Report - go.goodlifestylenews.com/dummyarticleclickers_43846/ec55f96bdbee115719939c545d55f6bb/55/leadsource/2581/1610/dc9afb4385bc0d52e165cd409144dae8/mpmta/news/43846/17

Report Overview

Submitted URL
go.goodlifestylenews.com/dummyarticleclickers_43846/ec55f96bdbee115719939c545d55f6bb/55/leadsource/2581/1610/dc9afb4385bc0d52e165cd409144dae8/mpmta/news/43846/17
IP
104.21.30.61
ASN
#13335 CLOUDFLARENET
Submitted
2024-04-26 02:25:32
Access
public
Website Title
Good Lifestyle News (MP) Flow
Final URL
subscribe.goodlifestylenews.com/?email=tammy.j.lanctot@abc12.com&redirect_id=43846&bid=17&ses_id=01b2cd02e548b6f47f7751c76688ff1f
Tags
urlquery detections
No alerts detected

Detections

urlquery
0
Network Intrusion Detection
0
Threat Detection Systems
16

Domain Summary

Domain / FQDN	Rank	Registered	First Seen	Last Seen	Sent	Received	IP
verifiedwebpage.com	unknown	2022-03-23	2022-03-23	2024-04-18	620 B	1.0 kB	104.18.20.187
go.goodlifestylenews.com	unknown	2020-07-10	2022-06-02	2024-04-18	892 B	1.7 kB	172.67.172.49
ajax.googleapis.com	12905	2005-01-25	2013-08-16	2024-04-25	446 B	34 kB	142.250.74.42
subscriberwelcome.com	unknown	2022-11-16	2022-11-16	2024-04-18	2.0 kB	2.9 MB	104.21.66.20
s3.us-east-1.amazonaws.com	4041	2005-08-18	2017-11-22	2024-04-25	5.6 kB	2.8 MB	52.217.139.168
verifiedsecure.org	unknown	2015-12-08	2016-04-06	2024-04-18	858 B	38 kB	172.67.74.20
subscribe.goodlifestylenews.com	unknown	2020-07-10	2023-01-18	2024-04-18	3.4 kB	79 kB	172.67.172.49
cdn.jsdelivr.net	439	2012-05-16	2012-09-30	2024-04-25	1.0 kB	49 kB	151.101.1.229
www.googletagmanager.com	75	2011-11-11	2013-05-22	2024-04-25	437 B	101 kB	142.250.74.72
fonts.gstatic.com	unknown	2008-02-11	2014-09-09	2024-04-25	533 B	17 kB	216.58.207.227
fonts.googleapis.com	8877	2005-01-25	2013-06-10	2024-04-25	443 B	2.8 kB	142.250.74.106

Related reports

Network Intrusion Detection Systems

Suricata /w Emerging Threats Pro

No alerts detected

Threat Detection Systems

Public InfoSec YARA rules

No alerts detected

OpenPhish

No alerts detected

PhishTank

No alerts detected

mnemonic secure dns

No alerts detected

Quad9 DNS

Scan Date	Severity	Indicator	Alert
2024-04-25	medium	goodlifestylenews.com	Sinkholed
2024-04-25	medium	goodlifestylenews.com	Sinkholed
2024-04-25	medium	goodlifestylenews.com	Sinkholed
2024-04-25	medium	goodlifestylenews.com	Sinkholed
2024-04-25	medium	goodlifestylenews.com	Sinkholed
2024-04-25	medium	goodlifestylenews.com	Sinkholed
2024-04-25	medium	goodlifestylenews.com	Sinkholed
2024-04-25	medium	goodlifestylenews.com	Sinkholed

ThreatFox

No alerts detected

JavaScript (9)

	URL	Size	First Seen	Last Seen
	cdn.jsdelivr.net/npm/bootstrap@5.2.2/dist/js/bootstrap.min.js	60 kB	2023-03-08	2024-05-05
Pretty URL cdn.jsdelivr.net/npm/bootstrap@5.2.2/dist/js/bootstrap.min.js IP 151.101.1.229 ASN #54113 FASTLY Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-08 20:35:41 Last Seen2024-05-05 02:36:11 Times Seen1320 Hash c5236e5d6a5d0ff97ff8c8e5102c6c03 6fbfdbddbe85c578de559adcc8d07cccbc16d514 87538c4b7e488f5a49d12f98d6a04afc61d00f26a790f319569799acd434eb65 Loading...

	subscribe.goodlifestylenews.com/jquery.caret.js	2.4 kB	2023-05-08	2024-05-05
Pretty URL subscribe.goodlifestylenews.com/jquery.caret.js IP 172.67.172.49 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML false Observations First Seen2023-05-08 14:36:52 Last Seen2024-05-05 02:36:11 Times Seen559 Hash 35c3ec8db4ff6e862db42516436216a1 7d9d7731403868cc34edaad1d9e17311541a6f77 adef482d97f599ba0e720ecf2aba0581ea1591ba1bb1eb271f1d98b279ff81ba Loading...

	subscribe.goodlifestylenews.com/?email=tammy.j.lanctot@abc12.com&redirect_id=43846&bid=17&ses_id=01b2cd02e548b6f47f7751c76688ff1f	152 B	2023-06-01	2024-05-05
Pretty URL subscribe.goodlifestylenews.com/?email=tammy.j.lanctot@abc12.com&redirect_id=43846&bid=17&ses_id=01b2cd02e548b6f47f7751c76688ff1f IP 0.0.0.0 ASN #0 Introduced by scriptElement Embedded in HTML true Observations First Seen2023-06-01 19:31:02 Last Seen2024-05-05 02:36:11 Times Seen296 Hash f428121d5a5fef65b4475cd12946bc04 ee95d8f82bdc0b8001fd8ffa74edd84d5640aa87 a27ebc0bf8c54f5e2c909f78d326d964e1555bae0254d575f6511b0dcc92ae12 Loading...

	ajax.googleapis.com/ajax/libs/jquery/1.11.1/jquery.min.js	96 kB	2023-03-07	2024-05-05
Pretty URL ajax.googleapis.com/ajax/libs/jquery/1.11.1/jquery.min.js IP 142.250.74.42 ASN #15169 GOOGLE Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:02:02 Last Seen2024-05-05 10:42:32 Times Seen47022 Hash 8101d596b2b8fa35fe3a634ea342d7c3 d6c1f41972de07b09bfa63d2e50f9ab41ec372bd 540bc6dec1dd4b92ea4d3fb903f69eabf6d919afd48f4e312b163c28cff0f441 Loading...

	subscribe.goodlifestylenews.com/jquery.mobilePhoneNumber.js	26 kB	2023-05-08	2024-05-05
Pretty URL subscribe.goodlifestylenews.com/jquery.mobilePhoneNumber.js IP 104.21.30.61 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML false Observations First Seen2023-05-08 14:36:52 Last Seen2024-05-05 02:36:11 Times Seen687 Hash 0dbbb5873b895ea3be425af219cf85de 7b9dba563376d7dbd1c5b9b7064ab87eadad5591 02cbbdeb2244fd2855c49ab964c15001bde126c21cc5890d176c537878d6152b Loading...

	subscribe.goodlifestylenews.com/?email=tammy.j.lanctot@abc12.com&redirect_id=43846&bid=17&ses_id=01b2cd02e548b6f47f7751c76688ff1f	194 B	2023-05-08	2024-05-05
Pretty URL subscribe.goodlifestylenews.com/?email=tammy.j.lanctot@abc12.com&redirect_id=43846&bid=17&ses_id=01b2cd02e548b6f47f7751c76688ff1f IP 0.0.0.0 ASN #0 Introduced by scriptElement Embedded in HTML true Observations First Seen2023-05-08 14:36:52 Last Seen2024-05-05 02:36:11 Times Seen342 Hash d7ae17d684ddcfa308369e402855826d d6da811e60cab233619e114e823ab9db7242bd5d e42a64d5a754498cd56f9079fd8e341c480ea2a15a6060e00924814586f8c44f Loading...

	subscribe.goodlifestylenews.com/?email=tammy.j.lanctot@abc12.com&redirect_id=43846&bid=17&ses_id=01b2cd02e548b6f47f7751c76688ff1f	641 B	2023-05-08	2024-05-05
Pretty URL subscribe.goodlifestylenews.com/?email=tammy.j.lanctot@abc12.com&redirect_id=43846&bid=17&ses_id=01b2cd02e548b6f47f7751c76688ff1f IP 0.0.0.0 ASN #0 Introduced by scriptElement Embedded in HTML true Observations First Seen2023-05-08 14:36:52 Last Seen2024-05-05 02:36:11 Times Seen342 Hash c2855664f7a14ee99090a0366d9d1e03 35ba8e0f5b5181a8df832c0e12774a761d465dda bf66df111d26d4ef5b3e5df0f4df141fe5d7632260cb83308bfed72caf323af0 Loading...

	subscribe.goodlifestylenews.com/?email=tammy.j.lanctot@abc12.com&redirect_id=43846&bid=17&ses_id=01b2cd02e548b6f47f7751c76688ff1f	1.3 kB	2024-04-26	2024-04-26
Pretty URL subscribe.goodlifestylenews.com/?email=tammy.j.lanctot@abc12.com&redirect_id=43846&bid=17&ses_id=01b2cd02e548b6f47f7751c76688ff1f IP 0.0.0.0 ASN #0 Introduced by scriptElement Embedded in HTML true Observations First Seen2024-04-26 04:25:33 Last Seen2024-04-26 04:25:33 Times Seen2 Hash cfeae827d7216e71de2558bf460e711d 163a884ac7d50d881753a357cd2f9b96dc1eb5e5 32a7bc0b4bca4bcb43ca0e48a6ccd29126dd1e97ef23ea77e1db9ab42a67e095 Loading...

	www.googletagmanager.com/gtag/js?id=G-WJJ5P9F2X8	301 kB	2024-04-26	2024-04-26
Pretty URL www.googletagmanager.com/gtag/js?id=G-WJJ5P9F2X8 IP 142.250.74.72 ASN #15169 GOOGLE Introduced by scriptElement Embedded in HTML false Observations First Seen2024-04-26 04:25:33 Last Seen2024-04-26 04:25:40 Times Seen4 Hash 429bd6a15bfac408f893d644fe2cad43 4ecf4b2c877875fee5db5bb275826a78bcb5cab3 7795f34be842a2618c87a54b0cf6cf6a08a000e10a735d49d6d08f2dcc4c4ab4 Loading...

HTTP Transactions (31)

URL IP Response Size

go.goodlifestylenews.com/

172.67.172.49

143 B

URL
go.goodlifestylenews.com/
IP
172.67.172.49:0
ASN
#13335 CLOUDFLARENET

File type
HTML document, ASCII text
Size
143 B (143 bytes)
Hash
f1fb042c62910c34be16ad91cbbd71fa
5bc7aceba9a8704ef4b1d427d7d08b140afcd866
9278d16ed2fdcd5dc651615b0b8adc6b55fb667a9d106a9891b861d4561d9a24

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET / HTTP/1.1
Host: go.goodlifestylenews.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Date: Fri, 26 Apr 2024 02:25:07 GMT
Content-Type: text/html
Transfer-Encoding: chunked
Connection: keep-alive
Last-Modified: Tue, 14 Nov 2023 15:41:05 GMT
Cache-Control: no-cache, no-store, must-revalidate
Expires: 0
Vary: Accept-Encoding,User-Agent
Pragma: no-cache
CF-Cache-Status: DYNAMIC
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=5HmW%2BgBUTYAQHOLUTUWAURv%2BIY3Rk2ccFcvMpf6T3nt7lztb56%2FJajvOV5X0BCO72c%2FXK4AvkccZNt6tk7jF3G1hJbM3O4EF8jwFWyqWoGSrURQzXikUf5ykPXcTj%2FJVUHpBcAiy%2FWYclGw%3D"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Server: cloudflare
CF-RAY: 87a31ed6efec56cc-OSL
Content-Encoding: gzip
alt-svc: h2=":443"; ma=60

subscribe.goodlifestylenews.com/?email=tammy.j.lanctot@abc12.com&redirect_id=43846&bid=17

172.67.172.49

302 Found

39 kB

URL User Request GET HTTP/3
subscribe.goodlifestylenews.com/?email=tammy.j.lanctot@abc12.com&redirect_id=43846&bid=17
IP
172.67.172.49:443
ASN
#13335 CLOUDFLARENET

Certificate
IssuerGoogle Trust Services LLC
Subjectgoodlifestylenews.com
FingerprintCF:D4:62:67:0B:FC:CB:36:EF:53:02:EB:06:FE:15:35:2F:53:53:40
ValidityThu, 21 Mar 2024 14:09:53 GMT - Wed, 19 Jun 2024 14:09:52 GMT

File type
data
Size
39 kB (38640 bytes)
Hash
296b732511c7cac8013517f09f51bd94
c6c8de458aac6ad1ea4581c793149d28109a9f68
773728cb617e34d90a89e8d69e8584ea111b08045cffc273d7e731f9f1e8d5e0

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /?email=tammy.j.lanctot@abc12.com&redirect_id=43846&bid=17 HTTP/1.1
Host: subscribe.goodlifestylenews.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/3 302 Found
date: Fri, 26 Apr 2024 02:25:07 GMT
content-type: text/html; charset=UTF-8
location: https://subscribe.goodlifestylenews.com/?email=tammy.j.lanctot@abc12.com&redirect_id=43846&bid=17&ses_id=01b2cd02e548b6f47f7751c76688ff1f
access-control-allow-origin: *
access-control-allow-methods: GET, POST
access-control-allow-headers: X-Requested-With
expires: Thu, 19 Nov 1981 08:52:00 GMT
cache-control: no-store, no-cache, must-revalidate
pragma: no-cache
set-cookie: PHPSESSID=64e0c7e901969d3cc9511e62882f7cc6; path=/
vary: Accept-Encoding,User-Agent
cf-cache-status: DYNAMIC
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=FX%2B2i8ckJzzHnl2dRgmoKpmj4C3oop2bWuYQVN%2F6jt5hjLpASf21qjCfBoid9DCMkMizsGtDxtCWycVp1Lu8XxtH1YHEYHiMgsHlYLMqe08ZES%2FmSM3UoOJnRer3hlw%2BGicM1Wxtem3kLD5ZieA%2FM5Jj"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 87a31ecedd4556bd-OSL
alt-svc: h3=":443"; ma=86400

subscribe.goodlifestylenews.com/jquery.caret.js

172.67.172.49

200 OK

716 B

URL GET HTTP/1.1
subscribe.goodlifestylenews.com/jquery.caret.js
IP
172.67.172.49:80
ASN
#13335 CLOUDFLARENET

Requested by
http://subscribe.goodlifestylenews.com/?email=tammy.j.lanctot@abc12.com&redirect_id=43846&bid=17&ses_id=01b2cd02e548b6f47f7751c76688ff1f

File type
JavaScript source, ASCII text, with CRLF line terminators
Size
716 B (716 bytes)
Hash
35c3ec8db4ff6e862db42516436216a1
7d9d7731403868cc34edaad1d9e17311541a6f77
adef482d97f599ba0e720ecf2aba0581ea1591ba1bb1eb271f1d98b279ff81ba

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /jquery.caret.js HTTP/1.1
Host: subscribe.goodlifestylenews.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
DNT: 1
Connection: keep-alive
Referer: http://subscribe.goodlifestylenews.com/?email=tammy.j.lanctot@abc12.com&redirect_id=43846&bid=17&ses_id=01b2cd02e548b6f47f7751c76688ff1f
Cookie: PHPSESSID=64e0c7e901969d3cc9511e62882f7cc6
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Date: Fri, 26 Apr 2024 02:25:09 GMT
Content-Type: application/javascript
Content-Length: 716
Connection: keep-alive
Last-Modified: Tue, 21 Feb 2023 09:39:45 GMT
Cache-Control: max-age=2592000
Expires: Wed, 22 May 2024 10:49:42 GMT
Vary: Accept-Encoding,User-Agent
Content-Encoding: gzip
CF-Cache-Status: HIT
Age: 315326
Accept-Ranges: bytes
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=FGIQyMQUtAzyWdyKJOcG34a6dP%2BLUwDazZymwha8hJCXIR5RoXxzAVk%2FS%2FFmPgWe2CMZCiuRSvEzd2L1vR9KNHyftXuF72Ub%2BS7aS9PwWWufzwjnoZtmu0O5xnUViCY6e7qhWY%2B3jyAxDE3vIh8EZ8eC"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Server: cloudflare
CF-RAY: 87a31ee3082856a4-OSL
alt-svc: h2=":443"; ma=60

subscribe.goodlifestylenews.com/jquery.mobilePhoneNumber.js

104.21.30.61

200 OK

4.4 kB

URL GET HTTP/1.1
subscribe.goodlifestylenews.com/jquery.mobilePhoneNumber.js
IP
104.21.30.61:80
ASN
#13335 CLOUDFLARENET

Requested by
http://subscribe.goodlifestylenews.com/?email=tammy.j.lanctot@abc12.com&redirect_id=43846&bid=17&ses_id=01b2cd02e548b6f47f7751c76688ff1f

File type
JavaScript source, ASCII text
Size
4.4 kB (4430 bytes)
Hash
0dbbb5873b895ea3be425af219cf85de
7b9dba563376d7dbd1c5b9b7064ab87eadad5591
02cbbdeb2244fd2855c49ab964c15001bde126c21cc5890d176c537878d6152b

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /jquery.mobilePhoneNumber.js HTTP/1.1
Host: subscribe.goodlifestylenews.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
DNT: 1
Connection: keep-alive
Referer: http://subscribe.goodlifestylenews.com/?email=tammy.j.lanctot@abc12.com&redirect_id=43846&bid=17&ses_id=01b2cd02e548b6f47f7751c76688ff1f
Cookie: PHPSESSID=64e0c7e901969d3cc9511e62882f7cc6
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Date: Fri, 26 Apr 2024 02:25:09 GMT
Content-Type: application/javascript
Content-Length: 4430
Connection: keep-alive
Last-Modified: Tue, 21 Feb 2023 09:39:45 GMT
Cache-Control: max-age=2592000
Expires: Wed, 22 May 2024 10:49:42 GMT
Vary: Accept-Encoding,User-Agent
Content-Encoding: gzip
CF-Cache-Status: HIT
Age: 315326
Accept-Ranges: bytes
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=fqznQAaCYGoHjpPof5%2Bg766QGyH%2B%2FijmxbhDnNU7sm4iQxq07SbpKv7hw7UY0GC17RUn1LdhpX6WONC%2BzNFSGyCBv4zmIlHryHxSXSyVZsa2ydeie9cJVMBZZU06iCgismAA2q16gXIrjo4RMCQg4tnT"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Server: cloudflare
CF-RAY: 87a31ee31ceb0afa-OSL
alt-svc: h2=":443"; ma=60

ajax.googleapis.com/ajax/libs/jquery/1.11.1/jquery.min.js

142.250.74.42

200 OK

33 kB

URL GET HTTP/2
ajax.googleapis.com/ajax/libs/jquery/1.11.1/jquery.min.js
IP
142.250.74.42:443
ASN
#15169 GOOGLE

Requested by
http://subscribe.goodlifestylenews.com/?email=tammy.j.lanctot@abc12.com&redirect_id=43846&bid=17&ses_id=01b2cd02e548b6f47f7751c76688ff1f
Certificate
IssuerGoogle Trust Services LLC
Subjectupload.video.google.com
Fingerprint15:CB:F7:AC:18:3F:DC:1E:F9:4E:94:D1:98:40:40:61:53:17:28:F2
ValidityMon, 18 Mar 2024 20:35:28 GMT - Mon, 10 Jun 2024 20:35:27 GMT

File type
JavaScript source, ASCII text, with very long lines (32086)
Size
33 kB (33434 bytes)
Hash
8101d596b2b8fa35fe3a634ea342d7c3
d6c1f41972de07b09bfa63d2e50f9ab41ec372bd
540bc6dec1dd4b92ea4d3fb903f69eabf6d919afd48f4e312b163c28cff0f441

HTTP Headers

GET /ajax/libs/jquery/1.11.1/jquery.min.js HTTP/1.1
Host: ajax.googleapis.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: http://subscribe.goodlifestylenews.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
accept-ranges: bytes
content-encoding: gzip
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/hosted-libraries-pushers
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="hosted-libraries-pushers"
report-to: {"group":"hosted-libraries-pushers","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/hosted-libraries-pushers"}]}
timing-allow-origin: *
content-length: 33434
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Sat, 20 Apr 2024 12:01:54 GMT
expires: Sun, 20 Apr 2025 12:01:54 GMT
cache-control: public, max-age=31536000, stale-while-revalidate=2592000
last-modified: Tue, 03 Mar 2020 19:15:00 GMT
content-type: text/javascript; charset=UTF-8
vary: Accept-Encoding
age: 483795
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2

cdn.jsdelivr.net/npm/bootstrap@5.2.2/dist/css/bootstrap.min.css

151.101.1.229

200 OK

30 kB

URL GET HTTP/2
cdn.jsdelivr.net/npm/bootstrap@5.2.2/dist/css/bootstrap.min.css
IP
151.101.1.229:443
ASN
#54113 FASTLY

Requested by
http://subscribe.goodlifestylenews.com/?email=tammy.j.lanctot@abc12.com&redirect_id=43846&bid=17&ses_id=01b2cd02e548b6f47f7751c76688ff1f
Certificate
IssuerGlobalSign nv-sa
Subjectjsdelivr.net
Fingerprint05:87:2C:BA:73:14:21:54:82:00:8B:AD:85:8F:E9:C6:4D:C7:66:09
ValidityWed, 27 Sep 2023 18:13:13 GMT - Mon, 28 Oct 2024 18:13:12 GMT

File type
Unicode text, UTF-8 text, with very long lines (65305)
Size
30 kB (30336 bytes)
Hash
025df1ec88740cad5ff14bb3380da6dd
7abed070e37ce060c0a561575f1d41a7f248fc74
2143941c03dacda8b4f1016ced6e0c6f34e5c04585a3bcffe33c3c626c448a4a

HTTP Headers

GET /npm/bootstrap@5.2.2/dist/css/bootstrap.min.css HTTP/1.1
Host: cdn.jsdelivr.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: http://subscribe.goodlifestylenews.com
DNT: 1
Connection: keep-alive
Referer: http://subscribe.goodlifestylenews.com/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
access-control-allow-origin: *
access-control-expose-headers: *
timing-allow-origin: *
cache-control: public, max-age=31536000, s-maxage=31536000, immutable
cross-origin-resource-policy: cross-origin
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-type: text/css; charset=utf-8
x-jsd-version: 5.2.2
x-jsd-version-type: version
etag: W/"2f955-er7QcON84GDApWFXXx1Bp/JI/HQ"
content-encoding: br
accept-ranges: bytes
date: Fri, 26 Apr 2024 02:25:09 GMT
age: 20743882
x-served-by: cache-fra-eddf8230072-FRA, cache-hel1410029-HEL
x-cache: HIT, HIT
vary: Accept-Encoding
alt-svc: h3=":443";ma=86400,h3-29=":443";ma=86400,h3-27=":443";ma=86400
content-length: 30336
X-Firefox-Spdy: h2

cdn.jsdelivr.net/npm/bootstrap@5.2.2/dist/js/bootstrap.min.js

151.101.1.229

200 OK

17 kB

URL GET HTTP/2
cdn.jsdelivr.net/npm/bootstrap@5.2.2/dist/js/bootstrap.min.js
IP
151.101.1.229:443
ASN
#54113 FASTLY

Requested by
http://subscribe.goodlifestylenews.com/?email=tammy.j.lanctot@abc12.com&redirect_id=43846&bid=17&ses_id=01b2cd02e548b6f47f7751c76688ff1f
Certificate
IssuerGlobalSign nv-sa
Subjectjsdelivr.net
Fingerprint05:87:2C:BA:73:14:21:54:82:00:8B:AD:85:8F:E9:C6:4D:C7:66:09
ValidityWed, 27 Sep 2023 18:13:13 GMT - Mon, 28 Oct 2024 18:13:12 GMT

File type
JavaScript source, ASCII text, with very long lines (60201)
Size
17 kB (17366 bytes)
Hash
c5236e5d6a5d0ff97ff8c8e5102c6c03
6fbfdbddbe85c578de559adcc8d07cccbc16d514
87538c4b7e488f5a49d12f98d6a04afc61d00f26a790f319569799acd434eb65

HTTP Headers

GET /npm/bootstrap@5.2.2/dist/js/bootstrap.min.js HTTP/1.1
Host: cdn.jsdelivr.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: http://subscribe.goodlifestylenews.com
DNT: 1
Connection: keep-alive
Referer: http://subscribe.goodlifestylenews.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
access-control-allow-origin: *
access-control-expose-headers: *
timing-allow-origin: *
cache-control: public, max-age=31536000, s-maxage=31536000, immutable
cross-origin-resource-policy: cross-origin
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-type: application/javascript; charset=utf-8
x-jsd-version: 5.2.2
x-jsd-version-type: version
etag: W/"ec40-b7/b3b6FxXjeVZrcyNB8zLwW1RQ"
content-encoding: br
accept-ranges: bytes
date: Fri, 26 Apr 2024 02:25:09 GMT
age: 1731272
x-served-by: cache-fra-etou8220032-FRA, cache-hel1410029-HEL
x-cache: HIT, HIT
vary: Accept-Encoding
alt-svc: h3=":443";ma=86400,h3-29=":443";ma=86400,h3-27=":443";ma=86400
content-length: 17366
X-Firefox-Spdy: h2

www.googletagmanager.com/gtag/js?id=G-WJJ5P9F2X8

142.250.74.72

200 OK

100 kB

URL GET HTTP/2
www.googletagmanager.com/gtag/js?id=G-WJJ5P9F2X8
IP
142.250.74.72:443
ASN
#15169 GOOGLE

Requested by
http://subscribe.goodlifestylenews.com/?email=tammy.j.lanctot@abc12.com&redirect_id=43846&bid=17&ses_id=01b2cd02e548b6f47f7751c76688ff1f
Certificate
IssuerGoogle Trust Services LLC
Subject*.google-analytics.com
Fingerprint1E:33:2E:4B:C3:51:05:B7:73:DC:21:BF:3E:02:B3:16:D8:0B:AB:BB
ValidityMon, 18 Mar 2024 19:37:14 GMT - Mon, 10 Jun 2024 19:37:13 GMT

File type
JavaScript source, ASCII text, with very long lines (5945)
Size
100 kB (100534 bytes)
Hash
429bd6a15bfac408f893d644fe2cad43
4ecf4b2c877875fee5db5bb275826a78bcb5cab3
7795f34be842a2618c87a54b0cf6cf6a08a000e10a735d49d6d08f2dcc4c4ab4

HTTP Headers

GET /gtag/js?id=G-WJJ5P9F2X8 HTTP/1.1
Host: www.googletagmanager.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: http://subscribe.goodlifestylenews.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
content-encoding: br
vary: Accept-Encoding
date: Fri, 26 Apr 2024 02:25:09 GMT
expires: Fri, 26 Apr 2024 02:25:09 GMT
cache-control: private, max-age=900
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
server: Google Tag Manager
content-length: 100534
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2

subscriberwelcome.com/uploads/0.204734001673521892LifeAfterUkraine.jpeg

104.21.66.20

200 OK

400 kB

URL GET HTTP/2
subscriberwelcome.com/uploads/0.204734001673521892LifeAfterUkraine.jpeg
IP
104.21.66.20:443
ASN
#13335 CLOUDFLARENET

Requested by
http://subscribe.goodlifestylenews.com/?email=tammy.j.lanctot@abc12.com&redirect_id=43846&bid=17&ses_id=01b2cd02e548b6f47f7751c76688ff1f
Certificate
IssuerGoogle Trust Services LLC
Subjectsubscriberwelcome.com
FingerprintDA:EE:DE:64:E3:D6:C6:7B:68:0D:DF:8D:B3:56:E9:59:2C:55:00:E1
ValidityFri, 08 Mar 2024 02:01:15 GMT - Thu, 06 Jun 2024 02:01:14 GMT

File type
JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, baseline, precision 8, 2550x3300, components 3
Size
400 kB (400505 bytes)
Hash
b9a9621a927a5b9a9c71fdbb53bf8991
9c4cc398edb33da6a79e62701867cbf7fed4056d
d0342e1b39e1c9b80bfb574b18e0a5d9f9cf00e00ca7cf3b2ce1ded70f3bb9ab

HTTP Headers

GET /uploads/0.204734001673521892LifeAfterUkraine.jpeg HTTP/1.1
Host: subscriberwelcome.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: http://subscribe.goodlifestylenews.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
date: Fri, 26 Apr 2024 02:25:09 GMT
content-type: image/jpeg
content-length: 400505
last-modified: Thu, 12 Jan 2023 11:11:32 GMT
cache-control: max-age=14400
cf-cache-status: REVALIDATED
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=hS4FZGimwKOtLSpLQtBPbCMFUVcV3ScVnXIELP%2FzRSXdrNIANHdl4mWYC80FHSW4K5N7jQ7F4kdX3yUxin0l0uGwIA%2F1RL4tE3D199NIwX8%2B5fnRniyA%2FBMdcPkQ%2Fvb91Dw1xXsWLLw%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 87a31ee36ad05694-OSL
alt-svc: h3=":443"; ma=86400
X-Firefox-Spdy: h2

subscriberwelcome.com/uploads/0.4350600016769076711fa4a4d9-a4f8-451c-8bdc-8c541c15cb77.jpg

104.21.66.20

200 OK

144 kB

URL GET HTTP/2
subscriberwelcome.com/uploads/0.4350600016769076711fa4a4d9-a4f8-451c-8bdc-8c541c15cb77.jpg
IP
104.21.66.20:443
ASN
#13335 CLOUDFLARENET

Requested by
http://subscribe.goodlifestylenews.com/?email=tammy.j.lanctot@abc12.com&redirect_id=43846&bid=17&ses_id=01b2cd02e548b6f47f7751c76688ff1f
Certificate
IssuerGoogle Trust Services LLC
Subjectsubscriberwelcome.com
FingerprintDA:EE:DE:64:E3:D6:C6:7B:68:0D:DF:8D:B3:56:E9:59:2C:55:00:E1
ValidityFri, 08 Mar 2024 02:01:15 GMT - Thu, 06 Jun 2024 02:01:14 GMT

File type
JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 966x1449, components 3
Size
144 kB (144253 bytes)
Hash
e7eb0da863b2d3ead5846cdc3263a233
138225ea3d8ff08f07b046b858bf46bf2bba2e96
ff19a64983ac2748d6b8361212f1fc41814e1acd0d157ee9c736bbd2a4a03180

HTTP Headers

GET /uploads/0.4350600016769076711fa4a4d9-a4f8-451c-8bdc-8c541c15cb77.jpg HTTP/1.1
Host: subscriberwelcome.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: http://subscribe.goodlifestylenews.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
date: Fri, 26 Apr 2024 02:25:09 GMT
content-type: image/jpeg
content-length: 144253
last-modified: Mon, 20 Feb 2023 15:41:11 GMT
cache-control: max-age=14400
cf-cache-status: REVALIDATED
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=3r3N%2BmKR6pC4uvQXusdHoY6fRxNZP4EJeCdUipZB2fGnniyx6UDCEefzoLjiMfXyrNjNcCixo1ITnDPPujJtAaLDiloJ3rU9ggaUJSptdqy9tJRhnAtZeg9bSxY9lviaqnAio8fChgA%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 87a31ee36acd5694-OSL
alt-svc: h3=":443"; ma=86400
X-Firefox-Spdy: h2

s3.us-east-1.amazonaws.com/autonewsuploads/download%20(1).jpg298e50f742517900623f639efea37fd51708949598e017e1948fb38e4f29a8061aaba1ccec

52.217.139.168

200 OK

6.6 kB

URL GET HTTP/1.1
s3.us-east-1.amazonaws.com/autonewsuploads/download%20(1).jpg298e50f742517900623f639efea37fd51708949598e017e1948fb38e4f29a8061aaba1ccec
IP
52.217.139.168:443
ASN
#16509 AMAZON-02

Requested by
http://subscribe.goodlifestylenews.com/?email=tammy.j.lanctot@abc12.com&redirect_id=43846&bid=17&ses_id=01b2cd02e548b6f47f7751c76688ff1f
Certificate
IssuerAmazon
Subjects3.amazonaws.com
Fingerprint82:A2:80:27:89:C3:32:0E:1E:77:2D:6F:F3:3D:19:D3:97:36:BC:7C
ValidityThu, 08 Feb 2024 00:00:00 GMT - Sat, 11 Jan 2025 23:59:59 GMT

File type
JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, baseline, precision 8, 295x171, components 3
Size
6.6 kB (6633 bytes)
Hash
18e107165669fa8cf612fefdf7621525
21380c0498c431005f59782afe92bc50aa68ef63
d20ed4fb179f7131ba314b7710e99334af069f3e45765152c24045aa68e09771

HTTP Headers

GET /autonewsuploads/download%20(1).jpg298e50f742517900623f639efea37fd51708949598e017e1948fb38e4f29a8061aaba1ccec HTTP/1.1
Host: s3.us-east-1.amazonaws.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: http://subscribe.goodlifestylenews.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
x-amz-id-2: oq4yshZg0eSqXk94DgKf0GK2KFj3ndFWh5xxlX2tdWMD2r/o4dciGcEvo5pDYstE3aknemAOCeo=
x-amz-request-id: V18GMWA7HN2WDM3E
Date: Fri, 26 Apr 2024 02:25:10 GMT
Last-Modified: Mon, 26 Feb 2024 12:13:20 GMT
ETag: "18e107165669fa8cf612fefdf7621525"
x-amz-storage-class: REDUCED_REDUNDANCY
x-amz-server-side-encryption: AES256
Accept-Ranges: bytes
Content-Type: application/octet-stream
Server: AmazonS3
Content-Length: 6633

subscriberwelcome.com/uploads/0.1663680016738854302D2(1).jpg

104.21.66.20

200 OK

1.1 MB

URL GET HTTP/2
subscriberwelcome.com/uploads/0.1663680016738854302D2(1).jpg
IP
104.21.66.20:443
ASN
#13335 CLOUDFLARENET

Requested by
http://subscribe.goodlifestylenews.com/?email=tammy.j.lanctot@abc12.com&redirect_id=43846&bid=17&ses_id=01b2cd02e548b6f47f7751c76688ff1f
Certificate
IssuerGoogle Trust Services LLC
Subjectsubscriberwelcome.com
FingerprintDA:EE:DE:64:E3:D6:C6:7B:68:0D:DF:8D:B3:56:E9:59:2C:55:00:E1
ValidityFri, 08 Mar 2024 02:01:15 GMT - Thu, 06 Jun 2024 02:01:14 GMT

File type
JPEG image data, Exif standard: [TIFF image data, big-endian, direntries=7, orientation=upper-left, xresolution=98, yresolution=106, resolutionunit=2, software=Adobe Photoshop 24.0 (Windows), datetime=2023:01:10 16:36:41], baseline, precision 8, 1800x2700, components 3
Size
1.1 MB (1114284 bytes)
Hash
b02e84cdcd5a3e55ded5e64dfd307124
bfaad4b8b4b1b1fafffeda314b8868c94e7280c8
d67985993c18e2a7b22a4193c0613a65096b3376d64539feb646739798d2cf5c

HTTP Headers

GET /uploads/0.1663680016738854302D2(1).jpg HTTP/1.1
Host: subscriberwelcome.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: http://subscribe.goodlifestylenews.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
date: Fri, 26 Apr 2024 02:25:09 GMT
content-type: image/jpeg
content-length: 1114284
last-modified: Mon, 16 Jan 2023 16:10:30 GMT
cache-control: max-age=14400
cf-cache-status: REVALIDATED
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=5%2FmMA97uBzoFHqdYSyeR1FgIalaEpyBa5IKbj1NhaIkjqenS3cR21T%2BMTeBJ4HoSlyzP1cm3hLgK4bc%2BnuT1%2FHOuATU0QwQAPTTJQXQWV5uyRXHvo2moi5r3j%2BelFfndmd0C%2BD0%2Fo4Q%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 87a31ee36acf5694-OSL
alt-svc: h3=":443"; ma=86400
X-Firefox-Spdy: h2

s3.us-east-1.amazonaws.com/autonewsuploads/silicon-valley-bank-svb-696x391.jpg40d86096b513af5fb6b62d4adc15f8551701260093ffc78a6207d8aade4d748dae6478fb31

52.217.139.168

200 OK

69 kB

URL GET HTTP/1.1
s3.us-east-1.amazonaws.com/autonewsuploads/silicon-valley-bank-svb-696x391.jpg40d86096b513af5fb6b62d4adc15f8551701260093ffc78a6207d8aade4d748dae6478fb31
IP
52.217.139.168:443
ASN
#16509 AMAZON-02

Requested by
http://subscribe.goodlifestylenews.com/?email=tammy.j.lanctot@abc12.com&redirect_id=43846&bid=17&ses_id=01b2cd02e548b6f47f7751c76688ff1f
Certificate
IssuerAmazon
Subjects3.amazonaws.com
Fingerprint82:A2:80:27:89:C3:32:0E:1E:77:2D:6F:F3:3D:19:D3:97:36:BC:7C
ValidityThu, 08 Feb 2024 00:00:00 GMT - Sat, 11 Jan 2025 23:59:59 GMT

File type
JPEG image data, JFIF standard 1.01, resolution (DPI), density 300x300, segment length 16, Exif Standard: [TIFF image data, big-endian, direntries=6, orientation=upper-left, xresolution=86, yresolution=94, resolutionunit=2], baseline, precision 8, 696x391, components 3
Size
69 kB (68794 bytes)
Hash
fa1f99e9ffb1cb56f6202d5bbf335f79
77864286b7c71b8670bf94f03134df6a009aabec
0fb64f41262e961a43e15d99a5461253cfcd4b57c554000678ed73aafd4edc6d

HTTP Headers

GET /autonewsuploads/silicon-valley-bank-svb-696x391.jpg40d86096b513af5fb6b62d4adc15f8551701260093ffc78a6207d8aade4d748dae6478fb31 HTTP/1.1
Host: s3.us-east-1.amazonaws.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: http://subscribe.goodlifestylenews.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
x-amz-id-2: VxoEZuZDI9YyJW/pHKTM7J3eHfR2Jiy/hCjZbyEEPU2qAhkKKnlx1nC36BGreGiR/xfj0z+Ydg4=
x-amz-request-id: V18ZDJYH8KCHZ4QH
Date: Fri, 26 Apr 2024 02:25:10 GMT
Last-Modified: Wed, 29 Nov 2023 12:14:52 GMT
ETag: "fa1f99e9ffb1cb56f6202d5bbf335f79"
x-amz-storage-class: REDUCED_REDUNDANCY
x-amz-server-side-encryption: AES256
Accept-Ranges: bytes
Content-Type: application/octet-stream
Server: AmazonS3
Content-Length: 68794

s3.us-east-1.amazonaws.com/autonewsuploads/czNmcy1wcml2YXRlL3Jhd3BpeGVsX2ltYWdlcy93ZWJzaXRlX2NvbnRlbnQvbHIvc2s4MDQ4LWltYWdlLWt3dnVreG9tLmpwZw.jpge7f332881ff283b6829e94415993a95d17132665016cdca8a23789d4b3362512373eef3417

52.217.139.168

200 OK

74 kB

URL GET HTTP/1.1
s3.us-east-1.amazonaws.com/autonewsuploads/czNmcy1wcml2YXRlL3Jhd3BpeGVsX2ltYWdlcy93ZWJzaXRlX2NvbnRlbnQvbHIvc2s4MDQ4LWltYWdlLWt3dnVreG9tLmpwZw.jpge7f332881ff283b6829e94415993a95d17132665016cdca8a23789d4b3362512373eef3417
IP
52.217.139.168:443
ASN
#16509 AMAZON-02

Requested by
http://subscribe.goodlifestylenews.com/?email=tammy.j.lanctot@abc12.com&redirect_id=43846&bid=17&ses_id=01b2cd02e548b6f47f7751c76688ff1f
Certificate
IssuerAmazon
Subjects3.amazonaws.com
Fingerprint82:A2:80:27:89:C3:32:0E:1E:77:2D:6F:F3:3D:19:D3:97:36:BC:7C
ValidityThu, 08 Feb 2024 00:00:00 GMT - Sat, 11 Jan 2025 23:59:59 GMT

File type
JPEG image data, Exif standard: [TIFF image data, big-endian, direntries=6, orientation=upper-left, xresolution=86, yresolution=94, resolutionunit=2], baseline, precision 8, 1000x668, components 3
Size
74 kB (73918 bytes)
Hash
7fe2d33d531815585c8c1d4c5867d4a3
35500f4fa795b49f47137c0532ab07e600d82f8c
e295b46a6cabf7a1d9a053ad5cd21a7a610c44cfaf7eee8b46638a554fc27b73

HTTP Headers

GET /autonewsuploads/czNmcy1wcml2YXRlL3Jhd3BpeGVsX2ltYWdlcy93ZWJzaXRlX2NvbnRlbnQvbHIvc2s4MDQ4LWltYWdlLWt3dnVreG9tLmpwZw.jpge7f332881ff283b6829e94415993a95d17132665016cdca8a23789d4b3362512373eef3417 HTTP/1.1
Host: s3.us-east-1.amazonaws.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: http://subscribe.goodlifestylenews.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
x-amz-id-2: svNUecDaICnV260e0d9kVTnJxVXM6pQ6jhS2bDaeuknt8GUOecQY8taY37Jbe1Oxo4bWf/lmglE=
x-amz-request-id: V18RHPQMDYHVZPF0
Date: Fri, 26 Apr 2024 02:25:10 GMT
Last-Modified: Tue, 16 Apr 2024 11:21:44 GMT
ETag: "7fe2d33d531815585c8c1d4c5867d4a3"
x-amz-storage-class: REDUCED_REDUNDANCY
x-amz-server-side-encryption: AES256
Accept-Ranges: bytes
Content-Type: application/octet-stream
Server: AmazonS3
Content-Length: 73918

verifiedsecure.org/uploads/0.442373001673954581K_Sa3Nyg.png

172.67.74.20

200 OK

251 B

URL GET HTTP/2
verifiedsecure.org/uploads/0.442373001673954581K_Sa3Nyg.png
IP
172.67.74.20:443
ASN
#13335 CLOUDFLARENET

Requested by
http://subscribe.goodlifestylenews.com/?email=tammy.j.lanctot@abc12.com&redirect_id=43846&bid=17&ses_id=01b2cd02e548b6f47f7751c76688ff1f
Certificate
IssuerGoogle Trust Services LLC
Subjectverifiedsecure.org
FingerprintA0:39:56:47:2D:24:66:40:29:81:A2:DA:5B:19:04:77:07:A6:BA:B3
ValidityThu, 04 Apr 2024 23:26:29 GMT - Wed, 03 Jul 2024 23:26:28 GMT

File type
HTML document, ASCII text
Size
251 B (251 bytes)
Hash
73816d82cca56c187674258ec5b7bd5a
cd989502a8b941226bb7e5ddc0ff0b62621e701f
cc2b540f494c9f0eb7c7f31880eec48518729e92ffa9e7081eb70193baa985a5

HTTP Headers

GET /uploads/0.442373001673954581K_Sa3Nyg.png HTTP/1.1
Host: verifiedsecure.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
DNT: 1
Connection: keep-alive
Referer: http://subscribe.goodlifestylenews.com/
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 302 Found
Date: Fri, 26 Apr 2024 02:25:10 GMT
Content-Type: text/html; charset=iso-8859-1
Transfer-Encoding: chunked
Connection: keep-alive
Location: https://verifiedsecure.org/uploads/0.442373001673954581K_Sa3Nyg.png
Cache-Control: max-age=14400
Expires: Fri, 26 Apr 2024 02:35:09 GMT
CF-Cache-Status: EXPIRED
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=gfcPkEaTp%2BSwZXX2K18xW883bYzwtNcwCb2aCVlFw3Q1wzUw%2FAiM%2FBYGmHwZfSTHN5NzW2PmK8yv8GQbP6G9S80fnd5zEjBut8Ed3whJ1XCEWVdKMRZiMrD1I9Ouhtho17ElXQ%3D%3D"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 87a31ee4ddc656c7-OSL
alt-svc: h2=":443"; ma=60

subscriberwelcome.com/uploads/0.1721950016738853872D1(1).jpg

104.21.66.20

200 OK

1.3 MB

URL GET HTTP/2
subscriberwelcome.com/uploads/0.1721950016738853872D1(1).jpg
IP
104.21.66.20:443
ASN
#13335 CLOUDFLARENET

Requested by
http://subscribe.goodlifestylenews.com/?email=tammy.j.lanctot@abc12.com&redirect_id=43846&bid=17&ses_id=01b2cd02e548b6f47f7751c76688ff1f
Certificate
IssuerGoogle Trust Services LLC
Subjectsubscriberwelcome.com
FingerprintDA:EE:DE:64:E3:D6:C6:7B:68:0D:DF:8D:B3:56:E9:59:2C:55:00:E1
ValidityFri, 08 Mar 2024 02:01:15 GMT - Thu, 06 Jun 2024 02:01:14 GMT

File type
JPEG image data, Exif standard: [TIFF image data, big-endian, direntries=7, orientation=upper-left, xresolution=98, yresolution=106, resolutionunit=2, software=Adobe Photoshop 24.0 (Windows), datetime=2023:01:07 00:05:06], baseline, precision 8, 1800x2700, components 3
Size
1.3 MB (1288007 bytes)
Hash
91e68c3d20f4e55b01fdbaa834b4e4e6
e54e4ea7f042d2124aa1be976a6fe9d708bb4f9f
3cab775e25b68c23b905d547373476f046b0101e7cfdbd6f016e302f5a429988

HTTP Headers

GET /uploads/0.1721950016738853872D1(1).jpg HTTP/1.1
Host: subscriberwelcome.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: http://subscribe.goodlifestylenews.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
date: Fri, 26 Apr 2024 02:25:09 GMT
content-type: image/jpeg
content-length: 1288007
last-modified: Mon, 16 Jan 2023 16:09:47 GMT
cache-control: max-age=14400
cf-cache-status: REVALIDATED
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=J8NOzmIodfV%2F2cQEMEcsDOi6hoJX6FzWbGBjKWvdSPUageCTkR4%2FBM8GFnpNv%2Fe2rSe91vrwgrpF%2FfpB%2BHjL5Z1mt1j8rTRvQJpSWtXTrdTrUUwUJVIxgP2awche1wcJ%2B6HIdevaUJA%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 87a31ee36ace5694-OSL
alt-svc: h3=":443"; ma=86400
X-Firefox-Spdy: h2

s3.us-east-1.amazonaws.com/autonewsuploads/drinking-98618_1280.jpg64b9888da2f455dab6320067862a3aca17129195312d5cf1686f59b8fe0453612e08b8250c

52.217.139.168

200 OK

159 kB

URL GET HTTP/1.1
s3.us-east-1.amazonaws.com/autonewsuploads/drinking-98618_1280.jpg64b9888da2f455dab6320067862a3aca17129195312d5cf1686f59b8fe0453612e08b8250c
IP
52.217.139.168:443
ASN
#16509 AMAZON-02

Requested by
http://subscribe.goodlifestylenews.com/?email=tammy.j.lanctot@abc12.com&redirect_id=43846&bid=17&ses_id=01b2cd02e548b6f47f7751c76688ff1f
Certificate
IssuerAmazon
Subjects3.amazonaws.com
Fingerprint82:A2:80:27:89:C3:32:0E:1E:77:2D:6F:F3:3D:19:D3:97:36:BC:7C
ValidityThu, 08 Feb 2024 00:00:00 GMT - Sat, 11 Jan 2025 23:59:59 GMT

File type
JPEG image data, JFIF standard 1.01, resolution (DPI), density 96x96, segment length 16, Exif Standard: [TIFF image data, big-endian, direntries=3], baseline, precision 8, 1280x1280, components 3
Size
159 kB (158571 bytes)
Hash
7ce5ed9adc66e64ba075efb968d14738
6fdc90fa71a9caa1ab837ef5a1bf29abfbd0498d
1514eaed03038f21ece918a59349483f95ef337541818017d701c58d397fe326

HTTP Headers

GET /autonewsuploads/drinking-98618_1280.jpg64b9888da2f455dab6320067862a3aca17129195312d5cf1686f59b8fe0453612e08b8250c HTTP/1.1
Host: s3.us-east-1.amazonaws.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: http://subscribe.goodlifestylenews.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
x-amz-id-2: QZPY9MLLuIb/MM+eW5dXBJu/pbNm0xIUCp4bp9LRH3Mjerkm+YiE2IC0ehNRGV1H3VWd7/YpKTc=
x-amz-request-id: V18K26DJK2XVHS0X
Date: Fri, 26 Apr 2024 02:25:10 GMT
Last-Modified: Fri, 12 Apr 2024 10:58:53 GMT
ETag: "7ce5ed9adc66e64ba075efb968d14738"
x-amz-storage-class: REDUCED_REDUNDANCY
x-amz-server-side-encryption: AES256
Accept-Ranges: bytes
Content-Type: application/octet-stream
Server: AmazonS3
Content-Length: 158571

s3.us-east-1.amazonaws.com/autonewsuploads/0_xMIObdsLB7XPfX6M.jpg831e6c0cac9852ee802169b318eafcc21703851588ea1d7d0705a741428b565fef908b1c90

52.217.139.168

200 OK

130 kB

URL GET HTTP/1.1
s3.us-east-1.amazonaws.com/autonewsuploads/0_xMIObdsLB7XPfX6M.jpg831e6c0cac9852ee802169b318eafcc21703851588ea1d7d0705a741428b565fef908b1c90
IP
52.217.139.168:443
ASN
#16509 AMAZON-02

Requested by
http://subscribe.goodlifestylenews.com/?email=tammy.j.lanctot@abc12.com&redirect_id=43846&bid=17&ses_id=01b2cd02e548b6f47f7751c76688ff1f
Certificate
IssuerAmazon
Subjects3.amazonaws.com
Fingerprint82:A2:80:27:89:C3:32:0E:1E:77:2D:6F:F3:3D:19:D3:97:36:BC:7C
ValidityThu, 08 Feb 2024 00:00:00 GMT - Sat, 11 Jan 2025 23:59:59 GMT

File type
JPEG image data, Exif standard: [TIFF image data, little-endian, direntries=5, orientation=upper-left, xresolution=74, yresolution=82, resolutionunit=2], baseline, precision 8, 800x550, components 3
Size
130 kB (130538 bytes)
Hash
81ed4e278b514ede42a3fa0bc59ae812
79ea6edc5c2326a174f137cdb092754eafa20d3f
bc9da136ab9d91bdf0e1a667dd123f362fa5ab2dd7f2ee22c9aaff3ebd619588

HTTP Headers

GET /autonewsuploads/0_xMIObdsLB7XPfX6M.jpg831e6c0cac9852ee802169b318eafcc21703851588ea1d7d0705a741428b565fef908b1c90 HTTP/1.1
Host: s3.us-east-1.amazonaws.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: http://subscribe.goodlifestylenews.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
x-amz-id-2: v4mGwB5rKpDZe0WP+5ZHc7kVAs6M6HIsvg3Gg617mocg103OsAFia7UvekCK00WXTsanRymn6DU=
x-amz-request-id: X0H88EY8W70THGG0
Date: Fri, 26 Apr 2024 02:25:11 GMT
Last-Modified: Fri, 29 Dec 2023 12:06:30 GMT
ETag: "81ed4e278b514ede42a3fa0bc59ae812"
x-amz-storage-class: REDUCED_REDUNDANCY
x-amz-server-side-encryption: AES256
Accept-Ranges: bytes
Content-Type: application/octet-stream
Server: AmazonS3
Content-Length: 130538

s3.us-east-1.amazonaws.com/autonewsuploads/ChaosRally03243.jpg62be5442c92f7d2f253103bf43fbb876171197445843f099107fc97f09add12ee5cf73a0a4

52.217.139.168

200 OK

931 kB

URL GET HTTP/1.1
s3.us-east-1.amazonaws.com/autonewsuploads/ChaosRally03243.jpg62be5442c92f7d2f253103bf43fbb876171197445843f099107fc97f09add12ee5cf73a0a4
IP
52.217.139.168:443
ASN
#16509 AMAZON-02

Requested by
http://subscribe.goodlifestylenews.com/?email=tammy.j.lanctot@abc12.com&redirect_id=43846&bid=17&ses_id=01b2cd02e548b6f47f7751c76688ff1f
Certificate
IssuerAmazon
Subjects3.amazonaws.com
Fingerprint82:A2:80:27:89:C3:32:0E:1E:77:2D:6F:F3:3D:19:D3:97:36:BC:7C
ValidityThu, 08 Feb 2024 00:00:00 GMT - Sat, 11 Jan 2025 23:59:59 GMT

File type
JPEG image data, JFIF standard 1.01, resolution (DPI), density 240x240, segment length 16, Exif Standard: [TIFF image data, little-endian, direntries=12, description=Charlottesville Candlelight Vigil at the White House, Washington, DC USA, manufacturer=SONY, model=ILCE-6300, xresolution=248, yresolution=256, resolutionunit=2, software=Adobe Photoshop Lightroom 6.12 (Macintosh), datetime=2017:08:13 21:53:35], baseline, precision 8, 2560x1449, components 3
Size
931 kB (931429 bytes)
Hash
b55dae54d79509e222cf4536698350ab
af4d10c9b5f99edfa0710eb9123500b358d999dc
d67ad702f911cf9b22146c71f2413d566d81e23ce3d78fa68b9a876ad69283ad

HTTP Headers

GET /autonewsuploads/ChaosRally03243.jpg62be5442c92f7d2f253103bf43fbb876171197445843f099107fc97f09add12ee5cf73a0a4 HTTP/1.1
Host: s3.us-east-1.amazonaws.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: http://subscribe.goodlifestylenews.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
x-amz-id-2: KGL2cktokcxAVbKprBCXpcTgzG/rgZgSjjpEnyYZk2bF6X91m+ha3QFJoL3xk8sORZnLoq5dKE0=
x-amz-request-id: V18ZQM9Z7DHXC8M1
Date: Fri, 26 Apr 2024 02:25:10 GMT
Last-Modified: Mon, 01 Apr 2024 12:27:42 GMT
ETag: "b55dae54d79509e222cf4536698350ab"
x-amz-storage-class: REDUCED_REDUNDANCY
x-amz-server-side-encryption: AES256
Accept-Ranges: bytes
Content-Type: application/octet-stream
Server: AmazonS3
Content-Length: 931429

s3.us-east-1.amazonaws.com/autonewsuploads/0.099067001676806324SMRFedCtrl0223.jpg

52.217.139.168

200 OK

133 kB

URL GET HTTP/1.1
s3.us-east-1.amazonaws.com/autonewsuploads/0.099067001676806324SMRFedCtrl0223.jpg
IP
52.217.139.168:443
ASN
#16509 AMAZON-02

Requested by
http://subscribe.goodlifestylenews.com/?email=tammy.j.lanctot@abc12.com&redirect_id=43846&bid=17&ses_id=01b2cd02e548b6f47f7751c76688ff1f
Certificate
IssuerAmazon
Subjects3.amazonaws.com
Fingerprint82:A2:80:27:89:C3:32:0E:1E:77:2D:6F:F3:3D:19:D3:97:36:BC:7C
ValidityThu, 08 Feb 2024 00:00:00 GMT - Sat, 11 Jan 2025 23:59:59 GMT

File type
JPEG image data, JFIF standard 1.01, resolution (DPI), density 300x300, segment length 16, Exif Standard: [TIFF image data, big-endian, direntries=10], baseline, precision 8, 1024x771, components 3
Size
133 kB (132852 bytes)
Hash
5687439e1978bd7fdad82d8d9b40589a
caf45e2235d11748a944e68abdb2c797eaf1caf7
a612c05d44abfdec6f7a49b2848057039b7d4fb6b75178f0a228893cba3b4d04

HTTP Headers

GET /autonewsuploads/0.099067001676806324SMRFedCtrl0223.jpg HTTP/1.1
Host: s3.us-east-1.amazonaws.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: http://subscribe.goodlifestylenews.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
x-amz-id-2: dm4roPV0fxAiZw0h8w8vHdc9hSd0Or6A5wtU7sKGvJfe/+/RlbZR0aMzLvnvpC63oY3m4Gnl7bo=
x-amz-request-id: V18SFM0ENGH3YJ25
Date: Fri, 26 Apr 2024 02:25:10 GMT
Last-Modified: Wed, 08 Mar 2023 14:22:23 GMT
ETag: "5687439e1978bd7fdad82d8d9b40589a"
x-amz-server-side-encryption: AES256
Accept-Ranges: bytes
Content-Type: image/jpeg
Server: AmazonS3
Content-Length: 132852

s3.us-east-1.amazonaws.com/autonewsuploads/1920px-US_Navy_080904-N-5319A-008_The_Pentagon_Memorial_honoring_the_184_people_killed_at_the_Pentagon_and_on_American_Airlines_flight_77.jpg3299f6cbb96f820d455e6441d6c9261216971996016bc768fbc08e0167162011e11cc78c83

52.217.139.168

200 OK

821 kB

URL GET HTTP/1.1
s3.us-east-1.amazonaws.com/autonewsuploads/1920px-US_Navy_080904-N-5319A-008_The_Pentagon_Memorial_honoring_the_184_people_killed_at_the_Pentagon_and_on_American_Airlines_flight_77.jpg3299f6cbb96f820d455e6441d6c9261216971996016bc768fbc08e0167162011e11cc78c83
IP
52.217.139.168:443
ASN
#16509 AMAZON-02

Requested by
http://subscribe.goodlifestylenews.com/?email=tammy.j.lanctot@abc12.com&redirect_id=43846&bid=17&ses_id=01b2cd02e548b6f47f7751c76688ff1f
Certificate
IssuerAmazon
Subjects3.amazonaws.com
Fingerprint82:A2:80:27:89:C3:32:0E:1E:77:2D:6F:F3:3D:19:D3:97:36:BC:7C
ValidityThu, 08 Feb 2024 00:00:00 GMT - Sat, 11 Jan 2025 23:59:59 GMT

File type
JPEG image data, Exif standard: [TIFF image data, big-endian, direntries=7, description=080904-N-5319A-008.WASHINGTON (Sept. 4, 2008) The Pentagon Memorial honoring the 184 people killed at the Pentagon and on Ameri, xresolution=584, yresolution=592, resolutionunit=2], baseline, precision 8, 1920x1277, components 3
Size
821 kB (821039 bytes)
Hash
7184f186cfd51da8559a56f5a7e5164c
d9b1172c47b82d6849daec72442894c3a8c0243a
2b6d8566da4ef1d7a5c9d6215a4132e1b8679013904237f994f611eb2aa4665b

HTTP Headers

GET /autonewsuploads/1920px-US_Navy_080904-N-5319A-008_The_Pentagon_Memorial_honoring_the_184_people_killed_at_the_Pentagon_and_on_American_Airlines_flight_77.jpg3299f6cbb96f820d455e6441d6c9261216971996016bc768fbc08e0167162011e11cc78c83 HTTP/1.1
Host: s3.us-east-1.amazonaws.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: http://subscribe.goodlifestylenews.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
x-amz-id-2: GY6FiJ+pzTUOPmoCoUoKcg7tCQdyBcLr6V59oE5J4r4HL9jjgTan8P7USVRZqGxgxEoxRV8aHjM=
x-amz-request-id: X0H7B3HWTFJ3N9C4
Date: Fri, 26 Apr 2024 02:25:11 GMT
Last-Modified: Fri, 13 Oct 2023 12:20:02 GMT
ETag: "7184f186cfd51da8559a56f5a7e5164c"
x-amz-storage-class: REDUCED_REDUNDANCY
x-amz-server-side-encryption: AES256
Accept-Ranges: bytes
Content-Type: application/octet-stream
Server: AmazonS3
Content-Length: 821039

s3.us-east-1.amazonaws.com/autonewsuploads/arabia%20usa.pngb0ed32c65098ce22b30bb667b5cc036c1713269997c4b1f4e8a949202618a8b70ba3220078

52.217.139.168

200 OK

352 kB

URL GET HTTP/1.1
s3.us-east-1.amazonaws.com/autonewsuploads/arabia%20usa.pngb0ed32c65098ce22b30bb667b5cc036c1713269997c4b1f4e8a949202618a8b70ba3220078
IP
52.217.139.168:443
ASN
#16509 AMAZON-02

Requested by
http://subscribe.goodlifestylenews.com/?email=tammy.j.lanctot@abc12.com&redirect_id=43846&bid=17&ses_id=01b2cd02e548b6f47f7751c76688ff1f
Certificate
IssuerAmazon
Subjects3.amazonaws.com
Fingerprint82:A2:80:27:89:C3:32:0E:1E:77:2D:6F:F3:3D:19:D3:97:36:BC:7C
ValidityThu, 08 Feb 2024 00:00:00 GMT - Sat, 11 Jan 2025 23:59:59 GMT

File type
PNG image data, 750 x 394, 8-bit/color RGBA, non-interlaced
Size
352 kB (351664 bytes)
Hash
23eeb8656d2d4f1f751c9ac7325b026d
93c54a0b2d11c5372eb46ccf5a7adcc55797b334
bbc434f9e9f658270d337d0eb636ccb4d141d5aee2d2536882062365fe88011b

HTTP Headers

GET /autonewsuploads/arabia%20usa.pngb0ed32c65098ce22b30bb667b5cc036c1713269997c4b1f4e8a949202618a8b70ba3220078 HTTP/1.1
Host: s3.us-east-1.amazonaws.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: http://subscribe.goodlifestylenews.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
x-amz-id-2: SH21yjQtlE2DteRGTH+HB4oOhvjQSprYoou18X8pnaKlWcd5cbBMpBH4wKzPaZixeoM7w9ltvbQ=
x-amz-request-id: X0H25Y0MKGDB7J4P
Date: Fri, 26 Apr 2024 02:25:11 GMT
Last-Modified: Tue, 16 Apr 2024 12:19:58 GMT
ETag: "23eeb8656d2d4f1f751c9ac7325b026d"
x-amz-storage-class: REDUCED_REDUNDANCY
x-amz-server-side-encryption: AES256
Accept-Ranges: bytes
Content-Type: application/octet-stream
Server: AmazonS3
Content-Length: 351664

s3.us-east-1.amazonaws.com/autonewsuploads/worse%20vision.jpg04c3f8d8bfe8c77cc06ef5d088fe76f91712660563fdf373e5b8e78733430a2131cd9b5a3e

52.217.139.168

200 OK

170 kB

URL GET HTTP/1.1
s3.us-east-1.amazonaws.com/autonewsuploads/worse%20vision.jpg04c3f8d8bfe8c77cc06ef5d088fe76f91712660563fdf373e5b8e78733430a2131cd9b5a3e
IP
52.217.139.168:443
ASN
#16509 AMAZON-02

Requested by
http://subscribe.goodlifestylenews.com/?email=tammy.j.lanctot@abc12.com&redirect_id=43846&bid=17&ses_id=01b2cd02e548b6f47f7751c76688ff1f
Certificate
IssuerAmazon
Subjects3.amazonaws.com
Fingerprint82:A2:80:27:89:C3:32:0E:1E:77:2D:6F:F3:3D:19:D3:97:36:BC:7C
ValidityThu, 08 Feb 2024 00:00:00 GMT - Sat, 11 Jan 2025 23:59:59 GMT

File type
JPEG image data, Exif standard: [TIFF image data, big-endian, direntries=1], baseline, precision 8, 1024x783, components 3
Size
170 kB (169604 bytes)
Hash
453f86a922ea0aaed9446b57281f1387
829544be236ee42dd3103b670dc6cc132d610f03
9c6194c947048457cc6c0ec8759bcdb798eea2d442d498bc92a5eba1918a4aba

HTTP Headers

GET /autonewsuploads/worse%20vision.jpg04c3f8d8bfe8c77cc06ef5d088fe76f91712660563fdf373e5b8e78733430a2131cd9b5a3e HTTP/1.1
Host: s3.us-east-1.amazonaws.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: http://subscribe.goodlifestylenews.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
x-amz-id-2: A0aSsGY6qBk3/VAtqrvt9MhEZ6wt5R07FxLSpVteq/MOUhVm1pvNbrEaMZXAYREeM/LEsiAdcps=
x-amz-request-id: X0HBRSBR9EEEGE2K
Date: Fri, 26 Apr 2024 02:25:11 GMT
Last-Modified: Tue, 09 Apr 2024 11:02:45 GMT
ETag: "453f86a922ea0aaed9446b57281f1387"
x-amz-storage-class: REDUCED_REDUNDANCY
x-amz-server-side-encryption: AES256
Accept-Ranges: bytes
Content-Type: application/octet-stream
Server: AmazonS3
Content-Length: 169604

fonts.gstatic.com/s/roboto/v30/KFOmCnqEu92Fr1Mu4mxK.woff2

216.58.207.227

200 OK

16 kB

URL GET HTTP/2
fonts.gstatic.com/s/roboto/v30/KFOmCnqEu92Fr1Mu4mxK.woff2
IP
216.58.207.227:443
ASN
#15169 GOOGLE

Requested by
http://subscribe.goodlifestylenews.com/?email=tammy.j.lanctot@abc12.com&redirect_id=43846&bid=17&ses_id=01b2cd02e548b6f47f7751c76688ff1f
Certificate
IssuerGoogle Trust Services LLC
Subject*.gstatic.com
FingerprintF5:5C:D9:68:C6:5F:A3:33:5A:73:C3:79:B6:83:FE:44:2E:A4:83:74
ValidityMon, 18 Mar 2024 20:34:25 GMT - Mon, 10 Jun 2024 20:34:24 GMT

File type
Web Open Font Format (Version 2), TrueType, length 15744, version 1.0
Size
16 kB (15744 bytes)
Hash
15d9f621c3bd1599f0169dcf0bd5e63e
7ca9c5967f3bb8bffeab24b639b49c1e7d03fa52
f6734f8177112c0839b961f96d813fcb189d81b60e96c33278c1983b6f419615

HTTP Headers

GET /s/roboto/v30/KFOmCnqEu92Fr1Mu4mxK.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: http://subscribe.goodlifestylenews.com
DNT: 1
Connection: keep-alive
Referer: https://fonts.googleapis.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 15744
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Tue, 23 Apr 2024 16:27:38 GMT
expires: Wed, 23 Apr 2025 16:27:38 GMT
cache-control: public, max-age=31536000
age: 208652
last-modified: Wed, 11 May 2022 19:24:48 GMT
content-type: font/woff2
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2

verifiedsecure.org/uploads/0.442373001673954581K_Sa3Nyg.png

172.67.74.20

200 OK

36 kB

URL GET HTTP/2
verifiedsecure.org/uploads/0.442373001673954581K_Sa3Nyg.png
IP
172.67.74.20:443
ASN
#13335 CLOUDFLARENET

Requested by
http://subscribe.goodlifestylenews.com/?email=tammy.j.lanctot@abc12.com&redirect_id=43846&bid=17&ses_id=01b2cd02e548b6f47f7751c76688ff1f
Certificate
IssuerGoogle Trust Services LLC
Subjectverifiedsecure.org
FingerprintA0:39:56:47:2D:24:66:40:29:81:A2:DA:5B:19:04:77:07:A6:BA:B3
ValidityThu, 04 Apr 2024 23:26:29 GMT - Wed, 03 Jul 2024 23:26:28 GMT

File type
PNG image data, 3369 x 257, 8-bit/color RGBA, non-interlaced
Size
36 kB (35781 bytes)
Hash
724c1e2ab214eefe0271ee598af8749a
b99bb085dd791488b061c423223318345c590f24
bba2a6dbda4e6833f68c21d84c0f9a09180ae9595b238c982da300cf448ab78c

HTTP Headers

GET /uploads/0.442373001673954581K_Sa3Nyg.png HTTP/1.1
Host: verifiedsecure.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: http://subscribe.goodlifestylenews.com/
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
date: Fri, 26 Apr 2024 02:25:10 GMT
content-type: image/png
content-length: 35781
last-modified: Tue, 17 Jan 2023 11:23:01 GMT
cache-control: max-age=2592000
expires: Tue, 21 May 2024 23:01:10 GMT
cf-cache-status: HIT
age: 357840
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=xSZwaGZwxhQlH4BleFYqs59mSJlz60%2FIroDaDatDL6D16GZDO%2BQ3YWWkDx03nGdfGzzbuzHPqcYCIUB13Y6GfJBNyWgcb8CZNqSLw%2BsLS4LR2Ul%2FeHAykINBAaW0zcJ0RsJkRw%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 87a31eeb89ed56c3-OSL
X-Firefox-Spdy: h2

subscribe.goodlifestylenews.com/favicon.ico

104.21.30.61

404 Not Found

238 B

URL GET HTTP/1.1
subscribe.goodlifestylenews.com/favicon.ico
IP
104.21.30.61:80
ASN
#13335 CLOUDFLARENET

Requested by
http://subscribe.goodlifestylenews.com/?email=tammy.j.lanctot@abc12.com&redirect_id=43846&bid=17&ses_id=01b2cd02e548b6f47f7751c76688ff1f

File type
HTML document, ASCII text
Size
238 B (238 bytes)
Hash
a34ac19f4afae63adc5d2f7bc970c07f
a82190fc530c265aa40a045c21770d967f4767b8
d5a89e26beae0bc03ad18a0b0d1d3d75f87c32047879d25da11970cb5c4662a3

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /favicon.ico HTTP/1.1
Host: subscribe.goodlifestylenews.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
DNT: 1
Connection: keep-alive
Referer: http://subscribe.goodlifestylenews.com/?email=tammy.j.lanctot@abc12.com&redirect_id=43846&bid=17&ses_id=01b2cd02e548b6f47f7751c76688ff1f
Cookie: PHPSESSID=64e0c7e901969d3cc9511e62882f7cc6; _ga_WJJ5P9F2X8=GS1.1.1714098309.1.0.1714098309.0.0.0; _ga=GA1.1.213194513.1714098310
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 404 Not Found
Date: Fri, 26 Apr 2024 02:25:11 GMT
Content-Type: text/html; charset=iso-8859-1
Transfer-Encoding: chunked
Connection: keep-alive
Cache-Control: max-age=14400
CF-Cache-Status: EXPIRED
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=fgWH9KZF%2FhpwLPOSXJAOYvm7HCq2xm6m8av2vYOVAKfB221wyCaroXtk8OdRx2Goz3jQptPxS88wE1ZL2Z4NhaEO4AVfc2J6c8bd6U9doqxFKQSDFphPeX3YzVpqOGmeBOvS9TrkqmNjyiRzoVy0kfWT"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 87a31eebff6c0afa-OSL
Content-Encoding: gzip
alt-svc: h2=":443"; ma=60

subscribe.goodlifestylenews.com/?email=tammy.j.lanctot@abc12.com&redirect_id=43846&bid=17&ses_id=01b2cd02e548b6f47f7751c76688ff1f

0.0.0.0

0 B

URL User Request GET
subscribe.goodlifestylenews.com/?email=tammy.j.lanctot@abc12.com&redirect_id=43846&bid=17&ses_id=01b2cd02e548b6f47f7751c76688ff1f
IP
0.0.0.0:0
ASN
#0

Certificate
IssuerGoogle Trust Services LLC
Subjectgoodlifestylenews.com
FingerprintCF:D4:62:67:0B:FC:CB:36:EF:53:02:EB:06:FE:15:35:2F:53:53:40
ValidityThu, 21 Mar 2024 14:09:53 GMT - Wed, 19 Jun 2024 14:09:52 GMT

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /?email=tammy.j.lanctot@abc12.com&redirect_id=43846&bid=17&ses_id=01b2cd02e548b6f47f7751c76688ff1f HTTP/1.1
Host: subscribe.goodlifestylenews.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Cookie: PHPSESSID=64e0c7e901969d3cc9511e62882f7cc6
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

fonts.googleapis.com/css?family=Roboto

142.250.74.106

200 OK

2.2 kB

URL GET HTTP/2
fonts.googleapis.com/css?family=Roboto
IP
142.250.74.106:443
ASN
#15169 GOOGLE

Requested by
http://subscribe.goodlifestylenews.com/?email=tammy.j.lanctot@abc12.com&redirect_id=43846&bid=17&ses_id=01b2cd02e548b6f47f7751c76688ff1f
Certificate
IssuerGoogle Trust Services LLC
Subjectupload.video.google.com
Fingerprint15:CB:F7:AC:18:3F:DC:1E:F9:4E:94:D1:98:40:40:61:53:17:28:F2
ValidityMon, 18 Mar 2024 20:35:28 GMT - Mon, 10 Jun 2024 20:35:27 GMT

File type
ASCII text, with very long lines (2218), with no line terminators
Size
2.2 kB (2162 bytes)
Hash
807b0cff287eb02fda9eb3a87e2746a5
34a0af77abd82f106052590a0e624b2803a6572d
35c288796da2ba3b90a7a7ef7e75a5e7eb55cad381d227beda8c5e400a04caff

HTTP Headers

GET /css?family=Roboto HTTP/1.1
Host: fonts.googleapis.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: http://subscribe.goodlifestylenews.com/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
content-type: text/css; charset=utf-8
access-control-allow-origin: *
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
strict-transport-security: max-age=31536000
expires: Fri, 26 Apr 2024 02:25:09 GMT
date: Fri, 26 Apr 2024 02:25:09 GMT
cache-control: private, max-age=86400
cross-origin-opener-policy: same-origin-allow-popups
cross-origin-resource-policy: cross-origin
content-encoding: gzip
server: ESF
x-xss-protection: 0
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2

subscribe.goodlifestylenews.com/?email=tammy.j.lanctot@abc12.com&redirect_id=43846&bid=17&ses_id=01b2cd02e548b6f47f7751c76688ff1f

172.67.172.49

200 OK

31 kB

URL User Request GET HTTP/1.1
subscribe.goodlifestylenews.com/?email=tammy.j.lanctot@abc12.com&redirect_id=43846&bid=17&ses_id=01b2cd02e548b6f47f7751c76688ff1f
IP
172.67.172.49:80
ASN
#13335 CLOUDFLARENET

File type

Size
31 kB (30977 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /?email=tammy.j.lanctot@abc12.com&redirect_id=43846&bid=17&ses_id=01b2cd02e548b6f47f7751c76688ff1f HTTP/1.1
Host: subscribe.goodlifestylenews.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
DNT: 1
Connection: keep-alive
Cookie: PHPSESSID=64e0c7e901969d3cc9511e62882f7cc6
Upgrade-Insecure-Requests: 1
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Date: Fri, 26 Apr 2024 02:25:09 GMT
Content-Type: text/html; charset=UTF-8
Transfer-Encoding: chunked
Connection: keep-alive
Access-Control-Allow-Origin: *
Access-Control-Allow-Methods: GET, POST
Access-Control-Allow-Headers: X-Requested-With
Expires: Thu, 19 Nov 1981 08:52:00 GMT
Cache-Control: no-store, no-cache, must-revalidate
Pragma: no-cache
Vary: Accept-Encoding,User-Agent
CF-Cache-Status: DYNAMIC
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=qDLYus7gS886CDwaBWogX7dtvd5jzbS4%2BY6tQiDWAbqWN%2FtZErobhiVS1J%2BA09aHaIsvUZpIK72788%2FAXTR6dQdvmF3oCPE22iLb9FN76f8%2BW820ern3bBvRZS%2FzAVfPKP3hDM9FRKIgwbEzlRTvmWdo"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Server: cloudflare
CF-RAY: 87a31eda4d0f56a4-OSL
Content-Encoding: gzip
alt-svc: h2=":443"; ma=60

go.goodlifestylenews.com/dummyarticleclickers_43846/ec55f96bdbee115719939c545d55f6bb/55/leadsource/2581/1610/dc9afb4385bc0d52e165cd409144dae8/mpmta/news/43846/17

172.67.172.49

302 Found

0 B

URL User Request GET HTTP/2
go.goodlifestylenews.com/dummyarticleclickers_43846/ec55f96bdbee115719939c545d55f6bb/55/leadsource/2581/1610/dc9afb4385bc0d52e165cd409144dae8/mpmta/news/43846/17
IP
172.67.172.49:443
ASN
#13335 CLOUDFLARENET

Certificate
IssuerGoogle Trust Services LLC
Subjectgoodlifestylenews.com
FingerprintCF:D4:62:67:0B:FC:CB:36:EF:53:02:EB:06:FE:15:35:2F:53:53:40
ValidityThu, 21 Mar 2024 14:09:53 GMT - Wed, 19 Jun 2024 14:09:52 GMT

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /dummyarticleclickers_43846/ec55f96bdbee115719939c545d55f6bb/55/leadsource/2581/1610/dc9afb4385bc0d52e165cd409144dae8/mpmta/news/43846/17 HTTP/1.1
Host: go.goodlifestylenews.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Upgrade-Insecure-Requests: 1
Connection: keep-alive
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 302 Found
date: Fri, 26 Apr 2024 02:25:05 GMT
content-type: text/html; charset=UTF-8
location: https://verifiedwebpage.com/go?ehash=ec55f96bdbee115719939c545d55f6bb&product=47280&ar=55&cid=2581&lid=1610&slhash=dc9afb4385bc0d52e165cd409144dae8&redirect_id=43846&bid=17
cache-control: max-age=600
expires: Fri, 26 Apr 2024 02:35:04 GMT
vary: User-Agent
cf-cache-status: DYNAMIC
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=5CWSLqv3M8E3sOSM4HRws7PCYDFstshCcsu%2FXRbUwnvncVw25J6vEZ37yzmm3qtz1E1RBzcCJsPguktjB9pphfUE09gi13vzazbZ%2BQjjVm0s8itKtS%2BNQu%2FHf4cK%2BicT4OOuZx6BM8tD9EA%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 87a31ec44ae75691-OSL
alt-svc: h3=":443"; ma=86400
X-Firefox-Spdy: h2

verifiedwebpage.com/go?ehash=ec55f96bdbee115719939c545d55f6bb&product=47280&ar=55&cid=2581&lid=1610&slhash=dc9afb4385bc0d52e165cd409144dae8&redirect_id=43846&bid=17

104.18.20.187

302 Found

0 B

URL User Request GET HTTP/2
verifiedwebpage.com/go?ehash=ec55f96bdbee115719939c545d55f6bb&product=47280&ar=55&cid=2581&lid=1610&slhash=dc9afb4385bc0d52e165cd409144dae8&redirect_id=43846&bid=17
IP
104.18.20.187:443
ASN
#13335 CLOUDFLARENET

Certificate
IssuerGoogle Trust Services LLC
Subjectverifiedwebpage.com
FingerprintB6:7C:0D:93:CD:D6:56:A3:74:B9:46:38:F0:C7:A5:31:BC:5F:AF:56
ValidityWed, 10 Apr 2024 21:43:08 GMT - Tue, 09 Jul 2024 21:43:07 GMT

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

HTTP Headers

GET /go?ehash=ec55f96bdbee115719939c545d55f6bb&product=47280&ar=55&cid=2581&lid=1610&slhash=dc9afb4385bc0d52e165cd409144dae8&redirect_id=43846&bid=17 HTTP/1.1
Host: verifiedwebpage.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 302 Found
date: Fri, 26 Apr 2024 02:25:06 GMT
content-type: text/html; charset=UTF-8
location: https://subscribe.goodlifestylenews.com?email=tammy.j.lanctot@abc12.com&redirect_id=43846&bid=17
expires: Thu, 19 Nov 1981 08:52:00 GMT
cache-control: no-store, no-cache, must-revalidate
pragma: no-cache
vary: User-Agent
cf-cache-status: DYNAMIC
set-cookie: PHPSESSID=d737fbe22d29c15b0bf4e9d530074852; path=/
pixel_session_hash_47280=3415447649292306987; expires=Sun, 26-May-2024 02:25:05 GMT; Max-Age=2592000; path=/; secure; HttpOnly; SameSite=None
bt_tracking_product_47280=3b9067d98bcdf92dcd6c566837f114d0817400f4d9b84643d9fe0baec363cea3; expires=Sun, 28-Apr-2024 02:25:05 GMT; Max-Age=172800
__cf_bm=Yu0.35AysFxxLpLuOF4E5nIw2ESqvsjzpP1A.GyxtI8-1714098306-1.0.1.1-u_karAw7ig1kJVexe7AZSu84DUZXLJZkC69uGpzSOLOnvN9sLRrBlZDTH2h7rlOV2cUus5JhX36WnAYib79fyQ; path=/; expires=Fri, 26-Apr-24 02:55:06 GMT; domain=.verifiedwebpage.com; HttpOnly; Secure; SameSite=None
server: cloudflare
cf-ray: 87a31ec8f88ab521-OSL
X-Firefox-Spdy: h2

Report Overview

Submitted URL

IP

ASN

Submitted

Access

Website Title

Final URL

Tags

urlquery detections

Detections

urlquery

Network Intrusion Detection

Threat Detection Systems

Domain Summary

Related reports

Network Intrusion Detection Systems

Suricata /w Emerging Threats Pro

Threat Detection Systems

Public InfoSec YARA rules

OpenPhish

PhishTank

mnemonic secure dns

Quad9 DNS

ThreatFox

JavaScript (9)

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML