post.bemcon.co.uk/index.php/mailster/3718/138a7c90e873f6905becd7f30d36cebe/aHR0cHM6Ly9wb3N0LmJlbWNvbi5jby51aw
301 Moved Permanently 0 B URL HTTP/1.1 post.bemcon.co.uk/index.php/mailster/3718/138a7c90e873f6905becd7f30d36cebe/aHR0cHM6Ly9wb3N0LmJlbWNvbi5jby51aw
IP
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Analyzer Verdict Alert fortinet Phishing
GET /index.php/mailster/3718/138a7c90e873f6905becd7f30d36cebe/aHR0cHM6Ly9wb3N0LmJlbWNvbi5jby51aw HTTP/1.1
Host: post.bemcon.co.uk
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Upgrade-Insecure-Requests: 1
HTTP/1.1 301 Moved Permanently
Date: Tue, 27 Dec 2022 08:36:37 GMT
Transfer-Encoding: chunked
Connection: keep-alive
Cache-Control: max-age=3600
Expires: Tue, 27 Dec 2022 09:36:37 GMT
Location: https://post.bemcon.co.uk/index.php/mailster/3718/138a7c90e873f6905becd7f30d36cebe/aHR0cHM6Ly9wb3N0LmJlbWNvbi5jby51aw
Server-Timing: cf-q-config;dur=5.0000016926788e-06
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=b01ojlpUZ2H9GY8ZgaB1%2F5AHu8ePc4g%2Fy5QmrkzeLsOj2JXB72KDtR89NFOhPnNSc6%2Bw6nwgbkg%2FnFDhWFvCDKep7jDzVTGRlbC2KWssdGmkhSSpCODbtqqWEtZvYyohe%2BXzbw%3D%3D"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 7800bac6fb38b505-OSL
alt-svc: h2=":443"; ma=60
r3.o.lencr.org/
200 OK 503 B IP
ASN #20940 Akamai International B.V.
Hash 9cce060ddc316540d079e6816a1e7412
709a74969d1996d2b35ef0f7f34ae18455169f1e
6d58b895476c9ab451d8fc51df98809adca445bc6e9d720430e80a0c85242879
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "6D58B895476C9AB451D8FC51DF98809ADCA445BC6E9D720430E80A0C85242879"
Last-Modified: Sun, 25 Dec 2022 04:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=5129
Expires: Tue, 27 Dec 2022 10:02:06 GMT
Date: Tue, 27 Dec 2022 08:36:37 GMT
Connection: keep-alive
r3.o.lencr.org/
200 OK 503 B IP
ASN #20940 Akamai International B.V.
Hash 96defe1601ba891731eee83f0830649d
ba500679fd337488c3f60543561740ff0dfc1898
d2a320a9feb1a874af3da921db2a8619513968724ef8eb0715c010291c4cf8d9
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "D2A320A9FEB1A874AF3DA921DB2A8619513968724EF8EB0715C010291C4CF8D9"
Last-Modified: Sun, 25 Dec 2022 08:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=8083
Expires: Tue, 27 Dec 2022 10:51:20 GMT
Date: Tue, 27 Dec 2022 08:36:37 GMT
Connection: keep-alive
firefox.settings.services.mozilla.com/v1/
200 OK 939 B URL HTTP/2 firefox.settings.services.mozilla.com/v1/
IP
File type JSON data\012- , ASCII text, with very long lines (939), with no line terminators
Hash ff250d3ef3fa45322bf05039a0122a9f
b3e7a2c383bce1bab807dbe1a03c375258b51f1d
d07f109a96e0ae6ec7b1d46ce8761b3f06fe845769ce65d69e053dd40aa561ba
GET /v1/ HTTP/1.1
Host: firefox.settings.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
access-control-allow-origin: *
access-control-expose-headers: Backoff, Content-Length, Retry-After, Content-Type, Alert
content-security-policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
content-length: 939
via: 1.1 google
date: Tue, 27 Dec 2022 07:46:38 GMT
content-type: application/json
age: 2999
cache-control: max-age=3600,public
alt-svc: clear
X-Firefox-Spdy: h2
r3.o.lencr.org/
200 OK 503 B IP
ASN #20940 Akamai International B.V.
Hash b2d59bdbb1ca6324590988ec031cf1fc
bfd4e25af37dcde4bac38d9b178c5ac8e50f8834
cef2180120ef42ff09d54577229c058d41d2c569d485f5a6dcfadc74bf8aa647
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "CEF2180120EF42FF09D54577229C058D41D2C569D485F5A6DCFADC74BF8AA647"
Last-Modified: Mon, 26 Dec 2022 11:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=9504
Expires: Tue, 27 Dec 2022 11:15:01 GMT
Date: Tue, 27 Dec 2022 08:36:37 GMT
Connection: keep-alive
content-signature-2.cdn.mozilla.net/chains/remote-settings.content-signature.mozilla.org-2023-02-08-14-47-57.chain
200 OK 5.3 kB URL HTTP/2 content-signature-2.cdn.mozilla.net/chains/remote-settings.content-signature.mozilla.org-2023-02-08-14-47-57.chain
IP
File type PEM certificate\012- , ASCII text
Hash b1fcd419a4245617397846e8d17233f6
2a037ce244587640b27ead9a0ec2af4f862d91b2
e059b6d834c06e58494c43fb2ff42acbc27c1a1d8f7f30e2f32ca0e167599e2f
GET /chains/remote-settings.content-signature.mozilla.org-2023-02-08-14-47-57.chain HTTP/1.1
Host: content-signature-2.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
x-amz-id-2: FP2XKwmBKmNPnkmpNjQvhTk5z0PuJbqpL9rUvaFPjgKp3jrImMZR9kyM8fvCKGjExWQvsq+UUMf1v+P8Kg95VQ==
x-amz-request-id: XJXJME102WBC6TBR
content-disposition: attachment
accept-ranges: bytes
server: AmazonS3
content-length: 5348
via: 1.1 google
date: Tue, 27 Dec 2022 07:57:46 GMT
age: 2331
last-modified: Tue, 20 Dec 2022 14:47:58 GMT
etag: "b1fcd419a4245617397846e8d17233f6"
content-type: binary/octet-stream
cache-control: public,max-age=3600
alt-svc: clear
X-Firefox-Spdy: h2
contile.services.mozilla.com/v1/tiles
200 OK 12 B URL HTTP/2 contile.services.mozilla.com/v1/tiles
IP
File type JSON data\012- , ASCII text, with no line terminators
Hash 23e88fb7b99543fb33315b29b1fad9d6
a48926c4ec03c7c8a4e8dffcd31e5a6cdda417ce
7d8f1de8b7de7bc21dfb546a1d0c51bf31f16eee5fad49dbceae1e76da38e5c3
GET /v1/tiles HTTP/1.1
Host: contile.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
date: Tue, 27 Dec 2022 08:36:37 GMT
content-type: application/json
content-length: 12
vary: Origin, Access-Control-Request-Method, Access-Control-Request-Headers
access-control-expose-headers: content-type
access-control-allow-credentials: true
strict-transport-security: max-age=31536000
via: 1.1 google
alt-svc: clear
X-Firefox-Spdy: h2
firefox.settings.services.mozilla.com/v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US
200 OK 329 B URL HTTP/2 firefox.settings.services.mozilla.com/v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US
IP
File type JSON data\012- , ASCII text, with very long lines (329), with no line terminators
Hash 0333b0655111aa68de771adfcc4db243
63f295a144ac87a7c8e23417626724eeca68a7eb
60636eb1dc67c9ed000fe0b49f03777ad6f549cb1d2b9ff010cf198465ae6300
GET /v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US HTTP/1.1
Host: firefox.settings.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/json
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/json
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
access-control-allow-origin: *
access-control-expose-headers: Content-Length, ETag, Pragma, Last-Modified, Expires, Alert, Content-Type, Retry-After, Cache-Control, Backoff
content-security-policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
content-length: 329
via: 1.1 google
date: Tue, 27 Dec 2022 08:33:30 GMT
age: 188
last-modified: Fri, 25 Mar 2022 17:45:46 GMT
etag: "1648230346554"
content-type: application/json
cache-control: max-age=3600,public
alt-svc: clear
X-Firefox-Spdy: h2
ocsp.digicert.com/
200 OK 471 B IP
Hash 68ee4e2891b5a52719997e4ef8cb7aab
ae2e49eff010551d7f3dcf005a51530ee2910480
2bae50a834a34f248f6a79cf6f191dcf709c24b884f2d3da7fa43985c6b2d48b
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 5000
Cache-Control: max-age=93210
Content-Type: application/ocsp-response
Date: Tue, 27 Dec 2022 08:36:38 GMT
Etag: "63a96428-1d7"
Expires: Wed, 28 Dec 2022 10:30:08 GMT
Last-Modified: Mon, 26 Dec 2022 09:06:48 GMT
Server: ECS (ska/F71C)
X-Cache: HIT
Content-Length: 471
push.services.mozilla.com/
101 Switching Protocols 0 B URL HTTP/1.1 push.services.mozilla.com/
IP
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET / HTTP/1.1
Host: push.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Sec-WebSocket-Version: 13
Origin: wss://push.services.mozilla.com/
Sec-WebSocket-Protocol: push-notification
Sec-WebSocket-Extensions: permessage-deflate
Sec-WebSocket-Key: xCI/gChyMMaMfdHF080Tjg==
Connection: keep-alive, Upgrade
Sec-Fetch-Dest: websocket
Sec-Fetch-Mode: websocket
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
Upgrade: websocket
HTTP/1.1 101 Switching Protocols
Connection: Upgrade
Upgrade: websocket
Sec-WebSocket-Accept: lvhuaDU76pLH24kSD4yAlMyz2mE=
ocsp.pki.goog/gts1c3
200 OK 472 B IP
Hash 61a0335d08ecaa2574fae8b5ef184b04
a6d728d35a7e28adb6cda1f23001a3bdc0d27e92
f9ab46ecf7a7741411d4164b0b8ffc256d345486480b940246ee9728d0cad2c3
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Tue, 27 Dec 2022 08:36:38 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
apis.google.com/js/platform.js
200 OK 21 kB URL HTTP/2 apis.google.com/js/platform.js
IP
File type ASCII text, with very long lines (1429)
Hash 1cc36f699291ba29dab9ec0f885b281b
d536f8bda7d333c21eae8e3d816d690402adb90c
6b20ce0ec6b6c57b33e8118f8d5d3c501ede61b8589ebab71d411b81d0fae994
GET /js/platform.js HTTP/1.1
Host: apis.google.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://post.bemcon.co.uk/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
content-type: text/javascript
access-control-allow-origin: *
content-security-policy: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/gapi-team
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="gapi-team"
report-to: {"group":"gapi-team","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/gapi-team"}]}
timing-allow-origin: *
content-length: 20933
date: Tue, 27 Dec 2022 08:36:38 GMT
expires: Tue, 27 Dec 2022 08:36:38 GMT
cache-control: private, max-age=1800, stale-while-revalidate=1800
etag: "4fcbc207c89b8c6c"
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
200 OK 472 B IP
Hash c77f7447ba7820276d1ac891e88fee86
fd8aaa5cea881578d44ea5dd7a203c1d81ca1908
06655edfa86ea943cc8e188d953b4dc230b18a98c7268177edb9c728ceeacb33
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Tue, 27 Dec 2022 08:36:38 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.pki.goog/gts1c3
200 OK 471 B IP
Hash 5d3978967108a479b633f820f75e3371
e8dba45f8d70fac26a8d3f4c05afce32231ca23d
29c90351aec95c22fbddc08ce6a1b8223186fc4215e2d522238bf4bff36f2d8a
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Tue, 27 Dec 2022 08:36:39 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
www.googletagmanager.com/gtag/js?id=UA-117111585-4
200 OK 45 kB URL HTTP/2 www.googletagmanager.com/gtag/js?id=UA-117111585-4
IP
File type ASCII text, with very long lines (1921)
Hash 4671ce73346dba465f79e5818794a895
beb619c216f30f9ba0f19af4a0502e5d71aa2916
05c5b2a4d511f1e1e7dfe69014f63ecc2585d61808e470a56989eeb61ddbc4c3
GET /gtag/js?id=UA-117111585-4 HTTP/1.1
Host: www.googletagmanager.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://post.bemcon.co.uk/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
content-encoding: br
vary: Accept-Encoding
date: Tue, 27 Dec 2022 08:36:39 GMT
expires: Tue, 27 Dec 2022 08:36:39 GMT
cache-control: private, max-age=900
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
server: Google Tag Manager
content-length: 44633
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
200 OK 471 B IP
Hash 5d3978967108a479b633f820f75e3371
e8dba45f8d70fac26a8d3f4c05afce32231ca23d
29c90351aec95c22fbddc08ce6a1b8223186fc4215e2d522238bf4bff36f2d8a
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Tue, 27 Dec 2022 08:36:40 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
r3.o.lencr.org/
200 OK 503 B IP
ASN #20940 Akamai International B.V.
Hash 5b2790419bb1f19fd29300d548278b98
64671f1c88a1271e9bcda28ac13a01e330a2a07e
1ce1ca2a9d6783fa668b57c8764e8c3a17fde26812161af8ce8096b3691b9279
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "1CE1CA2A9D6783FA668B57C8764E8C3A17FDE26812161AF8CE8096B3691B9279"
Last-Modified: Sun, 25 Dec 2022 04:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=10383
Expires: Tue, 27 Dec 2022 11:29:43 GMT
Date: Tue, 27 Dec 2022 08:36:40 GMT
Connection: keep-alive
r3.o.lencr.org/
200 OK 503 B IP
ASN #20940 Akamai International B.V.
Hash 5b2790419bb1f19fd29300d548278b98
64671f1c88a1271e9bcda28ac13a01e330a2a07e
1ce1ca2a9d6783fa668b57c8764e8c3a17fde26812161af8ce8096b3691b9279
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "1CE1CA2A9D6783FA668B57C8764E8C3A17FDE26812161AF8CE8096B3691B9279"
Last-Modified: Sun, 25 Dec 2022 04:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=10383
Expires: Tue, 27 Dec 2022 11:29:43 GMT
Date: Tue, 27 Dec 2022 08:36:40 GMT
Connection: keep-alive
r3.o.lencr.org/
200 OK 503 B IP
ASN #20940 Akamai International B.V.
Hash 5b2790419bb1f19fd29300d548278b98
64671f1c88a1271e9bcda28ac13a01e330a2a07e
1ce1ca2a9d6783fa668b57c8764e8c3a17fde26812161af8ce8096b3691b9279
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "1CE1CA2A9D6783FA668B57C8764E8C3A17FDE26812161AF8CE8096B3691B9279"
Last-Modified: Sun, 25 Dec 2022 04:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=10383
Expires: Tue, 27 Dec 2022 11:29:43 GMT
Date: Tue, 27 Dec 2022 08:36:40 GMT
Connection: keep-alive
r3.o.lencr.org/
200 OK 503 B IP
ASN #20940 Akamai International B.V.
Hash 5b2790419bb1f19fd29300d548278b98
64671f1c88a1271e9bcda28ac13a01e330a2a07e
1ce1ca2a9d6783fa668b57c8764e8c3a17fde26812161af8ce8096b3691b9279
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "1CE1CA2A9D6783FA668B57C8764E8C3A17FDE26812161AF8CE8096B3691B9279"
Last-Modified: Sun, 25 Dec 2022 04:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=10383
Expires: Tue, 27 Dec 2022 11:29:43 GMT
Date: Tue, 27 Dec 2022 08:36:40 GMT
Connection: keep-alive
r3.o.lencr.org/
200 OK 503 B IP
ASN #20940 Akamai International B.V.
Hash 5b2790419bb1f19fd29300d548278b98
64671f1c88a1271e9bcda28ac13a01e330a2a07e
1ce1ca2a9d6783fa668b57c8764e8c3a17fde26812161af8ce8096b3691b9279
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "1CE1CA2A9D6783FA668B57C8764E8C3A17FDE26812161AF8CE8096B3691B9279"
Last-Modified: Sun, 25 Dec 2022 04:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=10383
Expires: Tue, 27 Dec 2022 11:29:43 GMT
Date: Tue, 27 Dec 2022 08:36:40 GMT
Connection: keep-alive
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fa82486e0-c76d-434a-8a96-425b9a1a59ba.jpeg
200 OK 9.3 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fa82486e0-c76d-434a-8a96-425b9a1a59ba.jpeg
IP
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash ea5eddeb14380ea8cac42aa38148db64
7c114dabd868011f04129602f8b1453cdf319afc
de8361a33abff7d78e8c87eb563f66f0aff9b23069b3136cfb132a5b9a17f377
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fa82486e0-c76d-434a-8a96-425b9a1a59ba.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 9262
x-amzn-requestid: 35b8f5ad-65a3-42c8-92b9-b5fdf1b54163
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: diVs6HH1oAMFRhQ=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63a4031f-0588e63179f4cb152d048f03;Sampled=0
x-amzn-remapped-date: Thu, 22 Dec 2022 07:11:27 GMT
x-amz-cf-pop: SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: eb-FvrQ0mNDlvCFDWNUWeK_g0i3k62Jtoh0I5nnLysyI27dmB2OqrA==
via: 1.1 0c96ded7ff282d2dbcf47c918b6bb500.cloudfront.net (CloudFront), 1.1 57a21088b36c69a83578b5a5579df58e.cloudfront.net (CloudFront), 1.1 google
date: Mon, 26 Dec 2022 11:43:33 GMT
age: 75187
etag: "7c114dabd868011f04129602f8b1453cdf319afc"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fdd11b2a1-5fcd-4814-ab49-29cd5bc6d436.jpeg
200 OK 12 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fdd11b2a1-5fcd-4814-ab49-29cd5bc6d436.jpeg
IP
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 8dfaac9e14198dfaa9db2d01c9ef304e
2f6bbbabb48431a27150219ef872d1ca10c73399
2c4fad9cc8a8c0ee6f54cc4eeb905eee1d8f028a528e3c8deb01f2c0cef250cd
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fdd11b2a1-5fcd-4814-ab49-29cd5bc6d436.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 12451
x-amzn-requestid: 1fd618ca-f052-4a46-9b71-04a5df1f858c
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: dxfYVFHqIAMFWPA=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63aa129b-658fe5884efdcebb567d3747;Sampled=0
x-amzn-remapped-date: Mon, 26 Dec 2022 21:31:07 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: rP7UvSlN0uYvoMo5af_T1_A-41sONiTOxS7noQ7RMo9atlXmwPdhAQ==
via: 1.1 d1151317ba32afe0e6370fd69fed222e.cloudfront.net (CloudFront), 1.1 943c6a4d4ee43b18ee91634536f53eae.cloudfront.net (CloudFront), 1.1 google
date: Mon, 26 Dec 2022 21:44:56 GMT
age: 39104
etag: "2f6bbbabb48431a27150219ef872d1ca10c73399"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fef44ad19-0b5d-4bb2-a2c9-a499aca4825c.jpeg
200 OK 11 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fef44ad19-0b5d-4bb2-a2c9-a499aca4825c.jpeg
IP
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 9ab2cf11fcbaeef5a5d38966128a5cae
e50dabaf242a56c09ae12d9f38c6fc25c6f4ab44
3612699b16f9df6fae82ae04ad5729d3d67e029ca51875c3a8674d7654ca89a5
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fef44ad19-0b5d-4bb2-a2c9-a499aca4825c.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 11315
x-amzn-requestid: 3f56eb54-8bee-44b3-8e60-4699e8f67eca
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: dxfXYEJcoAMFXdw=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63aa1295-2d1bd54e458370ac4216c07a;Sampled=0
x-amzn-remapped-date: Mon, 26 Dec 2022 21:31:01 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: VuxwGgd3RaM3CHAEeJEHHPeL9NhStc5ioUDzX5gz4VHa69an9AIOzQ==
via: 1.1 00f0a41f749793b9dd653153037c957e.cloudfront.net (CloudFront), 1.1 61bc723adb3b1884ed759711e84e13a8.cloudfront.net (CloudFront), 1.1 google
date: Mon, 26 Dec 2022 21:44:56 GMT
age: 39104
etag: "e50dabaf242a56c09ae12d9f38c6fc25c6f4ab44"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F305f952f-68d1-4090-b1d7-04817f0a2ab7.jpeg
200 OK 10 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F305f952f-68d1-4090-b1d7-04817f0a2ab7.jpeg
IP
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash be693dc109dd4beeee6f7f3ae2061dae
349168c24483cf12e3c10e176643b5f02316cbf4
2e4cf6b6d7f4e75d4dfd631a76a921734f3824563f039a6da20826d0bb3afc0d
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F305f952f-68d1-4090-b1d7-04817f0a2ab7.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 10281
x-amzn-requestid: 6f952ba1-d992-4521-83f7-ce18a4b75798
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: dxfYMFdtIAMFwyA=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63aa129a-5b1ad9041a52fc8f049d37eb;Sampled=0
x-amzn-remapped-date: Mon, 26 Dec 2022 21:31:06 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: H3u62So8Z-Pe1gQiIpOjTUEvozSDuV3d2wZMKlZMDioFrtIwYjrV5Q==
via: 1.1 c7c3cdef911c9ee3c1a83a78f425dc5a.cloudfront.net (CloudFront), 1.1 b2f9564ebf9c745cc2ceae96d434977e.cloudfront.net (CloudFront), 1.1 google
date: Mon, 26 Dec 2022 21:44:56 GMT
age: 39104
etag: "349168c24483cf12e3c10e176643b5f02316cbf4"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F5b739b75-a9c5-402c-b5f2-61cb416f4622.jpeg
200 OK 11 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F5b739b75-a9c5-402c-b5f2-61cb416f4622.jpeg
IP
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash bf353b055c5b241dc127a5f348288bd7
967babae78ca060a48978d1a29a20b459fa89aa2
4def932d04f53426b80ac7f3f366e1e8af0c76670f94c9ebd613309e2982d433
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F5b739b75-a9c5-402c-b5f2-61cb416f4622.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 10796
x-amzn-requestid: 46bf3684-b3d9-4948-ab4b-09477cf5af0d
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: dxg-TEd2IAMF9jA=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63aa1528-4eebb1950a70fb2d3a718426;Sampled=0
x-amzn-remapped-date: Mon, 26 Dec 2022 21:42:00 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: t-fFjRek8hGyiY7C49TCIXNHjWLSjsyOh8duU4ZHsrRIhqNSwptK9g==
via: 1.1 00f0a41f749793b9dd653153037c957e.cloudfront.net (CloudFront), 1.1 82ea95080f526df99896343fb7269b06.cloudfront.net (CloudFront), 1.1 google
date: Mon, 26 Dec 2022 21:44:56 GMT
age: 39104
etag: "967babae78ca060a48978d1a29a20b459fa89aa2"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Ff5a31e2c-cb31-40bd-b9b8-cb71f5df8e78.jpeg
200 OK 12 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Ff5a31e2c-cb31-40bd-b9b8-cb71f5df8e78.jpeg
IP
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 1e5739dd2efa4395ff34d0f583eb9b63
3cd47e707d1fdf0e4c7a9d2a1fde0863f8c22563
d65a006dd8dac4ca209162fe70985aaad49435d2e74047c3b3c73053d7e1f5a3
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Ff5a31e2c-cb31-40bd-b9b8-cb71f5df8e78.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 11470
x-amzn-requestid: 2fa32c30-fdea-409d-aafa-dda3daeff901
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: dx7BmH2jIAMFwvA=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63aa3ed6-1c4909815b6c35250e610aa3;Sampled=0
x-amzn-remapped-date: Tue, 27 Dec 2022 00:39:50 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C2
x-cache: Miss from cloudfront
x-amz-cf-id: 49sf3ie2M7_VkzVvH82UoiQL0rhmapqtkSUgfq_Q1QRIGgdpUEnQbQ==
via: 1.1 28a7186077f9b5270d98dd053f31303e.cloudfront.net (CloudFront), 1.1 d8792dbd3191bbe722eba5b536b979c8.cloudfront.net (CloudFront), 1.1 google
date: Tue, 27 Dec 2022 01:08:30 GMT
etag: "3cd47e707d1fdf0e4c7a9d2a1fde0863f8c22563"
content-type: image/jpeg
age: 26890
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
apis.google.com/js/api:client.js
200 OK 6.9 kB URL HTTP/2 apis.google.com/js/api:client.js
IP
File type ASCII text, with very long lines (2054)
Hash d5fb71fec8bd8bd0dd6a8ec74c925847
0380160bb21009f1496c59f4d4f9d3a693c13fd3
8388e373a8ef3418e6ebea81f23111227d292a0bd120c3a043ff4454d8e1b82e
GET /js/api:client.js HTTP/1.1
Host: apis.google.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://post.bemcon.co.uk/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
content-type: text/javascript
access-control-allow-origin: *
content-security-policy: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/gapi-team
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="gapi-team"
report-to: {"group":"gapi-team","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/gapi-team"}]}
timing-allow-origin: *
content-length: 6898
date: Tue, 27 Dec 2022 08:36:40 GMT
expires: Tue, 27 Dec 2022 08:36:40 GMT
cache-control: private, max-age=1800, stale-while-revalidate=1800
etag: "ea434d44c5943aa1"
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
X-Firefox-Early-Data: accepted
ocsp.pki.goog/gts1c3
200 OK 472 B IP
Hash ae893eec23998fe856d6ee3df2163a80
d98cb1a1c82c429c2f6fdbbfb7461713c790da7a
24167e8036371493799d6fe42f5e00a0ea2e4a5b7eb70636a269a9aa78d1f712
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Tue, 27 Dec 2022 08:36:40 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.pki.goog/gts1c3
200 OK 472 B IP
Hash ae893eec23998fe856d6ee3df2163a80
d98cb1a1c82c429c2f6fdbbfb7461713c790da7a
24167e8036371493799d6fe42f5e00a0ea2e4a5b7eb70636a269a9aa78d1f712
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Tue, 27 Dec 2022 08:36:40 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ajax.googleapis.com/ajax/libs/webfont/1.6.26/webfont.js?ver=1.2.54.0
200 OK 5.4 kB URL HTTP/2 ajax.googleapis.com/ajax/libs/webfont/1.6.26/webfont.js?ver=1.2.54.0
IP
File type ASCII text, with very long lines (2134)
Hash 30ca3165d143baf2835023bfcf463450
62c662c0873b79a314c040fef28dcd29abb14480
4f405d00e8ced09d5826e3e070b7e4d3f3556f856ca790b0b4a2c2eaaf58d33b
GET /ajax/libs/webfont/1.6.26/webfont.js?ver=1.2.54.0 HTTP/1.1
Host: ajax.googleapis.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://post.bemcon.co.uk/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/hosted-libraries-pushers
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="hosted-libraries-pushers"
report-to: {"group":"hosted-libraries-pushers","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/hosted-libraries-pushers"}]}
timing-allow-origin: *
content-length: 5437
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Sun, 25 Dec 2022 12:32:23 GMT
expires: Mon, 25 Dec 2023 12:32:23 GMT
cache-control: public, max-age=31536000, stale-while-revalidate=2592000
age: 158657
last-modified: Tue, 03 Mar 2020 19:15:00 GMT
content-type: text/javascript; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
200 OK 471 B IP
Hash c369fc9c5758cbb293cdc023c7468824
064daa6d61388909a901160cdd648c9efbe6a8cd
f870eceff6ac7f9816fa4d8789f35ef91a00e55e40c8d6b48a397512c3a6de9d
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Tue, 27 Dec 2022 08:36:40 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.pki.goog/gts1c3
200 OK 472 B IP
Hash ae893eec23998fe856d6ee3df2163a80
d98cb1a1c82c429c2f6fdbbfb7461713c790da7a
24167e8036371493799d6fe42f5e00a0ea2e4a5b7eb70636a269a9aa78d1f712
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Tue, 27 Dec 2022 08:36:40 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.pki.goog/gts1c3
200 OK 472 B IP
Hash ae893eec23998fe856d6ee3df2163a80
d98cb1a1c82c429c2f6fdbbfb7461713c790da7a
24167e8036371493799d6fe42f5e00a0ea2e4a5b7eb70636a269a9aa78d1f712
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Tue, 27 Dec 2022 08:36:40 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
post.bemcon.co.uk/wp-content/litespeed/css/8fc53b56672390b70951c0eb8244ed80.css?ver=4ed80
200 OK 79 kB URL HTTP/2 post.bemcon.co.uk/wp-content/litespeed/css/8fc53b56672390b70951c0eb8244ed80.css?ver=4ed80
IP
File type ASCII text, with very long lines (18456), with no line terminators
Hash bcfceac359ce4ce6db388f82f57d296e
5a8db1345819082473bab064226cae04e93f35d2
40cefd0a5776522348dfae224a7f6cb1d565544ea2a5a11dd5b9c06c576963b6
Analyzer Verdict Alert fortinet Phishing
GET /wp-content/litespeed/css/8fc53b56672390b70951c0eb8244ed80.css?ver=4ed80 HTTP/1.1
Host: post.bemcon.co.uk
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://post.bemcon.co.uk/
Cookie: _lscache_vary=0ecd605272207d647f0e0abe9c8f5436; __cf_bm=rVOpc_ZAXULVFzJMgYCF3Jmb5ddhP9Aw_bgQnBMSCO0-1672130199-0-AWcvvxacEOH95kQrELG1h47NtcOHp3DbhWYvBI20WGbDDNstDvDw1Q2Krb5glS/uvg9RKupOEtYR/gc50XHWYjW6Zaq4UlZmYhbXdYznr2WmC0+SK2YV+bWcxhv0C/2gg2GBeVqm5gNGnvlyDytGOGo=
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
date: Tue, 27 Dec 2022 08:36:40 GMT
content-type: text/css
cache-control: public, max-age=31557600
cf-bgj: minify
cf-polished: origSize=18468
expires: Thu, 21 Dec 2023 14:38:21 GMT
last-modified: Wed, 21 Dec 2022 08:38:20 GMT
vary: Accept-Encoding,User-Agent,User-Agent
x-content-type-options: nosniff
x-turbo-charged-by: LiteSpeed
cf-cache-status: HIT
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=gPC3rh07L5F%2FMTOniWAroLZB%2BE3BhA9QjjmVwoWTVH49hve0JVBpoygtZgJz4dupA0XEWuWU2I3RHPnlR08Rf5TW4gCVMRdtQ7RD%2FI4lGR2JxlgWmAP4oW0I40ztbUsMXwjAlA%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 7800bad78d57b51d-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
post.bemcon.co.uk/wp-content/litespeed/js/41c67d642a26fa7c3ad14a35e6150bc8.js?ver=50bc8
200 OK 35 kB URL HTTP/2 post.bemcon.co.uk/wp-content/litespeed/js/41c67d642a26fa7c3ad14a35e6150bc8.js?ver=50bc8
IP
File type ASCII text, with very long lines (35252)
Hash bedcae810ce8c31f3998e88ac3cb0af4
7d95708608c3cb02e9374e46965fa508936b587b
1667c1c619c5b08baf9f7389bc3c82f482eec0a6066bb2da5448f9155247e0e7
GET /wp-content/litespeed/js/41c67d642a26fa7c3ad14a35e6150bc8.js?ver=50bc8 HTTP/1.1
Host: post.bemcon.co.uk
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://post.bemcon.co.uk/
Cookie: _lscache_vary=0ecd605272207d647f0e0abe9c8f5436; __cf_bm=rVOpc_ZAXULVFzJMgYCF3Jmb5ddhP9Aw_bgQnBMSCO0-1672130199-0-AWcvvxacEOH95kQrELG1h47NtcOHp3DbhWYvBI20WGbDDNstDvDw1Q2Krb5glS/uvg9RKupOEtYR/gc50XHWYjW6Zaq4UlZmYhbXdYznr2WmC0+SK2YV+bWcxhv0C/2gg2GBeVqm5gNGnvlyDytGOGo=
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
date: Tue, 27 Dec 2022 08:36:40 GMT
content-type: application/javascript
cache-control: public, max-age=31557600
cf-bgj: minify
cf-polished: origSize=67028
expires: Sun, 24 Dec 2023 04:21:32 GMT
last-modified: Fri, 23 Dec 2022 22:21:30 GMT
vary: Accept-Encoding,User-Agent,User-Agent
x-content-type-options: nosniff
x-turbo-charged-by: LiteSpeed
cf-cache-status: HIT
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=8l3uZkLRr1WseDzYFeVVZBIVNaagS1k%2FQ95j6vPSvb46kDAYAR19eUTpdkPmdzjXhRPt5G4OuWDDgsDYWPi2qzQrlEyXPCC2vVSfD2zPNN6S%2BW%2FYAiXFDYllXMcm9UF6E4GBpA%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 7800bad79d75b51d-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
post.bemcon.co.uk/wp-content/litespeed/js/496cd609b3138e0a8a1c02d6c91966a9.js?ver=966a9
200 OK 79 kB URL HTTP/2 post.bemcon.co.uk/wp-content/litespeed/js/496cd609b3138e0a8a1c02d6c91966a9.js?ver=966a9
IP
File type ASCII text, with very long lines (960)
Hash c0cd8f0b111adf9eb645ca55ca0d00b1
6a54e4b840da626b87359bedad7bb1c05da5f6ff
732e26c280ca626faa53f3699e262446450660a42f5dee1c8441c3f24a64ae2b
GET /wp-content/litespeed/js/496cd609b3138e0a8a1c02d6c91966a9.js?ver=966a9 HTTP/1.1
Host: post.bemcon.co.uk
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://post.bemcon.co.uk/
Cookie: _lscache_vary=0ecd605272207d647f0e0abe9c8f5436; __cf_bm=rVOpc_ZAXULVFzJMgYCF3Jmb5ddhP9Aw_bgQnBMSCO0-1672130199-0-AWcvvxacEOH95kQrELG1h47NtcOHp3DbhWYvBI20WGbDDNstDvDw1Q2Krb5glS/uvg9RKupOEtYR/gc50XHWYjW6Zaq4UlZmYhbXdYznr2WmC0+SK2YV+bWcxhv0C/2gg2GBeVqm5gNGnvlyDytGOGo=
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
date: Tue, 27 Dec 2022 08:36:40 GMT
content-type: application/javascript
cache-control: public, max-age=31557600
cf-bgj: minify
cf-polished: origSize=1154
expires: Fri, 22 Dec 2023 13:55:28 GMT
last-modified: Thu, 22 Dec 2022 07:55:27 GMT
vary: Accept-Encoding,User-Agent,User-Agent
x-content-type-options: nosniff
x-turbo-charged-by: LiteSpeed
cf-cache-status: HIT
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=pmUEZO7R5uZxPHhEhB%2BJboHwYCQl%2B2lhOxDUxdO1UmuPyr%2BleOoi%2FguaOBDuEtT80IHAzIYTO4qoAGrlBpnuMM7%2BK%2FkVwAI9sHW4lvXVm3YU1OXgrZK2LtGZPAExlfL5Lx2o6A%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 7800bad79d7ab51d-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
post.bemcon.co.uk/wp-content/litespeed/js/d0b668a25dd51b8cd24fa34a00b74f78.js?ver=74f78
200 OK 779 B URL HTTP/2 post.bemcon.co.uk/wp-content/litespeed/js/d0b668a25dd51b8cd24fa34a00b74f78.js?ver=74f78
IP
File type ASCII text, with very long lines (783), with no line terminators
Hash dea1872c1c24ae7ff2382291d65bc5a2
0d3f2bbdccedee733bb02f1eac867a09bd03fc65
61de30426de5f7824994d9e52c7edd55ce5b0407a58d263dda6d9b1fa080c845
GET /wp-content/litespeed/js/d0b668a25dd51b8cd24fa34a00b74f78.js?ver=74f78 HTTP/1.1
Host: post.bemcon.co.uk
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://post.bemcon.co.uk/
Cookie: _lscache_vary=0ecd605272207d647f0e0abe9c8f5436; __cf_bm=rVOpc_ZAXULVFzJMgYCF3Jmb5ddhP9Aw_bgQnBMSCO0-1672130199-0-AWcvvxacEOH95kQrELG1h47NtcOHp3DbhWYvBI20WGbDDNstDvDw1Q2Krb5glS/uvg9RKupOEtYR/gc50XHWYjW6Zaq4UlZmYhbXdYznr2WmC0+SK2YV+bWcxhv0C/2gg2GBeVqm5gNGnvlyDytGOGo=
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
date: Tue, 27 Dec 2022 08:36:40 GMT
content-type: application/javascript
cache-control: public, max-age=31557600
cf-bgj: minify
cf-polished: origSize=784
expires: Thu, 21 Dec 2023 07:11:06 GMT
last-modified: Wed, 21 Dec 2022 01:11:04 GMT
vary: Accept-Encoding,User-Agent,User-Agent
x-content-type-options: nosniff
x-turbo-charged-by: LiteSpeed
cf-cache-status: HIT
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=NSqOzuM1yzfBJqH8ultX5ZXHMMTh3fyno0hya8G6nguFXrhim8iPaM%2FgPUYFA1UXzJf9rWtf6mmpvnqR7aTWKbn2xDYSCx%2Fx5TIr62ZXsEqlKFy51XfmEJEaqOs9MlUIFXeLoQ%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 7800bad7cda4b51d-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
accounts.google.com/gsi/client?ver=6.1.1
200 OK 77 kB URL HTTP/2 accounts.google.com/gsi/client?ver=6.1.1
IP
Hash 3176cc4329f4c561993dc4a26c1c9526
4e96ec592e09ba93554836027d6a826fa3f24e64
13fe97141ee30f9494dd6adc44d22c831c9085a99c462d4035f86517893e9993
GET /gsi/client?ver=6.1.1 HTTP/1.1
Host: accounts.google.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://post.bemcon.co.uk/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
content-type: application/javascript; charset=utf-8
expires: Tue, 27 Dec 2022 08:36:40 GMT
date: Tue, 27 Dec 2022 08:36:40 GMT
cache-control: private, max-age=1800
content-security-policy: require-trusted-types-for 'script';report-uri https://csp.withgoogle.com/csp/identity-sign-in-google-http, script-src 'nonce-AlvyfA37G-eMX2-ViH258w' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/identity-sign-in-google-http
cross-origin-opener-policy-report-only: same-origin; report-to="coop_dd7de8473bddc59c6b748810a67a39b1"
report-to: {"group":"coop_dd7de8473bddc59c6b748810a67a39b1","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/dd7de8473bddc59c6b748810a67a39b1"}]}
cross-origin-resource-policy: cross-origin
content-encoding: gzip
server: ESF
x-xss-protection: 0
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
post.bemcon.co.uk/wp-content/litespeed/css/bac35c078609d3a951fc531bf7ecdd7a.css?ver=cdd7a
200 OK 32 kB URL HTTP/2 post.bemcon.co.uk/wp-content/litespeed/css/bac35c078609d3a951fc531bf7ecdd7a.css?ver=cdd7a
IP
File type ASCII text, with very long lines (3809), with no line terminators
Hash 9b9a449be30eb803c6d17e56c63a5cb3
fb10287e54a5c1690b4147a3fba66bba0fac58ce
89fa2674bf2b4ee11f93a113c940fff93b6810376adcd489ddf6580b5347c5f9
Analyzer Verdict Alert fortinet Phishing
GET /wp-content/litespeed/css/bac35c078609d3a951fc531bf7ecdd7a.css?ver=cdd7a HTTP/1.1
Host: post.bemcon.co.uk
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://post.bemcon.co.uk/
Cookie: _lscache_vary=0ecd605272207d647f0e0abe9c8f5436; __cf_bm=rVOpc_ZAXULVFzJMgYCF3Jmb5ddhP9Aw_bgQnBMSCO0-1672130199-0-AWcvvxacEOH95kQrELG1h47NtcOHp3DbhWYvBI20WGbDDNstDvDw1Q2Krb5glS/uvg9RKupOEtYR/gc50XHWYjW6Zaq4UlZmYhbXdYznr2WmC0+SK2YV+bWcxhv0C/2gg2GBeVqm5gNGnvlyDytGOGo=
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
date: Tue, 27 Dec 2022 08:36:40 GMT
content-type: text/css
cache-control: public, max-age=31557600
cf-bgj: minify
cf-polished: origSize=3810
expires: Tue, 28 Nov 2023 19:44:17 GMT
last-modified: Mon, 28 Nov 2022 13:44:09 GMT
vary: Accept-Encoding,User-Agent,User-Agent
x-content-type-options: nosniff
x-turbo-charged-by: LiteSpeed
cf-cache-status: HIT
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=qLKPxCLarccigmPcB%2B%2Fm9C%2BQNzF8N%2FC6FSkR52b8vV1uCIjOTobVkUyK1flj6%2BgXM1mKykhAqfZ4CC9LXZTvrMDj2S%2FlWhzMIqg6ePNrBL%2BxLMrOiDsVY06HlAkPJN8QbkBKsQ%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 7800bad78d55b51d-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
fonts.gstatic.com/s/montserrat/v25/JTUSjIg1_i6t8kCHKm459Wlhyw.woff2
200 OK 31 kB URL HTTP/2 fonts.gstatic.com/s/montserrat/v25/JTUSjIg1_i6t8kCHKm459Wlhyw.woff2
IP
File type Web Open Font Format (Version 2), TrueType, length 30928, version 1.0\012- data
Hash ac0d2859ea5f8fd6bcb3c305c08ec184
7f6c17e3e592cd8bd346b9cc261d8dd961b8aef7
ae919a7c9f25f0fd97fc18e398ae8e453fcaae487e4a4cb4f896e7fecde4a780
GET /s/montserrat/v25/JTUSjIg1_i6t8kCHKm459Wlhyw.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://post.bemcon.co.uk
Connection: keep-alive
Referer: https://fonts.googleapis.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 30928
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Fri, 23 Dec 2022 07:08:09 GMT
expires: Sat, 23 Dec 2023 07:08:09 GMT
cache-control: public, max-age=31536000
age: 350912
last-modified: Mon, 11 Jul 2022 18:57:39 GMT
content-type: font/woff2
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
post.bemcon.co.uk/wp-content/litespeed/js/0e24547e87fbc223fc3b100e6be9af12.js?ver=9af12
200 OK 46 kB URL HTTP/2 post.bemcon.co.uk/wp-content/litespeed/js/0e24547e87fbc223fc3b100e6be9af12.js?ver=9af12
IP
File type Unicode text, UTF-8 text, with very long lines (8192)
Hash 49f1762e9b344e9a2a750f2eccf337d3
0ea0e1147ca65dad4624669f1da7ac712c094f27
c9cf6916ee7307cb16ff58cf6b5cfac066cc6590fb4785f52b84381f92860c56
GET /wp-content/litespeed/js/0e24547e87fbc223fc3b100e6be9af12.js?ver=9af12 HTTP/1.1
Host: post.bemcon.co.uk
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://post.bemcon.co.uk/
Cookie: _lscache_vary=0ecd605272207d647f0e0abe9c8f5436; __cf_bm=rVOpc_ZAXULVFzJMgYCF3Jmb5ddhP9Aw_bgQnBMSCO0-1672130199-0-AWcvvxacEOH95kQrELG1h47NtcOHp3DbhWYvBI20WGbDDNstDvDw1Q2Krb5glS/uvg9RKupOEtYR/gc50XHWYjW6Zaq4UlZmYhbXdYznr2WmC0+SK2YV+bWcxhv0C/2gg2GBeVqm5gNGnvlyDytGOGo=
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
date: Tue, 27 Dec 2022 08:36:40 GMT
content-type: application/javascript
cache-control: public, max-age=31557600
cf-bgj: minify
cf-polished: origSize=21442
expires: Thu, 21 Dec 2023 07:11:06 GMT
last-modified: Wed, 21 Dec 2022 01:11:04 GMT
vary: Accept-Encoding,User-Agent,User-Agent
x-content-type-options: nosniff
x-turbo-charged-by: LiteSpeed
cf-cache-status: HIT
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=BogtTbe3BOKGb7wN22XykTIUaAU0JzwNWL5G%2Fxw0fwJMh1o1eEAzNFvbH3XM3HXlXpVn5HDBNYMWp3eEN%2Fw8jiHYQZXL2%2FhTwt8d5t%2BnHjJayNIZ%2FeucREq7z7zEvgc5KswCDw%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 7800bad78d67b51d-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
post.bemcon.co.uk/wp-content/litespeed/js/674ed211622492b3620fc546699a58d1.js?ver=a58d1
200 OK 52 kB URL HTTP/2 post.bemcon.co.uk/wp-content/litespeed/js/674ed211622492b3620fc546699a58d1.js?ver=a58d1
IP
File type ASCII text, with very long lines (18145)
Hash 17295292fefc2661da80452dea65bc3b
44c02868007a937f1c0c8809222bd1957649cc08
19205f863aa115d2092863368df2c0b4edb41b04e93f2d7d5a687e5df35b3809
GET /wp-content/litespeed/js/674ed211622492b3620fc546699a58d1.js?ver=a58d1 HTTP/1.1
Host: post.bemcon.co.uk
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://post.bemcon.co.uk/
Cookie: _lscache_vary=0ecd605272207d647f0e0abe9c8f5436; __cf_bm=rVOpc_ZAXULVFzJMgYCF3Jmb5ddhP9Aw_bgQnBMSCO0-1672130199-0-AWcvvxacEOH95kQrELG1h47NtcOHp3DbhWYvBI20WGbDDNstDvDw1Q2Krb5glS/uvg9RKupOEtYR/gc50XHWYjW6Zaq4UlZmYhbXdYznr2WmC0+SK2YV+bWcxhv0C/2gg2GBeVqm5gNGnvlyDytGOGo=
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
date: Tue, 27 Dec 2022 08:36:40 GMT
content-type: application/javascript
cache-control: public, max-age=31557600
cf-bgj: minify
cf-polished: origSize=18326
expires: Sun, 17 Dec 2023 20:29:13 GMT
last-modified: Fri, 16 Dec 2022 12:45:47 GMT
vary: Accept-Encoding,User-Agent,User-Agent
x-content-type-options: nosniff
x-turbo-charged-by: LiteSpeed
cf-cache-status: HIT
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=4FdLZTtZS9H3m4girOL2i8Z37tWwAMoc4URe1SK3oyVDSAaw%2BPo7fDcsfMBzAS2RuAZ%2BfkQp029OWuPGsyCmeEIvAiQ0fqXZEMaBIzTaLlW7ZPdy2x7GuITFqnHTRYe%2FdW%2FSIg%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 7800bad79d77b51d-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
post.bemcon.co.uk/wp-content/litespeed/js/cfeb6882fa381b14d2a7813da0f97281.js?ver=97281
200 OK 38 kB URL HTTP/2 post.bemcon.co.uk/wp-content/litespeed/js/cfeb6882fa381b14d2a7813da0f97281.js?ver=97281
IP
File type ASCII text, with very long lines (25115)
Hash 8c3ea4b6761fe7530841fff951c34da3
582819c535d72b751bb717ea8f7ba37cae338765
6e9824783451388771c7317c88a8f6677a803d2b0dda02d2d7ef20336bcf66e6
GET /wp-content/litespeed/js/cfeb6882fa381b14d2a7813da0f97281.js?ver=97281 HTTP/1.1
Host: post.bemcon.co.uk
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://post.bemcon.co.uk/
Cookie: _lscache_vary=0ecd605272207d647f0e0abe9c8f5436; __cf_bm=rVOpc_ZAXULVFzJMgYCF3Jmb5ddhP9Aw_bgQnBMSCO0-1672130199-0-AWcvvxacEOH95kQrELG1h47NtcOHp3DbhWYvBI20WGbDDNstDvDw1Q2Krb5glS/uvg9RKupOEtYR/gc50XHWYjW6Zaq4UlZmYhbXdYznr2WmC0+SK2YV+bWcxhv0C/2gg2GBeVqm5gNGnvlyDytGOGo=
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
date: Tue, 27 Dec 2022 08:36:40 GMT
content-type: application/javascript
cache-control: public, max-age=31557600
cf-bgj: minify
cf-polished: origSize=25204
expires: Fri, 22 Dec 2023 13:55:28 GMT
last-modified: Thu, 22 Dec 2022 07:55:27 GMT
vary: Accept-Encoding,User-Agent,User-Agent
x-content-type-options: nosniff
x-turbo-charged-by: LiteSpeed
cf-cache-status: HIT
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=m0CiFnqOJ7eUykDIYCum0uMo1nrDptYtGilIsBOyXDJHt2AXVgYypD9jrhBoiovjYjWLfSt1Avu3dY84C4ZXHcljkAq2vPeYZCL%2FUyIH1B7bg%2B42S%2Fv2EpRCmOt1Lk3Qm5vnXg%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 7800bad79d7bb51d-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
post.bemcon.co.uk/wp-content/litespeed/js/48dacf856126aebc7aa3c111b6fc993f.js?ver=c993f
200 OK 15 kB URL HTTP/2 post.bemcon.co.uk/wp-content/litespeed/js/48dacf856126aebc7aa3c111b6fc993f.js?ver=c993f
IP
File type Unicode text, UTF-8 text, with very long lines (46785), with no line terminators
Hash fbae1a68d9f2cbf39f079805636a1b8d
2e546d3608bf8418c3e8cffdc4dc04e7b253217c
8f1d1d113e53f8acd082cdbe5f53ff10259cd998b1019895a318dabc39d4a2c7
GET /wp-content/litespeed/js/48dacf856126aebc7aa3c111b6fc993f.js?ver=c993f HTTP/1.1
Host: post.bemcon.co.uk
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://post.bemcon.co.uk/
Cookie: _lscache_vary=0ecd605272207d647f0e0abe9c8f5436; __cf_bm=rVOpc_ZAXULVFzJMgYCF3Jmb5ddhP9Aw_bgQnBMSCO0-1672130199-0-AWcvvxacEOH95kQrELG1h47NtcOHp3DbhWYvBI20WGbDDNstDvDw1Q2Krb5glS/uvg9RKupOEtYR/gc50XHWYjW6Zaq4UlZmYhbXdYznr2WmC0+SK2YV+bWcxhv0C/2gg2GBeVqm5gNGnvlyDytGOGo=
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
date: Tue, 27 Dec 2022 08:36:40 GMT
content-type: application/javascript
cache-control: public, max-age=31557600
cf-bgj: minify
cf-polished: origSize=46788
expires: Fri, 22 Dec 2023 13:55:28 GMT
last-modified: Thu, 22 Dec 2022 07:55:27 GMT
vary: Accept-Encoding,User-Agent,User-Agent
x-content-type-options: nosniff
x-turbo-charged-by: LiteSpeed
cf-cache-status: HIT
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=4TNASl9s4sJp2CQNzfy957zrsiJJlHvKaW948GOUUGj6id7FhQeGdOS%2FbrpMbaTjv1oBolhtpw%2BOMruLCc1%2FMlUzBvLkgk4ippQkXSkTaDUwSGhxjUYlxaJ%2B9ZpNCXP2EsBa1A%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 7800bad78d61b51d-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
post.bemcon.co.uk/wp-content/litespeed/js/c02407f3a53e2199915cf07dbb0b824c.js?ver=b824c
200 OK 62 kB URL HTTP/2 post.bemcon.co.uk/wp-content/litespeed/js/c02407f3a53e2199915cf07dbb0b824c.js?ver=b824c
IP
File type ASCII text, with very long lines (21561), with no line terminators
Hash 4319e69aae5e5c64c7b46b5da4ca62b4
c166fdfbc1bbed49d8248397688ac87a47d2af4b
f92bd2cb1c4bec489af60b04f2e676846cd5fa1465bd50fc6cc039367096eb4d
GET /wp-content/litespeed/js/c02407f3a53e2199915cf07dbb0b824c.js?ver=b824c HTTP/1.1
Host: post.bemcon.co.uk
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://post.bemcon.co.uk/
Cookie: _lscache_vary=0ecd605272207d647f0e0abe9c8f5436; __cf_bm=rVOpc_ZAXULVFzJMgYCF3Jmb5ddhP9Aw_bgQnBMSCO0-1672130199-0-AWcvvxacEOH95kQrELG1h47NtcOHp3DbhWYvBI20WGbDDNstDvDw1Q2Krb5glS/uvg9RKupOEtYR/gc50XHWYjW6Zaq4UlZmYhbXdYznr2WmC0+SK2YV+bWcxhv0C/2gg2GBeVqm5gNGnvlyDytGOGo=
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
date: Tue, 27 Dec 2022 08:36:40 GMT
content-type: application/javascript
cache-control: public, max-age=31557600
cf-bgj: minify
cf-polished: origSize=21565
expires: Thu, 21 Dec 2023 07:11:06 GMT
last-modified: Wed, 21 Dec 2022 01:11:04 GMT
vary: Accept-Encoding,User-Agent,User-Agent
x-content-type-options: nosniff
x-turbo-charged-by: LiteSpeed
cf-cache-status: HIT
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=koTUMdJ4FsqTV68W4bvwjhFCVwXUTEdt9E5IrcdnVipOrlR6WmH1j0RAXURHu18U9RKC7wOtfL%2F%2FuYe%2B6yPN7dv14UvYcAGxCPzru068fHBhNR72fgfGztXGzxodn6e7byyzuw%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 7800bad7ddb4b51d-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
post.bemcon.co.uk/wp-content/litespeed/js/22751959af562bd4e3e7c52467901958.js?ver=01958
200 OK 192 kB URL HTTP/2 post.bemcon.co.uk/wp-content/litespeed/js/22751959af562bd4e3e7c52467901958.js?ver=01958
IP
File type ASCII text, with very long lines (5297), with no line terminators
Size 192 kB (192116 bytes)
Hash 3b5da15998f1c83eea0cb9f2c2601c19
deb9dc37c0bb028cb9e3c20f4f50afc001bdaba6
d47a820079535f40a81b71bd75dbe4d821e8b33739e6e310265111a1adc09f58
GET /wp-content/litespeed/js/22751959af562bd4e3e7c52467901958.js?ver=01958 HTTP/1.1
Host: post.bemcon.co.uk
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://post.bemcon.co.uk/
Cookie: _lscache_vary=0ecd605272207d647f0e0abe9c8f5436; __cf_bm=rVOpc_ZAXULVFzJMgYCF3Jmb5ddhP9Aw_bgQnBMSCO0-1672130199-0-AWcvvxacEOH95kQrELG1h47NtcOHp3DbhWYvBI20WGbDDNstDvDw1Q2Krb5glS/uvg9RKupOEtYR/gc50XHWYjW6Zaq4UlZmYhbXdYznr2WmC0+SK2YV+bWcxhv0C/2gg2GBeVqm5gNGnvlyDytGOGo=
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
date: Tue, 27 Dec 2022 08:36:40 GMT
content-type: application/javascript
cache-control: public, max-age=31557600
cf-bgj: minify
cf-polished: origSize=5301
expires: Thu, 21 Dec 2023 14:38:23 GMT
last-modified: Wed, 21 Dec 2022 08:38:20 GMT
vary: Accept-Encoding,User-Agent,User-Agent
x-content-type-options: nosniff
x-turbo-charged-by: LiteSpeed
cf-cache-status: HIT
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=iL%2Fi1IZSdAsFqLiNTJ163uLgW0KigPOq3lXgcxascu%2Bx7o70X%2BTLWrf4jmSrUWKih34ccqVq%2B1mOn1xmQWF2eaF8ijr65JJDX72s7gIVaaOt7I%2BkclNi4GnPFJmWk8Gcyp44qA%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 7800bad7cda6b51d-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
post.bemcon.co.uk/wp-content/litespeed/js/2ce8fbe8ef02c5acbd0738fee37ec8c8.js?ver=ec8c8
200 OK 70 kB URL HTTP/2 post.bemcon.co.uk/wp-content/litespeed/js/2ce8fbe8ef02c5acbd0738fee37ec8c8.js?ver=ec8c8
IP
File type Unicode text, UTF-8 text, with very long lines (17820), with no line terminators
Hash aeb8a01108a6bc3b543208f0606db9ad
2d974235b4807854b0f4ad8fd7e15fccf41221e9
16e81a924341bd9e7b4f9d1b8d06a636687a62d66f8a89d0742d31db007b9d96
GET /wp-content/litespeed/js/2ce8fbe8ef02c5acbd0738fee37ec8c8.js?ver=ec8c8 HTTP/1.1
Host: post.bemcon.co.uk
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://post.bemcon.co.uk/
Cookie: _lscache_vary=0ecd605272207d647f0e0abe9c8f5436; __cf_bm=rVOpc_ZAXULVFzJMgYCF3Jmb5ddhP9Aw_bgQnBMSCO0-1672130199-0-AWcvvxacEOH95kQrELG1h47NtcOHp3DbhWYvBI20WGbDDNstDvDw1Q2Krb5glS/uvg9RKupOEtYR/gc50XHWYjW6Zaq4UlZmYhbXdYznr2WmC0+SK2YV+bWcxhv0C/2gg2GBeVqm5gNGnvlyDytGOGo=
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
date: Tue, 27 Dec 2022 08:36:40 GMT
content-type: application/javascript
cache-control: public, max-age=31557600
cf-bgj: minify
cf-polished: origSize=17825
expires: Thu, 21 Dec 2023 14:38:23 GMT
last-modified: Wed, 21 Dec 2022 08:38:20 GMT
vary: Accept-Encoding,User-Agent,User-Agent
x-content-type-options: nosniff
x-turbo-charged-by: LiteSpeed
cf-cache-status: HIT
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=f93%2By%2FCI%2FR8EmUvEICxr0srWdhmdXVZSGJeC31GqQDeM5552GzdEgOVfJFvgujNHiHAPBBM%2B4avcAtOieepM%2F0NrZ0JmOPnprA391vcIHvEMXz2IpZQ63MWqSDulflLUCKVV8A%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 7800bad7cdacb51d-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
post.bemcon.co.uk/wp-content/litespeed/js/8df24cefe66ccc25c0fceb0fbb1371d9.js?ver=371d9
200 OK 117 kB URL HTTP/2 post.bemcon.co.uk/wp-content/litespeed/js/8df24cefe66ccc25c0fceb0fbb1371d9.js?ver=371d9
IP
File type ASCII text, with very long lines (12199), with no line terminators
Size 117 kB (116760 bytes)
Hash 879dc4834599486b7e5bd860d57d3a0f
cafd4c8f2f06582b3833af76eb79a76e01ef1f10
9139efe1903664002200526bb310a97585528785c71e23ecba3ed4dd0069a6c2
GET /wp-content/litespeed/js/8df24cefe66ccc25c0fceb0fbb1371d9.js?ver=371d9 HTTP/1.1
Host: post.bemcon.co.uk
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://post.bemcon.co.uk/
Cookie: _lscache_vary=0ecd605272207d647f0e0abe9c8f5436; __cf_bm=rVOpc_ZAXULVFzJMgYCF3Jmb5ddhP9Aw_bgQnBMSCO0-1672130199-0-AWcvvxacEOH95kQrELG1h47NtcOHp3DbhWYvBI20WGbDDNstDvDw1Q2Krb5glS/uvg9RKupOEtYR/gc50XHWYjW6Zaq4UlZmYhbXdYznr2WmC0+SK2YV+bWcxhv0C/2gg2GBeVqm5gNGnvlyDytGOGo=
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
date: Tue, 27 Dec 2022 08:36:40 GMT
content-type: application/javascript
cache-control: public, max-age=31557600
cf-bgj: minify
cf-polished: origSize=12200
expires: Wed, 27 Dec 2023 11:54:45 GMT
last-modified: Tue, 27 Dec 2022 02:19:04 GMT
vary: Accept-Encoding,User-Agent,User-Agent
x-content-type-options: nosniff
x-turbo-charged-by: LiteSpeed
cf-cache-status: HIT
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=KsEKLf%2BUc%2FDD%2BSjVCYhbYCtAEURH3eVjsWWOncKEWNDtOAztNGPIKGAqAXfxp3BFK%2FqcI%2FT1e0XZxWYOPZz4sLi5q7wxex9DIflAUe6WJ5SW8mQIFDJxo9XJL%2F3DLFYtdfGCuQ%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 7800bad7bd8db51d-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
post.bemcon.co.uk/wp-content/litespeed/js/080bd9055596882272b34089c957bed7.js?ver=7bed7
200 OK 76 kB URL HTTP/2 post.bemcon.co.uk/wp-content/litespeed/js/080bd9055596882272b34089c957bed7.js?ver=7bed7
IP
File type ASCII text, with very long lines (535), with no line terminators
Hash 4cbe8423e1c4d3831cae4a44d9b74fd7
aca37b37435f8a20a6dce95ec3b0fbd0d08c8f68
64b3def1448af0ef5df49e286dc2fa3bf7d69777a2f44e00e563ca9aaab894db
GET /wp-content/litespeed/js/080bd9055596882272b34089c957bed7.js?ver=7bed7 HTTP/1.1
Host: post.bemcon.co.uk
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://post.bemcon.co.uk/
Cookie: _lscache_vary=0ecd605272207d647f0e0abe9c8f5436; __cf_bm=rVOpc_ZAXULVFzJMgYCF3Jmb5ddhP9Aw_bgQnBMSCO0-1672130199-0-AWcvvxacEOH95kQrELG1h47NtcOHp3DbhWYvBI20WGbDDNstDvDw1Q2Krb5glS/uvg9RKupOEtYR/gc50XHWYjW6Zaq4UlZmYhbXdYznr2WmC0+SK2YV+bWcxhv0C/2gg2GBeVqm5gNGnvlyDytGOGo=
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
date: Tue, 27 Dec 2022 08:36:40 GMT
content-type: application/javascript
cache-control: public, max-age=31557600
cf-bgj: minify
cf-polished: origSize=536
expires: Thu, 21 Dec 2023 14:38:23 GMT
last-modified: Wed, 21 Dec 2022 08:38:20 GMT
vary: Accept-Encoding,User-Agent,User-Agent
x-content-type-options: nosniff
x-turbo-charged-by: LiteSpeed
cf-cache-status: HIT
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=9P5irlHKjo%2FQZXH4OXeJQYA9q7koXIHZjqNBO9BcBgbQmvoOikxVNle6AphERd7kJ8IM%2BP698SQ4ZZpmHl%2FBq7TsmRvZZcLNi6I7PEhykOgD4rmR1OHBCu1gEgAFKEgUbwCY1Q%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 7800bad7bd9ab51d-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
post.bemcon.co.uk/wp-content/litespeed/js/52189adb7969e29c9e8d07516d37ec71.js?ver=7ec71
200 OK 367 kB URL HTTP/2 post.bemcon.co.uk/wp-content/litespeed/js/52189adb7969e29c9e8d07516d37ec71.js?ver=7ec71
IP
File type ASCII text, with very long lines (2621), with no line terminators
Size 367 kB (367242 bytes)
Hash f7754a0ca665658209d95e03373cb1c8
6082d179ac9f803714eda8bf07e6af80979d2b81
bd28cb3e47de019fb1ff7ba4fe9e4ada73715974195c4fb57c0d25ca80f2c8dc
GET /wp-content/litespeed/js/52189adb7969e29c9e8d07516d37ec71.js?ver=7ec71 HTTP/1.1
Host: post.bemcon.co.uk
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://post.bemcon.co.uk/
Cookie: _lscache_vary=0ecd605272207d647f0e0abe9c8f5436; __cf_bm=rVOpc_ZAXULVFzJMgYCF3Jmb5ddhP9Aw_bgQnBMSCO0-1672130199-0-AWcvvxacEOH95kQrELG1h47NtcOHp3DbhWYvBI20WGbDDNstDvDw1Q2Krb5glS/uvg9RKupOEtYR/gc50XHWYjW6Zaq4UlZmYhbXdYznr2WmC0+SK2YV+bWcxhv0C/2gg2GBeVqm5gNGnvlyDytGOGo=
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
date: Tue, 27 Dec 2022 08:36:40 GMT
content-type: application/javascript
cache-control: public, max-age=31557600
cf-bgj: minify
cf-polished: origSize=2622
expires: Thu, 21 Dec 2023 14:38:23 GMT
last-modified: Wed, 21 Dec 2022 08:38:20 GMT
vary: Accept-Encoding,User-Agent,User-Agent
x-content-type-options: nosniff
x-turbo-charged-by: LiteSpeed
cf-cache-status: HIT
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=CGzw4auVOphtC4rqOQtIeHZb77ym7aeS847r3KW3%2BQfGHDncKdWeSMOl9lls1n6grZsAbNihasdRFe6nu%2FWWUp38%2B88QVfujmYcm0jnCaaiKCR4vIDneZufaMgz8Qd1bX%2F0mNw%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 7800bad7bd90b51d-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
post.bemcon.co.uk/wp-content/litespeed/js/23554dbf39be903e0a7eaee96c062ea0.js?ver=62ea0
200 OK 93 kB URL HTTP/2 post.bemcon.co.uk/wp-content/litespeed/js/23554dbf39be903e0a7eaee96c062ea0.js?ver=62ea0
IP
File type ASCII text, with very long lines (10564)
Hash 5f6f46640574f825349f44cc93746506
1f7468cec9d37a45ed0c8ea6c392e49f6002af9b
e887a5fa0fb5dc7601ffe198ee955df74851161667b923ac6d3148fc97d89b94
GET /wp-content/litespeed/js/23554dbf39be903e0a7eaee96c062ea0.js?ver=62ea0 HTTP/1.1
Host: post.bemcon.co.uk
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://post.bemcon.co.uk/
Cookie: _lscache_vary=0ecd605272207d647f0e0abe9c8f5436; __cf_bm=rVOpc_ZAXULVFzJMgYCF3Jmb5ddhP9Aw_bgQnBMSCO0-1672130199-0-AWcvvxacEOH95kQrELG1h47NtcOHp3DbhWYvBI20WGbDDNstDvDw1Q2Krb5glS/uvg9RKupOEtYR/gc50XHWYjW6Zaq4UlZmYhbXdYznr2WmC0+SK2YV+bWcxhv0C/2gg2GBeVqm5gNGnvlyDytGOGo=
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
date: Tue, 27 Dec 2022 08:36:40 GMT
content-type: application/javascript
cache-control: public, max-age=31557600
cf-bgj: minify
cf-polished: origSize=10683
expires: Thu, 21 Dec 2023 14:38:23 GMT
last-modified: Wed, 21 Dec 2022 08:38:20 GMT
vary: Accept-Encoding,User-Agent,User-Agent
x-content-type-options: nosniff
x-turbo-charged-by: LiteSpeed
cf-cache-status: HIT
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=TDyvJuZsZ3Qdl%2FiNX0tsbyNuGZOByQ4nppaUvDJkMF7PMmL60DQMDvYjKmU9MccALau9z4%2BUJWp5H0WnL%2FlRMbIjIJpNeLtSG5lwFi8u08pJArmsqxhD4LVAUHiNC1cJdEHFUA%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 7800bad7bd91b51d-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
post.bemcon.co.uk/wp-content/litespeed/js/9361c35b8a36d4ced8e8a6539043ac71.js?ver=3ac71
200 OK 118 kB URL HTTP/2 post.bemcon.co.uk/wp-content/litespeed/js/9361c35b8a36d4ced8e8a6539043ac71.js?ver=3ac71
IP
File type ASCII text, with very long lines (65536), with no line terminators
Size 118 kB (117814 bytes)
Hash 27c856209b8cc81911af5ef5855240ce
40257a3a27b4161b31e1c922675450ba66ed0070
c51f2d8679a82b280b25206aaf398ef1d0392a7f4f3ac801cdbd9f54dc37afa1
GET /wp-content/litespeed/js/9361c35b8a36d4ced8e8a6539043ac71.js?ver=3ac71 HTTP/1.1
Host: post.bemcon.co.uk
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://post.bemcon.co.uk/
Cookie: _lscache_vary=0ecd605272207d647f0e0abe9c8f5436; __cf_bm=rVOpc_ZAXULVFzJMgYCF3Jmb5ddhP9Aw_bgQnBMSCO0-1672130199-0-AWcvvxacEOH95kQrELG1h47NtcOHp3DbhWYvBI20WGbDDNstDvDw1Q2Krb5glS/uvg9RKupOEtYR/gc50XHWYjW6Zaq4UlZmYhbXdYznr2WmC0+SK2YV+bWcxhv0C/2gg2GBeVqm5gNGnvlyDytGOGo=
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
date: Tue, 27 Dec 2022 08:36:40 GMT
content-type: application/javascript
cache-control: public, max-age=31557600
cf-bgj: minify
cf-polished: origSize=139154
expires: Thu, 21 Dec 2023 14:38:23 GMT
last-modified: Wed, 21 Dec 2022 08:38:20 GMT
vary: Accept-Encoding,User-Agent,User-Agent
x-content-type-options: nosniff
x-turbo-charged-by: LiteSpeed
cf-cache-status: HIT
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=wpGpPudEv9Y2FRCMcFSOrZYYon%2FeU4OCPq7PcZoOYs2dZFKV09TOfi798XkCyDQcZlHIIDVs4jAizeVDhBi9rExnQMVh%2BCHdCIlyxe0BtPonz09LKfCFWCBlAN6KszwVTjdyLQ%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 7800bad7bd8fb51d-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
post.bemcon.co.uk/wp-content/litespeed/js/fc477f2840af771586908952c0dcb389.js?ver=cb389
200 OK 57 kB URL HTTP/2 post.bemcon.co.uk/wp-content/litespeed/js/fc477f2840af771586908952c0dcb389.js?ver=cb389
IP
File type ASCII text, with very long lines (4908), with no line terminators
Hash edfd5e3848a4512f77ee0c34d99dc033
936a5a112a50a7804b66e6bd3379c27392f506d0
6aa14f3431513cd8fe034c6aa2e7131200121195ec33bb242000dc3ca315b0a1
GET /wp-content/litespeed/js/fc477f2840af771586908952c0dcb389.js?ver=cb389 HTTP/1.1
Host: post.bemcon.co.uk
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://post.bemcon.co.uk/
Cookie: _lscache_vary=0ecd605272207d647f0e0abe9c8f5436; __cf_bm=rVOpc_ZAXULVFzJMgYCF3Jmb5ddhP9Aw_bgQnBMSCO0-1672130199-0-AWcvvxacEOH95kQrELG1h47NtcOHp3DbhWYvBI20WGbDDNstDvDw1Q2Krb5glS/uvg9RKupOEtYR/gc50XHWYjW6Zaq4UlZmYhbXdYznr2WmC0+SK2YV+bWcxhv0C/2gg2GBeVqm5gNGnvlyDytGOGo=
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
date: Tue, 27 Dec 2022 08:36:40 GMT
content-type: application/javascript
cache-control: public, max-age=31557600
cf-bgj: minify
cf-polished: origSize=4912
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
expires: Tue, 28 Nov 2023 20:09:24 GMT
last-modified: Mon, 28 Nov 2022 14:09:23 GMT
vary: Accept-Encoding,User-Agent,User-Agent
x-content-type-options: nosniff
x-turbo-charged-by: LiteSpeed
cf-cache-status: HIT
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=P%2BNypFkaLOM7sb6rd3I21SytvxH9CMRTq31BudKfNLDqj7pKHYwnVtAaCPUJOBANZaLSUn6stNKnqbu6qn%2FjGklOnVCpZsX5hwPP5H550NYbp2RIAwGVAH5Re5sYS%2F71ioqLVg%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 7800bad7cdadb51d-OSL
content-encoding: br
X-Firefox-Spdy: h2
post.bemcon.co.uk/wp-content/litespeed/js/d3225d11ed601e1bbf67db506b1c6a41.js?ver=c6a41
200 OK 40 kB URL HTTP/2 post.bemcon.co.uk/wp-content/litespeed/js/d3225d11ed601e1bbf67db506b1c6a41.js?ver=c6a41
IP
Hash 97c74bc3d0046bd9690ec32be6c90fb7
731932a59b884bd32713d4ad0b1744ed74299d42
5d0b0ee80ec49402597d8db93a95d31349d97f6be94ec763a57a8507b2d37185
GET /wp-content/litespeed/js/d3225d11ed601e1bbf67db506b1c6a41.js?ver=c6a41 HTTP/1.1
Host: post.bemcon.co.uk
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://post.bemcon.co.uk/
Cookie: _lscache_vary=0ecd605272207d647f0e0abe9c8f5436; __cf_bm=rVOpc_ZAXULVFzJMgYCF3Jmb5ddhP9Aw_bgQnBMSCO0-1672130199-0-AWcvvxacEOH95kQrELG1h47NtcOHp3DbhWYvBI20WGbDDNstDvDw1Q2Krb5glS/uvg9RKupOEtYR/gc50XHWYjW6Zaq4UlZmYhbXdYznr2WmC0+SK2YV+bWcxhv0C/2gg2GBeVqm5gNGnvlyDytGOGo=
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
date: Tue, 27 Dec 2022 08:36:40 GMT
content-type: application/javascript
cache-control: public, max-age=31557600
cf-bgj: minify
cf-polished: origSize=10232
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
expires: Fri, 22 Dec 2023 13:55:28 GMT
last-modified: Thu, 22 Dec 2022 07:55:27 GMT
vary: Accept-Encoding,User-Agent,User-Agent
x-content-type-options: nosniff
x-turbo-charged-by: LiteSpeed
cf-cache-status: HIT
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=1l827rx3t8PMK54KzJlvMS5z2cN4ijBwMbDhXmKK181UsyUVedN7YgGbdm%2FQTZtQXZ7flEtyDJx2BsEUGeU2jeJ4aTuCk%2BrX5ZYSBjjf%2FMHhhn9bXhb9nMTwOLlOaNqD9lJkHg%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 7800bad7cdafb51d-OSL
content-encoding: br
X-Firefox-Spdy: h2
post.bemcon.co.uk/wp-content/litespeed/js/47d0396436e2cc0fa3f60d0198175d82.js?ver=75d82
200 OK 100 kB URL HTTP/2 post.bemcon.co.uk/wp-content/litespeed/js/47d0396436e2cc0fa3f60d0198175d82.js?ver=75d82
IP
File type ASCII text, with very long lines (40694), with no line terminators
Size 100 kB (100085 bytes)
Hash ba9aa7c7526bf41052159b3b26bcf6a1
e01aec9008f547d5eff8cf6d80146b4888abf7fe
7924b2702a4b97af236b960a4357bbfaa1a7ba249a38a8f43a44c305f1693618
GET /wp-content/litespeed/js/47d0396436e2cc0fa3f60d0198175d82.js?ver=75d82 HTTP/1.1
Host: post.bemcon.co.uk
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://post.bemcon.co.uk/
Cookie: _lscache_vary=0ecd605272207d647f0e0abe9c8f5436; __cf_bm=rVOpc_ZAXULVFzJMgYCF3Jmb5ddhP9Aw_bgQnBMSCO0-1672130199-0-AWcvvxacEOH95kQrELG1h47NtcOHp3DbhWYvBI20WGbDDNstDvDw1Q2Krb5glS/uvg9RKupOEtYR/gc50XHWYjW6Zaq4UlZmYhbXdYznr2WmC0+SK2YV+bWcxhv0C/2gg2GBeVqm5gNGnvlyDytGOGo=
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
date: Tue, 27 Dec 2022 08:36:40 GMT
content-type: application/javascript
cache-control: public, max-age=31557600
cf-bgj: minify
cf-polished: origSize=40698
expires: Fri, 08 Dec 2023 13:11:54 GMT
last-modified: Thu, 08 Dec 2022 07:11:46 GMT
vary: Accept-Encoding,User-Agent,User-Agent
x-content-type-options: nosniff
x-turbo-charged-by: LiteSpeed
cf-cache-status: HIT
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=SnvDogzdh38MukNU4AurVSRrkMDtaMm%2BGx3mblNFxAqXpT94qF%2F0a34xTuDY6j4M8WSp8FWogIwAaA0CfF0UJbJ0GmkiZdbEFtp4jy3CDQdV6pSvrFQVNfMwXwQ0iRvY%2FfGwnQ%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 7800bad7bd94b51d-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
post.bemcon.co.uk/wp-content/uploads//2020/05/hot-selling-sessions.svg
200 OK 85 kB URL HTTP/2 post.bemcon.co.uk/wp-content/uploads//2020/05/hot-selling-sessions.svg
IP
File type SVG Scalable Vector Graphics image\012- HTML document, ASCII text, with very long lines (1084)
Hash b976e3b2de386362636f78c9adde542a
af1a827decffc49a6656fda5c8a549ff18faed7a
d374f3da67e03852ccffd25a6644b1df54cb5c52cbe40beb1f60ca01a1ac3dec
Analyzer Verdict Alert fortinet Phishing
GET /wp-content/uploads//2020/05/hot-selling-sessions.svg HTTP/1.1
Host: post.bemcon.co.uk
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://post.bemcon.co.uk/
Cookie: _lscache_vary=0ecd605272207d647f0e0abe9c8f5436; __cf_bm=rVOpc_ZAXULVFzJMgYCF3Jmb5ddhP9Aw_bgQnBMSCO0-1672130199-0-AWcvvxacEOH95kQrELG1h47NtcOHp3DbhWYvBI20WGbDDNstDvDw1Q2Krb5glS/uvg9RKupOEtYR/gc50XHWYjW6Zaq4UlZmYhbXdYznr2WmC0+SK2YV+bWcxhv0C/2gg2GBeVqm5gNGnvlyDytGOGo=; _ga_94998W1T93=GS1.1.1672130198.1.0.1672130198.0.0.0; _ga=GA1.1.1242040011.1672130198
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
date: Tue, 27 Dec 2022 08:36:42 GMT
content-type: image/svg+xml
cache-control: public, max-age=31557600
expires: Fri, 22 Dec 2023 17:56:59 GMT
last-modified: Sat, 08 Aug 2020 14:48:40 GMT
vary: Accept-Encoding,User-Agent,User-Agent
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-turbo-charged-by: LiteSpeed
cf-cache-status: HIT
age: 5519
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=%2BahEVJFdtl47lWvbRWaNWNgoT%2B6v8WkUMopWB%2BpjuIENsHmnVNf6Tv%2F%2FSAclffHUmlh%2Bupo5STsqt98%2FUYF33URoW57iVq0a4VrBasVm38X02Roo85bgTexEJ5sTLBD%2BO1vyQw%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 7800bae2cbc9b51d-OSL
content-encoding: br
X-Firefox-Spdy: h2
post.bemcon.co.uk/wp-content/litespeed/js/59409ef1165033ee8ad4c59191716f85.js?ver=16f85
200 OK 76 kB URL HTTP/2 post.bemcon.co.uk/wp-content/litespeed/js/59409ef1165033ee8ad4c59191716f85.js?ver=16f85
IP
File type ASCII text, with very long lines (6476), with no line terminators
Hash d64595a4fd6d0d9405df8af00fec9898
1924472216c655dc5a51cc2498b36dc99365d0de
9346cc1f3837b4691547dfd6d2268ddaddaa96a44f34d38c9936a302091dd171
GET /wp-content/litespeed/js/59409ef1165033ee8ad4c59191716f85.js?ver=16f85 HTTP/1.1
Host: post.bemcon.co.uk
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://post.bemcon.co.uk/
Cookie: _lscache_vary=0ecd605272207d647f0e0abe9c8f5436; __cf_bm=rVOpc_ZAXULVFzJMgYCF3Jmb5ddhP9Aw_bgQnBMSCO0-1672130199-0-AWcvvxacEOH95kQrELG1h47NtcOHp3DbhWYvBI20WGbDDNstDvDw1Q2Krb5glS/uvg9RKupOEtYR/gc50XHWYjW6Zaq4UlZmYhbXdYznr2WmC0+SK2YV+bWcxhv0C/2gg2GBeVqm5gNGnvlyDytGOGo=
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
date: Tue, 27 Dec 2022 08:36:40 GMT
content-type: application/javascript
cache-control: public, max-age=31557600
cf-bgj: minify
cf-polished: origSize=6477
expires: Fri, 22 Dec 2023 13:55:28 GMT
last-modified: Thu, 22 Dec 2022 07:55:27 GMT
vary: Accept-Encoding,User-Agent,User-Agent
x-content-type-options: nosniff
x-turbo-charged-by: LiteSpeed
cf-cache-status: HIT
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=W6KnhRWOV6Iz1s1xumTbhqRiLRWO6rMj8sAmkl7Kvofd6OybwvkT1ijS6n8Qa%2FLD6CQ8WuonduqDEYCKv65TKMcK8SC6JzFN7FyLTNwDwxHqiwm19BWL1klc41egAkOU39jNsw%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 7800bad7cdaab51d-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
post.bemcon.co.uk/wp-content/litespeed/css/78cafe03c4240fb94d45f5cfa70a6530.css?ver=a6530
200 OK 29 kB URL HTTP/2 post.bemcon.co.uk/wp-content/litespeed/css/78cafe03c4240fb94d45f5cfa70a6530.css?ver=a6530
IP
File type ASCII text, with very long lines (921)
Hash e6568a5745ababb5fe56806525b9435a
1f57d9c80de213088b4519d420012a65fe3bf4b8
c938fa863b596ed182ceae8d483a0257be5b6564a4fe2e60b214a9865eec1a63
Analyzer Verdict Alert fortinet Phishing
GET /wp-content/litespeed/css/78cafe03c4240fb94d45f5cfa70a6530.css?ver=a6530 HTTP/1.1
Host: post.bemcon.co.uk
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://post.bemcon.co.uk/
Cookie: _lscache_vary=0ecd605272207d647f0e0abe9c8f5436; __cf_bm=rVOpc_ZAXULVFzJMgYCF3Jmb5ddhP9Aw_bgQnBMSCO0-1672130199-0-AWcvvxacEOH95kQrELG1h47NtcOHp3DbhWYvBI20WGbDDNstDvDw1Q2Krb5glS/uvg9RKupOEtYR/gc50XHWYjW6Zaq4UlZmYhbXdYznr2WmC0+SK2YV+bWcxhv0C/2gg2GBeVqm5gNGnvlyDytGOGo=
