amazinglyfortunateoffers.com Open in urlscan Pro
185.142.238.38 Malicious Activity! Public Scan

Go To Rescan
Add Verdict Report

Submitted URL:
http://openmindedaching.com/pme4973r82?key=c423d51a4002cfbfebdfba8a3b9f8152
Effective URL:
https://amazinglyfortunateoffers.com/amazonspecial/es/index.php?intgrtn_clickID=L5jZxelYROGgEKvXD37W1J0VKg6mNrkwm0pMbQ6qAz9yad24P&cou...
Submission: On April 24 via manual (April 24th 2024, 12:30:55 pm UTC) from ES — Scanned from ES

Summary HTTP 49 Redirects Behaviour Indicators

Summary

This website contacted 5 IPs in 3 countries across 7 domains to perform 49 HTTP transactions. The main IP is 185.142.238.38, located in Amsterdam, Netherlands and belongs to COGENT-174, US. The main domain is amazinglyfortunateoffers.com.
TLS certificate: Issued by R3 on March 14th 2024. Valid for: 3 months.

This is the only time amazinglyfortunateoffers.com was scanned on urlscan.io!

urlscan.io Verdict: Potentially Malicious

Targeting these brands: Investment Scam (Online)

Domain & IP information

	IP Address	AS Autonomous System
1 3	192.243.59.13 192.243.59.13	39572 (ADVANCEDH...) (ADVANCEDHOSTERS-AS)
1 1	176.97.112.149 176.97.112.149	6698 (VIRTUALSY...) (VIRTUALSYSTEMS)
1 1	193.34.166.127 193.34.166.127	62370 (SNEL) (SNEL)
1 31	185.142.238.38 185.142.238.38	174 (COGENT-174) (COGENT-174)
10	216.58.206.74 216.58.206.74	15169 (GOOGLE) (GOOGLE)
5	172.217.18.99 172.217.18.99	() ()
49	5

3 192.243.59.13 (Ashburn, United States) 1 redirects

ASN39572 (ADVANCEDHOSTERS-AS, NL)

openmindedaching.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 176.97.112.149 (Ukraine) 1 redirects

ASN6698 (VIRTUALSYSTEMS, UA)
PTR: dedicated.vsys.host

secureltrk.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 193.34.166.127 (Netherlands) 1 redirects

ASN62370 (SNEL, NL)
PTR: aliqu

dfrchtrck.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

31 185.142.238.38 (Amsterdam, Netherlands) 1 redirects

ASN174 (COGENT-174, US)
PTR: efl9v9gxx2hfb.all4techstore.com

amazinglyfortunateoffers.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

10 216.58.206.74 (United States)

ASN15169 (GOOGLE, US)
PTR: lhr35s11-in-f10.1e100.net

fonts.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 172.217.18.99 (None, )

ASN- ()

fonts.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
31	amazinglyfortunateoffers.com 1 redirects amazinglyfortunateoffers.com	560 KB
10	googleapis.com fonts.googleapis.com — Cisco Umbrella Rank: 33	9 KB
5	gstatic.com fonts.gstatic.com	91 KB
3	openmindedaching.com 1 redirects openmindedaching.com	5 KB
1	dfrchtrck.com 1 redirects dfrchtrck.com	769 B
1	secureltrk.com 1 redirects secureltrk.com — Cisco Umbrella Rank: 236914	338 B
0	proftrafficcounter.com Failed proftrafficcounter.com Failed
49	7

	Domain	Requested by
31	amazinglyfortunateoffers.com	1 redirects amazinglyfortunateoffers.com
10	fonts.googleapis.com	amazinglyfortunateoffers.com
5	fonts.gstatic.com	fonts.googleapis.com
3	openmindedaching.com	1 redirects
1	dfrchtrck.com	1 redirects
1	secureltrk.com	1 redirects
0	proftrafficcounter.com Failed	openmindedaching.com
49	7

This site contains no links.

Subject Issuer	Validity	Valid
openmindedaching.com R3	`2024-04-16` - `2024-07-15`	3 months	crt.sh
amazinglyfortunateoffers.com R3	`2024-03-14` - `2024-06-12`	3 months	crt.sh
upload.video.google.com GTS CA 1C3	`2024-03-18` - `2024-06-10`	3 months	crt.sh
*.gstatic.com GTS CA 1C3	`2024-03-18` - `2024-06-10`	3 months	crt.sh

This page contains 1 frames:

Primary Page: https://amazinglyfortunateoffers.com/amazonspecial/es/index.php?intgrtn_clickID=L5jZxelYROGgEKvXD37W1J0VKg6mNrkwm0pMbQ6qAz9yad24P&country=ES&intgrtn_redirectReturningLead=auto
Frame ID: 3C33215B58318924BE3F4CDBB05C53E5
Requests: 49 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

Amazon Special

Page URL History Show full URLs

http://openmindedaching.com/pme4973r82?key=c423d51a4002cfbfebdfba8a3b9f8152 HTTP 307
https://openmindedaching.com/pme4973r82?key=c423d51a4002cfbfebdfba8a3b9f8152 Page URL
https://openmindedaching.com/api/users?token=L3BtZTQ5NzNyODI_a2V5PWM0MjNkNTFhNDAwMmNmYmZlYmRmYmE4YTNiOWY4... HTTP 302
https://secureltrk.com/click?key=b783abaedf15df09d088&SUB_ID_SHORT=38f2fb3e25912a67f55d87a25dbc5f86... HTTP 307
https://dfrchtrck.com/click.php?project_id=Mc&affiliate_id=fc59df1715&custom2=cokfmuta6vts73d02qfg HTTP 302
https://amazinglyfortunateoffers.com/amazonspecial/?intgrtn_clickID=L5jZxelYROGgEKvXD37W1J0VKg6mNrkwm0pMbQ6qAz9ya... HTTP 302
https://amazinglyfortunateoffers.com/amazonspecial/es/index.php?intgrtn_clickID=L5jZxelYROGgEKvXD37W1J0VKg6mNrkwm... Page URL

Detected technologies

PHP (Programming Languages) Expand

Overall confidence: 100%
Detected patterns

\.php(?:$|\?)

Bootstrap (Web Frameworks) Expand

Overall confidence: 100%
Detected patterns

<link[^>]* href=[^>]*?bootstrap(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)[^>]*?(?:\.min)?\.css
bootstrap(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)[^>]*?(?:\.min)?\.js

Google Font API (Font Scripts) Expand

Overall confidence: 100%
Detected patterns

<link[^>]* href=[^>]+fonts\.(?:googleapis|google)\.com

jQuery (JavaScript Libraries) Expand

Overall confidence: 100%
Detected patterns

jquery[.-]([\d.]*\d)[^/]*\.js
jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?

Page Statistics

49
Requests

96 %
HTTPS

0 %
IPv6

7
Domains

7
Subdomains

5
IPs

3
Countries

662 kB
Transfer

2147 kB
Size

14
Cookies

0 Outgoing links

These are links going to different origins than the main page.

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

http://openmindedaching.com/pme4973r82?key=c423d51a4002cfbfebdfba8a3b9f8152 HTTP 307
https://openmindedaching.com/pme4973r82?key=c423d51a4002cfbfebdfba8a3b9f8152 Page URL
https://openmindedaching.com/api/users?token=L3BtZTQ5NzNyODI_a2V5PWM0MjNkNTFhNDAwMmNmYmZlYmRmYmE4YTNiOWY4MTUyJnBzdD0xNzEzOTYxOTEwJnJtdGM9dCZzaHU9YmM3YTllZmVhNWUzZTQ5ODhmOTRjZTc1NjhlMTdjNzQ5Y2Q1MzM2ZjZiMzhlZjZjMzg4ZTU4MzQ1M2FhMDQ3NGQxYWJjYjk0YmYwZGZiODAwZjdlNTA4MGI1MDdkOTA0ZjQ0MDRjOTc4ODUxMjI3YTA4MWM1YTc1ZjAwZTRjMDkwMmI5ZDM2MGVkMDVlMDYxMDk2Mjg3MmQwYjQxYjQzYjEwMWQwNzljNzQ0ZmFkMTJiMjNiOWJjZjg4NTU3ZA&uuid=&pii=&in=false HTTP 302
https://secureltrk.com/click?key=b783abaedf15df09d088&SUB_ID_SHORT=38f2fb3e25912a67f55d87a25dbc5f86&COST_CPC=0.001066&PLACEMENT_ID=16466705&CAMPAIGN_ID=931242&DEVICE_BRAND=Unknown&BROWSER_NAME=Chrome&USER_OS=Windows&USER_CARRIER=Avatel%20Telecom&USERAGENT=Mozilla%2F5.0%20%28Windows%20NT%2010.0%3B%20Win64%3B%20x64%29%20AppleWebKit%2F537.36%20%28KHTML%2C%20like%20Gecko%29%20Chrome%2F124.0.0.0%20Safari%2F537.36&REMOTE_LANGUAGE=40&BANNER_ID=2685494&CATEGORY_ALIAS=Other HTTP 307
https://dfrchtrck.com/click.php?project_id=Mc&affiliate_id=fc59df1715&custom2=cokfmuta6vts73d02qfg HTTP 302
https://amazinglyfortunateoffers.com/amazonspecial/?intgrtn_clickID=L5jZxelYROGgEKvXD37W1J0VKg6mNrkwm0pMbQ6qAz9yad24P&country=ES&intgrtn_redirectReturningLead=auto HTTP 302
https://amazinglyfortunateoffers.com/amazonspecial/es/index.php?intgrtn_clickID=L5jZxelYROGgEKvXD37W1J0VKg6mNrkwm0pMbQ6qAz9yad24P&country=ES&intgrtn_redirectReturningLead=auto Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 0

http://openmindedaching.com/pme4973r82?key=c423d51a4002cfbfebdfba8a3b9f8152 HTTP 307
https://openmindedaching.com/pme4973r82?key=c423d51a4002cfbfebdfba8a3b9f8152

49 HTTP transactions
0 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H/1.1

200
OK

pme4973r82 Show response
openmindedaching.com/
Redirect Chain

http://openmindedaching.com/pme4973r82?key=c423d51a4002cfbfebdfba8a3b9f8152
https://openmindedaching.com/pme4973r82?key=c423d51a4002cfbfebdfba8a3b9f8152

3 KB
3 KB

2422ms
281ms

Document
text/html

192.243.59.13
ADVANCEDHOSTERS-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://openmindedaching.com/pme4973r82?key=c423d51a4002cfbfebdfba8a3b9f8152

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

192.243.59.13 Ashburn, United States, ASN39572 (ADVANCEDHOSTERS-AS, NL),

Reverse DNS

Software

nginx/1.19.5 /

Resource Hash

cf43bab04e5c920214dbc63045606cb1fb225afd18d1eee29aa67de5698845c7

Security Headers

Name	Value
Strict-Transport-Security	max-age=0; includeSubdomains

Request headers

Accept-Language: es-ES,es;q=0.9;q=0.9
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36

Response headers

Accept-CH: Device-Stock-UA,Sec-CH-UA,Sec-CH-UA-Full-Version,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version,Sec-CH-UA-PlatformUser-Agent,User-Agent,X-Device-User-Agent,X-OperaMini-Phone-UA,X-UCBrowser-Device-UA
Cache-Control: no-cache
Connection: keep-alive
Content-Encoding: gzip
Content-Type: text/html
Date: Wed, 24 Apr 2024 12:30:50 GMT
Expires: Thu, 01 Jan 1970 00:00:01 GMT
P3P: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
Server: nginx/1.19.5
Strict-Transport-Security: max-age=0; includeSubdomains
Transfer-Encoding: chunked
X-Request-ID: 5b90b2f635ddd75cb0b153c8f80f92d2

Redirect headers

Location: https://openmindedaching.com/pme4973r82?key=c423d51a4002cfbfebdfba8a3b9f8152
Non-Authoritative-Reason: HttpsUpgrades

GET stats
proftrafficcounter.com/ 0
0

GET
H/1.1 200
OK favicon.ico
openmindedaching.com/ 0
319 B 338ms
338ms Other
image/x-icon 192.243.59.13
ADVANCEDHOSTERS-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://openmindedaching.com/favicon.ico

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

192.243.59.13 Ashburn, United States, ASN39572 (ADVANCEDHOSTERS-AS, NL),

Reverse DNS

Software

nginx/1.19.5 /

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=0; includeSubdomains

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Accept-Language: es-ES,es;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-full-version: "124.0.6367.60"
sec-ch-ua-platform-version: "10.0.0"
Referer: https://openmindedaching.com/api/users?token=L3BtZTQ5NzNyODI_a2V5PTBmMjJjMWZkNjA5ZjEzY2I3OTQ3YzhjYWJmZTFhOTBkJnN1Ym1ldHJpYz0xNjQ2NjcwNQ
sec-ch-ua-full-version-list: "Chromium";v="124.0.6367.60", "Google Chrome";v="124.0.6367.60", "Not-A.Brand";v="99.0.0.0"
sec-ch-ua-model: ""
sec-ch-ua-platform: "Win32"

Response headers

Date: Wed, 24 Apr 2024 12:30:50 GMT
Strict-Transport-Security: max-age=0; includeSubdomains
Server: nginx/1.19.5
Content-Type: image/x-icon
Cache-Control: no-cache
Connection: keep-alive
Content-Length: 0
X-Request-ID: 74b1bea42c9dbfa2aebd81325ee2623a
Expires: Thu, 01 Jan 1970 00:00:01 GMT

GET
H/1.1

200
OK

Primary Request index.php Show response
amazinglyfortunateoffers.com/amazonspecial/es/
Redirect Chain

https://openmindedaching.com/api/users?token=L3BtZTQ5NzNyODI_a2V5PWM0MjNkNTFhNDAwMmNmYmZlYmRmYmE4YTNiOWY4MTUyJnBzdD0xNzEzOTYxOTEwJnJtdGM9dCZzaHU9YmM3YTllZmVhNWUzZTQ5ODhmOTRjZTc1NjhlMTdjNzQ5Y2Q1MzM2...
https://secureltrk.com/click?key=b783abaedf15df09d088&SUB_ID_SHORT=38f2fb3e25912a67f55d87a25dbc5f86&COST_CPC=0.001066&PLACEMENT_ID=16466705&CAMPAIGN_ID=931242&DEVICE_BRAND=Unknown&BROWSER_NAME=Chro...
https://dfrchtrck.com/click.php?project_id=Mc&affiliate_id=fc59df1715&custom2=cokfmuta6vts73d02qfg
https://amazinglyfortunateoffers.com/amazonspecial/?intgrtn_clickID=L5jZxelYROGgEKvXD37W1J0VKg6mNrkwm0pMbQ6qAz9yad24P&country=ES&intgrtn_redirectReturningLead=auto
https://amazinglyfortunateoffers.com/amazonspecial/es/index.php?intgrtn_clickID=L5jZxelYROGgEKvXD37W1J0VKg6mNrkwm0pMbQ6qAz9yad24P&country=ES&intgrtn_redirectReturningLead=auto

34 KB
10 KB

146ms
145ms

Document
text/html

185.142.238.38
COGENT-174

General

Check archive.org

Show headers Download Go to

Full URL

https://amazinglyfortunateoffers.com/amazonspecial/es/index.php?intgrtn_clickID=L5jZxelYROGgEKvXD37W1J0VKg6mNrkwm0pMbQ6qAz9yad24P&country=ES&intgrtn_redirectReturningLead=auto

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

185.142.238.38 Amsterdam, Netherlands, ASN174 (COGENT-174, US),

Reverse DNS

efl9v9gxx2hfb.all4techstore.com

Software

nginx /

Resource Hash

fadc41507d1a769419b51e650bbe3c459ab5cc9661d02406fc91fdc01c580547

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000

Request headers

Accept-Language: es-ES,es;q=0.9;q=0.9
Referer: https://openmindedaching.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
sec-ch-ua-full-version: "124.0.6367.60"
sec-ch-ua-full-version-list: "Chromium";v="124.0.6367.60", "Google Chrome";v="124.0.6367.60", "Not-A.Brand";v="99.0.0.0"
sec-ch-ua-mobile: ?0
sec-ch-ua-model: ""
sec-ch-ua-platform: "Win32"
sec-ch-ua-platform-version: "10.0.0"

Response headers

Connection: keep-alive
Content-Encoding: gzip
Content-Type: text/html; charset=UTF-8
Date: Wed, 24 Apr 2024 12:30:53 GMT
PX-IPCountryISO: ES
PX-IPTimestamp: 1713876360 1713961647 1713948418
PX-X-Request-Id: e5e1c72ac5b8ba0e25f740cef22edeca
Server: nginx
Strict-Transport-Security: max-age=63072000
Transfer-Encoding: chunked
X-Server: microso
X-Upstream: sharkolia-***ko

Redirect headers

Connection: keep-alive
Content-Type: text/html; charset=UTF-8
Date: Wed, 24 Apr 2024 12:30:53 GMT
Location: es/index.php?intgrtn_clickID=L5jZxelYROGgEKvXD37W1J0VKg6mNrkwm0pMbQ6qAz9yad24P&country=ES&intgrtn_redirectReturningLead=auto
PX-IPCountryISO: ES
PX-IPTimestamp: 1713876360 1713961647 1713948418
PX-X-Request-Id: c464089d2c33bf103e35cd6996ff79ca
Server: nginx
Strict-Transport-Security: max-age=63072000
Transfer-Encoding: chunked
X-Server: microso
X-Upstream: sharkolia-***ko

GET
H2 200 css2
fonts.googleapis.com/ 7 KB
722 B 868ms
118ms Stylesheet
text/css 216.58.206.74
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css2?family=Montserrat:wght@300;400;600;700&display=swap

Requested by

Host: amazinglyfortunateoffers.com
URL: https://amazinglyfortunateoffers.com/amazonspecial/es/index.php?intgrtn_clickID=L5jZxelYROGgEKvXD37W1J0VKg6mNrkwm0pMbQ6qAz9yad24P&country=ES&intgrtn_redirectReturningLead=auto

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

216.58.206.74 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

lhr35s11-in-f10.1e100.net

Software

ESF /

Resource Hash

7c68c0208cecad69fb80c0a9fee76b374dd777a869fcd0fbcf234e8af8a20640

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://amazinglyfortunateoffers.com/
Accept-Language: es-ES,es;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

strict-transport-security: max-age=31536000
date: Wed, 24 Apr 2024 12:30:54 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
last-modified: Wed, 24 Apr 2024 12:08:10 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Wed, 24 Apr 2024 12:30:54 GMT

GET
H2 200 css2
fonts.googleapis.com/ 2 KB
498 B 891ms
142ms Stylesheet
text/css 216.58.206.74
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css2?family=Magra:wght@400;700&display=swap

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

216.58.206.74 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

lhr35s11-in-f10.1e100.net

Software

ESF /

Resource Hash

16a2a6e192074e4fd20f845b83d5ecb57af6bd237f706848d3a9d6ed514a6665

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://amazinglyfortunateoffers.com/
Accept-Language: es-ES,es;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

strict-transport-security: max-age=31536000
date: Wed, 24 Apr 2024 12:30:54 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
last-modified: Wed, 24 Apr 2024 12:30:54 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Wed, 24 Apr 2024 12:30:54 GMT

GET
H2 200 css2
fonts.googleapis.com/ 6 KB
743 B 885ms
136ms Stylesheet
text/css 216.58.206.74
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css2?family=Merriweather:wght@300;400;700&display=swap

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

216.58.206.74 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

lhr35s11-in-f10.1e100.net

Software

ESF /

Resource Hash

11e0dd0b1244f412de7027e164697e76b77f87c85bb6d5e74ef23237ded7699b

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://amazinglyfortunateoffers.com/
Accept-Language: es-ES,es;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

strict-transport-security: max-age=31536000
date: Wed, 24 Apr 2024 12:30:54 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
last-modified: Wed, 24 Apr 2024 12:22:03 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Wed, 24 Apr 2024 12:30:54 GMT

GET
H2 200 css2
fonts.googleapis.com/ 3 KB
531 B 883ms
135ms Stylesheet
text/css 216.58.206.74
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css2?family=Lato:wght@300;400;700;900&display=swap

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

216.58.206.74 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

lhr35s11-in-f10.1e100.net

Software

ESF /

Resource Hash

d8fe5effa3de4e73408fd03c8fd4bbdfa973798ee2a8d2f68159c90bcbdb8db1

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://amazinglyfortunateoffers.com/
Accept-Language: es-ES,es;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

strict-transport-security: max-age=31536000
date: Wed, 24 Apr 2024 12:30:54 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
last-modified: Wed, 24 Apr 2024 12:30:50 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Wed, 24 Apr 2024 12:30:54 GMT

GET
H2 200 css2
fonts.googleapis.com/ 10 KB
888 B 894ms
145ms Stylesheet
text/css 216.58.206.74
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css2?family=Source+Sans+Pro:wght@300;400;600;700&display=swap

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

216.58.206.74 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

lhr35s11-in-f10.1e100.net

Software

ESF /

Resource Hash

a7b7807d93be3aeb6dd391229f287ef36a485d8c6c5aca1d72ddbc6dc274aa40

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://amazinglyfortunateoffers.com/
Accept-Language: es-ES,es;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

strict-transport-security: max-age=31536000
date: Wed, 24 Apr 2024 12:30:54 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
last-modified: Wed, 24 Apr 2024 12:11:41 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Wed, 24 Apr 2024 12:30:54 GMT

GET
H2 200 css2
fonts.googleapis.com/ 8 KB
1 KB 856ms
108ms Stylesheet
text/css 216.58.206.74
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css2?family=Oswald:wght@400;500;600;700&display=swap

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

216.58.206.74 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

lhr35s11-in-f10.1e100.net

Software

ESF /

Resource Hash

c038a8dd8fd27d633bc7733fdedd6730cad69333be98af8fad0890171f30a1ed

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://amazinglyfortunateoffers.com/
Accept-Language: es-ES,es;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

strict-transport-security: max-age=31536000
date: Wed, 24 Apr 2024 12:30:54 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
last-modified: Wed, 24 Apr 2024 12:07:32 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Wed, 24 Apr 2024 12:30:54 GMT

GET
H2 200 css2
fonts.googleapis.com/ 9 KB
864 B 859ms
112ms Stylesheet
text/css 216.58.206.74
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css2?family=Roboto:wght@300;400;500;700&display=swap

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

216.58.206.74 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

lhr35s11-in-f10.1e100.net

Software

ESF /

Resource Hash

af9e52b1788e243b0a07ba97a3de75df5845d00b896f1b83f38c42702a7ba690

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://amazinglyfortunateoffers.com/
Accept-Language: es-ES,es;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

strict-transport-security: max-age=31536000
date: Wed, 24 Apr 2024 12:30:54 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
last-modified: Wed, 24 Apr 2024 10:46:08 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Wed, 24 Apr 2024 12:30:54 GMT

GET
H/1.1 200
OK style.min5697.css
amazinglyfortunateoffers.com/amazonspecial/css/ 53 KB
8 KB 150ms
139ms Stylesheet
text/css 185.142.238.38
COGENT-174

General

Check archive.org

Show headers Download Go to

Full URL: https://amazinglyfortunateoffers.com/amazonspecial/css/style.min5697.css?ver=5.5.3
Requested by: Host: amazinglyfortunateoffers.com
URL: https://amazinglyfortunateoffers.com/amazonspecial/es/index.php?intgrtn_clickID=L5jZxelYROGgEKvXD37W1J0VKg6mNrkwm0pMbQ6qAz9yad24P&country=ES&intgrtn_redirectReturningLead=auto
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 185.142.238.38 Amsterdam, Netherlands, ASN174 (COGENT-174, US),
Reverse DNS: efl9v9gxx2hfb.all4techstore.com
Software: nginx /
Resource Hash: 8c626f0f9b5c109539b256b73e72c02b300a184f46b4535c2eb86599215c78af

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://amazinglyfortunateoffers.com/amazonspecial/es/index.php?intgrtn_clickID=L5jZxelYROGgEKvXD37W1J0VKg6mNrkwm0pMbQ6qAz9yad24P&country=ES&intgrtn_redirectReturningLead=auto
Accept-Language: es-ES,es;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

Date: Wed, 24 Apr 2024 12:30:53 GMT
Content-Encoding: gzip
Last-Modified: Mon, 12 Sep 2022 11:25:55 GMT
Server: nginx
PX-Cache-Status: HIT
ETag: W/"631f1743-d293"
Transfer-Encoding: chunked
Vary: Accept-Encoding
Content-Type: text/css
X-Upstream: sharkolia-***ko
PX-IPTimestamp: 1713876360 1713961647 1713948418
X-Server: microso
PX-IPCountryISO: ES
Connection: keep-alive
PX-X-Request-Id: 29765b917d879195c0c6ffba3eebca1e

GET
H/1.1 200
OK style68b3.css
amazinglyfortunateoffers.com/amazonspecial/css/ 851 B
781 B 281ms
130ms Stylesheet
text/css 185.142.238.38
COGENT-174

General

Check archive.org

Show headers Download Go to

Full URL: https://amazinglyfortunateoffers.com/amazonspecial/css/style68b3.css?ver=1
Requested by: Host: amazinglyfortunateoffers.com
URL: https://amazinglyfortunateoffers.com/amazonspecial/es/index.php?intgrtn_clickID=L5jZxelYROGgEKvXD37W1J0VKg6mNrkwm0pMbQ6qAz9yad24P&country=ES&intgrtn_redirectReturningLead=auto
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 185.142.238.38 Amsterdam, Netherlands, ASN174 (COGENT-174, US),
Reverse DNS: efl9v9gxx2hfb.all4techstore.com
Software: nginx /
Resource Hash: e8b5c0f1aab454e3dd3d47bdb0d6be1a54c0c350dff5feaa3a595937e2006df1

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://amazinglyfortunateoffers.com/amazonspecial/es/index.php?intgrtn_clickID=L5jZxelYROGgEKvXD37W1J0VKg6mNrkwm0pMbQ6qAz9yad24P&country=ES&intgrtn_redirectReturningLead=auto
Accept-Language: es-ES,es;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

Date: Wed, 24 Apr 2024 12:30:53 GMT
Content-Encoding: gzip
Last-Modified: Mon, 12 Sep 2022 11:25:55 GMT
Server: nginx
PX-Cache-Status: HIT
ETag: W/"631f1743-353"
Transfer-Encoding: chunked
Vary: Accept-Encoding
Content-Type: text/css
X-Upstream: sharkolia-***ko
PX-IPTimestamp: 1713876360 1713961647 1713948418
X-Server: microso
PX-IPCountryISO: ES
Connection: keep-alive
PX-X-Request-Id: 1c3eae1af91dc6f0d8bb8ac199a8df61

GET
H/1.1 200
OK all.css
amazinglyfortunateoffers.com/amazonspecial/css/ 59 KB
13 KB 693ms
494ms Stylesheet
text/css 185.142.238.38
COGENT-174

General

Check archive.org

Show headers Download Go to

Full URL: https://amazinglyfortunateoffers.com/amazonspecial/css/all.css
Requested by: Host: amazinglyfortunateoffers.com
URL: https://amazinglyfortunateoffers.com/amazonspecial/es/index.php?intgrtn_clickID=L5jZxelYROGgEKvXD37W1J0VKg6mNrkwm0pMbQ6qAz9yad24P&country=ES&intgrtn_redirectReturningLead=auto
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 185.142.238.38 Amsterdam, Netherlands, ASN174 (COGENT-174, US),
Reverse DNS: efl9v9gxx2hfb.all4techstore.com
Software: nginx /
Resource Hash: 54bf65b7f1e2aa35692c2b75c0031c8e48de07efd529d8171078e7c030952f76

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://amazinglyfortunateoffers.com/amazonspecial/es/index.php?intgrtn_clickID=L5jZxelYROGgEKvXD37W1J0VKg6mNrkwm0pMbQ6qAz9yad24P&country=ES&intgrtn_redirectReturningLead=auto
Accept-Language: es-ES,es;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

Date: Wed, 24 Apr 2024 12:30:53 GMT
Content-Encoding: gzip
Last-Modified: Mon, 12 Sep 2022 11:25:55 GMT
Server: nginx
PX-Cache-Status: HIT
ETag: W/"631f1743-eac4"
Transfer-Encoding: chunked
Vary: Accept-Encoding
Content-Type: text/css
X-Upstream: sharkolia-***ko
PX-IPTimestamp: 1713876360 1713961647 1713948418
X-Server: microso
PX-IPCountryISO: ES
Connection: keep-alive
PX-X-Request-Id: 9200ed16936ce818c985d928c2b8adad

GET
H/1.1 200
OK avia-merged-styles-8d3d8e7e41495f6c8fcd447c24837fb2---5fea0759680e5.css
amazinglyfortunateoffers.com/amazonspecial/css/ 383 KB
52 KB 382ms
184ms Stylesheet
text/css 185.142.238.38
COGENT-174

General

Check archive.org

Show headers Download Go to

Full URL: https://amazinglyfortunateoffers.com/amazonspecial/css/avia-merged-styles-8d3d8e7e41495f6c8fcd447c24837fb2---5fea0759680e5.css
Requested by: Host: amazinglyfortunateoffers.com
URL: https://amazinglyfortunateoffers.com/amazonspecial/es/index.php?intgrtn_clickID=L5jZxelYROGgEKvXD37W1J0VKg6mNrkwm0pMbQ6qAz9yad24P&country=ES&intgrtn_redirectReturningLead=auto
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 185.142.238.38 Amsterdam, Netherlands, ASN174 (COGENT-174, US),
Reverse DNS: efl9v9gxx2hfb.all4techstore.com
Software: nginx /
Resource Hash: e4bcf24ba1e17060a1c79f41f9844336594106cb49c26881a2f9b5eb47966dfe

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://amazinglyfortunateoffers.com/amazonspecial/es/index.php?intgrtn_clickID=L5jZxelYROGgEKvXD37W1J0VKg6mNrkwm0pMbQ6qAz9yad24P&country=ES&intgrtn_redirectReturningLead=auto
Accept-Language: es-ES,es;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

Date: Wed, 24 Apr 2024 12:30:53 GMT
Content-Encoding: gzip
Last-Modified: Mon, 12 Sep 2022 11:25:55 GMT
Server: nginx
PX-Cache-Status: HIT
ETag: W/"631f1743-5faa0"
Transfer-Encoding: chunked
Vary: Accept-Encoding
Content-Type: text/css
X-Upstream: sharkolia-***ko
PX-IPTimestamp: 1713876360 1713961647 1713948418
X-Server: microso
PX-IPCountryISO: ES
Connection: keep-alive
PX-X-Request-Id: 5a43018e2d417eb771ecf11441d015e1

GET
H/1.1 200
OK v4-shims.css
amazinglyfortunateoffers.com/amazonspecial/css/ 26 KB
5 KB 315ms
117ms Stylesheet
text/css 185.142.238.38
COGENT-174

General

Check archive.org

Show headers Download Go to

Full URL: https://amazinglyfortunateoffers.com/amazonspecial/css/v4-shims.css
Requested by: Host: amazinglyfortunateoffers.com
URL: https://amazinglyfortunateoffers.com/amazonspecial/es/index.php?intgrtn_clickID=L5jZxelYROGgEKvXD37W1J0VKg6mNrkwm0pMbQ6qAz9yad24P&country=ES&intgrtn_redirectReturningLead=auto
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 185.142.238.38 Amsterdam, Netherlands, ASN174 (COGENT-174, US),
Reverse DNS: efl9v9gxx2hfb.all4techstore.com
Software: nginx /
Resource Hash: fda3035030d3843c2751dc0da65fb802230ec00a4008aeed83ddddc7b97cbc93

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://amazinglyfortunateoffers.com/amazonspecial/es/index.php?intgrtn_clickID=L5jZxelYROGgEKvXD37W1J0VKg6mNrkwm0pMbQ6qAz9yad24P&country=ES&intgrtn_redirectReturningLead=auto
Accept-Language: es-ES,es;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

Date: Wed, 24 Apr 2024 12:30:53 GMT
Content-Encoding: gzip
Last-Modified: Mon, 12 Sep 2022 11:25:55 GMT
Server: nginx
PX-Cache-Status: HIT
ETag: W/"631f1743-684e"
Transfer-Encoding: chunked
Vary: Accept-Encoding
Content-Type: text/css
X-Upstream: sharkolia-***ko
PX-IPTimestamp: 1713876360 1713961647 1713948418
X-Server: microso
PX-IPCountryISO: ES
Connection: keep-alive
PX-X-Request-Id: 4e8eed2f8e072bbb6a74c6c76d8de5a2

GET
H2 200 css
fonts.googleapis.com/ 60 KB
2 KB 853ms
111ms Stylesheet
text/css 216.58.206.74
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Roboto%3A100%2C100italic%2C200%2C200italic%2C300%2C300italic%2C400%2C400italic%2C500%2C500italic%2C600%2C600italic%2C700%2C700italic%2C800%2C800italic%2C900%2C900italic%7CRoboto+Slab%3A100%2C100italic%2C200%2C200italic%2C300%2C300italic%2C400%2C400italic%2C500%2C500italic%2C600%2C600italic%2C700%2C700italic%2C800%2C800italic%2C900%2C900italic%7CPoppins%3A100%2C100italic%2C200%2C200italic%2C300%2C300italic%2C400%2C400italic%2C500%2C500italic%2C600%2C600italic%2C700%2C700italic%2C800%2C800italic%2C900%2C900italic%7CABeeZee%3A100%2C100italic%2C200%2C200italic%2C300%2C300italic%2C400%2C400italic%2C500%2C500italic%2C600%2C600italic%2C700%2C700italic%2C800%2C800italic%2C900%2C900italic&ver=5.5.3

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

216.58.206.74 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

lhr35s11-in-f10.1e100.net

Software

ESF /

Resource Hash

ef7ced6cae87fb134411706b50c565fc12e3adc2a28d2b80cd6039df72385359

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://amazinglyfortunateoffers.com/
Accept-Language: es-ES,es;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

strict-transport-security: max-age=31536000
date: Wed, 24 Apr 2024 12:30:54 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
last-modified: Wed, 24 Apr 2024 12:29:19 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Wed, 24 Apr 2024 12:30:54 GMT

GET
H2 200 css2
fonts.googleapis.com/ 5 KB
713 B 855ms
114ms Stylesheet
text/css 216.58.206.74
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css2?family=PT+Sans:ital,wght@0,400;0,700;1,400;1,700&display=swap

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

216.58.206.74 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

lhr35s11-in-f10.1e100.net

Software

ESF /

Resource Hash

d0d9388b18d692e5b4cae89f224558a3ec8a98b80fc623dd7582ae43398ebed4

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://amazinglyfortunateoffers.com/
Accept-Language: es-ES,es;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

strict-transport-security: max-age=31536000
date: Wed, 24 Apr 2024 12:30:54 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
last-modified: Wed, 24 Apr 2024 11:58:30 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Wed, 24 Apr 2024 12:30:54 GMT

GET
H/1.1 200
OK slick.min.css
amazinglyfortunateoffers.com/amazonspecial/css/ 1 KB
990 B 339ms
104ms Stylesheet
text/css 185.142.238.38
COGENT-174

General

Check archive.org

Show headers Download Go to

Full URL: https://amazinglyfortunateoffers.com/amazonspecial/css/slick.min.css
Requested by: Host: amazinglyfortunateoffers.com
URL: https://amazinglyfortunateoffers.com/amazonspecial/es/index.php?intgrtn_clickID=L5jZxelYROGgEKvXD37W1J0VKg6mNrkwm0pMbQ6qAz9yad24P&country=ES&intgrtn_redirectReturningLead=auto
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 185.142.238.38 Amsterdam, Netherlands, ASN174 (COGENT-174, US),
Reverse DNS: efl9v9gxx2hfb.all4techstore.com
Software: nginx /
Resource Hash: 50ad448a8a5720bf8a5617db15af31ae60163de06331576f60c6244c012ffc72

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://amazinglyfortunateoffers.com/amazonspecial/es/index.php?intgrtn_clickID=L5jZxelYROGgEKvXD37W1J0VKg6mNrkwm0pMbQ6qAz9yad24P&country=ES&intgrtn_redirectReturningLead=auto
Accept-Language: es-ES,es;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

Date: Wed, 24 Apr 2024 12:30:53 GMT
Content-Encoding: gzip
Last-Modified: Mon, 12 Sep 2022 11:25:55 GMT
Server: nginx
PX-Cache-Status: HIT
ETag: W/"631f1743-559"
Transfer-Encoding: chunked
Vary: Accept-Encoding
Content-Type: text/css
X-Upstream: sharkolia-***ko
PX-IPTimestamp: 1713876360 1713961647 1713948418
X-Server: microso
PX-IPCountryISO: ES
Connection: keep-alive
PX-X-Request-Id: 5af67434536b17fccf5a3828f1c14dc2

GET
H/1.1 200
OK all.min.css
amazinglyfortunateoffers.com/amazonspecial/css/ 56 KB
12 KB 698ms
424ms Stylesheet
text/css 185.142.238.38
COGENT-174

General

Check archive.org

Show headers Download Go to

Full URL: https://amazinglyfortunateoffers.com/amazonspecial/css/all.min.css
Requested by: Host: amazinglyfortunateoffers.com
URL: https://amazinglyfortunateoffers.com/amazonspecial/es/index.php?intgrtn_clickID=L5jZxelYROGgEKvXD37W1J0VKg6mNrkwm0pMbQ6qAz9yad24P&country=ES&intgrtn_redirectReturningLead=auto
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 185.142.238.38 Amsterdam, Netherlands, ASN174 (COGENT-174, US),
Reverse DNS: efl9v9gxx2hfb.all4techstore.com
Software: nginx /
Resource Hash: 6daf0c6ce9852704badeaa55b3b79c86af9487e1aaca08cd86ec24767a846760

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://amazinglyfortunateoffers.com/amazonspecial/es/index.php?intgrtn_clickID=L5jZxelYROGgEKvXD37W1J0VKg6mNrkwm0pMbQ6qAz9yad24P&country=ES&intgrtn_redirectReturningLead=auto
Accept-Language: es-ES,es;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

Date: Wed, 24 Apr 2024 12:30:54 GMT
Content-Encoding: gzip
Last-Modified: Mon, 12 Sep 2022 11:25:55 GMT
Server: nginx
PX-Cache-Status: HIT
ETag: W/"631f1743-de7d"
Transfer-Encoding: chunked
Vary: Accept-Encoding
Content-Type: text/css
X-Upstream: sharkolia-***ko
PX-IPTimestamp: 1713876360 1713961647 1713948418
X-Server: microso
PX-IPCountryISO: ES
Connection: keep-alive
PX-X-Request-Id: 77edcc926bfcd881f467b1df36906365

GET
H/1.1 200
OK custom.css
amazinglyfortunateoffers.com/amazonspecial/css/ 11 KB
3 KB 378ms
103ms Stylesheet
text/css 185.142.238.38
COGENT-174

General

Check archive.org

Show headers Download Go to

Full URL: https://amazinglyfortunateoffers.com/amazonspecial/css/custom.css
Requested by: Host: amazinglyfortunateoffers.com
URL: https://amazinglyfortunateoffers.com/amazonspecial/es/index.php?intgrtn_clickID=L5jZxelYROGgEKvXD37W1J0VKg6mNrkwm0pMbQ6qAz9yad24P&country=ES&intgrtn_redirectReturningLead=auto
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 185.142.238.38 Amsterdam, Netherlands, ASN174 (COGENT-174, US),
Reverse DNS: efl9v9gxx2hfb.all4techstore.com
Software: nginx /
Resource Hash: 46a80c3e8ce40e1e839981a7baaddf17b26c9dd01a07523f8c3073e5abcdbfd9

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://amazinglyfortunateoffers.com/amazonspecial/es/index.php?intgrtn_clickID=L5jZxelYROGgEKvXD37W1J0VKg6mNrkwm0pMbQ6qAz9yad24P&country=ES&intgrtn_redirectReturningLead=auto
Accept-Language: es-ES,es;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

Date: Wed, 24 Apr 2024 12:30:53 GMT
Content-Encoding: gzip
Last-Modified: Mon, 12 Sep 2022 11:25:55 GMT
Server: nginx
PX-Cache-Status: HIT
ETag: W/"631f1743-2ce1"
Transfer-Encoding: chunked
Vary: Accept-Encoding
Content-Type: text/css
X-Upstream: sharkolia-***ko
PX-IPTimestamp: 1713876360 1713961647 1713948418
X-Server: microso
PX-IPCountryISO: ES
Connection: keep-alive
PX-X-Request-Id: 1de44439d168a91e6f2d0a6a66d528b9

GET
H/1.1 200
OK funnel.css
amazinglyfortunateoffers.com/amazonspecial/css/ 88 KB
14 KB 691ms
378ms Stylesheet
text/css 185.142.238.38
COGENT-174

General

Check archive.org

Show headers Download Go to

Full URL: https://amazinglyfortunateoffers.com/amazonspecial/css/funnel.css
Requested by: Host: amazinglyfortunateoffers.com
URL: https://amazinglyfortunateoffers.com/amazonspecial/es/index.php?intgrtn_clickID=L5jZxelYROGgEKvXD37W1J0VKg6mNrkwm0pMbQ6qAz9yad24P&country=ES&intgrtn_redirectReturningLead=auto
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 185.142.238.38 Amsterdam, Netherlands, ASN174 (COGENT-174, US),
Reverse DNS: efl9v9gxx2hfb.all4techstore.com
Software: nginx /
Resource Hash: 922ee0a54eb79fd950e185ccda4dd13ae0edabb33a44d072a9a62bd26c76770e

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://amazinglyfortunateoffers.com/amazonspecial/es/index.php?intgrtn_clickID=L5jZxelYROGgEKvXD37W1J0VKg6mNrkwm0pMbQ6qAz9yad24P&country=ES&intgrtn_redirectReturningLead=auto
Accept-Language: es-ES,es;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

Date: Wed, 24 Apr 2024 12:30:53 GMT
Content-Encoding: gzip
Last-Modified: Mon, 12 Sep 2022 11:25:55 GMT
Server: nginx
PX-Cache-Status: HIT
ETag: W/"631f1743-160d1"
Transfer-Encoding: chunked
Vary: Accept-Encoding
Content-Type: text/css
X-Upstream: sharkolia-***ko
PX-IPTimestamp: 1713876360 1713961647 1713948418
X-Server: microso
PX-IPCountryISO: ES
Connection: keep-alive
PX-X-Request-Id: c1675fc0a3e26d2d0d2da7288de3fa8d

GET
H/1.1 200
OK funnel-additional.css
amazinglyfortunateoffers.com/amazonspecial/css/ 11 KB
3 KB 689ms
350ms Stylesheet
text/css 185.142.238.38
COGENT-174

General

Check archive.org

Show headers Download Go to

Full URL: https://amazinglyfortunateoffers.com/amazonspecial/css/funnel-additional.css
Requested by: Host: amazinglyfortunateoffers.com
URL: https://amazinglyfortunateoffers.com/amazonspecial/es/index.php?intgrtn_clickID=L5jZxelYROGgEKvXD37W1J0VKg6mNrkwm0pMbQ6qAz9yad24P&country=ES&intgrtn_redirectReturningLead=auto
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 185.142.238.38 Amsterdam, Netherlands, ASN174 (COGENT-174, US),
Reverse DNS: efl9v9gxx2hfb.all4techstore.com
Software: nginx /
Resource Hash: b785c6398215d82234d97f5039ed44ebc425b6538dfba459f519c066cbf73a8c

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://amazinglyfortunateoffers.com/amazonspecial/es/index.php?intgrtn_clickID=L5jZxelYROGgEKvXD37W1J0VKg6mNrkwm0pMbQ6qAz9yad24P&country=ES&intgrtn_redirectReturningLead=auto
Accept-Language: es-ES,es;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

Date: Wed, 24 Apr 2024 12:30:53 GMT
Content-Encoding: gzip
Last-Modified: Mon, 12 Sep 2022 11:25:55 GMT
Server: nginx
PX-Cache-Status: HIT
ETag: W/"631f1743-2d29"
Transfer-Encoding: chunked
Vary: Accept-Encoding
Content-Type: text/css
X-Upstream: sharkolia-***ko
PX-IPTimestamp: 1713876360 1713961647 1713948418
X-Server: microso
PX-IPCountryISO: ES
Connection: keep-alive
PX-X-Request-Id: 49e36b54c06cb261474ec52efe16c46a

GET
H/1.1 200
OK bootstrap.min.css
amazinglyfortunateoffers.com/amazonspecial/css/ 138 KB
21 KB 693ms
316ms Stylesheet
text/css 185.142.238.38
COGENT-174

General

Check archive.org

Show headers Download Go to

Full URL: https://amazinglyfortunateoffers.com/amazonspecial/css/bootstrap.min.css
Requested by: Host: amazinglyfortunateoffers.com
URL: https://amazinglyfortunateoffers.com/amazonspecial/es/index.php?intgrtn_clickID=L5jZxelYROGgEKvXD37W1J0VKg6mNrkwm0pMbQ6qAz9yad24P&country=ES&intgrtn_redirectReturningLead=auto
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 185.142.238.38 Amsterdam, Netherlands, ASN174 (COGENT-174, US),
Reverse DNS: efl9v9gxx2hfb.all4techstore.com
Software: nginx /
Resource Hash: 7928b5ab63c6e89ee0ee26f5ef201a58c72baf91abb688580a1aa26eb57b3c11

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://amazinglyfortunateoffers.com/amazonspecial/es/index.php?intgrtn_clickID=L5jZxelYROGgEKvXD37W1J0VKg6mNrkwm0pMbQ6qAz9yad24P&country=ES&intgrtn_redirectReturningLead=auto
Accept-Language: es-ES,es;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

Date: Wed, 24 Apr 2024 12:30:54 GMT
Content-Encoding: gzip
Last-Modified: Mon, 12 Sep 2022 11:25:55 GMT
Server: nginx
PX-Cache-Status: HIT
ETag: W/"631f1743-22688"
Transfer-Encoding: chunked
Vary: Accept-Encoding
Content-Type: text/css
X-Upstream: sharkolia-***ko
PX-IPTimestamp: 1713876360 1713961647 1713948418
X-Server: microso
PX-IPCountryISO: ES
Connection: keep-alive
PX-X-Request-Id: 54617e96cb52264715ee861649ffee4e

GET
H/1.1 200
OK intgrtn.css
amazinglyfortunateoffers.com/amazonspecial/css/ 3 KB
1 KB 800ms
111ms Stylesheet
text/css 185.142.238.38
COGENT-174

General

Check archive.org

Show headers Download Go to

Full URL: https://amazinglyfortunateoffers.com/amazonspecial/css/intgrtn.css
Requested by: Host: amazinglyfortunateoffers.com
URL: https://amazinglyfortunateoffers.com/amazonspecial/es/index.php?intgrtn_clickID=L5jZxelYROGgEKvXD37W1J0VKg6mNrkwm0pMbQ6qAz9yad24P&country=ES&intgrtn_redirectReturningLead=auto
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 185.142.238.38 Amsterdam, Netherlands, ASN174 (COGENT-174, US),
Reverse DNS: efl9v9gxx2hfb.all4techstore.com
Software: nginx /
Resource Hash: e4aecdb9b577a378e725fa4e5b185218507bfdb1e63630c77653d62842c0ac79

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://amazinglyfortunateoffers.com/amazonspecial/es/index.php?intgrtn_clickID=L5jZxelYROGgEKvXD37W1J0VKg6mNrkwm0pMbQ6qAz9yad24P&country=ES&intgrtn_redirectReturningLead=auto
Accept-Language: es-ES,es;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

Date: Wed, 24 Apr 2024 12:30:54 GMT
Content-Encoding: gzip
Last-Modified: Mon, 12 Sep 2022 11:25:55 GMT
Server: nginx
PX-Cache-Status: HIT
ETag: W/"631f1743-d2d"
Transfer-Encoding: chunked
Vary: Accept-Encoding
Content-Type: text/css
X-Upstream: sharkolia-***ko
PX-IPTimestamp: 1713876360 1713961647 1713948418
X-Server: microso
PX-IPCountryISO: ES
Connection: keep-alive
PX-X-Request-Id: 0bb6cccbf9c9a1af47aee4f37226327a

GET
H/1.1 200
OK 5fb67d77b617d_v.png
amazinglyfortunateoffers.com/amazonspecial/img/ 5 KB
5 KB 112ms
110ms Image
image/png 185.142.238.38
COGENT-174

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://amazinglyfortunateoffers.com/amazonspecial/img/5fb67d77b617d_v.png
Requested by: Host: amazinglyfortunateoffers.com
URL: https://amazinglyfortunateoffers.com/amazonspecial/es/index.php?intgrtn_clickID=L5jZxelYROGgEKvXD37W1J0VKg6mNrkwm0pMbQ6qAz9yad24P&country=ES&intgrtn_redirectReturningLead=auto
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 185.142.238.38 Amsterdam, Netherlands, ASN174 (COGENT-174, US),
Reverse DNS: efl9v9gxx2hfb.all4techstore.com
Software: nginx /
Resource Hash: 1a320a466c1d7d389cd5476d27a0d027a833a96e291ce5267d1506695af486eb

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://amazinglyfortunateoffers.com/amazonspecial/es/index.php?intgrtn_clickID=L5jZxelYROGgEKvXD37W1J0VKg6mNrkwm0pMbQ6qAz9yad24P&country=ES&intgrtn_redirectReturningLead=auto
Accept-Language: es-ES,es;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

Date: Wed, 24 Apr 2024 12:30:54 GMT
Content-Encoding: gzip
Last-Modified: Mon, 12 Sep 2022 11:25:55 GMT
Server: nginx
PX-Cache-Status: HIT
ETag: W/"631f1743-137e"
Transfer-Encoding: chunked
Vary: Accept-Encoding
Content-Type: image/png
X-Upstream: sharkolia-***ko
PX-IPTimestamp: 1713876360 1713961647 1713948418
X-Server: microso
PX-IPCountryISO: ES
Connection: keep-alive
PX-X-Request-Id: 3d00cf55136fe4d869beded49d822607

GET
H/1.1 200
OK 5fb67d77d9256_v.jpg
amazinglyfortunateoffers.com/amazonspecial/img/ 25 KB
22 KB 145ms
144ms Image
image/jpeg 185.142.238.38
COGENT-174

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://amazinglyfortunateoffers.com/amazonspecial/img/5fb67d77d9256_v.jpg
Requested by: Host: amazinglyfortunateoffers.com
URL: https://amazinglyfortunateoffers.com/amazonspecial/es/index.php?intgrtn_clickID=L5jZxelYROGgEKvXD37W1J0VKg6mNrkwm0pMbQ6qAz9yad24P&country=ES&intgrtn_redirectReturningLead=auto
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 185.142.238.38 Amsterdam, Netherlands, ASN174 (COGENT-174, US),
Reverse DNS: efl9v9gxx2hfb.all4techstore.com
Software: nginx /
Resource Hash: f6351b5bfa259de13dae9c9f332855813b99bd8544c8cdad7cc1645c454fb4bd

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://amazinglyfortunateoffers.com/amazonspecial/es/index.php?intgrtn_clickID=L5jZxelYROGgEKvXD37W1J0VKg6mNrkwm0pMbQ6qAz9yad24P&country=ES&intgrtn_redirectReturningLead=auto
Accept-Language: es-ES,es;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

Date: Wed, 24 Apr 2024 12:30:54 GMT
Content-Encoding: gzip
Last-Modified: Mon, 12 Sep 2022 11:25:55 GMT
Server: nginx
PX-Cache-Status: HIT
ETag: W/"631f1743-6293"
Transfer-Encoding: chunked
Vary: Accept-Encoding
Content-Type: image/jpeg
X-Upstream: sharkolia-***ko
PX-IPTimestamp: 1713876360 1713961647 1713948418
X-Server: microso
PX-IPCountryISO: ES
Connection: keep-alive
PX-X-Request-Id: 71404712440bb70e9dda87b2c68c7a9a

GET
H/1.1 200
OK 5fb67d78c1ea3_v.jpg
amazinglyfortunateoffers.com/amazonspecial/img/ 17 KB
14 KB 126ms
109ms Image
image/jpeg 185.142.238.38
COGENT-174

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://amazinglyfortunateoffers.com/amazonspecial/img/5fb67d78c1ea3_v.jpg
Requested by: Host: amazinglyfortunateoffers.com
URL: https://amazinglyfortunateoffers.com/amazonspecial/es/index.php?intgrtn_clickID=L5jZxelYROGgEKvXD37W1J0VKg6mNrkwm0pMbQ6qAz9yad24P&country=ES&intgrtn_redirectReturningLead=auto
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 185.142.238.38 Amsterdam, Netherlands, ASN174 (COGENT-174, US),
Reverse DNS: efl9v9gxx2hfb.all4techstore.com
Software: nginx /
Resource Hash: b5c3c626088edc6bd530c9da23892e3d641fd9fd94e03645164686f5baa1ee30

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://amazinglyfortunateoffers.com/amazonspecial/es/index.php?intgrtn_clickID=L5jZxelYROGgEKvXD37W1J0VKg6mNrkwm0pMbQ6qAz9yad24P&country=ES&intgrtn_redirectReturningLead=auto
Accept-Language: es-ES,es;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

Date: Wed, 24 Apr 2024 12:30:54 GMT
Content-Encoding: gzip
Last-Modified: Mon, 12 Sep 2022 11:25:55 GMT
Server: nginx
PX-Cache-Status: HIT
ETag: W/"631f1743-45f6"
Transfer-Encoding: chunked
Vary: Accept-Encoding
Content-Type: image/jpeg
X-Upstream: sharkolia-***ko
PX-IPTimestamp: 1713876360 1713961647 1713948418
X-Server: microso
PX-IPCountryISO: ES
Connection: keep-alive
PX-X-Request-Id: 21a68e9709716e581bfbdf03aa30a511

GET
H/1.1 200
OK 5fb67d78cd12b_v.jpg
amazinglyfortunateoffers.com/amazonspecial/img/ 63 KB
61 KB 165ms
146ms Image
image/jpeg 185.142.238.38
COGENT-174

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://amazinglyfortunateoffers.com/amazonspecial/img/5fb67d78cd12b_v.jpg
Requested by: Host: amazinglyfortunateoffers.com
URL: https://amazinglyfortunateoffers.com/amazonspecial/es/index.php?intgrtn_clickID=L5jZxelYROGgEKvXD37W1J0VKg6mNrkwm0pMbQ6qAz9yad24P&country=ES&intgrtn_redirectReturningLead=auto
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 185.142.238.38 Amsterdam, Netherlands, ASN174 (COGENT-174, US),
Reverse DNS: efl9v9gxx2hfb.all4techstore.com
Software: nginx /
Resource Hash: 856a223e470a7640097f6a83588c41b7d831e364e9db24d1165e1811b026d9a9

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://amazinglyfortunateoffers.com/amazonspecial/es/index.php?intgrtn_clickID=L5jZxelYROGgEKvXD37W1J0VKg6mNrkwm0pMbQ6qAz9yad24P&country=ES&intgrtn_redirectReturningLead=auto
Accept-Language: es-ES,es;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

Date: Wed, 24 Apr 2024 12:30:54 GMT
Content-Encoding: gzip
Last-Modified: Mon, 12 Sep 2022 11:25:55 GMT
Server: nginx
PX-Cache-Status: HIT
ETag: W/"631f1743-fa5a"
Transfer-Encoding: chunked
Vary: Accept-Encoding
Content-Type: image/jpeg
X-Upstream: sharkolia-***ko
PX-IPTimestamp: 1713876360 1713961647 1713948418
X-Server: microso
PX-IPCountryISO: ES
Connection: keep-alive
PX-X-Request-Id: e8e874381e31f0788172cea660d5ab4f

GET
H/1.1 200
OK jquery-1.11.3.min.js Show response
amazinglyfortunateoffers.com/amazonspecial/js/ 94 KB
33 KB 778ms
107ms Script
application/javascript 185.142.238.38
COGENT-174

General

Check archive.org

Show headers Download Go to

Full URL: https://amazinglyfortunateoffers.com/amazonspecial/js/jquery-1.11.3.min.js
Requested by: Host: amazinglyfortunateoffers.com
URL: https://amazinglyfortunateoffers.com/amazonspecial/es/index.php?intgrtn_clickID=L5jZxelYROGgEKvXD37W1J0VKg6mNrkwm0pMbQ6qAz9yad24P&country=ES&intgrtn_redirectReturningLead=auto
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 185.142.238.38 Amsterdam, Netherlands, ASN174 (COGENT-174, US),
Reverse DNS: efl9v9gxx2hfb.all4techstore.com
Software: nginx /
Resource Hash: ecb916133a9376911f10bc5c659952eb0031e457f5df367cde560edbfba38fb8

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://amazinglyfortunateoffers.com/amazonspecial/es/index.php?intgrtn_clickID=L5jZxelYROGgEKvXD37W1J0VKg6mNrkwm0pMbQ6qAz9yad24P&country=ES&intgrtn_redirectReturningLead=auto
Accept-Language: es-ES,es;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

Date: Wed, 24 Apr 2024 12:30:54 GMT
Content-Encoding: gzip
Last-Modified: Mon, 12 Sep 2022 11:25:55 GMT
Server: nginx
PX-Cache-Status: HIT
ETag: W/"631f1743-176d5"
Transfer-Encoding: chunked
Vary: Accept-Encoding
Content-Type: application/javascript
X-Upstream: sharkolia-***ko
PX-IPTimestamp: 1713876360 1713961647 1713948418
X-Server: microso
PX-IPCountryISO: ES
Connection: keep-alive
PX-X-Request-Id: 6a8d83f7e0af122b1804d9b285e02c80

GET
H/1.1 200
OK bootstrap.min.js Show response
amazinglyfortunateoffers.com/amazonspecial/js/ 50 KB
14 KB 199ms
198ms Script
application/javascript 185.142.238.38
COGENT-174

General

Check archive.org

Show headers Download Go to

Full URL: https://amazinglyfortunateoffers.com/amazonspecial/js/bootstrap.min.js
Requested by: Host: amazinglyfortunateoffers.com
URL: https://amazinglyfortunateoffers.com/amazonspecial/es/index.php?intgrtn_clickID=L5jZxelYROGgEKvXD37W1J0VKg6mNrkwm0pMbQ6qAz9yad24P&country=ES&intgrtn_redirectReturningLead=auto
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 185.142.238.38 Amsterdam, Netherlands, ASN174 (COGENT-174, US),
Reverse DNS: efl9v9gxx2hfb.all4techstore.com
Software: nginx /
Resource Hash: 56c12a125b021d21a69e61d7190cefa168d6c28ce715265cea1b3b0112d169c4

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://amazinglyfortunateoffers.com/amazonspecial/es/index.php?intgrtn_clickID=L5jZxelYROGgEKvXD37W1J0VKg6mNrkwm0pMbQ6qAz9yad24P&country=ES&intgrtn_redirectReturningLead=auto
Accept-Language: es-ES,es;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

Date: Wed, 24 Apr 2024 12:30:54 GMT
Content-Encoding: gzip
Last-Modified: Mon, 12 Sep 2022 11:25:55 GMT
Server: nginx
PX-Cache-Status: HIT
ETag: W/"631f1743-c75f"
Transfer-Encoding: chunked
Vary: Accept-Encoding
Content-Type: application/javascript
X-Upstream: sharkolia-***ko
PX-IPTimestamp: 1713876360 1713961647 1713948418
X-Server: microso
PX-IPCountryISO: ES
Connection: keep-alive
PX-X-Request-Id: 2f1ecf7c0725cd7f2c818686d6009052

GET
H2 200 css2
fonts.googleapis.com/ 5 KB
589 B 505ms
145ms Stylesheet
text/css 216.58.206.74
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css2?family=Work+Sans:wght@400;600;700;800;900&display=swap

Requested by

Host: amazinglyfortunateoffers.com
URL: https://amazinglyfortunateoffers.com/amazonspecial/css/custom.css

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

216.58.206.74 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

lhr35s11-in-f10.1e100.net

Software

ESF /

Resource Hash

1fe73fb1bd17a8ed817c1f89abe78ded44d961c543e7f7d85702845a2cfd3877

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://amazinglyfortunateoffers.com/
Accept-Language: es-ES,es;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

strict-transport-security: max-age=31536000
date: Wed, 24 Apr 2024 12:30:54 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
last-modified: Wed, 24 Apr 2024 12:30:54 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Wed, 24 Apr 2024 12:30:54 GMT

GET
H/1.1 200
OK amazon-1-1.jpg
amazinglyfortunateoffers.com/amazonspecial/img/ 101 KB
101 KB 105ms
105ms Image
image/jpeg 185.142.238.38
COGENT-174

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://amazinglyfortunateoffers.com/amazonspecial/img/amazon-1-1.jpg
Requested by: Host: amazinglyfortunateoffers.com
URL: https://amazinglyfortunateoffers.com/amazonspecial/es/index.php?intgrtn_clickID=L5jZxelYROGgEKvXD37W1J0VKg6mNrkwm0pMbQ6qAz9yad24P&country=ES&intgrtn_redirectReturningLead=auto
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 185.142.238.38 Amsterdam, Netherlands, ASN174 (COGENT-174, US),
Reverse DNS: efl9v9gxx2hfb.all4techstore.com
Software: nginx /
Resource Hash: c1af3158b052d4a2841d6618e385457afb39c3ebde4e1c29b45a8889aee7ec3a

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://amazinglyfortunateoffers.com/amazonspecial/es/index.php?intgrtn_clickID=L5jZxelYROGgEKvXD37W1J0VKg6mNrkwm0pMbQ6qAz9yad24P&country=ES&intgrtn_redirectReturningLead=auto
Accept-Language: es-ES,es;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

Date: Wed, 24 Apr 2024 12:30:54 GMT
Content-Encoding: gzip
Last-Modified: Mon, 12 Sep 2022 11:25:55 GMT
Server: nginx
PX-Cache-Status: HIT
ETag: W/"631f1743-195bd"
Transfer-Encoding: chunked
Vary: Accept-Encoding
Content-Type: image/jpeg
X-Upstream: sharkolia-***ko
PX-IPTimestamp: 1713876360 1713961647 1713948418
X-Server: microso
PX-IPCountryISO: ES
Connection: keep-alive
PX-X-Request-Id: e61b0249f661e432d06e9283ed971dbc

GET
H2 200 u-4n0qyriQwlOrhSvowK_l52xwNZWMf6.woff2
fonts.gstatic.com/s/merriweather/v30/ 19 KB
19 KB 721ms
178ms Font
font/woff2 172.217.18.99

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/merriweather/v30/u-4n0qyriQwlOrhSvowK_l52xwNZWMf6.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css2?family=Merriweather:wght@300;400;700&display=swap

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.217.18.99 -, , ASN (),

Reverse DNS

Software

sffe /

Resource Hash

273c8613cdd2852dd5318f224d804ae6d2fc717c48d3f1dab587b6d396fb4fc8

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://fonts.googleapis.com/
Origin: https://amazinglyfortunateoffers.com
Accept-Language: es-ES,es;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Sat, 20 Apr 2024 13:32:10 GMT
x-content-type-options: nosniff
age: 341925
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 19740
x-xss-protection: 0
last-modified: Tue, 26 Apr 2022 15:48:38 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Sun, 20 Apr 2025 13:32:10 GMT

GET
H2 200 uK_w4ruaZus72nbNDycQGvo.woff2
fonts.gstatic.com/s/magra/v14/ 9 KB
9 KB 747ms
205ms Font
font/woff2 172.217.18.99

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/magra/v14/uK_w4ruaZus72nbNDycQGvo.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css2?family=Magra:wght@400;700&display=swap

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.217.18.99 -, , ASN (),

Reverse DNS

Software

sffe /

Resource Hash

c4920b39f85de27baf31e69b334cdf828ec2875ac4ec3a4a2d7a2e52773f7e79

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://fonts.googleapis.com/
Origin: https://amazinglyfortunateoffers.com
Accept-Language: es-ES,es;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Tue, 23 Apr 2024 05:01:10 GMT
x-content-type-options: nosniff
age: 113385
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 9436
x-xss-protection: 0
last-modified: Tue, 26 Apr 2022 15:28:01 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Wed, 23 Apr 2025 05:01:10 GMT

GET
H2 200 6xKydSBYKcSV-LCoeQqfX1RYOo3ig4vwlxdu.woff2
fonts.gstatic.com/s/sourcesanspro/v22/ 14 KB
14 KB 736ms
194ms Font
font/woff2 172.217.18.99

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/sourcesanspro/v22/6xKydSBYKcSV-LCoeQqfX1RYOo3ig4vwlxdu.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css2?family=Source+Sans+Pro:wght@300;400;600;700&display=swap

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.217.18.99 -, , ASN (),

Reverse DNS

Software

sffe /

Resource Hash

0d0a6262c545e8bbc895116e5afb22579c468d7abb77e378f377d6fed57c1dce

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://fonts.googleapis.com/
Origin: https://amazinglyfortunateoffers.com
Accept-Language: es-ES,es;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Wed, 24 Apr 2024 11:42:24 GMT
x-content-type-options: nosniff
age: 2911
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 14712
x-xss-protection: 0
last-modified: Thu, 01 Jun 2023 22:52:57 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Thu, 24 Apr 2025 11:42:24 GMT

GET
H2 200 JTUSjIg1_i6t8kCHKm459Wlhyw.woff2
fonts.gstatic.com/s/montserrat/v26/ 32 KB
33 KB 676ms
134ms Font
font/woff2 172.217.18.99

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/montserrat/v26/JTUSjIg1_i6t8kCHKm459Wlhyw.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css2?family=Montserrat:wght@300;400;600;700&display=swap

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.217.18.99 -, , ASN (),

Reverse DNS

Software

sffe /

Resource Hash

bb2f90081933c0f2475883ca2c5cfee94e96d7314a09433fffc42e37f4cffd3b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://fonts.googleapis.com/
Origin: https://amazinglyfortunateoffers.com
Accept-Language: es-ES,es;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Mon, 22 Apr 2024 17:34:04 GMT
x-content-type-options: nosniff
age: 154611
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 33092
x-xss-protection: 0
last-modified: Wed, 13 Sep 2023 22:51:58 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Tue, 22 Apr 2025 17:34:04 GMT

GET
H2 200 6xK3dSBYKcSV-LCoeQqfX1RYOo3qOK7l.woff2
fonts.gstatic.com/s/sourcesanspro/v22/ 15 KB
15 KB 751ms
210ms Font
font/woff2 172.217.18.99

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/sourcesanspro/v22/6xK3dSBYKcSV-LCoeQqfX1RYOo3qOK7l.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css2?family=Source+Sans+Pro:wght@300;400;600;700&display=swap

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.217.18.99 -, , ASN (),

Reverse DNS

Software

sffe /

Resource Hash

7b348b30ea1fe43857e68fc462c29e5c6e63c97666af75135c4396a272e54762

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://fonts.googleapis.com/
Origin: https://amazinglyfortunateoffers.com
Accept-Language: es-ES,es;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Sat, 20 Apr 2024 10:42:02 GMT
x-content-type-options: nosniff
age: 352133
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 14892
x-xss-protection: 0
last-modified: Thu, 01 Jun 2023 22:52:56 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Sun, 20 Apr 2025 10:42:02 GMT

GET
H/1.1 200
OK entypo-fontello.woff2
amazinglyfortunateoffers.com/amazonspecial/fonts/ 38 KB
38 KB 99ms
98ms Font
font/woff2 185.142.238.38
COGENT-174

General

Check archive.org

Show headers Download Go to

Full URL: https://amazinglyfortunateoffers.com/amazonspecial/fonts/entypo-fontello.woff2
Requested by: Host: amazinglyfortunateoffers.com
URL: https://amazinglyfortunateoffers.com/amazonspecial/es/index.php?intgrtn_clickID=L5jZxelYROGgEKvXD37W1J0VKg6mNrkwm0pMbQ6qAz9yad24P&country=ES&intgrtn_redirectReturningLead=auto
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 185.142.238.38 Amsterdam, Netherlands, ASN174 (COGENT-174, US),
Reverse DNS: efl9v9gxx2hfb.all4techstore.com
Software: nginx /
Resource Hash: aba14bf4f70a87d173da2171049240f074959c2497caadb37fdba37fbdfabd1f

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://amazinglyfortunateoffers.com/amazonspecial/es/index.php?intgrtn_clickID=L5jZxelYROGgEKvXD37W1J0VKg6mNrkwm0pMbQ6qAz9yad24P&country=ES&intgrtn_redirectReturningLead=auto
Origin: https://amazinglyfortunateoffers.com
Accept-Language: es-ES,es;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

Date: Wed, 24 Apr 2024 12:30:54 GMT
Last-Modified: Mon, 12 Sep 2022 11:25:55 GMT
Server: nginx
PX-Cache-Status: HIT
ETag: "631f1743-9754"
Content-Type: font/woff2
X-Upstream: sharkolia-***ko
PX-IPTimestamp: 1713876360 1713961647 1713948418
X-Server: microso
PX-IPCountryISO: ES
Connection: keep-alive
Accept-Ranges: bytes
PX-X-Request-Id: d27cf900eeaca007343a3e34118eab6e
Content-Length: 38740

GET
H/1.1 200
OK sdk.js Show response
amazinglyfortunateoffers.com/intgrtn/api/v1/integration/ 489 KB
50 KB 138ms
137ms Script
application/javascript 185.142.238.38
COGENT-174

General

Check archive.org

Show headers Download Go to

Full URL: https://amazinglyfortunateoffers.com/intgrtn/api/v1/integration/sdk.js?v=12024324133
Requested by: Host: amazinglyfortunateoffers.com
URL: https://amazinglyfortunateoffers.com/amazonspecial/es/index.php?intgrtn_clickID=L5jZxelYROGgEKvXD37W1J0VKg6mNrkwm0pMbQ6qAz9yad24P&country=ES&intgrtn_redirectReturningLead=auto
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 185.142.238.38 Amsterdam, Netherlands, ASN174 (COGENT-174, US),
Reverse DNS: efl9v9gxx2hfb.all4techstore.com
Software: nginx /
Resource Hash: f668a0120118a07fc106cb69fbcd2c88360878cd96d74724af8c413a2f92f797

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://amazinglyfortunateoffers.com/amazonspecial/es/index.php?intgrtn_clickID=L5jZxelYROGgEKvXD37W1J0VKg6mNrkwm0pMbQ6qAz9yad24P&country=ES&intgrtn_redirectReturningLead=auto
Accept-Language: es-ES,es;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

Date: Wed, 24 Apr 2024 12:30:54 GMT
Content-Encoding: gzip
Transfer-Encoding: chunked
PX-IPTimestamp: 1713876360 1713961647 1713948418
Connection: keep-alive
Last-Modified: Mon, 22 Apr 2024 15:06:42 GMT
Server: nginx
PX-Cache-Status: HIT
ETag: W/"66267d02-7a2fb"
Vary: Accept-Encoding
Content-Type: application/javascript
Cache-Control: max-age=31536000
X-Server: microso
PX-IPCountryISO: ES
PX-X-Request-Id: 9a6e32f59c5673bdbe53a487c001c7d7
Expires: Thu, 24 Apr 2025 04:33:39 GMT

GET
H/1.1 200
OK details.php Show response
amazinglyfortunateoffers.com/intgrtn/api/v1/projects/ 55 KB
11 KB 245ms
245ms XHR
application/json 185.142.238.38
COGENT-174

General

Check archive.org

Show headers Download Go to

Full URL: https://amazinglyfortunateoffers.com/intgrtn/api/v1/projects/details.php?&clickID=L5jZxelYROGgEKvXD37W1J0VKg6mNrkwm0pMbQ6qAz9yad24P&language=es
Requested by: Host: amazinglyfortunateoffers.com
URL: https://amazinglyfortunateoffers.com/intgrtn/api/v1/integration/sdk.js?v=12024324133
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 185.142.238.38 Amsterdam, Netherlands, ASN174 (COGENT-174, US),
Reverse DNS: efl9v9gxx2hfb.all4techstore.com
Software: nginx /
Resource Hash: b87135f89f5d1869420685e9a8e2479deb73f56b71bc0771224f7c3130b85df9

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Accept-Language: es-ES,es;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
Intgrtn-Referer: https://amazinglyfortunateoffers.com/amazonspecial/es/index.php?intgrtn_clickID=L5jZxelYROGgEKvXD37W1J0VKg6mNrkwm0pMbQ6qAz9yad24P&country=ES&intgrtn_redirectReturningLead=auto
Content-Type: application/json
Referer: https://amazinglyfortunateoffers.com/amazonspecial/es/index.php?intgrtn_clickID=L5jZxelYROGgEKvXD37W1J0VKg6mNrkwm0pMbQ6qAz9yad24P&country=ES&intgrtn_redirectReturningLead=auto
sec-ch-ua-platform: "Win32"

Response headers

Date: Wed, 24 Apr 2024 12:30:55 GMT
Content-Encoding: gzip
Server: nginx
Transfer-Encoding: chunked
Access-Control-Allow-Methods: POST, GET, OPTIONS
Content-Type: application/json
Access-Control-Allow-Origin: *
PX-IPTimestamp: 1713876360 1713961647 1713948418
Vary: Accept-Encoding
X-Server: microso
PX-IPCountryISO: ES
Connection: keep-alive
PX-X-Request-Id: f679d0df94bc01396d47f0bd2d6a7577
Access-Control-Allow-Headers: accept, origin, content-type, authorization, Cache-Control, X-Requested-With, Intgrtn-Referer

GET
H/1.1 200
OK agreements.php Show response
amazinglyfortunateoffers.com/intgrtn/api/v1/projects/ 4 KB
2 KB 234ms
234ms XHR
application/json 185.142.238.38
COGENT-174

General

Check archive.org

Show headers Download Go to

Full URL: https://amazinglyfortunateoffers.com/intgrtn/api/v1/projects/agreements.php?type=4&clickID=L5jZxelYROGgEKvXD37W1J0VKg6mNrkwm0pMbQ6qAz9yad24P
Requested by: Host: amazinglyfortunateoffers.com
URL: https://amazinglyfortunateoffers.com/intgrtn/api/v1/integration/sdk.js?v=12024324133
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 185.142.238.38 Amsterdam, Netherlands, ASN174 (COGENT-174, US),
Reverse DNS: efl9v9gxx2hfb.all4techstore.com
Software: nginx /
Resource Hash: e1a09eb44eca7b9035d92c746ae8c9ba6bdddb847d42136f4ae8e8ad26de896c

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Accept-Language: es-ES,es;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
Intgrtn-Referer: https://amazinglyfortunateoffers.com/amazonspecial/es/index.php?intgrtn_clickID=L5jZxelYROGgEKvXD37W1J0VKg6mNrkwm0pMbQ6qAz9yad24P&country=ES&intgrtn_redirectReturningLead=auto
Content-Type: application/json
Referer: https://amazinglyfortunateoffers.com/amazonspecial/es/index.php?intgrtn_clickID=L5jZxelYROGgEKvXD37W1J0VKg6mNrkwm0pMbQ6qAz9yad24P&country=ES&intgrtn_redirectReturningLead=auto
sec-ch-ua-platform: "Win32"

Response headers

Date: Wed, 24 Apr 2024 12:30:55 GMT
Content-Encoding: gzip
Server: nginx
Transfer-Encoding: chunked
Access-Control-Allow-Methods: POST, GET, OPTIONS
Content-Type: application/json
Access-Control-Allow-Origin: *
PX-IPTimestamp: 1713876360 1713961647 1713948418
Vary: Accept-Encoding
X-Server: microso
PX-IPCountryISO: ES
Connection: keep-alive
PX-X-Request-Id: d30edee45700e76fc2021b626bbb71a7
Access-Control-Allow-Headers: accept, origin, content-type, authorization, Cache-Control, X-Requested-With, Intgrtn-Referer

GET
H/1.1 200
OK sdk.css
amazinglyfortunateoffers.com/intgrtn/api/v1/integration/ 82 KB
9 KB 132ms
131ms Stylesheet
text/css 185.142.238.38
COGENT-174

General

Check archive.org

Show headers Download Go to

Full URL: https://amazinglyfortunateoffers.com/intgrtn/api/v1/integration/sdk.css?v=2.66.5
Requested by: Host: amazinglyfortunateoffers.com
URL: https://amazinglyfortunateoffers.com/intgrtn/api/v1/integration/sdk.js?v=12024324133
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 185.142.238.38 Amsterdam, Netherlands, ASN174 (COGENT-174, US),
Reverse DNS: efl9v9gxx2hfb.all4techstore.com
Software: nginx /
Resource Hash: 617a4b507a3a45bc358f56b14d884283ab84e61e8ed5956d4d1684d5130e6b47

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://amazinglyfortunateoffers.com/amazonspecial/es/index.php?intgrtn_clickID=L5jZxelYROGgEKvXD37W1J0VKg6mNrkwm0pMbQ6qAz9yad24P&country=ES&intgrtn_redirectReturningLead=auto
Accept-Language: es-ES,es;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

Date: Wed, 24 Apr 2024 12:30:55 GMT
Content-Encoding: gzip
Transfer-Encoding: chunked
PX-IPTimestamp: 1713876360 1713961647 1713948418
Connection: keep-alive
Last-Modified: Thu, 15 Feb 2024 16:57:02 GMT
Server: nginx
PX-Cache-Status: HIT
ETag: W/"65ce425e-14923"
Vary: Accept-Encoding
Content-Type: text/css
Cache-Control: max-age=31536000
X-Server: microso
PX-IPCountryISO: ES
PX-X-Request-Id: ddce9e0c7ebbaad7332279ee99fa6a5f
Expires: Tue, 18 Feb 2025 11:42:50 GMT

GET
H/1.1 200
OK eye-1a.png
amazinglyfortunateoffers.com/intgrtn/api/v1/integration/assets/img/ 1 KB
2 KB 128ms
127ms Image
image/png 185.142.238.38
COGENT-174

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://amazinglyfortunateoffers.com/intgrtn/api/v1/integration/assets/img/eye-1a.png
Requested by: Host: amazinglyfortunateoffers.com
URL: https://amazinglyfortunateoffers.com/intgrtn/api/v1/integration/sdk.css?v=2.66.5
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 185.142.238.38 Amsterdam, Netherlands, ASN174 (COGENT-174, US),
Reverse DNS: efl9v9gxx2hfb.all4techstore.com
Software: nginx /
Resource Hash: 9505ce3a2d95aa956775178ce80f3e0e89cc58c85906cd04bd1f8a6d6a5768e3

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://amazinglyfortunateoffers.com/intgrtn/api/v1/integration/sdk.css?v=2.66.5
Accept-Language: es-ES,es;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

Date: Wed, 24 Apr 2024 12:30:55 GMT
Content-Encoding: gzip
Transfer-Encoding: chunked
PX-IPTimestamp: 1713876360 1713961647 1713948418
Connection: keep-alive
Last-Modified: Thu, 07 Mar 2024 16:52:43 GMT
Server: nginx
PX-Cache-Status: HIT
ETag: W/"65e9f0db-42f"
Vary: Accept-Encoding
Content-Type: image/png
Cache-Control: max-age=31536000
X-Server: microso
PX-IPCountryISO: ES
PX-X-Request-Id: ebcfcf2f695f2f8a337249313a2762a1
Expires: Tue, 11 Mar 2025 11:23:48 GMT

GET
H/1.1 200
OK flags32.png
amazinglyfortunateoffers.com/intgrtn/api/v1/integration/assets/img/ 44 KB
45 KB 102ms
102ms Image
image/png 185.142.238.38
COGENT-174

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://amazinglyfortunateoffers.com/intgrtn/api/v1/integration/assets/img/flags32.png
Requested by: Host: amazinglyfortunateoffers.com
URL: https://amazinglyfortunateoffers.com/intgrtn/api/v1/integration/sdk.css?v=2.66.5
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 185.142.238.38 Amsterdam, Netherlands, ASN174 (COGENT-174, US),
Reverse DNS: efl9v9gxx2hfb.all4techstore.com
Software: nginx /
Resource Hash: 681c58beadf3030753d8d5bb7c85c5f631704a515a9da8fd7a3744be46e12419

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://amazinglyfortunateoffers.com/intgrtn/api/v1/integration/sdk.css?v=2.66.5
Accept-Language: es-ES,es;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

Date: Wed, 24 Apr 2024 12:30:55 GMT
Content-Encoding: gzip
Transfer-Encoding: chunked
PX-IPTimestamp: 1713876360 1713961647 1713948418
Connection: keep-alive
Last-Modified: Thu, 15 Feb 2024 16:54:44 GMT
Server: nginx
PX-Cache-Status: HIT
ETag: W/"65ce41d4-afed"
Vary: Accept-Encoding
Content-Type: image/png
Cache-Control: max-age=31536000
X-Server: microso
PX-IPCountryISO: ES
PX-X-Request-Id: 666a7ec3cbe12cf8cab967836914a743
Expires: Tue, 18 Feb 2025 13:35:28 GMT

GET
H/1.1 200
OK agreements.php Show response
amazinglyfortunateoffers.com/intgrtn/api/v1/projects/ 4 KB
2 KB 174ms
174ms XHR
application/json 185.142.238.38
COGENT-174

General

Check archive.org

Show headers Download Go to

Full URL: https://amazinglyfortunateoffers.com/intgrtn/api/v1/projects/agreements.php?type=4&clickID=L5jZxelYROGgEKvXD37W1J0VKg6mNrkwm0pMbQ6qAz9yad24P&locale=es-ES
Requested by: Host: amazinglyfortunateoffers.com
URL: https://amazinglyfortunateoffers.com/intgrtn/api/v1/integration/sdk.js?v=12024324133
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 185.142.238.38 Amsterdam, Netherlands, ASN174 (COGENT-174, US),
Reverse DNS: efl9v9gxx2hfb.all4techstore.com
Software: nginx /
Resource Hash: 65ea82ac80938f435985bd275aa53b98f891dd4ddd6621783c14c015ae541981

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Accept-Language: es-ES,es;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
Intgrtn-Referer: https://amazinglyfortunateoffers.com/amazonspecial/es/index.php?intgrtn_clickID=L5jZxelYROGgEKvXD37W1J0VKg6mNrkwm0pMbQ6qAz9yad24P&country=ES&intgrtn_redirectReturningLead=auto
Content-Type: application/json
Referer: https://amazinglyfortunateoffers.com/amazonspecial/es/index.php?intgrtn_clickID=L5jZxelYROGgEKvXD37W1J0VKg6mNrkwm0pMbQ6qAz9yad24P&country=ES&intgrtn_redirectReturningLead=auto
sec-ch-ua-platform: "Win32"

Response headers

Date: Wed, 24 Apr 2024 12:30:55 GMT
Content-Encoding: gzip
Server: nginx
Transfer-Encoding: chunked
Access-Control-Allow-Methods: POST, GET, OPTIONS
Content-Type: application/json
Access-Control-Allow-Origin: *
PX-IPTimestamp: 1713876360 1713961647 1713948418
Vary: Accept-Encoding
X-Server: microso
PX-IPCountryISO: ES
Connection: keep-alive
PX-X-Request-Id: 430168bc6fc48ce8d0ceec124c2bf57e
Access-Control-Allow-Headers: accept, origin, content-type, authorization, Cache-Control, X-Requested-With, Intgrtn-Referer

GET agreements.php
amazinglyfortunateoffers.com/intgrtn/api/v1/projects/ 0
0

POST
H/1.1 200
OK add.php Show response
amazinglyfortunateoffers.com/intgrtn/api/v1/events/ 171 B
757 B 197ms
196ms XHR
application/json 185.142.238.38
COGENT-174

General

Check archive.org

Show headers Download Go to

Full URL: https://amazinglyfortunateoffers.com/intgrtn/api/v1/events/add.php
Requested by: Host: amazinglyfortunateoffers.com
URL: https://amazinglyfortunateoffers.com/intgrtn/api/v1/integration/sdk.js?v=12024324133
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 185.142.238.38 Amsterdam, Netherlands, ASN174 (COGENT-174, US),
Reverse DNS: efl9v9gxx2hfb.all4techstore.com
Software: nginx /
Resource Hash: dfae8c306bb45e63f818156ac692fe636b192621cacfd274cfcec170e471e93c

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Accept-Language: es-ES,es;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
Intgrtn-Referer: https://amazinglyfortunateoffers.com/amazonspecial/es/index.php?intgrtn_clickID=L5jZxelYROGgEKvXD37W1J0VKg6mNrkwm0pMbQ6qAz9yad24P&country=ES&intgrtn_redirectReturningLead=auto
Content-Type: application/json
Referer: https://amazinglyfortunateoffers.com/amazonspecial/es/index.php?intgrtn_clickID=L5jZxelYROGgEKvXD37W1J0VKg6mNrkwm0pMbQ6qAz9yad24P&country=ES&intgrtn_redirectReturningLead=auto
sec-ch-ua-platform: "Win32"

Response headers

Date: Wed, 24 Apr 2024 12:30:55 GMT
Content-Encoding: gzip
Server: nginx
Transfer-Encoding: chunked
Access-Control-Allow-Methods: POST, GET, OPTIONS
Content-Type: application/json
Access-Control-Allow-Origin: https://amazinglyfortunateoffers.com
PX-IPTimestamp: 1713876360 1713961647 1713948418
Vary: Accept-Encoding
X-Server: microso
PX-IPCountryISO: ES
Connection: keep-alive
PX-X-Request-Id: 5d90b9f9376393ac35d86ad79ab748cd
Access-Control-Allow-Headers: accept, origin, content-type, authorization, Cache-Control, X-Requested-With, Intgrtn-Referer

GET
H/1.1 200
OK Robistix-favicon.png
amazinglyfortunateoffers.com/amazonspecial/img/ 4 KB
4 KB 122ms
121ms Other
image/png 185.142.238.38
COGENT-174

General

Check archive.org

Show headers Download Go to

Full URL: https://amazinglyfortunateoffers.com/amazonspecial/img/Robistix-favicon.png
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 185.142.238.38 Amsterdam, Netherlands, ASN174 (COGENT-174, US),
Reverse DNS: efl9v9gxx2hfb.all4techstore.com
Software: nginx /
Resource Hash: 5b717b8cc77695398955e8fa1a2621985dd5931d0b24f89e7800a569199a1bf0

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://amazinglyfortunateoffers.com/amazonspecial/es/index.php?intgrtn_clickID=L5jZxelYROGgEKvXD37W1J0VKg6mNrkwm0pMbQ6qAz9yad24P&country=ES&intgrtn_redirectReturningLead=auto
Accept-Language: es-ES,es;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

Date: Wed, 24 Apr 2024 12:30:55 GMT
Content-Encoding: gzip
Last-Modified: Mon, 12 Sep 2022 11:25:55 GMT
Server: nginx
PX-Cache-Status: STALE
ETag: W/"631f1743-ffb"
Transfer-Encoding: chunked
Vary: Accept-Encoding
Content-Type: image/png
X-Upstream: sharkolia-***ko
PX-IPTimestamp: 1713876360 1713961647 1713948418
X-Server: microso
PX-IPCountryISO: ES
Connection: keep-alive
PX-X-Request-Id: c5d07b978384b3f2edab903741b0e951

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain: proftrafficcounter.com
URL: https://proftrafficcounter.com/stats

Domain: amazinglyfortunateoffers.com
URL: https://amazinglyfortunateoffers.com/intgrtn/api/v1/projects/agreements.php?type=4&clickID=L5jZxelYROGgEKvXD37W1J0VKg6mNrkwm0pMbQ6qAz9yad24P&locale=es-ES

Verdicts & Comments Add Verdict or Comment

Potentially malicious activity detected
Disclaimer: These verdicts should be used to detect potentially malicious websites, not as a final verdict!

urlscan

Phishing against: Investment Scam (Online)

0 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

14 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
amazinglyfortunateoffers.com/amazonspecial/	1970-01-20 20:49:13	Name: intgrtn_language Value: es
openmindedaching.com/api	1970-01-20 20:07:28	Name: iprcaf7963b280447c6cfb39863d5c7071ed Value: 4830037
openmindedaching.com/api	1970-01-20 20:07:28	Name: pdhtkv Value: true
openmindedaching.com/api	1970-01-20 20:07:28	Name: uncs Value: 1
openmindedaching.com/api	1970-01-20 20:07:28	Name: pdhtkv28 Value: true
openmindedaching.com/api	1970-01-20 20:07:28	Name: uncs28 Value: 1
openmindedaching.com/	1970-01-20 20:07:28	Name: u_pl Value: 16466705
openmindedaching.com/	1970-01-20 20:06:01	Name: ain Value: eyJhbGciOiJIUzI1NiJ9.eyJwIjp7ImlkIjoxNjQ2NjcwNSwiayI6ImM0MjNkNTFhNDAwMmNmYmZlYmRmYmE4YTNiOWY4MTUyIiwic2lkIjoiIiwiaXNpZCI6MiwiYXNpZCI6MSwiemlkIjoxNjE3Mjk0LCJwaWQiOjE5MzEzNSwiYW4iOnRydWUsImxhbiI6dHJ1ZSwiY2lkIjozLCJhaWQiOjI4LCJwdCI6NCwicGsiOiJwbWU0OTczcjgyIiwidCI6MX0sInUiOnsidSI6MSwiYXUiOjEsImQiOnsiaWQiOjIzOTE2NjM4OCwiaWRzIjoiIiwiaWMiOmZhbHNlLCJuIjoiRGVza3RvcCxFbXVsYXRvciIsInYiOiJVbmtub3duIiwibSI6IlVua25vd24iLCJmIjoxLCJmbiI6IkRlc2t0b3AiLCJvaWQiOjM4OTE0LCJvbiI6IldpbmRvd3MiLCJvdiI6IjEwLjAiLCJiaWQiOjEzMjUzNSwiYm4iOiJDaHJvbWUiLCJidiI6IjEyNCIsInd2IjpmYWxzZSwiZSI6ZmFsc2UsImFiIjpmYWxzZX0sImMiOnsiaWQiOjY4LCJjIjoiRVMiLCJuIjoiU3BhaW4ifSwiYSI6ZmFsc2UsImNyIjp7Im4iOiJBdmF0ZWwgVGVsZWNvbSJ9LCJ4ZiI6IiIsIml4ZiI6ZmFsc2UsImlneGYiOmZhbHNlLCJ1cCI6dHJ1ZSwiciI6IiIsImFyIjpbXX19.4cpSRgF6H6GCfNU8_NG8-RcTM2tRSbXHhGhhmxBjjNI
openmindedaching.com/	1970-01-20 20:06:01	Name: cjs Value: t
secureltrk.com/	1970-01-21 04:51:37	Name: uclick Value: yb7flAgKOoo1g+X3aWCYvphG2LSLi2c9nW/R+B62GZPl5L2g/gkqUhS9WFq42NKITGzWNQ==
secureltrk.com/	1970-01-21 04:51:37	Name: bcid Value: cokfmuta6vts73d02qfg
secureltrk.com/	1970-01-21 04:51:37	Name: cid Value: cokfmuta6vts73d02qfg
dfrchtrck.com/	1970-01-20 20:16:06	Name: clickID Value: L5jZxelYROGgEKvXD37W1J0VKg6mNrkwm0pMbQ6qAz9yad24P
dfrchtrck.com/	1970-01-20 20:16:06	Name: leadID Value: L5jZxelYROGgEKvXD37W1J0VKg6mNrkwm0pMbQ6qAz9yad24P

1 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
recommendation	verbose	URL: https://amazinglyfortunateoffers.com/amazonspecial/es/index.php?intgrtn_clickID=L5jZxelYROGgEKvXD37W1J0VKg6mNrkwm0pMbQ6qAz9yad24P&country=ES&intgrtn_redirectReturningLead=auto Message: [DOM] Input elements should have autocomplete attributes (suggested: "username"): (More info: https://goo.gl/9p2vKq) %o

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header	Value
Strict-Transport-Security	max-age=0; includeSubdomains

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

amazinglyfortunateoffers.com
dfrchtrck.com
fonts.googleapis.com
fonts.gstatic.com
openmindedaching.com
proftrafficcounter.com
secureltrk.com
amazinglyfortunateoffers.com
proftrafficcounter.com
172.217.18.99
176.97.112.149
185.142.238.38
192.243.59.13
193.34.166.127
216.58.206.74
0d0a6262c545e8bbc895116e5afb22579c468d7abb77e378f377d6fed57c1dce
11e0dd0b1244f412de7027e164697e76b77f87c85bb6d5e74ef23237ded7699b
16a2a6e192074e4fd20f845b83d5ecb57af6bd237f706848d3a9d6ed514a6665
1a320a466c1d7d389cd5476d27a0d027a833a96e291ce5267d1506695af486eb
1fe73fb1bd17a8ed817c1f89abe78ded44d961c543e7f7d85702845a2cfd3877
273c8613cdd2852dd5318f224d804ae6d2fc717c48d3f1dab587b6d396fb4fc8
46a80c3e8ce40e1e839981a7baaddf17b26c9dd01a07523f8c3073e5abcdbfd9
50ad448a8a5720bf8a5617db15af31ae60163de06331576f60c6244c012ffc72
54bf65b7f1e2aa35692c2b75c0031c8e48de07efd529d8171078e7c030952f76
56c12a125b021d21a69e61d7190cefa168d6c28ce715265cea1b3b0112d169c4
5b717b8cc77695398955e8fa1a2621985dd5931d0b24f89e7800a569199a1bf0
617a4b507a3a45bc358f56b14d884283ab84e61e8ed5956d4d1684d5130e6b47
65ea82ac80938f435985bd275aa53b98f891dd4ddd6621783c14c015ae541981
681c58beadf3030753d8d5bb7c85c5f631704a515a9da8fd7a3744be46e12419
6daf0c6ce9852704badeaa55b3b79c86af9487e1aaca08cd86ec24767a846760
7928b5ab63c6e89ee0ee26f5ef201a58c72baf91abb688580a1aa26eb57b3c11
7b348b30ea1fe43857e68fc462c29e5c6e63c97666af75135c4396a272e54762
7c68c0208cecad69fb80c0a9fee76b374dd777a869fcd0fbcf234e8af8a20640
856a223e470a7640097f6a83588c41b7d831e364e9db24d1165e1811b026d9a9
8c626f0f9b5c109539b256b73e72c02b300a184f46b4535c2eb86599215c78af
922ee0a54eb79fd950e185ccda4dd13ae0edabb33a44d072a9a62bd26c76770e
9505ce3a2d95aa956775178ce80f3e0e89cc58c85906cd04bd1f8a6d6a5768e3
a7b7807d93be3aeb6dd391229f287ef36a485d8c6c5aca1d72ddbc6dc274aa40
aba14bf4f70a87d173da2171049240f074959c2497caadb37fdba37fbdfabd1f
af9e52b1788e243b0a07ba97a3de75df5845d00b896f1b83f38c42702a7ba690
b5c3c626088edc6bd530c9da23892e3d641fd9fd94e03645164686f5baa1ee30
b785c6398215d82234d97f5039ed44ebc425b6538dfba459f519c066cbf73a8c
b87135f89f5d1869420685e9a8e2479deb73f56b71bc0771224f7c3130b85df9
bb2f90081933c0f2475883ca2c5cfee94e96d7314a09433fffc42e37f4cffd3b
c038a8dd8fd27d633bc7733fdedd6730cad69333be98af8fad0890171f30a1ed
c1af3158b052d4a2841d6618e385457afb39c3ebde4e1c29b45a8889aee7ec3a
c4920b39f85de27baf31e69b334cdf828ec2875ac4ec3a4a2d7a2e52773f7e79
cf43bab04e5c920214dbc63045606cb1fb225afd18d1eee29aa67de5698845c7
d0d9388b18d692e5b4cae89f224558a3ec8a98b80fc623dd7582ae43398ebed4
d8fe5effa3de4e73408fd03c8fd4bbdfa973798ee2a8d2f68159c90bcbdb8db1
dfae8c306bb45e63f818156ac692fe636b192621cacfd274cfcec170e471e93c
e1a09eb44eca7b9035d92c746ae8c9ba6bdddb847d42136f4ae8e8ad26de896c
e4aecdb9b577a378e725fa4e5b185218507bfdb1e63630c77653d62842c0ac79
e4bcf24ba1e17060a1c79f41f9844336594106cb49c26881a2f9b5eb47966dfe
e8b5c0f1aab454e3dd3d47bdb0d6be1a54c0c350dff5feaa3a595937e2006df1
ecb916133a9376911f10bc5c659952eb0031e457f5df367cde560edbfba38fb8
ef7ced6cae87fb134411706b50c565fc12e3adc2a28d2b80cd6039df72385359
f6351b5bfa259de13dae9c9f332855813b99bd8544c8cdad7cc1645c454fb4bd
f668a0120118a07fc106cb69fbcd2c88360878cd96d74724af8c413a2f92f797
fadc41507d1a769419b51e650bbe3c459ab5cc9661d02406fc91fdc01c580547
fda3035030d3843c2751dc0da65fb802230ec00a4008aeed83ddddc7b97cbc93

amazinglyfortunateoffers.com Open in urlscan Pro 185.142.238.38 Malicious Activity! Public Scan

Summary

urlscan.io Verdict: Potentially Malicious

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Page URL History Show full URLs

Detected technologies

Page Statistics

49 Requests

96 %HTTPS

0 %IPv6

7 Domains

7 Subdomains

5 IPs

3 Countries

662 kBTransfer

2147 kBSize

14 Cookies

0 Outgoing links

Page URL History

Redirected requests

49 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 0 data transactions

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

amazinglyfortunateoffers.com Open in urlscan Pro
185.142.238.38 Malicious Activity! Public Scan

Screenshot
Live screenshot

Full Image

49
Requests

96 %
HTTPS

0 %
IPv6

7
Domains

7
Subdomains

5
IPs

3
Countries

662 kB
Transfer

2147 kB
Size

14
Cookies

49 HTTP transactions
0 data transactions

Potentially malicious activity detected
Disclaimer: These verdicts should be used to detect potentially malicious websites, not as a final verdict!