theluckyfortunateoffers.com Open in urlscan Pro
195.144.21.251 Malicious Activity! Public Scan

Go To Rescan
Add Verdict Report

Submitted URL:
https://theluckyfortunateoffers.com/amazonspecial/?intgrtn_clickID=WRK1zlLXogObp7x6Q2YGeBao7Z1l8qDvj5rwEkPmZAan93VMd&country=JP&intg...
Effective URL:
https://theluckyfortunateoffers.com/amazonspecial/en/index.php?intgrtn_clickID=WRK1zlLXogObp7x6Q2YGeBao7Z1l8qDvj5rwEkPmZAan93VMd&cou...
Submission: On August 18 via api (August 18th 2024, 7:01:07 pm UTC) from US — Scanned from NL

Summary HTTP 29 Redirects Behaviour Indicators

Summary

This website contacted 3 IPs in 2 countries across 2 domains to perform 29 HTTP transactions. The main IP is 195.144.21.251, located in Austria and belongs to COGENT-174, US. The main domain is theluckyfortunateoffers.com.
TLS certificate: Issued by R11 on August 18th 2024. Valid for: 3 months.

This is the only time theluckyfortunateoffers.com was scanned on urlscan.io!

urlscan.io Verdict: Potentially Malicious

Targeting these brands: Investment Scam (Online)

Domain & IP information

	IP Address	AS Autonomous System
1 11	195.144.21.251 195.144.21.251	174 (COGENT-174) (COGENT-174)
9	2a00:1450:400... 2a00:1450:4001:812::200a	15169 (GOOGLE) (GOOGLE)
29	3

11 195.144.21.251 (Austria) 1 redirects

ASN174 (COGENT-174, US)
PTR: black.host-251.21.144.195.in-addr.arpa

theluckyfortunateoffers.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

9 2a00:1450:4001:812::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
11	theluckyfortunateoffers.com 1 redirects theluckyfortunateoffers.com	120 KB
9	googleapis.com fonts.googleapis.com — Cisco Umbrella Rank: 110
29	2

	Domain	Requested by
11	theluckyfortunateoffers.com	1 redirects theluckyfortunateoffers.com
9	fonts.googleapis.com	theluckyfortunateoffers.com
29	2

This site contains no links.

Subject Issuer	Validity	Valid
theluckyfortunateoffers.com R11	`2024-08-18` - `2024-11-16`	3 months	crt.sh
upload.video.google.com WR2	`2024-07-30` - `2024-10-22`	3 months	crt.sh

This page contains 1 frames:

Primary Page: https://theluckyfortunateoffers.com/amazonspecial/en/index.php?intgrtn_clickID=WRK1zlLXogObp7x6Q2YGeBao7Z1l8qDvj5rwEkPmZAan93VMd&country=JP&intgrtn_redirectReturningLead=auto
Frame ID: 405FF9277FBC58C61BEF76613F534FB8
Requests: 29 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

Amazon Special

Page URL History Show full URLs

https://theluckyfortunateoffers.com/amazonspecial/?intgrtn_clickID=WRK1zlLXogObp7x6Q2YGeBao7Z1l8qDvj5rwEkPmZAan9... HTTP 302
https://theluckyfortunateoffers.com/amazonspecial/en/index.php?intgrtn_clickID=WRK1zlLXogObp7x6Q2YGeBao7Z1l8qDvj... Page URL

Detected technologies

PHP (Programming Languages) Expand

Overall confidence: 100%
Detected patterns

\.php(?:$|\?)

Bootstrap (Web Frameworks) Expand

Overall confidence: 100%
Detected patterns

<link[^>]* href=[^>]*?bootstrap(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)[^>]*?(?:\.min)?\.css

Google Font API (Font Scripts) Expand

Overall confidence: 100%
Detected patterns

<link[^>]* href=[^>]+fonts\.(?:googleapis|google)\.com

Page Statistics

29
Requests

66 %
HTTPS

50 %
IPv6

2
Domains

2
Subdomains

3
IPs

2
Countries

120 kB
Transfer

231 kB
Size

1
Cookies

0 Outgoing links

These are links going to different origins than the main page.

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

https://theluckyfortunateoffers.com/amazonspecial/?intgrtn_clickID=WRK1zlLXogObp7x6Q2YGeBao7Z1l8qDvj5rwEkPmZAan93VMd&country=JP&intgrtn_redirectReturningLead=auto HTTP 302
https://theluckyfortunateoffers.com/amazonspecial/en/index.php?intgrtn_clickID=WRK1zlLXogObp7x6Q2YGeBao7Z1l8qDvj5rwEkPmZAan93VMd&country=JP&intgrtn_redirectReturningLead=auto Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

29 HTTP transactions
0 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H/1.1

200
OK

Primary Request index.php Show response
theluckyfortunateoffers.com/amazonspecial/en/
Redirect Chain

https://theluckyfortunateoffers.com/amazonspecial/?intgrtn_clickID=WRK1zlLXogObp7x6Q2YGeBao7Z1l8qDvj5rwEkPmZAan93VMd&country=JP&intgrtn_redirectReturningLead=auto
https://theluckyfortunateoffers.com/amazonspecial/en/index.php?intgrtn_clickID=WRK1zlLXogObp7x6Q2YGeBao7Z1l8qDvj5rwEkPmZAan93VMd&country=JP&intgrtn_redirectReturningLead=auto

33 KB
9 KB

64ms
63ms

Document
text/html

195.144.21.251
COGENT-174

General

Check archive.org

Show headers Download Go to

Full URL

https://theluckyfortunateoffers.com/amazonspecial/en/index.php?intgrtn_clickID=WRK1zlLXogObp7x6Q2YGeBao7Z1l8qDvj5rwEkPmZAan93VMd&country=JP&intgrtn_redirectReturningLead=auto

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

195.144.21.251 , Austria, ASN174 (COGENT-174, US),

Reverse DNS

black.host-251.21.144.195.in-addr.arpa

Software

nginx /

Resource Hash

1f0678d5db385dd76ef777868eba8c1f88ab435b70b934e190057b1c5d99ce60

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

Connection: keep-alive
Content-Encoding: gzip
Content-Type: text/html; charset=UTF-8
Date: Sun, 18 Aug 2024 19:00:37 GMT
PX-IPCountryISO: NL
PX-IPTimestamp: 1723820256 1724007432 1723970813
PX-X-Request-Id: b6d9b83b04f4861986a5bdebcd87e935
Server: nginx
Strict-Transport-Security: max-age=63072000
Transfer-Encoding: chunked
X-Server: cubic
X-Upstream: sharkolia-***ko

Redirect headers

Connection: keep-alive
Content-Type: text/html; charset=UTF-8
Date: Sun, 18 Aug 2024 19:00:36 GMT
Location: en/index.php?intgrtn_clickID=WRK1zlLXogObp7x6Q2YGeBao7Z1l8qDvj5rwEkPmZAan93VMd&country=JP&intgrtn_redirectReturningLead=auto
PX-IPCountryISO: NL
PX-IPTimestamp: 1723820256 1724007432 1723970813
PX-X-Request-Id: 3083dd85c3daa88f8e0647d7eee970ae
Server: nginx
Strict-Transport-Security: max-age=63072000
Transfer-Encoding: chunked
X-Server: cubic
X-Upstream: sharkolia-***ko

GET
H2 200 css2
fonts.googleapis.com/ 0
0 20164ms
19773ms Stylesheet
text/css 2a00:1450:4001:812::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css2?family=Montserrat:wght@300;400;600;700&display=swap

Requested by

Host: theluckyfortunateoffers.com
URL: https://theluckyfortunateoffers.com/amazonspecial/en/index.php?intgrtn_clickID=WRK1zlLXogObp7x6Q2YGeBao7Z1l8qDvj5rwEkPmZAan93VMd&country=JP&intgrtn_redirectReturningLead=auto

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:812::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Referer: https://theluckyfortunateoffers.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
date: Sun, 18 Aug 2024 19:00:37 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
last-modified: Sun, 18 Aug 2024 18:45:43 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Sun, 18 Aug 2024 19:00:37 GMT

GET
H2 200 css2
fonts.googleapis.com/ 0
0 20164ms
19774ms Stylesheet
text/css 2a00:1450:4001:812::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css2?family=Magra:wght@400;700&display=swap

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:812::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Referer: https://theluckyfortunateoffers.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
date: Sun, 18 Aug 2024 19:00:37 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
last-modified: Sun, 18 Aug 2024 19:00:37 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Sun, 18 Aug 2024 19:00:37 GMT

GET
H2 200 css2
fonts.googleapis.com/ 0
0 20167ms
19776ms Stylesheet
text/css 2a00:1450:4001:812::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css2?family=Merriweather:wght@300;400;700&display=swap

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:812::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Referer: https://theluckyfortunateoffers.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
date: Sun, 18 Aug 2024 19:00:37 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
last-modified: Sun, 18 Aug 2024 19:00:37 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Sun, 18 Aug 2024 19:00:37 GMT

GET
H2 200 css2
fonts.googleapis.com/ 0
0 20166ms
19719ms Stylesheet
text/css 2a00:1450:4001:812::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css2?family=Lato:wght@300;400;700;900&display=swap

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:812::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Referer: https://theluckyfortunateoffers.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
date: Sun, 18 Aug 2024 19:00:37 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
last-modified: Sun, 18 Aug 2024 17:05:19 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Sun, 18 Aug 2024 19:00:37 GMT

GET
H2 200 css2
fonts.googleapis.com/ 0
0 20156ms
19709ms Stylesheet
text/css 2a00:1450:4001:812::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css2?family=Source+Sans+Pro:wght@300;400;600;700&display=swap

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:812::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Referer: https://theluckyfortunateoffers.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
date: Sun, 18 Aug 2024 19:00:37 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
last-modified: Sun, 18 Aug 2024 18:36:07 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Sun, 18 Aug 2024 19:00:37 GMT

GET
H2 200 css2
fonts.googleapis.com/ 0
0 20164ms
19774ms Stylesheet
text/css 2a00:1450:4001:812::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css2?family=Oswald:wght@400;500;600;700&display=swap

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:812::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Referer: https://theluckyfortunateoffers.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
date: Sun, 18 Aug 2024 19:00:37 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
last-modified: Sun, 18 Aug 2024 18:59:30 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Sun, 18 Aug 2024 19:00:37 GMT

GET
H2 200 css2
fonts.googleapis.com/ 0
0 20165ms
19775ms Stylesheet
text/css 2a00:1450:4001:812::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css2?family=Roboto:wght@300;400;500;700&display=swap

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:812::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Referer: https://theluckyfortunateoffers.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
date: Sun, 18 Aug 2024 19:00:37 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
last-modified: Sun, 18 Aug 2024 18:31:48 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Sun, 18 Aug 2024 19:00:37 GMT

GET
H/1.1 200
OK style.min5697.css
theluckyfortunateoffers.com/amazonspecial/css/ 53 KB
8 KB 58ms
53ms Stylesheet
text/css 195.144.21.251
COGENT-174

General

Check archive.org

Show headers Download Go to

Full URL: https://theluckyfortunateoffers.com/amazonspecial/css/style.min5697.css?ver=5.5.3
Requested by: Host: theluckyfortunateoffers.com
URL: https://theluckyfortunateoffers.com/amazonspecial/en/index.php?intgrtn_clickID=WRK1zlLXogObp7x6Q2YGeBao7Z1l8qDvj5rwEkPmZAan93VMd&country=JP&intgrtn_redirectReturningLead=auto
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 195.144.21.251 , Austria, ASN174 (COGENT-174, US),
Reverse DNS: black.host-251.21.144.195.in-addr.arpa
Software: nginx /
Resource Hash: 8c626f0f9b5c109539b256b73e72c02b300a184f46b4535c2eb86599215c78af

Request headers

Referer: https://theluckyfortunateoffers.com/amazonspecial/en/index.php?intgrtn_clickID=WRK1zlLXogObp7x6Q2YGeBao7Z1l8qDvj5rwEkPmZAan93VMd&country=JP&intgrtn_redirectReturningLead=auto
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

Date: Sun, 18 Aug 2024 19:00:37 GMT
Content-Encoding: gzip
Last-Modified: Mon, 12 Sep 2022 11:25:55 GMT
Server: nginx
PX-Cache-Status: STALE
ETag: W/"631f1743-d293"
Transfer-Encoding: chunked
Vary: Accept-Encoding
Content-Type: text/css
X-Upstream: sharkolia-***ko
PX-IPTimestamp: 1723820256 1724007432 1723970813
X-Server: cubic
PX-IPCountryISO: NL
Connection: keep-alive
PX-X-Request-Id: fbc99ed72fd25301b196d1080a0ed90d

GET
H/1.1 200
OK style68b3.css
theluckyfortunateoffers.com/amazonspecial/css/ 851 B
781 B 124ms
49ms Stylesheet
text/css 195.144.21.251
COGENT-174

General

Check archive.org

Show headers Download Go to

Full URL: https://theluckyfortunateoffers.com/amazonspecial/css/style68b3.css?ver=1
Requested by: Host: theluckyfortunateoffers.com
URL: https://theluckyfortunateoffers.com/amazonspecial/en/index.php?intgrtn_clickID=WRK1zlLXogObp7x6Q2YGeBao7Z1l8qDvj5rwEkPmZAan93VMd&country=JP&intgrtn_redirectReturningLead=auto
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 195.144.21.251 , Austria, ASN174 (COGENT-174, US),
Reverse DNS: black.host-251.21.144.195.in-addr.arpa
Software: nginx /
Resource Hash: e8b5c0f1aab454e3dd3d47bdb0d6be1a54c0c350dff5feaa3a595937e2006df1

Request headers

Referer: https://theluckyfortunateoffers.com/amazonspecial/en/index.php?intgrtn_clickID=WRK1zlLXogObp7x6Q2YGeBao7Z1l8qDvj5rwEkPmZAan93VMd&country=JP&intgrtn_redirectReturningLead=auto
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

Date: Sun, 18 Aug 2024 19:00:37 GMT
Content-Encoding: gzip
Last-Modified: Mon, 12 Sep 2022 11:25:55 GMT
Server: nginx
PX-Cache-Status: STALE
ETag: W/"631f1743-353"
Transfer-Encoding: chunked
Vary: Accept-Encoding
Content-Type: text/css
X-Upstream: sharkolia-***ko
PX-IPTimestamp: 1723820256 1724007432 1723970813
X-Server: cubic
PX-IPCountryISO: NL
Connection: keep-alive
PX-X-Request-Id: a78a936bb04a374f3469376fe7924053

GET
H/1.1 200
OK all.css
theluckyfortunateoffers.com/amazonspecial/css/ 44 KB
0 191ms
64ms Stylesheet
text/css 195.144.21.251
COGENT-174

General

Check archive.org

Show headers Download Go to

Full URL: https://theluckyfortunateoffers.com/amazonspecial/css/all.css
Requested by: Host: theluckyfortunateoffers.com
URL: https://theluckyfortunateoffers.com/amazonspecial/en/index.php?intgrtn_clickID=WRK1zlLXogObp7x6Q2YGeBao7Z1l8qDvj5rwEkPmZAan93VMd&country=JP&intgrtn_redirectReturningLead=auto
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 195.144.21.251 , Austria, ASN174 (COGENT-174, US),
Reverse DNS: black.host-251.21.144.195.in-addr.arpa
Software: nginx /
Resource Hash

Request headers

Referer: https://theluckyfortunateoffers.com/amazonspecial/en/index.php?intgrtn_clickID=WRK1zlLXogObp7x6Q2YGeBao7Z1l8qDvj5rwEkPmZAan93VMd&country=JP&intgrtn_redirectReturningLead=auto
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

Date: Sun, 18 Aug 2024 19:00:37 GMT
Content-Encoding: gzip
Last-Modified: Mon, 12 Sep 2022 11:25:55 GMT
Server: nginx
PX-Cache-Status: STALE
ETag: W/"631f1743-eac4"
Transfer-Encoding: chunked
Vary: Accept-Encoding
Content-Type: text/css
X-Upstream: sharkolia-***ko
PX-IPTimestamp: 1723820256 1724007432 1723970813
X-Server: cubic
PX-IPCountryISO: NL
Connection: keep-alive
PX-X-Request-Id: a4fb1744b45393aa49efe6c55494b09f

GET
H/1.1 200
OK avia-merged-styles-8d3d8e7e41495f6c8fcd447c24837fb2---5fea0759680e5.css
theluckyfortunateoffers.com/amazonspecial/css/ 0
0 20160ms
19767ms Stylesheet
text/css 195.144.21.251
COGENT-174

General

Check archive.org

Show headers Download Go to

Full URL: https://theluckyfortunateoffers.com/amazonspecial/css/avia-merged-styles-8d3d8e7e41495f6c8fcd447c24837fb2---5fea0759680e5.css
Requested by: Host: theluckyfortunateoffers.com
URL: https://theluckyfortunateoffers.com/amazonspecial/en/index.php?intgrtn_clickID=WRK1zlLXogObp7x6Q2YGeBao7Z1l8qDvj5rwEkPmZAan93VMd&country=JP&intgrtn_redirectReturningLead=auto
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 195.144.21.251 , Austria, ASN174 (COGENT-174, US),
Reverse DNS: black.host-251.21.144.195.in-addr.arpa
Software: nginx /
Resource Hash

Request headers

Referer: https://theluckyfortunateoffers.com/amazonspecial/en/index.php?intgrtn_clickID=WRK1zlLXogObp7x6Q2YGeBao7Z1l8qDvj5rwEkPmZAan93VMd&country=JP&intgrtn_redirectReturningLead=auto
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

Date: Sun, 18 Aug 2024 19:00:37 GMT
Content-Encoding: gzip
Last-Modified: Mon, 12 Sep 2022 11:25:55 GMT
Server: nginx
PX-Cache-Status: STALE
ETag: W/"631f1743-5faa0"
Transfer-Encoding: chunked
Vary: Accept-Encoding
Content-Type: text/css
X-Upstream: sharkolia-***ko
PX-IPTimestamp: 1723820256 1724007432 1723970813
X-Server: cubic
PX-IPCountryISO: NL
Connection: keep-alive
PX-X-Request-Id: 71eaa7d4981e9cc9d8943afe7095e322

GET
H/1.1 200
OK v4-shims.css
theluckyfortunateoffers.com/amazonspecial/css/ 0
0 20156ms
19763ms Stylesheet
text/css 195.144.21.251
COGENT-174

General

Check archive.org

Show headers Download Go to

Full URL: https://theluckyfortunateoffers.com/amazonspecial/css/v4-shims.css
Requested by: Host: theluckyfortunateoffers.com
URL: https://theluckyfortunateoffers.com/amazonspecial/en/index.php?intgrtn_clickID=WRK1zlLXogObp7x6Q2YGeBao7Z1l8qDvj5rwEkPmZAan93VMd&country=JP&intgrtn_redirectReturningLead=auto
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 195.144.21.251 , Austria, ASN174 (COGENT-174, US),
Reverse DNS: black.host-251.21.144.195.in-addr.arpa
Software: nginx /
Resource Hash

Request headers

Referer: https://theluckyfortunateoffers.com/amazonspecial/en/index.php?intgrtn_clickID=WRK1zlLXogObp7x6Q2YGeBao7Z1l8qDvj5rwEkPmZAan93VMd&country=JP&intgrtn_redirectReturningLead=auto
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

Date: Sun, 18 Aug 2024 19:00:37 GMT
Content-Encoding: gzip
Last-Modified: Mon, 12 Sep 2022 11:25:55 GMT
Server: nginx
PX-Cache-Status: STALE
ETag: W/"631f1743-684e"
Transfer-Encoding: chunked
Vary: Accept-Encoding
Content-Type: text/css
X-Upstream: sharkolia-***ko
PX-IPTimestamp: 1723820256 1724007432 1723970813
X-Server: cubic
PX-IPCountryISO: NL
Connection: keep-alive
PX-X-Request-Id: 79ae295483e54941cd76e038b2606bfa

GET
H2 200 css
fonts.googleapis.com/ 0
0 20161ms
19716ms Stylesheet
text/css 2a00:1450:4001:812::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Roboto%3A100%2C100italic%2C200%2C200italic%2C300%2C300italic%2C400%2C400italic%2C500%2C500italic%2C600%2C600italic%2C700%2C700italic%2C800%2C800italic%2C900%2C900italic%7CRoboto+Slab%3A100%2C100italic%2C200%2C200italic%2C300%2C300italic%2C400%2C400italic%2C500%2C500italic%2C600%2C600italic%2C700%2C700italic%2C800%2C800italic%2C900%2C900italic%7CPoppins%3A100%2C100italic%2C200%2C200italic%2C300%2C300italic%2C400%2C400italic%2C500%2C500italic%2C600%2C600italic%2C700%2C700italic%2C800%2C800italic%2C900%2C900italic%7CABeeZee%3A100%2C100italic%2C200%2C200italic%2C300%2C300italic%2C400%2C400italic%2C500%2C500italic%2C600%2C600italic%2C700%2C700italic%2C800%2C800italic%2C900%2C900italic&ver=5.5.3

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:812::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Referer: https://theluckyfortunateoffers.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
date: Sun, 18 Aug 2024 19:00:37 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
last-modified: Sun, 18 Aug 2024 19:00:37 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Sun, 18 Aug 2024 19:00:37 GMT

GET
H2 200 css2
fonts.googleapis.com/ 0
0 20160ms
19715ms Stylesheet
text/css 2a00:1450:4001:812::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css2?family=PT+Sans:ital,wght@0,400;0,700;1,400;1,700&display=swap

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:812::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Referer: https://theluckyfortunateoffers.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
date: Sun, 18 Aug 2024 19:00:37 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
last-modified: Sun, 18 Aug 2024 18:59:39 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Sun, 18 Aug 2024 19:00:37 GMT

GET
H/1.1 200
OK slick.min.css
theluckyfortunateoffers.com/amazonspecial/css/ 0
0 20157ms
19764ms Stylesheet
text/css 195.144.21.251
COGENT-174

General

Check archive.org

Show headers Download Go to

Full URL: https://theluckyfortunateoffers.com/amazonspecial/css/slick.min.css
Requested by: Host: theluckyfortunateoffers.com
URL: https://theluckyfortunateoffers.com/amazonspecial/en/index.php?intgrtn_clickID=WRK1zlLXogObp7x6Q2YGeBao7Z1l8qDvj5rwEkPmZAan93VMd&country=JP&intgrtn_redirectReturningLead=auto
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 195.144.21.251 , Austria, ASN174 (COGENT-174, US),
Reverse DNS: black.host-251.21.144.195.in-addr.arpa
Software: nginx /
Resource Hash

Request headers

Referer: https://theluckyfortunateoffers.com/amazonspecial/en/index.php?intgrtn_clickID=WRK1zlLXogObp7x6Q2YGeBao7Z1l8qDvj5rwEkPmZAan93VMd&country=JP&intgrtn_redirectReturningLead=auto
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

Date: Sun, 18 Aug 2024 19:00:37 GMT
Content-Encoding: gzip
Last-Modified: Mon, 12 Sep 2022 11:25:55 GMT
Server: nginx
PX-Cache-Status: STALE
ETag: W/"631f1743-559"
Transfer-Encoding: chunked
Vary: Accept-Encoding
Content-Type: text/css
X-Upstream: sharkolia-***ko
PX-IPTimestamp: 1723820256 1724007432 1723970813
X-Server: cubic
PX-IPCountryISO: NL
Connection: keep-alive
PX-X-Request-Id: 7619990a1da380b40a9443a30edbb5ab

GET
H/1.1 200
OK all.min.css
theluckyfortunateoffers.com/amazonspecial/css/ 0
0 20158ms
19766ms Stylesheet
text/css 195.144.21.251
COGENT-174

General

Check archive.org

Show headers Download Go to

Full URL: https://theluckyfortunateoffers.com/amazonspecial/css/all.min.css
Requested by: Host: theluckyfortunateoffers.com
URL: https://theluckyfortunateoffers.com/amazonspecial/en/index.php?intgrtn_clickID=WRK1zlLXogObp7x6Q2YGeBao7Z1l8qDvj5rwEkPmZAan93VMd&country=JP&intgrtn_redirectReturningLead=auto
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 195.144.21.251 , Austria, ASN174 (COGENT-174, US),
Reverse DNS: black.host-251.21.144.195.in-addr.arpa
Software: nginx /
Resource Hash

Request headers

Referer: https://theluckyfortunateoffers.com/amazonspecial/en/index.php?intgrtn_clickID=WRK1zlLXogObp7x6Q2YGeBao7Z1l8qDvj5rwEkPmZAan93VMd&country=JP&intgrtn_redirectReturningLead=auto
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

Date: Sun, 18 Aug 2024 19:00:37 GMT
Content-Encoding: gzip
Last-Modified: Mon, 12 Sep 2022 11:25:55 GMT
Server: nginx
PX-Cache-Status: STALE
ETag: W/"631f1743-de7d"
Transfer-Encoding: chunked
Vary: Accept-Encoding
Content-Type: text/css
X-Upstream: sharkolia-***ko
PX-IPTimestamp: 1723820256 1724007432 1723970813
X-Server: cubic
PX-IPCountryISO: NL
Connection: keep-alive
PX-X-Request-Id: a99bd4e8114b015edff7ff6b9aee8fc0

GET
H/1.1 200
OK custom.css
theluckyfortunateoffers.com/amazonspecial/css/ 0
0 20157ms
19760ms Stylesheet
text/css 195.144.21.251
COGENT-174

General

Check archive.org

Show headers Download Go to

Full URL: https://theluckyfortunateoffers.com/amazonspecial/css/custom.css
Requested by: Host: theluckyfortunateoffers.com
URL: https://theluckyfortunateoffers.com/amazonspecial/en/index.php?intgrtn_clickID=WRK1zlLXogObp7x6Q2YGeBao7Z1l8qDvj5rwEkPmZAan93VMd&country=JP&intgrtn_redirectReturningLead=auto
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 195.144.21.251 , Austria, ASN174 (COGENT-174, US),
Reverse DNS: black.host-251.21.144.195.in-addr.arpa
Software: nginx /
Resource Hash

Request headers

Referer: https://theluckyfortunateoffers.com/amazonspecial/en/index.php?intgrtn_clickID=WRK1zlLXogObp7x6Q2YGeBao7Z1l8qDvj5rwEkPmZAan93VMd&country=JP&intgrtn_redirectReturningLead=auto
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

Date: Sun, 18 Aug 2024 19:00:37 GMT
Content-Encoding: gzip
Last-Modified: Mon, 12 Sep 2022 11:25:55 GMT
Server: nginx
PX-Cache-Status: STALE
ETag: W/"631f1743-2ce1"
Transfer-Encoding: chunked
Vary: Accept-Encoding
Content-Type: text/css
X-Upstream: sharkolia-***ko
PX-IPTimestamp: 1723820256 1724007432 1723970813
X-Server: cubic
PX-IPCountryISO: NL
Connection: keep-alive
PX-X-Request-Id: dd28a7219316a3d0ba36304cfbfe2a2c

GET funnel.css
theluckyfortunateoffers.com/amazonspecial/css/ 0
0

GET funnel-additional.css
theluckyfortunateoffers.com/amazonspecial/css/ 0
0

GET bootstrap.min.css
theluckyfortunateoffers.com/amazonspecial/css/ 0
0

GET intgrtn.css
theluckyfortunateoffers.com/amazonspecial/css/ 0
0

GET 5fb67d77b617d_v.png
theluckyfortunateoffers.com/amazonspecial/img/ 0
0

GET 5fb67d77d9256_v.jpg
theluckyfortunateoffers.com/amazonspecial/img/ 0
0

GET 5fb67d78c1ea3_v.jpg
theluckyfortunateoffers.com/amazonspecial/img/ 0
0

GET 5fb67d78cd12b_v.jpg
theluckyfortunateoffers.com/amazonspecial/img/ 0
0

GET jquery-1.11.3.min.js
theluckyfortunateoffers.com/amazonspecial/js/ 0
0

GET bootstrap.min.js
theluckyfortunateoffers.com/amazonspecial/js/ 0
0

GET
H/1.1 200
OK amazon-1-1.jpg
theluckyfortunateoffers.com/amazonspecial/img/ 101 KB
101 KB 73ms
73ms Image
image/jpeg 195.144.21.251
COGENT-174

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://theluckyfortunateoffers.com/amazonspecial/img/amazon-1-1.jpg
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 195.144.21.251 , Austria, ASN174 (COGENT-174, US),
Reverse DNS: black.host-251.21.144.195.in-addr.arpa
Software: nginx /
Resource Hash: c1af3158b052d4a2841d6618e385457afb39c3ebde4e1c29b45a8889aee7ec3a

Request headers

Referer: https://theluckyfortunateoffers.com/amazonspecial/en/index.php?intgrtn_clickID=WRK1zlLXogObp7x6Q2YGeBao7Z1l8qDvj5rwEkPmZAan93VMd&country=JP&intgrtn_redirectReturningLead=auto
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

Date: Sun, 18 Aug 2024 19:01:07 GMT
Content-Encoding: gzip
Last-Modified: Mon, 12 Sep 2022 11:25:55 GMT
Server: nginx
PX-Cache-Status: STALE
ETag: W/"631f1743-195bd"
Transfer-Encoding: chunked
Vary: Accept-Encoding
Content-Type: image/jpeg
X-Upstream: sharkolia-***ko
PX-IPTimestamp: 1723820256 1724007432 1723970813
X-Server: cubic
PX-IPCountryISO: NL
Connection: keep-alive
PX-X-Request-Id: a3e2a5bb05d5273a602bd348dd0cb477

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain: theluckyfortunateoffers.com
URL: https://theluckyfortunateoffers.com/amazonspecial/css/funnel.css

Domain: theluckyfortunateoffers.com
URL: https://theluckyfortunateoffers.com/amazonspecial/css/funnel-additional.css

Domain: theluckyfortunateoffers.com
URL: https://theluckyfortunateoffers.com/amazonspecial/css/bootstrap.min.css

Domain: theluckyfortunateoffers.com
URL: https://theluckyfortunateoffers.com/amazonspecial/css/intgrtn.css

Domain: theluckyfortunateoffers.com
URL: https://theluckyfortunateoffers.com/amazonspecial/img/5fb67d77b617d_v.png

Domain: theluckyfortunateoffers.com
URL: https://theluckyfortunateoffers.com/amazonspecial/img/5fb67d77d9256_v.jpg

Domain: theluckyfortunateoffers.com
URL: https://theluckyfortunateoffers.com/amazonspecial/img/5fb67d78c1ea3_v.jpg

Domain: theluckyfortunateoffers.com
URL: https://theluckyfortunateoffers.com/amazonspecial/img/5fb67d78cd12b_v.jpg

Domain: theluckyfortunateoffers.com
URL: https://theluckyfortunateoffers.com/amazonspecial/js/jquery-1.11.3.min.js

Domain: theluckyfortunateoffers.com
URL: https://theluckyfortunateoffers.com/amazonspecial/js/bootstrap.min.js

Verdicts & Comments Add Verdict or Comment

Potentially malicious activity detected
Disclaimer: These verdicts should be used to detect potentially malicious websites, not as a final verdict!

urlscan

Phishing against: Investment Scam (Online)

0 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

1 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

			Domain/Path	Expires	Name / Value
			theluckyfortunateoffers.com/amazonspecial/	1970-01-20 23:36:39	Name: intgrtn_language Value: en

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header	Value
Strict-Transport-Security	max-age=63072000

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

fonts.googleapis.com
theluckyfortunateoffers.com
theluckyfortunateoffers.com
195.144.21.251
2a00:1450:4001:812::200a
1f0678d5db385dd76ef777868eba8c1f88ab435b70b934e190057b1c5d99ce60
8c626f0f9b5c109539b256b73e72c02b300a184f46b4535c2eb86599215c78af
c1af3158b052d4a2841d6618e385457afb39c3ebde4e1c29b45a8889aee7ec3a
e8b5c0f1aab454e3dd3d47bdb0d6be1a54c0c350dff5feaa3a595937e2006df1

theluckyfortunateoffers.com Open in urlscan Pro 195.144.21.251 Malicious Activity! Public Scan

Summary

urlscan.io Verdict: Potentially Malicious

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Page URL History Show full URLs

Detected technologies

Page Statistics

29 Requests

66 %HTTPS

50 %IPv6

2 Domains

2 Subdomains

3 IPs

2 Countries

120 kBTransfer

231 kBSize

1 Cookies

0 Outgoing links

Page URL History

Redirected requests

29 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 0 data transactions

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Failed requests

Verdicts & Comments Add Verdict or Comment

Potentially malicious activity detected Disclaimer: These verdicts should be used to detect potentially malicious websites, not as a final verdict!

urlscan

0 JavaScript Global Variables

1 Cookies

Security Headers

Indicators

theluckyfortunateoffers.com Open in urlscan Pro
195.144.21.251 Malicious Activity! Public Scan

Screenshot
Live screenshot

Full Image

29
Requests

66 %
HTTPS

50 %
IPv6

2
Domains

2
Subdomains

3
IPs

2
Countries

120 kB
Transfer

231 kB
Size

1
Cookies

29 HTTP transactions
0 data transactions

Potentially malicious activity detected
Disclaimer: These verdicts should be used to detect potentially malicious websites, not as a final verdict!