x-content-type-options: nosniff
last-modified: Wed, 24 Feb 2021 12:44:32 GMT
server: Cloudinary
etag: "691bfb50f36602acb6f1ebcc1385d66b"
strict-transport-security: max-age=604800
content-type: image/png
access-control-allow-origin: *
access-control-expose-headers: Content-Length,ETag,Server-Timing,X-Content-Type-Options
cache-control: public, no-transform, immutable, max-age=2592000
server-timing: fastly;dur=1;start=2021-03-13T17:25:51.103Z;desc=hit,rtt;dur=5
accept-ranges: bytes
timing-allow-origin: *
content-length: 842

GET
H2 200 EP-Header-Slot_cloudinary.png
res.cloudinary.com/vitamediagroup/image/upload/c_scale,e_blur:100,q_1,w_50/v1611746951/prod/HERO_MAIN/ 5 KB
5 KB 23ms
9ms Image
image/png 2a04:4e42:3::393
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://res.cloudinary.com/vitamediagroup/image/upload/c_scale,e_blur:100,q_1,w_50/v1611746951/prod/HERO_MAIN/EP-Header-Slot_cloudinary.png

Requested by

Host: ekstrapoint.com
URL: https://ekstrapoint.com//?showSignup=true&trkid=3901100d-8fc2-4c66-a08a-aed083da5af7&aid=5D9&mid=PPC&cb=161565635027&cb=1615656350284

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a04:4e42:3::393 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Cloudinary /

Resource Hash

a78bb5217b9830c0798bf9a3f076a4cd4b6a920fa51d151e2ddf51fbfc41d49b

Security Headers

Name	Value
Strict-Transport-Security	max-age=604800
X-Content-Type-Options	nosniff

Request headers

Referer: https://ekstrapoint.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sat, 13 Mar 2021 17:25:51 GMT
x-content-type-options: nosniff
last-modified: Wed, 24 Feb 2021 12:44:32 GMT
server: Cloudinary
etag: "6bfc0bfe7bdf4d0ed4b89e747026d313"
strict-transport-security: max-age=604800
content-type: image/png
access-control-allow-origin: *
access-control-expose-headers: Content-Length,ETag,Server-Timing,X-Content-Type-Options
cache-control: public, no-transform, immutable, max-age=2592000
server-timing: fastly;dur=1;start=2021-03-13T17:25:51.104Z;desc=hit,rtt;dur=5
accept-ranges: bytes
timing-allow-origin: *
content-length: 5402

GET
H2 200 photo.jpg
lh3.googleusercontent.com/-LiOy9lyKi0c/AAAAAAAAAAI/AAAAAAAAAAA/AMZuuck92unw4ZPY1wZ8yuyMZKgDZOm4Jg/s96-c/ 1 KB
2 KB 34ms
6ms Image
image/png 2a00:1450:4001:829::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://lh3.googleusercontent.com/-LiOy9lyKi0c/AAAAAAAAAAI/AAAAAAAAAAA/AMZuuck92unw4ZPY1wZ8yuyMZKgDZOm4Jg/s96-c/photo.jpg

Requested by

Host: ekstrapoint.com
URL: https://ekstrapoint.com//?showSignup=true&trkid=3901100d-8fc2-4c66-a08a-aed083da5af7&aid=5D9&mid=PPC&cb=161565635027&cb=1615656350284

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:829::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

fife /

Resource Hash

ce2bf0fa3e4ad5f1e72ddde6ec9fbf2eddcf3d8908bc1ffa429fc94632653556

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://ekstrapoint.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sat, 13 Mar 2021 16:25:24 GMT
x-content-type-options: nosniff
server: fife
age: 3627
vary: Origin
content-type: image/png
access-control-allow-origin: *
access-control-expose-headers: Content-Length
cache-control: public, max-age=86400, no-transform
content-disposition: inline;filename=""
timing-allow-origin: *
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1386
x-xss-protection: 0
expires: Sun, 14 Mar 2021 16:25:24 GMT

GET
H2

200

/
platform-lookaside.fbsbx.com/platform/profilepic/
Redirect Chain

https://graph.facebook.com/v3.2/3392564580822477/picture?type=large
https://platform-lookaside.fbsbx.com/platform/profilepic/?asid=3392564580822477&height=200&width=200&ext=1618248351&hash=AeS5gN-Zf8EssGpkHHM

7 KB
7 KB

31ms
29ms

Image
image/jpeg

2a03:2880:f02d:12:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://platform-lookaside.fbsbx.com/platform/profilepic/?asid=3392564580822477&height=200&width=200&ext=1618248351&hash=AeS5gN-Zf8EssGpkHHM
Requested by: Host: ekstrapoint.com
URL: https://ekstrapoint.com//?showSignup=true&trkid=3901100d-8fc2-4c66-a08a-aed083da5af7&aid=5D9&mid=PPC&cb=161565635027&cb=1615656350284
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a03:2880:f02d:12:face:b00c:0:3 , United States, ASN32934 (FACEBOOK, US),
Reverse DNS
Software: /
Resource Hash: 627389fb2e1e11271205231b207e6ecb5496e1f9bd05c2a5688cb36135cb5516

Request headers

Referer: https://ekstrapoint.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-haystack-needlechecksum: 1722104496
date: Sat, 13 Mar 2021 17:25:51 GMT
x-fb-trip-id: 917726464
last-modified: Mon, 29 Jul 2019 20:58:48 GMT
x-needle-checksum: 3948537420
content-type: image/jpeg
access-control-allow-origin: *
cache-control: private, no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
content-disposition: attachment
x-fb-config-version-olb-prod: 1038
content-length: 6738

Redirect headers

strict-transport-security: max-age=15552000; preload
access-control-allow-origin: *
x-fb-rev: 1003447792
alt-svc: h3-29=":443"; ma=3600,h3-27=":443"; ma=3600
content-length: 0
x-fb-rlafr: 0
pragma: no-cache
x-fb-debug: M8tJMFOm7cni+59wxLATrToN51DFiemi3U7rOVoDzyGN1f2cMwrDusUJBJlzd0bR44k8agZ6uxHd8FXfYkqS2Q==
x-fb-trace-id: CoAptAQ/5OT
date: Sat, 13 Mar 2021 17:25:51 GMT
content-type: image/jpeg
location: https://platform-lookaside.fbsbx.com/platform/profilepic/?asid=3392564580822477&height=200&width=200&ext=1618248351&hash=AeS5gN-Zf8EssGpkHHM
x-fb-request-id: AHddliQerszdU398g7s_ifu
cache-control: private, no-cache, no-store, must-revalidate
facebook-api-version: v3.2
expires: Sat, 01 Jan 2000 00:00:00 GMT

GET
H2 200 Winners_EPshop.png
res.cloudinary.com/vitamediagroup/image/fetch/c_scale,e_blur:100,q_1,w_50/https://cdn.ekstrapoint.com/wp-content/uploads/sites/14/2019/02/09184728/ 3 KB
4 KB 20ms
7ms Image
image/png 2a04:4e42:3::393
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://res.cloudinary.com/vitamediagroup/image/fetch/c_scale,e_blur:100,q_1,w_50/https://cdn.ekstrapoint.com/wp-content/uploads/sites/14/2019/02/09184728/Winners_EPshop.png

Requested by

Host: ekstrapoint.com
URL: https://ekstrapoint.com//?showSignup=true&trkid=3901100d-8fc2-4c66-a08a-aed083da5af7&aid=5D9&mid=PPC&cb=161565635027&cb=1615656350284

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a04:4e42:3::393 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Cloudinary /

Resource Hash

ed872e9933093b3779565e20ea4099bcc2af34668b68e99605a1733919492f7f

Security Headers

Name	Value
Strict-Transport-Security	max-age=604800
X-Content-Type-Options	nosniff

Request headers

Referer: https://ekstrapoint.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sat, 13 Mar 2021 17:25:51 GMT
x-content-type-options: nosniff
last-modified: Fri, 05 Feb 2021 10:59:33 GMT
server: Cloudinary
etag: "d0466775a0b3965cd4c01e360de36192"
strict-transport-security: max-age=604800
content-type: image/png
access-control-allow-origin: *
access-control-expose-headers: Content-Length,ETag,Server-Timing,X-Content-Type-Options
cache-control: public, no-transform, immutable, max-age=604800
server-timing: fastly;dur=1;cpu=0;start=2021-03-13T17:25:51.103Z;desc=hit,rtt;dur=5
accept-ranges: bytes
timing-allow-origin: *
content-length: 3509

GET
H2 200 luckythrills-bonus-card.png
res.cloudinary.com/vitamediagroup/image/fetch/c_scale,e_blur:100,q_1,w_50/https://cdn.ekstrapoint.com/wp-content/uploads/sites/14/2020/11/10112339/ 4 KB
4 KB 20ms
7ms Image
image/png 2a04:4e42:3::393
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://res.cloudinary.com/vitamediagroup/image/fetch/c_scale,e_blur:100,q_1,w_50/https://cdn.ekstrapoint.com/wp-content/uploads/sites/14/2020/11/10112339/luckythrills-bonus-card.png

Requested by

Host: ekstrapoint.com
URL: https://ekstrapoint.com//?showSignup=true&trkid=3901100d-8fc2-4c66-a08a-aed083da5af7&aid=5D9&mid=PPC&cb=161565635027&cb=1615656350284

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a04:4e42:3::393 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Cloudinary /

Resource Hash

ab5898c442e5e66d60cb1bc2cf151cc182c49efa174cee860023c568de241668

Security Headers

Name	Value
Strict-Transport-Security	max-age=604800
X-Content-Type-Options	nosniff

Request headers

Referer: https://ekstrapoint.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sat, 13 Mar 2021 17:25:51 GMT
x-content-type-options: nosniff
last-modified: Fri, 05 Feb 2021 10:59:33 GMT
server: Cloudinary
etag: "c37d916ef7e65d0874dafd58587d12e2"
strict-transport-security: max-age=604800
content-type: image/png
access-control-allow-origin: *
access-control-expose-headers: Content-Length,ETag,Server-Timing,X-Content-Type-Options
cache-control: public, no-transform, immutable, max-age=604800
server-timing: fastly;dur=1;start=2021-03-13T17:25:51.103Z;desc=hit,rtt;dur=5
accept-ranges: bytes
timing-allow-origin: *
content-length: 3605

GET
H2 200 Jackie_EPshop.jpg
res.cloudinary.com/vitamediagroup/image/fetch/c_scale,e_blur:100,q_1,w_50/https://cdn.ekstrapoint.com/wp-content/uploads/2018/11/15121927/ 379 B
475 B 22ms
9ms Image
image/jpeg 2a04:4e42:3::393
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://res.cloudinary.com/vitamediagroup/image/fetch/c_scale,e_blur:100,q_1,w_50/https://cdn.ekstrapoint.com/wp-content/uploads/2018/11/15121927/Jackie_EPshop.jpg

Requested by

Host: ekstrapoint.com
URL: https://ekstrapoint.com//?showSignup=true&trkid=3901100d-8fc2-4c66-a08a-aed083da5af7&aid=5D9&mid=PPC&cb=161565635027&cb=1615656350284

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a04:4e42:3::393 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Cloudinary /

Resource Hash

643e3de2904f810ec8ab495596aca42e0d72ccceb1e0b2f95b96bde6f83ab8c6

Security Headers

Name	Value
Strict-Transport-Security	max-age=604800
X-Content-Type-Options	nosniff

Request headers

Referer: https://ekstrapoint.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sat, 13 Mar 2021 17:25:51 GMT
x-content-type-options: nosniff
last-modified: Fri, 05 Feb 2021 10:34:43 GMT
server: Cloudinary
etag: "22b451b0430d0f5a921d1872efe7a8f9"
strict-transport-security: max-age=604800
content-type: image/jpeg
access-control-allow-origin: *
access-control-expose-headers: Content-Length,ETag,Server-Timing,X-Content-Type-Options
cache-control: public, no-transform, immutable, max-age=604800
server-timing: fastly;dur=1;cpu=0;start=2021-03-13T17:25:51.104Z;desc=hit,rtt;dur=5
accept-ranges: bytes
timing-allow-origin: *
content-length: 379

GET
H2 200 Unikrn-s.png
res.cloudinary.com/vitamediagroup/image/fetch/c_scale,e_blur:100,q_1,w_50/https://cdn.ekstrapoint.com/wp-content/uploads/sites/14/2020/11/23174741/ 1 KB
1 KB 20ms
8ms Image
image/png 2a04:4e42:3::393
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://res.cloudinary.com/vitamediagroup/image/fetch/c_scale,e_blur:100,q_1,w_50/https://cdn.ekstrapoint.com/wp-content/uploads/sites/14/2020/11/23174741/Unikrn-s.png

Requested by

Host: ekstrapoint.com
URL: https://ekstrapoint.com//?showSignup=true&trkid=3901100d-8fc2-4c66-a08a-aed083da5af7&aid=5D9&mid=PPC&cb=161565635027&cb=1615656350284

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a04:4e42:3::393 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Cloudinary /

Resource Hash

f977fdeec4040238d754b9bc7e1f39ec9b02f7beb56d4b1e2594c165b2a84614

Security Headers

Name	Value
Strict-Transport-Security	max-age=604800
X-Content-Type-Options	nosniff

Request headers

Referer: https://ekstrapoint.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sat, 13 Mar 2021 17:25:51 GMT
x-content-type-options: nosniff
last-modified: Fri, 05 Feb 2021 10:59:33 GMT
server: Cloudinary
etag: "b76d7d4f82bf866ad97a2928534e8609"
strict-transport-security: max-age=604800
content-type: image/png
access-control-allow-origin: *
access-control-expose-headers: Content-Length,ETag,Server-Timing,X-Content-Type-Options
cache-control: public, no-transform, immutable, max-age=604800
server-timing: fastly;dur=1;cpu=0;start=2021-03-13T17:25:51.104Z;desc=hit,rtt;dur=5
accept-ranges: bytes
timing-allow-origin: *
content-length: 1309

GET
H2 200 Winners_EPshop.jpg
res.cloudinary.com/vitamediagroup/image/fetch/c_scale,e_blur:100,q_1,w_50/https://cdn.ekstrapoint.com/wp-content/uploads/2019/02/25171941/ 340 B
405 B 14ms
11ms Image
image/jpeg 2a04:4e42:3::393
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://res.cloudinary.com/vitamediagroup/image/fetch/c_scale,e_blur:100,q_1,w_50/https://cdn.ekstrapoint.com/wp-content/uploads/2019/02/25171941/Winners_EPshop.jpg

Requested by

Host: ekstrapoint.com
URL: https://ekstrapoint.com//?showSignup=true&trkid=3901100d-8fc2-4c66-a08a-aed083da5af7&aid=5D9&mid=PPC&cb=161565635027&cb=1615656350284

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a04:4e42:3::393 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Cloudinary /

Resource Hash

693918d4f9f30483456c0b202582237307b44959680b8df23da65e423b9b511f

Security Headers

Name	Value
Strict-Transport-Security	max-age=604800
X-Content-Type-Options	nosniff

Request headers

Referer: https://ekstrapoint.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sat, 13 Mar 2021 17:25:51 GMT
x-content-type-options: nosniff
last-modified: Fri, 05 Feb 2021 10:34:43 GMT
server: Cloudinary
etag: "96c98686b9b2841433619e3b0fdb9eff"
strict-transport-security: max-age=604800
content-type: image/jpeg
access-control-allow-origin: *
access-control-expose-headers: Content-Length,ETag,Server-Timing,X-Content-Type-Options
cache-control: public, no-transform, immutable, max-age=604800
server-timing: fastly;dur=1;cpu=0;start=2021-03-13T17:25:51.119Z;desc=hit,rtt;dur=5
accept-ranges: bytes
timing-allow-origin: *
content-length: 340

GET
H2 200 HTB1ncy0pqmWBuNjy1Xaq6xCbXXax-e1600066297730.jpg
res.cloudinary.com/vitamediagroup/image/fetch/c_scale,e_blur:100,q_1,w_50/https://cdn.ekstrapoint.com/wp-content/uploads/sites/14/2020/04/22110041/ 327 B
443 B 14ms
10ms Image
image/jpeg 2a04:4e42:3::393
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://res.cloudinary.com/vitamediagroup/image/fetch/c_scale,e_blur:100,q_1,w_50/https://cdn.ekstrapoint.com/wp-content/uploads/sites/14/2020/04/22110041/HTB1ncy0pqmWBuNjy1Xaq6xCbXXax-e1600066297730.jpg

Requested by

Host: ekstrapoint.com
URL: https://ekstrapoint.com//?showSignup=true&trkid=3901100d-8fc2-4c66-a08a-aed083da5af7&aid=5D9&mid=PPC&cb=161565635027&cb=1615656350284

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a04:4e42:3::393 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Cloudinary /

Resource Hash

9174ba77e75471a95b8b87626296fb6bdf8fcef578d50741ca935af31cc29336

Security Headers

Name	Value
Strict-Transport-Security	max-age=604800
X-Content-Type-Options	nosniff

Request headers

Referer: https://ekstrapoint.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sat, 13 Mar 2021 17:25:51 GMT
x-content-type-options: nosniff
last-modified: Fri, 05 Feb 2021 10:34:43 GMT
server: Cloudinary
etag: "0942145ac319c4cf12a1c5554e1868fe"
strict-transport-security: max-age=604800
content-type: image/jpeg
access-control-allow-origin: *
access-control-expose-headers: Content-Length,ETag,Server-Timing,X-Content-Type-Options
cache-control: public, no-transform, immutable, max-age=604800
server-timing: fastly;dur=1;cpu=0;start=2021-03-13T17:25:51.119Z;desc=hit,rtt;dur=5
accept-ranges: bytes
timing-allow-origin: *
content-length: 327

GET
H2 200 Hf1abdfe69fa54db28ba44f79b81abb5c7.jpg
res.cloudinary.com/vitamediagroup/image/fetch/c_scale,e_blur:100,q_1,w_50/https://cdn.ekstrapoint.com/wp-content/uploads/sites/14/2020/11/05153202/ 415 B
479 B 15ms
11ms Image
image/jpeg 2a04:4e42:3::393
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://res.cloudinary.com/vitamediagroup/image/fetch/c_scale,e_blur:100,q_1,w_50/https://cdn.ekstrapoint.com/wp-content/uploads/sites/14/2020/11/05153202/Hf1abdfe69fa54db28ba44f79b81abb5c7.jpg

Requested by

Host: ekstrapoint.com
URL: https://ekstrapoint.com//?showSignup=true&trkid=3901100d-8fc2-4c66-a08a-aed083da5af7&aid=5D9&mid=PPC&cb=161565635027&cb=1615656350284

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a04:4e42:3::393 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Cloudinary /

Resource Hash

240be83e2b11f478bc45a5bd92c15e770366a1c64bd403eb9e73932a129eee6d

Security Headers

Name	Value
Strict-Transport-Security	max-age=604800
X-Content-Type-Options	nosniff

Request headers

Referer: https://ekstrapoint.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sat, 13 Mar 2021 17:25:51 GMT
x-content-type-options: nosniff
last-modified: Fri, 05 Feb 2021 10:59:33 GMT
server: Cloudinary
etag: "571a7cb7460417ca4338734cfceed098"
strict-transport-security: max-age=604800
content-type: image/jpeg
access-control-allow-origin: *
access-control-expose-headers: Content-Length,ETag,Server-Timing,X-Content-Type-Options
cache-control: public, no-transform, immutable, max-age=604800
server-timing: fastly;dur=1;start=2021-03-13T17:25:51.119Z;desc=hit,rtt;dur=5
accept-ranges: bytes
timing-allow-origin: *
content-length: 415

GET
H2 200 H71dbd4b5716d4ee8820c2971450404645.jpg
res.cloudinary.com/vitamediagroup/image/fetch/c_scale,e_blur:100,q_1,w_50/https://cdn.ekstrapoint.com/wp-content/uploads/sites/14/2020/11/05155205/ 401 B
489 B 14ms
11ms Image
image/jpeg 2a04:4e42:3::393
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://res.cloudinary.com/vitamediagroup/image/fetch/c_scale,e_blur:100,q_1,w_50/https://cdn.ekstrapoint.com/wp-content/uploads/sites/14/2020/11/05155205/H71dbd4b5716d4ee8820c2971450404645.jpg

Requested by

Host: ekstrapoint.com
URL: https://ekstrapoint.com//?showSignup=true&trkid=3901100d-8fc2-4c66-a08a-aed083da5af7&aid=5D9&mid=PPC&cb=161565635027&cb=1615656350284

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a04:4e42:3::393 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Cloudinary /

Resource Hash

44263ae63122b11cd77124d313d9828042321b3e2c5512b776710e2d21af5698

Security Headers

Name	Value
Strict-Transport-Security	max-age=604800
X-Content-Type-Options	nosniff

Request headers

Referer: https://ekstrapoint.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sat, 13 Mar 2021 17:25:51 GMT
x-content-type-options: nosniff
last-modified: Fri, 05 Feb 2021 10:59:33 GMT
server: Cloudinary
etag: "7464b4b961536a0f3a6fac3ce70a27f6"
strict-transport-security: max-age=604800
content-type: image/jpeg
access-control-allow-origin: *
access-control-expose-headers: Content-Length,ETag,Server-Timing,X-Content-Type-Options
cache-control: public, no-transform, immutable, max-age=604800
server-timing: fastly;dur=1;start=2021-03-13T17:25:51.119Z;desc=hit,rtt;dur=5
accept-ranges: bytes
timing-allow-origin: *
content-length: 401

GET
H2 200 Ekstrapoint-logo-social-proof-testimonials.png
res.cloudinary.com/vitamediagroup/image/fetch/c_scale,e_blur:100,q_1,w_50/https://cdn.ekstrapoint.com/images/ 966 B
1 KB 12ms
8ms Image
image/png 2a04:4e42:3::393
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://res.cloudinary.com/vitamediagroup/image/fetch/c_scale,e_blur:100,q_1,w_50/https://cdn.ekstrapoint.com/images/Ekstrapoint-logo-social-proof-testimonials.png

Requested by

Host: ekstrapoint.com
URL: https://ekstrapoint.com//?showSignup=true&trkid=3901100d-8fc2-4c66-a08a-aed083da5af7&aid=5D9&mid=PPC&cb=161565635027&cb=1615656350284

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a04:4e42:3::393 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Cloudinary /

Resource Hash

6b7a66f47a339e18e3c9d1a38055124f26fca5ea383a8df0269cec3ae388574d

Security Headers

Name	Value
Strict-Transport-Security	max-age=604800
X-Content-Type-Options	nosniff

Request headers

Referer: https://ekstrapoint.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sat, 13 Mar 2021 17:25:51 GMT
x-content-type-options: nosniff
last-modified: Fri, 12 Feb 2021 10:36:50 GMT
server: Cloudinary
etag: "6a4730cc3e4909cde1fd7238c49f37cf"
strict-transport-security: max-age=604800
content-type: image/png
access-control-allow-origin: *
access-control-expose-headers: Content-Length,ETag,Server-Timing,X-Content-Type-Options
cache-control: public, no-transform, immutable, max-age=604800
server-timing: fastly;dur=1;start=2021-03-13T17:25:51.119Z;desc=hit,rtt;dur=5
accept-ranges: bytes
timing-allow-origin: *
content-length: 966

GET
H2 200 Be-gamble-aware-transparent-logo.png
res.cloudinary.com/vitamediagroup/image/fetch/c_scale,e_blur:100,q_1,w_50/https://cdn.ekstrapoint.com/images/ 332 B
420 B 12ms
8ms Image
image/png 2a04:4e42:3::393
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://res.cloudinary.com/vitamediagroup/image/fetch/c_scale,e_blur:100,q_1,w_50/https://cdn.ekstrapoint.com/images/Be-gamble-aware-transparent-logo.png

Requested by

Host: ekstrapoint.com
URL: https://ekstrapoint.com//?showSignup=true&trkid=3901100d-8fc2-4c66-a08a-aed083da5af7&aid=5D9&mid=PPC&cb=161565635027&cb=1615656350284

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a04:4e42:3::393 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Cloudinary /

Resource Hash

3243e28e652cd2b0a27f2ecd788cf42f42b0cc9996888ad5e688bb4ccf1c82a6

Security Headers

Name	Value
Strict-Transport-Security	max-age=604800
X-Content-Type-Options	nosniff

Request headers

Referer: https://ekstrapoint.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sat, 13 Mar 2021 17:25:51 GMT
x-content-type-options: nosniff
last-modified: Fri, 05 Feb 2021 08:17:59 GMT
server: Cloudinary
etag: "b69d379d5ff8ace201fdb65b752b6c91"
strict-transport-security: max-age=604800
content-type: image/png
access-control-allow-origin: *
access-control-expose-headers: Content-Length,ETag,Server-Timing,X-Content-Type-Options
cache-control: public, no-transform, immutable, max-age=604800
server-timing: fastly;dur=1;start=2021-03-13T17:25:51.119Z;desc=hit,rtt;dur=5
accept-ranges: bytes
timing-allow-origin: *
content-length: 332

GET
H2 200 MGA-Malta-Gaming-Authority-transparent-logo.png
res.cloudinary.com/vitamediagroup/image/fetch/c_scale,e_blur:100,q_1,w_50/https://cdn.ekstrapoint.com/images/ 561 B
690 B 12ms
9ms Image
image/png 2a04:4e42:3::393
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://res.cloudinary.com/vitamediagroup/image/fetch/c_scale,e_blur:100,q_1,w_50/https://cdn.ekstrapoint.com/images/MGA-Malta-Gaming-Authority-transparent-logo.png

Requested by

Host: ekstrapoint.com
URL: https://ekstrapoint.com//?showSignup=true&trkid=3901100d-8fc2-4c66-a08a-aed083da5af7&aid=5D9&mid=PPC&cb=161565635027&cb=1615656350284

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a04:4e42:3::393 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Cloudinary /

Resource Hash

71846519346eccc4fcee1dbcde6d9b481d432b16e4f9d681f8a89c4db27b6aec

Security Headers

Name	Value
Strict-Transport-Security	max-age=604800
X-Content-Type-Options	nosniff

Request headers

Referer: https://ekstrapoint.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sat, 13 Mar 2021 17:25:51 GMT
x-content-type-options: nosniff
last-modified: Fri, 05 Feb 2021 08:18:00 GMT
server: Cloudinary
etag: "c2199d916edca14b3e93ec69cfd71386"
strict-transport-security: max-age=604800
content-type: image/png
access-control-allow-origin: *
access-control-expose-headers: Content-Length,ETag,Server-Timing,X-Content-Type-Options
cache-control: public, no-transform, immutable, max-age=604800
server-timing: fastly;dur=1;start=2021-03-13T17:25:51.119Z;desc=hit,rtt;dur=5
accept-ranges: bytes
timing-allow-origin: *
content-length: 561

GET
H2 200 18-plus-gambling-transparent-logo.png
res.cloudinary.com/vitamediagroup/image/fetch/c_scale,e_blur:100,q_1,w_50/https://cdn.ekstrapoint.com/images/ 2 KB
2 KB 12ms
9ms Image
image/png 2a04:4e42:3::393
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://res.cloudinary.com/vitamediagroup/image/fetch/c_scale,e_blur:100,q_1,w_50/https://cdn.ekstrapoint.com/images/18-plus-gambling-transparent-logo.png

Requested by

Host: ekstrapoint.com
URL: https://ekstrapoint.com//?showSignup=true&trkid=3901100d-8fc2-4c66-a08a-aed083da5af7&aid=5D9&mid=PPC&cb=161565635027&cb=1615656350284

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a04:4e42:3::393 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Cloudinary /

