post.bemcon.co.uk/index.php/mailster/3645/2f95e62ec15c593170a6e78f89436dad/aHR0cHM6Ly9wb3N0LmJlbWNvbi5jby51ay9yb290LWNhdXNlLWFuYWx5c2lzLXJjYS8
188.114.97.1301 Moved Permanently 0 B URL HTTP/1.1 post.bemcon.co.uk/index.php/mailster/3645/2f95e62ec15c593170a6e78f89436dad/aHR0cHM6Ly9wb3N0LmJlbWNvbi5jby51ay9yb290LWNhdXNlLWFuYWx5c2lzLXJjYS8
IP 188.114.97.1:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Analyzer Verdict Alert fortinet Phishing
GET /index.php/mailster/3645/2f95e62ec15c593170a6e78f89436dad/aHR0cHM6Ly9wb3N0LmJlbWNvbi5jby51ay9yb290LWNhdXNlLWFuYWx5c2lzLXJjYS8 HTTP/1.1
Host: post.bemcon.co.uk
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Upgrade-Insecure-Requests: 1
HTTP/1.1 301 Moved Permanently
Date: Tue, 06 Dec 2022 04:12:06 GMT
Transfer-Encoding: chunked
Connection: keep-alive
Cache-Control: max-age=3600
Expires: Tue, 06 Dec 2022 05:12:06 GMT
Location: https://post.bemcon.co.uk/index.php/mailster/3645/2f95e62ec15c593170a6e78f89436dad/aHR0cHM6Ly9wb3N0LmJlbWNvbi5jby51ay9yb290LWNhdXNlLWFuYWx5c2lzLXJjYS8
Server-Timing: cf-q-config;dur=5.0000089686364e-06
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=8Hp8EmmGFNw096jur4H8%2FXEf5va3MufRLdGUqHU5qrNcXv0aa85EvzXpkX3H73VYD9xCrWeP%2FDKriRHkuf%2FmKH9nQuoHZjd2pDcE2uY4Z%2FRnMM2soFAtYDFurmwNKxIDYt66FQ%3D%3D"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 77522e6d092b1bfe-OSL
alt-svc: h2=":443"; ma=60
r3.o.lencr.org/
23.36.77.32200 OK 503 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash cfec3d7283a9b66d2be426ce54d210f3
808c1feb1ba918951d1928c1f6bfc0c253262774
1bad6c06aa3e88dcbc125fc98a6cb753eb2b18d2c8dd61da21d12209aeeda3f9
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "1BAD6C06AA3E88DCBC125FC98A6CB753EB2B18D2C8DD61DA21D12209AEEDA3F9"
Last-Modified: Sat, 03 Dec 2022 21:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=6171
Expires: Tue, 06 Dec 2022 05:54:57 GMT
Date: Tue, 06 Dec 2022 04:12:06 GMT
Connection: keep-alive
ocsp.digicert.com/
93.184.220.29200 OK 471 B IP 93.184.220.29:0
Hash ee088fab9b287e174cfd1f2c735a909f
25c3335b514a36ad1a24d00413d60c3d394f5161
494e96358ff12366213d7cc0f9197648c6c62ec14fa0d2c78732a683fa26b192
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 3044
Cache-Control: max-age=112197
Content-Type: application/ocsp-response
Date: Tue, 06 Dec 2022 04:12:06 GMT
Etag: "638dc877-1d7"
Expires: Wed, 07 Dec 2022 11:22:03 GMT
Last-Modified: Mon, 05 Dec 2022 10:31:19 GMT
Server: ECS (ska/F707)
X-Cache: HIT
Content-Length: 471
r3.o.lencr.org/
23.36.77.32200 OK 503 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash 1ea206ac3c440825741687351f8c6e4e
2f38dafd8c43dcce2411a0590bc5c02cd6286735
7d7232c8c91bcd18161ba2c9d23e3bff159604e058bd5b3fc1c7fcbcd03a7ee3
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "7D7232C8C91BCD18161BA2C9D23E3BFF159604E058BD5B3FC1C7FCBCD03A7EE3"
Last-Modified: Sat, 03 Dec 2022 21:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=15300
Expires: Tue, 06 Dec 2022 08:27:06 GMT
Date: Tue, 06 Dec 2022 04:12:06 GMT
Connection: keep-alive
ocsp.digicert.com/
93.184.220.29200 OK 280 B IP 93.184.220.29:0
Hash 1d001ac547d07fd76d043d9e3607ec65
b4491cd7ac6b09b7d49f1278fa4250a3d09fc5d9
047408226818b106e519e65474749c921a1e7c5c8655bb95e0dd17c3e163b355
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 4
Cache-Control: max-age=161700
Content-Type: application/ocsp-response
Date: Tue, 06 Dec 2022 04:12:06 GMT
Etag: "638e95b6-118"
Expires: Thu, 08 Dec 2022 01:07:06 GMT
Last-Modified: Tue, 06 Dec 2022 01:07:02 GMT
Server: ECS (ska/F707)
X-Cache: HIT
Content-Length: 280
firefox.settings.services.mozilla.com/v1/
34.102.187.140200 OK 939 B URL HTTP/2 firefox.settings.services.mozilla.com/v1/
IP 34.102.187.140:0
File type JSON data\012- , ASCII text, with very long lines (939), with no line terminators
Hash 14cd9a0afb6ba9a763651d5112760d1e
75d7b104ab9ab11fbb73c3f348b43b0119b5adfa
4e32a117106be587ffcd63239c16a8117eb7840830d4c9decf6527761967532e
GET /v1/ HTTP/1.1
Host: firefox.settings.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
access-control-allow-origin: *
access-control-expose-headers: Content-Length, Alert, Retry-After, Backoff, Content-Type
content-security-policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
content-length: 939
via: 1.1 google
date: Tue, 06 Dec 2022 03:20:21 GMT
cache-control: public,max-age=3600
content-type: application/json
age: 3105
alt-svc: clear
X-Firefox-Spdy: h2
content-signature-2.cdn.mozilla.net/chains/remote-settings.content-signature.mozilla.org-2023-01-19-10-06-33.chain
34.160.144.191200 OK 5.3 kB URL HTTP/2 content-signature-2.cdn.mozilla.net/chains/remote-settings.content-signature.mozilla.org-2023-01-19-10-06-33.chain
IP 34.160.144.191:0
File type PEM certificate\012- , ASCII text
Hash 53341dea33f4f3d9b4966f80589f429a
20f7b07c686c986d2ed1e3e9ad1bb2aef8edaf0d
651683e52cdbc96b289f8f123155f0b96d9f67432689e89156fa56f5a346c6a0
GET /chains/remote-settings.content-signature.mozilla.org-2023-01-19-10-06-33.chain HTTP/1.1
Host: content-signature-2.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
x-amz-id-2: Cko+3nCTn340udcJMGS32EtZ9ZIBppvscV6imv5qFMLwnDHElfqWd/aTS+oJRBDSjelYseznhRM=
x-amz-request-id: K07QER9EB9SBE4NT
content-disposition: attachment
accept-ranges: bytes
server: AmazonS3
content-length: 5348
via: 1.1 google
date: Tue, 06 Dec 2022 03:48:46 GMT
age: 1400
last-modified: Wed, 30 Nov 2022 10:06:34 GMT
etag: "53341dea33f4f3d9b4966f80589f429a"
content-type: binary/octet-stream
cache-control: public,max-age=3600
alt-svc: clear
X-Firefox-Spdy: h2
contile.services.mozilla.com/v1/tiles
34.117.237.239200 OK 12 B URL HTTP/2 contile.services.mozilla.com/v1/tiles
IP 34.117.237.239:0
File type JSON data\012- , ASCII text, with no line terminators
Hash 23e88fb7b99543fb33315b29b1fad9d6
a48926c4ec03c7c8a4e8dffcd31e5a6cdda417ce
7d8f1de8b7de7bc21dfb546a1d0c51bf31f16eee5fad49dbceae1e76da38e5c3
GET /v1/tiles HTTP/1.1
Host: contile.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
date: Tue, 06 Dec 2022 04:12:06 GMT
content-type: application/json
content-length: 12
strict-transport-security: max-age=31536000
via: 1.1 google
alt-svc: clear
X-Firefox-Spdy: h2
firefox.settings.services.mozilla.com/v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US
34.102.187.140200 OK 329 B URL HTTP/2 firefox.settings.services.mozilla.com/v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US
IP 34.102.187.140:0
File type JSON data\012- , ASCII text, with very long lines (329), with no line terminators
Hash 0333b0655111aa68de771adfcc4db243
63f295a144ac87a7c8e23417626724eeca68a7eb
60636eb1dc67c9ed000fe0b49f03777ad6f549cb1d2b9ff010cf198465ae6300
GET /v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US HTTP/1.1
Host: firefox.settings.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/json
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/json
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
access-control-allow-origin: *
access-control-expose-headers: Last-Modified, Retry-After, Cache-Control, Content-Type, Pragma, Backoff, ETag, Expires, Content-Length, Alert
content-security-policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
content-length: 329
via: 1.1 google
date: Tue, 06 Dec 2022 04:08:58 GMT
cache-control: public,max-age=3600
age: 189
last-modified: Fri, 25 Mar 2022 17:45:46 GMT
etag: "1648230346554"
content-type: application/json
alt-svc: clear
X-Firefox-Spdy: h2
ocsp.digicert.com/
93.184.220.29200 OK 280 B IP 93.184.220.29:0
Hash 1d001ac547d07fd76d043d9e3607ec65
b4491cd7ac6b09b7d49f1278fa4250a3d09fc5d9
047408226818b106e519e65474749c921a1e7c5c8655bb95e0dd17c3e163b355
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 5
Cache-Control: max-age=161700
Content-Type: application/ocsp-response
Date: Tue, 06 Dec 2022 04:12:07 GMT
Etag: "638e95b6-118"
Expires: Thu, 08 Dec 2022 01:07:07 GMT
Last-Modified: Tue, 06 Dec 2022 01:07:02 GMT
Server: ECS (ska/F707)
X-Cache: HIT
Content-Length: 280
ocsp.digicert.com/
93.184.220.29200 OK 471 B IP 93.184.220.29:0
Hash 2b9d6a686aa3c4ea24568425e43a5221
d53bb4c9579bd1db78a0520619e888aec79f750f
c38734a8dbe51217d73896c0bf7f5c38c107fd79e0dee24b717f130377e9b5f7
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 2979
Cache-Control: max-age=107064
Content-Type: application/ocsp-response
Date: Tue, 06 Dec 2022 04:12:07 GMT
Etag: "638db4ac-1d7"
Expires: Wed, 07 Dec 2022 09:56:31 GMT
Last-Modified: Mon, 05 Dec 2022 09:06:52 GMT
Server: ECS (ska/F707)
X-Cache: HIT
Content-Length: 471
push.services.mozilla.com/
52.38.139.17101 Switching Protocols 0 B URL HTTP/1.1 push.services.mozilla.com/
IP 52.38.139.17:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET / HTTP/1.1
Host: push.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Sec-WebSocket-Version: 13
Origin: wss://push.services.mozilla.com/
Sec-WebSocket-Protocol: push-notification
Sec-WebSocket-Extensions: permessage-deflate
Sec-WebSocket-Key: 2B87E+EVtcYyC0zTfARsTQ==
Connection: keep-alive, Upgrade
Sec-Fetch-Dest: websocket
Sec-Fetch-Mode: websocket
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
Upgrade: websocket
HTTP/1.1 101 Switching Protocols
Connection: Upgrade
Upgrade: websocket
Sec-WebSocket-Accept: J2D9y2dSrqZhj/dzOqfNDhXzEyo=
ocsp.digicert.com/
93.184.220.29200 OK 279 B IP 93.184.220.29:0
Hash 4faad28b01f7e2b9e51ce9042d1ba384
6f9431e92edc17d355364ca9280ce050ffedb91d
afc9c98e24dcb363d7871f0853c117fcfe80ec4cb75b46ebf20bb5096c7c5976
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 2493
Cache-Control: max-age=97926
Content-Type: application/ocsp-response
Date: Tue, 06 Dec 2022 04:12:08 GMT
Etag: "638d92e1-117"
Expires: Wed, 07 Dec 2022 07:24:14 GMT
Last-Modified: Mon, 05 Dec 2022 06:42:41 GMT
Server: ECS (ska/F707)
X-Cache: HIT
Content-Length: 279
r3.o.lencr.org/
23.36.77.32200 OK 503 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash 83e0936435ad95a15c9ec5ff9520f4fe
a8225ee0d8ae117f977f7ff817c342c62e91b5a9
ef0f5b2ab2055446d4ea8b738f605c3bf835cf72e872d6a9c9a6c9b2917737e7
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "EF0F5B2AB2055446D4EA8B738F605C3BF835CF72E872D6A9C9A6C9B2917737E7"
Last-Modified: Sat, 03 Dec 2022 21:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=15124
Expires: Tue, 06 Dec 2022 08:24:12 GMT
Date: Tue, 06 Dec 2022 04:12:08 GMT
Connection: keep-alive
r3.o.lencr.org/
23.36.77.32200 OK 503 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash 83e0936435ad95a15c9ec5ff9520f4fe
a8225ee0d8ae117f977f7ff817c342c62e91b5a9
ef0f5b2ab2055446d4ea8b738f605c3bf835cf72e872d6a9c9a6c9b2917737e7
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "EF0F5B2AB2055446D4EA8B738F605C3BF835CF72E872D6A9C9A6C9B2917737E7"
Last-Modified: Sat, 03 Dec 2022 21:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=15124
Expires: Tue, 06 Dec 2022 08:24:12 GMT
Date: Tue, 06 Dec 2022 04:12:08 GMT
Connection: keep-alive
r3.o.lencr.org/
23.36.77.32200 OK 503 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash 83e0936435ad95a15c9ec5ff9520f4fe
a8225ee0d8ae117f977f7ff817c342c62e91b5a9
ef0f5b2ab2055446d4ea8b738f605c3bf835cf72e872d6a9c9a6c9b2917737e7
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "EF0F5B2AB2055446D4EA8B738F605C3BF835CF72E872D6A9C9A6C9B2917737E7"
Last-Modified: Sat, 03 Dec 2022 21:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=15124
Expires: Tue, 06 Dec 2022 08:24:12 GMT
Date: Tue, 06 Dec 2022 04:12:08 GMT
Connection: keep-alive
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Faeae6973-c3cb-4597-8dcc-f36e4cd35fda.jpeg
34.120.237.76200 OK 12 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Faeae6973-c3cb-4597-8dcc-f36e4cd35fda.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 5529617b0748f2d8c82ef99c1ac116a8
a862b74508113ae72b56b9b3de0c75ba559b9032
376a82ae4a5b80f59fb746be79bca569b03a74c345845c7bbf15189964b0bb96
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Faeae6973-c3cb-4597-8dcc-f36e4cd35fda.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 11469
x-amzn-requestid: f60a3f0d-38f7-4f82-bdd5-9e31814ab1d9
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: csSuZGAXIAMFwuA=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-638e64c2-5b4b99e779a0aaa71a311a1c;Sampled=0
x-amzn-remapped-date: Mon, 05 Dec 2022 21:38:10 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: bWcuXixVA50JUynSO7ar3nWfjsTa5iOteSYq88bWPlQvz__1qfv7Uw==
via: 1.1 470e3fe246a660ba6ace67a79f78d246.cloudfront.net (CloudFront), 1.1 7eb3b782ab09047ce0d11ee03763894c.cloudfront.net (CloudFront), 1.1 google
date: Mon, 05 Dec 2022 21:41:49 GMT
age: 23419
etag: "a862b74508113ae72b56b9b3de0c75ba559b9032"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fc696fe00-4af0-41c0-a10e-ba5dcc55c22b.jpeg
34.120.237.76200 OK 6.9 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fc696fe00-4af0-41c0-a10e-ba5dcc55c22b.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash f4193f05dfd1de8bf795f433d4387243
b76ea6ae9df756f131ec16b01cdc7ab19b2d01be
b56231f3c788519751528b849a442d5c7ed828ea4ce3321fd629ca27440ea6e3
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fc696fe00-4af0-41c0-a10e-ba5dcc55c22b.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 6920
x-amzn-requestid: 05ec2698-a5ee-4046-be77-0036755f2946
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: csSwaEd-IAMF_-Q=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-638e64cf-783b236b79b1e9ba22098cb2;Sampled=0
x-amzn-remapped-date: Mon, 05 Dec 2022 21:38:23 GMT
x-amz-cf-pop: SEA19-C1, SEA19-C2
x-cache: Miss from cloudfront
x-amz-cf-id: RF_AmYN7VQghDpDX6kEyBEBZtvR8dfLpwuqk75bGpn8q2OMc46lVgA==
via: 1.1 d0387b833e3ca8cb748a1296b4b4bf2a.cloudfront.net (CloudFront), 1.1 a847181d425b7fc57e81eb3c800bfdf2.cloudfront.net (CloudFront), 1.1 google
date: Mon, 05 Dec 2022 21:48:31 GMT
age: 23017
etag: "b76ea6ae9df756f131ec16b01cdc7ab19b2d01be"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F70fb9d31-10e5-4323-9fbd-ed451a00e6b1.jpeg
34.120.237.76200 OK 11 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F70fb9d31-10e5-4323-9fbd-ed451a00e6b1.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 7e1b54923ba506fde6b21c5bfb51ccc8
366aa3ab0790c496ea51bc08d1f2ff3358530d9e
a993ca6dc9a1f854f4542f9221e4f90060825ea863974b5163a9d3e284dc4663
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F70fb9d31-10e5-4323-9fbd-ed451a00e6b1.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 10594
x-amzn-requestid: eee9f193-eef5-44bf-997a-877fa206749e
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: csSyIHpGoAMF1fw=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-638e64da-0a9190f7698dbf2f73bb1575;Sampled=0
x-amzn-remapped-date: Mon, 05 Dec 2022 21:38:34 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: T28mItwomGU8iDJ18lUF7ZrFuyh_P3ZTwUtA4AC5qZ5C5FQurDMgmQ==
via: 1.1 e291f351a18746d40754b367095a2872.cloudfront.net (CloudFront), 1.1 6172bb1a5d00a3b06ae3700570ebe116.cloudfront.net (CloudFront), 1.1 google
date: Mon, 05 Dec 2022 21:54:01 GMT
age: 22687
etag: "366aa3ab0790c496ea51bc08d1f2ff3358530d9e"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F6aff31b2-ef3e-4782-ae28-38f9aee8b1b7.jpeg
34.120.237.76200 OK 6.0 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F6aff31b2-ef3e-4782-ae28-38f9aee8b1b7.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 3801236dc22938e1cc18947e90ea5326
5979d7dc3ba0eb61947282a4adeac8208b4148ae
3bd4eab29590ec3c316597abd2be65281cd9a6137add037ad57c093f1fca12e2
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F6aff31b2-ef3e-4782-ae28-38f9aee8b1b7.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 5995
x-amzn-requestid: 25b34277-c486-4642-aea7-21e0598babc3
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: csSzOGGjoAMF4kw=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-638e64e1-6f43ab8e0c1a5260327bce11;Sampled=0
x-amzn-remapped-date: Mon, 05 Dec 2022 21:38:41 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: YzpOZW9e-54LuSSOigtmFRb0sUGpIRpqZ-UtINp-B_Uzk6lFPnb6dw==
via: 1.1 ddd913fbbe7367d44af4ac06097e7a2a.cloudfront.net (CloudFront), 1.1 1b74ccf4cb51eacf97a0e6d60ae46a3e.cloudfront.net (CloudFront), 1.1 google
date: Mon, 05 Dec 2022 22:25:46 GMT
age: 20782
etag: "5979d7dc3ba0eb61947282a4adeac8208b4148ae"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F9a1b8c21-bea6-4053-8dea-90393eea45b7.jpeg
34.120.237.76200 OK 8.7 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F9a1b8c21-bea6-4053-8dea-90393eea45b7.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 30d72693680b3ac91c0eee4d47a26196
cd923a5a3810bfe86be2eca4b97c739d76756d93
69ca9e172f6b0c5bf158022d533701b89282630deaa0ce7df27ed459c9bfe75e
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F9a1b8c21-bea6-4053-8dea-90393eea45b7.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 8656
x-amzn-requestid: cfc71f7f-d1c6-47c9-8107-864701dbf3c3
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: csSwkEHmIAMFUnw=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-638e64d0-6705510852d26ae24b3e5ea4;Sampled=0
x-amzn-remapped-date: Mon, 05 Dec 2022 21:38:24 GMT
x-amz-cf-pop: SEA19-C1, SEA19-C2
x-cache: Miss from cloudfront
x-amz-cf-id: JVEVoNv1w1lqFYG0M8v2GK92-1MfPxn8SnZv5JZitWWEDuXJ4DwmqQ==
via: 1.1 c9b161639a9353c2354b895548ea9fca.cloudfront.net (CloudFront), 1.1 d6a002c70d55f415107618b0750d493c.cloudfront.net (CloudFront), 1.1 google
date: Mon, 05 Dec 2022 21:48:41 GMT
age: 23007
etag: "cd923a5a3810bfe86be2eca4b97c739d76756d93"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
static.cloudflareinsights.com/beacon.min.js/vaafb692b2aea4879b33c060e79fe94621666317369993
104.16.56.101200 OK 15 kB URL HTTP/2 static.cloudflareinsights.com/beacon.min.js/vaafb692b2aea4879b33c060e79fe94621666317369993
IP 104.16.56.101:0
Hash 8f34f3a8ad66b8c2a9ee1abb0baddca0
8a46f187f197b8adec3af4db9d41ae4447feda72
55773ca531ac152ba867326a1687dc6a4a178a15b55c4f99e2ab3936864c4edf
GET /beacon.min.js/vaafb692b2aea4879b33c060e79fe94621666317369993 HTTP/1.1
Host: static.cloudflareinsights.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://post.bemcon.co.uk
Connection: keep-alive
Referer: https://post.bemcon.co.uk/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Tue, 06 Dec 2022 04:12:08 GMT
content-type: text/javascript;charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=86400
etag: W/2022.10.1
last-modified: Fri, 21 Oct 2022 01:56:09 GMT
cross-origin-resource-policy: cross-origin
vary: Accept-Encoding
server: cloudflare
cf-ray: 77522e7a4c72b51e-OSL
content-encoding: gzip
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
142.250.74.131200 OK 471 B IP 142.250.74.131:0
Hash 4759d6ca26cf8a070066d71b02fac91d
85695e27b097c8d40ea86439854084fc0b3967d3
d20b9793d654c41c562be52e3d5f3840f7bec0db031bda79a42c93959ff88a63
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Tue, 06 Dec 2022 04:12:09 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
apis.google.com/js/platform.js
142.250.74.78200 OK 21 kB URL HTTP/2 apis.google.com/js/platform.js
IP 142.250.74.78:0
File type ASCII text, with very long lines (1279)
Hash 7ac44ef24e267df17ff72f195b252806
62db12d9ce11a576ccd7fa3544d851c5fd42f3b7
aae7897e7b55999c1b3166309381d19ac488dced51e14071339d8b193a686a61
GET /js/platform.js HTTP/1.1
Host: apis.google.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://post.bemcon.co.uk/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
content-type: text/javascript
access-control-allow-origin: *
content-security-policy: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/gapi-team
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="gapi-team"
report-to: {"group":"gapi-team","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/gapi-team"}]}
timing-allow-origin: *
content-length: 20984
date: Tue, 06 Dec 2022 04:12:09 GMT
expires: Tue, 06 Dec 2022 04:12:09 GMT
cache-control: private, max-age=1800, stale-while-revalidate=1800
etag: "7446758f13887885"
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
142.250.74.131200 OK 472 B IP 142.250.74.131:0
Hash ee6bfe50f8e4b9c142f971a55496ac26
8c3fd42aaa7fa3ebdedc4f7b0271b8caae166e64
4582e8e1ada92a279cbc5d82904c7fd27b9d4b95bc06c7a8b3c13168978f0b33
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Tue, 06 Dec 2022 04:12:09 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
apis.google.com/js/api:client.js
142.250.74.78200 OK 6.9 kB URL HTTP/2 apis.google.com/js/api:client.js
IP 142.250.74.78:0
File type ASCII text, with very long lines (2054)
Hash 57452ff36cf896de8e7f40125d00129a
38779421deff168bdde4cf793b784281a9ee2d9b
eb044f47798238906f03a87c3f07a1efe9ab8affdb1bc531730ffa21664565c2
GET /js/api:client.js HTTP/1.1
Host: apis.google.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://post.bemcon.co.uk/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
content-type: text/javascript
access-control-allow-origin: *
content-security-policy: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/gapi-team
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="gapi-team"
report-to: {"group":"gapi-team","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/gapi-team"}]}
timing-allow-origin: *
content-length: 6898
date: Tue, 06 Dec 2022 04:12:09 GMT
expires: Tue, 06 Dec 2022 04:12:09 GMT
cache-control: private, max-age=1800, stale-while-revalidate=1800
etag: "4e9c8979ac3d1c6e"
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
X-Firefox-Early-Data: accepted
apis.google.com/_/scs/abc-static/_/js/k=gapi.lb.en.geaHZXF2-fw.O/m=client/rt=j/sv=1/d=1/ed=1/rs=AHpOoo9yYF5eCIYPx4UH9gpJptM2Q_GGxQ/cb=gapi.loaded_0?le=scs
142.250.74.78200 OK 106 kB URL HTTP/2 apis.google.com/_/scs/abc-static/_/js/k=gapi.lb.en.geaHZXF2-fw.O/m=client/rt=j/sv=1/d=1/ed=1/rs=AHpOoo9yYF5eCIYPx4UH9gpJptM2Q_GGxQ/cb=gapi.loaded_0?le=scs
IP 142.250.74.78:0
File type ASCII text, with very long lines (580)
Size 106 kB (106463 bytes)
Hash 056642971d06b7ae6433c0e55578d574
0fc8c88d5637f11a37b5691e51ad0bb5b413e1b6
2e9bcdc188702121c4d301f134b3edeb7cd279b23673550c28226468109523dd
GET /_/scs/abc-static/_/js/k=gapi.lb.en.geaHZXF2-fw.O/m=client/rt=j/sv=1/d=1/ed=1/rs=AHpOoo9yYF5eCIYPx4UH9gpJptM2Q_GGxQ/cb=gapi.loaded_0?le=scs HTTP/1.1
Host: apis.google.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://post.bemcon.co.uk/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/social-frontend-mpm-access
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="social-frontend-mpm-access"
report-to: {"group":"social-frontend-mpm-access","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/social-frontend-mpm-access"}]}
content-length: 106463
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Thu, 01 Dec 2022 09:42:44 GMT
expires: Fri, 01 Dec 2023 09:42:44 GMT
cache-control: public, max-age=31536000
age: 412165
last-modified: Tue, 01 Nov 2022 15:24:55 GMT
content-type: text/javascript; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
142.250.74.131200 OK 471 B IP 142.250.74.131:0
Hash cd4f7adad3fe34548fa20fc8bcd9dfb8
89d9e0523fd6141bb3599dfe631af767a48ce10a
988b706c3c6accc138214ba147bfb17b01ae8ae34c98e3d6ded4e5340b63fa27
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Tue, 06 Dec 2022 04:12:09 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.pki.goog/gts1c3
142.250.74.131200 OK 773 B IP 142.250.74.131:0
File type gzip compressed data, max compression\012- data
Hash e0e0f51106ff47f27850522640e9123d
4e20a60ff2f60899f8e293604d0bb279fd84b4c3
1b6e5c8fba1c6aedde7a234d96b5812b72388a1ea961442f9d0bcb1b8b63a749
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Tue, 06 Dec 2022 04:12:09 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
www.googletagmanager.com/gtag/js?id=G-94998W1T93
172.217.21.168200 OK 76 kB URL HTTP/2 www.googletagmanager.com/gtag/js?id=G-94998W1T93
IP 172.217.21.168:0
File type ASCII text, with very long lines (20080)
Hash 2519e903c2fe7c4da5243263da8a861a
f7aa86468a060ed756bf7ac114d4b47d908887a5
a9d2bd1603348375bf6dc8199275156c582bd387aff8c5b494c37bb3847e6ad8
GET /gtag/js?id=G-94998W1T93 HTTP/1.1
Host: www.googletagmanager.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://post.bemcon.co.uk/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
content-encoding: br
vary: Accept-Encoding
date: Tue, 06 Dec 2022 04:12:09 GMT
expires: Tue, 06 Dec 2022 04:12:09 GMT
cache-control: private, max-age=900
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
server: Google Tag Manager
content-length: 76331
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
142.250.74.131200 OK 472 B IP 142.250.74.131:0
Hash 3ba864a4daffd79d4639e98e35cf5a8f
4e2dfdbff3ce773c1c39031bdf854e2b0a31131c
73a684466e34cc6ab4250dbab0c6afb73a92c4239e37076020b9e1c446b69b7e
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Tue, 06 Dec 2022 04:12:09 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
www.google-analytics.com/analytics.js
142.250.74.110200 OK 20 kB URL HTTP/2 www.google-analytics.com/analytics.js
IP 142.250.74.110:0
File type ASCII text, with very long lines (1325)
Hash 47e6f374ca946fddd5b59871b325736c
baa9282efc8785e84d247c3bff518eaa45f101c4
16580b5c87c58e5702e411f1888fdef511094e4cd6d62bb47d16291ffb25985e
GET /analytics.js HTTP/1.1
Host: www.google-analytics.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://post.bemcon.co.uk/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
strict-transport-security: max-age=10886400; includeSubDomains; preload
x-content-type-options: nosniff
vary: Accept-Encoding
content-encoding: gzip
cross-origin-resource-policy: cross-origin
server: Golfe2
content-length: 20039
date: Tue, 06 Dec 2022 02:41:08 GMT
expires: Tue, 06 Dec 2022 04:41:08 GMT
cache-control: public, max-age=7200
age: 5462
last-modified: Tue, 27 Sep 2022 22:01:05 GMT
content-type: text/javascript
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
142.250.74.131200 OK 472 B IP 142.250.74.131:0
Hash 7dfb548d8f8a99d32050803775fad5d6
8b47999a01db7c2217d76a1cec576809a229cf1b
68dd2a1e5a0002f4d25d3b5884ab55bc6b5a91e38f6dc464c4261b19c6e5887e
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Tue, 06 Dec 2022 04:12:10 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ajax.googleapis.com/ajax/libs/webfont/1.6.26/webfont.js?ver=1.2.53.0
142.250.74.170200 OK 5.4 kB URL HTTP/2 ajax.googleapis.com/ajax/libs/webfont/1.6.26/webfont.js?ver=1.2.53.0
IP 142.250.74.170:0
File type ASCII text, with very long lines (2134)
Hash 30ca3165d143baf2835023bfcf463450
62c662c0873b79a314c040fef28dcd29abb14480
4f405d00e8ced09d5826e3e070b7e4d3f3556f856ca790b0b4a2c2eaaf58d33b
GET /ajax/libs/webfont/1.6.26/webfont.js?ver=1.2.53.0 HTTP/1.1
Host: ajax.googleapis.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://post.bemcon.co.uk/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/hosted-libraries-pushers
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="hosted-libraries-pushers"
report-to: {"group":"hosted-libraries-pushers","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/hosted-libraries-pushers"}]}
timing-allow-origin: *
content-length: 5437
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Tue, 29 Nov 2022 12:25:47 GMT
expires: Wed, 29 Nov 2023 12:25:47 GMT
cache-control: public, max-age=31536000, stale-while-revalidate=2592000
age: 575183
last-modified: Tue, 03 Mar 2020 19:15:00 GMT
content-type: text/javascript; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
142.250.74.131200 OK 472 B IP 142.250.74.131:0
Hash c10bc583c46449dc192a809398b4e814
ff0f7ad905d32d7f3d01e4054552d0ad551503a5
defd2b2559e55c9c6c0f8be9b23c53c4e781a736feae3dd73b4d203b69cfcc57
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Tue, 06 Dec 2022 04:12:10 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.pki.goog/gts1c3
142.250.74.131200 OK 472 B IP 142.250.74.131:0
Hash e24f2da4ed2e3cd07b0999a67550d634
6e2277e734fd0015849c3554dd2cf2ae289c2cf2
74dc14d7d9ba8bba4a162680e59801af1d7c2995639df51f32ff2f3d4d0b0051
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Tue, 06 Dec 2022 04:12:10 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.pki.goog/gts1c3
142.250.74.131200 OK 472 B IP 142.250.74.131:0
Hash e24f2da4ed2e3cd07b0999a67550d634
6e2277e734fd0015849c3554dd2cf2ae289c2cf2
74dc14d7d9ba8bba4a162680e59801af1d7c2995639df51f32ff2f3d4d0b0051
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Tue, 06 Dec 2022 04:12:10 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
fonts.gstatic.com/s/googlesans/v14/4UabrENHsxJlGDuGo1OIlLU94YtzCwM.ttf
216.58.207.227200 OK 27 kB URL HTTP/2 fonts.gstatic.com/s/googlesans/v14/4UabrENHsxJlGDuGo1OIlLU94YtzCwM.ttf
IP 216.58.207.227:0
File type TrueType Font data, 17 tables, 1st "GDEF", 7 names, Microsoft, language 0x409, Copyright 2015 Google LLC. All Rights Reserved.Google Sans MediumRegularGoogle;GoogleSans-Medium\012- data
Hash 48d399faaa696e710b9d841b934461e2
8b867014ac0ae0a2b81a55f171deede8336a496f
c905a4d23caf1f95d96c244084f15336fba5f65b74de870ec5c2be878410625d
GET /s/googlesans/v14/4UabrENHsxJlGDuGo1OIlLU94YtzCwM.ttf HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://accounts.google.com
Connection: keep-alive
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 27431
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Fri, 02 Dec 2022 17:49:32 GMT
expires: Sat, 02 Dec 2023 17:49:32 GMT
cache-control: public, max-age=31536000
age: 296558
last-modified: Mon, 22 Apr 2019 23:43:31 GMT
content-type: font/ttf
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
fonts.gstatic.com/s/googlesans/v14/4UaGrENHsxJlGDuGo1OIlL3Owps.ttf
216.58.207.227200 OK 27 kB URL HTTP/2 fonts.gstatic.com/s/googlesans/v14/4UaGrENHsxJlGDuGo1OIlL3Owps.ttf
IP 216.58.207.227:0
File type TrueType Font data, 17 tables, 1st "GDEF", 7 names, Microsoft, language 0x409, Copyright 2015 Google LLC. All Rights Reserved.Google SansRegularGoogle;GoogleSans-RegularGoogle\012- data
Hash 097c4b560f821fb05c628abb70fab199
4650bf1244b6cba45b222aa269c96ad8ea95ab42
a9bd7cfb72481bd844fa2e3cd4019c8b2ab2a232b50cabe62f8d9483e284f672
GET /s/googlesans/v14/4UaGrENHsxJlGDuGo1OIlL3Owps.ttf HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://accounts.google.com
Connection: keep-alive
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 27191
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Fri, 02 Dec 2022 17:49:31 GMT
expires: Sat, 02 Dec 2023 17:49:31 GMT
cache-control: public, max-age=31536000
age: 296559
last-modified: Mon, 22 Apr 2019 23:42:54 GMT
content-type: font/ttf
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
142.250.74.131200 OK 472 B IP 142.250.74.131:0
Hash e24f2da4ed2e3cd07b0999a67550d634
6e2277e734fd0015849c3554dd2cf2ae289c2cf2
74dc14d7d9ba8bba4a162680e59801af1d7c2995639df51f32ff2f3d4d0b0051
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Tue, 06 Dec 2022 04:12:10 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
region1.google-analytics.com/g/collect?v=2&tid=G-94998W1T93>m=2oebu0&_p=1845727814&cid=1108594418.1670299927&ul=en-us&sr=1280x1024&_s=1&sid=1670299927&sct=1&seg=0&dl=https%3A%2F%2Fpost.bemcon.co.uk%2Froot-cause-analysis-rca%2F&dt=Root%20Cause%20Analysis%20(RCA)%20-%20BEMCON&en=page_view&_fv=1&_nsi=1&_ss=1&_ee=1
216.239.34.36204 No Content 0 B URL HTTP/2 region1.google-analytics.com/g/collect?v=2&tid=G-94998W1T93>m=2oebu0&_p=1845727814&cid=1108594418.1670299927&ul=en-us&sr=1280x1024&_s=1&sid=1670299927&sct=1&seg=0&dl=https%3A%2F%2Fpost.bemcon.co.uk%2Froot-cause-analysis-rca%2F&dt=Root%20Cause%20Analysis%20(RCA)%20-%20BEMCON&en=page_view&_fv=1&_nsi=1&_ss=1&_ee=1
IP 216.239.34.36:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
POST /g/collect?v=2&tid=G-94998W1T93>m=2oebu0&_p=1845727814&cid=1108594418.1670299927&ul=en-us&sr=1280x1024&_s=1&sid=1670299927&sct=1&seg=0&dl=https%3A%2F%2Fpost.bemcon.co.uk%2Froot-cause-analysis-rca%2F&dt=Root%20Cause%20Analysis%20(RCA)%20-%20BEMCON&en=page_view&_fv=1&_nsi=1&_ss=1&_ee=1 HTTP/1.1
Host: region1.google-analytics.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://post.bemcon.co.uk
Connection: keep-alive
Referer: https://post.bemcon.co.uk/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Content-Length: 0
HTTP/2 204 No Content
access-control-allow-origin: https://post.bemcon.co.uk
date: Tue, 06 Dec 2022 04:12:10 GMT
