urlscan.io logo urlscan.io
SecurityTrails logo

www.luckycreek.com Open in urlscan Pro
104.18.199.11  Public Scan

Go To Rescan Add Verdict Report
Submitted URL: http://www.glossiesii.com/2csqdhr8q/785t8ff/?sub1=65f42e9e36d24700016b20aa
Effective URL: https://www.luckycreek.com/welcome/lc-aviator/?TrackingToken=SpafkocPRxQt27KDsDkAtWNd7ZgqdRLk
Submission: On March 15 via api from US — Scanned from US
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 16 IPs in 3 countries across 18 domains to perform 45 HTTP transactions. The main IP is 104.18.199.11, located in and belongs to CLOUDFLARENET, US. The main domain is www.luckycreek.com.
TLS certificate: Issued by E1 on January 26th 2024. Valid for: 3 months.
This is the only time www.luckycreek.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
1 1 34.117.99.21 396982 (GOOGLE-CL...)
1 1 34.96.118.183 396982 (GOOGLE-CL...)
1 1 34.107.186.96 396982 (GOOGLE-CL...)
1 192.154.231.180 397373 (H4Y-TECHN...)
2 2 66.195.197.16 11402 (CCCAS-1)
1 1 104.18.190.136 13335 (CLOUDFLAR...)
1 16 104.18.199.11 13335 (CLOUDFLAR...)
1 2607:f8b0:400... 15169 (GOOGLE)
2 2607:f8b0:400... 15169 (GOOGLE)
6 2606:4700::68... 13335 (CLOUDFLAR...)
3 2600:9000:24f... 16509 (AMAZON-02)
1 2606:4700::68... 13335 (CLOUDFLAR...)
2 2607:f8b0:400... 15169 (GOOGLE)
1 2607:f8b0:400... 15169 (GOOGLE)
1 2607:f8b0:400... 15169 (GOOGLE)
6 66.212.230.32 14537 (CL-1379-1...)
1 2606:4700:303... 13335 (CLOUDFLAR...)
1 54.230.163.43 16509 (AMAZON-02)
1 18.238.49.90 16509 (AMAZON-02)
1 18.190.127.118 16509 (AMAZON-02)
45 16
1    34.117.99.21 (Kansas City, United States)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 21.99.117.34.bc.googleusercontent.com
www.glossiesii.com
1    34.96.118.183 (Kansas City, United States)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 183.118.96.34.bc.googleusercontent.com
www.thrusteriu.com
1    34.107.186.96 (Kansas City, United States)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 96.186.107.34.bc.googleusercontent.com
trk.greenpeakshop.com
1    192.154.231.180 (Los Angeles, United States)

ASN397373 (H4Y-TECHNOLOGIES, US)
PTR: srv81.fingerpaint.club
playablez.com
2    66.195.197.16 (United States)

ASN11402 (CCCAS-1, US)
rinpc.firstfitload.com
rinpc.receivegained.com
1    104.18.190.136 (None, )

ASN13335 (CLOUDFLARENET, US)
record.genesysaffiliates.com
16    104.18.199.11 (None, )

ASN13335 (CLOUDFLARENET, US)
www.luckycreek.com
1    2607:f8b0:4006:817::200e (United States)

ASN15169 (GOOGLE, US)
www.googleoptimize.com
2    2607:f8b0:4006:81f::2008 (United States)

ASN15169 (GOOGLE, US)
www.googletagmanager.com
6    2606:4700::6813:9308 (United States)

ASN13335 (CLOUDFLARENET, US)
script.crazyegg.com
3    2600:9000:24f0:3400:17:7a94:8b80:93a1 (United States)

ASN16509 (AMAZON-02, US)
ca-assets.cerebrospace.net
1    2606:4700::6810:4f49 (United States)

ASN13335 (CLOUDFLARENET, US)
static.cloudflareinsights.com
2    2607:f8b0:4006:822::200e (United States)

ASN15169 (GOOGLE, US)
www.google-analytics.com
1    2607:f8b0:4004:c09::9a (Washington, United States)

ASN15169 (GOOGLE, US)
stats.g.doubleclick.net
1    2607:f8b0:4006:80e::2004 (United States)

ASN15169 (GOOGLE, US)
www.google.com
6    66.212.230.32 (Montreal, Canada)

ASN14537 (CL-1379-14537, US)
kore.bosurl.net
1    2606:4700:3034::ac43:dd9f (United States)

ASN13335 (CLOUDFLARENET, US)
location-api.blue-ion.workers.dev
1    54.230.163.43 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-54-230-163-43.ewr53.r.cloudfront.net
pagestates-tracking.crazyegg.com
1    18.238.49.90 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-18-238-49-90.jfk52.r.cloudfront.net
assets-tracking.crazyegg.com
1    18.190.127.118 (Columbus, United States)

ASN16509 (AMAZON-02, US)
PTR: ec2-18-190-127-118.us-east-2.compute.amazonaws.com
tracking.crazyegg.com
Apex Domain
Subdomains		 Transfer
16 luckycreek.com
www.luckycreek.com
1 MB
9 crazyegg.com
script.crazyegg.com — Cisco Umbrella Rank: 2424
pagestates-tracking.crazyegg.com — Cisco Umbrella Rank: 5220
assets-tracking.crazyegg.com — Cisco Umbrella Rank: 5176
tracking.crazyegg.com — Cisco Umbrella Rank: 4316
90 KB
6 bosurl.net
kore.bosurl.net
2 KB
3 cerebrospace.net
ca-assets.cerebrospace.net
301 KB
2 google-analytics.com
www.google-analytics.com — Cisco Umbrella Rank: 36
21 KB
2 googletagmanager.com
www.googletagmanager.com — Cisco Umbrella Rank: 43
133 KB
1 workers.dev
location-api.blue-ion.workers.dev
2 KB
1 google.com
www.google.com — Cisco Umbrella Rank: 2
408 B
1 doubleclick.net
stats.g.doubleclick.net — Cisco Umbrella Rank: 90
350 B
1 cloudflareinsights.com
static.cloudflareinsights.com — Cisco Umbrella Rank: 840
7 KB
1 googleoptimize.com
www.googleoptimize.com — Cisco Umbrella Rank: 2715
68 KB
1 genesysaffiliates.com
record.genesysaffiliates.com
509 B
1 receivegained.com
rinpc.receivegained.com
705 B
1 firstfitload.com
rinpc.firstfitload.com
702 B
1 playablez.com
playablez.com
373 B
1 greenpeakshop.com
trk.greenpeakshop.com
461 B
1 thrusteriu.com
www.thrusteriu.com
498 B
1 glossiesii.com
www.glossiesii.com
626 B
45 18
Domain Requested by
16 www.luckycreek.com 1 redirects playablez.com
www.luckycreek.com
ca-assets.cerebrospace.net
6 kore.bosurl.net ca-assets.cerebrospace.net
6 script.crazyegg.com www.luckycreek.com
script.crazyegg.com
3 ca-assets.cerebrospace.net www.luckycreek.com
ca-assets.cerebrospace.net
2 www.google-analytics.com www.googletagmanager.com
www.google-analytics.com
2 www.googletagmanager.com www.luckycreek.com
www.googleoptimize.com
1 tracking.crazyegg.com script.crazyegg.com
1 assets-tracking.crazyegg.com script.crazyegg.com
1 pagestates-tracking.crazyegg.com script.crazyegg.com
1 location-api.blue-ion.workers.dev ca-assets.cerebrospace.net
1 www.google.com www.luckycreek.com
1 stats.g.doubleclick.net www.google-analytics.com
1 static.cloudflareinsights.com www.luckycreek.com
1 www.googleoptimize.com www.luckycreek.com
1 record.genesysaffiliates.com 1 redirects
1 rinpc.receivegained.com 1 redirects
1 rinpc.firstfitload.com 1 redirects
1 playablez.com
1 trk.greenpeakshop.com 1 redirects
1 www.thrusteriu.com 1 redirects
1 www.glossiesii.com 1 redirects
45 21

This site contains no links.

Subject Issuer Validity Valid
playablez.com
Sectigo RSA Domain Validation Secure Server CA		 2023-04-17 -
2024-04-16		 a year crt.sh
www.luckycreek.com
E1		 2024-01-26 -
2024-04-25		 3 months crt.sh
*.google-analytics.com
GTS CA 1C3		 2024-02-19 -
2024-05-13		 3 months crt.sh
script.crazyegg.com
E1		 2024-02-06 -
2024-05-06		 3 months crt.sh
ca-assets.cerebrospace.net
Amazon RSA 2048 M03		 2024-03-07 -
2025-04-05		 a year crt.sh
cloudflareinsights.com
GTS CA 1P5		 2024-03-10 -
2024-06-08		 3 months crt.sh
*.g.doubleclick.net
GTS CA 1C3		 2024-02-19 -
2024-05-13		 3 months crt.sh
www.google.com
GTS CA 1C3		 2024-02-19 -
2024-05-13		 3 months crt.sh
*.bosurl.net
Sectigo RSA Domain Validation Secure Server CA		 2023-10-17 -
2024-11-16		 a year crt.sh
blue-ion.workers.dev
GTS CA 1P5		 2024-02-22 -
2024-05-22		 3 months crt.sh
crazyegg.com
Amazon RSA 2048 M02		 2023-05-28 -
2024-06-26		 a year crt.sh

This page contains 4 frames:

Primary Page: https://www.luckycreek.com/welcome/lc-aviator/?TrackingToken=SpafkocPRxQt27KDsDkAtWNd7ZgqdRLk
Frame ID: 0ED3772C21A05A256017D69C0B3633E0
Requests: 33 HTTP requests in this frame

Frame: https://ca-assets.cerebrospace.net/reg-form/forms/register/index.html
Frame ID: 265539B37911855B6B609D7122D836B8
Requests: 3 HTTP requests in this frame

Frame: https://www.luckycreek.com/cdn-cgi/challenge-platform/h/b/scripts/jsd/ace796eb5511/main.js
Frame ID: 828B71277606AC40B5416584D81337C9
Requests: 2 HTTP requests in this frame

Frame: https://script.crazyegg.com/pages/data-scripts/0102/2282/sampling/www.luckycreek.com.json?t=475150
Frame ID: 1010606DA1C886CBF6D2B8A5F8218F3F
Requests: 4 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page Title

Welcome to Lucky Creek

Page URL History Show full URLs

  1. http://www.glossiesii.com/2csqdhr8q/785t8ff/?sub1=65f42e9e36d24700016b20aa HTTP 302
    https://www.thrusteriu.com/cmp/Q9NRNN2Q/77G3B/?__rpt=0&__po=3532&__ptid=1aa7d0ff4ff849ffae2d45c2493d97e... HTTP 302
    https://trk.greenpeakshop.com/55XKFF/3B2Z2KK/?sub2=2a523209dae24d92afad8acc72919e68&sub1=670873&sub3=65f42... HTTP 302
    https://playablez.com/100f89e5feaee805800/92/9b83c913e11d4b629024acc8b38cd229 Page URL
  2. https://rinpc.firstfitload.com/?kw=474028&s1=1452983574 HTTP 302
    https://rinpc.receivegained.com/o/VO5SHURF/cfab93ea-e319-11ee-98d2-f79c2ea8919f/cfb4f016-e319-11ee-b5b9-b3aa... HTTP 302
    https://record.genesysaffiliates.com/_bjQuqXlt20XcZqOhwjy242Nd7ZgqdRLk/1/?payload=d00973f2-e319-11ee-935b-5fe82fe... HTTP 301
    https://www.luckycreek.com/welcome/lc-aviator/?TrackingToken=SpafkocPRxQt27KDsDkAtWNd7ZgqdRLk Page URL

Detected technologies

Overall confidence: 100%
Detected patterns
  • static\.cloudflareinsights\.com/beacon(?:\.min)?\.js
Overall confidence: 100%
Detected patterns
  • script\.crazyegg\.com/pages/scripts/\d+/\d+\.js
Overall confidence: 100%
Detected patterns
  • google-analytics\.com/(?:ga|urchin|analytics)\.js
Overall confidence: 100%
Detected patterns
  • googleoptimize\.com/optimize\.js
Overall confidence: 100%
Detected patterns
  • googletagmanager\.com/gtag/js

Page Statistics

45
Requests

93 %
HTTPS

45 %
IPv6

18
Domains

21
Subdomains

16
IPs

3
Countries

1712 kB
Transfer

3336 kB
Size

24
Cookies

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

  1. http://www.glossiesii.com/2csqdhr8q/785t8ff/?sub1=65f42e9e36d24700016b20aa HTTP 302
    https://www.thrusteriu.com/cmp/Q9NRNN2Q/77G3B/?__rpt=0&__po=3532&__ptid=1aa7d0ff4ff849ffae2d45c2493d97ea&__rpa=0&__rc=1&sub1=65f42e9e36d24700016b20aa&sub2=&sub3=&sub4=&sub5=&source_id=&__pcd=9 HTTP 302
    https://trk.greenpeakshop.com/55XKFF/3B2Z2KK/?sub2=2a523209dae24d92afad8acc72919e68&sub1=670873&sub3=65f42e9e36d24700016b20aa HTTP 302
    https://playablez.com/100f89e5feaee805800/92/9b83c913e11d4b629024acc8b38cd229 Page URL
  2. https://rinpc.firstfitload.com/?kw=474028&s1=1452983574 HTTP 302
    https://rinpc.receivegained.com/o/VO5SHURF/cfab93ea-e319-11ee-98d2-f79c2ea8919f/cfb4f016-e319-11ee-b5b9-b3aa48967b65 HTTP 302
    https://record.genesysaffiliates.com/_bjQuqXlt20XcZqOhwjy242Nd7ZgqdRLk/1/?payload=d00973f2-e319-11ee-935b-5fe82fe3576f& HTTP 301
    https://www.luckycreek.com/welcome/lc-aviator/?TrackingToken=SpafkocPRxQt27KDsDkAtWNd7ZgqdRLk Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 0
  • http://www.glossiesii.com/2csqdhr8q/785t8ff/?sub1=65f42e9e36d24700016b20aa HTTP 302
  • https://www.thrusteriu.com/cmp/Q9NRNN2Q/77G3B/?__rpt=0&__po=3532&__ptid=1aa7d0ff4ff849ffae2d45c2493d97ea&__rpa=0&__rc=1&sub1=65f42e9e36d24700016b20aa&sub2=&sub3=&sub4=&sub5=&source_id=&__pcd=9 HTTP 302
  • https://trk.greenpeakshop.com/55XKFF/3B2Z2KK/?sub2=2a523209dae24d92afad8acc72919e68&sub1=670873&sub3=65f42e9e36d24700016b20aa HTTP 302
  • https://playablez.com/100f89e5feaee805800/92/9b83c913e11d4b629024acc8b38cd229
Request Chain 24
  • https://www.luckycreek.com/cdn-cgi/challenge-platform/scripts/jsd/main.js HTTP 302
  • https://www.luckycreek.com/cdn-cgi/challenge-platform/h/b/scripts/jsd/ace796eb5511/main.js

45 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
9b83c913e11d4b629024acc8b38cd229
playablez.com/100f89e5feaee805800/92/
Redirect Chain
  • http://www.glossiesii.com/2csqdhr8q/785t8ff/?sub1=65f42e9e36d24700016b20aa
  • https://www.thrusteriu.com/cmp/Q9NRNN2Q/77G3B/?__rpt=0&__po=3532&__ptid=1aa7d0ff4ff849ffae2d45c2493d97ea&__rpa=0&__rc=1&sub1=65f42e9e36d24700016b20aa&sub2=&sub3=&sub4=&sub5=&source_id=&__pcd=9
  • https://trk.greenpeakshop.com/55XKFF/3B2Z2KK/?sub2=2a523209dae24d92afad8acc72919e68&sub1=670873&sub3=65f42e9e36d24700016b20aa
  • https://playablez.com/100f89e5feaee805800/92/9b83c913e11d4b629024acc8b38cd229
118 B
373 B 		Document
General
Check archive.org
Download Go to
Full URL
https://playablez.com/100f89e5feaee805800/92/9b83c913e11d4b629024acc8b38cd229
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
192.154.231.180 Los Angeles, United States, ASN397373 (H4Y-TECHNOLOGIES, US),
Reverse DNS
srv81.fingerpaint.club
Software
Apache /
Resource Hash

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36
accept-language
en-US,en;q=0.9

Response headers

content-length
118
content-type
text/html; charset=UTF-8
date
Fri, 15 Mar 2024 22:17:28 GMT
server
Apache

Redirect headers

accept-ch
Sec-Ch-Ua-Platform-Version,Sec-Ch-Ua-Model
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
100
content-type
text/html; charset=utf-8
date
Fri, 15 Mar 2024 22:17:28 GMT
location
https://playablez.com/100f89e5feaee805800/92/9b83c913e11d4b629024acc8b38cd229
server
nginx
vary
Origin
via
1.1 google
x-eflow-request-id
1fa88e6b-065d-47ec-bfb6-1e5965748b2f
Primary Request /
www.luckycreek.com/welcome/lc-aviator/
Redirect Chain
  • https://rinpc.firstfitload.com/?kw=474028&s1=1452983574
  • https://rinpc.receivegained.com/o/VO5SHURF/cfab93ea-e319-11ee-98d2-f79c2ea8919f/cfb4f016-e319-11ee-b5b9-b3aa48967b65
  • https://record.genesysaffiliates.com/_bjQuqXlt20XcZqOhwjy242Nd7ZgqdRLk/1/?payload=d00973f2-e319-11ee-935b-5fe82fe3576f&
  • https://www.luckycreek.com/welcome/lc-aviator/?TrackingToken=SpafkocPRxQt27KDsDkAtWNd7ZgqdRLk
444 KB
119 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://www.luckycreek.com/welcome/lc-aviator/?TrackingToken=SpafkocPRxQt27KDsDkAtWNd7ZgqdRLk
Requested by
Host: playablez.com
URL: https://playablez.com/100f89e5feaee805800/92/9b83c913e11d4b629024acc8b38cd229
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.18.199.11 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
7391aaa0ccd67d2f7b914665943640b25588a7c0c5754245b16eae0a899b8d02
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://playablez.com/100f89e5feaee805800/92/9b83c913e11d4b629024acc8b38cd229
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36
accept-language
en-US,en;q=0.9

Response headers

access-control-allow-origin
*
cache-control
public, max-age=0, must-revalidate
cf-ray
864fdfc6aaa20f47-EWR
content-encoding
gzip
content-type
text/html; charset=utf-8
date
Fri, 15 Mar 2024 22:17:32 GMT
referrer-policy
strict-origin-when-cross-origin
server
cloudflare
vary
Accept-Encoding
x-content-type-options
nosniff

Redirect headers

access-control-allow-origin
*
cache-control
private, no-cache, must-revalidate
cf-cache-status
BYPASS
cf-ray
864fdfbdcf70c34a-EWR
content-type
text/html; charset=utf-8
date
Fri, 15 Mar 2024 22:17:30 GMT
expires
Sat, 26 Jul 1997 05:00:00 GMT
location
https://www.luckycreek.com/welcome/lc-aviator/?TrackingToken=SpafkocPRxQt27KDsDkAtWNd7ZgqdRLk
pragma
no-cache
server
cloudflare
vary
Accept-Encoding
x-powered-by
ZBan
optimize.js
www.googleoptimize.com/ 		187 KB
68 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googleoptimize.com/optimize.js?id=OPT-MS3B5J7
Requested by
Host: www.luckycreek.com
URL: https://www.luckycreek.com/welcome/lc-aviator/?TrackingToken=SpafkocPRxQt27KDsDkAtWNd7ZgqdRLk
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4006:817::200e , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
c60c9c7f7dce0e4d9480d7d6944a880ce5ddd4b87a45f0604113602bdce4cc47
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.luckycreek.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

date
Fri, 15 Mar 2024 22:17:32 GMT
content-encoding
br
strict-transport-security
max-age=31536000; includeSubDomains
server
Google Tag Manager
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
access-control-allow-headers
Cache-Control
content-length
69678
x-xss-protection
0
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires
Fri, 15 Mar 2024 22:17:32 GMT
js
www.googletagmanager.com/gtag/ 		181 KB
67 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagmanager.com/gtag/js?id=UA-20983594-2
Requested by
Host: www.luckycreek.com
URL: https://www.luckycreek.com/welcome/lc-aviator/?TrackingToken=SpafkocPRxQt27KDsDkAtWNd7ZgqdRLk
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4006:81f::2008 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
3d92d6b54223b7443b75c83cabf02be5e8b85ac28eb552ed3d92c73f4bd4ce74
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.luckycreek.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

date
Fri, 15 Mar 2024 22:17:32 GMT
content-encoding
br
strict-transport-security
max-age=31536000; includeSubDomains
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
67823
x-xss-protection
0
last-modified
Fri, 15 Mar 2024 21:13:34 GMT
server
Google Tag Manager
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
access-control-allow-headers
Cache-Control
expires
Fri, 15 Mar 2024 22:17:32 GMT
2282.js
script.crazyegg.com/pages/scripts/0102/ 		6 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://script.crazyegg.com/pages/scripts/0102/2282.js
Requested by
Host: www.luckycreek.com
URL: https://www.luckycreek.com/welcome/lc-aviator/?TrackingToken=SpafkocPRxQt27KDsDkAtWNd7ZgqdRLk
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6813:9308 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e34252e3d2e360606ccb2b347db3017a3ff42f50e0ce64f784e3485c3b12366a

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.luckycreek.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

date
Fri, 15 Mar 2024 22:17:32 GMT
content-encoding
gzip
cf-cache-status
HIT
age
10776
cf-polished
origSize=6112
ce-version
11.5.195
cf-bgj
minify
last-modified
Fri, 15 Mar 2024 19:17:55 GMT
server
cloudflare
vary
Accept-Encoding
content-type
text/javascript
access-control-allow-origin
*
access-control-expose-headers
CE-Version
cache-control
public, max-age=300, s-maxage=1209600
timing-allow-origin
*
cf-ray
864fdfcc8d3343e8-EWR
c8c832a18625b7d2210e9fa7d2e5da4671f46a0f.png
www.luckycreek.com/welcome/lc-aviator/ 		33 KB
34 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.luckycreek.com/welcome/lc-aviator/c8c832a18625b7d2210e9fa7d2e5da4671f46a0f.png
Requested by
Host: www.luckycreek.com
URL: https://www.luckycreek.com/welcome/lc-aviator/?TrackingToken=SpafkocPRxQt27KDsDkAtWNd7ZgqdRLk
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.18.199.11 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
36569f44a76f1bcafc43af08e69d6810d1c237bd3bd881a45f0bfa447be810f3
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.luckycreek.com/welcome/lc-aviator/?TrackingToken=SpafkocPRxQt27KDsDkAtWNd7ZgqdRLk
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

date
Fri, 15 Mar 2024 22:17:32 GMT
referrer-policy
strict-origin-when-cross-origin
x-content-type-options
nosniff
server
cloudflare
etag
"1f39d96ad6c4ac9b7d3615f27e176522"
vary
Accept-Encoding
content-type
image/png
access-control-allow-origin
*
cache-control
public, max-age=0, must-revalidate
cf-ray
864fdfc76b670f47-EWR
content-length
34122
854d066710fb01870c33a632669927dde024dd3f.png
www.luckycreek.com/welcome/lc-aviator/ 		57 KB
57 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.luckycreek.com/welcome/lc-aviator/854d066710fb01870c33a632669927dde024dd3f.png
Requested by
Host: www.luckycreek.com
URL: https://www.luckycreek.com/welcome/lc-aviator/?TrackingToken=SpafkocPRxQt27KDsDkAtWNd7ZgqdRLk
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.18.199.11 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
0728aa11f44b32973d5822c6cebd7173855bdb82fe5bd605ed0f5caf7f12f8e5
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.luckycreek.com/welcome/lc-aviator/?TrackingToken=SpafkocPRxQt27KDsDkAtWNd7ZgqdRLk
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

date
Fri, 15 Mar 2024 22:17:32 GMT
referrer-policy
strict-origin-when-cross-origin
x-content-type-options
nosniff
server
cloudflare
etag
"1c4d7449017dd19ccd6b94e437991065"
vary
Accept-Encoding
content-type
image/png
access-control-allow-origin
*
cache-control
public, max-age=0, must-revalidate
cf-ray
864fdfc76b680f47-EWR
content-length
57934
e7b15c949f4380ec0f3cc73f95965bf8b21f83bf.png
www.luckycreek.com/welcome/lc-aviator/ 		19 KB
19 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.luckycreek.com/welcome/lc-aviator/e7b15c949f4380ec0f3cc73f95965bf8b21f83bf.png
Requested by
Host: www.luckycreek.com
URL: https://www.luckycreek.com/welcome/lc-aviator/?TrackingToken=SpafkocPRxQt27KDsDkAtWNd7ZgqdRLk
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.18.199.11 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
656f35c5fcfd4f00e69a1b50dc93f26916440f984473f1fa9c14cd1d9ebca30c
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.luckycreek.com/welcome/lc-aviator/?TrackingToken=SpafkocPRxQt27KDsDkAtWNd7ZgqdRLk
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

date
Fri, 15 Mar 2024 22:17:32 GMT
referrer-policy
strict-origin-when-cross-origin
x-content-type-options
nosniff
server
cloudflare
etag
"58268e05f7cbfa9d4fcf64257d3abbbe"
vary
Accept-Encoding
content-type
image/png
access-control-allow-origin
*
cache-control
public, max-age=0, must-revalidate
cf-ray
864fdfc7fc190f47-EWR
content-length
19595
30c37d8b5090335b6fcdf0573d3a37fa27a1b190.png
www.luckycreek.com/welcome/lc-aviator/ 		100 KB
101 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.luckycreek.com/welcome/lc-aviator/30c37d8b5090335b6fcdf0573d3a37fa27a1b190.png
Requested by
Host: www.luckycreek.com
URL: https://www.luckycreek.com/welcome/lc-aviator/?TrackingToken=SpafkocPRxQt27KDsDkAtWNd7ZgqdRLk
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.18.199.11 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
3e900d3dbd5efbcd24f57a3e248638c764a53268375c77cb11d2cfdcd787c6c9
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.luckycreek.com/welcome/lc-aviator/?TrackingToken=SpafkocPRxQt27KDsDkAtWNd7ZgqdRLk
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

date
Fri, 15 Mar 2024 22:17:32 GMT
referrer-policy
strict-origin-when-cross-origin
x-content-type-options
nosniff
server
cloudflare
etag
"e973ac259717cfe421af19cde9a0b0aa"
vary
Accept-Encoding
content-type
image/png
access-control-allow-origin
*
cache-control
public, max-age=0, must-revalidate
cf-ray
864fdfc7fc240f47-EWR
content-length
102506
d6e73f1ce01de0ab1a7175daed714e12676e65d5.png
www.luckycreek.com/welcome/lc-aviator/ 		219 KB
219 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.luckycreek.com/welcome/lc-aviator/d6e73f1ce01de0ab1a7175daed714e12676e65d5.png
Requested by
Host: www.luckycreek.com
URL: https://www.luckycreek.com/welcome/lc-aviator/?TrackingToken=SpafkocPRxQt27KDsDkAtWNd7ZgqdRLk
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.18.199.11 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e3c913b93d4855805bf0ea5ebba78d97391cbbc494f1012b160534b0573435e8
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.luckycreek.com/welcome/lc-aviator/?TrackingToken=SpafkocPRxQt27KDsDkAtWNd7ZgqdRLk
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

date
Fri, 15 Mar 2024 22:17:32 GMT
referrer-policy
strict-origin-when-cross-origin
x-content-type-options
nosniff
server
cloudflare
etag
"1eb8d1fbe32e5d6e07b052b20d48a076"
vary
Accept-Encoding
content-type
image/png
access-control-allow-origin
*
cache-control
public, max-age=0, must-revalidate
cf-ray
864fdfc86c890f47-EWR
content-length
224117
4f53d0ec6fe7aad4b720df5d8703cbe0af3d9443.png
www.luckycreek.com/welcome/lc-aviator/ 		255 KB
256 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.luckycreek.com/welcome/lc-aviator/4f53d0ec6fe7aad4b720df5d8703cbe0af3d9443.png
Requested by
Host: www.luckycreek.com
URL: https://www.luckycreek.com/welcome/lc-aviator/?TrackingToken=SpafkocPRxQt27KDsDkAtWNd7ZgqdRLk
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.18.199.11 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e8f0a73c96f72b5d7daed348034b5c52daeead35bc9dd4d6dce86b28bd8e4870
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.luckycreek.com/welcome/lc-aviator/?TrackingToken=SpafkocPRxQt27KDsDkAtWNd7ZgqdRLk
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

date
Fri, 15 Mar 2024 22:17:32 GMT
referrer-policy
strict-origin-when-cross-origin
x-content-type-options
nosniff
server
cloudflare
etag
"a5f9636be7ea483cb14a334ada75ea4c"
vary
Accept-Encoding
content-type
image/png
access-control-allow-origin
*
cache-control
public, max-age=0, must-revalidate
cf-ray
864fdfc9ddca0f47-EWR
content-length
261483
3fc71694b70c3ed0a0758a4addaa3a0d4b2f3507.png
www.luckycreek.com/welcome/lc-aviator/ 		15 KB
15 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.luckycreek.com/welcome/lc-aviator/3fc71694b70c3ed0a0758a4addaa3a0d4b2f3507.png
Requested by
Host: www.luckycreek.com
URL: https://www.luckycreek.com/welcome/lc-aviator/?TrackingToken=SpafkocPRxQt27KDsDkAtWNd7ZgqdRLk
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.18.199.11 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
1c425423716a3e3a849ffb10e54c060a1f0156e778c4471cea3c0f24b6af45ce
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.luckycreek.com/welcome/lc-aviator/?TrackingToken=SpafkocPRxQt27KDsDkAtWNd7ZgqdRLk
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

date
Fri, 15 Mar 2024 22:17:32 GMT
referrer-policy
strict-origin-when-cross-origin
x-content-type-options
nosniff
server
cloudflare
etag
"a9e03ef4489813defbfea9faf9f7ebf9"
vary
Accept-Encoding
content-type
image/png
access-control-allow-origin
*
cache-control
public, max-age=0, must-revalidate
cf-ray
864fdfc9ddcc0f47-EWR
content-length
15318
f1a651261aa1b43b1e4106634cb57d05c694840e.png
www.luckycreek.com/welcome/lc-aviator/ 		17 KB
17 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.luckycreek.com/welcome/lc-aviator/f1a651261aa1b43b1e4106634cb57d05c694840e.png
Requested by
Host: www.luckycreek.com
URL: https://www.luckycreek.com/welcome/lc-aviator/?TrackingToken=SpafkocPRxQt27KDsDkAtWNd7ZgqdRLk
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.18.199.11 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
f12960d3677154c8edac82f3b42662b9337d6ad06f641d0ebb955dfd672c7be4
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.luckycreek.com/welcome/lc-aviator/?TrackingToken=SpafkocPRxQt27KDsDkAtWNd7ZgqdRLk
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

date
Fri, 15 Mar 2024 22:17:32 GMT
referrer-policy
strict-origin-when-cross-origin
x-content-type-options
nosniff
server
cloudflare
etag
"5e6b5e381f71e9dbaead02b2c457c4ac"
vary
Accept-Encoding
content-type
image/png
access-control-allow-origin
*
cache-control
public, max-age=0, must-revalidate
cf-ray
864fdfc9ddcd0f47-EWR
content-length
17444
f49a025b7c21d8bfc7d5026bef759228d58b8692.png
www.luckycreek.com/welcome/lc-aviator/ 		17 KB
17 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.luckycreek.com/welcome/lc-aviator/f49a025b7c21d8bfc7d5026bef759228d58b8692.png
Requested by
Host: www.luckycreek.com
URL: https://www.luckycreek.com/welcome/lc-aviator/?TrackingToken=SpafkocPRxQt27KDsDkAtWNd7ZgqdRLk
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.18.199.11 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
f5c3664e83e892dd1a6d013b888ff564202243219334b3afb6273053b6b7885e
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.luckycreek.com/welcome/lc-aviator/?TrackingToken=SpafkocPRxQt27KDsDkAtWNd7ZgqdRLk
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

date
Fri, 15 Mar 2024 22:17:32 GMT
referrer-policy
strict-origin-when-cross-origin
x-content-type-options
nosniff
server
cloudflare
etag
"e8fb0eac9d524105d27a8480f14c1476"
vary
Accept-Encoding
content-type
image/png
access-control-allow-origin
*
cache-control
public, max-age=0, must-revalidate
cf-ray
864fdfc9ddce0f47-EWR
content-length
17230
ef216d1727f7526e9864cd5c2c3cbd4c383828f4.png
www.luckycreek.com/welcome/lc-aviator/ 		65 KB
66 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.luckycreek.com/welcome/lc-aviator/ef216d1727f7526e9864cd5c2c3cbd4c383828f4.png
Requested by
Host: www.luckycreek.com
URL: https://www.luckycreek.com/welcome/lc-aviator/?TrackingToken=SpafkocPRxQt27KDsDkAtWNd7ZgqdRLk
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.18.199.11 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
fdc091ec0bee411f68b2c1cb34673127913a2a9f7b931e47d85abceb4e373382
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.luckycreek.com/welcome/lc-aviator/?TrackingToken=SpafkocPRxQt27KDsDkAtWNd7ZgqdRLk
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

date
Fri, 15 Mar 2024 22:17:32 GMT
referrer-policy
strict-origin-when-cross-origin
x-content-type-options
nosniff
server
cloudflare
etag
"d1587f866db7825371546632a8b8edc6"
vary
Accept-Encoding
content-type
image/png
access-control-allow-origin
*
cache-control
public, max-age=0, must-revalidate
cf-ray
864fdfc9ddd10f47-EWR
content-length
66974
main.js
ca-assets.cerebrospace.net/reg-form/assets/build/js/ 		283 KB
76 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://ca-assets.cerebrospace.net/reg-form/assets/build/js/main.js
Requested by
Host: www.luckycreek.com
URL: https://www.luckycreek.com/welcome/lc-aviator/?TrackingToken=SpafkocPRxQt27KDsDkAtWNd7ZgqdRLk
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:24f0:3400:17:7a94:8b80:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
4b08d3e2909219c8f6807971450ac91446fa0e80e8d1a5812f219c605e37e9df

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.luckycreek.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

x-amz-version-id
UW1_xZAEpy02vKtwuL4a9xI5NS_sn2Qj
content-encoding
br
via
1.1 749177a97cae42477f22c33c927ca0ce.cloudfront.net (CloudFront)
date
Fri, 15 Mar 2024 13:49:48 GMT
x-amz-cf-pop
JFK50-P3
age
30465
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
x-amz-replication-status
COMPLETED
last-modified
Thu, 18 Jan 2024 14:55:59 GMT
server
AmazonS3
etag
W/"a5705ea740cd6a871928cb6430ae3250"
vary
Accept-Encoding
content-type
application/javascript
cache-control
no-cache
x-amz-cf-id
j9acXZw8jOpv8Fsbt7BIUerZDhc8NqVzC8aiQldy78JRaOsUTNTldQ==
v84a3a4012de94ce1a686ba8c167c359c1696973893317
static.cloudflareinsights.com/beacon.min.js/ 		20 KB
7 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://static.cloudflareinsights.com/beacon.min.js/v84a3a4012de94ce1a686ba8c167c359c1696973893317
Requested by
Host: www.luckycreek.com
URL: https://www.luckycreek.com/welcome/lc-aviator/?TrackingToken=SpafkocPRxQt27KDsDkAtWNd7ZgqdRLk
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6810:4f49 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
6153d13804862b0fc1c016cf1129f34cb7c6185f2cf4bf1a3a862eecdab50101

Request headers

Referer
https://www.luckycreek.com/
Origin
https://www.luckycreek.com
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

date
Fri, 15 Mar 2024 22:17:32 GMT
content-encoding
gzip
last-modified
Tue, 10 Oct 2023 21:38:13 GMT
server
cloudflare
etag
W/"2023.10.0"
vary
Accept-Encoding
content-type
text/javascript;charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=86400
cross-origin-resource-policy
cross-origin
cf-ray
864fdfcc7bb90ca6-EWR
js
www.googletagmanager.com/gtag/ 		181 KB
66 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagmanager.com/gtag/js?id=UA-20983594-2&l=dataLayer&cx=c
Requested by
Host: www.googleoptimize.com
URL: https://www.googleoptimize.com/optimize.js?id=OPT-MS3B5J7
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4006:81f::2008 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
dc5d3b9ae1fa0a1619eb18f2e69c47ad9f39f4ce78a8f7fcc0b146c4b6de8b11
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.luckycreek.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

date
Fri, 15 Mar 2024 22:17:32 GMT
content-encoding
br
strict-transport-security
max-age=31536000; includeSubDomains
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
67796
x-xss-protection
0
last-modified
Fri, 15 Mar 2024 21:13:34 GMT
server
Google Tag Manager
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
access-control-allow-headers
Cache-Control
expires
Fri, 15 Mar 2024 22:17:32 GMT
analytics.js
www.google-analytics.com/ 		52 KB
21 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.google-analytics.com/analytics.js
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=UA-20983594-2
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4006:822::200e , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
de36e50194320a7d3ef1ace9bd34a875a8bd458b253c061979dd628e9bf49afd
Security Headers
Name Value
Strict-Transport-Security max-age=10886400; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.luckycreek.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

strict-transport-security
max-age=10886400; includeSubDomains; preload
content-encoding
gzip
x-content-type-options
nosniff
date
Fri, 15 Mar 2024 22:06:43 GMT
last-modified
Tue, 12 Dec 2023 18:09:08 GMT
server
Golfe2
age
649
vary
Accept-Encoding
content-type
text/javascript
cache-control
public, max-age=7200
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
20994
expires
Sat, 16 Mar 2024 00:06:43 GMT
387de5af039bf444f453adf99123bb4730c496f5.jpg
www.luckycreek.com/welcome/lc-aviator/ 		162 KB
163 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.luckycreek.com/welcome/lc-aviator/387de5af039bf444f453adf99123bb4730c496f5.jpg
Requested by
Host: www.luckycreek.com
URL: https://www.luckycreek.com/welcome/lc-aviator/?TrackingToken=SpafkocPRxQt27KDsDkAtWNd7ZgqdRLk
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.18.199.11 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
28b506f102a11f13dfbfca4d568c079236affbf5f1456b590614be64678d8ab3
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.luckycreek.com/welcome/lc-aviator/?TrackingToken=SpafkocPRxQt27KDsDkAtWNd7ZgqdRLk
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

date
Fri, 15 Mar 2024 22:17:32 GMT
referrer-policy
strict-origin-when-cross-origin
x-content-type-options
nosniff
server
cloudflare
etag
"c369656eaf9370dede231dc3e59dfbbc"
vary
Accept-Encoding
content-type
image/jpeg
access-control-allow-origin
*
cache-control
public, max-age=0, must-revalidate
cf-ray
864fdfca3e320f47-EWR
content-length
166050
collect
www.google-analytics.com/j/ 		2 B
210 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://www.google-analytics.com/j/collect?v=1&_v=j101&a=1278682155&t=pageview&_s=1&dl=https%3A%2F%2Fwww.luckycreek.com%2Fwelcome%2Flc-aviator%2F%3FTrackingToken%3DSpafkocPRxQt27KDsDkAtWNd7ZgqdRLk&dr=https%3A%2F%2Fplayablez.com%2F&ul=en-us&de=UTF-8&dt=Welcome%20to%20Lucky%20Creek&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=YEBAAUABAAAAACAAI~&jid=1343588016&gjid=924609110&cid=424234689.1710541053&tid=UA-20983594-2&_gid=1083934222.1710541053&_r=1&gtm=457e43d0za200&gcd=13l3l3l3l1&dma=0&jsscut=1&z=564920979
Requested by
Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4006:822::200e , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
de3246094525b21a870fc7d2a67490d0132535c6fa5993755c549f1a9d1bd8af
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://www.luckycreek.com/
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Fri, 15 Mar 2024 22:17:32 GMT
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://www.luckycreek.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
2
expires
Fri, 01 Jan 1990 00:00:00 GMT
collect
stats.g.doubleclick.net/j/ 		2 B
350 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://stats.g.doubleclick.net/j/collect?t=dc&aip=1&_r=3&v=1&_v=j101&tid=UA-20983594-2&cid=424234689.1710541053&jid=1343588016&gjid=924609110&_gid=1083934222.1710541053&_u=YEBAAUAAAAAAACAAI~&z=693231260
Requested by
Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4004:c09::9a Washington, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
6068f86ff5e6d3a3e100e95fd0ab03a5fb9ebfca9386b2c0ee131361a62526c2
Security Headers
Name Value
Strict-Transport-Security max-age=10886400; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://www.luckycreek.com/
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
strict-transport-security
max-age=10886400; includeSubDomains; preload
date
Fri, 15 Mar 2024 22:17:32 GMT
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://www.luckycreek.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
2
expires
Fri, 01 Jan 1990 00:00:00 GMT
www.luckycreek.com.json
script.crazyegg.com/pages/data-scripts/0102/2282/site/ 		8 KB
3 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://script.crazyegg.com/pages/data-scripts/0102/2282/site/www.luckycreek.com.json?t=1
Requested by
Host: script.crazyegg.com
URL: https://script.crazyegg.com/pages/scripts/0102/2282.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6813:9308 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e090497d4966740a19f0270da06dfb4ebb9261ca5f759c0d3d26e46c32214f59

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.luckycreek.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

date
Fri, 15 Mar 2024 22:17:33 GMT
content-encoding
gzip
cf-cache-status
HIT
age
10777
ce-version
11.5.195
content-length
2659
last-modified
Fri, 15 Mar 2024 19:17:56 GMT
server
cloudflare
vary
Accept-Encoding
content-type
application/json
access-control-allow-origin
*
access-control-expose-headers
CE-Version
cache-control
public, max-age=300, s-maxage=1209600
accept-ranges
bytes
timing-allow-origin
*
cf-ray
864fdfcf2a7d0f3f-EWR
snare.dist.js
ca-assets.cerebrospace.net/reg-form/assets/vendor/ 		54 KB
12 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://ca-assets.cerebrospace.net/reg-form/assets/vendor/snare.dist.js
Requested by
Host: ca-assets.cerebrospace.net
URL: https://ca-assets.cerebrospace.net/reg-form/assets/build/js/main.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:24f0:3400:17:7a94:8b80:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
d0ea652e83adeffa45604b3407b7bd735683c6dd3d62f4cdc00797cb451f9e4c

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.luckycreek.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

x-amz-version-id
DUKtXnhwVh1fE22rUrBjW0YamRjDCdpq
content-encoding
br
via
1.1 749177a97cae42477f22c33c927ca0ce.cloudfront.net (CloudFront)
date
Fri, 15 Mar 2024 13:45:11 GMT
x-amz-cf-pop
JFK50-P3
age
30742
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
x-amz-replication-status
COMPLETED
last-modified
Thu, 18 Jan 2024 14:55:59 GMT
server
AmazonS3
etag
W/"42825aff08b1980e82c2400bd6a976a2"
vary
Accept-Encoding
content-type
application/javascript
cache-control
no-cache
x-amz-cf-id
ajiaktx6GYPRNF5at7rTf2mPND_wovFBNZdVY_A_1VLJJ9qw1FG49g==
index.html
ca-assets.cerebrospace.net/reg-form/forms/register/ Frame 2655 		696 KB
213 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://ca-assets.cerebrospace.net/reg-form/forms/register/index.html
Requested by
Host: ca-assets.cerebrospace.net
URL: https://ca-assets.cerebrospace.net/reg-form/assets/build/js/main.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:24f0:3400:17:7a94:8b80:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
cca284d76a1b0e7640040360b08952f350f8a1e0f7624e5549c22fb4220a6d72

Request headers

Referer
https://www.luckycreek.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36
accept-language
en-US,en;q=0.9

Response headers

age
45898
cache-control
no-cache
content-encoding
br
content-type
text/html
date
Fri, 15 Mar 2024 09:32:35 GMT
etag
W/"0890054fa292d44f5c4fe37ad66c0a31"
last-modified
Thu, 18 Jan 2024 14:55:59 GMT
server
AmazonS3
vary
Accept-Encoding
via
1.1 749177a97cae42477f22c33c927ca0ce.cloudfront.net (CloudFront)
x-amz-cf-id
UbEKivGbi7z-Vt6Um6EyXagyIeec_ThMzkp0c6KYwf0p11eDbLwguw==
x-amz-cf-pop
JFK50-P3
x-amz-replication-status
COMPLETED
x-amz-server-side-encryption
AES256
x-amz-version-id
4WvVE7dv1cNG38AJSHG7fRC3EqJFTxzL
x-cache
Hit from cloudfront
main.js
www.luckycreek.com/cdn-cgi/challenge-platform/h/b/scripts/jsd/ace796eb5511/ Frame 828B
Redirect Chain
  • https://www.luckycreek.com/cdn-cgi/challenge-platform/scripts/jsd/main.js
  • https://www.luckycreek.com/cdn-cgi/challenge-platform/h/b/scripts/jsd/ace796eb5511/main.js
8 KB
4 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.luckycreek.com/cdn-cgi/challenge-platform/h/b/scripts/jsd/ace796eb5511/main.js
Requested by
Host: www.luckycreek.com
URL: https://www.luckycreek.com/welcome/lc-aviator/?TrackingToken=SpafkocPRxQt27KDsDkAtWNd7ZgqdRLk
Protocol
H2
Server
104.18.199.11 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
5f6f9ce4504e74a8c170b1ba37eb438728155e7bba474356811ce5f0b8fd1c7f
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

accept-language
en-US,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

date
Fri, 15 Mar 2024 22:17:33 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cloudflare
vary
accept-encoding
content-type
application/javascript; charset=UTF-8
cache-control
max-age=14400, public
cf-ray
864fdfcd89f60f47-EWR

Redirect headers

date
Fri, 15 Mar 2024 22:17:32 GMT
server
cloudflare
vary
Accept-Encoding
access-control-allow-origin
*
location
/cdn-cgi/challenge-platform/h/b/scripts/jsd/ace796eb5511/main.js
cache-control
max-age=300, public
cf-ray
864fdfcd19820f47-EWR
content-length
0
ga-audiences
www.google.com/ads/ 		42 B
408 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.com/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j101&tid=UA-20983594-2&cid=424234689.1710541053&jid=1343588016&_u=YEBAAUAAAAAAACAAI~&z=1369833119
Requested by
Host: www.luckycreek.com
URL: https://www.luckycreek.com/welcome/lc-aviator/?TrackingToken=SpafkocPRxQt27KDsDkAtWNd7ZgqdRLk
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4006:80e::2004 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.luckycreek.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 15 Mar 2024 22:17:33 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
864fdfc6aaa20f47
www.luckycreek.com/cdn-cgi/challenge-platform/h/b/jsd/r/ Frame 828B 		0
294 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://www.luckycreek.com/cdn-cgi/challenge-platform/h/b/jsd/r/864fdfc6aaa20f47
Requested by
Host: www.luckycreek.com
URL: https://www.luckycreek.com/cdn-cgi/challenge-platform/scripts/jsd/main.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.18.199.11 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36
Content-Type
application/json

Response headers

date
Fri, 15 Mar 2024 22:17:33 GMT
content-encoding
gzip
server
cloudflare
cf-ray
864fdfcebb780f47-EWR
content-type
text/plain; charset=UTF-8
player_credentials
kore.bosurl.net/v3/api/auth/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://kore.bosurl.net/v3/api/auth/player_credentials
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
66.212.230.32 Montreal, Canada, ASN14537 (CL-1379-14537, US),
Reverse DNS
Software
/
Resource Hash

Request headers

Accept
*/*
Access-Control-Request-Headers
x-kore-returnurl
Access-Control-Request-Method
GET
Origin
https://www.luckycreek.com
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

access-control-allow-headers
x-kore-returnurl
access-control-allow-methods
GET
access-control-allow-origin
*
access-control-max-age
31536000
date
Fri, 15 Mar 2024 22:17:33 GMT
token
kore.bosurl.net/v3/api/auth/brand_public_credentials/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://kore.bosurl.net/v3/api/auth/brand_public_credentials/token
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
66.212.230.32 Montreal, Canada, ASN14537 (CL-1379-14537, US),
Reverse DNS
Software
/
Resource Hash

Request headers

Accept
*/*
Access-Control-Request-Headers
content-type,x-kore-returnurl
Access-Control-Request-Method
POST
Origin
https://www.luckycreek.com
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

access-control-allow-headers
content-type,x-kore-returnurl
access-control-allow-methods
POST
access-control-allow-origin
*
access-control-max-age
31536000
date
Fri, 15 Mar 2024 22:17:33 GMT
player_credentials
kore.bosurl.net/v3/api/auth/ 		27 B
167 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://kore.bosurl.net/v3/api/auth/player_credentials
Requested by
Host: ca-assets.cerebrospace.net
URL: https://ca-assets.cerebrospace.net/reg-form/assets/build/js/main.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
66.212.230.32 Montreal, Canada, ASN14537 (CL-1379-14537, US),
Reverse DNS
Software
/
Resource Hash
71701b60d0f6d561e38447a811bbb7382ca79c7b63096be12a9b5e37d56a2134

Request headers

Referer
https://www.luckycreek.com/
X-Kore-ReturnUrl
https://www.luckycreek.com
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

access-control-allow-origin
*
pragma
no-cache
date
Fri, 15 Mar 2024 22:17:33 GMT
cache-control
no-store,no-cache
x-kore-version
3.27.4592.5-x7405d1eb
content-length
27
content-type
application/json; charset=utf-8
token
kore.bosurl.net/v3/api/auth/brand_public_credentials/ 		707 B
770 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://kore.bosurl.net/v3/api/auth/brand_public_credentials/token
Requested by
Host: ca-assets.cerebrospace.net
URL: https://ca-assets.cerebrospace.net/reg-form/assets/build/js/main.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
66.212.230.32 Montreal, Canada, ASN14537 (CL-1379-14537, US),
Reverse DNS
Software
/
Resource Hash
e879cf166a88c1fe46a24e53c3902cfbaaa1b866ea84ccf2c17b88da4a8e929d

Request headers

Referer
https://www.luckycreek.com/
X-Kore-ReturnUrl
https://www.luckycreek.com
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36
Content-Type
application/json

Response headers

access-control-allow-origin
*
pragma
no-cache
date
Fri, 15 Mar 2024 22:17:33 GMT
cache-control
no-store,no-cache
x-kore-version
3.27.4592.5-x7405d1eb
content-length
707
content-type
application/json; charset=utf-8
/
location-api.blue-ion.workers.dev/ Frame 2655 		2 KB
2 KB 		Fetch
General
Check archive.org
Download Go to
Full URL
https://location-api.blue-ion.workers.dev/
Requested by
Host: ca-assets.cerebrospace.net
URL: https://ca-assets.cerebrospace.net/reg-form/forms/register/index.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3034::ac43:dd9f , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
d2a8b1d51a5c76b36efde85a6c7b1e79b8ad872cf93f39d27db050eacba05032

Request headers

accept-language
en-US,en;q=0.9
Referer
https://ca-assets.cerebrospace.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

date
Fri, 15 Mar 2024 22:17:33 GMT
content-encoding
br
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=mlDmp%2Fz4fJc8sETZ28u5ZgLv8IFkYoSJV91lPiGQgDGQuMIHpS8OgDI%2BcpSccyyoSP98o2FZvrrF1qDhYAjEyCX3fxFnySLGdtwfSYwLgzFmF0nZp1SYYz152L5ErRPz4TN2FcT3Lbq1y2lGjnDjAL7mGeO%2B0Wts9BLLeRIem8E%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/json;charset=UTF-8
access-control-allow-origin
*
cf-ray
864fdfd249ea0f88-EWR
alt-svc
h3=":443"; ma=86400
rum
www.luckycreek.com/cdn-cgi/ 		0
163 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://www.luckycreek.com/cdn-cgi/rum?
Requested by
Host: ca-assets.cerebrospace.net
URL: https://ca-assets.cerebrospace.net/reg-form/assets/build/js/main.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.18.199.11 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options DENY

Request headers

Referer
https://www.luckycreek.com/welcome/lc-aviator/?TrackingToken=SpafkocPRxQt27KDsDkAtWNd7ZgqdRLk
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36
content-type
application/json

Response headers

date
Fri, 15 Mar 2024 22:17:33 GMT
x-content-type-options
nosniff
server
cloudflare
vary
Origin
access-control-max-age
86400
access-control-allow-methods
POST,OPTIONS
access-control-allow-origin
https://www.luckycreek.com
x-frame-options
DENY
access-control-allow-credentials
true
cf-ray
864fdfcf4bf80f47-EWR
f32f67face8c7d91d87871cab1f2b1c1.js
script.crazyegg.com/pages/versioned/commontransformations-scripts/ 		138 KB
45 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://script.crazyegg.com/pages/versioned/commontransformations-scripts/f32f67face8c7d91d87871cab1f2b1c1.js
Requested by
Host: script.crazyegg.com
URL: https://script.crazyegg.com/pages/scripts/0102/2282.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6813:9308 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
68431098c85e0d581d70e5d2178b9c42a8d6284478f95bb5002afd1b9ada14dd

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.luckycreek.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

date
Fri, 15 Mar 2024 22:17:33 GMT
content-encoding
gzip
cf-cache-status
HIT
last-modified
Tue, 05 Mar 2024 18:24:56 GMT
server
cloudflare
age
10806
vary
Accept-Encoding
content-type
text/javascript
access-control-allow-origin
*
cache-control
public, max-age=31536000, s-maxage=31536000
accept-ranges
bytes
timing-allow-origin
*
cf-ray
864fdfcf8f9543e8-EWR
content-length
46373
www.luckycreek.com.json
script.crazyegg.com/pages/data-scripts/0102/2282/sampling/ Frame 1010 		162 B
242 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://script.crazyegg.com/pages/data-scripts/0102/2282/sampling/www.luckycreek.com.json?t=475150
Requested by
Host: script.crazyegg.com
URL: https://script.crazyegg.com/pages/versioned/commontransformations-scripts/f32f67face8c7d91d87871cab1f2b1c1.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6813:9308 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
4def74b4add05a607b8980dcdac380bf882d853202dde992701e251227038af2

Request headers

accept-language
en-US,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

date
Fri, 15 Mar 2024 22:17:33 GMT
content-encoding
gzip
cf-cache-status
HIT
age
10776
ce-version
11.5.195
content-length
150
last-modified
Fri, 15 Mar 2024 19:17:57 GMT
server
cloudflare
vary
Accept-Encoding
content-type
application/json
access-control-allow-origin
*
access-control-expose-headers
CE-Version
cache-control
public, max-age=300, s-maxage=1209600
accept-ranges
bytes
timing-allow-origin
*
cf-ray
864fdfd00b530f3f-EWR
healthcheck
pagestates-tracking.crazyegg.com/ Frame 1010 		19 B
460 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://pagestates-tracking.crazyegg.com/healthcheck
Requested by
Host: script.crazyegg.com
URL: https://script.crazyegg.com/pages/versioned/commontransformations-scripts/f32f67face8c7d91d87871cab1f2b1c1.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
54.230.163.43 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-54-230-163-43.ewr53.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
830e67bda2532cd5880ee86e3b33e69721082f8458bb0df0cd4edbb1577fd375

Request headers

accept-language
en-US,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

date
Fri, 09 Feb 2024 10:21:10 GMT
via
1.1 6f773b38a039c4c643665ffcabe35fd0.cloudfront.net (CloudFront)
x-amz-cf-pop
EWR53-C3
age
3066984
x-cache
Hit from cloudfront
content-length
19
last-modified
Fri, 08 Jul 2022 22:25:51 GMT
server
AmazonS3
etag
"d06f04fccf68d0b228a5923187ce1afd"
access-control-max-age
31536000
access-control-allow-methods
GET, HEAD
content-type
application/json
access-control-allow-origin
*
access-control-expose-headers
Access-Control-Allow-Origin
accept-ranges
bytes
x-amz-cf-id
bEuoerdEEid4tQZ79ciBtZlcC3InX1IS22o99Df1UY8D7gaeSGdgGg==
healthcheck
assets-tracking.crazyegg.com/ Frame 1010 		19 B
460 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://assets-tracking.crazyegg.com/healthcheck
Requested by
Host: script.crazyegg.com
URL: https://script.crazyegg.com/pages/versioned/commontransformations-scripts/f32f67face8c7d91d87871cab1f2b1c1.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.238.49.90 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-238-49-90.jfk52.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
830e67bda2532cd5880ee86e3b33e69721082f8458bb0df0cd4edbb1577fd375

Request headers

accept-language
en-US,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

date
Sat, 24 Feb 2024 18:35:51 GMT
via
1.1 145a3c1a881b9a37bb761d4b0890859a.cloudfront.net (CloudFront)
x-amz-cf-pop
JFK52-P3
age
1741303
x-cache
Hit from cloudfront
content-length
19
last-modified
Fri, 08 Jul 2022 22:25:51 GMT
server
AmazonS3
etag
"d06f04fccf68d0b228a5923187ce1afd"
access-control-max-age
31536000
access-control-allow-methods
GET, HEAD
content-type
application/json
access-control-allow-origin
*
access-control-expose-headers
Access-Control-Allow-Origin
accept-ranges
bytes
x-amz-cf-id
S1dd-kO1ySm8Ywu-QLC2HasgFKhowdlikn2qeFfJNa1iodQGN-pDJw==
50e40f4e-c2a4-4365-afaf-82269f59f67b
https://www.luckycreek.com/ 		45 B
0 		Other
General
Check archive.org
Download Go to
Full URL
blob:https://www.luckycreek.com/50e40f4e-c2a4-4365-afaf-82269f59f67b
Protocol
BLOB
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
86551808dbfbf8bc9b23ab3d0725794c2e1f2b4265c96715f2945638160edc2b

Request headers

accept-language
en-US,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

Content-Length
45
Content-Type
text/javascript
clock
tracking.crazyegg.com/ Frame 1010 		38 B
145 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://tracking.crazyegg.com/clock?t=1710541053914&tk=92945bbfc1339eebac302db4fe1da59f&s=373551&p=%2Fwelcome%2Flc-aviator%2F&u=1022282&v=cb35bd7ae2d69a2f888a9ec688cd0f0174ae8fd9&f=luckycreek.com%2Fwelcome%2Flc-aviator&ul=https%3A%2F%2Fwww.luckycreek.com%2Fwelcome%2Flc-aviator%2F%3FTrackingToken%3DSpafkocPRxQt27KDsDkAtWNd7ZgqdRLk
Requested by
Host: script.crazyegg.com
URL: https://script.crazyegg.com/pages/versioned/commontransformations-scripts/f32f67face8c7d91d87871cab1f2b1c1.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
18.190.127.118 Columbus, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-18-190-127-118.us-east-2.compute.amazonaws.com
Software
awselb/2.0 /
Resource Hash
716119685a335f754ab10a7a232633bee977afb9b006dc2e6343781119ce4873

Request headers

accept-language
en-US,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

access-control-allow-origin
*
date
Fri, 15 Mar 2024 22:17:34 GMT
cache-control
no-store
server
awselb/2.0
content-length
38
content-type
text/plain
d9b6b28e3d84db3e4c966a5cf73af402.js
script.crazyegg.com/pages/versioned/trackingpagestate-scripts/ 		20 KB
8 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://script.crazyegg.com/pages/versioned/trackingpagestate-scripts/d9b6b28e3d84db3e4c966a5cf73af402.js
Requested by
Host: script.crazyegg.com
URL: https://script.crazyegg.com/pages/scripts/0102/2282.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6813:9308 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
86f2855487ee0f2a026de07b800d0a191f2d66723011cf5e7bddea4669037b33

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.luckycreek.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

date
Fri, 15 Mar 2024 22:17:34 GMT
content-encoding
gzip
cf-cache-status
HIT
last-modified
Tue, 12 Mar 2024 13:05:17 GMT
server
cloudflare
age
10806
vary
Accept-Encoding
content-type
text/javascript
access-control-allow-origin
*
cache-control
public, max-age=31536000, s-maxage=31536000
accept-ranges
bytes
timing-allow-origin
*
cf-ray
864fdfd5fd3c43e8-EWR
content-length
8025
a70e452c-24a2-4faa-86d9-aeba29f70229
https://www.luckycreek.com/ 		256 B
0 		Other
General
Check archive.org
Download Go to
Full URL
blob:https://www.luckycreek.com/a70e452c-24a2-4faa-86d9-aeba29f70229
Protocol
BLOB
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
94351c0b0f4c7c3ad7b44eadf5ae009d4ba0d13eab1bc4fcfa77209e2330aced

Request headers

accept-language
en-US,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

Content-Length
256
Content-Type
text/javascript
currencies
kore.bosurl.net/v3/api/ Frame 2655 		658 B
742 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://kore.bosurl.net/v3/api/currencies
Requested by
Host: ca-assets.cerebrospace.net
URL: https://ca-assets.cerebrospace.net/reg-form/forms/register/index.html
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
66.212.230.32 Montreal, Canada, ASN14537 (CL-1379-14537, US),
Reverse DNS
Software
/
Resource Hash
2b4720f249630a0a8cea325a706682a7b7c39b91ac77096cca31a5b972370135

Request headers

Referer
https://ca-assets.cerebrospace.net/
X-Kore-ReturnUrl
https://www.luckycreek.com
accept-language
en-US,en;q=0.9
Authorization
Bearer CfDJ8E3sxePdaj9GqVsSQztiMmbhYlibNAjwIIr1lsnulIFtWlqwoqAu4PSl3r12/c7XhPpHxCb0KNLHid742qB+3Kb4kqHZHtwDJwDm8BwQEmResHE+YwIrkEc3L+YhMqJvGmo5y8PVqQ8YncoBXNkxy1xWHapmsNXnnA9VxCpIfi5TagOZXUqJ/rt7Z5DV+Dim0+dcBYWRPe8THApilKaUBfWIr8IVBLN40Jac2z2AZ5fL9+2N+GB0YkHNBJRq1zxj7HSBJdOe+ubPnRfYoNpUj7AK+Nf21aLVn2ApBJew45N253+Ynx7Qzru8XU7BM2EOUVqMfxXlVoi5CmFn1VJnm1pqEm4+wHFFtlEJ0kWhow8cJ7OGq6LaAAgXc2dnIjylzqjXM7YPYbb20bb1HsK+B6mawpi9b0E3+kS2+zF7dL/l+KArNvXdKL/XA3asVTsd/QADRtGRou8lA7u0DS7bmNZvww1NvKfAAqBHMIIuXkz8DZAxNOKah16YDSXDpn1AaQ==
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 15 Mar 2024 22:17:33 GMT
x-casino-brand
LuckyCreek
content-type
application/json; charset=utf-8
access-control-allow-origin
*
x-kore-version
3.27.4592.5-x7405d1eb
cache-control
no-store,no-cache
content-length
658
currencies
kore.bosurl.net/v3/api/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://kore.bosurl.net/v3/api/currencies
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
66.212.230.32 Montreal, Canada, ASN14537 (CL-1379-14537, US),
Reverse DNS
Software
/
Resource Hash

Request headers

Accept
*/*
Access-Control-Request-Headers
authorization,x-kore-returnurl
Access-Control-Request-Method
GET
Origin
https://ca-assets.cerebrospace.net
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

access-control-allow-headers
authorization,x-kore-returnurl
access-control-allow-methods
GET
access-control-allow-origin
*
access-control-max-age
31536000
date
Fri, 15 Mar 2024 22:17:33 GMT
cd03386b0fde68cad33bac3d9c045084.js
script.crazyegg.com/pages/versioned/tracking-scripts/ 		95 KB
30 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://script.crazyegg.com/pages/versioned/tracking-scripts/cd03386b0fde68cad33bac3d9c045084.js
Requested by
Host: script.crazyegg.com
URL: https://script.crazyegg.com/pages/scripts/0102/2282.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6813:9308 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
b3cd2e0adf5395f7af5f6a65f761a458630d3a1da8e06ed3305a64d90ef5d46b

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.luckycreek.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

date
Fri, 15 Mar 2024 22:17:34 GMT
content-encoding
gzip
cf-cache-status
HIT
last-modified
Fri, 08 Mar 2024 19:54:23 GMT
server
cloudflare
age
10806
vary
Accept-Encoding
content-type
text/javascript
access-control-allow-origin
*
cache-control
public, max-age=31536000, s-maxage=31536000
accept-ranges
bytes
timing-allow-origin
*
cf-ray
864fdfd63d6843e8-EWR
content-length
30708

Verdicts & Comments Add Verdict or Comment

327 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| 0 object| 1 object| 2 object| 3 object| google_tag_manager object| google_tag_data object| dataLayer object| google_optimize function| gtag object| ma function| bc function| A_ object| Gu object| ef object| Sc object| tf function| Ac function| N_ function| nf function| rf function| Ea function| af function| ws function| D_ function| xc function| I_ function| L_ function| R_ function| Oc function| ys function| P_ function| M_ function| F_ function| B_ function| of function| H_ function| W_ function| q_ function| k_ function| $_ function| sf function| Yu function| U_ function| j_ function| V_ function| K_ function| G_ function| Y_ function| z_ object| Vt object| za function| Ql function| Nc object| Q_ function| Ss function| X_ object| J_ function| Z_ object| Dc function| Xa object| Ic object| Lc function| no object| Rc object| gr function| em function| Pc function| Du number| Xl function| tm object| Iu number| Jl function| nm function| rm function| im function| am function| om function| Mc function| Lu number| Zl function| sm function| Ru number| ec function| um function| Pu number| tc function| As function| Mu number| nc function| fm function| Fu number| rc function| ic object| Bu number| ac function| lm object| Bt function| oc function| sc object| cm function| hm object| dm function| uc function| pm function| gm object| xs object| uf object| vm object| _m function| mm function| Hu number| fc function| Fc object| lc function| Wu function| Em object| ym function| Tm function| qu function| wm object| Fn function| Bc object| ku number| cc function| Hc string| Cm function| Gi object| ff object| hc function| bm object| Sm object| Wc function| Am function| dc function| pc function| Os function| xm object| qc object| Qa function| Ja function| Om function| $u number| gc function| Nm function| Uu number| vc function| Dm function| ju number| _c function| Im object| mc function| Lm function| Ts function| Rm object| Pm function| kc function| En object| zu boolean| Uo number| Fm function| Bm function| Hm function| Wm function| qm function| $c function| ya function| lf function| jo function| Uc boolean| Ec boolean| yc function| ro function| Za function| km function| Qu function| Cs function| eo function| $m function| Tc function| wc function| jc function| Um function| jm function| to function| Xn function| Yi function| Xu function| cf function| Vm function| Vc function| Kc function| hf function| Km function| Gc function| Yc function| zc function| bs function| Qc function| Vo function| Gm function| Xc function| Ym function| Jc function| df function| zm function| Zc function| eh function| Qm function| Xm function| Jm function| Zm function| pf function| Ju function| eE function| tE function| nE function| rE boolean| iE function| aE function| th function| oE function| sE object| nh object| Vu function| Cc object| Ku function| uE function| fE function| lE function| cE function| hE function| dE function| pE function| gE function| vE object| _E object| mE function| Ns function| Es object| wE function| Zu object| CE function| _ function| $ function| axios object| bootstrap object| Cookies string| GoogleAnalyticsObject function| ga object| gaplugins object| gaGlobal object| gaData object| webpackChunk number| _rollbarStartTime object| rollbar boolean| _rollbarDidLoad function| tldParser object| logger function| Agent boolean| CE_USER_SCRIPT object| CE2 string| CE_USER_SITE_DATA_URL string| CE_USER_DATA_URL object| __cfBeacon function| _rollbarURH object| agent string| _i_a string| localObjectName function| __if_a function| __if_b function| __if_c object| _i_d object| _i_o object| _i_z object| _i_aa object| _i_ac object| _i_cr function| __if_d object| io_adp function| __if_e object| _i_dt function| __if_f function| iov_fl_cb function| iov_fl_fn function| iov_fl_get_value function| __if_g object| io_dp function| __if_h function| ioGetBlackbox object| io_cm function| __if_i object| _i_fm object| _i_fn object| _i_fo object| _i_dl object| _i_fp function| __if_j function| __if_k number| _i_fq function| __if_l number| _i_fs function| __if_m string| io_last_error object| IGLOO boolean| io_install_stm boolean| io_install_flash number| io_exclude_stm string| io_stm_cab_url string| io_install_stm_error_handler string| io_flash_needs_update_handler boolean| io_enable_rip object| io_flash_blacklist object| io_flash_whitelist string| io_min_flash_in_firefox_version string| io_min_flash_in_firefox_linux_version string| io_min_flash_version string| _i_dw number| _i_g number| _i_bl string| CE_USER_COMMON_SCRIPT_URL string| CE_USER_THIRDPARTY_SCRIPT_URL object| webpackChunkCE2 object| CE2BH function| CE_URL_FINGERPRINT string| __INDIVIDUAL_ONE_VERSION_ev-store_ENFORCE_SINGLETON undefined| __INDIVIDUAL_ONE_VERSION_ev-store object| CE_API

24 Cookies

Domain/Path Name / Value
www.thrusteriu.com/ Name: uniqueClick_77G3B
Value: 0062d5af-aa77-4f45-be35-1687068ad47f:1710541047
www.thrusteriu.com/ Name: transaction_id
Value: 2a523209dae24d92afad8acc72919e68
trk.greenpeakshop.com/ Name: uniqueClick_3B2Z2KK
Value: 3c758224-6598-4fdc-9112-f429cd824978:1710541048
trk.greenpeakshop.com/ Name: transaction_id
Value: 9b83c913e11d4b629024acc8b38cd229
playablez.com/ Name: uid24077
Value: 1452983574-20240315171728-7aa618fb3a428c74ed2bf12a8c3fec87-
rinpc.firstfitload.com/ Name: yredir_session
Value: eyJpdiI6IlJyRXduQmlHYVljZC9OanJ0K1JTZUE9PSIsInZhbHVlIjoiMEh0TndHUmZoZnVUcnhpYnM5UGxLcnFFc3JUT2NMb2NBY1ViNmNXMDRZYk5WRnRLTkhNTENWVnM3ckwzR1BFMGNVQWxaY3QrUmo2TlMvKzg0SURmRlpWTkNiaVNkcTRQNXNWNXR2L0FsR0lmcW5JS0hIczZ1MkxtbmNIV3RtdmIiLCJtYWMiOiI2ODFkNWJiYWI2NDg2NTY4OThmMmRkZTg1YjZiNTdmZmNhNzk5ZDc0NDcwYzk5NWNhZDhiYTc0MDdkZWM5M2E0IiwidGFnIjoiIn0%3D
rinpc.receivegained.com/ Name: yredir_session
Value: eyJpdiI6InYxejlZNGYwMUcrWGN5V0d1OXdmMlE9PSIsInZhbHVlIjoiSnR0TXd4d3A5YmZ5QlU0cjUyaDN4K2FqSW9YK1RDa1FkRTVpZG1ZakFoa3NpZFdTMEVQdld1Zzd3TnZXLzVtYzYvUWR2RU1HWDNjSk5JRVEzbit6ekRKZVhQY09EVkJVeUZGYXpLeWhyRzVteHg1WlpKRmh0SzhicjdxVWdCR2oiLCJtYWMiOiIyMzU2MTYxZTBiNThjNWE5MmVjMjNlNmUwMWYzZDRmMDQ2ZGUwOWQ4NzQxNzg1ODQ2N2E2Mzc1YzBlYjJjNzVlIiwidGFnIjoiIn0%3D
record.genesysaffiliates.com/ Name: VID1
Value: KC0jYFAuMzBXLVMwYApgCg%3D%3D
.genesysaffiliates.com/ Name: ZBan
Value: SpafkocPRxQt27KDsDkAtWNd7ZgqdRLk
.luckycreek.com/ Name: __cf_bm
Value: YLji5QAY3aRzcY8KDiSxQn4prM2XDzVrEpjCVyz7a6s-1710541052-1.0.1.1-0le9_pgqBC3_gyMUJPqtgfBSbiPuiw7I3n2eyHC2aLfczysMySX2DCDuSrqGn5FqjHfov35APZLFVUck7IEo1w
.luckycreek.com/ Name: _ga
Value: GA1.2.424234689.1710541053
.luckycreek.com/ Name: _gid
Value: GA1.2.1083934222.1710541053
.luckycreek.com/ Name: _gat_gtag_UA_20983594_2
Value: 1
www.luckycreek.com/ Name: aff_offer
Value: {%22id%22:1518%2C%22offer_id%22:%22offer_1518%22%2C%22top_offer_text%22:%22$7500%20Match%20Bonus%22%2C%22top_offer_code%22:%22200%25%20Match%20Bonus%20up%20to%20$7500%22%2C%22second_offer_text%22:%22+%2030%20Free%20Spins%22%2C%22second_offer_code%22:%22Code:%20200GETLUCKY%22%2C%22background_image%22:%22https://www.luckycreek.com/welcome/lc-aviator/387de5af039bf444f453adf99123bb4730c496f5.jpg%22%2C%22left_image%22:%22https://www.luckycreek.com/welcome/lc-aviator/854d066710fb01870c33a632669927dde024dd3f.png%22%2C%22affiliate_logo%22:null%2C%22days_valid_after_reg%22:14%2C%22created_at%22:%222024-03-14%2013:12:35%22%2C%22updated_at%22:%222024-03-15%2006:20:22%22}
www.luckycreek.com/ Name: welcome_offer
Value: {%22id%22:1518%2C%22offer_id%22:%22offer_1518%22%2C%22top_offer_text%22:%22$7500%20Match%20Bonus%22%2C%22top_offer_code%22:%22200%25%20Match%20Bonus%20up%20to%20$7500%22%2C%22second_offer_text%22:%22+%2030%20Free%20Spins%22%2C%22second_offer_code%22:%22Code:%20200GETLUCKY%22%2C%22affiliate_logo%22:null%2C%22days_valid_after_reg%22:14%2C%22created_at%22:%222024-03-14%2013:12:35%22%2C%22updated_at%22:%222024-03-15%2006:20:22%22%2C%22codes%22:[%22200GETLUCKY%22]%2C%22type%22:%22bonus_code%22%2C%22background_image%22:%22https://www.luckycreek.com/welcome/lc-aviator/387de5af039bf444f453adf99123bb4730c496f5.jpg%22%2C%22background_mobile_image%22:%22https://www.luckycreek.com/welcome/lc-aviator/9519ccd90faca4487520cdbf49d7bc1bf441671d.jpg%22%2C%22feature_image%22:%22https://www.luckycreek.com/welcome/lc-aviator/4f53d0ec6fe7aad4b720df5d8703cbe0af3d9443.png%22%2C%22feature_mobile_image%22:%22https://www.luckycreek.com/welcome/lc-aviator/854d066710fb01870c33a632669927dde024dd3f.png%22}
.luckycreek.com/ Name: cf_clearance
Value: rj1RE8dh_U_vfalw9QGsrcvUpJ9mvDiLGhIVFJBH3vE-1710541053-1.0.1.1-niWHflCtQfhHyNt8n2ORKcdTn9f6rsE1diL33tU8JAsn0ZZtOyD7V4rrJSEKO2lawdujBHi6WmOb0z4PMM2edQ
.luckycreek.com/ Name: _ce.irv
Value: new
.luckycreek.com/ Name: cebs
Value: 1
.luckycreek.com/ Name: _ce.clock_event
Value: 1
.luckycreek.com/ Name: kore.tracking
Value: d2136c79-0ffc-4ef4-835d-3b522315c0a7
.luckycreek.com/ Name: _ce.clock_data
Value: 40%2C206.66.96.21%2C1%2Cc2f0dae1be250666004502f5b1159da0
.luckycreek.com/ Name: _CEFT
Value: Q%3D%3D%3D
.luckycreek.com/ Name: cebsp_
Value: 1
.luckycreek.com/ Name: _ce.s
Value: v~cb35bd7ae2d69a2f888a9ec688cd0f0174ae8fd9~lcw~1710541054377~lva~1710541053476~vpv~0~v11.cs~373551~v11.s~d2b41990-e319-11ee-bd37-fd878e8956bc~lcw~1710541054378

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

assets-tracking.crazyegg.com
ca-assets.cerebrospace.net
kore.bosurl.net
location-api.blue-ion.workers.dev
pagestates-tracking.crazyegg.com
playablez.com
record.genesysaffiliates.com
rinpc.firstfitload.com
rinpc.receivegained.com
script.crazyegg.com
static.cloudflareinsights.com
stats.g.doubleclick.net
tracking.crazyegg.com
trk.greenpeakshop.com
www.glossiesii.com
www.google-analytics.com
www.google.com
www.googleoptimize.com
www.googletagmanager.com
www.luckycreek.com
www.thrusteriu.com
104.18.190.136
104.18.199.11
18.190.127.118
18.238.49.90
192.154.231.180
2600:9000:24f0:3400:17:7a94:8b80:93a1
2606:4700:3034::ac43:dd9f
2606:4700::6810:4f49
2606:4700::6813:9308
2607:f8b0:4004:c09::9a
2607:f8b0:4006:80e::2004
2607:f8b0:4006:817::200e
2607:f8b0:4006:81f::2008
2607:f8b0:4006:822::200e
34.107.186.96
34.117.99.21
34.96.118.183
54.230.163.43
66.195.197.16
66.212.230.32
0728aa11f44b32973d5822c6cebd7173855bdb82fe5bd605ed0f5caf7f12f8e5
1c425423716a3e3a849ffb10e54c060a1f0156e778c4471cea3c0f24b6af45ce
28b506f102a11f13dfbfca4d568c079236affbf5f1456b590614be64678d8ab3
2b4720f249630a0a8cea325a706682a7b7c39b91ac77096cca31a5b972370135
36569f44a76f1bcafc43af08e69d6810d1c237bd3bd881a45f0bfa447be810f3
3d92d6b54223b7443b75c83cabf02be5e8b85ac28eb552ed3d92c73f4bd4ce74
3e900d3dbd5efbcd24f57a3e248638c764a53268375c77cb11d2cfdcd787c6c9
4b08d3e2909219c8f6807971450ac91446fa0e80e8d1a5812f219c605e37e9df
4def74b4add05a607b8980dcdac380bf882d853202dde992701e251227038af2
5f6f9ce4504e74a8c170b1ba37eb438728155e7bba474356811ce5f0b8fd1c7f
6068f86ff5e6d3a3e100e95fd0ab03a5fb9ebfca9386b2c0ee131361a62526c2
6153d13804862b0fc1c016cf1129f34cb7c6185f2cf4bf1a3a862eecdab50101
656f35c5fcfd4f00e69a1b50dc93f26916440f984473f1fa9c14cd1d9ebca30c
68431098c85e0d581d70e5d2178b9c42a8d6284478f95bb5002afd1b9ada14dd
716119685a335f754ab10a7a232633bee977afb9b006dc2e6343781119ce4873
71701b60d0f6d561e38447a811bbb7382ca79c7b63096be12a9b5e37d56a2134
7391aaa0ccd67d2f7b914665943640b25588a7c0c5754245b16eae0a899b8d02
830e67bda2532cd5880ee86e3b33e69721082f8458bb0df0cd4edbb1577fd375
86551808dbfbf8bc9b23ab3d0725794c2e1f2b4265c96715f2945638160edc2b
86f2855487ee0f2a026de07b800d0a191f2d66723011cf5e7bddea4669037b33
94351c0b0f4c7c3ad7b44eadf5ae009d4ba0d13eab1bc4fcfa77209e2330aced
b3cd2e0adf5395f7af5f6a65f761a458630d3a1da8e06ed3305a64d90ef5d46b
c60c9c7f7dce0e4d9480d7d6944a880ce5ddd4b87a45f0604113602bdce4cc47
cca284d76a1b0e7640040360b08952f350f8a1e0f7624e5549c22fb4220a6d72
d0ea652e83adeffa45604b3407b7bd735683c6dd3d62f4cdc00797cb451f9e4c
d2a8b1d51a5c76b36efde85a6c7b1e79b8ad872cf93f39d27db050eacba05032
dc5d3b9ae1fa0a1619eb18f2e69c47ad9f39f4ce78a8f7fcc0b146c4b6de8b11
de3246094525b21a870fc7d2a67490d0132535c6fa5993755c549f1a9d1bd8af
de36e50194320a7d3ef1ace9bd34a875a8bd458b253c061979dd628e9bf49afd
e090497d4966740a19f0270da06dfb4ebb9261ca5f759c0d3d26e46c32214f59
e34252e3d2e360606ccb2b347db3017a3ff42f50e0ce64f784e3485c3b12366a
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e3c913b93d4855805bf0ea5ebba78d97391cbbc494f1012b160534b0573435e8
e879cf166a88c1fe46a24e53c3902cfbaaa1b866ea84ccf2c17b88da4a8e929d
e8f0a73c96f72b5d7daed348034b5c52daeead35bc9dd4d6dce86b28bd8e4870
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
f12960d3677154c8edac82f3b42662b9337d6ad06f641d0ebb955dfd672c7be4
f5c3664e83e892dd1a6d013b888ff564202243219334b3afb6273053b6b7885e
fdc091ec0bee411f68b2c1cb34673127913a2a9f7b931e47d85abceb4e373382