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
date: Tue, 27 Dec 2022 08:36:40 GMT
content-type: text/css
cache-control: public, max-age=31557600
cf-bgj: minify
cf-polished: origSize=999
expires: Thu, 21 Dec 2023 07:11:04 GMT
last-modified: Wed, 21 Dec 2022 01:11:04 GMT
vary: Accept-Encoding,User-Agent,User-Agent
x-content-type-options: nosniff
x-turbo-charged-by: LiteSpeed
cf-cache-status: HIT
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=E1ouodGz0WpG4ojjm%2B5cVuzVv0U7tu4IzlLnUkvUOlJJ%2B8ea4ujz1XSLgMvyUQ5tWkZsWv16pEBKPYcrzK6y9HpBLfUOBmXldaeLLH%2FF0tX1r9na6tBOZt6Jx2PjTNerXh4hvQ%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 7800bad75d25b51d-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
post.bemcon.co.uk/wp-content/uploads/2018/11/BEMCON-Logo-Resized-web.svg
200 OK 11 kB URL HTTP/2 post.bemcon.co.uk/wp-content/uploads/2018/11/BEMCON-Logo-Resized-web.svg
IP
Hash b04718b8f8f81141d21b280b1117a83e
62244626755a6afec9bdb98a26d6e84186685340
62722f7f9759a5167696f86c74d08c5fbf2d97ded205c543d8009a3e06891919
Analyzer Verdict Alert fortinet Phishing
GET /wp-content/uploads/2018/11/BEMCON-Logo-Resized-web.svg HTTP/1.1
Host: post.bemcon.co.uk
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://post.bemcon.co.uk/
Cookie: _lscache_vary=0ecd605272207d647f0e0abe9c8f5436; __cf_bm=rVOpc_ZAXULVFzJMgYCF3Jmb5ddhP9Aw_bgQnBMSCO0-1672130199-0-AWcvvxacEOH95kQrELG1h47NtcOHp3DbhWYvBI20WGbDDNstDvDw1Q2Krb5glS/uvg9RKupOEtYR/gc50XHWYjW6Zaq4UlZmYhbXdYznr2WmC0+SK2YV+bWcxhv0C/2gg2GBeVqm5gNGnvlyDytGOGo=; _ga_94998W1T93=GS1.1.1672130198.1.0.1672130198.0.0.0; _ga=GA1.1.1242040011.1672130198
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
date: Tue, 27 Dec 2022 08:36:42 GMT
content-type: image/svg+xml
cache-control: public, max-age=31557600
expires: Fri, 22 Dec 2023 16:46:15 GMT
last-modified: Tue, 06 Nov 2018 11:01:32 GMT
vary: Accept-Encoding,User-Agent,User-Agent
x-content-type-options: nosniff
x-turbo-charged-by: LiteSpeed
cf-cache-status: HIT
age: 5519
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=mlr9rnslKmAv0w7cvWIObPdK66qgBjPPP6DsgPelpTdiiA%2Ffo6Y7f5K0nZYCDjHk%2BGJniykgk1V5%2BnKXuUtFfbPLN003W2zcNySf94eT70s%2BURkzE5mU53NSh7N4mR1hI0OWiQ%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 7800bae2cbc7b51d-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
post.bemcon.co.uk/wp-content/uploads/2018/03/Round-Logo-150x150.jpg
200 OK 8.7 kB URL HTTP/2 post.bemcon.co.uk/wp-content/uploads/2018/03/Round-Logo-150x150.jpg
IP
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, comment: "CREATOR: gd-jpeg v1.0 (using IJG JPEG v62), quality = 82", baseline, precision 8, 150x150, components 3\012- data
Hash 2c08ba0e05cb35444703f37018a94dec
487bfe824d9ab1efd0697a4bbf4cb84b9d526950
fc078772c54557e510d8d0205a35a63e1b71ed71fa483fb8d198bb4e09622122
GET /wp-content/uploads/2018/03/Round-Logo-150x150.jpg HTTP/1.1
Host: post.bemcon.co.uk
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://post.bemcon.co.uk/
Cookie: _lscache_vary=0ecd605272207d647f0e0abe9c8f5436; __cf_bm=rVOpc_ZAXULVFzJMgYCF3Jmb5ddhP9Aw_bgQnBMSCO0-1672130199-0-AWcvvxacEOH95kQrELG1h47NtcOHp3DbhWYvBI20WGbDDNstDvDw1Q2Krb5glS/uvg9RKupOEtYR/gc50XHWYjW6Zaq4UlZmYhbXdYznr2WmC0+SK2YV+bWcxhv0C/2gg2GBeVqm5gNGnvlyDytGOGo=; _ga_94998W1T93=GS1.1.1672130198.1.0.1672130198.0.0.0; _ga=GA1.1.1242040011.1672130198
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
date: Tue, 27 Dec 2022 08:36:42 GMT
content-type: image/jpeg
content-length: 8724
cache-control: public, max-age=31557600
expires: Sun, 24 Dec 2023 04:46:58 GMT
last-modified: Mon, 28 Nov 2022 21:48:04 GMT
vary: User-Agent,User-Agent, Accept-Encoding
x-content-type-options: nosniff
x-turbo-charged-by: LiteSpeed
cf-cache-status: HIT
age: 5521
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=HO1dDD3U%2BpcBqwQ9tZAy0VLTsyexFr5yc1EomzCvVlCqQHZ%2BRTKJLQQ%2BW1gD1ZXSyKcjkyUpAbRmz2BNEAwoAyPvKRTffOAZ93za5UDrE00nNQJXDku0bfX1xewaFKUPHjk5lA%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 7800bae51e76b51d-OSL
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
apis.google.com/_/scs/abc-static/_/js/k=gapi.lb.en.ydLROSGdlBE.O/m=client/rt=j/sv=1/d=1/ed=1/rs=AHpOoo_OUY4V-VcsLuRVnUuYVO758FydkA/cb=gapi.loaded_0?le=scs
200 OK 107 kB URL HTTP/2 apis.google.com/_/scs/abc-static/_/js/k=gapi.lb.en.ydLROSGdlBE.O/m=client/rt=j/sv=1/d=1/ed=1/rs=AHpOoo_OUY4V-VcsLuRVnUuYVO758FydkA/cb=gapi.loaded_0?le=scs
IP
File type ASCII text, with very long lines (580)
Size 107 kB (106900 bytes)
Hash e315137709dd2705556dd4047ba4e592
bcb66d746e533bb9766005e2cd3db4d2cd447d71
f732fa0160c26f4a95c3d86254add96a9d09c00dddc6df4885621d1beed4be99
GET /_/scs/abc-static/_/js/k=gapi.lb.en.ydLROSGdlBE.O/m=client/rt=j/sv=1/d=1/ed=1/rs=AHpOoo_OUY4V-VcsLuRVnUuYVO758FydkA/cb=gapi.loaded_0?le=scs HTTP/1.1
Host: apis.google.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://post.bemcon.co.uk/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/social-frontend-mpm-access
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="social-frontend-mpm-access"
report-to: {"group":"social-frontend-mpm-access","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/social-frontend-mpm-access"}]}
content-length: 106900
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Mon, 26 Dec 2022 07:20:15 GMT
expires: Tue, 26 Dec 2023 07:20:15 GMT
cache-control: public, max-age=31536000
age: 90987
last-modified: Tue, 06 Dec 2022 15:21:53 GMT
content-type: text/javascript; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
apis.google.com/js/platform.js
200 OK 21 kB URL HTTP/2 apis.google.com/js/platform.js
IP
File type ASCII text, with very long lines (1429)
Hash 1cc36f699291ba29dab9ec0f885b281b
d536f8bda7d333c21eae8e3d816d690402adb90c
6b20ce0ec6b6c57b33e8118f8d5d3c501ede61b8589ebab71d411b81d0fae994
GET /js/platform.js HTTP/1.1
Host: apis.google.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://post.bemcon.co.uk/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
content-type: text/javascript
access-control-allow-origin: *
content-security-policy: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/gapi-team
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="gapi-team"
report-to: {"group":"gapi-team","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/gapi-team"}]}
timing-allow-origin: *
content-length: 20933
date: Tue, 27 Dec 2022 08:36:42 GMT
expires: Tue, 27 Dec 2022 08:36:42 GMT
cache-control: private, max-age=1800, stale-while-revalidate=1800
etag: "4fcbc207c89b8c6c"
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
www.google-analytics.com/analytics.js
200 OK 20 kB URL HTTP/2 www.google-analytics.com/analytics.js
IP
File type ASCII text, with very long lines (1325)
Hash 47e6f374ca946fddd5b59871b325736c
baa9282efc8785e84d247c3bff518eaa45f101c4
16580b5c87c58e5702e411f1888fdef511094e4cd6d62bb47d16291ffb25985e
GET /analytics.js HTTP/1.1
Host: www.google-analytics.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://post.bemcon.co.uk/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
strict-transport-security: max-age=10886400; includeSubDomains; preload
x-content-type-options: nosniff
vary: Accept-Encoding
content-encoding: gzip
cross-origin-resource-policy: cross-origin
server: Golfe2
content-length: 20039
date: Tue, 27 Dec 2022 06:41:11 GMT
expires: Tue, 27 Dec 2022 08:41:11 GMT
cache-control: public, max-age=7200
age: 6931
last-modified: Tue, 27 Sep 2022 22:01:05 GMT
content-type: text/javascript
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
www.google-analytics.com/analytics.js
200 OK 20 kB URL HTTP/2 www.google-analytics.com/analytics.js
IP
File type ASCII text, with very long lines (1325)
Hash 47e6f374ca946fddd5b59871b325736c
baa9282efc8785e84d247c3bff518eaa45f101c4
16580b5c87c58e5702e411f1888fdef511094e4cd6d62bb47d16291ffb25985e
GET /analytics.js HTTP/1.1
Host: www.google-analytics.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://post.bemcon.co.uk/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
strict-transport-security: max-age=10886400; includeSubDomains; preload
x-content-type-options: nosniff
vary: Accept-Encoding
content-encoding: gzip
cross-origin-resource-policy: cross-origin
server: Golfe2
content-length: 20039
date: Tue, 27 Dec 2022 06:41:11 GMT
expires: Tue, 27 Dec 2022 08:41:11 GMT
cache-control: public, max-age=7200
age: 6931
last-modified: Tue, 27 Sep 2022 22:01:05 GMT
content-type: text/javascript
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
post.bemcon.co.uk/wp-content/litespeed/js/0f6f00892e74dd7386f724fe5603dad2.js?ver=3dad2
200 OK 5.1 kB URL HTTP/2 post.bemcon.co.uk/wp-content/litespeed/js/0f6f00892e74dd7386f724fe5603dad2.js?ver=3dad2
IP
File type ASCII text, with very long lines (669), with no line terminators
Hash cc2c7f81692f01f5dc6ec8db7bebecb1
e03d51e138be7cdca4dda9f64c976ce9f773d430
d6fa8848ddbf86cf41790812a626ed18c43b92d101902d6ee58496a388416003
GET /wp-content/litespeed/js/0f6f00892e74dd7386f724fe5603dad2.js?ver=3dad2 HTTP/1.1
Host: post.bemcon.co.uk
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://post.bemcon.co.uk/
Cookie: _lscache_vary=0ecd605272207d647f0e0abe9c8f5436; __cf_bm=rVOpc_ZAXULVFzJMgYCF3Jmb5ddhP9Aw_bgQnBMSCO0-1672130199-0-AWcvvxacEOH95kQrELG1h47NtcOHp3DbhWYvBI20WGbDDNstDvDw1Q2Krb5glS/uvg9RKupOEtYR/gc50XHWYjW6Zaq4UlZmYhbXdYznr2WmC0+SK2YV+bWcxhv0C/2gg2GBeVqm5gNGnvlyDytGOGo=
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
date: Tue, 27 Dec 2022 08:36:40 GMT
content-type: application/javascript
cache-control: public, max-age=31557600
cf-bgj: minify
cf-polished: origSize=670
expires: Sat, 16 Dec 2023 12:13:16 GMT
last-modified: Thu, 15 Dec 2022 16:44:40 GMT
vary: Accept-Encoding,User-Agent,User-Agent
x-content-type-options: nosniff
x-turbo-charged-by: LiteSpeed
cf-cache-status: HIT
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=X6dTKKg1a38877%2FMuM9z8N6clspJRz1k8WydQXP3yZZDdL2spuLAa0xlnXiqDQps8DDjb%2FFxA%2BO5uv5mMWSrGkU%2Fy3ymw%2BtFMWlQtZQO5RM%2F9oqxXYrU9Y2Bpb0JseK%2B60VDCg%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 7800bad7cda5b51d-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
post.bemcon.co.uk/wp-content/uploads/2020/08/IADT-Level-3-HABC-300x300.jpg.webp
200 OK 18 kB URL HTTP/2 post.bemcon.co.uk/wp-content/uploads/2020/08/IADT-Level-3-HABC-300x300.jpg.webp
IP
File type gzip compressed data, max compression\012- data
Hash b9992abef973b938b6824a30d8735e2b
4e60fe4a8c14463d6f6aea4385dc352212b53c52
5b5e4275b17a290665bc1d3cca82844f8b76d7bb4e4634eb1da15e1448d658a8
Analyzer Verdict Alert fortinet Phishing
GET /wp-content/uploads/2020/08/IADT-Level-3-HABC-300x300.jpg.webp HTTP/1.1
Host: post.bemcon.co.uk
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://post.bemcon.co.uk/
Cookie: _lscache_vary=0ecd605272207d647f0e0abe9c8f5436; __cf_bm=rVOpc_ZAXULVFzJMgYCF3Jmb5ddhP9Aw_bgQnBMSCO0-1672130199-0-AWcvvxacEOH95kQrELG1h47NtcOHp3DbhWYvBI20WGbDDNstDvDw1Q2Krb5glS/uvg9RKupOEtYR/gc50XHWYjW6Zaq4UlZmYhbXdYznr2WmC0+SK2YV+bWcxhv0C/2gg2GBeVqm5gNGnvlyDytGOGo=; _ga_94998W1T93=GS1.1.1672130198.1.0.1672130198.0.0.0; _ga=GA1.3.1242040011.1672130198; _gid=GA1.3.933674146.1672130199; _gat_gtag_UA_117111585_4=1
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
date: Tue, 27 Dec 2022 08:36:42 GMT
content-type: image/webp
content-length: 18122
cache-control: public, max-age=31557600
expires: Thu, 21 Dec 2023 07:11:08 GMT
last-modified: Mon, 28 Nov 2022 16:12:14 GMT
vary: User-Agent,User-Agent, Accept-Encoding
x-content-type-options: nosniff
x-turbo-charged-by: LiteSpeed
cf-cache-status: HIT
age: 0
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=ZTlfwWHKKZwZNop82ThbuS5qXyIyiHEEGG3G5M1kzIL185r%2B7mGIhph3ADXj28CYJaNes0Nl6qeHxuwrNOGZ6EievoynD2oObzECLrUj2fh9shbyLh3BDPBIVPyB2QYWihCgVg%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 7800bae6a86bb51d-OSL
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
post.bemcon.co.uk/wp-content/uploads/2020/08/First-Aid-Level-3-OCT-2020-300x300.jpg.webp
200 OK 23 kB URL HTTP/2 post.bemcon.co.uk/wp-content/uploads/2020/08/First-Aid-Level-3-OCT-2020-300x300.jpg.webp
IP
File type RIFF (little-endian) data, Web/P image, VP8 encoding, 300x300, Scaling: [none]x[none], YUV color, decoders should clamp\012- data
Hash b96e2e3cd87985b8ad3790f8956abe94
bfcfd491837ff8b9309961f7bdef6f447734efd7
34fc5db04ce0f825e4410bc65c2790fc3315f0dbc3551f9819b4b4e20577a70c
Analyzer Verdict Alert fortinet Phishing
GET /wp-content/uploads/2020/08/First-Aid-Level-3-OCT-2020-300x300.jpg.webp HTTP/1.1
Host: post.bemcon.co.uk
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://post.bemcon.co.uk/
Cookie: _lscache_vary=0ecd605272207d647f0e0abe9c8f5436; __cf_bm=rVOpc_ZAXULVFzJMgYCF3Jmb5ddhP9Aw_bgQnBMSCO0-1672130199-0-AWcvvxacEOH95kQrELG1h47NtcOHp3DbhWYvBI20WGbDDNstDvDw1Q2Krb5glS/uvg9RKupOEtYR/gc50XHWYjW6Zaq4UlZmYhbXdYznr2WmC0+SK2YV+bWcxhv0C/2gg2GBeVqm5gNGnvlyDytGOGo=; _ga_94998W1T93=GS1.1.1672130198.1.0.1672130198.0.0.0; _ga=GA1.3.1242040011.1672130198; _gid=GA1.3.933674146.1672130199; _gat_gtag_UA_117111585_4=1
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
date: Tue, 27 Dec 2022 08:36:42 GMT
content-type: image/webp
content-length: 22766
cache-control: public, max-age=31557600
expires: Thu, 21 Dec 2023 07:11:08 GMT
last-modified: Mon, 28 Nov 2022 16:15:22 GMT
vary: User-Agent,User-Agent, Accept-Encoding
x-content-type-options: nosniff
x-turbo-charged-by: LiteSpeed
cf-cache-status: HIT
age: 0
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=gAh3fzkuUI%2F6uBlC9a5z4mqxGI1grqaqp0MfTfN1QpzVr0fPx4WZF2XXKMQeQZgCbQKFjCBPom3mO%2Bc5ZZbjrZeHb%2BDR9TS7Wgw%2FJlT%2FnXYnaKLSlFKLBJNpkafQMMieR%2FcsBw%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 7800bae6b87fb51d-OSL
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
post.bemcon.co.uk/wp-content/uploads/2020/08/First-Aid-Level-2-300x300.jpg.webp
200 OK 24 kB URL HTTP/2 post.bemcon.co.uk/wp-content/uploads/2020/08/First-Aid-Level-2-300x300.jpg.webp
IP
File type RIFF (little-endian) data, Web/P image, VP8 encoding, 300x300, Scaling: [none]x[none], YUV color, decoders should clamp\012- data
Hash 6203906a0d783d73c1f79c15e736f0ee
e700b25630fab112562695ddc65c47ba1585a792
eb625b0e80aa59e15ec3b77525bdf80f17bea8b5220817af685484b52eb90922
Analyzer Verdict Alert fortinet Phishing
GET /wp-content/uploads/2020/08/First-Aid-Level-2-300x300.jpg.webp HTTP/1.1
Host: post.bemcon.co.uk
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://post.bemcon.co.uk/
Cookie: _lscache_vary=0ecd605272207d647f0e0abe9c8f5436; __cf_bm=rVOpc_ZAXULVFzJMgYCF3Jmb5ddhP9Aw_bgQnBMSCO0-1672130199-0-AWcvvxacEOH95kQrELG1h47NtcOHp3DbhWYvBI20WGbDDNstDvDw1Q2Krb5glS/uvg9RKupOEtYR/gc50XHWYjW6Zaq4UlZmYhbXdYznr2WmC0+SK2YV+bWcxhv0C/2gg2GBeVqm5gNGnvlyDytGOGo=; _ga_94998W1T93=GS1.1.1672130198.1.0.1672130198.0.0.0; _ga=GA1.3.1242040011.1672130198; _gid=GA1.3.933674146.1672130199; _gat_gtag_UA_117111585_4=1
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
date: Tue, 27 Dec 2022 08:36:42 GMT
content-type: image/webp
content-length: 23958
cache-control: public, max-age=31557600
expires: Sun, 17 Dec 2023 20:29:13 GMT
last-modified: Mon, 28 Nov 2022 16:15:34 GMT
vary: User-Agent,User-Agent, Accept-Encoding
x-content-type-options: nosniff
x-turbo-charged-by: LiteSpeed
cf-cache-status: HIT
age: 0
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Iw%2BnCN5gTLAbUw3S0YO2RHKUMVSK2QWnkftOcwF8q5xywmu8Acwg3VfrtZ34s%2FpG4tJ%2Fi%2FrxDgZGVHX2i%2BGBCMQ2Lwj7n753n0bcT2fpwUEgiAl9oUj1WAW%2FQHHOApUNkylOIg%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 7800bae6b880b51d-OSL
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
post.bemcon.co.uk/wp-content/uploads/2022/12/Project-Management-Professional-Header-300x300.jpg.webp
200 OK 20 kB URL HTTP/2 post.bemcon.co.uk/wp-content/uploads/2022/12/Project-Management-Professional-Header-300x300.jpg.webp
IP
File type RIFF (little-endian) data, Web/P image, VP8 encoding, 300x300, Scaling: [none]x[none], YUV color, decoders should clamp\012- data
Hash a1f569aaeaffca22ff42fa6d38d4f4c1
71008a6904c9e5a7244855117dd603ea2ef080f9
6535ab28c4e668de8fcd05c1ebf872867350eb03b6f11910df7c996681573d9a
Analyzer Verdict Alert fortinet Phishing
GET /wp-content/uploads/2022/12/Project-Management-Professional-Header-300x300.jpg.webp HTTP/1.1
Host: post.bemcon.co.uk
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://post.bemcon.co.uk/
Cookie: _lscache_vary=0ecd605272207d647f0e0abe9c8f5436; __cf_bm=rVOpc_ZAXULVFzJMgYCF3Jmb5ddhP9Aw_bgQnBMSCO0-1672130199-0-AWcvvxacEOH95kQrELG1h47NtcOHp3DbhWYvBI20WGbDDNstDvDw1Q2Krb5glS/uvg9RKupOEtYR/gc50XHWYjW6Zaq4UlZmYhbXdYznr2WmC0+SK2YV+bWcxhv0C/2gg2GBeVqm5gNGnvlyDytGOGo=; _ga_94998W1T93=GS1.1.1672130198.1.0.1672130198.0.0.0; _ga=GA1.3.1242040011.1672130198; _gid=GA1.3.933674146.1672130199; _gat_gtag_UA_117111585_4=1
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
date: Tue, 27 Dec 2022 08:36:42 GMT
content-type: image/webp
content-length: 19606
cache-control: public, max-age=31557600
expires: Wed, 27 Dec 2023 11:59:53 GMT
last-modified: Tue, 27 Dec 2022 05:53:47 GMT
vary: User-Agent,User-Agent, Accept-Encoding
x-content-type-options: nosniff
x-turbo-charged-by: LiteSpeed
cf-cache-status: HIT
age: 0
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=IRarznX8Me3HC4Jzqy8pcMK%2FV%2Fa%2BJMuRA3jAzKrxET4CvMVKKeRTphjCk2s4aqTbBO4%2BDHQDwu5z3AGUprg%2BY407jKbVOQa%2BZXORQKm2vkBfBDTXw8AwKRbp89TWIOfHQWVU4g%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 7800bae6b882b51d-OSL
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
post.bemcon.co.uk/wp-content/uploads/2022/12/Six-Sigma-Belts-Training-300x300.jpg.webp
200 OK 22 kB URL HTTP/2 post.bemcon.co.uk/wp-content/uploads/2022/12/Six-Sigma-Belts-Training-300x300.jpg.webp
IP
File type RIFF (little-endian) data, Web/P image, VP8 encoding, 300x300, Scaling: [none]x[none], YUV color, decoders should clamp\012- data
Hash b0590fd0e640d6012625530eb6d67430
ac668c803b163cf22535547fd0f8d04abc610487
352d21c648708f78061e8c48b9d8a784bce8a58ec73131e7ed9e75e45a5eda4a
Analyzer Verdict Alert fortinet Phishing
GET /wp-content/uploads/2022/12/Six-Sigma-Belts-Training-300x300.jpg.webp HTTP/1.1
Host: post.bemcon.co.uk
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://post.bemcon.co.uk/
Cookie: _lscache_vary=0ecd605272207d647f0e0abe9c8f5436; __cf_bm=rVOpc_ZAXULVFzJMgYCF3Jmb5ddhP9Aw_bgQnBMSCO0-1672130199-0-AWcvvxacEOH95kQrELG1h47NtcOHp3DbhWYvBI20WGbDDNstDvDw1Q2Krb5glS/uvg9RKupOEtYR/gc50XHWYjW6Zaq4UlZmYhbXdYznr2WmC0+SK2YV+bWcxhv0C/2gg2GBeVqm5gNGnvlyDytGOGo=; _ga_94998W1T93=GS1.1.1672130198.1.0.1672130198.0.0.0; _ga=GA1.3.1242040011.1672130198; _gid=GA1.3.933674146.1672130199; _gat_gtag_UA_117111585_4=1
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
date: Tue, 27 Dec 2022 08:36:42 GMT
content-type: image/webp
content-length: 21800
cache-control: public, max-age=31557600
expires: Thu, 21 Dec 2023 14:38:23 GMT
last-modified: Sun, 18 Dec 2022 10:27:40 GMT
vary: User-Agent,User-Agent, Accept-Encoding
x-content-type-options: nosniff
x-turbo-charged-by: LiteSpeed
cf-cache-status: HIT
age: 0
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=%2BM%2F2c8Et%2BHRrmm27e1MoLqu%2BZ6ALjBaB%2FLusb6%2BQ9OzEebrHI3gxXbkNIjAQlwYwfiEEvaegnQAwDGPYvQAfn9nHVTZVsj85SE53FIwJqV8XafhyU2yEhL3vToMaDhGvQ2smkA%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 7800bae6b885b51d-OSL
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
post.bemcon.co.uk/wp-content/uploads/2021/10/Root-Cause-Analysis-RCA-2021-Web-300x300.jpg.webp
200 OK 27 kB URL HTTP/2 post.bemcon.co.uk/wp-content/uploads/2021/10/Root-Cause-Analysis-RCA-2021-Web-300x300.jpg.webp
IP
File type RIFF (little-endian) data, Web/P image, VP8 encoding, 300x300, Scaling: [none]x[none], YUV color, decoders should clamp\012- data
Hash 625aa770b46869167361d2228226c92e
46cd13f0f94dce172a50c15533df0db3f2a19187
92b17bfd55ef5cd16fbf6001515a1a9e6ae7c673f6fd5a4fc8d4b721b9d59152
Analyzer Verdict Alert fortinet Phishing
GET /wp-content/uploads/2021/10/Root-Cause-Analysis-RCA-2021-Web-300x300.jpg.webp HTTP/1.1
Host: post.bemcon.co.uk
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://post.bemcon.co.uk/
Cookie: _lscache_vary=0ecd605272207d647f0e0abe9c8f5436; __cf_bm=rVOpc_ZAXULVFzJMgYCF3Jmb5ddhP9Aw_bgQnBMSCO0-1672130199-0-AWcvvxacEOH95kQrELG1h47NtcOHp3DbhWYvBI20WGbDDNstDvDw1Q2Krb5glS/uvg9RKupOEtYR/gc50XHWYjW6Zaq4UlZmYhbXdYznr2WmC0+SK2YV+bWcxhv0C/2gg2GBeVqm5gNGnvlyDytGOGo=; _ga_94998W1T93=GS1.1.1672130198.1.0.1672130198.0.0.0; _ga=GA1.3.1242040011.1672130198; _gid=GA1.3.933674146.1672130199; _gat_gtag_UA_117111585_4=1
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
date: Tue, 27 Dec 2022 08:36:42 GMT
content-type: image/webp
content-length: 26672
cache-control: public, max-age=31557600
expires: Tue, 28 Nov 2023 20:17:04 GMT
last-modified: Mon, 28 Nov 2022 14:11:20 GMT
vary: User-Agent,User-Agent, Accept-Encoding
x-content-type-options: nosniff
x-turbo-charged-by: LiteSpeed
cf-cache-status: HIT
age: 0
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Yl0KldOxj5sxXcVopIh1XKJ4ypXJUvgo4kXTOERrzgFi3vFJ%2BgFMLThRKa2d9XCWCwpFJUX9DF64wmeZLw%2BuNbZNqpKxBVGPXoJTOJIaY4rGYDeFExuATA%2Bi52l9fgrWES5U5w%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 7800bae6b887b51d-OSL
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
post.bemcon.co.uk/wp-content/uploads/2022/11/Food-Safety-Culture-Programs-300x300.jpg.webp
200 OK 24 kB URL HTTP/2 post.bemcon.co.uk/wp-content/uploads/2022/11/Food-Safety-Culture-Programs-300x300.jpg.webp
IP
File type RIFF (little-endian) data, Web/P image, VP8 encoding, 300x300, Scaling: [none]x[none], YUV color, decoders should clamp\012- data
Hash 9023c5a9788c89cc9d6887277a5d805e
8f6003376c45f202118ad8915dc6f66575f033c2
973d18f16f85201804561edea4843f8a3e724998f505a6654edf95781ab0ba78
Analyzer Verdict Alert fortinet Phishing
GET /wp-content/uploads/2022/11/Food-Safety-Culture-Programs-300x300.jpg.webp HTTP/1.1
Host: post.bemcon.co.uk
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://post.bemcon.co.uk/
Cookie: _lscache_vary=0ecd605272207d647f0e0abe9c8f5436; __cf_bm=rVOpc_ZAXULVFzJMgYCF3Jmb5ddhP9Aw_bgQnBMSCO0-1672130199-0-AWcvvxacEOH95kQrELG1h47NtcOHp3DbhWYvBI20WGbDDNstDvDw1Q2Krb5glS/uvg9RKupOEtYR/gc50XHWYjW6Zaq4UlZmYhbXdYznr2WmC0+SK2YV+bWcxhv0C/2gg2GBeVqm5gNGnvlyDytGOGo=; _ga_94998W1T93=GS1.1.1672130198.1.0.1672130198.0.0.0; _ga=GA1.3.1242040011.1672130198; _gid=GA1.3.933674146.1672130199; _gat_gtag_UA_117111585_4=1
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
date: Tue, 27 Dec 2022 08:36:42 GMT
content-type: image/webp
content-length: 23530
cache-control: public, max-age=31557600
expires: Fri, 22 Dec 2023 17:56:59 GMT
last-modified: Mon, 28 Nov 2022 14:02:47 GMT
vary: User-Agent,User-Agent, Accept-Encoding
x-content-type-options: nosniff
x-turbo-charged-by: LiteSpeed
cf-cache-status: HIT
age: 0
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=0esfxCk8%2BnIHzRHTr7FQI3Ajea38KTvbFBXT%2FVZcetplAadUF4E2nEEKDsPkfRgT2wxJ%2BJtWXzE3KJyfEps8yOoKXM24Vm6NL2I2zU1DMsNbW9OAF7Yn14jD40B8Mwp%2BIr7OlA%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 7800bae6c88fb51d-OSL
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
post.bemcon.co.uk/wp-content/uploads/2020/08/Fire-Safety-Level-3-Mail-Campaign-289x300.jpg.webp
200 OK 31 kB URL HTTP/2 post.bemcon.co.uk/wp-content/uploads/2020/08/Fire-Safety-Level-3-Mail-Campaign-289x300.jpg.webp
IP
File type RIFF (little-endian) data, Web/P image, VP8 encoding, 289x300, Scaling: [none]x[none], YUV color, decoders should clamp\012- data
Hash 3414e87fb6c66bf33d16cd06736e32bb
56ba124345879c29ce340a78f721b54eae9cfced
6f5a6b1ca0d0d66a7e2349f892f85fae86bcce1a0e9bd815c6cbd2cdca0b4fe1
Analyzer Verdict Alert fortinet Phishing
GET /wp-content/uploads/2020/08/Fire-Safety-Level-3-Mail-Campaign-289x300.jpg.webp HTTP/1.1
Host: post.bemcon.co.uk
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://post.bemcon.co.uk/
Cookie: _lscache_vary=0ecd605272207d647f0e0abe9c8f5436; __cf_bm=rVOpc_ZAXULVFzJMgYCF3Jmb5ddhP9Aw_bgQnBMSCO0-1672130199-0-AWcvvxacEOH95kQrELG1h47NtcOHp3DbhWYvBI20WGbDDNstDvDw1Q2Krb5glS/uvg9RKupOEtYR/gc50XHWYjW6Zaq4UlZmYhbXdYznr2WmC0+SK2YV+bWcxhv0C/2gg2GBeVqm5gNGnvlyDytGOGo=; _ga_94998W1T93=GS1.1.1672130198.1.0.1672130198.0.0.0; _ga=GA1.3.1242040011.1672130198; _gid=GA1.3.933674146.1672130199; _gat_gtag_UA_117111585_4=1
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
date: Tue, 27 Dec 2022 08:36:42 GMT
content-type: image/webp
content-length: 30552
cache-control: public, max-age=31557600
expires: Thu, 21 Dec 2023 14:38:24 GMT
last-modified: Mon, 28 Nov 2022 16:15:46 GMT
vary: User-Agent,User-Agent, Accept-Encoding
x-content-type-options: nosniff
x-turbo-charged-by: LiteSpeed
cf-cache-status: HIT
age: 0
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=SFr%2BvQrCouk2E1L0cbdY9246AsS50kRbIe%2Fu1uYl4jCBHFpQHDjGa73uOaVVvmzfy3rDQai7Ggz7R%2BKRJnU0Ynj%2FCxB8mlTU01SEcTn7rDB9E3NtU8MBP9AG0oXpOrlGpOQ9jA%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 7800bae6b881b51d-OSL
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
post.bemcon.co.uk/wp-content/uploads/2022/08/BRCGS-header-300x300.jpg.webp
200 OK 18 kB URL HTTP/2 post.bemcon.co.uk/wp-content/uploads/2022/08/BRCGS-header-300x300.jpg.webp
IP
File type RIFF (little-endian) data, Web/P image, VP8 encoding, 300x300, Scaling: [none]x[none], YUV color, decoders should clamp\012- data
Hash 811aef940765a75bd8318b30e665a6eb
a286ae48067f8b8e29ec2ec8d920558486a53792
fa3a61bb91c63d702546f633d2b165e494f6b2c90a8b54e672b9de78ec7ae36f
Analyzer Verdict Alert fortinet Phishing
GET /wp-content/uploads/2022/08/BRCGS-header-300x300.jpg.webp HTTP/1.1
Host: post.bemcon.co.uk
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://post.bemcon.co.uk/
Cookie: _lscache_vary=0ecd605272207d647f0e0abe9c8f5436; __cf_bm=rVOpc_ZAXULVFzJMgYCF3Jmb5ddhP9Aw_bgQnBMSCO0-1672130199-0-AWcvvxacEOH95kQrELG1h47NtcOHp3DbhWYvBI20WGbDDNstDvDw1Q2Krb5glS/uvg9RKupOEtYR/gc50XHWYjW6Zaq4UlZmYhbXdYznr2WmC0+SK2YV+bWcxhv0C/2gg2GBeVqm5gNGnvlyDytGOGo=; _ga_94998W1T93=GS1.1.1672130198.1.0.1672130198.0.0.0; _ga=GA1.3.1242040011.1672130198; _gid=GA1.3.933674146.1672130199; _gat_gtag_UA_117111585_4=1
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
date: Tue, 27 Dec 2022 08:36:42 GMT
content-type: image/webp
content-length: 18484
cache-control: public, max-age=31557600
expires: Fri, 22 Dec 2023 17:56:59 GMT
last-modified: Mon, 28 Nov 2022 14:07:12 GMT
vary: User-Agent,User-Agent, Accept-Encoding
x-content-type-options: nosniff
x-turbo-charged-by: LiteSpeed
cf-cache-status: HIT
age: 0
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=h13kjkB93wqjRfS6f1loUdfam9cQzTTSozffJgoMTrv0tVd0%2FqzuUwjOk3Ei%2BD0miQ7ujhK8sKWFakKLDpuoqMmLyV1j3yus1Y%2B5TuaBrsN883LgTfoZGarvWwjmJYkrtPa7jA%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 7800bae6c891b51d-OSL
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
post.bemcon.co.uk/wp-content/uploads/2020/08/ISO-17025-2017-Header-300x300.jpg.webp
200 OK 26 kB URL HTTP/2 post.bemcon.co.uk/wp-content/uploads/2020/08/ISO-17025-2017-Header-300x300.jpg.webp
IP
File type RIFF (little-endian) data, Web/P image, VP8 encoding, 300x300, Scaling: [none]x[none], YUV color, decoders should clamp\012- data
Hash 9411fa4ca3eb8efd69af511686c41a40
73e2deb9b9c3c900de60ce44a57ae671a87cd3b7
305e762714a0a74c1617aacaa46935c5317744eeb17b86ba452d7afe8ed039c9
Analyzer Verdict Alert fortinet Phishing
GET /wp-content/uploads/2020/08/ISO-17025-2017-Header-300x300.jpg.webp HTTP/1.1
Host: post.bemcon.co.uk
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://post.bemcon.co.uk/
Cookie: _lscache_vary=0ecd605272207d647f0e0abe9c8f5436; __cf_bm=rVOpc_ZAXULVFzJMgYCF3Jmb5ddhP9Aw_bgQnBMSCO0-1672130199-0-AWcvvxacEOH95kQrELG1h47NtcOHp3DbhWYvBI20WGbDDNstDvDw1Q2Krb5glS/uvg9RKupOEtYR/gc50XHWYjW6Zaq4UlZmYhbXdYznr2WmC0+SK2YV+bWcxhv0C/2gg2GBeVqm5gNGnvlyDytGOGo=; _ga_94998W1T93=GS1.1.1672130198.1.0.1672130198.0.0.0; _ga=GA1.3.1242040011.1672130198; _gid=GA1.3.933674146.1672130199; _gat_gtag_UA_117111585_4=1
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
date: Tue, 27 Dec 2022 08:36:42 GMT
content-type: image/webp
content-length: 26478
cache-control: public, max-age=31557600
expires: Fri, 22 Dec 2023 17:57:00 GMT
last-modified: Mon, 28 Nov 2022 14:03:02 GMT
vary: User-Agent,User-Agent, Accept-Encoding
x-content-type-options: nosniff
x-turbo-charged-by: LiteSpeed
cf-cache-status: HIT
age: 0
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Axa977yFWv1mAKfP0apbDSxdafjusRDdzC4LCsfC2ogp4wYaKYPlU%2FowmF71GMjo8yw6v7T8UKtVedvOM5pTrj%2BOdcbCrDzc1rBV3ULox2HxHD7TXbcEe5T9%2BDq16nrNFmpgPg%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 7800bae6c897b51d-OSL
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
post.bemcon.co.uk/wp-content/uploads/2022/08/Food-Safety-Level-4-2022-300x294.jpg.webp
200 OK 28 kB URL HTTP/2 post.bemcon.co.uk/wp-content/uploads/2022/08/Food-Safety-Level-4-2022-300x294.jpg.webp
IP
File type RIFF (little-endian) data, Web/P image, VP8 encoding, 300x294, Scaling: [none]x[none], YUV color, decoders should clamp\012- data
Hash ec513d3eae17643d1a426b56f197f8cb
b7e2bc93206eb88295bacbe7c4d3f03771b025e0
961a5c30673d04aa6b214f94bf30750e5da808c740cdd98b47d49001446d30a7
Analyzer Verdict Alert fortinet Phishing
GET /wp-content/uploads/2022/08/Food-Safety-Level-4-2022-300x294.jpg.webp HTTP/1.1
Host: post.bemcon.co.uk
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://post.bemcon.co.uk/
Cookie: _lscache_vary=0ecd605272207d647f0e0abe9c8f5436; __cf_bm=rVOpc_ZAXULVFzJMgYCF3Jmb5ddhP9Aw_bgQnBMSCO0-1672130199-0-AWcvvxacEOH95kQrELG1h47NtcOHp3DbhWYvBI20WGbDDNstDvDw1Q2Krb5glS/uvg9RKupOEtYR/gc50XHWYjW6Zaq4UlZmYhbXdYznr2WmC0+SK2YV+bWcxhv0C/2gg2GBeVqm5gNGnvlyDytGOGo=; _ga_94998W1T93=GS1.1.1672130198.1.0.1672130198.0.0.0; _ga=GA1.3.1242040011.1672130198; _gid=GA1.3.933674146.1672130199; _gat_gtag_UA_117111585_4=1
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
date: Tue, 27 Dec 2022 08:36:42 GMT
content-type: image/webp
content-length: 27528
cache-control: public, max-age=31557600
expires: Thu, 21 Dec 2023 07:11:07 GMT
last-modified: Mon, 28 Nov 2022 14:03:25 GMT
vary: User-Agent,User-Agent, Accept-Encoding
x-content-type-options: nosniff
x-turbo-charged-by: LiteSpeed
cf-cache-status: HIT
age: 0
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=4f7nEkFds3IlP4EmMl0o%2FbIkJTUgkMiu7i%2BJLl3R29x4EZa9NIqr6AAj34%2BGdP6xmpRkhY%2FBX6R2kpVZHRNyLkRfIdHPlDSEurFOYVoVKPr7RhKEKCaLIjbgZYRhrl%2BxGBZRhw%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 7800bae6c89db51d-OSL
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
post.bemcon.co.uk/wp-content/uploads/2021/11/ISO-17025-2017-Qualification-Prospectus-274x300.jpg.webp
200 OK 23 kB URL HTTP/2 post.bemcon.co.uk/wp-content/uploads/2021/11/ISO-17025-2017-Qualification-Prospectus-274x300.jpg.webp
IP
File type RIFF (little-endian) data, Web/P image, VP8 encoding, 274x300, Scaling: [none]x[none], YUV color, decoders should clamp\012- data
Hash 529396572e76c202f885a099af8fc32e
32570592e17acb5a0ab5cb3af006dbebed7ede32
edc7a19901b8a3cc3a795b11b7f65f980ef2011e07b822e50121f2f2abaaa041
Analyzer Verdict Alert fortinet Phishing
GET /wp-content/uploads/2021/11/ISO-17025-2017-Qualification-Prospectus-274x300.jpg.webp HTTP/1.1
Host: post.bemcon.co.uk
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://post.bemcon.co.uk/
Cookie: _lscache_vary=0ecd605272207d647f0e0abe9c8f5436; __cf_bm=rVOpc_ZAXULVFzJMgYCF3Jmb5ddhP9Aw_bgQnBMSCO0-1672130199-0-AWcvvxacEOH95kQrELG1h47NtcOHp3DbhWYvBI20WGbDDNstDvDw1Q2Krb5glS/uvg9RKupOEtYR/gc50XHWYjW6Zaq4UlZmYhbXdYznr2WmC0+SK2YV+bWcxhv0C/2gg2GBeVqm5gNGnvlyDytGOGo=; _ga_94998W1T93=GS1.1.1672130198.1.0.1672130198.0.0.0; _ga=GA1.3.1242040011.1672130198; _gid=GA1.3.933674146.1672130199; _gat_gtag_UA_117111585_4=1
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
date: Tue, 27 Dec 2022 08:36:42 GMT
content-type: image/webp
content-length: 22768
cache-control: public, max-age=31557600
expires: Thu, 21 Dec 2023 07:11:07 GMT
last-modified: Mon, 28 Nov 2022 14:10:56 GMT
vary: User-Agent,User-Agent, Accept-Encoding
x-content-type-options: nosniff
x-turbo-charged-by: LiteSpeed
cf-cache-status: HIT
age: 0
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=jHtNbAeWYmjl8GxpABiOi9Y77pw1i3N3JW8Cs5B%2FGZN8SIA4ZCrdJme5nPfLmaRMaUPZ3Xo3IkCv7Pp2luhJlwtp593Lfv1lTT6hCBAqUtstL%2BynHuf8OoHegIOpCp94vXXLbQ%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 7800bae6c8a1b51d-OSL
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
post.bemcon.co.uk/wp-content/litespeed/css/6ac4f84452bda369dbb2a21ab0441010.css?ver=41010
200 OK 40 kB URL HTTP/2 post.bemcon.co.uk/wp-content/litespeed/css/6ac4f84452bda369dbb2a21ab0441010.css?ver=41010
IP
File type Unicode text, UTF-8 text, with very long lines (65534), with no line terminators
Hash 41850d9ecbe037d9abe647debabb5e8d
963ae28bd56fde3ec66b8644b03297bf6d6c2981
f7109d4e3f533bb0d4d025540d63f267f4330b5c2a504a6743d2d702a5284a2f
Analyzer Verdict Alert fortinet Phishing
GET /wp-content/litespeed/css/6ac4f84452bda369dbb2a21ab0441010.css?ver=41010 HTTP/1.1
Host: post.bemcon.co.uk
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://post.bemcon.co.uk/
Cookie: _lscache_vary=0ecd605272207d647f0e0abe9c8f5436; __cf_bm=rVOpc_ZAXULVFzJMgYCF3Jmb5ddhP9Aw_bgQnBMSCO0-1672130199-0-AWcvvxacEOH95kQrELG1h47NtcOHp3DbhWYvBI20WGbDDNstDvDw1Q2Krb5glS/uvg9RKupOEtYR/gc50XHWYjW6Zaq4UlZmYhbXdYznr2WmC0+SK2YV+bWcxhv0C/2gg2GBeVqm5gNGnvlyDytGOGo=
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
date: Tue, 27 Dec 2022 08:36:40 GMT
content-type: text/css
cache-control: public, max-age=31557600
cf-bgj: minify
cf-polished: origSize=94154
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
expires: Thu, 21 Dec 2023 07:11:04 GMT
last-modified: Wed, 21 Dec 2022 01:11:03 GMT
vary: Accept-Encoding,User-Agent,User-Agent
x-content-type-options: nosniff
x-turbo-charged-by: LiteSpeed
cf-cache-status: HIT
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=pA6LsjV6bXvVqzBVKTxlWT5f7hi6tLP0EIhoZHDryIXO0XPKhBZGmlwwdi%2BrV4Y0TgFIcodIhEVOdFm0TwmLr7xs7aTs7gaSSQ5x1NF7Kprj9Cwsmm1WKIhUpy72v63cWdpf4A%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 7800bad71cdab51d-OSL
content-encoding: br
X-Firefox-Spdy: h2
post.bemcon.co.uk/wp-content/litespeed/css/4909338963a670627dfbca0bfdd7c0ee.css?ver=7c0ee
200 OK 23 kB URL HTTP/2 post.bemcon.co.uk/wp-content/litespeed/css/4909338963a670627dfbca0bfdd7c0ee.css?ver=7c0ee
IP
File type ASCII text, with very long lines (9923), with no line terminators
Hash f8b41d090adef59954d5fcb46200e7dd
34ebd625314af938bc829213edb7cd3a53f8cd3d
48f6f437567f008dded9ce0668c107d40677174a48251de5b4a0217bd72ac3a8
Analyzer Verdict Alert fortinet Phishing
GET /wp-content/litespeed/css/4909338963a670627dfbca0bfdd7c0ee.css?ver=7c0ee HTTP/1.1
Host: post.bemcon.co.uk
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://post.bemcon.co.uk/
Cookie: _lscache_vary=0ecd605272207d647f0e0abe9c8f5436; __cf_bm=rVOpc_ZAXULVFzJMgYCF3Jmb5ddhP9Aw_bgQnBMSCO0-1672130199-0-AWcvvxacEOH95kQrELG1h47NtcOHp3DbhWYvBI20WGbDDNstDvDw1Q2Krb5glS/uvg9RKupOEtYR/gc50XHWYjW6Zaq4UlZmYhbXdYznr2WmC0+SK2YV+bWcxhv0C/2gg2GBeVqm5gNGnvlyDytGOGo=
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
date: Tue, 27 Dec 2022 08:36:40 GMT
content-type: text/css
cache-control: public, max-age=31557600
cf-bgj: minify
cf-polished: origSize=9934
expires: Fri, 22 Dec 2023 13:55:28 GMT
last-modified: Thu, 22 Dec 2022 07:55:27 GMT
vary: Accept-Encoding,User-Agent,User-Agent
x-content-type-options: nosniff
x-turbo-charged-by: LiteSpeed
cf-cache-status: HIT
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=uhUPnncINVSzcV6gvi0YWDir4NW0d08AsL%2FKmwdRaZHgo7jzMZLeHTeirtUy3M6n%2BENk3threnh6i3L9pp%2FRDqrUUEU0W3UKsmPAO4oNIKef3aGrCk3TZXiIvn6sY1sDj5%2B8xg%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 7800bad73d0ab51d-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
post.bemcon.co.uk/wp-content/litespeed/css/35e6ba9a4fc68709f41df2ebc67dda77.css?ver=dda77
200 OK 50 kB URL HTTP/2 post.bemcon.co.uk/wp-content/litespeed/css/35e6ba9a4fc68709f41df2ebc67dda77.css?ver=dda77
IP
File type ASCII text, with very long lines (65536), with no line terminators
Hash a3743cb887b4eddbd02ca76ebeaa2235
d1ec1037f107e5814a982b6ad58964370f60f9af
afdb664b38c2d9f6a6ce57343538b19506e363f2140b0c39e880d836f9e0d237
Analyzer Verdict Alert fortinet Phishing
GET /wp-content/litespeed/css/35e6ba9a4fc68709f41df2ebc67dda77.css?ver=dda77 HTTP/1.1
Host: post.bemcon.co.uk
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://post.bemcon.co.uk/
Cookie: _lscache_vary=0ecd605272207d647f0e0abe9c8f5436; __cf_bm=rVOpc_ZAXULVFzJMgYCF3Jmb5ddhP9Aw_bgQnBMSCO0-1672130199-0-AWcvvxacEOH95kQrELG1h47NtcOHp3DbhWYvBI20WGbDDNstDvDw1Q2Krb5glS/uvg9RKupOEtYR/gc50XHWYjW6Zaq4UlZmYhbXdYznr2WmC0+SK2YV+bWcxhv0C/2gg2GBeVqm5gNGnvlyDytGOGo=
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
date: Tue, 27 Dec 2022 08:36:40 GMT
content-type: text/css
cache-control: public, max-age=31557600
cf-bgj: minify
expires: Thu, 21 Dec 2023 07:11:04 GMT
last-modified: Wed, 21 Dec 2022 01:11:04 GMT
vary: Accept-Encoding,User-Agent,User-Agent
x-content-type-options: nosniff
x-turbo-charged-by: LiteSpeed
cf-cache-status: HIT
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=sgaNUZYEhgL8GHoq%2FE5OxXRJXvTj1KF3BqoESvhywH5paqdEBVp0x1pY4bEhNIm0mpY0Zvyh1DVWmiOUeRz71EcuoGACIJjp7ZnUj%2BlHhUzvMA%2FrEpcuSAWTczVwXNEDlFaHGw%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 7800bad73d0cb51d-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
post.bemcon.co.uk/wp-content/litespeed/css/6e331470c4db945b9c338d3b0363b4f0.css?ver=3b4f0
200 OK 29 kB URL HTTP/2 post.bemcon.co.uk/wp-content/litespeed/css/6e331470c4db945b9c338d3b0363b4f0.css?ver=3b4f0
IP
File type ASCII text, with very long lines (65536), with no line terminators
Hash 2c542e1e1a1826a7a511ca3c01527723
56e2f4c234afa274505ba4bfc5281d7f6c583c68
db4bb87c083350eec7adfae6865259ca04630e20e436a80470c0c1a97a47e475
Analyzer Verdict Alert fortinet Phishing
GET /wp-content/litespeed/css/6e331470c4db945b9c338d3b0363b4f0.css?ver=3b4f0 HTTP/1.1
Host: post.bemcon.co.uk
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://post.bemcon.co.uk/
Cookie: _lscache_vary=0ecd605272207d647f0e0abe9c8f5436; __cf_bm=rVOpc_ZAXULVFzJMgYCF3Jmb5ddhP9Aw_bgQnBMSCO0-1672130199-0-AWcvvxacEOH95kQrELG1h47NtcOHp3DbhWYvBI20WGbDDNstDvDw1Q2Krb5glS/uvg9RKupOEtYR/gc50XHWYjW6Zaq4UlZmYhbXdYznr2WmC0+SK2YV+bWcxhv0C/2gg2GBeVqm5gNGnvlyDytGOGo=
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
date: Tue, 27 Dec 2022 08:36:40 GMT
content-type: text/css
cache-control: public, max-age=31557600
cf-bgj: minify
cf-polished: origSize=94872
expires: Thu, 21 Dec 2023 14:38:21 GMT
last-modified: Wed, 21 Dec 2022 08:38:20 GMT
vary: Accept-Encoding,User-Agent,User-Agent
x-content-type-options: nosniff
x-turbo-charged-by: LiteSpeed
cf-cache-status: HIT
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=ti5JFxEU3LmAczbyb78IGPGVkXE9fsWekAilTLftMPEgRninhLcP7spULO34q8kQ4DaPpKu6XIDc0eG1kSrtEK9Z91kxFHSZIaJ8xhkdhgnqFg6Uvl5OOb1mA3nWBSpLDbg2kw%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 7800bad72cebb51d-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
post.bemcon.co.uk/wp-content/uploads/2020/10/IFS-Food-Safety-Version-7-Mail-1-300x300.png.webp
200 OK 22 kB URL HTTP/2 post.bemcon.co.uk/wp-content/uploads/2020/10/IFS-Food-Safety-Version-7-Mail-1-300x300.png.webp
IP
File type RIFF (little-endian) data, Web/P image, VP8 encoding, 300x300, Scaling: [none]x[none], YUV color, decoders should clamp\012- data
Hash 9af92f22bf26b096f92ac5233fe3b881
371d469b51f1d14fd3455b98937497073c53c789
9e9e48c98e4bda2060c47accb82560804ccc839d8f78ea9b8595103ebb7c18c8
Analyzer Verdict Alert fortinet Phishing
GET /wp-content/uploads/2020/10/IFS-Food-Safety-Version-7-Mail-1-300x300.png.webp HTTP/1.1
Host: post.bemcon.co.uk
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://post.bemcon.co.uk/
Cookie: _lscache_vary=0ecd605272207d647f0e0abe9c8f5436; __cf_bm=rVOpc_ZAXULVFzJMgYCF3Jmb5ddhP9Aw_bgQnBMSCO0-1672130199-0-AWcvvxacEOH95kQrELG1h47NtcOHp3DbhWYvBI20WGbDDNstDvDw1Q2Krb5glS/uvg9RKupOEtYR/gc50XHWYjW6Zaq4UlZmYhbXdYznr2WmC0+SK2YV+bWcxhv0C/2gg2GBeVqm5gNGnvlyDytGOGo=; _ga_94998W1T93=GS1.1.1672130198.1.0.1672130198.0.0.0; _ga=GA1.3.1242040011.1672130198; _gid=GA1.3.933674146.1672130199; _gat_gtag_UA_117111585_4=1
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
date: Tue, 27 Dec 2022 08:36:42 GMT
content-type: image/webp
content-length: 22010
cache-control: public, max-age=31557600
expires: Thu, 21 Dec 2023 07:11:07 GMT
last-modified: Mon, 28 Nov 2022 15:02:12 GMT
vary: User-Agent,User-Agent, Accept-Encoding
x-content-type-options: nosniff
x-turbo-charged-by: LiteSpeed
cf-cache-status: HIT
age: 0
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=S%2FwdWXk3r93FUR9cEFVmUbXLBiONLnWUf%2BAV3G4oJjYkKVI2MVqZ5oT3ojgVnucw3P9ObbK8yf563fmw%2Bb7iWNCnOoGi6h78G3xEpajwG8rq3aLF8x6huCdHDQ9aDp01Zz4VAA%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 7800bae6e8b0b51d-OSL
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
post.bemcon.co.uk/wp-content/uploads/2020/10/Level-6-Award-in-First-Aid-at-Work-300x300.png.webp
200 OK 23 kB URL HTTP/2 post.bemcon.co.uk/wp-content/uploads/2020/10/Level-6-Award-in-First-Aid-at-Work-300x300.png.webp
IP
File type RIFF (little-endian) data, Web/P image, VP8 encoding, 300x300, Scaling: [none]x[none], YUV color, decoders should clamp\012- data
Hash 65099fa00fe97a423f72ee03b6b8e3c5
666c0afe70e85e53bba7fb93d47c75e4b7f5f7b0
d71c51898826679c8e0200f70d9162964371113ef516a2818e2c4aa0849251c5
Analyzer Verdict Alert fortinet Phishing
GET /wp-content/uploads/2020/10/Level-6-Award-in-First-Aid-at-Work-300x300.png.webp HTTP/1.1
Host: post.bemcon.co.uk
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://post.bemcon.co.uk/
Cookie: _lscache_vary=0ecd605272207d647f0e0abe9c8f5436; __cf_bm=rVOpc_ZAXULVFzJMgYCF3Jmb5ddhP9Aw_bgQnBMSCO0-1672130199-0-AWcvvxacEOH95kQrELG1h47NtcOHp3DbhWYvBI20WGbDDNstDvDw1Q2Krb5glS/uvg9RKupOEtYR/gc50XHWYjW6Zaq4UlZmYhbXdYznr2WmC0+SK2YV+bWcxhv0C/2gg2GBeVqm5gNGnvlyDytGOGo=; _ga_94998W1T93=GS1.1.1672130198.1.0.1672130198.0.0.0; _ga=GA1.3.1242040011.1672130198; _gid=GA1.3.933674146.1672130199; _gat_gtag_UA_117111585_4=1
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
date: Tue, 27 Dec 2022 08:36:42 GMT
content-type: image/webp
content-length: 22796
cache-control: public, max-age=31557600
expires: Thu, 21 Dec 2023 07:11:07 GMT
last-modified: Mon, 28 Nov 2022 15:05:57 GMT
vary: User-Agent,User-Agent, Accept-Encoding
x-content-type-options: nosniff
x-turbo-charged-by: LiteSpeed
cf-cache-status: HIT
age: 0
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=oJ6KqmlRqyMZIZAFbJjHpiPHo2X5OJvrKd%2BiECIPKLqHb0ccHs4YmbTrby93pTJH3%2BajBzJYsHHJDOiSzM%2FS10sRQXiAgezMZlTMHH6ldh85hIu2K12iZW56cogtQCKW5r400g%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 7800bae6e8b8b51d-OSL
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
post.bemcon.co.uk/wp-content/uploads/2020/09/ISO-14001-2015-EMS-45001-2018-OHSMS-Oct-2020-Mail-300x300.png.webp
200 OK 25 kB URL HTTP/2 post.bemcon.co.uk/wp-content/uploads/2020/09/ISO-14001-2015-EMS-45001-2018-OHSMS-Oct-2020-Mail-300x300.png.webp
IP
File type RIFF (little-endian) data, Web/P image\012- data
Hash cb3cddbab5b1d57142daf4f91cdb2e3e
1d961c38cc00562c00410e38958eb98f68dbdf75
f2593f70fc27232b1d5f08000292b0417570ff434bc05775c87fbf7e7976d39c
Analyzer Verdict Alert fortinet Phishing
GET /wp-content/uploads/2020/09/ISO-14001-2015-EMS-45001-2018-OHSMS-Oct-2020-Mail-300x300.png.webp HTTP/1.1
Host: post.bemcon.co.uk
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://post.bemcon.co.uk/
Cookie: _lscache_vary=0ecd605272207d647f0e0abe9c8f5436; __cf_bm=rVOpc_ZAXULVFzJMgYCF3Jmb5ddhP9Aw_bgQnBMSCO0-1672130199-0-AWcvvxacEOH95kQrELG1h47NtcOHp3DbhWYvBI20WGbDDNstDvDw1Q2Krb5glS/uvg9RKupOEtYR/gc50XHWYjW6Zaq4UlZmYhbXdYznr2WmC0+SK2YV+bWcxhv0C/2gg2GBeVqm5gNGnvlyDytGOGo=; _ga_94998W1T93=GS1.1.1672130198.1.0.1672130198.0.0.0; _ga=GA1.3.1242040011.1672130198; _gid=GA1.3.933674146.1672130199; _gat_gtag_UA_117111585_4=1
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
date: Tue, 27 Dec 2022 08:36:42 GMT
content-type: image/webp
content-length: 24966
cache-control: public, max-age=31557600
expires: Fri, 22 Dec 2023 13:57:47 GMT
last-modified: Mon, 28 Nov 2022 15:06:34 GMT
vary: User-Agent,User-Agent, Accept-Encoding
x-content-type-options: nosniff
x-turbo-charged-by: LiteSpeed
cf-cache-status: HIT
age: 0
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=adZN0cWqwsuHzxdudNLCPSSjEXwV7tD%2FTap5ZsCFNZX9LaZVzjxmZijg0jghpvKTisHacjc2IdD0fmANjRLfOA2eHp38Q%2FdvQVuiIgrM2vTJEzfKiaeRavnehHgAH9LTy6DE7w%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 7800bae708e9b51d-OSL
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
post.bemcon.co.uk/wp-content/uploads/2020/10/Level-2-Award-in-Fire-Safety-Principles-300x300.png.webp
200 OK 31 kB URL HTTP/2 post.bemcon.co.uk/wp-content/uploads/2020/10/Level-2-Award-in-Fire-Safety-Principles-300x300.png.webp
IP
File type RIFF (little-endian) data, Web/P image, VP8 encoding, 300x300, Scaling: [none]x[none], YUV color, decoders should clamp\012- data
Hash ac472b9fca7fe98edd077bebd5ebbc41
15f952431637e7d950058c4cad975cb6d5f7237e
e70872efa285d6f6e26edb920f767faeb425767c2c461fb5bc547f9cd1a25086
Analyzer Verdict Alert fortinet Phishing
GET /wp-content/uploads/2020/10/Level-2-Award-in-Fire-Safety-Principles-300x300.png.webp HTTP/1.1
Host: post.bemcon.co.uk
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://post.bemcon.co.uk/
Cookie: _lscache_vary=0ecd605272207d647f0e0abe9c8f5436; __cf_bm=rVOpc_ZAXULVFzJMgYCF3Jmb5ddhP9Aw_bgQnBMSCO0-1672130199-0-AWcvvxacEOH95kQrELG1h47NtcOHp3DbhWYvBI20WGbDDNstDvDw1Q2Krb5glS/uvg9RKupOEtYR/gc50XHWYjW6Zaq4UlZmYhbXdYznr2WmC0+SK2YV+bWcxhv0C/2gg2GBeVqm5gNGnvlyDytGOGo=; _ga_94998W1T93=GS1.1.1672130198.1.0.1672130198.0.0.0; _ga=GA1.3.1242040011.1672130198; _gid=GA1.3.933674146.1672130199; _gat_gtag_UA_117111585_4=1
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
date: Tue, 27 Dec 2022 08:36:42 GMT
content-type: image/webp
content-length: 30894
cache-control: public, max-age=31557600
expires: Fri, 22 Dec 2023 13:57:47 GMT
last-modified: Mon, 28 Nov 2022 15:06:15 GMT
vary: User-Agent,User-Agent, Accept-Encoding
x-content-type-options: nosniff
x-turbo-charged-by: LiteSpeed
cf-cache-status: HIT
age: 0
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=ODmmbeIGtt0OyB%2BQeX6x9MFerNq7kh7ZsFlJXTzekyqxMjN%2BIwRFRtvoMPj0iC%2B6NS1zFjBlRFDOenL2ZQAQ9k6WBrLXwf9Fe6x35bZvsJJswCynCsah2zX4bHCB60WEpF9DsA%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 7800bae708e6b51d-OSL
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
post.bemcon.co.uk/wp-content/uploads/2020/09/Health-Safety-Accomodations-Mail-300x300.png.webp
200 OK 27 kB URL HTTP/2 post.bemcon.co.uk/wp-content/uploads/2020/09/Health-Safety-Accomodations-Mail-300x300.png.webp
IP
File type RIFF (little-endian) data, Web/P image\012- data
Hash 729c13ae885c021207d6fe662793f9da
e1c8f2ad7e1126ac04f6970168d8fdab2a1bdafc
27dd56f4ceb1c5238fcf2befb725444baeabf01ee3c8edf2ee4f18bcee1e6298
Analyzer Verdict Alert fortinet Phishing
GET /wp-content/uploads/2020/09/Health-Safety-Accomodations-Mail-300x300.png.webp HTTP/1.1
Host: post.bemcon.co.uk
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://post.bemcon.co.uk/
Cookie: _lscache_vary=0ecd605272207d647f0e0abe9c8f5436; __cf_bm=rVOpc_ZAXULVFzJMgYCF3Jmb5ddhP9Aw_bgQnBMSCO0-1672130199-0-AWcvvxacEOH95kQrELG1h47NtcOHp3DbhWYvBI20WGbDDNstDvDw1Q2Krb5glS/uvg9RKupOEtYR/gc50XHWYjW6Zaq4UlZmYhbXdYznr2WmC0+SK2YV+bWcxhv0C/2gg2GBeVqm5gNGnvlyDytGOGo=; _ga_94998W1T93=GS1.1.1672130198.1.0.1672130198.0.0.0; _ga=GA1.3.1242040011.1672130198; _gid=GA1.3.933674146.1672130199; _gat_gtag_UA_117111585_4=1
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
date: Tue, 27 Dec 2022 08:36:42 GMT
content-type: image/webp
content-length: 27014
cache-control: public, max-age=31557600
expires: Thu, 21 Dec 2023 07:11:07 GMT
last-modified: Mon, 28 Nov 2022 15:09:55 GMT
vary: User-Agent,User-Agent, Accept-Encoding
x-content-type-options: nosniff
x-turbo-charged-by: LiteSpeed
cf-cache-status: HIT
age: 0
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=OTVDwb0XmGiKSBGr2AOxrMJaB%2BifDJtVme7RX%2FpVMnuEg0tgwWo77%2F3zcz1yzyxQHKZdxpdeKig%2FM%2B83e9WnR40SmN1oijSpgAquNQ1EdSrd%2B6sHqR6T5MAbx6xwQkYdyoUqBg%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 7800bae718fcb51d-OSL
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
post.bemcon.co.uk/wp-content/uploads/2020/09/ISO-55001-2014-Asset-Management-Dec-2020-300x300.jpg.webp
200 OK 23 kB URL HTTP/2 post.bemcon.co.uk/wp-content/uploads/2020/09/ISO-55001-2014-Asset-Management-Dec-2020-300x300.jpg.webp
IP
File type RIFF (little-endian) data, Web/P image, VP8 encoding, 300x300, Scaling: [none]x[none], YUV color, decoders should clamp\012- data
Hash b6d72fd74a9dfcb6c7f37adcb4e1442b
a6eebd81867b9627e30ed42025190508ed7d074e
819c047e9db83e01985df7829603d15dd6b2243b16273bd25fe81fe10cad8055
Analyzer Verdict Alert fortinet Phishing
GET /wp-content/uploads/2020/09/ISO-55001-2014-Asset-Management-Dec-2020-300x300.jpg.webp HTTP/1.1
Host: post.bemcon.co.uk
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://post.bemcon.co.uk/
Cookie: _lscache_vary=0ecd605272207d647f0e0abe9c8f5436; __cf_bm=rVOpc_ZAXULVFzJMgYCF3Jmb5ddhP9Aw_bgQnBMSCO0-1672130199-0-AWcvvxacEOH95kQrELG1h47NtcOHp3DbhWYvBI20WGbDDNstDvDw1Q2Krb5glS/uvg9RKupOEtYR/gc50XHWYjW6Zaq4UlZmYhbXdYznr2WmC0+SK2YV+bWcxhv0C/2gg2GBeVqm5gNGnvlyDytGOGo=; _ga_94998W1T93=GS1.1.1672130198.1.0.1672130198.0.0.0; _ga=GA1.3.1242040011.1672130198; _gid=GA1.3.933674146.1672130199; _gat_gtag_UA_117111585_4=1
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
date: Tue, 27 Dec 2022 08:36:42 GMT
content-type: image/webp
content-length: 23266
cache-control: public, max-age=31557600
expires: Fri, 22 Dec 2023 13:57:47 GMT
last-modified: Mon, 28 Nov 2022 16:04:35 GMT
vary: User-Agent,User-Agent, Accept-Encoding
x-content-type-options: nosniff
x-turbo-charged-by: LiteSpeed
cf-cache-status: HIT
age: 0
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Gl%2FOFOntivdxZKXoAGqNTZAdDMbAwwirEmbmH0Tm%2BUuBHk9r%2FcmASDfN6Cg4OWwEVFZBh3zmpoaiocMfuqI4BL8oyC1DvWXX0svlt9Nlpd7ZQ4NGG7VxbICe30dHSLm%2FM78PFg%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 7800bae7290cb51d-OSL
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
post.bemcon.co.uk/wp-content/uploads/2020/09/ISO-22301-2019-Business-Continuity-Manager-Dec-2020-300x300.jpg.webp
200 OK 27 kB URL HTTP/2 post.bemcon.co.uk/wp-content/uploads/2020/09/ISO-22301-2019-Business-Continuity-Manager-Dec-2020-300x300.jpg.webp
IP
File type RIFF (little-endian) data, Web/P image, VP8 encoding, 300x300, Scaling: [none]x[none], YUV color, decoders should clamp\012- data
Hash 0e1bf31ed06afc171ef5dbc8b8e2ebe0
9a8cd884a751d648760a5d624a297041ec6889ea
2bf7386950acdc093d7bcf85d14c2bf6d8cc4dc1e607c51b33d627d6c901bcbf
Analyzer Verdict Alert fortinet Phishing
GET /wp-content/uploads/2020/09/ISO-22301-2019-Business-Continuity-Manager-Dec-2020-300x300.jpg.webp HTTP/1.1
Host: post.bemcon.co.uk
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://post.bemcon.co.uk/
Cookie: _lscache_vary=0ecd605272207d647f0e0abe9c8f5436; __cf_bm=rVOpc_ZAXULVFzJMgYCF3Jmb5ddhP9Aw_bgQnBMSCO0-1672130199-0-AWcvvxacEOH95kQrELG1h47NtcOHp3DbhWYvBI20WGbDDNstDvDw1Q2Krb5glS/uvg9RKupOEtYR/gc50XHWYjW6Zaq4UlZmYhbXdYznr2WmC0+SK2YV+bWcxhv0C/2gg2GBeVqm5gNGnvlyDytGOGo=; _ga_94998W1T93=GS1.1.1672130198.1.0.1672130198.0.0.0; _ga=GA1.3.1242040011.1672130198; _gid=GA1.3.933674146.1672130199; _gat_gtag_UA_117111585_4=1
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
date: Tue, 27 Dec 2022 08:36:42 GMT
content-type: image/webp
content-length: 26712
cache-control: public, max-age=31557600
expires: Sun, 17 Dec 2023 20:29:13 GMT
last-modified: Mon, 28 Nov 2022 16:01:25 GMT
vary: User-Agent,User-Agent, Accept-Encoding
x-content-type-options: nosniff
x-turbo-charged-by: LiteSpeed
cf-cache-status: HIT
age: 0
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=u6TMl3EUacoSAzTHpPIDsjtv%2FdVOkDvWwOex0CPvaKA%2FJBCevJLGlHptMSC5moBa6%2BV2QCUKYzdILrTRh4EDZvuSW9gmBLSPDmo1xOdFB2%2BEPavzOn5btwakAl9L2AcKFociaA%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 7800bae7290ab51d-OSL
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
post.bemcon.co.uk/wp-content/uploads/2020/09/ISO-41001-2018-Facilites-Management-Nov-2020-259x300.jpg.webp
200 OK 15 kB URL HTTP/2 post.bemcon.co.uk/wp-content/uploads/2020/09/ISO-41001-2018-Facilites-Management-Nov-2020-259x300.jpg.webp
IP
File type RIFF (little-endian) data, Web/P image, VP8 encoding, 259x300, Scaling: [none]x[none], YUV color, decoders should clamp\012- data
Hash 8090830b6ad1f4205872c091b0e5527c
dd549135f6090f3880d6a7607c852ea726ddfcb6
abb63743310261d47fb35c1d3a0914e4a3a5a8e6c8b80a8636af3ce39df3b7b8
Analyzer Verdict Alert fortinet Phishing
GET /wp-content/uploads/2020/09/ISO-41001-2018-Facilites-Management-Nov-2020-259x300.jpg.webp HTTP/1.1
Host: post.bemcon.co.uk
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://post.bemcon.co.uk/
Cookie: _lscache_vary=0ecd605272207d647f0e0abe9c8f5436; __cf_bm=rVOpc_ZAXULVFzJMgYCF3Jmb5ddhP9Aw_bgQnBMSCO0-1672130199-0-AWcvvxacEOH95kQrELG1h47NtcOHp3DbhWYvBI20WGbDDNstDvDw1Q2Krb5glS/uvg9RKupOEtYR/gc50XHWYjW6Zaq4UlZmYhbXdYznr2WmC0+SK2YV+bWcxhv0C/2gg2GBeVqm5gNGnvlyDytGOGo=; _ga_94998W1T93=GS1.1.1672130198.1.0.1672130198.0.0.0; _ga=GA1.3.1242040011.1672130198; _gid=GA1.3.933674146.1672130199; _gat_gtag_UA_117111585_4=1
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
date: Tue, 27 Dec 2022 08:36:42 GMT
content-type: image/webp
content-length: 15400
cache-control: public, max-age=31557600
expires: Fri, 22 Dec 2023 10:52:20 GMT
last-modified: Mon, 28 Nov 2022 16:04:47 GMT
vary: User-Agent,User-Agent, Accept-Encoding
x-content-type-options: nosniff
x-turbo-charged-by: LiteSpeed
cf-cache-status: HIT
age: 0
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Y2EQUlu%2BzRnUnwc3OM0yGgSyTDHw2UjLAK72R0RdjxgzVwvhnBkaIQBhW1JIiTNYIOhaTGUixOb3cscTrrjpN1hrwAHeJLJnrUaTafoaOyYo1t0S2P%2Fu9y62DB7HUnIa6353Xw%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 7800bae7290db51d-OSL
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
post.bemcon.co.uk/wp-content/uploads/2020/08/Health-Safety-Level-3-HABC-Nov-2020-300x300.jpg.webp
200 OK 17 kB URL HTTP/2 post.bemcon.co.uk/wp-content/uploads/2020/08/Health-Safety-Level-3-HABC-Nov-2020-300x300.jpg.webp
IP
File type RIFF (little-endian) data, Web/P image, VP8 encoding, 300x300, Scaling: [none]x[none], YUV color, decoders should clamp\012- data
Hash a2e98c28dd538561443765ea2a9302a0
cb736497b247c6ae6a7ac34323b0b7f294907f01
5a0192a6f86bd6b509d244b1a8c80af7a51384d39ddbc6477178b25573113e49
Analyzer Verdict Alert fortinet Phishing
GET /wp-content/uploads/2020/08/Health-Safety-Level-3-HABC-Nov-2020-300x300.jpg.webp HTTP/1.1
Host: post.bemcon.co.uk
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://post.bemcon.co.uk/
Cookie: _lscache_vary=0ecd605272207d647f0e0abe9c8f5436; __cf_bm=rVOpc_ZAXULVFzJMgYCF3Jmb5ddhP9Aw_bgQnBMSCO0-1672130199-0-AWcvvxacEOH95kQrELG1h47NtcOHp3DbhWYvBI20WGbDDNstDvDw1Q2Krb5glS/uvg9RKupOEtYR/gc50XHWYjW6Zaq4UlZmYhbXdYznr2WmC0+SK2YV+bWcxhv0C/2gg2GBeVqm5gNGnvlyDytGOGo=; _ga_94998W1T93=GS1.1.1672130198.1.0.1672130198.0.0.0; _ga=GA1.3.1242040011.1672130198; _gid=GA1.3.933674146.1672130199; _gat_gtag_UA_117111585_4=1
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
date: Tue, 27 Dec 2022 08:36:42 GMT
content-type: image/webp
content-length: 16874
cache-control: public, max-age=31557600
expires: Thu, 21 Dec 2023 14:38:24 GMT
last-modified: Mon, 28 Nov 2022 16:04:59 GMT
vary: User-Agent,User-Agent, Accept-Encoding
x-content-type-options: nosniff
x-turbo-charged-by: LiteSpeed
cf-cache-status: HIT
age: 0
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=laiUWTc3evJOMMdH6xsOyT0Zc%2Bz9MXzJWew3qCrQP63LJLnJ7YTw976iqfVjRSgZi6tvn16XvpBtMTTwN9HIlKeaVV9lhSSEHLe%2BLzrwM2atmg3PsCOy53JUIva0InpfjLGZDA%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 7800bae7290fb51d-OSL
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
post.bemcon.co.uk/wp-content/uploads/2020/08/ISO-50001-Energy-Management-Systems-Jan-2021-300x300.jpg.webp
200 OK 27 kB URL HTTP/2 post.bemcon.co.uk/wp-content/uploads/2020/08/ISO-50001-Energy-Management-Systems-Jan-2021-300x300.jpg.webp
IP
File type RIFF (little-endian) data, Web/P image, VP8 encoding, 300x300, Scaling: [none]x[none], YUV color, decoders should clamp\012- data
Hash af1661fd4a602e021357356f1c59b0a5
d7fa2617b7b2cd29b2afa91456270d02d6336f21
60ffb40073cec133186c556a0dc483d27271b7666b84893e701474b88d40345e
Analyzer Verdict Alert fortinet Phishing
GET /wp-content/uploads/2020/08/ISO-50001-Energy-Management-Systems-Jan-2021-300x300.jpg.webp HTTP/1.1
Host: post.bemcon.co.uk
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://post.bemcon.co.uk/
Cookie: _lscache_vary=0ecd605272207d647f0e0abe9c8f5436; __cf_bm=rVOpc_ZAXULVFzJMgYCF3Jmb5ddhP9Aw_bgQnBMSCO0-1672130199-0-AWcvvxacEOH95kQrELG1h47NtcOHp3DbhWYvBI20WGbDDNstDvDw1Q2Krb5glS/uvg9RKupOEtYR/gc50XHWYjW6Zaq4UlZmYhbXdYznr2WmC0+SK2YV+bWcxhv0C/2gg2GBeVqm5gNGnvlyDytGOGo=; _ga_94998W1T93=GS1.1.1672130198.1.0.1672130198.0.0.0; _ga=GA1.3.1242040011.1672130198; _gid=GA1.3.933674146.1672130199; _gat_gtag_UA_117111585_4=1
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
date: Tue, 27 Dec 2022 08:36:42 GMT
content-type: image/webp
content-length: 27314
cache-control: public, max-age=31557600
expires: Thu, 21 Dec 2023 07:11:08 GMT
last-modified: Mon, 28 Nov 2022 16:05:23 GMT
vary: User-Agent,User-Agent, Accept-Encoding
x-content-type-options: nosniff
x-turbo-charged-by: LiteSpeed
cf-cache-status: HIT
age: 0
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=nScbrzHL7Ct4yNM3OdQfNhMMnWxAkJ0I%2B%2Bp7b8ljC3L9SW7%2FNrFA5plh1hSHuthBcu9nstNA2UESsiMSVBz9Qd6Q3miOII%2Bs6lB3g5rNDxA6eoS6M6hcU4ASs2hSlcvmBFo%2FPw%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 7800bae73924b51d-OSL
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
post.bemcon.co.uk/wp-content/uploads/2020/08/ISO-37001-Anti-Bribery-Mangement-Mail-Header-300x300.jpg.webp
200 OK 25 kB URL HTTP/2 post.bemcon.co.uk/wp-content/uploads/2020/08/ISO-37001-Anti-Bribery-Mangement-Mail-Header-300x300.jpg.webp
IP
File type RIFF (little-endian) data, Web/P image, VP8 encoding, 300x300, Scaling: [none]x[none], YUV color, decoders should clamp\012- data
Hash ee5726ca7ee6035fdc1bf42bdcc330f0
3ef17a2dbca3ce04cd7b57997ac4bd325277586c
9c4da6a7ba89c24d94e05c211ae1f142091c245c81df5e415f7414d67e53669f
Analyzer Verdict Alert fortinet Phishing
GET /wp-content/uploads/2020/08/ISO-37001-Anti-Bribery-Mangement-Mail-Header-300x300.jpg.webp HTTP/1.1
Host: post.bemcon.co.uk
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://post.bemcon.co.uk/
Cookie: _lscache_vary=0ecd605272207d647f0e0abe9c8f5436; __cf_bm=rVOpc_ZAXULVFzJMgYCF3Jmb5ddhP9Aw_bgQnBMSCO0-1672130199-0-AWcvvxacEOH95kQrELG1h47NtcOHp3DbhWYvBI20WGbDDNstDvDw1Q2Krb5glS/uvg9RKupOEtYR/gc50XHWYjW6Zaq4UlZmYhbXdYznr2WmC0+SK2YV+bWcxhv0C/2gg2GBeVqm5gNGnvlyDytGOGo=; _ga_94998W1T93=GS1.1.1672130198.1.0.1672130198.0.0.0; _ga=GA1.3.1242040011.1672130198; _gid=GA1.3.933674146.1672130199; _gat_gtag_UA_117111585_4=1
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
date: Tue, 27 Dec 2022 08:36:42 GMT
content-type: image/webp
content-length: 25026
cache-control: public, max-age=31557600
expires: Fri, 22 Dec 2023 13:57:47 GMT
last-modified: Mon, 28 Nov 2022 16:11:37 GMT
vary: User-Agent,User-Agent, Accept-Encoding
x-content-type-options: nosniff
x-turbo-charged-by: LiteSpeed
cf-cache-status: HIT
age: 0
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=zUr3Jcq%2F5FjKMq4a8qpU1VsDpoGjUkBqHll0l5kPVjrhfb%2FT4yK%2F9Q7n2KT6tBGnwbK%2FrV2tNiZoKRQf40kn5jls0dUzcLt9ciPUU5qFh%2B2S63gYhA5WRpO3jsYpPtfO0VySdw%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 7800bae7392cb51d-OSL
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
post.bemcon.co.uk/wp-content/uploads/2020/08/FMEA-Risk-Management-BEMCON-300x300.jpg.webp
200 OK 17 kB URL HTTP/2 post.bemcon.co.uk/wp-content/uploads/2020/08/FMEA-Risk-Management-BEMCON-300x300.jpg.webp
IP
File type RIFF (little-endian) data, Web/P image, VP8 encoding, 300x300, Scaling: [none]x[none], YUV color, decoders should clamp\012- data
Hash 36530b5668603e70d54dd596f155808c
f346c683a49826b7cb1db988dc92610fe5c720a5
e09702f7444d240cbb596e8712da096d8ecc17b197f74950019f819a4ace1261
Analyzer Verdict Alert fortinet Phishing
GET /wp-content/uploads/2020/08/FMEA-Risk-Management-BEMCON-300x300.jpg.webp HTTP/1.1
Host: post.bemcon.co.uk
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://post.bemcon.co.uk/
Cookie: _lscache_vary=0ecd605272207d647f0e0abe9c8f5436; __cf_bm=rVOpc_ZAXULVFzJMgYCF3Jmb5ddhP9Aw_bgQnBMSCO0-1672130199-0-AWcvvxacEOH95kQrELG1h47NtcOHp3DbhWYvBI20WGbDDNstDvDw1Q2Krb5glS/uvg9RKupOEtYR/gc50XHWYjW6Zaq4UlZmYhbXdYznr2WmC0+SK2YV+bWcxhv0C/2gg2GBeVqm5gNGnvlyDytGOGo=; _ga_94998W1T93=GS1.1.1672130198.1.0.1672130198.0.0.0; _ga=GA1.3.1242040011.1672130198; _gid=GA1.3.933674146.1672130199; _gat_gtag_UA_117111585_4=1
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
date: Tue, 27 Dec 2022 08:36:42 GMT
content-type: image/webp
content-length: 17346
cache-control: public, max-age=31557600
expires: Thu, 21 Dec 2023 07:11:08 GMT
last-modified: Mon, 28 Nov 2022 16:12:02 GMT
vary: User-Agent,User-Agent, Accept-Encoding
x-content-type-options: nosniff
x-turbo-charged-by: LiteSpeed
cf-cache-status: HIT
age: 0
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=0zVE59JEFEECoqvXGiLDQ0TxaPPb4n20U2oQKLLJUhM%2BIBJjjoJ65L%2FB1SRyKfPx05hLQ6wKK6lSxvjorYISQBbGWRtYpnJemz4421VjQ8Z9JVM6y%2B9ff6o2dD5hOxUgWGO6LQ%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 7800bae74930b51d-OSL
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
post.bemcon.co.uk/wp-content/uploads/2020/08/STRATEGIC-Thinking-BEMCON-Jan-2021-300x300.jpg.webp
200 OK 24 kB URL HTTP/2 post.bemcon.co.uk/wp-content/uploads/2020/08/STRATEGIC-Thinking-BEMCON-Jan-2021-300x300.jpg.webp
IP
File type RIFF (little-endian) data, Web/P image, VP8 encoding, 300x300, Scaling: [none]x[none], YUV color, decoders should clamp\012- data
Hash 52841cd791f4f4f693ad64217666b636
135c498125d476286fccf408dc94c7f8c180b006
80030c47d604fff9783d1faf7318250238422524e2829ea8d9b06fd82c05c516
Analyzer Verdict Alert fortinet Phishing
GET /wp-content/uploads/2020/08/STRATEGIC-Thinking-BEMCON-Jan-2021-300x300.jpg.webp HTTP/1.1
Host: post.bemcon.co.uk
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://post.bemcon.co.uk/
Cookie: _lscache_vary=0ecd605272207d647f0e0abe9c8f5436; __cf_bm=rVOpc_ZAXULVFzJMgYCF3Jmb5ddhP9Aw_bgQnBMSCO0-1672130199-0-AWcvvxacEOH95kQrELG1h47NtcOHp3DbhWYvBI20WGbDDNstDvDw1Q2Krb5glS/uvg9RKupOEtYR/gc50XHWYjW6Zaq4UlZmYhbXdYznr2WmC0+SK2YV+bWcxhv0C/2gg2GBeVqm5gNGnvlyDytGOGo=; _ga_94998W1T93=GS1.1.1672130198.1.0.1672130198.0.0.0; _ga=GA1.3.1242040011.1672130198; _gid=GA1.3.933674146.1672130199; _gat_gtag_UA_117111585_4=1
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
date: Tue, 27 Dec 2022 08:36:42 GMT
content-type: image/webp
content-length: 24418
cache-control: public, max-age=31557600
expires: Thu, 21 Dec 2023 14:38:24 GMT
last-modified: Mon, 28 Nov 2022 16:11:50 GMT
vary: User-Agent,User-Agent, Accept-Encoding
x-content-type-options: nosniff
x-turbo-charged-by: LiteSpeed
cf-cache-status: HIT
age: 0
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=1dWll%2Fe2u4%2BooBn3fbh5nYS3KyrFWw37E20s2WJh3vT2TKGGYOMQ9gt120jw8C3gGJjQTftrJLH132Y%2FRNnNvADZH7xGIh4RDlHu4PX1b2lDTF%2BjQ%2Bs4Bwp7uEZnRSnORlHCUw%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 7800bae7492fb51d-OSL
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
post.bemcon.co.uk/cdn-cgi/rum?
204 No Content 0 B URL HTTP/2 post.bemcon.co.uk/cdn-cgi/rum?
IP
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
POST /cdn-cgi/rum? HTTP/1.1
Host: post.bemcon.co.uk
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
content-type: application/json
Content-Length: 1093
Origin: https://post.bemcon.co.uk
Connection: keep-alive
Referer: https://post.bemcon.co.uk/
Cookie: _lscache_vary=0ecd605272207d647f0e0abe9c8f5436; __cf_bm=rVOpc_ZAXULVFzJMgYCF3Jmb5ddhP9Aw_bgQnBMSCO0-1672130199-0-AWcvvxacEOH95kQrELG1h47NtcOHp3DbhWYvBI20WGbDDNstDvDw1Q2Krb5glS/uvg9RKupOEtYR/gc50XHWYjW6Zaq4UlZmYhbXdYznr2WmC0+SK2YV+bWcxhv0C/2gg2GBeVqm5gNGnvlyDytGOGo=; _ga_94998W1T93=GS1.1.1672130198.1.0.1672130198.0.0.0; _ga=GA1.3.1242040011.1672130198; _gid=GA1.3.933674146.1672130199; _gat_gtag_UA_117111585_4=1
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 204 No Content
date: Tue, 27 Dec 2022 08:36:43 GMT
access-control-allow-origin: https://post.bemcon.co.uk
access-control-allow-methods: POST,OPTIONS
access-control-max-age: 86400
vary: Origin
access-control-allow-credentials: true
server: cloudflare
cf-ray: 7800bae92b93b51d-OSL
x-frame-options: DENY
x-content-type-options: nosniff
X-Firefox-Spdy: h2
static.cloudflareinsights.com/beacon.min.js/vaafb692b2aea4879b33c060e79fe94621666317369993
200 OK 46 kB URL HTTP/2 static.cloudflareinsights.com/beacon.min.js/vaafb692b2aea4879b33c060e79fe94621666317369993
IP
Hash 0fcada6f34cee6cdd32bfa18481f8e21
3606c0112d7e4f73bec196b56c41fb0e5b4a9f93
54dc322338a10d5ccc1cb37145f5c79bc78d39c0109a78349fa78165d43dc623
GET /beacon.min.js/vaafb692b2aea4879b33c060e79fe94621666317369993 HTTP/1.1
Host: static.cloudflareinsights.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://post.bemcon.co.uk
Connection: keep-alive
Referer: https://post.bemcon.co.uk/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
date: Tue, 27 Dec 2022 08:36:40 GMT
content-type: text/javascript;charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=86400
etag: W/2022.10.1
last-modified: Fri, 21 Oct 2022 01:56:09 GMT
cross-origin-resource-policy: cross-origin
vary: Accept-Encoding
server: cloudflare
cf-ray: 7800bad7e81f0b51-OSL
content-encoding: gzip
X-Firefox-Spdy: h2
post.bemcon.co.uk/wp-content/uploads/2020/08/ISO-28000-2007-Supply-Chain-Security-Manager-Nov-2020-1-300x300.jpg.webp
200 OK 31 kB URL HTTP/2 post.bemcon.co.uk/wp-content/uploads/2020/08/ISO-28000-2007-Supply-Chain-Security-Manager-Nov-2020-1-300x300.jpg.webp
IP
File type RIFF (little-endian) data, Web/P image, VP8 encoding, 300x300, Scaling: [none]x[none], YUV color, decoders should clamp\012- data
Hash a971943552483f7bcf4fae247c518d36
6fb82bf20c39936d6a528233a39b13f8a95fc2ce
2289b5bf4834509f92343a447e6143bb82679de28c3883cec16359754fec0e5d
Analyzer Verdict Alert fortinet Phishing
GET /wp-content/uploads/2020/08/ISO-28000-2007-Supply-Chain-Security-Manager-Nov-2020-1-300x300.jpg.webp HTTP/1.1
Host: post.bemcon.co.uk
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://post.bemcon.co.uk/
Cookie: _lscache_vary=0ecd605272207d647f0e0abe9c8f5436; __cf_bm=rVOpc_ZAXULVFzJMgYCF3Jmb5ddhP9Aw_bgQnBMSCO0-1672130199-0-AWcvvxacEOH95kQrELG1h47NtcOHp3DbhWYvBI20WGbDDNstDvDw1Q2Krb5glS/uvg9RKupOEtYR/gc50XHWYjW6Zaq4UlZmYhbXdYznr2WmC0+SK2YV+bWcxhv0C/2gg2GBeVqm5gNGnvlyDytGOGo=; _ga_94998W1T93=GS1.1.1672130198.1.0.1672130198.0.0.0; _ga=GA1.3.1242040011.1672130198; _gid=GA1.3.933674146.1672130199; _gat_gtag_UA_117111585_4=1
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
date: Tue, 27 Dec 2022 08:36:43 GMT
content-type: image/webp
content-length: 31340
cache-control: public, max-age=31557600
expires: Thu, 21 Dec 2023 07:11:08 GMT
last-modified: Mon, 28 Nov 2022 16:11:24 GMT
vary: User-Agent,User-Agent, Accept-Encoding
x-content-type-options: nosniff
x-turbo-charged-by: LiteSpeed
cf-cache-status: HIT
age: 0
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=q3SIhOvBm6kAEOGukvprsHQhPcz18Le7l0dmRCxnkzgbM75vm5Wk7Ddy076j%2B1EeyJK7BEoGlDB3zY863vkTNRWUWXzlBerViBj%2B4nsc8GwootLy8JiT6SXeH%2F29mpuqFIu4WQ%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 7800bae7392bb51d-OSL
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
post.bemcon.co.uk/wp-content/uploads/2020/08/Fire-Safety-Level-3-Mail-Campaign-700x700.jpg.webp
200 OK 104 kB URL HTTP/2 post.bemcon.co.uk/wp-content/uploads/2020/08/Fire-Safety-Level-3-Mail-Campaign-700x700.jpg.webp
IP
File type RIFF (little-endian) data, Web/P image, VP8 encoding, 700x700, Scaling: [none]x[none], YUV color, decoders should clamp\012- data
Size 104 kB (104164 bytes)
Hash 370e953d4a2af14b191d31cd72052765
bc5339f2a441f198655b2b06538f0d2a04ff489c
f5a718611ce258568304563ffe7e582496799a655f7d24534693091e4231715c
Analyzer Verdict Alert fortinet Phishing
GET /wp-content/uploads/2020/08/Fire-Safety-Level-3-Mail-Campaign-700x700.jpg.webp HTTP/1.1
Host: post.bemcon.co.uk
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://post.bemcon.co.uk/
Cookie: _lscache_vary=0ecd605272207d647f0e0abe9c8f5436; __cf_bm=rVOpc_ZAXULVFzJMgYCF3Jmb5ddhP9Aw_bgQnBMSCO0-1672130199-0-AWcvvxacEOH95kQrELG1h47NtcOHp3DbhWYvBI20WGbDDNstDvDw1Q2Krb5glS/uvg9RKupOEtYR/gc50XHWYjW6Zaq4UlZmYhbXdYznr2WmC0+SK2YV+bWcxhv0C/2gg2GBeVqm5gNGnvlyDytGOGo=; _ga_94998W1T93=GS1.1.1672130198.1.0.1672130198.0.0.0; _ga=GA1.3.1242040011.1672130198; _gid=GA1.3.933674146.1672130199; _gat_gtag_UA_117111585_4=1
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
date: Tue, 27 Dec 2022 08:36:43 GMT
content-type: image/webp
content-length: 104164
cache-control: public, max-age=31557600
expires: Sun, 24 Dec 2023 04:21:35 GMT
last-modified: Mon, 28 Nov 2022 16:15:55 GMT
vary: User-Agent,User-Agent, Accept-Encoding
x-content-type-options: nosniff
x-turbo-charged-by: LiteSpeed
cf-cache-status: HIT
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=r8ANYHgGZM4c81Cd56%2BT26SBjk7ttJ0gojNttLGgG72ajsScYr%2FOGW%2FsRhqAFXMz1SATTBvn7OUtWrridPdeU%2FMKLq0%2FgjlWetQeQwYsvkeRTxHLzwYVVmdPE8YWxivSVN3GgQ%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 7800bae95bdcb51d-OSL
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
post.bemcon.co.uk/wp-content/litespeed/css/0caaa3aa3b0f7af259b0aa3fa90a4c7b.css?ver=a4c7b
200 OK 57 kB URL HTTP/2 post.bemcon.co.uk/wp-content/litespeed/css/0caaa3aa3b0f7af259b0aa3fa90a4c7b.css?ver=a4c7b
IP
File type ASCII text, with very long lines (1359), with no line terminators
Hash 40a986228b6c5bc60b75ff1be950062b
70b04466fa3be2c79edb4d6f6adbd9b05c6362d4
f0d83cf90f1dfaf92bb9bad8c40cc30b6404decb14cc81fb2db40a2137e7f6d4
Analyzer Verdict Alert fortinet Phishing
GET /wp-content/litespeed/css/0caaa3aa3b0f7af259b0aa3fa90a4c7b.css?ver=a4c7b HTTP/1.1
Host: post.bemcon.co.uk
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://post.bemcon.co.uk/
Cookie: _lscache_vary=0ecd605272207d647f0e0abe9c8f5436; __cf_bm=rVOpc_ZAXULVFzJMgYCF3Jmb5ddhP9Aw_bgQnBMSCO0-1672130199-0-AWcvvxacEOH95kQrELG1h47NtcOHp3DbhWYvBI20WGbDDNstDvDw1Q2Krb5glS/uvg9RKupOEtYR/gc50XHWYjW6Zaq4UlZmYhbXdYznr2WmC0+SK2YV+bWcxhv0C/2gg2GBeVqm5gNGnvlyDytGOGo=
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
date: Tue, 27 Dec 2022 08:36:40 GMT
content-type: text/css
cache-control: public, max-age=31557600
cf-bgj: minify
expires: Thu, 21 Dec 2023 07:11:04 GMT
last-modified: Wed, 21 Dec 2022 01:11:04 GMT
vary: Accept-Encoding,User-Agent,User-Agent
x-content-type-options: nosniff
x-turbo-charged-by: LiteSpeed
cf-cache-status: HIT
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=7sgpWPx4FZkHjdAaTAzbxL9MScbrdLN6lqgUtGeMSk5O0X945EaknKY2c7eHJvrgq2L41v6kGbdnChq2JgeHFGbJ91n2vMdlc9QGmsAl1isteLaRmHgCilFfY7hlycbpaHvNdQ%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 7800bad74d0eb51d-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
post.bemcon.co.uk/wp-content/litespeed/css/d525ea9e26e73dfbfb5636782e35b9c1.css?ver=5b9c1
200 OK 92 kB URL HTTP/2 post.bemcon.co.uk/wp-content/litespeed/css/d525ea9e26e73dfbfb5636782e35b9c1.css?ver=5b9c1
IP
File type ASCII text, with very long lines (57834)
Hash 696f6c5e586557438fc6adcbacbc3ee0
435231c0b1208ec9d72159f0d5f332c1499c9830
96ad4f9532372be59657c424429b40a4648a2f21a3aad6dad3598dfd3d29003a
Analyzer Verdict Alert fortinet Phishing
GET /wp-content/litespeed/css/d525ea9e26e73dfbfb5636782e35b9c1.css?ver=5b9c1 HTTP/1.1
Host: post.bemcon.co.uk
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://post.bemcon.co.uk/
Cookie: _lscache_vary=0ecd605272207d647f0e0abe9c8f5436; __cf_bm=rVOpc_ZAXULVFzJMgYCF3Jmb5ddhP9Aw_bgQnBMSCO0-1672130199-0-AWcvvxacEOH95kQrELG1h47NtcOHp3DbhWYvBI20WGbDDNstDvDw1Q2Krb5glS/uvg9RKupOEtYR/gc50XHWYjW6Zaq4UlZmYhbXdYznr2WmC0+SK2YV+bWcxhv0C/2gg2GBeVqm5gNGnvlyDytGOGo=
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
date: Tue, 27 Dec 2022 08:36:40 GMT
content-type: text/css
cache-control: public, max-age=31557600
cf-bgj: minify
cf-polished: origSize=57912
expires: Fri, 22 Dec 2023 13:55:28 GMT
last-modified: Thu, 22 Dec 2022 07:55:27 GMT
vary: Accept-Encoding,User-Agent,User-Agent
x-content-type-options: nosniff
x-turbo-charged-by: LiteSpeed
cf-cache-status: HIT
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=5T3d7yfY166LCs%2FTmny6sskLW0u4rpleL4v5gayFRhQ6KNOMdp8KCsh4BArmz5Ssld3J5POHqC0rzw%2FmykfTZKTnOjhowdjP%2BrEa2zmYN2JlD%2B1qIXsPXgxQFxMay74k0g%2B8NA%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 7800bad75d23b51d-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
post.bemcon.co.uk/wp-content/uploads/2020/10/Level-6-Award-in-First-Aid-at-Work-700x700.png.webp
200 OK 79 kB URL HTTP/2 post.bemcon.co.uk/wp-content/uploads/2020/10/Level-6-Award-in-First-Aid-at-Work-700x700.png.webp
IP
File type RIFF (little-endian) data, Web/P image, VP8 encoding, 700x700, Scaling: [none]x[none], YUV color, decoders should clamp\012- data
Hash e6ab38e175fd8274607a2b41f3be4f70
532e4d93f2311b95ec0be0f47e3f0f0602a2aa7d
cf9bc01b10345c6c541e740425e3937b72ec8b640ac392e24d48d532697bd82d
Analyzer Verdict Alert fortinet Phishing
GET /wp-content/uploads/2020/10/Level-6-Award-in-First-Aid-at-Work-700x700.png.webp HTTP/1.1
Host: post.bemcon.co.uk
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://post.bemcon.co.uk/
Cookie: _lscache_vary=0ecd605272207d647f0e0abe9c8f5436; __cf_bm=rVOpc_ZAXULVFzJMgYCF3Jmb5ddhP9Aw_bgQnBMSCO0-1672130199-0-AWcvvxacEOH95kQrELG1h47NtcOHp3DbhWYvBI20WGbDDNstDvDw1Q2Krb5glS/uvg9RKupOEtYR/gc50XHWYjW6Zaq4UlZmYhbXdYznr2WmC0+SK2YV+bWcxhv0C/2gg2GBeVqm5gNGnvlyDytGOGo=; _ga_94998W1T93=GS1.1.1672130198.1.0.1672130198.0.0.0; _ga=GA1.3.1242040011.1672130198; _gid=GA1.3.933674146.1672130199; _gat_gtag_UA_117111585_4=1
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
date: Tue, 27 Dec 2022 08:36:43 GMT
content-type: image/webp
content-length: 79054
cache-control: public, max-age=31557600
expires: Sun, 24 Dec 2023 04:21:36 GMT
last-modified: Mon, 28 Nov 2022 15:06:07 GMT
vary: User-Agent,User-Agent, Accept-Encoding
x-content-type-options: nosniff
x-turbo-charged-by: LiteSpeed
cf-cache-status: HIT
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=me2EQu1%2FDF21%2FAdPP79uex5ggqj9yMsx7MhlRBZu0FAE%2FKxEMFTC6mrR%2FSnArNgHUFWACjCLva2ROwvaws%2FuZEL07Nh6%2B1cr5eg1j%2BUD2wTttUm7jDUsUAZQumhZYTGf%2FghfQQ%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 7800bae95bcfb51d-OSL
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
post.bemcon.co.uk/wp-content/uploads/2020/07/Supply-Chain-Effectiveness-700x700.jpg.webp
200 OK 78 kB URL HTTP/2 post.bemcon.co.uk/wp-content/uploads/2020/07/Supply-Chain-Effectiveness-700x700.jpg.webp
IP
File type RIFF (little-endian) data, Web/P image, VP8 encoding, 700x700, Scaling: [none]x[none], YUV color, decoders should clamp\012- data
Hash c9b0dbca68810009751e3d713142e0a5
5b592840c542bab12766fba7ee95a9e971107afa
155cfe5a6a95748a5560e98287edc6160ade065ff7d99e671171f19f7bf6496d
Analyzer Verdict Alert fortinet Phishing
GET /wp-content/uploads/2020/07/Supply-Chain-Effectiveness-700x700.jpg.webp HTTP/1.1
Host: post.bemcon.co.uk
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://post.bemcon.co.uk/
Cookie: _lscache_vary=0ecd605272207d647f0e0abe9c8f5436; __cf_bm=rVOpc_ZAXULVFzJMgYCF3Jmb5ddhP9Aw_bgQnBMSCO0-1672130199-0-AWcvvxacEOH95kQrELG1h47NtcOHp3DbhWYvBI20WGbDDNstDvDw1Q2Krb5glS/uvg9RKupOEtYR/gc50XHWYjW6Zaq4UlZmYhbXdYznr2WmC0+SK2YV+bWcxhv0C/2gg2GBeVqm5gNGnvlyDytGOGo=; _ga_94998W1T93=GS1.1.1672130198.1.0.1672130198.0.0.0; _ga=GA1.3.1242040011.1672130198; _gid=GA1.3.933674146.1672130199; _gat_gtag_UA_117111585_4=1
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
date: Tue, 27 Dec 2022 08:36:43 GMT
content-type: image/webp
content-length: 78470
cache-control: public, max-age=31557600
expires: Sun, 24 Dec 2023 04:21:37 GMT
last-modified: Mon, 28 Nov 2022 16:40:44 GMT
vary: User-Agent,User-Agent, Accept-Encoding
x-content-type-options: nosniff
x-turbo-charged-by: LiteSpeed
cf-cache-status: HIT
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=%2BmeBgLDMcmon137MgX5RrpxxRI3Rv52jK9JCFYpN0siuSlsmY4oDsPEo5Nn8bWeNiYG4orhaay%2Fh2m%2FsvpnRc2HDTMed9t3X3tH7Ln6ht9Rx9d8gHO6M1WLBrQvaOuKXUgCkFg%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 7800bae98c1eb51d-OSL
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
post.bemcon.co.uk/wp-content/uploads/2020/08/First-Aid-Level-3-OCT-2020-700x700.jpg.webp
200 OK 73 kB URL HTTP/2 post.bemcon.co.uk/wp-content/uploads/2020/08/First-Aid-Level-3-OCT-2020-700x700.jpg.webp
IP
File type RIFF (little-endian) data, Web/P image, VP8 encoding, 700x700, Scaling: [none]x[none], YUV color, decoders should clamp\012- data
Hash 2ca7b549932e8e3758466651280bb1d7
81ecc025eaae42c51125f6c6f2101621ecdde626
6749fcf9c1329b31710c6d9663eed367c71dd3147838935bf87aba33432faf02
Analyzer Verdict Alert fortinet Phishing
GET /wp-content/uploads/2020/08/First-Aid-Level-3-OCT-2020-700x700.jpg.webp HTTP/1.1
Host: post.bemcon.co.uk
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://post.bemcon.co.uk/
Cookie: _lscache_vary=0ecd605272207d647f0e0abe9c8f5436; __cf_bm=rVOpc_ZAXULVFzJMgYCF3Jmb5ddhP9Aw_bgQnBMSCO0-1672130199-0-AWcvvxacEOH95kQrELG1h47NtcOHp3DbhWYvBI20WGbDDNstDvDw1Q2Krb5glS/uvg9RKupOEtYR/gc50XHWYjW6Zaq4UlZmYhbXdYznr2WmC0+SK2YV+bWcxhv0C/2gg2GBeVqm5gNGnvlyDytGOGo=; _ga_94998W1T93=GS1.1.1672130198.1.0.1672130198.0.0.0; _ga=GA1.3.1242040011.1672130198; _gid=GA1.3.933674146.1672130199; _gat_gtag_UA_117111585_4=1
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
date: Tue, 27 Dec 2022 08:36:43 GMT
content-type: image/webp
content-length: 73150
cache-control: public, max-age=31557600
expires: Sun, 24 Dec 2023 04:21:36 GMT
last-modified: Mon, 28 Nov 2022 16:15:29 GMT
vary: User-Agent,User-Agent, Accept-Encoding
x-content-type-options: nosniff
x-turbo-charged-by: LiteSpeed
cf-cache-status: HIT
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=%2BcLsExY3Pj7BwCwsSu1H0pKMQkcsikeh24XIIBwJy2GaIHtXnYZQ9C5R7sQ0XWGK7oSCfBZP6Ka9ymsY9iIr5xMvvrmd6P%2FX9Ibz06omi6Va3jLqKGU8Axde5%2F0EO%2B%2FOEhqOCQ%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 7800bae95bd6b51d-OSL
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
post.bemcon.co.uk/wp-content/litespeed/css/f9f97c349036eccb65cd2356304ea415.css?ver=ea415
200 OK 70 kB URL HTTP/2 post.bemcon.co.uk/wp-content/litespeed/css/f9f97c349036eccb65cd2356304ea415.css?ver=ea415
IP
File type ASCII text, with very long lines (19564), with no line terminators
Hash 436e83d1aab24939c6e9953361c79d67
28ecfe423c9510124059451325f80ff02d4121fa
7b60468715200ed2fd03e6f7f4e26381724d12b03f7dde988337a7034b3eaaac
Analyzer Verdict Alert fortinet Phishing
GET /wp-content/litespeed/css/f9f97c349036eccb65cd2356304ea415.css?ver=ea415 HTTP/1.1
Host: post.bemcon.co.uk
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://post.bemcon.co.uk/
Cookie: _lscache_vary=0ecd605272207d647f0e0abe9c8f5436; __cf_bm=rVOpc_ZAXULVFzJMgYCF3Jmb5ddhP9Aw_bgQnBMSCO0-1672130199-0-AWcvvxacEOH95kQrELG1h47NtcOHp3DbhWYvBI20WGbDDNstDvDw1Q2Krb5glS/uvg9RKupOEtYR/gc50XHWYjW6Zaq4UlZmYhbXdYznr2WmC0+SK2YV+bWcxhv0C/2gg2GBeVqm5gNGnvlyDytGOGo=
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
date: Tue, 27 Dec 2022 08:36:40 GMT
content-type: text/css
cache-control: public, max-age=31557600
cf-bgj: minify
cf-polished: origSize=19567
expires: Fri, 22 Dec 2023 13:55:28 GMT
last-modified: Thu, 22 Dec 2022 07:55:27 GMT
vary: Accept-Encoding,User-Agent,User-Agent
x-content-type-options: nosniff
x-turbo-charged-by: LiteSpeed
cf-cache-status: HIT
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=bgepKR4U1TOO9Ev0DjA8sVW1NAJ3eTX1lwny%2Fi%2FLTXOVicNpOtk%2FB18PpUfpVNuOtnHtEYtiC%2Fa4FHCgkKiHhwZZHifvPGOjicTvIqL45Z79ZQrxANwTsJzmrFKp2tMWY%2BqUxw%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 7800bad73d02b51d-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
post.bemcon.co.uk/wp-content/uploads/2020/09/ISO-22301-2019-Business-Continuity-Manager-Dec-2020-700x700.jpg.webp
200 OK 85 kB URL HTTP/2 post.bemcon.co.uk/wp-content/uploads/2020/09/ISO-22301-2019-Business-Continuity-Manager-Dec-2020-700x700.jpg.webp
IP
File type RIFF (little-endian) data, Web/P image, VP8 encoding, 700x700, Scaling: [none]x[none], YUV color, decoders should clamp\012- data
Hash 8443c93c78cc5e268759994216dc7829
a7d8424658884111137606301ba782d1bccd872a
cd0df97bf8daa09a65f6c165fbf30451ca635ec17ce3c71a092354ffd89ff0af
Analyzer Verdict Alert fortinet Phishing
GET /wp-content/uploads/2020/09/ISO-22301-2019-Business-Continuity-Manager-Dec-2020-700x700.jpg.webp HTTP/1.1
Host: post.bemcon.co.uk
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://post.bemcon.co.uk/
Cookie: _lscache_vary=0ecd605272207d647f0e0abe9c8f5436; __cf_bm=rVOpc_ZAXULVFzJMgYCF3Jmb5ddhP9Aw_bgQnBMSCO0-1672130199-0-AWcvvxacEOH95kQrELG1h47NtcOHp3DbhWYvBI20WGbDDNstDvDw1Q2Krb5glS/uvg9RKupOEtYR/gc50XHWYjW6Zaq4UlZmYhbXdYznr2WmC0+SK2YV+bWcxhv0C/2gg2GBeVqm5gNGnvlyDytGOGo=; _ga_94998W1T93=GS1.1.1672130198.1.0.1672130198.0.0.0; _ga=GA1.3.1242040011.1672130198; _gid=GA1.3.933674146.1672130199; _gat_gtag_UA_117111585_4=1
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
date: Tue, 27 Dec 2022 08:36:43 GMT
content-type: image/webp
content-length: 85178
cache-control: public, max-age=31557600
expires: Sun, 24 Dec 2023 04:21:36 GMT
last-modified: Mon, 28 Nov 2022 16:01:33 GMT
vary: User-Agent,User-Agent, Accept-Encoding
x-content-type-options: nosniff
x-turbo-charged-by: LiteSpeed
cf-cache-status: HIT
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=zIHhSLHm4CMb05e%2BqWmefbKss55T2axhkmkK%2BCy0Cs5rdI2RY0bHqvy32m2R7i%2FywayYbZBupIqcU%2FlBqEzxPlRFhM9Hmr0nd0bcd%2F65oJn6uaKWJdYzd5ZT99s0qWVmNXF7Rg%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 7800bae96befb51d-OSL
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
post.bemcon.co.uk/wp-content/uploads/2020/08/ISO-37001-Anti-Bribery-Mangement-Mail-Header-700x700.jpg.webp
200 OK 103 kB URL HTTP/2 post.bemcon.co.uk/wp-content/uploads/2020/08/ISO-37001-Anti-Bribery-Mangement-Mail-Header-700x700.jpg.webp
IP
File type RIFF (little-endian) data, Web/P image, VP8 encoding, 700x700, Scaling: [none]x[none], YUV color, decoders should clamp\012- data
Size 103 kB (102730 bytes)
Hash 803ce5ab623df242e16ee1afa40346d6
cdb834bfbee83c5acd1f6e40585cde819972ae7d
f802693ef8103102594ab1d06f105d02bd3d4c5170ec6af1484129fec86c262b
Analyzer Verdict Alert fortinet Phishing
GET /wp-content/uploads/2020/08/ISO-37001-Anti-Bribery-Mangement-Mail-Header-700x700.jpg.webp HTTP/1.1
Host: post.bemcon.co.uk
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://post.bemcon.co.uk/
Cookie: _lscache_vary=0ecd605272207d647f0e0abe9c8f5436; __cf_bm=rVOpc_ZAXULVFzJMgYCF3Jmb5ddhP9Aw_bgQnBMSCO0-1672130199-0-AWcvvxacEOH95kQrELG1h47NtcOHp3DbhWYvBI20WGbDDNstDvDw1Q2Krb5glS/uvg9RKupOEtYR/gc50XHWYjW6Zaq4UlZmYhbXdYznr2WmC0+SK2YV+bWcxhv0C/2gg2GBeVqm5gNGnvlyDytGOGo=; _ga_94998W1T93=GS1.1.1672130198.1.0.1672130198.0.0.0; _ga=GA1.3.1242040011.1672130198; _gid=GA1.3.933674146.1672130199; _gat_gtag_UA_117111585_4=1
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
date: Tue, 27 Dec 2022 08:36:43 GMT
content-type: image/webp
content-length: 102730
cache-control: public, max-age=31557600
expires: Wed, 27 Dec 2023 11:54:45 GMT
last-modified: Mon, 28 Nov 2022 16:11:45 GMT
vary: User-Agent,User-Agent, Accept-Encoding
x-content-type-options: nosniff
x-turbo-charged-by: LiteSpeed
cf-cache-status: HIT
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=g81prYbL9OlDgEFSF4WJvMCVDbRFwwWyjvGx%2FAXFKbW1RuD%2FHpAh1ccn7RkIXDU84J1OZG9KsC6Zlb41DJLve10uAYoAt0nbFeWT4NN63diP%2B1K%2Bckx%2FSM45gr4XT1O9Hbg4GA%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 7800bae99c42b51d-OSL
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
post.bemcon.co.uk/wp-content/uploads/2020/09/Health-Safety-Accomodations-Mail-700x700.png.webp
200 OK 88 kB URL HTTP/2 post.bemcon.co.uk/wp-content/uploads/2020/09/Health-Safety-Accomodations-Mail-700x700.png.webp
IP
File type RIFF (little-endian) data, Web/P image\012- data
Hash 61aa975f2336f7b1e307dd71f4f59216
f0a9b465cfa695f701a4b024e0da640cf15e6ad4
1be04a0f8c24ef5b615192b36b3c9216a61a17b2fda714c9d36b24ac8519973b
Analyzer Verdict Alert fortinet Phishing
GET /wp-content/uploads/2020/09/Health-Safety-Accomodations-Mail-700x700.png.webp HTTP/1.1
Host: post.bemcon.co.uk
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://post.bemcon.co.uk/
Cookie: _lscache_vary=0ecd605272207d647f0e0abe9c8f5436; __cf_bm=rVOpc_ZAXULVFzJMgYCF3Jmb5ddhP9Aw_bgQnBMSCO0-1672130199-0-AWcvvxacEOH95kQrELG1h47NtcOHp3DbhWYvBI20WGbDDNstDvDw1Q2Krb5glS/uvg9RKupOEtYR/gc50XHWYjW6Zaq4UlZmYhbXdYznr2WmC0+SK2YV+bWcxhv0C/2gg2GBeVqm5gNGnvlyDytGOGo=; _ga_94998W1T93=GS1.1.1672130198.1.0.1672130198.0.0.0; _ga=GA1.3.1242040011.1672130198; _gid=GA1.3.933674146.1672130199; _gat_gtag_UA_117111585_4=1
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
date: Tue, 27 Dec 2022 08:36:43 GMT
content-type: image/webp
content-length: 87944
cache-control: public, max-age=31557600
expires: Sun, 24 Dec 2023 04:21:36 GMT
last-modified: Mon, 28 Nov 2022 15:10:06 GMT
vary: User-Agent,User-Agent, Accept-Encoding
x-content-type-options: nosniff
x-turbo-charged-by: LiteSpeed
cf-cache-status: HIT
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=%2FMB2i9CW0n4FhLMsXEBSvGcvFI8RFutGccetPFcd44e%2Fau5sEdUyehp3oR9lU%2FwgMPEYDX2n%2FVy%2BVK6DQcmuiL4hPPws%2BGRcaGrI2lX9%2B0mLX5czTbA41g0a3Q1HMblfP9I4uA%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 7800bae95bd4b51d-OSL
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
post.bemcon.co.uk/
200 OK 119 kB IP
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text, with very long lines (15538)
Size 119 kB (118678 bytes)
Hash 53b6986dd142b41b81deeb32766f09c8
a7e6e47596e34ff1ecbd3abc6d45ee87447018bc
d20ace2edd4eadc81ad732f827b2e71978d9e3b4599ed6c94d19b49ae850cab8
Analyzer Verdict Alert fortinet Phishing
GET / HTTP/1.1
Host: post.bemcon.co.uk
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Cookie: _lscache_vary=0ecd605272207d647f0e0abe9c8f5436; __cf_bm=rVOpc_ZAXULVFzJMgYCF3Jmb5ddhP9Aw_bgQnBMSCO0-1672130199-0-AWcvvxacEOH95kQrELG1h47NtcOHp3DbhWYvBI20WGbDDNstDvDw1Q2Krb5glS/uvg9RKupOEtYR/gc50XHWYjW6Zaq4UlZmYhbXdYznr2WmC0+SK2YV+bWcxhv0C/2gg2GBeVqm5gNGnvlyDytGOGo=
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
date: Tue, 27 Dec 2022 08:36:40 GMT
content-type: text/html; charset=UTF-8
x-dns-prefetch-control: on
link: <https://post.bemcon.co.uk/wp-json/>; rel="https://api.w.org/", <https://post.bemcon.co.uk/wp-json/wp/v2/pages/1139>; rel="alternate"; type="application/json", <https://post.bemcon.co.uk/>; rel=shortlink
x-litespeed-cache: hit
vary: Accept-Encoding,User-Agent,User-Agent
x-content-type-options: nosniff
x-turbo-charged-by: LiteSpeed
cf-cache-status: DYNAMIC
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=tAL%2B16veTlkgeh9Dett%2BtkO7t%2FmqQIEF9b%2F%2FKDV9B3nn9FErNGxhlg8GVCHbIRJ4e3gzNDOgmrp3rX39UHavDRA2EDpOIc7P%2Brna%2BDa%2BUPSG66bwUZDikaSOQ1TWB3aaoAYINg%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 7800bad53a6cb51d-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
X-Firefox-Early-Data: accepted
post.bemcon.co.uk/wp-content/uploads/2020/10/Level-2-Award-in-Fire-Safety-Principles-700x700.png.webp
200 OK 108 kB URL HTTP/2 post.bemcon.co.uk/wp-content/uploads/2020/10/Level-2-Award-in-Fire-Safety-Principles-700x700.png.webp
IP
File type RIFF (little-endian) data, Web/P image, VP8 encoding, 700x700, Scaling: [none]x[none], YUV color, decoders should clamp\012- data
Size 108 kB (108254 bytes)
Hash df604e64b48039f2cd4dc58c6e406f97
174a71bdb78544c818a056d8f9e0ad5c2dbd2d54
bb3cca2e2cd00024e3fc9c50094896bddd345fd6d4f4b73e4e24ec035edc959a
Analyzer Verdict Alert fortinet Phishing
GET /wp-content/uploads/2020/10/Level-2-Award-in-Fire-Safety-Principles-700x700.png.webp HTTP/1.1
Host: post.bemcon.co.uk
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://post.bemcon.co.uk/
Cookie: _lscache_vary=0ecd605272207d647f0e0abe9c8f5436; __cf_bm=rVOpc_ZAXULVFzJMgYCF3Jmb5ddhP9Aw_bgQnBMSCO0-1672130199-0-AWcvvxacEOH95kQrELG1h47NtcOHp3DbhWYvBI20WGbDDNstDvDw1Q2Krb5glS/uvg9RKupOEtYR/gc50XHWYjW6Zaq4UlZmYhbXdYznr2WmC0+SK2YV+bWcxhv0C/2gg2GBeVqm5gNGnvlyDytGOGo=; _ga_94998W1T93=GS1.1.1672130198.1.0.1672130198.0.0.0; _ga=GA1.3.1242040011.1672130198; _gid=GA1.3.933674146.1672130199; _gat_gtag_UA_117111585_4=1
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
date: Tue, 27 Dec 2022 08:36:43 GMT
content-type: image/webp
content-length: 108254
cache-control: public, max-age=31557600
expires: Sun, 24 Dec 2023 04:21:36 GMT
last-modified: Mon, 28 Nov 2022 15:06:27 GMT
vary: User-Agent,User-Agent, Accept-Encoding
x-content-type-options: nosniff
x-turbo-charged-by: LiteSpeed
cf-cache-status: HIT
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=N%2BYQBSBztiQGzRWZiRn2bJNX%2FXlCYhBxVWzPh1pfMGwVaw6guVeCyBLiCOdb0vIpC73yACq9pN850K%2F4KdlhNhKteyGmUT2Iht9CYQA73bZmXSIYKAasdgnTS7%2BBzAHxXRBs0A%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 7800bae95bd2b51d-OSL
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
post.bemcon.co.uk/wp-content/litespeed/css/1ce8614741870fe63962e5ef9305f484.css?ver=5f484
200 OK 83 kB URL HTTP/2 post.bemcon.co.uk/wp-content/litespeed/css/1ce8614741870fe63962e5ef9305f484.css?ver=5f484
IP
File type ASCII text, with very long lines (15656), with no line terminators
Hash e5d0f701558d9f3eb5afd496f2330263
b091b28fac2b915c423410b9b6ea3b1af52244f3
129bc1ed657d548efef84e53201653723ba80545c4ec63940e9d5e48c27264bb
Analyzer Verdict Alert fortinet Phishing
GET /wp-content/litespeed/css/1ce8614741870fe63962e5ef9305f484.css?ver=5f484 HTTP/1.1
Host: post.bemcon.co.uk
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://post.bemcon.co.uk/
Cookie: _lscache_vary=0ecd605272207d647f0e0abe9c8f5436; __cf_bm=rVOpc_ZAXULVFzJMgYCF3Jmb5ddhP9Aw_bgQnBMSCO0-1672130199-0-AWcvvxacEOH95kQrELG1h47NtcOHp3DbhWYvBI20WGbDDNstDvDw1Q2Krb5glS/uvg9RKupOEtYR/gc50XHWYjW6Zaq4UlZmYhbXdYznr2WmC0+SK2YV+bWcxhv0C/2gg2GBeVqm5gNGnvlyDytGOGo=
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
date: Tue, 27 Dec 2022 08:36:40 GMT
content-type: text/css
cache-control: public, max-age=31557600
cf-bgj: minify
cf-polished: origSize=15672
expires: Thu, 21 Dec 2023 07:11:05 GMT
last-modified: Wed, 21 Dec 2022 01:11:04 GMT
vary: Accept-Encoding,User-Agent,User-Agent
x-content-type-options: nosniff
x-turbo-charged-by: LiteSpeed
cf-cache-status: HIT
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=%2BmZ%2F0yH156Zgb%2FzBnWvEWGr0dTp0ERfToA%2FFWevDLrDGHiMnGnYCCx8XK1%2BHcVfgG%2Fx3S2VkVyK5fiMSCm93Thp3hydTxJmV20nDsrqgJa2%2FShoxInr%2FqNdO0%2B%2B7nBrIqpMm6g%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 7800bad73d01b51d-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
post.bemcon.co.uk/wp-content/uploads/2020/08/First-Aid-Level-2-700x700.jpg.webp
200 OK 80 kB URL HTTP/2 post.bemcon.co.uk/wp-content/uploads/2020/08/First-Aid-Level-2-700x700.jpg.webp
IP
File type RIFF (little-endian) data, Web/P image, VP8 encoding, 700x700, Scaling: [none]x[none], YUV color, decoders should clamp\012- data
Hash 83bf64bf50034f688d0a8addc5acaf88
75a1b3023c20f3f504bdf1d2e7a0c93b7b2b4a69
49b73f51aca3d20114f4c2642f85f018160306e77aaccef47b9ea2f43b312a70
Analyzer Verdict Alert fortinet Phishing
GET /wp-content/uploads/2020/08/First-Aid-Level-2-700x700.jpg.webp HTTP/1.1
Host: post.bemcon.co.uk
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://post.bemcon.co.uk/
Cookie: _lscache_vary=0ecd605272207d647f0e0abe9c8f5436; __cf_bm=rVOpc_ZAXULVFzJMgYCF3Jmb5ddhP9Aw_bgQnBMSCO0-1672130199-0-AWcvvxacEOH95kQrELG1h47NtcOHp3DbhWYvBI20WGbDDNstDvDw1Q2Krb5glS/uvg9RKupOEtYR/gc50XHWYjW6Zaq4UlZmYhbXdYznr2WmC0+SK2YV+bWcxhv0C/2gg2GBeVqm5gNGnvlyDytGOGo=; _ga_94998W1T93=GS1.1.1672130198.1.0.1672130198.0.0.0; _ga=GA1.3.1242040011.1672130198; _gid=GA1.3.933674146.1672130199; _gat_gtag_UA_117111585_4=1
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
date: Tue, 27 Dec 2022 08:36:43 GMT
content-type: image/webp
content-length: 79804
cache-control: public, max-age=31557600
expires: Sun, 24 Dec 2023 04:21:35 GMT
last-modified: Mon, 28 Nov 2022 16:15:42 GMT
vary: User-Agent,User-Agent, Accept-Encoding
x-content-type-options: nosniff
x-turbo-charged-by: LiteSpeed
cf-cache-status: HIT
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=z7hsDLdYozb6%2Fpyiu2CpKiq6HPO9ZYXkcLfj19AOdp7qxS6Z8bJZL%2BfW7dst15TT8rcZG4ZQq4a1WGSN1cEpaQ%2FkR%2FXqyeEmG3Dque%2FmZinqDfBlZfMcbmtyb8ahHdqlfOqJdA%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 7800bae95bd8b51d-OSL
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
post.bemcon.co.uk/wp-content/litespeed/js/7c297c371aeae8d7c1276dc60e4d3fbc.js?ver=d3fbc
200 OK 66 kB URL HTTP/2 post.bemcon.co.uk/wp-content/litespeed/js/7c297c371aeae8d7c1276dc60e4d3fbc.js?ver=d3fbc
IP
File type Unicode text, UTF-8 text, with very long lines (31519), with no line terminators
Hash 72fe0a23f8e1099bb58636035594faff
78d4f1a29b8013babb4a98cd3eb2e13aa8aa9501
db2b40bd19289f715cc978e6402011d1237409f5e83f6294cf289ced950f5b35
GET /wp-content/litespeed/js/7c297c371aeae8d7c1276dc60e4d3fbc.js?ver=d3fbc HTTP/1.1
Host: post.bemcon.co.uk
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://post.bemcon.co.uk/
Cookie: _lscache_vary=0ecd605272207d647f0e0abe9c8f5436; __cf_bm=rVOpc_ZAXULVFzJMgYCF3Jmb5ddhP9Aw_bgQnBMSCO0-1672130199-0-AWcvvxacEOH95kQrELG1h47NtcOHp3DbhWYvBI20WGbDDNstDvDw1Q2Krb5glS/uvg9RKupOEtYR/gc50XHWYjW6Zaq4UlZmYhbXdYznr2WmC0+SK2YV+bWcxhv0C/2gg2GBeVqm5gNGnvlyDytGOGo=
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
date: Tue, 27 Dec 2022 08:36:40 GMT
content-type: application/javascript
cache-control: public, max-age=31557600
cf-bgj: minify
cf-polished: origSize=31524
expires: Fri, 22 Dec 2023 13:55:28 GMT
last-modified: Thu, 22 Dec 2022 07:55:27 GMT
vary: Accept-Encoding,User-Agent,User-Agent
x-content-type-options: nosniff
x-turbo-charged-by: LiteSpeed
cf-cache-status: HIT
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=8%2FctrHhbjom1Yq6TbxX9LUJVdkaXF4kZL0jlOKWPp1zx0CLf%2FXbarP6VZ239ZrY%2BDzrt7Of1lJd9zjUCRqVuKC96%2BKSX2E8PGmBxfMpvLwPwFI2No%2F2cpAHTQPPgJLRMQoXggQ%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 7800bad7bd8cb51d-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
post.bemcon.co.uk/wp-content/uploads/2020/08/Health-Safety-Level-3-HABC-Nov-2020-700x700.jpg.webp
200 OK 53 kB URL HTTP/2 post.bemcon.co.uk/wp-content/uploads/2020/08/Health-Safety-Level-3-HABC-Nov-2020-700x700.jpg.webp
IP
File type RIFF (little-endian) data, Web/P image, VP8 encoding, 700x700, Scaling: [none]x[none], YUV color, decoders should clamp\012- data
Hash 850b36bf6e6e247760506a95c84c4631
8813a1ee61e25533bef126da415da65c8784c596
024cc044a1b41a0e26a36595673e39ad346287cba6bdb517720ed58f7e30c140
Analyzer Verdict Alert fortinet Phishing
GET /wp-content/uploads/2020/08/Health-Safety-Level-3-HABC-Nov-2020-700x700.jpg.webp HTTP/1.1
Host: post.bemcon.co.uk
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://post.bemcon.co.uk/
Cookie: _lscache_vary=0ecd605272207d647f0e0abe9c8f5436; __cf_bm=rVOpc_ZAXULVFzJMgYCF3Jmb5ddhP9Aw_bgQnBMSCO0-1672130199-0-AWcvvxacEOH95kQrELG1h47NtcOHp3DbhWYvBI20WGbDDNstDvDw1Q2Krb5glS/uvg9RKupOEtYR/gc50XHWYjW6Zaq4UlZmYhbXdYznr2WmC0+SK2YV+bWcxhv0C/2gg2GBeVqm5gNGnvlyDytGOGo=; _ga_94998W1T93=GS1.1.1672130198.1.0.1672130198.0.0.0; _ga=GA1.3.1242040011.1672130198; _gid=GA1.3.933674146.1672130199; _gat_gtag_UA_117111585_4=1
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
date: Tue, 27 Dec 2022 08:36:43 GMT
content-type: image/webp
content-length: 52690
cache-control: public, max-age=31557600
expires: Sun, 24 Dec 2023 04:21:36 GMT
last-modified: Mon, 28 Nov 2022 16:05:05 GMT
vary: User-Agent,User-Agent, Accept-Encoding
x-content-type-options: nosniff
x-turbo-charged-by: LiteSpeed
cf-cache-status: HIT
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=HieIptAcOrGGwROZL8a2fFSIUZnEvlmuteanoeKB%2BGQ7IEwl3znbZn1qmMfS09z8qa5%2F1848fGDUxAiNkNXEoNpj52e%2B7xKMNo5ZYz2lpNVoxH7%2BGyylXu1cAwHGkXU4cf1ssQ%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 7800bae97c0fb51d-OSL
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
post.bemcon.co.uk/wp-content/uploads/2020/08/Food-Allergen-Header-700x700.jpg.webp
200 OK 89 kB URL HTTP/2 post.bemcon.co.uk/wp-content/uploads/2020/08/Food-Allergen-Header-700x700.jpg.webp
IP
File type RIFF (little-endian) data, Web/P image, VP8 encoding, 700x700, Scaling: [none]x[none], YUV color, decoders should clamp\012- data
Hash 6b33fdb3e7acc5c2a68b9c1464f5690b
6502915ed6349bbdb98dee8cb523073b8b247821
71260243789e2fabb8ac4ed69368271c2249a786aeb3556d5ebefeeb98dad4f1
Analyzer Verdict Alert fortinet Phishing
GET /wp-content/uploads/2020/08/Food-Allergen-Header-700x700.jpg.webp HTTP/1.1
Host: post.bemcon.co.uk
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://post.bemcon.co.uk/
Cookie: _lscache_vary=0ecd605272207d647f0e0abe9c8f5436; __cf_bm=rVOpc_ZAXULVFzJMgYCF3Jmb5ddhP9Aw_bgQnBMSCO0-1672130199-0-AWcvvxacEOH95kQrELG1h47NtcOHp3DbhWYvBI20WGbDDNstDvDw1Q2Krb5glS/uvg9RKupOEtYR/gc50XHWYjW6Zaq4UlZmYhbXdYznr2WmC0+SK2YV+bWcxhv0C/2gg2GBeVqm5gNGnvlyDytGOGo=; _ga_94998W1T93=GS1.1.1672130198.1.0.1672130198.0.0.0; _ga=GA1.3.1242040011.1672130198; _gid=GA1.3.933674146.1672130199; _gat_gtag_UA_117111585_4=1
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
date: Tue, 27 Dec 2022 08:36:43 GMT
content-type: image/webp
content-length: 89300
cache-control: public, max-age=31557600
expires: Sun, 24 Dec 2023 04:21:37 GMT
last-modified: Mon, 28 Nov 2022 16:23:19 GMT
vary: User-Agent,User-Agent, Accept-Encoding
x-content-type-options: nosniff
x-turbo-charged-by: LiteSpeed
cf-cache-status: HIT
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=aItP6fd2m4bYyep3N1X3NKkt2TMPKZOTTtO9kFA1cO7uXbqGvduhWeFXYaKn4f4%2FTyg4goWX5pHh1ZKMIvGNR7ss87O4bus6u7sgUf%2FJ176ytQN%2FNUs5pNox0%2BatpVQufpXMDg%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 7800bae99c4bb51d-OSL
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
post.bemcon.co.uk/wp-content/uploads/2020/09/ISO-14001-2015-EMS-45001-2018-OHSMS-Oct-2020-Mail-700x700.png.webp
200 OK 77 kB URL HTTP/2 post.bemcon.co.uk/wp-content/uploads/2020/09/ISO-14001-2015-EMS-45001-2018-OHSMS-Oct-2020-Mail-700x700.png.webp
IP
File type RIFF (little-endian) data, Web/P image\012- data
Hash 3c865f463d93b5606be349c11918d162
e7c44a3bb2f94c8284cea680394aea5076d18c89
512a5bda29d7bb332f8f8f112405358ad542dea44d22244e43223c4c45d1564a
Analyzer Verdict Alert fortinet Phishing
GET /wp-content/uploads/2020/09/ISO-14001-2015-EMS-45001-2018-OHSMS-Oct-2020-Mail-700x700.png.webp HTTP/1.1
Host: post.bemcon.co.uk
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://post.bemcon.co.uk/
Cookie: _lscache_vary=0ecd605272207d647f0e0abe9c8f5436; __cf_bm=rVOpc_ZAXULVFzJMgYCF3Jmb5ddhP9Aw_bgQnBMSCO0-1672130199-0-AWcvvxacEOH95kQrELG1h47NtcOHp3DbhWYvBI20WGbDDNstDvDw1Q2Krb5glS/uvg9RKupOEtYR/gc50XHWYjW6Zaq4UlZmYhbXdYznr2WmC0+SK2YV+bWcxhv0C/2gg2GBeVqm5gNGnvlyDytGOGo=; _ga_94998W1T93=GS1.1.1672130198.1.0.1672130198.0.0.0; _ga=GA1.3.1242040011.1672130198; _gid=GA1.3.933674146.1672130199; _gat_gtag_UA_117111585_4=1
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
date: Tue, 27 Dec 2022 08:36:43 GMT
content-type: image/webp
content-length: 76962
cache-control: public, max-age=31557600
expires: Sun, 24 Dec 2023 04:21:36 GMT
last-modified: Mon, 28 Nov 2022 15:09:47 GMT
vary: User-Agent,User-Agent, Accept-Encoding
x-content-type-options: nosniff
x-turbo-charged-by: LiteSpeed
cf-cache-status: HIT
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=BC%2Fu%2Fay%2F7qFr2vN9QfQdHb6IOdzNedEUn9vPB%2F%2BebsnDS0rpTqqdQ7etl%2FSHBac9TnsCC0mPWfZ2sJpg%2BVgU8ySfs6CURiYoXYiWpLq1uvsTdGlKC5MVKm3k7%2FegyqJMcGsDig%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 7800bae93babb51d-OSL
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
post.bemcon.co.uk/wp-content/uploads/2020/08/ISO-28000-2007-Supply-Chain-Security-Manager-Nov-2020-1-700x700.jpg.webp
200 OK 108 kB URL HTTP/2 post.bemcon.co.uk/wp-content/uploads/2020/08/ISO-28000-2007-Supply-Chain-Security-Manager-Nov-2020-1-700x700.jpg.webp
IP
File type RIFF (little-endian) data, Web/P image, VP8 encoding, 700x700, Scaling: [none]x[none], YUV color, decoders should clamp\012- data
Size 108 kB (108392 bytes)
Hash 44897a79a7c3b2d963260aca2e82ea8b
2ea28e54064053a3d6a39cabd6d0f264e7278e4a
22d4f03950f0b4865bdd962f26caac52f447d8ce51da4bef1bf84ee171c1b5cb
Analyzer Verdict Alert fortinet Phishing
GET /wp-content/uploads/2020/08/ISO-28000-2007-Supply-Chain-Security-Manager-Nov-2020-1-700x700.jpg.webp HTTP/1.1
Host: post.bemcon.co.uk
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://post.bemcon.co.uk/
Cookie: _lscache_vary=0ecd605272207d647f0e0abe9c8f5436; __cf_bm=rVOpc_ZAXULVFzJMgYCF3Jmb5ddhP9Aw_bgQnBMSCO0-1672130199-0-AWcvvxacEOH95kQrELG1h47NtcOHp3DbhWYvBI20WGbDDNstDvDw1Q2Krb5glS/uvg9RKupOEtYR/gc50XHWYjW6Zaq4UlZmYhbXdYznr2WmC0+SK2YV+bWcxhv0C/2gg2GBeVqm5gNGnvlyDytGOGo=; _ga_94998W1T93=GS1.1.1672130198.1.0.1672130198.0.0.0; _ga=GA1.3.1242040011.1672130198; _gid=GA1.3.933674146.1672130199; _gat_gtag_UA_117111585_4=1
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
date: Tue, 27 Dec 2022 08:36:43 GMT
content-type: image/webp
content-length: 108392
cache-control: public, max-age=31557600
expires: Sun, 24 Dec 2023 04:21:36 GMT
last-modified: Mon, 28 Nov 2022 16:11:32 GMT
vary: User-Agent,User-Agent, Accept-Encoding
x-content-type-options: nosniff
x-turbo-charged-by: LiteSpeed
cf-cache-status: HIT
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=RJXayyQ%2FvriXe%2BEYHVcZ%2FsvEUlMgtsgkRFp8eJu0r1FECLFGCs3LBT%2F2hlaNalRcw3tR1mTnsafQdLvBVA2iWCb%2Bi%2BoWQGUaGUMoMDc5Jlib75dHLUTrcTT5Sgd2Bhyyh6mUzw%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 7800bae97c13b51d-OSL
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
post.bemcon.co.uk/wp-content/uploads/2020/08/Food-Safety-Level-6-Jan-Feb-2021.png
200 OK 73 kB URL HTTP/2 post.bemcon.co.uk/wp-content/uploads/2020/08/Food-Safety-Level-6-Jan-Feb-2021.png
IP
File type PNG image data, 600 x 601, 8-bit colormap, non-interlaced\012- data
Hash 4634ba00571870368b8508444a474b26
d9fad0f9e6e7b0fbd9ff53b936ea68f0ca165153
00562c905cccbb5aee7bdbdc86a51e5aee01aa467f5a25a6d3a14d30a55624be
GET /wp-content/uploads/2020/08/Food-Safety-Level-6-Jan-Feb-2021.png HTTP/1.1
Host: post.bemcon.co.uk
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://post.bemcon.co.uk/
Cookie: _lscache_vary=0ecd605272207d647f0e0abe9c8f5436; __cf_bm=rVOpc_ZAXULVFzJMgYCF3Jmb5ddhP9Aw_bgQnBMSCO0-1672130199-0-AWcvvxacEOH95kQrELG1h47NtcOHp3DbhWYvBI20WGbDDNstDvDw1Q2Krb5glS/uvg9RKupOEtYR/gc50XHWYjW6Zaq4UlZmYhbXdYznr2WmC0+SK2YV+bWcxhv0C/2gg2GBeVqm5gNGnvlyDytGOGo=; _ga_94998W1T93=GS1.1.1672130198.1.0.1672130198.0.0.0; _ga=GA1.3.1242040011.1672130198; _gid=GA1.3.933674146.1672130199; _gat_gtag_UA_117111585_4=1
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
date: Tue, 27 Dec 2022 08:36:43 GMT
content-type: image/png
content-length: 73348
cache-control: public, max-age=31557600
expires: Thu, 21 Dec 2023 21:27:42 GMT
last-modified: Mon, 28 Nov 2022 16:28:52 GMT
vary: User-Agent,User-Agent, Accept-Encoding
x-content-type-options: nosniff
x-turbo-charged-by: LiteSpeed
cf-cache-status: HIT
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=gIrEFGaWKU2ucqf7TWJBUZVsoLjNFImPdiLOW8GfpWDFxxidjDYNbAaALKfur317770hgd75OsC%2FXgIrPxvbS0%2BF55PpKSBcafWeKoIvoLD8SOIooRCfwllL3R3050V5AeuuWw%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 7800bae98c3ab51d-OSL
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
post.bemcon.co.uk/wp-content/litespeed/css/3729ab327e496e5367324bdbe0528493.css?ver=28493
200 OK 92 kB URL HTTP/2 post.bemcon.co.uk/wp-content/litespeed/css/3729ab327e496e5367324bdbe0528493.css?ver=28493
IP
File type ASCII text, with no line terminators
Hash 45c4c252094461fc1bf014342b164b42
0713e3997cf05ebc6bbfe941beca2000d5b9319e
e35659d84702aa87ae154da625a6c3b80f7ea9cd334f1674c98a92028c2267a1
Analyzer Verdict Alert fortinet Phishing
GET /wp-content/litespeed/css/3729ab327e496e5367324bdbe0528493.css?ver=28493 HTTP/1.1
Host: post.bemcon.co.uk
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://post.bemcon.co.uk/
Cookie: _lscache_vary=0ecd605272207d647f0e0abe9c8f5436; __cf_bm=rVOpc_ZAXULVFzJMgYCF3Jmb5ddhP9Aw_bgQnBMSCO0-1672130199-0-AWcvvxacEOH95kQrELG1h47NtcOHp3DbhWYvBI20WGbDDNstDvDw1Q2Krb5glS/uvg9RKupOEtYR/gc50XHWYjW6Zaq4UlZmYhbXdYznr2WmC0+SK2YV+bWcxhv0C/2gg2GBeVqm5gNGnvlyDytGOGo=
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
date: Tue, 27 Dec 2022 08:36:40 GMT
content-type: text/css
cache-control: public, max-age=31557600
cf-bgj: minify
cf-polished: origSize=217
expires: Thu, 21 Dec 2023 14:38:21 GMT
last-modified: Wed, 21 Dec 2022 08:38:20 GMT
vary: Accept-Encoding,User-Agent,User-Agent
x-content-type-options: nosniff
x-turbo-charged-by: LiteSpeed
cf-cache-status: HIT
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=dFCh74nGeuKXaPi1%2FzvPl0bV9ablNcSq35OYaYugo6PO4OkTsildkkkmI%2FVinSjRV9KT9thtO5aTS7peRoV1piP%2FQ11VoaGMfMG7ca3gEjxTcN7Wz%2B38bnn3FHrsTx3Pd2hAXg%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 7800bad72cefb51d-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
post.bemcon.co.uk/wp-content/uploads/2020/09/ISO-55001-2014-Asset-Management-Dec-2020-700x700.jpg.webp
200 OK 139 kB URL HTTP/2 post.bemcon.co.uk/wp-content/uploads/2020/09/ISO-55001-2014-Asset-Management-Dec-2020-700x700.jpg.webp
IP
File type gzip compressed data, max compression\012- data
Size 139 kB (138812 bytes)
Hash 2ba919d584ffa6e7e672b91bb58acc01
726c1f8e4c20959b43aeb28b19813b2ff7f772db
d0a27b0a3cd266209e3d8b0eaff007370e69fee7a06306747a96e7cfa2abb7ba
Analyzer Verdict Alert fortinet Phishing
GET /wp-content/uploads/2020/09/ISO-55001-2014-Asset-Management-Dec-2020-700x700.jpg.webp HTTP/1.1
Host: post.bemcon.co.uk
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://post.bemcon.co.uk/
Cookie: _lscache_vary=0ecd605272207d647f0e0abe9c8f5436; __cf_bm=rVOpc_ZAXULVFzJMgYCF3Jmb5ddhP9Aw_bgQnBMSCO0-1672130199-0-AWcvvxacEOH95kQrELG1h47NtcOHp3DbhWYvBI20WGbDDNstDvDw1Q2Krb5glS/uvg9RKupOEtYR/gc50XHWYjW6Zaq4UlZmYhbXdYznr2WmC0+SK2YV+bWcxhv0C/2gg2GBeVqm5gNGnvlyDytGOGo=; _ga_94998W1T93=GS1.1.1672130198.1.0.1672130198.0.0.0; _ga=GA1.3.1242040011.1672130198; _gid=GA1.3.933674146.1672130199; _gat_gtag_UA_117111585_4=1
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
date: Tue, 27 Dec 2022 08:36:43 GMT
content-type: image/webp
content-length: 77660
cache-control: public, max-age=31557600
expires: Wed, 27 Dec 2023 11:54:45 GMT
last-modified: Mon, 28 Nov 2022 16:04:42 GMT
vary: User-Agent,User-Agent, Accept-Encoding
x-content-type-options: nosniff
x-turbo-charged-by: LiteSpeed
cf-cache-status: HIT
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=OeVRPjy9ULdWcOWw%2B5G3QBfGFdYQ%2FLr8b13n6y9bXrCugxewv2cWsmN%2BnmbXCVI8KjPfJeIYZihKm1pHbaXn72govtNLz9AnrSBEVsamRZuZ%2FZ2KuSrQ5knHi1%2Fd3%2FuRJq0zUg%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 7800bae96bf0b51d-OSL
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
post.bemcon.co.uk/wp-content/uploads/2020/08/FMEA-Risk-Management-BEMCON-700x700.jpg.webp
200 OK 55 kB URL HTTP/2 post.bemcon.co.uk/wp-content/uploads/2020/08/FMEA-Risk-Management-BEMCON-700x700.jpg.webp
IP
File type RIFF (little-endian) data, Web/P image, VP8 encoding, 700x700, Scaling: [none]x[none], YUV color, decoders should clamp\012- data
Hash 1494d1a3980830a86805450861a76470
a4cf76112d221ab5d2fda30fe6457005a51599db
3912c95dbafc8f345b1f4a4fd63e7f3cc89923a12166fef510bba8c8d688f280
Analyzer Verdict Alert fortinet Phishing
GET /wp-content/uploads/2020/08/FMEA-Risk-Management-BEMCON-700x700.jpg.webp HTTP/1.1
Host: post.bemcon.co.uk
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://post.bemcon.co.uk/
Cookie: _lscache_vary=0ecd605272207d647f0e0abe9c8f5436; __cf_bm=rVOpc_ZAXULVFzJMgYCF3Jmb5ddhP9Aw_bgQnBMSCO0-1672130199-0-AWcvvxacEOH95kQrELG1h47NtcOHp3DbhWYvBI20WGbDDNstDvDw1Q2Krb5glS/uvg9RKupOEtYR/gc50XHWYjW6Zaq4UlZmYhbXdYznr2WmC0+SK2YV+bWcxhv0C/2gg2GBeVqm5gNGnvlyDytGOGo=; _ga_94998W1T93=GS1.1.1672130198.1.0.1672130198.0.0.0; _ga=GA1.3.1242040011.1672130198; _gid=GA1.3.933674146.1672130199; _gat_gtag_UA_117111585_4=1
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
date: Tue, 27 Dec 2022 08:36:43 GMT
content-type: image/webp
content-length: 54948
cache-control: public, max-age=31557600
expires: Sun, 24 Dec 2023 04:21:37 GMT
last-modified: Mon, 28 Nov 2022 16:12:09 GMT
vary: User-Agent,User-Agent, Accept-Encoding
x-content-type-options: nosniff
x-turbo-charged-by: LiteSpeed
cf-cache-status: HIT
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=nDu8QwG9tCWvRyBM0RnRuLgKyAxFaMLly7yzhA2wNBjgyxD%2FoqFo38tw1Sc%2FCFR9JM%2FiubiPzBk5KyyRgxbnZH79CwsCJ7LzbI6a2iHi4k8OjfSdTUgGK0DLiFH3huMOt0RSrg%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 7800bae99c55b51d-OSL
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
fonts.gstatic.com/s/googlesans/v14/4UabrENHsxJlGDuGo1OIlLU94YtzCwM.ttf
200 OK 27 kB URL HTTP/2 fonts.gstatic.com/s/googlesans/v14/4UabrENHsxJlGDuGo1OIlLU94YtzCwM.ttf
IP
File type TrueType Font data, 17 tables, 1st "GDEF", 7 names, Microsoft, language 0x409, Copyright 2015 Google LLC. All Rights Reserved.Google Sans MediumRegularGoogle;GoogleSans-Medium\012- data
Hash 48d399faaa696e710b9d841b934461e2
8b867014ac0ae0a2b81a55f171deede8336a496f
c905a4d23caf1f95d96c244084f15336fba5f65b74de870ec5c2be878410625d
GET /s/googlesans/v14/4UabrENHsxJlGDuGo1OIlLU94YtzCwM.ttf HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://accounts.google.com
Connection: keep-alive
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 27431
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Fri, 23 Dec 2022 17:49:32 GMT
expires: Sat, 23 Dec 2023 17:49:32 GMT
cache-control: public, max-age=31536000
age: 312431
last-modified: Mon, 22 Apr 2019 23:43:31 GMT
content-type: font/ttf
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
post.bemcon.co.uk/wp-content/uploads/2020/08/IADT-Level-3-HABC-700x700.jpg.webp
200 OK 56 kB URL HTTP/2 post.bemcon.co.uk/wp-content/uploads/2020/08/IADT-Level-3-HABC-700x700.jpg.webp
IP
File type RIFF (little-endian) data, Web/P image, VP8 encoding, 700x700, Scaling: [none]x[none], YUV color, decoders should clamp\012- data
Hash 5b46081e858a8f2e2cebbf5b16e0f0ff
7410d9c5bf54b088c66fa7cf69403326c82f1a62
84a03a0b3ae70e2453d45579849e3ee27ce1ce1fc11f0188eef1d76f3458ea88
Analyzer Verdict Alert fortinet Phishing
GET /wp-content/uploads/2020/08/IADT-Level-3-HABC-700x700.jpg.webp HTTP/1.1
Host: post.bemcon.co.uk
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://post.bemcon.co.uk/
Cookie: _lscache_vary=0ecd605272207d647f0e0abe9c8f5436; __cf_bm=rVOpc_ZAXULVFzJMgYCF3Jmb5ddhP9Aw_bgQnBMSCO0-1672130199-0-AWcvvxacEOH95kQrELG1h47NtcOHp3DbhWYvBI20WGbDDNstDvDw1Q2Krb5glS/uvg9RKupOEtYR/gc50XHWYjW6Zaq4UlZmYhbXdYznr2WmC0+SK2YV+bWcxhv0C/2gg2GBeVqm5gNGnvlyDytGOGo=; _ga_94998W1T93=GS1.1.1672130198.1.0.1672130198.0.0.0; _ga=GA1.3.1242040011.1672130198; _gid=GA1.3.933674146.1672130199; _gat_gtag_UA_117111585_4=1
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
date: Tue, 27 Dec 2022 08:36:43 GMT
content-type: image/webp
content-length: 56298
cache-control: public, max-age=31557600
expires: Sun, 24 Dec 2023 04:21:37 GMT
last-modified: Mon, 28 Nov 2022 16:12:21 GMT
vary: User-Agent,User-Agent, Accept-Encoding
x-content-type-options: nosniff
x-turbo-charged-by: LiteSpeed
cf-cache-status: HIT
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=WV4tRsNSt73VEIPrOL2mHu1tKnvBtphTt93J9VwU7b5%2BuKKORjsg1vZbjbVkVVvyPbeyXZgZ%2FxJNqOxERij8187PtFHZB1Ccw0cjIhQCtOdiBJjg%2B%2BZcY5KaCImL9YJvEDafBg%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 7800bae99c51b51d-OSL
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
fonts.gstatic.com/s/googlesans/v14/4UaGrENHsxJlGDuGo1OIlL3Owps.ttf
200 OK 27 kB URL HTTP/2 fonts.gstatic.com/s/googlesans/v14/4UaGrENHsxJlGDuGo1OIlL3Owps.ttf
IP
File type TrueType Font data, 17 tables, 1st "GDEF", 7 names, Microsoft, language 0x409, Copyright 2015 Google LLC. All Rights Reserved.Google SansRegularGoogle;GoogleSans-RegularGoogle\012- data
Hash 097c4b560f821fb05c628abb70fab199
4650bf1244b6cba45b222aa269c96ad8ea95ab42
a9bd7cfb72481bd844fa2e3cd4019c8b2ab2a232b50cabe62f8d9483e284f672
GET /s/googlesans/v14/4UaGrENHsxJlGDuGo1OIlL3Owps.ttf HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://accounts.google.com
Connection: keep-alive
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 27191
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Fri, 23 Dec 2022 17:49:31 GMT
expires: Sat, 23 Dec 2023 17:49:31 GMT
cache-control: public, max-age=31536000
age: 312432
last-modified: Mon, 22 Apr 2019 23:42:54 GMT
content-type: font/ttf
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
post.bemcon.co.uk/wp-content/uploads/2020/07/NEGOTIATION-SKILLS-700x700.jpg.webp
200 OK 60 kB URL HTTP/2 post.bemcon.co.uk/wp-content/uploads/2020/07/NEGOTIATION-SKILLS-700x700.jpg.webp
IP
File type RIFF (little-endian) data, Web/P image, VP8 encoding, 700x700, Scaling: [none]x[none], YUV color, decoders should clamp\012- data
Hash 941ae5438dbb2552a7b3de29a1d8ef11
1b809649c4fa8df73df3302c81cc0b30e0aa014e
758feb5fd2d4c720ddbb5ac215c95a3828323f9fbf6c4a86e99c18e56b490a1e
Analyzer Verdict Alert fortinet Phishing
GET /wp-content/uploads/2020/07/NEGOTIATION-SKILLS-700x700.jpg.webp HTTP/1.1
Host: post.bemcon.co.uk
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://post.bemcon.co.uk/
Cookie: _lscache_vary=0ecd605272207d647f0e0abe9c8f5436; __cf_bm=rVOpc_ZAXULVFzJMgYCF3Jmb5ddhP9Aw_bgQnBMSCO0-1672130199-0-AWcvvxacEOH95kQrELG1h47NtcOHp3DbhWYvBI20WGbDDNstDvDw1Q2Krb5glS/uvg9RKupOEtYR/gc50XHWYjW6Zaq4UlZmYhbXdYznr2WmC0+SK2YV+bWcxhv0C/2gg2GBeVqm5gNGnvlyDytGOGo=; _ga_94998W1T93=GS1.1.1672130198.1.0.1672130198.0.0.0; _ga=GA1.3.1242040011.1672130198; _gid=GA1.3.933674146.1672130199; _gat_gtag_UA_117111585_4=1
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
date: Tue, 27 Dec 2022 08:36:43 GMT
content-type: image/webp
content-length: 59706
cache-control: public, max-age=31557600
expires: Sun, 24 Dec 2023 04:21:37 GMT
last-modified: Mon, 28 Nov 2022 16:40:34 GMT
vary: User-Agent,User-Agent, Accept-Encoding
x-content-type-options: nosniff
x-turbo-charged-by: LiteSpeed
cf-cache-status: HIT
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=PjPmqNttsIb%2FKVfCZIsEUwf6tEF6uS5yLFZ8hsyB3uT%2BpAAC2fSQbZ20LzQYxsMuP0Jw%2FZg1v6DwqkhFt4muuZLFtPDGi0MtBPwFrQAQslpxetoqk%2BkuCQbLXCXEMY5BMQEX7A%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 7800bae99c48b51d-OSL
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
post.bemcon.co.uk/wp-content/uploads/2020/05/COVID-19-Mail-Campaign-iCON.png
200 OK 36 kB URL HTTP/2 post.bemcon.co.uk/wp-content/uploads/2020/05/COVID-19-Mail-Campaign-iCON.png
IP
File type PNG image data, 602 x 601, 8-bit colormap, non-interlaced\012- data
Hash 4b8d3b341d69cf663965af5b92ba5025
9c6aab593b4e7c923dbaeff0e21957be345ca590
00277335d4925dd8a243d1bd11a7da019a442bc68164dc956615091dcdf4d1f0
GET /wp-content/uploads/2020/05/COVID-19-Mail-Campaign-iCON.png HTTP/1.1
Host: post.bemcon.co.uk
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://post.bemcon.co.uk/
Cookie: _lscache_vary=0ecd605272207d647f0e0abe9c8f5436; __cf_bm=rVOpc_ZAXULVFzJMgYCF3Jmb5ddhP9Aw_bgQnBMSCO0-1672130199-0-AWcvvxacEOH95kQrELG1h47NtcOHp3DbhWYvBI20WGbDDNstDvDw1Q2Krb5glS/uvg9RKupOEtYR/gc50XHWYjW6Zaq4UlZmYhbXdYznr2WmC0+SK2YV+bWcxhv0C/2gg2GBeVqm5gNGnvlyDytGOGo=; _ga_94998W1T93=GS1.1.1672130198.1.0.1672130198.0.0.0; _ga=GA1.3.1242040011.1672130198; _gid=GA1.3.933674146.1672130199; _gat_gtag_UA_117111585_4=1
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
date: Tue, 27 Dec 2022 08:36:43 GMT
content-type: image/png
content-length: 36492
cache-control: public, max-age=31557600
expires: Sun, 24 Dec 2023 04:21:36 GMT
last-modified: Mon, 28 Nov 2022 17:25:50 GMT
vary: User-Agent,User-Agent, Accept-Encoding
x-content-type-options: nosniff
x-turbo-charged-by: LiteSpeed
cf-cache-status: HIT
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=OnjuxISqIiGUX2Xkkk%2BHCOihWhOxekgxQHlGnmY5Z35ptbsIBWZVQk4bU6NIU4gUB4PgtDF4dz9EBM2c7P1UKTMUbchIeu9pNEzkzXRl2PO3EN2VftOmHUtj5RqOH4yViUnkZw%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 7800bae99c5ab51d-OSL
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
post.bemcon.co.uk/wp-content/litespeed/js/e2999b3269638a45d24acc1603aebd72.js?ver=ebd72
200 OK 103 kB URL HTTP/2 post.bemcon.co.uk/wp-content/litespeed/js/e2999b3269638a45d24acc1603aebd72.js?ver=ebd72
IP
File type ASCII text, with very long lines (4955), with no line terminators
Size 103 kB (102590 bytes)
Hash ceb94383b76366d0771cc6cb4341d9cb
6ff88d6f42bd1aef8621168486c4a033cd155b9b
490aface7705a9cce8d3f360435fc3154113611bf61125969fceea3435608960
GET /wp-content/litespeed/js/e2999b3269638a45d24acc1603aebd72.js?ver=ebd72 HTTP/1.1
Host: post.bemcon.co.uk
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://post.bemcon.co.uk/
Cookie: _lscache_vary=0ecd605272207d647f0e0abe9c8f5436; __cf_bm=rVOpc_ZAXULVFzJMgYCF3Jmb5ddhP9Aw_bgQnBMSCO0-1672130199-0-AWcvvxacEOH95kQrELG1h47NtcOHp3DbhWYvBI20WGbDDNstDvDw1Q2Krb5glS/uvg9RKupOEtYR/gc50XHWYjW6Zaq4UlZmYhbXdYznr2WmC0+SK2YV+bWcxhv0C/2gg2GBeVqm5gNGnvlyDytGOGo=
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
date: Tue, 27 Dec 2022 08:36:40 GMT
content-type: application/javascript
cache-control: public, max-age=31557600
cf-bgj: minify
cf-polished: origSize=4959
expires: Thu, 21 Dec 2023 07:11:06 GMT
last-modified: Wed, 21 Dec 2022 01:11:04 GMT
vary: Accept-Encoding,User-Agent,User-Agent
x-content-type-options: nosniff
x-turbo-charged-by: LiteSpeed
cf-cache-status: HIT
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=MD2dKsgnQY2lIlxVqatxKXoKvRMv7f1dhf7kCoq8%2FNpehSPTbNJLMdxHQyJ%2FW7Z4pWV4URjW%2Fp%2Fl8bb1FoozXPwLW6q4vNL%2FYZRiF%2FCcI4Ia48hP2GNhO%2Bnl6R5nkJ%2F0LPv4KQ%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 7800bad7ad81b51d-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
post.bemcon.co.uk/wp-content/uploads/2020/08/STRATEGIC-Thinking-BEMCON-Jan-2021-700x700.jpg.webp
200 OK 86 kB URL HTTP/2 post.bemcon.co.uk/wp-content/uploads/2020/08/STRATEGIC-Thinking-BEMCON-Jan-2021-700x700.jpg.webp
IP
File type RIFF (little-endian) data, Web/P image, VP8 encoding, 700x700, Scaling: [none]x[none], YUV color, decoders should clamp\012- data
Hash f6e3cbf6f1355278a321cf3af3c98059
d16ea4a689cbc399e4d6ada619965c8f95cbd3c9
8b3ba8a3ae2611ecad85b8103cceef657364ad188dbe43d7ca7ad673e9ba3bc1
Analyzer Verdict Alert fortinet Phishing
GET /wp-content/uploads/2020/08/STRATEGIC-Thinking-BEMCON-Jan-2021-700x700.jpg.webp HTTP/1.1
Host: post.bemcon.co.uk
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://post.bemcon.co.uk/
Cookie: _lscache_vary=0ecd605272207d647f0e0abe9c8f5436; __cf_bm=rVOpc_ZAXULVFzJMgYCF3Jmb5ddhP9Aw_bgQnBMSCO0-1672130199-0-AWcvvxacEOH95kQrELG1h47NtcOHp3DbhWYvBI20WGbDDNstDvDw1Q2Krb5glS/uvg9RKupOEtYR/gc50XHWYjW6Zaq4UlZmYhbXdYznr2WmC0+SK2YV+bWcxhv0C/2gg2GBeVqm5gNGnvlyDytGOGo=; _ga_94998W1T93=GS1.1.1672130198.1.0.1672130198.0.0.0; _ga=GA1.3.1242040011.1672130198; _gid=GA1.3.933674146.1672130199; _gat_gtag_UA_117111585_4=1
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
date: Tue, 27 Dec 2022 08:36:43 GMT
content-type: image/webp
content-length: 85848
cache-control: public, max-age=31557600
expires: Sun, 24 Dec 2023 04:21:37 GMT
last-modified: Mon, 28 Nov 2022 16:11:57 GMT
vary: User-Agent,User-Agent, Accept-Encoding
x-content-type-options: nosniff
x-turbo-charged-by: LiteSpeed
cf-cache-status: HIT
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=vU92sZwLMY%2FAp8w7WKu3CBvUvBgm0vLKlDu6xQhImafXdS1YCxRgMDOHC8MvPVlcPOKUX%2FvWHWgSRyPEzczmAr5kcv1gQpZydoYUqZRi%2B4trIUzpMzcDFi6s31P0Nfzr46P4DQ%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 7800bae97c19b51d-OSL
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
post.bemcon.co.uk/wp-content/uploads/2020/10/IFS-Food-Safety-Version-7-Mail-1-700x700.png.webp
200 OK 75 kB URL HTTP/2 post.bemcon.co.uk/wp-content/uploads/2020/10/IFS-Food-Safety-Version-7-Mail-1-700x700.png.webp
IP
File type RIFF (little-endian) data, Web/P image, VP8 encoding, 700x700, Scaling: [none]x[none], YUV color, decoders should clamp\012- data
Hash a6f8064e53c5f6134716f1a9ae6281c6
c3c1ecf507ad7c6df9188e60e76a77441b2ed31e
efaf8c352b4443ff220bd73c069265c2c3328535726e5bf70396667dddc974b6
Analyzer Verdict Alert fortinet Phishing
GET /wp-content/uploads/2020/10/IFS-Food-Safety-Version-7-Mail-1-700x700.png.webp HTTP/1.1
Host: post.bemcon.co.uk
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://post.bemcon.co.uk/
Cookie: _lscache_vary=0ecd605272207d647f0e0abe9c8f5436; __cf_bm=rVOpc_ZAXULVFzJMgYCF3Jmb5ddhP9Aw_bgQnBMSCO0-1672130199-0-AWcvvxacEOH95kQrELG1h47NtcOHp3DbhWYvBI20WGbDDNstDvDw1Q2Krb5glS/uvg9RKupOEtYR/gc50XHWYjW6Zaq4UlZmYhbXdYznr2WmC0+SK2YV+bWcxhv0C/2gg2GBeVqm5gNGnvlyDytGOGo=; _ga_94998W1T93=GS1.1.1672130198.1.0.1672130198.0.0.0; _ga=GA1.3.1242040011.1672130198; _gid=GA1.3.933674146.1672130199; _gat_gtag_UA_117111585_4=1
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
date: Tue, 27 Dec 2022 08:36:43 GMT
content-type: image/webp
content-length: 75360
cache-control: public, max-age=31557600
expires: Sun, 24 Dec 2023 04:21:36 GMT
last-modified: Mon, 28 Nov 2022 15:05:41 GMT
vary: User-Agent,User-Agent, Accept-Encoding
x-content-type-options: nosniff
x-turbo-charged-by: LiteSpeed
cf-cache-status: HIT
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=fUtvSWYmKxoNCFhgYqdOf6z0XHeYwuIyPOz5kMRnmWA2sSkOZFdbSaiq2oHmUmQ8nGMAg7iC0V2C99p8seXm52oLDw01rfpl5H8gp2sI%2BV6kdEeIWFZCUyaaqmMuOpaIQXWVRg%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 7800bae95bcdb51d-OSL
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
post.bemcon.co.uk/wp-content/uploads/2021/09/Truly-Nolen-Food-Safety-L4-2021-700x700.jpg.webp
200 OK 67 kB URL HTTP/2 post.bemcon.co.uk/wp-content/uploads/2021/09/Truly-Nolen-Food-Safety-L4-2021-700x700.jpg.webp
IP
File type RIFF (little-endian) data, Web/P image, VP8 encoding, 700x700, Scaling: [none]x[none], YUV color, decoders should clamp\012- data
Hash c307ca86e680258e9b50ead6b5da6e1c
f5db6fb659a688eff6f12cecae524d499c547a59
42406fe6cbe05854e44b17afbd7aa71e44e681c7f3ebff4a8f4d710353c901d2
Analyzer Verdict Alert fortinet Phishing
GET /wp-content/uploads/2021/09/Truly-Nolen-Food-Safety-L4-2021-700x700.jpg.webp HTTP/1.1
Host: post.bemcon.co.uk
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://post.bemcon.co.uk/
Cookie: _lscache_vary=0ecd605272207d647f0e0abe9c8f5436; __cf_bm=rVOpc_ZAXULVFzJMgYCF3Jmb5ddhP9Aw_bgQnBMSCO0-1672130199-0-AWcvvxacEOH95kQrELG1h47NtcOHp3DbhWYvBI20WGbDDNstDvDw1Q2Krb5glS/uvg9RKupOEtYR/gc50XHWYjW6Zaq4UlZmYhbXdYznr2WmC0+SK2YV+bWcxhv0C/2gg2GBeVqm5gNGnvlyDytGOGo=; _ga_94998W1T93=GS1.1.1672130198.1.0.1672130198.0.0.0; _ga=GA1.3.1242040011.1672130198; _gid=GA1.3.933674146.1672130199; _gat_gtag_UA_117111585_4=1
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
date: Tue, 27 Dec 2022 08:36:43 GMT
content-type: image/webp
content-length: 66716
cache-control: public, max-age=31557600
expires: Sun, 24 Dec 2023 04:21:36 GMT
last-modified: Mon, 28 Nov 2022 14:15:27 GMT
vary: User-Agent,User-Agent, Accept-Encoding
x-content-type-options: nosniff
x-turbo-charged-by: LiteSpeed
cf-cache-status: HIT
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=WoFVwSvWlVvLa7y6fRRJnJEysoYPPcCwYu5paFYCCfw%2BfZZAjYc3%2FsVWcWirlU5iS34jxh3jAGZEbWD0PwCtaZP0jroeytfuOMnGdsEdBghtaICx6WqnbUJ7Ydb%2BfrESXnVbdA%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 7800bae93ba4b51d-OSL
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
post.bemcon.co.uk/wp-content/uploads/2020/08/ISO-9001-2015-OCT-2020-KELMAC-1.png
200 OK 80 kB URL HTTP/2 post.bemcon.co.uk/wp-content/uploads/2020/08/ISO-9001-2015-OCT-2020-KELMAC-1.png
IP
File type PNG image data, 600 x 608, 8-bit colormap, non-interlaced\012- data
Hash 9d445b2a309295e1bb4e387ad62eef4a
cd3044f75f9dbe01fa26708079f00cab683cb00a
480aa8414f5c7692a205d8e2fbbc9344eedea225fd79dbed646f7c195b2b32b1
GET /wp-content/uploads/2020/08/ISO-9001-2015-OCT-2020-KELMAC-1.png HTTP/1.1
Host: post.bemcon.co.uk
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://post.bemcon.co.uk/
Cookie: _lscache_vary=0ecd605272207d647f0e0abe9c8f5436; __cf_bm=rVOpc_ZAXULVFzJMgYCF3Jmb5ddhP9Aw_bgQnBMSCO0-1672130199-0-AWcvvxacEOH95kQrELG1h47NtcOHp3DbhWYvBI20WGbDDNstDvDw1Q2Krb5glS/uvg9RKupOEtYR/gc50XHWYjW6Zaq4UlZmYhbXdYznr2WmC0+SK2YV+bWcxhv0C/2gg2GBeVqm5gNGnvlyDytGOGo=; _ga_94998W1T93=GS1.1.1672130198.1.0.1672130198.0.0.0; _ga=GA1.3.1242040011.1672130198; _gid=GA1.3.933674146.1672130199; _gat_gtag_UA_117111585_4=1
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
date: Tue, 27 Dec 2022 08:36:43 GMT
content-type: image/png
content-length: 79654
cache-control: public, max-age=31557600
expires: Sun, 24 Dec 2023 00:44:08 GMT
last-modified: Mon, 28 Nov 2022 16:28:59 GMT
vary: User-Agent,User-Agent, Accept-Encoding
x-content-type-options: nosniff
x-turbo-charged-by: LiteSpeed
cf-cache-status: HIT
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=%2F0xJYXqB2Ss8uAk4ewWe3evr5x5gYU9sLQIIDg6vn4K6dIRIub94PM8x6zFCaqjYJYzstMxJTjrg82HWqDV1Jm73B4cbIiMYEvWbowzSyxytHRjfAbBP7s%2FwO0eh9FpqG%2Ff71w%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 7800bae99c3db51d-OSL
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
post.bemcon.co.uk/wp-content/uploads/2020/08/ISO-45001-2018-DEC-2020.jpg
200 OK 60 kB URL HTTP/2 post.bemcon.co.uk/wp-content/uploads/2020/08/ISO-45001-2018-DEC-2020.jpg
IP
File type JPEG image data, progressive, precision 8, 601x601, components 3\012- data
Hash bc509efd2fd0accd28dcad145a11ad8f
f7f82a34d9d90aa6fc040aadaad767f95b6e9163
ddf3b7aafb89e2bc11087b55b5cd8dab87cefb9204948d88f5c71415806fd7f6
GET /wp-content/uploads/2020/08/ISO-45001-2018-DEC-2020.jpg HTTP/1.1
Host: post.bemcon.co.uk
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://post.bemcon.co.uk/
Cookie: _lscache_vary=0ecd605272207d647f0e0abe9c8f5436; __cf_bm=rVOpc_ZAXULVFzJMgYCF3Jmb5ddhP9Aw_bgQnBMSCO0-1672130199-0-AWcvvxacEOH95kQrELG1h47NtcOHp3DbhWYvBI20WGbDDNstDvDw1Q2Krb5glS/uvg9RKupOEtYR/gc50XHWYjW6Zaq4UlZmYhbXdYznr2WmC0+SK2YV+bWcxhv0C/2gg2GBeVqm5gNGnvlyDytGOGo=; _ga_94998W1T93=GS1.1.1672130198.1.0.1672130198.0.0.0; _ga=GA1.3.1242040011.1672130198; _gid=GA1.3.933674146.1672130199; _gat_gtag_UA_117111585_4=1
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
date: Tue, 27 Dec 2022 08:36:43 GMT
content-type: image/jpeg
content-length: 60375
cache-control: public, max-age=31557600
expires: Wed, 27 Dec 2023 11:54:45 GMT
last-modified: Mon, 28 Nov 2022 16:23:34 GMT
vary: User-Agent,User-Agent, Accept-Encoding
x-content-type-options: nosniff
x-turbo-charged-by: LiteSpeed
cf-cache-status: HIT
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=p7Ek5vCS1eYLeO5GEF2B6L5piLMYjTlAmgOc8WdzS12OKlxHdcGiZYH%2FQIdNjSMy93lNZCcNIwjsRgRF1ML5GFXTH9I5XxoK1ZgXX7N7jV1h%2BlXKqegBV1ucP1r0L0b27AxA6A%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 7800bae94bcbb51d-OSL
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
post.bemcon.co.uk/wp-content/litespeed/css/bed4ccfeb902bdc4846627ca869b3375.css?ver=b3375
200 OK 80 kB URL HTTP/2 post.bemcon.co.uk/wp-content/litespeed/css/bed4ccfeb902bdc4846627ca869b3375.css?ver=b3375
IP
File type ASCII text, with very long lines (6034), with no line terminators
Hash 4c8b92c213379603e69eff454279809f
d3079a91583bf61243929bb12e748458b8079d7c
d4901d5f93c8ddbf6af28099290ff7c00b55561a2726f077cfdd0d1f291fbc1b
Analyzer Verdict Alert fortinet Phishing
GET /wp-content/litespeed/css/bed4ccfeb902bdc4846627ca869b3375.css?ver=b3375 HTTP/1.1
Host: post.bemcon.co.uk
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://post.bemcon.co.uk/
Cookie: _lscache_vary=0ecd605272207d647f0e0abe9c8f5436; __cf_bm=rVOpc_ZAXULVFzJMgYCF3Jmb5ddhP9Aw_bgQnBMSCO0-1672130199-0-AWcvvxacEOH95kQrELG1h47NtcOHp3DbhWYvBI20WGbDDNstDvDw1Q2Krb5glS/uvg9RKupOEtYR/gc50XHWYjW6Zaq4UlZmYhbXdYznr2WmC0+SK2YV+bWcxhv0C/2gg2GBeVqm5gNGnvlyDytGOGo=
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
date: Tue, 27 Dec 2022 08:36:40 GMT
content-type: text/css
cache-control: public, max-age=31557600
cf-bgj: minify
cf-polished: origSize=6051
expires: Tue, 28 Nov 2023 19:44:17 GMT
last-modified: Mon, 28 Nov 2022 13:44:09 GMT
vary: Accept-Encoding,User-Agent,User-Agent
x-content-type-options: nosniff
x-turbo-charged-by: LiteSpeed
cf-cache-status: HIT
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=ezhEK71aprwZ1KgOKmEd5gBuRPqGUpdafQV4%2ByrhZpaq4h9b9PP4NZcy9R0QAKxAbV28hsp2wk8eDdTfcOb39zgqeA%2BMjGWg0DaPwMqfUnoSyOcRFZ%2BCmK1IZUxTpzNDekcuPg%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 7800bad73cfcb51d-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
post.bemcon.co.uk/wp-content/uploads/2020/08/ISO-14001-2015-700x700.jpg.webp
200 OK 85 kB URL HTTP/2 post.bemcon.co.uk/wp-content/uploads/2020/08/ISO-14001-2015-700x700.jpg.webp
IP
File type RIFF (little-endian) data, Web/P image, VP8 encoding, 700x700, Scaling: [none]x[none], YUV color, decoders should clamp\012- data
Hash 31c55c3aa29b1e6ef064f4b06f0b5836
be2520bd7ebfe1dec8c8e1854b72d5b1718e8f73
c017b3b00127c47d16ffa8a049828ee3aee7147a8dde84c073e76bfa68c6b6f4
Analyzer Verdict Alert fortinet Phishing
GET /wp-content/uploads/2020/08/ISO-14001-2015-700x700.jpg.webp HTTP/1.1
Host: post.bemcon.co.uk
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://post.bemcon.co.uk/
Cookie: _lscache_vary=0ecd605272207d647f0e0abe9c8f5436; __cf_bm=rVOpc_ZAXULVFzJMgYCF3Jmb5ddhP9Aw_bgQnBMSCO0-1672130199-0-AWcvvxacEOH95kQrELG1h47NtcOHp3DbhWYvBI20WGbDDNstDvDw1Q2Krb5glS/uvg9RKupOEtYR/gc50XHWYjW6Zaq4UlZmYhbXdYznr2WmC0+SK2YV+bWcxhv0C/2gg2GBeVqm5gNGnvlyDytGOGo=; _ga_94998W1T93=GS1.1.1672130198.1.0.1672130198.0.0.0; _ga=GA1.3.1242040011.1672130198; _gid=GA1.3.933674146.1672130199; _gat_gtag_UA_117111585_4=1
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
date: Tue, 27 Dec 2022 08:36:43 GMT
content-type: image/webp
content-length: 84604
cache-control: public, max-age=31557600
expires: Sun, 24 Dec 2023 04:21:37 GMT
last-modified: Mon, 28 Nov 2022 16:23:31 GMT
vary: User-Agent,User-Agent, Accept-Encoding
x-content-type-options: nosniff
x-turbo-charged-by: LiteSpeed
cf-cache-status: HIT
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=ZZt489uXNcN7k%2FhB%2FdKohGY9hGxuV01maB4Hu4X7doaJOrkEQ81PmU%2BPTr2P1mg8oGWR0kOt0PvggkiioB37JLzpPnR3eMdjiCpe%2FCZhdJwL1QVA8oukJuR06NaOajcFY01x8A%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 7800bae99c44b51d-OSL
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
post.bemcon.co.uk/wp-content/uploads/2020/08/Fire-Safety-Level-2-700x700.jpg.webp
200 OK 55 kB URL HTTP/2 post.bemcon.co.uk/wp-content/uploads/2020/08/Fire-Safety-Level-2-700x700.jpg.webp
IP
File type RIFF (little-endian) data, Web/P image, VP8 encoding, 700x700, Scaling: [none]x[none], YUV color, decoders should clamp\012- data
Hash e266a2c51b93d4993126363e102b84ec
b0daaffd319ab370100fb36473976bed9b8aa319
888e83cbcce58566a91e29ccacb8222769445e33cd90b59c959046da72d636a8
Analyzer Verdict Alert fortinet Phishing
GET /wp-content/uploads/2020/08/Fire-Safety-Level-2-700x700.jpg.webp HTTP/1.1
Host: post.bemcon.co.uk
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://post.bemcon.co.uk/
Cookie: _lscache_vary=0ecd605272207d647f0e0abe9c8f5436; __cf_bm=rVOpc_ZAXULVFzJMgYCF3Jmb5ddhP9Aw_bgQnBMSCO0-1672130199-0-AWcvvxacEOH95kQrELG1h47NtcOHp3DbhWYvBI20WGbDDNstDvDw1Q2Krb5glS/uvg9RKupOEtYR/gc50XHWYjW6Zaq4UlZmYhbXdYznr2WmC0+SK2YV+bWcxhv0C/2gg2GBeVqm5gNGnvlyDytGOGo=; _ga_94998W1T93=GS1.1.1672130198.1.0.1672130198.0.0.0; _ga=GA1.3.1242040011.1672130198; _gid=GA1.3.933674146.1672130199; _gat_gtag_UA_117111585_4=1
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
date: Tue, 27 Dec 2022 08:36:43 GMT
content-type: image/webp
content-length: 55058
cache-control: public, max-age=31557600
expires: Sun, 24 Dec 2023 04:21:35 GMT
last-modified: Mon, 28 Nov 2022 16:16:06 GMT
vary: User-Agent,User-Agent, Accept-Encoding
x-content-type-options: nosniff
x-turbo-charged-by: LiteSpeed
cf-cache-status: HIT
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=hM%2FwL7RI4kBBvG%2FfnLk9tmL6HfcCDf%2BGg%2FBJ1pr%2FPfG79Mfgfma46Y9lWr%2F17JxiZBP0M5cfhFgxzsLbScHti4p%2BhHM0UXhYfO07284KV7zUuboxtJ07fXrIEbHYiAc517Dmfg%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 7800bae95be1b51d-OSL
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
post.bemcon.co.uk/wp-content/uploads/2020/08/HACCP-Level-4-2020.jpg
200 OK 45 kB URL HTTP/2 post.bemcon.co.uk/wp-content/uploads/2020/08/HACCP-Level-4-2020.jpg
IP
File type JPEG image data, progressive, precision 8, 601x601, components 3\012- data
Hash a8ac5b74d7e0a751754df5208a1251ed
971ac12f2f8b234eb9a941da383db79ad0aeb819
c5f4c0bbd47ca1bd7158129ee083360d86ea1dd04de38ae4d358086bd9645858
GET /wp-content/uploads/2020/08/HACCP-Level-4-2020.jpg HTTP/1.1
Host: post.bemcon.co.uk
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://post.bemcon.co.uk/
Cookie: _lscache_vary=0ecd605272207d647f0e0abe9c8f5436; __cf_bm=rVOpc_ZAXULVFzJMgYCF3Jmb5ddhP9Aw_bgQnBMSCO0-1672130199-0-AWcvvxacEOH95kQrELG1h47NtcOHp3DbhWYvBI20WGbDDNstDvDw1Q2Krb5glS/uvg9RKupOEtYR/gc50XHWYjW6Zaq4UlZmYhbXdYznr2WmC0+SK2YV+bWcxhv0C/2gg2GBeVqm5gNGnvlyDytGOGo=; _ga_94998W1T93=GS1.1.1672130198.1.0.1672130198.0.0.0; _ga=GA1.3.1242040011.1672130198; _gid=GA1.3.933674146.1672130199; _gat_gtag_UA_117111585_4=1
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
date: Tue, 27 Dec 2022 08:36:43 GMT
content-type: image/jpeg
content-length: 45194
cache-control: public, max-age=31557600
expires: Sun, 24 Dec 2023 04:21:35 GMT
last-modified: Mon, 28 Nov 2022 16:32:00 GMT
vary: User-Agent,User-Agent, Accept-Encoding
x-content-type-options: nosniff
x-turbo-charged-by: LiteSpeed
cf-cache-status: HIT
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Yc5tTQSUreh47A%2BI9Ari1P8XWalleFukj0H5CIe3lGejnolNlmEuJisZbGaoC1X0ZpjawdiUbwv%2FShTZeC7Qjh6B%2BHzN1AdUJvXrQkLOR5GGFWyyX0DdMt9tBM8jbvApwiT%2FGQ%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 7800bae98c35b51d-OSL
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
post.bemcon.co.uk/wp-content/litespeed/css/065d2c341c17c2e9abd7f6484fed4ee9.css?ver=d4ee9
200 OK 98 kB URL HTTP/2 post.bemcon.co.uk/wp-content/litespeed/css/065d2c341c17c2e9abd7f6484fed4ee9.css?ver=d4ee9
IP
File type ASCII text, with very long lines (65536), with no line terminators
Hash 8f939f6ca7117e3b0bf109aff518b285
728a07ee324d3ff2becad02b4fbda61d3c5858c2
e892f20a4cd2faac28feff03d5cd836733b060e199a281334dab7435fbd0ee74
Analyzer Verdict Alert fortinet Phishing
GET /wp-content/litespeed/css/065d2c341c17c2e9abd7f6484fed4ee9.css?ver=d4ee9 HTTP/1.1
Host: post.bemcon.co.uk
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://post.bemcon.co.uk/
Cookie: _lscache_vary=0ecd605272207d647f0e0abe9c8f5436; __cf_bm=rVOpc_ZAXULVFzJMgYCF3Jmb5ddhP9Aw_bgQnBMSCO0-1672130199-0-AWcvvxacEOH95kQrELG1h47NtcOHp3DbhWYvBI20WGbDDNstDvDw1Q2Krb5glS/uvg9RKupOEtYR/gc50XHWYjW6Zaq4UlZmYhbXdYznr2WmC0+SK2YV+bWcxhv0C/2gg2GBeVqm5gNGnvlyDytGOGo=
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
date: Tue, 27 Dec 2022 08:36:41 GMT
content-type: text/css
cache-control: public, max-age=31557600
cf-bgj: minify
cf-polished: origSize=405706
expires: Thu, 21 Dec 2023 14:38:21 GMT
last-modified: Wed, 21 Dec 2022 08:38:20 GMT
vary: Accept-Encoding,User-Agent,User-Agent
x-content-type-options: nosniff
x-turbo-charged-by: LiteSpeed
cf-cache-status: HIT
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=htAlsqTsZ6ZxHyt4neS%2Bmn8uoMpFL91Er%2Fo02SWgyxLZmgpNiAXEZHOsPf9syvx6Kk9gkpgQAfO3D6cZkhea8QGJOLY8nT1CJWinYPBRhxpLH3hkr7Gs3gtq75g%2BP%2FbANoalBA%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 7800bad74d10b51d-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
post.bemcon.co.uk/wp-content/uploads/2020/07/Food-Safety-Level-3-SFDA-Dec-2020-700x700.png.webp
200 OK 91 kB URL HTTP/2 post.bemcon.co.uk/wp-content/uploads/2020/07/Food-Safety-Level-3-SFDA-Dec-2020-700x700.png.webp
IP
File type RIFF (little-endian) data, Web/P image, VP8 encoding, 700x700, Scaling: [none]x[none], YUV color, decoders should clamp\012- data
Hash 19fc021c1f28f4c5b7707db65d373281
778b54cea0cda355f9a589616b319eed11fe64c0
6ac73d8cc26190ebf49ddd665c649c0698ade5e5db1ed29cd7b39da454db4d83
Analyzer Verdict Alert fortinet Phishing
GET /wp-content/uploads/2020/07/Food-Safety-Level-3-SFDA-Dec-2020-700x700.png.webp HTTP/1.1
Host: post.bemcon.co.uk
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://post.bemcon.co.uk/
Cookie: _lscache_vary=0ecd605272207d647f0e0abe9c8f5436; __cf_bm=rVOpc_ZAXULVFzJMgYCF3Jmb5ddhP9Aw_bgQnBMSCO0-1672130199-0-AWcvvxacEOH95kQrELG1h47NtcOHp3DbhWYvBI20WGbDDNstDvDw1Q2Krb5glS/uvg9RKupOEtYR/gc50XHWYjW6Zaq4UlZmYhbXdYznr2WmC0+SK2YV+bWcxhv0C/2gg2GBeVqm5gNGnvlyDytGOGo=; _ga_94998W1T93=GS1.1.1672130198.1.0.1672130198.0.0.0; _ga=GA1.3.1242040011.1672130198; _gid=GA1.3.933674146.1672130199; _gat_gtag_UA_117111585_4=1
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
date: Tue, 27 Dec 2022 08:36:43 GMT
content-type: image/webp
content-length: 91060
cache-control: public, max-age=31557600
expires: Sun, 24 Dec 2023 04:21:36 GMT
last-modified: Mon, 28 Nov 2022 15:02:00 GMT
vary: User-Agent,User-Agent, Accept-Encoding
x-content-type-options: nosniff
x-turbo-charged-by: LiteSpeed
cf-cache-status: HIT
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=AIuzHos56frmHzsBEhSSRm7TgvqF2Z4q4tAxMeK0E%2BkPka3ZdGRbGlgD%2FwrWArec9g%2FjCxlhDIUPHZC4Xg6O6p5B%2BoHNg9vJpzqpLyqOTjfGiW%2Fa96BdWctnz9iNbO5vOjo6NA%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 7800bae94bc0b51d-OSL
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
post.bemcon.co.uk/cdn-cgi/rum?
204 No Content 0 B URL HTTP/2 post.bemcon.co.uk/cdn-cgi/rum?
IP
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
POST /cdn-cgi/rum? HTTP/1.1
Host: post.bemcon.co.uk
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/json
Content-Length: 481
Origin: https://post.bemcon.co.uk
Connection: keep-alive
Referer: https://post.bemcon.co.uk/
Cookie: _lscache_vary=0ecd605272207d647f0e0abe9c8f5436; __cf_bm=rVOpc_ZAXULVFzJMgYCF3Jmb5ddhP9Aw_bgQnBMSCO0-1672130199-0-AWcvvxacEOH95kQrELG1h47NtcOHp3DbhWYvBI20WGbDDNstDvDw1Q2Krb5glS/uvg9RKupOEtYR/gc50XHWYjW6Zaq4UlZmYhbXdYznr2WmC0+SK2YV+bWcxhv0C/2gg2GBeVqm5gNGnvlyDytGOGo=; _ga_94998W1T93=GS1.1.1672130198.1.0.1672130202.0.0.0; _ga=GA1.3.1242040011.1672130198; _gid=GA1.3.933674146.1672130199; _gat_gtag_UA_117111585_4=1
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 204 No Content
date: Tue, 27 Dec 2022 08:36:46 GMT
access-control-allow-origin: https://post.bemcon.co.uk
access-control-allow-methods: POST,OPTIONS
access-control-max-age: 86400
vary: Origin
access-control-allow-credentials: true
server: cloudflare
cf-ray: 7800bb001f28b51d-OSL
x-frame-options: DENY
x-content-type-options: nosniff
X-Firefox-Spdy: h2
post.bemcon.co.uk/wp-content/litespeed/js/52b9061467ea839c18eac5c92d70810e.js?ver=0810e
200 OK 0 B URL HTTP/2 post.bemcon.co.uk/wp-content/litespeed/js/52b9061467ea839c18eac5c92d70810e.js?ver=0810e
IP
GET /wp-content/litespeed/js/52b9061467ea839c18eac5c92d70810e.js?ver=0810e HTTP/1.1
Host: post.bemcon.co.uk
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://post.bemcon.co.uk/
Cookie: _lscache_vary=0ecd605272207d647f0e0abe9c8f5436; __cf_bm=rVOpc_ZAXULVFzJMgYCF3Jmb5ddhP9Aw_bgQnBMSCO0-1672130199-0-AWcvvxacEOH95kQrELG1h47NtcOHp3DbhWYvBI20WGbDDNstDvDw1Q2Krb5glS/uvg9RKupOEtYR/gc50XHWYjW6Zaq4UlZmYhbXdYznr2WmC0+SK2YV+bWcxhv0C/2gg2GBeVqm5gNGnvlyDytGOGo=
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
date: Tue, 27 Dec 2022 08:36:40 GMT
content-type: application/javascript
cache-control: public, max-age=31557600
cf-bgj: minify
cf-polished: origSize=43114
expires: Fri, 22 Dec 2023 13:55:28 GMT
last-modified: Thu, 22 Dec 2022 07:55:27 GMT
vary: Accept-Encoding,User-Agent,User-Agent
x-content-type-options: nosniff
x-turbo-charged-by: LiteSpeed
cf-cache-status: HIT
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=01Joetg0qbBk6i1z%2BhRMCzCW17VGdF97AEpH12lCD2ALz%2Bh%2Fx6zT6s3ckcXr7IYehW3lwQ0e%2FDfhJerTHRhxwZFQkTZEfKfawYsAZWkK4dKW0CVBKJc9ZRnoLOmYxC2EJtmbsQ%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 7800bad7ddbab51d-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
post.bemcon.co.uk/wp-content/litespeed/css/824e22c6742edf19741c2baf5f990b58.css?ver=90b58
200 OK 0 B URL HTTP/2 post.bemcon.co.uk/wp-content/litespeed/css/824e22c6742edf19741c2baf5f990b58.css?ver=90b58
IP
Analyzer Verdict Alert fortinet Phishing
GET /wp-content/litespeed/css/824e22c6742edf19741c2baf5f990b58.css?ver=90b58 HTTP/1.1
Host: post.bemcon.co.uk
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://post.bemcon.co.uk/
Cookie: _lscache_vary=0ecd605272207d647f0e0abe9c8f5436; __cf_bm=rVOpc_ZAXULVFzJMgYCF3Jmb5ddhP9Aw_bgQnBMSCO0-1672130199-0-AWcvvxacEOH95kQrELG1h47NtcOHp3DbhWYvBI20WGbDDNstDvDw1Q2Krb5glS/uvg9RKupOEtYR/gc50XHWYjW6Zaq4UlZmYhbXdYznr2WmC0+SK2YV+bWcxhv0C/2gg2GBeVqm5gNGnvlyDytGOGo=
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
date: Tue, 27 Dec 2022 08:36:40 GMT
content-type: text/css
cache-control: public, max-age=31557600
cf-bgj: minify
cf-polished: origSize=8815
expires: Fri, 22 Dec 2023 13:55:28 GMT
last-modified: Thu, 22 Dec 2022 07:55:27 GMT
vary: Accept-Encoding,User-Agent,User-Agent
x-content-type-options: nosniff
x-turbo-charged-by: LiteSpeed
cf-cache-status: HIT
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Ir7CwZCwZ1icgfiy%2BX0%2FAZSmsEgQnoYgPCBg97A%2BgT6LbpgaULzep%2BB5Wv8yFJiqbPcEVIRm5v2jNceypVU2TSstb5YsgwjDVxGM4xgNuUKYKYyF5K%2Ba%2FyxmBrP858lWdd%2FwsQ%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 7800bad74d1cb51d-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
post.bemcon.co.uk/wp-content/litespeed/css/3e625414636dcaa3b2462ab3755cd87a.css?ver=cd87a
200 OK 0 B URL HTTP/2 post.bemcon.co.uk/wp-content/litespeed/css/3e625414636dcaa3b2462ab3755cd87a.css?ver=cd87a
IP
Analyzer Verdict Alert fortinet Phishing
GET /wp-content/litespeed/css/3e625414636dcaa3b2462ab3755cd87a.css?ver=cd87a HTTP/1.1
Host: post.bemcon.co.uk
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://post.bemcon.co.uk/
Cookie: _lscache_vary=0ecd605272207d647f0e0abe9c8f5436; __cf_bm=rVOpc_ZAXULVFzJMgYCF3Jmb5ddhP9Aw_bgQnBMSCO0-1672130199-0-AWcvvxacEOH95kQrELG1h47NtcOHp3DbhWYvBI20WGbDDNstDvDw1Q2Krb5glS/uvg9RKupOEtYR/gc50XHWYjW6Zaq4UlZmYhbXdYznr2WmC0+SK2YV+bWcxhv0C/2gg2GBeVqm5gNGnvlyDytGOGo=
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
date: Tue, 27 Dec 2022 08:36:40 GMT
content-type: text/css
cache-control: public, max-age=31557600
cf-bgj: minify
cf-polished: origSize=8202
expires: Fri, 22 Dec 2023 13:55:28 GMT
last-modified: Thu, 22 Dec 2022 07:55:27 GMT
vary: Accept-Encoding,User-Agent,User-Agent
x-content-type-options: nosniff
x-turbo-charged-by: LiteSpeed
cf-cache-status: HIT
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=VQiON%2BVFKbDG%2F%2BhIqLXpDHOtK6BPgJyLkJeRlQFdgSZcLkWQ9Tx3QFEEOiDKlPtewo4urf648GOubPyjgQX%2Fm8jOp9riRAWMLNQT3RiMcY8sPr5gnoaPd5TH95x1QzuNUvHYNA%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 7800bad74d17b51d-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
post.bemcon.co.uk/
200 OK 0 B IP
Analyzer Verdict Alert fortinet Phishing
GET / HTTP/1.1
Host: post.bemcon.co.uk
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: none
Sec-Fetch-User: ?1
TE: trailers
HTTP/2 200 OK
date: Tue, 27 Dec 2022 08:36:38 GMT
content-type: text/html; charset=UTF-8
x-dns-prefetch-control: on
link: <https://post.bemcon.co.uk/wp-json/>; rel="https://api.w.org/", <https://post.bemcon.co.uk/wp-json/wp/v2/pages/1139>; rel="alternate"; type="application/json", <https://post.bemcon.co.uk/>; rel=shortlink
x-litespeed-cache: hit
vary: Accept-Encoding,User-Agent,User-Agent
x-content-type-options: nosniff
x-turbo-charged-by: LiteSpeed
cf-cache-status: DYNAMIC
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=GVc650ZHWnAgAJnalv%2BHEYyv5DSaZkwe2qAhiaDHwmVczBr8pdZWuFnR3rSSHaA%2BxRwQq3yMxA2CQqJ%2Bh68cPpW58mbncKTdqpLWjyAl6gw%2BU0%2FwfRGrIqGbHA501rMs%2FVUUYQ%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 7800bac95dcc1bfe-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
post.bemcon.co.uk/wp-content/litespeed/js/b89dfd376a5cdd6dad19b2ce3c8a2c4e.js?ver=a2c4e
200 OK 0 B URL HTTP/2 post.bemcon.co.uk/wp-content/litespeed/js/b89dfd376a5cdd6dad19b2ce3c8a2c4e.js?ver=a2c4e
IP
GET /wp-content/litespeed/js/b89dfd376a5cdd6dad19b2ce3c8a2c4e.js?ver=a2c4e HTTP/1.1
Host: post.bemcon.co.uk
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://post.bemcon.co.uk/
Cookie: _lscache_vary=0ecd605272207d647f0e0abe9c8f5436; __cf_bm=rVOpc_ZAXULVFzJMgYCF3Jmb5ddhP9Aw_bgQnBMSCO0-1672130199-0-AWcvvxacEOH95kQrELG1h47NtcOHp3DbhWYvBI20WGbDDNstDvDw1Q2Krb5glS/uvg9RKupOEtYR/gc50XHWYjW6Zaq4UlZmYhbXdYznr2WmC0+SK2YV+bWcxhv0C/2gg2GBeVqm5gNGnvlyDytGOGo=
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
date: Tue, 27 Dec 2022 08:36:40 GMT
content-type: application/javascript
cache-control: public, max-age=31557600
cf-bgj: minify
cf-polished: origSize=143268
expires: Fri, 22 Dec 2023 13:55:28 GMT
last-modified: Thu, 22 Dec 2022 07:55:27 GMT
vary: Accept-Encoding,User-Agent,User-Agent
x-content-type-options: nosniff
x-turbo-charged-by: LiteSpeed
cf-cache-status: HIT
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=92sZjRR0MpmKAFooHZBK0nrASw6xZoL9XNjWqmlnqfV%2BquAK%2F0W%2FeSLtuzX6NqHEhE%2FyQRdsUUPo6M9rHrGTiHkYLoECECWS8CH8CiLeIhm7%2Bm0%2Fl%2F6kZjt09HGP5or%2BVoRzKQ%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 7800bad7ddb7b51d-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
static.cloudflareinsights.com/beacon.min.js/vaafb692b2aea4879b33c060e79fe94621666317369993
200 OK 0 B URL HTTP/2 static.cloudflareinsights.com/beacon.min.js/vaafb692b2aea4879b33c060e79fe94621666317369993
IP
GET /beacon.min.js/vaafb692b2aea4879b33c060e79fe94621666317369993 HTTP/1.1
Host: static.cloudflareinsights.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://post.bemcon.co.uk
Connection: keep-alive
Referer: https://post.bemcon.co.uk/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Tue, 27 Dec 2022 08:36:38 GMT
content-type: text/javascript;charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=86400
etag: W/2022.10.1
last-modified: Fri, 21 Oct 2022 01:56:09 GMT
cross-origin-resource-policy: cross-origin
vary: Accept-Encoding
server: cloudflare
cf-ray: 7800bacc8bf4b511-OSL
content-encoding: gzip
X-Firefox-Spdy: h2
post.bemcon.co.uk/wp-content/litespeed/js/e85d957a2d1befcd3bbc2215e1b61407.js?ver=61407
200 OK 0 B URL HTTP/2 post.bemcon.co.uk/wp-content/litespeed/js/e85d957a2d1befcd3bbc2215e1b61407.js?ver=61407
IP
GET /wp-content/litespeed/js/e85d957a2d1befcd3bbc2215e1b61407.js?ver=61407 HTTP/1.1
Host: post.bemcon.co.uk
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://post.bemcon.co.uk/
Cookie: _lscache_vary=0ecd605272207d647f0e0abe9c8f5436; __cf_bm=rVOpc_ZAXULVFzJMgYCF3Jmb5ddhP9Aw_bgQnBMSCO0-1672130199-0-AWcvvxacEOH95kQrELG1h47NtcOHp3DbhWYvBI20WGbDDNstDvDw1Q2Krb5glS/uvg9RKupOEtYR/gc50XHWYjW6Zaq4UlZmYhbXdYznr2WmC0+SK2YV+bWcxhv0C/2gg2GBeVqm5gNGnvlyDytGOGo=
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
date: Tue, 27 Dec 2022 08:36:41 GMT
content-type: application/javascript
cache-control: public, max-age=31557600
cf-bgj: minify
cf-polished: origSize=8340
expires: Thu, 21 Dec 2023 07:11:06 GMT
last-modified: Wed, 21 Dec 2022 01:11:04 GMT
vary: Accept-Encoding,User-Agent,User-Agent
x-content-type-options: nosniff
x-turbo-charged-by: LiteSpeed
cf-cache-status: HIT
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=82fSJl8SlaigYhUFizCuwgrbedVqmAcDiwICgqkAKj4WCl3VI%2BDuHVV%2B%2FOYnhvVWpH8rEZBNjr%2Bb8mD6LJEFe4V%2BiArT4vKYkluw38XgTqOQQLWuQsiIMVruK8tfrA%2FioqDfFA%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 7800bad75d2eb51d-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
post.bemcon.co.uk/wp-content/litespeed/css/25bf94bf645d80b1aebf4af167ddf72a.css?ver=df72a
200 OK 0 B URL HTTP/2 post.bemcon.co.uk/wp-content/litespeed/css/25bf94bf645d80b1aebf4af167ddf72a.css?ver=df72a
IP
Analyzer Verdict Alert fortinet Phishing
GET /wp-content/litespeed/css/25bf94bf645d80b1aebf4af167ddf72a.css?ver=df72a HTTP/1.1
Host: post.bemcon.co.uk
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://post.bemcon.co.uk/
Cookie: _lscache_vary=0ecd605272207d647f0e0abe9c8f5436; __cf_bm=rVOpc_ZAXULVFzJMgYCF3Jmb5ddhP9Aw_bgQnBMSCO0-1672130199-0-AWcvvxacEOH95kQrELG1h47NtcOHp3DbhWYvBI20WGbDDNstDvDw1Q2Krb5glS/uvg9RKupOEtYR/gc50XHWYjW6Zaq4UlZmYhbXdYznr2WmC0+SK2YV+bWcxhv0C/2gg2GBeVqm5gNGnvlyDytGOGo=
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
date: Tue, 27 Dec 2022 08:36:40 GMT
content-type: text/css
cache-control: public, max-age=31557600
cf-bgj: minify
cf-polished: origSize=93358
expires: Fri, 22 Dec 2023 13:55:28 GMT
last-modified: Thu, 22 Dec 2022 07:55:27 GMT
vary: Accept-Encoding,User-Agent,User-Agent
x-content-type-options: nosniff
x-turbo-charged-by: LiteSpeed
cf-cache-status: HIT
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=XomLF2mrSb7NpDltMujJ6zqzNBkYZl4mEozMmAT5SjI%2FaNJDNEaUH5xwPMuxp0H1WJB4J2P%2BDfpyFvUwtCxIOABOmaXEXLz3QxAv7HanD0dT7M7XtnXVqX82ctKDt9KNegn03A%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 7800bad73cf9b51d-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
post.bemcon.co.uk/wp-content/uploads//2020/05/Active-Courses.svg
200 OK 0 B URL HTTP/2 post.bemcon.co.uk/wp-content/uploads//2020/05/Active-Courses.svg
IP
Analyzer Verdict Alert fortinet Phishing
GET /wp-content/uploads//2020/05/Active-Courses.svg HTTP/1.1
Host: post.bemcon.co.uk
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://post.bemcon.co.uk/
Cookie: _lscache_vary=0ecd605272207d647f0e0abe9c8f5436; __cf_bm=rVOpc_ZAXULVFzJMgYCF3Jmb5ddhP9Aw_bgQnBMSCO0-1672130199-0-AWcvvxacEOH95kQrELG1h47NtcOHp3DbhWYvBI20WGbDDNstDvDw1Q2Krb5glS/uvg9RKupOEtYR/gc50XHWYjW6Zaq4UlZmYhbXdYznr2WmC0+SK2YV+bWcxhv0C/2gg2GBeVqm5gNGnvlyDytGOGo=; _ga_94998W1T93=GS1.1.1672130198.1.0.1672130198.0.0.0; _ga=GA1.1.1242040011.1672130198
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
date: Tue, 27 Dec 2022 08:36:42 GMT
content-type: image/svg+xml
cache-control: public, max-age=31557600
expires: Thu, 21 Dec 2023 07:11:03 GMT
last-modified: Sat, 08 Aug 2020 14:48:37 GMT
vary: Accept-Encoding,User-Agent,User-Agent
x-content-type-options: nosniff
x-turbo-charged-by: LiteSpeed
cf-cache-status: HIT
age: 5519
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=%2BYT7a3Th5xtcCaB7s1VryOsCd27DYP4dI18aJ4F567mBN1KbfZ8QMYVev0Vf3jgr322fmWyHwofCyTudllgDeeL99VpgEgTEABLSZLVsscvYC5Q7n1oIaQTtGl6p6kpWmJJ0cA%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 7800bae2cbd0b51d-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
post.bemcon.co.uk/wp-content/litespeed/js/81e54c382eb3da1e03cbdb8115747029.js?ver=47029
200 OK 0 B URL HTTP/2 post.bemcon.co.uk/wp-content/litespeed/js/81e54c382eb3da1e03cbdb8115747029.js?ver=47029
IP
GET /wp-content/litespeed/js/81e54c382eb3da1e03cbdb8115747029.js?ver=47029 HTTP/1.1
Host: post.bemcon.co.uk
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://post.bemcon.co.uk/
Cookie: _lscache_vary=0ecd605272207d647f0e0abe9c8f5436; __cf_bm=rVOpc_ZAXULVFzJMgYCF3Jmb5ddhP9Aw_bgQnBMSCO0-1672130199-0-AWcvvxacEOH95kQrELG1h47NtcOHp3DbhWYvBI20WGbDDNstDvDw1Q2Krb5glS/uvg9RKupOEtYR/gc50XHWYjW6Zaq4UlZmYhbXdYznr2WmC0+SK2YV+bWcxhv0C/2gg2GBeVqm5gNGnvlyDytGOGo=
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
date: Tue, 27 Dec 2022 08:36:40 GMT
content-type: application/javascript
cache-control: public, max-age=31557600
cf-bgj: minify
cf-polished: origSize=3404
expires: Fri, 22 Dec 2023 13:55:28 GMT
last-modified: Thu, 22 Dec 2022 07:55:27 GMT
vary: Accept-Encoding,User-Agent,User-Agent
x-content-type-options: nosniff
x-turbo-charged-by: LiteSpeed
cf-cache-status: HIT
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=TNqEX1wrDva9v5w8podXrUndmGHadaWGMgbKPtAqUQ4SDfjHFg3RACUsoeT4FSve%2BtGLgQ6AraWj%2F1t8UwfJEd5vMNIRM2rrliPzQG2cgGrT7zjXL1oxouQF3OjQ1JAeI26RkA%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 7800bad79d72b51d-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
post.bemcon.co.uk/wp-content/litespeed/css/df4b49c8b58c6feff2f9a3da86689158.css?ver=89158
200 OK 0 B URL HTTP/2 post.bemcon.co.uk/wp-content/litespeed/css/df4b49c8b58c6feff2f9a3da86689158.css?ver=89158
IP
Analyzer Verdict Alert fortinet Phishing
GET /wp-content/litespeed/css/df4b49c8b58c6feff2f9a3da86689158.css?ver=89158 HTTP/1.1
Host: post.bemcon.co.uk
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://post.bemcon.co.uk/
Cookie: _lscache_vary=0ecd605272207d647f0e0abe9c8f5436; __cf_bm=rVOpc_ZAXULVFzJMgYCF3Jmb5ddhP9Aw_bgQnBMSCO0-1672130199-0-AWcvvxacEOH95kQrELG1h47NtcOHp3DbhWYvBI20WGbDDNstDvDw1Q2Krb5glS/uvg9RKupOEtYR/gc50XHWYjW6Zaq4UlZmYhbXdYznr2WmC0+SK2YV+bWcxhv0C/2gg2GBeVqm5gNGnvlyDytGOGo=
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
date: Tue, 27 Dec 2022 08:36:40 GMT
content-type: text/css
cache-control: public, max-age=31557600
cf-bgj: minify
cf-polished: origSize=7066
expires: Sat, 23 Dec 2023 20:18:01 GMT
last-modified: Thu, 22 Dec 2022 07:55:27 GMT
vary: Accept-Encoding,User-Agent,User-Agent
x-content-type-options: nosniff
x-turbo-charged-by: LiteSpeed
cf-cache-status: HIT
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=u5peDZ3T77EbxMEV3L5R9zXfMdfKxK87OY4u6ysObXTLdIKTnTwEILHcxzpRGleI%2FewkjswiXYFs9I%2F0U3SJC2pSFcSAAcazitHddHGMEVWpR2xsNsKa99LH5qYvLc1ySk27Hg%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 7800bad77d45b51d-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
post.bemcon.co.uk/wp-content/litespeed/css/3a3078582f0bb387c4481a1fbcdd088e.css?ver=d088e
200 OK 0 B URL HTTP/2 post.bemcon.co.uk/wp-content/litespeed/css/3a3078582f0bb387c4481a1fbcdd088e.css?ver=d088e
IP
Analyzer Verdict Alert fortinet Phishing
GET /wp-content/litespeed/css/3a3078582f0bb387c4481a1fbcdd088e.css?ver=d088e HTTP/1.1
Host: post.bemcon.co.uk
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://post.bemcon.co.uk/
Cookie: _lscache_vary=0ecd605272207d647f0e0abe9c8f5436; __cf_bm=rVOpc_ZAXULVFzJMgYCF3Jmb5ddhP9Aw_bgQnBMSCO0-1672130199-0-AWcvvxacEOH95kQrELG1h47NtcOHp3DbhWYvBI20WGbDDNstDvDw1Q2Krb5glS/uvg9RKupOEtYR/gc50XHWYjW6Zaq4UlZmYhbXdYznr2WmC0+SK2YV+bWcxhv0C/2gg2GBeVqm5gNGnvlyDytGOGo=
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
date: Tue, 27 Dec 2022 08:36:40 GMT
content-type: text/css
cache-control: public, max-age=31557600
cf-bgj: minify
cf-polished: origSize=43830
expires: Wed, 27 Dec 2023 11:54:44 GMT
last-modified: Tue, 27 Dec 2022 02:19:04 GMT
vary: Accept-Encoding,User-Agent,User-Agent
x-content-type-options: nosniff
x-turbo-charged-by: LiteSpeed
cf-cache-status: HIT
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=VueRPGDuqgkcdIUYIRAr69SDXMZ1iHsQS%2Fk5BVJjFo7SbTu3XTJe%2F2XcTPUkUd2N6LpeW6bWbSsRe9JkUzVhbYnvu0Y8cRQ86LomSxCjoKzlauCG0eHvqBnRv%2F4%2FJ0sQm5r4Yg%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 7800bad73cf6b51d-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
fonts.googleapis.com/css?family=Montserrat%3A100%2C100italic%2C200%2C200italic%2C300%2C300italic%2C400%2C400italic%2C500%2C500italic%2C600%2C600italic%2C700%2C700italic%2C800%2C800italic%2C900%2C900italic%7CRaleway%3A100%2C100italic%2C200%2C200italic%2C300%2C300italic%2C400%2C400italic%2C500%2C500italic%2C600%2C600italic%2C700%2C700italic%2C800%2C800italic%2C900%2C900italic%7CLora%3A100%2C100italic%2C200%2C200italic%2C300%2C300italic%2C400%2C400italic%2C500%2C500italic%2C600%2C600italic%2C700%2C700italic%2C800%2C800italic%2C900%2C900italic&display=auto&ver=6.1.1
200 OK 0 B URL HTTP/2 fonts.googleapis.com/css?family=Montserrat%3A100%2C100italic%2C200%2C200italic%2C300%2C300italic%2C400%2C400italic%2C500%2C500italic%2C600%2C600italic%2C700%2C700italic%2C800%2C800italic%2C900%2C900italic%7CRaleway%3A100%2C100italic%2C200%2C200italic%2C300%2C300italic%2C400%2C400italic%2C500%2C500italic%2C600%2C600italic%2C700%2C700italic%2C800%2C800italic%2C900%2C900italic%7CLora%3A100%2C100italic%2C200%2C200italic%2C300%2C300italic%2C400%2C400italic%2C500%2C500italic%2C600%2C600italic%2C700%2C700italic%2C800%2C800italic%2C900%2C900italic&display=auto&ver=6.1.1
IP
GET /css?family=Montserrat%3A100%2C100italic%2C200%2C200italic%2C300%2C300italic%2C400%2C400italic%2C500%2C500italic%2C600%2C600italic%2C700%2C700italic%2C800%2C800italic%2C900%2C900italic%7CRaleway%3A100%2C100italic%2C200%2C200italic%2C300%2C300italic%2C400%2C400italic%2C500%2C500italic%2C600%2C600italic%2C700%2C700italic%2C800%2C800italic%2C900%2C900italic%7CLora%3A100%2C100italic%2C200%2C200italic%2C300%2C300italic%2C400%2C400italic%2C500%2C500italic%2C600%2C600italic%2C700%2C700italic%2C800%2C800italic%2C900%2C900italic&display=auto&ver=6.1.1 HTTP/1.1
Host: fonts.googleapis.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://post.bemcon.co.uk/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
content-type: text/css; charset=utf-8
access-control-allow-origin: *
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
strict-transport-security: max-age=31536000
expires: Tue, 27 Dec 2022 08:36:40 GMT
date: Tue, 27 Dec 2022 08:36:40 GMT
cache-control: private, max-age=86400
cross-origin-opener-policy: same-origin-allow-popups
cross-origin-resource-policy: cross-origin
content-encoding: gzip
server: ESF
x-xss-protection: 0
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
post.bemcon.co.uk/wp-content/litespeed/js/5cd0ce6290bce893938c463d0de59500.js?ver=59500
200 OK 0 B URL HTTP/2 post.bemcon.co.uk/wp-content/litespeed/js/5cd0ce6290bce893938c463d0de59500.js?ver=59500
IP
GET /wp-content/litespeed/js/5cd0ce6290bce893938c463d0de59500.js?ver=59500 HTTP/1.1
Host: post.bemcon.co.uk
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://post.bemcon.co.uk/
Cookie: _lscache_vary=0ecd605272207d647f0e0abe9c8f5436; __cf_bm=rVOpc_ZAXULVFzJMgYCF3Jmb5ddhP9Aw_bgQnBMSCO0-1672130199-0-AWcvvxacEOH95kQrELG1h47NtcOHp3DbhWYvBI20WGbDDNstDvDw1Q2Krb5glS/uvg9RKupOEtYR/gc50XHWYjW6Zaq4UlZmYhbXdYznr2WmC0+SK2YV+bWcxhv0C/2gg2GBeVqm5gNGnvlyDytGOGo=
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
date: Tue, 27 Dec 2022 08:36:40 GMT
content-type: application/javascript
cache-control: public, max-age=31557600
cf-bgj: minify
cf-polished: origSize=10730
expires: Sun, 17 Dec 2023 17:04:31 GMT
last-modified: Fri, 16 Dec 2022 12:45:47 GMT
vary: Accept-Encoding,User-Agent,User-Agent
x-content-type-options: nosniff
x-turbo-charged-by: LiteSpeed
cf-cache-status: HIT
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=XNfuYrHnAiWasm6GSjm%2BwljwSQeo54pRamyRNHX1TZLOGyqxEeSkVLe4chU9HRjWCretvFUqD92w61hn7LZB%2Bv4FlvjsK7B2%2FhUrnq9gawB72RRkbvLAdUljVMtUz4SV%2BX5yiw%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 7800bad79d74b51d-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
post.bemcon.co.uk/wp-content/litespeed/css/ee25c82612046ca9a86540ae5bfcd1ac.css?ver=cd1ac
200 OK 0 B URL HTTP/2 post.bemcon.co.uk/wp-content/litespeed/css/ee25c82612046ca9a86540ae5bfcd1ac.css?ver=cd1ac
IP
Analyzer Verdict Alert fortinet Phishing
GET /wp-content/litespeed/css/ee25c82612046ca9a86540ae5bfcd1ac.css?ver=cd1ac HTTP/1.1
Host: post.bemcon.co.uk
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://post.bemcon.co.uk/
Cookie: _lscache_vary=0ecd605272207d647f0e0abe9c8f5436; __cf_bm=rVOpc_ZAXULVFzJMgYCF3Jmb5ddhP9Aw_bgQnBMSCO0-1672130199-0-AWcvvxacEOH95kQrELG1h47NtcOHp3DbhWYvBI20WGbDDNstDvDw1Q2Krb5glS/uvg9RKupOEtYR/gc50XHWYjW6Zaq4UlZmYhbXdYznr2WmC0+SK2YV+bWcxhv0C/2gg2GBeVqm5gNGnvlyDytGOGo=
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
date: Tue, 27 Dec 2022 08:36:40 GMT
content-type: text/css
cache-control: public, max-age=31557600
cf-bgj: minify
cf-polished: origSize=2827
expires: Fri, 22 Dec 2023 13:55:28 GMT
last-modified: Thu, 22 Dec 2022 07:55:27 GMT
vary: Accept-Encoding,User-Agent,User-Agent
x-content-type-options: nosniff
x-turbo-charged-by: LiteSpeed
cf-cache-status: HIT
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=EeKc69HScZ3li0kapPX%2F%2FU%2BwMi1WJ0SJSJyTMI9ANUtmgGpP4ursfVgpyu4PMda6BCGEuz1WWgs80YYcWOeFnZ6%2Fy9wn50OK6iFnHbrUEbBpubXoaGqG5Ic%2F8U51dsbCtLZQwA%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 7800bad76d37b51d-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
post.bemcon.co.uk/wp-content/litespeed/js/8e6b0d3fd10eb987f97773fd0c9acc8e.js?ver=acc8e
200 OK 0 B URL HTTP/2 post.bemcon.co.uk/wp-content/litespeed/js/8e6b0d3fd10eb987f97773fd0c9acc8e.js?ver=acc8e
IP
GET /wp-content/litespeed/js/8e6b0d3fd10eb987f97773fd0c9acc8e.js?ver=acc8e HTTP/1.1
Host: post.bemcon.co.uk
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://post.bemcon.co.uk/
Cookie: _lscache_vary=0ecd605272207d647f0e0abe9c8f5436; __cf_bm=rVOpc_ZAXULVFzJMgYCF3Jmb5ddhP9Aw_bgQnBMSCO0-1672130199-0-AWcvvxacEOH95kQrELG1h47NtcOHp3DbhWYvBI20WGbDDNstDvDw1Q2Krb5glS/uvg9RKupOEtYR/gc50XHWYjW6Zaq4UlZmYhbXdYznr2WmC0+SK2YV+bWcxhv0C/2gg2GBeVqm5gNGnvlyDytGOGo=
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
date: Tue, 27 Dec 2022 08:36:40 GMT
content-type: application/javascript
cache-control: public, max-age=31557600
cf-bgj: minify
cf-polished: origSize=11225
expires: Fri, 22 Dec 2023 10:52:17 GMT
last-modified: Thu, 22 Dec 2022 04:52:16 GMT
vary: Accept-Encoding,User-Agent,User-Agent
x-content-type-options: nosniff
x-turbo-charged-by: LiteSpeed
cf-cache-status: HIT
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=yqZdm35bsG6ld6xBlYsFFPtVQ3agYH%2Bb%2FjcgzYDBxPP2%2FWOTTYVRicCjMNJfMQP8e%2BA3OzBhIqn%2BwzlbBkGaDbS3HEEmGy6cT7QBGFPm9%2B8p0FaWTHQ5MQvLmBgsgvTNTYzmqg%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 7800bad75d28b51d-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
post.bemcon.co.uk/wp-content/litespeed/js/6676b27a63cb2a19b79982be5c6f6cbd.js?ver=f6cbd
200 OK 0 B URL HTTP/2 post.bemcon.co.uk/wp-content/litespeed/js/6676b27a63cb2a19b79982be5c6f6cbd.js?ver=f6cbd
IP
GET /wp-content/litespeed/js/6676b27a63cb2a19b79982be5c6f6cbd.js?ver=f6cbd HTTP/1.1
Host: post.bemcon.co.uk
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://post.bemcon.co.uk/
Cookie: _lscache_vary=0ecd605272207d647f0e0abe9c8f5436; __cf_bm=rVOpc_ZAXULVFzJMgYCF3Jmb5ddhP9Aw_bgQnBMSCO0-1672130199-0-AWcvvxacEOH95kQrELG1h47NtcOHp3DbhWYvBI20WGbDDNstDvDw1Q2Krb5glS/uvg9RKupOEtYR/gc50XHWYjW6Zaq4UlZmYhbXdYznr2WmC0+SK2YV+bWcxhv0C/2gg2GBeVqm5gNGnvlyDytGOGo=
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
date: Tue, 27 Dec 2022 08:36:40 GMT
content-type: application/javascript
cache-control: public, max-age=31557600
cf-bgj: minify
cf-polished: origSize=3722
expires: Fri, 22 Dec 2023 13:55:28 GMT
last-modified: Thu, 22 Dec 2022 07:55:27 GMT
vary: Accept-Encoding,User-Agent,User-Agent
x-content-type-options: nosniff
x-turbo-charged-by: LiteSpeed
cf-cache-status: HIT
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Er67rFBO9iL9WoIeFppFydN7vV%2BHzWpoLInNYb0wn12OxMi3HK12CKVrCQGKKTh1zlEDMzxSiR5Q%2B0JIJGLGmSazXA%2FmBmc5FmAZ4frXQtbVBsiJpZf1jQfQw1kgpIMbK07fFw%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 7800bad7ddbbb51d-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
post.bemcon.co.uk/wp-content/litespeed/js/f4a8f79ca2147599cdf000bf1066e50f.js?ver=6e50f
200 OK 0 B URL HTTP/2 post.bemcon.co.uk/wp-content/litespeed/js/f4a8f79ca2147599cdf000bf1066e50f.js?ver=6e50f
IP
GET /wp-content/litespeed/js/f4a8f79ca2147599cdf000bf1066e50f.js?ver=6e50f HTTP/1.1
Host: post.bemcon.co.uk
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://post.bemcon.co.uk/
Cookie: _lscache_vary=0ecd605272207d647f0e0abe9c8f5436; __cf_bm=rVOpc_ZAXULVFzJMgYCF3Jmb5ddhP9Aw_bgQnBMSCO0-1672130199-0-AWcvvxacEOH95kQrELG1h47NtcOHp3DbhWYvBI20WGbDDNstDvDw1Q2Krb5glS/uvg9RKupOEtYR/gc50XHWYjW6Zaq4UlZmYhbXdYznr2WmC0+SK2YV+bWcxhv0C/2gg2GBeVqm5gNGnvlyDytGOGo=
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
date: Tue, 27 Dec 2022 08:36:40 GMT
content-type: application/javascript
cache-control: public, max-age=31557600
cf-bgj: minify
cf-polished: origSize=1676
expires: Thu, 21 Dec 2023 07:11:05 GMT
last-modified: Wed, 21 Dec 2022 01:11:04 GMT
vary: Accept-Encoding,User-Agent,User-Agent
x-content-type-options: nosniff
x-turbo-charged-by: LiteSpeed
cf-cache-status: HIT
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=RZnyvKanQzURrqP3%2Bqy7XDdMlnvQ55hj6exvG5Hd2R7ltRnFCK49Lt9FNI78uHSzmrhgSgI5flh3iAzJ5N7uW9R2juEiuU8Prd9Z2XyqFR9b4PW%2FNwMeHVDQNc8wWHyd9%2FFvFQ%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 7800bad75d2ab51d-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
post.bemcon.co.uk/wp-content/litespeed/css/8816ce3c297776cb8f3b0d45edcaf33b.css?ver=af33b
200 OK 0 B URL HTTP/2 post.bemcon.co.uk/wp-content/litespeed/css/8816ce3c297776cb8f3b0d45edcaf33b.css?ver=af33b
IP
Analyzer Verdict Alert fortinet Phishing
GET /wp-content/litespeed/css/8816ce3c297776cb8f3b0d45edcaf33b.css?ver=af33b HTTP/1.1
Host: post.bemcon.co.uk
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://post.bemcon.co.uk/
Cookie: _lscache_vary=0ecd605272207d647f0e0abe9c8f5436; __cf_bm=rVOpc_ZAXULVFzJMgYCF3Jmb5ddhP9Aw_bgQnBMSCO0-1672130199-0-AWcvvxacEOH95kQrELG1h47NtcOHp3DbhWYvBI20WGbDDNstDvDw1Q2Krb5glS/uvg9RKupOEtYR/gc50XHWYjW6Zaq4UlZmYhbXdYznr2WmC0+SK2YV+bWcxhv0C/2gg2GBeVqm5gNGnvlyDytGOGo=
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
date: Tue, 27 Dec 2022 08:36:40 GMT
content-type: text/css
cache-control: public, max-age=31557600
cf-bgj: minify
expires: Sun, 10 Dec 2023 10:44:53 GMT
last-modified: Sat, 10 Dec 2022 04:44:52 GMT
vary: Accept-Encoding,User-Agent,User-Agent
x-content-type-options: nosniff
x-turbo-charged-by: LiteSpeed
cf-cache-status: HIT
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=0p6VGXT3nmWxHrOdRfsuy05dRlrJTXzRH9w25j3iZpnCdVRPo167mnSczHC0bHxNNBrNB7IOBH8TEy6%2F9G1hsei9orRXwdgYZeV1tGacu2it%2B33yodc6CnLBtR%2B2PAqzQx0fxA%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 7800bad74d13b51d-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
post.bemcon.co.uk/wp-content/litespeed/css/3e0032d99d6c167d3111bb352854e04a.css?ver=4e04a
200 OK 0 B URL HTTP/2 post.bemcon.co.uk/wp-content/litespeed/css/3e0032d99d6c167d3111bb352854e04a.css?ver=4e04a
IP
Analyzer Verdict Alert fortinet Phishing
GET /wp-content/litespeed/css/3e0032d99d6c167d3111bb352854e04a.css?ver=4e04a HTTP/1.1
Host: post.bemcon.co.uk
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://post.bemcon.co.uk/
Cookie: _lscache_vary=0ecd605272207d647f0e0abe9c8f5436; __cf_bm=rVOpc_ZAXULVFzJMgYCF3Jmb5ddhP9Aw_bgQnBMSCO0-1672130199-0-AWcvvxacEOH95kQrELG1h47NtcOHp3DbhWYvBI20WGbDDNstDvDw1Q2Krb5glS/uvg9RKupOEtYR/gc50XHWYjW6Zaq4UlZmYhbXdYznr2WmC0+SK2YV+bWcxhv0C/2gg2GBeVqm5gNGnvlyDytGOGo=
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
date: Tue, 27 Dec 2022 08:36:40 GMT
content-type: text/css
cache-control: public, max-age=31557600
cf-bgj: minify
cf-polished: origSize=993
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
expires: Thu, 21 Dec 2023 07:11:04 GMT
last-modified: Wed, 21 Dec 2022 01:11:04 GMT
vary: Accept-Encoding,User-Agent,User-Agent
x-content-type-options: nosniff
x-turbo-charged-by: LiteSpeed
cf-cache-status: HIT
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=jtCdT420FQlQlS%2BE6%2FG3Rs3rVc%2F5gEbeOReb9WZhW92yUo0nTZ2R20ZWDcuB5mFvwJefyCeUprPbUCnyLJiDWeG020s7y19AkHPWWifZc0yHZEJaE6kFbRDOaRFIrv6Lr7Wo%2Fw%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 7800bad75d24b51d-OSL
content-encoding: br
X-Firefox-Spdy: h2
post.bemcon.co.uk/wp-includes/js/jquery/jquery.min.js
200 OK 0 B URL HTTP/2 post.bemcon.co.uk/wp-includes/js/jquery/jquery.min.js
IP
Analyzer Verdict Alert fortinet Phishing
GET /wp-includes/js/jquery/jquery.min.js HTTP/1.1
Host: post.bemcon.co.uk
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://post.bemcon.co.uk/
Cookie: _lscache_vary=0ecd605272207d647f0e0abe9c8f5436; __cf_bm=rVOpc_ZAXULVFzJMgYCF3Jmb5ddhP9Aw_bgQnBMSCO0-1672130199-0-AWcvvxacEOH95kQrELG1h47NtcOHp3DbhWYvBI20WGbDDNstDvDw1Q2Krb5glS/uvg9RKupOEtYR/gc50XHWYjW6Zaq4UlZmYhbXdYznr2WmC0+SK2YV+bWcxhv0C/2gg2GBeVqm5gNGnvlyDytGOGo=
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
date: Tue, 27 Dec 2022 08:36:40 GMT
content-type: application/javascript
cache-control: public, max-age=31557600
expires: Thu, 21 Dec 2023 07:11:04 GMT
last-modified: Mon, 19 Sep 2022 19:46:24 GMT
vary: Accept-Encoding,User-Agent,User-Agent
x-content-type-options: nosniff
x-turbo-charged-by: LiteSpeed
cf-cache-status: HIT
age: 5519
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=JkOPBUvuXVEq%2BleNq2p%2FbF5DlQwb9Vk0Rty9zbCs7AnMC3t7ahlfjaMEuq4YsbgloxuTKFu3zyZsdC11AHCIdkHbzem%2FuFJNKF9zu8sSJU%2FQH0ROzq7f4qSvoTENXS1hCNT9oQ%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 7800bad75d26b51d-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
post.bemcon.co.uk/wp-content/litespeed/css/aa949f780d8343426f35cda5c8330eed.css?ver=30eed
200 OK 0 B URL HTTP/2 post.bemcon.co.uk/wp-content/litespeed/css/aa949f780d8343426f35cda5c8330eed.css?ver=30eed
IP
Analyzer Verdict Alert fortinet Phishing
GET /wp-content/litespeed/css/aa949f780d8343426f35cda5c8330eed.css?ver=30eed HTTP/1.1
Host: post.bemcon.co.uk
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://post.bemcon.co.uk/
Cookie: _lscache_vary=0ecd605272207d647f0e0abe9c8f5436; __cf_bm=rVOpc_ZAXULVFzJMgYCF3Jmb5ddhP9Aw_bgQnBMSCO0-1672130199-0-AWcvvxacEOH95kQrELG1h47NtcOHp3DbhWYvBI20WGbDDNstDvDw1Q2Krb5glS/uvg9RKupOEtYR/gc50XHWYjW6Zaq4UlZmYhbXdYznr2WmC0+SK2YV+bWcxhv0C/2gg2GBeVqm5gNGnvlyDytGOGo=
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
date: Tue, 27 Dec 2022 08:36:40 GMT
content-type: text/css
cache-control: public, max-age=31557600
cf-bgj: minify
cf-polished: origSize=9524
expires: Sat, 23 Dec 2023 20:18:00 GMT
last-modified: Thu, 22 Dec 2022 07:55:27 GMT
vary: Accept-Encoding,User-Agent,User-Agent
x-content-type-options: nosniff
x-turbo-charged-by: LiteSpeed
cf-cache-status: HIT
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=ajshQPrS0AFOXk5KgUCI7zFsI%2Fp1qgcaHRZVjEHrorZNEz5Kt9YucneZ1p%2FvU2JDQVZweTBAglCIxxX4slfMLu3sNWANCyN52njHDA6UBabvhWVNbjZE2p%2FoXVtdIop%2BEdg68A%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 7800bad74d16b51d-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
post.bemcon.co.uk/wp-content/litespeed/css/30bf492ec0b4e46f6d32db09d947410c.css?ver=7410c
200 OK 0 B URL HTTP/2 post.bemcon.co.uk/wp-content/litespeed/css/30bf492ec0b4e46f6d32db09d947410c.css?ver=7410c
IP
Analyzer Verdict Alert fortinet Phishing
GET /wp-content/litespeed/css/30bf492ec0b4e46f6d32db09d947410c.css?ver=7410c HTTP/1.1
Host: post.bemcon.co.uk
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://post.bemcon.co.uk/
Cookie: _lscache_vary=0ecd605272207d647f0e0abe9c8f5436; __cf_bm=rVOpc_ZAXULVFzJMgYCF3Jmb5ddhP9Aw_bgQnBMSCO0-1672130199-0-AWcvvxacEOH95kQrELG1h47NtcOHp3DbhWYvBI20WGbDDNstDvDw1Q2Krb5glS/uvg9RKupOEtYR/gc50XHWYjW6Zaq4UlZmYhbXdYznr2WmC0+SK2YV+bWcxhv0C/2gg2GBeVqm5gNGnvlyDytGOGo=
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
date: Tue, 27 Dec 2022 08:36:40 GMT
content-type: text/css
cache-control: public, max-age=31557600
cf-bgj: minify
cf-polished: origSize=97518
expires: Sat, 23 Dec 2023 20:18:00 GMT
last-modified: Thu, 22 Dec 2022 07:55:27 GMT
vary: Accept-Encoding,User-Agent,User-Agent
x-content-type-options: nosniff
x-turbo-charged-by: LiteSpeed
cf-cache-status: HIT
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=0foK%2BA4ukbzMDQFILnk0439EOVm2KlfNDwiAlbIJzIZn9LKg4rojirBwLc0sqpIlZsOYnFHx%2BlmiPQ67CVl%2FUAyE2jCn7sDuzAg7MSsisYslPKvxU2uaVGtGHb1AYFa5yrPGqw%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 7800bad72cf1b51d-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
post.bemcon.co.uk/wp-content/litespeed/js/3516176d20aa6b1db543fb10ef348a7f.js?ver=48a7f
200 OK 0 B URL HTTP/2 post.bemcon.co.uk/wp-content/litespeed/js/3516176d20aa6b1db543fb10ef348a7f.js?ver=48a7f
IP
GET /wp-content/litespeed/js/3516176d20aa6b1db543fb10ef348a7f.js?ver=48a7f HTTP/1.1
Host: post.bemcon.co.uk
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://post.bemcon.co.uk/
Cookie: _lscache_vary=0ecd605272207d647f0e0abe9c8f5436; __cf_bm=rVOpc_ZAXULVFzJMgYCF3Jmb5ddhP9Aw_bgQnBMSCO0-1672130199-0-AWcvvxacEOH95kQrELG1h47NtcOHp3DbhWYvBI20WGbDDNstDvDw1Q2Krb5glS/uvg9RKupOEtYR/gc50XHWYjW6Zaq4UlZmYhbXdYznr2WmC0+SK2YV+bWcxhv0C/2gg2GBeVqm5gNGnvlyDytGOGo=
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
date: Tue, 27 Dec 2022 08:36:40 GMT
content-type: application/javascript
cache-control: public, max-age=31557600
cf-bgj: minify
cf-polished: origSize=5631
expires: Fri, 22 Dec 2023 13:55:28 GMT
last-modified: Thu, 22 Dec 2022 07:55:27 GMT
vary: Accept-Encoding,User-Agent,User-Agent
x-content-type-options: nosniff
x-turbo-charged-by: LiteSpeed
cf-cache-status: HIT
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=7GGaYFBSNUUDBpnUnWOs%2F2dkTAoMUU8hZBQnIWfKe8IActu2z1SEP3AuRNIm3WdNY1FWnw4ZvzzqPYIyT6MfUdAC4%2BmtjO6sv0OInWN8U8aifY6N%2FsYfM7GehkKfYZFpT0FOYQ%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 7800bad7bd9cb51d-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
post.bemcon.co.uk/index.php/mailster/3718/138a7c90e873f6905becd7f30d36cebe/aHR0cHM6Ly9wb3N0LmJlbWNvbi5jby51aw
307 Temporary Redirect 0 B URL HTTP/2 post.bemcon.co.uk/index.php/mailster/3718/138a7c90e873f6905becd7f30d36cebe/aHR0cHM6Ly9wb3N0LmJlbWNvbi5jby51aw
IP
Analyzer Verdict Alert fortinet Phishing
GET /index.php/mailster/3718/138a7c90e873f6905becd7f30d36cebe/aHR0cHM6Ly9wb3N0LmJlbWNvbi5jby51aw HTTP/1.1
Host: post.bemcon.co.uk
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: none
Sec-Fetch-User: ?1
HTTP/2 307 Temporary Redirect
date: Tue, 27 Dec 2022 08:36:37 GMT
content-type: text/html; charset=UTF-8
location: https://post.bemcon.co.uk
x-dns-prefetch-control: on
x-redirect-by: Mailster
x-litespeed-cache: hit
vary: User-Agent,User-Agent
x-content-type-options: nosniff
x-turbo-charged-by: LiteSpeed
cf-cache-status: DYNAMIC
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=o2KzC7DKfqZyO2Ls%2FmFngWg8Xnpm13eVytaUm1yGRBpfPO3UZmQUZ02t8nXugwWNLZ9%2BypzwOcvQm5DyZxlIOXNhYhioEw2qwY3%2FJJtS97VzSSF1CABwxgziUoVQ94Mh%2FBH1IA%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 7800bac81c8f1bfe-OSL
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
post.bemcon.co.uk/wp-content/litespeed/css/155b56c34a921efc4bebe4b86eac66b9.css?ver=c66b9
200 OK 0 B URL HTTP/2 post.bemcon.co.uk/wp-content/litespeed/css/155b56c34a921efc4bebe4b86eac66b9.css?ver=c66b9
IP
Analyzer Verdict Alert fortinet Phishing
GET /wp-content/litespeed/css/155b56c34a921efc4bebe4b86eac66b9.css?ver=c66b9 HTTP/1.1
Host: post.bemcon.co.uk
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://post.bemcon.co.uk/
Cookie: _lscache_vary=0ecd605272207d647f0e0abe9c8f5436; __cf_bm=rVOpc_ZAXULVFzJMgYCF3Jmb5ddhP9Aw_bgQnBMSCO0-1672130199-0-AWcvvxacEOH95kQrELG1h47NtcOHp3DbhWYvBI20WGbDDNstDvDw1Q2Krb5glS/uvg9RKupOEtYR/gc50XHWYjW6Zaq4UlZmYhbXdYznr2WmC0+SK2YV+bWcxhv0C/2gg2GBeVqm5gNGnvlyDytGOGo=
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
date: Tue, 27 Dec 2022 08:36:40 GMT
content-type: text/css
cache-control: public, max-age=31557600
cf-bgj: minify
cf-polished: origSize=8555
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
expires: Thu, 21 Dec 2023 07:11:04 GMT
last-modified: Wed, 21 Dec 2022 01:11:04 GMT
vary: Accept-Encoding,User-Agent,User-Agent
x-content-type-options: nosniff
x-turbo-charged-by: LiteSpeed
cf-cache-status: HIT
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=aPKxA%2FMBwGQixFld1LNnpG5a4MWqx7xTyu23ikxnMWhNXOglhS%2Bb6dv0pVaoSBvfAsLDQ%2BFuhDpYfjULaLGaPRrEIWKeVyKEOpPt%2BUsG9FislDYKHMjurdixox%2BZyzmjI%2FD8ag%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 7800bad77d4ab51d-OSL
content-encoding: br
X-Firefox-Spdy: h2
172.67.199.110
23.36.77.32
93.184.220.29
104.16.56.101