urlscan.io logo urlscan.io
SecurityTrails logo

www.luckycreek.com Open in urlscan Pro
104.16.224.51  Public Scan

Go To Rescan Add Verdict Report
Submitted URL: https://storage.googleapis.com/team2pass/HTML/HTML/html.html#2649719Oe6608955vB620134597NL688ww24Bbr182854RM
Effective URL: https://www.luckycreek.com/welcome/lc-carpromo/?TrackingToken=xkKLzKyl0rKxGTvYzsoHYmNd7ZgqdRLk
Submission: On June 19 via manual from CA — Scanned from US
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 16 IPs in 5 countries across 15 domains to perform 44 HTTP transactions. The main IP is 104.16.224.51, located in and belongs to CLOUDFLARENET, US. The main domain is www.luckycreek.com.
TLS certificate: Issued by Cloudflare Inc ECC CA-3 on May 5th 2023. Valid for: a year.
This is the only time www.luckycreek.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
1 2607:f8b0:400... 15169 (GOOGLE)
1 1 134.119.184.174 29066 (VELIANET-...)
1 1 18.233.172.102 14618 (AMAZON-AES)
1 1 104.18.193.136 13335 (CLOUDFLAR...)
1 16 104.16.224.51 13335 (CLOUDFLAR...)
1 2607:f8b0:400... 15169 (GOOGLE)
3 2607:f8b0:402... 15169 (GOOGLE)
4 2606:4700::68... 13335 (CLOUDFLAR...)
3 2600:9000:24f... 16509 (AMAZON-02)
1 2606:4700::68... 13335 (CLOUDFLAR...)
2 2607:f8b0:400... 15169 (GOOGLE)
1 54.230.163.24 16509 (AMAZON-02)
1 18.67.65.8 16509 (AMAZON-02)
1 2607:f8b0:400... 15169 (GOOGLE)
1 2607:f8b0:400... 15169 (GOOGLE)
1 52.0.247.177 14618 (AMAZON-AES)
6 200.124.146.155 26505 (E-Commerc...)
1 2606:4700::68... 13335 (CLOUDFLAR...)
44 16
1    2607:f8b0:4006:821::2010 (Flushing, United States)

ASN15169 (GOOGLE, US)
storage.googleapis.com
1    134.119.184.174 (Strasbourg, France)

ASN29066 (VELIANET-AS velia.net Internetdienste GmbH, DE)
PTR: pmpchoice.co.uk
pmpchoice.co.uk
1    18.233.172.102 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-18-233-172-102.compute-1.amazonaws.com
watrking.com
1    104.18.193.136 (None, )

ASN13335 (CLOUDFLARENET, US)
record.genesysaffiliates.com
16    104.16.224.51 (None, )

ASN13335 (CLOUDFLARENET, US)
www.luckycreek.com
1    2607:f8b0:4006:820::200e (Flushing, United States)

ASN15169 (GOOGLE, US)
www.googleoptimize.com
3    2607:f8b0:4020:804::2008 (Montreal, Canada)

ASN15169 (GOOGLE, US)
www.googletagmanager.com
4    2606:4700::6813:9308 (United States)

ASN13335 (CLOUDFLARENET, US)
script.crazyegg.com
3    2600:9000:24f0:de00:17:7a94:8b80:93a1 (United States)

ASN16509 (AMAZON-02, US)
ca-assets.cerebrospace.net
1    2606:4700::6810:3865 (United States)

ASN13335 (CLOUDFLARENET, US)
static.cloudflareinsights.com
2    2607:f8b0:4006:817::200e (Flushing, United States)

ASN15169 (GOOGLE, US)
www.google-analytics.com
1    54.230.163.24 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-54-230-163-24.ewr53.r.cloudfront.net
pagestates-tracking.crazyegg.com
1    18.67.65.8 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-18-67-65-8.iad89.r.cloudfront.net
assets-tracking.crazyegg.com
1    2607:f8b0:4004:c0b::9a (Ashburn, United States)

ASN15169 (GOOGLE, US)
stats.g.doubleclick.net
1    2607:f8b0:4006:824::2004 (Flushing, United States)

ASN15169 (GOOGLE, US)
www.google.com
1    52.0.247.177 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-52-0-247-177.compute-1.amazonaws.com
tracking.crazyegg.com
6    200.124.146.155 (Curacao)

ASN26505 (E-Commerce Park, N.V., CW)
PTR: sub-146ip155.e-commercepark.com
kore.bosurl.net
1    2606:4700::6810:85e5 (United States)

ASN13335 (CLOUDFLARENET, US)
cloudflare.com
Apex Domain
Subdomains		 Transfer
16 luckycreek.com
www.luckycreek.com
715 KB
7 crazyegg.com
script.crazyegg.com — Cisco Umbrella Rank: 2355
pagestates-tracking.crazyegg.com — Cisco Umbrella Rank: 5169
assets-tracking.crazyegg.com — Cisco Umbrella Rank: 5183
tracking.crazyegg.com — Cisco Umbrella Rank: 4522
46 KB
6 bosurl.net
kore.bosurl.net
2 KB
3 cerebrospace.net
ca-assets.cerebrospace.net
318 KB
3 googletagmanager.com
www.googletagmanager.com — Cisco Umbrella Rank: 82
93 KB
2 google-analytics.com
www.google-analytics.com — Cisco Umbrella Rank: 60
21 KB
1 cloudflare.com
cloudflare.com — Cisco Umbrella Rank: 139
454 B
1 google.com
www.google.com — Cisco Umbrella Rank: 3
408 B
1 doubleclick.net
stats.g.doubleclick.net — Cisco Umbrella Rank: 124
350 B
1 cloudflareinsights.com
static.cloudflareinsights.com — Cisco Umbrella Rank: 1123
7 KB
1 googleoptimize.com
www.googleoptimize.com — Cisco Umbrella Rank: 1129
61 KB
1 genesysaffiliates.com
record.genesysaffiliates.com
531 B
1 watrking.com
watrking.com
772 B
1 pmpchoice.co.uk
pmpchoice.co.uk
315 B
1 googleapis.com
storage.googleapis.com — Cisco Umbrella Rank: 465
697 B
44 15
Domain Requested by
16 www.luckycreek.com 1 redirects storage.googleapis.com
www.luckycreek.com
ca-assets.cerebrospace.net
6 kore.bosurl.net ca-assets.cerebrospace.net
4 script.crazyegg.com www.luckycreek.com
script.crazyegg.com
3 ca-assets.cerebrospace.net www.luckycreek.com
ca-assets.cerebrospace.net
3 www.googletagmanager.com www.luckycreek.com
www.googleoptimize.com
2 www.google-analytics.com www.googletagmanager.com
www.google-analytics.com
1 cloudflare.com ca-assets.cerebrospace.net
1 tracking.crazyegg.com script.crazyegg.com
1 www.google.com www.luckycreek.com
1 stats.g.doubleclick.net ca-assets.cerebrospace.net
1 assets-tracking.crazyegg.com script.crazyegg.com
1 pagestates-tracking.crazyegg.com script.crazyegg.com
1 static.cloudflareinsights.com www.luckycreek.com
1 www.googleoptimize.com www.luckycreek.com
1 record.genesysaffiliates.com 1 redirects
1 watrking.com 1 redirects
1 pmpchoice.co.uk 1 redirects
1 storage.googleapis.com
44 18

This site contains no links.

Subject Issuer Validity Valid
storage.googleapis.com
GTS CA 1C3		 2023-05-22 -
2023-08-14		 3 months crt.sh
sni.cloudflaressl.com
Cloudflare Inc ECC CA-3		 2023-05-05 -
2024-05-04		 a year crt.sh
*.google-analytics.com
GTS CA 1C3		 2023-05-22 -
2023-08-14		 3 months crt.sh
ca-assets.cerebrospace.net
Amazon RSA 2048 M01		 2023-04-07 -
2024-05-05		 a year crt.sh
crazyegg.com
Amazon RSA 2048 M02		 2023-05-28 -
2024-06-26		 a year crt.sh
*.g.doubleclick.net
GTS CA 1C3		 2023-05-22 -
2023-08-14		 3 months crt.sh
www.google.com
GTS CA 1C3		 2023-05-22 -
2023-08-14		 3 months crt.sh
*.bosurl.net
Sectigo RSA Domain Validation Secure Server CA		 2022-10-06 -
2023-11-06		 a year crt.sh
cloudflare.com
Cloudflare Inc ECC CA-3		 2023-06-06 -
2023-09-03		 3 months crt.sh

This page contains 4 frames:

Primary Page: https://www.luckycreek.com/welcome/lc-carpromo/?TrackingToken=xkKLzKyl0rKxGTvYzsoHYmNd7ZgqdRLk
Frame ID: ECBD6D91717796B414D0980AEE7E6FF5
Requests: 33 HTTP requests in this frame

Frame: https://ca-assets.cerebrospace.net/reg-form/forms/register/index.html
Frame ID: E899EED826D77C933288099132FEF1A8
Requests: 4 HTTP requests in this frame

Frame: https://www.luckycreek.com/cdn-cgi/challenge-platform/h/g/scripts/jsd/6cdb09c9/invisible.js
Frame ID: F2F6F5C4C400D72E2AC13C5B936DC585
Requests: 2 HTTP requests in this frame

Frame: https://pagestates-tracking.crazyegg.com/healthcheck
Frame ID: 13303D745E5253A4739414B937286BE5
Requests: 3 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page Title

Welcome to Lucky Creek

Page URL History Show full URLs

  1. https://storage.googleapis.com/team2pass/HTML/HTML/html.html Page URL
  2. http://pmpchoice.co.uk/anchor2649719Oe6608955vB620134597NL688ww24Bbr182854RM HTTP 302
    https://watrking.com/?a=17&oc=575&c=2811&m=2&s1=2649719&s2=1b-2649719-6608955-182854-688-620134597 HTTP 302
    https://record.genesysaffiliates.com/_M1MDd9bH4B_cZqOhwjy242Nd7ZgqdRLk/1/?pg=1?s2s.req_id=11013627&s2s.pub_id=17 HTTP 301
    https://www.luckycreek.com/welcome/lc-carpromo/?TrackingToken=xkKLzKyl0rKxGTvYzsoHYmNd7ZgqdRLk Page URL

Detected technologies

Overall confidence: 100%
Detected patterns
  • static\.cloudflareinsights\.com/beacon(?:\.min)?\.js
Overall confidence: 100%
Detected patterns
  • script\.crazyegg\.com/pages/scripts/\d+/\d+\.js
Overall confidence: 100%
Detected patterns
  • google-analytics\.com/(?:ga|urchin|analytics)\.js
Overall confidence: 100%
Detected patterns
  • googleoptimize\.com/optimize\.js
Overall confidence: 100%
Detected patterns
  • googletagmanager\.com/gtag/js

Page Statistics

44
Requests

93 %
HTTPS

56 %
IPv6

15
Domains

18
Subdomains

16
IPs

5
Countries

1265 kB
Transfer

2739 kB
Size

17
Cookies

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

  1. https://storage.googleapis.com/team2pass/HTML/HTML/html.html Page URL
  2. http://pmpchoice.co.uk/anchor2649719Oe6608955vB620134597NL688ww24Bbr182854RM HTTP 302
    https://watrking.com/?a=17&oc=575&c=2811&m=2&s1=2649719&s2=1b-2649719-6608955-182854-688-620134597 HTTP 302
    https://record.genesysaffiliates.com/_M1MDd9bH4B_cZqOhwjy242Nd7ZgqdRLk/1/?pg=1?s2s.req_id=11013627&s2s.pub_id=17 HTTP 301
    https://www.luckycreek.com/welcome/lc-carpromo/?TrackingToken=xkKLzKyl0rKxGTvYzsoHYmNd7ZgqdRLk Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 25
  • https://www.luckycreek.com/cdn-cgi/challenge-platform/scripts/invisible.js HTTP 302
  • https://www.luckycreek.com/cdn-cgi/challenge-platform/h/g/scripts/jsd/6cdb09c9/invisible.js

44 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
html.html
storage.googleapis.com/team2pass/HTML/HTML/ 		209 B
697 B 		Document
General
Check archive.org
Download Go to
Full URL
https://storage.googleapis.com/team2pass/HTML/HTML/html.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4006:821::2010 Flushing, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
UploadServer /
Resource Hash

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36
accept-language
en-US,en;q=0.9

Response headers

accept-ranges
bytes
age
820
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
public, max-age=3600
content-length
209
content-type
text/html
date
Mon, 19 Jun 2023 20:08:41 GMT
etag
"fbcda254badca1f45660461b9e794787"
expires
Mon, 19 Jun 2023 21:08:41 GMT
last-modified
Wed, 14 Jun 2023 14:58:26 GMT
server
UploadServer
x-goog-generation
1686754706734808
x-goog-hash
crc32c=vwWPnA== md5=+82iVLrcofRWYEYbnnlHhw==
x-goog-metageneration
2
x-goog-storage-class
STANDARD
x-goog-stored-content-encoding
identity
x-goog-stored-content-length
209
x-guploader-uploadid
ADPycdu8BimyELhkPYOD-q6RA7ANGHB_Re2yI6wUvfzvOkrAMz1qkx7A_-E-t1lRdq287HGRd7csC3LTiucsmM0Xiyfgn6gArt9K
Primary Request /
www.luckycreek.com/welcome/lc-carpromo/
Redirect Chain
  • http://pmpchoice.co.uk/anchor2649719Oe6608955vB620134597NL688ww24Bbr182854RM
  • https://watrking.com/?a=17&oc=575&c=2811&m=2&s1=2649719&s2=1b-2649719-6608955-182854-688-620134597
  • https://record.genesysaffiliates.com/_M1MDd9bH4B_cZqOhwjy242Nd7ZgqdRLk/1/?pg=1?s2s.req_id=11013627&s2s.pub_id=17
  • https://www.luckycreek.com/welcome/lc-carpromo/?TrackingToken=xkKLzKyl0rKxGTvYzsoHYmNd7ZgqdRLk
443 KB
119 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://www.luckycreek.com/welcome/lc-carpromo/?TrackingToken=xkKLzKyl0rKxGTvYzsoHYmNd7ZgqdRLk
Requested by
Host: storage.googleapis.com
URL: https://storage.googleapis.com/team2pass/HTML/HTML/html.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.16.224.51 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
54040e9adeef1436d2ba00910558055fc8f07ab63939170d0db1d12b769025ba
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://storage.googleapis.com/team2pass/HTML/HTML/html.html#2649719Oe6608955vB620134597NL688ww24Bbr182854RM
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36
accept-language
en-US,en;q=0.9

Response headers

access-control-allow-origin
*
cache-control
public, max-age=0, must-revalidate
cf-ray
7d9e7bdbcf7f25b8-MIA
content-encoding
gzip
content-type
text/html; charset=utf-8
date
Mon, 19 Jun 2023 20:22:23 GMT
referrer-policy
strict-origin-when-cross-origin
server
cloudflare
vary
Accept-Encoding
x-content-type-options
nosniff

Redirect headers

access-control-allow-origin
*
cache-control
private, no-cache, must-revalidate Cache-Control: no-cache
cf-cache-status
BYPASS
cf-ray
7d9e7bd75be125b9-MIA
content-type
text/html; charset=utf-8
date
Mon, 19 Jun 2023 20:22:22 GMT
expires
Sat, 26 Jul 1997 05:00:00 GMT
location
https://www.luckycreek.com/welcome/lc-carpromo/?TrackingToken=xkKLzKyl0rKxGTvYzsoHYmNd7ZgqdRLk
pragma
no-cache
server
cloudflare
vary
Accept-Encoding
x-powered-by
ZBan
optimize.js
www.googleoptimize.com/ 		166 KB
61 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googleoptimize.com/optimize.js?id=OPT-MS3B5J7
Requested by
Host: www.luckycreek.com
URL: https://www.luckycreek.com/welcome/lc-carpromo/?TrackingToken=xkKLzKyl0rKxGTvYzsoHYmNd7ZgqdRLk
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4006:820::200e Flushing, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
b94e2b4f586b22eb4cb310f7ffbe439ed113a4604bb4f87e83de11e639269776
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.luckycreek.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

date
Mon, 19 Jun 2023 20:22:23 GMT
content-encoding
br
strict-transport-security
max-age=31536000; includeSubDomains
server
Google Tag Manager
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
access-control-allow-headers
Cache-Control
content-length
62328
x-xss-protection
0
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires
Mon, 19 Jun 2023 20:22:23 GMT
js
www.googletagmanager.com/gtag/ 		120 KB
47 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagmanager.com/gtag/js?id=UA-20983594-2
Requested by
Host: www.luckycreek.com
URL: https://www.luckycreek.com/welcome/lc-carpromo/?TrackingToken=xkKLzKyl0rKxGTvYzsoHYmNd7ZgqdRLk
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4020:804::2008 Montreal, Canada, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
0ce9db198254ead843a40086d6638864915f336622e527c39b51f7d8d37637d9
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.luckycreek.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

date
Mon, 19 Jun 2023 20:22:23 GMT
content-encoding
br
strict-transport-security
max-age=31536000; includeSubDomains
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
47562
x-xss-protection
0
last-modified
Mon, 19 Jun 2023 18:00:00 GMT
server
Google Tag Manager
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
access-control-allow-headers
Cache-Control
expires
Mon, 19 Jun 2023 20:22:23 GMT
2282.js
script.crazyegg.com/pages/scripts/0102/ 		6 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://script.crazyegg.com/pages/scripts/0102/2282.js
Requested by
Host: www.luckycreek.com
URL: https://www.luckycreek.com/welcome/lc-carpromo/?TrackingToken=xkKLzKyl0rKxGTvYzsoHYmNd7ZgqdRLk
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6813:9308 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e03027327ad58001eb8961ae866ccb5f5f22f90b249a787b2516c0e72355f269

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.luckycreek.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

date
Mon, 19 Jun 2023 20:22:23 GMT
content-encoding
gzip
cf-cache-status
HIT
age
8725
cf-polished
origSize=6063
ce-version
11.5.85
cf-bgj
minify
last-modified
Mon, 19 Jun 2023 17:56:58 GMT
server
cloudflare
vary
Accept-Encoding
content-type
text/javascript
access-control-allow-origin
*
access-control-expose-headers
CE-Version
cache-control
public, max-age=300, s-maxage=1209600
timing-allow-origin
*
cf-ray
7d9e7bdfad1b9abf-MIA
78f6305a1ca8eb058d5709785d1e44c3ce2f0145.png
www.luckycreek.com/welcome/lc-carpromo/ 		35 KB
35 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.luckycreek.com/welcome/lc-carpromo/78f6305a1ca8eb058d5709785d1e44c3ce2f0145.png
Requested by
Host: www.luckycreek.com
URL: https://www.luckycreek.com/welcome/lc-carpromo/?TrackingToken=xkKLzKyl0rKxGTvYzsoHYmNd7ZgqdRLk
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.16.224.51 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
d55e0ff60f3ad7f3f4543ce82021f1e8000f79213b8fa1ebd519737ef7657a0c
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.luckycreek.com/welcome/lc-carpromo/?TrackingToken=xkKLzKyl0rKxGTvYzsoHYmNd7ZgqdRLk
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

date
Mon, 19 Jun 2023 20:22:23 GMT
referrer-policy
strict-origin-when-cross-origin
x-content-type-options
nosniff
server
cloudflare
etag
"6ac9f7de0533d915c6a151f702985ceb"
vary
Accept-Encoding
content-type
image/png
access-control-allow-origin
*
cache-control
public, max-age=0, must-revalidate
cf-ray
7d9e7bdf385e25b8-MIA
content-length
35913
3094eec12c8a253c27cc7c5bbd0ea2919ce342f8.png
www.luckycreek.com/welcome/lc-carpromo/ 		68 KB
68 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.luckycreek.com/welcome/lc-carpromo/3094eec12c8a253c27cc7c5bbd0ea2919ce342f8.png
Requested by
Host: www.luckycreek.com
URL: https://www.luckycreek.com/welcome/lc-carpromo/?TrackingToken=xkKLzKyl0rKxGTvYzsoHYmNd7ZgqdRLk
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.16.224.51 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
c84f71291ef95678406f9174453aae8ac18eb2ededbdb9a555740f787e3e5f1d
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.luckycreek.com/welcome/lc-carpromo/?TrackingToken=xkKLzKyl0rKxGTvYzsoHYmNd7ZgqdRLk
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

date
Mon, 19 Jun 2023 20:22:23 GMT
referrer-policy
strict-origin-when-cross-origin
x-content-type-options
nosniff
server
cloudflare
etag
"eb1e5669dff52d6869951bff28cb1042"
vary
Accept-Encoding
content-type
image/png
access-control-allow-origin
*
cache-control
public, max-age=0, must-revalidate
cf-ray
7d9e7bdf386125b8-MIA
content-length
69547
e7b15c949f4380ec0f3cc73f95965bf8b21f83bf.png
www.luckycreek.com/welcome/lc-carpromo/ 		19 KB
19 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.luckycreek.com/welcome/lc-carpromo/e7b15c949f4380ec0f3cc73f95965bf8b21f83bf.png
Requested by
Host: www.luckycreek.com
URL: https://www.luckycreek.com/welcome/lc-carpromo/?TrackingToken=xkKLzKyl0rKxGTvYzsoHYmNd7ZgqdRLk
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.16.224.51 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
656f35c5fcfd4f00e69a1b50dc93f26916440f984473f1fa9c14cd1d9ebca30c
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.luckycreek.com/welcome/lc-carpromo/?TrackingToken=xkKLzKyl0rKxGTvYzsoHYmNd7ZgqdRLk
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

date
Mon, 19 Jun 2023 20:22:23 GMT
referrer-policy
strict-origin-when-cross-origin
x-content-type-options
nosniff
server
cloudflare
etag
"58268e05f7cbfa9d4fcf64257d3abbbe"
vary
Accept-Encoding
content-type
image/png
access-control-allow-origin
*
cache-control
public, max-age=0, must-revalidate
cf-ray
7d9e7bdf386625b8-MIA
content-length
19595
30c37d8b5090335b6fcdf0573d3a37fa27a1b190.png
www.luckycreek.com/welcome/lc-carpromo/ 		100 KB
100 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.luckycreek.com/welcome/lc-carpromo/30c37d8b5090335b6fcdf0573d3a37fa27a1b190.png
Requested by
Host: www.luckycreek.com
URL: https://www.luckycreek.com/welcome/lc-carpromo/?TrackingToken=xkKLzKyl0rKxGTvYzsoHYmNd7ZgqdRLk
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.16.224.51 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
3e900d3dbd5efbcd24f57a3e248638c764a53268375c77cb11d2cfdcd787c6c9
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.luckycreek.com/welcome/lc-carpromo/?TrackingToken=xkKLzKyl0rKxGTvYzsoHYmNd7ZgqdRLk
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

date
Mon, 19 Jun 2023 20:22:23 GMT
referrer-policy
strict-origin-when-cross-origin
x-content-type-options
nosniff
server
cloudflare
etag
"e973ac259717cfe421af19cde9a0b0aa"
vary
Accept-Encoding
content-type
image/png
access-control-allow-origin
*
cache-control
public, max-age=0, must-revalidate
cf-ray
7d9e7bdf386825b8-MIA
content-length
102506
630fc1e2ee9a355f4867246e41ec31052ead451e.png
www.luckycreek.com/welcome/lc-carpromo/ 		53 KB
53 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.luckycreek.com/welcome/lc-carpromo/630fc1e2ee9a355f4867246e41ec31052ead451e.png
Requested by
Host: www.luckycreek.com
URL: https://www.luckycreek.com/welcome/lc-carpromo/?TrackingToken=xkKLzKyl0rKxGTvYzsoHYmNd7ZgqdRLk
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.16.224.51 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
f0031617681c88bf84ec3068213f0e935415a655f707949091721e347dcf13c2
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.luckycreek.com/welcome/lc-carpromo/?TrackingToken=xkKLzKyl0rKxGTvYzsoHYmNd7ZgqdRLk
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

date
Mon, 19 Jun 2023 20:22:23 GMT
referrer-policy
strict-origin-when-cross-origin
x-content-type-options
nosniff
server
cloudflare
etag
"09b5752c91085ed8c03c9211eb713331"
vary
Accept-Encoding
content-type
image/png
access-control-allow-origin
*
cache-control
public, max-age=0, must-revalidate
cf-ray
7d9e7bdf486c25b8-MIA
content-length
54069
de5660424c67ccff7b122dab68167c76906bdb19.png
www.luckycreek.com/welcome/lc-carpromo/ 		126 KB
126 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.luckycreek.com/welcome/lc-carpromo/de5660424c67ccff7b122dab68167c76906bdb19.png
Requested by
Host: www.luckycreek.com
URL: https://www.luckycreek.com/welcome/lc-carpromo/?TrackingToken=xkKLzKyl0rKxGTvYzsoHYmNd7ZgqdRLk
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.16.224.51 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
fcac04ddf423e0c736fa07e09a06e655031d6aa58fc693740433070bf897ef33
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.luckycreek.com/welcome/lc-carpromo/?TrackingToken=xkKLzKyl0rKxGTvYzsoHYmNd7ZgqdRLk
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

date
Mon, 19 Jun 2023 20:22:23 GMT
referrer-policy
strict-origin-when-cross-origin
x-content-type-options
nosniff
server
cloudflare
etag
"887299ef52e8f21074ce46deedde9e20"
vary
Accept-Encoding
content-type
image/png
access-control-allow-origin
*
cache-control
public, max-age=0, must-revalidate
cf-ray
7d9e7bdf486d25b8-MIA
content-length
129141
3fc71694b70c3ed0a0758a4addaa3a0d4b2f3507.png
www.luckycreek.com/welcome/lc-carpromo/ 		15 KB
15 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.luckycreek.com/welcome/lc-carpromo/3fc71694b70c3ed0a0758a4addaa3a0d4b2f3507.png
Requested by
Host: www.luckycreek.com
URL: https://www.luckycreek.com/welcome/lc-carpromo/?TrackingToken=xkKLzKyl0rKxGTvYzsoHYmNd7ZgqdRLk
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.16.224.51 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
1c425423716a3e3a849ffb10e54c060a1f0156e778c4471cea3c0f24b6af45ce
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.luckycreek.com/welcome/lc-carpromo/?TrackingToken=xkKLzKyl0rKxGTvYzsoHYmNd7ZgqdRLk
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

date
Mon, 19 Jun 2023 20:22:23 GMT
referrer-policy
strict-origin-when-cross-origin
x-content-type-options
nosniff
server
cloudflare
etag
"a9e03ef4489813defbfea9faf9f7ebf9"
vary
Accept-Encoding
content-type
image/png
access-control-allow-origin
*
cache-control
public, max-age=0, must-revalidate
cf-ray
7d9e7bdf486f25b8-MIA
content-length
15318
f1a651261aa1b43b1e4106634cb57d05c694840e.png
www.luckycreek.com/welcome/lc-carpromo/ 		17 KB
17 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.luckycreek.com/welcome/lc-carpromo/f1a651261aa1b43b1e4106634cb57d05c694840e.png
Requested by
Host: www.luckycreek.com
URL: https://www.luckycreek.com/welcome/lc-carpromo/?TrackingToken=xkKLzKyl0rKxGTvYzsoHYmNd7ZgqdRLk
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.16.224.51 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
f12960d3677154c8edac82f3b42662b9337d6ad06f641d0ebb955dfd672c7be4
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.luckycreek.com/welcome/lc-carpromo/?TrackingToken=xkKLzKyl0rKxGTvYzsoHYmNd7ZgqdRLk
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

date
Mon, 19 Jun 2023 20:22:23 GMT
referrer-policy
strict-origin-when-cross-origin
x-content-type-options
nosniff
server
cloudflare
etag
"5e6b5e381f71e9dbaead02b2c457c4ac"
vary
Accept-Encoding
content-type
image/png
access-control-allow-origin
*
cache-control
public, max-age=0, must-revalidate
cf-ray
7d9e7bdf487325b8-MIA
content-length
17444
f49a025b7c21d8bfc7d5026bef759228d58b8692.png
www.luckycreek.com/welcome/lc-carpromo/ 		17 KB
17 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.luckycreek.com/welcome/lc-carpromo/f49a025b7c21d8bfc7d5026bef759228d58b8692.png
Requested by
Host: www.luckycreek.com
URL: https://www.luckycreek.com/welcome/lc-carpromo/?TrackingToken=xkKLzKyl0rKxGTvYzsoHYmNd7ZgqdRLk
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.16.224.51 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
f5c3664e83e892dd1a6d013b888ff564202243219334b3afb6273053b6b7885e
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.luckycreek.com/welcome/lc-carpromo/?TrackingToken=xkKLzKyl0rKxGTvYzsoHYmNd7ZgqdRLk
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

date
Mon, 19 Jun 2023 20:22:23 GMT
referrer-policy
strict-origin-when-cross-origin
x-content-type-options
nosniff
server
cloudflare
etag
"e8fb0eac9d524105d27a8480f14c1476"
vary
Accept-Encoding
content-type
image/png
access-control-allow-origin
*
cache-control
public, max-age=0, must-revalidate
cf-ray
7d9e7bdf487625b8-MIA
content-length
17230
ef216d1727f7526e9864cd5c2c3cbd4c383828f4.png
www.luckycreek.com/welcome/lc-carpromo/ 		65 KB
66 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.luckycreek.com/welcome/lc-carpromo/ef216d1727f7526e9864cd5c2c3cbd4c383828f4.png
Requested by
Host: www.luckycreek.com
URL: https://www.luckycreek.com/welcome/lc-carpromo/?TrackingToken=xkKLzKyl0rKxGTvYzsoHYmNd7ZgqdRLk
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.16.224.51 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
fdc091ec0bee411f68b2c1cb34673127913a2a9f7b931e47d85abceb4e373382
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.luckycreek.com/welcome/lc-carpromo/?TrackingToken=xkKLzKyl0rKxGTvYzsoHYmNd7ZgqdRLk
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

date
Mon, 19 Jun 2023 20:22:23 GMT
referrer-policy
strict-origin-when-cross-origin
x-content-type-options
nosniff
server
cloudflare
etag
"d1587f866db7825371546632a8b8edc6"
vary
Accept-Encoding
content-type
image/png
access-control-allow-origin
*
cache-control
public, max-age=0, must-revalidate
cf-ray
7d9e7bdf487825b8-MIA
content-length
66974
main.js
ca-assets.cerebrospace.net/reg-form/assets/build/js/ 		282 KB
79 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://ca-assets.cerebrospace.net/reg-form/assets/build/js/main.js
Requested by
Host: www.luckycreek.com
URL: https://www.luckycreek.com/welcome/lc-carpromo/?TrackingToken=xkKLzKyl0rKxGTvYzsoHYmNd7ZgqdRLk
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:24f0:de00:17:7a94:8b80:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
1e5da47057283a522522a99098dd5f45ecef9b437a49e4eafb66c1f02aa5e841

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.luckycreek.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

x-amz-version-id
BU1eMNz6fAzumxwWJ1oMhkqwbCoWV8sg
content-encoding
gzip
via
1.1 54798bbc2ce3e33c706761634ac87e48.cloudfront.net (CloudFront)
date
Mon, 19 Jun 2023 00:18:16 GMT
last-modified
Mon, 26 Dec 2022 12:32:31 GMT
server
AmazonS3
x-amz-cf-pop
JFK50-P3
age
72249
x-amz-server-side-encryption
AES256
etag
W/"216876c0a77ec20e2d5022a7559f18f6"
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
application/javascript
cache-control
no-cache
x-amz-cf-id
uSHVcdynr02qM2hu-XOcP2wK_V2nmH3-g3EdIqB2MgFxzHZSrB7-9g==
v52afc6f149f6479b8c77fa569edb01181681764108816
static.cloudflareinsights.com/beacon.min.js/ 		19 KB
7 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://static.cloudflareinsights.com/beacon.min.js/v52afc6f149f6479b8c77fa569edb01181681764108816
Requested by
Host: www.luckycreek.com
URL: https://www.luckycreek.com/welcome/lc-carpromo/?TrackingToken=xkKLzKyl0rKxGTvYzsoHYmNd7ZgqdRLk
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6810:3865 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
13a548e040a1ec08f77911fed1d559b95e5daae0ee227e632140e003c7268e7b

Request headers

Referer
https://www.luckycreek.com/
Origin
https://www.luckycreek.com
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

date
Mon, 19 Jun 2023 20:22:24 GMT
content-encoding
gzip
last-modified
Mon, 17 Apr 2023 20:41:48 GMT
server
cloudflare
etag
W/2023.4.2
vary
Accept-Encoding
content-type
text/javascript;charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=86400
cross-origin-resource-policy
cross-origin
cf-ray
7d9e7bdfcff76dbc-MIA
js
www.googletagmanager.com/gtag/ 		120 KB
47 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagmanager.com/gtag/js?id=UA-20983594-2&l=dataLayer&cx=c
Requested by
Host: www.googleoptimize.com
URL: https://www.googleoptimize.com/optimize.js?id=OPT-MS3B5J7
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4020:804::2008 Montreal, Canada, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
8ef605bd6c5e69f420b7778f2d2b4ce638e3ae1bb9d7b1d5393287d11aba9685
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.luckycreek.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

date
Mon, 19 Jun 2023 20:22:23 GMT
content-encoding
br
strict-transport-security
max-age=31536000; includeSubDomains
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
47569
x-xss-protection
0
last-modified
Mon, 19 Jun 2023 18:00:00 GMT
server
Google Tag Manager
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
access-control-allow-headers
Cache-Control
expires
Mon, 19 Jun 2023 20:22:23 GMT
dbe9dd0d25f50902f3b8f3971644e444ada216f2.jpg
www.luckycreek.com/welcome/lc-carpromo/ 		75 KB
76 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.luckycreek.com/welcome/lc-carpromo/dbe9dd0d25f50902f3b8f3971644e444ada216f2.jpg
Requested by
Host: www.luckycreek.com
URL: https://www.luckycreek.com/welcome/lc-carpromo/?TrackingToken=xkKLzKyl0rKxGTvYzsoHYmNd7ZgqdRLk
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.16.224.51 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
7684cee7bc8b8893c409e414a7b8e54dec075be1c57a6a6469a6f7e1e840ee88
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.luckycreek.com/welcome/lc-carpromo/?TrackingToken=xkKLzKyl0rKxGTvYzsoHYmNd7ZgqdRLk
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

date
Mon, 19 Jun 2023 20:22:24 GMT
referrer-policy
strict-origin-when-cross-origin
x-content-type-options
nosniff
server
cloudflare
etag
"a461983a7a9894e5379567c54bf613da"
vary
Accept-Encoding
content-type
image/jpeg
access-control-allow-origin
*
cache-control
public, max-age=0, must-revalidate
cf-ray
7d9e7bdf993225b8-MIA
content-length
77148
analytics.js
www.google-analytics.com/ 		51 KB
21 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.google-analytics.com/analytics.js
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=UA-20983594-2
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4006:817::200e Flushing, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
e7b90d32907f89c49e9e2a2ccca95133277f756f13a14187936d9b948ff67b44
Security Headers
Name Value
Strict-Transport-Security max-age=10886400; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.luckycreek.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

strict-transport-security
max-age=10886400; includeSubDomains; preload
content-encoding
gzip
x-content-type-options
nosniff
date
Mon, 19 Jun 2023 20:11:08 GMT
last-modified
Mon, 17 Apr 2023 22:36:01 GMT
server
Golfe2
age
676
vary
Accept-Encoding
content-type
text/javascript
cache-control
public, max-age=7200
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
20737
expires
Mon, 19 Jun 2023 22:11:08 GMT
www.luckycreek.com.json
script.crazyegg.com/pages/data-scripts/0102/2282/site/ 		6 KB
3 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://script.crazyegg.com/pages/data-scripts/0102/2282/site/www.luckycreek.com.json?t=1
Requested by
Host: script.crazyegg.com
URL: https://script.crazyegg.com/pages/scripts/0102/2282.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6813:9308 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
980d4b3d503ce182d508059377367968650ddffb93cb24571a97f56cfccf6f4e

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.luckycreek.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

date
Mon, 19 Jun 2023 20:22:24 GMT
content-encoding
gzip
cf-cache-status
HIT
age
8541
ce-version
11.5.85
content-length
2358
last-modified
Mon, 19 Jun 2023 18:00:03 GMT
server
cloudflare
vary
Accept-Encoding
content-type
application/json
access-control-allow-origin
*
access-control-expose-headers
CE-Version
cache-control
public, max-age=300, s-maxage=1209600
accept-ranges
bytes
timing-allow-origin
*
cf-ray
7d9e7be07808dac5-MIA
254f56f35d70f2ce29aa37130f1318b9.js
script.crazyegg.com/pages/versioned/commontransformations-scripts/ 		115 KB
40 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://script.crazyegg.com/pages/versioned/commontransformations-scripts/254f56f35d70f2ce29aa37130f1318b9.js
Requested by
Host: script.crazyegg.com
URL: https://script.crazyegg.com/pages/scripts/0102/2282.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6813:9308 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
157b6e42c61194812ff2d94087dd9f92ee11b638d1a505315ccdfe4f935e8602

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.luckycreek.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

date
Mon, 19 Jun 2023 20:22:24 GMT
content-encoding
gzip
cf-cache-status
HIT
last-modified
Fri, 09 Jun 2023 01:00:31 GMT
server
cloudflare
age
8942
vary
Accept-Encoding
content-type
text/javascript
access-control-allow-origin
*
cache-control
public, max-age=31536000, s-maxage=31536000
accept-ranges
bytes
timing-allow-origin
*
cf-ray
7d9e7be0cf489abf-MIA
content-length
40480
collect
www.google-analytics.com/j/ 		2 B
210 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://www.google-analytics.com/j/collect?v=1&_v=j100&a=1370821634&t=pageview&_s=1&dl=https%3A%2F%2Fwww.luckycreek.com%2Fwelcome%2Flc-carpromo%2F%3FTrackingToken%3DxkKLzKyl0rKxGTvYzsoHYmNd7ZgqdRLk&ul=en-us&de=UTF-8&dt=Welcome%20to%20Lucky%20Creek&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=YEBAAUABAAAAACAAI~&jid=1847599965&gjid=1330371553&cid=1222454091.1687206144&tid=UA-20983594-2&_gid=417811598.1687206144&_r=1&gtm=457e36e0&jsscut=1&z=1266529460
Requested by
Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4006:817::200e Flushing, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
de3246094525b21a870fc7d2a67490d0132535c6fa5993755c549f1a9d1bd8af
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://www.luckycreek.com/
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Mon, 19 Jun 2023 20:22:24 GMT
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://www.luckycreek.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
2
expires
Fri, 01 Jan 1990 00:00:00 GMT
www.luckycreek.com.json
script.crazyegg.com/pages/data-scripts/0102/2282/sampling/ 		161 B
241 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://script.crazyegg.com/pages/data-scripts/0102/2282/sampling/www.luckycreek.com.json?t=468668
Requested by
Host: script.crazyegg.com
URL: https://script.crazyegg.com/pages/versioned/commontransformations-scripts/254f56f35d70f2ce29aa37130f1318b9.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6813:9308 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
f8f369a07ee934cb2ed2cb32fc3acf81369293a22760d015ef02d232bd9005f7

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.luckycreek.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

date
Mon, 19 Jun 2023 20:22:24 GMT
content-encoding
gzip
cf-cache-status
HIT
age
8540
ce-version
11.5.85
content-length
149
last-modified
Mon, 19 Jun 2023 18:00:04 GMT
server
cloudflare
vary
Accept-Encoding
content-type
application/json
access-control-allow-origin
*
access-control-expose-headers
CE-Version
cache-control
public, max-age=300, s-maxage=1209600
accept-ranges
bytes
timing-allow-origin
*
cf-ray
7d9e7be199f3dac5-MIA
snare.dist.js
ca-assets.cerebrospace.net/reg-form/assets/vendor/ 		54 KB
12 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://ca-assets.cerebrospace.net/reg-form/assets/vendor/snare.dist.js
Requested by
Host: ca-assets.cerebrospace.net
URL: https://ca-assets.cerebrospace.net/reg-form/assets/build/js/main.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:24f0:de00:17:7a94:8b80:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
d0ea652e83adeffa45604b3407b7bd735683c6dd3d62f4cdc00797cb451f9e4c

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.luckycreek.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

x-amz-version-id
bMcg3hmI1aS00ZjsZ5vxFWhnHfbhon1T
content-encoding
br
via
1.1 54798bbc2ce3e33c706761634ac87e48.cloudfront.net (CloudFront)
date
Mon, 19 Jun 2023 07:15:18 GMT
last-modified
Mon, 26 Dec 2022 12:32:27 GMT
server
AmazonS3
x-amz-cf-pop
JFK50-P3
age
47227
x-amz-server-side-encryption
AES256
etag
W/"42825aff08b1980e82c2400bd6a976a2"
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
application/javascript
cache-control
no-cache
x-amz-cf-id
IXkxiLZxDXB75mxmeTuwsCCPdt_GebLKE_PXE4U_KJPGToVLa2JgJw==
index.html
ca-assets.cerebrospace.net/reg-form/forms/register/ Frame E899 		686 KB
227 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://ca-assets.cerebrospace.net/reg-form/forms/register/index.html
Requested by
Host: ca-assets.cerebrospace.net
URL: https://ca-assets.cerebrospace.net/reg-form/assets/build/js/main.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:24f0:de00:17:7a94:8b80:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
9e1a3e06e658ba5a141bfa3df7140dcf561b07f129fdaeedac4956196acb11bc

Request headers

Referer
https://www.luckycreek.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36
accept-language
en-US,en;q=0.9

Response headers

age
78383
cache-control
no-cache
content-encoding
gzip
content-type
text/html
date
Sun, 18 Jun 2023 22:36:02 GMT
etag
W/"49a3de244a76f3c7a4586e6e38d5ea05"
last-modified
Mon, 26 Dec 2022 12:32:24 GMT
server
AmazonS3
vary
Accept-Encoding
via
1.1 54798bbc2ce3e33c706761634ac87e48.cloudfront.net (CloudFront)
x-amz-cf-id
akvwFjjtlPAncX0BQLHIvNgQf_fWQ57NvMCV988X7WS7FGJiHi3G9g==
x-amz-cf-pop
JFK50-P3
x-amz-server-side-encryption
AES256
x-amz-version-id
lV3jrncfujPxP93.0pkGUkyiUbAaUqfY
x-cache
Hit from cloudfront
invisible.js
www.luckycreek.com/cdn-cgi/challenge-platform/h/g/scripts/jsd/6cdb09c9/ Frame F2F6
Redirect Chain
  • https://www.luckycreek.com/cdn-cgi/challenge-platform/scripts/invisible.js
  • https://www.luckycreek.com/cdn-cgi/challenge-platform/h/g/scripts/jsd/6cdb09c9/invisible.js
7 KB
4 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.luckycreek.com/cdn-cgi/challenge-platform/h/g/scripts/jsd/6cdb09c9/invisible.js
Requested by
Host: www.luckycreek.com
URL: https://www.luckycreek.com/welcome/lc-carpromo/?TrackingToken=xkKLzKyl0rKxGTvYzsoHYmNd7ZgqdRLk
Protocol
H2
Server
104.16.224.51 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
4a518c781783811bb8608cc1718083f8ca0381a2ace51c7666eb7abb27c6d668
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

accept-language
en-US,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

date
Mon, 19 Jun 2023 20:22:24 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cloudflare
vary
accept-encoding
content-type
application/javascript; charset=UTF-8
cache-control
max-age=14400, public
cf-ray
7d9e7be22ff725b8-MIA

Redirect headers

date
Mon, 19 Jun 2023 20:22:24 GMT
content-encoding
gzip
server
cloudflare
vary
accept-encoding
access-control-allow-origin
*
location
/cdn-cgi/challenge-platform/h/g/scripts/jsd/6cdb09c9/invisible.js
cache-control
max-age=300, public
cf-ray
7d9e7be1aeca25b8-MIA
healthcheck
pagestates-tracking.crazyegg.com/ Frame 1330 		19 B
460 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://pagestates-tracking.crazyegg.com/healthcheck
Requested by
Host: script.crazyegg.com
URL: https://script.crazyegg.com/pages/versioned/commontransformations-scripts/254f56f35d70f2ce29aa37130f1318b9.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
54.230.163.24 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-54-230-163-24.ewr53.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
830e67bda2532cd5880ee86e3b33e69721082f8458bb0df0cd4edbb1577fd375

Request headers

accept-language
en-US,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

date
Wed, 03 May 2023 08:58:42 GMT
via
1.1 1e50ca9ac269e92d749f11227b12760c.cloudfront.net (CloudFront)
x-amz-cf-pop
EWR53-C3
age
4101823
x-cache
Hit from cloudfront
content-length
19
last-modified
Fri, 08 Jul 2022 22:25:51 GMT
server
AmazonS3
etag
"d06f04fccf68d0b228a5923187ce1afd"
access-control-max-age
31536000
access-control-allow-methods
GET, HEAD
content-type
application/json
access-control-allow-origin
*
access-control-expose-headers
Access-Control-Allow-Origin
accept-ranges
bytes
x-amz-cf-id
TxAP6uF-_E93vS4_PoPSMa5z3oaiidrIOv5SNV3TZFZGK7-9G2dNzg==
healthcheck
assets-tracking.crazyegg.com/ Frame 1330 		19 B
462 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://assets-tracking.crazyegg.com/healthcheck
Requested by
Host: script.crazyegg.com
URL: https://script.crazyegg.com/pages/versioned/commontransformations-scripts/254f56f35d70f2ce29aa37130f1318b9.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.67.65.8 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-67-65-8.iad89.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
830e67bda2532cd5880ee86e3b33e69721082f8458bb0df0cd4edbb1577fd375

Request headers

accept-language
en-US,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

date
Thu, 04 May 2023 09:34:09 GMT
via
1.1 4a050b98a443ca2d3af477f9b4dc39ae.cloudfront.net (CloudFront)
x-amz-cf-pop
IAD89-P1
age
4013296
x-cache
Hit from cloudfront
content-length
19
last-modified
Fri, 08 Jul 2022 22:25:51 GMT
server
AmazonS3
etag
"d06f04fccf68d0b228a5923187ce1afd"
access-control-max-age
31536000
access-control-allow-methods
GET, HEAD
content-type
application/json
access-control-allow-origin
*
access-control-expose-headers
Access-Control-Allow-Origin
accept-ranges
bytes
x-amz-cf-id
D_5GGyrPYrP1qp65znnKFR57udqfbWEsPb-3o1f1WVl4DIJP43gXSg==
collect
stats.g.doubleclick.net/j/ 		2 B
350 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://stats.g.doubleclick.net/j/collect?t=dc&aip=1&_r=3&v=1&_v=j100&tid=UA-20983594-2&cid=1222454091.1687206144&jid=1847599965&gjid=1330371553&_gid=417811598.1687206144&_u=YEBAAUAAAAAAACAAI~&z=2059135415
Requested by
Host: ca-assets.cerebrospace.net
URL: https://ca-assets.cerebrospace.net/reg-form/assets/build/js/main.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4004:c0b::9a Ashburn, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
6068f86ff5e6d3a3e100e95fd0ab03a5fb9ebfca9386b2c0ee131361a62526c2
Security Headers
Name Value
Strict-Transport-Security max-age=10886400; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://www.luckycreek.com/
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
strict-transport-security
max-age=10886400; includeSubDomains; preload
date
Mon, 19 Jun 2023 20:22:24 GMT
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://www.luckycreek.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
2
expires
Fri, 01 Jan 1990 00:00:00 GMT
7785959b-58f3-4ff0-8c9c-80bb70a0be9d
https://www.luckycreek.com/ 		45 B
0 		Other
General
Check archive.org
Download Go to
Full URL
blob:https://www.luckycreek.com/7785959b-58f3-4ff0-8c9c-80bb70a0be9d
Requested by
Host: www.luckycreek.com
URL: https://www.luckycreek.com/welcome/lc-carpromo/?TrackingToken=xkKLzKyl0rKxGTvYzsoHYmNd7ZgqdRLk
Protocol
BLOB
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
e8f74416e7bc7051dbd2c0b2dec8cdb9a5ba4b36f88ba1b65c3e7dd7447b4090

Request headers

accept-language
en-US,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

Content-Length
45
Content-Type
text/javascript
7d9e7bdbcf7f25b8
www.luckycreek.com/cdn-cgi/challenge-platform/h/g/cv/result/ Frame F2F6 		0
308 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://www.luckycreek.com/cdn-cgi/challenge-platform/h/g/cv/result/7d9e7bdbcf7f25b8
Requested by
Host: www.luckycreek.com
URL: https://www.luckycreek.com/cdn-cgi/challenge-platform/scripts/invisible.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.16.224.51 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36
Content-Type
application/json

Response headers

date
Mon, 19 Jun 2023 20:22:24 GMT
content-encoding
gzip
server
cloudflare
cf-ray
7d9e7be3ab7225b8-MIA
content-type
text/plain; charset=UTF-8
ga-audiences
www.google.com/ads/ 		42 B
408 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.com/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j100&tid=UA-20983594-2&cid=1222454091.1687206144&jid=1847599965&_u=YEBAAUAAAAAAACAAI~&z=66284396
Requested by
Host: www.luckycreek.com
URL: https://www.luckycreek.com/welcome/lc-carpromo/?TrackingToken=xkKLzKyl0rKxGTvYzsoHYmNd7ZgqdRLk
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4006:824::2004 Flushing, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.luckycreek.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 19 Jun 2023 20:22:24 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
clock
tracking.crazyegg.com/ Frame 1330 		29 B
136 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://tracking.crazyegg.com/clock?t=1687206144572&tk=92945bbfc1339eebac302db4fe1da59f&s=373551&p=%2Fwelcome%2Flc-carpromo%2F&u=1022282&v=3829ea9d4a271b1718f53c9b822512e7afc43940&f=luckycreek.com%2Fwelcome%2Flc-carpromo&ul=https%3A%2F%2Fwww.luckycreek.com%2Fwelcome%2Flc-carpromo%2F%3FTrackingToken%3DxkKLzKyl0rKxGTvYzsoHYmNd7ZgqdRLk
Requested by
Host: script.crazyegg.com
URL: https://script.crazyegg.com/pages/versioned/commontransformations-scripts/254f56f35d70f2ce29aa37130f1318b9.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.0.247.177 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-52-0-247-177.compute-1.amazonaws.com
Software
awselb/2.0 /
Resource Hash
3715324a2ba58f4336f8f71a9315d01d75c2da11dfe842fb426560b6316d2799

Request headers

accept-language
en-US,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

access-control-allow-origin
*
date
Mon, 19 Jun 2023 20:22:24 GMT
cache-control
no-store
server
awselb/2.0
content-length
29
content-type
text/plain
player_credentials
kore.bosurl.net/v3/api/auth/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://kore.bosurl.net/v3/api/auth/player_credentials
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
200.124.146.155 , Curacao, ASN26505 (E-Commerce Park, N.V., CW),
Reverse DNS
sub-146ip155.e-commercepark.com
Software
/
Resource Hash

Request headers

Accept
*/*
Access-Control-Request-Headers
x-kore-returnurl
Access-Control-Request-Method
GET
Origin
https://www.luckycreek.com
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

access-control-allow-headers
x-kore-returnurl
access-control-allow-methods
GET
access-control-allow-origin
*
access-control-max-age
31536000
date
Mon, 19 Jun 2023 20:22:24 GMT
player_credentials
kore.bosurl.net/v3/api/auth/ 		27 B
143 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://kore.bosurl.net/v3/api/auth/player_credentials
Requested by
Host: ca-assets.cerebrospace.net
URL: https://ca-assets.cerebrospace.net/reg-form/assets/build/js/main.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
200.124.146.155 , Curacao, ASN26505 (E-Commerce Park, N.V., CW),
Reverse DNS
sub-146ip155.e-commercepark.com
Software
/
Resource Hash
71701b60d0f6d561e38447a811bbb7382ca79c7b63096be12a9b5e37d56a2134

Request headers

Referer
https://www.luckycreek.com/
X-Kore-ReturnUrl
https://www.luckycreek.com
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

access-control-allow-origin
*
pragma
no-cache
date
Mon, 19 Jun 2023 20:22:24 GMT
cache-control
no-store,no-cache
x-kore-version
3.23.4365.5-x6d6d5ff5
content-length
27
content-type
application/json; charset=utf-8
token
kore.bosurl.net/v3/api/auth/brand_public_credentials/ 		683 B
722 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://kore.bosurl.net/v3/api/auth/brand_public_credentials/token
Requested by
Host: ca-assets.cerebrospace.net
URL: https://ca-assets.cerebrospace.net/reg-form/assets/build/js/main.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
200.124.146.155 , Curacao, ASN26505 (E-Commerce Park, N.V., CW),
Reverse DNS
sub-146ip155.e-commercepark.com
Software
/
Resource Hash
17247885399dbd04339e7faa47e80365a36db4c6441d354a9f13efbdd55e2d2e

Request headers

Referer
https://www.luckycreek.com/
X-Kore-ReturnUrl
https://www.luckycreek.com
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36
Content-Type
application/json

Response headers

access-control-allow-origin
*
pragma
no-cache
date
Mon, 19 Jun 2023 20:22:24 GMT
cache-control
no-store,no-cache
x-kore-version
3.23.4365.5-x6d6d5ff5
content-length
683
content-type
application/json; charset=utf-8
token
kore.bosurl.net/v3/api/auth/brand_public_credentials/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://kore.bosurl.net/v3/api/auth/brand_public_credentials/token
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
200.124.146.155 , Curacao, ASN26505 (E-Commerce Park, N.V., CW),
Reverse DNS
sub-146ip155.e-commercepark.com
Software
/
Resource Hash

Request headers

Accept
*/*
Access-Control-Request-Headers
content-type,x-kore-returnurl
Access-Control-Request-Method
POST
Origin
https://www.luckycreek.com
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

access-control-allow-headers
content-type,x-kore-returnurl
access-control-allow-methods
POST
access-control-allow-origin
*
access-control-max-age
31536000
date
Mon, 19 Jun 2023 20:22:24 GMT
trace
cloudflare.com/cdn-cgi/ Frame E899 		319 B
454 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://cloudflare.com/cdn-cgi/trace
Requested by
Host: ca-assets.cerebrospace.net
URL: https://ca-assets.cerebrospace.net/reg-form/forms/register/index.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6810:85e5 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
4e0801fde539e9b567662daf7bfb114cd20fbb00cdc2e0456db7210d01a67da8
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options DENY

Request headers

accept-language
en-US,en;q=0.9
Referer
https://ca-assets.cerebrospace.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

date
Mon, 19 Jun 2023 20:22:24 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cloudflare
x-frame-options
DENY
content-type
text/plain
access-control-allow-origin
*
cache-control
no-cache
cf-ray
7d9e7be50e7ada1f-MIA
expires
Thu, 01 Jan 1970 00:00:01 GMT
eb4ad3af-fa23-4bba-8ee3-457b178b57de
https://www.luckycreek.com/ 		256 B
0 		Other
General
Check archive.org
Download Go to
Full URL
blob:https://www.luckycreek.com/eb4ad3af-fa23-4bba-8ee3-457b178b57de
Requested by
Host: www.luckycreek.com
URL: https://www.luckycreek.com/welcome/lc-carpromo/?TrackingToken=xkKLzKyl0rKxGTvYzsoHYmNd7ZgqdRLk
Protocol
BLOB
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
0cb25714979b5c1b284072dbc95bb4dc3867c7602c7a8f72ecc79f47eb250b3d

Request headers

accept-language
en-US,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

Content-Length
256
Content-Type
text/javascript
a
www.googletagmanager.com/ 		0
11 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.googletagmanager.com/a?id=OPT-MS3B5J7&cv=10&t=ol&p=opts&l=-8&q=0&f=337&e=10&i=0&d=-401&c=-130&hc=0&sr=0.050000&ps=0.024904699722439805&cb=70688998
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4020:804::2008 Montreal, Canada, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.luckycreek.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

date
Mon, 19 Jun 2023 20:22:24 GMT
server
Google Tag Manager
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
content-type
text/html
rum
www.luckycreek.com/cdn-cgi/ 		0
162 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://www.luckycreek.com/cdn-cgi/rum?
Requested by
Host: ca-assets.cerebrospace.net
URL: https://ca-assets.cerebrospace.net/reg-form/assets/build/js/main.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.16.224.51 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options DENY

Request headers

Referer
https://www.luckycreek.com/welcome/lc-carpromo/?TrackingToken=xkKLzKyl0rKxGTvYzsoHYmNd7ZgqdRLk
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36
content-type
application/json

Response headers

date
Mon, 19 Jun 2023 20:22:24 GMT
x-content-type-options
nosniff
server
cloudflare
vary
Origin
access-control-max-age
86400
access-control-allow-methods
POST,OPTIONS
access-control-allow-origin
https://www.luckycreek.com
x-frame-options
DENY
access-control-allow-credentials
true
cf-ray
7d9e7be52f2425b8-MIA
truncated
/ Frame E899 		71 KB
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
4e3819ae591af96c903b524a4401675978ecf0fa73795dbd83efaee2b6150480

Request headers

accept-language
en-US,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

Content-Type
image/png
currencies
kore.bosurl.net/v3/api/ Frame E899 		658 B
718 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://kore.bosurl.net/v3/api/currencies
Requested by
Host: ca-assets.cerebrospace.net
URL: https://ca-assets.cerebrospace.net/reg-form/forms/register/index.html
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
200.124.146.155 , Curacao, ASN26505 (E-Commerce Park, N.V., CW),
Reverse DNS
sub-146ip155.e-commercepark.com
Software
/
Resource Hash
2b4720f249630a0a8cea325a706682a7b7c39b91ac77096cca31a5b972370135

Request headers

Referer
https://ca-assets.cerebrospace.net/
X-Kore-ReturnUrl
https://www.luckycreek.com
accept-language
en-US,en;q=0.9
Authorization
Bearer CfDJ8AZHRvUkGYJLmdip9fG1C2SqqLEX0QfINhjkXGI4RrkrB/XabRKi6F77j4VP5OqzA5fKwEpFngRLd07lcjRbLRBY/43/IUJoj6+3jA89jODy/F2ilyyhnVlJBNO5ml803R1+BJqwX+3aXwNjhIRj+rvvpgDJdrhGsnJOfBTmvWxPchv0YJoHbwlzHgJiRzbtuqtjeYOdNEf9HyRDJ5TiYBXQBTap4ewfGed2A4WT17cKCm8vxczvK8uxSZwFy5jLwScjUq4tmbA8pO5ZuwZGSVvOyLtDv1oOJV6fTEyzGUuuQhb1APRZggZW83egbLjoQ+ElAbOnxe0SxxRX49NgKevoxZPqvZThXX7QgXrINhPQzPlvA52YF7vz4MlauT3gY2hS2+6aC0ztuXrsupirgJLFCt1u8o7oIHP1VGaymfFDpkv56MYXr0ovIrGz/iyZEdosRA94WBC9DrpN7AEfezkgNFLSRPB0tW4g8+e/G6Yu
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 19 Jun 2023 20:22:24 GMT
x-casino-brand
LuckyCreek
content-type
application/json; charset=utf-8
access-control-allow-origin
*
x-kore-version
3.23.4365.5-x6d6d5ff5
cache-control
no-store,no-cache
content-length
658
currencies
kore.bosurl.net/v3/api/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://kore.bosurl.net/v3/api/currencies
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
200.124.146.155 , Curacao, ASN26505 (E-Commerce Park, N.V., CW),
Reverse DNS
sub-146ip155.e-commercepark.com
Software
/
Resource Hash

Request headers

Accept
*/*
Access-Control-Request-Headers
authorization,x-kore-returnurl
Access-Control-Request-Method
GET
Origin
https://ca-assets.cerebrospace.net
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

access-control-allow-headers
authorization,x-kore-returnurl
access-control-allow-methods
GET
access-control-allow-origin
*
access-control-max-age
31536000
date
Mon, 19 Jun 2023 20:22:24 GMT

Verdicts & Comments Add Verdict or Comment

332 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| 0 object| 1 object| 2 object| 3 boolean| credentialless object| onbeforetoggle object| onscrollend object| google_tag_manager object| google_tag_data object| dataLayer object| google_optimize function| gtag object| ma function| Sc function| O_ object| Yu object| Du number| Ql function| Ac function| D_ object| xc object| tf function| Oc function| I_ function| nf function| rf function| Ea function| af function| ws function| L_ function| Nc function| R_ function| P_ function| M_ function| Dc function| ys function| F_ function| B_ function| H_ function| W_ function| of function| q_ function| k_ function| $_ function| U_ function| j_ function| sf function| zu function| V_ function| K_ function| G_ function| Y_ function| z_ function| Q_ function| X_ object| Vt object| za function| Xl function| Ic object| J_ function| Ss function| Z_ object| em function| tm object| Lc function| Xa object| Rc object| Pc function| no object| Mc object| gr function| nm function| Fc function| Iu number| Jl function| rm object| Lu number| Zl function| im function| am function| om function| sm function| um function| Bc function| Ru number| ec function| fm function| Pu number| tc function| lm function| Mu number| nc function| As function| Fu number| rc function| cm function| Bu number| ic function| ac object| Hu number| oc function| hm object| Bt function| sc function| uc object| dm function| pm object| gm function| fc function| vm function| _m object| xs object| uf object| mm object| Em function| ym function| Wu number| lc function| Hc object| cc function| qu function| Tm object| wm function| Cm function| ku function| bm object| Fn function| Wc object| $u number| hc function| qc string| Sm function| Gi object| ff object| dc function| Am object| xm object| kc function| Om function| pc function| gc function| Os function| Nm object| $c object| Qa function| Ja function| Dm function| Uu number| vc function| Im function| ju number| _c function| Lm function| Vu number| mc function| Rm object| Ec function| Pm function| Ts function| Mm object| Fm function| Uc function| En object| Qu boolean| Uo number| Hm function| Wm function| qm function| km function| $m function| jc function| ya function| lf function| jo function| Vc boolean| yc boolean| Tc function| ro function| Za function| Um function| Xu function| Cs function| eo function| jm function| wc function| Cc function| Kc function| Vm function| Km function| to function| Xn function| Yi function| Ju function| cf function| Gm function| Gc function| Yc function| hf function| Ym function| zc function| Qc function| Xc function| bs function| Jc function| Vo function| zm function| Zc function| Qm function| eh function| df function| Xm function| th function| nh function| Jm function| Zm function| eE function| tE function| pf function| Zu function| nE function| rE function| iE function| aE boolean| oE function| sE function| rh function| uE function| fE object| ih object| Ku function| bc object| Gu function| lE function| cE function| hE function| dE function| pE function| gE function| vE function| _E function| mE object| EE object| yE function| Ns function| Es object| bE function| ef object| SE function| _ function| $ function| axios object| bootstrap object| Cookies string| GoogleAnalyticsObject function| ga boolean| CE_USER_SCRIPT object| CE2 string| CE_USER_SITE_DATA_URL string| CE_USER_DATA_URL string| CE_USER_COMMON_SCRIPT_URL string| CE_USER_THIRDPARTY_SCRIPT_URL object| webpackChunkCE2 object| CE2BH function| CE_URL_FINGERPRINT string| __INDIVIDUAL_ONE_VERSION_ev-store_ENFORCE_SINGLETON undefined| __INDIVIDUAL_ONE_VERSION_ev-store object| gaplugins object| gaGlobal object| gaData object| webpackChunk number| _rollbarStartTime object| rollbar boolean| _rollbarDidLoad function| tldParser object| logger function| Agent object| __cfBeacon function| _rollbarURH object| agent string| _i_a string| localObjectName function| __if_a function| __if_b function| __if_c object| _i_d object| _i_o object| _i_z object| _i_aa object| _i_ac object| _i_cr function| __if_d object| io_adp function| __if_e object| _i_dt function| __if_f function| iov_fl_cb function| iov_fl_fn function| iov_fl_get_value function| __if_g object| io_dp function| __if_h function| ioGetBlackbox object| io_cm function| __if_i object| _i_fm object| _i_fn object| _i_fo object| _i_dl object| _i_fp function| __if_j function| __if_k number| _i_fq function| __if_l number| _i_fs function| __if_m string| io_last_error object| IGLOO boolean| io_install_stm boolean| io_install_flash number| io_exclude_stm string| io_stm_cab_url string| io_install_stm_error_handler string| io_flash_needs_update_handler boolean| io_enable_rip object| io_flash_blacklist object| io_flash_whitelist string| io_min_flash_in_firefox_version string| io_min_flash_in_firefox_linux_version string| io_min_flash_version string| _i_dw number| _i_g number| _i_bl

17 Cookies

Domain/Path Name / Value
.watrking.com/ Name: sid
Value: gN3jZrFkjZAk1X1bYx3AvfVIp/ft6XW8mGBO0DXcN68ybKsFZfHouw==
.watrking.com/ Name: trk
Value: OQRT2o4aHilbd+NCvhNJU8/j4+xOWyt7xZ914OGlPJhrkxmb4tKStQ==
.watrking.com/ Name: c573
Value: gN3jZrFkjZCTJcREscygkZBGgBKVX0t4VrwbjhDEkQk=
record.genesysaffiliates.com/ Name: VID1
Value: KCxTJFksUzxULiNgYApgCg%3D%3D
.genesysaffiliates.com/ Name: ZBan
Value: xkKLzKyl0rKxGTvYzsoHYmNd7ZgqdRLk
.luckycreek.com/ Name: _ga
Value: GA1.2.1222454091.1687206144
.luckycreek.com/ Name: _gid
Value: GA1.2.417811598.1687206144
.luckycreek.com/ Name: _gat_gtag_UA_20983594_2
Value: 1
www.luckycreek.com/ Name: aff_offer
Value: {%22id%22:818%2C%22offer_id%22:%22offer_818%22%2C%22top_offer_text%22:%22$7%2C500%20Welcome%20Package%22%2C%22top_offer_code%22:%22200%25%20Match%20Bonus%20up%20to%20$7500%20Code:%20200GETLUCKY%22%2C%22second_offer_text%22:%22+30%20Free%20Spins%22%2C%22second_offer_code%22:%22on%20Big%20Game%20-%20Code:%20200GETLUCKY%22%2C%22background_image%22:%22https://www.luckycreek.com/welcome/lc-carpromo/dbe9dd0d25f50902f3b8f3971644e444ada216f2.jpg%22%2C%22left_image%22:%22https://www.luckycreek.com/welcome/lc-carpromo/3094eec12c8a253c27cc7c5bbd0ea2919ce342f8.png%22%2C%22affiliate_logo%22:null%2C%22days_valid_after_reg%22:14%2C%22created_at%22:%222023-06-07%2010:31:51%22%2C%22updated_at%22:%222023-06-07%2011:59:13%22}
.luckycreek.com/ Name: cebs
Value: 1
.luckycreek.com/ Name: _ce.s
Value: v~3829ea9d4a271b1718f53c9b822512e7afc43940~lcw~1687206144308~vpv~0~lcw~1687206144309
.luckycreek.com/ Name: _ce.clock_event
Value: 1
.luckycreek.com/ Name: __cf_bm
Value: D4Ffc7sRjCBBDkNuzH4HNhZHRM.SlbNIlVHISLl6wwU-1687206144-0-AU/mThuSQN63UCL/P5iNY+0mdXtdzafap0cZeYJ1AJIJOdBUybk8mImyotNk5+9IRxsOTMo1gYnTUC319UiuAYaDqbXJn4KbI6IxTqengRjC
.luckycreek.com/ Name: _ce.clock_data
Value: 36%2C38.132.118.76%2C1%2C8623b242deb4313525321dba17b62725
.luckycreek.com/ Name: _CEFT
Value: Q%3D%3D%3D
.luckycreek.com/ Name: cebsp_
Value: 1
.luckycreek.com/ Name: kore.tracking
Value: 467ce591-43a6-44b5-802e-92076e2c05b7

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

assets-tracking.crazyegg.com
ca-assets.cerebrospace.net
cloudflare.com
kore.bosurl.net
pagestates-tracking.crazyegg.com
pmpchoice.co.uk
record.genesysaffiliates.com
script.crazyegg.com
static.cloudflareinsights.com
stats.g.doubleclick.net
storage.googleapis.com
tracking.crazyegg.com
watrking.com
www.google-analytics.com
www.google.com
www.googleoptimize.com
www.googletagmanager.com
www.luckycreek.com
104.16.224.51
104.18.193.136
134.119.184.174
18.233.172.102
18.67.65.8
200.124.146.155
2600:9000:24f0:de00:17:7a94:8b80:93a1
2606:4700::6810:3865
2606:4700::6810:85e5
2606:4700::6813:9308
2607:f8b0:4004:c0b::9a
2607:f8b0:4006:817::200e
2607:f8b0:4006:820::200e
2607:f8b0:4006:821::2010
2607:f8b0:4006:824::2004
2607:f8b0:4020:804::2008
52.0.247.177
54.230.163.24
0cb25714979b5c1b284072dbc95bb4dc3867c7602c7a8f72ecc79f47eb250b3d
0ce9db198254ead843a40086d6638864915f336622e527c39b51f7d8d37637d9
13a548e040a1ec08f77911fed1d559b95e5daae0ee227e632140e003c7268e7b
157b6e42c61194812ff2d94087dd9f92ee11b638d1a505315ccdfe4f935e8602
17247885399dbd04339e7faa47e80365a36db4c6441d354a9f13efbdd55e2d2e
1c425423716a3e3a849ffb10e54c060a1f0156e778c4471cea3c0f24b6af45ce
1e5da47057283a522522a99098dd5f45ecef9b437a49e4eafb66c1f02aa5e841
2b4720f249630a0a8cea325a706682a7b7c39b91ac77096cca31a5b972370135
3715324a2ba58f4336f8f71a9315d01d75c2da11dfe842fb426560b6316d2799
3e900d3dbd5efbcd24f57a3e248638c764a53268375c77cb11d2cfdcd787c6c9
4a518c781783811bb8608cc1718083f8ca0381a2ace51c7666eb7abb27c6d668
4e0801fde539e9b567662daf7bfb114cd20fbb00cdc2e0456db7210d01a67da8
4e3819ae591af96c903b524a4401675978ecf0fa73795dbd83efaee2b6150480
54040e9adeef1436d2ba00910558055fc8f07ab63939170d0db1d12b769025ba
6068f86ff5e6d3a3e100e95fd0ab03a5fb9ebfca9386b2c0ee131361a62526c2
656f35c5fcfd4f00e69a1b50dc93f26916440f984473f1fa9c14cd1d9ebca30c
71701b60d0f6d561e38447a811bbb7382ca79c7b63096be12a9b5e37d56a2134
7684cee7bc8b8893c409e414a7b8e54dec075be1c57a6a6469a6f7e1e840ee88
830e67bda2532cd5880ee86e3b33e69721082f8458bb0df0cd4edbb1577fd375
8ef605bd6c5e69f420b7778f2d2b4ce638e3ae1bb9d7b1d5393287d11aba9685
980d4b3d503ce182d508059377367968650ddffb93cb24571a97f56cfccf6f4e
9e1a3e06e658ba5a141bfa3df7140dcf561b07f129fdaeedac4956196acb11bc
b94e2b4f586b22eb4cb310f7ffbe439ed113a4604bb4f87e83de11e639269776
c84f71291ef95678406f9174453aae8ac18eb2ededbdb9a555740f787e3e5f1d
d0ea652e83adeffa45604b3407b7bd735683c6dd3d62f4cdc00797cb451f9e4c
d55e0ff60f3ad7f3f4543ce82021f1e8000f79213b8fa1ebd519737ef7657a0c
de3246094525b21a870fc7d2a67490d0132535c6fa5993755c549f1a9d1bd8af
e03027327ad58001eb8961ae866ccb5f5f22f90b249a787b2516c0e72355f269
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e7b90d32907f89c49e9e2a2ccca95133277f756f13a14187936d9b948ff67b44
e8f74416e7bc7051dbd2c0b2dec8cdb9a5ba4b36f88ba1b65c3e7dd7447b4090
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
f0031617681c88bf84ec3068213f0e935415a655f707949091721e347dcf13c2
f12960d3677154c8edac82f3b42662b9337d6ad06f641d0ebb955dfd672c7be4
f5c3664e83e892dd1a6d013b888ff564202243219334b3afb6273053b6b7885e
f8f369a07ee934cb2ed2cb32fc3acf81369293a22760d015ef02d232bd9005f7
fcac04ddf423e0c736fa07e09a06e655031d6aa58fc693740433070bf897ef33
fdc091ec0bee411f68b2c1cb34673127913a2a9f7b931e47d85abceb4e373382