urlscan.io logo urlscan.io
SecurityTrails logo

www.luckycreek.com Open in urlscan Pro
104.18.199.11  Public Scan

Go To Rescan Add Verdict Report
Submitted URL: https://b2.mytvids.com/
Effective URL: https://www.luckycreek.com/welcome/lc-aviator/?TrackingToken=LKR8eJ-3kJk-njN2e8kWtWNd7ZgqdRLk
Submission: On March 24 via api from US — Scanned from US
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 17 IPs in 1 countries across 17 domains to perform 51 HTTP transactions. The main IP is 104.18.199.11, located in and belongs to . The main domain is www.luckycreek.com.
TLS certificate: Issued by E1 on January 26th 2024. Valid for: 3 months.
This is the only time www.luckycreek.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

4    2606:4700:3035::6815:99f (United States)

ASN13335 (CLOUDFLARENET, US)
b2.mytvids.com
c5.mytvids.com
6    2606:4700:e0::ac40:6a24 (United States)

ASN13335 (CLOUDFLARENET, US)
trk-keingent.com
event.trk-keingent.com
1    2606:4700:3031::6815:21ab (United States)

ASN13335 (CLOUDFLARENET, US)
click.trackwora.com
2    154.16.205.113 (Buffalo, United States)

ASN20278 (NEXEON, US)
0vcxs.linkstonow.com
0vcxs.offersforetoday.com
1    104.18.189.136 (None, )

ASN- ()
record.genesysaffiliates.com
16    104.18.199.11 (None, )

ASN- ()
www.luckycreek.com
1    2607:f8b0:4006:81e::200e (None, )

ASN- ()
www.googleoptimize.com
2    2607:f8b0:4006:80a::2008 (None, )

ASN- ()
www.googletagmanager.com
4    2606:4700::6813:9308 (None, )

ASN- ()
script.crazyegg.com
3    2600:9000:24f0:e400:17:7a94:8b80:93a1 (None, )

ASN- ()
ca-assets.cerebrospace.net
1    2606:4700::6810:4f49 (None, )

ASN- ()
static.cloudflareinsights.com
2    2607:f8b0:4006:80e::200e (None, )

ASN- ()
www.google-analytics.com
1    2607:f8b0:4004:c07::9d (None, )

ASN- ()
stats.g.doubleclick.net
1    2607:f8b0:4006:81f::2004 (None, )

ASN- ()
www.google.com
4    66.212.230.32 (None, )

ASN- ()
kore.bosurl.net
1    2606:4700:3034::ac43:dd9f (None, )

ASN- ()
location-api.blue-ion.workers.dev
1    13.35.93.121 (None, )

ASN- ()
pagestates-tracking.crazyegg.com
1    18.238.49.127 (None, )

ASN- ()
assets-tracking.crazyegg.com
1    3.140.70.217 (None, )

ASN- ()
tracking.crazyegg.com
Domain Requested by
16 www.luckycreek.com 1 redirects c5.mytvids.com
www.luckycreek.com
ca-assets.cerebrospace.net
4 kore.bosurl.net ca-assets.cerebrospace.net
4 script.crazyegg.com www.luckycreek.com
script.crazyegg.com
4 event.trk-keingent.com trk-keingent.com
3 ca-assets.cerebrospace.net www.luckycreek.com
ca-assets.cerebrospace.net
2 www.google-analytics.com www.googletagmanager.com
www.google-analytics.com
2 www.googletagmanager.com www.luckycreek.com
www.googleoptimize.com
2 c5.mytvids.com b2.mytvids.com
c5.mytvids.com
2 trk-keingent.com b2.mytvids.com
c5.mytvids.com
2 b2.mytvids.com b2.mytvids.com
1 tracking.crazyegg.com script.crazyegg.com
1 assets-tracking.crazyegg.com script.crazyegg.com
1 pagestates-tracking.crazyegg.com script.crazyegg.com
1 location-api.blue-ion.workers.dev ca-assets.cerebrospace.net
1 www.google.com www.luckycreek.com
1 stats.g.doubleclick.net ca-assets.cerebrospace.net
1 static.cloudflareinsights.com www.luckycreek.com
1 www.googleoptimize.com www.luckycreek.com
1 record.genesysaffiliates.com 1 redirects
1 0vcxs.offersforetoday.com 1 redirects
1 0vcxs.linkstonow.com 1 redirects
1 click.trackwora.com 1 redirects
51 22

This site contains no links.

Subject Issuer Validity Valid
mytvids.com
GTS CA 1P5		 2024-03-20 -
2024-06-18		 3 months crt.sh
trk-keingent.com
GTS CA 1P5		 2024-01-29 -
2024-04-28		 3 months crt.sh
www.luckycreek.com
E1		 2024-01-26 -
2024-04-25		 3 months crt.sh
*.google-analytics.com
GTS CA 1C3		 2024-02-26 -
2024-05-20		 3 months crt.sh
script.crazyegg.com
E1		 2024-02-06 -
2024-05-06		 3 months crt.sh
ca-assets.cerebrospace.net
Amazon RSA 2048 M03		 2024-03-07 -
2025-04-05		 a year crt.sh
cloudflareinsights.com
GTS CA 1P5		 2024-03-10 -
2024-06-08		 3 months crt.sh
*.g.doubleclick.net
GTS CA 1C3		 2024-02-26 -
2024-05-20		 3 months crt.sh
www.google.com
GTS CA 1C3		 2024-02-26 -
2024-05-20		 3 months crt.sh
*.bosurl.net
Sectigo RSA Domain Validation Secure Server CA		 2023-10-17 -
2024-11-16		 a year crt.sh
blue-ion.workers.dev
GTS CA 1P5		 2024-02-22 -
2024-05-22		 3 months crt.sh
crazyegg.com
Amazon RSA 2048 M02		 2023-05-28 -
2024-06-26		 a year crt.sh

This page contains 4 frames:

Primary Page: https://www.luckycreek.com/welcome/lc-aviator/?TrackingToken=LKR8eJ-3kJk-njN2e8kWtWNd7ZgqdRLk
Frame ID: 2E81C946DE4FECB7DB81F13F8DA827DB
Requests: 39 HTTP requests in this frame

Frame: https://ca-assets.cerebrospace.net/reg-form/forms/register/index.html
Frame ID: 0272940F3AC8027F502CD09516A3F6FF
Requests: 2 HTTP requests in this frame

Frame: https://www.luckycreek.com/cdn-cgi/challenge-platform/h/g/scripts/jsd/dc6b543c1346/main.js
Frame ID: 00698FD6DD6BBB99C271BCE4D5CF6FB8
Requests: 2 HTTP requests in this frame

Frame: https://script.crazyegg.com/pages/data-scripts/0102/2282/sampling/www.luckycreek.com.json?t=475359
Frame ID: 4EDB9963BD001B043F66068BC90E98E9
Requests: 4 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page URL History Show full URLs

  1. https://b2.mytvids.com/ Page URL
  2. https://c5.mytvids.com/?cnv_id=undefined Page URL
  3. https://click.trackwora.com/in/01HRA82VFM6GKE7Y0966JZ66CF?source=redirectDenied HTTP 302
    https://0vcxs.linkstonow.com/?kw=106304&s1=b982020e-ff57-4879-bfdc-c2c9f2e89f56 HTTP 302
    https://0vcxs.offersforetoday.com/o/1S0CJ2DC/cb7cb758-e9f0-11ee-993f-0387e52cbdac/cb85dd1a-e9f0-11ee-b6e9-bba9... HTTP 302
    https://record.genesysaffiliates.com/_bjQuqXlt20XcZqOhwjy242Nd7ZgqdRLk/1/?payload=cbe7f84c-e9f0-11ee-9369-ef09fc3... HTTP 301
    https://www.luckycreek.com/welcome/lc-aviator/?TrackingToken=LKR8eJ-3kJk-njN2e8kWtWNd7ZgqdRLk Page URL

Detected technologies

Overall confidence: 100%
Detected patterns
  • static\.cloudflareinsights\.com/beacon(?:\.min)?\.js
Overall confidence: 100%
Detected patterns
  • script\.crazyegg\.com/pages/scripts/\d+/\d+\.js
Overall confidence: 100%
Detected patterns
  • google-analytics\.com/(?:ga|urchin|analytics)\.js
Overall confidence: 100%
Detected patterns
  • googleoptimize\.com/optimize\.js
Overall confidence: 100%
Detected patterns
  • googletagmanager\.com/gtag/js

Page Statistics

51
Requests

92 %
HTTPS

63 %
IPv6

17
Domains

22
Subdomains

17
IPs

1
Countries

1714 kB
Transfer

3284 kB
Size

4
Cookies

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

  1. https://b2.mytvids.com/ Page URL
  2. https://c5.mytvids.com/?cnv_id=undefined Page URL
  3. https://click.trackwora.com/in/01HRA82VFM6GKE7Y0966JZ66CF?source=redirectDenied HTTP 302
    https://0vcxs.linkstonow.com/?kw=106304&s1=b982020e-ff57-4879-bfdc-c2c9f2e89f56 HTTP 302
    https://0vcxs.offersforetoday.com/o/1S0CJ2DC/cb7cb758-e9f0-11ee-993f-0387e52cbdac/cb85dd1a-e9f0-11ee-b6e9-bba9424f2dd0 HTTP 302
    https://record.genesysaffiliates.com/_bjQuqXlt20XcZqOhwjy242Nd7ZgqdRLk/1/?payload=cbe7f84c-e9f0-11ee-9369-ef09fc3297a0& HTTP 301
    https://www.luckycreek.com/welcome/lc-aviator/?TrackingToken=LKR8eJ-3kJk-njN2e8kWtWNd7ZgqdRLk Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 32
  • https://www.luckycreek.com/cdn-cgi/challenge-platform/scripts/jsd/main.js HTTP 302
  • https://www.luckycreek.com/cdn-cgi/challenge-platform/h/g/scripts/jsd/dc6b543c1346/main.js

51 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
/
b2.mytvids.com/ 		10 KB
5 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://b2.mytvids.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3035::6815:99f , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36
accept-language
en-US,en;q=0.9

Response headers

alt-svc
h3=":443"; ma=86400
cf-cache-status
DYNAMIC
cf-ray
86979809ebe9741e-MIA
content-encoding
br
content-type
text/html
date
Sun, 24 Mar 2024 15:11:28 GMT
last-modified
Tue, 19 Mar 2024 18:56:11 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=EjN1wx6pI1e2xXW%2Fua4aeN7%2BtMAUp6y%2F5mseTCGTX87lFkKRu%2F6UoThAoiY0t8DP%2FPYV3HOVxuidhmGTitFEycr1DOgCsf1kV9akpHhtCZbbbObIEG%2B2EEaVnx3UyxWbhQmIc11GW6WFEMi4VQ%3D%3D"}],"group":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
57dknm4dw8
trk-keingent.com/scripts/push/script/ 		7 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://trk-keingent.com/scripts/push/script/57dknm4dw8?url=b2.mytvids.com&alturl=/
Requested by
Host: b2.mytvids.com
URL: https://b2.mytvids.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:e0::ac40:6a24 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
Security Headers
Name Value
Content-Security-Policy default-src 'self'; frame-src 'self' data:; connect-src 'self' https://cdn-media-2020.s3.amazonaws.com; script-src 'self' 'unsafe-inline' 'unsafe-eval' https://storage.googleapis.com; style-src 'self' 'unsafe-inline'; img-src * 'self' https://* blob: data:; font-src 'self' data:
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

accept-language
en-US,en;q=0.9
Referer
https://b2.mytvids.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

date
Sun, 24 Mar 2024 15:11:28 GMT
content-security-policy
default-src 'self'; frame-src 'self' data:; connect-src 'self' https://cdn-media-2020.s3.amazonaws.com; script-src 'self' 'unsafe-inline' 'unsafe-eval' https://storage.googleapis.com; style-src 'self' 'unsafe-inline'; img-src * 'self' https://* blob: data:; font-src 'self' data:
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
33
content-encoding
br
alt-svc
h3=":443"; ma=86400
x-xss-protection
1; mode=block
pragma
no-cache
referrer-policy
strict-origin-when-cross-origin
last-modified
Sun, 24 Mar 2024 15:10:55 GMT
server
cloudflare
x-frame-options
SAMEORIGIN
vary
Origin, Access-Control-Request-Method, Access-Control-Request-Headers
content-type
application/javascript;charset=UTF-8
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=%2BqjM33FQQ38bExmrV1HfwHgl9xra9w8X5wE2CjwsztUSbbcb0lipqgztDsjmBSqBl0l%2BTYu2aMxj1k2w8DnrsusUIj%2Bl30iBACcQDnMtrA0Nu%2FdFSKqx0zVQNaf%2FFokizKuYjKyBKfbXyt1TicPF"}],"group":"cf-nel","max_age":604800}
cache-control
max-age=14400, must-revalidate
permissions-policy
camera=(), fullscreen=(self), geolocation=(), gyroscope=(), magnetometer=(), microphone=(), midi=(), payment=(), sync-xhr=()
cf-ray
8697980cf922875b-MIA
expires
0
play.png
b2.mytvids.com/images/play/ 		11 KB
11 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://b2.mytvids.com/images/play/play.png
Requested by
Host: b2.mytvids.com
URL: https://b2.mytvids.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3035::6815:99f , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash

Request headers

accept-language
en-US,en;q=0.9
Referer
https://b2.mytvids.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

date
Sun, 24 Mar 2024 15:11:28 GMT
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
423999
alt-svc
h3=":443"; ma=86400
content-length
11015
last-modified
Thu, 14 Mar 2019 13:22:18 GMT
server
cloudflare
etag
"5c8a558a-2b07"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=msLChtj%2BrC2tvq45tM6AyQ7dzbrfb7agJ5cxy0x9hp7X40WgOIc9PiPDmPa5Pa%2BQOGWu3k27RLveWBVxKWuNtu23tgiteFCZ4m7kUrE2IEfNva%2FJ5CowFQmUiXy6iIRUaIOI11R1FEycDgJViA%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/png
cache-control
max-age=2592000
accept-ranges
bytes
cf-ray
8697980c6f63741e-MIA
expires
Thu, 18 Apr 2024 17:24:49 GMT
/
c5.mytvids.com/ 		10 KB
5 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://c5.mytvids.com/?cnv_id=undefined
Requested by
Host: b2.mytvids.com
URL: https://b2.mytvids.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3035::6815:99f , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash

Request headers

Referer
https://b2.mytvids.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36
accept-language
en-US,en;q=0.9

Response headers

alt-svc
h3=":443"; ma=86400
cf-cache-status
DYNAMIC
cf-ray
8697980cf816741e-MIA
content-encoding
br
content-type
text/html
date
Sun, 24 Mar 2024 15:11:29 GMT
last-modified
Tue, 19 Mar 2024 18:56:11 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=rMbXml8Qj52MDbLS8gckF6KHthccbXZd66C5kywVTfiAqpyKTpmq00Z08%2BfK4agmd7oRtog95wEpzOsoEdRaETSsN72t9tC%2FPfUW9prqk4e7skIDz3Q18qjv2hy%2Brgu%2FLUGUNEuX9q5W8MvrVQ%3D%3D"}],"group":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
57dknm4dw8
trk-keingent.com/scripts/push/script/ 		7 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://trk-keingent.com/scripts/push/script/57dknm4dw8?url=c5.mytvids.com&alturl=/
Requested by
Host: c5.mytvids.com
URL: https://c5.mytvids.com/?cnv_id=undefined
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:e0::ac40:6a24 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
Security Headers
Name Value
Content-Security-Policy default-src 'self'; frame-src 'self' data:; connect-src 'self' https://cdn-media-2020.s3.amazonaws.com; script-src 'self' 'unsafe-inline' 'unsafe-eval' https://storage.googleapis.com; style-src 'self' 'unsafe-inline'; img-src * 'self' https://* blob: data:; font-src 'self' data:
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

accept-language
en-US,en;q=0.9
Referer
https://c5.mytvids.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

date
Sun, 24 Mar 2024 15:11:29 GMT
content-security-policy
default-src 'self'; frame-src 'self' data:; connect-src 'self' https://cdn-media-2020.s3.amazonaws.com; script-src 'self' 'unsafe-inline' 'unsafe-eval' https://storage.googleapis.com; style-src 'self' 'unsafe-inline'; img-src * 'self' https://* blob: data:; font-src 'self' data:
x-content-type-options
nosniff
cf-cache-status
MISS
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
content-encoding
br
alt-svc
h3=":443"; ma=86400
x-xss-protection
1; mode=block
pragma
no-cache
referrer-policy
strict-origin-when-cross-origin
last-modified
Sun, 24 Mar 2024 15:11:29 GMT
server
cloudflare
x-frame-options
SAMEORIGIN
vary
Origin, Access-Control-Request-Method, Access-Control-Request-Headers
content-type
application/javascript;charset=UTF-8
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=oQNt5gWLxKFBNYRhJkAE7w3vX4cNzd2GxlE0Ww9EDvjYqb14WMj0PVGkK4s3GaJNC%2F0M0tXSIc9UHbdMMmwz%2FOUSqwxm2yPvdyefzBThiJGiV8qKMCbPJz68Nb6yQDBGzU5HiVcrr8pZTh%2B0%2F%2B3o"}],"group":"cf-nel","max_age":604800}
cache-control
max-age=14400, must-revalidate
permissions-policy
camera=(), fullscreen=(self), geolocation=(), gyroscope=(), magnetometer=(), microphone=(), midi=(), payment=(), sync-xhr=()
cf-ray
86979810bd90875b-MIA
expires
0
play.png
c5.mytvids.com/images/play/ 		11 KB
11 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://c5.mytvids.com/images/play/play.png
Requested by
Host: c5.mytvids.com
URL: https://c5.mytvids.com/?cnv_id=undefined
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3035::6815:99f , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash

Request headers

accept-language
en-US,en;q=0.9
Referer
https://c5.mytvids.com/?cnv_id=undefined
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

date
Sun, 24 Mar 2024 15:11:29 GMT
cf-cache-status
MISS
last-modified
Thu, 14 Mar 2019 13:22:18 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
etag
"5c8a558a-2b07"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=kWRhR09x0tJ4MI%2BtjuoGQI0PI582KmPpUuB7cSTBeVv%2BF9ttI938j1mK3jfWuxn6TU0lBue2nj9RtUcUDd6j3qAJOD6YRi0TaqIeTEW9tvBsREiN%2FSckTQg4M1a1uM2n1ks5jvDOUZWxttf8rQ%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/png
cache-control
max-age=2592000
accept-ranges
bytes
cf-ray
8697981058289aba-MIA
alt-svc
h3=":443"; ma=86400
content-length
11015
expires
Tue, 23 Apr 2024 15:11:29 GMT
Primary Request /
www.luckycreek.com/welcome/lc-aviator/
Redirect Chain
  • https://click.trackwora.com/in/01HRA82VFM6GKE7Y0966JZ66CF?source=redirectDenied
  • https://0vcxs.linkstonow.com/?kw=106304&s1=b982020e-ff57-4879-bfdc-c2c9f2e89f56
  • https://0vcxs.offersforetoday.com/o/1S0CJ2DC/cb7cb758-e9f0-11ee-993f-0387e52cbdac/cb85dd1a-e9f0-11ee-b6e9-bba9424f2dd0
  • https://record.genesysaffiliates.com/_bjQuqXlt20XcZqOhwjy242Nd7ZgqdRLk/1/?payload=cbe7f84c-e9f0-11ee-9369-ef09fc3297a0&
  • https://www.luckycreek.com/welcome/lc-aviator/?TrackingToken=LKR8eJ-3kJk-njN2e8kWtWNd7ZgqdRLk
444 KB
119 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://www.luckycreek.com/welcome/lc-aviator/?TrackingToken=LKR8eJ-3kJk-njN2e8kWtWNd7ZgqdRLk
Requested by
Host: c5.mytvids.com
URL: https://c5.mytvids.com/?cnv_id=undefined
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.18.199.11 -, , ASN (),
Reverse DNS
Software
cloudflare /
Resource Hash
2fbf762c857f180d2054d0bc9a8848dd94525164dadac340b3139dc4b6fe0216
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://c5.mytvids.com/?cnv_id=undefined
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36
accept-language
en-US,en;q=0.9

Response headers

access-control-allow-origin
*
cache-control
public, max-age=0, must-revalidate
cf-ray
869798240e384c22-MIA
content-encoding
gzip
content-type
text/html; charset=utf-8
date
Sun, 24 Mar 2024 15:11:32 GMT
referrer-policy
strict-origin-when-cross-origin
server
cloudflare
vary
Accept-Encoding
x-content-type-options
nosniff

