Report - go.signupnow.eu/f1a832fe-c72f-46e9-98a5-d0ad96adcf39

Report Overview

Submitted URL
go.signupnow.eu/f1a832fe-c72f-46e9-98a5-d0ad96adcf39
IP
18.208.62.125
ASN
#14618 AMAZON-AES
Submitted
2023-03-04 02:57:13
Access
Website Title
Final URL
Tags
urlquery detections
No alerts detected

Detections

urlquery
0
Network Intrusion Detection
1
Threat Detection Systems
8

Domain Summary

Domain / FQDN	Rank	First Seen	Last Seen	Sent	Received	IP
img-getpocket.cdn.mozilla.net	1631	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	2.7 kB	43 kB	34.120.237.76
r3.o.lencr.org	344	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	2.0 kB	5.3 kB	23.36.76.226
firefox.settings.services.mozilla.com	867	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	782 B	2.4 kB	35.241.9.150
content-signature-2.cdn.mozilla.net	1152	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	413 B	5.9 kB	34.160.144.191
ocsp.digicert.com	86	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	341 B	571 B	192.229.221.95
news247.money	unknown	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	13 kB	706 kB	188.114.96.1
fonts.cdnfonts.com	26261	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	1.9 kB	405 kB	104.26.15.62
push.services.mozilla.com	2140	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	606 B	127 B	54.148.213.75
go.signupnow.eu	unknown	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	1.3 kB	4.7 kB	18.208.62.125
contile.services.mozilla.com	1114	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	333 B	391 B	34.117.237.239

Related reports

Network Intrusion Detection Systems

Suricata /w Emerging Threats Pro

Timestamp	Severity	Source IP	Destination IP	Alert
2023-03-04 02:57:01	medium	Client IP	Internal IP	ET INFO DNS Query for Suspicious .icu Domain

Threat Detection Systems

OpenPhish

No alerts detected

PhishTank

No alerts detected

Fortinet's Web Filter

Scan Date	Severity	Indicator	Alert
2023-03-04	medium	news247.money/weight-loss-industry-outrage/files/main.js.download	Phishing
2023-03-04	medium	news247.money/weight-loss-industry-outrage/time.min.js	Phishing
2023-03-04	medium	news247.money/weight-loss-industry-outrage/files/jquery.slim.min.js.download	Phishing
2023-03-04	medium	news247.money/weight-loss-industry-outrage/files/SsDiet_main.js.download	Phishing

mnemonic secure dns

No alerts detected

Quad9 DNS

No alerts detected

ThreatFox

No alerts detected

JavaScript (11)

	URL	Size	First Seen	Last Seen
	news247.money/weight-loss-industry-outrage/time.min.js	6.4 kB	2023-03-07	2024-01-08
Pretty URL news247.money/weight-loss-industry-outrage/time.min.js IP 188.114.96.1 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 21:44:44 Last Seen2024-01-08 08:39:40 Times Seen30 Hash e79e0a6cbeb9d0ff484d16273ce60960 6ea52887d9ba008a361a3cec5b56f650c8633b82 744f5ed6fddc7457a2ffcd169ceda31b37796921df63c5f695eec6ded4ac446d Loading...

	news247.money/weight-loss-industry-outrage/files/main.js.download	0 B	2023-03-07	2024-04-19
Pretty URL news247.money/weight-loss-industry-outrage/files/main.js.download IP 188.114.96.1 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:01:59 Last Seen2024-04-19 05:42:32 Times Seen36952572 Hash d41d8cd98f00b204e9800998ecf8427e da39a3ee5e6b4b0d3255bfef95601890afd80709 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Loading...

	news247.money/weight-loss-industry-outrage/?click2=wvrvl9jkk18bri1niunh56cm&lp=BioScience%20Keto%20Gummies&cep=QJAnJpAnlt14QGMG6QSZZo-IMoiMh5psxcEHp6fsH4kJGkDfJVqdtU87x2Af_jR4ZmKoM14F4sY1fuQtGuF2heelf52IY0RNIqJrfHTzej9mBd528GXHBg7QVFNnuyusnNwql_Kuiwry22UqfRRJOLCyS5qwd6ZyguNRa6TFpZHr5uqRFVMBptePV8O27V4FRryxIvGfR3vESYSrW8FNAo4TYwBPaJXCHEX2OySwKSFFL4vaeaWXS8XFO8G_HOdNfSQ-RaashfnQiymFP-bMsLO0T-zyIdGs4YMKcjEbBBaR5pSUGlGxxagb2I5thUFNaFrIwHlEQDSyLwzu__IjGYQpQQT4kkE8b6c3OfZqaRs&lptoken=167f776490e0049522e9	245 B	2023-03-14	2023-03-14
Pretty URL news247.money/weight-loss-industry-outrage/?click2=wvrvl9jkk18bri1niunh56cm&lp=BioScience%20Keto%20Gummies&cep=QJAnJpAnlt14QGMG6QSZZo-IMoiMh5psxcEHp6fsH4kJGkDfJVqdtU87x2Af_jR4ZmKoM14F4sY1fuQtGuF2heelf52IY0RNIqJrfHTzej9mBd528GXHBg7QVFNnuyusnNwql_Kuiwry22UqfRRJOLCyS5qwd6ZyguNRa6TFpZHr5uqRFVMBptePV8O27V4FRryxIvGfR3vESYSrW8FNAo4TYwBPaJXCHEX2OySwKSFFL4vaeaWXS8XFO8G_HOdNfSQ-RaashfnQiymFP-bMsLO0T-zyIdGs4YMKcjEbBBaR5pSUGlGxxagb2I5thUFNaFrIwHlEQDSyLwzu__IjGYQpQQT4kkE8b6c3OfZqaRs&lptoken=167f776490e0049522e9 IP 188.114.96.1 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-14 16:34:47 Last Seen2023-03-14 19:00:39 Times Seen1 Hash e1051b7d15013d138015bf55a251b8d7 a4bdae82d4a79e58d360a7c287c694e73e3747d9 544525bd789e9985ce57d6bba5d3bfbd1563de35a3f506f0a7c2f0b0d5ca6501 Loading...

	news247.money/weight-loss-industry-outrage/?click2=wvrvl9jkk18bri1niunh56cm&lp=BioScience%20Keto%20Gummies&cep=QJAnJpAnlt14QGMG6QSZZo-IMoiMh5psxcEHp6fsH4kJGkDfJVqdtU87x2Af_jR4ZmKoM14F4sY1fuQtGuF2heelf52IY0RNIqJrfHTzej9mBd528GXHBg7QVFNnuyusnNwql_Kuiwry22UqfRRJOLCyS5qwd6ZyguNRa6TFpZHr5uqRFVMBptePV8O27V4FRryxIvGfR3vESYSrW8FNAo4TYwBPaJXCHEX2OySwKSFFL4vaeaWXS8XFO8G_HOdNfSQ-RaashfnQiymFP-bMsLO0T-zyIdGs4YMKcjEbBBaR5pSUGlGxxagb2I5thUFNaFrIwHlEQDSyLwzu__IjGYQpQQT4kkE8b6c3OfZqaRs&lptoken=167f776490e0049522e9	1.6 kB	2023-03-14	2023-03-14
Pretty URL news247.money/weight-loss-industry-outrage/?click2=wvrvl9jkk18bri1niunh56cm&lp=BioScience%20Keto%20Gummies&cep=QJAnJpAnlt14QGMG6QSZZo-IMoiMh5psxcEHp6fsH4kJGkDfJVqdtU87x2Af_jR4ZmKoM14F4sY1fuQtGuF2heelf52IY0RNIqJrfHTzej9mBd528GXHBg7QVFNnuyusnNwql_Kuiwry22UqfRRJOLCyS5qwd6ZyguNRa6TFpZHr5uqRFVMBptePV8O27V4FRryxIvGfR3vESYSrW8FNAo4TYwBPaJXCHEX2OySwKSFFL4vaeaWXS8XFO8G_HOdNfSQ-RaashfnQiymFP-bMsLO0T-zyIdGs4YMKcjEbBBaR5pSUGlGxxagb2I5thUFNaFrIwHlEQDSyLwzu__IjGYQpQQT4kkE8b6c3OfZqaRs&lptoken=167f776490e0049522e9 IP 188.114.96.1 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-14 07:08:36 Last Seen2023-03-14 19:00:39 Times Seen1 Hash 4598d654af7c49e0438993574dd7dd8d 983d98ea085fd1bf7adc83d985d848f0ee32e1e3 9f80f479bb470bd417cfed5909cfec5221d7d6a4bd996b80f9ee2b19dac4b2aa Loading...

	news247.money/weight-loss-industry-outrage/?click2=wvrvl9jkk18bri1niunh56cm&lp=BioScience%20Keto%20Gummies&cep=QJAnJpAnlt14QGMG6QSZZo-IMoiMh5psxcEHp6fsH4kJGkDfJVqdtU87x2Af_jR4ZmKoM14F4sY1fuQtGuF2heelf52IY0RNIqJrfHTzej9mBd528GXHBg7QVFNnuyusnNwql_Kuiwry22UqfRRJOLCyS5qwd6ZyguNRa6TFpZHr5uqRFVMBptePV8O27V4FRryxIvGfR3vESYSrW8FNAo4TYwBPaJXCHEX2OySwKSFFL4vaeaWXS8XFO8G_HOdNfSQ-RaashfnQiymFP-bMsLO0T-zyIdGs4YMKcjEbBBaR5pSUGlGxxagb2I5thUFNaFrIwHlEQDSyLwzu__IjGYQpQQT4kkE8b6c3OfZqaRs&lptoken=167f776490e0049522e9	37 B	2023-03-07	2024-01-08
Pretty URL news247.money/weight-loss-industry-outrage/?click2=wvrvl9jkk18bri1niunh56cm&lp=BioScience%20Keto%20Gummies&cep=QJAnJpAnlt14QGMG6QSZZo-IMoiMh5psxcEHp6fsH4kJGkDfJVqdtU87x2Af_jR4ZmKoM14F4sY1fuQtGuF2heelf52IY0RNIqJrfHTzej9mBd528GXHBg7QVFNnuyusnNwql_Kuiwry22UqfRRJOLCyS5qwd6ZyguNRa6TFpZHr5uqRFVMBptePV8O27V4FRryxIvGfR3vESYSrW8FNAo4TYwBPaJXCHEX2OySwKSFFL4vaeaWXS8XFO8G_HOdNfSQ-RaashfnQiymFP-bMsLO0T-zyIdGs4YMKcjEbBBaR5pSUGlGxxagb2I5thUFNaFrIwHlEQDSyLwzu__IjGYQpQQT4kkE8b6c3OfZqaRs&lptoken=167f776490e0049522e9 IP 188.114.96.1 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 21:44:44 Last Seen2024-01-08 08:39:40 Times Seen25 Hash 47b678f112ed4b1e242a8a794fd6d922 3830beaaa7c2b11760e0b5fc1dbcddefd6982933 dcf0d9862f3d7a475762cc86a3ae4d35253c5962fb0dbaa3802c539bc97a1514 Loading...

	news247.money/weight-loss-industry-outrage/files/jquery.slim.min.js.download	73 kB	2023-03-12	2024-04-17
Pretty URL news247.money/weight-loss-industry-outrage/files/jquery.slim.min.js.download IP 188.114.96.1 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-12 21:51:55 Last Seen2024-04-17 00:22:22 Times Seen411 Hash 541e80b5bc224cfe384a99836e5062ec 7da81d6d0701e3a6ff598a8e1af6f554976a70ca 670a99215743de25cdc861db49876c9963fffd4068923d851c0c4ab9204a0d2a Loading...

	news247.money/weight-loss-industry-outrage/?click2=wvrvl9jkk18bri1niunh56cm&lp=BioScience%20Keto%20Gummies&cep=QJAnJpAnlt14QGMG6QSZZo-IMoiMh5psxcEHp6fsH4kJGkDfJVqdtU87x2Af_jR4ZmKoM14F4sY1fuQtGuF2heelf52IY0RNIqJrfHTzej9mBd528GXHBg7QVFNnuyusnNwql_Kuiwry22UqfRRJOLCyS5qwd6ZyguNRa6TFpZHr5uqRFVMBptePV8O27V4FRryxIvGfR3vESYSrW8FNAo4TYwBPaJXCHEX2OySwKSFFL4vaeaWXS8XFO8G_HOdNfSQ-RaashfnQiymFP-bMsLO0T-zyIdGs4YMKcjEbBBaR5pSUGlGxxagb2I5thUFNaFrIwHlEQDSyLwzu__IjGYQpQQT4kkE8b6c3OfZqaRs&lptoken=167f776490e0049522e9	2.1 kB	2023-03-14	2024-02-07
Pretty URL news247.money/weight-loss-industry-outrage/?click2=wvrvl9jkk18bri1niunh56cm&lp=BioScience%20Keto%20Gummies&cep=QJAnJpAnlt14QGMG6QSZZo-IMoiMh5psxcEHp6fsH4kJGkDfJVqdtU87x2Af_jR4ZmKoM14F4sY1fuQtGuF2heelf52IY0RNIqJrfHTzej9mBd528GXHBg7QVFNnuyusnNwql_Kuiwry22UqfRRJOLCyS5qwd6ZyguNRa6TFpZHr5uqRFVMBptePV8O27V4FRryxIvGfR3vESYSrW8FNAo4TYwBPaJXCHEX2OySwKSFFL4vaeaWXS8XFO8G_HOdNfSQ-RaashfnQiymFP-bMsLO0T-zyIdGs4YMKcjEbBBaR5pSUGlGxxagb2I5thUFNaFrIwHlEQDSyLwzu__IjGYQpQQT4kkE8b6c3OfZqaRs&lptoken=167f776490e0049522e9 IP 188.114.96.1 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-14 17:47:19 Last Seen2024-02-07 07:42:01 Times Seen1 Hash 97d7f4bffa95324c5211f573c7282129 4152e5375c39f48239bbe64a5e5cf6e490a7eba0 a00baf75ca922e917c7e723a6592e00044177c71e91d8bc664bb5d03696b2075 Loading...

	news247.money/weight-loss-industry-outrage/?click2=wvrvl9jkk18bri1niunh56cm&lp=BioScience%20Keto%20Gummies&cep=QJAnJpAnlt14QGMG6QSZZo-IMoiMh5psxcEHp6fsH4kJGkDfJVqdtU87x2Af_jR4ZmKoM14F4sY1fuQtGuF2heelf52IY0RNIqJrfHTzej9mBd528GXHBg7QVFNnuyusnNwql_Kuiwry22UqfRRJOLCyS5qwd6ZyguNRa6TFpZHr5uqRFVMBptePV8O27V4FRryxIvGfR3vESYSrW8FNAo4TYwBPaJXCHEX2OySwKSFFL4vaeaWXS8XFO8G_HOdNfSQ-RaashfnQiymFP-bMsLO0T-zyIdGs4YMKcjEbBBaR5pSUGlGxxagb2I5thUFNaFrIwHlEQDSyLwzu__IjGYQpQQT4kkE8b6c3OfZqaRs&lptoken=167f776490e0049522e9	1.4 kB	2023-03-10	2024-01-08
Pretty URL news247.money/weight-loss-industry-outrage/?click2=wvrvl9jkk18bri1niunh56cm&lp=BioScience%20Keto%20Gummies&cep=QJAnJpAnlt14QGMG6QSZZo-IMoiMh5psxcEHp6fsH4kJGkDfJVqdtU87x2Af_jR4ZmKoM14F4sY1fuQtGuF2heelf52IY0RNIqJrfHTzej9mBd528GXHBg7QVFNnuyusnNwql_Kuiwry22UqfRRJOLCyS5qwd6ZyguNRa6TFpZHr5uqRFVMBptePV8O27V4FRryxIvGfR3vESYSrW8FNAo4TYwBPaJXCHEX2OySwKSFFL4vaeaWXS8XFO8G_HOdNfSQ-RaashfnQiymFP-bMsLO0T-zyIdGs4YMKcjEbBBaR5pSUGlGxxagb2I5thUFNaFrIwHlEQDSyLwzu__IjGYQpQQT4kkE8b6c3OfZqaRs&lptoken=167f776490e0049522e9 IP 188.114.96.1 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-10 13:22:50 Last Seen2024-01-08 08:39:40 Times Seen14 Hash 586b5228b8ce96fd6909bb15528a4ad7 719b7f411876a97bcc6a91cef6df0087c650200d 71abd0075b8df57b70afd9ce17f64acbd56eb6be41360f1c2192fbc7d158fad7 Loading...

	news247.money/weight-loss-industry-outrage/files/SsDiet_main.js.download	712 B	2023-03-13	2023-03-14
Pretty URL news247.money/weight-loss-industry-outrage/files/SsDiet_main.js.download IP 188.114.96.1 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-13 07:10:01 Last Seen2023-03-14 19:00:39 Times Seen1 Hash c4ee8f1651cb7ca8e9db383434295603 7ecabd4b11ff3ed434f8495cd35f8ad6eadfee78 faa7419d207f138adf37749cdd338e0a945f3c6929f12a03b5138257dee43007 Loading...

	go.signupnow.eu/d/.js?lpref=&lpurl=https%3A%2F%2Fnews247.money%2Fweight-loss-industry-outrage%2F%3Fclick2%3Dwvrvl9jkk18bri1niunh56cm%26lp%3DBioScience%2520Keto%2520Gummies%26cep%3DQJAnJpAnlt14QGMG6QSZZo-IMoiMh5psxcEHp6fsH4kJGkDfJVqdtU87x2Af_jR4ZmKoM14F4sY1fuQtGuF2heelf52IY0RNIqJrfHTzej9mBd528GXHBg7QVFNnuyusnNwql_Kuiwry22UqfRRJOLCyS5qwd6ZyguNRa6TFpZHr5uqRFVMBptePV8O27V4FRryxIvGfR3vESYSrW8FNAo4TYwBPaJXCHEX2OySwKSFFL4vaeaWXS8XFO8G_HOdNfSQ-RaashfnQiymFP-bMsLO0T-zyIdGs4YMKcjEbBBaR5pSUGlGxxagb2I5thUFNaFrIwHlEQDSyLwzu__IjGYQpQQT4kkE8b6c3OfZqaRs%26lptoken%3D167f776490e0049522e9&lpt=Weight%20Loss%20Capsules&vtm=1677898622153	2.9 kB	2023-03-14	2024-02-07
Pretty URL go.signupnow.eu/d/.js?lpref=&lpurl=https%3A%2F%2Fnews247.money%2Fweight-loss-industry-outrage%2F%3Fclick2%3Dwvrvl9jkk18bri1niunh56cm%26lp%3DBioScience%2520Keto%2520Gummies%26cep%3DQJAnJpAnlt14QGMG6QSZZo-IMoiMh5psxcEHp6fsH4kJGkDfJVqdtU87x2Af_jR4ZmKoM14F4sY1fuQtGuF2heelf52IY0RNIqJrfHTzej9mBd528GXHBg7QVFNnuyusnNwql_Kuiwry22UqfRRJOLCyS5qwd6ZyguNRa6TFpZHr5uqRFVMBptePV8O27V4FRryxIvGfR3vESYSrW8FNAo4TYwBPaJXCHEX2OySwKSFFL4vaeaWXS8XFO8G_HOdNfSQ-RaashfnQiymFP-bMsLO0T-zyIdGs4YMKcjEbBBaR5pSUGlGxxagb2I5thUFNaFrIwHlEQDSyLwzu__IjGYQpQQT4kkE8b6c3OfZqaRs%26lptoken%3D167f776490e0049522e9&lpt=Weight%20Loss%20Capsules&vtm=1677898622153 IP 18.208.62.125 ASN #14618 AMAZON-AES Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-14 17:47:19 Last Seen2024-02-07 07:42:02 Times Seen2 Hash 0ab7478d634d4a0a64e58baa1a5320fd cd5857d1257935f924eeb6c5d3c7900dd31fdb07 cb932069e6a0bf033dba9b77ad1a0c42803bde65b0d031877c5855c3fd9b3e37 Loading...

		Size	First Seen	Last Seen
	#1 Write - c24627b55c863a2697bf7b41785338a6	23 B	2023-03-14	2023-03-14
Pretty Observations First Seen2023-03-14 16:34:47 Last Seen2023-03-14 17:47:19 Times Seen1 Hash c24627b55c863a2697bf7b41785338a6 bf54c5c06e856fdf6df9af89b09785523846745e f298290a340622bd1f0dd9a6cdcc98b7d436bc4b1bf464114e14f25dd99b5723 Loading...

HTTP Transactions (47)

URL IP Response Size

r3.o.lencr.org/

23.36.76.226

200 OK

503 B

URL HTTP/1.1
r3.o.lencr.org/
IP
23.36.76.226:0
ASN
#20940 Akamai International B.V.

File type
data
Size
503 B (503 bytes)
Hash
a39c6b0123e56e5b89743a8ad25c746e
feb61559594a73b319532dec130f10068fdf1242
d1adf9c8c7e63c33674a6af4b4111fe0ce1092d362ca4bf7c7dd00e6b6034f09

HTTP Headers

POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "D1ADF9C8C7E63C33674A6AF4B4111FE0CE1092D362CA4BF7C7DD00E6B6034F09"
Last-Modified: Thu, 02 Mar 2023 14:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=7086
Expires: Sat, 04 Mar 2023 04:55:08 GMT
Date: Sat, 04 Mar 2023 02:57:02 GMT
Connection: keep-alive

r3.o.lencr.org/

23.36.76.226

200 OK

503 B

URL HTTP/1.1
r3.o.lencr.org/
IP
23.36.76.226:0
ASN
#20940 Akamai International B.V.

File type
data
Size
503 B (503 bytes)
Hash
96abc4d0be3e74da1484937a66c5ff39
357520bead07e25b52d4ca0c0c69db60cfaa0d7c
32c544ef8b8a3faaf08bdb76f8a387510037dfc15a022fd59457cf45215a6ba8

HTTP Headers

POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "32C544EF8B8A3FAAF08BDB76F8A387510037DFC15A022FD59457CF45215A6BA8"
Last-Modified: Thu, 02 Mar 2023 06:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=6652
Expires: Sat, 04 Mar 2023 04:47:54 GMT
Date: Sat, 04 Mar 2023 02:57:02 GMT
Connection: keep-alive

go.signupnow.eu/f1a832fe-c72f-46e9-98a5-d0ad96adcf39

18.208.62.125

302

0 B

URL HTTP/1.1
go.signupnow.eu/f1a832fe-c72f-46e9-98a5-d0ad96adcf39
IP
18.208.62.125:0
ASN
#14618 AMAZON-AES

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

HTTP Headers

GET /f1a832fe-c72f-46e9-98a5-d0ad96adcf39 HTTP/1.1
Host: go.signupnow.eu
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Upgrade-Insecure-Requests: 1

HTTP/1.1 302 
Server: nginx
Date: Sat, 04 Mar 2023 02:57:02 GMT
Content-Length: 0
Connection: keep-alive
Cache-Control: no-store, no-cache, pre-check=0, post-check=0
Expires: Thu, 01 Jan 1970 00:00:00 GMT
Location: https://news247.money/weight-loss-industry-outrage/?click2=wvrvl9jkk18bri1niunh56cm&lp=BioScience%20Keto%20Gummies&cep=QJAnJpAnlt14QGMG6QSZZo-IMoiMh5psxcEHp6fsH4kJGkDfJVqdtU87x2Af_jR4ZmKoM14F4sY1fuQtGuF2heelf52IY0RNIqJrfHTzej9mBd528GXHBg7QVFNnuyusnNwql_Kuiwry22UqfRRJOLCyS5qwd6ZyguNRa6TFpZHr5uqRFVMBptePV8O27V4FRryxIvGfR3vESYSrW8FNAo4TYwBPaJXCHEX2OySwKSFFL4vaeaWXS8XFO8G_HOdNfSQ-RaashfnQiymFP-bMsLO0T-zyIdGs4YMKcjEbBBaR5pSUGlGxxagb2I5thUFNaFrIwHlEQDSyLwzu__IjGYQpQQT4kkE8b6c3OfZqaRs&lptoken=167f776490e0049522e9
Pragma: no-cache
Set-Cookie: f1a832fe-c72f-46e9-98a5-d0ad96adcf39-v4=nRQt8Dngn0uoBHsJ2zzR-zcrHEw3KoPQAYSAtauihjU; Max-Age=86400; Expires=Sun, 05-Mar-2023 02:57:02 GMT; Domain=go.signupnow.eu; Path=/; HttpOnly
cep-v4=RSZY6wk6xQEm1WLSkMJObYB0YBFeR9FCBBO0zburzxrEKhzCAoQSHPP0XeXW29EUuXEJ_kHQsCo-YiduFvOXz88qrKbGbkzpPl-U1-r7JXdpum3kU--Ih0gIlQ0BwwRlk9BHh3qKo6eMsqyZ-TbgKvG7T5_A4LTH2xJu0ckx18DOBvuV60iPZ0IT3SST6URghC5OUaKKD1tWGNeE6Wm-gmOYVwfstWIkte8J8vOtdwyOjPnUTIimWX_nnvTsf4IJ2KNWLpFggaK2n_7M7R7eqB8qQlm6jLLmqXxi1CGBo5h3DeNI_yKn3nuti3OJt9vXU--IXbo14_si1m4SEm_SzuJaq-enVff92V-NDi5KqlQ; Max-Age=86400; Expires=Sun, 05-Mar-2023 02:57:02 GMT; Domain=go.signupnow.eu; Path=/; HttpOnly

firefox.settings.services.mozilla.com/v1/

35.241.9.150

200 OK

939 B

URL HTTP/2
firefox.settings.services.mozilla.com/v1/
IP
35.241.9.150:0
ASN
#15169 GOOGLE

File type
JSON data\012- , ASCII text, with very long lines (939), with no line terminators
Size
939 B (939 bytes)
Hash
bc86ef2a0cee04915bc360f5821adc8f
3658f9028cce204d38f7f48fcfaa2a8e4f54383a
aeecd718d03811322457de4f20828bdba86b277e7e0e328cae9c0a8075638454

HTTP Headers

GET /v1/ HTTP/1.1
Host: firefox.settings.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
access-control-allow-origin: *
access-control-expose-headers: Backoff, Content-Type, Retry-After, Content-Length, Alert
content-security-policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
content-length: 939
via: 1.1 google
date: Sat, 04 Mar 2023 02:13:04 GMT
content-type: application/json
age: 2638
cache-control: max-age=3600,public
alt-svc: clear
X-Firefox-Spdy: h2

r3.o.lencr.org/

23.36.76.226

200 OK

503 B

URL HTTP/1.1
r3.o.lencr.org/
IP
23.36.76.226:0
ASN
#20940 Akamai International B.V.

File type
data
Size
503 B (503 bytes)
Hash
e4e8aac6a39cada76c87582702f7c378
0260b5087dc89bc06032583627bc84109646561e
de8102626e7960652e844be721ec8336927886d18957a52474e4bc31a7c1a83b

HTTP Headers

POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "DE8102626E7960652E844BE721EC8336927886D18957A52474E4BC31A7C1A83B"
Last-Modified: Thu, 02 Mar 2023 05:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=6931
Expires: Sat, 04 Mar 2023 04:52:33 GMT
Date: Sat, 04 Mar 2023 02:57:02 GMT
Connection: keep-alive

content-signature-2.cdn.mozilla.net/chains/remote-settings.content-signature.mozilla.org-2023-04-09-20-28-26.chain

34.160.144.191

200 OK

5.3 kB

URL HTTP/2
content-signature-2.cdn.mozilla.net/chains/remote-settings.content-signature.mozilla.org-2023-04-09-20-28-26.chain
IP
34.160.144.191:0
ASN
#15169 GOOGLE

File type
PEM certificate\012- , ASCII text
Size
5.3 kB (5348 bytes)
Hash
b5ba6334e73496995e3e3a9ecd0eb323
ad80d3b7718c28364e8c2004fb38a13a1747e462
aa5abb52515c6383c014aadb63a86c9f798ad64de53c0218616c1fc6d424d2e2

HTTP Headers

GET /chains/remote-settings.content-signature.mozilla.org-2023-04-09-20-28-26.chain HTTP/1.1
Host: content-signature-2.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
x-amz-id-2: oBoa+Xjo+cTR8e+wBsxX9Y/i/pgT/zapFL62LFs4SNq0DSjGeXHmpuoAhds1Ru4uTmwelXxsQ+RBuqC1iedKtA==
x-amz-request-id: SGV98RXQNSVXJWA3
x-amz-server-side-encryption: AES256
content-disposition: attachment
accept-ranges: bytes
server: AmazonS3
content-length: 5348
via: 1.1 google
date: Sat, 04 Mar 2023 02:33:45 GMT
age: 1397
last-modified: Sat, 18 Feb 2023 20:28:27 GMT
etag: "b5ba6334e73496995e3e3a9ecd0eb323"
content-type: binary/octet-stream
cache-control: public,max-age=3600
alt-svc: clear
X-Firefox-Spdy: h2

contile.services.mozilla.com/v1/tiles

34.117.237.239

200 OK

12 B

URL HTTP/2
contile.services.mozilla.com/v1/tiles
IP
34.117.237.239:0
ASN
#15169 GOOGLE

File type
JSON data\012- , ASCII text, with no line terminators
Size
12 B (12 bytes)
Hash
23e88fb7b99543fb33315b29b1fad9d6
a48926c4ec03c7c8a4e8dffcd31e5a6cdda417ce
7d8f1de8b7de7bc21dfb546a1d0c51bf31f16eee5fad49dbceae1e76da38e5c3

HTTP Headers

GET /v1/tiles HTTP/1.1
Host: contile.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
server: nginx
date: Sat, 04 Mar 2023 02:57:02 GMT
content-type: application/json
content-length: 12
access-control-allow-credentials: true
access-control-expose-headers: content-type
vary: Origin, Access-Control-Request-Method, Access-Control-Request-Headers
strict-transport-security: max-age=31536000
via: 1.1 google
alt-svc: clear
X-Firefox-Spdy: h2

ocsp.digicert.com/

192.229.221.95

200 OK

279 B

URL HTTP/1.1
ocsp.digicert.com/
IP
192.229.221.95:0
ASN
#15133 EDGECAST

File type
data
Size
279 B (279 bytes)
Hash
8faf65a08cf24142aa4dab31bcff9922
a25ced56c4e4cacb6b7a6cbf195b0fd4ff97eb49
edad34b714923c39ab72e151c271eb1d016b6f7af7e7b45901dcd8f91ac83048

HTTP Headers

POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Accept-Ranges: bytes
Cache-Control: max-age=120843
Content-Type: application/ocsp-response
Date: Sat, 04 Mar 2023 02:57:02 GMT
Etag: "6401e889-117"
Expires: Sun, 05 Mar 2023 12:31:05 GMT
Last-Modified: Fri, 03 Mar 2023 12:31:05 GMT
Server: nginx
Content-Length: 279

news247.money/weight-loss-industry-outrage/?click2=wvrvl9jkk18bri1niunh56cm&lp=BioScience%20Keto%20Gummies&cep=QJAnJpAnlt14QGMG6QSZZo-IMoiMh5psxcEHp6fsH4kJGkDfJVqdtU87x2Af_jR4ZmKoM14F4sY1fuQtGuF2heelf52IY0RNIqJrfHTzej9mBd528GXHBg7QVFNnuyusnNwql_Kuiwry22UqfRRJOLCyS5qwd6ZyguNRa6TFpZHr5uqRFVMBptePV8O27V4FRryxIvGfR3vESYSrW8FNAo4TYwBPaJXCHEX2OySwKSFFL4vaeaWXS8XFO8G_HOdNfSQ-RaashfnQiymFP-bMsLO0T-zyIdGs4YMKcjEbBBaR5pSUGlGxxagb2I5thUFNaFrIwHlEQDSyLwzu__IjGYQpQQT4kkE8b6c3OfZqaRs&lptoken=167f776490e0049522e9

188.114.96.1

200 OK

9.2 kB

URL HTTP/2
news247.money/weight-loss-industry-outrage/?click2=wvrvl9jkk18bri1niunh56cm&lp=BioScience%20Keto%20Gummies&cep=QJAnJpAnlt14QGMG6QSZZo-IMoiMh5psxcEHp6fsH4kJGkDfJVqdtU87x2Af_jR4ZmKoM14F4sY1fuQtGuF2heelf52IY0RNIqJrfHTzej9mBd528GXHBg7QVFNnuyusnNwql_Kuiwry22UqfRRJOLCyS5qwd6ZyguNRa6TFpZHr5uqRFVMBptePV8O27V4FRryxIvGfR3vESYSrW8FNAo4TYwBPaJXCHEX2OySwKSFFL4vaeaWXS8XFO8G_HOdNfSQ-RaashfnQiymFP-bMsLO0T-zyIdGs4YMKcjEbBBaR5pSUGlGxxagb2I5thUFNaFrIwHlEQDSyLwzu__IjGYQpQQT4kkE8b6c3OfZqaRs&lptoken=167f776490e0049522e9
IP
188.114.96.1:0
ASN
#13335 CLOUDFLARENET

File type
HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document text\012- exported SGML document, Unicode text, UTF-8 text, with very long lines (597)
Size
9.2 kB (9219 bytes)
Hash
8e20fc59877dcc81792397f261f03463
1381b086bf18b617aa15f9291b297619ea51eac0
1c2a830bedf2de34e0192043e7b51ed66302c15eb734d0a071bf6804ec0a3288

HTTP Headers

GET /weight-loss-industry-outrage/?click2=wvrvl9jkk18bri1niunh56cm&lp=BioScience%20Keto%20Gummies&cep=QJAnJpAnlt14QGMG6QSZZo-IMoiMh5psxcEHp6fsH4kJGkDfJVqdtU87x2Af_jR4ZmKoM14F4sY1fuQtGuF2heelf52IY0RNIqJrfHTzej9mBd528GXHBg7QVFNnuyusnNwql_Kuiwry22UqfRRJOLCyS5qwd6ZyguNRa6TFpZHr5uqRFVMBptePV8O27V4FRryxIvGfR3vESYSrW8FNAo4TYwBPaJXCHEX2OySwKSFFL4vaeaWXS8XFO8G_HOdNfSQ-RaashfnQiymFP-bMsLO0T-zyIdGs4YMKcjEbBBaR5pSUGlGxxagb2I5thUFNaFrIwHlEQDSyLwzu__IjGYQpQQT4kkE8b6c3OfZqaRs&lptoken=167f776490e0049522e9 HTTP/1.1
Host: news247.money
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: none
Sec-Fetch-User: ?1

HTTP/2 200 OK
date: Sat, 04 Mar 2023 02:57:02 GMT
content-type: text/html; charset=UTF-8
cf-cache-status: DYNAMIC
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=vP7ZSYvESOWW0BJhLcO3qEKNMBFM8wbRgYQbqUUKFGjmASjIol5lUoiw6iBh3cv4px%2B5Ed385RMJCYCXRIoav1dcoAgjoLgVvoaJNvRLEBBfWPA1A2d7woHnUSLC0gQf"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 7a26d977dafdb527-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2

news247.money/weight-loss-industry-outrage/files/main.js.download

188.114.96.1

200 OK

0 B

URL HTTP/2
news247.money/weight-loss-industry-outrage/files/main.js.download
IP
188.114.96.1:0
ASN
#13335 CLOUDFLARENET

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Detections

Analyzer	Verdict	Alert
fortinet	Phishing

HTTP Headers

GET /weight-loss-industry-outrage/files/main.js.download HTTP/1.1
Host: news247.money
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://news247.money/weight-loss-industry-outrage/?click2=wvrvl9jkk18bri1niunh56cm&lp=BioScience%20Keto%20Gummies&cep=QJAnJpAnlt14QGMG6QSZZo-IMoiMh5psxcEHp6fsH4kJGkDfJVqdtU87x2Af_jR4ZmKoM14F4sY1fuQtGuF2heelf52IY0RNIqJrfHTzej9mBd528GXHBg7QVFNnuyusnNwql_Kuiwry22UqfRRJOLCyS5qwd6ZyguNRa6TFpZHr5uqRFVMBptePV8O27V4FRryxIvGfR3vESYSrW8FNAo4TYwBPaJXCHEX2OySwKSFFL4vaeaWXS8XFO8G_HOdNfSQ-RaashfnQiymFP-bMsLO0T-zyIdGs4YMKcjEbBBaR5pSUGlGxxagb2I5thUFNaFrIwHlEQDSyLwzu__IjGYQpQQT4kkE8b6c3OfZqaRs&lptoken=167f776490e0049522e9
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
date: Sat, 04 Mar 2023 02:57:02 GMT
content-type: application/javascript
content-length: 0
last-modified: Fri, 10 Feb 2023 09:57:22 GMT
accept-ranges: bytes
cf-cache-status: DYNAMIC
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=UDcF6FlWWdmFu2iD4aAzG9g%2FMaI7ijiBYzQjXJo%2FJMhVgA5v5bVNP6M2cGHIGJ6dQFfdXRT7h5N4KhRAh66auxS4%2BOo8YJ5bu%2B6%2BnWm8TiRRjZcJw%2FpPv9penyGYnyED"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 7a26d978fb81b527-OSL
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2

news247.money/weight-loss-industry-outrage/files/male.jpg

188.114.96.1

200 OK

61 kB

URL HTTP/2
news247.money/weight-loss-industry-outrage/files/male.jpg
IP
188.114.96.1:0
ASN
#13335 CLOUDFLARENET

File type
JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, baseline, precision 8, 640x377, components 3\012- data
Size
61 kB (61225 bytes)
Hash
3f762de6f1746d22b28386c5ff40f09f
da7d5448ec5830958b92c736492385ad4f4af0fa
483f0e6ef01dd24626866591d33708d877fbea4512886db8439ca00d93f73f57

HTTP Headers

GET /weight-loss-industry-outrage/files/male.jpg HTTP/1.1
Host: news247.money
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
date: Sat, 04 Mar 2023 02:57:02 GMT
content-type: image/jpeg
content-length: 61225
last-modified: Fri, 10 Feb 2023 09:57:32 GMT
cache-control: max-age=14400
cf-cache-status: REVALIDATED
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=ozHefA1hripaqUR6jxaRv49CvMQksUewdebI93ET%2BDX5%2FsjF3io2RH%2BRxlKeBOWZ95VAg5dqsOXzjRBxZtD8I0tN93HzuvimeDa5qdVo2X%2Ff6uOM%2FKz5Urdiufs9DMAS"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 7a26d9790b88b527-OSL
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2

news247.money/weight-loss-industry-outrage/files/comment3.jpg

188.114.96.1

200 OK

1.2 kB

URL HTTP/2
news247.money/weight-loss-industry-outrage/files/comment3.jpg
IP
188.114.96.1:0
ASN
#13335 CLOUDFLARENET

File type
JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, baseline, precision 8, 48x48, components 3\012- data
Size
1.2 kB (1162 bytes)
Hash
b9f11c3e22a6fc9d007f8dee9646d578
e186831cf2c5b716bf322e4a3e4ead3e77dbe26b
9829f02f6825d009656b73cb37f9a318d678ac478a12453f3d0921cf121ade01

HTTP Headers

GET /weight-loss-industry-outrage/files/comment3.jpg HTTP/1.1
Host: news247.money
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
date: Sat, 04 Mar 2023 02:57:02 GMT
content-type: image/jpeg
content-length: 1162
last-modified: Fri, 10 Feb 2023 09:57:34 GMT
cache-control: max-age=14400
cf-cache-status: MISS
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=IS8BI3NpcUNhJ2CMqw7KzYhPV0hxWA4k%2BinJxX9NTdl8zpg7KCYbCq5JBbiwWB0zVmcBy3RYOUDv%2Fr9%2BX7W94c0f4J8UW%2B2Wata6yJOOpQ9EQuV2JSwUUwJ37WKkmB3H"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 7a26d9790b8cb527-OSL
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2

news247.money/weight-loss-industry-outrage/files/comment2.jpg

188.114.96.1

200 OK

1.5 kB

URL HTTP/2
news247.money/weight-loss-industry-outrage/files/comment2.jpg
IP
188.114.96.1:0
ASN
#13335 CLOUDFLARENET

File type
JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, baseline, precision 8, 48x48, components 3\012- data
Size
1.5 kB (1455 bytes)
Hash
6d1abd17374046f3faefc518ac15bfec
7e466753ab9b4fee757369953eece8acc2ba7d9c
f23e343b8bb6a354c862b8bf1d9422924944f7c6ae8fb50726cefe75b74a8856

HTTP Headers

GET /weight-loss-industry-outrage/files/comment2.jpg HTTP/1.1
Host: news247.money
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
date: Sat, 04 Mar 2023 02:57:02 GMT
content-type: image/jpeg
content-length: 1455
last-modified: Fri, 10 Feb 2023 09:57:32 GMT
cache-control: max-age=14400
cf-cache-status: REVALIDATED
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=q6a5Zx%2F%2FDaxmkWIqGAzSuJdFH1ccOrvyID9gPKdWAwJr%2BD40%2Bdw%2Fm0yKmR9p7OqgiGG1xACc3sQWjkhzRkH6yDjY9Ul%2BUDp1%2FpNgXGoAhU3GrhVcHPmxkCDbihMw%2BPK1"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 7a26d9790b8bb527-OSL
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2

news247.money/weight-loss-industry-outrage/files/comment4.jpg

188.114.96.1

200 OK

1.3 kB

URL HTTP/2
news247.money/weight-loss-industry-outrage/files/comment4.jpg
IP
188.114.96.1:0
ASN
#13335 CLOUDFLARENET

File type
JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, baseline, precision 8, 48x48, components 3\012- data
Size
1.3 kB (1262 bytes)
Hash
51b49c59602791264823bc3031364720
0faa6a09f153a2ba447cab0278bd15accf24e418
83d41673910e93a9cc4f7cbdc333fa4b4622dc9bb580547711f3d2a3e30e2e52

HTTP Headers

GET /weight-loss-industry-outrage/files/comment4.jpg HTTP/1.1
Host: news247.money
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
date: Sat, 04 Mar 2023 02:57:02 GMT
content-type: image/jpeg
content-length: 1262
last-modified: Fri, 10 Feb 2023 09:57:34 GMT
cache-control: max-age=14400
cf-cache-status: REVALIDATED
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=D4okxCQIpHm88xg0h14C8%2FlgCka%2Fz0OQ%2Fpj1m9LXYUOinMZFyQNV3L0b8sfCt8pGhhL9Er8eOeecHrkbqAv%2BM4L0tUdB2zSNMG25B1CbLlJiRySaJCIHD%2F%2FAGIjSfUu%2F"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 7a26d9790b8db527-OSL
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2

news247.money/weight-loss-industry-outrage/files/comment7.jpg

188.114.96.1

200 OK

1.1 kB

URL HTTP/2
news247.money/weight-loss-industry-outrage/files/comment7.jpg
IP
188.114.96.1:0
ASN
#13335 CLOUDFLARENET

File type
JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, baseline, precision 8, 48x48, components 3\012- data
Size
1.1 kB (1071 bytes)
Hash
050d3d3c0bff81da5750ac001c6d257a
b16b11543c8d2ed9d45f6422fcd8319e3663cd53
87563349a0ce8136668d604ecec573c2eb72430f7f7bd54b48f3ca8b6e467d5b

HTTP Headers

GET /weight-loss-industry-outrage/files/comment7.jpg HTTP/1.1
Host: news247.money
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
date: Sat, 04 Mar 2023 02:57:02 GMT
content-type: image/jpeg
content-length: 1071
last-modified: Fri, 10 Feb 2023 09:57:36 GMT
cache-control: max-age=14400
cf-cache-status: REVALIDATED
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=TC0tsZw0TrryLYcCUPCoH2Vh8HqRr%2BN8bqNiYUvfj0WfRtlU81fJU%2F6968N%2FSghb320QOdEAGAreOlo%2BpHizDlxGhTLH9kfN3xtGX3HmEsldTly%2FXVBbkEWHDoGQfEng"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 7a26d9790b90b527-OSL
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2

news247.money/weight-loss-industry-outrage/files/comment5.jpg

188.114.96.1

200 OK

1.2 kB

URL HTTP/2
news247.money/weight-loss-industry-outrage/files/comment5.jpg
IP
188.114.96.1:0
ASN
#13335 CLOUDFLARENET

File type
JPEG image data, JFIF standard 1.01, resolution (DPI), density 72x72, segment length 16, baseline, precision 8, 50x50, components 3\012- data
Size
1.2 kB (1178 bytes)
Hash
da8d96076a7b67055c44742824a4578b
d6e715bfdd8787a3ce8a8b0cf1bbf3a2baf22f8b
85164dba7108390f8e1c278d996959695a31f585aae9e5f1e53aa025c675e15e

HTTP Headers

GET /weight-loss-industry-outrage/files/comment5.jpg HTTP/1.1
Host: news247.money
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
date: Sat, 04 Mar 2023 02:57:02 GMT
content-type: image/jpeg
content-length: 1178
last-modified: Fri, 10 Feb 2023 09:57:34 GMT
cache-control: max-age=14400
cf-cache-status: MISS
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=9Q8EWXsavWIJEUVRNyU4aahAzMwGnx2b2HMhNkBh9ma%2BuYroM4XIGTBvGCRjhVbYPg66g%2FhK%2BTatQvq%2FC4c2q0ZJfiiv6N8zFkYGbJleODxaIMPGNjq4ayGfllXb9AI1"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 7a26d9790b8eb527-OSL
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2

news247.money/weight-loss-industry-outrage/files/cmnt-img7.jpg

188.114.96.1

200 OK

2.5 kB

URL HTTP/2
news247.money/weight-loss-industry-outrage/files/cmnt-img7.jpg
IP
188.114.96.1:0
ASN
#13335 CLOUDFLARENET

File type
JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, baseline, precision 8, 50x50, components 3\012- data
Size
2.5 kB (2532 bytes)
Hash
b0fc7d9952956a45615e56f38dba7524
b6c77f788b1e5f5b7830f6a8267ffc6083e90be3
fcd4a3fd7e80211a92e366598a928e3f6a59d802d535a3de7c87b04fc51c8c65

HTTP Headers

GET /weight-loss-industry-outrage/files/cmnt-img7.jpg HTTP/1.1
Host: news247.money
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
date: Sat, 04 Mar 2023 02:57:02 GMT
content-type: image/jpeg
content-length: 2532
last-modified: Fri, 10 Feb 2023 09:57:36 GMT
cache-control: max-age=14400
cf-cache-status: MISS
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=jSdSBRI4DCeGTuQpG6d97JC7Nvb72CF7P8n3OEgDwyyCS7yaxEPPKJBk8pAfMAAYdB1yWFMNu1eEzcvLUWc9XAXfpnciyojBnI%2Bi9RsYxCwzw8lUAMCaNSbx0lmPDgEm"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 7a26d9790b92b527-OSL
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2

news247.money/weight-loss-industry-outrage/files/comment1.jpg

188.114.96.1

200 OK

1.3 kB

URL HTTP/2
news247.money/weight-loss-industry-outrage/files/comment1.jpg
IP
188.114.96.1:0
ASN
#13335 CLOUDFLARENET

File type
JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, baseline, precision 8, 48x48, components 3\012- data
Size
1.3 kB (1347 bytes)
Hash
835f073b088a46021c22b4b23f44383f
e4afcfbb2c5dc83799558ad348d2b11bf28d339f
82f1b47ae81ab7c187841e3d8b8cdede7399de58243585b1417f495ee60d0de9

HTTP Headers

GET /weight-loss-industry-outrage/files/comment1.jpg HTTP/1.1
Host: news247.money
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
date: Sat, 04 Mar 2023 02:57:02 GMT
content-type: image/jpeg
content-length: 1347
last-modified: Fri, 10 Feb 2023 09:57:36 GMT
cache-control: max-age=14400
cf-cache-status: MISS
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=kolO62WNuJ7861cPlgR2LZ3L%2F7T1alMrm%2FggUs07hhoQX9ABAe8npENrjF358P9MMkzcXw9E%2FoQCQDOtdN5PoXViH5W%2FGFNIEp5WLIe%2BTO1NMNvnijHoZHGI%2BsIxjRBT"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 7a26d9790b91b527-OSL
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2

news247.money/weight-loss-industry-outrage/files/comment9.png

188.114.96.1

200 OK

6.1 kB

URL HTTP/2
news247.money/weight-loss-industry-outrage/files/comment9.png
IP
188.114.96.1:0
ASN
#13335 CLOUDFLARENET

File type
PNG image data, 99 x 99, 8-bit colormap, non-interlaced\012- data
Size
6.1 kB (6149 bytes)
Hash
1ca73bc3f539b10d1ddf4d2a757f0925
74f565ffcb87fa6363c9888d65b45985a46c153b
14a2db795366abb2b61320f70d8fac505cc6993257585f278e33f79486a5bf1d

HTTP Headers

GET /weight-loss-industry-outrage/files/comment9.png HTTP/1.1
Host: news247.money
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
date: Sat, 04 Mar 2023 02:57:02 GMT
content-type: image/png
content-length: 6149
last-modified: Fri, 10 Feb 2023 09:57:38 GMT
cache-control: max-age=14400
cf-cache-status: MISS
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=E0PovNzEWittKnKQq5VqG5fZXDg84YmG8R1BN3qICtxCMqI4RzZbl%2B1HQ%2F0asP2keTF4q8Fv2dX7%2FEDvpxSm%2F3FXCpplBxU1Q6qUqXN1MWHcLPPYG5M95io34uR2ci8W"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 7a26d9790b94b527-OSL
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2

news247.money/weight-loss-industry-outrage/files/comment10.png

188.114.96.1

200 OK

6.3 kB

URL HTTP/2
news247.money/weight-loss-industry-outrage/files/comment10.png
IP
188.114.96.1:0
ASN
#13335 CLOUDFLARENET

File type
PNG image data, 100 x 99, 8-bit colormap, non-interlaced\012- data
Size
6.3 kB (6294 bytes)
Hash
1644c31ac4af11b5d9cd3cab9d0d7543
e6f3ccc747506cb5c139773dda3787e17e194d22
bdea623e9338d1c7b3bc1d61ebbb76325c0f24fae57f5baa472d171f7c93d240

HTTP Headers

GET /weight-loss-industry-outrage/files/comment10.png HTTP/1.1
Host: news247.money
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
date: Sat, 04 Mar 2023 02:57:02 GMT
content-type: image/png
content-length: 6294
last-modified: Fri, 10 Feb 2023 09:57:38 GMT
cache-control: max-age=14400
cf-cache-status: MISS
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=NFYKpsiTR2wgrFWQGniApVLK%2FnFAewLKdGRkKqZzPC1cfC884Fqn1nlwRHYNQEkP50nNk%2FzVPpQUlXjOrVmlhpnDy%2FplriOM2m3x7Qtp%2FQ8BGAGC7b4Tep41zvxHeU%2BV"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 7a26d9790b95b527-OSL
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2

news247.money/weight-loss-industry-outrage/files/comment8.png

188.114.96.1

200 OK

7.0 kB

URL HTTP/2
news247.money/weight-loss-industry-outrage/files/comment8.png
IP
188.114.96.1:0
ASN
#13335 CLOUDFLARENET

File type
PNG image data, 100 x 100, 8-bit colormap, non-interlaced\012- data
Size
7.0 kB (7003 bytes)
Hash
bdbe8232d93b34e432d1259d44e3c9f8
e4ddf0c8059721a0f84e50b269b488a2f3c602ed
0e5548d1da492b805c3895367f62c1e06c45c02e7ebe81c0a89773efa9661515

HTTP Headers

GET /weight-loss-industry-outrage/files/comment8.png HTTP/1.1
Host: news247.money
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
date: Sat, 04 Mar 2023 02:57:02 GMT
content-type: image/png
content-length: 7003
last-modified: Fri, 10 Feb 2023 09:57:38 GMT
cache-control: max-age=14400
cf-cache-status: REVALIDATED
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Ge53tHF5e058QJAgrjlDFdZVgrMatlcEp9HuNquAqHZG55f4YdwxmbOTeBtmO2trTV8ERzSG%2FA4HUqnSU%2BYGOKJE%2BAC7qQZRLOGxuqKt5LrELhdjGoLd%2BacUJS9uBIoy"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 7a26d9790b93b527-OSL
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2

news247.money/weight-loss-industry-outrage/files/tinder1.jpg

188.114.96.1

200 OK

49 kB

URL HTTP/2
news247.money/weight-loss-industry-outrage/files/tinder1.jpg
IP
188.114.96.1:0
ASN
#13335 CLOUDFLARENET

File type
JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 640x480, components 3\012- data
Size
49 kB (48812 bytes)
Hash
9f44ef5d0030c72b44429799ee316aa1
fbeea29e9d3b9c8d9132127cae6dd4dcca195fe2
6e08938e19afca80c1d9cc84798e3418511e7ebec5933f4addb2f4b39f7fcc45

HTTP Headers

GET /weight-loss-industry-outrage/files/tinder1.jpg HTTP/1.1
Host: news247.money
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
date: Sat, 04 Mar 2023 02:57:03 GMT
content-type: image/jpeg
content-length: 48812
last-modified: Fri, 10 Feb 2023 09:57:30 GMT
cache-control: max-age=14400
cf-cache-status: MISS
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=RPujTwJmqu%2BsK6ROxkg7G9yYVF%2BiU0CWB8e75N0PNvM693CEPosg0%2FR8EUhi2EE1mwB4vsrF4z%2BVnHx4H01Lyj4%2FdyrKHmQQ4uqmdHXhUoD9JXE%2FrQCGMEKr%2FX7OgPqZ"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 7a26d9790b87b527-OSL
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2

news247.money/weight-loss-industry-outrage/files/tinder2.jpg

188.114.96.1

200 OK

43 kB

URL HTTP/2
news247.money/weight-loss-industry-outrage/files/tinder2.jpg
IP
188.114.96.1:0
ASN
#13335 CLOUDFLARENET

File type
JPEG image data, JFIF standard 1.01, resolution (DPI), density 180x180, segment length 16, progressive, precision 8, 500x407, components 3\012- data
Size
43 kB (43130 bytes)
Hash
2a3d8a4d600c7b9f98d57d730f624990
d5de906cb5b741b6ad189a22f2775c5008d61482
af24ffe38173248f2ab3f0afbc89261f4c984910e284744cd8f31bb3c4d1a5ec

HTTP Headers

GET /weight-loss-industry-outrage/files/tinder2.jpg HTTP/1.1
Host: news247.money
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
date: Sat, 04 Mar 2023 02:57:03 GMT
content-type: image/jpeg
content-length: 43130
last-modified: Fri, 10 Feb 2023 09:57:30 GMT
cache-control: max-age=14400
cf-cache-status: MISS
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=7gp1ei1gwZxHg6fHCrMzMK2ABE2p5g5aikGhleCouBpyC2KCDa5FQOPaYiX5o1Xc4LZiHrKZuL7p9GxEOCN7iifZt8Qtu6KHZKLoO2w84Sdk7EpKdkQEeGBRsRwYiysX"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 7a26d978fb86b527-OSL
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2

news247.money/weight-loss-industry-outrage/files/usweeklyba.png

188.114.96.1

200 OK

57 kB

URL HTTP/2
news247.money/weight-loss-industry-outrage/files/usweeklyba.png
IP
188.114.96.1:0
ASN
#13335 CLOUDFLARENET

File type
PNG image data, 470 x 300, 8-bit colormap, non-interlaced\012- data
Size
57 kB (56810 bytes)
Hash
de25cb2e1586fdcdbc2e1f72fe3f0693
4ea2ea9b8df58a122f38c2e01df431e1a7dd5375
4f84eac91dadbd38c36c2781d7946efd8d1f94b5320b3b7a39ef8c1abe4fd835

HTTP Headers

GET /weight-loss-industry-outrage/files/usweeklyba.png HTTP/1.1
Host: news247.money
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
date: Sat, 04 Mar 2023 02:57:03 GMT
content-type: image/png
content-length: 56810
last-modified: Fri, 10 Feb 2023 09:57:32 GMT
cache-control: max-age=14400
cf-cache-status: MISS
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=aKNkpTSQ9QLp93HBwq7ZabxX475ZGvDqPYCEuOovEhoDlcT84%2Bp7lAw7qyLKxnq3mv2CCXWQzgMJTjU8HNgy6HP%2BN2oX9Nr0Lq7whECau7KvSBvQZ0oWKZ2OnBd56noB"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 7a26d9790b89b527-OSL
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2

firefox.settings.services.mozilla.com/v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US

35.241.9.150

200 OK

329 B

URL HTTP/2
firefox.settings.services.mozilla.com/v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US
IP
35.241.9.150:0
ASN
#15169 GOOGLE

File type
JSON data\012- , ASCII text, with very long lines (329), with no line terminators
Size
329 B (329 bytes)
Hash
0333b0655111aa68de771adfcc4db243
63f295a144ac87a7c8e23417626724eeca68a7eb
60636eb1dc67c9ed000fe0b49f03777ad6f549cb1d2b9ff010cf198465ae6300

HTTP Headers

GET /v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US HTTP/1.1
Host: firefox.settings.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/json
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/json
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
access-control-allow-origin: *
access-control-expose-headers: Pragma, Retry-After, Alert, Content-Length, Backoff, ETag, Content-Type, Cache-Control, Last-Modified, Expires
content-security-policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
content-length: 329
via: 1.1 google
date: Sat, 04 Mar 2023 02:12:26 GMT
age: 2677
last-modified: Fri, 25 Mar 2022 17:45:46 GMT
etag: "1648230346554"
content-type: application/json
cache-control: max-age=3600,public
alt-svc: clear
X-Firefox-Spdy: h2

news247.money/weight-loss-industry-outrage/files/w3FEHAU56Hsv1NWXO1KUDsKq4st8SDxTo5RYsB5t.jpg

188.114.96.1

200 OK

198 kB

URL HTTP/2
news247.money/weight-loss-industry-outrage/files/w3FEHAU56Hsv1NWXO1KUDsKq4st8SDxTo5RYsB5t.jpg
IP
188.114.96.1:0
ASN
#13335 CLOUDFLARENET

File type
JPEG image data, JFIF standard 1.01, resolution (DPI), density 72x72, segment length 16, Exif Standard: [TIFF image data, little-endian, direntries=7, orientation=upper-left, xresolution=98, yresolution=106, resolutionunit=2, software=GIMP 2.10.24, datetime=2022:02:25 09:54:06], progressive, precision 8, 1265x675, components 3\012- data
Size
198 kB (197602 bytes)
Hash
2e5241cd392b586e9a833023ebbf6aab
7769aed9c2b7fd95a7202a9bbed9f28bda4b80de
b2b24a844ccba4e917d2398e764f2b70c90a6fd09ed82bcfc73bfd76009216ef

HTTP Headers

GET /weight-loss-industry-outrage/files/w3FEHAU56Hsv1NWXO1KUDsKq4st8SDxTo5RYsB5t.jpg HTTP/1.1
Host: news247.money
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
date: Sat, 04 Mar 2023 02:57:03 GMT
content-type: image/jpeg
content-length: 197602
last-modified: Thu, 02 Mar 2023 12:07:54 GMT
cache-control: max-age=14400
cf-cache-status: MISS
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=z3fSRQtsrmQtdHmUVYgQTVEjd6apgSyXqy%2Bhe3Ry%2Flf9BfHS4cw6us4Lbmg870%2F3ZRrTchYj9eqbVmADAk3sz59zEGPcEWL9yM60vYAZjmG9VO2b3Cyvqsz6W6d%2BIQfE"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 7a26d978fb84b527-OSL
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2

news247.money/weight-loss-industry-outrage/files/product.png

188.114.96.1

200 OK

232 kB

URL HTTP/2
news247.money/weight-loss-industry-outrage/files/product.png
IP
188.114.96.1:0
ASN
#13335 CLOUDFLARENET

File type
PNG image data, 400 x 760, 8-bit/color RGBA, non-interlaced\012- data
Size
232 kB (231460 bytes)
Hash
e4e0a5d75d5e2565e90edd9e86aead02
ed9c95a7d1473162b37a57521e57a1df6ada40fc
964d96cbcae4e678becba8e8e03e83b0c84726acaa72618f3ca589158f3619b8

HTTP Headers

GET /weight-loss-industry-outrage/files/product.png HTTP/1.1
Host: news247.money
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
date: Sat, 04 Mar 2023 02:57:03 GMT
content-type: image/png
content-length: 231460
last-modified: Thu, 16 Feb 2023 14:00:30 GMT
cache-control: max-age=14400
cf-cache-status: MISS
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=ehWxHLrA1tRQ39cQPrNUCkxUGIVmPnMNrsk%2Byp6KbS7TP%2BaJBhDqpjcSgyRkTfquXNi9K0Jx6vHt9MnRT6GmYzsv2Udz%2Fy0GeVUfoBfWPB8ST0EClirRTuCWDi8GfzpT"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 7a26d9790b8ab527-OSL
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2

news247.money/weight-loss-industry-outrage/time.min.js

188.114.96.1

200 OK

2.5 kB

URL HTTP/2
news247.money/weight-loss-industry-outrage/time.min.js
IP
188.114.96.1:0
ASN
#13335 CLOUDFLARENET

File type
ASCII text, with very long lines (6445), with CRLF line terminators
Size
2.5 kB (2507 bytes)
Hash
3492a4a80e4356927e8d854c59cf5ad0
caa8d6b104e5972a8ab05d93dfc20139f64c763e
c176c9bb859ab29b68511107369879c668d82bb0fad0385eccce7f3a79b6f50c

Detections

Analyzer	Verdict	Alert
fortinet	Phishing

HTTP Headers

GET /weight-loss-industry-outrage/time.min.js HTTP/1.1
Host: news247.money
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
date: Sat, 04 Mar 2023 02:57:02 GMT
content-type: application/javascript
last-modified: Thu, 09 Feb 2023 14:02:16 GMT
cache-control: max-age=14400
cf-cache-status: MISS
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=G62zV1vzaJ0D6eJ%2FpYdmZe6Yi1%2B2bfvJTnbPnYoJOVVUVx9spwqJPTFpa3GW7g2LnSsqO3fw2RMCZajfy8B9fyZ2L5fxU4bqcW1WWrg5I8pzX5dfdyLF9ATtgEC4z%2FT9"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 7a26d9790b96b527-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2

fonts.cdnfonts.com/s/14884/OpenSans-Bold.woff

104.26.15.62

200 OK

104 kB

URL HTTP/2
fonts.cdnfonts.com/s/14884/OpenSans-Bold.woff
IP
104.26.15.62:0
ASN
#13335 CLOUDFLARENET

File type
Web Open Font Format, TrueType, length 103620, version 0.0\012- data
Size
104 kB (103620 bytes)
Hash
87af7cb84fd76ccadb833df27b850a9c
c18afad064df818600d992e263e3024a05d277ea
b403b238239ce86bd88b89afe93f832d06148811e047364ec574f324348dddfa

HTTP Headers

GET /s/14884/OpenSans-Bold.woff HTTP/1.1
Host: fonts.cdnfonts.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://news247.money
Connection: keep-alive
Referer: https://news247.money/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
date: Sat, 04 Mar 2023 02:57:03 GMT
content-type: font/woff
content-length: 103620
last-modified: Sat, 05 Feb 2022 02:00:37 GMT
etag: "194c4-5d73bbbd1c785"
cache-control: max-age=2678400
cf-cache-status: HIT
age: 122710
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=fuSrJwpZy7CsHoe2kWmov3jsyBExptzhzEHzybqy8oxSwSiXq2p%2B2w6CwN6Hz8sM9Q8EUMsCm25ZpGrTcH%2BK6eEzQRVrki4WpzwwiNseQ4VfhSswllkDmdopPRJej76LTS%2BukQ%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
access-control-allow-origin: *
server: cloudflare
cf-ray: 7a26d97ae9650afe-OSL
X-Firefox-Spdy: h2

fonts.cdnfonts.com/s/14884/OpenSans-Regular.woff

104.26.15.62

200 OK

101 kB

URL HTTP/2
fonts.cdnfonts.com/s/14884/OpenSans-Regular.woff
IP
104.26.15.62:0
ASN
#13335 CLOUDFLARENET

File type
Web Open Font Format, TrueType, length 100956, version 0.0\012- data
Size
101 kB (100956 bytes)
Hash
35419e354261638f1c8ca2f3ec069c90
085e0a26d7f14014a866db8935f905a3935a4fd3
ae9e167879e193e0177f60b02f9050d631510d6054456019b95262eb466f3ca6

HTTP Headers

GET /s/14884/OpenSans-Regular.woff HTTP/1.1
Host: fonts.cdnfonts.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://news247.money
Connection: keep-alive
Referer: https://news247.money/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
date: Sat, 04 Mar 2023 02:57:03 GMT
content-type: font/woff
content-length: 100956
last-modified: Sat, 05 Feb 2022 02:00:37 GMT
etag: "18a5c-5d73bbbd1d33d"
cache-control: max-age=2678400
cf-cache-status: HIT
age: 122710
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=7%2FWNWn7%2BolarNWNk2d4TYmAG4ze0m5VFkIYjSOta6HSzCfW2S76j6pu6M8y3Lp7huZjiZEPT8xuyAhePT6pD7ptdGKUEy3iB9oQ59m9n80CJJpHMXVt8%2F%2FPAXbn%2BAq0yHUBbtw%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
access-control-allow-origin: *
server: cloudflare
cf-ray: 7a26d97ae9660afe-OSL
X-Firefox-Spdy: h2

fonts.cdnfonts.com/s/14884/OpenSans-BoldItalic.woff

104.26.15.62

200 OK

99 kB

URL HTTP/2
fonts.cdnfonts.com/s/14884/OpenSans-BoldItalic.woff
IP
104.26.15.62:0
ASN
#13335 CLOUDFLARENET

File type
Web Open Font Format, TrueType, length 98576, version 0.0\012- data
Size
99 kB (98576 bytes)
Hash
48d2f6de6d6b72fd99bd3b2f2171bbac
4e55e5c44bb076e16d01a5ce9eb953f59bfcf9fc
d841310ed521ace44cc616946a4b67c8f11583243fec2e63e6c6eafbd74deab9

HTTP Headers

GET /s/14884/OpenSans-BoldItalic.woff HTTP/1.1
Host: fonts.cdnfonts.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://news247.money
Connection: keep-alive
Referer: https://news247.money/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers

HTTP/2 200 OK
date: Sat, 04 Mar 2023 02:57:03 GMT
content-type: font/woff
content-length: 98576
last-modified: Sat, 05 Feb 2022 02:00:37 GMT
etag: "18110-5d73bbbd1c785"
cache-control: max-age=2678400
cf-cache-status: HIT
age: 122710
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=cXcVG2lI9Ehlmb3oHy5kQ%2FthAg5h%2Fc1ojzwpf6wam1ShLZ6gFKuhG2Lg6k7x7%2Fe86vP39MLO0KKqxRdhrQLtFXnY3feJ8h72LoDIMWPADq0VwH6JzSc2fOy6jX3UqVC4p67G1w%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
access-control-allow-origin: *
server: cloudflare
cf-ray: 7a26d97ae9670afe-OSL
X-Firefox-Spdy: h2

fonts.cdnfonts.com/s/14884/OpenSans-Italic.woff

104.26.15.62

200 OK

99 kB

URL HTTP/2
fonts.cdnfonts.com/s/14884/OpenSans-Italic.woff
IP
104.26.15.62:0
ASN
#13335 CLOUDFLARENET

File type
Web Open Font Format, TrueType, length 98724, version 0.0\012- data
Size
99 kB (98724 bytes)
Hash
59baab6d64b9b7fae4d1814ce9ba143e
0a922afe9862567a53ef79de579a8a972a8878f6
3ac5891278f8422d4d35a560294597099e43e6f67956dc42f0e6889f619a847d

HTTP Headers

GET /s/14884/OpenSans-Italic.woff HTTP/1.1
Host: fonts.cdnfonts.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://news247.money
Connection: keep-alive
Referer: https://news247.money/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers

HTTP/2 200 OK
date: Sat, 04 Mar 2023 02:57:03 GMT
content-type: font/woff
content-length: 98724
last-modified: Sat, 05 Feb 2022 02:00:37 GMT
etag: "181a4-5d73bbbd1cb6d"
cache-control: max-age=2678400
cf-cache-status: HIT
age: 122710
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=EjyzXl5ET%2B5DqXfuT97uNIZ0sCE18VnD8MB9VRvazydqRHflvqbi4bNJr4aCgIJI08ll%2FmMvOwGB2gscCgt9PgOk1UeZ3Egl%2BxbrhcL1a73DbLpaWciI3EY6S2oNttCyZ%2BbJgA%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
access-control-allow-origin: *
server: cloudflare
cf-ray: 7a26d97ae96a0afe-OSL
X-Firefox-Spdy: h2

push.services.mozilla.com/

54.148.213.75

101 Switching Protocols

0 B

URL HTTP/1.1
push.services.mozilla.com/
IP
54.148.213.75:0
ASN
#16509 AMAZON-02

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

HTTP Headers

GET / HTTP/1.1
Host: push.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Sec-WebSocket-Version: 13
Origin: wss://push.services.mozilla.com/
Sec-WebSocket-Protocol: push-notification
Sec-WebSocket-Extensions: permessage-deflate
Sec-WebSocket-Key: ErERO4iI5Y4mD6rFMCUCvA==
Connection: keep-alive, Upgrade
Sec-Fetch-Dest: websocket
Sec-Fetch-Mode: websocket
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
Upgrade: websocket

HTTP/1.1 101 Switching Protocols
Connection: Upgrade
Upgrade: websocket
Sec-WebSocket-Accept: xrIrti+GlMyrZqhSrgFBTxomfJc=

go.signupnow.eu/d/.js?lpref=&lpurl=https%3A%2F%2Fnews247.money%2Fweight-loss-industry-outrage%2F%3Fclick2%3Dwvrvl9jkk18bri1niunh56cm%26lp%3DBioScience%2520Keto%2520Gummies%26cep%3DQJAnJpAnlt14QGMG6QSZZo-IMoiMh5psxcEHp6fsH4kJGkDfJVqdtU87x2Af_jR4ZmKoM14F4sY1fuQtGuF2heelf52IY0RNIqJrfHTzej9mBd528GXHBg7QVFNnuyusnNwql_Kuiwry22UqfRRJOLCyS5qwd6ZyguNRa6TFpZHr5uqRFVMBptePV8O27V4FRryxIvGfR3vESYSrW8FNAo4TYwBPaJXCHEX2OySwKSFFL4vaeaWXS8XFO8G_HOdNfSQ-RaashfnQiymFP-bMsLO0T-zyIdGs4YMKcjEbBBaR5pSUGlGxxagb2I5thUFNaFrIwHlEQDSyLwzu__IjGYQpQQT4kkE8b6c3OfZqaRs%26lptoken%3D167f776490e0049522e9&lpt=Weight%20Loss%20Capsules&vtm=1677898622153

18.208.62.125

200 OK

2.9 kB

URL HTTP/2
go.signupnow.eu/d/.js?lpref=&lpurl=https%3A%2F%2Fnews247.money%2Fweight-loss-industry-outrage%2F%3Fclick2%3Dwvrvl9jkk18bri1niunh56cm%26lp%3DBioScience%2520Keto%2520Gummies%26cep%3DQJAnJpAnlt14QGMG6QSZZo-IMoiMh5psxcEHp6fsH4kJGkDfJVqdtU87x2Af_jR4ZmKoM14F4sY1fuQtGuF2heelf52IY0RNIqJrfHTzej9mBd528GXHBg7QVFNnuyusnNwql_Kuiwry22UqfRRJOLCyS5qwd6ZyguNRa6TFpZHr5uqRFVMBptePV8O27V4FRryxIvGfR3vESYSrW8FNAo4TYwBPaJXCHEX2OySwKSFFL4vaeaWXS8XFO8G_HOdNfSQ-RaashfnQiymFP-bMsLO0T-zyIdGs4YMKcjEbBBaR5pSUGlGxxagb2I5thUFNaFrIwHlEQDSyLwzu__IjGYQpQQT4kkE8b6c3OfZqaRs%26lptoken%3D167f776490e0049522e9&lpt=Weight%20Loss%20Capsules&vtm=1677898622153
IP
18.208.62.125:0
ASN
#14618 AMAZON-AES

File type
ASCII text, with very long lines (903)
Size
2.9 kB (2931 bytes)
Hash
0ab7478d634d4a0a64e58baa1a5320fd
cd5857d1257935f924eeb6c5d3c7900dd31fdb07
cb932069e6a0bf033dba9b77ad1a0c42803bde65b0d031877c5855c3fd9b3e37

HTTP Headers

GET /d/.js?lpref=&lpurl=https%3A%2F%2Fnews247.money%2Fweight-loss-industry-outrage%2F%3Fclick2%3Dwvrvl9jkk18bri1niunh56cm%26lp%3DBioScience%2520Keto%2520Gummies%26cep%3DQJAnJpAnlt14QGMG6QSZZo-IMoiMh5psxcEHp6fsH4kJGkDfJVqdtU87x2Af_jR4ZmKoM14F4sY1fuQtGuF2heelf52IY0RNIqJrfHTzej9mBd528GXHBg7QVFNnuyusnNwql_Kuiwry22UqfRRJOLCyS5qwd6ZyguNRa6TFpZHr5uqRFVMBptePV8O27V4FRryxIvGfR3vESYSrW8FNAo4TYwBPaJXCHEX2OySwKSFFL4vaeaWXS8XFO8G_HOdNfSQ-RaashfnQiymFP-bMsLO0T-zyIdGs4YMKcjEbBBaR5pSUGlGxxagb2I5thUFNaFrIwHlEQDSyLwzu__IjGYQpQQT4kkE8b6c3OfZqaRs%26lptoken%3D167f776490e0049522e9&lpt=Weight%20Loss%20Capsules&vtm=1677898622153 HTTP/1.1
Host: go.signupnow.eu
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
server: nginx
date: Sat, 04 Mar 2023 02:57:03 GMT
content-type: application/javascript;charset=UTF-8
content-length: 2931
access-control-allow-origin: *
cache-control: no-store, no-cache, pre-check=0, post-check=0
expires: Thu, 01 Jan 1970 00:00:00 GMT
pragma: no-cache
X-Firefox-Spdy: h2

r3.o.lencr.org/

23.36.76.226

200 OK

503 B

URL HTTP/1.1
r3.o.lencr.org/
IP
23.36.76.226:0
ASN
#20940 Akamai International B.V.

File type
data
Size
503 B (503 bytes)
Hash
0880782ffbede81650c9d4a97c298bdf
0e35c0d6cba0bef0b9eeb039ebc9104b39b24e2e
77e1a8623eeadfa78646a661f4541b47b8f0a4ac6ad73825ce3a43fc57c21cd1

HTTP Headers

POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "77E1A8623EEADFA78646A661F4541B47B8F0A4AC6AD73825CE3A43FC57C21CD1"
Last-Modified: Thu, 02 Mar 2023 19:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=9709
Expires: Sat, 04 Mar 2023 05:38:53 GMT
Date: Sat, 04 Mar 2023 02:57:04 GMT
Connection: keep-alive

r3.o.lencr.org/

23.36.76.226

200 OK

503 B

URL HTTP/1.1
r3.o.lencr.org/
IP
23.36.76.226:0
ASN
#20940 Akamai International B.V.

File type
data
Size
503 B (503 bytes)
Hash
0880782ffbede81650c9d4a97c298bdf
0e35c0d6cba0bef0b9eeb039ebc9104b39b24e2e
77e1a8623eeadfa78646a661f4541b47b8f0a4ac6ad73825ce3a43fc57c21cd1

HTTP Headers

POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "77E1A8623EEADFA78646A661F4541B47B8F0A4AC6AD73825CE3A43FC57C21CD1"
Last-Modified: Thu, 02 Mar 2023 19:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=9709
Expires: Sat, 04 Mar 2023 05:38:53 GMT
Date: Sat, 04 Mar 2023 02:57:04 GMT
Connection: keep-alive

r3.o.lencr.org/

23.36.76.226

200 OK

503 B

URL HTTP/1.1
r3.o.lencr.org/
IP
23.36.76.226:0
ASN
#20940 Akamai International B.V.

File type
data
Size
503 B (503 bytes)
Hash
0880782ffbede81650c9d4a97c298bdf
0e35c0d6cba0bef0b9eeb039ebc9104b39b24e2e
77e1a8623eeadfa78646a661f4541b47b8f0a4ac6ad73825ce3a43fc57c21cd1

HTTP Headers

POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "77E1A8623EEADFA78646A661F4541B47B8F0A4AC6AD73825CE3A43FC57C21CD1"
Last-Modified: Thu, 02 Mar 2023 19:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=9709
Expires: Sat, 04 Mar 2023 05:38:53 GMT
Date: Sat, 04 Mar 2023 02:57:04 GMT
Connection: keep-alive

img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F6c614a11-aa51-4b35-a804-e9d6c0ef4769.jpeg

34.120.237.76

200 OK

6.0 kB

URL HTTP/2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F6c614a11-aa51-4b35-a804-e9d6c0ef4769.jpeg
IP
34.120.237.76:0
ASN
#15169 GOOGLE

File type
JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Size
6.0 kB (6040 bytes)
Hash
fd7e7448fcf5125b57131079d6c16fa8
6c1cd187631a8adb3524e2e8f510198dfbd5ed65
02e4189cb4d2ebce91f64af64efc8c2498bf36c66c45d5c8ed7e852085c5b38a

HTTP Headers

GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F6c614a11-aa51-4b35-a804-e9d6c0ef4769.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
server: nginx
content-length: 6040
x-amzn-requestid: a45f86b1-38ea-47b9-8177-e5c6317d4245
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: BOUozGE2oAMFVAw=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-640267d1-476a2a7d0885886a54fe8287;Sampled=0
x-amzn-remapped-date: Fri, 03 Mar 2023 21:34:09 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C3
x-cache: Hit from cloudfront
x-amz-cf-id: DgoVTkpkaUCbS1rMN3wrpHHNebW44b0EDWlpT_ilKqJ4eeRXLgxfzg==
via: 1.1 2dc111aa3ead15d061e41a423155a53a.cloudfront.net (CloudFront), 1.1 c5c7edc18be1805f007e0576da02e554.cloudfront.net (CloudFront), 1.1 google
date: Fri, 03 Mar 2023 22:10:51 GMT
age: 17173
etag: "6c1cd187631a8adb3524e2e8f510198dfbd5ed65"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2

news247.money/weight-loss-industry-outrage/files/SsDiet_style.css

188.114.96.1

200 OK

9.4 kB

URL HTTP/2
news247.money/weight-loss-industry-outrage/files/SsDiet_style.css
IP
188.114.96.1:0
ASN
#13335 CLOUDFLARENET

File type
ASCII text, with very long lines (508), with no line terminators
Size
9.4 kB (9377 bytes)
Hash
4c1cf62e367dc88ff3b6f5f7a16c4b84
33384e0dcf1cdf9230a51e0a6da6ac1caba83753
8c10074431fddeb92993c5027ba7991ee233058311a90522286de6ed85a6830b

HTTP Headers

GET /weight-loss-industry-outrage/files/SsDiet_style.css HTTP/1.1
Host: news247.money
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://news247.money/weight-loss-industry-outrage/?click2=wvrvl9jkk18bri1niunh56cm&lp=BioScience%20Keto%20Gummies&cep=QJAnJpAnlt14QGMG6QSZZo-IMoiMh5psxcEHp6fsH4kJGkDfJVqdtU87x2Af_jR4ZmKoM14F4sY1fuQtGuF2heelf52IY0RNIqJrfHTzej9mBd528GXHBg7QVFNnuyusnNwql_Kuiwry22UqfRRJOLCyS5qwd6ZyguNRa6TFpZHr5uqRFVMBptePV8O27V4FRryxIvGfR3vESYSrW8FNAo4TYwBPaJXCHEX2OySwKSFFL4vaeaWXS8XFO8G_HOdNfSQ-RaashfnQiymFP-bMsLO0T-zyIdGs4YMKcjEbBBaR5pSUGlGxxagb2I5thUFNaFrIwHlEQDSyLwzu__IjGYQpQQT4kkE8b6c3OfZqaRs&lptoken=167f776490e0049522e9
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
date: Sat, 04 Mar 2023 02:57:02 GMT
content-type: text/css
last-modified: Fri, 10 Feb 2023 09:57:22 GMT
cache-control: max-age=14400
cf-cache-status: REVALIDATED
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=SaU%2B5hxzkGLcba8lA2JOxIfXdm5rDxxxw3gyAvkP%2BBv7%2F9%2BjwShat1ENSYMkPQPWb1dBzrxG20sNvj%2FHkaJpjcKLk2G%2BPDMcecRWKNclMfBWnGCU33ZA6ICbfUXqkW77"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 7a26d978fb7bb527-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2

34.120.237.76

200 OK

3.4 kB

URL HTTP/2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fb0c3b178-ee57-465b-aa8c-fb6f93e35cab.jpeg
IP
34.120.237.76:0
ASN
#15169 GOOGLE

File type
JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Size
3.4 kB (3381 bytes)
Hash
4726917eabc29a977873ad26e264e70d
4619a0418ee08d6618ead537f31823c98f355b5a
d3c6b43d46ccff30f0003a063b6c4c78d4a782262bfdeb138e6c015555ce2dcb

HTTP Headers

GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fb0c3b178-ee57-465b-aa8c-fb6f93e35cab.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
server: nginx
content-length: 3381
x-amzn-requestid: 8b89e7ab-b8b3-45cd-af3a-cc419e61f1fc
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: A-PNPFynoAMFn8Q=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63fbf8ba-616bedc230d1c2b13a09beae;Sampled=0
x-amzn-remapped-date: Mon, 27 Feb 2023 00:26:34 GMT
x-amz-cf-pop: SEA19-C3
x-cache: Hit from cloudfront
x-amz-cf-id: 7f5O-v2e1_OXVVveu0_kNtjOTnUAC5shUmd4JejtlrnliJsxeitcYA==
via: 1.1 7f5e0d3b9ea85d0d75063a66c0ebc840.cloudfront.net (CloudFront), 1.1 de2dd11312f7d5ad3bcd0cb112c7fd0e.cloudfront.net (CloudFront), 1.1 google
date: Fri, 03 Mar 2023 07:15:41 GMT
age: 70883
etag: "4619a0418ee08d6618ead537f31823c98f355b5a"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2

34.120.237.76

200 OK

10 kB

URL HTTP/2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F1e181e09-de35-441a-aad9-90912356bfad.jpeg
IP
34.120.237.76:0
ASN
#15169 GOOGLE

File type
JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Size
10 kB (10138 bytes)
Hash
c692ca994e5700f70037c164ace25af9
aabd343851ceda985f7019de96f8e8adc5b33064
1920aaf8bce93658801862dd1d1b85febca3e5b0c9454f39201abe4a79549b02

HTTP Headers

GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F1e181e09-de35-441a-aad9-90912356bfad.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
server: nginx
content-length: 10138
x-amzn-requestid: 3f507c9a-577a-40f9-b444-5c7c913e6e85
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: BOUnoGxGIAMF7Eg=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-640267ca-7ebdddfa2f5521603c83842d;Sampled=0
x-amzn-remapped-date: Fri, 03 Mar 2023 21:34:02 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C3
x-cache: Miss from cloudfront
x-amz-cf-id: kohnEQoofA0r4p9auAgkovirIPryYIIZcZ-QKiqcesERWOYwNI1RRg==
via: 1.1 446313511980eb02f28ff5a9a4147c0a.cloudfront.net (CloudFront), 1.1 abbf2df97f9d83839470842dc2e68cb6.cloudfront.net (CloudFront), 1.1 google
date: Fri, 03 Mar 2023 21:48:49 GMT
etag: "aabd343851ceda985f7019de96f8e8adc5b33064"
content-type: image/jpeg
age: 18495
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2

34.120.237.76

200 OK

11 kB

URL HTTP/2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fc99f7454-0a8e-4bcc-83e6-1506548d06e6.jpeg
IP
34.120.237.76:0
ASN
#15169 GOOGLE

File type
JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Size
11 kB (10651 bytes)
Hash
27bb884f50c130a25a016f4d7ef01e99
5d940953ca09a4d5ff79d50ea533693eea4ca46f
506baf72c9b0e1f3d340b7fe3e7056b58558a2f02fc163655397a079585da1df

HTTP Headers

GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fc99f7454-0a8e-4bcc-83e6-1506548d06e6.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
server: nginx
content-length: 10651
x-amzn-requestid: bfe030e4-532d-4711-a87b-9db82f0e5778
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: BOUpmHqIIAMF1lQ=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-640267d6-563691e26bb808ac468377db;Sampled=0
x-amzn-remapped-date: Fri, 03 Mar 2023 21:34:14 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C3
x-cache: Miss from cloudfront
x-amz-cf-id: huAkKNDYY78QZ9WYqk52aABKdvMu-EpQ5o0rrNqTxh0z1n551zkZVA==
via: 1.1 446313511980eb02f28ff5a9a4147c0a.cloudfront.net (CloudFront), 1.1 f3ac324bf05099849ebda59e8136db0e.cloudfront.net (CloudFront), 1.1 google
date: Fri, 03 Mar 2023 21:54:39 GMT
etag: "5d940953ca09a4d5ff79d50ea533693eea4ca46f"
content-type: image/jpeg
age: 18145
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2

34.120.237.76

200 OK

7.8 kB

URL HTTP/2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Ffa5e06fd-9d0e-41ee-8678-21dea6944665.jpeg
IP
34.120.237.76:0
ASN
#15169 GOOGLE

File type
JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Size
7.8 kB (7800 bytes)
Hash
60b7f43334c20780a2078a3b260ef4f2
3dd3708456dcd4ccee428a138914a3778eb70916
504d47af2f5f6cf35abf189aed6fa03aacfaac6123550766928337c8f1e52be7

HTTP Headers

GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Ffa5e06fd-9d0e-41ee-8678-21dea6944665.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
server: nginx
content-length: 7800
x-amzn-requestid: 681a2aa5-9c6f-490c-b242-1753c36fdc64
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: BOUnpFgioAMFyKg=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-640267ca-62e802682b78f9b45dda8d02;Sampled=0
x-amzn-remapped-date: Fri, 03 Mar 2023 21:34:02 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C3
x-cache: Hit from cloudfront
x-amz-cf-id: 5XlAb6FGmPmAfR_OFr0dR_85TQNxhpxttObxFQr2ZolxUHWGpdCrpQ==
via: 1.1 01c28b52813cd0e82f810c492808b142.cloudfront.net (CloudFront), 1.1 82c2ab57bc9900898383f6b70681b9e6.cloudfront.net (CloudFront), 1.1 google
date: Fri, 03 Mar 2023 21:44:58 GMT
age: 18726
etag: "3dd3708456dcd4ccee428a138914a3778eb70916"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2

news247.money/weight-loss-industry-outrage/files/jquery.slim.min.js.download

188.114.96.1

200 OK

0 B

URL HTTP/2
news247.money/weight-loss-industry-outrage/files/jquery.slim.min.js.download
IP
188.114.96.1:0
ASN
#13335 CLOUDFLARENET

File type

Size
0 B (0 bytes)
Hash

Detections

Analyzer	Verdict	Alert
fortinet	Phishing

HTTP Headers

GET /weight-loss-industry-outrage/files/jquery.slim.min.js.download HTTP/1.1
Host: news247.money
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
date: Sat, 04 Mar 2023 02:57:02 GMT
content-type: application/javascript
last-modified: Fri, 10 Feb 2023 09:57:20 GMT
cf-cache-status: DYNAMIC
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=4S5RaqrnsSL%2F44O4xr%2Fy05SvY7EAD%2BUoNjGwntEk2HcwwL%2F2TakWknfi9KRKrcJ2F2nDkcf1FHrqU2w5mx9ekbcW%2BCWSaIFYBAQuvZDwQjbtIjTdyvU7ApLRl%2BdwGkz3"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 7a26d978fb83b527-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2

news247.money/weight-loss-industry-outrage/files/opensans.css

188.114.96.1

200 OK

0 B

URL HTTP/2
news247.money/weight-loss-industry-outrage/files/opensans.css
IP
188.114.96.1:0
ASN
#13335 CLOUDFLARENET

File type

Size
0 B (0 bytes)
Hash

HTTP Headers

GET /weight-loss-industry-outrage/files/opensans.css HTTP/1.1
Host: news247.money
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://news247.money/weight-loss-industry-outrage/?click2=wvrvl9jkk18bri1niunh56cm&lp=BioScience%20Keto%20Gummies&cep=QJAnJpAnlt14QGMG6QSZZo-IMoiMh5psxcEHp6fsH4kJGkDfJVqdtU87x2Af_jR4ZmKoM14F4sY1fuQtGuF2heelf52IY0RNIqJrfHTzej9mBd528GXHBg7QVFNnuyusnNwql_Kuiwry22UqfRRJOLCyS5qwd6ZyguNRa6TFpZHr5uqRFVMBptePV8O27V4FRryxIvGfR3vESYSrW8FNAo4TYwBPaJXCHEX2OySwKSFFL4vaeaWXS8XFO8G_HOdNfSQ-RaashfnQiymFP-bMsLO0T-zyIdGs4YMKcjEbBBaR5pSUGlGxxagb2I5thUFNaFrIwHlEQDSyLwzu__IjGYQpQQT4kkE8b6c3OfZqaRs&lptoken=167f776490e0049522e9
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
date: Sat, 04 Mar 2023 02:57:02 GMT
content-type: text/css
last-modified: Fri, 10 Feb 2023 09:57:24 GMT
cache-control: max-age=14400
cf-cache-status: REVALIDATED
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=tgQu2MYxyfp03Wggwjtjb9Q77ZjRP5eLSMfEPfKq7wQHmS0LB95wmlR3za9G6MzRDl4fU4PKSc8yBmiEOfe%2BcVnlEA6l8YvEERgYnK5Rgfpoylpy9ejlxYrCvVYRVOJ0"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 7a26d978fb7cb527-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2

news247.money/weight-loss-industry-outrage/files/style.css

188.114.96.1

200 OK

0 B

URL HTTP/2
news247.money/weight-loss-industry-outrage/files/style.css
IP
188.114.96.1:0
ASN
#13335 CLOUDFLARENET

File type

Size
0 B (0 bytes)
Hash

HTTP Headers

GET /weight-loss-industry-outrage/files/style.css HTTP/1.1
Host: news247.money
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://news247.money/weight-loss-industry-outrage/?click2=wvrvl9jkk18bri1niunh56cm&lp=BioScience%20Keto%20Gummies&cep=QJAnJpAnlt14QGMG6QSZZo-IMoiMh5psxcEHp6fsH4kJGkDfJVqdtU87x2Af_jR4ZmKoM14F4sY1fuQtGuF2heelf52IY0RNIqJrfHTzej9mBd528GXHBg7QVFNnuyusnNwql_Kuiwry22UqfRRJOLCyS5qwd6ZyguNRa6TFpZHr5uqRFVMBptePV8O27V4FRryxIvGfR3vESYSrW8FNAo4TYwBPaJXCHEX2OySwKSFFL4vaeaWXS8XFO8G_HOdNfSQ-RaashfnQiymFP-bMsLO0T-zyIdGs4YMKcjEbBBaR5pSUGlGxxagb2I5thUFNaFrIwHlEQDSyLwzu__IjGYQpQQT4kkE8b6c3OfZqaRs&lptoken=167f776490e0049522e9
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
date: Sat, 04 Mar 2023 02:57:02 GMT
content-type: text/css
last-modified: Fri, 10 Feb 2023 09:57:24 GMT
cache-control: max-age=14400
cf-cache-status: REVALIDATED
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=NkIEaZUpBiBHogcmys7ZX93Cfy3jHykevOd2vq2rKZHBP47N0je8dv8Cvdve%2BpNdB8r8PWcc2xzzcA5MSNfRqJ2haMgHBPSOCmnhi49Vdmu0f0cldgKm4xmvlzMTik0O"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 7a26d978fb7db527-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2

news247.money/weight-loss-industry-outrage/files/SsDiet_main.js.download

188.114.96.1

200 OK

0 B

URL HTTP/2
news247.money/weight-loss-industry-outrage/files/SsDiet_main.js.download
IP
188.114.96.1:0
ASN
#13335 CLOUDFLARENET

File type

Size
0 B (0 bytes)
Hash

Detections

Analyzer	Verdict	Alert
fortinet	Phishing

HTTP Headers

GET /weight-loss-industry-outrage/files/SsDiet_main.js.download HTTP/1.1
Host: news247.money
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://news247.money/weight-loss-industry-outrage/?click2=wvrvl9jkk18bri1niunh56cm&lp=BioScience%20Keto%20Gummies&cep=QJAnJpAnlt14QGMG6QSZZo-IMoiMh5psxcEHp6fsH4kJGkDfJVqdtU87x2Af_jR4ZmKoM14F4sY1fuQtGuF2heelf52IY0RNIqJrfHTzej9mBd528GXHBg7QVFNnuyusnNwql_Kuiwry22UqfRRJOLCyS5qwd6ZyguNRa6TFpZHr5uqRFVMBptePV8O27V4FRryxIvGfR3vESYSrW8FNAo4TYwBPaJXCHEX2OySwKSFFL4vaeaWXS8XFO8G_HOdNfSQ-RaashfnQiymFP-bMsLO0T-zyIdGs4YMKcjEbBBaR5pSUGlGxxagb2I5thUFNaFrIwHlEQDSyLwzu__IjGYQpQQT4kkE8b6c3OfZqaRs&lptoken=167f776490e0049522e9
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
date: Sat, 04 Mar 2023 02:57:02 GMT
content-type: application/javascript
last-modified: Fri, 10 Feb 2023 09:57:22 GMT
cf-cache-status: DYNAMIC
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=MQxWNwhwqF%2BrPoRouG%2FSfabC73q6Wy%2FrkCmZ65T3GyYH76mMJGh2wJRUUwAzqJfhY%2BPzqIEztENUiEt6n0owYBMK%2F5j6R%2FMkFzrEEReRlOcLzcrL3d98ari7i5zQw2ra"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 7a26d978fb80b527-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2

Report Overview

Submitted URL

IP

ASN

Submitted

Access

Website Title

Final URL

Tags

urlquery detections

Detections

urlquery

Network Intrusion Detection

Threat Detection Systems

Domain Summary

Related reports

Network Intrusion Detection Systems

Suricata /w Emerging Threats Pro

Threat Detection Systems

OpenPhish

PhishTank

Fortinet's Web Filter

mnemonic secure dns

Quad9 DNS

ThreatFox

JavaScript (11)

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML