Report - go.goodlifestylenews.com/dummyarticleclickers_41091/51281630ec6da8fd08bf66d5e8d2adc6/55/leadsource/2480/1610/997685ae73cc3f63aef71016f29afc83/mpmta/news/41091/17

Report Overview

Submitted URL
go.goodlifestylenews.com/dummyarticleclickers_41091/51281630ec6da8fd08bf66d5e8d2adc6/55/leadsource/2480/1610/997685ae73cc3f63aef71016f29afc83/mpmta/news/41091/17
IP
172.67.172.49
ASN
#13335 CLOUDFLARENET
Submitted
2024-03-28 22:54:19
Access
public
Website Title
Good Lifestyle News (MP) Flow
Final URL
subscribe.goodlifestylenews.com/?email=bradley@ancora.ws&redirect_id=41091&bid=17&ses_id=3b4d5e84c633e685dc7fcf9923ed0056
Tags
urlquery detections
No alerts detected

Detections

urlquery
0
Network Intrusion Detection
0
Threat Detection Systems
16

Domain Summary

Domain / FQDN	Rank	Registered	First Seen	Last Seen	Sent	Received	IP
verifiedsecure.org	unknown	2015-12-08	2016-04-06	2024-03-26	858 B	38 kB	104.26.9.206
fonts.googleapis.com	8877	2005-01-25	2013-06-10	2024-03-28	443 B	2.8 kB	142.250.74.106
cdn.jsdelivr.net	439	2012-05-16	2012-09-30	2024-03-27	1.0 kB	49 kB	151.101.65.229
ajax.googleapis.com	12905	2005-01-25	2013-08-16	2024-03-28	446 B	34 kB	216.58.207.202
www.googletagmanager.com	75	2011-11-11	2013-05-22	2024-03-28	437 B	102 kB	142.250.74.168
fonts.gstatic.com	unknown	2008-02-11	2014-09-09	2024-03-28	533 B	17 kB	216.58.207.227
go.goodlifestylenews.com	unknown	2020-07-10	2022-06-02	2024-03-25	890 B	2.3 kB	172.67.172.49
verifiedwebpage.com	unknown	2022-03-23	2022-03-23	2024-03-27	618 B	40 kB	104.18.20.187
subscribe.goodlifestylenews.com	unknown	2020-07-10	2023-01-18	2024-03-26	3.3 kB	40 kB	104.21.30.61
subscriberwelcome.com	unknown	2022-11-16	2022-11-16	2024-03-25	2.0 kB	2.9 MB	172.67.155.79
s3.us-east-1.amazonaws.com	4041	2005-08-18	2017-11-22	2024-03-26	5.5 kB	2.6 MB	54.231.225.96

Related reports

Network Intrusion Detection Systems

Suricata /w Emerging Threats Pro

No alerts detected

Threat Detection Systems

Public InfoSec YARA rules

No alerts detected

OpenPhish

No alerts detected

PhishTank

No alerts detected

mnemonic secure dns

No alerts detected

Quad9 DNS

Scan Date	Severity	Indicator	Alert
2024-03-28	medium	goodlifestylenews.com	Sinkholed
2024-03-28	medium	goodlifestylenews.com	Sinkholed
2024-03-28	medium	goodlifestylenews.com	Sinkholed
2024-03-28	medium	goodlifestylenews.com	Sinkholed
2024-03-28	medium	goodlifestylenews.com	Sinkholed
2024-03-28	medium	goodlifestylenews.com	Sinkholed
2024-03-28	medium	goodlifestylenews.com	Sinkholed
2024-03-28	medium	goodlifestylenews.com	Sinkholed

ThreatFox

No alerts detected

JavaScript (9)

	URL	Size	First Seen	Last Seen
	subscribe.goodlifestylenews.com/?email=bradley@ancora.ws&redirect_id=41091&bid=17&ses_id=3b4d5e84c633e685dc7fcf9923ed0056	152 B	2023-06-01	2024-04-27
Pretty URL subscribe.goodlifestylenews.com/?email=bradley@ancora.ws&redirect_id=41091&bid=17&ses_id=3b4d5e84c633e685dc7fcf9923ed0056 IP 0.0.0.0 ASN #0 Introduced by scriptElement Embedded in HTML true Observations First Seen2023-06-01 19:31:02 Last Seen2024-04-27 04:17:17 Times Seen275 Hash f428121d5a5fef65b4475cd12946bc04 ee95d8f82bdc0b8001fd8ffa74edd84d5640aa87 a27ebc0bf8c54f5e2c909f78d326d964e1555bae0254d575f6511b0dcc92ae12 Loading...

	subscribe.goodlifestylenews.com/?email=bradley@ancora.ws&redirect_id=41091&bid=17&ses_id=3b4d5e84c633e685dc7fcf9923ed0056	194 B	2023-05-08	2024-04-27
Pretty URL subscribe.goodlifestylenews.com/?email=bradley@ancora.ws&redirect_id=41091&bid=17&ses_id=3b4d5e84c633e685dc7fcf9923ed0056 IP 0.0.0.0 ASN #0 Introduced by scriptElement Embedded in HTML true Observations First Seen2023-05-08 14:36:52 Last Seen2024-04-27 04:17:17 Times Seen321 Hash d7ae17d684ddcfa308369e402855826d d6da811e60cab233619e114e823ab9db7242bd5d e42a64d5a754498cd56f9079fd8e341c480ea2a15a6060e00924814586f8c44f Loading...

	subscribe.goodlifestylenews.com/?email=bradley@ancora.ws&redirect_id=41091&bid=17&ses_id=3b4d5e84c633e685dc7fcf9923ed0056	641 B	2023-05-08	2024-04-27
Pretty URL subscribe.goodlifestylenews.com/?email=bradley@ancora.ws&redirect_id=41091&bid=17&ses_id=3b4d5e84c633e685dc7fcf9923ed0056 IP 0.0.0.0 ASN #0 Introduced by scriptElement Embedded in HTML true Observations First Seen2023-05-08 14:36:52 Last Seen2024-04-27 04:17:17 Times Seen321 Hash c2855664f7a14ee99090a0366d9d1e03 35ba8e0f5b5181a8df832c0e12774a761d465dda bf66df111d26d4ef5b3e5df0f4df141fe5d7632260cb83308bfed72caf323af0 Loading...

	ajax.googleapis.com/ajax/libs/jquery/1.11.1/jquery.min.js	96 kB	2023-03-07	2024-04-27
Pretty URL ajax.googleapis.com/ajax/libs/jquery/1.11.1/jquery.min.js IP 216.58.207.202 ASN #15169 GOOGLE Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:02:02 Last Seen2024-04-27 15:06:43 Times Seen46614 Hash 8101d596b2b8fa35fe3a634ea342d7c3 d6c1f41972de07b09bfa63d2e50f9ab41ec372bd 540bc6dec1dd4b92ea4d3fb903f69eabf6d919afd48f4e312b163c28cff0f441 Loading...

	subscribe.goodlifestylenews.com/jquery.mobilePhoneNumber.js	26 kB	2023-05-08	2024-04-27
Pretty URL subscribe.goodlifestylenews.com/jquery.mobilePhoneNumber.js IP 104.21.30.61 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML false Observations First Seen2023-05-08 14:36:52 Last Seen2024-04-27 04:17:17 Times Seen646 Hash 0dbbb5873b895ea3be425af219cf85de 7b9dba563376d7dbd1c5b9b7064ab87eadad5591 02cbbdeb2244fd2855c49ab964c15001bde126c21cc5890d176c537878d6152b Loading...

	www.googletagmanager.com/gtag/js?id=G-WJJ5P9F2X8	304 kB	2024-03-28	2024-03-28
Pretty URL www.googletagmanager.com/gtag/js?id=G-WJJ5P9F2X8 IP 142.250.74.168 ASN #15169 GOOGLE Introduced by scriptElement Embedded in HTML false Observations First Seen2024-03-28 23:54:20 Last Seen2024-03-28 23:54:20 Times Seen2 Hash 373763aa1466ee7a822d34b24ae00791 de2ab2d179878a346292a74b8582ebdb5308487f 1fc0da1a4a8934f6f93fb3789b8f230953d4a04449c1d0b6f31b7661cf0b3ded Loading...

	cdn.jsdelivr.net/npm/bootstrap@5.2.2/dist/js/bootstrap.min.js	60 kB	2023-03-08	2024-04-27
Pretty URL cdn.jsdelivr.net/npm/bootstrap@5.2.2/dist/js/bootstrap.min.js IP 151.101.65.229 ASN #54113 FASTLY Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-08 20:35:41 Last Seen2024-04-27 04:17:17 Times Seen1276 Hash c5236e5d6a5d0ff97ff8c8e5102c6c03 6fbfdbddbe85c578de559adcc8d07cccbc16d514 87538c4b7e488f5a49d12f98d6a04afc61d00f26a790f319569799acd434eb65 Loading...

	subscribe.goodlifestylenews.com/jquery.caret.js	2.4 kB	2023-05-08	2024-04-27
Pretty URL subscribe.goodlifestylenews.com/jquery.caret.js IP 104.21.30.61 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML false Observations First Seen2023-05-08 14:36:52 Last Seen2024-04-27 04:17:17 Times Seen525 Hash 35c3ec8db4ff6e862db42516436216a1 7d9d7731403868cc34edaad1d9e17311541a6f77 adef482d97f599ba0e720ecf2aba0581ea1591ba1bb1eb271f1d98b279ff81ba Loading...

	subscribe.goodlifestylenews.com/?email=bradley@ancora.ws&redirect_id=41091&bid=17&ses_id=3b4d5e84c633e685dc7fcf9923ed0056	1.3 kB	2024-03-28	2024-03-28
Pretty URL subscribe.goodlifestylenews.com/?email=bradley@ancora.ws&redirect_id=41091&bid=17&ses_id=3b4d5e84c633e685dc7fcf9923ed0056 IP 0.0.0.0 ASN #0 Introduced by scriptElement Embedded in HTML true Observations First Seen2024-03-28 23:54:20 Last Seen2024-03-28 23:54:20 Times Seen2 Hash f83d40e132f298e58205e98985ca3379 626d9c934d6f9d2d495fd58489b88ba4b14f56c6 d9542d241ffbc5b5c53507226ac1ed38527fede347329655a837a1fff369a411 Loading...