Redirect headers

access-control-allow-origin
*
cache-control
private, no-cache, must-revalidate
cf-cache-status
BYPASS
cf-ray
869798218beadb0d-MIA
content-type
text/html; charset=utf-8
date
Sun, 24 Mar 2024 15:11:32 GMT
expires
Sat, 26 Jul 1997 05:00:00 GMT
location
https://www.luckycreek.com/welcome/lc-aviator/?TrackingToken=LKR8eJ-3kJk-njN2e8kWtWNd7ZgqdRLk
pragma
no-cache
server
cloudflare
vary
Accept-Encoding
x-powered-by
ZBan
q5ej252yg0
event.trk-keingent.com/register/event_log/ 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://event.trk-keingent.com/register/event_log/q5ej252yg0
Requested by
Host: trk-keingent.com
URL: https://trk-keingent.com/scripts/push/script/57dknm4dw8?url=c5.mytvids.com&alturl=/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:e0::ac40:6a24 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
Security Headers
Name Value
Content-Security-Policy default-src 'self'; frame-src 'self' data:; connect-src 'self' https://cdn-media-2020.s3.amazonaws.com; script-src 'self' 'unsafe-inline' 'unsafe-eval' https://storage.googleapis.com; style-src 'self' 'unsafe-inline'; img-src * 'self' https://* blob: data:; font-src 'self' data:
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Referer
https://c5.mytvids.com/
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36
Content-type
application/json

Response headers

expires
0
date
Sun, 24 Mar 2024 15:11:31 GMT
content-security-policy
default-src 'self'; frame-src 'self' data:; connect-src 'self' https://cdn-media-2020.s3.amazonaws.com; script-src 'self' 'unsafe-inline' 'unsafe-eval' https://storage.googleapis.com; style-src 'self' 'unsafe-inline'; img-src * 'self' https://* blob: data:; font-src 'self' data:
x-content-type-options
nosniff
cf-cache-status
DYNAMIC
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-pushplatformapp-alert
pushPlatformApp.pushSubscription.deleted
alt-svc
h3=":443"; ma=86400
content-length
0
x-xss-protection
1; mode=block
pragma
no-cache
referrer-policy
strict-origin-when-cross-origin
server
cloudflare
x-frame-options
SAMEORIGIN
vary
Origin, Access-Control-Request-Method, Access-Control-Request-Headers
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=BL6z%2B%2FYonmX%2FdZOTe8du7h1F4WGrMxcDbW5o2oSAkfg3vw9Drvyt784GsF%2FgpOQ8QQN9pHZxRq6X8DGmt2iPoShBJum7EsneSF9GbjUpvXk0aZN5adPBjVvj7fGsM4e9xDxyHhE0Wdjo5x7GN3AGwtiV3f1v"}],"group":"cf-nel","max_age":604800}
access-control-allow-origin
*
access-control-expose-headers
Authorization, Link, X-Total-Count, X-pushPlatformApp-alert, X-pushPlatformApp-error, X-pushPlatformApp-params
cache-control
no-cache, no-store, max-age=0, must-revalidate
permissions-policy
camera=(), fullscreen=(self), geolocation=(), gyroscope=(), magnetometer=(), microphone=(), midi=(), payment=(), sync-xhr=()
cf-ray
8697981c29ef0a16-MIA
x-pushplatformapp-params
q5ej252yg0
event.trk-keingent.com/register/event_log/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://event.trk-keingent.com/register/event_log/q5ej252yg0
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:e0::ac40:6a24 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
Security Headers
Name Value
Content-Security-Policy default-src 'self'; frame-src 'self' data:; connect-src 'self' https://cdn-media-2020.s3.amazonaws.com; script-src 'self' 'unsafe-inline' 'unsafe-eval' https://storage.googleapis.com; style-src 'self' 'unsafe-inline'; img-src * 'self' https://* blob: data:; font-src 'self' data:
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Accept
*/*
Access-Control-Request-Headers
content-type
Access-Control-Request-Method
POST
Origin
https://c5.mytvids.com
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

access-control-allow-headers
content-type
access-control-allow-methods
POST
access-control-allow-origin
*
access-control-expose-headers
Authorization, Link, X-Total-Count, X-pushPlatformApp-alert, X-pushPlatformApp-error, X-pushPlatformApp-params
access-control-max-age
1800
alt-svc
h3=":443"; ma=86400
cache-control
no-cache, no-store, max-age=0, must-revalidate
cf-cache-status
DYNAMIC
cf-ray
8697981bb95e0a16-MIA
content-length
0
content-security-policy
default-src 'self'; frame-src 'self' data:; connect-src 'self' https://cdn-media-2020.s3.amazonaws.com; script-src 'self' 'unsafe-inline' 'unsafe-eval' https://storage.googleapis.com; style-src 'self' 'unsafe-inline'; img-src * 'self' https://* blob: data:; font-src 'self' data:
date
Sun, 24 Mar 2024 15:11:31 GMT
expires
0
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
permissions-policy
camera=(), fullscreen=(self), geolocation=(), gyroscope=(), magnetometer=(), microphone=(), midi=(), payment=(), sync-xhr=()
pragma
no-cache
referrer-policy
strict-origin-when-cross-origin
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=RLQoILZdhZK8RvUpsR%2FbEcQ6yP7BUXJp8xUqtLajnviBFVC%2BkGH4TE46oqDR62A0xSVtceoAPwnSBoZ2Jp0T9TvrHRTcFQMbr7h4VOxy9c%2ByNi1FbnDcLyrzjQ3YlIrwFtfjE%2BU8N5zsZEfpc4nFf8tmslrX"}],"group":"cf-nel","max_age":604800}
server
cloudflare
vary
Origin Access-Control-Request-Method Access-Control-Request-Headers
x-content-type-options
nosniff
x-frame-options
SAMEORIGIN
x-xss-protection
1; mode=block
q5ej252yg0
event.trk-keingent.com/register/event_log/ 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://event.trk-keingent.com/register/event_log/q5ej252yg0
Requested by
Host: trk-keingent.com
URL: https://trk-keingent.com/scripts/push/script/57dknm4dw8?url=c5.mytvids.com&alturl=/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:e0::ac40:6a24 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
Security Headers
Name Value
Content-Security-Policy default-src 'self'; frame-src 'self' data:; connect-src 'self' https://cdn-media-2020.s3.amazonaws.com; script-src 'self' 'unsafe-inline' 'unsafe-eval' https://storage.googleapis.com; style-src 'self' 'unsafe-inline'; img-src * 'self' https://* blob: data:; font-src 'self' data:
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Referer
https://c5.mytvids.com/
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36
Content-type
application/json

Response headers

expires
0
date
Sun, 24 Mar 2024 15:11:31 GMT
content-security-policy
default-src 'self'; frame-src 'self' data:; connect-src 'self' https://cdn-media-2020.s3.amazonaws.com; script-src 'self' 'unsafe-inline' 'unsafe-eval' https://storage.googleapis.com; style-src 'self' 'unsafe-inline'; img-src * 'self' https://* blob: data:; font-src 'self' data:
x-content-type-options
nosniff
cf-cache-status
DYNAMIC
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-pushplatformapp-alert
pushPlatformApp.pushSubscription.deleted
alt-svc
h3=":443"; ma=86400
content-length
0
x-xss-protection
1; mode=block
pragma
no-cache
referrer-policy
strict-origin-when-cross-origin
server
cloudflare
x-frame-options
SAMEORIGIN
vary
Origin, Access-Control-Request-Method, Access-Control-Request-Headers
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=ZJAsx1EkAXKTDcsxjRKZ1r45QktJu8hnkUpbB6lm52WZQ0Osz7cNgvZc%2FUqE9XXMrw27qwuaEYCX92LmElysXeQlqhyTlCg%2FaeOVq9JQgMRgZcmjvQoj8FTuMRh7k4Ukg3yvClLhQGR7Uh0vSjVKptQh09AK"}],"group":"cf-nel","max_age":604800}
access-control-allow-origin
*
access-control-expose-headers
Authorization, Link, X-Total-Count, X-pushPlatformApp-alert, X-pushPlatformApp-error, X-pushPlatformApp-params
cache-control
no-cache, no-store, max-age=0, must-revalidate
permissions-policy
camera=(), fullscreen=(self), geolocation=(), gyroscope=(), magnetometer=(), microphone=(), midi=(), payment=(), sync-xhr=()
cf-ray
8697981c29f50a16-MIA
x-pushplatformapp-params
q5ej252yg0
event.trk-keingent.com/register/event_log/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://event.trk-keingent.com/register/event_log/q5ej252yg0
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:e0::ac40:6a24 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
Security Headers
Name Value
Content-Security-Policy default-src 'self'; frame-src 'self' data:; connect-src 'self' https://cdn-media-2020.s3.amazonaws.com; script-src 'self' 'unsafe-inline' 'unsafe-eval' https://storage.googleapis.com; style-src 'self' 'unsafe-inline'; img-src * 'self' https://* blob: data:; font-src 'self' data:
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Accept
*/*
Access-Control-Request-Headers
content-type
Access-Control-Request-Method
POST
Origin
https://c5.mytvids.com
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

access-control-allow-headers
content-type
access-control-allow-methods
POST
access-control-allow-origin
*
access-control-expose-headers
Authorization, Link, X-Total-Count, X-pushPlatformApp-alert, X-pushPlatformApp-error, X-pushPlatformApp-params
access-control-max-age
1800
alt-svc
h3=":443"; ma=86400
cache-control
no-cache, no-store, max-age=0, must-revalidate
cf-cache-status
DYNAMIC
cf-ray
8697981bb9590a16-MIA
content-length
0
content-security-policy
default-src 'self'; frame-src 'self' data:; connect-src 'self' https://cdn-media-2020.s3.amazonaws.com; script-src 'self' 'unsafe-inline' 'unsafe-eval' https://storage.googleapis.com; style-src 'self' 'unsafe-inline'; img-src * 'self' https://* blob: data:; font-src 'self' data:
date
Sun, 24 Mar 2024 15:11:31 GMT
expires
0
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
permissions-policy
camera=(), fullscreen=(self), geolocation=(), gyroscope=(), magnetometer=(), microphone=(), midi=(), payment=(), sync-xhr=()
pragma
no-cache
referrer-policy
strict-origin-when-cross-origin
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=3q9MP%2FdiGrbllF5jpYhrzr6MuuuCYM2MnZc%2F3pmfNFZQa9UtZeAKaDSeF48yIMZV80kMz66pJiNQs6g1RJfLxyCwboYLBfqXAjdsFwjvdYcH5XQopcwaPe%2Bw8ObbX6B1tZBIvbcSEAQnacqVx%2FkGu2W%2BFHj4"}],"group":"cf-nel","max_age":604800}
server
cloudflare
vary
Origin Access-Control-Request-Method Access-Control-Request-Headers
x-content-type-options
nosniff
x-frame-options
SAMEORIGIN
x-xss-protection
1; mode=block
optimize.js
www.googleoptimize.com/ 		190 KB
69 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googleoptimize.com/optimize.js?id=OPT-MS3B5J7
Requested by
Host: www.luckycreek.com
URL: https://www.luckycreek.com/welcome/lc-aviator/?TrackingToken=LKR8eJ-3kJk-njN2e8kWtWNd7ZgqdRLk
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4006:81e::200e -, , ASN (),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
8341e67ab7f1dc3dc31d2bb2ade4ed0348b437b697d2c128d86a0c4c74d69298
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.luckycreek.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

date
Sun, 24 Mar 2024 15:11:33 GMT
content-encoding
br
strict-transport-security
max-age=31536000; includeSubDomains
server
Google Tag Manager
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
access-control-allow-headers
Cache-Control
content-length
70471
x-xss-protection
0
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires
Sun, 24 Mar 2024 15:11:33 GMT
js
www.googletagmanager.com/gtag/ 		184 KB
67 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagmanager.com/gtag/js?id=UA-20983594-2
Requested by
Host: www.luckycreek.com
URL: https://www.luckycreek.com/welcome/lc-aviator/?TrackingToken=LKR8eJ-3kJk-njN2e8kWtWNd7ZgqdRLk
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4006:80a::2008 -, , ASN (),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
adc8e058a67e9119e46ad9c3b205895c1dac38b5b1f184442e740ddc138ee87e
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.luckycreek.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

date
Sun, 24 Mar 2024 15:11:33 GMT
content-encoding
br
strict-transport-security
max-age=31536000; includeSubDomains
server
Google Tag Manager
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
access-control-allow-headers
Cache-Control
content-length
68632
x-xss-protection
0
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires
Sun, 24 Mar 2024 15:11:33 GMT
2282.js
script.crazyegg.com/pages/scripts/0102/ 		6 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://script.crazyegg.com/pages/scripts/0102/2282.js
Requested by
Host: www.luckycreek.com
URL: https://www.luckycreek.com/welcome/lc-aviator/?TrackingToken=LKR8eJ-3kJk-njN2e8kWtWNd7ZgqdRLk
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6813:9308 -, , ASN (),
Reverse DNS
Software
cloudflare /
Resource Hash
e34252e3d2e360606ccb2b347db3017a3ff42f50e0ce64f784e3485c3b12366a

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.luckycreek.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

date
Sun, 24 Mar 2024 15:11:33 GMT
content-encoding
gzip
cf-cache-status
HIT
age
15348
cf-polished
origSize=6112
ce-version
11.5.195
cf-bgj
minify
last-modified
Sun, 24 Mar 2024 10:55:45 GMT
server
cloudflare
vary
Accept-Encoding
content-type
text/javascript
access-control-allow-origin
*
access-control-expose-headers
CE-Version
cache-control
public, max-age=300, s-maxage=1209600
timing-allow-origin
*
cf-ray
8697982a6ba4743a-MIA
c8c832a18625b7d2210e9fa7d2e5da4671f46a0f.png
www.luckycreek.com/welcome/lc-aviator/ 		33 KB
34 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.luckycreek.com/welcome/lc-aviator/c8c832a18625b7d2210e9fa7d2e5da4671f46a0f.png
Requested by
Host: www.luckycreek.com
URL: https://www.luckycreek.com/welcome/lc-aviator/?TrackingToken=LKR8eJ-3kJk-njN2e8kWtWNd7ZgqdRLk
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.18.199.11 -, , ASN (),
Reverse DNS
Software
cloudflare /
Resource Hash
36569f44a76f1bcafc43af08e69d6810d1c237bd3bd881a45f0bfa447be810f3
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.luckycreek.com/welcome/lc-aviator/?TrackingToken=LKR8eJ-3kJk-njN2e8kWtWNd7ZgqdRLk
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

date
Sun, 24 Mar 2024 15:11:32 GMT
referrer-policy
strict-origin-when-cross-origin
x-content-type-options
nosniff
server
cloudflare
etag
"1f39d96ad6c4ac9b7d3615f27e176522"
vary
Accept-Encoding
content-type
image/png
access-control-allow-origin
*
cache-control
public, max-age=0, must-revalidate
cf-ray
8697982659a54c22-MIA
content-length
34122
854d066710fb01870c33a632669927dde024dd3f.png
www.luckycreek.com/welcome/lc-aviator/ 		57 KB
57 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.luckycreek.com/welcome/lc-aviator/854d066710fb01870c33a632669927dde024dd3f.png
Requested by
Host: www.luckycreek.com
URL: https://www.luckycreek.com/welcome/lc-aviator/?TrackingToken=LKR8eJ-3kJk-njN2e8kWtWNd7ZgqdRLk
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.18.199.11 -, , ASN (),
Reverse DNS
Software
cloudflare /
Resource Hash
0728aa11f44b32973d5822c6cebd7173855bdb82fe5bd605ed0f5caf7f12f8e5
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.luckycreek.com/welcome/lc-aviator/?TrackingToken=LKR8eJ-3kJk-njN2e8kWtWNd7ZgqdRLk
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

date
Sun, 24 Mar 2024 15:11:32 GMT
referrer-policy
strict-origin-when-cross-origin
x-content-type-options
nosniff
server
cloudflare
etag
"1c4d7449017dd19ccd6b94e437991065"
vary
Accept-Encoding
content-type
image/png
access-control-allow-origin
*
cache-control
public, max-age=0, must-revalidate
cf-ray
8697982659a64c22-MIA
content-length
57934
e7b15c949f4380ec0f3cc73f95965bf8b21f83bf.png
www.luckycreek.com/welcome/lc-aviator/ 		19 KB
19 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.luckycreek.com/welcome/lc-aviator/e7b15c949f4380ec0f3cc73f95965bf8b21f83bf.png
Requested by
Host: www.luckycreek.com
URL: https://www.luckycreek.com/welcome/lc-aviator/?TrackingToken=LKR8eJ-3kJk-njN2e8kWtWNd7ZgqdRLk
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.18.199.11 -, , ASN (),
Reverse DNS
Software
cloudflare /
Resource Hash
656f35c5fcfd4f00e69a1b50dc93f26916440f984473f1fa9c14cd1d9ebca30c
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.luckycreek.com/welcome/lc-aviator/?TrackingToken=LKR8eJ-3kJk-njN2e8kWtWNd7ZgqdRLk
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

date
Sun, 24 Mar 2024 15:11:33 GMT
referrer-policy
strict-origin-when-cross-origin
x-content-type-options
nosniff
server
cloudflare
etag
"58268e05f7cbfa9d4fcf64257d3abbbe"
vary
Accept-Encoding
content-type
image/png
access-control-allow-origin
*
cache-control
public, max-age=0, must-revalidate
cf-ray
869798273ab04c22-MIA
content-length
19595
30c37d8b5090335b6fcdf0573d3a37fa27a1b190.png
www.luckycreek.com/welcome/lc-aviator/ 		100 KB
101 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.luckycreek.com/welcome/lc-aviator/30c37d8b5090335b6fcdf0573d3a37fa27a1b190.png
Requested by
Host: www.luckycreek.com
URL: https://www.luckycreek.com/welcome/lc-aviator/?TrackingToken=LKR8eJ-3kJk-njN2e8kWtWNd7ZgqdRLk
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.18.199.11 -, , ASN (),
Reverse DNS
Software
cloudflare /
Resource Hash
3e900d3dbd5efbcd24f57a3e248638c764a53268375c77cb11d2cfdcd787c6c9
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.luckycreek.com/welcome/lc-aviator/?TrackingToken=LKR8eJ-3kJk-njN2e8kWtWNd7ZgqdRLk
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

date
Sun, 24 Mar 2024 15:11:33 GMT
referrer-policy
strict-origin-when-cross-origin
x-content-type-options
nosniff
server
cloudflare
etag
"e973ac259717cfe421af19cde9a0b0aa"
vary
Accept-Encoding
content-type
image/png
access-control-allow-origin
*
cache-control
public, max-age=0, must-revalidate
cf-ray
869798273ab84c22-MIA
content-length
102506
d6e73f1ce01de0ab1a7175daed714e12676e65d5.png
www.luckycreek.com/welcome/lc-aviator/ 		219 KB
219 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.luckycreek.com/welcome/lc-aviator/d6e73f1ce01de0ab1a7175daed714e12676e65d5.png
Requested by
Host: www.luckycreek.com
URL: https://www.luckycreek.com/welcome/lc-aviator/?TrackingToken=LKR8eJ-3kJk-njN2e8kWtWNd7ZgqdRLk
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.18.199.11 -, , ASN (),
Reverse DNS
Software
cloudflare /
Resource Hash
e3c913b93d4855805bf0ea5ebba78d97391cbbc494f1012b160534b0573435e8
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.luckycreek.com/welcome/lc-aviator/?TrackingToken=LKR8eJ-3kJk-njN2e8kWtWNd7ZgqdRLk
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

date
Sun, 24 Mar 2024 15:11:33 GMT
referrer-policy
strict-origin-when-cross-origin
x-content-type-options
nosniff
server
cloudflare
etag
"1eb8d1fbe32e5d6e07b052b20d48a076"
vary
Accept-Encoding
content-type
image/png
access-control-allow-origin
*
cache-control
public, max-age=0, must-revalidate
cf-ray
86979827dba54c22-MIA
content-length
224117
4f53d0ec6fe7aad4b720df5d8703cbe0af3d9443.png
www.luckycreek.com/welcome/lc-aviator/ 		255 KB
256 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.luckycreek.com/welcome/lc-aviator/4f53d0ec6fe7aad4b720df5d8703cbe0af3d9443.png
Requested by
Host: www.luckycreek.com
URL: https://www.luckycreek.com/welcome/lc-aviator/?TrackingToken=LKR8eJ-3kJk-njN2e8kWtWNd7ZgqdRLk
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.18.199.11 -, , ASN (),
Reverse DNS
Software
cloudflare /
Resource Hash
e8f0a73c96f72b5d7daed348034b5c52daeead35bc9dd4d6dce86b28bd8e4870
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.luckycreek.com/welcome/lc-aviator/?TrackingToken=LKR8eJ-3kJk-njN2e8kWtWNd7ZgqdRLk
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

date
Sun, 24 Mar 2024 15:11:33 GMT
referrer-policy
strict-origin-when-cross-origin
x-content-type-options
nosniff
server
cloudflare
etag
"a5f9636be7ea483cb14a334ada75ea4c"
vary
Accept-Encoding
content-type
image/png
access-control-allow-origin
*
cache-control
public, max-age=0, must-revalidate
cf-ray
869798297d734c22-MIA
content-length
261483
3fc71694b70c3ed0a0758a4addaa3a0d4b2f3507.png
www.luckycreek.com/welcome/lc-aviator/ 		15 KB
15 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.luckycreek.com/welcome/lc-aviator/3fc71694b70c3ed0a0758a4addaa3a0d4b2f3507.png
Requested by
Host: www.luckycreek.com
URL: https://www.luckycreek.com/welcome/lc-aviator/?TrackingToken=LKR8eJ-3kJk-njN2e8kWtWNd7ZgqdRLk
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.18.199.11 -, , ASN (),
Reverse DNS
Software
cloudflare /
Resource Hash
1c425423716a3e3a849ffb10e54c060a1f0156e778c4471cea3c0f24b6af45ce
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.luckycreek.com/welcome/lc-aviator/?TrackingToken=LKR8eJ-3kJk-njN2e8kWtWNd7ZgqdRLk
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

date
Sun, 24 Mar 2024 15:11:33 GMT
referrer-policy
strict-origin-when-cross-origin
x-content-type-options
nosniff
server
cloudflare
etag
"a9e03ef4489813defbfea9faf9f7ebf9"
vary
Accept-Encoding
content-type
image/png
access-control-allow-origin
*
cache-control
public, max-age=0, must-revalidate
cf-ray
869798298d784c22-MIA
content-length
15318
f1a651261aa1b43b1e4106634cb57d05c694840e.png
www.luckycreek.com/welcome/lc-aviator/ 		17 KB
17 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.luckycreek.com/welcome/lc-aviator/f1a651261aa1b43b1e4106634cb57d05c694840e.png
Requested by
Host: www.luckycreek.com
URL: https://www.luckycreek.com/welcome/lc-aviator/?TrackingToken=LKR8eJ-3kJk-njN2e8kWtWNd7ZgqdRLk
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.18.199.11 -, , ASN (),
Reverse DNS
Software
cloudflare /
Resource Hash
f12960d3677154c8edac82f3b42662b9337d6ad06f641d0ebb955dfd672c7be4
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.luckycreek.com/welcome/lc-aviator/?TrackingToken=LKR8eJ-3kJk-njN2e8kWtWNd7ZgqdRLk
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

date
Sun, 24 Mar 2024 15:11:33 GMT
referrer-policy
strict-origin-when-cross-origin
x-content-type-options
nosniff
server
cloudflare
etag
"5e6b5e381f71e9dbaead02b2c457c4ac"
vary
Accept-Encoding
content-type
image/png
access-control-allow-origin
*
cache-control
public, max-age=0, must-revalidate
cf-ray
869798298d794c22-MIA
content-length
17444
f49a025b7c21d8bfc7d5026bef759228d58b8692.png
www.luckycreek.com/welcome/lc-aviator/ 		17 KB
17 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.luckycreek.com/welcome/lc-aviator/f49a025b7c21d8bfc7d5026bef759228d58b8692.png
Requested by
Host: www.luckycreek.com
URL: https://www.luckycreek.com/welcome/lc-aviator/?TrackingToken=LKR8eJ-3kJk-njN2e8kWtWNd7ZgqdRLk
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.18.199.11 -, , ASN (),
Reverse DNS
Software
cloudflare /
Resource Hash
f5c3664e83e892dd1a6d013b888ff564202243219334b3afb6273053b6b7885e
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.luckycreek.com/welcome/lc-aviator/?TrackingToken=LKR8eJ-3kJk-njN2e8kWtWNd7ZgqdRLk
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

date
Sun, 24 Mar 2024 15:11:33 GMT
referrer-policy
strict-origin-when-cross-origin
x-content-type-options
nosniff
server
cloudflare
etag
"e8fb0eac9d524105d27a8480f14c1476"
vary
Accept-Encoding
content-type
image/png
access-control-allow-origin
*
cache-control
public, max-age=0, must-revalidate
cf-ray
869798298d7a4c22-MIA
content-length
17230
ef216d1727f7526e9864cd5c2c3cbd4c383828f4.png
www.luckycreek.com/welcome/lc-aviator/ 		65 KB
66 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.luckycreek.com/welcome/lc-aviator/ef216d1727f7526e9864cd5c2c3cbd4c383828f4.png
Requested by
Host: www.luckycreek.com
URL: https://www.luckycreek.com/welcome/lc-aviator/?TrackingToken=LKR8eJ-3kJk-njN2e8kWtWNd7ZgqdRLk
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.18.199.11 -, , ASN (),
Reverse DNS
Software
cloudflare /
Resource Hash
fdc091ec0bee411f68b2c1cb34673127913a2a9f7b931e47d85abceb4e373382
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.luckycreek.com/welcome/lc-aviator/?TrackingToken=LKR8eJ-3kJk-njN2e8kWtWNd7ZgqdRLk
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

date
Sun, 24 Mar 2024 15:11:33 GMT
referrer-policy
strict-origin-when-cross-origin
x-content-type-options
nosniff
server
cloudflare
etag
"d1587f866db7825371546632a8b8edc6"
vary
Accept-Encoding
content-type
image/png
access-control-allow-origin
*
cache-control
public, max-age=0, must-revalidate
cf-ray
869798298d7c4c22-MIA
content-length
66974
main.js
ca-assets.cerebrospace.net/reg-form/assets/build/js/ 		283 KB
76 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://ca-assets.cerebrospace.net/reg-form/assets/build/js/main.js
Requested by
Host: www.luckycreek.com
URL: https://www.luckycreek.com/welcome/lc-aviator/?TrackingToken=LKR8eJ-3kJk-njN2e8kWtWNd7ZgqdRLk
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:24f0:e400:17:7a94:8b80:93a1 -, , ASN (),
Reverse DNS
Software
AmazonS3 /
Resource Hash
4b08d3e2909219c8f6807971450ac91446fa0e80e8d1a5812f219c605e37e9df

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.luckycreek.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

date
Sun, 24 Mar 2024 00:45:18 GMT
x-amz-version-id
UW1_xZAEpy02vKtwuL4a9xI5NS_sn2Qj
content-encoding
br
via
1.1 1ecc1c31dec508980f534756c9974928.cloudfront.net (CloudFront)
x-amz-cf-pop
JFK50-P3
age
51976
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
x-amz-replication-status
COMPLETED
last-modified
Thu, 18 Jan 2024 14:55:59 GMT
server
AmazonS3
etag
W/"a5705ea740cd6a871928cb6430ae3250"
vary
Accept-Encoding
content-type
application/javascript
cache-control
no-cache
x-amz-cf-id
hx4jWHNAzHzdF4nnq_-ETFvTOBhS5TSaNkeU6h5mSrUC2IFQdLENOA==
v84a3a4012de94ce1a686ba8c167c359c1696973893317
static.cloudflareinsights.com/beacon.min.js/ 		20 KB
7 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://static.cloudflareinsights.com/beacon.min.js/v84a3a4012de94ce1a686ba8c167c359c1696973893317
Requested by
Host: www.luckycreek.com
URL: https://www.luckycreek.com/welcome/lc-aviator/?TrackingToken=LKR8eJ-3kJk-njN2e8kWtWNd7ZgqdRLk
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6810:4f49 -, , ASN (),
Reverse DNS
Software
cloudflare /
Resource Hash
6153d13804862b0fc1c016cf1129f34cb7c6185f2cf4bf1a3a862eecdab50101

Request headers

Referer
https://www.luckycreek.com/
Origin
https://www.luckycreek.com
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

date
Sun, 24 Mar 2024 15:11:33 GMT
content-encoding
gzip
last-modified
Tue, 10 Oct 2023 21:38:13 GMT
server
cloudflare
etag
W/"2023.10.0"
vary
Accept-Encoding
content-type
text/javascript;charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=86400
cross-origin-resource-policy
cross-origin
cf-ray
8697982a6ad0db15-MIA
js
www.googletagmanager.com/gtag/ 		184 KB
67 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagmanager.com/gtag/js?id=UA-20983594-2&l=dataLayer&cx=c
Requested by
Host: www.googleoptimize.com
URL: https://www.googleoptimize.com/optimize.js?id=OPT-MS3B5J7
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4006:80a::2008 -, , ASN (),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
003e25024aaba3cba5dab5a9ef417c64d9a15f1b9634bdcd243cc0eba7498cad
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.luckycreek.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

date
Sun, 24 Mar 2024 15:11:33 GMT
content-encoding
br
strict-transport-security
max-age=31536000; includeSubDomains
server
Google Tag Manager
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
access-control-allow-headers
Cache-Control
content-length
68662
x-xss-protection
0
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires
Sun, 24 Mar 2024 15:11:33 GMT
analytics.js
www.google-analytics.com/ 		52 KB
21 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.google-analytics.com/analytics.js
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=UA-20983594-2
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4006:80e::200e -, , ASN (),
Reverse DNS
Software
Golfe2 /
Resource Hash
de36e50194320a7d3ef1ace9bd34a875a8bd458b253c061979dd628e9bf49afd
Security Headers
Name Value
Strict-Transport-Security max-age=10886400; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.luckycreek.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

strict-transport-security
max-age=10886400; includeSubDomains; preload
content-encoding
gzip
x-content-type-options
nosniff
date
Sun, 24 Mar 2024 13:51:49 GMT
last-modified
Tue, 12 Dec 2023 18:09:08 GMT
server
Golfe2
age
4784
vary
Accept-Encoding
content-type
text/javascript
cache-control
public, max-age=7200
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
20994
expires
Sun, 24 Mar 2024 15:51:49 GMT
387de5af039bf444f453adf99123bb4730c496f5.jpg
www.luckycreek.com/welcome/lc-aviator/ 		162 KB
163 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.luckycreek.com/welcome/lc-aviator/387de5af039bf444f453adf99123bb4730c496f5.jpg
Requested by
Host: www.luckycreek.com
URL: https://www.luckycreek.com/welcome/lc-aviator/?TrackingToken=LKR8eJ-3kJk-njN2e8kWtWNd7ZgqdRLk
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.18.199.11 -, , ASN (),
Reverse DNS
Software
cloudflare /
Resource Hash
28b506f102a11f13dfbfca4d568c079236affbf5f1456b590614be64678d8ab3
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.luckycreek.com/welcome/lc-aviator/?TrackingToken=LKR8eJ-3kJk-njN2e8kWtWNd7ZgqdRLk
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

date
Sun, 24 Mar 2024 15:11:33 GMT
referrer-policy
strict-origin-when-cross-origin
x-content-type-options
nosniff
server
cloudflare
etag
"c369656eaf9370dede231dc3e59dfbbc"
vary
Accept-Encoding
content-type
image/jpeg
access-control-allow-origin
*
cache-control
public, max-age=0, must-revalidate
cf-ray
8697982a6f144c22-MIA
content-length
166050
www.luckycreek.com.json
script.crazyegg.com/pages/data-scripts/0102/2282/site/ 		8 KB
3 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://script.crazyegg.com/pages/data-scripts/0102/2282/site/www.luckycreek.com.json?t=1
Requested by
Host: script.crazyegg.com
URL: https://script.crazyegg.com/pages/scripts/0102/2282.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6813:9308 -, , ASN (),
Reverse DNS
Software
cloudflare /
Resource Hash
225228088e2e718163e25f8d3406d08efd87bf2d05526856af573c8f9e6a0da5

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.luckycreek.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

date
Sun, 24 Mar 2024 15:11:34 GMT
content-encoding
gzip
cf-cache-status
HIT
age
15349
ce-version
11.5.195
content-length
2655
last-modified
Sun, 24 Mar 2024 10:55:45 GMT
server
cloudflare
vary
Accept-Encoding
content-type
application/json
access-control-allow-origin
*
access-control-expose-headers
CE-Version
cache-control
public, max-age=300, s-maxage=1209600
accept-ranges
bytes
timing-allow-origin
*
cf-ray
8697982d8a384bff-MIA
collect
www.google-analytics.com/j/ 		2 B
210 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://www.google-analytics.com/j/collect?v=1&_v=j101&a=1279777035&t=pageview&_s=1&dl=https%3A%2F%2Fwww.luckycreek.com%2Fwelcome%2Flc-aviator%2F%3FTrackingToken%3DLKR8eJ-3kJk-njN2e8kWtWNd7ZgqdRLk&dr=https%3A%2F%2Fc5.mytvids.com%2F&ul=en-us&de=UTF-8&dt=Welcome%20to%20Lucky%20Creek&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=YEBAAUABAAAAACAAI~&jid=1172585799&gjid=1928805878&cid=1840188352.1711293094&tid=UA-20983594-2&_gid=611823536.1711293094&_r=1&gtm=457e43k0za200&gcd=13l3l3l3l1&dma=0&jsscut=1&z=159134519
Requested by
Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4006:80e::200e -, , ASN (),
Reverse DNS
Software
Golfe2 /
Resource Hash
de3246094525b21a870fc7d2a67490d0132535c6fa5993755c549f1a9d1bd8af
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://www.luckycreek.com/
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Sun, 24 Mar 2024 15:11:34 GMT
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://www.luckycreek.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
2
expires
Fri, 01 Jan 1990 00:00:00 GMT
snare.dist.js
ca-assets.cerebrospace.net/reg-form/assets/vendor/ 		54 KB
12 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://ca-assets.cerebrospace.net/reg-form/assets/vendor/snare.dist.js
Requested by
Host: ca-assets.cerebrospace.net
URL: https://ca-assets.cerebrospace.net/reg-form/assets/build/js/main.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:24f0:e400:17:7a94:8b80:93a1 -, , ASN (),
Reverse DNS
Software
AmazonS3 /
Resource Hash
d0ea652e83adeffa45604b3407b7bd735683c6dd3d62f4cdc00797cb451f9e4c

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.luckycreek.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

x-amz-version-id
DUKtXnhwVh1fE22rUrBjW0YamRjDCdpq
content-encoding
gzip
via
1.1 1ecc1c31dec508980f534756c9974928.cloudfront.net (CloudFront)
date
Sat, 23 Mar 2024 18:40:59 GMT
x-amz-cf-pop
JFK50-P3
age
73836
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
x-amz-replication-status
COMPLETED
last-modified
Thu, 18 Jan 2024 14:55:59 GMT
server
AmazonS3
etag
W/"42825aff08b1980e82c2400bd6a976a2"
vary
Accept-Encoding
content-type
application/javascript
cache-control
no-cache
x-amz-cf-id
9ZzWAEe3ooi1ElNZ_m7m85S1v28bDdHFXlJsJXVX_JEgQ-CYwGTZJQ==
index.html
ca-assets.cerebrospace.net/reg-form/forms/register/ Frame 0272 		696 KB
212 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://ca-assets.cerebrospace.net/reg-form/forms/register/index.html
Requested by
Host: ca-assets.cerebrospace.net
URL: https://ca-assets.cerebrospace.net/reg-form/assets/build/js/main.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:24f0:e400:17:7a94:8b80:93a1 -, , ASN (),
Reverse DNS
Software
AmazonS3 /
Resource Hash
cca284d76a1b0e7640040360b08952f350f8a1e0f7624e5549c22fb4220a6d72

Request headers

Referer
https://www.luckycreek.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36
accept-language
en-US,en;q=0.9

Response headers

age
50573
cache-control
no-cache
content-encoding
br
content-type
text/html
date
Sun, 24 Mar 2024 01:08:42 GMT
etag
W/"0890054fa292d44f5c4fe37ad66c0a31"
last-modified
Thu, 18 Jan 2024 14:55:59 GMT
server
AmazonS3
vary
Accept-Encoding
via
1.1 1ecc1c31dec508980f534756c9974928.cloudfront.net (CloudFront)
x-amz-cf-id
NtLZw92QpWJzE1zRAqG20jP-uL2ZVMjU0qKyzTOjn-VwH8qncMXf7w==
x-amz-cf-pop
JFK50-P3
x-amz-replication-status
COMPLETED
x-amz-server-side-encryption
AES256
x-amz-version-id
4WvVE7dv1cNG38AJSHG7fRC3EqJFTxzL
x-cache
Hit from cloudfront
main.js
www.luckycreek.com/cdn-cgi/challenge-platform/h/g/scripts/jsd/dc6b543c1346/ Frame 0069
Redirect Chain
  • https://www.luckycreek.com/cdn-cgi/challenge-platform/scripts/jsd/main.js
  • https://www.luckycreek.com/cdn-cgi/challenge-platform/h/g/scripts/jsd/dc6b543c1346/main.js
8 KB
4 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.luckycreek.com/cdn-cgi/challenge-platform/h/g/scripts/jsd/dc6b543c1346/main.js
Requested by
Host: www.luckycreek.com
URL: https://www.luckycreek.com/welcome/lc-aviator/?TrackingToken=LKR8eJ-3kJk-njN2e8kWtWNd7ZgqdRLk
Protocol
H2
Server
104.18.199.11 -, , ASN (),
Reverse DNS
Software
cloudflare /
Resource Hash
609eacdc73b988617167e2371ee3102318b61061ce23074f5b927104411e06b6
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

accept-language
en-US,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

date
Sun, 24 Mar 2024 15:11:34 GMT
content-encoding
br
x-content-type-options
nosniff
server
cloudflare
vary
accept-encoding
content-type
application/javascript; charset=UTF-8
cache-control
max-age=14400, public
cf-ray
8697982e7cb64c22-MIA

Redirect headers

date
Sun, 24 Mar 2024 15:11:34 GMT
server
cloudflare
vary
Accept-Encoding
location
/cdn-cgi/challenge-platform/h/g/scripts/jsd/dc6b543c1346/main.js
access-control-allow-origin
*
cache-control
max-age=300, public
cf-ray
8697982d9b994c22-MIA
content-length
0
f32f67face8c7d91d87871cab1f2b1c1.js
script.crazyegg.com/pages/versioned/commontransformations-scripts/ 		138 KB
45 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://script.crazyegg.com/pages/versioned/commontransformations-scripts/f32f67face8c7d91d87871cab1f2b1c1.js
Requested by
Host: script.crazyegg.com
URL: https://script.crazyegg.com/pages/scripts/0102/2282.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6813:9308 -, , ASN (),
Reverse DNS
Software
cloudflare /
Resource Hash
68431098c85e0d581d70e5d2178b9c42a8d6284478f95bb5002afd1b9ada14dd

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.luckycreek.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

date
Sun, 24 Mar 2024 15:11:34 GMT
content-encoding
gzip
cf-cache-status
HIT
last-modified
Tue, 05 Mar 2024 18:24:56 GMT
server
cloudflare
age
261405
vary
Accept-Encoding
content-type
text/javascript
access-control-allow-origin
*
cache-control
public, max-age=31536000, s-maxage=31536000
accept-ranges
bytes
timing-allow-origin
*
cf-ray
8697982e7a0f743a-MIA
content-length
46373
collect
stats.g.doubleclick.net/j/ 		2 B
350 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://stats.g.doubleclick.net/j/collect?t=dc&aip=1&_r=3&v=1&_v=j101&tid=UA-20983594-2&cid=1840188352.1711293094&jid=1172585799&gjid=1928805878&_gid=611823536.1711293094&_u=YEBAAUAAAAAAACAAI~&z=1696893092
Requested by
Host: ca-assets.cerebrospace.net
URL: https://ca-assets.cerebrospace.net/reg-form/assets/build/js/main.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4004:c07::9d -, , ASN (),
Reverse DNS
Software
Golfe2 /
Resource Hash
6068f86ff5e6d3a3e100e95fd0ab03a5fb9ebfca9386b2c0ee131361a62526c2
Security Headers
Name Value
Strict-Transport-Security max-age=10886400; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://www.luckycreek.com/
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
strict-transport-security
max-age=10886400; includeSubDomains; preload
date
Sun, 24 Mar 2024 15:11:34 GMT
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://www.luckycreek.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
2
expires
Fri, 01 Jan 1990 00:00:00 GMT
869798240e384c22
www.luckycreek.com/cdn-cgi/challenge-platform/h/g/jsd/r/ Frame 0069 		0
299 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://www.luckycreek.com/cdn-cgi/challenge-platform/h/g/jsd/r/869798240e384c22
Requested by
Host: www.luckycreek.com
URL: https://www.luckycreek.com/cdn-cgi/challenge-platform/scripts/jsd/main.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.18.199.11 -, , ASN (),
Reverse DNS
Software
cloudflare /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36
Content-Type
application/json

Response headers

date
Sun, 24 Mar 2024 15:11:34 GMT
content-encoding
gzip
server
cloudflare
cf-ray
8697982feebc4c22-MIA
content-type
text/plain; charset=UTF-8
ga-audiences
www.google.com/ads/ 		42 B
408 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.com/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j101&tid=UA-20983594-2&cid=1840188352.1711293094&jid=1172585799&_u=YEBAAUAAAAAAACAAI~&z=2077534679
Requested by
Host: www.luckycreek.com
URL: https://www.luckycreek.com/welcome/lc-aviator/?TrackingToken=LKR8eJ-3kJk-njN2e8kWtWNd7ZgqdRLk
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4006:81f::2004 -, , ASN (),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.luckycreek.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 24 Mar 2024 15:11:34 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
player_credentials
kore.bosurl.net/v3/api/auth/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://kore.bosurl.net/v3/api/auth/player_credentials
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
66.212.230.32 -, , ASN (),
Reverse DNS
Software
/
Resource Hash

Request headers

Accept
*/*
Access-Control-Request-Headers
x-kore-returnurl
Access-Control-Request-Method
GET
Origin
https://www.luckycreek.com
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

access-control-allow-headers
x-kore-returnurl
access-control-allow-methods
GET
access-control-allow-origin
*
access-control-max-age
31536000
date
Sun, 24 Mar 2024 15:11:34 GMT
token
kore.bosurl.net/v3/api/auth/brand_public_credentials/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://kore.bosurl.net/v3/api/auth/brand_public_credentials/token
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
66.212.230.32 -, , ASN (),
Reverse DNS
Software
/
Resource Hash

Request headers

Accept
*/*
Access-Control-Request-Headers
content-type,x-kore-returnurl
Access-Control-Request-Method
POST
Origin
https://www.luckycreek.com
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

access-control-allow-headers
content-type,x-kore-returnurl
access-control-allow-methods
POST
access-control-allow-origin
*
access-control-max-age
31536000
date
Sun, 24 Mar 2024 15:11:34 GMT
player_credentials
kore.bosurl.net/v3/api/auth/ 		27 B
89 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://kore.bosurl.net/v3/api/auth/player_credentials
Requested by
Host: ca-assets.cerebrospace.net
URL: https://ca-assets.cerebrospace.net/reg-form/assets/build/js/main.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
66.212.230.32 -, , ASN (),
Reverse DNS
Software
/
Resource Hash
71701b60d0f6d561e38447a811bbb7382ca79c7b63096be12a9b5e37d56a2134

Request headers

Referer
https://www.luckycreek.com/
X-Kore-ReturnUrl
https://www.luckycreek.com
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

access-control-allow-origin
*
pragma
no-cache
date
Sun, 24 Mar 2024 15:11:34 GMT
cache-control
no-store,no-cache
x-kore-version
3.27.4592.5-x7405d1eb
content-length
27
content-type
application/json; charset=utf-8
token
kore.bosurl.net/v3/api/auth/brand_public_credentials/ 		707 B
848 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://kore.bosurl.net/v3/api/auth/brand_public_credentials/token
Requested by
Host: ca-assets.cerebrospace.net
URL: https://ca-assets.cerebrospace.net/reg-form/assets/build/js/main.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
66.212.230.32 -, , ASN (),
Reverse DNS
Software
/
Resource Hash
65ed06ce6697f33b4e35e3eb242b7054f3012c83eac6e55a8b2560630507ec80

Request headers

Referer
https://www.luckycreek.com/
X-Kore-ReturnUrl
https://www.luckycreek.com
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36
Content-Type
application/json

Response headers

access-control-allow-origin
*
pragma
no-cache
date
Sun, 24 Mar 2024 15:11:34 GMT
cache-control
no-store,no-cache
x-kore-version
3.27.4592.5-x7405d1eb
content-length
707
content-type
application/json; charset=utf-8
www.luckycreek.com.json
script.crazyegg.com/pages/data-scripts/0102/2282/sampling/ Frame 4EDB 		162 B
242 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://script.crazyegg.com/pages/data-scripts/0102/2282/sampling/www.luckycreek.com.json?t=475359
Requested by
Host: script.crazyegg.com
URL: https://script.crazyegg.com/pages/versioned/commontransformations-scripts/f32f67face8c7d91d87871cab1f2b1c1.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6813:9308 -, , ASN (),
Reverse DNS
Software
cloudflare /
Resource Hash
7e40d1d2dc9607f0be3286f82abbfddc3ac2fd80e02af1aaebb0424a362469e1

Request headers

accept-language
en-US,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

date
Sun, 24 Mar 2024 15:11:34 GMT
content-encoding
gzip
cf-cache-status
HIT
age
15347
ce-version
11.5.195
content-length
150
last-modified
Sun, 24 Mar 2024 10:55:47 GMT
server
cloudflare
vary
Accept-Encoding
content-type
application/json
access-control-allow-origin
*
access-control-expose-headers
CE-Version
cache-control
public, max-age=300, s-maxage=1209600
accept-ranges
bytes
timing-allow-origin
*
cf-ray
86979830ee104bff-MIA
/
location-api.blue-ion.workers.dev/ Frame 0272 		2 KB
2 KB 		Fetch
General
Check archive.org
Download Go to
Full URL
https://location-api.blue-ion.workers.dev/
Requested by
Host: ca-assets.cerebrospace.net
URL: https://ca-assets.cerebrospace.net/reg-form/forms/register/index.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3034::ac43:dd9f -, , ASN (),
Reverse DNS
Software
cloudflare /
Resource Hash
518105eed2e2d333fede5b387cc5c07586d49c4bfee33af6c91d5498c9ed8c8a

Request headers

accept-language
en-US,en;q=0.9
Referer
https://ca-assets.cerebrospace.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

date
Sun, 24 Mar 2024 15:11:34 GMT
content-encoding
br
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=mMhrnzDQnLRz57fPT5lxY%2B7PkcmHmwdcfRjtpu%2Bqt1uKNR5UcXitco%2FJsVDE7rHWx5crVESzMpbvbXuOC4CHi1%2BB3kxJ83JTT5ZMVM%2Fv%2Baz7TwRBjnscl9rLyO6YJU9QazcaF8AHGRfHUaGbYiDLwOAeejwEAjyNFrsXHtIGJMU%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/json;charset=UTF-8
access-control-allow-origin
*
cf-ray
86979831bfe4747a-MIA
alt-svc
h3=":443"; ma=86400
healthcheck
pagestates-tracking.crazyegg.com/ Frame 4EDB 		19 B
460 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://pagestates-tracking.crazyegg.com/healthcheck
Requested by
Host: script.crazyegg.com
URL: https://script.crazyegg.com/pages/versioned/commontransformations-scripts/f32f67face8c7d91d87871cab1f2b1c1.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.35.93.121 -, , ASN (),
Reverse DNS
Software
AmazonS3 /
Resource Hash
830e67bda2532cd5880ee86e3b33e69721082f8458bb0df0cd4edbb1577fd375

Request headers

accept-language
en-US,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

date
Fri, 22 Mar 2024 04:06:58 GMT
via
1.1 7aea4d81c29185bd2784c2f86062007a.cloudfront.net (CloudFront)
x-amz-cf-pop
JFK50-P8
age
212677
x-cache
Hit from cloudfront
content-length
19
last-modified
Fri, 08 Jul 2022 22:25:51 GMT
server
AmazonS3
etag
"d06f04fccf68d0b228a5923187ce1afd"
access-control-max-age
31536000
access-control-allow-methods
GET, HEAD
content-type
application/json
access-control-allow-origin
*
access-control-expose-headers
Access-Control-Allow-Origin
accept-ranges
bytes
x-amz-cf-id
VRffUy7xzJ4nqqfa-dA4H42A5kFeR1ZhDosxPaa04BTMywOCDPsuMw==
healthcheck
assets-tracking.crazyegg.com/ Frame 4EDB 		19 B
462 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://assets-tracking.crazyegg.com/healthcheck
Requested by
Host: script.crazyegg.com
URL: https://script.crazyegg.com/pages/versioned/commontransformations-scripts/f32f67face8c7d91d87871cab1f2b1c1.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.238.49.127 -, , ASN (),
Reverse DNS
Software
AmazonS3 /
Resource Hash
830e67bda2532cd5880ee86e3b33e69721082f8458bb0df0cd4edbb1577fd375

Request headers

accept-language
en-US,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

date
Sat, 24 Feb 2024 18:35:51 GMT
via
1.1 4e1c4d133adc8d8214916eeaddd7af66.cloudfront.net (CloudFront)
x-amz-cf-pop
JFK52-P3
age
2493344
x-cache
Hit from cloudfront
content-length
19
last-modified
Fri, 08 Jul 2022 22:25:51 GMT
server
AmazonS3
etag
"d06f04fccf68d0b228a5923187ce1afd"
access-control-max-age
31536000
access-control-allow-methods
GET, HEAD
content-type
application/json
access-control-allow-origin
*
access-control-expose-headers
Access-Control-Allow-Origin
accept-ranges
bytes
x-amz-cf-id
q2gzcqKbQ9W9Gou8IOWzt3waH97lcUHiDO3ovtrqQWKHb7hcHwXDbQ==
029c015b-23f8-4b47-87e2-12f09e1cf1c4
https://www.luckycreek.com/ 		45 B
0 		Other
General
Check archive.org
Download Go to
Full URL
blob:https://www.luckycreek.com/029c015b-23f8-4b47-87e2-12f09e1cf1c4
Requested by
Host: www.luckycreek.com
URL: https://www.luckycreek.com/welcome/lc-aviator/?TrackingToken=LKR8eJ-3kJk-njN2e8kWtWNd7ZgqdRLk
Protocol
BLOB
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
86551808dbfbf8bc9b23ab3d0725794c2e1f2b4265c96715f2945638160edc2b

Request headers

accept-language
en-US,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

Content-Length
45
Content-Type
text/javascript
rum
www.luckycreek.com/cdn-cgi/ 		0
162 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://www.luckycreek.com/cdn-cgi/rum?
Requested by
Host: ca-assets.cerebrospace.net
URL: https://ca-assets.cerebrospace.net/reg-form/assets/build/js/main.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.18.199.11 -, , ASN (),
Reverse DNS
Software
cloudflare /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options DENY

Request headers

Referer
https://www.luckycreek.com/welcome/lc-aviator/?TrackingToken=LKR8eJ-3kJk-njN2e8kWtWNd7ZgqdRLk
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36
content-type
application/json

Response headers

date
Sun, 24 Mar 2024 15:11:34 GMT
x-content-type-options
nosniff
server
cloudflare
vary
Origin
access-control-max-age
86400
access-control-allow-methods
POST,OPTIONS
access-control-allow-origin
https://www.luckycreek.com
x-frame-options
DENY
access-control-allow-credentials
true
cf-ray
86979831c8b34c22-MIA
clock
tracking.crazyegg.com/ Frame 4EDB 		39 B
146 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://tracking.crazyegg.com/clock?t=1711293095006&tk=92945bbfc1339eebac302db4fe1da59f&s=373551&p=%2Fwelcome%2Flc-aviator%2F&u=1022282&v=2a75533172735663fbf320354ecc7ec3d0654086&f=luckycreek.com%2Fwelcome%2Flc-aviator&ul=https%3A%2F%2Fwww.luckycreek.com%2Fwelcome%2Flc-aviator%2F%3FTrackingToken%3DLKR8eJ-3kJk-njN2e8kWtWNd7ZgqdRLk
Requested by
Host: script.crazyegg.com
URL: https://script.crazyegg.com/pages/versioned/commontransformations-scripts/f32f67face8c7d91d87871cab1f2b1c1.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
3.140.70.217 -, , ASN (),
Reverse DNS
Software
awselb/2.0 /
Resource Hash

Request headers

accept-language
en-US,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

access-control-allow-origin
*
date
Sun, 24 Mar 2024 15:11:35 GMT
cache-control
no-store
server
awselb/2.0
content-length
39
content-type
text/plain
d9b6b28e3d84db3e4c966a5cf73af402.js
script.crazyegg.com/pages/versioned/trackingpagestate-scripts/ 		0
0
f87330c7-33a7-4637-9b29-c624fae19ed1
https://www.luckycreek.com/ 		0
0

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain
script.crazyegg.com
URL
https://script.crazyegg.com/pages/versioned/trackingpagestate-scripts/d9b6b28e3d84db3e4c966a5cf73af402.js
Domain
www.luckycreek.com
URL
blob:https://www.luckycreek.com/f87330c7-33a7-4637-9b29-c624fae19ed1

Verdicts & Comments Add Verdict or Comment

0 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

4 Cookies

Domain/Path Name / Value
0vcxs.linkstonow.com/ Name: yredir_session
Value: eyJpdiI6IjZrN05oY3gzaWNyVUp1TUtqQTJRS0E9PSIsInZhbHVlIjoiMlVkQXVDbXZJSUVnQjJoL2lZSDJvTU41dXo4RG5seDQzVG9hTEpFY0xXNmpRZ1lZeklBT0NyN1pnSlFLRzVzQzI5dE8rY0NRbnZFSjFBdjk5Q2pSYnVUeTBnYjd6NHNtemN0RkttS200ZVVUNWNuY2V1VVp4c256RENqUllueUUiLCJtYWMiOiJkZjNjYjFlNDhhZTMxYzUxNWNmZDkxYmU3ZTQyMjBjNDhjNzM0MzljY2I1NGVlNDVjMGFkNjNjNjRjYzdiY2M3IiwidGFnIjoiIn0%3D
0vcxs.offersforetoday.com/ Name: yredir_session
Value: eyJpdiI6IjZJVTRWbndvUGwrRFN0YlhYVE9tNlE9PSIsInZhbHVlIjoiMmM2YmhUTFdBcVVBTGdKNTU5OUZ2SjFmYVpQYXB0VDRqZzRJWFJpRkpTay9EWE5iUjFTYUpXUmk3cEJZdmo4eDc5WUdNNUg0VGNqSmYxUCtGWmFtR0FjazI3QmZrcjdreEM1dnZHWmdhdmNrNG5DUkVoNlJMVWEzY0x4YlJhYTciLCJtYWMiOiIxNDg1MmZhNTA3ZjkwMmUxODBjZTlkYjBiNTRmYTE1ZjY5ODUyNGIwNmY3ZDEzODI4OGUyNjFjNjJjNzM5NTI2IiwidGFnIjoiIn0%3D
record.genesysaffiliates.com/ Name: VID1
Value: KC0jYFQsQyhTLVMsYApgCg%3D%3D
.genesysaffiliates.com/ Name: ZBan
Value: LKR8eJ-3kJk-njN2e8kWtWNd7ZgqdRLk

1 Console Messages

Source Level URL
Text
other error URL: https://c5.mytvids.com/?cnv_id=undefined
Message:
Chrome currently does not support the Push API in incognito mode (https://crbug.com/401439). There is deliberately no way to feature-detect this, since incognito mode needs to be undetectable by websites.

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

0vcxs.linkstonow.com
0vcxs.offersforetoday.com
assets-tracking.crazyegg.com
b2.mytvids.com
c5.mytvids.com
ca-assets.cerebrospace.net
click.trackwora.com
event.trk-keingent.com
kore.bosurl.net
location-api.blue-ion.workers.dev
pagestates-tracking.crazyegg.com
record.genesysaffiliates.com
script.crazyegg.com
static.cloudflareinsights.com
stats.g.doubleclick.net
tracking.crazyegg.com
trk-keingent.com
www.google-analytics.com
www.google.com
www.googleoptimize.com
www.googletagmanager.com
www.luckycreek.com
script.crazyegg.com
www.luckycreek.com
104.18.189.136
104.18.199.11
13.35.93.121
154.16.205.113
18.238.49.127
2600:9000:24f0:e400:17:7a94:8b80:93a1
2606:4700:3031::6815:21ab
2606:4700:3034::ac43:dd9f
2606:4700:3035::6815:99f
2606:4700::6810:4f49
2606:4700::6813:9308
2606:4700:e0::ac40:6a24
2607:f8b0:4004:c07::9d
2607:f8b0:4006:80a::2008
2607:f8b0:4006:80e::200e
2607:f8b0:4006:81e::200e
2607:f8b0:4006:81f::2004
3.140.70.217
66.212.230.32
003e25024aaba3cba5dab5a9ef417c64d9a15f1b9634bdcd243cc0eba7498cad
0728aa11f44b32973d5822c6cebd7173855bdb82fe5bd605ed0f5caf7f12f8e5
1c425423716a3e3a849ffb10e54c060a1f0156e778c4471cea3c0f24b6af45ce
225228088e2e718163e25f8d3406d08efd87bf2d05526856af573c8f9e6a0da5
28b506f102a11f13dfbfca4d568c079236affbf5f1456b590614be64678d8ab3
2fbf762c857f180d2054d0bc9a8848dd94525164dadac340b3139dc4b6fe0216
36569f44a76f1bcafc43af08e69d6810d1c237bd3bd881a45f0bfa447be810f3
3e900d3dbd5efbcd24f57a3e248638c764a53268375c77cb11d2cfdcd787c6c9
4b08d3e2909219c8f6807971450ac91446fa0e80e8d1a5812f219c605e37e9df
518105eed2e2d333fede5b387cc5c07586d49c4bfee33af6c91d5498c9ed8c8a
6068f86ff5e6d3a3e100e95fd0ab03a5fb9ebfca9386b2c0ee131361a62526c2
609eacdc73b988617167e2371ee3102318b61061ce23074f5b927104411e06b6
6153d13804862b0fc1c016cf1129f34cb7c6185f2cf4bf1a3a862eecdab50101
656f35c5fcfd4f00e69a1b50dc93f26916440f984473f1fa9c14cd1d9ebca30c
65ed06ce6697f33b4e35e3eb242b7054f3012c83eac6e55a8b2560630507ec80
68431098c85e0d581d70e5d2178b9c42a8d6284478f95bb5002afd1b9ada14dd
71701b60d0f6d561e38447a811bbb7382ca79c7b63096be12a9b5e37d56a2134
7e40d1d2dc9607f0be3286f82abbfddc3ac2fd80e02af1aaebb0424a362469e1
830e67bda2532cd5880ee86e3b33e69721082f8458bb0df0cd4edbb1577fd375
8341e67ab7f1dc3dc31d2bb2ade4ed0348b437b697d2c128d86a0c4c74d69298
86551808dbfbf8bc9b23ab3d0725794c2e1f2b4265c96715f2945638160edc2b
adc8e058a67e9119e46ad9c3b205895c1dac38b5b1f184442e740ddc138ee87e
cca284d76a1b0e7640040360b08952f350f8a1e0f7624e5549c22fb4220a6d72
d0ea652e83adeffa45604b3407b7bd735683c6dd3d62f4cdc00797cb451f9e4c
de3246094525b21a870fc7d2a67490d0132535c6fa5993755c549f1a9d1bd8af
de36e50194320a7d3ef1ace9bd34a875a8bd458b253c061979dd628e9bf49afd
e34252e3d2e360606ccb2b347db3017a3ff42f50e0ce64f784e3485c3b12366a
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e3c913b93d4855805bf0ea5ebba78d97391cbbc494f1012b160534b0573435e8
e8f0a73c96f72b5d7daed348034b5c52daeead35bc9dd4d6dce86b28bd8e4870
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
f12960d3677154c8edac82f3b42662b9337d6ad06f641d0ebb955dfd672c7be4
f5c3664e83e892dd1a6d013b888ff564202243219334b3afb6273053b6b7885e
fdc091ec0bee411f68b2c1cb34673127913a2a9f7b931e47d85abceb4e373382