theluckyfortunateoffers.com Open in urlscan Pro
193.34.166.37 Malicious Activity! Public Scan

Go To Rescan
Add Verdict Report

Submitted URL:
http://1qgxtxd2n.online/
Effective URL:
https://theluckyfortunateoffers.com/amazonspecial/es/index.php?intgrtn_clickID=WV26R3zaOy97DewLmdPqKNbvaoKxNkEb1Zv0lXoxgQMp5G4Ar&cou...
Submission: On June 03 via manual (June 3rd 2024, 3:57:18 pm UTC) from IL — Scanned from ES

Summary HTTP 49 Redirects Behaviour Indicators

Summary

This website contacted 5 IPs in 4 countries across 8 domains to perform 49 HTTP transactions. The main IP is 193.34.166.37, located in Netherlands and belongs to SNEL, NL. The main domain is theluckyfortunateoffers.com.
TLS certificate: Issued by R3 on April 19th 2024. Valid for: 3 months.

This is the only time theluckyfortunateoffers.com was scanned on urlscan.io!

urlscan.io Verdict: Potentially Malicious

Targeting these brands: Investment Scam (Online)

Domain & IP information

	IP Address	AS Autonomous System
1 1	192.64.119.28 192.64.119.28	22612 (NAMECHEAP...) (NAMECHEAP-NET)
1 3	172.240.108.76 172.240.108.76	7979 (SERVERS-COM) (SERVERS-COM)
1 1	176.97.112.149 176.97.112.149	6698 (VIRTUALSY...) (VIRTUALSYSTEMS)
1 1	195.144.21.156 195.144.21.156	174 (COGENT-174) (COGENT-174)
1 32	193.34.166.37 193.34.166.37	62370 (SNEL) (SNEL)
10	142.250.186.42 142.250.186.42	15169 (GOOGLE) (GOOGLE)
5	142.250.184.195 142.250.184.195	() ()
49	5

1 192.64.119.28 (United States) 1 redirects

ASN22612 (NAMECHEAP-NET, US)

1qgxtxd2n.online	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 172.240.108.76 (United States) 1 redirects

ASN7979 (SERVERS-COM, US)

www.highcpmgate.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 176.97.112.149 (Ukraine) 1 redirects

ASN6698 (VIRTUALSYSTEMS, UA)
PTR: dedicated.vsys.host

secureltrk.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 195.144.21.156 (Austria) 1 redirects

ASN174 (COGENT-174, US)
PTR: black.host-156.21.144.195.in-addr.arpa

dfrchtrck.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

32 193.34.166.37 (Netherlands) 1 redirects

ASN62370 (SNEL, NL)
PTR: justo

theluckyfortunateoffers.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

10 142.250.186.42 (United States)

ASN15169 (GOOGLE, US)
PTR: fra24s04-in-f10.1e100.net

fonts.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 142.250.184.195 (None, )

ASN- ()

fonts.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
32	theluckyfortunateoffers.com 1 redirects theluckyfortunateoffers.com	567 KB
10	googleapis.com fonts.googleapis.com — Cisco Umbrella Rank: 33	9 KB
5	gstatic.com fonts.gstatic.com	91 KB
3	highcpmgate.com 1 redirects www.highcpmgate.com — Cisco Umbrella Rank: 155898	5 KB
1	dfrchtrck.com 1 redirects dfrchtrck.com	770 B
1	secureltrk.com 1 redirects secureltrk.com — Cisco Umbrella Rank: 219662	337 B
1	1qgxtxd2n.online 1 redirects 1qgxtxd2n.online	290 B
0	proftrafficcounter.com Failed proftrafficcounter.com Failed
49	8

	Domain	Requested by
32	theluckyfortunateoffers.com	1 redirects theluckyfortunateoffers.com
10	fonts.googleapis.com	theluckyfortunateoffers.com
5	fonts.gstatic.com	fonts.googleapis.com
3	www.highcpmgate.com	1 redirects
1	dfrchtrck.com	1 redirects
1	secureltrk.com	1 redirects
1	1qgxtxd2n.online	1 redirects
0	proftrafficcounter.com Failed	www.highcpmgate.com
49	8

This site contains no links.

Subject Issuer	Validity	Valid
highcpmgate.com R3	`2024-04-19` - `2024-07-18`	3 months	crt.sh
theluckyfortunateoffers.com R3	`2024-04-19` - `2024-07-18`	3 months	crt.sh
upload.video.google.com WR2	`2024-05-13` - `2024-08-05`	3 months	crt.sh
*.gstatic.com WR2	`2024-05-13` - `2024-08-05`	3 months	crt.sh

This page contains 1 frames:

Primary Page: https://theluckyfortunateoffers.com/amazonspecial/es/index.php?intgrtn_clickID=WV26R3zaOy97DewLmdPqKNbvaoKxNkEb1Zv0lXoxgQMp5G4Ar&country=ES&intgrtn_redirectReturningLead=auto
Frame ID: 365AC8F4F06B8C20EF46834EB0E61BB8
Requests: 49 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

Amazon Special

Page URL History Show full URLs

http://1qgxtxd2n.online/ HTTP 307
https://1qgxtxd2n.online/ HTTP 307
http://1qgxtxd2n.online/ HTTP 302
https://www.highcpmgate.com/cgm1ki4ar?key=7ac52b1f6319f54d5c693b890288f744 Page URL
https://www.highcpmgate.com/api/users?token=L2NnbTFraTRhcj9rZXk9N2FjNTJiMWY2MzE5ZjU0ZDVjNjkzYjg5MDI4OGY3... HTTP 302
https://secureltrk.com/click?key=b783abaedf15df09d088&SUB_ID_SHORT=3b7f7ae4ea7f9b4aff9458a1006cc4f9... HTTP 307
https://dfrchtrck.com/click.php?project_id=Mc&affiliate_id=fc59df1715&custom2=cpeufmla6vts73crl09g HTTP 302
https://theluckyfortunateoffers.com/amazonspecial/?intgrtn_clickID=WV26R3zaOy97DewLmdPqKNbvaoKxNkEb1Zv0lXoxgQMp5... HTTP 302
https://theluckyfortunateoffers.com/amazonspecial/es/index.php?intgrtn_clickID=WV26R3zaOy97DewLmdPqKNbvaoKxNkEb1... Page URL

Detected technologies

PHP (Programming Languages) Expand

Overall confidence: 100%
Detected patterns

\.php(?:$|\?)

Bootstrap (Web Frameworks) Expand

Overall confidence: 100%
Detected patterns

<link[^>]* href=[^>]*?bootstrap(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)[^>]*?(?:\.min)?\.css
bootstrap(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)[^>]*?(?:\.min)?\.js

Google Font API (Font Scripts) Expand

Overall confidence: 100%
Detected patterns

<link[^>]* href=[^>]+fonts\.(?:googleapis|google)\.com

jQuery (JavaScript Libraries) Expand

Overall confidence: 100%
Detected patterns

jquery[.-]([\d.]*\d)[^/]*\.js
jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?

Page Statistics

49
Requests

98 %
HTTPS

0 %
IPv6

8
Domains

8
Subdomains

5
IPs

4
Countries

669 kB
Transfer

2187 kB
Size

17
Cookies

0 Outgoing links

These are links going to different origins than the main page.

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

http://1qgxtxd2n.online/ HTTP 307
https://1qgxtxd2n.online/ HTTP 307
http://1qgxtxd2n.online/ HTTP 302
https://www.highcpmgate.com/cgm1ki4ar?key=7ac52b1f6319f54d5c693b890288f744 Page URL
https://www.highcpmgate.com/api/users?token=L2NnbTFraTRhcj9rZXk9N2FjNTJiMWY2MzE5ZjU0ZDVjNjkzYjg5MDI4OGY3NDQmcHN0PTE3MTc0MzAyOTMmcm10Yz10JnNodT0zMjRiOTA1ZWQ0Yjk5NzQzYWUyMjAwMjU1YWE0MTMyYjQ5ODIzZThiYWM1OTVmNzgyYTE3NDA4YjRkYWNiMzI0MWI2ZWZlNGZkY2ZmNzdhOTgwNDJmMDMyZjc4MDQ3MzMxZGI2Mjg2MGI5MThjY2I0MTczZjVhNDI1ZGQ3OGU4NWYxM2IwZDIxMTFhNjZhMDU3ZGIwMGM2NmVkY2RmYTUxYzhiZTkxNDc2ZTEwOGNjNWQyZjdjZmQ3ZWI3MTc4&uuid=&pii=&in=false HTTP 302
https://secureltrk.com/click?key=b783abaedf15df09d088&SUB_ID_SHORT=3b7f7ae4ea7f9b4aff9458a1006cc4f9&COST_CPC=0.003000&PLACEMENT_ID=23324330&CAMPAIGN_ID=931242&DEVICE_BRAND=Unknown&BROWSER_NAME=Chrome&USER_OS=Windows&USER_CARRIER=Cable%20Aireworld%20S.A.U.&USERAGENT=Mozilla%2F5.0%20%28Windows%20NT%2010.0%3B%20Win64%3B%20x64%29%20AppleWebKit%2F537.36%20%28KHTML%2C%20like%20Gecko%29%20Chrome%2F125.0.0.0%20Safari%2F537.36&REMOTE_LANGUAGE=40&BANNER_ID=2685494&CATEGORY_ALIAS=Adult HTTP 307
https://dfrchtrck.com/click.php?project_id=Mc&affiliate_id=fc59df1715&custom2=cpeufmla6vts73crl09g HTTP 302
https://theluckyfortunateoffers.com/amazonspecial/?intgrtn_clickID=WV26R3zaOy97DewLmdPqKNbvaoKxNkEb1Zv0lXoxgQMp5G4Ar&country=ES&intgrtn_redirectReturningLead=auto HTTP 302
https://theluckyfortunateoffers.com/amazonspecial/es/index.php?intgrtn_clickID=WV26R3zaOy97DewLmdPqKNbvaoKxNkEb1Zv0lXoxgQMp5G4Ar&country=ES&intgrtn_redirectReturningLead=auto Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 0

http://1qgxtxd2n.online/ HTTP 307
https://1qgxtxd2n.online/ HTTP 307
http://1qgxtxd2n.online/ HTTP 302
https://www.highcpmgate.com/cgm1ki4ar?key=7ac52b1f6319f54d5c693b890288f744

49 HTTP transactions
0 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H/1.1

200
OK

cgm1ki4ar Show response
www.highcpmgate.com/
Redirect Chain

http://1qgxtxd2n.online/
https://1qgxtxd2n.online/
http://1qgxtxd2n.online/
https://www.highcpmgate.com/cgm1ki4ar?key=7ac52b1f6319f54d5c693b890288f744

3 KB
3 KB

665ms
181ms

Document
text/html

172.240.108.76
SERVERS-COM

General

Check archive.org

Show headers Download Go to

Full URL

https://www.highcpmgate.com/cgm1ki4ar?key=7ac52b1f6319f54d5c693b890288f744

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

172.240.108.76 , United States, ASN7979 (SERVERS-COM, US),

Reverse DNS

Software

nginx/1.21.6 /

Resource Hash

5046e83bf7d85571552dc71898e79b8f418de1f8179400b0ef07a4874d7e92e5

Security Headers

Name	Value
Strict-Transport-Security	max-age=0; includeSubdomains

Request headers

Accept-Language: es-ES,es;q=0.9;q=0.9
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36

Response headers

Accept-CH: Device-Stock-UA,Sec-CH-UA,Sec-CH-UA-Full-Version,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version,Sec-CH-UA-PlatformUser-Agent,User-Agent,X-Device-User-Agent,X-OperaMini-Phone-UA,X-UCBrowser-Device-UA
Cache-Control: no-cache
Connection: keep-alive
Content-Encoding: gzip
Content-Type: text/html
Date: Mon, 03 Jun 2024 15:57:13 GMT
Expires: Thu, 01 Jan 1970 00:00:01 GMT
P3P: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
Server: nginx/1.21.6
Strict-Transport-Security: max-age=0; includeSubdomains
Transfer-Encoding: chunked
X-Request-ID: 75ee7b93cdbca88b95f024b44bd4575e

Redirect headers

Connection: keep-alive
Content-Length: 97
Content-Type: text/html; charset=utf-8
Date: Mon, 03 Jun 2024 15:57:13 GMT
Location: https://www.highcpmgate.com/cgm1ki4ar?key=7ac52b1f6319f54d5c693b890288f744
Server: namecheap-nginx
X-Served-By: Namecheap URL Forward

GET stats
proftrafficcounter.com/ 0
0

GET
H/1.1 200
OK favicon.ico
www.highcpmgate.com/ 0
319 B 175ms
175ms Other
image/x-icon 172.240.108.76
SERVERS-COM

General

Check archive.org

Show headers Download Go to

Full URL

https://www.highcpmgate.com/favicon.ico

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

172.240.108.76 , United States, ASN7979 (SERVERS-COM, US),

Reverse DNS

Software

nginx/1.21.6 /

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=0; includeSubdomains

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Accept-Language: es-ES,es;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-full-version: "125.0.6422.112"
sec-ch-ua-platform-version: "10.0.0"
Referer: https://www.highcpmgate.com/api/users?token=L2NnbTFraTRhcj9rZXk9OWNhNjAxYTlmNDdjNzM1ZGY3NmQ1Y2E0NmZhMjZhNjYmc3VibWV0cmljPTIzMzI0MzMw
sec-ch-ua-full-version-list: "Google Chrome";v="125.0.6422.112", "Chromium";v="125.0.6422.112", "Not.A/Brand";v="24.0.0.0"
sec-ch-ua-model: ""
sec-ch-ua-platform: "Win32"

Response headers

Date: Mon, 03 Jun 2024 15:57:13 GMT
Strict-Transport-Security: max-age=0; includeSubdomains
Server: nginx/1.21.6
Content-Type: image/x-icon
Cache-Control: no-cache
Connection: keep-alive
Content-Length: 0
X-Request-ID: 4b0d422b33e16c48f11b851ab4c5327e
Expires: Thu, 01 Jan 1970 00:00:01 GMT

GET
H/1.1

200
OK

Primary Request index.php Show response
theluckyfortunateoffers.com/amazonspecial/es/
Redirect Chain

https://www.highcpmgate.com/api/users?token=L2NnbTFraTRhcj9rZXk9N2FjNTJiMWY2MzE5ZjU0ZDVjNjkzYjg5MDI4OGY3NDQmcHN0PTE3MTc0MzAyOTMmcm10Yz10JnNodT0zMjRiOTA1ZWQ0Yjk5NzQzYWUyMjAwMjU1YWE0MTMyYjQ5ODIzZThiY...
https://secureltrk.com/click?key=b783abaedf15df09d088&SUB_ID_SHORT=3b7f7ae4ea7f9b4aff9458a1006cc4f9&COST_CPC=0.003000&PLACEMENT_ID=23324330&CAMPAIGN_ID=931242&DEVICE_BRAND=Unknown&BROWSER_NAME=Chro...
https://dfrchtrck.com/click.php?project_id=Mc&affiliate_id=fc59df1715&custom2=cpeufmla6vts73crl09g
https://theluckyfortunateoffers.com/amazonspecial/?intgrtn_clickID=WV26R3zaOy97DewLmdPqKNbvaoKxNkEb1Zv0lXoxgQMp5G4Ar&country=ES&intgrtn_redirectReturningLead=auto
https://theluckyfortunateoffers.com/amazonspecial/es/index.php?intgrtn_clickID=WV26R3zaOy97DewLmdPqKNbvaoKxNkEb1Zv0lXoxgQMp5G4Ar&country=ES&intgrtn_redirectReturningLead=auto

34 KB
10 KB

148ms
148ms

Document
text/html

193.34.166.37
SNEL

General

Check archive.org

Show headers Download Go to

Full URL

https://theluckyfortunateoffers.com/amazonspecial/es/index.php?intgrtn_clickID=WV26R3zaOy97DewLmdPqKNbvaoKxNkEb1Zv0lXoxgQMp5G4Ar&country=ES&intgrtn_redirectReturningLead=auto

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

193.34.166.37 , Netherlands, ASN62370 (SNEL, NL),

Reverse DNS

justo

Software

nginx /

Resource Hash

fadc41507d1a769419b51e650bbe3c459ab5cc9661d02406fc91fdc01c580547

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000

Request headers

Accept-Language: es-ES,es;q=0.9;q=0.9
Referer: https://www.highcpmgate.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
sec-ch-ua-full-version: "125.0.6422.112"
sec-ch-ua-full-version-list: "Google Chrome";v="125.0.6422.112", "Chromium";v="125.0.6422.112", "Not.A/Brand";v="24.0.0.0"
sec-ch-ua-mobile: ?0
sec-ch-ua-model: ""
sec-ch-ua-platform: "Win32"
sec-ch-ua-platform-version: "10.0.0"

Response headers

Connection: keep-alive
Content-Encoding: gzip
Content-Type: text/html; charset=UTF-8
Date: Mon, 03 Jun 2024 15:57:16 GMT
PX-IPCountryISO: ES
PX-IPTimestamp: 1717157595 1717430001 1717419780
PX-X-Request-Id: cfbd372f307568f69ba629ebd98adfc5
Server: nginx
Strict-Transport-Security: max-age=63072000
Transfer-Encoding: chunked
X-Server: justo
X-Upstream: sharkolia-***ko

Redirect headers

Connection: keep-alive
Content-Type: text/html; charset=UTF-8
Date: Mon, 03 Jun 2024 15:57:15 GMT
Location: es/index.php?intgrtn_clickID=WV26R3zaOy97DewLmdPqKNbvaoKxNkEb1Zv0lXoxgQMp5G4Ar&country=ES&intgrtn_redirectReturningLead=auto
PX-IPCountryISO: ES
PX-IPTimestamp: 1717157595 1717430001 1717419780
PX-X-Request-Id: 5ced7ef89c184ea217f12ad82407616c
Server: nginx
Strict-Transport-Security: max-age=63072000
Transfer-Encoding: chunked
X-Server: justo
X-Upstream: sharkolia-***ko

GET
H2 200 css2
fonts.googleapis.com/ 7 KB
722 B 792ms
131ms Stylesheet
text/css 142.250.186.42
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css2?family=Montserrat:wght@300;400;600;700&display=swap

Requested by

Host: theluckyfortunateoffers.com
URL: https://theluckyfortunateoffers.com/amazonspecial/es/index.php?intgrtn_clickID=WV26R3zaOy97DewLmdPqKNbvaoKxNkEb1Zv0lXoxgQMp5G4Ar&country=ES&intgrtn_redirectReturningLead=auto

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.186.42 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s04-in-f10.1e100.net

Software

ESF /

Resource Hash

7c68c0208cecad69fb80c0a9fee76b374dd777a869fcd0fbcf234e8af8a20640

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer: https://theluckyfortunateoffers.com/
Accept-Language: es-ES,es;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

strict-transport-security: max-age=31536000
date: Mon, 03 Jun 2024 15:57:17 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
last-modified: Mon, 03 Jun 2024 15:57:17 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Mon, 03 Jun 2024 15:57:17 GMT

GET
H2 200 css2
fonts.googleapis.com/ 2 KB
498 B 810ms
150ms Stylesheet
text/css 142.250.186.42
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css2?family=Magra:wght@400;700&display=swap

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.186.42 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s04-in-f10.1e100.net

Software

ESF /

Resource Hash

16a2a6e192074e4fd20f845b83d5ecb57af6bd237f706848d3a9d6ed514a6665

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer: https://theluckyfortunateoffers.com/
Accept-Language: es-ES,es;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

strict-transport-security: max-age=31536000
date: Mon, 03 Jun 2024 15:57:17 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
last-modified: Mon, 03 Jun 2024 15:56:18 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Mon, 03 Jun 2024 15:57:17 GMT

GET
H2 200 css2
fonts.googleapis.com/ 6 KB
744 B 792ms
133ms Stylesheet
text/css 142.250.186.42
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css2?family=Merriweather:wght@300;400;700&display=swap

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.186.42 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s04-in-f10.1e100.net

Software

ESF /

Resource Hash

11e0dd0b1244f412de7027e164697e76b77f87c85bb6d5e74ef23237ded7699b

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer: https://theluckyfortunateoffers.com/
Accept-Language: es-ES,es;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

strict-transport-security: max-age=31536000
date: Mon, 03 Jun 2024 15:57:17 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
last-modified: Mon, 03 Jun 2024 15:44:59 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Mon, 03 Jun 2024 15:57:17 GMT

GET
H2 200 css2
fonts.googleapis.com/ 3 KB
640 B 808ms
149ms Stylesheet
text/css 142.250.186.42
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css2?family=Lato:wght@300;400;700;900&display=swap

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.186.42 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s04-in-f10.1e100.net

Software

ESF /

Resource Hash

d8fe5effa3de4e73408fd03c8fd4bbdfa973798ee2a8d2f68159c90bcbdb8db1

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer: https://theluckyfortunateoffers.com/
Accept-Language: es-ES,es;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

strict-transport-security: max-age=31536000
date: Mon, 03 Jun 2024 15:57:17 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script';report-uri https://csp.withgoogle.com/csp/bcfae741e379a885f2ab2cf83ebe6d32/mr
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
last-modified: Mon, 03 Jun 2024 14:17:35 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Mon, 03 Jun 2024 15:57:17 GMT

GET
H2 200 css2
fonts.googleapis.com/ 10 KB
889 B 810ms
151ms Stylesheet
text/css 142.250.186.42
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css2?family=Source+Sans+Pro:wght@300;400;600;700&display=swap

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.186.42 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s04-in-f10.1e100.net

Software

ESF /

Resource Hash

a7b7807d93be3aeb6dd391229f287ef36a485d8c6c5aca1d72ddbc6dc274aa40

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer: https://theluckyfortunateoffers.com/
Accept-Language: es-ES,es;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

strict-transport-security: max-age=31536000
date: Mon, 03 Jun 2024 15:57:17 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
last-modified: Mon, 03 Jun 2024 15:39:47 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Mon, 03 Jun 2024 15:57:17 GMT

GET
H2 200 css2
fonts.googleapis.com/ 8 KB
755 B 788ms
130ms Stylesheet
text/css 142.250.186.42
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css2?family=Oswald:wght@400;500;600;700&display=swap

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.186.42 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s04-in-f10.1e100.net

Software

ESF /

Resource Hash

c038a8dd8fd27d633bc7733fdedd6730cad69333be98af8fad0890171f30a1ed

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer: https://theluckyfortunateoffers.com/
Accept-Language: es-ES,es;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

strict-transport-security: max-age=31536000
date: Mon, 03 Jun 2024 15:57:17 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
last-modified: Mon, 03 Jun 2024 15:25:47 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Mon, 03 Jun 2024 15:57:17 GMT

GET
H2 200 css2
fonts.googleapis.com/ 9 KB
1 KB 783ms
125ms Stylesheet
text/css 142.250.186.42
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css2?family=Roboto:wght@300;400;500;700&display=swap

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.186.42 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s04-in-f10.1e100.net

Software

ESF /

Resource Hash

af9e52b1788e243b0a07ba97a3de75df5845d00b896f1b83f38c42702a7ba690

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer: https://theluckyfortunateoffers.com/
Accept-Language: es-ES,es;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

strict-transport-security: max-age=31536000
date: Mon, 03 Jun 2024 15:57:17 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
last-modified: Mon, 03 Jun 2024 15:00:42 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Mon, 03 Jun 2024 15:57:17 GMT

GET
H/1.1 200
OK style.min5697.css
theluckyfortunateoffers.com/amazonspecial/css/ 53 KB
8 KB 133ms
126ms Stylesheet
text/css 193.34.166.37
SNEL

General

Check archive.org

Show headers Download Go to

Full URL: https://theluckyfortunateoffers.com/amazonspecial/css/style.min5697.css?ver=5.5.3
Requested by: Host: theluckyfortunateoffers.com
URL: https://theluckyfortunateoffers.com/amazonspecial/es/index.php?intgrtn_clickID=WV26R3zaOy97DewLmdPqKNbvaoKxNkEb1Zv0lXoxgQMp5G4Ar&country=ES&intgrtn_redirectReturningLead=auto
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 193.34.166.37 , Netherlands, ASN62370 (SNEL, NL),
Reverse DNS: justo
Software: nginx /
Resource Hash: 8c626f0f9b5c109539b256b73e72c02b300a184f46b4535c2eb86599215c78af

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer: https://theluckyfortunateoffers.com/amazonspecial/es/index.php?intgrtn_clickID=WV26R3zaOy97DewLmdPqKNbvaoKxNkEb1Zv0lXoxgQMp5G4Ar&country=ES&intgrtn_redirectReturningLead=auto
Accept-Language: es-ES,es;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

Date: Mon, 03 Jun 2024 15:57:16 GMT
Content-Encoding: gzip
Last-Modified: Mon, 12 Sep 2022 11:25:55 GMT
Server: nginx
PX-Cache-Status: HIT
ETag: W/"631f1743-d293"
Transfer-Encoding: chunked
Vary: Accept-Encoding
Content-Type: text/css
X-Upstream: sharkolia-***ko
PX-IPTimestamp: 1717157595 1717430001 1717419780
X-Server: justo
PX-IPCountryISO: ES
Connection: keep-alive
PX-X-Request-Id: 8d2fd278b5ca7c593e3c8d717329ab7c

GET
H/1.1 200
OK style68b3.css
theluckyfortunateoffers.com/amazonspecial/css/ 851 B
779 B 245ms
108ms Stylesheet
text/css 193.34.166.37
SNEL

General

Check archive.org

Show headers Download Go to

Full URL: https://theluckyfortunateoffers.com/amazonspecial/css/style68b3.css?ver=1
Requested by: Host: theluckyfortunateoffers.com
URL: https://theluckyfortunateoffers.com/amazonspecial/es/index.php?intgrtn_clickID=WV26R3zaOy97DewLmdPqKNbvaoKxNkEb1Zv0lXoxgQMp5G4Ar&country=ES&intgrtn_redirectReturningLead=auto
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 193.34.166.37 , Netherlands, ASN62370 (SNEL, NL),
Reverse DNS: justo
Software: nginx /
Resource Hash: e8b5c0f1aab454e3dd3d47bdb0d6be1a54c0c350dff5feaa3a595937e2006df1

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer: https://theluckyfortunateoffers.com/amazonspecial/es/index.php?intgrtn_clickID=WV26R3zaOy97DewLmdPqKNbvaoKxNkEb1Zv0lXoxgQMp5G4Ar&country=ES&intgrtn_redirectReturningLead=auto
Accept-Language: es-ES,es;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

Date: Mon, 03 Jun 2024 15:57:16 GMT
Content-Encoding: gzip
Last-Modified: Mon, 12 Sep 2022 11:25:55 GMT
Server: nginx
PX-Cache-Status: HIT
ETag: W/"631f1743-353"
Transfer-Encoding: chunked
Vary: Accept-Encoding
Content-Type: text/css
X-Upstream: sharkolia-***ko
PX-IPTimestamp: 1717157595 1717430001 1717419780
X-Server: justo
PX-IPCountryISO: ES
Connection: keep-alive
PX-X-Request-Id: 5772cbd82ee4eb3ade57c0098275fcd4

GET
H/1.1 200
OK all.css
theluckyfortunateoffers.com/amazonspecial/css/ 59 KB
13 KB 343ms
125ms Stylesheet
text/css 193.34.166.37
SNEL

General

Check archive.org

Show headers Download Go to

Full URL: https://theluckyfortunateoffers.com/amazonspecial/css/all.css
Requested by: Host: theluckyfortunateoffers.com
URL: https://theluckyfortunateoffers.com/amazonspecial/es/index.php?intgrtn_clickID=WV26R3zaOy97DewLmdPqKNbvaoKxNkEb1Zv0lXoxgQMp5G4Ar&country=ES&intgrtn_redirectReturningLead=auto
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 193.34.166.37 , Netherlands, ASN62370 (SNEL, NL),
Reverse DNS: justo
Software: nginx /
Resource Hash: 54bf65b7f1e2aa35692c2b75c0031c8e48de07efd529d8171078e7c030952f76

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer: https://theluckyfortunateoffers.com/amazonspecial/es/index.php?intgrtn_clickID=WV26R3zaOy97DewLmdPqKNbvaoKxNkEb1Zv0lXoxgQMp5G4Ar&country=ES&intgrtn_redirectReturningLead=auto
Accept-Language: es-ES,es;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

Date: Mon, 03 Jun 2024 15:57:16 GMT
Content-Encoding: gzip
Last-Modified: Mon, 12 Sep 2022 11:25:55 GMT
Server: nginx
PX-Cache-Status: STALE
ETag: W/"631f1743-eac4"
Transfer-Encoding: chunked
Vary: Accept-Encoding
Content-Type: text/css
X-Upstream: sharkolia-***ko
PX-IPTimestamp: 1717157595 1717430001 1717419780
X-Server: justo
PX-IPCountryISO: ES
Connection: keep-alive
PX-X-Request-Id: 52ac662a1a3c6623a5377a9ec68111d5

GET
H/1.1 200
OK avia-merged-styles-8d3d8e7e41495f6c8fcd447c24837fb2---5fea0759680e5.css
theluckyfortunateoffers.com/amazonspecial/css/ 383 KB
52 KB 638ms
420ms Stylesheet
text/css 193.34.166.37
SNEL

General

Check archive.org

Show headers Download Go to

Full URL: https://theluckyfortunateoffers.com/amazonspecial/css/avia-merged-styles-8d3d8e7e41495f6c8fcd447c24837fb2---5fea0759680e5.css
Requested by: Host: theluckyfortunateoffers.com
URL: https://theluckyfortunateoffers.com/amazonspecial/es/index.php?intgrtn_clickID=WV26R3zaOy97DewLmdPqKNbvaoKxNkEb1Zv0lXoxgQMp5G4Ar&country=ES&intgrtn_redirectReturningLead=auto
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 193.34.166.37 , Netherlands, ASN62370 (SNEL, NL),
Reverse DNS: justo
Software: nginx /
Resource Hash: e4bcf24ba1e17060a1c79f41f9844336594106cb49c26881a2f9b5eb47966dfe

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer: https://theluckyfortunateoffers.com/amazonspecial/es/index.php?intgrtn_clickID=WV26R3zaOy97DewLmdPqKNbvaoKxNkEb1Zv0lXoxgQMp5G4Ar&country=ES&intgrtn_redirectReturningLead=auto
Accept-Language: es-ES,es;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

Date: Mon, 03 Jun 2024 15:57:16 GMT
Content-Encoding: gzip
Last-Modified: Mon, 12 Sep 2022 11:25:55 GMT
Server: nginx
PX-Cache-Status: STALE
ETag: W/"631f1743-5faa0"
Transfer-Encoding: chunked
Vary: Accept-Encoding
Content-Type: text/css
X-Upstream: sharkolia-***ko
PX-IPTimestamp: 1717157595 1717430001 1717419780
X-Server: justo
PX-IPCountryISO: ES
Connection: keep-alive
PX-X-Request-Id: f16dce8e0ade3803ad17160ddeaf02c5

GET
H/1.1 200
OK v4-shims.css
theluckyfortunateoffers.com/amazonspecial/css/ 26 KB
5 KB 373ms
155ms Stylesheet
text/css 193.34.166.37
SNEL

General

Check archive.org

Show headers Download Go to

Full URL: https://theluckyfortunateoffers.com/amazonspecial/css/v4-shims.css
Requested by: Host: theluckyfortunateoffers.com
URL: https://theluckyfortunateoffers.com/amazonspecial/es/index.php?intgrtn_clickID=WV26R3zaOy97DewLmdPqKNbvaoKxNkEb1Zv0lXoxgQMp5G4Ar&country=ES&intgrtn_redirectReturningLead=auto
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 193.34.166.37 , Netherlands, ASN62370 (SNEL, NL),
Reverse DNS: justo
Software: nginx /
Resource Hash: fda3035030d3843c2751dc0da65fb802230ec00a4008aeed83ddddc7b97cbc93

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer: https://theluckyfortunateoffers.com/amazonspecial/es/index.php?intgrtn_clickID=WV26R3zaOy97DewLmdPqKNbvaoKxNkEb1Zv0lXoxgQMp5G4Ar&country=ES&intgrtn_redirectReturningLead=auto
Accept-Language: es-ES,es;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

Date: Mon, 03 Jun 2024 15:57:16 GMT
Content-Encoding: gzip
Last-Modified: Mon, 12 Sep 2022 11:25:55 GMT
Server: nginx
PX-Cache-Status: STALE
ETag: W/"631f1743-684e"
Transfer-Encoding: chunked
Vary: Accept-Encoding
Content-Type: text/css
X-Upstream: sharkolia-***ko
PX-IPTimestamp: 1717157595 1717430001 1717419780
X-Server: justo
PX-IPCountryISO: ES
Connection: keep-alive
PX-X-Request-Id: ef3254a7db976798da90f8898e8dc017

GET
H2 200 css
fonts.googleapis.com/ 60 KB
2 KB 793ms
137ms Stylesheet
text/css 142.250.186.42
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Roboto%3A100%2C100italic%2C200%2C200italic%2C300%2C300italic%2C400%2C400italic%2C500%2C500italic%2C600%2C600italic%2C700%2C700italic%2C800%2C800italic%2C900%2C900italic%7CRoboto+Slab%3A100%2C100italic%2C200%2C200italic%2C300%2C300italic%2C400%2C400italic%2C500%2C500italic%2C600%2C600italic%2C700%2C700italic%2C800%2C800italic%2C900%2C900italic%7CPoppins%3A100%2C100italic%2C200%2C200italic%2C300%2C300italic%2C400%2C400italic%2C500%2C500italic%2C600%2C600italic%2C700%2C700italic%2C800%2C800italic%2C900%2C900italic%7CABeeZee%3A100%2C100italic%2C200%2C200italic%2C300%2C300italic%2C400%2C400italic%2C500%2C500italic%2C600%2C600italic%2C700%2C700italic%2C800%2C800italic%2C900%2C900italic&ver=5.5.3

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.186.42 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s04-in-f10.1e100.net

Software

ESF /

Resource Hash

ef7ced6cae87fb134411706b50c565fc12e3adc2a28d2b80cd6039df72385359

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer: https://theluckyfortunateoffers.com/
Accept-Language: es-ES,es;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

strict-transport-security: max-age=31536000
date: Mon, 03 Jun 2024 15:57:17 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
last-modified: Mon, 03 Jun 2024 15:57:17 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Mon, 03 Jun 2024 15:57:17 GMT

GET
H2 200 css2
fonts.googleapis.com/ 5 KB
713 B 786ms
131ms Stylesheet
text/css 142.250.186.42
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css2?family=PT+Sans:ital,wght@0,400;0,700;1,400;1,700&display=swap

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.186.42 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s04-in-f10.1e100.net

Software

ESF /

Resource Hash

d0d9388b18d692e5b4cae89f224558a3ec8a98b80fc623dd7582ae43398ebed4

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer: https://theluckyfortunateoffers.com/
Accept-Language: es-ES,es;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

strict-transport-security: max-age=31536000
date: Mon, 03 Jun 2024 15:57:17 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
last-modified: Mon, 03 Jun 2024 15:00:39 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Mon, 03 Jun 2024 15:57:17 GMT

GET
H/1.1 200
OK slick.min.css
theluckyfortunateoffers.com/amazonspecial/css/ 1 KB
990 B 366ms
149ms Stylesheet
text/css 193.34.166.37
SNEL

General

Check archive.org

Show headers Download Go to

Full URL: https://theluckyfortunateoffers.com/amazonspecial/css/slick.min.css
Requested by: Host: theluckyfortunateoffers.com
URL: https://theluckyfortunateoffers.com/amazonspecial/es/index.php?intgrtn_clickID=WV26R3zaOy97DewLmdPqKNbvaoKxNkEb1Zv0lXoxgQMp5G4Ar&country=ES&intgrtn_redirectReturningLead=auto
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 193.34.166.37 , Netherlands, ASN62370 (SNEL, NL),
Reverse DNS: justo
Software: nginx /
Resource Hash: 50ad448a8a5720bf8a5617db15af31ae60163de06331576f60c6244c012ffc72

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer: https://theluckyfortunateoffers.com/amazonspecial/es/index.php?intgrtn_clickID=WV26R3zaOy97DewLmdPqKNbvaoKxNkEb1Zv0lXoxgQMp5G4Ar&country=ES&intgrtn_redirectReturningLead=auto
Accept-Language: es-ES,es;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

Date: Mon, 03 Jun 2024 15:57:16 GMT
Content-Encoding: gzip
Last-Modified: Mon, 12 Sep 2022 11:25:55 GMT
Server: nginx
PX-Cache-Status: STALE
ETag: W/"631f1743-559"
Transfer-Encoding: chunked
Vary: Accept-Encoding
Content-Type: text/css
X-Upstream: sharkolia-***ko
PX-IPTimestamp: 1717157595 1717430001 1717419780
X-Server: justo
PX-IPCountryISO: ES
Connection: keep-alive
PX-X-Request-Id: ba82b9980016454b927f4dc738c46a38

GET
H/1.1 200
OK all.min.css
theluckyfortunateoffers.com/amazonspecial/css/ 56 KB
12 KB 377ms
151ms Stylesheet
text/css 193.34.166.37
SNEL

General

Check archive.org

Show headers Download Go to

Full URL: https://theluckyfortunateoffers.com/amazonspecial/css/all.min.css
Requested by: Host: theluckyfortunateoffers.com
URL: https://theluckyfortunateoffers.com/amazonspecial/es/index.php?intgrtn_clickID=WV26R3zaOy97DewLmdPqKNbvaoKxNkEb1Zv0lXoxgQMp5G4Ar&country=ES&intgrtn_redirectReturningLead=auto
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 193.34.166.37 , Netherlands, ASN62370 (SNEL, NL),
Reverse DNS: justo
Software: nginx /
Resource Hash: 6daf0c6ce9852704badeaa55b3b79c86af9487e1aaca08cd86ec24767a846760

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer: https://theluckyfortunateoffers.com/amazonspecial/es/index.php?intgrtn_clickID=WV26R3zaOy97DewLmdPqKNbvaoKxNkEb1Zv0lXoxgQMp5G4Ar&country=ES&intgrtn_redirectReturningLead=auto
Accept-Language: es-ES,es;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

Date: Mon, 03 Jun 2024 15:57:16 GMT
Content-Encoding: gzip
Last-Modified: Mon, 12 Sep 2022 11:25:55 GMT
Server: nginx
PX-Cache-Status: STALE
ETag: W/"631f1743-de7d"
Transfer-Encoding: chunked
Vary: Accept-Encoding
Content-Type: text/css
X-Upstream: sharkolia-***ko
PX-IPTimestamp: 1717157595 1717430001 1717419780
X-Server: justo
PX-IPCountryISO: ES
Connection: keep-alive
PX-X-Request-Id: ffb4786bc9d9eda0b314cf8108d85847

GET
H/1.1 200
OK custom.css
theluckyfortunateoffers.com/amazonspecial/css/ 11 KB
3 KB 379ms
136ms Stylesheet
text/css 193.34.166.37
SNEL

General

Check archive.org

Show headers Download Go to

Full URL: https://theluckyfortunateoffers.com/amazonspecial/css/custom.css
Requested by: Host: theluckyfortunateoffers.com
URL: https://theluckyfortunateoffers.com/amazonspecial/es/index.php?intgrtn_clickID=WV26R3zaOy97DewLmdPqKNbvaoKxNkEb1Zv0lXoxgQMp5G4Ar&country=ES&intgrtn_redirectReturningLead=auto
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 193.34.166.37 , Netherlands, ASN62370 (SNEL, NL),
Reverse DNS: justo
Software: nginx /
Resource Hash: 46a80c3e8ce40e1e839981a7baaddf17b26c9dd01a07523f8c3073e5abcdbfd9

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer: https://theluckyfortunateoffers.com/amazonspecial/es/index.php?intgrtn_clickID=WV26R3zaOy97DewLmdPqKNbvaoKxNkEb1Zv0lXoxgQMp5G4Ar&country=ES&intgrtn_redirectReturningLead=auto
Accept-Language: es-ES,es;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

Date: Mon, 03 Jun 2024 15:57:16 GMT
Content-Encoding: gzip
Last-Modified: Mon, 12 Sep 2022 11:25:55 GMT
Server: nginx
PX-Cache-Status: STALE
ETag: W/"631f1743-2ce1"
Transfer-Encoding: chunked
Vary: Accept-Encoding
Content-Type: text/css
X-Upstream: sharkolia-***ko
PX-IPTimestamp: 1717157595 1717430001 1717419780
X-Server: justo
PX-IPCountryISO: ES
Connection: keep-alive
PX-X-Request-Id: bb4e3716986cb744a9a74f8220bfb86e

GET
H/1.1 200
OK funnel.css
theluckyfortunateoffers.com/amazonspecial/css/ 88 KB
14 KB 639ms
298ms Stylesheet
text/css 193.34.166.37
SNEL

General

Check archive.org

Show headers Download Go to

Full URL: https://theluckyfortunateoffers.com/amazonspecial/css/funnel.css
Requested by: Host: theluckyfortunateoffers.com
URL: https://theluckyfortunateoffers.com/amazonspecial/es/index.php?intgrtn_clickID=WV26R3zaOy97DewLmdPqKNbvaoKxNkEb1Zv0lXoxgQMp5G4Ar&country=ES&intgrtn_redirectReturningLead=auto
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 193.34.166.37 , Netherlands, ASN62370 (SNEL, NL),
Reverse DNS: justo
Software: nginx /
Resource Hash: 922ee0a54eb79fd950e185ccda4dd13ae0edabb33a44d072a9a62bd26c76770e

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer: https://theluckyfortunateoffers.com/amazonspecial/es/index.php?intgrtn_clickID=WV26R3zaOy97DewLmdPqKNbvaoKxNkEb1Zv0lXoxgQMp5G4Ar&country=ES&intgrtn_redirectReturningLead=auto
Accept-Language: es-ES,es;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

Date: Mon, 03 Jun 2024 15:57:16 GMT
Content-Encoding: gzip
Last-Modified: Mon, 12 Sep 2022 11:25:55 GMT
Server: nginx
PX-Cache-Status: STALE
ETag: W/"631f1743-160d1"
Transfer-Encoding: chunked
Vary: Accept-Encoding
Content-Type: text/css
X-Upstream: sharkolia-***ko
PX-IPTimestamp: 1717157595 1717430001 1717419780
X-Server: justo
PX-IPCountryISO: ES
Connection: keep-alive
PX-X-Request-Id: 87de68a1874ae8bec544ca5573efeeaa

GET
H/1.1 200
OK funnel-additional.css
theluckyfortunateoffers.com/amazonspecial/css/ 11 KB
3 KB 639ms
275ms Stylesheet
text/css 193.34.166.37
SNEL

General

Check archive.org

Show headers Download Go to

Full URL: https://theluckyfortunateoffers.com/amazonspecial/css/funnel-additional.css
Requested by: Host: theluckyfortunateoffers.com
URL: https://theluckyfortunateoffers.com/amazonspecial/es/index.php?intgrtn_clickID=WV26R3zaOy97DewLmdPqKNbvaoKxNkEb1Zv0lXoxgQMp5G4Ar&country=ES&intgrtn_redirectReturningLead=auto
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 193.34.166.37 , Netherlands, ASN62370 (SNEL, NL),
Reverse DNS: justo
Software: nginx /
Resource Hash: b785c6398215d82234d97f5039ed44ebc425b6538dfba459f519c066cbf73a8c

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer: https://theluckyfortunateoffers.com/amazonspecial/es/index.php?intgrtn_clickID=WV26R3zaOy97DewLmdPqKNbvaoKxNkEb1Zv0lXoxgQMp5G4Ar&country=ES&intgrtn_redirectReturningLead=auto
Accept-Language: es-ES,es;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

Date: Mon, 03 Jun 2024 15:57:16 GMT
Content-Encoding: gzip
Last-Modified: Mon, 12 Sep 2022 11:25:55 GMT
Server: nginx
PX-Cache-Status: STALE
ETag: W/"631f1743-2d29"
Transfer-Encoding: chunked
Vary: Accept-Encoding
Content-Type: text/css
X-Upstream: sharkolia-***ko
PX-IPTimestamp: 1717157595 1717430001 1717419780
X-Server: justo
PX-IPCountryISO: ES
Connection: keep-alive
PX-X-Request-Id: 4b172dc0714456521b64eb3c76926b04

GET
H/1.1 200
OK bootstrap.min.css
theluckyfortunateoffers.com/amazonspecial/css/ 138 KB
21 KB 646ms
276ms Stylesheet
text/css 193.34.166.37
SNEL

General

Check archive.org

Show headers Download Go to

Full URL: https://theluckyfortunateoffers.com/amazonspecial/css/bootstrap.min.css
Requested by: Host: theluckyfortunateoffers.com
URL: https://theluckyfortunateoffers.com/amazonspecial/es/index.php?intgrtn_clickID=WV26R3zaOy97DewLmdPqKNbvaoKxNkEb1Zv0lXoxgQMp5G4Ar&country=ES&intgrtn_redirectReturningLead=auto
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 193.34.166.37 , Netherlands, ASN62370 (SNEL, NL),
Reverse DNS: justo
Software: nginx /
Resource Hash: 7928b5ab63c6e89ee0ee26f5ef201a58c72baf91abb688580a1aa26eb57b3c11

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer: https://theluckyfortunateoffers.com/amazonspecial/es/index.php?intgrtn_clickID=WV26R3zaOy97DewLmdPqKNbvaoKxNkEb1Zv0lXoxgQMp5G4Ar&country=ES&intgrtn_redirectReturningLead=auto
Accept-Language: es-ES,es;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

Date: Mon, 03 Jun 2024 15:57:16 GMT
Content-Encoding: gzip
Last-Modified: Mon, 12 Sep 2022 11:25:55 GMT
Server: nginx
PX-Cache-Status: HIT
ETag: W/"631f1743-22688"
Transfer-Encoding: chunked
Vary: Accept-Encoding
Content-Type: text/css
X-Upstream: sharkolia-***ko
PX-IPTimestamp: 1717157595 1717430001 1717419780
X-Server: justo
PX-IPCountryISO: ES
Connection: keep-alive
PX-X-Request-Id: 194a565698f86b16b5efe9cb1910e478

GET
H/1.1 200
OK intgrtn.css
theluckyfortunateoffers.com/amazonspecial/css/ 3 KB
1 KB 639ms
264ms Stylesheet
text/css 193.34.166.37
SNEL

General

Check archive.org

Show headers Download Go to

Full URL: https://theluckyfortunateoffers.com/amazonspecial/css/intgrtn.css
Requested by: Host: theluckyfortunateoffers.com
URL: https://theluckyfortunateoffers.com/amazonspecial/es/index.php?intgrtn_clickID=WV26R3zaOy97DewLmdPqKNbvaoKxNkEb1Zv0lXoxgQMp5G4Ar&country=ES&intgrtn_redirectReturningLead=auto
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 193.34.166.37 , Netherlands, ASN62370 (SNEL, NL),
Reverse DNS: justo
Software: nginx /
Resource Hash: e4aecdb9b577a378e725fa4e5b185218507bfdb1e63630c77653d62842c0ac79

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer: https://theluckyfortunateoffers.com/amazonspecial/es/index.php?intgrtn_clickID=WV26R3zaOy97DewLmdPqKNbvaoKxNkEb1Zv0lXoxgQMp5G4Ar&country=ES&intgrtn_redirectReturningLead=auto
Accept-Language: es-ES,es;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

Date: Mon, 03 Jun 2024 15:57:16 GMT
Content-Encoding: gzip
Last-Modified: Mon, 12 Sep 2022 11:25:55 GMT
Server: nginx
PX-Cache-Status: HIT
ETag: W/"631f1743-d2d"
Transfer-Encoding: chunked
Vary: Accept-Encoding
Content-Type: text/css
X-Upstream: sharkolia-***ko
PX-IPTimestamp: 1717157595 1717430001 1717419780
X-Server: justo
PX-IPCountryISO: ES
Connection: keep-alive
PX-X-Request-Id: d48a86dfdcd80dff1fecddf1c81f5dce

GET
H/1.1 200
OK 5fb67d77b617d_v.png
theluckyfortunateoffers.com/amazonspecial/img/ 5 KB
5 KB 111ms
110ms Image
image/png 193.34.166.37
SNEL

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://theluckyfortunateoffers.com/amazonspecial/img/5fb67d77b617d_v.png
Requested by: Host: theluckyfortunateoffers.com
URL: https://theluckyfortunateoffers.com/amazonspecial/es/index.php?intgrtn_clickID=WV26R3zaOy97DewLmdPqKNbvaoKxNkEb1Zv0lXoxgQMp5G4Ar&country=ES&intgrtn_redirectReturningLead=auto
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 193.34.166.37 , Netherlands, ASN62370 (SNEL, NL),
Reverse DNS: justo
Software: nginx /
Resource Hash: 1a320a466c1d7d389cd5476d27a0d027a833a96e291ce5267d1506695af486eb

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer: https://theluckyfortunateoffers.com/amazonspecial/es/index.php?intgrtn_clickID=WV26R3zaOy97DewLmdPqKNbvaoKxNkEb1Zv0lXoxgQMp5G4Ar&country=ES&intgrtn_redirectReturningLead=auto
Accept-Language: es-ES,es;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

Date: Mon, 03 Jun 2024 15:57:17 GMT
Content-Encoding: gzip
Last-Modified: Mon, 12 Sep 2022 11:25:55 GMT
Server: nginx
PX-Cache-Status: HIT
ETag: W/"631f1743-137e"
Transfer-Encoding: chunked
Vary: Accept-Encoding
Content-Type: image/png
X-Upstream: sharkolia-***ko
PX-IPTimestamp: 1717157595 1717430001 1717419780
X-Server: justo
PX-IPCountryISO: ES
Connection: keep-alive
PX-X-Request-Id: a5a3e105920cc4a8c622adb8e5a37499

GET
H/1.1 200
OK 5fb67d77d9256_v.jpg
theluckyfortunateoffers.com/amazonspecial/img/ 25 KB
22 KB 159ms
159ms Image
image/jpeg 193.34.166.37
SNEL

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://theluckyfortunateoffers.com/amazonspecial/img/5fb67d77d9256_v.jpg
Requested by: Host: theluckyfortunateoffers.com
URL: https://theluckyfortunateoffers.com/amazonspecial/es/index.php?intgrtn_clickID=WV26R3zaOy97DewLmdPqKNbvaoKxNkEb1Zv0lXoxgQMp5G4Ar&country=ES&intgrtn_redirectReturningLead=auto
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 193.34.166.37 , Netherlands, ASN62370 (SNEL, NL),
Reverse DNS: justo
Software: nginx /
Resource Hash: f6351b5bfa259de13dae9c9f332855813b99bd8544c8cdad7cc1645c454fb4bd

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer: https://theluckyfortunateoffers.com/amazonspecial/es/index.php?intgrtn_clickID=WV26R3zaOy97DewLmdPqKNbvaoKxNkEb1Zv0lXoxgQMp5G4Ar&country=ES&intgrtn_redirectReturningLead=auto
Accept-Language: es-ES,es;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

Date: Mon, 03 Jun 2024 15:57:17 GMT
Content-Encoding: gzip
Last-Modified: Mon, 12 Sep 2022 11:25:55 GMT
Server: nginx
PX-Cache-Status: HIT
ETag: W/"631f1743-6293"
Transfer-Encoding: chunked
Vary: Accept-Encoding
Content-Type: image/jpeg
X-Upstream: sharkolia-***ko
PX-IPTimestamp: 1717157595 1717430001 1717419780
X-Server: justo
PX-IPCountryISO: ES
Connection: keep-alive
PX-X-Request-Id: 377df8a017d44a5e0f241924506508a6

GET
H/1.1 200
OK 5fb67d78c1ea3_v.jpg
theluckyfortunateoffers.com/amazonspecial/img/ 17 KB
14 KB 130ms
129ms Image
image/jpeg 193.34.166.37
SNEL

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://theluckyfortunateoffers.com/amazonspecial/img/5fb67d78c1ea3_v.jpg
Requested by: Host: theluckyfortunateoffers.com
URL: https://theluckyfortunateoffers.com/amazonspecial/es/index.php?intgrtn_clickID=WV26R3zaOy97DewLmdPqKNbvaoKxNkEb1Zv0lXoxgQMp5G4Ar&country=ES&intgrtn_redirectReturningLead=auto
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 193.34.166.37 , Netherlands, ASN62370 (SNEL, NL),
Reverse DNS: justo
Software: nginx /
Resource Hash: b5c3c626088edc6bd530c9da23892e3d641fd9fd94e03645164686f5baa1ee30

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer: https://theluckyfortunateoffers.com/amazonspecial/es/index.php?intgrtn_clickID=WV26R3zaOy97DewLmdPqKNbvaoKxNkEb1Zv0lXoxgQMp5G4Ar&country=ES&intgrtn_redirectReturningLead=auto
Accept-Language: es-ES,es;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

Date: Mon, 03 Jun 2024 15:57:17 GMT
Content-Encoding: gzip
Last-Modified: Mon, 12 Sep 2022 11:25:55 GMT
Server: nginx
PX-Cache-Status: HIT
ETag: W/"631f1743-45f6"
Transfer-Encoding: chunked
Vary: Accept-Encoding
Content-Type: image/jpeg
X-Upstream: sharkolia-***ko
PX-IPTimestamp: 1717157595 1717430001 1717419780
X-Server: justo
PX-IPCountryISO: ES
Connection: keep-alive
PX-X-Request-Id: 75e72751b9ffbce8e4c1bc2ad0cbf927

GET
H/1.1 200
OK 5fb67d78cd12b_v.jpg
theluckyfortunateoffers.com/amazonspecial/img/ 63 KB
61 KB 135ms
134ms Image
image/jpeg 193.34.166.37
SNEL

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://theluckyfortunateoffers.com/amazonspecial/img/5fb67d78cd12b_v.jpg
Requested by: Host: theluckyfortunateoffers.com
URL: https://theluckyfortunateoffers.com/amazonspecial/es/index.php?intgrtn_clickID=WV26R3zaOy97DewLmdPqKNbvaoKxNkEb1Zv0lXoxgQMp5G4Ar&country=ES&intgrtn_redirectReturningLead=auto
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 193.34.166.37 , Netherlands, ASN62370 (SNEL, NL),
Reverse DNS: justo
Software: nginx /
Resource Hash: 856a223e470a7640097f6a83588c41b7d831e364e9db24d1165e1811b026d9a9

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer: https://theluckyfortunateoffers.com/amazonspecial/es/index.php?intgrtn_clickID=WV26R3zaOy97DewLmdPqKNbvaoKxNkEb1Zv0lXoxgQMp5G4Ar&country=ES&intgrtn_redirectReturningLead=auto
Accept-Language: es-ES,es;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

Date: Mon, 03 Jun 2024 15:57:17 GMT
Content-Encoding: gzip
Last-Modified: Mon, 12 Sep 2022 11:25:55 GMT
Server: nginx
PX-Cache-Status: HIT
ETag: W/"631f1743-fa5a"
Transfer-Encoding: chunked
Vary: Accept-Encoding
Content-Type: image/jpeg
X-Upstream: sharkolia-***ko
PX-IPTimestamp: 1717157595 1717430001 1717419780
X-Server: justo
PX-IPCountryISO: ES
Connection: keep-alive
PX-X-Request-Id: a5ba02166958cf4f961b806681e8ccc8

GET
H/1.1 200
OK jquery-1.11.3.min.js Show response
theluckyfortunateoffers.com/amazonspecial/js/ 94 KB
33 KB 621ms
263ms Script
application/javascript 193.34.166.37
SNEL

General

Check archive.org

Show headers Download Go to

Full URL: https://theluckyfortunateoffers.com/amazonspecial/js/jquery-1.11.3.min.js
Requested by: Host: theluckyfortunateoffers.com
URL: https://theluckyfortunateoffers.com/amazonspecial/es/index.php?intgrtn_clickID=WV26R3zaOy97DewLmdPqKNbvaoKxNkEb1Zv0lXoxgQMp5G4Ar&country=ES&intgrtn_redirectReturningLead=auto
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 193.34.166.37 , Netherlands, ASN62370 (SNEL, NL),
Reverse DNS: justo
Software: nginx /
Resource Hash: ecb916133a9376911f10bc5c659952eb0031e457f5df367cde560edbfba38fb8

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer: https://theluckyfortunateoffers.com/amazonspecial/es/index.php?intgrtn_clickID=WV26R3zaOy97DewLmdPqKNbvaoKxNkEb1Zv0lXoxgQMp5G4Ar&country=ES&intgrtn_redirectReturningLead=auto
Accept-Language: es-ES,es;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

Date: Mon, 03 Jun 2024 15:57:16 GMT
Content-Encoding: gzip
Last-Modified: Mon, 12 Sep 2022 11:25:55 GMT
Server: nginx
PX-Cache-Status: HIT
ETag: W/"631f1743-176d5"
Transfer-Encoding: chunked
Vary: Accept-Encoding
Content-Type: application/javascript
X-Upstream: sharkolia-***ko
PX-IPTimestamp: 1717157595 1717430001 1717419780
X-Server: justo
PX-IPCountryISO: ES
Connection: keep-alive
PX-X-Request-Id: 4d832c3b5188000c1e096b579d9dd705

GET
H/1.1 200
OK bootstrap.min.js Show response
theluckyfortunateoffers.com/amazonspecial/js/ 50 KB
14 KB 142ms
141ms Script
application/javascript 193.34.166.37
SNEL

General

Check archive.org

Show headers Download Go to

Full URL: https://theluckyfortunateoffers.com/amazonspecial/js/bootstrap.min.js
Requested by: Host: theluckyfortunateoffers.com
URL: https://theluckyfortunateoffers.com/amazonspecial/es/index.php?intgrtn_clickID=WV26R3zaOy97DewLmdPqKNbvaoKxNkEb1Zv0lXoxgQMp5G4Ar&country=ES&intgrtn_redirectReturningLead=auto
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 193.34.166.37 , Netherlands, ASN62370 (SNEL, NL),
Reverse DNS: justo
Software: nginx /
Resource Hash: 56c12a125b021d21a69e61d7190cefa168d6c28ce715265cea1b3b0112d169c4

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer: https://theluckyfortunateoffers.com/amazonspecial/es/index.php?intgrtn_clickID=WV26R3zaOy97DewLmdPqKNbvaoKxNkEb1Zv0lXoxgQMp5G4Ar&country=ES&intgrtn_redirectReturningLead=auto
Accept-Language: es-ES,es;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

Date: Mon, 03 Jun 2024 15:57:17 GMT
Content-Encoding: gzip
Last-Modified: Mon, 12 Sep 2022 11:25:55 GMT
Server: nginx
PX-Cache-Status: HIT
ETag: W/"631f1743-c75f"
Transfer-Encoding: chunked
Vary: Accept-Encoding
Content-Type: application/javascript
X-Upstream: sharkolia-***ko
PX-IPTimestamp: 1717157595 1717430001 1717419780
X-Server: justo
PX-IPCountryISO: ES
Connection: keep-alive
PX-X-Request-Id: e9b25468e12c4410f3225ae209d30127

GET
H2 200 css2
fonts.googleapis.com/ 5 KB
612 B 410ms
136ms Stylesheet
text/css 142.250.186.42
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css2?family=Work+Sans:wght@400;600;700;800;900&display=swap

Requested by

Host: theluckyfortunateoffers.com
URL: https://theluckyfortunateoffers.com/amazonspecial/css/custom.css

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.186.42 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s04-in-f10.1e100.net

Software

ESF /

Resource Hash

1fe73fb1bd17a8ed817c1f89abe78ded44d961c543e7f7d85702845a2cfd3877

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer: https://theluckyfortunateoffers.com/
Accept-Language: es-ES,es;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

strict-transport-security: max-age=31536000
date: Mon, 03 Jun 2024 15:57:17 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
last-modified: Mon, 03 Jun 2024 15:51:12 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Mon, 03 Jun 2024 15:57:17 GMT

GET
H/1.1 200
OK amazon-1-1.jpg
theluckyfortunateoffers.com/amazonspecial/img/ 101 KB
101 KB 116ms
116ms Image
image/jpeg 193.34.166.37
SNEL

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://theluckyfortunateoffers.com/amazonspecial/img/amazon-1-1.jpg
Requested by: Host: theluckyfortunateoffers.com
URL: https://theluckyfortunateoffers.com/amazonspecial/es/index.php?intgrtn_clickID=WV26R3zaOy97DewLmdPqKNbvaoKxNkEb1Zv0lXoxgQMp5G4Ar&country=ES&intgrtn_redirectReturningLead=auto
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 193.34.166.37 , Netherlands, ASN62370 (SNEL, NL),
Reverse DNS: justo
Software: nginx /
Resource Hash: c1af3158b052d4a2841d6618e385457afb39c3ebde4e1c29b45a8889aee7ec3a

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer: https://theluckyfortunateoffers.com/amazonspecial/es/index.php?intgrtn_clickID=WV26R3zaOy97DewLmdPqKNbvaoKxNkEb1Zv0lXoxgQMp5G4Ar&country=ES&intgrtn_redirectReturningLead=auto
Accept-Language: es-ES,es;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

Date: Mon, 03 Jun 2024 15:57:17 GMT
Content-Encoding: gzip
Last-Modified: Mon, 12 Sep 2022 11:25:55 GMT
Server: nginx
PX-Cache-Status: HIT
ETag: W/"631f1743-195bd"
Transfer-Encoding: chunked
Vary: Accept-Encoding
Content-Type: image/jpeg
X-Upstream: sharkolia-***ko
PX-IPTimestamp: 1717157595 1717430001 1717419780
X-Server: justo
PX-IPCountryISO: ES
Connection: keep-alive
PX-X-Request-Id: d276ef81a37b945ad9baab347f4f42a7

GET
H2 200 u-4n0qyriQwlOrhSvowK_l52xwNZWMf6.woff2
fonts.gstatic.com/s/merriweather/v30/ 19 KB
19 KB 783ms
175ms Font
font/woff2 142.250.184.195

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/merriweather/v30/u-4n0qyriQwlOrhSvowK_l52xwNZWMf6.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css2?family=Merriweather:wght@300;400;700&display=swap

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.184.195 -, , ASN (),

Reverse DNS

Software

sffe /

Resource Hash

273c8613cdd2852dd5318f224d804ae6d2fc717c48d3f1dab587b6d396fb4fc8

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer: https://fonts.googleapis.com/
Origin: https://theluckyfortunateoffers.com
Accept-Language: es-ES,es;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Sat, 01 Jun 2024 11:38:19 GMT
x-content-type-options: nosniff
age: 188338
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 19740
x-xss-protection: 0
last-modified: Tue, 26 Apr 2022 15:48:38 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Sun, 01 Jun 2025 11:38:19 GMT

GET
H2 200 uK_w4ruaZus72nbNDycQGvo.woff2
fonts.gstatic.com/s/magra/v14/ 9 KB
10 KB 747ms
138ms Font
font/woff2 142.250.184.195

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/magra/v14/uK_w4ruaZus72nbNDycQGvo.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css2?family=Magra:wght@400;700&display=swap

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.184.195 -, , ASN (),

Reverse DNS

Software

sffe /

Resource Hash

c4920b39f85de27baf31e69b334cdf828ec2875ac4ec3a4a2d7a2e52773f7e79

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer: https://fonts.googleapis.com/
Origin: https://theluckyfortunateoffers.com
Accept-Language: es-ES,es;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Sat, 01 Jun 2024 04:35:54 GMT
x-content-type-options: nosniff
age: 213683
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 9436
x-xss-protection: 0
last-modified: Tue, 26 Apr 2022 15:28:01 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Sun, 01 Jun 2025 04:35:54 GMT

GET
H2 200 6xKydSBYKcSV-LCoeQqfX1RYOo3ig4vwlxdu.woff2
fonts.gstatic.com/s/sourcesanspro/v22/ 14 KB
14 KB 772ms
164ms Font
font/woff2 142.250.184.195

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/sourcesanspro/v22/6xKydSBYKcSV-LCoeQqfX1RYOo3ig4vwlxdu.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css2?family=Source+Sans+Pro:wght@300;400;600;700&display=swap

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.184.195 -, , ASN (),

Reverse DNS

Software

sffe /

Resource Hash

0d0a6262c545e8bbc895116e5afb22579c468d7abb77e378f377d6fed57c1dce

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer: https://fonts.googleapis.com/
Origin: https://theluckyfortunateoffers.com
Accept-Language: es-ES,es;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Tue, 28 May 2024 14:45:29 GMT
x-content-type-options: nosniff
age: 522708
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 14712
x-xss-protection: 0
last-modified: Thu, 01 Jun 2023 22:52:57 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Wed, 28 May 2025 14:45:29 GMT

GET
H2 200 JTUSjIg1_i6t8kCHKm459Wlhyw.woff2
fonts.gstatic.com/s/montserrat/v26/ 32 KB
32 KB 809ms
201ms Font
font/woff2 142.250.184.195

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/montserrat/v26/JTUSjIg1_i6t8kCHKm459Wlhyw.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css2?family=Montserrat:wght@300;400;600;700&display=swap

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.184.195 -, , ASN (),

Reverse DNS

Software

sffe /

Resource Hash

bb2f90081933c0f2475883ca2c5cfee94e96d7314a09433fffc42e37f4cffd3b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer: https://fonts.googleapis.com/
Origin: https://theluckyfortunateoffers.com
Accept-Language: es-ES,es;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Fri, 31 May 2024 18:49:33 GMT
x-content-type-options: nosniff
age: 248864
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 33092
x-xss-protection: 0
last-modified: Wed, 13 Sep 2023 22:51:58 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Sat, 31 May 2025 18:49:33 GMT

GET
H2 200 6xK3dSBYKcSV-LCoeQqfX1RYOo3qOK7l.woff2
fonts.gstatic.com/s/sourcesanspro/v22/ 15 KB
15 KB 761ms
153ms Font
font/woff2 142.250.184.195

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/sourcesanspro/v22/6xK3dSBYKcSV-LCoeQqfX1RYOo3qOK7l.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css2?family=Source+Sans+Pro:wght@300;400;600;700&display=swap

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.184.195 -, , ASN (),

Reverse DNS

Software

sffe /

Resource Hash

7b348b30ea1fe43857e68fc462c29e5c6e63c97666af75135c4396a272e54762

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer: https://fonts.googleapis.com/
Origin: https://theluckyfortunateoffers.com
Accept-Language: es-ES,es;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Fri, 31 May 2024 23:10:14 GMT
x-content-type-options: nosniff
age: 233223
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 14892
x-xss-protection: 0
last-modified: Thu, 01 Jun 2023 22:52:56 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Sat, 31 May 2025 23:10:14 GMT

GET
H/1.1 200
OK entypo-fontello.woff2
theluckyfortunateoffers.com/amazonspecial/fonts/ 38 KB
38 KB 141ms
140ms Font
font/woff2 193.34.166.37
SNEL

General

Check archive.org

Show headers Download Go to

Full URL: https://theluckyfortunateoffers.com/amazonspecial/fonts/entypo-fontello.woff2
Requested by: Host: theluckyfortunateoffers.com
URL: https://theluckyfortunateoffers.com/amazonspecial/es/index.php?intgrtn_clickID=WV26R3zaOy97DewLmdPqKNbvaoKxNkEb1Zv0lXoxgQMp5G4Ar&country=ES&intgrtn_redirectReturningLead=auto
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 193.34.166.37 , Netherlands, ASN62370 (SNEL, NL),
Reverse DNS: justo
Software: nginx /
Resource Hash: aba14bf4f70a87d173da2171049240f074959c2497caadb37fdba37fbdfabd1f

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer: https://theluckyfortunateoffers.com/amazonspecial/es/index.php?intgrtn_clickID=WV26R3zaOy97DewLmdPqKNbvaoKxNkEb1Zv0lXoxgQMp5G4Ar&country=ES&intgrtn_redirectReturningLead=auto
Origin: https://theluckyfortunateoffers.com
Accept-Language: es-ES,es;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

Date: Mon, 03 Jun 2024 15:57:17 GMT
Last-Modified: Mon, 12 Sep 2022 11:25:55 GMT
Server: nginx
PX-Cache-Status: HIT
ETag: "631f1743-9754"
Content-Type: font/woff2
X-Upstream: sharkolia-***ko
PX-IPTimestamp: 1717157595 1717430001 1717419780
X-Server: justo
PX-IPCountryISO: ES
Connection: keep-alive
Accept-Ranges: bytes
PX-X-Request-Id: 2d0fd2899ff6f0f2f92fd3d69e919480
Content-Length: 38740

GET
H/1.1 200
OK sdk.js Show response
theluckyfortunateoffers.com/intgrtn/api/v1/integration/ 521 KB
54 KB 142ms
140ms Script
application/javascript 193.34.166.37
SNEL

General

Check archive.org

Show headers Download Go to

Full URL: https://theluckyfortunateoffers.com/intgrtn/api/v1/integration/sdk.js?v=1202453166
Requested by: Host: theluckyfortunateoffers.com
URL: https://theluckyfortunateoffers.com/amazonspecial/es/index.php?intgrtn_clickID=WV26R3zaOy97DewLmdPqKNbvaoKxNkEb1Zv0lXoxgQMp5G4Ar&country=ES&intgrtn_redirectReturningLead=auto
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 193.34.166.37 , Netherlands, ASN62370 (SNEL, NL),
Reverse DNS: justo
Software: nginx /
Resource Hash: 8a65062a2b10e11f972315e1cf17ba5e2dc11b3929a7d9ea983012893b74575d

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer: https://theluckyfortunateoffers.com/amazonspecial/es/index.php?intgrtn_clickID=WV26R3zaOy97DewLmdPqKNbvaoKxNkEb1Zv0lXoxgQMp5G4Ar&country=ES&intgrtn_redirectReturningLead=auto
Accept-Language: es-ES,es;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

Date: Mon, 03 Jun 2024 15:57:17 GMT
Content-Encoding: gzip
Transfer-Encoding: chunked
PX-IPTimestamp: 1717157595 1717430001 1717419780
Connection: keep-alive
Last-Modified: Mon, 03 Jun 2024 10:50:18 GMT
Server: nginx
PX-Cache-Status: HIT
ETag: W/"665d9fea-824d1"
Vary: Accept-Encoding
Content-Type: application/javascript
Cache-Control: max-age=31536000
X-Server: justo
PX-IPCountryISO: ES
PX-X-Request-Id: c9bf16b2ed91ce2fae0c3ed020e3c380
Expires: Tue, 03 Jun 2025 14:55:10 GMT

GET
H/1.1 200
OK details.php Show response
theluckyfortunateoffers.com/intgrtn/api/v1/projects/ 55 KB
11 KB 234ms
233ms XHR
application/json 193.34.166.37
SNEL

General

Check archive.org

Show headers Download Go to

Full URL: https://theluckyfortunateoffers.com/intgrtn/api/v1/projects/details.php?&clickID=WV26R3zaOy97DewLmdPqKNbvaoKxNkEb1Zv0lXoxgQMp5G4Ar&language=es
Requested by: Host: theluckyfortunateoffers.com
URL: https://theluckyfortunateoffers.com/intgrtn/api/v1/integration/sdk.js?v=1202453166
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 193.34.166.37 , Netherlands, ASN62370 (SNEL, NL),
Reverse DNS: justo
Software: nginx /
Resource Hash: 217f29d23907d38132b1f9d587362f8d95a9b66e48373474edca106bcb44d47e

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Accept-Language: es-ES,es;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
Intgrtn-Referer: https://theluckyfortunateoffers.com/amazonspecial/es/index.php?intgrtn_clickID=WV26R3zaOy97DewLmdPqKNbvaoKxNkEb1Zv0lXoxgQMp5G4Ar&country=ES&intgrtn_redirectReturningLead=auto
Content-Type: application/json
Referer: https://theluckyfortunateoffers.com/amazonspecial/es/index.php?intgrtn_clickID=WV26R3zaOy97DewLmdPqKNbvaoKxNkEb1Zv0lXoxgQMp5G4Ar&country=ES&intgrtn_redirectReturningLead=auto
sec-ch-ua-platform: "Win32"

Response headers

Date: Mon, 03 Jun 2024 15:57:17 GMT
Content-Encoding: gzip
Server: nginx
Transfer-Encoding: chunked
Access-Control-Allow-Methods: POST, GET, OPTIONS
Content-Type: application/json
Access-Control-Allow-Origin: *
PX-IPTimestamp: 1717157595 1717430001 1717419780
Vary: Accept-Encoding
X-Server: justo
PX-IPCountryISO: ES
Connection: keep-alive
PX-X-Request-Id: 29ff0ec4ee1880dcb5432c9ee0b16669
Access-Control-Allow-Headers: accept, origin, content-type, authorization, Cache-Control, X-Requested-With, Intgrtn-Referer

GET
H/1.1 200
OK agreements.php Show response
theluckyfortunateoffers.com/intgrtn/api/v1/projects/ 4 KB
2 KB 177ms
177ms XHR
application/json 193.34.166.37
SNEL

General

Check archive.org

Show headers Download Go to

Full URL: https://theluckyfortunateoffers.com/intgrtn/api/v1/projects/agreements.php?type=4&clickID=WV26R3zaOy97DewLmdPqKNbvaoKxNkEb1Zv0lXoxgQMp5G4Ar
Requested by: Host: theluckyfortunateoffers.com
URL: https://theluckyfortunateoffers.com/intgrtn/api/v1/integration/sdk.js?v=1202453166
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 193.34.166.37 , Netherlands, ASN62370 (SNEL, NL),
Reverse DNS: justo
Software: nginx /
Resource Hash: e2b18b8741e720b340ac17870d202893319c07b2a9a241611276854fd143bfa8

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Accept-Language: es-ES,es;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
Intgrtn-Referer: https://theluckyfortunateoffers.com/amazonspecial/es/index.php?intgrtn_clickID=WV26R3zaOy97DewLmdPqKNbvaoKxNkEb1Zv0lXoxgQMp5G4Ar&country=ES&intgrtn_redirectReturningLead=auto
Content-Type: application/json
Referer: https://theluckyfortunateoffers.com/amazonspecial/es/index.php?intgrtn_clickID=WV26R3zaOy97DewLmdPqKNbvaoKxNkEb1Zv0lXoxgQMp5G4Ar&country=ES&intgrtn_redirectReturningLead=auto
sec-ch-ua-platform: "Win32"

Response headers

Date: Mon, 03 Jun 2024 15:57:17 GMT
Content-Encoding: gzip
Server: nginx
Transfer-Encoding: chunked
Access-Control-Allow-Methods: POST, GET, OPTIONS
Content-Type: application/json
Access-Control-Allow-Origin: *
PX-IPTimestamp: 1717157595 1717430001 1717419780
Vary: Accept-Encoding
X-Server: justo
PX-IPCountryISO: ES
Connection: keep-alive
PX-X-Request-Id: 5648f547d4f84a1a1e39515290cf9b26
Access-Control-Allow-Headers: accept, origin, content-type, authorization, Cache-Control, X-Requested-With, Intgrtn-Referer

GET
H/1.1 200
OK sdk.css
theluckyfortunateoffers.com/intgrtn/api/v1/integration/ 86 KB
9 KB 129ms
128ms Stylesheet
text/css 193.34.166.37
SNEL

General

Check archive.org

Show headers Download Go to

Full URL: https://theluckyfortunateoffers.com/intgrtn/api/v1/integration/sdk.css?v=2.69.1
Requested by: Host: theluckyfortunateoffers.com
URL: https://theluckyfortunateoffers.com/intgrtn/api/v1/integration/sdk.js?v=1202453166
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 193.34.166.37 , Netherlands, ASN62370 (SNEL, NL),
Reverse DNS: justo
Software: nginx /
Resource Hash: 823d1157dd47f546625eaae67213f0b0d2ed4aeca5d71b100a289ee3f8aba213

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer: https://theluckyfortunateoffers.com/amazonspecial/es/index.php?intgrtn_clickID=WV26R3zaOy97DewLmdPqKNbvaoKxNkEb1Zv0lXoxgQMp5G4Ar&country=ES&intgrtn_redirectReturningLead=auto
Accept-Language: es-ES,es;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

Date: Mon, 03 Jun 2024 15:57:17 GMT
Content-Encoding: gzip
Transfer-Encoding: chunked
PX-IPTimestamp: 1717157595 1717430001 1717419780
Connection: keep-alive
Last-Modified: Thu, 16 May 2024 14:05:07 GMT
Server: nginx
PX-Cache-Status: HIT
ETag: W/"66461293-1589d"
Vary: Accept-Encoding
Content-Type: text/css
Cache-Control: max-age=31536000
X-Server: justo
PX-IPCountryISO: ES
PX-X-Request-Id: 9d1ed015d2ba8489578120dc377d773c
Expires: Fri, 16 May 2025 14:09:46 GMT

GET
H/1.1 200
OK eye-1a.png
theluckyfortunateoffers.com/intgrtn/api/v1/integration/assets/img/ 1 KB
2 KB 117ms
116ms Image
image/png 193.34.166.37
SNEL

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://theluckyfortunateoffers.com/intgrtn/api/v1/integration/assets/img/eye-1a.png
Requested by: Host: theluckyfortunateoffers.com
URL: https://theluckyfortunateoffers.com/intgrtn/api/v1/integration/sdk.css?v=2.69.1
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 193.34.166.37 , Netherlands, ASN62370 (SNEL, NL),
Reverse DNS: justo
Software: nginx /
Resource Hash: 9505ce3a2d95aa956775178ce80f3e0e89cc58c85906cd04bd1f8a6d6a5768e3

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer: https://theluckyfortunateoffers.com/intgrtn/api/v1/integration/sdk.css?v=2.69.1
Accept-Language: es-ES,es;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

Date: Mon, 03 Jun 2024 15:57:17 GMT
Content-Encoding: gzip
Transfer-Encoding: chunked
PX-IPTimestamp: 1717157595 1717430001 1717419780
Connection: keep-alive
Last-Modified: Thu, 07 Mar 2024 16:52:43 GMT
Server: nginx
PX-Cache-Status: HIT
ETag: W/"65e9f0db-42f"
Vary: Accept-Encoding
Content-Type: image/png
Cache-Control: max-age=31536000
X-Server: justo
PX-IPCountryISO: ES
PX-X-Request-Id: 9da8be324057f3ca29ae32fbe0b7c1cb
Expires: Tue, 11 Mar 2025 10:22:49 GMT

GET
H/1.1 200
OK flags32.png
theluckyfortunateoffers.com/intgrtn/api/v1/integration/assets/img/ 44 KB
45 KB 121ms
121ms Image
image/png 193.34.166.37
SNEL

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://theluckyfortunateoffers.com/intgrtn/api/v1/integration/assets/img/flags32.png
Requested by: Host: theluckyfortunateoffers.com
URL: https://theluckyfortunateoffers.com/intgrtn/api/v1/integration/sdk.css?v=2.69.1
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 193.34.166.37 , Netherlands, ASN62370 (SNEL, NL),
Reverse DNS: justo
Software: nginx /
Resource Hash: 681c58beadf3030753d8d5bb7c85c5f631704a515a9da8fd7a3744be46e12419

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer: https://theluckyfortunateoffers.com/intgrtn/api/v1/integration/sdk.css?v=2.69.1
Accept-Language: es-ES,es;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

Date: Mon, 03 Jun 2024 15:57:17 GMT
Content-Encoding: gzip
Transfer-Encoding: chunked
PX-IPTimestamp: 1717157595 1717430001 1717419780
Connection: keep-alive
Last-Modified: Thu, 08 Feb 2024 14:51:10 GMT
Server: nginx
PX-Cache-Status: HIT
ETag: W/"65c4ea5e-afed"
Vary: Accept-Encoding
Content-Type: image/png
Cache-Control: max-age=31536000
X-Server: justo
PX-IPCountryISO: ES
PX-X-Request-Id: c5d27d1ff25fde24b906c6589d460484
Expires: Wed, 12 Feb 2025 09:32:21 GMT

GET
H/1.1 200
OK agreements.php Show response
theluckyfortunateoffers.com/intgrtn/api/v1/projects/ 4 KB
2 KB 168ms
167ms XHR
application/json 193.34.166.37
SNEL

General

Check archive.org

Show headers Download Go to

Full URL: https://theluckyfortunateoffers.com/intgrtn/api/v1/projects/agreements.php?type=4&clickID=WV26R3zaOy97DewLmdPqKNbvaoKxNkEb1Zv0lXoxgQMp5G4Ar&locale=es-ES
Requested by: Host: theluckyfortunateoffers.com
URL: https://theluckyfortunateoffers.com/intgrtn/api/v1/integration/sdk.js?v=1202453166
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 193.34.166.37 , Netherlands, ASN62370 (SNEL, NL),
Reverse DNS: justo
Software: nginx /
Resource Hash: db25b6f2a7ad27e88073f2b52fce73eaf69d29fa958019a3539200ab3c2486e3

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Accept-Language: es-ES,es;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
Intgrtn-Referer: https://theluckyfortunateoffers.com/amazonspecial/es/index.php?intgrtn_clickID=WV26R3zaOy97DewLmdPqKNbvaoKxNkEb1Zv0lXoxgQMp5G4Ar&country=ES&intgrtn_redirectReturningLead=auto
Content-Type: application/json
Referer: https://theluckyfortunateoffers.com/amazonspecial/es/index.php?intgrtn_clickID=WV26R3zaOy97DewLmdPqKNbvaoKxNkEb1Zv0lXoxgQMp5G4Ar&country=ES&intgrtn_redirectReturningLead=auto
sec-ch-ua-platform: "Win32"

Response headers

Date: Mon, 03 Jun 2024 15:57:17 GMT
Content-Encoding: gzip
Server: nginx
Transfer-Encoding: chunked
Access-Control-Allow-Methods: POST, GET, OPTIONS
Content-Type: application/json
Access-Control-Allow-Origin: *
PX-IPTimestamp: 1717157595 1717430001 1717419780
Vary: Accept-Encoding
X-Server: justo
PX-IPCountryISO: ES
Connection: keep-alive
PX-X-Request-Id: 21fdca7dcf6298998d807319a0707ef3
Access-Control-Allow-Headers: accept, origin, content-type, authorization, Cache-Control, X-Requested-With, Intgrtn-Referer

GET
H/1.1 200
OK agreements.php Show response
theluckyfortunateoffers.com/intgrtn/api/v1/projects/ 4 KB
2 KB 311ms
155ms XHR
application/json 193.34.166.37
SNEL

General

Check archive.org

Show headers Download Go to

Full URL: https://theluckyfortunateoffers.com/intgrtn/api/v1/projects/agreements.php?type=4&clickID=WV26R3zaOy97DewLmdPqKNbvaoKxNkEb1Zv0lXoxgQMp5G4Ar&locale=es-ES
Requested by: Host: theluckyfortunateoffers.com
URL: https://theluckyfortunateoffers.com/intgrtn/api/v1/integration/sdk.js?v=1202453166
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 193.34.166.37 , Netherlands, ASN62370 (SNEL, NL),
Reverse DNS: justo
Software: nginx /
Resource Hash: ff1da91579aa8ba488835295380eed8f794648676ddf4f71c3343f4088a2bed8

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Accept-Language: es-ES,es;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
Intgrtn-Referer: https://theluckyfortunateoffers.com/amazonspecial/es/index.php?intgrtn_clickID=WV26R3zaOy97DewLmdPqKNbvaoKxNkEb1Zv0lXoxgQMp5G4Ar&country=ES&intgrtn_redirectReturningLead=auto
Content-Type: application/json
Referer: https://theluckyfortunateoffers.com/amazonspecial/es/index.php?intgrtn_clickID=WV26R3zaOy97DewLmdPqKNbvaoKxNkEb1Zv0lXoxgQMp5G4Ar&country=ES&intgrtn_redirectReturningLead=auto
sec-ch-ua-platform: "Win32"

Response headers

Date: Mon, 03 Jun 2024 15:57:18 GMT
Content-Encoding: gzip
Server: nginx
Transfer-Encoding: chunked
Access-Control-Allow-Methods: POST, GET, OPTIONS
Content-Type: application/json
Access-Control-Allow-Origin: *
PX-IPTimestamp: 1717157595 1717430001 1717419780
Vary: Accept-Encoding
X-Server: justo
PX-IPCountryISO: ES
Connection: keep-alive
PX-X-Request-Id: d389583d966c12d97796cf1972a1be84
Access-Control-Allow-Headers: accept, origin, content-type, authorization, Cache-Control, X-Requested-With, Intgrtn-Referer

POST
H/1.1 200
OK add.php Show response
theluckyfortunateoffers.com/intgrtn/api/v1/events/ 171 B
754 B 163ms
163ms XHR
application/json 193.34.166.37
SNEL

General

Check archive.org

Show headers Download Go to

Full URL: https://theluckyfortunateoffers.com/intgrtn/api/v1/events/add.php
Requested by: Host: theluckyfortunateoffers.com
URL: https://theluckyfortunateoffers.com/intgrtn/api/v1/integration/sdk.js?v=1202453166
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 193.34.166.37 , Netherlands, ASN62370 (SNEL, NL),
Reverse DNS: justo
Software: nginx /
Resource Hash: ed4c74715d5a46f0a1d842bcd72cbe43f01d4fa92bb45f0ca88a0ad895e20918

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Accept-Language: es-ES,es;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
Intgrtn-Referer: https://theluckyfortunateoffers.com/amazonspecial/es/index.php?intgrtn_clickID=WV26R3zaOy97DewLmdPqKNbvaoKxNkEb1Zv0lXoxgQMp5G4Ar&country=ES&intgrtn_redirectReturningLead=auto
Content-Type: application/json
Referer: https://theluckyfortunateoffers.com/amazonspecial/es/index.php?intgrtn_clickID=WV26R3zaOy97DewLmdPqKNbvaoKxNkEb1Zv0lXoxgQMp5G4Ar&country=ES&intgrtn_redirectReturningLead=auto
sec-ch-ua-platform: "Win32"

Response headers

Date: Mon, 03 Jun 2024 15:57:17 GMT
Content-Encoding: gzip
Server: nginx
Transfer-Encoding: chunked
Access-Control-Allow-Methods: POST, GET, OPTIONS
Content-Type: application/json
Access-Control-Allow-Origin: https://theluckyfortunateoffers.com
PX-IPTimestamp: 1717157595 1717430001 1717419780
Vary: Accept-Encoding
X-Server: justo
PX-IPCountryISO: ES
Connection: keep-alive
PX-X-Request-Id: 05397e15b017777f589049340458b541
Access-Control-Allow-Headers: accept, origin, content-type, authorization, Cache-Control, X-Requested-With, Intgrtn-Referer

GET
H/1.1 200
OK Robistix-favicon.png
theluckyfortunateoffers.com/amazonspecial/img/ 4 KB
4 KB 114ms
114ms Other
image/png 193.34.166.37
SNEL

General

Check archive.org

Show headers Download Go to

Full URL: https://theluckyfortunateoffers.com/amazonspecial/img/Robistix-favicon.png
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 193.34.166.37 , Netherlands, ASN62370 (SNEL, NL),
Reverse DNS: justo
Software: nginx /
Resource Hash: 5b717b8cc77695398955e8fa1a2621985dd5931d0b24f89e7800a569199a1bf0

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer: https://theluckyfortunateoffers.com/amazonspecial/es/index.php?intgrtn_clickID=WV26R3zaOy97DewLmdPqKNbvaoKxNkEb1Zv0lXoxgQMp5G4Ar&country=ES&intgrtn_redirectReturningLead=auto
Accept-Language: es-ES,es;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

Date: Mon, 03 Jun 2024 15:57:18 GMT
Content-Encoding: gzip
Last-Modified: Mon, 12 Sep 2022 11:25:55 GMT
Server: nginx
PX-Cache-Status: HIT
ETag: W/"631f1743-ffb"
Transfer-Encoding: chunked
Vary: Accept-Encoding
Content-Type: image/png
X-Upstream: sharkolia-***ko
PX-IPTimestamp: 1717157595 1717430001 1717419780
X-Server: justo
PX-IPCountryISO: ES
Connection: keep-alive
PX-X-Request-Id: a4951153c7d4f102ecc9f541b8227f6f

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain: proftrafficcounter.com
URL: https://proftrafficcounter.com/stats

Verdicts & Comments Add Verdict or Comment

Potentially malicious activity detected
Disclaimer: These verdicts should be used to detect potentially malicious websites, not as a final verdict!

urlscan

Phishing against: Investment Scam (Online)

6 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

17 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
theluckyfortunateoffers.com/amazonspecial/	1970-01-20 21:47:02	Name: intgrtn_language Value: es
theluckyfortunateoffers.com/amazonspecial/	1970-01-21 05:49:26	Name: intgrtn_clickID Value: WV26R3zaOy97DewLmdPqKNbvaoKxNkEb1Zv0lXoxgQMp5G4Ar
theluckyfortunateoffers.com/amazonspecial/	1970-01-21 05:49:26	Name: intgrtn_redirectReturningLead Value: auto
theluckyfortunateoffers.com/amazonspecial/	1970-01-21 05:49:26	Name: intgrtn_locale Value: es-ES
www.highcpmgate.com/api	1970-01-20 21:05:16	Name: iprc99a0e144749c854fd35a82379847cbdb Value: 4830037
www.highcpmgate.com/api	1970-01-20 21:05:16	Name: pdhtkv Value: true
www.highcpmgate.com/api	1970-01-20 21:05:16	Name: uncs Value: 1
www.highcpmgate.com/api	1970-01-20 21:05:16	Name: pdhtkv28 Value: true
www.highcpmgate.com/api	1970-01-20 21:05:16	Name: uncs28 Value: 1
www.highcpmgate.com/	1970-01-20 21:05:16	Name: u_pl Value: 23324330
www.highcpmgate.com/	1970-01-20 21:03:50	Name: ain Value: eyJhbGciOiJIUzI1NiJ9.eyJwIjp7ImlkIjoyMzMyNDMzMCwiayI6IjdhYzUyYjFmNjMxOWY1NGQ1YzY5M2I4OTAyODhmNzQ0Iiwic2lkIjoiIiwiaXNpZCI6MiwiYXNpZCI6MSwiemlkIjozODc5NjY2LCJwaWQiOjE4Njk5MDIsImFuIjp0cnVlLCJsYW4iOnRydWUsImNpZCI6MTYsImFpZCI6MjgsInB0Ijo0LCJwayI6ImNnbTFraTRhciIsInQiOjF9LCJ1Ijp7InUiOjEsImF1IjoxLCJkIjp7ImlkIjoyNDQ3NTQzMzUsImlkcyI6IiIsImljIjpmYWxzZSwibiI6IkRlc2t0b3AsRW11bGF0b3IiLCJ2IjoiVW5rbm93biIsIm0iOiJVbmtub3duIiwiZiI6MSwiZm4iOiJEZXNrdG9wIiwib2lkIjozODkxNCwib24iOiJXaW5kb3dzIiwib3YiOiIxMC4wIiwiYmlkIjoxMzI5ODUsImJuIjoiQ2hyb21lIiwiYnYiOiIxMjUiLCJ3diI6ZmFsc2UsImUiOmZhbHNlLCJhYiI6ZmFsc2V9LCJjIjp7ImlkIjo2OCwiYyI6IkVTIiwibiI6IlNwYWluIn0sImEiOmZhbHNlLCJjciI6eyJuIjoiQ2FibGUgQWlyZXdvcmxkIFMuQS5VLiJ9LCJ4ZiI6IiIsIml4ZiI6ZmFsc2UsImlneGYiOmZhbHNlLCJ1cCI6dHJ1ZSwiciI6IiIsImFyIjpbXX19.DAQHHJEVxOkNf7WHa4Ho8jK-UXbpOM6CKOuPFxq3TV4
www.highcpmgate.com/	1970-01-20 21:03:50	Name: cjs Value: t
secureltrk.com/	1970-01-21 05:49:26	Name: uclick Value: mL/bnVxUP9w13+H0PWCYvgDYC6K6V9T8TWd3W2HkuGKx5HPeeJDpTJUH2i6Km66scARB/A==
secureltrk.com/	1970-01-21 05:49:26	Name: bcid Value: cpeufmla6vts73crl09g
secureltrk.com/	1970-01-21 05:49:26	Name: cid Value: cpeufmla6vts73crl09g
dfrchtrck.com/	1970-01-20 21:13:55	Name: clickID Value: WV26R3zaOy97DewLmdPqKNbvaoKxNkEb1Zv0lXoxgQMp5G4Ar
dfrchtrck.com/	1970-01-20 21:13:55	Name: leadID Value: WV26R3zaOy97DewLmdPqKNbvaoKxNkEb1Zv0lXoxgQMp5G4Ar

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header	Value
Strict-Transport-Security	max-age=0; includeSubdomains

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

1qgxtxd2n.online
dfrchtrck.com
fonts.googleapis.com
fonts.gstatic.com
proftrafficcounter.com
secureltrk.com
theluckyfortunateoffers.com
www.highcpmgate.com
proftrafficcounter.com
142.250.184.195
142.250.186.42
172.240.108.76
176.97.112.149
192.64.119.28
193.34.166.37
195.144.21.156
0d0a6262c545e8bbc895116e5afb22579c468d7abb77e378f377d6fed57c1dce
11e0dd0b1244f412de7027e164697e76b77f87c85bb6d5e74ef23237ded7699b
16a2a6e192074e4fd20f845b83d5ecb57af6bd237f706848d3a9d6ed514a6665
1a320a466c1d7d389cd5476d27a0d027a833a96e291ce5267d1506695af486eb
1fe73fb1bd17a8ed817c1f89abe78ded44d961c543e7f7d85702845a2cfd3877
217f29d23907d38132b1f9d587362f8d95a9b66e48373474edca106bcb44d47e
273c8613cdd2852dd5318f224d804ae6d2fc717c48d3f1dab587b6d396fb4fc8
46a80c3e8ce40e1e839981a7baaddf17b26c9dd01a07523f8c3073e5abcdbfd9
5046e83bf7d85571552dc71898e79b8f418de1f8179400b0ef07a4874d7e92e5
50ad448a8a5720bf8a5617db15af31ae60163de06331576f60c6244c012ffc72
54bf65b7f1e2aa35692c2b75c0031c8e48de07efd529d8171078e7c030952f76
56c12a125b021d21a69e61d7190cefa168d6c28ce715265cea1b3b0112d169c4
5b717b8cc77695398955e8fa1a2621985dd5931d0b24f89e7800a569199a1bf0
681c58beadf3030753d8d5bb7c85c5f631704a515a9da8fd7a3744be46e12419
6daf0c6ce9852704badeaa55b3b79c86af9487e1aaca08cd86ec24767a846760
7928b5ab63c6e89ee0ee26f5ef201a58c72baf91abb688580a1aa26eb57b3c11
7b348b30ea1fe43857e68fc462c29e5c6e63c97666af75135c4396a272e54762
7c68c0208cecad69fb80c0a9fee76b374dd777a869fcd0fbcf234e8af8a20640
823d1157dd47f546625eaae67213f0b0d2ed4aeca5d71b100a289ee3f8aba213
856a223e470a7640097f6a83588c41b7d831e364e9db24d1165e1811b026d9a9
8a65062a2b10e11f972315e1cf17ba5e2dc11b3929a7d9ea983012893b74575d
8c626f0f9b5c109539b256b73e72c02b300a184f46b4535c2eb86599215c78af
922ee0a54eb79fd950e185ccda4dd13ae0edabb33a44d072a9a62bd26c76770e
9505ce3a2d95aa956775178ce80f3e0e89cc58c85906cd04bd1f8a6d6a5768e3
a7b7807d93be3aeb6dd391229f287ef36a485d8c6c5aca1d72ddbc6dc274aa40
aba14bf4f70a87d173da2171049240f074959c2497caadb37fdba37fbdfabd1f
af9e52b1788e243b0a07ba97a3de75df5845d00b896f1b83f38c42702a7ba690
b5c3c626088edc6bd530c9da23892e3d641fd9fd94e03645164686f5baa1ee30
b785c6398215d82234d97f5039ed44ebc425b6538dfba459f519c066cbf73a8c
bb2f90081933c0f2475883ca2c5cfee94e96d7314a09433fffc42e37f4cffd3b
c038a8dd8fd27d633bc7733fdedd6730cad69333be98af8fad0890171f30a1ed
c1af3158b052d4a2841d6618e385457afb39c3ebde4e1c29b45a8889aee7ec3a
c4920b39f85de27baf31e69b334cdf828ec2875ac4ec3a4a2d7a2e52773f7e79
d0d9388b18d692e5b4cae89f224558a3ec8a98b80fc623dd7582ae43398ebed4
d8fe5effa3de4e73408fd03c8fd4bbdfa973798ee2a8d2f68159c90bcbdb8db1
db25b6f2a7ad27e88073f2b52fce73eaf69d29fa958019a3539200ab3c2486e3
e2b18b8741e720b340ac17870d202893319c07b2a9a241611276854fd143bfa8
e4aecdb9b577a378e725fa4e5b185218507bfdb1e63630c77653d62842c0ac79
e4bcf24ba1e17060a1c79f41f9844336594106cb49c26881a2f9b5eb47966dfe
e8b5c0f1aab454e3dd3d47bdb0d6be1a54c0c350dff5feaa3a595937e2006df1
ecb916133a9376911f10bc5c659952eb0031e457f5df367cde560edbfba38fb8
ed4c74715d5a46f0a1d842bcd72cbe43f01d4fa92bb45f0ca88a0ad895e20918
ef7ced6cae87fb134411706b50c565fc12e3adc2a28d2b80cd6039df72385359
f6351b5bfa259de13dae9c9f332855813b99bd8544c8cdad7cc1645c454fb4bd
fadc41507d1a769419b51e650bbe3c459ab5cc9661d02406fc91fdc01c580547
fda3035030d3843c2751dc0da65fb802230ec00a4008aeed83ddddc7b97cbc93
ff1da91579aa8ba488835295380eed8f794648676ddf4f71c3343f4088a2bed8

theluckyfortunateoffers.com Open in urlscan Pro 193.34.166.37 Malicious Activity! Public Scan

Summary

urlscan.io Verdict: Potentially Malicious

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Page URL History Show full URLs

Detected technologies

Page Statistics

49 Requests

98 %HTTPS

0 %IPv6

8 Domains

8 Subdomains

5 IPs

4 Countries

669 kBTransfer

2187 kBSize

17 Cookies

0 Outgoing links

Page URL History

Redirected requests

49 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 0 data transactions

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

theluckyfortunateoffers.com Open in urlscan Pro
193.34.166.37 Malicious Activity! Public Scan

Screenshot
Live screenshot

Full Image

49
Requests

98 %
HTTPS

0 %
IPv6

8
Domains

8
Subdomains

5
IPs

4
Countries

669 kB
Transfer

2187 kB
Size

17
Cookies

49 HTTP transactions
0 data transactions

Potentially malicious activity detected
Disclaimer: These verdicts should be used to detect potentially malicious websites, not as a final verdict!