pragma: no-cache
expires: Fri, 01 Jan 1990 00:00:00 GMT
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
content-type: text/plain
cross-origin-resource-policy: cross-origin
server: Golfe2
content-length: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
post.bemcon.co.uk/root-cause-analysis-rca/
188.114.96.1200 OK 22 kB URL HTTP/2 post.bemcon.co.uk/root-cause-analysis-rca/
IP 188.114.96.1:0
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, Unicode text, UTF-8 text, with very long lines (16084)
Hash 0e6a1cf3291f08c3d9452357f3e70b42
3f521e033a21f91c1ef78ece2a8d3cea1dcaf499
580a614fe7b93a2b279fa83fd7e233552ed71c1a000bbd16b80da602ca683b0c
Analyzer Verdict Alert fortinet Phishing
GET /root-cause-analysis-rca/ HTTP/1.1
Host: post.bemcon.co.uk
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Cookie: mailster=2f95e62ec15c593170a6e78f89436dad; _lscache_vary=0ecd605272207d647f0e0abe9c8f5436; __cf_bm=k0RHtuogg7Q.SiLLtBkkaN4VLOydeuZ52LAqY65OGEQ-1670299929-0-AQj6mnWefyvAfCLheHauSBvzfZVb0e06y8PDKcrMvo5r2InqazXZmHxzbYngaYV1V2jOlPUhwEErocz38a2YVLxVR/bUt4G7JQBufvkGyavM58EB/krMFxaQwiWzVoRkxVmAz2f8EWzb8ralsDbX0B8=
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
date: Tue, 06 Dec 2022 04:12:11 GMT
content-type: text/html; charset=UTF-8
x-dns-prefetch-control: on
link: <https://post.bemcon.co.uk/wp-json/>; rel="https://api.w.org/", <https://post.bemcon.co.uk/wp-json/wp/v2/posts/3386>; rel="alternate"; type="application/json", <https://post.bemcon.co.uk/?p=3386>; rel=shortlink
x-litespeed-cache-control: public,max-age=604800
x-litespeed-tag: a67_HTTP.200,a67_post,a67_URL.ad63ca643cf2c62b95b4cf584d195800,a67_Po.3386,a67_
x-litespeed-cache: miss
vary: Accept-Encoding,User-Agent,User-Agent
x-content-type-options: nosniff
x-turbo-charged-by: LiteSpeed
cf-cache-status: DYNAMIC
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=xDcNNkfYeAZqNeawvXMHPvfPpsx5yoHGePsKCCFZR3xeMjQRtuvuz%2FjWTLIwZpH%2BwM1WSXVVNJnqOp2rQwkEe5MB6cnVjfzFNqFerazUdvadQUUEOJHb1I2GLOOxwF77HzSt8g%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 77522e7dca58b515-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
X-Firefox-Early-Data: accepted
post.bemcon.co.uk/wp-content/uploads/2020/08/Maddy-Bhatti-Circle.jpg.webp
188.114.96.1200 OK 30 kB URL HTTP/2 post.bemcon.co.uk/wp-content/uploads/2020/08/Maddy-Bhatti-Circle.jpg.webp
IP 188.114.96.1:0
File type RIFF (little-endian) data, Web/P image, VP8 encoding, 512x517, Scaling: [none]x[none], YUV color, decoders should clamp\012- data
Hash 3b7109ff8b5c4c881ff8f63d8ba01e33
135be0f999ca73baa65bf7dd2637357233fca48b
4474b1abb75e3c3b10b3aed5ca0ebc27c6bc9a84b1aaacf479d22241af349dcd
Analyzer Verdict Alert fortinet Phishing
GET /wp-content/uploads/2020/08/Maddy-Bhatti-Circle.jpg.webp HTTP/1.1
Host: post.bemcon.co.uk
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://post.bemcon.co.uk/root-cause-analysis-rca/
Cookie: mailster=2f95e62ec15c593170a6e78f89436dad; _lscache_vary=0ecd605272207d647f0e0abe9c8f5436; __cf_bm=k0RHtuogg7Q.SiLLtBkkaN4VLOydeuZ52LAqY65OGEQ-1670299929-0-AQj6mnWefyvAfCLheHauSBvzfZVb0e06y8PDKcrMvo5r2InqazXZmHxzbYngaYV1V2jOlPUhwEErocz38a2YVLxVR/bUt4G7JQBufvkGyavM58EB/krMFxaQwiWzVoRkxVmAz2f8EWzb8ralsDbX0B8=; _ga_94998W1T93=GS1.1.1670299927.1.0.1670299927.0.0.0; _ga=GA1.3.1108594418.1670299927; _gid=GA1.3.1984919085.1670299927; _gat_gtag_UA_117111585_4=1
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
date: Tue, 06 Dec 2022 04:12:11 GMT
content-type: image/webp
content-length: 29670
cache-control: public, max-age=31557600
expires: Tue, 05 Dec 2023 11:55:34 GMT
last-modified: Mon, 28 Nov 2022 14:24:45 GMT
vary: User-Agent,User-Agent, Accept-Encoding
x-content-type-options: nosniff
x-turbo-charged-by: LiteSpeed
cf-cache-status: HIT
age: 63741
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=4qggpFkXDjz7oMrQEDnB%2BOVszJRHkmAKO0PuS5QhH40qHX6PPw2AlXxcnAQ453H0BqVagAY8D9%2BrIIf4qWZCUGWWFSlQLaazDC9daoWNmMNLjNxqA17mHBZMqWqLE4YUADoQRw%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 77522e8a6ea8b515-OSL
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
post.bemcon.co.uk/wp-content/litespeed/css/b9549e7bb230bc4262351808373f6321.css?ver=f6321
188.114.96.1200 OK 12 kB URL HTTP/2 post.bemcon.co.uk/wp-content/litespeed/css/b9549e7bb230bc4262351808373f6321.css?ver=f6321
IP 188.114.96.1:0
File type ASCII text, with very long lines (38281), with no line terminators
Hash 288de21e2a9088f5ec6e3214d083c152
383d232d8ebb92afba1b7e23ada15886bb0fb90f
5b8f684b6d7253021644db98aba77568aeb65b4ad9739d2a8228bcd453cc66c8
Analyzer Verdict Alert fortinet Phishing
GET /wp-content/litespeed/css/b9549e7bb230bc4262351808373f6321.css?ver=f6321 HTTP/1.1
Host: post.bemcon.co.uk
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://post.bemcon.co.uk/root-cause-analysis-rca/
Cookie: mailster=2f95e62ec15c593170a6e78f89436dad; _lscache_vary=0ecd605272207d647f0e0abe9c8f5436; __cf_bm=k0RHtuogg7Q.SiLLtBkkaN4VLOydeuZ52LAqY65OGEQ-1670299929-0-AQj6mnWefyvAfCLheHauSBvzfZVb0e06y8PDKcrMvo5r2InqazXZmHxzbYngaYV1V2jOlPUhwEErocz38a2YVLxVR/bUt4G7JQBufvkGyavM58EB/krMFxaQwiWzVoRkxVmAz2f8EWzb8ralsDbX0B8=; _ga_94998W1T93=GS1.1.1670299927.1.0.1670299927.0.0.0; _ga=GA1.3.1108594418.1670299927; _gid=GA1.3.1984919085.1670299927; _gat_gtag_UA_117111585_4=1
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
date: Tue, 06 Dec 2022 04:12:11 GMT
content-type: text/css
cache-control: public, max-age=31557600
cf-bgj: minify
cf-polished: origSize=38303
expires: Tue, 28 Nov 2023 19:44:17 GMT
last-modified: Mon, 28 Nov 2022 13:44:09 GMT
vary: Accept-Encoding,User-Agent,User-Agent
x-content-type-options: nosniff
x-turbo-charged-by: LiteSpeed
cf-cache-status: HIT
age: 63742
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=%2BE5O%2Bbl7NvWyasW%2BvTO89PMuqk%2F9G3KpwmkYY8VK0VcpjyYi%2BvVBL1Ms3L%2B1%2BoV%2FJ2T21VHu4oLRUoOjJm%2FuDS5e0dIwsk%2BeeobSx%2FfkG3fnwgoflJVM9YiKuZLsOOHFk6BJtw%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 77522e8a1e78b515-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
post.bemcon.co.uk/wp-content/uploads/2021/02/Nesrine-Rouissi.jpg
188.114.96.1200 OK 21 kB URL HTTP/2 post.bemcon.co.uk/wp-content/uploads/2021/02/Nesrine-Rouissi.jpg
IP 188.114.96.1:0
File type JPEG image data, baseline, precision 8, 400x400, components 3\012- data
Hash 4f942604552e6a75d38c55a4b412eccf
3eed88e3716c2bcc753a75a9d5a295cdf0a62dd5
223efcba29ad423cb7fd3807d1bac18d0efc74a58d4120fa47e05a687e02dc73
GET /wp-content/uploads/2021/02/Nesrine-Rouissi.jpg HTTP/1.1
Host: post.bemcon.co.uk
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://post.bemcon.co.uk/root-cause-analysis-rca/
Cookie: mailster=2f95e62ec15c593170a6e78f89436dad; _lscache_vary=0ecd605272207d647f0e0abe9c8f5436; __cf_bm=k0RHtuogg7Q.SiLLtBkkaN4VLOydeuZ52LAqY65OGEQ-1670299929-0-AQj6mnWefyvAfCLheHauSBvzfZVb0e06y8PDKcrMvo5r2InqazXZmHxzbYngaYV1V2jOlPUhwEErocz38a2YVLxVR/bUt4G7JQBufvkGyavM58EB/krMFxaQwiWzVoRkxVmAz2f8EWzb8ralsDbX0B8=; _ga_94998W1T93=GS1.1.1670299927.1.0.1670299927.0.0.0; _ga=GA1.3.1108594418.1670299927; _gid=GA1.3.1984919085.1670299927; _gat_gtag_UA_117111585_4=1
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
date: Tue, 06 Dec 2022 04:12:11 GMT
content-type: image/jpeg
content-length: 20932
cache-control: public, max-age=31557600
expires: Tue, 05 Dec 2023 19:46:26 GMT
last-modified: Mon, 28 Nov 2022 14:27:46 GMT
vary: User-Agent,User-Agent, Accept-Encoding
x-content-type-options: nosniff
x-turbo-charged-by: LiteSpeed
cf-cache-status: HIT
age: 51901
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=nqQtUrfw4FjxpQ%2BFs%2BOLM6%2B9YHMmZBJFhvqPsVVi5IR5QjOmQgbTDWZ9IpXnHh4MX%2FXh1ioowwxPrLZ3Y7s%2B69Z0VNNmFJups8mzTf9m8VXf1TzGv7e4uHLZFkoVb6LBXIamhw%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 77522e8a7eaab515-OSL
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
post.bemcon.co.uk/wp-content/uploads/2020/08/Shah-Moon-Logo.jpg.webp
188.114.96.1200 OK 35 kB URL HTTP/2 post.bemcon.co.uk/wp-content/uploads/2020/08/Shah-Moon-Logo.jpg.webp
IP 188.114.96.1:0
File type RIFF (little-endian) data, Web/P image, VP8 encoding, 512x512, Scaling: [none]x[none], YUV color, decoders should clamp\012- data
Hash 95a3eba59006fa735264b27945d9254c
be6b806d99d1a9e4a25660895447f4627b1beed8
6f3f3bf15da0e54d95fe812d0dd8d015ec4fc932b881ea3fa481910cc78d53df
Analyzer Verdict Alert fortinet Phishing
GET /wp-content/uploads/2020/08/Shah-Moon-Logo.jpg.webp HTTP/1.1
Host: post.bemcon.co.uk
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://post.bemcon.co.uk/root-cause-analysis-rca/
Cookie: mailster=2f95e62ec15c593170a6e78f89436dad; _lscache_vary=0ecd605272207d647f0e0abe9c8f5436; __cf_bm=k0RHtuogg7Q.SiLLtBkkaN4VLOydeuZ52LAqY65OGEQ-1670299929-0-AQj6mnWefyvAfCLheHauSBvzfZVb0e06y8PDKcrMvo5r2InqazXZmHxzbYngaYV1V2jOlPUhwEErocz38a2YVLxVR/bUt4G7JQBufvkGyavM58EB/krMFxaQwiWzVoRkxVmAz2f8EWzb8ralsDbX0B8=; _ga_94998W1T93=GS1.1.1670299927.1.0.1670299927.0.0.0; _ga=GA1.3.1108594418.1670299927; _gid=GA1.3.1984919085.1670299927; _gat_gtag_UA_117111585_4=1
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
date: Tue, 06 Dec 2022 04:12:11 GMT
content-type: image/webp
content-length: 35366
cache-control: public, max-age=31557600
expires: Tue, 05 Dec 2023 11:55:35 GMT
last-modified: Mon, 28 Nov 2022 14:07:23 GMT
vary: User-Agent,User-Agent, Accept-Encoding
x-content-type-options: nosniff
x-turbo-charged-by: LiteSpeed
cf-cache-status: HIT
age: 63742
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=o3MFn5pmNTkFHKcFnPeU4nCiGVXhDAighg8X5PHhyMR6CWANBKpuaELJcoiPatufJKlXoOVoDyJMGcKjQUopyMmbdmKVPz%2B8bcWIl7FEL1Ay4U9Jvl5kXXR5gneo3nGa0s01MA%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 77522e8a7eacb515-OSL
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
post.bemcon.co.uk/wp-content/litespeed/css/3729ab327e496e5367324bdbe0528493.css?ver=28493
188.114.96.1200 OK 76 kB URL HTTP/2 post.bemcon.co.uk/wp-content/litespeed/css/3729ab327e496e5367324bdbe0528493.css?ver=28493
IP 188.114.96.1:0
File type ASCII text, with no line terminators
Hash ec154a0f3430fe45bce498cc86f567ff
2c9aad7f96f9966c63d38b2d095b0b471984484b
11b5fe6fd8a08e5ef6f8b7f9cfe249860b523e896cd651d339944f736ca30e06
Analyzer Verdict Alert fortinet Phishing
GET /wp-content/litespeed/css/3729ab327e496e5367324bdbe0528493.css?ver=28493 HTTP/1.1
Host: post.bemcon.co.uk
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://post.bemcon.co.uk/root-cause-analysis-rca/
Cookie: mailster=2f95e62ec15c593170a6e78f89436dad; _lscache_vary=0ecd605272207d647f0e0abe9c8f5436; __cf_bm=k0RHtuogg7Q.SiLLtBkkaN4VLOydeuZ52LAqY65OGEQ-1670299929-0-AQj6mnWefyvAfCLheHauSBvzfZVb0e06y8PDKcrMvo5r2InqazXZmHxzbYngaYV1V2jOlPUhwEErocz38a2YVLxVR/bUt4G7JQBufvkGyavM58EB/krMFxaQwiWzVoRkxVmAz2f8EWzb8ralsDbX0B8=; _ga_94998W1T93=GS1.1.1670299927.1.0.1670299927.0.0.0; _ga=GA1.3.1108594418.1670299927; _gid=GA1.3.1984919085.1670299927; _gat_gtag_UA_117111585_4=1
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
date: Tue, 06 Dec 2022 04:12:11 GMT
content-type: text/css
cache-control: public, max-age=31557600
cf-bgj: minify
cf-polished: origSize=217
expires: Tue, 28 Nov 2023 19:44:17 GMT
last-modified: Mon, 28 Nov 2022 13:44:09 GMT
vary: Accept-Encoding,User-Agent,User-Agent
x-content-type-options: nosniff
x-turbo-charged-by: LiteSpeed
cf-cache-status: HIT
age: 63742
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=WPSrgnvD4CT12RSe%2BEec6DTTqxgXVsf6vjRQDuvjju%2FmcSRjkvdAkaAkhQSzuUiCySAUWTw5uHhPTm6uXUpfCRKds1pox89kiYCVHz1QGZYW81REY5NTenuVrwkzu6rel5USMg%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 77522e8a2e80b515-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
static.cloudflareinsights.com/beacon.min.js/vaafb692b2aea4879b33c060e79fe94621666317369993
104.16.56.101200 OK 83 kB URL HTTP/2 static.cloudflareinsights.com/beacon.min.js/vaafb692b2aea4879b33c060e79fe94621666317369993
IP 104.16.56.101:0
Hash 639e143c5334d75bea3d91e5575ad224
194e21c656e0f1a098464777edad369c3397ab5a
df03522d196a566126d60b5e0a9edf3b7b944dc6026baded69db51196bb4e04f
GET /beacon.min.js/vaafb692b2aea4879b33c060e79fe94621666317369993 HTTP/1.1
Host: static.cloudflareinsights.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://post.bemcon.co.uk
Connection: keep-alive
Referer: https://post.bemcon.co.uk/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
date: Tue, 06 Dec 2022 04:12:11 GMT
content-type: text/javascript;charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=86400
etag: W/2022.10.1
last-modified: Fri, 21 Oct 2022 01:56:09 GMT
cross-origin-resource-policy: cross-origin
vary: Accept-Encoding
server: cloudflare
cf-ray: 77522e8afd35b517-OSL
content-encoding: gzip
X-Firefox-Spdy: h2
post.bemcon.co.uk/wp-content/litespeed/js/6676b27a63cb2a19b79982be5c6f6cbd.js?ver=f6cbd
188.114.96.1200 OK 32 kB URL HTTP/2 post.bemcon.co.uk/wp-content/litespeed/js/6676b27a63cb2a19b79982be5c6f6cbd.js?ver=f6cbd
IP 188.114.96.1:0
File type ASCII text, with very long lines (3721), with no line terminators
Hash 2e1919ad150f2bcdd1adae5446e8099c
e1a206d752d56c361f930a17a919162d6760d7e1
9c56730187a409a43b87f30b9c822bfd9fd342b449eccb5eed64519086a49fd0
GET /wp-content/litespeed/js/6676b27a63cb2a19b79982be5c6f6cbd.js?ver=f6cbd HTTP/1.1
Host: post.bemcon.co.uk
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://post.bemcon.co.uk/root-cause-analysis-rca/
Cookie: mailster=2f95e62ec15c593170a6e78f89436dad; _lscache_vary=0ecd605272207d647f0e0abe9c8f5436; __cf_bm=k0RHtuogg7Q.SiLLtBkkaN4VLOydeuZ52LAqY65OGEQ-1670299929-0-AQj6mnWefyvAfCLheHauSBvzfZVb0e06y8PDKcrMvo5r2InqazXZmHxzbYngaYV1V2jOlPUhwEErocz38a2YVLxVR/bUt4G7JQBufvkGyavM58EB/krMFxaQwiWzVoRkxVmAz2f8EWzb8ralsDbX0B8=; _ga_94998W1T93=GS1.1.1670299927.1.0.1670299927.0.0.0; _ga=GA1.3.1108594418.1670299927; _gid=GA1.3.1984919085.1670299927; _gat_gtag_UA_117111585_4=1
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
date: Tue, 06 Dec 2022 04:12:11 GMT
content-type: application/javascript
cache-control: public, max-age=31557600
cf-bgj: minify
cf-polished: origSize=3722
expires: Sat, 02 Dec 2023 12:45:41 GMT
last-modified: Fri, 02 Dec 2022 02:31:49 GMT
vary: Accept-Encoding,User-Agent,User-Agent
x-content-type-options: nosniff
x-turbo-charged-by: LiteSpeed
cf-cache-status: HIT
age: 63742
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=sGru%2F7xaLbcYCHKS09k6Zv4E08B6CCvJDZOa1liPp%2BPIT3QBboJfRzegs%2BWbqTdMBRDEfSbWhY7wM7%2Fmje93mUPQoqbUp2gxzS4wEFORgbdHtO8z3OkcdahZhupCIDiNRE2RzA%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 77522e8aeef3b515-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
post.bemcon.co.uk/wp-content/litespeed/js/52b9061467ea839c18eac5c92d70810e.js?ver=0810e
188.114.96.1200 OK 33 kB URL HTTP/2 post.bemcon.co.uk/wp-content/litespeed/js/52b9061467ea839c18eac5c92d70810e.js?ver=0810e
IP 188.114.96.1:0
File type ASCII text, with very long lines (43138), with no line terminators
Hash 6c77151fa89de72f96a3c4a49f3b5b12
11a01ea11648f688bed83caf95d1f2741bdfc80d
649cab45d642c7a4681afeb984ca8237142eef7c90ccb4d4bb889635a02b2d31
GET /wp-content/litespeed/js/52b9061467ea839c18eac5c92d70810e.js?ver=0810e HTTP/1.1
Host: post.bemcon.co.uk
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://post.bemcon.co.uk/root-cause-analysis-rca/
Cookie: mailster=2f95e62ec15c593170a6e78f89436dad; _lscache_vary=0ecd605272207d647f0e0abe9c8f5436; __cf_bm=k0RHtuogg7Q.SiLLtBkkaN4VLOydeuZ52LAqY65OGEQ-1670299929-0-AQj6mnWefyvAfCLheHauSBvzfZVb0e06y8PDKcrMvo5r2InqazXZmHxzbYngaYV1V2jOlPUhwEErocz38a2YVLxVR/bUt4G7JQBufvkGyavM58EB/krMFxaQwiWzVoRkxVmAz2f8EWzb8ralsDbX0B8=; _ga_94998W1T93=GS1.1.1670299927.1.0.1670299927.0.0.0; _ga=GA1.3.1108594418.1670299927; _gid=GA1.3.1984919085.1670299927; _gat_gtag_UA_117111585_4=1
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
date: Tue, 06 Dec 2022 04:12:11 GMT
content-type: application/javascript
cache-control: public, max-age=31557600
cf-bgj: minify
cf-polished: origSize=43142
expires: Thu, 30 Nov 2023 06:55:27 GMT
last-modified: Tue, 29 Nov 2022 20:49:28 GMT
vary: Accept-Encoding,User-Agent,User-Agent
x-content-type-options: nosniff
x-turbo-charged-by: LiteSpeed
cf-cache-status: HIT
age: 63742
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=fCM%2B5JcF%2BuwuJHbFfr3Slf9CfQ0Jfz4smrwgHsMma09SWOuEYFsVe04HapY5o7BxeaC8SFT0kw4NrxWJbUNOYqdNHtTUOrzfDK3f3GG4e4UT6YDUnDbdBpUZzk3rFcDudZA%2F5g%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 77522e8aeef2b515-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
fonts.gstatic.com/s/raleway/v28/1Ptug8zYS_SKggPNyC0ITw.woff2
216.58.207.227200 OK 46 kB URL HTTP/2 fonts.gstatic.com/s/raleway/v28/1Ptug8zYS_SKggPNyC0ITw.woff2
IP 216.58.207.227:0
File type Web Open Font Format (Version 2), TrueType, length 46524, version 1.0\012- data
Hash c1fd378f54921c75e4ae1821e7b8fff6
2ce96e97783b2f154d07f4464ca6f8eb2469f2c1
405ceee1c2f5c31f1cb94ebc63d49a43fddd1471c2c7401a01c7c11bb1d93826
GET /s/raleway/v28/1Ptug8zYS_SKggPNyC0ITw.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://post.bemcon.co.uk
Connection: keep-alive
Referer: https://fonts.googleapis.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 46524
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Mon, 05 Dec 2022 21:08:51 GMT
expires: Tue, 05 Dec 2023 21:08:51 GMT
cache-control: public, max-age=31536000
age: 25400
last-modified: Mon, 18 Jul 2022 19:58:01 GMT
content-type: font/woff2
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
fonts.gstatic.com/s/raleway/v28/1Ptug8zYS_SKggPNyC0ITw.woff2
216.58.207.227200 OK 46 kB URL HTTP/2 fonts.gstatic.com/s/raleway/v28/1Ptug8zYS_SKggPNyC0ITw.woff2
IP 216.58.207.227:0
File type Web Open Font Format (Version 2), TrueType, length 46524, version 1.0\012- data
Hash c1fd378f54921c75e4ae1821e7b8fff6
2ce96e97783b2f154d07f4464ca6f8eb2469f2c1
405ceee1c2f5c31f1cb94ebc63d49a43fddd1471c2c7401a01c7c11bb1d93826
GET /s/raleway/v28/1Ptug8zYS_SKggPNyC0ITw.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://post.bemcon.co.uk
Connection: keep-alive
Referer: https://fonts.googleapis.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 46524
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Mon, 05 Dec 2022 21:08:51 GMT
expires: Tue, 05 Dec 2023 21:08:51 GMT
cache-control: public, max-age=31536000
age: 25400
last-modified: Mon, 18 Jul 2022 19:58:01 GMT
content-type: font/woff2
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
post.bemcon.co.uk/wp-content/plugins/elementor/assets/lib/eicons/fonts/eicons.woff2?5.16.0
188.114.96.1200 OK 93 kB URL HTTP/2 post.bemcon.co.uk/wp-content/plugins/elementor/assets/lib/eicons/fonts/eicons.woff2?5.16.0
IP 188.114.96.1:0
File type Web Open Font Format (Version 2), TrueType, length 93372, version 1.0\012- data
Hash aab0bb3379e0eb7ebc26071db61fbd57
711c8d350c4192c2f1aa7f73551445b89fb4b161
691fa7d17effc7d303eda0ad7e4a1d91b2f375506cfc8a774480cc2b55f156ea
GET /wp-content/plugins/elementor/assets/lib/eicons/fonts/eicons.woff2?5.16.0 HTTP/1.1
Host: post.bemcon.co.uk
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Connection: keep-alive
Referer: https://post.bemcon.co.uk/wp-content/litespeed/css/f9f97c349036eccb65cd2356304ea415.css?ver=ea415
Cookie: mailster=2f95e62ec15c593170a6e78f89436dad; _lscache_vary=0ecd605272207d647f0e0abe9c8f5436; __cf_bm=k0RHtuogg7Q.SiLLtBkkaN4VLOydeuZ52LAqY65OGEQ-1670299929-0-AQj6mnWefyvAfCLheHauSBvzfZVb0e06y8PDKcrMvo5r2InqazXZmHxzbYngaYV1V2jOlPUhwEErocz38a2YVLxVR/bUt4G7JQBufvkGyavM58EB/krMFxaQwiWzVoRkxVmAz2f8EWzb8ralsDbX0B8=; _ga_94998W1T93=GS1.1.1670299927.1.0.1670299927.0.0.0; _ga=GA1.3.1108594418.1670299927; _gid=GA1.3.1984919085.1670299927; _gat_gtag_UA_117111585_4=1
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
date: Tue, 06 Dec 2022 04:12:11 GMT
content-type: font/woff2
content-length: 93372
cache-control: public, max-age=31557600
expires: Mon, 04 Dec 2023 12:00:30 GMT
last-modified: Tue, 15 Nov 2022 04:44:42 GMT
vary: User-Agent,User-Agent, Accept-Encoding
x-content-type-options: nosniff
x-turbo-charged-by: LiteSpeed
cf-cache-status: HIT
age: 63740
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=DTxKLRnhEtue0n71cIQ2Z5OK3xITNvZC5CD4jKC18YTy%2BgsvSs%2ForCagtC0PYJkPS8Pd%2FvaKarFpnFc4LeZWhC7rv6QC56Th8AD17T4pLct4H%2FPy1dS%2BGmaQz4cSwxFdIACAlw%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 77522e8c7f87b515-OSL
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
fonts.gstatic.com/s/raleway/v28/1Ptug8zYS_SKggPNyC0ITw.woff2
216.58.207.227200 OK 46 kB URL HTTP/2 fonts.gstatic.com/s/raleway/v28/1Ptug8zYS_SKggPNyC0ITw.woff2
IP 216.58.207.227:0
File type Web Open Font Format (Version 2), TrueType, length 46524, version 1.0\012- data
Hash c1fd378f54921c75e4ae1821e7b8fff6
2ce96e97783b2f154d07f4464ca6f8eb2469f2c1
405ceee1c2f5c31f1cb94ebc63d49a43fddd1471c2c7401a01c7c11bb1d93826
GET /s/raleway/v28/1Ptug8zYS_SKggPNyC0ITw.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://post.bemcon.co.uk
Connection: keep-alive
Referer: https://fonts.googleapis.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 46524
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Mon, 05 Dec 2022 21:08:51 GMT
expires: Tue, 05 Dec 2023 21:08:51 GMT
cache-control: public, max-age=31536000
age: 25400
last-modified: Mon, 18 Jul 2022 19:58:01 GMT
content-type: font/woff2
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
fonts.gstatic.com/s/montserrat/v25/JTUSjIg1_i6t8kCHKm459Wlhyw.woff2
216.58.207.227200 OK 31 kB URL HTTP/2 fonts.gstatic.com/s/montserrat/v25/JTUSjIg1_i6t8kCHKm459Wlhyw.woff2
IP 216.58.207.227:0
File type Web Open Font Format (Version 2), TrueType, length 30928, version 1.0\012- data
Hash ac0d2859ea5f8fd6bcb3c305c08ec184
7f6c17e3e592cd8bd346b9cc261d8dd961b8aef7
ae919a7c9f25f0fd97fc18e398ae8e453fcaae487e4a4cb4f896e7fecde4a780
GET /s/montserrat/v25/JTUSjIg1_i6t8kCHKm459Wlhyw.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://post.bemcon.co.uk
Connection: keep-alive
Referer: https://fonts.googleapis.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 30928
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Fri, 02 Dec 2022 06:30:11 GMT
expires: Sat, 02 Dec 2023 06:30:11 GMT
cache-control: public, max-age=31536000
age: 337320
last-modified: Mon, 11 Jul 2022 18:57:39 GMT
content-type: font/woff2
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
fonts.gstatic.com/s/montserrat/v25/JTUSjIg1_i6t8kCHKm459Wlhyw.woff2
216.58.207.227200 OK 31 kB URL HTTP/2 fonts.gstatic.com/s/montserrat/v25/JTUSjIg1_i6t8kCHKm459Wlhyw.woff2
IP 216.58.207.227:0
File type Web Open Font Format (Version 2), TrueType, length 30928, version 1.0\012- data
Hash ac0d2859ea5f8fd6bcb3c305c08ec184
7f6c17e3e592cd8bd346b9cc261d8dd961b8aef7
ae919a7c9f25f0fd97fc18e398ae8e453fcaae487e4a4cb4f896e7fecde4a780
GET /s/montserrat/v25/JTUSjIg1_i6t8kCHKm459Wlhyw.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://post.bemcon.co.uk
Connection: keep-alive
Referer: https://fonts.googleapis.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 30928
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Fri, 02 Dec 2022 06:30:11 GMT
expires: Sat, 02 Dec 2023 06:30:11 GMT
cache-control: public, max-age=31536000
age: 337320
last-modified: Mon, 11 Jul 2022 18:57:39 GMT
content-type: font/woff2
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
post.bemcon.co.uk/wp-content/plugins/elementor/assets/lib/font-awesome/webfonts/fa-solid-900.woff2
188.114.96.1200 OK 78 kB URL HTTP/2 post.bemcon.co.uk/wp-content/plugins/elementor/assets/lib/font-awesome/webfonts/fa-solid-900.woff2
IP 188.114.96.1:0
File type Web Open Font Format (Version 2), TrueType, length 78196, version 331.-31261\012- data
Hash e8a427e15cc502bef99cfd722b37ea98
a9922842a120a7f1eaced667480c5e185a106d69
d0b4256abed72481585662971262eabee345c19f837af00d7ce24239d3b40eef
Analyzer Verdict Alert fortinet Phishing
GET /wp-content/plugins/elementor/assets/lib/font-awesome/webfonts/fa-solid-900.woff2 HTTP/1.1
Host: post.bemcon.co.uk
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Connection: keep-alive
Referer: https://post.bemcon.co.uk/wp-content/litespeed/css/3e0032d99d6c167d3111bb352854e04a.css?ver=4e04a
Cookie: mailster=2f95e62ec15c593170a6e78f89436dad; _lscache_vary=0ecd605272207d647f0e0abe9c8f5436; __cf_bm=k0RHtuogg7Q.SiLLtBkkaN4VLOydeuZ52LAqY65OGEQ-1670299929-0-AQj6mnWefyvAfCLheHauSBvzfZVb0e06y8PDKcrMvo5r2InqazXZmHxzbYngaYV1V2jOlPUhwEErocz38a2YVLxVR/bUt4G7JQBufvkGyavM58EB/krMFxaQwiWzVoRkxVmAz2f8EWzb8ralsDbX0B8=; _ga_94998W1T93=GS1.1.1670299927.1.0.1670299927.0.0.0; _ga=GA1.3.1108594418.1670299927; _gid=GA1.3.1984919085.1670299927; _gat_gtag_UA_117111585_4=1
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
date: Tue, 06 Dec 2022 04:12:11 GMT
content-type: font/woff2
content-length: 78196
cache-control: public, max-age=31557600
expires: Mon, 04 Dec 2023 12:00:30 GMT
last-modified: Tue, 15 Nov 2022 04:44:42 GMT
vary: User-Agent,User-Agent, Accept-Encoding
x-content-type-options: nosniff
x-turbo-charged-by: LiteSpeed
cf-cache-status: HIT
age: 63740
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=kTpx2KNP1aiqjxUpAyc8ROnB53ZJTKQ6zMGzBWT6oxImpB5bLuNBanGArUnfI5xMBN2fxfVtz2zIEMrzp%2FYALYz2y2QBsIoR%2BafbsrH3B31P7foS1RHaXj3Kt06pNSALD4lf5A%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 77522e8c8f94b515-OSL
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
fonts.gstatic.com/s/raleway/v28/1Ptug8zYS_SKggPNyC0ITw.woff2
216.58.207.227200 OK 46 kB URL HTTP/2 fonts.gstatic.com/s/raleway/v28/1Ptug8zYS_SKggPNyC0ITw.woff2
IP 216.58.207.227:0
File type Web Open Font Format (Version 2), TrueType, length 46524, version 1.0\012- data
Hash c1fd378f54921c75e4ae1821e7b8fff6
2ce96e97783b2f154d07f4464ca6f8eb2469f2c1
405ceee1c2f5c31f1cb94ebc63d49a43fddd1471c2c7401a01c7c11bb1d93826
GET /s/raleway/v28/1Ptug8zYS_SKggPNyC0ITw.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://post.bemcon.co.uk
Connection: keep-alive
Referer: https://fonts.googleapis.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 46524
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Mon, 05 Dec 2022 21:08:51 GMT
expires: Tue, 05 Dec 2023 21:08:51 GMT
cache-control: public, max-age=31536000
age: 25400
last-modified: Mon, 18 Jul 2022 19:58:01 GMT
content-type: font/woff2
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
post.bemcon.co.uk/wp-content/plugins/bdthemes-element-pack/assets/fonts/element-pack.woff2?3t1x0w
188.114.96.1200 OK 17 kB URL HTTP/2 post.bemcon.co.uk/wp-content/plugins/bdthemes-element-pack/assets/fonts/element-pack.woff2?3t1x0w
IP 188.114.96.1:0
File type Web Open Font Format (Version 2), TrueType, length 16952, version 3.0\012- data
Hash 9ae789b7af05ed21e28b27c06642e297
07e7958507f7c7e918c78bc6b9333ecc3e4fa521
9569f3d63b6ae0a0d7e180f65363133a8b27e183cc75a212844e0b249606ee19
Analyzer Verdict Alert fortinet Phishing
GET /wp-content/plugins/bdthemes-element-pack/assets/fonts/element-pack.woff2?3t1x0w HTTP/1.1
Host: post.bemcon.co.uk
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Connection: keep-alive
Referer: https://post.bemcon.co.uk/wp-content/litespeed/css/155b56c34a921efc4bebe4b86eac66b9.css?ver=c66b9
Cookie: mailster=2f95e62ec15c593170a6e78f89436dad; _lscache_vary=0ecd605272207d647f0e0abe9c8f5436; __cf_bm=k0RHtuogg7Q.SiLLtBkkaN4VLOydeuZ52LAqY65OGEQ-1670299929-0-AQj6mnWefyvAfCLheHauSBvzfZVb0e06y8PDKcrMvo5r2InqazXZmHxzbYngaYV1V2jOlPUhwEErocz38a2YVLxVR/bUt4G7JQBufvkGyavM58EB/krMFxaQwiWzVoRkxVmAz2f8EWzb8ralsDbX0B8=; _ga_94998W1T93=GS1.1.1670299927.1.0.1670299927.0.0.0; _ga=GA1.3.1108594418.1670299927; _gid=GA1.3.1984919085.1670299927; _gat_gtag_UA_117111585_4=1
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
date: Tue, 06 Dec 2022 04:12:11 GMT
content-type: font/woff2
content-length: 16952
cache-control: public, max-age=31557600
expires: Tue, 05 Dec 2023 15:53:26 GMT
last-modified: Sun, 04 Dec 2022 04:10:58 GMT
vary: User-Agent,User-Agent, Accept-Encoding
x-content-type-options: nosniff
x-turbo-charged-by: LiteSpeed
cf-cache-status: HIT
age: 63740
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=0L8teZ6rMUx1DfSM%2BdPpqsGsy%2By7Upb6dMbMn1hVUm0sKkHeRZp3zmN%2FLKP2OH3vS9W8DUhqhJvVNMEh8LMHTaDEr4HFAQJaLhiib9d3xkmv1ejOXyuoXTR63Rya1XlbAbtSiA%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 77522e8c9f9bb515-OSL
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
fonts.gstatic.com/s/lora/v26/0QIvMX1D_JOuMwr7Iw.woff2
216.58.207.227200 OK 36 kB URL HTTP/2 fonts.gstatic.com/s/lora/v26/0QIvMX1D_JOuMwr7Iw.woff2
IP 216.58.207.227:0
File type Web Open Font Format (Version 2), TrueType, length 35660, version 1.0\012- data
Hash 0d0d3e5824e5e67a9e993960df2b67a9
328d67bb1d5899a7809df9f4385181863fd035f1
38da98e06ba18c4204f547d30572cd81a2dd3fd5438d306856d2617480ee8639
GET /s/lora/v26/0QIvMX1D_JOuMwr7Iw.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://post.bemcon.co.uk
Connection: keep-alive
Referer: https://fonts.googleapis.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 35660
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Thu, 01 Dec 2022 08:31:54 GMT
expires: Fri, 01 Dec 2023 08:31:54 GMT
cache-control: public, max-age=31536000
age: 416417
last-modified: Mon, 15 Aug 2022 18:07:59 GMT
content-type: font/woff2
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
post.bemcon.co.uk/wp-content/uploads/2021/10/Root-Cause-Analysis-RCA-2021-Web.jpg.webp
188.114.96.1200 OK 120 kB URL HTTP/2 post.bemcon.co.uk/wp-content/uploads/2021/10/Root-Cause-Analysis-RCA-2021-Web.jpg.webp
IP 188.114.96.1:0
File type RIFF (little-endian) data, Web/P image, VP8 encoding, 800x800, Scaling: [none]x[none], YUV color, decoders should clamp\012- data
Size 120 kB (119468 bytes)
Hash 0b7ffd34d71d1650636b646e6032b9a3
f3d95412b501c3cb90e59895679713cef71cbd2a
ba1db5747faf43a8aeac081b5fd694590571939702e83a41981684c13c570848
Analyzer Verdict Alert fortinet Phishing
GET /wp-content/uploads/2021/10/Root-Cause-Analysis-RCA-2021-Web.jpg.webp HTTP/1.1
Host: post.bemcon.co.uk
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://post.bemcon.co.uk/root-cause-analysis-rca/
Cookie: mailster=2f95e62ec15c593170a6e78f89436dad; _lscache_vary=0ecd605272207d647f0e0abe9c8f5436; __cf_bm=k0RHtuogg7Q.SiLLtBkkaN4VLOydeuZ52LAqY65OGEQ-1670299929-0-AQj6mnWefyvAfCLheHauSBvzfZVb0e06y8PDKcrMvo5r2InqazXZmHxzbYngaYV1V2jOlPUhwEErocz38a2YVLxVR/bUt4G7JQBufvkGyavM58EB/krMFxaQwiWzVoRkxVmAz2f8EWzb8ralsDbX0B8=; _ga_94998W1T93=GS1.1.1670299927.1.0.1670299927.0.0.0; _ga=GA1.3.1108594418.1670299927; _gid=GA1.3.1984919085.1670299927; _gat_gtag_UA_117111585_4=1
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
date: Tue, 06 Dec 2022 04:12:11 GMT
content-type: image/webp
content-length: 119468
cache-control: public, max-age=31557600
expires: Tue, 05 Dec 2023 14:21:54 GMT
last-modified: Mon, 28 Nov 2022 14:11:18 GMT
vary: User-Agent,User-Agent, Accept-Encoding
x-content-type-options: nosniff
x-turbo-charged-by: LiteSpeed
cf-cache-status: HIT
age: 63740
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=iELKQ5D6fRr3gJGhTFXj6BaPgbeSoy0aEd4bRcRLSyQFRFvDnRYzS%2F2NTVCHYNDQpgOb4YYoAFhehQmGedrmURgk3EzoH0M74%2BtgnVkUecPgDPK4ikIBhXMOjZjw%2F6dg3%2FDe4g%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 77522e8ccfb7b515-OSL
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
142.250.74.131200 OK 472 B IP 142.250.74.131:0
Hash 8ead0ac4ce19cef2471bae0458759d89
af02fd3fcd2e10cfa2458407c0c2e59a43e18517
507b93c64bab73e393cf8d8131415ef4d4b01e65e0f2ab73597715197845e75e
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Tue, 06 Dec 2022 04:12:11 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
play.google.com/log?hasfast=true&authuser=0&format=json
142.250.74.14200 OK 131 B URL HTTP/2 play.google.com/log?hasfast=true&authuser=0&format=json
IP 142.250.74.14:0
File type JSON data\012- , ASCII text, with no line terminators
Hash babb6f090aeebc6f421624475b4aefff
06079b7547949822c118224e51604f4c5ebf80c8
b2fe8b91f31edc7284cc9690e90dd4a38d985598374df68967d917590beb55dd
POST /log?hasfast=true&authuser=0&format=json HTTP/1.1
Host: play.google.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: text/plain;charset=UTF-8
Content-Length: 426
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-site
HTTP/2 200 OK
p3p: CP="This is not a P3P policy! See g.co/p3phelp for more info."
access-control-allow-origin: http://play.google.com
access-control-allow-credentials: true
access-control-allow-headers: X-Playlog-Web
content-type: text/plain; charset=UTF-8
content-encoding: gzip
date: Tue, 06 Dec 2022 04:12:11 GMT
server: Playlog
cache-control: private
content-length: 131
x-xss-protection: 0
x-frame-options: SAMEORIGIN
set-cookie: NID=511=KZhiRIO7Eu-06CycC1FzfB-ueLSm7T-CaqlsEIaVyWHJ1wDy5tEziDXMeZ0JiCF2wAIPe2hX90PIsIuUA5VorfkIdA3WLqxNE90FwK3ysKbRx-xfki7Akesw5CFCDxV9gT_FNY4LtqvZ8Q9rJOl9GUKHXSczfdszAdbg5omEaqU; expires=Wed, 07-Jun-2023 04:12:11 GMT; path=/; domain=.google.com; Secure; HttpOnly; SameSite=none
CONSENT=PENDING+623; expires=Thu, 05-Dec-2024 04:12:11 GMT; path=/; domain=.google.com; Secure
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
expires: Tue, 06 Dec 2022 04:12:11 GMT
X-Firefox-Spdy: h2
post.bemcon.co.uk/wp-content/litespeed/css/8fc53b56672390b70951c0eb8244ed80.css?ver=4ed80
188.114.96.1200 OK 32 kB URL HTTP/2 post.bemcon.co.uk/wp-content/litespeed/css/8fc53b56672390b70951c0eb8244ed80.css?ver=4ed80
IP 188.114.96.1:0
File type ASCII text, with very long lines (18456), with no line terminators
Hash 93270cff2720bc029603dba7b7ea7e00
83cea8cb0b83b9f5ebcae1a91d8e30d5c7623a1b
c1cc6ea749b7c258ddf9d733f2956e18d1cc180a815a4b0892b5d6e69e0f3526
Analyzer Verdict Alert fortinet Phishing
GET /wp-content/litespeed/css/8fc53b56672390b70951c0eb8244ed80.css?ver=4ed80 HTTP/1.1
Host: post.bemcon.co.uk
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://post.bemcon.co.uk/root-cause-analysis-rca/
Cookie: mailster=2f95e62ec15c593170a6e78f89436dad; _lscache_vary=0ecd605272207d647f0e0abe9c8f5436; __cf_bm=k0RHtuogg7Q.SiLLtBkkaN4VLOydeuZ52LAqY65OGEQ-1670299929-0-AQj6mnWefyvAfCLheHauSBvzfZVb0e06y8PDKcrMvo5r2InqazXZmHxzbYngaYV1V2jOlPUhwEErocz38a2YVLxVR/bUt4G7JQBufvkGyavM58EB/krMFxaQwiWzVoRkxVmAz2f8EWzb8ralsDbX0B8=; _ga_94998W1T93=GS1.1.1670299927.1.0.1670299927.0.0.0; _ga=GA1.3.1108594418.1670299927; _gid=GA1.3.1984919085.1670299927; _gat_gtag_UA_117111585_4=1
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
date: Tue, 06 Dec 2022 04:12:11 GMT
content-type: text/css
cache-control: public, max-age=31557600
cf-bgj: minify
cf-polished: origSize=18468
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
expires: Tue, 28 Nov 2023 19:44:17 GMT
last-modified: Mon, 28 Nov 2022 13:44:09 GMT
vary: Accept-Encoding,User-Agent,User-Agent
x-content-type-options: nosniff
x-turbo-charged-by: LiteSpeed
cf-cache-status: HIT
age: 63742
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=biZJSd%2FhwUWQ5pKNbp9cdeTesjUoWsn4Nluy6YBaO2wW7iaTLKr3R9Wm%2BggGctOZqNH1kT2wT5UbYcyixqlWoH0%2BdnEvfev4pLVxU%2FX%2FbM79ZnNZpmBttS17mnahsh3QB0vbaQ%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 77522e8aaec0b515-OSL
content-encoding: br
X-Firefox-Spdy: h2
post.bemcon.co.uk/wp-content/uploads//2020/05/Food-Safety-Courses-.svg
188.114.96.1200 OK 25 kB URL HTTP/2 post.bemcon.co.uk/wp-content/uploads//2020/05/Food-Safety-Courses-.svg
IP 188.114.96.1:0
File type SVG Scalable Vector Graphics image\012- HTML document, ASCII text, with very long lines (3758)
Hash 146b4a438c09d463cbdd004eafde0576
0c42fd333a4acde36ae5b92e294490ceffcd5861
43840095af95ce884d407c52d798c13778f19e4da63a5271e7c2cf0e5e20b47f
Analyzer Verdict Alert fortinet Phishing
GET /wp-content/uploads//2020/05/Food-Safety-Courses-.svg HTTP/1.1
Host: post.bemcon.co.uk
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://post.bemcon.co.uk/root-cause-analysis-rca/
Cookie: mailster=2f95e62ec15c593170a6e78f89436dad; _lscache_vary=0ecd605272207d647f0e0abe9c8f5436; __cf_bm=k0RHtuogg7Q.SiLLtBkkaN4VLOydeuZ52LAqY65OGEQ-1670299929-0-AQj6mnWefyvAfCLheHauSBvzfZVb0e06y8PDKcrMvo5r2InqazXZmHxzbYngaYV1V2jOlPUhwEErocz38a2YVLxVR/bUt4G7JQBufvkGyavM58EB/krMFxaQwiWzVoRkxVmAz2f8EWzb8ralsDbX0B8=; _ga_94998W1T93=GS1.1.1670299927.1.0.1670299927.0.0.0; _ga=GA1.3.1108594418.1670299927; _gid=GA1.3.1984919085.1670299927; _gat_gtag_UA_117111585_4=1
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
date: Tue, 06 Dec 2022 04:12:11 GMT
content-type: image/svg+xml
last-modified: Sat, 08 Aug 2020 14:48:38 GMT
cache-control: public, max-age=2678400
etag: W/"5f2ebb46-2f47"
x-cache-status: MISS
x-powered-by: PleskLin
cf-cache-status: HIT
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=ma6fSZw%2BCi6l6mZwn%2F4Nv668lTSRgLw5lIkeywg8t4NCnV1Ma8SUeRbTm8P8gNM3oMKBDtBjIcPeH6W9l5CqaAx78BCod1JUIe9aclqxJ9ZQArs0X5f8d24%2F7h3Cp7uO0vNmvg%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 77522e8ccfb1b515-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
post.bemcon.co.uk/wp-content/uploads//2020/05/Active-Courses.svg
188.114.96.1200 OK 11 kB URL HTTP/2 post.bemcon.co.uk/wp-content/uploads//2020/05/Active-Courses.svg
IP 188.114.96.1:0
File type SVG Scalable Vector Graphics image\012- HTML document, ASCII text, with very long lines (2157)
Hash 8f3f1cfb6091c109118de6f5f280990e
9e8d5190dfd446cc619ea91d64d641bde76fc55d
52f65fd235b7cdf7c8850bf43e735bd04a539092109b6e5bf643bf6565e57ccd
Analyzer Verdict Alert fortinet Phishing
GET /wp-content/uploads//2020/05/Active-Courses.svg HTTP/1.1
Host: post.bemcon.co.uk
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://post.bemcon.co.uk/root-cause-analysis-rca/
Cookie: mailster=2f95e62ec15c593170a6e78f89436dad; _lscache_vary=0ecd605272207d647f0e0abe9c8f5436; __cf_bm=k0RHtuogg7Q.SiLLtBkkaN4VLOydeuZ52LAqY65OGEQ-1670299929-0-AQj6mnWefyvAfCLheHauSBvzfZVb0e06y8PDKcrMvo5r2InqazXZmHxzbYngaYV1V2jOlPUhwEErocz38a2YVLxVR/bUt4G7JQBufvkGyavM58EB/krMFxaQwiWzVoRkxVmAz2f8EWzb8ralsDbX0B8=; _ga_94998W1T93=GS1.1.1670299927.1.0.1670299927.0.0.0; _ga=GA1.3.1108594418.1670299927; _gid=GA1.3.1984919085.1670299927; _gat_gtag_UA_117111585_4=1
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
date: Tue, 06 Dec 2022 04:12:11 GMT
content-type: image/svg+xml
last-modified: Sat, 08 Aug 2020 14:48:37 GMT
cache-control: public, max-age=2678400
etag: W/"5f2ebb45-1aa8"
x-cache-status: MISS
x-powered-by: PleskLin
cf-cache-status: HIT
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=KbIOskn0nWddKPDEKu9J8zIiN75Aup0CDPXNKBVmB%2F1hQgk8EPtk3BPMX%2FqVBIDU5ZHxiE9%2Bh0ODTuNwqdnVHlG7Xar%2FKPa7rCrvWlyFGa7TQjiolGPcu5TZfq0OhZTp2pYb3Q%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 77522e8ccfb6b515-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
apis.google.com/_/scs/abc-static/_/js/k=gapi.lb.en.geaHZXF2-fw.O/m=client/rt=j/sv=1/d=1/ed=1/rs=AHpOoo9yYF5eCIYPx4UH9gpJptM2Q_GGxQ/cb=gapi.loaded_0?le=scs
142.250.74.78200 OK 106 kB URL HTTP/2 apis.google.com/_/scs/abc-static/_/js/k=gapi.lb.en.geaHZXF2-fw.O/m=client/rt=j/sv=1/d=1/ed=1/rs=AHpOoo9yYF5eCIYPx4UH9gpJptM2Q_GGxQ/cb=gapi.loaded_0?le=scs
IP 142.250.74.78:0
File type ASCII text, with very long lines (580)
Size 106 kB (106463 bytes)
Hash 056642971d06b7ae6433c0e55578d574
0fc8c88d5637f11a37b5691e51ad0bb5b413e1b6
2e9bcdc188702121c4d301f134b3edeb7cd279b23673550c28226468109523dd
GET /_/scs/abc-static/_/js/k=gapi.lb.en.geaHZXF2-fw.O/m=client/rt=j/sv=1/d=1/ed=1/rs=AHpOoo9yYF5eCIYPx4UH9gpJptM2Q_GGxQ/cb=gapi.loaded_0?le=scs HTTP/1.1
Host: apis.google.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://post.bemcon.co.uk/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/social-frontend-mpm-access
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="social-frontend-mpm-access"
report-to: {"group":"social-frontend-mpm-access","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/social-frontend-mpm-access"}]}
content-length: 106463
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Thu, 01 Dec 2022 09:42:44 GMT
expires: Fri, 01 Dec 2023 09:42:44 GMT
cache-control: public, max-age=31536000
age: 412167
last-modified: Tue, 01 Nov 2022 15:24:55 GMT
content-type: text/javascript; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
post.bemcon.co.uk/wp-content/uploads//2020/05/hot-selling-sessions.svg
188.114.96.1200 OK 23 kB URL HTTP/2 post.bemcon.co.uk/wp-content/uploads//2020/05/hot-selling-sessions.svg
IP 188.114.96.1:0
File type SVG Scalable Vector Graphics image\012- HTML document, ASCII text, with very long lines (1084)
Hash ec839b4cef0921e06bf22735ab88792f
1ad1332c88ad3d5aaf87648c9edb31a28c1c7059
1686bbd0a6f73a22508f85fb16e6afa5245f41b1779cbf9f72600a18a8af445a
Analyzer Verdict Alert fortinet Phishing
GET /wp-content/uploads//2020/05/hot-selling-sessions.svg HTTP/1.1
Host: post.bemcon.co.uk
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://post.bemcon.co.uk/root-cause-analysis-rca/
Cookie: mailster=2f95e62ec15c593170a6e78f89436dad; _lscache_vary=0ecd605272207d647f0e0abe9c8f5436; __cf_bm=k0RHtuogg7Q.SiLLtBkkaN4VLOydeuZ52LAqY65OGEQ-1670299929-0-AQj6mnWefyvAfCLheHauSBvzfZVb0e06y8PDKcrMvo5r2InqazXZmHxzbYngaYV1V2jOlPUhwEErocz38a2YVLxVR/bUt4G7JQBufvkGyavM58EB/krMFxaQwiWzVoRkxVmAz2f8EWzb8ralsDbX0B8=; _ga_94998W1T93=GS1.1.1670299927.1.0.1670299927.0.0.0; _ga=GA1.3.1108594418.1670299927; _gid=GA1.3.1984919085.1670299927; _gat_gtag_UA_117111585_4=1
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
date: Tue, 06 Dec 2022 04:12:11 GMT
content-type: image/svg+xml
last-modified: Sat, 08 Aug 2020 14:48:40 GMT
cache-control: public, max-age=2678400
etag: W/"5f2ebb48-190a"
x-cache-status: MISS
x-powered-by: PleskLin
cf-cache-status: HIT
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=LjD10lqG7iawKBdYW%2FaRnIfcpaeKGI%2FikB2BWdviygtgd4l3Nn1UV957O%2FWPtDih%2BTLIH%2BQWv5xjSs9O2Z5gF2o5ocz8O%2BLCY9AnQWpFJcO%2BovpKxyT%2BiQC%2FjVNaQ6RVLlXn7A%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 77522e8ccfb0b515-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
post.bemcon.co.uk/wp-content/uploads/2021/10/RCA-benefiting-Industries.jpg.webp
188.114.96.1200 OK 34 kB URL HTTP/2 post.bemcon.co.uk/wp-content/uploads/2021/10/RCA-benefiting-Industries.jpg.webp
IP 188.114.96.1:0
File type RIFF (little-endian) data, Web/P image, VP8 encoding, 800x398, Scaling: [none]x[none], YUV color, decoders should clamp\012- data
Hash 3ec9e2184b80f7e8e31e59d4accc6788
9cb83cfba785ce77c09e1b3b7fac75384daf9eae
3064d7e42b10983172b4e383747fcd9932abe1ff5ebf74ffdd5c1cdcb5a221fb
Analyzer Verdict Alert fortinet Phishing
GET /wp-content/uploads/2021/10/RCA-benefiting-Industries.jpg.webp HTTP/1.1
Host: post.bemcon.co.uk
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://post.bemcon.co.uk/root-cause-analysis-rca/
Cookie: mailster=2f95e62ec15c593170a6e78f89436dad; _lscache_vary=0ecd605272207d647f0e0abe9c8f5436; __cf_bm=k0RHtuogg7Q.SiLLtBkkaN4VLOydeuZ52LAqY65OGEQ-1670299929-0-AQj6mnWefyvAfCLheHauSBvzfZVb0e06y8PDKcrMvo5r2InqazXZmHxzbYngaYV1V2jOlPUhwEErocz38a2YVLxVR/bUt4G7JQBufvkGyavM58EB/krMFxaQwiWzVoRkxVmAz2f8EWzb8ralsDbX0B8=; _ga_94998W1T93=GS1.1.1670299927.1.1.1670299928.0.0.0; _ga=GA1.3.1108594418.1670299927; _gid=GA1.3.1984919085.1670299927; _gat_gtag_UA_117111585_4=1
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
date: Tue, 06 Dec 2022 04:12:12 GMT
content-type: image/webp
content-length: 33536
cache-control: public, max-age=31557600
expires: Tue, 05 Dec 2023 14:59:20 GMT
last-modified: Mon, 28 Nov 2022 14:11:06 GMT
vary: User-Agent,User-Agent, Accept-Encoding
x-content-type-options: nosniff
x-turbo-charged-by: LiteSpeed
cf-cache-status: HIT
age: 63741
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=gzUufOTYOAnrOGpO6MfGFKj0iCCRK0GlpmnpKNo7tPQCNmavWwCPSGGr39qgAyykXJcZGr4XiTNwMBa2%2FRzVTWjgZ6B2eSvAziB%2BfIDpYiNuulCkY1SAZynwOw4xoRH7WwWlHg%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 77522e8f2953b515-OSL
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
post.bemcon.co.uk/cdn-cgi/rum?
188.114.96.1204 No Content 0 B URL HTTP/2 post.bemcon.co.uk/cdn-cgi/rum?
IP 188.114.96.1:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
POST /cdn-cgi/rum? HTTP/1.1
Host: post.bemcon.co.uk
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
content-type: application/json
Content-Length: 1149
Origin: https://post.bemcon.co.uk
Connection: keep-alive
Referer: https://post.bemcon.co.uk/root-cause-analysis-rca/
Cookie: mailster=2f95e62ec15c593170a6e78f89436dad; _lscache_vary=0ecd605272207d647f0e0abe9c8f5436; __cf_bm=k0RHtuogg7Q.SiLLtBkkaN4VLOydeuZ52LAqY65OGEQ-1670299929-0-AQj6mnWefyvAfCLheHauSBvzfZVb0e06y8PDKcrMvo5r2InqazXZmHxzbYngaYV1V2jOlPUhwEErocz38a2YVLxVR/bUt4G7JQBufvkGyavM58EB/krMFxaQwiWzVoRkxVmAz2f8EWzb8ralsDbX0B8=; _ga_94998W1T93=GS1.1.1670299927.1.1.1670299928.0.0.0; _ga=GA1.3.1108594418.1670299927; _gid=GA1.3.1984919085.1670299927; _gat_gtag_UA_117111585_4=1
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 204 No Content
date: Tue, 06 Dec 2022 04:12:12 GMT
access-control-allow-origin: https://post.bemcon.co.uk
access-control-allow-methods: POST,OPTIONS
access-control-max-age: 86400
vary: Origin
access-control-allow-credentials: true
server: cloudflare
cf-ray: 77522e8fb989b515-OSL
x-frame-options: DENY
x-content-type-options: nosniff
X-Firefox-Spdy: h2
post.bemcon.co.uk/wp-content/uploads/2020/08/First-Aid-Level-2-300x300.jpg.webp
188.114.96.1200 OK 24 kB URL HTTP/2 post.bemcon.co.uk/wp-content/uploads/2020/08/First-Aid-Level-2-300x300.jpg.webp
IP 188.114.96.1:0
File type RIFF (little-endian) data, Web/P image, VP8 encoding, 300x300, Scaling: [none]x[none], YUV color, decoders should clamp\012- data
Hash 6203906a0d783d73c1f79c15e736f0ee
e700b25630fab112562695ddc65c47ba1585a792
eb625b0e80aa59e15ec3b77525bdf80f17bea8b5220817af685484b52eb90922
Analyzer Verdict Alert fortinet Phishing
GET /wp-content/uploads/2020/08/First-Aid-Level-2-300x300.jpg.webp HTTP/1.1
Host: post.bemcon.co.uk
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://post.bemcon.co.uk/root-cause-analysis-rca/
Cookie: mailster=2f95e62ec15c593170a6e78f89436dad; _lscache_vary=0ecd605272207d647f0e0abe9c8f5436; __cf_bm=k0RHtuogg7Q.SiLLtBkkaN4VLOydeuZ52LAqY65OGEQ-1670299929-0-AQj6mnWefyvAfCLheHauSBvzfZVb0e06y8PDKcrMvo5r2InqazXZmHxzbYngaYV1V2jOlPUhwEErocz38a2YVLxVR/bUt4G7JQBufvkGyavM58EB/krMFxaQwiWzVoRkxVmAz2f8EWzb8ralsDbX0B8=; _ga_94998W1T93=GS1.1.1670299927.1.1.1670299928.0.0.0; _ga=GA1.3.1108594418.1670299927; _gid=GA1.3.1984919085.1670299927; _gat_gtag_UA_117111585_4=1
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
date: Tue, 06 Dec 2022 04:12:12 GMT
content-type: image/webp
content-length: 23958
cache-control: public, max-age=31557600
expires: Tue, 28 Nov 2023 22:44:28 GMT
last-modified: Mon, 28 Nov 2022 16:15:34 GMT
vary: User-Agent,User-Agent, Accept-Encoding
x-content-type-options: nosniff
x-turbo-charged-by: LiteSpeed
cf-cache-status: HIT
age: 63741
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=WFmvt33ITWbCpt6R945M6NVlWn3DxxtxZF80%2BLrWYloNrAaFPJhiiCftb9OgJ2FOBWj9yraNZe8u3y%2BtcFC%2B5xyLFCce1kxkn%2BG38dDzW3kS6TnJvREJ1e8a3rsT1FbjBqwq7g%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 77522e90d9e6b515-OSL
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
post.bemcon.co.uk/wp-content/uploads/2020/08/Fire-Safety-Level-3-Mail-Campaign-289x300.jpg.webp
188.114.96.1200 OK 31 kB URL HTTP/2 post.bemcon.co.uk/wp-content/uploads/2020/08/Fire-Safety-Level-3-Mail-Campaign-289x300.jpg.webp
IP 188.114.96.1:0
File type gzip compressed data, max compression\012- data
Hash ffe5869d72b3dbfb40bd0a271c11304d
9c9c4e7561a9f629cf0c4eec46723956b57bddf0
41198722c1588ce7e3982f304f1b88eeebf849258dfe891c496f427cc7a82a01
Analyzer Verdict Alert fortinet Phishing
GET /wp-content/uploads/2020/08/Fire-Safety-Level-3-Mail-Campaign-289x300.jpg.webp HTTP/1.1
Host: post.bemcon.co.uk
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://post.bemcon.co.uk/root-cause-analysis-rca/
Cookie: mailster=2f95e62ec15c593170a6e78f89436dad; _lscache_vary=0ecd605272207d647f0e0abe9c8f5436; __cf_bm=k0RHtuogg7Q.SiLLtBkkaN4VLOydeuZ52LAqY65OGEQ-1670299929-0-AQj6mnWefyvAfCLheHauSBvzfZVb0e06y8PDKcrMvo5r2InqazXZmHxzbYngaYV1V2jOlPUhwEErocz38a2YVLxVR/bUt4G7JQBufvkGyavM58EB/krMFxaQwiWzVoRkxVmAz2f8EWzb8ralsDbX0B8=; _ga_94998W1T93=GS1.1.1670299927.1.1.1670299928.0.0.0; _ga=GA1.3.1108594418.1670299927; _gid=GA1.3.1984919085.1670299927; _gat_gtag_UA_117111585_4=1
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
date: Tue, 06 Dec 2022 04:12:12 GMT
content-type: image/webp
content-length: 30552
cache-control: public, max-age=31557600
expires: Tue, 28 Nov 2023 22:44:28 GMT
last-modified: Mon, 28 Nov 2022 16:15:46 GMT
vary: User-Agent,User-Agent, Accept-Encoding
x-content-type-options: nosniff
x-turbo-charged-by: LiteSpeed
cf-cache-status: HIT
age: 63741
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=DnqgijQnE54AWypDm0G9eLDAu4JO1buunb4LpLIKlYTWN0J%2B15Uqes0760TgwHfvyH8Ia89dctOCVqZAaS9BFb9L1JkUOF%2FnhiGv6Maej0K3elRUs2PnRjiVgm%2B9NO%2BPBy53Xw%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 77522e90e9e8b515-OSL
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
post.bemcon.co.uk/wp-content/uploads/2020/08/Fire-Safety-Level-2-293x300.jpg.webp
188.114.96.1200 OK 17 kB URL HTTP/2 post.bemcon.co.uk/wp-content/uploads/2020/08/Fire-Safety-Level-2-293x300.jpg.webp
IP 188.114.96.1:0
File type RIFF (little-endian) data, Web/P image, VP8 encoding, 293x300, Scaling: [none]x[none], YUV color, decoders should clamp\012- data
Hash 936c1dbdbb106370ce47e208ccffd58f
73f14dc47b4b85dfdfebf82eb46025ba35e9a54d
97c86e252bd7a8a014488428df7eb32f1e00ee717c4615d88728eb822285790e
Analyzer Verdict Alert fortinet Phishing
GET /wp-content/uploads/2020/08/Fire-Safety-Level-2-293x300.jpg.webp HTTP/1.1
Host: post.bemcon.co.uk
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://post.bemcon.co.uk/root-cause-analysis-rca/
Cookie: mailster=2f95e62ec15c593170a6e78f89436dad; _lscache_vary=0ecd605272207d647f0e0abe9c8f5436; __cf_bm=k0RHtuogg7Q.SiLLtBkkaN4VLOydeuZ52LAqY65OGEQ-1670299929-0-AQj6mnWefyvAfCLheHauSBvzfZVb0e06y8PDKcrMvo5r2InqazXZmHxzbYngaYV1V2jOlPUhwEErocz38a2YVLxVR/bUt4G7JQBufvkGyavM58EB/krMFxaQwiWzVoRkxVmAz2f8EWzb8ralsDbX0B8=; _ga_94998W1T93=GS1.1.1670299927.1.1.1670299928.0.0.0; _ga=GA1.3.1108594418.1670299927; _gid=GA1.3.1984919085.1670299927; _gat_gtag_UA_117111585_4=1
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
date: Tue, 06 Dec 2022 04:12:12 GMT
content-type: image/webp
content-length: 17268
cache-control: public, max-age=31557600
expires: Wed, 29 Nov 2023 16:33:14 GMT
last-modified: Mon, 28 Nov 2022 16:15:59 GMT
vary: User-Agent,User-Agent, Accept-Encoding
x-content-type-options: nosniff
x-turbo-charged-by: LiteSpeed
cf-cache-status: HIT
age: 63741
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=8ie%2BDdlOgdnogIbHX%2FjUFwopIlAgW7fXObbawwDdzxybne7tAuI%2FxiqK1Tnvo6SxDtEiVbERhHy0kEnu4xN7doboovBeykm8gwBBMVAlUdtFzIFzYUSXMDqzYB2x1XKWTI0tBQ%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 77522e90e9eeb515-OSL
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
post.bemcon.co.uk/wp-content/uploads/2020/08/Fire-Safety-Level-1-Mail-Campaign-300x300.jpg.webp
188.114.96.1200 OK 26 kB URL HTTP/2 post.bemcon.co.uk/wp-content/uploads/2020/08/Fire-Safety-Level-1-Mail-Campaign-300x300.jpg.webp
IP 188.114.96.1:0
File type RIFF (little-endian) data, Web/P image, VP8 encoding, 300x300, Scaling: [none]x[none], YUV color, decoders should clamp\012- data
Hash 96583af909f2b92970da8427e501a30f
0c176636927a1b74c29194d724a513c2cd5d0419
b8ed2014fcef2957ddf70906fe7aa3885cc47915007d93cb63c1b32ad1d0e709
Analyzer Verdict Alert fortinet Phishing
GET /wp-content/uploads/2020/08/Fire-Safety-Level-1-Mail-Campaign-300x300.jpg.webp HTTP/1.1
Host: post.bemcon.co.uk
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://post.bemcon.co.uk/root-cause-analysis-rca/
Cookie: mailster=2f95e62ec15c593170a6e78f89436dad; _lscache_vary=0ecd605272207d647f0e0abe9c8f5436; __cf_bm=k0RHtuogg7Q.SiLLtBkkaN4VLOydeuZ52LAqY65OGEQ-1670299929-0-AQj6mnWefyvAfCLheHauSBvzfZVb0e06y8PDKcrMvo5r2InqazXZmHxzbYngaYV1V2jOlPUhwEErocz38a2YVLxVR/bUt4G7JQBufvkGyavM58EB/krMFxaQwiWzVoRkxVmAz2f8EWzb8ralsDbX0B8=; _ga_94998W1T93=GS1.1.1670299927.1.1.1670299928.0.0.0; _ga=GA1.3.1108594418.1670299927; _gid=GA1.3.1984919085.1670299927; _gat_gtag_UA_117111585_4=1
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
date: Tue, 06 Dec 2022 04:12:12 GMT
content-type: image/webp
content-length: 25520
cache-control: public, max-age=31557600
expires: Sat, 02 Dec 2023 12:45:43 GMT
last-modified: Mon, 28 Nov 2022 16:16:11 GMT
vary: User-Agent,User-Agent, Accept-Encoding
x-content-type-options: nosniff
x-turbo-charged-by: LiteSpeed
cf-cache-status: HIT
age: 63741
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=zBqIu9rnswJ0A6ROsoEjf4jDm9R63kQhgGGGuOu0%2BDAu5OmSJkg2%2FJ44sRYSCOhTXIrVmiN7MoH9g%2FFzvJpQqzhypgM%2Fd6CAuYYGTmZcC5Lfp3Iwj3SATMtyWj4VzQiYA34Haw%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 77522e90e9efb515-OSL
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
post.bemcon.co.uk/wp-content/uploads/2021/10/Root-Cause-Analysis-RCA-2021-Web-300x300.jpg.webp
188.114.96.1200 OK 27 kB URL HTTP/2 post.bemcon.co.uk/wp-content/uploads/2021/10/Root-Cause-Analysis-RCA-2021-Web-300x300.jpg.webp
IP 188.114.96.1:0
File type RIFF (little-endian) data, Web/P image, VP8 encoding, 300x300, Scaling: [none]x[none], YUV color, decoders should clamp\012- data
Hash 625aa770b46869167361d2228226c92e
46cd13f0f94dce172a50c15533df0db3f2a19187
92b17bfd55ef5cd16fbf6001515a1a9e6ae7c673f6fd5a4fc8d4b721b9d59152
Analyzer Verdict Alert fortinet Phishing
GET /wp-content/uploads/2021/10/Root-Cause-Analysis-RCA-2021-Web-300x300.jpg.webp HTTP/1.1
Host: post.bemcon.co.uk
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://post.bemcon.co.uk/root-cause-analysis-rca/
Cookie: mailster=2f95e62ec15c593170a6e78f89436dad; _lscache_vary=0ecd605272207d647f0e0abe9c8f5436; __cf_bm=k0RHtuogg7Q.SiLLtBkkaN4VLOydeuZ52LAqY65OGEQ-1670299929-0-AQj6mnWefyvAfCLheHauSBvzfZVb0e06y8PDKcrMvo5r2InqazXZmHxzbYngaYV1V2jOlPUhwEErocz38a2YVLxVR/bUt4G7JQBufvkGyavM58EB/krMFxaQwiWzVoRkxVmAz2f8EWzb8ralsDbX0B8=; _ga_94998W1T93=GS1.1.1670299927.1.1.1670299928.0.0.0; _ga=GA1.3.1108594418.1670299927; _gid=GA1.3.1984919085.1670299927; _gat_gtag_UA_117111585_4=1
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
date: Tue, 06 Dec 2022 04:12:12 GMT
content-type: image/webp
content-length: 26672
cache-control: public, max-age=31557600
expires: Tue, 28 Nov 2023 20:17:04 GMT
last-modified: Mon, 28 Nov 2022 14:11:20 GMT
vary: User-Agent,User-Agent, Accept-Encoding
x-content-type-options: nosniff
x-turbo-charged-by: LiteSpeed
cf-cache-status: HIT
age: 63741
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=%2B1ZLAuFT6%2BatLwPxFhDwGZRPeMZtWyYbOjwW6oVlBVqD8EJWaKZdE2QINlaA8RZ%2B0RIIaPu4o%2B99OEqHLafzCevxlMS35Fu5OT0ldjccNch3PmVdr%2B%2BNIXzU3HbJgrGfqn%2FmRA%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 77522e90e9f0b515-OSL
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
post.bemcon.co.uk/wp-content/uploads/2022/11/Food-Safety-Culture-Programs-300x300.jpg.webp
188.114.96.1200 OK 24 kB URL HTTP/2 post.bemcon.co.uk/wp-content/uploads/2022/11/Food-Safety-Culture-Programs-300x300.jpg.webp
IP 188.114.96.1:0
File type RIFF (little-endian) data, Web/P image, VP8 encoding, 300x300, Scaling: [none]x[none], YUV color, decoders should clamp\012- data
Hash 9023c5a9788c89cc9d6887277a5d805e
8f6003376c45f202118ad8915dc6f66575f033c2
973d18f16f85201804561edea4843f8a3e724998f505a6654edf95781ab0ba78
Analyzer Verdict Alert fortinet Phishing
GET /wp-content/uploads/2022/11/Food-Safety-Culture-Programs-300x300.jpg.webp HTTP/1.1
Host: post.bemcon.co.uk
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://post.bemcon.co.uk/root-cause-analysis-rca/
Cookie: mailster=2f95e62ec15c593170a6e78f89436dad; _lscache_vary=0ecd605272207d647f0e0abe9c8f5436; __cf_bm=k0RHtuogg7Q.SiLLtBkkaN4VLOydeuZ52LAqY65OGEQ-1670299929-0-AQj6mnWefyvAfCLheHauSBvzfZVb0e06y8PDKcrMvo5r2InqazXZmHxzbYngaYV1V2jOlPUhwEErocz38a2YVLxVR/bUt4G7JQBufvkGyavM58EB/krMFxaQwiWzVoRkxVmAz2f8EWzb8ralsDbX0B8=; _ga_94998W1T93=GS1.1.1670299927.1.1.1670299928.0.0.0; _ga=GA1.3.1108594418.1670299927; _gid=GA1.3.1984919085.1670299927; _gat_gtag_UA_117111585_4=1
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
date: Tue, 06 Dec 2022 04:12:12 GMT
content-type: image/webp
content-length: 23530
cache-control: public, max-age=31557600
expires: Tue, 28 Nov 2023 20:09:26 GMT
last-modified: Mon, 28 Nov 2022 14:02:47 GMT
vary: User-Agent,User-Agent, Accept-Encoding
x-content-type-options: nosniff
x-turbo-charged-by: LiteSpeed
cf-cache-status: HIT
age: 63741
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=MtXZKpa875WjBxvvNNgHPJ4LvvbIGAwi%2FdvoJeB9cnXhdLXV1kyAYKnuOXvatzK85jeck%2FViAx%2FItN8vRC09V%2FKTt1SVDsHMCYfiC5h%2F%2Fjar3CN88d6UzwA7ZoLjdm2UJAyKfg%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 77522e90f9f1b515-OSL
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
post.bemcon.co.uk/wp-content/uploads/2022/08/BRCGS-header-300x300.jpg.webp
188.114.96.1200 OK 18 kB URL HTTP/2 post.bemcon.co.uk/wp-content/uploads/2022/08/BRCGS-header-300x300.jpg.webp
IP 188.114.96.1:0
File type RIFF (little-endian) data, Web/P image, VP8 encoding, 300x300, Scaling: [none]x[none], YUV color, decoders should clamp\012- data
Hash 811aef940765a75bd8318b30e665a6eb
a286ae48067f8b8e29ec2ec8d920558486a53792
fa3a61bb91c63d702546f633d2b165e494f6b2c90a8b54e672b9de78ec7ae36f
Analyzer Verdict Alert fortinet Phishing
GET /wp-content/uploads/2022/08/BRCGS-header-300x300.jpg.webp HTTP/1.1
Host: post.bemcon.co.uk
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://post.bemcon.co.uk/root-cause-analysis-rca/
Cookie: mailster=2f95e62ec15c593170a6e78f89436dad; _lscache_vary=0ecd605272207d647f0e0abe9c8f5436; __cf_bm=k0RHtuogg7Q.SiLLtBkkaN4VLOydeuZ52LAqY65OGEQ-1670299929-0-AQj6mnWefyvAfCLheHauSBvzfZVb0e06y8PDKcrMvo5r2InqazXZmHxzbYngaYV1V2jOlPUhwEErocz38a2YVLxVR/bUt4G7JQBufvkGyavM58EB/krMFxaQwiWzVoRkxVmAz2f8EWzb8ralsDbX0B8=; _ga_94998W1T93=GS1.1.1670299927.1.1.1670299928.0.0.0; _ga=GA1.3.1108594418.1670299927; _gid=GA1.3.1984919085.1670299927; _gat_gtag_UA_117111585_4=1
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
date: Tue, 06 Dec 2022 04:12:12 GMT
content-type: image/webp
content-length: 18484
cache-control: public, max-age=31557600
expires: Tue, 28 Nov 2023 20:09:26 GMT
last-modified: Mon, 28 Nov 2022 14:07:12 GMT
vary: User-Agent,User-Agent, Accept-Encoding
x-content-type-options: nosniff
x-turbo-charged-by: LiteSpeed
cf-cache-status: HIT
age: 63741
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=gWBx7ELwgikrb7Hqa9DQTOPVkYN10qSPENEzsscX4lPEOrLQslxW6wr1IQ220bhyvFLuA3cyaKT4q%2Fo75EuQqlmtyDpoPN39hwUWrOsHgGUKlJYb7%2FCDvTx3tJNvPR4u%2FRKfTQ%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 77522e90f9f4b515-OSL
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
post.bemcon.co.uk/wp-content/uploads/2020/08/ISO-17025-2017-Header-300x300.jpg.webp
188.114.96.1200 OK 26 kB URL HTTP/2 post.bemcon.co.uk/wp-content/uploads/2020/08/ISO-17025-2017-Header-300x300.jpg.webp
IP 188.114.96.1:0
File type RIFF (little-endian) data, Web/P image, VP8 encoding, 300x300, Scaling: [none]x[none], YUV color, decoders should clamp\012- data
Hash 9411fa4ca3eb8efd69af511686c41a40
73e2deb9b9c3c900de60ce44a57ae671a87cd3b7
305e762714a0a74c1617aacaa46935c5317744eeb17b86ba452d7afe8ed039c9
Analyzer Verdict Alert fortinet Phishing
GET /wp-content/uploads/2020/08/ISO-17025-2017-Header-300x300.jpg.webp HTTP/1.1
Host: post.bemcon.co.uk
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://post.bemcon.co.uk/root-cause-analysis-rca/
Cookie: mailster=2f95e62ec15c593170a6e78f89436dad; _lscache_vary=0ecd605272207d647f0e0abe9c8f5436; __cf_bm=k0RHtuogg7Q.SiLLtBkkaN4VLOydeuZ52LAqY65OGEQ-1670299929-0-AQj6mnWefyvAfCLheHauSBvzfZVb0e06y8PDKcrMvo5r2InqazXZmHxzbYngaYV1V2jOlPUhwEErocz38a2YVLxVR/bUt4G7JQBufvkGyavM58EB/krMFxaQwiWzVoRkxVmAz2f8EWzb8ralsDbX0B8=; _ga_94998W1T93=GS1.1.1670299927.1.1.1670299928.0.0.0; _ga=GA1.3.1108594418.1670299927; _gid=GA1.3.1984919085.1670299927; _gat_gtag_UA_117111585_4=1
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
date: Tue, 06 Dec 2022 04:12:12 GMT
content-type: image/webp
content-length: 26478
cache-control: public, max-age=31557600
expires: Tue, 28 Nov 2023 20:09:26 GMT
last-modified: Mon, 28 Nov 2022 14:03:02 GMT
vary: User-Agent,User-Agent, Accept-Encoding
x-content-type-options: nosniff
x-turbo-charged-by: LiteSpeed
cf-cache-status: HIT
age: 63741
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=FKJQW8ia4E6L2hKcIW2UyT8%2FoekNXDkVywAieS1BgudWqMu9pcVHydlul78Dy6Tl%2F8FPd%2BlliU02UBZl244U9LRfRD%2Bu%2Bafsb8Zjb1jmb8Wecad79tRakp3DAWXk0YgNt0XIxg%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 77522e9109fcb515-OSL
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
post.bemcon.co.uk/wp-content/uploads/2022/08/Food-Safety-Level-4-2022-300x294.jpg.webp
188.114.96.1200 OK 28 kB URL HTTP/2 post.bemcon.co.uk/wp-content/uploads/2022/08/Food-Safety-Level-4-2022-300x294.jpg.webp
IP 188.114.96.1:0
File type RIFF (little-endian) data, Web/P image, VP8 encoding, 300x294, Scaling: [none]x[none], YUV color, decoders should clamp\012- data
Hash ec513d3eae17643d1a426b56f197f8cb
b7e2bc93206eb88295bacbe7c4d3f03771b025e0
961a5c30673d04aa6b214f94bf30750e5da808c740cdd98b47d49001446d30a7
Analyzer Verdict Alert fortinet Phishing
GET /wp-content/uploads/2022/08/Food-Safety-Level-4-2022-300x294.jpg.webp HTTP/1.1
Host: post.bemcon.co.uk
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://post.bemcon.co.uk/root-cause-analysis-rca/
Cookie: mailster=2f95e62ec15c593170a6e78f89436dad; _lscache_vary=0ecd605272207d647f0e0abe9c8f5436; __cf_bm=k0RHtuogg7Q.SiLLtBkkaN4VLOydeuZ52LAqY65OGEQ-1670299929-0-AQj6mnWefyvAfCLheHauSBvzfZVb0e06y8PDKcrMvo5r2InqazXZmHxzbYngaYV1V2jOlPUhwEErocz38a2YVLxVR/bUt4G7JQBufvkGyavM58EB/krMFxaQwiWzVoRkxVmAz2f8EWzb8ralsDbX0B8=; _ga_94998W1T93=GS1.1.1670299927.1.1.1670299928.0.0.0; _ga=GA1.3.1108594418.1670299927; _gid=GA1.3.1984919085.1670299927; _gat_gtag_UA_117111585_4=1
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
date: Tue, 06 Dec 2022 04:12:12 GMT
content-type: image/webp
content-length: 27528
cache-control: public, max-age=31557600
expires: Sun, 03 Dec 2023 02:01:06 GMT
last-modified: Mon, 28 Nov 2022 14:03:25 GMT
vary: User-Agent,User-Agent, Accept-Encoding
x-content-type-options: nosniff
x-turbo-charged-by: LiteSpeed
cf-cache-status: HIT
age: 63741
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=%2FC1BFTw%2BChe536c7Ait9tdiDSHFqA7MVAOFk75Eo0VdR9SdToOo2tuLJn0fO9oFz0gFknPRLtAvBUgfWcHqoCAdwufmKJyr%2BAU9xMoL1tsYmPMcT2wYAVYUG157mPjh2%2FLFxyQ%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 77522e9109feb515-OSL
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
post.bemcon.co.uk/wp-content/uploads/2021/11/ISO-17025-2017-Qualification-Prospectus-274x300.jpg.webp
188.114.96.1200 OK 23 kB URL HTTP/2 post.bemcon.co.uk/wp-content/uploads/2021/11/ISO-17025-2017-Qualification-Prospectus-274x300.jpg.webp
IP 188.114.96.1:0
File type RIFF (little-endian) data, Web/P image, VP8 encoding, 274x300, Scaling: [none]x[none], YUV color, decoders should clamp\012- data
Hash 529396572e76c202f885a099af8fc32e
32570592e17acb5a0ab5cb3af006dbebed7ede32
edc7a19901b8a3cc3a795b11b7f65f980ef2011e07b822e50121f2f2abaaa041
Analyzer Verdict Alert fortinet Phishing
GET /wp-content/uploads/2021/11/ISO-17025-2017-Qualification-Prospectus-274x300.jpg.webp HTTP/1.1
Host: post.bemcon.co.uk
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://post.bemcon.co.uk/root-cause-analysis-rca/
Cookie: mailster=2f95e62ec15c593170a6e78f89436dad; _lscache_vary=0ecd605272207d647f0e0abe9c8f5436; __cf_bm=k0RHtuogg7Q.SiLLtBkkaN4VLOydeuZ52LAqY65OGEQ-1670299929-0-AQj6mnWefyvAfCLheHauSBvzfZVb0e06y8PDKcrMvo5r2InqazXZmHxzbYngaYV1V2jOlPUhwEErocz38a2YVLxVR/bUt4G7JQBufvkGyavM58EB/krMFxaQwiWzVoRkxVmAz2f8EWzb8ralsDbX0B8=; _ga_94998W1T93=GS1.1.1670299927.1.1.1670299928.0.0.0; _ga=GA1.3.1108594418.1670299927; _gid=GA1.3.1984919085.1670299927; _gat_gtag_UA_117111585_4=1
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
date: Tue, 06 Dec 2022 04:12:12 GMT
content-type: image/webp
content-length: 22768
cache-control: public, max-age=31557600
expires: Tue, 05 Dec 2023 09:59:53 GMT
last-modified: Mon, 28 Nov 2022 14:10:56 GMT
vary: User-Agent,User-Agent, Accept-Encoding
x-content-type-options: nosniff
x-turbo-charged-by: LiteSpeed
cf-cache-status: HIT
age: 63741
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=kd4VFJxTs0yKo3%2B4iwrXgXFkUA6AzfaGr60mvHl8WQKJk9AXB3ewkQury36Z1KAqhsBqgmh%2FXvPrRqhCxBBfMJrkGTd%2FsH5fo4wB75P04JX6QtCLb4SCzc17VD%2F3o1HYtzBtyw%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 77522e9109ffb515-OSL
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
post.bemcon.co.uk/wp-content/uploads/2021/09/Total-productive-Maintenance-TPM-300x300.jpg.webp
188.114.96.1200 OK 24 kB URL HTTP/2 post.bemcon.co.uk/wp-content/uploads/2021/09/Total-productive-Maintenance-TPM-300x300.jpg.webp
IP 188.114.96.1:0
File type RIFF (little-endian) data, Web/P image, VP8 encoding, 300x300, Scaling: [none]x[none], YUV color, decoders should clamp\012- data
Hash 63c333cfe72a7b79b5db43427a86a433
cc79b5b9f344238f464bd5bcc03142fdea6dc3c6
48c52469ff1cfec945142f7a5b97ec247237cd01070977ce94758c15b548af0d
Analyzer Verdict Alert fortinet Phishing
GET /wp-content/uploads/2021/09/Total-productive-Maintenance-TPM-300x300.jpg.webp HTTP/1.1
Host: post.bemcon.co.uk
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://post.bemcon.co.uk/root-cause-analysis-rca/
Cookie: mailster=2f95e62ec15c593170a6e78f89436dad; _lscache_vary=0ecd605272207d647f0e0abe9c8f5436; __cf_bm=k0RHtuogg7Q.SiLLtBkkaN4VLOydeuZ52LAqY65OGEQ-1670299929-0-AQj6mnWefyvAfCLheHauSBvzfZVb0e06y8PDKcrMvo5r2InqazXZmHxzbYngaYV1V2jOlPUhwEErocz38a2YVLxVR/bUt4G7JQBufvkGyavM58EB/krMFxaQwiWzVoRkxVmAz2f8EWzb8ralsDbX0B8=; _ga_94998W1T93=GS1.1.1670299927.1.1.1670299928.0.0.0; _ga=GA1.3.1108594418.1670299927; _gid=GA1.3.1984919085.1670299927; _gat_gtag_UA_117111585_4=1
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
date: Tue, 06 Dec 2022 04:12:12 GMT
content-type: image/webp
content-length: 24064
cache-control: public, max-age=31557600
expires: Tue, 05 Dec 2023 09:59:53 GMT
last-modified: Mon, 28 Nov 2022 14:11:49 GMT
vary: User-Agent,User-Agent, Accept-Encoding
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-turbo-charged-by: LiteSpeed
cf-cache-status: HIT
age: 63741
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=vIjfXPGkXeH17ZVikkUopYqf0U7Lo%2B9jNwChJmh8NLXXOuJdQGmCFrS%2FDO%2FmHmdayhKIStsqEszh7WVdexSxtcTz2g6SPR2izfJvTYo03kRO4Nm505agibOxyl43JA7ns5kxKQ%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 77522e911a01b515-OSL
X-Firefox-Spdy: h2
post.bemcon.co.uk/wp-content/uploads/2021/09/Truly-Nolen-Food-Safety-L4-2021-300x300.jpg.webp
188.114.96.1200 OK 22 kB URL HTTP/2 post.bemcon.co.uk/wp-content/uploads/2021/09/Truly-Nolen-Food-Safety-L4-2021-300x300.jpg.webp
IP 188.114.96.1:0
File type RIFF (little-endian) data, Web/P image, VP8 encoding, 300x300, Scaling: [none]x[none], YUV color, decoders should clamp\012- data
Hash 81b30d347f65d02d3f10571ce627a54b
91995d6aa7d6830ba2d71afce49198e55f48457c
7f6044367d8689c1b9ef8731be1dec4071dc6afae669236ade6313000f1b5bab
Analyzer Verdict Alert fortinet Phishing
GET /wp-content/uploads/2021/09/Truly-Nolen-Food-Safety-L4-2021-300x300.jpg.webp HTTP/1.1
Host: post.bemcon.co.uk
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://post.bemcon.co.uk/root-cause-analysis-rca/
Cookie: mailster=2f95e62ec15c593170a6e78f89436dad; _lscache_vary=0ecd605272207d647f0e0abe9c8f5436; __cf_bm=k0RHtuogg7Q.SiLLtBkkaN4VLOydeuZ52LAqY65OGEQ-1670299929-0-AQj6mnWefyvAfCLheHauSBvzfZVb0e06y8PDKcrMvo5r2InqazXZmHxzbYngaYV1V2jOlPUhwEErocz38a2YVLxVR/bUt4G7JQBufvkGyavM58EB/krMFxaQwiWzVoRkxVmAz2f8EWzb8ralsDbX0B8=; _ga_94998W1T93=GS1.1.1670299927.1.1.1670299928.0.0.0; _ga=GA1.3.1108594418.1670299927; _gid=GA1.3.1984919085.1670299927; _gat_gtag_UA_117111585_4=1
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
date: Tue, 06 Dec 2022 04:12:12 GMT
content-type: image/webp
content-length: 22328
cache-control: public, max-age=31557600
expires: Tue, 05 Dec 2023 09:59:53 GMT
last-modified: Mon, 28 Nov 2022 14:15:20 GMT
vary: User-Agent,User-Agent, Accept-Encoding
x-content-type-options: nosniff
x-turbo-charged-by: LiteSpeed
cf-cache-status: HIT
age: 63741
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=3bPG%2F73EDaV42EzlQUcp2svVp1CQo22psu6f6Rz3y7ntB527mSmetgtujT1o9DUQeSlWu2dbaXY%2BH3xBplDkhhO%2FE%2FNYKhk%2B8wibWJzO3hHy5ptsJrkB9TSNSisUBG2kQX8KHw%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 77522e911a03b515-OSL
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
post.bemcon.co.uk/wp-content/uploads/2020/07/Food-Safety-Level-3-SFDA-Dec-2020-300x300.png.webp
188.114.96.1200 OK 31 kB URL HTTP/2 post.bemcon.co.uk/wp-content/uploads/2020/07/Food-Safety-Level-3-SFDA-Dec-2020-300x300.png.webp
IP 188.114.96.1:0
File type RIFF (little-endian) data, Web/P image, VP8 encoding, 300x300, Scaling: [none]x[none], YUV color, decoders should clamp\012- data
Hash ed1cf9be6942815cde239b103da60352
bcb087d18ee20fff3a59810c70ce2adfecf6b4b4
ab5c4175fa307a1808fdde0a1c55b4f36dc5fefe7df2409b9a68eaf1d9a809c5
Analyzer Verdict Alert fortinet Phishing
GET /wp-content/uploads/2020/07/Food-Safety-Level-3-SFDA-Dec-2020-300x300.png.webp HTTP/1.1
Host: post.bemcon.co.uk
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://post.bemcon.co.uk/root-cause-analysis-rca/
Cookie: mailster=2f95e62ec15c593170a6e78f89436dad; _lscache_vary=0ecd605272207d647f0e0abe9c8f5436; __cf_bm=k0RHtuogg7Q.SiLLtBkkaN4VLOydeuZ52LAqY65OGEQ-1670299929-0-AQj6mnWefyvAfCLheHauSBvzfZVb0e06y8PDKcrMvo5r2InqazXZmHxzbYngaYV1V2jOlPUhwEErocz38a2YVLxVR/bUt4G7JQBufvkGyavM58EB/krMFxaQwiWzVoRkxVmAz2f8EWzb8ralsDbX0B8=; _ga_94998W1T93=GS1.1.1670299927.1.1.1670299928.0.0.0; _ga=GA1.3.1108594418.1670299927; _gid=GA1.3.1984919085.1670299927; _gat_gtag_UA_117111585_4=1
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
date: Tue, 06 Dec 2022 04:12:12 GMT
content-type: image/webp
content-length: 30686
cache-control: public, max-age=31557600
expires: Sat, 02 Dec 2023 12:45:43 GMT
last-modified: Mon, 28 Nov 2022 15:01:50 GMT
vary: User-Agent,User-Agent, Accept-Encoding
x-content-type-options: nosniff
x-turbo-charged-by: LiteSpeed
cf-cache-status: HIT
age: 63741
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=bj3WM15aA%2Bialhjp5XAda1WeFJFqmjnnmqjP4YNvOAn65H%2BKScM8izMJ8V2jW6YmtDNECEwYAW1y4f7mehshdwoKaG5AEcNh6TVz14yygChGai6%2BZWI4W6NgC58sKE8qt%2FuKyQ%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 77522e911a05b515-OSL
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
post.bemcon.co.uk/wp-content/uploads/2020/07/BRCS-header-1-300x300.jpg.webp
188.114.96.1200 OK 16 kB URL HTTP/2 post.bemcon.co.uk/wp-content/uploads/2020/07/BRCS-header-1-300x300.jpg.webp
IP 188.114.96.1:0
File type RIFF (little-endian) data, Web/P image, VP8 encoding, 300x300, Scaling: [none]x[none], YUV color, decoders should clamp\012- data
Hash 0fb5afd47d296d96ba83d8b6ff0993c2
737c10b3d6375c5d73b4ce790d45b69fef712073
24b1307b0616e03d3a833e565fcd44424c3633162e129bbc641cb2ab93fa0189
Analyzer Verdict Alert fortinet Phishing
GET /wp-content/uploads/2020/07/BRCS-header-1-300x300.jpg.webp HTTP/1.1
Host: post.bemcon.co.uk
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://post.bemcon.co.uk/root-cause-analysis-rca/
Cookie: mailster=2f95e62ec15c593170a6e78f89436dad; _lscache_vary=0ecd605272207d647f0e0abe9c8f5436; __cf_bm=k0RHtuogg7Q.SiLLtBkkaN4VLOydeuZ52LAqY65OGEQ-1670299929-0-AQj6mnWefyvAfCLheHauSBvzfZVb0e06y8PDKcrMvo5r2InqazXZmHxzbYngaYV1V2jOlPUhwEErocz38a2YVLxVR/bUt4G7JQBufvkGyavM58EB/krMFxaQwiWzVoRkxVmAz2f8EWzb8ralsDbX0B8=; _ga_94998W1T93=GS1.1.1670299927.1.1.1670299928.0.0.0; _ga=GA1.3.1108594418.1670299927; _gid=GA1.3.1984919085.1670299927; _gat_gtag_UA_117111585_4=1
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
date: Tue, 06 Dec 2022 04:12:12 GMT
content-type: image/webp
content-length: 16326
cache-control: public, max-age=31557600
expires: Tue, 28 Nov 2023 22:44:28 GMT
last-modified: Mon, 28 Nov 2022 16:40:22 GMT
vary: User-Agent,User-Agent, Accept-Encoding
x-content-type-options: nosniff
x-turbo-charged-by: LiteSpeed
cf-cache-status: HIT
age: 63741
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=wQeCpvG7b%2FnMr1kD2ZLTOXK529E49SbAXu204vNAKVb0XXFQSMNsKOWmiW5kLLVLfPdJACurPwAcBv1rbijNHkhIumH%2B%2FhMhQP3hOg3YrJHomkBxpOnxrAdav5UtQwyYoqf%2Fyw%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 77522e912a06b515-OSL
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
post.bemcon.co.uk/wp-content/uploads/2020/10/IFS-Food-Safety-Version-7-Mail-1-300x300.png.webp
188.114.96.1200 OK 22 kB URL HTTP/2 post.bemcon.co.uk/wp-content/uploads/2020/10/IFS-Food-Safety-Version-7-Mail-1-300x300.png.webp
IP 188.114.96.1:0
File type RIFF (little-endian) data, Web/P image, VP8 encoding, 300x300, Scaling: [none]x[none], YUV color, decoders should clamp\012- data
Hash 9af92f22bf26b096f92ac5233fe3b881
371d469b51f1d14fd3455b98937497073c53c789
9e9e48c98e4bda2060c47accb82560804ccc839d8f78ea9b8595103ebb7c18c8
Analyzer Verdict Alert fortinet Phishing
GET /wp-content/uploads/2020/10/IFS-Food-Safety-Version-7-Mail-1-300x300.png.webp HTTP/1.1
Host: post.bemcon.co.uk
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://post.bemcon.co.uk/root-cause-analysis-rca/
Cookie: mailster=2f95e62ec15c593170a6e78f89436dad; _lscache_vary=0ecd605272207d647f0e0abe9c8f5436; __cf_bm=k0RHtuogg7Q.SiLLtBkkaN4VLOydeuZ52LAqY65OGEQ-1670299929-0-AQj6mnWefyvAfCLheHauSBvzfZVb0e06y8PDKcrMvo5r2InqazXZmHxzbYngaYV1V2jOlPUhwEErocz38a2YVLxVR/bUt4G7JQBufvkGyavM58EB/krMFxaQwiWzVoRkxVmAz2f8EWzb8ralsDbX0B8=; _ga_94998W1T93=GS1.1.1670299927.1.1.1670299928.0.0.0; _ga=GA1.3.1108594418.1670299927; _gid=GA1.3.1984919085.1670299927; _gat_gtag_UA_117111585_4=1
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
date: Tue, 06 Dec 2022 04:12:12 GMT
content-type: image/webp
content-length: 22010
cache-control: public, max-age=31557600
expires: Tue, 28 Nov 2023 21:43:14 GMT
last-modified: Mon, 28 Nov 2022 15:02:12 GMT
vary: User-Agent,User-Agent, Accept-Encoding
x-content-type-options: nosniff
x-turbo-charged-by: LiteSpeed
cf-cache-status: HIT
age: 63741
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=8ZrlsytKwacVmkcFQ2YPx9mpFcDwNeVDN6ELJO9umkg4hvvio7hR8fnCrhn0jxl9htBBw3DUTwuYara1wxAQjuledwh2txmVI2iwn17%2BG157btKH8r2nHow4jVcjQtZE80ifLw%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 77522e912a07b515-OSL
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
post.bemcon.co.uk/wp-content/uploads/2020/10/Level-6-Award-in-First-Aid-at-Work-300x300.png.webp
188.114.96.1200 OK 23 kB URL HTTP/2 post.bemcon.co.uk/wp-content/uploads/2020/10/Level-6-Award-in-First-Aid-at-Work-300x300.png.webp
IP 188.114.96.1:0
File type RIFF (little-endian) data, Web/P image, VP8 encoding, 300x300, Scaling: [none]x[none], YUV color, decoders should clamp\012- data
Hash 65099fa00fe97a423f72ee03b6b8e3c5
666c0afe70e85e53bba7fb93d47c75e4b7f5f7b0
d71c51898826679c8e0200f70d9162964371113ef516a2818e2c4aa0849251c5
Analyzer Verdict Alert fortinet Phishing
GET /wp-content/uploads/2020/10/Level-6-Award-in-First-Aid-at-Work-300x300.png.webp HTTP/1.1
Host: post.bemcon.co.uk
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://post.bemcon.co.uk/root-cause-analysis-rca/
Cookie: mailster=2f95e62ec15c593170a6e78f89436dad; _lscache_vary=0ecd605272207d647f0e0abe9c8f5436; __cf_bm=k0RHtuogg7Q.SiLLtBkkaN4VLOydeuZ52LAqY65OGEQ-1670299929-0-AQj6mnWefyvAfCLheHauSBvzfZVb0e06y8PDKcrMvo5r2InqazXZmHxzbYngaYV1V2jOlPUhwEErocz38a2YVLxVR/bUt4G7JQBufvkGyavM58EB/krMFxaQwiWzVoRkxVmAz2f8EWzb8ralsDbX0B8=; _ga_94998W1T93=GS1.1.1670299927.1.1.1670299928.0.0.0; _ga=GA1.3.1108594418.1670299927; _gid=GA1.3.1984919085.1670299927; _gat_gtag_UA_117111585_4=1
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
date: Tue, 06 Dec 2022 04:12:12 GMT
content-type: image/webp
content-length: 22796
cache-control: public, max-age=31557600
expires: Tue, 28 Nov 2023 21:43:14 GMT
last-modified: Mon, 28 Nov 2022 15:05:57 GMT
vary: User-Agent,User-Agent, Accept-Encoding
x-content-type-options: nosniff
x-turbo-charged-by: LiteSpeed
cf-cache-status: HIT
age: 63741
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=HuWw4tNLQVh%2FzY7oYtqzVAeCVHFSPcXnJihpUXHko9SrLWTqMK6%2BAMz%2F%2BvTew9fVHp98%2FfXlNZOIDhICOgFVSMdHMudE7tPiXGZUrcSTMs5dpTq29V%2B%2FVe5TrsV5Iy%2B4LouR3A%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 77522e912a0cb515-OSL
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
post.bemcon.co.uk/wp-content/uploads/2020/10/Level-2-Award-in-Fire-Safety-Principles-300x300.png.webp
188.114.96.1200 OK 31 kB URL HTTP/2 post.bemcon.co.uk/wp-content/uploads/2020/10/Level-2-Award-in-Fire-Safety-Principles-300x300.png.webp
IP 188.114.96.1:0
File type RIFF (little-endian) data, Web/P image, VP8 encoding, 300x300, Scaling: [none]x[none], YUV color, decoders should clamp\012- data
Hash ac472b9fca7fe98edd077bebd5ebbc41
15f952431637e7d950058c4cad975cb6d5f7237e
e70872efa285d6f6e26edb920f767faeb425767c2c461fb5bc547f9cd1a25086
Analyzer Verdict Alert fortinet Phishing
GET /wp-content/uploads/2020/10/Level-2-Award-in-Fire-Safety-Principles-300x300.png.webp HTTP/1.1
Host: post.bemcon.co.uk
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://post.bemcon.co.uk/root-cause-analysis-rca/
Cookie: mailster=2f95e62ec15c593170a6e78f89436dad; _lscache_vary=0ecd605272207d647f0e0abe9c8f5436; __cf_bm=k0RHtuogg7Q.SiLLtBkkaN4VLOydeuZ52LAqY65OGEQ-1670299929-0-AQj6mnWefyvAfCLheHauSBvzfZVb0e06y8PDKcrMvo5r2InqazXZmHxzbYngaYV1V2jOlPUhwEErocz38a2YVLxVR/bUt4G7JQBufvkGyavM58EB/krMFxaQwiWzVoRkxVmAz2f8EWzb8ralsDbX0B8=; _ga_94998W1T93=GS1.1.1670299927.1.1.1670299928.0.0.0; _ga=GA1.3.1108594418.1670299927; _gid=GA1.3.1984919085.1670299927; _gat_gtag_UA_117111585_4=1
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
date: Tue, 06 Dec 2022 04:12:12 GMT
content-type: image/webp
content-length: 30894
cache-control: public, max-age=31557600
expires: Mon, 04 Dec 2023 13:33:47 GMT
last-modified: Mon, 28 Nov 2022 15:06:15 GMT
vary: User-Agent,User-Agent, Accept-Encoding
x-content-type-options: nosniff
x-turbo-charged-by: LiteSpeed
cf-cache-status: HIT
age: 63741
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=4eWdSLN6yasMiZ3uxoSwRPkEAkKTTHUCOYvN6dR4k0VLneg2D92e4rBG8mZjD2fIftC8swyqCeCSP5yfOcyBmHNKEzimDi9kaX9SkeYy0ygebdLQZd18kkOJp7OUEqs1SOaQ4w%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 77522e913a0eb515-OSL
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
post.bemcon.co.uk/wp-content/uploads/2020/09/ISO-14001-2015-EMS-45001-2018-OHSMS-Oct-2020-Mail-300x300.png.webp
188.114.96.1200 OK 25 kB URL HTTP/2 post.bemcon.co.uk/wp-content/uploads/2020/09/ISO-14001-2015-EMS-45001-2018-OHSMS-Oct-2020-Mail-300x300.png.webp
IP 188.114.96.1:0
File type RIFF (little-endian) data, Web/P image\012- data
Hash cb3cddbab5b1d57142daf4f91cdb2e3e
1d961c38cc00562c00410e38958eb98f68dbdf75
f2593f70fc27232b1d5f08000292b0417570ff434bc05775c87fbf7e7976d39c
Analyzer Verdict Alert fortinet Phishing
GET /wp-content/uploads/2020/09/ISO-14001-2015-EMS-45001-2018-OHSMS-Oct-2020-Mail-300x300.png.webp HTTP/1.1
Host: post.bemcon.co.uk
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://post.bemcon.co.uk/root-cause-analysis-rca/
Cookie: mailster=2f95e62ec15c593170a6e78f89436dad; _lscache_vary=0ecd605272207d647f0e0abe9c8f5436; __cf_bm=k0RHtuogg7Q.SiLLtBkkaN4VLOydeuZ52LAqY65OGEQ-1670299929-0-AQj6mnWefyvAfCLheHauSBvzfZVb0e06y8PDKcrMvo5r2InqazXZmHxzbYngaYV1V2jOlPUhwEErocz38a2YVLxVR/bUt4G7JQBufvkGyavM58EB/krMFxaQwiWzVoRkxVmAz2f8EWzb8ralsDbX0B8=; _ga_94998W1T93=GS1.1.1670299927.1.1.1670299928.0.0.0; _ga=GA1.3.1108594418.1670299927; _gid=GA1.3.1984919085.1670299927; _gat_gtag_UA_117111585_4=1
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
date: Tue, 06 Dec 2022 04:12:12 GMT
content-type: image/webp
content-length: 24966
cache-control: public, max-age=31557600
expires: Tue, 28 Nov 2023 21:43:14 GMT
last-modified: Mon, 28 Nov 2022 15:06:34 GMT
vary: User-Agent,User-Agent, Accept-Encoding
x-content-type-options: nosniff
x-turbo-charged-by: LiteSpeed
cf-cache-status: HIT
age: 63741
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=lJzlVEpgu0VSJ6AvhJ5SecqIOfnaRpkoSJnRFZkvE0UVW5%2FyClbH5z3MrQx6znXPKQRYsqDzaelKWsXoeFSltyFoVPiibleNt8PdX5k9tXBgwo8sMxSM6y3%2BI44GO8sUle4e0Q%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 77522e913a11b515-OSL
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
post.bemcon.co.uk/wp-content/uploads/2020/09/Health-Safety-Accomodations-Mail-300x300.png.webp
188.114.96.1200 OK 27 kB URL HTTP/2 post.bemcon.co.uk/wp-content/uploads/2020/09/Health-Safety-Accomodations-Mail-300x300.png.webp
IP 188.114.96.1:0
File type RIFF (little-endian) data, Web/P image\012- data
Hash 729c13ae885c021207d6fe662793f9da
e1c8f2ad7e1126ac04f6970168d8fdab2a1bdafc
27dd56f4ceb1c5238fcf2befb725444baeabf01ee3c8edf2ee4f18bcee1e6298
Analyzer Verdict Alert fortinet Phishing
GET /wp-content/uploads/2020/09/Health-Safety-Accomodations-Mail-300x300.png.webp HTTP/1.1
Host: post.bemcon.co.uk
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://post.bemcon.co.uk/root-cause-analysis-rca/
Cookie: mailster=2f95e62ec15c593170a6e78f89436dad; _lscache_vary=0ecd605272207d647f0e0abe9c8f5436; __cf_bm=k0RHtuogg7Q.SiLLtBkkaN4VLOydeuZ52LAqY65OGEQ-1670299929-0-AQj6mnWefyvAfCLheHauSBvzfZVb0e06y8PDKcrMvo5r2InqazXZmHxzbYngaYV1V2jOlPUhwEErocz38a2YVLxVR/bUt4G7JQBufvkGyavM58EB/krMFxaQwiWzVoRkxVmAz2f8EWzb8ralsDbX0B8=; _ga_94998W1T93=GS1.1.1670299927.1.1.1670299928.0.0.0; _ga=GA1.3.1108594418.1670299927; _gid=GA1.3.1984919085.1670299927; _gat_gtag_UA_117111585_4=1
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
date: Tue, 06 Dec 2022 04:12:12 GMT
content-type: image/webp
content-length: 27014
cache-control: public, max-age=31557600
expires: Tue, 28 Nov 2023 21:43:14 GMT
last-modified: Mon, 28 Nov 2022 15:09:55 GMT
vary: User-Agent,User-Agent, Accept-Encoding
x-content-type-options: nosniff
x-turbo-charged-by: LiteSpeed
cf-cache-status: HIT
age: 63741
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=fVSdl1pSmvA%2FxEH1X7L0MsYdHIhkiNi3wMBufmUi1mKdSHRervIBOucOVg4FA5kDvJT1q6qEl8ud2BQd7fmoU73pHeoUIhBRsMwRJvogeSDWsDJKWRYx5xxIUXRWa8JNn17EuA%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 77522e913a12b515-OSL
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
post.bemcon.co.uk/wp-content/uploads/2020/09/ISO-22301-2019-Business-Continuity-Manager-Dec-2020-300x300.jpg.webp
188.114.96.1200 OK 27 kB URL HTTP/2 post.bemcon.co.uk/wp-content/uploads/2020/09/ISO-22301-2019-Business-Continuity-Manager-Dec-2020-300x300.jpg.webp
IP 188.114.96.1:0
File type RIFF (little-endian) data, Web/P image, VP8 encoding, 300x300, Scaling: [none]x[none], YUV color, decoders should clamp\012- data
Hash 0e1bf31ed06afc171ef5dbc8b8e2ebe0
9a8cd884a751d648760a5d624a297041ec6889ea
2bf7386950acdc093d7bcf85d14c2bf6d8cc4dc1e607c51b33d627d6c901bcbf
Analyzer Verdict Alert fortinet Phishing
GET /wp-content/uploads/2020/09/ISO-22301-2019-Business-Continuity-Manager-Dec-2020-300x300.jpg.webp HTTP/1.1
Host: post.bemcon.co.uk
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://post.bemcon.co.uk/root-cause-analysis-rca/
Cookie: mailster=2f95e62ec15c593170a6e78f89436dad; _lscache_vary=0ecd605272207d647f0e0abe9c8f5436; __cf_bm=k0RHtuogg7Q.SiLLtBkkaN4VLOydeuZ52LAqY65OGEQ-1670299929-0-AQj6mnWefyvAfCLheHauSBvzfZVb0e06y8PDKcrMvo5r2InqazXZmHxzbYngaYV1V2jOlPUhwEErocz38a2YVLxVR/bUt4G7JQBufvkGyavM58EB/krMFxaQwiWzVoRkxVmAz2f8EWzb8ralsDbX0B8=; _ga_94998W1T93=GS1.1.1670299927.1.1.1670299928.0.0.0; _ga=GA1.3.1108594418.1670299927; _gid=GA1.3.1984919085.1670299927; _gat_gtag_UA_117111585_4=1
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
date: Tue, 06 Dec 2022 04:12:12 GMT
content-type: image/webp
content-length: 26712
cache-control: public, max-age=31557600
expires: Tue, 28 Nov 2023 22:44:28 GMT
last-modified: Mon, 28 Nov 2022 16:01:25 GMT
vary: User-Agent,User-Agent, Accept-Encoding
x-content-type-options: nosniff
x-turbo-charged-by: LiteSpeed
cf-cache-status: HIT
age: 63741
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=%2BAXUohQ%2Budo8Y7iCHvfzui0fcPzRVVA8R1XwF2hSSC4G5uLplly3bGyKtKetcbEaRrRWq1pwG2TF%2FIEhbQpvNpYDdjVe4%2BBeaHAj5wQi8yGaBHeHpTsdZEbOZQtrCpD9G3ZH4Q%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 77522e913a15b515-OSL
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
post.bemcon.co.uk/wp-content/uploads/2020/09/ISO-55001-2014-Asset-Management-Dec-2020-300x300.jpg.webp
188.114.96.1200 OK 23 kB URL HTTP/2 post.bemcon.co.uk/wp-content/uploads/2020/09/ISO-55001-2014-Asset-Management-Dec-2020-300x300.jpg.webp
IP 188.114.96.1:0
File type RIFF (little-endian) data, Web/P image, VP8 encoding, 300x300, Scaling: [none]x[none], YUV color, decoders should clamp\012- data
Hash b6d72fd74a9dfcb6c7f37adcb4e1442b
a6eebd81867b9627e30ed42025190508ed7d074e
819c047e9db83e01985df7829603d15dd6b2243b16273bd25fe81fe10cad8055
Analyzer Verdict Alert fortinet Phishing
GET /wp-content/uploads/2020/09/ISO-55001-2014-Asset-Management-Dec-2020-300x300.jpg.webp HTTP/1.1
Host: post.bemcon.co.uk
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://post.bemcon.co.uk/root-cause-analysis-rca/
Cookie: mailster=2f95e62ec15c593170a6e78f89436dad; _lscache_vary=0ecd605272207d647f0e0abe9c8f5436; __cf_bm=k0RHtuogg7Q.SiLLtBkkaN4VLOydeuZ52LAqY65OGEQ-1670299929-0-AQj6mnWefyvAfCLheHauSBvzfZVb0e06y8PDKcrMvo5r2InqazXZmHxzbYngaYV1V2jOlPUhwEErocz38a2YVLxVR/bUt4G7JQBufvkGyavM58EB/krMFxaQwiWzVoRkxVmAz2f8EWzb8ralsDbX0B8=; _ga_94998W1T93=GS1.1.1670299927.1.1.1670299928.0.0.0; _ga=GA1.3.1108594418.1670299927; _gid=GA1.3.1984919085.1670299927; _gat_gtag_UA_117111585_4=1
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
date: Tue, 06 Dec 2022 04:12:12 GMT
content-type: image/webp
content-length: 23266
cache-control: public, max-age=31557600
expires: Tue, 28 Nov 2023 22:44:28 GMT
last-modified: Mon, 28 Nov 2022 16:04:35 GMT
vary: User-Agent,User-Agent, Accept-Encoding
x-content-type-options: nosniff
x-turbo-charged-by: LiteSpeed
cf-cache-status: HIT
age: 63741
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=VBkyNvj26TvWyF%2F2bA4erZcHD0TbMeQNf0VZQyuDifejwkOHNMq2I6EBT7EXquNwHcRpxMVS9ROG0GZjT70pssdjQXO60thQYvdgcCakon3Iqg7mym1c5eiegdz7Y7ZL8RnAkQ%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 77522e913a16b515-OSL
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
post.bemcon.co.uk/wp-includes/js/jquery/jquery.min.js
188.114.96.1200 OK 47 kB URL HTTP/2 post.bemcon.co.uk/wp-includes/js/jquery/jquery.min.js
IP 188.114.96.1:0
File type JSON data\012- , ASCII text, with no line terminators
Hash 0f4f2a6ba6b8261c820bc4c5764a4486
11c2505072ed243ca0a893ca27904adca59d04c1
f4f9d05d6647695a9a3081a42916565f162ae7f27559a9e81d0f22ea50a44e6f
Analyzer Verdict Alert fortinet Phishing
GET /wp-includes/js/jquery/jquery.min.js HTTP/1.1
Host: post.bemcon.co.uk
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://post.bemcon.co.uk/root-cause-analysis-rca/
Cookie: mailster=2f95e62ec15c593170a6e78f89436dad; _lscache_vary=0ecd605272207d647f0e0abe9c8f5436; __cf_bm=k0RHtuogg7Q.SiLLtBkkaN4VLOydeuZ52LAqY65OGEQ-1670299929-0-AQj6mnWefyvAfCLheHauSBvzfZVb0e06y8PDKcrMvo5r2InqazXZmHxzbYngaYV1V2jOlPUhwEErocz38a2YVLxVR/bUt4G7JQBufvkGyavM58EB/krMFxaQwiWzVoRkxVmAz2f8EWzb8ralsDbX0B8=
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
date: Tue, 06 Dec 2022 04:12:09 GMT
content-type: application/javascript
cache-control: public, max-age=31557600
expires: Tue, 28 Nov 2023 19:44:17 GMT
last-modified: Mon, 19 Sep 2022 19:46:24 GMT
vary: Accept-Encoding,User-Agent,User-Agent
x-content-type-options: nosniff
x-turbo-charged-by: LiteSpeed
cf-cache-status: HIT
age: 63739
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=vnEuDwQEYfX7I6awd7nyuMPyzkJEqFITbtt87iSO6AyX1ukbO2JQ%2BoT637Byf7ckVZlkOdnjmguYhB1%2FMFTJNlmnNyO1mNFCt1Y1xHK6zw6mBllQPt4M76WZT9xORkudf%2BbbBw%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 77522e7dda5eb515-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
post.bemcon.co.uk/wp-content/uploads/2020/08/Health-Safety-Level-3-HABC-Nov-2020-300x300.jpg.webp
188.114.96.1200 OK 17 kB URL HTTP/2 post.bemcon.co.uk/wp-content/uploads/2020/08/Health-Safety-Level-3-HABC-Nov-2020-300x300.jpg.webp
IP 188.114.96.1:0
File type RIFF (little-endian) data, Web/P image, VP8 encoding, 300x300, Scaling: [none]x[none], YUV color, decoders should clamp\012- data
Hash a2e98c28dd538561443765ea2a9302a0
cb736497b247c6ae6a7ac34323b0b7f294907f01
5a0192a6f86bd6b509d244b1a8c80af7a51384d39ddbc6477178b25573113e49
Analyzer Verdict Alert fortinet Phishing
GET /wp-content/uploads/2020/08/Health-Safety-Level-3-HABC-Nov-2020-300x300.jpg.webp HTTP/1.1
Host: post.bemcon.co.uk
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://post.bemcon.co.uk/root-cause-analysis-rca/
Cookie: mailster=2f95e62ec15c593170a6e78f89436dad; _lscache_vary=0ecd605272207d647f0e0abe9c8f5436; __cf_bm=k0RHtuogg7Q.SiLLtBkkaN4VLOydeuZ52LAqY65OGEQ-1670299929-0-AQj6mnWefyvAfCLheHauSBvzfZVb0e06y8PDKcrMvo5r2InqazXZmHxzbYngaYV1V2jOlPUhwEErocz38a2YVLxVR/bUt4G7JQBufvkGyavM58EB/krMFxaQwiWzVoRkxVmAz2f8EWzb8ralsDbX0B8=; _ga_94998W1T93=GS1.1.1670299927.1.1.1670299928.0.0.0; _ga=GA1.3.1108594418.1670299927; _gid=GA1.3.1984919085.1670299927; _gat_gtag_UA_117111585_4=1
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
date: Tue, 06 Dec 2022 04:12:12 GMT
content-type: image/webp
content-length: 16874
cache-control: public, max-age=31557600
expires: Tue, 28 Nov 2023 22:44:28 GMT
last-modified: Mon, 28 Nov 2022 16:04:59 GMT
vary: User-Agent,User-Agent, Accept-Encoding
x-content-type-options: nosniff
x-turbo-charged-by: LiteSpeed
cf-cache-status: HIT
age: 63741
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=qbOnBE1Ss9ZRYvcxeCBRP8%2BBIhkwuc%2BvNYjvDGfhAPYRZBgcuIcHSnPbzWXp%2FNEhodgMseZ%2FU0urmPbpzxwP28gatT7g1SovG7nPi4b6sv7XFO%2BHP89LFEvYjz1S9vRHJSAq9w%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 77522e914a18b515-OSL
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
post.bemcon.co.uk/wp-content/uploads/2020/08/ISO-50001-Energy-Management-Systems-Jan-2021-300x300.jpg.webp
188.114.96.1200 OK 27 kB URL HTTP/2 post.bemcon.co.uk/wp-content/uploads/2020/08/ISO-50001-Energy-Management-Systems-Jan-2021-300x300.jpg.webp
IP 188.114.96.1:0
File type RIFF (little-endian) data, Web/P image, VP8 encoding, 300x300, Scaling: [none]x[none], YUV color, decoders should clamp\012- data
Hash af1661fd4a602e021357356f1c59b0a5
d7fa2617b7b2cd29b2afa91456270d02d6336f21
60ffb40073cec133186c556a0dc483d27271b7666b84893e701474b88d40345e
Analyzer Verdict Alert fortinet Phishing
GET /wp-content/uploads/2020/08/ISO-50001-Energy-Management-Systems-Jan-2021-300x300.jpg.webp HTTP/1.1
Host: post.bemcon.co.uk
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://post.bemcon.co.uk/root-cause-analysis-rca/
Cookie: mailster=2f95e62ec15c593170a6e78f89436dad; _lscache_vary=0ecd605272207d647f0e0abe9c8f5436; __cf_bm=k0RHtuogg7Q.SiLLtBkkaN4VLOydeuZ52LAqY65OGEQ-1670299929-0-AQj6mnWefyvAfCLheHauSBvzfZVb0e06y8PDKcrMvo5r2InqazXZmHxzbYngaYV1V2jOlPUhwEErocz38a2YVLxVR/bUt4G7JQBufvkGyavM58EB/krMFxaQwiWzVoRkxVmAz2f8EWzb8ralsDbX0B8=; _ga_94998W1T93=GS1.1.1670299927.1.1.1670299928.0.0.0; _ga=GA1.3.1108594418.1670299927; _gid=GA1.3.1984919085.1670299927; _gat_gtag_UA_117111585_4=1
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
date: Tue, 06 Dec 2022 04:12:12 GMT
content-type: image/webp
content-length: 27314
cache-control: public, max-age=31557600
expires: Tue, 05 Dec 2023 09:59:53 GMT
last-modified: Mon, 28 Nov 2022 16:05:23 GMT
vary: User-Agent,User-Agent, Accept-Encoding
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-turbo-charged-by: LiteSpeed
cf-cache-status: HIT
age: 63741
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=BcvPDdE0w%2BtqQs7bndPwAzEPmhPhCxshkVAR1P%2FkLde1oqBmUABfbtzuwpwAHLs3p8wCun0J1Ix3RyVO8OiRXAY1Psh6YFwpcCSoTh5349iKFzxlUCaymwiMxnl9J2hZxESzXg%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 77522e914a19b515-OSL
X-Firefox-Spdy: h2
post.bemcon.co.uk/wp-content/uploads/2020/08/ISO-28000-2007-Supply-Chain-Security-Manager-Nov-2020-1-300x300.jpg.webp
188.114.96.1200 OK 31 kB URL HTTP/2 post.bemcon.co.uk/wp-content/uploads/2020/08/ISO-28000-2007-Supply-Chain-Security-Manager-Nov-2020-1-300x300.jpg.webp
IP 188.114.96.1:0
File type RIFF (little-endian) data, Web/P image, VP8 encoding, 300x300, Scaling: [none]x[none], YUV color, decoders should clamp\012- data
Hash a971943552483f7bcf4fae247c518d36
6fb82bf20c39936d6a528233a39b13f8a95fc2ce
2289b5bf4834509f92343a447e6143bb82679de28c3883cec16359754fec0e5d
Analyzer Verdict Alert fortinet Phishing
GET /wp-content/uploads/2020/08/ISO-28000-2007-Supply-Chain-Security-Manager-Nov-2020-1-300x300.jpg.webp HTTP/1.1
Host: post.bemcon.co.uk
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://post.bemcon.co.uk/root-cause-analysis-rca/
Cookie: mailster=2f95e62ec15c593170a6e78f89436dad; _lscache_vary=0ecd605272207d647f0e0abe9c8f5436; __cf_bm=k0RHtuogg7Q.SiLLtBkkaN4VLOydeuZ52LAqY65OGEQ-1670299929-0-AQj6mnWefyvAfCLheHauSBvzfZVb0e06y8PDKcrMvo5r2InqazXZmHxzbYngaYV1V2jOlPUhwEErocz38a2YVLxVR/bUt4G7JQBufvkGyavM58EB/krMFxaQwiWzVoRkxVmAz2f8EWzb8ralsDbX0B8=; _ga_94998W1T93=GS1.1.1670299927.1.1.1670299928.0.0.0; _ga=GA1.3.1108594418.1670299927; _gid=GA1.3.1984919085.1670299927; _gat_gtag_UA_117111585_4=1
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
date: Tue, 06 Dec 2022 04:12:12 GMT
content-type: image/webp
content-length: 31340
cache-control: public, max-age=31557600
expires: Sun, 03 Dec 2023 02:01:06 GMT
last-modified: Mon, 28 Nov 2022 16:11:24 GMT
vary: User-Agent,User-Agent, Accept-Encoding
x-content-type-options: nosniff
x-turbo-charged-by: LiteSpeed
cf-cache-status: HIT
age: 63741
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=fqsFgPoBVxH10%2BuZZ2%2FyYnVTeWC5dfn1ySIASMwFMo3r%2FAK3ftE1%2BZ6nYtd%2FqhgGBx%2Bb4xFgjB70FJZbqhIe9lCuKHrqUdcj02l6%2BDO4yuaStyhTBMzmo2IWmcDC%2B4MbvU0spg%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 77522e914a1ab515-OSL
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
post.bemcon.co.uk/wp-content/litespeed/js/bfe652e3000f93af5559473223cb41bb.js?ver=8085f
188.114.96.1200 OK 247 kB URL HTTP/2 post.bemcon.co.uk/wp-content/litespeed/js/bfe652e3000f93af5559473223cb41bb.js?ver=8085f
IP 188.114.96.1:0
File type Unicode text, UTF-8 text, with very long lines (31987)
Size 247 kB (246955 bytes)
Hash 38f0def965b88665477df12a42840cd5
f251dce8cc0367c7911259f6125a25e4064a6101
0b0f7436474fd75a723df8c43087534a2fd275edb2d52172a87551c30a437c99
GET /wp-content/litespeed/js/bfe652e3000f93af5559473223cb41bb.js?ver=8085f HTTP/1.1
Host: post.bemcon.co.uk
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://post.bemcon.co.uk/root-cause-analysis-rca/
Cookie: mailster=2f95e62ec15c593170a6e78f89436dad; _lscache_vary=0ecd605272207d647f0e0abe9c8f5436; __cf_bm=k0RHtuogg7Q.SiLLtBkkaN4VLOydeuZ52LAqY65OGEQ-1670299929-0-AQj6mnWefyvAfCLheHauSBvzfZVb0e06y8PDKcrMvo5r2InqazXZmHxzbYngaYV1V2jOlPUhwEErocz38a2YVLxVR/bUt4G7JQBufvkGyavM58EB/krMFxaQwiWzVoRkxVmAz2f8EWzb8ralsDbX0B8=; _ga_94998W1T93=GS1.1.1670299927.1.0.1670299927.0.0.0; _ga=GA1.3.1108594418.1670299927; _gid=GA1.3.1984919085.1670299927; _gat_gtag_UA_117111585_4=1
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
date: Tue, 06 Dec 2022 04:12:10 GMT
content-type: application/javascript
cache-control: public, max-age=31557600
expires: Wed, 06 Dec 2023 10:12:10 GMT
last-modified: Tue, 06 Dec 2022 03:42:41 GMT
vary: Accept-Encoding,User-Agent,User-Agent
x-content-type-options: nosniff
x-turbo-charged-by: LiteSpeed
cf-cache-status: MISS
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=W2e0gIQcaPUJOE0O%2FlMQcA7vG8PD2JNA2v1uVrXC1owgmKPXOqiPv1tJVQNDXHvZflvfIvPgFG1ixY0q3LZNXCFslM4KMAf9a1MHQsrdM2qnT0wAaH93BJJZaOlzQgwnc%2BZYIg%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 77522e83bca3b515-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
post.bemcon.co.uk/wp-content/uploads/2020/08/STRATEGIC-Thinking-BEMCON-Jan-2021-300x300.jpg.webp
188.114.96.1200 OK 24 kB URL HTTP/2 post.bemcon.co.uk/wp-content/uploads/2020/08/STRATEGIC-Thinking-BEMCON-Jan-2021-300x300.jpg.webp
IP 188.114.96.1:0
File type RIFF (little-endian) data, Web/P image, VP8 encoding, 300x300, Scaling: [none]x[none], YUV color, decoders should clamp\012- data
Hash 52841cd791f4f4f693ad64217666b636
135c498125d476286fccf408dc94c7f8c180b006
80030c47d604fff9783d1faf7318250238422524e2829ea8d9b06fd82c05c516
Analyzer Verdict Alert fortinet Phishing
GET /wp-content/uploads/2020/08/STRATEGIC-Thinking-BEMCON-Jan-2021-300x300.jpg.webp HTTP/1.1
Host: post.bemcon.co.uk
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://post.bemcon.co.uk/root-cause-analysis-rca/
Cookie: mailster=2f95e62ec15c593170a6e78f89436dad; _lscache_vary=0ecd605272207d647f0e0abe9c8f5436; __cf_bm=k0RHtuogg7Q.SiLLtBkkaN4VLOydeuZ52LAqY65OGEQ-1670299929-0-AQj6mnWefyvAfCLheHauSBvzfZVb0e06y8PDKcrMvo5r2InqazXZmHxzbYngaYV1V2jOlPUhwEErocz38a2YVLxVR/bUt4G7JQBufvkGyavM58EB/krMFxaQwiWzVoRkxVmAz2f8EWzb8ralsDbX0B8=; _ga_94998W1T93=GS1.1.1670299927.1.1.1670299928.0.0.0; _ga=GA1.3.1108594418.1670299927; _gid=GA1.3.1984919085.1670299927; _gat_gtag_UA_117111585_4=1
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
date: Tue, 06 Dec 2022 04:12:12 GMT
content-type: image/webp
content-length: 24418
cache-control: public, max-age=31557600
expires: Tue, 05 Dec 2023 09:59:53 GMT
last-modified: Mon, 28 Nov 2022 16:11:50 GMT
vary: User-Agent,User-Agent, Accept-Encoding
x-content-type-options: nosniff
x-turbo-charged-by: LiteSpeed
cf-cache-status: HIT
age: 63741
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=5J3tfeAGw%2FNqhWUNTIeVvl%2B8VYnxU%2FIRSb79OoQ4M7FAaymc6d6y744LxmDIlDHAFpmXsZpjbAarfNmWP%2BJm3di1pouFafnc0BrEPzveblTpXtofFQMYjsHmEW2DgySCCloHiQ%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 77522e915a21b515-OSL
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
post.bemcon.co.uk/wp-content/uploads/2020/08/FMEA-Risk-Management-BEMCON-300x300.jpg.webp
188.114.96.1200 OK 17 kB URL HTTP/2 post.bemcon.co.uk/wp-content/uploads/2020/08/FMEA-Risk-Management-BEMCON-300x300.jpg.webp
IP 188.114.96.1:0
File type RIFF (little-endian) data, Web/P image, VP8 encoding, 300x300, Scaling: [none]x[none], YUV color, decoders should clamp\012- data
Hash 36530b5668603e70d54dd596f155808c
f346c683a49826b7cb1db988dc92610fe5c720a5
e09702f7444d240cbb596e8712da096d8ecc17b197f74950019f819a4ace1261
Analyzer Verdict Alert fortinet Phishing
GET /wp-content/uploads/2020/08/FMEA-Risk-Management-BEMCON-300x300.jpg.webp HTTP/1.1
Host: post.bemcon.co.uk
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://post.bemcon.co.uk/root-cause-analysis-rca/
Cookie: mailster=2f95e62ec15c593170a6e78f89436dad; _lscache_vary=0ecd605272207d647f0e0abe9c8f5436; __cf_bm=k0RHtuogg7Q.SiLLtBkkaN4VLOydeuZ52LAqY65OGEQ-1670299929-0-AQj6mnWefyvAfCLheHauSBvzfZVb0e06y8PDKcrMvo5r2InqazXZmHxzbYngaYV1V2jOlPUhwEErocz38a2YVLxVR/bUt4G7JQBufvkGyavM58EB/krMFxaQwiWzVoRkxVmAz2f8EWzb8ralsDbX0B8=; _ga_94998W1T93=GS1.1.1670299927.1.1.1670299928.0.0.0; _ga=GA1.3.1108594418.1670299927; _gid=GA1.3.1984919085.1670299927; _gat_gtag_UA_117111585_4=1
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
date: Tue, 06 Dec 2022 04:12:12 GMT
content-type: image/webp
content-length: 17346
cache-control: public, max-age=31557600
expires: Sun, 03 Dec 2023 02:01:06 GMT
last-modified: Mon, 28 Nov 2022 16:12:02 GMT
vary: User-Agent,User-Agent, Accept-Encoding
x-content-type-options: nosniff
x-turbo-charged-by: LiteSpeed
cf-cache-status: HIT
age: 63741
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=O2%2BDMppqnyAXltJo37BKgjimSHpJNRUfXnyI%2FuMSbs5HKzVXK5K0UamCslNl5bvAt1t%2BWloNqF1HM0KAiA7qlB8zejsPvpL39tBqhFsOWBH5YzvsCQjZymHWYXZ8GfLPBA8JfQ%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 77522e915a23b515-OSL
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
post.bemcon.co.uk/wp-content/uploads/2020/08/IADT-Level-3-HABC-300x300.jpg.webp
188.114.96.1200 OK 18 kB URL HTTP/2 post.bemcon.co.uk/wp-content/uploads/2020/08/IADT-Level-3-HABC-300x300.jpg.webp
IP 188.114.96.1:0
File type RIFF (little-endian) data, Web/P image, VP8 encoding, 300x300, Scaling: [none]x[none], YUV color, decoders should clamp\012- data
Hash 2ebf8a22fd0796a63794eff51a3a0bf4
7d824f577e275c70dd25f126ebf244071665f097
f3f9fcf05bd56d68b275eba918a2773012f005ca71361036713f63d1fbf91a7c
Analyzer Verdict Alert fortinet Phishing
GET /wp-content/uploads/2020/08/IADT-Level-3-HABC-300x300.jpg.webp HTTP/1.1
Host: post.bemcon.co.uk
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://post.bemcon.co.uk/root-cause-analysis-rca/
Cookie: mailster=2f95e62ec15c593170a6e78f89436dad; _lscache_vary=0ecd605272207d647f0e0abe9c8f5436; __cf_bm=k0RHtuogg7Q.SiLLtBkkaN4VLOydeuZ52LAqY65OGEQ-1670299929-0-AQj6mnWefyvAfCLheHauSBvzfZVb0e06y8PDKcrMvo5r2InqazXZmHxzbYngaYV1V2jOlPUhwEErocz38a2YVLxVR/bUt4G7JQBufvkGyavM58EB/krMFxaQwiWzVoRkxVmAz2f8EWzb8ralsDbX0B8=; _ga_94998W1T93=GS1.1.1670299927.1.1.1670299928.0.0.0; _ga=GA1.3.1108594418.1670299927; _gid=GA1.3.1984919085.1670299927; _gat_gtag_UA_117111585_4=1
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
date: Tue, 06 Dec 2022 04:12:12 GMT
content-type: image/webp
content-length: 18122
cache-control: public, max-age=31557600
expires: Tue, 05 Dec 2023 09:59:53 GMT
last-modified: Mon, 28 Nov 2022 16:12:14 GMT
vary: User-Agent,User-Agent, Accept-Encoding
x-content-type-options: nosniff
x-turbo-charged-by: LiteSpeed
cf-cache-status: HIT
age: 63741
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=rrEDKsdDQzwLULRvuBQ7PjTuBZzNjhRbnTrdnUK%2BBfjsJRLXmRmWo7vxYNmKlJQ6yddQoVbQiXTQ6nu3Euui9AQjZfjX1%2BR8RyC2Fpua1QPvLF5apY7tgDUwCR6tyZCOWCPw2Q%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 77522e915a24b515-OSL
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
post.bemcon.co.uk/wp-content/uploads/2020/08/First-Aid-Level-3-OCT-2020-300x300.jpg.webp
188.114.96.1200 OK 23 kB URL HTTP/2 post.bemcon.co.uk/wp-content/uploads/2020/08/First-Aid-Level-3-OCT-2020-300x300.jpg.webp
IP 188.114.96.1:0
File type RIFF (little-endian) data, Web/P image, VP8 encoding, 300x300, Scaling: [none]x[none], YUV color, decoders should clamp\012- data
Hash b96e2e3cd87985b8ad3790f8956abe94
bfcfd491837ff8b9309961f7bdef6f447734efd7
34fc5db04ce0f825e4410bc65c2790fc3315f0dbc3551f9819b4b4e20577a70c
Analyzer Verdict Alert fortinet Phishing
GET /wp-content/uploads/2020/08/First-Aid-Level-3-OCT-2020-300x300.jpg.webp HTTP/1.1
Host: post.bemcon.co.uk
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://post.bemcon.co.uk/root-cause-analysis-rca/
Cookie: mailster=2f95e62ec15c593170a6e78f89436dad; _lscache_vary=0ecd605272207d647f0e0abe9c8f5436; __cf_bm=k0RHtuogg7Q.SiLLtBkkaN4VLOydeuZ52LAqY65OGEQ-1670299929-0-AQj6mnWefyvAfCLheHauSBvzfZVb0e06y8PDKcrMvo5r2InqazXZmHxzbYngaYV1V2jOlPUhwEErocz38a2YVLxVR/bUt4G7JQBufvkGyavM58EB/krMFxaQwiWzVoRkxVmAz2f8EWzb8ralsDbX0B8=; _ga_94998W1T93=GS1.1.1670299927.1.1.1670299928.0.0.0; _ga=GA1.3.1108594418.1670299927; _gid=GA1.3.1984919085.1670299927; _gat_gtag_UA_117111585_4=1
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
date: Tue, 06 Dec 2022 04:12:12 GMT
content-type: image/webp
content-length: 22766
cache-control: public, max-age=31557600
expires: Tue, 28 Nov 2023 22:44:28 GMT
last-modified: Mon, 28 Nov 2022 16:15:22 GMT
vary: User-Agent,User-Agent, Accept-Encoding
x-content-type-options: nosniff
x-turbo-charged-by: LiteSpeed
cf-cache-status: HIT
age: 63741
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=8t9Fn6UBIpA%2B4ADie%2BC6UurbIQMKL9Cn3M%2FWvTTtSNvx%2FLGp%2FDnWYWQ2RERELtV92g1VFYVJlhI0NhXvAVosOpZsjeH4jNbobzR9T4NGjVk4O0WAzL85TDx45IJD87C5lBzdKw%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 77522e916a28b515-OSL
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fffbcb6f9-483c-4254-9451-927fa2fc2294.jpeg
34.120.237.76200 OK 4.0 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fffbcb6f9-483c-4254-9451-927fa2fc2294.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 9838b65dde746487c806ee9739f8b222
1c95a1e47e903cc6775df2c5ed3f2f58cca42dc8
cf3ddc240b33d0f588d5acb30593b6846874a192bff9f5b69455877d7f63be53
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fffbcb6f9-483c-4254-9451-927fa2fc2294.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 3968
x-amzn-requestid: 55111bc4-d002-44a0-855a-533251b144fb
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: csSveGo_IAMFQvA=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-638e64c9-28e0a83d7f9f1ffc7544bb3d;Sampled=0
x-amzn-remapped-date: Mon, 05 Dec 2022 21:38:17 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C2
x-cache: Miss from cloudfront
x-amz-cf-id: _Hf2XblY73dHIIWTqWgeDzJJalBo6ooCAit1eQ8G8n4385ORBBDakA==
via: 1.1 e291f351a18746d40754b367095a2872.cloudfront.net (CloudFront), 1.1 1b74ccf4cb51eacf97a0e6d60ae46a3e.cloudfront.net (CloudFront), 1.1 google
date: Mon, 05 Dec 2022 21:47:06 GMT
etag: "1c95a1e47e903cc6775df2c5ed3f2f58cca42dc8"
content-type: image/jpeg
age: 23109
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
post.bemcon.co.uk/cdn-cgi/rum?
188.114.96.1204 No Content 0 B URL HTTP/2 post.bemcon.co.uk/cdn-cgi/rum?
IP 188.114.96.1:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
POST /cdn-cgi/rum? HTTP/1.1
Host: post.bemcon.co.uk
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/json
Content-Length: 578
Origin: https://post.bemcon.co.uk
Connection: keep-alive
Referer: https://post.bemcon.co.uk/root-cause-analysis-rca/
Cookie: mailster=2f95e62ec15c593170a6e78f89436dad; _lscache_vary=0ecd605272207d647f0e0abe9c8f5436; __cf_bm=k0RHtuogg7Q.SiLLtBkkaN4VLOydeuZ52LAqY65OGEQ-1670299929-0-AQj6mnWefyvAfCLheHauSBvzfZVb0e06y8PDKcrMvo5r2InqazXZmHxzbYngaYV1V2jOlPUhwEErocz38a2YVLxVR/bUt4G7JQBufvkGyavM58EB/krMFxaQwiWzVoRkxVmAz2f8EWzb8ralsDbX0B8=; _ga_94998W1T93=GS1.1.1670299927.1.1.1670299928.0.0.0; _ga=GA1.3.1108594418.1670299927; _gid=GA1.3.1984919085.1670299927; _gat_gtag_UA_117111585_4=1
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 204 No Content
date: Tue, 06 Dec 2022 04:12:15 GMT
access-control-allow-origin: https://post.bemcon.co.uk
access-control-allow-methods: POST,OPTIONS
access-control-max-age: 86400
vary: Origin
access-control-allow-credentials: true
server: cloudflare
cf-ray: 77522ea6b9dcb515-OSL
x-frame-options: DENY
x-content-type-options: nosniff
X-Firefox-Spdy: h2
post.bemcon.co.uk/wp-content/litespeed/js/3516176d20aa6b1db543fb10ef348a7f.js?ver=48a7f
188.114.96.1200 OK 0 B URL HTTP/2 post.bemcon.co.uk/wp-content/litespeed/js/3516176d20aa6b1db543fb10ef348a7f.js?ver=48a7f
IP 188.114.96.1:0
GET /wp-content/litespeed/js/3516176d20aa6b1db543fb10ef348a7f.js?ver=48a7f HTTP/1.1
Host: post.bemcon.co.uk
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://post.bemcon.co.uk/root-cause-analysis-rca/
Cookie: mailster=2f95e62ec15c593170a6e78f89436dad; _lscache_vary=0ecd605272207d647f0e0abe9c8f5436; __cf_bm=k0RHtuogg7Q.SiLLtBkkaN4VLOydeuZ52LAqY65OGEQ-1670299929-0-AQj6mnWefyvAfCLheHauSBvzfZVb0e06y8PDKcrMvo5r2InqazXZmHxzbYngaYV1V2jOlPUhwEErocz38a2YVLxVR/bUt4G7JQBufvkGyavM58EB/krMFxaQwiWzVoRkxVmAz2f8EWzb8ralsDbX0B8=; _ga_94998W1T93=GS1.1.1670299927.1.0.1670299927.0.0.0; _ga=GA1.3.1108594418.1670299927; _gid=GA1.3.1984919085.1670299927; _gat_gtag_UA_117111585_4=1
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
date: Tue, 06 Dec 2022 04:12:11 GMT
content-type: application/javascript
cache-control: public, max-age=31557600
cf-bgj: minify
cf-polished: origSize=5631
expires: Tue, 28 Nov 2023 20:09:24 GMT
last-modified: Mon, 28 Nov 2022 14:09:23 GMT
vary: Accept-Encoding,User-Agent,User-Agent
x-content-type-options: nosniff
x-turbo-charged-by: LiteSpeed
cf-cache-status: HIT
age: 63742
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=%2B2gkA48jnoaDEAp92Pi2oAMnwgeu9oFj8Xwly0wfdIQaG2Hkxe5wKfz%2BieeRLx2X9NebQv2H68C49xFvJyj5BuWu%2F55jC7Xa4ca%2FDtd6X4QQiOcvxvOaNYmdNDaxKaG2VYLmWg%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 77522e8acee1b515-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
post.bemcon.co.uk/wp-content/litespeed/js/b89dfd376a5cdd6dad19b2ce3c8a2c4e.js?ver=a2c4e
188.114.96.1200 OK 0 B URL HTTP/2 post.bemcon.co.uk/wp-content/litespeed/js/b89dfd376a5cdd6dad19b2ce3c8a2c4e.js?ver=a2c4e
IP 188.114.96.1:0
GET /wp-content/litespeed/js/b89dfd376a5cdd6dad19b2ce3c8a2c4e.js?ver=a2c4e HTTP/1.1
Host: post.bemcon.co.uk
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://post.bemcon.co.uk/root-cause-analysis-rca/
Cookie: mailster=2f95e62ec15c593170a6e78f89436dad; _lscache_vary=0ecd605272207d647f0e0abe9c8f5436; __cf_bm=k0RHtuogg7Q.SiLLtBkkaN4VLOydeuZ52LAqY65OGEQ-1670299929-0-AQj6mnWefyvAfCLheHauSBvzfZVb0e06y8PDKcrMvo5r2InqazXZmHxzbYngaYV1V2jOlPUhwEErocz38a2YVLxVR/bUt4G7JQBufvkGyavM58EB/krMFxaQwiWzVoRkxVmAz2f8EWzb8ralsDbX0B8=; _ga_94998W1T93=GS1.1.1670299927.1.0.1670299927.0.0.0; _ga=GA1.3.1108594418.1670299927; _gid=GA1.3.1984919085.1670299927; _gat_gtag_UA_117111585_4=1
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
date: Tue, 06 Dec 2022 04:12:11 GMT
content-type: application/javascript
cache-control: public, max-age=31557600
cf-bgj: minify
cf-polished: origSize=139239
expires: Mon, 04 Dec 2023 13:33:43 GMT
last-modified: Sun, 04 Dec 2022 07:33:41 GMT
vary: Accept-Encoding,User-Agent,User-Agent
x-content-type-options: nosniff
x-turbo-charged-by: LiteSpeed
cf-cache-status: HIT
age: 63742
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=oARE7iyuozBPo6IWERmqrh9hLMgMOwHKX1ln1jIct5j8Y1rm7qmKOx4%2FUXTHHbXEKk68hKaUSzxn9tgMUmxE3lVAmpfJ2Qvap33A%2FEs3nXZ2tJneXJ9NixHBSpLrMWNs8MOm6Q%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 77522e8aeef1b515-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
post.bemcon.co.uk/wp-content/litespeed/css/4909338963a670627dfbca0bfdd7c0ee.css?ver=7c0ee
188.114.96.1200 OK 0 B URL HTTP/2 post.bemcon.co.uk/wp-content/litespeed/css/4909338963a670627dfbca0bfdd7c0ee.css?ver=7c0ee
IP 188.114.96.1:0
Analyzer Verdict Alert fortinet Phishing
GET /wp-content/litespeed/css/4909338963a670627dfbca0bfdd7c0ee.css?ver=7c0ee HTTP/1.1
Host: post.bemcon.co.uk
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://post.bemcon.co.uk/root-cause-analysis-rca/
Cookie: mailster=2f95e62ec15c593170a6e78f89436dad; _lscache_vary=0ecd605272207d647f0e0abe9c8f5436; __cf_bm=k0RHtuogg7Q.SiLLtBkkaN4VLOydeuZ52LAqY65OGEQ-1670299929-0-AQj6mnWefyvAfCLheHauSBvzfZVb0e06y8PDKcrMvo5r2InqazXZmHxzbYngaYV1V2jOlPUhwEErocz38a2YVLxVR/bUt4G7JQBufvkGyavM58EB/krMFxaQwiWzVoRkxVmAz2f8EWzb8ralsDbX0B8=; _ga_94998W1T93=GS1.1.1670299927.1.0.1670299927.0.0.0; _ga=GA1.3.1108594418.1670299927; _gid=GA1.3.1984919085.1670299927; _gat_gtag_UA_117111585_4=1
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
date: Tue, 06 Dec 2022 04:12:11 GMT
content-type: text/css
cache-control: public, max-age=31557600
cf-bgj: minify
cf-polished: origSize=13805
expires: Sat, 02 Dec 2023 06:03:32 GMT
last-modified: Thu, 01 Dec 2022 11:07:25 GMT
vary: Accept-Encoding,User-Agent,User-Agent
x-content-type-options: nosniff
x-turbo-charged-by: LiteSpeed
cf-cache-status: HIT
age: 63742
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=nnzcHD5%2BY07ZlI%2Brvexen%2Fc%2F27NEp1MbUlDvVgv5CSOFCYdXbryK9FEBa9%2FOgPwTcrDEk7%2FhgM%2FaQN%2B2lvHYeJ64feqqavswPmcI5vpMPhFyq%2BkUpAmLJIbLtBv7w1ASxHZpIQ%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 77522e8a3e8bb515-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
post.bemcon.co.uk/wp-content/litespeed/css/824e22c6742edf19741c2baf5f990b58.css?ver=90b58
188.114.96.1200 OK 0 B URL HTTP/2 post.bemcon.co.uk/wp-content/litespeed/css/824e22c6742edf19741c2baf5f990b58.css?ver=90b58
IP 188.114.96.1:0
Analyzer Verdict Alert fortinet Phishing
GET /wp-content/litespeed/css/824e22c6742edf19741c2baf5f990b58.css?ver=90b58 HTTP/1.1
Host: post.bemcon.co.uk
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://post.bemcon.co.uk/root-cause-analysis-rca/
Cookie: mailster=2f95e62ec15c593170a6e78f89436dad; _lscache_vary=0ecd605272207d647f0e0abe9c8f5436; __cf_bm=k0RHtuogg7Q.SiLLtBkkaN4VLOydeuZ52LAqY65OGEQ-1670299929-0-AQj6mnWefyvAfCLheHauSBvzfZVb0e06y8PDKcrMvo5r2InqazXZmHxzbYngaYV1V2jOlPUhwEErocz38a2YVLxVR/bUt4G7JQBufvkGyavM58EB/krMFxaQwiWzVoRkxVmAz2f8EWzb8ralsDbX0B8=; _ga_94998W1T93=GS1.1.1670299927.1.0.1670299927.0.0.0; _ga=GA1.3.1108594418.1670299927; _gid=GA1.3.1984919085.1670299927; _gat_gtag_UA_117111585_4=1
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
date: Tue, 06 Dec 2022 04:12:11 GMT
content-type: text/css
cache-control: public, max-age=31557600
cf-bgj: minify
cf-polished: origSize=8815
expires: Tue, 28 Nov 2023 19:44:17 GMT
last-modified: Mon, 28 Nov 2022 13:44:09 GMT
vary: Accept-Encoding,User-Agent,User-Agent
x-content-type-options: nosniff
x-turbo-charged-by: LiteSpeed
cf-cache-status: HIT
age: 63742
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=1ZUQh%2FAXaVLJhzIrRwBOGIhJUzPV9sC9VJfxFdnXudBpEFqm4xGBc6ZMejgNiDXdcJNCaQcQdq%2BIKQipeE2BG2u%2F3Ip3AG%2FhlKRVhH6ozPIHtRJgq0jxOJz47RL%2FtN3FDTgKHA%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 77522e8a4e94b515-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
post.bemcon.co.uk/wp-includes/js/jquery/jquery.min.js
188.114.96.1200 OK 0 B URL HTTP/2 post.bemcon.co.uk/wp-includes/js/jquery/jquery.min.js
IP 188.114.96.1:0
Analyzer Verdict Alert fortinet Phishing
GET /wp-includes/js/jquery/jquery.min.js HTTP/1.1
Host: post.bemcon.co.uk
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://post.bemcon.co.uk/root-cause-analysis-rca/
Cookie: mailster=2f95e62ec15c593170a6e78f89436dad; _lscache_vary=0ecd605272207d647f0e0abe9c8f5436; __cf_bm=k0RHtuogg7Q.SiLLtBkkaN4VLOydeuZ52LAqY65OGEQ-1670299929-0-AQj6mnWefyvAfCLheHauSBvzfZVb0e06y8PDKcrMvo5r2InqazXZmHxzbYngaYV1V2jOlPUhwEErocz38a2YVLxVR/bUt4G7JQBufvkGyavM58EB/krMFxaQwiWzVoRkxVmAz2f8EWzb8ralsDbX0B8=; _ga_94998W1T93=GS1.1.1670299927.1.0.1670299927.0.0.0; _ga=GA1.3.1108594418.1670299927; _gid=GA1.3.1984919085.1670299927; _gat_gtag_UA_117111585_4=1
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
date: Tue, 06 Dec 2022 04:12:11 GMT
content-type: application/javascript
cache-control: public, max-age=31557600
expires: Tue, 28 Nov 2023 19:44:17 GMT
last-modified: Mon, 19 Sep 2022 19:46:24 GMT
vary: Accept-Encoding,User-Agent,User-Agent
x-content-type-options: nosniff
x-turbo-charged-by: LiteSpeed
cf-cache-status: HIT
age: 63741
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=lP0DCavU5X0O4y%2FhOBxW24VPMReUkxHcfGWSF%2B8AomnzsTBnj5rhY3kE7Pi%2Fh28LRu6wI8%2F75KKYBcYF%2BlGoDHgerSt71UUKXtFA6kh5SYooGMXMoponwjM9ahIAEwoU%2Bv8KdA%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 77522e8a5e9ab515-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
post.bemcon.co.uk/wp-content/litespeed/css/2259a209169526c6530061b9319f9544.css?ver=f9544
188.114.96.1200 OK 0 B URL HTTP/2 post.bemcon.co.uk/wp-content/litespeed/css/2259a209169526c6530061b9319f9544.css?ver=f9544
IP 188.114.96.1:0
Analyzer Verdict Alert fortinet Phishing
GET /wp-content/litespeed/css/2259a209169526c6530061b9319f9544.css?ver=f9544 HTTP/1.1
Host: post.bemcon.co.uk
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://post.bemcon.co.uk/root-cause-analysis-rca/
Cookie: mailster=2f95e62ec15c593170a6e78f89436dad; _lscache_vary=0ecd605272207d647f0e0abe9c8f5436; __cf_bm=k0RHtuogg7Q.SiLLtBkkaN4VLOydeuZ52LAqY65OGEQ-1670299929-0-AQj6mnWefyvAfCLheHauSBvzfZVb0e06y8PDKcrMvo5r2InqazXZmHxzbYngaYV1V2jOlPUhwEErocz38a2YVLxVR/bUt4G7JQBufvkGyavM58EB/krMFxaQwiWzVoRkxVmAz2f8EWzb8ralsDbX0B8=; _ga_94998W1T93=GS1.1.1670299927.1.0.1670299927.0.0.0; _ga=GA1.3.1108594418.1670299927; _gid=GA1.3.1984919085.1670299927; _gat_gtag_UA_117111585_4=1
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
date: Tue, 06 Dec 2022 04:12:11 GMT
content-type: text/css
cache-control: public, max-age=31557600
cf-bgj: minify
cf-polished: origSize=3503
expires: Sun, 03 Dec 2023 13:36:36 GMT
last-modified: Sat, 03 Dec 2022 07:36:35 GMT
vary: Accept-Encoding,User-Agent,User-Agent
x-content-type-options: nosniff
x-turbo-charged-by: LiteSpeed
cf-cache-status: HIT
age: 63742
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=4STYiijx6z0Ba%2BPfdeD%2BWVPMcOeHIBjQHVQTfy6CjvJGF3JcGr3ILLRQGNpqegASYAd0kqoOEHjOS8cZ9J%2FIJxnq8eTk5JE1OdmymBxrVUmRCNqXZU59tb2f0e%2FECBYROZ2DqA%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 77522e8a8eb6b515-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
post.bemcon.co.uk/wp-content/litespeed/js/52189adb7969e29c9e8d07516d37ec71.js?ver=7ec71
188.114.96.1200 OK 0 B URL HTTP/2 post.bemcon.co.uk/wp-content/litespeed/js/52189adb7969e29c9e8d07516d37ec71.js?ver=7ec71
IP 188.114.96.1:0
GET /wp-content/litespeed/js/52189adb7969e29c9e8d07516d37ec71.js?ver=7ec71 HTTP/1.1
Host: post.bemcon.co.uk
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://post.bemcon.co.uk/root-cause-analysis-rca/
Cookie: mailster=2f95e62ec15c593170a6e78f89436dad; _lscache_vary=0ecd605272207d647f0e0abe9c8f5436; __cf_bm=k0RHtuogg7Q.SiLLtBkkaN4VLOydeuZ52LAqY65OGEQ-1670299929-0-AQj6mnWefyvAfCLheHauSBvzfZVb0e06y8PDKcrMvo5r2InqazXZmHxzbYngaYV1V2jOlPUhwEErocz38a2YVLxVR/bUt4G7JQBufvkGyavM58EB/krMFxaQwiWzVoRkxVmAz2f8EWzb8ralsDbX0B8=; _ga_94998W1T93=GS1.1.1670299927.1.0.1670299927.0.0.0; _ga=GA1.3.1108594418.1670299927; _gid=GA1.3.1984919085.1670299927; _gat_gtag_UA_117111585_4=1
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
date: Tue, 06 Dec 2022 04:12:11 GMT
content-type: application/javascript
cache-control: public, max-age=31557600
cf-bgj: minify
cf-polished: origSize=2622
expires: Sat, 02 Dec 2023 12:45:41 GMT
last-modified: Fri, 02 Dec 2022 02:31:49 GMT
vary: Accept-Encoding,User-Agent,User-Agent
x-content-type-options: nosniff
x-turbo-charged-by: LiteSpeed
cf-cache-status: HIT
age: 63742
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=vnaD82N31nidQXW0dA4zf4Wt8MgpOTc60nEeWkfqCncPmFFYpwpk7ZHiAh6anVa6OyWaqG0RnJY%2B212w8KiOnjm1Fq7qQCfuJs2ubpcnaA3wlUbDurY7DcxXGbei%2F916YKCr%2BQ%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 77522e8aceddb515-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
post.bemcon.co.uk/wp-content/litespeed/js/59409ef1165033ee8ad4c59191716f85.js?ver=16f85
188.114.96.1200 OK 0 B URL HTTP/2 post.bemcon.co.uk/wp-content/litespeed/js/59409ef1165033ee8ad4c59191716f85.js?ver=16f85
IP 188.114.96.1:0
GET /wp-content/litespeed/js/59409ef1165033ee8ad4c59191716f85.js?ver=16f85 HTTP/1.1
Host: post.bemcon.co.uk
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://post.bemcon.co.uk/root-cause-analysis-rca/
Cookie: mailster=2f95e62ec15c593170a6e78f89436dad; _lscache_vary=0ecd605272207d647f0e0abe9c8f5436; __cf_bm=k0RHtuogg7Q.SiLLtBkkaN4VLOydeuZ52LAqY65OGEQ-1670299929-0-AQj6mnWefyvAfCLheHauSBvzfZVb0e06y8PDKcrMvo5r2InqazXZmHxzbYngaYV1V2jOlPUhwEErocz38a2YVLxVR/bUt4G7JQBufvkGyavM58EB/krMFxaQwiWzVoRkxVmAz2f8EWzb8ralsDbX0B8=; _ga_94998W1T93=GS1.1.1670299927.1.0.1670299927.0.0.0; _ga=GA1.3.1108594418.1670299927; _gid=GA1.3.1984919085.1670299927; _gat_gtag_UA_117111585_4=1
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
date: Tue, 06 Dec 2022 04:12:11 GMT
content-type: application/javascript
cache-control: public, max-age=31557600
cf-bgj: minify
cf-polished: origSize=6477
expires: Tue, 28 Nov 2023 20:09:24 GMT
last-modified: Mon, 28 Nov 2022 14:09:23 GMT
vary: Accept-Encoding,User-Agent,User-Agent
x-content-type-options: nosniff
x-turbo-charged-by: LiteSpeed
cf-cache-status: HIT
age: 63742
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=1fGiU3GS52UjN%2BSmoMeCvtF%2FV4Qv4v%2BTlay4wNADmKgVifpANs04u6hR05KobDj1C41dagnLFJeeljHbvjivmjKyyo3cE87i53eADWzbrC7IkOxASAWr2xEGLvq%2BcwKL671rDA%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 77522e8acee7b515-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
post.bemcon.co.uk/wp-content/litespeed/css/25bf94bf645d80b1aebf4af167ddf72a.css?ver=df72a
188.114.96.1200 OK 0 B URL HTTP/2 post.bemcon.co.uk/wp-content/litespeed/css/25bf94bf645d80b1aebf4af167ddf72a.css?ver=df72a
IP 188.114.96.1:0
Analyzer Verdict Alert fortinet Phishing
GET /wp-content/litespeed/css/25bf94bf645d80b1aebf4af167ddf72a.css?ver=df72a HTTP/1.1
Host: post.bemcon.co.uk
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://post.bemcon.co.uk/root-cause-analysis-rca/
Cookie: mailster=2f95e62ec15c593170a6e78f89436dad; _lscache_vary=0ecd605272207d647f0e0abe9c8f5436; __cf_bm=k0RHtuogg7Q.SiLLtBkkaN4VLOydeuZ52LAqY65OGEQ-1670299929-0-AQj6mnWefyvAfCLheHauSBvzfZVb0e06y8PDKcrMvo5r2InqazXZmHxzbYngaYV1V2jOlPUhwEErocz38a2YVLxVR/bUt4G7JQBufvkGyavM58EB/krMFxaQwiWzVoRkxVmAz2f8EWzb8ralsDbX0B8=; _ga_94998W1T93=GS1.1.1670299927.1.0.1670299927.0.0.0; _ga=GA1.3.1108594418.1670299927; _gid=GA1.3.1984919085.1670299927; _gat_gtag_UA_117111585_4=1
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
date: Tue, 06 Dec 2022 04:12:11 GMT
content-type: text/css
cache-control: public, max-age=31557600
cf-bgj: minify
cf-polished: origSize=93358
expires: Wed, 29 Nov 2023 17:25:56 GMT
last-modified: Tue, 29 Nov 2022 11:25:55 GMT
vary: Accept-Encoding,User-Agent,User-Agent
x-content-type-options: nosniff
x-turbo-charged-by: LiteSpeed
cf-cache-status: HIT
age: 63742
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=krUmW7gElBG0TvbKVl%2F%2B34AybZarWPABwgNB1T6W2AUrmWR%2Bk8UVJRvIAkzJJmcKGVD%2BXacWzX0hkhInCnFq3Z1VlfjOq3V%2FSOSzYMPvl%2BISpK%2B3pBQ3Tba9P8zt9SmqI4dcAQ%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 77522e8a3e84b515-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
post.bemcon.co.uk/wp-content/litespeed/css/bac35c078609d3a951fc531bf7ecdd7a.css?ver=cdd7a
188.114.96.1200 OK 0 B URL HTTP/2 post.bemcon.co.uk/wp-content/litespeed/css/bac35c078609d3a951fc531bf7ecdd7a.css?ver=cdd7a
IP 188.114.96.1:0
Analyzer Verdict Alert fortinet Phishing
GET /wp-content/litespeed/css/bac35c078609d3a951fc531bf7ecdd7a.css?ver=cdd7a HTTP/1.1
Host: post.bemcon.co.uk
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://post.bemcon.co.uk/root-cause-analysis-rca/
Cookie: mailster=2f95e62ec15c593170a6e78f89436dad; _lscache_vary=0ecd605272207d647f0e0abe9c8f5436; __cf_bm=k0RHtuogg7Q.SiLLtBkkaN4VLOydeuZ52LAqY65OGEQ-1670299929-0-AQj6mnWefyvAfCLheHauSBvzfZVb0e06y8PDKcrMvo5r2InqazXZmHxzbYngaYV1V2jOlPUhwEErocz38a2YVLxVR/bUt4G7JQBufvkGyavM58EB/krMFxaQwiWzVoRkxVmAz2f8EWzb8ralsDbX0B8=; _ga_94998W1T93=GS1.1.1670299927.1.0.1670299927.0.0.0; _ga=GA1.3.1108594418.1670299927; _gid=GA1.3.1984919085.1670299927; _gat_gtag_UA_117111585_4=1
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
date: Tue, 06 Dec 2022 04:12:11 GMT
content-type: text/css
cache-control: public, max-age=31557600
cf-bgj: minify
cf-polished: origSize=3810
expires: Tue, 28 Nov 2023 19:44:17 GMT
last-modified: Mon, 28 Nov 2022 13:44:09 GMT
vary: Accept-Encoding,User-Agent,User-Agent
x-content-type-options: nosniff
x-turbo-charged-by: LiteSpeed
cf-cache-status: HIT
age: 63742
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=zTcl9I0MHH6%2BFAGKTvM6LeIinJqL5yJvDflPSZS3o39z236mkE4n%2BjXe2r7K0Qm%2Fv67YCxmETQ84yIVz%2BA7ci8dC0H1Cy9uLJ382eNv%2Fzf2Hw%2FWEWZHt%2FMy78%2BTVfOQZfNwSeQ%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 77522e8a9ebfb515-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
fonts.googleapis.com/css?family=Montserrat%3A100%2C100italic%2C200%2C200italic%2C300%2C300italic%2C400%2C400italic%2C500%2C500italic%2C600%2C600italic%2C700%2C700italic%2C800%2C800italic%2C900%2C900italic%7CHammersmith+One%3A100%2C100italic%2C200%2C200italic%2C300%2C300italic%2C400%2C400italic%2C500%2C500italic%2C600%2C600italic%2C700%2C700italic%2C800%2C800italic%2C900%2C900italic%7CRaleway%3A100%2C100italic%2C200%2C200italic%2C300%2C300italic%2C400%2C400italic%2C500%2C500italic%2C600%2C600italic%2C700%2C700italic%2C800%2C800italic%2C900%2C900italic%7CLora%3A100%2C100italic%2C200%2C200italic%2C300%2C300italic%2C400%2C400italic%2C500%2C500italic%2C600%2C600italic%2C700%2C700italic%2C800%2C800italic%2C900%2C900italic&display=auto&ver=6.1.1
142.250.74.74200 OK 0 B URL HTTP/2 fonts.googleapis.com/css?family=Montserrat%3A100%2C100italic%2C200%2C200italic%2C300%2C300italic%2C400%2C400italic%2C500%2C500italic%2C600%2C600italic%2C700%2C700italic%2C800%2C800italic%2C900%2C900italic%7CHammersmith+One%3A100%2C100italic%2C200%2C200italic%2C300%2C300italic%2C400%2C400italic%2C500%2C500italic%2C600%2C600italic%2C700%2C700italic%2C800%2C800italic%2C900%2C900italic%7CRaleway%3A100%2C100italic%2C200%2C200italic%2C300%2C300italic%2C400%2C400italic%2C500%2C500italic%2C600%2C600italic%2C700%2C700italic%2C800%2C800italic%2C900%2C900italic%7CLora%3A100%2C100italic%2C200%2C200italic%2C300%2C300italic%2C400%2C400italic%2C500%2C500italic%2C600%2C600italic%2C700%2C700italic%2C800%2C800italic%2C900%2C900italic&display=auto&ver=6.1.1
IP 142.250.74.74:0
GET /css?family=Montserrat%3A100%2C100italic%2C200%2C200italic%2C300%2C300italic%2C400%2C400italic%2C500%2C500italic%2C600%2C600italic%2C700%2C700italic%2C800%2C800italic%2C900%2C900italic%7CHammersmith+One%3A100%2C100italic%2C200%2C200italic%2C300%2C300italic%2C400%2C400italic%2C500%2C500italic%2C600%2C600italic%2C700%2C700italic%2C800%2C800italic%2C900%2C900italic%7CRaleway%3A100%2C100italic%2C200%2C200italic%2C300%2C300italic%2C400%2C400italic%2C500%2C500italic%2C600%2C600italic%2C700%2C700italic%2C800%2C800italic%2C900%2C900italic%7CLora%3A100%2C100italic%2C200%2C200italic%2C300%2C300italic%2C400%2C400italic%2C500%2C500italic%2C600%2C600italic%2C700%2C700italic%2C800%2C800italic%2C900%2C900italic&display=auto&ver=6.1.1 HTTP/1.1
Host: fonts.googleapis.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://post.bemcon.co.uk/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
content-type: text/css; charset=utf-8
access-control-allow-origin: *
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
strict-transport-security: max-age=31536000
expires: Tue, 06 Dec 2022 04:12:11 GMT
date: Tue, 06 Dec 2022 04:12:11 GMT
cache-control: private, max-age=86400
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin-allow-popups
content-encoding: gzip
server: ESF
x-xss-protection: 0
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
post.bemcon.co.uk/wp-content/litespeed/js/9361c35b8a36d4ced8e8a6539043ac71.js?ver=3ac71
188.114.96.1200 OK 0 B URL HTTP/2 post.bemcon.co.uk/wp-content/litespeed/js/9361c35b8a36d4ced8e8a6539043ac71.js?ver=3ac71
IP 188.114.96.1:0
GET /wp-content/litespeed/js/9361c35b8a36d4ced8e8a6539043ac71.js?ver=3ac71 HTTP/1.1
Host: post.bemcon.co.uk
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://post.bemcon.co.uk/root-cause-analysis-rca/
Cookie: mailster=2f95e62ec15c593170a6e78f89436dad; _lscache_vary=0ecd605272207d647f0e0abe9c8f5436; __cf_bm=k0RHtuogg7Q.SiLLtBkkaN4VLOydeuZ52LAqY65OGEQ-1670299929-0-AQj6mnWefyvAfCLheHauSBvzfZVb0e06y8PDKcrMvo5r2InqazXZmHxzbYngaYV1V2jOlPUhwEErocz38a2YVLxVR/bUt4G7JQBufvkGyavM58EB/krMFxaQwiWzVoRkxVmAz2f8EWzb8ralsDbX0B8=; _ga_94998W1T93=GS1.1.1670299927.1.0.1670299927.0.0.0; _ga=GA1.3.1108594418.1670299927; _gid=GA1.3.1984919085.1670299927; _gat_gtag_UA_117111585_4=1
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
date: Tue, 06 Dec 2022 04:12:11 GMT
content-type: application/javascript
cache-control: public, max-age=31557600
cf-bgj: minify
cf-polished: origSize=139154
expires: Tue, 28 Nov 2023 20:09:24 GMT
last-modified: Mon, 28 Nov 2022 14:09:23 GMT
vary: Accept-Encoding,User-Agent,User-Agent
x-content-type-options: nosniff
x-turbo-charged-by: LiteSpeed
cf-cache-status: HIT
age: 63742
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=kMNWqHOzhK2bB2aevMfjoaozCWEG%2FTNfSCMo%2B5pe0BobNU8%2F9Z%2F7cA3u3Q86wjPjVN3rgQppfT2qQe0DMQuC%2FofJuzH2mEXbl%2BVV84PDAqMkGaAbAobCOdS40UsgK2ZEzI2hzg%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 77522e8acedcb515-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
post.bemcon.co.uk/wp-content/litespeed/js/64466d3cbbf967c1553e29b161b3fcfb.js?ver=3fcfb
188.114.96.1200 OK 0 B URL HTTP/2 post.bemcon.co.uk/wp-content/litespeed/js/64466d3cbbf967c1553e29b161b3fcfb.js?ver=3fcfb
IP 188.114.96.1:0
GET /wp-content/litespeed/js/64466d3cbbf967c1553e29b161b3fcfb.js?ver=3fcfb HTTP/1.1
Host: post.bemcon.co.uk
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://post.bemcon.co.uk/root-cause-analysis-rca/
Cookie: mailster=2f95e62ec15c593170a6e78f89436dad; _lscache_vary=0ecd605272207d647f0e0abe9c8f5436; __cf_bm=k0RHtuogg7Q.SiLLtBkkaN4VLOydeuZ52LAqY65OGEQ-1670299929-0-AQj6mnWefyvAfCLheHauSBvzfZVb0e06y8PDKcrMvo5r2InqazXZmHxzbYngaYV1V2jOlPUhwEErocz38a2YVLxVR/bUt4G7JQBufvkGyavM58EB/krMFxaQwiWzVoRkxVmAz2f8EWzb8ralsDbX0B8=; _ga_94998W1T93=GS1.1.1670299927.1.0.1670299927.0.0.0; _ga=GA1.3.1108594418.1670299927; _gid=GA1.3.1984919085.1670299927; _gat_gtag_UA_117111585_4=1
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
date: Tue, 06 Dec 2022 04:12:11 GMT
content-type: application/javascript
cache-control: public, max-age=31557600
cf-bgj: minify
cf-polished: origSize=136350
expires: Tue, 28 Nov 2023 20:09:24 GMT
last-modified: Mon, 28 Nov 2022 14:09:23 GMT
vary: Accept-Encoding,User-Agent,User-Agent
x-content-type-options: nosniff
x-turbo-charged-by: LiteSpeed
cf-cache-status: HIT
age: 63742
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=vk5re8KFH9cYGiRraEjYiIiwznYfVJPUy0J0fOyI8iFfVNeVZKUB0X%2FXNkM5Y7UQkY4znHIAwhl7mqu5G2zDbdP0bLpumfq51rcAsaWMGgq7u9JYR4qF5m2nbnvjjNbVZ7QX1Q%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 77522e8abed5b515-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
post.bemcon.co.uk/wp-content/litespeed/js/23554dbf39be903e0a7eaee96c062ea0.js?ver=62ea0
188.114.96.1200 OK 0 B URL HTTP/2 post.bemcon.co.uk/wp-content/litespeed/js/23554dbf39be903e0a7eaee96c062ea0.js?ver=62ea0
IP 188.114.96.1:0
GET /wp-content/litespeed/js/23554dbf39be903e0a7eaee96c062ea0.js?ver=62ea0 HTTP/1.1
Host: post.bemcon.co.uk
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://post.bemcon.co.uk/root-cause-analysis-rca/
Cookie: mailster=2f95e62ec15c593170a6e78f89436dad; _lscache_vary=0ecd605272207d647f0e0abe9c8f5436; __cf_bm=k0RHtuogg7Q.SiLLtBkkaN4VLOydeuZ52LAqY65OGEQ-1670299929-0-AQj6mnWefyvAfCLheHauSBvzfZVb0e06y8PDKcrMvo5r2InqazXZmHxzbYngaYV1V2jOlPUhwEErocz38a2YVLxVR/bUt4G7JQBufvkGyavM58EB/krMFxaQwiWzVoRkxVmAz2f8EWzb8ralsDbX0B8=; _ga_94998W1T93=GS1.1.1670299927.1.0.1670299927.0.0.0; _ga=GA1.3.1108594418.1670299927; _gid=GA1.3.1984919085.1670299927; _gat_gtag_UA_117111585_4=1
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
date: Tue, 06 Dec 2022 04:12:11 GMT
content-type: application/javascript
cache-control: public, max-age=31557600
cf-bgj: minify
cf-polished: origSize=10683
expires: Tue, 28 Nov 2023 20:09:24 GMT
last-modified: Mon, 28 Nov 2022 14:09:23 GMT
vary: Accept-Encoding,User-Agent,User-Agent
x-content-type-options: nosniff
x-turbo-charged-by: LiteSpeed
cf-cache-status: HIT
age: 63742
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=ylFzENjHnuMW62RSymrJtdHPqTTXWaaCwI%2FPjCBaHYyMej%2B3ugprdwoEDqxK0Yclu4JeWoY4DWNuaw0TbXeiqZuizkqCu7orP4Cje3y6K%2FXq29s6xvMdeOhh5FNh%2FyKB83v9NQ%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 77522e8acedeb515-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
post.bemcon.co.uk/wp-content/litespeed/css/830a1971a9fa3a33a87cd1948d1bf94c.css?ver=bf94c
188.114.96.1200 OK 0 B URL HTTP/2 post.bemcon.co.uk/wp-content/litespeed/css/830a1971a9fa3a33a87cd1948d1bf94c.css?ver=bf94c
IP 188.114.96.1:0
Analyzer Verdict Alert fortinet Phishing
GET /wp-content/litespeed/css/830a1971a9fa3a33a87cd1948d1bf94c.css?ver=bf94c HTTP/1.1
Host: post.bemcon.co.uk
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://post.bemcon.co.uk/root-cause-analysis-rca/
Cookie: mailster=2f95e62ec15c593170a6e78f89436dad; _lscache_vary=0ecd605272207d647f0e0abe9c8f5436; __cf_bm=k0RHtuogg7Q.SiLLtBkkaN4VLOydeuZ52LAqY65OGEQ-1670299929-0-AQj6mnWefyvAfCLheHauSBvzfZVb0e06y8PDKcrMvo5r2InqazXZmHxzbYngaYV1V2jOlPUhwEErocz38a2YVLxVR/bUt4G7JQBufvkGyavM58EB/krMFxaQwiWzVoRkxVmAz2f8EWzb8ralsDbX0B8=; _ga_94998W1T93=GS1.1.1670299927.1.0.1670299927.0.0.0; _ga=GA1.3.1108594418.1670299927; _gid=GA1.3.1984919085.1670299927; _gat_gtag_UA_117111585_4=1
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
date: Tue, 06 Dec 2022 04:12:11 GMT
content-type: text/css
cache-control: public, max-age=31557600
cf-bgj: minify
cf-polished: origSize=45984
expires: Tue, 05 Dec 2023 15:33:08 GMT
last-modified: Mon, 05 Dec 2022 09:33:08 GMT
vary: Accept-Encoding,User-Agent,User-Agent
x-content-type-options: nosniff
x-turbo-charged-by: LiteSpeed
cf-cache-status: HIT
age: 63742
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=4RoCWsYpej4%2FYz72mVNIWkwhRB3Wu%2FxFP0i54MNlLndBkUCctw3asoS70cRfMs3D5bCeJawiU3x0jNtzE2Vrw%2FRSGLsV9k53N%2BJApaDr0b0KuABq2yzikgP7AB6Ta2DYjDMVgw%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 77522e8a4e91b515-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
post.bemcon.co.uk/wp-content/litespeed/css/d525ea9e26e73dfbfb5636782e35b9c1.css?ver=5b9c1
188.114.96.1200 OK 0 B URL HTTP/2 post.bemcon.co.uk/wp-content/litespeed/css/d525ea9e26e73dfbfb5636782e35b9c1.css?ver=5b9c1
IP 188.114.96.1:0
Analyzer Verdict Alert fortinet Phishing
GET /wp-content/litespeed/css/d525ea9e26e73dfbfb5636782e35b9c1.css?ver=5b9c1 HTTP/1.1
Host: post.bemcon.co.uk
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://post.bemcon.co.uk/root-cause-analysis-rca/
Cookie: mailster=2f95e62ec15c593170a6e78f89436dad; _lscache_vary=0ecd605272207d647f0e0abe9c8f5436; __cf_bm=k0RHtuogg7Q.SiLLtBkkaN4VLOydeuZ52LAqY65OGEQ-1670299929-0-AQj6mnWefyvAfCLheHauSBvzfZVb0e06y8PDKcrMvo5r2InqazXZmHxzbYngaYV1V2jOlPUhwEErocz38a2YVLxVR/bUt4G7JQBufvkGyavM58EB/krMFxaQwiWzVoRkxVmAz2f8EWzb8ralsDbX0B8=; _ga_94998W1T93=GS1.1.1670299927.1.0.1670299927.0.0.0; _ga=GA1.3.1108594418.1670299927; _gid=GA1.3.1984919085.1670299927; _gat_gtag_UA_117111585_4=1
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
date: Tue, 06 Dec 2022 04:12:11 GMT
content-type: text/css
cache-control: public, max-age=31557600
cf-bgj: minify
cf-polished: origSize=57912
expires: Tue, 28 Nov 2023 19:44:17 GMT
last-modified: Mon, 28 Nov 2022 13:44:09 GMT
vary: Accept-Encoding,User-Agent,User-Agent
x-content-type-options: nosniff
x-turbo-charged-by: LiteSpeed
cf-cache-status: HIT
age: 63742
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=VIed%2BBnSGm71AiG%2Bnk1e634X3p4GJ9Hd96RR9nfEnXXuou6FJLF0vYj0bXXm9Cc8I1EadWs%2FNQZzQdzvSig2dzKL7jknaJjXogiTtnjmt1UBMm7lRtAB2eAkt95qYywNBTFzMw%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 77522e8a4e96b515-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
post.bemcon.co.uk/wp-content/litespeed/css/3e0032d99d6c167d3111bb352854e04a.css?ver=4e04a
188.114.96.1200 OK 0 B URL HTTP/2 post.bemcon.co.uk/wp-content/litespeed/css/3e0032d99d6c167d3111bb352854e04a.css?ver=4e04a
IP 188.114.96.1:0
Analyzer Verdict Alert fortinet Phishing
GET /wp-content/litespeed/css/3e0032d99d6c167d3111bb352854e04a.css?ver=4e04a HTTP/1.1
Host: post.bemcon.co.uk
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://post.bemcon.co.uk/root-cause-analysis-rca/
Cookie: mailster=2f95e62ec15c593170a6e78f89436dad; _lscache_vary=0ecd605272207d647f0e0abe9c8f5436; __cf_bm=k0RHtuogg7Q.SiLLtBkkaN4VLOydeuZ52LAqY65OGEQ-1670299929-0-AQj6mnWefyvAfCLheHauSBvzfZVb0e06y8PDKcrMvo5r2InqazXZmHxzbYngaYV1V2jOlPUhwEErocz38a2YVLxVR/bUt4G7JQBufvkGyavM58EB/krMFxaQwiWzVoRkxVmAz2f8EWzb8ralsDbX0B8=; _ga_94998W1T93=GS1.1.1670299927.1.0.1670299927.0.0.0; _ga=GA1.3.1108594418.1670299927; _gid=GA1.3.1984919085.1670299927; _gat_gtag_UA_117111585_4=1
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
date: Tue, 06 Dec 2022 04:12:11 GMT
content-type: text/css
cache-control: public, max-age=31557600
cf-bgj: minify
cf-polished: origSize=993
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
expires: Tue, 28 Nov 2023 19:44:17 GMT
last-modified: Mon, 28 Nov 2022 13:44:09 GMT
vary: Accept-Encoding,User-Agent,User-Agent
x-content-type-options: nosniff
x-turbo-charged-by: LiteSpeed
cf-cache-status: HIT
age: 63742
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=nvsRb83XxvPRPxtFV5O02LvP92HApG1yAfkDKuD%2F3Mq%2BLc%2FFnCgEg4drTiTInJDRCodS0PP%2B7S%2FxV802HR4OhFSx0sLNcxhPLu%2FBDCTtFBo5PbDDSgRNNWhzCC%2F9vfQB0gMx4g%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 77522e8a5e99b515-OSL
content-encoding: br
X-Firefox-Spdy: h2
post.bemcon.co.uk/wp-content/litespeed/js/f4a8f79ca2147599cdf000bf1066e50f.js?ver=6e50f
188.114.96.1200 OK 0 B URL HTTP/2 post.bemcon.co.uk/wp-content/litespeed/js/f4a8f79ca2147599cdf000bf1066e50f.js?ver=6e50f
IP 188.114.96.1:0
GET /wp-content/litespeed/js/f4a8f79ca2147599cdf000bf1066e50f.js?ver=6e50f HTTP/1.1
Host: post.bemcon.co.uk
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://post.bemcon.co.uk/root-cause-analysis-rca/
Cookie: mailster=2f95e62ec15c593170a6e78f89436dad; _lscache_vary=0ecd605272207d647f0e0abe9c8f5436; __cf_bm=k0RHtuogg7Q.SiLLtBkkaN4VLOydeuZ52LAqY65OGEQ-1670299929-0-AQj6mnWefyvAfCLheHauSBvzfZVb0e06y8PDKcrMvo5r2InqazXZmHxzbYngaYV1V2jOlPUhwEErocz38a2YVLxVR/bUt4G7JQBufvkGyavM58EB/krMFxaQwiWzVoRkxVmAz2f8EWzb8ralsDbX0B8=; _ga_94998W1T93=GS1.1.1670299927.1.0.1670299927.0.0.0; _ga=GA1.3.1108594418.1670299927; _gid=GA1.3.1984919085.1670299927; _gat_gtag_UA_117111585_4=1
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
date: Tue, 06 Dec 2022 04:12:11 GMT
content-type: application/javascript
cache-control: public, max-age=31557600
cf-bgj: minify
cf-polished: origSize=1676
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
expires: Tue, 28 Nov 2023 19:44:17 GMT
last-modified: Mon, 28 Nov 2022 13:44:09 GMT
vary: Accept-Encoding,User-Agent,User-Agent
x-content-type-options: nosniff
x-turbo-charged-by: LiteSpeed
cf-cache-status: HIT
age: 63742
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=uCrFxldEjdxs4urbCn6MF7dtF9MbQq8Ojc%2FS2n4Ttz7ETFoHjwby9USThaf2QzSLY27%2BeX9u0tEY5D8UTH4xnP7A6hmPhJZtaEE%2BkxDuB%2F1Up0%2BlIduHPLjZmssCIIR0gk8yOA%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 77522e8a5e9db515-OSL
content-encoding: br
X-Firefox-Spdy: h2
post.bemcon.co.uk/wp-content/litespeed/css/ee25c82612046ca9a86540ae5bfcd1ac.css?ver=cd1ac
188.114.96.1200 OK 0 B URL HTTP/2 post.bemcon.co.uk/wp-content/litespeed/css/ee25c82612046ca9a86540ae5bfcd1ac.css?ver=cd1ac
IP 188.114.96.1:0
Analyzer Verdict Alert fortinet Phishing
GET /wp-content/litespeed/css/ee25c82612046ca9a86540ae5bfcd1ac.css?ver=cd1ac HTTP/1.1
Host: post.bemcon.co.uk
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://post.bemcon.co.uk/root-cause-analysis-rca/
Cookie: mailster=2f95e62ec15c593170a6e78f89436dad; _lscache_vary=0ecd605272207d647f0e0abe9c8f5436; __cf_bm=k0RHtuogg7Q.SiLLtBkkaN4VLOydeuZ52LAqY65OGEQ-1670299929-0-AQj6mnWefyvAfCLheHauSBvzfZVb0e06y8PDKcrMvo5r2InqazXZmHxzbYngaYV1V2jOlPUhwEErocz38a2YVLxVR/bUt4G7JQBufvkGyavM58EB/krMFxaQwiWzVoRkxVmAz2f8EWzb8ralsDbX0B8=; _ga_94998W1T93=GS1.1.1670299927.1.0.1670299927.0.0.0; _ga=GA1.3.1108594418.1670299927; _gid=GA1.3.1984919085.1670299927; _gat_gtag_UA_117111585_4=1
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
date: Tue, 06 Dec 2022 04:12:11 GMT
content-type: text/css
cache-control: public, max-age=31557600
cf-bgj: minify
cf-polished: origSize=2827
expires: Wed, 29 Nov 2023 17:25:56 GMT
last-modified: Tue, 29 Nov 2022 11:25:55 GMT
vary: Accept-Encoding,User-Agent,User-Agent
x-content-type-options: nosniff
x-turbo-charged-by: LiteSpeed
cf-cache-status: HIT
age: 63742
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=9eTR8Kc6wzxbJWsyXG051bys7uKO2dOwEcpOrcNJ1yU6uf%2FrNvz6pVYkxqGZB97lqccihPAZyXjh73praeJwMIk%2BuCKy7c3jjXQNQcYurcxDcQb84bwYCDOI5ibbcwlglDaIGA%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 77522e8a7eaeb515-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
post.bemcon.co.uk/wp-content/litespeed/js/0f6f00892e74dd7386f724fe5603dad2.js?ver=3dad2
188.114.96.1200 OK 0 B URL HTTP/2 post.bemcon.co.uk/wp-content/litespeed/js/0f6f00892e74dd7386f724fe5603dad2.js?ver=3dad2
IP 188.114.96.1:0
GET /wp-content/litespeed/js/0f6f00892e74dd7386f724fe5603dad2.js?ver=3dad2 HTTP/1.1
Host: post.bemcon.co.uk
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://post.bemcon.co.uk/root-cause-analysis-rca/
Cookie: mailster=2f95e62ec15c593170a6e78f89436dad; _lscache_vary=0ecd605272207d647f0e0abe9c8f5436; __cf_bm=k0RHtuogg7Q.SiLLtBkkaN4VLOydeuZ52LAqY65OGEQ-1670299929-0-AQj6mnWefyvAfCLheHauSBvzfZVb0e06y8PDKcrMvo5r2InqazXZmHxzbYngaYV1V2jOlPUhwEErocz38a2YVLxVR/bUt4G7JQBufvkGyavM58EB/krMFxaQwiWzVoRkxVmAz2f8EWzb8ralsDbX0B8=; _ga_94998W1T93=GS1.1.1670299927.1.0.1670299927.0.0.0; _ga=GA1.3.1108594418.1670299927; _gid=GA1.3.1984919085.1670299927; _gat_gtag_UA_117111585_4=1
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
date: Tue, 06 Dec 2022 04:12:11 GMT
content-type: application/javascript
cache-control: public, max-age=31557600
cf-bgj: minify
cf-polished: origSize=670
expires: Tue, 28 Nov 2023 20:09:24 GMT
last-modified: Mon, 28 Nov 2022 14:09:23 GMT
vary: Accept-Encoding,User-Agent,User-Agent
x-content-type-options: nosniff
x-turbo-charged-by: LiteSpeed
cf-cache-status: HIT
age: 63742
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=jhvFkhaA8pn4cGOko4CYsQmh7qs2Qvi4hoXMf2acgODFRxyb3f3FZTzSj%2Fm43i92L2491HLAxvlxNPz612ZwIfauH0n2l6%2F36JKFaFxTmw4OBh5mX%2BUOjaeSzcBpJ81CIv%2FcHQ%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 77522e8acee4b515-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
post.bemcon.co.uk/wp-content/litespeed/css/065d2c341c17c2e9abd7f6484fed4ee9.css?ver=d4ee9
188.114.96.1200 OK 0 B URL HTTP/2 post.bemcon.co.uk/wp-content/litespeed/css/065d2c341c17c2e9abd7f6484fed4ee9.css?ver=d4ee9
IP 188.114.96.1:0
Analyzer Verdict Alert fortinet Phishing
GET /wp-content/litespeed/css/065d2c341c17c2e9abd7f6484fed4ee9.css?ver=d4ee9 HTTP/1.1
Host: post.bemcon.co.uk
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://post.bemcon.co.uk/root-cause-analysis-rca/
Cookie: mailster=2f95e62ec15c593170a6e78f89436dad; _lscache_vary=0ecd605272207d647f0e0abe9c8f5436; __cf_bm=k0RHtuogg7Q.SiLLtBkkaN4VLOydeuZ52LAqY65OGEQ-1670299929-0-AQj6mnWefyvAfCLheHauSBvzfZVb0e06y8PDKcrMvo5r2InqazXZmHxzbYngaYV1V2jOlPUhwEErocz38a2YVLxVR/bUt4G7JQBufvkGyavM58EB/krMFxaQwiWzVoRkxVmAz2f8EWzb8ralsDbX0B8=; _ga_94998W1T93=GS1.1.1670299927.1.0.1670299927.0.0.0; _ga=GA1.3.1108594418.1670299927; _gid=GA1.3.1984919085.1670299927; _gat_gtag_UA_117111585_4=1
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
date: Tue, 06 Dec 2022 04:12:11 GMT
content-type: text/css
cache-control: public, max-age=31557600
cf-bgj: minify
cf-polished: origSize=481120
expires: Tue, 28 Nov 2023 19:44:17 GMT
last-modified: Mon, 28 Nov 2022 13:44:09 GMT
vary: Accept-Encoding,User-Agent,User-Agent
x-content-type-options: nosniff
x-turbo-charged-by: LiteSpeed
cf-cache-status: HIT
age: 63742
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=sN%2FN%2FRWNW0EP53wfwxSNElJTHvphWCgoL%2FkgfDPjlMiW6FFDKrYM3HI29MvyWmPKBIn%2FRSEjDYGHnUzMF4fWEcNq3RKE%2Fk4ZNig1lNylbjb5BlxfgIazqQ5WaBOnNTqQoOeKkg%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 77522e8a3e8fb515-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
post.bemcon.co.uk/wp-content/litespeed/js/8df24cefe66ccc25c0fceb0fbb1371d9.js?ver=371d9
188.114.96.1200 OK 0 B URL HTTP/2 post.bemcon.co.uk/wp-content/litespeed/js/8df24cefe66ccc25c0fceb0fbb1371d9.js?ver=371d9
IP 188.114.96.1:0
GET /wp-content/litespeed/js/8df24cefe66ccc25c0fceb0fbb1371d9.js?ver=371d9 HTTP/1.1
Host: post.bemcon.co.uk
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://post.bemcon.co.uk/root-cause-analysis-rca/
Cookie: mailster=2f95e62ec15c593170a6e78f89436dad; _lscache_vary=0ecd605272207d647f0e0abe9c8f5436; __cf_bm=k0RHtuogg7Q.SiLLtBkkaN4VLOydeuZ52LAqY65OGEQ-1670299929-0-AQj6mnWefyvAfCLheHauSBvzfZVb0e06y8PDKcrMvo5r2InqazXZmHxzbYngaYV1V2jOlPUhwEErocz38a2YVLxVR/bUt4G7JQBufvkGyavM58EB/krMFxaQwiWzVoRkxVmAz2f8EWzb8ralsDbX0B8=; _ga_94998W1T93=GS1.1.1670299927.1.0.1670299927.0.0.0; _ga=GA1.3.1108594418.1670299927; _gid=GA1.3.1984919085.1670299927; _gat_gtag_UA_117111585_4=1
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
date: Tue, 06 Dec 2022 04:12:11 GMT
content-type: application/javascript
cache-control: public, max-age=31557600
cf-bgj: minify
cf-polished: origSize=12200
expires: Tue, 28 Nov 2023 20:09:24 GMT
last-modified: Mon, 28 Nov 2022 14:09:23 GMT
vary: Accept-Encoding,User-Agent,User-Agent
x-content-type-options: nosniff
x-turbo-charged-by: LiteSpeed
cf-cache-status: HIT
age: 63742
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=%2Bc%2FeTgEAPf%2Fy0gsw8bVfTHndpy2MHZdoE7wgLp0nI6lb%2B1ZPnBcchlfMRc4%2Btga6149vJRJq24NKr%2F%2B3Hv3Ral7vNJ5I79G9Sbb2ujMw%2FrDiCm5s6Vi%2BB0SLABeGIPORMuUMew%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 77522e8acedbb515-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
post.bemcon.co.uk/wp-content/litespeed/js/d0b668a25dd51b8cd24fa34a00b74f78.js?ver=74f78
188.114.96.1200 OK 0 B URL HTTP/2 post.bemcon.co.uk/wp-content/litespeed/js/d0b668a25dd51b8cd24fa34a00b74f78.js?ver=74f78
IP 188.114.96.1:0
GET /wp-content/litespeed/js/d0b668a25dd51b8cd24fa34a00b74f78.js?ver=74f78 HTTP/1.1
Host: post.bemcon.co.uk
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://post.bemcon.co.uk/root-cause-analysis-rca/
Cookie: mailster=2f95e62ec15c593170a6e78f89436dad; _lscache_vary=0ecd605272207d647f0e0abe9c8f5436; __cf_bm=k0RHtuogg7Q.SiLLtBkkaN4VLOydeuZ52LAqY65OGEQ-1670299929-0-AQj6mnWefyvAfCLheHauSBvzfZVb0e06y8PDKcrMvo5r2InqazXZmHxzbYngaYV1V2jOlPUhwEErocz38a2YVLxVR/bUt4G7JQBufvkGyavM58EB/krMFxaQwiWzVoRkxVmAz2f8EWzb8ralsDbX0B8=; _ga_94998W1T93=GS1.1.1670299927.1.0.1670299927.0.0.0; _ga=GA1.3.1108594418.1670299927; _gid=GA1.3.1984919085.1670299927; _gat_gtag_UA_117111585_4=1
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
date: Tue, 06 Dec 2022 04:12:11 GMT
content-type: application/javascript
cache-control: public, max-age=31557600
cf-bgj: minify
cf-polished: origSize=784
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
expires: Tue, 28 Nov 2023 20:09:24 GMT
last-modified: Mon, 28 Nov 2022 14:09:23 GMT
vary: Accept-Encoding,User-Agent,User-Agent
x-content-type-options: nosniff
x-turbo-charged-by: LiteSpeed
cf-cache-status: HIT
age: 63742
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=MFtshrR5jMynJ0cGNKrMWY4RSlvg7%2BH1h258EsiV1TVI8ON7sif%2FTF7ycpB1OtunCs6ePNdSRdj7VC5A5NY6Iu40RROlzlIZA6AEjx0yJsL2LG%2F6yLYuCZbcd%2FVwYOBnVRuI%2BQ%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 77522e8acee2b515-OSL
content-encoding: br
X-Firefox-Spdy: h2
post.bemcon.co.uk/wp-content/litespeed/js/080bd9055596882272b34089c957bed7.js?ver=7bed7
188.114.96.1200 OK 0 B URL HTTP/2 post.bemcon.co.uk/wp-content/litespeed/js/080bd9055596882272b34089c957bed7.js?ver=7bed7
IP 188.114.96.1:0
GET /wp-content/litespeed/js/080bd9055596882272b34089c957bed7.js?ver=7bed7 HTTP/1.1
Host: post.bemcon.co.uk
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://post.bemcon.co.uk/root-cause-analysis-rca/
Cookie: mailster=2f95e62ec15c593170a6e78f89436dad; _lscache_vary=0ecd605272207d647f0e0abe9c8f5436; __cf_bm=k0RHtuogg7Q.SiLLtBkkaN4VLOydeuZ52LAqY65OGEQ-1670299929-0-AQj6mnWefyvAfCLheHauSBvzfZVb0e06y8PDKcrMvo5r2InqazXZmHxzbYngaYV1V2jOlPUhwEErocz38a2YVLxVR/bUt4G7JQBufvkGyavM58EB/krMFxaQwiWzVoRkxVmAz2f8EWzb8ralsDbX0B8=; _ga_94998W1T93=GS1.1.1670299927.1.0.1670299927.0.0.0; _ga=GA1.3.1108594418.1670299927; _gid=GA1.3.1984919085.1670299927; _gat_gtag_UA_117111585_4=1
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
date: Tue, 06 Dec 2022 04:12:11 GMT
content-type: application/javascript
cache-control: public, max-age=31557600
cf-bgj: minify
cf-polished: origSize=536
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
expires: Tue, 28 Nov 2023 20:09:24 GMT
last-modified: Mon, 28 Nov 2022 14:09:23 GMT
vary: Accept-Encoding,User-Agent,User-Agent
x-content-type-options: nosniff
x-turbo-charged-by: LiteSpeed
cf-cache-status: HIT
age: 63742
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=82ymo8QaYXNP%2B0PCJ2VyCZWaDtHSIePTjPhrB5Vl3sqclQbhNSd5IqmfTssdemHd6GRpHopHhffSdpLYYhADJglooZiIBT9qPgjpnvUAEP9%2BrxxDTVeBFqcrH6sNHNR2xGe7lQ%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 77522e8acee0b515-OSL
content-encoding: br
X-Firefox-Spdy: h2
post.bemcon.co.uk/wp-content/litespeed/js/d3225d11ed601e1bbf67db506b1c6a41.js?ver=c6a41
188.114.96.1200 OK 0 B URL HTTP/2 post.bemcon.co.uk/wp-content/litespeed/js/d3225d11ed601e1bbf67db506b1c6a41.js?ver=c6a41
IP 188.114.96.1:0
GET /wp-content/litespeed/js/d3225d11ed601e1bbf67db506b1c6a41.js?ver=c6a41 HTTP/1.1
Host: post.bemcon.co.uk
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://post.bemcon.co.uk/root-cause-analysis-rca/
Cookie: mailster=2f95e62ec15c593170a6e78f89436dad; _lscache_vary=0ecd605272207d647f0e0abe9c8f5436; __cf_bm=k0RHtuogg7Q.SiLLtBkkaN4VLOydeuZ52LAqY65OGEQ-1670299929-0-AQj6mnWefyvAfCLheHauSBvzfZVb0e06y8PDKcrMvo5r2InqazXZmHxzbYngaYV1V2jOlPUhwEErocz38a2YVLxVR/bUt4G7JQBufvkGyavM58EB/krMFxaQwiWzVoRkxVmAz2f8EWzb8ralsDbX0B8=; _ga_94998W1T93=GS1.1.1670299927.1.0.1670299927.0.0.0; _ga=GA1.3.1108594418.1670299927; _gid=GA1.3.1984919085.1670299927; _gat_gtag_UA_117111585_4=1
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
date: Tue, 06 Dec 2022 04:12:11 GMT
content-type: application/javascript
cache-control: public, max-age=31557600
cf-bgj: minify
cf-polished: origSize=10232
expires: Tue, 28 Nov 2023 20:09:24 GMT
last-modified: Mon, 28 Nov 2022 14:09:23 GMT
vary: Accept-Encoding,User-Agent,User-Agent
x-content-type-options: nosniff
x-turbo-charged-by: LiteSpeed
cf-cache-status: HIT
age: 63742
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=YwNk%2B045HmYV4aS8pHKdnL2Wdc38wdzOPQH5zb5XdOeVvt9jYkp4pglRGLIFSaG1xUGDTYAHcCh5eHlhuqWUWq9e2JCu8MNv5%2BlWUah0oh54%2F6vg0dtbuQFOC55VHUNirIKMLg%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 77522e8adeefb515-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
post.bemcon.co.uk/wp-content/litespeed/css/35e6ba9a4fc68709f41df2ebc67dda77.css?ver=dda77
188.114.96.1200 OK 0 B URL HTTP/2 post.bemcon.co.uk/wp-content/litespeed/css/35e6ba9a4fc68709f41df2ebc67dda77.css?ver=dda77
IP 188.114.96.1:0
Analyzer Verdict Alert fortinet Phishing
GET /wp-content/litespeed/css/35e6ba9a4fc68709f41df2ebc67dda77.css?ver=dda77 HTTP/1.1
Host: post.bemcon.co.uk
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://post.bemcon.co.uk/root-cause-analysis-rca/
Cookie: mailster=2f95e62ec15c593170a6e78f89436dad; _lscache_vary=0ecd605272207d647f0e0abe9c8f5436; __cf_bm=k0RHtuogg7Q.SiLLtBkkaN4VLOydeuZ52LAqY65OGEQ-1670299929-0-AQj6mnWefyvAfCLheHauSBvzfZVb0e06y8PDKcrMvo5r2InqazXZmHxzbYngaYV1V2jOlPUhwEErocz38a2YVLxVR/bUt4G7JQBufvkGyavM58EB/krMFxaQwiWzVoRkxVmAz2f8EWzb8ralsDbX0B8=; _ga_94998W1T93=GS1.1.1670299927.1.0.1670299927.0.0.0; _ga=GA1.3.1108594418.1670299927; _gid=GA1.3.1984919085.1670299927; _gat_gtag_UA_117111585_4=1
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
date: Tue, 06 Dec 2022 04:12:11 GMT
content-type: text/css
cache-control: public, max-age=31557600
cf-bgj: minify
expires: Tue, 28 Nov 2023 19:44:17 GMT
last-modified: Mon, 28 Nov 2022 13:44:09 GMT
vary: Accept-Encoding,User-Agent,User-Agent
x-content-type-options: nosniff
x-turbo-charged-by: LiteSpeed
cf-cache-status: HIT
age: 63742
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=qEliavmL9UAtQkzjl8x8os984xQ9qKtb8qQ2Jk1ubkZ4PQ33sjrhfShL8VAN7mAfA2HXeCkR1S0kNi6OL4e8n4CPhEK4quFqMrPzCyK8DtHEIq7z%2BEHK2o5QIEjQfzpX5Plwqw%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 77522e8a3e8cb515-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
post.bemcon.co.uk/wp-content/litespeed/css/8816ce3c297776cb8f3b0d45edcaf33b.css?ver=af33b
188.114.96.1200 OK 0 B URL HTTP/2 post.bemcon.co.uk/wp-content/litespeed/css/8816ce3c297776cb8f3b0d45edcaf33b.css?ver=af33b
IP 188.114.96.1:0
Analyzer Verdict Alert fortinet Phishing
GET /wp-content/litespeed/css/8816ce3c297776cb8f3b0d45edcaf33b.css?ver=af33b HTTP/1.1
Host: post.bemcon.co.uk
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://post.bemcon.co.uk/root-cause-analysis-rca/
Cookie: mailster=2f95e62ec15c593170a6e78f89436dad; _lscache_vary=0ecd605272207d647f0e0abe9c8f5436; __cf_bm=k0RHtuogg7Q.SiLLtBkkaN4VLOydeuZ52LAqY65OGEQ-1670299929-0-AQj6mnWefyvAfCLheHauSBvzfZVb0e06y8PDKcrMvo5r2InqazXZmHxzbYngaYV1V2jOlPUhwEErocz38a2YVLxVR/bUt4G7JQBufvkGyavM58EB/krMFxaQwiWzVoRkxVmAz2f8EWzb8ralsDbX0B8=; _ga_94998W1T93=GS1.1.1670299927.1.0.1670299927.0.0.0; _ga=GA1.3.1108594418.1670299927; _gid=GA1.3.1984919085.1670299927; _gat_gtag_UA_117111585_4=1
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
date: Tue, 06 Dec 2022 04:12:11 GMT
content-type: text/css
cache-control: public, max-age=31557600
cf-bgj: minify
expires: Tue, 28 Nov 2023 19:44:17 GMT
last-modified: Mon, 28 Nov 2022 13:44:09 GMT
vary: Accept-Encoding,User-Agent,User-Agent
x-content-type-options: nosniff
x-turbo-charged-by: LiteSpeed
cf-cache-status: HIT
age: 63742
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=7qyPVOY2C%2FG24PMlVLSJ3vbsyaJyVM2Rk4q%2FQu%2FwKPArsca0Z7IqpbEBSLOyofU4BPJjPWykPZX46bx9BadLpeOHNHiV3RbKlUNeijrT2ZhP%2F0ichHpQ88Ne4amkkI6CRenkWg%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 77522e8a3e90b515-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
post.bemcon.co.uk/wp-content/litespeed/css/3e625414636dcaa3b2462ab3755cd87a.css?ver=cd87a
188.114.96.1200 OK 0 B URL HTTP/2 post.bemcon.co.uk/wp-content/litespeed/css/3e625414636dcaa3b2462ab3755cd87a.css?ver=cd87a
IP 188.114.96.1:0
Analyzer Verdict Alert fortinet Phishing
GET /wp-content/litespeed/css/3e625414636dcaa3b2462ab3755cd87a.css?ver=cd87a HTTP/1.1
Host: post.bemcon.co.uk
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://post.bemcon.co.uk/root-cause-analysis-rca/
Cookie: mailster=2f95e62ec15c593170a6e78f89436dad; _lscache_vary=0ecd605272207d647f0e0abe9c8f5436; __cf_bm=k0RHtuogg7Q.SiLLtBkkaN4VLOydeuZ52LAqY65OGEQ-1670299929-0-AQj6mnWefyvAfCLheHauSBvzfZVb0e06y8PDKcrMvo5r2InqazXZmHxzbYngaYV1V2jOlPUhwEErocz38a2YVLxVR/bUt4G7JQBufvkGyavM58EB/krMFxaQwiWzVoRkxVmAz2f8EWzb8ralsDbX0B8=; _ga_94998W1T93=GS1.1.1670299927.1.0.1670299927.0.0.0; _ga=GA1.3.1108594418.1670299927; _gid=GA1.3.1984919085.1670299927; _gat_gtag_UA_117111585_4=1
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
date: Tue, 06 Dec 2022 04:12:11 GMT
content-type: text/css
cache-control: public, max-age=31557600
cf-bgj: minify
cf-polished: origSize=8202
expires: Sat, 02 Dec 2023 12:45:41 GMT
last-modified: Fri, 02 Dec 2022 02:31:49 GMT
vary: Accept-Encoding,User-Agent,User-Agent
x-content-type-options: nosniff
x-turbo-charged-by: LiteSpeed
cf-cache-status: HIT
age: 63742
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=9bzcJR%2Bsu%2Bi0OvtRlgWZ5LUIk4DrileR%2FTnzdAWRgrVVKbwnd1Mw00eYHgx1UD7AH5eD7joZiRnydmWgw1Rz9pSFM2wg6JiaS5pcZ5ri1jNoPlqZ%2B4poQSgwLvDfVV2cj7r39A%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 77522e8a4e92b515-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
post.bemcon.co.uk/wp-content/litespeed/js/81e54c382eb3da1e03cbdb8115747029.js?ver=47029
188.114.96.1200 OK 0 B URL HTTP/2 post.bemcon.co.uk/wp-content/litespeed/js/81e54c382eb3da1e03cbdb8115747029.js?ver=47029
IP 188.114.96.1:0
GET /wp-content/litespeed/js/81e54c382eb3da1e03cbdb8115747029.js?ver=47029 HTTP/1.1
Host: post.bemcon.co.uk
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://post.bemcon.co.uk/root-cause-analysis-rca/
Cookie: mailster=2f95e62ec15c593170a6e78f89436dad; _lscache_vary=0ecd605272207d647f0e0abe9c8f5436; __cf_bm=k0RHtuogg7Q.SiLLtBkkaN4VLOydeuZ52LAqY65OGEQ-1670299929-0-AQj6mnWefyvAfCLheHauSBvzfZVb0e06y8PDKcrMvo5r2InqazXZmHxzbYngaYV1V2jOlPUhwEErocz38a2YVLxVR/bUt4G7JQBufvkGyavM58EB/krMFxaQwiWzVoRkxVmAz2f8EWzb8ralsDbX0B8=; _ga_94998W1T93=GS1.1.1670299927.1.0.1670299927.0.0.0; _ga=GA1.3.1108594418.1670299927; _gid=GA1.3.1984919085.1670299927; _gat_gtag_UA_117111585_4=1
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
date: Tue, 06 Dec 2022 04:12:11 GMT
content-type: application/javascript
cache-control: public, max-age=31557600
cf-bgj: minify
cf-polished: origSize=3404
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
expires: Sun, 03 Dec 2023 16:04:04 GMT
last-modified: Sat, 03 Dec 2022 10:04:03 GMT
vary: Accept-Encoding,User-Agent,User-Agent
x-content-type-options: nosniff
x-turbo-charged-by: LiteSpeed
cf-cache-status: HIT
age: 63742
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=f%2FRrqcIDGnTB93V8S1kKw%2FS3NPMb0St7pHc4qsH%2FzAIMyqWRnGA3UGp4fLWulwYBmsOIpOSr%2Fn2rmA6sFmatkQRxYPYv7cIr7vpxDfVrWZ6zI2gczGuHmU7rbQzGk0uMia6s6Q%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 77522e8aaec6b515-OSL
content-encoding: br
X-Firefox-Spdy: h2
post.bemcon.co.uk/wp-content/litespeed/css/6ac4f84452bda369dbb2a21ab0441010.css?ver=41010
188.114.96.1200 OK 0 B URL HTTP/2 post.bemcon.co.uk/wp-content/litespeed/css/6ac4f84452bda369dbb2a21ab0441010.css?ver=41010
IP 188.114.96.1:0
Analyzer Verdict Alert fortinet Phishing
GET /wp-content/litespeed/css/6ac4f84452bda369dbb2a21ab0441010.css?ver=41010 HTTP/1.1
Host: post.bemcon.co.uk
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://post.bemcon.co.uk/root-cause-analysis-rca/
Cookie: mailster=2f95e62ec15c593170a6e78f89436dad; _lscache_vary=0ecd605272207d647f0e0abe9c8f5436; __cf_bm=k0RHtuogg7Q.SiLLtBkkaN4VLOydeuZ52LAqY65OGEQ-1670299929-0-AQj6mnWefyvAfCLheHauSBvzfZVb0e06y8PDKcrMvo5r2InqazXZmHxzbYngaYV1V2jOlPUhwEErocz38a2YVLxVR/bUt4G7JQBufvkGyavM58EB/krMFxaQwiWzVoRkxVmAz2f8EWzb8ralsDbX0B8=; _ga_94998W1T93=GS1.1.1670299927.1.0.1670299927.0.0.0; _ga=GA1.3.1108594418.1670299927; _gid=GA1.3.1984919085.1670299927; _gat_gtag_UA_117111585_4=1
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
date: Tue, 06 Dec 2022 04:12:11 GMT
content-type: text/css
cache-control: public, max-age=31557600
cf-bgj: minify
cf-polished: origSize=94154
expires: Tue, 28 Nov 2023 19:44:17 GMT
last-modified: Mon, 28 Nov 2022 13:44:09 GMT
vary: Accept-Encoding,User-Agent,User-Agent
x-content-type-options: nosniff
x-turbo-charged-by: LiteSpeed
cf-cache-status: HIT
age: 63742
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=QAJo2majIDbBXhgXz1F%2FledeEsRaYIhUwayWtPKf4E2HsJcp36V9XNCvHj9f6ldvjOGcTGOoynf0XKOnl4xC3jVhPm451HIpL5CLI2lVRv4ab8ETymCneGhRWBkiyqJDZLScUg%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 77522e8a0e77b515-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
post.bemcon.co.uk/index.php/mailster/3645/2f95e62ec15c593170a6e78f89436dad/aHR0cHM6Ly9wb3N0LmJlbWNvbi5jby51ay9yb290LWNhdXNlLWFuYWx5c2lzLXJjYS8
188.114.96.1307 Temporary Redirect 0 B URL HTTP/2 post.bemcon.co.uk/index.php/mailster/3645/2f95e62ec15c593170a6e78f89436dad/aHR0cHM6Ly9wb3N0LmJlbWNvbi5jby51ay9yb290LWNhdXNlLWFuYWx5c2lzLXJjYS8
IP 188.114.96.1:0
Analyzer Verdict Alert fortinet Phishing
GET /index.php/mailster/3645/2f95e62ec15c593170a6e78f89436dad/aHR0cHM6Ly9wb3N0LmJlbWNvbi5jby51ay9yb290LWNhdXNlLWFuYWx5c2lzLXJjYS8 HTTP/1.1
Host: post.bemcon.co.uk
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: none
Sec-Fetch-User: ?1
HTTP/2 307 Temporary Redirect
date: Tue, 06 Dec 2022 04:12:07 GMT
content-type: text/html; charset=UTF-8
location: https://post.bemcon.co.uk/root-cause-analysis-rca/
x-dns-prefetch-control: on
set-cookie: mailster=2f95e62ec15c593170a6e78f89436dad; expires=Tue, 06-Dec-2022 05:12:07 GMT; Max-Age=3600; path=/; secure
x-redirect-by: Mailster
x-litespeed-cache: miss
vary: User-Agent,User-Agent
x-content-type-options: nosniff
x-turbo-charged-by: LiteSpeed
cf-cache-status: DYNAMIC
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=vCvpZd0kwbZIzOfkZUrV0iKgmzInaMZwxC94WeCbMTJPyITP5jGCqEtll8gm4oFU57QH%2FUVLFeaRUBtoHudA67PITaw%2B%2B8sl3dfkfQKJtEXj1jR0zxJcmadhSi%2BfvigTST3nTA%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 77522e6e7a25b4ff-OSL
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
post.bemcon.co.uk/wp-content/litespeed/css/6e331470c4db945b9c338d3b0363b4f0.css?ver=3b4f0
188.114.96.1200 OK 0 B URL HTTP/2 post.bemcon.co.uk/wp-content/litespeed/css/6e331470c4db945b9c338d3b0363b4f0.css?ver=3b4f0
IP 188.114.96.1:0
Analyzer Verdict Alert fortinet Phishing
GET /wp-content/litespeed/css/6e331470c4db945b9c338d3b0363b4f0.css?ver=3b4f0 HTTP/1.1
Host: post.bemcon.co.uk
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://post.bemcon.co.uk/root-cause-analysis-rca/
Cookie: mailster=2f95e62ec15c593170a6e78f89436dad; _lscache_vary=0ecd605272207d647f0e0abe9c8f5436; __cf_bm=k0RHtuogg7Q.SiLLtBkkaN4VLOydeuZ52LAqY65OGEQ-1670299929-0-AQj6mnWefyvAfCLheHauSBvzfZVb0e06y8PDKcrMvo5r2InqazXZmHxzbYngaYV1V2jOlPUhwEErocz38a2YVLxVR/bUt4G7JQBufvkGyavM58EB/krMFxaQwiWzVoRkxVmAz2f8EWzb8ralsDbX0B8=; _ga_94998W1T93=GS1.1.1670299927.1.0.1670299927.0.0.0; _ga=GA1.3.1108594418.1670299927; _gid=GA1.3.1984919085.1670299927; _gat_gtag_UA_117111585_4=1
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
date: Tue, 06 Dec 2022 04:12:11 GMT
content-type: text/css
cache-control: public, max-age=31557600
cf-bgj: minify
cf-polished: origSize=94872
expires: Tue, 28 Nov 2023 19:44:17 GMT
last-modified: Mon, 28 Nov 2022 13:44:09 GMT
vary: Accept-Encoding,User-Agent,User-Agent
x-content-type-options: nosniff
x-turbo-charged-by: LiteSpeed
cf-cache-status: HIT
age: 63742
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=36034Tnp4EIv0oseSJYmH5CUdxVuDPxF61zI%2BoEYpR6pIc%2FIvX2zhhOU59w9F0IdHWJT8B7WI3ZKzcNX%2FZH9%2FcjaRs3Se%2BWNk3KCiHgjIv2x%2BOY1DyF4gFTA2IJwjacipF915Q%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 77522e8a2e7cb515-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
post.bemcon.co.uk/wp-content/litespeed/css/3a3078582f0bb387c4481a1fbcdd088e.css?ver=d088e
188.114.96.1200 OK 0 B URL HTTP/2 post.bemcon.co.uk/wp-content/litespeed/css/3a3078582f0bb387c4481a1fbcdd088e.css?ver=d088e
IP 188.114.96.1:0
Analyzer Verdict Alert fortinet Phishing
GET /wp-content/litespeed/css/3a3078582f0bb387c4481a1fbcdd088e.css?ver=d088e HTTP/1.1
Host: post.bemcon.co.uk
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://post.bemcon.co.uk/root-cause-analysis-rca/
Cookie: mailster=2f95e62ec15c593170a6e78f89436dad; _lscache_vary=0ecd605272207d647f0e0abe9c8f5436; __cf_bm=k0RHtuogg7Q.SiLLtBkkaN4VLOydeuZ52LAqY65OGEQ-1670299929-0-AQj6mnWefyvAfCLheHauSBvzfZVb0e06y8PDKcrMvo5r2InqazXZmHxzbYngaYV1V2jOlPUhwEErocz38a2YVLxVR/bUt4G7JQBufvkGyavM58EB/krMFxaQwiWzVoRkxVmAz2f8EWzb8ralsDbX0B8=; _ga_94998W1T93=GS1.1.1670299927.1.0.1670299927.0.0.0; _ga=GA1.3.1108594418.1670299927; _gid=GA1.3.1984919085.1670299927; _gat_gtag_UA_117111585_4=1
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
date: Tue, 06 Dec 2022 04:12:11 GMT
content-type: text/css
cache-control: public, max-age=31557600
cf-bgj: minify
cf-polished: origSize=43830
expires: Sat, 02 Dec 2023 12:45:41 GMT
last-modified: Fri, 02 Dec 2022 02:31:49 GMT
vary: Accept-Encoding,User-Agent,User-Agent
x-content-type-options: nosniff
x-turbo-charged-by: LiteSpeed
cf-cache-status: HIT
age: 63742
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=M6FlCkf8b3HFDyOV%2F0eZ71JvrNFe9WoW1NZfralatPHGe9uy34OzwdWdf3DiBpqK%2FXdhVfmYi0bysOu97Gs0p4gYTpX09%2BXuC9PxQodGWeNAa4e5lY4oyGY282B9cnOi6puazA%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 77522e8a2e83b515-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
post.bemcon.co.uk/wp-content/litespeed/js/8e6b0d3fd10eb987f97773fd0c9acc8e.js?ver=acc8e
188.114.96.1200 OK 0 B URL HTTP/2 post.bemcon.co.uk/wp-content/litespeed/js/8e6b0d3fd10eb987f97773fd0c9acc8e.js?ver=acc8e
IP 188.114.96.1:0
GET /wp-content/litespeed/js/8e6b0d3fd10eb987f97773fd0c9acc8e.js?ver=acc8e HTTP/1.1
Host: post.bemcon.co.uk
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://post.bemcon.co.uk/root-cause-analysis-rca/
Cookie: mailster=2f95e62ec15c593170a6e78f89436dad; _lscache_vary=0ecd605272207d647f0e0abe9c8f5436; __cf_bm=k0RHtuogg7Q.SiLLtBkkaN4VLOydeuZ52LAqY65OGEQ-1670299929-0-AQj6mnWefyvAfCLheHauSBvzfZVb0e06y8PDKcrMvo5r2InqazXZmHxzbYngaYV1V2jOlPUhwEErocz38a2YVLxVR/bUt4G7JQBufvkGyavM58EB/krMFxaQwiWzVoRkxVmAz2f8EWzb8ralsDbX0B8=; _ga_94998W1T93=GS1.1.1670299927.1.0.1670299927.0.0.0; _ga=GA1.3.1108594418.1670299927; _gid=GA1.3.1984919085.1670299927; _gat_gtag_UA_117111585_4=1
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
date: Tue, 06 Dec 2022 04:12:11 GMT
content-type: application/javascript
cache-control: public, max-age=31557600
cf-bgj: minify
cf-polished: origSize=11225
expires: Sat, 02 Dec 2023 15:10:45 GMT
last-modified: Fri, 02 Dec 2022 09:10:21 GMT
vary: Accept-Encoding,User-Agent,User-Agent
x-content-type-options: nosniff
x-turbo-charged-by: LiteSpeed
cf-cache-status: HIT
age: 63742
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=u5hJybwoyPHbl48AArd9zwqaMU5jANgIRAR8C%2FctgJVbJFED%2BAmzNbBGGUVxFvR1Eeoy1dJsraZuycpl8rR%2FAb53IoYnf9XKJiob6otep0ZDjILFOENrOZ7qEB%2F%2B10gOoQO7qA%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 77522e8a5e9cb515-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
post.bemcon.co.uk/wp-content/litespeed/js/c02407f3a53e2199915cf07dbb0b824c.js?ver=b824c
188.114.96.1200 OK 0 B URL HTTP/2 post.bemcon.co.uk/wp-content/litespeed/js/c02407f3a53e2199915cf07dbb0b824c.js?ver=b824c
IP 188.114.96.1:0
GET /wp-content/litespeed/js/c02407f3a53e2199915cf07dbb0b824c.js?ver=b824c HTTP/1.1
Host: post.bemcon.co.uk
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://post.bemcon.co.uk/root-cause-analysis-rca/
Cookie: mailster=2f95e62ec15c593170a6e78f89436dad; _lscache_vary=0ecd605272207d647f0e0abe9c8f5436; __cf_bm=k0RHtuogg7Q.SiLLtBkkaN4VLOydeuZ52LAqY65OGEQ-1670299929-0-AQj6mnWefyvAfCLheHauSBvzfZVb0e06y8PDKcrMvo5r2InqazXZmHxzbYngaYV1V2jOlPUhwEErocz38a2YVLxVR/bUt4G7JQBufvkGyavM58EB/krMFxaQwiWzVoRkxVmAz2f8EWzb8ralsDbX0B8=; _ga_94998W1T93=GS1.1.1670299927.1.0.1670299927.0.0.0; _ga=GA1.3.1108594418.1670299927; _gid=GA1.3.1984919085.1670299927; _gat_gtag_UA_117111585_4=1
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
date: Tue, 06 Dec 2022 04:12:11 GMT
content-type: application/javascript
cache-control: public, max-age=31557600
cf-bgj: minify
cf-polished: origSize=21419
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
expires: Tue, 28 Nov 2023 20:09:24 GMT
last-modified: Mon, 28 Nov 2022 14:09:23 GMT
vary: Accept-Encoding,User-Agent,User-Agent
x-content-type-options: nosniff
x-turbo-charged-by: LiteSpeed
cf-cache-status: HIT
age: 63742
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=ANwjAXp5WEQleFYkxBowcabx4h%2BN4s2l12Dqgjhvhrqx%2Fob0%2FHSX%2BZXOM9oU6DXxPbPKMGyZ%2Fwka%2BJ%2BJTnSH0L%2FXUH6U0iHx4P99Ikii7cDHADKHaBVnGzH68EAx7MpLp4d4Tw%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 77522e8adef0b515-OSL
content-encoding: br
X-Firefox-Spdy: h2
post.bemcon.co.uk/root-cause-analysis-rca/
188.114.96.1200 OK 0 B URL HTTP/2 post.bemcon.co.uk/root-cause-analysis-rca/
IP 188.114.96.1:0
Analyzer Verdict Alert fortinet Phishing
GET /root-cause-analysis-rca/ HTTP/1.1
Host: post.bemcon.co.uk
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Cookie: mailster=2f95e62ec15c593170a6e78f89436dad
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: none
Sec-Fetch-User: ?1
TE: trailers
HTTP/2 200 OK
date: Tue, 06 Dec 2022 04:12:08 GMT
content-type: text/html; charset=UTF-8
x-dns-prefetch-control: on
link: <https://post.bemcon.co.uk/wp-json/>; rel="https://api.w.org/", <https://post.bemcon.co.uk/wp-json/wp/v2/posts/3386>; rel="alternate"; type="application/json", <https://post.bemcon.co.uk/?p=3386>; rel=shortlink
x-litespeed-cache-control: public,max-age=604800
x-litespeed-tag: a67_HTTP.200,a67_post,a67_URL.ad63ca643cf2c62b95b4cf584d195800,a67_Po.3386,a67_guest,a67_,a67_UCSS.edf2d3f8ddc85bb866bac7f682e848df,a67_MIN.34b9826e37077817661bd0c39d9734b0.css,a67_MIN.bfe652e3000f93af5559473223cb41bb.js
x-litespeed-cache: miss
vary: Accept-Encoding,User-Agent,User-Agent
x-content-type-options: nosniff
x-turbo-charged-by: LiteSpeed
cf-cache-status: DYNAMIC
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=gibRiVGtHvVSIXf1Te3ML89QqWsUfp605Ype31rqALWCk%2B0maeZBfm1MwT7NEqLedbcpOMg8OHC4M5q9rhCMQAmmvxtOJ%2Bp730zElmEH1KNsvRgwO5rB8SqNgRD%2FTtRsTbsXsQ%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 77522e71fb6bb4ff-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
post.bemcon.co.uk/wp-content/litespeed/js/674ed211622492b3620fc546699a58d1.js?ver=a58d1
188.114.96.1200 OK 0 B URL HTTP/2 post.bemcon.co.uk/wp-content/litespeed/js/674ed211622492b3620fc546699a58d1.js?ver=a58d1
IP 188.114.96.1:0
GET /wp-content/litespeed/js/674ed211622492b3620fc546699a58d1.js?ver=a58d1 HTTP/1.1
Host: post.bemcon.co.uk
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://post.bemcon.co.uk/root-cause-analysis-rca/
Cookie: mailster=2f95e62ec15c593170a6e78f89436dad; _lscache_vary=0ecd605272207d647f0e0abe9c8f5436; __cf_bm=k0RHtuogg7Q.SiLLtBkkaN4VLOydeuZ52LAqY65OGEQ-1670299929-0-AQj6mnWefyvAfCLheHauSBvzfZVb0e06y8PDKcrMvo5r2InqazXZmHxzbYngaYV1V2jOlPUhwEErocz38a2YVLxVR/bUt4G7JQBufvkGyavM58EB/krMFxaQwiWzVoRkxVmAz2f8EWzb8ralsDbX0B8=; _ga_94998W1T93=GS1.1.1670299927.1.0.1670299927.0.0.0; _ga=GA1.3.1108594418.1670299927; _gid=GA1.3.1984919085.1670299927; _gat_gtag_UA_117111585_4=1
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
date: Tue, 06 Dec 2022 04:12:11 GMT
content-type: application/javascript
cache-control: public, max-age=31557600
cf-bgj: minify
cf-polished: origSize=18326
expires: Tue, 28 Nov 2023 20:09:24 GMT
last-modified: Mon, 28 Nov 2022 14:09:23 GMT
vary: Accept-Encoding,User-Agent,User-Agent
x-content-type-options: nosniff
x-turbo-charged-by: LiteSpeed
cf-cache-status: HIT
age: 63742
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=%2FNxPKyvez4S6u2r3McmZ4onipVZxB5E4%2BM9BOKE0hkhw9m8q0mC%2Bp%2BXzQOB%2BTasQj2dVY%2FjydEsSAgg74bVP7G12xzm59CrHZKCkRHRXRAIfTP4niQ0HdeicgQb94B3OQYp1Vw%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 77522e8abecab515-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
post.bemcon.co.uk/wp-content/litespeed/js/2ce8fbe8ef02c5acbd0738fee37ec8c8.js?ver=ec8c8
188.114.96.1200 OK 0 B URL HTTP/2 post.bemcon.co.uk/wp-content/litespeed/js/2ce8fbe8ef02c5acbd0738fee37ec8c8.js?ver=ec8c8
IP 188.114.96.1:0
GET /wp-content/litespeed/js/2ce8fbe8ef02c5acbd0738fee37ec8c8.js?ver=ec8c8 HTTP/1.1
Host: post.bemcon.co.uk
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://post.bemcon.co.uk/root-cause-analysis-rca/
Cookie: mailster=2f95e62ec15c593170a6e78f89436dad; _lscache_vary=0ecd605272207d647f0e0abe9c8f5436; __cf_bm=k0RHtuogg7Q.SiLLtBkkaN4VLOydeuZ52LAqY65OGEQ-1670299929-0-AQj6mnWefyvAfCLheHauSBvzfZVb0e06y8PDKcrMvo5r2InqazXZmHxzbYngaYV1V2jOlPUhwEErocz38a2YVLxVR/bUt4G7JQBufvkGyavM58EB/krMFxaQwiWzVoRkxVmAz2f8EWzb8ralsDbX0B8=; _ga_94998W1T93=GS1.1.1670299927.1.0.1670299927.0.0.0; _ga=GA1.3.1108594418.1670299927; _gid=GA1.3.1984919085.1670299927; _gat_gtag_UA_117111585_4=1
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
date: Tue, 06 Dec 2022 04:12:11 GMT
content-type: application/javascript
cache-control: public, max-age=31557600
cf-bgj: minify
cf-polished: origSize=17825
expires: Tue, 28 Nov 2023 20:09:24 GMT
last-modified: Mon, 28 Nov 2022 14:09:23 GMT
vary: Accept-Encoding,User-Agent,User-Agent
x-content-type-options: nosniff
x-turbo-charged-by: LiteSpeed
cf-cache-status: HIT
age: 63742
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=%2B3ongS6b9wuOO1vqzXzDK96LM7v5kRx09qGuOjMADZt%2FlgC9Ze47o93pLxg%2FgWzXIV707dwMqVRxtF1K%2F1%2BgggacXACpkJ8miS21i74vZlB6fLdsX%2BQJe5cmXKA1rFM4s3%2FF%2Bw%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 77522e8acee9b515-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
post.bemcon.co.uk/wp-content/litespeed/css/f9f97c349036eccb65cd2356304ea415.css?ver=ea415
188.114.96.1200 OK 0 B URL HTTP/2 post.bemcon.co.uk/wp-content/litespeed/css/f9f97c349036eccb65cd2356304ea415.css?ver=ea415
IP 188.114.96.1:0
Analyzer Verdict Alert fortinet Phishing
GET /wp-content/litespeed/css/f9f97c349036eccb65cd2356304ea415.css?ver=ea415 HTTP/1.1
Host: post.bemcon.co.uk
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://post.bemcon.co.uk/root-cause-analysis-rca/
Cookie: mailster=2f95e62ec15c593170a6e78f89436dad; _lscache_vary=0ecd605272207d647f0e0abe9c8f5436; __cf_bm=k0RHtuogg7Q.SiLLtBkkaN4VLOydeuZ52LAqY65OGEQ-1670299929-0-AQj6mnWefyvAfCLheHauSBvzfZVb0e06y8PDKcrMvo5r2InqazXZmHxzbYngaYV1V2jOlPUhwEErocz38a2YVLxVR/bUt4G7JQBufvkGyavM58EB/krMFxaQwiWzVoRkxVmAz2f8EWzb8ralsDbX0B8=; _ga_94998W1T93=GS1.1.1670299927.1.0.1670299927.0.0.0; _ga=GA1.3.1108594418.1670299927; _gid=GA1.3.1984919085.1670299927; _gat_gtag_UA_117111585_4=1
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
date: Tue, 06 Dec 2022 04:12:11 GMT
content-type: text/css
cache-control: public, max-age=31557600
cf-bgj: minify
cf-polished: origSize=19567
expires: Tue, 28 Nov 2023 19:44:17 GMT
last-modified: Mon, 28 Nov 2022 13:44:09 GMT
vary: Accept-Encoding,User-Agent,User-Agent
x-content-type-options: nosniff
x-turbo-charged-by: LiteSpeed
cf-cache-status: HIT
age: 63742
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=FIMNwTeF%2BlBC8xz70ykWUk6m2lGCU%2BJ5Rby7ZBEeBtemMa3FQr1j6BVRAHYycbenankKkmukYL2rr2HcZr7zHzmkAu6OhUi1oWZdX1yQH2%2Fi77VPUoV2FQEhnBmHEeUV3dgn0w%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 77522e8a3e8ab515-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
post.bemcon.co.uk/wp-content/litespeed/css/5d0aa92abd1877674e90d00661395722.css?ver=95722
188.114.96.1200 OK 0 B URL HTTP/2 post.bemcon.co.uk/wp-content/litespeed/css/5d0aa92abd1877674e90d00661395722.css?ver=95722
IP 188.114.96.1:0
Analyzer Verdict Alert fortinet Phishing
GET /wp-content/litespeed/css/5d0aa92abd1877674e90d00661395722.css?ver=95722 HTTP/1.1
Host: post.bemcon.co.uk
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://post.bemcon.co.uk/root-cause-analysis-rca/
Cookie: mailster=2f95e62ec15c593170a6e78f89436dad; _lscache_vary=0ecd605272207d647f0e0abe9c8f5436; __cf_bm=k0RHtuogg7Q.SiLLtBkkaN4VLOydeuZ52LAqY65OGEQ-1670299929-0-AQj6mnWefyvAfCLheHauSBvzfZVb0e06y8PDKcrMvo5r2InqazXZmHxzbYngaYV1V2jOlPUhwEErocz38a2YVLxVR/bUt4G7JQBufvkGyavM58EB/krMFxaQwiWzVoRkxVmAz2f8EWzb8ralsDbX0B8=; _ga_94998W1T93=GS1.1.1670299927.1.0.1670299927.0.0.0; _ga=GA1.3.1108594418.1670299927; _gid=GA1.3.1984919085.1670299927; _gat_gtag_UA_117111585_4=1
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
date: Tue, 06 Dec 2022 04:12:11 GMT
content-type: text/css
cache-control: public, max-age=31557600
cf-bgj: minify
cf-polished: origSize=11654
expires: Tue, 28 Nov 2023 19:59:57 GMT
last-modified: Mon, 28 Nov 2022 13:59:50 GMT
vary: Accept-Encoding,User-Agent,User-Agent
x-content-type-options: nosniff
x-turbo-charged-by: LiteSpeed
cf-cache-status: HIT
age: 63742
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=ldGwuPRwwpQEmXbdfB15UzTx7SOQWd0OTZEah%2Blqhj78040cXX9CU4%2FYYxthfHn3sJuyDwQFpf6HgWUt5Xg6pS1c%2F005xplhpf8iyDFrcQWesV7vBCx9qV2tv2lOOvgprKDkfg%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 77522e8a9ebdb515-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
post.bemcon.co.uk/wp-content/litespeed/js/e2999b3269638a45d24acc1603aebd72.js?ver=ebd72
188.114.96.1200 OK 0 B URL HTTP/2 post.bemcon.co.uk/wp-content/litespeed/js/e2999b3269638a45d24acc1603aebd72.js?ver=ebd72
IP 188.114.96.1:0
GET /wp-content/litespeed/js/e2999b3269638a45d24acc1603aebd72.js?ver=ebd72 HTTP/1.1
Host: post.bemcon.co.uk
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://post.bemcon.co.uk/root-cause-analysis-rca/
Cookie: mailster=2f95e62ec15c593170a6e78f89436dad; _lscache_vary=0ecd605272207d647f0e0abe9c8f5436; __cf_bm=k0RHtuogg7Q.SiLLtBkkaN4VLOydeuZ52LAqY65OGEQ-1670299929-0-AQj6mnWefyvAfCLheHauSBvzfZVb0e06y8PDKcrMvo5r2InqazXZmHxzbYngaYV1V2jOlPUhwEErocz38a2YVLxVR/bUt4G7JQBufvkGyavM58EB/krMFxaQwiWzVoRkxVmAz2f8EWzb8ralsDbX0B8=; _ga_94998W1T93=GS1.1.1670299927.1.0.1670299927.0.0.0; _ga=GA1.3.1108594418.1670299927; _gid=GA1.3.1984919085.1670299927; _gat_gtag_UA_117111585_4=1
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
date: Tue, 06 Dec 2022 04:12:11 GMT
content-type: application/javascript
cache-control: public, max-age=31557600
cf-bgj: minify
cf-polished: origSize=4959
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
expires: Tue, 28 Nov 2023 20:09:24 GMT
last-modified: Mon, 28 Nov 2022 14:09:23 GMT
vary: Accept-Encoding,User-Agent,User-Agent
x-content-type-options: nosniff
x-turbo-charged-by: LiteSpeed
cf-cache-status: HIT
age: 63742
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=MSZV5RcFxX%2FcVnv%2Fec34LpMJCN0Rk8A4OL%2FE9yr1J3rbZGuzclzNK%2Fi0L%2FEJSTw3Z0sRIr5T0uzNu4CVIxdrluTUD8Wn7dFf94dB9YumOwwn0oe1XPuwLNHo%2BJ3WotkDTXVhmg%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 77522e8abed7b515-OSL
content-encoding: br
X-Firefox-Spdy: h2
post.bemcon.co.uk/wp-content/litespeed/css/4803e1f8e777039408440bb7ede39cae.css?ver=39cae
188.114.96.1200 OK 0 B URL HTTP/2 post.bemcon.co.uk/wp-content/litespeed/css/4803e1f8e777039408440bb7ede39cae.css?ver=39cae
IP 188.114.96.1:0
Analyzer Verdict Alert fortinet Phishing
GET /wp-content/litespeed/css/4803e1f8e777039408440bb7ede39cae.css?ver=39cae HTTP/1.1
Host: post.bemcon.co.uk
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://post.bemcon.co.uk/root-cause-analysis-rca/
Cookie: mailster=2f95e62ec15c593170a6e78f89436dad; _lscache_vary=0ecd605272207d647f0e0abe9c8f5436; __cf_bm=k0RHtuogg7Q.SiLLtBkkaN4VLOydeuZ52LAqY65OGEQ-1670299929-0-AQj6mnWefyvAfCLheHauSBvzfZVb0e06y8PDKcrMvo5r2InqazXZmHxzbYngaYV1V2jOlPUhwEErocz38a2YVLxVR/bUt4G7JQBufvkGyavM58EB/krMFxaQwiWzVoRkxVmAz2f8EWzb8ralsDbX0B8=; _ga_94998W1T93=GS1.1.1670299927.1.0.1670299927.0.0.0; _ga=GA1.3.1108594418.1670299927; _gid=GA1.3.1984919085.1670299927; _gat_gtag_UA_117111585_4=1
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
date: Tue, 06 Dec 2022 04:12:11 GMT
content-type: text/css
cache-control: public, max-age=31557600
cf-bgj: minify
cf-polished: origSize=69690
expires: Tue, 05 Dec 2023 15:33:08 GMT
last-modified: Mon, 05 Dec 2022 09:33:08 GMT
vary: Accept-Encoding,User-Agent,User-Agent
x-content-type-options: nosniff
x-turbo-charged-by: LiteSpeed
cf-cache-status: HIT
age: 63742
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Y7%2FXM0nm2y6RfYYZVPUsIDqCITr3L8vDGnG8uC0LMAsg2%2Ft7cB%2Fsj%2Fowpvz8FX9Ghn2fVuMInmi0izIPpPI1rDifwovJXWZYh1Y15PIP2DauQwNF3iaie5Ykcq6bdaCBXYBkaQ%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 77522e8a2e81b515-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
post.bemcon.co.uk/wp-content/litespeed/css/78cafe03c4240fb94d45f5cfa70a6530.css?ver=a6530
188.114.96.1200 OK 0 B URL HTTP/2 post.bemcon.co.uk/wp-content/litespeed/css/78cafe03c4240fb94d45f5cfa70a6530.css?ver=a6530
IP 188.114.96.1:0
Analyzer Verdict Alert fortinet Phishing
GET /wp-content/litespeed/css/78cafe03c4240fb94d45f5cfa70a6530.css?ver=a6530 HTTP/1.1
Host: post.bemcon.co.uk
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://post.bemcon.co.uk/root-cause-analysis-rca/
Cookie: mailster=2f95e62ec15c593170a6e78f89436dad; _lscache_vary=0ecd605272207d647f0e0abe9c8f5436; __cf_bm=k0RHtuogg7Q.SiLLtBkkaN4VLOydeuZ52LAqY65OGEQ-1670299929-0-AQj6mnWefyvAfCLheHauSBvzfZVb0e06y8PDKcrMvo5r2InqazXZmHxzbYngaYV1V2jOlPUhwEErocz38a2YVLxVR/bUt4G7JQBufvkGyavM58EB/krMFxaQwiWzVoRkxVmAz2f8EWzb8ralsDbX0B8=; _ga_94998W1T93=GS1.1.1670299927.1.0.1670299927.0.0.0; _ga=GA1.3.1108594418.1670299927; _gid=GA1.3.1984919085.1670299927; _gat_gtag_UA_117111585_4=1
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
date: Tue, 06 Dec 2022 04:12:11 GMT
content-type: text/css
cache-control: public, max-age=31557600
cf-bgj: minify
cf-polished: origSize=999
expires: Mon, 04 Dec 2023 13:33:42 GMT
last-modified: Sun, 04 Dec 2022 07:33:41 GMT
vary: Accept-Encoding,User-Agent,User-Agent
x-content-type-options: nosniff
x-turbo-charged-by: LiteSpeed
cf-cache-status: HIT
age: 63742
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=TnEOzaFVBr6EEBjqtHOVRwZlyc%2FH3aCKetaukzNslctc4NU1Rbk8YHYoECRFAmH8F0UYPb%2BAV73naNAWxNsE6VcFKd8Ef5TSyVwnobInAdds9n6k5GGBLzxkGc2kSml5esIm6w%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 77522e8a5e98b515-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
post.bemcon.co.uk/cdn-cgi/scripts/5c5dd728/cloudflare-static/email-decode.min.js
188.114.96.1200 OK 0 B URL HTTP/2 post.bemcon.co.uk/cdn-cgi/scripts/5c5dd728/cloudflare-static/email-decode.min.js
IP 188.114.96.1:0
Analyzer Verdict Alert fortinet Phishing
GET /cdn-cgi/scripts/5c5dd728/cloudflare-static/email-decode.min.js HTTP/1.1
Host: post.bemcon.co.uk
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://post.bemcon.co.uk/root-cause-analysis-rca/
Cookie: mailster=2f95e62ec15c593170a6e78f89436dad; _lscache_vary=0ecd605272207d647f0e0abe9c8f5436; __cf_bm=k0RHtuogg7Q.SiLLtBkkaN4VLOydeuZ52LAqY65OGEQ-1670299929-0-AQj6mnWefyvAfCLheHauSBvzfZVb0e06y8PDKcrMvo5r2InqazXZmHxzbYngaYV1V2jOlPUhwEErocz38a2YVLxVR/bUt4G7JQBufvkGyavM58EB/krMFxaQwiWzVoRkxVmAz2f8EWzb8ralsDbX0B8=; _ga_94998W1T93=GS1.1.1670299927.1.0.1670299927.0.0.0; _ga=GA1.3.1108594418.1670299927; _gid=GA1.3.1984919085.1670299927; _gat_gtag_UA_117111585_4=1
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
date: Tue, 06 Dec 2022 04:12:11 GMT
content-type: application/javascript
last-modified: Wed, 30 Nov 2022 18:31:41 GMT
etag: W/"6387a18d-4d7"
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=8dW1a87lK5BeC2pSPjKUrKcYh0Go7eNOkgaacVUD%2F9rpYb2JhXcQFLDfLhwDKEke%2BRas9b8q%2BL0oYGg83p2%2BjsfB1mmi78JtgYdjyc9D7MabysAUCmZI21yw7O%2FV89zwAMRE%2Bw%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 77522e8aaec1b515-OSL
x-frame-options: DENY
x-content-type-options: nosniff
expires: Thu, 08 Dec 2022 04:12:11 GMT
cache-control: max-age=172800, public
content-encoding: gzip
X-Firefox-Spdy: h2
post.bemcon.co.uk/wp-content/litespeed/js/47d0396436e2cc0fa3f60d0198175d82.js?ver=75d82
188.114.96.1200 OK 0 B URL HTTP/2 post.bemcon.co.uk/wp-content/litespeed/js/47d0396436e2cc0fa3f60d0198175d82.js?ver=75d82
IP 188.114.96.1:0
GET /wp-content/litespeed/js/47d0396436e2cc0fa3f60d0198175d82.js?ver=75d82 HTTP/1.1
Host: post.bemcon.co.uk
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://post.bemcon.co.uk/root-cause-analysis-rca/
Cookie: mailster=2f95e62ec15c593170a6e78f89436dad; _lscache_vary=0ecd605272207d647f0e0abe9c8f5436; __cf_bm=k0RHtuogg7Q.SiLLtBkkaN4VLOydeuZ52LAqY65OGEQ-1670299929-0-AQj6mnWefyvAfCLheHauSBvzfZVb0e06y8PDKcrMvo5r2InqazXZmHxzbYngaYV1V2jOlPUhwEErocz38a2YVLxVR/bUt4G7JQBufvkGyavM58EB/krMFxaQwiWzVoRkxVmAz2f8EWzb8ralsDbX0B8=; _ga_94998W1T93=GS1.1.1670299927.1.0.1670299927.0.0.0; _ga=GA1.3.1108594418.1670299927; _gid=GA1.3.1984919085.1670299927; _gat_gtag_UA_117111585_4=1
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
date: Tue, 06 Dec 2022 04:12:11 GMT
content-type: application/javascript
cache-control: public, max-age=31557600
cf-bgj: minify
cf-polished: origSize=40515
expires: Sat, 02 Dec 2023 15:23:02 GMT
last-modified: Fri, 02 Dec 2022 09:21:51 GMT
vary: Accept-Encoding,User-Agent,User-Agent
x-content-type-options: nosniff
x-turbo-charged-by: LiteSpeed
cf-cache-status: HIT
age: 63742
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=tsd9xekXte67rfX2%2BOEmzvi0CSd%2BcW65EhRGBH0X%2BA6IZYbDBc7%2FcsQq147nzgpXw8XMI0oA5hCNquApFQptkdaZz5Dj%2Fbr3wdxWhLP7P%2Btij9SeymVNb0v2N7cKRTolzXNfjg%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 77522e8acedfb515-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
post.bemcon.co.uk/wp-content/litespeed/js/48dacf856126aebc7aa3c111b6fc993f.js?ver=c993f
188.114.96.1200 OK 0 B URL HTTP/2 post.bemcon.co.uk/wp-content/litespeed/js/48dacf856126aebc7aa3c111b6fc993f.js?ver=c993f
IP 188.114.96.1:0
GET /wp-content/litespeed/js/48dacf856126aebc7aa3c111b6fc993f.js?ver=c993f HTTP/1.1
Host: post.bemcon.co.uk
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://post.bemcon.co.uk/root-cause-analysis-rca/
Cookie: mailster=2f95e62ec15c593170a6e78f89436dad; _lscache_vary=0ecd605272207d647f0e0abe9c8f5436; __cf_bm=k0RHtuogg7Q.SiLLtBkkaN4VLOydeuZ52LAqY65OGEQ-1670299929-0-AQj6mnWefyvAfCLheHauSBvzfZVb0e06y8PDKcrMvo5r2InqazXZmHxzbYngaYV1V2jOlPUhwEErocz38a2YVLxVR/bUt4G7JQBufvkGyavM58EB/krMFxaQwiWzVoRkxVmAz2f8EWzb8ralsDbX0B8=; _ga_94998W1T93=GS1.1.1670299927.1.0.1670299927.0.0.0; _ga=GA1.3.1108594418.1670299927; _gid=GA1.3.1984919085.1670299927; _gat_gtag_UA_117111585_4=1
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
date: Tue, 06 Dec 2022 04:12:11 GMT
content-type: application/javascript
cache-control: public, max-age=31557600
cf-bgj: minify
cf-polished: origSize=46788
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
expires: Tue, 28 Nov 2023 20:09:24 GMT
last-modified: Mon, 28 Nov 2022 14:09:23 GMT
vary: Accept-Encoding,User-Agent,User-Agent
x-content-type-options: nosniff
x-turbo-charged-by: LiteSpeed
cf-cache-status: HIT
age: 63742
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=RYTXQphKXM4SxlWGyEqBs6frQV%2F%2BAxZk3zcm1LTDRGaaBQU2f9V95iLDKvHtE4cRr34P9QARxIbX7O78PRMMux1FcuFYCbTgy44hOfKkuehL0uN0REBNZYSGb%2BEdpEfwQbhb7g%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 77522e8aaec4b515-OSL
content-encoding: br
X-Firefox-Spdy: h2
post.bemcon.co.uk/wp-content/litespeed/js/0e24547e87fbc223fc3b100e6be9af12.js?ver=9af12
188.114.96.1200 OK 0 B URL HTTP/2 post.bemcon.co.uk/wp-content/litespeed/js/0e24547e87fbc223fc3b100e6be9af12.js?ver=9af12
IP 188.114.96.1:0
GET /wp-content/litespeed/js/0e24547e87fbc223fc3b100e6be9af12.js?ver=9af12 HTTP/1.1
Host: post.bemcon.co.uk
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://post.bemcon.co.uk/root-cause-analysis-rca/
Cookie: mailster=2f95e62ec15c593170a6e78f89436dad; _lscache_vary=0ecd605272207d647f0e0abe9c8f5436; __cf_bm=k0RHtuogg7Q.SiLLtBkkaN4VLOydeuZ52LAqY65OGEQ-1670299929-0-AQj6mnWefyvAfCLheHauSBvzfZVb0e06y8PDKcrMvo5r2InqazXZmHxzbYngaYV1V2jOlPUhwEErocz38a2YVLxVR/bUt4G7JQBufvkGyavM58EB/krMFxaQwiWzVoRkxVmAz2f8EWzb8ralsDbX0B8=; _ga_94998W1T93=GS1.1.1670299927.1.0.1670299927.0.0.0; _ga=GA1.3.1108594418.1670299927; _gid=GA1.3.1984919085.1670299927; _gat_gtag_UA_117111585_4=1
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
date: Tue, 06 Dec 2022 04:12:11 GMT
content-type: application/javascript
cache-control: public, max-age=31557600
cf-bgj: minify
cf-polished: origSize=21442
expires: Tue, 28 Nov 2023 20:09:24 GMT
last-modified: Mon, 28 Nov 2022 14:09:23 GMT
vary: Accept-Encoding,User-Agent,User-Agent
x-content-type-options: nosniff
x-turbo-charged-by: LiteSpeed
cf-cache-status: HIT
age: 63742
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=3Q0ztGr2mAYTufWhSXo6mL%2FL7RqMxD4gfhCYRUL%2Fwa5PGYYLBK7N%2BgU5iiuC4In1e0Zqj8eY%2Bqibyr3z5nOc%2BQXPE77eiIUhQu2JrpOC2aY9u4%2FSGG31gDZ2JVi92R%2BvwVaw4Q%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 77522e8aaec5b515-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
post.bemcon.co.uk/wp-content/litespeed/js/7c297c371aeae8d7c1276dc60e4d3fbc.js?ver=d3fbc
188.114.96.1200 OK 0 B URL HTTP/2 post.bemcon.co.uk/wp-content/litespeed/js/7c297c371aeae8d7c1276dc60e4d3fbc.js?ver=d3fbc
IP 188.114.96.1:0
GET /wp-content/litespeed/js/7c297c371aeae8d7c1276dc60e4d3fbc.js?ver=d3fbc HTTP/1.1
Host: post.bemcon.co.uk
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://post.bemcon.co.uk/root-cause-analysis-rca/
Cookie: mailster=2f95e62ec15c593170a6e78f89436dad; _lscache_vary=0ecd605272207d647f0e0abe9c8f5436; __cf_bm=k0RHtuogg7Q.SiLLtBkkaN4VLOydeuZ52LAqY65OGEQ-1670299929-0-AQj6mnWefyvAfCLheHauSBvzfZVb0e06y8PDKcrMvo5r2InqazXZmHxzbYngaYV1V2jOlPUhwEErocz38a2YVLxVR/bUt4G7JQBufvkGyavM58EB/krMFxaQwiWzVoRkxVmAz2f8EWzb8ralsDbX0B8=; _ga_94998W1T93=GS1.1.1670299927.1.0.1670299927.0.0.0; _ga=GA1.3.1108594418.1670299927; _gid=GA1.3.1984919085.1670299927; _gat_gtag_UA_117111585_4=1
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
date: Tue, 06 Dec 2022 04:12:11 GMT
content-type: application/javascript
cache-control: public, max-age=31557600
cf-bgj: minify
cf-polished: origSize=32949
expires: Mon, 04 Dec 2023 13:33:43 GMT
last-modified: Sun, 04 Dec 2022 07:33:41 GMT
vary: Accept-Encoding,User-Agent,User-Agent
x-content-type-options: nosniff
x-turbo-charged-by: LiteSpeed
cf-cache-status: HIT
age: 63742
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=w8j87vA3lu412eBU%2BBPCGsWZ7yT1ci%2B6hz4o1qQxeBI1WiVOt%2Fwz4X6oEJzP9v%2F3KNfqAh9b1BesFpOqbMDMTSzDAXXkuL6m8ETHQ9mgczgz6lTtwMkb8mNum20DJEfrwoDbsQ%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 77522e8acedab515-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
post.bemcon.co.uk/wp-content/litespeed/css/1ce8614741870fe63962e5ef9305f484.css?ver=5f484
188.114.96.1200 OK 0 B URL HTTP/2 post.bemcon.co.uk/wp-content/litespeed/css/1ce8614741870fe63962e5ef9305f484.css?ver=5f484
IP 188.114.96.1:0
Analyzer Verdict Alert fortinet Phishing
GET /wp-content/litespeed/css/1ce8614741870fe63962e5ef9305f484.css?ver=5f484 HTTP/1.1
Host: post.bemcon.co.uk
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://post.bemcon.co.uk/root-cause-analysis-rca/
Cookie: mailster=2f95e62ec15c593170a6e78f89436dad; _lscache_vary=0ecd605272207d647f0e0abe9c8f5436; __cf_bm=k0RHtuogg7Q.SiLLtBkkaN4VLOydeuZ52LAqY65OGEQ-1670299929-0-AQj6mnWefyvAfCLheHauSBvzfZVb0e06y8PDKcrMvo5r2InqazXZmHxzbYngaYV1V2jOlPUhwEErocz38a2YVLxVR/bUt4G7JQBufvkGyavM58EB/krMFxaQwiWzVoRkxVmAz2f8EWzb8ralsDbX0B8=; _ga_94998W1T93=GS1.1.1670299927.1.0.1670299927.0.0.0; _ga=GA1.3.1108594418.1670299927; _gid=GA1.3.1984919085.1670299927; _gat_gtag_UA_117111585_4=1
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
date: Tue, 06 Dec 2022 04:12:11 GMT
content-type: text/css
cache-control: public, max-age=31557600
cf-bgj: minify
cf-polished: origSize=15672
expires: Tue, 28 Nov 2023 19:44:17 GMT
last-modified: Mon, 28 Nov 2022 13:44:09 GMT
vary: Accept-Encoding,User-Agent,User-Agent
x-content-type-options: nosniff
x-turbo-charged-by: LiteSpeed
cf-cache-status: HIT
age: 63742
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=PD2inoqj9cNpRa47e1I9K6lOfIosDDjQhHonHErAQfLmxb2y4Ta1%2F%2BwR7Wc%2FSRqHwD5%2B4OjQArMIfhDq2p56n9nuq5aSGGOMJ1mlqIUkvqUXLiXifVX0YDQlDWkcPol0V7U4UA%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 77522e8a3e89b515-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
post.bemcon.co.uk/wp-content/litespeed/js/fc477f2840af771586908952c0dcb389.js?ver=cb389
188.114.96.1200 OK 0 B URL HTTP/2 post.bemcon.co.uk/wp-content/litespeed/js/fc477f2840af771586908952c0dcb389.js?ver=cb389
IP 188.114.96.1:0
GET /wp-content/litespeed/js/fc477f2840af771586908952c0dcb389.js?ver=cb389 HTTP/1.1
Host: post.bemcon.co.uk
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://post.bemcon.co.uk/root-cause-analysis-rca/
Cookie: mailster=2f95e62ec15c593170a6e78f89436dad; _lscache_vary=0ecd605272207d647f0e0abe9c8f5436; __cf_bm=k0RHtuogg7Q.SiLLtBkkaN4VLOydeuZ52LAqY65OGEQ-1670299929-0-AQj6mnWefyvAfCLheHauSBvzfZVb0e06y8PDKcrMvo5r2InqazXZmHxzbYngaYV1V2jOlPUhwEErocz38a2YVLxVR/bUt4G7JQBufvkGyavM58EB/krMFxaQwiWzVoRkxVmAz2f8EWzb8ralsDbX0B8=; _ga_94998W1T93=GS1.1.1670299927.1.0.1670299927.0.0.0; _ga=GA1.3.1108594418.1670299927; _gid=GA1.3.1984919085.1670299927; _gat_gtag_UA_117111585_4=1
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
date: Tue, 06 Dec 2022 04:12:11 GMT
content-type: application/javascript
cache-control: public, max-age=31557600
cf-bgj: minify
cf-polished: origSize=4912
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
expires: Tue, 28 Nov 2023 20:09:24 GMT
last-modified: Mon, 28 Nov 2022 14:09:23 GMT
vary: Accept-Encoding,User-Agent,User-Agent
x-content-type-options: nosniff
x-turbo-charged-by: LiteSpeed
cf-cache-status: HIT
age: 63742
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=sFu%2FupYzo6%2F5aIBDf%2Fazj6dWojDl0Jq3EF26yroFwEMcIqjBFt0goA0dWSZMTHKeQvM6b2QfncAzAmJe5d%2FbCLwKu%2F01OWYWqlZu1vqI4IzE8b%2B3ZuIVWDFGxgQZroLVva6jMA%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 77522e8adeeeb515-OSL
content-encoding: br
X-Firefox-Spdy: h2
post.bemcon.co.uk/wp-content/litespeed/css/bed4ccfeb902bdc4846627ca869b3375.css?ver=b3375
188.114.96.1200 OK 0 B URL HTTP/2 post.bemcon.co.uk/wp-content/litespeed/css/bed4ccfeb902bdc4846627ca869b3375.css?ver=b3375
IP 188.114.96.1:0
Analyzer Verdict Alert fortinet Phishing
GET /wp-content/litespeed/css/bed4ccfeb902bdc4846627ca869b3375.css?ver=b3375 HTTP/1.1
Host: post.bemcon.co.uk
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://post.bemcon.co.uk/root-cause-analysis-rca/
Cookie: mailster=2f95e62ec15c593170a6e78f89436dad; _lscache_vary=0ecd605272207d647f0e0abe9c8f5436; __cf_bm=k0RHtuogg7Q.SiLLtBkkaN4VLOydeuZ52LAqY65OGEQ-1670299929-0-AQj6mnWefyvAfCLheHauSBvzfZVb0e06y8PDKcrMvo5r2InqazXZmHxzbYngaYV1V2jOlPUhwEErocz38a2YVLxVR/bUt4G7JQBufvkGyavM58EB/krMFxaQwiWzVoRkxVmAz2f8EWzb8ralsDbX0B8=; _ga_94998W1T93=GS1.1.1670299927.1.0.1670299927.0.0.0; _ga=GA1.3.1108594418.1670299927; _gid=GA1.3.1984919085.1670299927; _gat_gtag_UA_117111585_4=1
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
date: Tue, 06 Dec 2022 04:12:11 GMT
content-type: text/css
cache-control: public, max-age=31557600
cf-bgj: minify
cf-polished: origSize=6051
expires: Tue, 28 Nov 2023 19:44:17 GMT
last-modified: Mon, 28 Nov 2022 13:44:09 GMT
vary: Accept-Encoding,User-Agent,User-Agent
x-content-type-options: nosniff
x-turbo-charged-by: LiteSpeed
cf-cache-status: HIT
age: 63742
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=IFO8DhqqabJzdRnZXGV7vjDzzWQwxSokYV8KejQpc7jYblfhnttL23GdlgHcpsELvOhV3lpMz2ON4B5DZXuYjNZ5tXjUKSSrwmpAF6MDmuZxmC6iewvM6Z01NKEECRnPZzG9tQ%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 77522e8a3e87b515-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
post.bemcon.co.uk/wp-content/litespeed/css/155b56c34a921efc4bebe4b86eac66b9.css?ver=c66b9
188.114.96.1200 OK 0 B URL HTTP/2 post.bemcon.co.uk/wp-content/litespeed/css/155b56c34a921efc4bebe4b86eac66b9.css?ver=c66b9
IP 188.114.96.1:0
Analyzer Verdict Alert fortinet Phishing
GET /wp-content/litespeed/css/155b56c34a921efc4bebe4b86eac66b9.css?ver=c66b9 HTTP/1.1
Host: post.bemcon.co.uk
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://post.bemcon.co.uk/root-cause-analysis-rca/
Cookie: mailster=2f95e62ec15c593170a6e78f89436dad; _lscache_vary=0ecd605272207d647f0e0abe9c8f5436; __cf_bm=k0RHtuogg7Q.SiLLtBkkaN4VLOydeuZ52LAqY65OGEQ-1670299929-0-AQj6mnWefyvAfCLheHauSBvzfZVb0e06y8PDKcrMvo5r2InqazXZmHxzbYngaYV1V2jOlPUhwEErocz38a2YVLxVR/bUt4G7JQBufvkGyavM58EB/krMFxaQwiWzVoRkxVmAz2f8EWzb8ralsDbX0B8=; _ga_94998W1T93=GS1.1.1670299927.1.0.1670299927.0.0.0; _ga=GA1.3.1108594418.1670299927; _gid=GA1.3.1984919085.1670299927; _gat_gtag_UA_117111585_4=1
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
date: Tue, 06 Dec 2022 04:12:11 GMT
content-type: text/css
cache-control: public, max-age=31557600
cf-bgj: minify
cf-polished: origSize=8555
expires: Tue, 28 Nov 2023 19:44:17 GMT
last-modified: Mon, 28 Nov 2022 13:44:09 GMT
vary: Accept-Encoding,User-Agent,User-Agent
x-content-type-options: nosniff
x-turbo-charged-by: LiteSpeed
cf-cache-status: HIT
age: 63742
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=%2Bq73deOIgkLHo2asCjxrls7CDL4mbegore1SqROpM11KqGz4mQgCaQ6zTUTvmWCpy0vnTDUdVpMBud5mmZyYS7RGDvQWfKlsQNoaW7TnK6SM5mlrEm4mZOKThE3RXaC6S8Kp3A%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 77522e8a9ebeb515-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
post.bemcon.co.uk/wp-content/litespeed/js/22751959af562bd4e3e7c52467901958.js?ver=01958
188.114.96.1200 OK 0 B URL HTTP/2 post.bemcon.co.uk/wp-content/litespeed/js/22751959af562bd4e3e7c52467901958.js?ver=01958
IP 188.114.96.1:0
GET /wp-content/litespeed/js/22751959af562bd4e3e7c52467901958.js?ver=01958 HTTP/1.1
Host: post.bemcon.co.uk
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://post.bemcon.co.uk/root-cause-analysis-rca/
Cookie: mailster=2f95e62ec15c593170a6e78f89436dad; _lscache_vary=0ecd605272207d647f0e0abe9c8f5436; __cf_bm=k0RHtuogg7Q.SiLLtBkkaN4VLOydeuZ52LAqY65OGEQ-1670299929-0-AQj6mnWefyvAfCLheHauSBvzfZVb0e06y8PDKcrMvo5r2InqazXZmHxzbYngaYV1V2jOlPUhwEErocz38a2YVLxVR/bUt4G7JQBufvkGyavM58EB/krMFxaQwiWzVoRkxVmAz2f8EWzb8ralsDbX0B8=; _ga_94998W1T93=GS1.1.1670299927.1.0.1670299927.0.0.0; _ga=GA1.3.1108594418.1670299927; _gid=GA1.3.1984919085.1670299927; _gat_gtag_UA_117111585_4=1
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
date: Tue, 06 Dec 2022 04:12:11 GMT
content-type: application/javascript
cache-control: public, max-age=31557600
cf-bgj: minify
cf-polished: origSize=5186
expires: Tue, 28 Nov 2023 20:09:24 GMT
last-modified: Mon, 28 Nov 2022 14:09:23 GMT
vary: Accept-Encoding,User-Agent,User-Agent
x-content-type-options: nosniff
x-turbo-charged-by: LiteSpeed
cf-cache-status: HIT
age: 63742
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=dxBM4UNEMIOqr8FlTINDPVio5w%2BabgkPlVt3J678nl%2BnAxuExyDeRJPoLrOhSAoYyEcjFCwXcYU5tpFV0E4OGmNxDMiEjKmmlzn1CCcJ%2FlbEGh2CYRv0ct73WIGfh6rizo0Bhw%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 77522e8acee5b515-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
post.bemcon.co.uk/wp-content/litespeed/css/0caaa3aa3b0f7af259b0aa3fa90a4c7b.css?ver=a4c7b
188.114.96.1200 OK 0 B URL HTTP/2 post.bemcon.co.uk/wp-content/litespeed/css/0caaa3aa3b0f7af259b0aa3fa90a4c7b.css?ver=a4c7b
IP 188.114.96.1:0
Analyzer Verdict Alert fortinet Phishing
GET /wp-content/litespeed/css/0caaa3aa3b0f7af259b0aa3fa90a4c7b.css?ver=a4c7b HTTP/1.1
Host: post.bemcon.co.uk
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://post.bemcon.co.uk/root-cause-analysis-rca/
Cookie: mailster=2f95e62ec15c593170a6e78f89436dad; _lscache_vary=0ecd605272207d647f0e0abe9c8f5436; __cf_bm=k0RHtuogg7Q.SiLLtBkkaN4VLOydeuZ52LAqY65OGEQ-1670299929-0-AQj6mnWefyvAfCLheHauSBvzfZVb0e06y8PDKcrMvo5r2InqazXZmHxzbYngaYV1V2jOlPUhwEErocz38a2YVLxVR/bUt4G7JQBufvkGyavM58EB/krMFxaQwiWzVoRkxVmAz2f8EWzb8ralsDbX0B8=; _ga_94998W1T93=GS1.1.1670299927.1.0.1670299927.0.0.0; _ga=GA1.3.1108594418.1670299927; _gid=GA1.3.1984919085.1670299927; _gat_gtag_UA_117111585_4=1
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
date: Tue, 06 Dec 2022 04:12:11 GMT
content-type: text/css
cache-control: public, max-age=31557600
cf-bgj: minify
expires: Wed, 29 Nov 2023 17:25:56 GMT
last-modified: Tue, 29 Nov 2022 11:25:55 GMT
vary: Accept-Encoding,User-Agent,User-Agent
x-content-type-options: nosniff
x-turbo-charged-by: LiteSpeed
cf-cache-status: HIT
age: 63742
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Xe0cRE4c6ibJJyufL7ykVQDYj7NRo3xWxsC57Ns9nD6NUTbYJvfLdW5rUKeQwnULCbINC99jqMVsRurG%2FZ57alCjvga%2Bl7Xh%2BE55g15Qcot1SQEuDlPezXHFSBWZ1UiE9uXlhA%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 77522e8a3e8eb515-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
post.bemcon.co.uk/wp-content/uploads/2018/11/BEMCON-Logo-Resized-web.svg
188.114.96.1200 OK 0 B URL HTTP/2 post.bemcon.co.uk/wp-content/uploads/2018/11/BEMCON-Logo-Resized-web.svg
IP 188.114.96.1:0
Analyzer Verdict Alert fortinet Phishing
GET /wp-content/uploads/2018/11/BEMCON-Logo-Resized-web.svg HTTP/1.1
Host: post.bemcon.co.uk
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://post.bemcon.co.uk/root-cause-analysis-rca/
Cookie: mailster=2f95e62ec15c593170a6e78f89436dad; _lscache_vary=0ecd605272207d647f0e0abe9c8f5436; __cf_bm=k0RHtuogg7Q.SiLLtBkkaN4VLOydeuZ52LAqY65OGEQ-1670299929-0-AQj6mnWefyvAfCLheHauSBvzfZVb0e06y8PDKcrMvo5r2InqazXZmHxzbYngaYV1V2jOlPUhwEErocz38a2YVLxVR/bUt4G7JQBufvkGyavM58EB/krMFxaQwiWzVoRkxVmAz2f8EWzb8ralsDbX0B8=; _ga_94998W1T93=GS1.1.1670299927.1.0.1670299927.0.0.0; _ga=GA1.3.1108594418.1670299927; _gid=GA1.3.1984919085.1670299927; _gat_gtag_UA_117111585_4=1
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
date: Tue, 06 Dec 2022 04:12:11 GMT
content-type: image/svg+xml
last-modified: Tue, 06 Nov 2018 11:01:32 GMT
cache-control: public, max-age=2678400
etag: W/"5be1748c-496b"
x-cache-status: MISS
x-powered-by: PleskLin
cf-cache-status: HIT
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=ItHnyQQk8tAqXEfCa5H%2BHnHQNeXU%2Fzoh69A0BBB0kViQmRjYXqC6cLxMtvAwdm8PheiTksyj%2FuJXuKVgpsI5ZJvqOOszN4eE96%2BobpSJ%2FEJSOa%2FYaQYpHon1Mq9Z%2BVd2cp1kpA%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 77522e8ccfadb515-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2