HTTP Transactions (31)

URL IP Response Size

go.goodlifestylenews.com/dummyarticleclickers_41091/51281630ec6da8fd08bf66d5e8d2adc6/55/leadsource/2480/1610/997685ae73cc3f63aef71016f29afc83/mpmta/news/41091/17

172.67.172.49

302 Found

503 B

URL User Request GET HTTP/2
go.goodlifestylenews.com/dummyarticleclickers_41091/51281630ec6da8fd08bf66d5e8d2adc6/55/leadsource/2480/1610/997685ae73cc3f63aef71016f29afc83/mpmta/news/41091/17
IP
172.67.172.49:443
ASN
#13335 CLOUDFLARENET

Certificate
IssuerGoogle Trust Services LLC
Subjectgoodlifestylenews.com
FingerprintCF:D4:62:67:0B:FC:CB:36:EF:53:02:EB:06:FE:15:35:2F:53:53:40
ValidityThu, 21 Mar 2024 14:09:53 GMT - Wed, 19 Jun 2024 14:09:52 GMT

File type
data
Size
503 B (503 bytes)
Hash
88d39baf3c13cabd3ebad7696d9928f8
211d9f9c9b1a8c900221ac90959321e651aa061d
a5ecf006124d328b17ec9505dc76d04f6a85547d7f268f2b47dea70c02297752

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /dummyarticleclickers_41091/51281630ec6da8fd08bf66d5e8d2adc6/55/leadsource/2480/1610/997685ae73cc3f63aef71016f29afc83/mpmta/news/41091/17 HTTP/1.1
Host: go.goodlifestylenews.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Upgrade-Insecure-Requests: 1
Connection: keep-alive
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 302 Found
date: Thu, 28 Mar 2024 22:53:53 GMT
content-type: text/html; charset=UTF-8
location: https://verifiedwebpage.com/go?ehash=51281630ec6da8fd08bf66d5e8d2adc6&product=44504&ar=55&cid=2480&lid=1610&slhash=997685ae73cc3f63aef71016f29afc83&redirect_id=41091&bid=17
cache-control: max-age=600
expires: Thu, 28 Mar 2024 23:03:52 GMT
vary: User-Agent
cf-cache-status: DYNAMIC
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=5nr6bvpI2932bg4%2B8YkR%2BUKSEGB%2BNxP3Izyhk2gtbHOfWo0AxaRsRAVPWbfJ9TToeYZ693Z5bgWLCkF79F4oc7vsDUMyMWG%2Bu%2Fyz21Fw%2BLD4Lasrzlp3XHqXz0Gs0QbSWlcJAoP2tGk1vWA%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 86bb32e3fc7156aa-OSL
alt-svc: h3=":443"; ma=86400
X-Firefox-Spdy: h2

go.goodlifestylenews.com/

172.67.172.49

143 B

URL
go.goodlifestylenews.com/
IP
172.67.172.49:0
ASN
#13335 CLOUDFLARENET

Certificate
IssuerGoogle Trust Services LLC
Subjectgoodlifestylenews.com
FingerprintCF:D4:62:67:0B:FC:CB:36:EF:53:02:EB:06:FE:15:35:2F:53:53:40
ValidityThu, 21 Mar 2024 14:09:53 GMT - Wed, 19 Jun 2024 14:09:52 GMT

File type
HTML document, ASCII text
Size
143 B (143 bytes)
Hash
f1fb042c62910c34be16ad91cbbd71fa
5bc7aceba9a8704ef4b1d427d7d08b140afcd866
9278d16ed2fdcd5dc651615b0b8adc6b55fb667a9d106a9891b861d4561d9a24

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET / HTTP/1.1
Host: go.goodlifestylenews.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Date: Thu, 28 Mar 2024 22:53:55 GMT
Content-Type: text/html
Transfer-Encoding: chunked
Connection: keep-alive
Last-Modified: Tue, 14 Nov 2023 15:41:05 GMT
Cache-Control: no-cache, no-store, must-revalidate
Expires: 0
Vary: Accept-Encoding,User-Agent
Pragma: no-cache
CF-Cache-Status: DYNAMIC
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=hOsyszGM3x3FgdrMths%2BPEK3SNq2NVSdSEC%2BckrksDuQDXxA4%2BuUPMg6Z9FWdaNYST%2ByCHTApB2n2YD6NJD8%2FS5ZFrVG%2Fw4MbtyjJAY%2FsF%2F%2BJaZIYneh7FVDwWfGqkMdpZ0deTUyzO%2Fn11A%3D"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Server: cloudflare
CF-RAY: 86bb32f66bb456ba-OSL
Content-Encoding: gzip
alt-svc: h2=":443"; ma=60

verifiedwebpage.com/go?ehash=51281630ec6da8fd08bf66d5e8d2adc6&product=44504&ar=55&cid=2480&lid=1610&slhash=997685ae73cc3f63aef71016f29afc83&redirect_id=41091&bid=17

104.18.20.187

302 Found

38 kB

URL User Request GET HTTP/2
verifiedwebpage.com/go?ehash=51281630ec6da8fd08bf66d5e8d2adc6&product=44504&ar=55&cid=2480&lid=1610&slhash=997685ae73cc3f63aef71016f29afc83&redirect_id=41091&bid=17
IP
104.18.20.187:443
ASN
#13335 CLOUDFLARENET

Certificate
IssuerGoogle Trust Services LLC
Subjectverifiedwebpage.com
FingerprintED:05:C0:86:C0:6D:97:3E:6F:30:D7:EC:8F:79:A4:65:BE:1D:29:BC
ValiditySun, 11 Feb 2024 21:56:00 GMT - Sat, 11 May 2024 21:55:59 GMT

File type
data
Size
38 kB (38444 bytes)
Hash
60b47b27a9ac2fc970699eb05d3c1dd9
96369f014c569469c1b50701e1a943d064135b79
337681de17bbac6e58797438ea86fe0b6697907815c12b097afbe3f43d0a60e8

HTTP Headers

GET /go?ehash=51281630ec6da8fd08bf66d5e8d2adc6&product=44504&ar=55&cid=2480&lid=1610&slhash=997685ae73cc3f63aef71016f29afc83&redirect_id=41091&bid=17 HTTP/1.1
Host: verifiedwebpage.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 302 Found
date: Thu, 28 Mar 2024 22:53:54 GMT
content-type: text/html; charset=UTF-8
location: https://subscribe.goodlifestylenews.com?email=bradley@ancora.ws&redirect_id=41091&bid=17
expires: Thu, 19 Nov 1981 08:52:00 GMT
cache-control: no-store, no-cache, must-revalidate
pragma: no-cache
vary: User-Agent
cf-cache-status: DYNAMIC
set-cookie: PHPSESSID=2d758602445b524f1db7be513398564e; path=/
pixel_session_hash_44504=3415414429599183725; expires=Sat, 27-Apr-2024 22:53:52 GMT; Max-Age=2592000; path=/; secure; HttpOnly; SameSite=None
bt_tracking_product_44504=0bbc5d483c433d5ecbdd765c95849365a565fc3eb7267ed4e1629307394a08c7; expires=Sat, 30-Mar-2024 22:53:52 GMT; Max-Age=172800
__cf_bm=jbXTjgKKSuYwoffhYLGJljVWFKybKgvJODho8zuU7KU-1711666434-1.0.1.1-aWiaz31wpTeVUPSHcPHaoWupY5iMTCbBYfnnEf1UzNzG.N6c.bk7mP51VwzoqhG8PRoBlhSLzIwyHtTYSNgA0Q; path=/; expires=Thu, 28-Mar-24 23:23:54 GMT; domain=.verifiedwebpage.com; HttpOnly; Secure; SameSite=None
server: cloudflare
cf-ray: 86bb32e85b38b51b-OSL
X-Firefox-Spdy: h2

subscribe.goodlifestylenews.com/jquery.caret.js

104.21.30.61

200 OK

716 B

URL GET HTTP/1.1
subscribe.goodlifestylenews.com/jquery.caret.js
IP
104.21.30.61:80
ASN
#13335 CLOUDFLARENET

Requested by
http://subscribe.goodlifestylenews.com/?email=bradley@ancora.ws&redirect_id=41091&bid=17&ses_id=3b4d5e84c633e685dc7fcf9923ed0056

File type
JavaScript source, ASCII text, with CRLF line terminators
Size
716 B (716 bytes)
Hash
35c3ec8db4ff6e862db42516436216a1
7d9d7731403868cc34edaad1d9e17311541a6f77
adef482d97f599ba0e720ecf2aba0581ea1591ba1bb1eb271f1d98b279ff81ba

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /jquery.caret.js HTTP/1.1
Host: subscribe.goodlifestylenews.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
DNT: 1
Connection: keep-alive
Referer: http://subscribe.goodlifestylenews.com/?email=bradley@ancora.ws&redirect_id=41091&bid=17&ses_id=3b4d5e84c633e685dc7fcf9923ed0056
Cookie: PHPSESSID=8bfd12c9d66b817edb3b9690c9bad393
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Date: Thu, 28 Mar 2024 22:53:57 GMT
Content-Type: application/javascript
Content-Length: 716
Connection: keep-alive
Last-Modified: Tue, 21 Feb 2023 09:39:45 GMT
Cache-Control: max-age=2592000
Expires: Sat, 20 Apr 2024 22:54:11 GMT
Vary: Accept-Encoding,User-Agent
Content-Encoding: gzip
CF-Cache-Status: HIT
Age: 604785
Accept-Ranges: bytes
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=srzI%2BGZwJ0ZLaVGO1Ih0SdLYAnpXxhQu4OGw9AW7NzakwMB4O7XqyzNw0f5%2BLy15WpKEzxyBfG3I%2F1D%2BnnYeB4ZFtFmCtB4wLj8fanjmoM55%2FLyVXgGY5ujyMY5LjjICoe8tOBQp1exFrluUTVp1CdRy"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Server: cloudflare
CF-RAY: 86bb3302285db51b-OSL
alt-svc: h2=":443"; ma=60

subscribe.goodlifestylenews.com/jquery.mobilePhoneNumber.js

104.21.30.61

200 OK

4.4 kB

URL GET HTTP/1.1
subscribe.goodlifestylenews.com/jquery.mobilePhoneNumber.js
IP
104.21.30.61:80
ASN
#13335 CLOUDFLARENET

Requested by
http://subscribe.goodlifestylenews.com/?email=bradley@ancora.ws&redirect_id=41091&bid=17&ses_id=3b4d5e84c633e685dc7fcf9923ed0056

File type
JavaScript source, ASCII text
Size
4.4 kB (4430 bytes)
Hash
0dbbb5873b895ea3be425af219cf85de
7b9dba563376d7dbd1c5b9b7064ab87eadad5591
02cbbdeb2244fd2855c49ab964c15001bde126c21cc5890d176c537878d6152b

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /jquery.mobilePhoneNumber.js HTTP/1.1
Host: subscribe.goodlifestylenews.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
DNT: 1
Connection: keep-alive
Referer: http://subscribe.goodlifestylenews.com/?email=bradley@ancora.ws&redirect_id=41091&bid=17&ses_id=3b4d5e84c633e685dc7fcf9923ed0056
Cookie: PHPSESSID=8bfd12c9d66b817edb3b9690c9bad393
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Date: Thu, 28 Mar 2024 22:53:57 GMT
Content-Type: application/javascript
Content-Length: 4430
Connection: keep-alive
Last-Modified: Tue, 21 Feb 2023 09:39:45 GMT
Cache-Control: max-age=2592000
Expires: Sat, 20 Apr 2024 22:54:11 GMT
Vary: Accept-Encoding,User-Agent
Content-Encoding: gzip
CF-Cache-Status: HIT
Age: 604785
Accept-Ranges: bytes
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=MxRPDWPK8rESi37jbPHgrHYKsFc%2BHlLPki9JzXTYtp2VGydk4p7RIkrZlDyZLbA3ZUWSs4%2B0jM62vLlEVqtEoeBFHhOnUGycr8%2FLnqKKaV%2FBsD6KVSpgHXMMBeDAirso1c6naQMsvFRqvNmy0l%2FgNhen"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Server: cloudflare
CF-RAY: 86bb33022e8cb51e-OSL
alt-svc: h2=":443"; ma=60

subscriberwelcome.com/uploads/0.4350600016769076711fa4a4d9-a4f8-451c-8bdc-8c541c15cb77.jpg

172.67.155.79

200 OK

144 kB

URL GET HTTP/2
subscriberwelcome.com/uploads/0.4350600016769076711fa4a4d9-a4f8-451c-8bdc-8c541c15cb77.jpg
IP
172.67.155.79:443
ASN
#13335 CLOUDFLARENET

Requested by
http://subscribe.goodlifestylenews.com/?email=bradley@ancora.ws&redirect_id=41091&bid=17&ses_id=3b4d5e84c633e685dc7fcf9923ed0056
Certificate
IssuerGoogle Trust Services LLC
Subjectsubscriberwelcome.com
FingerprintDA:EE:DE:64:E3:D6:C6:7B:68:0D:DF:8D:B3:56:E9:59:2C:55:00:E1
ValidityFri, 08 Mar 2024 02:01:15 GMT - Thu, 06 Jun 2024 02:01:14 GMT

File type
JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 966x1449, components 3
Size
144 kB (144253 bytes)
Hash
e7eb0da863b2d3ead5846cdc3263a233
138225ea3d8ff08f07b046b858bf46bf2bba2e96
ff19a64983ac2748d6b8361212f1fc41814e1acd0d157ee9c736bbd2a4a03180

HTTP Headers

GET /uploads/0.4350600016769076711fa4a4d9-a4f8-451c-8bdc-8c541c15cb77.jpg HTTP/1.1
Host: subscriberwelcome.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: http://subscribe.goodlifestylenews.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
date: Thu, 28 Mar 2024 22:53:57 GMT
content-type: image/jpeg
content-length: 144253
last-modified: Mon, 20 Feb 2023 15:41:11 GMT
cache-control: max-age=14400
cf-cache-status: HIT
age: 9
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=lvGQabt%2BgSxCJfS53RxnCLP86WsMVj2iYzL41wPu1nkEP0RcFEr5NmGqzZBbor2fS4zYKqgXtc7AaxTjTF2bCKtCXGGcxcLyrM82OyYJbCVcHCkkjyB93cWEjy8Aqam0jON28SYN3LM%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 86bb3302881b712b-OSL
alt-svc: h3=":443"; ma=86400
X-Firefox-Spdy: h2

subscriberwelcome.com/uploads/0.204734001673521892LifeAfterUkraine.jpeg

172.67.155.79

200 OK

400 kB

URL GET HTTP/2
subscriberwelcome.com/uploads/0.204734001673521892LifeAfterUkraine.jpeg
IP
172.67.155.79:443
ASN
#13335 CLOUDFLARENET

Requested by
http://subscribe.goodlifestylenews.com/?email=bradley@ancora.ws&redirect_id=41091&bid=17&ses_id=3b4d5e84c633e685dc7fcf9923ed0056
Certificate
IssuerGoogle Trust Services LLC
Subjectsubscriberwelcome.com
FingerprintDA:EE:DE:64:E3:D6:C6:7B:68:0D:DF:8D:B3:56:E9:59:2C:55:00:E1
ValidityFri, 08 Mar 2024 02:01:15 GMT - Thu, 06 Jun 2024 02:01:14 GMT

File type
JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, baseline, precision 8, 2550x3300, components 3
Size
400 kB (400505 bytes)
Hash
b9a9621a927a5b9a9c71fdbb53bf8991
9c4cc398edb33da6a79e62701867cbf7fed4056d
d0342e1b39e1c9b80bfb574b18e0a5d9f9cf00e00ca7cf3b2ce1ded70f3bb9ab

HTTP Headers

GET /uploads/0.204734001673521892LifeAfterUkraine.jpeg HTTP/1.1
Host: subscriberwelcome.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: http://subscribe.goodlifestylenews.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
date: Thu, 28 Mar 2024 22:53:57 GMT
content-type: image/jpeg
content-length: 400505
last-modified: Thu, 12 Jan 2023 11:11:32 GMT
cache-control: max-age=14400
cf-cache-status: HIT
age: 9
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=6Lk9jaNB7aWlm0GnasE0Eb8s9q2gsOGzqOcvzISORy7d61ADXAcooRtPpum9XNHHXrQwjGkHN5IhJDnwW1q6ww9YOoNx2%2F9lnpF%2FwhWledIymGyCxzDwPwYMawC6G0wooxAyh8GJAGI%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 86bb33027811712b-OSL
alt-svc: h3=":443"; ma=86400
X-Firefox-Spdy: h2

cdn.jsdelivr.net/npm/bootstrap@5.2.2/dist/css/bootstrap.min.css

151.101.65.229

200 OK

30 kB

URL GET HTTP/2
cdn.jsdelivr.net/npm/bootstrap@5.2.2/dist/css/bootstrap.min.css
IP
151.101.65.229:443
ASN
#54113 FASTLY

Requested by
http://subscribe.goodlifestylenews.com/?email=bradley@ancora.ws&redirect_id=41091&bid=17&ses_id=3b4d5e84c633e685dc7fcf9923ed0056
Certificate
IssuerGlobalSign nv-sa
Subjectjsdelivr.net
Fingerprint05:87:2C:BA:73:14:21:54:82:00:8B:AD:85:8F:E9:C6:4D:C7:66:09
ValidityWed, 27 Sep 2023 18:13:13 GMT - Mon, 28 Oct 2024 18:13:12 GMT

File type
Unicode text, UTF-8 text, with very long lines (65305)
Size
30 kB (30336 bytes)
Hash
025df1ec88740cad5ff14bb3380da6dd
7abed070e37ce060c0a561575f1d41a7f248fc74
2143941c03dacda8b4f1016ced6e0c6f34e5c04585a3bcffe33c3c626c448a4a

HTTP Headers

GET /npm/bootstrap@5.2.2/dist/css/bootstrap.min.css HTTP/1.1
Host: cdn.jsdelivr.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: http://subscribe.goodlifestylenews.com
DNT: 1
Connection: keep-alive
Referer: http://subscribe.goodlifestylenews.com/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
access-control-allow-origin: *
access-control-expose-headers: *
timing-allow-origin: *
cache-control: public, max-age=31536000, s-maxage=31536000, immutable
cross-origin-resource-policy: cross-origin
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-type: text/css; charset=utf-8
x-jsd-version: 5.2.2
x-jsd-version-type: version
etag: W/"2f955-er7QcON84GDApWFXXx1Bp/JI/HQ"
content-encoding: br
accept-ranges: bytes
date: Thu, 28 Mar 2024 22:53:57 GMT
age: 18312010
x-served-by: cache-fra-eddf8230072-FRA, cache-hel1410020-HEL
x-cache: HIT, HIT
vary: Accept-Encoding
alt-svc: h3=":443";ma=86400,h3-29=":443";ma=86400,h3-27=":443";ma=86400
content-length: 30336
X-Firefox-Spdy: h2

cdn.jsdelivr.net/npm/bootstrap@5.2.2/dist/js/bootstrap.min.js

151.101.65.229

200 OK

17 kB

URL GET HTTP/2
cdn.jsdelivr.net/npm/bootstrap@5.2.2/dist/js/bootstrap.min.js
IP
151.101.65.229:443
ASN
#54113 FASTLY

Requested by
http://subscribe.goodlifestylenews.com/?email=bradley@ancora.ws&redirect_id=41091&bid=17&ses_id=3b4d5e84c633e685dc7fcf9923ed0056
Certificate
IssuerGlobalSign nv-sa
Subjectjsdelivr.net
Fingerprint05:87:2C:BA:73:14:21:54:82:00:8B:AD:85:8F:E9:C6:4D:C7:66:09
ValidityWed, 27 Sep 2023 18:13:13 GMT - Mon, 28 Oct 2024 18:13:12 GMT

File type
JavaScript source, ASCII text, with very long lines (60201)
Size
17 kB (17366 bytes)
Hash
c5236e5d6a5d0ff97ff8c8e5102c6c03
6fbfdbddbe85c578de559adcc8d07cccbc16d514
87538c4b7e488f5a49d12f98d6a04afc61d00f26a790f319569799acd434eb65

HTTP Headers

GET /npm/bootstrap@5.2.2/dist/js/bootstrap.min.js HTTP/1.1
Host: cdn.jsdelivr.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: http://subscribe.goodlifestylenews.com
DNT: 1
Connection: keep-alive
Referer: http://subscribe.goodlifestylenews.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
access-control-allow-origin: *
access-control-expose-headers: *
timing-allow-origin: *
cache-control: public, max-age=31536000, s-maxage=31536000, immutable
cross-origin-resource-policy: cross-origin
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-type: application/javascript; charset=utf-8
x-jsd-version: 5.2.2
x-jsd-version-type: version
etag: W/"ec40-b7/b3b6FxXjeVZrcyNB8zLwW1RQ"
content-encoding: br
accept-ranges: bytes
date: Thu, 28 Mar 2024 22:53:57 GMT
age: 2586540
x-served-by: cache-fra-etou8220032-FRA, cache-hel1410020-HEL
x-cache: HIT, HIT
vary: Accept-Encoding
alt-svc: h3=":443";ma=86400,h3-29=":443";ma=86400,h3-27=":443";ma=86400
content-length: 17366
X-Firefox-Spdy: h2

subscriberwelcome.com/uploads/0.1663680016738854302D2(1).jpg

172.67.155.79

200 OK

1.1 MB

URL GET HTTP/2
subscriberwelcome.com/uploads/0.1663680016738854302D2(1).jpg
IP
172.67.155.79:443
ASN
#13335 CLOUDFLARENET

Requested by
http://subscribe.goodlifestylenews.com/?email=bradley@ancora.ws&redirect_id=41091&bid=17&ses_id=3b4d5e84c633e685dc7fcf9923ed0056
Certificate
IssuerGoogle Trust Services LLC
Subjectsubscriberwelcome.com
FingerprintDA:EE:DE:64:E3:D6:C6:7B:68:0D:DF:8D:B3:56:E9:59:2C:55:00:E1
ValidityFri, 08 Mar 2024 02:01:15 GMT - Thu, 06 Jun 2024 02:01:14 GMT

File type
JPEG image data, Exif standard: [TIFF image data, big-endian, direntries=7, orientation=upper-left, xresolution=98, yresolution=106, resolutionunit=2, software=Adobe Photoshop 24.0 (Windows), datetime=2023:01:10 16:36:41], baseline, precision 8, 1800x2700, components 3
Size
1.1 MB (1114284 bytes)
Hash
b02e84cdcd5a3e55ded5e64dfd307124
bfaad4b8b4b1b1fafffeda314b8868c94e7280c8
d67985993c18e2a7b22a4193c0613a65096b3376d64539feb646739798d2cf5c

HTTP Headers

GET /uploads/0.1663680016738854302D2(1).jpg HTTP/1.1
Host: subscriberwelcome.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: http://subscribe.goodlifestylenews.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
date: Thu, 28 Mar 2024 22:53:57 GMT
content-type: image/jpeg
content-length: 1114284
last-modified: Mon, 16 Jan 2023 16:10:30 GMT
cache-control: max-age=14400
cf-cache-status: HIT
age: 9
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=IJ39cdX5V%2BldVoqtbwzAV0Qh%2BZa28SEdy6GFLAathIyMLiT4a3PvkQCI9qK3KAacOvCiH51s%2Bo8tdjBB0LQEPcoDiqCDZhKWwQCHaiLqppJwEMXbdgytyt9kgb2r4RCeByjct%2BeGcjA%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 86bb33027815712b-OSL
alt-svc: h3=":443"; ma=86400
X-Firefox-Spdy: h2

subscriberwelcome.com/uploads/0.1721950016738853872D1(1).jpg

172.67.155.79

200 OK

1.3 MB

URL GET HTTP/2
subscriberwelcome.com/uploads/0.1721950016738853872D1(1).jpg
IP
172.67.155.79:443
ASN
#13335 CLOUDFLARENET

Requested by
http://subscribe.goodlifestylenews.com/?email=bradley@ancora.ws&redirect_id=41091&bid=17&ses_id=3b4d5e84c633e685dc7fcf9923ed0056
Certificate
IssuerGoogle Trust Services LLC
Subjectsubscriberwelcome.com
FingerprintDA:EE:DE:64:E3:D6:C6:7B:68:0D:DF:8D:B3:56:E9:59:2C:55:00:E1
ValidityFri, 08 Mar 2024 02:01:15 GMT - Thu, 06 Jun 2024 02:01:14 GMT

File type
JPEG image data, Exif standard: [TIFF image data, big-endian, direntries=7, orientation=upper-left, xresolution=98, yresolution=106, resolutionunit=2, software=Adobe Photoshop 24.0 (Windows), datetime=2023:01:07 00:05:06], baseline, precision 8, 1800x2700, components 3
Size
1.3 MB (1288007 bytes)
Hash
91e68c3d20f4e55b01fdbaa834b4e4e6
e54e4ea7f042d2124aa1be976a6fe9d708bb4f9f
3cab775e25b68c23b905d547373476f046b0101e7cfdbd6f016e302f5a429988

HTTP Headers

GET /uploads/0.1721950016738853872D1(1).jpg HTTP/1.1
Host: subscriberwelcome.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: http://subscribe.goodlifestylenews.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
date: Thu, 28 Mar 2024 22:53:57 GMT
content-type: image/jpeg
content-length: 1288007
last-modified: Mon, 16 Jan 2023 16:09:47 GMT
cache-control: max-age=14400
cf-cache-status: HIT
age: 9
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=QiydSoMXetqfePm2cRjU1qjABCM8%2FJHNEf6bRt3N38t3Yi3adUS9brGMSP%2BdFBjxAMHRCr0fd5sfdCIJyZq9LiB62EuiW6BDFGNTEwY48CRQ8otb5lLypzVBn%2BbbRgWLeAA4G1My4NM%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 86bb33027818712b-OSL
alt-svc: h3=":443"; ma=86400
X-Firefox-Spdy: h2

ajax.googleapis.com/ajax/libs/jquery/1.11.1/jquery.min.js

216.58.207.202

200 OK

33 kB

URL GET HTTP/2
ajax.googleapis.com/ajax/libs/jquery/1.11.1/jquery.min.js
IP
216.58.207.202:443
ASN
#15169 GOOGLE

Requested by
http://subscribe.goodlifestylenews.com/?email=bradley@ancora.ws&redirect_id=41091&bid=17&ses_id=3b4d5e84c633e685dc7fcf9923ed0056
Certificate
IssuerGoogle Trust Services LLC
Subjectupload.video.google.com
Fingerprint04:B9:D9:E0:01:DB:5E:AB:5A:FF:F0:D9:ED:39:0F:C1:63:18:51:0B
ValidityMon, 26 Feb 2024 08:18:27 GMT - Mon, 20 May 2024 08:18:26 GMT

File type
JavaScript source, ASCII text, with very long lines (32086)
Size
33 kB (33434 bytes)
Hash
8101d596b2b8fa35fe3a634ea342d7c3
d6c1f41972de07b09bfa63d2e50f9ab41ec372bd
540bc6dec1dd4b92ea4d3fb903f69eabf6d919afd48f4e312b163c28cff0f441

HTTP Headers

GET /ajax/libs/jquery/1.11.1/jquery.min.js HTTP/1.1
Host: ajax.googleapis.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: http://subscribe.goodlifestylenews.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
accept-ranges: bytes
content-encoding: gzip
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/hosted-libraries-pushers
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="hosted-libraries-pushers"
report-to: {"group":"hosted-libraries-pushers","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/hosted-libraries-pushers"}]}
timing-allow-origin: *
content-length: 33434
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Thu, 28 Mar 2024 17:46:16 GMT
expires: Fri, 28 Mar 2025 17:46:16 GMT
cache-control: public, max-age=31536000, stale-while-revalidate=2592000
last-modified: Tue, 03 Mar 2020 19:15:00 GMT
content-type: text/javascript; charset=UTF-8
vary: Accept-Encoding
age: 18461
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2

verifiedsecure.org/uploads/0.442373001673954581K_Sa3Nyg.png

104.26.9.206

302 Found

251 B

URL GET HTTP/1.1
verifiedsecure.org/uploads/0.442373001673954581K_Sa3Nyg.png
IP
104.26.9.206:80
ASN
#13335 CLOUDFLARENET

Requested by
http://subscribe.goodlifestylenews.com/?email=bradley@ancora.ws&redirect_id=41091&bid=17&ses_id=3b4d5e84c633e685dc7fcf9923ed0056

File type
HTML document, ASCII text
Size
251 B (251 bytes)
Hash
73816d82cca56c187674258ec5b7bd5a
cd989502a8b941226bb7e5ddc0ff0b62621e701f
cc2b540f494c9f0eb7c7f31880eec48518729e92ffa9e7081eb70193baa985a5

HTTP Headers

GET /uploads/0.442373001673954581K_Sa3Nyg.png HTTP/1.1
Host: verifiedsecure.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
DNT: 1
Connection: keep-alive
Referer: http://subscribe.goodlifestylenews.com/
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 302 Found
Date: Thu, 28 Mar 2024 22:53:58 GMT
Content-Type: text/html; charset=iso-8859-1
Transfer-Encoding: chunked
Connection: keep-alive
Location: https://verifiedsecure.org/uploads/0.442373001673954581K_Sa3Nyg.png
Cache-Control: max-age=14400
Expires: Thu, 28 Mar 2024 23:03:46 GMT
CF-Cache-Status: HIT
Age: 10
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=4HoD4O4uX1tzMb3A0qamvVm1gyKhmeuwX1%2FLzfeQVwijmLkA4pAEcrrnYotIAFHCS1pHJGC%2B5jm9cvJ2mg39m6BoLUnQDPXUrzNMQ%2Bk6xnuZ6QZ3O09UMTn34c7VeQeDc8XQhA%3D%3D"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 86bb3305688eb509-OSL
alt-svc: h2=":443"; ma=60

www.googletagmanager.com/gtag/js?id=G-WJJ5P9F2X8

142.250.74.168

200 OK

102 kB

URL GET HTTP/2
www.googletagmanager.com/gtag/js?id=G-WJJ5P9F2X8
IP
142.250.74.168:443
ASN
#15169 GOOGLE

Requested by
http://subscribe.goodlifestylenews.com/?email=bradley@ancora.ws&redirect_id=41091&bid=17&ses_id=3b4d5e84c633e685dc7fcf9923ed0056
Certificate
IssuerGoogle Trust Services LLC
Subject*.google-analytics.com
FingerprintDE:42:E4:CC:E5:66:70:09:F3:E6:6E:57:B7:5E:22:0A:A3:03:C2:7C
ValidityMon, 26 Feb 2024 08:03:40 GMT - Mon, 20 May 2024 08:03:39 GMT

File type
JavaScript source, ASCII text, with very long lines (5955)
Size
102 kB (101851 bytes)
Hash
373763aa1466ee7a822d34b24ae00791
de2ab2d179878a346292a74b8582ebdb5308487f
1fc0da1a4a8934f6f93fb3789b8f230953d4a04449c1d0b6f31b7661cf0b3ded

HTTP Headers

GET /gtag/js?id=G-WJJ5P9F2X8 HTTP/1.1
Host: www.googletagmanager.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: http://subscribe.goodlifestylenews.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
content-encoding: br
vary: Accept-Encoding
date: Thu, 28 Mar 2024 22:53:57 GMT
expires: Thu, 28 Mar 2024 22:53:57 GMT
cache-control: private, max-age=900
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
server: Google Tag Manager
content-length: 101851
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2

verifiedsecure.org/uploads/0.442373001673954581K_Sa3Nyg.png

104.26.9.206

302 Found

36 kB

URL GET HTTP/1.1
verifiedsecure.org/uploads/0.442373001673954581K_Sa3Nyg.png
IP
104.26.9.206:80
ASN
#13335 CLOUDFLARENET

Requested by
http://subscribe.goodlifestylenews.com/?email=bradley@ancora.ws&redirect_id=41091&bid=17&ses_id=3b4d5e84c633e685dc7fcf9923ed0056

File type
PNG image data, 3369 x 257, 8-bit/color RGBA, non-interlaced
Size
36 kB (35781 bytes)
Hash
724c1e2ab214eefe0271ee598af8749a
b99bb085dd791488b061c423223318345c590f24
bba2a6dbda4e6833f68c21d84c0f9a09180ae9595b238c982da300cf448ab78c

HTTP Headers

GET /uploads/0.442373001673954581K_Sa3Nyg.png HTTP/1.1
Host: verifiedsecure.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: http://subscribe.goodlifestylenews.com/
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
date: Thu, 28 Mar 2024 22:53:58 GMT
content-type: image/png
content-length: 35781
last-modified: Tue, 17 Jan 2023 11:23:01 GMT
cache-control: max-age=2592000
expires: Sat, 20 Apr 2024 22:53:53 GMT
cf-cache-status: HIT
age: 604805
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=vBvJnuBWHB7GNCF8nqiWeLRd%2FTMhokVoW02STb%2BGDD2MTpF%2Bz%2FZQF8HUN%2Fd3PImu8Z44ovKFN4O%2FQvoDjOXMtjCB1v2gYjM8skidAnH9P%2Buz9zvZPJmLQqoZiCV2W7%2BRmZLDCQ%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 86bb3306b89e1bfa-OSL
X-Firefox-Spdy: h2

fonts.gstatic.com/s/roboto/v30/KFOmCnqEu92Fr1Mu4mxK.woff2

216.58.207.227

200 OK

16 kB

URL GET HTTP/2
fonts.gstatic.com/s/roboto/v30/KFOmCnqEu92Fr1Mu4mxK.woff2
IP
216.58.207.227:443
ASN
#15169 GOOGLE

Requested by
http://subscribe.goodlifestylenews.com/?email=bradley@ancora.ws&redirect_id=41091&bid=17&ses_id=3b4d5e84c633e685dc7fcf9923ed0056
Certificate
IssuerGoogle Trust Services LLC
Subject*.gstatic.com
FingerprintF3:56:10:42:A8:3C:BF:F5:89:9C:4C:C0:F8:E3:DC:C4:1C:E9:34:9E
ValidityMon, 26 Feb 2024 08:18:21 GMT - Mon, 20 May 2024 08:18:20 GMT

File type
Web Open Font Format (Version 2), TrueType, length 15744, version 1.0
Size
16 kB (15744 bytes)
Hash
15d9f621c3bd1599f0169dcf0bd5e63e
7ca9c5967f3bb8bffeab24b639b49c1e7d03fa52
f6734f8177112c0839b961f96d813fcb189d81b60e96c33278c1983b6f419615

HTTP Headers

GET /s/roboto/v30/KFOmCnqEu92Fr1Mu4mxK.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: http://subscribe.goodlifestylenews.com
DNT: 1
Connection: keep-alive
Referer: https://fonts.googleapis.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 15744
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Thu, 28 Mar 2024 17:37:50 GMT
expires: Fri, 28 Mar 2025 17:37:50 GMT
cache-control: public, max-age=31536000
last-modified: Wed, 11 May 2022 19:24:48 GMT
content-type: font/woff2
age: 18968
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2

s3.us-east-1.amazonaws.com/autonewsuploads/cattt.jpge87682487a2be9071844ec4801f0e3d2171093654008b04a9ed0954b1b289042a25c5eeddf

54.231.225.96

200 OK

71 kB

URL GET HTTP/1.1
s3.us-east-1.amazonaws.com/autonewsuploads/cattt.jpge87682487a2be9071844ec4801f0e3d2171093654008b04a9ed0954b1b289042a25c5eeddf
IP
54.231.225.96:443
ASN
#16509 AMAZON-02

Requested by
http://subscribe.goodlifestylenews.com/?email=bradley@ancora.ws&redirect_id=41091&bid=17&ses_id=3b4d5e84c633e685dc7fcf9923ed0056
Certificate
IssuerAmazon
Subjects3.amazonaws.com
Fingerprint82:A2:80:27:89:C3:32:0E:1E:77:2D:6F:F3:3D:19:D3:97:36:BC:7C
ValidityThu, 08 Feb 2024 00:00:00 GMT - Sat, 11 Jan 2025 23:59:59 GMT

File type
JPEG image data, Exif standard: [TIFF image data, big-endian, direntries=1], baseline, precision 8, 1024x683, components 3
Size
71 kB (70593 bytes)
Hash
ba7e09d03019682682c2e99da31eeb3c
21067b02d5aefcb5b1d94df64d08cc16d88059f4
46ab2d0a3f7a13925ff13b7b5adbbfbd636f9f9bcbabe96357923eaab8341f64

HTTP Headers

GET /autonewsuploads/cattt.jpge87682487a2be9071844ec4801f0e3d2171093654008b04a9ed0954b1b289042a25c5eeddf HTTP/1.1
Host: s3.us-east-1.amazonaws.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: http://subscribe.goodlifestylenews.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
x-amz-id-2: 8mX8sfRRkbGgnXEgtAzqxb9btteXTwoKH6zJrmAJH/JKx/SeP/3u7TlbM74X78anMuiJzvPoic4=
x-amz-request-id: P097GM62TCXBAP3S
Date: Thu, 28 Mar 2024 22:53:59 GMT
Last-Modified: Wed, 20 Mar 2024 12:09:02 GMT
ETag: "ba7e09d03019682682c2e99da31eeb3c"
x-amz-storage-class: REDUCED_REDUNDANCY
x-amz-server-side-encryption: AES256
Accept-Ranges: bytes
Content-Type: application/octet-stream
Server: AmazonS3
Content-Length: 70593

s3.us-east-1.amazonaws.com/autonewsuploads/Inflation.jpegdbf6169a10a4d2e85b1e27a2147f0c821689764275bdc5a173baf72b6dd3a8477ba63de904

54.231.225.96

200 OK

22 kB

URL GET HTTP/1.1
s3.us-east-1.amazonaws.com/autonewsuploads/Inflation.jpegdbf6169a10a4d2e85b1e27a2147f0c821689764275bdc5a173baf72b6dd3a8477ba63de904
IP
54.231.225.96:443
ASN
#16509 AMAZON-02

Requested by
http://subscribe.goodlifestylenews.com/?email=bradley@ancora.ws&redirect_id=41091&bid=17&ses_id=3b4d5e84c633e685dc7fcf9923ed0056
Certificate
IssuerAmazon
Subjects3.amazonaws.com
Fingerprint82:A2:80:27:89:C3:32:0E:1E:77:2D:6F:F3:3D:19:D3:97:36:BC:7C
ValidityThu, 08 Feb 2024 00:00:00 GMT - Sat, 11 Jan 2025 23:59:59 GMT

File type
JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, comment: "Compressed by jpeg-recompress", Exif Standard: [TIFF image data, big-endian, direntries=7, orientation=upper-left, xresolution=98, yresolution=106, software=Adobe Photoshop CS6 Windows], progressive, precision 8, 600x279, components 3
Size
22 kB (21484 bytes)
Hash
1fc66e1ac778ebc88ebe86aede1b0ddc
02d9372e26f6c29b8248f7b6b73804a85b8f820b
86db20923d3e598d02e8bb1213f797e9c8770e3086f3bc701fdf66d9ad0a5c70

HTTP Headers

GET /autonewsuploads/Inflation.jpegdbf6169a10a4d2e85b1e27a2147f0c821689764275bdc5a173baf72b6dd3a8477ba63de904 HTTP/1.1
Host: s3.us-east-1.amazonaws.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: http://subscribe.goodlifestylenews.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
x-amz-id-2: 9vO5D57C5zJd5EPorHIS53mSxywVNmchf8gz8Rx1e/FtwXqjN/Gx15EKGFzSIQschH7B+G5oni4=
x-amz-request-id: P090YFH221ND5PX6
Date: Thu, 28 Mar 2024 22:53:59 GMT
Last-Modified: Wed, 19 Jul 2023 10:57:57 GMT
ETag: "1fc66e1ac778ebc88ebe86aede1b0ddc"
x-amz-storage-class: REDUCED_REDUNDANCY
x-amz-server-side-encryption: AES256
Accept-Ranges: bytes
Content-Type: application/octet-stream
Server: AmazonS3
Content-Length: 21484

s3.us-east-1.amazonaws.com/autonewsuploads/patriot-gold-supply-why-are-1-ounce-gold-coins-so-popular-3.jpeg91799b9b082394203d8c76a9ae9da2901711106679cdf222564c7aff0d709e3e542cbdf967

54.231.225.96

200 OK

307 kB

URL GET HTTP/1.1
s3.us-east-1.amazonaws.com/autonewsuploads/patriot-gold-supply-why-are-1-ounce-gold-coins-so-popular-3.jpeg91799b9b082394203d8c76a9ae9da2901711106679cdf222564c7aff0d709e3e542cbdf967
IP
54.231.225.96:443
ASN
#16509 AMAZON-02

Requested by
http://subscribe.goodlifestylenews.com/?email=bradley@ancora.ws&redirect_id=41091&bid=17&ses_id=3b4d5e84c633e685dc7fcf9923ed0056
Certificate
IssuerAmazon
Subjects3.amazonaws.com
Fingerprint82:A2:80:27:89:C3:32:0E:1E:77:2D:6F:F3:3D:19:D3:97:36:BC:7C
ValidityThu, 08 Feb 2024 00:00:00 GMT - Sat, 11 Jan 2025 23:59:59 GMT

File type
JPEG image data, JFIF standard 1.01, aspect ratio, density 72x72, segment length 16, Exif Standard: [TIFF image data, big-endian, direntries=10, description=This united states gold eagle was shot on a black background and was held with white gloves., orientation=upper-left, xresolution=228, yresolution=236, resolutionunit=2, software=Adobe Photoshop Lightroom 6.2.1 (Macintosh), datetime=2015:10:13 14:55:58], baseline, precision 8, 1183x783, components 3
Size
307 kB (306872 bytes)
Hash
fface02be57d3f7d6f53cc88909e947d
8ce11adeee5f773f60a0e8b698feeadaae217a03
84b4196e3fe0d1a0da690bcfa356637621d453015a9fb3e37aab32bc27cee527

HTTP Headers

GET /autonewsuploads/patriot-gold-supply-why-are-1-ounce-gold-coins-so-popular-3.jpeg91799b9b082394203d8c76a9ae9da2901711106679cdf222564c7aff0d709e3e542cbdf967 HTTP/1.1
Host: s3.us-east-1.amazonaws.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: http://subscribe.goodlifestylenews.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
x-amz-id-2: V5zoZCF8B/7st+PTHM7q+9YiYW8WSyrUDAtvrqrz/uW+Hg5zaofM713rjdhe6Hg7qjcdiIMLaXg=
x-amz-request-id: P099SBREJ6F2966C
Date: Thu, 28 Mar 2024 22:53:59 GMT
Last-Modified: Fri, 22 Mar 2024 11:24:42 GMT
ETag: "fface02be57d3f7d6f53cc88909e947d"
x-amz-storage-class: REDUCED_REDUNDANCY
x-amz-server-side-encryption: AES256
Accept-Ranges: bytes
Content-Type: application/octet-stream
Server: AmazonS3
Content-Length: 306872

s3.us-east-1.amazonaws.com/autonewsuploads/close-up-of-a-traders-hand-pointing-at-a-stock-graph-on-a-screen-trading-floor-93j33pvs.jpeg389422920d399dcb85e19b84e03d747417111072509b760ac091104ca162ead8e75e21b442

54.231.225.96

200 OK

409 kB

URL GET HTTP/1.1
s3.us-east-1.amazonaws.com/autonewsuploads/close-up-of-a-traders-hand-pointing-at-a-stock-graph-on-a-screen-trading-floor-93j33pvs.jpeg389422920d399dcb85e19b84e03d747417111072509b760ac091104ca162ead8e75e21b442
IP
54.231.225.96:443
ASN
#16509 AMAZON-02

Requested by
http://subscribe.goodlifestylenews.com/?email=bradley@ancora.ws&redirect_id=41091&bid=17&ses_id=3b4d5e84c633e685dc7fcf9923ed0056
Certificate
IssuerAmazon
Subjects3.amazonaws.com
Fingerprint82:A2:80:27:89:C3:32:0E:1E:77:2D:6F:F3:3D:19:D3:97:36:BC:7C
ValidityThu, 08 Feb 2024 00:00:00 GMT - Sat, 11 Jan 2025 23:59:59 GMT

File type
JPEG image data, progressive, precision 8, 2448x4368, components 3
Size
409 kB (408630 bytes)
Hash
bf16b8b30a80b6209fa809c172447c15
7e9973b1236e127e25052c6d735fb4a737e136a1
7fafb0aabb08b265548c48f59b85f386171c13aad436ed19ba74bb8cae9d2bc2

HTTP Headers

GET /autonewsuploads/close-up-of-a-traders-hand-pointing-at-a-stock-graph-on-a-screen-trading-floor-93j33pvs.jpeg389422920d399dcb85e19b84e03d747417111072509b760ac091104ca162ead8e75e21b442 HTTP/1.1
Host: s3.us-east-1.amazonaws.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: http://subscribe.goodlifestylenews.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
x-amz-id-2: Cvdir3pym5HQsqn/DJIPtYY+Sm9wxqCzo4c5tQWfHmYOORaD0ZEhAxnVpodgpfB7t3h0WrL1a0c=
x-amz-request-id: P095K1J0DKV0ZB7Q
Date: Thu, 28 Mar 2024 22:53:59 GMT
Last-Modified: Fri, 22 Mar 2024 11:34:12 GMT
ETag: "bf16b8b30a80b6209fa809c172447c15"
x-amz-storage-class: REDUCED_REDUNDANCY
x-amz-server-side-encryption: AES256
Accept-Ranges: bytes
Content-Type: application/octet-stream
Server: AmazonS3
Content-Length: 408630

s3.us-east-1.amazonaws.com/autonewsuploads/MWLDark11234.jpg6afc6e30e945a7e7fdbf9f50f030dc4d1702643172f273da8f4ec4e8d763309b7525b81d49

54.231.225.96

200 OK

272 kB

URL GET HTTP/1.1
s3.us-east-1.amazonaws.com/autonewsuploads/MWLDark11234.jpg6afc6e30e945a7e7fdbf9f50f030dc4d1702643172f273da8f4ec4e8d763309b7525b81d49
IP
54.231.225.96:443
ASN
#16509 AMAZON-02

Requested by
http://subscribe.goodlifestylenews.com/?email=bradley@ancora.ws&redirect_id=41091&bid=17&ses_id=3b4d5e84c633e685dc7fcf9923ed0056
Certificate
IssuerAmazon
Subjects3.amazonaws.com
Fingerprint82:A2:80:27:89:C3:32:0E:1E:77:2D:6F:F3:3D:19:D3:97:36:BC:7C
ValidityThu, 08 Feb 2024 00:00:00 GMT - Sat, 11 Jan 2025 23:59:59 GMT

File type
JPEG image data, JFIF standard 1.01, resolution (DPI), density 300x300, segment length 16, Exif Standard: [TIFF image data, big-endian, direntries=0], baseline, precision 8, 1280x853, components 3
Size
272 kB (271731 bytes)
Hash
c2bc44911ad8dc8d9fab1a2a47c5f625
0b0cb60367586247af256cc6f778c580b8d2c8ef
ffad5ab964fe66ade19a7364b138370cd83e01409605c1e3f8117dd3ad0a0e99

HTTP Headers

GET /autonewsuploads/MWLDark11234.jpg6afc6e30e945a7e7fdbf9f50f030dc4d1702643172f273da8f4ec4e8d763309b7525b81d49 HTTP/1.1
Host: s3.us-east-1.amazonaws.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: http://subscribe.goodlifestylenews.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
x-amz-id-2: cupOMYhmPs9D01N0mfxl6ssuPStNfF06BIMVRXnIwhtg8uSDb+qz88aHhlLraJIQNDC2g5YEiDQ=
x-amz-request-id: P0977QTVR9QC0AF0
Date: Thu, 28 Mar 2024 22:53:59 GMT
Last-Modified: Fri, 15 Dec 2023 12:26:14 GMT
ETag: "c2bc44911ad8dc8d9fab1a2a47c5f625"
x-amz-storage-class: REDUCED_REDUNDANCY
x-amz-server-side-encryption: AES256
Accept-Ranges: bytes
Content-Type: application/octet-stream
Server: AmazonS3
Content-Length: 271731

s3.us-east-1.amazonaws.com/autonewsuploads/0.232721001677585944SMRFEDshortadpic.jpg

54.231.225.96

200 OK

177 kB

URL GET HTTP/1.1
s3.us-east-1.amazonaws.com/autonewsuploads/0.232721001677585944SMRFEDshortadpic.jpg
IP
54.231.225.96:443
ASN
#16509 AMAZON-02

Requested by
http://subscribe.goodlifestylenews.com/?email=bradley@ancora.ws&redirect_id=41091&bid=17&ses_id=3b4d5e84c633e685dc7fcf9923ed0056
Certificate
IssuerAmazon
Subjects3.amazonaws.com
Fingerprint82:A2:80:27:89:C3:32:0E:1E:77:2D:6F:F3:3D:19:D3:97:36:BC:7C
ValidityThu, 08 Feb 2024 00:00:00 GMT - Sat, 11 Jan 2025 23:59:59 GMT

File type
JPEG image data, Exif standard: [TIFF image data, big-endian, direntries=5, orientation=upper-left, xresolution=74, yresolution=82, resolutionunit=1, software=Shutterstock Create https://www.shutterstock.com/create/home], baseline, precision 8, 1280x720, components 3
Size
177 kB (176551 bytes)
Hash
a0385570d30a4f17151362a00e60e2a7
499327fbe6afcd6bd509c49ff58ca02bc114e123
def1596cc2e85475aa04f6bc7f0e0f48e8ed48c86736c50485e9d1b0aa7d9578

HTTP Headers

GET /autonewsuploads/0.232721001677585944SMRFEDshortadpic.jpg HTTP/1.1
Host: s3.us-east-1.amazonaws.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: http://subscribe.goodlifestylenews.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
x-amz-id-2: N3n9RRTflhhBJ1h1sUalWqOqzMx/AmmLWpfFfDGKjXhtieOytYvasY/4XwwkXd8B1Pspuap46nY=
x-amz-request-id: P096VFR5GEG764T4
Date: Thu, 28 Mar 2024 22:53:59 GMT
Last-Modified: Wed, 08 Mar 2023 14:22:42 GMT
ETag: "a0385570d30a4f17151362a00e60e2a7"
x-amz-server-side-encryption: AES256
Accept-Ranges: bytes
Content-Type: image/jpeg
Server: AmazonS3
Content-Length: 176551

s3.us-east-1.amazonaws.com/autonewsuploads/ezgif-3-aae05fa3f0.jpga43568a30bfe3d7a37c074b420fd62fe1704717097a3be9f7356da4db92e41f760695b1ee3

54.231.225.96

200 OK

250 kB

URL GET HTTP/1.1
s3.us-east-1.amazonaws.com/autonewsuploads/ezgif-3-aae05fa3f0.jpga43568a30bfe3d7a37c074b420fd62fe1704717097a3be9f7356da4db92e41f760695b1ee3
IP
54.231.225.96:443
ASN
#16509 AMAZON-02

Requested by
http://subscribe.goodlifestylenews.com/?email=bradley@ancora.ws&redirect_id=41091&bid=17&ses_id=3b4d5e84c633e685dc7fcf9923ed0056
Certificate
IssuerAmazon
Subjects3.amazonaws.com
Fingerprint82:A2:80:27:89:C3:32:0E:1E:77:2D:6F:F3:3D:19:D3:97:36:BC:7C
ValidityThu, 08 Feb 2024 00:00:00 GMT - Sat, 11 Jan 2025 23:59:59 GMT

File type
JPEG image data, JFIF standard 1.01, aspect ratio, density 0x0, segment length 16, comment: "Converted with https://ezgif.com/webp-to-jpg", baseline, precision 8, 960x640, components 3
Size
250 kB (250029 bytes)
Hash
0562028e635b4dbd6eba5ec2332c266e
f1efd6bf194485ac44d94b64cec8e74d1d970d70
1cad675278bcfdca304ed04d70089369a2e8e049b65a96d2c5805c38daf85cbf

HTTP Headers

GET /autonewsuploads/ezgif-3-aae05fa3f0.jpga43568a30bfe3d7a37c074b420fd62fe1704717097a3be9f7356da4db92e41f760695b1ee3 HTTP/1.1
Host: s3.us-east-1.amazonaws.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: http://subscribe.goodlifestylenews.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
x-amz-id-2: 5HfjMd4gXGTYMWBeTUeyRj/AyonOAP+aB4wnOj/2gIOz8mcOKRJ0FoooHgRHzmD9qa4JXdWYzGU=
x-amz-request-id: P09FPGQDHTPT0CBQ
Date: Thu, 28 Mar 2024 22:53:59 GMT
Last-Modified: Mon, 08 Jan 2024 12:31:39 GMT
ETag: "0562028e635b4dbd6eba5ec2332c266e"
x-amz-storage-class: REDUCED_REDUNDANCY
x-amz-server-side-encryption: AES256
Accept-Ranges: bytes
Content-Type: application/octet-stream
Server: AmazonS3
Content-Length: 250029

s3.us-east-1.amazonaws.com/autonewsuploads/TwoOnePercenters02244.jpg6590c675144356dbb3877d36b38d961c1708950794eb532285a1a0c5e08e42bc6c0112db5e

54.231.225.96

200 OK

502 kB

URL GET HTTP/1.1
s3.us-east-1.amazonaws.com/autonewsuploads/TwoOnePercenters02244.jpg6590c675144356dbb3877d36b38d961c1708950794eb532285a1a0c5e08e42bc6c0112db5e
IP
54.231.225.96:443
ASN
#16509 AMAZON-02

Requested by
http://subscribe.goodlifestylenews.com/?email=bradley@ancora.ws&redirect_id=41091&bid=17&ses_id=3b4d5e84c633e685dc7fcf9923ed0056
Certificate
IssuerAmazon
Subjects3.amazonaws.com
Fingerprint82:A2:80:27:89:C3:32:0E:1E:77:2D:6F:F3:3D:19:D3:97:36:BC:7C
ValidityThu, 08 Feb 2024 00:00:00 GMT - Sat, 11 Jan 2025 23:59:59 GMT

File type
JPEG image data, Exif standard: [TIFF image data, little-endian, direntries=9, manufacturer=Canon, model=Canon EOS DIGITAL REBEL XT, xresolution=156, yresolution=164, resolutionunit=2, datetime=2011:02:11 22:48:17], baseline, precision 8, 1000x667, components 3
Size
502 kB (501936 bytes)
Hash
3fa18452814b989c9fc81b5fdd6c28b3
efdde7e42cfcb9fbad5d6ce42fba54e2cab8b25f
6d24908afd2b8cae1fd7533c9ea96c2aa3b54352003a906b059617c9d93c15a1

HTTP Headers

GET /autonewsuploads/TwoOnePercenters02244.jpg6590c675144356dbb3877d36b38d961c1708950794eb532285a1a0c5e08e42bc6c0112db5e HTTP/1.1
Host: s3.us-east-1.amazonaws.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: http://subscribe.goodlifestylenews.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
x-amz-id-2: gaHSE968VzH761+HCwy8BXAl2qKZLBP8LLyAhx/pOeBTv3rz2CzE1Nx4M1hoQc/iurFfujNxGwI=
x-amz-request-id: P099KQRCYYJVNZJB
Date: Thu, 28 Mar 2024 22:53:59 GMT
Last-Modified: Mon, 26 Feb 2024 12:33:16 GMT
ETag: "3fa18452814b989c9fc81b5fdd6c28b3"
x-amz-storage-class: REDUCED_REDUNDANCY
x-amz-server-side-encryption: AES256
Accept-Ranges: bytes
Content-Type: application/octet-stream
Server: AmazonS3
Content-Length: 501936

s3.us-east-1.amazonaws.com/autonewsuploads/48840943791_d5e5b61c77_b.jpg1297b512d8662dfc3d25bd3ed04913e4170126007173095a81318d6711280b20d78087dea6

54.231.225.96

200 OK

238 kB

URL GET HTTP/1.1
s3.us-east-1.amazonaws.com/autonewsuploads/48840943791_d5e5b61c77_b.jpg1297b512d8662dfc3d25bd3ed04913e4170126007173095a81318d6711280b20d78087dea6
IP
54.231.225.96:443
ASN
#16509 AMAZON-02

Requested by
http://subscribe.goodlifestylenews.com/?email=bradley@ancora.ws&redirect_id=41091&bid=17&ses_id=3b4d5e84c633e685dc7fcf9923ed0056
Certificate
IssuerAmazon
Subjects3.amazonaws.com
Fingerprint82:A2:80:27:89:C3:32:0E:1E:77:2D:6F:F3:3D:19:D3:97:36:BC:7C
ValidityThu, 08 Feb 2024 00:00:00 GMT - Sat, 11 Jan 2025 23:59:59 GMT

File type
JPEG image data, Exif standard: [TIFF image data, big-endian, direntries=1], baseline, precision 8, 1024x683, components 3
Size
238 kB (238484 bytes)
Hash
7cd76f96de3fb0e688dbfdafb56a0f6b
c4bad117d40060ed4283626d1f653d755e21d372
0972fe50db49f3f941e277442292331790f6ee7c1d4ba0c746d8914b3a6ffe42

HTTP Headers

GET /autonewsuploads/48840943791_d5e5b61c77_b.jpg1297b512d8662dfc3d25bd3ed04913e4170126007173095a81318d6711280b20d78087dea6 HTTP/1.1
Host: s3.us-east-1.amazonaws.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: http://subscribe.goodlifestylenews.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
x-amz-id-2: boSOFZ2RUl9RFqtZ2d/SznxS+63xRyzMiDMKX21kUwIG6fH9BafVIHN7+xD7m4VpaSkYvbq12rI=
x-amz-request-id: P0987SBKSPAV19EK
Date: Thu, 28 Mar 2024 22:53:59 GMT
Last-Modified: Wed, 29 Nov 2023 12:14:29 GMT
ETag: "7cd76f96de3fb0e688dbfdafb56a0f6b"
x-amz-storage-class: REDUCED_REDUNDANCY
x-amz-server-side-encryption: AES256
Accept-Ranges: bytes
Content-Type: application/octet-stream
Server: AmazonS3
Content-Length: 238484

s3.us-east-1.amazonaws.com/autonewsuploads/25897945187_8494041f41_b.jpg82cf1a920f7313ceb5eb7a95cbea23791706618734528bb1fe31f4b61b5d97efa1193f3c76

54.231.225.96

200 OK

323 kB

URL GET HTTP/1.1
s3.us-east-1.amazonaws.com/autonewsuploads/25897945187_8494041f41_b.jpg82cf1a920f7313ceb5eb7a95cbea23791706618734528bb1fe31f4b61b5d97efa1193f3c76
IP
54.231.225.96:443
ASN
#16509 AMAZON-02

Requested by
http://subscribe.goodlifestylenews.com/?email=bradley@ancora.ws&redirect_id=41091&bid=17&ses_id=3b4d5e84c633e685dc7fcf9923ed0056
Certificate
IssuerAmazon
Subjects3.amazonaws.com
Fingerprint82:A2:80:27:89:C3:32:0E:1E:77:2D:6F:F3:3D:19:D3:97:36:BC:7C
ValidityThu, 08 Feb 2024 00:00:00 GMT - Sat, 11 Jan 2025 23:59:59 GMT

File type
JPEG image data, baseline, precision 8, 1024x709, components 3
Size
323 kB (323156 bytes)
Hash
5b191cb5e1456e8f1c6406a02270c95f
557f6cebcdfb741e5fd28b62255350e241a3353e
f7e906cd71b75c6295b249f68e31b89fda686bec9f502915eba40d1643d61934

HTTP Headers

GET /autonewsuploads/25897945187_8494041f41_b.jpg82cf1a920f7313ceb5eb7a95cbea23791706618734528bb1fe31f4b61b5d97efa1193f3c76 HTTP/1.1
Host: s3.us-east-1.amazonaws.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: http://subscribe.goodlifestylenews.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
x-amz-id-2: iteyVLhOtV6jr82q72a2oY/LGIrOglNIrGqR3TCgsLYfYP4xLc7gQyj26WHTbutVSfLvJlW+Wmc=
x-amz-request-id: P09B949EE3K1N0YR
Date: Thu, 28 Mar 2024 22:53:59 GMT
Last-Modified: Tue, 30 Jan 2024 12:45:36 GMT
ETag: "5b191cb5e1456e8f1c6406a02270c95f"
x-amz-storage-class: REDUCED_REDUNDANCY
x-amz-server-side-encryption: AES256
Accept-Ranges: bytes
Content-Type: application/octet-stream
Server: AmazonS3
Content-Length: 323156

subscribe.goodlifestylenews.com/favicon.ico

104.21.30.61

404 Not Found

238 B

URL GET HTTP/1.1
subscribe.goodlifestylenews.com/favicon.ico
IP
104.21.30.61:80
ASN
#13335 CLOUDFLARENET

Requested by
http://subscribe.goodlifestylenews.com/?email=bradley@ancora.ws&redirect_id=41091&bid=17&ses_id=3b4d5e84c633e685dc7fcf9923ed0056

File type
HTML document, ASCII text
Size
238 B (238 bytes)
Hash
a34ac19f4afae63adc5d2f7bc970c07f
a82190fc530c265aa40a045c21770d967f4767b8
d5a89e26beae0bc03ad18a0b0d1d3d75f87c32047879d25da11970cb5c4662a3

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /favicon.ico HTTP/1.1
Host: subscribe.goodlifestylenews.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
DNT: 1
Connection: keep-alive
Referer: http://subscribe.goodlifestylenews.com/?email=bradley@ancora.ws&redirect_id=41091&bid=17&ses_id=3b4d5e84c633e685dc7fcf9923ed0056
Cookie: PHPSESSID=8bfd12c9d66b817edb3b9690c9bad393; _ga_WJJ5P9F2X8=GS1.1.1711666438.1.0.1711666438.0.0.0; _ga=GA1.1.503421628.1711666438
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 404 Not Found
Date: Thu, 28 Mar 2024 22:53:59 GMT
Content-Type: text/html; charset=iso-8859-1
Transfer-Encoding: chunked
Connection: keep-alive
Cache-Control: max-age=14400
CF-Cache-Status: HIT
Age: 10
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=Q%2B0GLiZVw%2B2pTbALAZBNkPZp5GaGAKmbgWT0mNznHu2QS5aCWZMhEVIkXcGcHO88DL2rh7OOeF8CryZWJU8zH4MDbWBfyyGvX6nEFBEhSFee%2Bhj231W7t1nVTWLlPROCO7qtTjEpLYfYazgRQCJVVrka"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 86bb330c4e75b51e-OSL
Content-Encoding: gzip
alt-svc: h2=":443"; ma=60

subscribe.goodlifestylenews.com/?email=bradley@ancora.ws&redirect_id=41091&bid=17

172.67.172.49

302 Found

0 B

URL User Request GET HTTP/3
subscribe.goodlifestylenews.com/?email=bradley@ancora.ws&redirect_id=41091&bid=17
IP
172.67.172.49:443
ASN
#13335 CLOUDFLARENET

Certificate
IssuerGoogle Trust Services LLC
Subjectgoodlifestylenews.com
FingerprintCF:D4:62:67:0B:FC:CB:36:EF:53:02:EB:06:FE:15:35:2F:53:53:40
ValidityThu, 21 Mar 2024 14:09:53 GMT - Wed, 19 Jun 2024 14:09:52 GMT

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /?email=bradley@ancora.ws&redirect_id=41091&bid=17 HTTP/1.1
Host: subscribe.goodlifestylenews.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/3 302 Found
date: Thu, 28 Mar 2024 22:53:55 GMT
content-type: text/html; charset=UTF-8
location: https://subscribe.goodlifestylenews.com/?email=bradley@ancora.ws&redirect_id=41091&bid=17&ses_id=3b4d5e84c633e685dc7fcf9923ed0056
access-control-allow-origin: *
access-control-allow-methods: GET, POST
access-control-allow-headers: X-Requested-With
expires: Thu, 19 Nov 1981 08:52:00 GMT
cache-control: no-store, no-cache, must-revalidate
pragma: no-cache
set-cookie: PHPSESSID=8bfd12c9d66b817edb3b9690c9bad393; path=/
vary: Accept-Encoding,User-Agent
cf-cache-status: DYNAMIC
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=uooV5H8UWyRRCGQpvCIQOVBNtqhRPLmYhqrZDgBzqqsryK1RJniUZMv00VKdpOs7a0KD8PIxKJm74%2Bbzg2rsrRrnyIZf3XeYeC7FfUFdleuD36mwYiqjFOTAZGBUBjMN8odvXLhznAB7hZCybO1x8uFt"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 86bb32ee392c56c7-OSL
alt-svc: h3=":443"; ma=86400

subscribe.goodlifestylenews.com/?email=bradley@ancora.ws&redirect_id=41091&bid=17&ses_id=3b4d5e84c633e685dc7fcf9923ed0056

0.0.0.0

0 B

URL User Request GET
subscribe.goodlifestylenews.com/?email=bradley@ancora.ws&redirect_id=41091&bid=17&ses_id=3b4d5e84c633e685dc7fcf9923ed0056
IP
0.0.0.0:0
ASN
#0

Certificate
IssuerGoogle Trust Services LLC
Subjectgoodlifestylenews.com
FingerprintCF:D4:62:67:0B:FC:CB:36:EF:53:02:EB:06:FE:15:35:2F:53:53:40
ValidityThu, 21 Mar 2024 14:09:53 GMT - Wed, 19 Jun 2024 14:09:52 GMT

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /?email=bradley@ancora.ws&redirect_id=41091&bid=17&ses_id=3b4d5e84c633e685dc7fcf9923ed0056 HTTP/1.1
Host: subscribe.goodlifestylenews.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Cookie: PHPSESSID=8bfd12c9d66b817edb3b9690c9bad393
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

fonts.googleapis.com/css?family=Roboto

142.250.74.106

200 OK

2.2 kB

URL GET HTTP/2
fonts.googleapis.com/css?family=Roboto
IP
142.250.74.106:443
ASN
#15169 GOOGLE

Requested by
http://subscribe.goodlifestylenews.com/?email=bradley@ancora.ws&redirect_id=41091&bid=17&ses_id=3b4d5e84c633e685dc7fcf9923ed0056
Certificate
IssuerGoogle Trust Services LLC
Subjectupload.video.google.com
Fingerprint04:B9:D9:E0:01:DB:5E:AB:5A:FF:F0:D9:ED:39:0F:C1:63:18:51:0B
ValidityMon, 26 Feb 2024 08:18:27 GMT - Mon, 20 May 2024 08:18:26 GMT

File type
ASCII text, with very long lines (2218), with no line terminators
Size
2.2 kB (2162 bytes)
Hash
807b0cff287eb02fda9eb3a87e2746a5
34a0af77abd82f106052590a0e624b2803a6572d
35c288796da2ba3b90a7a7ef7e75a5e7eb55cad381d227beda8c5e400a04caff

HTTP Headers

GET /css?family=Roboto HTTP/1.1
Host: fonts.googleapis.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: http://subscribe.goodlifestylenews.com/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
content-type: text/css; charset=utf-8
access-control-allow-origin: *
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
strict-transport-security: max-age=31536000
expires: Thu, 28 Mar 2024 22:53:57 GMT
date: Thu, 28 Mar 2024 22:53:57 GMT
cache-control: private, max-age=86400
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin-allow-popups
content-encoding: gzip
server: ESF
x-xss-protection: 0
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2

subscribe.goodlifestylenews.com/?email=bradley@ancora.ws&redirect_id=41091&bid=17&ses_id=3b4d5e84c633e685dc7fcf9923ed0056

104.21.30.61

200 OK

31 kB

URL User Request GET HTTP/1.1
subscribe.goodlifestylenews.com/?email=bradley@ancora.ws&redirect_id=41091&bid=17&ses_id=3b4d5e84c633e685dc7fcf9923ed0056
IP
104.21.30.61:80
ASN
#13335 CLOUDFLARENET

File type

Size
31 kB (30885 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /?email=bradley@ancora.ws&redirect_id=41091&bid=17&ses_id=3b4d5e84c633e685dc7fcf9923ed0056 HTTP/1.1
Host: subscribe.goodlifestylenews.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
DNT: 1
Connection: keep-alive
Cookie: PHPSESSID=8bfd12c9d66b817edb3b9690c9bad393
Upgrade-Insecure-Requests: 1
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Date: Thu, 28 Mar 2024 22:53:57 GMT
Content-Type: text/html; charset=UTF-8
Transfer-Encoding: chunked
Connection: keep-alive
Access-Control-Allow-Origin: *
Access-Control-Allow-Methods: GET, POST
Access-Control-Allow-Headers: X-Requested-With
Expires: Thu, 19 Nov 1981 08:52:00 GMT
Cache-Control: no-store, no-cache, must-revalidate
Pragma: no-cache
Vary: Accept-Encoding,User-Agent
CF-Cache-Status: DYNAMIC
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=2jdMe9jdWVyMEhDytc4r1LpxirSETmhbW%2B42X8dQtvxCDVB7f%2BXabVfDxuzl8HgEJ5i9maKLq%2FHh9L1h8HHWOK4CJPpVDqknXRozipO%2FkaWVWKImGnr8T4XF8JAGl4biRu7kuX3XwduNnCtUvXGoYNWl"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Server: cloudflare
CF-RAY: 86bb32f9e9bdb51b-OSL
Content-Encoding: gzip
alt-svc: h2=":443"; ma=60

Report Overview

Submitted URL

IP

ASN

Submitted

Access

Website Title

Final URL

Tags

urlquery detections

Detections

urlquery

Network Intrusion Detection

Threat Detection Systems

Domain Summary

Related reports

Network Intrusion Detection Systems

Suricata /w Emerging Threats Pro

Threat Detection Systems

Public InfoSec YARA rules

OpenPhish

PhishTank

mnemonic secure dns

Quad9 DNS

ThreatFox

JavaScript (9)

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML