r3.o.lencr.org/
23.36.77.32200 OK 503 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash 1456357aecbd23f21ad98da57e0127eb
7074815b39fa8da9013883971d665e4c1b0797ea
f3eba265ee64870b2f822f1511b36c747d763c382557789cdad8be1d3b52d1f5
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "F3EBA265EE64870B2F822F1511B36C747D763C382557789CDAD8BE1D3B52D1F5"
Last-Modified: Mon, 21 Nov 2022 21:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=2422
Expires: Thu, 24 Nov 2022 01:05:07 GMT
Date: Thu, 24 Nov 2022 00:24:45 GMT
Connection: keep-alive
ocsp.digicert.com/
93.184.220.29200 OK 471 B IP 93.184.220.29:0
Hash 770d09773b5f304acf141fd66a4862b4
5ddc46ab75de26c858a9a6f6d1beaaec9bb181f5
c7bcc6928fa1c0bb225ce8a2f6badd6cb1bd6ea002fb808ed34e8dafbd7b3b26
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 6484
Cache-Control: max-age=129275
Content-Type: application/ocsp-response
Date: Thu, 24 Nov 2022 00:24:45 GMT
Etag: "637df674-1d7"
Expires: Fri, 25 Nov 2022 12:19:20 GMT
Last-Modified: Wed, 23 Nov 2022 10:31:16 GMT
Server: ECS (ska/F6FE)
X-Cache: HIT
Content-Length: 471
r3.o.lencr.org/
23.36.77.32200 OK 503 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash 8a6c553d89cb6fd1de4787fee2a0e0dc
b974e022ea8675c0a09f58864cc99df05b5b1241
a62ecedcb0953814f982237818a3d902fdca501f82b675629d28b5d476e0fbfa
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "A62ECEDCB0953814F982237818A3D902FDCA501F82B675629D28B5D476E0FBFA"
Last-Modified: Mon, 21 Nov 2022 09:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=4066
Expires: Thu, 24 Nov 2022 01:32:31 GMT
Date: Thu, 24 Nov 2022 00:24:45 GMT
Connection: keep-alive
firefox.settings.services.mozilla.com/v1/
34.102.187.140200 OK 939 B URL HTTP/2 firefox.settings.services.mozilla.com/v1/
IP 34.102.187.140:0
File type JSON data\012- , ASCII text, with very long lines (939), with no line terminators
Hash 4d7e4eed097b9c4e5d509419f1cfc85a
290bb3d428a7c6330e2e3d73a952b16f820896c8
0dc9ca0f57af15adcd416035e92794711434e3d53a1feff21d8481d6d500986c
GET /v1/ HTTP/1.1
Host: firefox.settings.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
access-control-allow-origin: *
access-control-expose-headers: Content-Type, Content-Length, Alert, Backoff, Retry-After
content-security-policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
content-length: 939
via: 1.1 google
date: Thu, 24 Nov 2022 00:18:52 GMT
cache-control: public,max-age=3600
content-type: application/json
age: 353
alt-svc: clear
X-Firefox-Spdy: h2
content-signature-2.cdn.mozilla.net/chains/remote-settings.content-signature.mozilla.org-2022-12-30-09-21-26.chain
34.160.144.191200 OK 5.3 kB URL HTTP/2 content-signature-2.cdn.mozilla.net/chains/remote-settings.content-signature.mozilla.org-2022-12-30-09-21-26.chain
IP 34.160.144.191:0
File type PEM certificate\012- , ASCII text
Hash 9ebddc2b260d081ebbefee47c037cb28
492bad62a7ca6a74738921ef5ae6f0be5edebf39
74bbb7cba16f7d084a08a0907d47d7496e5c148f904707ec6950f8f6a61027e5
GET /chains/remote-settings.content-signature.mozilla.org-2022-12-30-09-21-26.chain HTTP/1.1
Host: content-signature-2.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
x-amz-id-2: MCZ8AVb24aJribwJ3uTs5iefdG1QsYW8aqpsmSq7v6lsK72hbygJbRMAPd7Ctw/c6FbGuolxzN0=
x-amz-request-id: S8KQ7A76HSJB5FQ3
content-disposition: attachment
accept-ranges: bytes
server: AmazonS3
content-length: 5348
via: 1.1 google
date: Wed, 23 Nov 2022 23:40:11 GMT
age: 2674
last-modified: Thu, 10 Nov 2022 09:21:27 GMT
etag: "9ebddc2b260d081ebbefee47c037cb28"
content-type: binary/octet-stream
cache-control: public,max-age=3600
alt-svc: clear
X-Firefox-Spdy: h2
contile.services.mozilla.com/v1/tiles
34.117.237.239200 OK 12 B URL HTTP/2 contile.services.mozilla.com/v1/tiles
IP 34.117.237.239:0
File type JSON data\012- , ASCII text, with no line terminators
Hash 23e88fb7b99543fb33315b29b1fad9d6
a48926c4ec03c7c8a4e8dffcd31e5a6cdda417ce
7d8f1de8b7de7bc21dfb546a1d0c51bf31f16eee5fad49dbceae1e76da38e5c3
GET /v1/tiles HTTP/1.1
Host: contile.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
date: Thu, 24 Nov 2022 00:24:45 GMT
content-type: application/json
content-length: 12
strict-transport-security: max-age=31536000
via: 1.1 google
alt-svc: clear
X-Firefox-Spdy: h2
fonts.googleapis.com/css?family=Lato%3A400%2C400i%2C700%2C700i%7CRoboto+Condensed%3A400%2C700%7CVolkhov%3A400%2C400i&ver=2.2
142.250.74.10200 OK 819 B URL HTTP/1.1 fonts.googleapis.com/css?family=Lato%3A400%2C400i%2C700%2C700i%7CRoboto+Condensed%3A400%2C700%7CVolkhov%3A400%2C400i&ver=2.2
IP 142.250.74.10:0
Hash 20307535060d7acb90719ed28ed1cb77
9a57a016c4ea00c2eab9455d6a58b6423043cbe0
73e4dfaf0ab6f3d69a7b7a9aac60c396a856529d6e43f14dd5037e90bf900b81
GET /css?family=Lato%3A400%2C400i%2C700%2C700i%7CRoboto+Condensed%3A400%2C700%7CVolkhov%3A400%2C400i&ver=2.2 HTTP/1.1
Host: fonts.googleapis.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://bearmaxltd.com/
HTTP/1.1 200 OK
Content-Type: text/css; charset=utf-8
Access-Control-Allow-Origin: *
Timing-Allow-Origin: *
Link: <http://fonts.gstatic.com>; rel=preconnect; crossorigin
Expires: Thu, 24 Nov 2022 00:24:45 GMT
Date: Thu, 24 Nov 2022 00:24:45 GMT
Cache-Control: private, max-age=86400
Cross-Origin-Opener-Policy: same-origin-allow-popups
Cross-Origin-Resource-Policy: cross-origin
Content-Encoding: gzip
Transfer-Encoding: chunked
Server: ESF
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
X-Content-Type-Options: nosniff
firefox.settings.services.mozilla.com/v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US
34.102.187.140200 OK 329 B URL HTTP/2 firefox.settings.services.mozilla.com/v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US
IP 34.102.187.140:0
File type JSON data\012- , ASCII text, with very long lines (329), with no line terminators
Hash 0333b0655111aa68de771adfcc4db243
63f295a144ac87a7c8e23417626724eeca68a7eb
60636eb1dc67c9ed000fe0b49f03777ad6f549cb1d2b9ff010cf198465ae6300
GET /v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US HTTP/1.1
Host: firefox.settings.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/json
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/json
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
access-control-allow-origin: *
access-control-expose-headers: Content-Type, Retry-After, Content-Length, Alert, Cache-Control, ETag, Pragma, Expires, Backoff, Last-Modified
content-security-policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
content-length: 329
via: 1.1 google
date: Thu, 24 Nov 2022 00:11:11 GMT
cache-control: public,max-age=3600
age: 814
last-modified: Fri, 25 Mar 2022 17:45:46 GMT
etag: "1648230346554"
content-type: application/json
alt-svc: clear
X-Firefox-Spdy: h2
bearmaxltd.com/
174.136.57.185200 OK 46 kB IP 174.136.57.185:0
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document text\012- exported SGML document, Unicode text, UTF-8 text, with very long lines (1746), with CRLF, LF line terminators
Hash 97ee76963b0b53d33e8318658bfcf310
edd40f27fd85b7611ea93f7700e75b8ab2f2702a
ee6e63d365401661f30a16969614c60a48eae9f77ec1c3397953d0f21799c467
Analyzer Verdict Alert fortinet Phishing
GET / HTTP/1.1
Host: bearmaxltd.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Upgrade-Insecure-Requests: 1
HTTP/1.1 200 OK
Date: Thu, 24 Nov 2022 00:24:45 GMT
Server: Apache
Upgrade: h2,h2c
Connection: Upgrade, Keep-Alive
Content-Length: 45617
Keep-Alive: timeout=5
Content-Type: text/html; charset=UTF-8
ocsp.digicert.com/
93.184.220.29200 OK 471 B IP 93.184.220.29:0
Hash eb52164d651f5f45416e873aec29eb04
405b29bb7e7cd4367cf82988f8603e53db65f139
ed885e05db822ff30fe951e10b6d4f21e574d053939afca792992a1549a15301
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 4800
Cache-Control: max-age=122528
Content-Type: application/ocsp-response
Date: Thu, 24 Nov 2022 00:24:45 GMT
Etag: "637de2ad-1d7"
Expires: Fri, 25 Nov 2022 10:26:53 GMT
Last-Modified: Wed, 23 Nov 2022 09:06:53 GMT
Server: ECS (ska/F6FE)
X-Cache: HIT
Content-Length: 471
bearmaxltd.com/wp-includes/css/dist/block-library/style.min.css?ver=5.0.18
174.136.57.185200 OK 26 kB URL HTTP/1.1 bearmaxltd.com/wp-includes/css/dist/block-library/style.min.css?ver=5.0.18
IP 174.136.57.185:0
File type ASCII text, with very long lines (25658), with no line terminators
Hash eb1a96949e0ea0d08033d3f941bf1f3e
8e8e16cd9105066fe8dc4f80ace8010d060f08f4
1698abe528bb1f8e76991814a09aacb0ec7247d421ed2e4ff8f00e3fb1275712
Analyzer Verdict Alert fortinet Phishing
GET /wp-includes/css/dist/block-library/style.min.css?ver=5.0.18 HTTP/1.1
Host: bearmaxltd.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://bearmaxltd.com/
HTTP/1.1 200 OK
Date: Thu, 24 Nov 2022 00:24:46 GMT
Server: Apache
Upgrade: h2,h2c
Connection: Upgrade, Keep-Alive
Last-Modified: Thu, 05 Sep 2019 07:36:42 GMT
ETag: "2d60b01-643a-591c961fd5680"
Accept-Ranges: bytes
Content-Length: 25658
Keep-Alive: timeout=5
Content-Type: text/css
bearmaxltd.com/wp-content/themes/Heylone/plugins/prettyphoto/css/prettyPhoto.css?ver=2.2
174.136.57.185200 OK 19 kB URL HTTP/1.1 bearmaxltd.com/wp-content/themes/Heylone/plugins/prettyphoto/css/prettyPhoto.css?ver=2.2
IP 174.136.57.185:0
File type ASCII text, with very long lines (402)
Hash 4e07913e453f49367442f0c31d7e5044
f33bcba7b17188c34c8db583ac828ca5596ad97a
a2d483308f75d3a234ee4c0fd95c26dacf526f92b8c7615f9c258a58b2e76106
GET /wp-content/themes/Heylone/plugins/prettyphoto/css/prettyPhoto.css?ver=2.2 HTTP/1.1
Host: bearmaxltd.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://bearmaxltd.com/
HTTP/1.1 200 OK
Date: Thu, 24 Nov 2022 00:24:46 GMT
Server: Apache
Last-Modified: Tue, 15 Nov 2022 18:28:14 GMT
ETag: "2d610b0-4900-5ed8684e84768"
Accept-Ranges: bytes
Content-Length: 18688
Keep-Alive: timeout=5
Connection: Keep-Alive
Content-Type: text/css
bearmaxltd.com/wp-content/themes/Heylone/css/font-awesome.min.css?ver=2.2
174.136.57.185200 OK 31 kB URL HTTP/1.1 bearmaxltd.com/wp-content/themes/Heylone/css/font-awesome.min.css?ver=2.2
IP 174.136.57.185:0
File type ASCII text, with very long lines (30834)
Hash 20583aad3315c2dbd1a936589161f61f
a4c60789f955d45e214aca473765c6a1644fd2ae
2ca093603863eb0e9face3a0747088c720bc3f5f80a4001502e6aa9fec39b12d
GET /wp-content/themes/Heylone/css/font-awesome.min.css?ver=2.2 HTTP/1.1
Host: bearmaxltd.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://bearmaxltd.com/
HTTP/1.1 200 OK
Date: Thu, 24 Nov 2022 00:24:46 GMT
Server: Apache
Upgrade: h2,h2c
Connection: Upgrade, Keep-Alive
Last-Modified: Tue, 15 Nov 2022 18:28:14 GMT
ETag: "2d610fb-7915-5ed8684e8acf8"
Accept-Ranges: bytes
Content-Length: 30997
Keep-Alive: timeout=5
Content-Type: text/css
bearmaxltd.com/wp-content/themes/Heylone/plugins/owl-carousel/css/owl.carousel.css?ver=2.2
174.136.57.185200 OK 5.9 kB URL HTTP/1.1 bearmaxltd.com/wp-content/themes/Heylone/plugins/owl-carousel/css/owl.carousel.css?ver=2.2
IP 174.136.57.185:0
Hash aebb17650f75eb33aa4a290097cf3464
6ba6a9415b09b2adf9de2071bb0a42059990c751
171eaafedb04cc3cf228a58ad5d83faed8c1b88373ede33711599e5a1a10d090
Analyzer Verdict Alert fortinet Phishing
GET /wp-content/themes/Heylone/plugins/owl-carousel/css/owl.carousel.css?ver=2.2 HTTP/1.1
Host: bearmaxltd.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://bearmaxltd.com/
HTTP/1.1 200 OK
Date: Thu, 24 Nov 2022 00:24:46 GMT
Server: Apache
Last-Modified: Tue, 15 Nov 2022 18:28:14 GMT
ETag: "2d610bb-1719-5ed8684e84f38"
Accept-Ranges: bytes
Content-Length: 5913
Keep-Alive: timeout=5
Connection: Keep-Alive
Content-Type: text/css
bearmaxltd.com/wp-content/themes/Heylone/plugins/owl-carousel/css/owl.theme.css?ver=2.2
174.136.57.185200 OK 2.7 kB URL HTTP/1.1 bearmaxltd.com/wp-content/themes/Heylone/plugins/owl-carousel/css/owl.theme.css?ver=2.2
IP 174.136.57.185:0
Hash 20bc717bd71f44a0f20c16b443991c6f
74d69660897f2056238b6e3049c388bfdaf06e30
5f3faaf7412f602cca588590620b851e58e1527101ae50a4df2e027386a310be
Analyzer Verdict Alert fortinet Phishing
GET /wp-content/themes/Heylone/plugins/owl-carousel/css/owl.theme.css?ver=2.2 HTTP/1.1
Host: bearmaxltd.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://bearmaxltd.com/
HTTP/1.1 200 OK
Date: Thu, 24 Nov 2022 00:24:46 GMT
Server: Apache
Last-Modified: Tue, 15 Nov 2022 18:28:14 GMT
ETag: "2d610ba-abd-5ed8684e84f38"
Accept-Ranges: bytes
Content-Length: 2749
Keep-Alive: timeout=5
Connection: Keep-Alive
Content-Type: text/css
bearmaxltd.com/wp-content/themes/Heylone/css/animations.css
174.136.57.185200 OK 28 kB URL HTTP/1.1 bearmaxltd.com/wp-content/themes/Heylone/css/animations.css
IP 174.136.57.185:0
File type ASCII text, with very long lines (460)
Hash 3958267c28329a96cfa477512ddbe80a
de080f1b99a5509f6e96ce418d4a988a87d45b4c
8de543ea9c83625bf2c9c20009e83b06e58bea7323ca2c31a3f21da7bd0b3458
GET /wp-content/themes/Heylone/css/animations.css HTTP/1.1
Host: bearmaxltd.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://bearmaxltd.com/
HTTP/1.1 200 OK
Date: Thu, 24 Nov 2022 00:24:46 GMT
Server: Apache
Upgrade: h2,h2c
Connection: Upgrade, Keep-Alive
Last-Modified: Tue, 15 Nov 2022 18:28:14 GMT
ETag: "2d610ec-6d80-5ed8684e8a140"
Accept-Ranges: bytes
Content-Length: 28032
Keep-Alive: timeout=5
Content-Type: text/css
bearmaxltd.com/wp-content/themes/Heylone/css/colors/color1.css?ver=2.2
174.136.57.185200 OK 2.8 kB URL HTTP/1.1 bearmaxltd.com/wp-content/themes/Heylone/css/colors/color1.css?ver=2.2
IP 174.136.57.185:0
File type assembler source, ASCII text, with very long lines (412)
Hash 18f5952620d0052b894f01099f8fe9d8
2dc8bae756cdcbdaa0e606f2cb27e43e12c7d6d0
68f6c9136d756218d2b2fcac48035cb5118283a3f2d8f200697e5bd03d334343
GET /wp-content/themes/Heylone/css/colors/color1.css?ver=2.2 HTTP/1.1
Host: bearmaxltd.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://bearmaxltd.com/
HTTP/1.1 200 OK
Date: Thu, 24 Nov 2022 00:24:46 GMT
Server: Apache
Last-Modified: Tue, 15 Nov 2022 18:28:14 GMT
ETag: "2d610f8-af4-5ed8684e8acf8"
Accept-Ranges: bytes
Content-Length: 2804
Keep-Alive: timeout=5
Connection: Keep-Alive
Content-Type: text/css
bearmaxltd.com/wp-content/themes/Heylone/style.css?ver=2.2
174.136.57.185200 OK 52 kB URL HTTP/1.1 bearmaxltd.com/wp-content/themes/Heylone/style.css?ver=2.2
IP 174.136.57.185:0
File type HTML document text\012- assembler source, ASCII text, with very long lines (492)
Hash 7b65d3dc6b6700a80fd7064aed556742
9bec51f24d41e585ffc223ece444340ec2750457
5c279bfdb590a92565da72c058eb70fce2811ec7ef0e85c5d46144b826dd8292
GET /wp-content/themes/Heylone/style.css?ver=2.2 HTTP/1.1
Host: bearmaxltd.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://bearmaxltd.com/
HTTP/1.1 200 OK
Date: Thu, 24 Nov 2022 00:24:46 GMT
Server: Apache
Upgrade: h2,h2c
Connection: Upgrade, Keep-Alive
Last-Modified: Tue, 15 Nov 2022 18:28:14 GMT
ETag: "2d6107c-c917-5ed8684e814a0"
Accept-Ranges: bytes
Content-Length: 51479
Keep-Alive: timeout=5
Content-Type: text/css
bearmaxltd.com/wp-includes/js/jquery/jquery-migrate.min.js?ver=1.4.1
174.136.57.185200 OK 10 kB URL HTTP/1.1 bearmaxltd.com/wp-includes/js/jquery/jquery-migrate.min.js?ver=1.4.1
IP 174.136.57.185:0
File type ASCII text, with very long lines (9959)
Hash 7121994eec5320fbe6586463bf9651c2
90532aff6d4121954254cdf04994d834f7ec169b
48eb8b500ae6a38617b5738d2b3faec481922a7782246e31d2755c034a45cd5d
Analyzer Verdict Alert fortinet Phishing
GET /wp-includes/js/jquery/jquery-migrate.min.js?ver=1.4.1 HTTP/1.1
Host: bearmaxltd.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://bearmaxltd.com/
HTTP/1.1 200 OK
Date: Thu, 24 Nov 2022 00:24:46 GMT
Server: Apache
Last-Modified: Fri, 20 May 2016 15:41:28 GMT
ETag: "2d60d48-2748-53347ec8e5a00"
Accept-Ranges: bytes
Content-Length: 10056
Keep-Alive: timeout=5
Connection: Keep-Alive
Content-Type: application/javascript
bearmaxltd.com/wp-content/themes/Heylone/js/modernizr.js?ver=2.2
174.136.57.185200 OK 15 kB URL HTTP/1.1 bearmaxltd.com/wp-content/themes/Heylone/js/modernizr.js?ver=2.2
IP 174.136.57.185:0
File type HTML document, ASCII text, with very long lines (14502)
Hash cf6d24b271a128c1564697131d29cd07
281c5937a9c49402bff5ed2d9374578f9dd68801
1acda5dc3f8982d34c308da783d450a9ff4ca79ee6a2b27414bb6a7400ebfd15
GET /wp-content/themes/Heylone/js/modernizr.js?ver=2.2 HTTP/1.1
Host: bearmaxltd.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://bearmaxltd.com/
HTTP/1.1 200 OK
Date: Thu, 24 Nov 2022 00:24:46 GMT
Server: Apache
Last-Modified: Tue, 15 Nov 2022 18:28:14 GMT
ETag: "2d610d1-3b31-5ed8684e86a90"
Accept-Ranges: bytes
Content-Length: 15153
Keep-Alive: timeout=5
Connection: Keep-Alive
Content-Type: application/javascript
push.services.mozilla.com/
44.237.93.5101 Switching Protocols 0 B URL HTTP/1.1 push.services.mozilla.com/
IP 44.237.93.5:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET / HTTP/1.1
Host: push.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Sec-WebSocket-Version: 13
Origin: wss://push.services.mozilla.com/
Sec-WebSocket-Protocol: push-notification
Sec-WebSocket-Extensions: permessage-deflate
Sec-WebSocket-Key: 3pBeUYM6UqGGNet6mWXA9w==
Connection: keep-alive, Upgrade
Sec-Fetch-Dest: websocket
Sec-Fetch-Mode: websocket
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
Upgrade: websocket
HTTP/1.1 101 Switching Protocols
Connection: Upgrade
Upgrade: websocket
Sec-WebSocket-Accept: h8/W8CsW2E06Bbos0eJ6ehs1Hbk=
bearmaxltd.com/wp-content/themes/Heylone/css/bootstrap.css?ver=2.2
174.136.57.185200 OK 111 kB URL HTTP/1.1 bearmaxltd.com/wp-content/themes/Heylone/css/bootstrap.css?ver=2.2
IP 174.136.57.185:0
File type assembler source, ASCII text
Size 111 kB (110600 bytes)
Hash c8542624c1e70fd549cd0aa6f411efcd
508d7ee729d54b02f348b457d1cf54a0389cba44
a5c6c869753b3a357748ea4c1b8161525beb29b3df190ae91a2337f177fb4383
Analyzer Verdict Alert fortinet Phishing
GET /wp-content/themes/Heylone/css/bootstrap.css?ver=2.2 HTTP/1.1
Host: bearmaxltd.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://bearmaxltd.com/
HTTP/1.1 200 OK
Date: Thu, 24 Nov 2022 00:24:46 GMT
Server: Apache
Upgrade: h2,h2c
Connection: Upgrade, Keep-Alive
Last-Modified: Tue, 15 Nov 2022 18:28:14 GMT
ETag: "2d610fd-1b008-5ed8684e8b0e0"
Accept-Ranges: bytes
Content-Length: 110600
Keep-Alive: timeout=5
Content-Type: text/css
bearmaxltd.com/wp-includes/js/wp-emoji-release.min.js?ver=5.0.18
174.136.57.185200 OK 12 kB URL HTTP/1.1 bearmaxltd.com/wp-includes/js/wp-emoji-release.min.js?ver=5.0.18
IP 174.136.57.185:0
File type ASCII text, with very long lines (9063)
Hash fe0575b66568074463f12485d90f6d4c
aeedd9ab3b7874e63f647042963cb1301a38b391
647a6b36f3fd1f21bae171270111096b4613c23a47e6621628a51bae9c82b0b7
GET /wp-includes/js/wp-emoji-release.min.js?ver=5.0.18 HTTP/1.1
Host: bearmaxltd.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://bearmaxltd.com/
HTTP/1.1 200 OK
Date: Thu, 24 Nov 2022 00:24:46 GMT
Server: Apache
Last-Modified: Fri, 05 Feb 2021 14:35:04 GMT
ETag: "2d60e98-2ea7-5ba97b9d31600"
Accept-Ranges: bytes
Content-Length: 11943
Keep-Alive: timeout=5
Connection: Keep-Alive
Content-Type: application/javascript
bearmaxltd.com/wp-content/themes/Heylone/plugins/prettyphoto/js/prettyphoto.js?ver=2.2
174.136.57.185200 OK 22 kB URL HTTP/1.1 bearmaxltd.com/wp-content/themes/Heylone/plugins/prettyphoto/js/prettyphoto.js?ver=2.2
IP 174.136.57.185:0
File type ASCII text, with very long lines (21248)
Hash 9d835a173b1864054d6623941d2fefe1
e77f11294cbc0c34c112a090718f148b43e74432
f426377f4ca1ee5fb2c93b7ce2183d7abf1b9d6c03930811f1827fd6c11404f3
Analyzer Verdict Alert fortinet Phishing
GET /wp-content/themes/Heylone/plugins/prettyphoto/js/prettyphoto.js?ver=2.2 HTTP/1.1
Host: bearmaxltd.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://bearmaxltd.com/
HTTP/1.1 200 OK
Date: Thu, 24 Nov 2022 00:24:46 GMT
Server: Apache
Last-Modified: Tue, 15 Nov 2022 18:28:14 GMT
ETag: "2d610ae-541b-5ed8684e84380"
Accept-Ranges: bytes
Content-Length: 21531
Keep-Alive: timeout=5
Connection: Keep-Alive
Content-Type: application/javascript
bearmaxltd.com/wp-includes/js/jquery/jquery.js?ver=1.12.4
174.136.57.185200 OK 97 kB URL HTTP/1.1 bearmaxltd.com/wp-includes/js/jquery/jquery.js?ver=1.12.4
IP 174.136.57.185:0
File type ASCII text, with very long lines (31997)
Hash dc5ba5044fccc0297be7b262ce669a7c
f137ff98ae379e35b0702967d3b6866a0a40e3be
cf34e1b87bbfd9d9b185dec994924a496e279d8dc9387ad8d35bc0110134c4d3
Analyzer Verdict Alert fortinet Phishing
GET /wp-includes/js/jquery/jquery.js?ver=1.12.4 HTTP/1.1
Host: bearmaxltd.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://bearmaxltd.com/
HTTP/1.1 200 OK
Date: Thu, 24 Nov 2022 00:24:46 GMT
Server: Apache
Last-Modified: Thu, 05 Sep 2019 07:14:02 GMT
ETag: "2d60d4e-17a6a-591c910ed6280"
Accept-Ranges: bytes
Content-Length: 96874
Keep-Alive: timeout=5
Connection: Keep-Alive
Content-Type: application/javascript
bearmaxltd.com/wp-content/themes/Heylone/plugins/owl-carousel/js/owl.carousel.min.js?ver=2.2
174.136.57.185200 OK 15 kB URL HTTP/1.1 bearmaxltd.com/wp-content/themes/Heylone/plugins/owl-carousel/js/owl.carousel.min.js?ver=2.2
IP 174.136.57.185:0
File type ASCII text, with very long lines (14906)
Hash 9af5c0176bb847e861a66094c13bba4e
c7e47a9564efb51013a3b753567f3ff3076ced4e
e10c6db3a22bc5bc72e2d639b7495b020b620d0fb8fa73cd46723421df80edaa
Analyzer Verdict Alert fortinet Phishing
GET /wp-content/themes/Heylone/plugins/owl-carousel/js/owl.carousel.min.js?ver=2.2 HTTP/1.1
Host: bearmaxltd.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://bearmaxltd.com/
HTTP/1.1 200 OK
Date: Thu, 24 Nov 2022 00:24:46 GMT
Server: Apache
Last-Modified: Tue, 15 Nov 2022 18:28:14 GMT
ETag: "2d610b8-3ad4-5ed8684e84f38"
Accept-Ranges: bytes
Content-Length: 15060
Keep-Alive: timeout=5
Connection: Keep-Alive
Content-Type: application/javascript
bearmaxltd.com/wp-content/themes/Heylone/js/waypoints.js?ver=2.2
174.136.57.185200 OK 8.0 kB URL HTTP/1.1 bearmaxltd.com/wp-content/themes/Heylone/js/waypoints.js?ver=2.2
IP 174.136.57.185:0
File type ASCII text, with very long lines (7808)
Hash b72a7b8d3d65ebc954b5b3103fdff409
c0c0d473a9bc5a9739f8f44158027d34e31bd642
d271120b283f037391dcecfb7e65de5ac6d4feaf3a990ba2a4a2d5289a40333e
GET /wp-content/themes/Heylone/js/waypoints.js?ver=2.2 HTTP/1.1
Host: bearmaxltd.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://bearmaxltd.com/
HTTP/1.1 200 OK
Date: Thu, 24 Nov 2022 00:24:46 GMT
Server: Apache
Last-Modified: Tue, 15 Nov 2022 18:28:14 GMT
ETag: "2d610ca-1f6c-5ed8684e866a8"
Accept-Ranges: bytes
Content-Length: 8044
Keep-Alive: timeout=5
Connection: Keep-Alive
Content-Type: application/javascript
ocsp.digicert.com/
93.184.220.29200 OK 278 B IP 93.184.220.29:0
Hash 38436e859f6dc2dca443bad9a4acfd7e
4340275be34e60f37cbc69632be593f0578493f4
eff098534ca9e7888a1762633a8b7c2e2013eff22ccb074972ec76f5de46f925
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Cache-Control: max-age=120632
Content-Type: application/ocsp-response
Date: Thu, 24 Nov 2022 00:24:46 GMT
Etag: "637dee06-116"
Expires: Fri, 25 Nov 2022 09:55:18 GMT
Last-Modified: Wed, 23 Nov 2022 09:55:18 GMT
Server: nginx
Content-Length: 278
fonts.gstatic.com/s/lato/v23/S6uyw4BMUTPHjx4wXg.woff2
216.58.207.195200 OK 24 kB URL HTTP/1.1 fonts.gstatic.com/s/lato/v23/S6uyw4BMUTPHjx4wXg.woff2
IP 216.58.207.195:0
File type Web Open Font Format (Version 2), TrueType, length 23580, version 1.0\012- data
Hash e1b3b5908c9cf23dfb2b9c52b9a023ab
fcd4136085f2a03481d9958cc6793a5ed98e714c
918b7dc3e2e2d015c16ce08b57bcb64d2253bafc1707658f361e72865498e537
GET /s/lato/v23/S6uyw4BMUTPHjx4wXg.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: http://bearmaxltd.com
Connection: keep-alive
Referer: http://fonts.googleapis.com/
HTTP/1.1 200 OK
Accept-Ranges: bytes
Access-Control-Allow-Origin: *
Content-Security-Policy-Report-Only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
Cross-Origin-Resource-Policy: cross-origin
Cross-Origin-Opener-Policy: same-origin; report-to="apps-themes"
Report-To: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
Timing-Allow-Origin: *
Content-Length: 23580
X-Content-Type-Options: nosniff
Server: sffe
X-XSS-Protection: 0
Date: Tue, 22 Nov 2022 18:20:17 GMT
Expires: Wed, 22 Nov 2023 18:20:17 GMT
Cache-Control: public, max-age=31536000
Age: 108269
Last-Modified: Tue, 26 Apr 2022 15:48:56 GMT
Content-Type: font/woff2
bearmaxltd.com/wp-content/themes/Heylone/plugins/flexslider/js/jquery.flexslider.js?ver=2.2
174.136.57.185200 OK 40 kB URL HTTP/1.1 bearmaxltd.com/wp-content/themes/Heylone/plugins/flexslider/js/jquery.flexslider.js?ver=2.2
IP 174.136.57.185:0
Hash aac847d930aa1353971648ae8a846d98
e5812d8f8c34322449965dce5a10aa2ce30ef2d8
a1df6e274b33698721201e3634aa727898bfaa7bb58b09bcb11bcbd524444e7e
GET /wp-content/themes/Heylone/plugins/flexslider/js/jquery.flexslider.js?ver=2.2 HTTP/1.1
Host: bearmaxltd.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://bearmaxltd.com/
HTTP/1.1 200 OK
Date: Thu, 24 Nov 2022 00:24:46 GMT
Server: Apache
Last-Modified: Tue, 15 Nov 2022 18:28:14 GMT
ETag: "2d610b3-9dc9-5ed8684e84b50"
Accept-Ranges: bytes
Content-Length: 40393
Keep-Alive: timeout=5
Connection: Keep-Alive
Content-Type: application/javascript
bearmaxltd.com/wp-content/themes/Heylone/js/bootstrap.js?ver=2.2
174.136.57.185200 OK 28 kB URL HTTP/1.1 bearmaxltd.com/wp-content/themes/Heylone/js/bootstrap.js?ver=2.2
IP 174.136.57.185:0
File type ASCII text, with very long lines (27674)
Hash 9cdf58550fa8a3d0be82e60f4acc1f1b
c846c71d0e36f98543f6eb88bb84a999173a34da
865a2f6e0b61650b383bc06eb32a507d0970ecf66d79f2bfabad8da96c3bb3d2
GET /wp-content/themes/Heylone/js/bootstrap.js?ver=2.2 HTTP/1.1
Host: bearmaxltd.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://bearmaxltd.com/
HTTP/1.1 200 OK
Date: Thu, 24 Nov 2022 00:24:46 GMT
Server: Apache
Last-Modified: Tue, 15 Nov 2022 18:28:14 GMT
ETag: "2d610cc-6d03-5ed8684e866a8"
Accept-Ranges: bytes
Content-Length: 27907
Keep-Alive: timeout=5
Connection: Keep-Alive
Content-Type: application/javascript
bearmaxltd.com/wp-content/themes/Heylone/js/jquery.mb.YTPlayer.js?ver=2.2
174.136.57.185200 OK 38 kB URL HTTP/1.1 bearmaxltd.com/wp-content/themes/Heylone/js/jquery.mb.YTPlayer.js?ver=2.2
IP 174.136.57.185:0
File type Unicode text, UTF-8 text, with very long lines (1977)
Hash 6010c3f0a450598ffd75d68549e9b63f
3c10044de5fcd4d8d1d417842925182456be5669
8a2350b1e0cb859900c3b4d80a1cbddb6b622f36d84e8996a953307b98319501
GET /wp-content/themes/Heylone/js/jquery.mb.YTPlayer.js?ver=2.2 HTTP/1.1
Host: bearmaxltd.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://bearmaxltd.com/
HTTP/1.1 200 OK
Date: Thu, 24 Nov 2022 00:24:46 GMT
Server: Apache
Last-Modified: Tue, 15 Nov 2022 18:28:14 GMT
ETag: "2d610ce-9504-5ed8684e866a8"
Accept-Ranges: bytes
Content-Length: 38148
Keep-Alive: timeout=5
Connection: Keep-Alive
Content-Type: application/javascript
bearmaxltd.com/wp-content/themes/Heylone/js/skrollr.js?ver=2.2
174.136.57.185200 OK 45 kB URL HTTP/1.1 bearmaxltd.com/wp-content/themes/Heylone/js/skrollr.js?ver=2.2
IP 174.136.57.185:0
Hash 82148fe1306d7592236b19e31f021bc1
5ab75a11de4d4c5a19505f5707a3d94bde7b35a1
59c627133005b2dc2d436c466ca1bce0e13d06bffee709cc435600d82ec8513d
Analyzer Verdict Alert fortinet Phishing
GET /wp-content/themes/Heylone/js/skrollr.js?ver=2.2 HTTP/1.1
Host: bearmaxltd.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://bearmaxltd.com/
HTTP/1.1 200 OK
Date: Thu, 24 Nov 2022 00:24:46 GMT
Server: Apache
Last-Modified: Tue, 15 Nov 2022 18:28:14 GMT
ETag: "2d610cf-affa-5ed8684e866a8"
Accept-Ranges: bytes
Content-Length: 45050
Keep-Alive: timeout=5
Connection: Keep-Alive
Content-Type: application/javascript
ocsp.digicert.com/
93.184.220.29200 OK 278 B IP 93.184.220.29:0
Hash 38436e859f6dc2dca443bad9a4acfd7e
4340275be34e60f37cbc69632be593f0578493f4
eff098534ca9e7888a1762633a8b7c2e2013eff22ccb074972ec76f5de46f925
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Cache-Control: max-age=120632
Content-Type: application/ocsp-response
Date: Thu, 24 Nov 2022 00:24:46 GMT
Etag: "637dee06-116"
Expires: Fri, 25 Nov 2022 09:55:18 GMT
Last-Modified: Wed, 23 Nov 2022 09:55:18 GMT
Server: nginx
Content-Length: 278
fonts.gstatic.com/s/robotocondensed/v25/ieVi2ZhZI2eCN5jzbjEETS9weq8-32meGCQYbw.woff2
216.58.207.195200 OK 16 kB URL HTTP/1.1 fonts.gstatic.com/s/robotocondensed/v25/ieVi2ZhZI2eCN5jzbjEETS9weq8-32meGCQYbw.woff2
IP 216.58.207.195:0
File type Web Open Font Format (Version 2), TrueType, length 15660, version 1.0\012- data
Hash d7b0b953a50fddaa88089b5b787cf719
2f85bc568b27659a3d6452f58f9fd7678450326d
e79c1c1a140e6afb861074c70392db54cc65a06050de2a69162ab94eb95b0516
GET /s/robotocondensed/v25/ieVi2ZhZI2eCN5jzbjEETS9weq8-32meGCQYbw.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: http://bearmaxltd.com
Connection: keep-alive
Referer: http://fonts.googleapis.com/
HTTP/1.1 200 OK
Accept-Ranges: bytes
Access-Control-Allow-Origin: *
Content-Security-Policy-Report-Only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
Cross-Origin-Resource-Policy: cross-origin
Cross-Origin-Opener-Policy: same-origin; report-to="apps-themes"
Report-To: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
Timing-Allow-Origin: *
Content-Length: 15660
X-Content-Type-Options: nosniff
Server: sffe
X-XSS-Protection: 0
Date: Tue, 22 Nov 2022 01:32:12 GMT
Expires: Wed, 22 Nov 2023 01:32:12 GMT
Cache-Control: public, max-age=31536000
Age: 168754
Last-Modified: Tue, 19 Apr 2022 18:42:42 GMT
Content-Type: font/woff2
bearmaxltd.com/wp-content/themes/Heylone/js/front_ajax.js?ver=2.2
174.136.57.185200 OK 951 B URL HTTP/1.1 bearmaxltd.com/wp-content/themes/Heylone/js/front_ajax.js?ver=2.2
IP 174.136.57.185:0
Hash 09ca53118ea8eba287305b388ae59a44
77dbcb421d73995e5a8e6c8ff1a5dfda12d8fd57
04a6259986b7f4fe6a946d83596f33b2e2beba2657517ec36fdc059a2ab231b7
Analyzer Verdict Alert fortinet Phishing
GET /wp-content/themes/Heylone/js/front_ajax.js?ver=2.2 HTTP/1.1
Host: bearmaxltd.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://bearmaxltd.com/
HTTP/1.1 200 OK
Date: Thu, 24 Nov 2022 00:24:46 GMT
Server: Apache
Last-Modified: Tue, 15 Nov 2022 18:28:14 GMT
ETag: "2d610c7-3b7-5ed8684e862c0"
Accept-Ranges: bytes
Content-Length: 951
Keep-Alive: timeout=5
Connection: Keep-Alive
Content-Type: application/javascript
fonts.gstatic.com/s/robotocondensed/v25/ieVl2ZhZI2eCN5jzbjEETS9weq8-19K7DQ.woff2
216.58.207.195200 OK 16 kB URL HTTP/1.1 fonts.gstatic.com/s/robotocondensed/v25/ieVl2ZhZI2eCN5jzbjEETS9weq8-19K7DQ.woff2
IP 216.58.207.195:0
File type Web Open Font Format (Version 2), TrueType, length 15700, version 1.0\012- data
Hash 3d7f7413fca69bff4d231ebdc50aaab0
cb18e7943b6a8a0e3672d7242197c19a226b92e8
6b4fac99c39b9ee2693d87a2508d0c7d4b4859072966616bd1f6e18c5b2f9d36
GET /s/robotocondensed/v25/ieVl2ZhZI2eCN5jzbjEETS9weq8-19K7DQ.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: http://bearmaxltd.com
Connection: keep-alive
Referer: http://fonts.googleapis.com/
HTTP/1.1 200 OK
Accept-Ranges: bytes
Access-Control-Allow-Origin: *
Content-Security-Policy-Report-Only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
Cross-Origin-Resource-Policy: cross-origin
Cross-Origin-Opener-Policy: same-origin; report-to="apps-themes"
Report-To: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
Timing-Allow-Origin: *
Content-Length: 15700
X-Content-Type-Options: nosniff
Server: sffe
X-XSS-Protection: 0
Date: Wed, 23 Nov 2022 02:54:32 GMT
Expires: Thu, 23 Nov 2023 02:54:32 GMT
Cache-Control: public, max-age=31536000
Age: 77414
Last-Modified: Tue, 19 Apr 2022 18:51:55 GMT
Content-Type: font/woff2
fonts.gstatic.com/s/volkhov/v17/SlGSmQieoJcKemNecTA0h1R3.woff2
216.58.207.195200 OK 23 kB URL HTTP/1.1 fonts.gstatic.com/s/volkhov/v17/SlGSmQieoJcKemNecTA0h1R3.woff2
IP 216.58.207.195:0
File type Web Open Font Format (Version 2), TrueType, length 22768, version 1.0\012- data
Hash 20832a0590b6ec3679ec13e9574180c2
103db6099dc6db1689a135b6ebb2fb662df57316
95056cde8fc60350eece66c30a6b3926915d469ad7f55ab883d8d3ca033f0f39
GET /s/volkhov/v17/SlGSmQieoJcKemNecTA0h1R3.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: http://bearmaxltd.com
Connection: keep-alive
Referer: http://fonts.googleapis.com/
HTTP/1.1 200 OK
Accept-Ranges: bytes
Access-Control-Allow-Origin: *
Content-Security-Policy-Report-Only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
Cross-Origin-Resource-Policy: cross-origin
Cross-Origin-Opener-Policy: same-origin; report-to="apps-themes"
Report-To: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
Timing-Allow-Origin: *
Content-Length: 22768
X-Content-Type-Options: nosniff
Server: sffe
X-XSS-Protection: 0
Date: Thu, 24 Nov 2022 00:24:46 GMT
Expires: Fri, 24 Nov 2023 00:24:46 GMT
Cache-Control: public, max-age=31536000
Last-Modified: Wed, 27 Apr 2022 16:11:47 GMT
Content-Type: font/woff2
Age: 0
ocsp.pki.goog/gts1c3
142.250.74.35200 OK 472 B IP 142.250.74.35:0
Hash 6fe23ae41ec0cbb3d702b1c64028cd13
e0e4d852454a5eae80a797aaa6f0991834dcc19a
47a12f27ec1ec271d17295d822c69d1b49c6a24107f3f7ce06a320688fae7f3c
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Thu, 24 Nov 2022 00:24:46 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
bearmaxltd.com/wp-content/themes/Heylone/js/helper-plugins.js?ver=2.2
174.136.57.185200 OK 59 kB URL HTTP/1.1 bearmaxltd.com/wp-content/themes/Heylone/js/helper-plugins.js?ver=2.2
IP 174.136.57.185:0
File type Unicode text, UTF-8 text, with very long lines (4003)
Hash cb9fde31609484398d3782724d801c84
aa596390f967eb696f85ac33656840951d5f0c2c
83e9a43fc4fd2769b11b4ab41351bd3c993b93d99a2e7b5ea9c33aec08667f8d
Analyzer Verdict Alert fortinet Phishing
GET /wp-content/themes/Heylone/js/helper-plugins.js?ver=2.2 HTTP/1.1
Host: bearmaxltd.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://bearmaxltd.com/
HTTP/1.1 200 OK
Date: Thu, 24 Nov 2022 00:24:46 GMT
Server: Apache
Last-Modified: Tue, 15 Nov 2022 18:28:14 GMT
ETag: "2d610cb-e583-5ed8684e866a8"
Accept-Ranges: bytes
Content-Length: 58755
Keep-Alive: timeout=5
Connection: Keep-Alive
Content-Type: application/javascript
fonts.gstatic.com/s/lato/v23/S6u9w4BMUTPHh6UVSwiPGQ.woff2
216.58.207.195200 OK 23 kB URL HTTP/1.1 fonts.gstatic.com/s/lato/v23/S6u9w4BMUTPHh6UVSwiPGQ.woff2
IP 216.58.207.195:0
File type Web Open Font Format (Version 2), TrueType, length 23040, version 1.0\012- data
Hash de69cf9e514df447d1b0bb16f49d2457
2ac78601179c3a63ba3f3f3081556b12ddcaf655
c447dd7677b419db7b21dbdfc6277c7816a913ffda76fd2e52702df538de0e49
GET /s/lato/v23/S6u9w4BMUTPHh6UVSwiPGQ.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: http://bearmaxltd.com
Connection: keep-alive
Referer: http://fonts.googleapis.com/
HTTP/1.1 200 OK
Accept-Ranges: bytes
Access-Control-Allow-Origin: *
Content-Security-Policy-Report-Only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
Cross-Origin-Resource-Policy: cross-origin
Cross-Origin-Opener-Policy: same-origin; report-to="apps-themes"
Report-To: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
Timing-Allow-Origin: *
Content-Length: 23040
X-Content-Type-Options: nosniff
Server: sffe
X-XSS-Protection: 0
Date: Tue, 22 Nov 2022 17:29:29 GMT
Expires: Wed, 22 Nov 2023 17:29:29 GMT
Cache-Control: public, max-age=31536000
Age: 111317
Last-Modified: Tue, 26 Apr 2022 15:56:42 GMT
Content-Type: font/woff2
bearmaxltd.com/wp-content/themes/Heylone/js/init.js?ver=2.2
174.136.57.185200 OK 21 kB URL HTTP/1.1 bearmaxltd.com/wp-content/themes/Heylone/js/init.js?ver=2.2
IP 174.136.57.185:0
File type ASCII text, with very long lines (497)
Hash 20f7cdd80eff7fa747e0c808c1ae6049
79a4bc2b5294aa6b20784a9ee89f712fc0a1a3d7
5f4a5bc5fea094f54c025e96eb734a183194cba0aa82b0a16adb12e2cbc50604
Analyzer Verdict Alert fortinet Phishing
GET /wp-content/themes/Heylone/js/init.js?ver=2.2 HTTP/1.1
Host: bearmaxltd.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://bearmaxltd.com/
HTTP/1.1 200 OK
Date: Thu, 24 Nov 2022 00:24:46 GMT
Server: Apache
Last-Modified: Tue, 15 Nov 2022 18:28:14 GMT
ETag: "2d610d3-51ed-5ed8684e86a90"
Accept-Ranges: bytes
Content-Length: 20973
Keep-Alive: timeout=5
Connection: Keep-Alive
Content-Type: application/javascript
maps.google.com/?ie=UTF8&ll=-74.002705,&spn=0.043846,0.077162&t=m&z=14&output=embed&scrollwheel=false
216.58.211.14301 Moved Permanently 262 B URL HTTP/2 maps.google.com/?ie=UTF8&ll=-74.002705,&spn=0.043846,0.077162&t=m&z=14&output=embed&scrollwheel=false
IP 216.58.211.14:0
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document, ASCII text, with CRLF, LF line terminators
Hash e7aff378bcf84b6a1db40cb8dd81ec10
def3c8ebc85da635d777f70c6ebb156ec66c259c
979ee44afadf2f3940825f8aaeb05f09701c78dbb8d37e5a3e83c0dd40f17103
GET /?ie=UTF8&ll=-74.002705,&spn=0.043846,0.077162&t=m&z=14&output=embed&scrollwheel=false HTTP/1.1
Host: maps.google.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://bearmaxltd.com/
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
HTTP/2 301 Moved Permanently
date: Thu, 24 Nov 2022 00:24:46 GMT
pragma: no-cache
expires: Fri, 01 Jan 1990 00:00:00 GMT
cache-control: no-cache, must-revalidate
location: https://www.google.com/maps/embed?origin=mfe&pb=!1m2!5e0!6i14
content-type: text/html; charset=UTF-8
server: mafe
content-length: 262
x-xss-protection: 0
x-frame-options: SAMEORIGIN
server-timing: gfet4t7; dur=2
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
bearmaxltd.com/wp-includes/js/comment-reply.min.js?ver=5.0.18
174.136.57.185200 OK 1.1 kB URL HTTP/1.1 bearmaxltd.com/wp-includes/js/comment-reply.min.js?ver=5.0.18
IP 174.136.57.185:0
File type ASCII text, with very long lines (1076), with no line terminators
Hash 9ef21a469fc37e845d6303fcfea70897
a86ec94ec7bee9227bcdf8d6374cabe82ae43e49
6b2e2d56e7b0e80d919bc65dd94f8cd95e57ad9298fc4fecc005301ea8339c9f
GET /wp-includes/js/comment-reply.min.js?ver=5.0.18 HTTP/1.1
Host: bearmaxltd.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://bearmaxltd.com/
HTTP/1.1 200 OK
Date: Thu, 24 Nov 2022 00:24:46 GMT
Server: Apache
Last-Modified: Fri, 05 Feb 2021 14:35:04 GMT
ETag: "2d60cb5-434-5ba97b9d31600"
Accept-Ranges: bytes
Content-Length: 1076
Keep-Alive: timeout=5
Connection: Keep-Alive
Content-Type: application/javascript
bearmaxltd.com/wp-content/themes/Heylone/js/comment_validation.js?ver=2.2
174.136.57.185200 OK 1.3 kB URL HTTP/1.1 bearmaxltd.com/wp-content/themes/Heylone/js/comment_validation.js?ver=2.2
IP 174.136.57.185:0
Hash 9f04231e141cad8f1e692df6dd08c3fc
a6ea3ac14e7cf1a7e3effe9bfe52bd78ed1f8bb0
aebb4845cf0b8b08f040584b0f5e6efbfd1f4b8c36eb92e2c08a22c21ce03902
GET /wp-content/themes/Heylone/js/comment_validation.js?ver=2.2 HTTP/1.1
Host: bearmaxltd.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://bearmaxltd.com/
HTTP/1.1 200 OK
Date: Thu, 24 Nov 2022 00:24:46 GMT
Server: Apache
Last-Modified: Tue, 15 Nov 2022 18:28:14 GMT
ETag: "2d610d2-4f0-5ed8684e86a90"
Accept-Ranges: bytes
Content-Length: 1264
Keep-Alive: timeout=5
Connection: Keep-Alive
Content-Type: application/javascript
bearmaxltd.com/wp-content/themes/Heylone/js/tweetie.js?ver=2.2
174.136.57.185200 OK 2.2 kB URL HTTP/1.1 bearmaxltd.com/wp-content/themes/Heylone/js/tweetie.js?ver=2.2
IP 174.136.57.185:0
File type HTML document, ASCII text, with very long lines (2108)
Hash 79c0f42e41eeeaa3336307fa28832243
eb502719ac03a95d9dee4cc28b076e4565489895
2ac720c1751c7ef5edaf8b9df40580486c2b1914e62b83d2b6e88043d27c38d1
Analyzer Verdict Alert fortinet Phishing
GET /wp-content/themes/Heylone/js/tweetie.js?ver=2.2 HTTP/1.1
Host: bearmaxltd.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://bearmaxltd.com/
HTTP/1.1 200 OK
Date: Thu, 24 Nov 2022 00:24:46 GMT
Server: Apache
Last-Modified: Tue, 15 Nov 2022 18:28:14 GMT
ETag: "2d610c9-89e-5ed8684e866a8"
Accept-Ranges: bytes
Content-Length: 2206
Keep-Alive: timeout=5
Connection: Keep-Alive
Content-Type: application/javascript
ocsp.pki.goog/gts1c3
142.250.74.35200 OK 472 B IP 142.250.74.35:0
Hash 8069f5e67c25fc0b7388ba5d4decd8c9
64a85ba44c80ea206f4382f573c3d61e4f607ccf
7587cd04333ddf1cff15ae219cb8fca0618786a9fe4cee989975f4d50889e72a
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Thu, 24 Nov 2022 00:24:46 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.pki.goog/gts1c3
142.250.74.35200 OK 472 B IP 142.250.74.35:0
Hash f7801fe8b983652ae788bc952856c2ed
f3898da21792b146a9f856e87ed3520d76277fb8
faa1bc8a9887e2dc694ff645546ea16cb96ac4bd1b0c460aef95f2cced100d6b
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Thu, 24 Nov 2022 00:24:46 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
www.google.com/maps/embed?origin=mfe&pb=!1m2!5e0!6i14
142.250.74.164200 OK 577 B URL HTTP/2 www.google.com/maps/embed?origin=mfe&pb=!1m2!5e0!6i14
IP 142.250.74.164:0
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text, with very long lines (399)
Hash ede42b038a46d3859d3620c4239f94bf
37a9efa64078b5474fe180f0f072d582de7af700
621c977c83219ae76f3e1addcbe9015bb62b18a89158292c4a67a35d929493fb
GET /maps/embed?origin=mfe&pb=!1m2!5e0!6i14 HTTP/1.1
Host: www.google.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: http://bearmaxltd.com/
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-type: text/html; charset=UTF-8
date: Thu, 24 Nov 2022 00:24:46 GMT
pragma: no-cache
expires: Fri, 01 Jan 1990 00:00:00 GMT
cache-control: no-cache, must-revalidate
vary: Accept-Language
content-security-policy: object-src 'none';base-uri 'self';script-src 'nonce-5n-U_8hxBPd8vn5OMGIWeQ' 'strict-dynamic' 'report-sample' 'unsafe-eval' 'unsafe-inline' https: http:;report-uri https://csp.withgoogle.com/csp/geo-maps-api/1
content-encoding: gzip
server: mafe
content-length: 577
x-xss-protection: 0
server-timing: gfet4t7; dur=2
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
bearmaxltd.com/wp-content/themes/Heylone/js/tweetie-init.js?ver=2.2
174.136.57.185200 OK 473 B URL HTTP/1.1 bearmaxltd.com/wp-content/themes/Heylone/js/tweetie-init.js?ver=2.2
IP 174.136.57.185:0
Hash 3b55195c5fc583975cc5c593fff76e91
9bd296f7d8bb419631695774db17c0125b5fbe86
258b895213c12b9a4b90cd38bcb9c2a55a2c1eeaad8f61d441c5e5c3e2b79ee5
GET /wp-content/themes/Heylone/js/tweetie-init.js?ver=2.2 HTTP/1.1
Host: bearmaxltd.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://bearmaxltd.com/
HTTP/1.1 200 OK
Date: Thu, 24 Nov 2022 00:24:46 GMT
Server: Apache
Last-Modified: Tue, 15 Nov 2022 18:28:14 GMT
ETag: "2d610d0-1d9-5ed8684e86a90"
Accept-Ranges: bytes
Content-Length: 473
Keep-Alive: timeout=5
Connection: Keep-Alive
Content-Type: application/javascript
bearmaxltd.com/wp-includes/js/wp-embed.min.js?ver=5.0.18
174.136.57.185200 OK 1.4 kB URL HTTP/1.1 bearmaxltd.com/wp-includes/js/wp-embed.min.js?ver=5.0.18
IP 174.136.57.185:0
File type ASCII text, with very long lines (1391), with no line terminators
Hash 570ae0f3c201604926ea599d3d1f6c04
2c29243a73660964d4712b969d2a15e27777bc14
5138d39633dc69fcd0ed7f33a5e38dc339123f682fa7f5242066879c2bbc8c9b
Analyzer Verdict Alert fortinet Phishing
GET /wp-includes/js/wp-embed.min.js?ver=5.0.18 HTTP/1.1
Host: bearmaxltd.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://bearmaxltd.com/
HTTP/1.1 200 OK
Date: Thu, 24 Nov 2022 00:24:46 GMT
Server: Apache
Last-Modified: Fri, 05 Feb 2021 14:35:04 GMT
ETag: "2d60e95-56f-5ba97b9d31600"
Accept-Ranges: bytes
Content-Length: 1391
Keep-Alive: timeout=5
Connection: Keep-Alive
Content-Type: application/javascript
bearmaxltd.com/wp-content/themes/Heylone/css/fonts/fontawesome-webfont.woff2?v=4.7.0
174.136.57.185200 OK 77 kB URL HTTP/1.1 bearmaxltd.com/wp-content/themes/Heylone/css/fonts/fontawesome-webfont.woff2?v=4.7.0
IP 174.136.57.185:0
File type Web Open Font Format (Version 2), TrueType, length 77160, version 4.459\012- data
Hash af7ae505a9eed503f8b8e6982036873e
d6f48cba7d076fb6f2fd6ba993a75b9dc1ecbf0c
2adefcbc041e7d18fcf2d417879dc5a09997aa64d675b7a3c4b6ce33da13f3fe
Analyzer Verdict Alert fortinet Phishing
GET /wp-content/themes/Heylone/css/fonts/fontawesome-webfont.woff2?v=4.7.0 HTTP/1.1
Host: bearmaxltd.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Connection: keep-alive
Referer: http://bearmaxltd.com/wp-content/themes/Heylone/css/font-awesome.min.css?ver=2.2
HTTP/1.1 200 OK
Date: Thu, 24 Nov 2022 00:24:46 GMT
Server: Apache
Last-Modified: Tue, 15 Nov 2022 18:28:14 GMT
ETag: "2d610eb-12d68-5ed8684e8a140"
Accept-Ranges: bytes
Content-Length: 77160
Keep-Alive: timeout=5
Connection: Keep-Alive
Content-Type: font/woff2
ocsp.pki.goog/gts1c3
142.250.74.35200 OK 472 B IP 142.250.74.35:0
Hash 065495ec7a963a205abd9c8dbc75cb5d
ea416d0df4f6706150bda5da2077174f5cdd986b
1b2a2afee887651b23a849f14ace89b330329f6bf61c331545a3f6d12037aee5
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Thu, 24 Nov 2022 00:24:46 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
maps.googleapis.com/maps/api/js?client=google-maps-embed&paint_origin=&libraries=geometry,search&v=3.exp&language=en_US&callback=onApiLoad
172.217.21.170200 OK 56 kB URL HTTP/2 maps.googleapis.com/maps/api/js?client=google-maps-embed&paint_origin=&libraries=geometry,search&v=3.exp&language=en_US&callback=onApiLoad
IP 172.217.21.170:0
File type ASCII text, with very long lines (2469)
Hash 4e4344d38a43e16fe1e574f3aaeb0f67
fe3665b32e818f0a7349899dbd3f8f23c47f285c
00fbcee9911e1b7721d86e578c3a537d651b263ddcf35bcb5395bba8657726f1
GET /maps/api/js?client=google-maps-embed&paint_origin=&libraries=geometry,search&v=3.exp&language=en_US&callback=onApiLoad HTTP/1.1
Host: maps.googleapis.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.google.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
content-encoding: gzip
server: mafe
content-length: 56249
x-xss-protection: 0
x-frame-options: SAMEORIGIN
server-timing: gfet4t7; dur=12
date: Thu, 24 Nov 2022 00:11:03 GMT
expires: Thu, 24 Nov 2022 00:41:03 GMT
cache-control: public, max-age=1800
content-type: text/javascript; charset=UTF-8
age: 823
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
142.250.74.35200 OK 472 B IP 142.250.74.35:0
Hash 065495ec7a963a205abd9c8dbc75cb5d
ea416d0df4f6706150bda5da2077174f5cdd986b
1b2a2afee887651b23a849f14ace89b330329f6bf61c331545a3f6d12037aee5
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Thu, 24 Nov 2022 00:24:46 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
bearmaxltd.com/wp-content/themes/Heylone/images/logo.png
174.136.57.185200 OK 18 kB URL HTTP/1.1 bearmaxltd.com/wp-content/themes/Heylone/images/logo.png
IP 174.136.57.185:0
File type PNG image data, 90 x 96, 8-bit/color RGBA, non-interlaced\012- data
Hash 92e1dba22fe360b6ea962b10b1f069d9
351e8f1bc230dc77f2edb75dc3a51be12b908054
0ddae1d7639054e67024576295846a41c4dd2fcd1673a6c3f1769a81e9a923dd
GET /wp-content/themes/Heylone/images/logo.png HTTP/1.1
Host: bearmaxltd.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://bearmaxltd.com/
HTTP/1.1 200 OK
Date: Thu, 24 Nov 2022 00:24:47 GMT
Server: Apache
Last-Modified: Tue, 15 Nov 2022 18:28:14 GMT
ETag: "2d61078-461a-5ed8684e814a0"
Accept-Ranges: bytes
Content-Length: 17946
Keep-Alive: timeout=5
Connection: Keep-Alive
Content-Type: image/png
bearmaxltd.com/wp-content/themes/Heylone/images/bg-icons.png
174.136.57.185200 OK 17 kB URL HTTP/1.1 bearmaxltd.com/wp-content/themes/Heylone/images/bg-icons.png
IP 174.136.57.185:0
File type PNG image data, 65 x 69, 8-bit/color RGBA, non-interlaced\012- data
Hash 8f1b4020123db066f6fdc5c4e5fa8179
350f1f8710db588a0519700ed935d99bba943043
cff98ec1af5cf66523987f9ca74cf714205e58abe5b9a775fac9ecba5d846502
GET /wp-content/themes/Heylone/images/bg-icons.png HTTP/1.1
Host: bearmaxltd.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://bearmaxltd.com/wp-content/themes/Heylone/style.css?ver=2.2
HTTP/1.1 200 OK
Date: Thu, 24 Nov 2022 00:24:47 GMT
Server: Apache
Last-Modified: Tue, 15 Nov 2022 18:28:14 GMT
ETag: "2d6106d-41ec-5ed8684e80cd0"
Accept-Ranges: bytes
Content-Length: 16876
Keep-Alive: timeout=5
Connection: Keep-Alive
Content-Type: image/png
bearmaxltd.com/wp-content/uploads/2014/05/team1-380x300.png
174.136.57.185200 OK 100 kB URL HTTP/1.1 bearmaxltd.com/wp-content/uploads/2014/05/team1-380x300.png
IP 174.136.57.185:0
File type PNG image data, 380 x 300, 8-bit/color RGBA, non-interlaced\012- data
Hash 0340254d1ff43ed948236ecfc14c607f
73531140a0bb9bfdbf42b9e11d3b65540dc0b580
47212c3c807156a242c3bd019ecc56f867f2845af96ef42ae720847b28f0f3fa
GET /wp-content/uploads/2014/05/team1-380x300.png HTTP/1.1
Host: bearmaxltd.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://bearmaxltd.com/
HTTP/1.1 200 OK
Date: Thu, 24 Nov 2022 00:24:47 GMT
Server: Apache
Last-Modified: Tue, 15 Nov 2022 18:31:52 GMT
ETag: "2d61053-1851c-5ed8691e9cec8"
Accept-Ranges: bytes
Content-Length: 99612
Keep-Alive: timeout=5
Connection: Keep-Alive
Content-Type: image/png
ocsp.pki.goog/gts1c3
142.250.74.35200 OK 472 B IP 142.250.74.35:0
Hash 4f22437494cab8f3b1de6d48c3677f43
42461557365b59e300ae356c37b95f652e10dacd
420bc8cc7c6624d9201c6e12fb6478f4a9cf77e90aad033b4d12687968003ccf
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Thu, 24 Nov 2022 00:24:46 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
maps.gstatic.com/maps-api-v3/embed/js/51/1/init_embed.js
142.250.74.163200 OK 69 kB URL HTTP/2 maps.gstatic.com/maps-api-v3/embed/js/51/1/init_embed.js
IP 142.250.74.163:0
File type ASCII text, with very long lines (2669)
Hash c088038bb01fdc7f15f21e2216b6b8b4
fa724c5616022f6825ac476354c492b0bf544d21
b0ecfa74efada796d206177e1bc78c7ac75250608051c6576335c6231fc2de78
GET /maps-api-v3/embed/js/51/1/init_embed.js HTTP/1.1
Host: maps.gstatic.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.google.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
accept-ranges: bytes
vary: Accept-Encoding, Origin
content-encoding: gzip
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/maps-api-js
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="maps-api-js"
report-to: {"group":"maps-api-js","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/maps-api-js"}]}
content-length: 68704
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Wed, 23 Nov 2022 07:12:45 GMT
expires: Thu, 23 Nov 2023 07:12:45 GMT
cache-control: public, max-age=31536000
last-modified: Mon, 14 Nov 2022 21:36:22 GMT
content-type: text/javascript
age: 61921
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
142.250.74.35200 OK 472 B IP 142.250.74.35:0
Hash 4f22437494cab8f3b1de6d48c3677f43
42461557365b59e300ae356c37b95f652e10dacd
420bc8cc7c6624d9201c6e12fb6478f4a9cf77e90aad033b4d12687968003ccf
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Thu, 24 Nov 2022 00:24:46 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
bearmaxltd.com/wp-content/uploads/2014/05/team3-380x300.png
174.136.57.185200 OK 79 kB URL HTTP/1.1 bearmaxltd.com/wp-content/uploads/2014/05/team3-380x300.png
IP 174.136.57.185:0
File type PNG image data, 380 x 300, 8-bit/color RGBA, non-interlaced\012- data
Hash d6d947b03dcc4019abbc96fc328863ca
ec3a31ced853c9095439a1fa324755487484e87b
29651d5565d3246a0717bbe7c73d57cab1dce541e2be12d44047419b960b299c
GET /wp-content/uploads/2014/05/team3-380x300.png HTTP/1.1
Host: bearmaxltd.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://bearmaxltd.com/
HTTP/1.1 200 OK
Date: Thu, 24 Nov 2022 00:24:47 GMT
Server: Apache
Last-Modified: Tue, 15 Nov 2022 18:31:54 GMT
ETag: "2d6105f-132d7-5ed8691f995d8"
Accept-Ranges: bytes
Content-Length: 78551
Keep-Alive: timeout=5
Connection: Keep-Alive
Content-Type: image/png
bearmaxltd.com/wp-content/uploads/2014/05/home.jpg
174.136.57.185200 OK 544 kB URL HTTP/1.1 bearmaxltd.com/wp-content/uploads/2014/05/home.jpg
IP 174.136.57.185:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 1920x1080, components 3\012- data
Size 544 kB (543638 bytes)
Hash f4bb3f0695d9c4f1d35b22dfda43e022
16e5472371a5bd27c4ceff1d4948ac59e11939be
1b8ba9515fa8ab29b99002b14bae167e5565014e4442dd90f42e87553d651dd2
GET /wp-content/uploads/2014/05/home.jpg HTTP/1.1
Host: bearmaxltd.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://bearmaxltd.com/
HTTP/1.1 200 OK
Date: Thu, 24 Nov 2022 00:24:46 GMT
Server: Apache
Last-Modified: Tue, 15 Nov 2022 18:31:58 GMT
ETag: "2d61137-84b96-5ed8692421c40"
Accept-Ranges: bytes
Content-Length: 543638
Keep-Alive: timeout=5
Connection: Keep-Alive
Content-Type: image/jpeg
bearmaxltd.com/wp-content/uploads/2014/05/bg-facts.jpg
174.136.57.185200 OK 250 kB URL HTTP/1.1 bearmaxltd.com/wp-content/uploads/2014/05/bg-facts.jpg
IP 174.136.57.185:0
File type JPEG image data, JFIF standard 1.02, aspect ratio, density 100x100, segment length 16, progressive, precision 8, 1920x1011, components 3\012- data
Size 250 kB (249809 bytes)
Hash e27785a685be86a8c2d8a2cbe422c3fc
b41cca79e207ab8eab7856e2b3e1526e5e3eb3f8
e166670f8e614a15fda01394d053452acf4a32eb860489c85698768ded4fe1b0
GET /wp-content/uploads/2014/05/bg-facts.jpg HTTP/1.1
Host: bearmaxltd.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://bearmaxltd.com/
HTTP/1.1 200 OK
Date: Thu, 24 Nov 2022 00:24:46 GMT
Server: Apache
Last-Modified: Tue, 15 Nov 2022 18:31:57 GMT
ETag: "2d6112a-3cfd1-5ed86922da9e0"
Accept-Ranges: bytes
Content-Length: 249809
Keep-Alive: timeout=5
Connection: Keep-Alive
Content-Type: image/jpeg
bearmaxltd.com/wp-content/uploads/2014/05/bg-tweets.jpg
174.136.57.185200 OK 392 kB URL HTTP/1.1 bearmaxltd.com/wp-content/uploads/2014/05/bg-tweets.jpg
IP 174.136.57.185:0
File type JPEG image data, Exif standard: [TIFF image data, little-endian, direntries=1, copyright=Death to the Stock Photo http://join.deathtothestockphoto.com], baseline, precision 8, 1920x1280, components 3\012- data
Size 392 kB (391995 bytes)
Hash 4da7adad8e67c6b58e6fed4065044048
fa192164bb97642f53193aa41f09470581244ba4
9adb7a64e13e0533b90853af1a0b7a98cc17348f697a0eae9f3cfdc3b393ba0a
GET /wp-content/uploads/2014/05/bg-tweets.jpg HTTP/1.1
Host: bearmaxltd.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://bearmaxltd.com/
HTTP/1.1 200 OK
Date: Thu, 24 Nov 2022 00:24:46 GMT
Server: Apache
Last-Modified: Tue, 15 Nov 2022 18:31:56 GMT
ETag: "2d6111d-5fb3b-5ed86921bcba8"
Accept-Ranges: bytes
Content-Length: 391995
Keep-Alive: timeout=5
Connection: Keep-Alive
Content-Type: image/jpeg
bearmaxltd.com/wp-content/uploads/2014/05/shot8.jpg
174.136.57.185200 OK 52 kB URL HTTP/1.1 bearmaxltd.com/wp-content/uploads/2014/05/shot8.jpg
IP 174.136.57.185:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 600x400, components 3\012- data
Hash 9ee5e74ce841f9b3bd7aab718ff51b7b
db4aacd8a6764d8a8a7d34b37af865b2ed3411e3
79cf371eeab6207ddd18dfab835a9e20f3cdbf4e657316dd86839405b539a9be
GET /wp-content/uploads/2014/05/shot8.jpg HTTP/1.1
Host: bearmaxltd.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://bearmaxltd.com/
HTTP/1.1 200 OK
Date: Thu, 24 Nov 2022 00:24:47 GMT
Server: Apache
Last-Modified: Tue, 15 Nov 2022 18:31:51 GMT
ETag: "2d6103c-cb58-5ed8691d00538"
Accept-Ranges: bytes
Content-Length: 52056
Keep-Alive: timeout=5
Connection: Keep-Alive
Content-Type: image/jpeg
bearmaxltd.com/wp-content/uploads/2014/05/team2-380x300.png
174.136.57.185200 OK 114 kB URL HTTP/1.1 bearmaxltd.com/wp-content/uploads/2014/05/team2-380x300.png
IP 174.136.57.185:0
File type PNG image data, 380 x 300, 8-bit/color RGBA, non-interlaced\012- data
Size 114 kB (113909 bytes)
Hash ad243725a550a21cee272255689c1f8a
9732f41ba20a95940eae51b9a3cc4b74b27552d3
4f9400180d836931caac6d17360e19e5d9221d3cedc1deadf81405c117ee51d0
GET /wp-content/uploads/2014/05/team2-380x300.png HTTP/1.1
Host: bearmaxltd.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://bearmaxltd.com/
HTTP/1.1 200 OK
Date: Thu, 24 Nov 2022 00:24:47 GMT
Server: Apache
Last-Modified: Tue, 15 Nov 2022 18:31:53 GMT
ETag: "2d61059-1bcf5-5ed8691f20458"
Accept-Ranges: bytes
Content-Length: 113909
Keep-Alive: timeout=5
Connection: Keep-Alive
Content-Type: image/png
bearmaxltd.com/wp-content/uploads/2014/05/shot10.jpg
174.136.57.185200 OK 54 kB URL HTTP/1.1 bearmaxltd.com/wp-content/uploads/2014/05/shot10.jpg
IP 174.136.57.185:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 600x400, components 3\012- data
Hash 092ff7bbdeb9bc1508c79386875238dc
a80efcd7c3d4733685a5de4a3860dd3eb49e2bbb
91ef8ebce8d5c16aae7ee239f9f96c00df9f41c04c60710cdc1bf6bb0c1314ac
GET /wp-content/uploads/2014/05/shot10.jpg HTTP/1.1
Host: bearmaxltd.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://bearmaxltd.com/
HTTP/1.1 200 OK
Date: Thu, 24 Nov 2022 00:24:47 GMT
Server: Apache
Last-Modified: Tue, 15 Nov 2022 18:31:50 GMT
ETag: "2d61034-d1ed-5ed8691c6e930"
Accept-Ranges: bytes
Content-Length: 53741
Keep-Alive: timeout=5
Connection: Keep-Alive
Content-Type: image/jpeg
bearmaxltd.com/wp-content/uploads/2014/05/shot6.jpg
174.136.57.185200 OK 49 kB URL HTTP/1.1 bearmaxltd.com/wp-content/uploads/2014/05/shot6.jpg
IP 174.136.57.185:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 600x400, components 3\012- data
Hash 03473561813ee50b21b111ea4fa7600a
2614f7910851a6873a262ccc1667cbe4bcede8f3
bdf6ce2ebb2abf751b7eec1cf837710909f2a2a45631ce3396ef76f791e57cbf
GET /wp-content/uploads/2014/05/shot6.jpg HTTP/1.1
Host: bearmaxltd.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://bearmaxltd.com/
HTTP/1.1 200 OK
Date: Thu, 24 Nov 2022 00:24:47 GMT
Server: Apache
Last-Modified: Tue, 15 Nov 2022 18:31:48 GMT
ETag: "2d6101f-bdb1-5ed8691a94358"
Accept-Ranges: bytes
Content-Length: 48561
Keep-Alive: timeout=5
Connection: Keep-Alive
Content-Type: image/jpeg
bearmaxltd.com/wp-content/plugins/heylone-core/api/tweet.php?count=1&exclude_replies=true
174.136.57.185200 OK 118 B URL HTTP/1.1 bearmaxltd.com/wp-content/plugins/heylone-core/api/tweet.php?count=1&exclude_replies=true
IP 174.136.57.185:0
File type HTML document, ASCII text, with no line terminators
Hash 1456b23d992531c63d999fc0b7da5395
ff603a90d8e36e4c63d13cfe39578db127219999
3ab713b8f60d6d2ce4a117f1abfbb4d76d7fdadfecf4ddb347b878f9e707311d
GET /wp-content/plugins/heylone-core/api/tweet.php?count=1&exclude_replies=true HTTP/1.1
Host: bearmaxltd.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/json, text/javascript, */*; q=0.01
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
X-Requested-With: XMLHttpRequest
Connection: keep-alive
Referer: http://bearmaxltd.com/
HTTP/1.1 200 OK
Date: Thu, 24 Nov 2022 00:24:47 GMT
Server: Apache
Content-Length: 118
Keep-Alive: timeout=5
Connection: Keep-Alive
Content-Type: text/html; charset=UTF-8
bearmaxltd.com/wp-content/uploads/2014/05/shot12.jpg
174.136.57.185200 OK 60 kB URL HTTP/1.1 bearmaxltd.com/wp-content/uploads/2014/05/shot12.jpg
IP 174.136.57.185:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 600x400, components 3\012- data
Hash 9c8548150e127248c7bb0ee32074b073
844f3cf7ddb9464d2110a25ea74a243eca87df0e
ae5fd1ca75b95628c7aeb7053ac5b782be673060d222b851f003c9ef812fb5da
GET /wp-content/uploads/2014/05/shot12.jpg HTTP/1.1
Host: bearmaxltd.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://bearmaxltd.com/
HTTP/1.1 200 OK
Date: Thu, 24 Nov 2022 00:24:47 GMT
Server: Apache
Last-Modified: Tue, 15 Nov 2022 18:31:48 GMT
ETag: "2d61017-ebf2-5ed8691a36f28"
Accept-Ranges: bytes
Content-Length: 60402
Keep-Alive: timeout=5
Connection: Keep-Alive
Content-Type: image/jpeg
bearmaxltd.com/wp-content/uploads/2014/05/shot2.jpg
174.136.57.185200 OK 36 kB URL HTTP/1.1 bearmaxltd.com/wp-content/uploads/2014/05/shot2.jpg
IP 174.136.57.185:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 600x400, components 3\012- data
Hash b0d46752b44a6dafa0e857176b6f5a5c
ed6580dfcf2dd4adcd5c14ec3f7a5a5a7ffec6a2
d4f4106016b28d9a5a7d6da7c2001f849f4b17ae520235102c360e682c2a57a4
GET /wp-content/uploads/2014/05/shot2.jpg HTTP/1.1
Host: bearmaxltd.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://bearmaxltd.com/
HTTP/1.1 200 OK
Date: Thu, 24 Nov 2022 00:24:47 GMT
Server: Apache
Last-Modified: Tue, 15 Nov 2022 18:31:47 GMT
ETag: "2d6100f-8ad6-5ed86919c9158"
Accept-Ranges: bytes
Content-Length: 35542
Keep-Alive: timeout=5
Connection: Keep-Alive
Content-Type: image/jpeg
bearmaxltd.com/wp-content/uploads/2014/05/shot9.jpg
174.136.57.185200 OK 88 kB URL HTTP/1.1 bearmaxltd.com/wp-content/uploads/2014/05/shot9.jpg
IP 174.136.57.185:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 600x400, components 3\012- data
Hash 65fe811c27a83b7d9434183385bf1658
182c131adb9f9593ec487aa864b3831b22a6bb07
94cafd98700bd2cdd85340339eca19614a7a4a2620f8e74f7ce93c33cbd80ce7
GET /wp-content/uploads/2014/05/shot9.jpg HTTP/1.1
Host: bearmaxltd.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://bearmaxltd.com/
HTTP/1.1 200 OK
Date: Thu, 24 Nov 2022 00:24:47 GMT
Server: Apache
Last-Modified: Tue, 15 Nov 2022 18:31:45 GMT
ETag: "2d60ff2-15653-5ed86917c47b8"
Accept-Ranges: bytes
Content-Length: 87635
Keep-Alive: timeout=5
Connection: Keep-Alive
Content-Type: image/jpeg
bearmaxltd.com/wp-content/uploads/2014/05/shot3.jpg
174.136.57.185200 OK 38 kB URL HTTP/1.1 bearmaxltd.com/wp-content/uploads/2014/05/shot3.jpg
IP 174.136.57.185:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 600x400, components 3\012- data
Hash 02cdeab636e43efe5e25f246fdf3e8a4
a3b13a3b29bd0b2a258784399dd5cfc18a97f87c
344e2d15ef0951b0f187eaa724485c107526dd608ab43b1bba4b18fd7edfdf46
GET /wp-content/uploads/2014/05/shot3.jpg HTTP/1.1
Host: bearmaxltd.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://bearmaxltd.com/
HTTP/1.1 200 OK
Date: Thu, 24 Nov 2022 00:24:47 GMT
Server: Apache
Last-Modified: Tue, 15 Nov 2022 18:31:46 GMT
ETag: "2d60ffa-93b8-5ed869182eed8"
Accept-Ranges: bytes
Content-Length: 37816
Keep-Alive: timeout=5
Connection: Keep-Alive
Content-Type: image/jpeg
bearmaxltd.com/wp-content/uploads/2014/05/blog-img3-400x320.jpg
174.136.57.185200 OK 25 kB URL HTTP/1.1 bearmaxltd.com/wp-content/uploads/2014/05/blog-img3-400x320.jpg
IP 174.136.57.185:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, baseline, precision 8, 400x320, components 3\012- data
Hash b2f132d65a9430739f32cb92749c6034
5171147fa052db57c5b6c01d9cce976477d5e347
30ce0d39845a0df0180ecd7c08ffb75edf9280508b5ecbe1d12ce6de606df4f7
GET /wp-content/uploads/2014/05/blog-img3-400x320.jpg HTTP/1.1
Host: bearmaxltd.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://bearmaxltd.com/
HTTP/1.1 200 OK
Date: Thu, 24 Nov 2022 00:24:47 GMT
Server: Apache
Last-Modified: Tue, 15 Nov 2022 18:31:54 GMT
ETag: "2d6110d-62fd-5ed8692077888"
Accept-Ranges: bytes
Content-Length: 25341
Keep-Alive: timeout=5
Connection: Keep-Alive
Content-Type: image/jpeg
bearmaxltd.com/wp-content/uploads/2014/05/shot11.jpg
174.136.57.185200 OK 62 kB URL HTTP/1.1 bearmaxltd.com/wp-content/uploads/2014/05/shot11.jpg
IP 174.136.57.185:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 600x400, components 3\012- data
Hash d346065632bf9d8d9bc6e3e8a132cc4e
9dedc42e2cf79f67432bb89f00105648e60bef43
23c1bf11032a148b608566b63f9c38bb36189deba1e1802e18b3c351223c9cd1
GET /wp-content/uploads/2014/05/shot11.jpg HTTP/1.1
Host: bearmaxltd.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://bearmaxltd.com/
HTTP/1.1 200 OK
Date: Thu, 24 Nov 2022 00:24:47 GMT
Server: Apache
Last-Modified: Tue, 15 Nov 2022 18:31:45 GMT
ETag: "2d60fea-f0fa-5ed8691760a10"
Accept-Ranges: bytes
Content-Length: 61690
Keep-Alive: timeout=5
Connection: Keep-Alive
Content-Type: image/jpeg
bearmaxltd.com/wp-content/uploads/2014/05/about-img2.jpg
174.136.57.185200 OK 349 kB URL HTTP/1.1 bearmaxltd.com/wp-content/uploads/2014/05/about-img2.jpg
IP 174.136.57.185:0
File type JPEG image data, Exif standard: [TIFF image data, little-endian, direntries=17, height=3648, bps=218, PhotometricIntepretation=RGB, manufacturer=Canon, model=Canon EOS 6D, orientation=upper-left, width=5472], progressive, precision 8, 1200x800, components 3\012- data
Size 349 kB (348607 bytes)
Hash 6a30dae4029ddd0dbdfad3887064df80
b491e93878009fe9d63e677f7081c9987203ff24
38321d49fbf5c79b3de26b75dd43dd6c438b735bace83519e330548e5e1b98f6
GET /wp-content/uploads/2014/05/about-img2.jpg HTTP/1.1
Host: bearmaxltd.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://bearmaxltd.com/
HTTP/1.1 200 OK
Date: Thu, 24 Nov 2022 00:24:47 GMT
Server: Apache
Last-Modified: Tue, 15 Nov 2022 18:31:42 GMT
ETag: "2d60fd5-551bf-5ed86914d5818"
Accept-Ranges: bytes
Content-Length: 348607
Keep-Alive: timeout=5
Connection: Keep-Alive
Content-Type: image/jpeg
data.imithemes.com/heylone/wp-content/uploads/sites/8/2014/05/hopdevil.jpg
141.193.213.10200 OK 8.5 kB URL HTTP/2 data.imithemes.com/heylone/wp-content/uploads/sites/8/2014/05/hopdevil.jpg
IP 141.193.213.10:0
ASN #209242 Cloudflare London, LLC
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 100x163, components 3\012- data
Hash 78b038075b4b8aa411c74ca4a084144e
87269a3117ae9e356587678bede426f626834373
9afb7e6ef2f2f2a59ef19911324de3b07dc3e4c44ef46b76c2ed4a4e22df9928
GET /heylone/wp-content/uploads/sites/8/2014/05/hopdevil.jpg HTTP/1.1
Host: data.imithemes.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://bearmaxltd.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Thu, 24 Nov 2022 00:24:47 GMT
content-type: image/jpeg
content-length: 8529
etag: "2151-54a5e579c9799"
last-modified: Fri, 10 Mar 2017 11:05:40 GMT
x-powered-by: WP Engine
x-cacheable: CacheAlways: forever
cache-control: max-age=14400, must-revalidate
x-cache: HIT: 1
cf-cache-status: MISS
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=sjvlKLomeyLxwNdm2bleCk7j6pFf0%2Fy9biDi%2FLT7nDAN1bcZAKjI2CBCTbvR3%2F8sWI2r84Hcg4pE9pVFsVtwkGdf5TS1U09d3Xi6VhnyLQi1LQXLD6dFmY0gmi%2BZxSC%2FRJ2yBQ%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 76ee00e998090b55-OSL
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
ocsp.digicert.com/
93.184.220.29200 OK 278 B IP 93.184.220.29:0
Hash 38436e859f6dc2dca443bad9a4acfd7e
4340275be34e60f37cbc69632be593f0578493f4
eff098534ca9e7888a1762633a8b7c2e2013eff22ccb074972ec76f5de46f925
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 1
Cache-Control: max-age=120632
Content-Type: application/ocsp-response
Date: Thu, 24 Nov 2022 00:24:47 GMT
Etag: "637dee06-116"
Expires: Fri, 25 Nov 2022 09:55:19 GMT
Last-Modified: Wed, 23 Nov 2022 09:55:18 GMT
Server: ECS (ska/F6FE)
X-Cache: HIT
Content-Length: 278
bearmaxltd.com/wp-content/uploads/2014/05/client-img2-100x100.jpg
174.136.57.185200 OK 2.1 kB URL HTTP/1.1 bearmaxltd.com/wp-content/uploads/2014/05/client-img2-100x100.jpg
IP 174.136.57.185:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, baseline, precision 8, 100x100, components 1\012- data
Hash 39264855867f1a825a4ce33d70bcbf14
197024d53e8a25ecce0da47136d70721cac53c13
033b5abc831d3f661062c9c3fba5128547140099d3bd5f8cea5494163118887e
GET /wp-content/uploads/2014/05/client-img2-100x100.jpg HTTP/1.1
Host: bearmaxltd.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://bearmaxltd.com/
HTTP/1.1 200 OK
Date: Thu, 24 Nov 2022 00:24:47 GMT
Server: Apache
Last-Modified: Tue, 15 Nov 2022 18:31:52 GMT
ETag: "2d6104d-858-5ed8691df2838"
Accept-Ranges: bytes
Content-Length: 2136
Keep-Alive: timeout=5
Connection: Keep-Alive
Content-Type: image/jpeg
bearmaxltd.com/wp-content/uploads/2014/05/client-img1-100x100.jpg
174.136.57.185200 OK 2.3 kB URL HTTP/1.1 bearmaxltd.com/wp-content/uploads/2014/05/client-img1-100x100.jpg
IP 174.136.57.185:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, baseline, precision 8, 100x100, components 1\012- data
Hash f2d0c0a2b95bfec01accf76d6721ced4
fdb3c5d9d44a046c2aafff94cf881cca56cf32bc
8eb6ee695c023c5481b8dd66cd677239f4a9876d733a718cd65bf7484c2e749b
GET /wp-content/uploads/2014/05/client-img1-100x100.jpg HTTP/1.1
Host: bearmaxltd.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://bearmaxltd.com/
HTTP/1.1 200 OK
Date: Thu, 24 Nov 2022 00:24:47 GMT
Server: Apache
Last-Modified: Tue, 15 Nov 2022 18:31:51 GMT
ETag: "2d61047-8ee-5ed8691d73128"
Accept-Ranges: bytes
Content-Length: 2286
Keep-Alive: timeout=5
Connection: Keep-Alive
Content-Type: image/jpeg
bearmaxltd.com/wp-content/uploads/2014/05/bg-testimonials.jpg
174.136.57.185200 OK 31 kB URL HTTP/1.1 bearmaxltd.com/wp-content/uploads/2014/05/bg-testimonials.jpg
IP 174.136.57.185:0
File type JPEG image data, Exif standard: [TIFF image data, big-endian, direntries=12, height=1620, bps=0, PhotometricIntepretation=RGB, orientation=upper-left, width=4744], progressive, precision 8, 1920x656, components 3\012- data
Hash 934cbd5ed5d5ad5240d7c64d4bd999fe
c4c21ac276770fda7b14c625e84ef2b07e415442
0191acd3220bc68e35895ece074d8cd3b0b99437b072c145d9711e927a80761d
GET /wp-content/uploads/2014/05/bg-testimonials.jpg HTTP/1.1
Host: bearmaxltd.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://bearmaxltd.com/
HTTP/1.1 200 OK
Date: Thu, 24 Nov 2022 00:24:47 GMT
Server: Apache
Last-Modified: Tue, 15 Nov 2022 18:31:55 GMT
ETag: "2d61110-799d-5ed86920be170"
Accept-Ranges: bytes
Content-Length: 31133
Keep-Alive: timeout=5
Connection: Keep-Alive
Content-Type: image/jpeg
bearmaxltd.com/wp-content/uploads/2014/05/client-logo2.png
174.136.57.185200 OK 1.9 kB URL HTTP/1.1 bearmaxltd.com/wp-content/uploads/2014/05/client-logo2.png
IP 174.136.57.185:0
File type PNG image data, 126 x 30, 8-bit gray+alpha, non-interlaced\012- data
Hash 9df35b593f83d3b6f25e05ce4002637b
07843301cbe7849c14de3c6f3db046769eafcb12
b0178cc3235b8676fecd2e36270a741fcf2d4ec25f7d8dd24e8885aba084b714
GET /wp-content/uploads/2014/05/client-logo2.png HTTP/1.1
Host: bearmaxltd.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://bearmaxltd.com/
HTTP/1.1 200 OK
Date: Thu, 24 Nov 2022 00:24:47 GMT
Server: Apache
Last-Modified: Tue, 15 Nov 2022 18:31:51 GMT
ETag: "2d61048-743-5ed8691d9e490"
Accept-Ranges: bytes
Content-Length: 1859
Keep-Alive: timeout=5
Connection: Keep-Alive
Content-Type: image/png
bearmaxltd.com/wp-content/themes/Heylone/images/crosshair.png
174.136.57.185200 OK 1.0 kB URL HTTP/1.1 bearmaxltd.com/wp-content/themes/Heylone/images/crosshair.png
IP 174.136.57.185:0
File type PNG image data, 80 x 80, 8-bit/color RGBA, non-interlaced\012- data
Hash 64acaab14abff7a132d293c282acd838
95b20f2f4853b6300c0992ea2e7b09d93a3c4e9d
4f2c1cd69112aac93f1820bc7354e0f9387eba3eea3a15f9ad07713419a38729
GET /wp-content/themes/Heylone/images/crosshair.png HTTP/1.1
Host: bearmaxltd.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://bearmaxltd.com/wp-content/themes/Heylone/style.css?ver=2.2
HTTP/1.1 200 OK
Date: Thu, 24 Nov 2022 00:24:47 GMT
Server: Apache
Last-Modified: Tue, 15 Nov 2022 18:28:14 GMT
ETag: "2d61075-411-5ed8684e810b8"
Accept-Ranges: bytes
Content-Length: 1041
Keep-Alive: timeout=5
Connection: Keep-Alive
Content-Type: image/png
r3.o.lencr.org/
23.36.77.32200 OK 503 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash b75c00c21f5854618bc06d14b8d83c40
ae14f585ae9682e6c2fad146c12c00ee4d83e8f3
a8e7585e49b01a64520051f8d38f499c8cb82645e3d146e6ca34378eac684e69
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "A8E7585E49B01A64520051F8D38F499C8CB82645E3D146E6CA34378EAC684E69"
Last-Modified: Wed, 23 Nov 2022 16:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=3308
Expires: Thu, 24 Nov 2022 01:19:55 GMT
Date: Thu, 24 Nov 2022 00:24:47 GMT
Connection: keep-alive
r3.o.lencr.org/
23.36.77.32200 OK 503 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash b75c00c21f5854618bc06d14b8d83c40
ae14f585ae9682e6c2fad146c12c00ee4d83e8f3
a8e7585e49b01a64520051f8d38f499c8cb82645e3d146e6ca34378eac684e69
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "A8E7585E49B01A64520051F8D38F499C8CB82645E3D146E6CA34378EAC684E69"
Last-Modified: Wed, 23 Nov 2022 16:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=3308
Expires: Thu, 24 Nov 2022 01:19:55 GMT
Date: Thu, 24 Nov 2022 00:24:47 GMT
Connection: keep-alive
r3.o.lencr.org/
23.36.77.32200 OK 503 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash b75c00c21f5854618bc06d14b8d83c40
ae14f585ae9682e6c2fad146c12c00ee4d83e8f3
a8e7585e49b01a64520051f8d38f499c8cb82645e3d146e6ca34378eac684e69
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "A8E7585E49B01A64520051F8D38F499C8CB82645E3D146E6CA34378EAC684E69"
Last-Modified: Wed, 23 Nov 2022 16:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=3308
Expires: Thu, 24 Nov 2022 01:19:55 GMT
Date: Thu, 24 Nov 2022 00:24:47 GMT
Connection: keep-alive
r3.o.lencr.org/
23.36.77.32200 OK 503 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash b75c00c21f5854618bc06d14b8d83c40
ae14f585ae9682e6c2fad146c12c00ee4d83e8f3
a8e7585e49b01a64520051f8d38f499c8cb82645e3d146e6ca34378eac684e69
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "A8E7585E49B01A64520051F8D38F499C8CB82645E3D146E6CA34378EAC684E69"
Last-Modified: Wed, 23 Nov 2022 16:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=3308
Expires: Thu, 24 Nov 2022 01:19:55 GMT
Date: Thu, 24 Nov 2022 00:24:47 GMT
Connection: keep-alive
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fca5cb469-21a0-420a-875c-a81635b33f53.jpeg
34.120.237.76200 OK 8.0 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fca5cb469-21a0-420a-875c-a81635b33f53.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 92c78302bcce1568eb6a5563100b932c
43d1dec7fc06879988c9c3cadd800cc8145df988
0dda9914306c8e3a7ea75eade8e762652d93907dd6c5a8cc81707d6d8098b60a
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fca5cb469-21a0-420a-875c-a81635b33f53.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 7993
x-amzn-requestid: 9f0ff853-4819-47cd-959d-658401ea5748
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: cEvCsG5mIAMFqAQ=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-637e9211-1c48b9223684f2942f8dd42d;Sampled=0
x-amzn-remapped-date: Wed, 23 Nov 2022 21:35:13 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: YJuHCuUgkLuFFiQUlrPWgv9grHznufMTU08hi4ZMpQTBmou6BGWrhQ==
via: 1.1 d1151317ba32afe0e6370fd69fed222e.cloudfront.net (CloudFront), 1.1 7e87179efaa9e3c316bd3d3a74cfded8.cloudfront.net (CloudFront), 1.1 google
date: Wed, 23 Nov 2022 21:47:52 GMT
age: 9415
etag: "43d1dec7fc06879988c9c3cadd800cc8145df988"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fd9ad1430-c833-4f58-99a3-6a959cced2fe.jpeg
34.120.237.76200 OK 9.1 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fd9ad1430-c833-4f58-99a3-6a959cced2fe.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 891d19eb042be6fd5d021ff08db2dfcc
c35c0a9bf6ad7f53e3aadaffb8f3a03c4f9457e3
3efff3d6a8bfa358652bf73ae26ab233ed8c2ca37dab1ff2f2298cd805b88bc1
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fd9ad1430-c833-4f58-99a3-6a959cced2fe.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 9099
x-amzn-requestid: d828c8f5-3ff1-4e20-822f-32d9ad7a0d7a
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: cExDeGjKIAMFQHw=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-637e9549-71d957297c3ec4b01633b1ce;Sampled=0
x-amzn-remapped-date: Wed, 23 Nov 2022 21:48:57 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C2
x-cache: Miss from cloudfront
x-amz-cf-id: ZXi-qHYx7QoMQZAsZzEW099laTRSyxjhe8stloZ5ZhlRfw4W8sebjw==
via: 1.1 c34da255183aa208dd1c722ff211f9b2.cloudfront.net (CloudFront), 1.1 112d82578d402a38d8d02e8b857617e0.cloudfront.net (CloudFront), 1.1 google
date: Wed, 23 Nov 2022 22:13:58 GMT
etag: "c35c0a9bf6ad7f53e3aadaffb8f3a03c4f9457e3"
content-type: image/jpeg
age: 7849
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fe021fc4e-f76c-4fe9-9470-b59452c93459.jpeg
34.120.237.76200 OK 11 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fe021fc4e-f76c-4fe9-9470-b59452c93459.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash eb94ecb5881a7e49d964e4287d11e7a4
4b131a189db1b615e2519a28cad83d78297ab67f
f3693e29eb7b72361093434142e3f18969c1a0b02350fab430fa29c7c127bd1a
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fe021fc4e-f76c-4fe9-9470-b59452c93459.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 11401
x-amzn-requestid: 3bc374eb-7d70-4b95-94a7-2ad06cae4726
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: cEvCtHcmoAMFxgw=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-637e9211-333793987245ff9e741b9aed;Sampled=0
x-amzn-remapped-date: Wed, 23 Nov 2022 21:35:13 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C2
x-cache: Miss from cloudfront
x-amz-cf-id: K4A6bdVv0gauO3YWTEPWMS6fhuB9CZ6o5dUL-O6G5-NzqOGQRzQLUw==
via: 1.1 8f22423015641505b8c857a37450d6c0.cloudfront.net (CloudFront), 1.1 e4d3d5aafc7d7d582423c073065ab562.cloudfront.net (CloudFront), 1.1 google
date: Wed, 23 Nov 2022 21:49:04 GMT
age: 9343
etag: "4b131a189db1b615e2519a28cad83d78297ab67f"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F18708671-8ed1-458b-a0a3-fba50832ecb7.jpeg
34.120.237.76200 OK 9.1 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F18708671-8ed1-458b-a0a3-fba50832ecb7.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash af618f978f520f4f15acd660f5e91ad4
fcbe3938574e2a3b0d303b7464ae6f414d7dc356
6f8c21090c99c98e8ae89f60b1cf1cd882194dc83db96808a0b5bd553ece8a56
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F18708671-8ed1-458b-a0a3-fba50832ecb7.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 9119
x-amzn-requestid: 0321de47-3dae-4ad5-86e7-fd766326c6c8
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: cEvClGQWoAMFWqA=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-637e9210-5bc883d93cedf8ec36517fe3;Sampled=0
x-amzn-remapped-date: Wed, 23 Nov 2022 21:35:12 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C2
x-cache: Miss from cloudfront
x-amz-cf-id: gvEmzs6OvdD0s03wFTgS0RYBkikZ9VHk0eOArDVQwZ1vNSMBcJ97mQ==
via: 1.1 d1151317ba32afe0e6370fd69fed222e.cloudfront.net (CloudFront), 1.1 32c16f33c8f5601364fa8229b0d74dc2.cloudfront.net (CloudFront), 1.1 google
date: Wed, 23 Nov 2022 21:45:09 GMT
etag: "fcbe3938574e2a3b0d303b7464ae6f414d7dc356"
content-type: image/jpeg
age: 9578
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F0a474c96-6cd7-4e42-a54a-02217768182e.jpeg
34.120.237.76200 OK 8.1 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F0a474c96-6cd7-4e42-a54a-02217768182e.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash c8f6118fc03f31862ff68fef8a2b9a7f
318c5d7acd0d36c816b09fcf1b7dc4bfb5ec7e73
cdd4d44f05cc524d7f2b1d6d792ecd8a9a933e52ecb7685a7d7ea786a510ef39
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F0a474c96-6cd7-4e42-a54a-02217768182e.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 8089
x-amzn-requestid: f3c55266-9b03-4b7f-b076-fdf56704318e
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: b0QQyECioAMFzdQ=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-6377fa6b-3e10cef6117a10a4115cfce7;Sampled=0
x-amzn-remapped-date: Fri, 18 Nov 2022 21:34:35 GMT
x-amz-cf-pop: SEA73-P1
x-cache: Hit from cloudfront
x-amz-cf-id: ngJvyUydpRDSiYy9kfeh8JmydmR_K8mjfZtGLgT0qeE2JaABbDMSaQ==
via: 1.1 010c0731b9775a983eceaec0f5fa6a2e.cloudfront.net (CloudFront), 1.1 cd64decb1403270c914848213601a674.cloudfront.net (CloudFront), 1.1 google
date: Wed, 23 Nov 2022 22:06:51 GMT
age: 8276
etag: "318c5d7acd0d36c816b09fcf1b7dc4bfb5ec7e73"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F2a16068e-5377-48a5-aaf5-19e46c86681d.jpeg
34.120.237.76200 OK 11 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F2a16068e-5377-48a5-aaf5-19e46c86681d.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash e091109c8f54cf23b221d8d0a35d6914
a67bdea6358146f7de38d6be37e9f69a8edd5f22
362dc1665e27a4307a7ce832019a6e5e3d8edb0d18db084e4dc9dd026ea68df4
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F2a16068e-5377-48a5-aaf5-19e46c86681d.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 11447
x-amzn-requestid: fb600f6e-d936-4255-b79f-528d9cb8e729
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: cCvYTEqyIAMFalg=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-637dc5ce-2bc3102e268ccdff7f960289;Sampled=0
x-amzn-remapped-date: Wed, 23 Nov 2022 07:03:42 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: mKjDkTbptvN8DvzCnw88-xjLOC6wi-72-rLF9Hp7yzCEBDVmJoHgIA==
via: 1.1 446313511980eb02f28ff5a9a4147c0a.cloudfront.net (CloudFront), 1.1 b2f9564ebf9c745cc2ceae96d434977e.cloudfront.net (CloudFront), 1.1 google
date: Wed, 23 Nov 2022 07:26:09 GMT
age: 61118
etag: "a67bdea6358146f7de38d6be37e9f69a8edd5f22"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
bearmaxltd.com/favicon.ico
174.136.57.185200 OK 0 B URL HTTP/1.1 bearmaxltd.com/favicon.ico
IP 174.136.57.185:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /favicon.ico HTTP/1.1
Host: bearmaxltd.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://bearmaxltd.com/
HTTP/1.1 200 OK
Date: Thu, 24 Nov 2022 00:24:47 GMT
Server: Apache
Content-Length: 0
Keep-Alive: timeout=5
Connection: Keep-Alive
Content-Type: image/vnd.microsoft.icon
data.imithemes.com/heylone/wp-content/uploads/sites/8/2014/05/man1.png
141.193.213.10200 OK 270 kB URL HTTP/2 data.imithemes.com/heylone/wp-content/uploads/sites/8/2014/05/man1.png
IP 141.193.213.10:0
ASN #209242 Cloudflare London, LLC
File type PNG image data, 725 x 520, 8-bit/color RGBA, non-interlaced\012- data
Size 270 kB (269670 bytes)
Hash fb203f103f02a38343955bbbf0df25e8
590aaa2fa01cb09a8d686c0cbe88637b4957d11c
e850588e6ca93423a7d3284814a142403129f32fad4368f10434d043d353ebbe
GET /heylone/wp-content/uploads/sites/8/2014/05/man1.png HTTP/1.1
Host: data.imithemes.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://bearmaxltd.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Thu, 24 Nov 2022 00:24:47 GMT
content-type: image/png
content-length: 269670
etag: "41d66-54a5e570c9c42"
last-modified: Fri, 10 Mar 2017 11:05:31 GMT
x-powered-by: WP Engine
x-cacheable: CacheAlways: forever
cache-control: max-age=14400, must-revalidate
x-cache: HIT: 1
cf-cache-status: MISS
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=3uWs358zi%2BvQ5BOadRBuiLYKp5wXmOiYn0zh62NaLZzbQnbJUze%2B%2F9pQOYKl3itJbfJlzf7r9wrUX73wIVQOUlUhIxKAnvWlHtNjGLLaORXFkX0fZnR6AenM%2BPhsDDfA1UBzpw%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 76ee00e8cfa40b55-OSL
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
fonts.googleapis.com/css?family=Roboto:300,400,500,700|Google+Sans:400,500,700|Google+Sans+Text:400&lang=en
142.250.74.10200 OK 17 kB URL HTTP/2 fonts.googleapis.com/css?family=Roboto:300,400,500,700|Google+Sans:400,500,700|Google+Sans+Text:400&lang=en
IP 142.250.74.10:0
Hash 3d41aac6d02feb1fde7283494b19108a
fe3ffb2ab31753daea33fb55bf4b4ace0a6061e7
53c33db0ad6ee509db0ac63ac17d1a529fa2e24686e9212cab7566ade6c98505
GET /css?family=Roboto:300,400,500,700|Google+Sans:400,500,700|Google+Sans+Text:400&lang=en HTTP/1.1
Host: fonts.googleapis.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.google.com/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-type: text/css; charset=utf-8
access-control-allow-origin: *
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
strict-transport-security: max-age=31536000
expires: Thu, 24 Nov 2022 00:24:49 GMT
date: Thu, 24 Nov 2022 00:24:49 GMT
cache-control: private, max-age=86400
cross-origin-opener-policy: same-origin-allow-popups
cross-origin-resource-policy: cross-origin
content-encoding: gzip
server: ESF
x-xss-protection: 0
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F50d7d834-f80d-4fd9-a728-24643ed00c45.jpeg
34.120.237.76200 OK 6.8 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F50d7d834-f80d-4fd9-a728-24643ed00c45.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash d9d93b2a6875d446c3467eb49767eef5
303c571b13b05fcf27ee1159d8fdf6369aaef0a2
2a2345a925e0187979930a7f2de8548957ad9f2baae77364dcb157286e2b3fcf
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F50d7d834-f80d-4fd9-a728-24643ed00c45.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: nginx
content-length: 6789
x-amzn-requestid: 4d94ce1b-d18f-43b8-bb4d-e7093f9bea42
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: cCvd2G9UIAMFrEg=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-637dc5f2-64a570135be59b83031811da;Sampled=0
x-amzn-remapped-date: Wed, 23 Nov 2022 07:04:18 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C2
x-cache: Miss from cloudfront
x-amz-cf-id: JygkDI7XSvlgurUTot874ZAXlOIqnv4cntMQ55IvHVqw93JBcksZjQ==
via: 1.1 4d7fa73f804f1c93f20cfc24c4b1266e.cloudfront.net (CloudFront), 1.1 57a21088b36c69a83578b5a5579df58e.cloudfront.net (CloudFront), 1.1 google
date: Wed, 23 Nov 2022 07:22:09 GMT
age: 61365
etag: "303c571b13b05fcf27ee1159d8fdf6369aaef0a2"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
fonts.googleapis.com/css?family=Google+Sans+Text:400&text=%E2%86%90%E2%86%92%E2%86%91%E2%86%93&lang=en
142.250.74.10200 OK 0 B URL HTTP/2 fonts.googleapis.com/css?family=Google+Sans+Text:400&text=%E2%86%90%E2%86%92%E2%86%91%E2%86%93&lang=en
IP 142.250.74.10:0
GET /css?family=Google+Sans+Text:400&text=%E2%86%90%E2%86%92%E2%86%91%E2%86%93&lang=en HTTP/1.1
Host: fonts.googleapis.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.google.com/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-type: text/css; charset=utf-8
access-control-allow-origin: *
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
strict-transport-security: max-age=31536000
expires: Thu, 24 Nov 2022 00:24:49 GMT
date: Thu, 24 Nov 2022 00:24:49 GMT
cache-control: private, max-age=86400
cross-origin-opener-policy: same-origin-allow-popups
cross-origin-resource-policy: cross-origin
content-encoding: gzip
server: ESF
x-xss-protection: 0
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2