Report - go.goodlifestylenews.com/dummyarticleclickers_45314/ec55f96bdbee115719939c545d55f6bb/55/leadsource/2626/1610/6fa59e7be255fd2bcdcd31e102cefbd0/mpmta/news/45314/17

Report Overview

Submitted URL
go.goodlifestylenews.com/dummyarticleclickers_45314/ec55f96bdbee115719939c545d55f6bb/55/leadsource/2626/1610/6fa59e7be255fd2bcdcd31e102cefbd0/mpmta/news/45314/17
IP
104.21.30.61
ASN
#13335 CLOUDFLARENET
Submitted
2024-05-11 02:18:27
Access
public
Website Title
Good Lifestyle News (MP) Flow
Final URL
subscribe.goodlifestylenews.com/?email=tammy.j.lanctot@abc12.com&redirect_id=45314&bid=17&ses_id=6a1742a83d17b3e1e0f0bc710d5a94be
Tags
urlquery detections
No alerts detected

Detections

urlquery
0
Network Intrusion Detection
0
Threat Detection Systems
16

Domain Summary

Domain / FQDN	Rank	Registered	First Seen	Last Seen	Sent	Received	IP
subscribe.goodlifestylenews.com	unknown	unknown	No data	No data	3.4 kB	80 kB	104.21.30.61
subscriberwelcome.com	unknown	unknown	No data	No data	2.0 kB	2.9 MB	172.67.155.79
www.googletagmanager.com	75	unknown	No data	No data	437 B	103 kB	142.250.74.168
fonts.googleapis.com	8877	unknown	No data	No data	443 B	2.8 kB	142.250.74.106
go.goodlifestylenews.com	unknown	unknown	No data	No data	892 B	1.7 kB	172.67.172.49
ajax.googleapis.com	12905	unknown	No data	No data	446 B	34 kB	142.250.74.42
cdn.jsdelivr.net	439	unknown	No data	No data	1.0 kB	49 kB	151.101.65.229
fonts.gstatic.com	unknown	unknown	No data	No data	533 B	17 kB	216.58.207.227
verifiedsecure.org	unknown	unknown	No data	No data	858 B	38 kB	104.26.8.206
s3.us-east-1.amazonaws.com	4041	unknown	No data	No data	5.5 kB	3.0 MB	54.231.230.232
verifiedwebpage.com	unknown	unknown	No data	No data	620 B	1.0 kB	104.18.21.187

Related reports

Network Intrusion Detection Systems

Suricata /w Emerging Threats Pro

No alerts detected

Threat Detection Systems

Public InfoSec YARA rules

No alerts detected

OpenPhish

No alerts detected

PhishTank

No alerts detected

mnemonic secure dns

No alerts detected

Quad9 DNS

Scan Date	Severity	Indicator	Alert
2024-05-11	medium	goodlifestylenews.com	Sinkholed
2024-05-11	medium	goodlifestylenews.com	Sinkholed
2024-05-11	medium	goodlifestylenews.com	Sinkholed
2024-05-11	medium	goodlifestylenews.com	Sinkholed
2024-05-11	medium	goodlifestylenews.com	Sinkholed
2024-05-11	medium	goodlifestylenews.com	Sinkholed
2024-05-11	medium	goodlifestylenews.com	Sinkholed
2024-05-11	medium	goodlifestylenews.com	Sinkholed

ThreatFox

No alerts detected

JavaScript (9)

	URL	Size	First Seen	Last Seen
	subscribe.goodlifestylenews.com/jquery.caret.js	2.4 kB	2023-05-08	2024-05-23
Pretty URL subscribe.goodlifestylenews.com/jquery.caret.js IP 104.21.30.61 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML false Observations First Seen2023-05-08 14:36:52 Last Seen2024-05-23 00:54:11 Times Seen691 Hash 35c3ec8db4ff6e862db42516436216a1 7d9d7731403868cc34edaad1d9e17311541a6f77 adef482d97f599ba0e720ecf2aba0581ea1591ba1bb1eb271f1d98b279ff81ba Loading...

	subscribe.goodlifestylenews.com/jquery.mobilePhoneNumber.js	26 kB	2023-05-08	2024-05-23
Pretty URL subscribe.goodlifestylenews.com/jquery.mobilePhoneNumber.js IP 172.67.172.49 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML false Observations First Seen2023-05-08 14:36:52 Last Seen2024-05-23 00:54:11 Times Seen825 Hash 0dbbb5873b895ea3be425af219cf85de 7b9dba563376d7dbd1c5b9b7064ab87eadad5591 02cbbdeb2244fd2855c49ab964c15001bde126c21cc5890d176c537878d6152b Loading...

	subscribe.goodlifestylenews.com/?email=tammy.j.lanctot@abc12.com&redirect_id=45314&bid=17&ses_id=6a1742a83d17b3e1e0f0bc710d5a94be	152 B	2023-06-01	2024-05-23
Pretty URL subscribe.goodlifestylenews.com/?email=tammy.j.lanctot@abc12.com&redirect_id=45314&bid=17&ses_id=6a1742a83d17b3e1e0f0bc710d5a94be IP 104.21.30.61 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML true Observations First Seen2023-06-01 19:31:02 Last Seen2024-05-23 00:54:11 Times Seen363 Hash f428121d5a5fef65b4475cd12946bc04 ee95d8f82bdc0b8001fd8ffa74edd84d5640aa87 a27ebc0bf8c54f5e2c909f78d326d964e1555bae0254d575f6511b0dcc92ae12 Loading...

	subscribe.goodlifestylenews.com/?email=tammy.j.lanctot@abc12.com&redirect_id=45314&bid=17&ses_id=6a1742a83d17b3e1e0f0bc710d5a94be	194 B	2023-05-08	2024-05-23
Pretty URL subscribe.goodlifestylenews.com/?email=tammy.j.lanctot@abc12.com&redirect_id=45314&bid=17&ses_id=6a1742a83d17b3e1e0f0bc710d5a94be IP 104.21.30.61 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML true Observations First Seen2023-05-08 14:36:52 Last Seen2024-05-23 00:54:11 Times Seen411 Hash d7ae17d684ddcfa308369e402855826d d6da811e60cab233619e114e823ab9db7242bd5d e42a64d5a754498cd56f9079fd8e341c480ea2a15a6060e00924814586f8c44f Loading...

	www.googletagmanager.com/gtag/js?id=G-WJJ5P9F2X8	308 kB	2024-05-11	2024-05-11
Pretty URL www.googletagmanager.com/gtag/js?id=G-WJJ5P9F2X8 IP 142.250.74.168 ASN #15169 GOOGLE Introduced by scriptElement Embedded in HTML false Observations First Seen2024-05-11 04:18:27 Last Seen2024-05-11 04:18:48 Times Seen4 Hash deea13f87535b4df31e1f7cac68d4f67 13c953ae5472c1b0d131d1f5f9e9e68a3ee266d2 3496c55cca76fb6a9fcbd5be9bdcdb6641fcf481db7b2ff1e27d6c8742c135fe Loading...

	ajax.googleapis.com/ajax/libs/jquery/1.11.1/jquery.min.js	96 kB	2023-03-07	2024-05-23
Pretty URL ajax.googleapis.com/ajax/libs/jquery/1.11.1/jquery.min.js IP 142.250.74.42 ASN #15169 GOOGLE Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:02:02 Last Seen2024-05-23 05:21:13 Times Seen48377 Hash 8101d596b2b8fa35fe3a634ea342d7c3 d6c1f41972de07b09bfa63d2e50f9ab41ec372bd 540bc6dec1dd4b92ea4d3fb903f69eabf6d919afd48f4e312b163c28cff0f441 Loading...

	cdn.jsdelivr.net/npm/bootstrap@5.2.2/dist/js/bootstrap.min.js	60 kB	2023-03-08	2024-05-23
Pretty URL cdn.jsdelivr.net/npm/bootstrap@5.2.2/dist/js/bootstrap.min.js IP 151.101.65.229 ASN #54113 FASTLY Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-08 20:35:41 Last Seen2024-05-23 00:54:11 Times Seen1470 Hash c5236e5d6a5d0ff97ff8c8e5102c6c03 6fbfdbddbe85c578de559adcc8d07cccbc16d514 87538c4b7e488f5a49d12f98d6a04afc61d00f26a790f319569799acd434eb65 Loading...

	subscribe.goodlifestylenews.com/?email=tammy.j.lanctot@abc12.com&redirect_id=45314&bid=17&ses_id=6a1742a83d17b3e1e0f0bc710d5a94be	641 B	2023-05-08	2024-05-23
Pretty URL subscribe.goodlifestylenews.com/?email=tammy.j.lanctot@abc12.com&redirect_id=45314&bid=17&ses_id=6a1742a83d17b3e1e0f0bc710d5a94be IP 104.21.30.61 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML true Observations First Seen2023-05-08 14:36:52 Last Seen2024-05-23 00:54:11 Times Seen411 Hash c2855664f7a14ee99090a0366d9d1e03 35ba8e0f5b5181a8df832c0e12774a761d465dda bf66df111d26d4ef5b3e5df0f4df141fe5d7632260cb83308bfed72caf323af0 Loading...

	subscribe.goodlifestylenews.com/?email=tammy.j.lanctot@abc12.com&redirect_id=45314&bid=17&ses_id=6a1742a83d17b3e1e0f0bc710d5a94be	1.3 kB	2024-05-11	2024-05-11
Pretty URL subscribe.goodlifestylenews.com/?email=tammy.j.lanctot@abc12.com&redirect_id=45314&bid=17&ses_id=6a1742a83d17b3e1e0f0bc710d5a94be IP 104.21.30.61 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML true Observations First Seen2024-05-11 04:18:47 Last Seen2024-05-11 04:18:47 Times Seen1 Hash 6a7c8b8c59ab429db03181fe9f677f3b 69dbf537c313ec18670e52fb4acd4cdd5f607854 85bf9decb78080c1c41cc34db3b2a73bcc897649e9406c2aad4d72fc9378f6a2 Loading...

HTTP Transactions (31)

URL IP Response Size

go.goodlifestylenews.com/

172.67.172.49

143 B

URL
go.goodlifestylenews.com/
IP
172.67.172.49:0
ASN
#13335 CLOUDFLARENET

File type
HTML document, ASCII text
Size
143 B (143 bytes)
Hash
f1fb042c62910c34be16ad91cbbd71fa
5bc7aceba9a8704ef4b1d427d7d08b140afcd866
9278d16ed2fdcd5dc651615b0b8adc6b55fb667a9d106a9891b861d4561d9a24

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET / HTTP/1.1
Host: go.goodlifestylenews.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Date: Sat, 11 May 2024 01:17:48 GMT
Content-Type: text/html
Transfer-Encoding: chunked
Connection: keep-alive
Last-Modified: Tue, 14 Nov 2023 15:41:05 GMT
Cache-Control: no-cache, no-store, must-revalidate
Expires: 0
Vary: Accept-Encoding,User-Agent
Pragma: no-cache
CF-Cache-Status: DYNAMIC
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=rOWXbL7HuffhmO4hbSbY7v0ux15HIL74jFGyNmouhgmPTyc%2BAVbx1zApUUo9ol%2Br1%2B2RqYHThJv9saZMD7kTm9zYNsaedp3StoByZi1WDqJvVd3kkmwYhfFYdaUTWKGZ0xvsRCK%2FJgpElIM%3D"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Server: cloudflare
CF-RAY: 881e54d5ebd5b524-OSL
Content-Encoding: gzip
alt-svc: h2=":443"; ma=60

subscribe.goodlifestylenews.com/?email=tammy.j.lanctot@abc12.com&redirect_id=45314&bid=17

104.21.30.61

302 Found

39 kB

URL User Request GET HTTP/3
subscribe.goodlifestylenews.com/?email=tammy.j.lanctot@abc12.com&redirect_id=45314&bid=17
IP
104.21.30.61:443
ASN
#13335 CLOUDFLARENET

Certificate
IssuerGoogle Trust Services LLC
Subjectgoodlifestylenews.com
FingerprintCF:D4:62:67:0B:FC:CB:36:EF:53:02:EB:06:FE:15:35:2F:53:53:40
ValidityThu, 21 Mar 2024 14:09:53 GMT - Wed, 19 Jun 2024 14:09:52 GMT

File type
data
Size
39 kB (38879 bytes)
Hash
fdcbc31bc77ac1a34a0744fc32394d9d
7c43b4f5f1fb8816579210960cdb0d1031d01c46
5673416a81a3be8827d297c6db9fbcd12aad87f83cb5b6fe3b636d6ccda34a5f

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /?email=tammy.j.lanctot@abc12.com&redirect_id=45314&bid=17 HTTP/1.1
Host: subscribe.goodlifestylenews.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/3 302 Found
date: Sat, 11 May 2024 01:17:48 GMT
content-type: text/html; charset=UTF-8
location: https://subscribe.goodlifestylenews.com/?email=tammy.j.lanctot@abc12.com&redirect_id=45314&bid=17&ses_id=6a1742a83d17b3e1e0f0bc710d5a94be
access-control-allow-origin: *
access-control-allow-methods: GET, POST
access-control-allow-headers: X-Requested-With
expires: Thu, 19 Nov 1981 08:52:00 GMT
cache-control: no-store, no-cache, must-revalidate
pragma: no-cache
set-cookie: PHPSESSID=68b1fd25bd914e3e85bfc80d61d38ac1; path=/
vary: Accept-Encoding,User-Agent
cf-cache-status: DYNAMIC
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=LYneh4a8K9OJxzdasRNAGW4q0mdHwTRWYcyLL3baIf%2BjiDzzNwOLSZp0PqDLW07%2BI2YEefFpECVfewJ33zPL7feSXhrAezLZ0WtTPh4Jvicxeq5T4oT4iKc0Qind0BXw7VQJReUtb5%2FjFJM9JRGx%2FYud"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 881e54cdcafe712a-OSL
alt-svc: h3=":443"; ma=86400

subscribe.goodlifestylenews.com/jquery.mobilePhoneNumber.js

172.67.172.49

200 OK

4.4 kB

URL GET HTTP/1.1
subscribe.goodlifestylenews.com/jquery.mobilePhoneNumber.js
IP
172.67.172.49:80
ASN
#13335 CLOUDFLARENET

Requested by
http://subscribe.goodlifestylenews.com/?email=tammy.j.lanctot@abc12.com&redirect_id=45314&bid=17&ses_id=6a1742a83d17b3e1e0f0bc710d5a94be

File type
JavaScript source, ASCII text
Size
4.4 kB (4430 bytes)
Hash
0dbbb5873b895ea3be425af219cf85de
7b9dba563376d7dbd1c5b9b7064ab87eadad5591
02cbbdeb2244fd2855c49ab964c15001bde126c21cc5890d176c537878d6152b

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /jquery.mobilePhoneNumber.js HTTP/1.1
Host: subscribe.goodlifestylenews.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
DNT: 1
Connection: keep-alive
Referer: http://subscribe.goodlifestylenews.com/?email=tammy.j.lanctot@abc12.com&redirect_id=45314&bid=17&ses_id=6a1742a83d17b3e1e0f0bc710d5a94be
Cookie: PHPSESSID=68b1fd25bd914e3e85bfc80d61d38ac1
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Date: Sat, 11 May 2024 01:17:49 GMT
Content-Type: application/javascript
Content-Length: 4430
Connection: keep-alive
Last-Modified: Tue, 21 Feb 2023 09:39:45 GMT
Cache-Control: max-age=2592000
Expires: Fri, 31 May 2024 00:22:16 GMT
Vary: Accept-Encoding,User-Agent
Content-Encoding: gzip
CF-Cache-Status: HIT
Age: 867333
Accept-Ranges: bytes
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=G0xGX%2FOADDla7Lx3tlpuDQoNjNpOdasXdjfTaxHS0xjB5b8YHEUIW2imkQkS896Wh8Oq4MGzlzuvK1KTZzZDprYKZi69NQXHzIHSiquWJp%2B8ghWatabKh4Dl9mZv79lejjh%2FLPKiaFgrdh9WjrfWw6DO"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Server: cloudflare
CF-RAY: 881e54e2d8af56a8-OSL
alt-svc: h2=":443"; ma=60

ajax.googleapis.com/ajax/libs/jquery/1.11.1/jquery.min.js

142.250.74.42

200 OK

33 kB

URL GET HTTP/2
ajax.googleapis.com/ajax/libs/jquery/1.11.1/jquery.min.js
IP
142.250.74.42:443
ASN
#15169 GOOGLE

Requested by
http://subscribe.goodlifestylenews.com/?email=tammy.j.lanctot@abc12.com&redirect_id=45314&bid=17&ses_id=6a1742a83d17b3e1e0f0bc710d5a94be
Certificate
IssuerGoogle Trust Services LLC
Subjectupload.video.google.com
Fingerprint36:49:20:36:0C:4D:DA:55:65:64:23:0F:49:3E:FA:78:87:35:A3:79
ValidityTue, 16 Apr 2024 04:17:12 GMT - Tue, 09 Jul 2024 04:17:11 GMT

File type
JavaScript source, ASCII text, with very long lines (32086)
Size
33 kB (33434 bytes)
Hash
8101d596b2b8fa35fe3a634ea342d7c3
d6c1f41972de07b09bfa63d2e50f9ab41ec372bd
540bc6dec1dd4b92ea4d3fb903f69eabf6d919afd48f4e312b163c28cff0f441

HTTP Headers

GET /ajax/libs/jquery/1.11.1/jquery.min.js HTTP/1.1
Host: ajax.googleapis.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: http://subscribe.goodlifestylenews.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
accept-ranges: bytes
content-encoding: gzip
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/hosted-libraries-pushers
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="hosted-libraries-pushers"
report-to: {"group":"hosted-libraries-pushers","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/hosted-libraries-pushers"}]}
timing-allow-origin: *
content-length: 33434
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Sun, 05 May 2024 09:25:34 GMT
expires: Mon, 05 May 2025 09:25:34 GMT
cache-control: public, max-age=31536000, stale-while-revalidate=2592000
last-modified: Tue, 03 Mar 2020 19:15:00 GMT
content-type: text/javascript; charset=UTF-8
vary: Accept-Encoding
age: 489135
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2

subscriberwelcome.com/uploads/0.4350600016769076711fa4a4d9-a4f8-451c-8bdc-8c541c15cb77.jpg

172.67.155.79

200 OK

144 kB

URL GET HTTP/2
subscriberwelcome.com/uploads/0.4350600016769076711fa4a4d9-a4f8-451c-8bdc-8c541c15cb77.jpg
IP
172.67.155.79:443
ASN
#13335 CLOUDFLARENET

Requested by
http://subscribe.goodlifestylenews.com/?email=tammy.j.lanctot@abc12.com&redirect_id=45314&bid=17&ses_id=6a1742a83d17b3e1e0f0bc710d5a94be
Certificate
IssuerGoogle Trust Services LLC
Subjectsubscriberwelcome.com
FingerprintC8:3F:88:99:86:9B:20:E9:77:44:04:5F:4D:C8:B8:D2:23:5F:C5:D2
ValidityMon, 06 May 2024 01:45:00 GMT - Sun, 04 Aug 2024 01:44:59 GMT

File type
JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 966x1449, components 3
Size
144 kB (144253 bytes)
Hash
e7eb0da863b2d3ead5846cdc3263a233
138225ea3d8ff08f07b046b858bf46bf2bba2e96
ff19a64983ac2748d6b8361212f1fc41814e1acd0d157ee9c736bbd2a4a03180

HTTP Headers

GET /uploads/0.4350600016769076711fa4a4d9-a4f8-451c-8bdc-8c541c15cb77.jpg HTTP/1.1
Host: subscriberwelcome.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: http://subscribe.goodlifestylenews.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
date: Sat, 11 May 2024 01:17:49 GMT
content-type: image/jpeg
content-length: 144253
last-modified: Mon, 20 Feb 2023 15:41:11 GMT
cache-control: max-age=14400
cf-cache-status: HIT
age: 5
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=3BfKSEwKUTFAu%2B3KJ4aGJG1DwaKFU84HooelfwPgjcien5DB%2FhJ%2B%2F1IBchDv%2B8h2LkVtJ57QrXodJN73UzGz7WwhrZ1MFHUc8qMLkTOTB5BbtXHp7Pugr4J6HY4uupVxyzswAuijnwA%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 881e54e33e17b50f-OSL
alt-svc: h3=":443"; ma=86400
X-Firefox-Spdy: h2

subscriberwelcome.com/uploads/0.204734001673521892LifeAfterUkraine.jpeg

172.67.155.79

200 OK

400 kB

URL GET HTTP/2
subscriberwelcome.com/uploads/0.204734001673521892LifeAfterUkraine.jpeg
IP
172.67.155.79:443
ASN
#13335 CLOUDFLARENET

Requested by
http://subscribe.goodlifestylenews.com/?email=tammy.j.lanctot@abc12.com&redirect_id=45314&bid=17&ses_id=6a1742a83d17b3e1e0f0bc710d5a94be
Certificate
IssuerGoogle Trust Services LLC
Subjectsubscriberwelcome.com
FingerprintC8:3F:88:99:86:9B:20:E9:77:44:04:5F:4D:C8:B8:D2:23:5F:C5:D2
ValidityMon, 06 May 2024 01:45:00 GMT - Sun, 04 Aug 2024 01:44:59 GMT

File type
JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, baseline, precision 8, 2550x3300, components 3
Size
400 kB (400505 bytes)
Hash
b9a9621a927a5b9a9c71fdbb53bf8991
9c4cc398edb33da6a79e62701867cbf7fed4056d
d0342e1b39e1c9b80bfb574b18e0a5d9f9cf00e00ca7cf3b2ce1ded70f3bb9ab

HTTP Headers

GET /uploads/0.204734001673521892LifeAfterUkraine.jpeg HTTP/1.1
Host: subscriberwelcome.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: http://subscribe.goodlifestylenews.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
date: Sat, 11 May 2024 01:17:49 GMT
content-type: image/jpeg
content-length: 400505
last-modified: Thu, 12 Jan 2023 11:11:32 GMT
cache-control: max-age=14400
cf-cache-status: HIT
age: 5
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=%2By281jG2xFd%2BLmrvc9OBR8Qqz48RCu0E4Jq8EMclUIoGBW2HWvD3vZT%2Bjl8F1xJ3jIf5Vt3RQMi09iYMjCRWq6RE2VPTVpqUDIWp9qajB2HC25EU5gSd96CvopYRtRPYWoe8uau0hv0%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 881e54e33e20b50f-OSL
alt-svc: h3=":443"; ma=86400
X-Firefox-Spdy: h2

cdn.jsdelivr.net/npm/bootstrap@5.2.2/dist/css/bootstrap.min.css

151.101.65.229

200 OK

30 kB

URL GET HTTP/2
cdn.jsdelivr.net/npm/bootstrap@5.2.2/dist/css/bootstrap.min.css
IP
151.101.65.229:443
ASN
#54113 FASTLY

Requested by
http://subscribe.goodlifestylenews.com/?email=tammy.j.lanctot@abc12.com&redirect_id=45314&bid=17&ses_id=6a1742a83d17b3e1e0f0bc710d5a94be
Certificate
IssuerGlobalSign nv-sa
Subjectjsdelivr.net
Fingerprint05:87:2C:BA:73:14:21:54:82:00:8B:AD:85:8F:E9:C6:4D:C7:66:09
ValidityWed, 27 Sep 2023 18:13:13 GMT - Mon, 28 Oct 2024 18:13:12 GMT

File type
Unicode text, UTF-8 text, with very long lines (65305)
Size
30 kB (30336 bytes)
Hash
025df1ec88740cad5ff14bb3380da6dd
7abed070e37ce060c0a561575f1d41a7f248fc74
2143941c03dacda8b4f1016ced6e0c6f34e5c04585a3bcffe33c3c626c448a4a

HTTP Headers

GET /npm/bootstrap@5.2.2/dist/css/bootstrap.min.css HTTP/1.1
Host: cdn.jsdelivr.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: http://subscribe.goodlifestylenews.com
DNT: 1
Connection: keep-alive
Referer: http://subscribe.goodlifestylenews.com/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
access-control-allow-origin: *
access-control-expose-headers: *
timing-allow-origin: *
cache-control: public, max-age=31536000, s-maxage=31536000, immutable
cross-origin-resource-policy: cross-origin
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-type: text/css; charset=utf-8
x-jsd-version: 5.2.2
x-jsd-version-type: version
etag: W/"2f955-er7QcON84GDApWFXXx1Bp/JI/HQ"
content-encoding: br
accept-ranges: bytes
date: Sat, 11 May 2024 01:17:49 GMT
age: 22035842
x-served-by: cache-fra-eddf8230072-FRA, cache-hel1410029-HEL
x-cache: HIT, HIT
vary: Accept-Encoding
alt-svc: h3=":443";ma=86400,h3-29=":443";ma=86400,h3-27=":443";ma=86400
content-length: 30336
X-Firefox-Spdy: h2

cdn.jsdelivr.net/npm/bootstrap@5.2.2/dist/js/bootstrap.min.js

151.101.65.229

200 OK

17 kB

URL GET HTTP/2
cdn.jsdelivr.net/npm/bootstrap@5.2.2/dist/js/bootstrap.min.js
IP
151.101.65.229:443
ASN
#54113 FASTLY

Requested by
http://subscribe.goodlifestylenews.com/?email=tammy.j.lanctot@abc12.com&redirect_id=45314&bid=17&ses_id=6a1742a83d17b3e1e0f0bc710d5a94be
Certificate
IssuerGlobalSign nv-sa
Subjectjsdelivr.net
Fingerprint05:87:2C:BA:73:14:21:54:82:00:8B:AD:85:8F:E9:C6:4D:C7:66:09
ValidityWed, 27 Sep 2023 18:13:13 GMT - Mon, 28 Oct 2024 18:13:12 GMT

File type
JavaScript source, ASCII text, with very long lines (60201)
Size
17 kB (17366 bytes)
Hash
c5236e5d6a5d0ff97ff8c8e5102c6c03
6fbfdbddbe85c578de559adcc8d07cccbc16d514
87538c4b7e488f5a49d12f98d6a04afc61d00f26a790f319569799acd434eb65

HTTP Headers

GET /npm/bootstrap@5.2.2/dist/js/bootstrap.min.js HTTP/1.1
Host: cdn.jsdelivr.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: http://subscribe.goodlifestylenews.com
DNT: 1
Connection: keep-alive
Referer: http://subscribe.goodlifestylenews.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
access-control-allow-origin: *
access-control-expose-headers: *
timing-allow-origin: *
cache-control: public, max-age=31536000, s-maxage=31536000, immutable
cross-origin-resource-policy: cross-origin
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-type: application/javascript; charset=utf-8
x-jsd-version: 5.2.2
x-jsd-version-type: version
etag: W/"ec40-b7/b3b6FxXjeVZrcyNB8zLwW1RQ"
content-encoding: br
accept-ranges: bytes
date: Sat, 11 May 2024 01:17:49 GMT
age: 3023232
x-served-by: cache-fra-etou8220032-FRA, cache-hel1410029-HEL
x-cache: HIT, HIT
vary: Accept-Encoding
alt-svc: h3=":443";ma=86400,h3-29=":443";ma=86400,h3-27=":443";ma=86400
content-length: 17366
X-Firefox-Spdy: h2

subscriberwelcome.com/uploads/0.1663680016738854302D2(1).jpg

172.67.155.79

200 OK

1.1 MB

URL GET HTTP/2
subscriberwelcome.com/uploads/0.1663680016738854302D2(1).jpg
IP
172.67.155.79:443
ASN
#13335 CLOUDFLARENET

Requested by
http://subscribe.goodlifestylenews.com/?email=tammy.j.lanctot@abc12.com&redirect_id=45314&bid=17&ses_id=6a1742a83d17b3e1e0f0bc710d5a94be
Certificate
IssuerGoogle Trust Services LLC
Subjectsubscriberwelcome.com
FingerprintC8:3F:88:99:86:9B:20:E9:77:44:04:5F:4D:C8:B8:D2:23:5F:C5:D2
ValidityMon, 06 May 2024 01:45:00 GMT - Sun, 04 Aug 2024 01:44:59 GMT

File type
JPEG image data, Exif standard: [TIFF image data, big-endian, direntries=7, orientation=upper-left, xresolution=98, yresolution=106, resolutionunit=2, software=Adobe Photoshop 24.0 (Windows), datetime=2023:01:10 16:36:41], baseline, precision 8, 1800x2700, components 3
Size
1.1 MB (1114284 bytes)
Hash
b02e84cdcd5a3e55ded5e64dfd307124
bfaad4b8b4b1b1fafffeda314b8868c94e7280c8
d67985993c18e2a7b22a4193c0613a65096b3376d64539feb646739798d2cf5c

HTTP Headers

GET /uploads/0.1663680016738854302D2(1).jpg HTTP/1.1
Host: subscriberwelcome.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: http://subscribe.goodlifestylenews.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
date: Sat, 11 May 2024 01:17:49 GMT
content-type: image/jpeg
content-length: 1114284
last-modified: Mon, 16 Jan 2023 16:10:30 GMT
cache-control: max-age=14400
cf-cache-status: HIT
age: 5
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=gI6aPSjXFZqG6p3dmVTlk%2FaQCuh1OwsEbUKazw6HwArVGc88C4dq1dYroBzyXx3sqSFSKFiFBsicK2ksjH2zgI5XEk%2BvmILn3LzOSHgcZec4uexbGIB%2B7o6tMaUFcxJcX9z7KpMygjE%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 881e54e33e1cb50f-OSL
alt-svc: h3=":443"; ma=86400
X-Firefox-Spdy: h2

subscriberwelcome.com/uploads/0.1721950016738853872D1(1).jpg

172.67.155.79

200 OK

1.3 MB

URL GET HTTP/2
subscriberwelcome.com/uploads/0.1721950016738853872D1(1).jpg
IP
172.67.155.79:443
ASN
#13335 CLOUDFLARENET

Requested by
http://subscribe.goodlifestylenews.com/?email=tammy.j.lanctot@abc12.com&redirect_id=45314&bid=17&ses_id=6a1742a83d17b3e1e0f0bc710d5a94be
Certificate
IssuerGoogle Trust Services LLC
Subjectsubscriberwelcome.com
FingerprintC8:3F:88:99:86:9B:20:E9:77:44:04:5F:4D:C8:B8:D2:23:5F:C5:D2
ValidityMon, 06 May 2024 01:45:00 GMT - Sun, 04 Aug 2024 01:44:59 GMT

File type
JPEG image data, Exif standard: [TIFF image data, big-endian, direntries=7, orientation=upper-left, xresolution=98, yresolution=106, resolutionunit=2, software=Adobe Photoshop 24.0 (Windows), datetime=2023:01:07 00:05:06], baseline, precision 8, 1800x2700, components 3
Size
1.3 MB (1288007 bytes)
Hash
91e68c3d20f4e55b01fdbaa834b4e4e6
e54e4ea7f042d2124aa1be976a6fe9d708bb4f9f
3cab775e25b68c23b905d547373476f046b0101e7cfdbd6f016e302f5a429988

HTTP Headers

GET /uploads/0.1721950016738853872D1(1).jpg HTTP/1.1
Host: subscriberwelcome.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: http://subscribe.goodlifestylenews.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
date: Sat, 11 May 2024 01:17:49 GMT
content-type: image/jpeg
content-length: 1288007
last-modified: Mon, 16 Jan 2023 16:09:47 GMT
cache-control: max-age=14400
cf-cache-status: HIT
age: 5
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=sdroZfH4%2BHQxGIwm8bKSH%2Fznl6RKFVoZD4l8aab%2FoGIqwfMqFLAbFnUDu%2BZE%2FzLUdxSin%2By05f2Gt1ZOozzQMPk5vuUTnv5Wzgo4KFlmbKkAbJZ%2FBsIPu8WT88O6mEMqmRmUnm%2FrTNY%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 881e54e33e1ab50f-OSL
alt-svc: h3=":443"; ma=86400
X-Firefox-Spdy: h2

www.googletagmanager.com/gtag/js?id=G-WJJ5P9F2X8

142.250.74.168

200 OK

102 kB

URL GET HTTP/2
www.googletagmanager.com/gtag/js?id=G-WJJ5P9F2X8
IP
142.250.74.168:443
ASN
#15169 GOOGLE

Requested by
http://subscribe.goodlifestylenews.com/?email=tammy.j.lanctot@abc12.com&redirect_id=45314&bid=17&ses_id=6a1742a83d17b3e1e0f0bc710d5a94be
Certificate
IssuerGoogle Trust Services LLC
Subject*.google-analytics.com
Fingerprint93:6B:D2:9D:92:BE:2D:D8:02:67:82:83:5E:EF:A3:F9:13:F3:26:AE
ValidityTue, 16 Apr 2024 03:18:45 GMT - Tue, 09 Jul 2024 03:18:44 GMT

File type
JavaScript source, ASCII text, with very long lines (5955)
Size
102 kB (102185 bytes)
Hash
deea13f87535b4df31e1f7cac68d4f67
13c953ae5472c1b0d131d1f5f9e9e68a3ee266d2
3496c55cca76fb6a9fcbd5be9bdcdb6641fcf481db7b2ff1e27d6c8742c135fe

HTTP Headers

GET /gtag/js?id=G-WJJ5P9F2X8 HTTP/1.1
Host: www.googletagmanager.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: http://subscribe.goodlifestylenews.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
content-encoding: br
vary: Accept-Encoding
date: Sat, 11 May 2024 01:17:50 GMT
expires: Sat, 11 May 2024 01:17:50 GMT
cache-control: private, max-age=900
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
server: Google Tag Manager
content-length: 102185
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2

subscribe.goodlifestylenews.com/jquery.caret.js

104.21.30.61

200 OK

716 B

URL GET HTTP/1.1
subscribe.goodlifestylenews.com/jquery.caret.js
IP
104.21.30.61:80
ASN
#13335 CLOUDFLARENET

Requested by
http://subscribe.goodlifestylenews.com/?email=tammy.j.lanctot@abc12.com&redirect_id=45314&bid=17&ses_id=6a1742a83d17b3e1e0f0bc710d5a94be

File type
JavaScript source, ASCII text, with CRLF line terminators
Size
716 B (716 bytes)
Hash
35c3ec8db4ff6e862db42516436216a1
7d9d7731403868cc34edaad1d9e17311541a6f77
adef482d97f599ba0e720ecf2aba0581ea1591ba1bb1eb271f1d98b279ff81ba

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /jquery.caret.js HTTP/1.1
Host: subscribe.goodlifestylenews.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
DNT: 1
Connection: keep-alive
Referer: http://subscribe.goodlifestylenews.com/?email=tammy.j.lanctot@abc12.com&redirect_id=45314&bid=17&ses_id=6a1742a83d17b3e1e0f0bc710d5a94be
Cookie: PHPSESSID=68b1fd25bd914e3e85bfc80d61d38ac1
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Date: Sat, 11 May 2024 01:17:50 GMT
Content-Type: application/javascript
Content-Length: 716
Connection: keep-alive
Last-Modified: Tue, 21 Feb 2023 09:39:45 GMT
Cache-Control: max-age=2592000
Expires: Mon, 10 Jun 2024 01:17:49 GMT
Vary: Accept-Encoding,User-Agent
Content-Encoding: gzip
CF-Cache-Status: MISS
Accept-Ranges: bytes
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=TEtdFpsn6Fe6E6kAA28BuxAwR9w9stASlrBGDO1PC8ivmPH8xB4%2F2UI5iAxtbPawO%2FRk7NuPJtEua%2Bxw3%2BzA3uWmEcsjJyN%2FRLx3TRs7tnGrovfoLEGAHqmPBa0bj8OB5dvvRT2d1%2BS%2FSdksIMJCt5Nb"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Server: cloudflare
CF-RAY: 881e54e2df3f7131-OSL
alt-svc: h2=":443"; ma=60

fonts.gstatic.com/s/roboto/v30/KFOmCnqEu92Fr1Mu4mxK.woff2

216.58.207.227

200 OK

16 kB

URL GET HTTP/2
fonts.gstatic.com/s/roboto/v30/KFOmCnqEu92Fr1Mu4mxK.woff2
IP
216.58.207.227:443
ASN
#15169 GOOGLE

Requested by
http://subscribe.goodlifestylenews.com/?email=tammy.j.lanctot@abc12.com&redirect_id=45314&bid=17&ses_id=6a1742a83d17b3e1e0f0bc710d5a94be
Certificate
IssuerGoogle Trust Services LLC
Subject*.gstatic.com
Fingerprint15:DD:05:B3:2F:D8:E3:54:C9:B4:FA:E4:AC:01:ED:C8:E1:EA:A7:AD
ValidityTue, 16 Apr 2024 04:17:07 GMT - Tue, 09 Jul 2024 04:17:06 GMT

File type
Web Open Font Format (Version 2), TrueType, length 15744, version 1.0
Size
16 kB (15744 bytes)
Hash
15d9f621c3bd1599f0169dcf0bd5e63e
7ca9c5967f3bb8bffeab24b639b49c1e7d03fa52
f6734f8177112c0839b961f96d813fcb189d81b60e96c33278c1983b6f419615

HTTP Headers

GET /s/roboto/v30/KFOmCnqEu92Fr1Mu4mxK.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: http://subscribe.goodlifestylenews.com
DNT: 1
Connection: keep-alive
Referer: https://fonts.googleapis.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 15744
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Sat, 04 May 2024 09:28:37 GMT
expires: Sun, 04 May 2025 09:28:37 GMT
cache-control: public, max-age=31536000
last-modified: Wed, 11 May 2022 19:24:48 GMT
content-type: font/woff2
age: 575354
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2

verifiedsecure.org/uploads/0.442373001673954581K_Sa3Nyg.png

104.26.8.206

200 OK

251 B

URL GET HTTP/2
verifiedsecure.org/uploads/0.442373001673954581K_Sa3Nyg.png
IP
104.26.8.206:443
ASN
#13335 CLOUDFLARENET

Requested by
http://subscribe.goodlifestylenews.com/?email=tammy.j.lanctot@abc12.com&redirect_id=45314&bid=17&ses_id=6a1742a83d17b3e1e0f0bc710d5a94be
Certificate
IssuerGoogle Trust Services LLC
Subjectverifiedsecure.org
FingerprintA0:39:56:47:2D:24:66:40:29:81:A2:DA:5B:19:04:77:07:A6:BA:B3
ValidityThu, 04 Apr 2024 23:26:29 GMT - Wed, 03 Jul 2024 23:26:28 GMT

File type
HTML document, ASCII text
Size
251 B (251 bytes)
Hash
73816d82cca56c187674258ec5b7bd5a
cd989502a8b941226bb7e5ddc0ff0b62621e701f
cc2b540f494c9f0eb7c7f31880eec48518729e92ffa9e7081eb70193baa985a5

HTTP Headers

GET /uploads/0.442373001673954581K_Sa3Nyg.png HTTP/1.1
Host: verifiedsecure.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
DNT: 1
Connection: keep-alive
Referer: http://subscribe.goodlifestylenews.com/
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 302 Found
Date: Sat, 11 May 2024 01:17:51 GMT
Content-Type: text/html; charset=iso-8859-1
Transfer-Encoding: chunked
Connection: keep-alive
Location: https://verifiedsecure.org/uploads/0.442373001673954581K_Sa3Nyg.png
Cache-Control: max-age=14400
Expires: Sat, 11 May 2024 01:27:49 GMT
CF-Cache-Status: MISS
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=bz3R%2F9WNV3JS%2BIYamTZ8%2FlJt%2FfY3crJNgdQVmbpGvMJMiznKsaC4pQo48hXoIqkdFu4S8tJhkpn2%2FXXUcQZx0Eop6KbSFzOFyV9otYRjkmQi0bUspcQ3P8NzOzXFkFkcsHX6%2BA%3D%3D"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 881e54e9081f5687-OSL
alt-svc: h2=":443"; ma=60

s3.us-east-1.amazonaws.com/autonewsuploads/czNmcy1wcml2YXRlL3Jhd3BpeGVsX2ltYWdlcy93ZWJzaXRlX2NvbnRlbnQvbHIvc2s4MDQ4LWltYWdlLWt3dnVreG9tLmpwZw.jpge7f332881ff283b6829e94415993a95d17132665016cdca8a23789d4b3362512373eef3417

54.231.230.232

200 OK

74 kB

URL GET HTTP/1.1
s3.us-east-1.amazonaws.com/autonewsuploads/czNmcy1wcml2YXRlL3Jhd3BpeGVsX2ltYWdlcy93ZWJzaXRlX2NvbnRlbnQvbHIvc2s4MDQ4LWltYWdlLWt3dnVreG9tLmpwZw.jpge7f332881ff283b6829e94415993a95d17132665016cdca8a23789d4b3362512373eef3417
IP
54.231.230.232:443
ASN
#16509 AMAZON-02

Requested by
http://subscribe.goodlifestylenews.com/?email=tammy.j.lanctot@abc12.com&redirect_id=45314&bid=17&ses_id=6a1742a83d17b3e1e0f0bc710d5a94be

File type
JPEG image data, Exif standard: [TIFF image data, big-endian, direntries=6, orientation=upper-left, xresolution=86, yresolution=94, resolutionunit=2], baseline, precision 8, 1000x668, components 3
Size
74 kB (73918 bytes)
Hash
7fe2d33d531815585c8c1d4c5867d4a3
35500f4fa795b49f47137c0532ab07e600d82f8c
e295b46a6cabf7a1d9a053ad5cd21a7a610c44cfaf7eee8b46638a554fc27b73

HTTP Headers

GET /autonewsuploads/czNmcy1wcml2YXRlL3Jhd3BpeGVsX2ltYWdlcy93ZWJzaXRlX2NvbnRlbnQvbHIvc2s4MDQ4LWltYWdlLWt3dnVreG9tLmpwZw.jpge7f332881ff283b6829e94415993a95d17132665016cdca8a23789d4b3362512373eef3417 HTTP/1.1
Host: s3.us-east-1.amazonaws.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: http://subscribe.goodlifestylenews.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
x-amz-id-2: qlxlTMAJjGyAL6IDjIvbc80FkDmULTVTI3epaFGRS1Ea1oAYu6lHNv4p2/fbOv0asNzUK/WOIpw=
x-amz-request-id: 9G3ZZ60Q4RNBS3PF
Date: Sat, 11 May 2024 01:17:51 GMT
Last-Modified: Tue, 16 Apr 2024 11:21:44 GMT
ETag: "7fe2d33d531815585c8c1d4c5867d4a3"
x-amz-storage-class: REDUCED_REDUNDANCY
x-amz-server-side-encryption: AES256
Accept-Ranges: bytes
Content-Type: application/octet-stream
Server: AmazonS3
Content-Length: 73918

s3.us-east-1.amazonaws.com/autonewsuploads/ETakeOverVSL03241.jpg7a887b2a6b36cb6e24e3c0470d5db8b5171076417718420dd7c15c8c09f7e5ddcfa507ceb0

54.231.230.232

200 OK

114 kB

URL GET HTTP/1.1
s3.us-east-1.amazonaws.com/autonewsuploads/ETakeOverVSL03241.jpg7a887b2a6b36cb6e24e3c0470d5db8b5171076417718420dd7c15c8c09f7e5ddcfa507ceb0
IP
54.231.230.232:443
ASN
#16509 AMAZON-02

Requested by
http://subscribe.goodlifestylenews.com/?email=tammy.j.lanctot@abc12.com&redirect_id=45314&bid=17&ses_id=6a1742a83d17b3e1e0f0bc710d5a94be
Certificate
IssuerAmazon
Subjects3.amazonaws.com
Fingerprint82:A2:80:27:89:C3:32:0E:1E:77:2D:6F:F3:3D:19:D3:97:36:BC:7C
ValidityThu, 08 Feb 2024 00:00:00 GMT - Sat, 11 Jan 2025 23:59:59 GMT

File type
JPEG image data, Exif standard: [TIFF image data, big-endian, direntries=2], baseline, precision 8, 1024x683, components 3
Size
114 kB (114051 bytes)
Hash
cb0f0fd1b6b7280d78ee706cf402338b
d76f624b5302d28b47e310e47745347f31a00d91
77ed40a47bb2bb4be0588c71c877968401ed449a1e1c4aa85b8dd9a2203c8163

HTTP Headers

GET /autonewsuploads/ETakeOverVSL03241.jpg7a887b2a6b36cb6e24e3c0470d5db8b5171076417718420dd7c15c8c09f7e5ddcfa507ceb0 HTTP/1.1
Host: s3.us-east-1.amazonaws.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: http://subscribe.goodlifestylenews.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
x-amz-id-2: SvNqmeuyOCHdRLpvkUGAobz0F1KI4AsxB06ejyGtJRhz+fPSn5Y/iNdgV82UvKhTsggF4cqW7/o=
x-amz-request-id: 9G3ZEA9F03A6M39N
Date: Sat, 11 May 2024 01:17:51 GMT
Last-Modified: Mon, 18 Mar 2024 12:16:19 GMT
ETag: "cb0f0fd1b6b7280d78ee706cf402338b"
x-amz-storage-class: REDUCED_REDUNDANCY
x-amz-server-side-encryption: AES256
Accept-Ranges: bytes
Content-Type: application/octet-stream
Server: AmazonS3
Content-Length: 114051

s3.us-east-1.amazonaws.com/autonewsuploads/Dog.jpg373f79dd8e889828c567164a9976eb5e1708518205a9047877ce8a792924271d491c1cfade

54.231.230.232

200 OK

5.7 kB

URL GET HTTP/1.1
s3.us-east-1.amazonaws.com/autonewsuploads/Dog.jpg373f79dd8e889828c567164a9976eb5e1708518205a9047877ce8a792924271d491c1cfade
IP
54.231.230.232:443
ASN
#16509 AMAZON-02

Requested by
http://subscribe.goodlifestylenews.com/?email=tammy.j.lanctot@abc12.com&redirect_id=45314&bid=17&ses_id=6a1742a83d17b3e1e0f0bc710d5a94be
Certificate
IssuerAmazon
Subjects3.amazonaws.com
Fingerprint82:A2:80:27:89:C3:32:0E:1E:77:2D:6F:F3:3D:19:D3:97:36:BC:7C
ValidityThu, 08 Feb 2024 00:00:00 GMT - Sat, 11 Jan 2025 23:59:59 GMT

File type
JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, baseline, precision 8, 251x201, components 3
Size
5.7 kB (5706 bytes)
Hash
1b14261d5910dd6d2c053f471cefbdc8
4c038b7b23227f71ce6de90ea5e23816b27e61d0
1440670bad97bfdb121adc3e25fe1125a8a037879dc27fbbc17889c3fbac8911

HTTP Headers

GET /autonewsuploads/Dog.jpg373f79dd8e889828c567164a9976eb5e1708518205a9047877ce8a792924271d491c1cfade HTTP/1.1
Host: s3.us-east-1.amazonaws.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: http://subscribe.goodlifestylenews.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
x-amz-id-2: kImhKuczUDZ6G/XjHcxsSLJ/kiyW7ZEjfWZ0CYpKEBz8Fq9UdbnFb0YBuyxgtVjVeTzWKe+2rPY=
x-amz-request-id: 5KE666D0D03KJE5W
Date: Sat, 11 May 2024 01:17:52 GMT
Last-Modified: Wed, 21 Feb 2024 12:23:27 GMT
ETag: "1b14261d5910dd6d2c053f471cefbdc8"
x-amz-storage-class: REDUCED_REDUNDANCY
x-amz-server-side-encryption: AES256
Accept-Ranges: bytes
Content-Type: application/octet-stream
Server: AmazonS3
Content-Length: 5706

verifiedsecure.org/uploads/0.442373001673954581K_Sa3Nyg.png

104.26.8.206

200 OK

36 kB

URL GET HTTP/2
verifiedsecure.org/uploads/0.442373001673954581K_Sa3Nyg.png
IP
104.26.8.206:443
ASN
#13335 CLOUDFLARENET

Requested by
http://subscribe.goodlifestylenews.com/?email=tammy.j.lanctot@abc12.com&redirect_id=45314&bid=17&ses_id=6a1742a83d17b3e1e0f0bc710d5a94be
Certificate
IssuerGoogle Trust Services LLC
Subjectverifiedsecure.org
FingerprintA0:39:56:47:2D:24:66:40:29:81:A2:DA:5B:19:04:77:07:A6:BA:B3
ValidityThu, 04 Apr 2024 23:26:29 GMT - Wed, 03 Jul 2024 23:26:28 GMT

File type
PNG image data, 3369 x 257, 8-bit/color RGBA, non-interlaced
Size
36 kB (35781 bytes)
Hash
724c1e2ab214eefe0271ee598af8749a
b99bb085dd791488b061c423223318345c590f24
bba2a6dbda4e6833f68c21d84c0f9a09180ae9595b238c982da300cf448ab78c

HTTP Headers

GET /uploads/0.442373001673954581K_Sa3Nyg.png HTTP/1.1
Host: verifiedsecure.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: http://subscribe.goodlifestylenews.com/
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
date: Sat, 11 May 2024 01:17:51 GMT
content-type: image/png
content-length: 35781
last-modified: Tue, 17 Jan 2023 11:23:01 GMT
cache-control: max-age=2592000
expires: Mon, 10 Jun 2024 01:17:44 GMT
cf-cache-status: HIT
age: 6
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=XIszX9MCAF2p6g1qcjoEVSklgRO1DWue34vV3Su24cDpQYvxJjAyeM1RTdqGkUt2A%2F%2FbUXMX3Ms0MNnWi1TPSdrkZJJ%2B%2Fohl6ncR1eGyBb8XjCsD%2ByzfqE0ykQTlqHEVGNFnog%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 881e54eb4f02568b-OSL
X-Firefox-Spdy: h2

s3.us-east-1.amazonaws.com/autonewsuploads/0_xMIObdsLB7XPfX6M.jpg831e6c0cac9852ee802169b318eafcc21703851588ea1d7d0705a741428b565fef908b1c90

54.231.230.232

200 OK

130 kB

URL GET HTTP/1.1
s3.us-east-1.amazonaws.com/autonewsuploads/0_xMIObdsLB7XPfX6M.jpg831e6c0cac9852ee802169b318eafcc21703851588ea1d7d0705a741428b565fef908b1c90
IP
54.231.230.232:443
ASN
#16509 AMAZON-02

Requested by
http://subscribe.goodlifestylenews.com/?email=tammy.j.lanctot@abc12.com&redirect_id=45314&bid=17&ses_id=6a1742a83d17b3e1e0f0bc710d5a94be
Certificate
IssuerAmazon
Subjects3.amazonaws.com
Fingerprint82:A2:80:27:89:C3:32:0E:1E:77:2D:6F:F3:3D:19:D3:97:36:BC:7C
ValidityThu, 08 Feb 2024 00:00:00 GMT - Sat, 11 Jan 2025 23:59:59 GMT

File type
JPEG image data, Exif standard: [TIFF image data, little-endian, direntries=5, orientation=upper-left, xresolution=74, yresolution=82, resolutionunit=2], baseline, precision 8, 800x550, components 3
Size
130 kB (130538 bytes)
Hash
81ed4e278b514ede42a3fa0bc59ae812
79ea6edc5c2326a174f137cdb092754eafa20d3f
bc9da136ab9d91bdf0e1a667dd123f362fa5ab2dd7f2ee22c9aaff3ebd619588

HTTP Headers

GET /autonewsuploads/0_xMIObdsLB7XPfX6M.jpg831e6c0cac9852ee802169b318eafcc21703851588ea1d7d0705a741428b565fef908b1c90 HTTP/1.1
Host: s3.us-east-1.amazonaws.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: http://subscribe.goodlifestylenews.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
x-amz-id-2: ihN8F08xYSFYTwLl/ioVO+yh2scMIcikDlSur0AlpcX5xTuS1hD8Q0CIKWLGfyWwZWBCXFAydJ0=
x-amz-request-id: 5KE0ZQB89A9RPK09
Date: Sat, 11 May 2024 01:17:52 GMT
Last-Modified: Fri, 29 Dec 2023 12:06:30 GMT
ETag: "81ed4e278b514ede42a3fa0bc59ae812"
x-amz-storage-class: REDUCED_REDUNDANCY
x-amz-server-side-encryption: AES256
Accept-Ranges: bytes
Content-Type: application/octet-stream
Server: AmazonS3
Content-Length: 130538

s3.us-east-1.amazonaws.com/autonewsuploads/goldmineee.png86aba4f8725a91fb9d4b86350a30b8c31710245718947df273c9e88260016da3c2127120f7

54.231.230.232

200 OK

561 kB

URL GET HTTP/1.1
s3.us-east-1.amazonaws.com/autonewsuploads/goldmineee.png86aba4f8725a91fb9d4b86350a30b8c31710245718947df273c9e88260016da3c2127120f7
IP
54.231.230.232:443
ASN
#16509 AMAZON-02

Requested by
http://subscribe.goodlifestylenews.com/?email=tammy.j.lanctot@abc12.com&redirect_id=45314&bid=17&ses_id=6a1742a83d17b3e1e0f0bc710d5a94be
Certificate
IssuerAmazon
Subjects3.amazonaws.com
Fingerprint82:A2:80:27:89:C3:32:0E:1E:77:2D:6F:F3:3D:19:D3:97:36:BC:7C
ValidityThu, 08 Feb 2024 00:00:00 GMT - Sat, 11 Jan 2025 23:59:59 GMT

File type
PNG image data, 614 x 409, 8-bit/color RGBA, non-interlaced
Size
561 kB (560765 bytes)
Hash
f91ad7273b5b81f89f8ecc79a36b224e
44ec7da7950214e8ba92598b16d327b554c94e7f
8cb22c0d6a2c9fca9a86bcf99986cceb1c1982963db42c2c2b119ed36111113a

HTTP Headers

GET /autonewsuploads/goldmineee.png86aba4f8725a91fb9d4b86350a30b8c31710245718947df273c9e88260016da3c2127120f7 HTTP/1.1
Host: s3.us-east-1.amazonaws.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: http://subscribe.goodlifestylenews.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
x-amz-id-2: q5HGHKVPprCdSwZg+M21oJneJNJI8OKqUOaDtu9rb/4zwIKCnedd702YIW0bsqbWyiTI/QuX+Iw=
x-amz-request-id: 9G3YAMBWAVAAF818
Date: Sat, 11 May 2024 01:17:51 GMT
Last-Modified: Tue, 12 Mar 2024 12:15:20 GMT
ETag: "f91ad7273b5b81f89f8ecc79a36b224e"
x-amz-storage-class: REDUCED_REDUNDANCY
x-amz-server-side-encryption: AES256
Accept-Ranges: bytes
Content-Type: application/octet-stream
Server: AmazonS3
Content-Length: 560765

s3.us-east-1.amazonaws.com/autonewsuploads/brain.jpg9d9229a2bf51f9d8a0adbdd30bd79b2d17141297609ec026998eb164a87c6d588761732ec1

54.231.230.232

200 OK

131 kB

URL GET HTTP/1.1
s3.us-east-1.amazonaws.com/autonewsuploads/brain.jpg9d9229a2bf51f9d8a0adbdd30bd79b2d17141297609ec026998eb164a87c6d588761732ec1
IP
54.231.230.232:443
ASN
#16509 AMAZON-02

Requested by
http://subscribe.goodlifestylenews.com/?email=tammy.j.lanctot@abc12.com&redirect_id=45314&bid=17&ses_id=6a1742a83d17b3e1e0f0bc710d5a94be
Certificate
IssuerAmazon
Subjects3.amazonaws.com
Fingerprint82:A2:80:27:89:C3:32:0E:1E:77:2D:6F:F3:3D:19:D3:97:36:BC:7C
ValidityThu, 08 Feb 2024 00:00:00 GMT - Sat, 11 Jan 2025 23:59:59 GMT

File type
JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 1200x800, components 3
Size
131 kB (131373 bytes)
Hash
4202bcc818bc37c8109abbc2d88a292c
0a648b5d892c119527aef492c864c7e1f9bf4b72
4b0ddaba2103853ea42cd2b2f4f78008c0ac890c91d5767dd8c045d37a469c78

HTTP Headers

GET /autonewsuploads/brain.jpg9d9229a2bf51f9d8a0adbdd30bd79b2d17141297609ec026998eb164a87c6d588761732ec1 HTTP/1.1
Host: s3.us-east-1.amazonaws.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: http://subscribe.goodlifestylenews.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
x-amz-id-2: 0fNloVALt7Oz9fT8ORJxfHQoyNtay0J4EIz7+Fc3Rww62ikyZpyhv1mRUy0z+fqiXsprzFvEFR4=
x-amz-request-id: 5KE04XM7T31D6C8R
Date: Sat, 11 May 2024 01:17:52 GMT
Last-Modified: Fri, 26 Apr 2024 11:09:22 GMT
ETag: "4202bcc818bc37c8109abbc2d88a292c"
x-amz-storage-class: REDUCED_REDUNDANCY
x-amz-server-side-encryption: AES256
Accept-Ranges: bytes
Content-Type: application/octet-stream
Server: AmazonS3
Content-Length: 131373

s3.us-east-1.amazonaws.com/autonewsuploads/oil%20stockkk.jpg0f79d7c6521fdc129b15c3b9aa1c3496168441041164a5612a54233b64b4245e271fc79d2c

54.231.230.232

200 OK

204 kB

URL GET HTTP/1.1
s3.us-east-1.amazonaws.com/autonewsuploads/oil%20stockkk.jpg0f79d7c6521fdc129b15c3b9aa1c3496168441041164a5612a54233b64b4245e271fc79d2c
IP
54.231.230.232:443
ASN
#16509 AMAZON-02

Requested by
http://subscribe.goodlifestylenews.com/?email=tammy.j.lanctot@abc12.com&redirect_id=45314&bid=17&ses_id=6a1742a83d17b3e1e0f0bc710d5a94be
Certificate
IssuerAmazon
Subjects3.amazonaws.com
Fingerprint82:A2:80:27:89:C3:32:0E:1E:77:2D:6F:F3:3D:19:D3:97:36:BC:7C
ValidityThu, 08 Feb 2024 00:00:00 GMT - Sat, 11 Jan 2025 23:59:59 GMT

File type
JPEG image data, JFIF standard 1.01, resolution (DPI), density 120x120, segment length 16, baseline, precision 8, 1406x874, components 3
Size
204 kB (203815 bytes)
Hash
6a6adfe1bedc4da72b469a28d4e46116
3de5b170433f48069754754669399303541edd93
78072f4da7459db2a9a896a335a876ccf2b0cbc20b4cd06674bf8ceacf41e499

HTTP Headers

GET /autonewsuploads/oil%20stockkk.jpg0f79d7c6521fdc129b15c3b9aa1c3496168441041164a5612a54233b64b4245e271fc79d2c HTTP/1.1
Host: s3.us-east-1.amazonaws.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: http://subscribe.goodlifestylenews.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
x-amz-id-2: dat0qDHm6MysqgRhAdazCoLl7YuFMcUPK7woFYfrdhLXzQNu08TSsNsRzLG784jwORDoWAUAVuA=
x-amz-request-id: 5KE9PST4FF5TXQD4
Date: Sat, 11 May 2024 01:17:52 GMT
Last-Modified: Thu, 18 May 2023 11:46:53 GMT
ETag: "6a6adfe1bedc4da72b469a28d4e46116"
x-amz-storage-class: REDUCED_REDUNDANCY
x-amz-server-side-encryption: AES256
Accept-Ranges: bytes
Content-Type: application/octet-stream
Server: AmazonS3
Content-Length: 203815

s3.us-east-1.amazonaws.com/autonewsuploads/GetProstate04241.jpgf9bd27c6822b16f3cf3eb5876817433717126620945e56b623fe4588d7c712cf74455271ae

54.231.230.232

200 OK

433 kB

URL GET HTTP/1.1
s3.us-east-1.amazonaws.com/autonewsuploads/GetProstate04241.jpgf9bd27c6822b16f3cf3eb5876817433717126620945e56b623fe4588d7c712cf74455271ae
IP
54.231.230.232:443
ASN
#16509 AMAZON-02

Requested by
http://subscribe.goodlifestylenews.com/?email=tammy.j.lanctot@abc12.com&redirect_id=45314&bid=17&ses_id=6a1742a83d17b3e1e0f0bc710d5a94be
Certificate
IssuerAmazon
Subjects3.amazonaws.com
Fingerprint82:A2:80:27:89:C3:32:0E:1E:77:2D:6F:F3:3D:19:D3:97:36:BC:7C
ValidityThu, 08 Feb 2024 00:00:00 GMT - Sat, 11 Jan 2025 23:59:59 GMT

File type
JPEG image data, JFIF standard 1.01, resolution (DPI), density 300x300, segment length 16, Exif Standard: [TIFF image data, big-endian, direntries=12, height=3744, bps=0, PhotometricInterpretation=RGB, orientation=upper-left, width=5616], baseline, precision 8, 1800x1200, components 3
Size
433 kB (433442 bytes)
Hash
60a563642150e1af4e00ec3c3f677b66
d04eed6d68a0e8aea757663d9592009091908458
e1df1121dabe998035ed22ef8f116559971e300a2819918b92db1f0352c570ad

HTTP Headers

GET /autonewsuploads/GetProstate04241.jpgf9bd27c6822b16f3cf3eb5876817433717126620945e56b623fe4588d7c712cf74455271ae HTTP/1.1
Host: s3.us-east-1.amazonaws.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: http://subscribe.goodlifestylenews.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
x-amz-id-2: +rnp2uoMafj/uG2cIpqqF8bdeuqEm4iHQY74NHh60nMBMLTqtKcf4XFfGBEVdVakpVF4j6thMWk=
x-amz-request-id: 5KE3EDNGWW7MAWKZ
Date: Sat, 11 May 2024 01:17:52 GMT
Last-Modified: Tue, 09 Apr 2024 11:28:16 GMT
ETag: "60a563642150e1af4e00ec3c3f677b66"
x-amz-storage-class: REDUCED_REDUNDANCY
x-amz-server-side-encryption: AES256
Accept-Ranges: bytes
Content-Type: application/octet-stream
Server: AmazonS3
Content-Length: 433442

s3.us-east-1.amazonaws.com/autonewsuploads/arterija.jpg52585c6f4e583dd3dae9dbdb2798c58817129217683395c39f10c9b74f8261e3093eee70c0

54.231.230.232

200 OK

861 kB

URL GET HTTP/1.1
s3.us-east-1.amazonaws.com/autonewsuploads/arterija.jpg52585c6f4e583dd3dae9dbdb2798c58817129217683395c39f10c9b74f8261e3093eee70c0
IP
54.231.230.232:443
ASN
#16509 AMAZON-02

Requested by
http://subscribe.goodlifestylenews.com/?email=tammy.j.lanctot@abc12.com&redirect_id=45314&bid=17&ses_id=6a1742a83d17b3e1e0f0bc710d5a94be
Certificate
IssuerAmazon
Subjects3.amazonaws.com
Fingerprint82:A2:80:27:89:C3:32:0E:1E:77:2D:6F:F3:3D:19:D3:97:36:BC:7C
ValidityThu, 08 Feb 2024 00:00:00 GMT - Sat, 11 Jan 2025 23:59:59 GMT

File type
JPEG image data, JFIF standard 1.02, resolution (DPI), density 72x72, segment length 16, baseline, precision 8, 1920x1080, components 3
Size
861 kB (861058 bytes)
Hash
93ba295ab9f1b311005f4e5c501bebdf
4340fdded8ea94dd6cdcdc0e3854ea8cf2c7caa5
e45e10264719ae534a99dd25131ef893ac6577ef70d25f2ebe3e6690e56d33b0

HTTP Headers

GET /autonewsuploads/arterija.jpg52585c6f4e583dd3dae9dbdb2798c58817129217683395c39f10c9b74f8261e3093eee70c0 HTTP/1.1
Host: s3.us-east-1.amazonaws.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: http://subscribe.goodlifestylenews.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
x-amz-id-2: yiHjjUDMwyMKBJ3ERHJRHGA7LwyzWLs/aa8a6QVZAOkV9tRwRRK3SSpkmqbJ6kHZWcYzcjJukjA=
x-amz-request-id: 5KEDKXJJ8G0T96XP
Date: Sat, 11 May 2024 01:17:52 GMT
Last-Modified: Fri, 12 Apr 2024 11:36:10 GMT
ETag: "93ba295ab9f1b311005f4e5c501bebdf"
x-amz-storage-class: REDUCED_REDUNDANCY
x-amz-server-side-encryption: AES256
Accept-Ranges: bytes
Content-Type: application/octet-stream
Server: AmazonS3
Content-Length: 861058

s3.us-east-1.amazonaws.com/autonewsuploads/Doomsday07231.jpg3299e99b7e66ba7bebade79da4d83ca51689679479727a12f1453aa468691d60b4dd73073d

54.231.230.232

200 OK

433 kB

URL GET HTTP/1.1
s3.us-east-1.amazonaws.com/autonewsuploads/Doomsday07231.jpg3299e99b7e66ba7bebade79da4d83ca51689679479727a12f1453aa468691d60b4dd73073d
IP
54.231.230.232:443
ASN
#16509 AMAZON-02

Requested by
http://subscribe.goodlifestylenews.com/?email=tammy.j.lanctot@abc12.com&redirect_id=45314&bid=17&ses_id=6a1742a83d17b3e1e0f0bc710d5a94be
Certificate
IssuerAmazon
Subjects3.amazonaws.com
Fingerprint82:A2:80:27:89:C3:32:0E:1E:77:2D:6F:F3:3D:19:D3:97:36:BC:7C
ValidityThu, 08 Feb 2024 00:00:00 GMT - Sat, 11 Jan 2025 23:59:59 GMT

File type
JPEG image data, JFIF standard 1.01, resolution (DPI), density 200x200, segment length 16, Exif Standard: [TIFF image data, big-endian, direntries=9, description=Convoys of armed US Army (USA) High-Mobility Multipurpose Wheeled Vehicles (HMMWV) merge on the location as USA 101st Airborne , orientation=upper-left, xresolution=563, yresolution=571, resolutionunit=2, software=Adobe Photoshop 7.0, datetime=2003:11:20 08:18:15], baseline, precision 8, 1024x672, components 3
Size
433 kB (432585 bytes)
Hash
6e58f72ac11c012924af9bde04584b81
4ee205efa682b8cbb93ccfb0b355d1c0ed4a5faf
96fb5e8a70b47dab13fd7ce3cb597fdea465c43436eaaee2754c9d61ec648195

HTTP Headers

GET /autonewsuploads/Doomsday07231.jpg3299e99b7e66ba7bebade79da4d83ca51689679479727a12f1453aa468691d60b4dd73073d HTTP/1.1
Host: s3.us-east-1.amazonaws.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: http://subscribe.goodlifestylenews.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
x-amz-id-2: lRlPFQzr01pisbOXhqa9gJuvqjGZenNHrjqdSaOUyxtpkq0m2GPmHADA3es4cpGM8GI1hBsiqIY=
x-amz-request-id: 5KE0DE0P9XWSK6T8
Date: Sat, 11 May 2024 01:17:52 GMT
Last-Modified: Tue, 18 Jul 2023 11:24:40 GMT
ETag: "6e58f72ac11c012924af9bde04584b81"
x-amz-storage-class: REDUCED_REDUNDANCY
x-amz-server-side-encryption: AES256
Accept-Ranges: bytes
Content-Type: application/octet-stream
Server: AmazonS3
Content-Length: 432585

subscribe.goodlifestylenews.com/favicon.ico

172.67.172.49

404 Not Found

238 B

URL GET HTTP/1.1
subscribe.goodlifestylenews.com/favicon.ico
IP
172.67.172.49:80
ASN
#13335 CLOUDFLARENET

Requested by
http://subscribe.goodlifestylenews.com/?email=tammy.j.lanctot@abc12.com&redirect_id=45314&bid=17&ses_id=6a1742a83d17b3e1e0f0bc710d5a94be

File type
HTML document, ASCII text
Size
238 B (238 bytes)
Hash
a34ac19f4afae63adc5d2f7bc970c07f
a82190fc530c265aa40a045c21770d967f4767b8
d5a89e26beae0bc03ad18a0b0d1d3d75f87c32047879d25da11970cb5c4662a3

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /favicon.ico HTTP/1.1
Host: subscribe.goodlifestylenews.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
DNT: 1
Connection: keep-alive
Referer: http://subscribe.goodlifestylenews.com/?email=tammy.j.lanctot@abc12.com&redirect_id=45314&bid=17&ses_id=6a1742a83d17b3e1e0f0bc710d5a94be
Cookie: PHPSESSID=68b1fd25bd914e3e85bfc80d61d38ac1; _ga_WJJ5P9F2X8=GS1.1.1715390271.1.0.1715390271.0.0.0; _ga=GA1.1.1213692103.1715390271
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 404 Not Found
Date: Sat, 11 May 2024 01:17:52 GMT
Content-Type: text/html; charset=iso-8859-1
Transfer-Encoding: chunked
Connection: keep-alive
Cache-Control: max-age=14400
CF-Cache-Status: MISS
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=0dXrt5apgKhboQl8krgxeW31DqAjAI4VYF8KZSK1667r9cSnqrf1CjZAQ63wC7LrZ7diUfXwBruvSfKtUvjguy4p5BBByduQI22svYEzbLKVmmaR83QrQYk0MwyIUWxfOasJVNjMG43tswPZG85n%2By1Z"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 881e54ef1e8e56a8-OSL
Content-Encoding: gzip
alt-svc: h2=":443"; ma=60

verifiedwebpage.com/go?ehash=ec55f96bdbee115719939c545d55f6bb&product=48765&ar=55&cid=2626&lid=1610&slhash=6fa59e7be255fd2bcdcd31e102cefbd0&redirect_id=45314&bid=17

104.18.21.187

302 Found

0 B

URL User Request GET HTTP/2
verifiedwebpage.com/go?ehash=ec55f96bdbee115719939c545d55f6bb&product=48765&ar=55&cid=2626&lid=1610&slhash=6fa59e7be255fd2bcdcd31e102cefbd0&redirect_id=45314&bid=17
IP
104.18.21.187:443
ASN
#13335 CLOUDFLARENET

Certificate
IssuerGoogle Trust Services LLC
Subjectverifiedwebpage.com
FingerprintB6:7C:0D:93:CD:D6:56:A3:74:B9:46:38:F0:C7:A5:31:BC:5F:AF:56
ValidityWed, 10 Apr 2024 21:43:08 GMT - Tue, 09 Jul 2024 21:43:07 GMT

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

HTTP Headers

GET /go?ehash=ec55f96bdbee115719939c545d55f6bb&product=48765&ar=55&cid=2626&lid=1610&slhash=6fa59e7be255fd2bcdcd31e102cefbd0&redirect_id=45314&bid=17 HTTP/1.1
Host: verifiedwebpage.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 302 Found
date: Sat, 11 May 2024 01:17:46 GMT
content-type: text/html; charset=UTF-8
location: https://subscribe.goodlifestylenews.com?email=tammy.j.lanctot@abc12.com&redirect_id=45314&bid=17
expires: Thu, 19 Nov 1981 08:52:00 GMT
cache-control: no-store, no-cache, must-revalidate
pragma: no-cache
vary: User-Agent
cf-cache-status: DYNAMIC
set-cookie: PHPSESSID=0d08de3980a9539d52074f3896ec1f1c; path=/
pixel_session_hash_48765=3415485580010593778; expires=Mon, 10-Jun-2024 01:17:44 GMT; Max-Age=2592000; path=/; secure; HttpOnly; SameSite=None
bt_tracking_product_48765=722f6f584c49f6c575614236a2cf875e3a81a2055800595b99e8b9c4f08d45d9; expires=Mon, 13-May-2024 01:17:45 GMT; Max-Age=172800
__cf_bm=sQm6lwDT.eFPyt6n4Rncqk12BD5Tg7Bjt48jNwkqgK0-1715390266-1.0.1.1-AKNJZLGWFx4RHpydur1HdxX5wAnMKqy1OZvCL8yN_65mgQsO_2LjI2HtPLLyqRDwaIEgbF287hqJa0JiNV6RSg; path=/; expires=Sat, 11-May-24 01:47:46 GMT; domain=.verifiedwebpage.com; HttpOnly; Secure; SameSite=None
server: cloudflare
cf-ray: 881e54c7fbe5b4f1-OSL
X-Firefox-Spdy: h2

subscribe.goodlifestylenews.com/?email=tammy.j.lanctot@abc12.com&redirect_id=45314&bid=17&ses_id=6a1742a83d17b3e1e0f0bc710d5a94be

104.21.30.61

200 OK

31 kB

URL User Request GET HTTP/1.1
subscribe.goodlifestylenews.com/?email=tammy.j.lanctot@abc12.com&redirect_id=45314&bid=17&ses_id=6a1742a83d17b3e1e0f0bc710d5a94be
IP
104.21.30.61:80
ASN
#13335 CLOUDFLARENET

File type

Size
31 kB (31143 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /?email=tammy.j.lanctot@abc12.com&redirect_id=45314&bid=17&ses_id=6a1742a83d17b3e1e0f0bc710d5a94be HTTP/1.1
Host: subscribe.goodlifestylenews.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
DNT: 1
Connection: keep-alive
Cookie: PHPSESSID=68b1fd25bd914e3e85bfc80d61d38ac1
Upgrade-Insecure-Requests: 1
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Date: Sat, 11 May 2024 01:17:49 GMT
Content-Type: text/html; charset=UTF-8
Transfer-Encoding: chunked
Connection: keep-alive
Access-Control-Allow-Origin: *
Access-Control-Allow-Methods: GET, POST
Access-Control-Allow-Headers: X-Requested-With
Expires: Thu, 19 Nov 1981 08:52:00 GMT
Cache-Control: no-store, no-cache, must-revalidate
Pragma: no-cache
Vary: Accept-Encoding,User-Agent
CF-Cache-Status: DYNAMIC
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=%2FkZXrGuq%2BOXTUc3ekS4I1uJPSqdCBgTYmq%2BhSbcFRcJ7tYjMrzEQrsTHLNtqstgNPAp0NEZRj3n996DXvxmrriwC35BCDSagEgpjxz3pHVo8Ojg%2BiZbObB84ZbGHdHtn5qLpfrJhN3TVBtuilnDaBMKG"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Server: cloudflare
CF-RAY: 881e54d98bd07131-OSL
Content-Encoding: gzip
alt-svc: h2=":443"; ma=60

subscribe.goodlifestylenews.com/?email=tammy.j.lanctot@abc12.com&redirect_id=45314&bid=17&ses_id=6a1742a83d17b3e1e0f0bc710d5a94be

0.0.0.0

0 B

URL User Request GET
subscribe.goodlifestylenews.com/?email=tammy.j.lanctot@abc12.com&redirect_id=45314&bid=17&ses_id=6a1742a83d17b3e1e0f0bc710d5a94be
IP
0.0.0.0:0
ASN
#0

Certificate
IssuerGoogle Trust Services LLC
Subjectgoodlifestylenews.com
FingerprintCF:D4:62:67:0B:FC:CB:36:EF:53:02:EB:06:FE:15:35:2F:53:53:40
ValidityThu, 21 Mar 2024 14:09:53 GMT - Wed, 19 Jun 2024 14:09:52 GMT

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /?email=tammy.j.lanctot@abc12.com&redirect_id=45314&bid=17&ses_id=6a1742a83d17b3e1e0f0bc710d5a94be HTTP/1.1
Host: subscribe.goodlifestylenews.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Cookie: PHPSESSID=68b1fd25bd914e3e85bfc80d61d38ac1
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

go.goodlifestylenews.com/dummyarticleclickers_45314/ec55f96bdbee115719939c545d55f6bb/55/leadsource/2626/1610/6fa59e7be255fd2bcdcd31e102cefbd0/mpmta/news/45314/17

104.21.30.61

302 Found

0 B

URL User Request GET HTTP/2
go.goodlifestylenews.com/dummyarticleclickers_45314/ec55f96bdbee115719939c545d55f6bb/55/leadsource/2626/1610/6fa59e7be255fd2bcdcd31e102cefbd0/mpmta/news/45314/17
IP
104.21.30.61:443
ASN
#13335 CLOUDFLARENET

Certificate
IssuerGoogle Trust Services LLC
Subjectgoodlifestylenews.com
FingerprintCF:D4:62:67:0B:FC:CB:36:EF:53:02:EB:06:FE:15:35:2F:53:53:40
ValidityThu, 21 Mar 2024 14:09:53 GMT - Wed, 19 Jun 2024 14:09:52 GMT

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /dummyarticleclickers_45314/ec55f96bdbee115719939c545d55f6bb/55/leadsource/2626/1610/6fa59e7be255fd2bcdcd31e102cefbd0/mpmta/news/45314/17 HTTP/1.1
Host: go.goodlifestylenews.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Upgrade-Insecure-Requests: 1
Connection: keep-alive
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 302 Found
date: Sat, 11 May 2024 01:17:45 GMT
content-type: text/html; charset=UTF-8
location: https://verifiedwebpage.com/go?ehash=ec55f96bdbee115719939c545d55f6bb&product=48765&ar=55&cid=2626&lid=1610&slhash=6fa59e7be255fd2bcdcd31e102cefbd0&redirect_id=45314&bid=17
cache-control: max-age=600
expires: Sat, 11 May 2024 01:27:44 GMT
vary: User-Agent
cf-cache-status: DYNAMIC
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=aPwak%2BG71xBGsRTbOXigjrGkJW5L6pYrWzkNCydZFlmbU%2FSnSLcCcmEErUu4EEouABBFsHvm%2FPsylUq8iUzR2PpvKxwOVN3bfgZ27wXW8Qo92%2FUPfLrI0WvARnRB3QFiuxBzqtZUkIgKYks%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 881e54c34fb61c0a-OSL
alt-svc: h3=":443"; ma=86400
X-Firefox-Spdy: h2

fonts.googleapis.com/css?family=Roboto

142.250.74.106

200 OK

2.2 kB

URL GET HTTP/2
fonts.googleapis.com/css?family=Roboto
IP
142.250.74.106:443
ASN
#15169 GOOGLE

Requested by
http://subscribe.goodlifestylenews.com/?email=tammy.j.lanctot@abc12.com&redirect_id=45314&bid=17&ses_id=6a1742a83d17b3e1e0f0bc710d5a94be
Certificate
IssuerGoogle Trust Services LLC
Subjectupload.video.google.com
Fingerprint36:49:20:36:0C:4D:DA:55:65:64:23:0F:49:3E:FA:78:87:35:A3:79
ValidityTue, 16 Apr 2024 04:17:12 GMT - Tue, 09 Jul 2024 04:17:11 GMT

File type
ASCII text, with very long lines (2218), with no line terminators
Size
2.2 kB (2162 bytes)
Hash
807b0cff287eb02fda9eb3a87e2746a5
34a0af77abd82f106052590a0e624b2803a6572d
35c288796da2ba3b90a7a7ef7e75a5e7eb55cad381d227beda8c5e400a04caff

HTTP Headers

GET /css?family=Roboto HTTP/1.1
Host: fonts.googleapis.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: http://subscribe.goodlifestylenews.com/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
content-type: text/css; charset=utf-8
access-control-allow-origin: *
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
strict-transport-security: max-age=31536000
expires: Sat, 11 May 2024 01:17:49 GMT
date: Sat, 11 May 2024 01:17:49 GMT
cache-control: private, max-age=86400
cross-origin-opener-policy: same-origin-allow-popups
cross-origin-resource-policy: cross-origin
content-encoding: gzip
server: ESF
x-xss-protection: 0
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2

Report Overview

Submitted URL

IP

ASN

Submitted

Access

Website Title

Final URL

Tags

urlquery detections

Detections

urlquery

Network Intrusion Detection

Threat Detection Systems

Domain Summary

Related reports

Network Intrusion Detection Systems

Suricata /w Emerging Threats Pro

Threat Detection Systems

Public InfoSec YARA rules

OpenPhish

PhishTank

mnemonic secure dns

Quad9 DNS

ThreatFox

JavaScript (9)

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML