luckydays.com Open in urlscan Pro
2606:4700::6810:af33 Public Scan

Go To Rescan
Add Verdict Report

Submitted URL:
http://alabasta.club/rd/c11657RFMJO15888150QmtQ15313gxo11111KWyy1875
Effective URL:
https://luckydays.com/?btag=654554_487804734CFF4DD9B96039A33AA39CEB&clickid=9046914
Submission: On January 24 via api (January 24th 2021, 7:13:35 am UTC) from BE

Summary HTTP 69 Redirects Links 3 Behaviour Indicators

Summary

This website contacted 20 IPs in 6 countries across 19 domains to perform 69 HTTP transactions. The main IP is 2606:4700::6810:af33, located in United States and belongs to CLOUDFLARENET, US. The main domain is luckydays.com.
TLS certificate: Issued by Cloudflare Inc ECC CA-3 on July 9th 2020. Valid for: a year.

This is the only time luckydays.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
1 2	91.211.249.245 91.211.249.245	204601 (ON-LINE-D...) (ON-LINE-DATA Server location - Netherlands)
1 1	34.95.111.202 34.95.111.202	15169 (GOOGLE) (GOOGLE)
1 1	35.190.91.50 35.190.91.50	15169 (GOOGLE) (GOOGLE)
1 1	159.65.121.218 159.65.121.218	14061 (DIGITALOC...) (DIGITALOCEAN-ASN)
1 1	146.177.40.248 146.177.40.248	15395 (RACKSPACE...) (RACKSPACE-LON)
11	2606:4700::68... 2606:4700::6810:af33	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	2a00:1450:400... 2a00:1450:4001:806::200e	15169 (GOOGLE) (GOOGLE)
5	2a00:1450:400... 2a00:1450:4001:808::2008	15169 (GOOGLE) (GOOGLE)
1	35.156.229.222 35.156.229.222	16509 (AMAZON-02) (AMAZON-02)
3 5	37.157.6.242 37.157.6.242	198622 (ADFORM) (ADFORM)
1	37.157.5.72 37.157.5.72	198622 (ADFORM) (ADFORM)
5	2a00:1450:400... 2a00:1450:4001:80b::200e	15169 (GOOGLE) (GOOGLE)
1	35.186.235.23 35.186.235.23	15169 (GOOGLE) (GOOGLE)
4	2620:1ec:bdf::13 2620:1ec:bdf::13	8068 (MICROSOFT...) (MICROSOFT-CORP-MSN-AS-BLOCK)
1	130.211.34.183 130.211.34.183	15169 (GOOGLE) (GOOGLE)
5	2a00:1450:400... 2a00:1450:4001:814::200a	15169 (GOOGLE) (GOOGLE)
10	104.18.72.113 104.18.72.113	13335 (CLOUDFLAR...) (CLOUDFLARENET)
2	2a04:4e42:1b:... 2a04:4e42:1b::393	54113 (FASTLY) (FASTLY)
4	2606:4700::68... 2606:4700::6811:263c	13335 (CLOUDFLAR...) (CLOUDFLARENET)
8	2a00:1450:400... 2a00:1450:4001:801::2003	15169 (GOOGLE) (GOOGLE)
1	104.18.70.113 104.18.70.113	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	65.9.67.99 65.9.67.99	16509 (AMAZON-02) (AMAZON-02)
1	35.156.150.114 35.156.150.114	16509 (AMAZON-02) (AMAZON-02)
4	104.16.53.111 104.16.53.111	13335 (CLOUDFLAR...) (CLOUDFLARENET)
69	20

2 91.211.249.245 (Dronten, Netherlands) 1 redirects

ASN204601 (ON-LINE-DATA Server location - Netherlands, Dronten, NL)
PTR: chaniwy4.com

alabasta.club	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 34.95.111.202 (United States) 1 redirects

ASN15169 (GOOGLE, US)
PTR: 202.111.95.34.bc.googleusercontent.com

www.dandelionscent.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 35.190.91.50 (Mountain View, United States) 1 redirects

ASN15169 (GOOGLE, US)
PTR: 50.91.190.35.bc.googleusercontent.com

www.zotlk-2.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 159.65.121.218 (Frankfurt am Main, Germany) 1 redirects

ASN14061 (DIGITALOCEAN-ASN, US)
PTR: 321328.cloudwaysapps.com

keyaff.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 146.177.40.248 (United Kingdom) 1 redirects

ASN15395 (RACKSPACE-LON, GB)

media.luckydaysaffiliates.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

11 2606:4700::6810:af33 (United States)

ASN13335 (CLOUDFLARENET, US)

luckydays.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:806::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google-analytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 2a00:1450:4001:808::2008 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.googletagmanager.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 35.156.229.222 (Frankfurt am Main, Germany)

ASN16509 (AMAZON-02, US)
PTR: ec2-35-156-229-222.eu-central-1.compute.amazonaws.com

api.ipdata.co	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 37.157.6.242 (Denmark) 3 redirects

ASN198622 (ADFORM, DK)

track.adform.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 37.157.5.72 (Denmark)

ASN198622 (ADFORM, DK)

s2.adform.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 2a00:1450:4001:80b::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google-analytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 35.186.235.23 (Mountain View, United States)

ASN15169 (GOOGLE, US)
PTR: 23.235.186.35.bc.googleusercontent.com

cdn4.mxpnl.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2620:1ec:bdf::13 (United States)

ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US)

www.clarity.ms	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 130.211.34.183 (Mountain View, United States)

ASN15169 (GOOGLE, US)
PTR: 183.34.211.130.bc.googleusercontent.com

api-js.mixpanel.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 2a00:1450:4001:814::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

10 104.18.72.113 (United States)

ASN13335 (CLOUDFLARENET, US)

static.zdassets.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a04:4e42:1b::393 (Ascension Island)

ASN54113 (FASTLY, US)

res.cloudinary.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2606:4700::6811:263c (United States)

ASN13335 (CLOUDFLARENET, US)

wordpress.luckydays.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

8 2a00:1450:4001:801::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 104.18.70.113 (United States)

ASN13335 (CLOUDFLARENET, US)

ekr.zdassets.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 65.9.67.99 (Seattle, United States)

ASN16509 (AMAZON-02, US)

luckydays.regily.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 35.156.150.114 (Frankfurt am Main, Germany)

ASN16509 (AMAZON-02, US)
PTR: ec2-35-156-150-114.eu-central-1.compute.amazonaws.com

backoffice.regily.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 104.16.53.111 (United States)

ASN13335 (CLOUDFLARENET, US)

ragingrhino.zendesk.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
15	luckydays.com luckydays.com wordpress.luckydays.com	956 KB
11	zdassets.com static.zdassets.com ekr.zdassets.com	561 KB
8	gstatic.com fonts.gstatic.com	210 KB
6	adform.net 3 redirects track.adform.net s2.adform.net	31 KB
6	google-analytics.com www.google-analytics.com	72 KB
5	googleapis.com fonts.googleapis.com	3 KB
5	googletagmanager.com www.googletagmanager.com	112 KB
4	zendesk.com ragingrhino.zendesk.com	2 KB
4	clarity.ms www.clarity.ms	20 KB
2	regily.com luckydays.regily.com backoffice.regily.com	88 KB
2	cloudinary.com res.cloudinary.com	72 KB
2	alabasta.club 1 redirects alabasta.club	575 B
1	mixpanel.com api-js.mixpanel.com	326 B
1	mxpnl.com cdn4.mxpnl.com	28 KB
1	ipdata.co api.ipdata.co	274 B
1	luckydaysaffiliates.com 1 redirects media.luckydaysaffiliates.com	998 B
1	keyaff.com 1 redirects keyaff.com	254 B
1	zotlk-2.com 1 redirects www.zotlk-2.com	432 B
1	dandelionscent.com 1 redirects www.dandelionscent.com	407 B
69	19

	Domain	Requested by
11	luckydays.com	alabasta.club luckydays.com
10	static.zdassets.com	luckydays.com static.zdassets.com
8	fonts.gstatic.com	fonts.googleapis.com
6	www.google-analytics.com	luckydays.com www.google-analytics.com www.googletagmanager.com
5	fonts.googleapis.com	luckydays.com
5	track.adform.net	3 redirects
5	www.googletagmanager.com	alabasta.club www.googletagmanager.com
4	ragingrhino.zendesk.com	luckydays.com static.zdassets.com
4	wordpress.luckydays.com	luckydays.com
4	www.clarity.ms	alabasta.club www.clarity.ms luckydays.com
2	res.cloudinary.com
2	alabasta.club	1 redirects
1	backoffice.regily.com	luckydays.com
1	luckydays.regily.com	luckydays.com
1	ekr.zdassets.com	luckydays.com
1	api-js.mixpanel.com	luckydays.com
1	cdn4.mxpnl.com	alabasta.club
1	s2.adform.net
1	api.ipdata.co	luckydays.com
1	media.luckydaysaffiliates.com	1 redirects
1	keyaff.com	1 redirects
1	www.zotlk-2.com	1 redirects
1	www.dandelionscent.com	1 redirects
69	23

This site contains links to these domains. Also see Links.

Domain
luckydaysaffiliates.com
certificates.gamingcommission.ca
www.topirishcasinos.com

Subject Issuer	Validity	Valid
sni.cloudflaressl.com Cloudflare Inc ECC CA-3	`2020-07-09` - `2021-07-09`	a year	crt.sh
*.google-analytics.com GTS CA 1O1	`2021-01-05` - `2021-03-30`	3 months	crt.sh
*.ipdata.co Amazon	`2020-08-28` - `2021-09-28`	a year	crt.sh
track.adform.net DigiCert SHA2 Secure Server CA	`2019-09-16` - `2021-09-20`	2 years	crt.sh
*.mxpnl.com RapidSSL RSA CA 2018	`2019-07-29` - `2021-07-28`	2 years	crt.sh
www.clarity.ms DigiCert SHA2 Secure Server CA	`2020-09-03` - `2021-09-03`	a year	crt.sh
*.mixpanel.com GeoTrust RSA CA 2018	`2020-04-20` - `2022-04-21`	2 years	crt.sh
upload.video.google.com GTS CA 1O1	`2021-01-05` - `2021-03-30`	3 months	crt.sh
ssl911790.cloudflaressl.com COMODO ECC Domain Validation Secure Server CA 2	`2020-10-28` - `2021-05-06`	6 months	crt.sh
*.cloudinary.com Go Daddy Secure Certificate Authority - G2	`2020-05-27` - `2022-06-22`	2 years	crt.sh
*.gstatic.com GTS CA 1O1	`2021-01-05` - `2021-03-30`	3 months	crt.sh
*.regily.com Amazon	`2020-11-23` - `2021-12-22`	a year	crt.sh
ragingrhino.zendesk.com Cloudflare Inc ECC CA-3	`2020-07-08` - `2021-07-08`	a year	crt.sh

This page contains 2 frames:

Primary Page: https://luckydays.com/?btag=654554_487804734CFF4DD9B96039A33AA39CEB&clickid=9046914
Frame ID: ABC89ED1ED169EBA3593C2A5DEA7CCE1
Requests: 57 HTTP requests in this frame

Frame: https://static.zdassets.com/web_widget/latest/preload.6c0f96329dfe8c9a16e9.js
Frame ID: AEC358ECB998E4B21B3A6D3548C92C47
Requests: 12 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page URL History Show full URLs

http://alabasta.club/rd/c11657RFMJO15888150QmtQ15313gxo11111KWyy1875 Page URL
http://alabasta.club/track/c11657RFMJO15888150QmtQ15313gxo11111KWyy1875 HTTP 302
https://www.dandelionscent.com/WTK6NR/9QW51X7/?sub1=3&sub2=1875-11657&sub3=15888150-15313-11111 HTTP 302
https://www.zotlk-2.com/2CS2GG9XC/2MWNP7C/?sub1=93178abc71aa457a8cd6289037a2386b&sub2=570&sub3=3 HTTP 302
https://keyaff.com/l/?id=160675&ext_id=b7f2478716904ae89f90066837a6017f&ext_data=670434&ext_dat... HTTP 302
https://media.luckydaysaffiliates.com/redirect.aspx?pid=5650&bid=1476&clickid=9046914 HTTP 301
https://luckydays.com/?btag=654554_487804734CFF4DD9B96039A33AA39CEB&clickid=9046914 Page URL

Detected technologies

Google Analytics (Analytics) Expand

Overall confidence: 100%
Detected patterns

script /google-analytics\.com\/(?:ga|urchin|analytics)\.js/i

Page Statistics

69
Requests

99 %
HTTPS

38 %
IPv6

19
Domains

23
Subdomains

20
IPs

6
Countries

2153 kB
Transfer

10300 kB
Size

9
Cookies

3 Outgoing links

These are links going to different origins than the main page.

URL: https://luckydaysaffiliates.com/
Title: Affiliates

Search URL Search Domain Scan URL

URL: https://certificates.gamingcommission.ca/KGCCertificates.aspx?id=5b107231-1551-49c2-8396-71cd032fa9c0%27,%27BrandNameCertificates%27,%27location=0,status=0,scrollbars=1

Search URL Search Domain Scan URL

URL: https://www.topirishcasinos.com/

Search URL Search Domain Scan URL

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

http://alabasta.club/rd/c11657RFMJO15888150QmtQ15313gxo11111KWyy1875 Page URL
http://alabasta.club/track/c11657RFMJO15888150QmtQ15313gxo11111KWyy1875 HTTP 302
https://www.dandelionscent.com/WTK6NR/9QW51X7/?sub1=3&sub2=1875-11657&sub3=15888150-15313-11111 HTTP 302
https://www.zotlk-2.com/2CS2GG9XC/2MWNP7C/?sub1=93178abc71aa457a8cd6289037a2386b&sub2=570&sub3=3 HTTP 302
https://keyaff.com/l/?id=160675&ext_id=b7f2478716904ae89f90066837a6017f&ext_data=670434&ext_data2=93178abc71aa457a8cd6289037a2386b HTTP 302
https://media.luckydaysaffiliates.com/redirect.aspx?pid=5650&bid=1476&clickid=9046914 HTTP 301
https://luckydays.com/?btag=654554_487804734CFF4DD9B96039A33AA39CEB&clickid=9046914 Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 10

https://track.adform.net/serving/scripts/trackpoint/async/ HTTP 301
https://s2.adform.net/banners/scripts/st/trackpoint-async.js

Request Chain 40

https://track.adform.net/Serving/TrackPoint/?pm=2063764&ADFPageName=%2F&ADFdivider=%7C&ord=349923663356&Set1=en-US%7Cen-US%7C1600x1200%7C24&CPref=http%3A%2F%2Falabasta.club%2Frd%2Fc11657RFMJO15888150QmtQ15313gxo11111KWyy1875&ADFtpmode=2&itm=e30&loc=https%3A%2F%2Fluckydays.com%2Feu%3Fbtag%3D654554_487804734CFF4DD9B96039A33AA39CEB%26clickid%3D9046914 HTTP 302
https://track.adform.net/Serving/TrackPoint/?CC=1&pm=2063764&ADFPageName=%2F&ADFdivider=%7C&ord=349923663356&Set1=en-US%7Cen-US%7C1600x1200%7C24&CPref=http%3A%2F%2Falabasta.club%2Frd%2Fc11657RFMJO15888150QmtQ15313gxo11111KWyy1875&ADFtpmode=2&itm=e30&loc=https%3A%2F%2Fluckydays.com%2Feu%3Fbtag%3D654554_487804734CFF4DD9B96039A33AA39CEB%26clickid%3D9046914

Request Chain 41

https://track.adform.net/Serving/TrackPoint/?pm=2063764&ADFPageName=%2Feu&ADFdivider=%7C&ord=135272639212&Set1=en-US%7Cen-US%7C1600x1200%7C24&CPref=http%3A%2F%2Falabasta.club%2Frd%2Fc11657RFMJO15888150QmtQ15313gxo11111KWyy1875&ADFtpmode=2&itm=e30&loc=https%3A%2F%2Fluckydays.com%2Feu%3Fbtag%3D654554_487804734CFF4DD9B96039A33AA39CEB%26clickid%3D9046914 HTTP 302
https://track.adform.net/Serving/TrackPoint/?CC=1&pm=2063764&ADFPageName=%2Feu&ADFdivider=%7C&ord=135272639212&Set1=en-US%7Cen-US%7C1600x1200%7C24&CPref=http%3A%2F%2Falabasta.club%2Frd%2Fc11657RFMJO15888150QmtQ15313gxo11111KWyy1875&ADFtpmode=2&itm=e30&loc=https%3A%2F%2Fluckydays.com%2Feu%3Fbtag%3D654554_487804734CFF4DD9B96039A33AA39CEB%26clickid%3D9046914

69 HTTP transactions
0 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H/1.1 200
OK c11657RFMJO15888150QmtQ15313gxo11111KWyy1875 Show response
alabasta.club/rd/ 231 B
348 B 20ms
20ms Document
text/html 91.211.249.245
Netherlands

General

Check archive.org

Show headers Download Go to

Full URL: http://alabasta.club/rd/c11657RFMJO15888150QmtQ15313gxo11111KWyy1875
Protocol: HTTP/1.1
Server: 91.211.249.245 Dronten, Netherlands, ASN204601 (ON-LINE-DATA Server location - Netherlands, Dronten, NL),
Reverse DNS: chaniwy4.com
Software: /
Resource Hash: 713940c0f79d2d462a7848fde8ddd58d39be328f17d2b342ed5f0118a9e21420

Request headers

Host: alabasta.club
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Accept-Encoding: gzip, deflate
Accept-Language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Content-Type: text/html; charset=utf-8
Date: Sun, 24 Jan 2021 07:13:14 GMT
Content-Length: 231

GET
H2

200

Primary Request / Show response
luckydays.com/
Redirect Chain

http://alabasta.club/track/c11657RFMJO15888150QmtQ15313gxo11111KWyy1875
https://www.dandelionscent.com/WTK6NR/9QW51X7/?sub1=3&sub2=1875-11657&sub3=15888150-15313-11111
https://www.zotlk-2.com/2CS2GG9XC/2MWNP7C/?sub1=93178abc71aa457a8cd6289037a2386b&sub2=570&sub3=3
https://keyaff.com/l/?id=160675&ext_id=b7f2478716904ae89f90066837a6017f&ext_data=670434&ext_data2=93178abc71aa457a8cd6289037a2386b
https://media.luckydaysaffiliates.com/redirect.aspx?pid=5650&bid=1476&clickid=9046914
https://luckydays.com/?btag=654554_487804734CFF4DD9B96039A33AA39CEB&clickid=9046914

5 KB
3 KB

136ms
111ms

Document
text/html

2606:4700::6810:af33
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://luckydays.com/?btag=654554_487804734CFF4DD9B96039A33AA39CEB&clickid=9046914

Requested by

Host: alabasta.club
URL: http://alabasta.club/rd/c11657RFMJO15888150QmtQ15313gxo11111KWyy1875

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6810:af33 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare / Express

Resource Hash

dfa92f2be50ce49f7dd6e45f4f093a0d3c199b301435d612820ab198b05e35cb

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors *.regily.com https://freeluckydays.com https://luckydaysfree.com https://www.luckydaysfun.com;

Request headers

:method: GET
:authority: luckydays.com
:scheme: https
:path: /?btag=654554_487804734CFF4DD9B96039A33AA39CEB&clickid=9046914
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: document
referer: http://alabasta.club/rd/c11657RFMJO15888150QmtQ15313gxo11111KWyy1875
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Referer: http://alabasta.club/rd/c11657RFMJO15888150QmtQ15313gxo11111KWyy1875

Response headers

date: Sun, 24 Jan 2021 07:13:15 GMT
content-type: text/html; charset=UTF-8
set-cookie: __cfduid=dcc3309a1542923b036263b5f168d4b4a1611472395; expires=Tue, 23-Feb-21 07:13:15 GMT; path=/; domain=.luckydays.com; HttpOnly; SameSite=Lax; Secure __cf_bm=7aa741428e3d396b42feef66b47edf943baa63cb-1611472395-1800-AYLNaegRTN68PBTzHJq8G80NKzlymHvOvLqfJ6aXsNrF1dQtdggcw0vSH3jveU7vVC6aOIajVVnHkDR9nYzSCOk=; path=/; expires=Sun, 24-Jan-21 07:43:15 GMT; domain=.luckydays.com; HttpOnly; Secure; SameSite=None
x-powered-by: Express
cache-control: public, max-age=0
last-modified: Tue, 19 Jan 2021 15:22:52 GMT
vary: Accept-Encoding
access-control-allow-origin: *
content-security-policy: frame-ancestors *.regily.com https://freeluckydays.com https://luckydaysfree.com https://www.luckydaysfun.com;
cf-cache-status: MISS
cf-request-id: 07d4d6752d0000c2bd2587d000000001
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
server: cloudflare
cf-ray: 6167f3684860c2bd-FRA
content-encoding: gzip

Redirect headers

Cache-Control: private,no-cache, no-store
Pragma: no-cache
Content-Type: text/html
Location: https://luckydays.com?btag=654554_487804734CFF4DD9B96039A33AA39CEB&clickid=9046914
Server: Microsoft-IIS/10.0
P3P: CP="This is not a P3P policy! It is used to bypass IEs problematic handling of cookies"
X-AspNet-Version: 4.0.30319
Set-Cookie: NetRefer_CookieUniTrack_C=%5b%7b%22PID%22%3a5650%2c%22BID%22%3a1476%2c%22DateTimeStamp%22%3a%22%5c%2fDate(1611472395518)%5c%2f%22%2c%22CookieTag%22%3a%221476565076171212581C2021124713%22%7d%5d; SameSite=None;; domain=.luckydaysaffiliates.com; expires=Fri, 31-Dec-9999 23:59:59 GMT; path=/; secure NetReferSPS=%5b%7b%22StoreName%22%3a%22CurrentReferenceID%22%2c%22StoreValue%22%3a%2215433502%7c1%22%7d%5d; domain=.luckydaysaffiliates.com; expires=Mon, 24-Jan-3020 07:13:15 GMT; path=/; secure; SameSite=Strict
X-Powered-By: ASP.NET
Date: Sun, 24 Jan 2021 07:13:14 GMT
Connection: close
Content-Length: 0

GET
H2 200 2.764ccc25.chunk.css
luckydays.com/static/css/ 2 KB
954 B 37ms
36ms Stylesheet
text/css 2606:4700::6810:af33
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://luckydays.com/static/css/2.764ccc25.chunk.css

Requested by

Host: luckydays.com
URL: https://luckydays.com/?btag=654554_487804734CFF4DD9B96039A33AA39CEB&clickid=9046914

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6810:af33 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare / Express

Resource Hash

cf8cec965a7c6e32a3c6ad9da83b47d82355e60a5db1f0234bd4f2d3891ae566

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors *.regily.com https://freeluckydays.com https://luckydaysfree.com https://www.luckydaysfun.com;

Request headers

Referer: https://luckydays.com/?btag=654554_487804734CFF4DD9B96039A33AA39CEB&clickid=9046914
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Sun, 24 Jan 2021 07:13:15 GMT
content-encoding: gzip
cf-cache-status: HIT
age: 56855
x-powered-by: Express
content-length: 821
cf-request-id: 07d4d675ad0000c2bd25885000000001
last-modified: Tue, 19 Jan 2021 15:22:52 GMT
server: cloudflare
etag: W/"764-1771b3dd42f-gzip"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: text/css; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=0
content-security-policy: frame-ancestors *.regily.com https://freeluckydays.com https://luckydaysfree.com https://www.luckydaysfun.com;
accept-ranges: bytes
cf-ray: 6167f369198cc2bd-FRA

GET
H2 200 api.js Show response
luckydays.com/cdn-cgi/bm/cv/669835187/ 35 KB
9 KB 11ms
10ms Script
text/javascript 2606:4700::6810:af33
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://luckydays.com/cdn-cgi/bm/cv/669835187/api.js

Requested by

Host: luckydays.com
URL: https://luckydays.com/?btag=654554_487804734CFF4DD9B96039A33AA39CEB&clickid=9046914

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6810:af33 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

0d3118e306c6a26f1d2efcb698984e6922c5e7e155c94a84760e36e5592a3c11

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://luckydays.com/?btag=654554_487804734CFF4DD9B96039A33AA39CEB&clickid=9046914
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Sun, 24 Jan 2021 07:13:15 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: text/javascript
cache-control: max-age=604800, public
cf-ray: 6167f3691990c2bd-FRA
cf-request-id: 07d4d675ac0000c2bd6c980000000001

GET
H2 200 2.05dec4e0.chunk.js Show response
luckydays.com/static/js/ 4 MB
615 KB 25ms
24ms Script
application/javascript 2606:4700::6810:af33
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://luckydays.com/static/js/2.05dec4e0.chunk.js

Requested by

Host: luckydays.com
URL: https://luckydays.com/?btag=654554_487804734CFF4DD9B96039A33AA39CEB&clickid=9046914

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6810:af33 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare / Express

Resource Hash

0630a0ec1e6651f206b40da288be412189484542d6076be71e684f76c620022a

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors *.regily.com https://freeluckydays.com https://luckydaysfree.com https://www.luckydaysfun.com;

Request headers

Referer: https://luckydays.com/?btag=654554_487804734CFF4DD9B96039A33AA39CEB&clickid=9046914
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Sun, 24 Jan 2021 07:13:15 GMT
content-encoding: gzip
cf-cache-status: HIT
age: 56855
x-powered-by: Express
cf-request-id: 07d4d675ac0000c2bdab0de000000001
last-modified: Tue, 19 Jan 2021 15:22:57 GMT
server: cloudflare
etag: W/"3d0953-1771b3de4cb-gzip"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=0
content-security-policy: frame-ancestors *.regily.com https://freeluckydays.com https://luckydaysfree.com https://www.luckydaysfun.com;
cf-ray: 6167f369198dc2bd-FRA

GET
H2 200 main.a0b01997.chunk.js Show response
luckydays.com/static/js/ 902 KB
187 KB 18ms
18ms Script
application/javascript 2606:4700::6810:af33
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://luckydays.com/static/js/main.a0b01997.chunk.js

Requested by

Host: luckydays.com
URL: https://luckydays.com/?btag=654554_487804734CFF4DD9B96039A33AA39CEB&clickid=9046914

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6810:af33 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare / Express

Resource Hash

14f0d7c8048540a48d9348d3d447cba12e6c13445bb372fb6bd54fe732f72af6

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors *.regily.com https://freeluckydays.com https://luckydaysfree.com https://www.luckydaysfun.com;

Request headers

Referer: https://luckydays.com/?btag=654554_487804734CFF4DD9B96039A33AA39CEB&clickid=9046914
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Sun, 24 Jan 2021 07:13:15 GMT
content-encoding: gzip
cf-cache-status: HIT
age: 56855
x-powered-by: Express
cf-request-id: 07d4d675ac0000c2bda70ba000000001
last-modified: Tue, 19 Jan 2021 15:22:53 GMT
server: cloudflare
etag: W/"e1691-1771b3dd61b-gzip"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=0
content-security-policy: frame-ancestors *.regily.com https://freeluckydays.com https://luckydaysfree.com https://www.luckydaysfun.com;
cf-ray: 6167f369198fc2bd-FRA

GET
H2 200 analytics.js Show response
www.google-analytics.com/ 46 KB
18 KB 6ms
5ms Script
text/javascript 2a00:1450:4001:806::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/analytics.js

Requested by

Host: luckydays.com
URL: https://luckydays.com/static/js/2.05dec4e0.chunk.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:806::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

e441c3e2771625ba05630ab464275136a82c99650ee2145ca5aa9853bedeb01b

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://luckydays.com/?btag=654554_487804734CFF4DD9B96039A33AA39CEB&clickid=9046914
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

strict-transport-security: max-age=10886400; includeSubDomains; preload
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Fri, 23 Oct 2020 03:00:57 GMT
server: Golfe2
age: 6825
date: Sun, 24 Jan 2021 05:19:31 GMT
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=7200
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 18817
expires: Sun, 24 Jan 2021 07:19:31 GMT

GET
H2 200 gtm.js Show response
www.googletagmanager.com/ 235 KB
58 KB 15ms
14ms Script
application/javascript 2a00:1450:4001:808::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtm.js?id=GTM-WPM3ZX3&gtm_auth=&gtm_preview=&gtm_cookies_win=x

Requested by

Host: alabasta.club
URL: http://alabasta.club/rd/c11657RFMJO15888150QmtQ15313gxo11111KWyy1875

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:808::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

c1ecb4d324e9cba7eddb7ed7577ae81b25566a456c7a1975528a845f88ffa2ae

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

Referer: https://luckydays.com/?btag=654554_487804734CFF4DD9B96039A33AA39CEB&clickid=9046914
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Sun, 24 Jan 2021 07:13:16 GMT
content-encoding: br
vary: Accept-Encoding
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 59531
x-xss-protection: 0
last-modified: Sun, 24 Jan 2021 06:00:00 GMT
server: Google Tag Manager
strict-transport-security: max-age=31536000; includeSubDomains
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
expires: Sun, 24 Jan 2021 07:13:16 GMT

GET
H2 200 / Show response
api.ipdata.co/ 53 B
274 B 153ms
104ms XHR
application/json 35.156.229.222
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://api.ipdata.co/?api-key=c49debeeaab2ec4b9e1eab8e08091f249baa46136236915ebb10a3fb&fields=country_code,city
Requested by: Host: luckydays.com
URL: https://luckydays.com/static/js/2.05dec4e0.chunk.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 35.156.229.222 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-35-156-229-222.eu-central-1.compute.amazonaws.com
Software: /
Resource Hash: 60700545ae73e4aa6b89d5571c54c102dfd2960f347904cf2b1eca76f64715b3

Request headers

Accept: application/json, text/plain, */*
Referer: https://luckydays.com/?btag=654554_487804734CFF4DD9B96039A33AA39CEB&clickid=9046914
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

access-control-allow-origin: *
date: Sun, 24 Jan 2021 07:13:16 GMT
x-amzn-requestid: c97aaec2-d51e-482a-8ac2-0f851ac7dccf
x-amz-apigw-id: ZpGh7HcNliAFlTw=
x-amzn-trace-id: Root=1-600d1e0c-153f0620510768371698246e;Sampled=0
content-length: 53
content-type: application/json; charset=utf-8

POST
H2 204 result Show response
luckydays.com/cdn-cgi/bm/cv/ 0
364 B 14ms
14ms XHR
text/plain 2606:4700::6810:af33
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://luckydays.com/cdn-cgi/bm/cv/result?req_id=6167f3684860c2bd
Requested by: Host: luckydays.com
URL: https://luckydays.com/static/js/2.05dec4e0.chunk.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6810:af33 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://luckydays.com/?btag=654554_487804734CFF4DD9B96039A33AA39CEB&clickid=9046914
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Content-Type: application/json

Response headers

date: Sun, 24 Jan 2021 07:13:16 GMT
vary: Accept-Encoding
server: cloudflare
cf-ray: 6167f36cae7ac2bd-FRA
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
cf-request-id: 07d4d677e80000c2bd5b3fb000000001

GET
H3-Q050 200 js Show response
www.googletagmanager.com/gtag/ 148 KB
53 KB 44ms
30ms Script
application/javascript 2a00:1450:4001:808::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=G-P1Y72HZSVZ&l=dataLayer&cx=c

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-WPM3ZX3&gtm_auth=&gtm_preview=&gtm_cookies_win=x

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:808::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

771fc0e004d743142c86465f8bcdde5d5e1746c34eeb8993c727d09ca5e80eb5

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

Referer: https://luckydays.com/?btag=654554_487804734CFF4DD9B96039A33AA39CEB&clickid=9046914
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Sun, 24 Jan 2021 07:13:16 GMT
content-encoding: br
server: Google Tag Manager
access-control-allow-headers: Cache-Control
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
strict-transport-security: max-age=31536000; includeSubDomains
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 53953
x-xss-protection: 0
expires: Sun, 24 Jan 2021 07:13:16 GMT

GET
H2

200

trackpoint-async.js Show response
s2.adform.net/banners/scripts/st/
Redirect Chain

https://track.adform.net/serving/scripts/trackpoint/async/
https://s2.adform.net/banners/scripts/st/trackpoint-async.js

79 KB
28 KB

92ms
30ms

Script
application/x-javascript

37.157.5.72
ADFORM

General

Check archive.org

Show headers Download Go to

Full URL: https://s2.adform.net/banners/scripts/st/trackpoint-async.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 37.157.5.72 , Denmark, ASN198622 (ADFORM, DK),
Reverse DNS
Software: nginx /
Resource Hash: c17943e3ecbfcec3d49fba06ddebaf15da8b802cbf6c8b91cb3c5c7262464fe2

Request headers

Referer: https://luckydays.com/?btag=654554_487804734CFF4DD9B96039A33AA39CEB&clickid=9046914
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Sun, 24 Jan 2021 07:13:16 GMT
content-encoding: gzip
last-modified: Mon, 18 Jan 2021 11:55:12 GMT
server: nginx
etag: W/"60057720-13dce"
x-cache-status: HIT
p3p: CP="NOI DSP COR NID CURa ADMa DEVa TAIa PSAa PSDa OUR LEG NAV INT"
access-control-allow-origin: *
cache-control: public, max-age=604800
content-type: application/x-javascript

Redirect headers

location: https://s2.adform.net/banners/scripts/st/trackpoint-async.js
date: Sun, 24 Jan 2021 07:13:16 GMT
server: nginx
strict-transport-security: max-age=31536000; includeSubDomains
content-type: text/html

GET
H3-Q050 200 js Show response
www.google-analytics.com/gtm/ 90 KB
35 KB 70ms
53ms Script
application/javascript 2a00:1450:4001:80b::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/gtm/js?id=OPT-M2RM644&t=gtm2&cid=1084766269.1611472396

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80b::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

8c8621dbfa0838205e3be1459ccd87ff3dbd6e87a7426ce2c14f2c31b0c0f05e

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

Referer: https://luckydays.com/?btag=654554_487804734CFF4DD9B96039A33AA39CEB&clickid=9046914
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Sun, 24 Jan 2021 07:13:16 GMT
content-encoding: br
server: Google Tag Manager
access-control-allow-headers: Cache-Control
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
strict-transport-security: max-age=31536000; includeSubDomains
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 35330
x-xss-protection: 0
expires: Sun, 24 Jan 2021 07:13:16 GMT

GET
H3-Q050 200 analytics.js Show response
www.google-analytics.com/ 46 KB
19 KB 57ms
40ms Script
text/javascript 2a00:1450:4001:80b::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/analytics.js

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-WPM3ZX3&gtm_auth=&gtm_preview=&gtm_cookies_win=x

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80b::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

e441c3e2771625ba05630ab464275136a82c99650ee2145ca5aa9853bedeb01b

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://luckydays.com/?btag=654554_487804734CFF4DD9B96039A33AA39CEB&clickid=9046914
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

strict-transport-security: max-age=10886400; includeSubDomains; preload
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Fri, 23 Oct 2020 03:00:57 GMT
server: Golfe2
age: 6825
date: Sun, 24 Jan 2021 05:19:31 GMT
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=7200
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 18817
expires: Sun, 24 Jan 2021 07:19:31 GMT

GET
H2 200 mixpanel-2-latest.min.js Show response
cdn4.mxpnl.com/libs/ 81 KB
28 KB 56ms
17ms Script
text/javascript 35.186.235.23
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn4.mxpnl.com/libs/mixpanel-2-latest.min.js
Requested by: Host: alabasta.club
URL: http://alabasta.club/rd/c11657RFMJO15888150QmtQ15313gxo11111KWyy1875
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 35.186.235.23 Mountain View, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 23.235.186.35.bc.googleusercontent.com
Software: UploadServer /
Resource Hash: c4047031aa5b3f4bdc06aef178a89bc6331c10c408a4af6858dd1fac8c584a14

Request headers

Referer: https://luckydays.com/?btag=654554_487804734CFF4DD9B96039A33AA39CEB&clickid=9046914
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Sun, 24 Jan 2021 07:06:21 GMT
content-encoding: gzip
age: 415
x-guploader-uploadid: ABg5-UwRBb1jTIsYUEwFEJzOBuocKWi6WZ6c6dbwNqACmSHaVUBKLXelBxkRQjZsA1_2gpwE4YGx4SQQtE2mlgdFBJg
x-goog-storage-class: MULTI_REGIONAL
x-goog-metageneration: 2
x-goog-stored-content-encoding: gzip
alt-svc: clear
content-length: 27813
last-modified: Wed, 20 Jan 2021 00:40:25 GMT
server: UploadServer
etag: "efeb9e188180f11c776203ada5b8101d"
vary: Accept-Encoding
x-goog-hash: crc32c=l4o+yg==, md5=7+ueGIGA8Rx3YgOtpbgQHQ==
x-goog-generation: 1611103225280731
access-control-allow-origin: *
cache-control: public,max-age=600
x-goog-stored-content-length: 27813
accept-ranges: bytes
content-type: text/javascript
expires: Sun, 24 Jan 2021 07:16:21 GMT

GET
H2 200 49cy4bmqk6 Show response
www.clarity.ms/tag/ 397 B
799 B 117ms
99ms Script
application/x-javascript 2620:1ec:bdf::13
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL: https://www.clarity.ms/tag/49cy4bmqk6
Requested by: Host: alabasta.club
URL: http://alabasta.club/rd/c11657RFMJO15888150QmtQ15313gxo11111KWyy1875
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2620:1ec:bdf::13 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: / ASP.NET
Resource Hash: 047ae40135be16e65990535f7dd8bbfdeb2ef55446fdd317b00db295ca885c5c

Request headers

Referer: https://luckydays.com/?btag=654554_487804734CFF4DD9B96039A33AA39CEB&clickid=9046914
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Sun, 24 Jan 2021 07:13:15 GMT
content-encoding: gzip
x-powered-by: ASP.NET
vary: Accept-Encoding
content-type: application/x-javascript
cache-control: no-cache, no-store
x-azure-ref: 0DB4NYAAAAAAWXwTghwx9QpXE/hF3nmrFRlJBRURHRTEwMjEANmNmYmVlZTAtNTAyNy00ODRiLTg5NjctNGEyOWFmNzdmMWUx
request-context: appId=cid-v1:2f7711a9-b21e-4abe-a9d6-5b0ce5d18b64
expires: -1

GET
H3-Q050 204 a
www.googletagmanager.com/ 0
318 B 32ms
28ms Image
image/gif 2a00:1450:4001:808::2008
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.googletagmanager.com/a?id=GTM-WPM3ZX3&cv=65&v=3&t=t&pid=1312800139&rv=1d0&es=1&e=gtm.js&eid=1&tc=136&tr=1gaawc.1cvt.1opt.1hl.1evl.1html.5html.1html.5html&ti=1gaawc.2cvt.1opt.1hl.1evl.1html.1html.1html.1html&z=0

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:808::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Referer: https://luckydays.com/?btag=654554_487804734CFF4DD9B96039A33AA39CEB&clickid=9046914
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 24 Jan 2021 07:13:16 GMT
server: Google Tag Manager
vary: *
content-type: image/gif
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3-Q050 204 a
www.googletagmanager.com/ 0
21 B 32ms
29ms Image
image/gif 2a00:1450:4001:808::2008
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.googletagmanager.com/a?id=GTM-WPM3ZX3&cv=65&v=3&t=t&pid=1312800139&rv=1d0&es=1&e=gtm.dom&eid=4&tc=136&z=0

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:808::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Referer: https://luckydays.com/?btag=654554_487804734CFF4DD9B96039A33AA39CEB&clickid=9046914
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 24 Jan 2021 07:13:16 GMT
server: Google Tag Manager
vary: *
content-type: image/gif
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H3-Q050 204 collect
www.google-analytics.com/g/ 0
110 B 13ms
13ms Other
text/plain 2a00:1450:4001:80b::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://www.google-analytics.com/g/collect?v=2&tid=G-P1Y72HZSVZ&gtm=2oe1d0&_p=1081240275&sr=1600x1200&ul=en-us&cid=1084766269.1611472396&_s=1&dl=https%3A%2F%2Fluckydays.com%2F%3Fbtag%3D654554_487804734CFF4DD9B96039A33AA39CEB%26clickid%3D9046914&dr=http%3A%2F%2Falabasta.club%2Frd%2Fc11657RFMJO15888150QmtQ15313gxo11111KWyy1875&dt=Lucky%20Days%20Casino&sid=1611472396&sct=1&seg=0&en=page_view&_fv=1&_ss=1
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-P1Y72HZSVZ&l=dataLayer&cx=c
Protocol: H3-Q050
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:80b::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://luckydays.com/?btag=654554_487804734CFF4DD9B96039A33AA39CEB&clickid=9046914
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

pragma: no-cache
date: Sun, 24 Jan 2021 07:13:16 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://luckydays.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 / Show response
api-js.mixpanel.com/decide/ 65 B
326 B 61ms
25ms XHR
application/json 130.211.34.183
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://api-js.mixpanel.com/decide/?verbose=1&version=1&lib=web&token=2ad6de59c6ce23e0bda0f1da251fc06f&ip=1&_=1611472396360
Requested by: Host: luckydays.com
URL: https://luckydays.com/static/js/2.05dec4e0.chunk.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 130.211.34.183 Mountain View, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 183.34.211.130.bc.googleusercontent.com
Software: gunicorn/19.9.0 /
Resource Hash: 5fcb16854bcf34558fc9100ea313b2f61a3394ca23e65719553f09c902b2476e

Request headers

Referer: https://luckydays.com/?btag=654554_487804734CFF4DD9B96039A33AA39CEB&clickid=9046914
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Sun, 24 Jan 2021 07:13:16 GMT
via: 1.1 google
server: gunicorn/19.9.0
access-control-allow-headers: X-Requested-With
access-control-max-age: 1728000
access-control-allow-methods: GET, POST, OPTIONS
content-type: application/json
access-control-allow-origin: https://luckydays.com
cache-control: no-cache, no-store
access-control-allow-credentials: true
alt-svc: clear

GET
H2 200 css
fonts.googleapis.com/ 3 KB
544 B 15ms
14ms Stylesheet
text/css 2a00:1450:4001:814::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Karla:400,400i,700,700i&display=swap

Requested by

Host: luckydays.com
URL: https://luckydays.com/eu?btag=654554_487804734CFF4DD9B96039A33AA39CEB&clickid=9046914

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:814::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

e2a6287a9cce5ae497d0bab3d1a7f4c8aa09499870f50e64534d70af4eec93cb

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Referer: https://luckydays.com/eu?btag=654554_487804734CFF4DD9B96039A33AA39CEB&clickid=9046914
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 0
last-modified: Sun, 24 Jan 2021 07:07:20 GMT
server: ESF
date: Sun, 24 Jan 2021 07:13:16 GMT
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Sun, 24 Jan 2021 07:13:16 GMT

POST
H3-Q050 200 collect Show response
www.google-analytics.com/j/ 2 B
50 B 14ms
14ms XHR
text/plain 2a00:1450:4001:80b::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/j/collect?v=1&_v=j87&a=1081240275&t=pageview&_s=1&dl=https%3A%2F%2Fluckydays.com%2F%3Fbtag%3D654554_487804734CFF4DD9B96039A33AA39CEB%26clickid%3D9046914&dr=http%3A%2F%2Falabasta.club%2Frd%2Fc11657RFMJO15888150QmtQ15313gxo11111KWyy1875&dp=%2Feu%3Fbtag%3D654554_487804734CFF4DD9B96039A33AA39CEB%26clickid%3D9046914&ul=en-us&de=UTF-8&dt=Lucky%20Days%20Casino&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=aGDAAEADQAAAAC~&jid=1284105544&gjid=57588197&cid=1084766269.1611472396&tid=UA-136444843-1&_gid=1763588514.1611472396&_r=1&_slc=1&z=2089406589

Requested by

Host: luckydays.com
URL: https://luckydays.com/static/js/2.05dec4e0.chunk.js

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80b::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

a048e640908046be06e00eab37742b5d5ff80964af58cfd22f7cb2de4dfe375f

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://luckydays.com/eu?btag=654554_487804734CFF4DD9B96039A33AA39CEB&clickid=9046914
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Sun, 24 Jan 2021 07:13:16 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://luckydays.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 2
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 snippet.js Show response
static.zdassets.com/ekr/ 24 KB
7 KB 66ms
27ms Script
application/javascript 104.18.72.113
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://static.zdassets.com/ekr/snippet.js?key=9b6ea48b-701b-41a2-b06b-646c7c77167c

Requested by

Host: luckydays.com
URL: https://luckydays.com/static/js/2.05dec4e0.chunk.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.18.72.113 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

eb4b7a1be5f80c37ac74daa6f20b193b24414f23da856ad2560a0053e65a2cb7

Security Headers

Name	Value
Strict-Transport-Security	max-age=0

Request headers

Referer: https://luckydays.com/eu?btag=654554_487804734CFF4DD9B96039A33AA39CEB&clickid=9046914
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Sun, 24 Jan 2021 07:13:16 GMT
content-encoding: br
cf-cache-status: HIT
age: 8
x-amz-server-side-encryption: AES256
x-amz-replication-status: COMPLETED
strict-transport-security: max-age=0
x-amz-request-id: A4D8BC14C56D25DD
x-amz-id-2: k/m0HPmaYAg6JMi7PbrhPuGWXV1+D3ip5MRLQLftFvnPiX1rX9DxWIV+7RYlgLlj4VB4g+F6bVI=
last-modified: Tue, 10 Mar 2020 23:13:51 GMT
server: cloudflare
etag: W/"f47f1934dec578b3ec2daacb7e61d9c9"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: application/javascript
cache-control: public, max-age=3600, s-maxage=60
x-amz-version-id: QzcBmfzwuCnSPtNhWyKUV.rVnAqAKY6a
cf-request-id: 07d4d678ed00004c3ecc054000000001
cf-ray: 6167f36e4f5b4c3e-AMS

GET
H2 200 luckydays-beach
res.cloudinary.com/luckydays/image/upload/c_fill,e_brightness_hsb:-50,f_auto,g_south_east,h_900,w_1440/ 54 KB
54 KB 23ms
8ms Image
image/webp 2a04:4e42:1b::393
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://res.cloudinary.com/luckydays/image/upload/c_fill,e_brightness_hsb:-50,f_auto,g_south_east,h_900,w_1440/luckydays-beach

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a04:4e42:1b::393 , Ascension Island, ASN54113 (FASTLY, US),

Reverse DNS

Software

Cloudinary /

Resource Hash

aee389d4ce5384ee0298501cedfdb734616d050054778748702d969c02ee9235

Security Headers

Name	Value
Strict-Transport-Security	max-age=604800
X-Content-Type-Options	nosniff

Request headers

Referer: https://luckydays.com/eu?btag=654554_487804734CFF4DD9B96039A33AA39CEB&clickid=9046914
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Sun, 24 Jan 2021 07:13:16 GMT
x-content-type-options: nosniff
content-disposition: inline; filename="luckydays-beach.webp"
server-timing: fastly;dur=2;cpu=1;start=2021-01-24T07:13:16.521Z;desc=hit,rtt;dur=5
vary: Accept,User-Agent
content-length: 55150
last-modified: Tue, 24 Sep 2019 13:15:49 GMT
server: Cloudinary
etag: "8532ab4070c70a39cc7429df56b206c0"
strict-transport-security: max-age=604800
content-type: image/webp
access-control-allow-origin: *
access-control-expose-headers: Content-Length,Content-Disposition,ETag,Server-Timing,Vary,X-Content-Type-Options
cache-control: private, no-transform, immutable, max-age=2592000
accept-ranges: bytes
timing-allow-origin: *

POST
H2 200 games Show response
luckydays.com/api/ 2 MB
125 KB 474ms
473ms XHR
application/json 2606:4700::6810:af33
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://luckydays.com/api/games

Requested by

Host: luckydays.com
URL: https://luckydays.com/static/js/2.05dec4e0.chunk.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6810:af33 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare / Express

Resource Hash

d14a3aed75149b90d915e831793a02d1167f07dc5cf23e9070dbccea2adaeb26

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors *.regily.com https://freeluckydays.com https://luckydaysfree.com https://www.luckydaysfun.com;

Request headers

Accept: application/json, text/plain, */*
Referer: https://luckydays.com/eu?btag=654554_487804734CFF4DD9B96039A33AA39CEB&clickid=9046914
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Content-Type: application/json;charset=UTF-8

Response headers

date: Sun, 24 Jan 2021 07:13:16 GMT
content-encoding: gzip
etag: W/"19f6f8-TbFKSCYkQ3NBdAjH41wjnx+MI2g"
cf-cache-status: DYNAMIC
server: cloudflare
x-powered-by: Express
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
content-type: application/json; charset=utf-8
access-control-allow-origin: *
content-security-policy: frame-ancestors *.regily.com https://freeluckydays.com https://luckydaysfree.com https://www.luckydaysfun.com;
cf-ray: 6167f36e287cc2bd-FRA
cf-request-id: 07d4d678db0000c2bd68a44000000001

GET
H2 200 manual_bonuses Show response
wordpress.luckydays.com/eu/wp-json/luckydays/v1/ 51 KB
5 KB 243ms
211ms XHR
application/json 2606:4700::6811:263c
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://wordpress.luckydays.com/eu/wp-json/luckydays/v1/manual_bonuses

Requested by

Host: luckydays.com
URL: https://luckydays.com/static/js/2.05dec4e0.chunk.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6811:263c , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

804af9c7b0a62a261183416635ff4a48726315348fcb811e81d860a83cf681cf

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Accept: application/json, text/plain, */*
Referer: https://luckydays.com/eu?btag=654554_487804734CFF4DD9B96039A33AA39CEB&clickid=9046914
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Sun, 24 Jan 2021 07:13:16 GMT
content-encoding: gzip
x-content-type-options: nosniff
cf-cache-status: DYNAMIC
vary: Origin
cf-request-id: 07d4d678fa0000d7117488d000000001
link: <https://wordpress.luckydays.com/eu/wp-json/>; rel="https://api.w.org/"
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
allow: GET
access-control-allow-methods: OPTIONS, GET, POST, PUT, PATCH, DELETE
content-type: application/json; charset=UTF-8
access-control-allow-origin: https://luckydays.com
access-control-expose-headers: X-WP-Total, X-WP-TotalPages
x-robots-tag: noindex
access-control-allow-credentials: true
cf-ray: 6167f36e5ed6d711-FRA
access-control-allow-headers: Authorization, Content-Type

GET
H2 200 header_message Show response
wordpress.luckydays.com/eu/wp-json/luckydays/v1/ 18 B
327 B 181ms
150ms XHR
application/json 2606:4700::6811:263c
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://wordpress.luckydays.com/eu/wp-json/luckydays/v1/header_message

Requested by

Host: luckydays.com
URL: https://luckydays.com/static/js/2.05dec4e0.chunk.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6811:263c , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

d47fc4ba813707c653d43ba01e1291ef09e1c412957d3b8cb05988b251d23bfd

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Accept: application/json, text/plain, */*
Referer: https://luckydays.com/eu?btag=654554_487804734CFF4DD9B96039A33AA39CEB&clickid=9046914
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Sun, 24 Jan 2021 07:13:16 GMT
content-encoding: gzip
x-content-type-options: nosniff
cf-cache-status: DYNAMIC
vary: Origin
cf-request-id: 07d4d678fc0000d711c2b80000000001
link: <https://wordpress.luckydays.com/eu/wp-json/>; rel="https://api.w.org/"
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
allow: GET
access-control-allow-methods: OPTIONS, GET, POST, PUT, PATCH, DELETE
content-type: application/json; charset=UTF-8
access-control-allow-origin: https://luckydays.com
access-control-expose-headers: X-WP-Total, X-WP-TotalPages
x-robots-tag: noindex
access-control-allow-credentials: true
cf-ray: 6167f36e5ed9d711-FRA
access-control-allow-headers: Authorization, Content-Type

GET
H2 200 regily Show response
wordpress.luckydays.com/eu/wp-json/luckydays/v1/ 63 B
951 B 172ms
141ms XHR
application/json 2606:4700::6811:263c
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://wordpress.luckydays.com/eu/wp-json/luckydays/v1/regily

Requested by

Host: luckydays.com
URL: https://luckydays.com/static/js/2.05dec4e0.chunk.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6811:263c , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

8033ae94f15503911c8fa1ead6119e1528dc5c9eb35bb9bf3df5635f9f2fb275

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Accept: application/json, text/plain, */*
Referer: https://luckydays.com/eu?btag=654554_487804734CFF4DD9B96039A33AA39CEB&clickid=9046914
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Sun, 24 Jan 2021 07:13:16 GMT
content-encoding: gzip
x-content-type-options: nosniff
cf-cache-status: DYNAMIC
vary: Origin
cf-request-id: 07d4d678fb0000d7118f227000000001
link: <https://wordpress.luckydays.com/eu/wp-json/>; rel="https://api.w.org/"
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
allow: GET
access-control-allow-methods: OPTIONS, GET, POST, PUT, PATCH, DELETE
content-type: application/json; charset=UTF-8
access-control-allow-origin: https://luckydays.com
access-control-expose-headers: X-WP-Total, X-WP-TotalPages
x-robots-tag: noindex
access-control-allow-credentials: true
cf-ray: 6167f36e5edcd711-FRA
access-control-allow-headers: Authorization, Content-Type

POST
H2 200 jackpots Show response
luckydays.com/api/games/ 19 KB
2 KB 94ms
93ms XHR
application/json 2606:4700::6810:af33
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://luckydays.com/api/games/jackpots

Requested by

Host: luckydays.com
URL: https://luckydays.com/static/js/2.05dec4e0.chunk.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6810:af33 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare / Express

Resource Hash

b03b611a9aab582f165db3124ababd3dbe331aad88d6c6d6a993553d3a955c95

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors *.regily.com https://freeluckydays.com https://luckydaysfree.com https://www.luckydaysfun.com;

Request headers

Accept: application/json, text/plain, */*
Referer: https://luckydays.com/eu?btag=654554_487804734CFF4DD9B96039A33AA39CEB&clickid=9046914
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Content-Type: application/json;charset=UTF-8

Response headers

date: Sun, 24 Jan 2021 07:13:16 GMT
content-encoding: gzip
etag: W/"4c9a-bdPd3Cv4bo2T1P6PKyUyKqoABAk"
cf-cache-status: DYNAMIC
server: cloudflare
x-powered-by: Express
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
content-type: application/json; charset=utf-8
access-control-allow-origin: *
content-security-policy: frame-ancestors *.regily.com https://freeluckydays.com https://luckydaysfree.com https://www.luckydaysfun.com;
cf-ray: 6167f36e287ec2bd-FRA
cf-request-id: 07d4d678dc0000c2bd9c97f000000001

GET
H2 200 bonus_intro Show response
wordpress.luckydays.com/eu/wp-json/luckydays/v1/ 890 B
682 B 206ms
176ms XHR
application/json 2606:4700::6811:263c
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://wordpress.luckydays.com/eu/wp-json/luckydays/v1/bonus_intro

Requested by

Host: luckydays.com
URL: https://luckydays.com/static/js/2.05dec4e0.chunk.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6811:263c , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

8c07686bbc2dedc88c70ea19ee2f2afb3a20547645fb1bfa91492d6c6b1cc0fa

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Accept: application/json, text/plain, */*
Referer: https://luckydays.com/eu?btag=654554_487804734CFF4DD9B96039A33AA39CEB&clickid=9046914
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Sun, 24 Jan 2021 07:13:16 GMT
content-encoding: gzip
x-content-type-options: nosniff
cf-cache-status: DYNAMIC
vary: Origin
cf-request-id: 07d4d678fb0000d711949ed000000001
link: <https://wordpress.luckydays.com/eu/wp-json/>; rel="https://api.w.org/"
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
allow: GET
access-control-allow-methods: OPTIONS, GET, POST, PUT, PATCH, DELETE
content-type: application/json; charset=UTF-8
access-control-allow-origin: https://luckydays.com
access-control-expose-headers: X-WP-Total, X-WP-TotalPages
x-robots-tag: noindex
access-control-allow-credentials: true
cf-ray: 6167f36e5eded711-FRA
access-control-allow-headers: Authorization, Content-Type

GET
H2 200 sitting-cat
res.cloudinary.com/luckydays/image/upload/c_fill,f_auto,w_400/ 17 KB
18 KB 19ms
7ms Image
image/webp 2a04:4e42:1b::393
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://res.cloudinary.com/luckydays/image/upload/c_fill,f_auto,w_400/sitting-cat

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a04:4e42:1b::393 , Ascension Island, ASN54113 (FASTLY, US),

Reverse DNS

Software

Cloudinary /

Resource Hash

418d81118c8709fc69dfa3699ba161cf5b67fa335385f750f5af773e676e6ffd

Security Headers

Name	Value
Strict-Transport-Security	max-age=604800
X-Content-Type-Options	nosniff

Request headers

Referer: https://luckydays.com/eu?btag=654554_487804734CFF4DD9B96039A33AA39CEB&clickid=9046914
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Sun, 24 Jan 2021 07:13:16 GMT
x-content-type-options: nosniff
content-disposition: inline; filename="sitting-cat.webp"
server-timing: fastly;dur=1;start=2021-01-24T07:13:16.521Z;desc=hit,rtt;dur=5
vary: Accept,User-Agent
content-length: 17776
last-modified: Thu, 12 Sep 2019 16:51:08 GMT
server: Cloudinary
etag: "dcc67415e4f1dff78ace78f0ea5dfff7"
strict-transport-security: max-age=604800
content-type: image/webp
access-control-allow-origin: *
access-control-expose-headers: Content-Length,Content-Disposition,ETag,Server-Timing,Vary,X-Content-Type-Options
cache-control: private, no-transform, immutable, max-age=2592000
accept-ranges: bytes
timing-allow-origin: *

GET
H2 200 qkBbXvYC6trAT7RVLtyU5rZP.woff2
fonts.gstatic.com/s/karla/v14/ 26 KB
26 KB 6ms
5ms Font
font/woff2 2a00:1450:4001:801::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/karla/v14/qkBbXvYC6trAT7RVLtyU5rZP.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Karla:400,400i,700,700i&display=swap

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:801::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

d4264619500235dca70807deaea7befa589175ebe0b0b125d3c2d6a0e5302826

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Origin: https://luckydays.com
Referer: https://fonts.googleapis.com/css?family=Karla:400,400i,700,700i&display=swap
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Fri, 22 Jan 2021 06:09:48 GMT
x-content-type-options: nosniff
last-modified: Fri, 20 Nov 2020 01:16:53 GMT
server: sffe
age: 176608
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 26368
x-xss-protection: 0
expires: Sat, 22 Jan 2022 06:09:48 GMT

GET
H2 200 qkBbXvYC6trAT7RVLtyU5rZP.woff2
fonts.gstatic.com/s/karla/v14/ 26 KB
26 KB 5ms
5ms Font
font/woff2 2a00:1450:4001:801::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/karla/v14/qkBbXvYC6trAT7RVLtyU5rZP.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Karla:400,400i,700,700i&display=swap

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:801::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

d4264619500235dca70807deaea7befa589175ebe0b0b125d3c2d6a0e5302826

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Origin: https://luckydays.com
Referer: https://fonts.googleapis.com/css?family=Karla:400,400i,700,700i&display=swap
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Fri, 22 Jan 2021 06:09:48 GMT
x-content-type-options: nosniff
last-modified: Fri, 20 Nov 2020 01:16:53 GMT
server: sffe
age: 176608
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 26368
x-xss-protection: 0
expires: Sat, 22 Jan 2022 06:09:48 GMT

GET
H2 200 clarity.js Show response
www.clarity.ms/eus2/s/0.6.3/ 44 KB
19 KB 100ms
98ms Script
application/javascript 2620:1ec:bdf::13
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL: https://www.clarity.ms/eus2/s/0.6.3/clarity.js
Requested by: Host: www.clarity.ms
URL: https://www.clarity.ms/tag/49cy4bmqk6
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2620:1ec:bdf::13 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: / ASP.NET
Resource Hash: ca270a9221770f239670c7f37daa8813b460d6e40e80aabbca4ae3afedde4cd2

Request headers

Referer: https://luckydays.com/eu?btag=654554_487804734CFF4DD9B96039A33AA39CEB&clickid=9046914
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Sun, 24 Jan 2021 07:13:16 GMT
content-encoding: br
etag: "1d6e9b8c86ffd82"
last-modified: Wed, 13 Jan 2021 14:31:30 GMT
x-powered-by: ASP.NET
vary: Accept-Encoding
content-type: application/javascript
cache-control: public,max-age=86400
x-azure-ref: 0DB4NYAAAAACX2rA0vU8FRJdhfEcVS7rTRlJBRURHRTEwMjEANmNmYmVlZTAtNTAyNy00ODRiLTg5NjctNGEyOWFmNzdmMWUx
accept-ranges: bytes
request-context: appId=cid-v1:2f7711a9-b21e-4abe-a9d6-5b0ce5d18b64

GET
H2 200 9b6ea48b-701b-41a2-b06b-646c7c77167c Show response
ekr.zdassets.com/compose/ 1006 B
882 B 723ms
685ms XHR
application/json 104.18.70.113
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://ekr.zdassets.com/compose/9b6ea48b-701b-41a2-b06b-646c7c77167c

Requested by

Host: luckydays.com
URL: https://luckydays.com/static/js/2.05dec4e0.chunk.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.18.70.113 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

7c2ae906f5f835e4bd4f9b5926b82a9aa08644b28225d6a1447c032a1ff0b3c0

Security Headers

Name	Value
Strict-Transport-Security	max-age=0

Request headers

Referer: https://luckydays.com/eu?btag=654554_487804734CFF4DD9B96039A33AA39CEB&clickid=9046914
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Sun, 24 Jan 2021 07:13:17 GMT
content-encoding: br
vary: Origin, Accept-Encoding
cf-cache-status: REVALIDATED
status: 200 OK
strict-transport-security: max-age=0
cf-request-id: 07d4d6794500000b6f702c0000000001
x-request-id: aacdf09d-7dbe-4be0-8486-af32b6ee0029
x-runtime: 0.002928
server: cloudflare
etag: W/"7c2ae906f5f835e4bd4f9b5926b82a9a"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
access-control-max-age: 7200
access-control-allow-methods: GET, POST, OPTIONS
content-type: application/json; charset=utf-8
access-control-allow-origin: *
access-control-expose-headers
cache-control: max-age=600, public, s-maxage=60, stale-while-revalidate=600, stale-if-error=3600
cf-ray: 6167f36ed8ef0b6f-AMS

GET
H3-Q050 200 css
fonts.googleapis.com/ 3 KB
886 B 43ms
28ms Stylesheet
text/css 2a00:1450:4001:814::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Karla:400,400i,700,700i&display=swap

Requested by

Host: luckydays.com
URL: https://luckydays.com/eu?btag=654554_487804734CFF4DD9B96039A33AA39CEB&clickid=9046914

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:814::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

e2a6287a9cce5ae497d0bab3d1a7f4c8aa09499870f50e64534d70af4eec93cb

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Referer: https://luckydays.com/eu?btag=654554_487804734CFF4DD9B96039A33AA39CEB&clickid=9046914
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 0
last-modified: Sun, 24 Jan 2021 07:13:16 GMT
server: ESF
date: Sun, 24 Jan 2021 07:13:16 GMT
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Sun, 24 Jan 2021 07:13:16 GMT

GET
H2 200 7C3ECC38FAFDB461CCB5937E9C1DB9FB.js Show response
luckydays.regily.com/ 280 KB
87 KB 212ms
146ms Script
application/javascript 65.9.67.99
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://luckydays.regily.com/7C3ECC38FAFDB461CCB5937E9C1DB9FB.js
Requested by: Host: luckydays.com
URL: https://luckydays.com/static/js/2.05dec4e0.chunk.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 65.9.67.99 Seattle, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 0b8e9a843216c879ab0b1bce91ae83d7f672d2798d69c6e7dcab860c59abac3a

Request headers

Referer: https://luckydays.com/eu?btag=654554_487804734CFF4DD9B96039A33AA39CEB&clickid=9046914
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Sun, 24 Jan 2021 07:13:17 GMT
content-encoding: gzip
last-modified: Tue, 20 Oct 2020 09:50:47 GMT
server: AmazonS3
x-amz-cf-pop: FRA56-C1
etag: W/"5c50be7f855db64b5ee586b1ca8fdb60"
vary: Accept-Encoding
x-cache: RefreshHit from cloudfront
content-type: application/javascript
via: 1.1 58b39782bf40f627ace295c1c6f59840.cloudfront.net (CloudFront)
x-amz-cf-id: 8zFzywHRWw6se7gzsP3QhgJRDR9AeoEjHav92rhhC3LhFFvsemiWcg==

GET
H3-Q050 200 css
fonts.googleapis.com/ 3 KB
447 B 15ms
14ms Stylesheet
text/css 2a00:1450:4001:814::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Karla:400,400i,700,700i&display=swap

Requested by

Host: luckydays.com
URL: https://luckydays.com/eu?btag=654554_487804734CFF4DD9B96039A33AA39CEB&clickid=9046914

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:814::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

e2a6287a9cce5ae497d0bab3d1a7f4c8aa09499870f50e64534d70af4eec93cb

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Referer: https://luckydays.com/eu?btag=654554_487804734CFF4DD9B96039A33AA39CEB&clickid=9046914
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 0
last-modified: Sun, 24 Jan 2021 07:13:16 GMT
server: ESF
date: Sun, 24 Jan 2021 07:13:16 GMT
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Sun, 24 Jan 2021 07:13:16 GMT

GET
H3-Q050 200 qkBbXvYC6trAT7RVLtyU5rZP.woff2
fonts.gstatic.com/s/karla/v14/ 26 KB
26 KB 32ms
17ms Font
font/woff2 2a00:1450:4001:801::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/karla/v14/qkBbXvYC6trAT7RVLtyU5rZP.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Karla:400,400i,700,700i&display=swap

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:801::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

d4264619500235dca70807deaea7befa589175ebe0b0b125d3c2d6a0e5302826

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Origin: https://luckydays.com
Referer: https://fonts.googleapis.com/css?family=Karla:400,400i,700,700i&display=swap
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Fri, 22 Jan 2021 06:09:48 GMT
x-content-type-options: nosniff
last-modified: Fri, 20 Nov 2020 01:16:53 GMT
server: sffe
age: 176608
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 26368
x-xss-protection: 0
expires: Sat, 22 Jan 2022 06:09:48 GMT

GET
H3-Q050 200 qkBbXvYC6trAT7RVLtyU5rZP.woff2
fonts.gstatic.com/s/karla/v14/ 26 KB
26 KB 29ms
14ms Font
font/woff2 2a00:1450:4001:801::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/karla/v14/qkBbXvYC6trAT7RVLtyU5rZP.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Karla:400,400i,700,700i&display=swap

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:801::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

d4264619500235dca70807deaea7befa589175ebe0b0b125d3c2d6a0e5302826

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Origin: https://luckydays.com
Referer: https://fonts.googleapis.com/css?family=Karla:400,400i,700,700i&display=swap
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Fri, 22 Jan 2021 06:09:48 GMT
x-content-type-options: nosniff
last-modified: Fri, 20 Nov 2020 01:16:53 GMT
server: sffe
age: 176608
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 26368
x-xss-protection: 0
expires: Sat, 22 Jan 2022 06:09:48 GMT

GET
H3-Q050 200 qkBVXvYC6trAT7RQHt6e4ZRNkAQ.woff2
fonts.gstatic.com/s/karla/v14/ 27 KB
27 KB 28ms
19ms Font
font/woff2 2a00:1450:4001:801::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/karla/v14/qkBVXvYC6trAT7RQHt6e4ZRNkAQ.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Karla:400,400i,700,700i&display=swap

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:801::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

4df10488067c52b22758f084d4bc4f246abf59492658f035d89044343efddcb9

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Origin: https://luckydays.com
Referer: https://fonts.googleapis.com/css?family=Karla:400,400i,700,700i&display=swap
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Sat, 23 Jan 2021 06:30:31 GMT
x-content-type-options: nosniff
last-modified: Fri, 20 Nov 2020 01:17:09 GMT
server: sffe
age: 88965
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 28020
x-xss-protection: 0
expires: Sun, 23 Jan 2022 06:30:31 GMT

GET
H2

200

/ Show response
track.adform.net/Serving/TrackPoint/
Redirect Chain

https://track.adform.net/Serving/TrackPoint/?pm=2063764&ADFPageName=%2F&ADFdivider=%7C&ord=349923663356&Set1=en-US%7Cen-US%7C1600x1200%7C24&CPref=http%3A%2F%2Falabasta.club%2Frd%2Fc11657RFMJO158881...
https://track.adform.net/Serving/TrackPoint/?CC=1&pm=2063764&ADFPageName=%2F&ADFdivider=%7C&ord=349923663356&Set1=en-US%7Cen-US%7C1600x1200%7C24&CPref=http%3A%2F%2Falabasta.club%2Frd%2Fc11657RFMJO1...

101 B
583 B

31ms
30ms

Script
text/javascript

37.157.6.242
ADFORM

General

Check archive.org

Show headers Download Go to

Full URL

https://track.adform.net/Serving/TrackPoint/?CC=1&pm=2063764&ADFPageName=%2F&ADFdivider=%7C&ord=349923663356&Set1=en-US%7Cen-US%7C1600x1200%7C24&CPref=http%3A%2F%2Falabasta.club%2Frd%2Fc11657RFMJO15888150QmtQ15313gxo11111KWyy1875&ADFtpmode=2&itm=e30&loc=https%3A%2F%2Fluckydays.com%2Feu%3Fbtag%3D654554_487804734CFF4DD9B96039A33AA39CEB%26clickid%3D9046914

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

37.157.6.242 , Denmark, ASN198622 (ADFORM, DK),

Reverse DNS

Software

nginx /

Resource Hash

9d85ec7338e291741d68989a7b8bd613fe1fbd6a8d016894c928c00a6ef2da2a

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Referer: https://luckydays.com/eu?btag=654554_487804734CFF4DD9B96039A33AA39CEB&clickid=9046914
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 24 Jan 2021 07:13:16 GMT
content-encoding: gzip
server: nginx
vary: Accept-Encoding
p3p: CP="NOI DSP COR NID CURa ADMa DEVa TAIa PSAa PSDa OUR LEG NAV INT"
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate, no-transform
strict-transport-security: max-age=31536000; includeSubDomains
content-type: text/javascript; charset=utf-8
content-length: 177
expires: -1

Redirect headers

pragma: no-cache
date: Sun, 24 Jan 2021 07:13:16 GMT
server: nginx
location: https://track.adform.net/Serving/TrackPoint/?CC=1&pm=2063764&ADFPageName=%2F&ADFdivider=%7C&ord=349923663356&Set1=en-US%7Cen-US%7C1600x1200%7C24&CPref=http%3A%2F%2Falabasta.club%2Frd%2Fc11657RFMJO15888150QmtQ15313gxo11111KWyy1875&ADFtpmode=2&itm=e30&loc=https%3A%2F%2Fluckydays.com%2Feu%3Fbtag%3D654554_487804734CFF4DD9B96039A33AA39CEB%26clickid%3D9046914
strict-transport-security: max-age=31536000; includeSubDomains
p3p: CP="NOI DSP COR NID CURa ADMa DEVa TAIa PSAa PSDa OUR LEG NAV INT"
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate, no-transform
content-type: text/html; charset=utf-8
expires: -1

GET
H2

200

/ Show response
track.adform.net/Serving/TrackPoint/
Redirect Chain

https://track.adform.net/Serving/TrackPoint/?pm=2063764&ADFPageName=%2Feu&ADFdivider=%7C&ord=135272639212&Set1=en-US%7Cen-US%7C1600x1200%7C24&CPref=http%3A%2F%2Falabasta.club%2Frd%2Fc11657RFMJO1588...
https://track.adform.net/Serving/TrackPoint/?CC=1&pm=2063764&ADFPageName=%2Feu&ADFdivider=%7C&ord=135272639212&Set1=en-US%7Cen-US%7C1600x1200%7C24&CPref=http%3A%2F%2Falabasta.club%2Frd%2Fc11657RFMJ...

103 B
585 B

31ms
31ms

Script
text/javascript

37.157.6.242
ADFORM

General

Check archive.org

Show headers Download Go to

Full URL

https://track.adform.net/Serving/TrackPoint/?CC=1&pm=2063764&ADFPageName=%2Feu&ADFdivider=%7C&ord=135272639212&Set1=en-US%7Cen-US%7C1600x1200%7C24&CPref=http%3A%2F%2Falabasta.club%2Frd%2Fc11657RFMJO15888150QmtQ15313gxo11111KWyy1875&ADFtpmode=2&itm=e30&loc=https%3A%2F%2Fluckydays.com%2Feu%3Fbtag%3D654554_487804734CFF4DD9B96039A33AA39CEB%26clickid%3D9046914

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

37.157.6.242 , Denmark, ASN198622 (ADFORM, DK),

Reverse DNS

Software

nginx /

Resource Hash

ac01154c82a8a3db1fdf386e9b887cd8daacaf0e45180f000062c24ed8029764

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Referer: https://luckydays.com/eu?btag=654554_487804734CFF4DD9B96039A33AA39CEB&clickid=9046914
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 24 Jan 2021 07:13:16 GMT
content-encoding: gzip
server: nginx
vary: Accept-Encoding
p3p: CP="NOI DSP COR NID CURa ADMa DEVa TAIa PSAa PSDa OUR LEG NAV INT"
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate, no-transform
strict-transport-security: max-age=31536000; includeSubDomains
content-type: text/javascript; charset=utf-8
content-length: 179
expires: -1

Redirect headers

pragma: no-cache
date: Sun, 24 Jan 2021 07:13:16 GMT
server: nginx
location: https://track.adform.net/Serving/TrackPoint/?CC=1&pm=2063764&ADFPageName=%2Feu&ADFdivider=%7C&ord=135272639212&Set1=en-US%7Cen-US%7C1600x1200%7C24&CPref=http%3A%2F%2Falabasta.club%2Frd%2Fc11657RFMJO15888150QmtQ15313gxo11111KWyy1875&ADFtpmode=2&itm=e30&loc=https%3A%2F%2Fluckydays.com%2Feu%3Fbtag%3D654554_487804734CFF4DD9B96039A33AA39CEB%26clickid%3D9046914
strict-transport-security: max-age=31536000; includeSubDomains
p3p: CP="NOI DSP COR NID CURa ADMa DEVa TAIa PSAa PSDa OUR LEG NAV INT"
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate, no-transform
content-type: text/html; charset=utf-8
expires: -1

GET
H3-Q050 200 css2
fonts.googleapis.com/ 4 KB
628 B 14ms
14ms Stylesheet
text/css 2a00:1450:4001:814::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css2?family=Roboto:wght@400;700

Requested by

Host: luckydays.com
URL: https://luckydays.com/eu?btag=654554_487804734CFF4DD9B96039A33AA39CEB&clickid=9046914

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:814::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

083be3c59862e11bbcda4128a12a7d9934f461ac881ed75af92b1c1b3615c576

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Referer: https://luckydays.com/eu?btag=654554_487804734CFF4DD9B96039A33AA39CEB&clickid=9046914
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 0
last-modified: Sun, 24 Jan 2021 07:13:16 GMT
server: ESF
date: Sun, 24 Jan 2021 07:13:16 GMT
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Sun, 24 Jan 2021 07:13:16 GMT

GET
H/1.1 200
OK releases Show response
backoffice.regily.com/ 2 B
524 B 108ms
27ms XHR
application/json 35.156.150.114
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://backoffice.regily.com/releases?new=true&partner=luckydays&env=stable

Requested by

Host: luckydays.com
URL: https://luckydays.com/static/js/2.05dec4e0.chunk.js

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

35.156.150.114 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-35-156-150-114.eu-central-1.compute.amazonaws.com

Software

nginx/1.16.1 /

Resource Hash

44136fa355b3678a1146ad16f7e8649e94fb4fc21fe77e8310c060f61caaff8a

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Referer: https://luckydays.com/eu?btag=654554_487804734CFF4DD9B96039A33AA39CEB&clickid=9046914
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date: Sun, 24 Jan 2021 07:13:17 GMT
Strict-Transport-Security: max-age=15552000; includeSubDomains
Vary: Accept, Accept-Encoding
Server: nginx/1.16.1
X-Frame-Options: SAMEORIGIN
ETag: W/"2-vyGp6PvFo4RvsFtPoIWeCReyIC8"
X-Download-Options: noopen
Allow: GET,POST,PUT,PATCH,DELETE
Content-Type: application/json; charset=utf-8
Access-Control-Allow-Origin: *
X-Content-Type-Options: nosniff
Connection: keep-alive
X-DNS-Prefetch-Control: off
Content-Length: 2
X-XSS-Protection: 1; mode=block

GET
H2 403 Karla-Regular.14841cd.woff
luckydays.com/fonts/ 0
0 31ms
30ms Font
text/html 2606:4700::6810:af33
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://luckydays.com/fonts/Karla-Regular.14841cd.woff

Requested by

Host: luckydays.com
URL: https://luckydays.com/eu?btag=654554_487804734CFF4DD9B96039A33AA39CEB&clickid=9046914

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6810:af33 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN

Request headers

Origin: https://luckydays.com
Referer: https://luckydays.com/eu?btag=654554_487804734CFF4DD9B96039A33AA39CEB&clickid=9046914
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Sun, 24 Jan 2021 07:13:16 GMT
content-encoding: gzip
server: cloudflare
x-frame-options: SAMEORIGIN
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: text/html; charset=UTF-8
cache-control: private, max-age=0, no-store, no-cache, must-revalidate, post-check=0, pre-check=0
cf-ray: 6167f3711c52c2bd-FRA
cf-chl-bypass: 1
cf-request-id: 07d4d67aac0000c2bd5b01d000000001
expires: Thu, 01 Jan 1970 00:00:01 GMT

GET
H2 403 Karla-Bold.e05ee13.woff
luckydays.com/fonts/ 0
0 34ms
33ms Font
text/html 2606:4700::6810:af33
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://luckydays.com/fonts/Karla-Bold.e05ee13.woff

Requested by

Host: luckydays.com
URL: https://luckydays.com/eu?btag=654554_487804734CFF4DD9B96039A33AA39CEB&clickid=9046914

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6810:af33 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN

Request headers

Origin: https://luckydays.com
Referer: https://luckydays.com/eu?btag=654554_487804734CFF4DD9B96039A33AA39CEB&clickid=9046914
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Sun, 24 Jan 2021 07:13:17 GMT
content-encoding: gzip
server: cloudflare
x-frame-options: SAMEORIGIN
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: text/html; charset=UTF-8
cache-control: private, max-age=0, no-store, no-cache, must-revalidate, post-check=0, pre-check=0
cf-ray: 6167f3711c56c2bd-FRA
cf-chl-bypass: 1
cf-request-id: 07d4d67aad0000c2bd85931000000001
expires: Thu, 01 Jan 1970 00:00:01 GMT

POST
H2 200 games Show response
luckydays.com/api/ 53 KB
6 KB 150ms
150ms XHR
application/json 2606:4700::6810:af33
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://luckydays.com/api/games

Requested by

Host: luckydays.com
URL: https://luckydays.com/static/js/2.05dec4e0.chunk.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6810:af33 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare / Express

Resource Hash

502958bd3eba2b45ffc548a4b469d5f9ea6583be9b11c198ac2152f5feaffb42

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors *.regily.com https://freeluckydays.com https://luckydaysfree.com https://www.luckydaysfun.com;

Request headers

Accept: application/json, text/plain, */*
Referer: https://luckydays.com/eu?btag=654554_487804734CFF4DD9B96039A33AA39CEB&clickid=9046914
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Content-Type: application/json;charset=UTF-8

Response headers

date: Sun, 24 Jan 2021 07:13:17 GMT
content-encoding: gzip
etag: W/"d3db-a7wBIUfQbKN5/3HT5RANBd7tp84"
cf-cache-status: DYNAMIC
server: cloudflare
x-powered-by: Express
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
content-type: application/json; charset=utf-8
access-control-allow-origin: *
content-security-policy: frame-ancestors *.regily.com https://freeluckydays.com https://luckydaysfree.com https://www.luckydaysfun.com;
cf-ray: 6167f371bd32c2bd-FRA
cf-request-id: 07d4d67b150000c2bd9c99e000000001

GET
H3-Q050 200 css
fonts.googleapis.com/ 3 KB
516 B 15ms
15ms Stylesheet
text/css 2a00:1450:4001:814::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Karla:400,400i,700,700i&display=swap

Requested by

Host: luckydays.com
URL: https://luckydays.com/eu?btag=654554_487804734CFF4DD9B96039A33AA39CEB&clickid=9046914

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:814::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

e2a6287a9cce5ae497d0bab3d1a7f4c8aa09499870f50e64534d70af4eec93cb

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Referer: https://luckydays.com/eu?btag=654554_487804734CFF4DD9B96039A33AA39CEB&clickid=9046914
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 0
last-modified: Sun, 24 Jan 2021 07:13:17 GMT
server: ESF
date: Sun, 24 Jan 2021 07:13:17 GMT
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Sun, 24 Jan 2021 07:13:17 GMT

GET
H3-Q050 200 qkBbXvYC6trAT7RVLtyU5rZP.woff2
fonts.gstatic.com/s/karla/v14/ 26 KB
26 KB 7ms
6ms Font
font/woff2 2a00:1450:4001:801::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/karla/v14/qkBbXvYC6trAT7RVLtyU5rZP.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Karla:400,400i,700,700i&display=swap

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:801::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

d4264619500235dca70807deaea7befa589175ebe0b0b125d3c2d6a0e5302826

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Origin: https://luckydays.com
Referer: https://fonts.googleapis.com/css?family=Karla:400,400i,700,700i&display=swap
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Fri, 22 Jan 2021 06:09:48 GMT
x-content-type-options: nosniff
last-modified: Fri, 20 Nov 2020 01:16:53 GMT
server: sffe
age: 176609
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 26368
x-xss-protection: 0
expires: Sat, 22 Jan 2022 06:09:48 GMT

GET
H3-Q050 200 qkBbXvYC6trAT7RVLtyU5rZP.woff2
fonts.gstatic.com/s/karla/v14/ 26 KB
26 KB 8ms
7ms Font
font/woff2 2a00:1450:4001:801::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/karla/v14/qkBbXvYC6trAT7RVLtyU5rZP.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Karla:400,400i,700,700i&display=swap

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:801::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

d4264619500235dca70807deaea7befa589175ebe0b0b125d3c2d6a0e5302826

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Origin: https://luckydays.com
Referer: https://fonts.googleapis.com/css?family=Karla:400,400i,700,700i&display=swap
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Fri, 22 Jan 2021 06:09:48 GMT
x-content-type-options: nosniff
last-modified: Fri, 20 Nov 2020 01:16:53 GMT
server: sffe
age: 176609
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 26368
x-xss-protection: 0
expires: Sat, 22 Jan 2022 06:09:48 GMT

GET
H3-Q050 200 qkBVXvYC6trAT7RQHt6e4ZRNkAQ.woff2
fonts.gstatic.com/s/karla/v14/ 27 KB
27 KB 8ms
7ms Font
font/woff2 2a00:1450:4001:801::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/karla/v14/qkBVXvYC6trAT7RQHt6e4ZRNkAQ.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Karla:400,400i,700,700i&display=swap

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:801::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

4df10488067c52b22758f084d4bc4f246abf59492658f035d89044343efddcb9

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Origin: https://luckydays.com
Referer: https://fonts.googleapis.com/css?family=Karla:400,400i,700,700i&display=swap
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Sat, 23 Jan 2021 06:30:31 GMT
x-content-type-options: nosniff
last-modified: Fri, 20 Nov 2020 01:17:09 GMT
server: sffe
age: 88966
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 28020
x-xss-protection: 0
expires: Sun, 23 Jan 2022 06:30:31 GMT

GET
H2 200 preload.6c0f96329dfe8c9a16e9.js Show response
static.zdassets.com/web_widget/latest/ Frame AEC3 62 KB
19 KB 38ms
36ms Script
application/javascript 104.18.72.113
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://static.zdassets.com/web_widget/latest/preload.6c0f96329dfe8c9a16e9.js

Requested by

Host: static.zdassets.com
URL: https://static.zdassets.com/ekr/snippet.js?key=9b6ea48b-701b-41a2-b06b-646c7c77167c

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.18.72.113 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

d7a16d204927bef5c153d4ec6057d898925a173a9e3a578bd753c480961f07f7

Security Headers

Name	Value
Strict-Transport-Security	max-age=0

Request headers

Referer
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Sun, 24 Jan 2021 07:13:17 GMT
content-encoding: br
vary: Accept-Encoding
cf-cache-status: HIT
age: 184436
x-amz-server-side-encryption: AES256
x-amz-replication-status: COMPLETED
x-amz-request-id: 1F5D5F7FA57E3795
x-amz-id-2: IGEmJDFEIGJQ21l7DIEAVs3t7OyVR9UyEFprFfPRae+b0GqNm6Tq6Na08usEhzh5WGYXda9J8yU=
last-modified: Fri, 22 Jan 2021 01:38:14 GMT
server: cloudflare
etag: W/"10f8103193e442094518b0ed9faf36e6"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=0
content-type: application/javascript; charset=utf-8
cache-control: public, max-age=31536000
x-amz-version-id: 1q7FgDXL3N.d.IDDrIaNzX2Q4rlKUz2a
cf-request-id: 07d4d67c0a00004c3ea5bf2000000001
cf-ray: 6167f37348684c3e-AMS
expires: Sat, 22 Jan 2022 01:38:13 GMT

GET
H2 200 web_widget.b43d605c8bd3c2da5f21.chunk.js Show response
static.zdassets.com/web_widget/latest/vendors~lazy/ Frame AEC3 501 KB
120 KB 94ms
92ms Script
application/javascript 104.18.72.113
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://static.zdassets.com/web_widget/latest/vendors~lazy/web_widget.b43d605c8bd3c2da5f21.chunk.js

Requested by

Host: static.zdassets.com
URL: https://static.zdassets.com/ekr/snippet.js?key=9b6ea48b-701b-41a2-b06b-646c7c77167c

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.18.72.113 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

ba74f960460fcf2f051cb8c0f210cca1e16047c56e1dd9891649880ee7910999

Security Headers

Name	Value
Strict-Transport-Security	max-age=0

Request headers

Referer
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Sun, 24 Jan 2021 07:13:17 GMT
content-encoding: br
vary: Accept-Encoding
cf-cache-status: HIT
age: 356881
x-amz-server-side-encryption: AES256
x-amz-replication-status: COMPLETED
x-amz-request-id: 902BA3865A14096E
x-amz-id-2: 8WN+yd2QW/ke518ldkjYfHXCpSR5+4DlNFktdEP2Md/TrwYYkdToQWGCaftkJn0tN+cydIcS6Hw=
last-modified: Tue, 19 Jan 2021 23:41:14 GMT
server: cloudflare
etag: W/"69eb9ecd7b4785b9a75c65b0c0e472bb"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=0
content-type: application/javascript; charset=utf-8
cache-control: public, max-age=31536000
x-amz-version-id: 7xRrYBPAAvcPYIzTYvqG95fxH_SFu.y1
cf-request-id: 07d4d67c0a00004c3ef7057000000001
cf-ray: 6167f37348694c3e-AMS
expires: Wed, 19 Jan 2022 23:41:13 GMT

GET
H2 200 web_widget.e6cd199f196ed4ee1a13.chunk.js Show response
static.zdassets.com/web_widget/latest/lazy/ Frame AEC3 498 KB
95 KB 88ms
86ms Script
application/javascript 104.18.72.113
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://static.zdassets.com/web_widget/latest/lazy/web_widget.e6cd199f196ed4ee1a13.chunk.js

Requested by

Host: static.zdassets.com
URL: https://static.zdassets.com/ekr/snippet.js?key=9b6ea48b-701b-41a2-b06b-646c7c77167c

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.18.72.113 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

32c02d90f0bd6c3626cdcbbcc9bb81276f77f43315ab84a25a34c86797188d45

Security Headers

Name	Value
Strict-Transport-Security	max-age=0

Request headers

Referer
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Sun, 24 Jan 2021 07:13:17 GMT
content-encoding: br
vary: Accept-Encoding
cf-cache-status: HIT
age: 529939
x-amz-server-side-encryption: AES256
x-amz-replication-status: COMPLETED
x-amz-request-id: E4DA2CF7AF1E33D6
x-amz-id-2: 5ziZV2PA6LqQb3ipB9/nmz9q1rwRPZFB/T6Vci8XpuHBODARdf/vw56WunbOUR5eYrxa7RHDXF0=
last-modified: Sun, 17 Jan 2021 22:56:43 GMT
server: cloudflare
etag: W/"2c3f41b0907c5ef3e822da47110c2cf6"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=0
content-type: application/javascript; charset=utf-8
cache-control: public, max-age=31536000
x-amz-version-id: 6.o4JiJiA6qz3N7ogI7_kHvXgfxSe7OF
cf-request-id: 07d4d67c0a00004c3e9b26e000000001
cf-ray: 6167f373486a4c3e-AMS
expires: Mon, 17 Jan 2022 22:56:42 GMT

GET
H2 200 web_widget.ba39259f8e4e36c5fc0a.chunk.js Show response
static.zdassets.com/web_widget/latest/ Frame AEC3 335 KB
66 KB 77ms
75ms Script
application/javascript 104.18.72.113
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://static.zdassets.com/web_widget/latest/web_widget.ba39259f8e4e36c5fc0a.chunk.js

Requested by

Host: static.zdassets.com
URL: https://static.zdassets.com/ekr/snippet.js?key=9b6ea48b-701b-41a2-b06b-646c7c77167c

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.18.72.113 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

62428142cee91c63efbdad960b302fea1616ba50a1b4e222ebbcbd4d3e8fe3e1

Security Headers

Name	Value
Strict-Transport-Security	max-age=0

Request headers

Referer
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Sun, 24 Jan 2021 07:13:17 GMT
content-encoding: br
vary: Accept-Encoding
cf-cache-status: HIT
age: 184436
x-amz-server-side-encryption: AES256
x-amz-replication-status: COMPLETED
x-amz-request-id: D36F82EC38FBBD1B
x-amz-id-2: Vhh+1LQB3l9YIksqSarvn2qVvUhMzP4Q1RjRw17++fyukpZY2iMbtsMt0ShlH0rjshKiEzNKJnE=
last-modified: Fri, 22 Jan 2021 01:38:16 GMT
server: cloudflare
etag: W/"6471f488994882533d8f1cae24cc7a56"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=0
content-type: application/javascript; charset=utf-8
cache-control: public, max-age=31536000
x-amz-version-id: rZkGjHsKCTs2xVoXpbArd4rE1sNCqppT
cf-request-id: 07d4d67c0b00004c3ec92f5000000001
cf-ray: 6167f373486b4c3e-AMS
expires: Sat, 22 Jan 2022 01:38:15 GMT

GET
H2 200 vendors~web_widget.ab97379118a5b2805f2a.chunk.js Show response
static.zdassets.com/web_widget/latest/ Frame AEC3 516 KB
157 KB 34ms
32ms Script
application/javascript 104.18.72.113
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://static.zdassets.com/web_widget/latest/vendors~web_widget.ab97379118a5b2805f2a.chunk.js

Requested by

Host: static.zdassets.com
URL: https://static.zdassets.com/ekr/snippet.js?key=9b6ea48b-701b-41a2-b06b-646c7c77167c

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.18.72.113 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

4f0bab48477b1e533842741729feed41f5081d598371e25d58d5ee01b3bf01f5

Security Headers

Name	Value
Strict-Transport-Security	max-age=0

Request headers

Referer
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Sun, 24 Jan 2021 07:13:17 GMT
content-encoding: br
vary: Accept-Encoding
cf-cache-status: HIT
age: 615453
x-amz-server-side-encryption: AES256
x-amz-replication-status: COMPLETED
x-amz-request-id: 0C187F761C8026DE
x-amz-id-2: YEYewECPJPlI5DNbpWMczIv+XyhAjsSWBzwgXlGFnxX3+A8KYSjD5bDQd86ifA24vE9HQ2oEArU=
last-modified: Mon, 04 Jan 2021 00:38:50 GMT
server: cloudflare
etag: W/"d8b36c871889a179bfc603bc480db2d4"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=0
content-type: application/javascript; charset=utf-8
cache-control: public, max-age=31536000
x-amz-version-id: MQoH2PhH1gQXAgAyxB2Xf6doAtoit68t
cf-request-id: 07d4d67c0b00004c3e9f00d000000001
cf-ray: 6167f373486c4c3e-AMS
expires: Tue, 04 Jan 2022 00:38:49 GMT

GET
H2 200 web_widget~messenger.2ef813a806a3fb817c2a.chunk.js Show response
static.zdassets.com/web_widget/latest/vendors~lazy/ Frame AEC3 75 KB
20 KB 73ms
72ms Script
application/javascript 104.18.72.113
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://static.zdassets.com/web_widget/latest/vendors~lazy/web_widget~messenger.2ef813a806a3fb817c2a.chunk.js

Requested by

Host: static.zdassets.com
URL: https://static.zdassets.com/ekr/snippet.js?key=9b6ea48b-701b-41a2-b06b-646c7c77167c

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.18.72.113 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

73d7df22c22d6715274fb23587b4016c1f39538cb3fe5b77daf8e92af9fb5a0b

Security Headers

Name	Value
Strict-Transport-Security	max-age=0

Request headers

Referer
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Sun, 24 Jan 2021 07:13:17 GMT
content-encoding: br
vary: Accept-Encoding
cf-cache-status: HIT
age: 356881
x-amz-server-side-encryption: AES256
x-amz-replication-status: COMPLETED
x-amz-request-id: AB3E4323AA777A4F
x-amz-id-2: m0Wxvfpfcru1HWsuQ3uD4XBpXZFai7Q3vclnS4TpQD7X4V8+t/hvxPVPNI9F92G63zJzlay5Yqk=
last-modified: Tue, 19 Jan 2021 23:41:14 GMT
server: cloudflare
etag: W/"772e4f1ca6313200071ee61fbcaf7dc0"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=0
content-type: application/javascript; charset=utf-8
cache-control: public, max-age=31536000
x-amz-version-id: 0c5A63QLlcuaeqSDRPbXzm921Lct0pGO
cf-request-id: 07d4d67c0b00004c3eba3d1000000001
cf-ray: 6167f373486d4c3e-AMS
expires: Wed, 19 Jan 2022 23:41:13 GMT

GET
H2 200 chat-sdk.ef57fe179f7fdba70997.chunk.js Show response
static.zdassets.com/web_widget/latest/ Frame AEC3 257 KB
50 KB 58ms
57ms Script
application/javascript 104.18.72.113
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://static.zdassets.com/web_widget/latest/chat-sdk.ef57fe179f7fdba70997.chunk.js

Requested by

Host: static.zdassets.com
URL: https://static.zdassets.com/ekr/snippet.js?key=9b6ea48b-701b-41a2-b06b-646c7c77167c

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.18.72.113 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

6cd2c4f7c32d76dfddf8850d4d93209e41914394cd46184978e5c4cec5986f3d

Security Headers

Name	Value
Strict-Transport-Security	max-age=0

Request headers

Referer
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Sun, 24 Jan 2021 07:13:17 GMT
content-encoding: br
vary: Accept-Encoding
cf-cache-status: HIT
age: 3986344
x-amz-server-side-encryption: AES256
x-amz-replication-status: COMPLETED
x-amz-request-id: 85F7B0FA2630C3AF
x-amz-id-2: +a1chk4Af1vAt9uXfnQjh84yUPm0Ak4tGBNjsSdNSSrg1udVRoqABNM+E1aRtpmpxPakTpfz4p8=
last-modified: Wed, 09 Dec 2020 03:44:55 GMT
server: cloudflare
etag: W/"471486ebf305f761724c4a3d88d24c68"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=0
content-type: application/javascript; charset=utf-8
cache-control: public, max-age=31536000
x-amz-version-id: tUzJzxwRIGBtH2yGLDY0ifhL7s6uFqT5
cf-request-id: 07d4d67c0b00004c3e97861000000001
cf-ray: 6167f373486e4c3e-AMS
expires: Thu, 09 Dec 2021 03:44:53 GMT

GET
H2 200 config Show response
ragingrhino.zendesk.com/embeddable/ 763 B
1 KB 108ms
55ms XHR
application/json 104.16.53.111
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://ragingrhino.zendesk.com/embeddable/config

Requested by

Host: luckydays.com
URL: https://luckydays.com/static/js/2.05dec4e0.chunk.js

Protocol

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

104.16.53.111 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

9ec7d3414c0e3d31df24afb9930fedaf14be96fff35de706c3ec596e802c8fb5

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://luckydays.com/eu?btag=654554_487804734CFF4DD9B96039A33AA39CEB&clickid=9046914
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Sun, 24 Jan 2021 07:13:17 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: EXPIRED
nel: {"max_age":604800,"report_to":"cf-nel"}
x-zendesk-origin-server: embeddable-app-server-c6cc955cc-htdv2
access-control-allow-methods: GET
vary: Origin, Accept-Encoding
cf-request-id: 07d4d67c7500004c19d70e3000000001
x-request-id: 6167f373ec504c19-FRA
x-runtime: 0.001902
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
access-control-max-age: 1728000
report-to: {"group":"cf-nel","max_age":604800,"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=Omq25XKW5cZ96cxk%2BEJ%2FkK4rEICE047JV46TKei21iMalDl%2BbxqsUiLqWgZlng%2BV5QFbzVbNJJJev28myXaezC40H5UzRWY2%2BPNlOvtFYH0jMk6K8dKFxQ%3D%3D"}]}
content-type: application/json; charset=utf-8
access-control-allow-origin: *
access-control-expose-headers
cache-control: public, max-age=60, stale-while-revalidate=600, stale-if-error=3600
cf-ray: 6167f373ec504c19-AMS

GET
H2 200 en-us-json.dfa77dc54ddc7bc33515.chunk.js Show response
static.zdassets.com/web_widget/latest/locales/ Frame AEC3 29 KB
6 KB 24ms
24ms Script
application/javascript 104.18.72.113
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://static.zdassets.com/web_widget/latest/locales/en-us-json.dfa77dc54ddc7bc33515.chunk.js

Requested by

Host: static.zdassets.com
URL: https://static.zdassets.com/web_widget/latest/preload.6c0f96329dfe8c9a16e9.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.18.72.113 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

96b1688111bcc37ff66c9d7519cc04cba03c69a93215e2de36b388dee07d33af

Security Headers

Name	Value
Strict-Transport-Security	max-age=0

Request headers

Referer
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Sun, 24 Jan 2021 07:13:17 GMT
content-encoding: br
vary: Accept-Encoding
cf-cache-status: HIT
age: 184435
x-amz-server-side-encryption: AES256
x-amz-replication-status: COMPLETED
x-amz-request-id: 4231C95E1D63D9AD
x-amz-id-2: NjZHXjQ24bTVcSiAq4iIC8d+bLZn/WNoo+2y1IrReWb1q7Yb85MurzXIdj8X+Li290lY8yIPF/w=
last-modified: Fri, 22 Jan 2021 01:37:41 GMT
server: cloudflare
etag: W/"94123d435406f296a2e0736db17170c3"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=0
content-type: application/javascript; charset=utf-8
cache-control: public, max-age=31536000
x-amz-version-id: RWz6MiXu1VMKrOW_xvgnwh9PwVlfGvbD
cf-request-id: 07d4d67d0800004c3ecc986000000001
cf-ray: 6167f374db644c3e-AMS
expires: Sat, 22 Jan 2022 01:37:40 GMT

GET
H2 200 embeddable_blip Show response
ragingrhino.zendesk.com/ Frame AEC3 0
483 B 40ms
39ms XHR
text/html 104.16.53.111
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://ragingrhino.zendesk.com/embeddable_blip?type=userAction&data=eyJjaGFubmVsIjoid2ViX3dpZGdldCIsInVzZXJBY3Rpb24iOnsiY2F0ZWdvcnkiOiJhcGkiLCJhY3Rpb24iOiJ3ZWJXaWRnZXQuaGlkZSIsImxhYmVsIjpudWxsLCJ2YWx1ZSI6eyJhcmdzIjpudWxsfX0sImJ1aWQiOiI2NWQ2NWZjYjZkOGRmYmVhY2IxZDFlYTIzNmY4ZjZmZSIsInN1aWQiOiJhNmYwNDNkYjBkNzhmODA3MDJkZDY3ODAzNTAwMTY5ZCIsInZlcnNpb24iOiI0YzJmMjM0YzEiLCJ0aW1lc3RhbXAiOiIyMDIxLTAxLTI0VDA3OjEzOjE3LjYwMloiLCJ1cmwiOiJodHRwczovL2x1Y2t5ZGF5cy5jb20vZXU%2FYnRhZz02NTQ1NTRfNDg3ODA0NzM0Q0ZGNEREOUI5NjAzOUEzM0FBMzlDRUImY2xpY2tpZD05MDQ2OTE0In0%3D
Requested by: Host: static.zdassets.com
URL: https://static.zdassets.com/web_widget/latest/vendors~web_widget.ab97379118a5b2805f2a.chunk.js
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 104.16.53.111 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Sun, 24 Jan 2021 07:13:17 GMT
content-encoding: br
cf-cache-status: MISS
nel: {"max_age":604800,"report_to":"cf-nel"}
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"group":"cf-nel","max_age":604800,"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=EiESN6W%2FQWtnJ4HVe8MdlR3BriS61Fb2KOvRywOnbl%2Frl6qwjAQPp9r%2BY7P%2Ffxag3%2B0hay9VIjKX13QQHNuIc%2F115zefWm3K%2B4IzS%2BFYlrwVZ8YTv3TQLg%3D%3D"}]}
content-type: text/html; charset=utf-8
access-control-allow-origin: https://luckydays.com
cache-control: no-store, no-cache, must-revalidate
cf-ray: 6167f3751e354c19-AMS
cf-request-id: 07d4d67d2b00004c193537a000000001

GET
H2 200 embeddable_blip Show response
ragingrhino.zendesk.com/ Frame AEC3 0
283 B 41ms
41ms XHR
text/html 104.16.53.111
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://ragingrhino.zendesk.com/embeddable_blip?type=userAction&data=eyJjaGFubmVsIjoid2ViX3dpZGdldCIsInVzZXJBY3Rpb24iOnsiY2F0ZWdvcnkiOiJhcGkiLCJhY3Rpb24iOiJ3ZWJXaWRnZXQuc2V0TG9jYWxlIiwibGFiZWwiOm51bGwsInZhbHVlIjp7ImFyZ3MiOiJlbiJ9fSwiYnVpZCI6IjY1ZDY1ZmNiNmQ4ZGZiZWFjYjFkMWVhMjM2ZjhmNmZlIiwic3VpZCI6ImE2ZjA0M2RiMGQ3OGY4MDcwMmRkNjc4MDM1MDAxNjlkIiwidmVyc2lvbiI6IjRjMmYyMzRjMSIsInRpbWVzdGFtcCI6IjIwMjEtMDEtMjRUMDc6MTM6MTcuNjA2WiIsInVybCI6Imh0dHBzOi8vbHVja3lkYXlzLmNvbS9ldT9idGFnPTY1NDU1NF80ODc4MDQ3MzRDRkY0REQ5Qjk2MDM5QTMzQUEzOUNFQiZjbGlja2lkPTkwNDY5MTQifQ%3D%3D
Requested by: Host: static.zdassets.com
URL: https://static.zdassets.com/web_widget/latest/vendors~web_widget.ab97379118a5b2805f2a.chunk.js
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 104.16.53.111 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Sun, 24 Jan 2021 07:13:17 GMT
content-encoding: br
cf-cache-status: MISS
nel: {"max_age":604800,"report_to":"cf-nel"}
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"group":"cf-nel","max_age":604800,"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=4vn18ALl8WDdKSNdouwR%2BYmrl2kanAGNPy2d3c%2BajqZH5UamOBUwvUzn4zsuINM0CBLG2kh7BcXdM1Cb19tLZXCjv%2FEKWA77D7jZ4hCzBcmUVY8iiXcEwg%3D%3D"}]}
content-type: text/html; charset=utf-8
access-control-allow-origin: https://luckydays.com
cache-control: no-store, no-cache, must-revalidate
cf-ray: 6167f3751e364c19-AMS
cf-request-id: 07d4d67d2b00004c19c70ea000000001

GET
H2 200 embeddable_blip Show response
ragingrhino.zendesk.com/ Frame AEC3 0
280 B 71ms
70ms XHR
text/html 104.16.53.111
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://ragingrhino.zendesk.com/embeddable_blip?type=pageView&data=eyJjaGFubmVsIjoid2ViX3dpZGdldCIsInBhZ2VWaWV3Ijp7InJlZmVycmVyIjoiaHR0cDovL2FsYWJhc3RhLmNsdWIvcmQvYzExNjU3UkZNSk8xNTg4ODE1MFFtdFExNTMxM2d4bzExMTExS1d5eTE4NzUiLCJ0aW1lIjowLCJsb2FkVGltZSI6NTAuNDY0OTk5OTc4NDMwNTcsIm5hdmlnYXRvckxhbmd1YWdlIjoiZW4tVVMiLCJwYWdlVGl0bGUiOiJMdWNreSBEYXlzIC0gT25saW5lIENhc2lubyB8IFVwIHRvIOKCrDEsMDAwIENhc2lubyBCb251cyArIDEwMCBGcmVlIFNwaW5zIiwidXNlckFnZW50IjoiTW96aWxsYS81LjAgKE1hY2ludG9zaDsgSW50ZWwgTWFjIE9TIFggMTBfMTRfNSkgQXBwbGVXZWJLaXQvNTM3LjM2IChLSFRNTCwgbGlrZSBHZWNrbykgQ2hyb21lLzgzLjAuNDEwMy42MSBTYWZhcmkvNTM3LjM2IiwiaXNNb2JpbGUiOmZhbHNlLCJpc1Jlc3BvbnNpdmUiOnRydWUsInZpZXdwb3J0TWV0YSI6IndpZHRoPWRldmljZS13aWR0aCxpbml0aWFsLXNjYWxlPTEsbWF4aW11bS1zY2FsZT0xLHVzZXItc2NhbGFibGU9MCx2aWV3cG9ydC1maXQ9Y292ZXIiLCJoZWxwQ2VudGVyRGVkdXAiOmZhbHNlfSwiYnVpZCI6IjY1ZDY1ZmNiNmQ4ZGZiZWFjYjFkMWVhMjM2ZjhmNmZlIiwic3VpZCI6ImE2ZjA0M2RiMGQ3OGY4MDcwMmRkNjc4MDM1MDAxNjlkIiwidmVyc2lvbiI6IjRjMmYyMzRjMSIsInRpbWVzdGFtcCI6IjIwMjEtMDEtMjRUMDc6MTM6MTcuNjI5WiIsInVybCI6Imh0dHBzOi8vbHVja3lkYXlzLmNvbS9ldT9idGFnPTY1NDU1NF80ODc4MDQ3MzRDRkY0REQ5Qjk2MDM5QTMzQUEzOUNFQiZjbGlja2lkPTkwNDY5MTQifQ%3D%3D
Requested by: Host: static.zdassets.com
URL: https://static.zdassets.com/web_widget/latest/vendors~web_widget.ab97379118a5b2805f2a.chunk.js
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 104.16.53.111 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Sun, 24 Jan 2021 07:13:17 GMT
content-encoding: br
cf-cache-status: MISS
nel: {"max_age":604800,"report_to":"cf-nel"}
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"group":"cf-nel","max_age":604800,"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=MLw7mxdHUTM7xao0qj9N%2BWgSfMztlSXWB47Y2mUxoVXyM3y30pyAnZaQfkx%2FrRtatuc0jtjw3F37u6VVlwf2GoMq6Slecih40IOUGC8X6s11csryBMmZ1Q%3D%3D"}]}
content-type: text/html; charset=utf-8
access-control-allow-origin: https://luckydays.com
cache-control: no-store, no-cache, must-revalidate
cf-ray: 6167f3753e874c19-AMS
cf-request-id: 07d4d67d4300004c1937903000000001

GET
H2 206 chat-incoming-message-notification.mp3
static.zdassets.com/web_widget/static/ Frame AEC3 19 KB
20 KB 48ms
47ms Media
audio/mpeg 104.18.72.113
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://static.zdassets.com/web_widget/static/chat-incoming-message-notification.mp3

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.18.72.113 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

97e5b0b6cfc2ba9815028429c069631ba12b294aa7419d1ea130accd0adc2d46

Security Headers

Name	Value
Strict-Transport-Security	max-age=0

Request headers

Referer
Accept-Encoding: identity;q=1, *;q=0
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Range: bytes=0-

Response headers

date: Sun, 24 Jan 2021 07:13:17 GMT
cf-cache-status: DYNAMIC
x-amz-request-id: 1F31C498F0FC900B
x-amz-server-side-encryption: AES256
cf-ray: 6167f3771ff84c3e-AMS
Content-Range: bytes 0-19697/19698
x-amz-replication-status: COMPLETED
Content-Length: 19698
x-amz-id-2: GqKvy0yz0Df3/exgsCcdvcYV17zHmUdQi+vRnsYQVSYBRgyX5QsA5tpgveG45iyFU7hTcA4xz4Y=
last-modified: Tue, 12 Feb 2019 01:07:53 GMT
server: cloudflare
etag: "f11ce9e8f40a392830217253fe75d6de"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=0
x-amz-version-id: 7QfN44DQ.h7tzqx9G_4CeAsccdu5t2pF
cache-control: public, max-age=31536000
cf-request-id: 07d4d67e6c00004c3ebf096000000001
accept-ranges: bytes
content-type: audio/mpeg; charset=utf-8
expires: Wed, 12 Feb 2020 01:07:52 GMT

GET
H3-Q050 204 a
www.googletagmanager.com/ 0
44 B 15ms
14ms Image
image/gif 2a00:1450:4001:808::2008
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.googletagmanager.com/a?id=GTM-WPM3ZX3&cv=65&v=3&t=t&pid=1312800139&rv=1d0&es=1&e=gtm.historyChange-v2&eid=8&u=C&tc=136&epr=1G.4G.1G.4G&z=0

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:808::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Referer: https://luckydays.com/eu?btag=654554_487804734CFF4DD9B96039A33AA39CEB&clickid=9046914
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 24 Jan 2021 07:13:17 GMT
server: Google Tag Manager
vary: *
content-type: image/gif
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H2 200 collect Show response
www.clarity.ms/eus2/ 7 B
254 B 114ms
99ms XHR
text/plain 2620:1ec:bdf::13
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL: https://www.clarity.ms/eus2/collect
Requested by: Host: luckydays.com
URL: https://luckydays.com/static/js/2.05dec4e0.chunk.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2620:1ec:bdf::13 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: / ASP.NET
Resource Hash: 1661765467478b77853c92c91c3267c5edd4a099267f734208c545ff60bce645

Request headers

Referer: https://luckydays.com/eu?btag=654554_487804734CFF4DD9B96039A33AA39CEB&clickid=9046914
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

date: Sun, 24 Jan 2021 07:13:18 GMT
content-encoding: br
x-powered-by: ASP.NET
vary: Accept-Encoding
content-type: text/plain
access-control-allow-origin: *
x-azure-ref: 0Dx4NYAAAAAAQDvMlvoyTQ4rhpLsBeyWTRlJBRURHRTEwMTEANmNmYmVlZTAtNTAyNy00ODRiLTg5NjctNGEyOWFmNzdmMWUx
request-context: appId=cid-v1:2f7711a9-b21e-4abe-a9d6-5b0ce5d18b64

POST
H3-Q050 204 collect
www.google-analytics.com/g/ 0
44 B 14ms
13ms Other
text/plain 2a00:1450:4001:80b::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://www.google-analytics.com/g/collect?v=2&tid=G-P1Y72HZSVZ&gtm=2oe1d0&_p=1081240275&sr=1600x1200&ul=en-us&cid=1084766269.1611472396&dl=https%3A%2F%2Fluckydays.com%2F%3Fbtag%3D654554_487804734CFF4DD9B96039A33AA39CEB%26clickid%3D9046914&dr=http%3A%2F%2Falabasta.club%2Frd%2Fc11657RFMJO15888150QmtQ15313gxo11111KWyy1875&dt=Lucky%20Days%20Casino&sid=1611472396&sct=1&seg=0&_s=2
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-P1Y72HZSVZ&l=dataLayer&cx=c
Protocol: H3-Q050
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:80b::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://luckydays.com/eu?btag=654554_487804734CFF4DD9B96039A33AA39CEB&clickid=9046914
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

pragma: no-cache
date: Sun, 24 Jan 2021 07:13:21 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://luckydays.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H2 200 collect Show response
www.clarity.ms/eus2/ 7 B
156 B 211ms
184ms XHR
text/plain 2620:1ec:bdf::13
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL: https://www.clarity.ms/eus2/collect
Requested by: Host: luckydays.com
URL: https://luckydays.com/static/js/2.05dec4e0.chunk.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2620:1ec:bdf::13 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: / ASP.NET
Resource Hash: 1661765467478b77853c92c91c3267c5edd4a099267f734208c545ff60bce645

Request headers

Referer: https://luckydays.com/eu?btag=654554_487804734CFF4DD9B96039A33AA39CEB&clickid=9046914
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

date: Sun, 24 Jan 2021 07:13:22 GMT
content-encoding: br
x-powered-by: ASP.NET
vary: Accept-Encoding
content-type: text/plain
access-control-allow-origin: *
x-azure-ref: 0Eh4NYAAAAAD6mjRcjXgCS41Bs44PO+pARlJBRURHRTEwMTEANmNmYmVlZTAtNTAyNy00ODRiLTg5NjctNGEyOWFmNzdmMWUx
content-length: 11
request-context: appId=cid-v1:2f7711a9-b21e-4abe-a9d6-5b0ce5d18b64

Verdicts & Comments Add Verdict or Comment

45 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

9 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
luckydays.com/	1970-01-19 16:21:04	Name: luckydays_clickid Value: 9046914
.luckydays.com/	1970-01-20 00:23:28	Name: mp_2ad6de59c6ce23e0bda0f1da251fc06f_mixpanel Value: %7B%22distinct_id%22%3A%20%22177333d6045b40-0aaec9dae8cf2a-1b396256-1d4c00-177333d6046a5b%22%2C%22%24device_id%22%3A%20%22177333d6045b40-0aaec9dae8cf2a-1b396256-1d4c00-177333d6046a5b%22%2C%22%24initial_referrer%22%3A%20%22http%3A%2F%2Falabasta.club%2Frd%2Fc11657RFMJO15888150QmtQ15313gxo11111KWyy1875%22%2C%22%24initial_referring_domain%22%3A%20%22alabasta.club%22%7D
.luckydays.com/	1970-01-19 15:39:18	Name: _gid Value: GA1.2.1763588514.1611472396
.luckydays.com/	1970-01-20 09:09:04	Name: _ga_P1Y72HZSVZ Value: GS1.1.1611472396.1.0.1611472396.0
.luckydays.com/	1970-01-19 15:37:52	Name: _gat Value: 1
.luckydays.com/	1970-01-20 09:09:04	Name: _ga Value: GA1.1.1084766269.1611472396
luckydays.com/	1970-01-19 16:21:04	Name: referrer Value: 654554_487804734CFF4DD9B96039A33AA39CEB
.luckydays.com/	1970-01-19 15:37:54	Name: __cf_bm Value: 4857995b0267cd7618b0c2dcab59c399890f8e06-1611472396-1800-AWNneZFisN55bvdGJIzYihhQfDwCuVHQsYw5OKxX4a2s6BUrLM3RkgDOS3a/2jMAQQmtuDiO2wfXyQYdZ3Y6HvLD/KAyChOEyAIioN+ey564KQdgLM1aIVcE2uGfnL1k6YQUJscQn1vS6dSG9swHJTdFhWctMUdRg0lv5M7Qi8Vc0EOaSIYqAtKEvZfO6OFKwA==
.luckydays.com/	1970-01-19 16:21:04	Name: __cfduid Value: dcc3309a1542923b036263b5f168d4b4a1611472395

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

alabasta.club
api-js.mixpanel.com
api.ipdata.co
backoffice.regily.com
cdn4.mxpnl.com
ekr.zdassets.com
fonts.googleapis.com
fonts.gstatic.com
keyaff.com
luckydays.com
luckydays.regily.com
media.luckydaysaffiliates.com
ragingrhino.zendesk.com
res.cloudinary.com
s2.adform.net
static.zdassets.com
track.adform.net
wordpress.luckydays.com
www.clarity.ms
www.dandelionscent.com
www.google-analytics.com
www.googletagmanager.com
www.zotlk-2.com
104.16.53.111
104.18.70.113
104.18.72.113
130.211.34.183
146.177.40.248
159.65.121.218
2606:4700::6810:af33
2606:4700::6811:263c
2620:1ec:bdf::13
2a00:1450:4001:801::2003
2a00:1450:4001:806::200e
2a00:1450:4001:808::2008
2a00:1450:4001:80b::200e
2a00:1450:4001:814::200a
2a04:4e42:1b::393
34.95.111.202
35.156.150.114
35.156.229.222
35.186.235.23
35.190.91.50
37.157.5.72
37.157.6.242
65.9.67.99
91.211.249.245
047ae40135be16e65990535f7dd8bbfdeb2ef55446fdd317b00db295ca885c5c
0630a0ec1e6651f206b40da288be412189484542d6076be71e684f76c620022a
083be3c59862e11bbcda4128a12a7d9934f461ac881ed75af92b1c1b3615c576
0b8e9a843216c879ab0b1bce91ae83d7f672d2798d69c6e7dcab860c59abac3a
0d3118e306c6a26f1d2efcb698984e6922c5e7e155c94a84760e36e5592a3c11
14f0d7c8048540a48d9348d3d447cba12e6c13445bb372fb6bd54fe732f72af6
1661765467478b77853c92c91c3267c5edd4a099267f734208c545ff60bce645
32c02d90f0bd6c3626cdcbbcc9bb81276f77f43315ab84a25a34c86797188d45
418d81118c8709fc69dfa3699ba161cf5b67fa335385f750f5af773e676e6ffd
44136fa355b3678a1146ad16f7e8649e94fb4fc21fe77e8310c060f61caaff8a
4df10488067c52b22758f084d4bc4f246abf59492658f035d89044343efddcb9
4f0bab48477b1e533842741729feed41f5081d598371e25d58d5ee01b3bf01f5
502958bd3eba2b45ffc548a4b469d5f9ea6583be9b11c198ac2152f5feaffb42
5fcb16854bcf34558fc9100ea313b2f61a3394ca23e65719553f09c902b2476e
60700545ae73e4aa6b89d5571c54c102dfd2960f347904cf2b1eca76f64715b3
62428142cee91c63efbdad960b302fea1616ba50a1b4e222ebbcbd4d3e8fe3e1
6cd2c4f7c32d76dfddf8850d4d93209e41914394cd46184978e5c4cec5986f3d
713940c0f79d2d462a7848fde8ddd58d39be328f17d2b342ed5f0118a9e21420
73d7df22c22d6715274fb23587b4016c1f39538cb3fe5b77daf8e92af9fb5a0b
771fc0e004d743142c86465f8bcdde5d5e1746c34eeb8993c727d09ca5e80eb5
7c2ae906f5f835e4bd4f9b5926b82a9aa08644b28225d6a1447c032a1ff0b3c0
8033ae94f15503911c8fa1ead6119e1528dc5c9eb35bb9bf3df5635f9f2fb275
804af9c7b0a62a261183416635ff4a48726315348fcb811e81d860a83cf681cf
8c07686bbc2dedc88c70ea19ee2f2afb3a20547645fb1bfa91492d6c6b1cc0fa
8c8621dbfa0838205e3be1459ccd87ff3dbd6e87a7426ce2c14f2c31b0c0f05e
96b1688111bcc37ff66c9d7519cc04cba03c69a93215e2de36b388dee07d33af
97e5b0b6cfc2ba9815028429c069631ba12b294aa7419d1ea130accd0adc2d46
9d85ec7338e291741d68989a7b8bd613fe1fbd6a8d016894c928c00a6ef2da2a
9ec7d3414c0e3d31df24afb9930fedaf14be96fff35de706c3ec596e802c8fb5
a048e640908046be06e00eab37742b5d5ff80964af58cfd22f7cb2de4dfe375f
ac01154c82a8a3db1fdf386e9b887cd8daacaf0e45180f000062c24ed8029764
aee389d4ce5384ee0298501cedfdb734616d050054778748702d969c02ee9235
b03b611a9aab582f165db3124ababd3dbe331aad88d6c6d6a993553d3a955c95
ba74f960460fcf2f051cb8c0f210cca1e16047c56e1dd9891649880ee7910999
c17943e3ecbfcec3d49fba06ddebaf15da8b802cbf6c8b91cb3c5c7262464fe2
c1ecb4d324e9cba7eddb7ed7577ae81b25566a456c7a1975528a845f88ffa2ae
c4047031aa5b3f4bdc06aef178a89bc6331c10c408a4af6858dd1fac8c584a14
ca270a9221770f239670c7f37daa8813b460d6e40e80aabbca4ae3afedde4cd2
cf8cec965a7c6e32a3c6ad9da83b47d82355e60a5db1f0234bd4f2d3891ae566
d14a3aed75149b90d915e831793a02d1167f07dc5cf23e9070dbccea2adaeb26
d4264619500235dca70807deaea7befa589175ebe0b0b125d3c2d6a0e5302826
d47fc4ba813707c653d43ba01e1291ef09e1c412957d3b8cb05988b251d23bfd
d7a16d204927bef5c153d4ec6057d898925a173a9e3a578bd753c480961f07f7
dfa92f2be50ce49f7dd6e45f4f093a0d3c199b301435d612820ab198b05e35cb
e2a6287a9cce5ae497d0bab3d1a7f4c8aa09499870f50e64534d70af4eec93cb
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e441c3e2771625ba05630ab464275136a82c99650ee2145ca5aa9853bedeb01b
eb4b7a1be5f80c37ac74daa6f20b193b24414f23da856ad2560a0053e65a2cb7

luckydays.com Open in urlscan Pro 2606:4700::6810:af33 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page URL History Show full URLs

Detected technologies

Page Statistics

69 Requests

99 %HTTPS

38 %IPv6

19 Domains

23 Subdomains

20 IPs

6 Countries

2153 kBTransfer

10300 kBSize

9 Cookies

3 Outgoing links

Page URL History

Redirected requests

69 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 0 data transactions

Request headers

Response headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

luckydays.com Open in urlscan Pro
2606:4700::6810:af33 Public Scan

Screenshot
Live screenshot

Full Image

69
Requests

99 %
HTTPS

38 %
IPv6

19
Domains

23
Subdomains

20
IPs

6
Countries

2153 kB
Transfer

10300 kB
Size

9
Cookies

69 HTTP transactions
0 data transactions