Resource Hash

6bb3c199077848ea3a889081495cb6e0ffe54aa0d73600112fe62ced64136034

Security Headers

Name	Value
Strict-Transport-Security	max-age=604800
X-Content-Type-Options	nosniff

Request headers

Referer: https://ekstrapoint.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sat, 13 Mar 2021 17:25:51 GMT
x-content-type-options: nosniff
last-modified: Fri, 05 Feb 2021 08:18:00 GMT
server: Cloudinary
etag: "fbddde91c52d12e519bf8fba6d885062"
strict-transport-security: max-age=604800
content-type: image/png
access-control-allow-origin: *
access-control-expose-headers: Content-Length,ETag,Server-Timing,X-Content-Type-Options
cache-control: public, no-transform, immutable, max-age=604800
server-timing: fastly;dur=1;start=2021-03-13T17:25:51.119Z;desc=hit,rtt;dur=5
accept-ranges: bytes
timing-allow-origin: *
content-length: 2345

GET
H2 200 GPWA.gif
res.cloudinary.com/vitamediagroup/image/fetch/c_scale,e_blur:100,q_1,w_50/https://cdn.ekstrapoint.com/images/ 2 KB
2 KB 12ms
8ms Image
image/gif 2a04:4e42:3::393
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://res.cloudinary.com/vitamediagroup/image/fetch/c_scale,e_blur:100,q_1,w_50/https://cdn.ekstrapoint.com/images/GPWA.gif

Requested by

Host: ekstrapoint.com
URL: https://ekstrapoint.com//?showSignup=true&trkid=3901100d-8fc2-4c66-a08a-aed083da5af7&aid=5D9&mid=PPC&cb=161565635027&cb=1615656350284

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a04:4e42:3::393 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Cloudinary /

Resource Hash

a21a79c6e85a254c1e573e9d3d1ab57990e8382d8cea1a81868eeda265c45bc0

Security Headers

Name	Value
Strict-Transport-Security	max-age=604800
X-Content-Type-Options	nosniff

Request headers

Referer: https://ekstrapoint.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sat, 13 Mar 2021 17:25:51 GMT
x-content-type-options: nosniff
last-modified: Fri, 05 Feb 2021 08:18:01 GMT
server: Cloudinary
etag: "9bf6922d7a5fc639055a96f86f645249"
strict-transport-security: max-age=604800
content-type: image/gif
access-control-allow-origin: *
access-control-expose-headers: Content-Length,ETag,Server-Timing,X-Content-Type-Options
cache-control: public, no-transform, immutable, max-age=604800
server-timing: fastly;dur=1;start=2021-03-13T17:25:51.119Z;desc=hit,rtt;dur=5
accept-ranges: bytes
timing-allow-origin: *
content-length: 1766

GET
H2 200 EGR-nordics-virtual-awards-2021-shortlisted.png
res.cloudinary.com/vitamediagroup/image/upload/c_scale,e_blur:100,q_1,w_50/v1614262996/prod/BANNER/ 3 KB
3 KB 12ms
9ms Image
image/png 2a04:4e42:3::393
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://res.cloudinary.com/vitamediagroup/image/upload/c_scale,e_blur:100,q_1,w_50/v1614262996/prod/BANNER/EGR-nordics-virtual-awards-2021-shortlisted.png

Requested by

Host: ekstrapoint.com
URL: https://ekstrapoint.com//?showSignup=true&trkid=3901100d-8fc2-4c66-a08a-aed083da5af7&aid=5D9&mid=PPC&cb=161565635027&cb=1615656350284

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a04:4e42:3::393 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Cloudinary /

Resource Hash

89ce694adf9dcc7909c3880648e4f2794dce56ad2a307ea942f6b8b7d721668b

Security Headers

Name	Value
Strict-Transport-Security	max-age=604800
X-Content-Type-Options	nosniff

Request headers

Referer: https://ekstrapoint.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sat, 13 Mar 2021 17:25:51 GMT
x-content-type-options: nosniff
last-modified: Thu, 25 Feb 2021 14:24:01 GMT
server: Cloudinary
etag: "063978f92e6a5224e3e216f7ff156974"
strict-transport-security: max-age=604800
content-type: image/png
access-control-allow-origin: *
access-control-expose-headers: Content-Length,ETag,Server-Timing,X-Content-Type-Options
cache-control: public, no-transform, immutable, max-age=2592000
server-timing: fastly;dur=1;start=2021-03-13T17:25:51.119Z;desc=hit,rtt;dur=5
accept-ranges: bytes
timing-allow-origin: *
content-length: 2672

GET
H2 200 runtime-es2015.e218aa2bf6347f7d15a2.js Show response
cdn.ekstrapoint.com/app/ 2 KB
2 KB 114ms
90ms Script
application/javascript 13.226.159.105
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.ekstrapoint.com/app/runtime-es2015.e218aa2bf6347f7d15a2.js
Requested by: Host: ekstrapoint.com
URL: https://ekstrapoint.com//?showSignup=true&trkid=3901100d-8fc2-4c66-a08a-aed083da5af7&aid=5D9&mid=PPC&cb=161565635027&cb=1615656350284
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.226.159.105 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-226-159-105.dus51.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 7a69aa02a10b30878fba9a0c15b10c6b82fcabf5c99f7036e81e59c50bdac814

Request headers

Origin: https://ekstrapoint.com
Referer: https://ekstrapoint.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sat, 13 Mar 2021 03:36:03 GMT
content-encoding: gzip
x-amz-request-id: E357AA864C30C9B6
via: 1.1 0c17d43ed0068cac968c920774378b84.cloudfront.net (CloudFront)
x-cache: Hit from cloudfront
x-amz-id-2: fwKIxj5DK5lwh8TWjFjkaDuPtD9NXRKxyT02fdoeza8+9yg2SjmvlxIkpN0cUslwDK1mymLNJkI=
last-modified: Mon, 01 Mar 2021 14:35:51 GMT
server: AmazonS3
etag: W/"7239e0a46f13b17a67d8b70b13bddc15"
access-control-max-age: 1209600
access-control-allow-methods: GET, OPTIONS
content-type: application/javascript
access-control-allow-origin: *
cache-control: public, max-age=29030400
x-amz-cf-pop: DUS51-C1
access-control-allow-headers: origin, content-type, accept, authorization, x-requested-with, origin-url, set-cookie, x-forwarded-url
x-amz-cf-id: afza7NVaXGvId4cCA0TKpRlophVBV_zUO1qWx3WWzWAX7sXTxoP_2w==

GET
H2 200 polyfills-es2015.3bdb7cad8cfe7f02e116.js Show response
cdn.ekstrapoint.com/app/ 37 KB
13 KB 86ms
61ms Script
application/javascript 13.226.159.105
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.ekstrapoint.com/app/polyfills-es2015.3bdb7cad8cfe7f02e116.js
Requested by: Host: ekstrapoint.com
URL: https://ekstrapoint.com//?showSignup=true&trkid=3901100d-8fc2-4c66-a08a-aed083da5af7&aid=5D9&mid=PPC&cb=161565635027&cb=1615656350284
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.226.159.105 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-226-159-105.dus51.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: f900fe94333f6fd6bbc8c888d245baf461d274b39082c57f93efae48b3e40576

Request headers

Origin: https://ekstrapoint.com
Referer: https://ekstrapoint.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sat, 13 Mar 2021 01:33:59 GMT
content-encoding: gzip
x-amz-request-id: C3324E554519AE86
via: 1.1 0c17d43ed0068cac968c920774378b84.cloudfront.net (CloudFront)
x-cache: Hit from cloudfront
x-amz-id-2: mVCMMqBpN+2fTv1WXdgGbmEa6uqnONNsGw9dLEqHGeGv7oK0p7p/ob6DwGHfE+Eg65Xa9SjaCWQ=
last-modified: Wed, 24 Feb 2021 12:42:51 GMT
server: AmazonS3
etag: W/"83827d2bc1ff77c2c88f207de5ba5483"
access-control-max-age: 1209600
access-control-allow-methods: GET, OPTIONS
content-type: application/javascript
access-control-allow-origin: *
cache-control: public, max-age=29030400
x-amz-cf-pop: DUS51-C1
access-control-allow-headers: origin, content-type, accept, authorization, x-requested-with, origin-url, set-cookie, x-forwarded-url
x-amz-cf-id: u4AGvVZZVD1QO_NInBgVUv_xtZXEuaUxgY5VjQwclloY9YzxLrWWPw==

GET
H2 200 main-es2015.15d543be45ef62097a32.js Show response
cdn.ekstrapoint.com/app/ 2 MB
358 KB 89ms
65ms Script
application/javascript 13.226.159.105
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.ekstrapoint.com/app/main-es2015.15d543be45ef62097a32.js
Requested by: Host: ekstrapoint.com
URL: https://ekstrapoint.com//?showSignup=true&trkid=3901100d-8fc2-4c66-a08a-aed083da5af7&aid=5D9&mid=PPC&cb=161565635027&cb=1615656350284
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.226.159.105 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-226-159-105.dus51.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 23f48f55c6d5d14f32c9e0eb180550916664087593e5f7eb05c4aa7f64d3c177

Request headers

Origin: https://ekstrapoint.com
Referer: https://ekstrapoint.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sat, 13 Mar 2021 14:41:05 GMT
content-encoding: gzip
x-amz-request-id: 7602AAB799C239B7
via: 1.1 0c17d43ed0068cac968c920774378b84.cloudfront.net (CloudFront)
x-cache: Hit from cloudfront
x-amz-id-2: qWMVLAoqZo4jsrNyptpM6DegKngS5p2XhzJ845+qv6l/8U04PlL59ubq20fCQ0t5lJgyBEX0DMg=
last-modified: Thu, 11 Mar 2021 14:39:06 GMT
server: AmazonS3
etag: W/"dd8a2f98161c51a471d42d636ac50276"
access-control-max-age: 1209600
access-control-allow-methods: GET, OPTIONS
content-type: application/javascript
access-control-allow-origin: *
cache-control: public, max-age=29030400
x-amz-cf-pop: DUS51-C1
access-control-allow-headers: origin, content-type, accept, authorization, x-requested-with, origin-url, set-cookie, x-forwarded-url
x-amz-cf-id: Av8JHB2YZww1Qt8MQaS-ipBkuNva-Q1BU1JrssyVAj-ENFryG75fcw==

GET
H2 200 ep-coin.png
cdn.ekstrapoint.net/app/assets/images/ 1 KB
2 KB 102ms
41ms Image
image/png 13.226.159.23
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cdn.ekstrapoint.net/app/assets/images/ep-coin.png
Requested by: Host: ekstrapoint.com
URL: https://ekstrapoint.com//?showSignup=true&trkid=3901100d-8fc2-4c66-a08a-aed083da5af7&aid=5D9&mid=PPC&cb=161565635027&cb=1615656350284
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.226.159.23 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-226-159-23.dus51.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 73b6cac3c7553587f0982738d9717171b3cb2d4764f61c609b083fd29a85d844

Request headers

Referer: https://ekstrapoint.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sat, 13 Mar 2021 02:58:57 GMT
via: 1.1 e7b88cadf742e342f39f17392af35c4f.cloudfront.net (CloudFront)
last-modified: Fri, 26 Feb 2021 13:55:55 GMT
server: AmazonS3
x-amz-request-id: 3231BA8249802D21
etag: "e62faec0aefde8cd32b4461317bbca87"
x-cache: Hit from cloudfront
content-type: image/png
cache-control: public, max-age=29030400
x-amz-cf-pop: DUS51-C1
accept-ranges: bytes
content-length: 1245
x-amz-id-2: ppm/tIfm88Fm4dq83Tt8pCdFVMPXV6YceANquE74J649W/qJWmUqcpWOqhgfP7iSLJa9M4ko0m4=
x-amz-cf-id: Mo4cBCAzQyajTbEA3fgou3Zd8xNL1Bdm03yFsaocoIAtXQNyQE1ttw==

GET
H3-Q050 200 gtm.js Show response
www.googletagmanager.com/ 138 KB
48 KB 21ms
20ms Script
application/javascript 2a00:1450:4001:828::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtm.js?id=GTM-W2W7HTS

Requested by

Host: mx2.serviceclientorange.dyg.fr
URL: https://mx2.serviceclientorange.dyg.fr/

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:828::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

453d7aae6674d894da46b576c4a451cc52355c95f51b501ff70c7f246ec784a8

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

Referer: https://ekstrapoint.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sat, 13 Mar 2021 17:25:51 GMT
content-encoding: br
vary: Accept-Encoding
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 48750
x-xss-protection: 0
last-modified: Sat, 13 Mar 2021 15:00:00 GMT
server: Google Tag Manager
strict-transport-security: max-age=31536000; includeSubDomains
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
expires: Sat, 13 Mar 2021 17:25:51 GMT

GET
H2 200 leaderboard Show response
ekstrapoint.com/api/v2/ 61 KB
7 KB 773ms
772ms XHR
application/json 13.226.159.10
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://ekstrapoint.com/api/v2/leaderboard?limit=8&references=en_fruity_SM_weekly,en_juicy-jackpot_SM_weekly,en_trillionaire_SM_weekly,en_slot-mountain_SM_weekly,en_pirates_SM_weekly,en_monsters_SM_daily,en_sin-city-2_SM_weekly
Requested by: Host: cdn.ekstrapoint.com
URL: https://cdn.ekstrapoint.com/app/polyfills-es2015.3bdb7cad8cfe7f02e116.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.226.159.10 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-226-159-10.dus51.r.cloudfront.net
Software: /
Resource Hash: c9fc4ed7123e18b8e2eb751cd390c2b411e9e26b24550cefb9796f568e680de0

Request headers

Accept: application/json, text/plain, */*
Referer: https://ekstrapoint.com/?showSignup=true&trkid=3901100d-8fc2-4c66-a08a-aed083da5af7&aid=5D9&mid=PPC&cb=161565635027&cb=1615656350284
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
x-forwarded-url: https://ekstrapoint.com/?showSignup=true&trkid=3901100d-8fc2-4c66-a08a-aed083da5af7&aid=5D9&mid=PPC&cb=161565635027&cb=1615656350284

Response headers

date: Sat, 13 Mar 2021 17:25:52 GMT
content-encoding: gzip
x-amz-cf-pop: DUS51-C1
vary: Accept-Encoding
access-control-allow-methods: GET, POST, PUT, DELETE, OPTIONS, HEAD
content-type: application/json
access-control-allow-origin: *
access-control-max-age: 1209600
cache-control: no-cache
access-control-allow-credentials: true
x-cache: Miss from cloudfront
access-control-allow-headers: origin, content-type, accept, authorization, x-requested-with, origin-url, set-cookie, x-forwarded-url,eposucar
x-amz-cf-id: 2O49eZZFoSU1SFZl4gE9UWJBHVsH6gYbvyrSAKIp_jM-F01jnQRBUQ==
via: 1.1 5cd60f530cdafe284762767565aa2747.cloudfront.net (CloudFront)

GET
H2

200

/
platform-lookaside.fbsbx.com/platform/profilepic/
Redirect Chain

https://graph.facebook.com/v3.2/3392564580822477/picture?type=large
https://platform-lookaside.fbsbx.com/platform/profilepic/?asid=3392564580822477&height=200&width=200&ext=1618248351&hash=AeS5gN-Zf8EssGpkoVM

7 KB
7 KB

28ms
27ms

Image
image/jpeg

2a03:2880:f02d:12:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://platform-lookaside.fbsbx.com/platform/profilepic/?asid=3392564580822477&height=200&width=200&ext=1618248351&hash=AeS5gN-Zf8EssGpkoVM
Requested by: Host: ekstrapoint.com
URL: https://ekstrapoint.com/?showSignup=true&trkid=3901100d-8fc2-4c66-a08a-aed083da5af7&aid=5D9&mid=PPC&cb=161565635027&cb=1615656350284
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a03:2880:f02d:12:face:b00c:0:3 , United States, ASN32934 (FACEBOOK, US),
Reverse DNS
Software: /
Resource Hash: 627389fb2e1e11271205231b207e6ecb5496e1f9bd05c2a5688cb36135cb5516

Request headers

Referer: https://ekstrapoint.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-haystack-needlechecksum: 1722104496
date: Sat, 13 Mar 2021 17:25:51 GMT
x-fb-trip-id: 917726464
last-modified: Mon, 29 Jul 2019 20:58:48 GMT
x-needle-checksum: 3948537420
content-type: image/jpeg
access-control-allow-origin: *
cache-control: private, no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
content-disposition: attachment
x-fb-config-version-olb-prod: 1038
content-length: 6738

Redirect headers

strict-transport-security: max-age=15552000; preload
access-control-allow-origin: *
x-fb-rev: 1003447792
alt-svc: h3-29=":443"; ma=3600,h3-27=":443"; ma=3600
content-length: 0
x-fb-rlafr: 0
pragma: no-cache
x-fb-debug: oDOMB9bUiuz80/aivpyAqLxHnPpQX13vtguaZY6OzxDnJhCO9zcAbJh6AfYpHNF1I2gUFJWIOl2xQnBYG+vCTQ==
x-fb-trace-id: BWw+8IA9byN
date: Sat, 13 Mar 2021 17:25:51 GMT
content-type: image/jpeg
location: https://platform-lookaside.fbsbx.com/platform/profilepic/?asid=3392564580822477&height=200&width=200&ext=1618248351&hash=AeS5gN-Zf8EssGpkoVM
x-fb-request-id: AxEhPfjaPVQKeqb19YMmSCx
cache-control: private, no-cache, no-store, must-revalidate
facebook-api-version: v3.2
priority: u=3,i
expires: Sat, 01 Jan 2000 00:00:00 GMT

GET
H2 200 platform.js Show response
apis.google.com/js/ 54 KB
21 KB 48ms
27ms Script
application/javascript 2a00:1450:4001:80e::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://apis.google.com/js/platform.js

Requested by

Host: cdn.ekstrapoint.com
URL: https://cdn.ekstrapoint.com/app/main-es2015.15d543be45ef62097a32.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80e::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

29c2221091bda7b82623054ba28bc28ed592752da15d7db1158f640f94bbb423

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-ZwvnHpUdRyYS5UjFyzj+fw' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri /_/cspreport
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Referer: https://ekstrapoint.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sat, 13 Mar 2021 17:25:51 GMT
content-encoding: gzip
x-content-type-options: nosniff
p3p: CP="This is not a P3P policy! See g.co/p3phelp for more info."
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 0
x-ua-compatible: IE=edge, chrome=1
server: ESF
x-frame-options: SAMEORIGIN
etag: "623116f45e9f09f5d58245285ae27df0"
strict-transport-security: max-age=31536000
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=1800, stale-while-revalidate=1800
content-security-policy: script-src 'report-sample' 'nonce-ZwvnHpUdRyYS5UjFyzj+fw' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri /_/cspreport
timing-allow-origin: *
expires: Sat, 13 Mar 2021 17:25:51 GMT

GET
H2 200 sdk.js Show response
connect.facebook.net/en_US/ 3 KB
2 KB 6ms
6ms Script
application/x-javascript 2a03:2880:f02d:12:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/en_US/sdk.js

Requested by

Host: cdn.ekstrapoint.com
URL: https://cdn.ekstrapoint.com/app/main-es2015.15d543be45ef62097a32.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f02d:12:face:b00c:0:3 , United States, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

646d31eb237c88bacaf9aebe9f0c18fce391d4b8acb96bc12582f4d6eaf7a74c

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY

Request headers

Referer: https://ekstrapoint.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; preload; includeSubDomains
content-encoding: gzip
x-content-type-options: nosniff
content-md5: oV/GyAEa57bcFF+uepkV1w==
cross-origin-resource-policy: cross-origin
expires: Sat, 13 Mar 2021 17:30:32 GMT
alt-svc: h3-29=":443"; ma=3600,h3-27=":443"; ma=3600
content-length: 1780
x-fb-rlafr: 0
x-fb-debug: 2Og6MlTGpa/L7yr3jwTFfaOxe72lvvL5AvA6R2+8R++mJcS35yyQYz3YRWNYOCX/Zo+SAenJfBsVBlS+GCtP7A==
x-fb-trip-id: 917726464
x-fb-content-md5: d91109ddc7d1bfb213bee90c572a3362
date: Sat, 13 Mar 2021 17:25:51 GMT
x-frame-options: DENY
content-type: application/x-javascript; charset=utf-8
access-control-allow-origin: *
vary: Accept-Encoding
cache-control: public,max-age=1200,stale-while-revalidate=3600
etag: "a0b8bf7fe9b61d6be9427bb2c4f57853"
timing-allow-origin: *
priority: u=3,i
access-control-expose-headers: X-FB-Content-MD5

GET
H2 200 6-es2015.87ee9873b8c8a172c845.js Show response
cdn.ekstrapoint.com/app/ 35 KB
6 KB 37ms
36ms Script
application/javascript 13.226.159.105
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.ekstrapoint.com/app/6-es2015.87ee9873b8c8a172c845.js
Requested by: Host: cdn.ekstrapoint.com
URL: https://cdn.ekstrapoint.com/app/runtime-es2015.e218aa2bf6347f7d15a2.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.226.159.105 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-226-159-105.dus51.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 3d9349412ecbf65d2f9eabab0681c78478f523c2a53304d7bba80dcce50dc211

Request headers

Referer: https://ekstrapoint.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sat, 13 Mar 2021 04:20:08 GMT
content-encoding: gzip
vary: Accept-Encoding
x-amz-request-id: 9S4X9GFW0Y0QCQDW
via: 1.1 4ecd74dda94d7576e134fcdf16df8129.cloudfront.net (CloudFront)
x-cache: Hit from cloudfront
x-amz-id-2: IxuaZgPQbAULkXxFsIEgbPIdCYApw+i+QZksujzPaERzjZBDjzhpCL4DPrzCFkOJe7/S8Xf3fOM=
last-modified: Mon, 01 Mar 2021 14:35:50 GMT
server: AmazonS3
etag: W/"f4a683eb62ad9eae97d96db3fc14e41d"
access-control-max-age: 1209600
access-control-allow-methods: GET, OPTIONS
content-type: application/javascript
access-control-allow-origin: *
cache-control: public, max-age=29030400
x-amz-cf-pop: DUS51-C1
access-control-allow-headers: origin, content-type, accept, authorization, x-requested-with, origin-url, set-cookie, x-forwarded-url
x-amz-cf-id: L6kQ-rrvX5PHKCEkn2bxIO6zjiKV8HWkhwPyq4jWEZbBqIRiDAR7PA==

GET
DATA 200
OK truncated
/ 42 B
0 Image
image/webp

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: c90cff659645a312a28804965f3dbc34061338f7234ff5d6ddb2c57e9eadec15

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type: image/webp

GET
H2 200 flag_usa.svg
cdn.ekstrapoint.com/app/assets/icons/flags/ 7 KB
2 KB 39ms
37ms Image
image/svg+xml 13.226.159.105
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cdn.ekstrapoint.com/app/assets/icons/flags/flag_usa.svg
Requested by: Host: ekstrapoint.com
URL: https://ekstrapoint.com/?showSignup=true&trkid=3901100d-8fc2-4c66-a08a-aed083da5af7&aid=5D9&mid=PPC&cb=161565635027&cb=1615656350284
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.226.159.105 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-226-159-105.dus51.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: c12080dd6c9bd2bca9f01d694df5e45973e77859c61c3bd59ca81a257db678bb

Request headers

Referer: https://ekstrapoint.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sat, 13 Mar 2021 03:04:40 GMT
content-encoding: gzip
last-modified: Mon, 01 Mar 2021 14:35:50 GMT
server: AmazonS3
x-amz-request-id: C12334121E6A884F
etag: W/"7f69e38321471fd24f51fe8a58347f1f"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: image/svg+xml
via: 1.1 4ecd74dda94d7576e134fcdf16df8129.cloudfront.net (CloudFront)
cache-control: public, max-age=29030400
x-amz-cf-pop: DUS51-C1
x-amz-cf-id: nHuAQaIHdHyhDDRsrD2OKi0b3521mIRQXwRK4XQUM69kGpZV5TPksg==
x-amz-id-2: TI7UKc/Ej8WmdKYE1bem95jwpCl32tNRdx7miYIChBOkiUeM9En66umH5qpqvHEg2hn0DqKdVWk=

GET
H2 200 denmark.svg
cdn.ekstrapoint.com/app/assets/icons/flags/ 1 KB
1 KB 38ms
36ms Image
image/svg+xml 13.226.159.105
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cdn.ekstrapoint.com/app/assets/icons/flags/denmark.svg
Requested by: Host: ekstrapoint.com
URL: https://ekstrapoint.com/?showSignup=true&trkid=3901100d-8fc2-4c66-a08a-aed083da5af7&aid=5D9&mid=PPC&cb=161565635027&cb=1615656350284
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.226.159.105 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-226-159-105.dus51.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: fe5f0c4c9bf2d207ca70042810fb84710ff279f08a6fc72a31b2992d8cb56362

Request headers

Referer: https://ekstrapoint.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sat, 13 Mar 2021 03:59:29 GMT
content-encoding: gzip
last-modified: Wed, 24 Feb 2021 12:42:50 GMT
server: AmazonS3
x-amz-request-id: EFE58BB5D4548EDF
etag: W/"be60e04c3690a1add6daf24cf29db4c1"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: image/svg+xml
via: 1.1 4ecd74dda94d7576e134fcdf16df8129.cloudfront.net (CloudFront)
cache-control: public, max-age=29030400
x-amz-cf-pop: DUS51-C1
x-amz-cf-id: avEDzzaDTt36hadcL_NcqquLpWqFatSaqd5twDSCXo1m88dSGDA8HA==
x-amz-id-2: 4bwmxg6sXLm8TLVWEHKcOFXAcg/FQji4R0406h004zwNFDc6FxME3kgQ1rDDNKX1HC4A9bLnvVY=

GET
H2 200 german.svg
cdn.ekstrapoint.com/app/assets/icons/flags/ 944 B
1 KB 37ms
36ms Image
image/svg+xml 13.226.159.105
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cdn.ekstrapoint.com/app/assets/icons/flags/german.svg
Requested by: Host: ekstrapoint.com
URL: https://ekstrapoint.com/?showSignup=true&trkid=3901100d-8fc2-4c66-a08a-aed083da5af7&aid=5D9&mid=PPC&cb=161565635027&cb=1615656350284
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.226.159.105 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-226-159-105.dus51.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 986552903856b995425777caa1ce31fdb11fb3f6a28027e79013abb5173500a5

Request headers

Referer: https://ekstrapoint.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sat, 13 Mar 2021 02:32:13 GMT
via: 1.1 4ecd74dda94d7576e134fcdf16df8129.cloudfront.net (CloudFront)
last-modified: Wed, 24 Feb 2021 12:42:50 GMT
server: AmazonS3
x-amz-request-id: 47BFEEAEEEA6D9FE
etag: "5c9661f66b30896a0667a78ea18f2847"
x-cache: Hit from cloudfront
content-type: image/svg+xml
cache-control: public, max-age=29030400
x-amz-cf-pop: DUS51-C1
accept-ranges: bytes
content-length: 944
x-amz-id-2: 7BRJS6sErSk8BVolHqc9LP6KNHXZQm3INneYsG7pWFRRFoivmDPTCPYbBzxEE5MgNsBk1OVaMic=
x-amz-cf-id: nZJHgBfhBpvYKT1fzZaOGbwgduOjFzLAzbCDXg8ALFLyJPwPSkccbw==

GET
H2 200 norway.svg
cdn.ekstrapoint.com/app/assets/icons/flags/ 1 KB
1 KB 39ms
37ms Image
image/svg+xml 13.226.159.105
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cdn.ekstrapoint.com/app/assets/icons/flags/norway.svg
Requested by: Host: ekstrapoint.com
URL: https://ekstrapoint.com/?showSignup=true&trkid=3901100d-8fc2-4c66-a08a-aed083da5af7&aid=5D9&mid=PPC&cb=161565635027&cb=1615656350284
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.226.159.105 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-226-159-105.dus51.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: f5bb30e2b983d5c294b17417b62ccdbd525106b90df5a7e633e91bc4e80a909d

Request headers

Referer: https://ekstrapoint.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sat, 13 Mar 2021 01:39:47 GMT
content-encoding: gzip
last-modified: Mon, 01 Mar 2021 14:35:50 GMT
server: AmazonS3
x-amz-request-id: 07AB199057ED51B5
etag: W/"ed7007a8bcaebe0ad93e2a01bdd06b34"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: image/svg+xml
via: 1.1 4ecd74dda94d7576e134fcdf16df8129.cloudfront.net (CloudFront)
cache-control: public, max-age=29030400
x-amz-cf-pop: DUS51-C1
x-amz-cf-id: MmxxrvBYgqS4AaAQrAFdJ_XHIBQmTpuNWWE6xkJJUyzIgdk6f4PBiw==
x-amz-id-2: WZz6eQ89o3xNqity/XaziT+cmgpLf2PX+k04Z78cj0NkNG2M97pxBkCTriLPZhP388YElyeNyS0=

GET
H2 200 finland.svg
cdn.ekstrapoint.com/app/assets/icons/flags/ 1 KB
1 KB 39ms
38ms Image
image/svg+xml 13.226.159.105
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cdn.ekstrapoint.com/app/assets/icons/flags/finland.svg
Requested by: Host: ekstrapoint.com
URL: https://ekstrapoint.com/?showSignup=true&trkid=3901100d-8fc2-4c66-a08a-aed083da5af7&aid=5D9&mid=PPC&cb=161565635027&cb=1615656350284
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.226.159.105 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-226-159-105.dus51.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 64ab34dae9b08035f9efcecde836424cd641238a3478dc29bd137428175555bd

Request headers

Referer: https://ekstrapoint.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sat, 13 Mar 2021 04:02:31 GMT
content-encoding: gzip
last-modified: Mon, 01 Mar 2021 14:35:50 GMT
server: AmazonS3
x-amz-request-id: 7A794ADFE7F2A8DA
etag: W/"cd86ae8f1d5814a032f33898f624d56e"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: image/svg+xml
via: 1.1 4ecd74dda94d7576e134fcdf16df8129.cloudfront.net (CloudFront)
cache-control: public, max-age=29030400
x-amz-cf-pop: DUS51-C1
x-amz-cf-id: oAAnWVbyMzHW20GFBcPjyOcdW_5gm3gNWEGerX7enWplqaZ2ANofUA==
x-amz-id-2: uAFFmy1yA6FphjLsQsKyIfoflQfwE7d66ghftHpQ0SzElEjw78UuPVe+E8C9m0k0nMxkiB7PkRQ=

GET
H2 200 sweden.svg
cdn.ekstrapoint.com/app/assets/icons/flags/ 1 KB
1 KB 47ms
46ms Image
image/svg+xml 13.226.159.105
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cdn.ekstrapoint.com/app/assets/icons/flags/sweden.svg
Requested by: Host: ekstrapoint.com
URL: https://ekstrapoint.com/?showSignup=true&trkid=3901100d-8fc2-4c66-a08a-aed083da5af7&aid=5D9&mid=PPC&cb=161565635027&cb=1615656350284
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.226.159.105 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-226-159-105.dus51.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 7e4eebbb2512c8214176b060899d400d653dee8ed7e18d32de127786f686dc4f

Request headers

Referer: https://ekstrapoint.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sat, 13 Mar 2021 02:32:13 GMT
content-encoding: gzip
last-modified: Wed, 24 Feb 2021 12:42:50 GMT
server: AmazonS3
x-amz-request-id: 03D2F410B1E71837
etag: W/"0e68a7c8709c45ee2cb0e430887e569a"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: image/svg+xml
via: 1.1 4ecd74dda94d7576e134fcdf16df8129.cloudfront.net (CloudFront)
cache-control: public, max-age=29030400
x-amz-cf-pop: DUS51-C1
x-amz-cf-id: fmHlsJ8Z31Qtxdj69L7XSMaYTNZ3Wh0MWN_IRdkuDxgRpphoVnnmCA==
x-amz-id-2: tCrW9w+CBYl5CP7rRZjjg2j0/efks6heJSARRoCYR3rLpOrh8hYtECnzKkdUz2kBBtGfP6SBN1o=

GET
H2 200 ep-coin-yellow-black.8c0d368c3046ca28e98e.svg
cdn.ekstrapoint.com/app/ 834 B
1 KB 36ms
35ms Image
image/svg+xml 13.226.159.105
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cdn.ekstrapoint.com/app/ep-coin-yellow-black.8c0d368c3046ca28e98e.svg
Requested by: Host: ekstrapoint.com
URL: https://ekstrapoint.com/?showSignup=true&trkid=3901100d-8fc2-4c66-a08a-aed083da5af7&aid=5D9&mid=PPC&cb=161565635027&cb=1615656350284
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.226.159.105 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-226-159-105.dus51.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 69115920f993c637eb5fbefea1c282f586e9aaf6031d8c0f75a2721683773d06

Request headers

Referer: https://ekstrapoint.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sat, 13 Mar 2021 03:22:44 GMT
via: 1.1 4ecd74dda94d7576e134fcdf16df8129.cloudfront.net (CloudFront)
last-modified: Mon, 01 Mar 2021 14:35:51 GMT
server: AmazonS3
x-amz-request-id: DE30B2EEB86FE400
etag: "8c0d368c3046ca28e98e8940e330bdf2"
x-cache: Hit from cloudfront
content-type: image/svg+xml
cache-control: public, max-age=29030400
x-amz-cf-pop: DUS51-C1
accept-ranges: bytes
content-length: 834
x-amz-id-2: lfBFfcnpZBEm6nAU8B/Jf4HPTy80skvZKci9VrQnF7SSU2oDB+OpMMg3PeS3PIVPrTJlm5V2X38=
x-amz-cf-id: tFRvTbVNHpEV8dmT2xjq9AfnmcZiM8L00zfRh1JKbdwR-fbjfm35Dg==

GET
H2 200 signup_top-banner.png
cdn.ekstrapoint.com/app/assets/ 19 KB
20 KB 40ms
39ms Image
image/png 13.226.159.105
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cdn.ekstrapoint.com/app/assets/signup_top-banner.png
Requested by: Host: ekstrapoint.com
URL: https://ekstrapoint.com/?showSignup=true&trkid=3901100d-8fc2-4c66-a08a-aed083da5af7&aid=5D9&mid=PPC&cb=161565635027&cb=1615656350284
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.226.159.105 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-226-159-105.dus51.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 1db13da87f8ca70aec2cff9a4da2de38a7945d1b0961628cd301a2331136ff30

Request headers

Referer: https://ekstrapoint.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sat, 13 Mar 2021 04:20:08 GMT
via: 1.1 4ecd74dda94d7576e134fcdf16df8129.cloudfront.net (CloudFront)
last-modified: Mon, 01 Mar 2021 14:35:51 GMT
server: AmazonS3
x-amz-request-id: 51E8E322EBEB0D96
etag: "644ebd4a27a788a3df82cb57870532b2"
x-cache: Hit from cloudfront
content-type: image/png
cache-control: public, max-age=29030400
x-amz-cf-pop: DUS51-C1
accept-ranges: bytes
content-length: 19528
x-amz-id-2: BccHNS+dDZH926a1JASB+C+zcSnvVfLY9TFoC6ZVpuQ1aXDT2o7t8dNBDKpabCzXLRH+l4XpyQg=
x-amz-cf-id: weJNMJhELo4z1lXkBZNiWbat0aQQtLCD046IsS9uS7dTf6wj2KzNiA==

GET
H2 200 EP-Header-Slot_cloudinary.png
res.cloudinary.com/vitamediagroup/image/upload/c_scale,f_auto,h_500,q_auto/v1611746951/prod/HERO_MAIN/ 52 KB
53 KB 12ms
11ms Image
image/webp 2a04:4e42:3::393
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://res.cloudinary.com/vitamediagroup/image/upload/c_scale,f_auto,h_500,q_auto/v1611746951/prod/HERO_MAIN/EP-Header-Slot_cloudinary.png

Requested by

Host: ekstrapoint.com
URL: https://ekstrapoint.com/?showSignup=true&trkid=3901100d-8fc2-4c66-a08a-aed083da5af7&aid=5D9&mid=PPC&cb=161565635027&cb=1615656350284

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a04:4e42:3::393 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Cloudinary /

Resource Hash

b8bf8cf6aad10dbb83c0b38f7dc9bb3192db6d42b1ff9dcd90e54b2d5070d370

Security Headers

Name	Value
Strict-Transport-Security	max-age=604800
X-Content-Type-Options	nosniff

Request headers

Referer: https://ekstrapoint.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sat, 13 Mar 2021 17:25:51 GMT
x-content-type-options: nosniff
content-disposition: inline; filename="EP-Header-Slot_cloudinary.webp"
server-timing: fastly;dur=2;cpu=1;start=2021-03-13T17:25:51.487Z;desc=hit,rtt;dur=5
vary: Save-Data
content-length: 53640
last-modified: Wed, 27 Jan 2021 11:29:18 GMT
server: Cloudinary
etag: "a8d05e8e5d9b8ce64c019b5d6e05a504"
strict-transport-security: max-age=604800
content-type: image/webp
access-control-allow-origin: *
access-control-expose-headers: Content-Length,Content-Disposition,ETag,Server-Timing,Vary,X-Content-Type-Options
cache-control: private, no-transform, immutable, max-age=2592000
accept-ranges: bytes
timing-allow-origin: *

GET
H2 200 New-Hero-Image-logo_cloudinary.png
res.cloudinary.com/vitamediagroup/image/upload/c_scale,f_auto,q_auto,w_1320/v1611672002/prod/HERO/ 5 KB
5 KB 13ms
12ms Image
image/webp 2a04:4e42:3::393
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://res.cloudinary.com/vitamediagroup/image/upload/c_scale,f_auto,q_auto,w_1320/v1611672002/prod/HERO/New-Hero-Image-logo_cloudinary.png

Requested by

Host: ekstrapoint.com
URL: https://ekstrapoint.com/?showSignup=true&trkid=3901100d-8fc2-4c66-a08a-aed083da5af7&aid=5D9&mid=PPC&cb=161565635027&cb=1615656350284

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a04:4e42:3::393 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Cloudinary /

Resource Hash

6b6036436f13f9f4e95a736abb562c8dad23cb3198af0c6aded51abd91f3029c

Security Headers

Name	Value
Strict-Transport-Security	max-age=604800
X-Content-Type-Options	nosniff

Request headers

Referer: https://ekstrapoint.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sat, 13 Mar 2021 17:25:51 GMT
x-content-type-options: nosniff
content-disposition: inline; filename="New-Hero-Image-logo_cloudinary.webp"
server-timing: fastly;dur=1;start=2021-03-13T17:25:51.487Z;desc=hit,rtt;dur=5
vary: Save-Data
content-length: 4664
last-modified: Tue, 26 Jan 2021 14:40:07 GMT
server: Cloudinary
etag: "76c544be95a0db7efdd35dedce65b86f"
strict-transport-security: max-age=604800
content-type: image/webp
access-control-allow-origin: *
access-control-expose-headers: Content-Length,Content-Disposition,ETag,Server-Timing,Vary,X-Content-Type-Options
cache-control: private, no-transform, immutable, max-age=2592000
accept-ranges: bytes
timing-allow-origin: *

GET
H2 200 avatar--white.svg
cdn.ekstrapoint.com/app/assets/icons/ 21 KB
15 KB 39ms
38ms Image
image/svg+xml 13.226.159.105
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cdn.ekstrapoint.com/app/assets/icons/avatar--white.svg
Requested by: Host: ekstrapoint.com
URL: https://ekstrapoint.com/?showSignup=true&trkid=3901100d-8fc2-4c66-a08a-aed083da5af7&aid=5D9&mid=PPC&cb=161565635027&cb=1615656350284
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.226.159.105 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-226-159-105.dus51.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: a24d68ae9a623f0c54cec8a758c12e4c708845d7a30e7c7ac6df33accc0b509a

Request headers

Referer: https://ekstrapoint.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sat, 13 Mar 2021 04:41:31 GMT
content-encoding: gzip
last-modified: Mon, 01 Mar 2021 14:35:50 GMT
server: AmazonS3
x-amz-request-id: FFD5567D96F5BC2D
etag: W/"b63d69dd3b45728a4ffd887c9a411d8e"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: image/svg+xml
via: 1.1 4ecd74dda94d7576e134fcdf16df8129.cloudfront.net (CloudFront)
cache-control: public, max-age=29030400
x-amz-cf-pop: DUS51-C1
x-amz-cf-id: XIz3zZKWD9lWUkqZsOPXLL-GHFmylUEsmK0mAqMlpsW-aTrHPN8s3w==
x-amz-id-2: RQnxY3WsFbSDxLfZprqtufaSnyjptfJLBRxAx7OydJgKQgl8kOutxqejWhtTZEWcQvxGkFaVoLo=

GET
H2 200 sdk.js Show response
connect.facebook.net/en_US/ 197 KB
60 KB 19ms
6ms Script
application/x-javascript 2a03:2880:f02d:12:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/en_US/sdk.js?hash=089c444bc4bd2685bec3bff9764d7aca&ua=modern_es6

Requested by

Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/sdk.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f02d:12:face:b00c:0:3 , United States, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

c060e3647992ad67f4157d98376c053afff3d3736b24a32f76a121c5c7d4626a

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY

Request headers

Origin: https://ekstrapoint.com
Referer: https://ekstrapoint.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; preload; includeSubDomains
content-encoding: gzip
x-content-type-options: nosniff
content-md5: 2bnYogPSktyOWWUmOjVPZw==
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=3600,h3-27=":443"; ma=3600
content-length: 60548
x-fb-rlafr: 0
x-fb-debug: 5fbw+gwgXhNgciT7nqb5WZcxelcSWrNOkREo/ZsfIxA1coDjlB81TBil6hnjM99lUYy90Lx6JiBKpt+FGr7V6g==
x-fb-trip-id: 917726464
x-fb-content-md5: 9336c7b3db93bb69eb5a28602a33a9c4
x-frame-options: DENY
date: Sat, 13 Mar 2021 17:25:51 GMT
vary: Accept-Encoding
content-type: application/x-javascript; charset=utf-8
access-control-allow-origin: *
access-control-expose-headers: X-FB-Content-MD5
cache-control: public,max-age=31536000,stale-while-revalidate=3600,immutable
etag: "d49a0af3b37019e40bf6046bc6e83e96"
timing-allow-origin: *
priority: u=3,i
expires: Sun, 13 Mar 2022 16:06:52 GMT

GET
H2 200 94m358m7.js Show response
l.getsitecontrol.com/ 504 B
1 KB 89ms
22ms Script
text/javascript 62.113.194.12
TTM

General

Check archive.org

Show headers Download Go to

Full URL: https://l.getsitecontrol.com/94m358m7.js
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-W2W7HTS
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 62.113.194.12 Berlin, Germany, ASN47447 (TTM, DE),
Reverse DNS: edge-481.b-cdn.net
Software: BunnyCDN-DE1-481 /
Resource Hash: 544d87f178536371f5053ac2f88dbb57296eca73a2bc6a06920a7571e3a3eecf

Request headers

Referer: https://ekstrapoint.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sat, 13 Mar 2021 17:25:51 GMT
content-encoding: br
cdn-edgestorageid: 481, 718, 718
x-amz-request-id: 1W6W0G3T2HAVEPER
access-control-expose-headers: Server, x-goog-meta-frames, Content-Length, Content-Type, Range, X-Requested-With, If-Modified-Since, If-None-Match
cdn-cachedat: 2021-03-07 13:33:10
cdn-pullzone: 89704
access-control-allow-headers: Server, x-goog-meta-frames, Content-Length, Content-Type, Range, X-Requested-With, If-Modified-Since, If-None-Match
x-amz-id-2: 6H2UXTXfojB4gjOpqX0yQ1vzw2nxp5eI79tZojNb3fyWbODAqrSaq74nHPWDQ3B85v91PpluPeI=
access-control-allow-origin: *
last-modified: Mon, 22 Feb 2021 10:22:41 GMT
server: BunnyCDN-DE1-481
cdn-requestpullcode: 200
vary: Accept-Encoding
content-type: text/javascript; charset=utf-8
cdn-cache: HIT
cdn-uid: e3a1246b-2fdd-4153-9207-6ca707c9379d
cache-control: public, max-age=2592000
cdn-requestid: 4ea22be4523e6b2cf58ef0c376a5986a
cdn-requestcountrycode: DE
cdn-requestpullsuccess: True

GET
H2 200 OneSignalSDK.js Show response
cdn.onesignal.com/sdks/ 9 KB
3 KB 35ms
13ms Script
application/javascript 2606:4700::6812:e234
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.onesignal.com/sdks/OneSignalSDK.js
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-W2W7HTS
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 2606:4700::6812:e234 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: f877a798b0af17fb62564cc4a3b2c8f1fb76398c7e3156eae984fafe175bf4c3

Request headers

Referer: https://ekstrapoint.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sat, 13 Mar 2021 17:25:51 GMT
content-encoding: gzip
cf-cache-status: HIT
server: cloudflare
age: 3548
etag: W/"29e3b92597e716694def18b1f85abbfb"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: application/javascript
cache-control: public, max-age=259200
cf-ray: 62f6f6c53a140eb3-FRA
cf-request-id: 08ce388f4800000eb3420f4000000001
expires: Tue, 16 Mar 2021 17:25:51 GMT

GET
H2 200 fbevents.js Show response
connect.facebook.net/en_US/ 91 KB
23 KB 7ms
6ms Script
application/x-javascript 2a03:2880:f02d:12:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/en_US/fbevents.js

Requested by

Host: mx2.serviceclientorange.dyg.fr
URL: https://mx2.serviceclientorange.dyg.fr/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f02d:12:face:b00c:0:3 , United States, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

9e7ea2b4ba8e2bcc4a964d6192e4671dc5f6863a1c7e35b52b229a3c1e67a68d

Security Headers

Name	Value
Content-Security-Policy	default-src facebook.net .facebook.net fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com data: blob: 'self';script-src .fbcdn.net .facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net .facebook.net fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com;connect-src .fbcdn.net .facebook.net attachment.fbsbx.com blob: 'self' chrome-extension://boadgeojelhgndaghljhdicfkmllpafd chrome-extension://dliochdbjfkdbacpmhlcpmleaejidimm;block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c;
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

Referer: https://ekstrapoint.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

content-security-policy: default-src facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com data: blob: 'self';script-src *.fbcdn.net *.facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net attachment.fbsbx.com blob: 'self' chrome-extension://boadgeojelhgndaghljhdicfkmllpafd chrome-extension://dliochdbjfkdbacpmhlcpmleaejidimm;block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c;
content-encoding: gzip
x-content-type-options: nosniff
x-xss-protection: 0
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=3600,h3-27=":443"; ma=3600
content-length: 23762
x-fb-rlafr: 0
pragma: public
x-fb-debug: gINstY9PQ1tOnq5KsVORcR8RGJiK87niauWgdB2JnGceDfHgdkbjTpvdgIXDvZt/dPyMtm7RHQsPTF1RuFmnZg==
x-fb-trip-id: 917726464
x-frame-options: DENY
date: Sat, 13 Mar 2021 17:25:51 GMT
strict-transport-security: max-age=31536000; preload; includeSubDomains
content-type: application/x-javascript; charset=utf-8
vary: Accept-Encoding
cache-control: public, max-age=1200
expires: Sat, 01 Jan 2000 00:00:00 GMT

GET
H2 200 widget.js Show response
wchat.freshchat.com/js/ 44 KB
14 KB 389ms
186ms Script
application/javascript 52.206.164.102
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL

https://wchat.freshchat.com/js/widget.js

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-W2W7HTS

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

52.206.164.102 Ashburn, United States, ASN14618 (AMAZON-AES, US),

Reverse DNS

ec2-52-206-164-102.compute-1.amazonaws.com

Software

nginx /

Resource Hash

01f35ecfed1871c910bed05c644d93d9fc45854ca36e7988d3324db7300ea4de

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	1; mode=block

Request headers

Referer: https://ekstrapoint.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sat, 13 Mar 2021 17:25:51 GMT
served-by: 2601
last-modified: Thu, 11 Mar 2021 10:18:43 GMT
server: nginx
strict-transport-security: max-age=31536000; includeSubDomains
content-type: application/javascript
cache-control: no-cache, no-cache, no-store, must-revalidate, pre-check=0, post-check=0
x-server: 2601
content-encoding: gzip
x-xss-protection: 1; mode=block
expires: Thu, 01 Jan 1970 00:00:01 GMT

GET
H2 200 analytics.js Show response
www.google-analytics.com/ 46 KB
19 KB 6ms
6ms Script
text/javascript 2a00:1450:4001:828::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/analytics.js

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-W2W7HTS

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:828::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

0f3be44690ae9914ae3e47b7752e1bdea316f09938e9094f99e0de19ccd8987a

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://ekstrapoint.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

strict-transport-security: max-age=10886400; includeSubDomains; preload
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Fri, 05 Feb 2021 21:33:27 GMT
server: Golfe2
age: 7046
date: Sat, 13 Mar 2021 15:28:25 GMT
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=7200
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 18980
expires: Sat, 13 Mar 2021 17:28:25 GMT

GET
H3-Q050 200 cb=gapi.loaded_0 Show response
apis.google.com/_/scs/apps-static/_/js/k=oz.gapi.en_US._62Wsnwv-UM.O/m=auth2/rt=j/sv=1/d=1/ed=1/am=wQ/rs=AGLTcCP3ho00qv2vB9ExGbDMGLpNMMv4Vw/ 103 KB
34 KB 40ms
21ms Script
text/javascript 2a00:1450:4001:80e::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://apis.google.com/_/scs/apps-static/_/js/k=oz.gapi.en_US._62Wsnwv-UM.O/m=auth2/rt=j/sv=1/d=1/ed=1/am=wQ/rs=AGLTcCP3ho00qv2vB9ExGbDMGLpNMMv4Vw/cb=gapi.loaded_0

Requested by

Host: apis.google.com
URL: https://apis.google.com/js/platform.js

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80e::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

57c06d6d9ee0cdce4645808f201e49ee1e5ac692ce485098dc017fe932ea0bc1

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://ekstrapoint.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 09 Mar 2021 07:06:22 GMT
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Wed, 03 Feb 2021 23:33:57 GMT
server: sffe
age: 382769
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, immutable, max-age=31536000
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 34839
x-xss-protection: 0
expires: Wed, 09 Mar 2022 07:06:22 GMT

POST
H3-Q050 200 collect Show response
www.google-analytics.com/j/ 2 B
67 B 13ms
13ms XHR
text/plain 2a00:1450:4001:828::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/j/collect?v=1&_v=j88&a=755666468&t=pageview&_s=1&dl=https%3A%2F%2Fekstrapoint.com%2F%3FshowSignup%3Dtrue%26trkid%3D3901100d-8fc2-4c66-a08a-aed083da5af7%26aid%3D5D9%26mid%3DPPC%26cb%3D161565635027%26cb%3D1615656350284&dr=https%3A%2F%2Flt.theplayadvisor.com%2F&dp=%2F%2F%3FshowSignup%3Dtrue%26trkid%3D3901100d-8fc2-4c66-a08a-aed083da5af7%26aid%3D5D9%26mid%3DPPC%26cb%3D161565635027%26cb%3D1615656350284&ul=en-us&de=UTF-8&dt=Free%20Online%20Casino%20Games%20%26%20Slots%20%7C%20Real%20Prizes%20%7C%20EkstraPoint&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=YEBAAEABAAAAAC~&jid=1514834671&gjid=860390024&cid=1040327025.1615656352&tid=UA-120989112-2&_gid=19244818.1615656352&_r=1&gtm=2wg330W2W7HTS&cd2=0&z=1777604076

Requested by

Host: cdn.ekstrapoint.com
URL: https://cdn.ekstrapoint.com/app/polyfills-es2015.3bdb7cad8cfe7f02e116.js

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:828::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

de3246094525b21a870fc7d2a67490d0132535c6fa5993755c549f1a9d1bd8af

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://ekstrapoint.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Sat, 13 Mar 2021 17:25:51 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://ekstrapoint.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 2
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 918228268916911 Show response
connect.facebook.net/signals/config/ 240 KB
69 KB 6ms
6ms Script
application/x-javascript 2a03:2880:f02d:12:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/signals/config/918228268916911?v=2.9.33&r=stable

Requested by

Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/fbevents.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f02d:12:face:b00c:0:3 , United States, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

fbc21b81561a7b82642b6b1a4894de23b6855551fe13c21ba5d28f8dcd18bb95

Security Headers

Name	Value
Content-Security-Policy	default-src * data: blob: 'self';script-src .facebook.com .fbcdn.net .facebook.net .google-analytics.com .virtualearth.net .google.com 127.0.0.1:* .spotilocal.com: 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' ;connect-src .facebook.com facebook.com .fbcdn.net .facebook.net .spotilocal.com: wss://.facebook.com: https://fb.scanandcleanlocal.com:* attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self';block-all-mixed-content;upgrade-insecure-requests;
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

Referer: https://ekstrapoint.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

content-security-policy: default-src * data: blob: 'self';script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.virtualearth.net *.google.com 127.0.0.1:* *.spotilocal.com:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net *.spotilocal.com:* wss://*.facebook.com:* https://fb.scanandcleanlocal.com:* attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self';block-all-mixed-content;upgrade-insecure-requests;
content-encoding: gzip
x-content-type-options: nosniff
x-xss-protection: 0
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=3600,h3-27=":443"; ma=3600
content-length: 70488
x-fb-rlafr: 0
pragma: public
x-fb-debug: L/kCQwBunSfII64E4TrTuBhlrqeXzr8yMVH6zfNqbLgD1FVryHvH5wd8r/23pNnspefU7QH0KmDmGaTJ8qdHOQ==
x-fb-trip-id: 917726464
x-frame-options: DENY
date: Sat, 13 Mar 2021 17:25:51 GMT
strict-transport-security: max-age=31536000; preload; includeSubDomains
content-type: application/x-javascript; charset=utf-8
vary: Accept-Encoding
cache-control: public, max-age=1200
priority: u=3,i
expires: Sat, 01 Jan 2000 00:00:00 GMT

POST
H2 200 collect Show response
stats.g.doubleclick.net/j/ 4 B
89 B 15ms
14ms XHR
text/plain 2a00:1450:400c:c09::9a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://stats.g.doubleclick.net/j/collect?t=dc&aip=1&_r=3&v=1&_v=j88&tid=UA-120989112-2&cid=1040327025.1615656352&jid=1514834671&gjid=860390024&_gid=19244818.1615656352&_u=YEBAAEAAAAAAAC~&z=494751721

Requested by

Host: cdn.ekstrapoint.com
URL: https://cdn.ekstrapoint.com/app/polyfills-es2015.3bdb7cad8cfe7f02e116.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400c:c09::9a Brussels, Belgium, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

84e01419bd81f32ac6df0f75f49c604fda9172000a3ae432b3c47b2a6a712d80

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://ekstrapoint.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
strict-transport-security: max-age=10886400; includeSubDomains; preload
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
date: Sat, 13 Mar 2021 17:25:51 GMT
content-type: text/plain
access-control-allow-origin: https://ekstrapoint.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 4
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 /
www.facebook.com/tr/ 44 B
259 B 6ms
6ms Image
image/gif 2a03:2880:f12d:83:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.facebook.com/tr/?id=1805945856125033&ev=fb_page_view&dl=https%3A%2F%2Fekstrapoint.com%2F%3FshowSignup%3Dtrue%26trkid%3D3901100d-8fc2-4c66-a08a-aed083da5af7%26aid%3D5D9%26mid%3DPPC%26cb%3D161565635027%26cb%3D1615656350284&rl=https%3A%2F%2Flt.theplayadvisor.com%2F&if=false&ts=1615656351598&sw=1600&sh=1200&at=

Requested by

Host: ekstrapoint.com
URL: https://ekstrapoint.com/?showSignup=true&trkid=3901100d-8fc2-4c66-a08a-aed083da5af7&aid=5D9&mid=PPC&cb=161565635027&cb=1615656350284

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f12d:83:face:b00c:0:25de , United States, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

proxygen-bolt /

Resource Hash

10d8d42d73a02ddb877101e72fbfa15a0ec820224d97cedee4cf92d571be5caa

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Referer: https://ekstrapoint.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sat, 13 Mar 2021 17:25:51 GMT
last-modified: Fri, 21 Dec 2012 00:00:01 GMT
server: proxygen-bolt
strict-transport-security: max-age=31536000; includeSubDomains
content-type: image/gif
cache-control: no-cache, must-revalidate, max-age=0
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=3600,h3-27=":443"; ma=3600
content-length: 44
expires: Sat, 13 Mar 2021 17:25:51 GMT

GET
H2 200 iframe Show response
accounts.google.com/o/oauth2/ Frame B211 513 B
555 B 15ms
15ms Document
text/html 2a00:1450:4001:80e::200d
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://accounts.google.com/o/oauth2/iframe

Requested by

Host: apis.google.com
URL: https://apis.google.com/_/scs/apps-static/_/js/k=oz.gapi.en_US._62Wsnwv-UM.O/m=auth2/rt=j/sv=1/d=1/ed=1/am=wQ/rs=AGLTcCP3ho00qv2vB9ExGbDMGLpNMMv4Vw/cb=gapi.loaded_0

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80e::200d Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

ca7945f4b8aafb2115be0ab37260a21800a48d7311d77e6b562e4a567c8dfdb8

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-AtzzDDax0BO1hmrRZX8qlw' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri /o/cspreport
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: accounts.google.com
:scheme: https
:path: /o/oauth2/iframe
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://ekstrapoint.com/
accept-encoding: gzip, deflate, br
accept-language: en-US
cookie: NID=211=iMT3xeN8IHVqAdJspbB0FUqeEkwsfRYyXUOD-zTbv6nEYrltk7ZSprG9SfMJ2-JCL35iMaN2wIRbKOelk4kgZgv0VpXcz36PUeYxl8eFw9QOfTNQXbKrfbf7_yAfhS3lDE-Q0qRaJvcEy3bdbIl-msnEIIB4zswrFCNdgnEyNpA
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://ekstrapoint.com/

Response headers

content-type: text/html; charset=utf-8
cache-control: no-cache, no-store, max-age=0, must-revalidate
pragma: no-cache
expires: Mon, 01 Jan 1990 00:00:00 GMT
date: Sat, 13 Mar 2021 17:25:51 GMT
content-language: en-US
content-security-policy: script-src 'report-sample' 'nonce-AtzzDDax0BO1hmrRZX8qlw' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri /o/cspreport
content-encoding: gzip
server: ESF
x-xss-protection: 0
x-content-type-options: nosniff
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H2 200 ga-audiences
www.google.com/ads/ 42 B
107 B 30ms
30ms Image
image/gif 2a00:1450:4001:810::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.com/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j88&tid=UA-120989112-2&cid=1040327025.1615656352&jid=1514834671&_u=YEBAAEAAAAAAAC~&z=1045955104

Requested by

Host: ekstrapoint.com
URL: https://ekstrapoint.com/?showSignup=true&trkid=3901100d-8fc2-4c66-a08a-aed083da5af7&aid=5D9&mid=PPC&cb=161565635027&cb=1615656350284

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:810::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://ekstrapoint.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 13 Mar 2021 17:25:51 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 ga-audiences
www.google.de/ads/ 42 B
107 B 30ms
29ms Image
image/gif 2a00:1450:4001:810::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.de/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j88&tid=UA-120989112-2&cid=1040327025.1615656352&jid=1514834671&_u=YEBAAEAAAAAAAC~&z=1045955104

Requested by

Host: ekstrapoint.com
URL: https://ekstrapoint.com/?showSignup=true&trkid=3901100d-8fc2-4c66-a08a-aed083da5af7&aid=5D9&mid=PPC&cb=161565635027&cb=1615656350284

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:810::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://ekstrapoint.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 13 Mar 2021 17:25:51 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 /
www.facebook.com/tr/ 44 B
101 B 6ms
6ms Image
image/gif 2a03:2880:f12d:83:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.facebook.com/tr/?id=918228268916911&ev=PageView&dl=https%3A%2F%2Fekstrapoint.com%2F%3FshowSignup%3Dtrue%26trkid%3D3901100d-8fc2-4c66-a08a-aed083da5af7%26aid%3D5D9%26mid%3DPPC%26cb%3D161565635027%26cb%3D1615656350284&rl=https%3A%2F%2Flt.theplayadvisor.com%2F&if=false&ts=1615656351623&sw=1600&sh=1200&v=2.9.33&r=stable&ec=0&o=30&fbp=fb.1.1615656351622.188156797&it=1615656351588&coo=false&rqm=GET

Requested by

Host: ekstrapoint.com
URL: https://ekstrapoint.com/?showSignup=true&trkid=3901100d-8fc2-4c66-a08a-aed083da5af7&aid=5D9&mid=PPC&cb=161565635027&cb=1615656350284

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f12d:83:face:b00c:0:25de , United States, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

proxygen-bolt /

Resource Hash

10d8d42d73a02ddb877101e72fbfa15a0ec820224d97cedee4cf92d571be5caa

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Referer: https://ekstrapoint.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sat, 13 Mar 2021 17:25:51 GMT
last-modified: Fri, 21 Dec 2012 00:00:01 GMT
server: proxygen-bolt
strict-transport-security: max-age=31536000; includeSubDomains
content-type: image/gif
cache-control: no-cache, must-revalidate, max-age=0
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=3600,h3-27=":443"; ma=3600
content-length: 44
expires: Sat, 13 Mar 2021 17:25:51 GMT

GET
H2 200 94m358m7.json Show response
l.getsitecontrol.com/ 235 KB
9 KB 186ms
133ms XHR
application/json 62.113.194.12
TTM

General

Check archive.org

Show headers Download Go to

Full URL: https://l.getsitecontrol.com/94m358m7.json
Requested by: Host: cdn.ekstrapoint.com
URL: https://cdn.ekstrapoint.com/app/polyfills-es2015.3bdb7cad8cfe7f02e116.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 62.113.194.12 Berlin, Germany, ASN47447 (TTM, DE),
Reverse DNS: edge-481.b-cdn.net
Software: BunnyCDN-DE1-481 /
Resource Hash: d61eea2bd44d66606af081dfd3b6b5a2ec7d8a2feefdefa22588c5b15ec66ec6

Request headers

Referer: https://ekstrapoint.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sat, 13 Mar 2021 17:25:51 GMT
content-encoding: br
cdn-edgestorageid: 481, 617
x-amz-request-id: 328AE79123AC50F1
access-control-expose-headers: Server, x-goog-meta-frames, Content-Length, Content-Type, Range, X-Requested-With, If-Modified-Since, If-None-Match
cdn-cachedat: 2021-02-22 10:32:58
cdn-pullzone: 89704
access-control-allow-headers: Server, x-goog-meta-frames, Content-Length, Content-Type, Range, X-Requested-With, If-Modified-Since, If-None-Match
x-amz-id-2: RCYz9h4+bKjlErOvZvIVtmnpVzV93tWrch/TSUMJ8X7J5w5LXzK6C9sazTVYVb0yh50FkDHOm7Q=
access-control-allow-origin: *
last-modified: Mon, 22 Feb 2021 10:22:41 GMT
server: BunnyCDN-DE1-481
cdn-requestpullcode: 200
vary: Accept-Encoding
content-type: application/json; charset=utf-8
cdn-cache: REVALIDATED
cdn-uid: e3a1246b-2fdd-4153-9207-6ca707c9379d
cache-control: public, max-age=5
cdn-requestid: edab4b94431efe760417b025db4e58ff
cdn-requestcountrycode: DE
cdn-requestpullsuccess: True

GET
H2 200 4071097310-idpiframe.js Show response
ssl.gstatic.com/accounts/o/ Frame B211 112 KB
38 KB 7ms
6ms Script
text/javascript 2a00:1450:4001:809::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://ssl.gstatic.com/accounts/o/4071097310-idpiframe.js

Requested by

Host: accounts.google.com
URL: https://accounts.google.com/o/oauth2/iframe

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:809::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

a1943a600956d093b6bdbd157ffea2a0a738342a1a7a454a31364c3aa41325fa

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://accounts.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 08 Mar 2021 20:17:48 GMT
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Fri, 05 Mar 2021 01:25:42 GMT
server: sffe
age: 421683
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=31536000
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 39191
x-xss-protection: 0
expires: Tue, 08 Mar 2022 20:17:48 GMT

GET
H3-Q050 200 iframerpc Show response
accounts.google.com/o/oauth2/ Frame B211 14 B
330 B 45ms
29ms XHR
application/json 2a00:1450:4001:80e::200d
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://accounts.google.com/o/oauth2/iframerpc?action=checkOrigin&origin=https%3A%2F%2Fekstrapoint.com&client_id=87028484655-eo8c0tb0uoo98tnsea24cn3aa5lmivg8.apps.googleusercontent.com

Requested by

Host: ssl.gstatic.com
URL: https://ssl.gstatic.com/accounts/o/4071097310-idpiframe.js

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80e::200d Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

8daf09a6fc31937457dd77e9c25ce4b21349d605b561a8c5d557841bf964c9a0

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://accounts.google.com/o/oauth2/iframe
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
X-Requested-With: XmlHttpRequest

Response headers

date: Sat, 13 Mar 2021 17:25:51 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: ESF
content-type: application/json; charset=utf-8
cache-control: public, max-age=3600
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 0
expires: Sat, 13 Mar 2021 18:25:51 GMT

GET
H2 200 runtime.d93f1c9.js Show response
s2.getsitecontrol.com/widgets/es6/ 160 KB
51 KB 85ms
27ms Script
text/javascript 185.59.220.199
CDN77 (^_^)/

General

Check archive.org

Show headers Download Go to

Full URL: https://s2.getsitecontrol.com/widgets/es6/runtime.d93f1c9.js
Requested by: Host: l.getsitecontrol.com
URL: https://l.getsitecontrol.com/94m358m7.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 185.59.220.199 Frankfurt am Main, Germany, ASN60068 (CDN77 (^_^)/, GB),
Reverse DNS: unn-185-59-220-199.datapacket.com
Software: BunnyCDN-DE1-722 /
Resource Hash: f1d2be5463322a0c3e57edc11de621e9d8c5a5b2ac52a5aad6170d6494f4d7c9

Request headers

Referer: https://ekstrapoint.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sat, 13 Mar 2021 17:25:51 GMT
content-encoding: br
cdn-edgestorageid: 601
x-amz-request-id: 6E27D1338A5737D9
access-control-expose-headers: Server, x-goog-meta-frames, Content-Length, Content-Type, Range, X-Requested-With, If-Modified-Since, If-None-Match
cdn-cachedat: 2021-02-04 12:18:34
cdn-pullzone: 83560
access-control-allow-headers: Server, x-goog-meta-frames, Content-Length, Content-Type, Range, X-Requested-With, If-Modified-Since, If-None-Match
x-amz-id-2: gQLuPE9o1+WlYE3TLVoJFAA08Q8K3n6OqabJE+bAcrJfWc1S+AgaPgikNdRplDhj8TUS2L+7YFQ=
access-control-allow-origin: *
last-modified: Thu, 04 Feb 2021 11:12:09 GMT
server: BunnyCDN-DE1-722
cdn-requestpullcode: 200
vary: Accept-Encoding
content-type: text/javascript; charset=utf-8
cdn-cache: HIT
cdn-uid: e3a1246b-2fdd-4153-9207-6ca707c9379d
cache-control: public, max-age=22809600
cdn-requestid: eb4d0071eff568f185aca3ecb55112b2
cdn-requestcountrycode: DE
cdn-requestpullsuccess: True

GET
H2 200 events Show response
dash.getsitecontrol.com/api/v1/ 467 B
715 B 316ms
103ms Fetch
text/plain 3.82.166.181
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://dash.getsitecontrol.com/api/v1/events?sid=0d3b7b91-f9c7-453d-98a1-7f575b70efe6
Requested by: Host: cdn.ekstrapoint.com
URL: https://cdn.ekstrapoint.com/app/polyfills-es2015.3bdb7cad8cfe7f02e116.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 3.82.166.181 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-3-82-166-181.compute-1.amazonaws.com
Software: Getsitecontrol /
Resource Hash: 6d8b45a6ed728514c8787c1d4794d0a3d7c1dbcda07a6061ccc1c7c3bc941315

Request headers

Referer: https://ekstrapoint.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sat, 13 Mar 2021 17:25:52 GMT
server: Getsitecontrol
access-control-allow-methods: GET,POST
content-type: text/plain; charset=utf-8
access-control-allow-origin: *
cache-control: private, no-cache
access-control-allow-credentials: false
access-control-allow-headers: Content-Type,X-Requested-With
content-length: 467

GET
H2 200 / Show response
wchat.freshchat.com/widget/ Frame B21D 5 KB
2 KB 101ms
101ms Document
text/html 52.206.164.102
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL

https://wchat.freshchat.com/widget/?token=f66f1fd5-3779-444d-9b9f-06c2dbc68e71&referrer=aHR0cHM6Ly9la3N0cmFwb2ludC5jb20=

Requested by

Host: wchat.freshchat.com
URL: https://wchat.freshchat.com/js/widget.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

52.206.164.102 Ashburn, United States, ASN14618 (AMAZON-AES, US),

Reverse DNS

ec2-52-206-164-102.compute-1.amazonaws.com

Software

nginx /

Resource Hash

145a7504826d9c288942da8f19cea483d440cd1c92ead7c1f77d6d88998fe2cf

Security Headers

Name	Value
Content-Security-Policy	style-src 'unsafe-inline' ; font-src 'self' data:; img-src 'self' * data:; connect-src 'self' ; script-src 'self' 'unsafe-eval' 'unsafe-inline' https://.freshchat.com https://.freshworksapi.com; child-src 'self' blob:; media-src 'self' https://.freshchat.com; manifest-src 'self' https://.freshchat.com; default-src 'none';
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	1; mode=block 1

Request headers

:method: GET
:authority: wchat.freshchat.com
:scheme: https
:path: /widget/?token=f66f1fd5-3779-444d-9b9f-06c2dbc68e71&referrer=aHR0cHM6Ly9la3N0cmFwb2ludC5jb20=
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://ekstrapoint.com/
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://ekstrapoint.com/

Response headers

date: Sat, 13 Mar 2021 17:25:52 GMT
content-type: text/html
server: nginx
last-modified: Thu, 11 Mar 2021 10:18:43 GMT
expires: Thu, 01 Jan 1970 00:00:01 GMT
cache-control: no-cache no-cache, no-store, must-revalidate, pre-check=0, post-check=0
x-xss-protection: 1; mode=block 1
strict-transport-security: max-age=31536000; includeSubDomains
served-by: 2601
x-server: 2601
content-security-policy: style-src 'unsafe-inline' *; font-src 'self' * data:; img-src 'self' * data:; connect-src 'self' *; script-src 'self' 'unsafe-eval' 'unsafe-inline' https://*.freshchat.com https://*.freshworksapi.com; child-src 'self' * blob:; media-src 'self' https://*.freshchat.com; manifest-src 'self' https://*.freshchat.com; default-src 'none';
content-encoding: gzip

GET
H2 200 widget.css
wchat.freshchat.com/css/ 7 KB
2 KB 101ms
101ms Stylesheet
text/css 52.206.164.102
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL

https://wchat.freshchat.com/css/widget.css?t=1615656351965

Requested by

Host: wchat.freshchat.com
URL: https://wchat.freshchat.com/js/widget.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

52.206.164.102 Ashburn, United States, ASN14618 (AMAZON-AES, US),

Reverse DNS

ec2-52-206-164-102.compute-1.amazonaws.com

Software

nginx /

Resource Hash

68de86e9cd4e23918bc0b670265741e54b1c4b969b3cfbd37ceca62dc0ef1fc2

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	1; mode=block

Request headers

Referer: https://ekstrapoint.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sat, 13 Mar 2021 17:25:52 GMT
served-by: 1911
last-modified: Thu, 11 Mar 2021 10:18:43 GMT
server: nginx
strict-transport-security: max-age=31536000; includeSubDomains
content-type: text/css
cache-control: max-age=31536000, no-cache, no-store, must-revalidate, pre-check=0, post-check=0, public
x-server: 1911
content-encoding: gzip
x-xss-protection: 1; mode=block
expires: Sun, 13 Mar 2022 17:25:52 GMT

GET
H2 200 vendor-cb48eae2d25974cb9e453b74e43d0225.css
assetscdn-wchat.freshchat.com/static/assets/ Frame B21D 5 KB
2 KB 63ms
20ms Stylesheet
text/css 13.226.159.126
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://assetscdn-wchat.freshchat.com/static/assets/vendor-cb48eae2d25974cb9e453b74e43d0225.css
Requested by: Host: wchat.freshchat.com
URL: https://wchat.freshchat.com/widget/?token=f66f1fd5-3779-444d-9b9f-06c2dbc68e71&referrer=aHR0cHM6Ly9la3N0cmFwb2ludC5jb20=
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.226.159.126 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-226-159-126.dus51.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 479cfe30323366acc7d37e0e35c7a69198d952e7b998f87ec2b1ee5cf6dbf044

Request headers

Referer: https://wchat.freshchat.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-amz-server-side-encryption: AES256
date: Sat, 13 Mar 2021 17:21:30 GMT
content-encoding: gzip
last-modified: Tue, 02 Mar 2021 08:05:51 GMT
server: AmazonS3
age: 411
etag: W/"cb48eae2d25974cb9e453b74e43d0225"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: text/css
via: 1.1 414a05dee9c365a2a2079013f9d53671.cloudfront.net (CloudFront)
cache-control: max-age=31536000, no-transform, public
x-amz-cf-pop: DUS51-C1
x-amz-cf-id: 4LCm_7SrjiIyJK0x1UDX2UVXwnO7ewGdVq9peFAvM_7oeVr--Vie3w==
expires: Fri, 11 Mar 2022 10:18:43 GMT

GET
H2 200 fc_web_widget-92421146592626d588a0e09124c320dc.css
assetscdn-wchat.freshchat.com/static/assets/ Frame B21D 207 KB
26 KB 63ms
20ms Stylesheet
text/css 13.226.159.126
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://assetscdn-wchat.freshchat.com/static/assets/fc_web_widget-92421146592626d588a0e09124c320dc.css
Requested by: Host: wchat.freshchat.com
URL: https://wchat.freshchat.com/widget/?token=f66f1fd5-3779-444d-9b9f-06c2dbc68e71&referrer=aHR0cHM6Ly9la3N0cmFwb2ludC5jb20=
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.226.159.126 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-226-159-126.dus51.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: d82e8ad03c958be0e840283b314fbd372ab169febe830a83074a6efde03f5916

Request headers

Referer: https://wchat.freshchat.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-amz-server-side-encryption: AES256
date: Sat, 13 Mar 2021 17:21:03 GMT
content-encoding: gzip
last-modified: Tue, 02 Mar 2021 08:05:46 GMT
server: AmazonS3
age: 454
etag: W/"92421146592626d588a0e09124c320dc"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: text/css
via: 1.1 414a05dee9c365a2a2079013f9d53671.cloudfront.net (CloudFront)
cache-control: max-age=31536000, no-transform, public
x-amz-cf-pop: DUS51-C1
x-amz-cf-id: fc1lPd05CsGY5H4qIQoQ480Sv7hT2q9bUyMtNbtV5sEjHTTdrA-zkA==
expires: Fri, 11 Mar 2022 10:18:43 GMT

GET
H2 200 vendor-fa663bf6ab59c356d5e98aabbea77fbd.js Show response
assetscdn-wchat.freshchat.com/static/assets/ Frame B21D 1 MB
380 KB 63ms
21ms Script
text/javascript 13.226.159.126
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://assetscdn-wchat.freshchat.com/static/assets/vendor-fa663bf6ab59c356d5e98aabbea77fbd.js
Requested by: Host: wchat.freshchat.com
URL: https://wchat.freshchat.com/widget/?token=f66f1fd5-3779-444d-9b9f-06c2dbc68e71&referrer=aHR0cHM6Ly9la3N0cmFwb2ludC5jb20=
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.226.159.126 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-226-159-126.dus51.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 85186583038d99e2e0aa74878062da51b070299b1aa2a08238ae8e600c127e14

Request headers

Referer: https://wchat.freshchat.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-amz-server-side-encryption: AES256
date: Sat, 13 Mar 2021 17:21:15 GMT
content-encoding: gzip
last-modified: Tue, 02 Mar 2021 08:05:51 GMT
server: AmazonS3
age: 440
etag: W/"fa663bf6ab59c356d5e98aabbea77fbd"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: text/javascript
via: 1.1 414a05dee9c365a2a2079013f9d53671.cloudfront.net (CloudFront)
cache-control: max-age=31536000, no-transform, public
x-amz-cf-pop: DUS51-C1
x-amz-cf-id: CplrkPPNh8dHGYeDBPdUy8PfRJKCo6A10jw0itnCzCr5b9DGEf_1mw==
expires: Fri, 11 Mar 2022 10:18:43 GMT

GET
H2 200 fc_web_widget-aa45a75718774d454341f95dc8c642e5.js Show response
assetscdn-wchat.freshchat.com/static/assets/ Frame B21D 1 MB
198 KB 62ms
21ms Script
text/javascript 13.226.159.126
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://assetscdn-wchat.freshchat.com/static/assets/fc_web_widget-aa45a75718774d454341f95dc8c642e5.js
Requested by: Host: wchat.freshchat.com
URL: https://wchat.freshchat.com/widget/?token=f66f1fd5-3779-444d-9b9f-06c2dbc68e71&referrer=aHR0cHM6Ly9la3N0cmFwb2ludC5jb20=
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.226.159.126 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-226-159-126.dus51.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 1bb3d6ffc6c6de20bb88b2d0d6908b1d6417f3163d95f8a96a2c753f773d5695

Request headers

Referer: https://wchat.freshchat.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-amz-server-side-encryption: AES256
date: Sat, 13 Mar 2021 17:22:38 GMT
content-encoding: gzip
last-modified: Thu, 11 Mar 2021 10:18:45 GMT
server: AmazonS3
age: 400
etag: W/"5a08a7d40c3431bd63fcf8e9253bf1e2"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: text/javascript
via: 1.1 414a05dee9c365a2a2079013f9d53671.cloudfront.net (CloudFront)
cache-control: max-age=31536000, no-transform, public
x-amz-cf-pop: DUS51-C1
x-amz-cf-id: udJeDJbPudyp25AR1xYBeNgaOAr9WltX5dVX7W-4g16EaJDeV6YKww==
expires: Fri, 11 Mar 2022 10:18:43 GMT

GET
H2 200 /
www.facebook.com/tr/ 44 B
147 B 6ms
6ms Image
image/gif 2a03:2880:f12d:83:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.facebook.com/tr/?id=918228268916911&ev=Microdata&dl=https%3A%2F%2Fekstrapoint.com%2F%3FshowSignup%3Dtrue%26trkid%3D3901100d-8fc2-4c66-a08a-aed083da5af7%26aid%3D5D9%26mid%3DPPC%26cb%3D161565635027%26cb%3D1615656350284&rl=https%3A%2F%2Flt.theplayadvisor.com%2F&if=false&ts=1615656352126&cd[DataLayer]=%5B%5D&cd[Meta]=%7B%22title%22%3A%22Free%20Online%20Casino%20Games%20%26%20Slots%20%7C%20Real%20Prizes%20%7C%20EkstraPoint%22%2C%22meta%3Adescription%22%3A%22Play%20free%20casino%20games%20online%20on%20EkstraPoint.%20Get%20free%20spins%20and%20win%20competitions%20to%20get%20real%20prizes%20and%20casino%20bonuses.%20No%20deposit%20needed%20to%20win%20real%20money.%22%7D&cd[OpenGraph]=%7B%7D&cd[Schema.org]=%5B%5D&cd[JSON-LD]=%5B%7B%22%40context%22%3A%22https%3A%2F%2Fschema.org%22%2C%22%40type%22%3A%22WebPage%22%2C%22url%22%3A%22https%3A%2F%2Fekstrapoint.com%2F%22%2C%22name%22%3A%22Free%20Online%20Casino%20Games%20%26%20Slots%20%7C%20Real%20Prizes%20%7C%20EkstraPoint%22%2C%22description%22%3A%22Play%20free%20casino%20games%20online%20on%20EkstraPoint.%20Get%20free%20spins%20and%20win%20competitions%20to%20get%20real%20prizes%20and%20casino%20bonuses.%20No%20deposit%20needed%20to%20win%20real%20money.%22%2C%22inLanguage%22%3A%7B%22%40type%22%3A%22Language%22%2C%22name%22%3A%22English%22%2C%22alternateName%22%3A%22en%22%7D%2C%22primaryImageOfPage%22%3A%7B%22%40type%22%3A%22ImageObject%22%2C%22url%22%3A%22url%3A%20114%22%7D%7D%5D&sw=1600&sh=1200&v=2.9.33&r=stable&ec=1&o=30&fbp=fb.1.1615656351622.188156797&it=1615656351588&coo=false&es=automatic&tm=3&rqm=GET

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f12d:83:face:b00c:0:25de , United States, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

proxygen-bolt /

Resource Hash

10d8d42d73a02ddb877101e72fbfa15a0ec820224d97cedee4cf92d571be5caa

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Referer: https://ekstrapoint.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sat, 13 Mar 2021 17:25:52 GMT
last-modified: Fri, 21 Dec 2012 00:00:01 GMT
server: proxygen-bolt
strict-transport-security: max-age=31536000; includeSubDomains
content-type: image/gif
cache-control: no-cache, must-revalidate, max-age=0
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=3600,h3-27=":443"; ma=3600
content-length: 44
expires: Sat, 13 Mar 2021 17:25:52 GMT

GET
H2 200 Sin-City-2-slot-game-logo.png
res.cloudinary.com/vitamediagroup/image/fetch/c_scale,e_blur:100,q_1,w_50/https://cdn.ekstrapoint.com/images/ 1 KB
1 KB 13ms
11ms Image
image/png 2a04:4e42:3::393
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://res.cloudinary.com/vitamediagroup/image/fetch/c_scale,e_blur:100,q_1,w_50/https://cdn.ekstrapoint.com/images/Sin-City-2-slot-game-logo.png

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a04:4e42:3::393 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Cloudinary /

Resource Hash

5072078837f02a35ace2a7e183f4cbaf04b876e345f3b32302e5ea1759e04274

Security Headers

Name	Value
Strict-Transport-Security	max-age=604800
X-Content-Type-Options	nosniff

Request headers

Referer: https://ekstrapoint.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sat, 13 Mar 2021 17:25:52 GMT
x-content-type-options: nosniff
last-modified: Fri, 12 Feb 2021 10:36:50 GMT
server: Cloudinary
etag: "c9273e910efe469bdd9902a1017ab19a"
strict-transport-security: max-age=604800
content-type: image/png
access-control-allow-origin: *
access-control-expose-headers: Content-Length,ETag,Server-Timing,X-Content-Type-Options
cache-control: public, no-transform, immutable, max-age=604800
server-timing: fastly;dur=1;cpu=0;start=2021-03-13T17:25:52.211Z;desc=hit,rtt;dur=5
accept-ranges: bytes
timing-allow-origin: *
content-length: 1341

GET
H2 200 Sin-City-2-slot-game-background.jpg
res.cloudinary.com/vitamediagroup/image/fetch/c_scale,e_blur:100,q_1,w_50/https://cdn.ekstrapoint.com/images/ 311 B
463 B 11ms
9ms Image
image/jpeg 2a04:4e42:3::393
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://res.cloudinary.com/vitamediagroup/image/fetch/c_scale,e_blur:100,q_1,w_50/https://cdn.ekstrapoint.com/images/Sin-City-2-slot-game-background.jpg

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a04:4e42:3::393 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Cloudinary /

Resource Hash

40a0aae3b73d9c39c79c9512852ff0a2d241b0010450658d71ade37447a33ba0

Security Headers

Name	Value
Strict-Transport-Security	max-age=604800
X-Content-Type-Options	nosniff

Request headers

Referer: https://ekstrapoint.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sat, 13 Mar 2021 17:25:52 GMT
x-content-type-options: nosniff
last-modified: Fri, 12 Feb 2021 10:36:50 GMT
server: Cloudinary
etag: "10d915ea3d350fec4fba8bb2185dd758"
strict-transport-security: max-age=604800
content-type: image/jpeg
access-control-allow-origin: *
access-control-expose-headers: Content-Length,ETag,Server-Timing,X-Content-Type-Options
cache-control: public, no-transform, immutable, max-age=604800
server-timing: fastly;dur=1;cpu=0;start=2021-03-13T17:25:52.211Z;desc=hit,rtt;dur=5
accept-ranges: bytes
timing-allow-origin: *
content-length: 311

GET
H2 200 competition-monsters.png
res.cloudinary.com/vitamediagroup/image/fetch/c_scale,e_blur:100,q_1,w_50/https://cdn.ekstrapoint.com/images/ 5 KB
5 KB 13ms
11ms Image
image/png 2a04:4e42:3::393
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://res.cloudinary.com/vitamediagroup/image/fetch/c_scale,e_blur:100,q_1,w_50/https://cdn.ekstrapoint.com/images/competition-monsters.png

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a04:4e42:3::393 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Cloudinary /

Resource Hash

0d9dc12607ecb4f0f7d251415d2aded00faf432b1c676aa63bf2767324334022

Security Headers

Name	Value
Strict-Transport-Security	max-age=604800
X-Content-Type-Options	nosniff

Request headers

Referer: https://ekstrapoint.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sat, 13 Mar 2021 17:25:52 GMT
x-content-type-options: nosniff
last-modified: Fri, 12 Feb 2021 10:36:50 GMT
server: Cloudinary
etag: "3a0cb87bce5334e4c2ff889f7f2a0977"
strict-transport-security: max-age=604800
content-type: image/png
access-control-allow-origin: *
access-control-expose-headers: Content-Length,ETag,Server-Timing,X-Content-Type-Options
cache-control: public, no-transform, immutable, max-age=604800
server-timing: fastly;dur=2;cpu=1;start=2021-03-13T17:25:52.211Z;desc=hit,rtt;dur=5
accept-ranges: bytes
timing-allow-origin: *
content-length: 5034

GET
H2 200 competition-monsters-background.png
res.cloudinary.com/vitamediagroup/image/fetch/c_scale,e_blur:100,q_1,w_50/https://cdn.ekstrapoint.com/images/ 2 KB
2 KB 15ms
13ms Image
image/png 2a04:4e42:3::393
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://res.cloudinary.com/vitamediagroup/image/fetch/c_scale,e_blur:100,q_1,w_50/https://cdn.ekstrapoint.com/images/competition-monsters-background.png

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a04:4e42:3::393 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Cloudinary /

Resource Hash

7da52074b04629b92cdcefae01ad4ca52646caa829aa5e9bc2d7377d89e85264

Security Headers

Name	Value
Strict-Transport-Security	max-age=604800
X-Content-Type-Options	nosniff

Request headers

Referer: https://ekstrapoint.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sat, 13 Mar 2021 17:25:52 GMT
x-content-type-options: nosniff
last-modified: Fri, 12 Feb 2021 10:36:50 GMT
server: Cloudinary
etag: "ad761ae1c89779969c97aefc9652a2b4"
strict-transport-security: max-age=604800
content-type: image/png
access-control-allow-origin: *
access-control-expose-headers: Content-Length,ETag,Server-Timing,X-Content-Type-Options
cache-control: public, no-transform, immutable, max-age=604800
server-timing: fastly;dur=1;cpu=0;start=2021-03-13T17:25:52.211Z;desc=hit,rtt;dur=5
accept-ranges: bytes
timing-allow-origin: *
content-length: 1631

GET
H2 200 competition-juicy-jackpot-logo.png
res.cloudinary.com/vitamediagroup/image/fetch/c_scale,e_blur:100,q_1,w_50/https://cdn.ekstrapoint.com/images/ 4 KB
4 KB 15ms
13ms Image
image/png 2a04:4e42:3::393
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://res.cloudinary.com/vitamediagroup/image/fetch/c_scale,e_blur:100,q_1,w_50/https://cdn.ekstrapoint.com/images/competition-juicy-jackpot-logo.png

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a04:4e42:3::393 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Cloudinary /

Resource Hash

37caf5b1044303c723e59ed43ce421c011b6590f7aec57b26d91878e742e7d3c

Security Headers

Name	Value
Strict-Transport-Security	max-age=604800
X-Content-Type-Options	nosniff

Request headers

Referer: https://ekstrapoint.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sat, 13 Mar 2021 17:25:52 GMT
x-content-type-options: nosniff
last-modified: Fri, 12 Feb 2021 10:36:50 GMT
server: Cloudinary
etag: "9379a85b1ef0e7098297bd172d0b0fdd"
strict-transport-security: max-age=604800
content-type: image/png
access-control-allow-origin: *
access-control-expose-headers: Content-Length,ETag,Server-Timing,X-Content-Type-Options
cache-control: public, no-transform, immutable, max-age=604800
server-timing: fastly;dur=2;cpu=0;start=2021-03-13T17:25:52.211Z;desc=hit,rtt;dur=5
accept-ranges: bytes
timing-allow-origin: *
content-length: 4361

GET
H2 200 competition-juicy-jackpot-background.png
res.cloudinary.com/vitamediagroup/image/fetch/c_scale,e_blur:100,q_1,w_50/https://cdn.ekstrapoint.com/images/ 1 KB
1 KB 12ms
10ms Image
image/png 2a04:4e42:3::393
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://res.cloudinary.com/vitamediagroup/image/fetch/c_scale,e_blur:100,q_1,w_50/https://cdn.ekstrapoint.com/images/competition-juicy-jackpot-background.png

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a04:4e42:3::393 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Cloudinary /

Resource Hash

97f1e3085b0458898a9eaae364b01045424e418e7c002e521032abb710c5a8a1

Security Headers

Name	Value
Strict-Transport-Security	max-age=604800
X-Content-Type-Options	nosniff

Request headers

Referer: https://ekstrapoint.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sat, 13 Mar 2021 17:25:52 GMT
x-content-type-options: nosniff
last-modified: Tue, 09 Feb 2021 11:27:00 GMT
server: Cloudinary
etag: "ce7f2a64580f5e034b0f610f3a2529f0"
strict-transport-security: max-age=604800
content-type: image/png
access-control-allow-origin: *
access-control-expose-headers: Content-Length,ETag,Server-Timing,X-Content-Type-Options
cache-control: public, no-transform, immutable, max-age=604800
server-timing: fastly;dur=2;cpu=1;start=2021-03-13T17:25:52.210Z;desc=hit,rtt;dur=5
accept-ranges: bytes
timing-allow-origin: *
content-length: 1164

GET
H2 200 slot-mountain-competition-logo.png
res.cloudinary.com/vitamediagroup/image/fetch/c_scale,e_blur:100,q_1,w_50/https://cdn.ekstrapoint.com/images/ 6 KB
6 KB 10ms
8ms Image
image/png 2a04:4e42:3::393
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://res.cloudinary.com/vitamediagroup/image/fetch/c_scale,e_blur:100,q_1,w_50/https://cdn.ekstrapoint.com/images/slot-mountain-competition-logo.png

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a04:4e42:3::393 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Cloudinary /

Resource Hash

0c62c6951a4240f3772f2ce6df7b43b588d7aae72bef2f3ca57576c3bdc0b203

Security Headers

Name	Value
Strict-Transport-Security	max-age=604800
X-Content-Type-Options	nosniff

Request headers

Referer: https://ekstrapoint.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sat, 13 Mar 2021 17:25:52 GMT
x-content-type-options: nosniff
last-modified: Fri, 12 Feb 2021 10:36:50 GMT
server: Cloudinary
etag: "8018a820ba206af11c47d5e57b4903f7"
strict-transport-security: max-age=604800
content-type: image/png
access-control-allow-origin: *
access-control-expose-headers: Content-Length,ETag,Server-Timing,X-Content-Type-Options
cache-control: public, no-transform, immutable, max-age=604800
server-timing: fastly;dur=1;start=2021-03-13T17:25:52.210Z;desc=hit,rtt;dur=5
accept-ranges: bytes
timing-allow-origin: *
content-length: 5821

GET
H2 200 competition-slot-mountain-background.png
res.cloudinary.com/vitamediagroup/image/fetch/c_scale,e_blur:100,q_1,w_50/https://cdn.ekstrapoint.com/images/ 1 KB
1 KB 13ms
11ms Image
image/png 2a04:4e42:3::393
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://res.cloudinary.com/vitamediagroup/image/fetch/c_scale,e_blur:100,q_1,w_50/https://cdn.ekstrapoint.com/images/competition-slot-mountain-background.png

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a04:4e42:3::393 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Cloudinary /

Resource Hash

fb0461bcda1a76644dafbdcd95b9df0f1cb210fd6aa865ae0ddcfe270e2eabbc

Security Headers

Name	Value
Strict-Transport-Security	max-age=604800
X-Content-Type-Options	nosniff

Request headers

Referer: https://ekstrapoint.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sat, 13 Mar 2021 17:25:52 GMT
x-content-type-options: nosniff
last-modified: Tue, 09 Feb 2021 11:27:00 GMT
server: Cloudinary
etag: "2e57068007809290be93ce2a158b40b7"
strict-transport-security: max-age=604800
content-type: image/png
access-control-allow-origin: *
access-control-expose-headers: Content-Length,ETag,Server-Timing,X-Content-Type-Options
cache-control: public, no-transform, immutable, max-age=604800
server-timing: fastly;dur=2;cpu=0;start=2021-03-13T17:25:52.210Z;desc=hit,rtt;dur=5
accept-ranges: bytes
timing-allow-origin: *
content-length: 1380

GET
H2 200 competition-classical-fruits.png
res.cloudinary.com/vitamediagroup/image/fetch/c_scale,e_blur:100,q_1,w_50/https://cdn.ekstrapoint.com/images/ 4 KB
4 KB 10ms
9ms Image
image/png 2a04:4e42:3::393
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://res.cloudinary.com/vitamediagroup/image/fetch/c_scale,e_blur:100,q_1,w_50/https://cdn.ekstrapoint.com/images/competition-classical-fruits.png

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a04:4e42:3::393 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Cloudinary /

Resource Hash

2f0a9e652dc3df98b72a88e1ab87521142b7d08d87fc104d16d903ac0899fc2f

Security Headers

Name	Value
Strict-Transport-Security	max-age=604800
X-Content-Type-Options	nosniff

Request headers

Referer: https://ekstrapoint.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sat, 13 Mar 2021 17:25:52 GMT
x-content-type-options: nosniff
last-modified: Fri, 12 Feb 2021 10:36:51 GMT
server: Cloudinary
etag: "f888b79320041af1822b7cb0ff2a530b"
strict-transport-security: max-age=604800
content-type: image/png
access-control-allow-origin: *
access-control-expose-headers: Content-Length,ETag,Server-Timing,X-Content-Type-Options
cache-control: public, no-transform, immutable, max-age=604800
server-timing: fastly;dur=1;cpu=0;start=2021-03-13T17:25:52.210Z;desc=hit,rtt;dur=5
accept-ranges: bytes
timing-allow-origin: *
content-length: 3925

GET
H2 200 competition-classical-fruits-background.png
res.cloudinary.com/vitamediagroup/image/fetch/c_scale,e_blur:100,q_1,w_50/https://cdn.ekstrapoint.com/images/ 2 KB
2 KB 14ms
13ms Image
image/png 2a04:4e42:3::393
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://res.cloudinary.com/vitamediagroup/image/fetch/c_scale,e_blur:100,q_1,w_50/https://cdn.ekstrapoint.com/images/competition-classical-fruits-background.png

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a04:4e42:3::393 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Cloudinary /

Resource Hash

b1c2038fb05386815a7dc6a6a989ef603a45f669baf0450e9e78b9c62f8bde0f

Security Headers

Name	Value
Strict-Transport-Security	max-age=604800
X-Content-Type-Options	nosniff

Request headers

Referer: https://ekstrapoint.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sat, 13 Mar 2021 17:25:52 GMT
x-content-type-options: nosniff
last-modified: Tue, 09 Feb 2021 11:27:00 GMT
server: Cloudinary
etag: "ea46eff30b0774f642cf13c337e384da"
strict-transport-security: max-age=604800
content-type: image/png
access-control-allow-origin: *
access-control-expose-headers: Content-Length,ETag,Server-Timing,X-Content-Type-Options
cache-control: public, no-transform, immutable, max-age=604800
server-timing: fastly;dur=2;cpu=1;start=2021-03-13T17:25:52.210Z;desc=hit,rtt;dur=5
accept-ranges: bytes
timing-allow-origin: *
content-length: 1814

GET
H2 200 competition-pirates-logo.png
res.cloudinary.com/vitamediagroup/image/fetch/c_scale,e_blur:100,q_1,w_50/https://cdn.ekstrapoint.com/images/ 6 KB
6 KB 11ms
9ms Image
image/png 2a04:4e42:3::393
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://res.cloudinary.com/vitamediagroup/image/fetch/c_scale,e_blur:100,q_1,w_50/https://cdn.ekstrapoint.com/images/competition-pirates-logo.png

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a04:4e42:3::393 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Cloudinary /

Resource Hash

1821a3825d0ed02c11a94ae06c5bde3b996cfc9e7e6aab4c461f3ff32cccc10a

Security Headers

Name	Value
Strict-Transport-Security	max-age=604800
X-Content-Type-Options	nosniff

Request headers

Referer: https://ekstrapoint.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sat, 13 Mar 2021 17:25:52 GMT
x-content-type-options: nosniff
last-modified: Fri, 12 Feb 2021 10:36:50 GMT
server: Cloudinary
etag: "2813910cd895b37004760d1e2f26ae78"
strict-transport-security: max-age=604800
content-type: image/png
access-control-allow-origin: *
access-control-expose-headers: Content-Length,ETag,Server-Timing,X-Content-Type-Options
cache-control: public, no-transform, immutable, max-age=604800
server-timing: fastly;dur=1;cpu=0;start=2021-03-13T17:25:52.210Z;desc=hit,rtt;dur=5
accept-ranges: bytes
timing-allow-origin: *
content-length: 5774

GET
H2 200 pirates-background-new.jpg
res.cloudinary.com/vitamediagroup/image/fetch/c_scale,e_blur:100,q_1,w_50/https://cdn.ekstrapoint.com/images/ 309 B
448 B 10ms
9ms Image
image/jpeg 2a04:4e42:3::393
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://res.cloudinary.com/vitamediagroup/image/fetch/c_scale,e_blur:100,q_1,w_50/https://cdn.ekstrapoint.com/images/pirates-background-new.jpg

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a04:4e42:3::393 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Cloudinary /

Resource Hash

d1bf819527278a19fd3622dddbc0416e5be1fbd9a6101f180ae4aa7fdf0ad8c4

Security Headers

Name	Value
Strict-Transport-Security	max-age=604800
X-Content-Type-Options	nosniff

Request headers

Referer: https://ekstrapoint.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sat, 13 Mar 2021 17:25:52 GMT
x-content-type-options: nosniff
last-modified: Tue, 09 Feb 2021 11:27:00 GMT
server: Cloudinary
etag: "0cf3a87cf742a3b78445b0c1136641f0"
strict-transport-security: max-age=604800
content-type: image/jpeg
access-control-allow-origin: *
access-control-expose-headers: Content-Length,ETag,Server-Timing,X-Content-Type-Options
cache-control: public, no-transform, immutable, max-age=604800
server-timing: fastly;dur=2;cpu=0;start=2021-03-13T17:25:52.210Z;desc=hit,rtt;dur=5
accept-ranges: bytes
timing-allow-origin: *
content-length: 309

GET
H2 200 competition-trilliionaire-logo.png
res.cloudinary.com/vitamediagroup/image/fetch/c_scale,e_blur:100,q_1,w_50/https://cdn.ekstrapoint.com/images/ 4 KB
4 KB 12ms
11ms Image
image/png 2a04:4e42:3::393
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://res.cloudinary.com/vitamediagroup/image/fetch/c_scale,e_blur:100,q_1,w_50/https://cdn.ekstrapoint.com/images/competition-trilliionaire-logo.png

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a04:4e42:3::393 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Cloudinary /

Resource Hash

3cbc02656511523cc34e07588e646109596fd8d9eeb9f8ce453039a575d96da1

Security Headers

Name	Value
Strict-Transport-Security	max-age=604800
X-Content-Type-Options	nosniff

Request headers

Referer: https://ekstrapoint.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sat, 13 Mar 2021 17:25:52 GMT
x-content-type-options: nosniff
last-modified: Fri, 12 Feb 2021 10:36:50 GMT
server: Cloudinary
etag: "4cf314003466c902b4a5ca34a3fc57de"
strict-transport-security: max-age=604800
content-type: image/png
access-control-allow-origin: *
access-control-expose-headers: Content-Length,ETag,Server-Timing,X-Content-Type-Options
cache-control: public, no-transform, immutable, max-age=604800
server-timing: fastly;dur=2;cpu=0;start=2021-03-13T17:25:52.210Z;desc=hit,rtt;dur=5
accept-ranges: bytes
timing-allow-origin: *
content-length: 4110

GET
H2 200 competition-trilliionaire-background.jpg
res.cloudinary.com/vitamediagroup/image/fetch/c_scale,e_blur:100,q_1,w_50/https://cdn.ekstrapoint.com/images/ 299 B
477 B 8ms
8ms Image
image/jpeg 2a04:4e42:3::393
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://res.cloudinary.com/vitamediagroup/image/fetch/c_scale,e_blur:100,q_1,w_50/https://cdn.ekstrapoint.com/images/competition-trilliionaire-background.jpg

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a04:4e42:3::393 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Cloudinary /

Resource Hash

fd0a9070b5149900f37b9af2da99d6f7d7f8f34531be875b1a0892e445b241e9

Security Headers

Name	Value
Strict-Transport-Security	max-age=604800
X-Content-Type-Options	nosniff

Request headers

Referer: https://ekstrapoint.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sat, 13 Mar 2021 17:25:52 GMT
x-content-type-options: nosniff
last-modified: Fri, 12 Feb 2021 10:36:50 GMT
server: Cloudinary
etag: "2a35a52b0d80b1cffc389bf30e73c6d0"
strict-transport-security: max-age=604800
content-type: image/jpeg
access-control-allow-origin: *
access-control-expose-headers: Content-Length,ETag,Server-Timing,X-Content-Type-Options
cache-control: public, no-transform, immutable, max-age=604800
server-timing: fastly;dur=1;start=2021-03-13T17:25:52.210Z;desc=hit,rtt;dur=5
accept-ranges: bytes
timing-allow-origin: *
content-length: 299

GET
H2 200 cashprize.svg
cdn.ekstrapoint.com/app/assets/icons/ 18 KB
14 KB 40ms
39ms Image
image/svg+xml 13.226.159.105
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cdn.ekstrapoint.com/app/assets/icons/cashprize.svg
Requested by: Host: cdn.ekstrapoint.com
URL: https://cdn.ekstrapoint.com/app/styles.58ddc825aa031a817587.css
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.226.159.105 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-226-159-105.dus51.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: b0c67b9866873ee64361e795e43f10be2d05f304501beadb143f21dd58416980

Request headers

Referer: https://cdn.ekstrapoint.com/app/styles.58ddc825aa031a817587.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sat, 13 Mar 2021 01:53:55 GMT
content-encoding: gzip
last-modified: Mon, 01 Mar 2021 14:35:50 GMT
server: AmazonS3
x-amz-request-id: D1C5E876181005C6
etag: W/"c2312b42d1477643918e0a412427890a"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: image/svg+xml
via: 1.1 4ecd74dda94d7576e134fcdf16df8129.cloudfront.net (CloudFront)
cache-control: public, max-age=29030400
x-amz-cf-pop: DUS51-C1
x-amz-cf-id: o0JpHVi5SBZip52jxsBnwSQ_VGIPb8tk58iEvqX3tYlJboywrytdQg==
x-amz-id-2: P48nT+bcjRR/am7OuBMMfQ7dAo1iE7VQLDKedf6px4hOiNRMg+OT96mdUrUdw+DzfwDWLfWsQmU=

GET
H2 200 ep-coin.svg
cdn.ekstrapoint.com/app/assets/icons/ 2 KB
1 KB 35ms
34ms Image
image/svg+xml 13.226.159.105
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cdn.ekstrapoint.com/app/assets/icons/ep-coin.svg
Requested by: Host: cdn.ekstrapoint.com
URL: https://cdn.ekstrapoint.com/app/styles.58ddc825aa031a817587.css
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.226.159.105 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-226-159-105.dus51.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: cbea91d7b8ad45465449c722d68fb90623680c7e7bdfd5ee3f0cafba512fb75d

Request headers

Referer: https://cdn.ekstrapoint.com/app/styles.58ddc825aa031a817587.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sat, 13 Mar 2021 01:53:55 GMT
content-encoding: gzip
last-modified: Mon, 01 Mar 2021 14:35:50 GMT
server: AmazonS3
x-amz-request-id: BC2F33440CD458BB
etag: W/"ec97cf81fc9967a4f2a0ff7272ff91b8"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: image/svg+xml
via: 1.1 4ecd74dda94d7576e134fcdf16df8129.cloudfront.net (CloudFront)
cache-control: public, max-age=29030400
x-amz-cf-pop: DUS51-C1
x-amz-cf-id: 0gdVMVJvXrJtp48N29YVltBvjQ6tKlLQa3WAY_VWvluzVw9zXSMq4w==
x-amz-id-2: 3ureUMrGIIQZtqFaF46Sk6qWUIJeUmqyxoX7IFQEjYtNZvs0kQl48Gdh4oNSNZZIM8P6AbtEQ3k=

GET
H2 200 chevron-right--white.svg
cdn.ekstrapoint.com/app/assets/icons/ 191 B
641 B 41ms
40ms Image
image/svg+xml 13.226.159.105
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cdn.ekstrapoint.com/app/assets/icons/chevron-right--white.svg
Requested by: Host: cdn.ekstrapoint.com
URL: https://cdn.ekstrapoint.com/app/styles.58ddc825aa031a817587.css
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.226.159.105 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-226-159-105.dus51.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: a2ba38145172e2804b6d987f1251da6d0d47a703bacc1732bf3fc08cedc059a0

Request headers

Referer: https://cdn.ekstrapoint.com/app/styles.58ddc825aa031a817587.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sat, 13 Mar 2021 03:36:04 GMT
via: 1.1 4ecd74dda94d7576e134fcdf16df8129.cloudfront.net (CloudFront)
last-modified: Wed, 24 Feb 2021 12:42:50 GMT
server: AmazonS3
x-amz-request-id: 71A2DA556614B88D
etag: "60e820ef1cd5a9e3d507f23b7b14ff1b"
x-cache: Hit from cloudfront
content-type: image/svg+xml
cache-control: public, max-age=29030400
x-amz-cf-pop: DUS51-C1
accept-ranges: bytes
content-length: 191
x-amz-id-2: DyhBKhm7XMxeNhG0tk0JJnTnt0RWviXIQnSVjpLqOSH9XkMM55hRGAZneMzz0/gwaX1lSAIKTcQ=
x-amz-cf-id: rwbItlmuC4wR12UgdKMQgVut0DkvPnYA0jI68-f4LG0MOvAUtuGqIA==

GET
H2 200 chevron-right.svg
cdn.ekstrapoint.com/app/assets/icons/ 193 B
642 B 35ms
35ms Image
image/svg+xml 13.226.159.105
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cdn.ekstrapoint.com/app/assets/icons/chevron-right.svg
Requested by: Host: cdn.ekstrapoint.com
URL: https://cdn.ekstrapoint.com/app/styles.58ddc825aa031a817587.css
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.226.159.105 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-226-159-105.dus51.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: b7b5cb91888a40b8bfda27189bbf2f5daf5180782b77e3759698a4ed3e2bcbc4

Request headers

Referer: https://cdn.ekstrapoint.com/app/styles.58ddc825aa031a817587.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sat, 13 Mar 2021 04:02:37 GMT
via: 1.1 4ecd74dda94d7576e134fcdf16df8129.cloudfront.net (CloudFront)
last-modified: Mon, 01 Mar 2021 14:35:50 GMT
server: AmazonS3
x-amz-request-id: 14E7345B759D1E93
etag: "af747d82a405b4395c1defb6c06c7a9a"
x-cache: Hit from cloudfront
content-type: image/svg+xml
cache-control: public, max-age=29030400
x-amz-cf-pop: DUS51-C1
accept-ranges: bytes
content-length: 193
x-amz-id-2: 3mJWan0rWjj0/LdHrM8HsOcPETlrxCV/GU/8v5STFOel7qn0fitnAco4U/IaxpwmYHe08ydlVwc=
x-amz-cf-id: Id3budabdk-9j59eUPz-T_SQ1moCQIX_xcF6m6EB3KgTd-ycIJ4btQ==

GET
H2 200 Sin-City-2-slot-game-logo-M.webp
cdn.ekstrapoint.com/images/ 18 KB
19 KB 68ms
61ms Image
image/png 13.226.159.105
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cdn.ekstrapoint.com/images/Sin-City-2-slot-game-logo-M.webp
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.226.159.105 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-226-159-105.dus51.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: fe08b463c12ffd065db969e130e5a9538a8082197dd5b284760482778955b633

Request headers

Referer: https://ekstrapoint.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sat, 13 Mar 2021 03:14:14 GMT
via: 1.1 4ecd74dda94d7576e134fcdf16df8129.cloudfront.net (CloudFront)
last-modified: Mon, 22 Jun 2020 09:09:36 GMT
server: AmazonS3
x-amz-request-id: 498075CDD9E4F6C6
etag: "762eb6723a891990d52acab7159890b3"
x-cache: Hit from cloudfront
content-type: image/png
cache-control: public, max-age=29030400
x-amz-cf-pop: DUS51-C1
accept-ranges: bytes
content-length: 18642
x-amz-id-2: eCKDuV86HjBjEQlpqHtikk1VTyLMF1dNJevZedjC7NeBlhJdDqhvzlNZnJEqSvi24+MeB//R+5U=
x-amz-cf-id: 1dleSC4fx_TMQS-N5kgyDoI07D9Uv2TM4M6afUOIYKff5YUPjVLnpA==

GET
H2 200 Sin-City-2-slot-game-background-M.webp
cdn.ekstrapoint.com/images/ 15 KB
16 KB 56ms
51ms Image
image/jpeg 13.226.159.105
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cdn.ekstrapoint.com/images/Sin-City-2-slot-game-background-M.webp
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.226.159.105 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-226-159-105.dus51.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 920ce3d3f92496179595c522f5edf3958be7574238b0a1b5bba0948695e6c80d

Request headers

Referer: https://ekstrapoint.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sat, 13 Mar 2021 04:03:48 GMT
via: 1.1 4ecd74dda94d7576e134fcdf16df8129.cloudfront.net (CloudFront)
last-modified: Mon, 22 Jun 2020 09:10:11 GMT
server: AmazonS3
x-amz-request-id: 2606C38CD34FFBDE
etag: "45a90d180a92bf6d5fc6b264d363f4ae"
x-cache: Hit from cloudfront
content-type: image/jpeg
cache-control: public, max-age=29030400
x-amz-cf-pop: DUS51-C1
accept-ranges: bytes
content-length: 15762
x-amz-id-2: BnaV7SwiPsUlmm51+ekCHjjPu94Q0bZFe6EVFTzKGFv4iYYO7naTqXy83Ty6Q9EDI6Wnwz5CnDw=
x-amz-cf-id: CGZunPDbx6asmW01GcNK_B6FfJyHHw7yu2kJAUejk5-DHrlnIXotkg==

GET
H2 200 competition-monsters-XL.webp
cdn.ekstrapoint.com/images/ 47 KB
47 KB 69ms
64ms Image
image/png 13.226.159.105
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cdn.ekstrapoint.com/images/competition-monsters-XL.webp
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.226.159.105 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-226-159-105.dus51.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: c367fe7a8de86275bcdbdd5112c770b661d2a13c0713ecf324c78af5d4f465de

Request headers

Referer: https://ekstrapoint.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sat, 13 Mar 2021 02:42:57 GMT
via: 1.1 4ecd74dda94d7576e134fcdf16df8129.cloudfront.net (CloudFront)
last-modified: Thu, 21 Nov 2019 11:31:45 GMT
server: AmazonS3
x-amz-request-id: 28D11FA6E4CAAFDE
etag: "248b17b61479664fcc088c53568bdf04"
x-cache: Hit from cloudfront
content-type: image/png
cache-control: public, max-age=29030400
x-amz-cf-pop: DUS51-C1
accept-ranges: bytes
content-length: 47668
x-amz-id-2: +9QY8AB+w+xx9bsIYs8oWCxlnnPqJsAmLAPSnyz0YYMu8sSJAo8i+KZRX0bo1nncwNSf/R2TRmo=
x-amz-cf-id: nHsZ5Kp4btJcIGbUAVnj15E8BwesYtBLlawQKmRLpRhTww10Lgj2hA==

GET
H2 200 competition-monsters-background-M.webp
cdn.ekstrapoint.com/images/ 15 KB
16 KB 52ms
47ms Image
image/png 13.226.159.105
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cdn.ekstrapoint.com/images/competition-monsters-background-M.webp
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.226.159.105 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-226-159-105.dus51.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: d4ef937593d12334a2ade82ec2583b0bb2e0d6358aa9e325271aa734a00d27d6

Request headers

Referer: https://ekstrapoint.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sat, 13 Mar 2021 05:22:38 GMT
via: 1.1 4ecd74dda94d7576e134fcdf16df8129.cloudfront.net (CloudFront)
last-modified: Thu, 21 Nov 2019 11:26:05 GMT
server: AmazonS3
x-amz-request-id: DZEM6N9V3Y4P8H3T
etag: "2636af438cdfec0c4cfd59c359095e73"
x-cache: Hit from cloudfront
content-type: image/png
cache-control: public, max-age=29030400
x-amz-cf-pop: DUS51-C1
accept-ranges: bytes
content-length: 15518
x-amz-id-2: Iu2L9Lzfovmub7Ea4ttp6TDEX8RnPu+vf2/daEd/9mG67gjEBQIG1ydjOU2UgdaXqjSEcPEfrkc=
x-amz-cf-id: dykj87JNKfpeQRN215kXAn3plwdU4tIVoyGPU4MOG1ufi2pmeJFVMQ==

GET
H2 200 competition-juicy-jackpot-logo-XL.webp
cdn.ekstrapoint.com/images/ 50 KB
51 KB 41ms
37ms Image
image/png 13.226.159.105
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cdn.ekstrapoint.com/images/competition-juicy-jackpot-logo-XL.webp
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.226.159.105 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-226-159-105.dus51.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 8a8ad528c1445e0ea039713494ca9b9e8c8822e9e3ae3c3057577a877ccb8426

Request headers

Referer: https://ekstrapoint.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sat, 13 Mar 2021 05:16:19 GMT
via: 1.1 4ecd74dda94d7576e134fcdf16df8129.cloudfront.net (CloudFront)
last-modified: Thu, 21 Nov 2019 10:45:41 GMT
server: AmazonS3
x-amz-request-id: 09B11FFBCD996F6E
etag: "6628943f647d0e72a5d5b3e8ee144b91"
x-cache: Hit from cloudfront
content-type: image/png
cache-control: public, max-age=29030400
x-amz-cf-pop: DUS51-C1
accept-ranges: bytes
content-length: 51496
x-amz-id-2: PuxjcRCSBrsAOwEOido/wsxVkbYb/1edoC4TLRJrVLDTW6m7AzTTyrk6FTdc2p1BiF61kGbXeLw=
x-amz-cf-id: 09PMELGpQ4DkbyaAyYv_HS9D3SxHJz1ISuANr5xEQADFEModkeWDrA==

GET
H2 200 competition-juicy-jackpot-background-M.webp
cdn.ekstrapoint.com/images/ 4 KB
4 KB 52ms
48ms Image
image/png 13.226.159.105
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cdn.ekstrapoint.com/images/competition-juicy-jackpot-background-M.webp
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.226.159.105 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-226-159-105.dus51.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 0632bac109f493ec01cbebd2c8aedfe3d7b80999e9def190df95a80a11dd5a57

Request headers

Referer: https://ekstrapoint.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sat, 13 Mar 2021 04:39:19 GMT
via: 1.1 4ecd74dda94d7576e134fcdf16df8129.cloudfront.net (CloudFront)
last-modified: Thu, 21 Nov 2019 10:46:05 GMT
server: AmazonS3
x-amz-request-id: 1034700A9A4573C6
etag: "cec3c58b4ff6a6335724e4b70b205d17"
x-cache: Hit from cloudfront
content-type: image/png
cache-control: public, max-age=29030400
x-amz-cf-pop: DUS51-C1
accept-ranges: bytes
content-length: 3992
x-amz-id-2: xWaWe2xRozAZCFluLlqgF1K2xPqZzbFLii8gAgiM1+bM+euKYQvaJyosLyD8LDPzFdnzVQtXURU=
x-amz-cf-id: ZbLGRin641qkDBRj4uqFiav1CNdJ-rIQOlmAC8Wu8ldlqhU3FONvxg==

GET
H2 200 slot-mountain-competition-logo-XL.webp
cdn.ekstrapoint.com/images/ 66 KB
66 KB 79ms
75ms Image
image/png 13.226.159.105
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cdn.ekstrapoint.com/images/slot-mountain-competition-logo-XL.webp
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.226.159.105 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-226-159-105.dus51.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 0616cfcdca3f23d98b29284c81d428350b1c5744882eb8b0a6c68ed05863579e

Request headers

Referer: https://ekstrapoint.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sat, 13 Mar 2021 03:17:09 GMT
via: 1.1 4ecd74dda94d7576e134fcdf16df8129.cloudfront.net (CloudFront)
last-modified: Thu, 21 Nov 2019 10:37:13 GMT
server: AmazonS3
x-amz-request-id: B64FEDAE0DF1F863
etag: "340420dac69e6cf20d86ad144d5147c2"
x-cache: Hit from cloudfront
content-type: image/png
cache-control: public, max-age=29030400
x-amz-cf-pop: DUS51-C1
accept-ranges: bytes
content-length: 67200
x-amz-id-2: XfjavttOZnvo3CLn3AWj/z+KXw589mdsbIuXPuXXAA/tYx5YwbERxM8Li5GfPWRENGqxBcqxuas=
x-amz-cf-id: VCmGxXPkqye8KGCJNP9yb2bEW5P_4XnbgBqe1u1NiXgwcH6DQypmNg==

GET
H2 200 competition-slot-mountain-background-M.webp
cdn.ekstrapoint.com/images/ 8 KB
8 KB 71ms
68ms Image
image/png 13.226.159.105
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cdn.ekstrapoint.com/images/competition-slot-mountain-background-M.webp
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.226.159.105 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-226-159-105.dus51.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 38d3198d418b799dbf8ebb545dd5a1083fca53ebf6cb16998fc9d69d9709f363

Request headers

Referer: https://ekstrapoint.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sat, 13 Mar 2021 04:00:20 GMT
via: 1.1 4ecd74dda94d7576e134fcdf16df8129.cloudfront.net (CloudFront)
last-modified: Thu, 21 Nov 2019 10:36:07 GMT
server: AmazonS3
x-amz-request-id: FV3S0G1YCX9X1PCW
etag: "80ebb76fec5f174397936c7052be0d9d"
x-cache: Hit from cloudfront
content-type: image/png
cache-control: public, max-age=29030400
x-amz-cf-pop: DUS51-C1
accept-ranges: bytes
content-length: 7960
x-amz-id-2: wAr/KCjce4UQeSraVg3Q/OQULTvc4C/dkvFhsTQtA+BUKPtkUOy6oONulC2ieUs2PIQwsL49Dtw=
x-amz-cf-id: 379Zq1zwZfpzO1nHy3khtioyL3eWO5UUc0hDXy8MjxwXl19P9C78HA==

GET
H2 200 competition-classical-fruits-XL.webp
cdn.ekstrapoint.com/images/ 34 KB
34 KB 76ms
72ms Image
image/png 13.226.159.105
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cdn.ekstrapoint.com/images/competition-classical-fruits-XL.webp
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.226.159.105 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-226-159-105.dus51.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: da10b49edc32c2e9ae8638bd9b8b05c0ff7ecbc9574518dfc4bedb542b45c4bd

Request headers

Referer: https://ekstrapoint.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sat, 13 Mar 2021 02:27:07 GMT
via: 1.1 4ecd74dda94d7576e134fcdf16df8129.cloudfront.net (CloudFront)
last-modified: Thu, 21 Nov 2019 11:26:41 GMT
server: AmazonS3
x-amz-request-id: 47EC661978C796A6
etag: "59d51b9419a8617b5e48ce0a3c8fbe43"
x-cache: Hit from cloudfront
content-type: image/png
cache-control: public, max-age=29030400
x-amz-cf-pop: DUS51-C1
accept-ranges: bytes
content-length: 34366
x-amz-id-2: OmvCPtZO5hPKFULzBWRXCIU1ZES2Jn6G3CYRCDh8lOszQ6UjVjtiUpZqeifeai8mhMEC/y4jOss=
x-amz-cf-id: tXSRBgGcck-tj4KudksmC49QfdKwrVs21B_Rx5rehNmwBcn4qqSM0w==

GET
H2 200 competition-classical-fruits-background-M.webp
cdn.ekstrapoint.com/images/ 36 KB
36 KB 57ms
54ms Image
image/png 13.226.159.105
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cdn.ekstrapoint.com/images/competition-classical-fruits-background-M.webp
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.226.159.105 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-226-159-105.dus51.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 66af31214cf473cdc16a780d4bc165778b0a7a4d7acf00b4fdc09864d055ec01

Request headers

Referer: https://ekstrapoint.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sat, 13 Mar 2021 04:58:25 GMT
via: 1.1 4ecd74dda94d7576e134fcdf16df8129.cloudfront.net (CloudFront)
last-modified: Thu, 21 Nov 2019 11:25:50 GMT
server: AmazonS3
x-amz-request-id: 15F97105BE72B515
etag: "91cdfe97605502b87d1c2a671e429102"
x-cache: Hit from cloudfront
content-type: image/png
cache-control: public, max-age=29030400
x-amz-cf-pop: DUS51-C1
accept-ranges: bytes
content-length: 36820
x-amz-id-2: h7y68SoYydaB3KCL5P5FmYgNpb2+aaonLvxZ+UsV+3wkQkyOPCILGomU4NLxvg0J6uex5DnGM4M=
x-amz-cf-id: mjaFvhEBplHg84S1RSS7fSR7yig8XgKLLbQqxGNA2YU2thv7KmW0mQ==

GET
H2 200 competition-pirates-logo-XL.webp
cdn.ekstrapoint.com/images/ 52 KB
52 KB 71ms
68ms Image
image/png 13.226.159.105
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cdn.ekstrapoint.com/images/competition-pirates-logo-XL.webp
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.226.159.105 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-226-159-105.dus51.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 37e510ca2145ae70ea6651af6208218e035328ea589ceaf7c0075419cde10e4c

Request headers

Referer: https://ekstrapoint.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 12 Mar 2021 21:45:21 GMT
via: 1.1 4ecd74dda94d7576e134fcdf16df8129.cloudfront.net (CloudFront)
last-modified: Thu, 21 Nov 2019 10:37:21 GMT
server: AmazonS3
x-amz-request-id: 935CF1771C6A5F0B
etag: "47d1731bf89e07e1a06bd31207b215de"
x-cache: Hit from cloudfront
content-type: image/png
cache-control: public, max-age=29030400
x-amz-cf-pop: DUS51-C1
accept-ranges: bytes
content-length: 53218
x-amz-id-2: YHdupHQpFUk6mQb2l5baHGSxlDQTxwQtZPhow9rutgtWZOVWGnSNJgNOUBo8iMzC65Vxo7Oh7UE=
x-amz-cf-id: pGt8eGeTyksA4PvzqczK5UrJ1iSKcNPbaYQ2FNzsUCX3w5Mrjzib7w==

GET
H2 200 pirates-background-new-M.webp
cdn.ekstrapoint.com/images/ 11 KB
11 KB 69ms
67ms Image
image/jpeg 13.226.159.105
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cdn.ekstrapoint.com/images/pirates-background-new-M.webp
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.226.159.105 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-226-159-105.dus51.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 052f8fe3e6315a9af625e2a25cfe66790267bcc0aaebe2bf00feb803ff21cd88

Request headers

Referer: https://ekstrapoint.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sat, 13 Mar 2021 03:54:52 GMT
via: 1.1 4ecd74dda94d7576e134fcdf16df8129.cloudfront.net (CloudFront)
last-modified: Fri, 15 Nov 2019 10:10:48 GMT
server: AmazonS3
x-amz-request-id: F70AF6142385EE68
etag: "87e24a54f58047df5486bf146544cf10"
x-cache: Hit from cloudfront
content-type: image/jpeg
cache-control: public, max-age=29030400
x-amz-cf-pop: DUS51-C1
accept-ranges: bytes
content-length: 11058
x-amz-id-2: EcfaKAbZzgS9cza4/IqmH2ne4nq3ShCbwRiq8axmCbgNC3iaNCcHu/QS7NiEI6kw0KiYM9Hz/b8=
x-amz-cf-id: 7d06mZ-o-7g0LVJ2YsluN1OIAD92ytPhIUnO30cVGP6D7d3zcDjnXw==

GET
H2 200 rts.js Show response
rts-static-prod.freshworksapi.com/us/ Frame B21D 309 KB
56 KB 74ms
25ms Script
text/javascript 13.226.159.115
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://rts-static-prod.freshworksapi.com/us/rts.js
Requested by: Host: assetscdn-wchat.freshchat.com
URL: https://assetscdn-wchat.freshchat.com/static/assets/fc_web_widget-aa45a75718774d454341f95dc8c642e5.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.226.159.115 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-226-159-115.dus51.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: e3e98381f78e920e1be4788a3c8c7653856dca81896098500175dc6826ed1d12

Request headers

Referer: https://wchat.freshchat.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-amz-version-id: El1gXp4Dyd2lbzKBtq1hFnpUsHZdeoAo
content-encoding: gzip
etag: W/"45bfbab5b9483d6f3a054f70c456a308"
last-modified: Tue, 16 Feb 2021 07:43:55 GMT
server: AmazonS3
x-amz-cf-pop: DUS51-C1
x-amz-server-side-encryption: AES256
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: text/javascript
via: 1.1 0ee6aea018b9489b266252370f1e002e.cloudfront.net (CloudFront)
cache-control: no-cache
date: Sat, 13 Mar 2021 17:25:52 GMT
x-amz-cf-id: 0O5m96hvDjopYXlpHIG6LV5--i-vPE4nD9jtbd83zXp3PVneD1pUFA==

GET
H2 200 config Show response
wchat.freshchat.com/app/services/app/webchat/f66f1fd5-3779-444d-9b9f-06c2dbc68e71/ Frame B21D 2 KB
2 KB 113ms
113ms XHR
application/json 52.206.164.102
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL

https://wchat.freshchat.com/app/services/app/webchat/f66f1fd5-3779-444d-9b9f-06c2dbc68e71/config?domain=aHR0cHM6Ly9la3N0cmFwb2ludC5jb20

Requested by

Host: assetscdn-wchat.freshchat.com
URL: https://assetscdn-wchat.freshchat.com/static/assets/vendor-fa663bf6ab59c356d5e98aabbea77fbd.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

52.206.164.102 Ashburn, United States, ASN14618 (AMAZON-AES, US),

Reverse DNS

ec2-52-206-164-102.compute-1.amazonaws.com

Software

nginx /

Resource Hash

d03f69a4709a633b8896d7acc479ee662eef695b0b1822dfa08a94efe5daa70c

Security Headers

Name	Value
Content-Security-Policy	style-src 'unsafe-inline' ; font-src 'self' data:; img-src 'self' * data:; connect-src 'self' ; script-src 'self' 'unsafe-eval' 'unsafe-inline' https://.freshchat.com https://.freshworksapi.com; child-src 'self' blob:; media-src 'self' https://.freshchat.com; manifest-src 'self' https://.freshchat.com; default-src 'none';
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	1; mode=block, 1

Request headers

Accept: application/json
Referer: https://wchat.freshchat.com/widget/?token=f66f1fd5-3779-444d-9b9f-06c2dbc68e71&referrer=aHR0cHM6Ly9la3N0cmFwb2ludC5jb20=
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-server: 4082
date: Sat, 13 Mar 2021 17:25:52 GMT
served-by: 4082
server: nginx
strict-transport-security: max-age=31536000; includeSubDomains
content-type: application/json;charset=UTF-8
cache-control: no-cache, no-cache, no-store, must-revalidate, pre-check=0, post-check=0
access-control-allow-credentials: true
content-security-policy: style-src 'unsafe-inline' *; font-src 'self' * data:; img-src 'self' * data:; connect-src 'self' *; script-src 'self' 'unsafe-eval' 'unsafe-inline' https://*.freshchat.com https://*.freshworksapi.com; child-src 'self' * blob:; media-src 'self' https://*.freshchat.com; manifest-src 'self' https://*.freshchat.com; default-src 'none';
content-encoding: gzip
x-xss-protection: 1; mode=block, 1
x-request-id: 20e45e58-e390-499b-9765-7975503ae908
expires: Thu, 01 Jan 1970 00:00:01 GMT

GET
H2 200 en-us-e6409ca6a5d0f7c9ec3b066ac97c13c8.js Show response
assetscdn-wchat.freshchat.com/static/assets/translations/ Frame B21D 12 KB
4 KB 60ms
21ms XHR
text/javascript 13.226.159.126
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://assetscdn-wchat.freshchat.com/static/assets/translations/en-us-e6409ca6a5d0f7c9ec3b066ac97c13c8.js
Requested by: Host: assetscdn-wchat.freshchat.com
URL: https://assetscdn-wchat.freshchat.com/static/assets/vendor-fa663bf6ab59c356d5e98aabbea77fbd.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.226.159.126 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-226-159-126.dus51.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 65813852cb6a8411f7761b991baf9345271f90d1ba70f52b99f7509a5eb80c1e

Request headers

Accept: application/json, text/plain, */*
Referer: https://wchat.freshchat.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sat, 13 Mar 2021 17:23:34 GMT
content-encoding: gzip
age: 148
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
access-control-max-age: 60
access-control-allow-origin: https://wchat.freshchat.com
last-modified: Tue, 02 Mar 2021 08:05:50 GMT
server: AmazonS3
etag: W/"e6409ca6a5d0f7c9ec3b066ac97c13c8"
vary: Origin
access-control-allow-methods: GET, HEAD
content-type: text/javascript
via: 1.1 498cdb7d5db845f8fbb098d88d764204.cloudfront.net (CloudFront)
cache-control: max-age=31536000, no-transform, public
access-control-allow-credentials: true
x-amz-cf-pop: DUS51-C1
x-amz-cf-id: CiVeO8Ufvfvx6oNeUXqn9hCI_bog0F3JTTOB-CyOfz0ic-Va2tli9Q==
expires: Fri, 11 Mar 2022 10:18:43 GMT

GET
H2 200 competition-juicy-jackpot-logo-XL.webp
cdn.ekstrapoint.com/images/ 50 KB
51 KB 41ms
41ms Image
image/png 13.226.159.105
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cdn.ekstrapoint.com/images/competition-juicy-jackpot-logo-XL.webp
Requested by: Host: cdn.ekstrapoint.com
URL: https://cdn.ekstrapoint.com/app/main-es2015.15d543be45ef62097a32.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.226.159.105 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-226-159-105.dus51.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 8a8ad528c1445e0ea039713494ca9b9e8c8822e9e3ae3c3057577a877ccb8426

Request headers

Referer: https://ekstrapoint.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sat, 13 Mar 2021 05:16:19 GMT
via: 1.1 4ecd74dda94d7576e134fcdf16df8129.cloudfront.net (CloudFront)
last-modified: Thu, 21 Nov 2019 10:45:41 GMT
server: AmazonS3
x-amz-request-id: 09B11FFBCD996F6E
etag: "6628943f647d0e72a5d5b3e8ee144b91"
x-cache: Hit from cloudfront
content-type: image/png
cache-control: public, max-age=29030400
x-amz-cf-pop: DUS51-C1
accept-ranges: bytes
content-length: 51496
x-amz-id-2: PuxjcRCSBrsAOwEOido/wsxVkbYb/1edoC4TLRJrVLDTW6m7AzTTyrk6FTdc2p1BiF61kGbXeLw=
x-amz-cf-id: xi3qjV7GkW0coajkUjRWq3OFAs-VHFHsMpY_QYsTFcEtnb-NW5i0eg==

GET
H2 200 competition-monsters-background-M.webp
cdn.ekstrapoint.com/images/ 15 KB
16 KB 43ms
42ms Image
image/png 13.226.159.105
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cdn.ekstrapoint.com/images/competition-monsters-background-M.webp
Requested by: Host: cdn.ekstrapoint.com
URL: https://cdn.ekstrapoint.com/app/main-es2015.15d543be45ef62097a32.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.226.159.105 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-226-159-105.dus51.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: d4ef937593d12334a2ade82ec2583b0bb2e0d6358aa9e325271aa734a00d27d6

Request headers

Referer: https://ekstrapoint.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sat, 13 Mar 2021 05:22:38 GMT
via: 1.1 4ecd74dda94d7576e134fcdf16df8129.cloudfront.net (CloudFront)
last-modified: Thu, 21 Nov 2019 11:26:05 GMT
server: AmazonS3
x-amz-request-id: DZEM6N9V3Y4P8H3T
etag: "2636af438cdfec0c4cfd59c359095e73"
x-cache: Hit from cloudfront
content-type: image/png
cache-control: public, max-age=29030400
x-amz-cf-pop: DUS51-C1
accept-ranges: bytes
content-length: 15518
x-amz-id-2: Iu2L9Lzfovmub7Ea4ttp6TDEX8RnPu+vf2/daEd/9mG67gjEBQIG1ydjOU2UgdaXqjSEcPEfrkc=
x-amz-cf-id: IQSBR2Ccc1zskABhb1n4mT2aeU7G4vOj2XuXm7J9Hvjnbw-Bh5C5cQ==

GET
H2 200 competition-juicy-jackpot-background-M.webp
cdn.ekstrapoint.com/images/ 4 KB
4 KB 37ms
35ms Image
image/png 13.226.159.105
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cdn.ekstrapoint.com/images/competition-juicy-jackpot-background-M.webp
Requested by: Host: cdn.ekstrapoint.com
URL: https://cdn.ekstrapoint.com/app/main-es2015.15d543be45ef62097a32.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.226.159.105 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-226-159-105.dus51.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 0632bac109f493ec01cbebd2c8aedfe3d7b80999e9def190df95a80a11dd5a57

Request headers

Referer: https://ekstrapoint.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sat, 13 Mar 2021 04:39:19 GMT
via: 1.1 4ecd74dda94d7576e134fcdf16df8129.cloudfront.net (CloudFront)
last-modified: Thu, 21 Nov 2019 10:46:05 GMT
server: AmazonS3
x-amz-request-id: 1034700A9A4573C6
etag: "cec3c58b4ff6a6335724e4b70b205d17"
x-cache: Hit from cloudfront
content-type: image/png
cache-control: public, max-age=29030400
x-amz-cf-pop: DUS51-C1
accept-ranges: bytes
content-length: 3992
x-amz-id-2: xWaWe2xRozAZCFluLlqgF1K2xPqZzbFLii8gAgiM1+bM+euKYQvaJyosLyD8LDPzFdnzVQtXURU=
x-amz-cf-id: 11F6Tjf5c4v-Ldg1MtN5nV3jpo_Xo11FSkVGgJyOzhAu1NKwGlVgBg==

GET
H2 200 Sin-City-2-slot-game-background-M.webp
cdn.ekstrapoint.com/images/ 15 KB
16 KB 37ms
36ms Image
image/jpeg 13.226.159.105
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cdn.ekstrapoint.com/images/Sin-City-2-slot-game-background-M.webp
Requested by: Host: cdn.ekstrapoint.com
URL: https://cdn.ekstrapoint.com/app/main-es2015.15d543be45ef62097a32.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.226.159.105 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-226-159-105.dus51.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 920ce3d3f92496179595c522f5edf3958be7574238b0a1b5bba0948695e6c80d

Request headers

Referer: https://ekstrapoint.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sat, 13 Mar 2021 04:03:48 GMT
via: 1.1 4ecd74dda94d7576e134fcdf16df8129.cloudfront.net (CloudFront)
last-modified: Mon, 22 Jun 2020 09:10:11 GMT
server: AmazonS3
x-amz-request-id: 2606C38CD34FFBDE
etag: "45a90d180a92bf6d5fc6b264d363f4ae"
x-cache: Hit from cloudfront
content-type: image/jpeg
cache-control: public, max-age=29030400
x-amz-cf-pop: DUS51-C1
accept-ranges: bytes
content-length: 15762
x-amz-id-2: BnaV7SwiPsUlmm51+ekCHjjPu94Q0bZFe6EVFTzKGFv4iYYO7naTqXy83Ty6Q9EDI6Wnwz5CnDw=
x-amz-cf-id: btMArA03oqhaGEc7y6CWZsZxL7bS-Hql3luQ0W3uta3IHkUwDdlTxg==

GET
H2 200 competition-classical-fruits-background-M.webp
cdn.ekstrapoint.com/images/ 36 KB
36 KB 59ms
58ms Image
image/png 13.226.159.105
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cdn.ekstrapoint.com/images/competition-classical-fruits-background-M.webp
Requested by: Host: cdn.ekstrapoint.com
URL: https://cdn.ekstrapoint.com/app/main-es2015.15d543be45ef62097a32.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.226.159.105 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-226-159-105.dus51.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 66af31214cf473cdc16a780d4bc165778b0a7a4d7acf00b4fdc09864d055ec01

Request headers

Referer: https://ekstrapoint.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sat, 13 Mar 2021 04:58:25 GMT
via: 1.1 4ecd74dda94d7576e134fcdf16df8129.cloudfront.net (CloudFront)
last-modified: Thu, 21 Nov 2019 11:25:50 GMT
server: AmazonS3
x-amz-request-id: 15F97105BE72B515
etag: "91cdfe97605502b87d1c2a671e429102"
x-cache: Hit from cloudfront
content-type: image/png
cache-control: public, max-age=29030400
x-amz-cf-pop: DUS51-C1
accept-ranges: bytes
content-length: 36820
x-amz-id-2: h7y68SoYydaB3KCL5P5FmYgNpb2+aaonLvxZ+UsV+3wkQkyOPCILGomU4NLxvg0J6uex5DnGM4M=
x-amz-cf-id: kVBR5hffWLBBOe3DkI0EAsiFFdQekUZ2uyk-5WS_q0dzsPAxSA8pGw==

GET
H2 200 Sin-City-2-slot-game-logo-M.webp
cdn.ekstrapoint.com/images/ 18 KB
19 KB 34ms
34ms Image
image/png 13.226.159.105
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cdn.ekstrapoint.com/images/Sin-City-2-slot-game-logo-M.webp
Requested by: Host: cdn.ekstrapoint.com
URL: https://cdn.ekstrapoint.com/app/main-es2015.15d543be45ef62097a32.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.226.159.105 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-226-159-105.dus51.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: fe08b463c12ffd065db969e130e5a9538a8082197dd5b284760482778955b633

Request headers

Referer: https://ekstrapoint.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sat, 13 Mar 2021 03:14:14 GMT
via: 1.1 4ecd74dda94d7576e134fcdf16df8129.cloudfront.net (CloudFront)
last-modified: Mon, 22 Jun 2020 09:09:36 GMT
server: AmazonS3
x-amz-request-id: 498075CDD9E4F6C6
etag: "762eb6723a891990d52acab7159890b3"
x-cache: Hit from cloudfront
content-type: image/png
cache-control: public, max-age=29030400
x-amz-cf-pop: DUS51-C1
accept-ranges: bytes
content-length: 18642
x-amz-id-2: eCKDuV86HjBjEQlpqHtikk1VTyLMF1dNJevZedjC7NeBlhJdDqhvzlNZnJEqSvi24+MeB//R+5U=
x-amz-cf-id: Ltoa5OT526pxpZ1V2HKFsucznaiI8ScR235GJL6HT5IypD6nImUVyg==

GET
H2 200 competition-monsters-XL.webp
cdn.ekstrapoint.com/images/ 47 KB
47 KB 36ms
35ms Image
image/png 13.226.159.105
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cdn.ekstrapoint.com/images/competition-monsters-XL.webp
Requested by: Host: cdn.ekstrapoint.com
URL: https://cdn.ekstrapoint.com/app/main-es2015.15d543be45ef62097a32.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.226.159.105 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-226-159-105.dus51.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: c367fe7a8de86275bcdbdd5112c770b661d2a13c0713ecf324c78af5d4f465de

Request headers

Referer: https://ekstrapoint.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sat, 13 Mar 2021 02:42:57 GMT
via: 1.1 4ecd74dda94d7576e134fcdf16df8129.cloudfront.net (CloudFront)
last-modified: Thu, 21 Nov 2019 11:31:45 GMT
server: AmazonS3
x-amz-request-id: 28D11FA6E4CAAFDE
etag: "248b17b61479664fcc088c53568bdf04"
x-cache: Hit from cloudfront
content-type: image/png
cache-control: public, max-age=29030400
x-amz-cf-pop: DUS51-C1
accept-ranges: bytes
content-length: 47668
x-amz-id-2: +9QY8AB+w+xx9bsIYs8oWCxlnnPqJsAmLAPSnyz0YYMu8sSJAo8i+KZRX0bo1nncwNSf/R2TRmo=
x-amz-cf-id: 53pUT6tDJGkZ4GREqdK4hKXEBYUFqrKXGNZJMbSDMqKNSN3pZEm6ow==

GET
H2 200 pirates-background-new-M.webp
cdn.ekstrapoint.com/images/ 11 KB
11 KB 36ms
36ms Image
image/jpeg 13.226.159.105
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cdn.ekstrapoint.com/images/pirates-background-new-M.webp
Requested by: Host: cdn.ekstrapoint.com
URL: https://cdn.ekstrapoint.com/app/main-es2015.15d543be45ef62097a32.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.226.159.105 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-226-159-105.dus51.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 052f8fe3e6315a9af625e2a25cfe66790267bcc0aaebe2bf00feb803ff21cd88

Request headers

Referer: https://ekstrapoint.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sat, 13 Mar 2021 03:54:52 GMT
via: 1.1 4ecd74dda94d7576e134fcdf16df8129.cloudfront.net (CloudFront)
last-modified: Fri, 15 Nov 2019 10:10:48 GMT
server: AmazonS3
x-amz-request-id: F70AF6142385EE68
etag: "87e24a54f58047df5486bf146544cf10"
x-cache: Hit from cloudfront
content-type: image/jpeg
cache-control: public, max-age=29030400
x-amz-cf-pop: DUS51-C1
accept-ranges: bytes
content-length: 11058
x-amz-id-2: EcfaKAbZzgS9cza4/IqmH2ne4nq3ShCbwRiq8axmCbgNC3iaNCcHu/QS7NiEI6kw0KiYM9Hz/b8=
x-amz-cf-id: buEykdonAX_3nBypgzxWkF7IKbsUKOm3qU0uP_fm47OMpN406t6dBw==

GET
H2 200 competition-slot-mountain-background-M.webp
cdn.ekstrapoint.com/images/ 8 KB
8 KB 36ms
36ms Image
image/png 13.226.159.105
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cdn.ekstrapoint.com/images/competition-slot-mountain-background-M.webp
Requested by: Host: cdn.ekstrapoint.com
URL: https://cdn.ekstrapoint.com/app/main-es2015.15d543be45ef62097a32.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.226.159.105 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-226-159-105.dus51.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 38d3198d418b799dbf8ebb545dd5a1083fca53ebf6cb16998fc9d69d9709f363

Request headers

Referer: https://ekstrapoint.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sat, 13 Mar 2021 04:00:20 GMT
via: 1.1 4ecd74dda94d7576e134fcdf16df8129.cloudfront.net (CloudFront)
last-modified: Thu, 21 Nov 2019 10:36:07 GMT
server: AmazonS3
x-amz-request-id: FV3S0G1YCX9X1PCW
etag: "80ebb76fec5f174397936c7052be0d9d"
x-cache: Hit from cloudfront
content-type: image/png
cache-control: public, max-age=29030400
x-amz-cf-pop: DUS51-C1
accept-ranges: bytes
content-length: 7960
x-amz-id-2: wAr/KCjce4UQeSraVg3Q/OQULTvc4C/dkvFhsTQtA+BUKPtkUOy6oONulC2ieUs2PIQwsL49Dtw=
x-amz-cf-id: hk9LmKe0NJgPMGMmzZxrXHFcIAVDRH2dzlVF0pGawKnXGpz-w-FmuQ==

GET
H2 200 css
fonts.googleapis.com/ 2 KB
521 B 14ms
14ms Stylesheet
text/css 2a00:1450:4001:82a::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Lato:400,700,900&display=swap

Requested by

Host: ekstrapoint.com
URL: https://ekstrapoint.com/?showSignup=true&trkid=3901100d-8fc2-4c66-a08a-aed083da5af7&aid=5D9&mid=PPC&cb=161565635027&cb=1615656350284

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82a::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

bb0bf2d733b2a149bef6b82de488a4c375abaccc3c9ab18e6b75fca98c509c42

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Referer: https://ekstrapoint.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 0
last-modified: Sat, 13 Mar 2021 16:18:36 GMT
server: ESF
date: Sat, 13 Mar 2021 17:25:52 GMT
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Sat, 13 Mar 2021 17:25:52 GMT

GET
H2 200 competition-pirates-logo-XL.webp
cdn.ekstrapoint.com/images/ 52 KB
52 KB 35ms
35ms Image
image/png 13.226.159.105
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cdn.ekstrapoint.com/images/competition-pirates-logo-XL.webp
Requested by: Host: cdn.ekstrapoint.com
URL: https://cdn.ekstrapoint.com/app/main-es2015.15d543be45ef62097a32.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.226.159.105 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-226-159-105.dus51.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 37e510ca2145ae70ea6651af6208218e035328ea589ceaf7c0075419cde10e4c

Request headers

Referer: https://ekstrapoint.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 12 Mar 2021 21:45:21 GMT
via: 1.1 4ecd74dda94d7576e134fcdf16df8129.cloudfront.net (CloudFront)
last-modified: Thu, 21 Nov 2019 10:37:21 GMT
server: AmazonS3
x-amz-request-id: 935CF1771C6A5F0B
etag: "47d1731bf89e07e1a06bd31207b215de"
x-cache: Hit from cloudfront
content-type: image/png
cache-control: public, max-age=29030400
x-amz-cf-pop: DUS51-C1
accept-ranges: bytes
content-length: 53218
x-amz-id-2: YHdupHQpFUk6mQb2l5baHGSxlDQTxwQtZPhow9rutgtWZOVWGnSNJgNOUBo8iMzC65Vxo7Oh7UE=
x-amz-cf-id: YC6rv_O1_rbW_8v4xGRMolqx0PS82NrdASNrGBW5lXi_bW8zZEK0eQ==

GET
H2 200 competition-classical-fruits-XL.webp
cdn.ekstrapoint.com/images/ 34 KB
34 KB 68ms
67ms Image
image/png 13.226.159.105
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cdn.ekstrapoint.com/images/competition-classical-fruits-XL.webp
Requested by: Host: cdn.ekstrapoint.com
URL: https://cdn.ekstrapoint.com/app/main-es2015.15d543be45ef62097a32.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.226.159.105 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-226-159-105.dus51.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: da10b49edc32c2e9ae8638bd9b8b05c0ff7ecbc9574518dfc4bedb542b45c4bd

Request headers

Referer: https://ekstrapoint.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sat, 13 Mar 2021 02:27:07 GMT
via: 1.1 4ecd74dda94d7576e134fcdf16df8129.cloudfront.net (CloudFront)
last-modified: Thu, 21 Nov 2019 11:26:41 GMT
server: AmazonS3
x-amz-request-id: 47EC661978C796A6
etag: "59d51b9419a8617b5e48ce0a3c8fbe43"
x-cache: Hit from cloudfront
content-type: image/png
cache-control: public, max-age=29030400
x-amz-cf-pop: DUS51-C1
accept-ranges: bytes
content-length: 34366
x-amz-id-2: OmvCPtZO5hPKFULzBWRXCIU1ZES2Jn6G3CYRCDh8lOszQ6UjVjtiUpZqeifeai8mhMEC/y4jOss=
x-amz-cf-id: hpGFJU4hNcnVoYrKiYz_GzqJJNnhEP0e6yD1tKgJIOmAllQLykHxlA==

GET
H2 200 slot-mountain-competition-logo-XL.webp
cdn.ekstrapoint.com/images/ 66 KB
66 KB 32ms
32ms Image
image/png 13.226.159.105
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cdn.ekstrapoint.com/images/slot-mountain-competition-logo-XL.webp
Requested by: Host: cdn.ekstrapoint.com
URL: https://cdn.ekstrapoint.com/app/main-es2015.15d543be45ef62097a32.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.226.159.105 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-226-159-105.dus51.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 0616cfcdca3f23d98b29284c81d428350b1c5744882eb8b0a6c68ed05863579e

Request headers

Referer: https://ekstrapoint.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sat, 13 Mar 2021 03:17:09 GMT
via: 1.1 4ecd74dda94d7576e134fcdf16df8129.cloudfront.net (CloudFront)
last-modified: Thu, 21 Nov 2019 10:37:13 GMT
server: AmazonS3
x-amz-request-id: B64FEDAE0DF1F863
etag: "340420dac69e6cf20d86ad144d5147c2"
x-cache: Hit from cloudfront
content-type: image/png
cache-control: public, max-age=29030400
x-amz-cf-pop: DUS51-C1
accept-ranges: bytes
content-length: 67200
x-amz-id-2: XfjavttOZnvo3CLn3AWj/z+KXw589mdsbIuXPuXXAA/tYx5YwbERxM8Li5GfPWRENGqxBcqxuas=
x-amz-cf-id: yqS3t9Uurhe0POu9To89GIwZT4chSPo9vjRoWaN9ttmhjGApuC9rTQ==

GET
H2 200 S6u9w4BMUTPHh50XSwiPGQ.woff2
fonts.gstatic.com/s/lato/v17/ 22 KB
22 KB 7ms
6ms Font
font/woff2 2a00:1450:4001:811::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/lato/v17/S6u9w4BMUTPHh50XSwiPGQ.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Lato:400,700,900&display=swap

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:811::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

7d4243c8e973ec0cfc707904891ae4e3efc03dbc8923acb9755f9a35c92269a6

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Origin: https://ekstrapoint.com
Referer: https://fonts.googleapis.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 09 Mar 2021 06:52:12 GMT
x-content-type-options: nosniff
last-modified: Tue, 15 Sep 2020 18:10:30 GMT
server: sffe
age: 383620
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 22572
x-xss-protection: 0
expires: Wed, 09 Mar 2022 06:52:12 GMT

GET
H2 200 S6uyw4BMUTPHjx4wXg.woff2
fonts.gstatic.com/s/lato/v17/ 23 KB
23 KB 9ms
8ms Font
font/woff2 2a00:1450:4001:811::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/lato/v17/S6uyw4BMUTPHjx4wXg.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Lato:400,700,900&display=swap

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:811::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

c3c0d3f472358aac78455515c4800771426770c22698e2486d39fdb5505634e1

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Origin: https://ekstrapoint.com
Referer: https://fonts.googleapis.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 11 Mar 2021 04:06:34 GMT
x-content-type-options: nosniff
last-modified: Tue, 15 Sep 2020 18:10:46 GMT
server: sffe
age: 220758
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 23484
x-xss-protection: 0
expires: Fri, 11 Mar 2022 04:06:34 GMT

GET
H2 200 S6u9w4BMUTPHh6UVSwiPGQ.woff2
fonts.gstatic.com/s/lato/v17/ 22 KB
23 KB 8ms
8ms Font
font/woff2 2a00:1450:4001:811::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/lato/v17/S6u9w4BMUTPHh6UVSwiPGQ.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Lato:400,700,900&display=swap

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:811::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

8d3ca80fa271e94b0c36cf3053b0f806b7a42bb3395b424c99dc0bd218f0ac20

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Origin: https://ekstrapoint.com
Referer: https://fonts.googleapis.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 10 Mar 2021 22:16:00 GMT
x-content-type-options: nosniff
last-modified: Tue, 15 Sep 2020 18:12:12 GMT
server: sffe
age: 241792
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 22992
x-xss-protection: 0
expires: Thu, 10 Mar 2022 22:16:00 GMT

GET
H3-Q050 200 collect
www.google-analytics.com/ 35 B
86 B 7ms
6ms Image
image/gif 2a00:1450:4001:828::200e
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google-analytics.com/collect?v=1&_v=j88&a=755666468&t=event&ni=1&_s=2&dl=https%3A%2F%2Fekstrapoint.com%2F%3FshowSignup%3Dtrue%26trkid%3D3901100d-8fc2-4c66-a08a-aed083da5af7%26aid%3D5D9%26mid%3DPPC%26cb%3D161565635027%26cb%3D1615656350284&dr=https%3A%2F%2Flt.theplayadvisor.com%2F&dp=%2F%2F%3FshowSignup%3Dtrue%26trkid%3D3901100d-8fc2-4c66-a08a-aed083da5af7%26aid%3D5D9%26mid%3DPPC%26cb%3D161565635027%26cb%3D1615656350284&ul=en-us&de=UTF-8&dt=Free%20Online%20Casino%20Games%20%26%20Slots%20%7C%20Real%20Prizes%20%7C%20EkstraPoint&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&ec=getsitecontrol&ea=show&el=Cookie%20Consent%20Bar%20ENG%20%2348039&_u=aHBAAEABAAAAAC~&jid=&gjid=&cid=1040327025.1615656352&tid=UA-120989112-2&_gid=19244818.1615656352&gtm=2wg330W2W7HTS&cd2=0&z=239605876

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:828::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://ekstrapoint.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 13 Mar 2021 12:53:27 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
age: 16345
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 35
expires: Mon, 01 Jan 1990 00:00:00 GMT

POST
H2 202 events
dash.getsitecontrol.com/api/v1/ 0
212 B 309ms
102ms Other
text/plain 3.82.166.181
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://dash.getsitecontrol.com/api/v1/events?ts=1615656352365&sid=0d3b7b91-f9c7-453d-98a1-7f575b70efe6&t=1615656352.5637ec01ac4bd1d8c3f74afe384fa87c.e19a10440dade6a7a4d947d85348f4c4&s=b8a2e19cb572c7f77446543f949db3af
Requested by: Host: s2.getsitecontrol.com
URL: https://s2.getsitecontrol.com/widgets/es6/runtime.d93f1c9.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 3.82.166.181 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-3-82-166-181.compute-1.amazonaws.com
Software: Getsitecontrol /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://ekstrapoint.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

date: Sat, 13 Mar 2021 17:25:52 GMT
server: Getsitecontrol
access-control-allow-methods: GET,POST
access-control-allow-origin: *
cache-control: private, no-cache
access-control-allow-credentials: false
access-control-allow-headers: Content-Type,X-Requested-With
content-length: 0

GET
H2 200 fs-icons_db9017235f84eecfa2cafef72d487865-1181e40b8546834a9805fdf81df2f865.woff2
assetscdn-wchat.freshchat.com/static/assets/fonts/ Frame B21D 5 KB
5 KB 72ms
72ms Font
binary/octet-stream 13.226.159.126
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://assetscdn-wchat.freshchat.com/static/assets/fonts/fs-icons_db9017235f84eecfa2cafef72d487865-1181e40b8546834a9805fdf81df2f865.woff2
Requested by: Host: assetscdn-wchat.freshchat.com
URL: https://assetscdn-wchat.freshchat.com/static/assets/fc_web_widget-92421146592626d588a0e09124c320dc.css
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.226.159.126 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-226-159-126.dus51.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 6666b1bc7149695c78ecca2bea7d59d1b83694253bde589d4e4ae73507f35760

Request headers

Origin: https://wchat.freshchat.com
Referer: https://assetscdn-wchat.freshchat.com/static/assets/fc_web_widget-92421146592626d588a0e09124c320dc.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sat, 13 Mar 2021 17:25:52 GMT
via: 1.1 498cdb7d5db845f8fbb098d88d764204.cloudfront.net (CloudFront)
x-amz-cf-pop: DUS51-C1
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
access-control-max-age: 60
content-length: 4928
last-modified: Tue, 23 Feb 2021 10:15:18 GMT
server: AmazonS3
etag: "1181e40b8546834a9805fdf81df2f865"
vary: Origin
access-control-allow-methods: GET, HEAD
content-type: binary/octet-stream
access-control-allow-origin: https://wchat.freshchat.com
cache-control: max-age=31536000, no-transform, public
access-control-allow-credentials: true
accept-ranges: bytes
x-amz-cf-id: gwTtEx6zUFk_EczEbhMeb0VO38Nj2WzFUqi20DPaqC7O3Td21YBoPA==
expires: Fri, 11 Mar 2022 10:18:43 GMT

GET
H2 200 co-browsing.js Show response
wchat.freshchat.com/js/ 35 KB
10 KB 103ms
103ms Script
application/javascript 52.206.164.102
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL

https://wchat.freshchat.com/js/co-browsing.js

Requested by

Host: wchat.freshchat.com
URL: https://wchat.freshchat.com/js/widget.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

52.206.164.102 Ashburn, United States, ASN14618 (AMAZON-AES, US),

Reverse DNS

ec2-52-206-164-102.compute-1.amazonaws.com

Software

nginx /

Resource Hash

2d2ab2204c032e454972a6754b8b116627903444e8886a0f6252720a023c7900

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	1; mode=block

Request headers

Referer: https://ekstrapoint.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sat, 13 Mar 2021 17:25:52 GMT
served-by: 4082
last-modified: Thu, 11 Mar 2021 10:18:43 GMT
server: nginx
strict-transport-security: max-age=31536000; includeSubDomains
content-type: application/javascript
cache-control: no-cache, no-cache, no-store, must-revalidate, pre-check=0, post-check=0
x-server: 4082
content-encoding: gzip
x-xss-protection: 1; mode=block
expires: Thu, 01 Jan 1970 00:00:01 GMT

GET
H2 200 user Show response
wchat.freshchat.com/app/services/app/webchat/f66f1fd5-3779-444d-9b9f-06c2dbc68e71/ Frame B21D 63 B
737 B 105ms
105ms XHR
application/json 52.206.164.102
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL

https://wchat.freshchat.com/app/services/app/webchat/f66f1fd5-3779-444d-9b9f-06c2dbc68e71/user

Requested by

Host: assetscdn-wchat.freshchat.com
URL: https://assetscdn-wchat.freshchat.com/static/assets/vendor-fa663bf6ab59c356d5e98aabbea77fbd.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

52.206.164.102 Ashburn, United States, ASN14618 (AMAZON-AES, US),

Reverse DNS

ec2-52-206-164-102.compute-1.amazonaws.com

Software

nginx /

Resource Hash

02a00e3ef645e0351f654665d42b03388e6a73e0ab4f853c8904faecf322b229

Security Headers

Name	Value
Content-Security-Policy	style-src 'unsafe-inline' ; font-src 'self' data:; img-src 'self' * data:; connect-src 'self' ; script-src 'self' 'unsafe-eval' 'unsafe-inline' https://.freshchat.com https://.freshworksapi.com; child-src 'self' blob:; media-src 'self' https://.freshchat.com; manifest-src 'self' https://.freshchat.com; default-src 'none';
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	1; mode=block, 1

Request headers

Accept: application/json
Referer: https://wchat.freshchat.com/widget/?token=f66f1fd5-3779-444d-9b9f-06c2dbc68e71&referrer=aHR0cHM6Ly9la3N0cmFwb2ludC5jb20=
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-server: 4894
date: Sat, 13 Mar 2021 17:25:52 GMT
served-by: 4894
server: nginx
strict-transport-security: max-age=31536000; includeSubDomains
content-type: application/json;charset=UTF-8
cache-control: no-cache, no-cache, no-store, must-revalidate, pre-check=0, post-check=0
access-control-allow-credentials: true
content-security-policy: style-src 'unsafe-inline' *; font-src 'self' * data:; img-src 'self' * data:; connect-src 'self' *; script-src 'self' 'unsafe-eval' 'unsafe-inline' https://*.freshchat.com https://*.freshworksapi.com; child-src 'self' * blob:; media-src 'self' https://*.freshchat.com; manifest-src 'self' https://*.freshchat.com; default-src 'none';
content-encoding: gzip
x-xss-protection: 1; mode=block, 1
x-request-id: b0169e3c-d3e1-4a81-ad3b-b39ef6801fd0
expires: Thu, 01 Jan 1970 00:00:01 GMT

GET
H2 206 notif.mp3
assetscdn-wchat.freshchat.com/static/assets/audio/ Frame B21D 4 KB
5 KB 20ms
20ms Media
audio/mpeg 13.226.159.126
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://assetscdn-wchat.freshchat.com/static/assets/audio/notif.mp3
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.226.159.126 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-226-159-126.dus51.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: eb2e3f703cf8ee0156a1d625e053c0968b0dfcff62ea4254ddd8ba9fece3ad32

Request headers

Referer: https://wchat.freshchat.com/
Accept-Encoding: identity;q=1, *;q=0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Range: bytes=0-

Response headers

date: Sat, 13 Mar 2021 17:24:47 GMT
via: 1.1 414a05dee9c365a2a2079013f9d53671.cloudfront.net (CloudFront)
age: 236
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
Content-Range: bytes 0-4301/4302
Content-Length: 4302
last-modified: Tue, 23 Feb 2021 10:15:18 GMT
server: AmazonS3
etag: "a529450a7cfb4a60dea41ef294fa90dd"
content-type: audio/mpeg
cache-control: max-age=31536000, no-transform, public
x-amz-cf-pop: DUS51-C1
accept-ranges: bytes
x-amz-cf-id: YTkn4aDZ0aHl_QOTJglOdYoNlAbKwjP0QHuxY9cJ2_pjTDoyIiDdzA==
expires: Fri, 11 Mar 2022 10:18:43 GMT

GET
H2 200 cb.css
wchat.freshchat.com/css/ 1 KB
980 B 101ms
101ms Stylesheet
text/css 52.206.164.102
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL

https://wchat.freshchat.com/css/cb.css?t=1615656352886

Requested by

Host: wchat.freshchat.com
URL: https://wchat.freshchat.com/js/co-browsing.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

52.206.164.102 Ashburn, United States, ASN14618 (AMAZON-AES, US),

Reverse DNS

ec2-52-206-164-102.compute-1.amazonaws.com

Software

nginx /

Resource Hash

496f4ec180b45c31ce6fef39717ddf39efb84ce4253b3bebb43841521b8b654a

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	1; mode=block

Request headers

Referer: https://ekstrapoint.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sat, 13 Mar 2021 17:25:52 GMT
served-by: 2601
last-modified: Thu, 11 Mar 2021 10:18:43 GMT
server: nginx
strict-transport-security: max-age=31536000; includeSubDomains
content-type: text/css
cache-control: max-age=31536000, no-cache, no-store, must-revalidate, pre-check=0, post-check=0, public
x-server: 2601
content-encoding: gzip
x-xss-protection: 1; mode=block
expires: Sun, 13 Mar 2022 17:25:52 GMT

GET
H2 200 widget_info_v2 Show response
wchat.freshchat.com/app/services/app/webchat/f66f1fd5-3779-444d-9b9f-06c2dbc68e71/ Frame B21D 7 KB
2 KB 122ms
121ms XHR
application/json 52.206.164.102
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL

https://wchat.freshchat.com/app/services/app/webchat/f66f1fd5-3779-444d-9b9f-06c2dbc68e71/widget_info_v2?locales=en-US,en-US&platform=web

Requested by

Host: assetscdn-wchat.freshchat.com
URL: https://assetscdn-wchat.freshchat.com/static/assets/vendor-fa663bf6ab59c356d5e98aabbea77fbd.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

52.206.164.102 Ashburn, United States, ASN14618 (AMAZON-AES, US),

Reverse DNS

ec2-52-206-164-102.compute-1.amazonaws.com

Software

nginx /

Resource Hash

c283b87a3a36d316183bbb3d9960d96bf5fcf5b203f5e831e4bf1eeba003f5ee

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	1; mode=block

Request headers

Accept: application/json
Referer: https://wchat.freshchat.com/widget/?token=f66f1fd5-3779-444d-9b9f-06c2dbc68e71&referrer=aHR0cHM6Ly9la3N0cmFwb2ludC5jb20=
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-server: 1911
date: Sat, 13 Mar 2021 17:25:52 GMT
served-by: 1911
server: nginx
strict-transport-security: max-age=31536000; includeSubDomains
content-type: application/json;charset=UTF-8
cache-control: no-cache, no-cache, no-store, must-revalidate, pre-check=0, post-check=0
access-control-allow-credentials: true
x-status: EXPIRED
content-encoding: gzip
x-xss-protection: 1; mode=block
x-request-id: d5aecf86-7c7d-4aac-8f52-f1be48e7d2d8
expires: Thu, 01 Jan 1970 00:00:01 GMT

GET
H2 200 category Show response
wchat.freshchat.com/app/services/app/webchat/f66f1fd5-3779-444d-9b9f-06c2dbc68e71/faq/ Frame B21D 209 B
832 B 110ms
110ms XHR
application/json 52.206.164.102
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL

https://wchat.freshchat.com/app/services/app/webchat/f66f1fd5-3779-444d-9b9f-06c2dbc68e71/faq/category?platform=web&locales=en-US%2Cen-US&since=&lastLocaleId=

Requested by

Host: assetscdn-wchat.freshchat.com
URL: https://assetscdn-wchat.freshchat.com/static/assets/vendor-fa663bf6ab59c356d5e98aabbea77fbd.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

52.206.164.102 Ashburn, United States, ASN14618 (AMAZON-AES, US),

Reverse DNS

ec2-52-206-164-102.compute-1.amazonaws.com

Software

nginx /

Resource Hash

02e3544a9bc30d538c1df9d02fb82f1306798ebb68470fcc67e2bbe4e9cbac77

Security Headers

Name	Value
Content-Security-Policy	style-src 'unsafe-inline' ; font-src 'self' data:; img-src 'self' * data:; connect-src 'self' ; script-src 'self' 'unsafe-eval' 'unsafe-inline' https://.freshchat.com https://.freshworksapi.com; child-src 'self' blob:; media-src 'self' https://.freshchat.com; manifest-src 'self' https://.freshchat.com; default-src 'none';
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	1; mode=block, 1

Request headers

Accept: application/json
Referer: https://wchat.freshchat.com/widget/?token=f66f1fd5-3779-444d-9b9f-06c2dbc68e71&referrer=aHR0cHM6Ly9la3N0cmFwb2ludC5jb20=
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-server: 5612
date: Sat, 13 Mar 2021 17:25:53 GMT
served-by: 5612
server: nginx
strict-transport-security: max-age=31536000; includeSubDomains
content-type: application/json;charset=UTF-8
cache-control: no-cache, no-cache, no-store, must-revalidate, pre-check=0, post-check=0
access-control-allow-credentials: true
content-security-policy: style-src 'unsafe-inline' *; font-src 'self' * data:; img-src 'self' * data:; connect-src 'self' *; script-src 'self' 'unsafe-eval' 'unsafe-inline' https://*.freshchat.com https://*.freshworksapi.com; child-src 'self' * blob:; media-src 'self' https://*.freshchat.com; manifest-src 'self' https://*.freshchat.com; default-src 'none';
content-encoding: gzip
x-xss-protection: 1; mode=block, 1
x-request-id: 413ac95f-883a-4a52-9c29-221c6cbf8491
expires: Thu, 01 Jan 1970 00:00:01 GMT

PUT
H2 200 activity Show response
wchat.freshchat.com/app/services/app/webchat/f66f1fd5-3779-444d-9b9f-06c2dbc68e71/user/2e53427f-c630-4d03-88ad-d50d4d9dfff5/ Frame B21D 17 B
666 B 106ms
105ms XHR
application/json 52.206.164.102
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL

https://wchat.freshchat.com/app/services/app/webchat/f66f1fd5-3779-444d-9b9f-06c2dbc68e71/user/2e53427f-c630-4d03-88ad-d50d4d9dfff5/activity

Requested by

Host: assetscdn-wchat.freshchat.com
URL: https://assetscdn-wchat.freshchat.com/static/assets/vendor-fa663bf6ab59c356d5e98aabbea77fbd.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

52.206.164.102 Ashburn, United States, ASN14618 (AMAZON-AES, US),

Reverse DNS

ec2-52-206-164-102.compute-1.amazonaws.com

Software

nginx /

Resource Hash

f1ea07a1e51a389c8de07120ae5c2e432e9dd8f4fbd6f92489f185b0523a3fd4

Security Headers

Name	Value
Content-Security-Policy	style-src 'unsafe-inline' ; font-src 'self' data:; img-src 'self' * data:; connect-src 'self' ; script-src 'self' 'unsafe-eval' 'unsafe-inline' https://.freshchat.com https://.freshworksapi.com; child-src 'self' blob:; media-src 'self' https://.freshchat.com; manifest-src 'self' https://.freshchat.com; default-src 'none';
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	1; mode=block, 1

Request headers

Referer: https://wchat.freshchat.com/home/15533
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sat, 13 Mar 2021 17:25:53 GMT
served-by: 4894
server: nginx
strict-transport-security: max-age=31536000; includeSubDomains
content-type: application/json;charset=UTF-8
cache-control: no-cache, no-cache, no-store, must-revalidate, pre-check=0, post-check=0
access-control-allow-credentials: true
content-security-policy: style-src 'unsafe-inline' *; font-src 'self' * data:; img-src 'self' * data:; connect-src 'self' *; script-src 'self' 'unsafe-eval' 'unsafe-inline' https://*.freshchat.com https://*.freshworksapi.com; child-src 'self' * blob:; media-src 'self' https://*.freshchat.com; manifest-src 'self' https://*.freshchat.com; default-src 'none';
x-server: 4894
content-length: 17
x-xss-protection: 1; mode=block, 1
x-request-id: 422925ff-8db1-4c98-9988-b42ad25fb90f
expires: Thu, 01 Jan 1970 00:00:01 GMT

GET
H/1.1 200
OK img_1608548677039.png
fc-use1-00-pics-bkt-00.s3.amazonaws.com/df78d362957be05f638225ed4f0f93bdcd2504ad786dd840ffde14668f4af2c6/f_marketingpicFull/u_aa227e7731067a41842c87c1fa635cbd8f7ffac5aaa2187add0be6348a8155d0/ Frame B21D 3 KB
3 KB 412ms
110ms Image
image/png 52.216.238.211
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://fc-use1-00-pics-bkt-00.s3.amazonaws.com/df78d362957be05f638225ed4f0f93bdcd2504ad786dd840ffde14668f4af2c6/f_marketingpicFull/u_aa227e7731067a41842c87c1fa635cbd8f7ffac5aaa2187add0be6348a8155d0/img_1608548677039.png
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.216.238.211 Ashburn, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: s3-1-w.amazonaws.com
Software: AmazonS3 /
Resource Hash: 996858dbe66b99cf2c1b787cc441dae72a1d434e482d355bdb041496598e4c11

Request headers

Referer: https://wchat.freshchat.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-amz-server-side-encryption: AES256
Date: Sat, 13 Mar 2021 17:25:54 GMT
Last-Modified: Mon, 21 Dec 2020 11:04:38 GMT
Server: AmazonS3
x-amz-request-id: RA6E57R6WWFZQ678
ETag: "f965ac02a75a9dc6ed0fd28ea307f1a9"
x-amz-version-id: ZNeTap_fx3Oj1Q2pTVyLQ8d4L2Pk8uhk
x-amz-storage-class: REDUCED_REDUNDANCY
Accept-Ranges: bytes
Content-Type: image/png
Content-Length: 2803
x-amz-id-2: RbxqPzPFaE6m2F+KctqHgzpdCFKb1BMSbTNk6P0Y6Iuw/Mkii0IetwgxeOyDBfb5nCQ0VVnlwtM=

GET
BLOB 200
OK b7c5eb06-d6b1-4ec8-906a-0217ebf33406
https://wchat.freshchat.com/ Frame B21D 150 B
0 Other
text/plain

General

Check archive.org

Show headers Download Go to

Full URL: blob:https://wchat.freshchat.com/b7c5eb06-d6b1-4ec8-906a-0217ebf33406
Protocol: BLOB
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: f9ad5dbf44764c275ac6c76067b0a3a388cb1a8a20e4e5d2e71d942f032e0c5b

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Length: 150

Verdicts & Comments Add Verdict or Comment

194 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

9 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
.google.com/	1970-01-19 21:11:07	Name: NID Value: 211=iMT3xeN8IHVqAdJspbB0FUqeEkwsfRYyXUOD-zTbv6nEYrltk7ZSprG9SfMJ2-JCL35iMaN2wIRbKOelk4kgZgv0VpXcz36PUeYxl8eFw9QOfTNQXbKrfbf7_yAfhS3lDE-Q0qRaJvcEy3bdbIl-msnEIIB4zswrFCNdgnEyNpA
.ekstrapoint.com/	1970-01-20 01:33:12	Name: _fw_crm_v Value: 15970878-9f0a-4f9b-e718-b7084a44fb02
.ekstrapoint.com/	1970-01-19 18:57:12	Name: _fbp Value: fb.1.1615656351622.188156797
.ekstrapoint.com/	1970-01-19 16:47:36	Name: _gat_UA-120989112-2 Value: 1
.ekstrapoint.com/	1970-01-19 16:49:02	Name: _gid Value: GA1.2.19244818.1615656352
.ekstrapoint.com/	1970-01-20 10:18:48	Name: _ga Value: GA1.2.1040327025.1615656352
.ekstrapoint.com/	1970-01-19 18:57:12	Name: _gcl_au Value: 1.1.540639084.1615656352
.ekstrapoint.com/	1978-01-11 21:30:57	Name: G_ENABLED_IDPS Value: google
ekstrapoint.com/	1970-01-19 16:49:02	Name: trkdata Value: {"mid":"PPC","referer":"https://lt.theplayadvisor.com/","affiliateTrackingId":"3901100d-8fc2-4c66-a08a-aed083da5af7"}

16 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
console-api	log	URL: https://cdn.ekstrapoint.com/app/main-es2015.15d543be45ef62097a32.js(Line 1) Message: ### Params pushed to gsc: {"userName":null,"firstName":null,"welcomeName":null,"pointsEp":null,"locale":null,"linkToken":null,"siteLanguage":"en","country":"INT","region":null,"language":"en","geoIso":null}
console-api	error	URL: https://cdn.ekstrapoint.com/app/main-es2015.15d543be45ef62097a32.js(Line 1) Message: Error getting data from localStorage TypeError: Cannot read property 'getItem' of null
console-api	log	URL: https://cdn.ekstrapoint.com/app/main-es2015.15d543be45ef62097a32.js(Line 1) Message: manage no-scroll class false
console-api	log	URL: https://cdn.ekstrapoint.com/app/main-es2015.15d543be45ef62097a32.js(Line 1) Message: manage no-scroll class true
console-api	error	URL: https://cdn.ekstrapoint.com/app/main-es2015.15d543be45ef62097a32.js(Line 1) Message: Error getting data from localStorage TypeError: Cannot read property 'getItem' of null
console-api	error	URL: https://cdn.ekstrapoint.com/app/main-es2015.15d543be45ef62097a32.js(Line 1) Message: Error getting data from localStorage TypeError: Cannot read property 'getItem' of null
console-api	error	URL: https://cdn.ekstrapoint.com/app/main-es2015.15d543be45ef62097a32.js(Line 1) Message: Error getting data from localStorage TypeError: Cannot read property 'getItem' of null
console-api	error	URL: https://cdn.ekstrapoint.com/app/main-es2015.15d543be45ef62097a32.js(Line 1) Message: Error getting data from localStorage TypeError: Cannot read property 'getItem' of null
console-api	log	URL: https://cdn.onesignal.com/sdks/OneSignalSDK.js(Line 1) Message: OneSignal: Using fallback ES5 Stub for backwards compatibility.
console-api	error	URL: https://cdn.ekstrapoint.com/app/main-es2015.15d543be45ef62097a32.js(Line 1) Message: Error getting data from localStorage TypeError: Cannot read property 'getItem' of null
console-api	error	URL: https://cdn.ekstrapoint.com/app/main-es2015.15d543be45ef62097a32.js(Line 1) Message: Error getting data from localStorage TypeError: Cannot read property 'getItem' of null
console-api	error	URL: https://cdn.ekstrapoint.com/app/main-es2015.15d543be45ef62097a32.js(Line 1) Message: Error getting data from localStorage TypeError: Cannot read property 'getItem' of null
console-api	error	URL: https://cdn.ekstrapoint.com/app/main-es2015.15d543be45ef62097a32.js(Line 1) Message: Error getting data from localStorage TypeError: Cannot read property 'getItem' of null
console-api	error	URL: https://cdn.ekstrapoint.com/app/main-es2015.15d543be45ef62097a32.js(Line 1) Message: Error getting data from localStorage TypeError: Cannot read property 'getItem' of null
console-api	error	URL: https://cdn.ekstrapoint.com/app/main-es2015.15d543be45ef62097a32.js(Line 1) Message: Error getting data from localStorage TypeError: Cannot read property 'getItem' of null
console-api	error	URL: https://cdn.ekstrapoint.com/app/main-es2015.15d543be45ef62097a32.js(Line 1) Message: Error getting data from localStorage TypeError: Cannot read property 'getItem' of null

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

accounts.google.com
alfik-fik.com
apis.google.com
assetscdn-wchat.freshchat.com
cdn.ekstrapoint.com
cdn.ekstrapoint.net
cdn.onesignal.com
connect.facebook.net
dash.getsitecontrol.com
ekstrapoint.com
fc-use1-00-pics-bkt-00.s3.amazonaws.com
fonts.googleapis.com
fonts.gstatic.com
graph.facebook.com
img.sedoparking.com
l.getsitecontrol.com
lh3.googleusercontent.com
lt.theplayadvisor.com
mx2.serviceclientorange.dyg.fr
platform-lookaside.fbsbx.com
res.cloudinary.com
rts-static-prod.freshworksapi.com
s2.getsitecontrol.com
ssl.gstatic.com
stats.g.doubleclick.net
theplayadvisor.com
track.vcdc.com
wchat.freshchat.com
www.facebook.com
www.google-analytics.com
www.google.com
www.google.de
www.googletagmanager.com
xml.sedodna.com
13.226.159.10
13.226.159.105
13.226.159.115
13.226.159.126
13.226.159.23
167.233.8.197
173.239.53.32
185.59.220.199
205.234.175.175
2606:4700::6812:e234
2a00:1450:4001:809::2003
2a00:1450:4001:80e::200d
2a00:1450:4001:80e::200e
2a00:1450:4001:810::2003
2a00:1450:4001:810::2004
2a00:1450:4001:811::2003
2a00:1450:4001:828::2008
2a00:1450:4001:828::200e
2a00:1450:4001:829::2001
2a00:1450:4001:82a::200a
2a00:1450:400c:c09::9a
2a03:2880:f02d:12:face:b00c:0:3
2a03:2880:f02d:e:face:b00c:0:2
2a03:2880:f12d:83:face:b00c:0:25de
2a04:4e42:3::393
3.82.166.181
34.250.61.179
52.206.164.102
52.216.238.211
54.84.27.165
62.113.194.12
91.134.212.144
91.195.241.137
01f35ecfed1871c910bed05c644d93d9fc45854ca36e7988d3324db7300ea4de
02a00e3ef645e0351f654665d42b03388e6a73e0ab4f853c8904faecf322b229
02e3544a9bc30d538c1df9d02fb82f1306798ebb68470fcc67e2bbe4e9cbac77
052f8fe3e6315a9af625e2a25cfe66790267bcc0aaebe2bf00feb803ff21cd88
0616cfcdca3f23d98b29284c81d428350b1c5744882eb8b0a6c68ed05863579e
0632bac109f493ec01cbebd2c8aedfe3d7b80999e9def190df95a80a11dd5a57
0c62c6951a4240f3772f2ce6df7b43b588d7aae72bef2f3ca57576c3bdc0b203
0d9dc12607ecb4f0f7d251415d2aded00faf432b1c676aa63bf2767324334022
0f3be44690ae9914ae3e47b7752e1bdea316f09938e9094f99e0de19ccd8987a
10d8d42d73a02ddb877101e72fbfa15a0ec820224d97cedee4cf92d571be5caa
145a7504826d9c288942da8f19cea483d440cd1c92ead7c1f77d6d88998fe2cf
1821a3825d0ed02c11a94ae06c5bde3b996cfc9e7e6aab4c461f3ff32cccc10a
1bb3d6ffc6c6de20bb88b2d0d6908b1d6417f3163d95f8a96a2c753f773d5695
1db13da87f8ca70aec2cff9a4da2de38a7945d1b0961628cd301a2331136ff30
1f2b2b4e8de2bcd3c51e9c9883ba15413305fbce15ffbff2e24fe71fd35c3492
23f48f55c6d5d14f32c9e0eb180550916664087593e5f7eb05c4aa7f64d3c177
240be83e2b11f478bc45a5bd92c15e770366a1c64bd403eb9e73932a129eee6d
29c2221091bda7b82623054ba28bc28ed592752da15d7db1158f640f94bbb423
2d2ab2204c032e454972a6754b8b116627903444e8886a0f6252720a023c7900
2f0a9e652dc3df98b72a88e1ab87521142b7d08d87fc104d16d903ac0899fc2f
3243e28e652cd2b0a27f2ecd788cf42f42b0cc9996888ad5e688bb4ccf1c82a6
37caf5b1044303c723e59ed43ce421c011b6590f7aec57b26d91878e742e7d3c
37e510ca2145ae70ea6651af6208218e035328ea589ceaf7c0075419cde10e4c
38d3198d418b799dbf8ebb545dd5a1083fca53ebf6cb16998fc9d69d9709f363
3cbc02656511523cc34e07588e646109596fd8d9eeb9f8ce453039a575d96da1
3d9349412ecbf65d2f9eabab0681c78478f523c2a53304d7bba80dcce50dc211
40a0aae3b73d9c39c79c9512852ff0a2d241b0010450658d71ade37447a33ba0
44263ae63122b11cd77124d313d9828042321b3e2c5512b776710e2d21af5698
453d7aae6674d894da46b576c4a451cc52355c95f51b501ff70c7f246ec784a8
479cfe30323366acc7d37e0e35c7a69198d952e7b998f87ec2b1ee5cf6dbf044
496f4ec180b45c31ce6fef39717ddf39efb84ce4253b3bebb43841521b8b654a
5072078837f02a35ace2a7e183f4cbaf04b876e345f3b32302e5ea1759e04274
544d87f178536371f5053ac2f88dbb57296eca73a2bc6a06920a7571e3a3eecf
57c06d6d9ee0cdce4645808f201e49ee1e5ac692ce485098dc017fe932ea0bc1
627389fb2e1e11271205231b207e6ecb5496e1f9bd05c2a5688cb36135cb5516
643e3de2904f810ec8ab495596aca42e0d72ccceb1e0b2f95b96bde6f83ab8c6
646d31eb237c88bacaf9aebe9f0c18fce391d4b8acb96bc12582f4d6eaf7a74c
64ab34dae9b08035f9efcecde836424cd641238a3478dc29bd137428175555bd
65813852cb6a8411f7761b991baf9345271f90d1ba70f52b99f7509a5eb80c1e
6666b1bc7149695c78ecca2bea7d59d1b83694253bde589d4e4ae73507f35760
66af31214cf473cdc16a780d4bc165778b0a7a4d7acf00b4fdc09864d055ec01
68de86e9cd4e23918bc0b670265741e54b1c4b969b3cfbd37ceca62dc0ef1fc2
69115920f993c637eb5fbefea1c282f586e9aaf6031d8c0f75a2721683773d06
693918d4f9f30483456c0b202582237307b44959680b8df23da65e423b9b511f
6a6fca7cbb0a5f7b2951d04d27853fb791f4d663d8e4a4d0b68562f137a5dccc
6b6036436f13f9f4e95a736abb562c8dad23cb3198af0c6aded51abd91f3029c
6b7a66f47a339e18e3c9d1a38055124f26fca5ea383a8df0269cec3ae388574d
6bb3c199077848ea3a889081495cb6e0ffe54aa0d73600112fe62ced64136034
6d8b45a6ed728514c8787c1d4794d0a3d7c1dbcda07a6061ccc1c7c3bc941315
6fe887b91ffde823629a6ada825675c6d71b1035a4b5523356f2132277df0268
71846519346eccc4fcee1dbcde6d9b481d432b16e4f9d681f8a89c4db27b6aec
73b6cac3c7553587f0982738d9717171b3cb2d4764f61c609b083fd29a85d844
7a69aa02a10b30878fba9a0c15b10c6b82fcabf5c99f7036e81e59c50bdac814
7d4243c8e973ec0cfc707904891ae4e3efc03dbc8923acb9755f9a35c92269a6
7da52074b04629b92cdcefae01ad4ca52646caa829aa5e9bc2d7377d89e85264
7e4eebbb2512c8214176b060899d400d653dee8ed7e18d32de127786f686dc4f
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
84e01419bd81f32ac6df0f75f49c604fda9172000a3ae432b3c47b2a6a712d80
85186583038d99e2e0aa74878062da51b070299b1aa2a08238ae8e600c127e14
89ce694adf9dcc7909c3880648e4f2794dce56ad2a307ea942f6b8b7d721668b
8a8ad528c1445e0ea039713494ca9b9e8c8822e9e3ae3c3057577a877ccb8426
8d3ca80fa271e94b0c36cf3053b0f806b7a42bb3395b424c99dc0bd218f0ac20
8daf09a6fc31937457dd77e9c25ce4b21349d605b561a8c5d557841bf964c9a0
9174ba77e75471a95b8b87626296fb6bdf8fcef578d50741ca935af31cc29336
920ce3d3f92496179595c522f5edf3958be7574238b0a1b5bba0948695e6c80d
97f1e3085b0458898a9eaae364b01045424e418e7c002e521032abb710c5a8a1
986552903856b995425777caa1ce31fdb11fb3f6a28027e79013abb5173500a5
996858dbe66b99cf2c1b787cc441dae72a1d434e482d355bdb041496598e4c11
9e7ea2b4ba8e2bcc4a964d6192e4671dc5f6863a1c7e35b52b229a3c1e67a68d
a027852074b3d2d6fc74891a36c030397eb3282cce46a7120dd9c219e2ae00f3
a1943a600956d093b6bdbd157ffea2a0a738342a1a7a454a31364c3aa41325fa
a21a79c6e85a254c1e573e9d3d1ab57990e8382d8cea1a81868eeda265c45bc0
a24d68ae9a623f0c54cec8a758c12e4c708845d7a30e7c7ac6df33accc0b509a
a2ba38145172e2804b6d987f1251da6d0d47a703bacc1732bf3fc08cedc059a0
a78bb5217b9830c0798bf9a3f076a4cd4b6a920fa51d151e2ddf51fbfc41d49b
ab5898c442e5e66d60cb1bc2cf151cc182c49efa174cee860023c568de241668
b04e46a651751c457802d459062be6e892dfce90305a4dbf7474e8f2cf7156cf
b0c67b9866873ee64361e795e43f10be2d05f304501beadb143f21dd58416980
b1c2038fb05386815a7dc6a6a989ef603a45f669baf0450e9e78b9c62f8bde0f
b7b5cb91888a40b8bfda27189bbf2f5daf5180782b77e3759698a4ed3e2bcbc4
b8bf8cf6aad10dbb83c0b38f7dc9bb3192db6d42b1ff9dcd90e54b2d5070d370
bb0bf2d733b2a149bef6b82de488a4c375abaccc3c9ab18e6b75fca98c509c42
c060e3647992ad67f4157d98376c053afff3d3736b24a32f76a121c5c7d4626a
c12080dd6c9bd2bca9f01d694df5e45973e77859c61c3bd59ca81a257db678bb
c283b87a3a36d316183bbb3d9960d96bf5fcf5b203f5e831e4bf1eeba003f5ee
c367fe7a8de86275bcdbdd5112c770b661d2a13c0713ecf324c78af5d4f465de
c3c0d3f472358aac78455515c4800771426770c22698e2486d39fdb5505634e1
c90cff659645a312a28804965f3dbc34061338f7234ff5d6ddb2c57e9eadec15
c9fc4ed7123e18b8e2eb751cd390c2b411e9e26b24550cefb9796f568e680de0
ca7945f4b8aafb2115be0ab37260a21800a48d7311d77e6b562e4a567c8dfdb8
cbea91d7b8ad45465449c722d68fb90623680c7e7bdfd5ee3f0cafba512fb75d
ccb5febf8ac335a1b768a7a2087fa4362cb3a0a9392e2e451df9d9825e88e5db
ce2bf0fa3e4ad5f1e72ddde6ec9fbf2eddcf3d8908bc1ffa429fc94632653556
d03f69a4709a633b8896d7acc479ee662eef695b0b1822dfa08a94efe5daa70c
d1bf819527278a19fd3622dddbc0416e5be1fbd9a6101f180ae4aa7fdf0ad8c4
d4ef937593d12334a2ade82ec2583b0bb2e0d6358aa9e325271aa734a00d27d6
d61eea2bd44d66606af081dfd3b6b5a2ec7d8a2feefdefa22588c5b15ec66ec6
d82e8ad03c958be0e840283b314fbd372ab169febe830a83074a6efde03f5916
da10b49edc32c2e9ae8638bd9b8b05c0ff7ecbc9574518dfc4bedb542b45c4bd
de3246094525b21a870fc7d2a67490d0132535c6fa5993755c549f1a9d1bd8af
df65ff2649149fd789294edac4cdcf77e306a90bb7353439c0363c68bfec659c
dfee1c29a16bcfa949dc09c64910ce2a6b1fe7d447e35a22229cc37ceaece433
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e3e98381f78e920e1be4788a3c8c7653856dca81896098500175dc6826ed1d12
eb2e3f703cf8ee0156a1d625e053c0968b0dfcff62ea4254ddd8ba9fece3ad32
ed872e9933093b3779565e20ea4099bcc2af34668b68e99605a1733919492f7f
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
f1d2be5463322a0c3e57edc11de621e9d8c5a5b2ac52a5aad6170d6494f4d7c9
f1ea07a1e51a389c8de07120ae5c2e432e9dd8f4fbd6f92489f185b0523a3fd4
f5bb30e2b983d5c294b17417b62ccdbd525106b90df5a7e633e91bc4e80a909d
f877a798b0af17fb62564cc4a3b2c8f1fb76398c7e3156eae984fafe175bf4c3
f900fe94333f6fd6bbc8c888d245baf461d274b39082c57f93efae48b3e40576
f977fdeec4040238d754b9bc7e1f39ec9b02f7beb56d4b1e2594c165b2a84614
f9ad5dbf44764c275ac6c76067b0a3a388cb1a8a20e4e5d2e71d942f032e0c5b
fb0461bcda1a76644dafbdcd95b9df0f1cb210fd6aa865ae0ddcfe270e2eabbc
fbc21b81561a7b82642b6b1a4894de23b6855551fe13c21ba5d28f8dcd18bb95
fd0a9070b5149900f37b9af2da99d6f7d7f8f34531be875b1a0892e445b241e9
fe08b463c12ffd065db969e130e5a9538a8082197dd5b284760482778955b633
fe5f0c4c9bf2d207ca70042810fb84710ff279f08a6fc72a31b2992d8cb56362

ekstrapoint.com Open in urlscan Pro 13.226.159.10 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page URL History Show full URLs

Detected technologies

Page Statistics

141 Requests

99 %HTTPS

48 %IPv6

25 Domains

34 Subdomains

30 IPs

5 Countries

2741 kBTransfer

9081 kBSize

9 Cookies

18 Outgoing links

Page URL History

Redirected requests

141 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 1 data transactions

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

ekstrapoint.com Open in urlscan Pro
13.226.159.10 Public Scan

Screenshot
Live screenshot

Full Image

141
Requests

99 %
HTTPS

48 %
IPv6

25
Domains

34
Subdomains

30
IPs

5
Countries

2741 kB
Transfer

9081 kB
Size

9
Cookies

141 HTTP transactions
1 data transactions