Report - go.goodlifestylenews.com/dummyarticleclickers_42937/a5276dcfef687822b175c94d6bcaf82b/55/leadsource/2553/1610/9cebc4d298e0ed1ed5b0d3e255cd3947/mpmta/news/42937/17

Report Overview

Submitted URL
go.goodlifestylenews.com/dummyarticleclickers_42937/a5276dcfef687822b175c94d6bcaf82b/55/leadsource/2553/1610/9cebc4d298e0ed1ed5b0d3e255cd3947/mpmta/news/42937/17
IP
172.67.172.49
ASN
#13335 CLOUDFLARENET
Submitted
2024-04-16 03:54:32
Access
public
Website Title
Good Lifestyle News (MP) Flow
Final URL
subscribe.goodlifestylenews.com/?email=sdlocke@semco.cc&redirect_id=42937&bid=17&ses_id=88020a62d8323de6e5209ad990d8f780
Tags
urlquery detections
No alerts detected

Detections

urlquery
0
Network Intrusion Detection
0
Threat Detection Systems
16

Domain Summary

Domain / FQDN	Rank	Registered	First Seen	Last Seen	Sent	Received	IP
go.goodlifestylenews.com	unknown	2020-07-10	2022-06-02	2024-04-14	890 B	9.3 kB	104.21.30.61
subscribe.goodlifestylenews.com	unknown	2020-07-10	2023-01-18	2024-03-27	3.3 kB	41 kB	104.21.30.61
www.googletagmanager.com	75	2011-11-11	2013-05-22	2024-04-15	437 B	101 kB	142.250.74.168
fonts.googleapis.com	8877	2005-01-25	2013-06-10	2024-04-15	441 B	2.7 kB	142.250.74.74
verifiedsecure.org	unknown	2015-12-08	2016-04-06	2024-04-13	858 B	38 kB	172.67.74.20
subscriberwelcome.com	unknown	2022-11-16	2022-11-16	2024-04-14	1.9 kB	2.9 MB	104.21.66.20
verifiedwebpage.com	unknown	2022-03-23	2022-03-23	2024-04-15	620 B	1.0 kB	104.18.21.187
cdn.jsdelivr.net	439	2012-05-16	2012-09-30	2024-04-15	1.0 kB	49 kB	151.101.193.229
ajax.googleapis.com	12905	2005-01-25	2013-08-16	2024-04-15	446 B	34 kB	142.250.74.170
fonts.gstatic.com	unknown	2008-02-11	2014-09-09	2024-04-15	547 B	17 kB	216.58.207.227
s3.us-east-1.amazonaws.com	4041	2005-08-18	2017-11-22	2024-04-15	5.5 kB	2.1 MB	52.217.224.224

Related reports

Network Intrusion Detection Systems

Suricata /w Emerging Threats Pro

No alerts detected

Threat Detection Systems

Public InfoSec YARA rules

No alerts detected

OpenPhish

No alerts detected

PhishTank

No alerts detected

mnemonic secure dns

No alerts detected

Quad9 DNS

Scan Date	Severity	Indicator	Alert
2024-04-16	medium	goodlifestylenews.com	Sinkholed
2024-04-16	medium	goodlifestylenews.com	Sinkholed
2024-04-16	medium	goodlifestylenews.com	Sinkholed
2024-04-16	medium	goodlifestylenews.com	Sinkholed
2024-04-16	medium	goodlifestylenews.com	Sinkholed
2024-04-16	medium	goodlifestylenews.com	Sinkholed
2024-04-16	medium	goodlifestylenews.com	Sinkholed
2024-04-16	medium	goodlifestylenews.com	Sinkholed

ThreatFox

No alerts detected

JavaScript (9)

	URL	Size	First Seen	Last Seen
	cdn.jsdelivr.net/npm/bootstrap@5.2.2/dist/js/bootstrap.min.js	60 kB	2023-03-08	2024-04-29
Pretty URL cdn.jsdelivr.net/npm/bootstrap@5.2.2/dist/js/bootstrap.min.js IP 151.101.193.229 ASN #54113 FASTLY Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-08 20:35:41 Last Seen2024-04-29 00:53:53 Times Seen1278 Hash c5236e5d6a5d0ff97ff8c8e5102c6c03 6fbfdbddbe85c578de559adcc8d07cccbc16d514 87538c4b7e488f5a49d12f98d6a04afc61d00f26a790f319569799acd434eb65 Loading...

	subscribe.goodlifestylenews.com/jquery.caret.js	2.4 kB	2023-05-08	2024-04-29
Pretty URL subscribe.goodlifestylenews.com/jquery.caret.js IP 104.21.30.61 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML false Observations First Seen2023-05-08 14:36:52 Last Seen2024-04-29 00:53:53 Times Seen526 Hash 35c3ec8db4ff6e862db42516436216a1 7d9d7731403868cc34edaad1d9e17311541a6f77 adef482d97f599ba0e720ecf2aba0581ea1591ba1bb1eb271f1d98b279ff81ba Loading...

	subscribe.goodlifestylenews.com/?email=sdlocke@semco.cc&redirect_id=42937&bid=17&ses_id=88020a62d8323de6e5209ad990d8f780	152 B	2023-06-01	2024-04-29
Pretty URL subscribe.goodlifestylenews.com/?email=sdlocke@semco.cc&redirect_id=42937&bid=17&ses_id=88020a62d8323de6e5209ad990d8f780 IP 0.0.0.0 ASN #0 Introduced by scriptElement Embedded in HTML true Observations First Seen2023-06-01 19:31:02 Last Seen2024-04-29 00:53:53 Times Seen276 Hash f428121d5a5fef65b4475cd12946bc04 ee95d8f82bdc0b8001fd8ffa74edd84d5640aa87 a27ebc0bf8c54f5e2c909f78d326d964e1555bae0254d575f6511b0dcc92ae12 Loading...

	subscribe.goodlifestylenews.com/?email=sdlocke@semco.cc&redirect_id=42937&bid=17&ses_id=88020a62d8323de6e5209ad990d8f780	194 B	2023-05-08	2024-04-29
Pretty URL subscribe.goodlifestylenews.com/?email=sdlocke@semco.cc&redirect_id=42937&bid=17&ses_id=88020a62d8323de6e5209ad990d8f780 IP 0.0.0.0 ASN #0 Introduced by scriptElement Embedded in HTML true Observations First Seen2023-05-08 14:36:52 Last Seen2024-04-29 00:53:53 Times Seen322 Hash d7ae17d684ddcfa308369e402855826d d6da811e60cab233619e114e823ab9db7242bd5d e42a64d5a754498cd56f9079fd8e341c480ea2a15a6060e00924814586f8c44f Loading...

	subscribe.goodlifestylenews.com/?email=sdlocke@semco.cc&redirect_id=42937&bid=17&ses_id=88020a62d8323de6e5209ad990d8f780	641 B	2023-05-08	2024-04-29
Pretty URL subscribe.goodlifestylenews.com/?email=sdlocke@semco.cc&redirect_id=42937&bid=17&ses_id=88020a62d8323de6e5209ad990d8f780 IP 0.0.0.0 ASN #0 Introduced by scriptElement Embedded in HTML true Observations First Seen2023-05-08 14:36:52 Last Seen2024-04-29 00:53:53 Times Seen322 Hash c2855664f7a14ee99090a0366d9d1e03 35ba8e0f5b5181a8df832c0e12774a761d465dda bf66df111d26d4ef5b3e5df0f4df141fe5d7632260cb83308bfed72caf323af0 Loading...

	ajax.googleapis.com/ajax/libs/jquery/1.11.1/jquery.min.js	96 kB	2023-03-07	2024-04-29
Pretty URL ajax.googleapis.com/ajax/libs/jquery/1.11.1/jquery.min.js IP 142.250.74.170 ASN #15169 GOOGLE Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:02:02 Last Seen2024-04-29 18:03:13 Times Seen46700 Hash 8101d596b2b8fa35fe3a634ea342d7c3 d6c1f41972de07b09bfa63d2e50f9ab41ec372bd 540bc6dec1dd4b92ea4d3fb903f69eabf6d919afd48f4e312b163c28cff0f441 Loading...

	subscribe.goodlifestylenews.com/?email=sdlocke@semco.cc&redirect_id=42937&bid=17&ses_id=88020a62d8323de6e5209ad990d8f780	1.3 kB	2024-04-16	2024-04-16
Pretty URL subscribe.goodlifestylenews.com/?email=sdlocke@semco.cc&redirect_id=42937&bid=17&ses_id=88020a62d8323de6e5209ad990d8f780 IP 0.0.0.0 ASN #0 Introduced by scriptElement Embedded in HTML true Observations First Seen2024-04-16 05:54:34 Last Seen2024-04-16 05:54:34 Times Seen1 Hash 6d6efd10999a02ea64dcc629bc1abf30 f89f4880c72d4f9a5c2ea6daedf43002cdcde08a a2db0613766692a85c090f167610979137d5b7577368818a064c9a44c2da1f35 Loading...

	www.googletagmanager.com/gtag/js?id=G-WJJ5P9F2X8	301 kB	2024-04-16	2024-04-16
Pretty URL www.googletagmanager.com/gtag/js?id=G-WJJ5P9F2X8 IP 142.250.74.168 ASN #15169 GOOGLE Introduced by scriptElement Embedded in HTML false Observations First Seen2024-04-16 05:54:34 Last Seen2024-04-16 05:54:34 Times Seen2 Hash 8e2da478c415054ecd23e70990c98aff 027caafafc5b01bada017d5fa339513b62d5e36d 85f39eb9b466f51d3808ea0fc2cd78dbdb6a1de602c125c7d1052fc9cef59dd0 Loading...

	subscribe.goodlifestylenews.com/jquery.mobilePhoneNumber.js	26 kB	2023-05-08	2024-04-29
Pretty URL subscribe.goodlifestylenews.com/jquery.mobilePhoneNumber.js IP 172.67.172.49 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML false Observations First Seen2023-05-08 14:36:52 Last Seen2024-04-29 00:53:53 Times Seen647 Hash 0dbbb5873b895ea3be425af219cf85de 7b9dba563376d7dbd1c5b9b7064ab87eadad5591 02cbbdeb2244fd2855c49ab964c15001bde126c21cc5890d176c537878d6152b Loading...

HTTP Transactions (31)

URL IP Response Size

go.goodlifestylenews.com/

104.21.30.61

143 B

URL
go.goodlifestylenews.com/
IP
104.21.30.61:0
ASN
#13335 CLOUDFLARENET

File type
HTML document, ASCII text
Size
143 B (143 bytes)
Hash
f1fb042c62910c34be16ad91cbbd71fa
5bc7aceba9a8704ef4b1d427d7d08b140afcd866
9278d16ed2fdcd5dc651615b0b8adc6b55fb667a9d106a9891b861d4561d9a24

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET / HTTP/1.1
Host: go.goodlifestylenews.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Date: Tue, 16 Apr 2024 03:54:09 GMT
Content-Type: text/html
Transfer-Encoding: chunked
Connection: keep-alive
Last-Modified: Tue, 14 Nov 2023 15:41:05 GMT
Cache-Control: no-cache, no-store, must-revalidate
Expires: 0
Vary: Accept-Encoding,User-Agent
Pragma: no-cache
CF-Cache-Status: DYNAMIC
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=BKkiZhqj8k%2B7NN3zYezNdFVwxRJiYSmHg6yq%2Flreoj1Pdkk7LzSo%2B0aZqQ%2FFeuUm1HKgcry3HZ5uPKBtWupF5Jrn%2BvtOA473CGMPdFiZraanxUqaj9nLpncJbNRbyN8m%2Frb2DH73yeHgfzo%3D"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Server: cloudflare
CF-RAY: 87513b7beee156cb-OSL
Content-Encoding: gzip
alt-svc: h2=":443"; ma=60

go.goodlifestylenews.com/dummyarticleclickers_42937/a5276dcfef687822b175c94d6bcaf82b/55/leadsource/2553/1610/9cebc4d298e0ed1ed5b0d3e255cd3947/mpmta/news/42937/17

172.67.172.49

302 Found

7.6 kB

URL User Request GET HTTP/2
go.goodlifestylenews.com/dummyarticleclickers_42937/a5276dcfef687822b175c94d6bcaf82b/55/leadsource/2553/1610/9cebc4d298e0ed1ed5b0d3e255cd3947/mpmta/news/42937/17
IP
172.67.172.49:443
ASN
#13335 CLOUDFLARENET

Certificate
IssuerGoogle Trust Services LLC
Subjectgoodlifestylenews.com
FingerprintCF:D4:62:67:0B:FC:CB:36:EF:53:02:EB:06:FE:15:35:2F:53:53:40
ValidityThu, 21 Mar 2024 14:09:53 GMT - Wed, 19 Jun 2024 14:09:52 GMT

File type
gzip compressed data, from Unix
Size
7.6 kB (7608 bytes)
Hash
0e88eee0a1bf10499c36072be070d43a
a20839005c9bd1fd0bd66bc623395207178712aa
d9553f47c2652b6e39b44b47d9e7d57bc5918c3afa91aa2c38e67553a1031753

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /dummyarticleclickers_42937/a5276dcfef687822b175c94d6bcaf82b/55/leadsource/2553/1610/9cebc4d298e0ed1ed5b0d3e255cd3947/mpmta/news/42937/17 HTTP/1.1
Host: go.goodlifestylenews.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Upgrade-Insecure-Requests: 1
Connection: keep-alive
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 302 Found
date: Tue, 16 Apr 2024 03:54:06 GMT
content-type: text/html; charset=UTF-8
location: https://verifiedwebpage.com/go?ehash=a5276dcfef687822b175c94d6bcaf82b&product=46367&ar=55&cid=2553&lid=1610&slhash=9cebc4d298e0ed1ed5b0d3e255cd3947&redirect_id=42937&bid=17
cache-control: max-age=600
expires: Tue, 16 Apr 2024 04:04:05 GMT
vary: User-Agent
cf-cache-status: DYNAMIC
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=iLghHFDBJmgZk6XjAGS%2FA1MO6BwNsefBPoP5uoiz6tGo4Jp7KjbtgzI7dW8LZsprB9Y%2BxlL0LrEzYgkmDCrSdQx7mnVOXkBz87FJTAbz9Vbd3PMtsfrKkV7pzlzQEaTUmp9YzB48pTI%2FcM8%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 87513b694f2bb524-OSL
alt-svc: h3=":443"; ma=86400
X-Firefox-Spdy: h2

subscribe.goodlifestylenews.com/jquery.caret.js

104.21.30.61

200 OK

716 B

URL GET HTTP/1.1
subscribe.goodlifestylenews.com/jquery.caret.js
IP
104.21.30.61:80
ASN
#13335 CLOUDFLARENET

Requested by
http://subscribe.goodlifestylenews.com/?email=sdlocke@semco.cc&redirect_id=42937&bid=17&ses_id=88020a62d8323de6e5209ad990d8f780

File type
JavaScript source, ASCII text, with CRLF line terminators
Size
716 B (716 bytes)
Hash
35c3ec8db4ff6e862db42516436216a1
7d9d7731403868cc34edaad1d9e17311541a6f77
adef482d97f599ba0e720ecf2aba0581ea1591ba1bb1eb271f1d98b279ff81ba

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /jquery.caret.js HTTP/1.1
Host: subscribe.goodlifestylenews.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
DNT: 1
Connection: keep-alive
Referer: http://subscribe.goodlifestylenews.com/?email=sdlocke@semco.cc&redirect_id=42937&bid=17&ses_id=88020a62d8323de6e5209ad990d8f780
Cookie: PHPSESSID=e9b09c603cdcf0c3fa49a095d21e6549
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Date: Tue, 16 Apr 2024 03:54:11 GMT
Content-Type: application/javascript
Content-Length: 716
Connection: keep-alive
Last-Modified: Tue, 21 Feb 2023 09:39:45 GMT
Cache-Control: max-age=2592000
Expires: Sun, 12 May 2024 22:55:15 GMT
Vary: Accept-Encoding,User-Agent
Content-Encoding: gzip
CF-Cache-Status: HIT
Age: 277135
Accept-Ranges: bytes
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=en1jAt%2BVjjYjQ5sJd8AvNHPRqtiy7XXfY1%2B4hc4G2sYAqqDZyksRH91%2Bhx9p1e9dTJl6SKMNwTSvBWuq%2FgvvQ3a9lT3M%2FfY%2ByoZiv6jE33WaNWoX5%2F0h2cK6YPbhI%2FQV81QeL40H1tHF8hl39sGf0%2Fci"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Server: cloudflare
CF-RAY: 87513b8abb9ab4f7-OSL
alt-svc: h2=":443"; ma=60

subscribe.goodlifestylenews.com/jquery.mobilePhoneNumber.js

172.67.172.49

200 OK

4.4 kB

URL GET HTTP/1.1
subscribe.goodlifestylenews.com/jquery.mobilePhoneNumber.js
IP
172.67.172.49:80
ASN
#13335 CLOUDFLARENET

Requested by
http://subscribe.goodlifestylenews.com/?email=sdlocke@semco.cc&redirect_id=42937&bid=17&ses_id=88020a62d8323de6e5209ad990d8f780

File type
JavaScript source, ASCII text
Size
4.4 kB (4430 bytes)
Hash
0dbbb5873b895ea3be425af219cf85de
7b9dba563376d7dbd1c5b9b7064ab87eadad5591
02cbbdeb2244fd2855c49ab964c15001bde126c21cc5890d176c537878d6152b

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /jquery.mobilePhoneNumber.js HTTP/1.1
Host: subscribe.goodlifestylenews.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
DNT: 1
Connection: keep-alive
Referer: http://subscribe.goodlifestylenews.com/?email=sdlocke@semco.cc&redirect_id=42937&bid=17&ses_id=88020a62d8323de6e5209ad990d8f780
Cookie: PHPSESSID=e9b09c603cdcf0c3fa49a095d21e6549
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Date: Tue, 16 Apr 2024 03:54:11 GMT
Content-Type: application/javascript
Content-Length: 4430
Connection: keep-alive
Last-Modified: Tue, 21 Feb 2023 09:39:45 GMT
Cache-Control: max-age=2592000
Expires: Sun, 12 May 2024 22:55:15 GMT
Vary: Accept-Encoding,User-Agent
Content-Encoding: gzip
CF-Cache-Status: HIT
Age: 277135
Accept-Ranges: bytes
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=OxM0OHAxeHvzmuo%2BEcKa5W6%2B3BILOzYlNSYyti9OakRxZ1hE6wP%2B%2FQMD%2F40wZC6CpTEttFjl%2Bk4GmIjAbCMmsDOacw2uinoXuqOGYpQSmhO2DD03jm6gUriJQQYujWC1NfqQN1MsAw7LlI51SJYWJedY"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Server: cloudflare
CF-RAY: 87513b8abf7db524-OSL
alt-svc: h2=":443"; ma=60

cdn.jsdelivr.net/npm/bootstrap@5.2.2/dist/css/bootstrap.min.css

151.101.193.229

200 OK

30 kB

URL GET HTTP/2
cdn.jsdelivr.net/npm/bootstrap@5.2.2/dist/css/bootstrap.min.css
IP
151.101.193.229:443
ASN
#54113 FASTLY

Requested by
http://subscribe.goodlifestylenews.com/?email=sdlocke@semco.cc&redirect_id=42937&bid=17&ses_id=88020a62d8323de6e5209ad990d8f780
Certificate
IssuerGlobalSign nv-sa
Subjectjsdelivr.net
Fingerprint05:87:2C:BA:73:14:21:54:82:00:8B:AD:85:8F:E9:C6:4D:C7:66:09
ValidityWed, 27 Sep 2023 18:13:13 GMT - Mon, 28 Oct 2024 18:13:12 GMT

File type
Unicode text, UTF-8 text, with very long lines (65305)
Size
30 kB (30336 bytes)
Hash
025df1ec88740cad5ff14bb3380da6dd
7abed070e37ce060c0a561575f1d41a7f248fc74
2143941c03dacda8b4f1016ced6e0c6f34e5c04585a3bcffe33c3c626c448a4a

HTTP Headers

GET /npm/bootstrap@5.2.2/dist/css/bootstrap.min.css HTTP/1.1
Host: cdn.jsdelivr.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: http://subscribe.goodlifestylenews.com
DNT: 1
Connection: keep-alive
Referer: http://subscribe.goodlifestylenews.com/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
access-control-allow-origin: *
access-control-expose-headers: *
timing-allow-origin: *
cache-control: public, max-age=31536000, s-maxage=31536000, immutable
cross-origin-resource-policy: cross-origin
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-type: text/css; charset=utf-8
x-jsd-version: 5.2.2
x-jsd-version-type: version
etag: W/"2f955-er7QcON84GDApWFXXx1Bp/JI/HQ"
content-encoding: br
accept-ranges: bytes
date: Tue, 16 Apr 2024 03:54:11 GMT
age: 19885224
x-served-by: cache-fra-eddf8230072-FRA, cache-hel1410028-HEL
x-cache: HIT, HIT
vary: Accept-Encoding
alt-svc: h3=":443";ma=86400,h3-29=":443";ma=86400,h3-27=":443";ma=86400
content-length: 30336
X-Firefox-Spdy: h2

cdn.jsdelivr.net/npm/bootstrap@5.2.2/dist/js/bootstrap.min.js

151.101.193.229

200 OK

17 kB

URL GET HTTP/2
cdn.jsdelivr.net/npm/bootstrap@5.2.2/dist/js/bootstrap.min.js
IP
151.101.193.229:443
ASN
#54113 FASTLY

Requested by
http://subscribe.goodlifestylenews.com/?email=sdlocke@semco.cc&redirect_id=42937&bid=17&ses_id=88020a62d8323de6e5209ad990d8f780
Certificate
IssuerGlobalSign nv-sa
Subjectjsdelivr.net
Fingerprint05:87:2C:BA:73:14:21:54:82:00:8B:AD:85:8F:E9:C6:4D:C7:66:09
ValidityWed, 27 Sep 2023 18:13:13 GMT - Mon, 28 Oct 2024 18:13:12 GMT

File type
JavaScript source, ASCII text, with very long lines (60201)
Size
17 kB (17366 bytes)
Hash
c5236e5d6a5d0ff97ff8c8e5102c6c03
6fbfdbddbe85c578de559adcc8d07cccbc16d514
87538c4b7e488f5a49d12f98d6a04afc61d00f26a790f319569799acd434eb65

HTTP Headers

GET /npm/bootstrap@5.2.2/dist/js/bootstrap.min.js HTTP/1.1
Host: cdn.jsdelivr.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: http://subscribe.goodlifestylenews.com
DNT: 1
Connection: keep-alive
Referer: http://subscribe.goodlifestylenews.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
access-control-allow-origin: *
access-control-expose-headers: *
timing-allow-origin: *
cache-control: public, max-age=31536000, s-maxage=31536000, immutable
cross-origin-resource-policy: cross-origin
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-type: application/javascript; charset=utf-8
x-jsd-version: 5.2.2
x-jsd-version-type: version
etag: W/"ec40-b7/b3b6FxXjeVZrcyNB8zLwW1RQ"
content-encoding: br
accept-ranges: bytes
date: Tue, 16 Apr 2024 03:54:11 GMT
age: 4159754
x-served-by: cache-fra-etou8220032-FRA, cache-hel1410028-HEL
x-cache: HIT, HIT
vary: Accept-Encoding
alt-svc: h3=":443";ma=86400,h3-29=":443";ma=86400,h3-27=":443";ma=86400
content-length: 17366
X-Firefox-Spdy: h2

ajax.googleapis.com/ajax/libs/jquery/1.11.1/jquery.min.js

142.250.74.170

200 OK

33 kB

URL GET HTTP/2
ajax.googleapis.com/ajax/libs/jquery/1.11.1/jquery.min.js
IP
142.250.74.170:443
ASN
#15169 GOOGLE

Requested by
http://subscribe.goodlifestylenews.com/?email=sdlocke@semco.cc&redirect_id=42937&bid=17&ses_id=88020a62d8323de6e5209ad990d8f780
Certificate
IssuerGoogle Trust Services LLC
Subjectupload.video.google.com
Fingerprint47:5A:64:7D:9F:47:34:07:31:91:97:F7:04:42:7A:D5:EA:AD:07:4E
ValidityMon, 04 Mar 2024 07:16:44 GMT - Mon, 27 May 2024 07:16:43 GMT

File type
JavaScript source, ASCII text, with very long lines (32086)
Size
33 kB (33434 bytes)
Hash
8101d596b2b8fa35fe3a634ea342d7c3
d6c1f41972de07b09bfa63d2e50f9ab41ec372bd
540bc6dec1dd4b92ea4d3fb903f69eabf6d919afd48f4e312b163c28cff0f441

HTTP Headers

GET /ajax/libs/jquery/1.11.1/jquery.min.js HTTP/1.1
Host: ajax.googleapis.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: http://subscribe.goodlifestylenews.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
accept-ranges: bytes
content-encoding: gzip
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/hosted-libraries-pushers
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="hosted-libraries-pushers"
report-to: {"group":"hosted-libraries-pushers","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/hosted-libraries-pushers"}]}
timing-allow-origin: *
content-length: 33434
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Thu, 11 Apr 2024 17:46:16 GMT
expires: Fri, 11 Apr 2025 17:46:16 GMT
cache-control: public, max-age=31536000, stale-while-revalidate=2592000
age: 382075
last-modified: Tue, 03 Mar 2020 19:15:00 GMT
content-type: text/javascript; charset=UTF-8
vary: Accept-Encoding
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2

www.googletagmanager.com/gtag/js?id=G-WJJ5P9F2X8

142.250.74.168

200 OK

101 kB

URL GET HTTP/2
www.googletagmanager.com/gtag/js?id=G-WJJ5P9F2X8
IP
142.250.74.168:443
ASN
#15169 GOOGLE

Requested by
http://subscribe.goodlifestylenews.com/?email=sdlocke@semco.cc&redirect_id=42937&bid=17&ses_id=88020a62d8323de6e5209ad990d8f780
Certificate
IssuerGoogle Trust Services LLC
Subject*.google-analytics.com
FingerprintBF:40:8C:8B:CB:69:1E:3F:E2:3B:B7:8A:8E:C0:D6:98:5F:81:FA:2D
ValidityMon, 04 Mar 2024 06:35:45 GMT - Mon, 27 May 2024 06:35:44 GMT

File type
JavaScript source, ASCII text, with very long lines (5955)
Size
101 kB (100584 bytes)
Hash
8e2da478c415054ecd23e70990c98aff
027caafafc5b01bada017d5fa339513b62d5e36d
85f39eb9b466f51d3808ea0fc2cd78dbdb6a1de602c125c7d1052fc9cef59dd0

HTTP Headers

GET /gtag/js?id=G-WJJ5P9F2X8 HTTP/1.1
Host: www.googletagmanager.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: http://subscribe.goodlifestylenews.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
content-encoding: br
vary: Accept-Encoding
date: Tue, 16 Apr 2024 03:54:11 GMT
expires: Tue, 16 Apr 2024 03:54:11 GMT
cache-control: private, max-age=900
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
server: Google Tag Manager
content-length: 100584
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2

fonts.googleapis.com/css?family=Roboto

142.250.74.74

200 OK

2.0 kB

URL GET HTTP/2
fonts.googleapis.com/css?family=Roboto
IP
142.250.74.74:443
ASN
#15169 GOOGLE

Requested by
http://subscribe.goodlifestylenews.com/?email=sdlocke@semco.cc&redirect_id=42937&bid=17&ses_id=88020a62d8323de6e5209ad990d8f780
Certificate
IssuerGoogle Trust Services LLC
Subjectupload.video.google.com
Fingerprint47:5A:64:7D:9F:47:34:07:31:91:97:F7:04:42:7A:D5:EA:AD:07:4E
ValidityMon, 04 Mar 2024 07:16:44 GMT - Mon, 27 May 2024 07:16:43 GMT

File type
gzip compressed data, max compression
Size
2.0 kB (2027 bytes)
Hash
6ef21e5ff105a8825b875e6c7121ce8b
a4de56f314cb0c5c248064b30b9d60e8679519be
13fff793afe21c2510705044a2e0033ac18875554afc9d10f86d63923e291e20

HTTP Headers

GET /css?family=Roboto HTTP/1.1
Host: fonts.googleapis.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: http://subscribe.goodlifestylenews.com/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
content-type: text/css; charset=utf-8
access-control-allow-origin: *
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
strict-transport-security: max-age=31536000
expires: Tue, 16 Apr 2024 03:54:11 GMT
date: Tue, 16 Apr 2024 03:54:11 GMT
cache-control: private, max-age=86400
cross-origin-opener-policy: same-origin-allow-popups
cross-origin-resource-policy: cross-origin
content-encoding: gzip
server: ESF
x-xss-protection: 0
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2

fonts.gstatic.com/s/roboto/v30/KFOmCnqEu92Fr1Mu4mxK.woff2

216.58.207.227

200 OK

16 kB

URL GET HTTP/2
fonts.gstatic.com/s/roboto/v30/KFOmCnqEu92Fr1Mu4mxK.woff2
IP
216.58.207.227:443
ASN
#15169 GOOGLE

Requested by
http://subscribe.goodlifestylenews.com/?email=sdlocke@semco.cc&redirect_id=42937&bid=17&ses_id=88020a62d8323de6e5209ad990d8f780
Certificate
IssuerGoogle Trust Services LLC
Subject*.gstatic.com
Fingerprint8F:81:43:71:C4:F3:8C:FA:6D:EC:B4:5E:1F:58:71:AA:48:42:0E:E9
ValidityMon, 04 Mar 2024 07:16:39 GMT - Mon, 27 May 2024 07:16:38 GMT

File type
Web Open Font Format (Version 2), TrueType, length 15744, version 1.0
Size
16 kB (15744 bytes)
Hash
15d9f621c3bd1599f0169dcf0bd5e63e
7ca9c5967f3bb8bffeab24b639b49c1e7d03fa52
f6734f8177112c0839b961f96d813fcb189d81b60e96c33278c1983b6f419615

HTTP Headers

GET /s/roboto/v30/KFOmCnqEu92Fr1Mu4mxK.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: http://subscribe.goodlifestylenews.com
DNT: 1
Connection: keep-alive
Referer: https://fonts.googleapis.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 15744
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Tue, 09 Apr 2024 16:27:38 GMT
expires: Wed, 09 Apr 2025 16:27:38 GMT
cache-control: public, max-age=31536000
last-modified: Wed, 11 May 2022 19:24:48 GMT
content-type: font/woff2
age: 559593
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2

verifiedsecure.org/uploads/0.442373001673954581K_Sa3Nyg.png

172.67.74.20

200 OK

251 B

URL GET HTTP/2
verifiedsecure.org/uploads/0.442373001673954581K_Sa3Nyg.png
IP
172.67.74.20:443
ASN
#13335 CLOUDFLARENET

Requested by
http://subscribe.goodlifestylenews.com/?email=sdlocke@semco.cc&redirect_id=42937&bid=17&ses_id=88020a62d8323de6e5209ad990d8f780
Certificate
IssuerGoogle Trust Services LLC
Subjectverifiedsecure.org
FingerprintA0:39:56:47:2D:24:66:40:29:81:A2:DA:5B:19:04:77:07:A6:BA:B3
ValidityThu, 04 Apr 2024 23:26:29 GMT - Wed, 03 Jul 2024 23:26:28 GMT

File type
HTML document, ASCII text
Size
251 B (251 bytes)
Hash
73816d82cca56c187674258ec5b7bd5a
cd989502a8b941226bb7e5ddc0ff0b62621e701f
cc2b540f494c9f0eb7c7f31880eec48518729e92ffa9e7081eb70193baa985a5

HTTP Headers

GET /uploads/0.442373001673954581K_Sa3Nyg.png HTTP/1.1
Host: verifiedsecure.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
DNT: 1
Connection: keep-alive
Referer: http://subscribe.goodlifestylenews.com/
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 302 Found
Date: Tue, 16 Apr 2024 03:54:11 GMT
Content-Type: text/html; charset=iso-8859-1
Transfer-Encoding: chunked
Connection: keep-alive
Location: https://verifiedsecure.org/uploads/0.442373001673954581K_Sa3Nyg.png
Cache-Control: max-age=14400
Expires: Tue, 16 Apr 2024 04:04:10 GMT
CF-Cache-Status: EXPIRED
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=T5FJEMOP%2FWhfp4qdxgnMX2liMmTf%2FSTZvSWLxkUJF0yePRpSsTa5ihS6wn3rmTszMDeDhOUEoc%2Fhcx1Ww0ztbA1vMbdCnpymOKVm0lFurl8sWmoyicSS%2BhJi%2Bqf7EO3fbmi06A%3D%3D"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 87513b8bf9afb51b-OSL
alt-svc: h2=":443"; ma=60

subscriberwelcome.com/uploads/0.204734001673521892LifeAfterUkraine.jpeg

104.21.66.20

200 OK

400 kB

URL GET HTTP/2
subscriberwelcome.com/uploads/0.204734001673521892LifeAfterUkraine.jpeg
IP
104.21.66.20:443
ASN
#13335 CLOUDFLARENET

Requested by
http://subscribe.goodlifestylenews.com/?email=sdlocke@semco.cc&redirect_id=42937&bid=17&ses_id=88020a62d8323de6e5209ad990d8f780
Certificate
IssuerGoogle Trust Services LLC
Subjectsubscriberwelcome.com
FingerprintDA:EE:DE:64:E3:D6:C6:7B:68:0D:DF:8D:B3:56:E9:59:2C:55:00:E1
ValidityFri, 08 Mar 2024 02:01:15 GMT - Thu, 06 Jun 2024 02:01:14 GMT

File type
JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, baseline, precision 8, 2550x3300, components 3
Size
400 kB (400505 bytes)
Hash
b9a9621a927a5b9a9c71fdbb53bf8991
9c4cc398edb33da6a79e62701867cbf7fed4056d
d0342e1b39e1c9b80bfb574b18e0a5d9f9cf00e00ca7cf3b2ce1ded70f3bb9ab

HTTP Headers

GET /uploads/0.204734001673521892LifeAfterUkraine.jpeg HTTP/1.1
Host: subscriberwelcome.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: http://subscribe.goodlifestylenews.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
date: Tue, 16 Apr 2024 03:54:11 GMT
content-type: image/jpeg
content-length: 400505
last-modified: Thu, 12 Jan 2023 11:11:32 GMT
cache-control: max-age=14400
cf-cache-status: REVALIDATED
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=q3pAR56uFcQnr9XRh7XLG%2BtQxg7JAG2A%2B0fIoSH2E1ivIdvJdqNscrtx5%2FICCXpEtLEJ5yDDklx6KYcMfCdiGO5m%2Fs1dNZvtAF1ZVVizqpKGNc0Famt1vn%2FqLjb0ocWSFAaEDzxJ03Y%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 87513b8c1c9956a8-OSL
alt-svc: h3=":443"; ma=86400
X-Firefox-Spdy: h2

subscriberwelcome.com/uploads/0.4350600016769076711fa4a4d9-a4f8-451c-8bdc-8c541c15cb77.jpg

104.21.66.20

200 OK

144 kB

URL GET HTTP/2
subscriberwelcome.com/uploads/0.4350600016769076711fa4a4d9-a4f8-451c-8bdc-8c541c15cb77.jpg
IP
104.21.66.20:443
ASN
#13335 CLOUDFLARENET

Requested by
http://subscribe.goodlifestylenews.com/?email=sdlocke@semco.cc&redirect_id=42937&bid=17&ses_id=88020a62d8323de6e5209ad990d8f780
Certificate
IssuerGoogle Trust Services LLC
Subjectsubscriberwelcome.com
FingerprintDA:EE:DE:64:E3:D6:C6:7B:68:0D:DF:8D:B3:56:E9:59:2C:55:00:E1
ValidityFri, 08 Mar 2024 02:01:15 GMT - Thu, 06 Jun 2024 02:01:14 GMT

File type
JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 966x1449, components 3
Size
144 kB (144253 bytes)
Hash
e7eb0da863b2d3ead5846cdc3263a233
138225ea3d8ff08f07b046b858bf46bf2bba2e96
ff19a64983ac2748d6b8361212f1fc41814e1acd0d157ee9c736bbd2a4a03180

HTTP Headers

GET /uploads/0.4350600016769076711fa4a4d9-a4f8-451c-8bdc-8c541c15cb77.jpg HTTP/1.1
Host: subscriberwelcome.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: http://subscribe.goodlifestylenews.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
date: Tue, 16 Apr 2024 03:54:11 GMT
content-type: image/jpeg
content-length: 144253
last-modified: Mon, 20 Feb 2023 15:41:11 GMT
cache-control: max-age=14400
cf-cache-status: REVALIDATED
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=XghtzeSURmBKm7R3pUEdHIFdxasjv7q93w08440Uwd9hw9BTvsbx3W6lOggpdj1tY7kn6YN%2F4q8fxxdRiuKlAL4d%2FcWA1MRSg3lUmWF1snk9lt%2BW7P8DELeG0aaO0wVdTiQdfN8ymC8%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 87513b8c2c9d56a8-OSL
alt-svc: h3=":443"; ma=86400
X-Firefox-Spdy: h2

s3.us-east-1.amazonaws.com/autonewsuploads/Inflation.jpegdbf6169a10a4d2e85b1e27a2147f0c821689764275bdc5a173baf72b6dd3a8477ba63de904

52.217.224.224

200 OK

22 kB

URL GET HTTP/1.1
s3.us-east-1.amazonaws.com/autonewsuploads/Inflation.jpegdbf6169a10a4d2e85b1e27a2147f0c821689764275bdc5a173baf72b6dd3a8477ba63de904
IP
52.217.224.224:443
ASN
#16509 AMAZON-02

Requested by
http://subscribe.goodlifestylenews.com/?email=sdlocke@semco.cc&redirect_id=42937&bid=17&ses_id=88020a62d8323de6e5209ad990d8f780
Certificate
IssuerAmazon
Subjects3.amazonaws.com
Fingerprint82:A2:80:27:89:C3:32:0E:1E:77:2D:6F:F3:3D:19:D3:97:36:BC:7C
ValidityThu, 08 Feb 2024 00:00:00 GMT - Sat, 11 Jan 2025 23:59:59 GMT

File type
JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, comment: "Compressed by jpeg-recompress", Exif Standard: [TIFF image data, big-endian, direntries=7, orientation=upper-left, xresolution=98, yresolution=106, software=Adobe Photoshop CS6 Windows], progressive, precision 8, 600x279, components 3
Size
22 kB (21484 bytes)
Hash
1fc66e1ac778ebc88ebe86aede1b0ddc
02d9372e26f6c29b8248f7b6b73804a85b8f820b
86db20923d3e598d02e8bb1213f797e9c8770e3086f3bc701fdf66d9ad0a5c70

HTTP Headers

GET /autonewsuploads/Inflation.jpegdbf6169a10a4d2e85b1e27a2147f0c821689764275bdc5a173baf72b6dd3a8477ba63de904 HTTP/1.1
Host: s3.us-east-1.amazonaws.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: http://subscribe.goodlifestylenews.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
x-amz-id-2: S5CKg7itc8lbhJENLy5JCQYtLw65uug8lt/2Hw8/C4yhYpigNVbmeO4zZ0VsZWVlAyHwkqoBJfg=
x-amz-request-id: 200EMNM9A6JKMCNQ
Date: Tue, 16 Apr 2024 03:54:12 GMT
Last-Modified: Wed, 19 Jul 2023 10:57:57 GMT
ETag: "1fc66e1ac778ebc88ebe86aede1b0ddc"
x-amz-storage-class: REDUCED_REDUNDANCY
x-amz-server-side-encryption: AES256
Accept-Ranges: bytes
Content-Type: application/octet-stream
Server: AmazonS3
Content-Length: 21484

s3.us-east-1.amazonaws.com/autonewsuploads/Fit.jpgd587c840ec0c664078e7757c19304b9f1701259804836cd93fb9cffde85704606eb65259f9

52.217.224.224

200 OK

8.2 kB

URL GET HTTP/1.1
s3.us-east-1.amazonaws.com/autonewsuploads/Fit.jpgd587c840ec0c664078e7757c19304b9f1701259804836cd93fb9cffde85704606eb65259f9
IP
52.217.224.224:443
ASN
#16509 AMAZON-02

Requested by
http://subscribe.goodlifestylenews.com/?email=sdlocke@semco.cc&redirect_id=42937&bid=17&ses_id=88020a62d8323de6e5209ad990d8f780
Certificate
IssuerAmazon
Subjects3.amazonaws.com
Fingerprint82:A2:80:27:89:C3:32:0E:1E:77:2D:6F:F3:3D:19:D3:97:36:BC:7C
ValidityThu, 08 Feb 2024 00:00:00 GMT - Sat, 11 Jan 2025 23:59:59 GMT

File type
JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, baseline, precision 8, 275x183, components 3
Size
8.2 kB (8212 bytes)
Hash
63efbc50a4470ccb5bdb0bde338eefd9
7053c6204459aa8a59541c9811ff7e0b8a624182
16b5287fd98215f6418518a20510afa7fffff1dee0cb79a834b0fafdc84ea7ff

HTTP Headers

GET /autonewsuploads/Fit.jpgd587c840ec0c664078e7757c19304b9f1701259804836cd93fb9cffde85704606eb65259f9 HTTP/1.1
Host: s3.us-east-1.amazonaws.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: http://subscribe.goodlifestylenews.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
x-amz-id-2: od2MrF3AHRUnoVQaCmifW+6fi/Jt44mjZ7Jves+loQHUpH/4oOQ0HySGLPiEkBlE+eaVeeghC/8=
x-amz-request-id: 200FGR6G9XS9XDZB
Date: Tue, 16 Apr 2024 03:54:12 GMT
Last-Modified: Wed, 29 Nov 2023 12:10:03 GMT
ETag: "63efbc50a4470ccb5bdb0bde338eefd9"
x-amz-storage-class: REDUCED_REDUNDANCY
x-amz-server-side-encryption: AES256
Accept-Ranges: bytes
Content-Type: application/octet-stream
Server: AmazonS3
Content-Length: 8212

subscriberwelcome.com/uploads/0.1663680016738854302D2(1).jpg

104.21.66.20

200 OK

1.1 MB

URL GET HTTP/2
subscriberwelcome.com/uploads/0.1663680016738854302D2(1).jpg
IP
104.21.66.20:443
ASN
#13335 CLOUDFLARENET

Requested by
http://subscribe.goodlifestylenews.com/?email=sdlocke@semco.cc&redirect_id=42937&bid=17&ses_id=88020a62d8323de6e5209ad990d8f780
Certificate
IssuerGoogle Trust Services LLC
Subjectsubscriberwelcome.com
FingerprintDA:EE:DE:64:E3:D6:C6:7B:68:0D:DF:8D:B3:56:E9:59:2C:55:00:E1
ValidityFri, 08 Mar 2024 02:01:15 GMT - Thu, 06 Jun 2024 02:01:14 GMT

File type
JPEG image data, Exif standard: [TIFF image data, big-endian, direntries=7, orientation=upper-left, xresolution=98, yresolution=106, resolutionunit=2, software=Adobe Photoshop 24.0 (Windows), datetime=2023:01:10 16:36:41], baseline, precision 8, 1800x2700, components 3
Size
1.1 MB (1114284 bytes)
Hash
b02e84cdcd5a3e55ded5e64dfd307124
bfaad4b8b4b1b1fafffeda314b8868c94e7280c8
d67985993c18e2a7b22a4193c0613a65096b3376d64539feb646739798d2cf5c

HTTP Headers

GET /uploads/0.1663680016738854302D2(1).jpg HTTP/1.1
Host: subscriberwelcome.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: http://subscribe.goodlifestylenews.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
date: Tue, 16 Apr 2024 03:54:11 GMT
content-type: image/jpeg
content-length: 1114284
last-modified: Mon, 16 Jan 2023 16:10:30 GMT
cache-control: max-age=14400
cf-cache-status: REVALIDATED
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=pQ4as4xv8Q5Wh%2FgDa8FDkle7h346uFUtE6%2FS5hLVMx7cOsWn3OpYcG9OpLq5qJwx%2BF8EX56G7k1j6oOJXuw2WY7Ls7Csq6RG%2F%2BvYw9muDueDrqIArbixH0b5PG8%2FGR7%2F4ei27pSrmoU%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 87513b8c1c9756a8-OSL
alt-svc: h3=":443"; ma=86400
X-Firefox-Spdy: h2

subscriberwelcome.com/uploads/0.1721950016738853872D1(1).jpg

104.21.66.20

200 OK

1.3 MB

URL GET HTTP/2
subscriberwelcome.com/uploads/0.1721950016738853872D1(1).jpg
IP
104.21.66.20:443
ASN
#13335 CLOUDFLARENET

Requested by
http://subscribe.goodlifestylenews.com/?email=sdlocke@semco.cc&redirect_id=42937&bid=17&ses_id=88020a62d8323de6e5209ad990d8f780
Certificate
IssuerGoogle Trust Services LLC
Subjectsubscriberwelcome.com
FingerprintDA:EE:DE:64:E3:D6:C6:7B:68:0D:DF:8D:B3:56:E9:59:2C:55:00:E1
ValidityFri, 08 Mar 2024 02:01:15 GMT - Thu, 06 Jun 2024 02:01:14 GMT

File type
JPEG image data, Exif standard: [TIFF image data, big-endian, direntries=7, orientation=upper-left, xresolution=98, yresolution=106, resolutionunit=2, software=Adobe Photoshop 24.0 (Windows), datetime=2023:01:07 00:05:06], baseline, precision 8, 1800x2700, components 3
Size
1.3 MB (1288007 bytes)
Hash
91e68c3d20f4e55b01fdbaa834b4e4e6
e54e4ea7f042d2124aa1be976a6fe9d708bb4f9f
3cab775e25b68c23b905d547373476f046b0101e7cfdbd6f016e302f5a429988

HTTP Headers

GET /uploads/0.1721950016738853872D1(1).jpg HTTP/1.1
Host: subscriberwelcome.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: http://subscribe.goodlifestylenews.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
date: Tue, 16 Apr 2024 03:54:11 GMT
content-type: image/jpeg
content-length: 1288007
last-modified: Mon, 16 Jan 2023 16:09:47 GMT
cache-control: max-age=14400
cf-cache-status: REVALIDATED
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=Z9us24ZeYzzUVLkxMHMjBtRnU6aVH%2FLxfFSCsAUaPBoUjEl5VNtIsf8DLMUZ%2F%2BafbyX54j0A%2Bd9B7TcKy0JDZKeszwWhO46EY2WizH9dhTN0ycRsQucreP8SncH4tzccADRnUERYd%2FU%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 87513b8c1c9a56a8-OSL
alt-svc: h3=":443"; ma=86400
X-Firefox-Spdy: h2

s3.us-east-1.amazonaws.com/autonewsuploads/drinking-98618_1280.jpg64b9888da2f455dab6320067862a3aca17129195312d5cf1686f59b8fe0453612e08b8250c

52.217.224.224

200 OK

159 kB

URL GET HTTP/1.1
s3.us-east-1.amazonaws.com/autonewsuploads/drinking-98618_1280.jpg64b9888da2f455dab6320067862a3aca17129195312d5cf1686f59b8fe0453612e08b8250c
IP
52.217.224.224:443
ASN
#16509 AMAZON-02

Requested by
http://subscribe.goodlifestylenews.com/?email=sdlocke@semco.cc&redirect_id=42937&bid=17&ses_id=88020a62d8323de6e5209ad990d8f780
Certificate
IssuerAmazon
Subjects3.amazonaws.com
Fingerprint82:A2:80:27:89:C3:32:0E:1E:77:2D:6F:F3:3D:19:D3:97:36:BC:7C
ValidityThu, 08 Feb 2024 00:00:00 GMT - Sat, 11 Jan 2025 23:59:59 GMT

File type
JPEG image data, JFIF standard 1.01, resolution (DPI), density 96x96, segment length 16, Exif Standard: [TIFF image data, big-endian, direntries=3], baseline, precision 8, 1280x1280, components 3
Size
159 kB (158571 bytes)
Hash
7ce5ed9adc66e64ba075efb968d14738
6fdc90fa71a9caa1ab837ef5a1bf29abfbd0498d
1514eaed03038f21ece918a59349483f95ef337541818017d701c58d397fe326

HTTP Headers

GET /autonewsuploads/drinking-98618_1280.jpg64b9888da2f455dab6320067862a3aca17129195312d5cf1686f59b8fe0453612e08b8250c HTTP/1.1
Host: s3.us-east-1.amazonaws.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: http://subscribe.goodlifestylenews.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
x-amz-id-2: CVSyjLytGf0tXPaG4+Iggcwr8LRMflilMaleFkwj61dn9vatbWaqKLfWdJMvSdX4GsMXXahiUvA=
x-amz-request-id: 2008TVJE48M7WMH4
Date: Tue, 16 Apr 2024 03:54:12 GMT
Last-Modified: Fri, 12 Apr 2024 10:58:53 GMT
ETag: "7ce5ed9adc66e64ba075efb968d14738"
x-amz-storage-class: REDUCED_REDUNDANCY
x-amz-server-side-encryption: AES256
Accept-Ranges: bytes
Content-Type: application/octet-stream
Server: AmazonS3
Content-Length: 158571

s3.us-east-1.amazonaws.com/autonewsuploads/UltraK904245.jpg4cd5e4c4c29a599920d0efdda2896a3d17128359610f32ce3d04f83312973b937988708c58

52.217.224.224

200 OK

128 kB

URL GET HTTP/1.1
s3.us-east-1.amazonaws.com/autonewsuploads/UltraK904245.jpg4cd5e4c4c29a599920d0efdda2896a3d17128359610f32ce3d04f83312973b937988708c58
IP
52.217.224.224:443
ASN
#16509 AMAZON-02

Requested by
http://subscribe.goodlifestylenews.com/?email=sdlocke@semco.cc&redirect_id=42937&bid=17&ses_id=88020a62d8323de6e5209ad990d8f780
Certificate
IssuerAmazon
Subjects3.amazonaws.com
Fingerprint82:A2:80:27:89:C3:32:0E:1E:77:2D:6F:F3:3D:19:D3:97:36:BC:7C
ValidityThu, 08 Feb 2024 00:00:00 GMT - Sat, 11 Jan 2025 23:59:59 GMT

File type
JPEG image data, Exif standard: [TIFF image data, big-endian, direntries=1], baseline, precision 8, 1024x683, components 3
Size
128 kB (128301 bytes)
Hash
89cd1d27cbd6bb378c37b97ea3020038
63561d57c63d23a3c5a2252c483066dadb3afd57
a5ef198ae7a50fa610c6f15c1ff7a6fd676c7cbd298e8f6b92ab36bda21000c8

HTTP Headers

GET /autonewsuploads/UltraK904245.jpg4cd5e4c4c29a599920d0efdda2896a3d17128359610f32ce3d04f83312973b937988708c58 HTTP/1.1
Host: s3.us-east-1.amazonaws.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: http://subscribe.goodlifestylenews.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
x-amz-id-2: gOzsBGi8QoNeBnQgfTKgNEUBG/t95SqM2+TLi0ImG2Cg0AHoebhAEQxJpcKNh7RREb4RL9cWqoU=
x-amz-request-id: 200D2N2G9VD8299R
Date: Tue, 16 Apr 2024 03:54:12 GMT
Last-Modified: Thu, 11 Apr 2024 11:46:03 GMT
ETag: "89cd1d27cbd6bb378c37b97ea3020038"
x-amz-storage-class: REDUCED_REDUNDANCY
x-amz-server-side-encryption: AES256
Accept-Ranges: bytes
Content-Type: application/octet-stream
Server: AmazonS3
Content-Length: 128301

verifiedsecure.org/uploads/0.442373001673954581K_Sa3Nyg.png

172.67.74.20

200 OK

36 kB

URL GET HTTP/2
verifiedsecure.org/uploads/0.442373001673954581K_Sa3Nyg.png
IP
172.67.74.20:443
ASN
#13335 CLOUDFLARENET

Requested by
http://subscribe.goodlifestylenews.com/?email=sdlocke@semco.cc&redirect_id=42937&bid=17&ses_id=88020a62d8323de6e5209ad990d8f780
Certificate
IssuerGoogle Trust Services LLC
Subjectverifiedsecure.org
FingerprintA0:39:56:47:2D:24:66:40:29:81:A2:DA:5B:19:04:77:07:A6:BA:B3
ValidityThu, 04 Apr 2024 23:26:29 GMT - Wed, 03 Jul 2024 23:26:28 GMT

File type
PNG image data, 3369 x 257, 8-bit/color RGBA, non-interlaced
Size
36 kB (35781 bytes)
Hash
724c1e2ab214eefe0271ee598af8749a
b99bb085dd791488b061c423223318345c590f24
bba2a6dbda4e6833f68c21d84c0f9a09180ae9595b238c982da300cf448ab78c

HTTP Headers

GET /uploads/0.442373001673954581K_Sa3Nyg.png HTTP/1.1
Host: verifiedsecure.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: http://subscribe.goodlifestylenews.com/
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
date: Tue, 16 Apr 2024 03:54:12 GMT
content-type: image/png
content-length: 35781
last-modified: Tue, 17 Jan 2023 11:23:01 GMT
cache-control: max-age=2592000
expires: Sat, 20 Apr 2024 22:53:53 GMT
cf-cache-status: HIT
age: 2178019
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=k%2By%2FHAZVfOLpeBznCESQGpGtrX%2Bh2Gq9GmUeJguo%2BCOOtpcln9ybDKCKw5k68kLUrwrIbETEXMatPMc5KqFH0Xslvvouxq3nDa4YP1oaqdNhSlO7bzG7f%2FovCYc%2BSqY8wGu6vw%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 87513b91498056a9-OSL
X-Firefox-Spdy: h2

s3.us-east-1.amazonaws.com/autonewsuploads/1_DNX7tuc1kboBT8HIMzH68Q.jpge3cc569300a94e5f5d2d5d52f68858b91712834605dd58ee97ee2919d8f86682c1c7a81f9c

52.217.224.224

200 OK

37 kB

URL GET HTTP/1.1
s3.us-east-1.amazonaws.com/autonewsuploads/1_DNX7tuc1kboBT8HIMzH68Q.jpge3cc569300a94e5f5d2d5d52f68858b91712834605dd58ee97ee2919d8f86682c1c7a81f9c
IP
52.217.224.224:443
ASN
#16509 AMAZON-02

Requested by
http://subscribe.goodlifestylenews.com/?email=sdlocke@semco.cc&redirect_id=42937&bid=17&ses_id=88020a62d8323de6e5209ad990d8f780
Certificate
IssuerAmazon
Subjects3.amazonaws.com
Fingerprint82:A2:80:27:89:C3:32:0E:1E:77:2D:6F:F3:3D:19:D3:97:36:BC:7C
ValidityThu, 08 Feb 2024 00:00:00 GMT - Sat, 11 Jan 2025 23:59:59 GMT

File type
JPEG image data, Exif standard: [TIFF image data, big-endian, direntries=7, orientation=upper-left, xresolution=194, yresolution=202, resolutionunit=2], baseline, precision 8, 750x500, components 3
Size
37 kB (37039 bytes)
Hash
a6d9d4c7a2bba2d390e1ecf8a43f1b01
fc3312d6df0ac10a9ee314d440d2292635c39951
ba61a6e117803d6c468ffd5feee76f6d4bd06254f9323c7f417ebbbb6515b3d0

HTTP Headers

GET /autonewsuploads/1_DNX7tuc1kboBT8HIMzH68Q.jpge3cc569300a94e5f5d2d5d52f68858b91712834605dd58ee97ee2919d8f86682c1c7a81f9c HTTP/1.1
Host: s3.us-east-1.amazonaws.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: http://subscribe.goodlifestylenews.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
x-amz-id-2: EbPXoFVDacN5IwO1jxg84OaydqKFhCFGMcUXSFN6NdQELeR/yWCBnFsgCEhdIEMMafxvCYT9VKQ=
x-amz-request-id: V5WD3B5T8133H41F
Date: Tue, 16 Apr 2024 03:54:13 GMT
Last-Modified: Thu, 11 Apr 2024 11:23:27 GMT
ETag: "a6d9d4c7a2bba2d390e1ecf8a43f1b01"
x-amz-storage-class: REDUCED_REDUNDANCY
x-amz-server-side-encryption: AES256
Accept-Ranges: bytes
Content-Type: application/octet-stream
Server: AmazonS3
Content-Length: 37039

s3.us-east-1.amazonaws.com/autonewsuploads/vet.jpge931eb5b9c5908636e3335e51cf3432417085177446d8f9bcf29f7ab56acaff9b7ec68bfaf

52.217.224.224

200 OK

6.1 kB

URL GET HTTP/1.1
s3.us-east-1.amazonaws.com/autonewsuploads/vet.jpge931eb5b9c5908636e3335e51cf3432417085177446d8f9bcf29f7ab56acaff9b7ec68bfaf
IP
52.217.224.224:443
ASN
#16509 AMAZON-02

Requested by
http://subscribe.goodlifestylenews.com/?email=sdlocke@semco.cc&redirect_id=42937&bid=17&ses_id=88020a62d8323de6e5209ad990d8f780
Certificate
IssuerAmazon
Subjects3.amazonaws.com
Fingerprint82:A2:80:27:89:C3:32:0E:1E:77:2D:6F:F3:3D:19:D3:97:36:BC:7C
ValidityThu, 08 Feb 2024 00:00:00 GMT - Sat, 11 Jan 2025 23:59:59 GMT

File type
JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, baseline, precision 8, 300x168, components 3
Size
6.1 kB (6091 bytes)
Hash
2886cc91bab7e756b808fe50658a32d8
57eadae387477d2deaa6f99849e3779918392605
180661ff3f81979d5ce002181669d2d398580188db86bd9ddb57a7ac2a3de49d

HTTP Headers

GET /autonewsuploads/vet.jpge931eb5b9c5908636e3335e51cf3432417085177446d8f9bcf29f7ab56acaff9b7ec68bfaf HTTP/1.1
Host: s3.us-east-1.amazonaws.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: http://subscribe.goodlifestylenews.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
x-amz-id-2: UHyGiT1uisKs0Co6XRunibJ5uZ7Am9NfeAcpd7u/rY1P8PgFEMO3YP6N5+MhMPt7LEUoQ9Vl4EA=
x-amz-request-id: V5W3NX2Q9A7321PB
Date: Tue, 16 Apr 2024 03:54:13 GMT
Last-Modified: Wed, 21 Feb 2024 12:15:46 GMT
ETag: "2886cc91bab7e756b808fe50658a32d8"
x-amz-storage-class: REDUCED_REDUNDANCY
x-amz-server-side-encryption: AES256
Accept-Ranges: bytes
Content-Type: application/octet-stream
Server: AmazonS3
Content-Length: 6091

s3.us-east-1.amazonaws.com/autonewsuploads/worse%20vision.jpg04c3f8d8bfe8c77cc06ef5d088fe76f91712660563fdf373e5b8e78733430a2131cd9b5a3e

52.217.224.224

200 OK

170 kB

URL GET HTTP/1.1
s3.us-east-1.amazonaws.com/autonewsuploads/worse%20vision.jpg04c3f8d8bfe8c77cc06ef5d088fe76f91712660563fdf373e5b8e78733430a2131cd9b5a3e
IP
52.217.224.224:443
ASN
#16509 AMAZON-02

Requested by
http://subscribe.goodlifestylenews.com/?email=sdlocke@semco.cc&redirect_id=42937&bid=17&ses_id=88020a62d8323de6e5209ad990d8f780
Certificate
IssuerAmazon
Subjects3.amazonaws.com
Fingerprint82:A2:80:27:89:C3:32:0E:1E:77:2D:6F:F3:3D:19:D3:97:36:BC:7C
ValidityThu, 08 Feb 2024 00:00:00 GMT - Sat, 11 Jan 2025 23:59:59 GMT

File type
JPEG image data, Exif standard: [TIFF image data, big-endian, direntries=1], baseline, precision 8, 1024x783, components 3
Size
170 kB (169604 bytes)
Hash
453f86a922ea0aaed9446b57281f1387
829544be236ee42dd3103b670dc6cc132d610f03
9c6194c947048457cc6c0ec8759bcdb798eea2d442d498bc92a5eba1918a4aba

HTTP Headers

GET /autonewsuploads/worse%20vision.jpg04c3f8d8bfe8c77cc06ef5d088fe76f91712660563fdf373e5b8e78733430a2131cd9b5a3e HTTP/1.1
Host: s3.us-east-1.amazonaws.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: http://subscribe.goodlifestylenews.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
x-amz-id-2: 16g0xhtXwnl28/L3vpsJCQa3vkfJIDwmsshGq2SyJwanuk3BOHQtGgHcwU+i9TXJyN+B3sEVHwU=
x-amz-request-id: 20027CHCX7V3K24T
Date: Tue, 16 Apr 2024 03:54:12 GMT
Last-Modified: Tue, 09 Apr 2024 11:02:45 GMT
ETag: "453f86a922ea0aaed9446b57281f1387"
x-amz-storage-class: REDUCED_REDUNDANCY
x-amz-server-side-encryption: AES256
Accept-Ranges: bytes
Content-Type: application/octet-stream
Server: AmazonS3
Content-Length: 169604

s3.us-east-1.amazonaws.com/autonewsuploads/1_LGxNd7mndmKzfREAjIhchQ.jpgdb161c8297e0a41616762a19fe1e1d9717078268080489ec16c32f3b0dca877dda4ea14071

52.217.224.224

200 OK

174 kB

URL GET HTTP/1.1
s3.us-east-1.amazonaws.com/autonewsuploads/1_LGxNd7mndmKzfREAjIhchQ.jpgdb161c8297e0a41616762a19fe1e1d9717078268080489ec16c32f3b0dca877dda4ea14071
IP
52.217.224.224:443
ASN
#16509 AMAZON-02

Requested by
http://subscribe.goodlifestylenews.com/?email=sdlocke@semco.cc&redirect_id=42937&bid=17&ses_id=88020a62d8323de6e5209ad990d8f780
Certificate
IssuerAmazon
Subjects3.amazonaws.com
Fingerprint82:A2:80:27:89:C3:32:0E:1E:77:2D:6F:F3:3D:19:D3:97:36:BC:7C
ValidityThu, 08 Feb 2024 00:00:00 GMT - Sat, 11 Jan 2025 23:59:59 GMT

File type
JPEG image data, Exif standard: [TIFF image data, little-endian, direntries=7, orientation=upper-left, xresolution=118, yresolution=126, resolutionunit=2], baseline, precision 8, 1400x935, components 3
Size
174 kB (173530 bytes)
Hash
6411e72768b27e032d324da2bcc6b518
871f47eb02ac8527435c0c1fa3f04bf7ce18b185
cf1b0d424ea2e23b3793c76e8c6f620e6782e49e4786cc113667567f384bebb7

HTTP Headers

GET /autonewsuploads/1_LGxNd7mndmKzfREAjIhchQ.jpgdb161c8297e0a41616762a19fe1e1d9717078268080489ec16c32f3b0dca877dda4ea14071 HTTP/1.1
Host: s3.us-east-1.amazonaws.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: http://subscribe.goodlifestylenews.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
x-amz-id-2: 4Z4TcWf/kZKs15tPZXk1RNv73RIfPSKlE9O5AmSTAGmz9j+yRF2ig91zR6rXpsDS2QpbSO2yJc0=
x-amz-request-id: 200A70B3P0Q5G7BQ
Date: Tue, 16 Apr 2024 03:54:12 GMT
Last-Modified: Tue, 13 Feb 2024 12:20:10 GMT
ETag: "6411e72768b27e032d324da2bcc6b518"
x-amz-storage-class: REDUCED_REDUNDANCY
x-amz-server-side-encryption: AES256
Accept-Ranges: bytes
Content-Type: application/octet-stream
Server: AmazonS3
Content-Length: 173530

s3.us-east-1.amazonaws.com/autonewsuploads/GetProstate04241.jpgf9bd27c6822b16f3cf3eb5876817433717126620945e56b623fe4588d7c712cf74455271ae

52.217.224.224

200 OK

433 kB

URL GET HTTP/1.1
s3.us-east-1.amazonaws.com/autonewsuploads/GetProstate04241.jpgf9bd27c6822b16f3cf3eb5876817433717126620945e56b623fe4588d7c712cf74455271ae
IP
52.217.224.224:443
ASN
#16509 AMAZON-02

Requested by
http://subscribe.goodlifestylenews.com/?email=sdlocke@semco.cc&redirect_id=42937&bid=17&ses_id=88020a62d8323de6e5209ad990d8f780
Certificate
IssuerAmazon
Subjects3.amazonaws.com
Fingerprint82:A2:80:27:89:C3:32:0E:1E:77:2D:6F:F3:3D:19:D3:97:36:BC:7C
ValidityThu, 08 Feb 2024 00:00:00 GMT - Sat, 11 Jan 2025 23:59:59 GMT

File type
JPEG image data, JFIF standard 1.01, resolution (DPI), density 300x300, segment length 16, Exif Standard: [TIFF image data, big-endian, direntries=12, height=3744, bps=0, PhotometricInterpretation=RGB, orientation=upper-left, width=5616], baseline, precision 8, 1800x1200, components 3
Size
433 kB (433442 bytes)
Hash
60a563642150e1af4e00ec3c3f677b66
d04eed6d68a0e8aea757663d9592009091908458
e1df1121dabe998035ed22ef8f116559971e300a2819918b92db1f0352c570ad

HTTP Headers

GET /autonewsuploads/GetProstate04241.jpgf9bd27c6822b16f3cf3eb5876817433717126620945e56b623fe4588d7c712cf74455271ae HTTP/1.1
Host: s3.us-east-1.amazonaws.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: http://subscribe.goodlifestylenews.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
x-amz-id-2: uHjJ/VZgrKinSaObjccn2CNGWNcY1FraRXKRJ8dGqsrRmMzuZ5eHfwoR3MpW9ZyX0aJ9f9kPkFc=
x-amz-request-id: V5WE8T1APV23VGHD
Date: Tue, 16 Apr 2024 03:54:13 GMT
Last-Modified: Tue, 09 Apr 2024 11:28:16 GMT
ETag: "60a563642150e1af4e00ec3c3f677b66"
x-amz-storage-class: REDUCED_REDUNDANCY
x-amz-server-side-encryption: AES256
Accept-Ranges: bytes
Content-Type: application/octet-stream
Server: AmazonS3
Content-Length: 433442

s3.us-east-1.amazonaws.com/autonewsuploads/ChaosRally03243.jpg62be5442c92f7d2f253103bf43fbb876171197445843f099107fc97f09add12ee5cf73a0a4

52.217.224.224

200 OK

931 kB

URL GET HTTP/1.1
s3.us-east-1.amazonaws.com/autonewsuploads/ChaosRally03243.jpg62be5442c92f7d2f253103bf43fbb876171197445843f099107fc97f09add12ee5cf73a0a4
IP
52.217.224.224:443
ASN
#16509 AMAZON-02

Requested by
http://subscribe.goodlifestylenews.com/?email=sdlocke@semco.cc&redirect_id=42937&bid=17&ses_id=88020a62d8323de6e5209ad990d8f780
Certificate
IssuerAmazon
Subjects3.amazonaws.com
Fingerprint82:A2:80:27:89:C3:32:0E:1E:77:2D:6F:F3:3D:19:D3:97:36:BC:7C
ValidityThu, 08 Feb 2024 00:00:00 GMT - Sat, 11 Jan 2025 23:59:59 GMT

File type
JPEG image data, JFIF standard 1.01, resolution (DPI), density 240x240, segment length 16, Exif Standard: [TIFF image data, little-endian, direntries=12, description=Charlottesville Candlelight Vigil at the White House, Washington, DC USA, manufacturer=SONY, model=ILCE-6300, xresolution=248, yresolution=256, resolutionunit=2, software=Adobe Photoshop Lightroom 6.12 (Macintosh), datetime=2017:08:13 21:53:35], baseline, precision 8, 2560x1449, components 3
Size
931 kB (931429 bytes)
Hash
b55dae54d79509e222cf4536698350ab
af4d10c9b5f99edfa0710eb9123500b358d999dc
d67ad702f911cf9b22146c71f2413d566d81e23ce3d78fa68b9a876ad69283ad

HTTP Headers

GET /autonewsuploads/ChaosRally03243.jpg62be5442c92f7d2f253103bf43fbb876171197445843f099107fc97f09add12ee5cf73a0a4 HTTP/1.1
Host: s3.us-east-1.amazonaws.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: http://subscribe.goodlifestylenews.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
x-amz-id-2: 1bK2ntr2ZuWCyyu6S2rBrj22oXDozbqu5EQNx2miSHmWEFwtKJTtAH0gMzsSwCXuT2QR/7oBHkM=
x-amz-request-id: V5WBZKR4BQ3DRHTE
Date: Tue, 16 Apr 2024 03:54:13 GMT
Last-Modified: Mon, 01 Apr 2024 12:27:42 GMT
ETag: "b55dae54d79509e222cf4536698350ab"
x-amz-storage-class: REDUCED_REDUNDANCY
x-amz-server-side-encryption: AES256
Accept-Ranges: bytes
Content-Type: application/octet-stream
Server: AmazonS3
Content-Length: 931429

subscribe.goodlifestylenews.com/favicon.ico

172.67.172.49

404 Not Found

238 B

URL GET HTTP/1.1
subscribe.goodlifestylenews.com/favicon.ico
IP
172.67.172.49:80
ASN
#13335 CLOUDFLARENET

Requested by
http://subscribe.goodlifestylenews.com/?email=sdlocke@semco.cc&redirect_id=42937&bid=17&ses_id=88020a62d8323de6e5209ad990d8f780

File type
HTML document, ASCII text
Size
238 B (238 bytes)
Hash
a34ac19f4afae63adc5d2f7bc970c07f
a82190fc530c265aa40a045c21770d967f4767b8
d5a89e26beae0bc03ad18a0b0d1d3d75f87c32047879d25da11970cb5c4662a3

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /favicon.ico HTTP/1.1
Host: subscribe.goodlifestylenews.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
DNT: 1
Connection: keep-alive
Referer: http://subscribe.goodlifestylenews.com/?email=sdlocke@semco.cc&redirect_id=42937&bid=17&ses_id=88020a62d8323de6e5209ad990d8f780
Cookie: PHPSESSID=e9b09c603cdcf0c3fa49a095d21e6549; _ga_WJJ5P9F2X8=GS1.1.1713239651.1.0.1713239651.0.0.0; _ga=GA1.1.707957658.1713239651
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 404 Not Found
Date: Tue, 16 Apr 2024 03:54:12 GMT
Content-Type: text/html; charset=iso-8859-1
Transfer-Encoding: chunked
Connection: keep-alive
Cache-Control: max-age=14400
CF-Cache-Status: EXPIRED
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=UyP%2BVCKoFo1UeWtt2gK9yenoC3621yXvakHs9pVGR037BEa6JaXfnIzmTNHYlqzF%2FPO3JQ7gh2WdR70JRDtxCnAjOOqTCAKo13y2skplX1TorHqMIivXi7rGeRHU0CmCZWJyF2aTckIdgITNI%2BgQ3Jpk"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 87513b93db7fb524-OSL
Content-Encoding: gzip
alt-svc: h2=":443"; ma=60

verifiedwebpage.com/go?ehash=a5276dcfef687822b175c94d6bcaf82b&product=46367&ar=55&cid=2553&lid=1610&slhash=9cebc4d298e0ed1ed5b0d3e255cd3947&redirect_id=42937&bid=17

104.18.21.187

302 Found

0 B

URL User Request GET HTTP/2
verifiedwebpage.com/go?ehash=a5276dcfef687822b175c94d6bcaf82b&product=46367&ar=55&cid=2553&lid=1610&slhash=9cebc4d298e0ed1ed5b0d3e255cd3947&redirect_id=42937&bid=17
IP
104.18.21.187:443
ASN
#13335 CLOUDFLARENET

Certificate
IssuerGoogle Trust Services LLC
Subjectverifiedwebpage.com
FingerprintB6:7C:0D:93:CD:D6:56:A3:74:B9:46:38:F0:C7:A5:31:BC:5F:AF:56
ValidityWed, 10 Apr 2024 21:43:08 GMT - Tue, 09 Jul 2024 21:43:07 GMT

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

HTTP Headers

GET /go?ehash=a5276dcfef687822b175c94d6bcaf82b&product=46367&ar=55&cid=2553&lid=1610&slhash=9cebc4d298e0ed1ed5b0d3e255cd3947&redirect_id=42937&bid=17 HTTP/1.1
Host: verifiedwebpage.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 302 Found
date: Tue, 16 Apr 2024 03:54:07 GMT
content-type: text/html; charset=UTF-8
location: https://subscribe.goodlifestylenews.com?email=sdlocke@semco.cc&redirect_id=42937&bid=17
expires: Thu, 19 Nov 1981 08:52:00 GMT
cache-control: no-store, no-cache, must-revalidate
pragma: no-cache
vary: User-Agent
cf-cache-status: DYNAMIC
set-cookie: PHPSESSID=ee48947c2b016f4b3b56cca243f6c960; path=/
pixel_session_hash_46367=3415447649292137849; expires=Thu, 16-May-2024 03:54:05 GMT; Max-Age=2592000; path=/; secure; HttpOnly; SameSite=None
bt_tracking_product_46367=5880b36a4de09ea0d7c782dbf2cff4eb1d2ee9c206c998afdd2cbc837d1db6ef; expires=Thu, 18-Apr-2024 03:54:05 GMT; Max-Age=172800
__cf_bm=o8nzCkwTSJPKbjaFWJpBZIVQf.ZAfZ2mA8sENC_7LuQ-1713239647-1.0.1.1-Jfrss0ojAP.Z5K7DnUXAnBEgt741numjI_WKZJpqkGhCjXNR0YnJX88nWaJ9mwOks3qqT1hPL66xIV6THoUprA; path=/; expires=Tue, 16-Apr-24 04:24:07 GMT; domain=.verifiedwebpage.com; HttpOnly; Secure; SameSite=None
server: cloudflare
cf-ray: 87513b6d9da2b4f7-OSL
X-Firefox-Spdy: h2

subscribe.goodlifestylenews.com/?email=sdlocke@semco.cc&redirect_id=42937&bid=17&ses_id=88020a62d8323de6e5209ad990d8f780

0.0.0.0

0 B

URL User Request GET
subscribe.goodlifestylenews.com/?email=sdlocke@semco.cc&redirect_id=42937&bid=17&ses_id=88020a62d8323de6e5209ad990d8f780
IP
0.0.0.0:0
ASN
#0

Certificate
IssuerGoogle Trust Services LLC
Subjectgoodlifestylenews.com
FingerprintCF:D4:62:67:0B:FC:CB:36:EF:53:02:EB:06:FE:15:35:2F:53:53:40
ValidityThu, 21 Mar 2024 14:09:53 GMT - Wed, 19 Jun 2024 14:09:52 GMT

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /?email=sdlocke@semco.cc&redirect_id=42937&bid=17&ses_id=88020a62d8323de6e5209ad990d8f780 HTTP/1.1
Host: subscribe.goodlifestylenews.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Cookie: PHPSESSID=e9b09c603cdcf0c3fa49a095d21e6549
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

subscribe.goodlifestylenews.com/?email=sdlocke@semco.cc&redirect_id=42937&bid=17&ses_id=88020a62d8323de6e5209ad990d8f780

104.21.30.61

200 OK

31 kB

URL User Request GET HTTP/1.1
subscribe.goodlifestylenews.com/?email=sdlocke@semco.cc&redirect_id=42937&bid=17&ses_id=88020a62d8323de6e5209ad990d8f780
IP
104.21.30.61:80
ASN
#13335 CLOUDFLARENET

File type

Size
31 kB (31005 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /?email=sdlocke@semco.cc&redirect_id=42937&bid=17&ses_id=88020a62d8323de6e5209ad990d8f780 HTTP/1.1
Host: subscribe.goodlifestylenews.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
DNT: 1
Connection: keep-alive
Cookie: PHPSESSID=e9b09c603cdcf0c3fa49a095d21e6549
Upgrade-Insecure-Requests: 1
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Date: Tue, 16 Apr 2024 03:54:10 GMT
Content-Type: text/html; charset=UTF-8
Transfer-Encoding: chunked
Connection: keep-alive
Access-Control-Allow-Origin: *
Access-Control-Allow-Methods: GET, POST
Access-Control-Allow-Headers: X-Requested-With
Expires: Thu, 19 Nov 1981 08:52:00 GMT
Cache-Control: no-store, no-cache, must-revalidate
Pragma: no-cache
Vary: Accept-Encoding,User-Agent
CF-Cache-Status: DYNAMIC
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=ADYJuVsxRO1vWKQMlM5DL7WrYzY%2Fe0Eq4Bzr4eDzTE6q5RyzbfA0qHObmPhKZ5qJO7kqtgn%2BMic74ew9WexlFpwTOKmOkbRt6MMbEDvE8EwYDQafoUeTgP5ZLqbfrvB22bcxp9s%2BB2fkFLrBcrlXTuN4"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Server: cloudflare
CF-RAY: 87513b821fefb4f7-OSL
Content-Encoding: gzip
alt-svc: h2=":443"; ma=60

subscribe.goodlifestylenews.com/?email=sdlocke@semco.cc&redirect_id=42937&bid=17

172.67.172.49

302 Found

0 B

URL User Request GET HTTP/3
subscribe.goodlifestylenews.com/?email=sdlocke@semco.cc&redirect_id=42937&bid=17
IP
172.67.172.49:443
ASN
#13335 CLOUDFLARENET

Certificate
IssuerGoogle Trust Services LLC
Subjectgoodlifestylenews.com
FingerprintCF:D4:62:67:0B:FC:CB:36:EF:53:02:EB:06:FE:15:35:2F:53:53:40
ValidityThu, 21 Mar 2024 14:09:53 GMT - Wed, 19 Jun 2024 14:09:52 GMT

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /?email=sdlocke@semco.cc&redirect_id=42937&bid=17 HTTP/1.1
Host: subscribe.goodlifestylenews.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/3 302 Found
date: Tue, 16 Apr 2024 03:54:08 GMT
content-type: text/html; charset=UTF-8
location: https://subscribe.goodlifestylenews.com/?email=sdlocke@semco.cc&redirect_id=42937&bid=17&ses_id=88020a62d8323de6e5209ad990d8f780
access-control-allow-origin: *
access-control-allow-methods: GET, POST
access-control-allow-headers: X-Requested-With
expires: Thu, 19 Nov 1981 08:52:00 GMT
cache-control: no-store, no-cache, must-revalidate
pragma: no-cache
set-cookie: PHPSESSID=e9b09c603cdcf0c3fa49a095d21e6549; path=/
vary: Accept-Encoding,User-Agent
cf-cache-status: DYNAMIC
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=UgCUvl7FUpS5MTVETX9c9axxJavpfwCSkpyakz4sv6YTES6QcF%2F9xyhkwMVZfb4PRZvwLbZWlx2wyYE0f4GZ6RLR1J%2FhvW9jWEI%2BtJVc%2BmB0kYua2JQ16S%2F3PAj5CLvJdDfFWxEbMaefft8ugWUYEpTp"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 87513b736a5f568a-OSL
alt-svc: h3=":443"; ma=86400

Report Overview

Submitted URL

IP

ASN

Submitted

Access

Website Title

Final URL

Tags

urlquery detections

Detections

urlquery

Network Intrusion Detection

Threat Detection Systems

Domain Summary

Related reports

Network Intrusion Detection Systems

Suricata /w Emerging Threats Pro

Threat Detection Systems

Public InfoSec YARA rules

OpenPhish

PhishTank

mnemonic secure dns

Quad9 DNS

ThreatFox

JavaScript (9)

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML